--- a/wp/wp-admin/includes/class-wp-comments-list-table.php Wed Sep 21 18:19:35 2022 +0200
+++ b/wp/wp-admin/includes/class-wp-comments-list-table.php Tue Sep 27 16:37:53 2022 +0200
@@ -651,17 +651,18 @@
* Generate and display row actions links.
*
* @since 4.3.0
+ * @since 5.9.0 Renamed `$comment` to `$item` to match parent class for PHP 8 named parameter support.
*
* @global string $comment_status Status for the current listed comments.
*
- * @param WP_Comment $comment The comment object.
+ * @param WP_Comment $item The comment object.
* @param string $column_name Current column name.
* @param string $primary Primary column name.
* @return string Row actions output for comments. An empty string
* if the current column is not the primary column,
* or if the current user cannot edit the comment.
*/
- protected function handle_row_actions( $comment, $column_name, $primary ) {
+ protected function handle_row_actions( $item, $column_name, $primary ) {
global $comment_status;
if ( $primary !== $column_name ) {
@@ -672,6 +673,8 @@
return '';
}
+ // Restores the more descriptive, specific name for use within this method.
+ $comment = $item;
$the_comment_status = wp_get_comment_status( $comment );
$out = '';
@@ -868,9 +871,14 @@
}
/**
- * @param WP_Comment $comment The comment object.
+ * @since 5.9.0 Renamed `$comment` to `$item` to match parent class for PHP 8 named parameter support.
+ *
+ * @param WP_Comment $item The comment object.
*/
- public function column_cb( $comment ) {
+ public function column_cb( $item ) {
+ // Restores the more descriptive, specific name for use within this method.
+ $comment = $item;
+
if ( $this->user_can ) {
?>
<label class="screen-reader-text" for="cb-select-<?php echo $comment->comment_ID; ?>"><?php _e( 'Select comment' ); ?></label>
@@ -911,7 +919,7 @@
<textarea class="comment" rows="1" cols="1"><?php echo esc_textarea( $comment_content ); ?></textarea>
<div class="author-email"><?php echo esc_attr( $comment->comment_author_email ); ?></div>
<div class="author"><?php echo esc_attr( $comment->comment_author ); ?></div>
- <div class="author-url"><?php echo esc_attr( $comment->comment_author_url ); ?></div>
+ <div class="author-url"><?php echo esc_url( $comment->comment_author_url ); ?></div>
<div class="comment_status"><?php echo $comment->comment_approved; ?></div>
</div>
<?php
@@ -939,7 +947,12 @@
echo '</strong><br />';
if ( ! empty( $author_url_display ) ) {
- printf( '<a href="%s">%s</a><br />', esc_url( $author_url ), esc_html( $author_url_display ) );
+ // Print link to author URL, and disallow referrer information (without using target="_blank").
+ printf(
+ '<a href="%s" rel="noopener noreferrer">%s</a><br />',
+ esc_url( $author_url ),
+ esc_html( $author_url_display )
+ );
}
if ( $this->user_can ) {
@@ -1047,18 +1060,20 @@
}
/**
- * @param WP_Comment $comment The comment object.
+ * @since 5.9.0 Renamed `$comment` to `$item` to match parent class for PHP 8 named parameter support.
+ *
+ * @param WP_Comment $item The comment object.
* @param string $column_name The custom column's name.
*/
- public function column_default( $comment, $column_name ) {
+ public function column_default( $item, $column_name ) {
/**
* Fires when the default column output is displayed for a single row.
*
* @since 2.8.0
*
* @param string $column_name The custom column's name.
- * @param int $comment_id The custom column's unique ID number.
+ * @param string $comment_id The comment ID as a numeric string.
*/
- do_action( 'manage_comments_custom_column', $column_name, $comment->comment_ID );
+ do_action( 'manage_comments_custom_column', $column_name, $item->comment_ID );
}
}