Making WordPress.org

Changeset 9775


Ignore:
Timestamp:
04/24/2020 08:07:16 PM (5 years ago)
Author:
Otto42
Message:

Privacy: Allow blocked users to request without having to log in

File:
1 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-main/inc/privacy-functions.php

    r8985 r9775  
    3434    $email_user      = get_user_by( 'email', $email );
    3535
     36    // check to see if the user is blocked, meaning they cannot log in
     37    $blocked_user    = false;
     38    if ( $email_user instanceof \WP_User && defined( 'WPORG_SUPPORT_FORUMS_BLOGID' ) ) {
     39        $support_user = new \WP_User( $email_user->ID, '', WPORG_SUPPORT_FORUMS_BLOGID );
     40        if ( ! empty( $support_user->allcaps['bbp_blocked'] ) ) {
     41            // user is a blocked user, so for the purposes of this privacy request, don't expect them to login
     42            $blocked_user = true;
     43        }
     44    }
     45
    3646    if ( ! reCAPTCHA\check_status() ) {
    3747        $error_message = esc_html__( 'Your form session has expired. Please try again.', 'wporg' );
     
    4353    } elseif (
    4454        // Check if a user account exists for this email before processing.
    45         false !== $email_user && $email_user->user_login !== $requesting_user
     55        false !== $email_user && $email_user->user_login !== $requesting_user && ! $blocked_user
    4656    ) {
    4757        if ( is_user_logged_in() ) {
Note: See TracChangeset for help on using the changeset viewer.