sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Allow 'comment_agent' and 'comment_author_IP' to be set via wp_new_comment().

Browse Source 
Props mrutz, wonderboymusic, rachelbaker.
Fixes #14601.

git-svn-id: https://develop.svn.wordpress.org/trunk@33021 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Boone Gorges 2015-07-01 12:07:28 +00:00
parent 1cccb02930
commit e8a16ec322
2 changed files with 134 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/wp-includes/comment.php
View File

@ -2271,6 +2271,7 @@ function wp_throttle_comment_flood($block, $time_lastcomment, $time_newcomment)
* See {@link https://core.trac.wordpress.org/ticket/9235} * See {@link https://core.trac.wordpress.org/ticket/9235}
* *
* @since 1.5.0 * @since 1.5.0
* @since 4.3.0 'comment_agent' and 'comment_author_IP' can be set via `$commentdata`.
* *
* @see wp_insert_comment() * @see wp_insert_comment()
* *
@ -2309,8 +2310,15 @@ function wp_new_comment( $commentdata ) {
$parent_status = ( 0 < $commentdata['comment_parent'] ) ? wp_get_comment_status($commentdata['comment_parent']) : ''; $parent_status = ( 0 < $commentdata['comment_parent'] ) ? wp_get_comment_status($commentdata['comment_parent']) : '';
$commentdata['comment_parent'] = ( 'approved' == $parent_status || 'unapproved' == $parent_status ) ? $commentdata['comment_parent'] : 0; $commentdata['comment_parent'] = ( 'approved' == $parent_status || 'unapproved' == $parent_status ) ? $commentdata['comment_parent'] : 0;
$commentdata['comment_author_IP'] = preg_replace( '/[^0-9a-fA-F:., ]/', '',$_SERVER['REMOTE_ADDR'] ); if ( ! isset( $commentdata['comment_author_IP'] ) ) {
$commentdata['comment_agent'] = isset( $_SERVER['HTTP_USER_AGENT'] ) ? substr( $_SERVER['HTTP_USER_AGENT'], 0, 254 ) : ''; $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
}
$commentdata['comment_author_IP'] = preg_replace( '/[^0-9a-fA-F:., ]/', '', $commentdata['comment_author_IP'] );
if ( ! isset( $commentdata['comment_agent'] ) ) {
$commentdata['comment_agent'] = isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT']: '';
}
$commentdata['comment_agent'] = substr( $commentdata['comment_agent'], 0, 254 );
if ( empty( $commentdata['comment_date'] ) ) { if ( empty( $commentdata['comment_date'] ) ) {
$commentdata['comment_date'] = current_time('mysql'); $commentdata['comment_date'] = current_time('mysql');

124
tests/phpunit/tests/comment.php
View File

@ -113,6 +113,130 @@ class Tests_Comment extends WP_UnitTestCase {
} }
} }
/**
* @ticket 14601
*/
public function test_wp_new_comment_respects_author_ip() {
$u = $this->factory->user->create();
$post_id = $this->factory->post->create( array( 'post_author' => $u ) );
$data = array(
'comment_post_ID' => $post_id,
'comment_author' => rand_str(),
'comment_author_IP' => '192.168.1.1',
'comment_author_url' => '',
'comment_author_email' => '',
'comment_type' => '',
'comment_content' => rand_str(),
);
$id = wp_new_comment( $data );
$comment = get_comment( $id );
$this->assertEquals( $data['comment_author_IP'], $comment->comment_author_IP );
}
/**
* @ticket 14601
*/
public function test_wp_new_comment_respects_author_ip_empty_string() {
$u = $this->factory->user->create();
$post_id = $this->factory->post->create( array( 'post_author' => $u ) );
$data = array(
'comment_post_ID' => $post_id,
'comment_author' => rand_str(),
'comment_author_IP' => '',
'comment_author_url' => '',
'comment_author_email' => '',
'comment_type' => '',
'comment_content' => rand_str(),
);
$id = wp_new_comment( $data );
$comment = get_comment( $id );
$this->assertEquals( $data['comment_author_IP'], $comment->comment_author_IP );
}
/**
* @ticket 14601
*/
public function test_wp_new_comment_respects_comment_agent() {
$u = $this->factory->user->create();
$post_id = $this->factory->post->create( array( 'post_author' => $u ) );
$data = array(
'comment_post_ID' => $post_id,
'comment_author' => rand_str(),
'comment_author_IP' => '',
'comment_author_url' => '',
'comment_author_email' => '',
'comment_agent' => 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X; en-us) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53',
'comment_type' => '',
'comment_content' => rand_str(),
);
$id = wp_new_comment( $data );
$comment = get_comment( $id );
$this->assertEquals( $data['comment_agent'], $comment->comment_agent );
}
/**
* @ticket 14601
*/
public function test_wp_new_comment_should_trim_provided_comment_agent_to_254_chars() {
$u = $this->factory->user->create();
$post_id = $this->factory->post->create( array( 'post_author' => $u ) );
$data = array(
'comment_post_ID' => $post_id,
'comment_author' => rand_str(),
'comment_author_IP' => '',
'comment_author_url' => '',
'comment_author_email' => '',
'comment_agent' => 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X; en-us) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53 Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16 Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en; rv:1.8.1.4pre) Gecko/20070511 Camino/1.6pre',
'comment_type' => '',
'comment_content' => rand_str(),
);
$id = wp_new_comment( $data );
$comment = get_comment( $id );
$this->assertEquals( 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X; en-us) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53 Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16 Mozilla/5.0 (Macintosh; U; PPC Mac OS ', $comment->comment_agent );
}
/**
* @ticket 14601
*/
public function test_wp_new_comment_respects_comment_agent_empty_string() {
$u = $this->factory->user->create();
$post_id = $this->factory->post->create( array( 'post_author' => $u ) );
$data = array(
'comment_post_ID' => $post_id,
'comment_author' => rand_str(),
'comment_author_IP' => '',
'comment_author_url' => '',
'comment_author_email' => '',
'comment_agent' => '',
'comment_type' => '',
'comment_content' => rand_str(),
);
$id = wp_new_comment( $data );
$comment = get_comment( $id );
$this->assertEquals( $data['comment_agent'], $comment->comment_agent );
}
public function test_comment_field_lengths() { public function test_comment_field_lengths() {
// `wp_new_comment()` checks REMOTE_ADDR, so we fake it to avoid PHP notices. // `wp_new_comment()` checks REMOTE_ADDR, so we fake it to avoid PHP notices.
if ( isset( $_SERVER['REMOTE_ADDR'] ) ) { if ( isset( $_SERVER['REMOTE_ADDR'] ) ) {