Ticket #2525: comment-funcs.diff
| File comment-funcs.diff, 76.8 KB (added by ryan, 6 years ago) |
|---|
-
wp-includes/comment.php
1 1 <?php 2 2 3 // Template functions 3 function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $comment_type) { 4 global $wpdb; 4 5 5 function comments_template( $file = '/comments.php' ) { 6 global $wp_query, $withcomments, $post, $wpdb, $id, $comment, $user_login, $user_ID, $user_identity; 6 if (1 == get_settings('comment_moderation')) return false; // If moderation is set to manual 7 7 8 if ( is_single() || is_page() || $withcomments ) : 9 $req = get_settings('require_name_email'); 10 $comment_author = ''; 11 if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) { 12 $comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]); 13 $comment_author = stripslashes($comment_author); 14 $comment_author = wp_specialchars($comment_author, true); 15 } 16 $comment_author_email = ''; 17 if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) { 18 $comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]); 19 $comment_author_email = stripslashes($comment_author_email); 20 $comment_author_email = wp_specialchars($comment_author_email, true); 21 } 22 $comment_author_url = ''; 23 if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) { 24 $comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]); 25 $comment_author_url = stripslashes($comment_author_url); 26 $comment_author_url = wp_specialchars($comment_author_url, true); 27 } 8 if ( (count(explode('http:', $comment)) - 1) >= get_settings('comment_max_links') ) 9 return false; // Check # of external links 28 10 29 if ( empty($comment_author) ) { 30 $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND comment_approved = '1' ORDER BY comment_date"); 31 } else { 32 $author_db = $wpdb->escape($comment_author); 33 $email_db = $wpdb->escape($comment_author_email); 34 $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND ( comment_approved = '1' OR ( comment_author = '$author_db' AND comment_author_email = '$email_db' AND comment_approved = '0' ) ) ORDER BY comment_date"); 35 } 11 $mod_keys = trim( get_settings('moderation_keys') ); 12 if ( !empty($mod_keys) ) { 13 $words = explode("\n", $mod_keys ); 36 14 37 define('COMMENTS_TEMPLATE', true); 38 $include = apply_filters('comments_template', TEMPLATEPATH . $file ); 39 if ( file_exists( $include ) ) 40 require( $include ); 41 else 42 require( ABSPATH . 'wp-content/themes/default/comments.php'); 15 foreach ($words as $word) { 16 $word = trim($word); 43 17 44 endif;45 }18 // Skip empty lines 19 if (empty($word)) { continue; } 46 20 47 function wp_new_comment( $commentdata ) { 48 $commentdata = apply_filters('preprocess_comment', $commentdata); 21 // Do some escaping magic so that '#' chars in the 22 // spam words don't break things: 23 $word = preg_quote($word, '#'); 49 24 50 $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID']; 51 $commentdata['user_ID'] = (int) $commentdata['user_ID']; 25 $pattern = "#$word#i"; 26 if ( preg_match($pattern, $author) ) return false; 27 if ( preg_match($pattern, $email) ) return false; 28 if ( preg_match($pattern, $url) ) return false; 29 if ( preg_match($pattern, $comment) ) return false; 30 if ( preg_match($pattern, $user_ip) ) return false; 31 if ( preg_match($pattern, $user_agent) ) return false; 32 } 33 } 52 34 53 $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR']; 54 $commentdata['comment_agent'] = $_SERVER['HTTP_USER_AGENT']; 55 56 $commentdata['comment_date'] = current_time('mysql'); 57 $commentdata['comment_date_gmt'] = current_time('mysql', 1); 58 59 60 $commentdata = wp_filter_comment($commentdata); 61 62 $commentdata['comment_approved'] = wp_allow_comment($commentdata); 63 64 $comment_ID = wp_insert_comment($commentdata); 65 66 do_action('comment_post', $comment_ID, $commentdata['comment_approved']); 67 68 if ( 'spam' !== $commentdata['comment_approved'] ) { // If it's spam save it silently for later crunching 69 if ( '0' == $commentdata['comment_approved'] ) 70 wp_notify_moderator($comment_ID); 71 72 $post = &get_post($commentdata['comment_post_ID']); // Don't notify if it's your own comment 73 74 if ( get_settings('comments_notify') && $commentdata['comment_approved'] && $post->post_author != $commentdata['user_ID'] ) 75 wp_notify_postauthor($comment_ID, $commentdata['comment_type']); 35 // Comment whitelisting: 36 if ( 1 == get_settings('comment_whitelist')) { 37 if ( 'trackback' == $comment_type || 'pingback' == $comment_type ) { // check if domain is in blogroll 38 $uri = parse_url($url); 39 $domain = $uri['host']; 40 $uri = parse_url( get_option('home') ); 41 $home_domain = $uri['host']; 42 if ( $wpdb->get_var("SELECT link_id FROM $wpdb->links WHERE link_url LIKE ('%$domain%') LIMIT 1") || $domain == $home_domain ) 43 return true; 44 else 45 return false; 46 } elseif( $author != '' && $email != '' ) { 47 $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1"); 48 if ( ( 1 == $ok_to_comment ) && 49 ( empty($mod_keys) || false === strpos( $email, $mod_keys) ) ) 50 return true; 51 else 52 return false; 53 } else { 54 return false; 55 } 76 56 } 77 57 78 return $comment_ID;58 return true; 79 59 } 80 60 81 function wp_insert_comment($commentdata) {61 function get_approved_comments($post_id) { 82 62 global $wpdb; 83 extract($commentdata); 63 return $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $post_id AND comment_approved = '1' ORDER BY comment_date"); 64 } 84 65 85 if ( ! isset($comment_author_IP) ) 86 $comment_author_IP = $_SERVER['REMOTE_ADDR']; 87 if ( ! isset($comment_date) ) 88 $comment_date = current_time('mysql'); 89 if ( ! isset($comment_date_gmt) ) 90 $comment_date_gmt = gmdate('Y-m-d H:i:s', strtotime($comment_date) ); 91 if ( ! isset($comment_parent) ) 92 $comment_parent = 0; 93 if ( ! isset($comment_approved) ) 94 $comment_approved = 1; 95 if ( ! isset($user_id) ) 96 $user_id = 0; 66 // Retrieves comment data given a comment ID or comment object. 67 // Handles comment caching. 68 function &get_comment(&$comment, $output = OBJECT) { 69 global $comment_cache, $wpdb; 97 70 98 $result = $wpdb->query("INSERT INTO $wpdb->comments 99 (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type, comment_parent, user_id) 100 VALUES 101 ('$comment_post_ID', '$comment_author', '$comment_author_email', '$comment_author_url', '$comment_author_IP', '$comment_date', '$comment_date_gmt', '$comment_content', '$comment_approved', '$comment_agent', '$comment_type', '$comment_parent', '$user_id') 102 "); 71 if ( empty($comment) ) 72 return null; 103 73 104 $id = $wpdb->insert_id; 74 if ( is_object($comment) ) { 75 if ( !isset($comment_cache[$comment->comment_ID]) ) 76 $comment_cache[$comment->comment_ID] = &$comment; 77 $_comment = & $comment_cache[$comment->comment_ID]; 78 } else { 79 if ( !isset($comment_cache[$comment]) ) { 80 $_comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment' LIMIT 1"); 81 $comment_cache[$comment->comment_ID] = & $_comment; 82 } else { 83 $_comment = & $comment_cache[$comment]; 84 } 85 } 105 86 106 if ( $comment_approved == 1) { 107 $count = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'"); 108 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = $count WHERE ID = '$comment_post_ID'" ); 87 if ( $output == OBJECT ) { 88 return $_comment; 89 } elseif ( $output == ARRAY_A ) { 90 return get_object_vars($_comment); 91 } elseif ( $output == ARRAY_N ) { 92 return array_values(get_object_vars($_comment)); 93 } else { 94 return $_comment; 109 95 } 110 return $id;111 96 } 112 97 113 function wp_filter_comment($commentdata) { 114 $commentdata['user_id'] = apply_filters('pre_user_id', $commentdata['user_ID']); 115 $commentdata['comment_agent'] = apply_filters('pre_comment_user_agent', $commentdata['comment_agent']); 116 $commentdata['comment_author'] = apply_filters('pre_comment_author_name', $commentdata['comment_author']); 117 $commentdata['comment_content'] = apply_filters('pre_comment_content', $commentdata['comment_content']); 118 $commentdata['comment_author_IP'] = apply_filters('pre_comment_user_ip', $commentdata['comment_author_IP']); 119 $commentdata['comment_author_url'] = apply_filters('pre_comment_author_url', $commentdata['comment_author_url']); 120 $commentdata['comment_author_email'] = apply_filters('pre_comment_author_email', $commentdata['comment_author_email']); 121 $commentdata['filtered'] = true; 122 return $commentdata; 98 // Deprecate in favor of get_comment()? 99 function get_commentdata( $comment_ID, $no_cache = 0, $include_unapproved = false ) { // less flexible, but saves DB queries 100 global $postc, $id, $commentdata, $wpdb; 101 if ($no_cache) { 102 $query = "SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment_ID'"; 103 if (false == $include_unapproved) { 104 $query .= " AND comment_approved = '1'"; 105 } 106 $myrow = $wpdb->get_row($query, ARRAY_A); 107 } else { 108 $myrow['comment_ID'] = $postc->comment_ID; 109 $myrow['comment_post_ID'] = $postc->comment_post_ID; 110 $myrow['comment_author'] = $postc->comment_author; 111 $myrow['comment_author_email'] = $postc->comment_author_email; 112 $myrow['comment_author_url'] = $postc->comment_author_url; 113 $myrow['comment_author_IP'] = $postc->comment_author_IP; 114 $myrow['comment_date'] = $postc->comment_date; 115 $myrow['comment_content'] = $postc->comment_content; 116 $myrow['comment_karma'] = $postc->comment_karma; 117 $myrow['comment_approved'] = $postc->comment_approved; 118 $myrow['comment_type'] = $postc->comment_type; 119 } 120 return $myrow; 123 121 } 124 122 123 function get_lastcommentmodified($timezone = 'server') { 124 global $cache_lastcommentmodified, $pagenow, $wpdb; 125 $add_seconds_blog = get_settings('gmt_offset') * 3600; 126 $add_seconds_server = date('Z'); 127 $now = current_time('mysql', 1); 128 if ( !isset($cache_lastcommentmodified[$timezone]) ) { 129 switch(strtolower($timezone)) { 130 case 'gmt': 131 $lastcommentmodified = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1"); 132 break; 133 case 'blog': 134 $lastcommentmodified = $wpdb->get_var("SELECT comment_date FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1"); 135 break; 136 case 'server': 137 $lastcommentmodified = $wpdb->get_var("SELECT DATE_ADD(comment_date_gmt, INTERVAL '$add_seconds_server' SECOND) FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1"); 138 break; 139 } 140 $cache_lastcommentmodified[$timezone] = $lastcommentmodified; 141 } else { 142 $lastcommentmodified = $cache_lastcommentmodified[$timezone]; 143 } 144 return $lastcommentmodified; 145 } 146 125 147 function wp_allow_comment($commentdata) { 126 148 global $wpdb; 127 149 extract($commentdata); … … 171 193 return $approved; 172 194 } 173 195 174 175 function wp_update_comment($commentarr) {176 global $wpdb;177 178 // First, get all of the original fields179 $comment = get_comment($commentarr['comment_ID'], ARRAY_A);180 181 // Escape data pulled from DB.182 foreach ($comment as $key => $value)183 $comment[$key] = $wpdb->escape($value);184 185 // Merge old and new fields with new fields overwriting old ones.186 $commentarr = array_merge($comment, $commentarr);187 188 $commentarr = wp_filter_comment( $commentarr );189 190 // Now extract the merged array.191 extract($commentarr);192 193 $comment_content = apply_filters('comment_save_pre', $comment_content);194 195 $result = $wpdb->query(196 "UPDATE $wpdb->comments SET197 comment_content = '$comment_content',198 comment_author = '$comment_author',199 comment_author_email = '$comment_author_email',200 comment_approved = '$comment_approved',201 comment_author_url = '$comment_author_url',202 comment_date = '$comment_date'203 WHERE comment_ID = $comment_ID" );204 205 $rval = $wpdb->rows_affected;206 207 $c = $wpdb->get_row( "SELECT count(*) as c FROM {$wpdb->comments} WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'" );208 if( is_object( $c ) )209 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = '$c->c' WHERE ID = '$comment_post_ID'" );210 211 do_action('edit_comment', $comment_ID);212 213 return $rval;214 }215 216 196 function wp_delete_comment($comment_id) { 217 197 global $wpdb; 218 198 do_action('delete_comment', $comment_id); … … 230 210 return true; 231 211 } 232 212 233 function get_comments_number( $post_id = 0 ) { 234 global $wpdb, $comment_count_cache, $id; 235 $post_id = (int) $post_id; 213 function wp_get_comment_status($comment_id) { 214 global $wpdb; 236 215 237 if ( !$post_id ) 238 $post_id = $id; 239 240 if ( !isset($comment_count_cache[$post_id]) ) 241 $comment_count_cache[$id] = $wpdb->get_var("SELECT comment_count FROM $wpdb->posts WHERE ID = '$post_id'"); 242 243 return apply_filters('get_comments_number', $comment_count_cache[$post_id]); 244 } 245 246 function comments_number( $zero = 'No Comments', $one = '1 Comment', $more = '% Comments', $number = '' ) { 247 global $id, $comment; 248 $number = get_comments_number( $id ); 249 if ($number == 0) { 250 $blah = $zero; 251 } elseif ($number == 1) { 252 $blah = $one; 253 } elseif ($number > 1) { 254 $blah = str_replace('%', $number, $more); 216 $result = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1"); 217 if ($result == NULL) { 218 return 'deleted'; 219 } else if ($result == '1') { 220 return 'approved'; 221 } else if ($result == '0') { 222 return 'unapproved'; 223 } else if ($result == 'spam') { 224 return 'spam'; 225 } else { 226 return false; 255 227 } 256 echo apply_filters('comments_number', $blah);257 228 } 258 229 259 function get_comments_link() {260 return get_permalink() . '#comments';261 } 230 function wp_insert_comment($commentdata) { 231 global $wpdb; 232 extract($commentdata); 262 233 263 function get_comment_link() { 264 global $comment; 265 return get_permalink( $comment->comment_post_ID ) . '#comment-' . $comment->comment_ID; 266 } 234 if ( ! isset($comment_author_IP) ) 235 $comment_author_IP = $_SERVER['REMOTE_ADDR']; 236 if ( ! isset($comment_date) ) 237 $comment_date = current_time('mysql'); 238 if ( ! isset($comment_date_gmt) ) 239 $comment_date_gmt = gmdate('Y-m-d H:i:s', strtotime($comment_date) ); 240 if ( ! isset($comment_parent) ) 241 $comment_parent = 0; 242 if ( ! isset($comment_approved) ) 243 $comment_approved = 1; 244 if ( ! isset($user_id) ) 245 $user_id = 0; 267 246 268 function comments_link( $file = '', $echo = true ) { 269 echo get_comments_link(); 270 } 247 $result = $wpdb->query("INSERT INTO $wpdb->comments 248 (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type, comment_parent, user_id) 249 VALUES 250 ('$comment_post_ID', '$comment_author', '$comment_author_email', '$comment_author_url', '$comment_author_IP', '$comment_date', '$comment_date_gmt', '$comment_content', '$comment_approved', '$comment_agent', '$comment_type', '$comment_parent', '$user_id') 251 "); 271 252 272 function comments_popup_script($width=400, $height=400, $file='') { 273 global $wpcommentspopupfile, $wptrackbackpopupfile, $wppingbackpopupfile, $wpcommentsjavascript; 253 $id = $wpdb->insert_id; 274 254 275 if (empty ($file)) { 276 $wpcommentspopupfile = ''; // Use the index. 277 } else { 278 $wpcommentspopupfile = $file; 279 } 280 281 $wpcommentsjavascript = 1; 282 $javascript = "<script type='text/javascript'>\nfunction wpopen (macagna) {\n window.open(macagna, '_blank', 'width=$width,height=$height,scrollbars=yes,status=yes');\n}\n</script>\n"; 283 echo $javascript; 284 } 285 286 function comments_popup_link($zero='No Comments', $one='1 Comment', $more='% Comments', $CSSclass='', $none='Comments Off') { 287 global $id, $wpcommentspopupfile, $wpcommentsjavascript, $post, $wpdb; 288 global $comment_count_cache; 289 290 if (! is_single() && ! is_page()) { 291 if ( !isset($comment_count_cache[$id]) ) 292 $comment_count_cache[$id] = $wpdb->get_var("SELECT COUNT(comment_ID) FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved = '1';"); 293 294 $number = $comment_count_cache[$id]; 295 296 if (0 == $number && 'closed' == $post->comment_status && 'closed' == $post->ping_status) { 297 echo $none; 298 return; 299 } else { 300 if (!empty($post->post_password)) { // if there's a password 301 if ($_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password) { // and it doesn't match the cookie 302 echo(__('Enter your password to view comments')); 303 return; 304 } 305 } 306 echo '<a href="'; 307 if ($wpcommentsjavascript) { 308 if ( empty($wpcommentspopupfile) ) 309 $home = get_settings('home'); 310 else 311 $home = get_settings('siteurl'); 312 echo $home . '/' . $wpcommentspopupfile.'?comments_popup='.$id; 313 echo '" onclick="wpopen(this.href); return false"'; 314 } else { // if comments_popup_script() is not in the template, display simple comment link 315 if ( 0 == $number ) 316 echo get_permalink() . '#respond'; 317 else 318 comments_link(); 319 echo '"'; 320 } 321 if (!empty($CSSclass)) { 322 echo ' class="'.$CSSclass.'"'; 323 } 324 echo ' title="' . sprintf( __('Comment on %s'), $post->post_title ) .'">'; 325 comments_number($zero, $one, $more, $number); 326 echo '</a>'; 255 if ( $comment_approved == 1) { 256 $count = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'"); 257 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = $count WHERE ID = '$comment_post_ID'" ); 327 258 } 328 }259 return $id; 329 260 } 330 261 331 function get_comment_ID() { 332 global $comment; 333 return apply_filters('get_comment_ID', $comment->comment_ID); 262 function wp_filter_comment($commentdata) { 263 $commentdata['user_id'] = apply_filters('pre_user_id', $commentdata['user_ID']); 264 $commentdata['comment_agent'] = apply_filters('pre_comment_user_agent', $commentdata['comment_agent']); 265 $commentdata['comment_author'] = apply_filters('pre_comment_author_name', $commentdata['comment_author']); 266 $commentdata['comment_content'] = apply_filters('pre_comment_content', $commentdata['comment_content']); 267 $commentdata['comment_author_IP'] = apply_filters('pre_comment_user_ip', $commentdata['comment_author_IP']); 268 $commentdata['comment_author_url'] = apply_filters('pre_comment_author_url', $commentdata['comment_author_url']); 269 $commentdata['comment_author_email'] = apply_filters('pre_comment_author_email', $commentdata['comment_author_email']); 270 $commentdata['filtered'] = true; 271 return $commentdata; 334 272 } 335 273 336 function comment_ID() { 337 echo get_comment_ID(); 338 } 274 function wp_new_comment( $commentdata ) { 275 $commentdata = apply_filters('preprocess_comment', $commentdata); 339 276 340 function get_comment_author() { 341 global $comment; 342 if ( empty($comment->comment_author) ) 343 $author = __('Anonymous'); 344 else 345 $author = $comment->comment_author; 346 return apply_filters('get_comment_author', $author); 347 } 277 $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID']; 278 $commentdata['user_ID'] = (int) $commentdata['user_ID']; 348 279 349 function comment_author() { 350 $author = apply_filters('comment_author', get_comment_author() ); 351 echo $author; 352 } 280 $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR']; 281 $commentdata['comment_agent'] = $_SERVER['HTTP_USER_AGENT']; 353 282 354 function get_comment_author_email() { 355 global $comment; 356 return apply_filters('get_comment_author_email', $comment->comment_author_email); 357 } 283 $commentdata['comment_date'] = current_time('mysql'); 284 $commentdata['comment_date_gmt'] = current_time('mysql', 1); 358 285 359 function comment_author_email() {360 echo apply_filters('author_email', get_comment_author_email() );361 }362 286 363 function get_comment_author_link() { 364 global $comment; 365 $url = get_comment_author_url(); 366 $author = get_comment_author(); 287 $commentdata = wp_filter_comment($commentdata); 367 288 368 if ( empty( $url ) || 'http://' == $url ) 369 $return = $author; 370 else 371 $return = "<a href='$url' rel='external nofollow'>$author</a>"; 372 return apply_filters('get_comment_author_link', $return); 373 } 289 $commentdata['comment_approved'] = wp_allow_comment($commentdata); 374 290 375 function comment_author_link() { 376 echo get_comment_author_link(); 377 } 291 $comment_ID = wp_insert_comment($commentdata); 378 292 379 function get_comment_type() { 380 global $comment; 293 do_action('comment_post', $comment_ID, $commentdata['comment_approved']); 381 294 382 if ( '' == $comment->comment_type ) 383 $comment->comment_type = 'comment'; 295 if ( 'spam' !== $commentdata['comment_approved'] ) { // If it's spam save it silently for later crunching 296 if ( '0' == $commentdata['comment_approved'] ) 297 wp_notify_moderator($comment_ID); 384 298 385 return apply_filters('get_comment_type', $comment->comment_type); 386 } 299 $post = &get_post($commentdata['comment_post_ID']); // Don't notify if it's your own comment 387 300 388 function comment_type($commenttxt = 'Comment', $trackbacktxt = 'Trackback', $pingbacktxt = 'Pingback') { 389 $type = get_comment_type(); 390 switch( $type ) { 391 case 'trackback' : 392 echo $trackbacktxt; 393 break; 394 case 'pingback' : 395 echo $pingbacktxt; 396 break; 397 default : 398 echo $commenttxt; 301 if ( get_settings('comments_notify') && $commentdata['comment_approved'] && $post->post_author != $commentdata['user_ID'] ) 302 wp_notify_postauthor($comment_ID, $commentdata['comment_type']); 399 303 } 400 }401 304 402 function get_comment_author_url() { 403 global $comment; 404 return apply_filters('get_comment_author_url', $comment->comment_author_url); 305 return $comment_ID; 405 306 } 406 307 407 function comment_author_url() { 408 echo apply_filters('comment_url', get_comment_author_url()); 409 } 308 function wp_set_comment_status($comment_id, $comment_status) { 309 global $wpdb; 410 310 411 function comment_author_email_link($linktext='', $before='', $after='') { 412 global $comment; 413 $email = apply_filters('comment_email', $comment->comment_author_email); 414 if ((!empty($email)) && ($email != '@')) { 415 $display = ($linktext != '') ? $linktext : $email; 416 echo $before; 417 echo "<a href='mailto:$email'>$display</a>"; 418 echo $after; 419 } 420 } 311 switch($comment_status) { 312 case 'hold': 313 $query = "UPDATE $wpdb->comments SET comment_approved='0' WHERE comment_ID='$comment_id' LIMIT 1"; 314 break; 315 case 'approve': 316 $query = "UPDATE $wpdb->comments SET comment_approved='1' WHERE comment_ID='$comment_id' LIMIT 1"; 317 break; 318 case 'spam': 319 $query = "UPDATE $wpdb->comments SET comment_approved='spam' WHERE comment_ID='$comment_id' LIMIT 1"; 320 break; 321 case 'delete': 322 return wp_delete_comment($comment_id); 323 break; 324 default: 325 return false; 326 } 327 328 if ($wpdb->query($query)) { 329 do_action('wp_set_comment_status', $comment_id, $comment_status); 421 330 422 function get_comment_author_url_link( $linktext = '', $before = '', $after = '' ) { 423 global $comment; 424 $url = get_comment_author_url(); 425 $display = ($linktext != '') ? $linktext : $url; 426 $return = "$before<a href='$url' rel='external'>$display</a>$after"; 427 return apply_filters('get_comment_author_url_link', $return); 331 $comment = get_comment($comment_id); 332 $comment_post_ID = $comment->comment_post_ID; 333 $c = $wpdb->get_row( "SELECT count(*) as c FROM {$wpdb->comments} WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'" ); 334 if( is_object( $c ) ) 335 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = '$c->c' WHERE ID = '$comment_post_ID'" ); 336 return true; 337 } else { 338 return false; 339 } 428 340 } 429 341 430 function comment_author_url_link( $linktext = '', $before = '', $after = '' ) { 431 echo get_comment_author_url_link( $linktext, $before, $after ); 432 } 342 function wp_update_comment($commentarr) { 343 global $wpdb; 433 344 434 function get_comment_author_IP() { 435 global $comment; 436 return apply_filters('get_comment_author_IP', $comment->comment_author_IP); 437 } 345 // First, get all of the original fields 346 $comment = get_comment($commentarr['comment_ID'], ARRAY_A); 438 347 439 function comment_author_IP() { 440 echo get_comment_author_IP();441 } 348 // Escape data pulled from DB. 349 foreach ($comment as $key => $value) 350 $comment[$key] = $wpdb->escape($value); 442 351 443 function get_comment_text() { 444 global $comment; 445 return apply_filters('get_comment_text', $comment->comment_content); 446 } 352 // Merge old and new fields with new fields overwriting old ones. 353 $commentarr = array_merge($comment, $commentarr); 447 354 448 function comment_text() { 449 echo apply_filters('comment_text', get_comment_text() ); 450 } 355 $commentarr = wp_filter_comment( $commentarr ); 451 356 452 function get_comment_excerpt() { 453 global $comment; 454 $comment_text = strip_tags($comment->comment_content); 455 $blah = explode(' ', $comment_text); 456 if (count($blah) > 20) { 457 $k = 20; 458 $use_dotdotdot = 1; 459 } else { 460 $k = count($blah); 461 $use_dotdotdot = 0; 462 } 463 $excerpt = ''; 464 for ($i=0; $i<$k; $i++) { 465 $excerpt .= $blah[$i] . ' '; 466 } 467 $excerpt .= ($use_dotdotdot) ? '...' : ''; 468 return apply_filters('get_comment_excerpt', $excerpt); 469 } 357 // Now extract the merged array. 358 extract($commentarr); 470 359 471 function comment_excerpt() { 472 echo apply_filters('comment_excerpt', get_comment_excerpt() ); 473 } 360 $comment_content = apply_filters('comment_save_pre', $comment_content); 474 361 475 function get_comment_date( $d = '' ) { 476 global $comment; 477 if ( '' == $d ) 478 $date = mysql2date( get_settings('date_format'), $comment->comment_date); 479 else 480 $date = mysql2date($d, $comment->comment_date); 481 return apply_filters('get_comment_date', $date); 482 } 362 $result = $wpdb->query( 363 "UPDATE $wpdb->comments SET 364 comment_content = '$comment_content', 365 comment_author = '$comment_author', 366 comment_author_email = '$comment_author_email', 367 comment_approved = '$comment_approved', 368 comment_author_url = '$comment_author_url', 369 comment_date = '$comment_date' 370 WHERE comment_ID = $comment_ID" ); 483 371 484 function comment_date( $d = '' ) { 485 echo get_comment_date( $d ); 486 } 372 $rval = $wpdb->rows_affected; 487 373 488 function get_comment_time( $d = '', $gmt = false ) { 489 global $comment; 490 $comment_date = $gmt? $comment->comment_date_gmt : $comment->comment_date; 491 if ( '' == $d ) 492 $date = mysql2date(get_settings('time_format'), $comment_date); 493 else 494 $date = mysql2date($d, $comment_date); 495 return apply_filters('get_comment_time', $date); 496 } 374 $c = $wpdb->get_row( "SELECT count(*) as c FROM {$wpdb->comments} WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'" ); 375 if( is_object( $c ) ) 376 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = '$c->c' WHERE ID = '$comment_post_ID'" ); 497 377 498 function comment_time( $d = '' ) { 499 echo get_comment_time($d); 500 } 378 do_action('edit_comment', $comment_ID); 501 379 502 function get_trackback_url() { 503 global $id; 504 $tb_url = get_settings('siteurl') . '/wp-trackback.php?p=' . $id; 505 506 if ( '' != get_settings('permalink_structure') ) 507 $tb_url = trailingslashit(get_permalink()) . 'trackback/'; 508 509 return $tb_url; 380 return $rval; 510 381 } 511 function trackback_url( $display = true ) {512 if ( $display)513 echo get_trackback_url();514 else515 return get_trackback_url();516 }517 382 518 function trackback_rdf($timezone = 0) {519 global $id;520 if (!stristr($_SERVER['HTTP_USER_AGENT'], 'W3C_Validator')) {521 echo '<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"522 xmlns:dc="http://purl.org/dc/elements/1.1/"523 xmlns:trackback="http://madskills.com/public/xml/rss/module/trackback/">524 <rdf:Description rdf:about="';525 the_permalink();526 echo '"'."\n";527 echo ' dc:identifier="';528 the_permalink();529 echo '"'."\n";530 echo ' dc:title="'.str_replace('--', '--', wptexturize(strip_tags(get_the_title()))).'"'."\n";531 echo ' trackback:ping="'.trackback_url(0).'"'." />\n";532 echo '</rdf:RDF>';533 }534 }535 536 function comments_open() {537 global $post;538 if ( 'open' == $post->comment_status )539 return true;540 else541 return false;542 }543 544 function pings_open() {545 global $post;546 if ( 'open' == $post->ping_status )547 return true;548 else549 return false;550 }551 552 // Non-template functions553 554 function get_lastcommentmodified($timezone = 'server') {555 global $cache_lastcommentmodified, $pagenow, $wpdb;556 $add_seconds_blog = get_settings('gmt_offset') * 3600;557 $add_seconds_server = date('Z');558 $now = current_time('mysql', 1);559 if ( !isset($cache_lastcommentmodified[$timezone]) ) {560 switch(strtolower($timezone)) {561 case 'gmt':562 $lastcommentmodified = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");563 break;564 case 'blog':565 $lastcommentmodified = $wpdb->get_var("SELECT comment_date FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");566 break;567 case 'server':568 $lastcommentmodified = $wpdb->get_var("SELECT DATE_ADD(comment_date_gmt, INTERVAL '$add_seconds_server' SECOND) FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");569 break;570 }571 $cache_lastcommentmodified[$timezone] = $lastcommentmodified;572 } else {573 $lastcommentmodified = $cache_lastcommentmodified[$timezone];574 }575 return $lastcommentmodified;576 }577 578 function get_commentdata( $comment_ID, $no_cache = 0, $include_unapproved = false ) { // less flexible, but saves DB queries579 global $postc, $id, $commentdata, $wpdb;580 if ($no_cache) {581 $query = "SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment_ID'";582 if (false == $include_unapproved) {583 $query .= " AND comment_approved = '1'";584 }585 $myrow = $wpdb->get_row($query, ARRAY_A);586 } else {587 $myrow['comment_ID'] = $postc->comment_ID;588 $myrow['comment_post_ID'] = $postc->comment_post_ID;589 $myrow['comment_author'] = $postc->comment_author;590 $myrow['comment_author_email'] = $postc->comment_author_email;591 $myrow['comment_author_url'] = $postc->comment_author_url;592 $myrow['comment_author_IP'] = $postc->comment_author_IP;593 $myrow['comment_date'] = $postc->comment_date;594 $myrow['comment_content'] = $postc->comment_content;595 $myrow['comment_karma'] = $postc->comment_karma;596 $myrow['comment_approved'] = $postc->comment_approved;597 $myrow['comment_type'] = $postc->comment_type;598 }599 return $myrow;600 }601 602 383 function pingback($content, $post_ID) { 603 384 global $wp_version, $wpdb; 604 385 include_once (ABSPATH . WPINC . '/class-IXR.php'); … … 782 563 return false; 783 564 } 784 565 785 function wp_set_comment_status($comment_id, $comment_status) {786 global $wpdb;787 788 switch($comment_status) {789 case 'hold':790 $query = "UPDATE $wpdb->comments SET comment_approved='0' WHERE comment_ID='$comment_id' LIMIT 1";791 break;792 case 'approve':793 $query = "UPDATE $wpdb->comments SET comment_approved='1' WHERE comment_ID='$comment_id' LIMIT 1";794 break;795 case 'spam':796 $query = "UPDATE $wpdb->comments SET comment_approved='spam' WHERE comment_ID='$comment_id' LIMIT 1";797 break;798 case 'delete':799 return wp_delete_comment($comment_id);800 break;801 default:802 return false;803 }804 805 if ($wpdb->query($query)) {806 do_action('wp_set_comment_status', $comment_id, $comment_status);807 808 $comment = get_comment($comment_id);809 $comment_post_ID = $comment->comment_post_ID;810 $c = $wpdb->get_row( "SELECT count(*) as c FROM {$wpdb->comments} WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'" );811 if( is_object( $c ) )812 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = '$c->c' WHERE ID = '$comment_post_ID'" );813 return true;814 } else {815 return false;816 }817 }818 819 function wp_get_comment_status($comment_id) {820 global $wpdb;821 822 $result = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1");823 if ($result == NULL) {824 return 'deleted';825 } else if ($result == '1') {826 return 'approved';827 } else if ($result == '0') {828 return 'unapproved';829 } else if ($result == 'spam') {830 return 'spam';831 } else {832 return false;833 }834 }835 836 function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $comment_type) {837 global $wpdb;838 839 if (1 == get_settings('comment_moderation')) return false; // If moderation is set to manual840 841 if ( (count(explode('http:', $comment)) - 1) >= get_settings('comment_max_links') )842 return false; // Check # of external links843 844 $mod_keys = trim( get_settings('moderation_keys') );845 if ( !empty($mod_keys) ) {846 $words = explode("\n", $mod_keys );847 848 foreach ($words as $word) {849 $word = trim($word);850 851 // Skip empty lines852 if (empty($word)) { continue; }853 854 // Do some escaping magic so that '#' chars in the855 // spam words don't break things:856 $word = preg_quote($word, '#');857 858 $pattern = "#$word#i";859 if ( preg_match($pattern, $author) ) return false;860 if ( preg_match($pattern, $email) ) return false;861 if ( preg_match($pattern, $url) ) return false;862 if ( preg_match($pattern, $comment) ) return false;863 if ( preg_match($pattern, $user_ip) ) return false;864 if ( preg_match($pattern, $user_agent) ) return false;865 }866 }867 868 // Comment whitelisting:869 if ( 1 == get_settings('comment_whitelist')) {870 if ( 'trackback' == $comment_type || 'pingback' == $comment_type ) { // check if domain is in blogroll871 $uri = parse_url($url);872 $domain = $uri['host'];873 $uri = parse_url( get_option('home') );874 $home_domain = $uri['host'];875 if ( $wpdb->get_var("SELECT link_id FROM $wpdb->links WHERE link_url LIKE ('%$domain%') LIMIT 1") || $domain == $home_domain )876 return true;877 else878 return false;879 } elseif( $author != '' && $email != '' ) {880 $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1");881 if ( ( 1 == $ok_to_comment ) &&882 ( empty($mod_keys) || false === strpos( $email, $mod_keys) ) )883 return true;884 else885 return false;886 } else {887 return false;888 }889 }890 891 return true;892 }893 894 function get_approved_comments($post_id) {895 global $wpdb;896 return $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $post_id AND comment_approved = '1' ORDER BY comment_date");897 }898 899 566 ?> -
wp-includes/functions.php
690 690 } 691 691 } 692 692 693 // Retrieves comment data given a comment ID or comment object.694 // Handles comment caching.695 function &get_comment(&$comment, $output = OBJECT) {696 global $comment_cache, $wpdb;697 698 if ( empty($comment) )699 return null;700 701 if ( is_object($comment) ) {702 if ( !isset($comment_cache[$comment->comment_ID]) )703 $comment_cache[$comment->comment_ID] = &$comment;704 $_comment = & $comment_cache[$comment->comment_ID];705 } else {706 if ( !isset($comment_cache[$comment]) ) {707 $_comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment' LIMIT 1");708 $comment_cache[$comment->comment_ID] = & $_comment;709 } else {710 $_comment = & $comment_cache[$comment];711 }712 }713 714 if ( $output == OBJECT ) {715 return $_comment;716 } elseif ( $output == ARRAY_A ) {717 return get_object_vars($_comment);718 } elseif ( $output == ARRAY_N ) {719 return array_values(get_object_vars($_comment));720 } else {721 return $_comment;722 }723 }724 725 693 function get_catname($cat_ID) { 726 694 $category = &get_category($cat_ID); 727 695 return $category->cat_name; -
wp-includes/comment-functions.php
1 <?php2 3 // Template functions4 5 function comments_template( $file = '/comments.php' ) {6 global $wp_query, $withcomments, $post, $wpdb, $id, $comment, $user_login, $user_ID, $user_identity;7 8 if ( is_single() || is_page() || $withcomments ) :9 $req = get_settings('require_name_email');10 $comment_author = '';11 if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) {12 $comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]);13 $comment_author = stripslashes($comment_author);14 $comment_author = wp_specialchars($comment_author, true);15 }16 $comment_author_email = '';17 if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) {18 $comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]);19 $comment_author_email = stripslashes($comment_author_email);20 $comment_author_email = wp_specialchars($comment_author_email, true);21 }22 $comment_author_url = '';23 if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) {24 $comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]);25 $comment_author_url = stripslashes($comment_author_url);26 $comment_author_url = wp_specialchars($comment_author_url, true);27 }28 29 if ( empty($comment_author) ) {30 $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND comment_approved = '1' ORDER BY comment_date");31 } else {32 $author_db = $wpdb->escape($comment_author);33 $email_db = $wpdb->escape($comment_author_email);34 $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND ( comment_approved = '1' OR ( comment_author = '$author_db' AND comment_author_email = '$email_db' AND comment_approved = '0' ) ) ORDER BY comment_date");35 }36 37 define('COMMENTS_TEMPLATE', true);38 $include = apply_filters('comments_template', TEMPLATEPATH . $file );39 if ( file_exists( $include ) )40 require( $include );41 else42 require( ABSPATH . 'wp-content/themes/default/comments.php');43 44 endif;45 }46 47 function wp_new_comment( $commentdata ) {48 $commentdata = apply_filters('preprocess_comment', $commentdata);49 50 $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];51 $commentdata['user_ID'] = (int) $commentdata['user_ID'];52 53 $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];54 $commentdata['comment_agent'] = $_SERVER['HTTP_USER_AGENT'];55 56 $commentdata['comment_date'] = current_time('mysql');57 $commentdata['comment_date_gmt'] = current_time('mysql', 1);58 59 60 $commentdata = wp_filter_comment($commentdata);61 62 $commentdata['comment_approved'] = wp_allow_comment($commentdata);63 64 $comment_ID = wp_insert_comment($commentdata);65 66 do_action('comment_post', $comment_ID, $commentdata['comment_approved']);67 68 if ( 'spam' !== $commentdata['comment_approved'] ) { // If it's spam save it silently for later crunching69 if ( '0' == $commentdata['comment_approved'] )70 wp_notify_moderator($comment_ID);71 72 $post = &get_post($commentdata['comment_post_ID']); // Don't notify if it's your own comment73 74 if ( get_settings('comments_notify') && $commentdata['comment_approved'] && $post->post_author != $commentdata['user_ID'] )75 wp_notify_postauthor($comment_ID, $commentdata['comment_type']);76 }77 78 return $comment_ID;79 }80 81 function wp_insert_comment($commentdata) {82 global $wpdb;83 extract($commentdata);84 85 if ( ! isset($comment_author_IP) )86 $comment_author_IP = $_SERVER['REMOTE_ADDR'];87 if ( ! isset($comment_date) )88 $comment_date = current_time('mysql');89 if ( ! isset($comment_date_gmt) )90 $comment_date_gmt = gmdate('Y-m-d H:i:s', strtotime($comment_date) );91 if ( ! isset($comment_parent) )92 $comment_parent = 0;93 if ( ! isset($comment_approved) )94 $comment_approved = 1;95 if ( ! isset($user_id) )96 $user_id = 0;97 98 $result = $wpdb->query("INSERT INTO $wpdb->comments99 (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type, comment_parent, user_id)100 VALUES101 ('$comment_post_ID', '$comment_author', '$comment_author_email', '$comment_author_url', '$comment_author_IP', '$comment_date', '$comment_date_gmt', '$comment_content', '$comment_approved', '$comment_agent', '$comment_type', '$comment_parent', '$user_id')102 ");103 104 $id = $wpdb->insert_id;105 106 if ( $comment_approved == 1) {107 $count = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'");108 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = $count WHERE ID = '$comment_post_ID'" );109 }110 return $id;111 }112 113 function wp_filter_comment($commentdata) {114 $commentdata['user_id'] = apply_filters('pre_user_id', $commentdata['user_ID']);115 $commentdata['comment_agent'] = apply_filters('pre_comment_user_agent', $commentdata['comment_agent']);116 $commentdata['comment_author'] = apply_filters('pre_comment_author_name', $commentdata['comment_author']);117 $commentdata['comment_content'] = apply_filters('pre_comment_content', $commentdata['comment_content']);118 $commentdata['comment_author_IP'] = apply_filters('pre_comment_user_ip', $commentdata['comment_author_IP']);119 $commentdata['comment_author_url'] = apply_filters('pre_comment_author_url', $commentdata['comment_author_url']);120 $commentdata['comment_author_email'] = apply_filters('pre_comment_author_email', $commentdata['comment_author_email']);121 $commentdata['filtered'] = true;122 return $commentdata;123 }124 125 function wp_allow_comment($commentdata) {126 global $wpdb;127 extract($commentdata);128 129 $comment_user_domain = apply_filters('pre_comment_user_domain', gethostbyaddr($comment_author_IP) );130 131 // Simple duplicate check132 $dupe = "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND ( comment_author = '$comment_author' ";133 if ( $comment_author_email )134 $dupe .= "OR comment_author_email = '$comment_author_email' ";135 $dupe .= ") AND comment_content = '$comment_content' LIMIT 1";136 if ( $wpdb->get_var($dupe) )137 die( __('Duplicate comment detected; it looks as though you\'ve already said that!') );138 139 // Simple flood-protection140 if ( $lasttime = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_author_IP = '$comment_author_IP' OR comment_author_email = '$comment_author_email' ORDER BY comment_date DESC LIMIT 1") ) {141 $time_lastcomment = mysql2date('U', $lasttime);142 $time_newcomment = mysql2date('U', $comment_date_gmt);143 if ( ($time_newcomment - $time_lastcomment) < 15 ) {144 do_action('comment_flood_trigger', $time_lastcomment, $time_newcomment);145 die( __('Sorry, you can only post a new comment once every 15 seconds. Slow down cowboy.') );146 }147 }148 149 if ( $user_id ) {150 $userdata = get_userdata($user_id);151 $user = new WP_User($user_id);152 $post_author = $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = '$comment_post_ID' LIMIT 1");153 }154 155 // The author and the admins get respect.156 if ( $userdata && ( $user_id == $post_author || $user->has_cap('level_9') ) ) {157 $approved = 1;158 }159 160 // Everyone else's comments will be checked.161 else {162 if ( check_comment($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent, $comment_type) )163 $approved = 1;164 else165 $approved = 0;166 if ( wp_blacklist_check($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent) )167 $approved = 'spam';168 }169 170 $approved = apply_filters('pre_comment_approved', $approved);171 return $approved;172 }173 174 175 function wp_update_comment($commentarr) {176 global $wpdb;177 178 // First, get all of the original fields179 $comment = get_comment($commentarr['comment_ID'], ARRAY_A);180 181 // Escape data pulled from DB.182 foreach ($comment as $key => $value)183 $comment[$key] = $wpdb->escape($value);184 185 // Merge old and new fields with new fields overwriting old ones.186 $commentarr = array_merge($comment, $commentarr);187 188 $commentarr = wp_filter_comment( $commentarr );189 190 // Now extract the merged array.191 extract($commentarr);192 193 $comment_content = apply_filters('comment_save_pre', $comment_content);194 195 $result = $wpdb->query(196 "UPDATE $wpdb->comments SET197 comment_content = '$comment_content',198 comment_author = '$comment_author',199 comment_author_email = '$comment_author_email',200 comment_approved = '$comment_approved',201 comment_author_url = '$comment_author_url',202 comment_date = '$comment_date'203 WHERE comment_ID = $comment_ID" );204 205 $rval = $wpdb->rows_affected;206 207 $c = $wpdb->get_row( "SELECT count(*) as c FROM {$wpdb->comments} WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'" );208 if( is_object( $c ) )209 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = '$c->c' WHERE ID = '$comment_post_ID'" );210 211 do_action('edit_comment', $comment_ID);212 213 return $rval;214 }215 216 function wp_delete_comment($comment_id) {217 global $wpdb;218 do_action('delete_comment', $comment_id);219 220 $comment = get_comment($comment_id);221 222 if ( ! $wpdb->query("DELETE FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1") )223 return false;224 225 $post_id = $comment->comment_post_ID;226 if ( $post_id && $comment->comment_approved == 1 )227 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = comment_count - 1 WHERE ID = '$post_id'" );228 229 do_action('wp_set_comment_status', $comment_id, 'delete');230 return true;231 }232 233 function get_comments_number( $post_id = 0 ) {234 global $wpdb, $comment_count_cache, $id;235 $post_id = (int) $post_id;236 237 if ( !$post_id )238 $post_id = $id;239 240 if ( !isset($comment_count_cache[$post_id]) )241 $comment_count_cache[$id] = $wpdb->get_var("SELECT comment_count FROM $wpdb->posts WHERE ID = '$post_id'");242 243 return apply_filters('get_comments_number', $comment_count_cache[$post_id]);244 }245 246 function comments_number( $zero = 'No Comments', $one = '1 Comment', $more = '% Comments', $number = '' ) {247 global $id, $comment;248 $number = get_comments_number( $id );249 if ($number == 0) {250 $blah = $zero;251 } elseif ($number == 1) {252 $blah = $one;253 } elseif ($number > 1) {254 $blah = str_replace('%', $number, $more);255 }256 echo apply_filters('comments_number', $blah);257 }258 259 function get_comments_link() {260 return get_permalink() . '#comments';261 }262 263 function get_comment_link() {264 global $comment;265 return get_permalink( $comment->comment_post_ID ) . '#comment-' . $comment->comment_ID;266 }267 268 function comments_link( $file = '', $echo = true ) {269 echo get_comments_link();270 }271 272 function comments_popup_script($width=400, $height=400, $file='') {273 global $wpcommentspopupfile, $wptrackbackpopupfile, $wppingbackpopupfile, $wpcommentsjavascript;274 275 if (empty ($file)) {276 $wpcommentspopupfile = ''; // Use the index.277 } else {278 $wpcommentspopupfile = $file;279 }280 281 $wpcommentsjavascript = 1;282 $javascript = "<script type='text/javascript'>\nfunction wpopen (macagna) {\n window.open(macagna, '_blank', 'width=$width,height=$height,scrollbars=yes,status=yes');\n}\n</script>\n";283 echo $javascript;284 }285 286 function comments_popup_link($zero='No Comments', $one='1 Comment', $more='% Comments', $CSSclass='', $none='Comments Off') {287 global $id, $wpcommentspopupfile, $wpcommentsjavascript, $post, $wpdb;288 global $comment_count_cache;289 290 if (! is_single() && ! is_page()) {291 if ( !isset($comment_count_cache[$id]) )292 $comment_count_cache[$id] = $wpdb->get_var("SELECT COUNT(comment_ID) FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved = '1';");293 294 $number = $comment_count_cache[$id];295 296 if (0 == $number && 'closed' == $post->comment_status && 'closed' == $post->ping_status) {297 echo $none;298 return;299 } else {300 if (!empty($post->post_password)) { // if there's a password301 if ($_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password) { // and it doesn't match the cookie302 echo(__('Enter your password to view comments'));303 return;304 }305 }306 echo '<a href="';307 if ($wpcommentsjavascript) {308 if ( empty($wpcommentspopupfile) )309 $home = get_settings('home');310 else311 $home = get_settings('siteurl');312 echo $home . '/' . $wpcommentspopupfile.'?comments_popup='.$id;313 echo '" onclick="wpopen(this.href); return false"';314 } else { // if comments_popup_script() is not in the template, display simple comment link315 if ( 0 == $number )316 echo get_permalink() . '#respond';317 else318 comments_link();319 echo '"';320 }321 if (!empty($CSSclass)) {322 echo ' class="'.$CSSclass.'"';323 }324 echo ' title="' . sprintf( __('Comment on %s'), $post->post_title ) .'">';325 comments_number($zero, $one, $more, $number);326 echo '</a>';327 }328 }329 }330 331 function get_comment_ID() {332 global $comment;333 return apply_filters('get_comment_ID', $comment->comment_ID);334 }335 336 function comment_ID() {337 echo get_comment_ID();338 }339 340 function get_comment_author() {341 global $comment;342 if ( empty($comment->comment_author) )343 $author = __('Anonymous');344 else345 $author = $comment->comment_author;346 return apply_filters('get_comment_author', $author);347 }348 349 function comment_author() {350 $author = apply_filters('comment_author', get_comment_author() );351 echo $author;352 }353 354 function get_comment_author_email() {355 global $comment;356 return apply_filters('get_comment_author_email', $comment->comment_author_email);357 }358 359 function comment_author_email() {360 echo apply_filters('author_email', get_comment_author_email() );361 }362 363 function get_comment_author_link() {364 global $comment;365 $url = get_comment_author_url();366 $author = get_comment_author();367 368 if ( empty( $url ) || 'http://' == $url )369 $return = $author;370 else371 $return = "<a href='$url' rel='external nofollow'>$author</a>";372 return apply_filters('get_comment_author_link', $return);373 }374 375 function comment_author_link() {376 echo get_comment_author_link();377 }378 379 function get_comment_type() {380 global $comment;381 382 if ( '' == $comment->comment_type )383 $comment->comment_type = 'comment';384 385 return apply_filters('get_comment_type', $comment->comment_type);386 }387 388 function comment_type($commenttxt = 'Comment', $trackbacktxt = 'Trackback', $pingbacktxt = 'Pingback') {389 $type = get_comment_type();390 switch( $type ) {391 case 'trackback' :392 echo $trackbacktxt;393 break;394 case 'pingback' :395 echo $pingbacktxt;396 break;397 default :398 echo $commenttxt;399 }400 }401 402 function get_comment_author_url() {403 global $comment;404 return apply_filters('get_comment_author_url', $comment->comment_author_url);405 }406 407 function comment_author_url() {408 echo apply_filters('comment_url', get_comment_author_url());409 }410 411 function comment_author_email_link($linktext='', $before='', $after='') {412 global $comment;413 $email = apply_filters('comment_email', $comment->comment_author_email);414 if ((!empty($email)) && ($email != '@')) {415 $display = ($linktext != '') ? $linktext : $email;416 echo $before;417 echo "<a href='mailto:$email'>$display</a>";418 echo $after;419 }420 }421 422 function get_comment_author_url_link( $linktext = '', $before = '', $after = '' ) {423 global $comment;424 $url = get_comment_author_url();425 $display = ($linktext != '') ? $linktext : $url;426 $return = "$before<a href='$url' rel='external'>$display</a>$after";427 return apply_filters('get_comment_author_url_link', $return);428 }429 430 function comment_author_url_link( $linktext = '', $before = '', $after = '' ) {431 echo get_comment_author_url_link( $linktext, $before, $after );432 }433 434 function get_comment_author_IP() {435 global $comment;436 return apply_filters('get_comment_author_IP', $comment->comment_author_IP);437 }438 439 function comment_author_IP() {440 echo get_comment_author_IP();441 }442 443 function get_comment_text() {444 global $comment;445 return apply_filters('get_comment_text', $comment->comment_content);446 }447 448 function comment_text() {449 echo apply_filters('comment_text', get_comment_text() );450 }451 452 function get_comment_excerpt() {453 global $comment;454 $comment_text = strip_tags($comment->comment_content);455 $blah = explode(' ', $comment_text);456 if (count($blah) > 20) {457 $k = 20;458 $use_dotdotdot = 1;459 } else {460 $k = count($blah);461 $use_dotdotdot = 0;462 }463 $excerpt = '';464 for ($i=0; $i<$k; $i++) {465 $excerpt .= $blah[$i] . ' ';466 }467 $excerpt .= ($use_dotdotdot) ? '...' : '';468 return apply_filters('get_comment_excerpt', $excerpt);469 }470 471 function comment_excerpt() {472 echo apply_filters('comment_excerpt', get_comment_excerpt() );473 }474 475 function get_comment_date( $d = '' ) {476 global $comment;477 if ( '' == $d )478 $date = mysql2date( get_settings('date_format'), $comment->comment_date);479 else480 $date = mysql2date($d, $comment->comment_date);481 return apply_filters('get_comment_date', $date);482 }483 484 function comment_date( $d = '' ) {485 echo get_comment_date( $d );486 }487 488 function get_comment_time( $d = '', $gmt = false ) {489 global $comment;490 $comment_date = $gmt? $comment->comment_date_gmt : $comment->comment_date;491 if ( '' == $d )492 $date = mysql2date(get_settings('time_format'), $comment_date);493 else494 $date = mysql2date($d, $comment_date);495 return apply_filters('get_comment_time', $date);496 }497 498 function comment_time( $d = '' ) {499 echo get_comment_time($d);500 }501 502 function get_trackback_url() {503 global $id;504 $tb_url = get_settings('siteurl') . '/wp-trackback.php?p=' . $id;505 506 if ( '' != get_settings('permalink_structure') )507 $tb_url = trailingslashit(get_permalink()) . 'trackback/';508 509 return $tb_url;510 }511 function trackback_url( $display = true ) {512 if ( $display)513 echo get_trackback_url();514 else515 return get_trackback_url();516 }517 518 function trackback_rdf($timezone = 0) {519 global $id;520 if (!stristr($_SERVER['HTTP_USER_AGENT'], 'W3C_Validator')) {521 echo '<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"522 xmlns:dc="http://purl.org/dc/elements/1.1/"523 xmlns:trackback="http://madskills.com/public/xml/rss/module/trackback/">524 <rdf:Description rdf:about="';525 the_permalink();526 echo '"'."\n";527 echo ' dc:identifier="';528 the_permalink();529 echo '"'."\n";530 echo ' dc:title="'.str_replace('--', '--', wptexturize(strip_tags(get_the_title()))).'"'."\n";531 echo ' trackback:ping="'.trackback_url(0).'"'." />\n";532 echo '</rdf:RDF>';533 }534 }535 536 function comments_open() {537 global $post;538 if ( 'open' == $post->comment_status )539 return true;540 else541 return false;542 }543 544 function pings_open() {545 global $post;546 if ( 'open' == $post->ping_status )547 return true;548 else549 return false;550 }551 552 // Non-template functions553 554 function get_lastcommentmodified($timezone = 'server') {555 global $cache_lastcommentmodified, $pagenow, $wpdb;556 $add_seconds_blog = get_settings('gmt_offset') * 3600;557 $add_seconds_server = date('Z');558 $now = current_time('mysql', 1);559 if ( !isset($cache_lastcommentmodified[$timezone]) ) {560 switch(strtolower($timezone)) {561 case 'gmt':562 $lastcommentmodified = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");563 break;564 case 'blog':565 $lastcommentmodified = $wpdb->get_var("SELECT comment_date FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");566 break;567 case 'server':568 $lastcommentmodified = $wpdb->get_var("SELECT DATE_ADD(comment_date_gmt, INTERVAL '$add_seconds_server' SECOND) FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");569 break;570 }571 $cache_lastcommentmodified[$timezone] = $lastcommentmodified;572 } else {573 $lastcommentmodified = $cache_lastcommentmodified[$timezone];574 }575 return $lastcommentmodified;576 }577 578 function get_commentdata( $comment_ID, $no_cache = 0, $include_unapproved = false ) { // less flexible, but saves DB queries579 global $postc, $id, $commentdata, $wpdb;580 if ($no_cache) {581 $query = "SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment_ID'";582 if (false == $include_unapproved) {583 $query .= " AND comment_approved = '1'";584 }585 $myrow = $wpdb->get_row($query, ARRAY_A);586 } else {587 $myrow['comment_ID'] = $postc->comment_ID;588 $myrow['comment_post_ID'] = $postc->comment_post_ID;589 $myrow['comment_author'] = $postc->comment_author;590 $myrow['comment_author_email'] = $postc->comment_author_email;591 $myrow['comment_author_url'] = $postc->comment_author_url;592 $myrow['comment_author_IP'] = $postc->comment_author_IP;593 $myrow['comment_date'] = $postc->comment_date;594 $myrow['comment_content'] = $postc->comment_content;595 $myrow['comment_karma'] = $postc->comment_karma;596 $myrow['comment_approved'] = $postc->comment_approved;597 $myrow['comment_type'] = $postc->comment_type;598 }599 return $myrow;600 }601 602 function pingback($content, $post_ID) {603 global $wp_version, $wpdb;604 include_once (ABSPATH . WPINC . '/class-IXR.php');605 606 // original code by Mort (http://mort.mine.nu:8080)607 $log = debug_fopen(ABSPATH . '/pingback.log', 'a');608 $post_links = array();609 debug_fwrite($log, 'BEGIN '.date('YmdHis', time())."\n");610 611 $pung = get_pung($post_ID);612 613 // Variables614 $ltrs = '\w';615 $gunk = '/#~:.?+=&%@!\-';616 $punc = '.:?\-';617 $any = $ltrs . $gunk . $punc;618 619 // Step 1620 // Parsing the post, external links (if any) are stored in the $post_links array621 // This regexp comes straight from phpfreaks.com622 // http://www.phpfreaks.com/quickcode/Extract_All_URLs_on_a_Page/15.php623 preg_match_all("{\b http : [$any] +? (?= [$punc] * [^$any] | $)}x", $content, $post_links_temp);624 625 // Debug626 debug_fwrite($log, 'Post contents:');627 debug_fwrite($log, $content."\n");628 629 // Step 2.630 // Walking thru the links array631 // first we get rid of links pointing to sites, not to specific files632 // Example:633 // http://dummy-weblog.org634 // http://dummy-weblog.org/635 // http://dummy-weblog.org/post.php636 // We don't wanna ping first and second types, even if they have a valid <link/>637 638 foreach($post_links_temp[0] as $link_test) :639 if ( !in_array($link_test, $pung) && (url_to_postid($link_test) != $post_ID) // If we haven't pung it already and it isn't a link to itself640 && !is_local_attachment($link_test) ) : // Also, let's never ping local attachments.641 $test = parse_url($link_test);642 if (isset($test['query']))643 $post_links[] = $link_test;644 elseif(($test['path'] != '/') && ($test['path'] != ''))645 $post_links[] = $link_test;646 endif;647 endforeach;648 649 do_action('pre_ping', array(&$post_links, &$pung));650 651 foreach ($post_links as $pagelinkedto){652 debug_fwrite($log, "Processing -- $pagelinkedto\n");653 $pingback_server_url = discover_pingback_server_uri($pagelinkedto, 2048);654 655 if ($pingback_server_url) {656 @ set_time_limit( 60 );657 // Now, the RPC call658 debug_fwrite($log, "Page Linked To: $pagelinkedto \n");659 debug_fwrite($log, 'Page Linked From: ');660 $pagelinkedfrom = get_permalink($post_ID);661 debug_fwrite($log, $pagelinkedfrom."\n");662 663 // using a timeout of 3 seconds should be enough to cover slow servers664 $client = new IXR_Client($pingback_server_url);665 $client->timeout = 3;666 $client->useragent .= ' -- WordPress/' . $wp_version;667 668 // when set to true, this outputs debug messages by itself669 $client->debug = false;670 671 if ( $client->query('pingback.ping', $pagelinkedfrom, $pagelinkedto ) )672 add_ping( $post_ID, $pagelinkedto );673 else674 debug_fwrite($log, "Error.\n Fault code: ".$client->getErrorCode()." : ".$client->getErrorMessage()."\n");675 }676 }677 678 debug_fwrite($log, "\nEND: ".time()."\n****************************\n");679 debug_fclose($log);680 }681 682 function discover_pingback_server_uri($url, $timeout_bytes = 2048) {683 global $wp_version;684 685 $byte_count = 0;686 $contents = '';687 $headers = '';688 $pingback_str_dquote = 'rel="pingback"';689 $pingback_str_squote = 'rel=\'pingback\'';690 $x_pingback_str = 'x-pingback: ';691 $pingback_href_original_pos = 27;692 693 extract(parse_url($url));694 695 if (!isset($host)) {696 // Not an URL. This should never happen.697 return false;698 }699 700 $path = (!isset($path)) ? '/' : $path;701 $path .= (isset($query)) ? '?'.$query : '';702 $port = (isset($port)) ? $port : 80;703 704 // Try to connect to the server at $host705 $fp = @fsockopen($host, $port, $errno, $errstr, 2);706 if (!$fp) {707 // Couldn't open a connection to $host;708 return false;709 }710 711 // Send the GET request712 $request = "GET $path HTTP/1.1\r\nHost: $host\r\nUser-Agent: WordPress/$wp_version \r\n\r\n";713 // ob_end_flush();714 fputs($fp, $request);715 716 // Let's check for an X-Pingback header first717 while (!feof($fp)) {718 $line = fgets($fp, 512);719 if (trim($line) == '') {720 break;721 }722 $headers .= trim($line)."\n";723 $x_pingback_header_offset = strpos(strtolower($headers), $x_pingback_str);724 if ($x_pingback_header_offset) {725 // We got it!726 preg_match('#x-pingback: (.+)#is', $headers, $matches);727 $pingback_server_url = trim($matches[1]);728 return $pingback_server_url;729 }730 if(strpos(strtolower($headers), 'content-type: ')) {731 preg_match('#content-type: (.+)#is', $headers, $matches);732 $content_type = trim($matches[1]);733 }734 }735 736 if (preg_match('#(image|audio|video|model)/#is', $content_type)) {737 // Not an (x)html, sgml, or xml page, no use going further738 return false;739 }740 741 while (!feof($fp)) {742 $line = fgets($fp, 1024);743 $contents .= trim($line);744 $pingback_link_offset_dquote = strpos($contents, $pingback_str_dquote);745 $pingback_link_offset_squote = strpos($contents, $pingback_str_squote);746 if ($pingback_link_offset_dquote || $pingback_link_offset_squote) {747 $quote = ($pingback_link_offset_dquote) ? '"' : '\'';748 $pingback_link_offset = ($quote=='"') ? $pingback_link_offset_dquote : $pingback_link_offset_squote;749 $pingback_href_pos = @strpos($contents, 'href=', $pingback_link_offset);750 $pingback_href_start = $pingback_href_pos+6;751 $pingback_href_end = @strpos($contents, $quote, $pingback_href_start);752 $pingback_server_url_len = $pingback_href_end - $pingback_href_start;753 $pingback_server_url = substr($contents, $pingback_href_start, $pingback_server_url_len);754 // We may find rel="pingback" but an incomplete pingback URI755 if ($pingback_server_url_len > 0) {756 // We got it!757 return $pingback_server_url;758 }759 }760 $byte_count += strlen($line);761 if ($byte_count > $timeout_bytes) {762 // It's no use going further, there probably isn't any pingback763 // server to find in this file. (Prevents loading large files.)764 return false;765 }766 }767 768 // We didn't find anything.769 return false;770 }771 772 function is_local_attachment($url) {773 if ( !strstr($url, get_bloginfo('home') ) )774 return false;775 if ( strstr($url, get_bloginfo('home') . '/?attachment_id=') )776 return true;777 if ( $id = url_to_postid($url) ) {778 $post = & get_post($id);779 if ( 'attachment' == $post->post_type )780 return true;781 }782 return false;783 }784 785 function wp_set_comment_status($comment_id, $comment_status) {786 global $wpdb;787 788 switch($comment_status) {789 case 'hold':790 $query = "UPDATE $wpdb->comments SET comment_approved='0' WHERE comment_ID='$comment_id' LIMIT 1";791 break;792 case 'approve':793 $query = "UPDATE $wpdb->comments SET comment_approved='1' WHERE comment_ID='$comment_id' LIMIT 1";794 break;795 case 'spam':796 $query = "UPDATE $wpdb->comments SET comment_approved='spam' WHERE comment_ID='$comment_id' LIMIT 1";797 break;798 case 'delete':799 return wp_delete_comment($comment_id);800 break;801 default:802 return false;803 }804 805 if ($wpdb->query($query)) {806 do_action('wp_set_comment_status', $comment_id, $comment_status);807 808 $comment = get_comment($comment_id);809 $comment_post_ID = $comment->comment_post_ID;810 $c = $wpdb->get_row( "SELECT count(*) as c FROM {$wpdb->comments} WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'" );811 if( is_object( $c ) )812 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = '$c->c' WHERE ID = '$comment_post_ID'" );813 return true;814 } else {815 return false;816 }817 }818 819 function wp_get_comment_status($comment_id) {820 global $wpdb;821 822 $result = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1");823 if ($result == NULL) {824 return 'deleted';825 } else if ($result == '1') {826 return 'approved';827 } else if ($result == '0') {828 return 'unapproved';829 } else if ($result == 'spam') {830 return 'spam';831 } else {832 return false;833 }834 }835 836 function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $comment_type) {837 global $wpdb;838 839 if (1 == get_settings('comment_moderation')) return false; // If moderation is set to manual840 841 if ( (count(explode('http:', $comment)) - 1) >= get_settings('comment_max_links') )842 return false; // Check # of external links843 844 $mod_keys = trim( get_settings('moderation_keys') );845 if ( !empty($mod_keys) ) {846 $words = explode("\n", $mod_keys );847 848 foreach ($words as $word) {849 $word = trim($word);850 851 // Skip empty lines852 if (empty($word)) { continue; }853 854 // Do some escaping magic so that '#' chars in the855 // spam words don't break things:856 $word = preg_quote($word, '#');857 858 $pattern = "#$word#i";859 if ( preg_match($pattern, $author) ) return false;860 if ( preg_match($pattern, $email) ) return false;861 if ( preg_match($pattern, $url) ) return false;862 if ( preg_match($pattern, $comment) ) return false;863 if ( preg_match($pattern, $user_ip) ) return false;864 if ( preg_match($pattern, $user_agent) ) return false;865 }866 }867 868 // Comment whitelisting:869 if ( 1 == get_settings('comment_whitelist')) {870 if ( 'trackback' == $comment_type || 'pingback' == $comment_type ) { // check if domain is in blogroll871 $uri = parse_url($url);872 $domain = $uri['host'];873 $uri = parse_url( get_option('home') );874 $home_domain = $uri['host'];875 if ( $wpdb->get_var("SELECT link_id FROM $wpdb->links WHERE link_url LIKE ('%$domain%') LIMIT 1") || $domain == $home_domain )876 return true;877 else878 return false;879 } elseif( $author != '' && $email != '' ) {880 $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1");881 if ( ( 1 == $ok_to_comment ) &&882 ( empty($mod_keys) || false === strpos( $email, $mod_keys) ) )883 return true;884 else885 return false;886 } else {887 return false;888 }889 }890 891 return true;892 }893 894 function get_approved_comments($post_id) {895 global $wpdb;896 return $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $post_id AND comment_approved = '1' ORDER BY comment_date");897 }898 899 ?> -
wp-includes/comment-template.php
1 <?php 2 /* 3 * Comment template functions. 4 */ 5 6 function get_comment_author() { 7 global $comment; 8 if ( empty($comment->comment_author) ) 9 $author = __('Anonymous'); 10 else 11 $author = $comment->comment_author; 12 return apply_filters('get_comment_author', $author); 13 } 14 15 function comment_author() { 16 $author = apply_filters('comment_author', get_comment_author() ); 17 echo $author; 18 } 19 20 function get_comment_author_email() { 21 global $comment; 22 return apply_filters('get_comment_author_email', $comment->comment_author_email); 23 } 24 25 function comment_author_email() { 26 echo apply_filters('author_email', get_comment_author_email() ); 27 } 28 29 function comment_author_email_link($linktext='', $before='', $after='') { 30 global $comment; 31 $email = apply_filters('comment_email', $comment->comment_author_email); 32 if ((!empty($email)) && ($email != '@')) { 33 $display = ($linktext != '') ? $linktext : $email; 34 echo $before; 35 echo "<a href='mailto:$email'>$display</a>"; 36 echo $after; 37 } 38 } 39 40 function get_comment_author_link() { 41 global $comment; 42 $url = get_comment_author_url(); 43 $author = get_comment_author(); 44 45 if ( empty( $url ) || 'http://' == $url ) 46 $return = $author; 47 else 48 $return = "<a href='$url' rel='external nofollow'>$author</a>"; 49 return apply_filters('get_comment_author_link', $return); 50 } 51 52 function comment_author_link() { 53 echo get_comment_author_link(); 54 } 55 56 function get_comment_author_IP() { 57 global $comment; 58 return apply_filters('get_comment_author_IP', $comment->comment_author_IP); 59 } 60 61 function comment_author_IP() { 62 echo get_comment_author_IP(); 63 } 64 65 function get_comment_author_url() { 66 global $comment; 67 return apply_filters('get_comment_author_url', $comment->comment_author_url); 68 } 69 70 function comment_author_url() { 71 echo apply_filters('comment_url', get_comment_author_url()); 72 } 73 74 function get_comment_author_url_link( $linktext = '', $before = '', $after = '' ) { 75 global $comment; 76 $url = get_comment_author_url(); 77 $display = ($linktext != '') ? $linktext : $url; 78 $return = "$before<a href='$url' rel='external'>$display</a>$after"; 79 return apply_filters('get_comment_author_url_link', $return); 80 } 81 82 function comment_author_url_link( $linktext = '', $before = '', $after = '' ) { 83 echo get_comment_author_url_link( $linktext, $before, $after ); 84 } 85 86 function get_comment_date( $d = '' ) { 87 global $comment; 88 if ( '' == $d ) 89 $date = mysql2date( get_settings('date_format'), $comment->comment_date); 90 else 91 $date = mysql2date($d, $comment->comment_date); 92 return apply_filters('get_comment_date', $date); 93 } 94 95 function comment_date( $d = '' ) { 96 echo get_comment_date( $d ); 97 } 98 99 function get_comment_excerpt() { 100 global $comment; 101 $comment_text = strip_tags($comment->comment_content); 102 $blah = explode(' ', $comment_text); 103 if (count($blah) > 20) { 104 $k = 20; 105 $use_dotdotdot = 1; 106 } else { 107 $k = count($blah); 108 $use_dotdotdot = 0; 109 } 110 $excerpt = ''; 111 for ($i=0; $i<$k; $i++) { 112 $excerpt .= $blah[$i] . ' '; 113 } 114 $excerpt .= ($use_dotdotdot) ? '...' : ''; 115 return apply_filters('get_comment_excerpt', $excerpt); 116 } 117 118 function comment_excerpt() { 119 echo apply_filters('comment_excerpt', get_comment_excerpt() ); 120 } 121 122 function get_comment_ID() { 123 global $comment; 124 return apply_filters('get_comment_ID', $comment->comment_ID); 125 } 126 127 function comment_ID() { 128 echo get_comment_ID(); 129 } 130 131 function get_comment_link() { 132 global $comment; 133 return get_permalink( $comment->comment_post_ID ) . '#comment-' . $comment->comment_ID; 134 } 135 136 function get_comments_link() { 137 return get_permalink() . '#comments'; 138 } 139 140 function comments_link( $file = '', $echo = true ) { 141 echo get_comments_link(); 142 } 143 144 function get_comments_number( $post_id = 0 ) { 145 global $wpdb, $comment_count_cache, $id; 146 $post_id = (int) $post_id; 147 148 if ( !$post_id ) 149 $post_id = $id; 150 151 // TODO: Remove SELECT. Use get_post(). 152 if ( !isset($comment_count_cache[$post_id]) ) 153 $comment_count_cache[$id] = $wpdb->get_var("SELECT comment_count FROM $wpdb->posts WHERE ID = '$post_id'"); 154 155 return apply_filters('get_comments_number', $comment_count_cache[$post_id]); 156 } 157 158 function comments_number( $zero = 'No Comments', $one = '1 Comment', $more = '% Comments', $number = '' ) { 159 global $id, $comment; 160 $number = get_comments_number( $id ); 161 if ($number == 0) { 162 $blah = $zero; 163 } elseif ($number == 1) { 164 $blah = $one; 165 } elseif ($number > 1) { 166 $blah = str_replace('%', $number, $more); 167 } 168 echo apply_filters('comments_number', $blah); 169 } 170 171 function get_comment_text() { 172 global $comment; 173 return apply_filters('get_comment_text', $comment->comment_content); 174 } 175 176 function comment_text() { 177 echo apply_filters('comment_text', get_comment_text() ); 178 } 179 180 function get_comment_time( $d = '', $gmt = false ) { 181 global $comment; 182 $comment_date = $gmt? $comment->comment_date_gmt : $comment->comment_date; 183 if ( '' == $d ) 184 $date = mysql2date(get_settings('time_format'), $comment_date); 185 else 186 $date = mysql2date($d, $comment_date); 187 return apply_filters('get_comment_time', $date); 188 } 189 190 function comment_time( $d = '' ) { 191 echo get_comment_time($d); 192 } 193 194 function get_comment_type() { 195 global $comment; 196 197 if ( '' == $comment->comment_type ) 198 $comment->comment_type = 'comment'; 199 200 return apply_filters('get_comment_type', $comment->comment_type); 201 } 202 203 function comment_type($commenttxt = 'Comment', $trackbacktxt = 'Trackback', $pingbacktxt = 'Pingback') { 204 $type = get_comment_type(); 205 switch( $type ) { 206 case 'trackback' : 207 echo $trackbacktxt; 208 break; 209 case 'pingback' : 210 echo $pingbacktxt; 211 break; 212 default : 213 echo $commenttxt; 214 } 215 } 216 217 function get_trackback_url() { 218 global $id; 219 $tb_url = get_settings('siteurl') . '/wp-trackback.php?p=' . $id; 220 221 if ( '' != get_settings('permalink_structure') ) 222 $tb_url = trailingslashit(get_permalink()) . 'trackback/'; 223 224 return $tb_url; 225 } 226 function trackback_url( $display = true ) { 227 if ( $display) 228 echo get_trackback_url(); 229 else 230 return get_trackback_url(); 231 } 232 233 function trackback_rdf($timezone = 0) { 234 global $id; 235 if (!stristr($_SERVER['HTTP_USER_AGENT'], 'W3C_Validator')) { 236 echo '<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 237 xmlns:dc="http://purl.org/dc/elements/1.1/" 238 xmlns:trackback="http://madskills.com/public/xml/rss/module/trackback/"> 239 <rdf:Description rdf:about="'; 240 the_permalink(); 241 echo '"'."\n"; 242 echo ' dc:identifier="'; 243 the_permalink(); 244 echo '"'."\n"; 245 echo ' dc:title="'.str_replace('--', '--', wptexturize(strip_tags(get_the_title()))).'"'."\n"; 246 echo ' trackback:ping="'.trackback_url(0).'"'." />\n"; 247 echo '</rdf:RDF>'; 248 } 249 } 250 251 function comments_open() { 252 global $post; 253 if ( 'open' == $post->comment_status ) 254 return true; 255 else 256 return false; 257 } 258 259 function pings_open() { 260 global $post; 261 if ( 'open' == $post->ping_status ) 262 return true; 263 else 264 return false; 265 } 266 267 function comments_template( $file = '/comments.php' ) { 268 global $wp_query, $withcomments, $post, $wpdb, $id, $comment, $user_login, $user_ID, $user_identity; 269 270 if ( is_single() || is_page() || $withcomments ) : 271 $req = get_settings('require_name_email'); 272 $comment_author = ''; 273 if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) { 274 $comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]); 275 $comment_author = stripslashes($comment_author); 276 $comment_author = wp_specialchars($comment_author, true); 277 } 278 $comment_author_email = ''; 279 if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) { 280 $comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]); 281 $comment_author_email = stripslashes($comment_author_email); 282 $comment_author_email = wp_specialchars($comment_author_email, true); 283 } 284 $comment_author_url = ''; 285 if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) { 286 $comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]); 287 $comment_author_url = stripslashes($comment_author_url); 288 $comment_author_url = wp_specialchars($comment_author_url, true); 289 } 290 291 // TODO: Use API instead of SELECTs. 292 if ( empty($comment_author) ) { 293 $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND comment_approved = '1' ORDER BY comment_date"); 294 } else { 295 $author_db = $wpdb->escape($comment_author); 296 $email_db = $wpdb->escape($comment_author_email); 297 $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND ( comment_approved = '1' OR ( comment_author = '$author_db' AND comment_author_email = '$email_db' AND comment_approved = '0' ) ) ORDER BY comment_date"); 298 } 299 300 define('COMMENTS_TEMPLATE', true); 301 $include = apply_filters('comments_template', TEMPLATEPATH . $file ); 302 if ( file_exists( $include ) ) 303 require( $include ); 304 else 305 require( ABSPATH . 'wp-content/themes/default/comments.php'); 306 307 endif; 308 } 309 310 function comments_popup_script($width=400, $height=400, $file='') { 311 global $wpcommentspopupfile, $wptrackbackpopupfile, $wppingbackpopupfile, $wpcommentsjavascript; 312 313 if (empty ($file)) { 314 $wpcommentspopupfile = ''; // Use the index. 315 } else { 316 $wpcommentspopupfile = $file; 317 } 318 319 $wpcommentsjavascript = 1; 320 $javascript = "<script type='text/javascript'>\nfunction wpopen (macagna) {\n window.open(macagna, '_blank', 'width=$width,height=$height,scrollbars=yes,status=yes');\n}\n</script>\n"; 321 echo $javascript; 322 } 323 324 function comments_popup_link($zero='No Comments', $one='1 Comment', $more='% Comments', $CSSclass='', $none='Comments Off') { 325 global $id, $wpcommentspopupfile, $wpcommentsjavascript, $post, $wpdb; 326 global $comment_count_cache; 327 328 if (! is_single() && ! is_page()) { 329 // TODO: Use API instead of SELECT 330 if ( !isset($comment_count_cache[$id]) ) 331 $comment_count_cache[$id] = $wpdb->get_var("SELECT COUNT(comment_ID) FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved = '1';"); 332 333 $number = $comment_count_cache[$id]; 334 335 if (0 == $number && 'closed' == $post->comment_status && 'closed' == $post->ping_status) { 336 echo $none; 337 return; 338 } else { 339 if (!empty($post->post_password)) { // if there's a password 340 if ($_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password) { // and it doesn't match the cookie 341 echo(__('Enter your password to view comments')); 342 return; 343 } 344 } 345 echo '<a href="'; 346 if ($wpcommentsjavascript) { 347 if ( empty($wpcommentspopupfile) ) 348 $home = get_settings('home'); 349 else 350 $home = get_settings('siteurl'); 351 echo $home . '/' . $wpcommentspopupfile.'?comments_popup='.$id; 352 echo '" onclick="wpopen(this.href); return false"'; 353 } else { // if comments_popup_script() is not in the template, display simple comment link 354 if ( 0 == $number ) 355 echo get_permalink() . '#respond'; 356 else 357 comments_link(); 358 echo '"'; 359 } 360 if (!empty($CSSclass)) { 361 echo ' class="'.$CSSclass.'"'; 362 } 363 echo ' title="' . sprintf( __('Comment on %s'), $post->post_title ) .'">'; 364 comments_number($zero, $one, $more, $number); 365 echo '</a>'; 366 } 367 } 368 } 369 370 ?>
