From 82c7fd24931c0046f621e21ee911ccbc4a6a629f Mon Sep 17 00:00:00 2001 From: Rachel Baker Date: Tue, 27 Dec 2016 17:22:45 +0000 Subject: [PATCH] Comments: Fix placement of the `wp_update_comment_data` filter to safeguard filtered data from triggering a database error. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Introduced in [38674], the `wp_update_comment_data` filter took place after the `$data` was sliced and prepared for the database update statement. The location of the filter assumed the result of anyone applying it would not change the data type or make structural modifications or additions to the $data array. 😅 This moves the `wp_update_comment_data` filter to take place before the `$data` is sliced and prepared for the database update statement. Props dshanske for initial patch. Fixes #39380. Built from https://develop.svn.wordpress.org/trunk@39640 git-svn-id: http://core.svn.wordpress.org/trunk@39580 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/comment.php | 5 +++-- wp-includes/version.php | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/wp-includes/comment.php b/wp-includes/comment.php index 8bb2e9eb3c..ae759c04f5 100644 --- a/wp-includes/comment.php +++ b/wp-includes/comment.php @@ -2186,8 +2186,6 @@ function wp_update_comment($commentarr) { $comment_ID = $data['comment_ID']; $comment_post_ID = $data['comment_post_ID']; - $keys = array( 'comment_post_ID', 'comment_content', 'comment_author', 'comment_author_email', 'comment_approved', 'comment_karma', 'comment_author_url', 'comment_date', 'comment_date_gmt', 'comment_type', 'comment_parent', 'user_id', 'comment_agent', 'comment_author_IP' ); - $data = wp_array_slice_assoc( $data, $keys ); /** * Filters the comment data immediately before it is updated in the database. @@ -2202,6 +2200,9 @@ function wp_update_comment($commentarr) { */ $data = apply_filters( 'wp_update_comment_data', $data, $comment, $commentarr ); + $keys = array( 'comment_post_ID', 'comment_content', 'comment_author', 'comment_author_email', 'comment_approved', 'comment_karma', 'comment_author_url', 'comment_date', 'comment_date_gmt', 'comment_type', 'comment_parent', 'user_id', 'comment_agent', 'comment_author_IP' ); + $data = wp_array_slice_assoc( $data, $keys ); + $rval = $wpdb->update( $wpdb->comments, $data, compact( 'comment_ID' ) ); clean_comment_cache( $comment_ID ); diff --git a/wp-includes/version.php b/wp-includes/version.php index 3ccbac6d1e..5545175d38 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.8-alpha-39639'; +$wp_version = '4.8-alpha-39640'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.