From c556e7494357c9ebe1af3c1cf69b416cc8bc9e1a Mon Sep 17 00:00:00 2001
From: Sergey Biryukov <sergeybiryukov@git.wordpress.org>
Date: Thu, 5 Jun 2014 04:37:02 +0000
Subject: [PATCH] wp_insert_comment() and wp_new_comment() should check if the
 comment was successfully inserted into the database.

props pento.
fixes #28254.

git-svn-id: https://develop.svn.wordpress.org/trunk@28672 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-comments-post.php    |  6 +++++-
 src/wp-includes/comment.php | 11 ++++++++---
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/src/wp-comments-post.php b/src/wp-comments-post.php
index 6196c36842..0ed359c5bb 100644
--- a/src/wp-comments-post.php
+++ b/src/wp-comments-post.php
@@ -132,7 +132,11 @@ $comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_paren
 $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID');
 
 $comment_id = wp_new_comment( $commentdata );
-$comment = get_comment($comment_id);
+if ( ! $comment_id ) {
+	wp_die( __( "<strong>ERROR</strong>: The comment could not be saved. Please try again later." ) );
+}
+
+$comment = get_comment( $comment_id );
 
 /**
  * Perform other actions when comment cookies are set.
diff --git a/src/wp-includes/comment.php b/src/wp-includes/comment.php
index eb0e5335dd..9747bf7892 100644
--- a/src/wp-includes/comment.php
+++ b/src/wp-includes/comment.php
@@ -1582,7 +1582,7 @@ function wp_get_current_commenter() {
  * @uses $wpdb
  *
  * @param array $commentdata Contains information on the comment.
- * @return int The new comment's ID.
+ * @return int|bool The new comment's ID on success, false on failure.
  */
 function wp_insert_comment( $commentdata ) {
 	global $wpdb;
@@ -1607,7 +1607,9 @@ function wp_insert_comment( $commentdata ) {
 	$user_id  = ! isset( $data['user_id'] ) ? 0 : $data['user_id'];
 
 	$compacted = compact( 'comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_author_IP', 'comment_date', 'comment_date_gmt', 'comment_content', 'comment_karma', 'comment_approved', 'comment_agent', 'comment_type', 'comment_parent', 'user_id' );
-	$wpdb->insert( $wpdb->comments, $compacted );
+	if ( ! $wpdb->insert( $wpdb->comments, $compacted ) ) {
+		return false;
+	}
 
 	$id = (int) $wpdb->insert_id;
 
@@ -1727,7 +1729,7 @@ function wp_throttle_comment_flood($block, $time_lastcomment, $time_newcomment)
  *
  * @since 1.5.0
  * @param array $commentdata Contains information on the comment.
- * @return int The ID of the comment after adding.
+ * @return int|bool The ID of the comment on success, false on failure.
  */
 function wp_new_comment( $commentdata ) {
 	/**
@@ -1760,6 +1762,9 @@ function wp_new_comment( $commentdata ) {
 	$commentdata['comment_approved'] = wp_allow_comment($commentdata);
 
 	$comment_ID = wp_insert_comment($commentdata);
+	if ( ! $comment_ID ) {
+		return false;
+	}
 
 	/**
 	 * Fires immediately after a comment is inserted into the database.