Changeset 546
- Timestamp:
- 11/12/2003 03:22:47 PM (21 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 14 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/b2-include/b2functions.php
r534 r546 547 547 } 548 548 549 function get_commentdata($comment_ID,$no_cache=0 ) { // less flexible, but saves DB queries549 function get_commentdata($comment_ID,$no_cache=0,$include_unapproved=false) { // less flexible, but saves DB queries 550 550 global $postc,$id,$commentdata,$tablecomments,$querycount, $wpdb; 551 551 if ($no_cache) { 552 $myrow = $wpdb->get_row("SELECT * FROM $tablecomments WHERE comment_ID = $comment_ID", ARRAY_A); 552 $query = "SELECT * FROM $tablecomments WHERE comment_ID = $comment_ID"; 553 if (false == $include_unapproved) { 554 $query .= " AND comment_approved = '1'"; 555 } 556 $myrow = $wpdb->get_row($query, ARRAY_A); 553 557 ++$querycount; 554 558 } else { … … 1311 1315 } 1312 1316 1317 /* wp_set_comment_status: 1318 part of otaku42's comment moderation hack 1319 changes the status of a comment according to $comment_status. 1320 allowed values: 1321 hold : set comment_approve field to 0 1322 approve: set comment_approve field to 1 1323 delete : remove comment out of database 1324 1325 returns true if change could be applied 1326 returns false on database error or invalid value for $comment_status 1327 */ 1328 function wp_set_comment_status($comment_id, $comment_status) { 1329 global $wpdb, $tablecomments; 1330 1331 switch($comment_status) { 1332 case 'hold': 1333 $query = "UPDATE $tablecomments SET comment_approved='0' WHERE comment_ID='$comment_id' LIMIT 1"; 1334 break; 1335 case 'approve': 1336 $query = "UPDATE $tablecomments SET comment_approved='1' WHERE comment_ID='$comment_id' LIMIT 1"; 1337 break; 1338 case 'delete': 1339 $query = "DELETE FROM $tablecomments WHERE comment_ID='$comment_id' LIMIT 1"; 1340 break; 1341 default: 1342 return false; 1343 } 1344 1345 if ($wpdb->query($query)) { 1346 return true; 1347 } else { 1348 return false; 1349 } 1350 } 1351 1352 1353 /* wp_get_comment_status 1354 part of otaku42's comment moderation hack 1355 gets the current status of a comment 1356 1357 returned values: 1358 "approved" : comment has been approved 1359 "unapproved": comment has not been approved 1360 "deleted ": comment not found in database 1361 1362 a (boolean) false signals an error 1363 */ 1364 function wp_get_comment_status($comment_id) { 1365 global $wpdb, $tablecomments; 1366 1367 $result = $wpdb->get_var("SELECT comment_approved FROM $tablecomments WHERE comment_ID='$comment_id' LIMIT 1"); 1368 if ($result == NULL) { 1369 return "deleted"; 1370 } else if ($result == "1") { 1371 return "approved"; 1372 } else if ($result == "0") { 1373 return "unapproved"; 1374 } else { 1375 return false; 1376 } 1377 } 1378 1379 1380 /* wp_notify_postauthor 1381 notifies the author of a post about a new comment 1382 needs the id of the new comment 1383 always returns true 1384 */ 1385 function wp_notify_postauthor($comment_id) { 1386 global $wpdb, $tablecomments, $tableposts, $tableusers; 1387 global $querystring_start, $querystring_equal, $querystring_separator; 1388 global $blogfilename, $blogname, $siteurl; 1389 1390 $comment = $wpdb->get_row("SELECT * FROM $tablecomments WHERE comment_ID='$comment_id' LIMIT 1"); 1391 $post = $wpdb->get_row("SELECT * FROM $tableposts WHERE ID='$comment->comment_post_ID' LIMIT 1"); 1392 $user = $wpdb->get_row("SELECT * FROM $tableusers WHERE ID='$post->post_author' LIMIT 1"); 1393 1394 if ("" != $user->user_email) { 1395 $comment_author_domain = gethostbyaddr($comment->comment_author_IP); 1396 1397 $notify_message = "New comment on your post #$comment->comment_post_ID \"".stripslashes($post->post_title)."\"\r\n\r\n"; 1398 $notify_message .= "Author : $comment->comment_author (IP: $comment->comment_author_IP , $comment_author_domain)\r\n"; 1399 $notify_message .= "E-mail : $comment->comment_author_email\r\n"; 1400 $notify_message .= "URL : $comment->comment_author_url\r\n"; 1401 $notify_message .= "Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=$comment->comment_author_IP\r\n"; 1402 $notify_message .= "Comment:\r\n".stripslashes($comment->comment_content)."\r\n\r\n"; 1403 $notify_message .= "You can see all comments on this post here: \r\n"; 1404 $notify_message .= $siteurl.'/'.$blogfilename.'?p='.$comment_post_ID.'&c=1#comments'; 1405 1406 $subject = '[' . stripslashes($blogname) . '] Comment: "' .stripslashes($post->post_title).'"'; 1407 if ('' != $comment->comment_author_email) { 1408 $from = "From: \"$comment->comment_author\" <$comment->comment_author_email>"; 1409 } else { 1410 $from = 'From: "' . stripslashes($comment->comment_author) . "\" <$user->user_email>"; 1411 } 1412 $from .= "\nX-Mailer: WordPress $b2_version with PHP/" . phpversion(); 1413 1414 @mail($user->user_email, $subject, $notify_message, $from); 1415 } 1416 1417 return true; 1418 } 1419 1420 /* wp_notify_moderator 1421 notifies the moderator of the blog (usually the admin) 1422 about a new comment that waits for approval 1423 always returns true 1424 */ 1425 function wp_notify_moderator($comment_id) { 1426 global $wpdb, $tablecomments, $tableposts, $tableusers; 1427 global $querystring_start, $querystring_equal, $querystring_separator; 1428 global $blogfilename, $blogname, $siteurl; 1429 1430 $comment = $wpdb->get_row("SELECT * FROM $tablecomments WHERE comment_ID='$comment_id' LIMIT 1"); 1431 $post = $wpdb->get_row("SELECT * FROM $tableposts WHERE ID='$comment->comment_post_ID' LIMIT 1"); 1432 $user = $wpdb->get_row("SELECT * FROM $tableusers WHERE ID='$post->post_author' LIMIT 1"); 1433 1434 $comment_author_domain = gethostbyaddr($comment->comment_author_IP); 1435 $comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $tablecomments WHERE comment_approved = '0'"); 1436 1437 $notify_message = "A new comment on the post #$comment->comment_post_ID \"".stripslashes($post->post_title)."\" is waiting for your approval\r\n\r\n"; 1438 $notify_message .= "Author : $comment->comment_author (IP: $comment->comment_author_IP , $comment_author_domain)\r\n"; 1439 $notify_message .= "E-mail : $comment->comment_author_email\r\n"; 1440 $notify_message .= "URL : $comment->comment_author_url\r\n"; 1441 $notify_message .= "Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=$comment->comment_author_IP\r\n"; 1442 $notify_message .= "Comment:\r\n".stripslashes($comment->comment_content)."\r\n\r\n"; 1443 $notify_message .= "To approve this comment, visit: $siteurl/wp-admin/wp-post.php?action=mailapprovecomment&p=".$comment->comment_post_ID."&comment=$comment_id\r\n"; 1444 $notify_message .= "To delete this comment, visit: $siteurl/wp-admin/wp-post.php?action=confirmdeletecomment&p=".$comment->comment_post_ID."&comment=$comment_id\r\n"; 1445 $notify_message .= "Currently $comments_waiting comments are waiting for approval. Please visit the moderation panel:\r\n"; 1446 $notify_message .= "$siteurl/wp-admin/wp-moderation.php\r\n"; 1447 1448 $subject = '[' . stripslashes($blogname) . '] Please approve: "' .stripslashes($post->post_title).'"'; 1449 $admin_email = get_settings("admin_email"); 1450 $from = "From: $admin_email"; 1451 $from .= "\nX-Mailer: WordPress $b2_version with PHP/" . phpversion(); 1452 1453 @mail($admin_email, $subject, $notify_message, $from); 1454 1455 return true; 1456 } 1457 1313 1458 1314 1459 // implementation of in_array that also should work on PHP3 -
trunk/b2-include/b2template.functions.php
r541 r546 1404 1404 // generic comments/trackbacks/pingbacks numbering 1405 1405 1406 function comments_number($zero='No Comments', $one='1 Comment', $more='% Comments' ) {1406 function comments_number($zero='No Comments', $one='1 Comment', $more='% Comments', $include_unapproved = false) { 1407 1407 global $id, $comment, $tablecomments, $querycount, $wpdb; 1408 $number = $wpdb->get_var("SELECT COUNT(*) FROM $tablecomments WHERE comment_post_ID = $id"); 1408 $query = "SELECT COUNT(*) FROM $tablecomments WHERE comment_post_ID = '$id'"; 1409 if (false == $include_unapproved) { 1410 $query .= " AND comment_approved = '1'"; 1411 } 1412 $number = $wpdb->get_var($query); 1409 1413 if ($number == 0) { 1410 1414 $blah = $zero; … … 1437 1441 global $id, $b2commentspopupfile, $b2commentsjavascript, $post, $wpdb, $tablecomments, $HTTP_COOKIE_VARS, $cookiehash; 1438 1442 global $querystring_start, $querystring_equal, $querystring_separator, $siteurl; 1439 $number = $wpdb->get_var("SELECT COUNT(*) FROM $tablecomments WHERE comment_post_ID = $id ");1443 $number = $wpdb->get_var("SELECT COUNT(*) FROM $tablecomments WHERE comment_post_ID = $id AND comment_approved = '1'"); 1440 1444 if (0 == $number && 'closed' == $post->comment_status) { 1441 1445 echo $none; -
trunk/b2comments.php
r517 r546 15 15 $comment_author_url = trim($HTTP_COOKIE_VARS["comment_author_url_".$cookiehash]); 16 16 17 $comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id ORDER BY comment_date");17 $comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id AND comment_approved = '1' ORDER BY comment_date"); 18 18 ?> 19 19 … … 74 74 </p> 75 75 76 <?php 77 if ('none' != get_settings("comment_moderation")) { 78 ?> 79 <p> 80 <strong>Please note:</strong><br /> 81 This blog uses comment moderation. In other words: your comment will need approval 82 by the administrator before it will appear in the blog. Approval usually happens 83 within the next 24 hours. Please send your comment only once. Thank you. 84 </p> 85 <?php 86 } // comment_moderation != 'none' 87 ?> 88 76 89 <p> 77 90 <input name="submit" type="submit" tabindex="5" value="Say it!" /> -
trunk/b2comments.post.php
r524 r546 83 83 84 84 if ($ok) { // if there was no comment from this IP in the last 10 seconds 85 $comment_moderation = get_settings("comment_moderation"); 86 $moderation_notify = get_settings("moderation_notify"); 87 88 // o42: this place could be the hook for further comment spam checking 89 // $approved should be set according the final approval status 90 // of the new comment 91 if ('manual' == $comment_moderation) { 92 $approved = 0; 93 } else if ('auto' == $comment_moderation) { 94 $approved = 0; 95 } else { // none 96 $approved = 1; 97 } 98 $wpdb->query("INSERT INTO $tablecomments (comment_ID,comment_post_ID,comment_author,comment_author_email,comment_author_url,comment_author_IP,comment_date,comment_content,comment_karma,comment_approved) VALUES ('0', '$comment_post_ID', '$author', '$email', '$url', '$user_ip', '$now', '$comment', '0', '$approved')"); 85 99 86 $wpdb->query("INSERT INTO $tablecomments VALUES ('0', '$comment_post_ID', '$author', '$email', '$url', '$user_ip', '$now', '$comment', '0')"); 100 // o42: this should be changed as soon as other sql dbs are supported 101 // as it's proprietary to mysql 87 102 $comment_ID = $wpdb->get_var("SELECT last_insert_id()"); 88 103 89 if ($comments_notify) { 90 $postdata = get_postdata($comment_post_ID); 91 $authordata = get_userdata($postdata['Author_ID']); 92 93 if('' != $authordata->user_email) { 94 $notify_message = "New comment on your post #$comment_post_ID \"".stripslashes($postdata['Title'])."\"\r\n\r\n"; 95 $notify_message .= "Author : $comment_author (IP: $user_ip , $user_domain)\r\n"; 96 $notify_message .= "E-mail : $comment_author_email\r\n"; 97 $notify_message .= "URL : $comment_author_url\r\n"; 98 $notify_message .= "Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=$user_ip\r\n"; 99 $notify_message .= "Delete : $siteurl/wp-admin/wp-post.php?action=deletecomment&p=$comment_post_ID&comment=$comment_ID \r\n"; 100 $notify_message .= "Comment:\r\n".stripslashes($original_comment)."\r\n\r\n"; 101 $notify_message .= "You can see all comments on this post here: \r\n"; 102 $notify_message .= $siteurl.'/'.$blogfilename.$querystring_start.'p'.$querystring_equal.$comment_post_ID.$querystring_separator.'c'.$querystring_equal.'1#comments'; 103 104 $subject = '[' . stripslashes($blogname) . '] Comment: "' .stripslashes($postdata['Title']).'"'; 105 106 if ('' != $comment_author_email) { 107 $from = "From: \"$comment_author\" <$comment_author_email>\r\n"; 108 } else { 109 $from = 'From: "' . stripslashes($comment_author) . "\" <$authordata->user_email>\r\n"; 110 } 111 $from .= "X-Mailer: WordPress $b2_version with PHP/" . phpversion(); 112 113 @mail($authordata->user_email, $subject, $notify_message, $from); 114 } 104 $fp = fopen("/tmp/wpdebug.txt", "w+"); 105 fwrite($fp, "comment_moderation: $comment_moderation\n"); 106 fwrite($fp, "moderation_notify : $moderation_notify\n"); 107 108 if (($moderation_notify) && (!$approved)) { 109 wp_notify_moderator($comment_ID); 110 fwrite($fp, "notify moderator -> $comment_ID\n"); 115 111 } 112 113 if (($comment_notify) && ($approved)) { 114 wp_notify_postauthor($comment_ID); 115 fwrite($fp, "notify postauthor -> $comment_ID\n"); 116 } 117 118 fclose($fp); 116 119 117 120 if ($email == '') … … 125 128 setcookie('comment_author_url_'.$cookiehash, $url, time()+30000000); 126 129 127 128 130 header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); 131 header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); 129 132 header('Cache-Control: no-cache, must-revalidate'); 130 133 header('Pragma: no-cache'); -
trunk/b2commentspopup.php
r518 r546 31 31 <?php 32 32 // this line is WordPress' motor, do not delete it. 33 $comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id ORDER BY comment_date");33 $comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id AND comment_approved = '1' ORDER BY comment_date"); 34 34 $commentstatus = $wpdb->get_row("SELECT comment_status, post_password FROM $tableposts WHERE ID = $id"); 35 35 if (!empty($commentstatus->post_password) && $HTTP_COOKIE_VARS['wp-postpass_'.$cookiehash] != $commentstatus->post_password) { // and it doesn't match the cookie -
trunk/b2login.php
r479 r546 67 67 $redirect_to = $HTTP_POST_VARS["redirect_to"]; 68 68 } 69 69 70 70 function login() { 71 71 global $wpdb, $log, $pwd, $error, $user_ID; … … 298 298 <input type="hidden" name="popuptitle" value="<?php echo $popuptitle ?>" /> 299 299 <?php } ?> 300 <?php if (isset($HTTP_GET_VARS["redirect_to"])) { ?> 301 <input type="hidden" name="redirect_to" value="<?php echo $HTTP_GET_VARS["redirect_to"] ?>" /> 302 <?php } else { ?> 300 303 <input type="hidden" name="redirect_to" value="wp-admin/" /> 304 <?php } ?> 301 305 <input type="hidden" name="action" value="login" /> 302 306 <label>Login: <input type="text" name="log" id="log" value="" size="20" tabindex="1" /></label><br /> -
trunk/wp-admin/b2menutop.txt
r479 r546 1 1 1 wp-post.php Post 2 2 1 edit.php Edit 3 3 wp-moderation.php Moderation 3 4 3 b2team.php Team 4 5 4 wp-options.php Options -
trunk/wp-admin/b2verifauth.php
r458 r546 42 42 $error="<strong>Error</strong>: wrong login or password"; 43 43 } 44 header("Location: $siteurl/b2login.php"); 44 $redir = "Location: $siteurl/b2login.php?redirect_to=" . urlencode($HTTP_SERVER_VARS["REQUEST_URI"]); 45 header($redir); 45 46 exit(); 46 47 } -
trunk/wp-admin/edit-comments.php
r532 r546 144 144 ?> 145 145 <li style="border-bottom: 1px solid #ccc;"> 146 <?php 147 $comment_status = wp_get_comment_status($comment->comment_ID); 148 149 if ("unapproved" == $comment_status) { 150 echo "<span class=\"unapproved\">"; 151 } 152 ?> 146 153 <p><strong>Name:</strong> <?php comment_author() ?> <?php if ($comment->comment_author_email) { ?>| <strong>Email:</strong> <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_email) { ?> | <strong>URI:</strong> <?php comment_author_url_link() ?> <?php } ?>| <strong>IP:</strong> <?php comment_author_IP() ?></p> 147 154 -
trunk/wp-admin/edit.php
r488 r546 244 244 ?> 245 245 <p> 246 <strong><?php the_time('Y/m/d @ H:i:s'); ?></strong> [ <a href="edit.php?p=<?php echo $id ?>&c=1"><?php comments_number('no comments', '1 comment', "% comments" ) ?></a>246 <strong><?php the_time('Y/m/d @ H:i:s'); ?></strong> [ <a href="edit.php?p=<?php echo $id ?>&c=1"><?php comments_number('no comments', '1 comment', "% comments", true) ?></a> 247 247 <?php 248 248 if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) { … … 279 279 <!-- comment --> 280 280 <li> 281 <?php 282 $comment_status = wp_get_comment_status($comment->comment_ID); 283 284 if ("unapproved" == $comment_status) { 285 echo "<span class=\"unapproved\">"; 286 } 287 ?> 281 288 <?php comment_date('Y/m/d') ?> @ <?php comment_time() ?> 282 289 <?php 283 290 if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) { 284 291 echo "[ <a href=\"wp-post.php?action=editcomment&comment=".$comment->comment_ID."\">Edit</a>"; 285 echo " - <a href=\"wp-post.php?action=deletecomment&p=".$post->ID."&comment=".$comment->comment_ID."\" onclick=\"return confirm('You are about to delete this comment by \'".$comment->comment_author."\'\\n \'OK\' to delete, \'Cancel\' to stop.')\">Delete</a> ]"; 292 echo " - <a href=\"wp-post.php?action=deletecomment&p=".$post->ID."&comment=".$comment->comment_ID."\" onclick=\"return confirm('You are about to delete this comment by \'".$comment->comment_author."\'\\n \'OK\' to delete, \'Cancel\' to stop.')\">Delete</a> "; 293 if ( ('none' != $comment_status) && ($user_level >= 3) ) { 294 if ('approved' == wp_get_comment_status($comment->comment_ID)) { 295 echo " - <a href=\"wp-post.php?action=unapprovecomment&p=".$post->ID."&comment=".$comment->comment_ID."\">Unapprove</a> "; 296 } else { 297 echo " - <a href=\"wp-post.php?action=approvecomment&p=".$post->ID."&comment=".$comment->comment_ID."\">Approve</a> "; 298 } 299 } 300 echo "]"; 286 301 } // end if any comments to show 287 302 ?> … … 289 304 <strong><?php comment_author() ?> ( <?php comment_author_email_link() ?> / <?php comment_author_url_link() ?> )</strong> (IP: <?php comment_author_IP() ?>) 290 305 <?php comment_text() ?> 306 <?php 307 if ("unapproved" == $comment_status) { 308 echo "</span>"; 309 } 310 ?> 291 311 </li> 292 312 <!-- /comment --> -
trunk/wp-admin/wp-admin.css
r477 r546 86 86 font-size: 18px; 87 87 margin: 6px 0; 88 } 89 90 .unapproved { 91 color: #888; 92 } 93 94 .unapproved a:link { 95 color: #B9BCFF; 96 } 97 98 .unapproved a:visited { 99 color: #696DFF; 100 } 101 102 .unapproved a:hover { 103 color: #009EF0; 88 104 } 89 105 -
trunk/wp-admin/wp-edit.showposts.php
r514 r546 247 247 start_b2(); ?> 248 248 <p> 249 <strong><?php the_time('Y/m/d @ H:i:s'); ?></strong> [ <a href="wp-post.php?p=<?php echo $id ?>&c=1"><?php comments_number('no comments', '1 comment', "% comments" ) ?></a>249 <strong><?php the_time('Y/m/d @ H:i:s'); ?></strong> [ <a href="wp-post.php?p=<?php echo $id ?>&c=1"><?php comments_number('no comments', '1 comment', "% comments", true) ?></a> 250 250 <?php 251 251 if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) { … … 287 287 if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) { 288 288 echo "[ <a href=\"wp-post.php?action=editcomment&comment=".$comment->comment_ID."\">Edit</a>"; 289 echo " - <a href=\"wp-post.php?action=deletecomment&p=".$post->ID."&comment=".$comment->comment_ID."\" onclick=\"return confirm('You are about to delete this comment by \'".$comment->comment_author."\'\\n \'Cancel\' to stop, \'OK\' to delete.')\">Delete</a> ]"; 289 echo " - <a href=\"wp-post.php?action=deletecomment&p=".$post->ID."&comment=".$comment->comment_ID."\" onclick=\"return confirm('You are about to delete this comment by \'".$comment->comment_author."\'\\n \'Cancel\' to stop, \'OK\' to delete.')\">Delete</a> "; 290 if ( ('none' != get_settings("comment_moderation")) && ($user_level >= 3) ) { 291 if ('approved' == wp_get_comment_status($comment->comment_ID)) { 292 echo " - <a href=\"b2edit.php?action=unapprovecomment&p=".$post->ID."&comment=".$comment->comment_ID."\">Unapprove</a> "; 293 } else { 294 echo " - <a href=\"b2edit.php?action=approvecomment&p=".$post->ID."&comment=".$comment->comment_ID."\">Approve</a> "; 295 } 296 } 297 echo " ]"; 290 298 } // end if any comments to show 291 299 ?> -
trunk/wp-admin/wp-post.php
r528 r546 339 339 340 340 $comment = $HTTP_GET_VARS['comment']; 341 $commentdata = get_commentdata($comment, 1 ) or die('Oops, no comment with this ID. <a href="javascript:history.go(-1)">Go back</a>!');341 $commentdata = get_commentdata($comment, 1, true) or die('Oops, no comment with this ID. <a href="javascript:history.go(-1)">Go back</a>!'); 342 342 $content = $commentdata['comment_content']; 343 343 $content = format_to_edit($content); … … 347 347 break; 348 348 349 case 'confirmdeletecomment': 350 351 $standalone = 0; 352 require_once('./b2header.php'); 353 354 if ($user_level == 0) 355 die ('Cheatin’ uh?'); 356 357 $comment = $HTTP_GET_VARS['comment']; 358 $p = $HTTP_GET_VARS['p']; 359 $commentdata = get_commentdata($comment, 1, true) or die('Oops, no comment with this ID. <a href="edit.php">Go back</a>!'); 360 361 echo "<div class=\"wrap\">\n"; 362 echo "<p><strong>Caution:</strong> You are about to delete the following comment:</p>\n"; 363 echo "<table border=\"0\">\n"; 364 echo "<tr><td>Author:</td><td>" . $commentdata["comment_author"] . "</td></tr>\n"; 365 echo "<tr><td>E-Mail:</td><td>" . $commentdata["comment_author_email"] . "</td></tr>\n"; 366 echo "<tr><td>URL:</td><td>" . $commentdata["comment_author_url"] . "</td></tr>\n"; 367 echo "<tr><td>Comment:</td><td>" . stripslashes($commentdata["comment_content"]) . "</td></tr>\n"; 368 echo "</table>\n"; 369 echo "<p>Are you sure you want to do that?</p>\n"; 370 371 echo "<form action=\"$siteurl/wp-admin/wp-post.php\" method=\"get\">\n"; 372 echo "<input type=\"hidden\" name=\"action\" value=\"deletecomment\" />\n"; 373 echo "<input type=\"hidden\" name=\"p\" value=\"$p\" />\n"; 374 echo "<input type=\"hidden\" name=\"comment\" value=\"$comment\" />\n"; 375 echo "<input type=\"hidden\" name=\"noredir\" value=\"1\" />\n"; 376 echo "<input type=\"submit\" value=\"Yes\" />"; 377 echo " "; 378 echo "<input type=\"button\" value=\"No\" onClick=\"self.location='$siteurl/wp-admin/edit.php?p=$p&c=1#comments';\" />\n"; 379 echo "</form>\n"; 380 echo "</div>\n"; 381 382 break; 383 349 384 case 'deletecomment': 350 385 351 $standalone = 1; 352 require_once('./b2header.php'); 353 354 if ($user_level == 0) 355 die ('Cheatin’ uh?'); 356 357 358 $comment = $HTTP_GET_VARS['comment']; 359 $p = $HTTP_GET_VARS['p']; 360 361 $postdata = get_postdata($p) or die('Oops, no post with this ID. <a href="wp-post.php">Go back</a>!'); 362 $commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. <a href="wp-post.php">Go back</a>!'); 363 364 $authordata = get_userdata($postdata['Author_ID']); 365 if ($user_level < $authordata->user_level) 366 die ('You don’t have the right to delete <strong>'.$authordata->user_nickname.'</strong>’s post comments. <a href="wp-post.php">Go back</a>!'); 367 368 $result = $wpdb->query("DELETE FROM $tablecomments WHERE comment_ID=$comment"); 369 370 if($HTTP_SERVER_VARS['HTTP_REFERER'] != "") { 371 header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']); 372 } else { 373 header('Location: '.$siteurl.'/wp-admin/'); 374 } 375 376 break; 377 386 $standalone = 1; 387 require_once('./b2header.php'); 388 389 if ($user_level == 0) 390 die ('Cheatin’ uh?'); 391 392 393 $comment = $HTTP_GET_VARS['comment']; 394 $p = $HTTP_GET_VARS['p']; 395 if (isset($HTTP_GET_VARS['noredir'])) { 396 $noredir = true; 397 } else { 398 $noredir = false; 399 } 400 401 $postdata = get_postdata($p) or die('Oops, no post with this ID. <a href="edit.php">Go back</a>!'); 402 $commentdata = get_commentdata($comment, 1, true) or die('Oops, no comment with this ID. <a href="wp-post.php">Go back</a>!'); 403 404 $authordata = get_userdata($postdata['Author_ID']); 405 if ($user_level < $authordata->user_level) 406 die ('You don’t have the right to delete <strong>'.$authordata->user_nickname.'</strong>’s post comments. <a href="wp-post.php">Go back</a>!'); 407 408 wp_set_comment_status($comment, "delete"); 409 410 if (($HTTP_SERVER_VARS['HTTP_REFERER'] != "") && (false == $noredir)) { 411 header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']); 412 } else { 413 header('Location: '.$siteurl.'/wp-admin/edit.php?p='.$p.'&c=1#comments'); 414 } 415 416 break; 417 418 case 'unapprovecomment': 419 420 $standalone = 1; 421 require_once('./b2header.php'); 422 423 if ($user_level == 0) 424 die ('Cheatin’ uh?'); 425 426 $comment = $HTTP_GET_VARS['comment']; 427 $p = $HTTP_GET_VARS['p']; 428 if (isset($HTTP_GET_VARS['noredir'])) { 429 $noredir = true; 430 } else { 431 $noredir = false; 432 } 433 434 $commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. <a href="edit.php">Go back</a>!'); 435 436 wp_set_comment_status($comment, "hold"); 437 438 if (($HTTP_SERVER_VARS['HTTP_REFERER'] != "") && (false == $noredir)) { 439 header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']); 440 } else { 441 header('Location: '.$siteurl.'/wp-admin/edit.php?p='.$p.'&c=1#comments'); 442 } 443 444 break; 445 446 case 'mailapprovecomment': 447 448 $standalone = 0; 449 require_once('./b2header.php'); 450 451 if ($user_level == 0) 452 die ('Cheatin’ uh?'); 453 454 $comment = $HTTP_GET_VARS['comment']; 455 $p = $HTTP_GET_VARS['p']; 456 $commentdata = get_commentdata($comment, 1, true) or die('Oops, no comment with this ID. <a href="edit.php">Go back</a>!'); 457 458 wp_set_comment_status($comment, "approve"); 459 if (get_settings("comments_notify") == true) { 460 wp_notify_postauthor($comment); 461 } 462 463 echo "<div class=\"wrap\">\n"; 464 echo "<p>Comment has been approved.</p>\n"; 465 466 echo "<form action=\"$siteurl/wp-admin/edit.php?p=$p&c=1#comments\" method=\"get\">\n"; 467 echo "<input type=\"hidden\" name=\"p\" value=\"$p\" />\n"; 468 echo "<input type=\"hidden\" name=\"c\" value=\"1\" />\n"; 469 echo "<input type=\"submit\" value=\"Ok\" />"; 470 echo "</form>\n"; 471 echo "</div>\n"; 472 473 break; 474 475 case 'approvecomment': 476 477 $standalone = 1; 478 require_once('./b2header.php'); 479 480 if ($user_level == 0) 481 die ('Cheatin’ uh?'); 482 483 $comment = $HTTP_GET_VARS['comment']; 484 $p = $HTTP_GET_VARS['p']; 485 if (isset($HTTP_GET_VARS['noredir'])) { 486 $noredir = true; 487 } else { 488 $noredir = false; 489 } 490 $commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. <a href="edit.php">Go back</a>!'); 491 492 wp_set_comment_status($comment, "approve"); 493 if (get_settings("comments_notify") == true) { 494 wp_notify_postauthor($comment); 495 } 496 497 498 if (($HTTP_SERVER_VARS['HTTP_REFERER'] != "") && (false == $noredir)) { 499 header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']); 500 } else { 501 header('Location: '.$siteurl.'/wp-admin/edit.php?p='.$p.'&c=1#comments'); 502 } 503 504 break; 505 378 506 case 'editedcomment': 379 507 -
trunk/wp-commentsrss2.php
r414 r546 54 54 LEFT JOIN $tableposts ON comment_post_id = id 55 55 WHERE comment_post_ID = '$id' 56 AND $tablecomments.comment_approved = '1' 56 57 AND $tableposts.post_status = 'publish' 57 58 AND post_category > '0' … … 73 74 LEFT JOIN $tableposts ON comment_post_id = id 74 75 WHERE $tableposts.post_status = 'publish' 76 AND $tablecomments.comment_approved = '1' 75 77 AND post_category > '0' 76 78 AND post_date < '".date("Y-m-d H:i:s")."'
Note: See TracChangeset
for help on using the changeset viewer.