GreenShift Tips and Tutorials
add_action('admin_post_edit_user_profile', function() {
    // Verify user is logged in
    if (!is_user_logged_in()) {
        wp_die('Unauthorized access');
    }
    
    // Verify nonce
    if (!isset($_POST['profile_edit_nonce']) || !wp_verify_nonce($_POST['profile_edit_nonce'], 'edit_profile_action')) {
        wp_die('Security verification failed');
    }
    
    $current_user_id = get_current_user_id();
    $current_user = get_userdata($current_user_id);
    
    // Sanitize inputs
    $new_display_name = isset($_POST['edit-profile-data-name']) ? sanitize_text_field($_POST['edit-profile-data-name']) : '';
    $new_email = isset($_POST['edit-profile-data-email']) ? sanitize_email($_POST['edit-profile-data-email']) : '';
    $new_phone = isset($_POST['edit-profile-data-phone']) ? sanitize_text_field($_POST['edit-profile-data-phone']) : '';
    
    // Update display name if changed
    if ($new_display_name && $new_display_name !== $current_user->display_name) {
        wp_update_user(array(
            'ID' => $current_user_id,
            'display_name' => $new_display_name
        ));
    }
    
    // Update phone number
    if ($new_phone) {
        update_user_meta($current_user_id, 'phone_no', $new_phone);
    }
    
    // Handle email change - initiate confirmation if changed
    if ($new_email && $new_email !== $current_user->user_email) {
        // Validate email format
        if (!is_email($new_email)) {
            wp_die('Invalid email address');
        }
        
        // Check if email already exists for another user
        if (email_exists($new_email) && email_exists($new_email) !== $current_user_id) {
            wp_die('Email address already in use');
        }
        
        // Generate hash for confirmation
        $hash = md5($new_email . time() . wp_rand());
        
        // Store pending email change
        update_user_meta($current_user_id, '_new_email', array(
            'hash' => $hash,
            'newemail' => $new_email
        ));
        
        // Send confirmation email
        $sitename = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
        $confirmation_url = add_query_arg('newuseremail', $hash, home_url('/visitors/'));
        
        $email_text = sprintf(
            __('Hello %s,

You recently requested to change the email address on your account. If you made this request, please click the following link to confirm:

%s

You can safely ignore this email if you do not want to make this change.

Regards,
%s
%s', 'textdomain'),
            $current_user->user_login,
            $confirmation_url,
            $sitename,
            home_url()
        );
        
        wp_mail(
            $new_email,
            sprintf(__('[%s] Email Change Request', 'textdomain'), $sitename),
            $email_text
        );
    }
    
    // Redirect back to profile page
    wp_redirect(home_url('/visitors/'), 303);
    exit;
});
PHP
This code snippet is used in the following tutorial(s):
Back to Code Bits Index

This website uses cookies to enhance your browsing experience and ensure the site functions properly. By continuing to use this site, you acknowledge and accept our use of cookies.

Accept All Accept Required Only