Ticket #47352: 47352.diff
File 47352.diff, 1.6 KB (added by , 6 years ago) |
---|
-
class-wp-recovery-mode-email-service.php
49 49 */ 50 50 public function maybe_send_recovery_mode_email( $rate_limit, $error, $extension ) { 51 51 52 // Check if current admin email equals the email address that has last 53 // received a recovery email. If not, we should ignore the rate limit option. 54 // Retrieve last received email (md5 hash). 55 $last_received_recovery_email = get_option( 'recovery_mode_email_last_receiver' ); 56 $current_admin_email_hash = md5( $this->get_recovery_mode_email_address() ); 57 52 58 $last_sent = get_option( self::RATE_LIMIT_OPTION ); 53 59 54 if ( ! $last_sent || time() > $last_sent + $rate_limit ) { 60 if ( ( ! $last_sent || time() > $last_sent + $rate_limit ) || 61 $last_received_recovery_email !== $current_admin_email_hash 62 ) { 55 63 if ( ! update_option( self::RATE_LIMIT_OPTION, time() ) ) { 56 64 return new WP_Error( 'storage_error', __( 'Could not update the email last sent time.' ) ); 57 65 } … … 203 211 $email['headers'] 204 212 ); 205 213 214 // We save the md5 hash of the last receiving email address, so that we can 215 // circumvent the rate limit of one email per 24h in case we have to 216 // update the admin_email to access the recovery email contents. 217 // See lines 52-62 for how this field is used for checks before sending emails. 218 update_option( 'recovery_mode_email_last_receiver', md5( $email['to'] ), false ); 219 206 220 if ( $switched_locale ) { 207 221 restore_previous_locale(); 208 222 }