Make WordPress Core

Changeset 546


Ignore:
Timestamp:
11/12/2003 03:22:47 PM (21 years ago)
Author:
emc3
Message:

otaku42's comment moderation patches

Location:
trunk
Files:
2 added
14 edited

Legend:

Unmodified
Added
Removed
  • trunk/b2-include/b2functions.php

    r534 r546  
    547547}
    548548
    549 function get_commentdata($comment_ID,$no_cache=0) { // less flexible, but saves DB queries
     549function get_commentdata($comment_ID,$no_cache=0,$include_unapproved=false) { // less flexible, but saves DB queries
    550550    global $postc,$id,$commentdata,$tablecomments,$querycount, $wpdb;
    551551    if ($no_cache) {
    552         $myrow = $wpdb->get_row("SELECT * FROM $tablecomments WHERE comment_ID = $comment_ID", ARRAY_A);
     552        $query = "SELECT * FROM $tablecomments WHERE comment_ID = $comment_ID";
     553        if (false == $include_unapproved) {
     554            $query .= " AND comment_approved = '1'";
     555        }
     556            $myrow = $wpdb->get_row($query, ARRAY_A);
    553557        ++$querycount;
    554558    } else {
     
    13111315}
    13121316
     1317/* wp_set_comment_status:
     1318   part of otaku42's comment moderation hack
     1319   changes the status of a comment according to $comment_status.
     1320   allowed values:
     1321   hold   : set comment_approve field to 0
     1322   approve: set comment_approve field to 1
     1323   delete : remove comment out of database
     1324   
     1325   returns true if change could be applied
     1326   returns false on database error or invalid value for $comment_status
     1327 */
     1328function wp_set_comment_status($comment_id, $comment_status) {
     1329    global $wpdb, $tablecomments;
     1330
     1331    switch($comment_status) {
     1332    case 'hold':
     1333    $query = "UPDATE $tablecomments SET comment_approved='0' WHERE comment_ID='$comment_id' LIMIT 1";
     1334    break;
     1335    case 'approve':
     1336    $query = "UPDATE $tablecomments SET comment_approved='1' WHERE comment_ID='$comment_id' LIMIT 1";
     1337    break;
     1338    case 'delete':
     1339    $query = "DELETE FROM $tablecomments WHERE comment_ID='$comment_id' LIMIT 1";
     1340    break;
     1341    default:
     1342    return false;
     1343    }
     1344   
     1345    if ($wpdb->query($query)) {
     1346    return true;
     1347    } else {
     1348    return false;
     1349    }
     1350}
     1351
     1352
     1353/* wp_get_comment_status
     1354   part of otaku42's comment moderation hack
     1355   gets the current status of a comment
     1356
     1357   returned values:
     1358   "approved"  : comment has been approved
     1359   "unapproved": comment has not been approved
     1360   "deleted   ": comment not found in database
     1361
     1362   a (boolean) false signals an error
     1363 */
     1364function wp_get_comment_status($comment_id) {
     1365    global $wpdb, $tablecomments;
     1366   
     1367    $result = $wpdb->get_var("SELECT comment_approved FROM $tablecomments WHERE comment_ID='$comment_id' LIMIT 1");
     1368    if ($result == NULL) {
     1369    return "deleted";
     1370    } else if ($result == "1") {
     1371    return "approved";
     1372    } else if ($result == "0") {
     1373    return "unapproved";
     1374    } else {
     1375    return false;
     1376    }
     1377}
     1378
     1379
     1380/* wp_notify_postauthor
     1381   notifies the author of a post about a new comment
     1382   needs the id of the new comment
     1383   always returns true
     1384 */
     1385function wp_notify_postauthor($comment_id) {
     1386    global $wpdb, $tablecomments, $tableposts, $tableusers;
     1387    global $querystring_start, $querystring_equal, $querystring_separator;
     1388    global $blogfilename, $blogname, $siteurl;
     1389   
     1390    $comment = $wpdb->get_row("SELECT * FROM $tablecomments WHERE comment_ID='$comment_id' LIMIT 1");
     1391    $post = $wpdb->get_row("SELECT * FROM $tableposts WHERE ID='$comment->comment_post_ID' LIMIT 1");
     1392    $user = $wpdb->get_row("SELECT * FROM $tableusers WHERE ID='$post->post_author' LIMIT 1");
     1393
     1394    if ("" != $user->user_email) {
     1395    $comment_author_domain = gethostbyaddr($comment->comment_author_IP);
     1396
     1397    $notify_message  = "New comment on your post #$comment->comment_post_ID \"".stripslashes($post->post_title)."\"\r\n\r\n";
     1398    $notify_message .= "Author : $comment->comment_author (IP: $comment->comment_author_IP , $comment_author_domain)\r\n";
     1399    $notify_message .= "E-mail : $comment->comment_author_email\r\n";
     1400    $notify_message .= "URL    : $comment->comment_author_url\r\n";
     1401    $notify_message .= "Whois  : http://ws.arin.net/cgi-bin/whois.pl?queryinput=$comment->comment_author_IP\r\n";
     1402    $notify_message .= "Comment:\r\n".stripslashes($comment->comment_content)."\r\n\r\n";
     1403    $notify_message .= "You can see all comments on this post here: \r\n";
     1404    $notify_message .= $siteurl.'/'.$blogfilename.'?p='.$comment_post_ID.'&c=1#comments';
     1405
     1406    $subject = '[' . stripslashes($blogname) . '] Comment: "' .stripslashes($post->post_title).'"';
     1407    if ('' != $comment->comment_author_email) {
     1408            $from = "From: \"$comment->comment_author\" <$comment->comment_author_email>";
     1409    } else {
     1410            $from = 'From: "' . stripslashes($comment->comment_author) . "\" <$user->user_email>";
     1411    }
     1412    $from .= "\nX-Mailer: WordPress $b2_version with PHP/" . phpversion();
     1413
     1414    @mail($user->user_email, $subject, $notify_message, $from);
     1415    }
     1416   
     1417    return true;
     1418}
     1419
     1420/* wp_notify_moderator
     1421   notifies the moderator of the blog (usually the admin)
     1422   about a new comment that waits for approval
     1423   always returns true
     1424 */
     1425function wp_notify_moderator($comment_id) {
     1426    global $wpdb, $tablecomments, $tableposts, $tableusers;
     1427    global $querystring_start, $querystring_equal, $querystring_separator;
     1428    global $blogfilename, $blogname, $siteurl;
     1429   
     1430    $comment = $wpdb->get_row("SELECT * FROM $tablecomments WHERE comment_ID='$comment_id' LIMIT 1");
     1431    $post = $wpdb->get_row("SELECT * FROM $tableposts WHERE ID='$comment->comment_post_ID' LIMIT 1");
     1432    $user = $wpdb->get_row("SELECT * FROM $tableusers WHERE ID='$post->post_author' LIMIT 1");
     1433
     1434    $comment_author_domain = gethostbyaddr($comment->comment_author_IP);
     1435    $comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $tablecomments WHERE comment_approved = '0'");
     1436
     1437    $notify_message  = "A new comment on the post #$comment->comment_post_ID \"".stripslashes($post->post_title)."\" is waiting for your approval\r\n\r\n";
     1438    $notify_message .= "Author : $comment->comment_author (IP: $comment->comment_author_IP , $comment_author_domain)\r\n";
     1439    $notify_message .= "E-mail : $comment->comment_author_email\r\n";
     1440    $notify_message .= "URL    : $comment->comment_author_url\r\n";
     1441    $notify_message .= "Whois  : http://ws.arin.net/cgi-bin/whois.pl?queryinput=$comment->comment_author_IP\r\n";
     1442    $notify_message .= "Comment:\r\n".stripslashes($comment->comment_content)."\r\n\r\n";
     1443    $notify_message .= "To approve this comment, visit: $siteurl/wp-admin/wp-post.php?action=mailapprovecomment&p=".$comment->comment_post_ID."&comment=$comment_id\r\n";
     1444    $notify_message .= "To delete this comment, visit: $siteurl/wp-admin/wp-post.php?action=confirmdeletecomment&p=".$comment->comment_post_ID."&comment=$comment_id\r\n";
     1445    $notify_message .= "Currently $comments_waiting comments are waiting for approval. Please visit the moderation panel:\r\n";
     1446    $notify_message .= "$siteurl/wp-admin/wp-moderation.php\r\n";
     1447
     1448    $subject = '[' . stripslashes($blogname) . '] Please approve: "' .stripslashes($post->post_title).'"';
     1449    $admin_email = get_settings("admin_email");
     1450    $from  = "From: $admin_email";
     1451    $from .= "\nX-Mailer: WordPress $b2_version with PHP/" . phpversion();
     1452
     1453    @mail($admin_email, $subject, $notify_message, $from);
     1454   
     1455    return true;
     1456}
     1457
    13131458
    13141459// implementation of in_array that also should work on PHP3
  • trunk/b2-include/b2template.functions.php

    r541 r546  
    14041404// generic comments/trackbacks/pingbacks numbering
    14051405
    1406 function comments_number($zero='No Comments', $one='1 Comment', $more='% Comments') {
     1406function comments_number($zero='No Comments', $one='1 Comment', $more='% Comments', $include_unapproved = false) {
    14071407    global $id, $comment, $tablecomments, $querycount, $wpdb;
    1408     $number = $wpdb->get_var("SELECT COUNT(*) FROM $tablecomments WHERE comment_post_ID = $id");
     1408    $query = "SELECT COUNT(*) FROM $tablecomments WHERE comment_post_ID = '$id'";
     1409    if (false == $include_unapproved) {
     1410        $query .= " AND comment_approved = '1'";
     1411    }
     1412    $number = $wpdb->get_var($query);
    14091413    if ($number == 0) {
    14101414        $blah = $zero;
     
    14371441    global $id, $b2commentspopupfile, $b2commentsjavascript, $post, $wpdb, $tablecomments, $HTTP_COOKIE_VARS, $cookiehash;
    14381442    global $querystring_start, $querystring_equal, $querystring_separator, $siteurl;
    1439     $number = $wpdb->get_var("SELECT COUNT(*) FROM $tablecomments WHERE comment_post_ID = $id");
     1443    $number = $wpdb->get_var("SELECT COUNT(*) FROM $tablecomments WHERE comment_post_ID = $id AND comment_approved = '1'");
    14401444    if (0 == $number && 'closed' == $post->comment_status) {
    14411445        echo $none;
  • trunk/b2comments.php

    r517 r546  
    1515        $comment_author_url = trim($HTTP_COOKIE_VARS["comment_author_url_".$cookiehash]);
    1616
    17         $comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id ORDER BY comment_date");
     17        $comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id AND comment_approved = '1' ORDER BY comment_date");
    1818?>
    1919
     
    7474    </p>
    7575
     76<?php
     77if ('none' != get_settings("comment_moderation")) {
     78?>
     79    <p>
     80    <strong>Please note:</strong><br />
     81    This blog uses comment moderation. In other words: your comment will need approval
     82    by the administrator before it will appear in the blog. Approval usually happens
     83    within the next 24 hours. Please send your comment only once. Thank you.
     84    </p>
     85<?php
     86} // comment_moderation != 'none'
     87?>
     88
    7689    <p>
    7790      <input name="submit" type="submit" tabindex="5" value="Say it!" />
  • trunk/b2comments.post.php

    r524 r546  
    8383
    8484if ($ok) { // if there was no comment from this IP in the last 10 seconds
     85    $comment_moderation = get_settings("comment_moderation");
     86    $moderation_notify = get_settings("moderation_notify");
     87   
     88    // o42: this place could be the hook for further comment spam checking
     89    // $approved should be set according the final approval status
     90    // of the new comment
     91    if ('manual' == $comment_moderation) {
     92        $approved = 0;
     93    } else if ('auto' == $comment_moderation) {
     94        $approved = 0;
     95    } else { // none
     96        $approved = 1;
     97    }
     98    $wpdb->query("INSERT INTO $tablecomments (comment_ID,comment_post_ID,comment_author,comment_author_email,comment_author_url,comment_author_IP,comment_date,comment_content,comment_karma,comment_approved) VALUES ('0', '$comment_post_ID', '$author', '$email', '$url', '$user_ip', '$now', '$comment', '0', '$approved')");
    8599
    86     $wpdb->query("INSERT INTO $tablecomments VALUES ('0', '$comment_post_ID', '$author', '$email', '$url', '$user_ip', '$now', '$comment', '0')");
     100    // o42: this should be changed as soon as other sql dbs are supported
     101    // as it's proprietary to mysql
    87102    $comment_ID = $wpdb->get_var("SELECT last_insert_id()");
    88103
    89     if ($comments_notify) {
    90         $postdata = get_postdata($comment_post_ID);
    91         $authordata = get_userdata($postdata['Author_ID']);
    92 
    93         if('' != $authordata->user_email) {
    94             $notify_message  = "New comment on your post #$comment_post_ID \"".stripslashes($postdata['Title'])."\"\r\n\r\n";
    95             $notify_message .= "Author : $comment_author (IP: $user_ip , $user_domain)\r\n";
    96             $notify_message .= "E-mail : $comment_author_email\r\n";
    97             $notify_message .= "URL    : $comment_author_url\r\n";
    98             $notify_message .= "Whois  : http://ws.arin.net/cgi-bin/whois.pl?queryinput=$user_ip\r\n";
    99             $notify_message .= "Delete : $siteurl/wp-admin/wp-post.php?action=deletecomment&p=$comment_post_ID&comment=$comment_ID \r\n";
    100             $notify_message .= "Comment:\r\n".stripslashes($original_comment)."\r\n\r\n";
    101             $notify_message .= "You can see all comments on this post here: \r\n";
    102             $notify_message .= $siteurl.'/'.$blogfilename.$querystring_start.'p'.$querystring_equal.$comment_post_ID.$querystring_separator.'c'.$querystring_equal.'1#comments';
    103 
    104             $subject = '[' . stripslashes($blogname) . '] Comment: "' .stripslashes($postdata['Title']).'"';
    105 
    106             if ('' != $comment_author_email) {
    107                 $from = "From: \"$comment_author\" <$comment_author_email>\r\n";
    108                 } else {
    109                 $from = 'From: "' . stripslashes($comment_author) . "\" <$authordata->user_email>\r\n";
    110                 }
    111             $from .= "X-Mailer: WordPress $b2_version with PHP/" . phpversion();
    112 
    113             @mail($authordata->user_email, $subject, $notify_message, $from);
    114         }
     104    $fp = fopen("/tmp/wpdebug.txt", "w+");
     105    fwrite($fp, "comment_moderation: $comment_moderation\n");
     106    fwrite($fp, "moderation_notify : $moderation_notify\n");
     107   
     108    if (($moderation_notify) && (!$approved)) {
     109        wp_notify_moderator($comment_ID);
     110        fwrite($fp, "notify moderator -> $comment_ID\n");
    115111    }
     112   
     113    if (($comment_notify) && ($approved)) {
     114        wp_notify_postauthor($comment_ID);
     115        fwrite($fp, "notify postauthor -> $comment_ID\n");
     116    }
     117   
     118    fclose($fp);
    116119
    117120    if ($email == '')
     
    125128    setcookie('comment_author_url_'.$cookiehash, $url, time()+30000000);
    126129
    127     header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
    128     header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
     130        header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
     131        header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
    129132    header('Cache-Control: no-cache, must-revalidate');
    130133    header('Pragma: no-cache');
  • trunk/b2commentspopup.php

    r518 r546  
    3131<?php
    3232// this line is WordPress' motor, do not delete it.
    33 $comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id ORDER BY comment_date");
     33$comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id AND comment_approved = '1' ORDER BY comment_date");
    3434$commentstatus = $wpdb->get_row("SELECT comment_status, post_password FROM $tableposts WHERE ID = $id");
    3535if (!empty($commentstatus->post_password) && $HTTP_COOKIE_VARS['wp-postpass_'.$cookiehash] != $commentstatus->post_password) {  // and it doesn't match the cookie
  • trunk/b2login.php

    r479 r546  
    6767        $redirect_to = $HTTP_POST_VARS["redirect_to"];
    6868    }
    69 
     69   
    7070    function login() {
    7171        global $wpdb, $log, $pwd, $error, $user_ID;
     
    298298    <input type="hidden" name="popuptitle" value="<?php echo $popuptitle ?>" />
    299299<?php } ?>
     300<?php if (isset($HTTP_GET_VARS["redirect_to"])) { ?>
     301    <input type="hidden" name="redirect_to" value="<?php echo $HTTP_GET_VARS["redirect_to"] ?>" />
     302<?php } else { ?>
    300303    <input type="hidden" name="redirect_to" value="wp-admin/" />
     304<?php } ?>
    301305    <input type="hidden" name="action" value="login" />
    302306    <label>Login: <input type="text" name="log" id="log" value="" size="20" tabindex="1" /></label><br />
  • trunk/wp-admin/b2menutop.txt

    r479 r546  
    111   wp-post.php Post
    221   edit.php    Edit
     33   wp-moderation.php   Moderation
    343   b2team.php  Team
    454   wp-options.php  Options
  • trunk/wp-admin/b2verifauth.php

    r458 r546  
    4242            $error="<strong>Error</strong>: wrong login or password";
    4343        }
    44         header("Location: $siteurl/b2login.php");
     44        $redir = "Location: $siteurl/b2login.php?redirect_to=" . urlencode($HTTP_SERVER_VARS["REQUEST_URI"]);
     45        header($redir);
    4546        exit();
    4647    }
  • trunk/wp-admin/edit-comments.php

    r532 r546  
    144144        ?>     
    145145        <li style="border-bottom: 1px solid #ccc;">
     146        <?php
     147            $comment_status = wp_get_comment_status($comment->comment_ID);
     148           
     149            if ("unapproved" == $comment_status) {
     150                echo "<span class=\"unapproved\">";
     151            }
     152        ?>
    146153        <p><strong>Name:</strong> <?php comment_author() ?> <?php if ($comment->comment_author_email) { ?>| <strong>Email:</strong> <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_email) { ?> | <strong>URI:</strong> <?php comment_author_url_link() ?> <?php } ?>| <strong>IP:</strong> <?php comment_author_IP() ?></p>
    147154       
  • trunk/wp-admin/edit.php

    r488 r546  
    244244?>
    245245            <p>
    246                 <strong><?php the_time('Y/m/d @ H:i:s'); ?></strong> [ <a href="edit.php?p=<?php echo $id ?>&c=1"><?php comments_number('no comments', '1 comment', "% comments") ?></a>
     246                <strong><?php the_time('Y/m/d @ H:i:s'); ?></strong> [ <a href="edit.php?p=<?php echo $id ?>&c=1"><?php comments_number('no comments', '1 comment', "% comments", true) ?></a>
    247247                <?php
    248248                if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) {
     
    279279                    <!-- comment -->
    280280                    <li>
     281                        <?php
     282                        $comment_status = wp_get_comment_status($comment->comment_ID);
     283                       
     284                        if ("unapproved" == $comment_status) {
     285                            echo "<span class=\"unapproved\">";
     286                        }
     287                        ?>
    281288                            <?php comment_date('Y/m/d') ?> @ <?php comment_time() ?>
    282289                            <?php
    283290                            if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) {
    284291                                echo "[ <a href=\"wp-post.php?action=editcomment&amp;comment=".$comment->comment_ID."\">Edit</a>";
    285                                 echo " - <a href=\"wp-post.php?action=deletecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('You are about to delete this comment by \'".$comment->comment_author."\'\\n  \'OK\' to delete, \'Cancel\' to stop.')\">Delete</a> ]";
     292                                echo " - <a href=\"wp-post.php?action=deletecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('You are about to delete this comment by \'".$comment->comment_author."\'\\n  \'OK\' to delete, \'Cancel\' to stop.')\">Delete</a> ";
     293                                if ( ('none' != $comment_status) && ($user_level >= 3) ) {
     294                                    if ('approved' == wp_get_comment_status($comment->comment_ID)) {
     295                                        echo " - <a href=\"wp-post.php?action=unapprovecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\">Unapprove</a> ";
     296                                    } else {
     297                                        echo " - <a href=\"wp-post.php?action=approvecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\">Approve</a> ";
     298                                    }
     299                                }
     300                                echo "]";
    286301                            } // end if any comments to show
    287302                            ?>
     
    289304                        <strong><?php comment_author() ?> ( <?php comment_author_email_link() ?> / <?php comment_author_url_link() ?> )</strong> (IP: <?php comment_author_IP() ?>)
    290305                            <?php comment_text() ?>
     306                        <?php
     307                        if ("unapproved" == $comment_status) {
     308                            echo "</span>";
     309                        }
     310                        ?>
    291311                    </li>
    292312                    <!-- /comment -->
  • trunk/wp-admin/wp-admin.css

    r477 r546  
    8686    font-size: 18px;
    8787    margin: 6px 0;
     88}
     89
     90.unapproved {
     91    color: #888;
     92}
     93
     94.unapproved a:link {
     95    color: #B9BCFF;
     96}
     97
     98.unapproved a:visited {
     99    color: #696DFF;
     100}
     101
     102.unapproved a:hover {
     103    color: #009EF0;
    88104}
    89105
  • trunk/wp-admin/wp-edit.showposts.php

    r514 r546  
    247247        start_b2(); ?>
    248248            <p>
    249                 <strong><?php the_time('Y/m/d @ H:i:s'); ?></strong> [ <a href="wp-post.php?p=<?php echo $id ?>&c=1"><?php comments_number('no comments', '1 comment', "% comments") ?></a>
     249                <strong><?php the_time('Y/m/d @ H:i:s'); ?></strong> [ <a href="wp-post.php?p=<?php echo $id ?>&c=1"><?php comments_number('no comments', '1 comment', "% comments", true) ?></a>
    250250                <?php
    251251                if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) {
     
    287287                            if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) {
    288288                                echo "[ <a href=\"wp-post.php?action=editcomment&amp;comment=".$comment->comment_ID."\">Edit</a>";
    289                                 echo " - <a href=\"wp-post.php?action=deletecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('You are about to delete this comment by \'".$comment->comment_author."\'\\n  \'Cancel\' to stop, \'OK\' to delete.')\">Delete</a> ]";
     289                                echo " - <a href=\"wp-post.php?action=deletecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('You are about to delete this comment by \'".$comment->comment_author."\'\\n  \'Cancel\' to stop, \'OK\' to delete.')\">Delete</a> ";
     290                                if ( ('none' != get_settings("comment_moderation")) && ($user_level >= 3) ) {
     291                                    if ('approved' == wp_get_comment_status($comment->comment_ID)) {
     292                                        echo " - <a href=\"b2edit.php?action=unapprovecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\">Unapprove</a> ";
     293                                    } else {
     294                                        echo " - <a href=\"b2edit.php?action=approvecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\">Approve</a> ";
     295                                    }
     296                                }
     297                                echo " ]";
    290298                            } // end if any comments to show
    291299                            ?>
  • trunk/wp-admin/wp-post.php

    r528 r546  
    339339
    340340        $comment = $HTTP_GET_VARS['comment'];
    341         $commentdata = get_commentdata($comment, 1) or die('Oops, no comment with this ID. <a href="javascript:history.go(-1)">Go back</a>!');
     341        $commentdata = get_commentdata($comment, 1, true) or die('Oops, no comment with this ID. <a href="javascript:history.go(-1)">Go back</a>!');
    342342        $content = $commentdata['comment_content'];
    343343        $content = format_to_edit($content);
     
    347347        break;
    348348
     349    case 'confirmdeletecomment':
     350   
     351    $standalone = 0;
     352    require_once('./b2header.php');
     353   
     354    if ($user_level == 0)
     355        die ('Cheatin&#8217; uh?');
     356   
     357    $comment = $HTTP_GET_VARS['comment'];
     358    $p = $HTTP_GET_VARS['p'];
     359    $commentdata = get_commentdata($comment, 1, true) or die('Oops, no comment with this ID. <a href="edit.php">Go back</a>!');
     360   
     361    echo "<div class=\"wrap\">\n";
     362    echo "<p><strong>Caution:</strong> You are about to delete the following comment:</p>\n";
     363    echo "<table border=\"0\">\n";
     364    echo "<tr><td>Author:</td><td>" . $commentdata["comment_author"] . "</td></tr>\n";
     365    echo "<tr><td>E-Mail:</td><td>" . $commentdata["comment_author_email"] . "</td></tr>\n";
     366    echo "<tr><td>URL:</td><td>" . $commentdata["comment_author_url"] . "</td></tr>\n";
     367    echo "<tr><td>Comment:</td><td>" . stripslashes($commentdata["comment_content"]) . "</td></tr>\n";
     368    echo "</table>\n";
     369    echo "<p>Are you sure you want to do that?</p>\n";
     370   
     371    echo "<form action=\"$siteurl/wp-admin/wp-post.php\" method=\"get\">\n";
     372    echo "<input type=\"hidden\" name=\"action\" value=\"deletecomment\" />\n";
     373    echo "<input type=\"hidden\" name=\"p\" value=\"$p\" />\n";
     374    echo "<input type=\"hidden\" name=\"comment\" value=\"$comment\" />\n";
     375    echo "<input type=\"hidden\" name=\"noredir\" value=\"1\" />\n";
     376    echo "<input type=\"submit\" value=\"Yes\" />";
     377    echo "&nbsp;&nbsp;";
     378    echo "<input type=\"button\" value=\"No\" onClick=\"self.location='$siteurl/wp-admin/edit.php?p=$p&c=1#comments';\" />\n";
     379    echo "</form>\n";
     380    echo "</div>\n";
     381   
     382    break;
     383
    349384    case 'deletecomment':
    350385
    351         $standalone = 1;
    352         require_once('./b2header.php');
    353 
    354         if ($user_level == 0)
    355             die ('Cheatin&#8217; uh?');
    356 
    357 
    358         $comment = $HTTP_GET_VARS['comment'];
    359         $p = $HTTP_GET_VARS['p'];
    360 
    361         $postdata = get_postdata($p) or die('Oops, no post with this ID. <a href="wp-post.php">Go back</a>!');
    362         $commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. <a href="wp-post.php">Go back</a>!');
    363 
    364         $authordata = get_userdata($postdata['Author_ID']);
    365         if ($user_level < $authordata->user_level)
    366             die ('You don&#8217;t have the right to delete <strong>'.$authordata->user_nickname.'</strong>&#8217;s post comments. <a href="wp-post.php">Go back</a>!');
    367 
    368         $result = $wpdb->query("DELETE FROM $tablecomments WHERE comment_ID=$comment");
    369 
    370         if($HTTP_SERVER_VARS['HTTP_REFERER'] != "") {
    371             header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
    372         } else {
    373             header('Location: '.$siteurl.'/wp-admin/');
    374         }
    375 
    376         break;
    377 
     386    $standalone = 1;
     387    require_once('./b2header.php');
     388
     389    if ($user_level == 0)
     390        die ('Cheatin&#8217; uh?');
     391
     392
     393    $comment = $HTTP_GET_VARS['comment'];
     394    $p = $HTTP_GET_VARS['p'];
     395    if (isset($HTTP_GET_VARS['noredir'])) {
     396        $noredir = true;
     397    } else {
     398        $noredir = false;
     399    }
     400   
     401    $postdata = get_postdata($p) or die('Oops, no post with this ID. <a href="edit.php">Go back</a>!');
     402    $commentdata = get_commentdata($comment, 1, true) or die('Oops, no comment with this ID. <a href="wp-post.php">Go back</a>!');
     403
     404    $authordata = get_userdata($postdata['Author_ID']);
     405    if ($user_level < $authordata->user_level)
     406        die ('You don&#8217;t have the right to delete <strong>'.$authordata->user_nickname.'</strong>&#8217;s post comments. <a href="wp-post.php">Go back</a>!');
     407
     408    wp_set_comment_status($comment, "delete");
     409
     410    if (($HTTP_SERVER_VARS['HTTP_REFERER'] != "") && (false == $noredir)) {
     411        header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
     412    } else {
     413        header('Location: '.$siteurl.'/wp-admin/edit.php?p='.$p.'&c=1#comments');
     414    }
     415
     416    break;
     417   
     418    case 'unapprovecomment':
     419   
     420    $standalone = 1;
     421    require_once('./b2header.php');
     422   
     423    if ($user_level == 0)
     424        die ('Cheatin&#8217; uh?');
     425       
     426    $comment = $HTTP_GET_VARS['comment'];
     427    $p = $HTTP_GET_VARS['p'];
     428    if (isset($HTTP_GET_VARS['noredir'])) {
     429        $noredir = true;
     430    } else {
     431        $noredir = false;
     432    }
     433
     434    $commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. <a href="edit.php">Go back</a>!');
     435   
     436    wp_set_comment_status($comment, "hold");
     437   
     438    if (($HTTP_SERVER_VARS['HTTP_REFERER'] != "") && (false == $noredir)) {
     439        header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
     440    } else {
     441        header('Location: '.$siteurl.'/wp-admin/edit.php?p='.$p.'&c=1#comments');
     442    }
     443   
     444    break;
     445   
     446    case 'mailapprovecomment':
     447   
     448    $standalone = 0;
     449    require_once('./b2header.php');
     450   
     451    if ($user_level == 0)
     452        die ('Cheatin&#8217; uh?');
     453   
     454    $comment = $HTTP_GET_VARS['comment'];
     455    $p = $HTTP_GET_VARS['p'];
     456    $commentdata = get_commentdata($comment, 1, true) or die('Oops, no comment with this ID. <a href="edit.php">Go back</a>!');
     457
     458    wp_set_comment_status($comment, "approve");
     459    if (get_settings("comments_notify") == true) {
     460        wp_notify_postauthor($comment);
     461    }
     462   
     463    echo "<div class=\"wrap\">\n";
     464    echo "<p>Comment has been approved.</p>\n";
     465   
     466    echo "<form action=\"$siteurl/wp-admin/edit.php?p=$p&c=1#comments\" method=\"get\">\n";
     467    echo "<input type=\"hidden\" name=\"p\" value=\"$p\" />\n";
     468    echo "<input type=\"hidden\" name=\"c\" value=\"1\" />\n";
     469    echo "<input type=\"submit\" value=\"Ok\" />";
     470    echo "</form>\n";
     471    echo "</div>\n";
     472   
     473    break;
     474
     475    case 'approvecomment':
     476   
     477    $standalone = 1;
     478    require_once('./b2header.php');
     479   
     480    if ($user_level == 0)
     481        die ('Cheatin&#8217; uh?');
     482       
     483    $comment = $HTTP_GET_VARS['comment'];
     484    $p = $HTTP_GET_VARS['p'];
     485    if (isset($HTTP_GET_VARS['noredir'])) {
     486        $noredir = true;
     487    } else {
     488        $noredir = false;
     489    }
     490    $commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. <a href="edit.php">Go back</a>!');
     491   
     492    wp_set_comment_status($comment, "approve");
     493    if (get_settings("comments_notify") == true) {
     494        wp_notify_postauthor($comment);
     495    }
     496   
     497     
     498    if (($HTTP_SERVER_VARS['HTTP_REFERER'] != "") && (false == $noredir)) {
     499        header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
     500    } else {
     501        header('Location: '.$siteurl.'/wp-admin/edit.php?p='.$p.'&c=1#comments');
     502    }
     503   
     504    break;
     505   
    378506    case 'editedcomment':
    379507
  • trunk/wp-commentsrss2.php

    r414 r546  
    5454                                            LEFT JOIN $tableposts ON comment_post_id = id
    5555                                            WHERE comment_post_ID = '$id'
     56                                            AND $tablecomments.comment_approved = '1'
    5657                                            AND $tableposts.post_status = 'publish'
    5758                                            AND post_category > '0'
     
    7374                                            LEFT JOIN $tableposts ON comment_post_id = id
    7475                                            WHERE $tableposts.post_status = 'publish'
     76                                            AND $tablecomments.comment_approved = '1'
    7577                                            AND post_category > '0'
    7678                                            AND post_date < '".date("Y-m-d H:i:s")."'
Note: See TracChangeset for help on using the changeset viewer.