Enable commenting on front-end preview page for pending posts

Preface

Once post preview is frontend, the comment form depends on how theme handle it. I will assume in this answer that the comment form is shown using the standard comment_form() function.

The previous assumption isn’t enough, in fact comment_form is probably the function in WordPress core with more hooks. There is almost an hook for every line. So what is shown on page, depends a lot on plugins or theme that can change it.

After that, comment_form use to save comment a POST to wp-comment-post.php that contain a lot of hooks too, so even if my solution works on a vanilla install of WP using twenty* theme, I can’t assure it works also with some plugins or custom theme.

Workflow

So, once we are assuming to be in a standard case, what you ask is simpler than the linked Q/A, because comment form don’t use ajax and because there are a lot of hooks that can help us to obtain the desired result (talked about negative side of this point in preface).

Essentially we have to:

  1. Adding a field in the comment form when we are on pending post preview, in this way we can recognize a comment coming from that form.
  2. Once we have to break a security check of WordPress to allow comment on pending post, is a good idea replace this check with another: using a nonce for the hidden field at point 1. can be a good idea.
  3. As additional security check, I think is a good idea enable comments only for registered users (but seems you are already allowing preview access only to registered users). Probably also restrict the roles is a good idea.
  4. The core part of this workflow, is break the check that WordPress does to prevent comment on pending and draft posts. My idea is just to tease WordPress leaving it believe our post is published. The way I will do it, can be taken as an example of why global variables should be avoided to prevent our code is teased by someone.
  5. Last thing we have to do, is intercept the redirect after comment is created, because standard redirect point to standard post permalink, we need to point to post preview permalink

The Code

First of all, let’s create a function that add a nonce field in comment form, only for allowed logged users and only in post preview. I will also write a function to check if the current user is one of the allowed, in this way I can use it for other scopes.
In this function I put a custom filter hook, in this way roles alloewd can be changed.

/**
 * Return true if user can comment on post preview
 */
function is_a_preview_commenter() {
  // change this roles according to your needs
  $roles = array('administrator', 'editor', 'author', 'contributor');
  $allowed_roles = apply_filters('preview_comment_allowed_roles', $roles);
  $user = wp_get_current_user();
  $inrole = array_intersect($user->roles, $allowed_roles);
  return ! empty( $inrole );
} 

/**
 * Add a nonce field for comment form in post preview for allowed users
 */
function additional_comment_fields() {
  if ( is_preview() && is_a_preview_commenter() ) {
    $nonce = wp_create_nonce('comment_preview');
    echo '<input type="hidden" name="check_the_preview" value="' . $nonce . '" />';
  }
}
add_action( 'comment_form_logged_in_after', 'additional_comment_fields');

Now let’s tease WordPress. The way WP uses to check if the post status is good to be commented is to call $status_obj = get_post_status_object($status) (where $status is the post_status field of the post being commented) then check if $status_obj is private or public otherwise wp_die. But the only thing that get_post_status_object does is to return a value from the global array $wp_post_statuses (the one keyed with the requested post status).
Faking the global variable means faking get_post_status_object and so also faking WordPress check.

Change the global variable is super easy, however I will do some check to assure the post come from us (thanks to nonce hidden field previously added) and also check if the current user exists and is allowed:

/**
 * On 'wp_loaded', when the current page is wp-comments-post.php, check if the request
 * comes from post preview, if so and also the current user is allowed replace 
 * $GLOBALS['wp_post_statuses']['pending'] with $GLOBALS['wp_post_statuses']['publish']
 */
function fake_public_pending() {
  global $pagenow;
  if ( $pagenow === 'wp-comments-post.php' && is_a_preview_commenter() ) {
    $nonce = filter_input(INPUT_POST, 'check_the_preview', FILTER_SANITIZE_STRING);
    if ( empty($nonce) || ! wp_verify_nonce($nonce, 'comment_preview') ) return;
    global $wp_post_statuses;
    // let WordPress believe all pending posts are published post
    $wp_post_statuses['pending'] = $wp_post_statuses['publish'];
  }
}
add_action('wp_loaded', 'fake_public_pending');

Now, after a comment is inserted from post preview, we have to redirect browser again to post preview. As usual we assure the request comes from post preview and current user has
one of the allowed roles

/**
 * After a comment is inserted, redirect page to post preview when request come from
 * post preview. Also check if current user role is one of the allowed
 */
function redirect_to_preview( $comment, $user ) {
  if ( ! is_a_preview_commenter() ) return;
  $nonce = filter_input(INPUT_POST, 'check_the_preview', FILTER_SANITIZE_STRING);
  if ( empty($nonce) || ! wp_verify_nonce($nonce, 'comment_preview') ) return;
  $link = get_permalink($comment->comment_post_ID);
  $url = add_query_arg( array('preview' => 'true'), $link );
  wp_safe_redirect("{$url}#comment-{$comment->comment_ID}", 302);
  exit();
}
add_action('set_comment_cookies', 'redirect_to_preview', 9999, 2 );

Related Posts:

  1. How to make comments work for a post loaded per Ajax?
  2. Post preview mechanism architecture
  3. How to Display a List of Users Who Have Made at Least 1 Post?
  4. Post/Page Preview Template
  5. Let private posts stay in status “private” after edit through “editors”
  6. How to display comments and comment form on custom post type?
  7. Comments are assigned to wrong or related post
  8. How can I allow editors to leave comments on posts that have not yet been published?
  9. Update post date on every new comment?
  10. featuring old articles without messing up with the archive
  11. Setting post meta data to random value during post status transition / on publish
  12. One comment per user email per post
  13. Can’t show comments count per post outside loop
  14. How to change post status from publish to draft using hook in wordpress?
  15. Hiding by default specific post status on backend list?
  16. How to output comments number of a post per day?
  17. Hide comments awaiting moderation from user who submitted the comments
  18. Hide Post comments when displayed via WP_Query
  19. How can a guest view the “Pending Review” Post?
  20. Including new Javascript only after a comment is made
  21. Post preview and oembed provider issue using polylang plugin with subdomains
  22. Disable Post/Page comment emails for creators
  23. How do I batch create revisions of all posts?
  24. add filter to “quick edit menu” in wordpress admin
  25. When trashing a post, also trash related comments
  26. how to find user ids of all commenters in a post
  27. Diplay comment date on WP_Post_Comments_List_Table
  28. WordPress version 3.8 – Preview button not working for editor
  29. count the total number of comments the user has received for his published posts
  30. How to Orderby Comments by post title?
  31. how to remove dash (-) post status from post title on posts listing page wordpress
  32. Custom post preview without saving
  33. If modified on same day, show only time
  34. Email entire post contents
  35. Query get post,how to add comment box
  36. How to change post status from frontend?
  37. Update all comments time to random dates?
  38. Change target of view link in admin
  39. Posts and Attachments with “Published” status in Search
  40. Emojis replaced by ‘?’ automatically
  41. Move comments only from one WP installation to another
  42. Second comments section for one post/page
  43. A friend wants to make a comment on one of my articles, she has to be logged to wordpress?
  44. Get all images in post and comments like Twitter before post title
  45. Is it possible to paste a link without tags and make it directly a link in a post?
  46. Restrict edit, but allow preview for custom post status
  47. WordPress Comment posting problem
  48. What do these phpMyAdmin errors mean on my WordPress databaes?
  49. Internal post link creates comments on its own
  50. How to get posts and comments amount per hour, per year and per month?
  51. why there are so many posts whoes post_type is revision? will these records waste too much database space?
  52. SQL Command for restoring trashed comments
  53. Howto show comment count by post in post?
  54. How do you change the comment count in the back end posts list, to reflect unapproved comments, rather than all comments?
  55. Let both the admin and post author update comment meta
  56. Is there a way getting post fields using `transition_post_status`
  57. How does WP decide how to display a page
  58. What function publishes a post when you click the publish button?
  59. Display on page every post in blog WITH comments
  60. Post Status Frontend Announcement
  61. Display amount of pending posts in back/front end
  62. If post exists, make it a comment in existing post with same name?
  63. Showing posts for today and future
  64. Hide content from Post Preview
  65. How to implement a WordPress comments function?
  66. Allow / show post comments in category pages
  67. How can I restore posts from ‘trash’ with their previous post_status? – WordPress
  68. Count the total views of all user posts published
  69. Shortcode for Comments and Comment Boxes in Post Loop
  70. Updating post status via rest api
  71. Hide or remove custom post status
  72. Put page on Archived statut after end of publication date
  73. get_next_post() not working with future post status
  74. WordPress weird behaviour on comments
  75. I want to change the WordPress comments file
  76. Modify loop to include all post statuses not just ‘published’
  77. Posting a comment redirects admin/users to blank page
  78. How to enable comments meta box for other author posts?
  79. Post preview in iframe without saving the post
  80. Comments as part of a post
  81. No comments on static front page
  82. Trash a post, send associated comments into the trash bin (change status)
  83. Preview own posts if logged in
  84. Apply comment to different post (not the current post) [duplicate]
  85. External link not showing on post but showing on comment
  86. Get url/link to latest comments in a post
  87. Display only posts with comments
  88. Latest news mini images
  89. wp_query select if have comments
  90. 2 tick boxes appearing below comments
  91. How to display a certain template element only for posts published within certain time range?
  92. Admin moderates ALL comments (including post author)
  93. Show List of Posts With Comments Open
  94. get_posts includes “auto drafts”?
  95. Post Format Status [closed]
  96. Do anything on post_status change [duplicate]
  97. How can I show the positive and negative comments for a same post separately?
  98. How to update wp_posts with just the returned comment count from wp_comments (SQL GROUP BY)
  99. Undefined Function Fatal Error with Shortcode [closed]
  100. Best method for comment section associated with different images?

Leave a Comment