WordPress.org

Forums

[resolved] Add a comment field (81 posts)

  1. bcworkz
    Member
    Posted 1 year ago #

    No matter if option 1 does not work because it introduces other problems, it's not worth spending time debugging it.

    As for the duplicate post trap, it appears possible to disable it, but it's not simple. I haven't tested this, but it appears you would hook 'comment_duplicate_trigger' and essentially replicate most of wp_allow_comment(). The context in which the hook appears prevents a simple solution. The easiest work around is probably to automatically enter a timestamp as the default content of the textarea, then hide the field with CSS.

    Altering the comment query was a good idea, but as I feared, I had identified the wrong hook. I finally found the correct query, but unfortunately hooking into it is not simple and even if we did, the resulting code is fragile. (As a future reminder for myself, this involves hooking the $wpdb class filter 'query', and checking every query string for the specific comments query. When found, add in the current user limitation)

    It now appears letting the full query occur is the best approach, then removing all comments not belonging to the current user. If done early enough, it does not mess up the count and navigation like option 1 did. Below is the revised code, also placed on functions.php. This code has been tested (finally made it home after weather delays!) and appears to work, though my testing was somewhat limited in scope, you should test more thoroughly. In my development of this code I used an anonymous function (the function( $comment ) bit) because it was easier for me, but it only works in PHP 5.3 and newer. If this is an issue, it's a simple rewrite.

    //Alter comment results if not admin to only have current user's comments
    //Place on functions.php
    add_filter('comments_array', 'bcw_current_user_comments');
    function bcw_current_user_comments( $comments ) {
      if ( ! current_user_can('moderate_comments')) {
        $comments = array_merge( array_filter( $comments, function( $comment ) {
          if ( $comment->user_id == get_current_user_id() ) return true;
          return;
        }));
      }
      return $comments;
    }

    Be sure to delete the earlier broken version otherwise you will get a function redefinition error. FYI, how this works is array_filter() builds an array of elements (from the original comments results) of only elements that were written by the current user. The logic to decide this is from the anonymous function. The results retain their numeric keys from the original. The results are passed through array_merge() so that the array keys are sequentially renumbered from zero, otherwise errors occur.

  2. sicktb
    Member
    Posted 1 year ago #

    That code works like a charm!!!!! That makes me realy happy!

    As for the duplicate post trap, it appears possible to disable it, but it's not simple. I haven't tested this, but it appears you would hook 'comment_duplicate_trigger' and essentially replicate most of wp_allow_comment(). The context in which the hook appears prevents a simple solution. The easiest work around is probably to automatically enter a timestamp as the default content of the textarea, then hide the field with CSS.

    Im not sure how to get this working...

  3. bcworkz
    Member
    Posted 1 year ago #

    That makes me realy happy!

    And that makes me really happy as well!!

    I've updated the Pastebin comments.php page with the new code that hides the textarea and inserts a timestamp. The only change is to line 87. This is the new line: <?php $args = '<p class="comment-form-comment" style="display: none;"><label for="comment">' . _x( 'Comment', 'noun' ) . '</label> <textarea id="comment" name="comment" cols="45" rows="8" aria-required="true">' . time() . '</textarea></p>';

    You will see large numbers as comment text on the admin screens, but otherwise this hack is transparent.

    I do believe you can finally start entering real fields on the comment template and into the bcw_handle_comment() function! w00t! Best to do some thorough testing before making copies of the template though. Much easier to fix one template instead of 6.

    I should remind you the field names on the various templates should stay the same on each version if at all possible. You can change the labels seen by the user to anything, but if the names change, it impacts the bcw_handle_comment(). Varying the names significantly complicates things, though it's still workable if the names absolutely must change.

  4. sicktb
    Member
    Posted 1 year ago #

    Option 1:
    Del button, I need this to work for an author(user).

    Option 2:
    I tested this plugin to try and edit the comment. This will only let me edit the timestamp.

    I got a feeling that if i want to make this a 100%...the new comment fields should be placed in the normal comment field... I don't know if this is possible and if this is the same progress that has to be "done" to add the new fields to the backend?

    Please don't make any work at option 2 for now! I think option 1 will be fine.

  5. sicktb
    Member
    Posted 1 year ago #

    With that pastebin there will still be a timestamp for the user. I dont mind it for admin. For admin this is a easy way to find what post belongs to what user.

    At the moment i did the following <?php /*?><div class="comment-body"><?php comment_text(); ?></div><?php */?>

  6. bcworkz
    Member
    Posted 1 year ago #

    Option 1 is doable, more on that later.

    Option 2. It's not really feasible to place your new fields in the existing field. Not impossible, but it would be a mess that could easily break. More feasible would be to expand the plugin to recognize your new fields, but doing so would take some investigation and time beyond what I'm willing to do. Additionally, it appears maintenance would be more difficult than it currently is (to add or alter fields in the future)

    So it is something to consider for the future perhaps, but for now, Option 1. Change this line:
    if (current_user_can('edit_post')) {
    to this:
    if ( current_user_can('edit_post') || $comment->user_id == get_current_user_id()) {

    This actually displays the buttons to any of these users: Admins, Editors, the Post Author, the logged in user who wrote the comment.

    And about the timestamp showing to users, a simple oversight on my part. You found the offending code and commented it out. Nice job! It would have been exactly what I would have suggested if I was paying more attention.

  7. sicktb
    Member
    Posted 1 year ago #

    And about the timestamp showing to users, a simple oversight on my part. You found the offending code and commented it out. Nice job! It would have been exactly what I would have suggested if I was paying more attention.

    Can i somehow comment it out for everyone except admin?

    And you mean like this:

    Original:

    //Alter comment results if not admin to only have current user's comments
    //Place on functions.php
    add_filter('comments_array', 'bcw_current_user_comments');
    function bcw_current_user_comments( $comments ) {
      if ( current_user_can('edit_post') || $comment->user_id == get_current_user_id()) {
        $comments = array_merge( array_filter( $comments, function( $comment ) {
          if ( $comment->user_id == get_current_user_id() ) return true;
          return;
        }));
      }
      return $comments;
    }

    to:

    //Alter comment results if not admin to only have current user's comments
    //Place on functions.php
    add_filter('comments_array', 'bcw_current_user_comments');
    function bcw_current_user_comments( $comments ) {
      if ( ! current_user_can('moderate_comments')) {
        $comments = array_merge( array_filter( $comments, function( $comment ) {
          if ( $comment->user_id == get_current_user_id() ) return true;
          return;
        }));
      }
      return $comments;
    }
  8. sicktb
    Member
    Posted 1 year ago #

    I don't see any changes with that code. And i don't see a delete button at the comment. For admin i can see a button where i can change it. But i don't want this for the user. Only a delete button.

  9. bcworkz
    Member
    Posted 1 year ago #

    You can't really "comment out" for all but admins, but you can put the code in a conditional. Replace the initial /* with if ( current_user_can('moderate_comments')) :

    Replace the terminal */ with endif;

    Please leave the bcw_current_user_comments() function as it was. This removes comments a user is not intended to see, it has nothing to do with the Option 1 delete button feature. (BTW, the "to:" version in your last post appears to be the original. Use the version I first posted last week.)

    The changes I wanted you to make was to the code for Option 1 from wprecipes.com. This change will cause the delete button to show when appropriate.

  10. sicktb
    Member
    Posted 1 year ago #

    So it is something to consider for the future perhaps, but for now, Option 1. Change this line:

    if (current_user_can('edit_post')) {
    to this:
    if ( current_user_can('edit_post') || $comment->user_id == get_current_user_id()) {

    Where can i find this?
    Or you mean to put this code in function.php:

    function delete_comment_link($id) {
      if ( current_user_can('edit_post') || $comment->user_id == get_current_user_id()) {
        echo '| <a href="'.admin_url("comment.php?action=cdc&c=$id").'">del</a> ';
        echo '| <a href="'.admin_url("comment.php?action=cdc&dt=spam&c=$id").'">spam</a>';
      }
    }

    Then, edit the comments.php file. Adding the following code. It must be within the comment loop. In the theme, you’ll find a edit_comment_link() declaration. Add the code just after.

    delete_comment_link(get_comment_ID());

  11. sicktb
    Member
    Posted 1 year ago #

    I tried the above code. But user1 has not the option to delete comments/ put it to spam. I'm using a plugin to give the user a role(User Role Editor). And this role is only 'READ' atm.

    This is maybe why the delete button is not showing. But when logged in as admin i can see the del | spam button. Im not sure what option i have to give to user1 to activate the del/spam button.

    But i don't like how this buttons work. They transfer me to the backend. Is there a way that this can be in the front? And how to fix it for the user?

  12. bcworkz
    Member
    Posted 1 year ago #

    Well, this is embarrassing, I knew the add delete button script was called from the comment loop, but it some how escaped me that it is a called function and not physically in the loop. Which led to a stupid scoping error. My bad, sorry about that.

    The easiest fix, but not best, is to add this line:
    $comment = get_comment($id);
    directly below this:
    function delete_comment_link($id) {

    You should see the delete and spam links where you want them now.

    While I was figuring this out, I noticed another small scoping error with the original code. This is easily fixed by changing the 'edit_post' capability in current_user_can() to 'moderate_comments'. I don't think you'll notice any difference with this change.

    The other problem with non-admin users is, though they have the delete link now, it will not work because they do not have moderate_comments capabilities (I assume). I'm also assuming you wouldn't really want to grant them this capability because they could approve or delete anyone's comment, not just their own.

    So we need a solution where they can delete only their own comments from the front end. There's a number of ways to do this. The best is an AJAX implementation. The problem there is it's pretty much a small coding project that would involve more time than I'm willing to contribute. If you could find someone to code this for you, this would be the best approach.

    That said, I think there may be a relatively simple approach that's not ideal, but may be good enough. It would involve the delete link linking to the same single post page which is currently being viewed, with some special parameters added instructing the template to delete a particular comment before reloading the page. This should also solve the capability issue. I'll also see if there's a better way to add the delete link, right now we're loading the comment twice due to scoping issues. In addition, there shouldn't be any reason for a user to mark their own comment as spam, so that link should not appear for normal users.

    I need to investigate further to ensure this scheme will really work, which may take a day or two. I'll get back to you on this once I have something. In the mean time, ensure the latest changes are working the way you expect. Also, is the timestamp field showing only for admins working correctly?

    Finally, should I remove the spam link for the admin as well as for normal users? It would make things easier, though it can remain if it's useful. For that matter, is the "Reply" (to a particular comment) button still applicable for your application? Or did you already remove it? I can remove that too if you like.

  13. sicktb
    Member
    Posted 1 year ago #

    I did already remove the

    echo '| spam';

    And i already removed the "Reply".

    The timestamp is not showing for admins. If the delete button is too much work because of the role manager plugin. Than i need to get this timestamp for admins working.

    Also i found a weird error. But this is maybe because im on the same IP. When i first post in firefox on my admin account. And fast after in IE logged in as user1 i will get a error saying im posting to fast on the same comment. I hope this is only based on IP.

    Below my current Comment.php and function.php. Today i will show my work at the customer and hoping she will like it and dont need much more than i have now.

    Comment.php

    function.php
    When i look in dreamweaver the following code gets a red highlight(looks like a error) but the code works...line 574 and 577

    I kinda edit it all to view all correct at the customer.

  14. bcworkz
    Member
    Posted 1 year ago #

    About the red code, I can only imagine it does not like the anonymous function. It's an illegal construct in older versions of PHP. We could define a named function and pass it as a parameter to array_filter() but there's little point. If someone's version of PHP is that old, I believe they will have other issues with WordPress as well.

    The posting too fast thing is to prevent script driven comment floods which could result in dozens of spam messages every second. It works off either IP or email being the same and the last comment being less than 15 seconds old default, though plugins can extend this. It will not fire for admins, so if you test user1 first, you're less likely to have the error fire by the time you return to user1, where if you go the other way, the admin post "counts" because of the same IP.

    Here are my revisions to the most recent files you posted:
    functions.php
    comments.php

    These changes should have things working the way you want, try them out and see. I hope you get these in time, but either way, I hope your client presentation goes well, good luck!

  15. sicktb
    Member
    Posted 1 year ago #

    Ok customer was really happy. And liked it as it is and dont need the timestamp... So i dont know if you fixed much on the new files? Cuz than i probably don't need to change my current.

    Some options that are requested by the customer:

    1) Comments should be editable in the frontend by the user. I gonna try some ajaxed plugins. This used to work with the early stage of the code. Can you tell me if this is hard to get to working?

    2) In the role manager plugin i need to ad the user to get read only. If i dont put read on thy user is not allowed to view the site. But the user is now allowed to change there password, name etc. I don't want that the user is able to change this in the back...

    Thats it...

  16. sicktb
    Member
    Posted 1 year ago #

    Simple add the following lines in function.php will not give me a edit button. And it probably will only give me the option to edit the timestamp.

    $subscriber= get_role('subscriber');
    $subscriber->add_cap('edit_comment');

  17. bcworkz
    Member
    Posted 1 year ago #

    The main change is the non-admin users can delete their posts from the front end without any special capability required. Perhaps less important if the user can edit their comment, but we are not there yet. I would encourage you to use my latest version, but of course you are free to do as you please.

    I think front end editing is not too complex for a few fields, but when there are many fields and 6 versions of the many fields, it will get messy, but the underlying logic is still not too complex. The main issue is any plugin that allows front end comment editing will only work for the timestamp, not any added custom fields.

    This is the problem also with the edit button. As you suspected, the back end edit button only allows editing the timestamp, the added custom fields do not appear.

    As for preventing users from editing their profile, it appears making it securely impossible to do this is not that easy. Being able to edit one's own password and personal data is a basic capability in WP, meaning that capability is not even checked, so it's not possible to manipulate capabilities with role manager to alter profile access.

    It's not too hard to make it difficult to edit one's profile. You could remove the menu item so there is no apparent way to access the profile page. However, if someone were to type in the correct URL in their browser, the profile page would be sent and any revisions happily accepted and committed to the DB. Not secure at all.

    I currently do not see a clean, secure way to block the user from his profile. I'll investigate some more, but it does not look promising.

    I'm afraid a front end edit comment functionality is more coding than I'm able to help you with, but here is what I would do if I did have the time. Using my delete comment approach as a guide, something similar could be done to handle a form POST. The comment display actually is an edit form, but it is made to appear as normal content using CSS. When the edit button is clicked, the CSS is changed so the content now appears in a form with an update button.

    When the update button is clicked, the form data is posted to the single page's permalink. The POST is intercepted just as is done for deleting the comment. The comment is updated, and the single page response is sent reflecting the new comment data.

  18. sicktb
    Member
    Posted 1 year ago #

    I currently do not see a clean, secure way to block the user from his profile. I'll investigate some more, but it does not look promising.

    I'll gonna look what i can do with some redirects. Maybe this will work for users and not for admin.

    I'm afraid a front end edit comment functionality is more coding than I'm able to help you with, but here is what I would do if I did have the time. Using my delete comment approach as a guide, something similar could be done to handle a form POST. The comment display actually is an edit form, but it is made to appear as normal content using CSS. When the edit button is clicked, the CSS is changed so the content now appears in a form with an update button.

    When the update button is clicked, the form data is posted to the single page's permalink. The POST is intercepted just as is done for deleting the comment. The comment is updated, and the single page response is sent reflecting the new comment data.

    Well i'm not gonna fix this on my own. So i need this help. It would be the best if you could help me... Im not sure if it helps than i'm willing to pay for the option? Just need to know what it will cost me to get it working. Or maybe you know someone on this forum that maybe wants to help me?

  19. bcworkz
    Member
    Posted 1 year ago #

    I'll gonna look what i can do with some redirects.

    That's a good idea! Maybe any request for the profile page gets sent to a screening page. If the user qualifies, they are forwarded back to the profiles page, otherwise they get an error message and the process dies. The trick will be how to prevent an endless redirect loop in a way that is secure. I'm not sure how to manage that.

    I appreciate your willingness to pay, but you cannot solicit work in this forum. Doing so can result in your topic being closed. Accordingly, I cannot accept any employment offers through this forum.

    I truly regret leaving you hanging like this, but I have to draw a line somewhere. We've accomplished your initial need of adding custom comment fields some time ago. We've been focused on little bit by bit add on functionality for some time now. I usually only offer advice and insight here and not specific code, but I could tell you really needed help so I made an exception. But then you keep having additional needs, and now I feel like I've deceived your client by allowing you to misrepresent your qualifications. Now, there's certainly nothing wrong with offering a service and hiring a skilled person to do that service on your behalf. It's not like some major ethical dilemma has cropped up here. I hope you can understand this from my viewpoint.

    I am just doing what I should have done some time ago. I'm sorry if I misled you about how much I'm willing to contribute to your project. I will still continue to happily offer any advice and insight you may need, but I can't provide any more coding work for you.

    You clearly need help to continue with this project. Here are a couple WordPress specific resources where soliciting coding work is the primary focus:
    http://jobs.wordpress.net/
    http://directory.codepoet.com/

    I wish you the best of luck, I'm sorry it needs to be this way.

  20. sicktb
    Member
    Posted 1 year ago #

    Well im realy glad you helped me with the information and the code! I will finetune the website with some coding that i have to do. And i hope to see you at http://jobs.wordpress.net/

  21. sicktb
    Member
    Posted 1 year ago #

    Changed to ninja-forms. With a small edit to the code.

Topic Closed

This topic has been closed to new replies.

About this Topic