Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Cleaning up comment moderation and the comment code in general. More to do tomorrow with regards to wp-moderation.php. 

git-svn-id: http://svn.automattic.com/wordpress/trunk@549 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
saxmatt 2003-11-15 08:58:18 +00:00
parent 8f40eb47c0
commit 0f866d5c72
9 changed files with 202 additions and 448 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
b2-include/b2functions.php
View File

@ -64,7 +64,7 @@ function wptexturize($text) {
return $output;
}
function wpautop($pee, $br=1) {
function wpautop($pee, $br = 1) {
$pee = $pee . "\n"; // just to make things a little easier, pad the end
$pee = preg_replace('|<br />\s*<br />|', "\n\n", $pee);
$pee = preg_replace('!(<(?:table|ul|ol|li|pre|form|blockquote|h[1-6])[^>]*>)!', "\n$1", $pee); // Space things out a little
@ -171,6 +171,18 @@ function mysql2date($dateformatstring, $mysqlstring, $use_b2configmonthsdays = 1
return $j;
}
function current_time($type) {
$time_difference = get_settings('time_difference');
switch ($type) {
case 'mysql':
return date('Y-m-d H:i:s', (time() + ($time_difference * 3600) ) );
break;
case 'timestamp':
return (time() + ($time_difference * 3600) );
break;
}
}
function addslashes_gpc($gpc) {
if (!get_magic_quotes_gpc()) {
$gpc = addslashes($gpc);
@ -1394,23 +1406,23 @@ function wp_set_comment_status($comment_id, $comment_status) {
global $wpdb, $tablecomments;
switch($comment_status) {
case 'hold':
$query = "UPDATE $tablecomments SET comment_approved='0' WHERE comment_ID='$comment_id' LIMIT 1";
break;
case 'approve':
$query = "UPDATE $tablecomments SET comment_approved='1' WHERE comment_ID='$comment_id' LIMIT 1";
break;
case 'delete':
$query = "DELETE FROM $tablecomments WHERE comment_ID='$comment_id' LIMIT 1";
break;
default:
return false;
case 'hold':
$query = "UPDATE $tablecomments SET comment_approved='0' WHERE comment_ID='$comment_id' LIMIT 1";
break;
case 'approve':
$query = "UPDATE $tablecomments SET comment_approved='1' WHERE comment_ID='$comment_id' LIMIT 1";
break;
case 'delete':
$query = "DELETE FROM $tablecomments WHERE comment_ID='$comment_id' LIMIT 1";
break;
default:
return false;
}
if ($wpdb->query($query)) {
return true;
return true;
} else {
return false;
return false;
}
}

38
b2comments.php
View File

@ -19,32 +19,29 @@
<!-- You can start editing here. -->
<h2>Comments</h2>
<h2 id="comments">Comments</h2>
<p><a href="<?php echo $siteurl; ?>/wp-commentsrss2.php?p=<?php echo $id; ?>">RSS feed for comments on this post.</a></p>
<p><a href="<?php echo $siteurl; ?>/wp-commentsrss2.php?p=<?php echo $id; ?>"><abbr title="Really Simple Syndication">RSS</abbr> feed for comments on this post.</a></p>
<?php if ('open' == $post->ping_status) { ?>
<p>The <acronym title="Uniform Resource Identifier">URI</acronym> to TrackBack this entry is: <em><?php trackback_url() ?></em></p>
<?php } ?>
<ol id="comments">
<?php
// this line is WordPress' motor, do not delete it.
if ($comments) {
foreach ($comments as $comment) {
?>
<li id="comment-<?php comment_ID() ?>">
<?php comment_text() ?>
<p><cite><?php comment_type(); ?> by <?php comment_author_link() ?> &#8212; <?php comment_date() ?> @ <a href="#comment-<?php comment_ID() ?>"><?php comment_time() ?></a></cite></p>
</li>
<?php } // end for each comment
} else { // this is displayed if there are no comments so far
?>
<li>No comments yet.</li>
<?php } ?>
<?php if ($comments) { ?>
<ol id="commentlist">
<?php foreach ($comments as $comment) { ?>
<li id="comment-<?php comment_ID() ?>">
<?php comment_text() ?>
<p><cite><?php comment_type(); ?> by <?php comment_author_link() ?> &#8212; <?php comment_date() ?> @ <a href="#comment-<?php comment_ID() ?>"><?php comment_time() ?></a></cite></p>
</li>
<?php } // end for each comment ?>
</ol>
<?php } else { // this is displayed if there are no comments so far ?>
<p>No comments yet.</p>
<?php } ?>
<h2>Leave a Comment</h2>
<?php if ('open' == $post->comment_status) { ?>
<p>Line and paragraph breaks automatic, website trumps email, <acronym title="Hypertext Markup Language">HTML</acronym> allowed: <code><?php echo htmlentities(str_replace('<', ' <', $comment_allowed_tags)); ?></code></p>
@ -77,10 +74,7 @@ if ($comments) {
if ('none' != get_settings("comment_moderation")) {
?>
<p>
<strong>Please note:</strong><br />
This blog uses comment moderation. In other words: your comment will need approval
by the administrator before it will appear in the blog. Approval usually happens
within the next 24 hours. Please send your comment only once. Thank you.
<strong>Please note:</strong> Comment moderation is currently enabled so there may be a delay between when you post your comment and when it shows up. Patience is a virtue; there&#8217;s no need to resubmit your comment.
</p>
<?php
} // comment_moderation != 'none'

34
b2comments.post.php
View File

@ -43,17 +43,15 @@ $commentstatus = $wpdb->get_var("SELECT comment_status FROM $tableposts WHERE ID
if ('closed' == $commentstatus)
die('Sorry, comments are closed for this item.');
if ($require_name_email && ($email == '' || $email == '@' || $author == '' || $author == 'name')) { //original fix by Dodo, and then Drinyth
echo 'Error: please fill the required fields (name, email).';
exit;
if ($require_name_email && ($email == '' || $author == '')) { //original fix by Dodo, and then Drinyth
die('Error: please fill the required fields (name, email).');
}
if ($comment == 'comment' || $comment == '') {
echo "Error: please type a comment";
exit;
die('Error: please type a comment.');
}
$time_difference = get_settings('time_difference');
$now = date('Y-m-d H:i:s',(time() + ($time_difference * 3600)));
$now = current_time('mysql');
$comment = strip_tags($comment, $comment_allowed_tags);
$comment = balanceTags($comment, 1);
@ -68,7 +66,7 @@ $author = addslashes($author);
$email = addslashes($email);
$url = addslashes($url);
/* flood-protection */
/* Flood-protection */
$lasttime = $wpdb->get_var("SELECT comment_date FROM $tablecomments WHERE comment_author_IP = '$user_ip' ORDER BY comment_date DESC LIMIT 1");
$ok = true;
if (!empty($lasttime)) {
@ -77,13 +75,13 @@ if (!empty($lasttime)) {
if (($time_newcomment - $time_lastcomment) < 10)
$ok = false;
}
/* end flood-protection */
/* End flood-protection */
if ($ok) { // if there was no comment from this IP in the last 10 seconds
$comment_moderation = get_settings("comment_moderation");
$moderation_notify = get_settings("moderation_notify");
$comment_moderation = get_settings('comment_moderation');
$moderation_notify = get_settings('moderation_notify');
// o42: this place could be the hook for further comment spam checking
// $approved should be set according the final approval status
@ -97,9 +95,8 @@ if ($ok) { // if there was no comment from this IP in the last 10 seconds
}
$wpdb->query("INSERT INTO $tablecomments (comment_ID,comment_post_ID,comment_author,comment_author_email,comment_author_url,comment_author_IP,comment_date,comment_content,comment_karma,comment_approved) VALUES ('0', '$comment_post_ID', '$author', '$email', '$url', '$user_ip', '$now', '$comment', '0', '$approved')");
// o42: this should be changed as soon as other sql dbs are supported
// as it's proprietary to mysql
$comment_ID = $wpdb->get_var("SELECT last_insert_id()");
/*
$comment_ID = $wpdb->get_var('SELECT last_insert_id()');
$fp = fopen("/tmp/wpdebug.txt", "w+");
fwrite($fp, "comment_moderation: $comment_moderation\n");
@ -117,6 +114,7 @@ if ($ok) { // if there was no comment from this IP in the last 10 seconds
fclose($fp);
*/
if ($email == '')
$email = ' '; // this to make sure a cookie is set for 'no email'
@ -127,11 +125,11 @@ if ($ok) { // if there was no comment from this IP in the last 10 seconds
setcookie('comment_author_email_'.$cookiehash, $email, time()+30000000);
setcookie('comment_author_url_'.$cookiehash, $url, time()+30000000);
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, must-revalidate');
header('Pragma: no-cache');
$location = (!empty($HTTP_POST_VARS['redirect_to'])) ? $HTTP_POST_VARS['redirect_to'] : $HTTP_SERVER_VARS["HTTP_REFERER"];
$location = (empty($HTTP_POST_VARS['redirect_to'])) ? $HTTP_SERVER_VARS["HTTP_REFERER"] : $HTTP_POST_VARS['redirect_to'];
if ($is_IIS) {
header("Refresh: 0;url=$location");
} else {
@ -141,4 +139,4 @@ if ($ok) { // if there was no comment from this IP in the last 10 seconds
die('Sorry, you can only post a new comment once every 10 seconds. Slow down cowboy.');
}
?>
?>

38
b2commentspopup.php
View File

@ -19,7 +19,7 @@ foreach ($posts as $post) { start_b2();
<h1 id="header"><a href="" title="<?php echo $blogname ?>"><?php echo $blogname ?></a></h1>
<h2>Comments</h2>
<h2 id="comments">Comments</h2>
<p><a href="<?php echo $siteurl; ?>/wp-commentsrss2.php?p=<?php echo $post->ID; ?>">RSS feed for comments on this post.</a></p>
@ -27,33 +27,29 @@ foreach ($posts as $post) { start_b2();
<p>The <acronym title="Uniform Resource Identifier">URI</acronym> to TrackBack this entry is: <em><?php trackback_url() ?></em></p>
<?php } ?>
<ol id="comments">
<?php
// this line is WordPress' motor, do not delete it.
$comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id AND comment_approved = '1' ORDER BY comment_date");
$commentstatus = $wpdb->get_row("SELECT comment_status, post_password FROM $tableposts WHERE ID = $id");
if (!empty($commentstatus->post_password) && $HTTP_COOKIE_VARS['wp-postpass_'.$cookiehash] != $commentstatus->post_password) { // and it doesn't match the cookie
echo("<li>".get_the_password_form()."</li></ol>");
}
else {
if ($comments) {
// this line is WordPress' motor, do not delete it.
foreach ($comments as $comment) {
?>
<!-- comment -->
<li id="comment-<?php comment_ID() ?>">
<?php comment_text() ?>
<p><cite><?php comment_type(); ?> by <?php comment_author_link() ?> &#8212; <?php comment_date() ?> @ <a href="#comment-<?php comment_ID() ?>"><?php comment_time() ?></a></cite></p>
</li>
echo(get_the_password_form());
} else { ?>
<?php } // end for each comment
} else { // this is displayed if there are no comments so far
?>
<li>No comments yet.</li>
<?php } ?>
<?php if ($comments) { ?>
<ol id="commentlist">
<?php foreach ($comments as $comment) { ?>
<li id="comment-<?php comment_ID() ?>">
<?php comment_text() ?>
<p><cite><?php comment_type(); ?> by <?php comment_author_link() ?> &#8212; <?php comment_date() ?> @ <a href="#comment-<?php comment_ID() ?>"><?php comment_time() ?></a></cite></p>
</li>
<?php } // end for each comment ?>
</ol>
<?php
if ('open' == $commentstatus->comment_status) { ?>
<?php } else { // this is displayed if there are no comments so far ?>
<p>No comments yet.</p>
<?php } ?>
<?php if ('open' == $commentstatus->comment_status) { ?>
<h2>Leave a Comment</h2>
<p>Line and paragraph breaks automatic, website trumps email, <acronym title="Hypertext Markup Language">HTML</acronym> allowed: <code><?php echo htmlentities(str_replace('<', ' <', $comment_allowed_tags)); ?></code></p>

1
wp-admin/b2menutop.txt
View File

@ -1,6 +1,5 @@
1 wp-post.php Post
1 edit.php Edit
3 wp-moderation.php Moderation
3 b2team.php Team
4 wp-options.php Options
3 b2categories.php Categories

5
wp-admin/edit-comments.php
View File

@ -37,8 +37,9 @@ if ($previousXstart < 0) {
ob_start();
?>
<ul id="adminmenu2">
<li><a href="edit.php">Posts</a></li>
<li class="last"><a href="edit-comments.php" class="current">Comments</a></li>
<li><a href="edit.php">Latest Posts</a></li>
<li class="last"><a href="edit-comments.php" class="current">Latest Comments</a></li>
<li><a href="wp-moderation.php">Comments Awaiting Moderation</a></li>
</ul>
<div class="wrap">

100
wp-admin/upgrade-072-to-073.php
View File

@ -76,9 +76,14 @@ foreach($posts as $post) {
flush();
}
$wpdb->query("INSERT INTO `$tableoptions` (`option_id`, `blog_id`, `option_name`, `option_can_override`, `option_type`, `option_value`, `option_width`, `option_height`, `option_description`, `option_admin_level`) VALUES ('', '0', 'permalink_structure', 'Y', '3', '', '20', '8', 'How the permalinks for your site are constructed.', '8');");
if (!$wpdb->get_var("SELECT option_name FROM $tableoptions WHERE option_name = 'permalink_structure'")) { // If it's not already there
$wpdb->query("INSERT INTO `$tableoptions`
(`option_id`, `blog_id`, `option_name`, `option_can_override`, `option_type`, `option_value`, `option_width`, `option_height`, `option_description`, `option_admin_level`)
VALUES
('', '0', 'permalink_structure', 'Y', '3', '', '20', '8', 'How the permalinks for your site are constructed. See <a href=\"wp-options-permalink.php\">permalink options page</a> for necessary mod_rewrite rules and more information.', '8');");
}
?>
<strong>Done.</strong></p>
Done with the name game. Now a little option action. </p>
<p>Now on to <a href="upgrade-072-to-073.php?step=2">step 2</a>.</p>
<?php
break;
@ -100,14 +105,95 @@ $wpdb->query("INSERT INTO `$tableoptions` (`option_id`, `blog_id`, `option_name`
$wpdb->query("UPDATE $tableoptions SET option_description = 'accepted file types, separated by spaces. example: \'jpg gif png\'' WHERE option_id = 34");
echo ' .';
flush();
// add link to date format help page
$wpdb->query("UPDATE $tableoptions SET option_description = 'see <a href=\"help/en/dateformats.help.html\">help</a> for format characters' WHERE option_id = 52");
$wpdb->query("UPDATE $tableoptions SET option_description = 'see <a href=\"help/en/dateformats.help.html\">help</a> for format characters' WHERE option_id = 53");
// add link to php date format. this could be to a wordpress.org page in the future
$wpdb->query("UPDATE $tableoptions SET option_description = 'see <a href=\"http://php.net/date\">help</a> for format characters' WHERE option_id = 52");
$wpdb->query("UPDATE $tableoptions SET option_description = 'see <a href=\"http://php.net/date\">help</a> for format characters' WHERE option_id = 53");
echo ' .';
flush();
?>
<strong>Done.</strong></p>
<p>See, that didn&#8217;t hurt a bit. All done!</p>
<strong>Done with the options updates. Now for a bit of comment action</strong></p>
<?php
$result = '';
$error_count = 0;
$continue = true;
// Insert new column "comment_approved" to $tablecomments
if ($continue) {
$ddl = "ALTER TABLE $tablecomments ADD COLUMN comment_approved ENUM('0', '1') DEFAULT '1' NOT NULL";
if (maybe_add_column($tablecomments, $tablecol, $ddl)) {
$wpdb->query("ALTER TABLE $tablecomments ADD INDEX (comment_approved)");
}
}
// Insert new option "comment_moderation" to settings
if (!$wpdb->get_var("SELECT option_id FROM $tableoptions WHERE option_name = 'comment_moderation'")) {
$wpdb->query("INSERT INTO $tableoptions
(option_id, blog_id, option_name, option_can_override, option_type, option_value, option_width, option_height, option_description, option_admin_level)
VALUES
('0', '0', 'comment_moderation', 'Y', '5',' none', 20, 8, 'If enabled, comments will only be shown after they have been approved.', 8)");
}
// attach option to group "General blog settings"
if ($continue) {
$oid = $wpdb->get_var("SELECT option_id FROM $tableoptions WHERE option_name = 'comment_moderation'");
$gid = $wpdb->get_var("SELECT group_id FROM $tableoptiongroups WHERE group_name = 'General blog settings'");
$seq = $wpdb->get_var("SELECT MAX(seq) FROM $tableoptiongroup_options WHERE group_id = '$gid'");
++$seq;
$wpdb->query("INSERT INTO $tableoptiongroup_options
(group_id, option_id, seq)
VALUES
('$gid', '$oid', '$seq')");
}
// Insert option values for new option "comment_moderation"
if ($continue) {
$ddl = array();
$ddl[] = "INSERT INTO $tableoptionvalues
(option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq)
VALUES
('$oid', 'none', 'None', NULL, NULL, 1)";
$ddl[] = "INSERT INTO $tableoptionvalues
(option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq)
VALUES
('$oid', 'manual', 'Manual', NULL, NULL, 2)";
$ddl[] = "INSERT INTO $tableoptionvalues
(option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq)
VALUES
('$oid','auto', 'Automatic', NULL, NULL, 3)";
foreach ($ddl as $query) {
$wpdb->query($query);
}
}
// Insert new option "moderation_notify" to settings
if (!$wpdb->get_var("SELECT option_id FROM $tableoptions WHERE option_name = 'moderation_notify'")) {
$wpdb->query("INSERT INTO $tableoptions
(option_id, blog_id, option_name, option_can_override, option_type, option_value, option_width, option_height, option_description, option_admin_level)
VALUES
('0', '0', 'moderation_notify' , 'Y', '2', '1', 20, 8, 'Set this to true if you want to be notified about new comments that wait for approval', 8)");
}
// attach option to group "General blog settings"
if ($continue) {
$oid = $wpdb->get_var("SELECT option_id FROM $tableoptions WHERE option_name = 'moderation_notify'");
$gid = $wpdb->get_var("SELECT group_id FROM $tableoptiongroups WHERE group_name = 'General blog settings'");
$seq = $wpdb->get_var("SELECT MAX(seq) FROM $tableoptiongroup_options WHERE group_id = '$gid'");
++$seq;
$wpdb->query("INSERT INTO $tableoptiongroup_options
(group_id, option_id, seq)
VALUES
('$gid', '$oid', '$seq')");
}
?>
<p>Comment spammers should now watch out for you.</p>
<p>See, that didn&#8217;t hurt a bit (again). All done!</p>
<?php
break;
}

332
wp-admin/upgrade-4-commod.php
View File

@ -1,332 +0,0 @@
<?php
$_wp_installing = 1;
require_once('../wp-config.php');
require_once('wp-install-helper.php');
$step = intval($HTTP_GET_VARS['step']);
if (!$step) $step = 0;
if (!step) $step = 0;
$file = basename(__FILE__);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<title>WordPress >Database upgrade for comment moderation hack</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<style media="screen" type="text/css">
body {
font-family: Georgia, "Times New Roman", Times, serif;
margin-left: 15%;
margin-right: 15%;
}
#logo {
margin: 0;
padding: 0;
background-image: url(http://wordpress.org/images/wordpress.gif);
background-repeat: no-repeat;
height: 72px;
border-bottom: 4px solid #333;
}
#logo a {
display: block;
height: 72px;
}
#logo a span {
display: none;
}
p {
line-height: 140%;
}
</style>
</head>
<body>
<h1 id="logo"><a href="http://wordpress.org"><span>WordPress</span></a></h1>
<?php
switch($step) {
case 0:
?>
<p>This will upgrade your database in order to be able to use otaku42's comment
moderation hack.</p>
<p>First of all: <strong>backup your database!</strong> This script will make
changes to it and it could happen that things aren't going the way they should.
You have been warned.</p>
<p>What this hack does is simple: it introduces a new option for comment moderation.
Comment moderation means that new comments won't show up in your blog until they
have been approved. Approval happens either manually or automatically (not implemented
yet). This all is a first step towards comment spam prevention.
<br /> You will have a simple panel in the admin section that shows you waiting
comments. You can either approve or delete them, or hold them further for approval.</p>
<p>The procedure is easy: click on the next button and see if there
are any warnings popping up. If so, please report the problem(s) to me
(<a href="mailto:mrenzmann@otaku42.de">mrenzmann@otaku42.de</a>) so that I can
fix it/them.</p>
<p>The following passage (grey text) is of interest for you only if you are familiar
with WordPress development:</p>
<span style="color: #888888;">
<p>In order to have the patch working we need to extend the comment table with a
field that indicates whether the comment has been approved or not (<em>comment_approved</em>).
Its default value will be <em>1</em> so that comments are auto-approved when comment
moderation has been turned off by the admin.</p>
<p>The next thing is that we need an option to turn comment moderation on/off. It will
be named <em>comment_moderation</em> and can be found in <em>General blog
settings</em>.</p>
<p>Another option that gets inserted is <em>moderation_notify</em>. If turned on, a mail
will be sent to the admin to inform about the new (and possibly other) comment that is/are
waiting for his approval.</p>
</p>This upgrade procedure tries to be as save as possible by not relying on any hardcoded
values. For example it retrieves the id for option group <em>general blog settings</em>
rather than assuming it has the same id as in my own blog.</p>
</span>
<p>Ready?
<?php
echo "<a href=\"$file?step=1\">Let's go!</a></p>\n";
break; // end case 0
case 1:
$result = "";
$error_count = 0;
$continue = true;
// insert new column "comment_approved" to $tablecomments
if ($continue) {
$tablename = $tablecomments;
$tablecol = "comment_approved";
$ddl = "ALTER TABLE $tablecomments ADD COLUMN $tablecol ENUM('0','1') DEFAULT '1' NOT NULL";
$result .= "Adding column $tablecol to table $tablename: ";
if (maybe_add_column($tablename, $tablecol, $ddl)) {
$result .= "ok<br />\n";
$result .= "Indexing new column $tablecol: ";
$wpdb->query("ALTER TABLE $tablename ADD INDEX ($tablecol)");
$results = $wpdb->get_results("SHOW INDEX FROM $tablecomments");
foreach ($results as $row) {
if ($row->Key_name == $tablecol) {
$index=1;
}
}
if (1 == $index) {
$result .= "ok";
$continue = true;
} else {
$result .= "error";
++$error_count;
$continue = false;
}
} else {
$result .= "error (couldn't add column $tablecol)";
++$error_count;
$continue = false;
}
$result .= "<br />\n";
}
// insert new option "comment_moderation" to settings
if ($continue) {
$option = "comment_moderation";
$tablename = $tableoptions;
$ddl = "INSERT INTO $tablename "
. "(option_id, blog_id, option_name, option_can_override, option_type, "
. "option_value, option_width, option_height, option_description, "
. "option_admin_level) "
. "VALUES "
. "('0','0','$option','Y','5','none',20,8,'if enabled, comments will only be shown after they have been approved by you',8)";
$result .= "Adding new option $option to settings: ";
if ($wpdb->query($ddl)) {
$result .= "ok";
$continue = true;
} else {
$result .= "error";
++$error_count;
$continue = false;
}
$result .= "<br />\n";
}
// attach option to group "General blog settings"
if ($continue) {
// we take over here $option and $tablename from above
$group = "General blog settings";
$result .= "Inserting new option $option to settings group '$group': ";
$oid = $wpdb->get_var("SELECT option_id FROM $tablename WHERE option_name='$option'");
$gid = $wpdb->get_var("SELECT group_id FROM $tableoptiongroups WHERE group_name='$group'");
if (0 != $gid && 0 != $oid) {
$continue = true;
} else {
$result .= "error (couldn't determine option_id and/or group_id)";
++$error_count;
$continue = false;
}
}
if ($continue) {
$seq = $wpdb->get_var("SELECT MAX(seq) FROM $tableoptiongroup_options WHERE group_id='$gid'");
if (0 != $seq) {
$continue = true;
} else {
$result .= "error (couldn't determine sequence)";
++$error_count;
$continue = false;
}
}
if ($continue) {
++$seq;
$ddl = "INSERT INTO $tableoptiongroup_options (group_id, option_id, seq) "
. "VALUES ('$gid','$oid','$seq')";
if ($wpdb->query($ddl)) {
$result .= "ok";
} else {
$result .= "error";
++$error_count;
$continue = false;
}
$result .= "<br />\n";
}
// insert option values for new option "comment_moderation"
if ($continue) {
$tablename = $tableoptionvalues;
$result .= "Inserting option values for new option $option: ";
$ddl = array();
$ddl[] = "INSERT INTO $tablename (option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq) "
. "VALUES ('$oid','none','None',NULL,NULL,1)";
$ddl[] = "INSERT INTO $tablename (option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq) "
. "VALUES ('$oid','manual','Manual',NULL,NULL,2)";
$ddl[] = "INSERT INTO $tablename (option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq) "
. "VALUES ('$oid','auto','Automatic',NULL,NULL,3)";
for ($i = 0; $i < count($ddl); $i++) {
if ($wpdb->query($ddl[$i])) {
$success = true;
continue;
} else {
$success = false;
break;
}
}
if ($success) {
$result .= "ok";
} else {
$result .= "error";
++$error_count;
$continue = false;
}
$result .= "<br />\n";
}
// insert new option "moderation_notify" to settings
if ($continue) {
$option = "moderation_notify";
$tablename = $tableoptions;
$ddl = "INSERT INTO $tablename "
. "(option_id, blog_id, option_name, option_can_override, option_type, "
. "option_value, option_width, option_height, option_description, "
. "option_admin_level) "
. "VALUES "
. "('0','0','$option','Y','2','1',20,8,'set this to true if you want to be notified about new comments that wait for approval',8)";
$result .= "Adding new option $option to settings: ";
if ($wpdb->query($ddl)) {
$result .= "ok";
$continue = true;
} else {
$result .= "error";
++$error_count;
$continue = false;
}
$result .= "<br />\n";
}
// attach option to group "General blog settings"
if ($continue) {
// we take over here $option and $tablename from above
$group = "General blog settings";
$result .= "Inserting new option $option to settings group '$group': ";
$oid = $wpdb->get_var("SELECT option_id FROM $tablename WHERE option_name='$option'");
$gid = $wpdb->get_var("SELECT group_id FROM $tableoptiongroups WHERE group_name='$group'");
if (0 != $gid && 0 != $oid) {
$continue = true;
} else {
$result .= "error (couldn't determine option_id and/or group_id)";
++$error_count;
$continue = false;
}
}
if ($continue) {
$seq = $wpdb->get_var("SELECT MAX(seq) FROM $tableoptiongroup_options WHERE group_id='$gid'");
if (0 != $seq) {
$continue = true;
} else {
$result .= "error (couldn't determine sequence)";
++$error_count;
$continue = false;
}
}
if ($continue) {
++$seq;
$ddl = "INSERT INTO $tableoptiongroup_options (group_id, option_id, seq) "
. "VALUES ('$gid','$oid','$seq')";
if ($wpdb->query($ddl)) {
$result .= "ok";
} else {
$result .= "error";
++$error_count;
$continue = false;
}
$result .= "<br />\n";
}
echo $result;
if ($error_count > 0) {
?>
<p>Hmmm... there was some kind of error. If you cannot figure out
from the output above how to correct the problems please
contact me at <a href="mailto:mrenzmann@otaku42.de">mrenzmann@otaku42.de</a>
and report your problem.</p>
<?php
} else {
?>
<p>Seems that everything went fine. Great!</p>
<p>Now you have two new options in your settings section <em>General blog settings</em>:
<ol><li><em>comment_moderation</em> controls whether you want to use the new comment
moderation functionality at all. If set to <em>manual</em>, you need to approve each
new comment by hand either in the comment moderation panel or when editing the comments
for a post. Choose <em>automatic</em> currently equals <em>manual</em>, but in the near
future this will allow the application of filtering functions (such as URL blacklisting,
keyword filtering, bayesian filtering and similar stuff). To approve awaiting comments
go to <em>Moderate</em> in the admin menu, where all waiting comments will be listed.</li>
<li><em>moderation_notify</em> will decide if you get notified by e-mail as soon as a
new comment has been posted and is waiting for approval (in other words: this setting
only takes effect, if <em>comment_moderation</em> is either set to <em>manual</em> or
<em>automatic</em>. The notification message will contain direct links that allow to
approve or delete a comment, or to jump to the moderation panel.</li></ol>
<p>Have fun!</p>
<?php
}
break; // end case 1
}
?>
</body>
</html>

62
wp-admin/wp-moderation.php
View File

@ -42,19 +42,19 @@ switch($action) {
case 'update':
$standalone = 1;
require_once("b2header.php");
require_once('b2header.php');
if ($user_level < 3) {
die('<p>You have no right to moderate comments.<br />Ask for a promotion to your <a href="mailto:$admin_email">blog admin</a>. :)</p>');
die('<p>Your level is not high enough to moderate comments. Ask for a promotion from your <a href="mailto:$admin_email">blog admin</a>. :)</p>');
}
// check if comment moderation is turned on in the settings
// if not, just give a short note and stop
if (get_settings("comment_moderation") == "none") {
echo "<div class=\"wrap\">\n";
echo "Comment moderation has been turned off.<br /><br />\n";
echo "</div>\n";
include("b2footer.php");
if ('none' == get_settings("comment_moderation")) {
echo '<div class="wrap">
<p>Comment moderation has been turned off.</p>
</div>';
require('b2footer.php');
exit;
}
@ -64,24 +64,24 @@ case 'update':
foreach($comment as $key => $value) {
switch($value) {
case "later":
// do nothing with that comment
// wp_set_comment_status($key, "hold");
++$item_ignored;
break;
case "delete":
wp_set_comment_status($key, "delete");
++$item_deleted;
break;
case "approve":
wp_set_comment_status($key, "approve");
if (get_settings("comments_notify") == true) {
wp_notify_postauthor($key);
}
++$item_approved;
break;
case 'later':
// do nothing with that comment
// wp_set_comment_status($key, "hold");
++$item_ignored;
break;
case 'delete':
wp_set_comment_status($key, 'delete');
++$item_deleted;
break;
case 'approve':
wp_set_comment_status($key, 'approve');
if (get_settings('comments_notify') == true) {
wp_notify_postauthor($key);
}
++$item_approved;
break;
}
}
@ -96,15 +96,15 @@ default:
require_once('b2header.php');
if ($user_level <= 3) {
die('<p>You have no right to moderate comments.<br>Ask for a promotion to your <a href="mailto:$admin_email">blog admin</a>. :)</p>');
die('<p>Your level is not high enough to moderate comments. Ask for a promotion from your <a href="mailto:$admin_email">blog admin</a>. :)</p>');
}
// check if comment moderation is turned on in the settings
// if not, just give a short note and stop
if (get_settings("comment_moderation") == "none") {
echo "<div class=\"wrap\">\n";
echo "Comment moderation has been turned off.<br /><br />\n";
echo "</div>\n";
if ('none' == get_settings('comment_moderation')) {
echo '<div class="wrap">
<p>Comment moderation has been turned off.</p>
</div>';
include("b2footer.php");
exit;
}
@ -144,7 +144,7 @@ default:
<?php
$comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_approved='0'");
$comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_approved = 0");
if ($comments) {
// list all comments that are waiting for approval
$file = basename(__FILE__);