function wp_new_comment($commentdata)
{
$commentdata = apply_filters('preprocess_comment', $commentdata);
$commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
$commentdata['user_ID'] = (int) $commentdata['user_ID'];
$commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
$commentdata['comment_agent'] = $_SERVER['HTTP_USER_AGENT'];
$commentdata['comment_date'] = current_time('mysql');
$commentdata['comment_date_gmt'] = current_time('mysql', 1);
$commentdata = wp_filter_comment($commentdata);
$commentdata['comment_approved'] = wp_allow_comment($commentdata);
$comment_ID = wp_insert_comment($commentdata);
do_action('comment_post', $comment_ID, $commentdata['comment_approved']);
if ('spam' !== $commentdata['comment_approved']) {
// If it's spam save it silently for later crunching
if ('0' == $commentdata['comment_approved']) {
wp_notify_moderator($comment_ID);
}
$post =& get_post($commentdata['comment_post_ID']);
// Don't notify if it's your own comment
if (get_settings('comments_notify') && $commentdata['comment_approved'] && $post->post_author != $commentdata['user_ID']) {
wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
}
}
return $comment_ID;
}
function xt_ajax_comment($comment_ID, $comment_status)
{
// If it's an AJAX-submitted comment
if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
if ('spam' !== $comment_status) {
// If it's spam save it silently for later crunching
if ('0' == $comment_status) {
wp_notify_moderator($comment_ID);
}
// wp_notify_postauthor() checks if notifying the author of their own comment.
// By default, it won't, but filters can override this.
if (get_option('comments_notify') && $comment_status) {
wp_notify_postauthor($comment_ID);
}
}
if (!empty($_POST["comment_post_ID"])) {
$post_id = filter_input(INPUT_POST, 'comment_post_ID', FILTER_VALIDATE_INT);
$comments_order = strtoupper(get_option('comment_order'));
$reverse = $comments_order == 'ASC';
$args = array('post_id' => $post_id, 'order' => $comments_order, 'status' => 'approve');
if (get_option('page_comments')) {
$args['number'] = get_option('comments_per_page');
}
$comments = get_comments($args);
$comments_list = wp_list_comments(array('style' => 'ol', 'short_ping' => true, 'avatar_size' => 60, 'callback' => 'xt_comment', 'echo' => false, 'reverse_top_level' => $reverse, 'reverse_children' => $reverse), $comments);
}
// Kill the script, returning the comment HTML
die(json_encode(array('id' => $comment_ID, 'status' => $comment_status, 'list' => $comments_list)));
}
}
/**
* Provide responses to comments.js based on detecting an XMLHttpRequest parameter.
*
* @param $comment_ID ID of new comment.
* @param $comment_status Status of new comment.
*
* @return echo JSON encoded responses with HTML structured comment, success, and status notice.
*/
function milky_way_ajax_comments($comment_ID, $comment_status)
{
if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
// This is an AJAX request. Handle response data.
switch ($comment_status) {
case '0':
// Comment needs moderation; notify comment moderator.
wp_notify_moderator($comment_ID);
$return = array('response' => '', 'success' => 1, 'status' => __('Your comment has been sent for moderation. It should be approved soon!', 'milky-way'));
wp_send_json($return);
break;
case '1':
// Approved comment; generate comment output and notify post author.
$comment = get_comment($comment_ID);
$comment_class = comment_class('milky-way-ajax-comment', $comment_ID, $comment->comment_post_ID, false);
$comment_output = '
<li id="comment-' . $comment->comment_ID . '"' . $comment_class . ' tabindex="-1">
<article id="div-comment-' . $comment->comment_ID . '" class="comment-body">
<footer class="comment-meta">
<div class="comment-author vcard">' . get_avatar($comment->comment_author_email) . '<b class="fn">' . __('You said:', 'milky-way') . '</b> </div>
<div class="comment-meta commentmetadata"><a href="#comment-' . $comment->comment_ID . '">' . get_comment_date('F j, Y \\a\\t g:i a', $comment->comment_ID) . '</a>
</div>
</footer>
<div class="comment-content">' . $comment->comment_content . '</div>
</article>
</li>';
if ($comment->comment_parent == 0) {
$output = $comment_output;
} else {
$output = "<ul class='children'>{$comment_output}</ul>";
}
wp_notify_postauthor($comment_ID);
$return = array('response' => $output, 'success' => 1, 'status' => sprintf(__('Thanks for commenting! Your comment has been approved. <a href="%s">Read your comment</a>', 'milky-way'), "#comment-{$comment_ID}"));
wp_send_json($return);
break;
default:
// The comment status was not a valid value. Only 0 or 1 should be returned by the comment_post action.
$return = array('response' => '', 'success' => 0, 'status' => __('There was an error posting your comment. Try again later!', 'milky-way'));
wp_send_json($return);
}
}
}
function ajaxify_comments($comment_ID, $comment_status)
{
if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
switch ($comment_status) {
case "0":
wp_notify_moderator($comment_ID);
case "1":
//Approved comment
echo "success";
$commentdata =& get_comment($comment_ID, ARRAY_A);
$post =& get_post($commentdata['comment_post_ID']);
wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
break;
default:
echo 0;
}
exit;
}
}
function wpajax_load_comment($comment_ID, $comment_status)
{
if ($GLOBALS['is_ajax']) {
switch ($comment_status) {
case '0':
//notify moderator of unapproved comment
wp_notify_moderator($comment_ID);
break;
case '1':
//Approved comment
single_comment($comment_ID);
wp_notify_postauthor($comment_ID);
break;
default:
// $comment_status was null
echo "error";
}
exit;
// better than wp_die() ?
}
}
/**
* Create new comment.
*
* @param string $content
* @param int $userId
* @param int $threadId
* @param int $answerId (optional)
* @throws Exception
* @return CMA_Comment
*/
public static function create($content, $userId, $threadId, $answerId = null)
{
$user = get_userdata($userId);
if (empty($userId) or empty($user)) {
throw new Exception(CMA::__('Invalid user.'));
}
$thread = CMA_Thread::getInstance($threadId);
if (!$thread or !$thread->isVisible()) {
throw new Exception(CMA::__('You have no permission to post this comment.'));
}
if ($answerId) {
$answer = CMA_Answer::getById($answerId);
if (!$answer or !$answer->isVisible()) {
throw new Exception(CMA::__('You have no permission to post this comment.'));
}
}
$content = str_replace(';)', ':)', strip_tags($content));
if (empty($content)) {
throw new Exception(CMA::__('Content cannot be empty'));
}
if (($badWord = CMA_BadWords::filterIfEnabled($content)) !== false) {
throw new Exception(sprintf(CMA_Labels::getLocalized('msg_content_includes_bad_word'), $badWord));
}
$approved = CMA_Settings::getOption(CMA_Settings::OPTION_COMMENTS_AUTO_APPROVE) || CMA_Thread::isAuthorAutoApproved($userId) ? 1 : 0;
$comment = new self(array('comment_post_ID' => $threadId, 'comment_author' => $user->display_name, 'comment_author_email' => $user->user_email, 'comment_author_IP' => $_SERVER['REMOTE_ADDR'], 'comment_parent' => intval($answerId), 'comment_content' => apply_filters('comment_text', $content), 'comment_approved' => intval($approved), 'comment_date' => current_time('mysql'), 'comment_type' => self::COMMENT_TYPE, 'user_id' => $userId));
do_action('cma_comment_post_before', $comment);
if ($comment->save()) {
do_action('cma_comment_post_after', $comment);
if ($approved) {
$comment->sendNotifications();
} else {
wp_notify_moderator($comment->getId());
}
return $comment;
} else {
throw new Exception(CMA::__('Failed to add comment.'));
}
}
function wdp_ajaxcomments_stop_for_ajax($comment_ID, $comment_status)
{
if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
//If AJAX Request Then
switch ($comment_status) {
case '0':
//notify moderator of unapproved comment
wp_notify_moderator($comment_ID);
case '1':
//Approved comment
echo "success";
$commentdata =& get_comment($comment_ID, ARRAY_A);
$post =& get_post($commentdata['comment_post_ID']);
//Notify post author of comment
if (get_option('comments_notify') && $commentdata['comment_approved'] && $post->post_author != $commentdata['user_ID']) {
wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
}
break;
default:
echo "error";
}
exit;
}
}
/**
* Adds a new comment to the database.
*
* Filters new comment to ensure that the fields are sanitized and valid before
* inserting comment into database. Calls 'comment_post' action with comment ID
* and whether comment is approved by WordPress. Also has 'preprocess_comment'
* filter for processing the comment data before the function handles it.
*
* We use REMOTE_ADDR here directly. If you are behind a proxy, you should ensure
* that it is properly set, such as in wp-config.php, for your environment.
* See {@link http://core.trac.wordpress.org/ticket/9235}
*
* @since 1.5.0
* @uses apply_filters() Calls 'preprocess_comment' hook on $commentdata parameter array before processing
* @uses do_action() Calls 'comment_post' hook on $comment_ID returned from adding the comment and if the comment was approved.
* @uses wp_filter_comment() Used to filter comment before adding comment.
* @uses wp_allow_comment() checks to see if comment is approved.
* @uses wp_insert_comment() Does the actual comment insertion to the database.
*
* @param array $commentdata Contains information on the comment.
* @return int The ID of the comment after adding.
*/
function wp_new_comment($commentdata)
{
$commentdata = apply_filters('preprocess_comment', $commentdata);
$commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
if (isset($commentdata['user_ID'])) {
$commentdata['user_id'] = $commentdata['user_ID'] = (int) $commentdata['user_ID'];
} elseif (isset($commentdata['user_id'])) {
$commentdata['user_id'] = (int) $commentdata['user_id'];
}
$commentdata['comment_parent'] = isset($commentdata['comment_parent']) ? absint($commentdata['comment_parent']) : 0;
$parent_status = 0 < $commentdata['comment_parent'] ? wp_get_comment_status($commentdata['comment_parent']) : '';
$commentdata['comment_parent'] = 'approved' == $parent_status || 'unapproved' == $parent_status ? $commentdata['comment_parent'] : 0;
$commentdata['comment_author_IP'] = preg_replace('/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR']);
$commentdata['comment_agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? substr($_SERVER['HTTP_USER_AGENT'], 0, 254) : '';
$commentdata['comment_date'] = current_time('mysql');
$commentdata['comment_date_gmt'] = current_time('mysql', 1);
$commentdata = wp_filter_comment($commentdata);
$commentdata['comment_approved'] = wp_allow_comment($commentdata);
$comment_ID = wp_insert_comment($commentdata);
do_action('comment_post', $comment_ID, $commentdata['comment_approved']);
if ('spam' !== $commentdata['comment_approved']) {
// If it's spam save it silently for later crunching
if ('0' == $commentdata['comment_approved']) {
wp_notify_moderator($comment_ID);
}
$post = get_post($commentdata['comment_post_ID']);
// Don't notify if it's your own comment
if (get_option('comments_notify') && $commentdata['comment_approved'] && (!isset($commentdata['user_id']) || $post->post_author != $commentdata['user_id'])) {
wp_notify_postauthor($comment_ID, isset($commentdata['comment_type']) ? $commentdata['comment_type'] : '');
}
}
return $comment_ID;
}
/**
* Adds a new comment to the database.
*
* Filters new comment to ensure that the fields are sanitized and valid before
* inserting comment into database. Calls 'comment_post' action with comment ID
* and whether comment is approved by WordPress. Also has 'preprocess_comment'
* filter for processing the comment data before the function handles it.
*
* We use REMOTE_ADDR here directly. If you are behind a proxy, you should ensure
* that it is properly set, such as in wp-config.php, for your environment.
* See {@link https://core.trac.wordpress.org/ticket/9235}
*
* @since 1.5.0
* @since 4.3.0 'comment_agent' and 'comment_author_IP' can be set via `$commentdata`.
*
* @see wp_insert_comment()
*
* @global wpdb $wpdb
*
* @param array $commentdata {
* Comment data.
*
* @type string $comment_author The name of the comment author.
* @type string $comment_author_email The comment author email address.
* @type string $comment_author_url The comment author URL.
* @type string $comment_content The content of the comment.
* @type string $comment_date The date the comment was submitted. Default is the current time.
* @type string $comment_date_gmt The date the comment was submitted in the GMT timezone.
* Default is `$comment_date` in the GMT timezone.
* @type int $comment_parent The ID of this comment's parent, if any. Default 0.
* @type int $comment_post_ID The ID of the post that relates to the comment.
* @type int $user_id The ID of the user who submitted the comment. Default 0.
* @type int $user_ID Kept for backward-compatibility. Use `$user_id` instead.
* @type string $comment_agent Comment author user agent. Default is the value of 'HTTP_USER_AGENT'
* in the `$_SERVER` superglobal sent in the original request.
* @type string $comment_author_IP Comment author IP address in IPv4 format. Default is the value of
* 'REMOTE_ADDR' in the `$_SERVER` superglobal sent in the original request.
* }
* @return int|false The ID of the comment on success, false on failure.
*/
function wp_new_comment($commentdata)
{
global $wpdb;
if (isset($commentdata['user_ID'])) {
$commentdata['user_id'] = $commentdata['user_ID'] = (int) $commentdata['user_ID'];
}
$prefiltered_user_id = isset($commentdata['user_id']) ? (int) $commentdata['user_id'] : 0;
/**
* Filter a comment's data before it is sanitized and inserted into the database.
*
* @since 1.5.0
*
* @param array $commentdata Comment data.
*/
$commentdata = apply_filters('preprocess_comment', $commentdata);
$commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
if (isset($commentdata['user_ID']) && $prefiltered_user_id !== (int) $commentdata['user_ID']) {
$commentdata['user_id'] = $commentdata['user_ID'] = (int) $commentdata['user_ID'];
} elseif (isset($commentdata['user_id'])) {
$commentdata['user_id'] = (int) $commentdata['user_id'];
}
$commentdata['comment_parent'] = isset($commentdata['comment_parent']) ? absint($commentdata['comment_parent']) : 0;
$parent_status = 0 < $commentdata['comment_parent'] ? wp_get_comment_status($commentdata['comment_parent']) : '';
$commentdata['comment_parent'] = 'approved' == $parent_status || 'unapproved' == $parent_status ? $commentdata['comment_parent'] : 0;
if (!isset($commentdata['comment_author_IP'])) {
$commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
}
$commentdata['comment_author_IP'] = preg_replace('/[^0-9a-fA-F:., ]/', '', $commentdata['comment_author_IP']);
if (!isset($commentdata['comment_agent'])) {
$commentdata['comment_agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
}
$commentdata['comment_agent'] = substr($commentdata['comment_agent'], 0, 254);
if (empty($commentdata['comment_date'])) {
$commentdata['comment_date'] = current_time('mysql');
}
if (empty($commentdata['comment_date_gmt'])) {
$commentdata['comment_date_gmt'] = current_time('mysql', 1);
}
$commentdata = wp_filter_comment($commentdata);
$commentdata['comment_approved'] = wp_allow_comment($commentdata);
$comment_ID = wp_insert_comment($commentdata);
if (!$comment_ID) {
$fields = array('comment_author', 'comment_author_email', 'comment_author_url', 'comment_content');
foreach ($fields as $field) {
if (isset($commentdata[$field])) {
$commentdata[$field] = $wpdb->strip_invalid_text_for_column($wpdb->comments, $field, $commentdata[$field]);
}
}
$commentdata = wp_filter_comment($commentdata);
$commentdata['comment_approved'] = wp_allow_comment($commentdata);
$comment_ID = wp_insert_comment($commentdata);
if (!$comment_ID) {
return false;
}
}
/**
* Fires immediately after a comment is inserted into the database.
*
* @since 1.2.0
*
* @param int $comment_ID The comment ID.
* @param int $comment_approved 1 (true) if the comment is approved, 0 (false) if not.
*/
do_action('comment_post', $comment_ID, $commentdata['comment_approved']);
if ('spam' !== $commentdata['comment_approved']) {
// If it's spam save it silently for later crunching
if ('0' == $commentdata['comment_approved']) {
wp_notify_moderator($comment_ID);
}
// wp_notify_postauthor() checks if notifying the author of their own comment.
// By default, it won't, but filters can override this.
if (get_option('comments_notify') && $commentdata['comment_approved']) {
wp_notify_postauthor($comment_ID);
}
}
return $comment_ID;
}
/**
* Send a comment moderation notification to the comment moderator.
*
* @since 4.4.0
*
* @param int $comment_ID ID of the comment.
* @return bool True on success, false on failure.
*/
function wp_new_comment_notify_moderator($comment_ID)
{
$comment = get_comment($comment_ID);
// Only send notifications for pending comments.
if ('0' != $comment->comment_approved) {
return false;
}
return wp_notify_moderator($comment_ID);
}
function ajaxify_comments($comment_ID, $comment_status)
{
if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
//If AJAX Request Then
switch ($comment_status) {
case '0':
//notify moderator of unapproved comment
wp_notify_moderator($comment_ID);
case '1':
//Approved comment
echo "success";
$commentdata =& get_comment($comment_ID, ARRAY_A);
$post =& get_post($commentdata['comment_post_ID']);
//wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
break;
default:
echo "error";
}
exit;
}
}
/**
* Saves the aggregated comments.
*
* @param object $post
* @return void
*/
public function save_aggregated_comments(&$post)
{
if (isset($post->results[$this->_key])) {
global $wpdb;
foreach ($post->results[$this->_key] as $result) {
$commentdata = array('comment_post_ID' => $post->ID, 'comment_author_email' => $wpdb->escape($this->_key . '.' . $result->id . '@example.com'), 'comment_author_IP' => $_SERVER['SERVER_ADDR'], 'comment_agent' => 'Social Aggregator');
if (isset($result->parent)) {
if ($wp_parent = $this->get_comment_from_fb_id($result->parent->id)) {
$commentdata['comment_parent'] = $wp_parent->comment_id;
}
}
if (!isset($result->like)) {
$commentdata = array_merge($commentdata, array('comment_type' => 'social-facebook', 'comment_author' => $wpdb->escape($result->from->name), 'comment_author_url' => $result->from->link, 'comment_content' => $wpdb->escape($result->message), 'comment_date' => date('Y-m-d H:i:s', strtotime($result->created_time) + get_option('gmt_offset') * 3600), 'comment_date_gmt' => gmdate('Y-m-d H:i:s', strtotime($result->created_time))));
} else {
// v2.0+ returns app scoped ids, both app scoped ids and real ids redirect to the profile with
// https://www.facebook.com/{user-id}|{app-scoped-id}
$url = 'https://www.facebook.com/' . $result->id . '/';
$commentdata = array_merge($commentdata, array('comment_type' => 'social-facebook-like', 'comment_author' => $wpdb->escape($result->name), 'comment_author_url' => $url, 'comment_content' => $wpdb->escape('<a href="' . $url . '" target="_blank">' . $result->name . '</a> liked this on Facebook.'), 'comment_date' => current_time('mysql'), 'comment_date_gmt' => current_time('mysql', 1)));
}
$user_id = isset($result->like) ? $result->from_id : $result->from->id;
$commentdata = array_merge($commentdata, array('comment_post_ID' => $post->ID, 'comment_author_email' => $this->_key . '.' . $user_id . '@example.com'));
if (apply_filters('social_approve_likes_and_retweets', false) && isset($result->like)) {
$commentdata['comment_approved'] = 1;
} else {
if (($commentdata = $this->allow_comment($commentdata, $result->id, $post)) === false) {
continue;
}
}
Social::log('Saving #:result_id.', array('result_id' => $result->id));
$comment_id = 0;
try {
Social::Log('Attempting to save commentdata: :commentdata', array('commentdata' => print_r($commentdata, true)));
$comment_id = wp_insert_comment($commentdata);
update_comment_meta($comment_id, 'social_account_id', addslashes_deep($user_id));
update_comment_meta($comment_id, 'social_profile_image_url', addslashes_deep('https://graph.facebook.com/' . $user_id . '/picture'));
update_comment_meta($comment_id, 'social_status_id', addslashes_deep($result->status_id));
update_comment_meta($comment_id, 'social_broadcast_id', addslashes_deep($result->id));
if ($result->reply_to_id) {
update_comment_meta($comment_id, 'social_reply_to_id', addslashes_deep($result->reply_to_id));
}
if (!isset($result->raw)) {
$result = (object) array_merge((array) $result, array('raw' => $result));
}
update_comment_meta($comment_id, 'social_raw_data', addslashes_deep(base64_encode(json_encode($result->raw))));
if ($commentdata['comment_approved'] !== 'spam') {
if ($commentdata['comment_approved'] == '0') {
wp_notify_moderator($comment_id);
}
if (get_option('comments_notify') and $commentdata['comment_approved'] and (!isset($commentdata['user_id']) or $post->post_author != $commentdata['user_id'])) {
wp_notify_postauthor($comment_id, 'comment');
}
}
} catch (Exception $e) {
// Something went wrong, remove the aggregated ID.
if (($key = array_search($result->id, $post->aggregated_ids['facebook'])) !== false) {
unset($post->aggregated_ids['facebook'][$key]);
}
if ((int) $comment_id) {
// Delete the comment in case it wasn't the insert that failed.
wp_delete_comment($comment_id);
}
}
}
}
}
function pingback_ping($m)
{
// original code by Mort
// (http://mort.mine.nu:8080)
global $wpdb;
global $wp_version;
if (!get_settings('use_pingback')) {
return new xmlrpcresp(new xmlrpcval('Sorry, this weblog does not allow you to pingback its posts.'));
}
$title = '';
$pagelinkedfrom = $m->getParam(0);
$pagelinkedfrom = $pagelinkedfrom->scalarval();
$pagelinkedto = $m->getParam(1);
$pagelinkedto = $pagelinkedto->scalarval();
$pagelinkedfrom = addslashes(str_replace('&', '&', $pagelinkedfrom));
$pagelinkedto = preg_replace('#&([^amp\\;])#is', '&$1', $pagelinkedto);
$messages = array(htmlentities('Pingback from ' . $pagelinkedfrom . ' to ' . $pagelinkedto . ' registered. Keep the web talking! :-)'), htmlentities("We can't find the URL to the post you are trying to " . "link to in your entry. Please check how you wrote the post's permalink in your entry."), htmlentities("We can't find the post you are trying to link to." . " Please check the post's permalink."));
$message = $messages[0];
// Check if the page linked to is in our site
$pos1 = strpos($pagelinkedto, str_replace('http://', '', str_replace('www.', '', wp_siteurl())));
if ($pos1) {
// let's find which post is linked to
$urltest = parse_url($pagelinkedto);
if ($post_ID = url_to_postid($pagelinkedto)) {
$way = 'url_to_postid()';
} elseif (preg_match('#p/[0-9]{1,}#', $urltest['path'], $match)) {
// the path defines the post_ID (archives/p/XXXX)
$blah = explode('/', $match[0]);
$post_ID = $blah[1];
$way = 'from the path';
} elseif (preg_match('#p=[0-9]{1,}#', $urltest['query'], $match)) {
// the querystring defines the post_ID (?p=XXXX)
$blah = explode('=', $match[0]);
$post_ID = $blah[1];
$way = 'from the querystring';
} elseif (isset($urltest['fragment'])) {
// an #anchor is there, it's either...
if (intval($urltest['fragment'])) {
// ...an integer #XXXX (simpliest case)
$post_ID = $urltest['fragment'];
$way = 'from the fragment (numeric)';
} elseif (preg_match('/post-[0-9]+/', $urltest['fragment'])) {
// ...a post id in the form 'post-###'
$post_ID = preg_replace('/[^0-9]+/', '', $urltest['fragment']);
$way = 'from the fragment (post-###)';
} elseif (is_string($urltest['fragment'])) {
// ...or a string #title, a little more complicated
$title = preg_replace('/[^a-zA-Z0-9]/', '.', $urltest['fragment']);
$sql = "SELECT ID FROM " . wp_table('posts') . " WHERE post_title RLIKE '" . addslashes($title) . "'";
$post_ID = $wpdb->get_var($sql) or die("Query: {$sql}\n\nError: ");
$way = 'from the fragment (title)';
}
} else {
// TODO: Attempt to extract a post ID from the given URL
$post_ID = -1;
$way = 'no match';
}
logIO('O', "(PB) URI='{$pagelinkedto}' ID='{$post_ID}' Found='{$way}'");
$sql = "SELECT post_author FROM " . wp_table('posts') . " WHERE ID = {$post_ID}";
$result = $wpdb->get_results($sql);
if ($wpdb->num_rows) {
// Let's check that the remote site didn't already pingback this entry
$sql = 'SELECT * FROM ' . wp_table('comments') . '
WHERE comment_post_ID = ' . $post_ID . '
AND comment_author_url = \'' . $pagelinkedfrom . '\'
AND comment_content LIKE \'%<pingback />%\'';
$result = $wpdb->get_results($sql);
if ($wpdb->num_rows || 1 == 1) {
// very stupid, but gives time to the 'from' server to publish !
sleep(1);
// Let's check the remote site
require_once XOOPS_ROOT_PATH . '/class/snoopy.php';
$snoopy = new Snoopy();
if ($snoopy->fetch($pagelinkedfrom)) {
$linea = $snoopy->results;
} else {
$linea = '';
}
logIO('O', "(PB) CHARSET='" . $GLOBALS['blog_charset']);
$linea = mb_conv($linea, $GLOBALS['blog_charset'], 'auto');
// Work around bug in strip_tags():
$linea = str_replace('<!DOCTYPE', '<DOCTYPE', $linea);
$linea = strip_tags($linea, '<title><a>');
$linea = strip_all_but_one_link($linea, $pagelinkedto);
// I don't think we need this? -- emc3
if (empty($matchtitle)) {
preg_match('|<title>([^<]*?)</title>|is', $linea, $matchtitle);
}
$pos2 = strpos($linea, $pagelinkedto);
$pos3 = strpos($linea, str_replace('http://www.', 'http://', $pagelinkedto));
logIO('O', "(PB) POS='{$pos2}, {$pos3}'");
if (is_integer($pos2) || is_integer($pos3)) {
//debug_fwrite($log, 'The page really links to us :)'."\n");
$pos4 = is_integer($pos2) ? $pos2 : $pos3;
$start = $pos4 - 50;
if (function_exists('mb_convert_encoding')) {
$tmp1 = mb_strcut($linea, 0, $start, $GLOBALS['blog_charset']);
} else {
$tmp1 = substr($linea, 0, $start);
}
if (preg_match('/<[^>]*?$/', $tmp1, $match)) {
logIO('O', "(PB) MATCH='{$match[0]}");
$offset = strlen($match[0]);
} else {
$offset = 0;
}
if (function_exists('mb_convert_encoding')) {
$context = mb_strcut($linea, $start - $offset, 150 + $offset, $GLOBALS['blog_charset']);
} else {
$context = substr($linea, $star - $offsett, 150 + $offset);
}
$context = str_replace("\n", ' ', $context);
$context = str_replace('&', '&', $context);
logIO('O', "(PB) CONTENT='{$context}");
} else {
logIO('O', "(PB) CONTEXT=The page doesn't link to us, here's an excerpt");
exit;
}
// fclose($fp);
if (!empty($context)) {
// Check if pings are on, inelegant exit
$pingstatus = $wpdb->get_var("SELECT ping_status FROM " . wp_table('posts') . " WHERE ID = {$post_ID}");
if ('closed' == $pingstatus) {
logIO('O', '(PB) Sorry, pings are turned off for this post.');
exit;
}
$pagelinkedfrom = preg_replace('#&([^amp\\;])#is', '&$1', $pagelinkedfrom);
$title = !strlen($matchtitle[1]) ? $pagelinkedfrom : $matchtitle[1];
$context = strip_tags($context);
$context = '<pingback />[...] ' . htmlspecialchars(trim($context)) . ' [...]';
$context = format_to_post($context);
$original_pagelinkedfrom = $pagelinkedfrom;
$pagelinkedfrom = addslashes($pagelinkedfrom);
$original_title = $title;
$title = addslashes(strip_tags(trim($title)));
$now = current_time('mysql', 0);
if (get_settings('comment_moderation') == 'manual') {
$approved = 0;
} else {
if (get_settings('comment_moderation') == 'auto') {
$approved = 0;
} else {
// none
$approved = 1;
}
}
$consulta = $wpdb->query("INSERT INTO " . wp_table('comments') . " \n\t\t\t\t\t\t(comment_post_ID, comment_author, comment_author_url, comment_date, comment_content,comment_approved, comment_type) \n\t\t\t\t\t\tVALUES \n\t\t\t\t\t\t({$post_ID}, '{$title}', '{$pagelinkedfrom}', '{$now}', '{$context}', '{$approved}', 'pingback')\n\t\t\t\t\t\t");
$comment_ID = $wpdb->get_var('SELECT last_insert_id()');
do_action('pingback_post', $comment_ID);
if (get_settings('moderation_notify') && !$approved) {
wp_notify_moderator($comment_ID, 'pingback');
}
if (get_settings('comments_notify') && $approved) {
wp_notify_postauthor($comment_ID, 'pingback');
}
} else {
// URL pattern not found
$message = "Page linked to: {$pagelinkedto}\nPage linked from:" . " {$pagelinkedfrom}\nTitle: {$title}\nContext: {$context}\n\n" . $messages[1];
}
} else {
// We already have a Pingback from this URL
$message = "Sorry, you already did a pingback to {$pagelinkedto} from {$pagelinkedfrom}.";
}
} else {
// Post_ID not found
$message = $messages[2];
//debug_fwrite($log, 'Post doesn\'t exist'."\n");
}
}
return new xmlrpcresp(new xmlrpcval($message));
}
/**
* Send a comment moderation notification to the comment moderator.
*
* @since 4.4.0
*
* @param int $comment_ID ID of the comment.
* @return bool True on success, false on failure.
*/
function wp_new_comment_notify_moderator($comment_ID)
{
$comment = get_comment($comment_ID);
// Only send notifications for pending comments.
$maybe_notify = '0' == $comment->comment_approved;
/** This filter is documented in wp-includes/comment-functions.php */
$maybe_notify = apply_filters('notify_moderator', $maybe_notify, $comment_ID);
if (!$maybe_notify) {
return false;
}
return wp_notify_moderator($comment_ID);
}
function Comments_array($comments, $post_ID)
{
$post = get_post($post_ID);
$user_ID = self::Get_user_ID($post);
update_option(c_al2fb_log_importing, true);
// Integration?
if ($user_ID && !self::Is_excluded($post) && $post->post_type != 'reply' && !get_post_meta($post->ID, c_al2fb_meta_nointegrate, true) && $post->comment_status == 'open') {
// Get time zone offset
$tz_off = get_option('gmt_offset');
if (empty($tz_off)) {
$tz_off = 0;
}
$tz_off = apply_filters('al2fb_gmt_offset', $tz_off);
$tz_off = $tz_off * 3600;
// Get Facebook comments
if (self::Is_recent($post) && get_user_meta($user_ID, c_al2fb_meta_fb_comments, true)) {
$fb_comments = WPAL2Int::Get_comments_or_likes($post, false);
if ($fb_comments && $fb_comments->data) {
// Get WordPress comments
$stored_comments = get_comments('post_id=' . $post->ID);
$stored_comments = array_merge($stored_comments, get_comments('status=spam&post_id=' . $post->ID));
$stored_comments = array_merge($stored_comments, get_comments('status=trash&post_id=' . $post->ID));
$stored_comments = array_merge($stored_comments, get_comments('status=hold&post_id=' . $post->ID));
$deleted_fb_comment_ids = get_post_meta($post->ID, c_al2fb_meta_fb_comment_id, false);
foreach ($fb_comments->data as $fb_comment) {
if (!empty($fb_comment->id)) {
$search_comment_id = end(explode('_', $fb_comment->id));
// Check if stored comment
$stored = false;
if ($stored_comments) {
foreach ($stored_comments as $comment) {
$fb_comment_id = get_comment_meta($comment->comment_ID, c_al2fb_meta_fb_comment_id, true);
if ($search_comment_id == end(explode('_', $fb_comment_id))) {
$stored = true;
break;
}
}
}
// Check if deleted comment
if (!$stored && $deleted_fb_comment_ids) {
foreach ($deleted_fb_comment_ids as $deleted_fb_comment_id) {
if ($search_comment_id == end(explode('_', $deleted_fb_comment_id))) {
$stored = true;
break;
}
}
}
// Create new comment
if (!$stored) {
$name = $fb_comment->from->name . ' ' . __('on Facebook', c_al2fb_text_domain);
if ($post->post_type == 'topic') {
// bbPress
$reply_id = bbp_insert_reply(array('post_parent' => $post_ID, 'post_content' => $fb_comment->message, 'post_status' => 'draft'), array('forum_id' => bbp_get_topic_forum_id($post_ID), 'topic_id' => $post_ID, 'anonymous_name' => $name));
// Add data
add_post_meta($reply_id, c_al2fb_meta_link_id, $fb_comment->id);
add_post_meta($post_ID, c_al2fb_meta_fb_comment_id, $fb_comment->id);
// Publish
$reply = array();
$reply['ID'] = $reply_id;
$reply['post_status'] = 'publish';
wp_update_post($reply);
} else {
$comment_ID = $fb_comment->id;
$commentdata = array('comment_post_ID' => $post_ID, 'comment_author' => $name, 'comment_author_email' => $fb_comment->from->id . '@facebook.com', 'comment_author_url' => WPAL2Int::Get_fb_profilelink($fb_comment->from->id), 'comment_author_IP' => '', 'comment_date' => date('Y-m-d H:i:s', strtotime($fb_comment->created_time) + $tz_off), 'comment_date_gmt' => date('Y-m-d H:i:s', strtotime($fb_comment->created_time)), 'comment_content' => $fb_comment->message, 'comment_karma' => 0, 'comment_approved' => 1, 'comment_agent' => 'AL2FB', 'comment_type' => '', 'comment_parent' => 0, 'user_id' => 0);
// Assign parent comment id
if (!empty($fb_comment->parent->id)) {
$parent_args = array('post_id' => $post_ID, 'meta_query' => array(array('key' => c_al2fb_meta_fb_comment_id, 'value' => $fb_comment->parent->id)));
$parent_comments_query = new WP_Comment_Query();
$parent_comments = $parent_comments_query->query($parent_args);
if (isset($parent_comments) && count($parent_comments) == 1) {
$commentdata['comment_parent'] = $parent_comments[0]->comment_ID;
}
}
$commentdata = apply_filters('al2fb_preprocess_comment', $commentdata, $post);
// Copy Facebook comment to WordPress database
if (get_user_meta($user_ID, c_al2fb_meta_fb_comments_copy, true)) {
// Apply filters
if (get_option(c_al2fb_option_nofilter_comments)) {
$commentdata['comment_approved'] = '1';
} else {
$commentdata = apply_filters('preprocess_comment', $commentdata);
$commentdata = wp_filter_comment($commentdata);
$commentdata['comment_approved'] = wp_allow_comment($commentdata);
}
// Insert comment in database
$comment_ID = wp_insert_comment($commentdata);
add_comment_meta($comment_ID, c_al2fb_meta_fb_comment_id, $fb_comment->id);
do_action('comment_post', $comment_ID, $commentdata['comment_approved']);
// Notify
if ('spam' !== $commentdata['comment_approved']) {
if ('0' == $commentdata['comment_approved']) {
wp_notify_moderator($comment_ID);
}
if (get_option('comments_notify') && $commentdata['comment_approved']) {
wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
}
}
} else {
$commentdata['comment_approved'] = '1';
}
// Add comment to array
if ($commentdata['comment_approved'] == 1) {
$new = new stdClass();
$new->comment_ID = $comment_ID;
$new->comment_post_ID = $commentdata['comment_post_ID'];
$new->comment_author = $commentdata['comment_author'];
$new->comment_author_email = $commentdata['comment_author_email'];
$new->comment_author_url = $commentdata['comment_author_url'];
$new->comment_author_ip = $commentdata['comment_author_IP'];
$new->comment_date = $commentdata['comment_date'];
$new->comment_date_gmt = $commentdata['comment_date_gmt'];
$new->comment_content = stripslashes($commentdata['comment_content']);
$new->comment_karma = $commentdata['comment_karma'];
$new->comment_approved = $commentdata['comment_approved'];
$new->comment_agent = $commentdata['comment_agent'];
$new->comment_type = $commentdata['comment_type'];
$new->comment_parent = $commentdata['comment_parent'];
$new->user_id = $commentdata['user_id'];
$comments[] = $new;
}
}
}
} else {
if ($this->debug) {
add_post_meta($post->ID, c_al2fb_meta_log, date('c') . ' Missing FB comment id: ' . print_r($fb_comment, true));
}
}
}
}
}
// Get likes
if (self::Is_recent($post) && $post->ping_status == 'open' && get_user_meta($user_ID, c_al2fb_meta_fb_likes, true)) {
$fb_likes = WPAL2Int::Get_comments_or_likes($post, true);
if ($fb_likes && $fb_likes->data) {
foreach ($fb_likes->data as $fb_like) {
// Create new virtual comment
$link = WPAL2Int::Get_fb_profilelink($fb_like->id);
$new = new stdClass();
$new->comment_ID = $fb_like->id;
$new->comment_post_ID = $post_ID;
$new->comment_author = $fb_like->name . ' ' . __('on Facebook', c_al2fb_text_domain);
$new->comment_author_email = '';
$new->comment_author_url = $link;
$new->comment_author_ip = '';
$new->comment_date_gmt = date('Y-m-d H:i:s', time());
$new->comment_date = $new->comment_date_gmt;
$new->comment_content = '<em>' . __('Liked this post', c_al2fb_text_domain) . '</em>';
$new->comment_karma = 0;
$new->comment_approved = 1;
$new->comment_agent = 'AL2FB';
$new->comment_type = 'pingback';
$new->comment_parent = 0;
$new->user_id = 0;
$comments[] = $new;
}
}
}
// Sort comments by time
if (!empty($fb_comments) || !empty($fb_likes)) {
usort($comments, array(&$this, 'Comment_compare'));
if (get_option('comment_order') == 'desc') {
array_reverse($comments);
}
}
}
// Comment link type
$link_id = get_post_meta($post->ID, c_al2fb_meta_link_id, true);
$comments_nolink = get_user_meta($user_ID, c_al2fb_meta_fb_comments_nolink, true);
if (empty($comments_nolink)) {
$comments_nolink = 'author';
} else {
if ($comments_nolink == 'on' || empty($link_id)) {
$comments_nolink = 'none';
}
}
if ($comments_nolink == 'none' || $comments_nolink == 'link') {
$link = WPAL2Int::Get_fb_permalink($link_id);
if ($comments) {
foreach ($comments as $comment) {
if ($comment->comment_agent == 'AL2FB') {
if ($comments_nolink == 'none') {
$comment->comment_author_url = '';
} else {
if ($comments_nolink == 'link') {
$comment->comment_author_url = $link;
}
}
}
}
}
}
// Permission to view?
$min_cap = get_option(c_al2fb_option_min_cap_comment);
if ($min_cap && !current_user_can($min_cap)) {
if ($comments) {
for ($i = 0; $i < count($comments); $i++) {
if ($comments[$i]->comment_agent == 'AL2FB') {
unset($comments[$i]);
}
}
}
}
return $comments;
}
function wp_new_comment($commentdata, $spam = false)
{
global $wpdb;
$commentdata = apply_filters('preprocess_comment', $commentdata);
extract($commentdata);
$comment_post_ID = (int) $comment_post_ID;
$user_id = apply_filters('pre_user_id', $user_ID);
$author = apply_filters('pre_comment_author_name', $comment_author);
$email = apply_filters('pre_comment_author_email', $comment_author_email);
$url = apply_filters('pre_comment_author_url', $comment_author_url);
$comment = apply_filters('pre_comment_content', $comment_content);
$comment = apply_filters('post_comment_text', $comment);
// Deprecated
$comment = apply_filters('comment_content_presave', $comment);
// Deprecated
$user_ip = apply_filters('pre_comment_user_ip', $_SERVER['REMOTE_ADDR']);
$user_domain = apply_filters('pre_comment_user_domain', gethostbyaddr($user_ip));
$user_agent = apply_filters('pre_comment_user_agent', $_SERVER['HTTP_USER_AGENT']);
$now = current_time('mysql');
$now_gmt = current_time('mysql', 1);
if ($user_id) {
$userdata = get_userdata($user_id);
$post_author = $wpdb->get_var("SELECT post_author FROM {$wpdb->posts} WHERE ID = '{$comment_post_ID}' LIMIT 1");
}
// Simple duplicate check
$dupe = "SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = '{$comment_post_ID}' AND ( comment_author = '{$author}' ";
if ($email) {
$dupe .= "OR comment_author_email = '{$email}' ";
}
$dupe .= ") AND comment_content = '{$comment}' LIMIT 1";
if ($wpdb->get_var($dupe)) {
die(__('Duplicate comment detected; it looks as though you\'ve already said that!'));
}
// Simple flood-protection
if ($lasttime = $wpdb->get_var("SELECT comment_date_gmt FROM {$wpdb->comments} WHERE comment_author_IP = '{$user_ip}' OR comment_author_email = '{$email}' ORDER BY comment_date DESC LIMIT 1")) {
$time_lastcomment = mysql2date('U', $lasttime);
$time_newcomment = mysql2date('U', $now_gmt);
if ($time_newcomment - $time_lastcomment < 15) {
do_action('comment_flood_trigger', $time_lastcomment, $time_newcomment);
die(__('Sorry, you can only post a new comment once every 15 seconds. Slow down cowboy.'));
}
}
if ($userdata && ($user_id == $post_author || $userdata->user_level >= 9)) {
$approved = 1;
} else {
if (check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $comment_type)) {
$approved = 1;
} else {
$approved = 0;
}
if (wp_blacklist_check($author, $email, $url, $comment, $user_ip, $user_agent)) {
$approved = 'spam';
}
}
$approved = apply_filters('pre_comment_approved', $approved);
$result = $wpdb->query("INSERT INTO {$wpdb->comments}\n\t(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type, user_id)\n\tVALUES\n\t('{$comment_post_ID}', '{$author}', '{$email}', '{$url}', '{$user_ip}', '{$now}', '{$now_gmt}', '{$comment}', '{$approved}', '{$user_agent}', '{$comment_type}', '{$user_id}')\n\t");
$comment_id = $wpdb->insert_id;
do_action('comment_post', $comment_id, $approved);
if ('spam' !== $approved) {
// If it's spam save it silently for later crunching
if ('0' == $approved) {
wp_notify_moderator($comment_id);
}
if (get_settings('comments_notify') && $approved) {
wp_notify_postauthor($comment_id, $comment_type);
}
}
return $result;
}
function ipin_ajaxify_comments($comment_ID, $comment_status)
{
if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
if ('spam' !== $comment_status) {
if ('0' == $comment_status) {
wp_notify_moderator($comment_ID);
} else {
if ('1' == $comment_status) {
//email author
global $wpdb, $user_ID, $user_identity;
$commentdata = get_comment($comment_ID, 'ARRAY_A');
$postdata = get_post($commentdata['comment_post_ID'], 'ARRAY_A');
$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
//add to notification center
if ($user_ID != $postdata['post_author']) {
$wpdb->query($wpdb->prepare("INSERT INTO " . $wpdb->prefix . "ipin_notifications (user_id, notification_date, notification_type, notification_from, notification_post_id)\n\t\t\t\t\t\t\tVALUES (%d, %s, %s, %d, %d)\n\t\t\t\t\t\t\t", $postdata['post_author'], current_time('mysql'), 'comment', $user_ID, $postdata['ID']));
$ipin_user_notifications_count = get_user_meta($postdata['post_author'], 'ipin_user_notifications_count', true);
update_user_meta($postdata['post_author'], 'ipin_user_notifications_count', ++$ipin_user_notifications_count);
}
if (get_user_meta($postdata['post_author'], 'ipin_user_notify_comments', true) != '' && $user_ID != $postdata['post_author']) {
$message = sprintf(__('%s commented on your "%s" pin at %s', 'ipin'), $user_identity, preg_replace('/[\\n\\r]/', ' ', html_entity_decode(sanitize_text_field($postdata['post_title']), ENT_QUOTES, 'UTF-8')), get_permalink($postdata['ID'])) . "\r\n\r\n";
$message .= "-------------------------------------------\r\n";
$message .= sprintf(__('To change your notification settings, visit %s', 'ipin'), home_url('/settings/'));
wp_mail(get_the_author_meta('user_email', $postdata['post_author']), sprintf(__('[%s] Someone commented on your pin', 'ipin'), $blogname), $message);
}
$comment_author_domain = @gethostbyaddr($commentdata['comment_author_IP']);
//email admin
if (get_option('comments_notify') && $user_ID != $postdata['post_author']) {
$admin_message = sprintf(__('New comment on the pin "%s"', 'ipin'), preg_replace('/[\\n\\r]/', ' ', html_entity_decode(sanitize_text_field($postdata['post_title']), ENT_QUOTES, 'UTF-8'))) . "\r\n";
$admin_message .= sprintf(__('Author : %1$s (IP: %2$s , %3$s)', 'ipin'), $commentdata['comment_author'], $commentdata['comment_author_IP'], $comment_author_domain) . "\r\n";
$admin_message .= sprintf(__('E-mail : %s', 'ipin'), $commentdata['comment_author_email']) . "\r\n";
$admin_message .= sprintf(__('URL : %s', 'ipin'), $commentdata['comment_author_url']) . "\r\n";
$admin_message .= sprintf(__('Whois : http://whois.arin.net/rest/ip/%s', 'ipin'), $commentdata['comment_author_IP']) . "\r\n";
$admin_message .= __('Comment:', 'ipin') . " \r\n" . $commentdata['comment_content'] . "\r\n\r\n";
$admin_message .= __('You can see all comments on this pin here:', 'ipin') . " \r\n";
$admin_message .= get_permalink($postdata['ID']) . "#comments\r\n\r\n";
$admin_message .= sprintf(__('Permalink: %s', 'ipin'), get_permalink($postdata['ID']) . '#comment-' . $comment_ID) . "\r\n";
$admin_message .= sprintf(__('Delete it: %s', 'ipin'), admin_url("comment.php?action=delete&c={$comment_ID}")) . "\r\n";
$admin_message .= sprintf(__('Spam it: %s', 'ipin'), admin_url("comment.php?action=spam&c={$comment_ID}")) . "\r\n";
$admin_subject = sprintf(__('[%1$s] Comment: "%2$s"', 'ipin'), $blogname, preg_replace('/[\\n\\r]/', ' ', html_entity_decode(sanitize_text_field($postdata['post_title']), ENT_QUOTES, 'UTF-8')));
wp_mail(get_option('admin_email'), $admin_subject, $admin_message);
}
echo 'success';
}
}
}
exit;
}
}
private function add_comment($comment)
{
if (!is_array($comment)) {
return new WP_Error('invalid-argument', 'This action requires an array of valid comment entries.');
}
if (!isset($comment['comment_post_ID'])) {
$response = array();
$error_count = 0;
foreach ($comment as $id => $data) {
$response[$id] = $this->add_comment($data);
if (is_wp_error($response[$id])) {
$error_count++;
}
}
if (count($comment) == $error_count) {
return new WP_Error('invalid-argument', 'This action requires an array of valid comment entries.');
}
return $response;
}
$required_indexes = array('comment_author_IP', 'comment_content', 'comment_agent');
$comment_defaults = array('comment_approved' => 1, 'comment_karma' => 0, 'comment_parent' => 0, 'comment_type' => '', 'filtered' => false, 'sync_run_preprocess_comment_filter' => true, 'sync_send_comment_notifications' => true);
// Starting here, much of the following code mirrors similar code from wp-comments-post.php and wp-includes/comment.php from WP version 3.9.1.
// Mirroring this code was the only way to reliably provide full comment functionality and flexibility while staying compatible with the WP API.
if (!empty($comment['user_id'])) {
$user = get_user_by('id', $comment['user_id']);
if (!is_object($user) || !is_a($user, 'WP_User') || !$user->exists()) {
return new WP_Error('invalid-user-id', "A user with an ID of {$comment['user_id']} does not exist.");
}
if (empty($user->display_name)) {
$user->display_name = $user->user_login;
}
$comment['comment_author'] = wp_slash($user->display_name);
$comment['comment_author_email'] = wp_slash($user->user_email);
$comment['comment_author_url'] = wp_slash($user->user_url);
kses_remove_filters();
kses_init_filters();
} else {
if (isset($comment['comment_author']) && isset($comment['comment_author_email']) && isset($comment['comment_author_url'])) {
$comment['user_id'] = 0;
} else {
return new WP_Error('missing-required-commenter-data', 'Either user_id or comment_author, comment_author_email, and comment_author_url must be supplied.');
}
}
$comment = array_merge($comment_defaults, $comment);
$run_preprocess_comment_filter = $comment['sync_run_preprocess_comment_filter'];
unset($comment['sync_run_preprocess_comment_filter']);
$send_comment_notifications = $comment['sync_send_comment_notifications'];
unset($comment['sync_send_comment_notifications']);
$missing_indexes = array();
foreach ($required_indexes as $index) {
if (empty($comment[$index])) {
$missing_indexes[] = $index;
}
}
if (!empty($missing_indexes)) {
return new WP_Error('missing-comment-data', 'The following required indexes were missing in the comment data: ' . implode(', ', $missing_indexes));
}
if ($run_preprocess_comment_filter) {
apply_filters('preprocess_comment', $comment);
}
$comment['comment_author_IP'] = preg_replace('/[^0-9a-fA-F:., ]/', '', $comment['comment_author_IP']);
$comment['comment_agent'] = substr($comment['comment_agent'], 0, 254);
$comment['comment_date'] = current_time('mysql');
$comment['comment_date_gmt'] = current_time('mysql', 1);
if (!$comment['filtered']) {
$comment = wp_filter_comment($comment);
}
$id = wp_insert_comment($comment);
if (0 == $id) {
if (!empty($GLOBALS['wpdb']->last_error)) {
$error = $GLOBALS['wpdb']->last_error;
} else {
$error = 'An unknown error prevented the comment from being added to the database.';
}
return new WP_Error('comment-insert-failure', $error);
}
do_action('comment_post', $id, $comment['comment_approved']);
if ($send_comment_notifications && 'spam' !== $comment['comment_approved']) {
if ('0' == $comment['comment_approved']) {
wp_notify_moderator($id);
}
if (get_option('comments_notify') && $comment['comment_approved']) {
wp_notify_postauthor($id);
}
}
$comment['comment_ID'] = $id;
return $comment;
}
public function addCommentToThread($content, $author_id, $notify = false, $resolved = false)
{
$user = get_userdata($author_id);
$content = trim(wp_kses($content, array('a' => array('href' => array(), 'title' => array()), 'em' => array(), 'strong' => array(), 'b' => array(), 'pre' => array())));
if (empty($content)) {
$errors[] = __('Content cannot be empty', 'cm-answers');
}
if (!empty($errors)) {
throw new Exception(serialize($errors));
}
if (self::isAnswerAutoApproved()) {
$approved = 1;
} else {
$approved = 0;
}
$data = array('comment_post_ID' => $this->getId(), 'comment_author' => $user->display_name, 'comment_author_email' => $user->user_email, 'comment_author_IP' => $_SERVER['REMOTE_ADDR'], 'user_id' => $author_id, 'comment_parent' => 0, 'comment_content' => apply_filters('comment_text', $content), 'comment_approved' => $approved, 'comment_date' => current_time('mysql'));
$comment_id = wp_insert_comment($data);
$this->updateThreadMetadata($comment_id, $author_id, $notify, $resolved);
update_comment_meta($comment_id, self::$_commentMeta['rating'], 0);
if ($approved !== 1) {
wp_notify_moderator($comment_id);
}
return $comment_id;
}
public function addAnswer($content, $author_id, $follow = false, $resolved = false, $private = false)
{
$user = get_userdata($author_id);
if (empty($author_id) or empty($user)) {
throw new Exception(CMA::__('Invalid user.'));
}
if (!$this->isVisible()) {
throw new Exception(CMA::__('You have no permission to post this answer.'));
}
$content = self::contentFilter($content, $author_id);
if (empty($content)) {
$errors[] = __('Content cannot be empty', 'cm-answers-pro');
}
if (($badWord = CMA_BadWords::filterIfEnabled($content)) !== false) {
$errors[] = sprintf(CMA_Labels::getLocalized('msg_content_includes_bad_word'), $badWord);
}
if (!empty($errors)) {
throw new Exception(serialize($errors));
}
$approved = CMA_Settings::getOption(CMA_Settings::OPTION_ANSWER_AUTO_APPROVE) || self::isAuthorAutoApproved($author_id) ? 1 : 0;
$answer = new CMA_Answer(array('comment_post_ID' => $this->getId(), 'comment_author' => $user->display_name, 'comment_author_email' => $user->user_email, 'comment_author_IP' => $_SERVER['REMOTE_ADDR'], 'user_id' => $author_id, 'comment_parent' => 0, 'comment_content' => apply_filters('comment_text', str_replace(';)', ':)', $content)), 'comment_approved' => $approved, 'comment_date' => current_time('mysql'), 'comment_type' => CMA_Answer::COMMENT_TYPE));
do_action('cma_answer_post_before', $this, $answer);
$answer->save();
$answerId = $answer->getId();
if (!$answerId) {
throw new Exception('Failed to add answer.');
}
$attachmentsIds = CMA_AnswerAttachment::handleUpload($this->getId());
if (!empty($_POST['attached']) && is_array($_POST['attached'])) {
$attachmentsIds = array_merge($attachmentsIds, $_POST['attached']);
}
foreach ($attachmentsIds as $attachmentId) {
$answer->addAttachment($attachmentId);
}
$answer->setPrivate($private);
if (!$private) {
$this->updateThreadMetadata(array('commentId' => $answerId, 'authorId' => $author_id, 'follow' => $follow, 'resolved' => $resolved, 'approved' => $approved, 'answerId' => $answerId), $notifyUsers = !$private);
if ($approved) {
$this->setUpdated();
}
}
if ($approved) {
self::updateQA($author_id);
$this->notifyAboutNewAnswer($answerId);
} else {
if (!$approved) {
wp_notify_moderator($answerId);
}
}
if (CMA_Settings::getOption(CMA_Settings::OPTION_LOGS_ENABLED)) {
CMA_AnswerPostLog::instance()->log($answerId);
}
do_action('cma_answer_post_after', $this, $answer);
return $answerId;
}
function second_chance()
{
if (!$this->cur_comment) {
return false;
}
$rem_attempts = (int) $this->cur_comment->remaining_attempts;
if ($rem_attempts <= 0) {
echo "<div class=\"sk2_box\">" . __("Too many unlock attempts.", 'sk2') . "</div>";
return false;
}
if (!$this->cur_comment->can_unlock()) {
echo "<div class=\"sk2_box\">" . __("This comment wasn't given a second chance.", 'sk2') . "</div>";
return false;
}
if (!empty($_REQUEST['sk2_second_chance'])) {
$class = $_REQUEST['sk2_second_chance'];
$this_key = 0;
foreach ($this->cur_comment->unlock_keys as $id => $unlock_key) {
$this_key = $unlock_key;
}
if ($this_key && $this_key['expire'] > time() && ($my_plugin = $this->get_plugin($this_key['class'])) && $my_plugin->is_enabled()) {
echo "<div class=\"sk2_box\">";
if ($my_plugin->treat_second_chance($this->cur_comment, $this_key['key'])) {
$this->cur_comment->post_proc = true;
// just making sure we don't run into loops here
// if ($anubis = $this->get_plugin('sk2_anubis_plugin'))
// $anubis->treat_this($this->cur_comment);
$this->treat_comment();
$this->cur_comment->remaining_attempts = 0;
// no more attempts
if ($this->cur_comment->approved == '1') {
echo __("Thank you. Your comment has been approved.", 'sk2');
if (get_settings('comments_notify')) {
wp_notify_postauthor($this->cur_comment->ID, $this->cur_comment->type);
}
//TODO redirect to comment page...
} else {
echo __("Thank you. Your comment will be displayed as soon as it is approved by a moderator.", 'sk2');
wp_notify_moderator($this->cur_comment->ID);
}
} else {
$this->cur_comment->remaining_attempts = --$rem_attempts;
if ($rem_attempts <= 0) {
//if ($anubis = $this->get_plugin('sk2_anubis_plugin'))
// $anubis->treat_this($this->cur_comment);
$this->treat_comment($this->cur_comment);
echo "<span class=\"sk2_fail\">" . __("Too many missed attempts. Your comment's moderation has been confirmed. A log of your comment will be kept and presented to the blog admin upon his next log-on. Please contact him directly via e-mail regarding this problem.", 'sk2') . "</span>";
} else {
echo "<span class=\"sk2_fail\">" . sprintf(__ngettext("Sorry, bad luck on this one, cow-boy, try again. You have %d attempt left.", "Sorry, bad luck on this one, cow-boy, try again. You have %d attempts left.", $rem_attempts, 'sk2'), $rem_attempts) . "</span>";
}
}
$this->set_comment_sk_info();
echo "</div>";
} else {
echo "<div class=\"sk2_box\">" . __("Can't use this unlock method.", 'sk2') . "</div>";
$this->cur_comment->remaining_attempts = 0;
$this->set_comment_sk_info();
return false;
}
} else {
$i = 0;
foreach ($this->cur_comment->unlock_keys as $id => $unlock_key) {
$which_plugin_obj = $this->get_plugin($unlock_key['class']);
$msg = "";
$msg_level = 0;
echo "<div class=\"sk2_box\">";
if (!$which_plugin_obj) {
$msg = "<strong>" . sprintf(__("Cannot find 2nd chance plugin file: %s", 'sk2'), $unlock_key['class']) . "</strong>";
$msg_level = 9;
} elseif (!$which_plugin_obj->is_enabled()) {
$msg = "<strong>" . sprintf(__("2nd chance: %s plugin disabled.", 'sk2'), $which_plugin_obj->name) . "</strong>";
$msg_level = 6;
} elseif ($unlock_key['expire'] < time()) {
$msg = "<strong>" . sprintf(__("%s: unlock key expired.", 'sk2'), $which_plugin_obj->name) . "</strong>";
$msg_level = 6;
} else {
$i++;
echo "<form name=\"sk2_form_" . $unlock_key['class'] . "\" id=\"sk2_form_" . $unlock_key['class'] . "\\ method=\"post\">";
echo "<input type=\"hidden\" name=\"sk2_second_chance\" id=\"sk2_second_chance\" value=\"" . $unlock_key['class'] . "\">";
echo "<input type=\"hidden\" name=\"c_id\" id=\"c_id\" value=\"" . $this->cur_comment->ID . "\">";
echo "<input type=\"hidden\" name=\"c_author\" id=\"c_author\" value=\"" . $this->cur_comment->author_email . "\">";
$which_plugin_obj->display_second_chance($this->cur_comment, $unlock_key['key']);
echo "</form>";
}
if ($msg_level) {
echo $msg;
$this->log_msg($msg, $msg_level);
}
echo "</div>";
}
if ($i <= 0) {
$this->cur_comment->remaining_attempts = 0;
}
}
$this->set_comment_sk_info();
}
/**
* Saves the aggregated comments.
*
* @param object $post
* @param bool $skip_approval
* @return void
*/
public function save_aggregated_comments(&$post, $skip_approval = false)
{
if (isset($post->results[$this->_key])) {
global $wpdb;
foreach ($post->results[$this->_key] as $result) {
if (!isset($result->user->protected) or $result->user->protected == false) {
$account = (object) array('user' => (object) array('id' => $result->from_user_id, 'screen_name' => $result->from_user));
$class = 'Social_Service_' . $this->_key . '_Account';
$account = new $class($account);
$commentdata = array('comment_post_ID' => $post->ID, 'comment_type' => $result->comment_type, 'comment_author' => $wpdb->escape($account->username()), 'comment_author_email' => $wpdb->escape($this->_key . '.' . $account->id() . '@example.com'), 'comment_author_url' => $account->url(), 'comment_content' => $wpdb->escape($result->text), 'comment_date' => date('Y-m-d H:i:s', strtotime($result->created_at) + get_option('gmt_offset') * 3600), 'comment_date_gmt' => gmdate('Y-m-d H:i:s', strtotime($result->created_at)), 'comment_author_IP' => $_SERVER['SERVER_ADDR'], 'comment_agent' => 'Social Aggregator');
if ($skip_approval || apply_filters('social_approve_likes_and_retweets', false) && Social_Twitter::is_retweet(null, $result)) {
$commentdata['comment_approved'] = 1;
} else {
if (($commentdata = $this->allow_comment($commentdata, $result->id, $post)) === false) {
continue;
}
}
// sanity check to make sure this comment is not a duplicate
if ($this->is_duplicate_comment($post, $result->id)) {
Social::log('Result #:result_id already exists, skipping.', array('result_id' => $result->id), 'duplicate-comment');
continue;
}
Social::log('Saving #:result_id for account :account_id.', array('result_id' => $result->id, 'account_id' => $account->id()));
$comment_id = 0;
try {
Social::Log('Attempting to save commentdata: :commentdata', array('commentdata' => print_r($commentdata, true)));
$comment_id = wp_insert_comment($commentdata);
update_comment_meta($comment_id, 'social_account_id', addslashes_deep($result->from_user_id));
update_comment_meta($comment_id, 'social_profile_image_url', addslashes_deep($result->profile_image_url_https));
update_comment_meta($comment_id, 'social_status_id', addslashes_deep($result->id));
// Attempt to see if the comment is in response to an existing Tweet.
if (!isset($result->in_reply_to_status_id)) {
// This "should" only happen on tweets found on the URL search
foreach ($this->accounts() as $account) {
$response = $this->request($account, '1.1/statuses/show/' . $result->id)->body();
if (isset($response->in_reply_to_status_id)) {
if (!empty($response->in_reply_to_status_id)) {
$result->in_reply_to_status_id = $response->in_reply_to_status_id;
}
break;
}
}
}
if (isset($result->in_reply_to_status_id)) {
update_comment_meta($comment_id, 'social_in_reply_to_status_id', addslashes_deep($result->in_reply_to_status_id));
}
if (!isset($result->raw)) {
$result = (object) array_merge((array) $result, array('raw' => $result));
}
update_comment_meta($comment_id, 'social_raw_data', addslashes_deep(base64_encode(json_encode($result->raw))));
if ($commentdata['comment_approved'] !== 'spam') {
if ($commentdata['comment_approved'] == '0') {
wp_notify_moderator($comment_id);
}
if (get_option('comments_notify') and $commentdata['comment_approved'] and (!isset($commentdata['user_id']) or $post->post_author != $commentdata['user_id'])) {
wp_notify_postauthor($comment_id, 'comment');
}
}
} catch (Exception $e) {
// Something went wrong, remove the aggregated ID.
if (($key = array_search($result->id, $post->aggregated_ids['twitter'])) !== false) {
unset($post->aggregated_ids['twitter'][$key]);
}
if ((int) $comment_id) {
// Delete the comment in case it wasn't the insert that failed.
wp_delete_comment($comment_id);
}
}
}
}
}
}
function ajaxify_comments_jaya($comment_ID, $comment_status)
{
if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
//If AJAX Request Then
switch ($comment_status) {
case '0':
//notify moderator of unapproved comment
wp_notify_moderator($comment_ID);
case '1':
//Approved comment
echo "success";
$commentdata =& get_comment($comment_ID, ARRAY_A);
//print_r( $commentdata);
$permaurl = get_permalink($post->ID);
$url = str_replace('http://', '/', $permaurl);
if ($commentdata['comment_parent'] == 0) {
$output = '<li class="comment byuser comment-author-admin bypostauthor odd alt thread-odd thread-alt depth-1" id="comment-' . $commentdata['comment_ID'] . '">
<div id="div-comment-' . $commentdata['comment_ID'] . '" class="comment-body">
<div class="comment-author vcard">' . get_avatar($commentdata['comment_author_email']) . '<cite class="fn">' . $commentdata['comment_author'] . '</cite> <span class="says">says:</span>
</div>
<div class="comment-meta commentmetadata"><a href="http://localhost/WordPress_Code/?p=1#comment-' . $commentdata['comment_ID'] . '">' . get_comment_date('F j, Y \\a\\t g:i a', $commentdata['comment_ID']) . '</a> ';
if (is_user_logged_in()) {
$output .= '<a class="comment-edit-link" href="' . home_url() . '/wp-admin/comment.php?action=editcomment&c=' . $commentdata['comment_ID'] . '">
(Edit)</a>';
}
$output .= '</div>
<p>' . $commentdata['comment_content'] . '</p>
<div class="reply">
<a class="comment-reply-link" href="' . $url . '&replytocom=' . $commentdata['comment_ID'] . '#respond"
onclick="return addComment.moveForm("div-comment-' . $commentdata['comment_ID'] . '", "' . $commentdata['comment_ID'] . '", "respond", "1")">Reply</a>
</div>
</div>
</li>';
echo $output;
} else {
$output = '<ul class="children"> <li class="comment byuser comment-author-admin bypostauthor even depth-2" id="comment-' . $commentdata['comment_ID'] . '">
<div id="div-comment-' . $commentdata['comment_ID'] . '" class="comment-body">
<div class="comment-author vcard">' . get_avatar($commentdata['comment_author_email']) . '<cite class="fn">' . $commentdata['comment_author'] . '</cite> <span class="says">says:</span> </div>
<div class="comment-meta commentmetadata"><a href="http://localhost/WordPress_Code/?p=1#comment-' . $commentdata['comment_ID'] . '">' . get_comment_date('F j, Y \\a\\t g:i a', $commentdata['comment_ID']) . '</a> ';
if (is_user_logged_in()) {
$output .= '<a class="comment-edit-link" href="' . home_url() . '/wp-admin/comment.php?action=editcomment&c=' . $commentdata['comment_ID'] . '">
(Edit)</a>';
}
$output .= '</div>
<p>' . $commentdata['comment_content'] . '</p>
<div class="reply">
<a class="comment-reply-link" href="' . $url . '&replytocom=' . $commentdata['comment_ID'] . '#respond"
onclick="return addComment.moveForm("div-comment-' . $commentdata['comment_ID'] . '", "' . $commentdata['comment_ID'] . '", "respond", "1")">Reply</a>
</div>
</div>
</li></ul>';
echo $output;
}
$post =& get_post($commentdata['comment_post_ID']);
wp_notify_postauthor($comment_ID, $commentdata['comment_type']);
break;
default:
echo "error";
}
exit;
}
}
/**
* Send a comment moderation notification to the comment moderator.
*
* @since 4.4.0
*
* @param int $comment_ID ID of the comment.
* @param int $comment_approved Whether the comment is approved.
*/
function wp_new_comment_notify_moderator($comment_ID, $comment_approved)
{
if ('0' == $comment_approved) {
wp_notify_moderator($comment_ID);
}
}
public static function cron_recheck()
{
global $wpdb;
$api_key = self::get_api_key();
$status = self::verify_key($api_key);
if (get_option('akismet_alert_code') || $status == 'invalid') {
// since there is currently a problem with the key, reschedule a check for 6 hours hence
wp_schedule_single_event(time() + 21600, 'akismet_schedule_cron_recheck');
do_action('akismet_scheduled_recheck', 'key-problem-' . get_option('akismet_alert_code') . '-' . $status);
return false;
}
delete_option('akismet_available_servers');
$comment_errors = $wpdb->get_col("SELECT comment_id FROM {$wpdb->commentmeta} WHERE meta_key = 'akismet_error'\tLIMIT 100");
load_plugin_textdomain('akismet');
foreach ((array) $comment_errors as $comment_id) {
// if the comment no longer exists, or is too old, remove the meta entry from the queue to avoid getting stuck
$comment = get_comment($comment_id);
if (!$comment || strtotime($comment->comment_date_gmt) < strtotime("-15 days")) {
delete_comment_meta($comment_id, 'akismet_error');
delete_comment_meta($comment_id, 'akismet_delayed_moderation_email');
continue;
}
add_comment_meta($comment_id, 'akismet_rechecking', true);
$status = self::check_db_comment($comment_id, 'retry');
$event = '';
if ($status == 'true') {
$event = 'cron-retry-spam';
} elseif ($status == 'false') {
$event = 'cron-retry-ham';
}
// If we got back a legit response then update the comment history
// other wise just bail now and try again later. No point in
// re-trying all the comments once we hit one failure.
if (!empty($event)) {
delete_comment_meta($comment_id, 'akismet_error');
self::update_comment_history($comment_id, '', $event);
update_comment_meta($comment_id, 'akismet_result', $status);
// make sure the comment status is still pending. if it isn't, that means the user has already moved it elsewhere.
$comment = get_comment($comment_id);
if ($comment && 'unapproved' == wp_get_comment_status($comment_id)) {
if ($status == 'true') {
wp_spam_comment($comment_id);
} elseif ($status == 'false') {
// comment is good, but it's still in the pending queue. depending on the moderation settings
// we may need to change it to approved.
if (check_comment($comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent, $comment->comment_type)) {
wp_set_comment_status($comment_id, 1);
} else {
if (get_comment_meta($comment_id, 'akismet_delayed_moderation_email', true)) {
wp_notify_moderator($comment_id);
}
}
}
}
delete_comment_meta($comment_id, 'akismet_delayed_moderation_email');
} else {
// If this comment has been pending moderation for longer than MAX_DELAY_BEFORE_MODERATION_EMAIL,
// send a moderation email now.
if (intval(gmdate('U')) - strtotime($comment->comment_date_gmt) < self::MAX_DELAY_BEFORE_MODERATION_EMAIL) {
delete_comment_meta($comment_id, 'akismet_delayed_moderation_email');
wp_notify_moderator($comment_id);
}
delete_comment_meta($comment_id, 'akismet_rechecking');
wp_schedule_single_event(time() + 1200, 'akismet_schedule_cron_recheck');
do_action('akismet_scheduled_recheck', 'check-db-comment-' . $status);
return;
}
delete_comment_meta($comment_id, 'akismet_rechecking');
}
$remaining = $wpdb->get_var("SELECT COUNT(*) FROM {$wpdb->commentmeta} WHERE meta_key = 'akismet_error'");
if ($remaining && !wp_next_scheduled('akismet_schedule_cron_recheck')) {
wp_schedule_single_event(time() + 1200, 'akismet_schedule_cron_recheck');
do_action('akismet_scheduled_recheck', 'remaining');
}
}
function nxs_postNewComment($cmnt, $aa = false)
{
$cmnt['comment_post_ID'] = (int) $cmnt['comment_post_ID'];
$cmnt['comment_parent'] = isset($cmnt['comment_parent']) ? absint($cmnt['comment_parent']) : 0;
$ae = get_option('admin_email');
//$u = get_user_by( 'email', get_option('admin_email') ); $cmnt['user_id'] = $u->ID; //???
$u = get_user_by('email', $cmnt['comment_author_email']);
if (!empty($u)) {
$cmnt['user_id'] = $u->ID;
} else {
$cmnt['user_id'] = 0;
}
$parent_status = 0 < $cmnt['comment_parent'] ? wp_get_comment_status($cmnt['comment_parent']) : '';
$cmnt['comment_parent'] = 'approved' == $parent_status || 'unapproved' == $parent_status ? $cmnt['comment_parent'] : 0;
$cmnt['comment_author_IP'] = '';
if (empty($cmnt['comment_agent'])) {
$cmnt['comment_agent'] = 'SNAP';
}
$cmnt['comment_date'] = get_date_from_gmt($cmnt['comment_date_gmt']);
$cmnt = wp_filter_comment($cmnt);
if ($aa) {
$cmnt['comment_approved'] = 1;
} else {
$cmnt['comment_approved'] = nxs_wp_allow_comment($cmnt);
}
// echo "INSERT"; prr($cmnt);
if ($cmnt['comment_approved'] != 'spam' && $cmnt['comment_approved'] > 1) {
return $cmnt['comment_approved'];
} else {
$cmntID = wp_insert_comment($cmnt);
}
if (empty($cmntID)) {
nxs_addToLogN('E', 'Error', 'Comments', '-=ERROR=-', print_r($cmnt, true));
return;
}
if ('spam' !== $cmnt['comment_approved']) {
if ('0' == $cmnt['comment_approved']) {
wp_notify_moderator($cmntID);
}
$post =& get_post($cmnt['comment_post_ID']);
if (get_option('comments_notify') && $cmnt['comment_approved'] && (!isset($cmnt['user_id']) || $post->post_author != $cmnt['user_id'])) {
wp_notify_postauthor($cmntID, isset($cmnt['comment_type']) ? $cmnt['comment_type'] : '');
}
global $wpdb, $dsq_api;
if (isset($dsq_api) && is_object($post)) {
$plugins_url = str_replace('social-networks-auto-poster-facebook-twitter-g/', '', plugin_dir_path(__FILE__));
require_once $plugins_url . 'disqus-comment-system/export.php';
if (function_exists('dsq_export_wp')) {
$comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM {$wpdb->comments} WHERE comment_ID = %d", $cmntID));
$wxr = nxs_dsq_export_wp($post, $comments);
$response = $dsq_api->import_wordpress_comments($wxr, time());
}
}
}
return $cmntID;
}
/**
* @ticket 32566
*/
public function test_wp_notify_moderator_should_not_throw_notice_when_post_author_is_0()
{
$p = self::factory()->post->create(array('post_author' => 0));
$c = self::factory()->comment->create(array('comment_post_ID' => $p));
$this->assertTrue(wp_notify_moderator($c));
}
function nxs_postNewComment($cmnt, $aa = false)
{
$cmnt['comment_post_ID'] = (int) $cmnt['comment_post_ID'];
$cmnt['comment_parent'] = isset($cmnt['comment_parent']) ? absint($cmnt['comment_parent']) : 0;
$parent_status = 0 < $cmnt['comment_parent'] ? wp_get_comment_status($cmnt['comment_parent']) : '';
$cmnt['comment_parent'] = 'approved' == $parent_status || 'unapproved' == $parent_status ? $cmnt['comment_parent'] : 0;
$cmnt['comment_author_IP'] = '';
$cmnt['comment_agent'] = 'SNAP';
$cmnt['comment_date'] = get_date_from_gmt($cmnt['comment_date_gmt']);
$cmnt = wp_filter_comment($cmnt);
if ($aa) {
$cmnt['comment_approved'] = 1;
} else {
$cmnt['comment_approved'] = wp_allow_comment($cmnt);
}
$cmntID = wp_insert_comment($cmnt);
if ('spam' !== $cmnt['comment_approved']) {
if ('0' == $cmnt['comment_approved']) {
wp_notify_moderator($cmntID);
}
$post =& get_post($cmnt['comment_post_ID']);
if (get_option('comments_notify') && $cmnt['comment_approved'] && (!isset($cmnt['user_id']) || $post->post_author != $cmnt['user_id'])) {
wp_notify_postauthor($cmntID, isset($cmnt['comment_type']) ? $cmnt['comment_type'] : '');
}
global $wpdb, $dsq_api;
if (isset($dsq_api)) {
$plugins_url = str_replace('social-networks-auto-poster-facebook-twitter-g/', '', plugin_dir_path(__FILE__));
require_once $plugins_url . 'disqus-comment-system/export.php';
if (function_exists('dsq_export_wp')) {
$comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM {$wpdb->comments} WHERE comment_ID = " . $cmntID));
// prr($comments);
$wxr = dsq_export_wp($post, $comments);
$response = $dsq_api->import_wordpress_comments($wxr, time());
// prr($response);
}
}
}
return $cmntID;
}
// $approved should be set according the final approval status
// of the new comment
if ('manual' == $comment_moderation) {
$approved = 0;
} else {
if ('auto' == $comment_moderation) {
$approved = 0;
} else {
// none
$approved = 1;
}
}
$wpdb->query("INSERT INTO {$wpdb->comments[$wp_id]} \n\t(comment_ID, comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_content, comment_approved) \n\tVALUES \n\t('0', '{$comment_post_ID}', '{$author}', '{$email}', '{$url}', '{$user_ip}', '{$now}', '{$comment}', '{$approved}')\n\t");
$comment_ID = $wpdb->get_var('SELECT last_insert_id()');
if ($moderation_notify && !$approved) {
wp_notify_moderator($comment_ID);
}
if (get_settings('comments_notify') && $approved) {
wp_notify_postauthor($comment_ID, 'comment');
}
if ($email == '') {
$email = ' ';
}
// this to make sure a cookie is set for 'no email'
if ($url == '') {
$url = ' ';
}
// this to make sure a cookie is set for 'no url'
setcookie('comment_author_' . $cookiehash, $author, time() + 30000000);
setcookie('comment_author_email_' . $cookiehash, $email, time() + 30000000);
setcookie('comment_author_url_' . $cookiehash, $url, time() + 30000000);
function sk2_filter_comment($comment_ID)
{
include_once dirname(__FILE__) . "/sk2_core_class.php";
if (!$comment_ID) {
$sk2_log->log_msg(__("Structural failure: no comment ID sent to comment hook", 'sk2'), 10, 0, "web_UI", true, false);
die(__("Aborting Spam Karma", 'sk2'));
}
$sk2_core = new sk2_core($comment_ID, false);
$sk2_core->process_comment();
$approved = $sk2_core->cur_comment->approved;
$sk2_settings->save_settings();
// should also save/display logs here...
// doing notification ourselves (since we killed WP's)
if ($approved == 'spam') {
// your adventure stops here, cowboy...
header("HTTP/1.1 403 Forbidden");
header("Status: 403 Forbidden");
_e("Sorry, but your comment has been flagged by the spam filter running on this blog: this might be an error, in which case all apologies. Your comment will be presented to the blog admin who will be able to restore it immediately.<br/>You may want to contact the blog admin via e-mail to notify him.", 'sk2');
// echo "<!-- ";
// $sk2_log->dump_logs();
// echo "-->";
die;
} else {
if ('0' == $approved) {
if ($sk2_core->cur_comment->can_unlock()) {
// redirect to Second Chance page
header('Expires: Mon, 26 Aug 1980 09:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, must-revalidate');
header('Pragma: no-cache');
$location = get_bloginfo('wpurl') . "/" . strstr(str_replace("\\", "/", dirname(__FILE__)), "wp-content/") . "/" . sk2_second_chance_file . "?c_id={$comment_ID}&c_author=" . urlencode($sk2_core->cur_comment->author_email);
//$location = str_replace($_SERVER['DOCUMENT_ROOT'], "/", dirname(__FILE__)) . "/" . sk2_second_chance_file ."?c_id=$comment_ID&c_author=" . urlencode($sk2_core->cur_comment->author_email);
$can_use_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? false : true;
if (!$can_use_location && $phpver >= '4.0.1' && @preg_match('/Microsoft/', getenv('SERVER_SOFTWARE')) && php_sapi_name() == 'isapi') {
$can_use_location = true;
}
if ($can_use_location) {
header("Location: {$location}");
} else {
header("Refresh: 0;url={$location}");
}
exit;
} else {
wp_notify_moderator($comment_ID);
}
} elseif (get_settings('comments_notify')) {
wp_notify_postauthor($comment_ID, $sk2_core->cur_comment->type);
}
}
}