| author | ymh <ymh.work@gmail.com> |
| Tue, 27 Sep 2022 16:37:53 +0200 | |
| changeset 19 | 3d72ae0968f4 |
| parent 18 | be944660c56a |
| child 21 | 48c4eec2b7e6 |
| permissions | -rw-r--r-- |
| 0 | 1 |
<?php |
2 |
/** |
|
3 |
* Handles Comment Post to WordPress and prevents duplicate comment posting. |
|
4 |
* |
|
5 |
* @package WordPress |
|
6 |
*/ |
|
7 |
||
| 16 | 8 |
if ( 'POST' !== $_SERVER['REQUEST_METHOD'] ) { |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
9 |
$protocol = $_SERVER['SERVER_PROTOCOL']; |
| 19 | 10 |
if ( ! in_array( $protocol, array( 'HTTP/1.1', 'HTTP/2', 'HTTP/2.0', 'HTTP/3' ), true ) ) { |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
11 |
$protocol = 'HTTP/1.0'; |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
12 |
} |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
13 |
|
| 9 | 14 |
header( 'Allow: POST' ); |
15 |
header( "$protocol 405 Method Not Allowed" ); |
|
16 |
header( 'Content-Type: text/plain' ); |
|
| 0 | 17 |
exit; |
18 |
} |
|
19 |
||
20 |
/** Sets up the WordPress Environment. */ |
|
| 16 | 21 |
require __DIR__ . '/wp-load.php'; |
| 0 | 22 |
|
23 |
nocache_headers(); |
|
24 |
||
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
25 |
$comment = wp_handle_comment_submission( wp_unslash( $_POST ) ); |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
26 |
if ( is_wp_error( $comment ) ) { |
| 18 | 27 |
$data = (int) $comment->get_error_data(); |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
28 |
if ( ! empty( $data ) ) { |
| 9 | 29 |
wp_die( |
30 |
'<p>' . $comment->get_error_message() . '</p>', |
|
31 |
__( 'Comment Submission Failure' ), |
|
32 |
array( |
|
33 |
'response' => $data, |
|
34 |
'back_link' => true, |
|
35 |
) |
|
36 |
); |
|
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
37 |
} else { |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
38 |
exit; |
| 5 | 39 |
} |
| 0 | 40 |
} |
41 |
||
| 9 | 42 |
$user = wp_get_current_user(); |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
43 |
$cookies_consent = ( isset( $_POST['wp-comment-cookies-consent'] ) ); |
| 0 | 44 |
|
45 |
/** |
|
46 |
* Perform other actions when comment cookies are set. |
|
47 |
* |
|
48 |
* @since 3.4.0 |
|
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
49 |
* @since 4.9.6 The `$cookies_consent` parameter was added. |
| 0 | 50 |
* |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
51 |
* @param WP_Comment $comment Comment object. |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
52 |
* @param WP_User $user Comment author's user object. The user may not exist. |
| 16 | 53 |
* @param bool $cookies_consent Comment author's consent to store cookies. |
| 0 | 54 |
*/ |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
55 |
do_action( 'set_comment_cookies', $comment, $user, $cookies_consent ); |
| 0 | 56 |
|
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
57 |
$location = empty( $_POST['redirect_to'] ) ? get_comment_link( $comment ) : $_POST['redirect_to'] . '#comment-' . $comment->comment_ID; |
| 0 | 58 |
|
| 16 | 59 |
// If user didn't consent to cookies, add specific query arguments to display the awaiting moderation message. |
60 |
if ( ! $cookies_consent && 'unapproved' === wp_get_comment_status( $comment ) && ! empty( $comment->comment_author_email ) ) { |
|
| 9 | 61 |
$location = add_query_arg( |
62 |
array( |
|
63 |
'unapproved' => $comment->comment_ID, |
|
64 |
'moderation-hash' => wp_hash( $comment->comment_date_gmt ), |
|
65 |
), |
|
66 |
$location |
|
67 |
); |
|
68 |
} |
|
69 |
||
| 0 | 70 |
/** |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
71 |
* Filters the location URI to send the commenter after posting. |
| 0 | 72 |
* |
| 5 | 73 |
* @since 2.0.5 |
| 0 | 74 |
* |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
75 |
* @param string $location The 'redirect_to' URI sent via $_POST. |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
76 |
* @param WP_Comment $comment Comment object. |
| 0 | 77 |
*/ |
78 |
$location = apply_filters( 'comment_post_redirect', $location, $comment ); |
|
79 |
||
80 |
wp_safe_redirect( $location ); |
|
81 |
exit; |