WordPress.org

Make WordPress Core

Changeset 38048


Ignore:
Timestamp:
07/13/2016 02:04:10 PM (4 years ago)
Author:
rachelbaker
Message:

Comments: Include comment_content with html and without in blacklist_keys comparison.

After [38047], also include the comment_content with html in the preg_match against blacklist keys to match urls.

Props ocean90.
Fixes #37208.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/comment.php

    r38047 r38048  
    10771077            || preg_match($pattern, $email)
    10781078            || preg_match($pattern, $url)
     1079            || preg_match($pattern, $comment)
    10791080            || preg_match($pattern, $comment_without_html)
    10801081            || preg_match($pattern, $user_ip)
  • trunk/tests/phpunit/tests/comment/wpBlacklistCheck.php

    r38047 r38048  
    2121    }
    2222
     23    /**
     24     * @ticket 37208
     25     */
    2326    public function test_should_return_true_when_content_with_html_matches_blacklist_keys() {
    2427        $author       = 'Sting';
     
    6669    }
    6770
     71    /**
     72     * @ticket 37208
     73     */
     74    public function test_should_return_true_when_link_matches_blacklist_keys() {
     75        $author       = 'Rainier Wolfcastle';
     76        $author_email = 'rainier@wolfcastle.com';
     77        $author_url   = 'http://example.com';
     78        $comment      = 'We go on TV and sing, <a href="http://example.com/spam/>sing</a>, sing.';
     79        $author_ip    = '192.168.0.1';
     80        $user_agent   = '';
     81
     82        update_option( 'blacklist_keys',"/spam/" );
     83
     84        $result = wp_blacklist_check( $author, $author_email, $author_url, $comment, $author_ip, $user_agent );
     85
     86        $this->assertTrue( $result );
     87    }
     88
    6889    public function test_should_return_false_when_no_match() {
    6990        $author       = 'Krusty the Clown';
Note: See TracChangeset for help on using the changeset viewer.