wp_check_comment_disallowed_list( string $author, string $email, string $url, string $comment, string $user_ip, string $user_agent )
Checks if a comment contains disallowed characters or words.
Parameters
- $author
-
(string) (Required) The author of the comment
-
(string) (Required) The email of the comment
- $url
-
(string) (Required) The url used in the comment
- $comment
-
(string) (Required) The comment content
- $user_ip
-
(string) (Required) The comment author's IP address
- $user_agent
-
(string) (Required) The author's browser user agent
Return
(bool) True if comment contains disallowed content, false if comment does not
Source
File: wp-includes/comment.php
function wp_check_comment_disallowed_list( $author, $email, $url, $comment, $user_ip, $user_agent ) {
/**
* Fires before the comment is tested for disallowed characters or words.
*
* @since 1.5.0
* @deprecated 5.5.0 Use {@see 'wp_check_comment_disallowed_list'} instead.
*
* @param string $author Comment author.
* @param string $email Comment author's email.
* @param string $url Comment author's URL.
* @param string $comment Comment content.
* @param string $user_ip Comment author's IP address.
* @param string $user_agent Comment author's browser user agent.
*/
do_action_deprecated(
'wp_blacklist_check',
array( $author, $email, $url, $comment, $user_ip, $user_agent ),
'5.5.0',
'wp_check_comment_disallowed_list',
__( 'Please consider writing more inclusive code.' )
);
/**
* Fires before the comment is tested for disallowed characters or words.
*
* @since 5.5.0
*
* @param string $author Comment author.
* @param string $email Comment author's email.
* @param string $url Comment author's URL.
* @param string $comment Comment content.
* @param string $user_ip Comment author's IP address.
* @param string $user_agent Comment author's browser user agent.
*/
do_action( 'wp_check_comment_disallowed_list', $author, $email, $url, $comment, $user_ip, $user_agent );
$mod_keys = trim( get_option( 'disallowed_keys' ) );
if ( '' === $mod_keys ) {
return false; // If moderation keys are empty.
}
// Ensure HTML tags are not being used to bypass the list of disallowed characters and words.
$comment_without_html = wp_strip_all_tags( $comment );
$words = explode( "\n", $mod_keys );
foreach ( (array) $words as $word ) {
$word = trim( $word );
// Skip empty lines.
if ( empty( $word ) ) {
continue; }
// Do some escaping magic so that '#' chars
// in the spam words don't break things:
$word = preg_quote( $word, '#' );
$pattern = "#$word#i";
if ( preg_match( $pattern, $author )
|| preg_match( $pattern, $email )
|| preg_match( $pattern, $url )
|| preg_match( $pattern, $comment )
|| preg_match( $pattern, $comment_without_html )
|| preg_match( $pattern, $user_ip )
|| preg_match( $pattern, $user_agent )
) {
return true;
}
}
return false;
} Changelog
| Version | Description |
|---|---|
| 5.5.0 | Introduced. |
© 2003–2021 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/wp_check_comment_disallowed_list