Edit File by line

/**

[2500] Fix | Delete

* Fires before a new password is retrieved.

[2501] Fix | Delete

[2502] Fix | Delete

* @since 1.5.1

[2503] Fix | Delete

[2504] Fix | Delete

* @param string $user_login The user login name.

[2505] Fix | Delete

[2506] Fix | Delete

do_action( 'retrieve_password', $user->user_login );

[2507] Fix | Delete

[2508] Fix | Delete

$allow = true;

[2509] Fix | Delete

if ( is_multisite() && is_user_spammy( $user ) ) {

[2510] Fix | Delete

$allow = false;

[2511] Fix | Delete

}

[2512] Fix | Delete

[2513] Fix | Delete

/**

[2514] Fix | Delete

* Filters whether to allow a password to be reset.

[2515] Fix | Delete

[2516] Fix | Delete

* @since 2.7.0

[2517] Fix | Delete

[2518] Fix | Delete

* @param bool $allow Whether to allow the password to be reset. Default true.

[2519] Fix | Delete

* @param int $ID The ID of the user attempting to reset a password.

[2520] Fix | Delete

[2521] Fix | Delete

$allow = apply_filters( 'allow_password_reset', $allow, $user->ID );

[2522] Fix | Delete

[2523] Fix | Delete

if ( ! $allow ) {

[2524] Fix | Delete

return new WP_Error( 'no_password_reset', __( 'Password reset is not allowed for this user' ) );

[2525] Fix | Delete

} elseif ( is_wp_error( $allow ) ) {

[2526] Fix | Delete

return $allow;

[2527] Fix | Delete

}

[2528] Fix | Delete

[2529] Fix | Delete

// Generate something random for a password reset key.

[2530] Fix | Delete

$key = wp_generate_password( 20, false );

[2531] Fix | Delete

[2532] Fix | Delete

/**

[2533] Fix | Delete

* Fires when a password reset key is generated.

[2534] Fix | Delete

[2535] Fix | Delete

* @since 2.5.0

[2536] Fix | Delete

[2537] Fix | Delete

* @param string $user_login The username for the user.

[2538] Fix | Delete

* @param string $key The generated password reset key.

[2539] Fix | Delete

[2540] Fix | Delete

do_action( 'retrieve_password_key', $user->user_login, $key );

[2541] Fix | Delete

[2542] Fix | Delete

// Now insert the key, hashed, into the DB.

[2543] Fix | Delete

if ( empty( $wp_hasher ) ) {

[2544] Fix | Delete

require_once ABSPATH . WPINC . '/class-phpass.php';

[2545] Fix | Delete

$wp_hasher = new PasswordHash( 8, true );

[2546] Fix | Delete

}

[2547] Fix | Delete

[2548] Fix | Delete

$hashed = time() . ':' . $wp_hasher->HashPassword( $key );

[2549] Fix | Delete

[2550] Fix | Delete

$key_saved = wp_update_user(

[2551] Fix | Delete

array(

[2552] Fix | Delete

'ID' => $user->ID,

[2553] Fix | Delete

'user_activation_key' => $hashed,

[2554] Fix | Delete

)

[2555] Fix | Delete

);

[2556] Fix | Delete

[2557] Fix | Delete

if ( is_wp_error( $key_saved ) ) {

[2558] Fix | Delete

return $key_saved;

[2559] Fix | Delete

}

[2560] Fix | Delete

[2561] Fix | Delete

return $key;

[2562] Fix | Delete

}

[2563] Fix | Delete

[2564] Fix | Delete

/**

[2565] Fix | Delete

* Retrieves a user row based on password reset key and login

[2566] Fix | Delete

[2567] Fix | Delete

* A key is considered 'expired' if it exactly matches the value of the

[2568] Fix | Delete

* user_activation_key field, rather than being matched after going through the

[2569] Fix | Delete

* hashing process. This field is now hashed; old values are no longer accepted

[2570] Fix | Delete

* but have a different WP_Error code so good user feedback can be provided.

[2571] Fix | Delete

[2572] Fix | Delete

* @since 3.1.0

[2573] Fix | Delete

[2574] Fix | Delete

* @global wpdb $wpdb WordPress database object for queries.

[2575] Fix | Delete

* @global PasswordHash $wp_hasher Portable PHP password hashing framework instance.

[2576] Fix | Delete

[2577] Fix | Delete

* @param string $key Hash to validate sending user's password.

[2578] Fix | Delete

* @param string $login The user login.

[2579] Fix | Delete

* @return WP_User|WP_Error WP_User object on success, WP_Error object for invalid or expired keys.

[2580] Fix | Delete

[2581] Fix | Delete

function check_password_reset_key( $key, $login ) {

[2582] Fix | Delete

global $wpdb, $wp_hasher;

[2583] Fix | Delete

[2584] Fix | Delete

$key = preg_replace( '/[^a-z0-9]/i', '', $key );

[2585] Fix | Delete

[2586] Fix | Delete

if ( empty( $key ) || ! is_string( $key ) ) {

[2587] Fix | Delete

return new WP_Error( 'invalid_key', __( 'Invalid key.' ) );

[2588] Fix | Delete

}

[2589] Fix | Delete

[2590] Fix | Delete

if ( empty( $login ) || ! is_string( $login ) ) {

[2591] Fix | Delete

return new WP_Error( 'invalid_key', __( 'Invalid key.' ) );

[2592] Fix | Delete

}

[2593] Fix | Delete

[2594] Fix | Delete

$user = get_user_by( 'login', $login );

[2595] Fix | Delete

[2596] Fix | Delete

if ( ! $user ) {

[2597] Fix | Delete

return new WP_Error( 'invalid_key', __( 'Invalid key.' ) );

[2598] Fix | Delete

}

[2599] Fix | Delete

[2600] Fix | Delete

if ( empty( $wp_hasher ) ) {

[2601] Fix | Delete

require_once ABSPATH . WPINC . '/class-phpass.php';

[2602] Fix | Delete

$wp_hasher = new PasswordHash( 8, true );

[2603] Fix | Delete

}

[2604] Fix | Delete

[2605] Fix | Delete

/**

[2606] Fix | Delete

* Filters the expiration time of password reset keys.

[2607] Fix | Delete

[2608] Fix | Delete

* @since 4.3.0

[2609] Fix | Delete

[2610] Fix | Delete

* @param int $expiration The expiration time in seconds.

[2611] Fix | Delete

[2612] Fix | Delete

$expiration_duration = apply_filters( 'password_reset_expiration', DAY_IN_SECONDS );

[2613] Fix | Delete

[2614] Fix | Delete

if ( false !== strpos( $user->user_activation_key, ':' ) ) {

[2615] Fix | Delete

list( $pass_request_time, $pass_key ) = explode( ':', $user->user_activation_key, 2 );

[2616] Fix | Delete

$expiration_time = $pass_request_time + $expiration_duration;

[2617] Fix | Delete

} else {

[2618] Fix | Delete

$pass_key = $user->user_activation_key;

[2619] Fix | Delete

$expiration_time = false;

[2620] Fix | Delete

}

[2621] Fix | Delete

[2622] Fix | Delete

if ( ! $pass_key ) {

[2623] Fix | Delete

return new WP_Error( 'invalid_key', __( 'Invalid key.' ) );

[2624] Fix | Delete

}

[2625] Fix | Delete

[2626] Fix | Delete

$hash_is_correct = $wp_hasher->CheckPassword( $key, $pass_key );

[2627] Fix | Delete

[2628] Fix | Delete

if ( $hash_is_correct && $expiration_time && time() < $expiration_time ) {

[2629] Fix | Delete

return $user;

[2630] Fix | Delete

} elseif ( $hash_is_correct && $expiration_time ) {

[2631] Fix | Delete

// Key has an expiration time that's passed.

[2632] Fix | Delete

return new WP_Error( 'expired_key', __( 'Invalid key.' ) );

[2633] Fix | Delete

}

[2634] Fix | Delete

[2635] Fix | Delete

if ( hash_equals( $user->user_activation_key, $key ) || ( $hash_is_correct && ! $expiration_time ) ) {

[2636] Fix | Delete

$return = new WP_Error( 'expired_key', __( 'Invalid key.' ) );

[2637] Fix | Delete

$user_id = $user->ID;

[2638] Fix | Delete

[2639] Fix | Delete

/**

[2640] Fix | Delete

* Filters the return value of check_password_reset_key() when an

[2641] Fix | Delete

* old-style key is used.

[2642] Fix | Delete

[2643] Fix | Delete

* @since 3.7.0 Previously plain-text keys were stored in the database.

[2644] Fix | Delete

* @since 4.3.0 Previously key hashes were stored without an expiration time.

[2645] Fix | Delete

[2646] Fix | Delete

* @param WP_Error $return A WP_Error object denoting an expired key.

[2647] Fix | Delete

* Return a WP_User object to validate the key.

[2648] Fix | Delete

* @param int $user_id The matched user ID.

[2649] Fix | Delete

[2650] Fix | Delete

return apply_filters( 'password_reset_key_expired', $return, $user_id );

[2651] Fix | Delete

}

[2652] Fix | Delete

[2653] Fix | Delete

return new WP_Error( 'invalid_key', __( 'Invalid key.' ) );

[2654] Fix | Delete

}

[2655] Fix | Delete

[2656] Fix | Delete

/**

[2657] Fix | Delete

* Handles sending a password retrieval email to a user.

[2658] Fix | Delete

[2659] Fix | Delete

* @since 2.5.0

[2660] Fix | Delete

* @since 5.7.0 Added `$user_login` parameter.

[2661] Fix | Delete

[2662] Fix | Delete

* @global wpdb $wpdb WordPress database abstraction object.

[2663] Fix | Delete

* @global PasswordHash $wp_hasher Portable PHP password hashing framework.

[2664] Fix | Delete

[2665] Fix | Delete

* @param string $user_login Optional. Username to send a password retrieval email for.

[2666] Fix | Delete

* Defaults to `$_POST['user_login']` if not set.

[2667] Fix | Delete

* @return true|WP_Error True when finished, WP_Error object on error.

[2668] Fix | Delete

[2669] Fix | Delete

function retrieve_password( $user_login = null ) {

[2670] Fix | Delete

$errors = new WP_Error();

[2671] Fix | Delete

$user_data = false;

[2672] Fix | Delete

[2673] Fix | Delete

// Use the passed $user_login if available, otherwise use $_POST['user_login'].

[2674] Fix | Delete

if ( ! $user_login && ! empty( $_POST['user_login'] ) ) {

[2675] Fix | Delete

$user_login = $_POST['user_login'];

[2676] Fix | Delete

}

[2677] Fix | Delete

[2678] Fix | Delete

if ( empty( $user_login ) ) {

[2679] Fix | Delete

$errors->add( 'empty_username', __( 'Error: Please enter a username or email address.' ) );

[2680] Fix | Delete

} elseif ( strpos( $user_login, '@' ) ) {

[2681] Fix | Delete

$user_data = get_user_by( 'email', trim( wp_unslash( $user_login ) ) );

[2682] Fix | Delete

if ( empty( $user_data ) ) {

[2683] Fix | Delete

$errors->add( 'invalid_email', __( 'Error: There is no account with that username or email address.' ) );

[2684] Fix | Delete

}

[2685] Fix | Delete

} else {

[2686] Fix | Delete

$user_data = get_user_by( 'login', trim( wp_unslash( $user_login ) ) );

[2687] Fix | Delete

}

[2688] Fix | Delete

[2689] Fix | Delete

/**

[2690] Fix | Delete

* Filters the user data during a password reset request.

[2691] Fix | Delete

[2692] Fix | Delete

* Allows, for example, custom validation using data other than username or email address.

[2693] Fix | Delete

[2694] Fix | Delete

* @since 5.7.0

[2695] Fix | Delete

[2696] Fix | Delete

* @param WP_User|false $user_data WP_User object if found, false if the user does not exist.

[2697] Fix | Delete

* @param WP_Error $errors A WP_Error object containing any errors generated

[2698] Fix | Delete

* by using invalid credentials.

[2699] Fix | Delete

[2700] Fix | Delete

$user_data = apply_filters( 'lostpassword_user_data', $user_data, $errors );

[2701] Fix | Delete

[2702] Fix | Delete

/**

[2703] Fix | Delete

* Fires before errors are returned from a password reset request.

[2704] Fix | Delete

[2705] Fix | Delete

* @since 2.1.0

[2706] Fix | Delete

* @since 4.4.0 Added the `$errors` parameter.

[2707] Fix | Delete

* @since 5.4.0 Added the `$user_data` parameter.

[2708] Fix | Delete

[2709] Fix | Delete

* @param WP_Error $errors A WP_Error object containing any errors generated

[2710] Fix | Delete

* by using invalid credentials.

[2711] Fix | Delete

* @param WP_User|false $user_data WP_User object if found, false if the user does not exist.

[2712] Fix | Delete

[2713] Fix | Delete

do_action( 'lostpassword_post', $errors, $user_data );

[2714] Fix | Delete

[2715] Fix | Delete

/**

[2716] Fix | Delete

* Filters the errors encountered on a password reset request.

[2717] Fix | Delete

[2718] Fix | Delete

* The filtered WP_Error object may, for example, contain errors for an invalid

[2719] Fix | Delete

* username or email address. A WP_Error object should always be returned,

[2720] Fix | Delete

* but may or may not contain errors.

[2721] Fix | Delete

[2722] Fix | Delete

* If any errors are present in $errors, this will abort the password reset request.

[2723] Fix | Delete

[2724] Fix | Delete

* @since 5.5.0

[2725] Fix | Delete

[2726] Fix | Delete

* @param WP_Error $errors A WP_Error object containing any errors generated

[2727] Fix | Delete

* by using invalid credentials.

[2728] Fix | Delete

* @param WP_User|false $user_data WP_User object if found, false if the user does not exist.

[2729] Fix | Delete

[2730] Fix | Delete

$errors = apply_filters( 'lostpassword_errors', $errors, $user_data );

[2731] Fix | Delete

[2732] Fix | Delete

if ( $errors->has_errors() ) {

[2733] Fix | Delete

return $errors;

[2734] Fix | Delete

}

[2735] Fix | Delete

[2736] Fix | Delete

if ( ! $user_data ) {

[2737] Fix | Delete

$errors->add( 'invalidcombo', __( 'Error: There is no account with that username or email address.' ) );

[2738] Fix | Delete

return $errors;

[2739] Fix | Delete

}

[2740] Fix | Delete

[2741] Fix | Delete

// Redefining user_login ensures we return the right case in the email.

[2742] Fix | Delete

$user_login = $user_data->user_login;

[2743] Fix | Delete

$user_email = $user_data->user_email;

[2744] Fix | Delete

$key = get_password_reset_key( $user_data );

[2745] Fix | Delete

[2746] Fix | Delete

if ( is_wp_error( $key ) ) {

[2747] Fix | Delete

return $key;

[2748] Fix | Delete

}

[2749] Fix | Delete

[2750] Fix | Delete

// Localize password reset message content for user.

[2751] Fix | Delete

$locale = get_user_locale( $user_data );

[2752] Fix | Delete

[2753] Fix | Delete

$switched_locale = switch_to_locale( $locale );

[2754] Fix | Delete

[2755] Fix | Delete

if ( is_multisite() ) {

[2756] Fix | Delete

$site_name = get_network()->site_name;

[2757] Fix | Delete

} else {

[2758] Fix | Delete

[2759] Fix | Delete

* The blogname option is escaped with esc_html on the way into the database

[2760] Fix | Delete

* in sanitize_option. We want to reverse this for the plain text arena of emails.

[2761] Fix | Delete

[2762] Fix | Delete

$site_name = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES );

[2763] Fix | Delete

}

[2764] Fix | Delete

[2765] Fix | Delete

$message = __( 'Someone has requested a password reset for the following account:' ) . "\r\n\r\n";

[2766] Fix | Delete

/* translators: %s: Site name. */

[2767] Fix | Delete

$message .= sprintf( __( 'Site Name: %s' ), $site_name ) . "\r\n\r\n";

[2768] Fix | Delete

/* translators: %s: User login. */

[2769] Fix | Delete

$message .= sprintf( __( 'Username: %s' ), $user_login ) . "\r\n\r\n";

[2770] Fix | Delete

$message .= __( 'If this was a mistake, ignore this email and nothing will happen.' ) . "\r\n\r\n";

[2771] Fix | Delete

$message .= __( 'To reset your password, visit the following address:' ) . "\r\n\r\n";

[2772] Fix | Delete

$message .= network_site_url( "wp-login.php?action=rp&key=$key&login=" . rawurlencode( $user_login ), 'login' ) . "\r\n\r\n";

[2773] Fix | Delete

[2774] Fix | Delete

if ( ! is_user_logged_in() ) {

[2775] Fix | Delete

$requester_ip = $_SERVER['REMOTE_ADDR'];

[2776] Fix | Delete

if ( $requester_ip ) {

[2777] Fix | Delete

$message .= sprintf(

[2778] Fix | Delete

/* translators: %s: IP address of password reset requester. */

[2779] Fix | Delete

__( 'This password reset request originated from the IP address %s.' ),

[2780] Fix | Delete

$requester_ip

[2781] Fix | Delete

) . "\r\n";

[2782] Fix | Delete

}

[2783] Fix | Delete

}

[2784] Fix | Delete

[2785] Fix | Delete

/* translators: Password reset notification email subject. %s: Site title. */

[2786] Fix | Delete

$title = sprintf( __( '[%s] Password Reset' ), $site_name );

[2787] Fix | Delete

[2788] Fix | Delete

/**

[2789] Fix | Delete

* Filters the subject of the password reset email.

[2790] Fix | Delete

[2791] Fix | Delete

* @since 2.8.0

[2792] Fix | Delete

* @since 4.4.0 Added the `$user_login` and `$user_data` parameters.

[2793] Fix | Delete

[2794] Fix | Delete

* @param string $title Email subject.

[2795] Fix | Delete

* @param string $user_login The username for the user.

[2796] Fix | Delete

* @param WP_User $user_data WP_User object.

[2797] Fix | Delete

[2798] Fix | Delete

$title = apply_filters( 'retrieve_password_title', $title, $user_login, $user_data );

[2799] Fix | Delete

[2800] Fix | Delete

/**

[2801] Fix | Delete

* Filters the message body of the password reset mail.

[2802] Fix | Delete

[2803] Fix | Delete

* If the filtered message is empty, the password reset email will not be sent.

[2804] Fix | Delete

[2805] Fix | Delete

* @since 2.8.0

[2806] Fix | Delete

* @since 4.1.0 Added `$user_login` and `$user_data` parameters.

[2807] Fix | Delete

[2808] Fix | Delete

* @param string $message Email message.

[2809] Fix | Delete

* @param string $key The activation key.

[2810] Fix | Delete

* @param string $user_login The username for the user.

[2811] Fix | Delete

* @param WP_User $user_data WP_User object.

[2812] Fix | Delete

[2813] Fix | Delete

$message = apply_filters( 'retrieve_password_message', $message, $key, $user_login, $user_data );

[2814] Fix | Delete

[2815] Fix | Delete

if ( $switched_locale ) {

[2816] Fix | Delete

restore_previous_locale();

[2817] Fix | Delete

}

[2818] Fix | Delete

[2819] Fix | Delete

if ( $message && ! wp_mail( $user_email, wp_specialchars_decode( $title ), $message ) ) {

[2820] Fix | Delete

$errors->add(

[2821] Fix | Delete

'retrieve_password_email_failure',

[2822] Fix | Delete

sprintf(

[2823] Fix | Delete

/* translators: %s: Documentation URL. */

[2824] Fix | Delete

__( 'Error: The email could not be sent. Your site may not be correctly configured to send emails. <a href="%s">Get support for resetting your password</a>.' ),

[2825] Fix | Delete

esc_url( __( 'https://wordpress.org/support/article/resetting-your-password/' ) )

[2826] Fix | Delete

)

[2827] Fix | Delete

);

[2828] Fix | Delete

return $errors;

[2829] Fix | Delete

}

[2830] Fix | Delete

[2831] Fix | Delete

return true;

[2832] Fix | Delete

}

[2833] Fix | Delete

[2834] Fix | Delete

/**

[2835] Fix | Delete

* Handles resetting the user's password.

[2836] Fix | Delete

[2837] Fix | Delete

* @since 2.5.0

[2838] Fix | Delete

[2839] Fix | Delete

* @param WP_User $user The user

[2840] Fix | Delete

* @param string $new_pass New password for the user in plaintext

[2841] Fix | Delete

[2842] Fix | Delete

function reset_password( $user, $new_pass ) {

[2843] Fix | Delete

/**

[2844] Fix | Delete

* Fires before the user's password is reset.

[2845] Fix | Delete

[2846] Fix | Delete

* @since 1.5.0

[2847] Fix | Delete

[2848] Fix | Delete

* @param WP_User $user The user.

[2849] Fix | Delete

* @param string $new_pass New user password.

[2850] Fix | Delete

[2851] Fix | Delete

do_action( 'password_reset', $user, $new_pass );

[2852] Fix | Delete

[2853] Fix | Delete

wp_set_password( $new_pass, $user->ID );

[2854] Fix | Delete

update_user_option( $user->ID, 'default_password_nag', false, true );

[2855] Fix | Delete

[2856] Fix | Delete

/**

[2857] Fix | Delete

* Fires after the user's password is reset.

[2858] Fix | Delete

[2859] Fix | Delete

* @since 4.4.0

[2860] Fix | Delete

[2861] Fix | Delete

* @param WP_User $user The user.

[2862] Fix | Delete

* @param string $new_pass New user password.

[2863] Fix | Delete

[2864] Fix | Delete

do_action( 'after_password_reset', $user, $new_pass );

[2865] Fix | Delete

}

[2866] Fix | Delete

[2867] Fix | Delete

/**

[2868] Fix | Delete

* Handles registering a new user.

[2869] Fix | Delete

[2870] Fix | Delete

* @since 2.5.0

[2871] Fix | Delete

[2872] Fix | Delete

* @param string $user_login User's username for logging in

[2873] Fix | Delete

* @param string $user_email User's email address to send password and add

[2874] Fix | Delete

* @return int|WP_Error Either user's ID or error on failure.

[2875] Fix | Delete

[2876] Fix | Delete

function register_new_user( $user_login, $user_email ) {

[2877] Fix | Delete

$errors = new WP_Error();

[2878] Fix | Delete

[2879] Fix | Delete

$sanitized_user_login = sanitize_user( $user_login );

[2880] Fix | Delete

/**

[2881] Fix | Delete

* Filters the email address of a user being registered.

[2882] Fix | Delete

[2883] Fix | Delete

* @since 2.1.0

[2884] Fix | Delete

[2885] Fix | Delete

* @param string $user_email The email address of the new user.

[2886] Fix | Delete

[2887] Fix | Delete

$user_email = apply_filters( 'user_registration_email', $user_email );

[2888] Fix | Delete

[2889] Fix | Delete

// Check the username.

[2890] Fix | Delete

if ( '' === $sanitized_user_login ) {

[2891] Fix | Delete

$errors->add( 'empty_username', __( 'Error: Please enter a username.' ) );

[2892] Fix | Delete

} elseif ( ! validate_username( $user_login ) ) {

[2893] Fix | Delete

$errors->add( 'invalid_username', __( 'Error: This username is invalid because it uses illegal characters. Please enter a valid username.' ) );

[2894] Fix | Delete

$sanitized_user_login = '';

[2895] Fix | Delete

} elseif ( username_exists( $sanitized_user_login ) ) {

[2896] Fix | Delete

$errors->add( 'username_exists', __( 'Error: This username is already registered. Please choose another one.' ) );

[2897] Fix | Delete

[2898] Fix | Delete

} else {

[2899] Fix | Delete

/** This filter is documented in wp-includes/user.php */

[2900] Fix | Delete

$illegal_user_logins = (array) apply_filters( 'illegal_user_logins', array() );

[2901] Fix | Delete

if ( in_array( strtolower( $sanitized_user_login ), array_map( 'strtolower', $illegal_user_logins ), true ) ) {

[2902] Fix | Delete

$errors->add( 'invalid_username', __( 'Error: Sorry, that username is not allowed.' ) );

[2903] Fix | Delete

}

[2904] Fix | Delete

}

[2905] Fix | Delete

[2906] Fix | Delete

// Check the email address.

[2907] Fix | Delete

if ( '' === $user_email ) {

[2908] Fix | Delete

$errors->add( 'empty_email', __( 'Error: Please type your email address.' ) );

[2909] Fix | Delete

} elseif ( ! is_email( $user_email ) ) {

[2910] Fix | Delete

$errors->add( 'invalid_email', __( 'Error: The email address isn’t correct.' ) );

[2911] Fix | Delete

$user_email = '';

[2912] Fix | Delete

} elseif ( email_exists( $user_email ) ) {

[2913] Fix | Delete

$errors->add( 'email_exists', __( 'Error: This email is already registered. Please choose another one.' ) );

[2914] Fix | Delete

}

[2915] Fix | Delete

[2916] Fix | Delete

/**

[2917] Fix | Delete

* Fires when submitting registration form data, before the user is created.

[2918] Fix | Delete

[2919] Fix | Delete

* @since 2.1.0

[2920] Fix | Delete

[2921] Fix | Delete

* @param string $sanitized_user_login The submitted username after being sanitized.

[2922] Fix | Delete

* @param string $user_email The submitted email.

[2923] Fix | Delete

* @param WP_Error $errors Contains any errors with submitted username and email,

[2924] Fix | Delete

* e.g., an empty field, an invalid username or email,

[2925] Fix | Delete

* or an existing username or email.

[2926] Fix | Delete

[2927] Fix | Delete

do_action( 'register_post', $sanitized_user_login, $user_email, $errors );

[2928] Fix | Delete

[2929] Fix | Delete

/**

[2930] Fix | Delete

* Filters the errors encountered when a new user is being registered.

[2931] Fix | Delete

[2932] Fix | Delete

* The filtered WP_Error object may, for example, contain errors for an invalid

[2933] Fix | Delete

* or existing username or email address. A WP_Error object should always be returned,

[2934] Fix | Delete

* but may or may not contain errors.

[2935] Fix | Delete

[2936] Fix | Delete

* If any errors are present in $errors, this will abort the user's registration.

[2937] Fix | Delete

[2938] Fix | Delete

* @since 2.1.0

[2939] Fix | Delete

[2940] Fix | Delete

* @param WP_Error $errors A WP_Error object containing any errors encountered

[2941] Fix | Delete

* during registration.

[2942] Fix | Delete

* @param string $sanitized_user_login User's username after it has been sanitized.

[2943] Fix | Delete

* @param string $user_email User's email.

[2944] Fix | Delete

[2945] Fix | Delete

$errors = apply_filters( 'registration_errors', $errors, $sanitized_user_login, $user_email );

[2946] Fix | Delete

[2947] Fix | Delete

if ( $errors->has_errors() ) {

[2948] Fix | Delete

return $errors;

[2949] Fix | Delete

}

[2950] Fix | Delete

[2951] Fix | Delete

$user_pass = wp_generate_password( 12, false );

[2952] Fix | Delete

$user_id = wp_create_user( $sanitized_user_login, $user_pass, $user_email );

[2953] Fix | Delete

if ( ! $user_id || is_wp_error( $user_id ) ) {

[2954] Fix | Delete

$errors->add(

[2955] Fix | Delete

'registerfail',

[2956] Fix | Delete

sprintf(

[2957] Fix | Delete

/* translators: %s: Admin email address. */

[2958] Fix | Delete

__( 'Error: Couldn’t register you… please contact the <a href="mailto:%s">site admin</a>!' ),

[2959] Fix | Delete

get_option( 'admin_email' )

[2960] Fix | Delete

)

[2961] Fix | Delete

);

[2962] Fix | Delete

return $errors;

[2963] Fix | Delete

}

[2964] Fix | Delete

[2965] Fix | Delete

update_user_option( $user_id, 'default_password_nag', true, true ); // Set up the password change nag.

[2966] Fix | Delete

[2967] Fix | Delete

/**

[2968] Fix | Delete

* Fires after a new user registration has been recorded.

[2969] Fix | Delete

[2970] Fix | Delete

* @since 4.4.0

[2971] Fix | Delete

[2972] Fix | Delete

* @param int $user_id ID of the newly registered user.

[2973] Fix | Delete

[2974] Fix | Delete

do_action( 'register_new_user', $user_id );

[2975] Fix | Delete

[2976] Fix | Delete

return $user_id;

[2977] Fix | Delete

}

[2978] Fix | Delete

[2979] Fix | Delete

/**

[2980] Fix | Delete

* Initiates email notifications related to the creation of new users.

[2981] Fix | Delete

[2982] Fix | Delete

* Notifications are sent both to the site admin and to the newly created user.

[2983] Fix | Delete

[2984] Fix | Delete

* @since 4.4.0

[2985] Fix | Delete

* @since 4.6.0 Converted the `$notify` parameter to accept 'user' for sending

[2986] Fix | Delete

* notifications only to the user created.

[2987] Fix | Delete

[2988] Fix | Delete

* @param int $user_id ID of the newly created user.

[2989] Fix | Delete

* @param string $notify Optional. Type of notification that should happen. Accepts 'admin'

[2990] Fix | Delete

* or an empty string (admin only), 'user', or 'both' (admin and user).

[2991] Fix | Delete

* Default 'both'.

[2992] Fix | Delete

[2993] Fix | Delete

function wp_send_new_user_notifications( $user_id, $notify = 'both' ) {

[2994] Fix | Delete

wp_new_user_notification( $user_id, null, $notify );

[2995] Fix | Delete

}

[2996] Fix | Delete

[2997] Fix | Delete

/**

[2998] Fix | Delete

* Retrieve the current session token from the logged_in cookie.

[2999] Fix | Delete

1 ...4 567 8 9