From 87eedbd2f7368a41f237fdf03c59962533a6b1af Mon Sep 17 00:00:00 2001 From: James Nylen Date: Sun, 4 Dec 2016 19:30:41 +0000 Subject: [PATCH] REST API: Treat any falsy value as `false` in 'rest_allow_anonymous_comments'. Extend the check in 'rest_allow_anonymous_comments' to accept any falsy value (previously this was an explicit check for `false`). One possible failure case is that a plugin developer forgets to include a return value for some code path in their callback for this filter, leading to a value of `null` which is currently treated like `true`. Props joehoyle, jnylen0. Fixes #39010. Built from https://develop.svn.wordpress.org/trunk@39487 git-svn-id: http://core.svn.wordpress.org/trunk@39427 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- .../rest-api/endpoints/class-wp-rest-comments-controller.php | 2 +- wp-includes/version.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php b/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php index 6e1e05d076..973af4b505 100644 --- a/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php +++ b/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php @@ -392,7 +392,7 @@ class WP_REST_Comments_Controller extends WP_REST_Controller { * response. */ $allow_anonymous = apply_filters( 'rest_allow_anonymous_comments', false, $request ); - if ( false === $allow_anonymous ) { + if ( ! $allow_anonymous ) { return new WP_Error( 'rest_comment_login_required', __( 'Sorry, you must be logged in to comment.' ), array( 'status' => 401 ) ); } } diff --git a/wp-includes/version.php b/wp-includes/version.php index 59c1779836..d2dba60e96 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.8-alpha-39486'; +$wp_version = '4.8-alpha-39487'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.