WordPress.org

Make WordPress Core


Ignore:
Timestamp:
07/27/2017 02:09:51 AM (10 months ago)
Author:
johnbillion
Message:

Users: Require a confirmation link in an email to be clicked when a user attempts to change their email address.

This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their account.

Props rodrigosprimo, tharsheblows, johnbillion

Fixes #16470

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/user-edit.php

    r39907 r41163  
    8989
    9090// Execute confirmed email change. See send_confirmation_on_profile_email().
    91 if ( is_multisite() && IS_PROFILE_PAGE && isset( $_GET[ 'newuseremail' ] ) && $current_user->ID ) {
     91if ( IS_PROFILE_PAGE && isset( $_GET[ 'newuseremail' ] ) && $current_user->ID ) {
    9292    $new_email = get_user_meta( $current_user->ID, '_new_email', true );
    9393    if ( $new_email && hash_equals( $new_email[ 'hash' ], $_GET[ 'newuseremail' ] ) ) {
     
    9595        $user->ID = $current_user->ID;
    9696        $user->user_email = esc_html( trim( $new_email[ 'newemail' ] ) );
    97         if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $current_user->user_login ) ) ) {
     97        if ( is_multisite() && $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $current_user->user_login ) ) ) {
    9898            $wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, $current_user->user_login ) );
    9999        }
     
    105105        wp_redirect( add_query_arg( array( 'error' => 'new-email' ), self_admin_url( 'profile.php' ) ) );
    106106    }
    107 } elseif ( is_multisite() && IS_PROFILE_PAGE && !empty( $_GET['dismiss'] ) && $current_user->ID . '_new_email' === $_GET['dismiss'] ) {
     107} elseif ( IS_PROFILE_PAGE && ! empty( $_GET['dismiss'] ) && $current_user->ID . '_new_email' === $_GET['dismiss'] ) {
    108108    check_admin_referer( 'dismiss-' . $current_user->ID . '_new_email' );
    109109    delete_user_meta( $current_user->ID, '_new_email' );
Note: See TracChangeset for help on using the changeset viewer.