Make WordPress Core

Changeset 1616


Ignore:
Timestamp:
09/07/2004 02:34:12 AM (20 years ago)
Author:
saxmatt
Message:

Move trackbacks to new comment function.

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/functions-post.php

    r1604 r1616  
    344344}
    345345
     346function wp_new_comment($commentdata) {
     347    global $wpdb;
     348    extract($commentdata);
     349
     350    $comment_post_id = (int) $comment_post_id;
     351
     352    $comment_author = strip_tags($comment_author);
     353    $comment_author = htmlspecialchars($comment_author);
     354    $comment_author = $wpdb->escape($comment_author);
     355
     356    $comment_author_email = preg_replace('/[^a-z+_.@-]/i', '', $comment_author_email);
     357
     358    $comment_author_url = strip_tags($comment_author_url);
     359    $comment_author_url = htmlspecialchars($comment_author_url);
     360    $comment_author_url = $wpdb->escape($comment_author_url);
     361
     362    $comment_content = apply_filters('comment_content_presave', $comment_content);
     363    $comment_content = $wpdb->escape($comment_content);
     364
     365    $user_ip = addslashes($_SERVER['REMOTE_ADDR']);
     366    $user_domain = addslashes( gethostbyaddr($user_ip) );
     367    $now = current_time('mysql');
     368    $now_gmt = current_time('mysql', 1);
     369    $user_agent = addslashes($_SERVER['HTTP_USER_AGENT']);
     370
     371    // Simple flood-protection
     372    if ( $lasttime = $wpdb->get_var("SELECT comment_date FROM $wpdb->comments WHERE comment_author_IP = '$user_ip' ORDER BY comment_date DESC LIMIT 1") ) {
     373        $time_lastcomment= mysql2date('U', $lasttime);
     374        $time_newcomment= mysql2date('U', $now);
     375        if ( ($time_newcomment - $time_lastcomment) < 15 )
     376            die( __('Sorry, you can only post a new comment once every 15 seconds. Slow down cowboy.') );
     377    }
     378
     379    if( check_comment($author, $email, $url, $comment, $user_ip, $user_agent) )
     380        $approved = 1;
     381    else
     382        $approved = 0;
     383
     384    $result = $wpdb->query("INSERT INTO $wpdb->comments
     385    (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent)
     386    VALUES
     387    ('$comment_post_ID', '$author', '$email', '$tb_url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved', '$user_agent')
     388    ");
     389
     390    if ( get_option('comments_notify') )
     391        wp_notify_postauthor($wpdb->insert_id, $comment_type);
     392
     393    return $result;
     394}
     395
    346396?>
  • trunk/wp-includes/functions.php

    r1615 r1616  
    577577    $wpdb->query("UPDATE $wpdb->posts SET to_ping = REPLACE(to_ping, '$tb_url', '') WHERE ID = '$ID'");
    578578    return $result;
    579 }
    580 
    581 // trackback - reply
    582 function trackback_response($error = 0, $error_message = '') {
    583     if ($error) {
    584         echo '<?xml version="1.0" encoding="utf-8"?'.">\n";
    585         echo "<response>\n";
    586         echo "<error>1</error>\n";
    587         echo "<message>$error_message</message>\n";
    588         echo "</response>";
    589     } else {
    590         echo '<?xml version="1.0" encoding="utf-8"?'.">\n";
    591         echo "<response>\n";
    592         echo "<error>0</error>\n";
    593         echo "</response>";
    594     }
    595     die();
    596579}
    597580
  • trunk/wp-trackback.php

    r1603 r1616  
    11<?php
    2 require(dirname(__FILE__) . '/wp-config.php');
     2$doing_trackback = 1;
     3require('./wp-config.php');
     4include_once (ABSPATH . WPINC . '/functions-post.php');
     5
     6function trackback_response($error = 0, $error_message = '') {
     7    header('Content-Type: text/xml; charset=' . get_option('blog_charset') );
     8    if ($error) {
     9        echo '<?xml version="1.0" encoding="utf-8"?'.">\n";
     10        echo "<response>\n";
     11        echo "<error>1</error>\n";
     12        echo "<message>$error_message</message>\n";
     13        echo "</response>";
     14    } else {
     15        echo '<?xml version="1.0" encoding="utf-8"?'.">\n";
     16        echo "<response>\n";
     17        echo "<error>0</error>\n";
     18        echo "</response>";
     19    }
     20    die();
     21}
    322
    423// trackback is done by a POST
    524$request_array = 'HTTP_POST_VARS';
    6 $tb_id = explode('/', $_SERVER['REQUEST_URI']);
    7 $tb_id = intval($tb_id[count($tb_id)-1]);
     25if (!$tb_id) {
     26    $tb_id = explode('/', $_SERVER['REQUEST_URI']);
     27    $tb_id = intval($tb_id[count($tb_id)-1]);
     28}
    829$tb_url = $_POST['url'];
    930$title = $_POST['title'];
     
    1132$blog_name = $_POST['blog_name'];
    1233
    13 if (! $doing_trackback) {
     34if ( !$doing_trackback) {
    1435    $doing_trackback = 1;
    15     require('wp-blog-header.php');
     36    require('./wp-blog-header.php');
    1637}
    1738
    18 if (is_single()) {
     39if ( is_single() )
    1940    $tb_id = $posts[0]->ID;
    20 }
     41
     42if ( !$tb_id)
     43    trackback_response(1, 'I really need an ID for this to work.');
    2144
    2245if (empty($title) && empty($tb_url) && empty($blog_name)) {
    2346    // If it doesn't look like a trackback at all...
    2447    header('Location: ' . get_permalink($tb_id));
     48    exit;
    2549}
    2650
    27 if ((strlen(''.$tb_id)) && (empty($_GET['__mode'])) && (strlen(''.$tb_url))) {
    28 
    29     @header('Content-Type: text/xml; charset=' . get_settings('blog_charset'));
     51if ( !empty($tb_url) && !empty($title) && !empty($tb_url) ) {
     52    header('Content-Type: text/xml; charset=' . get_option('blog_charset') );
    3053
    3154    $pingstatus = $wpdb->get_var("SELECT ping_status FROM $wpdb->posts WHERE ID = $tb_id");
     
    3457        trackback_response(1, 'Sorry, trackbacks are closed for this item.');
    3558
    36     $tb_url = addslashes($tb_url);
    37     $title = strip_tags($title);
    38     $title = (strlen($title) > 255) ? substr($title, 0, 252).'...' : $title;
     59    $title = strip_tags( htmlspecialchars( $title ) );
     60    $title = (strlen($title) > 250) ? substr($title, 0, 250) . '...' : $title;
    3961    $excerpt = strip_tags($excerpt);
    40     $excerpt = (strlen($excerpt) > 255) ? substr($excerpt, 0, 252).'...' : $excerpt;
     62    $excerpt = (strlen($excerpt) > 255) ? substr($excerpt, 0, 252) . '...' : $excerpt;
    4163    $blog_name = htmlspecialchars($blog_name);
    42     $blog_name = (strlen($blog_name) > 255) ? substr($blog_name, 0, 252).'...' : $blog_name;
     64    $blog_name = (strlen($blog_name) > 250) ? substr($blog_name, 0, 250) . '...' : $blog_name;
    4365
    44     $comment = '<trackback />';
    45     $comment .= "<strong>$title</strong>\n$excerpt";
     66    $comment_post_id = $tb_id;
     67    $commment_author = $blog_name;
     68    $comment_author_email = '';
     69    $comment_author_url = $tb_url;
     70    $comment_content = "<strong>$title</strong>\n\n$excerpt";
     71    $comment_type = 'trackback';
    4672
    47     $author = addslashes(stripslashes(stripslashes($blog_name)));
    48     $email = '';
    49     $original_comment = $comment;
    50     $comment_post_ID = $tb_id;
     73    $commentdata = compact('comment_post_id', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type');
    5174
    52     $user_ip = $_SERVER['REMOTE_ADDR'];
    53     $user_domain = gethostbyaddr($user_ip);
    54     $now = current_time('mysql');
    55     $now_gmt = current_time('mysql', 1);
     75    wp_new_comment($commentdata);
    5676
    57     $user_agent = addslashes($_SERVER['HTTP_USER_AGENT']);
     77    trackback_response(0);
     78    do_action('trackback_post', $wpdb->insert_id);
    5879
    59     $comment = convert_chars($comment);
    60     $comment = format_to_post($comment);
    61 
    62     $comment_author = $author;
    63     $comment_author_email = $email;
    64     $comment_author_url = $tb_url;
    65 
    66     $author = addslashes($author);
    67 
    68     $comment_moderation = get_settings('comment_moderation');
    69     $moderation_notify = get_settings('moderation_notify');
    70 
    71     if(check_comment($author, $email, $url, $comment, $user_ip, $user_agent)) {
    72         $approved = 1;
    73     } else {
    74         $approved = 0;
    75     }
    76 
    77     $result = $wpdb->query("INSERT INTO $wpdb->comments
    78     (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent)
    79     VALUES
    80     ('$comment_post_ID', '$author', '$email', '$tb_url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved', '$user_agent')
    81     ");
    82 
    83     if (!$result) {
    84         die ("There is an error with the database, it can't store your comment...<br />Please contact the webmaster.");
    85     } else {
    86         $comment_ID = $wpdb->get_var('SELECT last_insert_id()');
    87         if (get_settings('comments_notify'))
    88             wp_notify_postauthor($comment_ID, 'trackback');
    89         trackback_response(0);
    90         do_action('trackback_post', $comment_ID);
    91     }
    9280}
    9381?>
Note: See TracChangeset for help on using the changeset viewer.