forked from woocommerce/woocommerce
-
Notifications
You must be signed in to change notification settings - Fork 0
/
class-wc-comments.php
151 lines (122 loc) · 4.3 KB
/
class-wc-comments.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
<?php
if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
/**
* Comments
*
* Handle comments (reviews and order notes)
*
* @class WC_Post_types
* @version 2.1.0
* @package WooCommerce/Classes/Products
* @category Class
* @author WooThemes
*/
class WC_Comments {
/**
* Constructor
*/
public function __construct() {
// Rating posts
add_filter( 'preprocess_comment', array( $this, 'check_comment_rating' ), 0 );
add_action( 'comment_post', array( $this, 'add_comment_rating' ), 1 );
// clear transients
add_action( 'wp_set_comment_status', array( $this, 'clear_transients' ) );
add_action( 'edit_comment', array( $this, 'clear_transients' ) );
// Secure order notes
add_filter( 'comments_clauses', array( __CLASS__, 'exclude_order_comments' ), 10, 1 );
add_action( 'comment_feed_join', array( $this, 'exclude_order_comments_from_feed_join' ) );
add_action( 'comment_feed_where', array( $this, 'exclude_order_comments_from_feed_where' ) );
}
/**
* Exclude order comments from queries and RSS
*
* This code should exclude shop_order comments from queries. Some queries (like the recent comments widget on the dashboard) are hardcoded
* and are not filtered, however, the code current_user_can( 'read_post', $comment->comment_post_ID ) should keep them safe since only admin and
* shop managers can view orders anyway.
*
* The frontend view order pages get around this filter by using remove_filter('comments_clauses', array( 'WC_Comments' ,'exclude_order_comments'), 10, 1 );
*
* @param array $clauses
* @return array
*/
public static function exclude_order_comments( $clauses ) {
global $wpdb, $typenow, $pagenow;
if ( is_admin() && $typenow == 'shop_order' && current_user_can( 'manage_woocommerce' ) )
return $clauses; // Don't hide when viewing orders in admin
if ( ! $clauses['join'] )
$clauses['join'] = '';
if ( ! strstr( $clauses['join'], "JOIN $wpdb->posts" ) )
$clauses['join'] .= " LEFT JOIN $wpdb->posts ON comment_post_ID = $wpdb->posts.ID ";
if ( $clauses['where'] )
$clauses['where'] .= ' AND ';
$clauses['where'] .= " $wpdb->posts.post_type NOT IN ('shop_order') ";
return $clauses;
}
/**
* Exclude order comments from queries and RSS
*
* @param string $join
* @return string
*/
public function exclude_order_comments_from_feed_join( $join ) {
global $wpdb;
if ( ! strstr( $join, $wpdb->posts ) )
$join = " LEFT JOIN $wpdb->posts ON $wpdb->comments.comment_post_ID = $wpdb->posts.ID ";
return $join;
}
/**
* Exclude order comments from queries and RSS
*
* @param string $where
* @return string
*/
public function exclude_order_comments_from_feed_where( $where ) {
global $wpdb;
if ( $where )
$where .= ' AND ';
$where .= " $wpdb->posts.post_type NOT IN ('shop_order') ";
return $where;
}
/**
* Validate the comment ratings.
*
* @param array $comment_data
* @return array
*/
public function check_comment_rating( $comment_data ) {
// If posting a comment (not trackback etc) and not logged in
if ( isset( $_POST['rating'] ) && ! wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-comment_rating' ) )
wp_die( __( 'You have taken too long. Please go back and refresh the page.', 'woocommerce' ) );
elseif ( isset( $_POST['rating'] ) && empty( $_POST['rating'] ) && $comment_data['comment_type'] == '' && get_option('woocommerce_review_rating_required') == 'yes' ) {
wp_die( __( 'Please rate the product.', 'woocommerce' ) );
exit;
}
return $comment_data;
}
/**
* Rating field for comments.
*
* @param mixed $comment_id
*/
public function add_comment_rating( $comment_id ) {
if ( isset( $_POST['rating'] ) ) {
if ( ! $_POST['rating'] || $_POST['rating'] > 5 || $_POST['rating'] < 0 )
return;
add_comment_meta( $comment_id, 'rating', (int) esc_attr( $_POST['rating'] ), true );
$this->clear_transients( $comment_id );
}
}
/**
* Clear transients for a review.
*
* @param mixed $comment_id
*/
public function clear_transients( $comment_id ) {
$comment = get_comment( $comment_id );
if ( ! empty( $comment->comment_post_ID ) ) {
delete_transient( 'wc_average_rating_' . absint( $comment->comment_post_ID ) );
delete_transient( 'wc_rating_count_' . absint( $comment->comment_post_ID ) );
}
}
}
new WC_Comments();