|
422 | 422 | 'data' => $comment_list_item |
423 | 423 | ) ); |
424 | 424 | } |
| 425 | + $x->send(); |
| 426 | + break; |
| 427 | +case 'replyto-comment' : |
| 428 | + check_ajax_referer( $action ); |
| 429 | + |
| 430 | + $comment_post_ID = (int) $_POST['comment_post_ID']; |
| 431 | + if ( !current_user_can( 'edit_post', $comment_post_ID ) ) |
| 432 | + die('-1'); |
| 433 | + |
| 434 | + $status = $wpdb->get_var( $wpdb->prepare("SELECT post_status FROM $wpdb->posts WHERE ID = %d", $comment_post_ID) ); |
| 435 | + |
| 436 | + if ( empty($status) ) |
| 437 | + die('1'); |
| 438 | + elseif ( in_array($status->post_status, array('draft', 'pending') ) ) |
| 439 | + die( __('Error: you are replying to comment on a draft post.') ); |
| 440 | + |
| 441 | + $user = wp_get_current_user(); |
| 442 | + if ( $user->ID ) { |
| 443 | + $comment_author = $wpdb->escape($user->display_name); |
| 444 | + $comment_author_email = $wpdb->escape($user->user_email); |
| 445 | + $comment_author_url = $wpdb->escape($user->user_url); |
| 446 | + $comment_content = trim($_POST['comment']); |
| 447 | + if ( current_user_can('unfiltered_html') ) { |
| 448 | + if ( wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment'] ) { |
| 449 | + kses_remove_filters(); // start with a clean slate |
| 450 | + kses_init_filters(); // set up the filters |
| 451 | + } |
| 452 | + } |
| 453 | + } else { |
| 454 | + die( __('Sorry, you must be logged in to reply to a comment.') ); |
| 455 | + } |
| 456 | + |
| 457 | + if ( '' == $comment_content ) |
| 458 | + die( __('Error: please type a comment.') ); |
| 459 | + |
| 460 | + $comment_parent = absint($_POST['comment_ID']); |
| 461 | + $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'comment_parent', 'user_ID'); |
| 462 | + |
| 463 | + $comment_id = wp_new_comment( $commentdata ); |
| 464 | + $comment = get_comment($comment_id); |
| 465 | + if ( ! $comment ) die('1'); |
| 466 | + |
| 467 | + $mode = ( isset($_POST['mode']) && 'single' == $_POST['mode'] ) ? 'single' : 'detail'; |
| 468 | + $position = ( isset($_POST['position']) && (int) $_POST['position']) ? (int) $_POST['position'] : '-1'; |
| 469 | + $checkbox = ( isset($_POST['checkbox']) && true == $_POST['checkbox'] ) ? 1 : 0; |
| 470 | + |
| 471 | + if ( get_option('show_avatars') && 'single' != $mode ) |
| 472 | + add_filter( 'comment_author', 'floated_admin_avatar' ); |
| 473 | + |
| 474 | + $x = new WP_Ajax_Response(); |
| 475 | + |
| 476 | + ob_start(); |
| 477 | + _wp_comment_row( $comment->comment_ID, $mode, false, $checkbox ); |
| 478 | + $comment_list_item = ob_get_contents(); |
| 479 | + ob_end_clean(); |
| 480 | + |
| 481 | + $x->add( array( |
| 482 | + 'what' => 'comment', |
| 483 | + 'id' => $comment->comment_ID, |
| 484 | + 'data' => $comment_list_item, |
| 485 | + 'position' => $position |
| 486 | + )); |
| 487 | + |
425 | 488 | $x->send(); |
426 | 489 | break; |
427 | 490 | case 'add-meta' : |
|
0 commit comments