public function addComment() { $messageArray = array(); $isAnonymous = false; $uniqueId = isset($_POST['wpdiscuz_unique_id']) ? trim($_POST['wpdiscuz_unique_id']) : ''; $postId = isset($_POST['postId']) ? intval($_POST['postId']) : ''; if ($uniqueId && $postId) { do_action('wpdiscuz_add_comment'); if (function_exists('zerospam_get_key') && isset($_POST['wpdiscuz_zs']) && ($wpdiscuzZS = $_POST['wpdiscuz_zs'])) { $_POST['zerospam_key'] = $wpdiscuzZS == md5(zerospam_get_key()) ? zerospam_get_key() : ''; } $commentDepth = isset($_POST['wc_comment_depth']) && intval($_POST['wc_comment_depth']) ? intval($_POST['wc_comment_depth']) : 1; $isInSameContainer = '1'; $current_user = wp_get_current_user(); if ($commentDepth > $this->optionsSerialized->wordpressThreadCommentsDepth) { $commentDepth = $this->optionsSerialized->wordpressThreadCommentsDepth; $isInSameContainer = '0'; } else { if (!$this->optionsSerialized->wordpressThreadComments) { $isInSameContainer = '0'; } } $notificationType = isset($_POST['wpdiscuz_notification_type']) ? $_POST['wpdiscuz_notification_type'] : ''; if ($current_user && $this->helper->isShowCaptcha($current_user->ID) && !class_exists("wpDiscuzReCaptcha") && !$this->optionsSerialized->isGoodbyeCaptchaActive) { $captcha = isset($_POST['wc_captcha']) ? trim($_POST['wc_captcha']) : ''; if ($this->optionsSerialized->isCaptchaInSession) { if (!session_id()) { session_start(); } $cnonce = isset($_POST['cnonce']) ? trim($_POST['cnonce']) : ''; $sCaptcha = isset($_SESSION['wpdiscuzc'][$cnonce]) ? $_SESSION['wpdiscuzc'][$cnonce] : false; if (!$sCaptcha || md5(strtolower($captcha)) !== $sCaptcha) { $messageArray['code'] = 'wc_invalid_captcha'; wp_die(json_encode($messageArray)); } } else { $key = isset($_POST['cnonce']) ? substr(trim($_POST['cnonce']), self::CAPTCHA_LENGTH) : ''; $fileName = isset($_POST['fileName']) ? substr(trim($_POST['fileName']), 0, strlen(trim($_POST['fileName'])) - 4) : ''; if (!$this->helper->checkCaptchaFile($key, $fileName, $captcha)) { $messageArray['code'] = 'wc_invalid_captcha'; wp_die(json_encode($messageArray)); } } } $website_url = ''; if ($current_user && $current_user->ID) { $user = $current_user; $user_id = $current_user->ID; $name = $current_user->display_name; $email = $current_user->user_email; } else { $user_id = 0; $name = isset($_POST['wc_name']) ? filter_var($_POST['wc_name']) : ''; $email = isset($_POST['wc_email']) ? trim($_POST['wc_email']) : ''; $website_url = isset($_POST['wc_website']) ? trim($_POST['wc_website']) : ''; if ($website_url != '' && (strpos($website_url, 'http://') !== '' && strpos($website_url, 'http://') !== 0) && (strpos($website_url, 'https://') !== '' && strpos($website_url, 'https://') !== 0)) { $website_url = 'http://' . $website_url; } if (!$this->optionsSerialized->isNameFieldRequired) { $name = !$name ? $this->optionsSerialized->phrases['wc_anonymous'] : $name; } if (!$this->optionsSerialized->isEmailFieldRequired) { if (!$email) { $email = uniqid() . '@example.com'; $isAnonymous = true; } } } if ($website_url != '' && filter_var($website_url, FILTER_VALIDATE_URL) === false) { $messageArray['code'] = 'wc_error_url_text'; wp_die(json_encode($messageArray)); } if ($email != '' && filter_var($email, FILTER_VALIDATE_EMAIL) === false) { $messageArray['code'] = 'wc_error_email_text'; wp_die(json_encode($messageArray)); } $comment_content = $this->helper->replaceCommentContentCode(stripslashes(trim($_POST['wc_comment']))); $comment_content = wp_kses($comment_content, $this->helper->wc_allowed_tags); $commentMinLength = intval($this->optionsSerialized->commentTextMinLength); $commentMaxLength = intval($this->optionsSerialized->commentTextMaxLength); $contentLength = function_exists('mb_strlen') ? mb_strlen($comment_content) : strlen($comment_content); if ($commentMinLength > 0 && $contentLength < $commentMinLength) { $messageArray['code'] = 'wc_msg_input_min_length'; wp_die(json_encode($messageArray)); } if ($commentMaxLength > 0 && $contentLength > $commentMaxLength) { $messageArray['code'] = 'wc_msg_input_max_length'; wp_die(json_encode($messageArray)); } if ($name && $email && $comment_content) { $author_ip = $this->helper->getRealIPAddr(); $uid_data = $this->helper->getUIDData($uniqueId); $comment_parent = $uid_data[0]; $wc_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; $new_commentdata = array('user_id' => $user_id, 'comment_post_ID' => $postId, 'comment_parent' => $comment_parent, 'comment_author' => $name, 'comment_author_email' => $email, 'comment_content' => $comment_content, 'comment_author_url' => $website_url, 'comment_author_IP' => $author_ip, 'comment_agent' => $wc_user_agent, 'comment_type' => ''); $new_comment_id = wp_new_comment(wp_slash($new_commentdata)); $newComment = get_comment($new_comment_id); $held_moderate = 1; if ($newComment->comment_approved) { $held_moderate = 0; } if ($notificationType == WpdiscuzCore::SUBSCRIPTION_POST && class_exists('Prompt_Comment_Form_Handling') && $this->optionsSerialized->usePostmaticForCommentNotification) { $_POST[Prompt_Comment_Form_Handling::SUBSCRIBE_CHECKBOX_NAME] = 1; Prompt_Comment_Form_Handling::handle_form($new_comment_id, $newComment->comment_approved); } else { if (!$isAnonymous && $notificationType) { $noNeedMemberConfirm = $current_user->ID && $this->optionsSerialized->disableMemberConfirm; $noNeedGuestsConfirm = !$current_user->ID && $this->optionsSerialized->disableGuestsConfirm && $this->dbManager->hasConfirmedSubscription($email); if ($noNeedMemberConfirm || $noNeedGuestsConfirm) { $this->dbManager->addEmailNotification($new_comment_id, $postId, $email, self::SUBSCRIPTION_COMMENT, 1); } else { $this->dbManager->addEmailNotification($new_comment_id, $postId, $email, self::SUBSCRIPTION_COMMENT); $this->emailHelper->confirmEmailSender($postId, $email); } } } $messageArray['code'] = $uniqueId; $messageArray['redirect'] = $this->optionsSerialized->redirectPage; $messageArray['new_comment_id'] = $new_comment_id; $messageArray['user_name'] = $name; $messageArray['user_email'] = $email; $messageArray['is_main'] = $comment_parent ? 0 : 1; $messageArray['held_moderate'] = $held_moderate; $messageArray['is_in_same_container'] = $isInSameContainer; $messageArray['wc_all_comments_count_new'] = $this->dbManager->getCommentsCount($postId); $commentListArgs = $this->getCommentListArgs($postId); $commentListArgs['current_user'] = $current_user; $commentListArgs['addComment'] = $commentDepth; $messageArray['message'] = wp_list_comments($commentListArgs, array($newComment)); } else { $messageArray['code'] = 'wc_invalid_field'; } } else { $messageArray['code'] = 'wc_msg_required_fields'; } $messageArray['callbackFunctions'] = array(); $messageArray = apply_filters('wpdiscuz_comment_post', $messageArray); wp_die(json_encode($messageArray)); }
/** * Handle the situation when a moderated comment subscribe request has not yet been fulfilled. * @param $comment */ protected static function handle_new_subscriber($comment) { if (!Prompt_Comment_Form_Handling::subscription_requested($comment)) { return; } Prompt_Comment_Form_Handling::subscribe_commenter($comment); }
/** * Echo comment form content. * * Called by the comment_form action. * * @param $post_id */ public static function form_content($post_id) { if (!Prompt_Core::$options->get('prompt_key') or !Prompt_Core::$options->get('enable_comment_delivery')) { return; } self::enqueue_assets($post_id); self::$prompt_post = new Prompt_Post($post_id); $current_user = Prompt_User_Handling::current_user(); if ($current_user and self::$prompt_post->is_subscribed($current_user->ID)) { return; } echo html('label id="prompt-comment-subscribe"', html('input', array('type' => 'checkbox', 'name' => self::SUBSCRIBE_CHECKBOX_NAME, 'value' => '1', 'checked' => Prompt_Core::$options->get('comment_opt_in_default'))), ' ', html('span', Prompt_Core::$options->get('comment_opt_in_text'))); }
public function comment_submit_via_ajax() { $message_array = array(); $comment_post_ID = intval(filter_input(INPUT_POST, 'comment_post_ID')); $comment_parent = intval(filter_input(INPUT_POST, 'comment_parent')); $comment_depth = intval(filter_input(INPUT_POST, 'comment_depth')); $is_in_same_container = 1; if ($comment_depth > $this->wc_options_serialized->wc_comments_max_depth) { $comment_depth = $this->wc_options_serialized->wc_comments_max_depth; $is_in_same_container = 0; } $notification_type = isset($_POST['notification_type']) ? $_POST['notification_type'] : ''; if (!$this->wc_options_serialized->wc_captcha_show_hide) { if (!is_user_logged_in()) { $sess_captcha = $_SESSION['wc_captcha'][$comment_post_ID . '-' . $comment_parent]; $captcha = filter_input(INPUT_POST, 'captcha'); if (md5(strtolower($captcha)) !== $sess_captcha) { $message_array['code'] = -1; $message_array['message'] = $this->wc_options_serialized->wc_phrases['wc_invalid_captcha']; echo json_encode($message_array); exit; } } } $comment_content = filter_input(INPUT_POST, 'comment'); $website_url = ''; if (is_user_logged_in()) { $user_id = get_current_user_id(); $user = get_userdata($user_id); $name = $user->display_name; $email = $user->user_email; } else { if ($this->wc_options_serialized->wc_is_name_field_required) { $name = filter_input(INPUT_POST, 'name'); } else { $name = !filter_input(INPUT_POST, 'name') ? __('Anonymous', WC_Core::$TEXT_DOMAIN) : filter_input(INPUT_POST, 'name'); } if ($this->wc_options_serialized->wc_is_email_field_required) { $email = filter_input(INPUT_POST, 'email'); } else { $email = !filter_input(INPUT_POST, 'email') ? 'anonymous_' . md5(uniqid() . time()) . '@example.com' : filter_input(INPUT_POST, 'email'); } $user_id = 0; $website_url = filter_input(INPUT_POST, 'website'); } if ($website_url != '' && (strpos($website_url, 'http://') !== '' && strpos($website_url, 'http://') !== 0) && (strpos($website_url, 'https://') !== '' && strpos($website_url, 'https://') !== 0)) { $website_url = 'http://' . $website_url; } if ($website_url != '' && filter_var($website_url, FILTER_VALIDATE_URL) === false) { $message_array['code'] = -1; $message_array['message'] = $this->wc_options_serialized->wc_phrases['wc_error_url_text']; echo json_encode($message_array); exit; } $comment_content = wp_kses($comment_content, $this->wc_helper->wc_allowed_tags); $wc_comment_text_max_length = intval($this->wc_options_serialized->wc_comment_text_max_length); if ($wc_comment_text_max_length && $wc_comment_text_max_length > 0 && mb_strlen(trim($comment_content)) > $wc_comment_text_max_length) { $message_array['code'] = -1; $message_array['message'] = $this->wc_options_serialized->wc_phrases['wc_msg_comment_text_max_length']; echo json_encode($message_array); exit; } if ($name && filter_var($email, FILTER_VALIDATE_EMAIL) && $comment_content && filter_var($comment_post_ID)) { $author_ip = WC_Helper::get_real_ip_addr(); $comment_content = addslashes($comment_content); $new_commentdata = array('user_id' => $user_id, 'comment_post_ID' => $comment_post_ID, 'comment_parent' => $comment_parent, 'comment_author' => $name, 'comment_author_email' => $email, 'comment_content' => $comment_content, 'comment_author_url' => $website_url, 'comment_author_IP' => $author_ip, 'comment_agent' => $this->wc_user_agent); $new_comment_id = wp_new_comment($new_commentdata); $new_inserted_comment = get_comment($new_comment_id); $held_moderate = 1; if ($new_inserted_comment->comment_approved) { $held_moderate = 0; } $wc_notification_inserted_id = 0; if ($notification_type == 'post' && !$this->wc_db_helper->wc_has_post_notification($comment_post_ID, $email)) { if (class_exists('Prompt_Comment_Form_Handling') && $this->wc_options_serialized->wc_use_postmatic_for_comment_notification) { $_POST[Prompt_Comment_Form_Handling::SUBSCRIBE_CHECKBOX_NAME] = 1; Prompt_Comment_Form_Handling::handle_form($new_comment_id, $new_inserted_comment->comment_approved); } else { $wc_notification_inserted_id = $this->wc_db_helper->wc_add_email_notification($comment_post_ID, $comment_post_ID, $email, 1); } } else { if ($notification_type == 'all_comment' && !$this->wc_db_helper->wc_has_all_comments_notification($comment_post_ID, $email)) { $wc_notification_inserted_id = $this->wc_db_helper->wc_add_email_notification($comment_post_ID, $comment_post_ID, $email, 2); } else { if ($notification_type == 'comment' && !$this->wc_db_helper->wc_has_comment_notification($comment_post_ID, $new_comment_id, $email)) { $wc_notification_inserted_id = $this->wc_db_helper->wc_add_email_notification($new_comment_id, $comment_post_ID, $email, 3); } } } if ($wc_notification_inserted_id) { $this->wc_confirm_email_sender($wc_notification_inserted_id, $email, $comment_post_ID, $new_comment_id, $notification_type); } $new_comment = get_comment($new_comment_id, OBJECT); if ($held_moderate) { $message_array['code'] = -2; $message_array['message'] = $this->wc_options_serialized->wc_phrases['wc_held_for_moderate']; } else { $message_array['code'] = 1; $message_array['message'] = $this->comment_tpl_builder->get_comment_template($new_comment, null, $comment_depth); $message_array['is_in_same_container'] = $is_in_same_container; $message_array['wc_all_comments_count_new'] = $this->wc_db_helper->get_comments_count($comment_post_ID, null, null); } $message_array['wc_new_comment_id'] = $new_comment_id; } else { $message_array['code'] = -1; $message_array['wc_new_comment_id'] = -1; $message_array['message'] = $this->wc_options_serialized->wc_phrases['wc_invalid_field']; } echo json_encode($message_array); exit; }
public function addComment() { $messageArray = array(); $commentData = filter_input(INPUT_POST, 'wpdiscuzAjaxData'); $isAnonymous = false; if ($commentData) { parse_str($commentData); $postId = isset($postId) ? intval(trim($postId)) : 0; if (function_exists('zerospam_get_key') && isset($wpdiscuz_zs)) { $_POST['zerospam_key'] = $wpdiscuz_zs == md5(zerospam_get_key()) ? zerospam_get_key() : ''; } if (wp_verify_nonce($wpdiscuz_comment_form_nonce, self::ACTION_FORM_NONCE) && isset($wpdiscuz_unique_id) && $wpdiscuz_unique_id && $postId) { $wpdiscuz_unique_id = filter_var($wpdiscuz_unique_id); $wc_comment_depth = isset($wc_comment_depth) && intval($wc_comment_depth) ? $wc_comment_depth : 1; $isInSameContainer = '1'; global $current_user; get_currentuserinfo(); if ($wc_comment_depth > $this->optionsSerialized->wordpressThreadCommentsDepth) { $wc_comment_depth = $this->optionsSerialized->wordpressThreadCommentsDepth; $isInSameContainer = '0'; } else { if (!$this->optionsSerialized->wordpressThreadComments) { $isInSameContainer = '0'; } } $notification_type = isset($wpdiscuz_notification_type) ? $wpdiscuz_notification_type : ''; if ($this->helper->isShowCaptcha($current_user->ID)) { $key = isset($cnonce) ? substr($cnonce, self::CAPTCHA_LENGTH) : ''; $fileName = isset($fileName) ? substr($fileName, 0, strlen($fileName) - 4) : ''; $captcha = isset($wc_captcha) ? $wc_captcha : ''; if (!$this->helper->checkCaptcha($key, $fileName, $captcha)) { $messageArray['code'] = 'wc_invalid_captcha'; wp_die(json_encode($messageArray)); } } $website_url = ''; if ($current_user->ID) { $user_id = $current_user->ID; $user = $current_user; $name = $current_user->display_name; $email = $current_user->user_email; } else { $user_id = 0; $name = isset($wc_name) ? filter_var($wc_name) : ''; $email = isset($wc_email) ? trim($wc_email) : ''; $website_url = isset($wc_website) ? trim($wc_website) : ''; if ($website_url != '' && (strpos($website_url, 'http://') !== '' && strpos($website_url, 'http://') !== 0) && (strpos($website_url, 'https://') !== '' && strpos($website_url, 'https://') !== 0)) { $website_url = 'http://' . $website_url; } if (!$this->optionsSerialized->isNameFieldRequired) { $name = !$name ? __('Anonymous', 'wpdiscuz') : $name; } if (!$this->optionsSerialized->isEmailFieldRequired) { if (!$email) { $email = 'anonymous_' . md5(uniqid() . time()) . '@example.com'; $isAnonymous = true; } } } if ($website_url != '' && filter_var($website_url, FILTER_VALIDATE_URL) === false) { $messageArray['code'] = 'wc_error_url_text'; wp_die(json_encode($messageArray)); } if ($email != '' && filter_var($email, FILTER_VALIDATE_EMAIL) === false) { $messageArray['code'] = 'wc_error_email_text'; wp_die(json_encode($messageArray)); } $comment_content = wp_kses(trim($wc_comment), $this->helper->wc_allowed_tags); $commentMinLength = intval($this->optionsSerialized->commentTextMinLength); $commentMaxLength = intval($this->optionsSerialized->commentTextMaxLength); $contentLength = function_exists('mb_strlen') ? mb_strlen($comment_content) : strlen($comment_content); if ($commentMinLength > 0 && $contentLength < $commentMinLength) { $messageArray['code'] = 'wc_msg_comment_text_min_length'; wp_die(json_encode($messageArray)); } if ($commentMaxLength > 0 && $contentLength > $commentMaxLength) { $messageArray['code'] = 'wc_msg_comment_text_max_length'; wp_die(json_encode($messageArray)); } if ($name && $email && $comment_content) { $author_ip = $this->helper->getRealIPAddr(); $uid_data = $this->helper->getUIDData($wpdiscuz_unique_id); $comment_parent = $uid_data[0]; $wc_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; $new_commentdata = array('user_id' => $user_id, 'comment_post_ID' => $postId, 'comment_parent' => $comment_parent, 'comment_author' => $name, 'comment_author_email' => $email, 'comment_content' => $comment_content, 'comment_author_url' => $website_url, 'comment_author_IP' => $author_ip, 'comment_agent' => $wc_user_agent, 'comment_type' => ''); $new_comment_id = wp_new_comment($new_commentdata); $newComment = get_comment($new_comment_id); $held_moderate = 1; if ($newComment->comment_approved) { $held_moderate = 0; } if ($notification_type == WpdiscuzCore::SUBSCRIPTION_POST && class_exists('Prompt_Comment_Form_Handling') && $this->optionsSerialized->usePostmaticForCommentNotification) { $_POST[Prompt_Comment_Form_Handling::SUBSCRIBE_CHECKBOX_NAME] = 1; Prompt_Comment_Form_Handling::handle_form($new_comment_id, $newComment->comment_approved); } else { if (!$isAnonymous && $notification_type) { if ($current_user->ID && $this->optionsSerialized->disableMemberConfirm) { $this->dbManager->addEmailNotification($new_comment_id, $postId, $email, self::SUBSCRIPTION_COMMENT, 1); } else { $this->dbManager->addEmailNotification($new_comment_id, $postId, $email, self::SUBSCRIPTION_COMMENT); $this->emailHelper->confirmEmailSender($postId, $email); } } } $messageArray['code'] = $wpdiscuz_unique_id; $messageArray['redirect'] = $this->optionsSerialized->redirectPage; $messageArray['new_comment_id'] = $new_comment_id; $messageArray['user_name'] = $name; $messageArray['user_email'] = $email; $messageArray['is_main'] = $comment_parent ? 0 : 1; $messageArray['held_moderate'] = $held_moderate; $messageArray['is_in_same_container'] = $isInSameContainer; $messageArray['wc_all_comments_count_new'] = $this->dbManager->getCommentsCount($postId); $commentListArgs = $this->getCommentListArgs($postId); $commentListArgs['current_user'] = $current_user; $commentListArgs['addComment'] = $wc_comment_depth; $messageArray['message'] = wp_list_comments($commentListArgs, array($newComment)); } else { $messageArray['code'] = 'wc_invalid_field'; } } else { $messageArray['code'] = 'wc_invalid_field'; } } else { $messageArray['code'] = 'wc_msg_required_fields'; } wp_die(json_encode($messageArray)); }