vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-04-14 09:34:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Comments: Restrict the maximum characters for input fields within the comments template.

Browse Source 
Added hardcoded maxlength attributes on the author, author_email, author_url, and comment_field input markup. These can be modified via the comment_form_defaults filter. Added logic in wp_handle_comment_submission() to return a WP_Error when the comment_author, comment_author_url, or comment_content values exceed the max length of their columns. Introduces wp_get_comment_column_max_length() which returns the max column length for a given column name, and is filterable. Unit tests included for the error conditions in wp_handle_comment_submission()

Fixes #10377.

Props westonruter rachelbaker.


git-svn-id: https://develop.svn.wordpress.org/trunk@36272 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Rachel Baker
2016-01-13 01:24:46 +00:00
parent 3212239199
commit 0e85f45cb4
4 changed files with 147 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
src/wp-includes/comment.php
View File

@@ -947,6 +947,43 @@ function get_page_of_comment( $comment_ID, $args = array() ) {
return apply_filters( 'get_page_of_comment', (int) $page, $args, $original_args );
}
/**
* Calculate the maximum character length of a column from the comments table.
*
* @since 4.5.0
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param string $column Name of a column in the comments table.
* @return int Maximum column character length.
*/
function wp_get_comment_column_max_length( $column ) {
global $wpdb;
$col_length = $wpdb->get_col_length( $wpdb->comments, $column );
if ( ! is_array( $col_length ) && (int) $col_length > 0 ) {
$max_length = (int) $col_length;
} elseif ( is_array( $col_length ) && isset( $col_length['length'] ) && intval( $col_length['length'] ) > 0 ) {
$max_length = (int) $col_length['length'];
} else {
$max_length = 255;
}
if ( ! empty( $col_length['type'] ) && 'byte' === $col_length['type'] ) {
$max_length = $max_length - 10;
}
/**
* Filters the calculated length for a given column of the comments table.
*
* @since 4.5.0
*
* @param int $max_length Maximum column character length.
* @param string $column Column name.
*/
return apply_filters( 'wp_get_comment_column_max_length', $max_length, $column );
}
/**
* Does comment contain blacklisted characters or words.
*
@@ -2778,8 +2815,22 @@ function wp_handle_comment_submission( $comment_data ) {
}
}
if ( isset( $comment_author ) && wp_get_comment_column_max_length( 'comment_author' ) < mb_strlen( $comment_author, '8bit' ) ) {
return new WP_Error( 'comment_author_column_length', __( '<strong>ERROR</strong>: your name is too long.' ), 200 );
}
if ( isset( $comment_author_email ) && wp_get_comment_column_max_length( 'comment_author_email' ) < strlen( $comment_author_email ) ) {
return new WP_Error( 'comment_author_email_column_length', __( '<strong>ERROR</strong>: your email address is too long.' ), 200 );
}
if ( isset( $comment_author_url ) && wp_get_comment_column_max_length( 'comment_author_url' ) < strlen( $comment_author_url ) ) {
return new WP_Error( 'comment_author_url_column_length', __( '<strong>ERROR</strong>: your url is too long.' ), 200 );
}
if ( '' == $comment_content ) {
return new WP_Error( 'require_valid_comment', __( '<strong>ERROR</strong>: please type a comment.' ), 200 );
} elseif ( wp_get_comment_column_max_length( 'comment_content' ) < mb_strlen( $comment_content, '8bit' ) ) {
return new WP_Error( 'comment_content_column_length', __( '<strong>ERROR</strong>: your comment is too long.' ), 200 );
}
$commentdata = compact(