WordPress.org

Make WordPress Core

Ticket #25346: patch-decode-subject-lines.diff

File patch-decode-subject-lines.diff, 2.9 KB (added by tlovett1, 7 years ago)

wp_specialchars_decode() database values in wp_mail subject lines

  • wp-admin/includes/ms.php

     
    259259        $content = str_replace( '###SITENAME###', get_site_option( 'site_name' ), $content );
    260260        $content = str_replace( '###SITEURL###', network_home_url(), $content );
    261261
    262         wp_mail( $value, sprintf( __( '[%s] New Admin Email Address' ), get_option( 'blogname' ) ), $content );
     262        wp_mail( $value, sprintf( __( '[%s] New Admin Email Address' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), $content );
    263263}
    264264add_action( 'update_option_new_admin_email', 'update_option_new_admin_email', 10, 2 );
    265265add_action( 'add_option_new_admin_email', 'update_option_new_admin_email', 10, 2 );
     
    328328                $content = str_replace( '###SITENAME###', get_site_option( 'site_name' ), $content );
    329329                $content = str_replace( '###SITEURL###', network_home_url(), $content );
    330330
    331                 wp_mail( $_POST['email'], sprintf( __( '[%s] New Email Address' ), get_option( 'blogname' ) ), $content );
     331                wp_mail( $_POST['email'], sprintf( __( '[%s] New Email Address' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), $content );
    332332                $_POST['email'] = $current_user->user_email;
    333333        }
    334334}
  • wp-admin/ms-delete-site.php

     
    6868        $content = str_replace( '###URL_DELETE###', $url_delete, $content );
    6969        $content = str_replace( '###SITE_NAME###', $current_site->site_name, $content );
    7070
    71         wp_mail( get_option( 'admin_email' ), "[ " . get_option( 'blogname' ) . " ] ".__( 'Delete My Site' ), $content );
     71        wp_mail( get_option( 'admin_email' ), "[ " . wp_specialchars_decode( get_option( 'blogname' ) ) . " ] ".__( 'Delete My Site' ), $content );
    7272        ?>
    7373
    7474        <p><?php _e( 'Thank you. Please check your email for a link to confirm your action. Your site will not be deleted until this link is clicked. ') ?></p>
  • wp-admin/user-new.php

     
    8585
    8686Please click the following link to confirm the invite:
    8787%4$s' );
    88                         wp_mail( $new_user_email, sprintf( __( '[%s] Joining confirmation' ), get_option( 'blogname' ) ), sprintf( $message, get_option( 'blogname' ), home_url(), wp_specialchars_decode( translate_user_role( $role['name'] ) ), home_url( "/newbloguser/$newuser_key/" ) ) );
     88                        wp_mail( $new_user_email, sprintf( __( '[%s] Joining confirmation' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), sprintf( $message, get_option( 'blogname' ), home_url(), wp_specialchars_decode( translate_user_role( $role['name'] ) ), home_url( "/newbloguser/$newuser_key/" ) ) );
    8989                        $redirect = add_query_arg( array('update' => 'add'), 'user-new.php' );
    9090                }
    9191        }