WordPress.org

Make WordPress Core


Ignore:
Timestamp:
02/24/2016 03:33:14 PM (4 years ago)
Author:
ocean90
Message:

Multisite: Switch to a usermeta key for email confirmation.

To prevent inconsistent data across sites in a network the new email address is now stored in usermeta. Adds visual feedback for the case when an update has failed.
All existing options will be removed on a database upgrade.

Props MikeHansenMe, kovshenin, jeremyfelt, ocean90.
Fixes #23358.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/ms.php

    r36640 r36679  
    343343        if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_email FROM {$wpdb->users} WHERE user_email=%s", $_POST['email'] ) ) ) {
    344344            $errors->add( 'user_email', __( "<strong>ERROR</strong>: The email address is already used." ), array( 'form-field' => 'email' ) );
    345             delete_option( $current_user->ID . '_new_email' );
     345            delete_user_meta( $current_user->ID, '_new_email' );
    346346            return;
    347347        }
     
    349349        $hash = md5( $_POST['email'] . time() . mt_rand() );
    350350        $new_user_email = array(
    351                 'hash' => $hash,
    352                 'newemail' => $_POST['email']
    353                 );
    354         update_option( $current_user->ID . '_new_email', $new_user_email );
     351            'hash' => $hash,
     352            'newemail' => $_POST['email']
     353        );
     354        update_user_meta( $current_user->ID, '_new_email', $new_user_email );
    355355
    356356        /* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */
     
    409409function new_user_email_admin_notice() {
    410410    global $pagenow;
    411     if ( 'profile.php' === $pagenow && isset( $_GET['updated'] ) && $email = get_option( get_current_user_id() . '_new_email' ) ) {
     411    if ( 'profile.php' === $pagenow && isset( $_GET['updated'] ) && $email = get_user_meta( get_current_user_id(), '_new_email', true ) ) {
    412412        /* translators: %s: New email address */
    413         echo '<div class="update-nag">' . sprintf( __( 'Your email address has not been updated yet. Please check your inbox at %s for a confirmation email.' ), esc_html( $email['newemail'] ) ) . '</div>';
     413        echo '<div class="notice notice-info"><p>' . sprintf( __( 'Your email address has not been updated yet. Please check your inbox at %s for a confirmation email.' ), '<code>' . esc_html( $email['newemail'] ) . '</code>' ) . '</p></div>';
    414414    }
    415415}
Note: See TracChangeset for help on using the changeset viewer.