2006-10-25 18:55:05 -04:00
< ? php
2008-08-11 16:26:31 -04:00
/**
2011-04-28 11:24:49 -04:00
* Comment Management Screen
2008-08-11 16:26:31 -04:00
*
* @ package WordPress
* @ subpackage Administration
*/
/** Load WordPress Bootstrap */
2020-02-06 01:33:11 -05:00
require_once __DIR__ . '/admin.php' ;
2006-10-25 18:55:05 -04:00
2017-11-30 18:11:00 -05:00
$parent_file = 'edit-comments.php' ;
2006-10-25 18:55:05 -04:00
$submenu_file = 'edit-comments.php' ;
2015-05-28 17:41:30 -04:00
/**
* @ global string $action
*/
2015-01-10 15:42:24 -05:00
global $action ;
2017-11-30 18:11:00 -05:00
wp_reset_vars ( array ( 'action' ) );
2006-10-25 18:55:05 -04:00
2017-11-30 18:11:00 -05:00
if ( isset ( $_POST [ 'deletecomment' ] ) ) {
2006-10-25 18:55:05 -04:00
$action = 'deletecomment' ;
2017-11-30 18:11:00 -05:00
}
2006-10-25 18:55:05 -04:00
2020-05-12 14:32:08 -04:00
if ( 'cdc' === $action ) {
2009-12-15 05:55:55 -05:00
$action = 'delete' ;
2020-05-12 14:32:08 -04:00
} elseif ( 'mac' === $action ) {
2009-12-15 05:55:55 -05:00
$action = 'approve' ;
2017-11-30 18:11:00 -05:00
}
2009-12-15 05:55:55 -05:00
if ( isset ( $_GET [ 'dt' ] ) ) {
2020-05-12 14:32:08 -04:00
if ( 'spam' === $_GET [ 'dt' ] ) {
2009-12-15 05:55:55 -05:00
$action = 'spam' ;
2020-05-12 14:32:08 -04:00
} elseif ( 'trash' === $_GET [ 'dt' ] ) {
2009-12-15 05:55:55 -05:00
$action = 'trash' ;
2017-11-30 18:11:00 -05:00
}
2009-12-15 05:55:55 -05:00
}
2020-09-08 09:41:08 -04:00
if ( isset ( $_REQUEST [ 'c' ] ) ) {
$comment_id = absint ( $_REQUEST [ 'c' ] );
$comment = get_comment ( $comment_id );
// Prevent actions on a comment associated with a trashed post.
if ( $comment && 'trash' === get_post_status ( $comment -> comment_post_ID ) ) {
wp_die (
Administration: Replace contracted verb forms for better consistency.
This changeset replaces contracted verb forms like `doesn't`, `can't`, or `isn't` with non-contracted forms like `does not`, `cannot`, or `is not`, for better consistency across the WordPress administration. It also updates some corresponding unit tests strings.
Props Presskopp, socalchristina, aandrewdixon, francina, SergeyBiryukov, JeffPaul, audrasjb, hellofromTonya.
Fixes #38913.
See #39176.
Built from https://develop.svn.wordpress.org/trunk@52978
git-svn-id: http://core.svn.wordpress.org/trunk@52567 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-22 12:25:03 -04:00
__ ( 'You cannot edit this comment because the associated post is in the Trash. Please restore the post first, then try again.' )
2020-09-08 09:41:08 -04:00
);
}
} else {
$comment = null ;
Comments: Don't display edit links to trashed post comments.
If a post is in the trash, the comments bubble won't link to the comments list.
Fixes: #37826.
Props: swissspidy, helen, FolioVision, DrewAPicture, stevenlinx, donmhico, birgire, garrett-eclipse, andraganescu, johnbillion.
Built from https://develop.svn.wordpress.org/trunk@48050
git-svn-id: http://core.svn.wordpress.org/trunk@47817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-15 19:06:08 -04:00
}
2017-11-30 18:11:00 -05:00
switch ( $action ) {
2011-11-02 16:54:56 -04:00
2017-11-30 18:11:00 -05:00
case 'editcomment' :
2021-07-22 09:53:00 -04:00
// Used in the HTML title tag.
2017-11-30 18:11:00 -05:00
$title = __ ( 'Edit Comment' );
get_current_screen () -> add_help_tab (
array (
'id' => 'overview' ,
'title' => __ ( 'Overview' ),
'content' =>
2019-07-05 01:21:56 -04:00
'<p>' . __ ( 'You can edit the information left in a comment if needed. This is often useful when you notice that a commenter has made a typographical error.' ) . '</p>' .
'<p>' . __ ( 'You can also moderate the comment from this screen using the Status box, where you can also change the timestamp of the comment.' ) . '</p>' ,
2017-11-30 18:11:00 -05:00
)
);
2010-05-27 19:45:45 -04:00
2017-11-30 18:11:00 -05:00
get_current_screen () -> set_help_sidebar (
'<p><strong>' . __ ( 'For more information:' ) . '</strong></p>' .
2023-02-23 05:38:21 -05:00
'<p>' . __ ( '<a href="https://wordpress.org/documentation/article/comments-screen/">Documentation on Comments</a>' ) . '</p>' .
'<p>' . __ ( '<a href="https://wordpress.org/support/forums/">Support forums</a>' ) . '</p>'
2017-11-30 18:11:00 -05:00
);
2006-10-25 18:55:05 -04:00
2017-11-30 18:11:00 -05:00
wp_enqueue_script ( 'comment' );
2020-02-06 01:33:11 -05:00
require_once ABSPATH . 'wp-admin/admin-header.php' ;
2006-10-25 18:55:05 -04:00
2019-07-01 08:52:01 -04:00
if ( ! $comment ) {
2017-11-30 18:11:00 -05:00
comment_footer_die ( __ ( 'Invalid comment ID.' ) . sprintf ( ' <a href="%s">' . __ ( 'Go back' ) . '</a>.' , 'javascript:history.go(-1)' ) );
}
2006-10-25 18:55:05 -04:00
2017-11-30 18:11:00 -05:00
if ( ! current_user_can ( 'edit_comment' , $comment_id ) ) {
comment_footer_die ( __ ( 'Sorry, you are not allowed to edit this comment.' ) );
}
2009-09-14 10:03:32 -04:00
2020-05-12 14:32:08 -04:00
if ( 'trash' === $comment -> comment_approved ) {
2017-11-30 18:11:00 -05:00
comment_footer_die ( __ ( 'This comment is in the Trash. Please move it out of the Trash if you want to edit it.' ) );
}
2006-10-25 18:55:05 -04:00
2017-11-30 18:11:00 -05:00
$comment = get_comment_to_edit ( $comment_id );
2006-10-25 18:55:05 -04:00
2020-02-06 01:33:11 -05:00
require ABSPATH . 'wp-admin/edit-form-comment.php' ;
2006-10-25 18:55:05 -04:00
2017-11-30 18:11:00 -05:00
break ;
2006-10-25 18:55:05 -04:00
2017-11-30 18:11:00 -05:00
case 'delete' :
case 'approve' :
case 'trash' :
case 'spam' :
2021-07-22 09:53:00 -04:00
// Used in the HTML title tag.
2017-11-30 18:11:00 -05:00
$title = __ ( 'Moderate Comment' );
2010-09-26 05:37:25 -04:00
2019-07-01 08:52:01 -04:00
if ( ! $comment ) {
2017-11-30 18:11:00 -05:00
wp_redirect ( admin_url ( 'edit-comments.php?error=1' ) );
die ();
}
2010-02-20 06:18:25 -05:00
2017-11-30 18:11:00 -05:00
if ( ! current_user_can ( 'edit_comment' , $comment -> comment_ID ) ) {
wp_redirect ( admin_url ( 'edit-comments.php?error=2' ) );
die ();
}
2010-02-20 06:18:25 -05:00
2017-11-30 18:11:00 -05:00
// No need to re-approve/re-trash/re-spam a comment.
2020-05-12 14:32:08 -04:00
if ( str_replace ( '1' , 'approve' , $comment -> comment_approved ) === $action ) {
2017-11-30 18:11:00 -05:00
wp_redirect ( admin_url ( 'edit-comments.php?same=' . $comment_id ) );
die ();
}
2010-02-20 06:48:38 -05:00
2020-02-06 01:33:11 -05:00
require_once ABSPATH . 'wp-admin/admin-header.php' ;
2006-10-25 18:55:05 -04:00
2017-11-30 18:11:00 -05:00
$formaction = $action . 'comment' ;
2020-05-12 14:32:08 -04:00
$nonce_action = ( 'approve' === $action ) ? 'approve-comment_' : 'delete-comment_' ;
2017-11-30 18:11:00 -05:00
$nonce_action .= $comment_id ;
2006-10-25 18:55:05 -04:00
2018-08-16 21:51:36 -04:00
?>
2017-11-30 18:11:00 -05:00
< div class = " wrap " >
2006-10-25 18:55:05 -04:00
2017-11-30 18:11:00 -05:00
< h1 >< ? php echo esc_html ( $title ); ?> </h1>
2010-02-20 06:18:25 -05:00
2018-08-16 21:51:36 -04:00
< ? php
switch ( $action ) {
case 'spam' :
$caution_msg = __ ( 'You are about to mark the following comment as spam:' );
2020-07-06 17:52:21 -04:00
$button = _x ( 'Mark as spam' , 'comment' );
2018-08-16 21:51:36 -04:00
break ;
case 'trash' :
$caution_msg = __ ( 'You are about to move the following comment to the Trash:' );
2020-07-23 20:21:03 -04:00
$button = __ ( 'Move to Trash' );
2018-08-16 21:51:36 -04:00
break ;
case 'delete' :
$caution_msg = __ ( 'You are about to delete the following comment:' );
2020-07-06 17:52:21 -04:00
$button = __ ( 'Permanently delete comment' );
2018-08-16 21:51:36 -04:00
break ;
default :
$caution_msg = __ ( 'You are about to approve the following comment:' );
2020-07-06 17:52:21 -04:00
$button = __ ( 'Approve comment' );
2018-08-16 21:51:36 -04:00
break ;
}
2007-12-10 15:42:03 -05:00
2020-05-12 14:32:08 -04:00
if ( '0' !== $comment -> comment_approved ) { // If not unapproved.
2018-08-16 21:51:36 -04:00
$message = '' ;
switch ( $comment -> comment_approved ) {
case '1' :
$message = __ ( 'This comment is currently approved.' );
break ;
case 'spam' :
$message = __ ( 'This comment is currently marked as spam.' );
break ;
case 'trash' :
$message = __ ( 'This comment is currently in the Trash.' );
break ;
}
if ( $message ) {
echo '<div id="message" class="notice notice-info"><p>' . $message . '</p></div>' ;
}
}
?>
2016-02-19 14:14:26 -05:00
< div id = " message " class = " notice notice-warning " >< p >< strong >< ? php _e ( 'Caution:' ); ?> </strong> <?php echo $caution_msg; ?></p></div>
2006-10-25 18:55:05 -04:00
2009-12-15 05:55:55 -05:00
< table class = " form-table comment-ays " >
2015-03-06 09:06:24 -05:00
< tr >
2021-06-17 10:49:58 -04:00
< th scope = " row " >< ? php _e ( 'Author' ); ?> </th>
< td >< ? php comment_author ( $comment ); ?> </td>
2006-10-25 18:55:05 -04:00
</ tr >
2018-08-16 21:51:36 -04:00
< ? php if ( get_comment_author_email ( $comment ) ) { ?>
2006-10-25 18:55:05 -04:00
< tr >
2021-06-17 10:49:58 -04:00
< th scope = " row " >< ? php _e ( 'Email' ); ?> </th>
< td >< ? php comment_author_email ( $comment ); ?> </td>
2006-10-25 18:55:05 -04:00
</ tr >
< ? php } ?>
2018-08-16 21:51:36 -04:00
< ? php if ( get_comment_author_url ( $comment ) ) { ?>
2006-10-25 18:55:05 -04:00
< tr >
2021-06-17 10:49:58 -04:00
< th scope = " row " >< ? php _e ( 'URL' ); ?> </th>
< td >< a href = " <?php comment_author_url( $comment ); ?> " >< ? php comment_author_url ( $comment ); ?> </a></td>
2006-10-25 18:55:05 -04:00
</ tr >
< ? php } ?>
2015-03-06 09:06:24 -05:00
< tr >
2020-07-06 17:52:21 -04:00
< th scope = " row " >< ? php /* translators: Column name or table row header. */ _e ( 'In response to' ); ?> </th>
2015-03-06 09:06:24 -05:00
< td >
2018-08-16 21:51:36 -04:00
< ? php
2015-03-06 09:06:24 -05:00
$post_id = $comment -> comment_post_ID ;
2018-08-16 21:51:36 -04:00
if ( current_user_can ( 'edit_post' , $post_id ) ) {
$post_link = " <a href=' " . esc_url ( get_edit_post_link ( $post_id ) ) . " '> " ;
$post_link .= esc_html ( get_the_title ( $post_id ) ) . '</a>' ;
} else {
$post_link = esc_html ( get_the_title ( $post_id ) );
}
2015-03-06 09:06:24 -05:00
echo $post_link ;
2018-08-16 21:51:36 -04:00
if ( $comment -> comment_parent ) {
$parent = get_comment ( $comment -> comment_parent );
$parent_link = esc_url ( get_comment_link ( $parent ) );
$name = get_comment_author ( $parent );
printf (
2019-09-02 20:41:05 -04:00
/* translators: %s: Comment link. */
2018-08-16 21:51:36 -04:00
' | ' . __ ( 'In reply to %s.' ),
'<a href="' . $parent_link . '">' . $name . '</a>'
);
}
?>
2015-03-06 09:06:24 -05:00
</ td >
2021-06-17 10:49:58 -04:00
</ tr >
< tr >
2015-03-06 09:06:24 -05:00
< th scope = " row " >< ? php _e ( 'Submitted on' ); ?> </th>
< td >
2018-08-16 21:51:36 -04:00
< ? php
2017-11-30 18:11:00 -05:00
$submitted = sprintf (
2019-09-02 20:41:05 -04:00
/* translators: 1: Comment date, 2: Comment time. */
2017-11-30 18:11:00 -05:00
__ ( '%1$s at %2$s' ),
2020-09-18 06:37:08 -04:00
/* translators: Comment date format. See https://www.php.net/manual/datetime.format.php */
2016-02-19 14:14:26 -05:00
get_comment_date ( __ ( 'Y/m/d' ), $comment ),
2020-09-18 06:37:08 -04:00
/* translators: Comment time format. See https://www.php.net/manual/datetime.format.php */
2016-02-19 14:14:26 -05:00
get_comment_date ( __ ( 'g:i a' ), $comment )
);
2018-08-16 21:51:36 -04:00
if ( 'approved' === wp_get_comment_status ( $comment ) && ! empty ( $comment -> comment_post_ID ) ) {
echo '<a href="' . esc_url ( get_comment_link ( $comment ) ) . '">' . $submitted . '</a>' ;
} else {
echo $submitted ;
}
2017-11-30 18:11:00 -05:00
?>
2021-06-17 10:49:58 -04:00
</ td >
</ tr >
< tr >
2019-09-02 20:41:05 -04:00
< th scope = " row " >< ? php /* translators: Field name in comment form. */ _ex ( 'Comment' , 'noun' ); ?> </th>
2017-11-30 18:11:00 -05:00
< td class = " comment-content " >
2018-08-16 21:51:36 -04:00
< ? php comment_text ( $comment ); ?>
2021-06-17 10:49:58 -04:00
< p class = " edit-comment " >
< a href = " <?php echo esc_url( admin_url( " comment . php ? action = editcomment & c = { $comment -> comment_ID } " ) ); ?> " >< ? php esc_html_e ( 'Edit' ); ?> </a>
</ p >
2017-11-30 18:11:00 -05:00
</ td >
2021-06-17 10:49:58 -04:00
</ tr >
</ table >
2009-12-15 05:55:55 -05:00
2021-06-17 10:49:58 -04:00
< form action = " comment.php " method = " get " class = " comment-ays-submit " >
2017-11-30 18:11:00 -05:00
< p >
2018-08-16 21:51:36 -04:00
< ? php submit_button ( $button , 'primary' , 'submit' , false ); ?>
2021-06-17 10:49:58 -04:00
< a href = " <?php echo esc_url( admin_url( 'edit-comments.php' ) ); ?> " class = " button-cancel " >< ? php esc_html_e ( 'Cancel' ); ?> </a>
2017-11-30 18:11:00 -05:00
</ p >
2009-12-15 05:55:55 -05:00
2018-08-16 21:51:36 -04:00
< ? php wp_nonce_field ( $nonce_action ); ?>
2017-11-30 18:11:00 -05:00
< input type = " hidden " name = " action " value = " <?php echo esc_attr( $formaction ); ?> " />
< input type = " hidden " name = " c " value = " <?php echo esc_attr( $comment->comment_ID ); ?> " />
< input type = " hidden " name = " noredir " value = " 1 " />
2021-06-17 10:49:58 -04:00
</ form >
2009-12-15 05:55:55 -05:00
2021-06-17 10:49:58 -04:00
</ div >
2018-08-16 21:51:36 -04:00
< ? php
2017-11-30 18:11:00 -05:00
break ;
case 'deletecomment' :
case 'trashcomment' :
case 'untrashcomment' :
case 'spamcomment' :
case 'unspamcomment' :
case 'approvecomment' :
case 'unapprovecomment' :
$comment_id = absint ( $_REQUEST [ 'c' ] );
2020-04-04 23:02:11 -04:00
if ( in_array ( $action , array ( 'approvecomment' , 'unapprovecomment' ), true ) ) {
2017-11-30 18:11:00 -05:00
check_admin_referer ( 'approve-comment_' . $comment_id );
} else {
check_admin_referer ( 'delete-comment_' . $comment_id );
}
$noredir = isset ( $_REQUEST [ 'noredir' ] );
2009-09-14 10:03:32 -04:00
2019-07-01 08:52:01 -04:00
$comment = get_comment ( $comment_id );
if ( ! $comment ) {
2017-11-30 18:11:00 -05:00
comment_footer_die ( __ ( 'Invalid comment ID.' ) . sprintf ( ' <a href="%s">' . __ ( 'Go back' ) . '</a>.' , 'edit-comments.php' ) );
}
if ( ! current_user_can ( 'edit_comment' , $comment -> comment_ID ) ) {
comment_footer_die ( __ ( 'Sorry, you are not allowed to edit comments on this post.' ) );
}
Code Modernization: Replace usage of `strpos()` with `str_contains()`.
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).
WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [52039], [52040], [52326], [55703], [55710], [55987].
Props Soean, spacedmonkey, costdev, dingo_d, azaozz, mikeschroder, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes #58206.
Built from https://develop.svn.wordpress.org/trunk@55988
git-svn-id: http://core.svn.wordpress.org/trunk@55500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-22 10:36:26 -04:00
if ( wp_get_referer () && ! $noredir && ! str_contains ( wp_get_referer (), 'comment.php' ) ) {
2017-11-30 18:11:00 -05:00
$redir = wp_get_referer ();
2020-05-12 14:32:08 -04:00
} elseif ( wp_get_original_referer () && ! $noredir ) {
2017-11-30 18:11:00 -05:00
$redir = wp_get_original_referer ();
2020-04-04 23:02:11 -04:00
} elseif ( in_array ( $action , array ( 'approvecomment' , 'unapprovecomment' ), true ) ) {
2017-11-30 18:11:00 -05:00
$redir = admin_url ( 'edit-comments.php?p=' . absint ( $comment -> comment_post_ID ) );
} else {
$redir = admin_url ( 'edit-comments.php' );
}
$redir = remove_query_arg ( array ( 'spammed' , 'unspammed' , 'trashed' , 'untrashed' , 'deleted' , 'ids' , 'approved' , 'unapproved' ), $redir );
switch ( $action ) {
case 'deletecomment' :
wp_delete_comment ( $comment );
$redir = add_query_arg ( array ( 'deleted' => '1' ), $redir );
break ;
case 'trashcomment' :
wp_trash_comment ( $comment );
$redir = add_query_arg (
array (
'trashed' => '1' ,
'ids' => $comment_id ,
2018-08-16 21:51:36 -04:00
),
$redir
2017-11-30 18:11:00 -05:00
);
break ;
case 'untrashcomment' :
wp_untrash_comment ( $comment );
$redir = add_query_arg ( array ( 'untrashed' => '1' ), $redir );
break ;
case 'spamcomment' :
wp_spam_comment ( $comment );
$redir = add_query_arg (
array (
'spammed' => '1' ,
'ids' => $comment_id ,
2018-08-16 21:51:36 -04:00
),
$redir
2017-11-30 18:11:00 -05:00
);
break ;
case 'unspamcomment' :
wp_unspam_comment ( $comment );
$redir = add_query_arg ( array ( 'unspammed' => '1' ), $redir );
break ;
case 'approvecomment' :
wp_set_comment_status ( $comment , 'approve' );
$redir = add_query_arg ( array ( 'approved' => 1 ), $redir );
break ;
case 'unapprovecomment' :
wp_set_comment_status ( $comment , 'hold' );
$redir = add_query_arg ( array ( 'unapproved' => 1 ), $redir );
break ;
}
2009-07-30 09:39:34 -04:00
2017-11-30 18:11:00 -05:00
wp_redirect ( $redir );
die ;
2006-10-25 18:55:05 -04:00
2017-11-30 18:11:00 -05:00
case 'editedcomment' :
$comment_id = absint ( $_POST [ 'comment_ID' ] );
$comment_post_id = absint ( $_POST [ 'comment_post_ID' ] );
2006-10-25 18:55:05 -04:00
2017-11-30 18:11:00 -05:00
check_admin_referer ( 'update-comment_' . $comment_id );
2006-10-25 18:55:05 -04:00
2020-06-23 20:05:12 -04:00
$updated = edit_comment ();
if ( is_wp_error ( $updated ) ) {
wp_die ( $updated -> get_error_message () );
}
2006-10-25 18:55:05 -04:00
2017-11-30 18:11:00 -05:00
$location = ( empty ( $_POST [ 'referredby' ] ) ? " edit-comments.php?p= $comment_post_id " : $_POST [ 'referredby' ] ) . '#comment-' . $comment_id ;
2013-10-24 22:29:52 -04:00
2017-11-30 18:11:00 -05:00
/**
* Filters the URI the user is redirected to after editing a comment in the admin .
*
* @ since 2.1 . 0
*
* @ param string $location The URI the user will be redirected to .
* @ param int $comment_id The ID of the comment being edited .
*/
$location = apply_filters ( 'comment_edit_redirect' , $location , $comment_id );
2007-12-10 15:42:03 -05:00
2020-05-12 14:32:08 -04:00
wp_redirect ( $location );
exit ;
2007-12-10 15:42:03 -05:00
2017-11-30 18:11:00 -05:00
default :
wp_die ( __ ( 'Unknown action.' ) );
2007-12-10 15:42:03 -05:00
2020-01-28 19:45:18 -05:00
} // End switch.
2006-10-25 18:55:05 -04:00
2020-02-06 01:33:11 -05:00
require_once ABSPATH . 'wp-admin/admin-footer.php' ;