Make WordPress Core

Changeset 50271


Ignore:
Timestamp:
02/09/2021 04:55:29 PM (4 years ago)
Author:
johnbillion
Message:

Comments: Extend the duration of the window within which unapproved comments are visible by their author.

This extension is necessary because the comment approval notification opt-in form introduced in [47887] uses the same mechanism, and the previous limit of one minute meant that users on a slow connection, using assistive technology, with limited motor skills, or who are generally indecisive may not complete the opt-in action within one minute, and therefore not see the confirmation message.

Props joedolson, imath, hellofromTonya, peterwilsoncc, alexstine, davidbaumwald 

Fixes #52406

Location:
trunk/src/wp-includes
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/class-wp.php

    r49946 r50271  
    406406            $headers = array_merge( $headers, wp_get_nocache_headers() );
    407407        } elseif ( ! empty( $_GET['unapproved'] ) && ! empty( $_GET['moderation-hash'] ) ) {
    408             // Unmoderated comments are only visible for one minute via the moderation hash.
    409             $headers['Expires']       = gmdate( 'D, d M Y H:i:s', time() + MINUTE_IN_SECONDS );
    410             $headers['Cache-Control'] = 'max-age=60, must-revalidate';
     408            // Unmoderated comments are only visible for 10 minutes via the moderation hash.
     409            $expires = 10 * MINUTE_IN_SECONDS;
     410
     411            $headers['Expires']       = gmdate( 'D, d M Y H:i:s', time() + $expires );
     412            $headers['Cache-Control'] = sprintf(
     413                'max-age=%d, must-revalidate',
     414                $expires
     415            );
    411416        }
    412417        if ( ! empty( $this->query_vars['error'] ) ) {
  • trunk/src/wp-includes/comment.php

    r50112 r50271  
    19231923 *
    19241924 * @since 5.1.0
     1925 * @since 5.7.0 The window within which the author email for an unapproved comment
     1926 *              can be retrieved was extended to 10 minutes.
    19251927 *
    19261928 * @return string The unapproved comment author's email (when supplied).
     
    19341936
    19351937        if ( $comment && hash_equals( $_GET['moderation-hash'], wp_hash( $comment->comment_date_gmt ) ) ) {
    1936             // The comment will only be viewable by the comment author for 1 minute.
    1937             $comment_preview_expires = strtotime( $comment->comment_date_gmt . '+1 minute' );
     1938            // The comment will only be viewable by the comment author for 10 minutes.
     1939            $comment_preview_expires = strtotime( $comment->comment_date_gmt . '+10 minutes' );
    19381940
    19391941            if ( time() < $comment_preview_expires ) {
Note: See TracChangeset for help on using the changeset viewer.