WordPress.org
Get WordPress

Make WordPress Core

Ticket #32430: 32430.5.diff

File 32430.5.diff, 6.8 KB (added by obenland, 11 years ago)

Makes sure $send_email_change_email and $send_pass_change_email are set.

  • src/wp-includes/user.php

     
    21402140        // Escape data pulled from DB.
    21412141        $user = add_magic_quotes( $user );
    21422142
    2143         // If password is changing, hash it now.
    21442143        if ( ! empty($userdata['user_pass']) ) {
     2144                // If password is changing, hash it now
    21452145                $plaintext_pass = $userdata['user_pass'];
    2146                 $userdata['user_pass'] = wp_hash_password($userdata['user_pass']);
     2146                $userdata['user_pass'] = wp_hash_password( $userdata['user_pass'] );
     2147                /**
     2148                 * Filter to stop the sending of the password change email.
     2149                 *
     2150                 * @param bool $send Set to true to send, false to not send the email.
     2151                 *
     2152                 * @since 4.3
     2153                 */
     2154                $send_pass_change_email = apply_filters( 'send_pass_change_email', true, $user, $userdata );
     2155        }
     2156
     2157        if ( $user['user_email'] !== $userdata['user_email'] ) {
     2158                /**
     2159                 * Filter to stop the sending of the email change email.
     2160                 *
     2161                 * @param bool $send Set to true to send, false to not send the email.
     2162                 *
     2163                 * @since 4.3
     2164                 */
     2165                $send_email_change_email = apply_filters( 'send_email_change_email', true, $user['user_email'], $userdata['user_email'] );
    21472166        }
    21482167
    2149         wp_cache_delete($user[ 'user_email' ], 'useremail');
     2168        wp_cache_delete( $user['user_email'], 'useremail' );
    21502169
    21512170        // Merge old and new fields with new fields overwriting old ones.
    2152         $userdata = array_merge($user, $userdata);
    2153         $user_id = wp_insert_user($userdata);
     2171        $userdata = array_merge( $user, $userdata );
     2172        $user_id = wp_insert_user( $userdata );
     2173
     2174        if ( ! is_wp_error( $user_id ) ) {
     2175
     2176                $blog_name = wp_specialchars_decode( get_option( 'blogname' ) );
     2177
     2178                if ( ! empty( $send_pass_change_email ) ) {
     2179
     2180                        /* translators: Do not translate USERNAME, ADMIN_EMAIL, EMAIL, SITENAME, SITEURL: those are placeholders. */
     2181                        $pass_change_text = __( 'Hi ###USERNAME###,
     2182
     2183This notice confirms that your password was changed on ###SITENAME###.
     2184
     2185If you did not change your password, please contact the Site Administrator at
     2186###ADMIN_EMAIL###
     2187
     2188This email has been sent to ###EMAIL###
     2189
     2190Regards,
     2191All at ###SITENAME###
     2192###SITEURL###' );
     2193
     2194                        $pass_change_email = array(
     2195                                'to'      => $user['user_email'],
     2196                                'subject' => __( '[%s] Notice of Password Change' ),
     2197                                'message' => $pass_change_text,
     2198                                'headers' => '',
     2199                        );
     2200
     2201                        /**
     2202                         * Filter the email sent when the user's password is changed.
     2203                         *
     2204                         * @param array $pass_change_email {
     2205                         *            Used to build wp_mail(). https://developer.wordpress.org/reference/functions/wp_mail/
     2206                         *            @type string $to      The intended recipients. Add emails in a comma separated string.
     2207                         *            @type string $subject The subject of the email.
     2208                         *            @type string $message The content of the email.
     2209                         *                The following strings have a special meaning and will get replaced dynamically:
     2210                         *                ###USERNAME###    The current user's username.
     2211                         *                ###ADMIN_EMAIL### The admin email in case this was unexpected.
     2212                         *                ###EMAIL###       The old email.
     2213                         *                ###SITENAME###    The name of the site.
     2214                         *                ###SITEURL###     The URL to the site.
     2215                         *            @type  string $headers Headers. Add headers in a newline (\r\n) separated string.
     2216                         *        }
     2217                         *
     2218                         * @since 4.3
     2219                         */
     2220                        $pass_change_email = apply_filters( 'password_change_email', $pass_change_email, $blog_name, $userdata['user_email'] );
     2221
     2222                        $pass_change_email['message'] = str_replace( '###USERNAME###', $user['user_login'], $pass_change_email['message'] );
     2223                        $pass_change_email['message'] = str_replace( '###ADMIN_EMAIL###', get_option( 'admin_email' ), $pass_change_email['message'] );
     2224                        $pass_change_email['message'] = str_replace( '###EMAIL###', $user['user_email'], $pass_change_email['message'] );
     2225                        $pass_change_email['message'] = str_replace( '###SITENAME###', get_option( 'blogname' ), $pass_change_email['message'] );
     2226                        $pass_change_email['message'] = str_replace( '###SITEURL###', get_option( 'siteurl' ), $pass_change_email['message'] );
     2227
     2228                        wp_mail( $pass_change_email['to'], sprintf( $pass_change_email['subject'], $blog_name ), $pass_change_email['message'], $pass_change_email['headers'] );
     2229                }
     2230
     2231                if ( ! empty( $send_email_change_email ) ) {
     2232                        /* translators: Do not translate USERNAME, ADMIN_EMAIL, EMAIL, SITENAME, SITEURL: those are placeholders. */
     2233                        $email_change_text = __( 'Hi ###USERNAME###,
     2234
     2235This notice confirms that your email was changed on ###SITENAME###.
     2236
     2237If you did not change your email, please contact the Site Administrator at
     2238###ADMIN_EMAIL###
     2239
     2240This email has been sent to ###EMAIL###
     2241
     2242Regards,
     2243All at ###SITENAME###
     2244###SITEURL###' );
     2245
     2246                        $email_change_email = array(
     2247                                'to'      => $user['user_email'],
     2248                                'subject' => __( '[%s] Notice of Email Change' ),
     2249                                'message' => $email_change_text,
     2250                                'headers' => '',
     2251                        );
     2252
     2253                        /**
     2254                         * Filter the email sent when the user's password is changed.
     2255                         *
     2256                         * @param array $email_change_email {
     2257                         *            Used to build wp_mail(). https://developer.wordpress.org/reference/functions/wp_mail/
     2258                         *            @type string $to      The intended recipients.
     2259                         *            @type string $subject The subject of the email.
     2260                         *            @type string $message The content of the email.
     2261                         *                The following strings have a special meaning and will get replaced dynamically:
     2262                         *                ###USERNAME###    The current user's username.
     2263                         *                ###ADMIN_EMAIL### The admin email in case this was unexpected.
     2264                         *                ###EMAIL###       The old email.
     2265                         *                ###SITENAME###    The name of the site.
     2266                         *                ###SITEURL###     The URL to the site.
     2267                         *            @type string $headers Headers.
     2268                         *        }
     2269                         *
     2270                         * @since 4.3
     2271                         */
     2272                        $email_change_email = apply_filters( 'email_change_email', $email_change_email, $blog_name, $userdata['user_email'] );
     2273
     2274                        $email_change_email['message'] = str_replace( '###USERNAME###', $user['user_login'], $email_change_email['message'] );
     2275                        $email_change_email['message'] = str_replace( '###ADMIN_EMAIL###', get_option( 'admin_email' ), $email_change_email['message'] );
     2276                        $email_change_email['message'] = str_replace( '###EMAIL###', $user['user_email'], $email_change_email['message'] );
     2277                        $email_change_email['message'] = str_replace( '###SITENAME###', get_option( 'blogname' ), $email_change_email['message'] );
     2278                        $email_change_email['message'] = str_replace( '###SITEURL###', get_option( 'siteurl' ), $email_change_email['message'] );
     2279
     2280                        wp_mail( $email_change_email['to'], sprintf( $email_change_email['subject'], $blog_name ), $email_change_email['message'], $email_change_email['headers'] );
     2281                }
     2282        }
    21542283
    21552284        // Update the cookies if the password changed.
    21562285        $current_user = wp_get_current_user();