Commit 25a4d54d authored by Dave Lane's avatar Dave Lane
Browse files

initial work on improving the password reset workflow

parent cb341972
...@@ -224,16 +224,16 @@ class OREMain extends OREBase { ...@@ -224,16 +224,16 @@ class OREMain extends OREBase {
$errors = $this->get_errors(); $errors = $this->get_errors();
// ensure we have valid credentials from with which to find the relevant user account // ensure we have valid credentials from with which to find the relevant user account
if (empty($_POST['credential']) || !is_string($_POST['credential'])) { if (empty($_POST['credential']) || !is_string($_POST['credential'])) {
//$this->log('missing the credential'); $this->log('missing the credential');
$errors->add(ORE_ERROR_LABEL, 'You must enter a username or email address.'); $errors->add(ORE_ERROR_LABEL, 'You must enter a username or email address.');
} elseif (strpos($_POST['credential'], '@')) { } elseif (strpos($_POST['credential'], '@')) {
//$this->log('got an email: '.$_POST['credential']); $this->log('got an email: '.$_POST['credential']);
$user_data = get_user_by('email', trim(wp_unslash($_POST['credential']))); $user_data = get_user_by('email', trim(wp_unslash($_POST['credential'])));
if (empty($user_data)) { if (empty($user_data)) {
//$this->log('no user found'); $this->log('no user found');
$errors->add(ORE_ERROR_LABEL, 'There is no user registered with that email address.'); $errors->add(ORE_ERROR_LABEL, 'There is no user registered with that email address.');
} else { } else {
//$this->log('found user id: '.$user_data->ID); $this->log('found user id: '.$user_data->ID);
} }
} else { } else {
$login = trim($_POST['credential']); $login = trim($_POST['credential']);
...@@ -253,6 +253,9 @@ class OREMain extends OREBase { ...@@ -253,6 +253,9 @@ class OREMain extends OREBase {
$user_login = $user_data->user_login; $user_login = $user_data->user_login;
$user_email = $user_data->user_email; $user_email = $user_data->user_email;
$key = get_password_reset_key($user_data); $key = get_password_reset_key($user_data);
$from = get_option("admin_email", ORE_DEFAULT_FROM_EMAIL);
//$from = ORE_DEFAULT_FROM_EMAIL;
$this->log('from = '.$from);
if (is_wp_error($key)) { if (is_wp_error($key)) {
return $key; return $key;
} }
...@@ -275,8 +278,11 @@ class OREMain extends OREBase { ...@@ -275,8 +278,11 @@ class OREMain extends OREBase {
$title = sprintf( __( '[%s] Password Reset' ), $site_name ); $title = sprintf( __( '[%s] Password Reset' ), $site_name );
// apply the filter for password retrieval // apply the filter for password retrieval
$title = apply_filters( 'retrieve_password_title', $title, $user_login, $user_data ); $title = apply_filters( 'retrieve_password_title', $title, $user_login, $user_data );
if ($message && !wp_mail($user_email, wp_specialchars_decode($title), $message)) { $headers = array("From: OERu Course Admin <".$from.">");
wp_die(__('The email could not be sent.')."<br />\n".__('Possible reason: your host may have disabled the mail() function.')); if ($message && !wp_mail($user_email, wp_specialchars_decode($title), $message, $headers)) {
$this->log('sending email via wp_email failed with email '.$user_email.', title '.wp_specialchars_decode($title).', and message '.$message.'... and headers: '.print_r($headers, true));
//wp_die(__('The email could not be sent.')."<br />\n".__('Possible reason: your host may have disabled the mail() function.'));
return false;
} }
return true; return true;
} }
......
...@@ -74,6 +74,7 @@ define('LOG_STREAM', getenv('LOG_STREAM')); ...@@ -74,6 +74,7 @@ define('LOG_STREAM', getenv('LOG_STREAM'));
define('ORE_MIN_PASSWORD_LENGTH', 8); define('ORE_MIN_PASSWORD_LENGTH', 8);
define('ORE_MIN_USERNAME_LENGTH', 4); define('ORE_MIN_USERNAME_LENGTH', 4);
define('ORE_MIN_DISPLAY_NAME_LENGTH', 6); define('ORE_MIN_DISPLAY_NAME_LENGTH', 6);
define('ORE_DEFAULT_FROM_EMAIL', 'webmaster@oerfoundation.org');
// include the dependencies // include the dependencies
require ORE_PATH . 'includes/ore_app.php'; require ORE_PATH . 'includes/ore_app.php';
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment