function wp_new_comment($commentdata)
{
    $commentdata = apply_filters('preprocess_comment', $commentdata);
    $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
    $commentdata['user_ID'] = (int) $commentdata['user_ID'];
    $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
    $commentdata['comment_agent'] = $_SERVER['HTTP_USER_AGENT'];
    $commentdata['comment_date'] = current_time('mysql');
    $commentdata['comment_date_gmt'] = current_time('mysql', 1);
    $commentdata = wp_filter_comment($commentdata);
    $commentdata['comment_approved'] = wp_allow_comment($commentdata);
    $comment_ID = wp_insert_comment($commentdata);
    do_action('comment_post', $comment_ID, $commentdata['comment_approved']);
    if ('spam' !== $commentdata['comment_approved']) {
        // If it's spam save it silently for later crunching
        if ('0' == $commentdata['comment_approved']) {
            wp_notify_moderator($comment_ID);
        }
        $post =& get_post($commentdata['comment_post_ID']);
        // Don't notify if it's your own comment
        if (get_settings('comments_notify') && $commentdata['comment_approved'] && $post->post_author != $commentdata['user_ID']) {
            wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
        }
    }
    return $comment_ID;
}
Example #2
0
function xt_ajax_comment($comment_ID, $comment_status)
{
    // If it's an AJAX-submitted comment
    if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
        if ('spam' !== $comment_status) {
            // If it's spam save it silently for later crunching
            if ('0' == $comment_status) {
                wp_notify_moderator($comment_ID);
            }
            // wp_notify_postauthor() checks if notifying the author of their own comment.
            // By default, it won't, but filters can override this.
            if (get_option('comments_notify') && $comment_status) {
                wp_notify_postauthor($comment_ID);
            }
        }
        if (!empty($_POST["comment_post_ID"])) {
            $post_id = filter_input(INPUT_POST, 'comment_post_ID', FILTER_VALIDATE_INT);
            $comments_order = strtoupper(get_option('comment_order'));
            $reverse = $comments_order == 'ASC';
            $args = array('post_id' => $post_id, 'order' => $comments_order, 'status' => 'approve');
            if (get_option('page_comments')) {
                $args['number'] = get_option('comments_per_page');
            }
            $comments = get_comments($args);
            $comments_list = wp_list_comments(array('style' => 'ol', 'short_ping' => true, 'avatar_size' => 60, 'callback' => 'xt_comment', 'echo' => false, 'reverse_top_level' => $reverse, 'reverse_children' => $reverse), $comments);
        }
        // Kill the script, returning the comment HTML
        die(json_encode(array('id' => $comment_ID, 'status' => $comment_status, 'list' => $comments_list)));
    }
}
 function process_comments($post_id, $item_id)
 {
     if (empty($post_id)) {
         return;
     }
     if (!is_numeric($post_id)) {
         return;
     }
     $comments = $this->model->get_item_comments($item_id);
     if (!$comments || !isset($comments['data'])) {
         return;
     }
     $comments = $comments['data'];
     if (!count($comments)) {
         return false;
     }
     foreach ($comments as $comment) {
         if ($this->model->comment_already_imported($comment['id'])) {
             continue;
         }
         // We already have this comment, continue.
         $data = array('comment_post_ID' => $post_id, 'comment_date_gmt' => date('Y-m-d H:i:s', strtotime($comment['created_time'])), 'comment_author' => $comment['from']['name'], 'comment_author_url' => 'http://www.facebook.com/profile.php?id=' . $comment['from']['id'], 'comment_content' => $comment['message']);
         $meta = array('fb_comment_id' => $comment['id'], 'fb_author_id' => $comment['from']['id']);
         $data = wp_filter_comment($data);
         $comment_id = wp_insert_comment($data);
         add_comment_meta($comment_id, 'wdfb_comment', $meta);
         if ($this->model->data->get_option('wdfb_comments', 'notify_authors')) {
             wp_notify_postauthor($comment_id, 'comment');
         }
     }
 }
Example #4
0
function theme_comment_form()
{
    $result = array();
    $result["isOk"] = true;
    if ($_POST["name"] != "" && $_POST["email"] != "" && preg_match("#^[_a-zA-Z0-9-]+(\\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\\.[a-zA-Z0-9-]+)*(\\.[a-zA-Z]{2,4})\$#", $_POST["email"]) && $_POST["message"] != "") {
        $values = array("name" => $_POST["name"], "email" => $_POST["email"], "website" => $_POST["website"], "message" => $_POST["message"]);
        if ((bool) ini_get("magic_quotes_gpc")) {
            $values = array_map("stripslashes", $values);
        }
        $values = array_map("htmlspecialchars", $values);
        $time = current_time('mysql');
        $data = array('comment_post_ID' => (int) $_POST['post_id'], 'comment_author' => $values['name'], 'comment_author_email' => $values['email'], 'comment_author_url' => $values['website'] != __("Website (optional)", 'medicenter') ? $values['website'] : "", 'comment_content' => $values['message'], 'comment_parent' => (int) $_POST['parent_comment_id'], 'comment_date' => $time, 'comment_approved' => (int) get_option('comment_moderation') ? 0 : 1, 'comment_parent' => (int) $_POST['comment_parent_id']);
        if ($comment_id = wp_insert_comment($data)) {
            $result["submit_message"] = __("Your comment has been added", 'medicenter');
            if (get_option('comments_notify')) {
                wp_notify_postauthor($comment_id);
            }
            //get post comments
            //post
            query_posts("p=" . (int) $_POST['post_id'] . "&post_type=" . $_POST["post_type"]);
            if (have_posts()) {
                the_post();
                ob_start();
                $result['comment_id'] = $comment_id;
                if ((int) $_POST['comment_parent_id'] == 0) {
                    global $wpdb;
                    $query = "SELECT COUNT(*) AS count FROM {$wpdb->comments} WHERE comment_approved = 1 AND comment_post_ID = " . get_the_ID() . " AND comment_parent = 0";
                    $parents = $wpdb->get_row($query);
                    $_GET["paged"] = ceil($parents->count / 5);
                    $result["change_url"] = "#page-" . $_GET["paged"];
                } else {
                    $_GET["paged"] = (int) $_POST["paged"];
                }
                comments_template();
                $result['html'] = ob_get_contents();
                ob_end_clean();
            }
        } else {
            $result["isOk"] = false;
            $result["submit_message"] = __("Error while adding comment", 'medicenter');
        }
    } else {
        $result["isOk"] = false;
        if ($_POST["name"] == "" || $_POST["name"] == __("Your name", 'medicenter')) {
            $result["error_name"] = __("Please enter your name", 'medicenter');
        }
        if ($_POST["email"] == "" || $_POST["email"] == __("Your email", 'medicenter') || !preg_match("#^[_a-zA-Z0-9-]+(\\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\\.[a-zA-Z0-9-]+)*(\\.[a-zA-Z]{2,4})\$#", $_POST["email"])) {
            $result["error_email"] = __("Please enter valid e-mail", 'medicenter');
        }
        if ($_POST["message"] == "" || $_POST["message"] == __("Message", 'medicenter')) {
            $result["error_message"] = __("Please enter your message", 'medicenter');
        }
    }
    echo @json_encode($result);
    exit;
}
Example #5
0
/**
 * Provide responses to comments.js based on detecting an XMLHttpRequest parameter.
 *
 * @param $comment_ID     ID of new comment.
 * @param $comment_status Status of new comment. 
 *
 * @return echo JSON encoded responses with HTML structured comment, success, and status notice.
 */
function milky_way_ajax_comments($comment_ID, $comment_status)
{
    if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
        // This is an AJAX request. Handle response data.
        switch ($comment_status) {
            case '0':
                // Comment needs moderation; notify comment moderator.
                wp_notify_moderator($comment_ID);
                $return = array('response' => '', 'success' => 1, 'status' => __('Your comment has been sent for moderation. It should be approved soon!', 'milky-way'));
                wp_send_json($return);
                break;
            case '1':
                // Approved comment; generate comment output and notify post author.
                $comment = get_comment($comment_ID);
                $comment_class = comment_class('milky-way-ajax-comment', $comment_ID, $comment->comment_post_ID, false);
                $comment_output = '
						<li id="comment-' . $comment->comment_ID . '"' . $comment_class . ' tabindex="-1">
							<article id="div-comment-' . $comment->comment_ID . '" class="comment-body">
								<footer class="comment-meta">
								<div class="comment-author vcard">' . get_avatar($comment->comment_author_email) . '<b class="fn">' . __('You said:', 'milky-way') . '</b> </div>

								<div class="comment-meta commentmetadata"><a href="#comment-' . $comment->comment_ID . '">' . get_comment_date('F j, Y \\a\\t g:i a', $comment->comment_ID) . '</a>
								</div>
								</footer>
								
								<div class="comment-content">' . $comment->comment_content . '</div>
							</article>
						</li>';
                if ($comment->comment_parent == 0) {
                    $output = $comment_output;
                } else {
                    $output = "<ul class='children'>{$comment_output}</ul>";
                }
                wp_notify_postauthor($comment_ID);
                $return = array('response' => $output, 'success' => 1, 'status' => sprintf(__('Thanks for commenting! Your comment has been approved. <a href="%s">Read your comment</a>', 'milky-way'), "#comment-{$comment_ID}"));
                wp_send_json($return);
                break;
            default:
                // The comment status was not a valid value. Only 0 or 1 should be returned by the comment_post action.
                $return = array('response' => '', 'success' => 0, 'status' => __('There was an error posting your comment. Try again later!', 'milky-way'));
                wp_send_json($return);
        }
    }
}
Example #6
0
 function ajaxify_comments($comment_ID, $comment_status)
 {
     if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
         switch ($comment_status) {
             case "0":
                 wp_notify_moderator($comment_ID);
             case "1":
                 //Approved comment
                 echo "success";
                 $commentdata =& get_comment($comment_ID, ARRAY_A);
                 $post =& get_post($commentdata['comment_post_ID']);
                 wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
                 break;
             default:
                 echo 0;
         }
         exit;
     }
 }
function wpajax_load_comment($comment_ID, $comment_status)
{
    if ($GLOBALS['is_ajax']) {
        switch ($comment_status) {
            case '0':
                //notify moderator of unapproved comment
                wp_notify_moderator($comment_ID);
                break;
            case '1':
                //Approved comment
                single_comment($comment_ID);
                wp_notify_postauthor($comment_ID);
                break;
            default:
                // $comment_status was null
                echo "error";
        }
        exit;
        // better than wp_die() ?
    }
}
function wdp_ajaxcomments_stop_for_ajax($comment_ID, $comment_status)
{
    if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
        //If AJAX Request Then
        switch ($comment_status) {
            case '0':
                //notify moderator of unapproved comment
                wp_notify_moderator($comment_ID);
            case '1':
                //Approved comment
                echo "success";
                $commentdata =& get_comment($comment_ID, ARRAY_A);
                $post =& get_post($commentdata['comment_post_ID']);
                //Notify post author of comment
                if (get_option('comments_notify') && $commentdata['comment_approved'] && $post->post_author != $commentdata['user_ID']) {
                    wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
                }
                break;
            default:
                echo "error";
        }
        exit;
    }
}
	$p = (int) $_GET['p'];
	if (isset($_GET['noredir'])) {
		$noredir = true;
	} else {
		$noredir = false;
	}

	if ( ! $comment = get_comment($comment) )
		die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));

	if ( !current_user_can('edit_post', $comment->comment_post_ID) )	
		die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );

	wp_set_comment_status($comment->comment_ID, "approve");
	if (get_settings("comments_notify") == true) {
		wp_notify_postauthor($comment->comment_ID);
	}


	if ((wp_get_referer() != "") && (false == $noredir)) {
		wp_redirect(wp_get_referer());
	} else {
		wp_redirect(get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
	}

	break;

case 'editedcomment':

	$comment_ID = (int) $_POST['comment_ID'];
	$comment_post_ID = (int)  $_POST['comment_post_ID'];
Example #10
0
    function cupid_ajaxComment($comment_ID, $comment_status)
    {
        // If it's an AJAX-submitted comment
        if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
            // Get the comment data
            $comment = get_comment($comment_ID);
            // Allow the email to the author to be sent
            wp_notify_postauthor($comment_ID);
            // Get the comment HTML from my custom comment HTML function
            $comments = get_comments(array('post_id' => $comment->comment_post_ID));
            ob_start();
            $number = get_comments_number($comment->comment_post_ID);
            ?>
            <h4 class="comments-title"><?php 
            _e("Comments", 'cupid');
            ?>
 (<?php 
            echo esc_html($number);
            ?>
)</h4>
            <ul class="comment-list">
            <?php 
            wp_list_comments(array('style' => 'li', 'type' => 'comment', 'callback' => 'cupid_get_list_comments', 'avatar_size' => 82), $comments);
            ?>
            </ul>
            <?php 
            cupid_comment_form($comment->comment_post_ID);
            ?>
            <?php 
            $commentContent = ob_get_clean();
            // Kill the script, returning the comment HTML
            die($commentContent);
        }
    }
function pingback_ping($m)
{
    // original code by Mort
    // (http://mort.mine.nu:8080)
    global $tableposts, $tablecomments, $comments_notify, $wpdb;
    global $siteurl, $blogfilename, $wp_version, $use_pingback;
    global $HTTP_SERVER_VARS, $wpdb;
    if (!$use_pingback) {
        return new xmlrpcresp(new xmlrpcval('Sorry, this weblog does not allow you to pingback its posts.'));
    }
    //$log = debug_fopen('./xmlrpc.log', 'w');
    $title = '';
    $pagelinkedfrom = $m->getParam(0);
    $pagelinkedfrom = $pagelinkedfrom->scalarval();
    $pagelinkedto = $m->getParam(1);
    $pagelinkedto = $pagelinkedto->scalarval();
    $pagelinkedfrom = str_replace('&amp;', '&', $pagelinkedfrom);
    $pagelinkedto = preg_replace('#&([^amp\\;])#is', '&amp;$1', $pagelinkedto);
    //debug_fwrite($log, 'BEGIN '.time().' - '.date('Y-m-d H:i:s')."\n\n");
    //debug_fwrite($log, 'Page linked from: '.$pagelinkedfrom."\n");
    //debug_fwrite($log, 'Page linked to: '.$pagelinkedto."\n");
    $messages = array(htmlentities("Pingback from " . $pagelinkedfrom . " to " . $pagelinkedto . " registered. Keep the web talking! :-)"), htmlentities("We can't find the URL to the post you are trying to " . "link to in your entry. Please check how you wrote the post's permalink in your entry."), htmlentities("We can't find the post you are trying to link to." . " Please check the post's permalink."));
    $message = $messages[0];
    // Check if the page linked to is in our site
    $pos1 = strpos($pagelinkedto, str_replace('http://', '', str_replace('www.', '', $siteurl)));
    if ($pos1) {
        // let's find which post is linked to
        $urltest = parse_url($pagelinkedto);
        if ($post_ID = url_to_postid($pagelinkedto)) {
            $way = 'url_to_postid()';
        } elseif (preg_match('#p/[0-9]{1,}#', $urltest['path'], $match)) {
            // the path defines the post_ID (archives/p/XXXX)
            $blah = explode('/', $match[0]);
            $post_ID = $blah[1];
            $way = 'from the path';
        } elseif (preg_match('#p=[0-9]{1,}#', $urltest['query'], $match)) {
            // the querystring defines the post_ID (?p=XXXX)
            $blah = explode('=', $match[0]);
            $post_ID = $blah[1];
            $way = 'from the querystring';
        } elseif (isset($urltest['fragment'])) {
            // an #anchor is there, it's either...
            if (intval($urltest['fragment'])) {
                // ...an integer #XXXX (simpliest case)
                $post_ID = $urltest['fragment'];
                $way = 'from the fragment (numeric)';
            } elseif (preg_match('/post-[0-9]+/', $urltest['fragment'])) {
                // ...a post id in the form 'post-###'
                $post_ID = preg_replace('/[^0-9]+/', '', $urltest['fragment']);
                $way = 'from the fragment (post-###)';
            } elseif (is_string($urltest['fragment'])) {
                // ...or a string #title, a little more complicated
                $title = preg_replace('/[^a-zA-Z0-9]/', '.', $urltest['fragment']);
                $sql = "SELECT ID FROM {$tableposts} WHERE post_title RLIKE '{$title}'";
                $post_ID = $wpdb->get_var($sql) or die("Query: {$sql}\n\nError: ");
                $way = 'from the fragment (title)';
            }
        } else {
            // TODO: Attempt to extract a post ID from the given URL
            $post_ID = -1;
            $way = 'no match';
        }
        logIO("O", "(PB) URI='{$pagelinkedto}' ID='{$post_ID}' Found='{$way}'");
        //debug_fwrite($log, "Found post ID $way: $post_ID\n");
        $sql = 'SELECT post_author FROM ' . $tableposts . ' WHERE ID = ' . $post_ID;
        $result = $wpdb->get_results($sql);
        if ($wpdb->num_rows) {
            //debug_fwrite($log, 'Post exists'."\n");
            // Let's check that the remote site didn't already pingback this entry
            $sql = 'SELECT * FROM ' . $tablecomments . ' 
				WHERE comment_post_ID = ' . $post_ID . ' 
					AND comment_author_url = \'' . $pagelinkedfrom . '\' 
					AND comment_content LIKE \'%<pingback />%\'';
            $result = $wpdb->get_results($sql);
            if ($wpdb->num_rows || 1 == 1) {
                // very stupid, but gives time to the 'from' server to publish !
                sleep(1);
                // Let's check the remote site
                $fp = @fopen($pagelinkedfrom, 'r');
                $puntero = 4096;
                while ($remote_read = fread($fp, $puntero)) {
                    $linea .= $remote_read;
                }
                // Work around bug in strip_tags():
                $linea = str_replace('<!DOCTYPE', '<DOCTYPE', $linea);
                $linea = strip_tags($linea, '<title><a>');
                $linea = strip_all_but_one_link($linea, $pagelinkedto);
                // I don't think we need this? -- emc3
                //$linea = preg_replace('#&([^amp\;])#is', '&amp;$1', $linea);
                if (empty($matchtitle)) {
                    preg_match('|<title>([^<]*?)</title>|is', $linea, $matchtitle);
                }
                $pos2 = strpos($linea, $pagelinkedto);
                $pos3 = strpos($linea, str_replace('http://www.', 'http://', $pagelinkedto));
                if (is_integer($pos2) || is_integer($pos3)) {
                    //debug_fwrite($log, 'The page really links to us :)'."\n");
                    $pos4 = is_integer($pos2) ? $pos2 : $pos3;
                    $start = $pos4 - 100;
                    $context = substr($linea, $start, 250);
                    $context = str_replace("\n", ' ', $context);
                    $context = str_replace('&amp;', '&', $context);
                } else {
                    //debug_fwrite($log, 'The page doesn\'t link to us, here\'s an excerpt :'."\n\n".$linea."\n\n");
                }
                //}
                //debug_fwrite($log, '*****'."\n\n");
                fclose($fp);
                if (!empty($context)) {
                    // Check if pings are on, inelegant exit
                    $pingstatus = $wpdb->get_var("SELECT ping_status FROM {$tableposts} WHERE ID = {$post_ID}");
                    if ('closed' == $pingstatus) {
                        die('Sorry, pings are turned off for this post.');
                    }
                    $pagelinkedfrom = preg_replace('#&([^amp\\;])#is', '&amp;$1', $pagelinkedfrom);
                    $title = !strlen($matchtitle[1]) ? $pagelinkedfrom : $matchtitle[1];
                    $original_context = $context;
                    $context = '<pingback />[...] ' . addslashes(trim($context)) . ' [...]';
                    $context = format_to_post($context);
                    $original_pagelinkedfrom = $pagelinkedfrom;
                    $pagelinkedfrom = addslashes($pagelinkedfrom);
                    $original_title = $title;
                    $title = addslashes(strip_tags(trim($title)));
                    $now = current_time('mysql');
                    $consulta = $wpdb->query("INSERT INTO {$tablecomments} \n\t\t\t\t\t\t(comment_post_ID, comment_author, comment_author_url, comment_date, comment_content) \n\t\t\t\t\t\tVALUES \n\t\t\t\t\t\t({$post_ID}, '{$title}', '{$pagelinkedfrom}', '{$now}', '{$context}')\n\t\t\t\t\t\t");
                    $comment_ID = $wpdb->get_var('SELECT last_insert_id()');
                    if ($comments_notify) {
                        wp_notify_postauthor($comment_ID, 'pingback');
                    }
                } else {
                    // URL pattern not found
                    $message = "Page linked to: {$pagelinkedto}\nPage linked from:" . " {$pagelinkedfrom}\nTitle: {$title}\nContext: {$context}\n\n" . $messages[1];
                }
            } else {
                // We already have a Pingback from this URL
                $message = "Sorry, you already did a pingback to {$pagelinkedto}" . " from {$pagelinkedfrom}.";
            }
        } else {
            // Post_ID not found
            $message = $messages[2];
            //debug_fwrite($log, 'Post doesn\'t exist'."\n");
        }
    }
    return new xmlrpcresp(new xmlrpcval($message));
}
function berg_ajaxComment($comment_ID, $comment_status)
{
    if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
        $parentId = false;
        if (isset($_POST['comment_parent'])) {
            $parentId = (int) $_POST['comment_parent'];
        }
        $comment = get_comment($comment_ID);
        wp_notify_postauthor($comment_ID);
        $commentContent = 'barnelli_getCommentHTML($comment, $parentId);';
        header('Content-type: application/json');
        echo json_encode(array('status' => 'success', 'contents' => $commentContent, 'parentId' => $parentId));
        die;
    }
}
/**
 * Sets the status of a comment.
 *
 * The 'wp_set_comment_status' action is called after the comment is handled.
 * If the comment status is not in the list, then false is returned.
 *
 * @since 1.0.0
 *
 * global wpdb $wpdb
 *
 * @param int $comment_id Comment ID.
 * @param string $comment_status New comment status, either 'hold', 'approve', 'spam', or 'trash'.
 * @param bool $wp_error Whether to return a WP_Error object if there is a failure. Default is false.
 * @return bool|WP_Error True on success, false or WP_Error on failure.
 */
function wp_set_comment_status($comment_id, $comment_status, $wp_error = false)
{
    global $wpdb;
    switch ($comment_status) {
        case 'hold':
        case '0':
            $status = '0';
            break;
        case 'approve':
        case '1':
            $status = '1';
            if (get_option('comments_notify')) {
                wp_notify_postauthor($comment_id);
            }
            break;
        case 'spam':
            $status = 'spam';
            break;
        case 'trash':
            $status = 'trash';
            break;
        default:
            return false;
    }
    $comment_old = clone get_comment($comment_id);
    if (!$wpdb->update($wpdb->comments, array('comment_approved' => $status), array('comment_ID' => $comment_id))) {
        if ($wp_error) {
            return new WP_Error('db_update_error', __('Could not update comment status'), $wpdb->last_error);
        } else {
            return false;
        }
    }
    clean_comment_cache($comment_id);
    $comment = get_comment($comment_id);
    /**
     * Fires immediately before transitioning a comment's status from one to another
     * in the database.
     *
     * @since 1.5.0
     *
     * @param int         $comment_id     Comment ID.
     * @param string|bool $comment_status Current comment status. Possible values include
     *                                    'hold', 'approve', 'spam', 'trash', or false.
     */
    do_action('wp_set_comment_status', $comment_id, $comment_status);
    wp_transition_comment_status($comment_status, $comment_old->comment_approved, $comment);
    wp_update_comment_count($comment->comment_post_ID);
    return true;
}
Example #14
0
function sk2_filter_comment($comment_ID)
{
    include_once dirname(__FILE__) . "/sk2_core_class.php";
    if (!$comment_ID) {
        $sk2_log->log_msg(__("Structural failure: no comment ID sent to comment hook", 'sk2'), 10, 0, "web_UI", true, false);
        die(__("Aborting Spam Karma", 'sk2'));
    }
    $sk2_core = new sk2_core($comment_ID, false);
    $sk2_core->process_comment();
    $approved = $sk2_core->cur_comment->approved;
    $sk2_settings->save_settings();
    // should also save/display logs here...
    // doing notification ourselves (since we killed WP's)
    if ($approved == 'spam') {
        // your adventure stops here, cowboy...
        header("HTTP/1.1 403 Forbidden");
        header("Status: 403 Forbidden");
        _e("Sorry, but your comment has been flagged by the spam filter running on this blog: this might be an error, in which case all apologies. Your comment will be presented to the blog admin who will be able to restore it immediately.<br/>You may want to contact the blog admin via e-mail to notify him.", 'sk2');
        //		echo "<!-- ";
        //		$sk2_log->dump_logs();
        //		echo "-->";
        die;
    } else {
        if ('0' == $approved) {
            if ($sk2_core->cur_comment->can_unlock()) {
                // redirect to Second Chance page
                header('Expires: Mon, 26 Aug 1980 09:00:00 GMT');
                header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
                header('Cache-Control: no-cache, must-revalidate');
                header('Pragma: no-cache');
                $location = get_bloginfo('wpurl') . "/" . strstr(str_replace("\\", "/", dirname(__FILE__)), "wp-content/") . "/" . sk2_second_chance_file . "?c_id={$comment_ID}&c_author=" . urlencode($sk2_core->cur_comment->author_email);
                //$location = str_replace($_SERVER['DOCUMENT_ROOT'], "/", dirname(__FILE__)) . "/" . sk2_second_chance_file ."?c_id=$comment_ID&c_author=" . urlencode($sk2_core->cur_comment->author_email);
                $can_use_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? false : true;
                if (!$can_use_location && $phpver >= '4.0.1' && @preg_match('/Microsoft/', getenv('SERVER_SOFTWARE')) && php_sapi_name() == 'isapi') {
                    $can_use_location = true;
                }
                if ($can_use_location) {
                    header("Location: {$location}");
                } else {
                    header("Refresh: 0;url={$location}");
                }
                exit;
            } else {
                wp_notify_moderator($comment_ID);
            }
        } elseif (get_settings('comments_notify')) {
            wp_notify_postauthor($comment_ID, $sk2_core->cur_comment->type);
        }
    }
}
/**
 * Sets the status of a comment.
 *
 * The 'wp_set_comment_status' action is called after the comment is handled.
 * If the comment status is not in the list, then false is returned.
 *
 * @since 1.0.0
 * @uses wp_transition_comment_status() Passes new and old comment status along with $comment object
 *
 * @param int $comment_id Comment ID.
 * @param string $comment_status New comment status, either 'hold', 'approve', 'spam', or 'trash'.
 * @param bool $wp_error Whether to return a WP_Error object if there is a failure. Default is false.
 * @return bool|WP_Error True on success, false or WP_Error on failure.
 */
function wp_set_comment_status($comment_id, $comment_status, $wp_error = false)
{
    global $wpdb;
    $status = '0';
    switch ($comment_status) {
        case 'hold':
        case '0':
            $status = '0';
            break;
        case 'approve':
        case '1':
            $status = '1';
            if (get_option('comments_notify')) {
                $comment = get_comment($comment_id);
                wp_notify_postauthor($comment_id, $comment->comment_type);
            }
            break;
        case 'spam':
            $status = 'spam';
            break;
        case 'trash':
            $status = 'trash';
            break;
        default:
            return false;
    }
    $comment_old = clone get_comment($comment_id);
    if (!$wpdb->update($wpdb->comments, array('comment_approved' => $status), array('comment_ID' => $comment_id))) {
        if ($wp_error) {
            return new WP_Error('db_update_error', __('Could not update comment status'), $wpdb->last_error);
        } else {
            return false;
        }
    }
    clean_comment_cache($comment_id);
    $comment = get_comment($comment_id);
    do_action('wp_set_comment_status', $comment_id, $comment_status);
    wp_transition_comment_status($comment_status, $comment_old->comment_approved, $comment);
    wp_update_comment_count($comment->comment_post_ID);
    return true;
}
function ajaxify_comments_jaya($comment_ID, $comment_status)
{
    if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
        //If AJAX Request Then
        switch ($comment_status) {
            case '0':
                //notify moderator of unapproved comment
                wp_notify_moderator($comment_ID);
            case '1':
                //Approved comment
                echo "success";
                $commentdata =& get_comment($comment_ID, ARRAY_A);
                //print_r( $commentdata);
                $permaurl = get_permalink($post->ID);
                $url = str_replace('http://', '/', $permaurl);
                if ($commentdata['comment_parent'] == 0) {
                    $output = '<li class="comment byuser comment-author-admin bypostauthor odd alt thread-odd thread-alt depth-1" id="comment-' . $commentdata['comment_ID'] . '">
<div id="div-comment-' . $commentdata['comment_ID'] . '" class="comment-body">
<div class="comment-author vcard">' . get_avatar($commentdata['comment_author_email']) . '<cite class="fn">' . $commentdata['comment_author'] . '</cite> <span class="says">says:</span>
</div>

<div class="comment-meta commentmetadata"><a href="http://localhost/WordPress_Code/?p=1#comment-' . $commentdata['comment_ID'] . '">' . get_comment_date('F j, Y \\a\\t g:i a', $commentdata['comment_ID']) . '</a>&nbsp;&nbsp;';
                    if (is_user_logged_in()) {
                        $output .= '<a class="comment-edit-link" href="' . home_url() . '/wp-admin/comment.php?action=editcomment&amp;c=' . $commentdata['comment_ID'] . '">
(Edit)</a>';
                    }
                    $output .= '</div>
<p>' . $commentdata['comment_content'] . '</p>
<div class="reply">
<a class="comment-reply-link" href="' . $url . '&amp;replytocom=' . $commentdata['comment_ID'] . '#respond"
onclick="return addComment.moveForm(&quot;div-comment-' . $commentdata['comment_ID'] . '&quot;, &quot;' . $commentdata['comment_ID'] . '&quot;, &quot;respond&quot;, &quot;1&quot;)">Reply</a>
</div>
</div>
</li>';
                    echo $output;
                } else {
                    $output = '<ul class="children"> <li class="comment byuser comment-author-admin bypostauthor even depth-2" id="comment-' . $commentdata['comment_ID'] . '">
<div id="div-comment-' . $commentdata['comment_ID'] . '" class="comment-body">
<div class="comment-author vcard">' . get_avatar($commentdata['comment_author_email']) . '<cite class="fn">' . $commentdata['comment_author'] . '</cite> <span class="says">says:</span> </div>

<div class="comment-meta commentmetadata"><a href="http://localhost/WordPress_Code/?p=1#comment-' . $commentdata['comment_ID'] . '">' . get_comment_date('F j, Y \\a\\t g:i a', $commentdata['comment_ID']) . '</a>&nbsp;&nbsp;';
                    if (is_user_logged_in()) {
                        $output .= '<a class="comment-edit-link" href="' . home_url() . '/wp-admin/comment.php?action=editcomment&amp;c=' . $commentdata['comment_ID'] . '">
(Edit)</a>';
                    }
                    $output .= '</div>
<p>' . $commentdata['comment_content'] . '</p>
<div class="reply">
<a class="comment-reply-link" href="' . $url . '&amp;replytocom=' . $commentdata['comment_ID'] . '#respond"
onclick="return addComment.moveForm(&quot;div-comment-' . $commentdata['comment_ID'] . '&quot;, &quot;' . $commentdata['comment_ID'] . '&quot;, &quot;respond&quot;, &quot;1&quot;)">Reply</a>
</div>
</div>
</li></ul>';
                    echo $output;
                }
                $post =& get_post($commentdata['comment_post_ID']);
                wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
                break;
            default:
                echo "error";
        }
        exit;
    }
}
Example #17
0
 function nxs_postNewComment($cmnt, $aa = false)
 {
     $cmnt['comment_post_ID'] = (int) $cmnt['comment_post_ID'];
     $cmnt['comment_parent'] = isset($cmnt['comment_parent']) ? absint($cmnt['comment_parent']) : 0;
     $parent_status = 0 < $cmnt['comment_parent'] ? wp_get_comment_status($cmnt['comment_parent']) : '';
     $cmnt['comment_parent'] = 'approved' == $parent_status || 'unapproved' == $parent_status ? $cmnt['comment_parent'] : 0;
     $cmnt['comment_author_IP'] = '';
     $cmnt['comment_agent'] = 'SNAP';
     $cmnt['comment_date'] = get_date_from_gmt($cmnt['comment_date_gmt']);
     $cmnt = wp_filter_comment($cmnt);
     if ($aa) {
         $cmnt['comment_approved'] = 1;
     } else {
         $cmnt['comment_approved'] = wp_allow_comment($cmnt);
     }
     $cmntID = wp_insert_comment($cmnt);
     if ('spam' !== $cmnt['comment_approved']) {
         if ('0' == $cmnt['comment_approved']) {
             wp_notify_moderator($cmntID);
         }
         $post =& get_post($cmnt['comment_post_ID']);
         if (get_option('comments_notify') && $cmnt['comment_approved'] && (!isset($cmnt['user_id']) || $post->post_author != $cmnt['user_id'])) {
             wp_notify_postauthor($cmntID, isset($cmnt['comment_type']) ? $cmnt['comment_type'] : '');
         }
         global $wpdb, $dsq_api;
         if (isset($dsq_api)) {
             $plugins_url = str_replace('social-networks-auto-poster-facebook-twitter-g/', '', plugin_dir_path(__FILE__));
             require_once $plugins_url . 'disqus-comment-system/export.php';
             if (function_exists('dsq_export_wp')) {
                 $comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM {$wpdb->comments} WHERE comment_ID = " . $cmntID));
                 // prr($comments);
                 $wxr = dsq_export_wp($post, $comments);
                 $response = $dsq_api->import_wordpress_comments($wxr, time());
                 // prr($response);
             }
         }
     }
     return $cmntID;
 }
             switch ($value) {
                 case 'later':
                     ++$item_ignored;
                     break;
                 case 'delete':
                     if (!$commentHandler->delete($commentObject)) {
                         redirect_header(wp_siteurl() . '/wp-admin/' . $this_file, 3, $categoryHandler->getErrors());
                     }
                     ++$item_deleted;
                     break;
                 case 'approve':
                     if (!$commentObject->approve()) {
                         redirect_header(wp_siteurl() . '/wp-admin/' . $this_file, 3, $categoryHandler->getErrors());
                     }
                     if (get_settings('comments_notify') == true) {
                         wp_notify_postauthor($key);
                     }
                     ++$item_approved;
                     break;
             }
         }
     }
     header("Location: {$this_file}?ignored={$item_ignored}&deleted={$item_deleted}&approved={$item_approved}");
     exit;
     break;
 default:
     //Check User_Level
     user_level_check();
     $standalone = 0;
     $title = 'Moderate comments';
     require_once 'admin-header.php';
Example #19
0
function pingback_ping($m)
{
    // original code by Mort
    // (http://mort.mine.nu:8080)
    global $wpdb;
    global $wp_version;
    if (!get_settings('use_pingback')) {
        return new xmlrpcresp(new xmlrpcval('Sorry, this weblog does not allow you to pingback its posts.'));
    }
    $title = '';
    $pagelinkedfrom = $m->getParam(0);
    $pagelinkedfrom = $pagelinkedfrom->scalarval();
    $pagelinkedto = $m->getParam(1);
    $pagelinkedto = $pagelinkedto->scalarval();
    $pagelinkedfrom = addslashes(str_replace('&amp;', '&', $pagelinkedfrom));
    $pagelinkedto = preg_replace('#&([^amp\\;])#is', '&amp;$1', $pagelinkedto);
    $messages = array(htmlentities('Pingback from ' . $pagelinkedfrom . ' to ' . $pagelinkedto . ' registered. Keep the web talking! :-)'), htmlentities("We can't find the URL to the post you are trying to " . "link to in your entry. Please check how you wrote the post's permalink in your entry."), htmlentities("We can't find the post you are trying to link to." . " Please check the post's permalink."));
    $message = $messages[0];
    // Check if the page linked to is in our site
    $pos1 = strpos($pagelinkedto, str_replace('http://', '', str_replace('www.', '', wp_siteurl())));
    if ($pos1) {
        // let's find which post is linked to
        $urltest = parse_url($pagelinkedto);
        if ($post_ID = url_to_postid($pagelinkedto)) {
            $way = 'url_to_postid()';
        } elseif (preg_match('#p/[0-9]{1,}#', $urltest['path'], $match)) {
            // the path defines the post_ID (archives/p/XXXX)
            $blah = explode('/', $match[0]);
            $post_ID = $blah[1];
            $way = 'from the path';
        } elseif (preg_match('#p=[0-9]{1,}#', $urltest['query'], $match)) {
            // the querystring defines the post_ID (?p=XXXX)
            $blah = explode('=', $match[0]);
            $post_ID = $blah[1];
            $way = 'from the querystring';
        } elseif (isset($urltest['fragment'])) {
            // an #anchor is there, it's either...
            if (intval($urltest['fragment'])) {
                // ...an integer #XXXX (simpliest case)
                $post_ID = $urltest['fragment'];
                $way = 'from the fragment (numeric)';
            } elseif (preg_match('/post-[0-9]+/', $urltest['fragment'])) {
                // ...a post id in the form 'post-###'
                $post_ID = preg_replace('/[^0-9]+/', '', $urltest['fragment']);
                $way = 'from the fragment (post-###)';
            } elseif (is_string($urltest['fragment'])) {
                // ...or a string #title, a little more complicated
                $title = preg_replace('/[^a-zA-Z0-9]/', '.', $urltest['fragment']);
                $sql = "SELECT ID FROM " . wp_table('posts') . " WHERE post_title RLIKE '" . addslashes($title) . "'";
                $post_ID = $wpdb->get_var($sql) or die("Query: {$sql}\n\nError: ");
                $way = 'from the fragment (title)';
            }
        } else {
            // TODO: Attempt to extract a post ID from the given URL
            $post_ID = -1;
            $way = 'no match';
        }
        logIO('O', "(PB) URI='{$pagelinkedto}' ID='{$post_ID}' Found='{$way}'");
        $sql = "SELECT post_author FROM " . wp_table('posts') . " WHERE ID = {$post_ID}";
        $result = $wpdb->get_results($sql);
        if ($wpdb->num_rows) {
            // Let's check that the remote site didn't already pingback this entry
            $sql = 'SELECT * FROM ' . wp_table('comments') . ' 
				WHERE comment_post_ID = ' . $post_ID . ' 
					AND comment_author_url = \'' . $pagelinkedfrom . '\' 
					AND comment_content LIKE \'%<pingback />%\'';
            $result = $wpdb->get_results($sql);
            if ($wpdb->num_rows || 1 == 1) {
                // very stupid, but gives time to the 'from' server to publish !
                sleep(1);
                // Let's check the remote site
                require_once XOOPS_ROOT_PATH . '/class/snoopy.php';
                $snoopy = new Snoopy();
                if ($snoopy->fetch($pagelinkedfrom)) {
                    $linea = $snoopy->results;
                } else {
                    $linea = '';
                }
                logIO('O', "(PB) CHARSET='" . $GLOBALS['blog_charset']);
                $linea = mb_conv($linea, $GLOBALS['blog_charset'], 'auto');
                // Work around bug in strip_tags():
                $linea = str_replace('<!DOCTYPE', '<DOCTYPE', $linea);
                $linea = strip_tags($linea, '<title><a>');
                $linea = strip_all_but_one_link($linea, $pagelinkedto);
                // I don't think we need this? -- emc3
                if (empty($matchtitle)) {
                    preg_match('|<title>([^<]*?)</title>|is', $linea, $matchtitle);
                }
                $pos2 = strpos($linea, $pagelinkedto);
                $pos3 = strpos($linea, str_replace('http://www.', 'http://', $pagelinkedto));
                logIO('O', "(PB) POS='{$pos2}, {$pos3}'");
                if (is_integer($pos2) || is_integer($pos3)) {
                    //debug_fwrite($log, 'The page really links to us :)'."\n");
                    $pos4 = is_integer($pos2) ? $pos2 : $pos3;
                    $start = $pos4 - 50;
                    if (function_exists('mb_convert_encoding')) {
                        $tmp1 = mb_strcut($linea, 0, $start, $GLOBALS['blog_charset']);
                    } else {
                        $tmp1 = substr($linea, 0, $start);
                    }
                    if (preg_match('/<[^>]*?$/', $tmp1, $match)) {
                        logIO('O', "(PB) MATCH='{$match[0]}");
                        $offset = strlen($match[0]);
                    } else {
                        $offset = 0;
                    }
                    if (function_exists('mb_convert_encoding')) {
                        $context = mb_strcut($linea, $start - $offset, 150 + $offset, $GLOBALS['blog_charset']);
                    } else {
                        $context = substr($linea, $star - $offsett, 150 + $offset);
                    }
                    $context = str_replace("\n", ' ', $context);
                    $context = str_replace('&amp;', '&', $context);
                    logIO('O', "(PB) CONTENT='{$context}");
                } else {
                    logIO('O', "(PB) CONTEXT=The page doesn't link to us, here's an excerpt");
                    exit;
                }
                //				fclose($fp);
                if (!empty($context)) {
                    // Check if pings are on, inelegant exit
                    $pingstatus = $wpdb->get_var("SELECT ping_status FROM " . wp_table('posts') . " WHERE ID = {$post_ID}");
                    if ('closed' == $pingstatus) {
                        logIO('O', '(PB) Sorry, pings are turned off for this post.');
                        exit;
                    }
                    $pagelinkedfrom = preg_replace('#&([^amp\\;])#is', '&amp;$1', $pagelinkedfrom);
                    $title = !strlen($matchtitle[1]) ? $pagelinkedfrom : $matchtitle[1];
                    $context = strip_tags($context);
                    $context = '<pingback />[...] ' . htmlspecialchars(trim($context)) . ' [...]';
                    $context = format_to_post($context);
                    $original_pagelinkedfrom = $pagelinkedfrom;
                    $pagelinkedfrom = addslashes($pagelinkedfrom);
                    $original_title = $title;
                    $title = addslashes(strip_tags(trim($title)));
                    $now = current_time('mysql', 0);
                    if (get_settings('comment_moderation') == 'manual') {
                        $approved = 0;
                    } else {
                        if (get_settings('comment_moderation') == 'auto') {
                            $approved = 0;
                        } else {
                            // none
                            $approved = 1;
                        }
                    }
                    $consulta = $wpdb->query("INSERT INTO " . wp_table('comments') . " \n\t\t\t\t\t\t(comment_post_ID, comment_author, comment_author_url, comment_date, comment_content,comment_approved, comment_type) \n\t\t\t\t\t\tVALUES \n\t\t\t\t\t\t({$post_ID}, '{$title}', '{$pagelinkedfrom}', '{$now}', '{$context}', '{$approved}', 'pingback')\n\t\t\t\t\t\t");
                    $comment_ID = $wpdb->get_var('SELECT last_insert_id()');
                    do_action('pingback_post', $comment_ID);
                    if (get_settings('moderation_notify') && !$approved) {
                        wp_notify_moderator($comment_ID, 'pingback');
                    }
                    if (get_settings('comments_notify') && $approved) {
                        wp_notify_postauthor($comment_ID, 'pingback');
                    }
                } else {
                    // URL pattern not found
                    $message = "Page linked to: {$pagelinkedto}\nPage linked from:" . " {$pagelinkedfrom}\nTitle: {$title}\nContext: {$context}\n\n" . $messages[1];
                }
            } else {
                // We already have a Pingback from this URL
                $message = "Sorry, you already did a pingback to {$pagelinkedto} from {$pagelinkedfrom}.";
            }
        } else {
            // Post_ID not found
            $message = $messages[2];
            //debug_fwrite($log, 'Post doesn\'t exist'."\n");
        }
    }
    return new xmlrpcresp(new xmlrpcval($message));
}
             switch ($value) {
                 case 'later':
                     ++$item_ignored;
                     break;
                 case 'delete':
                     if (!$commentHandler->delete($commentObject)) {
                         redirect_header(wp_siteurl() . '/wp-admin/' . $this_file, 3, $categoryHandler->getErrors());
                     }
                     ++$item_deleted;
                     break;
                 case 'approve':
                     if (!$commentObject->approve()) {
                         redirect_header(wp_siteurl() . '/wp-admin/' . $this_file, 3, $categoryHandler->getErrors());
                     }
                     if (get_settings('comments_notify') == true) {
                         wp_notify_postauthor($key, $commentObject->getVar('comment_type'));
                     }
                     ++$item_approved;
                     break;
             }
         }
     }
     header("Location: {$this_file}?ignored={$item_ignored}&deleted={$item_deleted}&approved={$item_approved}");
     exit;
     break;
 default:
     //Check User_Level
     user_level_check();
     $standalone = 0;
     $title = 'Moderate comments';
     require_once 'admin-header.php';
     if ($_SERVER['HTTP_REFERER'] != "" && false == $noredir) {
         $location = $_SERVER['HTTP_REFERER'];
     } else {
         $location = $siteurl . '/wp-admin/edit.php?p=' . $p . '&c=1#comments';
     }
     if (!$xoopsWPTicket->check(false)) {
         redirect_header($location, 3, $xoopsWPTicket->getErrors());
     }
     if (!($commentObject =& $commentHandler->get($comment))) {
         redirect_header($location, 3, _LANG_P_OOPS_IDPOS);
     }
     if (!$commentObject->approve(true)) {
         redirect_header($location, 3, $commentHandler->getErrors());
     }
     if (get_settings("comments_notify") == true) {
         wp_notify_postauthor($comment);
     }
     header('Location: ' . $location);
     exit;
     break;
 case 'editedcomment':
     if (!$xoopsWPTicket->check()) {
         redirect_header($siteurl . '/wp-admin/', 3, $xoopsWPTicket->getErrors());
     }
     if ($user_level == 0) {
         redirect_header($siteurl . '/wp-admin/', 5, _LANG_P_CHEATING_ERROR);
     }
     init_param('POST', 'comment_ID', 'integer', NO_DEFAULT_PARAM, true);
     init_param('POST', 'newcomment_author', 'string', '', true);
     init_param('POST', 'newcomment_author_email', 'string', '', true);
     init_param('POST', 'newcomment_author_url', 'string', '', true);
Example #22
0
 /**
  * Saves the aggregated comments.
  *
  * @param  object  $post
  * @return void
  */
 public function save_aggregated_comments(&$post)
 {
     if (isset($post->results[$this->_key])) {
         global $wpdb;
         foreach ($post->results[$this->_key] as $result) {
             $commentdata = array('comment_post_ID' => $post->ID, 'comment_author_email' => $wpdb->escape($this->_key . '.' . $result->id . '@example.com'), 'comment_author_IP' => $_SERVER['SERVER_ADDR'], 'comment_agent' => 'Social Aggregator');
             if (isset($result->parent)) {
                 if ($wp_parent = $this->get_comment_from_fb_id($result->parent->id)) {
                     $commentdata['comment_parent'] = $wp_parent->comment_id;
                 }
             }
             if (!isset($result->like)) {
                 $commentdata = array_merge($commentdata, array('comment_type' => 'social-facebook', 'comment_author' => $wpdb->escape($result->from->name), 'comment_author_url' => $result->from->link, 'comment_content' => $wpdb->escape($result->message), 'comment_date' => date('Y-m-d H:i:s', strtotime($result->created_time) + get_option('gmt_offset') * 3600), 'comment_date_gmt' => gmdate('Y-m-d H:i:s', strtotime($result->created_time))));
             } else {
                 // v2.0+ returns app scoped ids, both app scoped ids and real ids redirect to the profile with
                 // https://www.facebook.com/{user-id}|{app-scoped-id}
                 $url = 'https://www.facebook.com/' . $result->id . '/';
                 $commentdata = array_merge($commentdata, array('comment_type' => 'social-facebook-like', 'comment_author' => $wpdb->escape($result->name), 'comment_author_url' => $url, 'comment_content' => $wpdb->escape('<a href="' . $url . '" target="_blank">' . $result->name . '</a> liked this on Facebook.'), 'comment_date' => current_time('mysql'), 'comment_date_gmt' => current_time('mysql', 1)));
             }
             $user_id = isset($result->like) ? $result->from_id : $result->from->id;
             $commentdata = array_merge($commentdata, array('comment_post_ID' => $post->ID, 'comment_author_email' => $this->_key . '.' . $user_id . '@example.com'));
             if (apply_filters('social_approve_likes_and_retweets', false) && isset($result->like)) {
                 $commentdata['comment_approved'] = 1;
             } else {
                 if (($commentdata = $this->allow_comment($commentdata, $result->id, $post)) === false) {
                     continue;
                 }
             }
             Social::log('Saving #:result_id.', array('result_id' => $result->id));
             $comment_id = 0;
             try {
                 Social::Log('Attempting to save commentdata: :commentdata', array('commentdata' => print_r($commentdata, true)));
                 $comment_id = wp_insert_comment($commentdata);
                 update_comment_meta($comment_id, 'social_account_id', addslashes_deep($user_id));
                 update_comment_meta($comment_id, 'social_profile_image_url', addslashes_deep('https://graph.facebook.com/' . $user_id . '/picture'));
                 update_comment_meta($comment_id, 'social_status_id', addslashes_deep($result->status_id));
                 update_comment_meta($comment_id, 'social_broadcast_id', addslashes_deep($result->id));
                 if ($result->reply_to_id) {
                     update_comment_meta($comment_id, 'social_reply_to_id', addslashes_deep($result->reply_to_id));
                 }
                 if (!isset($result->raw)) {
                     $result = (object) array_merge((array) $result, array('raw' => $result));
                 }
                 update_comment_meta($comment_id, 'social_raw_data', addslashes_deep(base64_encode(json_encode($result->raw))));
                 if ($commentdata['comment_approved'] !== 'spam') {
                     if ($commentdata['comment_approved'] == '0') {
                         wp_notify_moderator($comment_id);
                     }
                     if (get_option('comments_notify') and $commentdata['comment_approved'] and (!isset($commentdata['user_id']) or $post->post_author != $commentdata['user_id'])) {
                         wp_notify_postauthor($comment_id, 'comment');
                     }
                 }
             } catch (Exception $e) {
                 // Something went wrong, remove the aggregated ID.
                 if (($key = array_search($result->id, $post->aggregated_ids['facebook'])) !== false) {
                     unset($post->aggregated_ids['facebook'][$key]);
                 }
                 if ((int) $comment_id) {
                     // Delete the comment in case it wasn't the insert that failed.
                     wp_delete_comment($comment_id);
                 }
             }
         }
     }
 }
Example #23
0
/**
 * Sets the status of a comment.
 *
 * The 'wp_set_comment_status' action is called after the comment is handled and
 * will only be called, if the comment status is either 'hold', 'approve', or
 * 'spam'. If the comment status is not in the list, then false is returned and
 * if the status is 'delete', then the comment is deleted without calling the
 * action.
 *
 * @since 1.0.0
 * @uses wp_transition_comment_status() Passes new and old comment status along with $comment object
 *
 * @param int $comment_id Comment ID.
 * @param string $comment_status New comment status, either 'hold', 'approve', 'spam', or 'delete'.
 * @return bool False on failure or deletion and true on success.
 */
function wp_set_comment_status($comment_id, $comment_status)
{
    global $wpdb;
    switch ($comment_status) {
        case 'hold':
            $query = $wpdb->prepare("UPDATE {$wpdb->comments} SET comment_approved='0' WHERE comment_ID = %d LIMIT 1", $comment_id);
            break;
        case 'approve':
            $query = $wpdb->prepare("UPDATE {$wpdb->comments} SET comment_approved='1' WHERE comment_ID = %d LIMIT 1", $comment_id);
            if (get_option('comments_notify')) {
                $comment = get_comment($comment_id);
                wp_notify_postauthor($comment_id, $comment->comment_type);
            }
            break;
        case 'spam':
            $query = $wpdb->prepare("UPDATE {$wpdb->comments} SET comment_approved='spam' WHERE comment_ID = %d LIMIT 1", $comment_id);
            break;
        case 'delete':
            return wp_delete_comment($comment_id);
            break;
        default:
            return false;
    }
    if (!$wpdb->query($query)) {
        return false;
    }
    clean_comment_cache($comment_id);
    $comment = get_comment($comment_id);
    do_action('wp_set_comment_status', $comment_id, $comment_status);
    wp_transition_comment_status($comment_status, $comment->comment_approved, $comment);
    wp_update_comment_count($comment->comment_post_ID);
    return true;
}
     $approved = 0;
 } else {
     if ('auto' == $comment_moderation) {
         $approved = 0;
     } else {
         // none
         $approved = 1;
     }
 }
 $wpdb->query("INSERT INTO {$wpdb->comments[$wp_id]} \n\t(comment_ID, comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_content, comment_approved) \n\tVALUES \n\t('0', '{$comment_post_ID}', '{$author}', '{$email}', '{$url}', '{$user_ip}', '{$now}', '{$comment}', '{$approved}')\n\t");
 $comment_ID = $wpdb->get_var('SELECT last_insert_id()');
 if ($moderation_notify && !$approved) {
     wp_notify_moderator($comment_ID);
 }
 if (get_settings('comments_notify') && $approved) {
     wp_notify_postauthor($comment_ID, 'comment');
 }
 if ($email == '') {
     $email = ' ';
 }
 // this to make sure a cookie is set for 'no email'
 if ($url == '') {
     $url = ' ';
 }
 // this to make sure a cookie is set for 'no url'
 setcookie('comment_author_' . $cookiehash, $author, time() + 30000000);
 setcookie('comment_author_email_' . $cookiehash, $email, time() + 30000000);
 setcookie('comment_author_url_' . $cookiehash, $url, time() + 30000000);
 header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
 header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
 header('Cache-Control: no-cache, must-revalidate');
Example #25
0
/**
 * Send a notification of a new comment to the post author.
 *
 * @since 4.4.0
 *
 * Uses the {@see 'notify_post_author'} filter to determine whether the post author
 * should be notified when a new comment is added, overriding site setting.
 *
 * @param int $comment_ID Comment ID.
 * @return bool True on success, false on failure.
 */
function wp_new_comment_notify_postauthor($comment_ID)
{
    $comment = get_comment($comment_ID);
    $maybe_notify = get_option('comments_notify');
    /**
     * Filter whether to send the post author new comment notification emails,
     * overriding the site setting.
     *
     * @since 4.4.0
     *
     * @param bool $maybe_notify Whether to notify the post author about the new comment.
     * @param int  $comment_ID   The ID of the comment for the notification.
     */
    $maybe_notify = apply_filters('notify_post_author', $maybe_notify, $comment_ID);
    /*
     * wp_notify_postauthor() checks if notifying the author of their own comment.
     * By default, it won't, but filters can override this.
     */
    if (!$maybe_notify) {
        return false;
    }
    // Only send notifications for approved comments.
    if (!isset($comment->comment_approved) || 'spam' === $comment->comment_approved || !$comment->comment_approved) {
        return false;
    }
    return wp_notify_postauthor($comment_ID);
}
 private function approve_comment($action)
 {
     $comment_id = intval($_GET['c']);
     check_admin_referer('approve-comment_' . $comment_id);
     $noredir = isset($_GET['noredir']);
     if (!($comment = get_comment($comment_id))) {
         $this->base->ks_die(__('Oops, no comment with this ID.') . sprintf(' <a href="%s">' . __('Go back') . '</a>!', 'edit-comments.php'), '', false);
     }
     if (!current_user_can('edit_post', $comment->comment_post_ID)) {
         if ('approvecomment' == $action) {
             $this->base->ks_die(__('You are not allowed to edit comments on this post, so you cannot approve this comment.'));
         } else {
             $this->base->ks_die(__('You are not allowed to edit comments on this post, so you cannot disapprove this comment.'));
         }
         // exit;
     }
     $redir = $this->referer;
     if (empty($redir) || $noredir) {
         $redir = 'edit-comments.php?p=' . intval($comment->comment_post_ID);
     }
     if ('approvecomment' == $action) {
         wp_set_comment_status($comment_id, 'approve');
         $redir = add_query_arg(array('approved' => 1), $redir);
     } else {
         wp_set_comment_status($comment_id, 'hold');
         $redir = add_query_arg(array('unapproved' => 1), $redir);
     }
     if (get_option('comments_notify')) {
         wp_notify_postauthor($comment->comment_ID);
     }
     $this->admin->redirect($redir);
     exit;
 }
Example #27
0
 public function save_comment($comment_ID, $comment_status)
 {
     // If it's an AJAX-submitted comment
     if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest' && $_REQUEST['ap_comment_form']) {
         // Get the comment data
         $comment = get_comment($comment_ID);
         // Allow the email to the author to be sent
         wp_notify_postauthor($comment_ID, $comment->comment_type);
         // Get the comment HTML from my custom comment HTML function
         ob_start();
         ap_comment($comment);
         $html = ob_get_clean();
         $result = json_encode(array('status' => true, 'comment_ID' => $comment->comment_ID, 'comment_post_ID' => $comment->comment_post_ID, 'comment_content' => $comment->comment_content, 'html' => $html, 'message' => __('Comment submitted successfully', 'ap')));
         echo $result;
         die;
     }
 }
/**
 * Send a notification of a new comment to the post author.
 *
 * @since 4.4.0
 *
 * @param int $comment_ID ID of the comment.
 * @return bool True on success, false on failure.
 */
function wp_new_comment_notify_postauthor($comment_ID)
{
    $comment = get_comment($comment_ID);
    /*
     * `wp_notify_postauthor()` checks if notifying the author of their own comment.
     * By default, it won't, but filters can override this.
     */
    if (!get_option('comments_notify')) {
        return false;
    }
    // Only send notifications for approved comments.
    if (!isset($comment->comment_approved) || 'spam' === $comment->comment_approved || !$comment->comment_approved) {
        return false;
    }
    return wp_notify_postauthor($comment_ID);
}
    } else {
        if ('auto' == $comment_moderation) {
            $approved = 0;
        } else {
            // none
            $approved = 1;
        }
    }
    if ($charset == "") {
        $charset = "auto";
    } else {
        $charset = strtoupper(trim($charset));
    }
    if (function_exists('mb_convert_encoding')) {
        if ($charset == "auto") {
            $charset = mb_detect_encoding($commnet . $author, $charset);
        }
        $comment = mb_convert_encoding($comment, $blog_charset, $charset);
        $author = mb_convert_encoding($author, $blog_charset, $charset);
    }
    $result = $wpdb->query("INSERT INTO {$tablecomments} \n\t(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_content, comment_approved)\n\tVALUES \n\t('{$comment_post_ID}', '{$author}', '{$email}', '{$tb_url}', '{$user_ip}', '{$now}', '{$comment}', '{$approved}')\n\t");
    if (!$result) {
        die("There is an error with the database, it can't store your comment...<br />Please contact the <a href='mailto:{$admin_email}'>webmaster</a>.");
    } else {
        $comment_ID = $wpdb->get_var('SELECT last_insert_id()');
        if ($comments_notify) {
            wp_notify_postauthor($comment_ID, 'trackback');
        }
        trackback_response(0);
    }
}
Example #30
0
// check for required fields
if (empty($comment)) {
    echo json_encode(array('errors' => 'Please enter a comment'));
    exit;
}
if ($quote_id === 0) {
    echo json_encode(array('errors' => 'Sorry, this form submission is not allowed (invalid quote ID).'));
    exit;
}
// get commenter info
$current_user = wp_get_current_user();
// set up comment properties
$comment_parameters = array('comment_author' => $current_user->display_name, 'comment_author_email' => $current_user->user_email, 'comment_author_IP' => $_SERVER['REMOTE_ADDR'], 'comment_author_url' => $current_user->user_url, 'comment_content' => $comment, 'comment_date' => current_time('mysql'), 'comment_parent' => 0, 'comment_post_ID' => $quote_id, 'user_id' => $current_user->ID);
// add the comment
if ($comment_added_id = wp_insert_comment($comment_parameters)) {
    wp_notify_postauthor($comment_added_id);
    if (!($comment_avatar = get_wp_user_avatar($current_user->ID, 48))) {
        $comment_avatar = DEFAULT_THUMBNAIL;
    }
    $comment_html = '
	<li>' . $comment_avatar . $current_user->display_name . '<time class="timeago" datetime="' . date('c') . '">' . date('F j, Y') . '</time>
		<p>' . $comment . '</p>
	</li>';
    echo json_encode(array('comment_html' => $comment_html));
} else {
    echo json_encode(array('errors' => 'There was a problem adding your comment'));
}
exit;
/*
function ajaxify_comments($comment_ID, $comment_status){
	if(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'){