WordPress.org

Make WordPress Core

Ticket #24799: comment-template.diff

File comment-template.diff, 8.7 KB (added by BjornW, 9 years ago)

Make sure html id attributes are unique

  • wp-includes/comment-template.php

     
    814814        $post_id = $post ? $post->ID : 0;
    815815
    816816        if ( current_user_can( 'unfiltered_html' ) ) {
    817                 wp_nonce_field( 'unfiltered-html-comment_' . $post_id, '_wp_unfiltered_html_comment_disabled', false );
     817                wp_nonce_field( 'unfiltered-html-comment_' . $post_id, '_wp_unfiltered_html_comment_disabled' . $post_id, false );
    818818                echo "<script>(function(){if(window===window.parent){document.getElementById('_wp_unfiltered_html_comment_disabled').name='_wp_unfiltered_html_comment';}})();</script>\n";
    819819        }
    820820}
     
    11331133 * @since 2.7.0
    11341134 *
    11351135 * @param string $text Optional. Text to display for cancel reply link.
     1136 * @param string $id optional. Id attribute for cancel link
    11361137 */
    1137 function get_cancel_comment_reply_link($text = '') {
     1138function get_cancel_comment_reply_link($text = '', $id= '') {
    11381139        if ( empty($text) )
    11391140                $text = __('Click here to cancel reply.');
    11401141
    11411142        $style = isset($_GET['replytocom']) ? '' : ' style="display:none;"';
    1142         $link = esc_html( remove_query_arg('replytocom') ) . '#respond';
    1143         return apply_filters('cancel_comment_reply_link', '<a rel="nofollow" id="cancel-comment-reply-link" href="' . $link . '"' . $style . '>' . $text . '</a>', $link, $text);
     1143  $link  = esc_html( remove_query_arg('replytocom') ) . '#respond';
     1144  $id    = empty( $id ) ? '' : "id='cancel-comment-reply-link-" . esc_attr( $id ) . "'";
     1145        return apply_filters('cancel_comment_reply_link', "<a rel='nofollow' $id href='" . $link . "'" . $style . '>' . $text . '</a>', $link, $text);
    11441146}
    11451147
    11461148/**
     
    11501152 *
    11511153 * @param string $text Optional. Text to display for cancel reply link.
    11521154 */
    1153 function cancel_comment_reply_link($text = '') {
    1154         echo get_cancel_comment_reply_link($text);
     1155function cancel_comment_reply_link($text = '', $id = '' ) {
     1156        echo get_cancel_comment_reply_link($text, $id);
    11551157}
    11561158
    11571159/**
     
    11631165 */
    11641166function get_comment_id_fields( $id = 0 ) {
    11651167        if ( empty( $id ) )
    1166                 $id = get_the_ID();
     1168    $id = get_the_ID();
    11671169
     1170  // ensure unique html id attribute values
     1171  $comment_post_id = 'comment_post_id_' . $id;
     1172  $comment_parent  = 'comment_parent_'  . $id;
     1173
    11681174        $replytoid = isset($_GET['replytocom']) ? (int) $_GET['replytocom'] : 0;
    1169         $result  = "<input type='hidden' name='comment_post_ID' value='$id' id='comment_post_ID' />\n";
    1170         $result .= "<input type='hidden' name='comment_parent' id='comment_parent' value='$replytoid' />\n";
     1175        $result  = "<input type='hidden' name='comment_post_ID' value='$id' id='$comment_post_id' />\n";
     1176        $result .= "<input type='hidden' name='comment_parent' id='$comment_parent' value='$replytoid' />\n";
    11711177        return apply_filters('comment_id_fields', $result, $id, $replytoid);
    11721178}
    11731179
     
    16121618        $req      = get_option( 'require_name_email' );
    16131619        $aria_req = ( $req ? " aria-required='true'" : '' );
    16141620        $html5    = 'html5' === $args['format'];
    1615         $fields   =  array(
     1621
     1622  // ensure unique html id attributes by appending the post id to it
     1623  $author_id_attr        = 'author-'                    . $post_id;
     1624  $email_id_attr         = 'email-'                     . $post_id;
     1625  $url_id_attr           = 'url-'                       . $post_id;
     1626  $comment_id_attr       = 'comment-'                   . $post_id;
     1627  $respond_id_attr       = 'respond-'                   . $post_id;
     1628  $reply_id_attr         = 'reply-'                     . $post_id;
     1629  $id_form               = 'commentform-'               . $post_id;
     1630  $id_submit             = 'submit-'                    . $post_id;
     1631  $id_cancel_reply_link  = 'cancel-comment-reply-link'  . $post_id;
     1632
     1633
     1634  $fields   =  array(
    16161635                'author' => '<p class="comment-form-author">' . '<label for="author">' . __( 'Name' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
    1617                             '<input id="author" name="author" type="text" value="' . esc_attr( $commenter['comment_author'] ) . '" size="30"' . $aria_req . ' /></p>',
     1636                            "<input id='$author_id_attr' name='author' type='text' value='" . esc_attr( $commenter['comment_author'] ) . "' size='30'" . $aria_req . ' /></p>',
    16181637                'email'  => '<p class="comment-form-email"><label for="email">' . __( 'Email' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
    1619                             '<input id="email" name="email" ' . ( $html5 ? 'type="email"' : 'type="text"' ) . ' value="' . esc_attr(  $commenter['comment_author_email'] ) . '" size="30"' . $aria_req . ' /></p>',
     1638                            "<input id='$email_id_attr' name='email' " . ( $html5 ? 'type="email"' : 'type="text"' ) . ' value="' . esc_attr(  $commenter['comment_author_email'] ) . '" size="30"' . $aria_req . ' /></p>',
    16201639                'url'    => '<p class="comment-form-url"><label for="url">' . __( 'Website' ) . '</label> ' .
    1621                             '<input id="url" name="url" ' . ( $html5 ? 'type="url"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_url'] ) . '" size="30" /></p>',
     1640                            "<input id='$url_id_attr' name='url' " . ( $html5 ? 'type="url"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_url'] ) . '" size="30" /></p>',
    16221641        );
    16231642
    16241643        $required_text = sprintf( ' ' . __('Required fields are marked %s'), '<span class="required">*</span>' );
    16251644        $defaults = array(
    16261645                'fields'               => apply_filters( 'comment_form_default_fields', $fields ),
    1627                 'comment_field'        => '<p class="comment-form-comment"><label for="comment">' . _x( 'Comment', 'noun' ) . '</label> <textarea id="comment" name="comment" cols="45" rows="8" aria-required="true"></textarea></p>',
     1646                'comment_field'        => "<p class='comment-form-comment'><label for='$comment_id_attr'>" . _x( 'Comment', 'noun' ) . "</label> <textarea id='$comment_id_attr' name='comment' cols='45' rows='8' aria-required='true'></textarea></p>",
    16281647                'must_log_in'          => '<p class="must-log-in">' . sprintf( __( 'You must be <a href="%s">logged in</a> to post a comment.' ), wp_login_url( apply_filters( 'the_permalink', get_permalink( $post_id ) ) ) ) . '</p>',
    16291648                'logged_in_as'         => '<p class="logged-in-as">' . sprintf( __( 'Logged in as <a href="%1$s">%2$s</a>. <a href="%3$s" title="Log out of this account">Log out?</a>' ), get_edit_user_link(), $user_identity, wp_logout_url( apply_filters( 'the_permalink', get_permalink( $post_id ) ) ) ) . '</p>',
    16301649                'comment_notes_before' => '<p class="comment-notes">' . __( 'Your email address will not be published.' ) . ( $req ? $required_text : '' ) . '</p>',
    16311650                'comment_notes_after'  => '<p class="form-allowed-tags">' . sprintf( __( 'You may use these <abbr title="HyperText Markup Language">HTML</abbr> tags and attributes: %s' ), ' <code>' . allowed_tags() . '</code>' ) . '</p>',
    1632                 'id_form'              => 'commentform',
    1633                 'id_submit'            => 'submit',
     1651                'id_form'              => $id_form,
     1652                'id_submit'            => $id_submit,
    16341653                'title_reply'          => __( 'Leave a Reply' ),
    16351654                'title_reply_to'       => __( 'Leave a Reply to %s' ),
    1636                 'cancel_reply_link'    => __( 'Cancel reply' ),
    1637                 'label_submit'         => __( 'Post Comment' ),
     1655    'cancel_reply_link'    => __( 'Cancel reply' ),
     1656    'id_cancel_reply_link' => $id_cancel_reply_link,
     1657    'label_submit'         => __( 'Post Comment' ),
     1658    'html_before_form'     => "<div id='$respond_id_attr' class='comment-respond'>",
     1659    'html_after_form'      => '</div>',
     1660    'title_before_html'    => "<h3 id='$reply_id_attr' class='comment-reply-title'>",
     1661    'title_after_html'     => '</h3>',
    16381662                'format'               => 'xhtml',
    16391663        );
    16401664
     
    16431667        ?>
    16441668                <?php if ( comments_open( $post_id ) ) : ?>
    16451669                        <?php do_action( 'comment_form_before' ); ?>
    1646                         <div id="respond" class="comment-respond">
    1647                                 <h3 id="reply-title" class="comment-reply-title"><?php comment_form_title( $args['title_reply'], $args['title_reply_to'] ); ?> <small><?php cancel_comment_reply_link( $args['cancel_reply_link'] ); ?></small></h3>
     1670        <?php echo $args['html_before_form']; ?>
     1671          <?php echo $args['title_before_html']; comment_form_title( $args['title_reply'], $args['title_reply_to'] ); ?> <small><?php cancel_comment_reply_link( $args['cancel_reply_link'], $args['id_cancel_reply_link'] ); ?></small><?php echo $args['title_after_html']; ?>
    16481672                                <?php if ( get_option( 'comment_registration' ) && !is_user_logged_in() ) : ?>
    16491673                                        <?php echo $args['must_log_in']; ?>
    16501674                                        <?php do_action( 'comment_form_must_log_in_after' ); ?>
     
    16731697                                                <?php do_action( 'comment_form', $post_id ); ?>
    16741698                                        </form>
    16751699                                <?php endif; ?>
    1676                         </div><!-- #respond -->
     1700        <?php echo $args['html_after_form']; ?><!-- #respond -->
    16771701                        <?php do_action( 'comment_form_after' ); ?>
    16781702                <?php else : ?>
    16791703                        <?php do_action( 'comment_form_comments_closed' ); ?>