WordPress.org

Make WordPress Core


Ignore:
Timestamp:
08/14/17 20:12:23 (5 months ago)
Author:
johnbillion
Message:

Options, Meta APIs: Require a confirmation link in an email to be clicked when an admin attempts to change the site admin email address.

This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their site.

Props MatheusGimenez, johnbillion

Fixes #39118

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/ms.php

    r41242 r41254  
    264264 
    265265    return true; 
    266 } 
    267  
    268 /** 
    269  * Send a confirmation request email when a change of site admin email address is attempted. 
    270  * 
    271  * The new site admin address will not become active until confirmed. 
    272  * 
    273  * @since 3.0.0 
    274  * 
    275  * @param string $old_value The old site admin email address. 
    276  * @param string $value     The proposed new site admin email address. 
    277  */ 
    278 function update_option_new_admin_email( $old_value, $value ) { 
    279     if ( $value == get_option( 'admin_email' ) || !is_email( $value ) ) 
    280         return; 
    281  
    282     $hash = md5( $value. time() .mt_rand() ); 
    283     $new_admin_email = array( 
    284         'hash' => $hash, 
    285         'newemail' => $value 
    286     ); 
    287     update_option( 'adminhash', $new_admin_email ); 
    288  
    289     $switched_locale = switch_to_locale( get_user_locale() ); 
    290  
    291     /* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */ 
    292     $email_text = __( 'Howdy ###USERNAME###, 
    293  
    294 You recently requested to have the administration email address on 
    295 your site changed. 
    296  
    297 If this is correct, please click on the following link to change it: 
    298 ###ADMIN_URL### 
    299  
    300 You can safely ignore and delete this email if you do not want to 
    301 take this action. 
    302  
    303 This email has been sent to ###EMAIL### 
    304  
    305 Regards, 
    306 All at ###SITENAME### 
    307 ###SITEURL###' ); 
    308  
    309     /** 
    310      * Filters the text of the email sent when a change of site admin email address is attempted. 
    311      * 
    312      * The following strings have a special meaning and will get replaced dynamically: 
    313      * ###USERNAME###  The current user's username. 
    314      * ###ADMIN_URL### The link to click on to confirm the email change. 
    315      * ###EMAIL###     The proposed new site admin email address. 
    316      * ###SITENAME###  The name of the site. 
    317      * ###SITEURL###   The URL to the site. 
    318      * 
    319      * @since MU (3.0.0) 
    320      * 
    321      * @param string $email_text      Text in the email. 
    322      * @param array  $new_admin_email { 
    323      *     Data relating to the new site admin email address. 
    324      * 
    325      *     @type string $hash     The secure hash used in the confirmation link URL. 
    326      *     @type string $newemail The proposed new site admin email address. 
    327      * } 
    328      */ 
    329     $content = apply_filters( 'new_admin_email_content', $email_text, $new_admin_email ); 
    330  
    331     $current_user = wp_get_current_user(); 
    332     $content = str_replace( '###USERNAME###', $current_user->user_login, $content ); 
    333     $content = str_replace( '###ADMIN_URL###', esc_url( self_admin_url( 'options.php?adminhash='.$hash ) ), $content ); 
    334     $content = str_replace( '###EMAIL###', $value, $content ); 
    335     $content = str_replace( '###SITENAME###', wp_specialchars_decode( get_site_option( 'site_name' ), ENT_QUOTES ), $content ); 
    336     $content = str_replace( '###SITEURL###', network_home_url(), $content ); 
    337  
    338     wp_mail( $value, sprintf( __( '[%s] New Admin Email Address' ), wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ) ), $content ); 
    339  
    340     if ( $switched_locale ) { 
    341         restore_previous_locale(); 
    342     } 
    343266} 
    344267 
Note: See TracChangeset for help on using the changeset viewer.