otaku42's comment moderation patches
git-svn-id: https://develop.svn.wordpress.org/trunk@546 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
22289a7f50
commit
9b94f75e32
@ -546,10 +546,14 @@ function get_postdata2($postid=0) { // less flexible, but saves DB queries
|
||||
return $postdata;
|
||||
}
|
||||
|
||||
function get_commentdata($comment_ID,$no_cache=0) { // less flexible, but saves DB queries
|
||||
function get_commentdata($comment_ID,$no_cache=0,$include_unapproved=false) { // less flexible, but saves DB queries
|
||||
global $postc,$id,$commentdata,$tablecomments,$querycount, $wpdb;
|
||||
if ($no_cache) {
|
||||
$myrow = $wpdb->get_row("SELECT * FROM $tablecomments WHERE comment_ID = $comment_ID", ARRAY_A);
|
||||
$query = "SELECT * FROM $tablecomments WHERE comment_ID = $comment_ID";
|
||||
if (false == $include_unapproved) {
|
||||
$query .= " AND comment_approved = '1'";
|
||||
}
|
||||
$myrow = $wpdb->get_row($query, ARRAY_A);
|
||||
++$querycount;
|
||||
} else {
|
||||
$myrow['comment_ID']=$postc->comment_ID;
|
||||
@ -1310,6 +1314,147 @@ function pingGeoURL($blog_ID) {
|
||||
getRemoteFile($host,$path);
|
||||
}
|
||||
|
||||
/* wp_set_comment_status:
|
||||
part of otaku42's comment moderation hack
|
||||
changes the status of a comment according to $comment_status.
|
||||
allowed values:
|
||||
hold : set comment_approve field to 0
|
||||
approve: set comment_approve field to 1
|
||||
delete : remove comment out of database
|
||||
|
||||
returns true if change could be applied
|
||||
returns false on database error or invalid value for $comment_status
|
||||
*/
|
||||
function wp_set_comment_status($comment_id, $comment_status) {
|
||||
global $wpdb, $tablecomments;
|
||||
|
||||
switch($comment_status) {
|
||||
case 'hold':
|
||||
$query = "UPDATE $tablecomments SET comment_approved='0' WHERE comment_ID='$comment_id' LIMIT 1";
|
||||
break;
|
||||
case 'approve':
|
||||
$query = "UPDATE $tablecomments SET comment_approved='1' WHERE comment_ID='$comment_id' LIMIT 1";
|
||||
break;
|
||||
case 'delete':
|
||||
$query = "DELETE FROM $tablecomments WHERE comment_ID='$comment_id' LIMIT 1";
|
||||
break;
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
|
||||
if ($wpdb->query($query)) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/* wp_get_comment_status
|
||||
part of otaku42's comment moderation hack
|
||||
gets the current status of a comment
|
||||
|
||||
returned values:
|
||||
"approved" : comment has been approved
|
||||
"unapproved": comment has not been approved
|
||||
"deleted ": comment not found in database
|
||||
|
||||
a (boolean) false signals an error
|
||||
*/
|
||||
function wp_get_comment_status($comment_id) {
|
||||
global $wpdb, $tablecomments;
|
||||
|
||||
$result = $wpdb->get_var("SELECT comment_approved FROM $tablecomments WHERE comment_ID='$comment_id' LIMIT 1");
|
||||
if ($result == NULL) {
|
||||
return "deleted";
|
||||
} else if ($result == "1") {
|
||||
return "approved";
|
||||
} else if ($result == "0") {
|
||||
return "unapproved";
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/* wp_notify_postauthor
|
||||
notifies the author of a post about a new comment
|
||||
needs the id of the new comment
|
||||
always returns true
|
||||
*/
|
||||
function wp_notify_postauthor($comment_id) {
|
||||
global $wpdb, $tablecomments, $tableposts, $tableusers;
|
||||
global $querystring_start, $querystring_equal, $querystring_separator;
|
||||
global $blogfilename, $blogname, $siteurl;
|
||||
|
||||
$comment = $wpdb->get_row("SELECT * FROM $tablecomments WHERE comment_ID='$comment_id' LIMIT 1");
|
||||
$post = $wpdb->get_row("SELECT * FROM $tableposts WHERE ID='$comment->comment_post_ID' LIMIT 1");
|
||||
$user = $wpdb->get_row("SELECT * FROM $tableusers WHERE ID='$post->post_author' LIMIT 1");
|
||||
|
||||
if ("" != $user->user_email) {
|
||||
$comment_author_domain = gethostbyaddr($comment->comment_author_IP);
|
||||
|
||||
$notify_message = "New comment on your post #$comment->comment_post_ID \"".stripslashes($post->post_title)."\"\r\n\r\n";
|
||||
$notify_message .= "Author : $comment->comment_author (IP: $comment->comment_author_IP , $comment_author_domain)\r\n";
|
||||
$notify_message .= "E-mail : $comment->comment_author_email\r\n";
|
||||
$notify_message .= "URL : $comment->comment_author_url\r\n";
|
||||
$notify_message .= "Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=$comment->comment_author_IP\r\n";
|
||||
$notify_message .= "Comment:\r\n".stripslashes($comment->comment_content)."\r\n\r\n";
|
||||
$notify_message .= "You can see all comments on this post here: \r\n";
|
||||
$notify_message .= $siteurl.'/'.$blogfilename.'?p='.$comment_post_ID.'&c=1#comments';
|
||||
|
||||
$subject = '[' . stripslashes($blogname) . '] Comment: "' .stripslashes($post->post_title).'"';
|
||||
if ('' != $comment->comment_author_email) {
|
||||
$from = "From: \"$comment->comment_author\" <$comment->comment_author_email>";
|
||||
} else {
|
||||
$from = 'From: "' . stripslashes($comment->comment_author) . "\" <$user->user_email>";
|
||||
}
|
||||
$from .= "\nX-Mailer: WordPress $b2_version with PHP/" . phpversion();
|
||||
|
||||
@mail($user->user_email, $subject, $notify_message, $from);
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/* wp_notify_moderator
|
||||
notifies the moderator of the blog (usually the admin)
|
||||
about a new comment that waits for approval
|
||||
always returns true
|
||||
*/
|
||||
function wp_notify_moderator($comment_id) {
|
||||
global $wpdb, $tablecomments, $tableposts, $tableusers;
|
||||
global $querystring_start, $querystring_equal, $querystring_separator;
|
||||
global $blogfilename, $blogname, $siteurl;
|
||||
|
||||
$comment = $wpdb->get_row("SELECT * FROM $tablecomments WHERE comment_ID='$comment_id' LIMIT 1");
|
||||
$post = $wpdb->get_row("SELECT * FROM $tableposts WHERE ID='$comment->comment_post_ID' LIMIT 1");
|
||||
$user = $wpdb->get_row("SELECT * FROM $tableusers WHERE ID='$post->post_author' LIMIT 1");
|
||||
|
||||
$comment_author_domain = gethostbyaddr($comment->comment_author_IP);
|
||||
$comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $tablecomments WHERE comment_approved = '0'");
|
||||
|
||||
$notify_message = "A new comment on the post #$comment->comment_post_ID \"".stripslashes($post->post_title)."\" is waiting for your approval\r\n\r\n";
|
||||
$notify_message .= "Author : $comment->comment_author (IP: $comment->comment_author_IP , $comment_author_domain)\r\n";
|
||||
$notify_message .= "E-mail : $comment->comment_author_email\r\n";
|
||||
$notify_message .= "URL : $comment->comment_author_url\r\n";
|
||||
$notify_message .= "Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=$comment->comment_author_IP\r\n";
|
||||
$notify_message .= "Comment:\r\n".stripslashes($comment->comment_content)."\r\n\r\n";
|
||||
$notify_message .= "To approve this comment, visit: $siteurl/wp-admin/wp-post.php?action=mailapprovecomment&p=".$comment->comment_post_ID."&comment=$comment_id\r\n";
|
||||
$notify_message .= "To delete this comment, visit: $siteurl/wp-admin/wp-post.php?action=confirmdeletecomment&p=".$comment->comment_post_ID."&comment=$comment_id\r\n";
|
||||
$notify_message .= "Currently $comments_waiting comments are waiting for approval. Please visit the moderation panel:\r\n";
|
||||
$notify_message .= "$siteurl/wp-admin/wp-moderation.php\r\n";
|
||||
|
||||
$subject = '[' . stripslashes($blogname) . '] Please approve: "' .stripslashes($post->post_title).'"';
|
||||
$admin_email = get_settings("admin_email");
|
||||
$from = "From: $admin_email";
|
||||
$from .= "\nX-Mailer: WordPress $b2_version with PHP/" . phpversion();
|
||||
|
||||
@mail($admin_email, $subject, $notify_message, $from);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
// implementation of in_array that also should work on PHP3
|
||||
if (!function_exists('in_array')) {
|
||||
@ -1431,4 +1576,4 @@ function add_filter($tag, $function_to_add) {
|
||||
return true;
|
||||
}
|
||||
|
||||
?>
|
||||
?>
|
||||
|
@ -1403,9 +1403,13 @@ function list_cats($optionall = 1, $all = 'All', $sort_column = 'ID', $sort_orde
|
||||
|
||||
// generic comments/trackbacks/pingbacks numbering
|
||||
|
||||
function comments_number($zero='No Comments', $one='1 Comment', $more='% Comments') {
|
||||
function comments_number($zero='No Comments', $one='1 Comment', $more='% Comments', $include_unapproved = false) {
|
||||
global $id, $comment, $tablecomments, $querycount, $wpdb;
|
||||
$number = $wpdb->get_var("SELECT COUNT(*) FROM $tablecomments WHERE comment_post_ID = $id");
|
||||
$query = "SELECT COUNT(*) FROM $tablecomments WHERE comment_post_ID = '$id'";
|
||||
if (false == $include_unapproved) {
|
||||
$query .= " AND comment_approved = '1'";
|
||||
}
|
||||
$number = $wpdb->get_var($query);
|
||||
if ($number == 0) {
|
||||
$blah = $zero;
|
||||
} elseif ($number == 1) {
|
||||
@ -1436,7 +1440,7 @@ function comments_popup_script($width=400, $height=400, $file='b2commentspopup.p
|
||||
function comments_popup_link($zero='No Comments', $one='1 Comment', $more='% Comments', $CSSclass='', $none='Comments Off') {
|
||||
global $id, $b2commentspopupfile, $b2commentsjavascript, $post, $wpdb, $tablecomments, $HTTP_COOKIE_VARS, $cookiehash;
|
||||
global $querystring_start, $querystring_equal, $querystring_separator, $siteurl;
|
||||
$number = $wpdb->get_var("SELECT COUNT(*) FROM $tablecomments WHERE comment_post_ID = $id");
|
||||
$number = $wpdb->get_var("SELECT COUNT(*) FROM $tablecomments WHERE comment_post_ID = $id AND comment_approved = '1'");
|
||||
if (0 == $number && 'closed' == $post->comment_status) {
|
||||
echo $none;
|
||||
return;
|
||||
@ -1707,4 +1711,4 @@ function permalink_single_rss($file = '') {
|
||||
|
||||
/***** // Permalink tags *****/
|
||||
|
||||
?>
|
||||
?>
|
||||
|
@ -14,7 +14,7 @@
|
||||
$comment_author_email = trim($HTTP_COOKIE_VARS["comment_author_email_".$cookiehash]);
|
||||
$comment_author_url = trim($HTTP_COOKIE_VARS["comment_author_url_".$cookiehash]);
|
||||
|
||||
$comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id ORDER BY comment_date");
|
||||
$comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id AND comment_approved = '1' ORDER BY comment_date");
|
||||
?>
|
||||
|
||||
<!-- You can start editing here. -->
|
||||
@ -73,6 +73,19 @@ if ($comments) {
|
||||
<textarea name="comment" id="comment" cols="70" rows="4" tabindex="4"></textarea>
|
||||
</p>
|
||||
|
||||
<?php
|
||||
if ('none' != get_settings("comment_moderation")) {
|
||||
?>
|
||||
<p>
|
||||
<strong>Please note:</strong><br />
|
||||
This blog uses comment moderation. In other words: your comment will need approval
|
||||
by the administrator before it will appear in the blog. Approval usually happens
|
||||
within the next 24 hours. Please send your comment only once. Thank you.
|
||||
</p>
|
||||
<?php
|
||||
} // comment_moderation != 'none'
|
||||
?>
|
||||
|
||||
<p>
|
||||
<input name="submit" type="submit" tabindex="5" value="Say it!" />
|
||||
</p>
|
||||
@ -85,4 +98,4 @@ if ($comments) {
|
||||
|
||||
<?php // if you delete this the sky will fall on your head
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
@ -82,37 +82,40 @@ if (!empty($lasttime)) {
|
||||
|
||||
|
||||
if ($ok) { // if there was no comment from this IP in the last 10 seconds
|
||||
$comment_moderation = get_settings("comment_moderation");
|
||||
$moderation_notify = get_settings("moderation_notify");
|
||||
|
||||
// o42: this place could be the hook for further comment spam checking
|
||||
// $approved should be set according the final approval status
|
||||
// of the new comment
|
||||
if ('manual' == $comment_moderation) {
|
||||
$approved = 0;
|
||||
} else if ('auto' == $comment_moderation) {
|
||||
$approved = 0;
|
||||
} else { // none
|
||||
$approved = 1;
|
||||
}
|
||||
$wpdb->query("INSERT INTO $tablecomments (comment_ID,comment_post_ID,comment_author,comment_author_email,comment_author_url,comment_author_IP,comment_date,comment_content,comment_karma,comment_approved) VALUES ('0', '$comment_post_ID', '$author', '$email', '$url', '$user_ip', '$now', '$comment', '0', '$approved')");
|
||||
|
||||
$wpdb->query("INSERT INTO $tablecomments VALUES ('0', '$comment_post_ID', '$author', '$email', '$url', '$user_ip', '$now', '$comment', '0')");
|
||||
// o42: this should be changed as soon as other sql dbs are supported
|
||||
// as it's proprietary to mysql
|
||||
$comment_ID = $wpdb->get_var("SELECT last_insert_id()");
|
||||
|
||||
if ($comments_notify) {
|
||||
$postdata = get_postdata($comment_post_ID);
|
||||
$authordata = get_userdata($postdata['Author_ID']);
|
||||
|
||||
if('' != $authordata->user_email) {
|
||||
$notify_message = "New comment on your post #$comment_post_ID \"".stripslashes($postdata['Title'])."\"\r\n\r\n";
|
||||
$notify_message .= "Author : $comment_author (IP: $user_ip , $user_domain)\r\n";
|
||||
$notify_message .= "E-mail : $comment_author_email\r\n";
|
||||
$notify_message .= "URL : $comment_author_url\r\n";
|
||||
$notify_message .= "Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=$user_ip\r\n";
|
||||
$notify_message .= "Delete : $siteurl/wp-admin/wp-post.php?action=deletecomment&p=$comment_post_ID&comment=$comment_ID \r\n";
|
||||
$notify_message .= "Comment:\r\n".stripslashes($original_comment)."\r\n\r\n";
|
||||
$notify_message .= "You can see all comments on this post here: \r\n";
|
||||
$notify_message .= $siteurl.'/'.$blogfilename.$querystring_start.'p'.$querystring_equal.$comment_post_ID.$querystring_separator.'c'.$querystring_equal.'1#comments';
|
||||
|
||||
$subject = '[' . stripslashes($blogname) . '] Comment: "' .stripslashes($postdata['Title']).'"';
|
||||
|
||||
if ('' != $comment_author_email) {
|
||||
$from = "From: \"$comment_author\" <$comment_author_email>\r\n";
|
||||
} else {
|
||||
$from = 'From: "' . stripslashes($comment_author) . "\" <$authordata->user_email>\r\n";
|
||||
}
|
||||
$from .= "X-Mailer: WordPress $b2_version with PHP/" . phpversion();
|
||||
|
||||
@mail($authordata->user_email, $subject, $notify_message, $from);
|
||||
}
|
||||
$fp = fopen("/tmp/wpdebug.txt", "w+");
|
||||
fwrite($fp, "comment_moderation: $comment_moderation\n");
|
||||
fwrite($fp, "moderation_notify : $moderation_notify\n");
|
||||
|
||||
if (($moderation_notify) && (!$approved)) {
|
||||
wp_notify_moderator($comment_ID);
|
||||
fwrite($fp, "notify moderator -> $comment_ID\n");
|
||||
}
|
||||
|
||||
if (($comment_notify) && ($approved)) {
|
||||
wp_notify_postauthor($comment_ID);
|
||||
fwrite($fp, "notify postauthor -> $comment_ID\n");
|
||||
}
|
||||
|
||||
fclose($fp);
|
||||
|
||||
if ($email == '')
|
||||
$email = ' '; // this to make sure a cookie is set for 'no email'
|
||||
@ -124,8 +127,8 @@ if ($ok) { // if there was no comment from this IP in the last 10 seconds
|
||||
setcookie('comment_author_email_'.$cookiehash, $email, time()+30000000);
|
||||
setcookie('comment_author_url_'.$cookiehash, $url, time()+30000000);
|
||||
|
||||
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
|
||||
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
|
||||
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
|
||||
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
|
||||
header('Cache-Control: no-cache, must-revalidate');
|
||||
header('Pragma: no-cache');
|
||||
$location = (!empty($HTTP_POST_VARS['redirect_to'])) ? $HTTP_POST_VARS['redirect_to'] : $HTTP_SERVER_VARS["HTTP_REFERER"];
|
||||
@ -138,4 +141,4 @@ if ($ok) { // if there was no comment from this IP in the last 10 seconds
|
||||
die('Sorry, you can only post a new comment once every 10 seconds. Slow down cowboy.');
|
||||
}
|
||||
|
||||
?>
|
||||
?>
|
||||
|
@ -30,7 +30,7 @@ foreach ($posts as $post) { start_b2();
|
||||
<ol id="comments">
|
||||
<?php
|
||||
// this line is WordPress' motor, do not delete it.
|
||||
$comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id ORDER BY comment_date");
|
||||
$comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id AND comment_approved = '1' ORDER BY comment_date");
|
||||
$commentstatus = $wpdb->get_row("SELECT comment_status, post_password FROM $tableposts WHERE ID = $id");
|
||||
if (!empty($commentstatus->post_password) && $HTTP_COOKIE_VARS['wp-postpass_'.$cookiehash] != $commentstatus->post_password) { // and it doesn't match the cookie
|
||||
echo("<li>".get_the_password_form()."</li></ol>");
|
||||
@ -110,4 +110,4 @@ document.onkeypress = function esc(e) {
|
||||
// -->
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
</html>
|
||||
|
@ -66,7 +66,7 @@ case 'login':
|
||||
$pwd = $HTTP_POST_VARS["pwd"];
|
||||
$redirect_to = $HTTP_POST_VARS["redirect_to"];
|
||||
}
|
||||
|
||||
|
||||
function login() {
|
||||
global $wpdb, $log, $pwd, $error, $user_ID;
|
||||
global $tableusers, $pass_is_md5;
|
||||
@ -297,7 +297,11 @@ if ($error) echo "<div align=\"right\" style=\"padding:4px;\"><font color=\"#FF0
|
||||
<input type="hidden" name="popupurl" value="<?php echo $popupurl ?>" />
|
||||
<input type="hidden" name="popuptitle" value="<?php echo $popuptitle ?>" />
|
||||
<?php } ?>
|
||||
<?php if (isset($HTTP_GET_VARS["redirect_to"])) { ?>
|
||||
<input type="hidden" name="redirect_to" value="<?php echo $HTTP_GET_VARS["redirect_to"] ?>" />
|
||||
<?php } else { ?>
|
||||
<input type="hidden" name="redirect_to" value="wp-admin/" />
|
||||
<?php } ?>
|
||||
<input type="hidden" name="action" value="login" />
|
||||
<label>Login: <input type="text" name="log" id="log" value="" size="20" tabindex="1" /></label><br />
|
||||
<label>Password: <input type="password" name="pwd" value="" size="20" tabindex="2" /></label><br />
|
||||
@ -312,4 +316,4 @@ if ($error) echo "<div align=\"right\" style=\"padding:4px;\"><font color=\"#FF0
|
||||
|
||||
break;
|
||||
} // end action switch
|
||||
?>
|
||||
?>
|
||||
|
@ -1,5 +1,6 @@
|
||||
1 wp-post.php Post
|
||||
1 edit.php Edit
|
||||
3 wp-moderation.php Moderation
|
||||
3 b2team.php Team
|
||||
4 wp-options.php Options
|
||||
3 b2categories.php Categories
|
||||
@ -15,4 +16,4 @@ To add sections to the menu, use this syntax:
|
||||
+tab
|
||||
+the URL of the section's file
|
||||
+tab
|
||||
+the title of this section
|
||||
+the title of this section
|
||||
|
@ -41,8 +41,9 @@ function veriflog() {
|
||||
if (!empty($HTTP_COOKIE_VARS["wordpressuser_".$cookiehash])) {
|
||||
$error="<strong>Error</strong>: wrong login or password";
|
||||
}
|
||||
header("Location: $siteurl/b2login.php");
|
||||
$redir = "Location: $siteurl/b2login.php?redirect_to=" . urlencode($HTTP_SERVER_VARS["REQUEST_URI"]);
|
||||
header($redir);
|
||||
exit();
|
||||
}
|
||||
//}
|
||||
?>
|
||||
?>
|
||||
|
@ -143,6 +143,13 @@ echo $comments_nav_bar;
|
||||
foreach ($comments as $comment) {
|
||||
?>
|
||||
<li style="border-bottom: 1px solid #ccc;">
|
||||
<?php
|
||||
$comment_status = wp_get_comment_status($comment->comment_ID);
|
||||
|
||||
if ("unapproved" == $comment_status) {
|
||||
echo "<span class=\"unapproved\">";
|
||||
}
|
||||
?>
|
||||
<p><strong>Name:</strong> <?php comment_author() ?> <?php if ($comment->comment_author_email) { ?>| <strong>Email:</strong> <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_email) { ?> | <strong>URI:</strong> <?php comment_author_url_link() ?> <?php } ?>| <strong>IP:</strong> <?php comment_author_IP() ?></p>
|
||||
|
||||
<?php comment_text() ?>
|
||||
@ -175,4 +182,4 @@ echo $comments_nav_bar;
|
||||
<?php
|
||||
echo $comments_nav_bar;
|
||||
include('b2footer.php');
|
||||
?>
|
||||
?>
|
||||
|
@ -243,7 +243,7 @@ if ($posts) {
|
||||
foreach ($posts as $post) { start_b2();
|
||||
?>
|
||||
<p>
|
||||
<strong><?php the_time('Y/m/d @ H:i:s'); ?></strong> [ <a href="edit.php?p=<?php echo $id ?>&c=1"><?php comments_number('no comments', '1 comment', "% comments") ?></a>
|
||||
<strong><?php the_time('Y/m/d @ H:i:s'); ?></strong> [ <a href="edit.php?p=<?php echo $id ?>&c=1"><?php comments_number('no comments', '1 comment', "% comments", true) ?></a>
|
||||
<?php
|
||||
if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) {
|
||||
echo " - <a href='wp-post.php?action=edit&post=$id";
|
||||
@ -278,16 +278,36 @@ foreach ($posts as $post) { start_b2();
|
||||
|
||||
<!-- comment -->
|
||||
<li>
|
||||
<?php
|
||||
$comment_status = wp_get_comment_status($comment->comment_ID);
|
||||
|
||||
if ("unapproved" == $comment_status) {
|
||||
echo "<span class=\"unapproved\">";
|
||||
}
|
||||
?>
|
||||
<?php comment_date('Y/m/d') ?> @ <?php comment_time() ?>
|
||||
<?php
|
||||
if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) {
|
||||
echo "[ <a href=\"wp-post.php?action=editcomment&comment=".$comment->comment_ID."\">Edit</a>";
|
||||
echo " - <a href=\"wp-post.php?action=deletecomment&p=".$post->ID."&comment=".$comment->comment_ID."\" onclick=\"return confirm('You are about to delete this comment by \'".$comment->comment_author."\'\\n \'OK\' to delete, \'Cancel\' to stop.')\">Delete</a> ]";
|
||||
echo " - <a href=\"wp-post.php?action=deletecomment&p=".$post->ID."&comment=".$comment->comment_ID."\" onclick=\"return confirm('You are about to delete this comment by \'".$comment->comment_author."\'\\n \'OK\' to delete, \'Cancel\' to stop.')\">Delete</a> ";
|
||||
if ( ('none' != $comment_status) && ($user_level >= 3) ) {
|
||||
if ('approved' == wp_get_comment_status($comment->comment_ID)) {
|
||||
echo " - <a href=\"wp-post.php?action=unapprovecomment&p=".$post->ID."&comment=".$comment->comment_ID."\">Unapprove</a> ";
|
||||
} else {
|
||||
echo " - <a href=\"wp-post.php?action=approvecomment&p=".$post->ID."&comment=".$comment->comment_ID."\">Approve</a> ";
|
||||
}
|
||||
}
|
||||
echo "]";
|
||||
} // end if any comments to show
|
||||
?>
|
||||
<br />
|
||||
<strong><?php comment_author() ?> ( <?php comment_author_email_link() ?> / <?php comment_author_url_link() ?> )</strong> (IP: <?php comment_author_IP() ?>)
|
||||
<?php comment_text() ?>
|
||||
<?php
|
||||
if ("unapproved" == $comment_status) {
|
||||
echo "</span>";
|
||||
}
|
||||
?>
|
||||
</li>
|
||||
<!-- /comment -->
|
||||
|
||||
@ -342,4 +362,4 @@ foreach ($posts as $post) { start_b2();
|
||||
// uncomment this to show the nav bar at the bottom as well
|
||||
echo $posts_nav_bar;
|
||||
include('b2footer.php');
|
||||
?>
|
||||
?>
|
||||
|
332
wp-admin/upgrade-4-commod.php
Normal file
332
wp-admin/upgrade-4-commod.php
Normal file
@ -0,0 +1,332 @@
|
||||
<?php
|
||||
$_wp_installing = 1;
|
||||
|
||||
require_once('../wp-config.php');
|
||||
require_once('wp-install-helper.php');
|
||||
|
||||
$step = intval($HTTP_GET_VARS['step']);
|
||||
if (!$step) $step = 0;
|
||||
if (!step) $step = 0;
|
||||
$file = basename(__FILE__);
|
||||
|
||||
?>
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml">
|
||||
<title>WordPress >Database upgrade for comment moderation hack</title>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
|
||||
<style media="screen" type="text/css">
|
||||
body {
|
||||
font-family: Georgia, "Times New Roman", Times, serif;
|
||||
margin-left: 15%;
|
||||
margin-right: 15%;
|
||||
}
|
||||
#logo {
|
||||
margin: 0;
|
||||
padding: 0;
|
||||
background-image: url(http://wordpress.org/images/wordpress.gif);
|
||||
background-repeat: no-repeat;
|
||||
height: 72px;
|
||||
border-bottom: 4px solid #333;
|
||||
}
|
||||
#logo a {
|
||||
display: block;
|
||||
height: 72px;
|
||||
}
|
||||
#logo a span {
|
||||
display: none;
|
||||
}
|
||||
p {
|
||||
line-height: 140%;
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<h1 id="logo"><a href="http://wordpress.org"><span>WordPress</span></a></h1>
|
||||
|
||||
<?php
|
||||
|
||||
switch($step) {
|
||||
case 0:
|
||||
?>
|
||||
|
||||
<p>This will upgrade your database in order to be able to use otaku42's comment
|
||||
moderation hack.</p>
|
||||
<p>First of all: <strong>backup your database!</strong> This script will make
|
||||
changes to it and it could happen that things aren't going the way they should.
|
||||
You have been warned.</p>
|
||||
<p>What this hack does is simple: it introduces a new option for comment moderation.
|
||||
Comment moderation means that new comments won't show up in your blog until they
|
||||
have been approved. Approval happens either manually or automatically (not implemented
|
||||
yet). This all is a first step towards comment spam prevention.
|
||||
<br /> You will have a simple panel in the admin section that shows you waiting
|
||||
comments. You can either approve or delete them, or hold them further for approval.</p>
|
||||
<p>The procedure is easy: click on the next button and see if there
|
||||
are any warnings popping up. If so, please report the problem(s) to me
|
||||
(<a href="mailto:mrenzmann@otaku42.de">mrenzmann@otaku42.de</a>) so that I can
|
||||
fix it/them.</p>
|
||||
<p>The following passage (grey text) is of interest for you only if you are familiar
|
||||
with WordPress development:</p>
|
||||
<span style="color: #888888;">
|
||||
<p>In order to have the patch working we need to extend the comment table with a
|
||||
field that indicates whether the comment has been approved or not (<em>comment_approved</em>).
|
||||
Its default value will be <em>1</em> so that comments are auto-approved when comment
|
||||
moderation has been turned off by the admin.</p>
|
||||
<p>The next thing is that we need an option to turn comment moderation on/off. It will
|
||||
be named <em>comment_moderation</em> and can be found in <em>General blog
|
||||
settings</em>.</p>
|
||||
<p>Another option that gets inserted is <em>moderation_notify</em>. If turned on, a mail
|
||||
will be sent to the admin to inform about the new (and possibly other) comment that is/are
|
||||
waiting for his approval.</p>
|
||||
</p>This upgrade procedure tries to be as save as possible by not relying on any hardcoded
|
||||
values. For example it retrieves the id for option group <em>general blog settings</em>
|
||||
rather than assuming it has the same id as in my own blog.</p>
|
||||
</span>
|
||||
<p>Ready?
|
||||
|
||||
<?php
|
||||
echo "<a href=\"$file?step=1\">Let's go!</a></p>\n";
|
||||
break; // end case 0
|
||||
|
||||
case 1:
|
||||
$result = "";
|
||||
$error_count = 0;
|
||||
$continue = true;
|
||||
|
||||
// insert new column "comment_approved" to $tablecomments
|
||||
if ($continue) {
|
||||
$tablename = $tablecomments;
|
||||
$tablecol = "comment_approved";
|
||||
$ddl = "ALTER TABLE $tablecomments ADD COLUMN $tablecol ENUM('0','1') DEFAULT '1' NOT NULL";
|
||||
$result .= "Adding column $tablecol to table $tablename: ";
|
||||
if (maybe_add_column($tablename, $tablecol, $ddl)) {
|
||||
$result .= "ok<br />\n";
|
||||
$result .= "Indexing new column $tablecol: ";
|
||||
|
||||
$wpdb->query("ALTER TABLE $tablename ADD INDEX ($tablecol)");
|
||||
$results = $wpdb->get_results("SHOW INDEX FROM $tablecomments");
|
||||
foreach ($results as $row) {
|
||||
if ($row->Key_name == $tablecol) {
|
||||
$index=1;
|
||||
}
|
||||
}
|
||||
|
||||
if (1 == $index) {
|
||||
$result .= "ok";
|
||||
$continue = true;
|
||||
} else {
|
||||
$result .= "error";
|
||||
++$error_count;
|
||||
$continue = false;
|
||||
}
|
||||
} else {
|
||||
$result .= "error (couldn't add column $tablecol)";
|
||||
++$error_count;
|
||||
$continue = false;
|
||||
}
|
||||
$result .= "<br />\n";
|
||||
}
|
||||
|
||||
// insert new option "comment_moderation" to settings
|
||||
if ($continue) {
|
||||
$option = "comment_moderation";
|
||||
$tablename = $tableoptions;
|
||||
$ddl = "INSERT INTO $tablename "
|
||||
. "(option_id, blog_id, option_name, option_can_override, option_type, "
|
||||
. "option_value, option_width, option_height, option_description, "
|
||||
. "option_admin_level) "
|
||||
. "VALUES "
|
||||
. "('0','0','$option','Y','5','none',20,8,'if enabled, comments will only be shown after they have been approved by you',8)";
|
||||
$result .= "Adding new option $option to settings: ";
|
||||
if ($wpdb->query($ddl)) {
|
||||
$result .= "ok";
|
||||
$continue = true;
|
||||
} else {
|
||||
$result .= "error";
|
||||
++$error_count;
|
||||
$continue = false;
|
||||
}
|
||||
$result .= "<br />\n";
|
||||
}
|
||||
|
||||
// attach option to group "General blog settings"
|
||||
if ($continue) {
|
||||
// we take over here $option and $tablename from above
|
||||
$group = "General blog settings";
|
||||
$result .= "Inserting new option $option to settings group '$group': ";
|
||||
|
||||
$oid = $wpdb->get_var("SELECT option_id FROM $tablename WHERE option_name='$option'");
|
||||
$gid = $wpdb->get_var("SELECT group_id FROM $tableoptiongroups WHERE group_name='$group'");
|
||||
|
||||
if (0 != $gid && 0 != $oid) {
|
||||
$continue = true;
|
||||
} else {
|
||||
$result .= "error (couldn't determine option_id and/or group_id)";
|
||||
++$error_count;
|
||||
$continue = false;
|
||||
}
|
||||
}
|
||||
|
||||
if ($continue) {
|
||||
$seq = $wpdb->get_var("SELECT MAX(seq) FROM $tableoptiongroup_options WHERE group_id='$gid'");
|
||||
|
||||
if (0 != $seq) {
|
||||
$continue = true;
|
||||
} else {
|
||||
$result .= "error (couldn't determine sequence)";
|
||||
++$error_count;
|
||||
$continue = false;
|
||||
}
|
||||
}
|
||||
|
||||
if ($continue) {
|
||||
++$seq;
|
||||
$ddl = "INSERT INTO $tableoptiongroup_options (group_id, option_id, seq) "
|
||||
. "VALUES ('$gid','$oid','$seq')";
|
||||
if ($wpdb->query($ddl)) {
|
||||
$result .= "ok";
|
||||
} else {
|
||||
$result .= "error";
|
||||
++$error_count;
|
||||
$continue = false;
|
||||
}
|
||||
$result .= "<br />\n";
|
||||
}
|
||||
|
||||
// insert option values for new option "comment_moderation"
|
||||
if ($continue) {
|
||||
$tablename = $tableoptionvalues;
|
||||
$result .= "Inserting option values for new option $option: ";
|
||||
|
||||
$ddl = array();
|
||||
$ddl[] = "INSERT INTO $tablename (option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq) "
|
||||
. "VALUES ('$oid','none','None',NULL,NULL,1)";
|
||||
$ddl[] = "INSERT INTO $tablename (option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq) "
|
||||
. "VALUES ('$oid','manual','Manual',NULL,NULL,2)";
|
||||
$ddl[] = "INSERT INTO $tablename (option_id, optionvalue, optionvalue_desc, optionvalue_max, optionvalue_min, optionvalue_seq) "
|
||||
. "VALUES ('$oid','auto','Automatic',NULL,NULL,3)";
|
||||
|
||||
for ($i = 0; $i < count($ddl); $i++) {
|
||||
if ($wpdb->query($ddl[$i])) {
|
||||
$success = true;
|
||||
continue;
|
||||
} else {
|
||||
$success = false;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if ($success) {
|
||||
$result .= "ok";
|
||||
} else {
|
||||
$result .= "error";
|
||||
++$error_count;
|
||||
$continue = false;
|
||||
}
|
||||
$result .= "<br />\n";
|
||||
}
|
||||
|
||||
// insert new option "moderation_notify" to settings
|
||||
if ($continue) {
|
||||
$option = "moderation_notify";
|
||||
$tablename = $tableoptions;
|
||||
$ddl = "INSERT INTO $tablename "
|
||||
. "(option_id, blog_id, option_name, option_can_override, option_type, "
|
||||
. "option_value, option_width, option_height, option_description, "
|
||||
. "option_admin_level) "
|
||||
. "VALUES "
|
||||
. "('0','0','$option','Y','2','1',20,8,'set this to true if you want to be notified about new comments that wait for approval',8)";
|
||||
$result .= "Adding new option $option to settings: ";
|
||||
if ($wpdb->query($ddl)) {
|
||||
$result .= "ok";
|
||||
$continue = true;
|
||||
} else {
|
||||
$result .= "error";
|
||||
++$error_count;
|
||||
$continue = false;
|
||||
}
|
||||
$result .= "<br />\n";
|
||||
}
|
||||
|
||||
// attach option to group "General blog settings"
|
||||
if ($continue) {
|
||||
// we take over here $option and $tablename from above
|
||||
$group = "General blog settings";
|
||||
$result .= "Inserting new option $option to settings group '$group': ";
|
||||
|
||||
$oid = $wpdb->get_var("SELECT option_id FROM $tablename WHERE option_name='$option'");
|
||||
$gid = $wpdb->get_var("SELECT group_id FROM $tableoptiongroups WHERE group_name='$group'");
|
||||
|
||||
if (0 != $gid && 0 != $oid) {
|
||||
$continue = true;
|
||||
} else {
|
||||
$result .= "error (couldn't determine option_id and/or group_id)";
|
||||
++$error_count;
|
||||
$continue = false;
|
||||
}
|
||||
}
|
||||
|
||||
if ($continue) {
|
||||
$seq = $wpdb->get_var("SELECT MAX(seq) FROM $tableoptiongroup_options WHERE group_id='$gid'");
|
||||
|
||||
if (0 != $seq) {
|
||||
$continue = true;
|
||||
} else {
|
||||
$result .= "error (couldn't determine sequence)";
|
||||
++$error_count;
|
||||
$continue = false;
|
||||
}
|
||||
}
|
||||
|
||||
if ($continue) {
|
||||
++$seq;
|
||||
$ddl = "INSERT INTO $tableoptiongroup_options (group_id, option_id, seq) "
|
||||
. "VALUES ('$gid','$oid','$seq')";
|
||||
if ($wpdb->query($ddl)) {
|
||||
$result .= "ok";
|
||||
} else {
|
||||
$result .= "error";
|
||||
++$error_count;
|
||||
$continue = false;
|
||||
}
|
||||
$result .= "<br />\n";
|
||||
}
|
||||
|
||||
echo $result;
|
||||
|
||||
if ($error_count > 0) {
|
||||
?>
|
||||
|
||||
<p>Hmmm... there was some kind of error. If you cannot figure out
|
||||
from the output above how to correct the problems please
|
||||
contact me at <a href="mailto:mrenzmann@otaku42.de">mrenzmann@otaku42.de</a>
|
||||
and report your problem.</p>
|
||||
|
||||
<?php
|
||||
} else {
|
||||
?>
|
||||
|
||||
<p>Seems that everything went fine. Great!</p>
|
||||
<p>Now you have two new options in your settings section <em>General blog settings</em>:
|
||||
<ol><li><em>comment_moderation</em> controls whether you want to use the new comment
|
||||
moderation functionality at all. If set to <em>manual</em>, you need to approve each
|
||||
new comment by hand either in the comment moderation panel or when editing the comments
|
||||
for a post. Choose <em>automatic</em> currently equals <em>manual</em>, but in the near
|
||||
future this will allow the application of filtering functions (such as URL blacklisting,
|
||||
keyword filtering, bayesian filtering and similar stuff). To approve awaiting comments
|
||||
go to <em>Moderate</em> in the admin menu, where all waiting comments will be listed.</li>
|
||||
<li><em>moderation_notify</em> will decide if you get notified by e-mail as soon as a
|
||||
new comment has been posted and is waiting for approval (in other words: this setting
|
||||
only takes effect, if <em>comment_moderation</em> is either set to <em>manual</em> or
|
||||
<em>automatic</em>. The notification message will contain direct links that allow to
|
||||
approve or delete a comment, or to jump to the moderation panel.</li></ol>
|
||||
<p>Have fun!</p>
|
||||
|
||||
<?php
|
||||
}
|
||||
|
||||
break; // end case 1
|
||||
}
|
||||
?>
|
||||
|
||||
</body>
|
||||
</html>
|
@ -87,6 +87,22 @@ textarea, input, select {
|
||||
margin: 6px 0;
|
||||
}
|
||||
|
||||
.unapproved {
|
||||
color: #888;
|
||||
}
|
||||
|
||||
.unapproved a:link {
|
||||
color: #B9BCFF;
|
||||
}
|
||||
|
||||
.unapproved a:visited {
|
||||
color: #696DFF;
|
||||
}
|
||||
|
||||
.unapproved a:hover {
|
||||
color: #009EF0;
|
||||
}
|
||||
|
||||
#adminmenu .last, #adminmenu2 .last {
|
||||
border-right: none;
|
||||
}
|
||||
|
@ -246,7 +246,7 @@ echo $posts_nav_bar;
|
||||
//$posts_per_page = 10;
|
||||
start_b2(); ?>
|
||||
<p>
|
||||
<strong><?php the_time('Y/m/d @ H:i:s'); ?></strong> [ <a href="wp-post.php?p=<?php echo $id ?>&c=1"><?php comments_number('no comments', '1 comment', "% comments") ?></a>
|
||||
<strong><?php the_time('Y/m/d @ H:i:s'); ?></strong> [ <a href="wp-post.php?p=<?php echo $id ?>&c=1"><?php comments_number('no comments', '1 comment', "% comments", true) ?></a>
|
||||
<?php
|
||||
if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) {
|
||||
echo " - <a href='wp-post.php?action=edit&post=$id";
|
||||
@ -286,7 +286,15 @@ echo $posts_nav_bar;
|
||||
<?php
|
||||
if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) {
|
||||
echo "[ <a href=\"wp-post.php?action=editcomment&comment=".$comment->comment_ID."\">Edit</a>";
|
||||
echo " - <a href=\"wp-post.php?action=deletecomment&p=".$post->ID."&comment=".$comment->comment_ID."\" onclick=\"return confirm('You are about to delete this comment by \'".$comment->comment_author."\'\\n \'Cancel\' to stop, \'OK\' to delete.')\">Delete</a> ]";
|
||||
echo " - <a href=\"wp-post.php?action=deletecomment&p=".$post->ID."&comment=".$comment->comment_ID."\" onclick=\"return confirm('You are about to delete this comment by \'".$comment->comment_author."\'\\n \'Cancel\' to stop, \'OK\' to delete.')\">Delete</a> ";
|
||||
if ( ('none' != get_settings("comment_moderation")) && ($user_level >= 3) ) {
|
||||
if ('approved' == wp_get_comment_status($comment->comment_ID)) {
|
||||
echo " - <a href=\"b2edit.php?action=unapprovecomment&p=".$post->ID."&comment=".$comment->comment_ID."\">Unapprove</a> ";
|
||||
} else {
|
||||
echo " - <a href=\"b2edit.php?action=approvecomment&p=".$post->ID."&comment=".$comment->comment_ID."\">Approve</a> ";
|
||||
}
|
||||
}
|
||||
echo " ]";
|
||||
} // end if any comments to show
|
||||
?>
|
||||
<br />
|
||||
@ -345,4 +353,4 @@ echo $posts_nav_bar;
|
||||
<?php
|
||||
// uncomment this to show the nav bar at the bottom as well
|
||||
// echo $posts_nav_bar;
|
||||
?>
|
||||
?>
|
||||
|
225
wp-admin/wp-moderation.php
Normal file
225
wp-admin/wp-moderation.php
Normal file
@ -0,0 +1,225 @@
|
||||
<?php
|
||||
$title = "Moderate comments";
|
||||
/* <Moderation> */
|
||||
|
||||
function add_magic_quotes($array) {
|
||||
foreach ($array as $k => $v) {
|
||||
if (is_array($v)) {
|
||||
$array[$k] = add_magic_quotes($v);
|
||||
} else {
|
||||
$array[$k] = addslashes($v);
|
||||
}
|
||||
}
|
||||
return $array;
|
||||
}
|
||||
|
||||
if (!get_magic_quotes_gpc()) {
|
||||
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
|
||||
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
|
||||
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
|
||||
}
|
||||
|
||||
$b2varstoreset = array('action','item_ignored','item_deleted','item_approved');
|
||||
for ($i=0; $i<count($b2varstoreset); $i += 1) {
|
||||
$b2var = $b2varstoreset[$i];
|
||||
if (!isset($$b2var)) {
|
||||
if (empty($HTTP_POST_VARS["$b2var"])) {
|
||||
if (empty($HTTP_GET_VARS["$b2var"])) {
|
||||
$$b2var = '';
|
||||
} else {
|
||||
$$b2var = $HTTP_GET_VARS["$b2var"];
|
||||
}
|
||||
} else {
|
||||
$$b2var = $HTTP_POST_VARS["$b2var"];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
switch($action) {
|
||||
|
||||
case 'update':
|
||||
|
||||
$standalone = 1;
|
||||
require_once("b2header.php");
|
||||
|
||||
if ($user_level < 3) {
|
||||
die('<p>You have no right to moderate comments.<br />Ask for a promotion to your <a href="mailto:$admin_email">blog admin</a>. :)</p>');
|
||||
}
|
||||
|
||||
// check if comment moderation is turned on in the settings
|
||||
// if not, just give a short note and stop
|
||||
if (get_settings("comment_moderation") == "none") {
|
||||
echo "<div class=\"wrap\">\n";
|
||||
echo "Comment moderation has been turned off.<br /><br />\n";
|
||||
echo "</div>\n";
|
||||
include("b2footer.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
$item_ignored = 0;
|
||||
$item_deleted = 0;
|
||||
$item_approved = 0;
|
||||
|
||||
foreach($comment as $key => $value) {
|
||||
switch($value) {
|
||||
case "later":
|
||||
// do nothing with that comment
|
||||
// wp_set_comment_status($key, "hold");
|
||||
++$item_ignored;
|
||||
break;
|
||||
|
||||
case "delete":
|
||||
wp_set_comment_status($key, "delete");
|
||||
++$item_deleted;
|
||||
break;
|
||||
|
||||
case "approve":
|
||||
wp_set_comment_status($key, "approve");
|
||||
if (get_settings("comments_notify") == true) {
|
||||
wp_notify_postauthor($key);
|
||||
}
|
||||
++$item_approved;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
$file = basename(__FILE__);
|
||||
header("Location: $file?ignored=$item_ignored&deleted=$item_deleted&approved=$item_approved");
|
||||
exit();
|
||||
|
||||
break;
|
||||
|
||||
default:
|
||||
|
||||
require_once('b2header.php');
|
||||
|
||||
if ($user_level <= 3) {
|
||||
die('<p>You have no right to moderate comments.<br>Ask for a promotion to your <a href="mailto:$admin_email">blog admin</a>. :)</p>');
|
||||
}
|
||||
|
||||
// check if comment moderation is turned on in the settings
|
||||
// if not, just give a short note and stop
|
||||
if (get_settings("comment_moderation") == "none") {
|
||||
echo "<div class=\"wrap\">\n";
|
||||
echo "Comment moderation has been turned off.<br /><br />\n";
|
||||
echo "</div>\n";
|
||||
include("b2footer.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
// if we come here after deleting/approving comments we give
|
||||
// a short overview what has been done
|
||||
if (($deleted) || ($approved) || ($ignored)) {
|
||||
echo "<div class=\"wrap\">\n";
|
||||
if ($approved) {
|
||||
if ($approved == "1") {
|
||||
echo "1 comment approved <br />\n";
|
||||
} else {
|
||||
echo "$approved comments approved <br />\n";
|
||||
}
|
||||
}
|
||||
if ($deleted) {
|
||||
if ($deleted == "1") {
|
||||
echo "1 comment deleted <br />\n";
|
||||
} else {
|
||||
echo "$approved comments deleted <br />\n";
|
||||
}
|
||||
}
|
||||
if ($ignored) {
|
||||
if ($deleted == "1") {
|
||||
echo "1 comment left unchanged <br />\n";
|
||||
} else {
|
||||
echo "$approved comments left unchanged <br />\n";
|
||||
}
|
||||
|
||||
}
|
||||
echo "</div>\n";
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<div class="wrap">
|
||||
|
||||
<?php
|
||||
|
||||
$comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_approved='0'");
|
||||
if ($comments) {
|
||||
// list all comments that are waiting for approval
|
||||
$file = basename(__FILE__);
|
||||
echo "The following comments wait for approval:<br /><br />";
|
||||
echo "<form name=\"approval\" action=\"$file\" method=\"post\">";
|
||||
echo "<input type=\"hidden\" name=\"action\" value=\"update\" />\n";
|
||||
echo "<ol id=\"comments\">\n";
|
||||
|
||||
foreach($comments as $comment) {
|
||||
$comment_date = mysql2date(get_settings("date_format") . " @ " . get_settings("time_format"), $comment->comment_date);
|
||||
$post_title = $wpdb->get_var("SELECT post_title FROM $tableposts WHERE ID='$comment->comment_post_ID'");
|
||||
$comment_text = stripslashes($comment->comment_content);
|
||||
$comment_text = str_replace('<trackback />', '', $comment_text);
|
||||
$comment_text = str_replace('<pingback />', '', $comment_text);
|
||||
$comment_text = convert_chars($comment_text);
|
||||
$comment_text = convert_bbcode($comment_text);
|
||||
$comment_text = convert_gmcode($comment_text);
|
||||
$comment_text = convert_smilies($comment_text);
|
||||
$comment_text = make_clickable($comment_text);
|
||||
$comment_text = balanceTags($comment_text,1);
|
||||
$comment_text = apply_filters('comment_text', $comment_text);
|
||||
|
||||
echo "<li id=\"comment-$comment->comment_ID\">";
|
||||
echo "$comment_date -> $post_title<br />";
|
||||
echo "<strong>$comment->comment_author ";
|
||||
echo "(<a href=\"mailto:$comment->comment_author_email\">$comment->comment_author_email</a> /";
|
||||
echo "<a href=\"$comment->comment_author_url\">$comment->comment_author_url</a>)</strong> ";
|
||||
echo "(IP: <a href=\"http://ws.arin.net/cgi-bin/whois.pl?queryinput=$comment->comment_author_IP\">$comment->comment_author_IP</a>)<br />";
|
||||
echo $comment_text;
|
||||
echo "<strong>Your action:</strong>";
|
||||
echo " <input type=\"radio\" name=\"comment[$comment->comment_ID]\" value=\"approve\" /> approve";
|
||||
echo " <input type=\"radio\" name=\"comment[$comment->comment_ID]\" value=\"delete\" /> delete";
|
||||
echo " <input type=\"radio\" name=\"comment[$comment->comment_ID]\" value=\"later\" checked=\"checked\" /> later";
|
||||
echo "<br /><br />";
|
||||
echo "</li>\n";
|
||||
}
|
||||
|
||||
echo "</ol>\n";
|
||||
echo "<input type=\"submit\" name=\"submit\" value=\"Continue!\" class=\"search\" style=\"font-weight: bold;\" />\n";
|
||||
echo "</form>\n";
|
||||
} else {
|
||||
// nothing to approve
|
||||
echo "Currently there are no comments to be approved.<br />\n";
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<br />
|
||||
</div>
|
||||
|
||||
<?php
|
||||
if ($comments) {
|
||||
// show this help text only if there are comments waiting
|
||||
?>
|
||||
|
||||
<div class="wrap">
|
||||
<p>For each comment you have to choose either <em>approve</em>, <em>delete</em> or <em>later</em>:</p>
|
||||
<p><em>approve</em>: approves comment, so that it will be publically visible
|
||||
<?php
|
||||
if ("1" == get_settings("comments_notify")) {
|
||||
echo "; the author of the post will be notified about the new comment on his post.</p>\n";
|
||||
} else {
|
||||
echo ".</p>\n";
|
||||
}
|
||||
?>
|
||||
<p><em>delete</em>: remove the content from your blog (note: you won't be asked again, so you should double-check
|
||||
that you really want to delete the comment - once deleted you can′t bring them back!)</p>
|
||||
<p><em>later</em>: don′t change the comment′s status at all now.</p>
|
||||
</div>
|
||||
|
||||
<?php
|
||||
} // if comments
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
/* </Template> */
|
||||
include("b2footer.php") ?>
|
@ -338,7 +338,7 @@ switch($action) {
|
||||
}
|
||||
|
||||
$comment = $HTTP_GET_VARS['comment'];
|
||||
$commentdata = get_commentdata($comment, 1) or die('Oops, no comment with this ID. <a href="javascript:history.go(-1)">Go back</a>!');
|
||||
$commentdata = get_commentdata($comment, 1, true) or die('Oops, no comment with this ID. <a href="javascript:history.go(-1)">Go back</a>!');
|
||||
$content = $commentdata['comment_content'];
|
||||
$content = format_to_edit($content);
|
||||
|
||||
@ -346,35 +346,163 @@ switch($action) {
|
||||
|
||||
break;
|
||||
|
||||
case 'confirmdeletecomment':
|
||||
|
||||
$standalone = 0;
|
||||
require_once('./b2header.php');
|
||||
|
||||
if ($user_level == 0)
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
$comment = $HTTP_GET_VARS['comment'];
|
||||
$p = $HTTP_GET_VARS['p'];
|
||||
$commentdata = get_commentdata($comment, 1, true) or die('Oops, no comment with this ID. <a href="edit.php">Go back</a>!');
|
||||
|
||||
echo "<div class=\"wrap\">\n";
|
||||
echo "<p><strong>Caution:</strong> You are about to delete the following comment:</p>\n";
|
||||
echo "<table border=\"0\">\n";
|
||||
echo "<tr><td>Author:</td><td>" . $commentdata["comment_author"] . "</td></tr>\n";
|
||||
echo "<tr><td>E-Mail:</td><td>" . $commentdata["comment_author_email"] . "</td></tr>\n";
|
||||
echo "<tr><td>URL:</td><td>" . $commentdata["comment_author_url"] . "</td></tr>\n";
|
||||
echo "<tr><td>Comment:</td><td>" . stripslashes($commentdata["comment_content"]) . "</td></tr>\n";
|
||||
echo "</table>\n";
|
||||
echo "<p>Are you sure you want to do that?</p>\n";
|
||||
|
||||
echo "<form action=\"$siteurl/wp-admin/wp-post.php\" method=\"get\">\n";
|
||||
echo "<input type=\"hidden\" name=\"action\" value=\"deletecomment\" />\n";
|
||||
echo "<input type=\"hidden\" name=\"p\" value=\"$p\" />\n";
|
||||
echo "<input type=\"hidden\" name=\"comment\" value=\"$comment\" />\n";
|
||||
echo "<input type=\"hidden\" name=\"noredir\" value=\"1\" />\n";
|
||||
echo "<input type=\"submit\" value=\"Yes\" />";
|
||||
echo " ";
|
||||
echo "<input type=\"button\" value=\"No\" onClick=\"self.location='$siteurl/wp-admin/edit.php?p=$p&c=1#comments';\" />\n";
|
||||
echo "</form>\n";
|
||||
echo "</div>\n";
|
||||
|
||||
break;
|
||||
|
||||
case 'deletecomment':
|
||||
|
||||
$standalone = 1;
|
||||
require_once('./b2header.php');
|
||||
$standalone = 1;
|
||||
require_once('./b2header.php');
|
||||
|
||||
if ($user_level == 0)
|
||||
die ('Cheatin’ uh?');
|
||||
if ($user_level == 0)
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
|
||||
$comment = $HTTP_GET_VARS['comment'];
|
||||
$p = $HTTP_GET_VARS['p'];
|
||||
$comment = $HTTP_GET_VARS['comment'];
|
||||
$p = $HTTP_GET_VARS['p'];
|
||||
if (isset($HTTP_GET_VARS['noredir'])) {
|
||||
$noredir = true;
|
||||
} else {
|
||||
$noredir = false;
|
||||
}
|
||||
|
||||
$postdata = get_postdata($p) or die('Oops, no post with this ID. <a href="edit.php">Go back</a>!');
|
||||
$commentdata = get_commentdata($comment, 1, true) or die('Oops, no comment with this ID. <a href="wp-post.php">Go back</a>!');
|
||||
|
||||
$postdata = get_postdata($p) or die('Oops, no post with this ID. <a href="wp-post.php">Go back</a>!');
|
||||
$commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. <a href="wp-post.php">Go back</a>!');
|
||||
$authordata = get_userdata($postdata['Author_ID']);
|
||||
if ($user_level < $authordata->user_level)
|
||||
die ('You don’t have the right to delete <strong>'.$authordata->user_nickname.'</strong>’s post comments. <a href="wp-post.php">Go back</a>!');
|
||||
|
||||
$authordata = get_userdata($postdata['Author_ID']);
|
||||
if ($user_level < $authordata->user_level)
|
||||
die ('You don’t have the right to delete <strong>'.$authordata->user_nickname.'</strong>’s post comments. <a href="wp-post.php">Go back</a>!');
|
||||
wp_set_comment_status($comment, "delete");
|
||||
|
||||
$result = $wpdb->query("DELETE FROM $tablecomments WHERE comment_ID=$comment");
|
||||
if (($HTTP_SERVER_VARS['HTTP_REFERER'] != "") && (false == $noredir)) {
|
||||
header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
|
||||
} else {
|
||||
header('Location: '.$siteurl.'/wp-admin/edit.php?p='.$p.'&c=1#comments');
|
||||
}
|
||||
|
||||
if($HTTP_SERVER_VARS['HTTP_REFERER'] != "") {
|
||||
header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
|
||||
} else {
|
||||
header('Location: '.$siteurl.'/wp-admin/');
|
||||
}
|
||||
break;
|
||||
|
||||
case 'unapprovecomment':
|
||||
|
||||
$standalone = 1;
|
||||
require_once('./b2header.php');
|
||||
|
||||
if ($user_level == 0)
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
$comment = $HTTP_GET_VARS['comment'];
|
||||
$p = $HTTP_GET_VARS['p'];
|
||||
if (isset($HTTP_GET_VARS['noredir'])) {
|
||||
$noredir = true;
|
||||
} else {
|
||||
$noredir = false;
|
||||
}
|
||||
|
||||
break;
|
||||
$commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. <a href="edit.php">Go back</a>!');
|
||||
|
||||
wp_set_comment_status($comment, "hold");
|
||||
|
||||
if (($HTTP_SERVER_VARS['HTTP_REFERER'] != "") && (false == $noredir)) {
|
||||
header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
|
||||
} else {
|
||||
header('Location: '.$siteurl.'/wp-admin/edit.php?p='.$p.'&c=1#comments');
|
||||
}
|
||||
|
||||
break;
|
||||
|
||||
case 'mailapprovecomment':
|
||||
|
||||
$standalone = 0;
|
||||
require_once('./b2header.php');
|
||||
|
||||
if ($user_level == 0)
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
$comment = $HTTP_GET_VARS['comment'];
|
||||
$p = $HTTP_GET_VARS['p'];
|
||||
$commentdata = get_commentdata($comment, 1, true) or die('Oops, no comment with this ID. <a href="edit.php">Go back</a>!');
|
||||
|
||||
wp_set_comment_status($comment, "approve");
|
||||
if (get_settings("comments_notify") == true) {
|
||||
wp_notify_postauthor($comment);
|
||||
}
|
||||
|
||||
echo "<div class=\"wrap\">\n";
|
||||
echo "<p>Comment has been approved.</p>\n";
|
||||
|
||||
echo "<form action=\"$siteurl/wp-admin/edit.php?p=$p&c=1#comments\" method=\"get\">\n";
|
||||
echo "<input type=\"hidden\" name=\"p\" value=\"$p\" />\n";
|
||||
echo "<input type=\"hidden\" name=\"c\" value=\"1\" />\n";
|
||||
echo "<input type=\"submit\" value=\"Ok\" />";
|
||||
echo "</form>\n";
|
||||
echo "</div>\n";
|
||||
|
||||
break;
|
||||
|
||||
case 'approvecomment':
|
||||
|
||||
$standalone = 1;
|
||||
require_once('./b2header.php');
|
||||
|
||||
if ($user_level == 0)
|
||||
die ('Cheatin’ uh?');
|
||||
|
||||
$comment = $HTTP_GET_VARS['comment'];
|
||||
$p = $HTTP_GET_VARS['p'];
|
||||
if (isset($HTTP_GET_VARS['noredir'])) {
|
||||
$noredir = true;
|
||||
} else {
|
||||
$noredir = false;
|
||||
}
|
||||
$commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. <a href="edit.php">Go back</a>!');
|
||||
|
||||
wp_set_comment_status($comment, "approve");
|
||||
if (get_settings("comments_notify") == true) {
|
||||
wp_notify_postauthor($comment);
|
||||
}
|
||||
|
||||
|
||||
if (($HTTP_SERVER_VARS['HTTP_REFERER'] != "") && (false == $noredir)) {
|
||||
header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
|
||||
} else {
|
||||
header('Location: '.$siteurl.'/wp-admin/edit.php?p='.$p.'&c=1#comments');
|
||||
}
|
||||
|
||||
break;
|
||||
|
||||
case 'editedcomment':
|
||||
|
||||
$standalone = 1;
|
||||
@ -482,4 +610,4 @@ switch($action) {
|
||||
} // end switch
|
||||
/* </Edit> */
|
||||
include('b2footer.php');
|
||||
?>
|
||||
?>
|
||||
|
@ -53,6 +53,7 @@ foreach ($posts as $post) { start_b2();
|
||||
FROM $tablecomments
|
||||
LEFT JOIN $tableposts ON comment_post_id = id
|
||||
WHERE comment_post_ID = '$id'
|
||||
AND $tablecomments.comment_approved = '1'
|
||||
AND $tableposts.post_status = 'publish'
|
||||
AND post_category > '0'
|
||||
AND post_date < '".date("Y-m-d H:i:s")."'
|
||||
@ -72,6 +73,7 @@ foreach ($posts as $post) { start_b2();
|
||||
FROM $tablecomments
|
||||
LEFT JOIN $tableposts ON comment_post_id = id
|
||||
WHERE $tableposts.post_status = 'publish'
|
||||
AND $tablecomments.comment_approved = '1'
|
||||
AND post_category > '0'
|
||||
AND post_date < '".date("Y-m-d H:i:s")."'
|
||||
ORDER BY comment_date DESC
|
||||
@ -106,4 +108,4 @@ foreach ($posts as $post) { start_b2();
|
||||
}
|
||||
?>
|
||||
</channel>
|
||||
</rss>
|
||||
</rss>
|
||||
|
Loading…
Reference in New Issue
Block a user