#54379 closed defect (bug) (fixed)
`get_comment_ID()` can cause a notice within the `comment_text` filter
Reported by: | dd32 | Owned by: | davidbaumwald |
---|---|---|---|
Milestone: | 6.0 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Comments | Keywords: | has-patch |
Focuses: | Cc: |
Description (last modified by )
The comment_text
filter is primarily run with the context of a comment, however, during comment submission check_comment() calls the filter without any comment context, and without a global $comment
object.
The result of this is that if any plugin is filtering on comment_text
calls get_comment_ID() then it'll trigger the following notice:
E_NOTICE: Trying to get property 'comment_ID' of non-object in wp-includes/comment-template.php:677
Most of the comment template functions are written with the expectation that get_comment()
will always return a non-false value, but get_comment_ID()
seems to be the worst offender, at least among the plugins being used on the WordPress.org site.
The simplest way to trigger this is using wp-cli shell:
wp> error_reporting( E_ALL ); int(32767) wp> ini_set( 'display_errors', true ); string(0) "" wp> add_filter( 'comment_text', function( $text ) { return get_comment_ID(); } ); bool(true) wp> check_comment( "author", "email", "url", "comment", "ip", "agent", "type" ); Notice: Trying to get property 'comment_ID' of non-object in wp-includes/comment-template.php on line 677 Call Stack: ....... 25.5958 67872048 15. eval('return check_comment( "author", "email", "url", "comment", "ip", "agent", "type" );') phar://bin/wp/vendor/wp-cli/shell-command/src/WP_CLI/Shell/REPL.php:46 25.5958 67872048 16. check_comment($author = 'author', $email = 'email', $url = 'url', $comment = 'comment', $user_ip = 'ip', $user_agent = 'agent', $comment_type = 'type') phar://bin/wp/vendor/wp-cli/shell-command/src/WP_CLI/Shell/REPL.php(46) : eval()'d code:1 25.5960 67872048 17. apply_filters($hook_name = 'comment_text', $value = 'comment', NULL, []) wp-includes/comment.php:48 25.5961 67872456 18. WP_Hook->apply_filters($value = 'comment', $args = [0 => 'comment', 1 => NULL, 2 => []]) wp-includes/plugin.php:189 25.5969 67882792 19. WP_CLI\Shell\REPL->{closure:phar://bin/wp/vendor/wp-cli/shell-command/src/WP_CLI/Shell/REPL.php(46) : eval()'d code:1-1}($text = 'comment') wp-includes/class-wp-hook.php:305 25.5969 67882792 20. get_comment_ID() phar://bin/wp/vendor/wp-cli/shell-command/src/WP_CLI/Shell/REPL.php(46) : eval()'d code:1 bool(false)
Attached is a targeted patch for get_comment_ID()
.
Attachments (4)
Change History (15)
#3
@
3 years ago
#54149 is related to the first instance here - although it wasn't included in the PR/patch to start with over there.
The other two patches are unrelated enough though.
#6
follow-up:
↓ 8
@
3 years ago
- Keywords needs-refresh added
@dd32 After [52205], the 54379.2.diff doesn't apply cleanly.
More importantly, the inline docs there were updated to have the $comment_ID
param to expect a string
. Should this be corrected back to int
while also casting the $comment_ID
to an (int)
?
Is it your preference to handle the other related notices here as well, or should those be split off into separate tickets?
This ticket was mentioned in PR #2373 on WordPress/wordpress-develop by dd32.
3 years ago
#7
- Keywords needs-refresh removed
Trac ticket: https://core.trac.wordpress.org/ticket/54379
#8
in reply to:
↑ 6
@
3 years ago
Replying to davidbaumwald:
More importantly, the inline docs there were updated to have the
$comment_ID
param to expect astring
. Should this be corrected back toint
while also casting the$comment_ID
to an(int)
?
While I don't agree with the whole A numeric string, for compatibility reasons.
stuff, I don't see any benefit in casting to an int here, might as well just continue the status-quo of a numeric string.
Is it your preference to handle the other related notices here as well, or should those be split off into separate tickets?
I don't see the harm in fixing multiple similar things in a singular ticket. I'd just manually apply the diff if I was committing this.. but happy to refresh it for you.
Looks like 54379.comments_open.diff was handled in [52223].
https://github.com/WordPress/wordpress-develop/pull/2373 should be the remaining diffs from the attachments here.
dream-encode commented on PR #2373:
3 years ago
#10
Committed to core in https://core.trac.wordpress.org/changeset/52818
Other examples:
In those cases the
$post
object is expected to exist. See 54379.comments_open.diff. Seems to primarily happen during thejp_sitemap_cron_hook
cron event, so I'm guessing it's specifically for comments that relate to post_id = 0.Those are when
get_comment_author()
is called without a valid comment set, similar to the original issue here. See 54379.get_comment_author.diff