← Back to branch summary

~canonical-sysadmins/wordpress/5.1.1

« back to all changes in this revision

Viewing changes to wp-activate.php

  • Committer: Barry Price
  • Date: 2018-12-17 04:11:30 UTC
  • mfrom: (1.2.9 upstream)
  • Revision ID: barry.price@canonical.com-20181217041130-plx5zgb8bdsc33l3
Merge WP5.0.1 from upstream

Show diffs side-by-side

added added

removed removed

Lines of Context:
wp-activate.php
18
18
        die();
19
19
}
20
20
 
 
21
$valid_error_codes = array( 'already_active', 'blog_taken' );
 
22
 
 
23
list( $activate_path ) = explode( '?', wp_unslash( $_SERVER['REQUEST_URI'] ) );
 
24
$activate_cookie = 'wp-activate-' . COOKIEHASH;
 
25
 
 
26
$key    = '';
 
27
$result = null;
 
28
 
 
29
if ( isset( $_GET['key'] ) && isset( $_POST['key'] ) && $_GET['key'] !== $_POST['key'] ) {
 
30
        wp_die( __( 'A key value mismatch has been detected. Please follow the link provided in your activation email.' ), __( 'An error occurred during the activation' ), 400 );
 
31
} elseif ( ! empty( $_GET['key'] ) ) {
 
32
        $key = $_GET['key'];
 
33
} elseif ( ! empty( $_POST['key'] ) ) {
 
34
        $key = $_POST['key'];
 
35
}
 
36
 
 
37
if ( $key ) {
 
38
        $redirect_url = remove_query_arg( 'key' );
 
39
 
 
40
        if ( $redirect_url !== remove_query_arg( false ) ) {
 
41
                setcookie( $activate_cookie, $key, 0, $activate_path, COOKIE_DOMAIN, is_ssl(), true );
 
42
                wp_safe_redirect( $redirect_url );
 
43
                exit;
 
44
        } else {
 
45
                $result = wpmu_activate_signup( $key );
 
46
        }
 
47
}
 
48
 
 
49
if ( $result === null && isset( $_COOKIE[ $activate_cookie ] ) ) {
 
50
        $key    = $_COOKIE[ $activate_cookie ];
 
51
        $result = wpmu_activate_signup( $key );
 
52
        setcookie( $activate_cookie, ' ', time() - YEAR_IN_SECONDS, $activate_path, COOKIE_DOMAIN, is_ssl(), true );
 
53
}
 
54
 
 
55
if ( $result === null || ( is_wp_error( $result ) && 'invalid_key' === $result->get_error_code() ) ) {
 
56
        status_header( 404 );
 
57
} elseif ( is_wp_error( $result ) ) {
 
58
        $error_code = $result->get_error_code();
 
59
 
 
60
        if ( ! in_array( $error_code, $valid_error_codes ) ) {
 
61
                status_header( 400 );
 
62
        }
 
63
}
 
64
 
21
65
nocache_headers();
22
66
 
23
67
if ( is_object( $wp_object_cache ) )
69
113
        <?php
70
114
}
71
115
add_action( 'wp_head', 'wpmu_activate_stylesheet' );
 
116
add_action( 'wp_head', 'wp_sensitive_page_meta' );
72
117
 
73
118
get_header( 'wp-activate' );
74
119
?>
75
120
 
76
121
<div id="signup-content" class="widecolumn">
77
122
        <div class="wp-activate-container">
78
 
        <?php if ( empty($_GET['key']) && empty($_POST['key']) ) { ?>
 
123
        <?php if ( ! $key ) { ?>
79
124
 
80
125
                <h2><?php _e('Activation Key Required') ?></h2>
81
126
                <form name="activateform" id="activateform" method="post" action="<?php echo network_site_url('wp-activate.php'); ?>">
89
134
                </form>
90
135
 
91
136
        <?php } else {
92
 
 
93
 
                $key = !empty($_GET['key']) ? $_GET['key'] : $_POST['key'];
94
 
                $result = wpmu_activate_signup( $key );
95
 
                if ( is_wp_error($result) ) {
96
 
                        if ( 'already_active' == $result->get_error_code() || 'blog_taken' == $result->get_error_code() ) {
97
 
                                $signup = $result->get_error_data();
98
 
                                ?>
99
 
                                <h2><?php _e('Your account is now active!'); ?></h2>
100
 
                                <?php
101
 
                                echo '<p class="lead-in">';
102
 
                                if ( $signup->domain . $signup->path == '' ) {
103
 
                                        printf(
104
 
                                                /* translators: 1: login URL, 2: username, 3: user email, 4: lost password URL */
105
 
                                                __( 'Your account has been activated. You may now <a href="%1$s">log in</a> to the site using your chosen username of &#8220;%2$s&#8221;. Please check your email inbox at %3$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%4$s">reset your password</a>.' ),
106
 
                                                network_site_url( 'wp-login.php', 'login' ),
107
 
                                                $signup->user_login,
108
 
                                                $signup->user_email,
109
 
                                                wp_lostpassword_url()
110
 
                                        );
111
 
                                } else {
112
 
                                        printf(
113
 
                                                /* translators: 1: site URL, 2: username, 3: user email, 4: lost password URL */
114
 
                                                __( 'Your site at %1$s is active. You may now log in to your site using your chosen username of &#8220;%2$s&#8221;. Please check your email inbox at %3$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%4$s">reset your password</a>.' ),
115
 
                                                sprintf( '<a href="http://%1$s">%1$s</a>', $signup->domain ),
116
 
                                                $signup->user_login,
117
 
                                                $signup->user_email,
118
 
                                                wp_lostpassword_url()
119
 
                                        );
120
 
                                }
121
 
                                echo '</p>';
 
137
                if ( is_wp_error( $result ) && in_array( $result->get_error_code(), $valid_error_codes ) ) {
 
138
                        $signup = $result->get_error_data();
 
139
                        ?>
 
140
                        <h2><?php _e( 'Your account is now active!' ); ?></h2>
 
141
                        <?php
 
142
                        echo '<p class="lead-in">';
 
143
                        if ( $signup->domain . $signup->path == '' ) {
 
144
                                printf(
 
145
                                /* translators: 1: login URL, 2: username, 3: user email, 4: lost password URL */
 
146
                                        __( 'Your account has been activated. You may now <a href="%1$s">log in</a> to the site using your chosen username of &#8220;%2$s&#8221;. Please check your email inbox at %3$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%4$s">reset your password</a>.' ),
 
147
                                        network_site_url( 'wp-login.php', 'login' ),
 
148
                                        $signup->user_login,
 
149
                                        $signup->user_email,
 
150
                                        wp_lostpassword_url()
 
151
                                );
122
152
                        } else {
123
 
                                ?>
124
 
                                <h2><?php _e( 'An error occurred during the activation' ); ?></h2>
 
153
                                printf(
 
154
                                /* translators: 1: site URL, 2: username, 3: user email, 4: lost password URL */
 
155
                                        __( 'Your site at %1$s is active. You may now log in to your site using your chosen username of &#8220;%2$s&#8221;. Please check your email inbox at %3$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%4$s">reset your password</a>.' ),
 
156
                                        sprintf( '<a href="http://%1$s">%1$s</a>', $signup->domain ),
 
157
                                        $signup->user_login,
 
158
                                        $signup->user_email,
 
159
                                        wp_lostpassword_url()
 
160
                                );
 
161
                        }
 
162
                        echo '</p>';
 
163
                } elseif ( $result === null || is_wp_error( $result ) ) {
 
164
                        ?>
 
165
                        <h2><?php _e( 'An error occurred during the activation' ); ?></h2>
 
166
                        <?php if ( is_wp_error( $result ) ) : ?>
125
167
                                <p><?php echo $result->get_error_message(); ?></p>
126
 
                                <?php
127
 
                        }
 
168
                        <?php endif; ?>
 
169
                        <?php
128
170
                } else {
129
171
                        $url = isset( $result['blog_id'] ) ? get_home_url( (int) $result['blog_id'] ) : '';
130
172
                        $user = get_userdata( (int) $result['user_id'] );