Changeset 41254
- Timestamp:
- 08/14/2017 08:12:23 PM (7 years ago)
- Location:
- trunk/src/wp-admin
- Files:
-
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/includes/admin-filters.php
r41164 r41254 56 56 add_action( 'update_option_page_on_front', 'update_home_siteurl', 10, 2 ); 57 57 add_action( 'update_option_admin_email', 'wp_site_admin_email_change_notification', 10, 3 ); 58 59 add_action( 'add_option_new_admin_email', 'update_option_new_admin_email', 10, 2 ); 60 add_action( 'update_option_new_admin_email', 'update_option_new_admin_email', 10, 2 ); 58 61 59 62 add_filter( 'heartbeat_received', 'wp_check_locked_posts', 10, 3 ); -
trunk/src/wp-admin/includes/misc.php
r38893 r41254 937 937 <?php 938 938 } 939 940 /** 941 * Send a confirmation request email when a change of site admin email address is attempted. 942 * 943 * The new site admin address will not become active until confirmed. 944 * 945 * @since 3.0.0 946 * @since 4.9.0 This function was moved from wp-admin/includes/ms.php so it's no longer Multisite specific. 947 * 948 * @param string $old_value The old site admin email address. 949 * @param string $value The proposed new site admin email address. 950 */ 951 function update_option_new_admin_email( $old_value, $value ) { 952 if ( $value == get_option( 'admin_email' ) || ! is_email( $value ) ) { 953 return; 954 } 955 956 $hash = md5( $value . time() . mt_rand() ); 957 $new_admin_email = array( 958 'hash' => $hash, 959 'newemail' => $value, 960 ); 961 update_option( 'adminhash', $new_admin_email ); 962 963 $switched_locale = switch_to_locale( get_user_locale() ); 964 965 /* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */ 966 $email_text = __( 'Howdy ###USERNAME###, 967 968 You recently requested to have the administration email address on 969 your site changed. 970 971 If this is correct, please click on the following link to change it: 972 ###ADMIN_URL### 973 974 You can safely ignore and delete this email if you do not want to 975 take this action. 976 977 This email has been sent to ###EMAIL### 978 979 Regards, 980 All at ###SITENAME### 981 ###SITEURL###' ); 982 983 /** 984 * Filters the text of the email sent when a change of site admin email address is attempted. 985 * 986 * The following strings have a special meaning and will get replaced dynamically: 987 * ###USERNAME### The current user's username. 988 * ###ADMIN_URL### The link to click on to confirm the email change. 989 * ###EMAIL### The proposed new site admin email address. 990 * ###SITENAME### The name of the site. 991 * ###SITEURL### The URL to the site. 992 * 993 * @since MU (3.0.0) 994 * @since 4.9.0 This filter is no longer Multisite specific. 995 * 996 * @param string $email_text Text in the email. 997 * @param array $new_admin_email { 998 * Data relating to the new site admin email address. 999 * 1000 * @type string $hash The secure hash used in the confirmation link URL. 1001 * @type string $newemail The proposed new site admin email address. 1002 * } 1003 */ 1004 $content = apply_filters( 'new_admin_email_content', $email_text, $new_admin_email ); 1005 1006 $current_user = wp_get_current_user(); 1007 $content = str_replace( '###USERNAME###', $current_user->user_login, $content ); 1008 $content = str_replace( '###ADMIN_URL###', esc_url( self_admin_url( 'options.php?adminhash=' . $hash ) ), $content ); 1009 $content = str_replace( '###EMAIL###', $value, $content ); 1010 $content = str_replace( '###SITENAME###', wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ), $content ); 1011 $content = str_replace( '###SITEURL###', home_url(), $content ); 1012 1013 wp_mail( $value, sprintf( __( '[%s] New Admin Email Address' ), wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ) ), $content ); 1014 1015 if ( $switched_locale ) { 1016 restore_previous_locale(); 1017 } 1018 } -
trunk/src/wp-admin/includes/ms-admin-filters.php
r41253 r41254 16 16 17 17 add_action( 'admin_page_access_denied', '_access_denied_splash', 99 ); 18 19 add_action( 'add_option_new_admin_email', 'update_option_new_admin_email', 10, 2 );20 21 add_action( 'update_option_new_admin_email', 'update_option_new_admin_email', 10, 2 );22 18 23 19 // Site Hooks. -
trunk/src/wp-admin/includes/ms.php
r41242 r41254 264 264 265 265 return true; 266 }267 268 /**269 * Send a confirmation request email when a change of site admin email address is attempted.270 *271 * The new site admin address will not become active until confirmed.272 *273 * @since 3.0.0274 *275 * @param string $old_value The old site admin email address.276 * @param string $value The proposed new site admin email address.277 */278 function update_option_new_admin_email( $old_value, $value ) {279 if ( $value == get_option( 'admin_email' ) || !is_email( $value ) )280 return;281 282 $hash = md5( $value. time() .mt_rand() );283 $new_admin_email = array(284 'hash' => $hash,285 'newemail' => $value286 );287 update_option( 'adminhash', $new_admin_email );288 289 $switched_locale = switch_to_locale( get_user_locale() );290 291 /* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */292 $email_text = __( 'Howdy ###USERNAME###,293 294 You recently requested to have the administration email address on295 your site changed.296 297 If this is correct, please click on the following link to change it:298 ###ADMIN_URL###299 300 You can safely ignore and delete this email if you do not want to301 take this action.302 303 This email has been sent to ###EMAIL###304 305 Regards,306 All at ###SITENAME###307 ###SITEURL###' );308 309 /**310 * Filters the text of the email sent when a change of site admin email address is attempted.311 *312 * The following strings have a special meaning and will get replaced dynamically:313 * ###USERNAME### The current user's username.314 * ###ADMIN_URL### The link to click on to confirm the email change.315 * ###EMAIL### The proposed new site admin email address.316 * ###SITENAME### The name of the site.317 * ###SITEURL### The URL to the site.318 *319 * @since MU (3.0.0)320 *321 * @param string $email_text Text in the email.322 * @param array $new_admin_email {323 * Data relating to the new site admin email address.324 *325 * @type string $hash The secure hash used in the confirmation link URL.326 * @type string $newemail The proposed new site admin email address.327 * }328 */329 $content = apply_filters( 'new_admin_email_content', $email_text, $new_admin_email );330 331 $current_user = wp_get_current_user();332 $content = str_replace( '###USERNAME###', $current_user->user_login, $content );333 $content = str_replace( '###ADMIN_URL###', esc_url( self_admin_url( 'options.php?adminhash='.$hash ) ), $content );334 $content = str_replace( '###EMAIL###', $value, $content );335 $content = str_replace( '###SITENAME###', wp_specialchars_decode( get_site_option( 'site_name' ), ENT_QUOTES ), $content );336 $content = str_replace( '###SITEURL###', network_home_url(), $content );337 338 wp_mail( $value, sprintf( __( '[%s] New Admin Email Address' ), wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ) ), $content );339 340 if ( $switched_locale ) {341 restore_previous_locale();342 }343 266 } 344 267 -
trunk/src/wp-admin/options-general.php
r40823 r41254 57 57 58 58 <table class="form-table"> 59 59 60 <tr> 60 61 <th scope="row"><label for="blogname"><?php _e('Site Title') ?></label></th> 61 62 <td><input name="blogname" type="text" id="blogname" value="<?php form_option('blogname'); ?>" class="regular-text" /></td> 62 63 </tr> 64 63 65 <tr> 64 66 <th scope="row"><label for="blogdescription"><?php _e('Tagline') ?></label></th> … … 66 68 <p class="description" id="tagline-description"><?php _e( 'In a few words, explain what this site is about.' ) ?></p></td> 67 69 </tr> 70 68 71 <?php if ( !is_multisite() ) { ?> 72 69 73 <tr> 70 74 <th scope="row"><label for="siteurl"><?php _e('WordPress Address (URL)') ?></label></th> 71 75 <td><input name="siteurl" type="url" id="siteurl" value="<?php form_option( 'siteurl' ); ?>"<?php disabled( defined( 'WP_SITEURL' ) ); ?> class="regular-text code<?php if ( defined( 'WP_SITEURL' ) ) echo ' disabled' ?>" /></td> 72 76 </tr> 77 73 78 <tr> 74 79 <th scope="row"><label for="home"><?php _e('Site Address (URL)') ?></label></th> … … 78 83 <?php endif; ?> 79 84 </tr> 80 <tr> 81 <th scope="row"><label for="admin_email"><?php _e('Email Address') ?> </label></th> 82 <td><input name="admin_email" type="email" id="admin_email" aria-describedby="admin-email-description" value="<?php form_option( 'admin_email' ); ?>" class="regular-text ltr" /> 83 <p class="description" id="admin-email-description"><?php _e( 'This address is used for admin purposes, like new user notification.' ) ?></p></td> 84 </tr> 85 86 <?php } ?> 87 88 <tr> 89 <th scope="row"><label for="new_admin_email"><?php _e( 'Email Address' ); ?></label></th> 90 <td><input name="new_admin_email" type="email" id="new_admin_email" aria-describedby="new-admin-email-description" value="<?php form_option( 'admin_email' ); ?>" class="regular-text ltr" /> 91 <p class="description" id="new-admin-email-description"><?php _e( 'This address is used for admin purposes. If you change this we will send you an email at your new address to confirm it. <strong>The new address will not become active until confirmed.</strong>' ); ?></p> 92 <?php 93 $new_admin_email = get_option( 'new_admin_email' ); 94 if ( $new_admin_email && $new_admin_email != get_option( 'admin_email' ) ) : ?> 95 <div class="updated inline"> 96 <p><?php 97 printf( 98 /* translators: %s: new admin email */ 99 __( 'There is a pending change of the admin email to %s.' ), 100 '<code>' . esc_html( $new_admin_email ) . '</code>' 101 ); 102 printf( 103 ' <a href="%1$s">%2$s</a>', 104 esc_url( wp_nonce_url( admin_url( 'options.php?dismiss=new_admin_email' ), 'dismiss-' . get_current_blog_id() . '-new_admin_email' ) ), 105 __( 'Cancel' ) 106 ); 107 ?></p> 108 </div> 109 <?php endif; ?> 110 </td> 111 </tr> 112 113 <?php if ( ! is_multisite() ) { ?> 114 85 115 <tr> 86 116 <th scope="row"><?php _e('Membership') ?></th> … … 90 120 </fieldset></td> 91 121 </tr> 122 92 123 <tr> 93 124 <th scope="row"><label for="default_role"><?php _e('New User Default Role') ?></label></th> … … 96 127 </td> 97 128 </tr> 98 <?php } else { ?> 99 <tr> 100 <th scope="row"><label for="new_admin_email"><?php _e('Email Address') ?> </label></th> 101 <td><input name="new_admin_email" type="email" id="new_admin_email" aria-describedby="new-admin-email-description" value="<?php form_option( 'admin_email' ); ?>" class="regular-text ltr" /> 102 <p class="description" id="new-admin-email-description"><?php _e( 'This address is used for admin purposes. If you change this we will send you an email at your new address to confirm it. <strong>The new address will not become active until confirmed.</strong>' ) ?></p> 103 <?php 104 $new_admin_email = get_option( 'new_admin_email' ); 105 if ( $new_admin_email && $new_admin_email != get_option('admin_email') ) : ?> 106 <div class="updated inline"> 107 <p><?php 108 printf( 109 /* translators: %s: new admin email */ 110 __( 'There is a pending change of the admin email to %s.' ), 111 '<code>' . esc_html( $new_admin_email ) . '</code>' 112 ); 113 printf( 114 ' <a href="%1$s">%2$s</a>', 115 esc_url( wp_nonce_url( admin_url( 'options.php?dismiss=new_admin_email' ), 'dismiss-' . get_current_blog_id() . '-new_admin_email' ) ), 116 __( 'Cancel' ) 117 ); 118 ?></p> 119 </div> 120 <?php endif; ?> 121 </td> 122 </tr> 129 123 130 <?php } 124 131 -
trunk/src/wp-admin/options.php
r39933 r41254 54 54 55 55 // Handle admin email change requests 56 if ( is_multisite() ) { 57 if ( ! empty($_GET[ 'adminhash' ] ) ) { 58 $new_admin_details = get_option( 'adminhash' ); 59 $redirect = 'options-general.php?updated=false'; 60 if ( is_array( $new_admin_details ) && hash_equals( $new_admin_details[ 'hash' ], $_GET[ 'adminhash' ] ) && !empty($new_admin_details[ 'newemail' ]) ) { 61 update_option( 'admin_email', $new_admin_details[ 'newemail' ] ); 62 delete_option( 'adminhash' ); 63 delete_option( 'new_admin_email' ); 64 $redirect = 'options-general.php?updated=true'; 65 } 66 wp_redirect( admin_url( $redirect ) ); 67 exit; 68 } elseif ( ! empty( $_GET['dismiss'] ) && 'new_admin_email' == $_GET['dismiss'] ) { 69 check_admin_referer( 'dismiss-' . get_current_blog_id() . '-new_admin_email' ); 56 if ( ! empty( $_GET[ 'adminhash' ] ) ) { 57 $new_admin_details = get_option( 'adminhash' ); 58 $redirect = 'options-general.php?updated=false'; 59 if ( is_array( $new_admin_details ) && hash_equals( $new_admin_details[ 'hash' ], $_GET[ 'adminhash' ] ) && ! empty( $new_admin_details[ 'newemail' ] ) ) { 60 update_option( 'admin_email', $new_admin_details[ 'newemail' ] ); 70 61 delete_option( 'adminhash' ); 71 62 delete_option( 'new_admin_email' ); 72 wp_redirect( admin_url( 'options-general.php?updated=true' ) ); 73 exit; 74 } 63 $redirect = 'options-general.php?updated=true'; 64 } 65 wp_redirect( admin_url( $redirect ) ); 66 exit; 67 } elseif ( ! empty( $_GET['dismiss'] ) && 'new_admin_email' == $_GET['dismiss'] ) { 68 check_admin_referer( 'dismiss-' . get_current_blog_id() . '-new_admin_email' ); 69 delete_option( 'adminhash' ); 70 delete_option( 'new_admin_email' ); 71 wp_redirect( admin_url( 'options-general.php?updated=true' ) ); 72 exit; 75 73 } 76 74 … … 84 82 85 83 $whitelist_options = array( 86 'general' => array( 'blogname', 'blogdescription', 'gmt_offset', 'date_format', 'time_format', 'start_of_week', 'timezone_string', 'WPLANG' ),84 'general' => array( 'blogname', 'blogdescription', 'gmt_offset', 'date_format', 'time_format', 'start_of_week', 'timezone_string', 'WPLANG', 'new_admin_email' ), 87 85 'discussion' => array( 'default_pingback_flag', 'default_ping_status', 'default_comment_status', 'comments_notify', 'moderation_notify', 'comment_moderation', 'require_name_email', 'comment_whitelist', 'comment_max_links', 'moderation_keys', 'blacklist_keys', 'show_avatars', 'avatar_rating', 'avatar_default', 'close_comments_for_old_posts', 'close_comments_days_old', 'thread_comments', 'thread_comments_depth', 'page_comments', 'comments_per_page', 'default_comments_page', 'comment_order', 'comment_registration' ), 88 86 'media' => array( 'thumbnail_size_w', 'thumbnail_size_h', 'thumbnail_crop', 'medium_size_w', 'medium_size_h', 'large_size_w', 'large_size_h', 'image_default_size', 'image_default_align', 'image_default_link_type' ), … … 108 106 $whitelist_options['general'][] = 'home'; 109 107 110 $whitelist_options['general'][] = 'admin_email';111 108 $whitelist_options['general'][] = 'users_can_register'; 112 109 $whitelist_options['general'][] = 'default_role'; … … 123 120 } 124 121 } else { 125 $whitelist_options['general'][] = 'new_admin_email';126 127 122 /** 128 123 * Filters whether the post-by-email functionality is enabled.
Note: See TracChangeset
for help on using the changeset viewer.