WordPress.org

Make WordPress Core

Ticket #36970: wp_new_user_notification.php

File wp_new_user_notification.php, 2.6 KB (added by jshrek, 4 years ago)

Suggested patch for wp_new_user_notification

Line 
1function wp_new_user_notification( $user_id, $deprecated = null, $notify = '' ) {
2    if ( $deprecated !== null ) {
3        _deprecated_argument( __FUNCTION__, '4.3.1' );
4    }
5 
6    global $wpdb, $wp_hasher;
7    $user = get_userdata( $user_id );
8 
9    // The blogname option is escaped with esc_html on the way into the database in sanitize_option
10    // we want to reverse this for the plain text arena of emails.
11    $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
12 
13    $message  = sprintf(__('New user registration on your site %s:'), $blogname) . "\r\n\r\n";
14    $message .= sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n";
15    $message .= sprintf(__('Email: %s'), $user->user_email) . "\r\n";
16
17    //Allow ability to disable email to admin but still send email to the user.
18    // If $notify is 'admin' then email will only be sent to admin user but not to user.
19    // If $notify is 'both' then email will be sent to admin and to user.
20    // If $notify is '' (blank) then email will be sent to admin and to user.
21    // If $notify is anything else (like 'user') then email will only be sent to user but not to admin.
22    if ('admin' === $notify || 'both' === $notify || '' === $notify) {
23       @wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);
24    }
25 
26    // `$deprecated was pre-4.3 `$plaintext_pass`. An empty `$plaintext_pass` didn't sent a user notifcation.
27    if ( 'admin' === $notify || ( empty( $deprecated ) && empty( $notify ) ) ) {
28        return;
29    }
30 
31    // Generate something random for a password reset key.
32    $key = wp_generate_password( 20, false );
33 
34    /** This action is documented in wp-login.php */
35    do_action( 'retrieve_password_key', $user->user_login, $key );
36 
37    // Now insert the key, hashed, into the DB.
38    if ( empty( $wp_hasher ) ) {
39        require_once ABSPATH . WPINC . '/class-phpass.php';
40        $wp_hasher = new PasswordHash( 8, true );
41    }
42    $hashed = time() . ':' . $wp_hasher->HashPassword( $key );
43    $wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user->user_login ) );
44 
45    $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n";
46    $message .= __('To set your password, visit the following address:') . "\r\n\r\n";
47    $message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user->user_login), 'login') . ">\r\n\r\n";
48 
49    $message .= wp_login_url() . "\r\n";
50 
51    wp_mail($user->user_email, sprintf(__('[%s] Your username and password info'), $blogname), $message);
52}