Moderation confirmation from Ryan, some other template and comment editing improvements.

git-svn-id: http://svn.automattic.com/wordpress/trunk@2165 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
saxmatt 2005-01-31 04:22:01 +00:00
parent 43a237c41c
commit f95c9db9b7
5 changed files with 64 additions and 35 deletions

View File

@ -1,13 +1,12 @@
<?php <?php
$submitbutton_text = __('Edit Comment &raquo;'); $submitbutton_text = __('Edit Comment &raquo;');
$toprow_title = sprintf(__('Editing Comment # %s'), $commentdata['comment_ID']); $toprow_title = sprintf(__('Editing Comment # %s'), $commentdata['comment_ID']);
$form_action = 'editedcomment'; $form_action = 'editedcomment';
$form_extra = "' />\n<input type='hidden' name='comment_ID' value='$comment' />\n<input type='hidden' name='comment_post_ID' value='".$commentdata["comment_post_ID"]; $form_extra = "' />\n<input type='hidden' name='comment_ID' value='$comment' />\n<input type='hidden' name='comment_post_ID' value='".$commentdata["comment_post_ID"];
?> ?>
<div class="wrap">
<form name="post" action="post.php" method="post" id="post"> <form name="post" action="post.php" method="post" id="post">
<div class="wrap">
<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" /> <input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
<input type="hidden" name="action" value='<?php echo $form_action . $form_extra ?>' /> <input type="hidden" name="action" value='<?php echo $form_action . $form_extra ?>' />
@ -59,17 +58,32 @@ edCanvas = document.getElementById('content');
<input name="referredby" type="hidden" id="referredby" value="<?php echo $_SERVER['HTTP_REFERER']; ?>" /> <input name="referredby" type="hidden" id="referredby" value="<?php echo $_SERVER['HTTP_REFERER']; ?>" />
</p> </p>
</div>
<?php <div class="wrap">
<h2><?php _e('Advanced'); ?></h2>
<table width="100%" cellspacing="2" cellpadding="5" class="editform">
<tr>
<th scope="row" valign="top"><?php _e('Comment Status') ?>:</th>
<td><label for="comment_status_approved" class="selectit"><input id="comment_status_approved" name="comment_status" type="radio" value="1" <?php checked($comment_status, '1'); ?> /> <?php _e('Approved') ?></label><br />
<label for="comment_status_moderated" class="selectit"><input id="comment_status_moderated" name="comment_status" type="radio" value="0" <?php checked($comment_status, '0'); ?> /> <?php _e('Moderated') ?></label><br />
<label for="comment_status_spam" class="selectit"><input id="comment_status_spam" name="comment_status" type="radio" value="spam" <?php checked($comment_status, 'spam'); ?> /> <?php _e('Spam') ?></label></td>
</tr>
// if the level is 5+, allow user to edit the timestamp - not on 'new post' screen though <?php if ($user_level > 4) : ?>
// if (($user_level > 4) && ($action != "post")) <tr>
if ($user_level > 4) { <th scope="row"><?php _e('Edit time'); ?>:</th>
touch_time(($action == 'edit')); <td><?php touch_time(($action == 'edit')); ?></td>
} </tr>
?> <?php endif; ?>
<tr>
<th scope="row"><?php _e('Delete'); ?>:</th>
<td><p><a class="delete" href="post.php?action=confirmdeletecomment&amp;noredir=true&amp;comment=<?php echo $commentdata['comment_ID']; ?>&amp;p=<?php echo $commentdata['comment_post_ID']; ?>"><?php _e('Delete comment') ?></a></p></td>
</tr>
</table>
</div>
</form> </form>
<p><a class="delete" href="post.php?action=confirmdeletecomment&amp;noredir=true&amp;comment=<?php echo $commentdata['comment_ID']; ?>&amp;p=<?php echo $commentdata['comment_post_ID']; ?>"><?php _e('Delete comment') ?></a></p>
</div>

View File

@ -429,6 +429,8 @@ case 'editcomment':
$content = $commentdata['comment_content']; $content = $commentdata['comment_content'];
$content = format_to_edit($content); $content = format_to_edit($content);
$content = apply_filters('comment_edit_pre', $content); $content = apply_filters('comment_edit_pre', $content);
$comment_status = $commentdata['comment_approved'];
include('edit-form-comment.php'); include('edit-form-comment.php');
@ -585,6 +587,7 @@ case 'editedcomment':
$newcomment_author = $_POST['newcomment_author']; $newcomment_author = $_POST['newcomment_author'];
$newcomment_author_email = $_POST['newcomment_author_email']; $newcomment_author_email = $_POST['newcomment_author_email'];
$newcomment_author_url = $_POST['newcomment_author_url']; $newcomment_author_url = $_POST['newcomment_author_url'];
$comment_status = $_POST['comment_status'];
if (!user_can_edit_post_comments($user_ID, $comment_post_ID)) { if (!user_can_edit_post_comments($user_ID, $comment_post_ID)) {
die('You are not allowed to edit comments on this post, so you cannot edit this comment.'); die('You are not allowed to edit comments on this post, so you cannot edit this comment.');
@ -612,6 +615,7 @@ case 'editedcomment':
comment_content = '$content', comment_content = '$content',
comment_author = '$newcomment_author', comment_author = '$newcomment_author',
comment_author_email = '$newcomment_author_email', comment_author_email = '$newcomment_author_email',
comment_approved = '$comment_status',
comment_author_url = '$newcomment_author_url'".$datemodif." comment_author_url = '$newcomment_author_url'".$datemodif."
WHERE comment_ID = $comment_ID" WHERE comment_ID = $comment_ID"
); );

View File

@ -27,8 +27,14 @@
<?php foreach ($comments as $comment) : ?> <?php foreach ($comments as $comment) : ?>
<li class="<?php echo $oddcomment; ?>" id="comment-<?php comment_ID() ?>"> <li class="<?php echo $oddcomment; ?>" id="comment-<?php comment_ID() ?>">
<cite><?php comment_author_link() ?></cite> Says:<br /> <cite><?php comment_author_link() ?></cite> Says:
<!--<small class="commentmetadata"><a href="#comment-<?php comment_ID() ?>" title="<?php comment_date('l, F jS, Y') ?> at <?php comment_time() ?>"><?php /* $entry_datetime = abs(strtotime($post->post_date)); $comment_datetime = abs(strtotime($comment->comment_date)); echo time_since($entry_datetime, $comment_datetime) */ ?></a> after publication. <?php edit_comment_link('e','',''); ?></small>--> <?php if ($comment->comment_approved == '0') : ?>
<em>Your comment is awaiting moderation.</em>
<?php endif; ?>
<br />
<small class="commentmetadata"><a href="#comment-<?php comment_ID() ?>" title=""><?php comment_date('F jS, Y') ?> at <?php comment_time() ?></a> <?php edit_comment_link('e','',''); ?></small> <small class="commentmetadata"><a href="#comment-<?php comment_ID() ?>" title=""><?php comment_date('F jS, Y') ?> at <?php comment_time() ?></a> <?php edit_comment_link('e','',''); ?></small>
<?php comment_text() ?> <?php comment_text() ?>

View File

@ -7,10 +7,16 @@ function comments_template() {
if ( is_single() || is_page() || $withcomments ) : if ( is_single() || is_page() || $withcomments ) :
$req = get_settings('require_name_email'); $req = get_settings('require_name_email');
$comment_author = isset($_COOKIE['comment_author_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_'.COOKIEHASH])) : ''; $comment_author = isset($_COOKIE['comment_author_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_'.COOKIEHASH])) : '';
$comment_author_email = isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_email_'.COOKIEHASH])) : ''; $comment_author_email = isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_email_'.COOKIEHASH])) : '';
$comment_author_url = isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_url_'.COOKIEHASH])) : ''; $comment_author_url = isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_url_'.COOKIEHASH])) : '';
if ( empty($comment_author) ) {
$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND comment_approved = '1' ORDER BY comment_date"); $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND comment_approved = '1' ORDER BY comment_date");
} else {
$author_db = addslashes($comment_author);
$email_db = addslashes($comment_author_email);
$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND ( comment_approved = '1' OR ( comment_author = '$author_db' AND comment_author_email = '$email_db' AND comment_approved = '0' ) ) ORDER BY comment_date");
}
if ( file_exists( TEMPLATEPATH . '/comments.php') ) if ( file_exists( TEMPLATEPATH . '/comments.php') )
require( TEMPLATEPATH . '/comments.php'); require( TEMPLATEPATH . '/comments.php');
@ -661,7 +667,7 @@ function wp_notify_postauthor($comment_id, $comment_type='') {
$subject = '[' . $blogname . '] Pingback: "' .$post->post_title.'"'; $subject = '[' . $blogname . '] Pingback: "' .$post->post_title.'"';
} }
$notify_message .= get_permalink($comment->comment_post_ID) . '#comments'; $notify_message .= get_permalink($comment->comment_post_ID) . '#comments';
$notify_message .= "\r\n\r\nTo delete this comment, visit: " . get_settings('siteurl') . "/wp-admin/post.php?action=confirmdeletecomment&p=".$comment->comment_post_ID."&comment=$comment_id"; $notify_message .= "\r\n\r\nTo delete this comment:\r\n" . get_settings('siteurl') . "/wp-admin/post.php?action=confirmdeletecomment&p=".$comment->comment_post_ID."&comment=$comment_id";
if ('' == $comment->comment_author_email || '' == $comment->comment_author) { if ('' == $comment->comment_author_email || '' == $comment->comment_author) {
$from = "From: \"$blogname\" <wordpress@" . $_SERVER['SERVER_NAME'] . '>'; $from = "From: \"$blogname\" <wordpress@" . $_SERVER['SERVER_NAME'] . '>';
@ -732,25 +738,6 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $
if ( (count(explode('http:', $comment)) - 1) >= get_settings('comment_max_links') ) if ( (count(explode('http:', $comment)) - 1) >= get_settings('comment_max_links') )
return false; // Check # of external links return false; // Check # of external links
// Comment whitelisting:
if ( 1 == get_settings('comment_whitelist')) {
if ( 'trackback' == $comment_type || 'pingback' == $comment_type ) { // check if domain is in blogroll
$uri = parse_url($url);
$domain = $uri['host'];
$in_blogroll = $wpdb->get_var("SELECT link_id FROM $wpdb->links WHERE link_url LIKE ('%$domain%') LIMIT 1");
if ( $in_blogroll )
return true;
} elseif( $author != '' && $email != '' ) {
$ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' ");
if ( 1 == $ok_to_comment && false === strpos( $email, get_settings('moderation_keys')) )
return true;
else
return false;
} else {
return false;
}
}
$mod_keys = trim( get_settings('moderation_keys') ); $mod_keys = trim( get_settings('moderation_keys') );
if ('' == $mod_keys ) if ('' == $mod_keys )
return true; // If moderation keys are empty return true; // If moderation keys are empty
@ -775,6 +762,24 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $
if ( preg_match($pattern, $user_agent) ) return false; if ( preg_match($pattern, $user_agent) ) return false;
} }
// Comment whitelisting:
if ( 1 == get_settings('comment_whitelist')) {
if ( 'trackback' == $comment_type || 'pingback' == $comment_type ) { // check if domain is in blogroll
$uri = parse_url($url);
$domain = $uri['host'];
if ( $wpdb->get_var("SELECT link_id FROM $wpdb->links WHERE link_url LIKE ('%$domain%') LIMIT 1") )
return true;
} elseif( $author != '' && $email != '' ) {
$ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' ");
if ( 1 == $ok_to_comment && false === strpos( $email, get_settings('moderation_keys')) )
return true;
else
return false;
} else {
return false;
}
}
return true; return true;
} }

View File

@ -43,7 +43,7 @@ add_filter('the_content', 'trim');
<title><?php the_title_rss() ?></title> <title><?php the_title_rss() ?></title>
<link><?php permalink_single_rss() ?></link> <link><?php permalink_single_rss() ?></link>
<dc:date><?php echo mysql2date('Y-m-d\TH:i:s\Z', $post->post_date_gmt); ?></dc:date> <dc:date><?php echo mysql2date('Y-m-d\TH:i:s\Z', $post->post_date_gmt); ?></dc:date>
<dc:creator><?php the_author() ?> (mailto:<?php the_author_email() ?>)</dc:creator> <dc:creator><?php the_author() ?></dc:creator>
<?php the_category_rss('rdf') ?> <?php the_category_rss('rdf') ?>
<?php if (get_settings('rss_use_excerpt')) : ?> <?php if (get_settings('rss_use_excerpt')) : ?>
<description><?php the_excerpt_rss() ?></description> <description><?php the_excerpt_rss() ?></description>