wp_new_comment

Adds a new comment to the database.

Description

(int|false|WP_Error) wp_new_comment( (array) $commentdata, (bool) $avoid_die = false ); 

Filters new comment to ensure that the fields are sanitized and valid before inserting comment into database. Calls action with comment ID and whether comment is approved by WordPress. Also has filter for processing the comment data before the function handles it.

We use REMOTE_ADDR here directly. If you are behind a proxy, you should ensure that it is properly set, such as in wp-config.php, for your environment.

See

Returns (int|false|WP_Error)

The ID of the comment on success, false or WP_Error on failure.

Parameters (2)

0. $commentdata (array)
Comment data.

Options

  • comment_author (string) => ''

    The name of the comment author.

  • comment_author_email (string) => ''

    The comment author email address.

  • comment_author_url (string) => ''

    The comment author URL.

  • comment_content (string) => ''

    The content of the comment.

  • comment_date (string) => is the current time

    The date the comment was submitted.

  • comment_date_gmt (string) => 'is $comment_date in the GMT timezone'

    The date the comment was submitted in the GMT timezone.

  • comment_parent (int) => 0

    The ID of this comment's parent, if any.

  • comment_post_ID (int) => 0

    The ID of the post that relates to the comment.

  • user_id (int) => 0

    The ID of the user who submitted the comment.

  • user_ID (int) => 0

    Kept for backward-compatibility. Use $user_id instead.

  • comment_agent (string) => 'is the value of '

    Comment author user agent.

array(

    /**
     * The name of the comment author.
     *
     * @type string
     * @default ''
     */
    'comment_author' => '',

    /**
     * The comment author email address.
     *
     * @type string
     * @default ''
     */
    'comment_author_email' => '',

    /**
     * The comment author URL.
     *
     * @type string
     * @default ''
     */
    'comment_author_url' => '',

    /**
     * The content of the comment.
     *
     * @type string
     * @default ''
     */
    'comment_content' => '',

    /**
     * The date the comment was submitted.
     *
     * @type string
     * @default is the current time
     */
    'comment_date' => is the current time,

    /**
     * The date the comment was submitted in the GMT timezone.
     *
     * @type string
     * @default 'is $comment_date in the GMT timezone'
     */
    'comment_date_gmt' => 'is $comment_date in the GMT timezone',

    /**
     * The ID of this comment's parent, if any.
     *
     * @type int
     */
    'comment_parent' => 0,

    /**
     * The ID of the post that relates to the comment.
     *
     * @type int
     */
    'comment_post_ID' => 0,

    /**
     * The ID of the user who submitted the comment.
     *
     * @type int
     */
    'user_id' => 0,

    /**
     * Kept for backward-compatibility. Use `$user_id` instead.
     *
     * @type int
     */
    'user_ID' => 0,

    /**
     * Comment author user agent.
     *
     * @type string
     * @default 'is the value of '
     */
    'comment_agent' => 'is the value of '
);        

1. $avoid_die — Optional. (bool) => false
Should errors be returned as WP_Error objects instead of executing wp_die()? Default false.

Usage

  1. if ( !function_exists( 'wp_new_comment' ) ) { 
  2. require_once ABSPATH . WPINC . '/comment.php'; 
  3.  
  4. // Comment data. 
  5. $commentdata = array( 
  6. 'comment_author' => '', 
  7. 'comment_author_email' => '', 
  8. 'comment_author_url' => '', 
  9. 'comment_content' => '', 
  10. 'comment_date' => is the current time, 
  11. 'comment_date_gmt' => 'is $comment_date in the GMT timezone', 
  12. 'comment_parent' => 0, 
  13. 'comment_post_ID' => 0, 
  14. 'user_id' => 0, 
  15. 'user_ID' => 0, 
  16. 'comment_agent' => 'is the value of ' 
  17. ); 
  18.  
  19. // Should errors be returned as WP_Error objects instead of 
  20. // executing wp_die()? Default false. 
  21. $avoid_die = false; 
  22.  
  23. // NOTICE! Understand what this does before running. 
  24. $result = wp_new_comment($commentdata, $avoid_die); 
  25.  

Defined (1)

The function is defined in the following location(s).

/wp-includes/comment.php  
  1. function wp_new_comment( $commentdata, $avoid_die = false ) { 
  2. global $wpdb; 
  3.  
  4. if ( isset( $commentdata['user_ID'] ) ) { 
  5. $commentdata['user_id'] = $commentdata['user_ID'] = (int) $commentdata['user_ID']; 
  6.  
  7. $prefiltered_user_id = ( isset( $commentdata['user_id'] ) ) ? (int) $commentdata['user_id'] : 0; 
  8.  
  9. /** 
  10. * Filters a comment's data before it is sanitized and inserted into the database. 
  11. * @since 1.5.0 
  12. * @param array $commentdata Comment data. 
  13. */ 
  14. $commentdata = apply_filters( 'preprocess_comment', $commentdata ); 
  15.  
  16. $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID']; 
  17. if ( isset( $commentdata['user_ID'] ) && $prefiltered_user_id !== (int) $commentdata['user_ID'] ) { 
  18. $commentdata['user_id'] = $commentdata['user_ID'] = (int) $commentdata['user_ID']; 
  19. } elseif ( isset( $commentdata['user_id'] ) ) { 
  20. $commentdata['user_id'] = (int) $commentdata['user_id']; 
  21.  
  22. $commentdata['comment_parent'] = isset($commentdata['comment_parent']) ? absint($commentdata['comment_parent']) : 0; 
  23. $parent_status = ( 0 < $commentdata['comment_parent'] ) ? wp_get_comment_status($commentdata['comment_parent']) : ''; 
  24. $commentdata['comment_parent'] = ( 'approved' == $parent_status || 'unapproved' == $parent_status ) ? $commentdata['comment_parent'] : 0; 
  25.  
  26. if ( ! isset( $commentdata['comment_author_IP'] ) ) { 
  27. $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR']; 
  28. $commentdata['comment_author_IP'] = preg_replace( '/[^0-9a-fA-F:., ]/', '', $commentdata['comment_author_IP'] ); 
  29.  
  30. if ( ! isset( $commentdata['comment_agent'] ) ) { 
  31. $commentdata['comment_agent'] = isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT']: ''; 
  32. $commentdata['comment_agent'] = substr( $commentdata['comment_agent'], 0, 254 ); 
  33.  
  34. if ( empty( $commentdata['comment_date'] ) ) { 
  35. $commentdata['comment_date'] = current_time('mysql'); 
  36.  
  37. if ( empty( $commentdata['comment_date_gmt'] ) ) { 
  38. $commentdata['comment_date_gmt'] = current_time( 'mysql', 1 ); 
  39.  
  40. $commentdata = wp_filter_comment($commentdata); 
  41.  
  42. $commentdata['comment_approved'] = wp_allow_comment( $commentdata, $avoid_die ); 
  43. if ( is_wp_error( $commentdata['comment_approved'] ) ) { 
  44. return $commentdata['comment_approved']; 
  45.  
  46. $comment_ID = wp_insert_comment($commentdata); 
  47. if ( ! $comment_ID ) { 
  48. $fields = array( 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content' ); 
  49.  
  50. foreach ( $fields as $field ) { 
  51. if ( isset( $commentdata[ $field ] ) ) { 
  52. $commentdata[ $field ] = $wpdb->strip_invalid_text_for_column( $wpdb->comments, $field, $commentdata[ $field ] ); 
  53.  
  54. $commentdata = wp_filter_comment( $commentdata ); 
  55.  
  56. $commentdata['comment_approved'] = wp_allow_comment( $commentdata, $avoid_die ); 
  57. if ( is_wp_error( $commentdata['comment_approved'] ) ) { 
  58. return $commentdata['comment_approved']; 
  59.  
  60. $comment_ID = wp_insert_comment( $commentdata ); 
  61. if ( ! $comment_ID ) { 
  62. return false; 
  63.  
  64. /** 
  65. * Fires immediately after a comment is inserted into the database. 
  66. * @since 1.2.0 
  67. * @since 4.5.0 The `$commentdata` parameter was added. 
  68. * @param int $comment_ID The comment ID. 
  69. * @param int|string $comment_approved 1 if the comment is approved, 0 if not, 'spam' if spam. 
  70. * @param array $commentdata Comment data. 
  71. */ 
  72. do_action( 'comment_post', $comment_ID, $commentdata['comment_approved'], $commentdata ); 
  73.  
  74. return $comment_ID;