WordPress.org

Make WordPress Core


Ignore:
Timestamp:
08/14/17 20:12:23 (5 months ago)
Author:
johnbillion
Message:

Options, Meta APIs: Require a confirmation link in an email to be clicked when an admin attempts to change the site admin email address.

This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their site.

Props MatheusGimenez, johnbillion

Fixes #39118

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/misc.php

    r38893 r41254  
    937937    <?php 
    938938} 
     939 
     940/** 
     941 * Send a confirmation request email when a change of site admin email address is attempted. 
     942 * 
     943 * The new site admin address will not become active until confirmed. 
     944 * 
     945 * @since 3.0.0 
     946 * @since 4.9.0 This function was moved from wp-admin/includes/ms.php so it's no longer Multisite specific. 
     947 * 
     948 * @param string $old_value The old site admin email address. 
     949 * @param string $value     The proposed new site admin email address. 
     950 */ 
     951function update_option_new_admin_email( $old_value, $value ) { 
     952    if ( $value == get_option( 'admin_email' ) || ! is_email( $value ) ) { 
     953        return; 
     954    } 
     955 
     956    $hash = md5( $value . time() . mt_rand() ); 
     957    $new_admin_email = array( 
     958        'hash'     => $hash, 
     959        'newemail' => $value, 
     960    ); 
     961    update_option( 'adminhash', $new_admin_email ); 
     962 
     963    $switched_locale = switch_to_locale( get_user_locale() ); 
     964 
     965    /* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */ 
     966    $email_text = __( 'Howdy ###USERNAME###, 
     967 
     968You recently requested to have the administration email address on 
     969your site changed. 
     970 
     971If this is correct, please click on the following link to change it: 
     972###ADMIN_URL### 
     973 
     974You can safely ignore and delete this email if you do not want to 
     975take this action. 
     976 
     977This email has been sent to ###EMAIL### 
     978 
     979Regards, 
     980All at ###SITENAME### 
     981###SITEURL###' ); 
     982 
     983    /** 
     984     * Filters the text of the email sent when a change of site admin email address is attempted. 
     985     * 
     986     * The following strings have a special meaning and will get replaced dynamically: 
     987     * ###USERNAME###  The current user's username. 
     988     * ###ADMIN_URL### The link to click on to confirm the email change. 
     989     * ###EMAIL###     The proposed new site admin email address. 
     990     * ###SITENAME###  The name of the site. 
     991     * ###SITEURL###   The URL to the site. 
     992     * 
     993     * @since MU (3.0.0) 
     994     * @since 4.9.0 This filter is no longer Multisite specific. 
     995     * 
     996     * @param string $email_text      Text in the email. 
     997     * @param array  $new_admin_email { 
     998     *     Data relating to the new site admin email address. 
     999     * 
     1000     *     @type string $hash     The secure hash used in the confirmation link URL. 
     1001     *     @type string $newemail The proposed new site admin email address. 
     1002     * } 
     1003     */ 
     1004    $content = apply_filters( 'new_admin_email_content', $email_text, $new_admin_email ); 
     1005 
     1006    $current_user = wp_get_current_user(); 
     1007    $content = str_replace( '###USERNAME###', $current_user->user_login, $content ); 
     1008    $content = str_replace( '###ADMIN_URL###', esc_url( self_admin_url( 'options.php?adminhash=' . $hash ) ), $content ); 
     1009    $content = str_replace( '###EMAIL###', $value, $content ); 
     1010    $content = str_replace( '###SITENAME###', wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ), $content ); 
     1011    $content = str_replace( '###SITEURL###', home_url(), $content ); 
     1012 
     1013    wp_mail( $value, sprintf( __( '[%s] New Admin Email Address' ), wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ) ), $content ); 
     1014 
     1015    if ( $switched_locale ) { 
     1016        restore_previous_locale(); 
     1017    } 
     1018} 
Note: See TracChangeset for help on using the changeset viewer.