< ?php
function fail($s) {
header('HTTP/1.0 500 Internal Server Error');
echo $s;
exit;
}
function ajax_comment(){
if($_POST['action'] == 'ajax_comment') {
global $wpdb, $db_check;
// Check DB
if(!$wpdb->dbh) {
echo('Our database has issues. Try again later.');
die();
}
nocache_headers();
$comment_post_ID = (int) $_POST['comment_post_ID'];
$status = $wpdb->get_row("SELECT post_status, comment_status FROM $wpdb->posts WHERE ID = '$comment_post_ID'");
if ( empty($status->comment_status) ) {
do_action('comment_id_not_found', $comment_post_ID);
fail('The post you are trying to comment on does not currently exist in the database.');
} elseif ( 'closed' == $status->comment_status ) {
do_action('comment_closed', $comment_post_ID);
fail('Sorry, comments are closed for this item.');
} elseif ( in_array($status->post_status, array('draft', 'pending') ) ) {
do_action('comment_on_draft', $comment_post_ID);
fail('The post you are trying to comment on has not been published.');
}
$comment_author = trim(strip_tags($_POST['author']));
$comment_author_email = trim($_POST['email']);
$comment_author_url = trim($_POST['url']);
$comment_content = trim($_POST['comment']);
// If the user is logged in
$user = wp_get_current_user();
if ( $user->ID ) {
$comment_author = $wpdb->escape($user->display_name);
$comment_author_email = $wpdb->escape($user->user_email);
$comment_author_url = $wpdb->escape($user->user_url);
if ( current_user_can('unfiltered_html') ) {
if ( wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment'] ) {
kses_remove_filters(); // start with a clean slate
kses_init_filters(); // set up the filters
}
}
} else {
if ( get_option('comment_registration') )
fail('Sorry, you must be logged in to post a comment.');
}
$comment_type = '';
if ( get_option('require_name_email') && !$user->ID ) {
if ( 6> strlen($comment_author_email) || '' == $comment_author )
fail('Sorry: please fill the required fields (name, email).');
elseif ( !is_email($comment_author_email))
fail('Sorry: please enter a valid email address.');
}
if ( '' == $comment_content )
fail('Sorry: please type a comment.');
// Simple duplicate check
$dupe = "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND ( comment_author = '$comment_author' ";
if ( $comment_author_email ) $dupe .= "OR comment_author_email = '$comment_author_email' ";
$dupe .= ") AND comment_content = '$comment_content' LIMIT 1";
if ( $wpdb->get_var($dupe) ) {
fail('Duplicate comment detected; it looks as though you\'ve already said that!');
}
$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'user_ID');
if( !$user->ID ){
$result_set = $wpdb->get_results("SELECT display_name, user_email FROM $wpdb->users WHERE display_name = '" . $comment_author . "' OR user_email = '" . $comment_author_email . "'");
if ($result_set) {
if ($result_set[0]->display_name == $comment_author){
fail( __('Error: you are not allowed to use the nickname that you entered.if you are the administrator you hava to login to comment.','philna2') );
} else {
fail( __('Error: you are not allowed to use the email that you entered.if you are the administrator you hava to login to comment.','philna2') );
}
}
}
$comment_id = wp_new_comment( $commentdata );
$comment = get_comment($comment_id);
if( !$user->ID ){
setcookie('comment_author_' . COOKIEHASH, $comment->comment_author, time() + 30000000, COOKIEPATH, COOKIE_DOMAIN);
setcookie('comment_author_email_' . COOKIEHASH, $comment->comment_author_email, time() + 30000000, COOKIEPATH, COOKIE_DOMAIN);
setcookie('comment_author_url_' . COOKIEHASH, clean_url($comment->comment_author_url), time() + 30000000, COOKIEPATH, COOKIE_DOMAIN);
}
@header('Content-type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
?>
//这里需要粘贴你的评论框架代码,不过相关的调用代码有所变化:
//评论ID:$comment->comment_ID
//评论者名字:$comment->comment_author
//判断评论者是否填写了网站地址:$comment->get_comment_author_url
//评论者URL:$comment->comment_author_url
//评论时间:mysql2date(__('F jS, Y'),$comment->comment_date)
//评论者e-mail:$comment->comment_author_email
//评论内容$comment->comment_content
< ?php
die();
}
}
add_action('init', 'ajax_comment');
//添加AJAX评论钩子
?>