wp_new_comment() │ WP 1.5.0

Adds a new comment to the Database. Filters the data.

Filters all data to ensure that all fields are passed correctly; some fields are created by the function and do not need to be specified (IP address, User Agent).

The function's task is to preprocess the comment data and pass it to wp_insert_comment().

See also the function wp_handle_comment_submission(), which is a wrapper for this function.

Uses the action hook: comment_post, which passes the comment ID and triggers immediately after the comment is added.
Uses the filter: preprocess_comment which allows modifying the comment data before the function starts processing it.

Uses: wp_insert_comment()

Used By: wp_handle_comment_submission()

Hooks from the function

preprocess_comment

comment_post

Returns

Int|false|WP_Error. The ID of the comment that was added. Or false in case of failure.

Usage

wp_new_comment( $commentdata, $wp_error );

$commentdata(array) (required)

Associative array of comment data. The array keys are the fields of the database table.

The comment_ID field does not need to be specified — it is created automatically. For other fields, see the description of wp_insert_comment().

The comment_approved argument is always equal to the value of the function wp_allow_comment(). That is, if we specify it manually, the specified value will be ignored.

To specify the value of comment_approved regardless, you can use the filter: pre_comment_approved:

add_filter( 'pre_comment_approved', fn()=> 1 );
// or
add_filter( 'pre_comment_approved', fn()=> 0 );

$wp_error(boolean)

true = do not execute wp_die(), but return WP_Error in case of an error. Since WP 4.7.
Default: false

Examples

#1 Example of adding a new comment

The comment will be added to post 418 and will be a reply to comment 315:

// create a data array for the new comment
$commentdata = [
	'comment_post_ID'      => 418,
	'comment_author'       => 'Check',
	'comment_author_email' => '[email protected]',
	'comment_author_url'   => 'http://example.com',
	'comment_content'      => 'New comment text',
	'comment_type'         => 'comment',
	'comment_parent'       => 315,
	'user_ID'              => 0,
];

// add data to the database
wp_new_comment( $commentdata );

#2 Example of adding a comment using the function wp_insert_comment()

In this case, we have to define absolutely all of the comment fields ourselves:

$data = [
	'comment_post_ID'      => 1,
	'comment_author'       => 'admin',
	'comment_author_email' => '[email protected]',
	'comment_author_url'   => 'http://',
	'comment_content'      => 'comment text',
	'comment_type'         => 'comment',
	'comment_parent'       => 0,
	'user_id'              => 1,
	'comment_author_IP'    => '127.0.0.1',
	'comment_agent'        => 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10 (.NET CLR 3.5.30729)',
	'comment_date'         => current_time('mysql'),
	'comment_approved'     => 1,
];

wp_insert_comment( $data );

#3 Warning: Restrictions for comment_type

If you set comment_type to one of these words: all, comment, comments, pings. WordPress will save the comment with that type but you will NOT be able to retrieve it using normal WordPress comment functions.

Here’s what happens to those reserved words inside WP_Comment_Query{}, where types are gathered into comment_type__in whether you send them via the type or type__in argument:

all – No comment_type__in clause will be in query.
comment or comments – '' added to comment_type_in.
pings – 'pingback','trackback' added to comment_type_in.

Because of this, you will not be able to retrieve the comment using “normal” WordPress functions.

To get it, you will have to filter comments_clauses to ensure your type is added to the WHERE clause. For example, the following will replace the '' inserted instead of comment with comment:

add_filter( 'comments_clauses', 'add_comment_to_clauses', 10, 2 );

function add_comment_to_clauses( $clauses, $WP_Comment_object ) {

	// use regex to find the empty string in where clause
	$clauses['where'] = preg_replace_callback(
		"~(comment_type[ ]*IN[ ]*\(.*)('')~i",
		function ( $matches ) {
			// $matches[1] was everything up to the '' 
			// $matches[2] was the empty string
			return $matches[1] . "'','comment'";
		},
		$clauses['where']
	);

	return $clauses;
}

Notes

See: wp_insert_comment()
Global. wpdb. $wpdb WordPress database abstraction object.

Changelog

Since 1.5.0	Introduced.
Since 4.3.0	Introduced the `comment_agent` and `comment_author_IP` arguments.
Since 4.7.0	The `$avoid_die` parameter was added, allowing the function to return a WP_Error object instead of dying.
Since 5.5.0	The `$avoid_die` parameter was renamed to `$wp_error`.
Since 5.5.0	Introduced the `comment_type` argument.

`wp_new_comment() wp new comment` code ^{WP 6.9}

wp-includes/comment.php

function wp_new_comment( $commentdata, $wp_error = false ) {
	global $wpdb;

	/*
	 * Normalize `user_ID` to `user_id`, but pass the old key
	 * to the `preprocess_comment` filter for backward compatibility.
	 */
	if ( isset( $commentdata['user_ID'] ) ) {
		$commentdata['user_ID'] = (int) $commentdata['user_ID'];
		$commentdata['user_id'] = $commentdata['user_ID'];
	} elseif ( isset( $commentdata['user_id'] ) ) {
		$commentdata['user_id'] = (int) $commentdata['user_id'];
		$commentdata['user_ID'] = $commentdata['user_id'];
	}

	$prefiltered_user_id = ( isset( $commentdata['user_id'] ) ) ? (int) $commentdata['user_id'] : 0;

	if ( ! isset( $commentdata['comment_author_IP'] ) ) {
		$commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR'];
	}

	if ( ! isset( $commentdata['comment_agent'] ) ) {
		$commentdata['comment_agent'] = isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : '';
	}

	/**
	 * Filters a comment's data before it is sanitized and inserted into the database.
	 *
	 * @since 1.5.0
	 * @since 5.6.0 Comment data includes the `comment_agent` and `comment_author_IP` values.
	 *
	 * @param array $commentdata Comment data.
	 */
	$commentdata = apply_filters( 'preprocess_comment', $commentdata );

	$commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];

	// Normalize `user_ID` to `user_id` again, after the filter.
	if ( isset( $commentdata['user_ID'] ) && $prefiltered_user_id !== (int) $commentdata['user_ID'] ) {
		$commentdata['user_ID'] = (int) $commentdata['user_ID'];
		$commentdata['user_id'] = $commentdata['user_ID'];
	} elseif ( isset( $commentdata['user_id'] ) ) {
		$commentdata['user_id'] = (int) $commentdata['user_id'];
		$commentdata['user_ID'] = $commentdata['user_id'];
	}

	$commentdata['comment_parent'] = isset( $commentdata['comment_parent'] ) ? absint( $commentdata['comment_parent'] ) : 0;

	$parent_status = ( $commentdata['comment_parent'] > 0 ) ? wp_get_comment_status( $commentdata['comment_parent'] ) : '';

	$commentdata['comment_parent'] = ( 'approved' === $parent_status || 'unapproved' === $parent_status ) ? $commentdata['comment_parent'] : 0;

	$commentdata['comment_author_IP'] = preg_replace( '/[^0-9a-fA-F:., ]/', '', $commentdata['comment_author_IP'] );

	$commentdata['comment_agent'] = substr( $commentdata['comment_agent'], 0, 254 );

	if ( empty( $commentdata['comment_date'] ) ) {
		$commentdata['comment_date'] = current_time( 'mysql' );
	}

	if ( empty( $commentdata['comment_date_gmt'] ) ) {
		$commentdata['comment_date_gmt'] = current_time( 'mysql', true );
	}

	if ( empty( $commentdata['comment_type'] ) ) {
		$commentdata['comment_type'] = 'comment';
	}

	$commentdata['comment_approved'] = wp_allow_comment( $commentdata, $wp_error );

	if ( is_wp_error( $commentdata['comment_approved'] ) ) {
		return $commentdata['comment_approved'];
	}

	$commentdata = wp_filter_comment( $commentdata );

	if ( ! in_array( $commentdata['comment_approved'], array( 'trash', 'spam' ), true ) ) {
		// Validate the comment again after filters are applied to comment data.
		$commentdata['comment_approved'] = wp_check_comment_data( $commentdata );
	}

	if ( is_wp_error( $commentdata['comment_approved'] ) ) {
		return $commentdata['comment_approved'];
	}

	$comment_id = wp_insert_comment( $commentdata );

	if ( ! $comment_id ) {
		$fields = array( 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content' );

		foreach ( $fields as $field ) {
			if ( isset( $commentdata[ $field ] ) ) {
				$commentdata[ $field ] = $wpdb->strip_invalid_text_for_column( $wpdb->comments, $field, $commentdata[ $field ] );
			}
		}

		$commentdata = wp_filter_comment( $commentdata );

		$commentdata['comment_approved'] = wp_allow_comment( $commentdata, $wp_error );
		if ( is_wp_error( $commentdata['comment_approved'] ) ) {
			return $commentdata['comment_approved'];
		}

		$comment_id = wp_insert_comment( $commentdata );
		if ( ! $comment_id ) {
			return false;
		}
	}

	/**
	 * Fires immediately after a comment is inserted into the database.
	 *
	 * @since 1.2.0
	 * @since 4.5.0 The `$commentdata` parameter was added.
	 *
	 * @param int        $comment_id       The comment ID.
	 * @param int|string $comment_approved 1 if the comment is approved, 0 if not, 'spam' if spam.
	 * @param array      $commentdata      Comment data.
	 */
	do_action( 'comment_post', $comment_id, $commentdata['comment_approved'], $commentdata );

	return $comment_id;
}