mirror of
https://github.com/gosticks/wordpress-develop.git
synced 2026-07-01 15:50:09 +00:00
Comments: Restrict the maximum characters for input fields within the comments template.
Added hardcoded maxlength attributes on the author, author_email, author_url, and comment_field input markup. These can be modified via the comment_form_defaults filter. Added logic in wp_handle_comment_submission() to return a WP_Error when the comment_author, comment_author_url, or comment_content values exceed the max length of their columns. Introduces wp_get_comment_column_max_length() which returns the max column length for a given column name, and is filterable. Unit tests included for the error conditions in wp_handle_comment_submission() Fixes #10377. Props westonruter rachelbaker. git-svn-id: https://develop.svn.wordpress.org/trunk@36272 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
@@ -6,6 +6,18 @@ function rand_str($len=32) {
|
||||
return substr(md5(uniqid(rand())), 0, $len);
|
||||
}
|
||||
|
||||
function rand_long_str( $length ) {
|
||||
$chars = 'abcdefghijklmnopqrstuvwxyz';
|
||||
$string = '';
|
||||
|
||||
for ( $i = 0; $i < $length; $i++ ) {
|
||||
$rand = rand( 0, strlen( $chars ) - 1 );
|
||||
$string .= substr( $chars, $rand, 1 );
|
||||
}
|
||||
|
||||
return $string;
|
||||
}
|
||||
|
||||
// strip leading and trailing whitespace from each line in the string
|
||||
function strip_ws($txt) {
|
||||
$lines = explode("\n", $txt);
|
||||
|
||||
@@ -592,6 +592,86 @@ class Tests_Comment_Submission extends WP_UnitTestCase {
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 10377
|
||||
*/
|
||||
public function test_submitting_comment_with_content_too_long_returns_error() {
|
||||
$error = 'comment_content_column_length';
|
||||
|
||||
$post = self::factory()->post->create_and_get();
|
||||
|
||||
$data = array(
|
||||
'comment_post_ID' => $post->ID,
|
||||
'comment' => rand_long_str( 65536 ),
|
||||
'author' => 'Comment Author',
|
||||
'email' => 'comment@example.org',
|
||||
);
|
||||
$comment = wp_handle_comment_submission( $data );
|
||||
|
||||
$this->assertWPError( $comment );
|
||||
$this->assertSame( $error, $comment->get_error_code() );
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 10377
|
||||
*/
|
||||
public function test_submitting_comment_with_author_too_long_returns_error() {
|
||||
$error = 'comment_author_column_length';
|
||||
|
||||
$post = self::factory()->post->create_and_get();
|
||||
|
||||
$data = array(
|
||||
'comment_post_ID' => $post->ID,
|
||||
'comment' => rand_str(),
|
||||
'author' => rand_long_str( 255 ),
|
||||
'email' => 'comment@example.org',
|
||||
);
|
||||
$comment = wp_handle_comment_submission( $data );
|
||||
|
||||
$this->assertWPError( $comment );
|
||||
$this->assertSame( $error, $comment->get_error_code() );
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 10377
|
||||
*/
|
||||
public function test_submitting_comment_with_email_too_long_returns_error() {
|
||||
$error = 'comment_author_email_column_length';
|
||||
|
||||
$post = self::factory()->post->create_and_get();
|
||||
|
||||
$data = array(
|
||||
'comment_post_ID' => $post->ID,
|
||||
'comment' => rand_str(),
|
||||
'author' => 'Comment Author',
|
||||
'email' => rand_long_str( 90 ) . '@example.com',
|
||||
);
|
||||
$comment = wp_handle_comment_submission( $data );
|
||||
|
||||
$this->assertWPError( $comment );
|
||||
$this->assertSame( $error, $comment->get_error_code() );
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 10377
|
||||
*/
|
||||
public function test_submitting_comment_with_url_too_long_returns_error() {
|
||||
$error = 'comment_author_url_column_length';
|
||||
|
||||
$post = self::factory()->post->create_and_get();
|
||||
$data = array(
|
||||
'comment_post_ID' => $post->ID,
|
||||
'comment' => rand_str(),
|
||||
'author' => 'Comment Author',
|
||||
'email' => 'comment@example.org',
|
||||
'url' => rand_long_str( 201 ),
|
||||
);
|
||||
$comment = wp_handle_comment_submission( $data );
|
||||
|
||||
$this->assertWPError( $comment );
|
||||
$this->assertSame( $error, $comment->get_error_code() );
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 34997
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user