/** * Replaces the default wp_new_user_notification function of the core. * * Email login credentials to a newly-registered user. * A new user registration notification is also sent to admin email. * * @since 1.0.0 * @access public * @return void */ function wp_new_user_notification($user_id, $plaintext_pass) { $user = get_userdata($user_id); // The blogname option is escaped with esc_html on the way into the database in sanitize_option // we want to reverse this for the plain text arena of emails. $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); // Send notification to admin if not disabled. if (!wpum_get_option('disable_admin_register_email')) { $message = sprintf(__('New user registration on your site %s:', 'wpum'), $blogname) . "\r\n\r\n"; $message .= sprintf(__('Username: %s', 'wpum'), $user->user_login) . "\r\n\r\n"; $message .= sprintf(__('E-mail: %s', 'wpum'), $user->user_email) . "\r\n"; wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration', 'wpum'), $blogname), $message); } /* == Send notification to the user now == */ if (empty($plaintext_pass)) { return; } // Check if email exists first if (wpum_email_exists('register')) { // Retrieve the email from the database $register_email = wpum_get_email('register'); $message = wpautop($register_email['message']); $message = wpum_do_email_tags($message, $user_id, $plaintext_pass); WPUM()->emails->__set('heading', __('Your account', 'wpum')); WPUM()->emails->send($user->user_email, $register_email['subject'], $message); } }
/** * Handles sending password retrieval email to user. * Based on retrieve_password() in core wp-login.php * * @access public * @param string $username contains the username of the user. * @uses $wpdb WordPress Database object * @return bool True: when finish. False: on error */ public static function retrieve_password($username) { global $wpdb, $wp_hasher; // Check on username first, as users can use emails as usernames. $login = trim($username); $user_data = get_user_by('login', $login); // If no user found, check if it login is email and lookup user based on email. if (!$user_data && is_email($username) && apply_filters('wpum_get_username_from_email', true)) { $user_data = get_user_by('email', trim($username)); } do_action('lostpassword_post'); if (!$user_data) { self::add_error(__('Invalid username or e-mail.', 'wpum')); return; } if (is_multisite() && !is_user_member_of_blog($user_data->ID, get_current_blog_id())) { self::add_error(__('Invalid username or e-mail.', 'wpum')); return; } // redefining user_login ensures we return the right case in the email $user_login = $user_data->user_login; $user_email = $user_data->user_email; do_action('retrieve_password', $user_login); $allow = apply_filters('allow_password_reset', true, $user_data->ID); if (!$allow) { self::add_error(__('Password reset is not allowed for this user', 'wpum')); return; } elseif (is_wp_error($allow)) { self::add_error(__('Password reset is not allowed for this user', 'wpum')); return; } $key = wp_generate_password(20, false); do_action('retrieve_password_key', $user_login, $key); // Now insert the key, hashed, into the DB. if (empty($wp_hasher)) { require_once ABSPATH . 'wp-includes/class-phpass.php'; $wp_hasher = new PasswordHash(8, true); } $hashed = $wp_hasher->HashPassword($key); $wpdb->update($wpdb->users, array('user_activation_key' => $hashed), array('user_login' => $user_login)); /* == Send Email == */ // Check if email exists first if (wpum_email_exists('password')) { // Retrieve the email from the database $password_email = wpum_get_email('password'); $message = wpautop($password_email['message']); $message = wpum_do_email_tags($message, $user_data->ID, $key); WPUM()->emails->__set('heading', __('Password Recovery', 'wpum')); WPUM()->emails->send($user_email, $password_email['subject'], $message); self::add_confirmation(__('Check your e-mail for the confirmation link.', 'wpum')); } else { return; } return true; }