/**
* Validate a value based on a schema.
*
* @param mixed $value The value to validate.
* @param array $args Schema array to use for validation.
* @param string $param The parameter name, used in error messages.
* @return true|WP_Error
*/
function rest_validate_value_from_schema($value, $args, $param = '')
{
if ('array' === $args['type']) {
if (!is_array($value)) {
$value = preg_split('/[\\s,]+/', $value);
}
foreach ($value as $index => $v) {
$is_valid = rest_validate_value_from_schema($v, $args['items'], $param . '[' . $index . ']');
if (is_wp_error($is_valid)) {
return $is_valid;
}
}
}
if (!empty($args['enum'])) {
if (!in_array($value, $args['enum'], true)) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s is not one of %2$s.'), $param, implode(', ', $args['enum'])));
}
}
if (in_array($args['type'], array('integer', 'number')) && !is_numeric($value)) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s is not of type %2$s.'), $param, $args['type']));
}
if ('integer' === $args['type'] && round(floatval($value)) !== floatval($value)) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s is not of type %2$s.'), $param, 'integer'));
}
if ('boolean' === $args['type'] && !rest_is_boolean($value)) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s is not of type %2$s.'), $value, 'boolean'));
}
if ('string' === $args['type'] && !is_string($value)) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s is not of type %2$s.'), $param, 'string'));
}
if (isset($args['format'])) {
switch ($args['format']) {
case 'date-time':
if (!rest_parse_date($value)) {
return new WP_Error('rest_invalid_date', __('The date you provided is invalid.'));
}
break;
case 'email':
// is_email() checks for 3 characters (a@b), but
// wp_handle_comment_submission() requires 6 characters (a@b.co)
//
// https://core.trac.wordpress.org/ticket/38506
if (!is_email($value) || strlen($value) < 6) {
return new WP_Error('rest_invalid_email', __('The email address you provided is invalid.'));
}
break;
case 'ipv4':
if (!rest_is_ip_address($value)) {
return new WP_Error('rest_invalid_param', sprintf(__('%s is not a valid IP address.'), $value));
}
break;
}
}
if (in_array($args['type'], array('number', 'integer'), true) && (isset($args['minimum']) || isset($args['maximum']))) {
if (isset($args['minimum']) && !isset($args['maximum'])) {
if (!empty($args['exclusiveMinimum']) && $value <= $args['minimum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be greater than %2$d (exclusive)'), $param, $args['minimum']));
} elseif (empty($args['exclusiveMinimum']) && $value < $args['minimum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be greater than %2$d (inclusive)'), $param, $args['minimum']));
}
} elseif (isset($args['maximum']) && !isset($args['minimum'])) {
if (!empty($args['exclusiveMaximum']) && $value >= $args['maximum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be less than %2$d (exclusive)'), $param, $args['maximum']));
} elseif (empty($args['exclusiveMaximum']) && $value > $args['maximum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be less than %2$d (inclusive)'), $param, $args['maximum']));
}
} elseif (isset($args['maximum']) && isset($args['minimum'])) {
if (!empty($args['exclusiveMinimum']) && !empty($args['exclusiveMaximum'])) {
if ($value >= $args['maximum'] || $value <= $args['minimum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be between %2$d (exclusive) and %3$d (exclusive)'), $param, $args['minimum'], $args['maximum']));
}
} elseif (empty($args['exclusiveMinimum']) && !empty($args['exclusiveMaximum'])) {
if ($value >= $args['maximum'] || $value < $args['minimum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be between %2$d (inclusive) and %3$d (exclusive)'), $param, $args['minimum'], $args['maximum']));
}
} elseif (!empty($args['exclusiveMinimum']) && empty($args['exclusiveMaximum'])) {
if ($value > $args['maximum'] || $value <= $args['minimum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be between %2$d (exclusive) and %3$d (inclusive)'), $param, $args['minimum'], $args['maximum']));
}
} elseif (empty($args['exclusiveMinimum']) && empty($args['exclusiveMaximum'])) {
if ($value > $args['maximum'] || $value < $args['minimum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be between %2$d (inclusive) and %3$d (inclusive)'), $param, $args['minimum'], $args['maximum']));
}
}
}
}
return true;
}
/**
* Validate a request argument based on details registered to the route.
*
* @param mixed $value
* @param WP_REST_Request $request
* @param string $param
* @return WP_Error|boolean
*/
function rest_validate_request_arg($value, $request, $param)
{
$attributes = $request->get_attributes();
if (!isset($attributes['args'][$param]) || !is_array($attributes['args'][$param])) {
return true;
}
$args = $attributes['args'][$param];
if (!empty($args['enum'])) {
if (!in_array($value, $args['enum'])) {
/* translators: 1: parameter 2: arguments */
return new WP_Error('rest_invalid_param', sprintf(__('%1$s is not one of %2$s', 'woocommerce'), $param, implode(', ', $args['enum'])));
}
}
if ('integer' === $args['type'] && !is_numeric($value)) {
/* translators: 1: parameter 2: integer type */
return new WP_Error('rest_invalid_param', sprintf(__('%1$s is not of type %2$s', 'woocommerce'), $param, 'integer'));
}
if ('boolean' === $args['type'] && !rest_is_boolean($value)) {
/* translators: 1: parameter 2: boolean type */
return new WP_Error('rest_invalid_param', sprintf(__('%1$s is not of type %2$s', 'woocommerce'), $value, 'boolean'));
}
if ('string' === $args['type'] && !is_string($value)) {
/* translators: 1: parameter 2: string type */
return new WP_Error('rest_invalid_param', sprintf(__('%1$s is not of type %2$s', 'woocommerce'), $param, 'string'));
}
if (isset($args['format'])) {
switch ($args['format']) {
case 'date-time':
if (!rest_parse_date($value)) {
return new WP_Error('rest_invalid_date', __('The date you provided is invalid.', 'woocommerce'));
}
break;
case 'email':
if (!is_email($value)) {
return new WP_Error('rest_invalid_email', __('The email address you provided is invalid.', 'woocommerce'));
}
break;
case 'ipv4':
if (!rest_is_ip_address($value)) {
/* translators: %s: IP address */
return new WP_Error('rest_invalid_param', sprintf(__('%s is not a valid IP address.', 'woocommerce'), $value));
}
break;
}
}
if (in_array($args['type'], array('numeric', 'integer')) && (isset($args['minimum']) || isset($args['maximum']))) {
if (isset($args['minimum']) && !isset($args['maximum'])) {
if (!empty($args['exclusiveMinimum']) && $value <= $args['minimum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be greater than %2$d (exclusive)', 'woocommerce'), $param, $args['minimum']));
} elseif (empty($args['exclusiveMinimum']) && $value < $args['minimum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be greater than %2$d (inclusive)', 'woocommerce'), $param, $args['minimum']));
}
} elseif (isset($args['maximum']) && !isset($args['minimum'])) {
if (!empty($args['exclusiveMaximum']) && $value >= $args['maximum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be less than %2$d (exclusive)', 'woocommerce'), $param, $args['maximum']));
} elseif (empty($args['exclusiveMaximum']) && $value > $args['maximum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be less than %2$d (inclusive)', 'woocommerce'), $param, $args['maximum']));
}
} elseif (isset($args['maximum']) && isset($args['minimum'])) {
if (!empty($args['exclusiveMinimum']) && !empty($args['exclusiveMaximum'])) {
if ($value >= $args['maximum'] || $value <= $args['minimum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be between %2$d (exclusive) and %3$d (exclusive)', 'woocommerce'), $param, $args['minimum'], $args['maximum']));
}
} elseif (empty($args['exclusiveMinimum']) && !empty($args['exclusiveMaximum'])) {
if ($value >= $args['maximum'] || $value < $args['minimum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be between %2$d (inclusive) and %3$d (exclusive)', 'woocommerce'), $param, $args['minimum'], $args['maximum']));
}
} elseif (!empty($args['exclusiveMinimum']) && empty($args['exclusiveMaximum'])) {
if ($value > $args['maximum'] || $value <= $args['minimum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be between %2$d (exclusive) and %3$d (inclusive)', 'woocommerce'), $param, $args['minimum'], $args['maximum']));
}
} elseif (empty($args['exclusiveMinimum']) && empty($args['exclusiveMaximum'])) {
if ($value > $args['maximum'] || $value < $args['minimum']) {
return new WP_Error('rest_invalid_param', sprintf(__('%1$s must be between %2$d (inclusive) and %3$d (inclusive)', 'woocommerce'), $param, $args['minimum'], $args['maximum']));
}
}
}
}
return true;
}
/**
* Prepares a single comment to be inserted into the database.
*
* @since 4.7.0
* @access protected
*
* @param WP_REST_Request $request Request object.
* @return array|WP_Error Prepared comment, otherwise WP_Error object.
*/
protected function prepare_item_for_database($request)
{
$prepared_comment = array();
/*
* Allow the comment_content to be set via the 'content' or
* the 'content.raw' properties of the Request object.
*/
if (isset($request['content']) && is_string($request['content'])) {
$prepared_comment['comment_content'] = $request['content'];
} elseif (isset($request['content']['raw']) && is_string($request['content']['raw'])) {
$prepared_comment['comment_content'] = $request['content']['raw'];
}
if (isset($request['post'])) {
$prepared_comment['comment_post_ID'] = (int) $request['post'];
}
if (isset($request['parent'])) {
$prepared_comment['comment_parent'] = $request['parent'];
}
if (isset($request['author'])) {
$user = new WP_User($request['author']);
if ($user->exists()) {
$prepared_comment['user_id'] = $user->ID;
$prepared_comment['comment_author'] = $user->display_name;
$prepared_comment['comment_author_email'] = $user->user_email;
$prepared_comment['comment_author_url'] = $user->user_url;
} else {
return new WP_Error('rest_comment_author_invalid', __('Invalid comment author ID.'), array('status' => 400));
}
}
if (isset($request['author_name'])) {
$prepared_comment['comment_author'] = $request['author_name'];
}
if (isset($request['author_email'])) {
$prepared_comment['comment_author_email'] = $request['author_email'];
}
if (isset($request['author_url'])) {
$prepared_comment['comment_author_url'] = $request['author_url'];
}
if (isset($request['author_ip']) && current_user_can('moderate_comments')) {
$prepared_comment['comment_author_IP'] = $request['author_ip'];
} elseif (!empty($_SERVER['REMOTE_ADDR']) && rest_is_ip_address($_SERVER['REMOTE_ADDR'])) {
$prepared_comment['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
} else {
$prepared_comment['comment_author_IP'] = '127.0.0.1';
}
if (!empty($request['author_user_agent'])) {
$prepared_comment['comment_agent'] = $request['author_user_agent'];
} elseif ($request->get_header('user_agent')) {
$prepared_comment['comment_agent'] = $request->get_header('user_agent');
}
if (!empty($request['date'])) {
$date_data = rest_get_date_with_gmt($request['date']);
if (!empty($date_data)) {
list($prepared_comment['comment_date'], $prepared_comment['comment_date_gmt']) = $date_data;
}
} elseif (!empty($request['date_gmt'])) {
$date_data = rest_get_date_with_gmt($request['date_gmt'], true);
if (!empty($date_data)) {
list($prepared_comment['comment_date'], $prepared_comment['comment_date_gmt']) = $date_data;
}
}
/**
* Filters a comment after it is prepared for the database.
*
* Allows modification of the comment right after it is prepared for the database.
*
* @since 4.7.0
*
* @param array $prepared_comment The prepared comment data for `wp_insert_comment`.
* @param WP_REST_Request $request The current request.
*/
return apply_filters('rest_preprocess_comment', $prepared_comment, $request);
}