helios2121

Okay, after digging a bit more into the source code, it appears to me that the plugin completely looses track of a user in case they change their mail address. Changing that appears to be a complete refactoring of the plugin to me. So I may be better off looking for another gdpr plugin that identifies user by username.

• This reply was modified 6 years, 10 months ago by helios2121.

And the callers of the callers… hmmm… so this is not an isolated change.

Hmmm, I′d need to change this and all callers of it to also include and check for username.

179     public function getCommentsByEmail($email)
180     {
181         if (!$email || !is_email($email)) {
182             return [];
183         }
184 
185         $query = new \WP_Comment_Query;
186 
187         $comments = $query->query([
188             'author_email' => $email,
189             'include_unapproved' => true,
190             'status' => 'all',
191         ]);
192 
193         return $comments;
194     } 

Hmmm, I could make a page where users post a comment to agree to the privacy policy – I bet this would work for now. But exporting comments without mail addresses still would not work. Not sure whether another plugin can do this. However this may be easy enough to fix. Just update the select statement to search by either mail or user name. Hmmm… I am not into digging deeply into PHP development again and I invested a lot of time already into making the blog gdpr compliant, but adapting that SQL query may be easy enough.

Ah, I understand, for user who are not registered and who enter their mail address when commenting. Okay, I get where you are coming from. However in my use case no unregistered user can comments – which by the way is great to minimize comment spam to zero :).

Hmmm, identifying the user with mail address appears to be quite central to this plugin. Even the Privacy Tools page states: “You are identified as [email protected]”. I think it is good to reconsider this due to the sensitivity of the mail address. If a plugin user chooses to optionally store the mail address in the consent database, their choice, but please do not require the user to have a mail address.

Hmmm, data export also does not include comments anymore after I removed the mail addresses from it. Please, pretty please provide a way not to use the mail address to reference to the user. The mail address is more sensitive than the user name. And the user can change it. While at least in profile settings WordPress claims that the user name cannot be changed. So I think it would be more reliable and more sensitive regarding privacy to use the user name.

Just please no Google ReCaptcha, at least please do not make it mandatory. It might be one of the best technically, but it is feeding Google with ton of machine learning data. I do my best to keep my sites Google service free completely, also for privacy protection related reasons.

I am not experienced with donations either, but Liberapay sounds fine enough for me. If I did it right, you will receive your first contribution on Liberapay soon. Thanks again.

Yay! This does it. Marvellous. Thank you so much for this quick and very professional response and bug fix. Is there another option to donate than via PayPal?

WordPress GDPR ? Error
Autoloader not found.

You appear to be running a development version of GDPR. You must run composer install from the plugin directory.

I did apt install composer and tried to run it, but got quite some errors:

Do not run Composer as root/super user! See […] for details
Loading composer repositories with package information
Installing dependencies (including require-dev) from lock file
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Installation request for doctrine/inflector v1.3.0 -> satisfiable by doctrine/inflector[v1.3.0].
    - doctrine/inflector v1.3.0 requires php ^7.1 -> your PHP version (7.0.27) does not satisfy that requirement.
  Problem 2
    - Installation request for illuminate/support v5.4.36 -> satisfiable by illuminate/support[v5.4.36].
    - illuminate/support v5.4.36 requires ext-mbstring * -> the requested PHP extension mbstring is missing from your system.
  Problem 3
    - illuminate/support v5.4.36 requires ext-mbstring * -> the requested PHP extension mbstring is missing from your system.
    - illuminate/filesystem v5.4.36 requires illuminate/support 5.4.* -> satisfiable by illuminate/support[v5.4.36].
    - Installation request for illuminate/filesystem v5.4.36 -> satisfiable by illuminate/filesystem[v5.4.36].

  To enable extensions, verify that they are enabled in those .ini files:
    - /etc/php/7.0/cli/php.ini
    - /etc/php/7.0/cli/conf.d/10-mysqlnd.ini
    - /etc/php/7.0/cli/conf.d/10-opcache.ini
    - /etc/php/7.0/cli/conf.d/10-pdo.ini
    - /etc/php/7.0/cli/conf.d/15-xml.ini
    - /etc/php/7.0/cli/conf.d/20-calendar.ini
    - /etc/php/7.0/cli/conf.d/20-ctype.ini
    - /etc/php/7.0/cli/conf.d/20-dom.ini
    - /etc/php/7.0/cli/conf.d/20-exif.ini
    - /etc/php/7.0/cli/conf.d/20-fileinfo.ini
    - /etc/php/7.0/cli/conf.d/20-ftp.ini
    - /etc/php/7.0/cli/conf.d/20-gettext.ini
    - /etc/php/7.0/cli/conf.d/20-iconv.ini
    - /etc/php/7.0/cli/conf.d/20-json.ini
    - /etc/php/7.0/cli/conf.d/20-mysqli.ini
    - /etc/php/7.0/cli/conf.d/20-pdo_mysql.ini
    - /etc/php/7.0/cli/conf.d/20-phar.ini
    - /etc/php/7.0/cli/conf.d/20-posix.ini
    - /etc/php/7.0/cli/conf.d/20-readline.ini
    - /etc/php/7.0/cli/conf.d/20-shmop.ini
    - /etc/php/7.0/cli/conf.d/20-simplexml.ini
    - /etc/php/7.0/cli/conf.d/20-sockets.ini
    - /etc/php/7.0/cli/conf.d/20-sysvmsg.ini
    - /etc/php/7.0/cli/conf.d/20-sysvsem.ini
    - /etc/php/7.0/cli/conf.d/20-sysvshm.ini
    - /etc/php/7.0/cli/conf.d/20-tokenizer.ini
    - /etc/php/7.0/cli/conf.d/20-wddx.ini
    - /etc/php/7.0/cli/conf.d/20-xmlreader.ini
    - /etc/php/7.0/cli/conf.d/20-xmlwriter.ini
    - /etc/php/7.0/cli/conf.d/20-xsl.ini
  You can also run <code>php --ini</code> inside terminal to see which files are used by PHP in CLI mode.

Wow! That is really, really fast. Let me check it.

Hmmm, I think it would be better to actually show the consent to privacy policy. I tested agreeing to privacy policy by posting a test comment and it is shown in my profile page. “I accept privacy policy” is mentioned there. So I am a bit puzzled at GDPR Framework 1.0.7 seems to display the agreement to privacy policy.

I think it is good to display it together with a note: You can revoke your agreement by deleting your data.

I missed one error, here now just the boilerplate. Other post is waiting for moderation I bet due to redacted links from the follow backtrace I copied:

TypeError: e is undefined[Weitere Informationen]
load-scripts.php:255:1538

Ooops, there appeared another error that may be more helpful to indicate the source of the issue:

TypeError: e is undefined[Weitere Informationen]
load-scripts.php:255:1538
<anonym>
https://somewebsite/wp-admin/load-scripts.php:255:1538
dispatch
https://somewebsite/wp-admin/load-scripts.php:3:12392
add/r.handle
https://somewebsite/wp-admin/load-scripts.php:3:9156
trigger
https://somewebsite/wp-admin/load-scripts.php:3:11571
a.event.trigger
https://somewebsite/wp-admin/load-scripts.php:9:8273
trigger/<
https://somewebsite/wp-admin/load-scripts.php:3:18983
each
https://somewebsite/wp-admin/load-scripts.php:2:2879
each
https://somewebsite/wp-admin/load-scripts.php:2:844
trigger
https://somewebsite/wp-admin/load-scripts.php:3:18962
j/z.xhr<
https://somewebsite/wp-admin/load-scripts.php:254:2915
i
https://somewebsite/wp-admin/load-scripts.php:2:27444
fireWith
https://somewebsite/wp-admin/load-scripts.php:2:28213
y
https://somewebsite/wp-admin/load-scripts.php:4:22719
c
https://somewebsite/wp-admin/load-scripts.php:4:26925