XML-RPC comments API. see #7446

git-svn-id: http://svn.automattic.com/wordpress/trunk@8543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-06-22 21:04:57 +02:00 · 2008-08-04 22:29:37 +00:00 · 2008-08-04 22:29:37 +00:00 · 1b0bfced2e
commit 1b0bfced2e
parent 377336657c
4 changed files with 390 additions and 38 deletions
--- a/wp-includes/comment-template.php
+++ b/wp-includes/comment-template.php
@ -320,10 +320,11 @@ function comment_ID() {
 * @since 1.5
 * @uses $comment
 *
+ * @param object|string|int $comment Comment to retrieve.
 * @return string The permalink to the current comment
 */
-function get_comment_link() {
-	global $comment;
+function get_comment_link($comment = null) {
+	$comment = get_comment($comment);
 	return get_permalink( $comment->comment_post_ID ) . '#comment-' . $comment->comment_ID;
 }

--- a/wp-includes/comment.php
+++ b/wp-includes/comment.php
@ -3,6 +3,7 @@
 * Manages WordPress comments
 *
 * @package WordPress
+ * @subpackage Comment
 */

 /**
@ -162,49 +163,86 @@ function &get_comment(&$comment, $output = OBJECT) {
 }

 /**
- * Retrieve an array of comment data about comment $comment_ID.
+ * Retrieve a list of comments
 *
- * get_comment() technically does the same thing as this function. This function
- * also appears to reference variables and then not use them or not update them
- * when needed. It is advised to switch to get_comment(), since this function
- * might be deprecated in favor of using get_comment().
+ * {@internal Missing Long Description}}
 *
- * @deprecated Use get_comment()
- * @see get_comment()
- * @since 0.71
+ * @package WordPress
+ * @subpackage Comment
+ * @since 2.7
+ * @uses $wpdb
 *
- * @uses $postc Comment cache, might not be used any more
- * @uses $id
- * @uses $wpdb Database Object
- *
- * @param int $comment_ID The ID of the comment
- * @param int $no_cache Whether to use the cache or not (casted to bool)
- * @param bool $include_unapproved Whether to include unapproved comments or not
- * @return array The comment data
+ * @param mixed $args Optional. Array or string of options
+ * @return array List of comments matching defaults or $args
 */
-function get_commentdata( $comment_ID, $no_cache = 0, $include_unapproved = false ) {
-	global $postc, $wpdb;
-	if ( $no_cache ) {
-		$query = $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_ID = %d", $comment_ID);
-		if ( false == $include_unapproved )
-			$query .= " AND comment_approved = '1'";
-		$myrow = $wpdb->get_row($query, ARRAY_A);
+function get_comments( $args = '' ) {
+	global $wpdb;
+
+	$defaults = array('status' => '', 'orderby' => 'comment_date_gmt', 'order' => 'DESC', 'number' => '', 'offset' => '', 'post_id' => 0);
+
+	$r = wp_parse_args( $args, $defaults );
+	extract( $r, EXTR_SKIP );
+
+	$post_id = absint($post_id);
+
+	if ( 'hold' == $status )
+		$approved = "comment_approved = '0'";
+	elseif ( 'approve' == $status )
+		$approved = "comment_approved = '1'";
+	elseif ( 'spam' == $status )
+		$approved = "comment_approved = 'spam'";
+	else
+		$approved = "( comment_approved = '0' OR comment_approved = '1' )";
+
+	if ( 'ASC' != $order )
+		$order = 'DESC';
+
+	$orderby = 'comment_date_gmt';  // Hard code for now
+
+	$number = absint($number);
+	$offset = absint($offset);
+
+	if ( !empty($number) ) {
+		if ( $offset )
+			$number = 'LIMIT ' . $offset . ',' . $number;
+		else
+			$number = 'LIMIT ' . $number;
+
 	} else {
-		$myrow['comment_ID']           = $postc->comment_ID;
-		$myrow['comment_post_ID']      = $postc->comment_post_ID;
-		$myrow['comment_author']       = $postc->comment_author;
-		$myrow['comment_author_email'] = $postc->comment_author_email;
-		$myrow['comment_author_url']   = $postc->comment_author_url;
-		$myrow['comment_author_IP']    = $postc->comment_author_IP;
-		$myrow['comment_date']         = $postc->comment_date;
-		$myrow['comment_content']      = $postc->comment_content;
-		$myrow['comment_karma']        = $postc->comment_karma;
-		$myrow['comment_approved']     = $postc->comment_approved;
-		$myrow['comment_type']         = $postc->comment_type;
+		$number = '';
 	}
-	return $myrow;
+
+	if ( ! empty($post_id) )
+		$post_where = "comment_post_ID = $post_id AND";
+	else
+		$post_where = '';
+
+	return $wpdb->get_results( "SELECT * FROM $wpdb->comments USE INDEX (comment_date_gmt) WHERE $post_where $approved ORDER BY $orderby $order $number" );
 }

+/**
+ * Retrieve all of the WordPress supported comment statuses.
+ *
+ * Comments have a limited set of valid status values, this provides the
+ * comment status values and descriptions.
+ *
+ * @package WordPress
+ * @subpackage Post
+ * @since 2.7
+ *
+ * @return array List of comment statuses.
+ */
+function get_comment_statuses( ) {
+	$status = array(
+		'hold'		=> __('Unapproved'),
+		'approve'	=> __('Approved'),
+		'spam'		=> __('Spam'),
+	);
+
+	return $status;
+}
+
+
 /**
 * The date the last comment was modified.
 *
@ -822,6 +860,13 @@ function wp_update_comment($commentarr) {

 	$comment_date_gmt = get_gmt_from_date($comment_date);

+	if ( empty($comment_approved) )
+		$comment_approved = 1;
+	else if ( 'hold' == $comment_approved )
+		$comment_approved = 0;
+	else if ( 'approve' == $comment_approved )
+		$comment_approved = 1;
+
 	$wpdb->query( $wpdb->prepare("UPDATE $wpdb->comments SET
 			comment_content      = %s,
 			comment_author       = %s,
--- a/wp-includes/deprecated.php
+++ b/wp-includes/deprecated.php
@ -1283,4 +1283,25 @@ function documentation_link( $deprecated = '' ) {
 function gzip_compression() {
 	return false;
 }
+
+/**
+ * Retrieve an array of comment data about comment $comment_ID.
+ *
+ * @deprecated Use get_comment()
+ * @see get_comment()
+ * @since 0.71
+ *
+ * @uses $id
+ * @uses $wpdb Database Object
+ *
+ * @param int $comment_ID The ID of the comment
+ * @param int $no_cache Whether to use the cache or not (casted to bool)
+ * @param bool $include_unapproved Whether to include unapproved comments or not
+ * @return array The comment data
+ */
+function get_commentdata( $comment_ID, $no_cache = 0, $include_unapproved = false ) {
+	_deprecated_function( __FUNCTION__, '2.7', 'get_comment()' );
+	return get_comment($comment_ID, ARRAY_A);
+}
+
 ?>
--- a/xmlrpc.php
+++ b/xmlrpc.php
@ -129,6 +129,12 @@ class wp_xmlrpc_server extends IXR_Server {
 			'wp.getPageTemplates'	=> 'this:wp_getPageTemplates',
 			'wp.getOptions'			=> 'this:wp_getOptions',
 			'wp.setOptions'			=> 'this:wp_setOptions',
+			'wp.getComment'			=> 'this:wp_getComment',
+			'wp.getComments'		=> 'this:wp_getComments',
+			'wp.deleteComment'		=> 'this:wp_deleteComment',
+			'wp.editComment'		=> 'this:wp_editComment',
+			'wp.newComment'			=> 'this:wp_newComment',
+			'wp.getCommentStatusList' => 'this:wp_getCommentStatusList',

 			// Blogger API
 			'blogger.getUsersBlogs' => 'this:blogger_getUsersBlogs',
@ -829,6 +835,286 @@ class wp_xmlrpc_server extends IXR_Server {
 		return($category_suggestions);
 	}

+	function wp_getComment($args) {
+		$this->escape($args);
+
+		$blog_id	= (int) $args[0];
+		$username	= $args[1];
+		$password	= $args[2];
+		$comment_id	= (int) $args[3];
+
+		if ( !$this->login_pass_ok( $username, $password ) )
+			return $this->error;
+
+		set_current_user( 0, $username );
+		if ( !current_user_can( 'moderate_comments' ) )
+			return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this blog.' ) );
+
+		do_action('xmlrpc_call', 'wp.getComment');
+
+		if ( ! $comment = get_comment($comment_id) )
+			return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
+
+		// Format page date.
+		$comment_date = mysql2date("Ymd\TH:i:s", $comment->comment_date);
+		$comment_date_gmt = mysql2date("Ymd\TH:i:s", $comment->comment_date_gmt);
+
+		if ( 0 == $comment->comment_approved )
+			$comment_status = 'hold';
+		else if ( 'spam' == $comment->comment_approved )
+			$comment_status = 'spam';
+		else
+			$comment_status = 'approve';
+
+		$link = get_comment_link($comment);
+
+		$comment_struct = array(
+			"date_created_gmt"		=> new IXR_Date($comment_date_gmt),
+			"user_id"				=> $comment->user_id,
+			"comment_id"			=> $comment->comment_ID,
+			"parent"				=> $comment->comment_parent,
+			"status"				=> $comment_status,
+			"content"				=> $comment->comment_content,
+			"link"					=> $link,
+			"post_id"				=> $comment->comment_post_ID,
+			"post_title"			=> get_the_title($comment->comment_post_ID),
+			"author"				=> $author->comment_author,
+			"author_url"			=> $comment->comment_author_url,
+			"author_email"			=> $comment->comment_author_email,
+			"author_ip"				=> $comment->comment_author_IP,
+		);
+
+		return $comment_struct;
+	}
+
+	function wp_getComments($args) {
+		$this->escape($args);
+
+		$blog_id	= (int) $args[0];
+		$username	= $args[1];
+		$password	= $args[2];
+		$struct		= $args[3];
+
+		if ( !$this->login_pass_ok($username, $password) )
+			return($this->error);
+
+		set_current_user( 0, $username );
+		if ( !current_user_can( 'moderate_comments' ) )
+			return new IXR_Error( 401, __( 'Sorry, you can not edit comments.' ) );
+
+		do_action('xmlrpc_call', 'wp.getComments');
+
+		if ( isset($struct['status']) )
+			$status = $struct['status'];
+		else
+			$status = '';
+
+		$post_id = '';
+		if ( isset($struct['post_id']) )
+			$post_id = absint($struct['post_id']);
+
+		$offset = 0;
+		if ( isset($struct['offset']) )
+			$offset = absint($struct['offset']);
+
+		$number = 10;
+		if ( isset($struct['number']) )
+			$number = absint($struct['number']);
+
+		$comments = get_comments( array('status' => $status, 'post_id' => $post_id, 'offset' => $offset, 'number' => $number ) );
+		$num_comments = count($comments);
+
+		if ( ! $num_comments )
+			return array();
+
+		$comments_struct = array();
+
+		for ( $i = 0; $i < $num_comments; $i++ ) {
+			$comment = wp_xmlrpc_server::wp_getComment(array(
+				$blog_id, $username, $password, $comments[$i]->comment_ID,
+			));
+			$comments_struct[] = $comment;
+		}
+
+		return $comments_struct;
+	}
+
+	function wp_deleteComment($args) {
+		$this->escape($args);
+
+		$blog_id	= (int) $args[0];
+		$username	= $args[1];
+		$password	= $args[2];
+		$comment_ID	= (int) $args[3];
+
+		if ( !$this->login_pass_ok( $username, $password ) )
+			return $this->error;
+
+		set_current_user( 0, $username );
+		if ( !current_user_can( 'moderate_comments' ) )
+			return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this blog.' ) );
+
+		do_action('xmlrpc_call', 'wp.deleteComment');
+
+		if ( ! get_comment($comment_ID) )
+			return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
+
+		return wp_delete_comment($comment_ID);
+	}
+
+	function wp_editComment($args) {
+		$this->escape($args);
+
+		$blog_id	= (int) $args[0];
+		$username	= $args[1];
+		$password	= $args[2];
+		$comment_ID	= (int) $args[3];
+		$content_struct = $args[4];
+
+		if ( !$this->login_pass_ok( $username, $password ) )
+			return $this->error;
+
+		set_current_user( 0, $username );
+		if ( !current_user_can( 'moderate_comments' ) )
+			return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this blog.' ) );
+
+		do_action('xmlrpc_call', 'wp.editComment');
+
+		if ( ! get_comment($comment_ID) )
+			return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
+
+		if ( isset($content_struct['status']) ) {
+			$statuses = get_comment_statuses();
+			$statuses = array_keys($statuses);
+
+			if ( ! in_array($content_struct['status'], $statuses) )
+				return new IXR_Error( 401, __( 'Invalid comment status.' ) );
+			$comment_approved = $content_struct['status'];
+		}
+
+		// Do some timestamp voodoo
+		if ( !empty( $content_struct['date_created_gmt'] ) ) {
+			$dateCreated = str_replace( 'Z', '', $content_struct['date_created_gmt']->getIso() ) . 'Z'; // We know this is supposed to be GMT, so we're going to slap that Z on there by force
+			$comment_date = get_date_from_gmt(iso8601_to_datetime($dateCreated));
+			$comment_date_gmt = iso8601_to_datetime($dateCreated, GMT);
+		}
+
+		if ( isset($content_struct['content']) )
+			$comment_content = $content_struct['content'];
+
+		if ( isset($content_struct['author']) )
+			$comment_author = $content_struct['author'];
+
+		if ( isset($content_struct['author_url']) )
+			$comment_author_url = $content_struct['author_url'];
+
+		if ( isset($content_struct['author_email']) )
+			$comment_author_email = $content_struct['author_email'];
+
+		// We've got all the data -- post it:
+		$comment = compact('comment_ID', 'comment_content', 'comment_approved', 'comment_date', 'comment_date_gmt', 'comment_author', 'comment_author_email', 'comment_author_url');
+		
+		$result = wp_update_comment($comment);
+		if ( is_wp_error( $result ) )
+			return new IXR_Error(500, $result->get_error_message());
+
+		if ( !$result )
+			return new IXR_Error(500, __('Sorry, the comment could not be edited. Something wrong happened.'));
+
+		return true;
+	}
+
+	function wp_newComment($args) {
+		global $wpdb;
+
+		$this->escape($args);
+
+		$blog_id	= (int) $args[0];
+		$username	= $args[1];
+		$password	= $args[2];
+		$post		= $args[3];
+		$content_struct = $args[4];
+
+		$allow_anon = apply_filters('xmlrpc_allow_anonymous_comments', false);
+
+		if ( !$this->login_pass_ok( $username, $password ) ) {
+			$logged_in = false;
+			if ( $allow_anon && get_option('comment_registration') )
+				return new IXR_Error( 403, __( 'You must be registered to comment' ) );
+			else if ( !$allow_anon )
+				return $this->error;
+		} else {
+			$logged_in = true;
+			set_current_user( 0, $username );
+			if ( !current_user_can( 'moderate_comments' ) )
+				return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this blog.' ) );
+		}
+
+		if ( is_numeric($post) )
+			$post_id = absint($post);
+		else
+			$post_id = url_to_postid($post);
+
+		if ( ! $post_id )
+			return new IXR_Error( 404, __( 'Invalid post ID.' ) );
+
+		if ( ! get_post($post_id) )
+			return new IXR_Error( 404, __( 'Invalid post ID.' ) );
+
+		$comment['comment_post_ID'] = $post_id;
+
+		if ( $logged_in ) {
+			$user = wp_get_current_user();
+			$comment['comment_author'] = $wpdb->escape( $user->display_name );
+			$comment['comment_author_email'] = $wpdb->escape( $user->user_email );
+			$comment['comment_author_url'] = $wpdb->escape( $user->user_url );
+			$comment['user_ID'] = $user->ID;
+		} else {
+			$comment['comment_author'] = '';
+			if ( isset($content_struct['author']) )
+				$comment['comment_author'] = $content_struct['author'];
+			$comment['comment_author_email'] = '';
+			if ( isset($content_struct['author']) )
+				$comment['comment_author_email'] = $content_struct['author_email'];
+			$comment['comment_author_url'] = '';
+			if ( isset($content_struct['author']) )
+				$comment['comment_author_url'] = $content_struct['author_url'];
+			$comment['user_ID'] = 0;
+
+			if ( get_option('require_name_email') ) {
+				if ( 6 > strlen($comment['comment_author_email']) || '' == $comment['comment_author'] )
+					return new IXR_Error( 403, __( 'Comment author name and email are required' ) );
+				elseif ( !is_email($comment['comment_author_email']) )
+					return new IXR_Error( 403, __( 'A valid email address is required' ) );
+			}
+		}
+
+		$comment['comment_content'] = $content_struct['content'];
+
+		do_action('xmlrpc_call', 'wp.newComment');
+		
+		return wp_new_comment($comment);
+	}
+
+	function wp_getCommentStatusList($args) {
+		$this->escape( $args );
+
+		$blog_id	= (int) $args[0];
+		$username	= $args[1];
+		$password	= $args[2];
+
+		if ( !$this->login_pass_ok( $username, $password ) )
+			return $this->error;
+
+		set_current_user( 0, $username );
+		if ( !current_user_can( 'moderate_comments' ) )
+			return new IXR_Error( 403, __( 'You are not allowed access to details about this blog.' ) );
+
+		do_action('xmlrpc_call', 'wp.getCommentStatusList');
+
+		return get_comment_statuses( );
+	}
+
 	function wp_getCommentCount( $args ) {
 		$this->escape($args);

@ -857,7 +1143,6 @@ class wp_xmlrpc_server extends IXR_Server {
 		);
 	}

-
 	function wp_getPostStatusList( $args ) {
 		$this->escape( $args );