[wp-trac] [WordPress Trac] #47447: Allow client-side storing of comment meta
WordPress Trac
noreply at wordpress.org
Fri May 31 15:46:52 UTC 2019
#47447: Allow client-side storing of comment meta
-------------------------+-----------------------------
Reporter: iandunn | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Comments | Version:
Severity: normal | Keywords:
Focuses: javascript |
-------------------------+-----------------------------
As a modern counterpart to #12431, I think it'd be nice if plugins could
add comment meta from the client side as well.
An example use case would be [https://github.com/iandunn/compassionate-
comments a plugin that identifies toxic comments, and then encourages the
author to rephrase it to be more kind before it gets submitted].
It's currently possible by adding a `preprocess_comment` callback that
examines `$_POST`, verifies and sanitizes the data, and then adds it to
`$commentdata` before that gets passed to `wp_insert_comment()`. It could
be much easier and standardized, though.
Ideally, I think a client-side script should be able to just append a
hidden input field named `comment_meta[]` to the `.form-submit` element,
and have it be automatically added via `wp_insert_comment()`, rather than
being ignored by `wp_handle_comment_submission()`.
Since it's coming from the client side, the data can't be trusted. We need
to verify that it was added by the enqueued script, and then sanitize it.
Maybe there could be something similar to `register_post_meta()` with a
`allow_in_form` boolean param, and a `sanitize_callback` param.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/47447>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list