Comments: Abstract die()
calls from comment submission routine.
Since 4.4, comment submission has been mostly abstracted into a function,
rather than being processed inline in wp-comments-post.php. This change
made it easier to write automated tests against the bulk of the comment
submission process. wp_allow_comment()
remained untestable, however:
when a comment failed one of its checks (flooding, duplicates, etc),
die()
or wp_die()
would be called directly. This shortcoming posed
problems for any application attempting to use WP's comment verification
functions in an abstract way - from PHPUnit to the REST API.
The current changeset introduces a new parameter, $avoid_die
, to the
wp_new_comment()
stack. When set to true
, wp_new_comment()
and
wp_allow_comment()
will return WP_Error
objects when a comment check
fails. When set to false
- the default, for backward compatibility -
a failed check will result in a die()
or wp_die()
, as appropriate.
Prior to this changeset, default comment flood checks took place in the
function check_comment_flood_db()
, which was hooked to the
'check_comment_flood' action. This design allowed the default comment
flood routine to be bypassed or replaced using remove_action()
.
In order to maintain backward compatibility with this usage, while
simultaneously converting the comment flood logic into something that
returns a value rather than calling die()
directly,
check_comment_flood_db()
has been changed into a wrapper function for
a call to add_filter()
; this, in turn, adds the *actual* comment flood
check to a new filter, 'wp_is_comment_flood'. Note that direct calls
to check_comment_flood_db()
will no longer do anything in isolation.
Props websupporter, rachelbaker.
Fixes #36901.