#2546 closed defect (bug) (fixed)
bbpress skips check for number of links if blacklist is empty
Reported by: | dpacmittal | Owned by: | netweb |
---|---|---|---|
Milestone: | 2.6 | Priority: | normal |
Severity: | normal | Version: | 2.5.3 |
Component: | API - Moderation | Keywords: | has-patch needs-codex |
Cc: |
Description
The function bbp_check_for_moderation() in includes/common/functions.php has this code:
// Bail if blacklist is empty if ( empty( $blacklist ) ) return true; . . . . /** Max Links *************************************************************/ $max_links = get_option( 'comment_max_links' ); if ( !empty( $max_links ) ) { // How many links? $num_links = preg_match_all( '/<a [^>]*href/i', $content, $match_out ); // Allow for bumping the max to include the user's URL $num_links = apply_filters( 'comment_max_links_url', $num_links, $_post['url'] ); // Das ist zu viele links! if ( $num_links >= $max_links ) { return false; } }
Bailing if blacklist is empty should be done after checking the number of links.
Attachments (1)
Change History (10)
#1
@
11 years ago
- Component changed from General to Moderation
- Keywords needs-patch added
- Version set to 2.5.3
#3
@
11 years ago
- Keywords has-patch needs-codex added; needs-patch removed
In 2546.diff
- Check the
moderation_keys
aftercomment_max_links
- Change regex to
(http|ftp|https)://
links as $content is raw and not wrapped in HTML anchors.
A couple of things:
- This will need some docs on the codex to coincide with bbPress 2.6 as quite a few people will be caught out by this (myself included on bbpress.org) as
bbp_check_for_moderation
is only skipped if the user is akeymaster
.
- Inform users how to change the number of allowed links in
/wp-admin/options-discussion.php
- We currently do not display a template notice if a forum, topic or reply fails the
bbp_check_for_moderation
check, we should add a template notice for this.
This ticket was mentioned in IRC in #bbpress-dev by netweb. View the logs.
10 years ago
Note: See
TracTickets for help on using
tickets.
Thanks for the report, seems valid, will take a closer look soon.