?> </p> <?php // comments if ($withcomments or $c) { $queryc = "SELECT * FROM {$tablecomments} WHERE comment_post_ID = {$id} ORDER BY comment_date"; $resultc = mysql_query($queryc); if ($resultc) { ?> <a name="comments"></a> <p><b><font color="#ff3300">::</font> comments</b></p> <?php while ($rowc = mysql_fetch_object($resultc)) { $commentdata = get_commentdata($rowc->comment_ID); ?> <!-- comment --> <p> <b><?php comment_author(); ?> ( <?php comment_author_email_link(); ?> / <?php comment_author_url_link(); ?> )</b> (IP: <?php comment_author_IP();
wp_set_comment_status($comment, 'approve'); if (true == get_option('comments_notify')) { wp_notify_postauthor($comment); } } header('Location: ' . get_option('siteurl') . '/wp-admin/moderation.php?approved=1'); break; case 'approvecomment': $comment = (int) $_GET['comment']; $p = (int) $_GET['p']; if (isset($_GET['noredir'])) { $noredir = true; } else { $noredir = false; } $commentdata = get_commentdata($comment) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php')); if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'])) { die(__('You are not allowed to edit comments on this post, so you cannot approve this comment.')); } wp_set_comment_status($comment, "approve"); if (get_settings("comments_notify") == true) { wp_notify_postauthor($comment); } if ($_SERVER['HTTP_REFERER'] != "" && false == $noredir) { header('Location: ' . $_SERVER['HTTP_REFERER']); } else { header('Location: ' . get_settings('siteurl') . '/wp-admin/edit.php?p=' . $p . '&c=1#comments'); } break; case 'editedcomment': $comment_ID = (int) $_POST['comment_ID'];
break; case 'approvecomment': $standalone = 1; require_once './admin-header.php'; wp_refcheck("/wp-admin"); if ($user_level == 0) { die('Cheatin’ uh?'); } $comment = $HTTP_GET_VARS['comment']; $p = $HTTP_GET_VARS['p']; if (isset($HTTP_GET_VARS['noredir'])) { $noredir = true; } else { $noredir = false; } $commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. <a href="edit.php">Go back</a>!'); wp_set_comment_status($comment, "approve"); if (get_settings("comments_notify") == true) { wp_notify_postauthor($comment); } if ($_SERVER['HTTP_REFERER'] != "" && false == $noredir) { header('Location: ' . $_SERVER['HTTP_REFERER']); } else { header('Location: ' . $siteurl . '/wp-admin/edit.php?p=' . $p . '&c=1#comments'); } break; case 'editedcomment': $standalone = 1; require_once './admin-header.php'; wp_refcheck("/wp-admin"); if ($user_level == 0) {
function blacklist($commentID) { global $wpbl_options, $wbbl_comment, $tableblacklist, $approved; $wpbl_comment = get_commentdata($commentID, 1, false); // first check the comment status based on WP core moderation $stat = wp_get_comment_status($commentID); if ($stat == 'deleted') { // no need to proceed since there is no comment return; } else { if ($stat == 'unapproved') { $held = True; } else { $held = False; } } // are we supposed to delete comments held by the core? if ($held && in_array('deletecore', $wpbl_options)) { mail_and_del($commentID, "Mail held for moderation outside WPBlacklist"); return; } else { if ($held && !in_array('checkcore', $wpbl_options)) { // comment held for moderation but option to check against blacklist not specified return; } } // IP check $sites = $GLOBALS['wpdb']->get_results("SELECT regex FROM {$tableblacklist} WHERE regex_type='ip'"); if ($sites) { foreach ($sites as $site) { $regex = "/^{$site->regex}/"; if (preg_match($regex, $wpbl_comment['comment_author_IP'])) { $held = True; if (in_array('deleteip', $wpbl_options)) { $approved = 'deleted'; mail_and_del($commentID, "Author IP: {$wpbl_comment['comment_author_IP']} matched {$regex}"); return; } break; } } } // RBL check if (!$held || in_array('deleterbl', $wpbl_options)) { $sites = $GLOBALS['wpdb']->get_results("SELECT regex FROM {$tableblacklist} WHERE regex_type='rbl'"); if ($sites) { foreach ($sites as $site) { $regex = $site->regex; if (preg_match("/([0-9]+)\\.([0-9]+)\\.([0-9]+)\\.([0-9]+)/", $wpbl_comment['comment_author_IP'], $matches)) { $rblhost = $matches[4] . "." . $matches[3] . "." . $matches[2] . "." . $matches[1] . "." . $regex; $resolved = gethostbyname($rblhost); if ($resolved != $rblhost) { $held = True; if (in_array('deleterbl', $wpbl_options)) { mail_and_del($commentID, "Author IP: {$wpbl_comment['comment_author_IP']} blacklisted by RBL {$regex}"); return; } break; } } } } } // expression check if (!$held || in_array('deletemail', $wpbl_options) || in_array('deleteurl', $wpbl_options) || in_array('delcommurl', $wpbl_options)) { $sites = $GLOBALS['wpdb']->get_results("SELECT regex FROM {$tableblacklist} WHERE regex_type='url'"); if ($sites) { foreach ($sites as $site) { $regex = "/{$site->regex}/i"; // echo "Regex: $regex <br />"; if (preg_match($regex, $wpbl_comment['comment_author_url'])) { $held = True; if (in_array('deleteurl', $wpbl_options)) { $approved = 'deleted'; mail_and_del($commentID, "Author URL: {$wpbl_comment['comment_author_url']} matched {$regex}"); return; } break; } if (preg_match($regex, $wpbl_comment['comment_author_email'])) { $held = True; if (in_array('deletemail', $wpbl_options)) { mail_and_del($commentID, "Author e-mail: {$wpbl_comment['comment_author_email']} matched {$regex}"); return; } break; } if (preg_match($regex, $wpbl_comment['comment_content'])) { $held = True; if (in_array('delcommurl', $wpbl_options)) { $approved = 'deleted'; mail_and_del($commentID, "Comment text contained {$regex}"); return; } break; } } } } if ($wpbl_comment['comment_type'] == 'trackback' && (!$held || in_array('deltbsp', $wpbl_options))) { // Let's check the remote site require_once XOOPS_ROOT_PATH . '/class/snoopy.php'; $snoopy = new Snoopy(); if ($snoopy->fetch($wpbl_comment['comment_author_url'])) { $orig_contents = $snoopy->results; } if (!strpos($orig_contents, $siteurl)) { $approved = 'deleted'; mail_and_del($commentID, "TrackBack URL does not contain my site URL"); } } if ($held) { $approved = 0; wp_set_comment_status($commentID, 'hold'); } else { $approved = 1; wp_set_comment_status($commentID, 'approve'); } // the following is essential not to break other plugins return $commentID; }
function wp_cache_get_postid_from_comment($comment_id) { $comment = get_commentdata($comment_id, 1, true); $postid = $comment['comment_post_ID']; // We must check it up again due to WP bugs calling two different actions // for delete, for example both wp_set_comment_status and delete_comment // are called whene deleting a comment if ($postid > 0) { return wp_cache_post_change($postid); } else { return wp_cache_post_change(wp_cache_post_id()); } }
function flag_comment_link($comment_id = 0) { $comment_id = empty($comment_id) ? get_comment_ID() : $comment_id; if (empty($comment_id)) { return false; } $comment_data = get_commentdata($comment_id); $user = wp_get_current_user(); // check that the user can vote if (!empty($this->flag_cap) && !current_user_can($this->flag_cap)) { return false; } $already = $this->get_user_flag_status($comment_id, $user->ID); // if already flagged if (!empty($already)) { $link = $this->flag_comments_flagged_markup; } else { $link = add_query_arg(array('_wpnonce' => $this->nonce_key, 'flagged-comment' => 1, 'flagged-comment-id' => $comment_id), get_permalink($comment_data->comment_post_ID)) . '#comment-' . $comment_id; $link = sprintf($this->flag_comments_flag_markup, $link); } echo '<div class="flag-comment">' . $link . '</div>'; }
function wp_cache_get_postid_from_comment($comment_id) { $comment = get_commentdata($comment_id, 1, true); $postid = $comment['comment_post_ID']; // Do nothing if comment is not moderated // http://ocaoimh.ie/2006/12/05/caching-wordpress-with-wp-cache-in-a-spam-filled-world if (!preg_match('/wp-admin\\//', $_SERVER['REQUEST_URI']) && $comment['comment_approved'] != 1) { return $post_id; } // We must check it up again due to WP bugs calling two different actions // for delete, for example both wp_set_comment_status and delete_comment // are called when deleting a comment if ($postid > 0) { return wp_cache_post_change($postid); } else { return wp_cache_post_change(wp_cache_post_id()); } }
exit; } param('comment', 'integer'); param('p', 'integer'); param('noredir', 'string'); if (isset($noredir)) { $noredir = true; } else { $noredir = false; } if ($_SERVER['HTTP_REFERER'] != "" && false == $noredir) { $location = $_SERVER['HTTP_REFERER']; } else { $location = $siteurl . '/wp-admin/edit.php?p=' . $p . '&c=1#comments'; } if (!($commentdata = get_commentdata($comment, 1, true))) { redirect_header($location, 5, _LANG_P_OOPS_IDPOS); exit; } wp_set_comment_status($comment, "approve"); if (get_settings("comments_notify") == true) { wp_notify_postauthor($comment); } header('Location: ' . $location); break; case 'editedcomment': wp_refcheck("/wp-admin"); if ($user_level == 0) { redirect_header($siteurl . '/wp-admin/', 5, _LANG_P_CHEATING_ERROR); exit; }
/** * Send Comment to FF Function * * This function adds comment to FF entry if * Send comments to FF option is true * * @param integer * * @return bool * */ function send_admin_comment_to_ff($comment_ID) { global $wpdb, $ff_username, $ff_remote_key; $ff = new FriendFeed($ff_username, $ff_remote_key); if (!$ff) { return false; } else { $ff_send_admin_comment = get_option('ff_send_admin_comment'); if (empty($ff_send_admin_comment)) { return false; } else { // Eklenen yorumun bilgilerini al $comment = get_commentdata($comment_ID, 1); $comment_post_ID = $comment['comment_post_ID']; $ff_item = $wpdb->get_row($wpdb->prepare('SELECT * FROM ' . TABLE_NAME . ' WHERE post_id = %d', $comment_post_ID)); if (!$ff_item) { return false; } else { // Yorumu yapan kullanıcı sitede kayıtlı mı? if (wp_ff_user_is_exists($comment['user_id'])) { // Kullanıcının sitedeki rolü $user_role = wp_ff_get_user_role($comment['user_id']); // Eğer admin ise if ($user_role['administrator'] == 1) { // FF API @ sorunu için hack :) $comment = str_replace('@', ' @', $comment['comment_content']); // Eğer Karakter Sayısı 512'den az ise tek yorum gönder if (mb_strlen($comment['comment_content']) < 512) { $comment_id = $ff->add_comment($ff_item->friendfeed_id, $comment); } else { $link = get_permalink($comment['comment_post_ID']) . '#comment-' . $comment_ID; $link_character_count = mb_strlen($link, 'UTF-8'); $limit = 500 - ($link_character_count + 5); // Yorumu limitlemek lazım $comment = mb_substr($comment, 0, $limit, 'UTF-8'); $comment_content = $comment . '... ' . $link; $comment_id = $ff->add_comment($ff_item->friendfeed_id, $comment_content); } if ($comment_id) { wp_ff_add_comment_to_blacklist($comment_id); return true; } else { return false; } } else { return false; } } else { return false; } } } } }
function android_mailtocommenter($cid) { global $wpdb; $cid = (int) $cid; $commentdata = get_commentdata($cid, 1, false); $owner_email = $commentdata['comment_author_email']; $post_id = (int) $commentdata['comment_post_ID']; $comments = get_approved_comments($post_id); $commentcontent = $commentdata['comment_content']; $output = android_mailtocommenter_get_names($commentcontent); if (!$output) { return; } $mails = android_mailtocommente_get_email($comments); $n = array(); $admin_email = get_option('admin_email'); $result = 0; foreach ($output as $name) { if (array_key_exists($name, $mails) and $mails["{$name}"] != $owner_email) { $to = $mails["{$name}"]; $filter = android_mailtocommenter_filter($commentdata, $name); $subject = $filter[0]; $message = $filter[1]; $message = apply_filters('comment_text', $message); if (android_mailtocommenter_send_email($to, $subject, $message)) { $result++; } $n["{$name}"] = $name; } } if ($result > 0) { $subject = "CC. {$subject}"; $n = implode(',', $n); $n = "<br/>This comment has been sent to {$n}.<br/>"; $m = $n . 'Backup copy sent to admin<br/>' . $message; $to = strtolower(get_option('admin_email')); android_mailtocommenter_send_email($to, $subject, $m); } }
$comment = $HTTP_GET_VARS['comment']; $commentdata = get_commentdata($comment, 1) or die("Oops, no comment with this ID. <a href=\"javascript:history.go(-1)\">Go back</a> !"); $content = $commentdata["comment_content"]; $content = format_to_edit($content); echo $blankline; include $b2inc . "/b2edit.form.php"; break; case "deletecomment": $standalone = 1; require_once "./b2header.php"; if ($user_level == 0) { die("Cheatin' uh ?"); } $comment = $HTTP_GET_VARS['comment']; $p = $HTTP_GET_VARS['p']; $commentdata = get_commentdata($comment) or die("Oops, no comment with this ID. <a href=\"b2edit.php\">Go back</a> !"); $query = "DELETE FROM {$tablecomments} WHERE comment_ID={$comment}"; $result = mysql_query($query) or die("Oops, no comment with this ID. <a href=\"b2edit.php\">Go back</a> !"); header("Location: b2edit.php?p={$p}&c=1#comments"); //?a=dc"); break; case "editedcomment": $standalone = 1; require_once "./b2header.php"; if ($user_level == 0) { die("Cheatin' uh ?"); } $comment_ID = $HTTP_POST_VARS['comment_ID']; $comment_post_ID = $HTTP_POST_VARS['comment_post_ID']; $newcomment_author = $HTTP_POST_VARS['newcomment_author']; $newcomment_author_email = $HTTP_POST_VARS['newcomment_author_email'];
/** * called by do_ajax * receives cid and nonce and cl_prem as POST vars * stores the click in the comment meta */ function do_click() { $cid = intval($_POST['cid']); $nonce = $_POST['_ajax_nonce']; $url = $_POST['url']; if (!wp_verify_nonce($nonce, $cid)) { exit; } $data = get_comment_meta($cid, 'cl_data', true); if (is_array($data)) { $data['clicks'] = $data['clicks'] + 1; update_comment_meta($cid, 'cl_data', $data); } if ($_POST['cl_prem'] == 'true') { $comment = get_commentdata($cid); $refer = get_permalink($comment['comment_post_ID']); // set blocking to false because no response required $response = wp_remote_post($url, array('blocking' => false, 'body' => array('cl_request' => 'click', 'refer' => $refer, 'version' => $this->version))); } exit; }