Add a method to confirm user requests by email. First run.

Props mikejolley.
Merges [42791] to the 4.9 branch.
See #43443.
Built from https://develop.svn.wordpress.org/branches/4.9@43069


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov 2018-05-01 23:34:26 +00:00
parent 85d1ba9726
commit 01e3c640fe
3 changed files with 303 additions and 2 deletions

View File

@ -2731,3 +2731,258 @@ function new_user_email_admin_notice() {
echo '<div class="notice notice-info"><p>' . sprintf( __( 'Your email address has not been updated yet. Please check your inbox at %s for a confirmation email.' ), '<code>' . esc_html( $email['newemail'] ) . '</code>' ) . '</p></div>';
}
}
/**
* Send a confirmation request email to confirm an action.
*
* @since 5.0.0
*
* @param string $action_name Name of the action that is being confirmed.
* @param string $action_description User facing description of the action they will be confirming.
* @param string $email User email address. This can be the address of a registered or non-registered user. Defaults to logged in user email address.
*
* @return WP_ERROR|bool Will return true/false based on the success of sending the email, or a WP_Error object.
*/
function send_confirm_account_action_email( $action_name, $action_description = '', $email = '' ) {
$action_name = sanitize_key( $action_name );
$action_description = wp_kses_post( $action_description );
if ( empty( $action_name ) ) {
return new WP_Error( 'invalid_action', __( 'Invalid action' ) );
}
if ( empty( $email ) ) {
$user = wp_get_current_user();
$email = $user->ID ? $user->user_email : '';
} else {
$user = false;
}
$email = sanitize_email( $email );
if ( ! is_email( $email ) ) {
return new WP_Error( 'invalid_email', __( 'Invalid email address' ) );
}
if ( ! $user ) {
$user = get_user_by( 'email', $email );
}
// We could be dealing with a registered user account, or a visitor.
$is_registered_user = $user && ! is_wp_error( $user );
$uid = $is_registered_user ? $user->ID : hash( 'sha256', $email );
$confirm_key = get_confirm_account_action_key( $action_name, $email );
if ( is_wp_error( $confirm_key ) ) {
return $confirm_key;
}
// Prepare the email content.
if ( ! $action_description ) {
$action_description = $action_name;
}
/* translators: Do not translate DESCRIPTION, CONFIRM_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */
$email_text = __(
'Howdy,
An account linked to your email address has requested to perform
the following action:
###DESCRIPTION###
To confirm this action, please click on the following link:
###CONFIRM_URL###
You can safely ignore and delete this email if you do not want to
take this action.
This email has been sent to ###EMAIL###.
Regards,
All at ###SITENAME###
###SITEURL###'
);
$email_data = array(
'action_name' => $action_name,
'email' => $email,
'description' => $action_description,
'confirm_url' => add_query_arg( array(
'action' => 'emailconfirm',
'confirm_action' => $action_name,
'uid' => $uid,
'confirm_key' => $confirm_key,
), site_url( 'wp-login.php' ) ),
'sitename' => is_multisite() ? get_site_option( 'site_name' ) : get_option( 'blogname' ),
'siteurl' => network_home_url(),
);
/**
* Filters the text of the email sent when an account action is attempted.
*
* The following strings have a special meaning and will get replaced dynamically:
* ###USERNAME### The user's username, if the user has an account. Prefixed with single space. Otherwise left blank.
* ###DESCRIPTION### Description of the action being performed so the user knows what the email is for.
* ###CONFIRM_URL### The link to click on to confirm the account action.
* ###EMAIL### The email we are sending to.
* ###SITENAME### The name of the site.
* ###SITEURL### The URL to the site.
*
* @param string $email_text Text in the email.
* @param array $email_data {
* Data relating to the account action email.
*
* @type string $action_name Name of the action being performed.
* @type string $email The email address this is being sent to.
* @type string $description Description of the action being performed so the user knows what the email is for.
* @type string $confirm_url The link to click on to confirm the account action.
* @type string $sitename The site name sending the mail.
* @type string $siteurl The site URL sending the mail.
* }
*/
$content = apply_filters( 'confirm_account_action_email_content', $email_text, $email_data );
$content = str_replace( '###DESCRIPTION###', $email_data['description'], $content );
$content = str_replace( '###CONFIRM_URL###', esc_url_raw( $email_data['confirm_url'] ), $content );
$content = str_replace( '###EMAIL###', $email_data['email'], $content );
$content = str_replace( '###SITENAME###', wp_specialchars_decode( $email_data['sitename'], ENT_QUOTES ), $content );
$content = str_replace( '###SITEURL###', esc_url_raw( $email_data['siteurl'] ), $content );
/* translators: %s Site name. */
return wp_mail( $email_data['email'], sprintf( __( '[%s] Confirm Account Action' ), wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ) ), $content );
}
/**
* Creates, stores, then returns a confirmation key for an account action.
*
* @since 5.0.0
*
* @param string $action_name Name of the action this key is being generated for.
* @param string $email User email address. This can be the address of a registered or non-registered user.
*
* @return string|WP_Error Confirmation key on success. WP_Error on error.
*/
function get_confirm_account_action_key( $action_name, $email ) {
global $wp_hasher;
if ( ! is_email( $email ) ) {
return new WP_Error( 'invalid_email', __( 'Invalid email address' ) );
}
if ( empty( $action_name ) ) {
return new WP_Error( 'invalid_action', __( 'Invalid action' ) );
}
$user = get_user_by( 'email', $email );
// We could be dealing with a registered user account, or a visitor.
$is_registered_user = $user && ! is_wp_error( $user );
// Generate something random for a confirmation key.
$key = wp_generate_password( 20, false );
// Now insert the key, hashed, into the DB.
if ( empty( $wp_hasher ) ) {
require_once ABSPATH . WPINC . '/class-phpass.php';
$wp_hasher = new PasswordHash( 8, true );
}
$hashed_key = $wp_hasher->HashPassword( $key );
if ( $is_registered_user ) {
$key_saved = (bool) update_user_meta( $user->ID, '_account_action_' . $action_name, implode( ':', array( time(), $hashed_key ) ) );
} else {
$key_saved = (bool) update_site_option( '_account_action_' . hash( 'sha256', $email ) . '_' . $action_name, implode( ':', array( time(), $hashed_key, $email ) ) );
}
if ( false === $key_saved ) {
return new WP_Error( 'no_confirm_account_action_key_update', __( 'Could not save confirm account action key to database.' ) );
}
return $key;
}
/**
* Checks if a key is valid and handles the action based on this.
*
* @since 5.0.0
*
* @param string $action_name Name of the action this key is being generated for.
* @param string $key Key to confirm.
* @param string $uid Email hash or user ID.
*
* @return array|WP_Error WP_Error on failure, action name and user email address on success.
*/
function check_confirm_account_action_key( $action_name, $key, $uid ) {
global $wp_hasher;
if ( ! empty( $action_name ) && ! empty( $key ) && ! empty( $uid ) ) {
$user = false;
if ( is_numeric( $uid ) ) {
$user = get_user_by( 'id', absint( $uid ) );
}
// We could be dealing with a registered user account, or a visitor.
$is_registered_user = $user && ! is_wp_error( $user );
$key_request_time = '';
$saved_key = '';
$email = '';
if ( empty( $wp_hasher ) ) {
require_once ABSPATH . WPINC . '/class-phpass.php';
$wp_hasher = new PasswordHash( 8, true );
}
// Get the saved key from the database.
if ( $is_registered_user ) {
$confirm_action_data = get_user_meta( $user->ID, '_account_action_' . $action_name, true );
$email = $user->user_email;
if ( false !== strpos( $confirm_action_data, ':' ) ) {
list( $key_request_time, $saved_key ) = explode( ':', $confirm_action_data, 2 );
}
} else {
$confirm_action_data = get_site_option( '_account_action_' . $uid . '_' . $action_name, '' );
if ( false !== strpos( $confirm_action_data, ':' ) ) {
list( $key_request_time, $saved_key, $email ) = explode( ':', $confirm_action_data, 3 );
}
}
if ( ! $saved_key ) {
return new WP_Error( 'invalid_key', __( 'Invalid key' ) );
}
/**
* Filters the expiration time of confirm keys.
*
* @param int $expiration The expiration time in seconds.
*/
$expiration_duration = apply_filters( 'account_action_expiration', DAY_IN_SECONDS );
$expiration_time = $key_request_time + $expiration_duration;
if ( $wp_hasher->CheckPassword( $key, $saved_key ) ) {
if ( $expiration_time && time() < $expiration_time ) {
$return = array(
'action' => $action_name,
'email' => $email,
);
} else {
$return = new WP_Error( 'expired_key', __( 'The confirmation email has expired.' ) );
}
// Clean up stored keys.
if ( $is_registered_user ) {
delete_user_meta( $user->ID, '_account_action_' . $action_name );
} else {
delete_site_option( '_account_action_' . $uid . '_' . $action_name );
}
return $return;
}
}
return new WP_Error( 'invalid_key', __( 'Invalid key' ) );
}

View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.9.6-alpha-43068';
$wp_version = '4.9.6-alpha-43069';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.

View File

@ -413,7 +413,7 @@ if ( isset($_GET['key']) )
$action = 'resetpass';
// validate action so as to default to the login screen
if ( !in_array( $action, array( 'postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login' ), true ) && false === has_filter( 'login_form_' . $action ) )
if ( !in_array( $action, array( 'postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login', 'emailconfirm' ), true ) && false === has_filter( 'login_form_' . $action ) )
$action = 'login';
nocache_headers();
@ -838,6 +838,52 @@ if ( $switched_locale ) {
break;
case 'emailconfirm' :
if ( isset( $_GET['confirm_action'], $_GET['confirm_key'], $_GET['uid'] ) ) {
$action_name = sanitize_key( wp_unslash( $_GET['confirm_action'] ) );
$key = sanitize_text_field( wp_unslash( $_GET['confirm_key'] ) );
$uid = sanitize_text_field( wp_unslash( $_GET['uid'] ) );
$result = check_confirm_account_action_key( $action_name, $key, $uid );
} else {
$result = new WP_Error( 'invalid_key', __( 'Invalid key' ) );
}
if ( is_wp_error( $result ) ) {
/**
* Fires an action hook when the account action was not confirmed.
*
* After running this action hook the page will die.
*
* @param WP_Error $result Error object.
*/
do_action( 'account_action_failed', $result );
wp_die( $result );
}
/**
* Fires an action hook when the account action has been confirmed by the user.
*
* Using this you can assume the user has agreed to perform the action by
* clicking on the link in the confirmation email.
*
* After firing this action hook the page will redirect to wp-login a callback
* redirects or exits first.
*
* @param array $result {
* Data about the action which was confirmed.
*
* @type string $action Name of the action that was confirmed.
* @type string $email Email of the user who confirmed the action.
* }
*/
do_action( 'account_action_confirmed', $result );
$message = '<p class="message">' . __( 'Action has been confirmed.' ) . '</p>';
login_header( '', $message );
login_footer();
exit;
case 'login' :
default:
$secure_cookie = '';