Make WordPress Core

Changeset 42772


Ignore:
Timestamp:
03/04/2018 04:40:43 PM (7 years ago)
Author:
azaozz
Message:

Add a checkbox to the comment form so logged out users can opt-out of commenter cookies.

Props lakenh, xkon, birgire, azaozz.
See #43436.

Location:
trunk/src
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-comments-post.php

    r42343 r42772  
    3939
    4040$user = wp_get_current_user();
     41$cookies_consent = ( isset( $_POST['wp-comment-cookies-consent'] ) );
    4142
    4243/**
     
    4546 * @since 3.4.0
    4647 *
    47  * @param WP_Comment $comment Comment object.
    48  * @param WP_User    $user    User object. The user may not exist.
     48 * @param WP_Comment $comment         Comment object.
     49 * @param WP_User    $user            User object. The user may not exist.
     50 * @param boolean    $cookies_consent Whether the user has opted-in commenter cookies.
    4951 */
    50 do_action( 'set_comment_cookies', $comment, $user );
     52do_action( 'set_comment_cookies', $comment, $user, $cookies_consent );
    5153
    5254$location = empty( $_POST['redirect_to'] ) ? get_comment_link( $comment ) : $_POST['redirect_to'] . '#comment-' . $comment->comment_ID;
  • trunk/src/wp-includes/comment-template.php

    r42758 r42772  
    22622262    $html5    = 'html5' === $args['format'];
    22632263    $fields   = array(
    2264         'author' => '<p class="comment-form-author">' . '<label for="author">' . __( 'Name' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
    2265                     '<input id="author" name="author" type="text" value="' . esc_attr( $commenter['comment_author'] ) . '" size="30" maxlength="245"' . $html_req . ' /></p>',
    2266         'email'  => '<p class="comment-form-email"><label for="email">' . __( 'Email' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
    2267                     '<input id="email" name="email" ' . ( $html5 ? 'type="email"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_email'] ) . '" size="30" maxlength="100" aria-describedby="email-notes"' . $html_req . ' /></p>',
    2268         'url'    => '<p class="comment-form-url"><label for="url">' . __( 'Website' ) . '</label> ' .
    2269                     '<input id="url" name="url" ' . ( $html5 ? 'type="url"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_url'] ) . '" size="30" maxlength="200" /></p>',
     2264        'author'  => '<p class="comment-form-author">' . '<label for="author">' . __( 'Name' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
     2265                     '<input id="author" name="author" type="text" value="' . esc_attr( $commenter['comment_author'] ) . '" size="30" maxlength="245"' . $html_req . ' /></p>',
     2266        'email'   => '<p class="comment-form-email"><label for="email">' . __( 'Email' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
     2267                     '<input id="email" name="email" ' . ( $html5 ? 'type="email"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_email'] ) . '" size="30" maxlength="100" aria-describedby="email-notes"' . $html_req . ' /></p>',
     2268        'url'     => '<p class="comment-form-url"><label for="url">' . __( 'Website' ) . '</label> ' .
     2269                     '<input id="url" name="url" ' . ( $html5 ? 'type="url"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_url'] ) . '" size="30" maxlength="200" /></p>',
     2270        'cookies' => '<p class="comment-form-cookies-consent"><label for="wp-comment-cookies-consent">' .
     2271                     '<input id="wp-comment-cookies-consent" name="wp-comment-cookies-consent" type="checkbox" value="yes" />' .
     2272                     __( 'Save my name, email, and site URL in my browser for next time I post a comment.' ) . '</label></p>',
    22702273    );
    22712274
  • trunk/src/wp-includes/comment.php

    r42678 r42772  
    543543 * @param WP_Comment $comment Comment object.
    544544 * @param object     $user    Comment author's object.
     545 * @param boolean    $cookies_consent Optional. Comment author's consent to store cookies. Default true.
    545546 *
    546547 * @since 3.4.0
    547548 */
    548 function wp_set_comment_cookies( $comment, $user ) {
     549function wp_set_comment_cookies( $comment, $user, $cookies_consent = true ) {
     550    // If the user already exists, or the user opted out of cookies, don't set cookies.
    549551    if ( $user->exists() ) {
    550552        return;
    551553    }
    552554
     555    if ( false === $cookies_consent ) {
     556        // Remove any existing cookies.
     557        $past = time() - YEAR_IN_SECONDS;
     558        setcookie( 'comment_author_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN );
     559        setcookie( 'comment_author_email_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN );
     560        setcookie( 'comment_author_url_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN );
     561
     562        return;
     563    }
     564
    553565    /**
    554566     * Filters the lifetime of the comment cookie in seconds.
     
    558570     * @param int $seconds Comment cookie lifetime. Default 30000000.
    559571     */
    560     $comment_cookie_lifetime = apply_filters( 'comment_cookie_lifetime', 30000000 );
     572    $comment_cookie_lifetime = time() + apply_filters( 'comment_cookie_lifetime', 30000000 );
    561573    $secure                  = ( 'https' === parse_url( home_url(), PHP_URL_SCHEME ) );
    562     setcookie( 'comment_author_' . COOKIEHASH, $comment->comment_author, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
    563     setcookie( 'comment_author_email_' . COOKIEHASH, $comment->comment_author_email, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
    564     setcookie( 'comment_author_url_' . COOKIEHASH, esc_url( $comment->comment_author_url ), time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
     574    setcookie( 'comment_author_' . COOKIEHASH, $comment->comment_author, $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
     575    setcookie( 'comment_author_email_' . COOKIEHASH, $comment->comment_author_email, $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
     576    setcookie( 'comment_author_url_' . COOKIEHASH, esc_url( $comment->comment_author_url ), $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
    565577}
    566578
  • trunk/src/wp-includes/default-filters.php

    r42770 r42772  
    328328add_action( 'do_pings', 'do_all_pings', 10, 1 );
    329329add_action( 'do_robots', 'do_robots' );
    330 add_action( 'set_comment_cookies', 'wp_set_comment_cookies', 10, 2 );
     330add_action( 'set_comment_cookies', 'wp_set_comment_cookies', 10, 3 );
    331331add_action( 'sanitize_comment_cookies', 'sanitize_comment_cookies' );
    332332add_action( 'admin_print_scripts', 'print_emoji_detection_script' );
Note: See TracChangeset for help on using the changeset viewer.