diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 07:56:49 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 07:56:49 +0000 |
| commit | a415c29efee45520ae252d2aa28f1083a521cd7b (patch) | |
| tree | f4ade4b6668ecc0765de7e1424f7c1427ad433ff /wp-comments-post.php | |
| parent | Initial commit. (diff) | |
| download | wordpress-a415c29efee45520ae252d2aa28f1083a521cd7b.tar.xz wordpress-a415c29efee45520ae252d2aa28f1083a521cd7b.zip | |
Adding upstream version 6.4.3+dfsg1.upstream/6.4.3+dfsg1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'wp-comments-post.php')
| -rw-r--r-- | wp-comments-post.php | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/wp-comments-post.php b/wp-comments-post.php new file mode 100644 index 0000000..6042ac1 --- /dev/null +++ b/wp-comments-post.php @@ -0,0 +1,81 @@ +<?php +/** + * Handles Comment Post to WordPress and prevents duplicate comment posting. + * + * @package WordPress + */ + +if ( 'POST' !== $_SERVER['REQUEST_METHOD'] ) { + $protocol = $_SERVER['SERVER_PROTOCOL']; + if ( ! in_array( $protocol, array( 'HTTP/1.1', 'HTTP/2', 'HTTP/2.0', 'HTTP/3' ), true ) ) { + $protocol = 'HTTP/1.0'; + } + + header( 'Allow: POST' ); + header( "$protocol 405 Method Not Allowed" ); + header( 'Content-Type: text/plain' ); + exit; +} + +/** Sets up the WordPress Environment. */ +require __DIR__ . '/wp-load.php'; + +nocache_headers(); + +$comment = wp_handle_comment_submission( wp_unslash( $_POST ) ); +if ( is_wp_error( $comment ) ) { + $data = (int) $comment->get_error_data(); + if ( ! empty( $data ) ) { + wp_die( + '<p>' . $comment->get_error_message() . '</p>', + __( 'Comment Submission Failure' ), + array( + 'response' => $data, + 'back_link' => true, + ) + ); + } else { + exit; + } +} + +$user = wp_get_current_user(); +$cookies_consent = ( isset( $_POST['wp-comment-cookies-consent'] ) ); + +/** + * Fires after comment cookies are set. + * + * @since 3.4.0 + * @since 4.9.6 The `$cookies_consent` parameter was added. + * + * @param WP_Comment $comment Comment object. + * @param WP_User $user Comment author's user object. The user may not exist. + * @param bool $cookies_consent Comment author's consent to store cookies. + */ +do_action( 'set_comment_cookies', $comment, $user, $cookies_consent ); + +$location = empty( $_POST['redirect_to'] ) ? get_comment_link( $comment ) : $_POST['redirect_to'] . '#comment-' . $comment->comment_ID; + +// If user didn't consent to cookies, add specific query arguments to display the awaiting moderation message. +if ( ! $cookies_consent && 'unapproved' === wp_get_comment_status( $comment ) && ! empty( $comment->comment_author_email ) ) { + $location = add_query_arg( + array( + 'unapproved' => $comment->comment_ID, + 'moderation-hash' => wp_hash( $comment->comment_date_gmt ), + ), + $location + ); +} + +/** + * Filters the location URI to send the commenter after posting. + * + * @since 2.0.5 + * + * @param string $location The 'redirect_to' URI sent via $_POST. + * @param WP_Comment $comment Comment object. + */ +$location = apply_filters( 'comment_post_redirect', $location, $comment ); + +wp_safe_redirect( $location ); +exit; |