Ejemplo n.º 1
0
 public static function save_comment($commentID, $postID, $commentarr)
 {
     global $wpdb, $aecomments;
     //Save the old comment and build an undo spot
     $undoComment = $commentarr;
     //Make sure the comment has something in it
     $response = array();
     if ('' == $commentarr['comment_content'] || $commentarr['comment_content'] == "undefined") {
         $response['error'] = $aecomments->get_error('content_empty');
         return $response;
     }
     //Check to see if user can edit
     $message = AECCore::can_edit($commentID, $postID);
     if (is_string($message)) {
         $response['error'] = $aecomments->get_error($message);
         return $response;
     }
     //Sanity checks
     if (!AECCore::is_comment_owner($postID)) {
         //Make sure required fields are filled out
         if (get_option('require_name_email') && (6 > strlen($commentarr['comment_author_email']) && AECCore::can_edit_email($commentID, $postID) || '' == $commentarr['comment_author'] && AECCore::can_edit_name($commentID, $postID))) {
             $response['error'] = $aecomments->get_error('required_fields');
             return $response;
         }
     }
     // end comment_owner check
     //Make sure the e-mail is valid - Skip if pingback or trackback
     if (!($aecomments->admin && empty($commentarr['comment_author_email']))) {
         if (!is_email($commentarr['comment_author_email']) && $commentarr['comment_type'] != "pingback" && $commentarr['comment_type'] != "trackback") {
             if (!get_option('require_name_email') && empty($commentarr['comment_author_email'])) {
             } else {
                 if (AECCore::can_edit_email($commentID, $postID)) {
                     $response['error'] = $aecomments->get_error('invalid_email');
                     return $response;
                 }
             }
         }
     }
     if (strtolower(get_option('blog_charset')) != 'utf-8') {
         @$wpdb->query("SET names 'utf8'");
     }
     //comment out if getting char errors
     //Save the comment
     $commentarr['comment_ID'] = (int) $commentID;
     $commentapproved = $commentarr['comment_approved'];
     //Condition the data for returning
     do_action('wp_ajax_comments_remove_content_filter');
     //Do some comment checks before updating
     if (!AECCore::is_comment_owner($postID)) {
         //Preserve moderation/spam setting.  Only check approved comments
         if ($commentarr['comment_approved'] == 1) {
             // Everyone else's comments will be checked.
             if (check_comment($commentarr['comment_author'], $commentarr['comment_author_email'], $commentarr['comment_author_url'], $commentarr['comment_content'], $commentarr['comment_author_IP'], $commentarr['comment_agent'], $commentarr['comment_type'])) {
                 $commentarr['comment_approved'] = 1;
             } else {
                 $commentarr['comment_approved'] = 0;
             }
         }
         if (wp_blacklist_check($commentarr['comment_author'], $commentarr['comment_author_email'], $commentarr['comment_author_url'], $commentarr['comment_content'], $commentarr['comment_author_IP'], $commentarr['comment_agent'])) {
             $commentarr['comment_approved'] = 'spam';
         }
     }
     //Update the comment
     wp_update_comment($commentarr);
     //If spammed, return error
     if (!$aecomments->admin && $commentarr['comment_approved'] === 'spam') {
         $response['error'] = $aecomments->get_error('comment_marked_spam');
         return $response;
     }
     //If moderated, return error
     if ($commentarr['comment_approved'] == 0 && $commentapproved != 0) {
         $response['error'] = $aecomments->get_error('comment_marked_moderated');
         return $response;
     }
     //Check for spam
     if (!AECCore::is_comment_owner($postID)) {
         if (AECCore::check_spam($commentID, $postID)) {
             $response['error'] = $aecomments->get_error('comment_marked_spam');
             return $response;
         }
     }
     //Do actions after a comment has successfully been edited
     do_action_ref_array('wp_ajax_comments_comment_edited', array(&$commentID, &$postID));
     //Get undo data
     if ($aecomments->admin) {
         $oldComment = $aecomments->get_admin_option('undo');
         $undo = AECUtility::build_undo_url("undoedit", $commentID, $postID, __('Comment successfully saved', 'ajaxEdit'));
     } else {
         $undo = '';
     }
     $approve_count = get_comment_count($postID);
     $comment_count = get_comment_count();
     //For security, get the new comment
     if (isset($GLOBALS['comment'])) {
         unset($GLOBALS['comment']);
     }
     global $comment;
     $comment = get_comment($commentID);
     //Condition the data for returning
     do_action('wp_ajax_comments_remove_content_filter');
     $response = array('content' => stripslashes(apply_filters('comment_text', apply_filters('get_comment_text', AECUtility::encode($comment->comment_content)))), 'comment_author' => stripslashes(apply_filters('comment_author', apply_filters('get_comment_author', AECUtility::encode($comment->comment_author)))), 'comment_author_url' => stripslashes(apply_filters('comment_url', apply_filters('get_comment_author_url', $comment->comment_author_url))), 'comment_date' => get_comment_date('F jS, Y'), 'comment_time' => get_comment_time(), 'comment_approved' => $comment->comment_approved, 'old_comment_approved' => isset($oldComment) ? $oldComment['comment_approved'] : false, 'undo_comment_approved' => isset($undoComment) ? $undoComment['comment_approved'] : false, 'approve_count' => $approve_count['approved'], 'moderation_count' => $comment_count['awaiting_moderation'], 'spam_count' => $comment_count['spam'], 'comment_links' => AECCore::build_admin_links($commentID, $postID), 'undo' => $undo);
     return $response;
 }
 public static function add_edit_links($content)
 {
     global $comment, $aecomments;
     if ($aecomments->skip) {
         $aecomments->skip = false;
         return $content;
     }
     if (empty($comment)) {
         return $content;
     }
     if (is_page() && $aecomments->get_admin_option('show_pages') != 'true') {
         return $content;
     }
     if (AECCore::can_edit_quickcheck($comment) != 1) {
         return $content;
     }
     //--ag
     if (AECCore::can_edit($comment->comment_ID, $comment->comment_post_ID) != 1) {
         return $content;
     }
     if ($aecomments->get_admin_option('comment_display_top') == 'true') {
         $aec_top = true;
     }
     $tempContent = $content;
     //temporary variable to store content
     $edit_admin = "edit-comment-admin-links";
     $clearfix = $timer_class = '';
     if ($aecomments->get_admin_option('icon_display') != 'classic' && $aecomments->get_admin_option('icon_display') != 'dropdown') {
         $edit_admin = "edit-comment-admin-links-no-icon";
         $timer_class = "ajax-edit-time-left-no-icon";
     }
     /*If you're wondering why the JS is inline, it's because people with 500+ comments were having their browsers lock up.  With inline, the JS is run as needed.  Not elegant, but the best solution.*/
     if (!isset($aec_top)) {
         //Test to see if user wants interface on top or bottom
         $content = '<div class="edit-comment" id="edit-comment' . $comment->comment_ID . '" style="background: none">' . $content . '</div>';
         $content .= "<div id='comment-undo-{$comment->comment_ID}' class='aec-undo' style='background: none'></div>";
     } else {
         $content = '';
     }
     if (!AECCore::is_comment_owner($comment->comment_post_ID)) {
         //For anonymous users
         $content .= "<div class='{$edit_admin} {$clearfix}' id='edit-comment-user-link-{$comment->comment_ID}' style='background:none'>";
         $content .= AECCore::build_admin_links($comment->comment_ID, $comment->comment_post_ID);
         $content .= "</div>";
         //Show custom content to users
         if (AECCore::show_affiliate_link()) {
             $message = do_shortcode(stripslashes($aecomments->get_admin_option('affiliate_text')));
             $message = str_replace("[url]", "<a href='http://www.ajaxeditcomments.com/?affiliate_id=" . $aecomments->get_admin_option('affiliate_id') . "'>", $message);
             $message = str_replace("[/url]", "</a>", $message);
             $content .= "<div class='aec-custom-text'>{$message}</div><!--/aec-custom-text-->";
         }
         //End for anonymous users
     } else {
         //Check if user is editor
         $role = AECUtility::get_user_role();
         //todo change editor to capability
         if ($role == 'editor' && $aecomments->get_admin_option('allow_editing_editors') == 'false') {
             return $content;
         }
         if (is_admin() && $aecomments->get_admin_option('admin_editing') == "false") {
             //We're in the admin panel
             $content .= '<div class="' . $edit_admin . ' ' . $clearfix . '" id="edit-comment-admin-links' . $comment->comment_ID . '">';
             $content .= AECCore::build_admin_links($comment->comment_ID, $comment->comment_post_ID);
             $content .= "</div>";
             //End in the admin panel
         } elseif ($aecomments->get_user_option('comment_editing') == "true") {
             //We're in a post
             $content .= '<div class="' . $edit_admin . ' ' . $clearfix . '" id="edit-comment-admin-links' . $comment->comment_ID . '" style="background: none">';
             $content .= AECCore::build_admin_links($comment->comment_ID, $comment->comment_post_ID);
             $content .= "</div>";
         }
     }
     if (isset($aec_top)) {
         //Test to see if user wants interface on top or bottom
         $content .= "<div id='comment-undo-{$comment->comment_ID}' class='aec-undo' style='background: none'></div>";
         $content .= '<div class="edit-comment" id="edit-comment' . $comment->comment_ID . '" style="background: none">' . $tempContent . '</div>';
     }
     return $content;
 }