2006-10-25 18:55:05 -04:00
< ? php
2008-08-11 16:26:31 -04:00
/**
* Comment Management Panel
*
* @ package WordPress
* @ subpackage Administration
*/
/** Load WordPress Bootstrap */
2006-10-25 18:55:05 -04:00
require_once ( 'admin.php' );
2006-12-06 19:40:31 -05:00
$parent_file = 'edit-comments.php' ;
2006-10-25 18:55:05 -04:00
$submenu_file = 'edit-comments.php' ;
2007-12-10 15:42:03 -05:00
wp_reset_vars ( array ( 'action' ) );
2006-10-25 18:55:05 -04:00
if ( isset ( $_POST [ 'deletecomment' ] ) )
$action = 'deletecomment' ;
2008-08-11 16:26:31 -04:00
/**
* Display error message at bottom of comments .
*
* @ param string $msg Error Message . Assumed to contain HTML and be sanitized .
*/
function comment_footer_die ( $msg ) { //
2007-12-10 15:42:03 -05:00
echo " <div class='wrap'><p> $msg </p></div> " ;
include ( 'admin-footer.php' );
die ;
}
switch ( $action ) {
case 'editcomment' :
2006-10-25 18:55:05 -04:00
$title = __ ( 'Edit Comment' );
2008-02-19 21:41:16 -05:00
wp_enqueue_script ( 'comment' );
2007-12-10 15:42:03 -05:00
require_once ( 'admin-header.php' );
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
$comment_id = absint ( $_GET [ 'c' ] );
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
if ( ! $comment = get_comment ( $comment_id ) )
comment_footer_die ( __ ( 'Oops, no comment with this ID.' ) . sprintf ( ' <a href="%s">' . __ ( 'Go back' ) . '</a>!' , 'javascript:history.go(-1)' ) );
2006-10-25 18:55:05 -04:00
if ( ! current_user_can ( 'edit_post' , $comment -> comment_post_ID ) )
2007-12-10 15:42:03 -05:00
comment_footer_die ( __ ( 'You are not allowed to edit comments on this post.' ) );
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
$comment = get_comment_to_edit ( $comment_id );
2006-10-25 18:55:05 -04:00
include ( 'edit-form-comment.php' );
break ;
2007-12-10 15:42:03 -05:00
case 'cdc' :
case 'mac' :
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
require_once ( 'admin-header.php' );
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
$comment_id = absint ( $_GET [ 'c' ] );
2006-10-30 14:27:24 -05:00
$formaction = 'cdc' == $action ? 'deletecomment' : 'approvecomment' ;
$nonce_action = 'cdc' == $action ? 'delete-comment_' : 'approve-comment_' ;
2007-12-10 15:42:03 -05:00
$nonce_action .= $comment_id ;
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
if ( ! $comment = get_comment_to_edit ( $comment_id ) )
comment_footer_die ( __ ( 'Oops, no comment with this ID.' ) . sprintf ( ' <a href="%s">' . __ ( 'Go back' ) . '</a>!' , 'edit.php' ) );
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
if ( ! current_user_can ( 'edit_post' , $comment -> comment_post_ID ) )
comment_footer_die ( 'cdc' == $action ? __ ( 'You are not allowed to delete comments on this post.' ) : __ ( 'You are not allowed to edit comments on this post, so you cannot approve this comment.' ) );
2006-10-25 18:55:05 -04:00
?>
< div class = 'wrap' >
< div class = " narrow " >
2007-12-10 15:42:03 -05:00
< ? php
if ( 'spam' == $_GET [ 'dt' ] ) {
$caution_msg = __ ( 'You are about to mark the following comment as spam:' );
2008-02-20 14:30:55 -05:00
$button = __ ( 'Spam Comment' );
2007-12-10 15:42:03 -05:00
} elseif ( 'cdc' == $action ) {
$caution_msg = __ ( 'You are about to delete the following comment:' );
2008-02-20 14:30:55 -05:00
$button = __ ( 'Delete Comment' );
2007-12-10 15:42:03 -05:00
} else {
$caution_msg = __ ( 'You are about to approve the following comment:' );
2008-02-20 14:30:55 -05:00
$button = __ ( 'Approve Comment' );
2007-12-10 15:42:03 -05:00
}
?>
< p >< strong >< ? php _e ( 'Caution:' ); ?> </strong> <?php echo $caution_msg; ?></p>
2006-10-25 18:55:05 -04:00
< p >< ? php _e ( 'Are you sure you want to do that?' ); ?> </p>
2007-12-10 15:42:03 -05:00
< form action = 'comment.php' method = 'get' >
2006-10-25 18:55:05 -04:00
< table width = " 100% " >
< tr >
2008-05-27 13:46:01 -04:00
< td >< input type = 'button' class = " button " value = '<?php _e(' No '); ?>' onclick = " self.location='<?php echo admin_url('edit-comments.php'); ?> " /></ td >
2008-03-14 19:58:31 -04:00
< td class = " textright " >< input type = 'submit' class = " button " value = '<?php echo $button; ?>' /></ td >
2006-10-25 18:55:05 -04:00
</ tr >
</ table >
2007-12-10 15:42:03 -05:00
< ? php wp_nonce_field ( $nonce_action ); ?>
2006-10-25 18:55:05 -04:00
< input type = 'hidden' name = 'action' value = '<?php echo $formaction; ?>' />
2006-10-30 14:27:24 -05:00
< ? php if ( 'spam' == $_GET [ 'dt' ] ) { ?>
< input type = 'hidden' name = 'dt' value = 'spam' />
2006-10-25 18:55:05 -04:00
< ? php } ?>
< input type = 'hidden' name = 'p' value = '<?php echo $comment->comment_post_ID; ?>' />
2006-10-30 15:37:59 -05:00
< input type = 'hidden' name = 'c' value = '<?php echo $comment->comment_ID; ?>' />
2006-10-25 18:55:05 -04:00
< input type = 'hidden' name = 'noredir' value = '1' />
</ form >
2008-02-23 23:33:10 -05:00
< table class = " form-table " cellpadding = " 5 " >
2006-10-25 18:55:05 -04:00
< tr class = " alt " >
2007-12-23 05:05:37 -05:00
< th scope = " row " >< ? php _e ( 'Author' ); ?> </th>
2006-10-25 18:55:05 -04:00
< td >< ? php echo $comment -> comment_author ; ?> </td>
</ tr >
< ? php if ( $comment -> comment_author_email ) { ?>
< tr >
2007-12-23 05:05:37 -05:00
< th scope = " row " >< ? php _e ( 'E-mail' ); ?> </th>
2006-10-25 18:55:05 -04:00
< td >< ? php echo $comment -> comment_author_email ; ?> </td>
</ tr >
< ? php } ?>
< ? php if ( $comment -> comment_author_url ) { ?>
< tr >
2007-12-23 05:05:37 -05:00
< th scope = " row " >< ? php _e ( 'URL' ); ?> </th>
2007-05-25 05:41:04 -04:00
< td >< a href = '<?php echo $comment->comment_author_url; ?>' >< ? php echo $comment -> comment_author_url ; ?> </a></td>
2006-10-25 18:55:05 -04:00
</ tr >
< ? php } ?>
< tr >
2008-11-21 13:16:44 -05:00
< th scope = " row " valign = " top " >< ? php echo _c ( 'Comment|noun' ); ?> </th>
2007-05-25 05:41:04 -04:00
< td >< ? php echo $comment -> comment_content ; ?> </td>
2006-10-25 18:55:05 -04:00
</ tr >
</ table >
</ div >
</ div >
< ? php
break ;
2007-12-10 15:42:03 -05:00
case 'deletecomment' :
$comment_id = absint ( $_REQUEST [ 'c' ] );
check_admin_referer ( 'delete-comment_' . $comment_id );
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
if ( isset ( $_REQUEST [ 'noredir' ] ) )
2006-10-25 18:55:05 -04:00
$noredir = true ;
2007-12-10 15:42:03 -05:00
else
2006-10-25 18:55:05 -04:00
$noredir = false ;
2007-12-10 15:42:03 -05:00
if ( ! $comment = get_comment ( $comment_id ) )
comment_footer_die ( __ ( 'Oops, no comment with this ID.' ) . sprintf ( ' <a href="%s">' . __ ( 'Go back' ) . '</a>!' , 'edit-comments.php' ) );
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
if ( ! current_user_can ( 'edit_post' , $comment -> comment_post_ID ) )
comment_footer_die ( __ ( 'You are not allowed to edit comments on this post.' ) );
2006-10-25 18:55:05 -04:00
2006-10-30 14:27:24 -05:00
if ( 'spam' == $_REQUEST [ 'dt' ] )
2007-12-10 15:42:03 -05:00
wp_set_comment_status ( $comment -> comment_ID , 'spam' );
2006-10-25 18:55:05 -04:00
else
2007-12-10 15:42:03 -05:00
wp_delete_comment ( $comment -> comment_ID );
2006-10-25 18:55:05 -04:00
2008-04-21 12:45:48 -04:00
if ( '' != wp_get_referer () && false == $noredir && false === strpos ( wp_get_referer (), 'comment.php' ) )
2007-12-10 15:42:03 -05:00
wp_redirect ( wp_get_referer () );
2008-04-21 12:45:48 -04:00
else if ( '' != wp_get_original_referer () && false == $noredir )
wp_redirect ( wp_get_original_referer () );
2007-12-10 15:42:03 -05:00
else
2008-05-27 13:46:01 -04:00
wp_redirect ( admin_url ( 'edit-comments.php' ) );
2007-12-10 15:42:03 -05:00
die ;
2006-10-25 18:55:05 -04:00
break ;
2007-12-10 15:42:03 -05:00
case 'unapprovecomment' :
$comment_id = absint ( $_GET [ 'c' ] );
check_admin_referer ( 'unapprove-comment_' . $comment_id );
2006-10-30 14:27:24 -05:00
2007-12-10 15:42:03 -05:00
if ( isset ( $_GET [ 'noredir' ] ) )
2006-10-25 18:55:05 -04:00
$noredir = true ;
2007-12-10 15:42:03 -05:00
else
2006-10-25 18:55:05 -04:00
$noredir = false ;
2007-12-10 15:42:03 -05:00
if ( ! $comment = get_comment ( $comment_id ) )
comment_footer_die ( __ ( 'Oops, no comment with this ID.' ) . sprintf ( ' <a href="%s">' . __ ( 'Go back' ) . '</a>!' , 'edit.php' ) );
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
if ( ! current_user_can ( 'edit_post' , $comment -> comment_post_ID ) )
comment_footer_die ( __ ( 'You are not allowed to edit comments on this post, so you cannot disapprove this comment.' ) );
wp_set_comment_status ( $comment -> comment_ID , 'hold' );
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
if ( '' != wp_get_referer () && false == $noredir )
wp_redirect ( wp_get_referer () );
else
2008-11-19 23:51:47 -05:00
wp_redirect ( admin_url ( 'edit-comments.php?p=' . absint ( $comment -> comment_post_ID ) . '#comments' ) );
2006-10-25 18:55:05 -04:00
exit ();
break ;
2007-12-10 15:42:03 -05:00
case 'approvecomment' :
$comment_id = absint ( $_GET [ 'c' ] );
check_admin_referer ( 'approve-comment_' . $comment_id );
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
if ( isset ( $_GET [ 'noredir' ] ) )
2006-10-25 18:55:05 -04:00
$noredir = true ;
2007-12-10 15:42:03 -05:00
else
2006-10-25 18:55:05 -04:00
$noredir = false ;
2007-12-10 15:42:03 -05:00
if ( ! $comment = get_comment ( $comment_id ) )
comment_footer_die ( __ ( 'Oops, no comment with this ID.' ) . sprintf ( ' <a href="%s">' . __ ( 'Go back' ) . '</a>!' , 'edit.php' ) );
2006-10-25 18:55:05 -04:00
if ( ! current_user_can ( 'edit_post' , $comment -> comment_post_ID ) )
2007-12-10 15:42:03 -05:00
comment_footer_die ( __ ( 'You are not allowed to edit comments on this post, so you cannot approve this comment.' ) );
wp_set_comment_status ( $comment -> comment_ID , 'approve' );
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
if ( '' != wp_get_referer () && false == $noredir )
wp_redirect ( wp_get_referer () );
else
2008-11-19 23:51:47 -05:00
wp_redirect ( admin_url ( 'edit-comments.php?p=' . absint ( $comment -> comment_post_ID ) . '#comments' ) );
2007-12-10 15:42:03 -05:00
2006-10-25 18:55:05 -04:00
exit ();
break ;
2007-12-10 15:42:03 -05:00
case 'editedcomment' :
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
$comment_id = absint ( $_POST [ 'comment_ID' ] );
$comment_post_id = absint ( $_POST [ 'comment_post_id' ] );
2006-10-25 18:55:05 -04:00
2007-12-10 15:42:03 -05:00
check_admin_referer ( 'update-comment_' . $comment_id );
2006-10-25 18:55:05 -04:00
edit_comment ();
2008-11-19 23:51:47 -05:00
$location = ( empty ( $_POST [ 'referredby' ] ) ? " edit-comments.php?p= $comment_post_id " : $_POST [ 'referredby' ] ) . '#comment-' . $comment_id ;
2007-12-10 15:42:03 -05:00
$location = apply_filters ( 'comment_edit_redirect' , $location , $comment_id );
wp_redirect ( $location );
2006-11-14 19:02:28 -05:00
exit ();
2006-10-25 18:55:05 -04:00
break ;
2007-12-10 15:42:03 -05:00
2006-10-25 18:55:05 -04:00
default :
2007-12-10 15:42:03 -05:00
wp_die ( __ ( 'Unknown action.' ) );
2006-10-25 18:55:05 -04:00
break ;
2007-12-10 15:42:03 -05:00
2006-10-25 18:55:05 -04:00
} // end switch
include ( 'admin-footer.php' );
2008-08-11 16:26:31 -04:00
?>