Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2025-01-03 15:08:10 +01:00
Code Issues Projects Releases Wiki Activity

Fix some more html encoding in email subject issues. Fixes #9913.

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@12398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
westi 2009-12-14 22:09:54 +00:00
parent b2af12a900
commit 2c4aadf49f
2 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
wp-includes/pluggable.php
View File

@ -1136,7 +1136,10 @@ function wp_password_change_notification(&$user) {
// but check to see if it's the admin whose password we're changing, and skip this // but check to see if it's the admin whose password we're changing, and skip this
if ( $user->user_email != get_option('admin_email') ) { if ( $user->user_email != get_option('admin_email') ) {
$message = sprintf(__('Password Lost and Changed for user: %s'), $user->user_login) . "\r\n"; $message = sprintf(__('Password Lost and Changed for user: %s'), $user->user_login) . "\r\n";
wp_mail(get_option('admin_email'), sprintf(__('[%s] Password Lost/Changed'), @html_entity_decode(get_option('blogname'), ENT_QUOTES, get_option('blog_charset'))), $message); // The blogname option is escaped with esc_html on the way into the database in sanitize_option
// we want to reverse this for the plain text arena of emails.
$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
wp_mail(get_option('admin_email'), sprintf(__('[%s] Password Lost/Changed'), $blogname), $message);
} }
} }
endif; endif;

12
wp-login.php
View File

@ -167,7 +167,11 @@ function retrieve_password() {
$message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.') . "\r\n\r\n"; $message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.') . "\r\n\r\n";
$message .= site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "\r\n"; $message .= site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "\r\n";
$title = sprintf(__('[%s] Password Reset'), get_option('blogname')); // The blogname option is escaped with esc_html on the way into the database in sanitize_option
// we want to reverse this for the plain text arena of emails.
$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
$title = sprintf(__('[%s] Password Reset'), $blogname);
$title = apply_filters('retrieve_password_title', $title); $title = apply_filters('retrieve_password_title', $title);
$message = apply_filters('retrieve_password_message', $message, $key); $message = apply_filters('retrieve_password_message', $message, $key);
@ -212,7 +216,11 @@ function reset_password($key, $login) {
$message .= sprintf(__('Password: %s'), $new_pass) . "\r\n"; $message .= sprintf(__('Password: %s'), $new_pass) . "\r\n";
$message .= site_url('wp-login.php', 'login') . "\r\n"; $message .= site_url('wp-login.php', 'login') . "\r\n";
$title = sprintf(__('[%s] Your new password'), get_option('blogname')); // The blogname option is escaped with esc_html on the way into the database in sanitize_option
// we want to reverse this for the plain text arena of emails.
$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
$title = sprintf(__('[%s] Your new password'), $blogname);
$title = apply_filters('password_reset_title', $title); $title = apply_filters('password_reset_title', $title);
$message = apply_filters('password_reset_message', $message, $new_pass); $message = apply_filters('password_reset_message', $message, $new_pass);