Make WordPress Core

Changeset 47984 for trunk


Ignore:
Timestamp:
06/10/2020 07:18:50 PM (4 years ago)
Author:
whyisjake
Message:

Editor: Ensure latest comments can only be viewed from public posts.

Props: poena, xknown.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/comment-template.php

    r47889 r47984  
    597597 */
    598598function get_comment_excerpt( $comment_ID = 0 ) {
    599     $comment      = get_comment( $comment_ID );
    600     $comment_text = strip_tags( str_replace( array( "\n", "\r" ), ' ', $comment->comment_content ) );
     599    $comment = get_comment( $comment_ID );
     600
     601    if ( ! post_password_required( $comment->comment_post_ID ) ) {
     602        $comment_text = strip_tags( str_replace( array( "\n", "\r" ), ' ', $comment->comment_content ) );
     603    } else {
     604        $comment_text = __( 'Password protected' );
     605    }
    601606
    602607    /* translators: Maximum number of words used in a comment excerpt. */
  • trunk/tests/phpunit/tests/blocks/render.php

    r46612 r47984  
    290290    }
    291291
     292    public function test_render_latest_comments_on_password_protected_post() {
     293        $post_id      = self::factory()->post->create(
     294            array(
     295                'post_password' => 'password',
     296            )
     297        );
     298        $comment_text = wp_generate_password( 10, false );
     299        self::factory()->comment->create(
     300            array(
     301                'comment_post_ID' => $post_id,
     302                'comment_content' => $comment_text,
     303            )
     304        );
     305        $comments = do_blocks( '<!-- wp:latest-comments {"commentsToShow":1,"displayExcerpt":true} /-->' );
     306
     307        $this->assertNotContains( $comment_text, $comments );
     308    }
     309
    292310    /**
    293311     * @ticket 45109
Note: See TracChangeset for help on using the changeset viewer.