From 3e801fdb5dd7e03b2af1e0d61e64183f05cec949 Mon Sep 17 00:00:00 2001 From: John Blackbourn Date: Tue, 9 Feb 2021 16:57:04 +0000 Subject: [PATCH] Comments: Extend the duration of the window within which unapproved comments are visible by their author. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This extension is necessary because the comment approval notification opt-in form introduced in [47887] uses the same mechanism, and the previous limit of one minute meant that users on a slow connection, using assistive technology, with limited motor skills, or who are generally indecisive may not complete the opt-in action within one minute, and therefore not see the confirmation message. Props joedolson, imath, hellofromTonya, peterwilsoncc, alexstine, davidbaumwald  Fixes #52406 Built from https://develop.svn.wordpress.org/trunk@50271 git-svn-id: http://core.svn.wordpress.org/trunk@49916 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/class-wp.php | 11 ++++++++--- wp-includes/comment.php | 6 ++++-- wp-includes/version.php | 2 +- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/wp-includes/class-wp.php b/wp-includes/class-wp.php index fe956ed958..19be051ef9 100644 --- a/wp-includes/class-wp.php +++ b/wp-includes/class-wp.php @@ -405,9 +405,14 @@ class WP { if ( is_user_logged_in() ) { $headers = array_merge( $headers, wp_get_nocache_headers() ); } elseif ( ! empty( $_GET['unapproved'] ) && ! empty( $_GET['moderation-hash'] ) ) { - // Unmoderated comments are only visible for one minute via the moderation hash. - $headers['Expires'] = gmdate( 'D, d M Y H:i:s', time() + MINUTE_IN_SECONDS ); - $headers['Cache-Control'] = 'max-age=60, must-revalidate'; + // Unmoderated comments are only visible for 10 minutes via the moderation hash. + $expires = 10 * MINUTE_IN_SECONDS; + + $headers['Expires'] = gmdate( 'D, d M Y H:i:s', time() + $expires ); + $headers['Cache-Control'] = sprintf( + 'max-age=%d, must-revalidate', + $expires + ); } if ( ! empty( $this->query_vars['error'] ) ) { $status = (int) $this->query_vars['error']; diff --git a/wp-includes/comment.php b/wp-includes/comment.php index 32ba16f925..8c8ad0eeff 100644 --- a/wp-includes/comment.php +++ b/wp-includes/comment.php @@ -1922,6 +1922,8 @@ function wp_get_current_commenter() { * Used to allow the commenter to see their pending comment. * * @since 5.1.0 + * @since 5.7.0 The window within which the author email for an unapproved comment + * can be retrieved was extended to 10 minutes. * * @return string The unapproved comment author's email (when supplied). */ @@ -1933,8 +1935,8 @@ function wp_get_unapproved_comment_author_email() { $comment = get_comment( $comment_id ); if ( $comment && hash_equals( $_GET['moderation-hash'], wp_hash( $comment->comment_date_gmt ) ) ) { - // The comment will only be viewable by the comment author for 1 minute. - $comment_preview_expires = strtotime( $comment->comment_date_gmt . '+1 minute' ); + // The comment will only be viewable by the comment author for 10 minutes. + $comment_preview_expires = strtotime( $comment->comment_date_gmt . '+10 minutes' ); if ( time() < $comment_preview_expires ) { $commenter_email = $comment->comment_author_email; diff --git a/wp-includes/version.php b/wp-includes/version.php index a119881bee..845ab982fd 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -13,7 +13,7 @@ * * @global string $wp_version */ -$wp_version = '5.7-beta1-50270'; +$wp_version = '5.7-beta1-50271'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.