X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/11be8dc178e77d0b46189bbd8e33a216a9b90942..refs/tags/wordpress-2.9:/wp-admin/edit-comments.php diff --git a/wp-admin/edit-comments.php b/wp-admin/edit-comments.php index 43eecffc..ee23b3e3 100644 --- a/wp-admin/edit-comments.php +++ b/wp-admin/edit-comments.php @@ -9,45 +9,41 @@ /** WordPress Administration Bootstrap */ require_once('admin.php'); +if ( !current_user_can('edit_posts') ) + wp_die(__('Cheatin’ uh?')); + wp_enqueue_script('admin-comments'); enqueue_comment_hotkeys_js(); $post_id = isset($_REQUEST['p']) ? (int) $_REQUEST['p'] : 0; -if ( ( isset( $_REQUEST['delete_all_spam'] ) || isset( $_REQUEST['delete_all_spam2'] ) ) && !empty( $_REQUEST['pagegen_timestamp'] ) ) { - check_admin_referer('bulk-spam-delete', '_spam_nonce'); +if ( isset($_REQUEST['doaction']) || isset($_REQUEST['doaction2']) || isset($_REQUEST['delete_all']) || isset($_REQUEST['delete_all2']) ) { + check_admin_referer('bulk-comments'); - $delete_time = $wpdb->escape( $_REQUEST['pagegen_timestamp'] ); - if ( current_user_can('moderate_comments')) { - $deleted_spam = $wpdb->query( "DELETE FROM $wpdb->comments WHERE comment_approved = 'spam' AND '$delete_time' > comment_date_gmt" ); + if ( (isset($_REQUEST['delete_all']) || isset($_REQUEST['delete_all2'])) && !empty($_REQUEST['pagegen_timestamp']) ) { + $comment_status = $wpdb->escape($_REQUEST['comment_status']); + $delete_time = $wpdb->escape($_REQUEST['pagegen_timestamp']); + $comment_ids = $wpdb->get_col( "SELECT comment_ID FROM $wpdb->comments WHERE comment_approved = '$comment_status' AND '$delete_time' > comment_date_gmt" ); + $doaction = 'delete'; + } elseif ( ($_REQUEST['action'] != -1 || $_REQUEST['action2'] != -1) && isset($_REQUEST['delete_comments']) ) { + $comment_ids = $_REQUEST['delete_comments']; + $doaction = ($_REQUEST['action'] != -1) ? $_REQUEST['action'] : $_REQUEST['action2']; + } elseif ( $_REQUEST['doaction'] == 'undo' && isset($_REQUEST['ids']) ) { + $comment_ids = array_map( 'absint', explode(',', $_REQUEST['ids']) ); + $doaction = $_REQUEST['action']; } else { - $deleted_spam = 0; + wp_redirect($_SERVER['HTTP_REFERER']); } - $redirect_to = 'edit-comments.php?comment_status=spam&deleted=' . (int) $deleted_spam; - if ( $post_id ) - $redirect_to = add_query_arg( 'p', absint( $post_id ), $redirect_to ); - wp_redirect( $redirect_to ); -} elseif ( isset($_REQUEST['delete_comments']) && isset($_REQUEST['action']) && ( -1 != $_REQUEST['action'] || -1 != $_REQUEST['action2'] ) ) { - check_admin_referer('bulk-comments'); - $doaction = ( -1 != $_REQUEST['action'] ) ? $_REQUEST['action'] : $_REQUEST['action2']; - $deleted = $approved = $unapproved = $spammed = 0; - foreach ( (array) $_REQUEST['delete_comments'] as $comment_id) : // Check the permissions on each - $comment_id = (int) $comment_id; + $approved = $unapproved = $spammed = $unspammed = $trashed = $untrashed = $deleted = 0; + + foreach ($comment_ids as $comment_id) { // Check the permissions on each $_post_id = (int) $wpdb->get_var( $wpdb->prepare( "SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = %d", $comment_id) ); if ( !current_user_can('edit_post', $_post_id) ) continue; switch( $doaction ) { - case 'markspam' : - wp_set_comment_status($comment_id, 'spam'); - $spammed++; - break; - case 'delete' : - wp_set_comment_status($comment_id, 'delete'); - $deleted++; - break; case 'approve' : wp_set_comment_status($comment_id, 'approve'); $approved++; @@ -56,10 +52,48 @@ if ( ( isset( $_REQUEST['delete_all_spam'] ) || isset( $_REQUEST['delete_all_spa wp_set_comment_status($comment_id, 'hold'); $unapproved++; break; + case 'spam' : + wp_spam_comment($comment_id); + $spammed++; + break; + case 'unspam' : + wp_unspam_comment($comment_id); + $unspammed++; + break; + case 'trash' : + wp_trash_comment($comment_id); + $trashed++; + break; + case 'untrash' : + wp_untrash_comment($comment_id); + $untrashed++; + break; + case 'delete' : + wp_delete_comment($comment_id); + $deleted++; + break; } - endforeach; + } + + $redirect_to = 'edit-comments.php'; + + if ( $approved ) + $redirect_to = add_query_arg( 'approved', $approved, $redirect_to ); + if ( $unapproved ) + $redirect_to = add_query_arg( 'unapproved', $unapproved, $redirect_to ); + if ( $spammed ) + $redirect_to = add_query_arg( 'spammed', $spammed, $redirect_to ); + if ( $unspammed ) + $redirect_to = add_query_arg( 'unspammed', $unspammed, $redirect_to ); + if ( $trashed ) + $redirect_to = add_query_arg( 'trashed', $trashed, $redirect_to ); + if ( $untrashed ) + $redirect_to = add_query_arg( 'untrashed', $untrashed, $redirect_to ); + if ( $deleted ) + $redirect_to = add_query_arg( 'deleted', $deleted, $redirect_to ); + if ( $trashed || $spammed ) + $redirect_to = add_query_arg( 'ids', join(',', $comment_ids), $redirect_to ); - $redirect_to = 'edit-comments.php?deleted=' . $deleted . '&approved=' . $approved . '&spam=' . $spammed . '&unapproved=' . $unapproved; if ( $post_id ) $redirect_to = add_query_arg( 'p', absint( $post_id ), $redirect_to ); if ( isset($_REQUEST['apage']) ) @@ -83,43 +117,60 @@ else require_once('admin-header.php'); -$mode = ( ! isset($_GET['mode']) || empty($_GET['mode']) ) ? 'detail' : attribute_escape($_GET['mode']); +$mode = ( ! isset($_GET['mode']) || empty($_GET['mode']) ) ? 'detail' : esc_attr($_GET['mode']); -$comment_status = !empty($_GET['comment_status']) ? attribute_escape($_GET['comment_status']) : ''; +$comment_status = isset($_REQUEST['comment_status']) ? $_REQUEST['comment_status'] : 'all'; +if ( !in_array($comment_status, array('all', 'moderated', 'approved', 'spam', 'trash')) ) + $comment_status = 'all'; -$comment_type = !empty($_GET['comment_type']) ? attribute_escape($_GET['comment_type']) : ''; +$comment_type = !empty($_GET['comment_type']) ? esc_attr($_GET['comment_type']) : ''; $search_dirty = ( isset($_GET['s']) ) ? $_GET['s'] : ''; -$search = attribute_escape( $search_dirty ); ?> +$search = esc_attr( $search_dirty ); ?>
';
if ( $approved > 0 ) {
- printf( __ngettext( '%s comment approved', '%s comments approved', $approved ), $approved );
+ printf( _n( '%s comment approved', '%s comments approved', $approved ), $approved );
echo '
';
}
-
- if ( $deleted > 0 ) {
- printf( __ngettext( '%s comment deleted', '%s comments deleted', $deleted ), $deleted );
+ if ( $spammed > 0 ) {
+ printf( _n( '%s comment marked as spam.', '%s comments marked as spam.', $spammed ), $spammed );
+ $ids = isset($_GET['ids']) ? $_GET['ids'] : 0;
+ echo ' ' . __('Undo') . '
';
+ }
+ if ( $unspammed > 0 ) {
+ printf( _n( '%s comment restored from the spam', '%s comments restored from the spam', $unspammed ), $unspammed );
echo '
';
}
-
- if ( $spam > 0 ) {
- printf( __ngettext( '%s comment marked as spam', '%s comments marked as spam', $spam ), $spam );
+ if ( $trashed > 0 ) {
+ printf( _n( '%s comment moved to the trash.', '%s comments moved to the trash.', $trashed ), $trashed );
+ $ids = isset($_GET['ids']) ? $_GET['ids'] : 0;
+ echo ' ' . __('Undo') . '
';
+ }
+ if ( $untrashed > 0 ) {
+ printf( _n( '%s comment restored from the trash', '%s comments restored from the trash', $untrashed ), $untrashed );
+ echo '
';
+ }
+ if ( $deleted > 0 ) {
+ printf( _n( '%s comment permanently deleted', '%s comments permanently deleted', $deleted ), $deleted );
echo '
';
}
@@ -136,34 +187,37 @@ $num_comments = ( $post_id ) ? wp_count_comments( $post_id ) : wp_count_comments
//, number_format_i18n($num_comments->moderated) ), "" . number_format_i18n($num_comments->moderated) . ""),
//, number_format_i18n($num_comments->spam) ), "" . number_format_i18n($num_comments->spam) . "")
$stati = array(
- 'all' => __ngettext_noop('All', 'All'), // singular not used
- 'moderated' => __ngettext_noop('Pending (%s)', 'Pending (%s)'),
- 'approved' => __ngettext_noop('Approved', 'Approved'), // singular not used
- 'spam' => __ngettext_noop('Spam (%s)', 'Spam (%s)')
+ 'all' => _n_noop('All', 'All'), // singular not used
+ 'moderated' => _n_noop('Pending (%s)', 'Pending (%s)'),
+ 'approved' => _n_noop('Approved', 'Approved'), // singular not used
+ 'spam' => _n_noop('Spam (%s)', 'Spam (%s)'),
+ 'trash' => _n_noop('Trash (%s)', 'Trash (%s)')
);
-$class = ( '' === $comment_status ) ? ' class="current"' : '';
-// $status_links[] = "
- - - + + +
- + - + - - + +