Comments: Use proper HTTP response codes for validation errors.

ocean90 · ocean90 · commit fb8588f11520 · 2014-11-26T20:16:47.000Z
props miqrogroove, solarissmoke, mackensen. fixes WordPress#11286. git-svn-id: https://develop.svn.wordpress.org/trunk@30579 602fd350-edb4-49c9-b593-d223f7449a82
diff --git a/src/wp-comments-post.php b/src/wp-comments-post.php
@@ -47,7 +47,7 @@
 	 * @param int $comment_post_ID Post ID.
 	 */
 	do_action( 'comment_closed', $comment_post_ID );
-	wp_die( __('Sorry, comments are closed for this item.') );
+	wp_die( __( 'Sorry, comments are closed for this item.' ), 403 );
 } elseif ( 'trash' == $status ) {
 	/**
 	 * Fires when a comment is attempted on a trashed post.
@@ -111,21 +111,24 @@
 		}
 	}
 } else {
-	if ( get_option('comment_registration') || 'private' == $status )
-		wp_die( __('Sorry, you must be logged in to post a comment.') );
+	if ( get_option( 'comment_registration' ) || 'private' == $status ) {
+		wp_die( __( 'Sorry, you must be logged in to post a comment.' ), 403 );
+	}
 }
 
 $comment_type = '';
 
 if ( get_option('require_name_email') && !$user->exists() ) {
-	if ( 6 > strlen($comment_author_email) || '' == $comment_author )
-		wp_die( __('<strong>ERROR</strong>: please fill the required fields (name, email).') );
-	elseif ( !is_email($comment_author_email))
-		wp_die( __('<strong>ERROR</strong>: please enter a valid email address.') );
+	if ( 6 > strlen( $comment_author_email ) || '' == $comment_author ) {
+		wp_die( __( '<strong>ERROR</strong>: please fill the required fields (name, email).' ), 200 );
+	} else if ( ! is_email( $comment_author_email ) ) {
+		wp_die( __( '<strong>ERROR</strong>: please enter a valid email address.' ), 200 );
+	}
 }
 
-if ( '' == $comment_content )
-	wp_die( __('<strong>ERROR</strong>: please type a comment.') );
+if ( '' == $comment_content ) {
+	wp_die( __( '<strong>ERROR</strong>: please type a comment.' ), 200 );
+}
 
 $comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_parent']) : 0;
 
diff --git a/src/wp-includes/comment.php b/src/wp-includes/comment.php
@@ -1131,7 +1131,7 @@ function wp_allow_comment( $commentdata ) {
 		if ( defined( 'DOING_AJAX' ) ) {
 			die( __('Duplicate comment detected; it looks as though you&#8217;ve already said that!') );
 		}
-		wp_die( __('Duplicate comment detected; it looks as though you&#8217;ve already said that!') );
+		wp_die( __( 'Duplicate comment detected; it looks as though you&#8217;ve already said that!' ), 409 );
 	}
 
 	/**
@@ -1249,7 +1249,7 @@ function check_comment_flood_db( $ip, $email, $date ) {
 			if ( defined('DOING_AJAX') )
 				die( __('You are posting comments too quickly. Slow down.') );
 
-			wp_die( __('You are posting comments too quickly. Slow down.'), '', array('response' => 403) );
+			wp_die( __( 'You are posting comments too quickly. Slow down.' ), 429 );
 		}
 	}
 }

Original file line number	Diff line number	Diff line change
`@@ -1131,7 +1131,7 @@ function wp_allow_comment( $commentdata ) {`
`1131`	`1131`	`if ( defined( 'DOING_AJAX' ) ) {`
`1132`	`1132`	`die( __('Duplicate comment detected; it looks as though you’ve already said that!') );`
`1133`	`1133`	`}`
`1134`		`- wp_die( __('Duplicate comment detected; it looks as though you’ve already said that!') );`
	`1134`	`+ wp_die( __( 'Duplicate comment detected; it looks as though you’ve already said that!' ), 409 );`
`1135`	`1135`	`}`
`1136`	`1136`
`1137`	`1137`	`/**`
`@@ -1249,7 +1249,7 @@ function check_comment_flood_db( $ip, $email, $date ) {`
`1249`	`1249`	`if ( defined('DOING_AJAX') )`
`1250`	`1250`	`die( __('You are posting comments too quickly. Slow down.') );`
`1251`	`1251`
`1252`		`- wp_die( __('You are posting comments too quickly. Slow down.'), '', array('response' => 403) );`
	`1252`	`+ wp_die( __( 'You are posting comments too quickly. Slow down.' ), 429 );`
`1253`	`1253`	`}`
`1254`	`1254`	`}`
`1255`	`1255`	`}`