[wp-trac] [WordPress Trac] #35411: Emails confirming password change have incorrect formatting if the blogname contains a special character
WordPress Trac
noreply at wordpress.org
Mon Jan 11 23:02:25 UTC 2016
#35411: Emails confirming password change have incorrect formatting if the blogname
contains a special character
----------------------------+-----------------------------
Reporter: michaelshulman | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Users | Version: 4.4.1
Severity: normal | Keywords:
Focuses: |
----------------------------+-----------------------------
My blog name is "Well Produced Food & Wine". The ampersand (&) must be
properly escaped in HTML, so it becomes &
When I get a password confirmed email, the blog name includes the entity
& which is unnecessary in email.
{{{
Hi Michael,
This notice confirms that your password was changed on Well Produced Food
& Wine.
}}}
In wp-includes/user.php, line 1668, the blogname is fetched and decoded,
in this line:
$blog_name = wp_specialchars_decode( get_option( 'blogname'
) );
The fix is to use that newly decoded $blog_name in line 1720.
$pass_change_email['message'] = str_replace(
'###SITENAME###', $blog_name, $pass_change_email['message'] );
instead of
$pass_change_email['message'] = str_replace(
'###SITENAME###', get_option( ' blogname' ), $pass_change_email['message']
);
I have tested this change locally.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/35411>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list