Make WordPress Core

Changeset 43127


Ignore:
Timestamp:
05/02/2018 10:10:30 PM (6 years ago)
Author:
SergeyBiryukov
Message:

Add a checkbox to the comment form so logged out users can opt-out of commenter cookies.

Props lakenh, xkon, birgire, azaozz, johnbillion.
Merges [42772] and [43042] to the 4.9 branch.
See #43436.

Location:
branches/4.9
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • branches/4.9

  • branches/4.9/src/wp-comments-post.php

    r38432 r43127  
    3434
    3535$user = wp_get_current_user();
     36$cookies_consent = ( isset( $_POST['wp-comment-cookies-consent'] ) );
    3637
    3738/**
     
    3940 *
    4041 * @since 3.4.0
     42 * @since 4.9.6 The `$cookies_consent` parameter was added.
    4143 *
    42  * @param WP_Comment $comment Comment object.
    43  * @param WP_User    $user    User object. The user may not exist.
     44 * @param WP_Comment $comment         Comment object.
     45 * @param WP_User    $user            Comment author's user object. The user may not exist.
     46 * @param boolean    $cookies_consent Comment author's consent to store cookies.
    4447 */
    45 do_action( 'set_comment_cookies', $comment, $user );
     48do_action( 'set_comment_cookies', $comment, $user, $cookies_consent );
    4649
    4750$location = empty( $_POST['redirect_to'] ) ? get_comment_link( $comment ) : $_POST['redirect_to'] . '#comment-' . $comment->comment_ID;
  • branches/4.9/src/wp-includes/comment-template.php

    r42849 r43127  
    21962196    $html5    = 'html5' === $args['format'];
    21972197    $fields   =  array(
    2198         'author' => '<p class="comment-form-author">' . '<label for="author">' . __( 'Name' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
    2199                     '<input id="author" name="author" type="text" value="' . esc_attr( $commenter['comment_author'] ) . '" size="30" maxlength="245"' . $html_req . ' /></p>',
    2200         'email'  => '<p class="comment-form-email"><label for="email">' . __( 'Email' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
    2201                     '<input id="email" name="email" ' . ( $html5 ? 'type="email"' : 'type="text"' ) . ' value="' . esc_attr(  $commenter['comment_author_email'] ) . '" size="30" maxlength="100" aria-describedby="email-notes"' . $html_req  . ' /></p>',
    2202         'url'    => '<p class="comment-form-url"><label for="url">' . __( 'Website' ) . '</label> ' .
    2203                     '<input id="url" name="url" ' . ( $html5 ? 'type="url"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_url'] ) . '" size="30" maxlength="200" /></p>',
     2198        'author'  => '<p class="comment-form-author">' . '<label for="author">' . __( 'Name' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
     2199                     '<input id="author" name="author" type="text" value="' . esc_attr( $commenter['comment_author'] ) . '" size="30" maxlength="245"' . $html_req . ' /></p>',
     2200        'email'   => '<p class="comment-form-email"><label for="email">' . __( 'Email' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
     2201                     '<input id="email" name="email" ' . ( $html5 ? 'type="email"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_email'] ) . '" size="30" maxlength="100" aria-describedby="email-notes"' . $html_req . ' /></p>',
     2202        'url'     => '<p class="comment-form-url"><label for="url">' . __( 'Website' ) . '</label> ' .
     2203                     '<input id="url" name="url" ' . ( $html5 ? 'type="url"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_url'] ) . '" size="30" maxlength="200" /></p>',
     2204        'cookies' => '<p class="comment-form-cookies-consent"><label for="wp-comment-cookies-consent">' .
     2205                     '<input id="wp-comment-cookies-consent" name="wp-comment-cookies-consent" type="checkbox" value="yes" />' .
     2206                     __( 'Save my name, email, and site URL in my browser for next time I post a comment.' ) . '</label></p>',
    22042207    );
    22052208
  • branches/4.9/src/wp-includes/comment.php

    r43110 r43127  
    523523 * to recall previous comments by this commentator that are still held in moderation.
    524524 *
    525  * @param WP_Comment $comment Comment object.
    526  * @param object     $user    Comment author's object.
    527  *
    528525 * @since 3.4.0
    529  */
    530 function wp_set_comment_cookies($comment, $user) {
    531     if ( $user->exists() )
     526 * @since 4.9.6 The `$cookies_consent` parameter was added.
     527 *
     528 * @param WP_Comment $comment         Comment object.
     529 * @param WP_User    $user            Comment author's user object. The user may not exist.
     530 * @param boolean    $cookies_consent Optional. Comment author's consent to store cookies. Default true.
     531 */
     532function wp_set_comment_cookies( $comment, $user, $cookies_consent = true ) {
     533    // If the user already exists, or the user opted out of cookies, don't set cookies.
     534    if ( $user->exists() ) {
    532535        return;
     536    }
     537
     538    if ( false === $cookies_consent ) {
     539        // Remove any existing cookies.
     540        $past = time() - YEAR_IN_SECONDS;
     541        setcookie( 'comment_author_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN );
     542        setcookie( 'comment_author_email_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN );
     543        setcookie( 'comment_author_url_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN );
     544
     545        return;
     546    }
    533547
    534548    /**
     
    539553     * @param int $seconds Comment cookie lifetime. Default 30000000.
    540554     */
    541     $comment_cookie_lifetime = apply_filters( 'comment_cookie_lifetime', 30000000 );
     555    $comment_cookie_lifetime = time() + apply_filters( 'comment_cookie_lifetime', 30000000 );
    542556    $secure = ( 'https' === parse_url( home_url(), PHP_URL_SCHEME ) );
    543     setcookie( 'comment_author_' . COOKIEHASH, $comment->comment_author, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
    544     setcookie( 'comment_author_email_' . COOKIEHASH, $comment->comment_author_email, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
    545     setcookie( 'comment_author_url_' . COOKIEHASH, esc_url($comment->comment_author_url), time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
     557    setcookie( 'comment_author_' . COOKIEHASH, $comment->comment_author, $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
     558    setcookie( 'comment_author_email_' . COOKIEHASH, $comment->comment_author_email, $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
     559    setcookie( 'comment_author_url_' . COOKIEHASH, esc_url( $comment->comment_author_url ), $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
    546560}
    547561
  • branches/4.9/src/wp-includes/default-filters.php

    r43117 r43127  
    301301add_action( 'do_pings',                   'do_all_pings',                            10, 1 );
    302302add_action( 'do_robots',                  'do_robots'                                      );
    303 add_action( 'set_comment_cookies',        'wp_set_comment_cookies',                  10, 2 );
     303add_action( 'set_comment_cookies',        'wp_set_comment_cookies',                  10, 3 );
    304304add_action( 'sanitize_comment_cookies',   'sanitize_comment_cookies'                       );
    305305add_action( 'admin_print_scripts',        'print_emoji_detection_script'                   );
Note: See TracChangeset for help on using the changeset viewer.