function ajax_comment() { global $wpdb; //nocache_headers(); $comment_post_ID = isset($_POST['comment_post_ID']) ? (int) $_POST['comment_post_ID'] : 0; $post = get_post($comment_post_ID); $post_author = $post->post_author; if (empty($post->comment_status)) { do_action('comment_id_not_found', $comment_post_ID); ajax_comment_err(__('Invalid comment status.', 'Lophita')); } $status = get_post_status($post); $status_obj = get_post_status_object($status); if (!comments_open($comment_post_ID)) { do_action('comment_closed', $comment_post_ID); ajax_comment_err(__('Sorry, comments are closed for this item.', 'Lophita')); } elseif ('trash' == $status) { do_action('comment_on_trash', $comment_post_ID); ajax_comment_err(__('Invalid comment status.', 'Lophita')); } elseif (!$status_obj->public && !$status_obj->private) { do_action('comment_on_draft', $comment_post_ID); ajax_comment_err(__('Invalid comment status.', 'Lophita')); } elseif (post_password_required($comment_post_ID)) { do_action('comment_on_password_protected', $comment_post_ID); ajax_comment_err(__('Password Protected', 'Lophita')); } else { do_action('pre_comment_on_post', $comment_post_ID); } $comment_author = isset($_POST['author']) ? trim(strip_tags($_POST['author'])) : null; $comment_author_email = isset($_POST['email']) ? trim($_POST['email']) : null; $comment_author_url = isset($_POST['url']) ? trim($_POST['url']) : null; $comment_content = isset($_POST['comment']) ? trim($_POST['comment']) : null; $edit_id = isset($_POST['edit_id']) ? $_POST['edit_id'] : null; $user = wp_get_current_user(); if ($user->exists()) { if (empty($user->display_name)) { $user->display_name = $user->user_login; } $comment_author = $wpdb->escape($user->display_name); $comment_author_email = $wpdb->escape($user->user_email); $comment_author_url = $wpdb->escape($user->user_url); $user_ID = $wpdb->escape($user->ID); if (current_user_can('unfiltered_html')) { if (wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment']) { kses_remove_filters(); kses_init_filters(); } } } else { if (get_option('comment_registration') || 'private' == $status) { ajax_comment_err(__('Sorry, you must be logged in to post a comment.', 'Lophita')); } } $comment_type = ''; if (get_option('require_name_email') && !$user->exists()) { if (6 > strlen($comment_author_email) || '' == $comment_author) { ajax_comment_err(__('Error: please fill the required fields (name, email).', 'Lophita')); } elseif (!is_email($comment_author_email)) { ajax_comment_err(__('Error: please enter a valid email address.', 'Lophita')); } } if ('' == $comment_content) { ajax_comment_err(__('Error: please type a comment.', 'Lophita')); } $dupe = "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = '{$comment_post_ID}' AND ( comment_author = '{$comment_author}' "; if ($comment_author_email) { $dupe .= "OR comment_author_email = '{$comment_author_email}' "; } $dupe .= ") AND comment_content = '{$comment_content}' LIMIT 1"; if ($wpdb->get_var($dupe)) { ajax_comment_err(__('Duplicate comment detected; it looks as though you’ve already said that!', 'Lophita')); } if ($lasttime = $wpdb->get_var($wpdb->prepare("SELECT comment_date_gmt FROM {$wpdb->comments} WHERE comment_author = %s ORDER BY comment_date DESC LIMIT 1", $comment_author))) { $time_lastcomment = mysql2date('U', $lasttime, false); $time_newcomment = mysql2date('U', current_time('mysql', 1), false); $flood_die = apply_filters('comment_flood_filter', false, $time_lastcomment, $time_newcomment); if ($flood_die) { ajax_comment_err(__('You are posting comments too quickly. Slow down.', 'Lophita')); } } $comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_parent']) : 0; $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID'); if ($edit_id) { $comment_id = $commentdata['comment_ID'] = $edit_id; if (ihacklog_user_can_edit_comment($commentdata, $comment_id)) { wp_update_comment($commentdata); } else { ajax_comment_err(__('Cheatin’ uh?', 'Lophita')); } } else { $comment_id = wp_new_comment($commentdata); } $comment = get_comment($comment_id); do_action('set_comment_cookies', $comment, $user); $comment_depth = 1; $tmp_c = $comment; while ($tmp_c->comment_parent != 0) { $comment_depth++; $tmp_c = get_comment($tmp_c->comment_parent); } $GLOBALS['comment'] = $comment; ?> <li <?php comment_class(); ?> id="li-comment-<?php comment_ID(); ?> "> <article id="comment-<?php comment_ID(); ?> " class="comment-container"> <div class="comment-header"> <span class="comment-name"><?php printf(__('%s'), get_comment_author_link()); ?> </span> <time class="comment-date" datetime="<?php comment_time('Y/m/d H:i:s'); ?> "><?php echo time_ago(); ?> </time> </div> <?php if ('0' == $comment->comment_approved) { ?> <p class="comment-awaiting-moderation">您的评论正在排队等待审核,请稍后再来!</p> <?php } ?> <div class="comment-content"> <?php comment_text(); ?> </div> </article> <?php die; }
function ajax_comment_callback() { global $wpdb; $comment_post_ID = isset($_POST['comment_post_ID']) ? (int) $_POST['comment_post_ID'] : 0; $post = get_post($comment_post_ID); $post_author = $post->post_author; if (empty($post->comment_status)) { do_action('comment_id_not_found', $comment_post_ID); ajax_comment_err('Invalid comment status.'); } $status = get_post_status($post); $status_obj = get_post_status_object($status); if (!comments_open($comment_post_ID)) { do_action('comment_closed', $comment_post_ID); ajax_comment_err('Sorry, comments are closed for this item.'); } elseif ('trash' == $status) { do_action('comment_on_trash', $comment_post_ID); ajax_comment_err('Invalid comment status.'); } elseif (!$status_obj->public && !$status_obj->private) { do_action('comment_on_draft', $comment_post_ID); ajax_comment_err('Invalid comment status.'); } elseif (post_password_required($comment_post_ID)) { do_action('comment_on_password_protected', $comment_post_ID); ajax_comment_err('Password Protected'); } else { do_action('pre_comment_on_post', $comment_post_ID); } $comment_author = isset($_POST['author']) ? trim(strip_tags($_POST['author'])) : null; $comment_author_email = isset($_POST['email']) ? trim($_POST['email']) : null; $comment_author_url = isset($_POST['url']) ? trim($_POST['url']) : null; $comment_content = isset($_POST['comment']) ? trim($_POST['comment']) : null; $user = wp_get_current_user(); if ($user->exists()) { if (empty($user->display_name)) { $user->display_name = $user->user_login; } $comment_author = esc_sql($user->display_name); $comment_author_email = esc_sql($user->user_email); $comment_author_url = esc_sql($user->user_url); $user_ID = esc_sql($user->ID); if (current_user_can('unfiltered_html')) { if (wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment']) { kses_remove_filters(); kses_init_filters(); } } } else { if (get_option('comment_registration') || 'private' == $status) { ajax_comment_err('Sorry, you must be logged in to post a comment.'); } } $comment_type = ''; if (get_option('require_name_email') && !$user->exists()) { if (6 > strlen($comment_author_email) || '' == $comment_author) { ajax_comment_err('Error: please fill the required fields (name, email).'); } elseif (!is_email($comment_author_email)) { ajax_comment_err('Error: please enter a valid email address.'); } } if ('' == $comment_content) { ajax_comment_err('Error: please type a comment.'); } $dupe = "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = '{$comment_post_ID}' AND ( comment_author = '{$comment_author}' "; if ($comment_author_email) { $dupe .= "OR comment_author_email = '{$comment_author_email}' "; } $dupe .= ") AND comment_content = '{$comment_content}' LIMIT 1"; if ($wpdb->get_var($dupe)) { ajax_comment_err('Duplicate comment detected; it looks as though you’ve already said that!'); } if ($lasttime = $wpdb->get_var($wpdb->prepare("SELECT comment_date_gmt FROM {$wpdb->comments} WHERE comment_author = %s ORDER BY comment_date DESC LIMIT 1", $comment_author))) { $time_lastcomment = mysql2date('U', $lasttime, false); $time_newcomment = mysql2date('U', current_time('mysql', 1), false); $flood_die = apply_filters('comment_flood_filter', false, $time_lastcomment, $time_newcomment); if ($flood_die) { ajax_comment_err('You are posting comments too quickly. Slow down.'); } } $comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_parent']) : 0; $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID'); $comment_id = wp_new_comment($commentdata); $comment = get_comment($comment_id); do_action('set_comment_cookies', $comment, $user); $comment_depth = 1; $tmp_c = $comment; while ($tmp_c->comment_parent != 0) { $comment_depth++; $tmp_c = get_comment($tmp_c->comment_parent); } $GLOBALS['comment'] = $comment; //这里修改成你的评论结构 ?> <li <?php comment_class(); ?> id="li-comment-<?php comment_ID(); ?> " itemtype="http://schema.org/Comment" itemscope itemprop="comment"> <div class="comment-holder"> <div class="pull-left"> <?php if ($comment->comment_parent > 0) { echo get_avatar($comment->comment_author_email, 36); } else { echo get_avatar($comment->comment_author_email, 64); } ?> </div> <div id="comment-<?php comment_ID(); ?> " class="comment-body"> <?php if ($comment->comment_parent > 0) { ?> <div class="comment-meta small"> <strong><span itemprop="author"><?php echo get_comment_author_link(); ?> </span></strong> <span><?php printf(__('%1$s %2$s'), get_comment_date(), get_comment_time()); ?> </span> <span class="country-flag"><?php if (function_exists("get_useragent")) { get_useragent($comment->comment_agent); } ?> </span> </div> <?php } else { ?> <h4 class="media-heading"> <span itemprop="author"><?php echo get_comment_author_link(); ?> </span> </h4> <div class="comment-meta small"> <span><?php printf(__('%1$s %2$s'), get_comment_date(), get_comment_time()); ?> </span> <span class="country-flag"><?php if (function_exists("get_useragent")) { get_useragent($comment->comment_agent); } ?> </span> </div> <?php } ?> <div class="comment-main" itemprop="description"> <?php comment_text(); ?> <?php if ($comment->comment_approved == '0') { ?> <em><?php _e('Your comment is awaiting moderation.'); ?> </em> <?php } ?> </div> </div> </div> </li> <?php die; }
function ajax_comment() { global $wpdb; $comment_post_ID = isset($_POST['comment_post_ID']) ? (int) $_POST['comment_post_ID'] : 0; $post = get_post($comment_post_ID); if (empty($post->comment_status)) { do_action('comment_id_not_found', $comment_post_ID); ajax_comment_err(__('Invalid comment status.')); } $status = get_post_status($post); $status_obj = get_post_status_object($status); if (!comments_open($comment_post_ID)) { do_action('comment_closed', $comment_post_ID); ajax_comment_err(__('Sorry, comments are closed for this item.')); } elseif ('trash' == $status) { do_action('comment_on_trash', $comment_post_ID); ajax_comment_err(__('Invalid comment status.')); } elseif (!$status_obj->public && !$status_obj->private) { do_action('comment_on_draft', $comment_post_ID); ajax_comment_err(__('Invalid comment status.')); } elseif (post_password_required($comment_post_ID)) { do_action('comment_on_password_protected', $comment_post_ID); ajax_comment_err(__('Password Protected')); } else { do_action('pre_comment_on_post', $comment_post_ID); } $comment_author = isset($_POST['author']) ? trim(strip_tags($_POST['author'])) : null; $comment_author_email = isset($_POST['email']) ? trim($_POST['email']) : null; $comment_author_url = isset($_POST['url']) ? trim($_POST['url']) : null; $comment_content = isset($_POST['comment']) ? trim($_POST['comment']) : null; $user = wp_get_current_user(); if ($user->exists()) { if (empty($user->display_name)) { $user->display_name = $user->user_login; } $comment_author = $wpdb->escape($user->display_name); $comment_author_email = $wpdb->escape($user->user_email); $comment_author_url = $wpdb->escape($user->user_url); $user_ID = $wpdb->escape($user->ID); if (current_user_can('unfiltered_html')) { if (wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment']) { kses_remove_filters(); kses_init_filters(); } } } else { if (get_option('comment_registration') || 'private' == $status) { ajax_comment_err('对不起,您必须登录后才能进行评论'); } } $comment_type = ''; if (get_option('require_name_email') && !$user->exists()) { if (6 > strlen($comment_author_email) || '' == $comment_author) { ajax_comment_err('错误: 请填写如下信息 (姓名, 电子邮件)'); } elseif (!is_email($comment_author_email)) { ajax_comment_err('错误: 请输入正确的邮件地址'); } } if ('' == $comment_content) { ajax_comment_err('请输入回复内容'); } $dupe = "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = '{$comment_post_ID}' AND ( comment_author = '{$comment_author}' "; if ($comment_author_email) { $dupe .= "OR comment_author_email = '{$comment_author_email}' "; } $dupe .= ") AND comment_content = '{$comment_content}' LIMIT 1"; if ($wpdb->get_var($dupe)) { ajax_comment_err('重复回复,貌似您已经回复过该信息'); } if ($lasttime = $wpdb->get_var($wpdb->prepare("SELECT comment_date_gmt FROM {$wpdb->comments} WHERE comment_author = %s ORDER BY comment_date DESC LIMIT 1", $comment_author))) { $time_lastcomment = mysql2date('U', $lasttime, false); $time_newcomment = mysql2date('U', current_time('mysql', 1), false); $flood_die = apply_filters('comment_flood_filter', false, $time_lastcomment, $time_newcomment); if ($flood_die) { ajax_comment_err('您回复速度太快了,请稍后在进行回复'); } } $comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_parent']) : 0; $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID'); $comment_id = wp_new_comment($commentdata); $comment = get_comment($comment_id); do_action('set_comment_cookies', $comment, $user); $comment_depth = 1; $tmp_c = $comment; while ($tmp_c->comment_parent != 0) { $comment_depth++; $tmp_c = get_comment($tmp_c->comment_parent); } $GLOBALS['comment'] = $comment; //your comments here edit start ?> <li class="comments" <?php comment_class(empty($args['has_children']) ? '' : 'parent'); ?> id="li-comment-<?php comment_ID(); ?> "> <div id="comment-<?php comment_ID(); ?> " class="comment-wrap"> <div class="comment-author pull-left"> <?php echo get_avatar($comment, 50); ?> </div> <div class="comment-body"> <h4> <?php printf('<cite class="fn">%1$s %2$s</cite>', get_comment_author_link(), $comment->user_id === $post->post_author ? '<small class="label label-primary">博主</small>' : ''); ?> <span class="comment-date"> 刚刚 </span> </h4> <?php if ($comment->comment_approved == '0') { ?> <p class="comment-awaiting-moderation text-danger"><?php echo "您的评论正在等待审核"; ?> </p> <?php } ?> <?php comment_text(); ?> </div> </div> <?php die; }
function ajax_comment() { global $wpdb; //nocache_headers(); $comment_post_ID = isset($_POST['comment_post_ID']) ? (int) $_POST['comment_post_ID'] : 0; $post = get_post($comment_post_ID); $post_author = $post->post_author; if (empty($post->comment_status)) { do_action('comment_id_not_found', $comment_post_ID); ajax_comment_err('评论的状态无效'); } $status = get_post_status($post); $status_obj = get_post_status_object($status); if (!comments_open($comment_post_ID)) { do_action('comment_closed', $comment_post_ID); ajax_comment_err('抱歉, 此文章已不允许新增评论'); } elseif ('trash' == $status) { do_action('comment_on_trash', $comment_post_ID); ajax_comment_err('评论的状态无效'); } elseif (!$status_obj->public && !$status_obj->private) { do_action('comment_on_draft', $comment_post_ID); ajax_comment_err('评论的状态无效'); } elseif (post_password_required($comment_post_ID)) { do_action('comment_on_password_protected', $comment_post_ID); ajax_comment_err('密码保护中'); } else { do_action('pre_comment_on_post', $comment_post_ID); } $comment_author = isset($_POST['author']) ? trim(strip_tags($_POST['author'])) : null; $comment_author_email = isset($_POST['email']) ? trim($_POST['email']) : null; $comment_author_url = isset($_POST['url']) ? trim($_POST['url']) : null; $comment_content = isset($_POST['comment']) ? trim($_POST['comment']) : null; $edit_id = isset($_POST['edit_id']) ? $_POST['edit_id'] : null; // 提取 edit_id $user = wp_get_current_user(); if ($user->exists()) { if (empty($user->display_name)) { $user->display_name = $user->user_login; } $comment_author = $wpdb->escape($user->display_name); $comment_author_email = $wpdb->escape($user->user_email); $comment_author_url = $wpdb->escape($user->user_url); $user_ID = $wpdb->escape($user->ID); if (current_user_can('unfiltered_html')) { if (wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment']) { kses_remove_filters(); kses_init_filters(); } } } else { if (get_option('comment_registration') || 'private' == $status) { ajax_comment_err('抱歉, 在评论前必须登录'); } } $comment_type = ''; if (get_option('require_name_email') && !$user->exists()) { if (6 > strlen($comment_author_email) || '' == $comment_author) { ajax_comment_err('失败, 发表留言不能没有署名~'); } elseif (!is_email($comment_author_email)) { ajax_comment_err('错误: 请输入有效的电子邮箱地址~'); } } if ('' == $comment_content) { ajax_comment_err('失败, 还没有开始写任何评论呢~'); } $dupe = "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = '{$comment_post_ID}' AND ( comment_author = '{$comment_author}' "; if ($comment_author_email) { $dupe .= "OR comment_author_email = '{$comment_author_email}' "; } $dupe .= ") AND comment_content = '{$comment_content}' LIMIT 1"; if ($wpdb->get_var($dupe)) { ajax_comment_err('检测到重复的评论, 似乎你已经这样评论过了'); } if ($lasttime = $wpdb->get_var($wpdb->prepare("SELECT comment_date_gmt FROM {$wpdb->comments} WHERE comment_author = %s ORDER BY comment_date DESC LIMIT 1", $comment_author))) { $time_lastcomment = mysql2date('U', $lasttime, false); $time_newcomment = mysql2date('U', current_time('mysql', 1), false); $flood_die = apply_filters('comment_flood_filter', false, $time_lastcomment, $time_newcomment); if ($flood_die) { ajax_comment_err('你发表评论太快了, 慢点儿吧~'); } } $comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_parent']) : 0; $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID'); if ($edit_id) { $comment_id = $commentdata['comment_ID'] = $edit_id; if (ihacklog_user_can_edit_comment($commentdata, $comment_id)) { wp_update_comment($commentdata); } else { ajax_comment_err('Cheatin’ uh?'); } } else { $comment_id = wp_new_comment($commentdata); } $comment = get_comment($comment_id); do_action('set_comment_cookies', $comment, $user); $comment_depth = 1; $tmp_c = $comment; while ($tmp_c->comment_parent != 0) { $comment_depth++; $tmp_c = get_comment($tmp_c->comment_parent); } $GLOBALS['comment'] = $comment; ?> <li <?php comment_class(); ?> id="li-comment-<?php comment_ID(); ?> "> <article id="comment-<?php comment_ID(); ?> " class="comment-body"> <div class="comment-meta clearfix"> <div class="comment-author vcard"> <?php if (dopt('d_defaultavatar_b')) { echo get_avatar($comment, '40'); } else { echo get_random_avatar($comment, '40'); } ?> </div> <div class="comment-metadata"> <b class="fn"><?php printf(__('%s'), get_comment_author_link()); ?> </b> <time datetime="<?php echo time_ago(); ?> "><?php echo time_ago(); ?> </time> </div> </div> <?php if ('0' == $comment->comment_approved) { ?> <p class="comment-awaiting-moderation">您的评论已提交, 正在排队等待审核.</p> <?php } ?> <div class="comment-content"> <?php comment_text(); ?> </div> </article> <?php die; }
function ajax_comment_callback() { global $wpdb; $comment_post_ID = isset($_POST['comment_post_ID']) ? (int) $_POST['comment_post_ID'] : 0; $post = get_post($comment_post_ID); $post_author = $post->post_author; if (empty($post->comment_status)) { do_action('comment_id_not_found', $comment_post_ID); ajax_comment_err('异常操作.'); } $status = get_post_status($post); $status_obj = get_post_status_object($status); if (!comments_open($comment_post_ID)) { do_action('comment_closed', $comment_post_ID); ajax_comment_err('对不起,评论已经关闭'); } elseif ('trash' == $status) { do_action('comment_on_trash', $comment_post_ID); ajax_comment_err('对此条评论的回复功能暂不可用.'); } elseif (!$status_obj->public && !$status_obj->private) { do_action('comment_on_draft', $comment_post_ID); ajax_comment_err('对此条评论的回复功能暂不可用..'); } elseif (post_password_required($comment_post_ID)) { do_action('comment_on_password_protected', $comment_post_ID); ajax_comment_err('文章受到密码保护'); } else { do_action('pre_comment_on_post', $comment_post_ID); } $comment_author = isset($_POST['author']) ? trim(strip_tags($_POST['author'])) : null; $comment_author_email = isset($_POST['email']) ? trim($_POST['email']) : null; $comment_author_url = isset($_POST['url']) ? trim($_POST['url']) : null; $comment_content = isset($_POST['comment']) ? trim($_POST['comment']) : null; $user = wp_get_current_user(); if ($user->exists()) { if (empty($user->display_name)) { $user->display_name = $user->user_login; } $comment_author = esc_sql($user->display_name); $comment_author_email = esc_sql($user->user_email); $comment_author_url = esc_sql($user->user_url); $user_ID = esc_sql($user->ID); if (current_user_can('unfiltered_html')) { if (wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment']) { kses_remove_filters(); kses_init_filters(); } } } else { if (get_option('comment_registration') || 'private' == $status) { ajax_comment_err('错误:你必须登陆以添加评论.'); } } $comment_type = ''; if (get_option('require_name_email') && !$user->exists()) { if (6 > strlen($comment_author_email) || '' == $comment_author) { ajax_comment_err('错误:至少需要填写有效的名字与邮箱地址.'); } elseif (!is_email($comment_author_email)) { ajax_comment_err('错误:邮箱地址无效.'); } } if ('' == $comment_content) { ajax_comment_err('错误:忘写评论内容了?'); } $dupe = "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = '{$comment_post_ID}' AND ( comment_author = '{$comment_author}' "; if ($comment_author_email) { $dupe .= "OR comment_author_email = '{$comment_author_email}' "; } $dupe .= ") AND comment_content = '{$comment_content}' LIMIT 1"; if ($wpdb->get_var($dupe)) { ajax_comment_err('错误:检测到重复评论,说明您已经递交过相同内容.'); } if ($lasttime = $wpdb->get_var($wpdb->prepare("SELECT comment_date_gmt FROM {$wpdb->comments} WHERE comment_author = %s ORDER BY comment_date DESC LIMIT 1", $comment_author))) { $time_lastcomment = mysql2date('U', $lasttime, false); $time_newcomment = mysql2date('U', current_time('mysql', 1), false); $flood_die = apply_filters('comment_flood_filter', false, $time_lastcomment, $time_newcomment); if ($flood_die) { ajax_comment_err('错误:评论递交频率太快.'); } } $comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_parent']) : 0; $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID'); $comment_id = wp_new_comment($commentdata); $comment = get_comment($comment_id); do_action('set_comment_cookies', $comment, $user); $comment_depth = 1; $tmp_c = $comment; while ($tmp_c->comment_parent != 0) { $comment_depth++; $tmp_c = get_comment($tmp_c->comment_parent); } $GLOBALS['comment'] = $comment; //这里修改成你的评论结构 ?> <li <?php comment_class(); ?> > <article class="comment-body clear"> <footer class="comment-meta"> <div class="comment-author vcard"> <?php echo get_avatar($comment, $size = '48'); ?> </div> <div class="comment-metadata"> <b class="fn"> <?php echo get_comment_author_link(); ?> </b> <span class="attime">在 </span><time class="comment-time" datetime="<?php echo get_comment_date('Y-M-d G:i'); ?> "><?php echo get_comment_date('Y-M-d G:i'); ?> </time><span class="says"> 说:</span> </div> </footer> <div class="comment-content"> <?php comment_text(); ?> </div> <br/> </article> </li> <?php die; }
function ajax_comment() { global $wpdb; //nocache_headers(); $comment_post_ID = isset($_POST['comment_post_ID']) ? (int) $_POST['comment_post_ID'] : 0; $post = get_post($comment_post_ID); $post_author = $post->post_author; if (empty($post->comment_status)) { do_action('comment_id_not_found', $comment_post_ID); ajax_comment_err('Invalid comment status.'); } $status = get_post_status($post); $status_obj = get_post_status_object($status); if (!comments_open($comment_post_ID)) { do_action('comment_closed', $comment_post_ID); ajax_comment_err('Sorry, comments are closed for this item.'); } elseif ('trash' == $status) { do_action('comment_on_trash', $comment_post_ID); ajax_comment_err('Invalid comment status.'); } elseif (!$status_obj->public && !$status_obj->private) { do_action('comment_on_draft', $comment_post_ID); ajax_comment_err('Invalid comment status.'); } elseif (post_password_required($comment_post_ID)) { do_action('comment_on_password_protected', $comment_post_ID); ajax_comment_err('Password Protected'); } else { do_action('pre_comment_on_post', $comment_post_ID); } $comment_author = isset($_POST['author']) ? trim(strip_tags($_POST['author'])) : null; $comment_author_email = isset($_POST['email']) ? trim($_POST['email']) : null; $comment_author_url = isset($_POST['url']) ? trim($_POST['url']) : null; $comment_content = isset($_POST['comment']) ? trim($_POST['comment']) : null; $edit_id = isset($_POST['edit_id']) ? $_POST['edit_id'] : null; // 提取 edit_id $user = wp_get_current_user(); if ($user->exists()) { if (empty($user->display_name)) { $user->display_name = $user->user_login; } $comment_author = $wpdb->escape($user->display_name); $comment_author_email = $wpdb->escape($user->user_email); $comment_author_url = $wpdb->escape($user->user_url); $user_ID = $wpdb->escape($user->ID); if (current_user_can('unfiltered_html')) { if (wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment']) { kses_remove_filters(); kses_init_filters(); } } } else { if (get_option('comment_registration') || 'private' == $status) { ajax_comment_err('哈哈哈~你必须登陆后才可以留言的说.'); } } $comment_type = ''; if (get_option('require_name_email') && !$user->exists()) { if (6 > strlen($comment_author_email) || '' == $comment_author) { ajax_comment_err('哈哈~~你必须输入昵称和邮箱才可以留言'); } elseif (!is_email($comment_author_email)) { ajax_comment_err('鄙视你!你居然连邮箱地址都输不正确~'); } } if ('' == $comment_content) { ajax_comment_err('出错啦~~难道你就没有话想说嘛~'); } $dupe = "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = '{$comment_post_ID}' AND ( comment_author = '{$comment_author}' "; if ($comment_author_email) { $dupe .= "OR comment_author_email = '{$comment_author_email}' "; } $dupe .= ") AND comment_content = '{$comment_content}' LIMIT 1"; if ($wpdb->get_var($dupe)) { ajax_comment_err('貌似,大概,好像你说过这句话了~'); } if ($lasttime = $wpdb->get_var($wpdb->prepare("SELECT comment_date_gmt FROM {$wpdb->comments} WHERE comment_author = %s ORDER BY comment_date DESC LIMIT 1", $comment_author))) { $time_lastcomment = mysql2date('U', $lasttime, false); $time_newcomment = mysql2date('U', current_time('mysql', 1), false); $flood_die = apply_filters('comment_flood_filter', false, $time_lastcomment, $time_newcomment); if ($flood_die) { ajax_comment_err('你说的太快了,不着急,慢慢说~'); } } $comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_parent']) : 0; $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID'); if ($edit_id) { $comment_id = $commentdata['comment_ID'] = $edit_id; if (ihacklog_user_can_edit_comment($commentdata, $comment_id)) { wp_update_comment($commentdata); } else { ajax_comment_err('Cheatin’ uh? '); } } else { $comment_id = wp_new_comment($commentdata); } $comment = get_comment($comment_id); do_action('set_comment_cookies', $comment, $user); $comment_depth = 1; $tmp_c = $comment; while ($tmp_c->comment_parent != 0) { $comment_depth++; $tmp_c = get_comment($tmp_c->comment_parent); } $GLOBALS['comment'] = $comment; ?> <li <?php comment_class(); ?> > <div class="comment-lists <?php if ($depth >= '2') { echo 'left30'; } ?> " id="comment-<?php comment_ID(); ?> "> <section class="y_avatar"> <?php echo get_avatar(get_comment_author_email(), '48'); ?> </section> <section class="comment_con"> <div class="comment_info"> <cite class="vcard"><strong><a class="linkforavater <?php if (checkadmin()) { echo "admin"; } ?> " href="<?php if (get_comment_author_url()) { echo esc_url(home_url('/')) . '?home=' . base64_encode(get_comment_author_url()); } else { echo "javascript:;"; } ?> " title=" <?php echo get_comment_author(); ?> " target="_blank" rel="external nofollow" ><?php echo get_comment_author(); ?> </a></strong></cite> <span class="commentinfo"><?php comment_time_ago(); ?> </span> <?php if (!($parent_id = $comment->comment_parent)) { printf('%1$s', ++$commentcount); } ?> </div> <p> <?php if ($comment->comment_parent) { // 如果存在父级评论 $comment_parent_href = htmlspecialchars(get_comment_link($comment->comment_parent)); $comment_parent = get_comment($comment->comment_parent); $_content = '<span class="at">@' . $comment_parent->comment_author . '</span>'; $_content = $_content . get_comment_text(); yefengs_comment_text($_content); } else { comment_text(); } ?> </p> </section> <div class="clearfix"></div> </div> <?php die; }
function ajax_comment() { global $wpdb; $comment_post_ID = isset($_POST['comment_post_ID']) ? (int) $_POST['comment_post_ID'] : 0; $post = get_post($comment_post_ID); if (empty($post->comment_status)) { do_action('comment_id_not_found', $comment_post_ID); ajax_comment_err('回复出错,请刷新后重试'); } $status = get_post_status($post); $status_obj = get_post_status_object($status); if (!comments_open($comment_post_ID)) { do_action('comment_closed', $comment_post_ID); ajax_comment_err('评论已关闭'); } elseif ('trash' == $status) { do_action('comment_on_trash', $comment_post_ID); ajax_comment_err('回复出错,请刷新后重试'); } elseif (!$status_obj->public && !$status_obj->private) { do_action('comment_on_draft', $comment_post_ID); ajax_comment_err('回复出错,请刷新后重试'); } elseif (post_password_required($comment_post_ID)) { do_action('comment_on_password_protected', $comment_post_ID); ajax_comment_err('请输入密码后评论'); } else { do_action('pre_comment_on_post', $comment_post_ID); } $comment_author = isset($_POST['author']) ? trim(strip_tags($_POST['author'])) : null; $comment_author_email = isset($_POST['email']) ? trim($_POST['email']) : null; $comment_author_url = isset($_POST['url']) ? trim($_POST['url']) : null; $comment_content = isset($_POST['comment']) ? trim($_POST['comment']) : null; $user = wp_get_current_user(); if ($user->exists()) { if (empty($user->display_name)) { $user->display_name = $user->user_login; } $comment_author = $wpdb->escape($user->display_name); $comment_author_email = $wpdb->escape($user->user_email); $comment_author_url = $wpdb->escape($user->user_url); $user_ID = $wpdb->escape($user->ID); if (current_user_can('unfiltered_html')) { if (wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment']) { kses_remove_filters(); kses_init_filters(); } } } else { if (get_option('comment_registration') || 'private' == $status) { ajax_comment_err('请登录后评论'); } } $comment_type = ''; if (get_option('require_name_email') && !$user->exists()) { if (6 > strlen($comment_author_email) || '' == $comment_author) { ajax_comment_err('请填写昵称和邮箱,亲'); } elseif (!is_email($comment_author_email)) { ajax_comment_err('邮箱格式不对,请检查'); } } if ('' == $comment_content) { ajax_comment_err('别闹,评论内容还没填呢'); } $dupe = "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = '{$comment_post_ID}' AND ( comment_author = '{$comment_author}' "; if ($comment_author_email) { $dupe .= "OR comment_author_email = '{$comment_author_email}' "; } $dupe .= ") AND comment_content = '{$comment_content}' LIMIT 1"; if ($wpdb->get_var($dupe)) { ajax_comment_err('仔细看看,这条评论是不是已经发表过了?'); } if ($lasttime = $wpdb->get_var($wpdb->prepare("SELECT comment_date_gmt FROM {$wpdb->comments} WHERE comment_author = %s ORDER BY comment_date DESC LIMIT 1", $comment_author))) { $time_lastcomment = mysql2date('U', $lasttime, false); $time_newcomment = mysql2date('U', current_time('mysql', 1), false); $flood_die = apply_filters('comment_flood_filter', false, $time_lastcomment, $time_newcomment); if ($flood_die) { ajax_comment_err('评论太快了,喝杯茶再来试试吧'); } } $comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_parent']) : 0; $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID'); $comment_id = wp_new_comment($commentdata); $comment = get_comment($comment_id); do_action('set_comment_cookies', $comment, $user); $comment_depth = 1; $tmp_c = $comment; while ($tmp_c->comment_parent != 0) { $comment_depth++; $tmp_c = get_comment($tmp_c->comment_parent); } $GLOBALS['comment'] = $comment; ?> <li <?php comment_class(); ?> id="li-comment-<?php comment_ID(); ?> "> <div class="commentBody" id="comment-<?php comment_ID(); ?> "> <div class="commentDetails"> <section class="commentMeta"> <div class="commentMetaTop clearfix"> <?php echo get_avatar($comment, $size = '40'); ?> <span class="name"><?php echo get_comment_author_link(); ?> </span><br> <span class="date">刚刚</span> </div> <?php if ($comment->comment_approved == '0') { ?> <p class="alert-box warning">博主批准前不会显示您的评论,请耐心等待</p> <?php } ?> <section class="commentContent"> <?php comment_text(); ?> </section> </section> </div> </div> <?php die; }
function ajax_comment() { global $wpdb; $comment_post_ID = isset($_POST['comment_post_ID']) ? (int) $_POST['comment_post_ID'] : 0; $post = get_post($comment_post_ID); if (empty($post->comment_status)) { do_action('comment_id_not_found', $comment_post_ID); ajax_comment_err(__('Invalid comment status.')); } $status = get_post_status($post); $status_obj = get_post_status_object($status); if (!comments_open($comment_post_ID)) { do_action('comment_closed', $comment_post_ID); ajax_comment_err(__('Sorry, comments are closed for this item.')); } elseif ('trash' == $status) { do_action('comment_on_trash', $comment_post_ID); ajax_comment_err(__('Invalid comment status.')); } elseif (!$status_obj->public && !$status_obj->private) { do_action('comment_on_draft', $comment_post_ID); ajax_comment_err(__('Invalid comment status.')); } elseif (post_password_required($comment_post_ID)) { do_action('comment_on_password_protected', $comment_post_ID); ajax_comment_err(__('Password Protected')); } else { do_action('pre_comment_on_post', $comment_post_ID); } $comment_author = isset($_POST['author']) ? trim(strip_tags($_POST['author'])) : null; $comment_author_email = isset($_POST['email']) ? trim($_POST['email']) : null; $comment_author_url = isset($_POST['url']) ? trim($_POST['url']) : null; $comment_content = isset($_POST['comment']) ? trim($_POST['comment']) : null; $user = wp_get_current_user(); if ($user->exists()) { if (empty($user->display_name)) { $user->display_name = $user->user_login; } $comment_author = $wpdb->escape($user->display_name); $comment_author_email = $wpdb->escape($user->user_email); $comment_author_url = $wpdb->escape($user->user_url); $user_ID = $wpdb->escape($user->ID); if (current_user_can('unfiltered_html')) { if (wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment']) { kses_remove_filters(); kses_init_filters(); } } } else { if (get_option('comment_registration') || 'private' == $status) { ajax_comment_err(__('Sorry, you must be logged in to post a comment.')); } } $comment_type = ''; if (get_option('require_name_email') && !$user->exists()) { if (6 > strlen($comment_author_email) || '' == $comment_author) { ajax_comment_err(__('Error: please fill the required fields (name, email).')); } elseif (!is_email($comment_author_email)) { ajax_comment_err(__('Error: please enter a valid email address.')); } } if ('' == $comment_content) { ajax_comment_err(__('Error: please type a comment.')); } $dupe = "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = '{$comment_post_ID}' AND ( comment_author = '{$comment_author}' "; if ($comment_author_email) { $dupe .= "OR comment_author_email = '{$comment_author_email}' "; } $dupe .= ") AND comment_content = '{$comment_content}' LIMIT 1"; if ($wpdb->get_var($dupe)) { ajax_comment_err(__('Duplicate comment detected; it looks as though you’ve already said that!')); } if ($lasttime = $wpdb->get_var($wpdb->prepare("SELECT comment_date_gmt FROM {$wpdb->comments} WHERE comment_author = %s ORDER BY comment_date DESC LIMIT 1", $comment_author))) { $time_lastcomment = mysql2date('U', $lasttime, false); $time_newcomment = mysql2date('U', current_time('mysql', 1), false); $flood_die = apply_filters('comment_flood_filter', false, $time_lastcomment, $time_newcomment); if ($flood_die) { ajax_comment_err(__('You are posting comments too quickly. Slow down.')); } } $comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_parent']) : 0; $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID'); $comment_id = wp_new_comment($commentdata); $comment = get_comment($comment_id); do_action('set_comment_cookies', $comment, $user); $comment_depth = 1; $tmp_c = $comment; while ($tmp_c->comment_parent != 0) { $comment_depth++; $tmp_c = get_comment($tmp_c->comment_parent); } $GLOBALS['comment'] = $comment; //your comments here edit start ?> <li class="comments" <?php if ($depth > 2) { echo ' style="margin-left:-50px;"'; } ?> id="li-comment-<?php comment_ID(); ?> "> <div id="comment-<?php comment_ID(); ?> " class="comment-wrap"><div class="comment-avatar"><?php echo get_avatar($comment, $size = '45'); ?> </div> <div class="author-comment"><cite class="cmname" id="author-<?php comment_ID(); ?> "><?php printf(__('%s'), get_comment_author_link()); ?> </cite><div class="comment-meta commentmetadata"> <span class="ct">刚刚</span></div></div> <div class="clear"></div> <div class="comment-content"> <?php comment_text(); ?> </div> </div> <?php die; }
function ajax_comment_callback() { global $wpdb; $comment_post_ID = isset($_POST['comment_post_ID']) ? (int) $_POST['comment_post_ID'] : 0; $post = get_post($comment_post_ID); $post_author = $post->post_author; if (empty($post->comment_status)) { do_action('comment_id_not_found', $comment_post_ID); ajax_comment_err('Invalid comment status.'); } $status = get_post_status($post); $status_obj = get_post_status_object($status); if (!comments_open($comment_post_ID)) { do_action('comment_closed', $comment_post_ID); ajax_comment_err('Sorry, comments are closed for this item.'); } elseif ('trash' == $status) { do_action('comment_on_trash', $comment_post_ID); ajax_comment_err('Invalid comment status.'); } elseif (!$status_obj->public && !$status_obj->private) { do_action('comment_on_draft', $comment_post_ID); ajax_comment_err('Invalid comment status.'); } elseif (post_password_required($comment_post_ID)) { do_action('comment_on_password_protected', $comment_post_ID); ajax_comment_err('Password Protected'); } else { do_action('pre_comment_on_post', $comment_post_ID); } $comment_author = isset($_POST['author']) ? trim(strip_tags($_POST['author'])) : null; $comment_author_email = isset($_POST['email']) ? trim($_POST['email']) : null; $comment_author_url = isset($_POST['url']) ? trim($_POST['url']) : null; $comment_content = isset($_POST['comment']) ? trim($_POST['comment']) : null; $user = wp_get_current_user(); if ($user->exists()) { if (empty($user->display_name)) { $user->display_name = $user->user_login; } $comment_author = esc_sql($user->display_name); $comment_author_email = esc_sql($user->user_email); $comment_author_url = esc_sql($user->user_url); $user_ID = esc_sql($user->ID); if (current_user_can('unfiltered_html')) { if (wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment']) { kses_remove_filters(); kses_init_filters(); } } } else { if (get_option('comment_registration') || 'private' == $status) { ajax_comment_err('Sorry, you must be logged in to post a comment.'); } } $comment_type = ''; if (get_option('require_name_email') && !$user->exists()) { if (6 > strlen($comment_author_email) || '' == $comment_author) { ajax_comment_err('Error: please fill the required fields (name, email).'); } elseif (!is_email($comment_author_email)) { ajax_comment_err('Error: please enter a valid email address.'); } } if ('' == $comment_content) { ajax_comment_err('Error: please type a comment.'); } $dupe = "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = '{$comment_post_ID}' AND ( comment_author = '{$comment_author}' "; if ($comment_author_email) { $dupe .= "OR comment_author_email = '{$comment_author_email}' "; } $dupe .= ") AND comment_content = '{$comment_content}' LIMIT 1"; if ($wpdb->get_var($dupe)) { ajax_comment_err('Duplicate comment detected; it looks as though you’ve already said that!'); } if ($lasttime = $wpdb->get_var($wpdb->prepare("SELECT comment_date_gmt FROM {$wpdb->comments} WHERE comment_author = %s ORDER BY comment_date DESC LIMIT 1", $comment_author))) { $time_lastcomment = mysql2date('U', $lasttime, false); $time_newcomment = mysql2date('U', current_time('mysql', 1), false); $flood_die = apply_filters('comment_flood_filter', false, $time_lastcomment, $time_newcomment); if ($flood_die) { ajax_comment_err('You are posting comments too quickly. Slow down.'); } } $comment_parent = isset($_POST['comment_parent']) ? absint($_POST['comment_parent']) : 0; $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID'); $comment_id = wp_new_comment($commentdata); $comment = get_comment($comment_id); do_action('set_comment_cookies', $comment, $user); $comment_depth = 1; $tmp_c = $comment; while ($tmp_c->comment_parent != 0) { $comment_depth++; $tmp_c = get_comment($tmp_c->comment_parent); } $GLOBALS['comment'] = $comment; //这里修改成你的评论结构 if (!$comment->comment_parent) { ?> <li <?php comment_class(); ?> id="li-comment-<?php comment_ID(); ?> "> <article id="comment-<?php comment_ID(); ?> " class="comment-body"> <footer class="comment-meta"> <div class="commenet-author vcard"> <?php echo get_avatar($comment, $size = '44'); ?> <?php printf('<b class="fn">%s</b><span class="says"> 说:</span>', get_comment_author_link()); ?> </div> <div class="comment-metadata"> <a href="<?php echo htmlspecialchars(get_comment_link($comment->comment_ID)); ?> "> <time datetime="<?php comment_time('c'); ?> "><?php comment_date('Y-m-d'); ?> <?php comment_time('H:i'); ?> </time> </a> </div> </footer> <div class="comment-content"> <?php if ($comment->comment_approved == '0') { ?> <p style="color:#C00;">您的评论正在等待审核中。</p> <?php } ?> <?php comment_text(); ?> </div> <div class="reply"> <?php comment_reply_link(array('depth' => $depth, 'max_depth' => $args['max_depth'], 'reply_text' => 'Reply')); ?> </div> </article> <?php } else { ?> <li <?php comment_class(); ?> id="li-comment-<?php comment_ID(); ?> "> <article id="comment-<?php comment_ID(); ?> " class="comment-body comment-children-body"> <footer class="comment-meta"> <div class="commenet-author vcard"> <?php echo get_avatar($comment, $size = '44'); ?> <?php $parent_id = $comment->comment_parent; $comment_parent = get_comment($parent_id); printf('<b class="fn">%s</b>', get_comment_author_link()); ?> 回复 <a href="<?php echo "#comment-" . $parent_id; ?> "><b class="fn"><?php echo $comment_parent->comment_author; ?> </b></a><span class="says">:</span> </div> <div class="comment-metadata"> <a href="<?php echo htmlspecialchars(get_comment_link($comment->comment_ID)); ?> "> <time datetime="<?php comment_time('c'); ?> "><?php comment_date('Y-m-d'); ?> <?php comment_time('H:i'); ?> </time> </a> </div> </footer> <div class="comment-content"> <?php if ($comment->comment_approved == '0') { ?> <p style="color:#C00;">您的评论正在等待审核中。</p> <?php } ?> <?php comment_text(); ?> </div> <div class="reply"> <?php comment_reply_link(array('depth' => $depth, 'max_depth' => $args['max_depth'], 'reply_text' => 'Reply')); ?> </div> </article> <?php } die; }
/** * when comment check the comment_author comment_author_email * @param unknown_type $comment_author * @param unknown_type $comment_author_email * @return unknown_type *防止访客冒充博主发表评论 by Winy */ function CheckEmailAndName() { global $wpdb; $comment_author = isset($_POST['author']) ? trim(strip_tags($_POST['author'])) : null; $comment_author_email = isset($_POST['email']) ? trim($_POST['email']) : null; if (!$comment_author || !$comment_author_email) { return; } $result_set = $wpdb->get_results("SELECT display_name, user_email FROM {$wpdb->users} WHERE display_name = '" . $comment_author . "' OR user_email = '" . $comment_author_email . "'"); if ($result_set) { if ($result_set[0]->display_name == $comment_author) { ajax_comment_err(__('You CANNOT use this name.')); //昵称 } else { ajax_comment_err(__('You CANNOT use this email.')); //邮箱 } fail($errorMessage); } }