From 223a2d0f7b82662cda01d221b04b232152a94e5c Mon Sep 17 00:00:00 2001 From: Scott Taylor Date: Thu, 24 Sep 2015 21:22:25 +0000 Subject: [PATCH] Comments: in `check_comment_flood_db()`, don't throttle moderators. If the commenter is logged in, check against their `user_id` instead of `comment_author_IP`. Throwback: "If you can edit comments on the post, 'Slow down Cowboy' shouldn't kick in." Props garyc40, wonderboymusic. Fixes #16219. Built from https://develop.svn.wordpress.org/trunk@34522 git-svn-id: http://core.svn.wordpress.org/trunk@34486 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/comment-functions.php | 24 +++++++++++++++++++++--- wp-includes/version.php | 2 +- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/wp-includes/comment-functions.php b/wp-includes/comment-functions.php index 10d9a803e8..abe8291613 100644 --- a/wp-includes/comment-functions.php +++ b/wp-includes/comment-functions.php @@ -688,10 +688,28 @@ function wp_allow_comment( $commentdata ) { */ function check_comment_flood_db( $ip, $email, $date ) { global $wpdb; - if ( current_user_can( 'manage_options' ) ) - return; // don't throttle admins + // don't throttle admins or moderators + if ( current_user_can( 'manage_options' ) || current_user_can( 'moderate_comments' ) ) { + return; + } $hour_ago = gmdate( 'Y-m-d H:i:s', time() - HOUR_IN_SECONDS ); - if ( $lasttime = $wpdb->get_var( $wpdb->prepare( "SELECT `comment_date_gmt` FROM `$wpdb->comments` WHERE `comment_date_gmt` >= %s AND ( `comment_author_IP` = %s OR `comment_author_email` = %s ) ORDER BY `comment_date_gmt` DESC LIMIT 1", $hour_ago, $ip, $email ) ) ) { + + if ( is_user_logged_in() ) { + $user = get_current_user_id(); + $check_column = '`user_id`'; + } else { + $user = $ip; + $check_column = '`comment_author_IP`'; + } + + $sql = $wpdb->prepare( + "SELECT `comment_date_gmt` FROM `$wpdb->comments` WHERE `comment_date_gmt` >= %s AND ( $check_column = %s OR `comment_author_email` = %s ) ORDER BY `comment_date_gmt` DESC LIMIT 1", + $hour_ago, + $user, + $email + ); + $lasttime = $wpdb->get_var( $sql ); + if ( $lasttime ) { $time_lastcomment = mysql2date('U', $lasttime, false); $time_newcomment = mysql2date('U', $date, false); /** diff --git a/wp-includes/version.php b/wp-includes/version.php index 3273eb0dfa..e8382a2320 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.4-alpha-34521'; +$wp_version = '4.4-alpha-34522'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.