Ticket #46349: admin_email_reminder.diff
File admin_email_reminder.diff, 8.2 KB (added by , 5 years ago) |
---|
-
src/wp-admin/css/login.css
diff --git a/src/wp-admin/css/login.css b/src/wp-admin/css/login.css index 329cf01f60..e276d9522b 100644
a b p { 134 134 box-shadow: 0 1px 3px rgba(0, 0, 0, 0.13); 135 135 } 136 136 137 .login-action-confirm_admin_email #login { 138 width: 60vw; 139 margin-top: -2vh; 140 141 } 142 143 @media screen and (max-width: 700px) { 144 .login-action-confirm_admin_email #login { 145 width: 100vw; 146 margin-top: -2vh; 147 } 148 } 149 137 150 .login form .forgetmenot { 138 151 font-weight: 400; 139 152 float: left; … … p { 144 157 float: right; 145 158 } 146 159 160 .login .adminemailconfirmform .submit { 161 text-align: center; 162 } 163 164 .admin-email__later { 165 text-align: left; 166 } 167 168 #login form p.admin-email__details { 169 margin-bottom: 20px; 170 margin-top: 20px; 171 } 172 173 .admin-email__details--small { 174 font-size: .9em; 175 } 176 177 .login h1.admin-email__heading { 178 border-bottom: 1px rgb(241, 241, 241) solid; 179 color: rgb(95, 95, 95); 180 font-weight: normal; 181 padding-bottom: 2%; 182 text-align: left; 183 } 184 185 .login h2.admin-email__heading { 186 font-weight: normal; 187 padding-bottom: 1%; 188 padding-top: 3%; 189 } 190 191 .admin-email__actions div { 192 padding-top: 2em; 193 } 194 195 .login .adminemailconfirmform .button-primary { 196 float: none; 197 } 198 147 199 #login form p { 148 200 margin-bottom: 0; 149 201 } -
src/wp-includes/default-constants.php
diff --git a/src/wp-includes/default-constants.php b/src/wp-includes/default-constants.php index a004c9e663..9c3efcae9b 100644
a b function wp_initial_constants() { 138 138 define( 'MONTH_IN_SECONDS', 30 * DAY_IN_SECONDS ); 139 139 define( 'YEAR_IN_SECONDS', 365 * DAY_IN_SECONDS ); 140 140 /**#@-*/ 141 142 /** 143 * Admin email maximmum age 144 */ 145 if ( ! defined( 'ADMIN_EMAIL_MAX_AGE' ) ) { 146 define( 'ADMIN_EMAIL_MAX_AGE', 180 * DAY_IN_SECONDS ); 147 } 141 148 } 142 149 143 150 /** -
src/wp-includes/default-filters.php
diff --git a/src/wp-includes/default-filters.php b/src/wp-includes/default-filters.php index ecdc87cb3a..82ca0ef294 100644
a b 428 428 add_filter( 'authenticate', 'wp_authenticate_spam_check', 99 ); 429 429 add_filter( 'determine_current_user', 'wp_validate_auth_cookie' ); 430 430 add_filter( 'determine_current_user', 'wp_validate_logged_in_cookie', 20 ); 431 add_filter( 'login_redirect', 'wp_confirm_admin_email', 20, 3 ); 431 432 432 433 // Split term updates. 433 434 add_action( 'admin_init', '_wp_check_for_scheduled_split_terms' ); -
src/wp-includes/user.php
diff --git a/src/wp-includes/user.php b/src/wp-includes/user.php index 3819f21f6f..64457b0eba 100644
a b function wp_authenticate_username_password( $user, $username, $password ) { 187 187 return $user; 188 188 } 189 189 190 function wp_confirm_admin_email( $redirect_to, $requested_redirect_to, $user ) { 191 192 if ( ! is_a ( $user , 'WP_User' ) || ! $user->exists() ) { 193 return $redirect_to; 194 } 195 196 if ( ! $user->has_cap( 'manage_options' ) ) { 197 return $redirect_to; 198 } 199 200 $admin_email_lifespan = get_option( 'admin_email_lifespan' ); 201 202 if ( ! empty( $admin_email_lifespan ) ) { 203 if ( time() < $admin_email_lifespan ) { 204 return $redirect_to; 205 } 206 } 207 208 return wp_login_url( $redirect_to ) . '&' . 'action=confirm_admin_email'; 209 210 } 211 190 212 /** 191 213 * Authenticates a user using the email and password. 192 214 * -
src/wp-login.php
diff --git a/src/wp-login.php b/src/wp-login.php index 5ecf5f0dbf..4052de5024 100644
a b 11 11 /** Make sure that the WordPress bootstrap has run before continuing. */ 12 12 require( dirname( __FILE__ ) . '/wp-load.php' ); 13 13 14 delete_option( 'admin_email_lifespan' ); 15 14 16 // Redirect to HTTPS login if forced to use SSL. 15 17 if ( force_ssl_admin() && ! is_ssl() ) { 16 18 if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) { … … function retrieve_password() { 444 446 } 445 447 446 448 // Validate action so as to default to the login screen. 447 if ( ! in_array( $action, array( ' postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login', 'confirmaction', WP_Recovery_Mode_Link_Service::LOGIN_ACTION_ENTERED ), true ) && false === has_filter( 'login_form_' . $action ) ) {449 if ( ! in_array( $action, array( 'confirm_admin_email', 'postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login', 'confirmaction', WP_Recovery_Mode_Link_Service::LOGIN_ACTION_ENTERED ), true ) && false === has_filter( 'login_form_' . $action ) ) { 448 450 $action = 'login'; 449 451 } 450 452 … … function retrieve_password() { 501 503 $login_link_separator = apply_filters( 'login_link_separator', ' | ' ); 502 504 503 505 switch ( $action ) { 506 507 case 'confirm_admin_email': 508 509 if( ! is_user_logged_in() ) { 510 wp_safe_redirect( wp_login_url( $redirect_to ) ); 511 } 512 513 if ( ! empty( $_REQUEST['redirect_to'] ) ) { 514 $redirect_to = $_REQUEST['redirect_to']; 515 } else { 516 $redirect_to = admin_url(); 517 } 518 519 if ( current_user_can( 'manage_options' ) ) { 520 $admin_email = get_option( 'admin_email' ); 521 } else { 522 wp_safe_redirect( $redirect_to ); 523 } 524 525 $admin_email_lifespan = time() + ADMIN_EMAIL_MAX_AGE; 526 $admin_email_remind_in = time() + round ( ADMIN_EMAIL_MAX_AGE/4 ); 527 528 if ( ! empty( $_GET[ 'remind_me_later' ] ) ) { 529 update_option( 'admin_email_lifespan', $admin_email_remind_in ); 530 wp_safe_redirect( $redirect_to ); 531 } 532 533 if ( ! empty( $_POST[ 'correct_email' ] ) ) { 534 update_option( 'admin_email_lifespan', $admin_email_lifespan ); 535 wp_safe_redirect( $redirect_to ); 536 } 537 538 /** 539 * Fires before the admin email confirm form. 540 * 541 * @since 5.2.0 542 * 543 * @param WP_Error $errors A `WP_Error` object containing any errors generated by using invalid credentials. Note that the error object may not contain any errors. 544 * 545 */ 546 do_action( 'confirm_admin_email' ); 547 548 login_header( __( 'Confirm your admin email' ), '', $errors ); 549 ?> 550 551 <form class='adminemailconfirmform' name="adminemailconfirmform" id="adminemailconfirmform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=confirm_admin_email', 'login_post' ) ); ?>" method="post"> 552 553 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" /> 554 <?php 555 /** 556 * Fires inside the lostpassword form tags, before the hidden fields. 557 * 558 * @since 2.1.0 559 */ 560 do_action( 'admin_email_confirm_form' ); 561 ?> 562 <h1 class="admin-email__heading"> 563 <?php 564 _e( 'Admin email verification' ); 565 ?> 566 </h1> 567 <p class="admin-email__details"> 568 <?php 569 _e( 'We\'d like to verify that the <strong>general admin email</strong> for this website is still correct.' ); 570 ?> 571 <a href=""> 572 <?php 573 _e( 'Why is this important?' ); 574 ?> 575 </a> 576 </p> 577 <h2 class="admin-email__heading"> 578 <?php 579 _e( 'Current general admin email' ); 580 ?> 581 </h2> 582 <p class="admin-email__details"> 583 <?php _e( 'We have the following email address registered as your <strong>general admin email</strong>:' ); ?> 584 </p> 585 586 <h2 class="admin-email__heading"> 587 <?php 588 echo esc_html( $admin_email ); 589 ?> 590 </h2> 591 <p class="admin-email__details--small"> 592 <?php _e( 'This can be different from the email address you just logged in with.' ); ?> 593 <a href=""> 594 <?php 595 _e( 'Learn more' ); 596 ?> 597 </a> 598 </p> 599 600 <div class="admin-email__actions"> 601 <div class="admin-email__actions-primary"> 602 <?php 603 604 $change_link = admin_url( 'options-general.php?highlight=confirm_admin_email' ); 605 ?> 606 <a class="button button-large" href="<?php echo $change_link ?>"> 607 <?php esc_attr_e( 'Please change' ); ?> 608 </a> 609 <input type="submit" name="correct_email" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Yes it\'s correct' ); ?>" /> 610 </div> 611 <div class="admin-email__actions-secondary"> 612 <p class="admin-email__later"> 613 <?php 614 615 $remind_me_link = wp_login_url( $redirect_to ) . 616 '&' . 'action=confirm_admin_email' . 617 '&' . 'remind_me_later=true'; 618 ?> 619 <a href="<?php echo $remind_me_link ?>"><?php _e( 'Remind me later' ) ?></a> 620 </p> 621 </div> 622 623 </div> 624 </form> 625 626 <?php 627 login_footer(); 628 629 break; 630 631 504 632 505 633 case 'postpass': 506 634 if ( ! array_key_exists( 'post_password', $_POST ) ) {