1 <?php
  2 
  3 if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
  4 
  5 /**
  6  * Comments
  7  *
  8  * Handle comments (reviews and order notes)
  9  *
 10  * @class       WC_Post_types
 11  * @version     2.1.0
 12  * @package     WooCommerce/Classes/Products
 13  * @category    Class
 14  * @author      WooThemes
 15  */
 16 class WC_Comments {
 17 
 18     /**
 19      * Constructor
 20      */
 21     public function __construct() {
 22         // Rating posts
 23         add_filter( 'preprocess_comment', array( $this, 'check_comment_rating' ), 0 );
 24         add_action( 'comment_post', array( $this, 'add_comment_rating' ), 1 );
 25 
 26         // clear transients
 27         add_action( 'wp_set_comment_status', array( $this, 'clear_transients' ) );
 28         add_action( 'edit_comment', array( $this, 'clear_transients' ) );
 29 
 30         // Secure order notes
 31         add_filter( 'comments_clauses', array( __CLASS__, 'exclude_order_comments' ), 10, 1 );
 32         add_action( 'comment_feed_join', array( $this, 'exclude_order_comments_from_feed_join' ) );
 33         add_action( 'comment_feed_where', array( $this, 'exclude_order_comments_from_feed_where' ) );
 34     }
 35 
 36     /**
 37      * Exclude order comments from queries and RSS
 38      *
 39      * This code should exclude shop_order comments from queries. Some queries (like the recent comments widget on the dashboard) are hardcoded
 40      * and are not filtered, however, the code current_user_can( 'read_post', $comment->comment_post_ID ) should keep them safe since only admin and
 41      * shop managers can view orders anyway.
 42      *
 43      * The frontend view order pages get around this filter by using remove_filter('comments_clauses', array( 'WC_Comments' ,'exclude_order_comments'), 10, 1 );
 44      *
 45      * @param array $clauses
 46      * @return array
 47      */
 48     public static function exclude_order_comments( $clauses ) {
 49         global $wpdb, $typenow, $pagenow;
 50 
 51         if ( is_admin() && $typenow == 'shop_order' && current_user_can( 'manage_woocommerce' ) )
 52             return $clauses; // Don't hide when viewing orders in admin
 53 
 54         if ( ! $clauses['join'] )
 55             $clauses['join'] = '';
 56 
 57         if ( ! strstr( $clauses['join'], "JOIN $wpdb->posts" ) )
 58             $clauses['join'] .= " LEFT JOIN $wpdb->posts ON comment_post_ID = $wpdb->posts.ID ";
 59 
 60         if ( $clauses['where'] )
 61             $clauses['where'] .= ' AND ';
 62 
 63         $clauses['where'] .= " $wpdb->posts.post_type NOT IN ('shop_order') ";
 64 
 65         return $clauses;
 66     }
 67 
 68     /**
 69      * Exclude order comments from queries and RSS
 70      *
 71      * @param string $join
 72      * @return string
 73      */
 74     public function exclude_order_comments_from_feed_join( $join ) {
 75         global $wpdb;
 76 
 77         if ( ! strstr( $join, $wpdb->posts ) ) 
 78             $join = " LEFT JOIN $wpdb->posts ON $wpdb->comments.comment_post_ID = $wpdb->posts.ID ";
 79 
 80         return $join;
 81     }
 82 
 83     /**
 84      * Exclude order comments from queries and RSS
 85      *
 86      * @param string $where
 87      * @return string
 88      */
 89     public function exclude_order_comments_from_feed_where( $where ) {
 90         global $wpdb;
 91 
 92         if ( $where )
 93             $where .= ' AND ';
 94 
 95         $where .= " $wpdb->posts.post_type NOT IN ('shop_order') ";
 96 
 97         return $where;
 98     }
 99 
100     /**
101      * Validate the comment ratings.
102      *
103      * @param array $comment_data
104      * @return array
105      */
106     public function check_comment_rating( $comment_data ) {
107         // If posting a comment (not trackback etc) and not logged in
108         if ( isset( $_POST['rating'] ) && empty( $_POST['rating'] ) && $comment_data['comment_type'] === '' && get_option('woocommerce_review_rating_required') === 'yes' ) {
109             wp_die( __( 'Please rate the product.', 'woocommerce' ) );
110             exit;
111         }
112         return $comment_data;
113     }
114 
115     /**
116      * Rating field for comments.
117      *
118      * @param mixed $comment_id
119      */
120     public function add_comment_rating( $comment_id ) {
121         if ( isset( $_POST['rating'] ) ) {
122 
123             if ( ! $_POST['rating'] || $_POST['rating'] > 5 || $_POST['rating'] < 0 )
124                 return;
125 
126             add_comment_meta( $comment_id, 'rating', (int) esc_attr( $_POST['rating'] ), true );
127 
128             $this->clear_transients( $comment_id );
129         }
130     }
131 
132     /**
133      * Clear transients for a review.
134      *
135      * @param mixed $comment_id
136      */
137     public function clear_transients( $comment_id ) {
138         $comment = get_comment( $comment_id );
139 
140         if ( ! empty( $comment->comment_post_ID ) ) {
141             delete_transient( 'wc_average_rating_' . absint( $comment->comment_post_ID ) );
142             delete_transient( 'wc_rating_count_' . absint( $comment->comment_post_ID ) );
143         }
144     }
145 }
146 
147 new WC_Comments();
148 

WooCommerce API documentation generated by ApiGen 2.8.0