diff --git a/src/wp-admin/includes/ms.php b/src/wp-admin/includes/ms.php
index 5f9ba58024..6e8fb07ea3 100644
--- a/src/wp-admin/includes/ms.php
+++ b/src/wp-admin/includes/ms.php
@@ -342,16 +342,16 @@ function send_confirmation_on_profile_email() {
if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_email FROM {$wpdb->users} WHERE user_email=%s", $_POST['email'] ) ) ) {
$errors->add( 'user_email', __( "ERROR : The email address is already used." ), array( 'form-field' => 'email' ) );
- delete_option( $current_user->ID . '_new_email' );
+ delete_user_meta( $current_user->ID, '_new_email' );
return;
}
$hash = md5( $_POST['email'] . time() . mt_rand() );
$new_user_email = array(
- 'hash' => $hash,
- 'newemail' => $_POST['email']
- );
- update_option( $current_user->ID . '_new_email', $new_user_email );
+ 'hash' => $hash,
+ 'newemail' => $_POST['email']
+ );
+ update_user_meta( $current_user->ID, '_new_email', $new_user_email );
/* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */
$email_text = __( 'Howdy ###USERNAME###,
@@ -408,9 +408,9 @@ All at ###SITENAME###
*/
function new_user_email_admin_notice() {
global $pagenow;
- if ( 'profile.php' === $pagenow && isset( $_GET['updated'] ) && $email = get_option( get_current_user_id() . '_new_email' ) ) {
+ if ( 'profile.php' === $pagenow && isset( $_GET['updated'] ) && $email = get_user_meta( get_current_user_id(), '_new_email', true ) ) {
/* translators: %s: New email address */
- echo '
' . sprintf( __( 'Your email address has not been updated yet. Please check your inbox at %s for a confirmation email.' ), esc_html( $email['newemail'] ) ) . '
';
+ echo '' . sprintf( __( 'Your email address has not been updated yet. Please check your inbox at %s for a confirmation email.' ), '' . esc_html( $email['newemail'] ) . '
' ) . '
';
}
}
diff --git a/src/wp-admin/includes/upgrade.php b/src/wp-admin/includes/upgrade.php
index 07de24677a..b4ae33857c 100644
--- a/src/wp-admin/includes/upgrade.php
+++ b/src/wp-admin/includes/upgrade.php
@@ -1668,12 +1668,20 @@ function upgrade_440() {
* @ignore
* @since 4.5.0
*
- * @global int $wp_current_db_version
+ * @global int $wp_current_db_version
+ * @global wpdb $wpdb
*/
function upgrade_450() {
- global $wp_current_db_version;
- if ( $wp_current_db_version < 36180 )
+ global $wp_current_db_version, $wpdb;
+
+ if ( $wp_current_db_version < 36180 ) {
wp_clear_scheduled_hook( 'wp_maybe_auto_update' );
+ }
+
+ // Remove unused email confirmation options, moved to usermeta.
+ if ( $wp_current_db_version < 36679 && is_multisite() ) {
+ $wpdb->query( "DELETE FROM $wpdb->options WHERE option_name REGEXP '^[0-9]+_new_email$'" );
+ }
}
/**
diff --git a/src/wp-admin/user-edit.php b/src/wp-admin/user-edit.php
index 0a38507a6c..bbf21f4510 100644
--- a/src/wp-admin/user-edit.php
+++ b/src/wp-admin/user-edit.php
@@ -82,20 +82,23 @@ if ( is_multisite()
// Execute confirmed email change. See send_confirmation_on_profile_email().
if ( is_multisite() && IS_PROFILE_PAGE && isset( $_GET[ 'newuseremail' ] ) && $current_user->ID ) {
- $new_email = get_option( $current_user->ID . '_new_email' );
- if ( $new_email[ 'hash' ] == $_GET[ 'newuseremail' ] ) {
+ $new_email = get_user_meta( $current_user->ID, '_new_email', true );
+ if ( $new_email && $new_email[ 'hash' ] == $_GET[ 'newuseremail' ] ) {
$user = new stdClass;
$user->ID = $current_user->ID;
$user->user_email = esc_html( trim( $new_email[ 'newemail' ] ) );
- if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $current_user->user_login ) ) )
+ if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $current_user->user_login ) ) ) {
$wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, $current_user->user_login ) );
+ }
wp_update_user( $user );
- delete_option( $current_user->ID . '_new_email' );
- wp_redirect( add_query_arg( array('updated' => 'true'), self_admin_url( 'profile.php' ) ) );
+ delete_user_meta( $current_user->ID, '_new_email' );
+ wp_redirect( add_query_arg( array( 'updated' => 'true' ), self_admin_url( 'profile.php' ) ) );
die();
+ } else {
+ wp_redirect( add_query_arg( array( 'error' => 'new-email' ), self_admin_url( 'profile.php' ) ) );
}
} elseif ( is_multisite() && IS_PROFILE_PAGE && !empty( $_GET['dismiss'] ) && $current_user->ID . '_new_email' == $_GET['dismiss'] ) {
- delete_option( $current_user->ID . '_new_email' );
+ delete_user_meta( $current_user->ID, '_new_email' );
wp_redirect( add_query_arg( array('updated' => 'true'), self_admin_url( 'profile.php' ) ) );
die();
}
@@ -181,6 +184,13 @@ include(ABSPATH . 'wp-admin/admin-header.php');
+
+
+
\n
", $errors->get_error_messages() ); ?>
@@ -383,7 +393,7 @@ if ( is_multisite() && is_network_admin() && ! IS_PROFILE_PAGE && current_user_c
ID . '_new_email' );
+ $new_email = get_user_meta( $current_user->ID, '_new_email', true );
if ( $new_email && $new_email['newemail'] != $current_user->user_email && $profileuser->ID == $current_user->ID ) : ?>