From f95c9db9b7d8f991a96fc0c37324a9f54b2c8af2 Mon Sep 17 00:00:00 2001 From: saxmatt Date: Mon, 31 Jan 2005 04:22:01 +0000 Subject: [PATCH] Moderation confirmation from Ryan, some other template and comment editing improvements. git-svn-id: http://svn.automattic.com/wordpress/trunk@2165 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/edit-form-comment.php | 36 ++++++++++++++------ wp-admin/post.php | 4 +++ wp-content/themes/default/comments.php | 10 ++++-- wp-includes/comment-functions.php | 47 ++++++++++++++------------ wp-rdf.php | 2 +- 5 files changed, 64 insertions(+), 35 deletions(-) diff --git a/wp-admin/edit-form-comment.php b/wp-admin/edit-form-comment.php index 876b655c5b..db36f4467d 100644 --- a/wp-admin/edit-form-comment.php +++ b/wp-admin/edit-form-comment.php @@ -1,13 +1,12 @@ \n\n' /> @@ -59,17 +58,32 @@ edCanvas = document.getElementById('content');

+ - +

+ + + + + -// if the level is 5+, allow user to edit the timestamp - not on 'new post' screen though -// if (($user_level > 4) && ($action != "post")) -if ($user_level > 4) { - touch_time(($action == 'edit')); -} -?> + 4) : ?> + + + + + + + + + + +
:
+
+
:
:

+ + -

- diff --git a/wp-admin/post.php b/wp-admin/post.php index 3742271969..c0753539cb 100644 --- a/wp-admin/post.php +++ b/wp-admin/post.php @@ -429,6 +429,8 @@ case 'editcomment': $content = $commentdata['comment_content']; $content = format_to_edit($content); $content = apply_filters('comment_edit_pre', $content); + + $comment_status = $commentdata['comment_approved']; include('edit-form-comment.php'); @@ -585,6 +587,7 @@ case 'editedcomment': $newcomment_author = $_POST['newcomment_author']; $newcomment_author_email = $_POST['newcomment_author_email']; $newcomment_author_url = $_POST['newcomment_author_url']; + $comment_status = $_POST['comment_status']; if (!user_can_edit_post_comments($user_ID, $comment_post_ID)) { die('You are not allowed to edit comments on this post, so you cannot edit this comment.'); @@ -612,6 +615,7 @@ case 'editedcomment': comment_content = '$content', comment_author = '$newcomment_author', comment_author_email = '$newcomment_author_email', + comment_approved = '$comment_status', comment_author_url = '$newcomment_author_url'".$datemodif." WHERE comment_ID = $comment_ID" ); diff --git a/wp-content/themes/default/comments.php b/wp-content/themes/default/comments.php index e48ea9b9d7..435e334f98 100644 --- a/wp-content/themes/default/comments.php +++ b/wp-content/themes/default/comments.php @@ -27,8 +27,14 @@
  • - Says:
    - + Says: + comment_approved == '0') : ?> + Your comment is awaiting moderation. + +
    + + + at diff --git a/wp-includes/comment-functions.php b/wp-includes/comment-functions.php index 8e984ecad4..662d45b11e 100644 --- a/wp-includes/comment-functions.php +++ b/wp-includes/comment-functions.php @@ -7,10 +7,16 @@ function comments_template() { if ( is_single() || is_page() || $withcomments ) : $req = get_settings('require_name_email'); - $comment_author = isset($_COOKIE['comment_author_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_'.COOKIEHASH])) : ''; + $comment_author = isset($_COOKIE['comment_author_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_'.COOKIEHASH])) : ''; $comment_author_email = isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_email_'.COOKIEHASH])) : ''; $comment_author_url = isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_url_'.COOKIEHASH])) : ''; + if ( empty($comment_author) ) { $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND comment_approved = '1' ORDER BY comment_date"); + } else { + $author_db = addslashes($comment_author); + $email_db = addslashes($comment_author_email); + $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND ( comment_approved = '1' OR ( comment_author = '$author_db' AND comment_author_email = '$email_db' AND comment_approved = '0' ) ) ORDER BY comment_date"); + } if ( file_exists( TEMPLATEPATH . '/comments.php') ) require( TEMPLATEPATH . '/comments.php'); @@ -661,7 +667,7 @@ function wp_notify_postauthor($comment_id, $comment_type='') { $subject = '[' . $blogname . '] Pingback: "' .$post->post_title.'"'; } $notify_message .= get_permalink($comment->comment_post_ID) . '#comments'; - $notify_message .= "\r\n\r\nTo delete this comment, visit: " . get_settings('siteurl') . "/wp-admin/post.php?action=confirmdeletecomment&p=".$comment->comment_post_ID."&comment=$comment_id"; + $notify_message .= "\r\n\r\nTo delete this comment:\r\n" . get_settings('siteurl') . "/wp-admin/post.php?action=confirmdeletecomment&p=".$comment->comment_post_ID."&comment=$comment_id"; if ('' == $comment->comment_author_email || '' == $comment->comment_author) { $from = "From: \"$blogname\" '; @@ -732,25 +738,6 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $ if ( (count(explode('http:', $comment)) - 1) >= get_settings('comment_max_links') ) return false; // Check # of external links - // Comment whitelisting: - if ( 1 == get_settings('comment_whitelist')) { - if ( 'trackback' == $comment_type || 'pingback' == $comment_type ) { // check if domain is in blogroll - $uri = parse_url($url); - $domain = $uri['host']; - $in_blogroll = $wpdb->get_var("SELECT link_id FROM $wpdb->links WHERE link_url LIKE ('%$domain%') LIMIT 1"); - if ( $in_blogroll ) - return true; - } elseif( $author != '' && $email != '' ) { - $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' "); - if ( 1 == $ok_to_comment && false === strpos( $email, get_settings('moderation_keys')) ) - return true; - else - return false; - } else { - return false; - } - } - $mod_keys = trim( get_settings('moderation_keys') ); if ('' == $mod_keys ) return true; // If moderation keys are empty @@ -775,6 +762,24 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $ if ( preg_match($pattern, $user_agent) ) return false; } + // Comment whitelisting: + if ( 1 == get_settings('comment_whitelist')) { + if ( 'trackback' == $comment_type || 'pingback' == $comment_type ) { // check if domain is in blogroll + $uri = parse_url($url); + $domain = $uri['host']; + if ( $wpdb->get_var("SELECT link_id FROM $wpdb->links WHERE link_url LIKE ('%$domain%') LIMIT 1") ) + return true; + } elseif( $author != '' && $email != '' ) { + $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' "); + if ( 1 == $ok_to_comment && false === strpos( $email, get_settings('moderation_keys')) ) + return true; + else + return false; + } else { + return false; + } + } + return true; } diff --git a/wp-rdf.php b/wp-rdf.php index 11cbfc6e4c..bf24886487 100644 --- a/wp-rdf.php +++ b/wp-rdf.php @@ -43,7 +43,7 @@ add_filter('the_content', 'trim'); <?php the_title_rss() ?> post_date_gmt); ?> - (mailto:) +