require_once('admin.php');
$title = __('Edit Comments');
-$parent_file = 'edit.php';
-$list_js = true;
+$parent_file = 'edit-comments.php';
+wp_enqueue_script( 'admin-comments' );
require_once('admin-header.php');
if (empty($_GET['mode'])) $mode = 'view';
-else $mode = wp_specialchars($_GET['mode'], 1);
+else $mode = attribute_escape($_GET['mode']);
?>
<script type="text/javascript">
}
}
}
+
+function getNumChecked(form)
+{
+ var num = 0;
+ for (i = 0, n = form.elements.length; i < n; i++) {
+ if(form.elements[i].type == "checkbox") {
+ if(form.elements[i].checked == true)
+ num++;
+ }
+ }
+ return num;
+}
//-->
</script>
<div class="wrap">
<h2><?php _e('Comments'); ?></h2>
-<form name="searchform" action="" method="get">
- <fieldset>
- <legend><?php _e('Show Comments That Contain...') ?></legend>
- <input type="text" name="s" value="<?php if (isset($_GET['s'])) echo wp_specialchars($_GET['s'], 1); ?>" size="17" />
- <input type="submit" name="submit" value="<?php _e('Search') ?>" />
+<form name="searchform" action="" method="get" id="editcomments">
+ <fieldset>
+ <legend><?php _e('Show Comments That Contain...') ?></legend>
+ <input type="text" name="s" value="<?php if (isset($_GET['s'])) echo attribute_escape($_GET['s']); ?>" size="17" />
+ <input type="submit" name="submit" value="<?php _e('Search') ?>" />
<input type="hidden" name="mode" value="<?php echo $mode; ?>" />
- <?php _e('(Searches within comment text, e-mail, URI, and IP address.)') ?>
- </fieldset>
+ <?php _e('(Searches within comment text, e-mail, URL, and IP address.)') ?>
+ </fieldset>
</form>
<p><a href="?mode=view"><?php _e('View Mode') ?></a> | <a href="?mode=edit"><?php _e('Mass Edit Mode') ?></a></p>
<?php
if ( !empty( $_POST['delete_comments'] ) ) :
+ check_admin_referer('bulk-comments');
+
$i = 0;
foreach ($_POST['delete_comments'] as $comment) : // Check the permissions on each
$comment = (int) $comment;
- $post_id = $wpdb->get_var("SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = $comment");
- $authordata = get_userdata( $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $post_id") );
- if ( current_user_can('edit_post', $post_id) ) :
- wp_set_comment_status($comment, "delete");
+ $post_id = (int) $wpdb->get_var("SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = $comment");
+ // $authordata = get_userdata( $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $post_id") );
+ if ( current_user_can('edit_post', $post_id) ) {
+ if ( !empty( $_POST['spam_button'] ) )
+ wp_set_comment_status($comment, 'spam');
+ else
+ wp_set_comment_status($comment, 'delete');
++$i;
- endif;
+ }
endforeach;
- echo "<div class='wrap'><p>" . sprintf(__('%s comments deleted.'), $i) . "</p></div>";
+ echo '<div style="background-color: rgb(207, 235, 247);" id="message" class="updated fade"><p>';
+ if ( !empty( $_POST['spam_button'] ) ) {
+ printf(__ngettext('%s comment marked as spam', '%s comments marked as spam.', $i), $i);
+ } else {
+ printf(__ngettext('%s comment deleted.', '%s comments deleted.', $i), $i);
+ }
+ echo '</p></div>';
endif;
-if (isset($_GET['s'])) {
- $s = $wpdb->escape($_GET['s']);
- $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE
- (comment_author LIKE '%$s%' OR
- comment_author_email LIKE '%$s%' OR
- comment_author_url LIKE ('%$s%') OR
- comment_author_IP LIKE ('%$s%') OR
- comment_content LIKE ('%$s%') ) AND
- comment_approved != 'spam'
- ORDER BY comment_date DESC");
-} else {
- if ( isset($_GET['offset']) )
- $offset = (int) $_GET['offset'] * 20;
- else
- $offset = 0;
-
- $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_approved = '0' OR comment_approved = '1' ORDER BY comment_date DESC LIMIT $offset,20");
-}
+if ( isset( $_GET['apage'] ) )
+ $page = abs( (int) $_GET['apage'] );
+else
+ $page = 1;
+
+$start = $offset = ( $page - 1 ) * 20;
+
+list($_comments, $total) = _wp_get_comment_list( isset($_GET['s']) ? $_GET['s'] : false, $start, 25 ); // Grab a few extra
+
+$comments = array_slice($_comments, 0, 20);
+$extra_comments = array_slice($_comments, 20);
+
+$page_links = paginate_links( array(
+ 'base' => add_query_arg( 'apage', '%#%' ),
+ 'format' => '',
+ 'total' => ceil($total / 20),
+ 'current' => $page
+));
+
+if ( $page_links )
+ echo "<p class='pagenav'>$page_links</p>";
+
if ('view' == $mode) {
if ($comments) {
- if ($offset)
- $start = " start='$offset'";
- else
- $start = '';
+ $offset = $offset + 1;
+ $start = " start='$offset'";
- echo "<ol id='the-list' class='commentlist' $start>";
+ echo "<ol id='the-comment-list' class='commentlist' $start>\n";
$i = 0;
- foreach ($comments as $comment) {
- ++$i; $class = '';
- $authordata = get_userdata($wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $comment->comment_post_ID"));
- $comment_status = wp_get_comment_status($comment->comment_ID);
- if ('unapproved' == $comment_status)
- $class .= ' unapproved';
- if ($i % 2)
- $class .= ' alternate';
- echo "<li id='comment-$comment->comment_ID' class='$class'>";
-?>
- <p><strong><?php _e('Name:') ?></strong> <?php comment_author() ?> <?php if ($comment->comment_author_email) { ?>| <strong><?php _e('E-mail:') ?></strong> <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url ) { ?> | <strong><?php _e('URI:') ?></strong> <?php comment_author_url_link() ?> <?php } ?>| <strong><?php _e('IP:') ?></strong> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></p>
-
- <?php comment_text() ?>
-
- <p><?php _e('Posted'); echo ' '; comment_date('M j, g:i A');
- if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
- echo " | <a href=\"post.php?action=editcomment&comment=".$comment->comment_ID."\">" . __('Edit Comment') . "</a>";
- echo " | <a href=\"post.php?action=deletecomment&p=".$comment->comment_post_ID."&comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . sprintf(__("You are about to delete this comment by "%s".\\n"Cancel" to stop, "OK" to delete."), wp_specialchars( $comment->comment_author, 1 )) . "' );\">" . __('Delete Comment') . "</a> — ";
- } // end if any comments to show
- // Get post title
- if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
- $post_title = $wpdb->get_var("SELECT post_title FROM $wpdb->posts WHERE ID = $comment->comment_post_ID");
- $post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title;
- ?> <a href="post.php?action=edit&post=<?php echo $comment->comment_post_ID; ?>"><?php printf(__('Edit Post “%s”'), stripslashes($post_title)); ?></a>
- <?php } ?>
- | <a href="<?php echo get_permalink($comment->comment_post_ID); ?>"><?php _e('View Post') ?></a></p>
- </li>
-
-<?php } // end foreach ?>
-</ol>
+ foreach ( $comments as $comment ) {
+ get_comment( $comment ); // Cache it
+ _wp_comment_list_item( $comment->comment_ID, ++$i );
+ }
+ echo "</ol>\n\n";
+
+if ( $extra_comments ) : ?>
+<div id="extra-comments" style="display:none">
+<ul id="the-extra-comment-list" class="commentlist">
+<?php
+ foreach ( $extra_comments as $comment ) {
+ get_comment( $comment ); // Cache it
+ _wp_comment_list_item( $comment->comment_ID, ++$i );
+ }
+?>
+</ul>
+</div>
+<?php endif; // $extra_comments ?>
<div id="ajax-response"></div>
<?php
- } else {
+ } else { //no comments to show
?>
<p>
- <strong><?php _e('No comments found.') ?></strong></p>
-
+ <strong><?php _e('No comments found.') ?></strong></p>
+
<?php
} // end if ($comments)
} elseif ('edit' == $mode) {
if ($comments) {
- echo '<form name="deletecomments" id="deletecomments" action="" method="post">
- <table width="100%" cellpadding="3" cellspacing="3">
+ echo '<form name="deletecomments" id="deletecomments" action="" method="post"> ';
+ wp_nonce_field('bulk-comments');
+ echo '<table class="widefat">
+<thead>
<tr>
- <th scope="col">*</th>
+ <th scope="col" style="text-align: center"><input type="checkbox" onclick="checkAll(document.getElementById(\'deletecomments\'));" /></th>
<th scope="col">' . __('Name') . '</th>
<th scope="col">' . __('E-mail') . '</th>
<th scope="col">' . __('IP') . '</th>
<th scope="col">' . __('Comment Excerpt') . '</th>
- <th scope="col" colspan="3">' . __('Actions') . '</th>
- </tr>';
+ <th scope="col" colspan="3" style="text-align: center">' . __('Actions') . '</th>
+ </tr>
+</thead>';
foreach ($comments as $comment) {
- $authordata = get_userdata($wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $comment->comment_post_ID"));
+ $post = get_post($comment->comment_post_ID);
+ $authordata = get_userdata($post->post_author);
+ $comment_status = wp_get_comment_status($comment->comment_ID);
$class = ('alternate' == $class) ? '' : 'alternate';
+ $class .= ('unapproved' == $comment_status) ? ' unapproved' : '';
?>
- <tr class='<?php echo $class; ?>'>
- <td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) { ?><input type="checkbox" name="delete_comments[]" value="<?php echo $comment->comment_ID; ?>" /><?php } ?></td>
+ <tr id="comment-<?php echo $comment->comment_ID; ?>" class='<?php echo $class; ?>'>
+ <td style="text-align: center"><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) { ?><input type="checkbox" name="delete_comments[]" value="<?php echo $comment->comment_ID; ?>" /><?php } ?></td>
<td><?php comment_author_link() ?></td>
<td><?php comment_author_email_link() ?></td>
- <td><a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></td>
+ <td><a href="edit-comments.php?s=<?php comment_author_IP() ?>&mode=edit"><?php comment_author_IP() ?></a></td>
<td><?php comment_excerpt(); ?></td>
- <td><a href="<?php echo get_permalink($comment->comment_post_ID); ?>#comment-<?php comment_ID() ?>" class="edit"><?php _e('View') ?></a></td>
+ <td>
+ <?php if ('unapproved' == $comment_status) {
+ _e('Unapproved');
+ } else { ?>
+ <a href="<?php echo get_permalink($comment->comment_post_ID); ?>#comment-<?php comment_ID() ?>" class="edit"><?php _e('View') ?></a>
+ <?php } ?>
+ </td>
<td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
- echo "<a href='post.php?action=editcomment&comment=$comment->comment_ID' class='edit'>" . __('Edit') . "</a>"; } ?></td>
+ echo "<a href='comment.php?action=editcomment&c=$comment->comment_ID' class='edit'>" . __('Edit') . "</a>"; } ?></td>
<td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
- echo "<a href=\"post.php?action=deletecomment&p=".$comment->comment_post_ID."&comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), $comment->comment_author) . "')\" class='delete'>" . __('Delete') . "</a>"; } ?></td>
+ echo "<a href=\"comment.php?action=deletecomment&p=".$comment->comment_post_ID."&c=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by '%s'. \n 'Cancel' to stop, 'OK' to delete."), $comment->comment_author )) . "', theCommentList );\" class='delete'>" . __('Delete') . "</a> ";
+ } ?></td>
</tr>
- <?php
+ <?php
} // end foreach
?></table>
- <p><a href="javascript:;" onclick="checkAll(document.getElementById('deletecomments')); return false; "><?php _e('Invert Checkbox Selection') ?></a></p>
- <p class="submit"><input type="submit" name="Submit" value="<?php _e('Delete Checked Comments') ?> »" onclick="return confirm('<?php _e("You are about to delete these comments permanently \\n \'Cancel\' to stop, \'OK\' to delete.") ?>')" /> </p>
+<p class="submit"><input type="submit" name="delete_button" class="delete" value="<?php _e('Delete Checked Comments »') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php echo js_escape(__("Please select some comments to delete")); ?>'); return false } return confirm('<?php echo sprintf(js_escape(__("You are about to delete %s comments permanently \n 'Cancel' to stop, 'OK' to delete.")), "' + numchecked + '"); ?>')" />
+ <input type="submit" name="spam_button" value="<?php _e('Mark Checked Comments as Spam »') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php echo js_escape(__("Please select some comments to mark as spam")); ?>'); return false } return confirm('<?php echo sprintf(js_escape(__("You are about to mark %s comments as spam \n 'Cancel' to stop, 'OK' to mark as spam.")), "' + numchecked + '"); ?>')" /></p>
</form>
+<div id="ajax-response"></div>
<?php
} else {
?>
<?php
} // end if ($comments)
}
- ?>
+
+if ( $page_links )
+ echo "<p class='pagenav'>$page_links</p>";
+
+?>
</div>