initial work on improving the password reset workflow

25a4d54d · Dave Lane · cb341972 · 25a4d54d · 25a4d54d
Commit 25a4d54d authored Oct 04, 2019 by Dave Lane
Hide whitespace changes
Inline Side-by-side

Showing with 13 additions and 6 deletions

includes/ore_app.php includes/ore_app.php +12 -6

register-enrol.php register-enrol.php +1 -0

No files found.
--- a/includes/ore_app.php
+++ b/includes/ore_app.php
@@ -224,16 +224,16 @@ class OREMain extends OREBase {
        $errors = $this->get_errors();
        // ensure we have valid credentials from with which to find the relevant user account
        if (empty($_POST['credential']) || !is_string($_POST['credential'])) {
-            //$this->log('missing the credential');
+            $this->log('missing the credential');
            $errors->add(ORE_ERROR_LABEL, 'You must enter a username or email address.');
        } elseif (strpos($_POST['credential'], '@')) {
-            //$this->log('got an email: '.$_POST['credential']);
+            $this->log('got an email: '.$_POST['credential']);
            $user_data = get_user_by('email', trim(wp_unslash($_POST['credential'])));
            if (empty($user_data)) {
-                //$this->log('no user found');
+                $this->log('no user found');
                $errors->add(ORE_ERROR_LABEL, 'There is no user registered with that email address.');
            } else {
-                //$this->log('found user id: '.$user_data->ID);
+                $this->log('found user id: '.$user_data->ID);
            }
        } else {
            $login = trim($_POST['credential']);
@@ -253,6 +253,9 @@ class OREMain extends OREBase {
        $user_login = $user_data->user_login;
        $user_email = $user_data->user_email;
        $key = get_password_reset_key($user_data);
+        $from = get_option("admin_email", ORE_DEFAULT_FROM_EMAIL);
+        //$from = ORE_DEFAULT_FROM_EMAIL;
+        $this->log('from = '.$from);
        if (is_wp_error($key)) {
            return $key;
        }
@@ -275,8 +278,11 @@ class OREMain extends OREBase {
        $title = sprintf( __( '[%s] Password Reset' ), $site_name );
        // apply the filter for password retrieval
        $title = apply_filters( 'retrieve_password_title', $title, $user_login, $user_data );
-        if ($message && !wp_mail($user_email, wp_specialchars_decode($title), $message)) {
-            wp_die(__('The email could not be sent.')."<br />\n".__('Possible reason: your host may have disabled the mail() function.'));
+        $headers = array("From: OERu Course Admin <".$from.">");
+        if ($message && !wp_mail($user_email, wp_specialchars_decode($title), $message, $headers)) {
+            $this->log('sending email via wp_email failed with email '.$user_email.', title '.wp_specialchars_decode($title).', and message '.$message.'... and headers: '.print_r($headers, true));
+            //wp_die(__('The email could not be sent.')."<br />\n".__('Possible reason: your host may have disabled the mail() function.'));
+            return false;
        }
        return true;
    }

--- a/register-enrol.php
+++ b/register-enrol.php
@@ -74,6 +74,7 @@ define('LOG_STREAM', getenv('LOG_STREAM'));
 define('ORE_MIN_PASSWORD_LENGTH', 8);
 define('ORE_MIN_USERNAME_LENGTH', 4);
 define('ORE_MIN_DISPLAY_NAME_LENGTH', 6);
+define('ORE_DEFAULT_FROM_EMAIL', 'webmaster@oerfoundation.org');

 // include the dependencies
 require ORE_PATH . 'includes/ore_app.php';