Opened 15 years ago
Closed 10 years ago
#2265 closed enhancement (fixed)
Re-validate Email Address when edited.
Reported by: | windhamdavid | Owned by: | boonebgorges |
---|---|---|---|
Milestone: | 2.1 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Core | Keywords: | has-patch |
Cc: | raven@… |
Description
require users to revalidate an email address via an activation link when edited in the profile ~ requested in this comment
Attachments (3)
Change History (15)
#2
@
10 years ago
- Severity set to normal
Hi,
Here there is a patch for this, this is a first patch to be commented.
At this time, there is no option for activate or deactivate the revalidation, really i don't know if it is necessary.
The email revalidation text is not the final one, it has to be modified, so its a temporal text waiting for an ideas. It is directly taked from WordPress Multisite Super Admin email revalidation.
#3
@
10 years ago
I'm sorry,
The good one is revalidation-2.diff
revalidation.diff has a bug (has a inherited code of WordPress Multisite
self_admin_url
#6
@
10 years ago
- Milestone changed from Future Release to 2.1
Thanks, j.conti. Unlike WPMS, we don't have a GUI for writing a custom email notification, so I don't think we need all the string swapping (###ADMIN_URL###
etc). There are also some coding standards issues, but it should be fairly easy to clean this up for 2.1.
#7
@
10 years ago
Hi boonebgorges, yes thats the reason that I said that the email text has to be modified, and it's a temporal text :)
Now I've see that there is some typo errors :S
I'll look your corrections about coding standards issues, I suppose that I used some WordPress code instead of BuddyPress code.
Thanks a lot
#8
@
10 years ago
Hi boonebgorges, yes thats the reason that I said that the email text has to be modified, and it's a temporal text :)
Ah yes, it's just temporary. Got it :)
I'll look your corrections about coding standards issues, I suppose that I used some WordPress code instead of BuddyPress code.
Mainly just indentation and whitespace. Also, instead of hooking bp_user_update_email()
to 'init'
, it's better to use 'bp_actions'
(so that we know BP is completely loaded).
Thanks again!
#9
@
10 years ago
Oh, ok.
I hooked to init becasue wp_redirect breaks the page load, but maybe hooking it to bp_actions, it fix the problem. I don't test it.
#10
@
10 years ago
2265.03.patch is a refresh with the following changes:
- The "you have a pending message" notice is moved out of the template (which may be overridden or unavailable in some themes) and into a function hooked to 'bp_before_member_settings_template'
- Cleaned up some wording
- Code standards, etc
- Removed direct calls to $wpdb and cleaned up some logic
- Use bp_core_add_message() instead of URL params for success/failure messages
I think this is a solid change - it will prevent people from making mistakes, and may prevent certain kinds of account hijackings. Would like to get feedback from the core team on it before proceeding.
There's code for WPMU to email super admins on an address change that you might be able to utilize/repurpose.
While I like the idea, it definitely needs to be something that remains optional. Preferably, through BP options in the dashboard, but at the very least through a hook/filter. I run a site now, where I certainly wouldn't want this feature in order to stay as unobtrusive as possible. While it's not ideal, if the user wants to change their email to a non-existent email, then that's their prerogative.
I might look into making this plugin.