Make WordPress Core

Opened 7 years ago

Last modified 6 years ago

#38432 new feature request

Validate user creation and email change by token

Reported by: lriaudel's profile lriaudel Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 4.9
Component: Login and Registration Keywords: has-patch needs-unit-tests
Focuses: ui Cc:


When you register on a wordpress site or when you change your email, we can use a fake email (or error entry) and it create ghost profile. I see 36 bad profile in 2 month on a website.

If an email is send with a validate links (token), the profile or the email change can be executed.

It secure correct data.


Attachments (2)

38432.patch (1.4 KB) - added by dilipbheda 6 years ago.
38432.2.patch (1.3 KB) - added by Girishpanchal 6 years ago.
Set default role and coding standard.

Download all attachments as: .zip

Change History (5)

#1 @johnbillion
7 years ago

  • Component changed from Users to Login and Registration
  • Keywords needs-patch 2nd-opinion added
  • Type changed from enhancement to feature request
  • Version 4.6.1 deleted

6 years ago

#2 @dilipbheda
6 years ago

  • Keywords has-patch added; needs-patch 2nd-opinion removed
  • Version set to 4.9

Hello Team

I have added the patch considering that it's better to give user the role when he/she has submitted the registration form. In the email, there is a link to reset password, when anyone clicks on it he/she will be assigned default role as per settings of WordPress.

Let me know your suggestions for the same.


#3 @Girishpanchal
6 years ago

  • Focuses ui added
  • Keywords needs-unit-tests added

When the token will be confirmed after updating get_option( 'default_role' ) for register user from admin side. Also updated coding standard.

6 years ago

Set default role and coding standard.

Note: See TracTickets for help on using tickets.