Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
07/10/2016 09:46:27 PM (9 years ago)
Author:
djpaul
Message:

Emails: add unsubscribe feature.

Updates the unsubscribe token to link to a new unsubscribe action handler.

All emails from other platforms or popular websites have a unsubscribe link. For previous versions of BuddyPress, our unsubscribe link pointed to that user's notifications page. However, if someone creates an account on a BuddyPress with a fraudulent email address (for example), that email address' owner will not know the account's authentication details, and so have no way to unsubscribe from that "spam" email.

The change implements a new action handler which accepts unsubscription requests from un-authenticated requests. It adds an new option containing a dynamically generated salt which is used to generate the hash on the unsubscribe link.

Fixes #6932

Props tharsheblows, DJPaul

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-messages/bp-messages-notifications.php

    r10706 r10941  
    5959        }
    6060
     61        $unsubscribe_args = array(
     62            'user_id'           => $recipient->user_id,
     63            'notification_type' => 'messages-unread',
     64        );
     65
    6166        $args = array(
    6267            'tokens' => array(
     
    6570                'sender.name' => $sender_name,
    6671                'usersubject' => sanitize_text_field( stripslashes( $subject ) ),
     72                'unsubscribe' => esc_url( bp_email_get_unsubscribe_link( $unsubscribe_args ) ),
    6773            ),
    6874        );
Note: See TracChangeset for help on using the changeset viewer.