Index: wp-includes/comment.php =================================================================== --- wp-includes/comment.php (revision 19602) +++ wp-includes/comment.php (working copy) @@ -212,7 +212,8 @@ 'order' => 'DESC', 'parent' => '', 'post_ID' => '', - 'post_id' => 0, + 'post_id' => '', + 'post__in' => '', 'post_author' => '', 'post_name' => '', 'post_parent' => '', @@ -220,9 +221,12 @@ 'post_type' => '', 'status' => '', 'type' => '', + 'unapproved_author' => '', + 'unapproved_author_email' => '', + 'unapproved_user_id' => '', 'user_id' => '', 'search' => '', - 'count' => false + 'count' => false, ); $this->query_vars = wp_parse_args( $query_vars, $defaults ); @@ -242,19 +246,41 @@ return $cache; } + if ( empty( $post_id ) && empty( $post__in ) ) + $post_id = 0; + $post_id = absint($post_id); + $where = ''; + + $show_unapproved = ( '' != $unapproved_user_id || '' !== $unapproved_author || '' != $unapproved_author_email ); + + if ( $show_unapproved ) { + $where .= ' ( '; + } + if ( 'hold' == $status ) - $approved = "comment_approved = '0'"; + $where .= "comment_approved = '0'"; elseif ( 'approve' == $status ) - $approved = "comment_approved = '1'"; + $where .= "comment_approved = '1'"; elseif ( 'spam' == $status ) - $approved = "comment_approved = 'spam'"; + $where .= "comment_approved = 'spam'"; elseif ( 'trash' == $status ) - $approved = "comment_approved = 'trash'"; + $where .= "comment_approved = 'trash'"; else - $approved = "( comment_approved = '0' OR comment_approved = '1' )"; + $where .= "( comment_approved = '0' OR comment_approved = '1' )"; + if ( $show_unapproved ) { + $where .= ' OR ( comment_approved = 0 '; + if ( '' !== $unapproved_author ) + $where .= $wpdb->prepare( ' AND comment_author = %s', $unapproved_author ); + if ( '' !== $unapproved_author_email ) + $where .= $wpdb->prepare( ' AND comment_author_email = %s', $unapproved_author_email ); + if ( '' !== $unapproved_user_id ) + $where .= $wpdb->prepare( ' AND user_id = %d', $unapproved_user_id ); + $where .= ' ) ) '; + } + $order = ( 'ASC' == strtoupper($order) ) ? 'ASC' : 'DESC'; if ( ! empty( $orderby ) ) { @@ -302,10 +328,13 @@ $fields = '*'; $join = ''; - $where = $approved; if ( ! empty($post_id) ) $where .= $wpdb->prepare( ' AND comment_post_ID = %d', $post_id ); + if ( '' != $post__in ) { + $_post__in = implode(',', array_map( 'absint', $post__in )); + $where .= " AND comment_post_ID IN ($_post__in)"; + } if ( '' !== $author_email ) $where .= $wpdb->prepare( ' AND comment_author_email = %s', $author_email ); if ( '' !== $karma ) Index: wp-includes/comment-template.php =================================================================== --- wp-includes/comment-template.php (revision 19602) +++ wp-includes/comment-template.php (working copy) @@ -879,14 +879,20 @@ */ $comment_author_url = esc_url($commenter['comment_author_url']); - /** @todo Use API instead of SELECTs. */ + $query = new WP_Comment_Query; + $args = array( + 'order' => 'ASC', + 'post_id' => $post->ID, + 'status' => 'approve', + ); if ( $user_ID) { - $comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND (comment_approved = '1' OR ( user_id = %d AND comment_approved = '0' ) ) ORDER BY comment_date_gmt", $post->ID, $user_ID)); - } else if ( empty($comment_author) ) { - $comments = get_comments( array('post_id' => $post->ID, 'status' => 'approve', 'order' => 'ASC') ); - } else { - $comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND ( comment_approved = '1' OR ( comment_author = %s AND comment_author_email = %s AND comment_approved = '0' ) ) ORDER BY comment_date_gmt", $post->ID, wp_specialchars_decode($comment_author,ENT_QUOTES), $comment_author_email)); + $args[ 'unapproved_user_id' ] = $user_ID; + } else if ( ! empty($comment_author) ) { + $args[ 'unapproved_author' ] = wp_specialchars_decode($comment_author,ENT_QUOTES); + $args[ 'unapproved_author_email' ] = $comment_author_email; } + $args = apply_filters( 'comments_template_args', $args ); + $comments = $query->query( $args ); // keep $comments for legacy's sake $wp_query->comments = apply_filters( 'comments_array', $comments, $post->ID );