diff --git a/src/wp-comments-post.php b/src/wp-comments-post.php
index ebf658603d..59dacc2003 100644
|
a
|
b
|
|
| 56 | 56 | |
| 57 | 57 | $location = empty( $_POST['redirect_to'] ) ? get_comment_link( $comment ) : $_POST['redirect_to'] . '#comment-' . $comment->comment_ID; |
| 58 | 58 | |
| 59 | | // Add specific query arguments to display the awaiting moderation message. |
| 60 | | if ( |
| | 59 | // If user didn't consent to cookies, add specific query arguments to display the awaiting moderation message. |
| | 60 | if ( ! $cookies_consent && 'unapproved' === wp_get_comment_status( $comment ) && ! empty( $comment->comment_author_email ) ) { |
| 61 | 61 | $location = add_query_arg( |
| 62 | 62 | array( |
| 63 | 63 | 'unapproved' => $comment->comment_ID, |
diff --git a/src/wp-includes/class-walker-comment.php b/src/wp-includes/class-walker-comment.php
index e7498b3dd6..ffe503d0fa 100644
|
a
|
b
|
public function start_el( &$output, $comment, $depth = 0, $args = array(), $id = |
| 181 | 181 | return; |
| 182 | 182 | } |
| 183 | 183 | |
| | 184 | if ( 'comment' === $comment->comment_type ) { |
| | 185 | add_filter( 'comment_text', array( $this, 'comment_text' ), 40, 2 ); |
| | 186 | } |
| | 187 | |
| 184 | 188 | if ( ( 'pingback' === $comment->comment_type || 'trackback' === $comment->comment_type ) && $args['short_ping'] ) { |
| 185 | 189 | ob_start(); |
| 186 | 190 | $this->ping( $comment, $depth, $args ); |
| … |
… |
public function start_el( &$output, $comment, $depth = 0, $args = array(), $id = |
| 194 | 198 | $this->comment( $comment, $depth, $args ); |
| 195 | 199 | $output .= ob_get_clean(); |
| 196 | 200 | } |
| | 201 | |
| | 202 | if ( 'comment' === $comment->comment_type ) { |
| | 203 | remove_filter( 'comment_text', array( $this, 'comment_text' ), 40, 2 ); |
| | 204 | } |
| 197 | 205 | } |
| 198 | 206 | |
| 199 | 207 | /** |
| … |
… |
protected function ping( $comment, $depth, $args ) { |
| 244 | 252 | <?php |
| 245 | 253 | } |
| 246 | 254 | |
| | 255 | /** |
| | 256 | * Remove links from the pending comment's text if the commenter has not consent to the comment cookie. |
| | 257 | * |
| | 258 | * @since 5.4.2 |
| | 259 | * |
| | 260 | * @param string $comment_text Text of the current comment. |
| | 261 | * @param WP_Comment|null $comment The comment object. |
| | 262 | * @return string Text of the current comment. |
| | 263 | */ |
| | 264 | function comment_text( $comment_text, $comment ) { |
| | 265 | $commenter = wp_get_current_commenter(); |
| | 266 | $show_pending_links = ! empty( $commenter['comment_author'] ); |
| | 267 | |
| | 268 | if ( '0' == $comment->comment_approved && ! $show_pending_links ) { |
| | 269 | return wp_kses( $comment_text, array() ); |
| | 270 | } |
| | 271 | |
| | 272 | return $comment_text; |
| | 273 | } |
| | 274 | |
| 247 | 275 | /** |
| 248 | 276 | * Outputs a single comment. |
| 249 | 277 | * |
| … |
… |
protected function comment( $comment, $depth, $args ) { |
| 264 | 292 | $add_below = 'div-comment'; |
| 265 | 293 | } |
| 266 | 294 | |
| 267 | | $commenter = wp_get_current_commenter(); |
| | 295 | $commenter = wp_get_current_commenter(); |
| | 296 | $show_pending_links = isset( $commenter['comment_author'] ) && $commenter['comment_author']; |
| 268 | 297 | if ( $commenter['comment_author_email'] ) { |
| 269 | 298 | $moderation_note = __( 'Your comment is awaiting moderation.' ); |
| 270 | 299 | } else { |
| … |
… |
protected function comment( $comment, $depth, $args ) { |
| 279 | 308 | <div class="comment-author vcard"> |
| 280 | 309 | <?php |
| 281 | 310 | if ( 0 != $args['avatar_size'] ) { |
| 282 | | echo get_avatar( $comment, $args['avatar_size'] );} |
| | 311 | echo get_avatar( $comment, $args['avatar_size'] ); |
| | 312 | } |
| 283 | 313 | ?> |
| 284 | 314 | <?php |
| 285 | | printf( |
| 286 | | /* translators: %s: Comment author link. */ |
| 287 | | __( '%s <span class="says">says:</span>' ), |
| 288 | | sprintf( '<cite class="fn">%s</cite>', get_comment_author_link( $comment ) ) |
| 289 | | ); |
| | 315 | $comment_author = get_comment_author_link( $comment ); |
| | 316 | if ( '0' == $comment->comment_approved && ! $show_pending_links ) { |
| | 317 | $comment_author = get_comment_author( $comment ); |
| | 318 | } |
| | 319 | printf( |
| | 320 | /* translators: %s: Comment author link. */ |
| | 321 | __( '%s <span class="says">says:</span>' ), |
| | 322 | sprintf( '<cite class="fn">%s</cite>', $comment_author ) |
| | 323 | ); |
| 290 | 324 | ?> |
| 291 | 325 | </div> |
| 292 | 326 | <?php if ( '0' == $comment->comment_approved ) : ?> |
| … |
… |
protected function comment( $comment, $depth, $args ) { |
| 354 | 388 | protected function html5_comment( $comment, $depth, $args ) { |
| 355 | 389 | $tag = ( 'div' === $args['style'] ) ? 'div' : 'li'; |
| 356 | 390 | |
| 357 | | $commenter = wp_get_current_commenter(); |
| | 391 | $commenter = wp_get_current_commenter(); |
| | 392 | $show_pending_links = ! empty( $commenter['comment_author'] ); |
| 358 | 393 | if ( $commenter['comment_author_email'] ) { |
| 359 | 394 | $moderation_note = __( 'Your comment is awaiting moderation.' ); |
| 360 | 395 | } else { |
| … |
… |
protected function html5_comment( $comment, $depth, $args ) { |
| 372 | 407 | } |
| 373 | 408 | ?> |
| 374 | 409 | <?php |
| 375 | | printf( |
| 376 | | /* translators: %s: Comment author link. */ |
| 377 | | __( '%s <span class="says">says:</span>' ), |
| 378 | | sprintf( '<b class="fn">%s</b>', get_comment_author_link( $comment ) ) |
| 379 | | ); |
| | 410 | $comment_author = get_comment_author_link( $comment ); |
| | 411 | if ( '0' == $comment->comment_approved && ! $show_pending_links ) { |
| | 412 | $comment_author = get_comment_author( $comment ); |
| | 413 | } |
| | 414 | printf( |
| | 415 | /* translators: %s: Comment author link. */ |
| | 416 | __( '%s <span class="says">says:</span>' ), |
| | 417 | sprintf( '<b class="fn">%s</b>', $comment_author ) |
| | 418 | ); |
| 380 | 419 | ?> |
| 381 | 420 | </div><!-- .comment-author --> |
| 382 | 421 | |
| … |
… |
protected function html5_comment( $comment, $depth, $args ) { |
| 402 | 441 | </div><!-- .comment-content --> |
| 403 | 442 | |
| 404 | 443 | <?php |
| 405 | | comment_reply_link( |
| 406 | | array_merge( |
| 407 | | $args, |
| 408 | | array( |
| 409 | | 'add_below' => 'div-comment', |
| 410 | | 'depth' => $depth, |
| 411 | | 'max_depth' => $args['max_depth'], |
| 412 | | 'before' => '<div class="reply">', |
| 413 | | 'after' => '</div>', |
| | 444 | if ( '1' == $comment->comment_approved || $show_pending_links ) { |
| | 445 | comment_reply_link( |
| | 446 | array_merge( |
| | 447 | $args, |
| | 448 | array( |
| | 449 | 'add_below' => 'div-comment', |
| | 450 | 'depth' => $depth, |
| | 451 | 'max_depth' => $args['max_depth'], |
| | 452 | 'before' => '<div class="reply">', |
| | 453 | 'after' => '</div>', |
| | 454 | ) |
| 414 | 455 | ) |
| 415 | | ) |
| 416 | | ); |
| | 456 | ); |
| | 457 | } |
| 417 | 458 | ?> |
| 418 | 459 | </article><!-- .comment-body --> |
| 419 | 460 | <?php |
diff --git a/src/wp-includes/class-wp-comment-query.php b/src/wp-includes/class-wp-comment-query.php
index 020bce9378..f8ea6594c5 100644
|
a
|
b
|
protected function get_comment_ids() { |
| 553 | 553 | // Numeric values are assumed to be user ids. |
| 554 | 554 | if ( is_numeric( $unapproved_identifier ) ) { |
| 555 | 555 | $approved_clauses[] = $wpdb->prepare( "( user_id = %d AND comment_approved = '0' )", $unapproved_identifier ); |
| 556 | | |
| 557 | | // Otherwise we match against email addresses. |
| 558 | 556 | } else { |
| 559 | | $approved_clauses[] = $wpdb->prepare( "( comment_author_email = %s AND comment_approved = '0' )", $unapproved_identifier ); |
| | 557 | // Otherwise we match against email addresses. |
| | 558 | if ( ! empty( $_GET['unapproved'] ) && ! empty( $_GET['moderation-hash'] ) ) { |
| | 559 | // Only include requested comment. |
| | 560 | $approved_clauses[] = $wpdb->prepare( "( comment_author_email = %s AND comment_approved = '0' AND comment_ID = %d )", $unapproved_identifier, (int) $_GET['unapproved'] ); |
| | 561 | } else { |
| | 562 | // Include all of the author's unapproved comments. |
| | 563 | $approved_clauses[] = $wpdb->prepare( "( comment_author_email = %s AND comment_approved = '0' )", $unapproved_identifier ); |
| | 564 | } |
| 560 | 565 | } |
| 561 | 566 | } |
| 562 | 567 | } |
diff --git a/src/wp-includes/class-wp.php b/src/wp-includes/class-wp.php
index 42ff3dba6d..e26e348563 100644
|
a
|
b
|
public function send_headers() { |
| 404 | 404 | |
| 405 | 405 | if ( is_user_logged_in() ) { |
| 406 | 406 | $headers = array_merge( $headers, wp_get_nocache_headers() ); |
| | 407 | } elseif ( ! empty( $_GET['unapproved'] ) && ! empty( $_GET['moderation-hash'] ) ) { |
| | 408 | // Unmoderated comments are only visible for one minute via the moderation hash. |
| | 409 | $headers['Expires'] = gmdate( 'D, d M Y H:i:s', time() + MINUTE_IN_SECONDS ); |
| | 410 | $headers['Cache-Control'] = 'max-age=60, must-revalidate'; |
| 407 | 411 | } |
| 408 | 412 | if ( ! empty( $this->query_vars['error'] ) ) { |
| 409 | 413 | $status = (int) $this->query_vars['error']; |
diff --git a/src/wp-includes/comment.php b/src/wp-includes/comment.php
index a57cf275f8..bf576d35b0 100644
|
a
|
b
|
function wp_get_unapproved_comment_author_email() { |
| 1852 | 1852 | $comment = get_comment( $comment_id ); |
| 1853 | 1853 | |
| 1854 | 1854 | if ( $comment && hash_equals( $_GET['moderation-hash'], wp_hash( $comment->comment_date_gmt ) ) ) { |
| 1855 | | $commenter_email = $comment->comment_author_email; |
| | 1855 | // The comment will only be viewable by the comment author for 1 minute. |
| | 1856 | $comment_preview_expires = strtotime( $comment->comment_date_gmt . '+1 minute' ); |
| | 1857 | |
| | 1858 | if ( time() < $comment_preview_expires ) { |
| | 1859 | $commenter_email = $comment->comment_author_email; |
| | 1860 | } |
| 1856 | 1861 | } |
| 1857 | 1862 | } |
| 1858 | 1863 | |