wp_new_comment() WP 1.0
Adds a new comment to the database.
Filters new comment to ensure that the fields are sanitized and valid before inserting comment into database. Calls 'comment_post' action with comment ID and whether comment is approved by WordPress. Also has 'preprocess_comment' filter for processing the comment data before the function handles it.
We use REMOTE_ADDR here directly. If you are behind a proxy, you should ensure that it is properly set, such as in wp-config.php, for your environment.
See https://core.trac.wordpress.org/ticket/9235
Return
Int|false|WP_Error. The ID of the comment on success, false or WP_Error on failure.
Usage
wp_new_comment( $commentdata, $wp_error );
- $commentdata(array) (required)
Comment data.
-
comment_author(string)
The name of the comment author.
-
comment_author_email(string)
The comment author email address.
-
comment_author_url(string)
The comment author URL.
-
comment_content(string)
The content of the comment.
-
comment_date(string)
The date the comment was submitted.
Default: current time
-
comment_date_gmt(string)
The date the comment was submitted in the GMT timezone.
Default: $comment_date in the GMT timezone
-
comment_type(string)
Comment type.
Default: 'comment'
-
comment_parent(int)
The ID of this comment's parent, if any.
-
comment_post_ID(int)
The ID of the post that relates to the comment.
-
user_id(int)
The ID of the user who submitted the comment.
-
user_ID(int)
Kept for backward-compatibility. Use $user_id instead.
-
comment_agent(string)
Comment author user agent.
Default: value of 'HTTP_USER_AGENT' in the $_SERVER superglobal sent in the original request
- comment_author_IP(string)
Comment author IP address in IPv4 format.
Default: value of 'REMOTE_ADDR' in the $_SERVER superglobal sent in the original request
- $wp_error(true|false)
- Should errors be returned as WP_Error objects instead of executing wp_die()? Default false.
Notes
- See: wp_insert_comment()
- Global. wpdb. $wpdb WordPress database abstraction object.
Changelog
| Since 1.5.0 |
Introduced. |
| Since 4.3.0 |
Introduced the comment_agent and comment_author_IP arguments. |
| Since 4.7.0 |
The $avoid_die parameter was added, allowing the function to return a WP_Error object instead of dying. |
| Since 5.5.0 |
The $avoid_die parameter was renamed to $wp_error. |
| Since 5.5.0 |
Introduced the comment_type argument. |
Code of wp_new_comment() wp new comment
WP 5.7.1
<?php
function wp_new_comment( $commentdata, $wp_error = false ) {
global $wpdb;
if ( isset( $commentdata['user_ID'] ) ) {
$commentdata['user_ID'] = (int) $commentdata['user_ID'];
$commentdata['user_id'] = $commentdata['user_ID'];
}
$prefiltered_user_id = ( isset( $commentdata['user_id'] ) ) ? (int) $commentdata['user_id'] : 0;
if ( ! isset( $commentdata['comment_author_IP'] ) ) {
$commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
}
if ( ! isset( $commentdata['comment_agent'] ) ) {
$commentdata['comment_agent'] = isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : '';
}
/**
* Filters a comment's data before it is sanitized and inserted into the database.
*
* @since 1.5.0
* @since 5.6.0 Comment data includes the `comment_agent` and `comment_author_IP` values.
*
* @param array $commentdata Comment data.
*/
$commentdata = apply_filters( 'preprocess_comment', $commentdata );
$commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
if ( isset( $commentdata['user_ID'] ) && $prefiltered_user_id !== (int) $commentdata['user_ID'] ) {
$commentdata['user_ID'] = (int) $commentdata['user_ID'];
$commentdata['user_id'] = $commentdata['user_ID'];
} elseif ( isset( $commentdata['user_id'] ) ) {
$commentdata['user_id'] = (int) $commentdata['user_id'];
}
$commentdata['comment_parent'] = isset( $commentdata['comment_parent'] ) ? absint( $commentdata['comment_parent'] ) : 0;
$parent_status = ( $commentdata['comment_parent'] > 0 ) ? wp_get_comment_status( $commentdata['comment_parent'] ) : '';
$commentdata['comment_parent'] = ( 'approved' === $parent_status || 'unapproved' === $parent_status ) ? $commentdata['comment_parent'] : 0;
$commentdata['comment_author_IP'] = preg_replace( '/[^0-9a-fA-F:., ]/', '', $commentdata['comment_author_IP'] );
$commentdata['comment_agent'] = substr( $commentdata['comment_agent'], 0, 254 );
if ( empty( $commentdata['comment_date'] ) ) {
$commentdata['comment_date'] = current_time( 'mysql' );
}
if ( empty( $commentdata['comment_date_gmt'] ) ) {
$commentdata['comment_date_gmt'] = current_time( 'mysql', 1 );
}
if ( empty( $commentdata['comment_type'] ) ) {
$commentdata['comment_type'] = 'comment';
}
$commentdata = wp_filter_comment( $commentdata );
$commentdata['comment_approved'] = wp_allow_comment( $commentdata, $wp_error );
if ( is_wp_error( $commentdata['comment_approved'] ) ) {
return $commentdata['comment_approved'];
}
$comment_ID = wp_insert_comment( $commentdata );
if ( ! $comment_ID ) {
$fields = array( 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content' );
foreach ( $fields as $field ) {
if ( isset( $commentdata[ $field ] ) ) {
$commentdata[ $field ] = $wpdb->strip_invalid_text_for_column( $wpdb->comments, $field, $commentdata[ $field ] );
}
}
$commentdata = wp_filter_comment( $commentdata );
$commentdata['comment_approved'] = wp_allow_comment( $commentdata, $wp_error );
if ( is_wp_error( $commentdata['comment_approved'] ) ) {
return $commentdata['comment_approved'];
}
$comment_ID = wp_insert_comment( $commentdata );
if ( ! $comment_ID ) {
return false;
}
}
/**
* Fires immediately after a comment is inserted into the database.
*
* @since 1.2.0
* @since 4.5.0 The `$commentdata` parameter was added.
*
* @param int $comment_ID The comment ID.
* @param int|string $comment_approved 1 if the comment is approved, 0 if not, 'spam' if spam.
* @param array $commentdata Comment data.
*/
do_action( 'comment_post', $comment_ID, $commentdata['comment_approved'], $commentdata );
return $comment_ID;
}
Related Functions