CVE-2021-4408: Handle.php in dw-question-answer/trunk/inc – WordPress Plugin Repository

1<?php23class DWQA_Handle {4 public function __construct() {5 // question6 add_action( 'wp_loaded’, array( $this, ‘submit_question’ ), 11 );7 add_action( 'wp_loaded’, array( $this, ‘update_question’ ) );89 // answer10 add_action( 'wp_loaded’, array( $this, ‘insert_answer’) );11 add_action( 'wp_loaded’, array( $this, ‘update_answer’ ) );1213 // comment14 add_action( 'wp_loaded’, array( $this, ‘insert_comment’ ) );15 add_action( 'wp_loaded’, array( $this, ‘update_comment’ ) );16 }1718 public function insert_answer() {19 global $dwqa_options;20 if ( ! isset( $_POST[‘dwqa-action’] ) || ! isset( $_POST[‘submit-answer’] ) ) {21 return false;22 }23 // do_action( 'dwqa_add_answer’, $answer_id, $question_id );24 // die();25 if ( ‘add-answer’ !== sanitize_text_field( $_POST[‘dwqa-action’] ) ) {26 return false;27 }2829 if ( ! isset( $_POST[‘_wpnonce’] ) || ! wp_verify_nonce( esc_html( $_POST[‘_wpnonce’] ), ‘_dwqa_add_new_answer’ ) ) {30 dwqa_add_notice( __( '"Helllo", Are you cheating huh?.’, ‘dw-question-answer’ ), ‘error’ );31 }3233 if ( sanitize_text_field( $_POST[‘submit-answer’] ) == __( 'Delete draft’, ‘dw-question-answer’ ) ) {34 $draft = isset( $_POST[‘answer-id’] ) ? intval( $_POST[‘answer-id’] ) : 0;35 if ( $draft )36 wp_delete_post( $draft );37 }3839 if ( empty( $_POST[‘answer-content’] ) ) {40 dwqa_add_notice( __( 'Answer content is empty’, ‘dw-question-answer’ ), ‘error’ );41 }42 if ( empty( $_POST[‘question_id’] ) ) {43 dwqa_add_notice( __( 'Question is empty’, ‘dw-question-answer’ ), ‘error’ );44 }4546 if ( !dwqa_current_user_can( ‘post_answer’ ) ) {47 dwqa_add_notice( __( 'You do not have permission to submit question.’, ‘dw-question-answer’ ), ‘error’ );48 }4950 if ( !is_user_logged_in() && ( empty( $_POST[‘user-email’] ) || !is_email( sanitize_email( $_POST[‘user-email’] ) ) ) ) {51 dwqa_add_notice( __( 'Missing email information’, ‘dw-question-answer’ ), ‘error’ );52 }5354 if ( !is_user_logged_in() && ( empty( $_POST[‘user-name’] ) ) ) {55 dwqa_add_notice( __( 'Missing name information’, ‘dw-question-answer’ ), ‘error’ );56 }5758 if ( !dwqa_valid_captcha( ‘single-question’ ) ) {59 dwqa_add_notice( __( 'Captcha is not correct’, ‘dw-question-answer’ ), ‘error’ );60 }6162 $user_id = 0;63 $is_anonymous = false;64 if ( is_user_logged_in() ) {65 $user_id = get_current_user_id();66 } else {67 $is_anonymous = true;68 if ( isset( $_POST[‘user-email’] ) && is_email( $_POST[‘user-email’] ) ) {69 $post_author_email = sanitize_email( $_POST[‘user-email’] );70 }71 if ( isset( $_POST[‘user-name’] ) && !empty( $_POST[‘user-name’] ) ) {72 $post_author_name = sanitize_text_field( $_POST[‘user-name’] );73 }74 }7576 $question_id = intval( $_POST[‘question_id’] );7778 $answer_title = __( 'Answer for ', ‘dw-question-answer’ ) . get_post_field( 'post_title’, $question_id );79 $answ_content = apply_filters( 'dwqa_prepare_answer_content’, $_POST[‘answer-content’] );8081 $answers = array(82 ‘comment_status’ => 'open’,83 ‘post_author’ => $user_id,84 ‘post_content’ => $answ_content,85 ‘post_title’ => $answer_title,86 ‘post_type’ => 'dwqa-answer’,87 ‘post_parent’ => $question_id,88 );8990 $answers[‘post_status’] = isset( $_POST[‘save-draft’] )91 ? 'draft’92 : ( isset( $_POST[‘dwqa-status’] ) && $_POST[‘dwqa-status’] ? sanitize_text_field( $_POST[‘dwqa-status’] ) : ‘publish’ );9394 do_action( ‘dwqa_prepare_add_answer’ );9596 if ( dwqa_count_notices( ‘error’ ) > 0 ) {97 return false;98 }99100 $answers = apply_filters( 'dwqa_insert_answer_args’, $answers );101 102 $answer_id = wp_insert_post( $answers );103104 if ( !is_wp_error( $answer_id ) ) {105 if ( $answers[‘post_status’] != ‘draft’ ) {106 update_post_meta( $question_id, '_dwqa_status’, ‘answered’ );107 update_post_meta( $question_id, '_dwqa_answered_time’, time() );108 update_post_meta( $answer_id, '_dwqa_votes’, 0 );109 $answer_count = get_post_meta( $question_id, '_dwqa_answers_count’, true );110 update_post_meta( $question_id, '_dwqa_answers_count’, (int) $answer_count + 1 );111 }112113 if ( $is_anonymous ) {114 update_post_meta( $answer_id, '_dwqa_is_anonymous’, true );115116 if ( isset( $post_author_email ) && is_email( $post_author_email ) ) {117 update_post_meta( $answer_id, '_dwqa_anonymous_email’, $post_author_email );118 }119120 if ( isset( $post_author_name ) && !empty( $post_author_name ) ) {121 update_post_meta( $answer_id, '_dwqa_anonymous_name’, $post_author_name );122 }123 } else {124 if ( !dwqa_is_followed( $question_id, get_current_user_id() ) ) {125 add_post_meta( $question_id, '_dwqa_followers’, get_current_user_id() );126 }127 }128129 do_action( 'dwqa_add_answer’, $answer_id, $question_id );130 $this->update_modified_date( $question_id , current_time( 'timestamp’, 0 ), current_time( 'timestamp’, 1 ) );131132 exit( wp_redirect( get_permalink( $question_id ) ) );133 } else {134 dwqa_add_wp_error_message( $answer_id );135 }136 }137138 public function update_answer() {139 if ( isset( $_POST[‘dwqa-edit-answer-submit’] ) ) {140 if ( !dwqa_current_user_can( ‘edit_answer’ ) ) {141 dwqa_add_notice( __( "You do not have permission to edit answer.", ‘dw-question-answer’ ), ‘error’ );142 }143144 if ( !isset( $_POST[‘_wpnonce’] ) && !wp_verify_nonce( esc_html( $_POST[‘_wpnonce’] ), ‘_dwqa_edit_answer’ ) ) {145 // dwqa_add_notice( __( 'Hello, Are you cheating huh?’, ‘dw-question-answer’ ), ‘error’ );146 wp_die( __( 'Are you cheating huh?’, ‘dwqa’ ) );147 }148149 $answer_content = apply_filters( 'dwqa_prepare_edit_answer_content’, $_POST[‘answer_content’] );150 if ( empty( $answer_content ) ) {151 dwqa_add_notice( __( 'You must enter a valid answer content.’, ‘dw-question-answer’ ), ‘error’ );152 }153154 $answer_id = isset( $_POST[‘answer_id’] ) ? intval( $_POST[‘answer_id’] ) : false;155156 if ( !$answer_id ) {157 dwqa_add_notice( __( 'Answer is missing.’, ‘dw-question-answer’ ), ‘error’ );158 }159160 if ( ‘dwqa-answer’ !== get_post_type( $answer_id ) ) {161 dwqa_add_notice( __( 'This post is not answer.’, ‘dw-question-answer’ ), ‘error’ );162 }163164 do_action( 'dwqa_prepare_insert_question’, $answer_id );165166 if ( dwqa_count_notices( ‘error’ ) > 0 ) {167 return false;168 }169170 $args = array(171 ‘ID’ => $answer_id,172 ‘post_content’ => $answer_content173 );174175 $new_answer_id = wp_update_post( $args );176177 if ( !is_wp_error( $new_answer_id ) ) {178 $old_post = get_post( $answer_id );179 $new_post = get_post( $new_answer_id );180 do_action( 'dwqa_update_answer’, $new_answer_id, $old_post, $new_post );181 $question_id = dwqa_get_post_parent_id( $new_answer_id );182 $this->update_modified_date( $question_id , current_time( 'sql’, 0 ), current_time( 'sql’, 1 ) );183184 wp_safe_redirect( get_permalink( $question_id ) . '#answer-' . $new_answer_id );185 } else {186 dwqa_add_wp_error_message( $new_answer_id );187 return false;188 }189 exit();190 }191 }192193 public function insert_comment() {194 global $current_user;195 if ( isset( $_POST[‘comment-submit’] ) ) {196 if ( ! dwqa_current_user_can( ‘post_comment’ ) ) {197 dwqa_add_notice( __( 'You can\’t post comment’, ‘dw-question-answer’ ), 'error’, true );198 }199 if ( ! isset( $_POST[‘comment_post_ID’] ) ) {200 dwqa_add_notice( __( 'Missing post id.’, ‘dw-question-answer’ ), 'error’, true );201 }202 $comment_content = isset( $_POST[‘comment’] ) ? $_POST[‘comment’] : '’;203 $comment_content = apply_filters( 'dwqa_pre_comment_content’, $comment_content );204205 if ( empty( $comment_content ) ) {206 dwqa_add_notice( __( 'Please enter your comment content’, ‘dw-question-answer’ ), 'error’, true );207 }208209 $args = array(210 ‘comment_post_ID’ => intval( $_POST[‘comment_post_ID’] ),211 ‘comment_content’ => $comment_content,212 ‘comment_parent’ => isset( $_POST[‘comment_parent’]) ? intval( $_POST[‘comment_parent’] ) : 0,213 ‘comment_type’ => 'dwqa-comment’214 );215216 if ( is_user_logged_in() ) {217 $args[‘user_id’] = $current_user->ID;218 $args[‘comment_author’] = $current_user->display_name;219 } else {220 if ( ! isset( $_POST[‘email’] ) || ! sanitize_email( $_POST[‘email’] ) ) {221 dwqa_add_notice( __( 'Missing email information’, ‘dw-question-answer’ ), 'error’, true );222 }223224 if ( ! isset( $_POST[‘name’] ) || empty( $_POST[‘name’] ) ) {225 dwqa_add_notice( __( 'Missing name information’, ‘dw-question-answer’ ), 'error’, true );226 }227228 $args[‘comment_author’] = isset( $_POST[‘name’] ) ? sanitize_text_field( $_POST[‘name’] ) : 'Anonymous’;229 $args[‘comment_author_email’] = sanitize_email( $_POST[‘email’] );230 $args[‘comment_author_url’] = isset( $_POST[‘url’] ) ? esc_url( $_POST[‘url’] ) : '’;231 $args[‘user_id’] = -1;232 }233 234 $question_id = absint( $_POST[‘comment_post_ID’] );235 if ( ‘dwqa-answer’ == get_post_type( $question_id ) ) {236 $question_id = dwqa_get_question_from_answer_id( $question_id );237 }238 $redirect_to = get_permalink( $question_id );239240 if ( isset( $_GET[‘ans-page’] ) ) {241 $redirect_to = add_query_arg( 'ans-page’, absint( $_GET[‘ans-page’] ), $redirect_to );242 }243244 245246 247248 if ( dwqa_count_notices( 'error’, true ) > 0 ) {249 $redirect_to = apply_filters( 'dwqa_submit_comment_error_redirect’, $redirect_to, $question_id);250 exit(wp_safe_redirect( $redirect_to ));251 return false;252 }253 254 $args = apply_filters( 'dwqa_insert_comment_args’, $args );255256 $comment_id = wp_insert_comment( $args );257258 global $comment;259 $comment = get_comment( $comment_id );260 $client_id = isset( $_POST[‘clientId’] ) ? sanitize_text_field( $_POST[‘clientId’] ) : false;261 do_action( 'dwqa_add_comment’, $comment_id, $client_id );262 263 $redirect_to = apply_filters( 'dwqa_submit_comment_success_redirect’, $redirect_to, $question_id);264 exit(wp_safe_redirect( $redirect_to ));265 }266 }267268 public function update_comment() {269 global $post_submit_filter;270 if ( isset( $_POST[‘dwqa-edit-comment-submit’] ) ) {271 if ( ! isset( $_POST[‘comment_id’]) ) {272 dwqa_add_notice( __( 'Comment is missing’, ‘dw-question-answer’ ), ‘error’ );273 }274 $comment_id = intval( $_POST[‘comment_id’] );275 $comment_content = isset( $_POST[‘comment_content’] ) ? $_POST[‘comment_content’] : '’;276 $comment_content = apply_filters( 'dwqa_pre_update_comment_content’, $comment_content );277278 if ( ! isset( $_POST[‘_wpnonce’] ) || ! wp_verify_nonce( sanitize_text_field( $_POST[‘_wpnonce’] ), ‘_dwqa_edit_comment’ ) ) {279 // dwqa_add_notice( __( 'Are you cheating huh?’, ‘dw-question-answer’ ), ‘error’ );280 wp_die( __( 'Are you cheating huh?’, ‘dwqa’ ) );281 }282283 if ( !dwqa_current_user_can( 'edit_comment’, $comment_id ) ) {284 dwqa_add_notice( __( 'You do not have permission to edit comment.’, ‘dw-question-answer’ ), ‘error’ );285 }286287 if ( strlen( $comment_content ) <= 0 || ! isset( $comment_id ) || ( int )$comment_id <= 0 ) {288 dwqa_add_notice( __( 'Comment content must not be empty.’, ‘dw-question-answer’ ), ‘error’ );289 } else {290 $commentarr = array(291 ‘comment_ID’ => $comment_id,292 ‘comment_content’ => $comment_content293 );294295 $intval = wp_update_comment( $commentarr );296 if ( !is_wp_error( $intval ) ) {297 $comment = get_comment( $comment_id );298 exit( wp_safe_redirect( dwqa_get_question_link( $comment->comment_post_ID ) ) );299 }else {300 dwqa_add_wp_error_message( $intval );301 }302 }303 }304 }305306 public function submit_question() {307 global $dwqa_options;308309 if ( isset( $_POST[‘dwqa-question-submit’] ) ) {310 global $dwqa_current_error;311 $valid_captcha = dwqa_valid_captcha( ‘question’ );312313 $dwqa_submit_question_errors = new WP_Error();314315 if ( isset( $_POST[‘_wpnonce’] ) && wp_verify_nonce( esc_html( $_POST[‘_wpnonce’] ), ‘_dwqa_submit_question’ ) ) {316 if ( $valid_captcha ) {317 if ( empty( $_POST[‘question-title’] ) ) {318 dwqa_add_notice( __( 'You must enter a valid question title.’, ‘dw-question-answer’ ), ‘error’ );319 return false;320 }321322 if ( !is_user_logged_in() ) {323 if ( empty( $_POST[‘_dwqa_anonymous_email’] ) || !is_email( sanitize_email( $_POST[‘_dwqa_anonymous_email’] ) ) ) {324 dwqa_add_notice( __( 'Missing email information’, ‘dw-question-answer’ ), ‘error’ );325 return false;326 }327328 if ( empty( $_POST[‘_dwqa_anonymous_name’] ) ) {329 dwqa_add_notice( __( 'Missing name information’, ‘dw-question-answer’ ), ‘error’ );330 return false;331 }332 }333334 $title = esc_html( $_POST[‘question-title’] );335336 $category = isset( $_POST[‘question-category’] ) ?337 intval( $_POST[‘question-category’] ) : 0;338 if ( ! term_exists( $category, ‘dwqa-question_category’ ) ) {339 $category = 0;340 }341342 $tags = isset( $_POST[‘question-tag’] ) ?343 esc_html( $_POST[‘question-tag’] ): '’;344345 $content = isset( $_POST[‘question-content’] ) ? $_POST[‘question-content’] : '’;346 $content = apply_filters( 'dwqa_prepare_question_content’, $content );347348 $user_id = 0;349 $is_anonymous = false;350 if ( is_user_logged_in() ) {351 $user_id = get_current_user_id();352 } else {353 //$post_author_email = $_POST[‘user-email’];354 if ( isset( $_POST[‘login-type’] ) && sanitize_text_field( $_POST[‘login-type’] ) == ‘sign-in’ ) {355 $user = wp_signon( array(356 ‘user_login’ => isset( $_POST[‘user-name’] ) ? esc_html( $_POST[‘user-name’] ) : '’,357 ‘user_password’ => isset( $_POST[‘user-password’] ) ? esc_html( $_POST[‘user-password’] ) : '’,358 ), false );359360 if ( ! is_wp_error( $user ) ) {361 global $current_user;362 $current_user = $user;363 get_currentuserinfo();364 $user_id = $user->data->ID;365 } else {366 $dwqa_current_error = $user;367 return false;368 }369 } elseif ( isset( $_POST[‘login-type’] ) && sanitize_text_field( $_POST[‘login-type’] ) == ‘sign-up’ ) {370 //Create new user371 $users_can_register = get_option( ‘users_can_register’ );372 if ( isset( $_POST[‘user-email’] ) && isset( $_POST[‘user-name-signup’] )373 && $users_can_register && ! email_exists( $_POST[‘user-email’] )374 && ! username_exists( $_POST[‘user-name-signup’] ) ) {375376 if ( isset( $_POST[‘password-signup’] ) ) {377 $password = esc_html( $_POST[‘password-signup’] );378 } else {379 $password = wp_generate_password( 12, false );380 }381382 $user_id = wp_create_user(383 esc_html( $_POST[‘user-name-signup’] ),384 $password,385 sanitize_email( $_POST[‘user-email’] )386 );387 if ( is_wp_error( $user_id ) ) {388 $dwqa_current_error = $user_id;389 return false;390 }391 wp_new_user_notification( $user_id, $password );392 $user = wp_signon( array(393 ‘user_login’ => esc_html( $_POST[‘user-name-signup’] ),394 ‘user_password’ => $password,395 ), false );396 if ( ! is_wp_error( $user ) ) {397 global $current_user;398 $current_user = $user;399 get_currentuserinfo();400 $user_id = $user->data->ID;401 } else {402 $dwqa_current_error = $user;403 return false;404 }405 } else {406 $message = '’;407 if ( ! $users_can_register ) {408 $message .= __( ‘User Registration was disabled.’,’dw-question-answer’ ).’<br>’;409 }410 if ( isset( $_POST[‘user-name’] ) && email_exists( sanitize_email( $_POST[‘user-email’] ) ) ) {411 $message .= __( ‘This email is already registered, please choose another one.’,’dw-question-answer’ ).’<br>’;412 }413 if ( isset( $_POST[‘user-name’] ) && username_exists( esc_html( $_POST[‘user-name’] ) ) ) {414 $message .= __( ‘This username is already registered. Please use another one.’,’dw-question-answer’ ).’<br>’;415 }416 // $dwqa_current_error = new WP_Error( 'submit_question’, $message );417 dwqa_add_notice( $message, ‘error’ );418 return false;419 }420 } else {421 $is_anonymous = true;422 $question_author_email = isset( $_POST[‘_dwqa_anonymous_email’] ) && is_email( $_POST[‘_dwqa_anonymous_email’] ) ? sanitize_email( $_POST[‘_dwqa_anonymous_email’] ) : false;423 $question_author_name = isset( $_POST[‘_dwqa_anonymous_name’] ) && !empty( $_POST[‘_dwqa_anonymous_name’] ) ? sanitize_text_field( $_POST[‘_dwqa_anonymous_name’] ) : false;424 $user_id = 0;425 }426 }427428 $post_status = ( isset( $_POST[‘question-status’] ) && esc_html( $_POST[‘question-status’] ) ) ? $_POST[‘question-status’] : 'publish’;429430 //Enable review mode431 global $dwqa_general_settings;432 if ( isset( $dwqa_general_settings[‘enable-review-question’] )433 && $dwqa_general_settings[‘enable-review-question’]434 && $post_status != ‘private’ && ! current_user_can( ‘manage_options’ ) ) {435 $post_status = 'pending’;436 }437438 $postarr = array(439 ‘comment_status’ => 'open’,440 ‘post_author’ => $user_id,441 ‘post_content’ => $content,442 ‘post_status’ => $post_status,443 ‘post_title’ => $title,444 ‘post_type’ => 'dwqa-question’,445 ‘tax_input’ => array(446 ‘dwqa-question_category’ => array( $category ),447 ‘dwqa-question_tag’ => explode( ',’, $tags )448 )449 );450451 if ( apply_filters( 'dwqa-current-user-can-add-question’, dwqa_current_user_can( ‘post_question’ ), $postarr ) ) {452 $new_question = $this->insert_question( $postarr );453 do_action('dwqa_after_insert_question’,$new_question);454 } else {455 //$dwqa_submit_question_errors->add( 'submit_question’, __( 'You do not have permission to submit question.’, ‘dw-question-answer’ ) );456 dwqa_add_notice( __( 'You do not have permission to submit question.’, ‘dw-question-answer’ ), ‘error’ );457 $new_question = $dwqa_submit_question_errors;458 }459460 if ( dwqa_count_notices( ‘error’ ) == 0 ) {461 if ( $is_anonymous ) {462 update_post_meta( $new_question, '_dwqa_anonymous_email’, $question_author_email );463 update_post_meta( $new_question, '_dwqa_anonymous_name’, $question_author_name );464 update_post_meta( $new_question, '_dwqa_is_anonymous’, true );465 }466467 if ( isset( $dwqa_options[‘enable-review-question’] ) && $dwqa_options[‘enable-review-question’] && !current_user_can( ‘manage_options’ ) && $post_status != ‘private’ ) {468 dwqa_add_notice( __( 'Your question is waiting moderator.’, ‘dw-question-answer’ ), ‘success’ );469 } else {470 exit( wp_safe_redirect( get_permalink( $new_question ) ) );471 }472 }473 } else {474 // $dwqa_submit_question_errors->add( 'submit_question’, __( ‘Captcha is not correct’,’dw-question-answer’ ) );475 dwqa_add_notice( __( 'Captcha is not correct’, ‘dw-question-answer’ ), ‘error’ );476 }477 } else {478 // $dwqa_submit_question_errors->add( 'submit_question’, __( ‘Are you cheating huh?’,’dw-question-answer’ ) );479 dwqa_add_notice( __( 'Are you cheating huh?’, ‘dw-question-answer’ ), ‘error’ );480 }481 //$dwqa_current_error = $dwqa_submit_question_errors;482 }483 }484485 public function update_question() {486 if ( isset( $_POST[‘dwqa-edit-question-submit’] ) ) {487 if ( isset( $_POST[‘_wpnonce’] ) && wp_verify_nonce( esc_html( $_POST[‘_wpnonce’] ), ‘_dwqa_edit_question’ ) ) {488489 if ( !dwqa_current_user_can( ‘edit_question’ ) ) {490 dwqa_add_notice( __( "You do not have permission to edit question", ‘dw-question-answer’ ), ‘error’ );491 }492493 $question_title = apply_filters( 'dwqa_prepare_edit_question_title’, sanitize_text_field( $_POST[‘question_title’] ) );494 if ( empty( $question_title ) ) {495 dwqa_add_notice( __( 'You must enter a valid question title.’, ‘dw-question-answer’ ), ‘error’ );496 }497498 $question_id = isset( $_POST[‘question_id’] ) ? sanitize_text_field( $_POST[‘question_id’] ) : false;499500 if ( !$question_id ) {501 dwqa_add_notice( __( 'Question is missing.’, ‘dw-question-answer’ ), ‘error’ );502 }503504 if ( ‘dwqa-question’ !== get_post_type( $question_id ) ) {505 dwqa_add_notice( __( 'This post is not question.’, ‘dw-question-answer’ ), ‘error’ );506 }507508 $question_content = apply_filters( 'dwqa_prepare_edit_question_content’, $_POST[‘question_content’] );509510 $tags = isset( $_POST[‘question-tag’] ) ? esc_html( $_POST[‘question-tag’] ): '’;511 $category = isset( $_POST[‘question-category’] ) ? intval( $_POST[‘question-category’] ) : 0;512 if ( ! term_exists( $category, ‘dwqa-question_category’ ) ) {513 $category = 0;514 }515516 do_action( 'dwqa_prepare_update_question’, $question_id );517518 if ( dwqa_count_notices( ‘error’ ) > 0 ) {519 return false;520 }521522 $args = array(523 ‘ID’ => $question_id,524 ‘post_content’ => $question_content,525 ‘post_title’ => $question_title,526 ‘tax_input’ => array(527 ‘dwqa-question_category’ => array( $category ),528 ‘dwqa-question_tag’ => explode( ',’, $tags )529 ),530 );531532 $new_question_id = wp_update_post( $args );533534 if ( !is_wp_error( $new_question_id ) ) {535 $old_post = get_post( $question_id );536 $new_post = get_post( $new_question_id );537 do_action( 'dwqa_update_question’, $new_question_id, $old_post, $new_post );538 wp_safe_redirect( get_permalink( $new_question_id ) );539 } else {540 dwqa_add_wp_error_message( $new_question_id );541 return false;542 }543 } else {544 dwqa_add_notice( __( 'Hello, Are you cheating huh?’, ‘dw-question-answer’ ), ‘error’ );545 return false;546 }547 exit(0);548 }549 }550551 public function insert_question( $args ) {552 if ( is_user_logged_in() ) {553 $user_id = get_current_user_id();554 } elseif ( dwqa_current_user_can( ‘post_question’ ) ) {555 $user_id = 0;556 } else {557 return false;558 }559560 $args = wp_parse_args( $args, array(561 ‘comment_status’ => 'open’,562 ‘post_author’ => $user_id,563 ‘post_content’ => '’,564 ‘post_status’ => 'pending’,565 ‘post_title’ => '’,566 ‘post_type’ => 'dwqa-question’,567 ) );568 569 $args = apply_filters( 'dwqa_insert_question_args’, $args );570571 $new_question = wp_insert_post( $args, true );572573 if ( ! is_wp_error( $new_question ) ) {574575 if ( isset( $args[‘tax_input’] ) ) {576 foreach ( $args[‘tax_input’] as $taxonomy => $tags ) {577 wp_set_post_terms( $new_question, $tags, $taxonomy );578 }579 }580 update_post_meta( $new_question, '_dwqa_status’, ‘open’ );581 update_post_meta( $new_question, '_dwqa_views’, 0 );582 update_post_meta( $new_question, '_dwqa_votes’, 0 );583 update_post_meta( $new_question, '_dwqa_answers_count’, 0 );584 add_post_meta( $new_question, '_dwqa_followers’, $user_id );585 $date = get_post_field( 'post_date’, $new_question );586 // dwqa_log_last_activity_on_question( $new_question, 'Create question’, $date );587 //Call action when add question successfull588 do_action( 'dwqa_add_question’, $new_question, $user_id );589 }590 return $new_question;591 }592593 function update_modified_date( $question_id, $modified_date, $modified_date_gmt ) {594 $data = array(595 ‘ID’ => $question_id,596 ‘post_modified’ => $this->timeformat_convert( $modified_date ),597 ‘post_modified_gmt’ => $this->timeformat_convert( $modified_date_gmt ),598 );599 wp_update_post( $data );600 }601602 function timeformat_convert( $timestamp ) {603 return date("Y-m-d H:i:s", $timestamp );604 }605}