check_comment

Check whether a comment passes internal checks to be allowed to add.

Description

check_comment( (string) $author, (string) $email, (string) $url, (string) $comment, (string) $user_ip, (string) $user_agent, (string) $comment_type ); 

If manual comment moderation is set in the administration, then all checks, regardless of their type and whitelist, will fail and the function will return false.

If the number of links exceeds the amount in the administration, then the check fails. If any of the parameter contents match the blacklist of words, then the check fails.

If the comment author was approved before, then the comment is automatically whitelisted.

If all checks pass, the function will return true.

Parameters (7)

0. $author (string)
Comment author name.
1. $email (string)
Comment author email.
2. $url (string)
Comment author URL.
3. $comment (string)
Content of the comment.
4. $user_ip (string)
Comment author IP address.
5. $user_agent (string)
Comment author User-Agent.
6. $comment_type (string)
Comment type, either user-submitted comment, trackback, or pingback.

Usage

  1. if ( !function_exists( 'check_comment' ) ) { 
  2. require_once ABSPATH . WPINC . '/comment.php'; 
  3.  
  4. // Comment author name. 
  5. $author = ''; 
  6.  
  7. // Comment author email. 
  8. $email = ''; 
  9.  
  10. // Comment author URL. 
  11. $url = ''; 
  12.  
  13. // Content of the comment. 
  14. $comment = ''; 
  15.  
  16. // Comment author IP address. 
  17. $user_ip = ''; 
  18.  
  19. // Comment author User-Agent. 
  20. $user_agent = ''; 
  21.  
  22. // Comment type, either user-submitted comment, 
  23. // trackback, or pingback. 
  24. $comment_type = ''; 
  25.  
  26. // NOTICE! Understand what this does before running. 
  27. $result = check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $comment_type); 
  28.  

Defined (1)

The function is defined in the following location(s).

/wp-includes/comment.php  
  1. function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $comment_type) { 
  2. global $wpdb; 
  3.  
  4. // If manual moderation is enabled, skip all checks and return false. 
  5. if ( 1 == get_option('comment_moderation') ) 
  6. return false; 
  7.  
  8. /** This filter is documented in wp-includes/comment-template.php */ 
  9. $comment = apply_filters( 'comment_text', $comment ); 
  10.  
  11. // Check for the number of external links if a max allowed number is set. 
  12. if ( $max_links = get_option( 'comment_max_links' ) ) { 
  13. $num_links = preg_match_all( '/<a [^>]*href/i', $comment, $out ); 
  14.  
  15. /** 
  16. * Filters the number of links found in a comment. 
  17. * @since 3.0.0 
  18. * @since 4.7.0 Added the `$comment` parameter. 
  19. * @param int $num_links The number of links found. 
  20. * @param string $url Comment author's URL. Included in allowed links total. 
  21. * @param string $comment Content of the comment. 
  22. */ 
  23. $num_links = apply_filters( 'comment_max_links_url', $num_links, $url, $comment ); 
  24.  
  25. /** 
  26. * If the number of links in the comment exceeds the allowed amount,  
  27. * fail the check by returning false. 
  28. */ 
  29. if ( $num_links >= $max_links ) 
  30. return false; 
  31.  
  32. $mod_keys = trim(get_option('moderation_keys')); 
  33.  
  34. // If moderation 'keys' (keywords) are set, process them. 
  35. if ( !empty($mod_keys) ) { 
  36. $words = explode("\n", $mod_keys ); 
  37.  
  38. foreach ( (array) $words as $word) { 
  39. $word = trim($word); 
  40.  
  41. // Skip empty lines. 
  42. if ( empty($word) ) 
  43. continue; 
  44.  
  45. /** 
  46. * Do some escaping magic so that '#' (number of) characters in the spam 
  47. * words don't break things: 
  48. */ 
  49. $word = preg_quote($word, '#'); 
  50.  
  51. /** 
  52. * Check the comment fields for moderation keywords. If any are found,  
  53. * fail the check for the given field by returning false. 
  54. */ 
  55. $pattern = "#$word#i"; 
  56. if ( preg_match($pattern, $author) ) return false; 
  57. if ( preg_match($pattern, $email) ) return false; 
  58. if ( preg_match($pattern, $url) ) return false; 
  59. if ( preg_match($pattern, $comment) ) return false; 
  60. if ( preg_match($pattern, $user_ip) ) return false; 
  61. if ( preg_match($pattern, $user_agent) ) return false; 
  62.  
  63. /** 
  64. * Check if the option to approve comments by previously-approved authors is enabled. 
  65. * If it is enabled, check whether the comment author has a previously-approved comment,  
  66. * as well as whether there are any moderation keywords (if set) present in the author 
  67. * email address. If both checks pass, return true. Otherwise, return false. 
  68. */ 
  69. if ( 1 == get_option('comment_whitelist')) { 
  70. if ( 'trackback' != $comment_type && 'pingback' != $comment_type && $author != '' && $email != '' ) { 
  71. $comment_user = get_user_by( 'email', wp_unslash( $email ) ); 
  72. if ( ! empty( $comment_user->ID ) ) { 
  73. $ok_to_comment = $wpdb->get_var( $wpdb->prepare( "SELECT comment_approved FROM $wpdb->comments WHERE user_id = %d AND comment_approved = '1' LIMIT 1", $comment_user->ID ) ); 
  74. } else { 
  75. // expected_slashed ($author, $email) 
  76. $ok_to_comment = $wpdb->get_var( $wpdb->prepare( "SELECT comment_approved FROM $wpdb->comments WHERE comment_author = %s AND comment_author_email = %s and comment_approved = '1' LIMIT 1", $author, $email ) ); 
  77. if ( ( 1 == $ok_to_comment ) && 
  78. ( empty($mod_keys) || false === strpos( $email, $mod_keys) ) ) 
  79. return true; 
  80. else 
  81. return false; 
  82. } else { 
  83. return false; 
  84. return true;