WordPress.org

Make WordPress Core

Ticket #24799: trac#24799-fix-ids-in-comment-template.patch

File trac#24799-fix-ids-in-comment-template.patch, 8.1 KB (added by BjornW, 8 years ago)

comment-template.diff

  • wp-includes/comment-template.php

     
    977977        $post_id = $post ? $post->ID : 0;
    978978
    979979        if ( current_user_can( 'unfiltered_html' ) ) {
    980                 wp_nonce_field( 'unfiltered-html-comment_' . $post_id, '_wp_unfiltered_html_comment_disabled', false );
     980                wp_nonce_field( 'unfiltered-html-comment_' . $post_id, '_wp_unfiltered_html_comment_disabled' . $post_id, false );
    981981                echo "<script>(function(){if(window===window.parent){document.getElementById('_wp_unfiltered_html_comment_disabled').name='_wp_unfiltered_html_comment';}})();</script>\n";
    982982        }
    983983}
     
    13641364 * @since 2.7.0
    13651365 *
    13661366 * @param string $text Optional. Text to display for cancel reply link. Default empty.
     1367 * @param string $id optional. Id attribute for cancel link
    13671368 */
    13681369function get_cancel_comment_reply_link( $text = '' ) {
    13691370        if ( empty($text) )
    13701371                $text = __('Click here to cancel reply.');
    13711372
    13721373        $style = isset($_GET['replytocom']) ? '' : ' style="display:none;"';
    1373         $link = esc_html( remove_query_arg('replytocom') ) . '#respond';
    1374 
    1375         $formatted_link = '<a rel="nofollow" id="cancel-comment-reply-link" href="' . $link . '"' . $style . '>' . $text . '</a>';
     1374  $link = esc_html( remove_query_arg('replytocom') ) . '#respond';
     1375  $id = empty( $id ) ? '' : "id='cancel-comment-reply-link-" . esc_attr( $id ) . "'";
     1376        $formatted_link = '<a rel="nofollow" ' . $id . ' href="' . $link . '"' . $style . '>' . $text . '</a>';
    13761377        /**
    13771378         * Filter the cancel comment reply link HTML.
    13781379         *
     
    14061407 */
    14071408function get_comment_id_fields( $id = 0 ) {
    14081409        if ( empty( $id ) )
    1409                 $id = get_the_ID();
     1410    $id = get_the_ID();
    14101411
     1412  // ensure unique html id attribute values
     1413  $comment_post_id = 'comment_post_id_' . $id;
     1414  $comment_parent  = 'comment_parent_'  . $id;
     1415
    14111416        $replytoid = isset($_GET['replytocom']) ? (int) $_GET['replytocom'] : 0;
    1412         $result  = "<input type='hidden' name='comment_post_ID' value='$id' id='comment_post_ID' />\n";
    1413         $result .= "<input type='hidden' name='comment_parent' id='comment_parent' value='$replytoid' />\n";
     1417        $result  = "<input type='hidden' name='comment_post_ID' value='$id' id='$comment_post_id' />\n";
     1418        $result .= "<input type='hidden' name='comment_parent' id='$comment_parent' value='$replytoid' />\n";
    14141419
    14151420        /**
    14161421         * Filter the returned comment id fields.
     
    19501955        $req      = get_option( 'require_name_email' );
    19511956        $aria_req = ( $req ? " aria-required='true'" : '' );
    19521957        $html5    = 'html5' === $args['format'];
    1953         $fields   =  array(
     1958
     1959  // ensure unique html id attributes by appending the post id to it
     1960  $author_id_attr        = 'author-'                    . $post_id;
     1961  $email_id_attr         = 'email-'                     . $post_id;
     1962  $url_id_attr           = 'url-'                       . $post_id;
     1963  $comment_id_attr       = 'comment-'                   . $post_id;
     1964  $respond_id_attr       = 'respond-'                   . $post_id;
     1965  $reply_id_attr         = 'reply-'                     . $post_id;
     1966  $id_form               = 'commentform-'               . $post_id;
     1967  $id_submit             = 'submit-'                    . $post_id;
     1968  $id_cancel_reply_link  = 'cancel-comment-reply-link'  . $post_id;
     1969
     1970
     1971  $fields   =  array(
    19541972                'author' => '<p class="comment-form-author">' . '<label for="author">' . __( 'Name' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
    1955                             '<input id="author" name="author" type="text" value="' . esc_attr( $commenter['comment_author'] ) . '" size="30"' . $aria_req . ' /></p>',
     1973                            "<input id='$author_id_attr' name='author' type='text' value='" . esc_attr( $commenter['comment_author'] ) . "' size='30'" . $aria_req . ' /></p>',
    19561974                'email'  => '<p class="comment-form-email"><label for="email">' . __( 'Email' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
    1957                             '<input id="email" name="email" ' . ( $html5 ? 'type="email"' : 'type="text"' ) . ' value="' . esc_attr(  $commenter['comment_author_email'] ) . '" size="30"' . $aria_req . ' /></p>',
     1975                            "<input id='$email_id_attr' name='email' " . ( $html5 ? 'type="email"' : 'type="text"' ) . ' value="' . esc_attr(  $commenter['comment_author_email'] ) . '" size="30"' . $aria_req . ' /></p>',
    19581976                'url'    => '<p class="comment-form-url"><label for="url">' . __( 'Website' ) . '</label> ' .
    1959                             '<input id="url" name="url" ' . ( $html5 ? 'type="url"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_url'] ) . '" size="30" /></p>',
     1977                            "<input id='$url_id_attr' name='url' " . ( $html5 ? 'type="url"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_url'] ) . '" size="30" /></p>',
    19601978        );
    19611979
    19621980        $required_text = sprintf( ' ' . __('Required fields are marked %s'), '<span class="required">*</span>' );
     
    19711989        $fields = apply_filters( 'comment_form_default_fields', $fields );
    19721990        $defaults = array(
    19731991                'fields'               => $fields,
    1974                 'comment_field'        => '<p class="comment-form-comment"><label for="comment">' . _x( 'Comment', 'noun' ) . '</label> <textarea id="comment" name="comment" cols="45" rows="8" aria-required="true"></textarea></p>',
     1992                'comment_field'        => "<p class='comment-form-comment'><label for='$comment_id_attr'>" . _x( 'Comment', 'noun' ) . "</label> <textarea id='$comment_id_attr' name='comment' cols='45' rows='8' aria-required='true'></textarea></p>",
    19751993                'must_log_in'          => '<p class="must-log-in">' . sprintf( __( 'You must be <a href="%s">logged in</a> to post a comment.' ), wp_login_url( apply_filters( 'the_permalink', get_permalink( $post_id ) ) ) ) . '</p>',
    19761994                'logged_in_as'         => '<p class="logged-in-as">' . sprintf( __( 'Logged in as <a href="%1$s">%2$s</a>. <a href="%3$s" title="Log out of this account">Log out?</a>' ), get_edit_user_link(), $user_identity, wp_logout_url( apply_filters( 'the_permalink', get_permalink( $post_id ) ) ) ) . '</p>',
    19771995                'comment_notes_before' => '<p class="comment-notes">' . __( 'Your email address will not be published.' ) . ( $req ? $required_text : '' ) . '</p>',
    19781996                'comment_notes_after'  => '<p class="form-allowed-tags">' . sprintf( __( 'You may use these <abbr title="HyperText Markup Language">HTML</abbr> tags and attributes: %s' ), ' <code>' . allowed_tags() . '</code>' ) . '</p>',
    1979                 'id_form'              => 'commentform',
    1980                 'id_submit'            => 'submit',
     1997                'id_form'              => $id_form,
     1998                'id_submit'            => $id_submit,
    19811999                'title_reply'          => __( 'Leave a Reply' ),
    19822000                'title_reply_to'       => __( 'Leave a Reply to %s' ),
    1983                 'cancel_reply_link'    => __( 'Cancel reply' ),
    1984                 'label_submit'         => __( 'Post Comment' ),
     2001    'cancel_reply_link'    => __( 'Cancel reply' ),
     2002    'id_cancel_reply_link' => $id_cancel_reply_link,
     2003    'label_submit'         => __( 'Post Comment' ),
     2004    'html_before_form'     => "<div id='$respond_id_attr' class='comment-respond'>",
     2005    'html_after_form'      => '</div>',
     2006    'title_before_html'    => "<h3 id='$reply_id_attr' class='comment-reply-title'>",
     2007    'title_after_html'     => '</h3>',
    19852008                'format'               => 'xhtml',
    19862009        );
    19872010
     
    20062029                         */
    20072030                        do_action( 'comment_form_before' );
    20082031                        ?>
    2009                         <div id="respond" class="comment-respond">
    2010                                 <h3 id="reply-title" class="comment-reply-title"><?php comment_form_title( $args['title_reply'], $args['title_reply_to'] ); ?> <small><?php cancel_comment_reply_link( $args['cancel_reply_link'] ); ?></small></h3>
     2032        <?php echo $args['html_before_form']; ?>
     2033          <?php echo $args['title_before_html']; comment_form_title( $args['title_reply'], $args['title_reply_to'] ); ?> <small><?php cancel_comment_reply_link( $args['cancel_reply_link'], $args['id_cancel_reply_link'] ); ?></small><?php echo $args['title_after_html']; ?>
    20112034                                <?php if ( get_option( 'comment_registration' ) && !is_user_logged_in() ) : ?>
    20122035                                        <?php echo $args['must_log_in']; ?>
    20132036                                        <?php
     
    21092132                                                ?>
    21102133                                        </form>
    21112134                                <?php endif; ?>
    2112                         </div><!-- #respond -->
     2135        <?php echo $args['html_after_form']; ?><!-- #respond -->
    21132136                        <?php
    21142137                        /**
    21152138                         * Fires after the comment form.