From 197b4a829b3e1e028f956378650b96245ecca4b5 Mon Sep 17 00:00:00 2001 From: Andrew Ozz Date: Tue, 13 Aug 2019 17:40:55 +0000 Subject: [PATCH] Admin email verification: - Add the `admin_email_lifespan` option when installing. Fixes a bug where the verification screen is shown right after installation. - Reset the same option when upgrading and the user doing the DB upgrade is not an admin. This will ensure the email verification is shown next time an admin logs in. - Use `site_url()` instead of `network_site_url()` for the form action. The latter seems needed only for password reset. See #46349. Built from https://develop.svn.wordpress.org/trunk@45788 git-svn-id: http://core.svn.wordpress.org/trunk@45599 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/includes/schema.php | 3 +++ wp-admin/includes/upgrade.php | 12 ++++++++---- wp-includes/version.php | 2 +- wp-login.php | 4 ++-- 4 files changed, 14 insertions(+), 7 deletions(-) diff --git a/wp-admin/includes/schema.php b/wp-admin/includes/schema.php index 0e7cdb5bda..1511f27f39 100644 --- a/wp-admin/includes/schema.php +++ b/wp-admin/includes/schema.php @@ -542,6 +542,9 @@ function populate_options( array $options = array() ) { // 4.9.8 'show_comments_cookies_opt_in' => 1, + + // 5.3.0 + 'admin_email_lifespan' => ( time() + 6 * MONTH_IN_SECONDS ), ); // 3.3 diff --git a/wp-admin/includes/upgrade.php b/wp-admin/includes/upgrade.php index 1a677ddab2..1e907c5097 100644 --- a/wp-admin/includes/upgrade.php +++ b/wp-admin/includes/upgrade.php @@ -2125,10 +2125,14 @@ function upgrade_510() { * @since 5.3.0 */ function upgrade_530() { - // Do `add_option()` rather than overwriting with `update_option()` as this may run - // after an admin was redirected to the email verification screen, - // and the option was updated. - add_option( 'admin_email_lifespan', 0 ); + // The `admin_email_lifespan` option may have been set by an admin that just logged in, + // saw the verification screen, clicked on a button there, and is now upgrading the db, + // or by populate_options() that is called earlier in upgrade_all(). + // In the second case `admin_email_lifespan` should be reset so the verification screen + // is shown next time an admin logs in. + if ( function_exists( 'current_user_can' ) && ! current_user_can( 'manage_options' ) ) { + update_option( 'admin_email_lifespan', 0 ); + } } /** diff --git a/wp-includes/version.php b/wp-includes/version.php index 16048523c9..f994ec3eb1 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -13,7 +13,7 @@ * * @global string $wp_version */ -$wp_version = '5.3-alpha-45787'; +$wp_version = '5.3-alpha-45788'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. diff --git a/wp-login.php b/wp-login.php index e0c7a74c8c..f7f0fa16ea 100644 --- a/wp-login.php +++ b/wp-login.php @@ -594,7 +594,7 @@ switch ( $action ) { * * @param int Interval time (in seconds). */ - $admin_email_check_interval = (int) apply_filters( 'admin_email_check_interval', 180 * DAY_IN_SECONDS ); + $admin_email_check_interval = (int) apply_filters( 'admin_email_check_interval', 6 * MONTH_IN_SECONDS ); if ( $admin_email_check_interval > 0 ) { update_option( 'admin_email_lifespan', time() + $admin_email_check_interval ); @@ -617,7 +617,7 @@ switch ( $action ) { ?> -
+