Opened 14 years ago
Closed 14 years ago
#16338 closed defect (bug) (invalid)
BUG: wp_allow_comment 'user_ID'
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 3.0.4 |
Component: | Comments | Keywords: | user_id allow comment |
Focuses: | Cc: |
Description
All inludes of '$user_id' variable is not implemented in the wp_allow_comment function.
Therefore some if-conditions always are FALSE.
For examle:
if (isset($user_id) && $user_id) { ... }
is always FALSE!
Solution of this issue is:
- Add 'global $user_ID' to the function.
- Replace all '$user_id' > '$user_ID'.
function wp_allow_comment($commentdata) { global $wpdb, $user_ID; extract($commentdata, EXTR_SKIP); // Simple duplicate check // expected_slashed ($comment_post_ID, $comment_author, $comment_author_email, $comment_content) $dupe = "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND comment_approved != 'trash' AND ( comment_author = '$comment_author' "; if ( $comment_author_email ) $dupe .= "OR comment_author_email = '$comment_author_email' "; $dupe .= ") AND comment_content = '$comment_content' LIMIT 1"; if ( $wpdb->get_var($dupe) ) { do_action( 'comment_duplicate_trigger', $commentdata ); if ( defined('DOING_AJAX') ) die( __('Duplicate comment detected; it looks as though you’ve already said that!') ); wp_die( __('Duplicate comment detected; it looks as though you’ve already said that!') ); } do_action( 'check_comment_flood', $comment_author_IP, $comment_author_email, $comment_date_gmt ); if ( isset($user_ID) && $user_ID) { $userdata = get_userdata($user_ID); $user = new WP_User($user_ID); $post_author = $wpdb->get_var($wpdb->prepare("SELECT post_author FROM $wpdb->posts WHERE ID = %d LIMIT 1", $comment_post_ID)); } if ( isset($userdata) && ( $user_ID == $post_author || $user->has_cap('moderate_comments') ) ) { // The author and the admins get respect. $approved = 1; } else { // Everyone else's comments will be checked. if ( check_comment($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent, $comment_type) ) $approved = 1; else $approved = 0; if ( wp_blacklist_check($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent) ) $approved = 'spam'; } $approved = apply_filters('pre_comment_approved', $approved); return $approved; }
Change History (1)
Note: See
TracTickets for help on using
tickets.
The $user_id variable is set via this line:
extract($commentdata, EXTR_SKIP);
See http://php.net/extract