Changeset 39101
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/comment.php
r38925 r39101 1123 1123 1124 1124 /** 1125 * Compares the lengths of comment data against the maximum character limits. 1126 * 1127 * @since 4.7.0 1128 * 1129 * @param array $comment_data Array of arguments for inserting a comment. 1130 * @return WP_Error|true WP_Error when a comment field exceeds the limit, 1131 * otherwise true. 1132 */ 1133 function wp_check_comment_data_max_lengths( $comment_data ) { 1134 $max_lengths = wp_get_comment_fields_max_lengths(); 1135 1136 if ( isset( $comment_data['comment_author'] ) && mb_strlen( $comment_data['comment_author'], '8bit' ) > $max_lengths['comment_author'] ) { 1137 return new WP_Error( 'comment_author_column_length', __( '<strong>ERROR</strong>: your name is too long.' ), 200 ); 1138 } 1139 1140 if ( isset( $comment_data['comment_author_email'] ) && strlen( $comment_data['comment_author_email'] ) > $max_lengths['comment_author_email'] ) { 1141 return new WP_Error( 'comment_author_email_column_length', __( '<strong>ERROR</strong>: your email address is too long.' ), 200 ); 1142 } 1143 1144 if ( isset( $comment_data['comment_author_url'] ) && strlen( $comment_data['comment_author_url'] ) > $max_lengths['comment_author_url'] ) { 1145 return new WP_Error( 'comment_author_url_column_length', __( '<strong>ERROR</strong>: your url is too long.' ), 200 ); 1146 } 1147 1148 if ( isset( $comment_data['comment_content'] ) && mb_strlen( $comment_data['comment_content'], '8bit' ) > $max_lengths['comment_content'] ) { 1149 return new WP_Error( 'comment_content_column_length', __( '<strong>ERROR</strong>: your comment is too long.' ), 200 ); 1150 } 1151 1152 return true; 1153 } 1154 1155 /** 1125 1156 * Does comment contain blacklisted characters or words. 1126 1157 * … … 3033 3064 3034 3065 $comment_type = ''; 3035 $max_lengths = wp_get_comment_fields_max_lengths();3036 3066 3037 3067 if ( get_option( 'require_name_email' ) && ! $user->exists() ) { … … 3043 3073 } 3044 3074 3045 if ( isset( $comment_author ) && $max_lengths['comment_author'] < mb_strlen( $comment_author, '8bit' ) ) {3046 return new WP_Error( 'comment_author_column_length', __( '<strong>ERROR</strong>: your name is too long.' ), 200 );3047 }3048 3049 if ( isset( $comment_author_email ) && $max_lengths['comment_author_email'] < strlen( $comment_author_email ) ) {3050 return new WP_Error( 'comment_author_email_column_length', __( '<strong>ERROR</strong>: your email address is too long.' ), 200 );3051 }3052 3053 if ( isset( $comment_author_url ) && $max_lengths['comment_author_url'] < strlen( $comment_author_url ) ) {3054 return new WP_Error( 'comment_author_url_column_length', __( '<strong>ERROR</strong>: your url is too long.' ), 200 );3055 }3056 3057 3075 if ( '' == $comment_content ) { 3058 3076 return new WP_Error( 'require_valid_comment', __( '<strong>ERROR</strong>: please type a comment.' ), 200 ); 3059 } elseif ( $max_lengths['comment_content'] < mb_strlen( $comment_content, '8bit' ) ) {3060 return new WP_Error( 'comment_content_column_length', __( '<strong>ERROR</strong>: your comment is too long.' ), 200 );3061 3077 } 3062 3078 … … 3072 3088 ); 3073 3089 3090 $check_max_lengths = wp_check_comment_data_max_lengths( $commentdata ); 3091 if ( is_wp_error( $check_max_lengths ) ) { 3092 return $check_max_lengths; 3093 } 3094 3074 3095 $comment_id = wp_new_comment( wp_slash( $commentdata ), true ); 3075 3096 if ( is_wp_error( $comment_id ) ) { -
trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
r39089 r39101 485 485 } 486 486 487 $check_comment_lengths = wp_check_comment_data_max_lengths( $prepared_comment ); 488 if ( is_wp_error( $check_comment_lengths ) ) { 489 $error_code = $check_comment_lengths->get_error_code(); 490 return new WP_Error( $error_code, __( 'Comment field exceeds maximum length allowed.' ), array( 'status' => 400 ) ); 491 } 492 487 493 $prepared_comment['comment_approved'] = wp_allow_comment( $prepared_comment, true ); 488 494 … … 631 637 632 638 $prepared_args['comment_ID'] = $id; 639 640 $check_comment_lengths = wp_check_comment_data_max_lengths( $prepared_args ); 641 if ( is_wp_error( $check_comment_lengths ) ) { 642 $error_code = $check_comment_lengths->get_error_code(); 643 return new WP_Error( $error_code, __( 'Comment field exceeds maximum length allowed.' ), array( 'status' => 400 ) ); 644 } 633 645 634 646 $updated = wp_update_comment( $prepared_args ); -
trunk/tests/phpunit/tests/rest-api/rest-comments-controller.php
r38975 r39101 1353 1353 } 1354 1354 1355 /** 1356 * @ticket 38477 1357 */ 1358 public function test_create_comment_author_name_too_long() { 1359 wp_set_current_user( 0 ); 1360 1361 $params = array( 1362 'post' => self::$post_id, 1363 'author_name' => rand_long_str( 246 ), 1364 'author_email' => 'murphy@gingivitis.com', 1365 'author_url' => 'http://jazz.gingivitis.com', 1366 'content' => 'This isn\'t a saxophone. It\'s an umbrella.', 1367 'date' => '1995-04-30T10:22:00', 1368 ); 1369 $request = new WP_REST_Request( 'POST', '/wp/v2/comments' ); 1370 1371 $request->add_header( 'content-type', 'application/json' ); 1372 $request->set_body( wp_json_encode( $params ) ); 1373 $response = $this->server->dispatch( $request ); 1374 1375 $this->assertErrorResponse( 'comment_author_column_length', $response, 400 ); 1376 } 1377 1378 /** 1379 * @ticket 38477 1380 */ 1381 public function test_create_comment_author_email_too_long() { 1382 wp_set_current_user( 0 ); 1383 1384 $params = array( 1385 'post' => self::$post_id, 1386 'author_name' => 'Bleeding Gums Murphy', 1387 'author_email' => 'murphy@' . rand_long_str( 190 ) . '.com', 1388 'author_url' => 'http://jazz.gingivitis.com', 1389 'content' => 'This isn\'t a saxophone. It\'s an umbrella.', 1390 'date' => '1995-04-30T10:22:00', 1391 ); 1392 $request = new WP_REST_Request( 'POST', '/wp/v2/comments' ); 1393 1394 $request->add_header( 'content-type', 'application/json' ); 1395 $request->set_body( wp_json_encode( $params ) ); 1396 $response = $this->server->dispatch( $request ); 1397 1398 $this->assertErrorResponse( 'comment_author_email_column_length', $response, 400 ); 1399 } 1400 1401 /** 1402 * @ticket 38477 1403 */ 1404 public function test_create_comment_author_url_too_long() { 1405 wp_set_current_user( 0 ); 1406 1407 $params = array( 1408 'post' => self::$post_id, 1409 'author_name' => 'Bleeding Gums Murphy', 1410 'author_email' => 'murphy@gingivitis.com', 1411 'author_url' => 'http://jazz.' . rand_long_str( 185 ) . '.com', 1412 'content' => 'This isn\'t a saxophone. It\'s an umbrella.', 1413 'date' => '1995-04-30T10:22:00', 1414 ); 1415 $request = new WP_REST_Request( 'POST', '/wp/v2/comments' ); 1416 1417 $request->add_header( 'content-type', 'application/json' ); 1418 $request->set_body( wp_json_encode( $params ) ); 1419 $response = $this->server->dispatch( $request ); 1420 1421 $this->assertErrorResponse( 'comment_author_url_column_length', $response, 400 ); 1422 } 1423 1424 /** 1425 * @ticket 38477 1426 */ 1427 public function test_create_comment_content_too_long() { 1428 wp_set_current_user( 0 ); 1429 1430 $params = array( 1431 'post' => self::$post_id, 1432 'author_name' => 'Bleeding Gums Murphy', 1433 'author_email' => 'murphy@gingivitis.com', 1434 'author_url' => 'http://jazz.gingivitis.com', 1435 'content' => rand_long_str( 66525 ), 1436 'date' => '1995-04-30T10:22:00', 1437 ); 1438 $request = new WP_REST_Request( 'POST', '/wp/v2/comments' ); 1439 1440 $request->add_header( 'content-type', 'application/json' ); 1441 $request->set_body( wp_json_encode( $params ) ); 1442 $response = $this->server->dispatch( $request ); 1443 1444 $this->assertErrorResponse( 'comment_content_column_length', $response, 400 ); 1445 } 1446 1355 1447 public function test_update_item() { 1356 1448 $post_id = $this->factory->post->create(); … … 1608 1700 $this->assertEquals( 200, $response->get_status() ); 1609 1701 $this->assertArrayHasKey( 'children', $response->get_links() ); 1702 } 1703 1704 /** 1705 * @ticket 38477 1706 */ 1707 public function test_update_comment_author_name_too_long() { 1708 wp_set_current_user( self::$admin_id ); 1709 1710 $params = array( 1711 'author_name' => rand_long_str( 246 ), 1712 'content' => 'This isn\'t a saxophone. It\'s an umbrella.', 1713 ); 1714 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 1715 1716 $request->add_header( 'content-type', 'application/json' ); 1717 $request->set_body( wp_json_encode( $params ) ); 1718 $response = $this->server->dispatch( $request ); 1719 1720 $this->assertErrorResponse( 'comment_author_column_length', $response, 400 ); 1721 } 1722 1723 /** 1724 * @ticket 38477 1725 */ 1726 public function test_update_comment_author_email_too_long() { 1727 wp_set_current_user( self::$admin_id ); 1728 1729 $params = array( 1730 'author_email' => 'murphy@' . rand_long_str( 190 ) . '.com', 1731 'content' => 'This isn\'t a saxophone. It\'s an umbrella.', 1732 ); 1733 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 1734 1735 $request->add_header( 'content-type', 'application/json' ); 1736 $request->set_body( wp_json_encode( $params ) ); 1737 $response = $this->server->dispatch( $request ); 1738 1739 $this->assertErrorResponse( 'comment_author_email_column_length', $response, 400 ); 1740 } 1741 1742 /** 1743 * @ticket 38477 1744 */ 1745 public function test_update_comment_author_url_too_long() { 1746 wp_set_current_user( self::$admin_id ); 1747 1748 $params = array( 1749 'author_url' => 'http://jazz.' . rand_long_str( 185 ) . '.com', 1750 'content' => 'This isn\'t a saxophone. It\'s an umbrella.', 1751 ); 1752 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 1753 1754 $request->add_header( 'content-type', 'application/json' ); 1755 $request->set_body( wp_json_encode( $params ) ); 1756 $response = $this->server->dispatch( $request ); 1757 1758 $this->assertErrorResponse( 'comment_author_url_column_length', $response, 400 ); 1759 } 1760 1761 /** 1762 * @ticket 38477 1763 */ 1764 public function test_update_comment_content_too_long() { 1765 wp_set_current_user( self::$admin_id ); 1766 1767 $params = array( 1768 'content' => rand_long_str( 66525 ), 1769 ); 1770 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 1771 1772 $request->add_header( 'content-type', 'application/json' ); 1773 $request->set_body( wp_json_encode( $params ) ); 1774 $response = $this->server->dispatch( $request ); 1775 1776 $this->assertErrorResponse( 'comment_content_column_length', $response, 400 ); 1610 1777 } 1611 1778
Note: See TracChangeset
for help on using the changeset viewer.