Make WordPress Core

Changeset 2894


Ignore:
Timestamp:
09/20/2005 03:17:43 AM (19 years ago)
Author:
ryan
Message:

wp_insert_comment(), wp_update_comment(), wp_allow_comment(), and wp_filter_comment() from skeltoac. fixes #1683

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/import/blogger.php

    r2880 r2894  
    2222        echo '<h2>'.__('Import Blogger').'</h2>';
    2323        _e("<p>Howdy! This importer allows you to import posts and comments from your Blogger account into your WordPress blog.</p>
    24 <p>Before you get started, you may want to back up your Blogger template by copying and pasting it into a text file on your computer. This script has to modify your template and other Blogger settings so it can get your posts and comments. It should restore everything afterwards but if you have put a lot of work into your template, it would be a good idea to make your own backup first.</p>
     24<p>Before you get started, you should <u>back up your Blogger template</u> by copying and pasting it into a text file on your computer. This script has to modify your template and other Blogger settings so it can get your posts and comments. It should restore everything afterwards but if you have put a lot of work into your template, it would be a good idea to make your own backup first.</p>
    2525<p>When you are ready to begin, enter your Blogger username and password below and click Start. Do not close this window until the process is complete.</p>");
    2626        echo "<iframe src='admin.php?import=blogger&noheader=true' height='350px' width = '99%'></iframe>";
     
    3838    // Generates a string that will make the page reload in a specified interval.
    3939    function refresher($msec) {
    40         return "<html><head><script type='text/javascript'>window.onload=setInterval('window.location.reload()', $msec);</script>\n</head>\n<body>";
     40        if ( $msec )
     41            return "<html><head><script type='text/javascript'>window.onload=setTimeout('window.location.reload()', $msec);</script>\n</head>\n<body>\n";
     42        else
     43            return "<html><head><script type='text/javascript'>window.onload=window.location.reload();</script>\n</head>\n<body>\n";
    4144    }
    4245
     
    7982        curl_setopt($ch, CURLOPT_POSTFIELDS,$params);
    8083        curl_setopt($ch, CURLOPT_URL,$_url);
    81         curl_setopt($ch, CURLOPT_USERAGENT, 'Developing Blogger Exporter');
     84        curl_setopt($ch, CURLOPT_USERAGENT, 'Blogger Exporter');
    8285        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
    8386        curl_setopt($ch, CURLOPT_HEADER,1);
     
    99102        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
    100103        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
     104        curl_setopt($ch, CURLOPT_USERAGENT, 'Blogger Exporter');
    101105        curl_setopt($ch, CURLOPT_HEADER,1);
    102106        if (is_array($header)) curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
     
    131135        if ($user && $pass) curl_setopt($ch, CURLOPT_USERPWD,"{$user}:{$pass}");
    132136        curl_setopt($ch, CURLOPT_URL,$url);
    133         curl_setopt($ch, CURLOPT_USERAGENT, 'Developing Blogger Exporter');
     137        curl_setopt($ch, CURLOPT_USERAGENT, 'Blogger Exporter');
    134138        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
    135139        curl_setopt($ch, CURLOPT_HEADER,$parse);
     
    166170
    167171    // Publishes.
    168     function publish_blogger($i) {
     172    function publish_blogger($i, $text) {
     173        $head = $this->refresher(1000) . "<h1>$text</h1>\n";
    169174        if ( ! $this->import['blogs'][$_GET['blog']]['publish'][$i] ) {
    170175            // First call. Start the publish process.
     
    178183                if ( preg_match('#<p class="progressIndicator">.*</p>#U', $response['body'], $matches) ) {
    179184                    $progress = $matches[0];
    180                     die($progress);
     185                    die($head . $progress);
    181186                } else {
    182187                    echo "matches:<pre>" . print_r($matches,1) . "</pre>\n";
    183188                }
    184189            } else {
    185                 echo "<h1>Publish error: No 302</h1><p>Please tell the devs.</p><pre>" . addslashes(print_r($response,1)) . "</pre>\n";
     190                if ( strstr($response['body'], 'Please sign in before proceeding') ) {
     191                    $this->import['cookies'] = $this->login_blogger($this->import['user'], $this->import['pass']);
     192                    update_option('import-blogger', $this->import);
     193                    die($this->refresher(500) . "<h1>Logging into Blogger again...</h1>");
     194                } else {
     195                    echo "<h1>Publish error: No 302</h1><p>Please tell the devs.</p><pre>" . addslashes(print_r($response,1)) . "</pre>\n";
     196                }
    186197            }
    187198            die();
     
    194205                if ( strstr($progress, '100%') )
    195206                    $this->set_next_step($i);
    196                 die($progress);
     207                die($head . $progress);
    197208            } else {
    198209                echo "<h1>Publish error: No matches</h1><p>Please tell the devs.</p><pre>" . print_r($matches,1) . "</pre>\n";
     
    271282                    'published' => false,
    272283                    'archives' => false,
    273                     'newusers' => array(),
    274284                    'lump_authors' => false,
    275285                    'newusers' => 0,
     
    368378    // Step 3: Publish with the new template and settings.
    369379    function publish_blog() {
    370         echo $this->refresher(2400) . "<h1>Publishing with new template and options</h1>\n";
    371         $this->publish_blogger(5);
     380        $this->publish_blogger(5, 'Publishing with new template and options');
    372381    }
    373382
     
    403412                $commentcount = 0;
    404413                $skippedcommentcount = 0;
    405                 $status = '';
     414                $status = 'in progress...';
     415                $this->import['blogs'][$_GET['blog']]['archives']["$url"] = $status;
     416                update_option('import-blogger', $import);
    406417                $archive = implode('',file($url));
    407418   
     
    417428                    //$post_number = $postinfo[3];
    418429                    $post_title = ( $postinfo[4] != '' ) ? $postinfo[4] : $postinfo[3];
    419                     $post_author = trim($wpdb->escape($postinfo[1]));
    420                     $post_author_name = trim(addslashes($postinfo[1]));
     430                    $post_author_name = $wpdb->escape(trim($postinfo[1]));
    421431                    $post_author_email = $postinfo[5] ? $postinfo[5] : 'no@email.com';
    422432   
     
    465475                    $post_status = 'publish';
    466476   
    467                     if ( post_exists($post_title, '', $post_date) ) {
     477                    if ( $comment_post_ID = post_exists($post_title, '', $post_date) ) {
    468478                        $skippedpostcount++;
    469                         $comment_post_ID = $dupcheck[0]['ID'];
    470479                    } else {
    471480                        $post_array = compact('post_author', 'post_content', 'post_title', 'post_category', 'post_author', 'post_date', 'post_status');
     
    491500                            $commenthour = '00';
    492501                        $comment_date = "$commentyear-$commentmonth-$commentday $commenthour:$commentminute:$commentsecond";
    493                         $comment_author = addslashes(strip_tags(html_entity_decode($commentinfo[1]))); // Believe it or not, Blogger allows a user to call himself "Mr. Hell's Kitchen" which, as a string, really confuses SQL.
     502                        $comment_author = addslashes(strip_tags(html_entity_decode($commentinfo[1])));
    494503                        if ( strpos($commentinfo[1], 'a href') ) {
    495504                            $comment_author_parts = explode('&quot;', htmlentities($commentinfo[1]));
    496505                            $comment_author_url = $comment_author_parts[1];
    497506                        } else $comment_author_url = '';
    498                         $comment_content = addslashes($commentinfo[2]);
    499                         $comment_content = str_replace('<br>', '<br />', $comment_content);
    500                         if ( $comment_post_ID == comment_exists($comment_author, $comment_date) ) {
     507                        $comment_content = $commentinfo[2];
     508                        $comment_content = str_replace(array('<br>','<BR>','<br/>','<BR/>','<br />','<BR />'), "\n", $comment_content);
     509                        $comment_approved = 1;
     510                        if ( comment_exists($comment_author, $comment_date) ) {
    501511                            $skippedcommentcount++;
    502512                        } else {
    503                             $result = $wpdb->query("
    504                             INSERT INTO $wpdb->comments
    505                             (comment_post_ID,comment_author,comment_author_url,comment_date,comment_content)
    506                             VALUES
    507                                 ('$comment_post_ID','$comment_author','$comment_author_url','$comment_date','$comment_content')
    508                         ");
     513                            $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_date', 'comment_content', 'comment_approved');
     514                            $commentdata = wp_filter_comment($commentdata);
     515                            if ( false == wp_insert_comment($commentdata) ) $skippedcommentcount++;
    509516                        }
    510517                        $commentcount++;
     
    523530        if ( ! $did_one )
    524531            $this->set_next_step(7);
    525         die( $this->refresher(5000) . $output );
     532        die( $this->refresher(1000) . $output );
    526533    }
    527534
     
    569576    // Step 8: Republish, all back to normal
    570577    function republish_blog() {
    571         echo $this->refresher(2400) . "<h1>Publishing with original template and options</h1>\n";
    572         $this->publish_blogger(9);
     578        $this->publish_blogger(9, 'Publishing with original template and options');
    573579    }
    574580
     
    582588        if ( count($this->import['blogs']) > 1 )
    583589            echo "<li>In case you haven't done it already, you can import the posts from any other blogs you may have:" . $this->show_blogs() . "</li>\n";
    584         if ( $n = count($this->import['blogs'][$_GET['blog']]['newusers']) )
    585             echo "<li>Since we had to create $n new users, you probably want to go to <a href='users.php' target='_parent'>Authors & Users</a>, where you can give them new passwords or delete them. If you want to make all of the imported posts yours, you will be given that option when you delete the new authors.</li>\n";
     590        if ( $n = $this->import['blogs'][$_GET['blog']]['newusers'] )
     591            echo "<li>Since we had to create $n new user" . ( $n > 1 ? 's' : '' ) . ", you probably want to go to <a href='users.php' target='_parent'>Authors & Users</a>, where you can give them new passwords or delete them. If you want to make all of the imported posts yours, you will be given that option when you delete the new authors.</li>\n";
    586592       
    587593        echo "\n<ul>";
     
    596602        if ( isset($_GET['noheader']) ) {
    597603            $this->import = get_settings('import-blogger');
     604
     605            ob_start();
    598606
    599607            if ( isset($_GET['step']) ) {
     
    606614                $step = 0;
    607615            }
     616
    608617            switch ($step) {
    609618                case 0 :
  • trunk/wp-includes/comment-functions.php

    r2881 r2894  
    2929
    3030    endif;
     31}
     32
     33function wp_new_comment( $commentdata ) {
     34    $commentdata = apply_filters('preprocess_comment', $commentdata);
     35
     36    $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
     37    $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
     38    $commentdata['comment_agent'] = $_SERVER['HTTP_USER_AGENT'];
     39    $commentdata['comment_date'] = current_time('mysql');
     40    $commentdata['comment_date_gmt'] = current_time('mysql', 1);
     41
     42    $commentdata = wp_filter_comment($commentdata);
     43
     44    $commentdata['comment_approved'] = wp_allow_comment($commentdata);
     45
     46    $comment_ID = wp_insert_comment($commentdata);
     47
     48    do_action('comment_post', $comment_ID, $commentdata['approved']);
     49
     50    if ( 'spam' !== $commentdata['comment_approved'] ) { // If it's spam save it silently for later crunching
     51        if ( '0' == $commentdata['comment_approved'] )
     52            wp_notify_moderator($comment_ID);
     53   
     54        if ( get_settings('comments_notify') && $commentdata['comment_approved'] )
     55            wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
     56    }
     57
     58    return $comment_id;
     59}
     60
     61function wp_insert_comment($commentdata) {
     62    global $wpdb;
     63    extract($commentdata);
     64
     65    if ( ! isset($comment_author_IP) )
     66        $comment_author_IP = $_SERVER['REMOTE_ADDR'];
     67    if ( ! isset($comment_date) )
     68        $comment_date = current_time('mysql');
     69    if ( ! isset($comment_date_gmt) )
     70        $comment_date_gmt = gmdate('Y-m-d H:i:s', strtotime($comment_date) );
     71
     72    $result = $wpdb->query("INSERT INTO $wpdb->comments
     73    (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type, comment_parent, user_id)
     74    VALUES
     75    ('$comment_post_ID', '$comment_author', '$comment_author_email', '$comment_author_url', '$comment_author_IP', '$comment_date', '$comment_date_gmt', '$comment_content', '$comment_approved', '$comment_agent', '$comment_type', '$comment_parent', '$user_id')
     76    ");
     77
     78    return $wpdb->insert_id;
     79}
     80
     81function wp_filter_comment($commentdata) {
     82    $commentdata['user_id'] = apply_filters('pre_user_id', $commentdata['user_ID']);
     83    $commentdata['comment_agent'] = apply_filters('pre_comment_user_agent', $commentdata['comment_agent']);
     84    $commentdata['comment_author'] = apply_filters('pre_comment_author_name', $commentdata['comment_author']);
     85    $commentdata['comment_content'] = apply_filters('pre_comment_content', $commentdata['comment_content']);
     86    $commentdata['comment_author_IP'] = apply_filters('pre_comment_user_ip', $commentdata['comment_author_IP']);
     87    $commentdata['comment_author_url'] = apply_filters('pre_comment_author_url', $commentdata['comment_author_url']);
     88    $commentdata['comment_author_email'] = apply_filters('pre_comment_author_email', $commentdata['comment_author_email']);
     89    $commentdata['filtered'] = true;
     90    return $commentdata;
     91}
     92
     93function wp_allow_comment($commentdata) {
     94    global $wpdb;
     95    extract($commentdata);
     96
     97    $comment_user_domain = apply_filters('pre_comment_user_domain', gethostbyaddr($comment_author_ip) );
     98
     99    // Simple duplicate check
     100    $dupe = "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND ( comment_author = '$comment_author' ";
     101    if ( $comment_author_email )
     102        $dupe .= "OR comment_author_email = '$comment_author_email' ";
     103    $dupe .= ") AND comment_content = '$comment_content' LIMIT 1";
     104    if ( $wpdb->get_var($dupe) )
     105        die( __('Duplicate comment detected; it looks as though you\'ve already said that!') );
     106
     107    // Simple flood-protection
     108    if ( $lasttime = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_author_IP = '$comment_author_IP' OR comment_author_email = '$comment_author_email' ORDER BY comment_date DESC LIMIT 1") ) {
     109        $time_lastcomment = mysql2date('U', $lasttime);
     110        $time_newcomment  = mysql2date('U', $comment_date_gmt);
     111        if ( ($time_newcomment - $time_lastcomment) < 15 ) {
     112            do_action('comment_flood_trigger', $time_lastcomment, $time_newcomment);
     113            die( __('Sorry, you can only post a new comment once every 15 seconds. Slow down cowboy.') );
     114        }
     115    }
     116
     117    if ( $user_id ) {
     118        $userdata = get_userdata($user_id);
     119        $user = new WP_User($user_id);
     120        $post_author = $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = '$comment_post_ID' LIMIT 1");
     121    }
     122
     123    // The author and the admins get respect.
     124    if ( $userdata && ( $user_id == $post_author || $user->has_cap('level_9') ) ) {
     125        $approved = 1;
     126    }
     127
     128    // Everyone else's comments will be checked.
     129    else {
     130        if ( check_comment($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent, $comment_type) )
     131            $approved = 1;
     132        else
     133            $approved = 0;
     134        if ( wp_blacklist_check($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent) )
     135            $approved = 'spam';
     136    }
     137
     138    $approved = apply_filters('pre_comment_approved', $approved);
     139    return $approved;
     140}
     141
     142
     143function wp_update_comment($commentarr) {
     144    global $wpdb;
     145
     146    // First, get all of the original fields
     147    $comment = get_comment($commentarr['comment_ID'], ARRAY_A);
     148
     149    // Escape data pulled from DB.
     150    foreach ($comment as $key => $value)
     151        $comment[$key] = $wpdb->escape($value);
     152
     153    // Merge old and new fields with new fields overwriting old ones.
     154    $commentarr = array_merge($comment, $commentarr);
     155
     156    // Now extract the merged array.
     157    extract($commentarr);
     158
     159    $comment_content = apply_filters('comment_save_pre', $comment_content);
     160
     161    $result = $wpdb->query(
     162        "UPDATE $wpdb->comments SET
     163            comment_content = '$comment_content',
     164            comment_author = '$comment_author',
     165            comment_author_email = '$comment_author_email',
     166            comment_approved = '$comment_approved',
     167            comment_author_url = '$comment_author_url',
     168            comment_date = '$comment_date'
     169        WHERE comment_ID = $comment_ID" );
     170
     171    $rval = $wpdb->rows_affected;
     172
     173    do_action('edit_comment', $comment_ID);
     174
     175    return $rval;   
    31176}
    32177
  • trunk/wp-includes/functions-post.php

    r2887 r2894  
    457457}
    458458
    459 function wp_new_comment( $commentdata, $spam = false ) {
    460     global $wpdb;
    461 
    462     $commentdata = apply_filters('preprocess_comment', $commentdata);
    463     extract($commentdata);
    464 
    465     $comment_post_ID = (int) $comment_post_ID;
    466 
    467     $user_id = apply_filters('pre_user_id', $user_ID);
    468     $author  = apply_filters('pre_comment_author_name', $comment_author);
    469     $email   = apply_filters('pre_comment_author_email', $comment_author_email);
    470     $url     = apply_filters('pre_comment_author_url', $comment_author_url);
    471     $comment = apply_filters('pre_comment_content', $comment_content);
    472     $comment = apply_filters('post_comment_text', $comment); // Deprecated
    473     $comment = apply_filters('comment_content_presave', $comment); // Deprecated
    474 
    475     $user_ip     = apply_filters('pre_comment_user_ip', $_SERVER['REMOTE_ADDR']);
    476     $user_domain = apply_filters('pre_comment_user_domain', gethostbyaddr($user_ip) );
    477     $user_agent  = apply_filters('pre_comment_user_agent', $_SERVER['HTTP_USER_AGENT']);
    478 
    479     $now     = current_time('mysql');
    480     $now_gmt = current_time('mysql', 1);
    481 
    482     if ( $user_id ) {
    483         $userdata = get_userdata($user_id);
    484         $user = new WP_User($user_id);
    485         $post_author = $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = '$comment_post_ID' LIMIT 1");
    486     }
    487 
    488     // Simple duplicate check
    489     $dupe = "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND ( comment_author = '$author' ";
    490     if ( $email ) $dupe .= "OR comment_author_email = '$email' ";
    491     $dupe .= ") AND comment_content = '$comment' LIMIT 1";
    492     if ( $wpdb->get_var($dupe) )
    493         die( __('Duplicate comment detected; it looks as though you\'ve already said that!') );
    494 
    495     // Simple flood-protection
    496     if ( $lasttime = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_author_IP = '$user_ip' OR comment_author_email = '$email' ORDER BY comment_date DESC LIMIT 1") ) {
    497         $time_lastcomment = mysql2date('U', $lasttime);
    498         $time_newcomment  = mysql2date('U', $now_gmt);
    499         if ( ($time_newcomment - $time_lastcomment) < 15 ) {
    500             do_action('comment_flood_trigger', $time_lastcomment, $time_newcomment);
    501             die( __('Sorry, you can only post a new comment once every 15 seconds. Slow down cowboy.') );
    502         }
    503     }
    504 
    505     if ( $userdata && ( $user_id == $post_author || $user->has_cap('level_9') ) ) {
    506         $approved = 1;
    507     } else {
    508         if ( check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $comment_type) )
    509             $approved = 1;
    510         else
    511             $approved = 0;
    512         if ( wp_blacklist_check($author, $email, $url, $comment, $user_ip, $user_agent) )
    513             $approved = 'spam';
    514     }
    515 
    516     $approved = apply_filters('pre_comment_approved', $approved);
    517 
    518     $result = $wpdb->query("INSERT INTO $wpdb->comments
    519     (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type, user_id)
    520     VALUES
    521     ('$comment_post_ID', '$author', '$email', '$url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved', '$user_agent', '$comment_type', '$user_id')
    522     ");
    523 
    524     $comment_id = $wpdb->insert_id;
    525     do_action('comment_post', $comment_id, $approved);
    526 
    527     if ( 'spam' !== $approved ) { // If it's spam save it silently for later crunching
    528         if ( '0' == $approved )
    529             wp_notify_moderator($comment_id);
    530    
    531         if ( get_settings('comments_notify') && $approved )
    532             wp_notify_postauthor($comment_id, $comment_type);
    533     }
    534 
    535     return $result;
    536 }
    537 
    538 function wp_update_comment($commentarr) {
    539     global $wpdb;
    540 
    541     // First, get all of the original fields
    542     $comment = get_comment($commentarr['comment_ID'], ARRAY_A);
    543 
    544     // Escape data pulled from DB.
    545     foreach ($comment as $key => $value)
    546         $comment[$key] = $wpdb->escape($value);
    547 
    548     // Merge old and new fields with new fields overwriting old ones.
    549     $commentarr = array_merge($comment, $commentarr);
    550 
    551     // Now extract the merged array.
    552     extract($commentarr);
    553 
    554     $comment_content = apply_filters('comment_save_pre', $comment_content);
    555 
    556     $result = $wpdb->query(
    557         "UPDATE $wpdb->comments SET
    558             comment_content = '$comment_content',
    559             comment_author = '$comment_author',
    560             comment_author_email = '$comment_author_email',
    561             comment_approved = '$comment_approved',
    562             comment_author_url = '$comment_author_url',
    563             comment_date = '$comment_date'
    564         WHERE comment_ID = $comment_ID" );
    565 
    566     $rval = $wpdb->rows_affected;
    567 
    568     do_action('edit_comment', $comment_ID);
    569 
    570     return $rval;   
    571 }
    572 
    573459function do_trackbacks($post_id) {
    574460    global $wpdb;
Note: See TracChangeset for help on using the changeset viewer.