WordPress 禁用密码找回邮件或修改该邮件内容

2022-08-05

WordPress 6.0 新增了两个和密码找回邮件相关的钩子:

  • send_retrieve_password_email可用于过滤是否发送找回密码邮件
  • retrieve_password_notification_email可用于过滤发送给用户的重置密码通知邮件的内容。

为了与一些类似的过滤器(如send_password_change_email或 send_email_change_email)保持一致,并获得更大的灵活性,请将$user_login$user_data参数直接传递给新的send_retrieve_password_emailretrieve_password_notification_email过滤器。

  1. apply_filters( 'send_retrieve_password_email', true, $user_login, $user_data );
  1. apply_filters( 'retrieve_password_notification_email', $defaults, $key, $user_login, $user_data );

禁用密码找回邮件

以下代码可以全局禁用发送密码找回邮件,也可以按照提示通过 $user_login, $user_data 两个参数来添加限制条件:

  1. function wpdax_disable_retrieve_password_email( $user_login, $user_data ){
  2. // 如果你希望符合某类条件的才禁止发送,那你可以通过 $user_login, $user_data 这两个参数来做判断
  3. return false;
  4. }
  5. add_filter( 'send_retrieve_password_email', 'wpdax_disable_retrieve_password_email', 10, 2 );

修改密码找回邮件的内容

retrieve_password_notification_email 承接的 $defaults 内容包括邮件的收件人、标题、信息和Headers头部信息:

  1. $defaults = array(
  2. 'to' => $user_email,
  3. 'subject' => $title,
  4. 'message' => $message,
  5. 'headers' => '',
  6. );

所以,retrieve_password_notification_email 是可以直接修改以上四项内容的。代码范例如下

  1. function wpdx_filter_retrieve_password_notification_email( $defaults, $key, $user_login, $user_data ){
  2. // 可以通过 $key, $user_login, $user_data 三个参数来获取和传递一些用户信息值
  3. // 收件人邮箱 to 不能修改,否则他会收不到
  4. // $defaults['title'] = '自定义标题';
  5. // $defaults['message'] = '自定义消息';
  6. // $defaults['headers'] = '自定义headers'; //一般情况下不需要修改
  7. return $defaults;
  8. }
  9. add_filter( 'retrieve_password_notification_email', 'wpdx_filter_retrieve_password_notification_email', 10, 4 );

在下面的函数代码中,我们可以看到还有两个钩子:

  • retrieve_password_title 专门用于修改找回密码邮件的标题
  • retrieve_password_message 专门用于修改找回密码邮件的消息

所以,你可以根据实际需要,选择对应的钩子。

至于实际如何修改,可以参考WP内核的 /wp-includes/user.php 文件对应的下列函数(以下为 WordPress 6.0 版本):

  1. /**
  2. * Handles sending a password retrieval email to a user.
  3. *
  4. * @since 2.5.0
  5. * @since 5.7.0 Added `$user_login` parameter.
  6. *
  7. * @global wpdb $wpdb WordPress database abstraction object.
  8. * @global PasswordHash $wp_hasher Portable PHP password hashing framework.
  9. *
  10. * @param string $user_login Optional. Username to send a password retrieval email for.
  11. * Defaults to `$_POST['user_login']` if not set.
  12. * @return true|WP_Error True when finished, WP_Error object on error.
  13. */
  14. function retrieve_password( $user_login = null ) {
  15. $errors = new WP_Error();
  16. $user_data = false;
  17. // Use the passed $user_login if available, otherwise use $_POST['user_login'].
  18. if ( ! $user_login && ! empty( $_POST['user_login'] ) ) {
  19. $user_login = $_POST['user_login'];
  20. }
  21. if ( empty( $user_login ) ) {
  22. $errors->add( 'empty_username', __( '<strong>Error</strong>: Please enter a username or email address.' ) );
  23. } elseif ( strpos( $user_login, '@' ) ) {
  24. $user_data = get_user_by( 'email', trim( wp_unslash( $user_login ) ) );
  25. if ( empty( $user_data ) ) {
  26. $errors->add( 'invalid_email', __( '<strong>Error</strong>: There is no account with that username or email address.' ) );
  27. }
  28. } else {
  29. $user_data = get_user_by( 'login', trim( wp_unslash( $user_login ) ) );
  30. }
  31. /**
  32. * Filters the user data during a password reset request.
  33. *
  34. * Allows, for example, custom validation using data other than username or email address.
  35. *
  36. * @since 5.7.0
  37. *
  38. * @param WP_User|false $user_data WP_User object if found, false if the user does not exist.
  39. * @param WP_Error $errors A WP_Error object containing any errors generated
  40. * by using invalid credentials.
  41. */
  42. $user_data = apply_filters( 'lostpassword_user_data', $user_data, $errors );
  43. /**
  44. * Fires before errors are returned from a password reset request.
  45. *
  46. * @since 2.1.0
  47. * @since 4.4.0 Added the `$errors` parameter.
  48. * @since 5.4.0 Added the `$user_data` parameter.
  49. *
  50. * @param WP_Error $errors A WP_Error object containing any errors generated
  51. * by using invalid credentials.
  52. * @param WP_User|false $user_data WP_User object if found, false if the user does not exist.
  53. */
  54. do_action( 'lostpassword_post', $errors, $user_data );
  55. /**
  56. * Filters the errors encountered on a password reset request.
  57. *
  58. * The filtered WP_Error object may, for example, contain errors for an invalid
  59. * username or email address. A WP_Error object should always be returned,
  60. * but may or may not contain errors.
  61. *
  62. * If any errors are present in $errors, this will abort the password reset request.
  63. *
  64. * @since 5.5.0
  65. *
  66. * @param WP_Error $errors A WP_Error object containing any errors generated
  67. * by using invalid credentials.
  68. * @param WP_User|false $user_data WP_User object if found, false if the user does not exist.
  69. */
  70. $errors = apply_filters( 'lostpassword_errors', $errors, $user_data );
  71. if ( $errors->has_errors() ) {
  72. return $errors;
  73. }
  74. if ( ! $user_data ) {
  75. $errors->add( 'invalidcombo', __( '<strong>Error</strong>: There is no account with that username or email address.' ) );
  76. return $errors;
  77. }
  78. /**
  79. * Filters whether to send the retrieve password email.
  80. *
  81. * Return false to disable sending the email.
  82. *
  83. * @since 6.0.0
  84. *
  85. * @param bool $send Whether to send the email.
  86. * @param string $user_login The username for the user.
  87. * @param WP_User $user_data WP_User object.
  88. */
  89. if ( ! apply_filters( 'send_retrieve_password_email', true, $user_login, $user_data ) ) {
  90. return true;
  91. }
  92. // Redefining user_login ensures we return the right case in the email.
  93. $user_login = $user_data->user_login;
  94. $user_email = $user_data->user_email;
  95. $key = get_password_reset_key( $user_data );
  96. if ( is_wp_error( $key ) ) {
  97. return $key;
  98. }
  99. // Localize password reset message content for user.
  100. $locale = get_user_locale( $user_data );
  101. $switched_locale = switch_to_locale( $locale );
  102. if ( is_multisite() ) {
  103. $site_name = get_network()->site_name;
  104. } else {
  105. /*
  106. * The blogname option is escaped with esc_html on the way into the database
  107. * in sanitize_option. We want to reverse this for the plain text arena of emails.
  108. */
  109. $site_name = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES );
  110. }
  111. $message = __( 'Someone has requested a password reset for the following account:' ) . "\r\n\r\n";
  112. /* translators: %s: Site name. */
  113. $message .= sprintf( __( 'Site Name: %s' ), $site_name ) . "\r\n\r\n";
  114. /* translators: %s: User login. */
  115. $message .= sprintf( __( 'Username: %s' ), $user_login ) . "\r\n\r\n";
  116. $message .= __( 'If this was a mistake, ignore this email and nothing will happen.' ) . "\r\n\r\n";
  117. $message .= __( 'To reset your password, visit the following address:' ) . "\r\n\r\n";
  118. $message .= network_site_url( "wp-login.php?action=rp&key=$key&login=" . rawurlencode( $user_login ), 'login' ) . '&wp_lang=' . $locale . "\r\n\r\n";
  119. if ( ! is_user_logged_in() ) {
  120. $requester_ip = $_SERVER['REMOTE_ADDR'];
  121. if ( $requester_ip ) {
  122. $message .= sprintf(
  123. /* translators: %s: IP address of password reset requester. */
  124. __( 'This password reset request originated from the IP address %s.' ),
  125. $requester_ip
  126. ) . "\r\n";
  127. }
  128. }
  129. /* translators: Password reset notification email subject. %s: Site title. */
  130. $title = sprintf( __( '[%s] Password Reset' ), $site_name );
  131. /**
  132. * Filters the subject of the password reset email.
  133. *
  134. * @since 2.8.0
  135. * @since 4.4.0 Added the `$user_login` and `$user_data` parameters.
  136. *
  137. * @param string $title Email subject.
  138. * @param string $user_login The username for the user.
  139. * @param WP_User $user_data WP_User object.
  140. */
  141. $title = apply_filters( 'retrieve_password_title', $title, $user_login, $user_data );
  142. /**
  143. * Filters the message body of the password reset mail.
  144. *
  145. * If the filtered message is empty, the password reset email will not be sent.
  146. *
  147. * @since 2.8.0
  148. * @since 4.1.0 Added `$user_login` and `$user_data` parameters.
  149. *
  150. * @param string $message Email message.
  151. * @param string $key The activation key.
  152. * @param string $user_login The username for the user.
  153. * @param WP_User $user_data WP_User object.
  154. */
  155. $message = apply_filters( 'retrieve_password_message', $message, $key, $user_login, $user_data );
  156. // Short-circuit on falsey $message value for backwards compatibility.
  157. if ( ! $message ) {
  158. return true;
  159. }
  160. /*
  161. * Wrap the single notification email arguments in an array
  162. * to pass them to the retrieve_password_notification_email filter.
  163. */
  164. $defaults = array(
  165. 'to' => $user_email,
  166. 'subject' => $title,
  167. 'message' => $message,
  168. 'headers' => '',
  169. );
  170. /**
  171. * Filters the contents of the reset password notification email sent to the user.
  172. *
  173. * @since 6.0.0
  174. *
  175. * @param array $defaults {
  176. * The default notification email arguments. Used to build wp_mail().
  177. *
  178. * @type string $to The intended recipient - user email address.
  179. * @type string $subject The subject of the email.
  180. * @type string $message The body of the email.
  181. * @type string $headers The headers of the email.
  182. * }
  183. * @type string $key The activation key.
  184. * @type string $user_login The username for the user.
  185. * @type WP_User $user_data WP_User object.
  186. */
  187. $notification_email = apply_filters( 'retrieve_password_notification_email', $defaults, $key, $user_login, $user_data );
  188. if ( $switched_locale ) {
  189. restore_previous_locale();
  190. }
  191. if ( is_array( $notification_email ) ) {
  192. // Force key order and merge defaults in case any value is missing in the filtered array.
  193. $notification_email = array_merge( $defaults, $notification_email );
  194. } else {
  195. $notification_email = $defaults;
  196. }
  197. list( $to, $subject, $message, $headers ) = array_values( $notification_email );
  198. $subject = wp_specialchars_decode( $subject );
  199. if ( ! wp_mail( $to, $subject, $message, $headers ) ) {
  200. $errors->add(
  201. 'retrieve_password_email_failure',
  202. sprintf(
  203. /* translators: %s: Documentation URL. */
  204. __( '<strong>Error</strong>: The email could not be sent. Your site may not be correctly configured to send emails. <a href="%s" rel="external nofollow" >Get support for resetting your password</a>.' ),
  205. esc_url( __( 'https://wordpress.org/support/article/resetting-your-password/' ) )
  206. )
  207. );
  208. return $errors;
  209. }
  210. return true;
  211. }
收藏 (0) 打赏

感谢您的支持,我会继续努力的!

打开微信扫一扫,即可进行扫码打赏哦,分享从这里开始,精彩与您同在
点赞 (0)

免责声明 1、本站所发布的全部内容源于互联网搬运,(包括源代码、软件、学习资料等)本站提供的一切软件、教程和内容信息仅限用于学习和研究目的;不得将上述内容用于商业或者非法用途,否则,一切后果请用户自负。本站信息来自网络收集整理,版权争议与本站无关。您必须在下载后的23个小时之内,从您的电脑或手机中彻底删除上述内容。
2、访问本站的用户必须明白,本站对所提供下载的软件和程序代码不拥有任何权利,其版权归该软件和程序代码的合法拥有者所有,如果您喜欢该程序和内容,请支持正版,购买注册,得到更好的正版服务。我们非常重视版权问题,如本站不慎侵犯您的版权请联系我们,我们将及时处理,并撤下相关内容!敬请谅解! 侵删请致信E-mail:messi0808@qq.com
3、如下载的压缩包需要解压密码,若无特殊说明,那么文件的解压密码则为www.xmy7.com
4、如遇到加密压缩包,请使用WINRAR解压,如遇到无法解压的请联系管理员!

小蚂蚁资源网 cms教程 WordPress 禁用密码找回邮件或修改该邮件内容 https://www.xmy7.com/zh/cms/8890.html

相关文章