Example #1
0
 public function update_comment_form()
 {
     $args = wp_parse_args($_REQUEST['args']);
     $comment_id = sanitize_text_field($args['comment_id']);
     if (!ap_user_can_edit_comment($comment_id)) {
         $result = json_encode(array('status' => false, 'message' => __('You do not ahve permission to edit this comment.', 'ap')));
         die($result);
     }
     $action = 'save-comment-' . $comment_id;
     if (wp_verify_nonce($args['nonce'], $action)) {
         $comment_data = array('comment_ID' => $comment_id, 'comment_content' => wp_kses($args['content'], ap_form_allowed_tags()));
         $comment_saved = wp_update_comment($comment_data);
         if ($comment_saved) {
             $comment = get_comment($args['comment_id']);
             ob_start();
             ap_comment($comment);
             $html = ob_get_clean();
             $result = json_encode(array('status' => true, 'comment_ID' => $comment->comment_ID, 'comment_post_ID' => $comment->comment_post_ID, 'comment_content' => $comment->comment_content, 'html' => $html, 'message' => __('Comment updated successfully', 'ap')));
         } else {
             $result = json_encode(array('status' => false, 'message' => __('Comment not updated, please retry', 'ap')));
         }
     } else {
         $result = json_encode(array('status' => false, 'message' => __('Comment not updated, please retry', 'ap')));
     }
     die($result);
 }
Example #2
0
 public function comment_form()
 {
     if (empty($_POST['comment'])) {
         $this->result = ap_ajax_responce('comment_content_empty');
         return;
     }
     if (!isset($_REQUEST['comment_ID'])) {
         // Do security check
         if (!ap_user_can_comment() || !isset($_POST['__nonce']) || !wp_verify_nonce($_POST['__nonce'], 'comment_' . (int) $_POST['comment_post_ID'])) {
             $this->result = ap_ajax_responce('no_permission');
             return;
         }
     } else {
         if (!ap_user_can_edit_comment((int) $_REQUEST['comment_ID']) || !wp_verify_nonce($_REQUEST['__nonce'], 'comment_' . (int) $_REQUEST['comment_ID'])) {
             $this->result = ap_ajax_responce('no_permission');
             return;
         }
     }
     $comment_post_ID = (int) $_POST['comment_post_ID'];
     $post = get_post($comment_post_ID);
     if (!$post || empty($post->post_status)) {
         return;
     }
     if (in_array($post->post_status, array('draft', 'pending', 'trash'))) {
         $this->result = ap_ajax_responce('draft_comment_not_allowed');
         return;
     }
     if (isset($_POST['comment_ID'])) {
         $comment_id = (int) $_POST['comment_ID'];
         $updated = wp_update_comment(array('comment_ID' => $comment_id, 'comment_content' => trim($_POST['comment'])));
         if ($updated) {
             $comment = get_comment($comment_id);
             ob_start();
             comment_text($comment_id);
             $html = ob_get_clean();
             $this->result = ap_ajax_responce(array('action' => 'edit_comment', 'comment_ID' => $comment->comment_ID, 'comment_post_ID' => $comment->comment_post_ID, 'comment_content' => $comment->comment_content, 'html' => $html, 'message' => 'comment_edit_success'));
         }
         return;
     } else {
         $user = wp_get_current_user();
         if ($user->exists()) {
             $user_ID = $user->ID;
             $comment_author = wp_slash($user->display_name);
             $comment_author_email = wp_slash($user->user_email);
             $comment_author_url = wp_slash($user->user_url);
             $comment_content = trim($_POST['comment']);
             $comment_type = 'anspress';
         } else {
             $this->result = ap_ajax_responce('no_permission');
             return;
         }
         $comment_parent = 0;
         if (isset($_POST['comment_ID'])) {
             $comment_parent = absint($_POST['comment_ID']);
         }
         $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID');
         // Automatically approve parent comment.
         if (!empty($_POST['approve_parent'])) {
             $parent = get_comment($comment_parent);
             if ($parent && $parent->comment_approved === '0' && $parent->comment_post_ID == $comment_post_ID) {
                 if (wp_set_comment_status($parent->comment_ID, 'approve')) {
                     $comment_auto_approved = true;
                 }
             }
         }
         $comment_id = wp_new_comment($commentdata);
         if ($comment_id > 0) {
             $comment = get_comment($comment_id);
             do_action('ap_after_new_comment', $comment);
             ob_start();
             ap_comment($comment);
             $html = ob_get_clean();
             $count = get_comment_count($comment->comment_post_ID);
             $this->result = ap_ajax_responce(array('action' => 'new_comment', 'status' => true, 'comment_ID' => $comment->comment_ID, 'comment_post_ID' => $comment->comment_post_ID, 'comment_content' => $comment->comment_content, 'html' => $html, 'message' => 'comment_success', 'view' => array('comments_count_' . $comment->comment_post_ID => '(' . $count['approved'] . ')', 'comment_count_label_' . $comment->comment_post_ID => sprintf(_n('One comment', '%d comments', $count['approved'], 'ap'), $count['approved']))));
         } else {
             $this->result = ap_ajax_responce('something_wrong');
         }
     }
 }