public static function save_comment($commentID, $postID, $commentarr) { global $wpdb, $aecomments; //Save the old comment and build an undo spot $undoComment = $commentarr; //Make sure the comment has something in it $response = array(); if ('' == $commentarr['comment_content'] || $commentarr['comment_content'] == "undefined") { $response['error'] = $aecomments->get_error('content_empty'); return $response; } //Check to see if user can edit $message = AECCore::can_edit($commentID, $postID); if (is_string($message)) { $response['error'] = $aecomments->get_error($message); return $response; } //Sanity checks if (!AECCore::is_comment_owner($postID)) { //Make sure required fields are filled out if (get_option('require_name_email') && (6 > strlen($commentarr['comment_author_email']) && AECCore::can_edit_email($commentID, $postID) || '' == $commentarr['comment_author'] && AECCore::can_edit_name($commentID, $postID))) { $response['error'] = $aecomments->get_error('required_fields'); return $response; } } // end comment_owner check //Make sure the e-mail is valid - Skip if pingback or trackback if (!($aecomments->admin && empty($commentarr['comment_author_email']))) { if (!is_email($commentarr['comment_author_email']) && $commentarr['comment_type'] != "pingback" && $commentarr['comment_type'] != "trackback") { if (!get_option('require_name_email') && empty($commentarr['comment_author_email'])) { } else { if (AECCore::can_edit_email($commentID, $postID)) { $response['error'] = $aecomments->get_error('invalid_email'); return $response; } } } } if (strtolower(get_option('blog_charset')) != 'utf-8') { @$wpdb->query("SET names 'utf8'"); } //comment out if getting char errors //Save the comment $commentarr['comment_ID'] = (int) $commentID; $commentapproved = $commentarr['comment_approved']; //Condition the data for returning do_action('wp_ajax_comments_remove_content_filter'); //Do some comment checks before updating if (!AECCore::is_comment_owner($postID)) { //Preserve moderation/spam setting. Only check approved comments if ($commentarr['comment_approved'] == 1) { // Everyone else's comments will be checked. if (check_comment($commentarr['comment_author'], $commentarr['comment_author_email'], $commentarr['comment_author_url'], $commentarr['comment_content'], $commentarr['comment_author_IP'], $commentarr['comment_agent'], $commentarr['comment_type'])) { $commentarr['comment_approved'] = 1; } else { $commentarr['comment_approved'] = 0; } } if (wp_blacklist_check($commentarr['comment_author'], $commentarr['comment_author_email'], $commentarr['comment_author_url'], $commentarr['comment_content'], $commentarr['comment_author_IP'], $commentarr['comment_agent'])) { $commentarr['comment_approved'] = 'spam'; } } //Update the comment wp_update_comment($commentarr); //If spammed, return error if (!$aecomments->admin && $commentarr['comment_approved'] === 'spam') { $response['error'] = $aecomments->get_error('comment_marked_spam'); return $response; } //If moderated, return error if ($commentarr['comment_approved'] == 0 && $commentapproved != 0) { $response['error'] = $aecomments->get_error('comment_marked_moderated'); return $response; } //Check for spam if (!AECCore::is_comment_owner($postID)) { if (AECCore::check_spam($commentID, $postID)) { $response['error'] = $aecomments->get_error('comment_marked_spam'); return $response; } } //Do actions after a comment has successfully been edited do_action_ref_array('wp_ajax_comments_comment_edited', array(&$commentID, &$postID)); //Get undo data if ($aecomments->admin) { $oldComment = $aecomments->get_admin_option('undo'); $undo = AECUtility::build_undo_url("undoedit", $commentID, $postID, __('Comment successfully saved', 'ajaxEdit')); } else { $undo = ''; } $approve_count = get_comment_count($postID); $comment_count = get_comment_count(); //For security, get the new comment if (isset($GLOBALS['comment'])) { unset($GLOBALS['comment']); } global $comment; $comment = get_comment($commentID); //Condition the data for returning do_action('wp_ajax_comments_remove_content_filter'); $response = array('content' => stripslashes(apply_filters('comment_text', apply_filters('get_comment_text', AECUtility::encode($comment->comment_content)))), 'comment_author' => stripslashes(apply_filters('comment_author', apply_filters('get_comment_author', AECUtility::encode($comment->comment_author)))), 'comment_author_url' => stripslashes(apply_filters('comment_url', apply_filters('get_comment_author_url', $comment->comment_author_url))), 'comment_date' => get_comment_date('F jS, Y'), 'comment_time' => get_comment_time(), 'comment_approved' => $comment->comment_approved, 'old_comment_approved' => isset($oldComment) ? $oldComment['comment_approved'] : false, 'undo_comment_approved' => isset($undoComment) ? $undoComment['comment_approved'] : false, 'approve_count' => $approve_count['approved'], 'moderation_count' => $comment_count['awaiting_moderation'], 'spam_count' => $comment_count['spam'], 'comment_links' => AECCore::build_admin_links($commentID, $postID), 'undo' => $undo); return $response; }
public static function add_edit_links($content) { global $comment, $aecomments; if ($aecomments->skip) { $aecomments->skip = false; return $content; } if (empty($comment)) { return $content; } if (is_page() && $aecomments->get_admin_option('show_pages') != 'true') { return $content; } if (AECCore::can_edit_quickcheck($comment) != 1) { return $content; } //--ag if (AECCore::can_edit($comment->comment_ID, $comment->comment_post_ID) != 1) { return $content; } if ($aecomments->get_admin_option('comment_display_top') == 'true') { $aec_top = true; } $tempContent = $content; //temporary variable to store content $edit_admin = "edit-comment-admin-links"; $clearfix = $timer_class = ''; if ($aecomments->get_admin_option('icon_display') != 'classic' && $aecomments->get_admin_option('icon_display') != 'dropdown') { $edit_admin = "edit-comment-admin-links-no-icon"; $timer_class = "ajax-edit-time-left-no-icon"; } /*If you're wondering why the JS is inline, it's because people with 500+ comments were having their browsers lock up. With inline, the JS is run as needed. Not elegant, but the best solution.*/ if (!isset($aec_top)) { //Test to see if user wants interface on top or bottom $content = '<div class="edit-comment" id="edit-comment' . $comment->comment_ID . '" style="background: none">' . $content . '</div>'; $content .= "<div id='comment-undo-{$comment->comment_ID}' class='aec-undo' style='background: none'></div>"; } else { $content = ''; } if (!AECCore::is_comment_owner($comment->comment_post_ID)) { //For anonymous users $content .= "<div class='{$edit_admin} {$clearfix}' id='edit-comment-user-link-{$comment->comment_ID}' style='background:none'>"; $content .= AECCore::build_admin_links($comment->comment_ID, $comment->comment_post_ID); $content .= "</div>"; //Show custom content to users if (AECCore::show_affiliate_link()) { $message = do_shortcode(stripslashes($aecomments->get_admin_option('affiliate_text'))); $message = str_replace("[url]", "<a href='http://www.ajaxeditcomments.com/?affiliate_id=" . $aecomments->get_admin_option('affiliate_id') . "'>", $message); $message = str_replace("[/url]", "</a>", $message); $content .= "<div class='aec-custom-text'>{$message}</div><!--/aec-custom-text-->"; } //End for anonymous users } else { //Check if user is editor $role = AECUtility::get_user_role(); //todo change editor to capability if ($role == 'editor' && $aecomments->get_admin_option('allow_editing_editors') == 'false') { return $content; } if (is_admin() && $aecomments->get_admin_option('admin_editing') == "false") { //We're in the admin panel $content .= '<div class="' . $edit_admin . ' ' . $clearfix . '" id="edit-comment-admin-links' . $comment->comment_ID . '">'; $content .= AECCore::build_admin_links($comment->comment_ID, $comment->comment_post_ID); $content .= "</div>"; //End in the admin panel } elseif ($aecomments->get_user_option('comment_editing') == "true") { //We're in a post $content .= '<div class="' . $edit_admin . ' ' . $clearfix . '" id="edit-comment-admin-links' . $comment->comment_ID . '" style="background: none">'; $content .= AECCore::build_admin_links($comment->comment_ID, $comment->comment_post_ID); $content .= "</div>"; } } if (isset($aec_top)) { //Test to see if user wants interface on top or bottom $content .= "<div id='comment-undo-{$comment->comment_ID}' class='aec-undo' style='background: none'></div>"; $content .= '<div class="edit-comment" id="edit-comment' . $comment->comment_ID . '" style="background: none">' . $tempContent . '</div>'; } return $content; }