2004-12-16 03:57:05 +01:00
< ? php
2006-04-19 04:32:12 +02:00
function check_comment ( $author , $email , $url , $comment , $user_ip , $user_agent , $comment_type ) {
global $wpdb ;
2006-02-12 08:53:23 +01:00
2006-12-07 04:57:23 +01:00
if ( 1 == get_option ( 'comment_moderation' ) )
return false ; // If moderation is set to manual
2005-09-20 05:17:43 +02:00
2006-10-04 06:43:25 +02:00
if ( preg_match_all ( " |(href \t *?= \t *?[' \" ]?)?(https?:)?//|i " , $comment , $out ) >= get_option ( 'comment_max_links' ) )
2006-04-19 04:32:12 +02:00
return false ; // Check # of external links
2005-09-20 05:17:43 +02:00
2006-12-07 04:57:23 +01:00
$mod_keys = trim ( get_option ( 'moderation_keys' ));
2006-04-19 04:32:12 +02:00
if ( ! empty ( $mod_keys ) ) {
$words = explode ( " \n " , $mod_keys );
2005-09-20 05:17:43 +02:00
2006-04-19 04:32:12 +02:00
foreach ( $words as $word ) {
$word = trim ( $word );
2005-09-20 05:17:43 +02:00
2006-04-19 04:32:12 +02:00
// Skip empty lines
2006-12-07 04:57:23 +01:00
if ( empty ( $word ) )
continue ;
2005-09-20 05:17:43 +02:00
2006-11-19 08:56:05 +01:00
// Do some escaping magic so that '#' chars in the
2006-04-19 04:32:12 +02:00
// spam words don't break things:
$word = preg_quote ( $word , '#' );
2005-11-11 00:31:58 +01:00
2006-11-19 08:56:05 +01:00
$pattern = " # $word #i " ;
2006-04-19 04:32:12 +02:00
if ( preg_match ( $pattern , $author ) ) return false ;
if ( preg_match ( $pattern , $email ) ) return false ;
if ( preg_match ( $pattern , $url ) ) return false ;
if ( preg_match ( $pattern , $comment ) ) return false ;
if ( preg_match ( $pattern , $user_ip ) ) return false ;
if ( preg_match ( $pattern , $user_agent ) ) return false ;
}
}
2005-11-11 00:31:58 +01:00
2006-04-19 04:32:12 +02:00
// Comment whitelisting:
2006-08-30 23:46:31 +02:00
if ( 1 == get_option ( 'comment_whitelist' )) {
2006-04-19 04:32:12 +02:00
if ( 'trackback' == $comment_type || 'pingback' == $comment_type ) { // check if domain is in blogroll
$uri = parse_url ( $url );
$domain = $uri [ 'host' ];
$uri = parse_url ( get_option ( 'home' ) );
$home_domain = $uri [ 'host' ];
if ( $wpdb -> get_var ( " SELECT link_id FROM $wpdb->links WHERE link_url LIKE ('% $domain %') LIMIT 1 " ) || $domain == $home_domain )
return true ;
else
return false ;
2006-12-07 04:57:23 +01:00
} elseif ( $author != '' && $email != '' ) {
2006-04-19 04:32:12 +02:00
$ok_to_comment = $wpdb -> get_var ( " SELECT comment_approved FROM $wpdb->comments WHERE comment_author = ' $author ' AND comment_author_email = ' $email ' and comment_approved = '1' LIMIT 1 " );
if ( ( 1 == $ok_to_comment ) &&
( empty ( $mod_keys ) || false === strpos ( $email , $mod_keys ) ) )
return true ;
else
return false ;
} else {
return false ;
}
2005-09-20 05:17:43 +02:00
}
2006-04-19 04:32:12 +02:00
return true ;
2005-09-20 05:17:43 +02:00
}
2006-12-07 04:57:23 +01:00
2006-04-19 04:32:12 +02:00
function get_approved_comments ( $post_id ) {
2005-09-20 05:17:43 +02:00
global $wpdb ;
2006-04-22 02:02:00 +02:00
$post_id = ( int ) $post_id ;
return $wpdb -> get_results ( " SELECT * FROM $wpdb->comments WHERE comment_post_ID = ' $post_id ' AND comment_approved = '1' ORDER BY comment_date " );
2006-04-19 04:32:12 +02:00
}
2005-09-20 05:17:43 +02:00
2006-12-07 04:57:23 +01:00
2006-04-19 04:32:12 +02:00
// Retrieves comment data given a comment ID or comment object.
// Handles comment caching.
function & get_comment ( & $comment , $output = OBJECT ) {
global $comment_cache , $wpdb ;
2005-09-20 05:17:43 +02:00
2006-04-19 04:32:12 +02:00
if ( empty ( $comment ) )
return null ;
2005-09-20 05:17:43 +02:00
2006-04-19 04:32:12 +02:00
if ( is_object ( $comment ) ) {
if ( ! isset ( $comment_cache [ $comment -> comment_ID ]) )
$comment_cache [ $comment -> comment_ID ] = & $comment ;
$_comment = & $comment_cache [ $comment -> comment_ID ];
} else {
2007-03-28 01:45:41 +02:00
$comment = ( int ) $comment ;
2006-04-19 04:32:12 +02:00
if ( ! isset ( $comment_cache [ $comment ]) ) {
$_comment = $wpdb -> get_row ( " SELECT * FROM $wpdb->comments WHERE comment_ID = ' $comment ' LIMIT 1 " );
$comment_cache [ $comment -> comment_ID ] = & $_comment ;
} else {
$_comment = & $comment_cache [ $comment ];
}
}
2005-11-16 07:29:36 +01:00
2006-04-19 04:32:12 +02:00
if ( $output == OBJECT ) {
return $_comment ;
} elseif ( $output == ARRAY_A ) {
return get_object_vars ( $_comment );
} elseif ( $output == ARRAY_N ) {
return array_values ( get_object_vars ( $_comment ));
} else {
return $_comment ;
2005-11-22 04:45:40 +01:00
}
2005-09-20 05:17:43 +02:00
}
2006-12-07 04:57:23 +01:00
2006-04-19 04:32:12 +02:00
// Deprecate in favor of get_comment()?
function get_commentdata ( $comment_ID , $no_cache = 0 , $include_unapproved = false ) { // less flexible, but saves DB queries
global $postc , $id , $commentdata , $wpdb ;
2006-12-07 04:57:23 +01:00
if ( $no_cache ) {
2006-04-19 04:32:12 +02:00
$query = " SELECT * FROM $wpdb->comments WHERE comment_ID = ' $comment_ID ' " ;
2006-12-07 04:57:23 +01:00
if ( false == $include_unapproved )
$query .= " AND comment_approved = '1' " ;
$myrow = $wpdb -> get_row ( $query , ARRAY_A );
2006-04-19 04:32:12 +02:00
} else {
2006-12-07 04:57:23 +01:00
$myrow [ 'comment_ID' ] = $postc -> comment_ID ;
$myrow [ 'comment_post_ID' ] = $postc -> comment_post_ID ;
$myrow [ 'comment_author' ] = $postc -> comment_author ;
2006-04-19 04:32:12 +02:00
$myrow [ 'comment_author_email' ] = $postc -> comment_author_email ;
2006-12-07 04:57:23 +01:00
$myrow [ 'comment_author_url' ] = $postc -> comment_author_url ;
$myrow [ 'comment_author_IP' ] = $postc -> comment_author_IP ;
$myrow [ 'comment_date' ] = $postc -> comment_date ;
$myrow [ 'comment_content' ] = $postc -> comment_content ;
$myrow [ 'comment_karma' ] = $postc -> comment_karma ;
$myrow [ 'comment_approved' ] = $postc -> comment_approved ;
$myrow [ 'comment_type' ] = $postc -> comment_type ;
2006-04-19 04:32:12 +02:00
}
return $myrow ;
}
2006-12-07 04:57:23 +01:00
2006-04-19 04:32:12 +02:00
function get_lastcommentmodified ( $timezone = 'server' ) {
global $cache_lastcommentmodified , $pagenow , $wpdb ;
2006-08-30 23:46:31 +02:00
$add_seconds_blog = get_option ( 'gmt_offset' ) * 3600 ;
2006-04-19 04:32:12 +02:00
$add_seconds_server = date ( 'Z' );
$now = current_time ( 'mysql' , 1 );
if ( ! isset ( $cache_lastcommentmodified [ $timezone ]) ) {
2006-12-07 04:57:23 +01:00
switch ( strtolower ( $timezone )) {
2006-04-19 04:32:12 +02:00
case 'gmt' :
$lastcommentmodified = $wpdb -> get_var ( " SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_date_gmt <= ' $now ' ORDER BY comment_date_gmt DESC LIMIT 1 " );
break ;
case 'blog' :
$lastcommentmodified = $wpdb -> get_var ( " SELECT comment_date FROM $wpdb->comments WHERE comment_date_gmt <= ' $now ' ORDER BY comment_date_gmt DESC LIMIT 1 " );
break ;
case 'server' :
$lastcommentmodified = $wpdb -> get_var ( " SELECT DATE_ADD(comment_date_gmt, INTERVAL ' $add_seconds_server ' SECOND) FROM $wpdb->comments WHERE comment_date_gmt <= ' $now ' ORDER BY comment_date_gmt DESC LIMIT 1 " );
break ;
}
$cache_lastcommentmodified [ $timezone ] = $lastcommentmodified ;
} else {
$lastcommentmodified = $cache_lastcommentmodified [ $timezone ];
}
return $lastcommentmodified ;
2005-09-20 05:17:43 +02:00
}
2006-12-07 04:57:23 +01:00
2006-06-22 22:52:12 +02:00
function sanitize_comment_cookies () {
if ( isset ( $_COOKIE [ 'comment_author_' . COOKIEHASH ]) ) {
$comment_author = apply_filters ( 'pre_comment_author_name' , $_COOKIE [ 'comment_author_' . COOKIEHASH ]);
$comment_author = stripslashes ( $comment_author );
2006-12-21 11:10:04 +01:00
$comment_author = attribute_escape ( $comment_author );
2006-06-22 22:52:12 +02:00
$_COOKIE [ 'comment_author_' . COOKIEHASH ] = $comment_author ;
}
if ( isset ( $_COOKIE [ 'comment_author_email_' . COOKIEHASH ]) ) {
$comment_author_email = apply_filters ( 'pre_comment_author_email' , $_COOKIE [ 'comment_author_email_' . COOKIEHASH ]);
$comment_author_email = stripslashes ( $comment_author_email );
2006-12-21 11:10:04 +01:00
$comment_author_email = attribute_escape ( $comment_author_email );
2006-06-22 22:52:12 +02:00
$_COOKIE [ 'comment_author_email_' . COOKIEHASH ] = $comment_author_email ;
}
if ( isset ( $_COOKIE [ 'comment_author_url_' . COOKIEHASH ]) ) {
$comment_author_url = apply_filters ( 'pre_comment_author_url' , $_COOKIE [ 'comment_author_url_' . COOKIEHASH ]);
$comment_author_url = stripslashes ( $comment_author_url );
2007-03-17 09:46:59 +01:00
$comment_author_url = clean_url ( $comment_author_url );
2006-06-22 22:52:12 +02:00
$_COOKIE [ 'comment_author_url_' . COOKIEHASH ] = $comment_author_url ;
}
}
2006-12-07 04:57:23 +01:00
2005-09-20 05:17:43 +02:00
function wp_allow_comment ( $commentdata ) {
global $wpdb ;
extract ( $commentdata );
// Simple duplicate check
$dupe = " SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = ' $comment_post_ID ' AND ( comment_author = ' $comment_author ' " ;
if ( $comment_author_email )
$dupe .= " OR comment_author_email = ' $comment_author_email ' " ;
$dupe .= " ) AND comment_content = ' $comment_content ' LIMIT 1 " ;
if ( $wpdb -> get_var ( $dupe ) )
2006-07-06 00:00:03 +02:00
wp_die ( __ ( 'Duplicate comment detected; it looks as though you\'ve already said that!' ) );
2005-09-20 05:17:43 +02:00
// Simple flood-protection
if ( $lasttime = $wpdb -> get_var ( " SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_author_IP = ' $comment_author_IP ' OR comment_author_email = ' $comment_author_email ' ORDER BY comment_date DESC LIMIT 1 " ) ) {
$time_lastcomment = mysql2date ( 'U' , $lasttime );
$time_newcomment = mysql2date ( 'U' , $comment_date_gmt );
2006-10-02 20:19:44 +02:00
$flood_die = apply_filters ( 'comment_flood_filter' , false , $time_lastcomment , $time_newcomment );
if ( $flood_die ) {
2005-09-20 05:17:43 +02:00
do_action ( 'comment_flood_trigger' , $time_lastcomment , $time_newcomment );
2006-10-02 20:19:44 +02:00
wp_die ( __ ( 'You are posting comments too quickly. Slow down.' ) );
2005-09-20 05:17:43 +02:00
}
}
if ( $user_id ) {
$userdata = get_userdata ( $user_id );
$user = new WP_User ( $user_id );
$post_author = $wpdb -> get_var ( " SELECT post_author FROM $wpdb->posts WHERE ID = ' $comment_post_ID ' LIMIT 1 " );
}
if ( $userdata && ( $user_id == $post_author || $user -> has_cap ( 'level_9' ) ) ) {
2006-12-07 04:57:23 +01:00
// The author and the admins get respect.
2005-09-20 05:17:43 +02:00
$approved = 1 ;
2006-12-07 04:57:23 +01:00
} else {
// Everyone else's comments will be checked.
2005-09-20 05:17:43 +02:00
if ( check_comment ( $comment_author , $comment_author_email , $comment_author_url , $comment_content , $comment_author_IP , $comment_agent , $comment_type ) )
$approved = 1 ;
else
$approved = 0 ;
if ( wp_blacklist_check ( $comment_author , $comment_author_email , $comment_author_url , $comment_content , $comment_author_IP , $comment_agent ) )
$approved = 'spam' ;
}
$approved = apply_filters ( 'pre_comment_approved' , $approved );
return $approved ;
}
2006-12-07 04:57:23 +01:00
2006-06-08 01:17:59 +02:00
function wp_blacklist_check ( $author , $email , $url , $comment , $user_ip , $user_agent ) {
global $wpdb ;
do_action ( 'wp_blacklist_check' , $author , $email , $url , $comment , $user_ip , $user_agent );
if ( preg_match_all ( '/&#(\d+);/' , $comment . $author . $url , $chars ) ) {
2006-12-07 04:57:23 +01:00
foreach ( ( array ) $chars [ 1 ] as $char ) {
2006-06-08 01:17:59 +02:00
// If it's an encoded char in the normal ASCII set, reject
if ( 38 == $char )
continue ; // Unless it's &
2006-12-07 04:57:23 +01:00
if ( $char < 128 )
2006-06-08 01:17:59 +02:00
return true ;
}
}
2006-08-30 23:46:31 +02:00
$mod_keys = trim ( get_option ( 'blacklist_keys' ) );
2006-12-07 04:57:23 +01:00
if ( '' == $mod_keys )
2006-06-08 01:17:59 +02:00
return false ; // If moderation keys are empty
$words = explode ( " \n " , $mod_keys );
2006-12-07 04:57:23 +01:00
foreach ( ( array ) $words as $word ) {
2006-06-08 01:17:59 +02:00
$word = trim ( $word );
// Skip empty lines
if ( empty ( $word ) ) { continue ; }
2006-11-19 08:56:05 +01:00
// Do some escaping magic so that '#' chars in the
2006-06-08 01:17:59 +02:00
// spam words don't break things:
$word = preg_quote ( $word , '#' );
2006-11-19 08:56:05 +01:00
$pattern = " # $word #i " ;
2006-12-07 04:57:23 +01:00
if (
preg_match ( $pattern , $author )
|| preg_match ( $pattern , $email )
|| preg_match ( $pattern , $url )
|| preg_match ( $pattern , $comment )
|| preg_match ( $pattern , $user_ip )
|| preg_match ( $pattern , $user_agent )
)
return true ;
2006-06-08 01:17:59 +02:00
}
return false ;
}
2006-12-07 04:57:23 +01:00
2005-11-16 07:29:36 +01:00
function wp_delete_comment ( $comment_id ) {
global $wpdb ;
do_action ( 'delete_comment' , $comment_id );
$comment = get_comment ( $comment_id );
if ( ! $wpdb -> query ( " DELETE FROM $wpdb->comments WHERE comment_ID=' $comment_id ' LIMIT 1 " ) )
return false ;
$post_id = $comment -> comment_post_ID ;
2005-12-05 06:31:27 +01:00
if ( $post_id && $comment -> comment_approved == 1 )
2006-06-19 19:17:52 +02:00
wp_update_comment_count ( $post_id );
2005-11-16 07:29:36 +01:00
do_action ( 'wp_set_comment_status' , $comment_id , 'delete' );
return true ;
2005-09-20 05:17:43 +02:00
}
2006-12-07 04:57:23 +01:00
2006-04-19 04:32:12 +02:00
function wp_get_comment_status ( $comment_id ) {
global $wpdb ;
2006-02-12 08:53:23 +01:00
2006-04-19 04:32:12 +02:00
$result = $wpdb -> get_var ( " SELECT comment_approved FROM $wpdb->comments WHERE comment_ID=' $comment_id ' LIMIT 1 " );
2006-12-07 04:57:23 +01:00
if ( $result == NULL )
2006-04-19 04:32:12 +02:00
return 'deleted' ;
2006-12-07 04:57:23 +01:00
elseif ( $result == '1' )
2006-04-19 04:32:12 +02:00
return 'approved' ;
2006-12-07 04:57:23 +01:00
elseif ( $result == '0' )
2006-04-19 04:32:12 +02:00
return 'unapproved' ;
2006-12-07 04:57:23 +01:00
elseif ( $result == 'spam' )
2006-04-19 04:32:12 +02:00
return 'spam' ;
2006-12-07 04:57:23 +01:00
else
2006-04-19 04:32:12 +02:00
return false ;
2004-12-16 03:57:05 +01:00
}
2006-12-07 04:57:23 +01:00
2006-06-22 22:52:12 +02:00
function wp_get_current_commenter () {
// Cookies should already be sanitized.
$comment_author = '' ;
if ( isset ( $_COOKIE [ 'comment_author_' . COOKIEHASH ]) )
$comment_author = $_COOKIE [ 'comment_author_' . COOKIEHASH ];
$comment_author_email = '' ;
if ( isset ( $_COOKIE [ 'comment_author_email_' . COOKIEHASH ]) )
$comment_author_email = $_COOKIE [ 'comment_author_email_' . COOKIEHASH ];
$comment_author_url = '' ;
if ( isset ( $_COOKIE [ 'comment_author_url_' . COOKIEHASH ]) )
$comment_author_url = $_COOKIE [ 'comment_author_url_' . COOKIEHASH ];
return compact ( 'comment_author' , 'comment_author_email' , 'comment_author_url' );
}
2006-12-07 04:57:23 +01:00
2006-04-19 04:32:12 +02:00
function wp_insert_comment ( $commentdata ) {
global $wpdb ;
extract ( $commentdata );
2004-12-16 03:57:05 +01:00
2006-04-19 04:32:12 +02:00
if ( ! isset ( $comment_author_IP ) )
2006-07-06 02:04:24 +02:00
$comment_author_IP = preg_replace ( '/[^0-9., ]/' , '' , $_SERVER [ 'REMOTE_ADDR' ] );
2006-04-19 04:32:12 +02:00
if ( ! isset ( $comment_date ) )
$comment_date = current_time ( 'mysql' );
if ( ! isset ( $comment_date_gmt ) )
2007-01-09 09:22:28 +01:00
$comment_date_gmt = get_gmt_from_date ( $comment_date );
2006-04-19 04:32:12 +02:00
if ( ! isset ( $comment_parent ) )
$comment_parent = 0 ;
if ( ! isset ( $comment_approved ) )
$comment_approved = 1 ;
if ( ! isset ( $user_id ) )
$user_id = 0 ;
2004-12-16 03:57:05 +01:00
2006-11-19 08:56:05 +01:00
$result = $wpdb -> query ( " INSERT INTO $wpdb->comments
2006-04-19 04:32:12 +02:00
( comment_post_ID , comment_author , comment_author_email , comment_author_url , comment_author_IP , comment_date , comment_date_gmt , comment_content , comment_approved , comment_agent , comment_type , comment_parent , user_id )
2006-11-19 08:56:05 +01:00
VALUES
2006-04-19 04:32:12 +02:00
( '$comment_post_ID' , '$comment_author' , '$comment_author_email' , '$comment_author_url' , '$comment_author_IP' , '$comment_date' , '$comment_date_gmt' , '$comment_content' , '$comment_approved' , '$comment_agent' , '$comment_type' , '$comment_parent' , '$user_id' )
" );
2004-12-16 03:57:05 +01:00
2007-03-23 01:59:21 +01:00
$id = ( int ) $wpdb -> insert_id ;
2004-12-16 03:57:05 +01:00
2006-06-19 19:17:52 +02:00
if ( $comment_approved == 1 )
wp_update_comment_count ( $comment_post_ID );
2006-04-19 04:32:12 +02:00
return $id ;
2004-12-16 03:57:05 +01:00
}
2006-12-07 04:57:23 +01:00
2006-04-19 04:32:12 +02:00
function wp_filter_comment ( $commentdata ) {
$commentdata [ 'user_id' ] = apply_filters ( 'pre_user_id' , $commentdata [ 'user_ID' ]);
$commentdata [ 'comment_agent' ] = apply_filters ( 'pre_comment_user_agent' , $commentdata [ 'comment_agent' ]);
$commentdata [ 'comment_author' ] = apply_filters ( 'pre_comment_author_name' , $commentdata [ 'comment_author' ]);
$commentdata [ 'comment_content' ] = apply_filters ( 'pre_comment_content' , $commentdata [ 'comment_content' ]);
$commentdata [ 'comment_author_IP' ] = apply_filters ( 'pre_comment_user_ip' , $commentdata [ 'comment_author_IP' ]);
$commentdata [ 'comment_author_url' ] = apply_filters ( 'pre_comment_author_url' , $commentdata [ 'comment_author_url' ]);
$commentdata [ 'comment_author_email' ] = apply_filters ( 'pre_comment_author_email' , $commentdata [ 'comment_author_email' ]);
$commentdata [ 'filtered' ] = true ;
return $commentdata ;
2004-12-16 03:57:05 +01:00
}
2006-12-07 04:57:23 +01:00
2006-10-02 20:19:44 +02:00
function wp_throttle_comment_flood ( $block , $time_lastcomment , $time_newcomment ) {
if ( $block ) // a plugin has already blocked... we'll let that decision stand
return $block ;
if ( ( $time_newcomment - $time_lastcomment ) < 15 )
return true ;
return false ;
}
2006-12-07 04:57:23 +01:00
2006-04-19 04:32:12 +02:00
function wp_new_comment ( $commentdata ) {
$commentdata = apply_filters ( 'preprocess_comment' , $commentdata );
2005-01-24 11:13:28 +01:00
2006-04-19 04:32:12 +02:00
$commentdata [ 'comment_post_ID' ] = ( int ) $commentdata [ 'comment_post_ID' ];
$commentdata [ 'user_ID' ] = ( int ) $commentdata [ 'user_ID' ];
2005-01-24 11:13:28 +01:00
2006-07-06 02:04:24 +02:00
$commentdata [ 'comment_author_IP' ] = preg_replace ( '/[^0-9., ]/' , '' , $_SERVER [ 'REMOTE_ADDR' ] );
2006-04-19 04:32:12 +02:00
$commentdata [ 'comment_agent' ] = $_SERVER [ 'HTTP_USER_AGENT' ];
2004-12-16 03:57:05 +01:00
2006-04-19 04:32:12 +02:00
$commentdata [ 'comment_date' ] = current_time ( 'mysql' );
$commentdata [ 'comment_date_gmt' ] = current_time ( 'mysql' , 1 );
2004-12-16 03:57:05 +01:00
2006-04-19 04:32:12 +02:00
$commentdata = wp_filter_comment ( $commentdata );
2004-12-16 03:57:05 +01:00
2006-04-19 04:32:12 +02:00
$commentdata [ 'comment_approved' ] = wp_allow_comment ( $commentdata );
2004-12-16 03:57:05 +01:00
2007-03-23 03:05:29 +01:00
$comment_ID = wp_insert_comment ( $commentdata );
2004-12-16 03:57:05 +01:00
2006-04-19 04:32:12 +02:00
do_action ( 'comment_post' , $comment_ID , $commentdata [ 'comment_approved' ]);
2004-12-16 03:57:05 +01:00
2006-04-19 04:32:12 +02:00
if ( 'spam' !== $commentdata [ 'comment_approved' ] ) { // If it's spam save it silently for later crunching
if ( '0' == $commentdata [ 'comment_approved' ] )
wp_notify_moderator ( $comment_ID );
2004-12-16 03:57:05 +01:00
2006-04-19 04:32:12 +02:00
$post = & get_post ( $commentdata [ 'comment_post_ID' ]); // Don't notify if it's your own comment
2004-12-16 03:57:05 +01:00
2006-08-30 23:46:31 +02:00
if ( get_option ( 'comments_notify' ) && $commentdata [ 'comment_approved' ] && $post -> post_author != $commentdata [ 'user_ID' ] )
2006-04-19 04:32:12 +02:00
wp_notify_postauthor ( $comment_ID , $commentdata [ 'comment_type' ]);
}
2004-12-16 03:57:05 +01:00
2006-04-19 04:32:12 +02:00
return $comment_ID ;
2004-12-16 03:57:05 +01:00
}
2006-12-07 04:57:23 +01:00
2006-04-19 04:32:12 +02:00
function wp_set_comment_status ( $comment_id , $comment_status ) {
2006-12-07 04:57:23 +01:00
global $wpdb ;
2004-12-16 03:57:05 +01:00
2006-12-07 04:57:23 +01:00
switch ( $comment_status ) {
2006-04-19 04:32:12 +02:00
case 'hold' :
$query = " UPDATE $wpdb->comments SET comment_approved='0' WHERE comment_ID=' $comment_id ' LIMIT 1 " ;
2006-12-07 04:57:23 +01:00
break ;
2006-04-19 04:32:12 +02:00
case 'approve' :
$query = " UPDATE $wpdb->comments SET comment_approved='1' WHERE comment_ID=' $comment_id ' LIMIT 1 " ;
2006-12-07 04:57:23 +01:00
break ;
2006-11-19 08:56:05 +01:00
case 'spam' :
$query = " UPDATE $wpdb->comments SET comment_approved='spam' WHERE comment_ID=' $comment_id ' LIMIT 1 " ;
2006-12-07 04:57:23 +01:00
break ;
2006-04-19 04:32:12 +02:00
case 'delete' :
return wp_delete_comment ( $comment_id );
2006-12-07 04:57:23 +01:00
break ;
2006-04-19 04:32:12 +02:00
default :
return false ;
2006-12-07 04:57:23 +01:00
}
2006-11-19 08:56:05 +01:00
2006-12-08 08:35:45 +01:00
if ( ! $wpdb -> query ( $query ) )
2006-04-19 04:32:12 +02:00
return false ;
2006-12-08 08:35:45 +01:00
do_action ( 'wp_set_comment_status' , $comment_id , $comment_status );
$comment = get_comment ( $comment_id );
wp_update_comment_count ( $comment -> comment_post_ID );
return true ;
2004-12-16 03:57:05 +01:00
}
2006-12-07 04:57:23 +01:00
2006-04-19 04:32:12 +02:00
function wp_update_comment ( $commentarr ) {
global $wpdb ;
2004-12-16 03:57:05 +01:00
2006-04-19 04:32:12 +02:00
// First, get all of the original fields
$comment = get_comment ( $commentarr [ 'comment_ID' ], ARRAY_A );
2004-12-16 03:57:05 +01:00
2006-04-19 04:32:12 +02:00
// Escape data pulled from DB.
2006-12-07 04:57:23 +01:00
foreach ( ( array ) $comment as $key => $value )
2006-04-19 04:32:12 +02:00
$comment [ $key ] = $wpdb -> escape ( $value );
2004-12-16 03:57:05 +01:00
2006-04-19 04:32:12 +02:00
// Merge old and new fields with new fields overwriting old ones.
$commentarr = array_merge ( $comment , $commentarr );
2004-12-16 04:08:07 +01:00
2006-04-19 04:32:12 +02:00
$commentarr = wp_filter_comment ( $commentarr );
2004-12-16 03:57:05 +01:00
2006-04-19 04:32:12 +02:00
// Now extract the merged array.
extract ( $commentarr );
2004-12-16 03:57:05 +01:00
2006-04-19 04:32:12 +02:00
$comment_content = apply_filters ( 'comment_save_pre' , $comment_content );
2004-12-16 03:57:05 +01:00
2007-01-09 09:22:28 +01:00
$comment_date_gmt = get_gmt_from_date ( $comment_date );
2006-04-19 04:32:12 +02:00
$result = $wpdb -> query (
" UPDATE $wpdb->comments SET
2006-12-07 04:57:23 +01:00
comment_content = '$comment_content' ,
comment_author = '$comment_author' ,
2006-04-19 04:32:12 +02:00
comment_author_email = '$comment_author_email' ,
2006-12-07 04:57:23 +01:00
comment_approved = '$comment_approved' ,
comment_author_url = '$comment_author_url' ,
2007-01-09 09:22:28 +01:00
comment_date = '$comment_date' ,
comment_date_gmt = '$comment_date_gmt'
2006-04-19 04:32:12 +02:00
WHERE comment_ID = $comment_ID " );
2004-12-16 03:57:05 +01:00
2006-04-19 04:32:12 +02:00
$rval = $wpdb -> rows_affected ;
2006-06-19 19:17:52 +02:00
wp_update_comment_count ( $comment_post_ID );
2006-04-19 04:32:12 +02:00
do_action ( 'edit_comment' , $comment_ID );
return $rval ;
2004-12-16 03:57:05 +01:00
}
2006-12-07 04:57:23 +01:00
2006-06-19 19:17:52 +02:00
function wp_update_comment_count ( $post_id ) {
global $wpdb , $comment_count_cache ;
$post_id = ( int ) $post_id ;
if ( ! $post_id )
return false ;
$count = $wpdb -> get_var ( " SELECT COUNT(*) FROM $wpdb->comments WHERE comment_post_ID = ' $post_id ' AND comment_approved = '1' " );
$wpdb -> query ( " UPDATE $wpdb->posts SET comment_count = $count WHERE ID = ' $post_id ' " );
$comment_count_cache [ $post_id ] = $count ;
2006-12-08 08:35:45 +01:00
$post = get_post ( $post_id );
if ( 'page' == $post -> post_type )
clean_page_cache ( $post_id );
else
clean_post_cache ( $post_id );
do_action ( 'edit_post' , $post_id );
2006-06-19 19:17:52 +02:00
return true ;
}
2006-12-07 04:57:23 +01:00
2006-06-22 21:44:36 +02:00
//
// Ping and trackback functions.
//
2004-12-16 03:57:05 +01:00
function discover_pingback_server_uri ( $url , $timeout_bytes = 2048 ) {
2005-04-26 07:51:25 +02:00
global $wp_version ;
2004-12-16 03:57:05 +01:00
$byte_count = 0 ;
$contents = '' ;
$headers = '' ;
$pingback_str_dquote = 'rel="pingback"' ;
$pingback_str_squote = 'rel=\'pingback\'' ;
$x_pingback_str = 'x-pingback: ' ;
$pingback_href_original_pos = 27 ;
extract ( parse_url ( $url ));
2006-12-07 04:57:23 +01:00
if ( ! isset ( $host ) ) // Not an URL. This should never happen.
2004-12-16 03:57:05 +01:00
return false ;
2006-12-07 04:57:23 +01:00
$path = ( ! isset ( $path ) ) ? '/' : $path ;
$path .= ( isset ( $query ) ) ? '?' . $query : '' ;
$port = ( isset ( $port ) ) ? $port : 80 ;
2004-12-16 03:57:05 +01:00
// Try to connect to the server at $host
$fp = @ fsockopen ( $host , $port , $errno , $errstr , 2 );
2006-12-07 04:57:23 +01:00
if ( ! $fp ) // Couldn't open a connection to $host
2004-12-16 03:57:05 +01:00
return false ;
// Send the GET request
2005-10-10 18:36:54 +02:00
$request = " GET $path HTTP/1.1 \r \n Host: $host\r\nUser -Agent: WordPress/ $wp_version \r \n \r \n " ;
2006-12-07 04:57:23 +01:00
// ob_end_flush();
2004-12-16 03:57:05 +01:00
fputs ( $fp , $request );
// Let's check for an X-Pingback header first
2006-12-07 04:57:23 +01:00
while ( ! feof ( $fp ) ) {
2004-12-16 03:57:05 +01:00
$line = fgets ( $fp , 512 );
2006-12-07 04:57:23 +01:00
if ( trim ( $line ) == '' )
2004-12-16 03:57:05 +01:00
break ;
$headers .= trim ( $line ) . " \n " ;
$x_pingback_header_offset = strpos ( strtolower ( $headers ), $x_pingback_str );
2006-12-07 04:57:23 +01:00
if ( $x_pingback_header_offset ) {
2004-12-16 03:57:05 +01:00
// We got it!
preg_match ( '#x-pingback: (.+)#is' , $headers , $matches );
$pingback_server_url = trim ( $matches [ 1 ]);
return $pingback_server_url ;
}
2006-12-07 04:57:23 +01:00
if ( strpos ( strtolower ( $headers ), 'content-type: ' ) ) {
2004-12-16 03:57:05 +01:00
preg_match ( '#content-type: (.+)#is' , $headers , $matches );
$content_type = trim ( $matches [ 1 ]);
}
}
2006-12-07 04:57:23 +01:00
if ( preg_match ( '#(image|audio|video|model)/#is' , $content_type ) ) // Not an (x)html, sgml, or xml page, no use going further
2004-12-16 03:57:05 +01:00
return false ;
2006-12-07 04:57:23 +01:00
while ( ! feof ( $fp ) ) {
2004-12-16 03:57:05 +01:00
$line = fgets ( $fp , 1024 );
$contents .= trim ( $line );
$pingback_link_offset_dquote = strpos ( $contents , $pingback_str_dquote );
$pingback_link_offset_squote = strpos ( $contents , $pingback_str_squote );
2006-12-07 04:57:23 +01:00
if ( $pingback_link_offset_dquote || $pingback_link_offset_squote ) {
2004-12-16 03:57:05 +01:00
$quote = ( $pingback_link_offset_dquote ) ? '"' : '\'' ;
$pingback_link_offset = ( $quote == '"' ) ? $pingback_link_offset_dquote : $pingback_link_offset_squote ;
$pingback_href_pos = @ strpos ( $contents , 'href=' , $pingback_link_offset );
$pingback_href_start = $pingback_href_pos + 6 ;
$pingback_href_end = @ strpos ( $contents , $quote , $pingback_href_start );
$pingback_server_url_len = $pingback_href_end - $pingback_href_start ;
$pingback_server_url = substr ( $contents , $pingback_href_start , $pingback_server_url_len );
2006-08-30 18:40:17 +02:00
// We may find rel="pingback" but an incomplete pingback URL
2006-12-07 04:57:23 +01:00
if ( $pingback_server_url_len > 0 ) // We got it!
2004-12-16 03:57:05 +01:00
return $pingback_server_url ;
}
$byte_count += strlen ( $line );
2006-12-07 04:57:23 +01:00
if ( $byte_count > $timeout_bytes ) {
2004-12-16 03:57:05 +01:00
// It's no use going further, there probably isn't any pingback
// server to find in this file. (Prevents loading large files.)
return false ;
}
}
// We didn't find anything.
return false ;
}
2006-12-07 04:57:23 +01:00
2006-06-22 21:44:36 +02:00
function do_all_pings () {
global $wpdb ;
// Do pingbacks
while ( $ping = $wpdb -> get_row ( " SELECT * FROM { $wpdb -> posts } , { $wpdb -> postmeta } WHERE { $wpdb -> posts } .ID = { $wpdb -> postmeta } .post_id AND { $wpdb -> postmeta } .meta_key = '_pingme' LIMIT 1 " )) {
$wpdb -> query ( " DELETE FROM { $wpdb -> postmeta } WHERE post_id = { $ping -> ID } AND meta_key = '_pingme'; " );
pingback ( $ping -> post_content , $ping -> ID );
2006-02-12 08:53:23 +01:00
}
2006-11-19 08:56:05 +01:00
2006-06-22 21:44:36 +02:00
// Do Enclosures
while ( $enclosure = $wpdb -> get_row ( " SELECT * FROM { $wpdb -> posts } , { $wpdb -> postmeta } WHERE { $wpdb -> posts } .ID = { $wpdb -> postmeta } .post_id AND { $wpdb -> postmeta } .meta_key = '_encloseme' LIMIT 1 " )) {
$wpdb -> query ( " DELETE FROM { $wpdb -> postmeta } WHERE post_id = { $enclosure -> ID } AND meta_key = '_encloseme'; " );
do_enclose ( $enclosure -> post_content , $enclosure -> ID );
}
// Do Trackbacks
$trackbacks = $wpdb -> get_results ( " SELECT ID FROM $wpdb->posts WHERE CHAR_LENGTH(TRIM(to_ping)) > 7 AND post_status = 'publish' " );
if ( is_array ( $trackbacks ) ) {
2006-12-07 04:57:23 +01:00
foreach ( $trackbacks as $trackback )
2006-06-22 21:44:36 +02:00
do_trackbacks ( $trackback -> ID );
}
//Do Update Services/Generic Pings
generic_ping ();
}
function do_trackbacks ( $post_id ) {
global $wpdb ;
$post = $wpdb -> get_row ( " SELECT * FROM $wpdb->posts WHERE ID = $post_id " );
$to_ping = get_to_ping ( $post_id );
$pinged = get_pung ( $post_id );
if ( empty ( $to_ping ) ) {
$wpdb -> query ( " UPDATE $wpdb->posts SET to_ping = '' WHERE ID = ' $post_id ' " );
return ;
}
2006-12-07 04:57:23 +01:00
if ( empty ( $post -> post_excerpt ) )
2006-06-22 21:44:36 +02:00
$excerpt = apply_filters ( 'the_content' , $post -> post_content );
else
$excerpt = apply_filters ( 'the_excerpt' , $post -> post_excerpt );
$excerpt = str_replace ( ']]>' , ']]>' , $excerpt );
$excerpt = strip_tags ( $excerpt );
if ( function_exists ( 'mb_strcut' ) ) // For international trackbacks
2006-08-30 23:46:31 +02:00
$excerpt = mb_strcut ( $excerpt , 0 , 252 , get_option ( 'blog_charset' )) . '...' ;
2006-06-22 21:44:36 +02:00
else
$excerpt = substr ( $excerpt , 0 , 252 ) . '...' ;
$post_title = apply_filters ( 'the_title' , $post -> post_title );
$post_title = strip_tags ( $post_title );
2006-12-07 04:57:23 +01:00
if ( $to_ping ) {
foreach ( ( array ) $to_ping as $tb_ping ) {
$tb_ping = trim ( $tb_ping );
if ( ! in_array ( $tb_ping , $pinged ) ) {
trackback ( $tb_ping , $post_title , $excerpt , $post_id );
$pinged [] = $tb_ping ;
} else {
$wpdb -> query ( " UPDATE $wpdb->posts SET to_ping = TRIM(REPLACE(to_ping, ' $tb_ping ', '')) WHERE ID = ' $post_id ' " );
}
2006-06-22 21:44:36 +02:00
}
2006-12-07 04:57:23 +01:00
}
2006-06-22 21:44:36 +02:00
}
2006-12-07 04:57:23 +01:00
2006-06-22 21:44:36 +02:00
function generic_ping ( $post_id = 0 ) {
2006-08-30 23:46:31 +02:00
$services = get_option ( 'ping_sites' );
2006-06-22 21:44:36 +02:00
$services = preg_replace ( " |( \ s)+| " , '$1' , $services ); // Kill dupe lines
$services = trim ( $services );
if ( '' != $services ) {
$services = explode ( " \n " , $services );
2006-12-07 04:57:23 +01:00
foreach ( ( array ) $services as $service )
2006-06-22 21:44:36 +02:00
weblog_ping ( $service );
}
return $post_id ;
}
2006-12-07 04:57:23 +01:00
2006-06-22 21:44:36 +02:00
function pingback ( $content , $post_ID ) {
global $wp_version , $wpdb ;
2006-12-07 04:57:23 +01:00
include_once ( ABSPATH . WPINC . '/class-IXR.php' );
2006-06-22 21:44:36 +02:00
// original code by Mort (http://mort.mine.nu:8080)
$log = debug_fopen ( ABSPATH . '/pingback.log' , 'a' );
$post_links = array ();
2006-12-07 04:57:23 +01:00
debug_fwrite ( $log , 'BEGIN ' . date ( 'YmdHis' , time ()) . " \n " );
2006-06-22 21:44:36 +02:00
$pung = get_pung ( $post_ID );
// Variables
$ltrs = '\w' ;
$gunk = '/#~:.?+=&%@!\-' ;
$punc = '.:?\-' ;
$any = $ltrs . $gunk . $punc ;
// Step 1
// Parsing the post, external links (if any) are stored in the $post_links array
// This regexp comes straight from phpfreaks.com
// http://www.phpfreaks.com/quickcode/Extract_All_URLs_on_a_Page/15.php
preg_match_all ( " { \ b http : [ $any ] +? (?= [ $punc ] * [^ $any ] | $ )}x " , $content , $post_links_temp );
// Debug
debug_fwrite ( $log , 'Post contents:' );
debug_fwrite ( $log , $content . " \n " );
// Step 2.
// Walking thru the links array
// first we get rid of links pointing to sites, not to specific files
// Example:
// http://dummy-weblog.org
// http://dummy-weblog.org/
// http://dummy-weblog.org/post.php
// We don't wanna ping first and second types, even if they have a valid <link/>
2006-12-07 04:57:23 +01:00
foreach ( $post_links_temp [ 0 ] as $link_test ) :
2006-06-22 21:44:36 +02:00
if ( ! in_array ( $link_test , $pung ) && ( url_to_postid ( $link_test ) != $post_ID ) // If we haven't pung it already and it isn't a link to itself
&& ! is_local_attachment ( $link_test ) ) : // Also, let's never ping local attachments.
$test = parse_url ( $link_test );
2006-12-07 04:57:23 +01:00
if ( isset ( $test [ 'query' ]) )
2006-06-22 21:44:36 +02:00
$post_links [] = $link_test ;
2006-12-07 04:57:23 +01:00
elseif ( ( $test [ 'path' ] != '/' ) && ( $test [ 'path' ] != '' ) )
2006-06-22 21:44:36 +02:00
$post_links [] = $link_test ;
endif ;
endforeach ;
2006-12-07 04:57:23 +01:00
do_action_ref_array ( 'pre_ping' , array ( & $post_links , & $pung ));
2006-06-22 21:44:36 +02:00
2006-12-07 04:57:23 +01:00
foreach ( ( array ) $post_links as $pagelinkedto ) {
2006-06-22 21:44:36 +02:00
debug_fwrite ( $log , " Processing -- $pagelinkedto\n " );
$pingback_server_url = discover_pingback_server_uri ( $pagelinkedto , 2048 );
2006-12-07 04:57:23 +01:00
if ( $pingback_server_url ) {
2006-11-19 08:56:05 +01:00
@ set_time_limit ( 60 );
2006-06-22 21:44:36 +02:00
// Now, the RPC call
debug_fwrite ( $log , " Page Linked To: $pagelinkedto \n " );
debug_fwrite ( $log , 'Page Linked From: ' );
$pagelinkedfrom = get_permalink ( $post_ID );
debug_fwrite ( $log , $pagelinkedfrom . " \n " );
// using a timeout of 3 seconds should be enough to cover slow servers
$client = new IXR_Client ( $pingback_server_url );
$client -> timeout = 3 ;
$client -> useragent .= ' -- WordPress/' . $wp_version ;
// when set to true, this outputs debug messages by itself
$client -> debug = false ;
if ( $client -> query ( 'pingback.ping' , $pagelinkedfrom , $pagelinkedto ) )
add_ping ( $post_ID , $pagelinkedto );
else
debug_fwrite ( $log , " Error. \n Fault code: " . $client -> getErrorCode () . " : " . $client -> getErrorMessage () . " \n " );
}
}
debug_fwrite ( $log , " \n END: " . time () . " \n **************************** \n " );
debug_fclose ( $log );
}
2006-12-07 04:57:23 +01:00
function privacy_ping_filter ( $sites ) {
2006-06-22 21:44:36 +02:00
if ( '0' != get_option ( 'blog_public' ) )
return $sites ;
else
return '' ;
}
// Send a Trackback
function trackback ( $trackback_url , $title , $excerpt , $ID ) {
global $wpdb , $wp_version ;
if ( empty ( $trackback_url ) )
return ;
$title = urlencode ( $title );
$excerpt = urlencode ( $excerpt );
2006-08-30 23:46:31 +02:00
$blog_name = urlencode ( get_option ( 'blogname' ));
2006-06-22 21:44:36 +02:00
$tb_url = $trackback_url ;
$url = urlencode ( get_permalink ( $ID ));
$query_string = " title= $title &url= $url &blog_name= $blog_name &excerpt= $excerpt " ;
$trackback_url = parse_url ( $trackback_url );
$http_request = 'POST ' . $trackback_url [ 'path' ] . ( $trackback_url [ 'query' ] ? '?' . $trackback_url [ 'query' ] : '' ) . " HTTP/1.0 \r \n " ;
$http_request .= 'Host: ' . $trackback_url [ 'host' ] . " \r \n " ;
2006-08-30 23:46:31 +02:00
$http_request .= 'Content-Type: application/x-www-form-urlencoded; charset=' . get_option ( 'blog_charset' ) . " \r \n " ;
2006-06-22 21:44:36 +02:00
$http_request .= 'Content-Length: ' . strlen ( $query_string ) . " \r \n " ;
$http_request .= " User-Agent: WordPress/ " . $wp_version ;
$http_request .= " \r \n \r \n " ;
$http_request .= $query_string ;
if ( '' == $trackback_url [ 'port' ] )
$trackback_url [ 'port' ] = 80 ;
$fs = @ fsockopen ( $trackback_url [ 'host' ], $trackback_url [ 'port' ], $errno , $errstr , 4 );
@ fputs ( $fs , $http_request );
/*
$debug_file = 'trackback.log' ;
$fp = fopen ( $debug_file , 'a' );
fwrite ( $fp , " \n ***** \n Request: \n \n $http_request\n\nResponse : \n \n " );
while ( !@ feof ( $fs )) {
fwrite ( $fp , @ fgets ( $fs , 4096 ));
}
fwrite ( $fp , " \n \n " );
fclose ( $fp );
*/
@ fclose ( $fs );
$tb_url = addslashes ( $tb_url );
$wpdb -> query ( " UPDATE $wpdb->posts SET pinged = CONCAT(pinged, ' \n ', ' $tb_url ') WHERE ID = ' $ID ' " );
return $wpdb -> query ( " UPDATE $wpdb->posts SET to_ping = TRIM(REPLACE(to_ping, ' $tb_url ', '')) WHERE ID = ' $ID ' " );
}
2006-12-07 04:57:23 +01:00
2006-06-22 21:44:36 +02:00
function weblog_ping ( $server = '' , $path = '' ) {
global $wp_version ;
2006-12-07 04:57:23 +01:00
include_once ( ABSPATH . WPINC . '/class-IXR.php' );
2006-06-22 21:44:36 +02:00
// using a timeout of 3 seconds should be enough to cover slow servers
$client = new IXR_Client ( $server , (( ! strlen ( trim ( $path )) || ( '/' == $path )) ? false : $path ));
$client -> timeout = 3 ;
$client -> useragent .= ' -- WordPress/' . $wp_version ;
// when set to true, this outputs debug messages by itself
$client -> debug = false ;
$home = trailingslashit ( get_option ( 'home' ) );
2006-08-30 23:46:31 +02:00
if ( ! $client -> query ( 'weblogUpdates.extendedPing' , get_option ( 'blogname' ), $home , get_bloginfo ( 'rss2_url' ) ) ) // then try a normal ping
$client -> query ( 'weblogUpdates.ping' , get_option ( 'blogname' ), $home );
2005-11-18 10:25:47 +01:00
}
2004-12-16 03:57:05 +01:00
2007-01-09 09:22:28 +01:00
?>