X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/ff81ee6e8304a1982a3ec4f5b134764a29d502cf..4f4e083f6f77639c41e2b1ddb200de8e34301cee:/wp-admin/edit-comments.php diff --git a/wp-admin/edit-comments.php b/wp-admin/edit-comments.php index e74ebb49..7df02103 100644 --- a/wp-admin/edit-comments.php +++ b/wp-admin/edit-comments.php @@ -1,172 +1,383 @@ escape( $_REQUEST['pagegen_timestamp'] ); + if ( current_user_can('moderate_comments')) { + $deleted_spam = $wpdb->query( "DELETE FROM $wpdb->comments WHERE comment_approved = 'spam' AND '$delete_time' > comment_date_gmt" ); + } else { + $deleted_spam = 0; + } + $redirect_to = 'edit-comments.php?comment_status=spam&deleted=' . (int) $deleted_spam; + if ( $post_id ) + $redirect_to = add_query_arg( 'p', absint( $post_id ), $redirect_to ); + wp_redirect( $redirect_to ); +} elseif ( isset($_REQUEST['delete_comments']) && isset($_REQUEST['action']) && ( -1 != $_REQUEST['action'] || -1 != $_REQUEST['action2'] ) ) { + check_admin_referer('bulk-comments'); + $doaction = ( -1 != $_REQUEST['action'] ) ? $_REQUEST['action'] : $_REQUEST['action2']; + + $deleted = $approved = $unapproved = $spammed = 0; + foreach ( (array) $_REQUEST['delete_comments'] as $comment_id) : // Check the permissions on each + $comment_id = (int) $comment_id; + $_post_id = (int) $wpdb->get_var( $wpdb->prepare( "SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = %d", $comment_id) ); + + if ( !current_user_can('edit_post', $_post_id) ) + continue; + + switch( $doaction ) { + case 'markspam' : + wp_set_comment_status($comment_id, 'spam'); + $spammed++; + break; + case 'delete' : + wp_set_comment_status($comment_id, 'delete'); + $deleted++; + break; + case 'approve' : + wp_set_comment_status($comment_id, 'approve'); + $approved++; + break; + case 'unapprove' : + wp_set_comment_status($comment_id, 'hold'); + $unapproved++; + break; + } + endforeach; + + $redirect_to = 'edit-comments.php?deleted=' . $deleted . '&approved=' . $approved . '&spam=' . $spammed . '&unapproved=' . $unapproved; + if ( $post_id ) + $redirect_to = add_query_arg( 'p', absint( $post_id ), $redirect_to ); + if ( isset($_REQUEST['apage']) ) + $redirect_to = add_query_arg( 'apage', absint($_REQUEST['apage']), $redirect_to ); + if ( !empty($_REQUEST['mode']) ) + $redirect_to = add_query_arg('mode', $_REQUEST['mode'], $redirect_to); + if ( !empty($_REQUEST['comment_status']) ) + $redirect_to = add_query_arg('comment_status', $_REQUEST['comment_status'], $redirect_to); + if ( !empty($_REQUEST['s']) ) + $redirect_to = add_query_arg('s', $_REQUEST['s'], $redirect_to); + wp_redirect( $redirect_to ); +} elseif ( isset($_GET['_wp_http_referer']) && ! empty($_GET['_wp_http_referer']) ) { + wp_redirect( remove_query_arg( array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI']) ) ); + exit; +} + +if ( $post_id ) + $title = sprintf(__('Edit Comments on “%s”'), wp_html_excerpt(_draft_or_post_title($post_id), 50)); +else + $title = __('Edit Comments'); require_once('admin-header.php'); -if (empty($_GET['mode'])) $mode = 'view'; -else $mode = wp_specialchars($_GET['mode'], 1); -?> - -