mirror of
https://github.com/WordPress/WordPress.git
synced 2024-12-23 01:27:36 +01:00
Multisite: Validate new email address confirmations.
Built from https://develop.svn.wordpress.org/trunk@37103 git-svn-id: http://core.svn.wordpress.org/trunk@37070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
b15e4d2775
commit
6a3acea8b5
@ -83,7 +83,7 @@ if ( is_multisite()
|
||||
// Execute confirmed email change. See send_confirmation_on_profile_email().
|
||||
if ( is_multisite() && IS_PROFILE_PAGE && isset( $_GET[ 'newuseremail' ] ) && $current_user->ID ) {
|
||||
$new_email = get_user_meta( $current_user->ID, '_new_email', true );
|
||||
if ( $new_email && $new_email[ 'hash' ] == $_GET[ 'newuseremail' ] ) {
|
||||
if ( $new_email && hash_equals( $new_email[ 'hash' ], $_GET[ 'newuseremail' ] ) ) {
|
||||
$user = new stdClass;
|
||||
$user->ID = $current_user->ID;
|
||||
$user->user_email = esc_html( trim( $new_email[ 'newemail' ] ) );
|
||||
@ -97,7 +97,8 @@ if ( is_multisite() && IS_PROFILE_PAGE && isset( $_GET[ 'newuseremail' ] ) && $c
|
||||
} else {
|
||||
wp_redirect( add_query_arg( array( 'error' => 'new-email' ), self_admin_url( 'profile.php' ) ) );
|
||||
}
|
||||
} elseif ( is_multisite() && IS_PROFILE_PAGE && !empty( $_GET['dismiss'] ) && $current_user->ID . '_new_email' == $_GET['dismiss'] ) {
|
||||
} elseif ( is_multisite() && IS_PROFILE_PAGE && !empty( $_GET['dismiss'] ) && $current_user->ID . '_new_email' === $_GET['dismiss'] ) {
|
||||
check_admin_referer( 'dismiss-' . $current_user->ID . '_new_email' );
|
||||
delete_user_meta( $current_user->ID, '_new_email' );
|
||||
wp_redirect( add_query_arg( array('updated' => 'true'), self_admin_url( 'profile.php' ) ) );
|
||||
die();
|
||||
@ -400,11 +401,11 @@ if ( is_multisite() && is_network_admin() && ! IS_PROFILE_PAGE && current_user_c
|
||||
printf(
|
||||
/* translators: %s: new email */
|
||||
__( 'There is a pending change of your email to %s.' ),
|
||||
'<code>' . $new_email['newemail'] . '</code>'
|
||||
'<code>' . esc_html( $new_email['newemail'] ) . '</code>'
|
||||
);
|
||||
printf(
|
||||
' <a href="%1$s">%2$s</a>',
|
||||
esc_url( self_admin_url( 'profile.php?dismiss=' . $current_user->ID . '_new_email' ) ),
|
||||
esc_url( wp_nonce_url( self_admin_url( 'profile.php?dismiss=' . $current_user->ID . '_new_email' ), 'dismiss-' . $current_user->ID . '_new_email' ) ),
|
||||
__( 'Cancel' )
|
||||
);
|
||||
?></p>
|
||||
|
@ -4,7 +4,7 @@
|
||||
*
|
||||
* @global string $wp_version
|
||||
*/
|
||||
$wp_version = '4.5-RC1-37094';
|
||||
$wp_version = '4.5-RC1-37103';
|
||||
|
||||
/**
|
||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||
|
Loading…
Reference in New Issue
Block a user