Commit Graph

409 Commits

Author SHA1 Message Date
Sergey Biryukov 1ff333ca3b Comments: Improve comment content filtering.
Merges [44842] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@44848


git-svn-id: http://core.svn.wordpress.org/branches/4.6@44680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-12 22:37:22 +00:00
Drew Jaynes 6cc13f0c54 Docs: Fix formatting, tense, verb conjugation, and other syntax for wp-includes/* elements introduced or changed in 4.6.
Part 1/2.

See #37318.

Built from https://develop.svn.wordpress.org/trunk@38121


git-svn-id: http://core.svn.wordpress.org/trunk@38062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-20 16:57:32 +00:00
Rachel Baker 093b16dfcd Docs: Correct `comment_max_links_url` filter and `$url` param descriptions to communicate values are found links.
`$num_links` is the number of link matches found within the comment_content, and that is the value that can be modified with the `comment_max_links_url` filter.

Props pbearne.
Fixes #37319.
Built from https://develop.svn.wordpress.org/trunk@38098


git-svn-id: http://core.svn.wordpress.org/trunk@38039 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-19 01:49:30 +00:00
Dominik Schilling da88178148 Comments: Use `wp_strip_all_tags()` to strip HTML tags.
`wp_kses()` should only be used if you have a whitelist.

Props rachelbaker.
Fixes #37208.
Built from https://develop.svn.wordpress.org/trunk@38092


git-svn-id: http://core.svn.wordpress.org/trunk@38033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-18 14:04:31 +00:00
Rachel Baker 2040186a5d Comments: Include comment_content with html and without in blacklist_keys comparison.
After [38047], also include the comment_content with html in the preg_match against blacklist keys to match urls.

Props ocean90.
Fixes #37208.
Built from https://develop.svn.wordpress.org/trunk@38048


git-svn-id: http://core.svn.wordpress.org/trunk@37989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-13 14:05:29 +00:00
Rachel Baker 240e3ec683 Comments: Strip html tags from comment content before blacklist_keys comparison.
Use `wp_kses()` to clean comment_content for preg_match against the blacklist_keys. Also includes some initial unit tests for `wp_blacklist_check()`.
Previously, if a blacklisted key was used in comment_content split by an html tag the regex in `wp_blacklist_check()` would not find a match. Example: Where "springfield" was a blacklisted word, if the content of a comment included `spring<i>field</i>" `wp_blacklist_check()` would not return true.

Props cfinke.
Fixes #37208.
Built from https://develop.svn.wordpress.org/trunk@38047


git-svn-id: http://core.svn.wordpress.org/trunk@37988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-13 13:48:39 +00:00
Sergey Biryukov 139387b7e5 Docs: Use 3-digit, x.x.x-style semantic versioning for `_doing_it_wrong()`, `_deprecated_function()`, `_deprecated_argument()`, and `_deprecated_file()` throughout core.
Props metodiew.
Fixes #36495.
Built from https://develop.svn.wordpress.org/trunk@37985


git-svn-id: http://core.svn.wordpress.org/trunk@37926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-06 12:40:29 +00:00
Rachel Baker 15b4fa81d2 Comments: Do not flag a comment as a duplicate if the `comment_author_email` is provided but not a match.
This reduces the strictness of the duplicate check a little, but does prevent false duplicates for emoji or +1 comments by authors with matching names. The current logic was introduced all the way back in [2894].

Fixes #37093.
Built from https://develop.svn.wordpress.org/trunk@37713


git-svn-id: http://core.svn.wordpress.org/trunk@37679 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-15 14:51:27 +00:00
Peter Wilson 47d26cd9fb DOCS: Replace HTTP links with HTTPS.
Replaces unsecure links in documentation and translator comments with their secure versions.

Props johnpgreen, netweb

Fixes #36993

Built from https://develop.svn.wordpress.org/trunk@37674


git-svn-id: http://core.svn.wordpress.org/trunk@37640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-10 04:50:33 +00:00
Boone Gorges c70e3246e2 Use `clean_comment_cache()` in `wp_insert_comment()`.
Previously, only the 'last_changed' incrementor was manually invalidated, since
the newly created comment did not yet exist in the cache. However, this created
an inconsistency with the other comment CRUD functions, which result in the
'clean_comment_cache' action firing.

Props spacedmonkey.
See #36906.
Built from https://develop.svn.wordpress.org/trunk@37614


git-svn-id: http://core.svn.wordpress.org/trunk@37582 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-01 21:56:27 +00:00
Drew Jaynes da78aeffe9 Docs: Apply inline `@see` tags to hooks referenced in DocBlocks in a variety of wp-includes/* files.
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.

See #36921.

Built from https://develop.svn.wordpress.org/trunk@37542


git-svn-id: http://core.svn.wordpress.org/trunk@37510 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 18:59:27 +00:00
Drew Jaynes fd96e90758 Docs: Standardize filter docs in wp-includes/comment.php to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37512


git-svn-id: http://core.svn.wordpress.org/trunk@37480 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:41:29 +00:00
Drew Jaynes f52a8cb1fa Docs: Remove/replace invalid inline `@link` tags in DocBlocks in wp-includes/*.
Fixes #36910.

Built from https://develop.svn.wordpress.org/trunk@37487


git-svn-id: http://core.svn.wordpress.org/trunk@37455 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 17:39:28 +00:00
Rachel Baker 00adb457d2 Comments: Add `$data` parameter to include the comment data in the `edit_comment` action.
Props dshanske.

Fixes #36427.


Built from https://develop.svn.wordpress.org/trunk@37423


git-svn-id: http://core.svn.wordpress.org/trunk@37389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-12 15:37:27 +00:00
Drew Jaynes fe3b007fdd Docs: Remove inline `@see` tags from function, class, and method references in inline docs.
Known functions, classes, and methods are now auto-linked in Code Reference pages following #meta1483.

Note: Hook references are still linked via inline `@see` tags due to the unlikelihood of reliably matching for known hooks based on a RegEx pattern.

See #32246.

Built from https://develop.svn.wordpress.org/trunk@37342


git-svn-id: http://core.svn.wordpress.org/trunk@37308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-02 04:00:28 +00:00
Dominik Schilling d8f3325c14 Docs: Correct grammar when referring to "a URL" vs "an URL" in several places.
Fixes #36218.
Built from https://develop.svn.wordpress.org/trunk@36970


git-svn-id: http://core.svn.wordpress.org/trunk@36938 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-12 12:39:27 +00:00
Aaron Jorbin 1972aa2a2a Add grunt prerelease task
An unintended consequence of improving the precommit task is that when it's time to run a release, more tasks need to get run to verify things. This adds a prerelease task to help fix that situation. grunt prerelease should include tasks that verify the code base is ready to be released to the wild and find all the tears on the mausoleum floor and help Blood stain the Colosseum doors.

See #35557

Built from https://develop.svn.wordpress.org/trunk@36930


git-svn-id: http://core.svn.wordpress.org/trunk@36898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-10 05:37:27 +00:00
Sergey Biryukov 74f707ff6b Comments: Pass comment data to the `comment_post` filter.
Props dshanske.
See #34141.
Built from https://develop.svn.wordpress.org/trunk@36660


git-svn-id: http://core.svn.wordpress.org/trunk@36627 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-24 00:49:26 +00:00
Boone Gorges b23b89c8a9 Docs: Correct `param` types on some filters in `wp_filter_comment()`.
Introduced in [26491].

Props meitar, netweb.
Fixes #35908.
Built from https://develop.svn.wordpress.org/trunk@36626


git-svn-id: http://core.svn.wordpress.org/trunk@36593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-23 03:06:26 +00:00
Andrew Ozz 2d94e025a2 Replace `wp_upload_dir()` with the new `wp_get_upload_dir()` in all cases where a file is not being uploaded. Deprecate `_wp_upload_dir_baseurl()`, and replace it with `wp_get_upload_dir()`.
See #34359.
Built from https://develop.svn.wordpress.org/trunk@36569


git-svn-id: http://core.svn.wordpress.org/trunk@36536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-18 00:24:27 +00:00
Boone Gorges 571e14f897 More performance improvements to metadata lazyloading.
Comment and term meta lazyloading for `WP_Query` loops, introduced in 4.4,
depended on filter callback methods belonging to `WP_Query` objects. This meant
storing `WP_Query` objects in the `$wp_filter` global (via `add_filter()`),
requiring that PHP retain the objects in memory, even when the local variables
would typically be expunged during normal garbage collection. In cases where a
large number of `WP_Query` objects were instantiated on a single pageload,
and/or where the contents of the `WP_Query` objects were quite large, serious
performance issues could result.

We skirt this problem by moving metadata lazyloading out of `WP_Query`. The
new `WP_Metadata_Lazyloader` class acts as a lazyload queue. Query instances
register items whose metadata should be lazyloaded - such as post terms, or
comments - and a `WP_Metadata_Lazyloader` method will intercept comment and
term meta requests to perform the cache priming. Since `WP_Metadata_Lazyloader`
instances are far smaller than `WP_Query` (containing only object IDs), and
clean up after themselves far better than the previous `WP_Query` methods (bp
only running their callbacks a single time for a given set of queued objects),
the resource use is decreased dramatically.

See [36525] for an earlier step in this direction.

Props lpawlik, stevegrunwell, boonebgorges.
Fixes #35816.
Built from https://develop.svn.wordpress.org/trunk@36566


git-svn-id: http://core.svn.wordpress.org/trunk@36533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-17 22:58:26 +00:00
Andrew Ozz 0ff58701e0 Comments: look for wp_error when checking whether `$wpdb->get_col_length()` has failed.
See #10377.
Built from https://develop.svn.wordpress.org/trunk@36542


git-svn-id: http://core.svn.wordpress.org/trunk@36509 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-16 23:50:27 +00:00
Rachel Baker 8abd201a0b Comments: Change `wp_get_comment_column_max_length()` function to `wp_get_comment_fields_max_lengths()` for consolidation and better fallbacks.
Instead of returning a value for each of the related table column lengths, return an array of all of the column lengths used in the comment form.
Better fallback handling, where each field falls back to the expected max_length instead of an arbitrary number.

Props azaozz.

Fixes #10377.
Built from https://develop.svn.wordpress.org/trunk@36514


git-svn-id: http://core.svn.wordpress.org/trunk@36481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-12 13:55:28 +00:00
Eric Lewis 0efd5b3d00 Comments: Fire an action after a comment is removed from object cache.
When a comment is removed from the object cache, the `clean_comment_cache` action is now fired. This provides plugin and theme developers a chance to perform secondary cache invalidation as needed.

Props spacedmonkey.
Fixes #35610.

Built from https://develop.svn.wordpress.org/trunk@36405


git-svn-id: http://core.svn.wordpress.org/trunk@36372 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-26 03:47:25 +00:00
Rachel Baker f407e3a473 Comments: Use TEXT column type in fallback for `wp_get_comment_column_max_length()`.
Fixes #10377.

Built from https://develop.svn.wordpress.org/trunk@36325


git-svn-id: http://core.svn.wordpress.org/trunk@36292 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-15 20:10:27 +00:00
Pascal Birchler 19d4304565 Comments: Add a new `pre_wp_update_comment_count_now` filter.
This allows filtering a post's comment count before it is queried and updated in the database.

Props peterwilsoncc for initial patch.
Fixes #35060.
Built from https://develop.svn.wordpress.org/trunk@36318


git-svn-id: http://core.svn.wordpress.org/trunk@36285 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-15 13:42:26 +00:00
Rachel Baker 87e7b4455d Comments: Restrict the maximum characters for input fields within the comments template.
Added hardcoded maxlength attributes on the author, author_email, author_url, and comment_field input markup. These can be modified via the comment_form_defaults filter. Added logic in wp_handle_comment_submission() to return a WP_Error when the comment_author, comment_author_url, or comment_content values exceed the max length of their columns. Introduces wp_get_comment_column_max_length() which returns the max column length for a given column name, and is filterable. Unit tests included for the error conditions in wp_handle_comment_submission()

Fixes #10377.

Props westonruter rachelbaker.

Built from https://develop.svn.wordpress.org/trunk@36272


git-svn-id: http://core.svn.wordpress.org/trunk@36239 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-13 01:25:26 +00:00
Boone Gorges 74f83e1016 Allow comment agent and author IP to be set via `wp_update_comment()`.
Props adamsilverstein, welcher.
Fixes #35276.
Built from https://develop.svn.wordpress.org/trunk@36215


git-svn-id: http://core.svn.wordpress.org/trunk@36182 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-07 03:55:28 +00:00
Rachel Baker 2bdc6a5fd0 Docs: Add null to `post_id` param type, fix syntax, and descriptions in the DocBlock for `wp_update_comment_count()`.
See #32246.


Built from https://develop.svn.wordpress.org/trunk@36139


git-svn-id: http://core.svn.wordpress.org/trunk@36105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-31 19:21:28 +00:00
Aaron Jorbin 09688bd59c Ensure only approved comments trigger post author notifications
Posts that are trashed shouldn't trigger post author notifications.  Adds unit tests to enforce this.

Props scottbrownconsulting, peterwilsoncc, swissspidy
Fixes #35006


Built from https://develop.svn.wordpress.org/trunk@36119


git-svn-id: http://core.svn.wordpress.org/trunk@36085 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-29 17:54:28 +00:00
Rachel Baker a828b700fc Comments: Return early from `wp_update_comment_count()` if there is not a valid post.
Props ambrosey, juanfra. 
Fixes #34977


Built from https://develop.svn.wordpress.org/trunk@36115


git-svn-id: http://core.svn.wordpress.org/trunk@36080 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-28 22:58:28 +00:00
John Blackbourn afc7f43ca0 Comments: When a comment is submitted, ensure the `user_ID` element in the array that's passed to the `preprocess_comment` filter gets populated.
Fixes #34997

Built from https://develop.svn.wordpress.org/trunk@36038


git-svn-id: http://core.svn.wordpress.org/trunk@36003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-21 02:47:26 +00:00
Rachel Baker 719239ca1e Comments: Use an integer as the default value for `comment_post_ID` in `wp_insert_comment` to match database column.
Props MikeHansenMe, juanfra, rabmalin. 
Fixes #34956


Built from https://develop.svn.wordpress.org/trunk@35948


git-svn-id: http://core.svn.wordpress.org/trunk@35912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-15 15:13:27 +00:00
Sergey Biryukov fe131bacd1 I18N: Use better context for comment statuses.
See #35054.
Built from https://develop.svn.wordpress.org/trunk@35902


git-svn-id: http://core.svn.wordpress.org/trunk@35866 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-13 19:11:26 +00:00
Rachel Baker 9dd574bd99 Comments: Comments don’t need no Post ID when created, so they don’t be needing one to be edited.
In `wp_update_comment()` only check if the given `comment_post_ID` is valid if it isn’t `0`.  This allows comments that were created programmatically via `wp_insert_comment()` without the (optional) `comment_post_ID` parameter to be edited.

Props subharanjan for the initial patch.
Fixes #34954


Built from https://develop.svn.wordpress.org/trunk@35853


git-svn-id: http://core.svn.wordpress.org/trunk@35817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-10 15:17:29 +00:00
John Blackbourn 28c78799c3 Ensure the correct error message is returned when a user attempts to comment on a post to which they do not have access.
Adds more tests.

Built from https://develop.svn.wordpress.org/trunk@35745


git-svn-id: http://core.svn.wordpress.org/trunk@35709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-28 18:29:32 +00:00
Sergey Biryukov bc1e479fd0 After [35718], update the location of some files in `This filter is documented in` docs.
Partially reverts [33954].

Fixes #33413.
Built from https://develop.svn.wordpress.org/trunk@35725


git-svn-id: http://core.svn.wordpress.org/trunk@35689 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-22 03:51:28 +00:00
Andrew Nacin 1579e45d41 Simplify the include graph after work to split out classes.
see #33413. More details there.

Built from https://develop.svn.wordpress.org/trunk@35718


git-svn-id: http://core.svn.wordpress.org/trunk@35682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-20 07:24:30 +00:00
Drew Jaynes 5f6cdc2c3b Docs: The Comment API is singular.
See #33701.

Built from https://develop.svn.wordpress.org/trunk@34410


git-svn-id: http://core.svn.wordpress.org/trunk@34374 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 13:44:25 +00:00
Scott Taylor 67f90df6a4 `Walker_Comment` should be in its own file. Loaded now via `wp-includes/comment.php`, which makes it 100% BC.
See #33413.

Built from https://develop.svn.wordpress.org/trunk@33962


git-svn-id: http://core.svn.wordpress.org/trunk@33931 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 02:41:24 +00:00
Drew Jaynes bfe8b01ef2 Docs: Clarify the file header summary for wp-includes/comment.php, the top-level file for the core Comments API.
Also adds inline DocBlock for the `require_once()` calls that now bring in the `WP_Comment` and `WP_Comment_Query` classes, as well as core comments functionality.

See #33413. See #33701.

Built from https://develop.svn.wordpress.org/trunk@33900


git-svn-id: http://core.svn.wordpress.org/trunk@33869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-04 01:47:25 +00:00
Scott Taylor e73ee5ac98 Introduce `WP_Comment` class to model/strongly-type rows from the comments database table. Inclusion of this class is a pre-req for some more general comment cleanup and sanity.
* Takes inspiration from `WP_Post` and adds sanity to comment caching. 
* Clarifies when the current global value for `$comment` is returned. The current implementation in `get_comment()` introduces side effects and an occasion stale global value for `$comment` when comment caches are cleaned.
* Strongly-types `@param` docs
* This class is marked `final` for now

Props wonderboymusic, nacin.

See #32619.

Built from https://develop.svn.wordpress.org/trunk@33891


git-svn-id: http://core.svn.wordpress.org/trunk@33860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-03 18:17:24 +00:00
Scott Taylor f07ab12359 Comments: move `WP_Comment_Query` into its own file. `comment.php` loads the new files, so this is 100% BC if someone is loading `comment.php` directly. New files created using `svn cp`.
Creates: 
`class-wp-comment-query.php` 
`comment-functions.php` 

`comment.php` contains only top-level code. Class file only contains the class. Functions file only contains functions.

See #33413.

Built from https://develop.svn.wordpress.org/trunk@33750


git-svn-id: http://core.svn.wordpress.org/trunk@33718 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-26 04:27:21 +00:00
Scott Taylor ef87172270 `foreach` is a statement, not a function.
See #33491.

Built from https://develop.svn.wordpress.org/trunk@33734


git-svn-id: http://core.svn.wordpress.org/trunk@33702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-25 20:28:22 +00:00
Drew Jaynes 7aff9092c7 Docs: Document the default comment data arguments for `wp_new_comment()`.
Props rachelbaker, DrewAPicture
Fixes #32369.

Built from https://develop.svn.wordpress.org/trunk@33730


git-svn-id: http://core.svn.wordpress.org/trunk@33698 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-25 17:03:21 +00:00
Scott Taylor 572a0a587a Comments shouldn't have more than one `_wp_trash_meta_status` entry. When deleting `_wp_trash_meta_status`, also delete `_wp_trash_meta_time`.
See #11200.

Built from https://develop.svn.wordpress.org/trunk@33654


git-svn-id: http://core.svn.wordpress.org/trunk@33621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-20 02:45:26 +00:00
Drew Jaynes 536cdddbcd Fix inline documentation syntax for `get_default_comment_status()`, introduced in 4.3.
See [33122]. See #32891.

Built from https://develop.svn.wordpress.org/trunk@33223


git-svn-id: http://core.svn.wordpress.org/trunk@33195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 21:23:25 +00:00
Helen Hou-Sandí 30e478b1fb Move `get_default_comment_status()` to `wp-includes/comment.php` to sit alongside `get_comment_statuses()`.
props nacin.
see #31168.

Built from https://develop.svn.wordpress.org/trunk@33122


git-svn-id: http://core.svn.wordpress.org/trunk@33093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-08 15:44:28 +00:00
Boone Gorges ca390b2fb5 Allow 'comment_agent' and 'comment_author_IP' to be set via `wp_new_comment()`.
Props mrutz, wonderboymusic, rachelbaker.
Fixes #14601.
Built from https://develop.svn.wordpress.org/trunk@33021


git-svn-id: http://core.svn.wordpress.org/trunk@32992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 12:08:25 +00:00
Scott Taylor a0e373ef80 For doc block types, favor `bool` over the few remaining `boolean`s
See #32444.

Built from https://develop.svn.wordpress.org/trunk@32964


git-svn-id: http://core.svn.wordpress.org/trunk@32935 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-27 01:03:25 +00:00