WordPress.org

Make WordPress Core

Ticket #32430: 32430.2.diff

File 32430.2.diff, 4.0 KB (added by markjaquith, 3 years ago)
  • src/wp-includes/user.php

    diff --git src/wp-includes/user.php src/wp-includes/user.php
    index 436a664..474d10f 100644
    function wp_update_user($userdata) { 
    21402140        // Escape data pulled from DB.
    21412141        $user = add_magic_quotes( $user );
    21422142
    2143         // If password is changing, hash it now.
     2143        wp_cache_delete( $user[ 'user_email' ], 'useremail' );
     2144
    21442145        if ( ! empty($userdata['user_pass']) ) {
     2146                // If password is changing, hash it now
    21452147                $plaintext_pass = $userdata['user_pass'];
    2146                 $userdata['user_pass'] = wp_hash_password($userdata['user_pass']);
     2148                $userdata['user_pass'] = wp_hash_password( $userdata['user_pass'] );
     2149
     2150                // And send the user a notification
     2151
     2152                /* translators: Do not translate USERNAME, ADMIN_EMAIL, EMAIL, SITENAME, SITEURL: those are placeholders. */
     2153                $email_text = __( 'Howdy ###USERNAME###,
     2154
     2155This notice confirms that your password was changed on ###SITENAME###.
     2156
     2157If you did not change your password, please contact the Site Administrator at
     2158###ADMIN_EMAIL###
     2159
     2160This email has been sent to ###EMAIL###
     2161
     2162Regards,
     2163All at ###SITENAME###
     2164###SITEURL###' );
     2165
     2166                /**
     2167                 * Filter the email text sent when the user's password is changed.
     2168                 *
     2169                 * The following strings have a special meaning and will get replaced dynamically:
     2170                 * ###USERNAME###    The current user's username.
     2171                 * ###ADMIN_EMAIL### The link to click on to confirm the email change.
     2172                 * ###EMAIL###       The new email.
     2173                 * ###SITENAME###    The name of the site.
     2174                 * ###SITEURL###     The URL to the site.
     2175                 *
     2176                 * @since 4.3
     2177                 *
     2178                 * @param string $email_text      Text in the email.
     2179                 */
     2180                $content = apply_filters( 'user_password_change_email_content', $email_text );
     2181
     2182                $content = str_replace( '###USERNAME###', $user['user_login'], $content );
     2183                $content = str_replace( '###ADMIN_EMAIL###', get_option( 'admin_email' ), $content );
     2184                $content = str_replace( '###EMAIL###', $user['user_email'], $content );
     2185                $content = str_replace( '###SITENAME###', get_option( 'blogname' ), $content );
     2186                $content = str_replace( '###SITEURL###', get_option( 'siteurl' ), $content );
     2187
     2188                wp_mail( $user['user_email'], sprintf( __( '[%s] Notice of Password Change' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), $content );
    21472189        }
    21482190
    2149         wp_cache_delete($user[ 'user_email' ], 'useremail');
     2191        if ( $user['user_email'] !== $userdata['user_email'] ) {
     2192                $email_text = __( 'Howdy ###USERNAME###,
     2193
     2194This notice confirms that your email was changed on ###SITENAME###.
     2195
     2196If you did not change your email, please contact the Site Administrator at
     2197###ADMIN_EMAIL###
     2198
     2199This email has been sent to ###EMAIL###
     2200
     2201Regards,
     2202All at ###SITENAME###
     2203###SITEURL###' );
     2204
     2205                /**
     2206                 * Filter the email text sent when the user's email is changed.
     2207                 *
     2208                 * The following strings have a special meaning and will get replaced dynamically:
     2209                 * ###USERNAME###    The current user's username.
     2210                 * ###ADMIN_EMAIL### The link to click on to confirm the email change.
     2211                 * ###EMAIL###       The new email.
     2212                 * ###SITENAME###    The name of the site.
     2213                 * ###SITEURL###     The URL to the site.
     2214                 *
     2215                 * @since 4.3
     2216                 *
     2217                 * @param string $email_text      Text in the email.
     2218                 */
     2219                $content = apply_filters( 'user_email_change_email_content', $email_text );
     2220
     2221                $content = str_replace( '###USERNAME###', $user['user_login'], $content );
     2222                $content = str_replace( '###ADMIN_EMAIL###', get_option( 'admin_email' ), $content );
     2223                $content = str_replace( '###EMAIL###', $user['user_email'], $content );
     2224                $content = str_replace( '###SITENAME###', get_option( 'blogname' ), $content );
     2225                $content = str_replace( '###SITEURL###', get_option( 'siteurl' ), $content );
     2226
     2227                wp_mail( $user['user_email'], sprintf( __( '[%s] Notice of Email Change' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), $content );
     2228        }
    21502229
    21512230        // Merge old and new fields with new fields overwriting old ones.
    2152         $userdata = array_merge($user, $userdata);
     2231        $userdata = array_merge( $user, $userdata );
    21532232        $user_id = wp_insert_user($userdata);
    21542233
    21552234        // Update the cookies if the password changed.