[wp-trac] [WordPress Trac] #60693: "Previously approved comment" for logged out users bug

WordPress Trac noreply at wordpress.org
Thu Mar 7 16:32:52 UTC 2024 

#60693: "Previously approved comment" for logged out users bug
--------------------------+------------------------------
 Reporter:  jmorti        |       Owner:  (none)
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  Comments      |     Version:  6.4.3
 Severity:  normal        |  Resolution:
 Keywords:  2nd-opinion   |     Focuses:
--------------------------+------------------------------

Comment (by jmorti):

 Wouldn't it make more sense to check if the user is logged in before
 checking? Something like this makes more sense to me and it fixes the bug
 and avoids the previously mentioned issue:

 {{{#!php
 <?php
         /*
          * Check if the option to approve comments by previously-approved
 authors is enabled.
          *
          * If it is enabled, check whether the comment author has a
 previously-approved comment,
          * as well as whether there are any moderation keywords (if set)
 present in the author
          * email address. If both checks pass, return true. Otherwise,
 return false.
          */
         if ( 1 == get_option( 'comment_previously_approved' ) ) {
                 if ( 'trackback' !== $comment_type && 'pingback' !==
 $comment_type && '' !== $author && '' !== $email ) {
                         if ( is_user_logged_in() ) {
                                 $comment_user = get_user_by( 'email',
 wp_unslash( $email ) );
                                 $ok_to_comment = $wpdb->get_var(
 $wpdb->prepare( "SELECT comment_approved FROM $wpdb->comments WHERE
 user_id = %d AND comment_approved = '1' LIMIT 1", $comment_user->ID )
 );//<--doesnt work when registered users are logged out and comment
                         } else {
                                 // expected_slashed ($author, $email)
                                 $ok_to_comment = $wpdb->get_var(
 $wpdb->prepare( "SELECT comment_approved FROM $wpdb->comments WHERE
 comment_author = %s AND comment_author_email = %s and comment_approved =
 '1' LIMIT 1", $author, $email ) );
                         }
                         if ( ( 1 == $ok_to_comment ) &&
                                 ( empty( $mod_keys ) || ! str_contains(
 $email, $mod_keys ) ) ) {
                                         return true;
                         } else {
                                 return false;
                         }
                 } else {
                         return false;
                 }
         }
         return true;
 }
 }}}

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/60693#comment:6>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list