From 08efd7b6369ab9874962d5e6fce80fadc1b396d3 Mon Sep 17 00:00:00 2001 From: Ryan McCue Date: Tue, 8 Nov 2016 06:41:57 +0000 Subject: [PATCH] REST API: Require 6 characters for comment email addresses. The regular comments API requires 6 characters rather than 3, so we need to match this. Props mangeshp, dd32. Fixes #38506. git-svn-id: https://develop.svn.wordpress.org/trunk@39158 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/rest-api.php | 6 +++++- .../rest-api/rest-comments-controller.php | 21 +++++++++++++++++++ 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/src/wp-includes/rest-api.php b/src/wp-includes/rest-api.php index 8642460dd8..d59f570c02 100644 --- a/src/wp-includes/rest-api.php +++ b/src/wp-includes/rest-api.php @@ -1036,7 +1036,11 @@ function rest_validate_value_from_schema( $value, $args, $param = '' ) { break; case 'email' : - if ( ! is_email( $value ) ) { + // is_email() checks for 3 characters (a@b), but + // wp_handle_comment_submission() requires 6 characters (a@b.co) + // + // https://core.trac.wordpress.org/ticket/38506 + if ( ! is_email( $value ) || strlen( $value ) < 6 ) { return new WP_Error( 'rest_invalid_email', __( 'The email address you provided is invalid.' ) ); } break; diff --git a/tests/phpunit/tests/rest-api/rest-comments-controller.php b/tests/phpunit/tests/rest-api/rest-comments-controller.php index f409c431b7..e225cbcd86 100644 --- a/tests/phpunit/tests/rest-api/rest-comments-controller.php +++ b/tests/phpunit/tests/rest-api/rest-comments-controller.php @@ -908,6 +908,27 @@ class WP_Test_REST_Comments_Controller extends WP_Test_REST_Controller_Testcase update_option( 'require_name_email', 0 ); } + public function test_create_comment_author_email_too_short() { + wp_set_current_user( 0 ); + + $params = array( + 'post' => self::$post_id, + 'author_name' => 'Homer J. Simpson', + 'author_email' => 'a@b', + 'content' => 'in this house, we obey the laws of thermodynamics!', + ); + + $request = new WP_REST_Request( 'POST', '/wp/v2/comments' ); + $request->add_header( 'content-type', 'application/json' ); + $request->set_body( wp_json_encode( $params ) ); + $response = $this->server->dispatch( $request ); + + $this->assertErrorResponse( 'rest_invalid_param', $response, 400 ); + + $data = $response->get_data(); + $this->assertArrayHasKey( 'author_email', $data['data']['params'] ); + } + public function test_create_item_invalid_blank_content() { wp_set_current_user( 0 );