comment_post_ID ) should keep them safe since only admin and * shop managers can view orders anyway. * * The frontend view order pages get around this filter by using remove_filter('comments_clauses', array( 'WC_Comments' ,'exclude_order_comments'), 10, 1 ); * * @param array $clauses * @return array */ public static function exclude_order_comments( $clauses ) { global $wpdb, $typenow, $pagenow; if ( is_admin() && $typenow == 'shop_order' && current_user_can( 'manage_woocommerce' ) ) return $clauses; // Don't hide when viewing orders in admin if ( ! $clauses['join'] ) $clauses['join'] = ''; if ( ! strstr( $clauses['join'], "JOIN $wpdb->posts" ) ) $clauses['join'] .= " LEFT JOIN $wpdb->posts ON comment_post_ID = $wpdb->posts.ID "; if ( $clauses['where'] ) $clauses['where'] .= ' AND '; $clauses['where'] .= " $wpdb->posts.post_type NOT IN ('shop_order') "; return $clauses; } /** * Exclude order comments from queries and RSS * * @param string $join * @return string */ public function exclude_order_comments_from_feed_join( $join ) { global $wpdb; if ( ! strstr( $join, $wpdb->posts ) ) $join = " LEFT JOIN $wpdb->posts ON $wpdb->comments.comment_post_ID = $wpdb->posts.ID "; return $join; } /** * Exclude order comments from queries and RSS * * @param string $where * @return string */ public function exclude_order_comments_from_feed_where( $where ) { global $wpdb; if ( $where ) $where .= ' AND '; $where .= " $wpdb->posts.post_type NOT IN ('shop_order') "; return $where; } /** * Validate the comment ratings. * * @param array $comment_data * @return array */ public function check_comment_rating( $comment_data ) { // If posting a comment (not trackback etc) and not logged in if ( isset( $_POST['rating'] ) && empty( $_POST['rating'] ) && $comment_data['comment_type'] === '' && get_option('woocommerce_review_rating_required') === 'yes' ) { wp_die( __( 'Please rate the product.', 'woocommerce' ) ); exit; } return $comment_data; } /** * Rating field for comments. * * @param mixed $comment_id */ public function add_comment_rating( $comment_id ) { if ( isset( $_POST['rating'] ) ) { if ( ! $_POST['rating'] || $_POST['rating'] > 5 || $_POST['rating'] < 0 ) return; add_comment_meta( $comment_id, 'rating', (int) esc_attr( $_POST['rating'] ), true ); $this->clear_transients( $comment_id ); } } /** * Clear transients for a review. * * @param mixed $comment_id */ public function clear_transients( $comment_id ) { $comment = get_comment( $comment_id ); if ( ! empty( $comment->comment_post_ID ) ) { delete_transient( 'wc_average_rating_' . absint( $comment->comment_post_ID ) ); delete_transient( 'wc_rating_count_' . absint( $comment->comment_post_ID ) ); } } } new WC_Comments();