Make WordPress Core


Ignore:
Timestamp:
12/13/2018 12:22:03 AM (6 years ago)
Author:
peterwilsoncc
Message:

Multisite: Improve messaging for previously activated users.

Ensure activation of a site is not attempted multiple times and users are shown the correct message if they follow the link a second time.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-activate.php

    r43569 r44021  
    1717    wp_redirect( wp_registration_url() );
    1818    die();
     19}
     20
     21$valid_error_codes = array( 'already_active', 'blog_taken' );
     22
     23list( $activate_path ) = explode( '?', wp_unslash( $_SERVER['REQUEST_URI'] ) );
     24$activate_cookie       = 'wp-activate-' . COOKIEHASH;
     25
     26$key    = '';
     27$result = null;
     28
     29if ( ! empty( $_GET['key'] ) ) {
     30    $key = $_GET['key'];
     31} elseif ( ! empty( $_POST['key'] ) ) {
     32    $key = $_POST['key'];
     33}
     34
     35if ( $key ) {
     36    $redirect_url = remove_query_arg( 'key' );
     37
     38    if ( $redirect_url !== remove_query_arg( false ) ) {
     39        setcookie( $activate_cookie, $key, 0, $activate_path, COOKIE_DOMAIN, is_ssl(), true );
     40        wp_safe_redirect( $redirect_url );
     41        exit;
     42    } else {
     43        $result = wpmu_activate_signup( $key );
     44    }
     45}
     46
     47if ( $result === null && isset( $_COOKIE[ $activate_cookie ] ) ) {
     48    $key    = $_COOKIE[ $activate_cookie ];
     49    $result = wpmu_activate_signup( $key );
     50    setcookie( $activate_cookie, ' ', time() - YEAR_IN_SECONDS, $activate_path, COOKIE_DOMAIN, is_ssl(), true );
     51}
     52
     53if ( $result === null || ( is_wp_error( $result ) && 'invalid_key' === $result->get_error_code() ) ) {
     54    status_header( 404 );
     55} elseif ( is_wp_error( $result ) ) {
     56    $error_code = $result->get_error_code();
     57
     58    if ( ! in_array( $error_code, $valid_error_codes ) ) {
     59        status_header( 400 );
     60    }
    1961}
    2062
     
    71113}
    72114add_action( 'wp_head', 'wpmu_activate_stylesheet' );
     115add_action( 'wp_head', 'wp_sensitive_page_meta' );
    73116
    74117get_header( 'wp-activate' );
     
    77120<div id="signup-content" class="widecolumn">
    78121    <div class="wp-activate-container">
    79     <?php
    80     if ( empty( $_GET['key'] ) && empty( $_POST['key'] ) ) {
    81         ?>
     122    <?php if ( ! $key ) { ?>
    82123
    83124        <h2><?php _e( 'Activation Key Required' ); ?></h2>
     
    93134
    94135        <?php
     136} else {
     137    if ( is_wp_error( $result ) && in_array( $result->get_error_code(), $valid_error_codes ) ) {
     138        $signup = $result->get_error_data();
     139        ?>
     140            <h2><?php _e( 'Your account is now active!' ); ?></h2>
     141            <?php
     142            echo '<p class="lead-in">';
     143            if ( $signup->domain . $signup->path == '' ) {
     144                printf(
     145                    /* translators: 1: login URL, 2: username, 3: user email, 4: lost password URL */
     146                    __( 'Your account has been activated. You may now <a href="%1$s">log in</a> to the site using your chosen username of &#8220;%2$s&#8221;. Please check your email inbox at %3$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%4$s">reset your password</a>.' ),
     147                    network_site_url( 'wp-login.php', 'login' ),
     148                    $signup->user_login,
     149                    $signup->user_email,
     150                    wp_lostpassword_url()
     151                );
     152            } else {
     153                printf(
     154                    /* translators: 1: site URL, 2: username, 3: user email, 4: lost password URL */
     155                    __( 'Your site at %1$s is active. You may now log in to your site using your chosen username of &#8220;%2$s&#8221;. Please check your email inbox at %3$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%4$s">reset your password</a>.' ),
     156                    sprintf( '<a href="http://%1$s">%1$s</a>', $signup->domain ),
     157                    $signup->user_login,
     158                    $signup->user_email,
     159                    wp_lostpassword_url()
     160                );
     161            }
     162            echo '</p>';
     163    } elseif ( $result === null || is_wp_error( $result ) ) {
     164        ?>
     165            <h2><?php _e( 'An error occurred during the activation' ); ?></h2>
     166            <?php if ( is_wp_error( $result ) ) : ?>
     167                <p><?php echo $result->get_error_message(); ?></p>
     168            <?php endif; ?>
     169            <?php
    95170    } else {
    96 
    97         $key    = ! empty( $_GET['key'] ) ? $_GET['key'] : $_POST['key'];
    98         $result = wpmu_activate_signup( $key );
    99         if ( is_wp_error( $result ) ) {
    100             if ( 'already_active' == $result->get_error_code() || 'blog_taken' == $result->get_error_code() ) {
    101                 $signup = $result->get_error_data();
    102                 ?>
    103                 <h2><?php _e( 'Your account is now active!' ); ?></h2>
    104                     <?php
    105                     echo '<p class="lead-in">';
    106                     if ( $signup->domain . $signup->path == '' ) {
    107                         printf(
    108                             /* translators: 1: login URL, 2: username, 3: user email, 4: lost password URL */
    109                             __( 'Your account has been activated. You may now <a href="%1$s">log in</a> to the site using your chosen username of &#8220;%2$s&#8221;. Please check your email inbox at %3$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%4$s">reset your password</a>.' ),
    110                             network_site_url( 'wp-login.php', 'login' ),
    111                             $signup->user_login,
    112                             $signup->user_email,
    113                             wp_lostpassword_url()
    114                         );
    115                     } else {
    116                         printf(
    117                             /* translators: 1: site URL, 2: username, 3: user email, 4: lost password URL */
    118                             __( 'Your site at %1$s is active. You may now log in to your site using your chosen username of &#8220;%2$s&#8221;. Please check your email inbox at %3$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%4$s">reset your password</a>.' ),
    119                             sprintf( '<a href="http://%1$s">%1$s</a>', $signup->domain ),
    120                             $signup->user_login,
    121                             $signup->user_email,
    122                             wp_lostpassword_url()
    123                         );
    124                     }
    125                     echo '</p>';
    126             } else {
    127                 ?>
    128                 <h2><?php _e( 'An error occurred during the activation' ); ?></h2>
    129                 <p><?php echo $result->get_error_message(); ?></p>
    130                 <?php
    131             }
    132         } else {
    133             $url  = isset( $result['blog_id'] ) ? get_home_url( (int) $result['blog_id'] ) : '';
    134             $user = get_userdata( (int) $result['user_id'] );
    135             ?>
     171        $url  = isset( $result['blog_id'] ) ? get_home_url( (int) $result['blog_id'] ) : '';
     172        $user = get_userdata( (int) $result['user_id'] );
     173        ?>
    136174            <h2><?php _e( 'Your account is now active!' ); ?></h2>
    137175
     
    162200            <?php
    163201            endif;
    164         }
    165202    }
    166     ?>
     203}
     204?>
    167205    </div>
    168206</div>
Note: See TracChangeset for help on using the changeset viewer.