Make WordPress Core

Changeset 48822


Ignore:
Timestamp:
08/19/2020 01:55:12 AM (4 years ago)
Author:
SergeyBiryukov
Message:

Comments: Make sure the comment data passed to the preprocess_comment filter includes the comment_agent and comment_author_IP values.

Props zodiac1978, SergeyBiryukov.
Fixes #51044.

Location:
trunk/src
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/misc.php

    r48586 r48822  
    689689                break;
    690690            default:
    691                 $screen_option = false;
    692 
    693691                if ( '_page' === substr( $option, -5 ) || 'layout_columns' === $option ) {
    694692                    /**
     
    711709                     * @param int    $value         The option value.
    712710                     */
    713                     $screen_option = apply_filters( 'set-screen-option', $screen_option, $option, $value ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
     711                    $value = apply_filters( 'set-screen-option', false, $option, $value ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
     712                } else {
     713                    /**
     714                     * Filters a screen option value before it is set.
     715                     *
     716                     * The dynamic portion of the hook, `$option`, refers to the option name.
     717                     *
     718                     * Returning false from the filter will skip saving the current option.
     719                     *
     720                     * @since 5.4.2
     721                     * @since 5.4.3 Only applied to options not ending with '_page',
     722                     *              and not the 'layout_columns' option.
     723                     *
     724                     * @see set_screen_options()
     725                     *
     726                     * @param mixed   $screen_option The value to save instead of the option value.
     727                     *                               Default false (to skip saving the current option).
     728                     * @param string  $option        The option name.
     729                     * @param int     $value         The option value.
     730                     */
     731                    $value = apply_filters( "set_screen_option_{$option}", false, $option, $value );
    714732                }
    715 
    716                 /**
    717                  * Filters a screen option value before it is set.
    718                  *
    719                  * The dynamic portion of the hook, `$option`, refers to the option name.
    720                  *
    721                  * Returning false from the filter will skip saving the current option.
    722                  *
    723                  * @since 5.4.2
    724                  *
    725                  * @see set_screen_options()
    726                  *
    727                  * @param mixed   $screen_option The value to save instead of the option value.
    728                  *                               Default false (to skip saving the current option).
    729                  * @param string  $option        The option name.
    730                  * @param int     $value         The option value.
    731                  */
    732                 $value = apply_filters( "set_screen_option_{$option}", $screen_option, $option, $value );
    733733
    734734                if ( false === $value ) {
  • trunk/src/wp-includes/comment.php

    r48748 r48822  
    21892189    $prefiltered_user_id = ( isset( $commentdata['user_id'] ) ) ? (int) $commentdata['user_id'] : 0;
    21902190
     2191    if ( ! isset( $commentdata['comment_author_IP'] ) ) {
     2192        $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
     2193    }
     2194
     2195    if ( ! isset( $commentdata['comment_agent'] ) ) {
     2196        $commentdata['comment_agent'] = isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : '';
     2197    }
     2198
    21912199    /**
    21922200     * Filters a comment's data before it is sanitized and inserted into the database.
    21932201     *
    21942202     * @since 1.5.0
     2203     * @since 5.6.0 Comment data includes the `comment_agent` and `comment_author_IP` values.
    21952204     *
    21962205     * @param array $commentdata Comment data.
     
    22122221    $commentdata['comment_parent'] = ( 'approved' === $parent_status || 'unapproved' === $parent_status ) ? $commentdata['comment_parent'] : 0;
    22132222
    2214     if ( ! isset( $commentdata['comment_author_IP'] ) ) {
    2215         $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
    2216     }
    22172223    $commentdata['comment_author_IP'] = preg_replace( '/[^0-9a-fA-F:., ]/', '', $commentdata['comment_author_IP'] );
    22182224
    2219     if ( ! isset( $commentdata['comment_agent'] ) ) {
    2220         $commentdata['comment_agent'] = isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : '';
    2221     }
    22222225    $commentdata['comment_agent'] = substr( $commentdata['comment_agent'], 0, 254 );
    22232226
Note: See TracChangeset for help on using the changeset viewer.