WordPress.org

Make WordPress Core

Ticket #35283: 35283.2.diff

File 35283.2.diff, 2.3 KB (added by swissspidy, 4 years ago)
  • src/wp-includes/user.php

    diff --git src/wp-includes/user.php src/wp-includes/user.php
    index 195f72c..3cf37bd 100644
    function wp_update_user($userdata) { 
    16891689
    16901690        if ( ! is_wp_error( $user_id ) ) {
    16911691
    1692                 $blog_name = wp_specialchars_decode( get_option( 'blogname' ) );
     1692                $blog_name = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES );
    16931693
    16941694                if ( ! empty( $send_password_change_email ) ) {
    16951695
    All at ###SITENAME### 
    17411741                        $pass_change_email['message'] = str_replace( '###USERNAME###', $user['user_login'], $pass_change_email['message'] );
    17421742                        $pass_change_email['message'] = str_replace( '###ADMIN_EMAIL###', get_option( 'admin_email' ), $pass_change_email['message'] );
    17431743                        $pass_change_email['message'] = str_replace( '###EMAIL###', $user['user_email'], $pass_change_email['message'] );
    1744                         $pass_change_email['message'] = str_replace( '###SITENAME###', get_option( 'blogname' ), $pass_change_email['message'] );
     1744                        $pass_change_email['message'] = str_replace( '###SITENAME###', $blog_name, $pass_change_email['message'] );
    17451745                        $pass_change_email['message'] = str_replace( '###SITEURL###', home_url(), $pass_change_email['message'] );
    17461746
    17471747                        wp_mail( $pass_change_email['to'], sprintf( $pass_change_email['subject'], $blog_name ), $pass_change_email['message'], $pass_change_email['headers'] );
    All at ###SITENAME### 
    17951795                        $email_change_email['message'] = str_replace( '###USERNAME###', $user['user_login'], $email_change_email['message'] );
    17961796                        $email_change_email['message'] = str_replace( '###ADMIN_EMAIL###', get_option( 'admin_email' ), $email_change_email['message'] );
    17971797                        $email_change_email['message'] = str_replace( '###EMAIL###', $user['user_email'], $email_change_email['message'] );
    1798                         $email_change_email['message'] = str_replace( '###SITENAME###', get_option( 'blogname' ), $email_change_email['message'] );
     1798                        $email_change_email['message'] = str_replace( '###SITENAME###', $blog_name, $email_change_email['message'] );
    17991799                        $email_change_email['message'] = str_replace( '###SITEURL###', home_url(), $email_change_email['message'] );
    18001800
    18011801                        wp_mail( $email_change_email['to'], sprintf( $email_change_email['subject'], $blog_name ), $email_change_email['message'], $email_change_email['headers'] );