WordPress.org

Make WordPress Core

Opened 6 years ago

Last modified 23 months ago

#10377 new defect (bug)

Comment fields should have max lengths

Reported by: muriloazevedo Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version: 2.8
Component: Comments Keywords: has-patch
Focuses: Cc:

Description

Hello, I don't know if exactly it's a bug or use javascript validation, but i think so there's no
treatment for this, or was fix in the new version.

In the section of comments(Wordpress 2.8), we can insert how many characheters we wants, generating an SQL Exception and breaking the all system.

The solution is simple, use the property maxlenght in the tag
<input /> e limit the characters if will be send to database.

Attachments (1)

10377.patch (4.5 KB) - added by westonruter 23 months ago.
Add maxlength to comment textarea and size check in wp-comments-post.php (extends patch from #10377)

Download all attachments as: .zip

Change History (7)

comment:1 follow-up: @dd326 years ago

  • Milestone changed from Unassigned to Future Release

The solution is simple, use the property maxlenght in the tag <input /> e limit the characters if will be send to database.

That doesnt stop people from directly posting the data anyway..

The comment_content field is a TEXT field:

BLOB 
TEXT 
A BLOB or TEXT column with a maximum length of 65535 (2^16 - 1) characters. See section 7.7.1 Silent column specification changes. 
MEDIUMBLOB 
MEDIUMTEXT 
A BLOB or TEXT column with a maximum length of 16777215 (2^24 - 1) characters. See section 7.7.1 Silent column specification changes. 
LONGBLOB 
LONGTEXT 
A BLOB or TEXT column with a maximum length of 4294967295 (2^32 - 1) characters. See section 7.7.1 Silent column specification changes.

so theres a limit of 65,535 characters in a comment at present.. Perhaps the comment handler should throw a error upon a longer comment.

comment:2 @dd326 years ago

also note, That MySQL should actually truncate the data if its longer, not throw an error..

comment:3 in reply to: ↑ 1 @azaozz6 years ago

Replying to dd32:

... so there's a limit of 65,535 characters in a comment at present.. Perhaps the comment handler should throw a error upon a longer comment.

There's some basic back-end validation already (duplicate comments, non-empty name and email, etc.). Adding max length for all comment fields should be trivial.

Actually this may be good for most POST requests in the admin including AJAX.

comment:4 @mrmist5 years ago

  • Summary changed from Problem in comments! to Comment fields should have max lengths

comment:5 @n3k43 years ago

  • Cc hellokane@… added

@westonruter23 months ago

Add maxlength to comment textarea and size check in wp-comments-post.php (extends patch from #10377)

comment:6 @westonruter23 months ago

  • Cc weston@… added
  • Keywords has-patch added; 'sql exception' comments removed

As noted in the attachment comment, in addition to the $comment_content size check in wp-comments-post.php, I've also patched the comment form to add a maxlength to the textarea itself (this extends a patch from #4332). Patch attached, and branch also pushed to GitHub fork: https://github.com/x-team/WordPress/compare/10377-comment-fields-should-have-max-lengths

Note: See TracTickets for help on using tickets.