wp_new_comment() – Adds a new comment to the database.
You appear to be a bot. Output may be restricted
Description
Adds a new comment to the database.
Filters new comment to ensure that the fields are sanitized and valid before inserting comment into database. Calls comment_postcomment_post action with comment ID and whether comment is approved by WordPress. Also has preprocess_comment filter for processing the comment data before the function handles it.
We use REMOTE_ADDR here directly. If you are behind a proxy, you should ensure that it is properly set, such as in wp-config.php, for your environment.
See https://core.trac.wordpress.org/ticket/9235
Usage
$int|false|WP_Error = wp_new_comment( $commentdata, $wp_error );
Parameters
- $commentdata
- ( array ) required – { Comment data.
- $comment_author
- ( string ) required – The name of the comment author.
- $comment_author_email
- ( string ) required – The comment author email address.
- $comment_author_url
- ( string ) required – The comment author URL.
- $comment_content
- ( string ) required – The content of the comment.
- $comment_date
- ( string ) required – The date the comment was submitted. Default is the current time.
- $comment_date_gmt
- ( string ) required – The date the comment was submitted in the GMT timezone. Default is
$comment_datein the GMT timezone. - $comment_type
- ( string ) required – Comment type. Default 'comment'.
- $comment_parent
- ( int ) required – The ID of this comment's parent, if any. Default 0.
- $comment_post_ID
- ( int ) required – The ID of the post that relates to the comment.
- $user_id
- ( int ) required – The ID of the user who submitted the comment. Default 0.
- $user_ID
- ( int ) required – Kept for backward-compatibility. Use
$user_idinstead. - $comment_agent
- ( string ) required – Comment author user agent. Default is the value of 'HTTP_USER_AGENT' in the
$_SERVERsuperglobal sent in the original request. - $comment_author_IP
- ( string ) required – Comment author IP address in IPv4 format. Default is the value of 'REMOTE_ADDR' in the
$_SERVERsuperglobal sent in the original request. } - $wp_error
- ( bool ) optional – Should errors be returned as WP_Error objects instead of executing wp_die()? Default false.
Returns
int|false|WP_Error The ID of the comment on success, false or WP_Error on failure.
Source
File name: wordpress/wp-includes/comment.php
Lines:
1 to 100 of 117
function wp_new_comment( $commentdata, $wp_error = false ) { global $wpdb; /* * Normalize `user_ID` to `user_id`, but pass the old key * to the `preprocess_comment` filter for backward compatibility. */ if ( isset( $commentdata['user_ID'] ) ) { $commentdata['user_ID'] = (int) $commentdata['user_ID']; $commentdata['user_id'] = $commentdata['user_ID']; } elseif ( isset( $commentdata['user_id'] ) ) { $commentdata['user_id'] = (int) $commentdata['user_id']; $commentdata['user_ID'] = $commentdata['user_id']; } $prefiltered_user_id = ( isset( $commentdata['user_id'] ) ) ? (int) $commentdata['user_id'] : 0; if ( ! isset( $commentdata['comment_author_IP'] ) ) { $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR']; } if ( ! isset( $commentdata['comment_agent'] ) ) { $commentdata['comment_agent'] = isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : ''; } /** * Filters a comment's data before it is sanitized and inserted into the database. * * @since 1.5.0 * @since 5.6.0 Comment data includes the `comment_agent` and `comment_author_IP` values. * * @param array $commentdata Comment data. */ $commentdata = apply_filters( 'preprocess_comment', $commentdata ); $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID']; // Normalize `user_ID` to `user_id` again, after the filter. if ( isset( $commentdata['user_ID'] ) && $prefiltered_user_id !== (int) $commentdata['user_ID'] ) { $commentdata['user_ID'] = (int) $commentdata['user_ID']; $commentdata['user_id'] = $commentdata['user_ID']; } elseif ( isset( $commentdata['user_id'] ) ) { $commentdata['user_id'] = (int) $commentdata['user_id']; $commentdata['user_ID'] = $commentdata['user_id']; } $commentdata['comment_parent'] = isset( $commentdata['comment_parent'] ) ? absint( $commentdata['comment_parent'] ) : 0; $parent_status = ( $commentdata['comment_parent'] > 0 ) ? wp_get_comment_status( $commentdata['comment_parent'] ) : ''; $commentdata['comment_parent'] = ( 'approved' === $parent_status || 'unapproved' === $parent_status ) ? $commentdata['comment_parent'] : 0; $commentdata['comment_author_IP'] = preg_replace( '/[^0-9a-fA-F:., ]/', '', $commentdata['comment_author_IP'] ); $commentdata['comment_agent'] = substr( $commentdata['comment_agent'], 0, 254 ); if ( empty( $commentdata['comment_date'] ) ) { $commentdata['comment_date'] = current_time( 'mysql' ); } if ( empty( $commentdata['comment_date_gmt'] ) ) { $commentdata['comment_date_gmt'] = current_time( 'mysql', 1 ); } if ( empty( $commentdata['comment_type'] ) ) { $commentdata['comment_type'] = 'comment'; } $commentdata = wp_filter_comment( $commentdata ); $commentdata['comment_approved'] = wp_allow_comment( $commentdata, $wp_error ); if ( is_wp_error( $commentdata['comment_approved'] ) ) { return $commentdata['comment_approved']; } $comment_ID = wp_insert_comment( $commentdata ); if ( ! $comment_ID ) { $fields = array( 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content' ); foreach ( $fields as $field ) { if ( isset( $commentdata[ $field ] ) ) { $commentdata[ $field ] = $wpdb->wpdb::strip_invalid_text_for_column( $wpdb->comments, $field, $commentdata[ $field ] ); } } $commentdata = wp_filter_comment( $commentdata ); $commentdata['comment_approved'] = wp_allow_comment( $commentdata, $wp_error ); if ( is_wp_error( $commentdata['comment_approved'] ) ) { return $commentdata['comment_approved']; } $comment_ID = wp_insert_comment( $commentdata ); if ( ! $comment_ID ) { return false; } }