云策 WordPress 开发者社区

函数文档

wp_ajax_delete_comment()

查看官方原文 ↗
💡 云策文档标注

概述

wp_ajax_delete_comment() 是一个 WordPress AJAX 处理函数,用于通过 AJAX 请求删除、垃圾处理、恢复或标记评论为垃圾邮件。它验证用户权限和请求安全性,并根据不同操作调用相应的评论处理函数。

关键要点

  • 函数通过 AJAX 处理评论的删除、垃圾处理、恢复和垃圾邮件标记操作。
  • 验证用户权限(使用 current_user_can('edit_comment'))和 AJAX 请求安全性(使用 check_ajax_referer())。
  • 根据 POST 参数(如 trash、untrash、spam、unspam、delete)执行相应操作,并调用 wp_trash_comment()、wp_untrash_comment()、wp_spam_comment()、wp_unspam_comment() 或 wp_delete_comment()。
  • 操作成功后,调用 _wp_ajax_delete_comment_response() 返回响应,否则通过 wp_die() 终止执行。

代码示例

function wp_ajax_delete_comment() {
    $id = isset( $_POST['id'] ) ? (int) $_POST['id'] : 0;
    $comment = get_comment( $id );
    if ( ! $comment ) {
        wp_die( time() );
    }
    if ( ! current_user_can( 'edit_comment', $comment->comment_ID ) ) {
        wp_die( -1 );
    }
    check_ajax_referer( "delete-comment_$id" );
    $status = wp_get_comment_status( $comment );
    $delta  = -1;
    if ( isset( $_POST['trash'] ) && '1' === $_POST['trash'] ) {
        if ( 'trash' === $status ) {
            wp_die( time() );
        }
        $r = wp_trash_comment( $comment );
    } elseif ( isset( $_POST['untrash'] ) && '1' === $_POST['untrash'] ) {
        if ( 'trash' !== $status ) {
            wp_die( time() );
        }
        $r = wp_untrash_comment( $comment );
        if ( ! isset( $_POST['comment_status'] ) || 'trash' !== $_POST['comment_status'] ) {
            $delta = 1;
        }
    } elseif ( isset( $_POST['spam'] ) && '1' === $_POST['spam'] ) {
        if ( 'spam' === $status ) {
            wp_die( time() );
        }
        $r = wp_spam_comment( $comment );
    } elseif ( isset( $_POST['unspam'] ) && '1' === $_POST['unspam'] ) {
        if ( 'spam' !== $status ) {
            wp_die( time() );
        }
        $r = wp_unspam_comment( $comment );
        if ( ! isset( $_POST['comment_status'] ) || 'spam' !== $_POST['comment_status'] ) {
            $delta = 1;
        }
    } elseif ( isset( $_POST['delete'] ) && '1' === $_POST['delete'] ) {
        $r = wp_delete_comment( $comment );
    } else {
        wp_die( -1 );
    }
    if ( $r ) {
        _wp_ajax_delete_comment_response( $comment->comment_ID, $delta );
    }
    wp_die( 0 );
}

注意事项

  • 函数依赖于 POST 参数(如 id、trash、untrash、spam、unspam、delete)来执行操作,确保前端正确传递这些参数。
  • 权限检查基于 current_user_can('edit_comment'),用户必须具有编辑评论的权限才能执行操作。
  • 使用 check_ajax_referer() 验证 AJAX 请求,防止跨站请求伪造(CSRF)攻击。
  • 函数在 WordPress 3.1.0 版本中引入,使用时需注意版本兼容性。
📄 原文内容

Handles deleting a comment via AJAX.

Source

function wp_ajax_delete_comment() {
	$id = isset( $_POST['id'] ) ? (int) $_POST['id'] : 0;

	$comment = get_comment( $id );

	if ( ! $comment ) {
		wp_die( time() );
	}

	if ( ! current_user_can( 'edit_comment', $comment->comment_ID ) ) {
		wp_die( -1 );
	}

	check_ajax_referer( "delete-comment_$id" );
	$status = wp_get_comment_status( $comment );
	$delta  = -1;

	if ( isset( $_POST['trash'] ) && '1' === $_POST['trash'] ) {
		if ( 'trash' === $status ) {
			wp_die( time() );
		}

		$r = wp_trash_comment( $comment );
	} elseif ( isset( $_POST['untrash'] ) && '1' === $_POST['untrash'] ) {
		if ( 'trash' !== $status ) {
			wp_die( time() );
		}

		$r = wp_untrash_comment( $comment );

		// Undo trash, not in Trash.
		if ( ! isset( $_POST['comment_status'] ) || 'trash' !== $_POST['comment_status'] ) {
			$delta = 1;
		}
	} elseif ( isset( $_POST['spam'] ) && '1' === $_POST['spam'] ) {
		if ( 'spam' === $status ) {
			wp_die( time() );
		}

		$r = wp_spam_comment( $comment );
	} elseif ( isset( $_POST['unspam'] ) && '1' === $_POST['unspam'] ) {
		if ( 'spam' !== $status ) {
			wp_die( time() );
		}

		$r = wp_unspam_comment( $comment );

		// Undo spam, not in spam.
		if ( ! isset( $_POST['comment_status'] ) || 'spam' !== $_POST['comment_status'] ) {
			$delta = 1;
		}
	} elseif ( isset( $_POST['delete'] ) && '1' === $_POST['delete'] ) {
		$r = wp_delete_comment( $comment );
	} else {
		wp_die( -1 );
	}

	if ( $r ) {
		// Decide if we need to send back '1' or a more complicated response including page links and comment counts.
		_wp_ajax_delete_comment_response( $comment->comment_ID, $delta );
	}

	wp_die( 0 );
}

View all references View on Trac View on GitHub

Uses Description
_wp_ajax_delete_comment_response()wp-admin/includes/ajax-actions.php

Sends back current comment total and new page links if they need to be updated.
wp_get_comment_status()wp-includes/comment.php

Retrieves the status of a comment by comment ID.
wp_spam_comment()wp-includes/comment.php

Marks a comment as Spam.
wp_unspam_comment()wp-includes/comment.php

Removes a comment from the Spam.
wp_trash_comment()wp-includes/comment.php

Moves a comment to the Trash
wp_untrash_comment()wp-includes/comment.php

Removes a comment from the Trash
wp_delete_comment()wp-includes/comment.php

Trashes or deletes a comment.
current_user_can()wp-includes/capabilities.php

Returns whether the current user has the specified capability.
check_ajax_referer()wp-includes/pluggable.php

Verifies the Ajax request to prevent processing requests external of the blog.
wp_die()wp-includes/functions.php

Kills WordPress execution and displays HTML page with an error message.
get_comment()wp-includes/comment.php

Retrieves comment data given a comment ID or comment object.

Show 6 moreShow less

Changelog

Version Description
3.1.0 Introduced.