From 339d8384755f0355c076fb7cf2e299cce79bd453 Mon Sep 17 00:00:00 2001
From: Peter Wilson <wilson@peterwilson.cc>
Date: Mon, 23 Oct 2017 22:12:51 +0000
Subject: [PATCH] Comments: Check if `wp_new_comment()` returns an error.

Adds checks throughout to allow for `wp_new_comment()` returning a `WP_Error` instance.

Updates the docs for the `pre_comment_approved` filter to include that it can be passed an error.

Props enrico.sorcinelli, ryotsun.
Fixes #39730.


Built from https://develop.svn.wordpress.org/trunk@41980


git-svn-id: http://core.svn.wordpress.org/trunk@41814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-admin/includes/ajax-actions.php     | 5 +++++
 wp-includes/class-wp-xmlrpc-server.php | 4 ++++
 wp-includes/comment.php                | 6 ++++--
 wp-includes/version.php                | 2 +-
 wp-trackback.php                       | 7 ++++++-
 5 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/wp-admin/includes/ajax-actions.php b/wp-admin/includes/ajax-actions.php
index 53f4b31d33..373d3436e3 100644
--- a/wp-admin/includes/ajax-actions.php
+++ b/wp-admin/includes/ajax-actions.php
@@ -1100,6 +1100,11 @@ function wp_ajax_replyto_comment( $action ) {
 	}
 
 	$comment_id = wp_new_comment( $commentdata );
+
+	if ( is_wp_error( $comment_id ) ) {
+		wp_die( $comment_id->get_error_message() );
+	}
+
 	$comment = get_comment($comment_id);
 	if ( ! $comment ) wp_die( 1 );
 
diff --git a/wp-includes/class-wp-xmlrpc-server.php b/wp-includes/class-wp-xmlrpc-server.php
index 52d2d4e807..c35498cd97 100644
--- a/wp-includes/class-wp-xmlrpc-server.php
+++ b/wp-includes/class-wp-xmlrpc-server.php
@@ -6487,6 +6487,10 @@ class wp_xmlrpc_server extends IXR_Server {
 
 		$comment_ID = wp_new_comment($commentdata);
 
+		if ( is_wp_error( $comment_ID ) ) {
+			return $this->pingback_error( 0, $comment_ID->get_error_message() );
+		}
+
 		/**
 		 * Fires after a post pingback has been sent.
 		 *
diff --git a/wp-includes/comment.php b/wp-includes/comment.php
index eae3a80731..07fed8100e 100644
--- a/wp-includes/comment.php
+++ b/wp-includes/comment.php
@@ -769,9 +769,11 @@ function wp_allow_comment( $commentdata, $avoid_die = false ) {
 	 * Filters a comment's approval status before it is set.
 	 *
 	 * @since 2.1.0
+	 * @since 4.9.0 Returning a WP_Error value from the filter will shortcircuit comment insertion and
+	 *              allow skipping further processing.
 	 *
-	 * @param bool|string $approved    The approval status. Accepts 1, 0, or 'spam'.
-	 * @param array       $commentdata Comment data.
+	 * @param bool|string|WP_Error $approved    The approval status. Accepts 1, 0, 'spam' or WP_Error.
+	 * @param array                $commentdata Comment data.
 	 */
 	$approved = apply_filters( 'pre_comment_approved', $approved, $commentdata );
 	return $approved;
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 08a93777f9..7fb8f44471 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -4,7 +4,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '4.9-beta3-41979';
+$wp_version = '4.9-beta3-41980';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
diff --git a/wp-trackback.php b/wp-trackback.php
index 86e17b965d..802bb2ba6d 100644
--- a/wp-trackback.php
+++ b/wp-trackback.php
@@ -126,7 +126,12 @@ if ( !empty($tb_url) && !empty($title) ) {
 
 	$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type');
 
-	wp_new_comment($commentdata);
+	$result = wp_new_comment( $commentdata );
+
+	if ( is_wp_error( $result ) ) {
+		trackback_response( 1, $result->get_error_message() );
+	}
+
 	$trackback_id = $wpdb->insert_id;
 
 	/**