Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
07/10/2016 09:46:27 PM (3 years ago)
Author:
djpaul
Message:

Emails: add unsubscribe feature.

Updates the unsubscribe token to link to a new unsubscribe action handler.

All emails from other platforms or popular websites have a unsubscribe link. For previous versions of BuddyPress, our unsubscribe link pointed to that user's notifications page. However, if someone creates an account on a BuddyPress with a fraudulent email address (for example), that email address' owner will not know the account's authentication details, and so have no way to unsubscribe from that "spam" email.

The change implements a new action handler which accepts unsubscription requests from un-authenticated requests. It adds an new option containing a dynamically generated salt which is used to generate the hash on the unsubscribe link.

Fixes #6932

Props tharsheblows, DJPaul

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-groups/bp-groups-notifications.php

    r10606 r10941  
    6969        }
    7070
     71        $unsubscribe_args = array(
     72            'user_id'           => $user_id,
     73            'notification_type' => 'groups-details-updated',
     74        );
     75
    7176        $args = array(
    7277            'tokens' => array(
     
    7681                'group.url'    => esc_url( bp_get_group_permalink( $group ) ),
    7782                'group.name'   => $group->name,
     83                'unsubscribe'  => esc_url( bp_email_get_unsubscribe_link( $unsubscribe_args ) ),
    7884            ),
    7985        );
     
    116122            'secondary_item_id' => $requesting_user_id,
    117123            'component_name'    => buddypress()->groups->id,
    118             'component_action'  => 'new_membership_request'
     124            'component_action'  => 'new_membership_request',
    119125        ) );
    120126    }
     
    124130        return;
    125131    }
     132
     133    $unsubscribe_args = array(
     134        'user_id'           => $admin_id,
     135        'notification_type' => 'groups-membership-request',
     136    );
    126137
    127138    $group = groups_get_group( array( 'group_id' => $group_id ) );
     
    137148            'requesting-user.id'   => $requesting_user_id,
    138149            'requesting-user.name' => bp_core_get_user_displayname( $requesting_user_id ),
     150            'unsubscribe'          => esc_url( bp_email_get_unsubscribe_link( $unsubscribe_args ) ),
    139151        ),
    140152    );
     
    185197
    186198    if ( ! empty( $accepted ) ) {
     199
     200        $unsubscribe_args = array(
     201            'user_id'           => $requesting_user_id,
     202            'notification_type' => 'groups-membership-request-accepted',
     203        );
     204
     205        $args['tokens']['unsubscribe'] = esc_url( bp_email_get_unsubscribe_link( $unsubscribe_args ) );
     206
    187207        bp_send_email( 'groups-membership-request-accepted', (int) $requesting_user_id, $args );
     208
    188209    } else {
     210
     211        $unsubscribe_args = array(
     212            'user_id'           => $requesting_user_id,
     213            'notification_type' => 'groups-membership-request-rejected',
     214        );
     215
     216        $args['tokens']['unsubscribe'] = esc_url( bp_email_get_unsubscribe_link( $unsubscribe_args ) );
     217
    189218        bp_send_email( 'groups-membership-request-rejected', (int) $requesting_user_id, $args );
    190219    }
     
    226255        return;
    227256    }
     257
     258    $unsubscribe_args = array(
     259        'user_id'           => $user_id,
     260        'notification_type' => 'groups-member-promoted',
     261    );
    228262
    229263    $group = groups_get_group( array( 'group_id' => $group_id ) );
     
    236270            'promoted_to' => $promoted_to,
    237271            'user.id'     => $user_id,
     272            'unsubscribe' => esc_url( bp_email_get_unsubscribe_link( $unsubscribe_args ) ),
    238273        ),
    239274    );
     
    278313
    279314    $invited_link = bp_core_get_user_domain( $invited_user_id ) . bp_get_groups_slug();
     315
     316    $unsubscribe_args = array(
     317        'user_id'           => $invited_user_id,
     318        'notification_type' => 'groups-invitation',
     319    );
     320
    280321    $args         = array(
    281322        'tokens' => array(
     
    287328            'inviter.id'   => $inviter_user_id,
    288329            'invites.url'  => esc_url( $invited_link . '/invites/' ),
     330            'unsubscribe'  => esc_url( bp_email_get_unsubscribe_link( $unsubscribe_args ) ),
    289331        ),
    290332    );
Note: See TracChangeset for help on using the changeset viewer.