WordPress.org

Make WordPress Core


Ignore:
Timestamp:
09/20/2005 03:17:43 AM (14 years ago)
Author:
ryan
Message:

wp_insert_comment(), wp_update_comment(), wp_allow_comment(), and wp_filter_comment() from skeltoac. fixes #1683

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/comment-functions.php

    r2881 r2894  
    2929
    3030    endif;
     31}
     32
     33function wp_new_comment( $commentdata ) {
     34    $commentdata = apply_filters('preprocess_comment', $commentdata);
     35
     36    $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
     37    $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
     38    $commentdata['comment_agent'] = $_SERVER['HTTP_USER_AGENT'];
     39    $commentdata['comment_date'] = current_time('mysql');
     40    $commentdata['comment_date_gmt'] = current_time('mysql', 1);
     41
     42    $commentdata = wp_filter_comment($commentdata);
     43
     44    $commentdata['comment_approved'] = wp_allow_comment($commentdata);
     45
     46    $comment_ID = wp_insert_comment($commentdata);
     47
     48    do_action('comment_post', $comment_ID, $commentdata['approved']);
     49
     50    if ( 'spam' !== $commentdata['comment_approved'] ) { // If it's spam save it silently for later crunching
     51        if ( '0' == $commentdata['comment_approved'] )
     52            wp_notify_moderator($comment_ID);
     53   
     54        if ( get_settings('comments_notify') && $commentdata['comment_approved'] )
     55            wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
     56    }
     57
     58    return $comment_id;
     59}
     60
     61function wp_insert_comment($commentdata) {
     62    global $wpdb;
     63    extract($commentdata);
     64
     65    if ( ! isset($comment_author_IP) )
     66        $comment_author_IP = $_SERVER['REMOTE_ADDR'];
     67    if ( ! isset($comment_date) )
     68        $comment_date = current_time('mysql');
     69    if ( ! isset($comment_date_gmt) )
     70        $comment_date_gmt = gmdate('Y-m-d H:i:s', strtotime($comment_date) );
     71
     72    $result = $wpdb->query("INSERT INTO $wpdb->comments
     73    (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type, comment_parent, user_id)
     74    VALUES
     75    ('$comment_post_ID', '$comment_author', '$comment_author_email', '$comment_author_url', '$comment_author_IP', '$comment_date', '$comment_date_gmt', '$comment_content', '$comment_approved', '$comment_agent', '$comment_type', '$comment_parent', '$user_id')
     76    ");
     77
     78    return $wpdb->insert_id;
     79}
     80
     81function wp_filter_comment($commentdata) {
     82    $commentdata['user_id'] = apply_filters('pre_user_id', $commentdata['user_ID']);
     83    $commentdata['comment_agent'] = apply_filters('pre_comment_user_agent', $commentdata['comment_agent']);
     84    $commentdata['comment_author'] = apply_filters('pre_comment_author_name', $commentdata['comment_author']);
     85    $commentdata['comment_content'] = apply_filters('pre_comment_content', $commentdata['comment_content']);
     86    $commentdata['comment_author_IP'] = apply_filters('pre_comment_user_ip', $commentdata['comment_author_IP']);
     87    $commentdata['comment_author_url'] = apply_filters('pre_comment_author_url', $commentdata['comment_author_url']);
     88    $commentdata['comment_author_email'] = apply_filters('pre_comment_author_email', $commentdata['comment_author_email']);
     89    $commentdata['filtered'] = true;
     90    return $commentdata;
     91}
     92
     93function wp_allow_comment($commentdata) {
     94    global $wpdb;
     95    extract($commentdata);
     96
     97    $comment_user_domain = apply_filters('pre_comment_user_domain', gethostbyaddr($comment_author_ip) );
     98
     99    // Simple duplicate check
     100    $dupe = "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND ( comment_author = '$comment_author' ";
     101    if ( $comment_author_email )
     102        $dupe .= "OR comment_author_email = '$comment_author_email' ";
     103    $dupe .= ") AND comment_content = '$comment_content' LIMIT 1";
     104    if ( $wpdb->get_var($dupe) )
     105        die( __('Duplicate comment detected; it looks as though you\'ve already said that!') );
     106
     107    // Simple flood-protection
     108    if ( $lasttime = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_author_IP = '$comment_author_IP' OR comment_author_email = '$comment_author_email' ORDER BY comment_date DESC LIMIT 1") ) {
     109        $time_lastcomment = mysql2date('U', $lasttime);
     110        $time_newcomment  = mysql2date('U', $comment_date_gmt);
     111        if ( ($time_newcomment - $time_lastcomment) < 15 ) {
     112            do_action('comment_flood_trigger', $time_lastcomment, $time_newcomment);
     113            die( __('Sorry, you can only post a new comment once every 15 seconds. Slow down cowboy.') );
     114        }
     115    }
     116
     117    if ( $user_id ) {
     118        $userdata = get_userdata($user_id);
     119        $user = new WP_User($user_id);
     120        $post_author = $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = '$comment_post_ID' LIMIT 1");
     121    }
     122
     123    // The author and the admins get respect.
     124    if ( $userdata && ( $user_id == $post_author || $user->has_cap('level_9') ) ) {
     125        $approved = 1;
     126    }
     127
     128    // Everyone else's comments will be checked.
     129    else {
     130        if ( check_comment($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent, $comment_type) )
     131            $approved = 1;
     132        else
     133            $approved = 0;
     134        if ( wp_blacklist_check($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent) )
     135            $approved = 'spam';
     136    }
     137
     138    $approved = apply_filters('pre_comment_approved', $approved);
     139    return $approved;
     140}
     141
     142
     143function wp_update_comment($commentarr) {
     144    global $wpdb;
     145
     146    // First, get all of the original fields
     147    $comment = get_comment($commentarr['comment_ID'], ARRAY_A);
     148
     149    // Escape data pulled from DB.
     150    foreach ($comment as $key => $value)
     151        $comment[$key] = $wpdb->escape($value);
     152
     153    // Merge old and new fields with new fields overwriting old ones.
     154    $commentarr = array_merge($comment, $commentarr);
     155
     156    // Now extract the merged array.
     157    extract($commentarr);
     158
     159    $comment_content = apply_filters('comment_save_pre', $comment_content);
     160
     161    $result = $wpdb->query(
     162        "UPDATE $wpdb->comments SET
     163            comment_content = '$comment_content',
     164            comment_author = '$comment_author',
     165            comment_author_email = '$comment_author_email',
     166            comment_approved = '$comment_approved',
     167            comment_author_url = '$comment_author_url',
     168            comment_date = '$comment_date'
     169        WHERE comment_ID = $comment_ID" );
     170
     171    $rval = $wpdb->rows_affected;
     172
     173    do_action('edit_comment', $comment_ID);
     174
     175    return $rval;   
    31176}
    32177
Note: See TracChangeset for help on using the changeset viewer.