Multisite: Improve messaging for previously activated users.
Ensure activation of a site is not attempted multiple times and users are shown the correct message if they follow the link a second time. Merges [44021] to the 4.0 branch. Built from https://develop.svn.wordpress.org/branches/4.0@44037 git-svn-id: http://core.svn.wordpress.org/branches/4.0@43867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
a887beaab6
commit
82c3aff4a6
|
@ -18,6 +18,48 @@ if ( !is_multisite() ) {
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$valid_error_codes = array( 'already_active', 'blog_taken' );
|
||||||
|
|
||||||
|
list( $activate_path ) = explode( '?', wp_unslash( $_SERVER['REQUEST_URI'] ) );
|
||||||
|
$activate_cookie = 'wp-activate-' . COOKIEHASH;
|
||||||
|
|
||||||
|
$key = '';
|
||||||
|
$result = null;
|
||||||
|
|
||||||
|
if ( ! empty( $_GET['key'] ) ) {
|
||||||
|
$key = $_GET['key'];
|
||||||
|
} elseif ( ! empty( $_POST['key'] ) ) {
|
||||||
|
$key = $_POST['key'];
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( $key ) {
|
||||||
|
$redirect_url = remove_query_arg( 'key' );
|
||||||
|
|
||||||
|
if ( $redirect_url !== remove_query_arg( false ) ) {
|
||||||
|
setcookie( $activate_cookie, $key, 0, $activate_path, COOKIE_DOMAIN, is_ssl(), true );
|
||||||
|
wp_safe_redirect( $redirect_url );
|
||||||
|
exit;
|
||||||
|
} else {
|
||||||
|
$result = wpmu_activate_signup( $key );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( $result === null && isset( $_COOKIE[ $activate_cookie ] ) ) {
|
||||||
|
$key = $_COOKIE[ $activate_cookie ];
|
||||||
|
$result = wpmu_activate_signup( $key );
|
||||||
|
setcookie( $activate_cookie, ' ', time() - YEAR_IN_SECONDS, $activate_path, COOKIE_DOMAIN, is_ssl(), true );
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( $result === null || ( is_wp_error( $result ) && 'invalid_key' === $result->get_error_code() ) ) {
|
||||||
|
status_header( 404 );
|
||||||
|
} elseif ( is_wp_error( $result ) ) {
|
||||||
|
$error_code = $result->get_error_code();
|
||||||
|
|
||||||
|
if ( ! in_array( $error_code, $valid_error_codes ) ) {
|
||||||
|
status_header( 400 );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if ( is_object( $wp_object_cache ) )
|
if ( is_object( $wp_object_cache ) )
|
||||||
$wp_object_cache->cache_enabled = false;
|
$wp_object_cache->cache_enabled = false;
|
||||||
|
|
||||||
|
@ -63,12 +105,13 @@ function wpmu_activate_stylesheet() {
|
||||||
<?php
|
<?php
|
||||||
}
|
}
|
||||||
add_action( 'wp_head', 'wpmu_activate_stylesheet' );
|
add_action( 'wp_head', 'wpmu_activate_stylesheet' );
|
||||||
|
add_action( 'wp_head', 'wp_sensitive_page_meta' );
|
||||||
|
|
||||||
get_header();
|
get_header();
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<div id="content" class="widecolumn">
|
<div id="content" class="widecolumn">
|
||||||
<?php if ( empty($_GET['key']) && empty($_POST['key']) ) { ?>
|
<?php if ( ! $key ) { ?>
|
||||||
|
|
||||||
<h2><?php _e('Activation Key Required') ?></h2>
|
<h2><?php _e('Activation Key Required') ?></h2>
|
||||||
<form name="activateform" id="activateform" method="post" action="<?php echo network_site_url('wp-activate.php'); ?>">
|
<form name="activateform" id="activateform" method="post" action="<?php echo network_site_url('wp-activate.php'); ?>">
|
||||||
|
@ -82,28 +125,25 @@ get_header();
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
<?php } else {
|
<?php } else {
|
||||||
|
if ( is_wp_error( $result ) && in_array( $result->get_error_code(), $valid_error_codes ) ) {
|
||||||
$key = !empty($_GET['key']) ? $_GET['key'] : $_POST['key'];
|
$signup = $result->get_error_data();
|
||||||
$result = wpmu_activate_signup( $key );
|
?>
|
||||||
if ( is_wp_error($result) ) {
|
<h2><?php _e('Your account is now active!'); ?></h2>
|
||||||
if ( 'already_active' == $result->get_error_code() || 'blog_taken' == $result->get_error_code() ) {
|
<?php
|
||||||
$signup = $result->get_error_data();
|
echo '<p class="lead-in">';
|
||||||
?>
|
if ( $signup->domain . $signup->path == '' ) {
|
||||||
<h2><?php _e('Your account is now active!'); ?></h2>
|
printf( __('Your account has been activated. You may now <a href="%1$s">log in</a> to the site using your chosen username of “%2$s”. Please check your email inbox at %3$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%4$s">reset your password</a>.'), network_site_url( 'wp-login.php', 'login' ), $signup->user_login, $signup->user_email, wp_lostpassword_url() );
|
||||||
<?php
|
|
||||||
echo '<p class="lead-in">';
|
|
||||||
if ( $signup->domain . $signup->path == '' ) {
|
|
||||||
printf( __('Your account has been activated. You may now <a href="%1$s">log in</a> to the site using your chosen username of “%2$s”. Please check your email inbox at %3$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%4$s">reset your password</a>.'), network_site_url( 'wp-login.php', 'login' ), $signup->user_login, $signup->user_email, wp_lostpassword_url() );
|
|
||||||
} else {
|
|
||||||
printf( __('Your site at <a href="%1$s">%2$s</a> is active. You may now log in to your site using your chosen username of “%3$s”. Please check your email inbox at %4$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%5$s">reset your password</a>.'), 'http://' . $signup->domain, $signup->domain, $signup->user_login, $signup->user_email, wp_lostpassword_url() );
|
|
||||||
}
|
|
||||||
echo '</p>';
|
|
||||||
} else {
|
} else {
|
||||||
?>
|
printf( __('Your site at <a href="%1$s">%2$s</a> is active. You may now log in to your site using your chosen username of “%3$s”. Please check your email inbox at %4$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%5$s">reset your password</a>.'), 'http://' . $signup->domain, $signup->domain, $signup->user_login, $signup->user_email, wp_lostpassword_url() );
|
||||||
<h2><?php _e('An error occurred during the activation'); ?></h2>
|
|
||||||
<?php
|
|
||||||
echo '<p>'.$result->get_error_message().'</p>';
|
|
||||||
}
|
}
|
||||||
|
echo '</p>';
|
||||||
|
} elseif ( $result === null || is_wp_error( $result ) ) {
|
||||||
|
?>
|
||||||
|
<h2><?php _e('An error occurred during the activation'); ?></h2>
|
||||||
|
<?php if ( is_wp_error( $result ) ) {
|
||||||
|
echo '<p>' . $result->get_error_message() . '</p>';
|
||||||
|
} ?>
|
||||||
|
<?php
|
||||||
} else {
|
} else {
|
||||||
$url = isset( $result['blog_id'] ) ? get_blogaddress_by_id( (int) $result['blog_id'] ) : '';
|
$url = isset( $result['blog_id'] ) ? get_blogaddress_by_id( (int) $result['blog_id'] ) : '';
|
||||||
$user = get_userdata( (int) $result['user_id'] );
|
$user = get_userdata( (int) $result['user_id'] );
|
||||||
|
|
|
@ -2231,6 +2231,24 @@ function wp_no_robots() {
|
||||||
echo "<meta name='robots' content='noindex,follow' />\n";
|
echo "<meta name='robots' content='noindex,follow' />\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Display a noindex,noarchive meta tag and referrer origin-when-cross-origin meta tag.
|
||||||
|
*
|
||||||
|
* Outputs a noindex,noarchive meta tag that tells web robots not to index or cache the page content.
|
||||||
|
* Outputs a referrer origin-when-cross-origin meta tag that tells the browser not to send the full
|
||||||
|
* url as a referrer to other sites when cross-origin assets are loaded.
|
||||||
|
*
|
||||||
|
* Typical usage is as a wp_head callback. add_action( 'wp_head', 'wp_sensitive_page_meta' );
|
||||||
|
*
|
||||||
|
* @since 5.0.0
|
||||||
|
*/
|
||||||
|
function wp_sensitive_page_meta() {
|
||||||
|
?>
|
||||||
|
<meta name='robots' content='noindex,noarchive' />
|
||||||
|
<meta name='referrer' content='strict-origin-when-cross-origin' />
|
||||||
|
<?php
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Whether the user should have a WYSIWIG editor.
|
* Whether the user should have a WYSIWIG editor.
|
||||||
*
|
*
|
||||||
|
|
|
@ -33,7 +33,7 @@ function login_header( $title = 'Log In', $message = '', $wp_error = '' ) {
|
||||||
global $error, $interim_login, $action;
|
global $error, $interim_login, $action;
|
||||||
|
|
||||||
// Don't index any of these forms
|
// Don't index any of these forms
|
||||||
add_action( 'login_head', 'wp_no_robots' );
|
add_action( 'login_head', 'wp_sensitive_page_meta' );
|
||||||
|
|
||||||
if ( wp_is_mobile() )
|
if ( wp_is_mobile() )
|
||||||
add_action( 'login_head', 'wp_login_viewport_meta' );
|
add_action( 'login_head', 'wp_login_viewport_meta' );
|
||||||
|
|
Loading…
Reference in New Issue