diff --git a/src/wp-comments-post.php b/src/wp-comments-post.php
index fe03cb7296..a3ea760c62 100644
|
a
|
b
|
|
| 56 | 56 | |
| 57 | 57 | $location = empty( $_POST['redirect_to'] ) ? get_comment_link( $comment ) : $_POST['redirect_to'] . '#comment-' . $comment->comment_ID; |
| 58 | 58 | |
| 59 | | // Add specific query arguments to display the awaiting moderation message. |
| 60 | | if ( |
| | 59 | // If user didn't consent to cookies, add specific query arguments to display the awaiting moderation message. |
| | 60 | if ( ! $cookies_consent && 'unapproved' === wp_get_comment_status( $comment ) && ! empty( $comment->comment_author_email ) ) { |
| 61 | 61 | $location = add_query_arg( |
| 62 | 62 | array( |
| 63 | 63 | 'unapproved' => $comment->comment_ID, |
diff --git a/src/wp-includes/class-walker-comment.php b/src/wp-includes/class-walker-comment.php
index 7325fd0a6a..287b36b26d 100644
|
a
|
b
|
public function start_el( &$output, $comment, $depth = 0, $args = array(), $id = |
| 181 | 181 | return; |
| 182 | 182 | } |
| 183 | 183 | |
| | 184 | if ( 'comment' === $comment->comment_type ) { |
| | 185 | add_filter( 'comment_text', array( $this, 'filter_comment_text' ), 40, 2 ); |
| | 186 | } |
| | 187 | |
| 184 | 188 | if ( ( 'pingback' == $comment->comment_type || 'trackback' == $comment->comment_type ) && $args['short_ping'] ) { |
| 185 | 189 | ob_start(); |
| 186 | 190 | $this->ping( $comment, $depth, $args ); |
| … |
… |
public function start_el( &$output, $comment, $depth = 0, $args = array(), $id = |
| 194 | 198 | $this->comment( $comment, $depth, $args ); |
| 195 | 199 | $output .= ob_get_clean(); |
| 196 | 200 | } |
| | 201 | |
| | 202 | if ( 'comment' === $comment->comment_type ) { |
| | 203 | remove_filter( 'comment_text', array( $this, 'filter_comment_text' ), 40, 2 ); |
| | 204 | } |
| 197 | 205 | } |
| 198 | 206 | |
| 199 | 207 | /** |
| … |
… |
protected function ping( $comment, $depth, $args ) { |
| 244 | 252 | <?php |
| 245 | 253 | } |
| 246 | 254 | |
| | 255 | /** |
| | 256 | * Filters the comment text. |
| | 257 | * |
| | 258 | * Removes links from the pending comment's text if the commenter did not consent |
| | 259 | * to the comment cookies. |
| | 260 | * |
| | 261 | * @since 5.4.2 |
| | 262 | * |
| | 263 | * @param string $comment_text Text of the current comment. |
| | 264 | * @param WP_Comment|null $comment The comment object. Null if not found. |
| | 265 | * @return string Filtered text of the current comment. |
| | 266 | */ |
| | 267 | public function filter_comment_text( $comment_text, $comment ) { |
| | 268 | $commenter = wp_get_current_commenter(); |
| | 269 | $show_pending_links = ! empty( $commenter['comment_author'] ); |
| | 270 | |
| | 271 | if ( $comment && '0' == $comment->comment_approved && ! $show_pending_links ) { |
| | 272 | $comment_text = wp_kses( $comment_text, array() ); |
| | 273 | } |
| | 274 | |
| | 275 | return $comment_text; |
| | 276 | } |
| | 277 | |
| 247 | 278 | /** |
| 248 | 279 | * Outputs a single comment. |
| 249 | 280 | * |
| … |
… |
protected function comment( $comment, $depth, $args ) { |
| 264 | 295 | $add_below = 'div-comment'; |
| 265 | 296 | } |
| 266 | 297 | |
| 267 | | $commenter = wp_get_current_commenter(); |
| | 298 | $commenter = wp_get_current_commenter(); |
| | 299 | $show_pending_links = isset( $commenter['comment_author'] ) && $commenter['comment_author']; |
| | 300 | |
| 268 | 301 | if ( $commenter['comment_author_email'] ) { |
| 269 | 302 | $moderation_note = __( 'Your comment is awaiting moderation.' ); |
| 270 | 303 | } else { |
| 271 | 304 | $moderation_note = __( 'Your comment is awaiting moderation. This is a preview, your comment will be visible after it has been approved.' ); |
| 272 | 305 | } |
| 273 | | |
| 274 | 306 | ?> |
| 275 | 307 | <<?php echo $tag; ?> <?php comment_class( $this->has_children ? 'parent' : '', $comment ); ?> id="comment-<?php comment_ID(); ?>"> |
| 276 | 308 | <?php if ( 'div' != $args['style'] ) : ?> |
| … |
… |
protected function comment( $comment, $depth, $args ) { |
| 279 | 311 | <div class="comment-author vcard"> |
| 280 | 312 | <?php |
| 281 | 313 | if ( 0 != $args['avatar_size'] ) { |
| 282 | | echo get_avatar( $comment, $args['avatar_size'] );} |
| | 314 | echo get_avatar( $comment, $args['avatar_size'] ); |
| | 315 | } |
| 283 | 316 | ?> |
| 284 | 317 | <?php |
| 285 | | printf( |
| 286 | | /* translators: %s: Comment author link. */ |
| 287 | | __( '%s <span class="says">says:</span>' ), |
| 288 | | sprintf( '<cite class="fn">%s</cite>', get_comment_author_link( $comment ) ) |
| 289 | | ); |
| | 318 | $comment_author = get_comment_author_link( $comment ); |
| | 319 | |
| | 320 | if ( '0' == $comment->comment_approved && ! $show_pending_links ) { |
| | 321 | $comment_author = get_comment_author( $comment ); |
| | 322 | } |
| | 323 | printf( |
| | 324 | /* translators: %s: Comment author link. */ |
| | 325 | __( '%s <span class="says">says:</span>' ), |
| | 326 | sprintf( '<cite class="fn">%s</cite>', $comment_author ) |
| | 327 | ); |
| 290 | 328 | ?> |
| 291 | 329 | </div> |
| 292 | 330 | <?php if ( '0' == $comment->comment_approved ) : ?> |
| … |
… |
protected function comment( $comment, $depth, $args ) { |
| 354 | 392 | protected function html5_comment( $comment, $depth, $args ) { |
| 355 | 393 | $tag = ( 'div' === $args['style'] ) ? 'div' : 'li'; |
| 356 | 394 | |
| 357 | | $commenter = wp_get_current_commenter(); |
| | 395 | $commenter = wp_get_current_commenter(); |
| | 396 | $show_pending_links = ! empty( $commenter['comment_author'] ); |
| | 397 | |
| 358 | 398 | if ( $commenter['comment_author_email'] ) { |
| 359 | 399 | $moderation_note = __( 'Your comment is awaiting moderation.' ); |
| 360 | 400 | } else { |
| 361 | 401 | $moderation_note = __( 'Your comment is awaiting moderation. This is a preview, your comment will be visible after it has been approved.' ); |
| 362 | 402 | } |
| 363 | | |
| 364 | 403 | ?> |
| 365 | 404 | <<?php echo $tag; ?> id="comment-<?php comment_ID(); ?>" <?php comment_class( $this->has_children ? 'parent' : '', $comment ); ?>> |
| 366 | 405 | <article id="div-comment-<?php comment_ID(); ?>" class="comment-body"> |
| … |
… |
protected function html5_comment( $comment, $depth, $args ) { |
| 372 | 411 | } |
| 373 | 412 | ?> |
| 374 | 413 | <?php |
| 375 | | printf( |
| 376 | | /* translators: %s: Comment author link. */ |
| 377 | | __( '%s <span class="says">says:</span>' ), |
| 378 | | sprintf( '<b class="fn">%s</b>', get_comment_author_link( $comment ) ) |
| 379 | | ); |
| | 414 | $comment_author = get_comment_author_link( $comment ); |
| | 415 | |
| | 416 | if ( '0' == $comment->comment_approved && ! $show_pending_links ) { |
| | 417 | $comment_author = get_comment_author( $comment ); |
| | 418 | } |
| | 419 | printf( |
| | 420 | /* translators: %s: Comment author link. */ |
| | 421 | __( '%s <span class="says">says:</span>' ), |
| | 422 | sprintf( '<b class="fn">%s</b>', $comment_author ) |
| | 423 | ); |
| 380 | 424 | ?> |
| 381 | 425 | </div><!-- .comment-author --> |
| 382 | 426 | |
| … |
… |
protected function html5_comment( $comment, $depth, $args ) { |
| 402 | 446 | </div><!-- .comment-content --> |
| 403 | 447 | |
| 404 | 448 | <?php |
| 405 | | comment_reply_link( |
| 406 | | array_merge( |
| 407 | | $args, |
| 408 | | array( |
| 409 | | 'add_below' => 'div-comment', |
| 410 | | 'depth' => $depth, |
| 411 | | 'max_depth' => $args['max_depth'], |
| 412 | | 'before' => '<div class="reply">', |
| 413 | | 'after' => '</div>', |
| | 449 | if ( '1' == $comment->comment_approved || $show_pending_links ) { |
| | 450 | comment_reply_link( |
| | 451 | array_merge( |
| | 452 | $args, |
| | 453 | array( |
| | 454 | 'add_below' => 'div-comment', |
| | 455 | 'depth' => $depth, |
| | 456 | 'max_depth' => $args['max_depth'], |
| | 457 | 'before' => '<div class="reply">', |
| | 458 | 'after' => '</div>', |
| | 459 | ) |
| 414 | 460 | ) |
| 415 | | ) |
| 416 | | ); |
| | 461 | ); |
| | 462 | } |
| 417 | 463 | ?> |
| 418 | 464 | </article><!-- .comment-body --> |
| 419 | 465 | <?php |
diff --git a/src/wp-includes/class-wp-comment-query.php b/src/wp-includes/class-wp-comment-query.php
index 9038b6194b..c662219026 100644
|
a
|
b
|
protected function get_comment_ids() { |
| 553 | 553 | // Numeric values are assumed to be user ids. |
| 554 | 554 | if ( is_numeric( $unapproved_identifier ) ) { |
| 555 | 555 | $approved_clauses[] = $wpdb->prepare( "( user_id = %d AND comment_approved = '0' )", $unapproved_identifier ); |
| 556 | | |
| 557 | | // Otherwise we match against email addresses. |
| 558 | 556 | } else { |
| 559 | | $approved_clauses[] = $wpdb->prepare( "( comment_author_email = %s AND comment_approved = '0' )", $unapproved_identifier ); |
| | 557 | // Otherwise we match against email addresses. |
| | 558 | if ( ! empty( $_GET['unapproved'] ) && ! empty( $_GET['moderation-hash'] ) ) { |
| | 559 | // Only include requested comment. |
| | 560 | $approved_clauses[] = $wpdb->prepare( "( comment_author_email = %s AND comment_approved = '0' AND comment_ID = %d )", $unapproved_identifier, (int) $_GET['unapproved'] ); |
| | 561 | } else { |
| | 562 | // Include all of the author's unapproved comments. |
| | 563 | $approved_clauses[] = $wpdb->prepare( "( comment_author_email = %s AND comment_approved = '0' )", $unapproved_identifier ); |
| | 564 | } |
| 560 | 565 | } |
| 561 | 566 | } |
| 562 | 567 | } |
diff --git a/src/wp-includes/class-wp.php b/src/wp-includes/class-wp.php
index e05826d157..8ea5bb8f3a 100644
|
a
|
b
|
public function send_headers() { |
| 403 | 403 | |
| 404 | 404 | if ( is_user_logged_in() ) { |
| 405 | 405 | $headers = array_merge( $headers, wp_get_nocache_headers() ); |
| | 406 | } elseif ( ! empty( $_GET['unapproved'] ) && ! empty( $_GET['moderation-hash'] ) ) { |
| | 407 | // Unmoderated comments are only visible for one minute via the moderation hash. |
| | 408 | $headers['Expires'] = gmdate( 'D, d M Y H:i:s', time() + MINUTE_IN_SECONDS ); |
| | 409 | $headers['Cache-Control'] = 'max-age=60, must-revalidate'; |
| 406 | 410 | } |
| 407 | 411 | if ( ! empty( $this->query_vars['error'] ) ) { |
| 408 | 412 | $status = (int) $this->query_vars['error']; |
diff --git a/src/wp-includes/comment-template.php b/src/wp-includes/comment-template.php
index d142ffac3a..4df077b36c 100644
|
a
|
b
|
function comment_text( $comment_ID = 0, $args = array() ) { |
| 997 | 997 | * @see Walker_Comment::comment() |
| 998 | 998 | * |
| 999 | 999 | * @param string $comment_text Text of the current comment. |
| 1000 | | * @param WP_Comment|null $comment The comment object. |
| | 1000 | * @param WP_Comment|null $comment The comment object. Null if not found. |
| 1001 | 1001 | * @param array $args An array of arguments. |
| 1002 | 1002 | */ |
| 1003 | 1003 | echo apply_filters( 'comment_text', $comment_text, $comment, $args ); |
diff --git a/src/wp-includes/comment.php b/src/wp-includes/comment.php
index b451c5b641..fba170c70c 100644
|
a
|
b
|
function wp_get_unapproved_comment_author_email() { |
| 1831 | 1831 | $comment = get_comment( $comment_id ); |
| 1832 | 1832 | |
| 1833 | 1833 | if ( $comment && hash_equals( $_GET['moderation-hash'], wp_hash( $comment->comment_date_gmt ) ) ) { |
| 1834 | | $commenter_email = $comment->comment_author_email; |
| | 1834 | // The comment will only be viewable by the comment author for 1 minute. |
| | 1835 | $comment_preview_expires = strtotime( $comment->comment_date_gmt . '+1 minute' ); |
| | 1836 | |
| | 1837 | if ( time() < $comment_preview_expires ) { |
| | 1838 | $commenter_email = $comment->comment_author_email; |
| | 1839 | } |
| 1835 | 1840 | } |
| 1836 | 1841 | } |
| 1837 | 1842 | |