WordPress.org

Make WordPress Core

Ticket #2525: comment-funcs.diff

File comment-funcs.diff, 76.8 KB (added by ryan, 12 years ago)

Move comment functions into comment.php and comment-template.php

  • wp-includes/comment.php

     
    11<?php
    22
    3 // Template functions
     3function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $comment_type) {
     4        global $wpdb;
    45
    5 function comments_template( $file = '/comments.php' ) {
    6         global $wp_query, $withcomments, $post, $wpdb, $id, $comment, $user_login, $user_ID, $user_identity;
     6        if (1 == get_settings('comment_moderation')) return false; // If moderation is set to manual
    77
    8         if ( is_single() || is_page() || $withcomments ) :
    9                 $req = get_settings('require_name_email');
    10                 $comment_author = '';
    11                 if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) {
    12                         $comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]);
    13                         $comment_author = stripslashes($comment_author);
    14                         $comment_author = wp_specialchars($comment_author, true);
    15                 }
    16                 $comment_author_email = '';
    17                 if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) {
    18                         $comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]);
    19                         $comment_author_email = stripslashes($comment_author_email);
    20                         $comment_author_email = wp_specialchars($comment_author_email, true);           
    21                 }
    22                 $comment_author_url = '';
    23                 if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) {
    24                         $comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]);
    25                         $comment_author_url = stripslashes($comment_author_url);
    26                         $comment_author_url = wp_specialchars($comment_author_url, true);               
    27                 }
     8        if ( (count(explode('http:', $comment)) - 1) >= get_settings('comment_max_links') )
     9                return false; // Check # of external links
    2810
    29         if ( empty($comment_author) ) {
    30                 $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND comment_approved = '1' ORDER BY comment_date");
    31         } else {
    32                 $author_db = $wpdb->escape($comment_author);
    33                 $email_db  = $wpdb->escape($comment_author_email);
    34                 $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND ( comment_approved = '1' OR ( comment_author = '$author_db' AND comment_author_email = '$email_db' AND comment_approved = '0' ) ) ORDER BY comment_date");
    35         }
     11        $mod_keys = trim( get_settings('moderation_keys') );
     12        if ( !empty($mod_keys) ) {
     13                $words = explode("\n", $mod_keys );
    3614
    37         define('COMMENTS_TEMPLATE', true);
    38         $include = apply_filters('comments_template', TEMPLATEPATH . $file );
    39         if ( file_exists( $include ) )
    40                 require( $include );
    41         else
    42                 require( ABSPATH . 'wp-content/themes/default/comments.php');
     15                foreach ($words as $word) {
     16                        $word = trim($word);
    4317
    44         endif;
    45 }
     18                        // Skip empty lines
     19                        if (empty($word)) { continue; }
    4620
    47 function wp_new_comment( $commentdata ) {
    48         $commentdata = apply_filters('preprocess_comment', $commentdata);
     21                        // Do some escaping magic so that '#' chars in the
     22                        // spam words don't break things:
     23                        $word = preg_quote($word, '#');
    4924
    50         $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
    51         $commentdata['user_ID']         = (int) $commentdata['user_ID'];
     25                        $pattern = "#$word#i";
     26                        if ( preg_match($pattern, $author) ) return false;
     27                        if ( preg_match($pattern, $email) ) return false;
     28                        if ( preg_match($pattern, $url) ) return false;
     29                        if ( preg_match($pattern, $comment) ) return false;
     30                        if ( preg_match($pattern, $user_ip) ) return false;
     31                        if ( preg_match($pattern, $user_agent) ) return false;
     32                }
     33        }
    5234
    53         $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
    54         $commentdata['comment_agent']     = $_SERVER['HTTP_USER_AGENT'];
    55 
    56         $commentdata['comment_date']     = current_time('mysql');
    57         $commentdata['comment_date_gmt'] = current_time('mysql', 1);
    58 
    59 
    60         $commentdata = wp_filter_comment($commentdata);
    61 
    62         $commentdata['comment_approved'] = wp_allow_comment($commentdata);
    63 
    64         $comment_ID = wp_insert_comment($commentdata);
    65 
    66         do_action('comment_post', $comment_ID, $commentdata['comment_approved']);
    67 
    68         if ( 'spam' !== $commentdata['comment_approved'] ) { // If it's spam save it silently for later crunching
    69                 if ( '0' == $commentdata['comment_approved'] )
    70                         wp_notify_moderator($comment_ID);
    71 
    72                 $post = &get_post($commentdata['comment_post_ID']); // Don't notify if it's your own comment
    73 
    74                 if ( get_settings('comments_notify') && $commentdata['comment_approved'] && $post->post_author != $commentdata['user_ID'] )
    75                         wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
     35        // Comment whitelisting:
     36        if ( 1 == get_settings('comment_whitelist')) {
     37                if ( 'trackback' == $comment_type || 'pingback' == $comment_type ) { // check if domain is in blogroll
     38                        $uri = parse_url($url);
     39                        $domain = $uri['host'];
     40                        $uri = parse_url( get_option('home') );
     41                        $home_domain = $uri['host'];
     42                        if ( $wpdb->get_var("SELECT link_id FROM $wpdb->links WHERE link_url LIKE ('%$domain%') LIMIT 1") || $domain == $home_domain )
     43                                return true;
     44                        else
     45                                return false;
     46                } elseif( $author != '' && $email != '' ) {
     47                        $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1");
     48                        if ( ( 1 == $ok_to_comment ) &&
     49                                ( empty($mod_keys) || false === strpos( $email, $mod_keys) ) )
     50                                        return true;
     51                        else
     52                                return false;
     53                } else {
     54                        return false;
     55                }
    7656        }
    7757
    78         return $comment_ID;
     58        return true;
    7959}
    8060
    81 function wp_insert_comment($commentdata) {
     61function get_approved_comments($post_id) {
    8262        global $wpdb;
    83         extract($commentdata);
     63        return $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $post_id AND comment_approved = '1' ORDER BY comment_date");
     64}
    8465
    85         if ( ! isset($comment_author_IP) )
    86                 $comment_author_IP = $_SERVER['REMOTE_ADDR'];
    87         if ( ! isset($comment_date) )
    88                 $comment_date = current_time('mysql');
    89         if ( ! isset($comment_date_gmt) )
    90                 $comment_date_gmt = gmdate('Y-m-d H:i:s', strtotime($comment_date) );
    91         if ( ! isset($comment_parent) )
    92                 $comment_parent = 0;
    93         if ( ! isset($comment_approved) )
    94                 $comment_approved = 1;
    95         if ( ! isset($user_id) )
    96                 $user_id = 0;
     66// Retrieves comment data given a comment ID or comment object.
     67// Handles comment caching.
     68function &get_comment(&$comment, $output = OBJECT) {
     69        global $comment_cache, $wpdb;
    9770
    98         $result = $wpdb->query("INSERT INTO $wpdb->comments
    99         (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type, comment_parent, user_id)
    100         VALUES
    101         ('$comment_post_ID', '$comment_author', '$comment_author_email', '$comment_author_url', '$comment_author_IP', '$comment_date', '$comment_date_gmt', '$comment_content', '$comment_approved', '$comment_agent', '$comment_type', '$comment_parent', '$user_id')
    102         ");
     71        if ( empty($comment) )
     72                return null;
    10373
    104         $id = $wpdb->insert_id;
     74        if ( is_object($comment) ) {
     75                if ( !isset($comment_cache[$comment->comment_ID]) )
     76                        $comment_cache[$comment->comment_ID] = &$comment;
     77                $_comment = & $comment_cache[$comment->comment_ID];
     78        } else {
     79                if ( !isset($comment_cache[$comment]) ) {
     80                        $_comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment' LIMIT 1");
     81                        $comment_cache[$comment->comment_ID] = & $_comment;
     82                } else {
     83                        $_comment = & $comment_cache[$comment];
     84                }
     85        }
    10586
    106         if ( $comment_approved == 1) {
    107                 $count = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'");
    108                 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = $count WHERE ID = '$comment_post_ID'" );
     87        if ( $output == OBJECT ) {
     88                return $_comment;
     89        } elseif ( $output == ARRAY_A ) {
     90                return get_object_vars($_comment);
     91        } elseif ( $output == ARRAY_N ) {
     92                return array_values(get_object_vars($_comment));
     93        } else {
     94                return $_comment;
    10995        }
    110         return $id;
    11196}
    11297
    113 function wp_filter_comment($commentdata) {
    114         $commentdata['user_id']              = apply_filters('pre_user_id', $commentdata['user_ID']);
    115         $commentdata['comment_agent']        = apply_filters('pre_comment_user_agent', $commentdata['comment_agent']);
    116         $commentdata['comment_author']       = apply_filters('pre_comment_author_name', $commentdata['comment_author']);
    117         $commentdata['comment_content']      = apply_filters('pre_comment_content', $commentdata['comment_content']);
    118         $commentdata['comment_author_IP']    = apply_filters('pre_comment_user_ip', $commentdata['comment_author_IP']);
    119         $commentdata['comment_author_url']   = apply_filters('pre_comment_author_url', $commentdata['comment_author_url']);
    120         $commentdata['comment_author_email'] = apply_filters('pre_comment_author_email', $commentdata['comment_author_email']);
    121         $commentdata['filtered'] = true;
    122         return $commentdata;
     98// Deprecate in favor of get_comment()?
     99function get_commentdata( $comment_ID, $no_cache = 0, $include_unapproved = false ) { // less flexible, but saves DB queries
     100        global $postc, $id, $commentdata, $wpdb;
     101        if ($no_cache) {
     102                $query = "SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment_ID'";
     103                if (false == $include_unapproved) {
     104                    $query .= " AND comment_approved = '1'";
     105                }
     106                $myrow = $wpdb->get_row($query, ARRAY_A);
     107        } else {
     108                $myrow['comment_ID'] = $postc->comment_ID;
     109                $myrow['comment_post_ID'] = $postc->comment_post_ID;
     110                $myrow['comment_author'] = $postc->comment_author;
     111                $myrow['comment_author_email'] = $postc->comment_author_email;
     112                $myrow['comment_author_url'] = $postc->comment_author_url;
     113                $myrow['comment_author_IP'] = $postc->comment_author_IP;
     114                $myrow['comment_date'] = $postc->comment_date;
     115                $myrow['comment_content'] = $postc->comment_content;
     116                $myrow['comment_karma'] = $postc->comment_karma;
     117                $myrow['comment_approved'] = $postc->comment_approved;
     118                $myrow['comment_type'] = $postc->comment_type;
     119        }
     120        return $myrow;
    123121}
    124122
     123function get_lastcommentmodified($timezone = 'server') {
     124        global $cache_lastcommentmodified, $pagenow, $wpdb;
     125        $add_seconds_blog = get_settings('gmt_offset') * 3600;
     126        $add_seconds_server = date('Z');
     127        $now = current_time('mysql', 1);
     128        if ( !isset($cache_lastcommentmodified[$timezone]) ) {
     129                switch(strtolower($timezone)) {
     130                        case 'gmt':
     131                                $lastcommentmodified = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");
     132                                break;
     133                        case 'blog':
     134                                $lastcommentmodified = $wpdb->get_var("SELECT comment_date FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");
     135                                break;
     136                        case 'server':
     137                                $lastcommentmodified = $wpdb->get_var("SELECT DATE_ADD(comment_date_gmt, INTERVAL '$add_seconds_server' SECOND) FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");
     138                                break;
     139                }
     140                $cache_lastcommentmodified[$timezone] = $lastcommentmodified;
     141        } else {
     142                $lastcommentmodified = $cache_lastcommentmodified[$timezone];
     143        }
     144        return $lastcommentmodified;
     145}
     146
    125147function wp_allow_comment($commentdata) {
    126148        global $wpdb;
    127149        extract($commentdata);
     
    171193        return $approved;
    172194}
    173195
    174 
    175 function wp_update_comment($commentarr) {
    176         global $wpdb;
    177 
    178         // First, get all of the original fields
    179         $comment = get_comment($commentarr['comment_ID'], ARRAY_A);
    180 
    181         // Escape data pulled from DB.
    182         foreach ($comment as $key => $value)
    183                 $comment[$key] = $wpdb->escape($value);
    184 
    185         // Merge old and new fields with new fields overwriting old ones.
    186         $commentarr = array_merge($comment, $commentarr);
    187 
    188         $commentarr = wp_filter_comment( $commentarr );
    189 
    190         // Now extract the merged array.
    191         extract($commentarr);
    192 
    193         $comment_content = apply_filters('comment_save_pre', $comment_content);
    194 
    195         $result = $wpdb->query(
    196                 "UPDATE $wpdb->comments SET
    197                         comment_content = '$comment_content',
    198                         comment_author = '$comment_author',
    199                         comment_author_email = '$comment_author_email',
    200                         comment_approved = '$comment_approved',
    201                         comment_author_url = '$comment_author_url',
    202                         comment_date = '$comment_date'
    203                 WHERE comment_ID = $comment_ID" );
    204 
    205         $rval = $wpdb->rows_affected;
    206 
    207         $c = $wpdb->get_row( "SELECT count(*) as c FROM {$wpdb->comments} WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'" );
    208         if( is_object( $c ) )
    209                 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = '$c->c' WHERE ID = '$comment_post_ID'" );
    210 
    211         do_action('edit_comment', $comment_ID);
    212 
    213         return $rval;
    214 }
    215 
    216196function wp_delete_comment($comment_id) {
    217197        global $wpdb;
    218198        do_action('delete_comment', $comment_id);
     
    230210        return true;
    231211}
    232212
    233 function get_comments_number( $post_id = 0 ) {
    234         global $wpdb, $comment_count_cache, $id;
    235         $post_id = (int) $post_id;
     213function wp_get_comment_status($comment_id) {
     214        global $wpdb;
    236215
    237         if ( !$post_id )
    238                 $post_id = $id;
    239 
    240         if ( !isset($comment_count_cache[$post_id]) )
    241                 $comment_count_cache[$id] = $wpdb->get_var("SELECT comment_count FROM $wpdb->posts WHERE ID = '$post_id'");
    242 
    243         return apply_filters('get_comments_number', $comment_count_cache[$post_id]);
    244 }
    245 
    246 function comments_number( $zero = 'No Comments', $one = '1 Comment', $more = '% Comments', $number = '' ) {
    247         global $id, $comment;
    248         $number = get_comments_number( $id );
    249         if ($number == 0) {
    250                 $blah = $zero;
    251         } elseif ($number == 1) {
    252                 $blah = $one;
    253         } elseif ($number  > 1) {
    254                 $blah = str_replace('%', $number, $more);
     216        $result = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1");
     217        if ($result == NULL) {
     218                return 'deleted';
     219        } else if ($result == '1') {
     220                return 'approved';
     221        } else if ($result == '0') {
     222                return 'unapproved';
     223        } else if ($result == 'spam') {
     224                return 'spam';
     225        } else {
     226                return false;
    255227        }
    256         echo apply_filters('comments_number', $blah);
    257228}
    258229
    259 function get_comments_link() {
    260         return get_permalink() . '#comments';
    261 }
     230function wp_insert_comment($commentdata) {
     231        global $wpdb;
     232        extract($commentdata);
    262233
    263 function get_comment_link() {
    264         global $comment;
    265         return get_permalink( $comment->comment_post_ID ) . '#comment-' . $comment->comment_ID;
    266 }
     234        if ( ! isset($comment_author_IP) )
     235                $comment_author_IP = $_SERVER['REMOTE_ADDR'];
     236        if ( ! isset($comment_date) )
     237                $comment_date = current_time('mysql');
     238        if ( ! isset($comment_date_gmt) )
     239                $comment_date_gmt = gmdate('Y-m-d H:i:s', strtotime($comment_date) );
     240        if ( ! isset($comment_parent) )
     241                $comment_parent = 0;
     242        if ( ! isset($comment_approved) )
     243                $comment_approved = 1;
     244        if ( ! isset($user_id) )
     245                $user_id = 0;
    267246
    268 function comments_link( $file = '', $echo = true ) {
    269     echo get_comments_link();
    270 }
     247        $result = $wpdb->query("INSERT INTO $wpdb->comments
     248        (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type, comment_parent, user_id)
     249        VALUES
     250        ('$comment_post_ID', '$comment_author', '$comment_author_email', '$comment_author_url', '$comment_author_IP', '$comment_date', '$comment_date_gmt', '$comment_content', '$comment_approved', '$comment_agent', '$comment_type', '$comment_parent', '$user_id')
     251        ");
    271252
    272 function comments_popup_script($width=400, $height=400, $file='') {
    273     global $wpcommentspopupfile, $wptrackbackpopupfile, $wppingbackpopupfile, $wpcommentsjavascript;
     253        $id = $wpdb->insert_id;
    274254
    275                 if (empty ($file)) {
    276                         $wpcommentspopupfile = '';  // Use the index.
    277                 } else {
    278                         $wpcommentspopupfile = $file;
    279                 }
    280 
    281     $wpcommentsjavascript = 1;
    282     $javascript = "<script type='text/javascript'>\nfunction wpopen (macagna) {\n    window.open(macagna, '_blank', 'width=$width,height=$height,scrollbars=yes,status=yes');\n}\n</script>\n";
    283     echo $javascript;
    284 }
    285 
    286 function comments_popup_link($zero='No Comments', $one='1 Comment', $more='% Comments', $CSSclass='', $none='Comments Off') {
    287         global $id, $wpcommentspopupfile, $wpcommentsjavascript, $post, $wpdb;
    288         global $comment_count_cache;
    289 
    290         if (! is_single() && ! is_page()) {
    291         if ( !isset($comment_count_cache[$id]) )
    292                 $comment_count_cache[$id] = $wpdb->get_var("SELECT COUNT(comment_ID) FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved = '1';");
    293 
    294         $number = $comment_count_cache[$id];
    295 
    296         if (0 == $number && 'closed' == $post->comment_status && 'closed' == $post->ping_status) {
    297                 echo $none;
    298                 return;
    299         } else {
    300                 if (!empty($post->post_password)) { // if there's a password
    301                         if ($_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password) {  // and it doesn't match the cookie
    302                                 echo(__('Enter your password to view comments'));
    303                                 return;
    304                         }
    305                 }
    306                 echo '<a href="';
    307                 if ($wpcommentsjavascript) {
    308                         if ( empty($wpcommentspopupfile) )
    309                                 $home = get_settings('home');
    310                         else
    311                                 $home = get_settings('siteurl');
    312                         echo $home . '/' . $wpcommentspopupfile.'?comments_popup='.$id;
    313                         echo '" onclick="wpopen(this.href); return false"';
    314                 } else { // if comments_popup_script() is not in the template, display simple comment link
    315                         if ( 0 == $number )
    316                                 echo get_permalink() . '#respond';
    317                         else
    318                                 comments_link();
    319                         echo '"';
    320                 }
    321                 if (!empty($CSSclass)) {
    322                         echo ' class="'.$CSSclass.'"';
    323                 }
    324                 echo ' title="' . sprintf( __('Comment on %s'), $post->post_title ) .'">';
    325                 comments_number($zero, $one, $more, $number);
    326                 echo '</a>';
     255        if ( $comment_approved == 1) {
     256                $count = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'");
     257                $wpdb->query( "UPDATE $wpdb->posts SET comment_count = $count WHERE ID = '$comment_post_ID'" );
    327258        }
    328         }
     259        return $id;
    329260}
    330261
    331 function get_comment_ID() {
    332         global $comment;
    333         return apply_filters('get_comment_ID', $comment->comment_ID);
     262function wp_filter_comment($commentdata) {
     263        $commentdata['user_id']              = apply_filters('pre_user_id', $commentdata['user_ID']);
     264        $commentdata['comment_agent']        = apply_filters('pre_comment_user_agent', $commentdata['comment_agent']);
     265        $commentdata['comment_author']       = apply_filters('pre_comment_author_name', $commentdata['comment_author']);
     266        $commentdata['comment_content']      = apply_filters('pre_comment_content', $commentdata['comment_content']);
     267        $commentdata['comment_author_IP']    = apply_filters('pre_comment_user_ip', $commentdata['comment_author_IP']);
     268        $commentdata['comment_author_url']   = apply_filters('pre_comment_author_url', $commentdata['comment_author_url']);
     269        $commentdata['comment_author_email'] = apply_filters('pre_comment_author_email', $commentdata['comment_author_email']);
     270        $commentdata['filtered'] = true;
     271        return $commentdata;
    334272}
    335273
    336 function comment_ID() {
    337         echo get_comment_ID();
    338 }
     274function wp_new_comment( $commentdata ) {
     275        $commentdata = apply_filters('preprocess_comment', $commentdata);
    339276
    340 function get_comment_author() {
    341         global $comment;
    342         if ( empty($comment->comment_author) )
    343                 $author = __('Anonymous');
    344         else
    345                 $author = $comment->comment_author;
    346         return apply_filters('get_comment_author', $author);
    347 }
     277        $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
     278        $commentdata['user_ID']         = (int) $commentdata['user_ID'];
    348279
    349 function comment_author() {
    350         $author = apply_filters('comment_author', get_comment_author() );
    351         echo $author;
    352 }
     280        $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
     281        $commentdata['comment_agent']     = $_SERVER['HTTP_USER_AGENT'];
    353282
    354 function get_comment_author_email() {
    355         global $comment;
    356         return apply_filters('get_comment_author_email', $comment->comment_author_email);
    357 }
     283        $commentdata['comment_date']     = current_time('mysql');
     284        $commentdata['comment_date_gmt'] = current_time('mysql', 1);
    358285
    359 function comment_author_email() {
    360         echo apply_filters('author_email', get_comment_author_email() );
    361 }
    362286
    363 function get_comment_author_link() {
    364         global $comment;
    365         $url    = get_comment_author_url();
    366         $author = get_comment_author();
     287        $commentdata = wp_filter_comment($commentdata);
    367288
    368         if ( empty( $url ) || 'http://' == $url )
    369                 $return = $author;
    370         else
    371                 $return = "<a href='$url' rel='external nofollow'>$author</a>";
    372         return apply_filters('get_comment_author_link', $return);
    373 }
     289        $commentdata['comment_approved'] = wp_allow_comment($commentdata);
    374290
    375 function comment_author_link() {
    376         echo get_comment_author_link();
    377 }
     291        $comment_ID = wp_insert_comment($commentdata);
    378292
    379 function get_comment_type() {
    380         global $comment;
     293        do_action('comment_post', $comment_ID, $commentdata['comment_approved']);
    381294
    382         if ( '' == $comment->comment_type )
    383                 $comment->comment_type = 'comment';
     295        if ( 'spam' !== $commentdata['comment_approved'] ) { // If it's spam save it silently for later crunching
     296                if ( '0' == $commentdata['comment_approved'] )
     297                        wp_notify_moderator($comment_ID);
    384298
    385         return apply_filters('get_comment_type', $comment->comment_type);
    386 }
     299                $post = &get_post($commentdata['comment_post_ID']); // Don't notify if it's your own comment
    387300
    388 function comment_type($commenttxt = 'Comment', $trackbacktxt = 'Trackback', $pingbacktxt = 'Pingback') {
    389         $type = get_comment_type();
    390         switch( $type ) {
    391                 case 'trackback' :
    392                         echo $trackbacktxt;
    393                         break;
    394                 case 'pingback' :
    395                         echo $pingbacktxt;
    396                         break;
    397                 default :
    398                         echo $commenttxt;
     301                if ( get_settings('comments_notify') && $commentdata['comment_approved'] && $post->post_author != $commentdata['user_ID'] )
     302                        wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
    399303        }
    400 }
    401304
    402 function get_comment_author_url() {
    403         global $comment;
    404         return apply_filters('get_comment_author_url', $comment->comment_author_url);
     305        return $comment_ID;
    405306}
    406307
    407 function comment_author_url() {
    408         echo apply_filters('comment_url', get_comment_author_url());
    409 }
     308function wp_set_comment_status($comment_id, $comment_status) {
     309    global $wpdb;
    410310
    411 function comment_author_email_link($linktext='', $before='', $after='') {
    412         global $comment;
    413         $email = apply_filters('comment_email', $comment->comment_author_email);
    414         if ((!empty($email)) && ($email != '@')) {
    415         $display = ($linktext != '') ? $linktext : $email;
    416                 echo $before;
    417                 echo "<a href='mailto:$email'>$display</a>";
    418                 echo $after;
    419         }
    420 }
     311    switch($comment_status) {
     312                case 'hold':
     313                        $query = "UPDATE $wpdb->comments SET comment_approved='0' WHERE comment_ID='$comment_id' LIMIT 1";
     314                break;
     315                case 'approve':
     316                        $query = "UPDATE $wpdb->comments SET comment_approved='1' WHERE comment_ID='$comment_id' LIMIT 1";
     317                break;
     318                case 'spam':
     319                        $query = "UPDATE $wpdb->comments SET comment_approved='spam' WHERE comment_ID='$comment_id' LIMIT 1";
     320                break;
     321                case 'delete':
     322                        return wp_delete_comment($comment_id);
     323                break;
     324                default:
     325                        return false;
     326    }
     327   
     328    if ($wpdb->query($query)) {
     329                do_action('wp_set_comment_status', $comment_id, $comment_status);
    421330
    422 function get_comment_author_url_link( $linktext = '', $before = '', $after = '' ) {
    423         global $comment;
    424         $url = get_comment_author_url();
    425         $display = ($linktext != '') ? $linktext : $url;
    426         $return = "$before<a href='$url' rel='external'>$display</a>$after";
    427         return apply_filters('get_comment_author_url_link', $return);
     331                $comment = get_comment($comment_id);
     332                $comment_post_ID = $comment->comment_post_ID;
     333                $c = $wpdb->get_row( "SELECT count(*) as c FROM {$wpdb->comments} WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'" );
     334                if( is_object( $c ) )
     335                        $wpdb->query( "UPDATE $wpdb->posts SET comment_count = '$c->c' WHERE ID = '$comment_post_ID'" );
     336                return true;
     337    } else {
     338                return false;
     339    }
    428340}
    429341
    430 function comment_author_url_link( $linktext = '', $before = '', $after = '' ) {
    431         echo get_comment_author_url_link( $linktext, $before, $after );
    432 }
     342function wp_update_comment($commentarr) {
     343        global $wpdb;
    433344
    434 function get_comment_author_IP() {
    435         global $comment;
    436         return apply_filters('get_comment_author_IP', $comment->comment_author_IP);
    437 }
     345        // First, get all of the original fields
     346        $comment = get_comment($commentarr['comment_ID'], ARRAY_A);
    438347
    439 function comment_author_IP() {
    440         echo get_comment_author_IP();
    441 }
     348        // Escape data pulled from DB.
     349        foreach ($comment as $key => $value)
     350                $comment[$key] = $wpdb->escape($value);
    442351
    443 function get_comment_text() {
    444         global $comment;
    445         return apply_filters('get_comment_text', $comment->comment_content);
    446 }
     352        // Merge old and new fields with new fields overwriting old ones.
     353        $commentarr = array_merge($comment, $commentarr);
    447354
    448 function comment_text() {
    449         echo apply_filters('comment_text', get_comment_text() );
    450 }
     355        $commentarr = wp_filter_comment( $commentarr );
    451356
    452 function get_comment_excerpt() {
    453         global $comment;
    454         $comment_text = strip_tags($comment->comment_content);
    455         $blah = explode(' ', $comment_text);
    456         if (count($blah) > 20) {
    457                 $k = 20;
    458                 $use_dotdotdot = 1;
    459         } else {
    460                 $k = count($blah);
    461                 $use_dotdotdot = 0;
    462         }
    463         $excerpt = '';
    464         for ($i=0; $i<$k; $i++) {
    465                 $excerpt .= $blah[$i] . ' ';
    466         }
    467         $excerpt .= ($use_dotdotdot) ? '...' : '';
    468         return apply_filters('get_comment_excerpt', $excerpt);
    469 }
     357        // Now extract the merged array.
     358        extract($commentarr);
    470359
    471 function comment_excerpt() {
    472         echo apply_filters('comment_excerpt', get_comment_excerpt() );
    473 }
     360        $comment_content = apply_filters('comment_save_pre', $comment_content);
    474361
    475 function get_comment_date( $d = '' ) {
    476         global $comment;
    477         if ( '' == $d )
    478                 $date = mysql2date( get_settings('date_format'), $comment->comment_date);
    479         else
    480                 $date = mysql2date($d, $comment->comment_date);
    481         return apply_filters('get_comment_date', $date);
    482 }
     362        $result = $wpdb->query(
     363                "UPDATE $wpdb->comments SET
     364                        comment_content = '$comment_content',
     365                        comment_author = '$comment_author',
     366                        comment_author_email = '$comment_author_email',
     367                        comment_approved = '$comment_approved',
     368                        comment_author_url = '$comment_author_url',
     369                        comment_date = '$comment_date'
     370                WHERE comment_ID = $comment_ID" );
    483371
    484 function comment_date( $d = '' ) {
    485         echo get_comment_date( $d );
    486 }
     372        $rval = $wpdb->rows_affected;
    487373
    488 function get_comment_time( $d = '', $gmt = false ) {
    489         global $comment;
    490         $comment_date = $gmt? $comment->comment_date_gmt : $comment->comment_date;
    491         if ( '' == $d )
    492                 $date = mysql2date(get_settings('time_format'), $comment_date);
    493         else
    494                 $date = mysql2date($d, $comment_date);
    495         return apply_filters('get_comment_time', $date);
    496 }
     374        $c = $wpdb->get_row( "SELECT count(*) as c FROM {$wpdb->comments} WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'" );
     375        if( is_object( $c ) )
     376                $wpdb->query( "UPDATE $wpdb->posts SET comment_count = '$c->c' WHERE ID = '$comment_post_ID'" );
    497377
    498 function comment_time( $d = '' ) {
    499         echo get_comment_time($d);
    500 }
     378        do_action('edit_comment', $comment_ID);
    501379
    502 function get_trackback_url() {
    503         global $id;
    504         $tb_url = get_settings('siteurl') . '/wp-trackback.php?p=' . $id;
    505 
    506         if ( '' != get_settings('permalink_structure') )
    507                 $tb_url = trailingslashit(get_permalink()) . 'trackback/';
    508 
    509         return $tb_url;
     380        return $rval;
    510381}
    511 function trackback_url( $display = true ) {
    512         if ( $display)
    513                 echo get_trackback_url();
    514         else
    515                 return get_trackback_url();
    516 }
    517382
    518 function trackback_rdf($timezone = 0) {
    519         global $id;
    520         if (!stristr($_SERVER['HTTP_USER_AGENT'], 'W3C_Validator')) {
    521         echo '<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
    522             xmlns:dc="http://purl.org/dc/elements/1.1/"
    523             xmlns:trackback="http://madskills.com/public/xml/rss/module/trackback/">
    524                 <rdf:Description rdf:about="';
    525         the_permalink();
    526         echo '"'."\n";
    527         echo '    dc:identifier="';
    528         the_permalink();
    529         echo '"'."\n";
    530         echo '    dc:title="'.str_replace('--', '&#x2d;&#x2d;', wptexturize(strip_tags(get_the_title()))).'"'."\n";
    531         echo '    trackback:ping="'.trackback_url(0).'"'." />\n";
    532         echo '</rdf:RDF>';
    533         }
    534 }
    535 
    536 function comments_open() {
    537         global $post;
    538         if ( 'open' == $post->comment_status )
    539                 return true;
    540         else
    541                 return false;
    542 }
    543 
    544 function pings_open() {
    545         global $post;
    546         if ( 'open' == $post->ping_status )
    547                 return true;
    548         else
    549                 return false;
    550 }
    551 
    552 // Non-template functions
    553 
    554 function get_lastcommentmodified($timezone = 'server') {
    555         global $cache_lastcommentmodified, $pagenow, $wpdb;
    556         $add_seconds_blog = get_settings('gmt_offset') * 3600;
    557         $add_seconds_server = date('Z');
    558         $now = current_time('mysql', 1);
    559         if ( !isset($cache_lastcommentmodified[$timezone]) ) {
    560                 switch(strtolower($timezone)) {
    561                         case 'gmt':
    562                                 $lastcommentmodified = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");
    563                                 break;
    564                         case 'blog':
    565                                 $lastcommentmodified = $wpdb->get_var("SELECT comment_date FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");
    566                                 break;
    567                         case 'server':
    568                                 $lastcommentmodified = $wpdb->get_var("SELECT DATE_ADD(comment_date_gmt, INTERVAL '$add_seconds_server' SECOND) FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");
    569                                 break;
    570                 }
    571                 $cache_lastcommentmodified[$timezone] = $lastcommentmodified;
    572         } else {
    573                 $lastcommentmodified = $cache_lastcommentmodified[$timezone];
    574         }
    575         return $lastcommentmodified;
    576 }
    577 
    578 function get_commentdata( $comment_ID, $no_cache = 0, $include_unapproved = false ) { // less flexible, but saves DB queries
    579         global $postc, $id, $commentdata, $wpdb;
    580         if ($no_cache) {
    581                 $query = "SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment_ID'";
    582                 if (false == $include_unapproved) {
    583                     $query .= " AND comment_approved = '1'";
    584                 }
    585                 $myrow = $wpdb->get_row($query, ARRAY_A);
    586         } else {
    587                 $myrow['comment_ID'] = $postc->comment_ID;
    588                 $myrow['comment_post_ID'] = $postc->comment_post_ID;
    589                 $myrow['comment_author'] = $postc->comment_author;
    590                 $myrow['comment_author_email'] = $postc->comment_author_email;
    591                 $myrow['comment_author_url'] = $postc->comment_author_url;
    592                 $myrow['comment_author_IP'] = $postc->comment_author_IP;
    593                 $myrow['comment_date'] = $postc->comment_date;
    594                 $myrow['comment_content'] = $postc->comment_content;
    595                 $myrow['comment_karma'] = $postc->comment_karma;
    596                 $myrow['comment_approved'] = $postc->comment_approved;
    597                 $myrow['comment_type'] = $postc->comment_type;
    598         }
    599         return $myrow;
    600 }
    601 
    602383function pingback($content, $post_ID) {
    603384        global $wp_version, $wpdb;
    604385        include_once (ABSPATH . WPINC . '/class-IXR.php');
     
    782563        return false;
    783564}
    784565
    785 function wp_set_comment_status($comment_id, $comment_status) {
    786     global $wpdb;
    787 
    788     switch($comment_status) {
    789                 case 'hold':
    790                         $query = "UPDATE $wpdb->comments SET comment_approved='0' WHERE comment_ID='$comment_id' LIMIT 1";
    791                 break;
    792                 case 'approve':
    793                         $query = "UPDATE $wpdb->comments SET comment_approved='1' WHERE comment_ID='$comment_id' LIMIT 1";
    794                 break;
    795                 case 'spam':
    796                         $query = "UPDATE $wpdb->comments SET comment_approved='spam' WHERE comment_ID='$comment_id' LIMIT 1";
    797                 break;
    798                 case 'delete':
    799                         return wp_delete_comment($comment_id);
    800                 break;
    801                 default:
    802                         return false;
    803     }
    804    
    805     if ($wpdb->query($query)) {
    806                 do_action('wp_set_comment_status', $comment_id, $comment_status);
    807 
    808                 $comment = get_comment($comment_id);
    809                 $comment_post_ID = $comment->comment_post_ID;
    810                 $c = $wpdb->get_row( "SELECT count(*) as c FROM {$wpdb->comments} WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'" );
    811                 if( is_object( $c ) )
    812                         $wpdb->query( "UPDATE $wpdb->posts SET comment_count = '$c->c' WHERE ID = '$comment_post_ID'" );
    813                 return true;
    814     } else {
    815                 return false;
    816     }
    817 }
    818 
    819 function wp_get_comment_status($comment_id) {
    820         global $wpdb;
    821 
    822         $result = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1");
    823         if ($result == NULL) {
    824                 return 'deleted';
    825         } else if ($result == '1') {
    826                 return 'approved';
    827         } else if ($result == '0') {
    828                 return 'unapproved';
    829         } else if ($result == 'spam') {
    830                 return 'spam';
    831         } else {
    832                 return false;
    833         }
    834 }
    835 
    836 function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $comment_type) {
    837         global $wpdb;
    838 
    839         if (1 == get_settings('comment_moderation')) return false; // If moderation is set to manual
    840 
    841         if ( (count(explode('http:', $comment)) - 1) >= get_settings('comment_max_links') )
    842                 return false; // Check # of external links
    843 
    844         $mod_keys = trim( get_settings('moderation_keys') );
    845         if ( !empty($mod_keys) ) {
    846                 $words = explode("\n", $mod_keys );
    847 
    848                 foreach ($words as $word) {
    849                         $word = trim($word);
    850 
    851                         // Skip empty lines
    852                         if (empty($word)) { continue; }
    853 
    854                         // Do some escaping magic so that '#' chars in the
    855                         // spam words don't break things:
    856                         $word = preg_quote($word, '#');
    857 
    858                         $pattern = "#$word#i";
    859                         if ( preg_match($pattern, $author) ) return false;
    860                         if ( preg_match($pattern, $email) ) return false;
    861                         if ( preg_match($pattern, $url) ) return false;
    862                         if ( preg_match($pattern, $comment) ) return false;
    863                         if ( preg_match($pattern, $user_ip) ) return false;
    864                         if ( preg_match($pattern, $user_agent) ) return false;
    865                 }
    866         }
    867 
    868         // Comment whitelisting:
    869         if ( 1 == get_settings('comment_whitelist')) {
    870                 if ( 'trackback' == $comment_type || 'pingback' == $comment_type ) { // check if domain is in blogroll
    871                         $uri = parse_url($url);
    872                         $domain = $uri['host'];
    873                         $uri = parse_url( get_option('home') );
    874                         $home_domain = $uri['host'];
    875                         if ( $wpdb->get_var("SELECT link_id FROM $wpdb->links WHERE link_url LIKE ('%$domain%') LIMIT 1") || $domain == $home_domain )
    876                                 return true;
    877                         else
    878                                 return false;
    879                 } elseif( $author != '' && $email != '' ) {
    880                         $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1");
    881                         if ( ( 1 == $ok_to_comment ) &&
    882                                 ( empty($mod_keys) || false === strpos( $email, $mod_keys) ) )
    883                                         return true;
    884                         else
    885                                 return false;
    886                 } else {
    887                         return false;
    888                 }
    889         }
    890 
    891         return true;
    892 }
    893 
    894 function get_approved_comments($post_id) {
    895         global $wpdb;
    896         return $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $post_id AND comment_approved = '1' ORDER BY comment_date");
    897 }
    898 
    899566?>
  • wp-includes/functions.php

     
    690690        }
    691691}
    692692
    693 // Retrieves comment data given a comment ID or comment object.
    694 // Handles comment caching.
    695 function &get_comment(&$comment, $output = OBJECT) {
    696         global $comment_cache, $wpdb;
    697 
    698         if ( empty($comment) )
    699                 return null;
    700 
    701         if ( is_object($comment) ) {
    702                 if ( !isset($comment_cache[$comment->comment_ID]) )
    703                         $comment_cache[$comment->comment_ID] = &$comment;
    704                 $_comment = & $comment_cache[$comment->comment_ID];
    705         } else {
    706                 if ( !isset($comment_cache[$comment]) ) {
    707                         $_comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment' LIMIT 1");
    708                         $comment_cache[$comment->comment_ID] = & $_comment;
    709                 } else {
    710                         $_comment = & $comment_cache[$comment];
    711                 }
    712         }
    713 
    714         if ( $output == OBJECT ) {
    715                 return $_comment;
    716         } elseif ( $output == ARRAY_A ) {
    717                 return get_object_vars($_comment);
    718         } elseif ( $output == ARRAY_N ) {
    719                 return array_values(get_object_vars($_comment));
    720         } else {
    721                 return $_comment;
    722         }
    723 }
    724 
    725693function get_catname($cat_ID) {
    726694        $category = &get_category($cat_ID);
    727695        return $category->cat_name;
  • wp-includes/comment-functions.php

     
    1 <?php
    2 
    3 // Template functions
    4 
    5 function comments_template( $file = '/comments.php' ) {
    6         global $wp_query, $withcomments, $post, $wpdb, $id, $comment, $user_login, $user_ID, $user_identity;
    7 
    8         if ( is_single() || is_page() || $withcomments ) :
    9                 $req = get_settings('require_name_email');
    10                 $comment_author = '';
    11                 if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) {
    12                         $comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]);
    13                         $comment_author = stripslashes($comment_author);
    14                         $comment_author = wp_specialchars($comment_author, true);
    15                 }
    16                 $comment_author_email = '';
    17                 if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) {
    18                         $comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]);
    19                         $comment_author_email = stripslashes($comment_author_email);
    20                         $comment_author_email = wp_specialchars($comment_author_email, true);           
    21                 }
    22                 $comment_author_url = '';
    23                 if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) {
    24                         $comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]);
    25                         $comment_author_url = stripslashes($comment_author_url);
    26                         $comment_author_url = wp_specialchars($comment_author_url, true);               
    27                 }
    28 
    29         if ( empty($comment_author) ) {
    30                 $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND comment_approved = '1' ORDER BY comment_date");
    31         } else {
    32                 $author_db = $wpdb->escape($comment_author);
    33                 $email_db  = $wpdb->escape($comment_author_email);
    34                 $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND ( comment_approved = '1' OR ( comment_author = '$author_db' AND comment_author_email = '$email_db' AND comment_approved = '0' ) ) ORDER BY comment_date");
    35         }
    36 
    37         define('COMMENTS_TEMPLATE', true);
    38         $include = apply_filters('comments_template', TEMPLATEPATH . $file );
    39         if ( file_exists( $include ) )
    40                 require( $include );
    41         else
    42                 require( ABSPATH . 'wp-content/themes/default/comments.php');
    43 
    44         endif;
    45 }
    46 
    47 function wp_new_comment( $commentdata ) {
    48         $commentdata = apply_filters('preprocess_comment', $commentdata);
    49 
    50         $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
    51         $commentdata['user_ID']         = (int) $commentdata['user_ID'];
    52 
    53         $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
    54         $commentdata['comment_agent']     = $_SERVER['HTTP_USER_AGENT'];
    55 
    56         $commentdata['comment_date']     = current_time('mysql');
    57         $commentdata['comment_date_gmt'] = current_time('mysql', 1);
    58 
    59 
    60         $commentdata = wp_filter_comment($commentdata);
    61 
    62         $commentdata['comment_approved'] = wp_allow_comment($commentdata);
    63 
    64         $comment_ID = wp_insert_comment($commentdata);
    65 
    66         do_action('comment_post', $comment_ID, $commentdata['comment_approved']);
    67 
    68         if ( 'spam' !== $commentdata['comment_approved'] ) { // If it's spam save it silently for later crunching
    69                 if ( '0' == $commentdata['comment_approved'] )
    70                         wp_notify_moderator($comment_ID);
    71 
    72                 $post = &get_post($commentdata['comment_post_ID']); // Don't notify if it's your own comment
    73 
    74                 if ( get_settings('comments_notify') && $commentdata['comment_approved'] && $post->post_author != $commentdata['user_ID'] )
    75                         wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
    76         }
    77 
    78         return $comment_ID;
    79 }
    80 
    81 function wp_insert_comment($commentdata) {
    82         global $wpdb;
    83         extract($commentdata);
    84 
    85         if ( ! isset($comment_author_IP) )
    86                 $comment_author_IP = $_SERVER['REMOTE_ADDR'];
    87         if ( ! isset($comment_date) )
    88                 $comment_date = current_time('mysql');
    89         if ( ! isset($comment_date_gmt) )
    90                 $comment_date_gmt = gmdate('Y-m-d H:i:s', strtotime($comment_date) );
    91         if ( ! isset($comment_parent) )
    92                 $comment_parent = 0;
    93         if ( ! isset($comment_approved) )
    94                 $comment_approved = 1;
    95         if ( ! isset($user_id) )
    96                 $user_id = 0;
    97 
    98         $result = $wpdb->query("INSERT INTO $wpdb->comments
    99         (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type, comment_parent, user_id)
    100         VALUES
    101         ('$comment_post_ID', '$comment_author', '$comment_author_email', '$comment_author_url', '$comment_author_IP', '$comment_date', '$comment_date_gmt', '$comment_content', '$comment_approved', '$comment_agent', '$comment_type', '$comment_parent', '$user_id')
    102         ");
    103 
    104         $id = $wpdb->insert_id;
    105 
    106         if ( $comment_approved == 1) {
    107                 $count = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'");
    108                 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = $count WHERE ID = '$comment_post_ID'" );
    109         }
    110         return $id;
    111 }
    112 
    113 function wp_filter_comment($commentdata) {
    114         $commentdata['user_id']              = apply_filters('pre_user_id', $commentdata['user_ID']);
    115         $commentdata['comment_agent']        = apply_filters('pre_comment_user_agent', $commentdata['comment_agent']);
    116         $commentdata['comment_author']       = apply_filters('pre_comment_author_name', $commentdata['comment_author']);
    117         $commentdata['comment_content']      = apply_filters('pre_comment_content', $commentdata['comment_content']);
    118         $commentdata['comment_author_IP']    = apply_filters('pre_comment_user_ip', $commentdata['comment_author_IP']);
    119         $commentdata['comment_author_url']   = apply_filters('pre_comment_author_url', $commentdata['comment_author_url']);
    120         $commentdata['comment_author_email'] = apply_filters('pre_comment_author_email', $commentdata['comment_author_email']);
    121         $commentdata['filtered'] = true;
    122         return $commentdata;
    123 }
    124 
    125 function wp_allow_comment($commentdata) {
    126         global $wpdb;
    127         extract($commentdata);
    128 
    129         $comment_user_domain = apply_filters('pre_comment_user_domain', gethostbyaddr($comment_author_IP) );
    130 
    131         // Simple duplicate check
    132         $dupe = "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND ( comment_author = '$comment_author' ";
    133         if ( $comment_author_email )
    134                 $dupe .= "OR comment_author_email = '$comment_author_email' ";
    135         $dupe .= ") AND comment_content = '$comment_content' LIMIT 1";
    136         if ( $wpdb->get_var($dupe) )
    137                 die( __('Duplicate comment detected; it looks as though you\'ve already said that!') );
    138 
    139         // Simple flood-protection
    140         if ( $lasttime = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_author_IP = '$comment_author_IP' OR comment_author_email = '$comment_author_email' ORDER BY comment_date DESC LIMIT 1") ) {
    141                 $time_lastcomment = mysql2date('U', $lasttime);
    142                 $time_newcomment  = mysql2date('U', $comment_date_gmt);
    143                 if ( ($time_newcomment - $time_lastcomment) < 15 ) {
    144                         do_action('comment_flood_trigger', $time_lastcomment, $time_newcomment);
    145                         die( __('Sorry, you can only post a new comment once every 15 seconds. Slow down cowboy.') );
    146                 }
    147         }
    148 
    149         if ( $user_id ) {
    150                 $userdata = get_userdata($user_id);
    151                 $user = new WP_User($user_id);
    152                 $post_author = $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = '$comment_post_ID' LIMIT 1");
    153         }
    154 
    155         // The author and the admins get respect.
    156         if ( $userdata && ( $user_id == $post_author || $user->has_cap('level_9') ) ) {
    157                 $approved = 1;
    158         }
    159 
    160         // Everyone else's comments will be checked.
    161         else {
    162                 if ( check_comment($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent, $comment_type) )
    163                         $approved = 1;
    164                 else
    165                         $approved = 0;
    166                 if ( wp_blacklist_check($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent) )
    167                         $approved = 'spam';
    168         }
    169 
    170         $approved = apply_filters('pre_comment_approved', $approved);
    171         return $approved;
    172 }
    173 
    174 
    175 function wp_update_comment($commentarr) {
    176         global $wpdb;
    177 
    178         // First, get all of the original fields
    179         $comment = get_comment($commentarr['comment_ID'], ARRAY_A);
    180 
    181         // Escape data pulled from DB.
    182         foreach ($comment as $key => $value)
    183                 $comment[$key] = $wpdb->escape($value);
    184 
    185         // Merge old and new fields with new fields overwriting old ones.
    186         $commentarr = array_merge($comment, $commentarr);
    187 
    188         $commentarr = wp_filter_comment( $commentarr );
    189 
    190         // Now extract the merged array.
    191         extract($commentarr);
    192 
    193         $comment_content = apply_filters('comment_save_pre', $comment_content);
    194 
    195         $result = $wpdb->query(
    196                 "UPDATE $wpdb->comments SET
    197                         comment_content = '$comment_content',
    198                         comment_author = '$comment_author',
    199                         comment_author_email = '$comment_author_email',
    200                         comment_approved = '$comment_approved',
    201                         comment_author_url = '$comment_author_url',
    202                         comment_date = '$comment_date'
    203                 WHERE comment_ID = $comment_ID" );
    204 
    205         $rval = $wpdb->rows_affected;
    206 
    207         $c = $wpdb->get_row( "SELECT count(*) as c FROM {$wpdb->comments} WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'" );
    208         if( is_object( $c ) )
    209                 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = '$c->c' WHERE ID = '$comment_post_ID'" );
    210 
    211         do_action('edit_comment', $comment_ID);
    212 
    213         return $rval;
    214 }
    215 
    216 function wp_delete_comment($comment_id) {
    217         global $wpdb;
    218         do_action('delete_comment', $comment_id);
    219 
    220         $comment = get_comment($comment_id);
    221 
    222         if ( ! $wpdb->query("DELETE FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1") )
    223                 return false;
    224 
    225         $post_id = $comment->comment_post_ID;
    226         if ( $post_id && $comment->comment_approved == 1 )
    227                 $wpdb->query( "UPDATE $wpdb->posts SET comment_count = comment_count - 1 WHERE ID = '$post_id'" );
    228 
    229         do_action('wp_set_comment_status', $comment_id, 'delete');
    230         return true;
    231 }
    232 
    233 function get_comments_number( $post_id = 0 ) {
    234         global $wpdb, $comment_count_cache, $id;
    235         $post_id = (int) $post_id;
    236 
    237         if ( !$post_id )
    238                 $post_id = $id;
    239 
    240         if ( !isset($comment_count_cache[$post_id]) )
    241                 $comment_count_cache[$id] = $wpdb->get_var("SELECT comment_count FROM $wpdb->posts WHERE ID = '$post_id'");
    242 
    243         return apply_filters('get_comments_number', $comment_count_cache[$post_id]);
    244 }
    245 
    246 function comments_number( $zero = 'No Comments', $one = '1 Comment', $more = '% Comments', $number = '' ) {
    247         global $id, $comment;
    248         $number = get_comments_number( $id );
    249         if ($number == 0) {
    250                 $blah = $zero;
    251         } elseif ($number == 1) {
    252                 $blah = $one;
    253         } elseif ($number  > 1) {
    254                 $blah = str_replace('%', $number, $more);
    255         }
    256         echo apply_filters('comments_number', $blah);
    257 }
    258 
    259 function get_comments_link() {
    260         return get_permalink() . '#comments';
    261 }
    262 
    263 function get_comment_link() {
    264         global $comment;
    265         return get_permalink( $comment->comment_post_ID ) . '#comment-' . $comment->comment_ID;
    266 }
    267 
    268 function comments_link( $file = '', $echo = true ) {
    269     echo get_comments_link();
    270 }
    271 
    272 function comments_popup_script($width=400, $height=400, $file='') {
    273     global $wpcommentspopupfile, $wptrackbackpopupfile, $wppingbackpopupfile, $wpcommentsjavascript;
    274 
    275                 if (empty ($file)) {
    276                         $wpcommentspopupfile = '';  // Use the index.
    277                 } else {
    278                         $wpcommentspopupfile = $file;
    279                 }
    280 
    281     $wpcommentsjavascript = 1;
    282     $javascript = "<script type='text/javascript'>\nfunction wpopen (macagna) {\n    window.open(macagna, '_blank', 'width=$width,height=$height,scrollbars=yes,status=yes');\n}\n</script>\n";
    283     echo $javascript;
    284 }
    285 
    286 function comments_popup_link($zero='No Comments', $one='1 Comment', $more='% Comments', $CSSclass='', $none='Comments Off') {
    287         global $id, $wpcommentspopupfile, $wpcommentsjavascript, $post, $wpdb;
    288         global $comment_count_cache;
    289 
    290         if (! is_single() && ! is_page()) {
    291         if ( !isset($comment_count_cache[$id]) )
    292                 $comment_count_cache[$id] = $wpdb->get_var("SELECT COUNT(comment_ID) FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved = '1';");
    293 
    294         $number = $comment_count_cache[$id];
    295 
    296         if (0 == $number && 'closed' == $post->comment_status && 'closed' == $post->ping_status) {
    297                 echo $none;
    298                 return;
    299         } else {
    300                 if (!empty($post->post_password)) { // if there's a password
    301                         if ($_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password) {  // and it doesn't match the cookie
    302                                 echo(__('Enter your password to view comments'));
    303                                 return;
    304                         }
    305                 }
    306                 echo '<a href="';
    307                 if ($wpcommentsjavascript) {
    308                         if ( empty($wpcommentspopupfile) )
    309                                 $home = get_settings('home');
    310                         else
    311                                 $home = get_settings('siteurl');
    312                         echo $home . '/' . $wpcommentspopupfile.'?comments_popup='.$id;
    313                         echo '" onclick="wpopen(this.href); return false"';
    314                 } else { // if comments_popup_script() is not in the template, display simple comment link
    315                         if ( 0 == $number )
    316                                 echo get_permalink() . '#respond';
    317                         else
    318                                 comments_link();
    319                         echo '"';
    320                 }
    321                 if (!empty($CSSclass)) {
    322                         echo ' class="'.$CSSclass.'"';
    323                 }
    324                 echo ' title="' . sprintf( __('Comment on %s'), $post->post_title ) .'">';
    325                 comments_number($zero, $one, $more, $number);
    326                 echo '</a>';
    327         }
    328         }
    329 }
    330 
    331 function get_comment_ID() {
    332         global $comment;
    333         return apply_filters('get_comment_ID', $comment->comment_ID);
    334 }
    335 
    336 function comment_ID() {
    337         echo get_comment_ID();
    338 }
    339 
    340 function get_comment_author() {
    341         global $comment;
    342         if ( empty($comment->comment_author) )
    343                 $author = __('Anonymous');
    344         else
    345                 $author = $comment->comment_author;
    346         return apply_filters('get_comment_author', $author);
    347 }
    348 
    349 function comment_author() {
    350         $author = apply_filters('comment_author', get_comment_author() );
    351         echo $author;
    352 }
    353 
    354 function get_comment_author_email() {
    355         global $comment;
    356         return apply_filters('get_comment_author_email', $comment->comment_author_email);
    357 }
    358 
    359 function comment_author_email() {
    360         echo apply_filters('author_email', get_comment_author_email() );
    361 }
    362 
    363 function get_comment_author_link() {
    364         global $comment;
    365         $url    = get_comment_author_url();
    366         $author = get_comment_author();
    367 
    368         if ( empty( $url ) || 'http://' == $url )
    369                 $return = $author;
    370         else
    371                 $return = "<a href='$url' rel='external nofollow'>$author</a>";
    372         return apply_filters('get_comment_author_link', $return);
    373 }
    374 
    375 function comment_author_link() {
    376         echo get_comment_author_link();
    377 }
    378 
    379 function get_comment_type() {
    380         global $comment;
    381 
    382         if ( '' == $comment->comment_type )
    383                 $comment->comment_type = 'comment';
    384 
    385         return apply_filters('get_comment_type', $comment->comment_type);
    386 }
    387 
    388 function comment_type($commenttxt = 'Comment', $trackbacktxt = 'Trackback', $pingbacktxt = 'Pingback') {
    389         $type = get_comment_type();
    390         switch( $type ) {
    391                 case 'trackback' :
    392                         echo $trackbacktxt;
    393                         break;
    394                 case 'pingback' :
    395                         echo $pingbacktxt;
    396                         break;
    397                 default :
    398                         echo $commenttxt;
    399         }
    400 }
    401 
    402 function get_comment_author_url() {
    403         global $comment;
    404         return apply_filters('get_comment_author_url', $comment->comment_author_url);
    405 }
    406 
    407 function comment_author_url() {
    408         echo apply_filters('comment_url', get_comment_author_url());
    409 }
    410 
    411 function comment_author_email_link($linktext='', $before='', $after='') {
    412         global $comment;
    413         $email = apply_filters('comment_email', $comment->comment_author_email);
    414         if ((!empty($email)) && ($email != '@')) {
    415         $display = ($linktext != '') ? $linktext : $email;
    416                 echo $before;
    417                 echo "<a href='mailto:$email'>$display</a>";
    418                 echo $after;
    419         }
    420 }
    421 
    422 function get_comment_author_url_link( $linktext = '', $before = '', $after = '' ) {
    423         global $comment;
    424         $url = get_comment_author_url();
    425         $display = ($linktext != '') ? $linktext : $url;
    426         $return = "$before<a href='$url' rel='external'>$display</a>$after";
    427         return apply_filters('get_comment_author_url_link', $return);
    428 }
    429 
    430 function comment_author_url_link( $linktext = '', $before = '', $after = '' ) {
    431         echo get_comment_author_url_link( $linktext, $before, $after );
    432 }
    433 
    434 function get_comment_author_IP() {
    435         global $comment;
    436         return apply_filters('get_comment_author_IP', $comment->comment_author_IP);
    437 }
    438 
    439 function comment_author_IP() {
    440         echo get_comment_author_IP();
    441 }
    442 
    443 function get_comment_text() {
    444         global $comment;
    445         return apply_filters('get_comment_text', $comment->comment_content);
    446 }
    447 
    448 function comment_text() {
    449         echo apply_filters('comment_text', get_comment_text() );
    450 }
    451 
    452 function get_comment_excerpt() {
    453         global $comment;
    454         $comment_text = strip_tags($comment->comment_content);
    455         $blah = explode(' ', $comment_text);
    456         if (count($blah) > 20) {
    457                 $k = 20;
    458                 $use_dotdotdot = 1;
    459         } else {
    460                 $k = count($blah);
    461                 $use_dotdotdot = 0;
    462         }
    463         $excerpt = '';
    464         for ($i=0; $i<$k; $i++) {
    465                 $excerpt .= $blah[$i] . ' ';
    466         }
    467         $excerpt .= ($use_dotdotdot) ? '...' : '';
    468         return apply_filters('get_comment_excerpt', $excerpt);
    469 }
    470 
    471 function comment_excerpt() {
    472         echo apply_filters('comment_excerpt', get_comment_excerpt() );
    473 }
    474 
    475 function get_comment_date( $d = '' ) {
    476         global $comment;
    477         if ( '' == $d )
    478                 $date = mysql2date( get_settings('date_format'), $comment->comment_date);
    479         else
    480                 $date = mysql2date($d, $comment->comment_date);
    481         return apply_filters('get_comment_date', $date);
    482 }
    483 
    484 function comment_date( $d = '' ) {
    485         echo get_comment_date( $d );
    486 }
    487 
    488 function get_comment_time( $d = '', $gmt = false ) {
    489         global $comment;
    490         $comment_date = $gmt? $comment->comment_date_gmt : $comment->comment_date;
    491         if ( '' == $d )
    492                 $date = mysql2date(get_settings('time_format'), $comment_date);
    493         else
    494                 $date = mysql2date($d, $comment_date);
    495         return apply_filters('get_comment_time', $date);
    496 }
    497 
    498 function comment_time( $d = '' ) {
    499         echo get_comment_time($d);
    500 }
    501 
    502 function get_trackback_url() {
    503         global $id;
    504         $tb_url = get_settings('siteurl') . '/wp-trackback.php?p=' . $id;
    505 
    506         if ( '' != get_settings('permalink_structure') )
    507                 $tb_url = trailingslashit(get_permalink()) . 'trackback/';
    508 
    509         return $tb_url;
    510 }
    511 function trackback_url( $display = true ) {
    512         if ( $display)
    513                 echo get_trackback_url();
    514         else
    515                 return get_trackback_url();
    516 }
    517 
    518 function trackback_rdf($timezone = 0) {
    519         global $id;
    520         if (!stristr($_SERVER['HTTP_USER_AGENT'], 'W3C_Validator')) {
    521         echo '<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
    522             xmlns:dc="http://purl.org/dc/elements/1.1/"
    523             xmlns:trackback="http://madskills.com/public/xml/rss/module/trackback/">
    524                 <rdf:Description rdf:about="';
    525         the_permalink();
    526         echo '"'."\n";
    527         echo '    dc:identifier="';
    528         the_permalink();
    529         echo '"'."\n";
    530         echo '    dc:title="'.str_replace('--', '&#x2d;&#x2d;', wptexturize(strip_tags(get_the_title()))).'"'."\n";
    531         echo '    trackback:ping="'.trackback_url(0).'"'." />\n";
    532         echo '</rdf:RDF>';
    533         }
    534 }
    535 
    536 function comments_open() {
    537         global $post;
    538         if ( 'open' == $post->comment_status )
    539                 return true;
    540         else
    541                 return false;
    542 }
    543 
    544 function pings_open() {
    545         global $post;
    546         if ( 'open' == $post->ping_status )
    547                 return true;
    548         else
    549                 return false;
    550 }
    551 
    552 // Non-template functions
    553 
    554 function get_lastcommentmodified($timezone = 'server') {
    555         global $cache_lastcommentmodified, $pagenow, $wpdb;
    556         $add_seconds_blog = get_settings('gmt_offset') * 3600;
    557         $add_seconds_server = date('Z');
    558         $now = current_time('mysql', 1);
    559         if ( !isset($cache_lastcommentmodified[$timezone]) ) {
    560                 switch(strtolower($timezone)) {
    561                         case 'gmt':
    562                                 $lastcommentmodified = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");
    563                                 break;
    564                         case 'blog':
    565                                 $lastcommentmodified = $wpdb->get_var("SELECT comment_date FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");
    566                                 break;
    567                         case 'server':
    568                                 $lastcommentmodified = $wpdb->get_var("SELECT DATE_ADD(comment_date_gmt, INTERVAL '$add_seconds_server' SECOND) FROM $wpdb->comments WHERE comment_date_gmt <= '$now' ORDER BY comment_date_gmt DESC LIMIT 1");
    569                                 break;
    570                 }
    571                 $cache_lastcommentmodified[$timezone] = $lastcommentmodified;
    572         } else {
    573                 $lastcommentmodified = $cache_lastcommentmodified[$timezone];
    574         }
    575         return $lastcommentmodified;
    576 }
    577 
    578 function get_commentdata( $comment_ID, $no_cache = 0, $include_unapproved = false ) { // less flexible, but saves DB queries
    579         global $postc, $id, $commentdata, $wpdb;
    580         if ($no_cache) {
    581                 $query = "SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment_ID'";
    582                 if (false == $include_unapproved) {
    583                     $query .= " AND comment_approved = '1'";
    584                 }
    585                 $myrow = $wpdb->get_row($query, ARRAY_A);
    586         } else {
    587                 $myrow['comment_ID'] = $postc->comment_ID;
    588                 $myrow['comment_post_ID'] = $postc->comment_post_ID;
    589                 $myrow['comment_author'] = $postc->comment_author;
    590                 $myrow['comment_author_email'] = $postc->comment_author_email;
    591                 $myrow['comment_author_url'] = $postc->comment_author_url;
    592                 $myrow['comment_author_IP'] = $postc->comment_author_IP;
    593                 $myrow['comment_date'] = $postc->comment_date;
    594                 $myrow['comment_content'] = $postc->comment_content;
    595                 $myrow['comment_karma'] = $postc->comment_karma;
    596                 $myrow['comment_approved'] = $postc->comment_approved;
    597                 $myrow['comment_type'] = $postc->comment_type;
    598         }
    599         return $myrow;
    600 }
    601 
    602 function pingback($content, $post_ID) {
    603         global $wp_version, $wpdb;
    604         include_once (ABSPATH . WPINC . '/class-IXR.php');
    605 
    606         // original code by Mort (http://mort.mine.nu:8080)
    607         $log = debug_fopen(ABSPATH . '/pingback.log', 'a');
    608         $post_links = array();
    609         debug_fwrite($log, 'BEGIN '.date('YmdHis', time())."\n");
    610 
    611         $pung = get_pung($post_ID);
    612 
    613         // Variables
    614         $ltrs = '\w';
    615         $gunk = '/#~:.?+=&%@!\-';
    616         $punc = '.:?\-';
    617         $any = $ltrs . $gunk . $punc;
    618 
    619         // Step 1
    620         // Parsing the post, external links (if any) are stored in the $post_links array
    621         // This regexp comes straight from phpfreaks.com
    622         // http://www.phpfreaks.com/quickcode/Extract_All_URLs_on_a_Page/15.php
    623         preg_match_all("{\b http : [$any] +? (?= [$punc] * [^$any] | $)}x", $content, $post_links_temp);
    624 
    625         // Debug
    626         debug_fwrite($log, 'Post contents:');
    627         debug_fwrite($log, $content."\n");
    628 
    629         // Step 2.
    630         // Walking thru the links array
    631         // first we get rid of links pointing to sites, not to specific files
    632         // Example:
    633         // http://dummy-weblog.org
    634         // http://dummy-weblog.org/
    635         // http://dummy-weblog.org/post.php
    636         // We don't wanna ping first and second types, even if they have a valid <link/>
    637 
    638         foreach($post_links_temp[0] as $link_test) :
    639                 if ( !in_array($link_test, $pung) && (url_to_postid($link_test) != $post_ID) // If we haven't pung it already and it isn't a link to itself
    640                                 && !is_local_attachment($link_test) ) : // Also, let's never ping local attachments.
    641                         $test = parse_url($link_test);
    642                         if (isset($test['query']))
    643                                 $post_links[] = $link_test;
    644                         elseif(($test['path'] != '/') && ($test['path'] != ''))
    645                                 $post_links[] = $link_test;
    646                 endif;
    647         endforeach;
    648 
    649         do_action('pre_ping',  array(&$post_links, &$pung));
    650 
    651         foreach ($post_links as $pagelinkedto){
    652                 debug_fwrite($log, "Processing -- $pagelinkedto\n");
    653                 $pingback_server_url = discover_pingback_server_uri($pagelinkedto, 2048);
    654 
    655                 if ($pingback_server_url) {
    656                         @ set_time_limit( 60 );
    657                          // Now, the RPC call
    658                         debug_fwrite($log, "Page Linked To: $pagelinkedto \n");
    659                         debug_fwrite($log, 'Page Linked From: ');
    660                         $pagelinkedfrom = get_permalink($post_ID);
    661                         debug_fwrite($log, $pagelinkedfrom."\n");
    662 
    663                         // using a timeout of 3 seconds should be enough to cover slow servers
    664                         $client = new IXR_Client($pingback_server_url);
    665                         $client->timeout = 3;
    666                         $client->useragent .= ' -- WordPress/' . $wp_version;
    667 
    668                         // when set to true, this outputs debug messages by itself
    669                         $client->debug = false;
    670 
    671                         if ( $client->query('pingback.ping', $pagelinkedfrom, $pagelinkedto ) )
    672                                 add_ping( $post_ID, $pagelinkedto );
    673                         else
    674                                 debug_fwrite($log, "Error.\n Fault code: ".$client->getErrorCode()." : ".$client->getErrorMessage()."\n");
    675                 }
    676         }
    677 
    678         debug_fwrite($log, "\nEND: ".time()."\n****************************\n");
    679         debug_fclose($log);
    680 }
    681 
    682 function discover_pingback_server_uri($url, $timeout_bytes = 2048) {
    683         global $wp_version;
    684 
    685         $byte_count = 0;
    686         $contents = '';
    687         $headers = '';
    688         $pingback_str_dquote = 'rel="pingback"';
    689         $pingback_str_squote = 'rel=\'pingback\'';
    690         $x_pingback_str = 'x-pingback: ';
    691         $pingback_href_original_pos = 27;
    692 
    693         extract(parse_url($url));
    694 
    695         if (!isset($host)) {
    696                 // Not an URL. This should never happen.
    697                 return false;
    698         }
    699 
    700         $path  = (!isset($path)) ? '/'        : $path;
    701         $path .= (isset($query)) ? '?'.$query : '';
    702         $port  = (isset($port))  ? $port      : 80;
    703 
    704         // Try to connect to the server at $host
    705         $fp = @fsockopen($host, $port, $errno, $errstr, 2);
    706         if (!$fp) {
    707                 // Couldn't open a connection to $host;
    708                 return false;
    709         }
    710 
    711         // Send the GET request
    712         $request = "GET $path HTTP/1.1\r\nHost: $host\r\nUser-Agent: WordPress/$wp_version \r\n\r\n";
    713 //      ob_end_flush();
    714         fputs($fp, $request);
    715 
    716         // Let's check for an X-Pingback header first
    717         while (!feof($fp)) {
    718                 $line = fgets($fp, 512);
    719                 if (trim($line) == '') {
    720                         break;
    721                 }
    722                 $headers .= trim($line)."\n";
    723                 $x_pingback_header_offset = strpos(strtolower($headers), $x_pingback_str);
    724                 if ($x_pingback_header_offset) {
    725                         // We got it!
    726                         preg_match('#x-pingback: (.+)#is', $headers, $matches);
    727                         $pingback_server_url = trim($matches[1]);
    728                         return $pingback_server_url;
    729                 }
    730                 if(strpos(strtolower($headers), 'content-type: ')) {
    731                         preg_match('#content-type: (.+)#is', $headers, $matches);
    732                         $content_type = trim($matches[1]);
    733                 }
    734         }
    735 
    736         if (preg_match('#(image|audio|video|model)/#is', $content_type)) {
    737                 // Not an (x)html, sgml, or xml page, no use going further
    738                 return false;
    739         }
    740 
    741         while (!feof($fp)) {
    742                 $line = fgets($fp, 1024);
    743                 $contents .= trim($line);
    744                 $pingback_link_offset_dquote = strpos($contents, $pingback_str_dquote);
    745                 $pingback_link_offset_squote = strpos($contents, $pingback_str_squote);
    746                 if ($pingback_link_offset_dquote || $pingback_link_offset_squote) {
    747                         $quote = ($pingback_link_offset_dquote) ? '"' : '\'';
    748                         $pingback_link_offset = ($quote=='"') ? $pingback_link_offset_dquote : $pingback_link_offset_squote;
    749                         $pingback_href_pos = @strpos($contents, 'href=', $pingback_link_offset);
    750                         $pingback_href_start = $pingback_href_pos+6;
    751                         $pingback_href_end = @strpos($contents, $quote, $pingback_href_start);
    752                         $pingback_server_url_len = $pingback_href_end - $pingback_href_start;
    753                         $pingback_server_url = substr($contents, $pingback_href_start, $pingback_server_url_len);
    754                         // We may find rel="pingback" but an incomplete pingback URI
    755                         if ($pingback_server_url_len > 0) {
    756                                 // We got it!
    757                                 return $pingback_server_url;
    758                         }
    759                 }
    760                 $byte_count += strlen($line);
    761                 if ($byte_count > $timeout_bytes) {
    762                         // It's no use going further, there probably isn't any pingback
    763                         // server to find in this file. (Prevents loading large files.)
    764                         return false;
    765                 }
    766         }
    767 
    768         // We didn't find anything.
    769         return false;
    770 }
    771 
    772 function is_local_attachment($url) {
    773         if ( !strstr($url, get_bloginfo('home') ) )
    774                 return false;
    775         if ( strstr($url, get_bloginfo('home') . '/?attachment_id=') )
    776                 return true;
    777         if ( $id = url_to_postid($url) ) {
    778                 $post = & get_post($id);
    779                 if ( 'attachment' == $post->post_type )
    780                         return true;
    781         }
    782         return false;
    783 }
    784 
    785 function wp_set_comment_status($comment_id, $comment_status) {
    786     global $wpdb;
    787 
    788     switch($comment_status) {
    789                 case 'hold':
    790                         $query = "UPDATE $wpdb->comments SET comment_approved='0' WHERE comment_ID='$comment_id' LIMIT 1";
    791                 break;
    792                 case 'approve':
    793                         $query = "UPDATE $wpdb->comments SET comment_approved='1' WHERE comment_ID='$comment_id' LIMIT 1";
    794                 break;
    795                 case 'spam':
    796                         $query = "UPDATE $wpdb->comments SET comment_approved='spam' WHERE comment_ID='$comment_id' LIMIT 1";
    797                 break;
    798                 case 'delete':
    799                         return wp_delete_comment($comment_id);
    800                 break;
    801                 default:
    802                         return false;
    803     }
    804    
    805     if ($wpdb->query($query)) {
    806                 do_action('wp_set_comment_status', $comment_id, $comment_status);
    807 
    808                 $comment = get_comment($comment_id);
    809                 $comment_post_ID = $comment->comment_post_ID;
    810                 $c = $wpdb->get_row( "SELECT count(*) as c FROM {$wpdb->comments} WHERE comment_post_ID = '$comment_post_ID' AND comment_approved = '1'" );
    811                 if( is_object( $c ) )
    812                         $wpdb->query( "UPDATE $wpdb->posts SET comment_count = '$c->c' WHERE ID = '$comment_post_ID'" );
    813                 return true;
    814     } else {
    815                 return false;
    816     }
    817 }
    818 
    819 function wp_get_comment_status($comment_id) {
    820         global $wpdb;
    821 
    822         $result = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1");
    823         if ($result == NULL) {
    824                 return 'deleted';
    825         } else if ($result == '1') {
    826                 return 'approved';
    827         } else if ($result == '0') {
    828                 return 'unapproved';
    829         } else if ($result == 'spam') {
    830                 return 'spam';
    831         } else {
    832                 return false;
    833         }
    834 }
    835 
    836 function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $comment_type) {
    837         global $wpdb;
    838 
    839         if (1 == get_settings('comment_moderation')) return false; // If moderation is set to manual
    840 
    841         if ( (count(explode('http:', $comment)) - 1) >= get_settings('comment_max_links') )
    842                 return false; // Check # of external links
    843 
    844         $mod_keys = trim( get_settings('moderation_keys') );
    845         if ( !empty($mod_keys) ) {
    846                 $words = explode("\n", $mod_keys );
    847 
    848                 foreach ($words as $word) {
    849                         $word = trim($word);
    850 
    851                         // Skip empty lines
    852                         if (empty($word)) { continue; }
    853 
    854                         // Do some escaping magic so that '#' chars in the
    855                         // spam words don't break things:
    856                         $word = preg_quote($word, '#');
    857 
    858                         $pattern = "#$word#i";
    859                         if ( preg_match($pattern, $author) ) return false;
    860                         if ( preg_match($pattern, $email) ) return false;
    861                         if ( preg_match($pattern, $url) ) return false;
    862                         if ( preg_match($pattern, $comment) ) return false;
    863                         if ( preg_match($pattern, $user_ip) ) return false;
    864                         if ( preg_match($pattern, $user_agent) ) return false;
    865                 }
    866         }
    867 
    868         // Comment whitelisting:
    869         if ( 1 == get_settings('comment_whitelist')) {
    870                 if ( 'trackback' == $comment_type || 'pingback' == $comment_type ) { // check if domain is in blogroll
    871                         $uri = parse_url($url);
    872                         $domain = $uri['host'];
    873                         $uri = parse_url( get_option('home') );
    874                         $home_domain = $uri['host'];
    875                         if ( $wpdb->get_var("SELECT link_id FROM $wpdb->links WHERE link_url LIKE ('%$domain%') LIMIT 1") || $domain == $home_domain )
    876                                 return true;
    877                         else
    878                                 return false;
    879                 } elseif( $author != '' && $email != '' ) {
    880                         $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1");
    881                         if ( ( 1 == $ok_to_comment ) &&
    882                                 ( empty($mod_keys) || false === strpos( $email, $mod_keys) ) )
    883                                         return true;
    884                         else
    885                                 return false;
    886                 } else {
    887                         return false;
    888                 }
    889         }
    890 
    891         return true;
    892 }
    893 
    894 function get_approved_comments($post_id) {
    895         global $wpdb;
    896         return $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $post_id AND comment_approved = '1' ORDER BY comment_date");
    897 }
    898 
    899 ?>
  • wp-includes/comment-template.php

     
     1<?php
     2/*
     3 * Comment template functions.
     4 */
     5
     6function get_comment_author() {
     7        global $comment;
     8        if ( empty($comment->comment_author) )
     9                $author = __('Anonymous');
     10        else
     11                $author = $comment->comment_author;
     12        return apply_filters('get_comment_author', $author);
     13}
     14
     15function comment_author() {
     16        $author = apply_filters('comment_author', get_comment_author() );
     17        echo $author;
     18}
     19
     20function get_comment_author_email() {
     21        global $comment;
     22        return apply_filters('get_comment_author_email', $comment->comment_author_email);
     23}
     24
     25function comment_author_email() {
     26        echo apply_filters('author_email', get_comment_author_email() );
     27}
     28
     29function comment_author_email_link($linktext='', $before='', $after='') {
     30        global $comment;
     31        $email = apply_filters('comment_email', $comment->comment_author_email);
     32        if ((!empty($email)) && ($email != '@')) {
     33        $display = ($linktext != '') ? $linktext : $email;
     34                echo $before;
     35                echo "<a href='mailto:$email'>$display</a>";
     36                echo $after;
     37        }
     38}
     39
     40function get_comment_author_link() {
     41        global $comment;
     42        $url    = get_comment_author_url();
     43        $author = get_comment_author();
     44
     45        if ( empty( $url ) || 'http://' == $url )
     46                $return = $author;
     47        else
     48                $return = "<a href='$url' rel='external nofollow'>$author</a>";
     49        return apply_filters('get_comment_author_link', $return);
     50}
     51
     52function comment_author_link() {
     53        echo get_comment_author_link();
     54}
     55
     56function get_comment_author_IP() {
     57        global $comment;
     58        return apply_filters('get_comment_author_IP', $comment->comment_author_IP);
     59}
     60
     61function comment_author_IP() {
     62        echo get_comment_author_IP();
     63}
     64
     65function get_comment_author_url() {
     66        global $comment;
     67        return apply_filters('get_comment_author_url', $comment->comment_author_url);
     68}
     69
     70function comment_author_url() {
     71        echo apply_filters('comment_url', get_comment_author_url());
     72}
     73
     74function get_comment_author_url_link( $linktext = '', $before = '', $after = '' ) {
     75        global $comment;
     76        $url = get_comment_author_url();
     77        $display = ($linktext != '') ? $linktext : $url;
     78        $return = "$before<a href='$url' rel='external'>$display</a>$after";
     79        return apply_filters('get_comment_author_url_link', $return);
     80}
     81
     82function comment_author_url_link( $linktext = '', $before = '', $after = '' ) {
     83        echo get_comment_author_url_link( $linktext, $before, $after );
     84}
     85
     86function get_comment_date( $d = '' ) {
     87        global $comment;
     88        if ( '' == $d )
     89                $date = mysql2date( get_settings('date_format'), $comment->comment_date);
     90        else
     91                $date = mysql2date($d, $comment->comment_date);
     92        return apply_filters('get_comment_date', $date);
     93}
     94
     95function comment_date( $d = '' ) {
     96        echo get_comment_date( $d );
     97}
     98
     99function get_comment_excerpt() {
     100        global $comment;
     101        $comment_text = strip_tags($comment->comment_content);
     102        $blah = explode(' ', $comment_text);
     103        if (count($blah) > 20) {
     104                $k = 20;
     105                $use_dotdotdot = 1;
     106        } else {
     107                $k = count($blah);
     108                $use_dotdotdot = 0;
     109        }
     110        $excerpt = '';
     111        for ($i=0; $i<$k; $i++) {
     112                $excerpt .= $blah[$i] . ' ';
     113        }
     114        $excerpt .= ($use_dotdotdot) ? '...' : '';
     115        return apply_filters('get_comment_excerpt', $excerpt);
     116}
     117
     118function comment_excerpt() {
     119        echo apply_filters('comment_excerpt', get_comment_excerpt() );
     120}
     121
     122function get_comment_ID() {
     123        global $comment;
     124        return apply_filters('get_comment_ID', $comment->comment_ID);
     125}
     126
     127function comment_ID() {
     128        echo get_comment_ID();
     129}
     130
     131function get_comment_link() {
     132        global $comment;
     133        return get_permalink( $comment->comment_post_ID ) . '#comment-' . $comment->comment_ID;
     134}
     135
     136function get_comments_link() {
     137        return get_permalink() . '#comments';
     138}
     139
     140function comments_link( $file = '', $echo = true ) {
     141    echo get_comments_link();
     142}
     143
     144function get_comments_number( $post_id = 0 ) {
     145        global $wpdb, $comment_count_cache, $id;
     146        $post_id = (int) $post_id;
     147
     148        if ( !$post_id )
     149                $post_id = $id;
     150
     151        // TODO: Remove SELECT.  Use get_post().
     152        if ( !isset($comment_count_cache[$post_id]) )
     153                $comment_count_cache[$id] = $wpdb->get_var("SELECT comment_count FROM $wpdb->posts WHERE ID = '$post_id'");
     154
     155        return apply_filters('get_comments_number', $comment_count_cache[$post_id]);
     156}
     157
     158function comments_number( $zero = 'No Comments', $one = '1 Comment', $more = '% Comments', $number = '' ) {
     159        global $id, $comment;
     160        $number = get_comments_number( $id );
     161        if ($number == 0) {
     162                $blah = $zero;
     163        } elseif ($number == 1) {
     164                $blah = $one;
     165        } elseif ($number  > 1) {
     166                $blah = str_replace('%', $number, $more);
     167        }
     168        echo apply_filters('comments_number', $blah);
     169}
     170
     171function get_comment_text() {
     172        global $comment;
     173        return apply_filters('get_comment_text', $comment->comment_content);
     174}
     175
     176function comment_text() {
     177        echo apply_filters('comment_text', get_comment_text() );
     178}
     179
     180function get_comment_time( $d = '', $gmt = false ) {
     181        global $comment;
     182        $comment_date = $gmt? $comment->comment_date_gmt : $comment->comment_date;
     183        if ( '' == $d )
     184                $date = mysql2date(get_settings('time_format'), $comment_date);
     185        else
     186                $date = mysql2date($d, $comment_date);
     187        return apply_filters('get_comment_time', $date);
     188}
     189
     190function comment_time( $d = '' ) {
     191        echo get_comment_time($d);
     192}
     193
     194function get_comment_type() {
     195        global $comment;
     196
     197        if ( '' == $comment->comment_type )
     198                $comment->comment_type = 'comment';
     199
     200        return apply_filters('get_comment_type', $comment->comment_type);
     201}
     202
     203function comment_type($commenttxt = 'Comment', $trackbacktxt = 'Trackback', $pingbacktxt = 'Pingback') {
     204        $type = get_comment_type();
     205        switch( $type ) {
     206                case 'trackback' :
     207                        echo $trackbacktxt;
     208                        break;
     209                case 'pingback' :
     210                        echo $pingbacktxt;
     211                        break;
     212                default :
     213                        echo $commenttxt;
     214        }
     215}
     216
     217function get_trackback_url() {
     218        global $id;
     219        $tb_url = get_settings('siteurl') . '/wp-trackback.php?p=' . $id;
     220
     221        if ( '' != get_settings('permalink_structure') )
     222                $tb_url = trailingslashit(get_permalink()) . 'trackback/';
     223
     224        return $tb_url;
     225}
     226function trackback_url( $display = true ) {
     227        if ( $display)
     228                echo get_trackback_url();
     229        else
     230                return get_trackback_url();
     231}
     232
     233function trackback_rdf($timezone = 0) {
     234        global $id;
     235        if (!stristr($_SERVER['HTTP_USER_AGENT'], 'W3C_Validator')) {
     236        echo '<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
     237            xmlns:dc="http://purl.org/dc/elements/1.1/"
     238            xmlns:trackback="http://madskills.com/public/xml/rss/module/trackback/">
     239                <rdf:Description rdf:about="';
     240        the_permalink();
     241        echo '"'."\n";
     242        echo '    dc:identifier="';
     243        the_permalink();
     244        echo '"'."\n";
     245        echo '    dc:title="'.str_replace('--', '&#x2d;&#x2d;', wptexturize(strip_tags(get_the_title()))).'"'."\n";
     246        echo '    trackback:ping="'.trackback_url(0).'"'." />\n";
     247        echo '</rdf:RDF>';
     248        }
     249}
     250
     251function comments_open() {
     252        global $post;
     253        if ( 'open' == $post->comment_status )
     254                return true;
     255        else
     256                return false;
     257}
     258
     259function pings_open() {
     260        global $post;
     261        if ( 'open' == $post->ping_status )
     262                return true;
     263        else
     264                return false;
     265}
     266
     267function comments_template( $file = '/comments.php' ) {
     268        global $wp_query, $withcomments, $post, $wpdb, $id, $comment, $user_login, $user_ID, $user_identity;
     269
     270        if ( is_single() || is_page() || $withcomments ) :
     271                $req = get_settings('require_name_email');
     272                $comment_author = '';
     273                if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) {
     274                        $comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]);
     275                        $comment_author = stripslashes($comment_author);
     276                        $comment_author = wp_specialchars($comment_author, true);
     277                }
     278                $comment_author_email = '';
     279                if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) {
     280                        $comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]);
     281                        $comment_author_email = stripslashes($comment_author_email);
     282                        $comment_author_email = wp_specialchars($comment_author_email, true);           
     283                }
     284                $comment_author_url = '';
     285                if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) {
     286                        $comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]);
     287                        $comment_author_url = stripslashes($comment_author_url);
     288                        $comment_author_url = wp_specialchars($comment_author_url, true);               
     289                }
     290
     291        // TODO: Use API instead of SELECTs.
     292        if ( empty($comment_author) ) {
     293                $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND comment_approved = '1' ORDER BY comment_date");
     294        } else {
     295                $author_db = $wpdb->escape($comment_author);
     296                $email_db  = $wpdb->escape($comment_author_email);
     297                $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND ( comment_approved = '1' OR ( comment_author = '$author_db' AND comment_author_email = '$email_db' AND comment_approved = '0' ) ) ORDER BY comment_date");
     298        }
     299
     300        define('COMMENTS_TEMPLATE', true);
     301        $include = apply_filters('comments_template', TEMPLATEPATH . $file );
     302        if ( file_exists( $include ) )
     303                require( $include );
     304        else
     305                require( ABSPATH . 'wp-content/themes/default/comments.php');
     306
     307        endif;
     308}
     309
     310function comments_popup_script($width=400, $height=400, $file='') {
     311    global $wpcommentspopupfile, $wptrackbackpopupfile, $wppingbackpopupfile, $wpcommentsjavascript;
     312
     313                if (empty ($file)) {
     314                        $wpcommentspopupfile = '';  // Use the index.
     315                } else {
     316                        $wpcommentspopupfile = $file;
     317                }
     318
     319    $wpcommentsjavascript = 1;
     320    $javascript = "<script type='text/javascript'>\nfunction wpopen (macagna) {\n    window.open(macagna, '_blank', 'width=$width,height=$height,scrollbars=yes,status=yes');\n}\n</script>\n";
     321    echo $javascript;
     322}
     323
     324function comments_popup_link($zero='No Comments', $one='1 Comment', $more='% Comments', $CSSclass='', $none='Comments Off') {
     325        global $id, $wpcommentspopupfile, $wpcommentsjavascript, $post, $wpdb;
     326        global $comment_count_cache;
     327
     328        if (! is_single() && ! is_page()) {
     329        // TODO: Use API instead of SELECT
     330        if ( !isset($comment_count_cache[$id]) )
     331                $comment_count_cache[$id] = $wpdb->get_var("SELECT COUNT(comment_ID) FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved = '1';");
     332
     333        $number = $comment_count_cache[$id];
     334
     335        if (0 == $number && 'closed' == $post->comment_status && 'closed' == $post->ping_status) {
     336                echo $none;
     337                return;
     338        } else {
     339                if (!empty($post->post_password)) { // if there's a password
     340                        if ($_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password) {  // and it doesn't match the cookie
     341                                echo(__('Enter your password to view comments'));
     342                                return;
     343                        }
     344                }
     345                echo '<a href="';
     346                if ($wpcommentsjavascript) {
     347                        if ( empty($wpcommentspopupfile) )
     348                                $home = get_settings('home');
     349                        else
     350                                $home = get_settings('siteurl');
     351                        echo $home . '/' . $wpcommentspopupfile.'?comments_popup='.$id;
     352                        echo '" onclick="wpopen(this.href); return false"';
     353                } else { // if comments_popup_script() is not in the template, display simple comment link
     354                        if ( 0 == $number )
     355                                echo get_permalink() . '#respond';
     356                        else
     357                                comments_link();
     358                        echo '"';
     359                }
     360                if (!empty($CSSclass)) {
     361                        echo ' class="'.$CSSclass.'"';
     362                }
     363                echo ' title="' . sprintf( __('Comment on %s'), $post->post_title ) .'">';
     364                comments_number($zero, $one, $more, $number);
     365                echo '</a>';
     366        }
     367        }
     368}
     369
     370?>