云策 WordPress 开发者社区

函数文档

_wp_personal_data_handle_actions()

查看官方原文 ↗
💡 云策文档标注

概述

_wp_personal_data_handle_actions() 是 WordPress 中处理个人数据请求列表表动作的核心函数,主要用于处理隐私请求的重新发送和新增请求操作。

关键要点

  • 函数处理两种主要动作:基于 $_POST['privacy_action_email_retry'] 重新发送确认邮件,或基于 $_POST['action'] 添加新的导出或删除个人数据请求。
  • 使用 check_admin_referer() 进行安全验证,确保请求来自管理员页面并带有正确的 nonce。
  • 通过 wp_create_user_request() 创建用户请求,并根据状态(pending 或 confirmed)调用 wp_send_user_request() 发送确认邮件。
  • 错误处理使用 add_settings_error() 向用户显示错误或成功消息,支持国际化(__())。
  • 依赖多个辅助函数如 _wp_privacy_resend_request()、_wp_privacy_action_request_types() 和 is_email() 等。

代码示例

if ( isset( $_POST['privacy_action_email_retry'] ) ) {
    check_admin_referer( 'bulk-privacy_requests' );
    $request_id = absint( current( array_keys( (array) wp_unslash( $_POST['privacy_action_email_retry'] ) ) ) );
    $result = _wp_privacy_resend_request( $request_id );
    // 错误处理...
} elseif ( isset( $_POST['action'] ) ) {
    $action = ! empty( $_POST['action'] ) ? sanitize_key( wp_unslash( $_POST['action'] ) ) : '';
    switch ( $action ) {
        case 'add_export_personal_data_request':
        case 'add_remove_personal_data_request':
            check_admin_referer( 'personal-data-request' );
            // 处理新增请求逻辑...
            break;
    }
}

注意事项

  • 函数自 WordPress 4.9.6 版本引入,是隐私工具的一部分,需在管理员上下文中使用。
  • 处理用户输入时使用 sanitize_text_field()、sanitize_key() 和 absint() 进行清理,防止安全漏洞。
  • 错误消息通过 add_settings_error() 注册,确保在设置页面正确显示给用户。
📄 原文内容

Handle list table actions.

Source

function _wp_personal_data_handle_actions() {
	if ( isset( $_POST['privacy_action_email_retry'] ) ) {
		check_admin_referer( 'bulk-privacy_requests' );

		$request_id = absint( current( array_keys( (array) wp_unslash( $_POST['privacy_action_email_retry'] ) ) ) );
		$result     = _wp_privacy_resend_request( $request_id );

		if ( is_wp_error( $result ) ) {
			add_settings_error(
				'privacy_action_email_retry',
				'privacy_action_email_retry',
				$result->get_error_message(),
				'error'
			);
		} else {
			add_settings_error(
				'privacy_action_email_retry',
				'privacy_action_email_retry',
				__( 'Confirmation request sent again successfully.' ),
				'success'
			);
		}
	} elseif ( isset( $_POST['action'] ) ) {
		$action = ! empty( $_POST['action'] ) ? sanitize_key( wp_unslash( $_POST['action'] ) ) : '';

		switch ( $action ) {
			case 'add_export_personal_data_request':
			case 'add_remove_personal_data_request':
				check_admin_referer( 'personal-data-request' );

				if ( ! isset( $_POST['type_of_action'], $_POST['username_or_email_for_privacy_request'] ) ) {
					add_settings_error(
						'action_type',
						'action_type',
						__( 'Invalid personal data action.' ),
						'error'
					);
				}
				$action_type               = sanitize_text_field( wp_unslash( $_POST['type_of_action'] ) );
				$username_or_email_address = sanitize_text_field( wp_unslash( $_POST['username_or_email_for_privacy_request'] ) );
				$email_address             = '';
				$status                    = 'pending';

				if ( ! isset( $_POST['send_confirmation_email'] ) ) {
					$status = 'confirmed';
				}

				if ( ! in_array( $action_type, _wp_privacy_action_request_types(), true ) ) {
					add_settings_error(
						'action_type',
						'action_type',
						__( 'Invalid personal data action.' ),
						'error'
					);
				}

				if ( ! is_email( $username_or_email_address ) ) {
					$user = get_user_by( 'login', $username_or_email_address );
					if ( ! $user instanceof WP_User ) {
						add_settings_error(
							'username_or_email_for_privacy_request',
							'username_or_email_for_privacy_request',
							__( 'Unable to add this request. A valid email address or username must be supplied.' ),
							'error'
						);
					} else {
						$email_address = $user->user_email;
					}
				} else {
					$email_address = $username_or_email_address;
				}

				if ( empty( $email_address ) ) {
					break;
				}

				$request_id = wp_create_user_request( $email_address, $action_type, array(), $status );
				$message    = '';

				if ( is_wp_error( $request_id ) ) {
					$message = $request_id->get_error_message();
				} elseif ( ! $request_id ) {
					$message = __( 'Unable to initiate confirmation request.' );
				}

				if ( $message ) {
					add_settings_error(
						'username_or_email_for_privacy_request',
						'username_or_email_for_privacy_request',
						$message,
						'error'
					);
					break;
				}

				if ( 'pending' === $status ) {
					wp_send_user_request( $request_id );

					$message = __( 'Confirmation request initiated successfully.' );
				} elseif ( 'confirmed' === $status ) {
					$message = __( 'Request added successfully.' );
				}

				if ( $message ) {
					add_settings_error(
						'username_or_email_for_privacy_request',
						'username_or_email_for_privacy_request',
						$message,
						'success'
					);
					break;
				}
		}
	}
}

View all references View on Trac View on GitHub

Uses Description
wp_create_user_request()wp-includes/user.php

Creates and logs a user request to perform a specific action.
wp_send_user_request()wp-includes/user.php

Send a confirmation request email to confirm an action.
_wp_privacy_action_request_types()wp-includes/user.php

Gets all personal data request types.
_wp_privacy_resend_request()wp-admin/includes/privacy-tools.php

Resend an existing request and return the result.
add_settings_error()wp-admin/includes/template.php

Registers a settings error to be displayed to the user.
is_email()wp-includes/formatting.php

Verifies that an email is valid.
check_admin_referer()wp-includes/pluggable.php

Ensures intent by verifying that a user was referred from another admin page with the correct security nonce.
get_user_by()wp-includes/pluggable.php

Retrieves user info by a given field.
__()wp-includes/l10n.php

Retrieves the translation of $text.
wp_unslash()wp-includes/formatting.php

Removes slashes from a string or recursively removes slashes from strings within an array.
sanitize_text_field()wp-includes/formatting.php

Sanitizes a string from user input or from the database.
sanitize_key()wp-includes/formatting.php

Sanitizes a string key.
absint()wp-includes/load.php

Converts a value to non-negative integer.
is_wp_error()wp-includes/load.php

Checks whether the given variable is a WordPress Error.

Show 9 moreShow less

Changelog

Version Description
4.9.6 Introduced.