X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/177fd6fefd2e3d5a0ea6591c71d660cabdb3c1a4..9e77185fafaf4e60e2b73821e0e4b9b1a11fb85f:/wp-admin/edit-comments.php diff --git a/wp-admin/edit-comments.php b/wp-admin/edit-comments.php index bc62681b..5f289762 100644 --- a/wp-admin/edit-comments.php +++ b/wp-admin/edit-comments.php @@ -1,245 +1,254 @@ get_var("SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = $comment"); - // $authordata = get_userdata( $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $post_id") ); - if ( !current_user_can('edit_post', $post_id) ) - continue; - if ( !empty( $_REQUEST['spamit'] ) ) { - wp_set_comment_status($comment, 'spam'); - $comments_spammed++; - } elseif ( !empty( $_REQUEST['deleteit'] ) ) { - wp_set_comment_status($comment, 'delete'); - $comments_deleted++; - } elseif ( !empty( $_REQUEST['approveit'] ) ) { - wp_set_comment_status($comment, 'approve'); - $comments_approved++; - } elseif ( !empty( $_REQUEST['unapproveit'] ) ) { - wp_set_comment_status($comment, 'hold'); - $comments_unapproved++; - } - endforeach; - $redirect_to = basename( __FILE__ ) . '?deleted=' . $comments_deleted . '&approved=' . $comments_approved . '&spam=' . $comments_spammed . '&unapproved=' . $comments_unapproved; - if ( !empty($_REQUEST['mode']) ) - $redirect_to = add_query_arg('mode', $_REQUEST['mode'], $redirect_to); - if ( !empty($_REQUEST['comment_status']) ) - $redirect_to = add_query_arg('comment_status', $_REQUEST['comment_status'], $redirect_to); - if ( !empty($_REQUEST['s']) ) - $redirect_to = add_query_arg('s', $_REQUEST['s'], $redirect_to); - wp_redirect( $redirect_to ); -} elseif ( !empty($_GET['_wp_http_referer']) ) { - wp_redirect(remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI']))); - exit; -} - -require_once('admin-header.php'); - -if ( empty($_GET['mode']) ) - $mode = 'detail'; -else - $mode = attribute_escape($_GET['mode']); - -if ( isset($_GET['comment_status']) ) - $comment_status = attribute_escape($_GET['comment_status']); -else - $comment_status = ''; - -if ( isset($_GET['s']) ) - $search_dirty = $_GET['s']; -else - $search_dirty = ''; -$search = attribute_escape( $search_dirty ); -?> -get_pagenum(); + +$doaction = $wp_list_table->current_action(); + +if ( $doaction ) { + check_admin_referer( 'bulk-comments' ); + + if ( 'delete_all' == $doaction && !empty( $_REQUEST['pagegen_timestamp'] ) ) { + $comment_status = wp_unslash( $_REQUEST['comment_status'] ); + $delete_time = wp_unslash( $_REQUEST['pagegen_timestamp'] ); + $comment_ids = $wpdb->get_col( $wpdb->prepare( "SELECT comment_ID FROM $wpdb->comments WHERE comment_approved = %s AND %s > comment_date_gmt", $comment_status, $delete_time ) ); + $doaction = 'delete'; + } elseif ( isset( $_REQUEST['delete_comments'] ) ) { + $comment_ids = $_REQUEST['delete_comments']; + $doaction = ( $_REQUEST['action'] != -1 ) ? $_REQUEST['action'] : $_REQUEST['action2']; + } elseif ( isset( $_REQUEST['ids'] ) ) { + $comment_ids = array_map( 'absint', explode( ',', $_REQUEST['ids'] ) ); + } elseif ( wp_get_referer() ) { + wp_safe_redirect( wp_get_referer() ); + exit; + } - if ( $approved > 0 || $deleted > 0 || $spam > 0 ) { - echo '
';
+ $approved = $unapproved = $spammed = $unspammed = $trashed = $untrashed = $deleted = 0;
- if ( $approved > 0 ) {
- printf( __ngettext( '%s comment approved', '%s comments approved', $approved ), $approved );
- echo '
';
- }
+ $redirect_to = remove_query_arg( array( 'trashed', 'untrashed', 'deleted', 'spammed', 'unspammed', 'approved', 'unapproved', 'ids' ), wp_get_referer() );
+ $redirect_to = add_query_arg( 'paged', $pagenum, $redirect_to );
- if ( $deleted > 0 ) {
- printf( __ngettext( '%s comment deleted', '%s comments deleted', $deleted ), $deleted );
- echo '
';
- }
+ foreach ( $comment_ids as $comment_id ) { // Check the permissions on each
+ if ( !current_user_can( 'edit_comment', $comment_id ) )
+ continue;
- if ( $spam > 0 ) {
- printf( __ngettext( '%s comment marked as spam', '%s comments marked as spam', $spam ), $spam );
- echo '
';
+ switch ( $doaction ) {
+ case 'approve' :
+ wp_set_comment_status( $comment_id, 'approve' );
+ $approved++;
+ break;
+ case 'unapprove' :
+ wp_set_comment_status( $comment_id, 'hold' );
+ $unapproved++;
+ break;
+ case 'spam' :
+ wp_spam_comment( $comment_id );
+ $spammed++;
+ break;
+ case 'unspam' :
+ wp_unspam_comment( $comment_id );
+ $unspammed++;
+ break;
+ case 'trash' :
+ wp_trash_comment( $comment_id );
+ $trashed++;
+ break;
+ case 'untrash' :
+ wp_untrash_comment( $comment_id );
+ $untrashed++;
+ break;
+ case 'delete' :
+ wp_delete_comment( $comment_id );
+ $deleted++;
+ break;
}
-
- echo '
' . $error_msg . '
' . implode( "
\n", $messages ) . '
- | - | - | - |
---|
- -
- -- -
- -