WordPress.org
Get WordPress

Make WordPress Core

Changeset 61034


Ignore:
Timestamp:
10/21/2025 01:58:49 PM (8 weeks ago)
Author:
davidbaumwald
Message:

Comments: Ensure custom comment form fields appear for logged-in users

When a user is logged in, only the default comment textarea is shown by
the core comment_form() implementation, but custom fields supplied via the
fields argument are omitted. This mismatch means plugin- and theme-added fields
aren't visible to logged-in users, though they are visible to guests.

This change fixes this by moving the loop over $args['fields'] inside
comment_form(), so that extra fields are rendered, regardless of login status.

Props maorb, valendesigns, CarlSteffen, swissspidy, rachelbaker, kushsharma, abcd95, iamadisingh, oglekler, welcher.
Fixes #16576.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/wp-includes/comment-template.php

    r60909 r61034  
    25932593        }
    25942594    }
     2595
     2596    $original_fields = $fields;
    25952597
    25962598    /**
     
    28072809                    echo $args['comment_notes_after'];
    28082810
    2809                 } elseif ( ! is_user_logged_in() ) {
     2811                } elseif ( ! is_user_logged_in() || ! isset( $original_fields[ $name ] ) ) {
    28102812
    28112813                    if ( $first_field === $name ) {

  • trunk/tests/phpunit/tests/comment/commentForm.php

    r60304 r61034  
    228228        $this->assertTrue( $p->get_attribute( 'novalidate' ), 'Expected FORM to have novalidate attribute.' );
    229229    }
     230
     231    /**
     232     * @ticket 16576
     233     */
     234    public function test_custom_fields_shown_default_fields_hidden_for_logged_in_users() {
     235        $user_id = self::factory()->user->create(
     236            array(
     237                'role'       => 'subscriber',
     238                'user_login' => 'testuser',
     239                'user_email' => '[email protected]',
     240            )
     241        );
     242
     243        wp_set_current_user( $user_id );
     244        $this->assertTrue( is_user_logged_in() );
     245
     246        $args = array(
     247            'fields' => array(
     248                'author'       => '<p><label for="author">Name</label><input type="text" name="author" id="author" /></p>',
     249                'email'        => '<p><label for="email">Email</label><input type="email" name="email" id="email" /></p>',
     250                'url'          => '<p><label for="url">Website</label><input type="url" name="url" id="url" /></p>',
     251                'cookies'      => '<p><input type="checkbox" name="wp-comment-cookies-consent" id="wp-comment-cookies-consent" /><label for="wp-comment-cookies-consent">Save my details</label></p>',
     252                'custom_field' => '<p><label for="custom_field">Custom Field</label><input type="text" name="custom_field" id="custom_field" /></p>',
     253                'department'   => '<p><label for="department">Department</label><select name="department" id="department"><option value="sales">Sales</option></select></p>',
     254            ),
     255        );
     256
     257        $form = get_echo( 'comment_form', array( $args, self::$post_id ) );
     258
     259        // Custom fields should be present
     260        $this->assertStringContainsString( 'name="custom_field"', $form );
     261        $this->assertStringContainsString( 'name="department"', $form );
     262        $this->assertStringContainsString( 'Custom Field', $form );
     263        $this->assertStringContainsString( 'Department', $form );
     264
     265        // Default fields should NOT be present
     266        $this->assertStringNotContainsString( 'name="author"', $form );
     267        $this->assertStringNotContainsString( 'name="email"', $form );
     268        $this->assertStringNotContainsString( 'name="url"', $form );
     269        $this->assertStringNotContainsString( 'wp-comment-cookies-consent', $form );
     270
     271        wp_set_current_user( 0 );
     272    }
     273
     274    /**
     275     * @ticket 16576
     276     */
     277    public function test_all_fields_displayed_for_non_logged_in_users() {
     278        wp_set_current_user( 0 );
     279        $this->assertFalse( is_user_logged_in() );
     280
     281        $args = array(
     282            'fields' => array(
     283                'author'       => '<p><label for="author">Name</label><input type="text" name="author" id="author" /></p>',
     284                'email'        => '<p><label for="email">Email</label><input type="email" name="email" id="email" /></p>',
     285                'url'          => '<p><label for="url">Website</label><input type="url" name="url" id="url" /></p>',
     286                'custom_field' => '<p><label for="custom_field">Custom Field</label><input type="text" name="custom_field" id="custom_field" /></p>',
     287            ),
     288        );
     289
     290        $form = get_echo( 'comment_form', array( $args, self::$post_id ) );
     291
     292        // All fields should be present for non-logged-in users
     293        $this->assertStringContainsString( 'name="author"', $form );
     294        $this->assertStringContainsString( 'name="email"', $form );
     295        $this->assertStringContainsString( 'name="url"', $form );
     296        $this->assertStringContainsString( 'name="custom_field"', $form );
     297    }
    230298}
Note: See TracChangeset for help on using the changeset viewer.