Making WordPress.org


Ignore:
Timestamp:
10/23/2019 06:09:31 AM (2 years ago)
Author:
dd32
Message:

Login: Add a link expired template, and redirect expierd links to that url.

See #4739.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/register-confirm.php

    r9082 r9224  
    11<?php
    22/**
    3  * The post-register profile-fields Template
     3 * An old registration flow template, just redirects to a expired link template now.
    44 *
    55 * @package wporg-login
    66 */
    77
    8     //      'register-confirm' => '/register/confirm/(?P<confirm_user>[^/]+)/(?P<confirm_key>[^/]+)',
     8$confirm_user = isset( WP_WPOrg_SSO::$matched_route_params['confirm_user'] ) ? WP_WPOrg_SSO::$matched_route_params['confirm_user'] : false;
    99
    10 $confirm_user = isset( WP_WPOrg_SSO::$matched_route_params['confirm_user'] ) ? WP_WPOrg_SSO::$matched_route_params['confirm_user'] : false;
    11 $confirm_key  = isset( WP_WPOrg_SSO::$matched_route_params['confirm_key'] ) ? WP_WPOrg_SSO::$matched_route_params['confirm_key'] : false;
    12 
    13 $can_access = true;
    14 if (
    15     $confirm_user && $confirm_key &&
    16     ( $user = get_user_by( 'login', $confirm_user ) ) &&
    17     $user->exists()
    18 ) {
    19     wp_set_current_user( $user->ID );
    20 
    21     $user_activation_key = $user->user_activation_key;
    22     if ( ! $user_activation_key ) {
    23         // The activation key may not be in the cached user object, so we'll fetch it manually.
    24         $user_activation_key = $wpdb->get_var( $wpdb->prepare( "SELECT user_activation_key FROM {$wpdb->users} WHERE ID = %d", $user->ID ) );
    25     }
    26 
    27     list( $reset_time, $hashed_activation_key ) = explode( ':', $user_activation_key, 2 );
    28 
    29     if ( empty( $wp_hasher ) ) {
    30         require_once ABSPATH . WPINC . '/class-phpass.php';
    31         $wp_hasher = new PasswordHash( 8, true );
    32     }
    33     $can_access = $wp_hasher->CheckPassword( $confirm_key, $hashed_activation_key );
    34 
    35     // Keys are only valid for 7 days (or until used)
    36     $can_access = $can_access && ( $reset_time + ( 7*DAY_IN_SECONDS ) > time() );
    37 }
    38 
    39 if ( ! $can_access ) {
    40     wp_set_current_user( 0 );
    41     wp_safe_redirect( "/" );
    42     die();
    43 } elseif ( !empty( $_POST['user_pass'] ) ) {
    44     $user_pass = wp_unslash( $_POST['user_pass'] );
    45 
    46     wporg_login_save_profile_fields();
    47 
    48     add_filter( 'send_password_change_email', '__return_false' );
    49     if ( wp_update_user( wp_slash( array(
    50         'ID' => $user->ID,
    51         'user_pass' => $user_pass,
    52     ) ) ) ) {
    53         $wpdb->update( $wpdb->users, array( 'user_activation_key' => '' ), array( 'ID' => $user->ID ) );
    54         wp_set_auth_cookie( $user->ID, true );
    55         wp_safe_redirect( 'https://wordpress.org/support/' );
    56         die();
    57     }
    58 }
    59 
    60 wp_enqueue_script( 'zxcvbn' );
    61 wp_enqueue_script( 'user-profile' );
    62 wp_enqueue_script( 'wporg-registration' );
    63 
    64 get_header();
    65 ?>
    66 
    67 <p class="intro">
    68 <?php _e( 'Set your password and complete your WordPress.org Profile information.', 'wporg' ); ?>
    69 </p>
    70 
    71 <form name="registerform" id="registerform" action="" method="post">
    72 
    73         <div class="user-pass1-wrap">
    74         <p>
    75             <label for="pass1"><?php _e( 'Password', 'wporg' ); ?></label>
    76         </p>
    77 
    78         <div class="wp-pwd">
    79             <span class="password-input-wrapper">
    80                 <input type="password" data-reveal="1" data-pw="<?php echo esc_attr( wp_generate_password( 16 ) ); ?>" name="user_pass" id="pass1" class="input" size="20" value="" autocomplete="off" aria-describedby="pass-strength-result" />
    81             </span>
    82             <div id="pass-strength-result" class="hide-if-no-js" aria-live="polite"><?php _e( 'Strength indicator', 'wporg' ); ?></div>
    83         </div>
    84     </div>
    85 
    86 <!--    <p class="description indicator-hint"><?php _e( 'Hint: The password should be at least twelve characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ &amp; ).', 'wporg' ); ?></p> -->
    87 
    88     <?php include __DIR__ . '/partials/register-profilefields.php'; ?>
    89 
    90     <p class="login-submit">
    91         <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary" value="<?php esc_attr_e( 'Create Account', 'wporg' ); ?>" />
    92     </p>
    93 
    94 </form>
    95 
    96 <p id="nav">
    97     <a href="https://wordpress.org/"><?php _e( 'WordPress.org', 'wporg' ); ?></a>
    98 </p>
    99 
    100 <?php get_footer();
     10wp_safe_redirect( home_url( '/linkexpired/lostpassword/' . urlencode( $confirm_user ) ) );
     11exit;
Note: See TracChangeset for help on using the changeset viewer.