Checks whether comment flooding is occurring.
Description
Won’t run, if current user can manage options, so to not block administrators.
Parameters
$is_floodboolrequired- Is a comment flooding occurring?
$ipstringrequired- Comment author’s IP address.
$emailstringrequired- Comment author’s email address.
$datestringrequired- MySQL time string.
$avoid_diebooloptional- When true, a disallowed comment will result in the function returning without executing wp_die() or die().
More Arguments from wp_die( … $args )
Arguments to control behavior. If$argsis an integer, then it is treated as the response code.
responseintThe HTTP response code. Default 200 for Ajax requests, 500 otherwise.link_urlstringA URL to include a link to. Only works in combination with $link_text.
Default empty string.link_textstringA label for the link to include. Only works in combination with $link_url.
Default empty string.back_linkboolWhether to include a link to go back. Default false.text_directionstringThe text direction. This is only useful internally, when WordPress is still loading and the site’s locale is not set up yet. Accepts'rtl'and'ltr'.
Default is the value of is_rtl() .charsetstringCharacter set of the HTML output. Default'utf-8'.codestringError code to use. Default is'wp_die', or the main error code if $message is a WP_Error.exitboolWhether to exit the process after completion. Default true.
Default:
false
Source
function wp_check_comment_flood( $is_flood, $ip, $email, $date, $avoid_die = false ) {
global $wpdb;
// Another callback has declared a flood. Trust it.
if ( true === $is_flood ) {
return $is_flood;
}
// Don't throttle admins or moderators.
if ( current_user_can( 'manage_options' ) || current_user_can( 'moderate_comments' ) ) {
return false;
}
$hour_ago = gmdate( 'Y-m-d H:i:s', time() - HOUR_IN_SECONDS );
if ( is_user_logged_in() ) {
$user = get_current_user_id();
$check_column = '`user_id`';
} else {
$user = $ip;
$check_column = '`comment_author_IP`';
}
$sql = $wpdb->prepare(
"SELECT `comment_date_gmt` FROM `$wpdb->comments` WHERE `comment_date_gmt` >= %s AND ( $check_column = %s OR `comment_author_email` = %s ) ORDER BY `comment_date_gmt` DESC LIMIT 1",
$hour_ago,
$user,
$email
);
$lasttime = $wpdb->get_var( $sql );
if ( $lasttime ) {
$time_lastcomment = mysql2date( 'U', $lasttime, false );
$time_newcomment = mysql2date( 'U', $date, false );
/**
* Filters the comment flood status.
*
* @since 2.1.0
*
* @param bool $bool Whether a comment flood is occurring. Default false.
* @param int $time_lastcomment Timestamp of when the last comment was posted.
* @param int $time_newcomment Timestamp of when the new comment was posted.
*/
$flood_die = apply_filters( 'comment_flood_filter', false, $time_lastcomment, $time_newcomment );
if ( $flood_die ) {
/**
* Fires before the comment flood message is triggered.
*
* @since 1.5.0
*
* @param int $time_lastcomment Timestamp of when the last comment was posted.
* @param int $time_newcomment Timestamp of when the new comment was posted.
*/
do_action( 'comment_flood_trigger', $time_lastcomment, $time_newcomment );
if ( $avoid_die ) {
return true;
} else {
/**
* Filters the comment flood error message.
*
* @since 5.2.0
*
* @param string $comment_flood_message Comment flood error message.
*/
$comment_flood_message = apply_filters( 'comment_flood_message', __( 'You are posting comments too quickly. Slow down.' ) );
if ( wp_doing_ajax() ) {
die( $comment_flood_message );
}
wp_die( $comment_flood_message, 429 );
}
}
}
return false;
}
Hooks
- apply_filters( ‘comment_flood_filter’,
bool $bool ,int $time_lastcomment ,int $time_newcomment ) Filters the comment flood status.
- apply_filters( ‘comment_flood_message’,
string $comment_flood_message ) Filters the comment flood error message.
- do_action( ‘comment_flood_trigger’,
int $time_lastcomment ,int $time_newcomment ) Fires before the comment flood message is triggered.
Changelog
| Version | Description |
|---|---|
| 4.7.0 | Introduced. |
User Contributed Notes
You must log in before being able to contribute a note or feedback.