| 1 |
<?php |
|---|
| 2 |
require( dirname(__FILE__) . '/wp-config.php' ); |
|---|
| 3 |
|
|---|
| 4 |
nocache_headers(); |
|---|
| 5 |
|
|---|
| 6 |
$comment_post_ID = (int) $_POST['comment_post_ID']; |
|---|
| 7 |
|
|---|
| 8 |
$status = $wpdb->get_row("SELECT post_status, comment_status FROM $wpdb->posts WHERE ID = '$comment_post_ID'"); |
|---|
| 9 |
|
|---|
| 10 |
if ( empty($status->comment_status) ) { |
|---|
| 11 |
do_action('comment_id_not_found', $comment_post_ID); |
|---|
| 12 |
exit; |
|---|
| 13 |
} elseif ( 'closed' == $status->comment_status ) { |
|---|
| 14 |
do_action('comment_closed', $comment_post_ID); |
|---|
| 15 |
wp_die( __('Sorry, comments are closed for this item.') ); |
|---|
| 16 |
} elseif ( 'draft' == $status->post_status ) { |
|---|
| 17 |
do_action('comment_on_draft', $comment_post_ID); |
|---|
| 18 |
exit; |
|---|
| 19 |
} |
|---|
| 20 |
|
|---|
| 21 |
$comment_author = trim($_POST['author']); |
|---|
| 22 |
$comment_author_email = trim($_POST['email']); |
|---|
| 23 |
$comment_author_url = trim($_POST['url']); |
|---|
| 24 |
$comment_content = trim($_POST['comment']); |
|---|
| 25 |
|
|---|
| 26 |
|
|---|
| 27 |
$user = wp_get_current_user(); |
|---|
| 28 |
if ( $user->ID ) : |
|---|
| 29 |
$comment_author = $wpdb->escape($user->display_name); |
|---|
| 30 |
$comment_author_email = $wpdb->escape($user->user_email); |
|---|
| 31 |
$comment_author_url = $wpdb->escape($user->user_url); |
|---|
| 32 |
else : |
|---|
| 33 |
if ( get_option('comment_registration') ) |
|---|
| 34 |
wp_die( __('Sorry, you must be logged in to post a comment.') ); |
|---|
| 35 |
endif; |
|---|
| 36 |
|
|---|
| 37 |
$comment_type = ''; |
|---|
| 38 |
|
|---|
| 39 |
if ( get_option('require_name_email') && !$user->ID ) { |
|---|
| 40 |
if ( 6 > strlen($comment_author_email) || '' == $comment_author ) |
|---|
| 41 |
wp_die( __('Error: please fill the required fields (name, email).') ); |
|---|
| 42 |
elseif ( !is_email($comment_author_email)) |
|---|
| 43 |
wp_die( __('Error: please enter a valid email address.') ); |
|---|
| 44 |
} |
|---|
| 45 |
|
|---|
| 46 |
if ( '' == $comment_content ) |
|---|
| 47 |
wp_die( __('Error: please type a comment.') ); |
|---|
| 48 |
|
|---|
| 49 |
$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'user_ID'); |
|---|
| 50 |
|
|---|
| 51 |
$comment_id = wp_new_comment( $commentdata ); |
|---|
| 52 |
|
|---|
| 53 |
$comment = get_comment($comment_id); |
|---|
| 54 |
if ( !$user->ID ) : |
|---|
| 55 |
setcookie('comment_author_' . COOKIEHASH, $comment->comment_author, time() + 30000000, COOKIEPATH, COOKIE_DOMAIN); |
|---|
| 56 |
setcookie('comment_author_email_' . COOKIEHASH, $comment->comment_author_email, time() + 30000000, COOKIEPATH, COOKIE_DOMAIN); |
|---|
| 57 |
setcookie('comment_author_url_' . COOKIEHASH, clean_url($comment->comment_author_url), time() + 30000000, COOKIEPATH, COOKIE_DOMAIN); |
|---|
| 58 |
endif; |
|---|
| 59 |
|
|---|
| 60 |
$location = ( empty($_POST['redirect_to']) ? get_permalink($comment_post_ID) : $_POST['redirect_to'] ) . '#comment-' . $comment_id; |
|---|
| 61 |
$location = apply_filters('comment_post_redirect', $location, $comment); |
|---|
| 62 |
|
|---|
| 63 |
wp_redirect($location); |
|---|
| 64 |
|
|---|
| 65 |
?> |
|---|
| 66 |
|
|---|
