From 77561d0a3010ff014de0b2210f39a59f0c4db01e Mon Sep 17 00:00:00 2001 From: David Baumwald Date: Thu, 3 Mar 2022 20:32:20 +0000 Subject: [PATCH] Comments: Guard against potential PHP notices in `get_comment_author` and `get_comment_ID`. In both `get_comment_author` and `get_comment_ID`, it's possible that these functions are called without a comment context. Specifically, `get_comment_author` can be called without passing the `$comment_ID` parameter, and `get_comment_ID` relies on the `comment` global if there's no `$comment` parameter supplied. This leads to a PHP notice of "Trying to get property of a non-object." This change adds a check to both functions to ensure the `$comment->comment_ID` property is not empty before actually using its value. Follow-up to [52223]. Props dd32. Fixes #54379. git-svn-id: https://develop.svn.wordpress.org/trunk@52818 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/comment-template.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/wp-includes/comment-template.php b/src/wp-includes/comment-template.php index 5a1b2e22eb..e07a4b1b1d 100644 --- a/src/wp-includes/comment-template.php +++ b/src/wp-includes/comment-template.php @@ -22,10 +22,11 @@ * @return string The comment author */ function get_comment_author( $comment_ID = 0 ) { - $comment = get_comment( $comment_ID ); + $comment = get_comment( $comment_ID ); + $comment_ID = ! empty( $comment->comment_ID ) ? $comment->comment_ID : $comment_ID; if ( empty( $comment->comment_author ) ) { - $user = $comment->user_id ? get_userdata( $comment->user_id ) : false; + $user = ! empty( $comment->user_id ) ? get_userdata( $comment->user_id ) : false; if ( $user ) { $author = $user->display_name; } else { @@ -45,7 +46,7 @@ function get_comment_author( $comment_ID = 0 ) { * @param string $comment_ID The comment ID as a numeric string. * @param WP_Comment $comment The comment object. */ - return apply_filters( 'get_comment_author', $author, $comment->comment_ID, $comment ); + return apply_filters( 'get_comment_author', $author, $comment_ID, $comment ); } /** @@ -663,7 +664,8 @@ function comment_excerpt( $comment_ID = 0 ) { * @return string The comment ID as a numeric string. */ function get_comment_ID() { // phpcs:ignore WordPress.NamingConventions.ValidFunctionName.FunctionNameInvalid - $comment = get_comment(); + $comment = get_comment(); + $comment_ID = ! empty( $comment->comment_ID ) ? $comment->comment_ID : '0'; /** * Filters the returned comment ID. @@ -674,7 +676,7 @@ function get_comment_ID() { // phpcs:ignore WordPress.NamingConventions.ValidFun * @param string $comment_ID The current comment ID as a numeric string. * @param WP_Comment $comment The comment object. */ - return apply_filters( 'get_comment_ID', $comment->comment_ID, $comment ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.NotLowercase + return apply_filters( 'get_comment_ID', $comment_ID, $comment ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.NotLowercase } /**