WordPress.org

Make WordPress Core


Ignore:
Timestamp:
08/14/17 20:12:23 (5 months ago)
Author:
johnbillion
Message:

Options, Meta APIs: Require a confirmation link in an email to be clicked when an admin attempts to change the site admin email address.

This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their site.

Props MatheusGimenez, johnbillion

Fixes #39118

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/options.php

    r39933 r41254  
    5454 
    5555// Handle admin email change requests 
    56 if ( is_multisite() ) { 
    57     if ( ! empty($_GET[ 'adminhash' ] ) ) { 
    58         $new_admin_details = get_option( 'adminhash' ); 
    59         $redirect = 'options-general.php?updated=false'; 
    60         if ( is_array( $new_admin_details ) && hash_equals( $new_admin_details[ 'hash' ], $_GET[ 'adminhash' ] ) && !empty($new_admin_details[ 'newemail' ]) ) { 
    61             update_option( 'admin_email', $new_admin_details[ 'newemail' ] ); 
    62             delete_option( 'adminhash' ); 
    63             delete_option( 'new_admin_email' ); 
    64             $redirect = 'options-general.php?updated=true'; 
    65         } 
    66         wp_redirect( admin_url( $redirect ) ); 
    67         exit; 
    68     } elseif ( ! empty( $_GET['dismiss'] ) && 'new_admin_email' == $_GET['dismiss'] ) { 
    69         check_admin_referer( 'dismiss-' . get_current_blog_id() . '-new_admin_email' ); 
     56if ( ! empty( $_GET[ 'adminhash' ] ) ) { 
     57    $new_admin_details = get_option( 'adminhash' ); 
     58    $redirect = 'options-general.php?updated=false'; 
     59    if ( is_array( $new_admin_details ) && hash_equals( $new_admin_details[ 'hash' ], $_GET[ 'adminhash' ] ) && ! empty( $new_admin_details[ 'newemail' ] ) ) { 
     60        update_option( 'admin_email', $new_admin_details[ 'newemail' ] ); 
    7061        delete_option( 'adminhash' ); 
    7162        delete_option( 'new_admin_email' ); 
    72         wp_redirect( admin_url( 'options-general.php?updated=true' ) ); 
    73         exit; 
    74     } 
     63        $redirect = 'options-general.php?updated=true'; 
     64    } 
     65    wp_redirect( admin_url( $redirect ) ); 
     66    exit; 
     67} elseif ( ! empty( $_GET['dismiss'] ) && 'new_admin_email' == $_GET['dismiss'] ) { 
     68    check_admin_referer( 'dismiss-' . get_current_blog_id() . '-new_admin_email' ); 
     69    delete_option( 'adminhash' ); 
     70    delete_option( 'new_admin_email' ); 
     71    wp_redirect( admin_url( 'options-general.php?updated=true' ) ); 
     72    exit; 
    7573} 
    7674 
     
    8482 
    8583$whitelist_options = array( 
    86     'general' => array( 'blogname', 'blogdescription', 'gmt_offset', 'date_format', 'time_format', 'start_of_week', 'timezone_string', 'WPLANG' ), 
     84    'general' => array( 'blogname', 'blogdescription', 'gmt_offset', 'date_format', 'time_format', 'start_of_week', 'timezone_string', 'WPLANG', 'new_admin_email' ), 
    8785    'discussion' => array( 'default_pingback_flag', 'default_ping_status', 'default_comment_status', 'comments_notify', 'moderation_notify', 'comment_moderation', 'require_name_email', 'comment_whitelist', 'comment_max_links', 'moderation_keys', 'blacklist_keys', 'show_avatars', 'avatar_rating', 'avatar_default', 'close_comments_for_old_posts', 'close_comments_days_old', 'thread_comments', 'thread_comments_depth', 'page_comments', 'comments_per_page', 'default_comments_page', 'comment_order', 'comment_registration' ), 
    8886    'media' => array( 'thumbnail_size_w', 'thumbnail_size_h', 'thumbnail_crop', 'medium_size_w', 'medium_size_h', 'large_size_w', 'large_size_h', 'image_default_size', 'image_default_align', 'image_default_link_type' ), 
     
    108106        $whitelist_options['general'][] = 'home'; 
    109107 
    110     $whitelist_options['general'][] = 'admin_email'; 
    111108    $whitelist_options['general'][] = 'users_can_register'; 
    112109    $whitelist_options['general'][] = 'default_role'; 
     
    123120    } 
    124121} else { 
    125     $whitelist_options['general'][] = 'new_admin_email'; 
    126  
    127122    /** 
    128123     * Filters whether the post-by-email functionality is enabled. 
Note: See TracChangeset for help on using the changeset viewer.