From 81668f8312d2c082aeff555012a3f00f71c1e202 Mon Sep 17 00:00:00 2001 From: Andrew Ozz Date: Fri, 20 Apr 2018 12:19:21 +0000 Subject: [PATCH] Privacy: add functionality to anonymize commenters. Props xkon, fclaussen, allendav, birgire, azaozz. See #43442. Built from https://develop.svn.wordpress.org/trunk@42994 git-svn-id: http://core.svn.wordpress.org/trunk@42823 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/js/xfn.js | 6 +- wp-admin/js/xfn.min.js | 2 +- wp-includes/comment.php | 113 ++++++++++++++++++++++++++++++++ wp-includes/default-filters.php | 1 + wp-includes/version.php | 2 +- 5 files changed, 119 insertions(+), 5 deletions(-) diff --git a/wp-admin/js/xfn.js b/wp-admin/js/xfn.js index bae1f70e93..7881c76159 100644 --- a/wp-admin/js/xfn.js +++ b/wp-admin/js/xfn.js @@ -72,15 +72,15 @@ jQuery( document ).ready( function( $ ) { set_action_state( $action, 'remove_personal_data_idle' ); var summaryMessage = strings.noDataFound; var classes = 'notice-success'; - if ( 0 == removedCount ) { - if ( 0 == retainedCount ) { + if ( 0 === removedCount ) { + if ( 0 === retainedCount ) { summaryMessage = strings.noDataFound; } else { summaryMessage = strings.noneRemoved; classes = 'notice-warning'; } } else { - if ( 0 == retainedCount ) { + if ( 0 === retainedCount ) { summaryMessage = strings.foundAndRemoved; } else { summaryMessage = strings.someNotRemoved; diff --git a/wp-admin/js/xfn.min.js b/wp-admin/js/xfn.min.js index b74ccd80be..b184a5af30 100644 --- a/wp-admin/js/xfn.min.js +++ b/wp-admin/js/xfn.min.js @@ -1 +1 @@ -jQuery(document).ready(function(a){a("#link_rel").prop("readonly",!0),a("#linkxfndiv input").bind("click keyup",function(){var b=a("#me").is(":checked"),c="";a("input.valinp").each(function(){b?a(this).prop("disabled",!0).parent().addClass("disabled"):(a(this).removeAttr("disabled").parent().removeClass("disabled"),a(this).is(":checked")&&""!==a(this).val()&&(c+=a(this).val()+" "))}),a("#link_rel").val(b?"me":c.substr(0,c.length-1))})}),jQuery(document).ready(function(a){function b(a,b){a.children().hide(),a.children("."+b).show()}function c(a){a.next().hasClass("request-results")&&a.next().remove()}function d(a,b,d,e){c(a),e.length,a.after(function(){return'

'+d+"

"})}var e=window.privacyToolsL10n||{};a(".remove_personal_data a").click(function(f){function g(){b(k,"remove_personal_data_idle");var a=e.noDataFound,c="notice-success";0==p?0==q?a=e.noDataFound:(a=e.noneRemoved,c="notice-warning"):0==q?a=e.foundAndRemoved:(a=e.someNotRemoved,c="notice-warning"),d(l,"notice-success",a,[])}function h(){b(k,"remove_personal_data_failed"),d(l,"notice-error",e.anErrorOccurred,[])}function i(b,c){a.ajax({url:window.ajaxurl,data:{action:"wp-privacy-erase-personal-data",eraser:b,id:m,page:c,security:n},method:"post"}).done(function(a){if(!a.success)return void h();var d=a.data;d.num_items_removed&&(p+=d.num_items_removed),d.num_items_retained&&(q+=d.num_items_removed),d.messages&&(r=r.concat(d.messages)),d.done?b

'+d+"

"})}var e=window.privacyToolsL10n||{};a(".remove_personal_data a").click(function(f){function g(){b(k,"remove_personal_data_idle");var a=e.noDataFound,c="notice-success";0===p?0===q?a=e.noDataFound:(a=e.noneRemoved,c="notice-warning"):0===q?a=e.foundAndRemoved:(a=e.someNotRemoved,c="notice-warning"),d(l,"notice-success",a,[])}function h(){b(k,"remove_personal_data_failed"),d(l,"notice-error",e.anErrorOccurred,[])}function i(b,c){a.ajax({url:window.ajaxurl,data:{action:"wp-privacy-erase-personal-data",eraser:b,id:m,page:c,security:n},method:"post"}).done(function(a){if(!a.success)return void h();var d=a.data;d.num_items_removed&&(p+=d.num_items_removed),d.num_items_retained&&(q+=d.num_items_removed),d.messages&&(r=r.concat(d.messages)),d.done?b $done, ); } + +/** + * Registers the personal data eraser for comments. + * + * @since 4.9.6 + * + * @param array $erasers An array of personal data erasers. + * @return array $erasers An array of personal data erasers. + */ +function wp_register_comment_personal_data_eraser( $erasers ) { + $erasers[] = array( + 'eraser_friendly_name' => __( 'WordPress Comments' ), + 'callback' => 'wp_comments_personal_data_eraser', + ); + + return $erasers; +} + +/** + * Erases personal data associated with an email address from the comments table. + * + * @since 4.9.6 + * + * @param string $email_address The comment author email address. + * @param int $page Comment page. + * @return array + */ +function wp_comments_personal_data_eraser( $email_address, $page = 1 ) { + global $wpdb; + + if ( empty( $email_address ) ) { + return array( + 'num_items_removed' => 0, + 'num_items_retained' => 0, + 'messages' => array(), + 'done' => true, + ); + } + + // Limit us to 500 comments at a time to avoid timing out. + $number = 500; + $page = (int) $page; + $num_items_removed = 0; + + $comments = get_comments( + array( + 'author_email' => $email_address, + 'number' => $number, + 'paged' => $page, + 'order_by' => 'comment_ID', + 'order' => 'ASC', + 'include_unapproved' => true, + ) + ); + + $anon_author = __( 'Anonymous' ); + $messages = array(); + + foreach ( (array) $comments as $comment ) { + $anonymized_comment = array(); + $anonymized_comment['comment_agent'] = ''; + $anonymized_comment['comment_author'] = $anon_author; + $anonymized_comment['comment_author_email'] = wp_privacy_anonymize_data( 'email', $comment->comment_author_email ); + $anonymized_comment['comment_author_IP'] = wp_privacy_anonymize_data( 'ip', $comment->comment_author_IP ); + $anonymized_comment['comment_author_url'] = wp_privacy_anonymize_data( 'url', $comment->comment_author_url ); + $anonymized_comment['user_id'] = 0; + + $comment_id = (int) $comment->comment_ID; + + /** + * Filters whether to anonymize the comment. + * + * @since 4.9.6 + * + * @param bool|string Whether to apply the comment anonymization (bool). + * Custom prevention message (string). Default true. + * @param WP_Comment $comment WP_Comment object. + * @param array $anonymized_comment Anonymized comment data. + */ + $anon_message = apply_filters( 'wp_anonymize_comment', true, $comment, $anonymized_comment ); + + if ( true !== $anon_message ) { + if ( $anon_message && is_string( $anon_message ) ) { + $messages[] = esc_html( $anon_message ); + } else { + /* translators: %d: Comment ID */ + $messages[] = sprintf( __( 'Comment %d contains personal data but could not be anonymized.' ), $comment_id ); + } + + continue; + } + + $args = array( + 'comment_ID' => $comment_id, + ); + + $updated = $wpdb->update( $wpdb->comments, $anonymized_comment, $args ); + + if ( $updated ) { + $num_items_removed++; + clean_comment_cache( $comment_id ); + } + } + + $done = count( $comments ) < $number; + + return array( + 'num_items_removed' => $num_items_removed, + 'num_items_retained' => count( $comments ) - $num_items_removed, + 'messages' => $messages, + 'done' => $done, + ); +} diff --git a/wp-includes/default-filters.php b/wp-includes/default-filters.php index bd8500e28d..510a045b89 100644 --- a/wp-includes/default-filters.php +++ b/wp-includes/default-filters.php @@ -329,6 +329,7 @@ add_action( 'do_pings', 'do_all_pings', 10, 1 ); add_action( 'do_robots', 'do_robots' ); add_action( 'set_comment_cookies', 'wp_set_comment_cookies', 10, 3 ); add_filter( 'wp_privacy_personal_data_exporters', 'wp_register_comment_personal_data_exporter', 10 ); +add_filter( 'wp_privacy_personal_data_erasers', 'wp_register_comment_personal_data_eraser', 10 ); add_action( 'sanitize_comment_cookies', 'sanitize_comment_cookies' ); add_action( 'admin_print_scripts', 'print_emoji_detection_script' ); add_action( 'admin_print_scripts', 'print_head_scripts', 20 ); diff --git a/wp-includes/version.php b/wp-includes/version.php index eaaa85da56..8fec6817c0 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '5.0-alpha-42993'; +$wp_version = '5.0-alpha-42994'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.