X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/a66f9e26487c560245ef9cd17d7e87c0cbb650af..177fd6fefd2e3d5a0ea6591c71d660cabdb3c1a4:/wp-admin/edit-comments.php?mode=edit;s=%3C%3Fphp%20comment_author_IP%28%29%20%3F%3E diff --git a/wp-admin/edit-comments.php b/wp-admin/edit-comments.php index ab1bdbce..bc62681b 100644 --- a/wp-admin/edit-comments.php +++ b/wp-admin/edit-comments.php @@ -4,76 +4,133 @@ require_once('admin.php'); $title = __('Edit Comments'); $parent_file = 'edit-comments.php'; wp_enqueue_script( 'admin-comments' ); +wp_enqueue_script('admin-forms'); + +if ( !empty( $_REQUEST['delete_comments'] ) ) { + check_admin_referer('bulk-comments'); + + $comments_deleted = $comments_approved = $comments_unapproved = $comments_spammed = 0; + foreach ($_REQUEST['delete_comments'] as $comment) : // Check the permissions on each + $comment = (int) $comment; + $post_id = (int) $wpdb->get_var("SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = $comment"); + // $authordata = get_userdata( $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $post_id") ); + if ( !current_user_can('edit_post', $post_id) ) + continue; + if ( !empty( $_REQUEST['spamit'] ) ) { + wp_set_comment_status($comment, 'spam'); + $comments_spammed++; + } elseif ( !empty( $_REQUEST['deleteit'] ) ) { + wp_set_comment_status($comment, 'delete'); + $comments_deleted++; + } elseif ( !empty( $_REQUEST['approveit'] ) ) { + wp_set_comment_status($comment, 'approve'); + $comments_approved++; + } elseif ( !empty( $_REQUEST['unapproveit'] ) ) { + wp_set_comment_status($comment, 'hold'); + $comments_unapproved++; + } + endforeach; + $redirect_to = basename( __FILE__ ) . '?deleted=' . $comments_deleted . '&approved=' . $comments_approved . '&spam=' . $comments_spammed . '&unapproved=' . $comments_unapproved; + if ( !empty($_REQUEST['mode']) ) + $redirect_to = add_query_arg('mode', $_REQUEST['mode'], $redirect_to); + if ( !empty($_REQUEST['comment_status']) ) + $redirect_to = add_query_arg('comment_status', $_REQUEST['comment_status'], $redirect_to); + if ( !empty($_REQUEST['s']) ) + $redirect_to = add_query_arg('s', $_REQUEST['s'], $redirect_to); + wp_redirect( $redirect_to ); +} elseif ( !empty($_GET['_wp_http_referer']) ) { + wp_redirect(remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI']))); + exit; +} require_once('admin-header.php'); -if (empty($_GET['mode'])) $mode = 'view'; -else $mode = attribute_escape($_GET['mode']); + +if ( empty($_GET['mode']) ) + $mode = 'detail'; +else + $mode = attribute_escape($_GET['mode']); + +if ( isset($_GET['comment_status']) ) + $comment_status = attribute_escape($_GET['comment_status']); +else + $comment_status = ''; + +if ( isset($_GET['s']) ) + $search_dirty = $_GET['s']; +else + $search_dirty = ''; +$search = attribute_escape( $search_dirty ); ?> + 0 || $deleted > 0 || $spam > 0 ) { + echo '
'; - +?>
$page_links
"; - -if ('view' == $mode) { - if ($comments) { - $offset = $offset + 1; - $start = " start='$offset'"; - - echo "- + +
+ ++
+