In `wp-comments-post.php`, sanity check a few of the comment inputs that are expected to be a string beford calling string-only functions on them.

Props Kloon.
Fixes #23416.

Built from https://develop.svn.wordpress.org/trunk@34274


git-svn-id: http://core.svn.wordpress.org/trunk@34238 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-comments-post.php

@@ -89,10 +89,10 @@ if ( ! comments_open( $comment_post_ID ) ) {
 	do_action( 'pre_comment_on_post', $comment_post_ID );
 }
 
-$comment_author       = ( isset($_POST['author']) )  ? trim(strip_tags($_POST['author'])) : null;
-$comment_author_email = ( isset($_POST['email']) )   ? trim($_POST['email']) : null;
-$comment_author_url   = ( isset($_POST['url']) )     ? trim($_POST['url']) : null;
-$comment_content      = ( isset($_POST['comment']) ) ? trim($_POST['comment']) : null;
+$comment_author       = ( isset( $_POST['author'] ) && is_string( $_POST['author'] ) ) ? trim( strip_tags( $_POST['author'] ) ) : null;
+$comment_author_email = ( isset( $_POST['email'] ) && is_email( $_POST['email'] ) ) ? trim( $_POST['email'] ) : null;
+$comment_author_url   = ( isset( $_POST['url'] ) && is_string( $_POST['url'] ) ) ? trim( $_POST['url'] ) : null;
+$comment_content      = ( isset( $_POST['comment'] ) && is_string( $_POST['comment'] ) ) ? trim( $_POST['comment'] ) : null;
 
 // If the user is logged in
 $user = wp_get_current_user();

wp-includes/version.php

@@ -4,7 +4,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '4.4-alpha-34273';
+$wp_version = '4.4-alpha-34274';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.