Commit Graph

553 Commits

Author SHA1 Message Date
Sergey Biryukov ced8fb20a1 Code Modernization: Remove error suppression from `parse_url()` calls.
Previously, the `@` operator was used to prevent possible warnings emitted by `parse_url()` in PHP < 5.3.3 when URL parsing failed.

Now that the minimum version of PHP required by WordPress is 5.6.20, this is no longer needed.

Props netpassprodsr, Howdy_McGee.
Fixes #49980. See #24780.
Built from https://develop.svn.wordpress.org/trunk@47617


git-svn-id: http://core.svn.wordpress.org/trunk@47392 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-24 07:28:10 +00:00
Sergey Biryukov 427405535f Docs: Synchronize parameter documentation for various metadata functions, update per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@47611


git-svn-id: http://core.svn.wordpress.org/trunk@47386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-22 10:31:09 +00:00
Sergey Biryukov 9aa0fff80e Docs: Document the default value of `$single` and `$prev_value` parameters in various metadata functions.
Props denisco.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@47610


git-svn-id: http://core.svn.wordpress.org/trunk@47385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-22 09:40:10 +00:00
Sergey Biryukov 61a2f62ffd Comments: Use `comment` instead of an empty string for the `comment_type` DB field value in comments table.
This is the first step to bring support for custom comment types into WordPress.

Add a scheduled upgrade routine to update the type value for existing comments, in batches of 100 at a time.

Props imath, aaroncampbell, jeremyfelt, dshanske.
Fixes #49236.
Built from https://develop.svn.wordpress.org/trunk@47597


git-svn-id: http://core.svn.wordpress.org/trunk@47372 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-17 19:35:06 +00:00
Sergey Biryukov 38676936ba Coding Standards: Use strict type check for `in_array()` and `array_search()` where strings are involved.
This reduces the number of `WordPress.PHP.StrictInArray.MissingTrueStrict` issues from 486 to 50.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47550


git-svn-id: http://core.svn.wordpress.org/trunk@47325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-05 03:02:11 +00:00
John Blackbourn 8f1eddef11 Comments: Ensure all elements in the array returned by `get_comment_count()` are integers.
Previously elements would be a mixture of strings and integers depending on their numeric value.

Props progremzion, m.usama.masood

Fixes #48093
Built from https://develop.svn.wordpress.org/trunk@47526


git-svn-id: http://core.svn.wordpress.org/trunk@47301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-28 20:44:09 +00:00
John Blackbourn 056dad9c2c Docs: Use more specific types in parameter descriptions in place of `mixed`.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47397


git-svn-id: http://core.svn.wordpress.org/trunk@47184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-01 10:38:07 +00:00
Sergey Biryukov c15cd5f5c4 Docs: Add missing quote to `{@see 'comment_$old_status_to_$new_status'}` hook reference in `wp_transition_comment_status()` DocBlock.
Props coffee2code.
Fixes #49474.
Built from https://develop.svn.wordpress.org/trunk@47324


git-svn-id: http://core.svn.wordpress.org/trunk@47118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-19 13:45:07 +00:00
Sergey Biryukov f7338b347d Docs: Update `@return` tag for `wp_allow_comment()` with `trash` as a possible return value.
Props oakesjosh, jeremyfelt.
Fixes #49206.
Built from https://develop.svn.wordpress.org/trunk@47286


git-svn-id: http://core.svn.wordpress.org/trunk@47086 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-13 17:50:05 +00:00
Sergey Biryukov a6949956d1 Administration: Capitalize `Trash` consistently in various messages and comments.
When used as a noun referring to the "virtual" place, `Trash` should be capitalized.

Props garrett-eclipse, aandrewdixon, Presskopp.
Fixes #45317.
Built from https://develop.svn.wordpress.org/trunk@47233


git-svn-id: http://core.svn.wordpress.org/trunk@47033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-10 04:12:07 +00:00
Sergey Biryukov 641c632b0c Coding Standards: Use Yoda conditions where appropriate.
See #49222.
Built from https://develop.svn.wordpress.org/trunk@47219


git-svn-id: http://core.svn.wordpress.org/trunk@47019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-09 16:55:09 +00:00
Sergey Biryukov 47ed56f38f Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant.
This avoids the performance overhead of the function call every time `dirname( __FILE__ )` was used instead of `__DIR__`.

This commit also includes:

* Removing unnecessary parentheses from `include`/`require` statements. These are language constructs, not function calls.
* Replacing `include` statements for several files with `require_once`, for consistency:
 * `wp-admin/admin-header.php`
 * `wp-admin/admin-footer.php`
 * `wp-includes/version.php`

Props ayeshrajans, desrosj, valentinbora, jrf, joostdevalk, netweb.
Fixes #48082.
Built from https://develop.svn.wordpress.org/trunk@47198


git-svn-id: http://core.svn.wordpress.org/trunk@46998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-06 06:33:11 +00:00
Sergey Biryukov deb1886078 Accessibility: Text Changes: Use sentence case for the word `Error` in various error messages, instead of all caps.
Using all caps should be avoided for better readability and because screen readers may pronounce all-caps words as abbreviations.

Props afercia, ryokuhi, sabernhardt, garrett-eclipse.
See #47656, #43037, #42945.
Built from https://develop.svn.wordpress.org/trunk@47156


git-svn-id: http://core.svn.wordpress.org/trunk@46956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-01 21:38:04 +00:00
Sergey Biryukov 2fe7c95153 Text Changes: Capitalize error messages consistently.
Props Presskopp.
Fixes #42945.
Built from https://develop.svn.wordpress.org/trunk@47154


git-svn-id: http://core.svn.wordpress.org/trunk@46954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-01 20:55:05 +00:00
Sergey Biryukov 001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov dd4d98a368 Docs: In various `@return` tags, list the expected type first, instead of `false`.
Follow-up to [46696].

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47060


git-svn-id: http://core.svn.wordpress.org/trunk@46860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-11 18:32:05 +00:00
Sergey Biryukov c546aa36ec Docs: Improve `@return` description for `wp_update_comment()` and `WP_UnitTest_Factory_For_Comment::update_object()`.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47017


git-svn-id: http://core.svn.wordpress.org/trunk@46817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-27 00:30:02 +00:00
John Blackbourn f93ee2ca76 Docs: Increase the specificity of various docblock parameter types and return types.
See #48303
Built from https://develop.svn.wordpress.org/trunk@46823


git-svn-id: http://core.svn.wordpress.org/trunk@46623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-06 22:43:04 +00:00
John Blackbourn f545bb3f63 Docs: Improve documentation of known return types, plus other docs fixes.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46660


git-svn-id: http://core.svn.wordpress.org/trunk@46460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-05 21:23:02 +00:00
John Blackbourn b3d6acd6a4 Docs: Fix some incorrect return tags in docblocks.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46644


git-svn-id: http://core.svn.wordpress.org/trunk@46444 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-03 22:23:01 +00:00
John Blackbourn c8f91f77ac Docs: Correct invalid hook docblocks.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46603


git-svn-id: http://core.svn.wordpress.org/trunk@46400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-27 19:11:02 +00:00
John Blackbourn 883bb53d06 Pings/Trackbacks: Fix processing of posts with pending enclosures.
Introduced in [46175].

Fixes #36824

Built from https://develop.svn.wordpress.org/trunk@46427


git-svn-id: http://core.svn.wordpress.org/trunk@46225 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-07 21:37:03 +00:00
Sergey Biryukov d2a48496d2 Docs: Add missing description for `$comment` global.
Props immeet94, mukesh27.
Fixes #46928. See #47110.
Built from https://develop.svn.wordpress.org/trunk@46391


git-svn-id: http://core.svn.wordpress.org/trunk@46190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-04 22:19:57 +00:00
Sergey Biryukov 547be72c3b Pings/Trackbacks: Use correct variable in a `foreach()` loop in `do_all_pings()`.
Props itowhid06.
Fixes #48094. See #36824.
Built from https://develop.svn.wordpress.org/trunk@46292


git-svn-id: http://core.svn.wordpress.org/trunk@46104 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-25 15:50:58 +00:00
John Blackbourn e36d1bcbd8 Docs: Docblock corrections and improvements, mostly related to various `pre_*` filters.
See #47110

Built from https://develop.svn.wordpress.org/trunk@46232


git-svn-id: http://core.svn.wordpress.org/trunk@46044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-21 17:41:57 +00:00
Sergey Biryukov 31fca440bd Coding Standards: Add missing `break` for the default case in `get_default_comment_status(()`.
Props itowhid06.
Fixes #48095.
Built from https://develop.svn.wordpress.org/trunk@46227


git-svn-id: http://core.svn.wordpress.org/trunk@46039 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-21 13:50:58 +00:00
John Blackbourn 63c77a7826 Docs: Improve the docs for comment counting related functions.
See #47110, #48093

Built from https://develop.svn.wordpress.org/trunk@46223


git-svn-id: http://core.svn.wordpress.org/trunk@46035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-21 10:02:59 +00:00
Boone Gorges da8a602ad6 Improve performance of trackback query in `do_all_pings()`.
Previously, the direct SQL query used to identify trackbacks in
`do_all_pings()` performed poorly, due to an unindexed query against the
`to_ping` column. We improve performance in two ways. First, we switch
to using a postmeta flag for posts that require trackbacks to be sent;
queries joining against the postmeta table that check only the `meta_key`
are generally quite fast. Second, we switch to the use of `WP_Query`,
making the query cacheable and filterable using standard methods.

Props dshanske, spacedmonkey, janw.oostendorp, mrmadhat, birgire.
Fixes #36824.
Built from https://develop.svn.wordpress.org/trunk@46178


git-svn-id: http://core.svn.wordpress.org/trunk@45990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-19 02:06:56 +00:00
Boone Gorges aa7d063af2 Use `WP_Query` when sending pingbacks.
Props dshanske, spacedmonkey, janw.oostendorp, mrmadhat, birgire.
See #36824.
Built from https://develop.svn.wordpress.org/trunk@46177


git-svn-id: http://core.svn.wordpress.org/trunk@45989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-19 02:00:55 +00:00
Boone Gorges 7c56b972cc Improve `do_enclose()` logic on post publish.
Removing the direct SQL query in `do_all_pings()` improves filterability.

As part of this change, the signature of `do_enclose()` is changed so that
a null `$content` parameter can be passed, with the `$content` then inferred
from the `$post` passed in the second parameter. In addition, the second
parameter was modified so that a post ID or a `WP_Post` object can be
provided. These changes make it possible to trigger enclosure checks with
a post ID alone (as in `do_all_pings()`) and also brings the function
signature in line with `do_trackbacks()` and `pingback()`.

Props dshanske, spacedmonkey, janw.oostendorp, mrmadhat, birgire.
See #36824.
Built from https://develop.svn.wordpress.org/trunk@46175


git-svn-id: http://core.svn.wordpress.org/trunk@45987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-19 01:49:56 +00:00
Sergey Biryukov e199663322 I18N: Capitalize translator comments consistently, add trailing punctuation.
Includes minor code layout fixes.

See #44360.
Built from https://develop.svn.wordpress.org/trunk@45932


git-svn-id: http://core.svn.wordpress.org/trunk@45743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-03 00:41:05 +00:00
Sergey Biryukov d9954ed4cb Privacy: Add descriptions for sections in a personal data export file.
Props garrett-eclipse, Venutius, karmatosed.
Fixes #45491.
Built from https://develop.svn.wordpress.org/trunk@45825


git-svn-id: http://core.svn.wordpress.org/trunk@45636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-18 02:07:57 +00:00
Sergey Biryukov 7f7480cb2a Docs: Add missing description for `$wp_query` and `$wp_the_query` globals.
Props mukesh27.
See #45604, #47110.
Built from https://develop.svn.wordpress.org/trunk@45739


git-svn-id: http://core.svn.wordpress.org/trunk@45550 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-04 01:59:56 +00:00
Sergey Biryukov 8e85299a00 General: First pass at replacing Codex URLs with a corresponding HelpHub or DevHub article.
Props ianbelanger, tobifjellner, SergeyBiryukov.
See #47771.
Built from https://develop.svn.wordpress.org/trunk@45674


git-svn-id: http://core.svn.wordpress.org/trunk@45485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-25 22:45:57 +00:00
Sergey Biryukov 18bd01985b Coding Standards: Rename `$r` variable used with `wp_parse_args()` to `$parsed_args` for clarity.
Props freewebmentor.
Fixes #45059.
Built from https://develop.svn.wordpress.org/trunk@45667


git-svn-id: http://core.svn.wordpress.org/trunk@45478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-25 00:48:58 +00:00
Gary Pendergast abcbee954f Coding Standards: Fix instances of `WordPress.PHP.NoSilencedErrors.Discouraged`.
Noteable changes:
- The `magic_quotes_runtime` and `magic_quotes_sybase` settings were removed in PHP 5.4, so no longer need to be set.
- Some functions that use external libraries can generate errors that can't be tested for, so are globally allowed to silence errors.
- Quite a few functions would cause errors if `safe_mode` was set. This setting was removed in PHP 5.4.
- Only a handful of `header()` calls needed corresponding `headers_sent()` checks for unit tests to pass, but more may need to be added as the nightlies builds are tested.

See #46732.

Built from https://develop.svn.wordpress.org/trunk@45611


git-svn-id: http://core.svn.wordpress.org/trunk@45422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-09 05:45:58 +00:00
Gary Pendergast 4803fc405e Coding Standards: Fix the `Squiz.PHP.DisallowMultipleAssignments` violations in `wp-includes`.
See #47632.


Built from https://develop.svn.wordpress.org/trunk@45590


git-svn-id: http://core.svn.wordpress.org/trunk@45401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-02 23:42:58 +00:00
Sergey Biryukov c77e771c84 Date/Time: Replace all instances of `date()` with `gmdate()`.
Use of `date()` in core depends on PHP timezone set to UTC and not changed by third party code (which cannot be guaranteed).

`gmdate()` is functionally equivalent, but is not affected by PHP timezone setting: it's always UTC, which is the exact behavior the core needs.

Props nielsdeblaauw, Rarst.
Fixes #46438. See #44491.
Built from https://develop.svn.wordpress.org/trunk@45424


git-svn-id: http://core.svn.wordpress.org/trunk@45235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-26 00:12:54 +00:00
Sergey Biryukov 1e925a5ae3 PHPCS: Remove extra tabs added in [44970].
See #44237.
Built from https://develop.svn.wordpress.org/trunk@44972


git-svn-id: http://core.svn.wordpress.org/trunk@44803 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 21:36:51 +00:00
Sergey Biryukov 3de93dbc99 Comments: Introduce `comment_flood_message` and `comment_duplicate_message` filters for comment flood and duplicate comment error messages.
Props odminstudios, Katyatina, mukesh27.
Fixes #44237.
Built from https://develop.svn.wordpress.org/trunk@44970


git-svn-id: http://core.svn.wordpress.org/trunk@44801 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 21:10:51 +00:00
Sergey Biryukov 0292de60ec Comments: Improve comment content filtering.
Built from https://develop.svn.wordpress.org/trunk@44842


git-svn-id: http://core.svn.wordpress.org/trunk@44674 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-12 22:30:50 +00:00
Gary Pendergast 4c425c87fa Comments: Show the "awaiting moderation" message when comment cookies are disabled.
The "Your comment is awaiting moderation." message relied upon the comment author cookie being set. However, since it's now possible to opt-out of that cookie, submitting a comment won't show the comment preview when the comment is placed in moderation.

To avoid this issue, we now include a hash in the redirect URL, allowing the site to identify that a preview of the moderated comment should be displayed.

Props imath, tomdxw, birgire, lakenh, azaozz, pento.
Fixes #43857.


Built from https://develop.svn.wordpress.org/trunk@44659


git-svn-id: http://core.svn.wordpress.org/trunk@44490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-21 01:34:51 +00:00
Boone Gorges c9a275c4a9 Update `since` annotation on `allow_empty_comment` hook.
Originally introduced in [42661].

Fixes #16979.
Built from https://develop.svn.wordpress.org/trunk@44364


git-svn-id: http://core.svn.wordpress.org/trunk@44194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-28 13:42:50 +00:00
desrosj 268402cf53 PHP7.3 compatibility: Fix compact throwing notices.
In PHP 7.3, the `compact()` function has been changed to issue an `E_NOTICE` level error if a passed string refers to an unset variable. In previous versions of PHP, this notice was silently skipped. The full RFC can be viewed here: https://wiki.php.net/rfc/compact.

Props jorbin, desrosj.

Merges [43819] and [43832] to trunk.

Fixes #44416.
Built from https://develop.svn.wordpress.org/trunk@44166


git-svn-id: http://core.svn.wordpress.org/trunk@43996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 05:13:52 +00:00
Jeremy Felt 2dce718157 REST API: Move object type-specific metadata integrations from the wrapper functions to the low-level Meta API functions.
Object type-specific actions that should happen before or after modification of metadata have so far been part of the respective wrapper functions. By using action and filter hooks, this changeset ensures they are always executed, even when calling the lower-level Meta API functions directly, which the REST API does as a prime example.

Merges [43729] to trunk.

Props flixos90, spacedmonkey.
Fixes #44467.

Built from https://develop.svn.wordpress.org/trunk@43982


git-svn-id: http://core.svn.wordpress.org/trunk@43814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-12 03:02:24 +00:00
Gary Pendergast 56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
Sergey Biryukov 9c084c6968 Posts, Post Types: Introduce `edit_post_{$post->post_type}` hook.
The hook fires before the general `edit_post` hook and has the same parameters.

It also complements the `save_post_{$post->post_type}` hook added in [25050].

Props Mte90, garrett-eclipse.
Fixes #34706.
Built from https://develop.svn.wordpress.org/trunk@43535


git-svn-id: http://core.svn.wordpress.org/trunk@43364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-25 20:57:25 +00:00
Andrew Ozz cc1bfb1e55 Privacy: Don't replace comment author URL and email with anything.
Props TZ-Media, desrosj, birgire.
Fixes #44141.
Built from https://develop.svn.wordpress.org/trunk@43467


git-svn-id: http://core.svn.wordpress.org/trunk@43294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 09:00:25 +00:00
iandunn fc800115a7 Privacy: Escape comment URLs in personal export file to prevent XSS.
There doesn't appear to be any way for an attacker to introduce malicious input into the URL, unless a plugin is filtering the URL to add it, but it's better to be safe than sorry.

Props birgire.
Fixes #44054.

Built from https://develop.svn.wordpress.org/trunk@43245


git-svn-id: http://core.svn.wordpress.org/trunk@43074 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-12 15:56:21 +00:00
iandunn 3d4c461e50 Privacy: Store plugin callbacks in associative array for flexibility.
The personal data export and erasure tools allow plugins to register their own callbacks, in order to add additional data to the export and erasure processes. Previously, these were registered without specifying a constant identifier in the array of callbacks. Using mutable integers makes it difficult for plugins to modify the callbacks of other plugins, though.

Using associative array keys instead provides a covenient and reliable way to identify and interact with another plugin's callbacks.

Props desrosj, allendav, ocean90.
Fixes #43931.

Built from https://develop.svn.wordpress.org/trunk@43154


git-svn-id: http://core.svn.wordpress.org/trunk@42983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 19:28:21 +00:00
Andrew Ozz 2f321e234e Privacy: improve `wp_privacy_erase_personal_data()`, return boolean values.
Props ericdaams.
See #43602.
Built from https://develop.svn.wordpress.org/trunk@43061


git-svn-id: http://core.svn.wordpress.org/trunk@42890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 19:27:22 +00:00
Andrew Ozz e0d2de94e7 Privacy: docs fixes and improvements for `wp_comments_personal_data_exporter()`.
Props desrosj.
See #43440.
Built from https://develop.svn.wordpress.org/trunk@43058


git-svn-id: http://core.svn.wordpress.org/trunk@42887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 17:18:21 +00:00
John Blackbourn cf02373b39 Comments: Update the inline docs following [42772].
See #43436

Built from https://develop.svn.wordpress.org/trunk@43042


git-svn-id: http://core.svn.wordpress.org/trunk@42871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-30 13:10:20 +00:00
Andrew Ozz b044b4053e Privacy: add means to export personal data by username or email address. Generate a zipped export file containing all data. First run.
Props allendav.
See #43546.
Built from https://develop.svn.wordpress.org/trunk@43012


git-svn-id: http://core.svn.wordpress.org/trunk@42841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-27 19:54:21 +00:00
Andrew Ozz 81668f8312 Privacy: add functionality to anonymize commenters.
Props xkon, fclaussen, allendav, birgire, azaozz.
See #43442.
Built from https://develop.svn.wordpress.org/trunk@42994


git-svn-id: http://core.svn.wordpress.org/trunk@42823 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-20 12:19:21 +00:00
Andrew Ozz fbb51eafb0 Privacy: fix docs, formatting, white space, add tests for the personal data from comments exporter.
Props birgire.
See #43440.
Built from https://develop.svn.wordpress.org/trunk@42987


git-svn-id: http://core.svn.wordpress.org/trunk@42816 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-18 22:55:22 +00:00
Andrew Ozz 4fed9aa6bd Privacy: add functionality for exporting personal data from comments.
Props allendav, xkon.
Fixes #43440.
Built from https://develop.svn.wordpress.org/trunk@42888


git-svn-id: http://core.svn.wordpress.org/trunk@42718 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-28 17:25:31 +00:00
John Blackbourn 2361ca884f Docs: Document more parameters and properties using typed array notation.
See #41756

Built from https://develop.svn.wordpress.org/trunk@42876


git-svn-id: http://core.svn.wordpress.org/trunk@42706 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-25 19:33:31 +00:00
Andrew Ozz 8ae59374f3 Add a checkbox to the comment form so logged out users can opt-out of commenter cookies.
Props lakenh, xkon, birgire, azaozz.
See #43436.
Built from https://develop.svn.wordpress.org/trunk@42772


git-svn-id: http://core.svn.wordpress.org/trunk@42602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-04 16:41:33 +00:00
John Blackbourn 91464bce65 Docs: Add missing code formatting to various `@since` entries.
See #42505

Built from https://develop.svn.wordpress.org/trunk@42678


git-svn-id: http://core.svn.wordpress.org/trunk@42506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-09 16:55:31 +00:00
Boone Gorges 355b6e80da Improve parameter description for 'allow_empty_comments'.
Introduced in [42661].

Props swissspidy.
See #16979.
Built from https://develop.svn.wordpress.org/trunk@42662


git-svn-id: http://core.svn.wordpress.org/trunk@42491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-07 20:50:30 +00:00
Boone Gorges 6c11ac0c16 Comments: Introduce 'allow_empty_comment' filter.
This filter allows plugin authors to allow empty comments on a selective
basis during comment submission.

Props jpurdy647.
Fixes #16979.
Built from https://develop.svn.wordpress.org/trunk@42661


git-svn-id: http://core.svn.wordpress.org/trunk@42490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-07 20:09:30 +00:00
Gary Pendergast aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Gary Pendergast c90cfa3b50 General: Fix some precision alignment formatting warnings.
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.

See #41057.


Built from https://develop.svn.wordpress.org/trunk@42228


git-svn-id: http://core.svn.wordpress.org/trunk@42057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-26 23:57:55 +00:00
Peter Wilson 339d838475 Comments: Check if `wp_new_comment()` returns an error.
Adds checks throughout to allow for `wp_new_comment()` returning a `WP_Error` instance.

Updates the docs for the `pre_comment_approved` filter to include that it can be passed an error.

Props enrico.sorcinelli, ryotsun.
Fixes #39730.


Built from https://develop.svn.wordpress.org/trunk@41980


git-svn-id: http://core.svn.wordpress.org/trunk@41814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-23 22:12:51 +00:00
Sergey Biryukov 9c4fb24458 Docs: Reference `WP_Comment_Query::__construct()` as the source of information on accepted arguments in `get_comments()` and `get_approved_comments()`.
See #41017.
Built from https://develop.svn.wordpress.org/trunk@41940


git-svn-id: http://core.svn.wordpress.org/trunk@41774 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-19 08:49:47 +00:00
Boone Gorges 0fce77da25 Invalidate comment query cache when modifying comment meta.
Comment queries are sensitive to comment meta due to the `meta_query`
parameter, so the cache must be invalidated when comment meta is changed,
added, or deleted.

Props spacedmonkey.
See #40669.
Built from https://develop.svn.wordpress.org/trunk@41848


git-svn-id: http://core.svn.wordpress.org/trunk@41682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-12 14:59:47 +00:00
Sergey Biryukov 806b2a5af1 Comments: Change `IP` references in moderation option labels and email notifications to `IP address` for clarity.
Props mako09, gk.loveweb, bradparbs.
Fixes #40382.
Built from https://develop.svn.wordpress.org/trunk@41704


git-svn-id: http://core.svn.wordpress.org/trunk@41538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-03 13:09:47 +00:00
Sergey Biryukov df0958697a Comments: Pass `$comment` object to comment actions:
* `delete_comment`
* `deleted_comment`
* `trash_comment`
* `trashed_comment`
* `untrash_comment`
* `untrashed_comment`
* `spam_comment`
* `spammed_comment`
* `unspam_comment`
* `unspammed_comment`

Props henry.wright.
Fixes #41228.
Built from https://develop.svn.wordpress.org/trunk@41689


git-svn-id: http://core.svn.wordpress.org/trunk@41523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 22:15:33 +00:00
John Blackbourn 9fdbe6538e Docs: Remove `&` prefixes from parameter documentation to avoid doc parsing errors.
Props sudar for the original patch.

See #35974

Built from https://develop.svn.wordpress.org/trunk@41686


git-svn-id: http://core.svn.wordpress.org/trunk@41520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 22:03:33 +00:00
Boone Gorges 6995731f12 Allow metadata to be updated via `wp_update_comment()`.
Passing an array of `comment_meta` into `wp_update_comment()` will
now update corresponding metadata. Similar functionality already
exists in `wp_insert_comment()`.

Props dshanske, kraftbj.
Fixes #36784.
Built from https://develop.svn.wordpress.org/trunk@40981


git-svn-id: http://core.svn.wordpress.org/trunk@40831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-01 13:36:41 +00:00
Rachel Baker 195b227357 Formatting: Increase minimum characters allowed in `is_email()` to 6.
Brings the minimum characters expected for a valid email address to six, which matches the expectations in `wp_handle_comment_submission()` and REST API email arguments.

Props rmccue, lukecavanagh, rachelbaker, desrosj, sudar.
Fixes #38708.

Built from https://develop.svn.wordpress.org/trunk@40667


git-svn-id: http://core.svn.wordpress.org/trunk@40530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-14 04:20:43 +00:00
Rachel Baker 868312d995 Comments: Update arguments passed to the 'comment_text' filter in `check_comment()`.
Pass null or empty values for the missing $comment and $args parameters of the 'check_comment' filter in `check_comment()`.

Props boonebgorges, vaishu.agola27, SergeyBiryukov.
Fixes #38314. 

Built from https://develop.svn.wordpress.org/trunk@40664


git-svn-id: http://core.svn.wordpress.org/trunk@40527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-14 03:06:45 +00:00
John Blackbourn 76f44d242b Comments: When commenting on a draft post, display a friendly error message if the user can view the post.
This prevents the unhelpful white screen of death when a user who can view the post (eg. preview it) leaves a comment while the post is in draft.

Props sagarprajapati, milindmore22, mayurk, swissspidy
Fixes #39650

Built from https://develop.svn.wordpress.org/trunk@40128


git-svn-id: http://core.svn.wordpress.org/trunk@40065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-02-27 00:23:40 +00:00
Boone Gorges 324e79a506 Ignore the 'comment_order' setting when determining comment pagination.
[38740] incorrectly introduced logic that changed a comment's page when
'comment_order' was set to 'desc'. This is in violation of the design
of the comment pagination system: a comment's page is designed not to
change when 'comment_order' or 'default_comment_page' are changed.
See #31101.

Props rachelbaker.
Fixes #39280.
Built from https://develop.svn.wordpress.org/trunk@39663


git-svn-id: http://core.svn.wordpress.org/trunk@39603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-02 20:00:31 +00:00
Rachel Baker 82c7fd2493 Comments: Fix placement of the `wp_update_comment_data` filter to safeguard filtered data from triggering a database error.
Introduced in [38674], the `wp_update_comment_data` filter took place after the `$data` was sliced and prepared for the database update statement. The location of the filter assumed the result of anyone applying it would not change the data type or make structural modifications or additions to the $data array. 😅

This moves the `wp_update_comment_data` filter to take place before the `$data` is sliced and prepared for the database update statement.

Props dshanske for initial patch.

Fixes #39380.

Built from https://develop.svn.wordpress.org/trunk@39640


git-svn-id: http://core.svn.wordpress.org/trunk@39580 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-27 17:22:45 +00:00
Rachel Baker 697f079a19 Comments: Merge similar strings between comments.php and the REST API comments controller.
Props ramiy.
Fixes #39014.

Built from https://develop.svn.wordpress.org/trunk@39490


git-svn-id: http://core.svn.wordpress.org/trunk@39430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-04 20:32:40 +00:00
John Blackbourn b9033ad6a1 Docs: Improve the documentation for parameters which accept `OBJECT`, `ARRAY_A`, and `ARRAY_N` as parameters.
See #37770

Built from https://develop.svn.wordpress.org/trunk@39188


git-svn-id: http://core.svn.wordpress.org/trunk@39128 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-09 23:00:32 +00:00
Rachel Baker 94ab2f9b16 REST API: Return an error when the length of a comment field is too long.
Introduces `wp_check_comment_data_max_lengths()` which allows both the REST API comments endpoints and `wp_handle_comment_submission()` to check the length of the comment content, author name, author url, and author email fields against their respective database columns.

Props rachelbaker, mangeshp, salcode, pento.
Fixes #38477.
Built from https://develop.svn.wordpress.org/trunk@39101


git-svn-id: http://core.svn.wordpress.org/trunk@39043 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 01:12:31 +00:00
Rachel Baker 2f263fce99 Feeds: Always return a valid timestamp for the Last-Modified header of comment or post feeds.
Fixes bug where an invalid Last-Modified value would be returned in feed requests for sites that had 0 items to return. Comment or post feeds will now return the current timestamp as the Last-Modified header value.  Example: a request for the comments feed for a site without any comments.

Replaced use of the local static variable `$cache_lastcommentmodified` to store the modified date in `get_lastcommentmodified()` with the Object Cache API.  The `get_lastcommentmodified()` function returns early if there is a cached value and returns `false` if there where no comments found. Introduced `_clear_modified_cache_on_transition_comment_status()` to flush the `lastcommentmodified` cache key when a comment enters or leaves approval status. In `get_lastpostmodified()` return early if there is a cached value and return `false` if there are no posts found.

Props swissspidy, rachelbaker, dllh, leobaiano.
Fixes #38027.
Built from https://develop.svn.wordpress.org/trunk@38925


git-svn-id: http://core.svn.wordpress.org/trunk@38868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-25 20:48:29 +00:00
Gary Pendergast 16f0c6877e Pings: Allow ping functions to accept `WP_Post` objects as well as post IDs.
This removes the use of several `global $wpdb` instances, as well as bringing the ping functions into line with other post-related functions, which will accept a post ID or `WP_Post` object.

Props dshanke.
Fixes #38202.


Built from https://develop.svn.wordpress.org/trunk@38852


git-svn-id: http://core.svn.wordpress.org/trunk@38795 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-21 06:00:31 +00:00
Boone Gorges 9935b60e72 Comments: When checking comments, returned error object should include HTTP status code.
The status code in the `WP_Error` `data` array is needed to send
headers in wp-comments-post.php, and was erroneously not included in
[38778].

Props needle, websupporter.
Fixes #36901.
Built from https://develop.svn.wordpress.org/trunk@38783


git-svn-id: http://core.svn.wordpress.org/trunk@38726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-12 13:50:30 +00:00
Boone Gorges 0bdfa2ab1e Comments: Abstract `die()` calls from comment submission routine.
Since 4.4, comment submission has been mostly abstracted into a function,
rather than being processed inline in wp-comments-post.php. This change
made it easier to write automated tests against the bulk of the comment
submission process. `wp_allow_comment()` remained untestable, however:
when a comment failed one of its checks (flooding, duplicates, etc),
`die()` or `wp_die()` would be called directly. This shortcoming posed
problems for any application attempting to use WP's comment verification
functions in an abstract way - from PHPUnit to the REST API.

The current changeset introduces a new parameter, `$avoid_die`, to the
`wp_new_comment()` stack. When set to `true`, `wp_new_comment()` and
`wp_allow_comment()` will return `WP_Error` objects when a comment check
fails. When set to `false` - the default, for backward compatibility -
a failed check will result in a `die()` or `wp_die()`, as appropriate.

Prior to this changeset, default comment flood checks took place in the
function `check_comment_flood_db()`, which was hooked to the
'check_comment_flood' action. This design allowed the default comment
flood routine to be bypassed or replaced using `remove_action()`.
In order to maintain backward compatibility with this usage, while
simultaneously converting the comment flood logic into something that
returns a value rather than calling `die()` directly,
`check_comment_flood_db()` has been changed into a wrapper function for
a call to `add_filter()`; this, in turn, adds the *actual* comment flood
check to a new filter, 'wp_is_comment_flood'. Note that direct calls
to `check_comment_flood_db()` will no longer do anything in isolation.

Props websupporter, rachelbaker.
Fixes #36901.
Built from https://develop.svn.wordpress.org/trunk@38778


git-svn-id: http://core.svn.wordpress.org/trunk@38721 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-11 03:43:28 +00:00
Dominik Schilling fc79800fc5 Comments: Pass `$comment` to the `comment_max_links_url` filter.
Props rachelbaker.
Fixes #37955.
Built from https://develop.svn.wordpress.org/trunk@38748


git-svn-id: http://core.svn.wordpress.org/trunk@38691 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-07 18:32:29 +00:00
Rachel Baker 4ca1385b60 Comments: Account for the `comment_order` option in `get_page_of_comment()`.
Use the value of the `comment_order` setting to determine the date_query key to pass to `WP_Comment_Query`.
Fixes a bug where sites that had comments ordered "newest" first would have the incorrect page number returned.

Props tyxla, boonebgorges.
Fixes #31101.
Built from https://develop.svn.wordpress.org/trunk@38740


git-svn-id: http://core.svn.wordpress.org/trunk@38683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-06 17:42:29 +00:00
Rachel Baker 0438d27410 Comments: Improve check for previous comments for authenticated users in `check_comment()`.
When the 'comment_whitelist' option is enabled and the commenter is an authenticated user, query for the existence of an approved comment with a matching `user_id`.  This allows authenticated users that have changed their email address to bypass having their comment held for moderation.

Props voldemortensen, rachelbaker.
Fixes #28603.
Built from https://develop.svn.wordpress.org/trunk@38738


git-svn-id: http://core.svn.wordpress.org/trunk@38681 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-06 15:51:31 +00:00
Rachel Baker bf21f3f62f Comments: Introduce the `wp_update_comment_data` filter.
Filters the comment data immediately before it is updated in the database. 

Props frankiet, dshanske, DrewAPicture.
Fixes #36302.
Built from https://develop.svn.wordpress.org/trunk@38674


git-svn-id: http://core.svn.wordpress.org/trunk@38617 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-29 13:47:31 +00:00
Boone Gorges 0d1d1c4d06 Pass comment ID to `get_page_of_comment` filter.
Introduced in [34808].

Props zhildzik.
Fixes #38155.
Built from https://develop.svn.wordpress.org/trunk@38650


git-svn-id: http://core.svn.wordpress.org/trunk@38593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-25 17:33:32 +00:00
Scott Taylor a3ffebce30 Bootstrap: do not go gentle into that good night r38411, r38412, and parts of r38389.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38470


git-svn-id: http://core.svn.wordpress.org/trunk@38411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 16:31:29 +00:00
Scott Taylor 9383bf8f74 General: use `get_bloginfo( 'version' )` instead of `global $wp_version` in several locations - excluding those locations which reload `version.php` mid-flight.
See #37699.

Built from https://develop.svn.wordpress.org/trunk@38459


git-svn-id: http://core.svn.wordpress.org/trunk@38400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 05:49:37 +00:00
Scott Taylor 390ceba6c7 Bootstrap: after r38409 and r38410, revert r38402 which reverted r38399.
This fixes the paths in `wp-vendor/` that were including `src`. I want to drop this in so we can find out what else will break.

See #36335.

Built from https://develop.svn.wordpress.org/trunk@38411


git-svn-id: http://core.svn.wordpress.org/trunk@38352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 22:32:37 +00:00
Dion Hulse 0e31a46161 Bootstrap: Revert [38399] as it's broken `/build/` and subsequently core.svn.wordpress.org.
The generated classmaps reference `/src/` files and operates in the assumption that the base directory is one level above `wp-settings.php`, which it isn't after our build processes are run.

See #36335

Built from https://develop.svn.wordpress.org/trunk@38402


git-svn-id: http://core.svn.wordpress.org/trunk@38343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 14:37:32 +00:00
Scott Taylor 6a529648cf Bootstrap: Autoload classes using a Composer-generated PHP 5.2-compatible Autoloader.
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.

The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php

We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php

When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.

The future is now.

See #36335.

Built from https://develop.svn.wordpress.org/trunk@38399


git-svn-id: http://core.svn.wordpress.org/trunk@38340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 09:15:29 +00:00
Scott Taylor b7812bd416 AJAX: add a new function, `wp_doing_ajax()`, which can replace... (wait for it...) `DOING_AJAX` checks via the constant.
Props Mte90, sebastian.pisula, swissspidy.
Fixes #25669.

Built from https://develop.svn.wordpress.org/trunk@38334


git-svn-id: http://core.svn.wordpress.org/trunk@38275 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-23 14:33:30 +00:00
Scott Taylor dcb0261664 Comments: in `wp_handle_comment_submission()`, `$_wp_unfiltered_html_comment` is passed as part of `$comment_data`, but is not used locally.
See #37771.

Built from https://develop.svn.wordpress.org/trunk@38313


git-svn-id: http://core.svn.wordpress.org/trunk@38254 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-22 21:04:28 +00:00
Drew Jaynes 6cc13f0c54 Docs: Fix formatting, tense, verb conjugation, and other syntax for wp-includes/* elements introduced or changed in 4.6.
Part 1/2.

See #37318.

Built from https://develop.svn.wordpress.org/trunk@38121


git-svn-id: http://core.svn.wordpress.org/trunk@38062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-20 16:57:32 +00:00
Rachel Baker 093b16dfcd Docs: Correct `comment_max_links_url` filter and `$url` param descriptions to communicate values are found links.
`$num_links` is the number of link matches found within the comment_content, and that is the value that can be modified with the `comment_max_links_url` filter.

Props pbearne.
Fixes #37319.
Built from https://develop.svn.wordpress.org/trunk@38098


git-svn-id: http://core.svn.wordpress.org/trunk@38039 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-19 01:49:30 +00:00
Dominik Schilling da88178148 Comments: Use `wp_strip_all_tags()` to strip HTML tags.
`wp_kses()` should only be used if you have a whitelist.

Props rachelbaker.
Fixes #37208.
Built from https://develop.svn.wordpress.org/trunk@38092


git-svn-id: http://core.svn.wordpress.org/trunk@38033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-18 14:04:31 +00:00
Rachel Baker 2040186a5d Comments: Include comment_content with html and without in blacklist_keys comparison.
After [38047], also include the comment_content with html in the preg_match against blacklist keys to match urls.

Props ocean90.
Fixes #37208.
Built from https://develop.svn.wordpress.org/trunk@38048


git-svn-id: http://core.svn.wordpress.org/trunk@37989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-13 14:05:29 +00:00
Rachel Baker 240e3ec683 Comments: Strip html tags from comment content before blacklist_keys comparison.
Use `wp_kses()` to clean comment_content for preg_match against the blacklist_keys. Also includes some initial unit tests for `wp_blacklist_check()`.
Previously, if a blacklisted key was used in comment_content split by an html tag the regex in `wp_blacklist_check()` would not find a match. Example: Where "springfield" was a blacklisted word, if the content of a comment included `spring<i>field</i>" `wp_blacklist_check()` would not return true.

Props cfinke.
Fixes #37208.
Built from https://develop.svn.wordpress.org/trunk@38047


git-svn-id: http://core.svn.wordpress.org/trunk@37988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-13 13:48:39 +00:00