Comment updating cleanup. Add get_comment(), edit_comment(), get_comment_to_edit(), and wp_update_comment().

git-svn-id: http://svn.automattic.com/wordpress/trunk@2662 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2005-06-26 19:55:12 +00:00
parent e01bad86bc
commit 8b55719431
5 changed files with 198 additions and 124 deletions

View File

@ -63,13 +63,13 @@ function edit_post() {
if ( !isset($blog_ID) )
$blog_ID = 1;
$post_ID = $_POST['post_ID'];
$post_ID = (int) $_POST['post_ID'];
if (!user_can_edit_post($user_ID, $post_ID, $blog_ID))
die( __('You are not allowed to edit this post.') );
// Rename.
$_POST['ID'] = $_POST['post_ID'];
$_POST['ID'] = (int) $_POST['post_ID'];
$_POST['post_content'] = $_POST['content'];
$_POST['post_excerpt'] = $_POST['excerpt'];
$_POST['post_parent'] = $_POST['parent_id'];
@ -119,6 +119,39 @@ function edit_post() {
add_meta($post_ID);
}
function edit_comment() {
global $user_ID;
$comment_ID = (int) $_POST['comment_ID'];
$comment_post_ID = (int) $_POST['comment_post_ID'];
if (!user_can_edit_post_comments($user_ID, $comment_post_ID))
die( __('You are not allowed to edit comments on this post, so you cannot edit this comment.') );
$_POST['comment_author'] = $_POST['newcomment_author'];
$_POST['comment_author_email'] = $_POST['newcomment_author_email'];
$_POST['comment_author_url'] = $_POST['newcomment_author_url'];
$_POST['comment_approved'] = $_POST['comment_status'];
$_POST['comment_content'] = $_POST['content'];
$_POST['comment_ID'] = (int) $_POST['comment_ID'];
if (user_can_edit_post_date($user_ID, $post_ID) && (!empty($_POST['edit_date']))) {
$aa = $_POST['aa'];
$mm = $_POST['mm'];
$jj = $_POST['jj'];
$hh = $_POST['hh'];
$mn = $_POST['mn'];
$ss = $_POST['ss'];
$jj = ($jj > 31) ? 31 : $jj;
$hh = ($hh > 23) ? $hh - 24 : $hh;
$mn = ($mn > 59) ? $mn - 60 : $mn;
$ss = ($ss > 59) ? $ss - 60 : $ss;
$_POST['comment_date'] = "$aa-$mm-$jj $hh:$mn:$ss";
}
wp_update_comment($_POST);
}
// Get an existing post and format it for editing.
function get_post_to_edit($id) {
$post = get_post($id);
@ -158,6 +191,19 @@ function get_default_post_to_edit() {
return $post;
}
function get_comment_to_edit($id) {
$comment = get_comment($id);
$comment->comment_content = format_to_edit($comment->comment_content);
$comment->comment_content = apply_filters('comment_edit_pre', $comment->comment_content);
$comment->comment_author = format_to_edit($comment->comment_author);
$comment->comment_author_email = format_to_edit($comment->comment_author_email);
$comment->comment_author_url = format_to_edit($comment->comment_author_url);
return $comment;
}
function url_shorten ($url) {
$short_url = str_replace('http://', '', stripslashes($url));
$short_url = str_replace('www.', '', $short_url);

View File

@ -1,8 +1,8 @@
<?php
$submitbutton_text = __('Edit Comment &raquo;');
$toprow_title = sprintf(__('Editing Comment # %s'), $commentdata['comment_ID']);
$toprow_title = sprintf(__('Editing Comment # %s'), $comment->comment_ID);
$form_action = 'editedcomment';
$form_extra = "' />\n<input type='hidden' name='comment_ID' value='$comment' />\n<input type='hidden' name='comment_post_ID' value='".$commentdata["comment_post_ID"];
$form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . $comment->comment_ID . "' />\n<input type='hidden' name='comment_post_ID' value='".$comment->comment_post_ID;
?>
<form name="post" action="post.php" method="post" id="post">
@ -20,19 +20,19 @@ window.onload = focusit;
<fieldset id="namediv">
<legend><?php _e('Name:') ?></legend>
<div>
<input type="text" name="newcomment_author" size="22" value="<?php echo format_to_edit($commentdata['comment_author']) ?>" tabindex="1" id="name" />
<input type="text" name="newcomment_author" size="22" value="<?php echo $comment->comment_author ?>" tabindex="1" id="name" />
</div>
</fieldset>
<fieldset id="emaildiv">
<legend><?php _e('E-mail:') ?></legend>
<div>
<input type="text" name="newcomment_author_email" size="30" value="<?php echo format_to_edit($commentdata['comment_author_email']) ?>" tabindex="2" id="email" />
<input type="text" name="newcomment_author_email" size="30" value="<?php echo $comment->comment_author_email ?>" tabindex="2" id="email" />
</div>
</fieldset>
<fieldset id="uridiv">
<legend><?php _e('URI:') ?></legend>
<div>
<input type="text" name="newcomment_author_url" size="35" value="<?php echo format_to_edit($commentdata['comment_author_url']) ?>" tabindex="3" id="URL" />
<input type="text" name="newcomment_author_url" size="35" value="<?php echo $comment->comment_author_url ?>" tabindex="3" id="URL" />
</div>
</fieldset>
@ -45,7 +45,7 @@ window.onload = focusit;
$rows = 10;
}
?>
<div><textarea rows="<?php echo $rows; ?>" cols="40" name="content" tabindex="4" id="content" style="width: 99%"><?php echo $content ?></textarea></div>
<div><textarea rows="<?php echo $rows; ?>" cols="40" name="content" tabindex="4" id="content" style="width: 99%"><?php echo $comment->comment_content ?></textarea></div>
</fieldset>
<script type="text/javascript">
@ -66,9 +66,9 @@ edCanvas = document.getElementById('content');
<table width="100%" cellspacing="2" cellpadding="5" class="editform">
<tr>
<th scope="row" valign="top"><?php _e('Comment Status') ?>:</th>
<td><label for="comment_status_approved" class="selectit"><input id="comment_status_approved" name="comment_status" type="radio" value="1" <?php checked($comment_status, '1'); ?> /> <?php _e('Approved') ?></label><br />
<label for="comment_status_moderated" class="selectit"><input id="comment_status_moderated" name="comment_status" type="radio" value="0" <?php checked($comment_status, '0'); ?> /> <?php _e('Moderated') ?></label><br />
<label for="comment_status_spam" class="selectit"><input id="comment_status_spam" name="comment_status" type="radio" value="spam" <?php checked($comment_status, 'spam'); ?> /> <?php _e('Spam') ?></label></td>
<td><label for="comment_status_approved" class="selectit"><input id="comment_status_approved" name="comment_status" type="radio" value="1" <?php checked($comment->comment_approved, '1'); ?> /> <?php _e('Approved') ?></label><br />
<label for="comment_status_moderated" class="selectit"><input id="comment_status_moderated" name="comment_status" type="radio" value="0" <?php checked($comment->comment_approved, '0'); ?> /> <?php _e('Moderated') ?></label><br />
<label for="comment_status_spam" class="selectit"><input id="comment_status_spam" name="comment_status" type="radio" value="spam" <?php checked($comment->comment_approved, 'spam'); ?> /> <?php _e('Spam') ?></label></td>
</tr>
<?php if ($user_level > 4) : ?>
@ -80,7 +80,7 @@ edCanvas = document.getElementById('content');
<tr>
<th scope="row"><?php _e('Delete'); ?>:</th>
<td><p><a class="delete" href="post.php?action=confirmdeletecomment&amp;noredir=true&amp;comment=<?php echo $commentdata['comment_ID']; ?>&amp;p=<?php echo $commentdata['comment_post_ID']; ?>"><?php _e('Delete comment') ?></a></p></td>
<td><p><a class="delete" href="post.php?action=confirmdeletecomment&amp;noredir=true&amp;comment=<?php echo $comment->comment_ID; ?>&amp;p=<?php echo $comment->comment_post_ID; ?>"><?php _e('Delete comment') ?></a></p></td>
</tr>
</table>

View File

@ -140,18 +140,15 @@ case 'editcomment':
get_currentuserinfo();
$comment = $_GET['comment'];
$commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'javascript:history.go(-1)'));
$comment = (int) $_GET['comment'];
if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'])) {
if ( ! $comment = get_comment($comment) )
die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'javascript:history.go(-1)'));
if ( !user_can_edit_post_comments($user_ID, $comment->comment_post_ID) )
die( __('You are not allowed to edit comments on this post.') );
}
$content = $commentdata['comment_content'];
$content = format_to_edit($content);
$content = apply_filters('comment_edit_pre', $content);
$comment_status = $commentdata['comment_approved'];
$comment = get_comment_to_edit($comment);
include('edit-form-comment.php');
@ -161,21 +158,22 @@ case 'confirmdeletecomment':
require_once('./admin-header.php');
$comment = $_GET['comment'];
$comment = (int) $_GET['comment'];
$p = (int) $_GET['p'];
$commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
if (!user_can_delete_post_comments($user_ID, $commentdata['comment_post_ID'])) {
if ( ! $comment = get_comment($comment) )
die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
if ( !user_can_delete_post_comments($user_ID, $comment->comment_post_ID) )
die( __('You are not allowed to delete comments on this post.') );
}
echo "<div class=\"wrap\">\n";
echo "<p>" . __('<strong>Caution:</strong> You are about to delete the following comment:') . "</p>\n";
echo "<table border=\"0\">\n";
echo "<tr><td>" . __('Author:') . "</td><td>" . $commentdata["comment_author"] . "</td></tr>\n";
echo "<tr><td>" . __('E-mail:') . "</td><td>" . $commentdata["comment_author_email"] . "</td></tr>\n";
echo "<tr><td>". __('URL:') . "</td><td>" . $commentdata["comment_author_url"] . "</td></tr>\n";
echo "<tr><td>". __('Comment:') . "</td><td>" . stripslashes($commentdata["comment_content"]) . "</td></tr>\n";
echo "<tr><td>" . __('Author:') . "</td><td>" . $comment->comment_author . "</td></tr>\n";
echo "<tr><td>" . __('E-mail:') . "</td><td>" . $comment->comment_author_email . "</td></tr>\n";
echo "<tr><td>". __('URL:') . "</td><td>" . $comment->comment_author_url . "</td></tr>\n";
echo "<tr><td>". __('Comment:') . "</td><td>" . $comment->comment_content . "</td></tr>\n";
echo "</table>\n";
echo "<p>" . __('Are you sure you want to do that?') . "</p>\n";
@ -196,8 +194,8 @@ case 'deletecomment':
check_admin_referer();
$comment = $_GET['comment'];
$p = $_GET['p'];
$comment = (int) $_GET['comment'];
$p = (int) $_GET['p'];
if (isset($_GET['noredir'])) {
$noredir = true;
} else {
@ -205,14 +203,15 @@ case 'deletecomment':
}
$postdata = get_post($p) or die(sprintf(__('Oops, no post with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
$commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'post.php'));
if (!user_can_delete_post_comments($user_ID, $commentdata['comment_post_ID'])) {
if ( ! $comment = get_comment($comment) )
die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'post.php'));
if (!user_can_delete_post_comments($user_ID, $commentdata['comment_post_ID']))
die( __('You are not allowed to edit comments on this post.') );
}
wp_set_comment_status($comment, "delete");
do_action('delete_comment', $comment);
wp_set_comment_status($comment->comment_ID, "delete");
do_action('delete_comment', $comment->comment_ID);
if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) {
header('Location: ' . $_SERVER['HTTP_REFERER']);
@ -228,21 +227,21 @@ case 'unapprovecomment':
check_admin_referer();
$comment = $_GET['comment'];
$p = $_GET['p'];
$comment = (int) $_GET['comment'];
$p = (int) $_GET['p'];
if (isset($_GET['noredir'])) {
$noredir = true;
} else {
$noredir = false;
}
$commentdata = get_commentdata($comment) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
if ( ! $comment = get_comment($comment) )
die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'])) {
if ( !user_can_edit_post_comments($user_ID, $comment->comment_post_ID) )
die( __('You are not allowed to edit comments on this post, so you cannot disapprove this comment.') );
}
wp_set_comment_status($comment, "hold");
wp_set_comment_status($comment->comment_ID, "hold");
if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) {
header('Location: ' . $_SERVER['HTTP_REFERER']);
@ -256,16 +255,16 @@ case 'mailapprovecomment':
$comment = (int) $_GET['comment'];
$commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
if ( ! $comment = get_comment($comment) )
die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'])) {
if ( !user_can_edit_post_comments($user_ID, $comment->comment_post_ID) )
die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
}
if ('1' != $commentdata['comment_approved']) {
wp_set_comment_status($comment, 'approve');
if ('1' != $comment->comment_approved) {
wp_set_comment_status($comment->comment_ID, 'approve');
if (true == get_option('comments_notify'))
wp_notify_postauthor($comment);
wp_notify_postauthor($comment->comment_ID);
}
header('Location: ' . get_option('siteurl') . '/wp-admin/moderation.php?approved=1');
@ -274,22 +273,23 @@ case 'mailapprovecomment':
case 'approvecomment':
$comment = $_GET['comment'];
$p = $_GET['p'];
$comment = (int) $_GET['comment'];
$p = (int) $_GET['p'];
if (isset($_GET['noredir'])) {
$noredir = true;
} else {
$noredir = false;
}
$commentdata = get_commentdata($comment) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'])) {
if ( ! $comment = get_comment($comment) )
die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
if ( !user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID']))
die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
}
wp_set_comment_status($comment, "approve");
wp_set_comment_status($comment->comment_ID, "approve");
if (get_settings("comments_notify") == true) {
wp_notify_postauthor($comment);
wp_notify_postauthor($comment->comment_ID);
}
@ -303,43 +303,7 @@ case 'approvecomment':
case 'editedcomment':
$comment_ID = $_POST['comment_ID'];
$comment_post_ID = $_POST['comment_post_ID'];
$newcomment_author = $_POST['newcomment_author'];
$newcomment_author_email = $_POST['newcomment_author_email'];
$newcomment_author_url = $_POST['newcomment_author_url'];
$comment_status = $_POST['comment_status'];
if (!user_can_edit_post_comments($user_ID, $comment_post_ID)) {
die( __('You are not allowed to edit comments on this post, so you cannot edit this comment.') );
}
if (user_can_edit_post_date($user_ID, $post_ID) && (!empty($_POST['edit_date']))) {
$aa = $_POST['aa'];
$mm = $_POST['mm'];
$jj = $_POST['jj'];
$hh = $_POST['hh'];
$mn = $_POST['mn'];
$ss = $_POST['ss'];
$jj = ($jj > 31) ? 31 : $jj;
$hh = ($hh > 23) ? $hh - 24 : $hh;
$mn = ($mn > 59) ? $mn - 60 : $mn;
$ss = ($ss > 59) ? $ss - 60 : $ss;
$datemodif = ", comment_date = '$aa-$mm-$jj $hh:$mn:$ss'";
} else {
$datemodif = '';
}
$content = apply_filters('comment_save_pre', $_POST['content']);
$result = $wpdb->query("
UPDATE $wpdb->comments SET
comment_content = '$content',
comment_author = '$newcomment_author',
comment_author_email = '$newcomment_author_email',
comment_approved = '$comment_status',
comment_author_url = '$newcomment_author_url'".$datemodif."
WHERE comment_ID = $comment_ID"
);
edit_comment();
$referredby = $_POST['referredby'];
if (!empty($referredby)) {
@ -347,7 +311,7 @@ case 'editedcomment':
} else {
header ("Location: edit.php?p=$comment_post_ID&c=1#comments");
}
do_action('edit_comment', $comment_ID);
break;
default:

View File

@ -162,8 +162,7 @@ function wp_insert_post($postarr = array()) {
add_post_meta($post_ID, '_wp_page_template', $page_template, true);
}
// Return insert_id if we got a good result, otherwise return zero.
return $result ? $post_ID : 0;
return $rval;
}
function wp_get_single_post($postid = 0, $mode = OBJECT) {
@ -588,6 +587,41 @@ function wp_new_comment( $commentdata, $spam = false ) {
return $result;
}
function wp_update_comment($commentarr) {
global $wpdb;
// First, get all of the original fields
$comment = get_comment($commentarr['comment_ID'], ARRAY_A);
// Escape data pulled from DB.
foreach ($comment as $key => $value)
$comment[$key] = $wpdb->escape($value);
// Merge old and new fields with new fields overwriting old ones.
$commentarr = array_merge($comment, $commentarr);
// Now extract the merged array.
extract($commentarr);
$comment_content = apply_filters('comment_save_pre', $comment_content);
$result = $wpdb->query(
"UPDATE $wpdb->comments SET
comment_content = '$comment_content',
comment_author = '$comment_author',
comment_author_email = '$comment_author_email',
comment_approved = '$comment_approved',
comment_author_url = '$comment_author_url',
comment_date = '$comment_date'
WHERE comment_ID = $comment_ID" );
$rval = $wpdb->rows_affected;
do_action('edit_comment', $comment_ID);
return $rval;
}
function do_trackbacks($post_id) {
global $wpdb;

View File

@ -470,31 +470,31 @@ function &get_post(&$post, $output = OBJECT) {
if ( empty($post) ) {
if ( isset($GLOBALS['post']) )
$post = & $GLOBALS['post'];
$_post = & $GLOBALS['post'];
else
$post = null;
$_post = null;
} elseif (is_object($post) ) {
if (! isset($post_cache[$post->ID]))
$post_cache[$post->ID] = &$post;
$post = & $post_cache[$post->ID];
$_post = & $post_cache[$post->ID];
} else {
if (isset($post_cache[$post]))
$post = & $post_cache[$post];
$_post = & $post_cache[$post];
else {
$query = "SELECT * FROM $wpdb->posts WHERE ID=$post";
$post_cache[$post] = & $wpdb->get_row($query);
$post = & $post_cache[$post];
$_post = & $post_cache[$post];
}
}
if ( $output == OBJECT ) {
return $post;
return $_post;
} elseif ( $output == ARRAY_A ) {
return get_object_vars($post);
return get_object_vars($_post);
} elseif ( $output == ARRAY_N ) {
return array_values(get_object_vars($post));
return array_values(get_object_vars($_post));
} else {
return $post;
return $_post;
}
}
@ -505,33 +505,33 @@ function &get_page(&$page, $output = OBJECT) {
if ( empty($page) ) {
if ( isset($GLOBALS['page']) )
$page = & $GLOBALS['page'];
$_page = & $GLOBALS['page'];
else
$page = null;
$_page = null;
} elseif (is_object($page) ) {
if (! isset($page_cache[$page->ID]))
$page_cache[$page->ID] = &$page;
$page = & $page_cache[$page->ID];
$_page = & $page_cache[$page->ID];
} else {
if ( isset($GLOBALS['page']) && ($page == $GLOBALS['page']->ID) )
$page = & $GLOBALS['page'];
$_page = & $GLOBALS['page'];
elseif (isset($page_cache[$page]))
$page = & $page_cache[$page];
$_page = & $page_cache[$page];
else {
$query = "SELECT * FROM $wpdb->posts WHERE ID=$page";
$page_cache[$page] = & $wpdb->get_row($query);
$page = & $page_cache[$page];
$_page = & $page_cache[$page];
}
}
if ( $output == OBJECT ) {
return $page;
return $_page;
} elseif ( $output == ARRAY_A ) {
return get_object_vars($page);
return get_object_vars($_page);
} elseif ( $output == ARRAY_N ) {
return array_values(get_object_vars($page));
return array_values(get_object_vars($_page));
} else {
return $page;
return $_page;
}
}
@ -543,32 +543,62 @@ function &get_category(&$category, $output = OBJECT) {
if ( empty($category) )
return null;
$category = (int) $category;
if ( ! isset($cache_categories))
update_category_cache();
if (is_object($category)) {
if ( ! isset($cache_categories[$category->cat_ID]))
$cache_categories[$category->cat_ID] = &$category;
$category = & $cache_categories[$category->cat_ID];
$_category = & $cache_categories[$category->cat_ID];
} else {
if ( !isset($cache_categories[$category]) ) {
$category = $wpdb->get_row("SELECT * FROM $wpdb->categories WHERE cat_ID = $category");
$cache_categories[$category->cat_ID] = & $category;
$_category = $wpdb->get_row("SELECT * FROM $wpdb->categories WHERE cat_ID = $category");
$cache_categories[$category->cat_ID] = & $_category;
} else {
$category = & $cache_categories[$category];
$_category = & $cache_categories[$category];
}
}
if ( $output == OBJECT ) {
return $category;
return $_category;
} elseif ( $output == ARRAY_A ) {
return get_object_vars($category);
return get_object_vars($_category);
} elseif ( $output == ARRAY_N ) {
return array_values(get_object_vars($category));
return array_values(get_object_vars($_category));
} else {
return $category;
return $_category;
}
}
// Retrieves comment data given a comment ID or comment object.
// Handles comment caching.
function &get_comment(&$comment, $output = OBJECT) {
global $comment_cache, $wpdb;
if ( empty($comment) )
return null;
if (is_object($comment)) {
if ( ! isset($comment_cache[$comment->comment_ID]))
$comment_cache[$comment->comment_ID] = &$comment;
$_comment = & $comment_cache[$comment->comment_ID];
} else {
if ( !isset($comment_cache[$comment]) ) {
$_comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment'");
$comment_cache[$comment->comment_ID] = & $_comment;
} else {
$_comment = & $comment_cache[$comment];
}
}
if ( $output == OBJECT ) {
return $_comment;
} elseif ( $output == ARRAY_A ) {
return get_object_vars($_comment);
} elseif ( $output == ARRAY_N ) {
return array_values(get_object_vars($_comment));
} else {
return $_comment;
}
}