WordPress的客人可以看到未经授权的评论

我创建了一个WordPress的评论网站与我的博客模板的帮助。WordPress的客人可以看到未经授权的评论

问题是。如果我登录，我只能看到批准的评论，因为它应该是。但是，如果我退出，像来宾，我可以看到所有评论，包括所有未经授权的评论。

这是我的代码：

<?php if (!empty($post->post_password) && $_COOKIE['wp-postpass_'.COOKIEHASH]!=$post->post_password) : ?> 
    <p id="comments-locked">Please log in to see the comments.</p> 
<?php return; endif; ?> 

<?php if ($comments) : ?> 

<?php 

    $author = array(
      "highlight" => "highlight", 
      "email" => "YOUR EMAIL HERE", 
      "name" => "YOUR NAME HERE" 
    ); 

    $numPingBacks = 0; 
    $numComments = 0; 

    foreach ($comments as $comment) { 
     if (get_comment_type() != "comment") { $numPingBacks++; } 
     else { $numComments++; } 
    } 

    $thiscomment = 'odd'; 
?> 

<?php 

    if ($numPingBacks != 0) : ?> 

    <h3 class="comments-header"><?php _e($numPingBacks); ?> Trackbacks/Pingbacks</h3> 
    <ol id="trackbacks"> 

<?php foreach ($comments as $comment) : ?> 
<?php if (get_comment_type()!="comment") : ?> 

    <li id="comment-<?php comment_ID() ?>" class="<?php _e($thiscomment); ?>"> 
    <?php comment_type(__('Comment'), __('Trackback'), __('Pingback')); ?>: 
    <?php comment_author_link(); ?> on <?php comment_date(); ?> 
    </li> 

    <?php if('odd'==$thiscomment) { $thiscomment = 'even'; } else { $thiscomment = 'odd'; } ?> 

<?php endif; endforeach; ?> 

    </ol> 

<?php endif; ?> 

<?php 

    if ($numComments != 0) : ?> 

    <h3 class="comments-header"><?php _e($numComments); ?> Comments</h3> 
    <ol id="comments"> 

    <?php foreach ($comments as $comment) : ?> 
    <?php if (get_comment_type()=="comment") : ?> 

     <li id="comment-<?php comment_ID(); ?>" class="<?php 

     $this_name = $comment->comment_author; 
     $this_email = $comment->comment_author_email; 

     if (strcasecmp($this_name, $author["name"])==0 && strcasecmp($this_email, $author["email"])==0) 
      _e($author["highlight"]); 
     else 
      _e($thiscomment); 

     ?>"> 
      <div class="comment-meta"> 
       <span class="comment-author"><?php comment_author_link() ?></span>, 
       <span class="comment-date"><?php comment_date() ?></span>: 
      </div> 
      <div class="comment-text"> 
       <?php comment_text(); ?> 
      </div> 
     </li> 

    <?php if('odd'==$thiscomment) { $thiscomment = 'even'; } else { $thiscomment = 'odd'; } ?> 

    <?php endif; endforeach; ?> 

    </ol> 

    <?php endif; ?> 

<?php else : 

?> 

    <h3 class="comments-header noPandM">There are no comments!</h3> 

    <p class="noPandM">Write the first Comment!</p> 
    <br /> 
<?php endif; ?> 

<?php if (comments_open()) : ?> 

    <div id="comments-form"> 

    <h3 id="comments-header">Write a Comment</h3> 
    <p class="commentsSmall"> Your E-Mail will not be published. Required fields are marked. </p> 
     <br /> 
    <?php if (get_option('comment_registration') && !$user_ID) : ?> 
     <p id="comments-blocked">You must be <a href="<?php echo get_option('siteurl'); ?>/wp-login.php?redirect_to= 
     <?php the_permalink(); ?>">Login</a> to write a Comment.</p> 
    <?php else : ?> 

    <form action="<?php echo get_option('siteurl'); ?>/wp-comments-post.php" method="post" id="commentform"> 

    <?php if ($user_ID) : ?> 

    <p>Logged in as <a href="<?php echo get_option('siteurl'); ?>/wp-admin/profile.php"> 
     <?php echo $user_identity; ?></a>. 
     <a href="<?php echo get_option('siteurl'); ?>/wp-login.php?action=logout" 
     title="Log out of this account">Logout</a> 
    </p> 

    <?php else : ?> 

    <p class="commentformlabel"><label for="author">Name<?php if ($req) _e(' (*)'); ?></label></p> 
    <p><input type="text" class="commentText" name="author" id="author" value="<?php echo $comment_author; ?>" size="22" /></p> 

    <p class="commentformlabel"><label for="email">E-mail <?php if ($req) _e(' (*)'); ?></label></p> 
    <p><input type="text" class="commentText" name="email" id="email" value="<?php echo $comment_author_email; ?>" size="22" /></p> 

    <p class="commentformlabel"><label for="url">Website</label></p> 
    <p><input type="text" class="commentText" name="url" id="url" value="<?php echo $comment_author_url; ?>" size="22" /></p> 

    <?php endif; ?> 
    <br /> 
    <p class="commentformlabel"><label for="comment">Comment</label></p> 
     <p><textarea name="comment" style="width:80% !important;" id="comment" rows="8"></textarea></p> 
      <br /> 
     <p><button type="submit" name="submit" id="sub">Submit</button> 
     <input type="hidden" name="comment_post_ID" value="<?php echo $id; ?>"></p> 

    <?php do_action('comment_form', $post->ID); ?> 

    </form> 
    </div> 

<?php endif; ?> 

<?php else : ?> 
    <p id="comments-closed">Sorry, but the Comments are closed in this Area!</p> 
<?php endif; ?>

感谢您的阅读！丹尼尔

来源

2014-10-30 egolive

问什么客人应该看到？没有评论或与登录用户相同的评论？ – 2014-10-30 15:38:02

他们应该看到与登录用户相同的评论。 – egolive 2014-10-30 17:45:42

当你定义'$ comments'时，你可以发布吗 – 2014-10-30 19:17:27

我认为你的问题是当你要求评论。

如果您正在使用get_comments()试试这个：

$args = array( 
    'status' => 'approve', 
    'post_id' => get_the_ID(), 
); 
$comments = get_comments($args); 
// pay attention for existing variables with the same name as defined here

来源

2014-10-30 20:11:52

我其实不知道$ comments来自哪里。正如我所说，我为此使用了一个模板。我无法理解$评论的来源。但我确实像你说： '批准'， 'POST_ID'=> get_the_ID（），）; $ comments = get_comments（$ args）; ？>你认为我可以这样做吗？至少它工作！ – egolive 2014-10-31 09:12:35

WordPress的客人可以看到未经授权的评论

回答

相关问题