wp_handle_comment_submission

Handles the submission of a comment, usually posted to wp-comments-post.php via a comment form.

Description

(WP_Comment|WP_Error) wp_handle_comment_submission( (array) $comment_data ); 

This function expects unslashed data, as opposed to functions such as wp_new_comment() which expect slashed data.

Returns (WP_Comment|WP_Error)

A WP_Comment object on success, a WP_Error object on failure.

Parameters (1)

0. $comment_data (array)
Comment data.

Options

  • comment_post_ID (string|int) => ''

    The ID of the post that relates to the comment.

  • author (string) => ''

    The name of the comment author.

  • email (string) => ''

    The comment author email address.

  • url (string) => ''

    The comment author URL.

  • comment (string) => ''

    The content of the comment.

  • comment_parent (string|int) => ''

    The ID of this comment's parent, if any.

array(

    /**
     * The ID of the post that relates to the comment.
     *
     * @type string|int
     * @default ''
     */
    'comment_post_ID' => '',

    /**
     * The name of the comment author.
     *
     * @type string
     * @default ''
     */
    'author' => '',

    /**
     * The comment author email address.
     *
     * @type string
     * @default ''
     */
    'email' => '',

    /**
     * The comment author URL.
     *
     * @type string
     * @default ''
     */
    'url' => '',

    /**
     * The content of the comment.
     *
     * @type string
     * @default ''
     */
    'comment' => '',

    /**
     * The ID of this comment's parent, if any.
     *
     * @type string|int
     * @default ''
     */
    'comment_parent' => ''
);        


Usage

  1. if ( !function_exists( 'wp_handle_comment_submission' ) ) { 
  2. require_once ABSPATH . WPINC . '/comment.php'; 
  3.  
  4. // Comment data. 
  5. $comment_data = array( 
  6. 'comment_post_ID' => '', 
  7. 'author' => '', 
  8. 'email' => '', 
  9. 'url' => '', 
  10. 'comment' => '', 
  11. 'comment_parent' => '' 
  12. ); 
  13.  
  14. // NOTICE! Understand what this does before running. 
  15. $result = wp_handle_comment_submission($comment_data); 
  16.  

Defined (1)

The function is defined in the following location(s).

/wp-includes/comment.php  
  1. function wp_handle_comment_submission( $comment_data ) { 
  2.  
  3. $comment_post_ID = $comment_parent = 0; 
  4. $comment_author = $comment_author_email = $comment_author_url = $comment_content = null; 
  5.  
  6. if ( isset( $comment_data['comment_post_ID'] ) ) { 
  7. $comment_post_ID = (int) $comment_data['comment_post_ID']; 
  8. if ( isset( $comment_data['author'] ) && is_string( $comment_data['author'] ) ) { 
  9. $comment_author = trim( strip_tags( $comment_data['author'] ) ); 
  10. if ( isset( $comment_data['email'] ) && is_string( $comment_data['email'] ) ) { 
  11. $comment_author_email = trim( $comment_data['email'] ); 
  12. if ( isset( $comment_data['url'] ) && is_string( $comment_data['url'] ) ) { 
  13. $comment_author_url = trim( $comment_data['url'] ); 
  14. if ( isset( $comment_data['comment'] ) && is_string( $comment_data['comment'] ) ) { 
  15. $comment_content = trim( $comment_data['comment'] ); 
  16. if ( isset( $comment_data['comment_parent'] ) ) { 
  17. $comment_parent = absint( $comment_data['comment_parent'] ); 
  18.  
  19. $post = get_post( $comment_post_ID ); 
  20.  
  21. if ( empty( $post->comment_status ) ) { 
  22.  
  23. /** 
  24. * Fires when a comment is attempted on a post that does not exist. 
  25. * @since 1.5.0 
  26. * @param int $comment_post_ID Post ID. 
  27. */ 
  28. do_action( 'comment_id_not_found', $comment_post_ID ); 
  29.  
  30. return new WP_Error( 'comment_id_not_found' ); 
  31.  
  32.  
  33. // get_post_status() will get the parent status for attachments. 
  34. $status = get_post_status( $post ); 
  35.  
  36. if ( ( 'private' == $status ) && ! current_user_can( 'read_post', $comment_post_ID ) ) { 
  37. return new WP_Error( 'comment_id_not_found' ); 
  38.  
  39. $status_obj = get_post_status_object( $status ); 
  40.  
  41. if ( ! comments_open( $comment_post_ID ) ) { 
  42.  
  43. /** 
  44. * Fires when a comment is attempted on a post that has comments closed. 
  45. * @since 1.5.0 
  46. * @param int $comment_post_ID Post ID. 
  47. */ 
  48. do_action( 'comment_closed', $comment_post_ID ); 
  49.  
  50. return new WP_Error( 'comment_closed', __( 'Sorry, comments are closed for this item.' ), 403 ); 
  51.  
  52. } elseif ( 'trash' == $status ) { 
  53.  
  54. /** 
  55. * Fires when a comment is attempted on a trashed post. 
  56. * @since 2.9.0 
  57. * @param int $comment_post_ID Post ID. 
  58. */ 
  59. do_action( 'comment_on_trash', $comment_post_ID ); 
  60.  
  61. return new WP_Error( 'comment_on_trash' ); 
  62.  
  63. } elseif ( ! $status_obj->public && ! $status_obj->private ) { 
  64.  
  65. /** 
  66. * Fires when a comment is attempted on a post in draft mode. 
  67. * @since 1.5.1 
  68. * @param int $comment_post_ID Post ID. 
  69. */ 
  70. do_action( 'comment_on_draft', $comment_post_ID ); 
  71.  
  72. return new WP_Error( 'comment_on_draft' ); 
  73.  
  74. } elseif ( post_password_required( $comment_post_ID ) ) { 
  75.  
  76. /** 
  77. * Fires when a comment is attempted on a password-protected post. 
  78. * @since 2.9.0 
  79. * @param int $comment_post_ID Post ID. 
  80. */ 
  81.  
  82. return new WP_Error( 'comment_on_password_protected' ); 
  83.  
  84. } else { 
  85.  
  86. /** 
  87. * Fires before a comment is posted. 
  88. * @since 2.8.0 
  89. * @param int $comment_post_ID Post ID. 
  90. */ 
  91. do_action( 'pre_comment_on_post', $comment_post_ID ); 
  92.  
  93.  
  94. // If the user is logged in 
  95. $user = wp_get_current_user(); 
  96. if ( $user->exists() ) { 
  97. if ( empty( $user->display_name ) ) { 
  98. $user->display_name=$user->user_login; 
  99. $comment_author = $user->display_name; 
  100. $comment_author_email = $user->user_email; 
  101. $comment_author_url = $user->user_url; 
  102. $user_ID = $user->ID; 
  103. if ( current_user_can( 'unfiltered_html' ) ) { 
  104. if ( ! isset( $comment_data['_wp_unfiltered_html_comment'] ) 
  105. || ! wp_verify_nonce( $comment_data['_wp_unfiltered_html_comment'], 'unfiltered-html-comment_' . $comment_post_ID ) 
  106. ) { 
  107. kses_remove_filters(); // start with a clean slate 
  108. kses_init_filters(); // set up the filters 
  109. } else { 
  110. if ( get_option( 'comment_registration' ) ) { 
  111. return new WP_Error( 'not_logged_in', __( 'Sorry, you must be logged in to comment.' ), 403 ); 
  112.  
  113. $comment_type = ''; 
  114.  
  115. if ( get_option( 'require_name_email' ) && ! $user->exists() ) { 
  116. if ( 6 > strlen( $comment_author_email ) || '' == $comment_author ) { 
  117. return new WP_Error( 'require_name_email', __( '<strong>ERROR</strong>: please fill the required fields (name, email).' ), 200 ); 
  118. } elseif ( ! is_email( $comment_author_email ) ) { 
  119. return new WP_Error( 'require_valid_email', __( '<strong>ERROR</strong>: please enter a valid email address.' ), 200 ); 
  120.  
  121. if ( '' == $comment_content ) { 
  122. return new WP_Error( 'require_valid_comment', __( '<strong>ERROR</strong>: please type a comment.' ), 200 ); 
  123.  
  124. $commentdata = compact( 
  125. 'comment_post_ID',  
  126. 'comment_content',  
  127. 'comment_parent',  
  128. 'user_ID' 
  129. ); 
  130.  
  131. $check_max_lengths = wp_check_comment_data_max_lengths( $commentdata ); 
  132. if ( is_wp_error( $check_max_lengths ) ) { 
  133. return $check_max_lengths; 
  134.  
  135. $comment_id = wp_new_comment( wp_slash( $commentdata ), true ); 
  136. if ( is_wp_error( $comment_id ) ) { 
  137. return $comment_id; 
  138.  
  139. if ( ! $comment_id ) { 
  140. return new WP_Error( 'comment_save_error', __( '<strong>ERROR</strong>: The comment could not be saved. Please try again later.' ), 500 ); 
  141.  
  142. return get_comment( $comment_id );