Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
r39349 r39444 509 509 // Honor the discussion setting that requires a name and email address of the comment author. 510 510 if ( get_option( 'require_name_email' ) ) { 511 if ( ! isset( $prepared_comment['comment_author'] ) && ! isset( $prepared_comment['comment_author_email'] ) ) {511 if ( empty( $prepared_comment['comment_author'] ) || empty( $prepared_comment['comment_author_email'] ) ) { 512 512 return new WP_Error( 'rest_comment_author_data_required', __( 'Creating a comment requires valid author name and email values.' ), array( 'status' => 400 ) ); 513 }514 515 if ( ! isset( $prepared_comment['comment_author'] ) ) {516 return new WP_Error( 'rest_comment_author_required', __( 'Creating a comment requires a valid author name.' ), array( 'status' => 400 ) );517 }518 519 if ( ! isset( $prepared_comment['comment_author_email'] ) ) {520 return new WP_Error( 'rest_comment_author_email_required', __( 'Creating a comment requires a valid author email.' ), array( 'status' => 400 ) );521 513 } 522 514 } … … 1156 1148 'format' => 'email', 1157 1149 'context' => array( 'edit' ), 1150 'arg_options' => array( 1151 'sanitize_callback' => array( $this, 'check_comment_author_email' ), 1152 'validate_callback' => null, // skip built-in validation of 'email'. 1153 ), 1158 1154 ), 1159 1155 'author_ip' => array( … … 1582 1578 return current_user_can( 'edit_comment', $comment->comment_ID ); 1583 1579 } 1580 1581 /** 1582 * Checks a comment author email for validity. 1583 * 1584 * Accepts either a valid email address or empty string as a valid comment 1585 * author email address. Setting the comment author email to an empty 1586 * string is allowed when a comment is being updated. 1587 * 1588 * @since 4.7.0 1589 * 1590 * @param string $value Author email value submitted. 1591 * @param WP_REST_Request $request Full details about the request. 1592 * @param string $param The parameter name. 1593 * @return WP_Error|string The sanitized email address, if valid, 1594 * otherwise an error. 1595 */ 1596 public function check_comment_author_email( $value, $request, $param ) { 1597 $email = (string) $value; 1598 if ( empty( $email ) ) { 1599 return $email; 1600 } 1601 1602 $check_email = rest_validate_request_arg( $email, $request, $param ); 1603 if ( is_wp_error( $check_email ) ) { 1604 return $check_email; 1605 } 1606 1607 return $email; 1608 } 1584 1609 } -
trunk/tests/phpunit/tests/rest-api/rest-comments-controller.php
r39375 r39444 96 96 update_site_option( 'site_admins', array( 'superadmin' ) ); 97 97 } 98 }99 100 public function tearDown() {101 parent::tearDown();102 98 } 103 99 … … 988 984 } 989 985 990 public function test_create_comment_missing_required_author_name _and_email_per_option_value() {986 public function test_create_comment_missing_required_author_name() { 991 987 add_filter( 'rest_allow_anonymous_comments', '__return_true' ); 992 update_option( 'require_name_email', 1 );993 994 $params = array(995 'post' => self::$post_id,996 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.',997 );998 999 $request = new WP_REST_Request( 'POST', '/wp/v2/comments' );1000 $request->add_header( 'content-type', 'application/json' );1001 $request->set_body( wp_json_encode( $params ) );1002 1003 $response = $this->server->dispatch( $request );1004 1005 $this->assertErrorResponse( 'rest_comment_author_data_required', $response, 400 );1006 1007 update_option( 'require_name_email', 0 );1008 }1009 1010 public function test_create_comment_missing_required_author_name_per_option_value() {1011 wp_set_current_user( self::$admin_id );1012 988 update_option( 'require_name_email', 1 ); 1013 989 … … 1023 999 1024 1000 $response = $this->server->dispatch( $request ); 1025 $this->assertErrorResponse( 'rest_comment_author_required', $response, 400 ); 1026 1027 update_option( 'require_name_email', 0 ); 1028 } 1029 1030 public function test_create_comment_missing_required_author_email_per_option_value() { 1001 1002 $this->assertErrorResponse( 'rest_comment_author_data_required', $response, 400 ); 1003 } 1004 1005 public function test_create_comment_empty_required_author_name() { 1006 add_filter( 'rest_allow_anonymous_comments', '__return_true' ); 1007 update_option( 'require_name_email', 1 ); 1008 1009 $params = array( 1010 'author_name' => '', 1011 'author_email' => 'ekrabappel@springfield-elementary.edu', 1012 'post' => self::$post_id, 1013 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 1014 ); 1015 1016 $request = new WP_REST_Request( 'POST', '/wp/v2/comments' ); 1017 $request->add_header( 'content-type', 'application/json' ); 1018 $request->set_body( wp_json_encode( $params ) ); 1019 1020 $response = $this->server->dispatch( $request ); 1021 1022 $this->assertErrorResponse( 'rest_comment_author_data_required', $response, 400 ); 1023 } 1024 1025 public function test_create_comment_missing_required_author_email() { 1031 1026 wp_set_current_user( self::$admin_id ); 1032 1027 update_option( 'require_name_email', 1 ); … … 1043 1038 1044 1039 $response = $this->server->dispatch( $request ); 1045 $this->assertErrorResponse( 'rest_comment_author_email_required', $response, 400 ); 1046 1047 update_option( 'require_name_email', 0 ); 1040 $this->assertErrorResponse( 'rest_comment_author_data_required', $response, 400 ); 1041 } 1042 1043 public function test_create_comment_empty_required_author_email() { 1044 wp_set_current_user( self::$admin_id ); 1045 update_option( 'require_name_email', 1 ); 1046 1047 $params = array( 1048 'post' => self::$post_id, 1049 'author_name' => 'Edna Krabappel', 1050 'author_email' => '', 1051 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 1052 ); 1053 1054 $request = new WP_REST_Request( 'POST', '/wp/v2/comments' ); 1055 $request->add_header( 'content-type', 'application/json' ); 1056 $request->set_body( wp_json_encode( $params ) ); 1057 1058 $response = $this->server->dispatch( $request ); 1059 $this->assertErrorResponse( 'rest_comment_author_data_required', $response, 400 ); 1048 1060 } 1049 1061 … … 1991 2003 $this->assertEquals( $params['date_gmt'], $comment['date_gmt'] ); 1992 2004 $this->assertEquals( $params['date_gmt'], mysql_to_rfc3339( $updated->comment_date_gmt ) ); 2005 } 2006 2007 public function test_update_comment_author_email_only() { 2008 wp_set_current_user( self::$editor_id ); 2009 update_option( 'require_name_email', 1 ); 2010 2011 $params = array( 2012 'post' => self::$post_id, 2013 'author_email' => 'ekrabappel@springfield-elementary.edu', 2014 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 2015 ); 2016 2017 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2018 $request->add_header( 'content-type', 'application/json' ); 2019 $request->set_body( wp_json_encode( $params ) ); 2020 2021 $response = $this->server->dispatch( $request ); 2022 $this->assertEquals( 200, $response->get_status() ); 2023 } 2024 2025 public function test_update_comment_empty_author_name() { 2026 wp_set_current_user( self::$editor_id ); 2027 update_option( 'require_name_email', 1 ); 2028 2029 $params = array( 2030 'author_name' => '', 2031 'author_email' => 'ekrabappel@springfield-elementary.edu', 2032 'post' => self::$post_id, 2033 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 2034 ); 2035 2036 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2037 $request->add_header( 'content-type', 'application/json' ); 2038 $request->set_body( wp_json_encode( $params ) ); 2039 2040 $response = $this->server->dispatch( $request ); 2041 $this->assertEquals( 200, $response->get_status() ); 2042 } 2043 2044 public function test_update_comment_author_name_only() { 2045 wp_set_current_user( self::$admin_id ); 2046 update_option( 'require_name_email', 1 ); 2047 2048 $params = array( 2049 'post' => self::$post_id, 2050 'author_name' => 'Edna Krabappel', 2051 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 2052 ); 2053 2054 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2055 $request->add_header( 'content-type', 'application/json' ); 2056 $request->set_body( wp_json_encode( $params ) ); 2057 2058 $response = $this->server->dispatch( $request ); 2059 $this->assertEquals( 200, $response->get_status() ); 2060 } 2061 2062 public function test_update_comment_empty_author_email() { 2063 wp_set_current_user( self::$admin_id ); 2064 update_option( 'require_name_email', 1 ); 2065 2066 $params = array( 2067 'post' => self::$post_id, 2068 'author_name' => 'Edna Krabappel', 2069 'author_email' => '', 2070 'content' => 'Now, I don\'t want you to worry class. These tests will have no affect on your grades. They merely determine your future social status and financial success. If any.', 2071 ); 2072 2073 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2074 $request->add_header( 'content-type', 'application/json' ); 2075 $request->set_body( wp_json_encode( $params ) ); 2076 2077 $response = $this->server->dispatch( $request ); 2078 $this->assertEquals( 200, $response->get_status() ); 2079 } 2080 2081 public function test_update_comment_author_email_too_short() { 2082 wp_set_current_user( self::$admin_id ); 2083 2084 $params = array( 2085 'post' => self::$post_id, 2086 'author_name' => 'Homer J. Simpson', 2087 'author_email' => 'a@b', 2088 'content' => 'in this house, we obey the laws of thermodynamics!', 2089 ); 2090 2091 $request = new WP_REST_Request( 'PUT', sprintf( '/wp/v2/comments/%d', self::$approved_id ) ); 2092 $request->add_header( 'content-type', 'application/json' ); 2093 $request->set_body( wp_json_encode( $params ) ); 2094 $response = $this->server->dispatch( $request ); 2095 2096 $this->assertErrorResponse( 'rest_invalid_param', $response, 400 ); 2097 $data = $response->get_data(); 2098 $this->assertArrayHasKey( 'author_email', $data['data']['params'] ); 1993 2099 } 1994 2100
Note: See TracChangeset
for help on using the changeset viewer.