Add a checkbox to the comment form so logged out users can opt-out of commenter cookies.

Props lakenh, xkon, birgire, azaozz, johnbillion.
Merges [42772] and [43042] to the 4.9 branch.
See #43436.
Built from https://develop.svn.wordpress.org/branches/4.9@43127


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov 2018-05-02 22:11:25 +00:00
parent dd3024e7c4
commit 26fdba2c5b
5 changed files with 40 additions and 20 deletions

View File

@ -33,16 +33,19 @@ if ( is_wp_error( $comment ) ) {
}
$user = wp_get_current_user();
$cookies_consent = ( isset( $_POST['wp-comment-cookies-consent'] ) );
/**
* Perform other actions when comment cookies are set.
*
* @since 3.4.0
* @since 4.9.6 The `$cookies_consent` parameter was added.
*
* @param WP_Comment $comment Comment object.
* @param WP_User $user User object. The user may not exist.
* @param WP_Comment $comment Comment object.
* @param WP_User $user Comment author's user object. The user may not exist.
* @param boolean $cookies_consent Comment author's consent to store cookies.
*/
do_action( 'set_comment_cookies', $comment, $user );
do_action( 'set_comment_cookies', $comment, $user, $cookies_consent );
$location = empty( $_POST['redirect_to'] ) ? get_comment_link( $comment ) : $_POST['redirect_to'] . '#comment-' . $comment->comment_ID;

View File

@ -2195,12 +2195,15 @@ function comment_form( $args = array(), $post_id = null ) {
$html_req = ( $req ? " required='required'" : '' );
$html5 = 'html5' === $args['format'];
$fields = array(
'author' => '<p class="comment-form-author">' . '<label for="author">' . __( 'Name' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
'<input id="author" name="author" type="text" value="' . esc_attr( $commenter['comment_author'] ) . '" size="30" maxlength="245"' . $html_req . ' /></p>',
'email' => '<p class="comment-form-email"><label for="email">' . __( 'Email' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
'<input id="email" name="email" ' . ( $html5 ? 'type="email"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_email'] ) . '" size="30" maxlength="100" aria-describedby="email-notes"' . $html_req . ' /></p>',
'url' => '<p class="comment-form-url"><label for="url">' . __( 'Website' ) . '</label> ' .
'<input id="url" name="url" ' . ( $html5 ? 'type="url"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_url'] ) . '" size="30" maxlength="200" /></p>',
'author' => '<p class="comment-form-author">' . '<label for="author">' . __( 'Name' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
'<input id="author" name="author" type="text" value="' . esc_attr( $commenter['comment_author'] ) . '" size="30" maxlength="245"' . $html_req . ' /></p>',
'email' => '<p class="comment-form-email"><label for="email">' . __( 'Email' ) . ( $req ? ' <span class="required">*</span>' : '' ) . '</label> ' .
'<input id="email" name="email" ' . ( $html5 ? 'type="email"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_email'] ) . '" size="30" maxlength="100" aria-describedby="email-notes"' . $html_req . ' /></p>',
'url' => '<p class="comment-form-url"><label for="url">' . __( 'Website' ) . '</label> ' .
'<input id="url" name="url" ' . ( $html5 ? 'type="url"' : 'type="text"' ) . ' value="' . esc_attr( $commenter['comment_author_url'] ) . '" size="30" maxlength="200" /></p>',
'cookies' => '<p class="comment-form-cookies-consent"><label for="wp-comment-cookies-consent">' .
'<input id="wp-comment-cookies-consent" name="wp-comment-cookies-consent" type="checkbox" value="yes" />' .
__( 'Save my name, email, and site URL in my browser for next time I post a comment.' ) . '</label></p>',
);
$required_text = sprintf( ' ' . __('Required fields are marked %s'), '<span class="required">*</span>' );

View File

@ -522,14 +522,28 @@ function wp_queue_comments_for_comment_meta_lazyload( $comments ) {
* Sets the cookies used to store an unauthenticated commentator's identity. Typically used
* to recall previous comments by this commentator that are still held in moderation.
*
* @param WP_Comment $comment Comment object.
* @param object $user Comment author's object.
*
* @since 3.4.0
* @since 4.9.6 The `$cookies_consent` parameter was added.
*
* @param WP_Comment $comment Comment object.
* @param WP_User $user Comment author's user object. The user may not exist.
* @param boolean $cookies_consent Optional. Comment author's consent to store cookies. Default true.
*/
function wp_set_comment_cookies($comment, $user) {
if ( $user->exists() )
function wp_set_comment_cookies( $comment, $user, $cookies_consent = true ) {
// If the user already exists, or the user opted out of cookies, don't set cookies.
if ( $user->exists() ) {
return;
}
if ( false === $cookies_consent ) {
// Remove any existing cookies.
$past = time() - YEAR_IN_SECONDS;
setcookie( 'comment_author_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN );
setcookie( 'comment_author_email_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN );
setcookie( 'comment_author_url_' . COOKIEHASH, ' ', $past, COOKIEPATH, COOKIE_DOMAIN );
return;
}
/**
* Filters the lifetime of the comment cookie in seconds.
@ -538,11 +552,11 @@ function wp_set_comment_cookies($comment, $user) {
*
* @param int $seconds Comment cookie lifetime. Default 30000000.
*/
$comment_cookie_lifetime = apply_filters( 'comment_cookie_lifetime', 30000000 );
$comment_cookie_lifetime = time() + apply_filters( 'comment_cookie_lifetime', 30000000 );
$secure = ( 'https' === parse_url( home_url(), PHP_URL_SCHEME ) );
setcookie( 'comment_author_' . COOKIEHASH, $comment->comment_author, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
setcookie( 'comment_author_email_' . COOKIEHASH, $comment->comment_author_email, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
setcookie( 'comment_author_url_' . COOKIEHASH, esc_url($comment->comment_author_url), time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
setcookie( 'comment_author_' . COOKIEHASH, $comment->comment_author, $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
setcookie( 'comment_author_email_' . COOKIEHASH, $comment->comment_author_email, $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
setcookie( 'comment_author_url_' . COOKIEHASH, esc_url( $comment->comment_author_url ), $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure );
}
/**

View File

@ -300,7 +300,7 @@ add_action( 'do_feed_rss2', 'do_feed_rss2',
add_action( 'do_feed_atom', 'do_feed_atom', 10, 1 );
add_action( 'do_pings', 'do_all_pings', 10, 1 );
add_action( 'do_robots', 'do_robots' );
add_action( 'set_comment_cookies', 'wp_set_comment_cookies', 10, 2 );
add_action( 'set_comment_cookies', 'wp_set_comment_cookies', 10, 3 );
add_action( 'sanitize_comment_cookies', 'sanitize_comment_cookies' );
add_action( 'admin_print_scripts', 'print_emoji_detection_script' );
add_action( 'admin_print_scripts', 'print_head_scripts', 20 );

View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.9.6-alpha-43124';
$wp_version = '4.9.6-alpha-43127';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.