REST API: Return an error when the length of a comment field is too long.

Introduces `wp_check_comment_data_max_lengths()` which allows both the REST API comments endpoints and `wp_handle_comment_submission()` to check the length of the comment content, author name, author url, and author email fields against their respective database columns.

Props rachelbaker, mangeshp, salcode, pento.
Fixes #38477.

git-svn-id: https://develop.svn.wordpress.org/trunk@39101 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Rachel Baker
2016-11-03 01:11:30 +00:00
parent 73c595f3e4
commit c962a98980
3 changed files with 215 additions and 15 deletions

View File

@@ -484,6 +484,12 @@ class WP_REST_Comments_Controller extends WP_REST_Controller {
$prepared_comment['comment_agent'] = '';
}
$check_comment_lengths = wp_check_comment_data_max_lengths( $prepared_comment );
if ( is_wp_error( $check_comment_lengths ) ) {
$error_code = $check_comment_lengths->get_error_code();
return new WP_Error( $error_code, __( 'Comment field exceeds maximum length allowed.' ), array( 'status' => 400 ) );
}
$prepared_comment['comment_approved'] = wp_allow_comment( $prepared_comment, true );
if ( is_wp_error( $prepared_comment['comment_approved'] ) ) {
@@ -631,6 +637,12 @@ class WP_REST_Comments_Controller extends WP_REST_Controller {
$prepared_args['comment_ID'] = $id;
$check_comment_lengths = wp_check_comment_data_max_lengths( $prepared_args );
if ( is_wp_error( $check_comment_lengths ) ) {
$error_code = $check_comment_lengths->get_error_code();
return new WP_Error( $error_code, __( 'Comment field exceeds maximum length allowed.' ), array( 'status' => 400 ) );
}
$updated = wp_update_comment( $prepared_args );
if ( 0 === $updated ) {