[wp-trac] [WordPress Trac] #61827: wp_check_comment_disallowed_list() can't be used to match unprocessed HTML
WordPress Trac
noreply at wordpress.org
Sat Sep 7 10:37:40 UTC 2024
#61827: wp_check_comment_disallowed_list() can't be used to match unprocessed HTML
--------------------------------------+---------------------
Reporter: cfinke | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 6.7
Component: Comments | Version: 6.6.1
Severity: normal | Resolution:
Keywords: has-patch has-unit-tests | Focuses:
--------------------------------------+---------------------
Comment (by devspace):
Create a Custom Filter: You could create a custom function that checks the
raw comment data before passing it through the normal WordPress filters.
Here's an example of how you might implement this:
{{{#!php
<?php
add_filter('pre_comment_content', 'custom_check_disallowed_keys', 9, 1);
function custom_check_disallowed_keys($comment_content) {
$disallowed_keys = array('href=http'); // Add other disallowed keys
here
foreach ($disallowed_keys as $key) {
if (strpos($comment_content, $key) !== false) {
wp_die('Your comment contains disallowed content.');
}
}
return $comment_content;
}
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/61827#comment:6>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list