Changeset 29965 for trunk/src/wp-includes/comment.php

Timestamp:

10/19/2014 07:38:16 PM (10 years ago)

Author:

boonebgorges

Message:

Use the comment API rather than direct SQL queries in comments_template().

comments_template() is used by most themes to display a post's comments. It
shows all comments that have been approved, and also shows all pending comments
by the current visitor (as determined by the comment cookies). However, the
comments API previously had no way of querying for "all comments that are
either approved, or are unapproved but written by foo@…". The
workaround was a direct SQL query: uncached, not subject to the same filters as
other comment queries, and just generally icky.

The new include_unapproved parameter for WP_Comment_Query accepts an array
of user IDs or email addresses. Pending comments associated with users in this
array will be included in query results, regardless of the value of the 'status'
parameter. In comments_template(), we leap from direct SQL queries to
get_comments() plus `include_unapproved', striving to put right what once
went wrong.

Props boonebgorges, simonwheatley, hardy101, jesin.
Fixes #19623.

File:

• trunk/src/wp-includes/comment.php (modified) (3 diffs)

trunk/src/wp-includes/comment.php

@@ -260 +260 @@
      * @since 4.1.0 Introduced 'comment__in', 'comment__not_in', 'post_author__in',
      *              'post_author__not_in', 'author__in', 'author__not_in',
-     *              'post__in', and 'post__not_in' to $query_vars.
+     *              'post__in', 'post__not_in', and 'include_unapproved' to $query_vars.
      *
      * @param string|array $query_vars
@@ -272 +272 @@
             'author__in' => '',
             'author__not_in' => '',
+            'include_unapproved' => '',
             'fields' => '',
             'ID' => '',
@@ -334 +335 @@
         }
 
+        // Assemble clauses related to 'comment_approved'.
+        $approved_clauses = array();
         $status = $this->query_vars['status'];
         if ( 'hold' == $status ) {
-            $approved = "comment_approved = '0'";
+            $approved_clauses[] = "comment_approved = '0'";
         } elseif ( 'approve' == $status ) {
-            $approved = "comment_approved = '1'";
+            $approved_clauses[] = "comment_approved = '1'";
         } elseif ( ! empty( $status ) && 'all' != $status ) {
-            $approved = $wpdb->prepare( "comment_approved = %s", $status );
+            $approved_clauses[] = $wpdb->prepare( "comment_approved = %s", $status );
         } else {
-            $approved = "( comment_approved = '0' OR comment_approved = '1' )";
-        }
+            $approved_clauses[] = "( comment_approved = '0' OR comment_approved = '1' )";
+        }
+
+        // User IDs or emails whose unapproved comments are included, regardless of $status.
+        if ( ! empty( $this->query_vars['include_unapproved'] ) ) {
+            $include_unapproved = $this->query_vars['include_unapproved'];
+
+            // Accepts arrays or comma-separated strings.
+            if ( ! is_array( $include_unapproved ) ) {
+                $include_unapproved = preg_split( '/[\s,]+/', $include_unapproved );
+            }
+
+            $unapproved_ids = $unapproved_emails = array();
+            foreach ( $include_unapproved as $unapproved_identifier ) {
+                // Numeric values are assumed to be user ids.
+                if ( is_numeric( $unapproved_identifier ) ) {
+                    $approved_clauses[] = $wpdb->prepare( "( user_id = %d AND comment_approved = '0' )", $unapproved_identifier );
+
+                // Otherwise we match against email addresses.
+                } else {
+                    $approved_clauses[] = $wpdb->prepare( "( comment_author_email = %s AND comment_approved = '0' )", $unapproved_identifier );
+                }
+            }
+        }
+
+        // Collapse comment_approved clauses into a single OR-separated clause.
+        if ( 1 === count( $approved_clauses ) ) {
+            $approved = $approved_clauses[0];
+        } else {
+            $approved = '( ' . implode( ' OR ', $approved_clauses ) . ' )';
+        }
+
         $order = ( 'ASC' == strtoupper( $this->query_vars['order'] ) ) ? 'ASC' : 'DESC';