WordPress.org
Get WordPress
WordPress.org

WordPress Developer Resources

wp_ajax_replyto_comment()

wp_ajax_replyto_comment( string $action )

In this article

Back to top

Handles replying to a comment via AJAX.

Parameters

$actionstringrequired
Action to perform.

Source

function wp_ajax_replyto_comment( $action ) {
	if ( empty( $action ) ) {
		$action = 'replyto-comment';
	}

	check_ajax_referer( $action, '_ajax_nonce-replyto-comment' );

	$comment_post_id = (int) $_POST['comment_post_ID'];
	$post            = get_post( $comment_post_id );

	if ( ! $post ) {
		wp_die( -1 );
	}

	if ( ! current_user_can( 'edit_post', $comment_post_id ) ) {
		wp_die( -1 );
	}

	if ( empty( $post->post_status ) ) {
		wp_die( 1 );
	} elseif ( in_array( $post->post_status, array( 'draft', 'pending', 'trash' ), true ) ) {
		wp_die( __( 'You cannot reply to a comment on a draft post.' ) );
	}

	$user = wp_get_current_user();

	if ( $user->exists() ) {
		$comment_author       = wp_slash( $user->display_name );
		$comment_author_email = wp_slash( $user->user_email );
		$comment_author_url   = wp_slash( $user->user_url );
		$user_id              = $user->ID;

		if ( current_user_can( 'unfiltered_html' ) ) {
			if ( ! isset( $_POST['_wp_unfiltered_html_comment'] ) ) {
				$_POST['_wp_unfiltered_html_comment'] = '';
			}

			if ( wp_create_nonce( 'unfiltered-html-comment' ) !== $_POST['_wp_unfiltered_html_comment'] ) {
				kses_remove_filters(); // Start with a clean slate.
				kses_init_filters();   // Set up the filters.
				remove_filter( 'pre_comment_content', 'wp_filter_post_kses' );
				add_filter( 'pre_comment_content', 'wp_filter_kses' );
			}
		}
	} else {
		wp_die( __( 'Sorry, you must be logged in to reply to a comment.' ) );
	}

	$comment_content = trim( $_POST['content'] );

	if ( '' === $comment_content ) {
		wp_die( __( 'Please type your comment text.' ) );
	}

	$comment_type = isset( $_POST['comment_type'] ) ? trim( $_POST['comment_type'] ) : 'comment';

	$comment_parent = 0;

	if ( isset( $_POST['comment_ID'] ) ) {
		$comment_parent = absint( $_POST['comment_ID'] );
	}

	$comment_auto_approved = false;

	$commentdata = array(
		'comment_post_ID' => $comment_post_id,
	);

	$commentdata += compact(
		'comment_author',
		'comment_author_email',
		'comment_author_url',
		'comment_content',
		'comment_type',
		'comment_parent',
		'user_id'
	);

	// Automatically approve parent comment.
	if ( ! empty( $_POST['approve_parent'] ) ) {
		$parent = get_comment( $comment_parent );

		if ( $parent && '0' === $parent->comment_approved && (int) $parent->comment_post_ID === $comment_post_id ) {
			if ( ! current_user_can( 'edit_comment', $parent->comment_ID ) ) {
				wp_die( -1 );
			}

			if ( wp_set_comment_status( $parent, 'approve' ) ) {
				$comment_auto_approved = true;
			}
		}
	}

	$comment_id = wp_new_comment( $commentdata );

	if ( is_wp_error( $comment_id ) ) {
		wp_die( $comment_id->get_error_message() );
	}

	$comment = get_comment( $comment_id );

	if ( ! $comment ) {
		wp_die( 1 );
	}

	$position = ( isset( $_POST['position'] ) && (int) $_POST['position'] ) ? (int) $_POST['position'] : '-1';

	ob_start();
	if ( isset( $_REQUEST['mode'] ) && 'dashboard' === $_REQUEST['mode'] ) {
		require_once ABSPATH . 'wp-admin/includes/dashboard.php';
		_wp_dashboard_recent_comments_row( $comment );
	} else {
		if ( isset( $_REQUEST['mode'] ) && 'single' === $_REQUEST['mode'] ) {
			$wp_list_table = _get_list_table( 'WP_Post_Comments_List_Table', array( 'screen' => 'edit-comments' ) );
		} else {
			$wp_list_table = _get_list_table( 'WP_Comments_List_Table', array( 'screen' => 'edit-comments' ) );
		}
		$wp_list_table->single_row( $comment );
	}
	$comment_list_item = ob_get_clean();

	$response = array(
		'what'     => 'comment',
		'id'       => $comment->comment_ID,
		'data'     => $comment_list_item,
		'position' => $position,
	);

	$counts                   = wp_count_comments();
	$response['supplemental'] = array(
		'in_moderation'        => $counts->moderated,
		'i18n_comments_text'   => sprintf(
			/* translators: %s: Number of comments. */
			_n( '%s Comment', '%s Comments', $counts->approved ),
			number_format_i18n( $counts->approved )
		),
		'i18n_moderation_text' => sprintf(
			/* translators: %s: Number of comments. */
			_n( '%s Comment in moderation', '%s Comments in moderation', $counts->moderated ),
			number_format_i18n( $counts->moderated )
		),
	);

	if ( $comment_auto_approved ) {
		$response['supplemental']['parent_approved'] = $parent->comment_ID;
		$response['supplemental']['parent_post_id']  = $parent->comment_post_ID;
	}

	$x = new WP_Ajax_Response();
	$x->add( $response );
	$x->send();
}

View all references View on Trac View on GitHub

UsesDescription
WP_List_Table::single_row()wp-admin/includes/class-wp-list-table.php

Generates content for a single row of the table.

_wp_dashboard_recent_comments_row()wp-admin/includes/dashboard.php

Outputs a row for the Recent Comments widget.

_get_list_table()wp-admin/includes/list-table.php

Fetches an instance of a WP_List_Table class.

wp_create_nonce()wp-includes/pluggable.php

Creates a cryptographic token tied to a specific action, user, user session, and window of time.

wp_get_current_user()wp-includes/pluggable.php

Retrieves the current user object.

kses_remove_filters()wp-includes/kses.php

Removes all KSES input form content filters.

kses_init_filters()wp-includes/kses.php

Adds all KSES input form content filters.

WP_Ajax_Response::__construct()wp-includes/class-wp-ajax-response.php

Constructor – Passes args to WP_Ajax_Response::add().

wp_set_comment_status()wp-includes/comment.php

Sets the status of a comment.

wp_new_comment()wp-includes/comment.php

Adds a new comment to the database.

wp_count_comments()wp-includes/comment.php

Retrieves the total comment counts for the whole site or a single post.

current_user_can()wp-includes/capabilities.php

Returns whether the current user has the specified capability.

wp_slash()wp-includes/formatting.php

Adds slashes to a string or recursively adds slashes to strings within an array.

check_ajax_referer()wp-includes/pluggable.php

Verifies the Ajax request to prevent processing requests external of the blog.

absint()wp-includes/load.php

Converts a value to non-negative integer.

wp_die()wp-includes/functions.php

Kills WordPress execution and displays HTML page with an error message.

number_format_i18n()wp-includes/functions.php

Converts float number to format based on the locale.

remove_filter()wp-includes/plugin.php

Removes a callback function from a filter hook.

add_filter()wp-includes/plugin.php

Adds a callback function to a filter hook.

get_post()wp-includes/post.php

Retrieves post data given a post ID or post object.

get_comment()wp-includes/comment.php

Retrieves comment data given a comment ID or comment object.

is_wp_error()wp-includes/load.php

Checks whether the given variable is a WordPress Error.

Show 17 moreShow less

Changelog

VersionDescription
3.1.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.