php – Permissions error when I use my plugin to delete comments in the front-end
Question
I recently created a plugin for WordPress that allows you to delete comments from a front-end post, with an undo delete function and without having to reload the page each time (Ajax). However, when I click on the delete button, there is this message from the browser “You do not have permission to delete comments.” and there are no errors in the Google console.
Here is the code of the plugin:
<?php
/*
Plugin Name: Delete Comments
Plugin URI: https://express-wp.com/plugins/delete-comments
Description: Allows administrators to delete comments on the fly without reloading the page.
Version: 1.0
Author: Alexis Grolot
Author URI: https://express-wp.com/
License: GPL2
*/
add_filter('comment_text', 'add_comment_delete_button');
function add_comment_delete_button($comment_content) {
if (current_user_can('moderate_comments')) {
global $comment;
$nonce = wp_create_nonce( 'delete_comment_' . $comment->comment_ID );
$comment_content .= '<p><button class="small button-small delete-comment-button" data-comment-id="' . $comment->comment_ID . '" data-nonce="' . $nonce . '">Delete Comment</button></p>';
}
return $comment_content;
}
// Process AJAX request to delete a comment
add_action('wp_ajax_delete_comment', 'delete_comment_ajax');
function delete_comment_ajax() {
$comment_id = isset( $_POST['comment_id'] ) ? (int) $_POST['comment_id'] : 0;
// Check if the user has the capability to delete the comment
if ( ! $comment_id || ! current_user_can('moderate_comments', $comment_id )) {
wp_send_json_error('You do not have permission to delete comments.');
}
check_ajax_referer('delete_comment_' . $comment_id, 'nonce');
// Check if the comment exists
$comment = get_comment($comment_id);
if ( empty( $comment ) ) {
wp_send_json_error('The comment does not exist.');
}
// Delete the comment
// $delete = false;
$delete = wp_delete_comment( $comment_id, true );
// Send a success response
if ( $delete ) {
wp_send_json_success('The comment has been deleted.');
} else {
wp_send_json_error('The comment does not exist.');
}
}
add_action( 'wp_enqueue_scripts', 'delete_comments_scripts' );
function delete_comments_scripts() {
if (current_user_can('moderate_comments')) {
wp_enqueue_script( 'delete-comments-script', plugin_dir_url( __FILE__ ) . 'delete-comments.js', array('jquery'), '1.0', true );
wp_localize_script( 'delete-comments-script', 'delete_comments_obj', array(
'ajax_url' => admin_url( 'admin-ajax.php' ),
'nonce' => wp_create_nonce( 'delete_comments_nonce' )
) );
}
}
add_action( 'wp_head', function() {
?><script>
jQuery(document).ready(function($) {
$('body').on('click', '.delete-comment-button', function(event) {
event.preventDefault();
if (confirm('Are you sure you want to delete this comment?')) {
var commentId = $(this).data('comment-id');
var commentNonce = $(this).data('nonce');
$.ajax({
url: delete_comments_obj.ajax_url,
method: 'POST',
data: {
action: 'delete_comment',
comment_id: commentId,
nonce: commentNonce,
},
success: function(response) {
if ( response.success ) {
$('#comment-' + commentId).toggle('slow');
} else {
alert(response.data);
}
},
error: function(error) {
alert(error.response.data);
}
});
}
});
});</script>
<?php
});
I have already verified that the logged in user has the necessary permissions to delete comments. I have also tried disabling other plugins to see if there are any conflicts.
Can you help me solve this problem and give me advice on what I can do to get my plugin working properly?
0
4 weeks
2023-03-07T10:56:19-05:00
2023-03-07T10:56:19-05:00 0 Answers
0 views
0
Leave an answer