Make WordPress Core

Opened 12 years ago

Closed 12 years ago

#11054 closed defect (bug) (duplicate)

Users can't post comments if their user-agent header is > 255 characters

Reported by: mattchiste Owned by:
Milestone: Priority: normal
Severity: normal Version: 2.8.5
Component: General Keywords:
Focuses: Cc:


I've posted this to a couple forums but thought I'd post it here.


The problem: if a user-agent header is > 255 characters, wordpress redirects the user to "/wp-comments-post.php#comment-", which is always a broken URL. My user-agent header in IE happens to be "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; WOW64; Trident/4.0; EmbeddedWB 14.52 from: http://www.bsalsa.com/ EmbeddedWB 14.52; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; MS-RTC LM 8; OfficeLiveConnector.1.4; OfficeLivePatch.1.3; .NET CLR 3.0.30729)" - 282 characters.

The wp_comments table has a comment_agent field with a length of only 255 characters.

I suggested this fix on the forums:
ALTER TABLE wp.wp_comments MODIFY COLUMN comment_agent VARCHAR(512) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL;

... but ultimately, the real fix would be a tweak to comment.php (wp_insert_comment or wp_new_comment functions) so that this line in wp-comments-post.php doesn't just get a bad comment ID:
$comment_id = wp_new_comment( $commentdata );

... or if it does, at least these lines check to make sure there's a valid comment ID before throwing the redirection:
$location = empty($_POSTredirect_to?) ? get_comment_link($comment_id) : $_POSTredirect_to? . '#comment-' . $comment_id;
$location = apply_filters('comment_post_redirect', $location, $comment);


Change History (1)

#1 @dd32
12 years ago

  • Resolution set to duplicate
  • Status changed from new to closed

The error is "fixed" in that the user agent is truncated to prevent the error See #10389

In order to store he entire length user agent, it should probably be moved to he comment meta instead, See #10856

Closing as duplicate of those 2 tickets, see also #10747

Note: See TracTickets for help on using tickets.