X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/449d082fcc4873c1f7d363a0d9f7409be7f6e77d..cd3609994b39a094ff7528b93f55631bb213fd7f:/wp-admin/includes/comment.php

diff --git a/wp-admin/includes/comment.php b/wp-admin/includes/comment.php
index 0fd1533d..84589115 100644
--- a/wp-admin/includes/comment.php
+++ b/wp-admin/includes/comment.php
@@ -9,31 +9,32 @@
 /**
  * {@internal Missing Short Description}}
  *
- * @since unknown
+ * @since 2.0.0
  * @uses $wpdb
  *
- * @param string $comment_author
- * @param string $comment_date
+ * @param string $comment_author Author of the comment
+ * @param string $comment_date Date of the comment
  * @return mixed Comment ID on success.
  */
 function comment_exists($comment_author, $comment_date) {
 	global $wpdb;
 
+	$comment_author = stripslashes($comment_author);
+	$comment_date = stripslashes($comment_date);
+
 	return $wpdb->get_var( $wpdb->prepare("SELECT comment_post_ID FROM $wpdb->comments
 			WHERE comment_author = %s AND comment_date = %s", $comment_author, $comment_date) );
 }
 
 /**
- * {@internal Missing Short Description}}
+ * Update a comment with values provided in $_POST.
  *
- * @since unknown
+ * @since 2.0.0
  */
 function edit_comment() {
 
-	$comment_post_ID = (int) $_POST['comment_post_ID'];
-
-	if (!current_user_can( 'edit_post', $comment_post_ID ))
-		wp_die( __('You are not allowed to edit comments on this post, so you cannot edit this comment.' ));
+	if ( ! current_user_can( 'edit_comment', (int) $_POST['comment_ID'] ) )
+		wp_die ( __( 'You are not allowed to edit comments on this post.' ) );
 
 	$_POST['comment_author'] = $_POST['newcomment_author'];
 	$_POST['comment_author_email'] = $_POST['newcomment_author_email'];
@@ -49,7 +50,7 @@ function edit_comment() {
 		}
 	}
 
-	if (!empty ( $_POST['edit_date'] ) ) {
+	if ( !empty ( $_POST['edit_date'] ) ) {
 		$aa = $_POST['aa'];
 		$mm = $_POST['mm'];
 		$jj = $_POST['jj'];
@@ -63,16 +64,16 @@ function edit_comment() {
 		$_POST['comment_date'] = "$aa-$mm-$jj $hh:$mn:$ss";
 	}
 
-	wp_update_comment( $_POST);
+	wp_update_comment( $_POST );
 }
 
 /**
  * {@internal Missing Short Description}}
  *
- * @since unknown
+ * @since 2.0.0
  *
- * @param unknown_type $id
- * @return unknown
+ * @param int $id ID of comment to retrieve
+ * @return bool|object Comment if found. False on failure.
  */
 function get_comment_to_edit( $id ) {
 	if ( !$comment = get_comment($id) )
@@ -86,43 +87,52 @@ function get_comment_to_edit( $id ) {
 
 	$comment->comment_author = format_to_edit( $comment->comment_author );
 	$comment->comment_author_email = format_to_edit( $comment->comment_author_email );
-	$comment->comment_author_url = clean_url($comment->comment_author_url);
 	$comment->comment_author_url = format_to_edit( $comment->comment_author_url );
+	$comment->comment_author_url = esc_url($comment->comment_author_url);
 
 	return $comment;
 }
 
 /**
- * {@internal Missing Short Description}}
+ * Get the number of pending comments on a post or posts
  *
- * @since unknown
+ * @since 2.3.0
  * @uses $wpdb
  *
- * @param int $post_id Post ID
- * @return unknown
+ * @param int|array $post_id Either a single Post ID or an array of Post IDs
+ * @return int|array Either a single Posts pending comments as an int or an array of ints keyed on the Post IDs
  */
 function get_pending_comments_num( $post_id ) {
 	global $wpdb;
 
 	$single = false;
 	if ( !is_array($post_id) ) {
-		$post_id = (array) $post_id;
+		$post_id_array = (array) $post_id;
 		$single = true;
+	} else {
+		$post_id_array = $post_id;
 	}
-	$post_id = array_map('intval', $post_id);
-	$post_id = "'" . implode("', '", $post_id) . "'";
+	$post_id_array = array_map('intval', $post_id_array);
+	$post_id_in = "'" . implode("', '", $post_id_array) . "'";
 
-	$pending = $wpdb->get_results( "SELECT comment_post_ID, COUNT(comment_ID) as num_comments FROM $wpdb->comments WHERE comment_post_ID IN ( $post_id ) AND comment_approved = '0' GROUP BY comment_post_ID", ARRAY_N );
+	$pending = $wpdb->get_results( "SELECT comment_post_ID, COUNT(comment_ID) as num_comments FROM $wpdb->comments WHERE comment_post_ID IN ( $post_id_in ) AND comment_approved = '0' GROUP BY comment_post_ID", ARRAY_A );
 
-	if ( empty($pending) )
-		return 0;
-
-	if ( $single )
-		return $pending[0][1];
+	if ( $single ) {
+		if ( empty($pending) )
+			return 0;
+		else
+			return absint($pending[0]['num_comments']);
+	}
 
 	$pending_keyed = array();
-	foreach ( $pending as $pend )
-		$pending_keyed[$pend[0]] = $pend[1];
+
+	// Default to zero pending for all posts in request
+	foreach ( $post_id_array as $id )
+		$pending_keyed[$id] = 0;
+
+	if ( !empty($pending) )
+		foreach ( $pending as $pend )
+			$pending_keyed[$pend['comment_post_ID']] = absint($pend['num_comments']);
 
 	return $pending_keyed;
 }
@@ -130,7 +140,7 @@ function get_pending_comments_num( $post_id ) {
 /**
  * Add avatars to relevant places in admin, or try to.
  *
- * @since unknown
+ * @since 2.5.0
  * @uses $comment
  *
  * @param string $name User name.
@@ -138,16 +148,7 @@ function get_pending_comments_num( $post_id ) {
  */
 function floated_admin_avatar( $name ) {
 	global $comment;
-
-	$id = $avatar = false;
-	if ( $comment->comment_author_email )
-		$id = $comment->comment_author_email;
-	if ( $comment->user_id )
-		$id = $comment->user_id;
-
-	if ( $id )
-		$avatar = get_avatar( $id, 32 );
-
+	$avatar = get_avatar( $comment, 32 );
 	return "$avatar $name";
 }
 
@@ -155,10 +156,3 @@ function enqueue_comment_hotkeys_js() {
 	if ( 'true' == get_user_option( 'comment_shortcuts' ) )
 		wp_enqueue_script( 'jquery-table-hotkeys' );
 }
-
-if ( is_admin() && ('edit-comments.php' == $pagenow || 'edit.php' == $pagenow) ) {
-	if ( get_option('show_avatars') )
-		add_filter( 'comment_author', 'floated_admin_avatar' );
-}
-
-?>