[wp-trac] [WordPress Trac] #44376: Make $email_data array filterable in `wp_send_user_request()`

Fri Jun 15 22:33:24 UTC 2018

#44376: Make $email_data array filterable in `wp_send_user_request()`
-------------------------+------------------------
 Reporter:  rwebster85   |       Owner:  (none)
     Type:  enhancement  |      Status:  closed
 Priority:  normal       |   Milestone:
Component:  Privacy      |     Version:  4.9.6
 Severity:  normal       |  Resolution:  duplicate
 Keywords:               |     Focuses:  privacy
-------------------------+------------------------
Changes (by garrett-eclipse):

 * status:  reopened => closed
 * resolution:   => duplicate

Comment:

 Duplicate of #44235.

 Hi @rwebster85

 Sorry the two were so similar I overlooked they were for different emails,
 but the same applies here irregardless as the $content gets filtered
 before the placeholders are replaced and as such you can use them to
 supply your own content instead.

 So for your specific case the filter is
 `user_request_action_email_content` and can be used as follows to update
 the confirm_url;
 {{{
 add_filter( 'user_request_action_email_content', function( $content, $data
 ) {
     return str_replace( '###CONFIRM_URL###', 'https://new.confirm.url',
 $content );
 }, 10, 2 );
 }}}

 While writing the example I did note two shortcomings of the current
 filter which I've addressed in new tickets;
 #44379 - The filters should supply $request_id or $request so that
 information is available in the filter for recreating the confirm_url and
 others.
 #44381 - The logic for confirmaction
 (https://github.com/WordPress/WordPress/blob/3ee58b55b14683af4c568bce1845c37408c88fbb
 /wp-login.php#L862) is only available via wp-login.php so even though you
 can replace the confirm_url with a front-end URL you'd break the action as
 the confirmaction code wouldn't be available to execute.

 The tools were built as admin tools so their reliance on back-end pages
 isn't surprising. That being said there is a plugin
 (https://wordpress.org/plugins/gdpr-data-request-form/) which exposes the
 forms on the front-end but it just pushes requests into the normal queue
 where they go through the same confirm process that requires wp-login.php.

 So aside from waiting for #44381 to be addressed in GDPR V2 (Roadmap -
 https://make.wordpress.org/core/roadmaps/privacy/) you can create a
 plugin, template or custom code on a front-end page that accepts your own
 confirmaction that handles the request and executes the
 `user_request_action_confirmed` action for you.
 https://github.com/WordPress/WordPress/blob/3ee58b55b14683af4c568bce1845c37408c88fbb
 /wp-login.php#L862

 I'm going to re-close this issue in favour of the other two I spawned as
 currently you can update the URL but it won't work without additional work
 which is covered by those other tickets.

 Hope that makes sense

 Cheers

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/44376#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform