Yesterday was Talk.CSS #29. Although I’m still recovering from what happened last Saturday, I’ve been doing much better, so I was happy to head on down. If you haven’t already, feel free to check out my recap of and thoughts on my first time there!
As I mentioned previously, the venue is different each month. This month, the meetup was hosted by Carousell. I’d not been to their office before, so it was pretty exciting to check it out for the first time. There didn’t appear to be a convenient way there from the nearest train station, EW15 Tanjong Pagar, but fortunately I was able to hop on a 20-minute bus at a stop close to EW11 Lavender (which happens to be the same train station I stop at to go to church) that took me right there.
You might have seen me tweet these last weekend:
After Georgie assured me that people in the tech scene have been more open about health over the past couple of years and that it was normal to tweet this sort of stuff even in a professional capacity, I decided I’d go ahead and blog about this. So, as a word of caution, this is primarily a health-related entry, the first of its kind (at least since I first announced Emergency Chat for Windows), and I suspect it won’t be the last.
When Microsoft announced the Insider Dev Tour (seemingly the new name for the Microsoft Build Tour) last month, and Singapore was listed as one of the locations, I was stoked. Some of the topics covered during the talks included modernizing classic desktop apps for Windows 10, UWP development, PWAs, machine learning and mixed reality; the first three of these were of particular interest to me, and so I really wanted to go. Plus, Kenneth Ham, my college senior and now fellow Microsoft MVP, was speaking!
However, it was an all-day event that began at 9 am and ended at 5 pm, and Microsoft Singapore is a little over an hour away from home, which meant I had to be out of the house by 7:30. These are typical hours for most full-time working adults, but I have a number of health issues that make getting a nine-to-five basically not an option for me. In fact, I had given January’s Microsoft Tech Summit a miss for the exact same reason.
When my friend Georgie commented on my post about Talk.CSS, she told me that her comment wasn’t visible to her as awaiting moderation after submission, although she assumed that it had posted successfully based on the fact that the URL in her browser’s address bar had changed. This was new to me: I could’ve sworn the moderation notice was always visible because I’d tested it thoroughly when developing the theme for blog.NOVALISTIC 5.0 “Veldin”.
We couldn’t find any leads so we left it as it was. Two weeks later, this morning, she sent me links to this WordPress.org support forum topic, posted around the same time we first ran into this issue, and to this Stack Overflow question which was asked just a few hours ago. The asker self-answered with the following:
Apparently the solution was to have the “Save my name, email, and website in this browser for the next time I comment.” checkbox selected in order for the message to show up.
So you have to have the GDPR checkbox to be checked in order to have the comment and message appearing before approval.
Sorry for bothering.
(Yes, I’m including that last line here, and no, I didn’t edit it out, because I simply don’t see the point in making a fuss over it.)
So, it dawned on me, the issue was twofold:
- My theme was missing a critical privacy element for GDPR compliance; namely, a checkbox that indicates the user’s consent to their browser remembering their details in a cookie (yes, you do need explicit consent for anything a user submits that you might store either on your server or in a cookie now).
WordPress 4.9.6, the latest release that adds GDPR compliance elements, is failing to display the comment moderation notice when the user submitting a comment has not given this consent, presumably as an unintended side effect of being a little too conservative (not that I’m saying that’s a bad thing!).
If your WordPress theme has a custom comment form implementation (i.e. the comment form is provided by a custom callback rather than the built-in
comment_form() template), you’ll need to add the new cookie consent checkbox. The only important bit is the
name attribute, whose value must be
wp-comment-cookies-consent. Here’s what mine looks like:
<form class="feedback" action="<?php echo site_url( '/wp-comments-post.php' ); ?>" method="post">
<!-- ... -->
<p><label><input type="checkbox" name="wp-comment-cookies-consent"<?php if ( ! empty( $commenter['comment_author_email'] ) ) echo ' checked'; ?>> Remember my name, email and website for future comments</label></p>
<p><button type="submit">Post Comment</button>
<?php comment_id_fields(); ?></p>
<?php do_action( 'comment_form', $post->ID ); ?>
As with the rest of the comment form fields, you don’t need any additional plumbing for this to work. As long as the checkbox is present in your comment form, when the user checks it off WordPress will correctly set the cookie and notify the user if their comment is awaiting moderation.
Wait, what? So if the user doesn’t allow the cookie to be created, they don’t get notified?
That’s right. An oversight in the implementation of this feature means that since WordPress won’t remember the user’s details, it won’t be able to determine that the comment that it just received was theirs and display it to them along with the moderation notice. Privacy, am I right?
No worries though, the developers have been made aware of this since before WordPress 4.9.6 was released, as it was reported on the WordPress Trac at least two months ago. Understandably, they punted this issue to 4.9.7 in order to get the important stuff (GDPR compliance tools) out in a timely fashion (4.9.6 was released on May 17, which happens to be exactly one month ago at the time I’m writing this). Hopefully a fix for this issue will be shipped soon.
Yesterday I went to Talk.CSS, a small-ish local (Singapore-based) CSS meetup that takes place once a month. It’s my first developer meetup in years — the last I went to was A Conversation with Matt Mullenweg in June 2014, at which I met him during his Asia Pacific tour; check out my friend Georgie’s blog post about meeting him as well! — and my first ever meetup with a focus on just CSS. I had only just learned of its existence early this month, and needless to say it piqued my interest indeed and I wanted to check it out.
Well… I ended up sitting on the fence for several weeks, as I’m not really one for meetups, which explains why I hadn’t been to any in nearly 4 years. But, ultimately, the very fact that I had been to developer meetups before (and you know how much I love CSS) was what made me decide to go for it. So off to WeWork I went! (It was my first time there, too.)
As I was pretty focused on the content, I didn’t take any photos worth publishing here, nor did I tweet much myself, so instead here’s a written summary and some other tweets in lieu of my own.
Today the General Data Protection Regulation (GDPR) becomes enforceable. This regulation governs how companies and websites may process and store personal data, and your rights as a user to your own personal data.
I encourage you to take a couple of minutes to peruse it. Let me know in the comments here if there’s anything you’d like clarified or I might have missed.
I know I haven’t posted since the end of March (and the end of the last annual MVP renewal cycle), but I’m still actively contributing to Stack Overflow and tweeting, and I do indeed have exciting new stuff in the works.