云策 WordPress 开发者社区

函数文档

check_comment()

查看官方原文 ↗
💡 云策文档标注

概述

check_comment() 函数用于检查评论是否通过内部验证以允许添加。它基于 WordPress 管理设置执行多项检查,包括手动审核、链接数量、禁用词和作者历史批准状态。

关键要点

  • 如果启用手动评论审核(comment_moderation 选项为 '1'),函数直接返回 false,跳过所有其他检查。
  • 检查评论中的外部链接数量是否超过 comment_max_links 设置,若超过则返回 false。
  • 检查所有参数(除 comment_type 外)是否包含 moderation_keys 中的禁用词,若发现则返回 false。
  • 如果 comment_previously_approved 选项启用且作者邮箱有历史批准记录,且邮箱不包含禁用词,则返回 true。
  • 函数返回布尔值:true 表示所有检查通过,false 表示失败。

代码示例

$author = "John Charles Smith";
$email = "jsmith@example.com";
$url = "http://example.com";
$comment = "Excellent...";
$user_ip = "12.34.56.78";
$user_agent = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.79 Safari/535.11";
$comment_type = "comment";

if ( check_comment( $author, $email, $url, $comment, $user_ip, $user_agent, $comment_type ) ) {
    echo "The Comment robot says: Thank you for your comment.";
} else {
    echo "The Comment robot says: This comment is NOT valid!";
}

注意事项

  • 函数使用 apply_filters('comment_max_links_url', $num_links, $url, $comment) 过滤链接数量,允许开发者自定义计算。
  • 函数使用 apply_filters('comment_text', $comment, null, array()) 过滤评论文本,确保检查基于处理后的内容。
  • 参数包括 author、email、url、comment、user_ip、user_agent 和 comment_type,均为必需字符串类型。
  • 在检查历史批准时,会查询数据库以确认作者是否有已批准的评论记录。
📄 原文内容

Checks whether a comment passes internal checks to be allowed to add.

Description

If manual comment moderation is set in the administration, then all checks, regardless of their type and substance, will fail and the function will return false.

If the number of links exceeds the amount in the administration, then the check fails. If any of the parameter contents contain any disallowed words, then the check fails.

If the comment author was approved before, then the comment is automatically approved.

If all checks pass, the function will return true.

Parameters

$authorstringrequired
Comment author name.
$emailstringrequired
Comment author email.
$urlstringrequired
Comment author URL.
$commentstringrequired
Content of the comment.
$user_ipstringrequired
Comment author IP address.
$user_agentstringrequired
Comment author User-Agent.
$comment_typestringrequired
Comment type, either user-submitted comment, trackback, or pingback.

Return

bool If all checks pass, true, otherwise false.

More Information

Returns false if in Comment_Moderation:

* The Administrator must approve all messages,
* The number of external links is too high, or
* Any banned word, name, URL, e-mail, or IP is found in any parameter except $comment_type.

Returns true if the Administrator does not have to approve all messages and:

* $comment_type parameter is a <a href="https://wordpress.org/support/article/glossary/#trackback">trackback</a> or <a href="https://wordpress.org/support/article/glossary/#pingback">pingback</a> and part of the <a href="https://wordpress.org/support/article/glossary/#blogroll">blogroll</a>, or
* $author and $email parameters have been approved previously.

Returns true in all other cases.

Source

function check_comment( $author, $email, $url, $comment, $user_ip, $user_agent, $comment_type ) {
	global $wpdb;

	// If manual moderation is enabled, skip all checks and return false.
	if ( '1' === get_option( 'comment_moderation' ) ) {
		return false;
	}

	/** This filter is documented in wp-includes/comment-template.php */
	$comment = apply_filters( 'comment_text', $comment, null, array() );

	// Check for the number of external links if a max allowed number is set.
	$max_links = get_option( 'comment_max_links' );
	if ( $max_links ) {
		$num_links = preg_match_all( '/<a [^>]*href/i', $comment, $out );

		/**
		 * Filters the number of links found in a comment.
		 *
		 * @since 3.0.0
		 * @since 4.7.0 Added the `$comment` parameter.
		 *
		 * @param int    $num_links The number of links found.
		 * @param string $url       Comment author's URL. Included in allowed links total.
		 * @param string $comment   Content of the comment.
		 */
		$num_links = apply_filters( 'comment_max_links_url', $num_links, $url, $comment );

		/*
		 * If the number of links in the comment exceeds the allowed amount,
		 * fail the check by returning false.
		 */
		if ( $num_links >= $max_links ) {
			return false;
		}
	}

	$mod_keys = trim( get_option( 'moderation_keys' ) );

	// If moderation 'keys' (keywords) are set, process them.
	if ( ! empty( $mod_keys ) ) {
		$words = explode( "n", $mod_keys );

		foreach ( (array) $words as $word ) {
			$word = trim( $word );

			// Skip empty lines.
			if ( empty( $word ) ) {
				continue;
			}

			/*
			 * Do some escaping magic so that '#' (number of) characters in the spam
			 * words don't break things:
			 */
			$word = preg_quote( $word, '#' );

			/*
			 * Check the comment fields for moderation keywords. If any are found,
			 * fail the check for the given field by returning false.
			 */
			$pattern = "#$word#iu";
			if ( preg_match( $pattern, $author ) ) {
				return false;
			}
			if ( preg_match( $pattern, $email ) ) {
				return false;
			}
			if ( preg_match( $pattern, $url ) ) {
				return false;
			}
			if ( preg_match( $pattern, $comment ) ) {
				return false;
			}
			if ( preg_match( $pattern, $user_ip ) ) {
				return false;
			}
			if ( preg_match( $pattern, $user_agent ) ) {
				return false;
			}
		}
	}

	/*
	 * Check if the option to approve comments by previously-approved authors is enabled.
	 *
	 * If it is enabled, check whether the comment author has a previously-approved comment,
	 * as well as whether there are any moderation keywords (if set) present in the author
	 * email address. If both checks pass, return true. Otherwise, return false.
	 */
	if ( '1' === get_option( 'comment_previously_approved' ) ) {
		if ( 'trackback' !== $comment_type && 'pingback' !== $comment_type && '' !== $author && '' !== $email ) {
			$comment_user = get_user_by( 'email', wp_unslash( $email ) );
			if ( ! empty( $comment_user->ID ) ) {
				$ok_to_comment = $wpdb->get_var(
					$wpdb->prepare(
						"SELECT comment_approved
						FROM $wpdb->comments
						WHERE user_id = %d
						AND comment_approved = '1'
						LIMIT 1",
						$comment_user->ID
					)
				);
			} else {
				// expected_slashed ($author, $email)
				$ok_to_comment = $wpdb->get_var(
					$wpdb->prepare(
						"SELECT comment_approved
						FROM $wpdb->comments
						WHERE comment_author = %s
						AND comment_author_email = %s
						AND comment_approved = '1'
						LIMIT 1",
						$author,
						$email
					)
				);
			}

			if ( '1' === $ok_to_comment && ( empty( $mod_keys ) || ! str_contains( $email, $mod_keys ) ) ) {
				return true;
			} else {
				return false;
			}
		} else {
			return false;
		}
	}
	return true;
}

View all references View on Trac View on GitHub

Hooks

apply_filters( ‘comment_max_links_url’, int $num_links, string $url, string $comment )

Filters the number of links found in a comment.

apply_filters( ‘comment_text’, string $comment_text, WP_Comment|null $comment, array $args )

Filters the text of a comment to be displayed.

Uses Description
get_user_by()wp-includes/pluggable.php

Retrieves user info by a given field.
wp_unslash()wp-includes/formatting.php

Removes slashes from a string or recursively removes slashes from strings within an array.
apply_filters()wp-includes/plugin.php

Calls the callback functions that have been added to a filter hook.
get_option()wp-includes/option.php

Retrieves an option value based on an option name.
wpdb::get_var()wp-includes/class-wpdb.php

Retrieves one value from the database.
wpdb::prepare()wp-includes/class-wpdb.php

Prepares a SQL query for safe execution.

Show 4 moreShow less

Used by Description
wp_check_comment_data()wp-includes/comment.php

Checks whether comment data passes internal checks or has disallowed content.

Changelog

Version Description
1.2.0 Introduced.

User Contributed Notes

  1. Skip to note 2 content


    Codex


    You must log in to vote on the helpfulness of this noteVote results for this note: 0You must log in to vote on the helpfulness of this note

    Simple use case

    $author = "John Charles Smith";
$email = "jsmith@example.com";
$url = "<a href="http://example.com&quot" rel="nofollow ugc">http://example.com"</a>;;
$comment = "Excellent...";
$user_ip = "12.34.56.78";
$user_agent = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.79 Safari/535.11";
$comment_type = "comment";

if ( check_comment( $author, $email, $url, $comment, $user_ip, $user_agent, $comment_type ) ) {
	echo "The Comment robot says: Thank you for your comment.";
} else {
	echo "The Comment robot says: This comment is NOT valid!";
}