Title: wp_check_comment_flood
Published: December 6, 2016
Last modified: February 24, 2026

---

# wp_check_comment_flood( bool $is_flood, string $ip, string $email, string $date, bool $avoid_die = false ): bool

## In this article

 * [Description](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#description)
 * [Parameters](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#parameters)
 * [Return](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#return)
 * [Source](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#source)
 * [Hooks](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#hooks)
 * [Related](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#related)
 * [Changelog](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#changelog)

[ Back to top](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#wp--skip-link--target)

Checks whether comment flooding is occurring.

## 󠀁[Description](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#description)󠁿

Won’t run, if current user can manage options, so to not block administrators.

## 󠀁[Parameters](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#parameters)󠁿

 `$is_flood`boolrequired

Is a comment flooding occurring?

`$ip`stringrequired

Comment author’s IP address.

`$email`stringrequired

Comment author’s email address.

`$date`stringrequired

MySQL time string.

`$avoid_die`booloptional

When true, a disallowed comment will result in the function returning without executing
[wp_die()](https://developer.wordpress.org/reference/functions/wp_die/) or die().

More Arguments from wp_die( … $args )

Arguments to control behavior. If `$args` is an integer, then it is treated as the
response code.

 * `response` int
 * The HTTP response code. Default 200 for Ajax requests, 500 otherwise.
 * `link_url` string
 * A URL to include a link to. Only works in combination with $link_text.
 * `link_text` string
 * A label for the link to include. Only works in combination with $link_url.
 * `back_link` bool
 * Whether to include a link to go back. Default false.
 * `text_direction` string
 * The text direction. This is only useful internally, when WordPress is still loading
   and the site’s locale is not set up yet. Accepts `'rtl'` and `'ltr'`.
    Default
   is the value of [is_rtl()](https://developer.wordpress.org/reference/functions/is_rtl/).
 * `charset` string
 * Character set of the HTML output. Default `'utf-8'`.
 * `code` string
 * Error code to use. Default is `'wp_die'`, or the main error code if $message 
   is a [WP_Error](https://developer.wordpress.org/reference/classes/wp_error/).
 * `exit` bool
 * Whether to exit the process after completion. Default true.

Default:`false`

## 󠀁[Return](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#return)󠁿

 bool Whether comment flooding is occurring.

## 󠀁[Source](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#source)󠁿

    ```php
    function wp_check_comment_flood( $is_flood, $ip, $email, $date, $avoid_die = false ) {
    	global $wpdb;

    	// Another callback has declared a flood. Trust it.
    	if ( true === $is_flood ) {
    		return $is_flood;
    	}

    	// Don't throttle admins or moderators.
    	if ( current_user_can( 'manage_options' ) || current_user_can( 'moderate_comments' ) ) {
    		return false;
    	}

    	$hour_ago = gmdate( 'Y-m-d H:i:s', time() - HOUR_IN_SECONDS );

    	if ( is_user_logged_in() ) {
    		$user         = get_current_user_id();
    		$check_column = '`user_id`';
    	} else {
    		$user         = $ip;
    		$check_column = '`comment_author_IP`';
    	}

    	$sql = $wpdb->prepare(
    		"SELECT `comment_date_gmt` FROM `$wpdb->comments` WHERE `comment_date_gmt` >= %s AND ( $check_column = %s OR `comment_author_email` = %s ) ORDER BY `comment_date_gmt` DESC LIMIT 1",
    		$hour_ago,
    		$user,
    		$email
    	);

    	$lasttime = $wpdb->get_var( $sql );

    	if ( $lasttime ) {
    		$time_lastcomment = mysql2date( 'U', $lasttime, false );
    		$time_newcomment  = mysql2date( 'U', $date, false );

    		/**
    		 * Filters the comment flood status.
    		 *
    		 * @since 2.1.0
    		 *
    		 * @param bool $bool             Whether a comment flood is occurring. Default false.
    		 * @param int  $time_lastcomment Timestamp of when the last comment was posted.
    		 * @param int  $time_newcomment  Timestamp of when the new comment was posted.
    		 */
    		$flood_die = apply_filters( 'comment_flood_filter', false, $time_lastcomment, $time_newcomment );

    		if ( $flood_die ) {
    			/**
    			 * Fires before the comment flood message is triggered.
    			 *
    			 * @since 1.5.0
    			 *
    			 * @param int $time_lastcomment Timestamp of when the last comment was posted.
    			 * @param int $time_newcomment  Timestamp of when the new comment was posted.
    			 */
    			do_action( 'comment_flood_trigger', $time_lastcomment, $time_newcomment );

    			if ( $avoid_die ) {
    				return true;
    			} else {
    				/**
    				 * Filters the comment flood error message.
    				 *
    				 * @since 5.2.0
    				 *
    				 * @param string $comment_flood_message Comment flood error message.
    				 */
    				$comment_flood_message = apply_filters( 'comment_flood_message', __( 'You are posting comments too quickly. Slow down.' ) );

    				if ( wp_doing_ajax() ) {
    					die( $comment_flood_message );
    				}

    				wp_die( $comment_flood_message, 429 );
    			}
    		}
    	}

    	return false;
    }
    ```

[View all references](https://developer.wordpress.org/reference/files/wp-includes/comment.php/)
[View on Trac](https://core.trac.wordpress.org/browser/tags/6.9.4/src/wp-includes/comment.php#L848)
[View on GitHub](https://github.com/WordPress/wordpress-develop/blob/6.9.4/src/wp-includes/comment.php#L848-L928)

## 󠀁[Hooks](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#hooks)󠁿

 [apply_filters( ‘comment_flood_filter’, bool $bool, int $time_lastcomment, int $time_newcomment )](https://developer.wordpress.org/reference/hooks/comment_flood_filter/)

Filters the comment flood status.

 [apply_filters( ‘comment_flood_message’, string $comment_flood_message )](https://developer.wordpress.org/reference/hooks/comment_flood_message/)

Filters the comment flood error message.

 [do_action( ‘comment_flood_trigger’, int $time_lastcomment, int $time_newcomment )](https://developer.wordpress.org/reference/hooks/comment_flood_trigger/)

Fires before the comment flood message is triggered.

## 󠀁[Related](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#related)󠁿

| Uses | Description | 
| [wp_doing_ajax()](https://developer.wordpress.org/reference/functions/wp_doing_ajax/)`wp-includes/load.php` |

Determines whether the current request is a WordPress Ajax request.

  | 
| [mysql2date()](https://developer.wordpress.org/reference/functions/mysql2date/)`wp-includes/functions.php` |

Converts given MySQL date string into a different format.

  | 
| [current_user_can()](https://developer.wordpress.org/reference/functions/current_user_can/)`wp-includes/capabilities.php` |

Returns whether the current user has the specified capability.

  | 
| [__()](https://developer.wordpress.org/reference/functions/__/)`wp-includes/l10n.php` |

Retrieves the translation of $text.

  | 
| [is_user_logged_in()](https://developer.wordpress.org/reference/functions/is_user_logged_in/)`wp-includes/pluggable.php` |

Determines whether the current visitor is a logged in user.

  | 
| [wp_die()](https://developer.wordpress.org/reference/functions/wp_die/)`wp-includes/functions.php` |

Kills WordPress execution and displays HTML page with an error message.

  | 
| [apply_filters()](https://developer.wordpress.org/reference/functions/apply_filters/)`wp-includes/plugin.php` |

Calls the callback functions that have been added to a filter hook.

  | 
| [do_action()](https://developer.wordpress.org/reference/functions/do_action/)`wp-includes/plugin.php` |

Calls the callback functions that have been added to an action hook.

  | 
| [get_current_user_id()](https://developer.wordpress.org/reference/functions/get_current_user_id/)`wp-includes/user.php` |

Gets the current user’s ID.

  | 
| [wpdb::get_var()](https://developer.wordpress.org/reference/classes/wpdb/get_var/)`wp-includes/class-wpdb.php` |

Retrieves one value from the database.

  | 
| [wpdb::prepare()](https://developer.wordpress.org/reference/classes/wpdb/prepare/)`wp-includes/class-wpdb.php` |

Prepares a SQL query for safe execution.

  |

[Show 9 more](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#)
[Show less](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#)

## 󠀁[Changelog](https://developer.wordpress.org/reference/functions/wp_check_comment_flood/?output_format=md#changelog)󠁿

| Version | Description | 
| [4.7.0](https://developer.wordpress.org/reference/since/4.7.0/) | Introduced. |

## User Contributed Notes

You must [log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fdeveloper.wordpress.org%2Freference%2Ffunctions%2Fwp_check_comment_flood%2F)
before being able to contribute a note or feedback.