WordPress.org

Make WordPress Core

Opened 4 years ago

Last modified 3 years ago

#30227 new defect (bug)

Inaccurate wording when creating a user with a reserved email address

Reported by: trepmal Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version: 3.3.2
Component: Text Changes Keywords: has-patch needs-testing
Focuses: multisite Cc:

Description

If you try to create a user on multisite using an email address that is tied to an unconfirmed user, you'll get this notice

That email address has already been used. Please check your inbox for an activation email. It will become available in a couple of days if you do nothing.

"Please check your inbox" seems to imply that the logged in user should check their own inbox for an activation email. Not sure of the best way to reword that so it's clear without being overly wordy. Possibly something like

That email address is reserved pending activation. It will become available in a couple of days if left unconfirmed.

or

That email address is reserved. An activation email has been sent to that address. If left unconfirmed it will become available in a couple of days.

Also, "couple of days" could be any time less than 2 days, so perhaps a dynamic value could be used here giving a better approximatation of the time remaining till the unconfirmed address will be freed up.

This is referenced in #20817

Attachments (2)

30227.diff (1.0 KB) - added by valendesigns 4 years ago.
30227.1.diff (1006 bytes) - added by valendesigns 4 years ago.

Download all attachments as: .zip

Change History (10)

#1 @jeremyfelt
4 years ago

  • Milestone changed from Awaiting Review to Future Release

The "please check your inbox" text could be a prompt for a user that had attempted to register that same email address already.

Another attempt that combines @trepmal's approach and leaves a bit of the original in:

That email address is currently pending activation and is not available for new registration. If you have made a previous attempt with this email address, please check your inbox for an activation email. If left unconfirmed, it will become available in a couple of days.

I also like the idea of making that number dynamic. We already have the # of seconds available to us and can pass that with the string.

#2 follow-up: @johnbillion
4 years ago

"It will become available in a couple of days if you do nothing."

AFAIK this is not the case at all. There is no expiry time on pending user activations.

#3 in reply to: ↑ 2 @jeremyfelt
4 years ago

Replying to johnbillion:

"It will become available in a couple of days if you do nothing."

AFAIK this is not the case at all. There is no expiry time on pending user activations.

wpmu_validate_blog_signup() deletes a pending signup after 2 days if another is requested on the same email address.

// If registered more than two days ago, cancel registration and let this signup go through.
if ( $diff > 2 * DAY_IN_SECONDS )
	$wpdb->delete( $wpdb->signups, array( 'user_email' => $user_email ) );

This ticket was mentioned in Slack in #core by kienstra. View the logs.


4 years ago

@valendesigns
4 years ago

#5 @valendesigns
4 years ago

  • Keywords has-patch needs-testing added

I think @jeremyfelt text is well written. I've added it to a patch.

Cheers, Derek

#6 @jeremyfelt
4 years ago

Thanks for the patch @valendesigns. Rereading, I think we can be a bit tighter.

Maybe:

"That email address is pending activation and not available for new registration. If you made a previous attempt with this email address, please check your inbox for an activation email. If left unconfirmed, it will become available in a couple of days."

Is it a security annoyance (not really risk) to report the specific time? I'm not imagining a scenario where it would be bad.

"If left unconfirmed, it will be come available in about X hour(s)." could be interesting.

@valendesigns
4 years ago

#7 @valendesigns
4 years ago

I don't think we necessarily need to insert the time it becomes available. They should have an activation email in their inbox if they signed up with an email address they actually own. This is really just a reminder. In either case, I've updated the patch with the new string above.

#8 @BurlesonBrad
3 years ago

In case a user deleted the email, should there not also be an option to simply resend it?

Note: See TracTickets for help on using tickets.