Comments: Do not flag a comment as a duplicate if the comment_author_email is provided but not a match.

This reduces the strictness of the duplicate check a little, but does prevent false duplicates for emoji or +1 comments by authors with matching names. The current logic was introduced all the way back in [2894]. Fixes #37093. git-svn-id: https://develop.svn.wordpress.org/trunk@37713 602fd350-edb4-49c9-b593-d223f7449a82
2016-06-15 14:50:38 +00:00 · 2016-06-15 14:50:38 +00:00 · 1d115078eb
commit 1d115078eb
parent ade41fc2cf
2 changed files with 72 additions and 1 deletions
--- a/src/wp-includes/comment.php
+++ b/src/wp-includes/comment.php
@ -600,7 +600,7 @@ function wp_allow_comment( $commentdata ) {
 	);
 	if ( $commentdata['comment_author_email'] ) {
 		$dupe .= $wpdb->prepare(
-			"OR comment_author_email = %s ",
+			"AND comment_author_email = %s ",
 			wp_unslash( $commentdata['comment_author_email'] )
 		);
 	}
--- a/tests/phpunit/tests/comment/wpAllowComment.php
+++ b/tests/phpunit/tests/comment/wpAllowComment.php
@ -0,0 +1,71 @@
+<?php
+
+/**
+ * @group comment
+ */
+class Tests_Comment_WpAllowComment extends WP_UnitTestCase {
+	protected static $post_id;
+	protected static $comment_id;
+
+	function setUp() {
+		parent::setUp();
+
+		self::$post_id = self::factory()->post->create();
+		self::$comment_id = self::factory()->comment->create( array(
+			'comment_post_ID' => self::$post_id,
+			'comment_approved' => '1',
+			'comment_author' => 'Bob',
+			'comment_author_email' => 'bobthebuilder@example.com',
+			'comment_author_url' => 'http://example.com',
+			'comment_content' => 'Yes, we can!',
+		) );
+
+		update_option( 'comment_whitelist', 0 );
+	}
+
+	function tearDown() {
+		wp_delete_post( self::$post_id, true );
+		wp_delete_comment( self::$comment_id, true );
+	}
+
+	public function test_allow_comment_if_comment_author_emails_differ() {
+		$now = time();
+		$comment_data = array(
+			'comment_post_ID' => self::$post_id,
+			'comment_author' => 'Bob',
+			'comment_author_email' => 'sideshowbob@example.com',
+			'comment_author_url' => 'http://example.com',
+			'comment_content' => 'Yes, we can!',
+			'comment_author_IP' => '192.168.0.1',
+			'comment_parent' => 0,
+			'comment_date_gmt' => date( 'Y-m-d H:i:s', $now ),
+			'comment_agent' => 'Bobbot/2.1',
+			'comment_type' => '',
+		);
+
+		$result = wp_allow_comment( $comment_data );
+
+		$this->assertSame( 1, $result );
+	}
+
+	/**
+	 * @expectedException WPDieException
+	 */
+	public function test_die_as_duplicate_if_comment_author_name_and_emails_match() {
+		$now = time();
+		$comment_data = array(
+			'comment_post_ID' => self::$post_id,
+			'comment_author' => 'Bob',
+			'comment_author_email' => 'bobthebuilder@example.com',
+			'comment_author_url' => 'http://example.com',
+			'comment_content' => 'Yes, we can!',
+			'comment_author_IP' => '192.168.0.1',
+			'comment_parent' => 0,
+			'comment_date_gmt' => date( 'Y-m-d H:i:s', $now ),
+			'comment_agent' => 'Bobbot/2.1',
+			'comment_type' => '',
+		);
+
+		$result = wp_allow_comment( $comment_data );
+	}
+}