mirror of
https://github.com/WordPress/WordPress.git
synced 2024-12-23 01:27:36 +01:00
Multisite: Switch to a usermeta key for email confirmation.
To prevent inconsistent data across sites in a network the new email address is now stored in usermeta. Adds visual feedback for the case when an update has failed. All existing options will be removed on a database upgrade. Props MikeHansenMe, kovshenin, jeremyfelt, ocean90. Fixes #23358. Built from https://develop.svn.wordpress.org/trunk@36679 git-svn-id: http://core.svn.wordpress.org/trunk@36646 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
21b22c0fb6
commit
86690daf0b
@ -342,7 +342,7 @@ function send_confirmation_on_profile_email() {
|
||||
|
||||
if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_email FROM {$wpdb->users} WHERE user_email=%s", $_POST['email'] ) ) ) {
|
||||
$errors->add( 'user_email', __( "<strong>ERROR</strong>: The email address is already used." ), array( 'form-field' => 'email' ) );
|
||||
delete_option( $current_user->ID . '_new_email' );
|
||||
delete_user_meta( $current_user->ID, '_new_email' );
|
||||
return;
|
||||
}
|
||||
|
||||
@ -351,7 +351,7 @@ function send_confirmation_on_profile_email() {
|
||||
'hash' => $hash,
|
||||
'newemail' => $_POST['email']
|
||||
);
|
||||
update_option( $current_user->ID . '_new_email', $new_user_email );
|
||||
update_user_meta( $current_user->ID, '_new_email', $new_user_email );
|
||||
|
||||
/* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */
|
||||
$email_text = __( 'Howdy ###USERNAME###,
|
||||
@ -408,9 +408,9 @@ All at ###SITENAME###
|
||||
*/
|
||||
function new_user_email_admin_notice() {
|
||||
global $pagenow;
|
||||
if ( 'profile.php' === $pagenow && isset( $_GET['updated'] ) && $email = get_option( get_current_user_id() . '_new_email' ) ) {
|
||||
if ( 'profile.php' === $pagenow && isset( $_GET['updated'] ) && $email = get_user_meta( get_current_user_id(), '_new_email', true ) ) {
|
||||
/* translators: %s: New email address */
|
||||
echo '<div class="update-nag">' . sprintf( __( 'Your email address has not been updated yet. Please check your inbox at %s for a confirmation email.' ), esc_html( $email['newemail'] ) ) . '</div>';
|
||||
echo '<div class="notice notice-info"><p>' . sprintf( __( 'Your email address has not been updated yet. Please check your inbox at %s for a confirmation email.' ), '<code>' . esc_html( $email['newemail'] ) . '</code>' ) . '</p></div>';
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1669,13 +1669,21 @@ function upgrade_440() {
|
||||
* @since 4.5.0
|
||||
*
|
||||
* @global int $wp_current_db_version
|
||||
* @global wpdb $wpdb
|
||||
*/
|
||||
function upgrade_450() {
|
||||
global $wp_current_db_version;
|
||||
if ( $wp_current_db_version < 36180 )
|
||||
global $wp_current_db_version, $wpdb;
|
||||
|
||||
if ( $wp_current_db_version < 36180 ) {
|
||||
wp_clear_scheduled_hook( 'wp_maybe_auto_update' );
|
||||
}
|
||||
|
||||
// Remove unused email confirmation options, moved to usermeta.
|
||||
if ( $wp_current_db_version < 36679 && is_multisite() ) {
|
||||
$wpdb->query( "DELETE FROM $wpdb->options WHERE option_name REGEXP '^[0-9]+_new_email$'" );
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Executes network-level upgrade routines.
|
||||
*
|
||||
|
@ -82,20 +82,23 @@ if ( is_multisite()
|
||||
|
||||
// Execute confirmed email change. See send_confirmation_on_profile_email().
|
||||
if ( is_multisite() && IS_PROFILE_PAGE && isset( $_GET[ 'newuseremail' ] ) && $current_user->ID ) {
|
||||
$new_email = get_option( $current_user->ID . '_new_email' );
|
||||
if ( $new_email[ 'hash' ] == $_GET[ 'newuseremail' ] ) {
|
||||
$new_email = get_user_meta( $current_user->ID, '_new_email', true );
|
||||
if ( $new_email && $new_email[ 'hash' ] == $_GET[ 'newuseremail' ] ) {
|
||||
$user = new stdClass;
|
||||
$user->ID = $current_user->ID;
|
||||
$user->user_email = esc_html( trim( $new_email[ 'newemail' ] ) );
|
||||
if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $current_user->user_login ) ) )
|
||||
if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $current_user->user_login ) ) ) {
|
||||
$wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, $current_user->user_login ) );
|
||||
}
|
||||
wp_update_user( $user );
|
||||
delete_option( $current_user->ID . '_new_email' );
|
||||
delete_user_meta( $current_user->ID, '_new_email' );
|
||||
wp_redirect( add_query_arg( array( 'updated' => 'true' ), self_admin_url( 'profile.php' ) ) );
|
||||
die();
|
||||
} else {
|
||||
wp_redirect( add_query_arg( array( 'error' => 'new-email' ), self_admin_url( 'profile.php' ) ) );
|
||||
}
|
||||
} elseif ( is_multisite() && IS_PROFILE_PAGE && !empty( $_GET['dismiss'] ) && $current_user->ID . '_new_email' == $_GET['dismiss'] ) {
|
||||
delete_option( $current_user->ID . '_new_email' );
|
||||
delete_user_meta( $current_user->ID, '_new_email' );
|
||||
wp_redirect( add_query_arg( array('updated' => 'true'), self_admin_url( 'profile.php' ) ) );
|
||||
die();
|
||||
}
|
||||
@ -181,6 +184,13 @@ include(ABSPATH . 'wp-admin/admin-header.php');
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
<?php if ( isset( $_GET['error'] ) ) : ?>
|
||||
<div class="notice notice-error">
|
||||
<?php if ( 'new-email' == $_GET['error'] ) : ?>
|
||||
<p><?php _e( 'Error while saving the new email address. Please try again.' ); ?></p>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
<?php if ( isset( $errors ) && is_wp_error( $errors ) ) : ?>
|
||||
<div class="error"><p><?php echo implode( "</p>\n<p>", $errors->get_error_messages() ); ?></p></div>
|
||||
<?php endif; ?>
|
||||
@ -383,7 +393,7 @@ if ( is_multisite() && is_network_admin() && ! IS_PROFILE_PAGE && current_user_c
|
||||
<th><label for="email"><?php _e('Email'); ?> <span class="description"><?php _e('(required)'); ?></span></label></th>
|
||||
<td><input type="email" name="email" id="email" value="<?php echo esc_attr( $profileuser->user_email ) ?>" class="regular-text ltr" />
|
||||
<?php
|
||||
$new_email = get_option( $current_user->ID . '_new_email' );
|
||||
$new_email = get_user_meta( $current_user->ID, '_new_email', true );
|
||||
if ( $new_email && $new_email['newemail'] != $current_user->user_email && $profileuser->ID == $current_user->ID ) : ?>
|
||||
<div class="updated inline">
|
||||
<p><?php
|
||||
|
@ -4,14 +4,14 @@
|
||||
*
|
||||
* @global string $wp_version
|
||||
*/
|
||||
$wp_version = '4.5-alpha-36678';
|
||||
$wp_version = '4.5-alpha-36679';
|
||||
|
||||
/**
|
||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||
*
|
||||
* @global int $wp_db_version
|
||||
*/
|
||||
$wp_db_version = 36654;
|
||||
$wp_db_version = 36679;
|
||||
|
||||
/**
|
||||
* Holds the TinyMCE version
|
||||
|
Loading…
Reference in New Issue
Block a user