Privacy: Include session tokens in Personal Data Export.

Session tokens contain an IP address and user agent. Props garrett-eclipse, nickylimjj, lakenh, xkon, rconde. Fixes #45889. Built from https://develop.svn.wordpress.org/trunk@47237 git-svn-id: http://core.svn.wordpress.org/trunk@47037 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-10 05:44:04 +00:00 · 2020-02-10 05:44:04 +00:00 · c14f2b74c0
parent 346f505a75
commit c14f2b74c0
2 changed files with 39 additions and 6 deletions
--- a/wp-includes/user.php
+++ b/wp-includes/user.php
@ -2939,6 +2939,8 @@ function wp_register_user_personal_data_exporter( $exporters ) {
 * Finds and exports personal data associated with an email address from the user and user_meta table.
 *
 * @since 4.9.6
+ * @since 5.4.0 Added 'Community Events Location' group to the export data.
+ * @since 5.4.0 Added 'Session Tokens' group to the export data.
 *
 * @param string $email_address  The users email address.
 * @return array An array of personal data.
@ -3012,11 +3014,6 @@ function wp_user_personal_data_exporter( $email_address ) {
 		'data'              => $user_data_to_export,
 	);

-	/**
-	 * Introduce any Community Events Location data that is available.
-	 *
-	 * @since 5.4.0
-	 */
 	if ( isset( $user_meta['community-events-location'] ) ) {
 		$location = maybe_unserialize( $user_meta['community-events-location'][0] );

@ -3048,6 +3045,42 @@ function wp_user_personal_data_exporter( $email_address ) {
 		);
 	}

+	if ( isset( $user_meta['session_tokens'] ) ) {
+		$session_tokens = maybe_unserialize( $user_meta['session_tokens'][0] );
+
+		$session_tokens_props_to_export = array(
+			'expiration' => __( 'Expiration' ),
+			'ip'         => __( 'IP' ),
+			'ua'         => __( 'User Agent' ),
+			'login'      => __( 'Last Login' ),
+		);
+
+		foreach ( $session_tokens as $token_key => $session_token ) {
+			$session_tokens_data_to_export = array();
+
+			foreach ( $session_tokens_props_to_export as $key => $name ) {
+				if ( ! empty( $session_token[ $key ] ) ) {
+					$value = $session_token[ $key ];
+					if ( in_array( $key, array( 'expiration', 'login' ) ) ) {
+						$value = date_i18n( 'F d, Y H:i A', $value );
+					}
+					$session_tokens_data_to_export[] = array(
+						'name'  => $name,
+						'value' => $value,
+					);
+				}
+			}
+
+			$data_to_export[] = array(
+				'group_id'          => 'session-tokens',
+				'group_label'       => __( 'Session Tokens' ),
+				'group_description' => __( 'User&#8217;s Session Tokens data.' ),
+				'item_id'           => "session-tokens-{$user->ID}-{$token_key}",
+				'data'              => $session_tokens_data_to_export,
+			);
+		}
+	}
+
 	return array(
 		'data' => $data_to_export,
 		'done' => true,
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@ -13,7 +13,7 @@
 *
 * @global string $wp_version
 */
-$wp_version = '5.4-alpha-47236';
+$wp_version = '5.4-alpha-47237';

 /**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.