public static function get_time_left($commentID = 0) { global $wpdb, $aecomments; $adminMinutes = (int) $aecomments->get_admin_option('minutes'); $query = $wpdb->prepare("SELECT ({$adminMinutes} * 60 - (UNIX_TIMESTAMP('" . current_time('mysql') . "') - UNIX_TIMESTAMP(comment_date))) time, comment_author_email, user_id FROM {$wpdb->comments} where comment_ID = %d", $commentID); //Get the Timestamp $comment = $wpdb->get_row($query, ARRAY_A); if (!$comment) { die(json_encode(array('error' => '-1'))); } if (AECCore::can_indefinitely_edit($comment['user_id'])) { die(json_encode(array('success' => '1'))); } //Get the time elapsed since making the comment if ((int) $comment['time'] <= 0) { die(json_encode(array('error' => '-1'))); } $timeleft = (int) $comment['time']; $minutes = floor($timeleft / 60); $seconds = $timeleft - $minutes * 60; $response = array('minutes' => $minutes, 'cid' => $commentID, 'seconds' => $seconds); die(json_encode($response)); }
public static function comment_posted($commentID = 0) { global $wpdb, $aecomments; //Get comment $comment = get_comment($commentID, ARRAY_A); //Some sanity checks if (!$comment) { return; } //if ($comment['comment_approved'] == "1") { return; } if ($comment['comment_approved'] == "spam") { return; } //If admin, exit since we don't want to add anything if (AECCore::is_comment_owner($comment['comment_post_ID'])) { return $commentID; } //Check to see if the user is logged in and can indefinitely edit if ($comment['user_id'] != 0) { if ($aecomments->get_admin_option('allow_registeredediting') == 'false') { return 'no_user_editing'; } } else { //Check to see if admin allows comment editing for anonymous users if ($aecomments->get_admin_option('allow_editing') == "false") { return 'no_user_editing'; } } //Don't save data if user can indefinitely edit if (AECCore::can_indefinitely_edit($comment['user_id'])) { return; } //Get hash and random security key $hash = md5($comment['comment_author_IP'] . $comment['comment_date_gmt']); $rand = 'wpAjax' . $hash . md5(AECUtility::random()) . md5(AECUtility::random()); //Get the minutes allowed to edit $minutes = $aecomments->get_admin_option('minutes'); if (!is_numeric($minutes)) { $minutes = $aecomments->get_minutes(); } if ($minutes < 1) { $minutes = $aecomments->get_minutes(); } //Insert the random key into the database //todo - update to update_post_meta or use comment meta instead $query = "INSERT INTO " . $wpdb->postmeta . "(post_id, meta_key, meta_value) " . "VALUES (%d,'_%d', %s)"; @$wpdb->query($wpdb->prepare($query, $comment['comment_post_ID'], $comment['comment_ID'], $rand)); //Set the cookie $cookieName = 'WPAjaxEditCommentsComment' . $commentID . $hash; $value = $rand; $expire = time() + 60 * $minutes; if (!isset($_COOKIE[$cookieName])) { setcookie($cookieName, $value, $expire, COOKIEPATH, COOKIE_DOMAIN); //setcookie($cookieName, $value, $expire, SITECOOKIEPATH,COOKIE_DOMAIN); $GLOBALS[$cookieName] = $value; //For compatability with CFORMS } //Read in security key count, delete keys if over 100 $securityCount = get_site_option('ajax-edit-comments_security_key_count'); if (!$securityCount) { $securityCount = get_option('ajax-edit-comments_security_key_count'); } //for upgrade/multi-site support if (!$securityCount) { $securityCount = 1; update_site_option('ajax-edit-comments_security_key_count', $securityCount); } else { $securityCount = (int) $securityCount; } //Delete keys if over a 100 if ($securityCount >= 100) { $metakey = "_" . $comment['comment_ID']; @$wpdb->query($wpdb->prepare("delete from {$wpdb->postmeta} where left(meta_value, 6) = 'wpAjax' and meta_key <> '%s'", $metakey)); $securityCount = 0; } $securityCount += 1; update_site_option('ajax-edit-comments_security_key_count', $securityCount); return $commentID; }
public static function can_edit_quickcheck($comment) { global $aecomments; //Check if admin/editor/post author if (AECCore::is_comment_owner($comment->comment_post_ID)) { return 1; } //Check to see if the user is logged in and can indefinitely edit if (AECCore::can_indefinitely_edit($comment->user_id)) { return 1; } //Now we check to see if there is any time remaining for comments $timestamp = strtotime($comment->comment_date); $time = current_time('timestamp', get_option('gmt_offset')) - $timestamp; $minutesPassed = round($time % 604800 % 86400 % 3600 / 60); //Get the time the admin has set for minutes $minutes = $aecomments->get_admin_option('minutes'); if (!is_numeric($minutes)) { $minutes = $aecomments->get_minutes(); //failsafe } if ($minutes < 1) { $minutes = $aecomments->get_minutes(); } if ($minutesPassed - $minutes > 0) { return 'comment_time_elapsed'; } else { return 1; //Yay, user can edit } }