public function update_comment_form() { $args = wp_parse_args($_REQUEST['args']); $comment_id = sanitize_text_field($args['comment_id']); if (!ap_user_can_edit_comment($comment_id)) { $result = json_encode(array('status' => false, 'message' => __('You do not ahve permission to edit this comment.', 'ap'))); die($result); } $action = 'save-comment-' . $comment_id; if (wp_verify_nonce($args['nonce'], $action)) { $comment_data = array('comment_ID' => $comment_id, 'comment_content' => wp_kses($args['content'], ap_form_allowed_tags())); $comment_saved = wp_update_comment($comment_data); if ($comment_saved) { $comment = get_comment($args['comment_id']); ob_start(); ap_comment($comment); $html = ob_get_clean(); $result = json_encode(array('status' => true, 'comment_ID' => $comment->comment_ID, 'comment_post_ID' => $comment->comment_post_ID, 'comment_content' => $comment->comment_content, 'html' => $html, 'message' => __('Comment updated successfully', 'ap'))); } else { $result = json_encode(array('status' => false, 'message' => __('Comment not updated, please retry', 'ap'))); } } else { $result = json_encode(array('status' => false, 'message' => __('Comment not updated, please retry', 'ap'))); } die($result); }
public function comment_form() { if (empty($_POST['comment'])) { $this->result = ap_ajax_responce('comment_content_empty'); return; } if (!isset($_REQUEST['comment_ID'])) { // Do security check if (!ap_user_can_comment() || !isset($_POST['__nonce']) || !wp_verify_nonce($_POST['__nonce'], 'comment_' . (int) $_POST['comment_post_ID'])) { $this->result = ap_ajax_responce('no_permission'); return; } } else { if (!ap_user_can_edit_comment((int) $_REQUEST['comment_ID']) || !wp_verify_nonce($_REQUEST['__nonce'], 'comment_' . (int) $_REQUEST['comment_ID'])) { $this->result = ap_ajax_responce('no_permission'); return; } } $comment_post_ID = (int) $_POST['comment_post_ID']; $post = get_post($comment_post_ID); if (!$post || empty($post->post_status)) { return; } if (in_array($post->post_status, array('draft', 'pending', 'trash'))) { $this->result = ap_ajax_responce('draft_comment_not_allowed'); return; } if (isset($_POST['comment_ID'])) { $comment_id = (int) $_POST['comment_ID']; $updated = wp_update_comment(array('comment_ID' => $comment_id, 'comment_content' => trim($_POST['comment']))); if ($updated) { $comment = get_comment($comment_id); ob_start(); comment_text($comment_id); $html = ob_get_clean(); $this->result = ap_ajax_responce(array('action' => 'edit_comment', 'comment_ID' => $comment->comment_ID, 'comment_post_ID' => $comment->comment_post_ID, 'comment_content' => $comment->comment_content, 'html' => $html, 'message' => 'comment_edit_success')); } return; } else { $user = wp_get_current_user(); if ($user->exists()) { $user_ID = $user->ID; $comment_author = wp_slash($user->display_name); $comment_author_email = wp_slash($user->user_email); $comment_author_url = wp_slash($user->user_url); $comment_content = trim($_POST['comment']); $comment_type = 'anspress'; } else { $this->result = ap_ajax_responce('no_permission'); return; } $comment_parent = 0; if (isset($_POST['comment_ID'])) { $comment_parent = absint($_POST['comment_ID']); } $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID'); // Automatically approve parent comment. if (!empty($_POST['approve_parent'])) { $parent = get_comment($comment_parent); if ($parent && $parent->comment_approved === '0' && $parent->comment_post_ID == $comment_post_ID) { if (wp_set_comment_status($parent->comment_ID, 'approve')) { $comment_auto_approved = true; } } } $comment_id = wp_new_comment($commentdata); if ($comment_id > 0) { $comment = get_comment($comment_id); do_action('ap_after_new_comment', $comment); ob_start(); ap_comment($comment); $html = ob_get_clean(); $count = get_comment_count($comment->comment_post_ID); $this->result = ap_ajax_responce(array('action' => 'new_comment', 'status' => true, 'comment_ID' => $comment->comment_ID, 'comment_post_ID' => $comment->comment_post_ID, 'comment_content' => $comment->comment_content, 'html' => $html, 'message' => 'comment_success', 'view' => array('comments_count_' . $comment->comment_post_ID => '(' . $count['approved'] . ')', 'comment_count_label_' . $comment->comment_post_ID => sprintf(_n('One comment', '%d comments', $count['approved'], 'ap'), $count['approved'])))); } else { $this->result = ap_ajax_responce('something_wrong'); } } }
function ap_comment_actions_buttons() { global $comment; $post = get_post($comment->comment_post_ID); if (!$post->post_type == 'question' || !$post->post_type == 'answer') { return; } $actions = array(); if (ap_user_can_edit_comment(get_comment_ID())) { $nonce = wp_create_nonce('edit_comment_' . get_comment_ID()); $actions['edit'] = '<a class="comment-edit-btn" href="#" data-toggle="#li-comment-' . get_comment_ID() . '" data-action="load_comment_form" data-query="ap_ajax_action=load_comment_form&comment_ID=' . get_comment_ID() . '&__nonce=' . $nonce . '">' . __('Edit', 'ap') . '</a>'; } if (ap_user_can_delete_comment(get_comment_ID())) { $nonce = wp_create_nonce('delete_comment'); $actions['delete'] = '<a class="comment-delete-btn" href="#" data-toggle="#li-comment-' . get_comment_ID() . '" data-action="delete_comment" data-query="ap_ajax_action=delete_comment&comment_ID=' . get_comment_ID() . '&__nonce=' . $nonce . '">' . __('Delete', 'ap') . '</a>'; } /** * FILTER: ap_comment_actions_buttons * For filtering post actions buttons * @var string * @since 2.0 */ $actions = apply_filters('ap_comment_actions_buttons', $actions); if (!empty($actions) && count($actions) > 0) { foreach ($actions as $k => $action) { echo '<span class="ap-comment-action ap-action-' . $k . '">' . $action . '</span>'; } } }
function ap_comment($comment) { $GLOBALS['comment'] = $comment; ?> <li <?php comment_class(); ?> id="li-comment-<?php comment_ID(); ?> "> <!-- comment #<?php comment_ID(); ?> --> <article id="comment-<?php comment_ID(); ?> " class="comment"> <div class="ap-avatar"> <a href="<?php echo ap_user_link($comment->user_id); ?> "> <?php echo get_avatar($comment, ap_opt('avatar_size_qcomment')); ?> </a> </div> <div class="comment-content"> <?php if ('0' == $comment->comment_approved) { ?> <p class="comment-awaiting-moderation"><?php _e('Your comment is awaiting moderation.', 'ap'); ?> </p> <?php } ?> <p class="ap-comment-texts"> <?php echo get_comment_text(); ?> <?php printf(' - <time datetime="%1$s">%2$s %3$s</time>', get_comment_time('c'), ap_human_time(get_comment_time('U')), __('ago', 'ap')); ?> </p> <div class="comment-meta"> <?php if (ap_user_can_edit_comment(get_comment_ID())) { echo '<a class="comment-edit-btn" href="#" data-button="ap-edit-comment" data-args="' . get_comment_ID() . '-' . wp_create_nonce('comment-' . get_comment_ID()) . '"><i class="aicon-pencil"></i> ' . __('Edit', 'ap') . '</a>'; } if (ap_user_can_delete_comment(get_comment_ID())) { echo '<a class="comment-delete-btn" href="#" data-button="ap-delete-comment" data-confirm="' . __('Are you sure? It cannot be undone!', 'ap') . '" data-args="' . get_comment_ID() . '-' . wp_create_nonce('delete-comment-' . get_comment_ID()) . '"><i class="aicon-close"></i> ' . __('Delete', 'ap') . '</a>'; } ?> </div> </div> </article> <?php }