diff -r c7c34916027a -r 177826044cd9 wp/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php --- a/wp/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php Mon Oct 14 18:06:33 2019 +0200 +++ b/wp/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php Mon Oct 14 18:28:13 2019 +0200 @@ -43,65 +43,73 @@ */ public function register_routes() { - register_rest_route( $this->namespace, '/' . $this->rest_base, array( - array( - 'methods' => WP_REST_Server::READABLE, - 'callback' => array( $this, 'get_items' ), - 'permission_callback' => array( $this, 'get_items_permissions_check' ), - 'args' => $this->get_collection_params(), - ), + register_rest_route( + $this->namespace, + '/' . $this->rest_base, array( - 'methods' => WP_REST_Server::CREATABLE, - 'callback' => array( $this, 'create_item' ), - 'permission_callback' => array( $this, 'create_item_permissions_check' ), - 'args' => $this->get_endpoint_args_for_item_schema( WP_REST_Server::CREATABLE ), - ), - 'schema' => array( $this, 'get_public_item_schema' ), - ) ); + array( + 'methods' => WP_REST_Server::READABLE, + 'callback' => array( $this, 'get_items' ), + 'permission_callback' => array( $this, 'get_items_permissions_check' ), + 'args' => $this->get_collection_params(), + ), + array( + 'methods' => WP_REST_Server::CREATABLE, + 'callback' => array( $this, 'create_item' ), + 'permission_callback' => array( $this, 'create_item_permissions_check' ), + 'args' => $this->get_endpoint_args_for_item_schema( WP_REST_Server::CREATABLE ), + ), + 'schema' => array( $this, 'get_public_item_schema' ), + ) + ); - register_rest_route( $this->namespace, '/' . $this->rest_base . '/(?P[\d]+)', array( - 'args' => array( - 'id' => array( - 'description' => __( 'Unique identifier for the object.' ), - 'type' => 'integer', - ), - ), + register_rest_route( + $this->namespace, + '/' . $this->rest_base . '/(?P[\d]+)', array( - 'methods' => WP_REST_Server::READABLE, - 'callback' => array( $this, 'get_item' ), - 'permission_callback' => array( $this, 'get_item_permissions_check' ), - 'args' => array( - 'context' => $this->get_context_param( array( 'default' => 'view' ) ), - 'password' => array( - 'description' => __( 'The password for the parent post of the comment (if the post is password protected).' ), - 'type' => 'string', + 'args' => array( + 'id' => array( + 'description' => __( 'Unique identifier for the object.' ), + 'type' => 'integer', ), ), - ), - array( - 'methods' => WP_REST_Server::EDITABLE, - 'callback' => array( $this, 'update_item' ), - 'permission_callback' => array( $this, 'update_item_permissions_check' ), - 'args' => $this->get_endpoint_args_for_item_schema( WP_REST_Server::EDITABLE ), - ), - array( - 'methods' => WP_REST_Server::DELETABLE, - 'callback' => array( $this, 'delete_item' ), - 'permission_callback' => array( $this, 'delete_item_permissions_check' ), - 'args' => array( - 'force' => array( - 'type' => 'boolean', - 'default' => false, - 'description' => __( 'Whether to bypass trash and force deletion.' ), - ), - 'password' => array( - 'description' => __( 'The password for the parent post of the comment (if the post is password protected).' ), - 'type' => 'string', + array( + 'methods' => WP_REST_Server::READABLE, + 'callback' => array( $this, 'get_item' ), + 'permission_callback' => array( $this, 'get_item_permissions_check' ), + 'args' => array( + 'context' => $this->get_context_param( array( 'default' => 'view' ) ), + 'password' => array( + 'description' => __( 'The password for the parent post of the comment (if the post is password protected).' ), + 'type' => 'string', + ), ), ), - ), - 'schema' => array( $this, 'get_public_item_schema' ), - ) ); + array( + 'methods' => WP_REST_Server::EDITABLE, + 'callback' => array( $this, 'update_item' ), + 'permission_callback' => array( $this, 'update_item_permissions_check' ), + 'args' => $this->get_endpoint_args_for_item_schema( WP_REST_Server::EDITABLE ), + ), + array( + 'methods' => WP_REST_Server::DELETABLE, + 'callback' => array( $this, 'delete_item' ), + 'permission_callback' => array( $this, 'delete_item_permissions_check' ), + 'args' => array( + 'force' => array( + 'type' => 'boolean', + 'default' => false, + 'description' => __( 'Whether to bypass trash and force deletion.' ), + ), + 'password' => array( + 'description' => __( 'The password for the parent post of the comment (if the post is password protected).' ), + 'type' => 'string', + ), + ), + ), + 'schema' => array( $this, 'get_public_item_schema' ), + ) + ); } /** @@ -245,7 +253,7 @@ */ $prepared_args = apply_filters( 'rest_comment_query', $prepared_args, $request ); - $query = new WP_Comment_Query; + $query = new WP_Comment_Query; $query_result = $query->query( $prepared_args ); $comments = array(); @@ -255,7 +263,7 @@ continue; } - $data = $this->prepare_item_for_response( $comment, $request ); + $data = $this->prepare_item_for_response( $comment, $request ); $comments[] = $this->prepare_response_for_collection( $data ); } @@ -266,18 +274,18 @@ // Out-of-bounds, run the query again without LIMIT for total count. unset( $prepared_args['number'], $prepared_args['offset'] ); - $query = new WP_Comment_Query; + $query = new WP_Comment_Query; $prepared_args['count'] = true; $total_comments = $query->query( $prepared_args ); - $max_pages = ceil( $total_comments / $request['per_page'] ); + $max_pages = ceil( $total_comments / $request['per_page'] ); } $response = rest_ensure_response( $comments ); $response->header( 'X-WP-Total', $total_comments ); $response->header( 'X-WP-TotalPages', $max_pages ); - $base = add_query_arg( $request->get_query_params(), rest_url( sprintf( '%s/%s', $this->namespace, $this->rest_base ) ) ); + $base = add_query_arg( urlencode_deep( $request->get_query_params() ), rest_url( sprintf( '%s/%s', $this->namespace, $this->rest_base ) ) ); if ( $request['page'] > 1 ) { $prev_page = $request['page'] - 1; @@ -314,7 +322,7 @@ return $error; } - $id = (int) $id; + $id = (int) $id; $comment = get_comment( $id ); if ( empty( $comment ) ) { return $error; @@ -375,7 +383,7 @@ return $comment; } - $data = $this->prepare_item_for_response( $comment, $request ); + $data = $this->prepare_item_for_response( $comment, $request ); $response = rest_ensure_response( $data ); return $response; @@ -415,7 +423,8 @@ // Limit who can set comment `author`, `author_ip` or `status` to anything other than the default. if ( isset( $request['author'] ) && get_current_user_id() !== $request['author'] && ! current_user_can( 'moderate_comments' ) ) { - return new WP_Error( 'rest_comment_invalid_author', + return new WP_Error( + 'rest_comment_invalid_author', /* translators: %s: request parameter */ sprintf( __( "Sorry, you are not allowed to edit '%s' for comments." ), 'author' ), array( 'status' => rest_authorization_required_code() ) @@ -424,7 +433,8 @@ if ( isset( $request['author_ip'] ) && ! current_user_can( 'moderate_comments' ) ) { if ( empty( $_SERVER['REMOTE_ADDR'] ) || $request['author_ip'] !== $_SERVER['REMOTE_ADDR'] ) { - return new WP_Error( 'rest_comment_invalid_author_ip', + return new WP_Error( + 'rest_comment_invalid_author_ip', /* translators: %s: request parameter */ sprintf( __( "Sorry, you are not allowed to edit '%s' for comments." ), 'author_ip' ), array( 'status' => rest_authorization_required_code() ) @@ -433,7 +443,8 @@ } if ( isset( $request['status'] ) && ! current_user_can( 'moderate_comments' ) ) { - return new WP_Error( 'rest_comment_invalid_status', + return new WP_Error( + 'rest_comment_invalid_status', /* translators: %s: request parameter */ sprintf( __( "Sorry, you are not allowed to edit '%s' for comments." ), 'status' ), array( 'status' => rest_authorization_required_code() ) @@ -515,10 +526,10 @@ if ( is_user_logged_in() && $missing_author ) { $user = wp_get_current_user(); - $prepared_comment['user_id'] = $user->ID; - $prepared_comment['comment_author'] = $user->display_name; + $prepared_comment['user_id'] = $user->ID; + $prepared_comment['comment_author'] = $user->display_name; $prepared_comment['comment_author_email'] = $user->user_email; - $prepared_comment['comment_author_url'] = $user->user_url; + $prepared_comment['comment_author_url'] = $user->user_url; } // Honor the discussion setting that requires a name and email address of the comment author. @@ -571,7 +582,7 @@ * skipping further processing. * * @since 4.7.0 - * @since 4.8.0 $prepared_comment can now be a WP_Error to shortcircuit insertion. + * @since 4.8.0 `$prepared_comment` can now be a WP_Error to shortcircuit insertion. * * @param array|WP_Error $prepared_comment The prepared comment data for wp_insert_comment(). * @param WP_REST_Request $request Request used to insert the comment. @@ -622,8 +633,19 @@ } $context = current_user_can( 'moderate_comments' ) ? 'edit' : 'view'; + $request->set_param( 'context', $context ); - $request->set_param( 'context', $context ); + /** + * Fires completely after a comment is created or updated via the REST API. + * + * @since 5.0.0 + * + * @param WP_Comment $comment Inserted or updated comment object. + * @param WP_REST_Request $request Request object. + * @param bool $creating True when creating a comment, false + * when updating. + */ + do_action( 'rest_after_insert_comment', $comment, $request, true ); $response = $this->prepare_item_for_response( $comment, $request ); $response = rest_ensure_response( $response ); @@ -631,7 +653,6 @@ $response->set_status( 201 ); $response->header( 'Location', rest_url( sprintf( '%s/%s/%d', $this->namespace, $this->rest_base, $comment_id ) ) ); - return $response; } @@ -747,6 +768,9 @@ $request->set_param( 'context', 'edit' ); + /** This action is documented in wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php */ + do_action( 'rest_after_insert_comment', $comment, $request, false ); + $response = $this->prepare_item_for_response( $comment, $request ); return rest_ensure_response( $response ); @@ -804,9 +828,14 @@ if ( $force ) { $previous = $this->prepare_item_for_response( $comment, $request ); - $result = wp_delete_comment( $comment->comment_ID, true ); + $result = wp_delete_comment( $comment->comment_ID, true ); $response = new WP_REST_Response(); - $response->set_data( array( 'deleted' => true, 'previous' => $previous->get_data() ) ); + $response->set_data( + array( + 'deleted' => true, + 'previous' => $previous->get_data(), + ) + ); } else { // If this type doesn't support trashing, error out. if ( ! $supports_trash ) { @@ -818,8 +847,8 @@ return new WP_Error( 'rest_already_trashed', __( 'The comment has already been trashed.' ), array( 'status' => 410 ) ); } - $result = wp_trash_comment( $comment->comment_ID ); - $comment = get_comment( $comment->comment_ID ); + $result = wp_trash_comment( $comment->comment_ID ); + $comment = get_comment( $comment->comment_ID ); $response = $this->prepare_item_for_response( $comment, $request ); } @@ -960,7 +989,7 @@ */ protected function prepare_links( $comment ) { $links = array( - 'self' => array( + 'self' => array( 'href' => rest_url( sprintf( '%s/%s/%d', $this->namespace, $this->rest_base, $comment->comment_ID ) ), ), 'collection' => array( @@ -979,7 +1008,7 @@ $post = get_post( $comment->comment_post_ID ); if ( ! empty( $post->ID ) ) { - $obj = get_post_type_object( $post->post_type ); + $obj = get_post_type_object( $post->post_type ); $base = ! empty( $obj->rest_base ) ? $obj->rest_base : $obj->name; $links['up'] = array( @@ -998,14 +1027,16 @@ } // Only grab one comment to verify the comment has children. - $comment_children = $comment->get_children( array( - 'number' => 1, - 'count' => true - ) ); + $comment_children = $comment->get_children( + array( + 'number' => 1, + 'count' => true, + ) + ); if ( ! empty( $comment_children ) ) { $args = array( - 'parent' => $comment->comment_ID + 'parent' => $comment->comment_ID, ); $rest_url = add_query_arg( $args, rest_url( $this->namespace . '/' . $this->rest_base ) ); @@ -1114,10 +1145,10 @@ $user = new WP_User( $request['author'] ); if ( $user->exists() ) { - $prepared_comment['user_id'] = $user->ID; - $prepared_comment['comment_author'] = $user->display_name; + $prepared_comment['user_id'] = $user->ID; + $prepared_comment['comment_author'] = $user->display_name; $prepared_comment['comment_author_email'] = $user->user_email; - $prepared_comment['comment_author_url'] = $user->user_url; + $prepared_comment['comment_author_url'] = $user->user_url; } else { return new WP_Error( 'rest_comment_author_invalid', __( 'Invalid comment author ID.' ), array( 'status' => 400 ) ); } @@ -1185,125 +1216,125 @@ */ public function get_item_schema() { $schema = array( - '$schema' => 'http://json-schema.org/draft-04/schema#', - 'title' => 'comment', - 'type' => 'object', - 'properties' => array( - 'id' => array( - 'description' => __( 'Unique identifier for the object.' ), - 'type' => 'integer', - 'context' => array( 'view', 'edit', 'embed' ), - 'readonly' => true, + '$schema' => 'http://json-schema.org/draft-04/schema#', + 'title' => 'comment', + 'type' => 'object', + 'properties' => array( + 'id' => array( + 'description' => __( 'Unique identifier for the object.' ), + 'type' => 'integer', + 'context' => array( 'view', 'edit', 'embed' ), + 'readonly' => true, ), - 'author' => array( - 'description' => __( 'The ID of the user object, if author was a user.' ), - 'type' => 'integer', - 'context' => array( 'view', 'edit', 'embed' ), + 'author' => array( + 'description' => __( 'The ID of the user object, if author was a user.' ), + 'type' => 'integer', + 'context' => array( 'view', 'edit', 'embed' ), ), - 'author_email' => array( - 'description' => __( 'Email address for the object author.' ), - 'type' => 'string', - 'format' => 'email', - 'context' => array( 'edit' ), - 'arg_options' => array( + 'author_email' => array( + 'description' => __( 'Email address for the object author.' ), + 'type' => 'string', + 'format' => 'email', + 'context' => array( 'edit' ), + 'arg_options' => array( 'sanitize_callback' => array( $this, 'check_comment_author_email' ), 'validate_callback' => null, // skip built-in validation of 'email'. ), ), - 'author_ip' => array( - 'description' => __( 'IP address for the object author.' ), - 'type' => 'string', - 'format' => 'ip', - 'context' => array( 'edit' ), + 'author_ip' => array( + 'description' => __( 'IP address for the object author.' ), + 'type' => 'string', + 'format' => 'ip', + 'context' => array( 'edit' ), ), - 'author_name' => array( - 'description' => __( 'Display name for the object author.' ), - 'type' => 'string', - 'context' => array( 'view', 'edit', 'embed' ), - 'arg_options' => array( + 'author_name' => array( + 'description' => __( 'Display name for the object author.' ), + 'type' => 'string', + 'context' => array( 'view', 'edit', 'embed' ), + 'arg_options' => array( 'sanitize_callback' => 'sanitize_text_field', ), ), - 'author_url' => array( - 'description' => __( 'URL for the object author.' ), - 'type' => 'string', - 'format' => 'uri', - 'context' => array( 'view', 'edit', 'embed' ), + 'author_url' => array( + 'description' => __( 'URL for the object author.' ), + 'type' => 'string', + 'format' => 'uri', + 'context' => array( 'view', 'edit', 'embed' ), ), - 'author_user_agent' => array( - 'description' => __( 'User agent for the object author.' ), - 'type' => 'string', - 'context' => array( 'edit' ), - 'arg_options' => array( + 'author_user_agent' => array( + 'description' => __( 'User agent for the object author.' ), + 'type' => 'string', + 'context' => array( 'edit' ), + 'arg_options' => array( 'sanitize_callback' => 'sanitize_text_field', ), ), - 'content' => array( - 'description' => __( 'The content for the object.' ), - 'type' => 'object', - 'context' => array( 'view', 'edit', 'embed' ), - 'arg_options' => array( + 'content' => array( + 'description' => __( 'The content for the object.' ), + 'type' => 'object', + 'context' => array( 'view', 'edit', 'embed' ), + 'arg_options' => array( 'sanitize_callback' => null, // Note: sanitization implemented in self::prepare_item_for_database() 'validate_callback' => null, // Note: validation implemented in self::prepare_item_for_database() ), - 'properties' => array( - 'raw' => array( - 'description' => __( 'Content for the object, as it exists in the database.' ), - 'type' => 'string', - 'context' => array( 'edit' ), + 'properties' => array( + 'raw' => array( + 'description' => __( 'Content for the object, as it exists in the database.' ), + 'type' => 'string', + 'context' => array( 'edit' ), ), - 'rendered' => array( - 'description' => __( 'HTML content for the object, transformed for display.' ), - 'type' => 'string', - 'context' => array( 'view', 'edit', 'embed' ), - 'readonly' => true, + 'rendered' => array( + 'description' => __( 'HTML content for the object, transformed for display.' ), + 'type' => 'string', + 'context' => array( 'view', 'edit', 'embed' ), + 'readonly' => true, ), ), ), - 'date' => array( - 'description' => __( "The date the object was published, in the site's timezone." ), - 'type' => 'string', - 'format' => 'date-time', - 'context' => array( 'view', 'edit', 'embed' ), + 'date' => array( + 'description' => __( "The date the object was published, in the site's timezone." ), + 'type' => 'string', + 'format' => 'date-time', + 'context' => array( 'view', 'edit', 'embed' ), ), - 'date_gmt' => array( - 'description' => __( 'The date the object was published, as GMT.' ), - 'type' => 'string', - 'format' => 'date-time', - 'context' => array( 'view', 'edit' ), + 'date_gmt' => array( + 'description' => __( 'The date the object was published, as GMT.' ), + 'type' => 'string', + 'format' => 'date-time', + 'context' => array( 'view', 'edit' ), ), - 'link' => array( - 'description' => __( 'URL to the object.' ), - 'type' => 'string', - 'format' => 'uri', - 'context' => array( 'view', 'edit', 'embed' ), - 'readonly' => true, + 'link' => array( + 'description' => __( 'URL to the object.' ), + 'type' => 'string', + 'format' => 'uri', + 'context' => array( 'view', 'edit', 'embed' ), + 'readonly' => true, ), - 'parent' => array( - 'description' => __( 'The ID for the parent of the object.' ), - 'type' => 'integer', - 'context' => array( 'view', 'edit', 'embed' ), - 'default' => 0, + 'parent' => array( + 'description' => __( 'The ID for the parent of the object.' ), + 'type' => 'integer', + 'context' => array( 'view', 'edit', 'embed' ), + 'default' => 0, ), - 'post' => array( - 'description' => __( 'The ID of the associated post object.' ), - 'type' => 'integer', - 'context' => array( 'view', 'edit' ), - 'default' => 0, + 'post' => array( + 'description' => __( 'The ID of the associated post object.' ), + 'type' => 'integer', + 'context' => array( 'view', 'edit' ), + 'default' => 0, ), - 'status' => array( - 'description' => __( 'State of the object.' ), - 'type' => 'string', - 'context' => array( 'view', 'edit' ), - 'arg_options' => array( + 'status' => array( + 'description' => __( 'State of the object.' ), + 'type' => 'string', + 'context' => array( 'view', 'edit' ), + 'arg_options' => array( 'sanitize_callback' => 'sanitize_key', ), ), - 'type' => array( - 'description' => __( 'Type of Comment for the object.' ), - 'type' => 'string', - 'context' => array( 'view', 'edit', 'embed' ), - 'readonly' => true, + 'type' => array( + 'description' => __( 'Type of Comment for the object.' ), + 'type' => 'string', + 'context' => array( 'view', 'edit', 'embed' ), + 'readonly' => true, ), ), ); @@ -1323,11 +1354,11 @@ } $schema['properties']['author_avatar_urls'] = array( - 'description' => __( 'Avatar URLs for the object author.' ), - 'type' => 'object', - 'context' => array( 'view', 'edit', 'embed' ), - 'readonly' => true, - 'properties' => $avatar_properties, + 'description' => __( 'Avatar URLs for the object author.' ), + 'type' => 'object', + 'context' => array( 'view', 'edit', 'embed' ), + 'readonly' => true, + 'properties' => $avatar_properties, ); } @@ -1349,78 +1380,78 @@ $query_params['context']['default'] = 'view'; $query_params['after'] = array( - 'description' => __( 'Limit response to comments published after a given ISO8601 compliant date.' ), - 'type' => 'string', - 'format' => 'date-time', + 'description' => __( 'Limit response to comments published after a given ISO8601 compliant date.' ), + 'type' => 'string', + 'format' => 'date-time', ); $query_params['author'] = array( - 'description' => __( 'Limit result set to comments assigned to specific user IDs. Requires authorization.' ), - 'type' => 'array', - 'items' => array( - 'type' => 'integer', + 'description' => __( 'Limit result set to comments assigned to specific user IDs. Requires authorization.' ), + 'type' => 'array', + 'items' => array( + 'type' => 'integer', ), ); $query_params['author_exclude'] = array( - 'description' => __( 'Ensure result set excludes comments assigned to specific user IDs. Requires authorization.' ), - 'type' => 'array', - 'items' => array( - 'type' => 'integer', + 'description' => __( 'Ensure result set excludes comments assigned to specific user IDs. Requires authorization.' ), + 'type' => 'array', + 'items' => array( + 'type' => 'integer', ), ); $query_params['author_email'] = array( - 'default' => null, - 'description' => __( 'Limit result set to that from a specific author email. Requires authorization.' ), - 'format' => 'email', - 'type' => 'string', + 'default' => null, + 'description' => __( 'Limit result set to that from a specific author email. Requires authorization.' ), + 'format' => 'email', + 'type' => 'string', ); $query_params['before'] = array( - 'description' => __( 'Limit response to comments published before a given ISO8601 compliant date.' ), - 'type' => 'string', - 'format' => 'date-time', + 'description' => __( 'Limit response to comments published before a given ISO8601 compliant date.' ), + 'type' => 'string', + 'format' => 'date-time', ); $query_params['exclude'] = array( - 'description' => __( 'Ensure result set excludes specific IDs.' ), - 'type' => 'array', - 'items' => array( - 'type' => 'integer', + 'description' => __( 'Ensure result set excludes specific IDs.' ), + 'type' => 'array', + 'items' => array( + 'type' => 'integer', ), - 'default' => array(), + 'default' => array(), ); $query_params['include'] = array( - 'description' => __( 'Limit result set to specific IDs.' ), - 'type' => 'array', - 'items' => array( - 'type' => 'integer', + 'description' => __( 'Limit result set to specific IDs.' ), + 'type' => 'array', + 'items' => array( + 'type' => 'integer', ), - 'default' => array(), + 'default' => array(), ); $query_params['offset'] = array( - 'description' => __( 'Offset the result set by a specific number of items.' ), - 'type' => 'integer', + 'description' => __( 'Offset the result set by a specific number of items.' ), + 'type' => 'integer', ); - $query_params['order'] = array( - 'description' => __( 'Order sort attribute ascending or descending.' ), - 'type' => 'string', - 'default' => 'desc', - 'enum' => array( + $query_params['order'] = array( + 'description' => __( 'Order sort attribute ascending or descending.' ), + 'type' => 'string', + 'default' => 'desc', + 'enum' => array( 'asc', 'desc', ), ); - $query_params['orderby'] = array( - 'description' => __( 'Sort collection by object attribute.' ), - 'type' => 'string', - 'default' => 'date_gmt', - 'enum' => array( + $query_params['orderby'] = array( + 'description' => __( 'Sort collection by object attribute.' ), + 'type' => 'string', + 'default' => 'date_gmt', + 'enum' => array( 'date', 'date_gmt', 'id', @@ -1432,29 +1463,29 @@ ); $query_params['parent'] = array( - 'default' => array(), - 'description' => __( 'Limit result set to comments of specific parent IDs.' ), - 'type' => 'array', - 'items' => array( - 'type' => 'integer', + 'default' => array(), + 'description' => __( 'Limit result set to comments of specific parent IDs.' ), + 'type' => 'array', + 'items' => array( + 'type' => 'integer', ), ); $query_params['parent_exclude'] = array( - 'default' => array(), - 'description' => __( 'Ensure result set excludes specific parent IDs.' ), - 'type' => 'array', - 'items' => array( - 'type' => 'integer', + 'default' => array(), + 'description' => __( 'Ensure result set excludes specific parent IDs.' ), + 'type' => 'array', + 'items' => array( + 'type' => 'integer', ), ); - $query_params['post'] = array( - 'default' => array(), - 'description' => __( 'Limit result set to comments assigned to specific post IDs.' ), - 'type' => 'array', - 'items' => array( - 'type' => 'integer', + $query_params['post'] = array( + 'default' => array(), + 'description' => __( 'Limit result set to comments assigned to specific post IDs.' ), + 'type' => 'array', + 'items' => array( + 'type' => 'integer', ), ); @@ -1510,7 +1541,7 @@ } switch ( $new_status ) { - case 'approved' : + case 'approved': case 'approve': case '1': $changed = wp_set_comment_status( $comment_id, 'approve' ); @@ -1519,19 +1550,19 @@ case '0': $changed = wp_set_comment_status( $comment_id, 'hold' ); break; - case 'spam' : + case 'spam': $changed = wp_spam_comment( $comment_id ); break; - case 'unspam' : + case 'unspam': $changed = wp_unspam_comment( $comment_id ); break; - case 'trash' : + case 'trash': $changed = wp_trash_comment( $comment_id ); break; - case 'untrash' : + case 'untrash': $changed = wp_untrash_comment( $comment_id ); break; - default : + default: $changed = false; break; } @@ -1552,12 +1583,12 @@ */ protected function check_read_post_permission( $post, $request ) { $posts_controller = new WP_REST_Posts_Controller( $post->post_type ); - $post_type = get_post_type_object( $post->post_type ); + $post_type = get_post_type_object( $post->post_type ); $has_password_filter = false; // Only check password if a specific post was queried for or a single comment - $requested_post = ! empty( $request['post'] ) && ( !is_array( $request['post'] ) || 1 === count( $request['post'] ) ); + $requested_post = ! empty( $request['post'] ) && ( ! is_array( $request['post'] ) || 1 === count( $request['post'] ) ); $requested_comment = ! empty( $request['id'] ); if ( ( $requested_post || $requested_comment ) && $posts_controller->can_access_password_content( $post, $request ) ) { add_filter( 'post_password_required', '__return_false' );