$num_links = preg_match_all( '/<a [^>]*href/i', $comment, $out );
/**
- * Filter the maximum number of links allowed in a comment.
+ * Filters the number of links found in a comment.
*
* @since 3.0.0
*
- * @param int $num_links The number of links allowed.
+ * @param int $num_links The number of links found.
* @param string $url Comment author's URL. Included in allowed links total.
*/
$num_links = apply_filters( 'comment_max_links_url', $num_links, $url );
* Retrieve the approved comments for post $post_id.
*
* @since 2.0.0
- * @since 4.1.0 Refactored to leverage {@see WP_Comment_Query} over a direct query.
+ * @since 4.1.0 Refactored to leverage WP_Comment_Query over a direct query.
*
* @param int $post_id The ID of the post.
- * @param array $args Optional. See {@see WP_Comment_Query::query()} for information
- * on accepted arguments.
+ * @param array $args Optional. See WP_Comment_Query::query() for information on accepted arguments.
* @return int|array $comments The approved comments, or number of comments if `$count`
* argument is true.
*/
*
* @since 2.7.0
*
- * @param string|array $args Optional. Array or string of arguments. See {@see WP_Comment_Query::parse_query()}
+ * @param string|array $args Optional. Array or string of arguments. See WP_Comment_Query::parse_query()
* for information on accepted arguments. Default empty.
* @return int|array List of comments or number of found comments if `$count` argument is true.
*/
}
/**
- * Filter the default comment status for the given post type.
+ * Filters the default comment status for the given post type.
*
* @since 4.3.0
*
/**
* The amount of comments in a post or total comments.
*
- * A lot like {@link wp_count_comments()}, in that they both return comment
- * stats (albeit with different types). The {@link wp_count_comments()} actual
- * caches, but this function does not.
+ * A lot like wp_count_comments(), in that they both return comment stats (albeit with different types).
+ * The wp_count_comments() actually caches, but this function does not.
*
* @since 2.0.0
*
return;
/**
- * Filter the lifetime of the comment cookie in seconds.
+ * Filters the lifetime of the comment cookie in seconds.
*
* @since 2.8.0
*
function sanitize_comment_cookies() {
if ( isset( $_COOKIE['comment_author_' . COOKIEHASH] ) ) {
/**
- * Filter the comment author's name cookie before it is set.
+ * Filters the comment author's name cookie before it is set.
*
* When this filter hook is evaluated in wp_filter_comment(),
* the comment author's name string is passed.
if ( isset( $_COOKIE['comment_author_email_' . COOKIEHASH] ) ) {
/**
- * Filter the comment author's email cookie before it is set.
+ * Filters the comment author's email cookie before it is set.
*
* When this filter hook is evaluated in wp_filter_comment(),
* the comment author's email string is passed.
if ( isset( $_COOKIE['comment_author_url_' . COOKIEHASH] ) ) {
/**
- * Filter the comment author's URL cookie before it is set.
+ * Filters the comment author's URL cookie before it is set.
*
* When this filter hook is evaluated in wp_filter_comment(),
* the comment author's URL string is passed.
);
if ( $commentdata['comment_author_email'] ) {
$dupe .= $wpdb->prepare(
- "OR comment_author_email = %s ",
+ "AND comment_author_email = %s ",
wp_unslash( $commentdata['comment_author_email'] )
);
}
}
/**
- * Filter a comment's approval status before it is set.
+ * Filters a comment's approval status before it is set.
*
* @since 2.1.0
*
$time_lastcomment = mysql2date('U', $lasttime, false);
$time_newcomment = mysql2date('U', $date, false);
/**
- * Filter the comment flood status.
+ * Filters the comment flood status.
*
* @since 2.1.0
*
$mod_keys = trim( get_option('blacklist_keys') );
if ( '' == $mod_keys )
return false; // If moderation keys are empty
+
+ // Ensure HTML tags are not being used to bypass the blacklist.
+ $comment_without_html = wp_strip_all_tags( $comment );
+
$words = explode("\n", $mod_keys );
foreach ( (array) $words as $word ) {
|| preg_match($pattern, $email)
|| preg_match($pattern, $url)
|| preg_match($pattern, $comment)
+ || preg_match($pattern, $comment_without_html)
|| preg_match($pattern, $user_ip)
|| preg_match($pattern, $user_agent)
)
$post_id = (int) $post_id;
/**
- * Filter the comments count for a given post.
+ * Filters the comments count for a given post.
*
* @since 2.7.0
*
*
* Calls hooks for comment status transitions. If the new comment status is not the same
* as the previous comment status, then two hooks will be ran, the first is
- * 'transition_comment_status' with new status, old status, and comment data. The
- * next action called is 'comment_OLDSTATUS_to_NEWSTATUS' the NEWSTATUS is the
- * $new_status parameter and the OLDSTATUS is $old_status parameter; it has the
+ * {@see 'transition_comment_status'} with new status, old status, and comment data. The
+ * next action called is {@see comment_$old_status_to_$new_status'}. It has the
* comment data.
*
* The final action will run whether or not the comment statuses are the same. The
- * action is named 'comment_NEWSTATUS_COMMENTTYPE', NEWSTATUS is from the $new_status
- * parameter and COMMENTTYPE is comment_type comment data.
+ * action is named {@see 'comment_$new_status_$comment->comment_type'}.
*
* @since 2.7.0
*
$comment_author_url = $_COOKIE['comment_author_url_'.COOKIEHASH];
/**
- * Filter the current commenter's name, email, and URL.
+ * Filters the current commenter's name, email, and URL.
*
* @since 3.1.0
*
if ( $comment_approved == 1 ) {
wp_update_comment_count( $comment_post_ID );
}
+
+ clean_comment_cache( $id );
+
$comment = get_comment( $id );
// If metadata is provided, store it.
*/
do_action( 'wp_insert_comment', $id, $comment );
- wp_cache_set( 'last_changed', microtime(), 'comment' );
-
return $id;
}
function wp_filter_comment($commentdata) {
if ( isset( $commentdata['user_ID'] ) ) {
/**
- * Filter the comment author's user id before it is set.
+ * Filters the comment author's user id before it is set.
*
* The first time this filter is evaluated, 'user_ID' is checked
* (for back-compat), followed by the standard 'user_id' value.
}
/**
- * Filter the comment author's browser user agent before it is set.
+ * Filters the comment author's browser user agent before it is set.
*
* @since 1.5.0
*
/** This filter is documented in wp-includes/comment.php */
$commentdata['comment_author'] = apply_filters( 'pre_comment_author_name', $commentdata['comment_author'] );
/**
- * Filter the comment content before it is set.
+ * Filters the comment content before it is set.
*
* @since 1.5.0
*
*/
$commentdata['comment_content'] = apply_filters( 'pre_comment_content', $commentdata['comment_content'] );
/**
- * Filter the comment author's IP before it is set.
+ * Filters the comment author's IP before it is set.
*
* @since 1.5.0
*
* Adds a new comment to the database.
*
* Filters new comment to ensure that the fields are sanitized and valid before
- * inserting comment into database. Calls 'comment_post' action with comment ID
- * and whether comment is approved by WordPress. Also has 'preprocess_comment'
+ * inserting comment into database. Calls {@see 'comment_post'} action with comment ID
+ * and whether comment is approved by WordPress. Also has {@see 'preprocess_comment'}
* filter for processing the comment data before the function handles it.
*
- * We use REMOTE_ADDR here directly. If you are behind a proxy, you should ensure
+ * We use `REMOTE_ADDR` here directly. If you are behind a proxy, you should ensure
* that it is properly set, such as in wp-config.php, for your environment.
+ *
* See {@link https://core.trac.wordpress.org/ticket/9235}
*
* @since 1.5.0
$prefiltered_user_id = ( isset( $commentdata['user_id'] ) ) ? (int) $commentdata['user_id'] : 0;
/**
- * Filter a comment's data before it is sanitized and inserted into the database.
+ * Filters a comment's data before it is sanitized and inserted into the database.
*
* @since 1.5.0
*
$maybe_notify = get_option( 'comments_notify' );
/**
- * Filter whether to send the post author new comment notification emails,
+ * Filters whether to send the post author new comment notification emails,
* overriding the site setting.
*
* @since 4.4.0
/**
* Sets the status of a comment.
*
- * The 'wp_set_comment_status' action is called after the comment is handled.
+ * The {@see 'wp_set_comment_status'} action is called after the comment is handled.
* If the comment status is not in the list, then false is returned.
*
* @since 1.0.0
$data = wp_unslash( $commentarr );
/**
- * Filter the comment content before it is updated in the database.
+ * Filters the comment content before it is updated in the database.
*
* @since 1.5.0
*
* The hook also fires immediately before comment status transition hooks are fired.
*
* @since 1.2.0
+ * @since 4.6.0 Added the `$data` parameter.
*
- * @param int $comment_ID The comment ID.
+ * @param int $comment_ID The comment ID.
+ * @param array $data Comment data.
*/
- do_action( 'edit_comment', $comment_ID );
+ do_action( 'edit_comment', $comment_ID, $data );
$comment = get_comment($comment_ID);
wp_transition_comment_status($comment->comment_approved, $old_status, $comment);
return $rval;
*/
function discover_pingback_server_uri( $url, $deprecated = '' ) {
if ( !empty( $deprecated ) )
- _deprecated_argument( __FUNCTION__, '2.7' );
+ _deprecated_argument( __FUNCTION__, '2.7.0' );
$pingback_str_dquote = 'rel="pingback"';
$pingback_str_squote = 'rel=\'pingback\'';
$client = new WP_HTTP_IXR_Client($pingback_server_url);
$client->timeout = 3;
/**
- * Filter the user agent sent when pinging-back a URL.
+ * Filters the user agent sent when pinging-back a URL.
*
* @since 2.9.0
*
* which reports that the pingback is already registered.
*
* @since 3.5.1
- * @link http://www.hixie.ch/specs/pingback/pingback#TOC3
+ * @link https://www.hixie.ch/specs/pingback/pingback#TOC3
*
* @param IXR_Error $ixr_error
* @return IXR_Error
return $posts;
/**
- * Filter the list of post types to automatically close comments for.
+ * Filters the list of post types to automatically close comments for.
*
* @since 3.2.0
*