WordPress.org

Make WordPress Core

Opened 4 months ago

Last modified 8 days ago

#47192 new enhancement

Allow users to enter recovery mode via their registered email

Reported by: spacedmonkey Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 5.2
Component: Site Health Keywords: servehappy has-patch
Focuses: Cc:

Description

In WordPress 5.2 recovery mode was added. Recovery mode is entered when by clicking on a special link sent in an email. The email is sent to the admin_email which is stored as an option. However, the current manager / administrator may not have access to this email inbox.

Users with the activate_plugins capability should be able to request a recovery link sent the user's register email via form, similar to the forgotten password form. This request recovery link form, should always be available (default recovery mode on this single page). The unique recovery link key, should likely be stored in user meta with the possibility to work with multisite setups in the future.

Attachments (2)

47192.diff (9.8 KB) - added by spacedmonkey 4 months ago.
47192.1.diff (9.5 KB) - added by spacedmonkey 3 months ago.

Download all attachments as: .zip

Change History (13)

This ticket was mentioned in Slack in #core-php by spacedmonkey. View the logs.


4 months ago

This ticket was mentioned in Slack in #core-php by spacedmonkey. View the logs.


4 months ago

This ticket was mentioned in Slack in #core-php by spacedmonkey. View the logs.


4 months ago

#4 @fierevere
4 months ago

It will be fine to store and show error message in recovery mode too, as some users are unable to get email with recovery mode link and error details.

@spacedmonkey
4 months ago

#5 @spacedmonkey
4 months ago

  • Keywords has-patch added; needs-patch removed

I have uploaded a first patch. Completely untested, but I wanted to get the ball rolling.

I know @TimothyBlynJacobs had some security issue with this idea, like him to look at this first patch to see if he can see any issue.

#6 @TimothyBlynJacobs
4 months ago

I think its tough to discuss the possible security ramifications without a working patch. Off the bat, I don't see the same timing related issue because it looks like the permissions check is happening at a normal time. However, forcing recovery mode like this does worry me. But again, hard to say without digging into it.


As an aside, we shouldn't expose the email service. That is an implementation detail of the recovery mode controller. Instead, the request actions should probably be processed inside WP_Recvoery_Mode so it can pass the selected email address to maybe_send_recovery_mode_email.

This ticket was mentioned in Slack in #core-php by spacedmonkey. View the logs.


3 months ago

This ticket was mentioned in Slack in #core-php by spacedmonkey. View the logs.


3 months ago

#9 @spacedmonkey
3 months ago

  • Component changed from General to Site Health

#10 @spacedmonkey
3 months ago

I have uploaded a functional patch. Barring some formatting of code, I think this patch has legs.

#11 @melsteel
8 days ago

Hi Sir,@spacedmonkey

This looks great, is this finished now? How can we use it?

Yesterday when I performed a normal update in the dashboard some plugins caused fatal errors to lock me out of dashboard, then I used the link sent to my email but accidentally closed my browser when I just opened the link, then when I try to open that link again the site wouldn't initiate the recovery mode, is this because of the link will only valid for the first time?

Because my hosing provider wouldn't provide me the FTP access account don't know why, so my site was offline for 4 hours until she did a restore to a version backed up in the previous day, so basically when she do the restore I also lost some data after that backup.

So if this is finished it will be a big help for situation like I just had, I can't rename the plugin folders to deactivate them and I couldn't use that link sent to me, so with this function you are developing I could just send a new link to me again and it will save me a lot of trouble talking to the hosting provider.

Great work! Thanks for sharing.

Note: See TracTickets for help on using tickets.