WordPress.org
Get WordPress

Make WordPress Core

Changeset 1237


Ignore:
Timestamp:
05/07/2004 11:21:31 PM (21 years ago)
Author:
saxmatt
Message:

Fix for cookie paths being set correctly when using a different home setting. Refactored comments-post.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/wp-comments-post.php

    r1108 r1237  
    11<?php
    2 require(dirname(__FILE__) . '/wp-config.php');
     2require( dirname(__FILE__) . '/wp-config.php' );
    33
    44function add_magic_quotes($array) {
     
    1414
    1515if (!get_magic_quotes_gpc()) {
    16     $_GET    = add_magic_quotes($_GET);
    1716    $_POST   = add_magic_quotes($_POST);
    1817    $_COOKIE = add_magic_quotes($_COOKIE);
     
    3130
    3231$comment = trim($_POST['comment']);
    33 $original_comment = $comment;
    3432$comment_post_ID = intval($_POST['comment_post_ID']);
    3533$user_ip = $_SERVER['REMOTE_ADDR'];
    36 $user_domain = gethostbyaddr($user_ip);
    3734
    38 $commentstatus = $wpdb->get_var("SELECT comment_status FROM $tableposts WHERE ID = $comment_post_ID");
    39 if ('closed' == $commentstatus)
    40     die('Sorry, comments are closed for this item.');
     35if ( 'closed' ==  $wpdb->get_var("SELECT comment_status FROM $tableposts WHERE ID = '$comment_post_ID'") )
     36    die( __('Sorry, comments are closed for this item.') );
    4137
    42 if (get_settings('require_name_email') && ($email == '' || $author == '')) { //original fix by Dodo, and then Drinyth
    43     die('Error: please fill the required fields (name, email).');
    44 }
    45 if ($comment == 'comment' || $comment == '') {
    46     die('Error: please type a comment.');
    47 }
     38if ( get_settings('require_name_email') && ('' == $email || '' == $author) )
     39    die( __('Error: please fill the required fields (name, email).') );
     40
     41if ( '' == $comment )
     42    die( __('Error: please type a comment.') );
     43
    4844
    4945$now = current_time('mysql');
     
    5349$comment = balanceTags($comment, 1);
    5450$comment = format_to_post($comment);
     51$comment = apply_filters('post_comment_text', $comment);
    5552
    56 $comment_author = $author;
    57 $comment_author_email = $email;
    58 $comment_author_url = $url;
    59 
    60 $author = addslashes($author);
    61 $email = addslashes($email);
    62 $url = addslashes($url);
    63 
    64 /* Flood-protection */
     53// Simple flood-protection
    6554$lasttime = $wpdb->get_var("SELECT comment_date FROM $tablecomments WHERE comment_author_IP = '$user_ip' ORDER BY comment_date DESC LIMIT 1");
    66 $ok = true;
    6755if (!empty($lasttime)) {
    6856    $time_lastcomment= mysql2date('U', $lasttime);
    69     $time_newcomment= mysql2date('U', "$now");
     57    $time_newcomment= mysql2date('U', $now);
    7058    if (($time_newcomment - $time_lastcomment) < 10)
    71         $ok = false;
     59        die( __('Sorry, you can only post a new comment once every 10 seconds. Slow down cowboy.') );
    7260}
    73 /* End flood-protection */
    7461
    7562
     63// If we've made it this far, let's post.
    7664
    77 if ($ok) { // if there was no comment from this IP in the last 10 seconds
    78     $moderation_notify = get_settings('moderation_notify');
    79     $comments_notify = get_settings('comments_notify');
     65if(check_comment($author, $email, $url, $comment, $user_ip)) {
     66    $approved = 1;
     67} else {
     68    $approved = 0;
     69}
    8070
    81     if(check_comment($author, $email, $url, $comment, $user_ip)) {
    82         $approved = 1;
    83     } else {
    84         $approved = 0;
    85     }
     71$wpdb->query("INSERT INTO $tablecomments
     72(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved)
     73VALUES
     74('$comment_post_ID', '$author', '$email', '$url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved')
     75");
    8676
    87     $wpdb->query("INSERT INTO $tablecomments
    88     (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved)
    89     VALUES
    90     ('$comment_post_ID', '$author', '$email', '$url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved')
    91     ");
     77$comment_ID = $wpdb->get_var('SELECT last_insert_id()');
    9278
    93     $comment_ID = $wpdb->get_var('SELECT last_insert_id()');
     79if (!$approved) {
     80    wp_notify_moderator($comment_ID);
     81}
    9482
    95     if (($moderation_notify) && (!$approved)) {
    96         wp_notify_moderator($comment_ID);
    97     }
    98    
    99     if ((get_settings('comments_notify')) && ($approved)) {
    100         wp_notify_postauthor($comment_ID, 'comment');
    101     }
     83if ((get_settings('comments_notify')) && ($approved)) {
     84    wp_notify_postauthor($comment_ID, 'comment');
     85}
    10286
    103     do_action('comment_post', $comment_ID);
     87do_action('comment_post', $comment_ID);
    10488
    105     if ($email == '')
    106         $email = ' '; // this to make sure a cookie is set for 'no email'
     89setcookie('comment_author_' . $cookiehash, $author, time() + 30000000, COOKIEPATH);
     90setcookie('comment_author_email_' . $cookiehash, $email, time() + 30000000, COOKIEPATH);
     91setcookie('comment_author_url_' . $cookiehash, $url, time() + 30000000, COOKIEPATH);
    10792
    108     if ($url == '')
    109         $url = ' '; // this to make sure a cookie is set for 'no url'
    110 
    111     setcookie('comment_author_'.$cookiehash, $author, time()+30000000);
    112     setcookie('comment_author_email_'.$cookiehash, $email, time()+30000000);
    113     setcookie('comment_author_url_'.$cookiehash, $url, time()+30000000);
    114 
    115     header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
    116     header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
    117     header('Cache-Control: no-cache, must-revalidate');
    118     header('Pragma: no-cache');
    119     $location = (empty($_POST['redirect_to'])) ? $_SERVER["HTTP_REFERER"] : $_POST['redirect_to'];
    120     if ($is_IIS) {
    121         header("Refresh: 0;url=$location");
    122     } else {
    123         header("Location: $location");
    124     }
     93header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
     94header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
     95header('Cache-Control: no-cache, must-revalidate');
     96header('Pragma: no-cache');
     97$location = (empty($_POST['redirect_to'])) ? $_SERVER["HTTP_REFERER"] : $_POST['redirect_to'];
     98if ($is_IIS) {
     99    header("Refresh: 0;url=$location");
    125100} else {
    126     die('Sorry, you can only post a new comment once every 10 seconds. Slow down cowboy.');
     101    header("Location: $location");
    127102}
    128103

  • trunk/wp-includes/vars.php

    r1179 r1237  
    173173}
    174174
     175// Path for cookies
     176define('COOKIEPATH', preg_replace('|http://[^/]+|i', '', get_settings('home') . '/' ) );
    175177
    176178// Some default filters
Note: See TracChangeset for help on using the changeset viewer.