Automattic\WooCommerce\Internal\OrderReviews
SubmissionHandler::process_rows │ private │ WC 1.0
Process the submitted row payload and return per-row outcomes.
Method of the class: SubmissionHandler{}
No Hooks.
Returns
Array
Usage
// private - for code of main (parent) class only $result = $this->process_rows( $order, $rows_in ): array;
- $order(WC_Order) (required)
- Order being reviewed.
- $rows_in(array) (required)
- Raw
$_POST['reviews']value.
SubmissionHandler::process_rows() SubmissionHandler::process rows code WC 10.8.1
private function process_rows( WC_Order $order, array $rows_in ): array {
$results = array();
$item_index = $this->index_eligible_order_items( $order );
$author_name = trim( $order->get_billing_first_name() . ' ' . $order->get_billing_last_name() );
$author_email = $order->get_billing_email();
$author_ip = $order->get_customer_ip_address();
$author_agent = $order->get_customer_user_agent();
$require_mod = (bool) get_option( 'comment_moderation' );
// Drop any per-request memoisation a prior caller may have populated,
// then preload the eligibility cache so the per-row decide() calls
// below don't issue one already-reviewed query each. Reset matters
// inside the suite (multiple submissions in one PHP process) and is
// a no-op in production (admin-ajax runs in a fresh process).
ItemEligibility::reset_cache();
ItemEligibility::preload_for_items( $item_index, $order );
foreach ( $rows_in as $row_index => $row ) {
$row_index = (int) $row_index;
$row = is_array( $row ) ? $row : array();
$rating = isset( $row['rating'] ) ? (int) $row['rating'] : 0;
if ( 0 === $rating ) {
// Empty rating means the customer chose to skip this row; allowed.
continue;
}
$product_id = isset( $row['product_id'] ) ? absint( $row['product_id'] ) : 0;
$order_item_id = isset( $row['order_item_id'] ) ? absint( $row['order_item_id'] ) : 0;
// $rows_in was already unslashed in handle(); avoid double-unslashing.
$text = isset( $row['text'] ) && is_string( $row['text'] ) ? trim( wp_kses_post( $row['text'] ) ) : '';
$result = array(
'product_id' => $product_id,
'status' => 'error',
);
if ( $rating < 1 || $rating > 5 ) {
$result['error'] = 'invalid_rating';
$results[ $row_index ] = $result;
continue;
}
// invalid_row also covers fully-refunded line items: index_eligible_order_items()
// runs them through woocommerce_review_order_eligible_items, which strips them.
if ( ! $product_id || ! $order_item_id || ! isset( $item_index[ $order_item_id ] ) ) {
$result['error'] = 'invalid_row';
$results[ $row_index ] = $result;
continue;
}
$item = $item_index[ $order_item_id ];
// Variable products: the row template posts the variation id,
// while $item->get_product_id() returns the parent. Accept either.
$line_product_id = (int) $item->get_product_id();
$line_variation_id = (int) $item->get_variation_id();
if ( $product_id !== $line_product_id && $product_id !== $line_variation_id ) {
$result['error'] = 'product_mismatch';
$results[ $row_index ] = $result;
continue;
}
// Reviews always attach to the parent product so they show on the
// product page regardless of which variation was bought.
$review_post_id = $line_product_id;
// Reject submissions for products whose review form was never
// rendered (comments disabled on the product).
$decision = ItemEligibility::decide( $item, $order );
if ( ItemEligibility::STATUS_SKIP === $decision['status'] ) {
$result['error'] = 'reviews_not_open';
$results[ $row_index ] = $result;
continue;
}
// Only attribute the comment to a WP user when the current request is
// authenticated as that user. Guests reaching the page via the order
// key are not authenticated, so the comment stays unattributed (0).
$customer_id = (int) $order->get_customer_id();
$current_user_id = get_current_user_id();
$comment_user_id = ( $current_user_id > 0 && $current_user_id === $customer_id ) ? $current_user_id : 0;
// If the customer already has a review tied to this order for this
// product, update it in place instead of stacking duplicates. The
// existing comment id comes from the server-side lookup, not the
// client, so a tampered POST can't target someone else's review.
$existing = $decision['comment'] instanceof \WP_Comment ? $decision['comment'] : null;
if ( $existing instanceof \WP_Comment ) {
$update_ok = wp_update_comment(
wp_slash(
array(
'comment_ID' => (int) $existing->comment_ID,
'comment_content' => $text,
'comment_approved' => $require_mod ? 0 : 1,
)
)
);
if ( false === $update_ok || is_wp_error( $update_ok ) ) {
$result['error'] = 'update_failed';
$results[ $row_index ] = $result;
continue;
}
update_comment_meta( (int) $existing->comment_ID, 'rating', $rating );
$result['comment_id'] = (int) $existing->comment_ID;
$result['status'] = $require_mod ? 'pending_moderation' : 'ok';
$results[ $row_index ] = $result;
continue;
}
$comment_data = array(
'comment_post_ID' => $review_post_id,
'comment_author' => '' !== $author_name ? $author_name : __( 'Anonymous', 'woocommerce' ),
'comment_author_email' => $author_email,
'comment_author_IP' => $author_ip,
'comment_agent' => $author_agent,
'comment_content' => $text,
'comment_type' => 'review',
'comment_approved' => $require_mod ? 0 : 1,
'user_id' => $comment_user_id,
);
$comment_id = wp_insert_comment( wp_slash( $comment_data ) );
if ( ! $comment_id ) {
$result['error'] = 'insert_failed';
$results[ $row_index ] = $result;
continue;
}
add_comment_meta( $comment_id, 'rating', $rating, true );
add_comment_meta( $comment_id, 'verified', 1, true );
add_comment_meta( $comment_id, ItemEligibility::ORDER_META_KEY, (int) $order->get_id(), true );
$result['comment_id'] = (int) $comment_id;
$result['status'] = $require_mod ? 'pending_moderation' : 'ok';
$results[ $row_index ] = $result;
}//end foreach
return $results;
}