File: /home/acnbijigo78q/public_html/wp-content/plugins/reset/delete_comments.php
<?php
/*
Secure Delete All Comments Code File
*/
echo "<br><h4><strong>Delete All Comments</strong></h4>";
// Check if form is submitted
if (isset($_POST['delete_all_comments'])) {
// Verify nonce for CSRF protection
if (!isset($_POST['delete_all_comments_nonce']) || !wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['delete_all_comments_nonce'])), 'delete_all_comments_action')) {
die('<div class="notice notice-error is-dismissible"><p>Security check failed. Action not allowed.</p></div>');
}
// Check if the user has admin permissions
if (!current_user_can('manage_options')) {
die('<div class="notice notice-error is-dismissible"><p>Unauthorized action.</p></div>');
}
// Get all comments
$comments = get_comments(array(
'status' => 'all', // Include all comments (approved, pending, spam, trash)
'number' => 0, // Retrieve all comments
));
// Delete each comment
foreach ($comments as $comment) {
wp_delete_comment($comment->comment_ID, true); // Permanently delete comment
}
echo '<div class="notice notice-success is-dismissible"><p>All comments have been deleted successfully.</p></div>';
}
// Output the delete comments button
echo '<form method="post" action="">';
// Add nonce field for CSRF protection
wp_nonce_field('delete_all_comments_action', 'delete_all_comments_nonce');
echo '<input type="hidden" name="delete_all_comments" value="true">';
echo '<input type="submit" class="button button-primary comments" value="Delete All Comments">';
echo '</form>';
?>