Comments: Validate new comments before and after comment data is filtered.

This ensures that a Disallowed Comment Keys match will consistently send the comment to the Trash, by checking both the original unmodified comment data and the final filtered comment data.

If the first check has already resulted in a `trash` or `spam` status, the second check is skipped as redundant.

Follow-up to [2894], [3851], [48121], [48575].

Props cfinke, kbrownkd, thompsonsj, mi5t4n, devspace, chaion07, engahmeds3ed, SergeyBiryukov.
Fixes #61827.
Built from https://develop.svn.wordpress.org/trunk@59267


git-svn-id: http://core.svn.wordpress.org/trunk@58659 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-includes/comment.php

@@ -2277,9 +2277,14 @@ function wp_new_comment( $commentdata, $wp_error = false ) {
 		$commentdata['comment_type'] = 'comment';
 	}
 
+	$commentdata['comment_approved'] = wp_allow_comment( $commentdata, $wp_error );
+
 	$commentdata = wp_filter_comment( $commentdata );
 
-	$commentdata['comment_approved'] = wp_allow_comment( $commentdata, $wp_error );
+	if ( ! in_array( $commentdata['comment_approved'], array( 'trash', 'spam' ), true ) ) {
+		// Validate the comment again after filters are applied to comment data.
+		$commentdata['comment_approved'] = wp_allow_comment( $commentdata, $wp_error );
+	}
 
 	if ( is_wp_error( $commentdata['comment_approved'] ) ) {
 		return $commentdata['comment_approved'];

wp-includes/version.php

@@ -16,7 +16,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '6.7-beta3-59266';
+$wp_version = '6.7-beta3-59267';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.