Make WordPress Core


Ignore:
Timestamp:
05/10/2018 08:42:15 PM (6 years ago)
Author:
SergeyBiryukov
Message:

Privacy: Send an email notification to the user once their personal data erasure request is fulfilled.

Props desrosj, allendav, garrett-eclipse.
Fixes #43973.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/user.php

    r43212 r43230  
    30683068
    30693069/**
     3070 * Notify the user when their erasure request is fulfilled.
     3071 *
     3072 * Without this, the user would never know if their data was actually erased.
     3073 *
     3074 * @since 4.9.6
     3075 *
     3076 * @param int $request_id The privacy request post ID associated with this request.
     3077 */
     3078function _wp_privacy_send_erasure_fulfillment_notification( $request_id ) {
     3079    $request_data = wp_get_user_request_data( $request_id );
     3080
     3081    if ( ! is_a( $request_data, 'WP_User_Request' ) || 'request-completed' !== $request_data->status ) {
     3082        return;
     3083    }
     3084
     3085    $already_notified = (bool) get_post_meta( $request_id, '_wp_user_notified', true );
     3086
     3087    if ( $already_notified ) {
     3088        return;
     3089    }
     3090
     3091    $subject = sprintf(
     3092        /* translators: %s Site name. */
     3093        __( '[%s] Erasure Request Fulfilled' ),
     3094        wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES )
     3095    );
     3096
     3097    /**
     3098     * Filters the recipient of the data erasure fulfillment notification.
     3099     *
     3100     * @since 4.9.6
     3101     *
     3102     * @param string          $user_email   The email address of the notification recipient.
     3103     * @param WP_User_Request $request_data The request that is initiating the notification.
     3104     */
     3105    $user_email = apply_filters( 'user_erasure_fulfillment_email_to', $request_data->email, $request_data );
     3106
     3107    $email_data = array(
     3108        'request'            => $request_data,
     3109        'user_email'         => $request_data->email,
     3110        'privacy_policy_url' => get_privacy_policy_url(),
     3111        'sitename'           => get_option( 'blogname' ),
     3112        'siteurl'            => home_url(),
     3113    );
     3114
     3115    if ( empty( $email_data['privacy_policy_url'] ) ) {
     3116        /* translators: Do not translate SITENAME, SITEURL; those are placeholders. */
     3117        $email_text = __(
     3118            'Howdy,
     3119
     3120Your request to erase your personal data on ###SITENAME### has been completed.
     3121
     3122If you have any follow-up questions or concerns, please contact the site administrator.
     3123
     3124Regards,
     3125All at ###SITENAME###
     3126###SITEURL###'
     3127        );
     3128    } else {
     3129        /* translators: Do not translate SITENAME, SITEURL, PRIVACY_POLICY_URL; those are placeholders. */
     3130        $email_text = __(
     3131            'Howdy,
     3132
     3133Your request to erase your personal data on ###SITENAME### has been completed.
     3134
     3135If you have any follow-up questions or concerns, please contact the site administrator.
     3136
     3137For more information, you can also read our privacy policy: ###PRIVACY_POLICY_URL###
     3138
     3139Regards,
     3140All at ###SITENAME###
     3141###SITEURL###'
     3142        );
     3143    }
     3144
     3145    /**
     3146     * Filters the body of the data erasure fulfillment notification.
     3147     *
     3148     * The email is sent to a user when a their data erasure request is fulfilled
     3149     * by an administrator.
     3150     *
     3151     * The following strings have a special meaning and will get replaced dynamically:
     3152     *
     3153     * ###SITENAME###           The name of the site.
     3154     * ###PRIVACY_POLICY_URL### Privacy policy page URL.
     3155     * ###SITEURL###            The URL to the site.
     3156     *
     3157     * @since 4.9.6
     3158     *
     3159     * @param string $email_text Text in the email.
     3160     * @param array  $email_data {
     3161     *     Data relating to the account action email.
     3162     *
     3163     *     @type WP_User_Request $request            User request object.
     3164     *     @type string          $user_email         The email address confirming a request.
     3165     *     @type string          $privacy_policy_url Privacy policy URL.
     3166     *     @type string          $sitename           The site name sending the mail.
     3167     *     @type string          $siteurl            The site URL sending the mail.
     3168     * }
     3169     */
     3170    $content = apply_filters( 'user_confirmed_action_email_content', $email_text, $email_data );
     3171
     3172    $content = str_replace( '###SITENAME###', wp_specialchars_decode( $email_data['sitename'], ENT_QUOTES ), $content );
     3173    $content = str_replace( '###PRIVACY_POLICY_URL###', $email_data['privacy_policy_url'], $content );
     3174    $content = str_replace( '###SITEURL###', esc_url_raw( $email_data['siteurl'] ), $content );
     3175
     3176    $email_sent = wp_mail( $user_email, $subject, $content );
     3177
     3178    if ( $email_sent ) {
     3179        update_post_meta( $request_id, '_wp_user_notified', true );
     3180    }
     3181}
     3182
     3183/**
    30703184 * Return request confirmation message HTML.
    30713185 *
Note: See TracChangeset for help on using the changeset viewer.