WP_Query: comment_status and ping_status

[birgire]

The post_status parameter is supported by WP_Query, but comment_status and ping_status are not supported.

It's possible to use the posts_where filter to modify a query for a specific comment status or ping status, but I wonder why such basic post properties aren't directly filterable in WP_Query.

Example:

$query = new WP_Query( [ 'comment_status' => 'closed' ] );

$query = new WP_Query( [ 'ping_status' => 'open' ] );

[pietergoosen]

This spreads from this question (​http://wordpress.stackexchange.com/q/214323/31545) asked on wordpress.stackexchange.com, so there is a definite need for the intended features.

Can we implement this in a future release?

[boonebgorges]

Sure, this is reasonable.

[birgire]

In the wp-admin we can e.g. modify the comment/ping status for each post, through the following checkboxes:

[x] Allow comments.
[x] Allow trackbacks and pingbacks on this page.

These values are saved as 'open' or 'closed' into the comment_status, ping_status table fields.

I attached the 35601.diff patch as a starting point.

It's assumes there are only 'open' and 'closed' values for comment_status and ping_status.

So the next question that comes to mind, is what would we want to allow as possible parameter values:

• only allow these two values 'open' and 'closed' ?

• or allow custom values?
  • force lowercase?
  • force a #char limit? The fields are both varchar(20) so for custom values, there would be no point in searching for strings longer than that.
  • what kind of sanitazion would we want: sanitize_key(), sanitize_title_for_query(), ... ?

[boonebgorges]

Thanks for the patch, @birgire. There's nothing preventing people from storing custom comment_status and ping_status in the database, and there's no reason I can think of why we need to prevent querying by custom values. The only exception would be if we had some "magic" values - kinda like how post_type=all gets translated under the hood to all publicly queryable post types.

The only kind of sanitization necessary here is against SQL injection, which is handled by $wpdb->prepare().

[boonebgorges]

In 36403:

Introduce $comment_status and $ping_status params for WP_Query.

Props birgire.
Fixes #35601.

[birgire]

Changed ! empty to isset and removed the right most trailing spaces after %s.

[birgire]

Great and thanks for the unit-test @boonebgorges.

I guess I was too paranoid regarding allowed searchable values ;-)

If we don't want to restrict the possible custom values, other than preparing it, I wonder if we should allow 0 and the empty string '' as well and change:

if( ! empty( $q['comment_status' ] ) )

to

if( isset( $q['comment_status'] ) )

since empty() treats 0 as empty. And similarly for the ping status.

I also removed the extra trailing space after %s, that I had added previously.

I added 35601-2.diff for these updates.