function wp_new_comment($commentdata)
{
$commentdata = apply_filters('preprocess_comment', $commentdata);
$commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
$commentdata['user_ID'] = (int) $commentdata['user_ID'];
$commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
$commentdata['comment_agent'] = $_SERVER['HTTP_USER_AGENT'];
$commentdata['comment_date'] = current_time('mysql');
$commentdata['comment_date_gmt'] = current_time('mysql', 1);
$commentdata = wp_filter_comment($commentdata);
$commentdata['comment_approved'] = wp_allow_comment($commentdata);
$comment_ID = wp_insert_comment($commentdata);
do_action('comment_post', $comment_ID, $commentdata['comment_approved']);
if ('spam' !== $commentdata['comment_approved']) {
// If it's spam save it silently for later crunching
if ('0' == $commentdata['comment_approved']) {
wp_notify_moderator($comment_ID);
}
$post =& get_post($commentdata['comment_post_ID']);
// Don't notify if it's your own comment
if (get_settings('comments_notify') && $commentdata['comment_approved'] && $post->post_author != $commentdata['user_ID']) {
wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
}
}
return $comment_ID;
}
/**
* Adds a new comment to the database.
*
* Filters new comment to ensure that the fields are sanitized and valid before
* inserting comment into database. Calls 'comment_post' action with comment ID
* and whether comment is approved by WordPress. Also has 'preprocess_comment'
* filter for processing the comment data before the function handles it.
*
* We use REMOTE_ADDR here directly. If you are behind a proxy, you should ensure
* that it is properly set, such as in wp-config.php, for your environment.
* See {@link https://core.trac.wordpress.org/ticket/9235}
*
* @since 1.5.0
* @since 4.3.0 'comment_agent' and 'comment_author_IP' can be set via `$commentdata`.
*
* @see wp_insert_comment()
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param array $commentdata {
* Comment data.
*
* @type string $comment_author The name of the comment author.
* @type string $comment_author_email The comment author email address.
* @type string $comment_author_url The comment author URL.
* @type string $comment_content The content of the comment.
* @type string $comment_date The date the comment was submitted. Default is the current time.
* @type string $comment_date_gmt The date the comment was submitted in the GMT timezone.
* Default is `$comment_date` in the GMT timezone.
* @type int $comment_parent The ID of this comment's parent, if any. Default 0.
* @type int $comment_post_ID The ID of the post that relates to the comment.
* @type int $user_id The ID of the user who submitted the comment. Default 0.
* @type int $user_ID Kept for backward-compatibility. Use `$user_id` instead.
* @type string $comment_agent Comment author user agent. Default is the value of 'HTTP_USER_AGENT'
* in the `$_SERVER` superglobal sent in the original request.
* @type string $comment_author_IP Comment author IP address in IPv4 format. Default is the value of
* 'REMOTE_ADDR' in the `$_SERVER` superglobal sent in the original request.
* }
* @return int|false The ID of the comment on success, false on failure.
*/
function wp_new_comment($commentdata)
{
global $wpdb;
if (isset($commentdata['user_ID'])) {
$commentdata['user_id'] = $commentdata['user_ID'] = (int) $commentdata['user_ID'];
}
$prefiltered_user_id = isset($commentdata['user_id']) ? (int) $commentdata['user_id'] : 0;
/**
* Filter a comment's data before it is sanitized and inserted into the database.
*
* @since 1.5.0
*
* @param array $commentdata Comment data.
*/
$commentdata = apply_filters('preprocess_comment', $commentdata);
$commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
if (isset($commentdata['user_ID']) && $prefiltered_user_id !== (int) $commentdata['user_ID']) {
$commentdata['user_id'] = $commentdata['user_ID'] = (int) $commentdata['user_ID'];
} elseif (isset($commentdata['user_id'])) {
$commentdata['user_id'] = (int) $commentdata['user_id'];
}
$commentdata['comment_parent'] = isset($commentdata['comment_parent']) ? absint($commentdata['comment_parent']) : 0;
$parent_status = 0 < $commentdata['comment_parent'] ? wp_get_comment_status($commentdata['comment_parent']) : '';
$commentdata['comment_parent'] = 'approved' == $parent_status || 'unapproved' == $parent_status ? $commentdata['comment_parent'] : 0;
if (!isset($commentdata['comment_author_IP'])) {
$commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
}
$commentdata['comment_author_IP'] = preg_replace('/[^0-9a-fA-F:., ]/', '', $commentdata['comment_author_IP']);
if (!isset($commentdata['comment_agent'])) {
$commentdata['comment_agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
}
$commentdata['comment_agent'] = substr($commentdata['comment_agent'], 0, 254);
if (empty($commentdata['comment_date'])) {
$commentdata['comment_date'] = current_time('mysql');
}
if (empty($commentdata['comment_date_gmt'])) {
$commentdata['comment_date_gmt'] = current_time('mysql', 1);
}
$commentdata = wp_filter_comment($commentdata);
$commentdata['comment_approved'] = wp_allow_comment($commentdata);
$comment_ID = wp_insert_comment($commentdata);
if (!$comment_ID) {
$fields = array('comment_author', 'comment_author_email', 'comment_author_url', 'comment_content');
foreach ($fields as $field) {
if (isset($commentdata[$field])) {
$commentdata[$field] = $wpdb->strip_invalid_text_for_column($wpdb->comments, $field, $commentdata[$field]);
}
}
$commentdata = wp_filter_comment($commentdata);
$commentdata['comment_approved'] = wp_allow_comment($commentdata);
$comment_ID = wp_insert_comment($commentdata);
if (!$comment_ID) {
return false;
}
}
/**
* Fires immediately after a comment is inserted into the database.
*
* @since 1.2.0
*
* @param int $comment_ID The comment ID.
* @param int|string $comment_approved 1 if the comment is approved, 0 if not, 'spam' if spam.
*/
do_action('comment_post', $comment_ID, $commentdata['comment_approved']);
return $comment_ID;
}
/**
* Adds a new comment to the database.
*
* Filters new comment to ensure that the fields are sanitized and valid before
* inserting comment into database. Calls 'comment_post' action with comment ID
* and whether comment is approved by WordPress. Also has 'preprocess_comment'
* filter for processing the comment data before the function handles it.
*
* We use REMOTE_ADDR here directly. If you are behind a proxy, you should ensure
* that it is properly set, such as in wp-config.php, for your environment.
* See {@link https://core.trac.wordpress.org/ticket/9235}
*
* @since 1.5.0
* @since 4.3.0 'comment_agent' and 'comment_author_IP' can be set via `$commentdata`.
*
* @see wp_insert_comment()
*
* @global wpdb $wpdb
*
* @param array $commentdata {
* Comment data.
*
* @type string $comment_author The name of the comment author.
* @type string $comment_author_email The comment author email address.
* @type string $comment_author_url The comment author URL.
* @type string $comment_content The content of the comment.
* @type string $comment_date The date the comment was submitted. Default is the current time.
* @type string $comment_date_gmt The date the comment was submitted in the GMT timezone.
* Default is `$comment_date` in the GMT timezone.
* @type int $comment_parent The ID of this comment's parent, if any. Default 0.
* @type int $comment_post_ID The ID of the post that relates to the comment.
* @type int $user_id The ID of the user who submitted the comment. Default 0.
* @type int $user_ID Kept for backward-compatibility. Use `$user_id` instead.
* @type string $comment_agent Comment author user agent. Default is the value of 'HTTP_USER_AGENT'
* in the `$_SERVER` superglobal sent in the original request.
* @type string $comment_author_IP Comment author IP address in IPv4 format. Default is the value of
* 'REMOTE_ADDR' in the `$_SERVER` superglobal sent in the original request.
* }
* @return int|false The ID of the comment on success, false on failure.
*/
function wp_new_comment($commentdata)
{
global $wpdb;
if (isset($commentdata['user_ID'])) {
$commentdata['user_id'] = $commentdata['user_ID'] = (int) $commentdata['user_ID'];
}
$prefiltered_user_id = isset($commentdata['user_id']) ? (int) $commentdata['user_id'] : 0;
/**
* Filter a comment's data before it is sanitized and inserted into the database.
*
* @since 1.5.0
*
* @param array $commentdata Comment data.
*/
$commentdata = apply_filters('preprocess_comment', $commentdata);
$commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
if (isset($commentdata['user_ID']) && $prefiltered_user_id !== (int) $commentdata['user_ID']) {
$commentdata['user_id'] = $commentdata['user_ID'] = (int) $commentdata['user_ID'];
} elseif (isset($commentdata['user_id'])) {
$commentdata['user_id'] = (int) $commentdata['user_id'];
}
$commentdata['comment_parent'] = isset($commentdata['comment_parent']) ? absint($commentdata['comment_parent']) : 0;
$parent_status = 0 < $commentdata['comment_parent'] ? wp_get_comment_status($commentdata['comment_parent']) : '';
$commentdata['comment_parent'] = 'approved' == $parent_status || 'unapproved' == $parent_status ? $commentdata['comment_parent'] : 0;
if (!isset($commentdata['comment_author_IP'])) {
$commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
}
$commentdata['comment_author_IP'] = preg_replace('/[^0-9a-fA-F:., ]/', '', $commentdata['comment_author_IP']);
if (!isset($commentdata['comment_agent'])) {
$commentdata['comment_agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
}
$commentdata['comment_agent'] = substr($commentdata['comment_agent'], 0, 254);
if (empty($commentdata['comment_date'])) {
$commentdata['comment_date'] = current_time('mysql');
}
if (empty($commentdata['comment_date_gmt'])) {
$commentdata['comment_date_gmt'] = current_time('mysql', 1);
}
$commentdata = wp_filter_comment($commentdata);
$commentdata['comment_approved'] = wp_allow_comment($commentdata);
$comment_ID = wp_insert_comment($commentdata);
if (!$comment_ID) {
$fields = array('comment_author', 'comment_author_email', 'comment_author_url', 'comment_content');
foreach ($fields as $field) {
if (isset($commentdata[$field])) {
$commentdata[$field] = $wpdb->strip_invalid_text_for_column($wpdb->comments, $field, $commentdata[$field]);
}
}
$commentdata = wp_filter_comment($commentdata);
$commentdata['comment_approved'] = wp_allow_comment($commentdata);
$comment_ID = wp_insert_comment($commentdata);
if (!$comment_ID) {
return false;
}
}
/**
* Fires immediately after a comment is inserted into the database.
*
* @since 1.2.0
*
* @param int $comment_ID The comment ID.
* @param int $comment_approved 1 (true) if the comment is approved, 0 (false) if not.
*/
do_action('comment_post', $comment_ID, $commentdata['comment_approved']);
if ('spam' !== $commentdata['comment_approved']) {
// If it's spam save it silently for later crunching
if ('0' == $commentdata['comment_approved']) {
wp_notify_moderator($comment_ID);
}
// wp_notify_postauthor() checks if notifying the author of their own comment.
// By default, it won't, but filters can override this.
if (get_option('comments_notify') && $commentdata['comment_approved']) {
wp_notify_postauthor($comment_ID);
}
}
return $comment_ID;
}
/**
* Create a comment.
*
* @param WP_REST_Request $request Full details about the request.
* @return WP_Error|WP_REST_Response
*/
public function create_item($request)
{
if (!empty($request['id'])) {
return new WP_Error('rest_comment_exists', __('Cannot create existing comment.'), array('status' => 400));
}
$post = get_post($request['post']);
if (empty($post)) {
return new WP_Error('rest_post_invalid_id', __('Invalid post id.'), array('status' => 404));
}
$prepared_comment = $this->prepare_item_for_database($request);
// Setting remaining values before wp_insert_comment so we can
// use wp_allow_comment().
if (!isset($prepared_comment['comment_date_gmt'])) {
$prepared_comment['comment_date_gmt'] = current_time('mysql', true);
}
// Set author data if the user's logged in
$missing_author = empty($prepared_comment['user_id']) && empty($prepared_comment['comment_author']) && empty($prepared_comment['comment_author_email']) && empty($prepared_comment['comment_author_url']);
if (is_user_logged_in() && $missing_author) {
$user = wp_get_current_user();
$prepared_comment['user_id'] = $user->ID;
$prepared_comment['comment_author'] = $user->display_name;
$prepared_comment['comment_author_email'] = $user->user_email;
$prepared_comment['comment_author_url'] = $user->user_url;
}
if (!isset($prepared_comment['comment_author_email'])) {
$prepared_comment['comment_author_email'] = '';
}
if (!isset($prepared_comment['comment_author_url'])) {
$prepared_comment['comment_author_url'] = '';
}
$prepared_comment['comment_author_IP'] = '127.0.0.1';
$prepared_comment['comment_agent'] = '';
$prepared_comment['comment_approved'] = wp_allow_comment($prepared_comment);
/**
* Filter a comment before it is inserted via the REST API.
*
* Allows modification of the comment right before it is inserted via `wp_insert_comment`.
*
* @param array $prepared_comment The prepared comment data for `wp_insert_comment`.
* @param WP_REST_Request $request Request used to insert the comment.
*/
$prepared_comment = apply_filters('rest_pre_insert_comment', $prepared_comment, $request);
$comment_id = wp_insert_comment($prepared_comment);
if (!$comment_id) {
return new WP_Error('rest_comment_failed_create', __('Creating comment failed.'), array('status' => 500));
}
if (isset($request['status'])) {
$comment = get_comment($comment_id);
$this->handle_status_param($request['status'], $comment);
}
$this->update_additional_fields_for_object(get_comment($comment_id), $request);
$context = current_user_can('moderate_comments') ? 'edit' : 'view';
$response = $this->get_item(array('id' => $comment_id, 'context' => $context));
$response = rest_ensure_response($response);
if (is_wp_error($response)) {
return $response;
}
$response->set_status(201);
$response->header('Location', rest_url('/wp/v2/comments/' . $comment_id));
/**
* Fires after a comment is created or updated via the REST API.
*
* @param array $prepared_comment Inserted comment data.
* @param WP_REST_Request $request The request sent to the API.
* @param bool $creating True when creating a comment, false when updating.
*/
do_action('rest_insert_comment', $prepared_comment, $request, true);
return $response;
}
/**
* Adds a new comment to the database.
*
* Filters new comment to ensure that the fields are sanitized and valid before
* inserting comment into database. Calls 'comment_post' action with comment ID
* and whether comment is approved by WordPress. Also has 'preprocess_comment'
* filter for processing the comment data before the function handles it.
*
* We use REMOTE_ADDR here directly. If you are behind a proxy, you should ensure
* that it is properly set, such as in wp-config.php, for your environment.
* See {@link http://core.trac.wordpress.org/ticket/9235}
*
* @since 1.5.0
* @uses apply_filters() Calls 'preprocess_comment' hook on $commentdata parameter array before processing
* @uses do_action() Calls 'comment_post' hook on $comment_ID returned from adding the comment and if the comment was approved.
* @uses wp_filter_comment() Used to filter comment before adding comment.
* @uses wp_allow_comment() checks to see if comment is approved.
* @uses wp_insert_comment() Does the actual comment insertion to the database.
*
* @param array $commentdata Contains information on the comment.
* @return int The ID of the comment after adding.
*/
function wp_new_comment($commentdata)
{
$commentdata = apply_filters('preprocess_comment', $commentdata);
$commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
if (isset($commentdata['user_ID'])) {
$commentdata['user_id'] = $commentdata['user_ID'] = (int) $commentdata['user_ID'];
} elseif (isset($commentdata['user_id'])) {
$commentdata['user_id'] = (int) $commentdata['user_id'];
}
$commentdata['comment_parent'] = isset($commentdata['comment_parent']) ? absint($commentdata['comment_parent']) : 0;
$parent_status = 0 < $commentdata['comment_parent'] ? wp_get_comment_status($commentdata['comment_parent']) : '';
$commentdata['comment_parent'] = 'approved' == $parent_status || 'unapproved' == $parent_status ? $commentdata['comment_parent'] : 0;
$commentdata['comment_author_IP'] = preg_replace('/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR']);
$commentdata['comment_agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? substr($_SERVER['HTTP_USER_AGENT'], 0, 254) : '';
$commentdata['comment_date'] = current_time('mysql');
$commentdata['comment_date_gmt'] = current_time('mysql', 1);
$commentdata = wp_filter_comment($commentdata);
$commentdata['comment_approved'] = wp_allow_comment($commentdata);
$comment_ID = wp_insert_comment($commentdata);
do_action('comment_post', $comment_ID, $commentdata['comment_approved']);
if ('spam' !== $commentdata['comment_approved']) {
// If it's spam save it silently for later crunching
if ('0' == $commentdata['comment_approved']) {
wp_notify_moderator($comment_ID);
}
$post = get_post($commentdata['comment_post_ID']);
// Don't notify if it's your own comment
if (get_option('comments_notify') && $commentdata['comment_approved'] && (!isset($commentdata['user_id']) || $post->post_author != $commentdata['user_id'])) {
wp_notify_postauthor($comment_ID, isset($commentdata['comment_type']) ? $commentdata['comment_type'] : '');
}
}
return $comment_ID;
}
public static function newThread($data = array())
{
$userId = CMA::getPostingUserId();
$user = get_userdata($userId);
if (empty($userId) or empty($user)) {
throw new Exception(CMA::__('Invalid user.'));
}
$title = self::titleFilter($data['title']);
$content = self::contentFilter($data['content'], $userId);
self::validateTitle($title, $editId = false, $errors);
if (!CMA_Settings::getOption(CMA_Settings::OPTION_QUESTION_DESCRIPTION_OPTIONAL) && empty($content)) {
$errors[] = __('Content cannot be empty', 'cm-answers-pro');
}
if (($badWord = CMA_BadWords::filterIfEnabled($content)) !== false) {
$errors[] = sprintf(CMA_Labels::getLocalized('msg_content_includes_bad_word'), $badWord);
}
if (!empty($_FILES) and !self::areQuestionAttachmentsAllowed()) {
$errors[] = __('Upload is not allowed.', 'cm-answers-pro');
} elseif (!self::validateUploadSize()) {
$errors[] = __('The file you uploaded is too big', 'cm-answers-pro');
} elseif (!self::validateUploadNames()) {
$errors[] = __('The file you uploaded is not allowed', 'cm-answers-pro');
}
if (!empty($data['category']) && $data['category'] > 0) {
if ($category = CMA_Category::getInstance($data['category'])) {
if (!$category->isVisible()) {
$errors[] = CMA::__('You have no permission to post this question.');
}
} else {
$errors[] = CMA::__('Choose a valid category.');
}
} else {
if (CMA_Settings::getOption(CMA_Settings::OPTION_QUESTION_REQUIRE_CATEGORY)) {
$errors[] = CMA::__('Choose a category.');
}
}
if (!empty($errors)) {
throw new Exception(serialize($errors));
}
if (CMA_Settings::getOption(CMA_Settings::OPTION_QUESTION_AUTO_APPROVE) || self::isAuthorAutoApproved($userId)) {
$status = 'publish';
} else {
$status = 'draft';
if (self::getSpamFilter() || CMA_Settings::getOption(CMA_Settings::OPTION_SIMULATE_COMMENT)) {
/** Hack, simulate comment adding to trigger spam filters * */
$commentdata = array('comment_post_ID' => 0, 'comment_author' => $user->first_name, 'comment_author_email' => $user->user_email, 'comment_author_url' => '', 'comment_content' => $title . ' ' . $content, 'comment_type' => self::POST_TYPE, 'user_ID' => $userId, 'comment_parent' => 0, 'comment_author_IP' => preg_replace('/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR']), 'comment_date' => current_time('mysql'), 'comment_date_gmt' => current_time('mysql', 1), 'comment_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? substr($_SERVER['HTTP_USER_AGENT'], 0, 254) : '');
if (CMA_Settings::getOption(CMA_Settings::OPTION_SIMULATE_COMMENT)) {
// Simulate comment to detect flood and so on.
if (wp_allow_comment($commentdata) == 'spam') {
$status = 'draft';
}
}
}
}
$postData = array('post_status' => $status, 'post_type' => self::POST_TYPE, 'post_title' => $title, 'post_content' => $content, 'post_name' => urldecode(sanitize_title_with_dashes(remove_accents($title))), 'post_author' => $userId);
do_action('cma_question_post_before', $postData);
$id = wp_insert_post($postData);
if ($id instanceof WP_Error) {
return $id->get_error_message();
} else {
$instance = self::getInstance($id);
$instance->setUpdated()->setResolved(false)->setAuthorIP()->checkGeolocation();
if (!empty($data['notify']) and $data['notify'] == 1) {
$instance->getFollowersEngine()->addFollower();
}
$instance->savePostMeta(array(self::$_meta['views'] => 0));
$instance->savePostMeta(array(self::$_meta['votes_answers'] => 0));
$instance->savePostMeta(array(self::$_meta['votes_question'] => 0));
$instance->savePostMeta(array(self::$_meta['votes_question_answers'] => 0));
$instance->savePostMeta(array(self::$_meta['highestRatedAnswer'] => 0));
$instance->savePostMeta(array(self::$_meta['stickyPost'] => 0));
if (!empty($data['category'])) {
$r = wp_set_post_terms($id, array($data['category']), CMA_Category::TAXONOMY, true);
}
if (isset($data['tags'])) {
$r = wp_set_post_tags($id, $data["tags"], true);
}
if (CMA_Settings::getOption(CMA_Settings::OPTION_USER_RELATED_QUESTIONS_ENABLE) and !empty($data['userRelatedQuestions'])) {
$instance->setUserRelatedQuestions(CMA_UserRelatedQuestions::getIdsFromRaw($data['userRelatedQuestions']));
}
$instance->savePost();
$attachmentsIds = CMA_QuestionAttachment::handleUpload($instance->getId());
if (!empty($_POST['attached']) && is_array($_POST['attached'])) {
$attachmentsIds = array_merge($attachmentsIds, $_POST['attached']);
}
foreach ($attachmentsIds as $attachmentId) {
if (!empty($attachmentId)) {
$instance->addAttachment($attachmentId);
}
}
if (CMA_Settings::getOption(CMA_Settings::OPTION_NEW_QUESTION_EVERYBODY_FOLLOW_ENABLED)) {
$instance->makeEverybodyFollowers();
}
if ($status == 'draft') {
$instance->notifyModerator();
} else {
self::updateQA($userId);
$instance->notifyAboutNewQuestion();
}
if (CMA_Settings::getOption(CMA_Settings::OPTION_LOGS_ENABLED)) {
CMA_QuestionPostLog::instance()->log($id);
}
do_action('cma_question_post_after', $instance, $data);
return $instance;
}
}
function nxs_postNewComment($cmnt, $aa = false)
{
$cmnt['comment_post_ID'] = (int) $cmnt['comment_post_ID'];
$cmnt['comment_parent'] = isset($cmnt['comment_parent']) ? absint($cmnt['comment_parent']) : 0;
$parent_status = 0 < $cmnt['comment_parent'] ? wp_get_comment_status($cmnt['comment_parent']) : '';
$cmnt['comment_parent'] = 'approved' == $parent_status || 'unapproved' == $parent_status ? $cmnt['comment_parent'] : 0;
$cmnt['comment_author_IP'] = '';
$cmnt['comment_agent'] = 'SNAP';
$cmnt['comment_date'] = get_date_from_gmt($cmnt['comment_date_gmt']);
$cmnt = wp_filter_comment($cmnt);
if ($aa) {
$cmnt['comment_approved'] = 1;
} else {
$cmnt['comment_approved'] = wp_allow_comment($cmnt);
}
$cmntID = wp_insert_comment($cmnt);
if ('spam' !== $cmnt['comment_approved']) {
if ('0' == $cmnt['comment_approved']) {
wp_notify_moderator($cmntID);
}
$post =& get_post($cmnt['comment_post_ID']);
if (get_option('comments_notify') && $cmnt['comment_approved'] && (!isset($cmnt['user_id']) || $post->post_author != $cmnt['user_id'])) {
wp_notify_postauthor($cmntID, isset($cmnt['comment_type']) ? $cmnt['comment_type'] : '');
}
global $wpdb, $dsq_api;
if (isset($dsq_api)) {
$plugins_url = str_replace('social-networks-auto-poster-facebook-twitter-g/', '', plugin_dir_path(__FILE__));
require_once $plugins_url . 'disqus-comment-system/export.php';
if (function_exists('dsq_export_wp')) {
$comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM {$wpdb->comments} WHERE comment_ID = " . $cmntID));
// prr($comments);
$wxr = dsq_export_wp($post, $comments);
$response = $dsq_api->import_wordpress_comments($wxr, time());
// prr($response);
}
}
}
return $cmntID;
}
/**
* If the blog post is cross-posted, and comments are redirected from phpBB,
* this catches posted comments and sends them to the forum
*/
function post_comment($postID)
{
global $phpbb_root_path, $phpEx, $phpbbForum, $auth, $user, $db;
if (!$this->is_working()) {
return;
}
$wpUserID = 0;
if ($wpUser = wp_get_current_user()) {
$wpUserID = $u->ID;
}
$requireNameEmail = get_option('require_name_email');
$fStateChanged = $phpbbForum->foreground();
$dets = $this->get_xposted_details($postID);
if (!$dets) {
$phpbbForum->restore_state($fStateChanged);
return;
}
$isValidEmail = true;
$guestPosting = false;
if ($phpbbForum->user_logged_in()) {
$username = $phpbbForum->get_username();
$website = $phpbbForum->get_userdata('user_website');
$email = $phpbbForum->get_userdata('user_email');
} else {
$guestPosting = true;
$username = strip_tags(stripslashes(request_var('author', 'Anonymous')));
$website = request_var('url', '');
$email = request_var('email', '');
if ($email) {
// use wordpress to sanitize email
$phpbbForum->background();
$isValidEmail = is_email($email);
$phpbbForum->foreground();
}
$username = wpu_find_next_avail_name($username, 'phpbb');
}
if (empty($dets['topic_approved'])) {
$phpbbForum->restore_state($fStateChanged);
wp_die($phpbbForum->lang['ITEM_LOCKED']);
}
if ($dets['topic_status'] == ITEM_LOCKED) {
$phpbbForum->restore_state($fStateChanged);
wp_die($phpbbForum->lang['TOPIC_LOCKED']);
}
if ($dets['forum_id'] == 0) {
// global announcement
if (!$auth->acl_getf_global('f_wpu_xpost_comment')) {
$phpbbForum->restore_state($fStateChanged);
wp_die(__('You do not have permission to respond to this announcement', 'wp-united'));
}
} else {
if (!$auth->acl_get('f_wpu_xpost_comment', $dets['forum_id'])) {
$phpbbForum->restore_state($fStateChanged);
wp_die(__('You do not have permission to comment in this forum', 'wp-united'));
}
}
$content = isset($_POST['comment']) ? trim($_POST['comment']) : null;
if (empty($content)) {
$phpbbForum->restore_state($fStateChanged);
wp_die(__('Error: Please type a comment!', 'wp-united'));
}
// taken from wp-comment-post.php, native WP translation of strings
if ($requireNameEmail && $guestPosting) {
if (6 > strlen($email) || '' == $username) {
wp_die(__('<strong>ERROR</strong>: please fill in the required fields (name, email).', 'wp-united'));
} elseif (!$isValidEmail) {
wp_die(__('<strong>ERROR</strong>: please enter a valid email address.', 'wp-united'));
}
}
$commentParent = (int) request_var('comment_parent', 0);
// create a wordpress comment and run some checks on it
// send comment thru akismet, other spam filtering, if user is logged out
$phpbbForum->background();
$commentData = array('comment_post_ID' => $postID, 'comment_author' => $username, 'comment_author_email' => $email, 'comment_author_url' => $website, 'comment_parent' => $commentParent, 'comment_type' => '', 'user_ID' => $wpUserID);
$checkSpam = $this->get_setting('xpostspam');
$checkSpam = !empty($checkSpam);
if ($guestPosting && $checkSpam) {
$commentData = apply_filters('preprocess_comment', $commentData);
}
$commentData = array_merge($commentData, array('comment_author_IP' => preg_replace('/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR']), 'comment_agent' => substr($_SERVER['HTTP_USER_AGENT'], 0, 254), 'comment_date' => current_time('mysql'), 'comment_date_gmt' => current_time('mysql', 1), 'comment_karma' => 0));
$forceModeration = false;
$overrideApproval = false;
if ($guestPosting && $checkSpam) {
$commentData['comment_approved'] = wp_allow_comment($commentData);
if (!$commentData['comment_approved'] || $commentData['comment_approved'] == 'spam') {
$forceModeration = true;
} else {
// if the comment has passed checks, and we are overriding phpBB approval settings
if ($this->get_setting('xpostspam') == 'all') {
$overrideApproval = true;
}
}
}
$phpbbForum->foreground();
wpu_html_to_bbcode($content);
$content = utf8_normalize_nfc($content);
$uid = $poll = $bitfield = $options = '';
generate_text_for_storage($content, $uid, $bitfield, $options, true, true, true);
require_once $phpbb_root_path . 'includes/functions_posting.' . $phpEx;
$subject = $dets['post_subject'];
$data = array('forum_id' => $dets['forum_id'], 'topic_id' => $dets['topic_id'], 'icon_id' => false, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $content, 'message_md5' => md5($content), 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'post_edit_locked' => 0, 'notify_set' => false, 'notify' => false, 'post_time' => 0, 'forum_name' => '', 'enable_indexing' => true, 'topic_title' => $subject, 'post_approved' => 1, 'poster_ip' => '');
if ($forceModeration) {
$data['force_approved_state'] = false;
} else {
if ($overrideApproval) {
$data['force_approved_state'] = true;
}
}
$postUrl = submit_post('reply', $subject, $username, POST_NORMAL, $poll, $data);
// update threading and guest post user data
if ($postUrl !== false) {
if ($commentParent || $guestPosting) {
$sql = 'UPDATE ' . POSTS_TABLE . " SET \n\t\t\t\t\t\tpost_wpu_xpost_parent = {$commentParent}, \n\t\t\t\t\t\tpost_wpu_xpost_meta1 = '" . $db->sql_escape($website) . "', \n\t\t\t\t\t\tpost_wpu_xpost_meta2 = '" . $db->sql_escape($email) . "' \n\t\t\t\t\t\tWHERE post_id = " . (int) $data['post_id'];
$db->sql_query($sql);
}
}
$commentData = array_merge($commentData, array('comment_ID' => $data['post_id'] + $this->integComments->get_id_offset()));
$wpComment = (object) $commentData;
$phpbbForum->restore_state($fStateChanged);
//set comment cookie
do_action('set_comment_cookies', $wpComment, $wpUser);
//prime the comment cache
if (function_exists('wp_cache_incr')) {
wp_cache_incr('last_changed', 1, 'comment');
} else {
$last_changed = wp_cache_get('last_changed', 'comment');
wp_cache_set('last_changed', $last_changed + 1, 'comment');
}
/**
* Redirect back to WP if we can.
* NOTE: if the comment was the first on a new page, this will redirect to the old page, rather than the new
* one.
* @todo: increment page var if necessary, or remove it if comment order is reversed, by adding hidden field with # of comments
*/
if (!empty($_POST['redirect_to'])) {
$location = $_POST['redirect_to'] . '#comment-' . $wpComment->comment_ID;
} else {
if (!empty($_POST['wpu-comment-redirect'])) {
$location = urldecode($_POST['wpu-comment-redirect']);
}
}
$location = apply_filters('comment_post_redirect', $location, $wpComment);
wp_safe_redirect($location);
exit;
}
/**
* Creates a comment.
*
* @since 4.7.0
* @access public
*
* @param WP_REST_Request $request Full details about the request.
* @return WP_Error|WP_REST_Response Response object on success, or error object on failure.
*/
public function create_item($request)
{
if (!empty($request['id'])) {
return new WP_Error('rest_comment_exists', __('Cannot create existing comment.'), array('status' => 400));
}
// Do not allow comments to be created with a non-default type.
if (!empty($request['type']) && 'comment' !== $request['type']) {
return new WP_Error('rest_invalid_comment_type', __('Cannot create a comment with that type.'), array('status' => 400));
}
$prepared_comment = $this->prepare_item_for_database($request);
if (is_wp_error($prepared_comment)) {
return $prepared_comment;
}
$prepared_comment['comment_type'] = '';
/*
* Do not allow a comment to be created with missing or empty
* comment_content. See wp_handle_comment_submission().
*/
if (empty($prepared_comment['comment_content'])) {
return new WP_Error('rest_comment_content_invalid', __('Invalid comment content.'), array('status' => 400));
}
// Setting remaining values before wp_insert_comment so we can use wp_allow_comment().
if (!isset($prepared_comment['comment_date_gmt'])) {
$prepared_comment['comment_date_gmt'] = current_time('mysql', true);
}
// Set author data if the user's logged in.
$missing_author = empty($prepared_comment['user_id']) && empty($prepared_comment['comment_author']) && empty($prepared_comment['comment_author_email']) && empty($prepared_comment['comment_author_url']);
if (is_user_logged_in() && $missing_author) {
$user = wp_get_current_user();
$prepared_comment['user_id'] = $user->ID;
$prepared_comment['comment_author'] = $user->display_name;
$prepared_comment['comment_author_email'] = $user->user_email;
$prepared_comment['comment_author_url'] = $user->user_url;
}
// Honor the discussion setting that requires a name and email address of the comment author.
if (get_option('require_name_email')) {
if (empty($prepared_comment['comment_author']) || empty($prepared_comment['comment_author_email'])) {
return new WP_Error('rest_comment_author_data_required', __('Creating a comment requires valid author name and email values.'), array('status' => 400));
}
}
if (!isset($prepared_comment['comment_author_email'])) {
$prepared_comment['comment_author_email'] = '';
}
if (!isset($prepared_comment['comment_author_url'])) {
$prepared_comment['comment_author_url'] = '';
}
if (!isset($prepared_comment['comment_agent'])) {
$prepared_comment['comment_agent'] = '';
}
$check_comment_lengths = wp_check_comment_data_max_lengths($prepared_comment);
if (is_wp_error($check_comment_lengths)) {
$error_code = $check_comment_lengths->get_error_code();
return new WP_Error($error_code, __('Comment field exceeds maximum length allowed.'), array('status' => 400));
}
$prepared_comment['comment_approved'] = wp_allow_comment($prepared_comment, true);
if (is_wp_error($prepared_comment['comment_approved'])) {
$error_code = $prepared_comment['comment_approved']->get_error_code();
$error_message = $prepared_comment['comment_approved']->get_error_message();
if ('comment_duplicate' === $error_code) {
return new WP_Error($error_code, $error_message, array('status' => 409));
}
if ('comment_flood' === $error_code) {
return new WP_Error($error_code, $error_message, array('status' => 400));
}
return $prepared_comment['comment_approved'];
}
/**
* Filters a comment before it is inserted via the REST API.
*
* Allows modification of the comment right before it is inserted via wp_insert_comment().
*
* @since 4.7.0
*
* @param array $prepared_comment The prepared comment data for wp_insert_comment().
* @param WP_REST_Request $request Request used to insert the comment.
*/
$prepared_comment = apply_filters('rest_pre_insert_comment', $prepared_comment, $request);
$comment_id = wp_insert_comment(wp_filter_comment(wp_slash((array) $prepared_comment)));
if (!$comment_id) {
return new WP_Error('rest_comment_failed_create', __('Creating comment failed.'), array('status' => 500));
}
if (isset($request['status'])) {
$this->handle_status_param($request['status'], $comment_id);
}
$comment = get_comment($comment_id);
/**
* Fires after a comment is created or updated via the REST API.
*
* @since 4.7.0
*
* @param WP_Comment $comment Inserted or updated comment object.
* @param WP_REST_Request $request Request object.
* @param bool $creating True when creating a comment, false
* when updating.
*/
do_action('rest_insert_comment', $comment, $request, true);
$schema = $this->get_item_schema();
if (!empty($schema['properties']['meta']) && isset($request['meta'])) {
$meta_update = $this->meta->update_value($request['meta'], $comment_id);
if (is_wp_error($meta_update)) {
return $meta_update;
}
}
$fields_update = $this->update_additional_fields_for_object($comment, $request);
if (is_wp_error($fields_update)) {
return $fields_update;
}
$context = current_user_can('moderate_comments') ? 'edit' : 'view';
$request->set_param('context', $context);
$response = $this->prepare_item_for_response($comment, $request);
$response = rest_ensure_response($response);
$response->set_status(201);
$response->header('Location', rest_url(sprintf('%s/%s/%d', $this->namespace, $this->rest_base, $comment_id)));
return $response;
}
/**
* Checks to see if the comment is allowed.
*
* [!!] Handles the exception for duplicate comments.
*
* @param array $commentdata
* @param int $result_id
* @param object $post
* @return array|bool
*/
public function allow_comment(array $commentdata, $result_id, &$post)
{
try {
add_filter('wp_die_handler', array('Social', 'wp_die_handler'));
$commentdata['comment_approved'] = wp_allow_comment($commentdata);
remove_filter('wp_die_handler', array('Social', 'wp_die_handler'));
return $commentdata;
} catch (Exception $e) {
remove_filter('wp_die_handler', array('Social', 'wp_die_handler'));
if ($e->getMessage() == Social::$duplicate_comment_message) {
// Remove the aggregation ID from the stack
unset($post->results[$this->_key][$result_id]);
$aggregated_ids = array();
foreach ($post->aggregated_ids[$this->_key] as $id) {
if ($id != $result_id) {
$aggregated_ids[] = $id;
}
}
$post->aggregated_ids[$this->_key] = $aggregated_ids;
// Mark the result as ignored
Social_Aggregation_Log::instance($post->ID)->ignore($result_id);
}
}
return false;
}
function Comments_array($comments, $post_ID)
{
$post = get_post($post_ID);
$user_ID = self::Get_user_ID($post);
update_option(c_al2fb_log_importing, true);
// Integration?
if ($user_ID && !self::Is_excluded($post) && $post->post_type != 'reply' && !get_post_meta($post->ID, c_al2fb_meta_nointegrate, true) && $post->comment_status == 'open') {
// Get time zone offset
$tz_off = get_option('gmt_offset');
if (empty($tz_off)) {
$tz_off = 0;
}
$tz_off = apply_filters('al2fb_gmt_offset', $tz_off);
$tz_off = $tz_off * 3600;
// Get Facebook comments
if (self::Is_recent($post) && get_user_meta($user_ID, c_al2fb_meta_fb_comments, true)) {
$fb_comments = WPAL2Int::Get_comments_or_likes($post, false);
if ($fb_comments && $fb_comments->data) {
// Get WordPress comments
$stored_comments = get_comments('post_id=' . $post->ID);
$stored_comments = array_merge($stored_comments, get_comments('status=spam&post_id=' . $post->ID));
$stored_comments = array_merge($stored_comments, get_comments('status=trash&post_id=' . $post->ID));
$stored_comments = array_merge($stored_comments, get_comments('status=hold&post_id=' . $post->ID));
$deleted_fb_comment_ids = get_post_meta($post->ID, c_al2fb_meta_fb_comment_id, false);
foreach ($fb_comments->data as $fb_comment) {
if (!empty($fb_comment->id)) {
$search_comment_id = end(explode('_', $fb_comment->id));
// Check if stored comment
$stored = false;
if ($stored_comments) {
foreach ($stored_comments as $comment) {
$fb_comment_id = get_comment_meta($comment->comment_ID, c_al2fb_meta_fb_comment_id, true);
if ($search_comment_id == end(explode('_', $fb_comment_id))) {
$stored = true;
break;
}
}
}
// Check if deleted comment
if (!$stored && $deleted_fb_comment_ids) {
foreach ($deleted_fb_comment_ids as $deleted_fb_comment_id) {
if ($search_comment_id == end(explode('_', $deleted_fb_comment_id))) {
$stored = true;
break;
}
}
}
// Create new comment
if (!$stored) {
$name = $fb_comment->from->name . ' ' . __('on Facebook', c_al2fb_text_domain);
if ($post->post_type == 'topic') {
// bbPress
$reply_id = bbp_insert_reply(array('post_parent' => $post_ID, 'post_content' => $fb_comment->message, 'post_status' => 'draft'), array('forum_id' => bbp_get_topic_forum_id($post_ID), 'topic_id' => $post_ID, 'anonymous_name' => $name));
// Add data
add_post_meta($reply_id, c_al2fb_meta_link_id, $fb_comment->id);
add_post_meta($post_ID, c_al2fb_meta_fb_comment_id, $fb_comment->id);
// Publish
$reply = array();
$reply['ID'] = $reply_id;
$reply['post_status'] = 'publish';
wp_update_post($reply);
} else {
$comment_ID = $fb_comment->id;
$commentdata = array('comment_post_ID' => $post_ID, 'comment_author' => $name, 'comment_author_email' => $fb_comment->from->id . '@facebook.com', 'comment_author_url' => WPAL2Int::Get_fb_profilelink($fb_comment->from->id), 'comment_author_IP' => '', 'comment_date' => date('Y-m-d H:i:s', strtotime($fb_comment->created_time) + $tz_off), 'comment_date_gmt' => date('Y-m-d H:i:s', strtotime($fb_comment->created_time)), 'comment_content' => $fb_comment->message, 'comment_karma' => 0, 'comment_approved' => 1, 'comment_agent' => 'AL2FB', 'comment_type' => '', 'comment_parent' => 0, 'user_id' => 0);
// Assign parent comment id
if (!empty($fb_comment->parent->id)) {
$parent_args = array('post_id' => $post_ID, 'meta_query' => array(array('key' => c_al2fb_meta_fb_comment_id, 'value' => $fb_comment->parent->id)));
$parent_comments_query = new WP_Comment_Query();
$parent_comments = $parent_comments_query->query($parent_args);
if (isset($parent_comments) && count($parent_comments) == 1) {
$commentdata['comment_parent'] = $parent_comments[0]->comment_ID;
}
}
$commentdata = apply_filters('al2fb_preprocess_comment', $commentdata, $post);
// Copy Facebook comment to WordPress database
if (get_user_meta($user_ID, c_al2fb_meta_fb_comments_copy, true)) {
// Apply filters
if (get_option(c_al2fb_option_nofilter_comments)) {
$commentdata['comment_approved'] = '1';
} else {
$commentdata = apply_filters('preprocess_comment', $commentdata);
$commentdata = wp_filter_comment($commentdata);
$commentdata['comment_approved'] = wp_allow_comment($commentdata);
}
// Insert comment in database
$comment_ID = wp_insert_comment($commentdata);
add_comment_meta($comment_ID, c_al2fb_meta_fb_comment_id, $fb_comment->id);
do_action('comment_post', $comment_ID, $commentdata['comment_approved']);
// Notify
if ('spam' !== $commentdata['comment_approved']) {
if ('0' == $commentdata['comment_approved']) {
wp_notify_moderator($comment_ID);
}
if (get_option('comments_notify') && $commentdata['comment_approved']) {
wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
}
}
} else {
$commentdata['comment_approved'] = '1';
}
// Add comment to array
if ($commentdata['comment_approved'] == 1) {
$new = new stdClass();
$new->comment_ID = $comment_ID;
$new->comment_post_ID = $commentdata['comment_post_ID'];
$new->comment_author = $commentdata['comment_author'];
$new->comment_author_email = $commentdata['comment_author_email'];
$new->comment_author_url = $commentdata['comment_author_url'];
$new->comment_author_ip = $commentdata['comment_author_IP'];
$new->comment_date = $commentdata['comment_date'];
$new->comment_date_gmt = $commentdata['comment_date_gmt'];
$new->comment_content = stripslashes($commentdata['comment_content']);
$new->comment_karma = $commentdata['comment_karma'];
$new->comment_approved = $commentdata['comment_approved'];
$new->comment_agent = $commentdata['comment_agent'];
$new->comment_type = $commentdata['comment_type'];
$new->comment_parent = $commentdata['comment_parent'];
$new->user_id = $commentdata['user_id'];
$comments[] = $new;
}
}
}
} else {
if ($this->debug) {
add_post_meta($post->ID, c_al2fb_meta_log, date('c') . ' Missing FB comment id: ' . print_r($fb_comment, true));
}
}
}
}
}
// Get likes
if (self::Is_recent($post) && $post->ping_status == 'open' && get_user_meta($user_ID, c_al2fb_meta_fb_likes, true)) {
$fb_likes = WPAL2Int::Get_comments_or_likes($post, true);
if ($fb_likes && $fb_likes->data) {
foreach ($fb_likes->data as $fb_like) {
// Create new virtual comment
$link = WPAL2Int::Get_fb_profilelink($fb_like->id);
$new = new stdClass();
$new->comment_ID = $fb_like->id;
$new->comment_post_ID = $post_ID;
$new->comment_author = $fb_like->name . ' ' . __('on Facebook', c_al2fb_text_domain);
$new->comment_author_email = '';
$new->comment_author_url = $link;
$new->comment_author_ip = '';
$new->comment_date_gmt = date('Y-m-d H:i:s', time());
$new->comment_date = $new->comment_date_gmt;
$new->comment_content = '<em>' . __('Liked this post', c_al2fb_text_domain) . '</em>';
$new->comment_karma = 0;
$new->comment_approved = 1;
$new->comment_agent = 'AL2FB';
$new->comment_type = 'pingback';
$new->comment_parent = 0;
$new->user_id = 0;
$comments[] = $new;
}
}
}
// Sort comments by time
if (!empty($fb_comments) || !empty($fb_likes)) {
usort($comments, array(&$this, 'Comment_compare'));
if (get_option('comment_order') == 'desc') {
array_reverse($comments);
}
}
}
// Comment link type
$link_id = get_post_meta($post->ID, c_al2fb_meta_link_id, true);
$comments_nolink = get_user_meta($user_ID, c_al2fb_meta_fb_comments_nolink, true);
if (empty($comments_nolink)) {
$comments_nolink = 'author';
} else {
if ($comments_nolink == 'on' || empty($link_id)) {
$comments_nolink = 'none';
}
}
if ($comments_nolink == 'none' || $comments_nolink == 'link') {
$link = WPAL2Int::Get_fb_permalink($link_id);
if ($comments) {
foreach ($comments as $comment) {
if ($comment->comment_agent == 'AL2FB') {
if ($comments_nolink == 'none') {
$comment->comment_author_url = '';
} else {
if ($comments_nolink == 'link') {
$comment->comment_author_url = $link;
}
}
}
}
}
}
// Permission to view?
$min_cap = get_option(c_al2fb_option_min_cap_comment);
if ($min_cap && !current_user_can($min_cap)) {
if ($comments) {
for ($i = 0; $i < count($comments); $i++) {
if ($comments[$i]->comment_agent == 'AL2FB') {
unset($comments[$i]);
}
}
}
}
return $comments;
}
public static function create($service_answer, $data, $app_id)
{
$service_answer = array();
$service_answer['comment_ok'] = 0;
if (!empty($data['comment'])) {
$comment = $data['comment'];
//Check authentication
if (!empty($data['auth'])) {
if (is_array($comment)) {
$comment_content = trim(base64_decode($comment['content']));
if (!empty($comment_content)) {
$to_check = array($comment['content'], $comment['post']);
//TODO we could add a filter on this to add more comment data to control field
//(and same must be applied on app side).
$result = WpakUserLogin::log_user_from_authenticated_action($app_id, "comment-POST", $data['auth'], $to_check);
if ($result['ok']) {
if (empty($comment['id'])) {
if (!empty($comment['post'])) {
$post = get_post($comment['post']);
if (!empty($post)) {
if ($post->post_status === 'publish') {
//Comments must be open for the given post:
if (comments_open($post->ID)) {
$post_type = get_post_type_object($post->post_type);
//The logged in user must be able to read the post he's commenting on :
if (current_user_can($post_type->cap->read_post, $post->ID)) {
$comment['content'] = $comment_content;
$logged_in_user = WpakUserLogin::get_current_user();
$comment['author'] = $logged_in_user->ID;
$comment['author_name'] = $logged_in_user->user_login;
$comment['author_email'] = $logged_in_user->user_email;
$comment['author_url'] = $logged_in_user->user_url;
//The following comment insertion is inspired from the WP API v2 :)
$prepared_comment = self::prepare_comment_for_database($comment);
if (is_array($prepared_comment)) {
//Don't post the same comment twice :
if (!self::is_duplicate($prepared_comment)) {
$prepared_comment['comment_approved'] = wp_allow_comment($prepared_comment);
/**
* Use this filter to edit the comment fields before inserting it to database.
*
* @param array $prepared_comment Comment that is going to be inserted into db
* @param WP_User $logged_in_user Currently logged in user
* @param int $app_id Id of the current app
*/
$prepared_comment = apply_filters('wpak_comments_before_insert', $prepared_comment, $logged_in_user, $app_id);
$comment_id = wp_insert_comment($prepared_comment);
if ($comment_id) {
$inserted_comment = get_comment($comment_id);
if ($inserted_comment->comment_approved) {
$comment_tree = self::get_post_comments($post->ID, $app_id);
if (!empty($comment_tree[$comment_id])) {
$service_answer['comment'] = self::get_comment_web_service_data($comment_tree[$comment_id]);
$service_answer['comments'] = self::read_one(array(), $post->ID, $app_id);
$service_answer['comment_ok'] = 1;
$service_answer['waiting_approval'] = 0;
} else {
$service_answer['comment_error'] = 'wrong-comment-tree';
}
} else {
$comment_tree = self::get_post_comments($post->ID, $app_id, false);
//false to get non approved comments too
if (!empty($comment_tree[$comment_id])) {
$service_answer['comment'] = self::get_comment_web_service_data($comment_tree[$comment_id]);
$service_answer['comments'] = self::read_one(array(), $post->ID, $app_id);
//Note : $service_answer['comments'] will not contain the inserted comment as
//it is waiting for approval.
$service_answer['comment_ok'] = 1;
$service_answer['waiting_approval'] = 1;
} else {
$service_answer['comment_error'] = 'wrong-comment-tree';
}
}
} else {
$service_answer['comment_error'] = 'wp-insert-comment-failed';
}
} else {
$service_answer['comment_error'] = 'already-said-that';
}
} else {
$service_answer['comment_error'] = $prepared_comment;
//Contains error string
}
} else {
$service_answer['comment_error'] = 'user-cant-comment-this-post';
}
} else {
$service_answer['comment_error'] = 'comments-closed';
}
} else {
$service_answer['comment_error'] = 'post-not-published';
}
} else {
$service_answer['comment_error'] = 'comment-post-not-found';
}
} else {
$service_answer['comment_error'] = 'no-comment-post';
}
} else {
$service_answer['comment_error'] = 'comment-already-exists';
}
} else {
$service_answer['comment_error'] = $result['auth_error'];
}
} else {
$service_answer['comment_error'] = 'content-empty';
}
} else {
$service_answer['comment_error'] = 'wrong-comment-format';
}
} else {
$service_answer['comment_error'] = 'no-auth';
}
} else {
$service_answer['comment_error'] = 'no-comment';
}
return (object) $service_answer;
}
/**
* Create a comment.
*
* @param WP_REST_Request $request Full details about the request.
* @return WP_Error|WP_REST_Response
*/
public function create_item($request)
{
if (!empty($request['id'])) {
return new WP_Error('rest_comment_exists', __('Cannot create existing comment.'), array('status' => 400));
}
$post = get_post($request['post']);
if (empty($post)) {
return new WP_Error('rest_post_invalid_id', __('Invalid post ID.'), array('status' => 404));
}
$prepared_comment = $this->prepare_item_for_database($request);
// Setting remaining values before wp_insert_comment so we can
// use wp_allow_comment().
if (!isset($prepared_comment['comment_date_gmt'])) {
$prepared_comment['comment_date_gmt'] = current_time('mysql', true);
}
if (!isset($prepared_comment['comment_author_email'])) {
$prepared_comment['comment_author_email'] = '';
}
if (!isset($prepared_comment['comment_author_url'])) {
$prepared_comment['comment_author_url'] = '';
}
$prepared_comment['comment_author_IP'] = '127.0.0.1';
$prepared_comment['comment_agent'] = '';
$prepared_comment['comment_approved'] = wp_allow_comment($prepared_comment);
$prepared_comment = apply_filters('rest_pre_insert_comment', $prepared_comment, $request);
$comment_id = wp_insert_comment($prepared_comment);
if (!$comment_id) {
return new WP_Error('rest_comment_failed_create', __('Creating comment failed.'), array('status' => 500));
}
if (isset($request['status'])) {
$comment = get_comment($comment_id);
$this->handle_status_param($request['status'], $comment);
}
$this->update_additional_fields_for_object(get_comment($comment_id), $request);
$context = current_user_can('moderate_comments') ? 'edit' : 'view';
$response = $this->get_item(array('id' => $comment_id, 'context' => $context));
$response = rest_ensure_response($response);
if (is_wp_error($response)) {
return $response;
}
$response->set_status(201);
$response->header('Location', rest_url('/wp/v2/comments/' . $comment_id));
return $response;
}
/**
* @expectedException WPDieException
*/
public function test_die_as_duplicate_if_comment_author_name_and_emails_match()
{
$now = time();
$comment_data = array('comment_post_ID' => self::$post_id, 'comment_author' => 'Bob', 'comment_author_email' => '*****@*****.**', 'comment_author_url' => 'http://example.com', 'comment_content' => 'Yes, we can!', 'comment_author_IP' => '192.168.0.1', 'comment_parent' => 0, 'comment_date_gmt' => date('Y-m-d H:i:s', $now), 'comment_agent' => 'Bobbot/2.1', 'comment_type' => '');
$result = wp_allow_comment($comment_data);
}
