wp_xmlrpc_server::wp_newComment( array $args ): int|IXR_Error

In this article

Creates a new comment.

Parameters

$argsarrayrequired
Method arguments. Note: arguments must be ordered as documented.
  • int
    Blog ID (unused).
  • 1 string
    Username.
  • 2 string
    Password.
  • 3 string|int
    Post ID or URL.
  • 4 array
    Content structure.

Return

int|IXR_Error See wp_new_comment() .

Source

public function wp_newComment( $args ) {
	$this->escape( $args );

	$username       = $args[1];
	$password       = $args[2];
	$post           = $args[3];
	$content_struct = $args[4];

	/**
	 * Filters whether to allow anonymous comments over XML-RPC.
	 *
	 * @since 2.7.0
	 *
	 * @param bool $allow Whether to allow anonymous commenting via XML-RPC.
	 *                    Default false.
	 */
	$allow_anon = apply_filters( 'xmlrpc_allow_anonymous_comments', false );

	$user = $this->login( $username, $password );

	if ( ! $user ) {
		$logged_in = false;
		if ( $allow_anon && get_option( 'comment_registration' ) ) {
			return new IXR_Error( 403, __( 'Sorry, you must be logged in to comment.' ) );
		} elseif ( ! $allow_anon ) {
			return $this->error;
		}
	} else {
		$logged_in = true;
	}

	if ( is_numeric( $post ) ) {
		$post_id = absint( $post );
	} else {
		$post_id = url_to_postid( $post );
	}

	if ( ! $post_id ) {
		return new IXR_Error( 404, __( 'Invalid post ID.' ) );
	}

	if ( ! get_post( $post_id ) ) {
		return new IXR_Error( 404, __( 'Invalid post ID.' ) );
	}

	if ( ! comments_open( $post_id ) ) {
		return new IXR_Error( 403, __( 'Sorry, comments are closed for this item.' ) );
	}

	if (
		'publish' === get_post_status( $post_id ) &&
		! current_user_can( 'edit_post', $post_id ) &&
		post_password_required( $post_id )
	) {
		return new IXR_Error( 403, __( 'Sorry, you are not allowed to comment on this post.' ) );
	}

	if (
		'private' === get_post_status( $post_id ) &&
		! current_user_can( 'read_post', $post_id )
	) {
		return new IXR_Error( 403, __( 'Sorry, you are not allowed to comment on this post.' ) );
	}

	$comment = array(
		'comment_post_ID' => $post_id,
		'comment_content' => trim( $content_struct['content'] ),
	);

	if ( $logged_in ) {
		$display_name = $user->display_name;
		$user_email   = $user->user_email;
		$user_url     = $user->user_url;

		$comment['comment_author']       = $this->escape( $display_name );
		$comment['comment_author_email'] = $this->escape( $user_email );
		$comment['comment_author_url']   = $this->escape( $user_url );
		$comment['user_id']              = $user->ID;
	} else {
		$comment['comment_author'] = '';
		if ( isset( $content_struct['author'] ) ) {
			$comment['comment_author'] = $content_struct['author'];
		}

		$comment['comment_author_email'] = '';
		if ( isset( $content_struct['author_email'] ) ) {
			$comment['comment_author_email'] = $content_struct['author_email'];
		}

		$comment['comment_author_url'] = '';
		if ( isset( $content_struct['author_url'] ) ) {
			$comment['comment_author_url'] = $content_struct['author_url'];
		}

		$comment['user_id'] = 0;

		if ( get_option( 'require_name_email' ) ) {
			if ( strlen( $comment['comment_author_email'] ) < 6 || '' === $comment['comment_author'] ) {
				return new IXR_Error( 403, __( 'Comment author name and email are required.' ) );
			} elseif ( ! is_email( $comment['comment_author_email'] ) ) {
				return new IXR_Error( 403, __( 'A valid email address is required.' ) );
			}
		}
	}

	$comment['comment_parent'] = isset( $content_struct['comment_parent'] ) ? absint( $content_struct['comment_parent'] ) : 0;

	/** This filter is documented in wp-includes/comment.php */
	$allow_empty = apply_filters( 'allow_empty_comment', false, $comment );

	if ( ! $allow_empty && '' === $comment['comment_content'] ) {
		return new IXR_Error( 403, __( 'Comment is required.' ) );
	}

	/** This action is documented in wp-includes/class-wp-xmlrpc-server.php */
	do_action( 'xmlrpc_call', 'wp.newComment', $args, $this );

	$comment_id = wp_new_comment( $comment, true );
	if ( is_wp_error( $comment_id ) ) {
		return new IXR_Error( 403, $comment_id->get_error_message() );
	}

	if ( ! $comment_id ) {
		return new IXR_Error( 403, __( 'Something went wrong.' ) );
	}

	/**
	 * Fires after a new comment has been successfully created via XML-RPC.
	 *
	 * @since 3.4.0
	 *
	 * @param int   $comment_id ID of the new comment.
	 * @param array $args       An array of new comment arguments.
	 */
	do_action( 'xmlrpc_call_success_wp_newComment', $comment_id, $args ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.NotLowercase

	return $comment_id;
}

Hooks

apply_filters( ‘allow_empty_comment’, bool $allow_empty_comment, array $commentdata )

Filters whether an empty comment should be allowed.

apply_filters( ‘xmlrpc_allow_anonymous_comments’, bool $allow )

Filters whether to allow anonymous comments over XML-RPC.

do_action( ‘xmlrpc_call’, string $name, array|string $args, wp_xmlrpc_server $server )

Fires after the XML-RPC user has been authenticated but before the rest of the method logic begins.

do_action( ‘xmlrpc_call_success_wp_newComment’, int $comment_id, array $args )

Fires after a new comment has been successfully created via XML-RPC.

Changelog

VersionDescription
2.7.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.