diff --git src/wp-admin/includes/misc.php src/wp-admin/includes/misc.php
index 013d0062c1..b50c68cb4f 100644
|
|
function wp_admin_canonical_url() { |
1140 | 1140 | $filtered_url = remove_query_arg( $removable_query_args, $current_url ); |
1141 | 1141 | ?> |
1142 | 1142 | <link id="wp-admin-canonical" rel="canonical" href="<?php echo esc_url( $filtered_url ); ?>" /> |
1143 | | <script> |
1144 | | if ( window.history.replaceState ) { |
1145 | | window.history.replaceState( null, null, document.getElementById( 'wp-admin-canonical' ).href + window.location.hash ); |
1146 | | } |
1147 | | </script> |
1148 | | <?php |
| 1143 | <?php |
| 1144 | wp_remove_feedback_query_args( 'wp-admin-canonical' ); |
1149 | 1145 | } |
1150 | 1146 | |
1151 | 1147 | /** |
diff --git src/wp-comments-post.php src/wp-comments-post.php
index c61e73dcd1..84620a5ce5 100644
|
|
do_action( 'set_comment_cookies', $comment, $user, $cookies_consent ); |
54 | 54 | |
55 | 55 | $location = empty( $_POST['redirect_to'] ) ? get_comment_link( $comment ) : $_POST['redirect_to'] . '#comment-' . $comment->comment_ID; |
56 | 56 | |
| 57 | /** |
| 58 | * Add specific query arguments to display the awaiting moderation message |
| 59 | * to users who did not consent to cookies. |
| 60 | */ |
| 61 | if ( ! $cookies_consent && 'unapproved' === wp_get_comment_status( $comment ) ) { |
| 62 | $location = add_query_arg( array( |
| 63 | 'unapproved' => $comment->comment_ID, |
| 64 | 'moderation-hash' => wp_hash( $comment->comment_date_gmt ), |
| 65 | ), $location ); |
| 66 | } |
| 67 | |
57 | 68 | /** |
58 | 69 | * Filters the location URI to send the commenter after posting. |
59 | 70 | * |
diff --git src/wp-includes/comment-template.php src/wp-includes/comment-template.php
index 649f29a10b..cae275c5c2 100644
|
|
function get_comment_reply_link( $args = array(), $comment = null, $post = null |
1692 | 1692 | |
1693 | 1693 | $link = sprintf( |
1694 | 1694 | "<a rel='nofollow' class='comment-reply-link' href='%s' %s aria-label='%s'>%s</a>", |
1695 | | esc_url( add_query_arg( 'replytocom', $comment->comment_ID ) ) . "#" . $args['respond_id'], |
| 1695 | esc_url( add_query_arg( array( |
| 1696 | 'replytocom' => $comment->comment_ID, |
| 1697 | 'unapproved' => false, |
| 1698 | 'moderation-hash' => false, |
| 1699 | ) ) ) . "#" . $args['respond_id'], |
1696 | 1700 | $data_attribute_string, |
1697 | 1701 | esc_attr( sprintf( $args['reply_to_text'], $comment->comment_author ) ), |
1698 | 1702 | $args['reply_text'] |
… |
… |
function comment_form( $args = array(), $post_id = null ) { |
2253 | 2257 | $commenter = wp_get_current_commenter(); |
2254 | 2258 | $user = wp_get_current_user(); |
2255 | 2259 | $user_identity = $user->exists() ? $user->display_name : ''; |
| 2260 | $fields = array(); |
| 2261 | |
| 2262 | if ( has_action( 'set_comment_cookies', 'wp_set_comment_cookies' ) ) { |
| 2263 | $consent = ''; |
| 2264 | if ( isset( $commenter['cookies_consent'] ) && true === $commenter['cookies_consent'] ) { |
| 2265 | $consent = ' checked="checked"'; |
| 2266 | |
| 2267 | // User has not consent coookies, reset the $commenter to empty the comment form. |
| 2268 | } else { |
| 2269 | $commenter = array_fill_keys( array_keys( $commenter ), '' ); |
| 2270 | } |
| 2271 | |
| 2272 | // Set cookies consent comment field. |
| 2273 | $fields['cookies'] = '<p class="comment-form-cookies-consent"><input id="wp-comment-cookies-consent" name="wp-comment-cookies-consent" type="checkbox" value="yes"' . $consent . ' />' . |
| 2274 | '<label for="wp-comment-cookies-consent">' . __( 'Save my name, email, and website in this browser for the next time I comment.' ) . '</label></p>'; |
| 2275 | } |
2256 | 2276 | |
2257 | 2277 | $args = wp_parse_args( $args ); |
2258 | 2278 | if ( ! isset( $args['format'] ) ) { |
… |
… |
function comment_form( $args = array(), $post_id = null ) { |
2262 | 2282 | $req = get_option( 'require_name_email' ); |
2263 | 2283 | $html_req = ( $req ? " required='required'" : '' ); |
2264 | 2284 | $html5 = 'html5' === $args['format']; |
2265 | | $fields = array( |
| 2285 | |
| 2286 | // Set regular comment fields making sure the cookies consent is the last one. |
| 2287 | $fields = array_merge( array( |
2266 | 2288 | 'author' => '<p class="comment-form-author">' . '<label for="author">' . __( 'Name' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' . |
2267 | 2289 | '<input id="author" name="author" type="text" value="' . esc_attr( $commenter['comment_author'] ) . '" size="30" maxlength="245"' . $html_req . ' /></p>', |
2268 | 2290 | 'email' => '<p class="comment-form-email"><label for="email">' . __( 'Email' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' . |
2269 | 2291 | '<input id="email" name="email" ' . ( $html5 ? 'type="email"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_email'] ) . '" size="30" maxlength="100" aria-describedby="email-notes"' . $html_req . ' /></p>', |
2270 | 2292 | 'url' => '<p class="comment-form-url"><label for="url">' . __( 'Website' ) . '</label> ' . |
2271 | 2293 | '<input id="url" name="url" ' . ( $html5 ? 'type="url"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_url'] ) . '" size="30" maxlength="200" /></p>', |
2272 | | ); |
2273 | | |
2274 | | if ( has_action( 'set_comment_cookies', 'wp_set_comment_cookies' ) ) { |
2275 | | $consent = empty( $commenter['comment_author_email'] ) ? '' : ' checked="checked"'; |
2276 | | $fields['cookies'] = '<p class="comment-form-cookies-consent"><input id="wp-comment-cookies-consent" name="wp-comment-cookies-consent" type="checkbox" value="yes"' . $consent . ' />' . |
2277 | | '<label for="wp-comment-cookies-consent">' . __( 'Save my name, email, and website in this browser for the next time I comment.' ) . '</label></p>'; |
2278 | | } |
| 2294 | ), $fields ); |
2279 | 2295 | |
2280 | 2296 | $required_text = sprintf( ' ' . __( 'Required fields are marked %s' ), '<span class="required">*</span>' ); |
2281 | 2297 | |
diff --git src/wp-includes/comment.php src/wp-includes/comment.php
index 4c78eb9b6a..3013919a62 100644
|
|
function _clear_modified_cache_on_transition_comment_status( $new_status, $old_s |
1742 | 1742 | * @see sanitize_comment_cookies() Use to sanitize cookies |
1743 | 1743 | * |
1744 | 1744 | * @since 2.0.4 |
| 1745 | * @since 4.9.7 Tries to get a query parameter containing the comment ID to |
| 1746 | * set the comment author data when the user has not consented |
| 1747 | * to cookies. |
1745 | 1748 | * |
1746 | | * @return array Comment author, email, url respectively. |
| 1749 | * @return array Comment author, email, url, cookies consent respectively. |
1747 | 1750 | */ |
1748 | 1751 | function wp_get_current_commenter() { |
1749 | 1752 | // Cookies should already be sanitized. |
… |
… |
function wp_get_current_commenter() { |
1763 | 1766 | $comment_author_url = $_COOKIE[ 'comment_author_url_' . COOKIEHASH ]; |
1764 | 1767 | } |
1765 | 1768 | |
| 1769 | $comment_author_data = compact( 'comment_author', 'comment_author_email', 'comment_author_url' ); |
| 1770 | |
| 1771 | if ( ! array_filter( $comment_author_data ) ) { |
| 1772 | // Set the current commenter using the just posted comment ID. |
| 1773 | if ( is_singular() && isset( $_GET['unapproved'] ) ) { |
| 1774 | $comment = get_comment( $_GET['unapproved'], ARRAY_A ); |
| 1775 | |
| 1776 | if ( isset( $_GET['moderation-hash'] ) && isset( $comment['comment_date_gmt'] ) && wp_hash( $comment['comment_date_gmt'] ) === $_GET['moderation-hash'] ) { |
| 1777 | $comment_author_data = array_intersect_key( $comment, $comment_author_data ); |
| 1778 | } |
| 1779 | } |
| 1780 | |
| 1781 | $comment_author_data['cookies_consent'] = false; |
| 1782 | } else { |
| 1783 | $comment_author_data['cookies_consent'] = true; |
| 1784 | } |
| 1785 | |
1766 | 1786 | /** |
1767 | 1787 | * Filters the current commenter's name, email, and URL. |
1768 | 1788 | * |
1769 | 1789 | * @since 3.1.0 |
| 1790 | * @since 4.9.7 Adds the $cookies_consent argument to the |
| 1791 | * array of current commenter variables. |
1770 | 1792 | * |
1771 | 1793 | * @param array $comment_author_data { |
1772 | 1794 | * An array of current commenter variables. |
1773 | 1795 | * |
1774 | | * @type string $comment_author The name of the author of the comment. Default empty. |
1775 | | * @type string $comment_author_email The email address of the `$comment_author`. Default empty. |
1776 | | * @type string $comment_author_url The URL address of the `$comment_author`. Default empty. |
| 1796 | * @type string $comment_author The name of the author of the comment. Default empty. |
| 1797 | * @type string $comment_author_email The email address of the `$comment_author`. Default empty. |
| 1798 | * @type string $comment_author_url The URL address of the `$comment_author`. Default empty. |
| 1799 | * @type boolean $cookies_consent Whether the user consented to cookies or not. Default false. |
1777 | 1800 | * } |
1778 | 1801 | */ |
1779 | | return apply_filters( 'wp_get_current_commenter', compact( 'comment_author', 'comment_author_email', 'comment_author_url' ) ); |
| 1802 | return apply_filters( 'wp_get_current_commenter', $comment_author_data ); |
1780 | 1803 | } |
1781 | 1804 | |
1782 | 1805 | /** |
diff --git src/wp-includes/functions.php src/wp-includes/functions.php
index b4df760ec6..92ad8dc3e3 100644
|
|
function wp_removable_query_args() { |
963 | 963 | return apply_filters( 'removable_query_args', $removable_query_args ); |
964 | 964 | } |
965 | 965 | |
| 966 | /** |
| 967 | * Removes query variables used to provide user feedbacks from the current URL. |
| 968 | * |
| 969 | * @since 4.9.7 |
| 970 | * |
| 971 | * @param string $canonical_id The canonical URL link tag's id attribute. |
| 972 | */ |
| 973 | function wp_remove_feedback_query_args( $canonical_id = 'wp-canonical' ) { |
| 974 | $query_args = array(); |
| 975 | |
| 976 | if ( ! is_admin() ) { |
| 977 | $query_args = wp_parse_url( $_SERVER['REQUEST_URI'], PHP_URL_QUERY ); |
| 978 | |
| 979 | if ( ! $query_args ) { |
| 980 | return; |
| 981 | } else { |
| 982 | $query_args = wp_parse_args( $query_args, array() ); |
| 983 | |
| 984 | if ( ! isset( $query_args['unapproved'] ) ) { |
| 985 | return; |
| 986 | } |
| 987 | |
| 988 | // Remove the reserved query var key without altering the others. |
| 989 | $query_args = array_diff_key( $query_args, array_flip( array( |
| 990 | 'unapproved', |
| 991 | 'moderation-hash', |
| 992 | ) ) ); |
| 993 | } |
| 994 | } |
| 995 | printf( ' |
| 996 | <script> |
| 997 | var canonicalUrl = document.getElementById( \'%1$s\' ).href.split( \'#\' )[0], |
| 998 | qv = %2$s; |
| 999 | |
| 1000 | if ( \'object\' === typeof qv && undefined === qv.length ) { |
| 1001 | canonicalUrl += \'?\' + Object.keys( qv ).map( k => k + \'=\' + qv[k] ).join( \'&\' ); |
| 1002 | } |
| 1003 | |
| 1004 | if ( window.history.replaceState ) { |
| 1005 | window.history.replaceState( null, null, canonicalUrl + window.location.hash ); |
| 1006 | } |
| 1007 | </script> |
| 1008 | ', $canonical_id, json_encode( $query_args ) ); |
| 1009 | } |
| 1010 | |
966 | 1011 | /** |
967 | 1012 | * Walks the array while sanitizing the contents. |
968 | 1013 | * |
diff --git src/wp-includes/link-template.php src/wp-includes/link-template.php
index 815c539a4a..5c6489a328 100644
|
|
function rel_canonical() { |
3730 | 3730 | $url = wp_get_canonical_url( $id ); |
3731 | 3731 | |
3732 | 3732 | if ( ! empty( $url ) ) { |
3733 | | echo '<link rel="canonical" href="' . esc_url( $url ) . '" />' . "\n"; |
| 3733 | echo '<link id="wp-canonical" rel="canonical" href="' . esc_url( $url ) . '" />' . "\n"; |
| 3734 | wp_remove_feedback_query_args(); |
3734 | 3735 | } |
3735 | 3736 | } |
3736 | 3737 | |