93 | | $update_user->user_email = $user_email; |
| 95 | $hash = md5( $_POST['email'] . time() . mt_rand() ); |
| 96 | |
| 97 | $new_user_email = array( |
| 98 | 'hash' => $hash, |
| 99 | 'newemail' => $user_email, |
| 100 | ); |
| 101 | |
| 102 | bp_update_option( bp_displayed_user_id() . '_new_email', $new_user_email ); |
| 103 | |
| 104 | $email_text = sprintf( |
| 105 | __( 'Dear %1$s, |
| 106 | |
| 107 | You recently changed the email address associated with your account on %2$s. |
| 108 | If this is correct, please click on the following link to complete the change: |
| 109 | %3$s |
| 110 | |
| 111 | You can safely ignore and delete this email if you do not want to take this action or if you have received this email in error. |
| 112 | |
| 113 | This email has been sent to %4$s. |
| 114 | |
| 115 | Regards, |
| 116 | %5$s |
| 117 | %6$s', 'buddypress' ), |
| 118 | bp_core_get_user_displayname( bp_displayed_user_id() ), |
| 119 | bp_get_site_name(), |
| 120 | esc_url( bp_displayed_user_domain() . bp_get_settings_slug() . '/?newuseremail=' . $hash ), |
| 121 | $user_email, |
| 122 | bp_get_site_name(), |
| 123 | bp_get_root_domain() |
| 124 | ); |
| 125 | |
| 126 | /** |
| 127 | * Filter the email text sent when a user changes emails. |
| 128 | * |
| 129 | * @since BuddyPress (2.1.0) |
| 130 | * |
| 131 | * @param string $email_text Text of the email. |
| 132 | * @param string $new_user_email New user email that |
| 133 | * the current user has changed to. |
| 134 | * @param string $old_user_email Existing email addres |
| 135 | * for the current user. |
| 136 | * @param object $update_user Userdata for the current user. |
| 137 | */ |
| 138 | $content = apply_filters( 'bp_new_user_email_content', $email_text, $user_email, $old_user_email, $update_user ); |
| 139 | |
| 140 | // Send the verification email |
| 141 | wp_mail( $user_email, sprintf( __( '[%s] Verify your new email address', 'buddypress' ), wp_specialchars_decode( bp_get_site_name() ) ), $content ); |
| 142 | |
| 143 | $_POST['email'] = $current_user->user_email; |
| 408 | |
| 409 | /** |
| 410 | * Process email change verification or cancel requests. |
| 411 | * |
| 412 | * @since BuddyPress (2.1.0) |
| 413 | */ |
| 414 | function bp_settings_verify_email_change(){ |
| 415 | if ( ! bp_is_settings_component() ) { |
| 416 | return; |
| 417 | } |
| 418 | |
| 419 | if ( ! bp_is_my_profile() ) { |
| 420 | return; |
| 421 | } |
| 422 | |
| 423 | $redirect_to = trailingslashit( bp_displayed_user_domain() . bp_get_settings_slug() ); |
| 424 | |
| 425 | // Email change is being verified |
| 426 | if ( isset( $_GET['newuseremail'] ) ) { |
| 427 | $new_email = bp_get_option( bp_displayed_user_id() . '_new_email' ); |
| 428 | |
| 429 | // Bail if the hash provided doesn't match the one saved in the database |
| 430 | if ( urldecode( $_GET['newuseremail'] ) !== $new_email['hash'] ) { |
| 431 | return; |
| 432 | } |
| 433 | |
| 434 | $email_changed = wp_update_user( array( |
| 435 | 'ID' => bp_displayed_user_id(), |
| 436 | 'user_email' => trim( $new_email['newemail'] ), |
| 437 | ) ); |
| 438 | |
| 439 | if ( $email_changed ) { |
| 440 | // Delete the pending email change key |
| 441 | bp_delete_option( bp_displayed_user_id() . '_new_email' ); |
| 442 | |
| 443 | // Post a success message and redirect |
| 444 | bp_core_add_message( __( 'You have successfully verified your new email address.', 'buddypress' ) ); |
| 445 | } else { |
| 446 | // Unknown error |
| 447 | bp_core_add_message( __( 'There was a problem verifying your new email address. Please try again.', 'buddypress' ), 'error' ); |
| 448 | } |
| 449 | |
| 450 | bp_core_redirect( $redirect_to ); |
| 451 | die(); |
| 452 | |
| 453 | // Email change is being dismissed |
| 454 | } elseif ( ! empty( $_GET['dismiss_email_change'] ) ) { |
| 455 | bp_delete_option( bp_displayed_user_id() . '_new_email' ); |
| 456 | bp_core_add_message( __( 'You have successfully dismissed your pending email change.', 'buddypress' ) ); |
| 457 | |
| 458 | bp_core_redirect( $redirect_to ); |
| 459 | die(); |
| 460 | } |
| 461 | } |
| 462 | add_action( 'bp_actions', 'bp_settings_verify_email_change' ); |