Multisite: Network Users can post comments without being members of the site

[Ipstenu]

This is probably an 'ever since inception' issue and I can replicate it on 3.4

Setup:

Have a user added to your network but not to a site (domain.com/test).

Set up domain.com/test to only allow registered users to comment. Remember, we've not added this new user to the site, just the network.

Log in as that user and go to domain.com/test

Oh look! You can comment as a 'registered' user.

This should be check for 'Is this a user and, if multisite, is this user a member of the site?'

It's that or the wording needs to be clearer that anyone registered on the network can comment.

[scribu]

This indeed looks like a bug.

[nacin]

This is how MU functioned. I dunno. You're logged in. It'll say you're logged in (assuming you have cookies issued). This is often going to be expected behavior. Sounds like a filter, at most, to me.

[SergeyBiryukov]

20846.2.patch​ is an attempt to take care of XML-RPC comments as well. Also combines two strings with the same meaning.

[helenyhou]

Is there actually a way for an end user to join a network site if already registered on the network? If not, seems like that would need changing first, or else this would become extremely frustrating. "Register to comment! Oh no wait, you can't sign up, your email address is already in use."

[Ipstenu]

Replying to nacin:

This is how MU functioned. I dunno. You're logged in. It'll say you're logged in (assuming you have cookies issued). This is often going to be expected behavior. Sounds like a filter, at most, to me.

Then we should change the language to explain that restricting comments to logged in users means network users, and not per site. Right now, it's "Users must be registered and logged in to comment"

Replying to helenyhou:

Is there actually a way for an end user to join a network site if already registered on the network? If not, seems like that would need changing first, or else this would become extremely frustrating. "Register to comment! Oh no wait, you can't sign up, your email address is already in use."

Not without a plugin, at this time.

If we were going to change the code to be you have to be a member of the site, then it shouldn't behave 100% like a logged out user. Having a way to 'join' a site would be very nice to build in as an option. Multisite locks 'registration' down to the network admin, though. If I turn off signups, no site has them. So it would have to be a per-site option 'allow registered network users to join your site...'

And now we've added layers on layers ;)

[wpmuguru]

Replying to nacin:

This is how MU functioned.

Consider a single WP install as a network of one site. In a test single site, create a test user then remove the user's role. Set the discussion settings to registered users can comment. The test user can still comment even though they have no role on the site. The behavior in the network is the same. It isn't a test that the user has a role but a test that the user has a valid account.

[jeremyfelt]

It makes sense for a user registered on a network to be considered a registered user available to all of those sites by default. Registered user in this case doesn't necessarily mean that the user has a role. While role based comment permissions could be interesting, this is probably best left to a filter for the time being.

Replying to Ipstenu:

Then we should change the language to explain that restricting comments to logged in users means network users, and not per site. Right now, it's "Users must be registered and logged in to comment"

Something along these lines is probably the right answer here, though I don't think the current language is too far off. A site owner is able to at least identify a user somehow.

Moving to future release for further discussion.

[jeremyfelt]

Looking at the wording for this again.

<label for="comment_registration">
<input name="comment_registration" type="checkbox" id="comment_registration" value="1" <?php checked('1', get_option('comment_registration')); ?> />
<?php _e('Users must be registered and logged in to comment'); ?>
<?php if ( !get_option( 'users_can_register' ) && is_multisite() ) echo ' ' . __( '(Signup has been disabled. Only members of this site can comment.)' ); ?>
</label>

I wonder if we could make this more obvious by adding another option and converting to a drop down in multisite.

Select:

• Unregistered users can comment (current default, disabled when signup is disabled)
• Users must have a network account to comment (default when signup is disabled)
• Users must be a site member to comment

Single site could remain the same checkbox or use the new select without the second option.

[Ipstenu]

Unregistered users can comment (current default, disabled when signup is disabled)

Can you clarify what you mean by 'disabled when signup is disabled' ?

I can think of places where I have a closed network and I only add users manually, but I still want to allow unregistered users to comment. Like my personal blog which is on a multisite right now :)

[jeremyfelt]

Hrm, that made more sense when I typed it last night. :)

I'm not sure "when signup is disabled" makes sense at all in the context of these choices.

Select:

• Unregistered users can comment (default)
• Users must have a network account to comment
• Users must be a site member to comment

[Ipstenu]

I like that :) Do we have or need a patch for actually checking that last one? "Users must be a site member to comment" isn't something we do default atm.

[jeremyfelt]

That's definitely a needs patch with some good thought into how the comment_registration option is handled. Right now it's a flag between 0 and 1. This would introduce a 2 (or other value). And could mess with some checks in core that are truthy rather than strict.