Make WordPress Core

Changeset 41980


Ignore:
Timestamp:
10/23/2017 10:11:11 PM (7 years ago)
Author:
peterwilsoncc
Message:

Comments: Check if wp_new_comment() returns an error.

Adds checks throughout to allow for wp_new_comment() returning a WP_Error instance.

Updates the docs for the pre_comment_approved filter to include that it can be passed an error.

Props enrico.sorcinelli, ryotsun.
Fixes #39730.

Location:
trunk
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/ajax-actions.php

    r41978 r41980  
    11011101
    11021102    $comment_id = wp_new_comment( $commentdata );
     1103
     1104    if ( is_wp_error( $comment_id ) ) {
     1105        wp_die( $comment_id->get_error_message() );
     1106    }
     1107
    11031108    $comment = get_comment($comment_id);
    11041109    if ( ! $comment ) wp_die( 1 );
  • trunk/src/wp-includes/class-wp-xmlrpc-server.php

    r41927 r41980  
    64886488        $comment_ID = wp_new_comment($commentdata);
    64896489
     6490        if ( is_wp_error( $comment_ID ) ) {
     6491            return $this->pingback_error( 0, $comment_ID->get_error_message() );
     6492        }
     6493
    64906494        /**
    64916495         * Fires after a post pingback has been sent.
  • trunk/src/wp-includes/comment.php

    r41940 r41980  
    770770     *
    771771     * @since 2.1.0
    772      *
    773      * @param bool|string $approved    The approval status. Accepts 1, 0, or 'spam'.
    774      * @param array       $commentdata Comment data.
     772     * @since 4.9.0 Returning a WP_Error value from the filter will shortcircuit comment insertion and
     773     *              allow skipping further processing.
     774     *
     775     * @param bool|string|WP_Error $approved    The approval status. Accepts 1, 0, 'spam' or WP_Error.
     776     * @param array                $commentdata Comment data.
    775777     */
    776778    $approved = apply_filters( 'pre_comment_approved', $approved, $commentdata );
  • trunk/src/wp-trackback.php

    r38791 r41980  
    127127    $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type');
    128128
    129     wp_new_comment($commentdata);
     129    $result = wp_new_comment( $commentdata );
     130
     131    if ( is_wp_error( $result ) ) {
     132        trackback_response( 1, $result->get_error_message() );
     133    }
     134
    130135    $trackback_id = $wpdb->insert_id;
    131136
  • trunk/tests/phpunit/tests/ajax/ReplytoComment.php

    r38398 r41980  
    223223        return $sql;
    224224    }
     225
     226    /**
     227     * Raises WP_Error after Posted a new pre comment
     228     * @ticket 39730
     229     * @return void
     230     */
     231    public function test_pre_comments_approved() {
     232
     233        // Become an administrator
     234        $this->_setRole( 'administrator' );
     235
     236        // Set up a default request
     237        $_POST['_ajax_nonce-replyto-comment'] = wp_create_nonce( 'replyto-comment' );
     238        $_POST['content']                     = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit.';
     239        $_POST['comment_post_ID']             = self::$comment_post->ID;
     240
     241        // Simulate filter check error
     242        add_filter( 'pre_comment_approved', array( $this, '_pre_comment_approved_filter' ), 10, 2 );
     243
     244        // Make the request
     245        $this->setExpectedException( 'WPAjaxDieStopException', 'pre_comment_approved filter fails for new comment' );
     246        $this->_handleAjax( 'replyto-comment' );
     247    }
     248
     249    /**
     250     *  Block comments from being saved 'pre_comment_approved', by returning WP_Error
     251     */
     252    function _pre_comment_approved_filter( $approved, $commentdata ) {
     253        return new WP_Error( 'comment_wrong', 'pre_comment_approved filter fails for new comment', 403 );
     254    }
    225255}
Note: See TracChangeset for help on using the changeset viewer.