我只是想知道为什么wordpress不会在用户每次更改其电子邮件地址时发送确认邮件。
我们如何知道电子邮件地址不是伪造的或输入错误的?
那么谁能给我一些代码片段来实现这个函数呢?
更新:以下是想法。
用户更改其邮件我们发送确认电子邮件
我只是想知道为什么wordpress不会在用户每次更改其电子邮件地址时发送确认邮件。
我们如何知道电子邮件地址不是伪造的或输入错误的?
那么谁能给我一些代码片段来实现这个函数呢?
用户更改其邮件我们发送确认电子邮件
就像SickHippie发布的一样,此功能是WordPress的固有功能,但仅适用于多站点设置,因此您需要使用以下两个功能才能在单个站点设置上运行此功能,这两个功能主要是从核心对一进行编码/wp-admin/user-edit.php file
function custom_send_confirmation_on_profile_email() {
global $errors, $wpdb;
$current_user = wp_get_current_user();
if ( ! is_object($errors) )
$errors = new WP_Error();
if ( $current_user->ID != $_POST[\'user_id\'] )
return false;
if ( $current_user->user_email != $_POST[\'email\'] ) {
if ( !is_email( $_POST[\'email\'] ) ) {
$errors->add( \'user_email\', __( "<strong>ERROR</strong>: The e-mail address isn\'t correct." ), array( \'form-field\' => \'email\' ) );
return;
}
if ( email_exists( $_POST[\'email\'] ) ) {
$errors->add( \'user_email\', __( "<strong>ERROR</strong>: The e-mail address is already used." ), array( \'form-field\' => \'email\' ) );
delete_user_meta( $current_user->ID . \'_new_email\' );
return;
}
$hash = md5( $_POST[\'email\'] . time() . mt_rand() );
$new_user_email = array(
\'hash\' => $hash,
\'newemail\' => $_POST[\'email\']
);
update_user_meta( $current_user->ID . \'_new_email\', $new_user_email );
$content = apply_filters( \'new_user_email_content\', __( "Dear user,
You recently requested to have the email address on your account changed.
If this is correct, please click on the following link to change it:
###ADMIN_URL###
You can safely ignore and delete this email if you do not want to
take this action.
This email has been sent to ###EMAIL###
Regards,
All at ###SITENAME###
###SITEURL###" ), $new_user_email );
$content = str_replace( \'###ADMIN_URL###\', esc_url( admin_url( \'profile.php?newuseremail=\'.$hash ) ), $content );
$content = str_replace( \'###EMAIL###\', $_POST[\'email\'], $content);
$content = str_replace( \'###SITENAME###\', get_site_option( \'site_name\' ), $content );
$content = str_replace( \'###SITEURL###\', home_url(), $content );
wp_mail( $_POST[\'email\'], sprintf( __( \'[%s] New Email Address\' ), get_option( \'blogname\' ) ), $content );
$_POST[\'email\'] = $current_user->user_email;
}
}
add_action( \'personal_options_update\', \'custom_send_confirmation_on_profile_email\' );
// Execute confirmed email change. See send_confirmation_on_profile_email().
function verify_email_change(){
global $errors, $wpdb;
$current_user = wp_get_current_user();
if (in_array($GLOBALS[\'pagenow\'], array(\'profile.php\')) && $current_user->ID > 0) {
if (isset( $_GET[ \'newuseremail\' ] ) && $current_user->ID ) {
$new_email = get_user_meta( $current_user->ID . \'_new_email\' );
if ( $new_email[ \'hash\' ] == $_GET[ \'newuseremail\' ] ) {
$user->ID = $current_user->ID;
$user->user_email = esc_html( trim( $new_email[ \'newemail\' ] ) );
if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->users} WHERE user_login = %s", $current_user->user_login ) ) )
$wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->users} SET user_email = %s WHERE user_login = %s", $user->user_email, $current_user->user_login ) );
wp_update_user( get_object_vars( $user ) );
delete_user_meta( $current_user->ID . \'_new_email\' );
wp_redirect( add_query_arg( array(\'updated\' => \'true\'), self_admin_url( \'profile.php\' ) ) );
die();
}
} elseif ( !empty( $_GET[\'dismiss\'] ) && $current_user->ID . \'_new_email\' == $_GET[\'dismiss\'] ) {
delete_user_meta( $current_user->ID . \'_new_email\' );
wp_redirect( add_query_arg( array(\'updated\' => \'true\'), self_admin_url( \'profile.php\' ) ) );
die();
}
}
}
add_action(\'plugins_loaded\',\'verify_email_change\');
这是一个奇怪的“特征”。该功能实际上在WordPress内部可用(WordPress.com为其托管博客服务启用了该功能),但仅限于多站点。如果你进去看看/wp-admin/includes/ms.php
您将找到处理此问题的函数-第239行send_confirmation_on_profile_email()
.
大概,您可以将此函数移到您的函数中。php或插件来获得此功能,可能需要稍加调整才能使其正常工作。它没有回答“为什么”,但trac也没有回答这个问题here.
ETA:进一步研究,您可能还需要复制一些其他功能-new_user_email_admin_notice()
和update_option_new_admin_email()
可能需要时跳出。
Giri的反应对我不起作用。我不得不调整我的手机使其正常工作(Wordpress 3.5)
function cleanup_verify_email_change()
{
global $errors, $wpdb;
$current_user = wp_get_current_user();
// don\'t execute this if they\'re trying to dismiss a pending email change
if (in_array($GLOBALS[\'pagenow\'], array(\'profile.php\')) && $current_user->ID > 0 & !isset($_GET["dismiss"]))
{
if (isset( $_POST[ \'email\' ] ) && ($current_user->user_email != $_POST[\'email\']) )
{
$user->ID = $current_user->ID;
$user->user_email = esc_html( trim( $_POST[ \'email\' ] ) );
if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->users} WHERE user_login = %s", $current_user->user_login ) ) ) {
$wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->users} SET user_email = %s WHERE user_login = %s", $user->user_email, $current_user->user_login ) );
}
wp_update_user( get_object_vars( $user ) );
wp_redirect( add_query_arg( array(\'updated\' => \'true\', \'multisite_cleanup\' => \'true\'), self_admin_url( \'profile.php\' ) ) );
die();
}
elseif ( !empty( $_GET[\'dismiss\'] ) && $current_user->ID . \'_new_email\' == $_GET[\'dismiss\'] )
{
delete_user_meta( $current_user->ID . \'_new_email\' );
wp_redirect( add_query_arg( array(\'updated\' => \'true\', \'multisite_cleanup\' => \'true\'), self_admin_url( \'profile.php\' ) ) );
die();
}
}
}
add_action(\'plugins_loaded\',\'cleanup_verify_email_change\');
我已经调整了Giri代码,以便它可以在我的wordpress(版本4.8.1+)上运行
之前:
update_user_meta( $current_user->ID . \'_new_email\', $new_user_email );
之后: update_user_meta( $current_user->ID, \'_new_email\', $new_user_email );
逗号需要替换句点。此外:
$new_email[\'hash\'];
$new_email[\'newemail\'];
成为$new_email[0][\'hash\'];
$new_email[0][\'newemail\'];
因此:function custom_send_confirmation_on_profile_email() {
global $errors, $wpdb;
$current_user = wp_get_current_user();
if ( ! is_object($errors) )
$errors = new WP_Error();
if ( $current_user->ID != $_POST[\'user_id\'] )
return false;
if ( $current_user->user_email != $_POST[\'email\'] ) {
if ( !is_email( $_POST[\'email\'] ) ) {
$errors->add( \'user_email\', __( "<strong>ERROR</strong>: The e-mail address isn\'t correct." ), array( \'form-field\' => \'email\' ) );
return;
}
if ( email_exists( $_POST[\'email\'] ) ) {
$errors->add( \'user_email\', __( "<strong>ERROR</strong>: The e-mail address is already used." ), array( \'form-field\' => \'email\' ) );
delete_user_meta( $current_user->ID, \'_new_email\' );
return;
}
$hash = md5( $_POST[\'email\'] . time() . mt_rand() );
$new_user_email = array(
\'hash\' => $hash,
\'newemail\' => $_POST[\'email\']
);
update_user_meta( $current_user->ID, \'_new_email\', $new_user_email );
$content = apply_filters( \'new_user_email_content\', __( "Dear user,
You recently requested to have the email address on your account changed.
If this is correct, please click on the following link to change it:
###ADMIN_URL###
You can safely ignore and delete this email if you do not want to
take this action.
This email has been sent to ###EMAIL###
Regards,
All at ###SITENAME###
###SITEURL###" ), $new_user_email );
$content = str_replace( \'###ADMIN_URL###\', esc_url( admin_url( \'profile.php?newuseremail=\'.$hash ) ), $content );
$content = str_replace( \'###EMAIL###\', $_POST[\'email\'], $content);
$content = str_replace( \'###SITENAME###\', get_site_option( \'site_name\' ), $content );
$content = str_replace( \'###SITEURL###\', home_url(), $content );
wp_mail( $_POST[\'email\'], sprintf( __( \'[%s] New Email Address\' ), get_option( \'blogname\' ) ), $content );
$_POST[\'email\'] = $current_user->user_email;
}
}
add_action( \'personal_options_update\', \'custom_send_confirmation_on_profile_email\' );
// Execute confirmed email change. See send_confirmation_on_profile_email().
function verify_email_change(){
global $errors, $wpdb;
$current_user = wp_get_current_user();
if (in_array($GLOBALS[\'pagenow\'], array(\'profile.php\')) && $current_user->ID > 0) {
if (isset( $_GET[ \'newuseremail\' ] ) && $current_user->ID ) {
$new_email = get_user_meta( $current_user->ID, \'_new_email\' );
if ( $new_email[0][\'hash\'] == $_GET[ \'newuseremail\' ] ) {
$user->ID = $current_user->ID;
$user->user_email = esc_html( trim( $new_email[0][ \'newemail\' ] ) );
if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->users} WHERE user_login = %s", $current_user->user_login ) ) )
$wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->users} SET user_email = %s WHERE user_login = %s", $user->user_email, $current_user->user_login ) );
wp_update_user( get_object_vars( $user ) );
delete_user_meta( $current_user->ID, \'_new_email\' );
wp_redirect( add_query_arg( array(\'updated\' => \'true\'), self_admin_url( \'profile.php\' ) ) );
die();
}
} elseif ( !empty( $_GET[\'dismiss\'] ) && $current_user->ID . \'_new_email\' == $_GET[\'dismiss\'] ) {
delete_user_meta( $current_user->ID, \'_new_email\' );
wp_redirect( add_query_arg( array(\'updated\' => \'true\'), self_admin_url( \'profile.php\' ) ) );
die();
}
}
}
add_action(\'after_setup_theme\',\'verify_email_change\');
干杯。Im使用get\\u users函数显示站点上的自定义用户列表。我现在唯一有问题的是如何对结果分页。这是Im使用的函数示例:似乎没有一种明显的方法可以为this函数创建分页。如果能帮上点忙,我将不胜感激。