[ Index ] |
PHP Cross Reference of WordPress Trunk (Updated Daily) |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * Core Comment API 4 * 5 * @package WordPress 6 * @subpackage Comment 7 */ 8 9 /** 10 * Checks whether a comment passes internal checks to be allowed to add. 11 * 12 * If manual comment moderation is set in the administration, then all checks, 13 * regardless of their type and substance, will fail and the function will 14 * return false. 15 * 16 * If the number of links exceeds the amount in the administration, then the 17 * check fails. If any of the parameter contents contain any disallowed words, 18 * then the check fails. 19 * 20 * If the comment author was approved before, then the comment is automatically 21 * approved. 22 * 23 * If all checks pass, the function will return true. 24 * 25 * @since 1.2.0 26 * 27 * @global wpdb $wpdb WordPress database abstraction object. 28 * 29 * @param string $author Comment author name. 30 * @param string $email Comment author email. 31 * @param string $url Comment author URL. 32 * @param string $comment Content of the comment. 33 * @param string $user_ip Comment author IP address. 34 * @param string $user_agent Comment author User-Agent. 35 * @param string $comment_type Comment type, either user-submitted comment, 36 * trackback, or pingback. 37 * @return bool If all checks pass, true, otherwise false. 38 */ 39 function check_comment( $author, $email, $url, $comment, $user_ip, $user_agent, $comment_type ) { 40 global $wpdb; 41 42 // If manual moderation is enabled, skip all checks and return false. 43 if ( 1 == get_option( 'comment_moderation' ) ) { 44 return false; 45 } 46 47 /** This filter is documented in wp-includes/comment-template.php */ 48 $comment = apply_filters( 'comment_text', $comment, null, array() ); 49 50 // Check for the number of external links if a max allowed number is set. 51 $max_links = get_option( 'comment_max_links' ); 52 if ( $max_links ) { 53 $num_links = preg_match_all( '/<a [^>]*href/i', $comment, $out ); 54 55 /** 56 * Filters the number of links found in a comment. 57 * 58 * @since 3.0.0 59 * @since 4.7.0 Added the `$comment` parameter. 60 * 61 * @param int $num_links The number of links found. 62 * @param string $url Comment author's URL. Included in allowed links total. 63 * @param string $comment Content of the comment. 64 */ 65 $num_links = apply_filters( 'comment_max_links_url', $num_links, $url, $comment ); 66 67 /* 68 * If the number of links in the comment exceeds the allowed amount, 69 * fail the check by returning false. 70 */ 71 if ( $num_links >= $max_links ) { 72 return false; 73 } 74 } 75 76 $mod_keys = trim( get_option( 'moderation_keys' ) ); 77 78 // If moderation 'keys' (keywords) are set, process them. 79 if ( ! empty( $mod_keys ) ) { 80 $words = explode( "\n", $mod_keys ); 81 82 foreach ( (array) $words as $word ) { 83 $word = trim( $word ); 84 85 // Skip empty lines. 86 if ( empty( $word ) ) { 87 continue; 88 } 89 90 /* 91 * Do some escaping magic so that '#' (number of) characters in the spam 92 * words don't break things: 93 */ 94 $word = preg_quote( $word, '#' ); 95 96 /* 97 * Check the comment fields for moderation keywords. If any are found, 98 * fail the check for the given field by returning false. 99 */ 100 $pattern = "#$word#iu"; 101 if ( preg_match( $pattern, $author ) ) { 102 return false; 103 } 104 if ( preg_match( $pattern, $email ) ) { 105 return false; 106 } 107 if ( preg_match( $pattern, $url ) ) { 108 return false; 109 } 110 if ( preg_match( $pattern, $comment ) ) { 111 return false; 112 } 113 if ( preg_match( $pattern, $user_ip ) ) { 114 return false; 115 } 116 if ( preg_match( $pattern, $user_agent ) ) { 117 return false; 118 } 119 } 120 } 121 122 /* 123 * Check if the option to approve comments by previously-approved authors is enabled. 124 * 125 * If it is enabled, check whether the comment author has a previously-approved comment, 126 * as well as whether there are any moderation keywords (if set) present in the author 127 * email address. If both checks pass, return true. Otherwise, return false. 128 */ 129 if ( 1 == get_option( 'comment_previously_approved' ) ) { 130 if ( 'trackback' !== $comment_type && 'pingback' !== $comment_type && '' !== $author && '' !== $email ) { 131 $comment_user = get_user_by( 'email', wp_unslash( $email ) ); 132 if ( ! empty( $comment_user->ID ) ) { 133 $ok_to_comment = $wpdb->get_var( $wpdb->prepare( "SELECT comment_approved FROM $wpdb->comments WHERE user_id = %d AND comment_approved = '1' LIMIT 1", $comment_user->ID ) ); 134 } else { 135 // expected_slashed ($author, $email) 136 $ok_to_comment = $wpdb->get_var( $wpdb->prepare( "SELECT comment_approved FROM $wpdb->comments WHERE comment_author = %s AND comment_author_email = %s and comment_approved = '1' LIMIT 1", $author, $email ) ); 137 } 138 if ( ( 1 == $ok_to_comment ) && 139 ( empty( $mod_keys ) || ! str_contains( $email, $mod_keys ) ) ) { 140 return true; 141 } else { 142 return false; 143 } 144 } else { 145 return false; 146 } 147 } 148 return true; 149 } 150 151 /** 152 * Retrieves the approved comments for a post. 153 * 154 * @since 2.0.0 155 * @since 4.1.0 Refactored to leverage WP_Comment_Query over a direct query. 156 * 157 * @param int $post_id The ID of the post. 158 * @param array $args { 159 * Optional. See WP_Comment_Query::__construct() for information on accepted arguments. 160 * 161 * @type int $status Comment status to limit results by. Defaults to approved comments. 162 * @type int $post_id Limit results to those affiliated with a given post ID. 163 * @type string $order How to order retrieved comments. Default 'ASC'. 164 * } 165 * @return WP_Comment[]|int[]|int The approved comments, or number of comments if `$count` 166 * argument is true. 167 */ 168 function get_approved_comments( $post_id, $args = array() ) { 169 if ( ! $post_id ) { 170 return array(); 171 } 172 173 $defaults = array( 174 'status' => 1, 175 'post_id' => $post_id, 176 'order' => 'ASC', 177 ); 178 $parsed_args = wp_parse_args( $args, $defaults ); 179 180 $query = new WP_Comment_Query(); 181 return $query->query( $parsed_args ); 182 } 183 184 /** 185 * Retrieves comment data given a comment ID or comment object. 186 * 187 * If an object is passed then the comment data will be cached and then returned 188 * after being passed through a filter. If the comment is empty, then the global 189 * comment variable will be used, if it is set. 190 * 191 * @since 2.0.0 192 * 193 * @global WP_Comment $comment Global comment object. 194 * 195 * @param WP_Comment|string|int $comment Comment to retrieve. 196 * @param string $output Optional. The required return type. One of OBJECT, ARRAY_A, or ARRAY_N, which 197 * correspond to a WP_Comment object, an associative array, or a numeric array, 198 * respectively. Default OBJECT. 199 * @return WP_Comment|array|null Depends on $output value. 200 */ 201 function get_comment( $comment = null, $output = OBJECT ) { 202 if ( empty( $comment ) && isset( $GLOBALS['comment'] ) ) { 203 $comment = $GLOBALS['comment']; 204 } 205 206 if ( $comment instanceof WP_Comment ) { 207 $_comment = $comment; 208 } elseif ( is_object( $comment ) ) { 209 $_comment = new WP_Comment( $comment ); 210 } else { 211 $_comment = WP_Comment::get_instance( $comment ); 212 } 213 214 if ( ! $_comment ) { 215 return null; 216 } 217 218 /** 219 * Fires after a comment is retrieved. 220 * 221 * @since 2.3.0 222 * 223 * @param WP_Comment $_comment Comment data. 224 */ 225 $_comment = apply_filters( 'get_comment', $_comment ); 226 227 if ( OBJECT === $output ) { 228 return $_comment; 229 } elseif ( ARRAY_A === $output ) { 230 return $_comment->to_array(); 231 } elseif ( ARRAY_N === $output ) { 232 return array_values( $_comment->to_array() ); 233 } 234 return $_comment; 235 } 236 237 /** 238 * Retrieves a list of comments. 239 * 240 * The comment list can be for the blog as a whole or for an individual post. 241 * 242 * @since 2.7.0 243 * 244 * @param string|array $args Optional. Array or string of arguments. See WP_Comment_Query::__construct() 245 * for information on accepted arguments. Default empty string. 246 * @return WP_Comment[]|int[]|int List of comments or number of found comments if `$count` argument is true. 247 */ 248 function get_comments( $args = '' ) { 249 $query = new WP_Comment_Query(); 250 return $query->query( $args ); 251 } 252 253 /** 254 * Retrieves all of the WordPress supported comment statuses. 255 * 256 * Comments have a limited set of valid status values, this provides the comment 257 * status values and descriptions. 258 * 259 * @since 2.7.0 260 * 261 * @return string[] List of comment status labels keyed by status. 262 */ 263 function get_comment_statuses() { 264 $status = array( 265 'hold' => __( 'Unapproved' ), 266 'approve' => _x( 'Approved', 'comment status' ), 267 'spam' => _x( 'Spam', 'comment status' ), 268 'trash' => _x( 'Trash', 'comment status' ), 269 ); 270 271 return $status; 272 } 273 274 /** 275 * Gets the default comment status for a post type. 276 * 277 * @since 4.3.0 278 * 279 * @param string $post_type Optional. Post type. Default 'post'. 280 * @param string $comment_type Optional. Comment type. Default 'comment'. 281 * @return string Expected return value is 'open' or 'closed'. 282 */ 283 function get_default_comment_status( $post_type = 'post', $comment_type = 'comment' ) { 284 switch ( $comment_type ) { 285 case 'pingback': 286 case 'trackback': 287 $supports = 'trackbacks'; 288 $option = 'ping'; 289 break; 290 default: 291 $supports = 'comments'; 292 $option = 'comment'; 293 break; 294 } 295 296 // Set the status. 297 if ( 'page' === $post_type ) { 298 $status = 'closed'; 299 } elseif ( post_type_supports( $post_type, $supports ) ) { 300 $status = get_option( "default_{$option}_status" ); 301 } else { 302 $status = 'closed'; 303 } 304 305 /** 306 * Filters the default comment status for the given post type. 307 * 308 * @since 4.3.0 309 * 310 * @param string $status Default status for the given post type, 311 * either 'open' or 'closed'. 312 * @param string $post_type Post type. Default is `post`. 313 * @param string $comment_type Type of comment. Default is `comment`. 314 */ 315 return apply_filters( 'get_default_comment_status', $status, $post_type, $comment_type ); 316 } 317 318 /** 319 * Retrieves the date the last comment was modified. 320 * 321 * @since 1.5.0 322 * @since 4.7.0 Replaced caching the modified date in a local static variable 323 * with the Object Cache API. 324 * 325 * @global wpdb $wpdb WordPress database abstraction object. 326 * 327 * @param string $timezone Which timezone to use in reference to 'gmt', 'blog', or 'server' locations. 328 * @return string|false Last comment modified date on success, false on failure. 329 */ 330 function get_lastcommentmodified( $timezone = 'server' ) { 331 global $wpdb; 332 333 $timezone = strtolower( $timezone ); 334 $key = "lastcommentmodified:$timezone"; 335 336 $comment_modified_date = wp_cache_get( $key, 'timeinfo' ); 337 if ( false !== $comment_modified_date ) { 338 return $comment_modified_date; 339 } 340 341 switch ( $timezone ) { 342 case 'gmt': 343 $comment_modified_date = $wpdb->get_var( "SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1" ); 344 break; 345 case 'blog': 346 $comment_modified_date = $wpdb->get_var( "SELECT comment_date FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1" ); 347 break; 348 case 'server': 349 $add_seconds_server = gmdate( 'Z' ); 350 351 $comment_modified_date = $wpdb->get_var( $wpdb->prepare( "SELECT DATE_ADD(comment_date_gmt, INTERVAL %s SECOND) FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1", $add_seconds_server ) ); 352 break; 353 } 354 355 if ( $comment_modified_date ) { 356 wp_cache_set( $key, $comment_modified_date, 'timeinfo' ); 357 358 return $comment_modified_date; 359 } 360 361 return false; 362 } 363 364 /** 365 * Retrieves the total comment counts for the whole site or a single post. 366 * 367 * @since 2.0.0 368 * 369 * @param int $post_id Optional. Restrict the comment counts to the given post. Default 0, which indicates that 370 * comment counts for the whole site will be retrieved. 371 * @return int[] { 372 * The number of comments keyed by their status. 373 * 374 * @type int $approved The number of approved comments. 375 * @type int $awaiting_moderation The number of comments awaiting moderation (a.k.a. pending). 376 * @type int $spam The number of spam comments. 377 * @type int $trash The number of trashed comments. 378 * @type int $post-trashed The number of comments for posts that are in the trash. 379 * @type int $total_comments The total number of non-trashed comments, including spam. 380 * @type int $all The total number of pending or approved comments. 381 * } 382 */ 383 function get_comment_count( $post_id = 0 ) { 384 $post_id = (int) $post_id; 385 386 $comment_count = array( 387 'approved' => 0, 388 'awaiting_moderation' => 0, 389 'spam' => 0, 390 'trash' => 0, 391 'post-trashed' => 0, 392 'total_comments' => 0, 393 'all' => 0, 394 ); 395 396 $args = array( 397 'count' => true, 398 'update_comment_meta_cache' => false, 399 ); 400 if ( $post_id > 0 ) { 401 $args['post_id'] = $post_id; 402 } 403 $mapping = array( 404 'approved' => 'approve', 405 'awaiting_moderation' => 'hold', 406 'spam' => 'spam', 407 'trash' => 'trash', 408 'post-trashed' => 'post-trashed', 409 ); 410 $comment_count = array(); 411 foreach ( $mapping as $key => $value ) { 412 $comment_count[ $key ] = get_comments( array_merge( $args, array( 'status' => $value ) ) ); 413 } 414 415 $comment_count['all'] = $comment_count['approved'] + $comment_count['awaiting_moderation']; 416 $comment_count['total_comments'] = $comment_count['all'] + $comment_count['spam']; 417 418 return array_map( 'intval', $comment_count ); 419 } 420 421 // 422 // Comment meta functions. 423 // 424 425 /** 426 * Adds meta data field to a comment. 427 * 428 * @since 2.9.0 429 * 430 * @link https://developer.wordpress.org/reference/functions/add_comment_meta/ 431 * 432 * @param int $comment_id Comment ID. 433 * @param string $meta_key Metadata name. 434 * @param mixed $meta_value Metadata value. Must be serializable if non-scalar. 435 * @param bool $unique Optional. Whether the same key should not be added. 436 * Default false. 437 * @return int|false Meta ID on success, false on failure. 438 */ 439 function add_comment_meta( $comment_id, $meta_key, $meta_value, $unique = false ) { 440 return add_metadata( 'comment', $comment_id, $meta_key, $meta_value, $unique ); 441 } 442 443 /** 444 * Removes metadata matching criteria from a comment. 445 * 446 * You can match based on the key, or key and value. Removing based on key and 447 * value, will keep from removing duplicate metadata with the same key. It also 448 * allows removing all metadata matching key, if needed. 449 * 450 * @since 2.9.0 451 * 452 * @link https://developer.wordpress.org/reference/functions/delete_comment_meta/ 453 * 454 * @param int $comment_id Comment ID. 455 * @param string $meta_key Metadata name. 456 * @param mixed $meta_value Optional. Metadata value. If provided, 457 * rows will only be removed that match the value. 458 * Must be serializable if non-scalar. Default empty string. 459 * @return bool True on success, false on failure. 460 */ 461 function delete_comment_meta( $comment_id, $meta_key, $meta_value = '' ) { 462 return delete_metadata( 'comment', $comment_id, $meta_key, $meta_value ); 463 } 464 465 /** 466 * Retrieves comment meta field for a comment. 467 * 468 * @since 2.9.0 469 * 470 * @link https://developer.wordpress.org/reference/functions/get_comment_meta/ 471 * 472 * @param int $comment_id Comment ID. 473 * @param string $key Optional. The meta key to retrieve. By default, 474 * returns data for all keys. Default empty string. 475 * @param bool $single Optional. Whether to return a single value. 476 * This parameter has no effect if `$key` is not specified. 477 * Default false. 478 * @return mixed An array of values if `$single` is false. 479 * The value of meta data field if `$single` is true. 480 * False for an invalid `$comment_id` (non-numeric, zero, or negative value). 481 * An empty string if a valid but non-existing comment ID is passed. 482 */ 483 function get_comment_meta( $comment_id, $key = '', $single = false ) { 484 return get_metadata( 'comment', $comment_id, $key, $single ); 485 } 486 487 /** 488 * Queue comment meta for lazy-loading. 489 * 490 * @since 6.3.0 491 * 492 * @param array $comment_ids List of comment IDs. 493 */ 494 function wp_lazyload_comment_meta( array $comment_ids ) { 495 if ( empty( $comment_ids ) ) { 496 return; 497 } 498 $lazyloader = wp_metadata_lazyloader(); 499 $lazyloader->queue_objects( 'comment', $comment_ids ); 500 } 501 502 /** 503 * Updates comment meta field based on comment ID. 504 * 505 * Use the $prev_value parameter to differentiate between meta fields with the 506 * same key and comment ID. 507 * 508 * If the meta field for the comment does not exist, it will be added. 509 * 510 * @since 2.9.0 511 * 512 * @link https://developer.wordpress.org/reference/functions/update_comment_meta/ 513 * 514 * @param int $comment_id Comment ID. 515 * @param string $meta_key Metadata key. 516 * @param mixed $meta_value Metadata value. Must be serializable if non-scalar. 517 * @param mixed $prev_value Optional. Previous value to check before updating. 518 * If specified, only update existing metadata entries with 519 * this value. Otherwise, update all entries. Default empty string. 520 * @return int|bool Meta ID if the key didn't exist, true on successful update, 521 * false on failure or if the value passed to the function 522 * is the same as the one that is already in the database. 523 */ 524 function update_comment_meta( $comment_id, $meta_key, $meta_value, $prev_value = '' ) { 525 return update_metadata( 'comment', $comment_id, $meta_key, $meta_value, $prev_value ); 526 } 527 528 /** 529 * Sets the cookies used to store an unauthenticated commentator's identity. Typically used 530 * to recall previous comments by this commentator that are still held in moderation. 531 * 532 * @since 3.4.0 533 * @since 4.9.6 The `$cookies_consent` parameter was added. 534 * 535 * @param WP_Comment $comment Comment object. 536 * @param WP_User $user Comment author's user object. The user may not exist. 537 * @param bool $cookies_consent Optional. Comment author's consent to store cookies. Default true. 538 */ 539 function wp_set_comment_cookies( $comment, $user, $cookies_consent = true ) { 540 // If the user already exists, or the user opted out of cookies, don't set cookies. 541 if ( $user->exists() ) { 542 return; 543 } 544 545 if ( false === $cookies_consent ) { 546 // Remove any existing cookies. 547 $past = time() - YEAR_IN_SECONDS; 548 setcookie( 'comment_author_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN ); 549 setcookie( 'comment_author_email_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN ); 550 setcookie( 'comment_author_url_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN ); 551 552 return; 553 } 554 555 /** 556 * Filters the lifetime of the comment cookie in seconds. 557 * 558 * @since 2.8.0 559 * 560 * @param int $seconds Comment cookie lifetime. Default 30000000. 561 */ 562 $comment_cookie_lifetime = time() + apply_filters( 'comment_cookie_lifetime', 30000000 ); 563 564 $secure = ( 'https' === parse_url( home_url(), PHP_URL_SCHEME ) ); 565 566 setcookie( 'comment_author_' . COOKIEHASH, $comment->comment_author, $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure ); 567 setcookie( 'comment_author_email_' . COOKIEHASH, $comment->comment_author_email, $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure ); 568 setcookie( 'comment_author_url_' . COOKIEHASH, esc_url( $comment->comment_author_url ), $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure ); 569 } 570 571 /** 572 * Sanitizes the cookies sent to the user already. 573 * 574 * Will only do anything if the cookies have already been created for the user. 575 * Mostly used after cookies had been sent to use elsewhere. 576 * 577 * @since 2.0.4 578 */ 579 function sanitize_comment_cookies() { 580 if ( isset( $_COOKIE[ 'comment_author_' . COOKIEHASH ] ) ) { 581 /** 582 * Filters the comment author's name cookie before it is set. 583 * 584 * When this filter hook is evaluated in wp_filter_comment(), 585 * the comment author's name string is passed. 586 * 587 * @since 1.5.0 588 * 589 * @param string $author_cookie The comment author name cookie. 590 */ 591 $comment_author = apply_filters( 'pre_comment_author_name', $_COOKIE[ 'comment_author_' . COOKIEHASH ] ); 592 $comment_author = wp_unslash( $comment_author ); 593 $comment_author = esc_attr( $comment_author ); 594 595 $_COOKIE[ 'comment_author_' . COOKIEHASH ] = $comment_author; 596 } 597 598 if ( isset( $_COOKIE[ 'comment_author_email_' . COOKIEHASH ] ) ) { 599 /** 600 * Filters the comment author's email cookie before it is set. 601 * 602 * When this filter hook is evaluated in wp_filter_comment(), 603 * the comment author's email string is passed. 604 * 605 * @since 1.5.0 606 * 607 * @param string $author_email_cookie The comment author email cookie. 608 */ 609 $comment_author_email = apply_filters( 'pre_comment_author_email', $_COOKIE[ 'comment_author_email_' . COOKIEHASH ] ); 610 $comment_author_email = wp_unslash( $comment_author_email ); 611 $comment_author_email = esc_attr( $comment_author_email ); 612 613 $_COOKIE[ 'comment_author_email_' . COOKIEHASH ] = $comment_author_email; 614 } 615 616 if ( isset( $_COOKIE[ 'comment_author_url_' . COOKIEHASH ] ) ) { 617 /** 618 * Filters the comment author's URL cookie before it is set. 619 * 620 * When this filter hook is evaluated in wp_filter_comment(), 621 * the comment author's URL string is passed. 622 * 623 * @since 1.5.0 624 * 625 * @param string $author_url_cookie The comment author URL cookie. 626 */ 627 $comment_author_url = apply_filters( 'pre_comment_author_url', $_COOKIE[ 'comment_author_url_' . COOKIEHASH ] ); 628 $comment_author_url = wp_unslash( $comment_author_url ); 629 630 $_COOKIE[ 'comment_author_url_' . COOKIEHASH ] = $comment_author_url; 631 } 632 } 633 634 /** 635 * Validates whether this comment is allowed to be made. 636 * 637 * @since 2.0.0 638 * @since 4.7.0 The `$avoid_die` parameter was added, allowing the function 639 * to return a WP_Error object instead of dying. 640 * @since 5.5.0 The `$avoid_die` parameter was renamed to `$wp_error`. 641 * 642 * @global wpdb $wpdb WordPress database abstraction object. 643 * 644 * @param array $commentdata Contains information on the comment. 645 * @param bool $wp_error When true, a disallowed comment will result in the function 646 * returning a WP_Error object, rather than executing wp_die(). 647 * Default false. 648 * @return int|string|WP_Error Allowed comments return the approval status (0|1|'spam'|'trash'). 649 * If `$wp_error` is true, disallowed comments return a WP_Error. 650 */ 651 function wp_allow_comment( $commentdata, $wp_error = false ) { 652 global $wpdb; 653 654 /* 655 * Simple duplicate check. 656 * expected_slashed ($comment_post_ID, $comment_author, $comment_author_email, $comment_content) 657 */ 658 $dupe = $wpdb->prepare( 659 "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_parent = %s AND comment_approved != 'trash' AND ( comment_author = %s ", 660 wp_unslash( $commentdata['comment_post_ID'] ), 661 wp_unslash( $commentdata['comment_parent'] ), 662 wp_unslash( $commentdata['comment_author'] ) 663 ); 664 if ( $commentdata['comment_author_email'] ) { 665 $dupe .= $wpdb->prepare( 666 'AND comment_author_email = %s ', 667 wp_unslash( $commentdata['comment_author_email'] ) 668 ); 669 } 670 $dupe .= $wpdb->prepare( 671 ') AND comment_content = %s LIMIT 1', 672 wp_unslash( $commentdata['comment_content'] ) 673 ); 674 675 $dupe_id = $wpdb->get_var( $dupe ); 676 677 /** 678 * Filters the ID, if any, of the duplicate comment found when creating a new comment. 679 * 680 * Return an empty value from this filter to allow what WP considers a duplicate comment. 681 * 682 * @since 4.4.0 683 * 684 * @param int $dupe_id ID of the comment identified as a duplicate. 685 * @param array $commentdata Data for the comment being created. 686 */ 687 $dupe_id = apply_filters( 'duplicate_comment_id', $dupe_id, $commentdata ); 688 689 if ( $dupe_id ) { 690 /** 691 * Fires immediately after a duplicate comment is detected. 692 * 693 * @since 3.0.0 694 * 695 * @param array $commentdata Comment data. 696 */ 697 do_action( 'comment_duplicate_trigger', $commentdata ); 698 699 /** 700 * Filters duplicate comment error message. 701 * 702 * @since 5.2.0 703 * 704 * @param string $comment_duplicate_message Duplicate comment error message. 705 */ 706 $comment_duplicate_message = apply_filters( 'comment_duplicate_message', __( 'Duplicate comment detected; it looks as though you’ve already said that!' ) ); 707 708 if ( $wp_error ) { 709 return new WP_Error( 'comment_duplicate', $comment_duplicate_message, 409 ); 710 } else { 711 if ( wp_doing_ajax() ) { 712 die( $comment_duplicate_message ); 713 } 714 715 wp_die( $comment_duplicate_message, 409 ); 716 } 717 } 718 719 /** 720 * Fires immediately before a comment is marked approved. 721 * 722 * Allows checking for comment flooding. 723 * 724 * @since 2.3.0 725 * @since 4.7.0 The `$avoid_die` parameter was added. 726 * @since 5.5.0 The `$avoid_die` parameter was renamed to `$wp_error`. 727 * 728 * @param string $comment_author_ip Comment author's IP address. 729 * @param string $comment_author_email Comment author's email. 730 * @param string $comment_date_gmt GMT date the comment was posted. 731 * @param bool $wp_error Whether to return a WP_Error object instead of executing 732 * wp_die() or die() if a comment flood is occurring. 733 */ 734 do_action( 735 'check_comment_flood', 736 $commentdata['comment_author_IP'], 737 $commentdata['comment_author_email'], 738 $commentdata['comment_date_gmt'], 739 $wp_error 740 ); 741 742 /** 743 * Filters whether a comment is part of a comment flood. 744 * 745 * The default check is wp_check_comment_flood(). See check_comment_flood_db(). 746 * 747 * @since 4.7.0 748 * @since 5.5.0 The `$avoid_die` parameter was renamed to `$wp_error`. 749 * 750 * @param bool $is_flood Is a comment flooding occurring? Default false. 751 * @param string $comment_author_ip Comment author's IP address. 752 * @param string $comment_author_email Comment author's email. 753 * @param string $comment_date_gmt GMT date the comment was posted. 754 * @param bool $wp_error Whether to return a WP_Error object instead of executing 755 * wp_die() or die() if a comment flood is occurring. 756 */ 757 $is_flood = apply_filters( 758 'wp_is_comment_flood', 759 false, 760 $commentdata['comment_author_IP'], 761 $commentdata['comment_author_email'], 762 $commentdata['comment_date_gmt'], 763 $wp_error 764 ); 765 766 if ( $is_flood ) { 767 /** This filter is documented in wp-includes/comment-template.php */ 768 $comment_flood_message = apply_filters( 'comment_flood_message', __( 'You are posting comments too quickly. Slow down.' ) ); 769 770 return new WP_Error( 'comment_flood', $comment_flood_message, 429 ); 771 } 772 773 if ( ! empty( $commentdata['user_id'] ) ) { 774 $user = get_userdata( $commentdata['user_id'] ); 775 $post_author = $wpdb->get_var( 776 $wpdb->prepare( 777 "SELECT post_author FROM $wpdb->posts WHERE ID = %d LIMIT 1", 778 $commentdata['comment_post_ID'] 779 ) 780 ); 781 } 782 783 if ( isset( $user ) && ( $commentdata['user_id'] == $post_author || $user->has_cap( 'moderate_comments' ) ) ) { 784 // The author and the admins get respect. 785 $approved = 1; 786 } else { 787 // Everyone else's comments will be checked. 788 if ( check_comment( 789 $commentdata['comment_author'], 790 $commentdata['comment_author_email'], 791 $commentdata['comment_author_url'], 792 $commentdata['comment_content'], 793 $commentdata['comment_author_IP'], 794 $commentdata['comment_agent'], 795 $commentdata['comment_type'] 796 ) ) { 797 $approved = 1; 798 } else { 799 $approved = 0; 800 } 801 802 if ( wp_check_comment_disallowed_list( 803 $commentdata['comment_author'], 804 $commentdata['comment_author_email'], 805 $commentdata['comment_author_url'], 806 $commentdata['comment_content'], 807 $commentdata['comment_author_IP'], 808 $commentdata['comment_agent'] 809 ) ) { 810 $approved = EMPTY_TRASH_DAYS ? 'trash' : 'spam'; 811 } 812 } 813 814 /** 815 * Filters a comment's approval status before it is set. 816 * 817 * @since 2.1.0 818 * @since 4.9.0 Returning a WP_Error value from the filter will short-circuit comment insertion 819 * and allow skipping further processing. 820 * 821 * @param int|string|WP_Error $approved The approval status. Accepts 1, 0, 'spam', 'trash', 822 * or WP_Error. 823 * @param array $commentdata Comment data. 824 */ 825 return apply_filters( 'pre_comment_approved', $approved, $commentdata ); 826 } 827 828 /** 829 * Hooks WP's native database-based comment-flood check. 830 * 831 * This wrapper maintains backward compatibility with plugins that expect to 832 * be able to unhook the legacy check_comment_flood_db() function from 833 * 'check_comment_flood' using remove_action(). 834 * 835 * @since 2.3.0 836 * @since 4.7.0 Converted to be an add_filter() wrapper. 837 */ 838 function check_comment_flood_db() { 839 add_filter( 'wp_is_comment_flood', 'wp_check_comment_flood', 10, 5 ); 840 } 841 842 /** 843 * Checks whether comment flooding is occurring. 844 * 845 * Won't run, if current user can manage options, so to not block 846 * administrators. 847 * 848 * @since 4.7.0 849 * 850 * @global wpdb $wpdb WordPress database abstraction object. 851 * 852 * @param bool $is_flood Is a comment flooding occurring? 853 * @param string $ip Comment author's IP address. 854 * @param string $email Comment author's email address. 855 * @param string $date MySQL time string. 856 * @param bool $avoid_die When true, a disallowed comment will result in the function 857 * returning without executing wp_die() or die(). Default false. 858 * @return bool Whether comment flooding is occurring. 859 */ 860 function wp_check_comment_flood( $is_flood, $ip, $email, $date, $avoid_die = false ) { 861 global $wpdb; 862 863 // Another callback has declared a flood. Trust it. 864 if ( true === $is_flood ) { 865 return $is_flood; 866 } 867 868 // Don't throttle admins or moderators. 869 if ( current_user_can( 'manage_options' ) || current_user_can( 'moderate_comments' ) ) { 870 return false; 871 } 872 873 $hour_ago = gmdate( 'Y-m-d H:i:s', time() - HOUR_IN_SECONDS ); 874 875 if ( is_user_logged_in() ) { 876 $user = get_current_user_id(); 877 $check_column = '`user_id`'; 878 } else { 879 $user = $ip; 880 $check_column = '`comment_author_IP`'; 881 } 882 883 $sql = $wpdb->prepare( 884 "SELECT `comment_date_gmt` FROM `$wpdb->comments` WHERE `comment_date_gmt` >= %s AND ( $check_column = %s OR `comment_author_email` = %s ) ORDER BY `comment_date_gmt` DESC LIMIT 1", 885 $hour_ago, 886 $user, 887 $email 888 ); 889 890 $lasttime = $wpdb->get_var( $sql ); 891 892 if ( $lasttime ) { 893 $time_lastcomment = mysql2date( 'U', $lasttime, false ); 894 $time_newcomment = mysql2date( 'U', $date, false ); 895 896 /** 897 * Filters the comment flood status. 898 * 899 * @since 2.1.0 900 * 901 * @param bool $bool Whether a comment flood is occurring. Default false. 902 * @param int $time_lastcomment Timestamp of when the last comment was posted. 903 * @param int $time_newcomment Timestamp of when the new comment was posted. 904 */ 905 $flood_die = apply_filters( 'comment_flood_filter', false, $time_lastcomment, $time_newcomment ); 906 907 if ( $flood_die ) { 908 /** 909 * Fires before the comment flood message is triggered. 910 * 911 * @since 1.5.0 912 * 913 * @param int $time_lastcomment Timestamp of when the last comment was posted. 914 * @param int $time_newcomment Timestamp of when the new comment was posted. 915 */ 916 do_action( 'comment_flood_trigger', $time_lastcomment, $time_newcomment ); 917 918 if ( $avoid_die ) { 919 return true; 920 } else { 921 /** 922 * Filters the comment flood error message. 923 * 924 * @since 5.2.0 925 * 926 * @param string $comment_flood_message Comment flood error message. 927 */ 928 $comment_flood_message = apply_filters( 'comment_flood_message', __( 'You are posting comments too quickly. Slow down.' ) ); 929 930 if ( wp_doing_ajax() ) { 931 die( $comment_flood_message ); 932 } 933 934 wp_die( $comment_flood_message, 429 ); 935 } 936 } 937 } 938 939 return false; 940 } 941 942 /** 943 * Separates an array of comments into an array keyed by comment_type. 944 * 945 * @since 2.7.0 946 * 947 * @param WP_Comment[] $comments Array of comments 948 * @return WP_Comment[] Array of comments keyed by comment_type. 949 */ 950 function separate_comments( &$comments ) { 951 $comments_by_type = array( 952 'comment' => array(), 953 'trackback' => array(), 954 'pingback' => array(), 955 'pings' => array(), 956 ); 957 958 $count = count( $comments ); 959 960 for ( $i = 0; $i < $count; $i++ ) { 961 $type = $comments[ $i ]->comment_type; 962 963 if ( empty( $type ) ) { 964 $type = 'comment'; 965 } 966 967 $comments_by_type[ $type ][] = &$comments[ $i ]; 968 969 if ( 'trackback' === $type || 'pingback' === $type ) { 970 $comments_by_type['pings'][] = &$comments[ $i ]; 971 } 972 } 973 974 return $comments_by_type; 975 } 976 977 /** 978 * Calculates the total number of comment pages. 979 * 980 * @since 2.7.0 981 * 982 * @uses Walker_Comment 983 * 984 * @global WP_Query $wp_query WordPress Query object. 985 * 986 * @param WP_Comment[] $comments Optional. Array of WP_Comment objects. Defaults to `$wp_query->comments`. 987 * @param int $per_page Optional. Comments per page. Defaults to the value of `comments_per_page` 988 * query var, option of the same name, or 1 (in that order). 989 * @param bool $threaded Optional. Control over flat or threaded comments. Defaults to the value 990 * of `thread_comments` option. 991 * @return int Number of comment pages. 992 */ 993 function get_comment_pages_count( $comments = null, $per_page = null, $threaded = null ) { 994 global $wp_query; 995 996 if ( null === $comments && null === $per_page && null === $threaded && ! empty( $wp_query->max_num_comment_pages ) ) { 997 return $wp_query->max_num_comment_pages; 998 } 999 1000 if ( ( ! $comments || ! is_array( $comments ) ) && ! empty( $wp_query->comments ) ) { 1001 $comments = $wp_query->comments; 1002 } 1003 1004 if ( empty( $comments ) ) { 1005 return 0; 1006 } 1007 1008 if ( ! get_option( 'page_comments' ) ) { 1009 return 1; 1010 } 1011 1012 if ( ! isset( $per_page ) ) { 1013 $per_page = (int) get_query_var( 'comments_per_page' ); 1014 } 1015 if ( 0 === $per_page ) { 1016 $per_page = (int) get_option( 'comments_per_page' ); 1017 } 1018 if ( 0 === $per_page ) { 1019 return 1; 1020 } 1021 1022 if ( ! isset( $threaded ) ) { 1023 $threaded = get_option( 'thread_comments' ); 1024 } 1025 1026 if ( $threaded ) { 1027 $walker = new Walker_Comment(); 1028 $count = ceil( $walker->get_number_of_root_elements( $comments ) / $per_page ); 1029 } else { 1030 $count = ceil( count( $comments ) / $per_page ); 1031 } 1032 1033 return $count; 1034 } 1035 1036 /** 1037 * Calculates what page number a comment will appear on for comment paging. 1038 * 1039 * @since 2.7.0 1040 * 1041 * @global wpdb $wpdb WordPress database abstraction object. 1042 * 1043 * @param int $comment_id Comment ID. 1044 * @param array $args { 1045 * Array of optional arguments. 1046 * 1047 * @type string $type Limit paginated comments to those matching a given type. 1048 * Accepts 'comment', 'trackback', 'pingback', 'pings' 1049 * (trackbacks and pingbacks), or 'all'. Default 'all'. 1050 * @type int $per_page Per-page count to use when calculating pagination. 1051 * Defaults to the value of the 'comments_per_page' option. 1052 * @type int|string $max_depth If greater than 1, comment page will be determined 1053 * for the top-level parent `$comment_id`. 1054 * Defaults to the value of the 'thread_comments_depth' option. 1055 * } 1056 * @return int|null Comment page number or null on error. 1057 */ 1058 function get_page_of_comment( $comment_id, $args = array() ) { 1059 global $wpdb; 1060 1061 $page = null; 1062 1063 $comment = get_comment( $comment_id ); 1064 if ( ! $comment ) { 1065 return; 1066 } 1067 1068 $defaults = array( 1069 'type' => 'all', 1070 'page' => '', 1071 'per_page' => '', 1072 'max_depth' => '', 1073 ); 1074 $args = wp_parse_args( $args, $defaults ); 1075 $original_args = $args; 1076 1077 // Order of precedence: 1. `$args['per_page']`, 2. 'comments_per_page' query_var, 3. 'comments_per_page' option. 1078 if ( get_option( 'page_comments' ) ) { 1079 if ( '' === $args['per_page'] ) { 1080 $args['per_page'] = get_query_var( 'comments_per_page' ); 1081 } 1082 1083 if ( '' === $args['per_page'] ) { 1084 $args['per_page'] = get_option( 'comments_per_page' ); 1085 } 1086 } 1087 1088 if ( empty( $args['per_page'] ) ) { 1089 $args['per_page'] = 0; 1090 $args['page'] = 0; 1091 } 1092 1093 if ( $args['per_page'] < 1 ) { 1094 $page = 1; 1095 } 1096 1097 if ( null === $page ) { 1098 if ( '' === $args['max_depth'] ) { 1099 if ( get_option( 'thread_comments' ) ) { 1100 $args['max_depth'] = get_option( 'thread_comments_depth' ); 1101 } else { 1102 $args['max_depth'] = -1; 1103 } 1104 } 1105 1106 // Find this comment's top-level parent if threading is enabled. 1107 if ( $args['max_depth'] > 1 && 0 != $comment->comment_parent ) { 1108 return get_page_of_comment( $comment->comment_parent, $args ); 1109 } 1110 1111 $comment_args = array( 1112 'type' => $args['type'], 1113 'post_id' => $comment->comment_post_ID, 1114 'fields' => 'ids', 1115 'count' => true, 1116 'status' => 'approve', 1117 'parent' => 0, 1118 'date_query' => array( 1119 array( 1120 'column' => "$wpdb->comments.comment_date_gmt", 1121 'before' => $comment->comment_date_gmt, 1122 ), 1123 ), 1124 ); 1125 1126 if ( is_user_logged_in() ) { 1127 $comment_args['include_unapproved'] = array( get_current_user_id() ); 1128 } else { 1129 $unapproved_email = wp_get_unapproved_comment_author_email(); 1130 1131 if ( $unapproved_email ) { 1132 $comment_args['include_unapproved'] = array( $unapproved_email ); 1133 } 1134 } 1135 1136 /** 1137 * Filters the arguments used to query comments in get_page_of_comment(). 1138 * 1139 * @since 5.5.0 1140 * 1141 * @see WP_Comment_Query::__construct() 1142 * 1143 * @param array $comment_args { 1144 * Array of WP_Comment_Query arguments. 1145 * 1146 * @type string $type Limit paginated comments to those matching a given type. 1147 * Accepts 'comment', 'trackback', 'pingback', 'pings' 1148 * (trackbacks and pingbacks), or 'all'. Default 'all'. 1149 * @type int $post_id ID of the post. 1150 * @type string $fields Comment fields to return. 1151 * @type bool $count Whether to return a comment count (true) or array 1152 * of comment objects (false). 1153 * @type string $status Comment status. 1154 * @type int $parent Parent ID of comment to retrieve children of. 1155 * @type array $date_query Date query clauses to limit comments by. See WP_Date_Query. 1156 * @type array $include_unapproved Array of IDs or email addresses whose unapproved comments 1157 * will be included in paginated comments. 1158 * } 1159 */ 1160 $comment_args = apply_filters( 'get_page_of_comment_query_args', $comment_args ); 1161 1162 $comment_query = new WP_Comment_Query(); 1163 $older_comment_count = $comment_query->query( $comment_args ); 1164 1165 // No older comments? Then it's page #1. 1166 if ( 0 == $older_comment_count ) { 1167 $page = 1; 1168 1169 // Divide comments older than this one by comments per page to get this comment's page number. 1170 } else { 1171 $page = ceil( ( $older_comment_count + 1 ) / $args['per_page'] ); 1172 } 1173 } 1174 1175 /** 1176 * Filters the calculated page on which a comment appears. 1177 * 1178 * @since 4.4.0 1179 * @since 4.7.0 Introduced the `$comment_id` parameter. 1180 * 1181 * @param int $page Comment page. 1182 * @param array $args { 1183 * Arguments used to calculate pagination. These include arguments auto-detected by the function, 1184 * based on query vars, system settings, etc. For pristine arguments passed to the function, 1185 * see `$original_args`. 1186 * 1187 * @type string $type Type of comments to count. 1188 * @type int $page Calculated current page. 1189 * @type int $per_page Calculated number of comments per page. 1190 * @type int $max_depth Maximum comment threading depth allowed. 1191 * } 1192 * @param array $original_args { 1193 * Array of arguments passed to the function. Some or all of these may not be set. 1194 * 1195 * @type string $type Type of comments to count. 1196 * @type int $page Current comment page. 1197 * @type int $per_page Number of comments per page. 1198 * @type int $max_depth Maximum comment threading depth allowed. 1199 * } 1200 * @param int $comment_id ID of the comment. 1201 */ 1202 return apply_filters( 'get_page_of_comment', (int) $page, $args, $original_args, $comment_id ); 1203 } 1204 1205 /** 1206 * Retrieves the maximum character lengths for the comment form fields. 1207 * 1208 * @since 4.5.0 1209 * 1210 * @global wpdb $wpdb WordPress database abstraction object. 1211 * 1212 * @return int[] Array of maximum lengths keyed by field name. 1213 */ 1214 function wp_get_comment_fields_max_lengths() { 1215 global $wpdb; 1216 1217 $lengths = array( 1218 'comment_author' => 245, 1219 'comment_author_email' => 100, 1220 'comment_author_url' => 200, 1221 'comment_content' => 65525, 1222 ); 1223 1224 if ( $wpdb->is_mysql ) { 1225 foreach ( $lengths as $column => $length ) { 1226 $col_length = $wpdb->get_col_length( $wpdb->comments, $column ); 1227 $max_length = 0; 1228 1229 // No point if we can't get the DB column lengths. 1230 if ( is_wp_error( $col_length ) ) { 1231 break; 1232 } 1233 1234 if ( ! is_array( $col_length ) && (int) $col_length > 0 ) { 1235 $max_length = (int) $col_length; 1236 } elseif ( is_array( $col_length ) && isset( $col_length['length'] ) && (int) $col_length['length'] > 0 ) { 1237 $max_length = (int) $col_length['length']; 1238 1239 if ( ! empty( $col_length['type'] ) && 'byte' === $col_length['type'] ) { 1240 $max_length = $max_length - 10; 1241 } 1242 } 1243 1244 if ( $max_length > 0 ) { 1245 $lengths[ $column ] = $max_length; 1246 } 1247 } 1248 } 1249 1250 /** 1251 * Filters the lengths for the comment form fields. 1252 * 1253 * @since 4.5.0 1254 * 1255 * @param int[] $lengths Array of maximum lengths keyed by field name. 1256 */ 1257 return apply_filters( 'wp_get_comment_fields_max_lengths', $lengths ); 1258 } 1259 1260 /** 1261 * Compares the lengths of comment data against the maximum character limits. 1262 * 1263 * @since 4.7.0 1264 * 1265 * @param array $comment_data Array of arguments for inserting a comment. 1266 * @return WP_Error|true WP_Error when a comment field exceeds the limit, 1267 * otherwise true. 1268 */ 1269 function wp_check_comment_data_max_lengths( $comment_data ) { 1270 $max_lengths = wp_get_comment_fields_max_lengths(); 1271 1272 if ( isset( $comment_data['comment_author'] ) && mb_strlen( $comment_data['comment_author'], '8bit' ) > $max_lengths['comment_author'] ) { 1273 return new WP_Error( 'comment_author_column_length', __( '<strong>Error:</strong> Your name is too long.' ), 200 ); 1274 } 1275 1276 if ( isset( $comment_data['comment_author_email'] ) && strlen( $comment_data['comment_author_email'] ) > $max_lengths['comment_author_email'] ) { 1277 return new WP_Error( 'comment_author_email_column_length', __( '<strong>Error:</strong> Your email address is too long.' ), 200 ); 1278 } 1279 1280 if ( isset( $comment_data['comment_author_url'] ) && strlen( $comment_data['comment_author_url'] ) > $max_lengths['comment_author_url'] ) { 1281 return new WP_Error( 'comment_author_url_column_length', __( '<strong>Error:</strong> Your URL is too long.' ), 200 ); 1282 } 1283 1284 if ( isset( $comment_data['comment_content'] ) && mb_strlen( $comment_data['comment_content'], '8bit' ) > $max_lengths['comment_content'] ) { 1285 return new WP_Error( 'comment_content_column_length', __( '<strong>Error:</strong> Your comment is too long.' ), 200 ); 1286 } 1287 1288 return true; 1289 } 1290 1291 /** 1292 * Checks if a comment contains disallowed characters or words. 1293 * 1294 * @since 5.5.0 1295 * 1296 * @param string $author The author of the comment 1297 * @param string $email The email of the comment 1298 * @param string $url The url used in the comment 1299 * @param string $comment The comment content 1300 * @param string $user_ip The comment author's IP address 1301 * @param string $user_agent The author's browser user agent 1302 * @return bool True if comment contains disallowed content, false if comment does not 1303 */ 1304 function wp_check_comment_disallowed_list( $author, $email, $url, $comment, $user_ip, $user_agent ) { 1305 /** 1306 * Fires before the comment is tested for disallowed characters or words. 1307 * 1308 * @since 1.5.0 1309 * @deprecated 5.5.0 Use {@see 'wp_check_comment_disallowed_list'} instead. 1310 * 1311 * @param string $author Comment author. 1312 * @param string $email Comment author's email. 1313 * @param string $url Comment author's URL. 1314 * @param string $comment Comment content. 1315 * @param string $user_ip Comment author's IP address. 1316 * @param string $user_agent Comment author's browser user agent. 1317 */ 1318 do_action_deprecated( 1319 'wp_blacklist_check', 1320 array( $author, $email, $url, $comment, $user_ip, $user_agent ), 1321 '5.5.0', 1322 'wp_check_comment_disallowed_list', 1323 __( 'Please consider writing more inclusive code.' ) 1324 ); 1325 1326 /** 1327 * Fires before the comment is tested for disallowed characters or words. 1328 * 1329 * @since 5.5.0 1330 * 1331 * @param string $author Comment author. 1332 * @param string $email Comment author's email. 1333 * @param string $url Comment author's URL. 1334 * @param string $comment Comment content. 1335 * @param string $user_ip Comment author's IP address. 1336 * @param string $user_agent Comment author's browser user agent. 1337 */ 1338 do_action( 'wp_check_comment_disallowed_list', $author, $email, $url, $comment, $user_ip, $user_agent ); 1339 1340 $mod_keys = trim( get_option( 'disallowed_keys' ) ); 1341 if ( '' === $mod_keys ) { 1342 return false; // If moderation keys are empty. 1343 } 1344 1345 // Ensure HTML tags are not being used to bypass the list of disallowed characters and words. 1346 $comment_without_html = wp_strip_all_tags( $comment ); 1347 1348 $words = explode( "\n", $mod_keys ); 1349 1350 foreach ( (array) $words as $word ) { 1351 $word = trim( $word ); 1352 1353 // Skip empty lines. 1354 if ( empty( $word ) ) { 1355 continue; } 1356 1357 // Do some escaping magic so that '#' chars in the spam words don't break things: 1358 $word = preg_quote( $word, '#' ); 1359 1360 $pattern = "#$word#iu"; 1361 if ( preg_match( $pattern, $author ) 1362 || preg_match( $pattern, $email ) 1363 || preg_match( $pattern, $url ) 1364 || preg_match( $pattern, $comment ) 1365 || preg_match( $pattern, $comment_without_html ) 1366 || preg_match( $pattern, $user_ip ) 1367 || preg_match( $pattern, $user_agent ) 1368 ) { 1369 return true; 1370 } 1371 } 1372 return false; 1373 } 1374 1375 /** 1376 * Retrieves the total comment counts for the whole site or a single post. 1377 * 1378 * The comment stats are cached and then retrieved, if they already exist in the 1379 * cache. 1380 * 1381 * @see get_comment_count() Which handles fetching the live comment counts. 1382 * 1383 * @since 2.5.0 1384 * 1385 * @param int $post_id Optional. Restrict the comment counts to the given post. Default 0, which indicates that 1386 * comment counts for the whole site will be retrieved. 1387 * @return stdClass { 1388 * The number of comments keyed by their status. 1389 * 1390 * @type int $approved The number of approved comments. 1391 * @type int $moderated The number of comments awaiting moderation (a.k.a. pending). 1392 * @type int $spam The number of spam comments. 1393 * @type int $trash The number of trashed comments. 1394 * @type int $post-trashed The number of comments for posts that are in the trash. 1395 * @type int $total_comments The total number of non-trashed comments, including spam. 1396 * @type int $all The total number of pending or approved comments. 1397 * } 1398 */ 1399 function wp_count_comments( $post_id = 0 ) { 1400 $post_id = (int) $post_id; 1401 1402 /** 1403 * Filters the comments count for a given post or the whole site. 1404 * 1405 * @since 2.7.0 1406 * 1407 * @param array|stdClass $count An empty array or an object containing comment counts. 1408 * @param int $post_id The post ID. Can be 0 to represent the whole site. 1409 */ 1410 $filtered = apply_filters( 'wp_count_comments', array(), $post_id ); 1411 if ( ! empty( $filtered ) ) { 1412 return $filtered; 1413 } 1414 1415 $count = wp_cache_get( "comments-{$post_id}", 'counts' ); 1416 if ( false !== $count ) { 1417 return $count; 1418 } 1419 1420 $stats = get_comment_count( $post_id ); 1421 $stats['moderated'] = $stats['awaiting_moderation']; 1422 unset( $stats['awaiting_moderation'] ); 1423 1424 $stats_object = (object) $stats; 1425 wp_cache_set( "comments-{$post_id}", $stats_object, 'counts' ); 1426 1427 return $stats_object; 1428 } 1429 1430 /** 1431 * Trashes or deletes a comment. 1432 * 1433 * The comment is moved to Trash instead of permanently deleted unless Trash is 1434 * disabled, item is already in the Trash, or $force_delete is true. 1435 * 1436 * The post comment count will be updated if the comment was approved and has a 1437 * post ID available. 1438 * 1439 * @since 2.0.0 1440 * 1441 * @global wpdb $wpdb WordPress database abstraction object. 1442 * 1443 * @param int|WP_Comment $comment_id Comment ID or WP_Comment object. 1444 * @param bool $force_delete Whether to bypass Trash and force deletion. Default false. 1445 * @return bool True on success, false on failure. 1446 */ 1447 function wp_delete_comment( $comment_id, $force_delete = false ) { 1448 global $wpdb; 1449 1450 $comment = get_comment( $comment_id ); 1451 if ( ! $comment ) { 1452 return false; 1453 } 1454 1455 if ( ! $force_delete && EMPTY_TRASH_DAYS && ! in_array( wp_get_comment_status( $comment ), array( 'trash', 'spam' ), true ) ) { 1456 return wp_trash_comment( $comment_id ); 1457 } 1458 1459 /** 1460 * Fires immediately before a comment is deleted from the database. 1461 * 1462 * @since 1.2.0 1463 * @since 4.9.0 Added the `$comment` parameter. 1464 * 1465 * @param string $comment_id The comment ID as a numeric string. 1466 * @param WP_Comment $comment The comment to be deleted. 1467 */ 1468 do_action( 'delete_comment', $comment->comment_ID, $comment ); 1469 1470 // Move children up a level. 1471 $children = $wpdb->get_col( $wpdb->prepare( "SELECT comment_ID FROM $wpdb->comments WHERE comment_parent = %d", $comment->comment_ID ) ); 1472 if ( ! empty( $children ) ) { 1473 $wpdb->update( $wpdb->comments, array( 'comment_parent' => $comment->comment_parent ), array( 'comment_parent' => $comment->comment_ID ) ); 1474 clean_comment_cache( $children ); 1475 } 1476 1477 // Delete metadata. 1478 $meta_ids = $wpdb->get_col( $wpdb->prepare( "SELECT meta_id FROM $wpdb->commentmeta WHERE comment_id = %d", $comment->comment_ID ) ); 1479 foreach ( $meta_ids as $mid ) { 1480 delete_metadata_by_mid( 'comment', $mid ); 1481 } 1482 1483 if ( ! $wpdb->delete( $wpdb->comments, array( 'comment_ID' => $comment->comment_ID ) ) ) { 1484 return false; 1485 } 1486 1487 /** 1488 * Fires immediately after a comment is deleted from the database. 1489 * 1490 * @since 2.9.0 1491 * @since 4.9.0 Added the `$comment` parameter. 1492 * 1493 * @param string $comment_id The comment ID as a numeric string. 1494 * @param WP_Comment $comment The deleted comment. 1495 */ 1496 do_action( 'deleted_comment', $comment->comment_ID, $comment ); 1497 1498 $post_id = $comment->comment_post_ID; 1499 if ( $post_id && 1 == $comment->comment_approved ) { 1500 wp_update_comment_count( $post_id ); 1501 } 1502 1503 clean_comment_cache( $comment->comment_ID ); 1504 1505 /** This action is documented in wp-includes/comment.php */ 1506 do_action( 'wp_set_comment_status', $comment->comment_ID, 'delete' ); 1507 1508 wp_transition_comment_status( 'delete', $comment->comment_approved, $comment ); 1509 1510 return true; 1511 } 1512 1513 /** 1514 * Moves a comment to the Trash 1515 * 1516 * If Trash is disabled, comment is permanently deleted. 1517 * 1518 * @since 2.9.0 1519 * 1520 * @param int|WP_Comment $comment_id Comment ID or WP_Comment object. 1521 * @return bool True on success, false on failure. 1522 */ 1523 function wp_trash_comment( $comment_id ) { 1524 if ( ! EMPTY_TRASH_DAYS ) { 1525 return wp_delete_comment( $comment_id, true ); 1526 } 1527 1528 $comment = get_comment( $comment_id ); 1529 if ( ! $comment ) { 1530 return false; 1531 } 1532 1533 /** 1534 * Fires immediately before a comment is sent to the Trash. 1535 * 1536 * @since 2.9.0 1537 * @since 4.9.0 Added the `$comment` parameter. 1538 * 1539 * @param string $comment_id The comment ID as a numeric string. 1540 * @param WP_Comment $comment The comment to be trashed. 1541 */ 1542 do_action( 'trash_comment', $comment->comment_ID, $comment ); 1543 1544 if ( wp_set_comment_status( $comment, 'trash' ) ) { 1545 delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_status' ); 1546 delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_time' ); 1547 add_comment_meta( $comment->comment_ID, '_wp_trash_meta_status', $comment->comment_approved ); 1548 add_comment_meta( $comment->comment_ID, '_wp_trash_meta_time', time() ); 1549 1550 /** 1551 * Fires immediately after a comment is sent to Trash. 1552 * 1553 * @since 2.9.0 1554 * @since 4.9.0 Added the `$comment` parameter. 1555 * 1556 * @param string $comment_id The comment ID as a numeric string. 1557 * @param WP_Comment $comment The trashed comment. 1558 */ 1559 do_action( 'trashed_comment', $comment->comment_ID, $comment ); 1560 1561 return true; 1562 } 1563 1564 return false; 1565 } 1566 1567 /** 1568 * Removes a comment from the Trash 1569 * 1570 * @since 2.9.0 1571 * 1572 * @param int|WP_Comment $comment_id Comment ID or WP_Comment object. 1573 * @return bool True on success, false on failure. 1574 */ 1575 function wp_untrash_comment( $comment_id ) { 1576 $comment = get_comment( $comment_id ); 1577 if ( ! $comment ) { 1578 return false; 1579 } 1580 1581 /** 1582 * Fires immediately before a comment is restored from the Trash. 1583 * 1584 * @since 2.9.0 1585 * @since 4.9.0 Added the `$comment` parameter. 1586 * 1587 * @param string $comment_id The comment ID as a numeric string. 1588 * @param WP_Comment $comment The comment to be untrashed. 1589 */ 1590 do_action( 'untrash_comment', $comment->comment_ID, $comment ); 1591 1592 $status = (string) get_comment_meta( $comment->comment_ID, '_wp_trash_meta_status', true ); 1593 if ( empty( $status ) ) { 1594 $status = '0'; 1595 } 1596 1597 if ( wp_set_comment_status( $comment, $status ) ) { 1598 delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_time' ); 1599 delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_status' ); 1600 1601 /** 1602 * Fires immediately after a comment is restored from the Trash. 1603 * 1604 * @since 2.9.0 1605 * @since 4.9.0 Added the `$comment` parameter. 1606 * 1607 * @param string $comment_id The comment ID as a numeric string. 1608 * @param WP_Comment $comment The untrashed comment. 1609 */ 1610 do_action( 'untrashed_comment', $comment->comment_ID, $comment ); 1611 1612 return true; 1613 } 1614 1615 return false; 1616 } 1617 1618 /** 1619 * Marks a comment as Spam. 1620 * 1621 * @since 2.9.0 1622 * 1623 * @param int|WP_Comment $comment_id Comment ID or WP_Comment object. 1624 * @return bool True on success, false on failure. 1625 */ 1626 function wp_spam_comment( $comment_id ) { 1627 $comment = get_comment( $comment_id ); 1628 if ( ! $comment ) { 1629 return false; 1630 } 1631 1632 /** 1633 * Fires immediately before a comment is marked as Spam. 1634 * 1635 * @since 2.9.0 1636 * @since 4.9.0 Added the `$comment` parameter. 1637 * 1638 * @param int $comment_id The comment ID. 1639 * @param WP_Comment $comment The comment to be marked as spam. 1640 */ 1641 do_action( 'spam_comment', $comment->comment_ID, $comment ); 1642 1643 if ( wp_set_comment_status( $comment, 'spam' ) ) { 1644 delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_status' ); 1645 delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_time' ); 1646 add_comment_meta( $comment->comment_ID, '_wp_trash_meta_status', $comment->comment_approved ); 1647 add_comment_meta( $comment->comment_ID, '_wp_trash_meta_time', time() ); 1648 1649 /** 1650 * Fires immediately after a comment is marked as Spam. 1651 * 1652 * @since 2.9.0 1653 * @since 4.9.0 Added the `$comment` parameter. 1654 * 1655 * @param int $comment_id The comment ID. 1656 * @param WP_Comment $comment The comment marked as spam. 1657 */ 1658 do_action( 'spammed_comment', $comment->comment_ID, $comment ); 1659 1660 return true; 1661 } 1662 1663 return false; 1664 } 1665 1666 /** 1667 * Removes a comment from the Spam. 1668 * 1669 * @since 2.9.0 1670 * 1671 * @param int|WP_Comment $comment_id Comment ID or WP_Comment object. 1672 * @return bool True on success, false on failure. 1673 */ 1674 function wp_unspam_comment( $comment_id ) { 1675 $comment = get_comment( $comment_id ); 1676 if ( ! $comment ) { 1677 return false; 1678 } 1679 1680 /** 1681 * Fires immediately before a comment is unmarked as Spam. 1682 * 1683 * @since 2.9.0 1684 * @since 4.9.0 Added the `$comment` parameter. 1685 * 1686 * @param string $comment_id The comment ID as a numeric string. 1687 * @param WP_Comment $comment The comment to be unmarked as spam. 1688 */ 1689 do_action( 'unspam_comment', $comment->comment_ID, $comment ); 1690 1691 $status = (string) get_comment_meta( $comment->comment_ID, '_wp_trash_meta_status', true ); 1692 if ( empty( $status ) ) { 1693 $status = '0'; 1694 } 1695 1696 if ( wp_set_comment_status( $comment, $status ) ) { 1697 delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_status' ); 1698 delete_comment_meta( $comment->comment_ID, '_wp_trash_meta_time' ); 1699 1700 /** 1701 * Fires immediately after a comment is unmarked as Spam. 1702 * 1703 * @since 2.9.0 1704 * @since 4.9.0 Added the `$comment` parameter. 1705 * 1706 * @param string $comment_id The comment ID as a numeric string. 1707 * @param WP_Comment $comment The comment unmarked as spam. 1708 */ 1709 do_action( 'unspammed_comment', $comment->comment_ID, $comment ); 1710 1711 return true; 1712 } 1713 1714 return false; 1715 } 1716 1717 /** 1718 * Retrieves the status of a comment by comment ID. 1719 * 1720 * @since 1.0.0 1721 * 1722 * @param int|WP_Comment $comment_id Comment ID or WP_Comment object 1723 * @return string|false Status might be 'trash', 'approved', 'unapproved', 'spam'. False on failure. 1724 */ 1725 function wp_get_comment_status( $comment_id ) { 1726 $comment = get_comment( $comment_id ); 1727 if ( ! $comment ) { 1728 return false; 1729 } 1730 1731 $approved = $comment->comment_approved; 1732 1733 if ( null == $approved ) { 1734 return false; 1735 } elseif ( '1' == $approved ) { 1736 return 'approved'; 1737 } elseif ( '0' == $approved ) { 1738 return 'unapproved'; 1739 } elseif ( 'spam' === $approved ) { 1740 return 'spam'; 1741 } elseif ( 'trash' === $approved ) { 1742 return 'trash'; 1743 } else { 1744 return false; 1745 } 1746 } 1747 1748 /** 1749 * Calls hooks for when a comment status transition occurs. 1750 * 1751 * Calls hooks for comment status transitions. If the new comment status is not the same 1752 * as the previous comment status, then two hooks will be ran, the first is 1753 * {@see 'transition_comment_status'} with new status, old status, and comment data. 1754 * The next action called is {@see 'comment_$old_status_to_$new_status'}. It has 1755 * the comment data. 1756 * 1757 * The final action will run whether or not the comment statuses are the same. 1758 * The action is named {@see 'comment_$new_status_$comment->comment_type'}. 1759 * 1760 * @since 2.7.0 1761 * 1762 * @param string $new_status New comment status. 1763 * @param string $old_status Previous comment status. 1764 * @param WP_Comment $comment Comment object. 1765 */ 1766 function wp_transition_comment_status( $new_status, $old_status, $comment ) { 1767 /* 1768 * Translate raw statuses to human-readable formats for the hooks. 1769 * This is not a complete list of comment status, it's only the ones 1770 * that need to be renamed. 1771 */ 1772 $comment_statuses = array( 1773 0 => 'unapproved', 1774 'hold' => 'unapproved', // wp_set_comment_status() uses "hold". 1775 1 => 'approved', 1776 'approve' => 'approved', // wp_set_comment_status() uses "approve". 1777 ); 1778 if ( isset( $comment_statuses[ $new_status ] ) ) { 1779 $new_status = $comment_statuses[ $new_status ]; 1780 } 1781 if ( isset( $comment_statuses[ $old_status ] ) ) { 1782 $old_status = $comment_statuses[ $old_status ]; 1783 } 1784 1785 // Call the hooks. 1786 if ( $new_status != $old_status ) { 1787 /** 1788 * Fires when the comment status is in transition. 1789 * 1790 * @since 2.7.0 1791 * 1792 * @param int|string $new_status The new comment status. 1793 * @param int|string $old_status The old comment status. 1794 * @param WP_Comment $comment Comment object. 1795 */ 1796 do_action( 'transition_comment_status', $new_status, $old_status, $comment ); 1797 /** 1798 * Fires when the comment status is in transition from one specific status to another. 1799 * 1800 * The dynamic portions of the hook name, `$old_status`, and `$new_status`, 1801 * refer to the old and new comment statuses, respectively. 1802 * 1803 * Possible hook names include: 1804 * 1805 * - `comment_unapproved_to_approved` 1806 * - `comment_spam_to_approved` 1807 * - `comment_approved_to_unapproved` 1808 * - `comment_spam_to_unapproved` 1809 * - `comment_unapproved_to_spam` 1810 * - `comment_approved_to_spam` 1811 * 1812 * @since 2.7.0 1813 * 1814 * @param WP_Comment $comment Comment object. 1815 */ 1816 do_action( "comment_{$old_status}_to_{$new_status}", $comment ); 1817 } 1818 /** 1819 * Fires when the status of a specific comment type is in transition. 1820 * 1821 * The dynamic portions of the hook name, `$new_status`, and `$comment->comment_type`, 1822 * refer to the new comment status, and the type of comment, respectively. 1823 * 1824 * Typical comment types include 'comment', 'pingback', or 'trackback'. 1825 * 1826 * Possible hook names include: 1827 * 1828 * - `comment_approved_comment` 1829 * - `comment_approved_pingback` 1830 * - `comment_approved_trackback` 1831 * - `comment_unapproved_comment` 1832 * - `comment_unapproved_pingback` 1833 * - `comment_unapproved_trackback` 1834 * - `comment_spam_comment` 1835 * - `comment_spam_pingback` 1836 * - `comment_spam_trackback` 1837 * 1838 * @since 2.7.0 1839 * 1840 * @param string $comment_id The comment ID as a numeric string. 1841 * @param WP_Comment $comment Comment object. 1842 */ 1843 do_action( "comment_{$new_status}_{$comment->comment_type}", $comment->comment_ID, $comment ); 1844 } 1845 1846 /** 1847 * Clears the lastcommentmodified cached value when a comment status is changed. 1848 * 1849 * Deletes the lastcommentmodified cache key when a comment enters or leaves 1850 * 'approved' status. 1851 * 1852 * @since 4.7.0 1853 * @access private 1854 * 1855 * @param string $new_status The new comment status. 1856 * @param string $old_status The old comment status. 1857 */ 1858 function _clear_modified_cache_on_transition_comment_status( $new_status, $old_status ) { 1859 if ( 'approved' === $new_status || 'approved' === $old_status ) { 1860 $data = array(); 1861 foreach ( array( 'server', 'gmt', 'blog' ) as $timezone ) { 1862 $data[] = "lastcommentmodified:$timezone"; 1863 } 1864 wp_cache_delete_multiple( $data, 'timeinfo' ); 1865 } 1866 } 1867 1868 /** 1869 * Gets current commenter's name, email, and URL. 1870 * 1871 * Expects cookies content to already be sanitized. User of this function might 1872 * wish to recheck the returned array for validity. 1873 * 1874 * @see sanitize_comment_cookies() Use to sanitize cookies 1875 * 1876 * @since 2.0.4 1877 * 1878 * @return array { 1879 * An array of current commenter variables. 1880 * 1881 * @type string $comment_author The name of the current commenter, or an empty string. 1882 * @type string $comment_author_email The email address of the current commenter, or an empty string. 1883 * @type string $comment_author_url The URL address of the current commenter, or an empty string. 1884 * } 1885 */ 1886 function wp_get_current_commenter() { 1887 // Cookies should already be sanitized. 1888 1889 $comment_author = ''; 1890 if ( isset( $_COOKIE[ 'comment_author_' . COOKIEHASH ] ) ) { 1891 $comment_author = $_COOKIE[ 'comment_author_' . COOKIEHASH ]; 1892 } 1893 1894 $comment_author_email = ''; 1895 if ( isset( $_COOKIE[ 'comment_author_email_' . COOKIEHASH ] ) ) { 1896 $comment_author_email = $_COOKIE[ 'comment_author_email_' . COOKIEHASH ]; 1897 } 1898 1899 $comment_author_url = ''; 1900 if ( isset( $_COOKIE[ 'comment_author_url_' . COOKIEHASH ] ) ) { 1901 $comment_author_url = $_COOKIE[ 'comment_author_url_' . COOKIEHASH ]; 1902 } 1903 1904 /** 1905 * Filters the current commenter's name, email, and URL. 1906 * 1907 * @since 3.1.0 1908 * 1909 * @param array $comment_author_data { 1910 * An array of current commenter variables. 1911 * 1912 * @type string $comment_author The name of the current commenter, or an empty string. 1913 * @type string $comment_author_email The email address of the current commenter, or an empty string. 1914 * @type string $comment_author_url The URL address of the current commenter, or an empty string. 1915 * } 1916 */ 1917 return apply_filters( 'wp_get_current_commenter', compact( 'comment_author', 'comment_author_email', 'comment_author_url' ) ); 1918 } 1919 1920 /** 1921 * Gets unapproved comment author's email. 1922 * 1923 * Used to allow the commenter to see their pending comment. 1924 * 1925 * @since 5.1.0 1926 * @since 5.7.0 The window within which the author email for an unapproved comment 1927 * can be retrieved was extended to 10 minutes. 1928 * 1929 * @return string The unapproved comment author's email (when supplied). 1930 */ 1931 function wp_get_unapproved_comment_author_email() { 1932 $commenter_email = ''; 1933 1934 if ( ! empty( $_GET['unapproved'] ) && ! empty( $_GET['moderation-hash'] ) ) { 1935 $comment_id = (int) $_GET['unapproved']; 1936 $comment = get_comment( $comment_id ); 1937 1938 if ( $comment && hash_equals( $_GET['moderation-hash'], wp_hash( $comment->comment_date_gmt ) ) ) { 1939 // The comment will only be viewable by the comment author for 10 minutes. 1940 $comment_preview_expires = strtotime( $comment->comment_date_gmt . '+10 minutes' ); 1941 1942 if ( time() < $comment_preview_expires ) { 1943 $commenter_email = $comment->comment_author_email; 1944 } 1945 } 1946 } 1947 1948 if ( ! $commenter_email ) { 1949 $commenter = wp_get_current_commenter(); 1950 $commenter_email = $commenter['comment_author_email']; 1951 } 1952 1953 return $commenter_email; 1954 } 1955 1956 /** 1957 * Inserts a comment into the database. 1958 * 1959 * @since 2.0.0 1960 * @since 4.4.0 Introduced the `$comment_meta` argument. 1961 * @since 5.5.0 Default value for `$comment_type` argument changed to `comment`. 1962 * 1963 * @global wpdb $wpdb WordPress database abstraction object. 1964 * 1965 * @param array $commentdata { 1966 * Array of arguments for inserting a new comment. 1967 * 1968 * @type string $comment_agent The HTTP user agent of the `$comment_author` when 1969 * the comment was submitted. Default empty. 1970 * @type int|string $comment_approved Whether the comment has been approved. Default 1. 1971 * @type string $comment_author The name of the author of the comment. Default empty. 1972 * @type string $comment_author_email The email address of the `$comment_author`. Default empty. 1973 * @type string $comment_author_IP The IP address of the `$comment_author`. Default empty. 1974 * @type string $comment_author_url The URL address of the `$comment_author`. Default empty. 1975 * @type string $comment_content The content of the comment. Default empty. 1976 * @type string $comment_date The date the comment was submitted. To set the date 1977 * manually, `$comment_date_gmt` must also be specified. 1978 * Default is the current time. 1979 * @type string $comment_date_gmt The date the comment was submitted in the GMT timezone. 1980 * Default is `$comment_date` in the site's GMT timezone. 1981 * @type int $comment_karma The karma of the comment. Default 0. 1982 * @type int $comment_parent ID of this comment's parent, if any. Default 0. 1983 * @type int $comment_post_ID ID of the post that relates to the comment, if any. 1984 * Default 0. 1985 * @type string $comment_type Comment type. Default 'comment'. 1986 * @type array $comment_meta Optional. Array of key/value pairs to be stored in commentmeta for the 1987 * new comment. 1988 * @type int $user_id ID of the user who submitted the comment. Default 0. 1989 * } 1990 * @return int|false The new comment's ID on success, false on failure. 1991 */ 1992 function wp_insert_comment( $commentdata ) { 1993 global $wpdb; 1994 1995 $data = wp_unslash( $commentdata ); 1996 1997 $comment_author = ! isset( $data['comment_author'] ) ? '' : $data['comment_author']; 1998 $comment_author_email = ! isset( $data['comment_author_email'] ) ? '' : $data['comment_author_email']; 1999 $comment_author_url = ! isset( $data['comment_author_url'] ) ? '' : $data['comment_author_url']; 2000 $comment_author_ip = ! isset( $data['comment_author_IP'] ) ? '' : $data['comment_author_IP']; 2001 2002 $comment_date = ! isset( $data['comment_date'] ) ? current_time( 'mysql' ) : $data['comment_date']; 2003 $comment_date_gmt = ! isset( $data['comment_date_gmt'] ) ? get_gmt_from_date( $comment_date ) : $data['comment_date_gmt']; 2004 2005 $comment_post_id = ! isset( $data['comment_post_ID'] ) ? 0 : $data['comment_post_ID']; 2006 $comment_content = ! isset( $data['comment_content'] ) ? '' : $data['comment_content']; 2007 $comment_karma = ! isset( $data['comment_karma'] ) ? 0 : $data['comment_karma']; 2008 $comment_approved = ! isset( $data['comment_approved'] ) ? 1 : $data['comment_approved']; 2009 $comment_agent = ! isset( $data['comment_agent'] ) ? '' : $data['comment_agent']; 2010 $comment_type = empty( $data['comment_type'] ) ? 'comment' : $data['comment_type']; 2011 $comment_parent = ! isset( $data['comment_parent'] ) ? 0 : $data['comment_parent']; 2012 2013 $user_id = ! isset( $data['user_id'] ) ? 0 : $data['user_id']; 2014 2015 $compacted = array( 2016 'comment_post_ID' => $comment_post_id, 2017 'comment_author_IP' => $comment_author_ip, 2018 ); 2019 2020 $compacted += compact( 2021 'comment_author', 2022 'comment_author_email', 2023 'comment_author_url', 2024 'comment_date', 2025 'comment_date_gmt', 2026 'comment_content', 2027 'comment_karma', 2028 'comment_approved', 2029 'comment_agent', 2030 'comment_type', 2031 'comment_parent', 2032 'user_id' 2033 ); 2034 2035 if ( ! $wpdb->insert( $wpdb->comments, $compacted ) ) { 2036 return false; 2037 } 2038 2039 $id = (int) $wpdb->insert_id; 2040 2041 if ( 1 == $comment_approved ) { 2042 wp_update_comment_count( $comment_post_id ); 2043 2044 $data = array(); 2045 foreach ( array( 'server', 'gmt', 'blog' ) as $timezone ) { 2046 $data[] = "lastcommentmodified:$timezone"; 2047 } 2048 wp_cache_delete_multiple( $data, 'timeinfo' ); 2049 } 2050 2051 clean_comment_cache( $id ); 2052 2053 $comment = get_comment( $id ); 2054 2055 // If metadata is provided, store it. 2056 if ( isset( $commentdata['comment_meta'] ) && is_array( $commentdata['comment_meta'] ) ) { 2057 foreach ( $commentdata['comment_meta'] as $meta_key => $meta_value ) { 2058 add_comment_meta( $comment->comment_ID, $meta_key, $meta_value, true ); 2059 } 2060 } 2061 2062 /** 2063 * Fires immediately after a comment is inserted into the database. 2064 * 2065 * @since 2.8.0 2066 * 2067 * @param int $id The comment ID. 2068 * @param WP_Comment $comment Comment object. 2069 */ 2070 do_action( 'wp_insert_comment', $id, $comment ); 2071 2072 return $id; 2073 } 2074 2075 /** 2076 * Filters and sanitizes comment data. 2077 * 2078 * Sets the comment data 'filtered' field to true when finished. This can be 2079 * checked as to whether the comment should be filtered and to keep from 2080 * filtering the same comment more than once. 2081 * 2082 * @since 2.0.0 2083 * 2084 * @param array $commentdata Contains information on the comment. 2085 * @return array Parsed comment information. 2086 */ 2087 function wp_filter_comment( $commentdata ) { 2088 if ( isset( $commentdata['user_ID'] ) ) { 2089 /** 2090 * Filters the comment author's user ID before it is set. 2091 * 2092 * The first time this filter is evaluated, `user_ID` is checked 2093 * (for back-compat), followed by the standard `user_id` value. 2094 * 2095 * @since 1.5.0 2096 * 2097 * @param int $user_id The comment author's user ID. 2098 */ 2099 $commentdata['user_id'] = apply_filters( 'pre_user_id', $commentdata['user_ID'] ); 2100 } elseif ( isset( $commentdata['user_id'] ) ) { 2101 /** This filter is documented in wp-includes/comment.php */ 2102 $commentdata['user_id'] = apply_filters( 'pre_user_id', $commentdata['user_id'] ); 2103 } 2104 2105 /** 2106 * Filters the comment author's browser user agent before it is set. 2107 * 2108 * @since 1.5.0 2109 * 2110 * @param string $comment_agent The comment author's browser user agent. 2111 */ 2112 $commentdata['comment_agent'] = apply_filters( 'pre_comment_user_agent', ( isset( $commentdata['comment_agent'] ) ? $commentdata['comment_agent'] : '' ) ); 2113 /** This filter is documented in wp-includes/comment.php */ 2114 $commentdata['comment_author'] = apply_filters( 'pre_comment_author_name', $commentdata['comment_author'] ); 2115 /** 2116 * Filters the comment content before it is set. 2117 * 2118 * @since 1.5.0 2119 * 2120 * @param string $comment_content The comment content. 2121 */ 2122 $commentdata['comment_content'] = apply_filters( 'pre_comment_content', $commentdata['comment_content'] ); 2123 /** 2124 * Filters the comment author's IP address before it is set. 2125 * 2126 * @since 1.5.0 2127 * 2128 * @param string $comment_author_ip The comment author's IP address. 2129 */ 2130 $commentdata['comment_author_IP'] = apply_filters( 'pre_comment_user_ip', $commentdata['comment_author_IP'] ); 2131 /** This filter is documented in wp-includes/comment.php */ 2132 $commentdata['comment_author_url'] = apply_filters( 'pre_comment_author_url', $commentdata['comment_author_url'] ); 2133 /** This filter is documented in wp-includes/comment.php */ 2134 $commentdata['comment_author_email'] = apply_filters( 'pre_comment_author_email', $commentdata['comment_author_email'] ); 2135 2136 $commentdata['filtered'] = true; 2137 2138 return $commentdata; 2139 } 2140 2141 /** 2142 * Determines whether a comment should be blocked because of comment flood. 2143 * 2144 * @since 2.1.0 2145 * 2146 * @param bool $block Whether plugin has already blocked comment. 2147 * @param int $time_lastcomment Timestamp for last comment. 2148 * @param int $time_newcomment Timestamp for new comment. 2149 * @return bool Whether comment should be blocked. 2150 */ 2151 function wp_throttle_comment_flood( $block, $time_lastcomment, $time_newcomment ) { 2152 if ( $block ) { // A plugin has already blocked... we'll let that decision stand. 2153 return $block; 2154 } 2155 if ( ( $time_newcomment - $time_lastcomment ) < 15 ) { 2156 return true; 2157 } 2158 return false; 2159 } 2160 2161 /** 2162 * Adds a new comment to the database. 2163 * 2164 * Filters new comment to ensure that the fields are sanitized and valid before 2165 * inserting comment into database. Calls {@see 'comment_post'} action with comment ID 2166 * and whether comment is approved by WordPress. Also has {@see 'preprocess_comment'} 2167 * filter for processing the comment data before the function handles it. 2168 * 2169 * We use `REMOTE_ADDR` here directly. If you are behind a proxy, you should ensure 2170 * that it is properly set, such as in wp-config.php, for your environment. 2171 * 2172 * See {@link https://core.trac.wordpress.org/ticket/9235} 2173 * 2174 * @since 1.5.0 2175 * @since 4.3.0 Introduced the `comment_agent` and `comment_author_IP` arguments. 2176 * @since 4.7.0 The `$avoid_die` parameter was added, allowing the function 2177 * to return a WP_Error object instead of dying. 2178 * @since 5.5.0 The `$avoid_die` parameter was renamed to `$wp_error`. 2179 * @since 5.5.0 Introduced the `comment_type` argument. 2180 * 2181 * @see wp_insert_comment() 2182 * @global wpdb $wpdb WordPress database abstraction object. 2183 * 2184 * @param array $commentdata { 2185 * Comment data. 2186 * 2187 * @type string $comment_author The name of the comment author. 2188 * @type string $comment_author_email The comment author email address. 2189 * @type string $comment_author_url The comment author URL. 2190 * @type string $comment_content The content of the comment. 2191 * @type string $comment_date The date the comment was submitted. Default is the current time. 2192 * @type string $comment_date_gmt The date the comment was submitted in the GMT timezone. 2193 * Default is `$comment_date` in the GMT timezone. 2194 * @type string $comment_type Comment type. Default 'comment'. 2195 * @type int $comment_parent The ID of this comment's parent, if any. Default 0. 2196 * @type int $comment_post_ID The ID of the post that relates to the comment. 2197 * @type int $user_id The ID of the user who submitted the comment. Default 0. 2198 * @type int $user_ID Kept for backward-compatibility. Use `$user_id` instead. 2199 * @type string $comment_agent Comment author user agent. Default is the value of 'HTTP_USER_AGENT' 2200 * in the `$_SERVER` superglobal sent in the original request. 2201 * @type string $comment_author_IP Comment author IP address in IPv4 format. Default is the value of 2202 * 'REMOTE_ADDR' in the `$_SERVER` superglobal sent in the original request. 2203 * } 2204 * @param bool $wp_error Should errors be returned as WP_Error objects instead of 2205 * executing wp_die()? Default false. 2206 * @return int|false|WP_Error The ID of the comment on success, false or WP_Error on failure. 2207 */ 2208 function wp_new_comment( $commentdata, $wp_error = false ) { 2209 global $wpdb; 2210 2211 /* 2212 * Normalize `user_ID` to `user_id`, but pass the old key 2213 * to the `preprocess_comment` filter for backward compatibility. 2214 */ 2215 if ( isset( $commentdata['user_ID'] ) ) { 2216 $commentdata['user_ID'] = (int) $commentdata['user_ID']; 2217 $commentdata['user_id'] = $commentdata['user_ID']; 2218 } elseif ( isset( $commentdata['user_id'] ) ) { 2219 $commentdata['user_id'] = (int) $commentdata['user_id']; 2220 $commentdata['user_ID'] = $commentdata['user_id']; 2221 } 2222 2223 $prefiltered_user_id = ( isset( $commentdata['user_id'] ) ) ? (int) $commentdata['user_id'] : 0; 2224 2225 if ( ! isset( $commentdata['comment_author_IP'] ) ) { 2226 $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR']; 2227 } 2228 2229 if ( ! isset( $commentdata['comment_agent'] ) ) { 2230 $commentdata['comment_agent'] = isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : ''; 2231 } 2232 2233 /** 2234 * Filters a comment's data before it is sanitized and inserted into the database. 2235 * 2236 * @since 1.5.0 2237 * @since 5.6.0 Comment data includes the `comment_agent` and `comment_author_IP` values. 2238 * 2239 * @param array $commentdata Comment data. 2240 */ 2241 $commentdata = apply_filters( 'preprocess_comment', $commentdata ); 2242 2243 $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID']; 2244 2245 // Normalize `user_ID` to `user_id` again, after the filter. 2246 if ( isset( $commentdata['user_ID'] ) && $prefiltered_user_id !== (int) $commentdata['user_ID'] ) { 2247 $commentdata['user_ID'] = (int) $commentdata['user_ID']; 2248 $commentdata['user_id'] = $commentdata['user_ID']; 2249 } elseif ( isset( $commentdata['user_id'] ) ) { 2250 $commentdata['user_id'] = (int) $commentdata['user_id']; 2251 $commentdata['user_ID'] = $commentdata['user_id']; 2252 } 2253 2254 $commentdata['comment_parent'] = isset( $commentdata['comment_parent'] ) ? absint( $commentdata['comment_parent'] ) : 0; 2255 2256 $parent_status = ( $commentdata['comment_parent'] > 0 ) ? wp_get_comment_status( $commentdata['comment_parent'] ) : ''; 2257 2258 $commentdata['comment_parent'] = ( 'approved' === $parent_status || 'unapproved' === $parent_status ) ? $commentdata['comment_parent'] : 0; 2259 2260 $commentdata['comment_author_IP'] = preg_replace( '/[^0-9a-fA-F:., ]/', '', $commentdata['comment_author_IP'] ); 2261 2262 $commentdata['comment_agent'] = substr( $commentdata['comment_agent'], 0, 254 ); 2263 2264 if ( empty( $commentdata['comment_date'] ) ) { 2265 $commentdata['comment_date'] = current_time( 'mysql' ); 2266 } 2267 2268 if ( empty( $commentdata['comment_date_gmt'] ) ) { 2269 $commentdata['comment_date_gmt'] = current_time( 'mysql', 1 ); 2270 } 2271 2272 if ( empty( $commentdata['comment_type'] ) ) { 2273 $commentdata['comment_type'] = 'comment'; 2274 } 2275 2276 $commentdata = wp_filter_comment( $commentdata ); 2277 2278 $commentdata['comment_approved'] = wp_allow_comment( $commentdata, $wp_error ); 2279 2280 if ( is_wp_error( $commentdata['comment_approved'] ) ) { 2281 return $commentdata['comment_approved']; 2282 } 2283 2284 $comment_id = wp_insert_comment( $commentdata ); 2285 2286 if ( ! $comment_id ) { 2287 $fields = array( 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content' ); 2288 2289 foreach ( $fields as $field ) { 2290 if ( isset( $commentdata[ $field ] ) ) { 2291 $commentdata[ $field ] = $wpdb->strip_invalid_text_for_column( $wpdb->comments, $field, $commentdata[ $field ] ); 2292 } 2293 } 2294 2295 $commentdata = wp_filter_comment( $commentdata ); 2296 2297 $commentdata['comment_approved'] = wp_allow_comment( $commentdata, $wp_error ); 2298 if ( is_wp_error( $commentdata['comment_approved'] ) ) { 2299 return $commentdata['comment_approved']; 2300 } 2301 2302 $comment_id = wp_insert_comment( $commentdata ); 2303 if ( ! $comment_id ) { 2304 return false; 2305 } 2306 } 2307 2308 /** 2309 * Fires immediately after a comment is inserted into the database. 2310 * 2311 * @since 1.2.0 2312 * @since 4.5.0 The `$commentdata` parameter was added. 2313 * 2314 * @param int $comment_id The comment ID. 2315 * @param int|string $comment_approved 1 if the comment is approved, 0 if not, 'spam' if spam. 2316 * @param array $commentdata Comment data. 2317 */ 2318 do_action( 'comment_post', $comment_id, $commentdata['comment_approved'], $commentdata ); 2319 2320 return $comment_id; 2321 } 2322 2323 /** 2324 * Sends a comment moderation notification to the comment moderator. 2325 * 2326 * @since 4.4.0 2327 * 2328 * @param int $comment_id ID of the comment. 2329 * @return bool True on success, false on failure. 2330 */ 2331 function wp_new_comment_notify_moderator( $comment_id ) { 2332 $comment = get_comment( $comment_id ); 2333 2334 // Only send notifications for pending comments. 2335 $maybe_notify = ( '0' == $comment->comment_approved ); 2336 2337 /** This filter is documented in wp-includes/pluggable.php */ 2338 $maybe_notify = apply_filters( 'notify_moderator', $maybe_notify, $comment_id ); 2339 2340 if ( ! $maybe_notify ) { 2341 return false; 2342 } 2343 2344 return wp_notify_moderator( $comment_id ); 2345 } 2346 2347 /** 2348 * Sends a notification of a new comment to the post author. 2349 * 2350 * @since 4.4.0 2351 * 2352 * Uses the {@see 'notify_post_author'} filter to determine whether the post author 2353 * should be notified when a new comment is added, overriding site setting. 2354 * 2355 * @param int $comment_id Comment ID. 2356 * @return bool True on success, false on failure. 2357 */ 2358 function wp_new_comment_notify_postauthor( $comment_id ) { 2359 $comment = get_comment( $comment_id ); 2360 2361 $maybe_notify = get_option( 'comments_notify' ); 2362 2363 /** 2364 * Filters whether to send the post author new comment notification emails, 2365 * overriding the site setting. 2366 * 2367 * @since 4.4.0 2368 * 2369 * @param bool $maybe_notify Whether to notify the post author about the new comment. 2370 * @param int $comment_id The ID of the comment for the notification. 2371 */ 2372 $maybe_notify = apply_filters( 'notify_post_author', $maybe_notify, $comment_id ); 2373 2374 /* 2375 * wp_notify_postauthor() checks if notifying the author of their own comment. 2376 * By default, it won't, but filters can override this. 2377 */ 2378 if ( ! $maybe_notify ) { 2379 return false; 2380 } 2381 2382 // Only send notifications for approved comments. 2383 if ( ! isset( $comment->comment_approved ) || '1' != $comment->comment_approved ) { 2384 return false; 2385 } 2386 2387 return wp_notify_postauthor( $comment_id ); 2388 } 2389 2390 /** 2391 * Sets the status of a comment. 2392 * 2393 * The {@see 'wp_set_comment_status'} action is called after the comment is handled. 2394 * If the comment status is not in the list, then false is returned. 2395 * 2396 * @since 1.0.0 2397 * 2398 * @global wpdb $wpdb WordPress database abstraction object. 2399 * 2400 * @param int|WP_Comment $comment_id Comment ID or WP_Comment object. 2401 * @param string $comment_status New comment status, either 'hold', 'approve', 'spam', or 'trash'. 2402 * @param bool $wp_error Whether to return a WP_Error object if there is a failure. Default false. 2403 * @return bool|WP_Error True on success, false or WP_Error on failure. 2404 */ 2405 function wp_set_comment_status( $comment_id, $comment_status, $wp_error = false ) { 2406 global $wpdb; 2407 2408 switch ( $comment_status ) { 2409 case 'hold': 2410 case '0': 2411 $status = '0'; 2412 break; 2413 case 'approve': 2414 case '1': 2415 $status = '1'; 2416 add_action( 'wp_set_comment_status', 'wp_new_comment_notify_postauthor' ); 2417 break; 2418 case 'spam': 2419 $status = 'spam'; 2420 break; 2421 case 'trash': 2422 $status = 'trash'; 2423 break; 2424 default: 2425 return false; 2426 } 2427 2428 $comment_old = clone get_comment( $comment_id ); 2429 2430 if ( ! $wpdb->update( $wpdb->comments, array( 'comment_approved' => $status ), array( 'comment_ID' => $comment_old->comment_ID ) ) ) { 2431 if ( $wp_error ) { 2432 return new WP_Error( 'db_update_error', __( 'Could not update comment status.' ), $wpdb->last_error ); 2433 } else { 2434 return false; 2435 } 2436 } 2437 2438 clean_comment_cache( $comment_old->comment_ID ); 2439 2440 $comment = get_comment( $comment_old->comment_ID ); 2441 2442 /** 2443 * Fires immediately after transitioning a comment's status from one to another in the database 2444 * and removing the comment from the object cache, but prior to all status transition hooks. 2445 * 2446 * @since 1.5.0 2447 * 2448 * @param string $comment_id Comment ID as a numeric string. 2449 * @param string $comment_status Current comment status. Possible values include 2450 * 'hold', '0', 'approve', '1', 'spam', and 'trash'. 2451 */ 2452 do_action( 'wp_set_comment_status', $comment->comment_ID, $comment_status ); 2453 2454 wp_transition_comment_status( $comment_status, $comment_old->comment_approved, $comment ); 2455 2456 wp_update_comment_count( $comment->comment_post_ID ); 2457 2458 return true; 2459 } 2460 2461 /** 2462 * Updates an existing comment in the database. 2463 * 2464 * Filters the comment and makes sure certain fields are valid before updating. 2465 * 2466 * @since 2.0.0 2467 * @since 4.9.0 Add updating comment meta during comment update. 2468 * @since 5.5.0 The `$wp_error` parameter was added. 2469 * @since 5.5.0 The return values for an invalid comment or post ID 2470 * were changed to false instead of 0. 2471 * 2472 * @global wpdb $wpdb WordPress database abstraction object. 2473 * 2474 * @param array $commentarr Contains information on the comment. 2475 * @param bool $wp_error Optional. Whether to return a WP_Error on failure. Default false. 2476 * @return int|false|WP_Error The value 1 if the comment was updated, 0 if not updated. 2477 * False or a WP_Error object on failure. 2478 */ 2479 function wp_update_comment( $commentarr, $wp_error = false ) { 2480 global $wpdb; 2481 2482 // First, get all of the original fields. 2483 $comment = get_comment( $commentarr['comment_ID'], ARRAY_A ); 2484 2485 if ( empty( $comment ) ) { 2486 if ( $wp_error ) { 2487 return new WP_Error( 'invalid_comment_id', __( 'Invalid comment ID.' ) ); 2488 } else { 2489 return false; 2490 } 2491 } 2492 2493 // Make sure that the comment post ID is valid (if specified). 2494 if ( ! empty( $commentarr['comment_post_ID'] ) && ! get_post( $commentarr['comment_post_ID'] ) ) { 2495 if ( $wp_error ) { 2496 return new WP_Error( 'invalid_post_id', __( 'Invalid post ID.' ) ); 2497 } else { 2498 return false; 2499 } 2500 } 2501 2502 $filter_comment = false; 2503 if ( ! has_filter( 'pre_comment_content', 'wp_filter_kses' ) ) { 2504 $filter_comment = ! user_can( isset( $comment['user_id'] ) ? $comment['user_id'] : 0, 'unfiltered_html' ); 2505 } 2506 2507 if ( $filter_comment ) { 2508 add_filter( 'pre_comment_content', 'wp_filter_kses' ); 2509 } 2510 2511 // Escape data pulled from DB. 2512 $comment = wp_slash( $comment ); 2513 2514 $old_status = $comment['comment_approved']; 2515 2516 // Merge old and new fields with new fields overwriting old ones. 2517 $commentarr = array_merge( $comment, $commentarr ); 2518 2519 $commentarr = wp_filter_comment( $commentarr ); 2520 2521 if ( $filter_comment ) { 2522 remove_filter( 'pre_comment_content', 'wp_filter_kses' ); 2523 } 2524 2525 // Now extract the merged array. 2526 $data = wp_unslash( $commentarr ); 2527 2528 /** 2529 * Filters the comment content before it is updated in the database. 2530 * 2531 * @since 1.5.0 2532 * 2533 * @param string $comment_content The comment data. 2534 */ 2535 $data['comment_content'] = apply_filters( 'comment_save_pre', $data['comment_content'] ); 2536 2537 $data['comment_date_gmt'] = get_gmt_from_date( $data['comment_date'] ); 2538 2539 if ( ! isset( $data['comment_approved'] ) ) { 2540 $data['comment_approved'] = 1; 2541 } elseif ( 'hold' === $data['comment_approved'] ) { 2542 $data['comment_approved'] = 0; 2543 } elseif ( 'approve' === $data['comment_approved'] ) { 2544 $data['comment_approved'] = 1; 2545 } 2546 2547 $comment_id = $data['comment_ID']; 2548 $comment_post_id = $data['comment_post_ID']; 2549 2550 /** 2551 * Filters the comment data immediately before it is updated in the database. 2552 * 2553 * Note: data being passed to the filter is already unslashed. 2554 * 2555 * @since 4.7.0 2556 * @since 5.5.0 Returning a WP_Error value from the filter will short-circuit comment update 2557 * and allow skipping further processing. 2558 * 2559 * @param array|WP_Error $data The new, processed comment data, or WP_Error. 2560 * @param array $comment The old, unslashed comment data. 2561 * @param array $commentarr The new, raw comment data. 2562 */ 2563 $data = apply_filters( 'wp_update_comment_data', $data, $comment, $commentarr ); 2564 2565 // Do not carry on on failure. 2566 if ( is_wp_error( $data ) ) { 2567 if ( $wp_error ) { 2568 return $data; 2569 } else { 2570 return false; 2571 } 2572 } 2573 2574 $keys = array( 2575 'comment_post_ID', 2576 'comment_author', 2577 'comment_author_email', 2578 'comment_author_url', 2579 'comment_author_IP', 2580 'comment_date', 2581 'comment_date_gmt', 2582 'comment_content', 2583 'comment_karma', 2584 'comment_approved', 2585 'comment_agent', 2586 'comment_type', 2587 'comment_parent', 2588 'user_id', 2589 ); 2590 2591 $data = wp_array_slice_assoc( $data, $keys ); 2592 2593 $result = $wpdb->update( $wpdb->comments, $data, array( 'comment_ID' => $comment_id ) ); 2594 2595 if ( false === $result ) { 2596 if ( $wp_error ) { 2597 return new WP_Error( 'db_update_error', __( 'Could not update comment in the database.' ), $wpdb->last_error ); 2598 } else { 2599 return false; 2600 } 2601 } 2602 2603 // If metadata is provided, store it. 2604 if ( isset( $commentarr['comment_meta'] ) && is_array( $commentarr['comment_meta'] ) ) { 2605 foreach ( $commentarr['comment_meta'] as $meta_key => $meta_value ) { 2606 update_comment_meta( $comment_id, $meta_key, $meta_value ); 2607 } 2608 } 2609 2610 clean_comment_cache( $comment_id ); 2611 wp_update_comment_count( $comment_post_id ); 2612 2613 /** 2614 * Fires immediately after a comment is updated in the database. 2615 * 2616 * The hook also fires immediately before comment status transition hooks are fired. 2617 * 2618 * @since 1.2.0 2619 * @since 4.6.0 Added the `$data` parameter. 2620 * 2621 * @param int $comment_id The comment ID. 2622 * @param array $data Comment data. 2623 */ 2624 do_action( 'edit_comment', $comment_id, $data ); 2625 2626 $comment = get_comment( $comment_id ); 2627 2628 wp_transition_comment_status( $comment->comment_approved, $old_status, $comment ); 2629 2630 return $result; 2631 } 2632 2633 /** 2634 * Determines whether to defer comment counting. 2635 * 2636 * When setting $defer to true, all post comment counts will not be updated 2637 * until $defer is set to false. When $defer is set to false, then all 2638 * previously deferred updated post comment counts will then be automatically 2639 * updated without having to call wp_update_comment_count() after. 2640 * 2641 * @since 2.5.0 2642 * 2643 * @param bool $defer 2644 * @return bool 2645 */ 2646 function wp_defer_comment_counting( $defer = null ) { 2647 static $_defer = false; 2648 2649 if ( is_bool( $defer ) ) { 2650 $_defer = $defer; 2651 // Flush any deferred counts. 2652 if ( ! $defer ) { 2653 wp_update_comment_count( null, true ); 2654 } 2655 } 2656 2657 return $_defer; 2658 } 2659 2660 /** 2661 * Updates the comment count for post(s). 2662 * 2663 * When $do_deferred is false (is by default) and the comments have been set to 2664 * be deferred, the post_id will be added to a queue, which will be updated at a 2665 * later date and only updated once per post ID. 2666 * 2667 * If the comments have not be set up to be deferred, then the post will be 2668 * updated. When $do_deferred is set to true, then all previous deferred post 2669 * IDs will be updated along with the current $post_id. 2670 * 2671 * @since 2.1.0 2672 * 2673 * @see wp_update_comment_count_now() For what could cause a false return value 2674 * 2675 * @param int|null $post_id Post ID. 2676 * @param bool $do_deferred Optional. Whether to process previously deferred 2677 * post comment counts. Default false. 2678 * @return bool|void True on success, false on failure or if post with ID does 2679 * not exist. 2680 */ 2681 function wp_update_comment_count( $post_id, $do_deferred = false ) { 2682 static $_deferred = array(); 2683 2684 if ( empty( $post_id ) && ! $do_deferred ) { 2685 return false; 2686 } 2687 2688 if ( $do_deferred ) { 2689 $_deferred = array_unique( $_deferred ); 2690 foreach ( $_deferred as $i => $_post_id ) { 2691 wp_update_comment_count_now( $_post_id ); 2692 unset( $_deferred[ $i ] ); 2693 /** @todo Move this outside of the foreach and reset $_deferred to an array instead */ 2694 } 2695 } 2696 2697 if ( wp_defer_comment_counting() ) { 2698 $_deferred[] = $post_id; 2699 return true; 2700 } elseif ( $post_id ) { 2701 return wp_update_comment_count_now( $post_id ); 2702 } 2703 } 2704 2705 /** 2706 * Updates the comment count for the post. 2707 * 2708 * @since 2.5.0 2709 * 2710 * @global wpdb $wpdb WordPress database abstraction object. 2711 * 2712 * @param int $post_id Post ID 2713 * @return bool True on success, false if the post does not exist. 2714 */ 2715 function wp_update_comment_count_now( $post_id ) { 2716 global $wpdb; 2717 2718 $post_id = (int) $post_id; 2719 2720 if ( ! $post_id ) { 2721 return false; 2722 } 2723 2724 wp_cache_delete( 'comments-0', 'counts' ); 2725 wp_cache_delete( "comments-{$post_id}", 'counts' ); 2726 2727 $post = get_post( $post_id ); 2728 2729 if ( ! $post ) { 2730 return false; 2731 } 2732 2733 $old = (int) $post->comment_count; 2734 2735 /** 2736 * Filters a post's comment count before it is updated in the database. 2737 * 2738 * @since 4.5.0 2739 * 2740 * @param int|null $new The new comment count. Default null. 2741 * @param int $old The old comment count. 2742 * @param int $post_id Post ID. 2743 */ 2744 $new = apply_filters( 'pre_wp_update_comment_count_now', null, $old, $post_id ); 2745 2746 if ( is_null( $new ) ) { 2747 $new = (int) $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved = '1'", $post_id ) ); 2748 } else { 2749 $new = (int) $new; 2750 } 2751 2752 $wpdb->update( $wpdb->posts, array( 'comment_count' => $new ), array( 'ID' => $post_id ) ); 2753 2754 clean_post_cache( $post ); 2755 2756 /** 2757 * Fires immediately after a post's comment count is updated in the database. 2758 * 2759 * @since 2.3.0 2760 * 2761 * @param int $post_id Post ID. 2762 * @param int $new The new comment count. 2763 * @param int $old The old comment count. 2764 */ 2765 do_action( 'wp_update_comment_count', $post_id, $new, $old ); 2766 2767 /** This action is documented in wp-includes/post.php */ 2768 do_action( "edit_post_{$post->post_type}", $post_id, $post ); 2769 2770 /** This action is documented in wp-includes/post.php */ 2771 do_action( 'edit_post', $post_id, $post ); 2772 2773 return true; 2774 } 2775 2776 // 2777 // Ping and trackback functions. 2778 // 2779 2780 /** 2781 * Finds a pingback server URI based on the given URL. 2782 * 2783 * Checks the HTML for the rel="pingback" link and X-Pingback headers. It does 2784 * a check for the X-Pingback headers first and returns that, if available. 2785 * The check for the rel="pingback" has more overhead than just the header. 2786 * 2787 * @since 1.5.0 2788 * 2789 * @param string $url URL to ping. 2790 * @param string $deprecated Not Used. 2791 * @return string|false String containing URI on success, false on failure. 2792 */ 2793 function discover_pingback_server_uri( $url, $deprecated = '' ) { 2794 if ( ! empty( $deprecated ) ) { 2795 _deprecated_argument( __FUNCTION__, '2.7.0' ); 2796 } 2797 2798 $pingback_str_dquote = 'rel="pingback"'; 2799 $pingback_str_squote = 'rel=\'pingback\''; 2800 2801 /** @todo Should use Filter Extension or custom preg_match instead. */ 2802 $parsed_url = parse_url( $url ); 2803 2804 if ( ! isset( $parsed_url['host'] ) ) { // Not a URL. This should never happen. 2805 return false; 2806 } 2807 2808 // Do not search for a pingback server on our own uploads. 2809 $uploads_dir = wp_get_upload_dir(); 2810 if ( str_starts_with( $url, $uploads_dir['baseurl'] ) ) { 2811 return false; 2812 } 2813 2814 $response = wp_safe_remote_head( 2815 $url, 2816 array( 2817 'timeout' => 2, 2818 'httpversion' => '1.0', 2819 ) 2820 ); 2821 2822 if ( is_wp_error( $response ) ) { 2823 return false; 2824 } 2825 2826 if ( wp_remote_retrieve_header( $response, 'X-Pingback' ) ) { 2827 return wp_remote_retrieve_header( $response, 'X-Pingback' ); 2828 } 2829 2830 // Not an (x)html, sgml, or xml page, no use going further. 2831 if ( preg_match( '#(image|audio|video|model)/#is', wp_remote_retrieve_header( $response, 'Content-Type' ) ) ) { 2832 return false; 2833 } 2834 2835 // Now do a GET since we're going to look in the HTML headers (and we're sure it's not a binary file). 2836 $response = wp_safe_remote_get( 2837 $url, 2838 array( 2839 'timeout' => 2, 2840 'httpversion' => '1.0', 2841 ) 2842 ); 2843 2844 if ( is_wp_error( $response ) ) { 2845 return false; 2846 } 2847 2848 $contents = wp_remote_retrieve_body( $response ); 2849 2850 $pingback_link_offset_dquote = strpos( $contents, $pingback_str_dquote ); 2851 $pingback_link_offset_squote = strpos( $contents, $pingback_str_squote ); 2852 if ( $pingback_link_offset_dquote || $pingback_link_offset_squote ) { 2853 $quote = ( $pingback_link_offset_dquote ) ? '"' : '\''; 2854 $pingback_link_offset = ( '"' === $quote ) ? $pingback_link_offset_dquote : $pingback_link_offset_squote; 2855 $pingback_href_pos = strpos( $contents, 'href=', $pingback_link_offset ); 2856 $pingback_href_start = $pingback_href_pos + 6; 2857 $pingback_href_end = strpos( $contents, $quote, $pingback_href_start ); 2858 $pingback_server_url_len = $pingback_href_end - $pingback_href_start; 2859 $pingback_server_url = substr( $contents, $pingback_href_start, $pingback_server_url_len ); 2860 2861 // We may find rel="pingback" but an incomplete pingback URL. 2862 if ( $pingback_server_url_len > 0 ) { // We got it! 2863 return $pingback_server_url; 2864 } 2865 } 2866 2867 return false; 2868 } 2869 2870 /** 2871 * Performs all pingbacks, enclosures, trackbacks, and sends to pingback services. 2872 * 2873 * @since 2.1.0 2874 * @since 5.6.0 Introduced `do_all_pings` action hook for individual services. 2875 */ 2876 function do_all_pings() { 2877 /** 2878 * Fires immediately after the `do_pings` event to hook services individually. 2879 * 2880 * @since 5.6.0 2881 */ 2882 do_action( 'do_all_pings' ); 2883 } 2884 2885 /** 2886 * Performs all pingbacks. 2887 * 2888 * @since 5.6.0 2889 */ 2890 function do_all_pingbacks() { 2891 $pings = get_posts( 2892 array( 2893 'post_type' => get_post_types(), 2894 'suppress_filters' => false, 2895 'nopaging' => true, 2896 'meta_key' => '_pingme', 2897 'fields' => 'ids', 2898 ) 2899 ); 2900 2901 foreach ( $pings as $ping ) { 2902 delete_post_meta( $ping, '_pingme' ); 2903 pingback( null, $ping ); 2904 } 2905 } 2906 2907 /** 2908 * Performs all enclosures. 2909 * 2910 * @since 5.6.0 2911 */ 2912 function do_all_enclosures() { 2913 $enclosures = get_posts( 2914 array( 2915 'post_type' => get_post_types(), 2916 'suppress_filters' => false, 2917 'nopaging' => true, 2918 'meta_key' => '_encloseme', 2919 'fields' => 'ids', 2920 ) 2921 ); 2922 2923 foreach ( $enclosures as $enclosure ) { 2924 delete_post_meta( $enclosure, '_encloseme' ); 2925 do_enclose( null, $enclosure ); 2926 } 2927 } 2928 2929 /** 2930 * Performs all trackbacks. 2931 * 2932 * @since 5.6.0 2933 */ 2934 function do_all_trackbacks() { 2935 $trackbacks = get_posts( 2936 array( 2937 'post_type' => get_post_types(), 2938 'suppress_filters' => false, 2939 'nopaging' => true, 2940 'meta_key' => '_trackbackme', 2941 'fields' => 'ids', 2942 ) 2943 ); 2944 2945 foreach ( $trackbacks as $trackback ) { 2946 delete_post_meta( $trackback, '_trackbackme' ); 2947 do_trackbacks( $trackback ); 2948 } 2949 } 2950 2951 /** 2952 * Performs trackbacks. 2953 * 2954 * @since 1.5.0 2955 * @since 4.7.0 `$post` can be a WP_Post object. 2956 * 2957 * @global wpdb $wpdb WordPress database abstraction object. 2958 * 2959 * @param int|WP_Post $post Post ID or object to do trackbacks on. 2960 * @return void|false Returns false on failure. 2961 */ 2962 function do_trackbacks( $post ) { 2963 global $wpdb; 2964 2965 $post = get_post( $post ); 2966 2967 if ( ! $post ) { 2968 return false; 2969 } 2970 2971 $to_ping = get_to_ping( $post ); 2972 $pinged = get_pung( $post ); 2973 2974 if ( empty( $to_ping ) ) { 2975 $wpdb->update( $wpdb->posts, array( 'to_ping' => '' ), array( 'ID' => $post->ID ) ); 2976 return; 2977 } 2978 2979 if ( empty( $post->post_excerpt ) ) { 2980 /** This filter is documented in wp-includes/post-template.php */ 2981 $excerpt = apply_filters( 'the_content', $post->post_content, $post->ID ); 2982 } else { 2983 /** This filter is documented in wp-includes/post-template.php */ 2984 $excerpt = apply_filters( 'the_excerpt', $post->post_excerpt ); 2985 } 2986 2987 $excerpt = str_replace( ']]>', ']]>', $excerpt ); 2988 $excerpt = wp_html_excerpt( $excerpt, 252, '…' ); 2989 2990 /** This filter is documented in wp-includes/post-template.php */ 2991 $post_title = apply_filters( 'the_title', $post->post_title, $post->ID ); 2992 $post_title = strip_tags( $post_title ); 2993 2994 if ( $to_ping ) { 2995 foreach ( (array) $to_ping as $tb_ping ) { 2996 $tb_ping = trim( $tb_ping ); 2997 if ( ! in_array( $tb_ping, $pinged, true ) ) { 2998 trackback( $tb_ping, $post_title, $excerpt, $post->ID ); 2999 $pinged[] = $tb_ping; 3000 } else { 3001 $wpdb->query( 3002 $wpdb->prepare( 3003 "UPDATE $wpdb->posts SET to_ping = TRIM(REPLACE(to_ping, %s, 3004 '')) WHERE ID = %d", 3005 $tb_ping, 3006 $post->ID 3007 ) 3008 ); 3009 } 3010 } 3011 } 3012 } 3013 3014 /** 3015 * Sends pings to all of the ping site services. 3016 * 3017 * @since 1.2.0 3018 * 3019 * @param int $post_id Post ID. 3020 * @return int Same post ID as provided. 3021 */ 3022 function generic_ping( $post_id = 0 ) { 3023 $services = get_option( 'ping_sites' ); 3024 3025 $services = explode( "\n", $services ); 3026 foreach ( (array) $services as $service ) { 3027 $service = trim( $service ); 3028 if ( '' !== $service ) { 3029 weblog_ping( $service ); 3030 } 3031 } 3032 3033 return $post_id; 3034 } 3035 3036 /** 3037 * Pings back the links found in a post. 3038 * 3039 * @since 0.71 3040 * @since 4.7.0 `$post` can be a WP_Post object. 3041 * 3042 * @param string $content Post content to check for links. If empty will retrieve from post. 3043 * @param int|WP_Post $post Post ID or object. 3044 */ 3045 function pingback( $content, $post ) { 3046 require_once ABSPATH . WPINC . '/class-IXR.php'; 3047 require_once ABSPATH . WPINC . '/class-wp-http-ixr-client.php'; 3048 3049 // Original code by Mort (http://mort.mine.nu:8080). 3050 $post_links = array(); 3051 3052 $post = get_post( $post ); 3053 3054 if ( ! $post ) { 3055 return; 3056 } 3057 3058 $pung = get_pung( $post ); 3059 3060 if ( empty( $content ) ) { 3061 $content = $post->post_content; 3062 } 3063 3064 /* 3065 * Step 1. 3066 * Parsing the post, external links (if any) are stored in the $post_links array. 3067 */ 3068 $post_links_temp = wp_extract_urls( $content ); 3069 3070 /* 3071 * Step 2. 3072 * Walking through the links array. 3073 * First we get rid of links pointing to sites, not to specific files. 3074 * Example: 3075 * http://dummy-weblog.org 3076 * http://dummy-weblog.org/ 3077 * http://dummy-weblog.org/post.php 3078 * We don't wanna ping first and second types, even if they have a valid <link/>. 3079 */ 3080 foreach ( (array) $post_links_temp as $link_test ) { 3081 // If we haven't pung it already and it isn't a link to itself. 3082 if ( ! in_array( $link_test, $pung, true ) && ( url_to_postid( $link_test ) != $post->ID ) 3083 // Also, let's never ping local attachments. 3084 && ! is_local_attachment( $link_test ) 3085 ) { 3086 $test = parse_url( $link_test ); 3087 if ( $test ) { 3088 if ( isset( $test['query'] ) ) { 3089 $post_links[] = $link_test; 3090 } elseif ( isset( $test['path'] ) && ( '/' !== $test['path'] ) && ( '' !== $test['path'] ) ) { 3091 $post_links[] = $link_test; 3092 } 3093 } 3094 } 3095 } 3096 3097 $post_links = array_unique( $post_links ); 3098 3099 /** 3100 * Fires just before pinging back links found in a post. 3101 * 3102 * @since 2.0.0 3103 * 3104 * @param string[] $post_links Array of link URLs to be checked (passed by reference). 3105 * @param string[] $pung Array of link URLs already pinged (passed by reference). 3106 * @param int $post_id The post ID. 3107 */ 3108 do_action_ref_array( 'pre_ping', array( &$post_links, &$pung, $post->ID ) ); 3109 3110 foreach ( (array) $post_links as $pagelinkedto ) { 3111 $pingback_server_url = discover_pingback_server_uri( $pagelinkedto ); 3112 3113 if ( $pingback_server_url ) { 3114 if ( function_exists( 'set_time_limit' ) ) { 3115 set_time_limit( 60 ); 3116 } 3117 3118 // Now, the RPC call. 3119 $pagelinkedfrom = get_permalink( $post ); 3120 3121 // Using a timeout of 3 seconds should be enough to cover slow servers. 3122 $client = new WP_HTTP_IXR_Client( $pingback_server_url ); 3123 $client->timeout = 3; 3124 /** 3125 * Filters the user agent sent when pinging-back a URL. 3126 * 3127 * @since 2.9.0 3128 * 3129 * @param string $concat_useragent The user agent concatenated with ' -- WordPress/' 3130 * and the WordPress version. 3131 * @param string $useragent The useragent. 3132 * @param string $pingback_server_url The server URL being linked to. 3133 * @param string $pagelinkedto URL of page linked to. 3134 * @param string $pagelinkedfrom URL of page linked from. 3135 */ 3136 $client->useragent = apply_filters( 'pingback_useragent', $client->useragent . ' -- WordPress/' . get_bloginfo( 'version' ), $client->useragent, $pingback_server_url, $pagelinkedto, $pagelinkedfrom ); 3137 // When set to true, this outputs debug messages by itself. 3138 $client->debug = false; 3139 3140 if ( $client->query( 'pingback.ping', $pagelinkedfrom, $pagelinkedto ) || ( isset( $client->error->code ) && 48 == $client->error->code ) ) { // Already registered. 3141 add_ping( $post, $pagelinkedto ); 3142 } 3143 } 3144 } 3145 } 3146 3147 /** 3148 * Checks whether blog is public before returning sites. 3149 * 3150 * @since 2.1.0 3151 * 3152 * @param mixed $sites Will return if blog is public, will not return if not public. 3153 * @return mixed Empty string if blog is not public, returns $sites, if site is public. 3154 */ 3155 function privacy_ping_filter( $sites ) { 3156 if ( '0' != get_option( 'blog_public' ) ) { 3157 return $sites; 3158 } else { 3159 return ''; 3160 } 3161 } 3162 3163 /** 3164 * Sends a Trackback. 3165 * 3166 * Updates database when sending trackback to prevent duplicates. 3167 * 3168 * @since 0.71 3169 * 3170 * @global wpdb $wpdb WordPress database abstraction object. 3171 * 3172 * @param string $trackback_url URL to send trackbacks. 3173 * @param string $title Title of post. 3174 * @param string $excerpt Excerpt of post. 3175 * @param int $ID Post ID. 3176 * @return int|false|void Database query from update. 3177 */ 3178 function trackback( $trackback_url, $title, $excerpt, $ID ) { 3179 global $wpdb; 3180 3181 if ( empty( $trackback_url ) ) { 3182 return; 3183 } 3184 3185 $options = array(); 3186 $options['timeout'] = 10; 3187 $options['body'] = array( 3188 'title' => $title, 3189 'url' => get_permalink( $ID ), 3190 'blog_name' => get_option( 'blogname' ), 3191 'excerpt' => $excerpt, 3192 ); 3193 3194 $response = wp_safe_remote_post( $trackback_url, $options ); 3195 3196 if ( is_wp_error( $response ) ) { 3197 return; 3198 } 3199 3200 $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET pinged = CONCAT(pinged, '\n', %s) WHERE ID = %d", $trackback_url, $ID ) ); 3201 return $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET to_ping = TRIM(REPLACE(to_ping, %s, '')) WHERE ID = %d", $trackback_url, $ID ) ); 3202 } 3203 3204 /** 3205 * Sends a pingback. 3206 * 3207 * @since 1.2.0 3208 * 3209 * @param string $server Host of blog to connect to. 3210 * @param string $path Path to send the ping. 3211 */ 3212 function weblog_ping( $server = '', $path = '' ) { 3213 require_once ABSPATH . WPINC . '/class-IXR.php'; 3214 require_once ABSPATH . WPINC . '/class-wp-http-ixr-client.php'; 3215 3216 // Using a timeout of 3 seconds should be enough to cover slow servers. 3217 $client = new WP_HTTP_IXR_Client( $server, ( ( ! strlen( trim( $path ) ) || ( '/' === $path ) ) ? false : $path ) ); 3218 $client->timeout = 3; 3219 $client->useragent .= ' -- WordPress/' . get_bloginfo( 'version' ); 3220 3221 // When set to true, this outputs debug messages by itself. 3222 $client->debug = false; 3223 $home = trailingslashit( home_url() ); 3224 if ( ! $client->query( 'weblogUpdates.extendedPing', get_option( 'blogname' ), $home, get_bloginfo( 'rss2_url' ) ) ) { // Then try a normal ping. 3225 $client->query( 'weblogUpdates.ping', get_option( 'blogname' ), $home ); 3226 } 3227 } 3228 3229 /** 3230 * Default filter attached to pingback_ping_source_uri to validate the pingback's Source URI. 3231 * 3232 * @since 3.5.1 3233 * 3234 * @see wp_http_validate_url() 3235 * 3236 * @param string $source_uri 3237 * @return string 3238 */ 3239 function pingback_ping_source_uri( $source_uri ) { 3240 return (string) wp_http_validate_url( $source_uri ); 3241 } 3242 3243 /** 3244 * Default filter attached to xmlrpc_pingback_error. 3245 * 3246 * Returns a generic pingback error code unless the error code is 48, 3247 * which reports that the pingback is already registered. 3248 * 3249 * @since 3.5.1 3250 * 3251 * @link https://www.hixie.ch/specs/pingback/pingback#TOC3 3252 * 3253 * @param IXR_Error $ixr_error 3254 * @return IXR_Error 3255 */ 3256 function xmlrpc_pingback_error( $ixr_error ) { 3257 if ( 48 === $ixr_error->code ) { 3258 return $ixr_error; 3259 } 3260 return new IXR_Error( 0, '' ); 3261 } 3262 3263 // 3264 // Cache. 3265 // 3266 3267 /** 3268 * Removes a comment from the object cache. 3269 * 3270 * @since 2.3.0 3271 * 3272 * @param int|array $ids Comment ID or an array of comment IDs to remove from cache. 3273 */ 3274 function clean_comment_cache( $ids ) { 3275 $comment_ids = (array) $ids; 3276 wp_cache_delete_multiple( $comment_ids, 'comment' ); 3277 foreach ( $comment_ids as $id ) { 3278 /** 3279 * Fires immediately after a comment has been removed from the object cache. 3280 * 3281 * @since 4.5.0 3282 * 3283 * @param int $id Comment ID. 3284 */ 3285 do_action( 'clean_comment_cache', $id ); 3286 } 3287 3288 wp_cache_set_comments_last_changed(); 3289 } 3290 3291 /** 3292 * Updates the comment cache of given comments. 3293 * 3294 * Will add the comments in $comments to the cache. If comment ID already exists 3295 * in the comment cache then it will not be updated. The comment is added to the 3296 * cache using the comment group with the key using the ID of the comments. 3297 * 3298 * @since 2.3.0 3299 * @since 4.4.0 Introduced the `$update_meta_cache` parameter. 3300 * 3301 * @param WP_Comment[] $comments Array of comment objects 3302 * @param bool $update_meta_cache Whether to update commentmeta cache. Default true. 3303 */ 3304 function update_comment_cache( $comments, $update_meta_cache = true ) { 3305 $data = array(); 3306 foreach ( (array) $comments as $comment ) { 3307 $data[ $comment->comment_ID ] = $comment; 3308 } 3309 wp_cache_add_multiple( $data, 'comment' ); 3310 3311 if ( $update_meta_cache ) { 3312 // Avoid `wp_list_pluck()` in case `$comments` is passed by reference. 3313 $comment_ids = array(); 3314 foreach ( $comments as $comment ) { 3315 $comment_ids[] = $comment->comment_ID; 3316 } 3317 update_meta_cache( 'comment', $comment_ids ); 3318 } 3319 } 3320 3321 /** 3322 * Adds any comments from the given IDs to the cache that do not already exist in cache. 3323 * 3324 * @since 4.4.0 3325 * @since 6.1.0 This function is no longer marked as "private". 3326 * @since 6.3.0 Use wp_lazyload_comment_meta() for lazy-loading of comment meta. 3327 * 3328 * @see update_comment_cache() 3329 * @global wpdb $wpdb WordPress database abstraction object. 3330 * 3331 * @param int[] $comment_ids Array of comment IDs. 3332 * @param bool $update_meta_cache Optional. Whether to update the meta cache. Default true. 3333 */ 3334 function _prime_comment_caches( $comment_ids, $update_meta_cache = true ) { 3335 global $wpdb; 3336 3337 $non_cached_ids = _get_non_cached_ids( $comment_ids, 'comment' ); 3338 if ( ! empty( $non_cached_ids ) ) { 3339 $fresh_comments = $wpdb->get_results( sprintf( "SELECT $wpdb->comments.* FROM $wpdb->comments WHERE comment_ID IN (%s)", implode( ',', array_map( 'intval', $non_cached_ids ) ) ) ); 3340 3341 update_comment_cache( $fresh_comments, false ); 3342 } 3343 3344 if ( $update_meta_cache ) { 3345 wp_lazyload_comment_meta( $comment_ids ); 3346 } 3347 } 3348 3349 // 3350 // Internal. 3351 // 3352 3353 /** 3354 * Closes comments on old posts on the fly, without any extra DB queries. Hooked to the_posts. 3355 * 3356 * @since 2.7.0 3357 * @access private 3358 * 3359 * @param WP_Post $posts Post data object. 3360 * @param WP_Query $query Query object. 3361 * @return array 3362 */ 3363 function _close_comments_for_old_posts( $posts, $query ) { 3364 if ( empty( $posts ) || ! $query->is_singular() || ! get_option( 'close_comments_for_old_posts' ) ) { 3365 return $posts; 3366 } 3367 3368 /** 3369 * Filters the list of post types to automatically close comments for. 3370 * 3371 * @since 3.2.0 3372 * 3373 * @param string[] $post_types An array of post type names. 3374 */ 3375 $post_types = apply_filters( 'close_comments_for_post_types', array( 'post' ) ); 3376 if ( ! in_array( $posts[0]->post_type, $post_types, true ) ) { 3377 return $posts; 3378 } 3379 3380 $days_old = (int) get_option( 'close_comments_days_old' ); 3381 if ( ! $days_old ) { 3382 return $posts; 3383 } 3384 3385 if ( time() - strtotime( $posts[0]->post_date_gmt ) > ( $days_old * DAY_IN_SECONDS ) ) { 3386 $posts[0]->comment_status = 'closed'; 3387 $posts[0]->ping_status = 'closed'; 3388 } 3389 3390 return $posts; 3391 } 3392 3393 /** 3394 * Closes comments on an old post. Hooked to comments_open and pings_open. 3395 * 3396 * @since 2.7.0 3397 * @access private 3398 * 3399 * @param bool $open Comments open or closed. 3400 * @param int $post_id Post ID. 3401 * @return bool $open 3402 */ 3403 function _close_comments_for_old_post( $open, $post_id ) { 3404 if ( ! $open ) { 3405 return $open; 3406 } 3407 3408 if ( ! get_option( 'close_comments_for_old_posts' ) ) { 3409 return $open; 3410 } 3411 3412 $days_old = (int) get_option( 'close_comments_days_old' ); 3413 if ( ! $days_old ) { 3414 return $open; 3415 } 3416 3417 $post = get_post( $post_id ); 3418 3419 /** This filter is documented in wp-includes/comment.php */ 3420 $post_types = apply_filters( 'close_comments_for_post_types', array( 'post' ) ); 3421 if ( ! in_array( $post->post_type, $post_types, true ) ) { 3422 return $open; 3423 } 3424 3425 // Undated drafts should not show up as comments closed. 3426 if ( '0000-00-00 00:00:00' === $post->post_date_gmt ) { 3427 return $open; 3428 } 3429 3430 if ( time() - strtotime( $post->post_date_gmt ) > ( $days_old * DAY_IN_SECONDS ) ) { 3431 return false; 3432 } 3433 3434 return $open; 3435 } 3436 3437 /** 3438 * Handles the submission of a comment, usually posted to wp-comments-post.php via a comment form. 3439 * 3440 * This function expects unslashed data, as opposed to functions such as `wp_new_comment()` which 3441 * expect slashed data. 3442 * 3443 * @since 4.4.0 3444 * 3445 * @param array $comment_data { 3446 * Comment data. 3447 * 3448 * @type string|int $comment_post_ID The ID of the post that relates to the comment. 3449 * @type string $author The name of the comment author. 3450 * @type string $email The comment author email address. 3451 * @type string $url The comment author URL. 3452 * @type string $comment The content of the comment. 3453 * @type string|int $comment_parent The ID of this comment's parent, if any. Default 0. 3454 * @type string $_wp_unfiltered_html_comment The nonce value for allowing unfiltered HTML. 3455 * } 3456 * @return WP_Comment|WP_Error A WP_Comment object on success, a WP_Error object on failure. 3457 */ 3458 function wp_handle_comment_submission( $comment_data ) { 3459 $comment_post_id = 0; 3460 $comment_author = ''; 3461 $comment_author_email = ''; 3462 $comment_author_url = ''; 3463 $comment_content = ''; 3464 $comment_parent = 0; 3465 $user_id = 0; 3466 3467 if ( isset( $comment_data['comment_post_ID'] ) ) { 3468 $comment_post_id = (int) $comment_data['comment_post_ID']; 3469 } 3470 if ( isset( $comment_data['author'] ) && is_string( $comment_data['author'] ) ) { 3471 $comment_author = trim( strip_tags( $comment_data['author'] ) ); 3472 } 3473 if ( isset( $comment_data['email'] ) && is_string( $comment_data['email'] ) ) { 3474 $comment_author_email = trim( $comment_data['email'] ); 3475 } 3476 if ( isset( $comment_data['url'] ) && is_string( $comment_data['url'] ) ) { 3477 $comment_author_url = trim( $comment_data['url'] ); 3478 } 3479 if ( isset( $comment_data['comment'] ) && is_string( $comment_data['comment'] ) ) { 3480 $comment_content = trim( $comment_data['comment'] ); 3481 } 3482 if ( isset( $comment_data['comment_parent'] ) ) { 3483 $comment_parent = absint( $comment_data['comment_parent'] ); 3484 $comment_parent_object = get_comment( $comment_parent ); 3485 3486 if ( 3487 0 !== $comment_parent && 3488 ( 3489 ! $comment_parent_object instanceof WP_Comment || 3490 0 === (int) $comment_parent_object->comment_approved 3491 ) 3492 ) { 3493 /** 3494 * Fires when a comment reply is attempted to an unapproved comment. 3495 * 3496 * @since 6.2.0 3497 * 3498 * @param int $comment_post_id Post ID. 3499 * @param int $comment_parent Parent comment ID. 3500 */ 3501 do_action( 'comment_reply_to_unapproved_comment', $comment_post_id, $comment_parent ); 3502 3503 return new WP_Error( 'comment_reply_to_unapproved_comment', __( 'Sorry, replies to unapproved comments are not allowed.' ), 403 ); 3504 } 3505 } 3506 3507 $post = get_post( $comment_post_id ); 3508 3509 if ( empty( $post->comment_status ) ) { 3510 3511 /** 3512 * Fires when a comment is attempted on a post that does not exist. 3513 * 3514 * @since 1.5.0 3515 * 3516 * @param int $comment_post_id Post ID. 3517 */ 3518 do_action( 'comment_id_not_found', $comment_post_id ); 3519 3520 return new WP_Error( 'comment_id_not_found' ); 3521 3522 } 3523 3524 // get_post_status() will get the parent status for attachments. 3525 $status = get_post_status( $post ); 3526 3527 if ( ( 'private' === $status ) && ! current_user_can( 'read_post', $comment_post_id ) ) { 3528 return new WP_Error( 'comment_id_not_found' ); 3529 } 3530 3531 $status_obj = get_post_status_object( $status ); 3532 3533 if ( ! comments_open( $comment_post_id ) ) { 3534 3535 /** 3536 * Fires when a comment is attempted on a post that has comments closed. 3537 * 3538 * @since 1.5.0 3539 * 3540 * @param int $comment_post_id Post ID. 3541 */ 3542 do_action( 'comment_closed', $comment_post_id ); 3543 3544 return new WP_Error( 'comment_closed', __( 'Sorry, comments are closed for this item.' ), 403 ); 3545 3546 } elseif ( 'trash' === $status ) { 3547 3548 /** 3549 * Fires when a comment is attempted on a trashed post. 3550 * 3551 * @since 2.9.0 3552 * 3553 * @param int $comment_post_id Post ID. 3554 */ 3555 do_action( 'comment_on_trash', $comment_post_id ); 3556 3557 return new WP_Error( 'comment_on_trash' ); 3558 3559 } elseif ( ! $status_obj->public && ! $status_obj->private ) { 3560 3561 /** 3562 * Fires when a comment is attempted on a post in draft mode. 3563 * 3564 * @since 1.5.1 3565 * 3566 * @param int $comment_post_id Post ID. 3567 */ 3568 do_action( 'comment_on_draft', $comment_post_id ); 3569 3570 if ( current_user_can( 'read_post', $comment_post_id ) ) { 3571 return new WP_Error( 'comment_on_draft', __( 'Sorry, comments are not allowed for this item.' ), 403 ); 3572 } else { 3573 return new WP_Error( 'comment_on_draft' ); 3574 } 3575 } elseif ( post_password_required( $comment_post_id ) ) { 3576 3577 /** 3578 * Fires when a comment is attempted on a password-protected post. 3579 * 3580 * @since 2.9.0 3581 * 3582 * @param int $comment_post_id Post ID. 3583 */ 3584 do_action( 'comment_on_password_protected', $comment_post_id ); 3585 3586 return new WP_Error( 'comment_on_password_protected' ); 3587 3588 } else { 3589 /** 3590 * Fires before a comment is posted. 3591 * 3592 * @since 2.8.0 3593 * 3594 * @param int $comment_post_id Post ID. 3595 */ 3596 do_action( 'pre_comment_on_post', $comment_post_id ); 3597 } 3598 3599 // If the user is logged in. 3600 $user = wp_get_current_user(); 3601 if ( $user->exists() ) { 3602 if ( empty( $user->display_name ) ) { 3603 $user->display_name = $user->user_login; 3604 } 3605 3606 $comment_author = $user->display_name; 3607 $comment_author_email = $user->user_email; 3608 $comment_author_url = $user->user_url; 3609 $user_id = $user->ID; 3610 3611 if ( current_user_can( 'unfiltered_html' ) ) { 3612 if ( ! isset( $comment_data['_wp_unfiltered_html_comment'] ) 3613 || ! wp_verify_nonce( $comment_data['_wp_unfiltered_html_comment'], 'unfiltered-html-comment_' . $comment_post_id ) 3614 ) { 3615 kses_remove_filters(); // Start with a clean slate. 3616 kses_init_filters(); // Set up the filters. 3617 remove_filter( 'pre_comment_content', 'wp_filter_post_kses' ); 3618 add_filter( 'pre_comment_content', 'wp_filter_kses' ); 3619 } 3620 } 3621 } else { 3622 if ( get_option( 'comment_registration' ) ) { 3623 return new WP_Error( 'not_logged_in', __( 'Sorry, you must be logged in to comment.' ), 403 ); 3624 } 3625 } 3626 3627 $comment_type = 'comment'; 3628 3629 if ( get_option( 'require_name_email' ) && ! $user->exists() ) { 3630 if ( '' == $comment_author_email || '' == $comment_author ) { 3631 return new WP_Error( 'require_name_email', __( '<strong>Error:</strong> Please fill the required fields.' ), 200 ); 3632 } elseif ( ! is_email( $comment_author_email ) ) { 3633 return new WP_Error( 'require_valid_email', __( '<strong>Error:</strong> Please enter a valid email address.' ), 200 ); 3634 } 3635 } 3636 3637 $commentdata = array( 3638 'comment_post_ID' => $comment_post_id, 3639 ); 3640 3641 $commentdata += compact( 3642 'comment_author', 3643 'comment_author_email', 3644 'comment_author_url', 3645 'comment_content', 3646 'comment_type', 3647 'comment_parent', 3648 'user_id' 3649 ); 3650 3651 /** 3652 * Filters whether an empty comment should be allowed. 3653 * 3654 * @since 5.1.0 3655 * 3656 * @param bool $allow_empty_comment Whether to allow empty comments. Default false. 3657 * @param array $commentdata Array of comment data to be sent to wp_insert_comment(). 3658 */ 3659 $allow_empty_comment = apply_filters( 'allow_empty_comment', false, $commentdata ); 3660 if ( '' === $comment_content && ! $allow_empty_comment ) { 3661 return new WP_Error( 'require_valid_comment', __( '<strong>Error:</strong> Please type your comment text.' ), 200 ); 3662 } 3663 3664 $check_max_lengths = wp_check_comment_data_max_lengths( $commentdata ); 3665 if ( is_wp_error( $check_max_lengths ) ) { 3666 return $check_max_lengths; 3667 } 3668 3669 $comment_id = wp_new_comment( wp_slash( $commentdata ), true ); 3670 if ( is_wp_error( $comment_id ) ) { 3671 return $comment_id; 3672 } 3673 3674 if ( ! $comment_id ) { 3675 return new WP_Error( 'comment_save_error', __( '<strong>Error:</strong> The comment could not be saved. Please try again later.' ), 500 ); 3676 } 3677 3678 return get_comment( $comment_id ); 3679 } 3680 3681 /** 3682 * Registers the personal data exporter for comments. 3683 * 3684 * @since 4.9.6 3685 * 3686 * @param array[] $exporters An array of personal data exporters. 3687 * @return array[] An array of personal data exporters. 3688 */ 3689 function wp_register_comment_personal_data_exporter( $exporters ) { 3690 $exporters['wordpress-comments'] = array( 3691 'exporter_friendly_name' => __( 'WordPress Comments' ), 3692 'callback' => 'wp_comments_personal_data_exporter', 3693 ); 3694 3695 return $exporters; 3696 } 3697 3698 /** 3699 * Finds and exports personal data associated with an email address from the comments table. 3700 * 3701 * @since 4.9.6 3702 * 3703 * @param string $email_address The comment author email address. 3704 * @param int $page Comment page number. 3705 * @return array { 3706 * An array of personal data. 3707 * 3708 * @type array[] $data An array of personal data arrays. 3709 * @type bool $done Whether the exporter is finished. 3710 * } 3711 */ 3712 function wp_comments_personal_data_exporter( $email_address, $page = 1 ) { 3713 // Limit us to 500 comments at a time to avoid timing out. 3714 $number = 500; 3715 $page = (int) $page; 3716 3717 $data_to_export = array(); 3718 3719 $comments = get_comments( 3720 array( 3721 'author_email' => $email_address, 3722 'number' => $number, 3723 'paged' => $page, 3724 'orderby' => 'comment_ID', 3725 'order' => 'ASC', 3726 'update_comment_meta_cache' => false, 3727 ) 3728 ); 3729 3730 $comment_prop_to_export = array( 3731 'comment_author' => __( 'Comment Author' ), 3732 'comment_author_email' => __( 'Comment Author Email' ), 3733 'comment_author_url' => __( 'Comment Author URL' ), 3734 'comment_author_IP' => __( 'Comment Author IP' ), 3735 'comment_agent' => __( 'Comment Author User Agent' ), 3736 'comment_date' => __( 'Comment Date' ), 3737 'comment_content' => __( 'Comment Content' ), 3738 'comment_link' => __( 'Comment URL' ), 3739 ); 3740 3741 foreach ( (array) $comments as $comment ) { 3742 $comment_data_to_export = array(); 3743 3744 foreach ( $comment_prop_to_export as $key => $name ) { 3745 $value = ''; 3746 3747 switch ( $key ) { 3748 case 'comment_author': 3749 case 'comment_author_email': 3750 case 'comment_author_url': 3751 case 'comment_author_IP': 3752 case 'comment_agent': 3753 case 'comment_date': 3754 $value = $comment->{$key}; 3755 break; 3756 3757 case 'comment_content': 3758 $value = get_comment_text( $comment->comment_ID ); 3759 break; 3760 3761 case 'comment_link': 3762 $value = get_comment_link( $comment->comment_ID ); 3763 $value = sprintf( 3764 '<a href="%s" target="_blank" rel="noopener">%s</a>', 3765 esc_url( $value ), 3766 esc_html( $value ) 3767 ); 3768 break; 3769 } 3770 3771 if ( ! empty( $value ) ) { 3772 $comment_data_to_export[] = array( 3773 'name' => $name, 3774 'value' => $value, 3775 ); 3776 } 3777 } 3778 3779 $data_to_export[] = array( 3780 'group_id' => 'comments', 3781 'group_label' => __( 'Comments' ), 3782 'group_description' => __( 'User’s comment data.' ), 3783 'item_id' => "comment-{$comment->comment_ID}", 3784 'data' => $comment_data_to_export, 3785 ); 3786 } 3787 3788 $done = count( $comments ) < $number; 3789 3790 return array( 3791 'data' => $data_to_export, 3792 'done' => $done, 3793 ); 3794 } 3795 3796 /** 3797 * Registers the personal data eraser for comments. 3798 * 3799 * @since 4.9.6 3800 * 3801 * @param array $erasers An array of personal data erasers. 3802 * @return array An array of personal data erasers. 3803 */ 3804 function wp_register_comment_personal_data_eraser( $erasers ) { 3805 $erasers['wordpress-comments'] = array( 3806 'eraser_friendly_name' => __( 'WordPress Comments' ), 3807 'callback' => 'wp_comments_personal_data_eraser', 3808 ); 3809 3810 return $erasers; 3811 } 3812 3813 /** 3814 * Erases personal data associated with an email address from the comments table. 3815 * 3816 * @since 4.9.6 3817 * 3818 * @global wpdb $wpdb WordPress database abstraction object. 3819 * 3820 * @param string $email_address The comment author email address. 3821 * @param int $page Comment page number. 3822 * @return array { 3823 * Data removal results. 3824 * 3825 * @type bool $items_removed Whether items were actually removed. 3826 * @type bool $items_retained Whether items were retained. 3827 * @type string[] $messages An array of messages to add to the personal data export file. 3828 * @type bool $done Whether the eraser is finished. 3829 * } 3830 */ 3831 function wp_comments_personal_data_eraser( $email_address, $page = 1 ) { 3832 global $wpdb; 3833 3834 if ( empty( $email_address ) ) { 3835 return array( 3836 'items_removed' => false, 3837 'items_retained' => false, 3838 'messages' => array(), 3839 'done' => true, 3840 ); 3841 } 3842 3843 // Limit us to 500 comments at a time to avoid timing out. 3844 $number = 500; 3845 $page = (int) $page; 3846 $items_removed = false; 3847 $items_retained = false; 3848 3849 $comments = get_comments( 3850 array( 3851 'author_email' => $email_address, 3852 'number' => $number, 3853 'paged' => $page, 3854 'orderby' => 'comment_ID', 3855 'order' => 'ASC', 3856 'include_unapproved' => true, 3857 ) 3858 ); 3859 3860 /* translators: Name of a comment's author after being anonymized. */ 3861 $anon_author = __( 'Anonymous' ); 3862 $messages = array(); 3863 3864 foreach ( (array) $comments as $comment ) { 3865 $anonymized_comment = array(); 3866 $anonymized_comment['comment_agent'] = ''; 3867 $anonymized_comment['comment_author'] = $anon_author; 3868 $anonymized_comment['comment_author_email'] = ''; 3869 $anonymized_comment['comment_author_IP'] = wp_privacy_anonymize_data( 'ip', $comment->comment_author_IP ); 3870 $anonymized_comment['comment_author_url'] = ''; 3871 $anonymized_comment['user_id'] = 0; 3872 3873 $comment_id = (int) $comment->comment_ID; 3874 3875 /** 3876 * Filters whether to anonymize the comment. 3877 * 3878 * @since 4.9.6 3879 * 3880 * @param bool|string $anon_message Whether to apply the comment anonymization (bool) or a custom 3881 * message (string). Default true. 3882 * @param WP_Comment $comment WP_Comment object. 3883 * @param array $anonymized_comment Anonymized comment data. 3884 */ 3885 $anon_message = apply_filters( 'wp_anonymize_comment', true, $comment, $anonymized_comment ); 3886 3887 if ( true !== $anon_message ) { 3888 if ( $anon_message && is_string( $anon_message ) ) { 3889 $messages[] = esc_html( $anon_message ); 3890 } else { 3891 /* translators: %d: Comment ID. */ 3892 $messages[] = sprintf( __( 'Comment %d contains personal data but could not be anonymized.' ), $comment_id ); 3893 } 3894 3895 $items_retained = true; 3896 3897 continue; 3898 } 3899 3900 $args = array( 3901 'comment_ID' => $comment_id, 3902 ); 3903 3904 $updated = $wpdb->update( $wpdb->comments, $anonymized_comment, $args ); 3905 3906 if ( $updated ) { 3907 $items_removed = true; 3908 clean_comment_cache( $comment_id ); 3909 } else { 3910 $items_retained = true; 3911 } 3912 } 3913 3914 $done = count( $comments ) < $number; 3915 3916 return array( 3917 'items_removed' => $items_removed, 3918 'items_retained' => $items_retained, 3919 'messages' => $messages, 3920 'done' => $done, 3921 ); 3922 } 3923 3924 /** 3925 * Sets the last changed time for the 'comment' cache group. 3926 * 3927 * @since 5.0.0 3928 */ 3929 function wp_cache_set_comments_last_changed() { 3930 wp_cache_set_last_changed( 'comment' ); 3931 } 3932 3933 /** 3934 * Updates the comment type for a batch of comments. 3935 * 3936 * @since 5.5.0 3937 * 3938 * @global wpdb $wpdb WordPress database abstraction object. 3939 */ 3940 function _wp_batch_update_comment_type() { 3941 global $wpdb; 3942 3943 $lock_name = 'update_comment_type.lock'; 3944 3945 // Try to lock. 3946 $lock_result = $wpdb->query( $wpdb->prepare( "INSERT IGNORE INTO `$wpdb->options` ( `option_name`, `option_value`, `autoload` ) VALUES (%s, %s, 'no') /* LOCK */", $lock_name, time() ) ); 3947 3948 if ( ! $lock_result ) { 3949 $lock_result = get_option( $lock_name ); 3950 3951 // Bail if we were unable to create a lock, or if the existing lock is still valid. 3952 if ( ! $lock_result || ( $lock_result > ( time() - HOUR_IN_SECONDS ) ) ) { 3953 wp_schedule_single_event( time() + ( 5 * MINUTE_IN_SECONDS ), 'wp_update_comment_type_batch' ); 3954 return; 3955 } 3956 } 3957 3958 // Update the lock, as by this point we've definitely got a lock, just need to fire the actions. 3959 update_option( $lock_name, time() ); 3960 3961 // Check if there's still an empty comment type. 3962 $empty_comment_type = $wpdb->get_var( 3963 "SELECT comment_ID FROM $wpdb->comments 3964 WHERE comment_type = '' 3965 LIMIT 1" 3966 ); 3967 3968 // No empty comment type, we're done here. 3969 if ( ! $empty_comment_type ) { 3970 update_option( 'finished_updating_comment_type', true ); 3971 delete_option( $lock_name ); 3972 return; 3973 } 3974 3975 // Empty comment type found? We'll need to run this script again. 3976 wp_schedule_single_event( time() + ( 2 * MINUTE_IN_SECONDS ), 'wp_update_comment_type_batch' ); 3977 3978 /** 3979 * Filters the comment batch size for updating the comment type. 3980 * 3981 * @since 5.5.0 3982 * 3983 * @param int $comment_batch_size The comment batch size. Default 100. 3984 */ 3985 $comment_batch_size = (int) apply_filters( 'wp_update_comment_type_batch_size', 100 ); 3986 3987 // Get the IDs of the comments to update. 3988 $comment_ids = $wpdb->get_col( 3989 $wpdb->prepare( 3990 "SELECT comment_ID 3991 FROM {$wpdb->comments} 3992 WHERE comment_type = '' 3993 ORDER BY comment_ID DESC 3994 LIMIT %d", 3995 $comment_batch_size 3996 ) 3997 ); 3998 3999 if ( $comment_ids ) { 4000 $comment_id_list = implode( ',', $comment_ids ); 4001 4002 // Update the `comment_type` field value to be `comment` for the next batch of comments. 4003 $wpdb->query( 4004 "UPDATE {$wpdb->comments} 4005 SET comment_type = 'comment' 4006 WHERE comment_type = '' 4007 AND comment_ID IN ({$comment_id_list})" // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared 4008 ); 4009 4010 // Make sure to clean the comment cache. 4011 clean_comment_cache( $comment_ids ); 4012 } 4013 4014 delete_option( $lock_name ); 4015 } 4016 4017 /** 4018 * In order to avoid the _wp_batch_update_comment_type() job being accidentally removed, 4019 * check that it's still scheduled while we haven't finished updating comment types. 4020 * 4021 * @ignore 4022 * @since 5.5.0 4023 */ 4024 function _wp_check_for_scheduled_update_comment_type() { 4025 if ( ! get_option( 'finished_updating_comment_type' ) && ! wp_next_scheduled( 'wp_update_comment_type_batch' ) ) { 4026 wp_schedule_single_event( time() + MINUTE_IN_SECONDS, 'wp_update_comment_type_batch' ); 4027 } 4028 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated : Fri Sep 22 08:20:01 2023 | Cross-referenced by PHPXref |