function get_profile_user_role()
{
global $wp_roles, $user_id;
$user_id = (int) $user_id;
$current_user = wp_get_current_user();
$profileuser = get_user_to_edit($user_id);
if ($user_id != $current_user->ID) {
$roles = $profileuser->roles;
$role = array_shift($roles);
return $role;
}
return;
}
$disabled_field = ' disabled="disabled"';
$pass_title = __('New Pass:'******'wphone');
if ($this->current_basename == 'profile.php' || !current_user_can('edit_users')) {
// @note PROFILE FORM
global $userdata;
$subcontext = 'profile';
$edit_user = get_user_to_edit($user_ID);
$form_title = __('Your Profile');
$nonceid = 'update-profile_' . $edit_user->ID;
$formaction = 'profile-update.php';
} else {
// // @note USER EDIT FORM
$this->check_user_permissions('edit_users');
$subcontext = 'edit';
$edit_id = (int) $_GET['user_id'];
$edit_user = $edit_id ? get_user_to_edit($edit_id) : null;
$form_title = __('Edit User');
$nonceid = 'update-user_' . $edit_user->ID;
$formaction = 'user-edit.php';
}
} else {
// @note ADD FORM, LIKE WP AFTER USER LIST
$this->check_user_permissions('edit_users');
$this->context = 'list';
$subcontext = 'add';
$form_title = __('Add New User');
$pass_title = __('Password:'******'wphone');
$nonceid = 'add-user';
$formaction = 'users.php';
if (is_wp_error($add_user_errors)) {
$selected_form = ' selected="true"';
// Update the user.
$errors = edit_user($user_id);
// Grant or revoke super admin status if requested.
if (is_multisite() && is_network_admin() && !IS_PROFILE_PAGE && current_user_can('manage_network_options') && !isset($super_admins) && empty($_POST['super_admin']) == is_super_admin($user_id)) {
empty($_POST['super_admin']) ? revoke_super_admin($user_id) : grant_super_admin($user_id);
}
if (!is_wp_error($errors)) {
$redirect = add_query_arg('updated', true, get_edit_user_link($user_id));
if ($wp_http_referer) {
$redirect = add_query_arg('wp_http_referer', urlencode($wp_http_referer), $redirect);
}
wp_redirect($redirect);
exit;
}
default:
$profileuser = get_user_to_edit($user_id);
if (!current_user_can('edit_user', $user_id)) {
wp_die(__('You do not have permission to edit this user.'));
}
$sessions = WP_Session_Tokens::get_instance($profileuser->ID);
include ABSPATH . 'wp-admin/admin-header.php';
?>
<?php
if (!IS_PROFILE_PAGE && is_super_admin($profileuser->ID) && current_user_can('manage_network_options')) {
?>
<div class="updated"><p><strong><?php
_e('Important:');
?>
</strong> <?php
_e('This user has super admin privileges.');
function ure_removeCapability()
{
global $wpdb, $wp_roles;
$mess = '';
if (isset($_GET['removeusercapability']) && $_GET['removeusercapability']) {
$capability = $_GET['removeusercapability'];
$capsToRemove = ure_getCapsToRemove();
if (!is_array($capsToRemove) || count($capsToRemove) == 0 || !isset($capsToRemove[$capability])) {
return sprintf(__('Error! You do not have permission to delete this capability: %s!', 'ure'), $capability);
}
// process users
$usersId = $wpdb->get_col($wpdb->prepare("SELECT {$wpdb->users}.ID FROM {$wpdb->users}"));
foreach ($usersId as $user_id) {
$user = get_user_to_edit($user_id);
if (isset($user->roles[0]) && $user->roles[0] == 'administrator') {
continue;
}
if ($user->has_cap($capability)) {
$user->remove_cap($capability);
}
}
// process roles
foreach ($wp_roles->role_objects as $wp_role) {
if ($wp_role->has_cap($capability)) {
$wp_role->remove_cap($capability);
}
}
$mess = sprintf(__('Capability %s is removed successfully', 'ure'), $capability);
}
return $mess;
}
function cimy_delete_user_info($user_id)
{
global $wpdb, $wpdb_data_table, $cuef_upload_path;
if (!current_user_can('edit_user', $user_id)) {
return;
}
$sql = "DELETE FROM " . $wpdb_data_table . " WHERE USER_ID=" . $user_id;
$wpdb->query($sql);
$profileuser = get_user_to_edit($user_id);
$user_login = $profileuser->user_login;
$file_path = $cuef_upload_path . $user_login . "/";
// delete all uploaded files for that users
cimy_rfr($file_path, "*");
// delete also the subdir
if (is_dir($file_path)) {
rmdir($file_path);
}
}
function show_account_page($content = null)
{
global $bp, $profileuser, $user, $user_id;
if (!is_user_logged_in()) {
return apply_filters('membership_account_form_not_logged_in', $content);
}
require_once ABSPATH . 'wp-admin/includes/user.php';
$user = wp_get_current_user();
$user_id = $user->ID;
$profileuser = get_user_to_edit($user_id);
$content = '';
$content = apply_filters('membership_account_form_before_content', $content);
ob_start();
if (defined('MEMBERSHIP_ACCOUNT_FORM') && file_exists(MEMBERSHIP_ACCOUNT_FORM)) {
include_once MEMBERSHIP_ACCOUNT_FORM;
} elseif (!empty($bp) && file_exists(apply_filters('membership_override_bpaccount_form', membership_dir('membershipincludes/includes/bp.account.form.php'), $user_id))) {
include_once apply_filters('membership_override_bpaccount_form', membership_dir('membershipincludes/includes/bp.account.form.php'), $user_id);
} elseif (file_exists(apply_filters('membership_override_account_form', membership_dir('membershipincludes/includes/account.form.php'), $user_id))) {
include_once apply_filters('membership_override_account_form', membership_dir('membershipincludes/includes/account.form.php'), $user_id);
}
$content .= ob_get_contents();
ob_end_clean();
$content = apply_filters('membership_account_form_after_content', $content, $user_id);
return $content;
}
public static function multiple_roles_field($user)
{
global $pagenow, $user_id;
if (in_array($pagenow, array('user-edit.php', 'user-new.php'))) {
$editable_roles = get_editable_roles();
if ($user_id) {
$user = get_user_to_edit($user_id);
$user_roles = array_intersect(array_values($user->roles), array_keys($editable_roles));
} else {
$user_roles = null;
}
$roles = array();
foreach ($editable_roles as $role => $details) {
$roles[$role] = translate_user_role($details['name']);
}
piklist::render('shared/field-user-role', array('user_roles' => $user_roles, 'roles' => $roles), false);
}
}
function cimy_update_ExtraFields_new_me()
{
global $wpdb, $wpdb_data_table, $user_ID, $max_length_value, $fields_name_prefix, $cimy_uef_file_types, $user_level, $cimy_uef_domain;
include_once ABSPATH . '/wp-admin/includes/user.php';
// if updating meta-data from registration post then exit
if (isset($_POST['cimy_post'])) {
return;
}
if (isset($_POST['user_id'])) {
$get_user_id = $_POST['user_id'];
if (!current_user_can('edit_user', $get_user_id)) {
return;
}
} else {
return;
}
//echo "asd";
if (!function_exists('get_cimyFields')) {
return;
}
$get_user_id = intval($get_user_id);
$profileuser = get_user_to_edit($get_user_id);
$user_login = $profileuser->user_login;
$user_displayname = $profileuser->display_name;
$extra_fields = get_cimyFields(false, true);
$query = "UPDATE " . $wpdb_data_table . " SET VALUE=CASE FIELD_ID";
$i = 0;
$field_ids = "";
$mail_changes = "";
foreach ($extra_fields as $thisField) {
$field_id = $thisField["ID"];
$name = $thisField["NAME"];
$type = $thisField["TYPE"];
$label = $thisField["LABEL"];
$rules = $thisField["RULES"];
$unique_id = $fields_name_prefix . $field_id;
$input_name = $fields_name_prefix . esc_attr($name);
$field_id_data = $input_name . "_" . $field_id . "_data";
$advanced_options = cimy_uef_parse_advanced_options($rules["advanced_options"]);
cimy_insert_ExtraFields_if_not_exist($get_user_id, $field_id);
// if the current user LOGGED IN has not enough permissions to see the field, skip it
// apply only for EXTRA FIELDS
if ($rules['show_level'] == 'view_cimy_extra_fields') {
if (!current_user_can($rules['show_level'])) {
continue;
}
} else {
if ($user_level < $rules['show_level']) {
continue;
}
}
// if show_level == anonymous then do NOT ovverride other show_xyz rules
if ($rules['show_level'] == -1) {
// if flag to show the field in the profile is NOT activated, skip it
if (!$rules['show_in_profile']) {
continue;
}
}
$prev_value = $wpdb->escape(stripslashes($_POST[$input_name . "_" . $field_id . "_prev_value"]));
if (cimy_uef_is_field_disabled($type, $rules['edit'], $prev_value)) {
continue;
}
if (isset($_POST[$input_name]) && !in_array($type, $cimy_uef_file_types)) {
if ($type == "dropdown-multi") {
$field_value = stripslashes(implode(",", $_POST[$input_name]));
} else {
$field_value = stripslashes($_POST[$input_name]);
}
if ($type == "picture-url") {
$field_value = str_replace('../', '', $field_value);
}
if (isset($rules['max_length'])) {
$field_value = substr($field_value, 0, $rules['max_length']);
} else {
$field_value = substr($field_value, 0, $max_length_value);
}
$field_value = $wpdb->escape($field_value);
if ($i > 0) {
$field_ids .= ", ";
} else {
$i = 1;
}
$field_ids .= $field_id;
$query .= " WHEN " . $field_id . " THEN ";
switch ($type) {
case 'dropdown':
case 'dropdown-multi':
$ret = cimy_dropDownOptions($label, $field_value);
$label = $ret['label'];
case 'picture-url':
case 'textarea':
case 'textarea-rich':
case 'password':
case 'text':
$value = "'" . $field_value . "'";
$prev_value = "'" . $prev_value . "'";
break;
case 'checkbox':
$value = $field_value == '1' ? "'YES'" : "'NO'";
$prev_value = $prev_value == "YES" ? "'YES'" : "'NO'";
break;
case 'radio':
$value = $field_value == $field_id ? "'selected'" : "''";
$prev_value = "'" . $prev_value . "'";
break;
}
$query .= $value;
} else {
$rules = $thisField['RULES'];
if (in_array($type, $cimy_uef_file_types)) {
if ($type == "avatar") {
// since avatars are drawn max to 512px then we can save bandwith resizing, do it!
$rules['equal_to'] = 512;
}
if (isset($_POST[$input_name . '_del'])) {
$delete_file = true;
} else {
$delete_file = false;
}
if (isset($_POST[$input_name . "_" . $field_id . "_prev_value"])) {
$old_file = stripslashes($_POST[$input_name . "_" . $field_id . "_prev_value"]);
} else {
$old_file = false;
}
$field_value = cimy_manage_upload($input_name, $user_login, $rules, $old_file, $delete_file, $type, !empty($advanced_options["filename"]) ? $advanced_options["filename"] : "");
if (!empty($field_value) || $delete_file) {
if ($i > 0) {
$field_ids .= ", ";
} else {
$i = 1;
}
$field_ids .= $field_id;
$value = "'" . $field_value . "'";
$prev_value = "'" . $prev_value . "'";
$query .= " WHEN " . $field_id . " THEN ";
$query .= $value;
} else {
$prev_value = $value;
$file_on_server = cimy_uef_get_dir_or_filename($user_login, $old_file, false);
if ($type == "picture" || $type == "avatar") {
cimy_uef_crop_image($file_on_server, $field_id_data);
}
}
}
if ($type == 'checkbox') {
// if can be editable then write NO
// there is no way to understand if was YES or NO previously
// without adding other hidden inputs so write always
if ($i > 0) {
$field_ids .= ", ";
} else {
$i = 1;
}
$field_ids .= $field_id;
$field_value = "NO";
$value = "'" . $field_value . "'";
$prev_value = $prev_value == "YES" ? "'YES'" : "'NO'";
$query .= " WHEN " . $field_id . " THEN ";
$query .= $value;
}
if ($type == 'dropdown-multi') {
// if can be editable then write ''
// there is no way to understand if was YES or NO previously
// without adding other hidden inputs so write always
if ($i > 0) {
$field_ids .= ", ";
} else {
$i = 1;
}
$field_ids .= $field_id;
$field_value = '';
$value = "'" . $field_value . "'";
$prev_value = "'" . $prev_value . "'";
$ret = cimy_dropDownOptions($label, $field_value);
$label = $ret['label'];
$query .= " WHEN " . $field_id . " THEN ";
$query .= $value;
}
}
if ($rules["email_admin"] && $value != $prev_value && $type != "registration-date") {
$mail_changes .= sprintf(__("%s previous value: %s new value: %s", $cimy_uef_domain), $label, stripslashes($prev_value), stripslashes($value));
$mail_changes .= "\r\n";
}
}
if ($i > 0) {
$query .= " ELSE FIELD_ID END WHERE FIELD_ID IN(" . $field_ids . ") AND USER_ID = " . $get_user_id;
// $query WILL BE: UPDATE <table> SET VALUE=CASE FIELD_ID WHEN <field_id1> THEN <value1> [WHEN ... THEN ...] ELSE FIELD_ID END WHERE FIELD_ID IN(<field_id1>, [<field_id2>...]) AND USER_ID=<user_id>
$wpdb->query($query);
}
// mail only if set and if there is something to mail
if (!empty($mail_changes)) {
$admin_email = get_option('admin_email');
$mail_subject = sprintf(__("%s (%s) has changed one or more fields", $cimy_uef_domain), $user_displayname, $user_login);
wp_mail($admin_email, $mail_subject, $mail_changes);
}
}
protected function check_user_to_edit()
{
if ($this->ure_object == 'user') {
if (!isset($_REQUEST['user_id'])) {
return false;
// user_id value is missed
}
$user_id = $_REQUEST['user_id'];
if (!is_numeric($user_id)) {
return false;
}
if (!$user_id) {
return false;
}
$this->user_to_edit = get_user_to_edit($user_id);
if (empty($this->user_to_edit)) {
return false;
}
}
return true;
}
/**
* Display the user's profile.
*
* @access public
* @since BuddyPress (2.0.0)
*/
public function user_admin()
{
if (!current_user_can('bp_moderate')) {
die('-1');
}
$user = get_user_to_edit($_GET['user_id']);
// Construct URL for form
$form_url = remove_query_arg(array('action', 'error', 'updated', 'spam', 'ham'), $_SERVER['REQUEST_URI']);
$form_url = esc_url(add_query_arg('action', 'update', $form_url));
$wp_http_referer = remove_query_arg(array('action', 'updated'), $_REQUEST['wp_http_referer']);
// Prepare notice for admin
$notice = array();
if (!empty($_REQUEST['updated'])) {
switch ($_REQUEST['updated']) {
case 'avatar':
$notice = array('class' => 'updated', 'message' => __('Avatar was deleted successfully!', 'buddypress'));
break;
case 'ham':
$notice = array('class' => 'updated', 'message' => __('User removed as spammer.', 'buddypress'));
break;
case 'spam':
$notice = array('class' => 'updated', 'message' => __('User marked as spammer. Spam users are visible only to site admins.', 'buddypress'));
break;
case 1:
$notice = array('class' => 'updated', 'message' => __('Profile updated.', 'buddypress'));
break;
}
}
if (!empty($_REQUEST['error'])) {
switch ($_REQUEST['error']) {
case 'avatar':
$notice = array('class' => 'error', 'message' => __('There was a problem deleting that avatar, please try again.', 'buddypress'));
break;
case 'ham':
$notice = array('class' => 'error', 'message' => __('User could not be removed as spammer.', 'buddypress'));
break;
case 'spam':
$notice = array('class' => 'error', 'message' => __('User could not be marked as spammer.', 'buddypress'));
break;
case 1:
$notice = array('class' => 'error', 'message' => __('An error occured while trying to update the profile.', 'buddypress'));
break;
case 2:
$notice = array('class' => 'error', 'message' => __('Please make sure you fill in all required fields in this profile field group before saving.', 'buddypress'));
break;
case 3:
$notice = array('class' => 'error', 'message' => __('There was a problem updating some of your profile information, please try again.', 'buddypress'));
break;
}
}
if (!empty($notice)) {
if ('updated' === $notice['class']) {
?>
<div id="message" class="<?php
echo esc_attr($notice['class']);
?>
">
<?php
} else {
?>
<div class="<?php
echo esc_attr($notice['class']);
?>
">
<?php
}
?>
<p><?php
echo esc_html($notice['message']);
?>
</p>
<?php
if (!empty($wp_http_referer) && 'updated' === $notice['class']) {
?>
<p><a href="<?php
echo esc_url($wp_http_referer);
?>
"><?php
esc_html_e('← Back to Users', 'buddypress');
?>
</a></p>
<?php
}
?>
</div>
<?php
}
?>
<div class="wrap" id="community-profile-page">
<?php
screen_icon('users');
?>
<h2>
<?php
_e('Edit User', 'buddypress');
if (current_user_can('create_users')) {
?>
<a href="user-new.php" class="add-new-h2"><?php
echo esc_html_x('Add New', 'user', 'buddypress');
?>
</a>
<?php
} elseif (is_multisite() && current_user_can('promote_users')) {
?>
<a href="user-new.php" class="add-new-h2"><?php
echo esc_html_x('Add Existing', 'user', 'buddypress');
?>
</a>
<?php
}
?>
</h2>
<?php
if (!empty($user)) {
$this->profile_nav($user, 'BuddyPress');
?>
<form action="<?php
echo esc_attr($form_url);
?>
" id="your-profile" method="post">
<div id="poststuff">
<div id="post-body" class="metabox-holder columns-<?php
echo 1 == get_current_screen()->get_columns() ? '1' : '2';
?>
">
<div id="post-body-content">
</div><!-- #post-body-content -->
<div id="postbox-container-1" class="postbox-container">
<?php
do_meta_boxes(get_current_screen()->id, 'side', $user);
?>
</div>
<div id="postbox-container-2" class="postbox-container">
<?php
do_meta_boxes(get_current_screen()->id, 'normal', $user);
?>
<?php
do_meta_boxes(get_current_screen()->id, 'advanced', $user);
?>
</div>
</div><!-- #post-body -->
</div><!-- #poststuff -->
<?php
wp_nonce_field('closedpostboxes', 'closedpostboxesnonce', false);
?>
<?php
wp_nonce_field('meta-box-order', 'meta-box-order-nonce', false);
?>
<?php
wp_nonce_field('edit-bp-profile_' . $user->ID);
?>
</form>
<?php
} else {
?>
<p><?php
printf(__('No user found with this ID. <a href="%s">Go back and try again</a>.', 'buddypress'), esc_url(bp_get_admin_url('users.php')));
?>
</p>
<?php
}
?>
</div><!-- .wrap -->
<?php
}
function web_invoice_draw_user_selection_form($user_id)
{
global $wpdb, $blog_id;
$_SESSION['last_new_invoice'] = true;
?>
<div class="postbox" id="wp_new_web_invoice_div">
<div class="inside">
<form action="admin.php?page=new_web_invoice" method='POST'>
<table class="form-table" id="get_user_info">
<tr class="">
<th><?php
if (isset($user_id)) {
_e("Start New Invoice For: ", WEB_INVOICE_TRANS_DOMAIN);
} else {
_e("Create New Invoice For: ", WEB_INVOICE_TRANS_DOMAIN);
}
?>
</th>
<td><select name='user_id' class='user_selection'>
<option></option>
<?php
if (is_dir(WP_CONTENT_DIR . '/mu-plugins') || MULTISITE) {
$prefix = $wpdb->base_prefix;
if ($prefix == "") {
$prefix = $wpdb->prefix;
}
$get_all_users = $wpdb->get_results("SELECT * FROM {$prefix}users LEFT JOIN {$prefix}usermeta on {$prefix}users.id={$prefix}usermeta.user_id WHERE ({$prefix}usermeta.meta_key='primary_blog' and {$prefix}usermeta.meta_value = {$blog_id}) OR ({$prefix}usermeta.meta_key='{$wpdb->prefix}capabilities') ORDER BY {$prefix}users.user_nicename");
} else {
$prefix = $wpdb->prefix;
$get_all_users = $wpdb->get_results("SELECT ID FROM {$prefix}users ORDER BY {$prefix}users.user_nicename");
}
$_used_ids = array();
foreach ($get_all_users as $user) {
if (isset($_used_ids[$user->ID])) {
continue;
}
$profileuser = get_user_to_edit($user->ID);
echo "<option ";
if (isset($user_id) && $user_id == $user->ID) {
echo " SELECTED ";
}
if (!empty($profileuser->last_name) && !empty($profileuser->first_name)) {
echo " value=\"" . $user->ID . "\">" . $profileuser->last_name . ", " . $profileuser->first_name . " (" . $profileuser->user_email . ")</option>\n";
} else {
echo " value=\"" . $user->ID . "\">" . $profileuser->user_login . " (" . $profileuser->user_email . ")</option>\n";
}
$_used_ids[$user->ID] = true;
}
?>
</select> <input type='submit' class='button'
id="web_invoice_create_new_web_invoice"
value='<?php
_e("Create New Invoice", WEB_INVOICE_TRANS_DOMAIN);
?>
' />
<?php
if (web_invoice_number_of_invoices() > 0) {
?>
<span
id="web_invoice_copy_invoice" class="web_invoice_click_me"><?php
_e("copy from another", WEB_INVOICE_TRANS_DOMAIN);
?>
</span>
<br />
<div class="web_invoice_copy_invoice"><?php
$all_invoices = $wpdb->get_results("SELECT * FROM " . Web_Invoice::tablename('main'));
?>
<select name="copy_from_template">
<option SELECTED value=""></option>
<?php
foreach ($all_invoices as $invoice) {
$profileuser = get_user_to_edit($invoice->user_id);
?>
<option value="<?php
echo $invoice->invoice_num;
?>
"><?php
if (web_invoice_recurring($invoice->invoice_num)) {
_e("(recurring)", WEB_INVOICE_TRANS_DOMAIN);
}
?>
<?php
echo $invoice->subject . " - \$" . $invoice->amount;
?>
</option>
<?php
}
?>
</select><input type='submit' class='button'
value='<?php
_e("New Invoice from Template", WEB_INVOICE_TRANS_DOMAIN);
?>
' />
<span id="web_invoice_copy_invoice_cancel"
class="web_invoice_click_me"><?php
_e("cancel", WEB_INVOICE_TRANS_DOMAIN);
?>
</span>
</div>
<?php
}
if (!isset($user_id)) {
_e("User must have a profile to receive invoices.", WEB_INVOICE_TRANS_DOMAIN);
if (current_user_can('create_users')) {
if ($GLOBALS['wp_version'] < '2.7') {
echo "<a href=\"users.php\">" . __("Create a new user account.", WEB_INVOICE_TRANS_DOMAIN) . "</a>";
} else {
echo "<a href=\"user-new.php\">" . __("Create a new user account.", WEB_INVOICE_TRANS_DOMAIN) . "</a>";
}
}
}
?>
</td>
</tr>
</table>
</form>
</div>
</div>
<?php
}
/**
* Shows the user profile form
*
* @global type $userdata
* @param type $user_id
*/
function wpuf_user_edit_profile_form($user_id = null)
{
global $userdata, $wp_http_referer;
get_currentuserinfo();
if (!function_exists('get_user_to_edit')) {
require_once ABSPATH . '/wp-admin/includes/user.php';
}
if (!function_exists('_wp_get_user_contactmethods')) {
require_once ABSPATH . '/wp-includes/registration.php';
}
if (!$user_id) {
$current_user = wp_get_current_user();
$user_id = $user_ID = $current_user->ID;
}
if (isset($_POST['submit'])) {
check_admin_referer('update-profile_' . $user_id);
$errors = edit_user($user_id);
if (is_wp_error($errors)) {
$message = $errors->get_error_message();
$style = 'error';
} else {
$message = __('<strong>Success</strong>: Profile updated', 'wpuf');
$style = 'success';
do_action('personal_options_update', $user_id);
}
}
$profileuser = get_user_to_edit($user_id);
if (isset($message)) {
echo '<div class="' . $style . '">' . $message . '</div>';
}
?>
<div class="wpuf-profile">
<form name="profile" id="your-profile" action="" method="post">
<?php
wp_nonce_field('update-profile_' . $user_id);
?>
<?php
if ($wp_http_referer) {
?>
<input type="hidden" name="wp_http_referer" value="<?php
echo esc_url($wp_http_referer);
?>
" />
<?php
}
?>
<input type="hidden" name="from" value="profile" />
<input type="hidden" name="checkuser_id" value="<?php
echo $user_id;
?>
" />
<table class="wpuf-table">
<?php
do_action('personal_options', $profileuser);
?>
</table>
<?php
do_action('profile_personal_options', $profileuser);
?>
<fieldset>
<legend><?php
_e('Name');
?>
</legend>
<table class="wpuf-table">
<tr>
<th><label for="user_login1"><?php
_e('Username');
?>
</label></th>
<td><input type="text" name="user_login" id="user_login1" value="<?php
echo esc_attr($profileuser->user_login);
?>
" disabled="disabled" class="regular-text" /><br /><em><span class="description"><?php
_e('Usernames cannot be changed.');
?>
</span></em></td>
</tr>
<tr>
<th><label for="first_name"><?php
_e('First Name');
?>
</label></th>
<td><input type="text" name="first_name" id="first_name" value="<?php
echo esc_attr($profileuser->first_name);
?>
" class="regular-text" /></td>
</tr>
<tr>
<th><label for="last_name"><?php
_e('Last Name');
?>
</label></th>
<td><input type="text" name="last_name" id="last_name" value="<?php
echo esc_attr($profileuser->last_name);
?>
" class="regular-text" /></td>
</tr>
<tr>
<th><label for="nickname"><?php
_e('Nickname');
?>
<span class="description"><?php
_e('(required)');
?>
</span></label></th>
<td><input type="text" name="nickname" id="nickname" value="<?php
echo esc_attr($profileuser->nickname);
?>
" class="regular-text" /></td>
</tr>
<tr>
<th><label for="display_name"><?php
_e('Display to Public as');
?>
</label></th>
<td>
<select name="display_name" id="display_name">
<?php
$public_display = array();
$public_display['display_username'] = $profileuser->user_login;
$public_display['display_nickname'] = $profileuser->nickname;
if (!empty($profileuser->first_name)) {
$public_display['display_firstname'] = $profileuser->first_name;
}
if (!empty($profileuser->last_name)) {
$public_display['display_lastname'] = $profileuser->last_name;
}
if (!empty($profileuser->first_name) && !empty($profileuser->last_name)) {
$public_display['display_firstlast'] = $profileuser->first_name . ' ' . $profileuser->last_name;
$public_display['display_lastfirst'] = $profileuser->last_name . ' ' . $profileuser->first_name;
}
if (!in_array($profileuser->display_name, $public_display)) {
// Only add this if it isn't duplicated elsewhere
$public_display = array('display_displayname' => $profileuser->display_name) + $public_display;
}
$public_display = array_map('trim', $public_display);
$public_display = array_unique($public_display);
foreach ($public_display as $id => $item) {
?>
<option id="<?php
echo $id;
?>
" value="<?php
echo esc_attr($item);
?>
"<?php
selected($profileuser->display_name, $item);
?>
><?php
echo $item;
?>
</option>
<?php
}
?>
</select>
</td>
</tr>
</table>
</fieldset>
<fieldset>
<legend><?php
_e('Contact Info');
?>
</legend>
<table class="wpuf-table">
<tr>
<th><label for="email"><?php
_e('E-mail');
?>
<span class="description"><?php
_e('(required)');
?>
</span></label></th>
<td><input type="text" name="email" id="email" value="<?php
echo esc_attr($profileuser->user_email);
?>
" class="regular-text" /> </td>
</tr>
<tr>
<th><label for="url"><?php
_e('Website');
?>
</label></th>
<td><input type="text" name="url" id="url" value="<?php
echo esc_attr($profileuser->user_url);
?>
" class="regular-text code" /></td>
</tr>
<?php
foreach (_wp_get_user_contactmethods() as $name => $desc) {
?>
<tr>
<th><label for="<?php
echo $name;
?>
"><?php
echo apply_filters('user_' . $name . '_label', $desc);
?>
</label></th>
<td><input type="text" name="<?php
echo $name;
?>
" id="<?php
echo $name;
?>
" value="<?php
echo esc_attr($profileuser->{$name});
?>
" class="regular-text" /></td>
</tr>
<?php
}
?>
</table>
</fieldset>
<fieldset>
<legend><?php
_e('About Yourself');
?>
</legend>
<table class="wpuf-table">
<tr>
<th><label for="description"><?php
_e('Biographical Info', 'wpuf');
?>
</label></th>
<td><textarea name="description" id="description" rows="5" cols="30"><?php
echo esc_html($profileuser->description);
?>
</textarea><br />
<span class="description"><?php
_e('Share a little biographical information to fill out your profile. This may be shown publicly.');
?>
</span></td>
</tr>
<tr id="password">
<th><label for="pass1"><?php
_e('New Password', 'wpuf');
?>
</label></th>
<td>
<input type="password" name="pass1" id="pass1" size="16" value="" autocomplete="off" /><br /><br />
</td>
</tr>
<tr>
<th><label><?php
_e('Confirm Password', 'wpuf');
?>
</label></th>
<td>
<input type="password" name="pass2" id="pass2" size="16" value="" autocomplete="off" /> <em><span class="description"><?php
_e("Type your new password again.");
?>
</span></em>
</td>
</tr>
<tr>
<th><label><?php
_e('Password Strength', 'wpuf');
?>
</label></th>
<td>
<div id="pass-strength-result"><?php
_e('Strength indicator');
?>
</div>
<script src="<?php
echo admin_url();
?>
/js/password-strength-meter.js"></script>
<script type="text/javascript">
var pwsL10n = {
empty: "Strength indicator",
short: "Very weak",
bad: "Weak",
good: "Medium",
strong: "Strong",
mismatch: "Mismatch"
};
try{convertEntities(pwsL10n);}catch(e){};
</script>
</td>
</tr>
</table>
</fieldset>
<?php
do_action('show_user_profile', $profileuser);
?>
<p class="submit">
<input type="hidden" name="action" value="update" />
<input type="hidden" name="user_id" id="user_id" value="<?php
echo esc_attr($user_id);
?>
" />
<input type="submit" class="wpuf-submit" value="<?php
_e('Update Profile', 'wpuf');
?>
" name="submit" />
</p>
</form>
</div>
<?php
}
public function registerAction()
{
if (count($_POST)) {
if ($_POST['agree_to_terms']) {
global $wp_version;
$partner = new Kaltura_Client_Type_Partner();
$partner->name = $_POST['company'] ? $_POST['company'] : $_POST['first_name'] . ' ' . $_POST['last_name'];
$partner->adminEmail = $_POST['email'];
$partner->firstName = $_POST['first_name'];
$partner->lastName = $_POST['last_name'];
$partner->website = $_POST['website'];
$partner->description = $_POST['description'] . "\nWordpress all-in-one plugin|" . $wp_version;
$partner->country = strlen($_POST['country']) == 2 ? $_POST['country'] : null;
$partner->state = strlen($_POST['state']) == 2 ? $_POST['state'] : null;
$partner->commercialUse = Kaltura_Client_Enum_CommercialUseType::NON_COMMERCIAL_USE;
$partner->phone = $_POST['phone'];
$partner->type = Kaltura_Client_Enum_PartnerType::WORDPRESS;
$partner->defConversionProfileType = 'wp_default';
$partner->additionalParams = array();
$keyValue = new Kaltura_Client_Type_KeyValue();
$keyValue->key = 'company';
$keyValue->value = $_POST['company'];
$partner->additionalParams[] = $keyValue;
$keyValue = new Kaltura_Client_Type_KeyValue();
$keyValue->key = 'title';
$keyValue->value = $_POST['job_title'];
$partner->additionalParams[] = $keyValue;
$keyValue = new Kaltura_Client_Type_KeyValue();
$keyValue->key = 'would_you_like_to_be_contacted';
$keyValue->value = $_POST['would_you_like'];
$partner->additionalParams[] = $keyValue;
$keyValue = new Kaltura_Client_Type_KeyValue();
$keyValue->key = 'vertical';
$keyValue->value = $_POST['describe_yourself'];
$partner->additionalParams[] = $keyValue;
$kmodel = KalturaModel::getInstance();
$error = null;
try {
$partner = $kmodel->registerPartner($partner);
} catch (\Exception $ex) {
$error = $ex;
}
if ($error) {
$params['error'] = $error->getMessage();
} else {
$partnerId = $partner->id;
$subPartnerId = $partnerId * 100;
$secret = $partner->secret;
$adminSecret = $partner->adminSecret;
$cmsUser = $partner->adminEmail;
// save partner details
update_option('kaltura_partner_id', $partnerId);
update_option('kaltura_subp_id', $subPartnerId);
update_option('kaltura_secret', $secret);
update_option('kaltura_admin_secret', $adminSecret);
update_option('kaltura_cms_user', $cmsUser);
$params['success'] = true;
}
} else {
$params['error'] = 'You must agree to the Kaltura Terms of Use';
}
$params['pingOk'] = true;
} else {
global $user_ID;
$profileuser = get_user_to_edit($user_ID);
// set defaults
$_POST['first_name'] = $profileuser->first_name;
$_POST['last_name'] = $profileuser->last_name;
$_POST['email'] = $profileuser->user_email;
$_POST['company'] = get_bloginfo('name');
$_POST['website'] = get_option('home');
$config = KalturaHelpers::getKalturaConfiguration();
$config->partnerId = 0;
// no need to pass partner id for ping
$config->subPartnerId = 0;
$kalturaClient = new Kaltura_Client_Client($config);
$kmodel = KalturaModel::getInstance();
$params['pingOk'] = $kmodel->pingTest($kalturaClient);
}
$params['countries'] = KalturaHelpers::getCountries();
$params['states'] = KalturaHelpers::getStates();
$this->renderView('admin/register.php', $params);
}
function cyc_profile_init()
{
function cyc_profile_js()
{
?>
<script type="text/javascript">
function update_nickname() {
var nickname = jQuery('#nickname').val();
var display_nickname = jQuery('#display_nickname').val();
if (nickname == '') {
jQuery('#display_nickname').remove();
}
jQuery('#display_nickname').val(nickname).html(nickname);
}
jQuery(function ($) {
//$('#pass1').keyup( check_pass_strength )
$('.color-palette').click(function () {
$(this).siblings('input[name=admin_color]').attr('checked', 'checked')
});
});
jQuery(document).ready(function () {
jQuery('#pass1,#pass2').attr('autocomplete', 'off');
jQuery('#nickname').blur(update_nickname);
});
</script>
<?php
}
function cyc_profile_css()
{
?>
<style type="text/css">
table.form-table th, table.form-table td
{
padding: 0;
}
table.form-table th
{
width: 150px;
vertical-align: text-top;
text-align: left;
}
p.message
{
padding: 3px 5px;
background-color: lightyellow;
border: 1px solid yellow;
}
#display_name
{
width: 250px;
}
.field-hint
{
display: block;
clear: both;
}
</style>
<?php
}
if (!$user_id) {
$current_user = wp_get_current_user();
$user_id = $current_user->ID;
}
// If current user can see more of the admin area then just his profile, doing all this makes no sense.
if ($current_user->has_cap('edit_posts') === false && $current_user->has_cap('subscription_agency') === false) {
$is_profile_page = true;
add_filter('wp_title', 'cyc_title');
add_action('wp_head', 'cyc_profile_js');
add_action('wp_head', 'cyc_profile_css');
wp_enqueue_script('jquery');
wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer'));
$user_id = (int) $user_id;
$profileuser = get_user_to_edit($user_id);
if (!current_user_can('edit_user', $user_id)) {
wp_die(__('You do not have permission to edit this user.'));
}
cyc_head(__('Личный кабинет пользователя'));
if ($_GET['updated'] == true) {
echo '<p class="message">Ваш профиль обновлён</p>';
}
get_template_part('_user', 'profile');
cyc_footer();
die;
}
}
<?php
require_once 'admin.php';
$title = __('Profile');
if (current_user_can('edit_users')) {
$parent_file = 'users.php';
} else {
$parent_file = 'profile.php';
}
include_once 'admin-header.php';
$profileuser = get_user_to_edit($user_ID);
$bookmarklet_height = 440;
?>
<?php
if (isset($_GET['updated'])) {
?>
<div id="message" class="updated fade">
<p><strong><?php
_e('Profile updated.');
?>
</strong></p>
</div>
<?php
}
?>
<div class="wrap">
<h2><?php
_e('Your Profile and Personal Options');
?>
/**
* The Admin-facing user edit screen
*
* @since 1.0.0
* @param $user_id int. The user ID
* @return html
*/
function bbconnect_edit_user($user_id = '')
{
if ('' == $user_id && isset($_POST['uuid'])) {
$user_id = $_POST['uuid'];
}
if ('' != $user_id) {
$_GET['user_id'] = $user_id;
}
// WORDPRESS SETUP
wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer'));
if (empty($_GET['user_id'])) {
define('IS_PROFILE_PAGE', true);
}
// SET THE USER INFORMATION
global $user_id;
$user_id = (int) $user_id;
$current_user = wp_get_current_user();
if (!defined('IS_PROFILE_PAGE')) {
define('IS_PROFILE_PAGE', $user_id == $current_user->ID);
}
if (!$user_id && IS_PROFILE_PAGE) {
$user_id = $current_user->ID;
} elseif (!$user_id && !IS_PROFILE_PAGE) {
wp_die(__('Invalid user ID.'));
} elseif (!get_userdata($user_id)) {
wp_die(__('Invalid user ID.'));
}
//if ( !current_user_can('edit_user', $user_id) )
if (!bbconnect_user_can('edit_user', array('one' => $current_user->ID, 'two' => $user_id))) {
wp_die(__('You do not have permission to edit this user.'));
}
$profileuser = get_user_to_edit($user_id);
global $errors, $updated;
if (isset($updated)) {
?>
<div id="message" class="updated">
<p><strong><?php
echo $updated;
?>
</strong></p>
</div>
<?php
}
if (isset($errors) && is_wp_error($errors)) {
?>
<div class="error"><p><?php
echo implode("</p>\n<p>", $errors->get_error_messages());
?>
</p></div>
<?php
}
// SET BBCONNECT POSITIONS
// SET GLOBAL VARIABLES
global $current_user, $bbconnect_cap;
if (current_user_can('list_users')) {
$bbconnect_cap = 'admin';
$formdes = admin_url('users.php?page=bbconnect_edit_user&user_id=' . $user_id);
} else {
$bbconnect_cap = 'user';
$formdes = admin_url('admin.php?page=bbconnect_edit_user_profile&user_id=' . $user_id);
}
$tabs = apply_filters('bbconnect_user_tabs', array('meta' => array('title' => __('Profile', 'bbconnect'), 'subs' => false), 'actions' => array('title' => __('History', 'bbconnect'), 'subs' => false)));
if (isset($_GET['tab'])) {
$active = $_GET['tab'];
} else {
$active = current(array_keys($tabs));
}
$tab_nav = '';
foreach ($tabs as $key => $val) {
if ($active == $key) {
$act_tab = ' nav-tab-active';
} else {
$act_tab = '';
}
$tab_nav .= '<a href="' . $formdes . '&tab=' . $key . '" class="nav-tab' . $act_tab . '">' . $val['title'] . '</a>';
}
if ($user_id == $current_user->ID) {
echo '<style>#column_2{display:none;}</style>';
}
do_action('bbconnect_pre_admin_profile');
?>
<div id="bbconnect" class="wrap">
<div id="icon-users" class="icon32"><br /></div>
<h2><?php
echo bbconnect_get_username($user_id);
?>
</h2>
<h2 class="nav-tab-wrapper"><?php
echo $tab_nav;
?>
</h2>
<?php
if (function_exists('bbconnect_profile_quicklinks')) {
bbconnect_profile_quicklinks($user_id);
} else {
echo '<div id="quicklinks-wrapper">You should get the quicklinks addon!</div>';
}
?>
<form id="user-form" class="bbconnect-form" enctype="multipart/form-data" action="<?php
echo $formdes . '&tab=' . $active;
?>
" autocomplete="off" method="POST">
<?php
wp_nonce_field('bbconnect-edit-user-nonce');
?>
<div>
<?php
switch ($active) {
case 'meta':
do_action('bbconnect_pre_admin_profile_fields');
bbconnect_profile_user_meta(array('user_id' => $user_id, 'bbconnect_cap' => $bbconnect_cap, 'action' => 'edit'));
/* THIS IS HERE FOR TEMPORARY HISTORICAL REFERENCES
if ( IS_PROFILE_PAGE )
do_action( 'show_user_profile', $profileuser );
else
do_action( 'edit_user_profile', $profileuser );
*/
?>
<input type="hidden" name="update" value="<?php
echo $active;
?>
" />
<input type="hidden" name="user_id" id="user_id" value="<?php
echo esc_attr($user_id);
?>
" />
<div style="clear: both;">
<input id="profile-submission" type="submit" name="edit_user_profile" value="<?php
_e('Update!', 'bbconnect');
?>
" class="button-primary" />
</div>
<?php
if (!current_user_can('edit_users')) {
?>
<script type="text/javascript">
jQuery(document).ready(function(){
jQuery('#bbconnect').on('click', '#profile-submission', check_profile);
});
</script>
<?php
}
?>
<?php
break;
case 'actions':
bbconnect_actions_editor(array('user_id' => $user_id, 'bbconnect_cap' => $bbconnect_cap, 'action' => 'edit'));
break;
default:
do_action('bbconnect_admin_profile_' . $active);
break;
}
?>
</div>
</form>
</div>
<?php
}
/**
* Tests the model function that expects slashed data
*
*/
function test_wp_update_user()
{
$id = $this->factory->user->create();
$id = wp_update_user(array('ID' => $id, 'role' => 'subscriber', 'first_name' => $this->slash_1, 'last_name' => $this->slash_3, 'nickname' => $this->slash_5, 'display_name' => $this->slash_7, 'description' => $this->slash_3));
$user = get_user_to_edit($id);
$this->assertEquals(wp_unslash($this->slash_1), $user->first_name);
$this->assertEquals(wp_unslash($this->slash_3), $user->last_name);
$this->assertEquals(wp_unslash($this->slash_5), $user->nickname);
$this->assertEquals(wp_unslash($this->slash_7), $user->display_name);
$this->assertEquals(wp_unslash($this->slash_3), $user->description);
$id = wp_update_user(array('ID' => $id, 'role' => 'subscriber', 'first_name' => $this->slash_2, 'last_name' => $this->slash_4, 'nickname' => $this->slash_6, 'display_name' => $this->slash_2, 'description' => $this->slash_4));
$user = get_user_to_edit($id);
$this->assertEquals(wp_unslash($this->slash_2), $user->first_name);
$this->assertEquals(wp_unslash($this->slash_4), $user->last_name);
$this->assertEquals(wp_unslash($this->slash_6), $user->nickname);
$this->assertEquals(wp_unslash($this->slash_2), $user->display_name);
$this->assertEquals(wp_unslash($this->slash_4), $user->description);
}
<?php
$profileuser = get_user_to_edit(get_current_user_id());
?>
<div id="X_Account-Profile">
<div class="row-fluid">
<form id="X_Account-Profile-Form" class="form-horizontal">
<?php
wp_nonce_field('update-user_' . get_current_user_id());
?>
<input type="hidden" name="action" value="xt_ajax_account_profile_update">
<div class="control-group">
<label class="control-label" for="user_login">用户名:</label>
<div class="controls">
<input class="required disabled" type="text" name="user_login" id="user_login" disabled value="<?php
echo esc_attr($profileuser->user_login);
?>
">
</div>
</div>
<div class="control-group">
<label class="control-label" for="display_name">昵称:</label>
<div class="controls">
<input class="required" type="text" name="display_name" id="display_name" value="<?php
echo esc_attr($profileuser->display_name);
?>
">
</div>
</div>
<div class="control-group">
<label class="control-label">性别:</label>
/**
* Sidebar metabox for administrative user actions
*
*
* @todo Fix delete link to be handled internally and not depend on built-in user management
* @since 0.01
*
*/
function special_actions($object)
{
global $current_user, $wpdb, $wp_filter, $user_id;
$current_user_id = $current_user->ID;
$user_id = $object['ID']['default'][0];
$profileuser = get_user_to_edit($user_id);
if ($user_id == $current_user_id) {
$own_profile = true;
}
?>
<div id="minor-publishing">
<ul class="wp_crm_advanced_user_actions_wrapper">
<li class="wp_crm_advanced_user_actions">
<div class="wp_crm_toggle_advanced_user_actions wp_crm_link"><?php
_e('Toggle Settings');
?>
</div>
<div class="wp_crm_advanced_user_actions wp-tab-panel">
<?php
if (current_user_can('edit_users')) {
?>
<?php
if (current_user_can('WP-CRM: Change Passwords')) {
?>
<?php
_e('Set Password:'******'wp_crm');
?>
<ul class="wp_crm_edit_password">
<li>
<input type="password" autocomplete="off" value="" size="16" class="wp_crm_user_password" id="wp_crm_password_1" name="wp_crm[user_data][user_pass][<?php
echo rand(1000, 9999);
?>
][value]" />
<span class="description"><?php
_e('Type in new password twice to change.');
?>
</span>
</li>
<li>
<input type="password" autocomplete="off" value="" size="16" class="wp_crm_user_password" id="wp_crm_password_2" />
<span class="description"><?php
_e('Type your new password again.');
?>
</span>
</li>
</ul>
<?php
}
?>
<ul>
<?php
if (current_user_can('edit_roles')) {
?>
<li class="wp_crm_edit_roles">
<label for="wp_crm_role"><?php
_e('Capability Role:', 'wp_crm');
?>
</label>
<select id="wp_crm_role" <?php
echo $own_profile ? ' disabled="true" ' : '';
?>
name="wp_crm[user_data][role][<?php
echo rand(1000, 9999);
?>
][value]">
<option value=""></option>
<?php
wp_dropdown_roles($object['role']['default'][0]);
?>
</select>
</li>
<?php
}
?>
<li class="wp_crm_capability_bar">
<input name="show_admin_bar_front" type="hidden" value="false" />
<input name="show_admin_bar_front" type="checkbox" id="show_admin_bar_front" value="true" <?php
checked(_get_admin_bar_pref('front', $profileuser->ID));
?>
/>
<label for="show_admin_bar_front"><?php
_e('Show Admin Bar when viewing site.');
?>
</label>
</li>
</ul>
<?php
}
?>
<?php
if (current_user_can('WP-CRM: Change Color Scheme')) {
_e('Color Scheme:', 'wp_crm');
do_action('admin_color_scheme_picker');
}
?>
</div>
</li>
</ul>
<?php
if (count($wp_filter['show_user_profile']) || count($wp_filter['profile_personal_options'])) {
?>
<div class="wp_crm_user_api_actions">
<?php
add_filter('wpi_user_information', array('WP_CRM_F', 'wpi_user_information'));
if ($own_profile) {
do_action('show_user_profile', $profileuser);
} else {
do_action('edit_user_profile', $profileuser);
}
?>
</div>
<?php
}
?>
<?php
if (current_user_can('edit_users')) {
do_action('wp_crm_metabox_special_actions');
}
?>
</div>
<div class="major-publishing-actions">
<div class="other-action">
<span class="wp_crm_subtle_link wp_crm_toggle" toggle="wp_crm_user_actions"><?php
_e('Show Actions');
?>
</span>
</div>
<div id="publishing-action">
<input type="hidden" value="Publish" id="original_publish" name="original_publish">
<?php
if (current_user_can('edit_users') || current_user_can('add_users') && $object['new']) {
?>
<input type="submit" accesskey="p" tabindex="5" value="<?php
echo $object['new'] ? __('Save', 'wpp_crm') : __('Update', 'wpp_crm');
?>
" class="button-primary" id="publish" name="publish">
<?php
} else {
?>
<input type="submit" accesskey="p" tabindex="5" value="<?php
echo $object['new'] ? __('Save', 'wpp_crm') : __('Update', 'wpp_crm');
?>
" class="button-primary" id="publish" name="publish" disabled="true">
<?php
}
?>
</div>
<div class="clear"></div>
</div>
<div class="wp_crm_user_actions hidden">
<ul class="wp_crm_action_list">
<?php
if (current_user_can('WP-CRM: Add User Messages')) {
?>
<li class="wp_crm_orange_link wp_crm_toggle_message_entry"><?php
_e('Add a general note.', 'wp_crm');
?>
</li>
<?php
}
?>
<?php
do_action('wp_crm_single_user_actions', $object);
?>
<?php
if ((current_user_can('remove_users') || current_user_can('delete_users')) && (!$object['new'] && $user_id != $current_user->ID)) {
?>
<li class="wp_crm_orange_link"><a href="<?php
echo wp_nonce_url("admin.php?wp_crm_action=delete_user&page=wp_crm&user_id={$user_id}", 'wp-crm-delete-user-' . $user_id);
?>
" class="submitdelete deletion"><?php
_e('Delete');
?>
</a></li>
<?php
}
?>
</ul>
</div>
<?php
}
function web_invoice_send_email($invoice_array, $reminder = false)
{
global $wpdb;
if (is_array($invoice_array)) {
$counter = 0;
foreach ($invoice_array as $invoice_id) {
$invoice_info = $wpdb->get_row("SELECT * FROM " . Web_Invoice::tablename('main') . " WHERE invoice_num = '" . $invoice_id . "'");
$profileuser = get_user_to_edit($invoice_info->user_id);
if ($reminder) {
$message = strip_tags(web_invoice_show_reminder_email($invoice_id));
$subject = strip_tags(preg_replace_callback('/(%([a-z_]+))/', 'web_invoice_email_apply_variables', get_option('web_invoice_email_send_reminder_subject')));
} else {
$message = strip_tags(web_invoice_show_email($invoice_id));
$subject = strip_tags(preg_replace_callback('/(%([a-z_]+))/', 'web_invoice_email_apply_variables', get_option('web_invoice_email_send_invoice_subject')));
}
$from = strip_tags(stripslashes(get_option("web_invoice_email_address")));
$from_name = strip_tags(stripslashes(get_option("web_invoice_business_name")));
$headers = "From: {$from_name} <{$from}>";
$message = html_entity_decode($message, ENT_QUOTES, 'UTF-8');
$attachments = array(web_invoice_pdf_file($invoice_id));
if (wp_mail($profileuser->user_email, $subject, $message, $headers, $attachments)) {
$counter++;
// Success in sending quantified.
unlink($attachments[0]);
web_invoice_update_log($invoice_id, 'contact', 'Invoice eMailed');
//make sent entry
web_invoice_update_invoice_meta($invoice_id, "sent_date", date("Y-m-d", time()));
}
}
return "Successfully sent {$counter} Web Invoices(s).";
} else {
$invoice_id = $invoice_array;
$invoice_info = $wpdb->get_row("SELECT * FROM " . Web_Invoice::tablename('main') . " WHERE invoice_num = '" . $invoice_array . "'");
$profileuser = get_userdata($invoice_info->user_id);
if ($reminder) {
$message = strip_tags(web_invoice_show_reminder_email($invoice_id));
$subject = strip_tags(preg_replace_callback('/(%([a-z_]+))/', 'web_invoice_email_apply_variables', get_option('web_invoice_email_send_reminder_subject')));
} else {
$message = strip_tags(web_invoice_show_email($invoice_id));
$subject = strip_tags(preg_replace_callback('/(%([a-z_]+))/', 'web_invoice_email_apply_variables', get_option('web_invoice_email_send_invoice_subject')));
}
$from = strip_tags(stripslashes(get_option("web_invoice_email_address")));
$from_name = strip_tags(stripslashes(get_option("web_invoice_business_name")));
$headers = "From: {$from_name} <{$from}>";
$message = html_entity_decode($message, ENT_QUOTES, 'UTF-8');
$attachments = array(web_invoice_pdf_file($invoice_id));
if (wp_mail($profileuser->user_email, $subject, $message, $headers, $attachments)) {
unlink($attachments[0]);
web_invoice_update_invoice_meta($invoice_id, "sent_date", date("Y-m-d", time()));
web_invoice_update_log($invoice_id, 'contact', 'Invoice eMailed');
return "Web invoice sent successfully.";
} else {
return "There was a problem sending the invoice.";
}
}
}
/**
* Delete capability
*
* @global wpdb $wpdb
* @global WP_Roles $wp_roles
* @return string - information message
*/
public static function delete()
{
global $wpdb, $wp_roles;
if (!current_user_can('ure_delete_capabilities')) {
return esc_html__('Insufficient permissions to work with User Role Editor', 'user-role-editor');
}
if (!isset($_POST['user_capability_id']) || empty($_POST['user_capability_id'])) {
return 'Wrong Request';
}
$lib = URE_Lib::get_instance();
$mess = '';
$capability_id = $_POST['user_capability_id'];
$caps_to_remove = $lib->get_caps_to_remove();
if (!is_array($caps_to_remove) || count($caps_to_remove) == 0 || !isset($caps_to_remove[$capability_id])) {
return sprintf(esc_html__('Error! You do not have permission to delete this capability: %s!', 'user-role-editor'), $capability_id);
}
// process users
$usersId = $wpdb->get_col("SELECT {$wpdb->users}.ID FROM {$wpdb->users}");
foreach ($usersId as $user_id) {
$user = get_user_to_edit($user_id);
if ($user->has_cap($capability_id)) {
$user->remove_cap($capability_id);
}
}
// process roles
foreach ($wp_roles->role_objects as $wp_role) {
if ($wp_role->has_cap($capability_id)) {
$wp_role->remove_cap($capability_id);
}
}
$mess = sprintf(esc_html__('Capability %s was removed successfully', 'user-role-editor'), $capability_id);
return $mess;
}
function display_user_profile_fields()
{
global $wpdb, $user_id, $wpi_settings;
$profileuser = get_user_to_edit($user_id);
include $wpi_settings['admin']['ui_path'] . '/profile_page_content.php';
}
/**
* Outputs profile form HTML
*
* Callback for "tml_display_profile" hook in method Theme_My_login_Template::display()
*
* @see Theme_My_Login_Template::display()
* @since 6.0
* @access public
*
* @param object $template Reference to $theme_my_login_template object
*/
public function tml_display_profile(&$template)
{
global $current_user, $profileuser, $_wp_admin_css_colors, $wp_version;
require_once ABSPATH . 'wp-admin/includes/user.php';
require_once ABSPATH . 'wp-admin/includes/misc.php';
if (isset($_GET['updated']) && 'true' == $_GET['updated']) {
Theme_My_Login::get_object()->errors->add('profile_updated', __('Profile updated.'), 'message');
}
$current_user = wp_get_current_user();
$profileuser = get_user_to_edit($current_user->ID);
$user_role = reset($profileuser->roles);
if (is_multisite() && empty($user_role)) {
$user_role = 'subscriber';
}
$_template = array();
// Allow template override via shortcode or template tag args
if (!empty($template->options['profile_template'])) {
$_template[] = $template->options['profile_template'];
}
// Allow role template overrid via shortcode or template tag args
if (!empty($template->options["profile_template_{$user_role}"])) {
$_template[] = $template->options["profile_template_{$user_role}"];
}
// Role template
$_template[] = "profile-form-{$user_role}.php";
// Default template
$_template[] = 'profile-form.php';
// Load template
$template->get_template($_template, true, compact('current_user', 'profileuser', 'user_role', '_wp_admin_css_colors', 'wp_version'));
}
/**
* Delete capability
*
* @global wpdb $wpdb
* @global WP_Roles $wp_roles
* @return string - information message
*/
protected function delete_capability()
{
global $wpdb, $wp_roles;
$mess = '';
if (!empty($_POST['user_capability_id'])) {
$capability_id = $_POST['user_capability_id'];
$caps_to_remove = $this->get_caps_to_remove();
if (!is_array($caps_to_remove) || count($caps_to_remove) == 0 || !isset($caps_to_remove[$capability_id])) {
return sprintf(__('Error! You do not have permission to delete this capability: %s!', 'ure'), $capability_id);
}
// process users
$usersId = $wpdb->get_col("SELECT {$wpdb->users}.ID FROM {$wpdb->users}");
foreach ($usersId as $user_id) {
$user = get_user_to_edit($user_id);
if ($user->has_cap($capability_id)) {
$user->remove_cap($capability_id);
}
}
// process roles
foreach ($wp_roles->role_objects as $wp_role) {
if ($wp_role->has_cap($capability_id)) {
$wp_role->remove_cap($capability_id);
}
}
$mess = sprintf(__('Capability %s is removed successfully', 'ure'), $capability_id);
}
return $mess;
}
<?php
/*
If you would like to edit this file, copy it to your current theme's directory and edit it there.
Theme My Login will always look in your theme's directory first, before using this default template.
*/
$GLOBALS['current_user'] = $current_user = wp_get_current_user();
$GLOBALS['profileuser'] = $profileuser = get_user_to_edit($current_user->ID);
$user_can_edit = false;
foreach (array('posts', 'pages') as $post_cap) {
$user_can_edit |= current_user_can("edit_{$post_cap}");
}
?>
<div class="login profile" id="theme-my-login<?php
$template->the_instance();
?>
">
<?php
$template->the_action_template_message('profile');
?>
<?php
$template->the_errors();
?>
<form id="your-profile" action="" method="post">
<?php
wp_nonce_field('update-user_' . $current_user->ID);
?>
<p>
<input type="hidden" name="from" value="profile" />
<input type="hidden" name="checkuser_id" value="<?php
/**
* Display the user's profile.
*
* @since 0.1.0
*/
function wp_user_profiles_user_admin()
{
// Reset a bunch of global values
wp_reset_vars(array('action', 'user_id', 'wp_http_referer'));
// Get the user ID
$user_id = !empty($_GET['user_id']) ? (int) $_GET['user_id'] : get_current_user_id();
// Get user
$user = get_user_to_edit($user_id);
/**
* Backwards compatibility for JIT metaboxes
*
* @since 0.2.0 Use `wp_user_profiles_add_meta_boxes` instead
*/
do_action('add_meta_boxes', get_current_screen()->id, $user);
// Remove possible query arguments
$request_url = remove_query_arg(array('action', 'error', 'updated', 'spam', 'ham'), $_SERVER['REQUEST_URI']);
// Setup form action URL
$form_action_url = add_query_arg(array('action' => 'update'), $request_url);
// Arbitrary notice execution point
do_action('wp_user_profiles_admin_notices');
?>
<div class="wrap" id="wp-user-profiles-page">
<h1><?php
// The page title
echo esc_html($user->display_name);
// Any arbitrary "page-title-action" class links
do_action('wp_user_profiles_title_actions');
?>
</h1>
<?php
wp_user_profiles_admin_nav($user);
?>
<form action="<?php
echo esc_url($form_action_url);
?>
" id="your-profile" method="post" novalidate="novalidate" <?php
do_action('user_edit_form_tag');
?>
>
<div id="poststuff">
<div id="post-body" class="metabox-holder columns-<?php
echo 1 == get_current_screen()->get_columns() ? '1' : '2';
?>
">
<div id="postbox-container-1" class="postbox-container">
<?php
do_meta_boxes(get_current_screen()->id, 'side', $user);
?>
</div>
<div id="postbox-container-2" class="postbox-container">
<?php
do_meta_boxes(get_current_screen()->id, 'normal', $user);
?>
<?php
do_meta_boxes(get_current_screen()->id, 'advanced', $user);
?>
</div>
</div>
</div>
<input type="hidden" name="checkuser_id" value="<?php
echo get_current_user_id();
?>
" />
<?php
wp_nonce_field('closedpostboxes', 'closedpostboxesnonce', false);
?>
<?php
wp_nonce_field('meta-box-order', 'meta-box-order-nonce', false);
?>
<?php
wp_nonce_field('update-user_' . $user->ID);
?>
</form>
</div><!-- .wrap -->
<?php
}
/**
* Display the user's profile.
*
* @since 2.0.0
*/
public function user_admin()
{
if (!bp_current_user_can('bp_moderate') && empty($this->is_self_profile)) {
die('-1');
}
// Get the user ID.
$user_id = $this->get_user_id();
$user = get_user_to_edit($user_id);
// Construct title.
if (true === $this->is_self_profile) {
$title = __('Profile', 'buddypress');
} else {
$title = __('Edit User', 'buddypress');
}
// Construct URL for form.
$request_url = remove_query_arg(array('action', 'error', 'updated', 'spam', 'ham'), $_SERVER['REQUEST_URI']);
$form_action_url = add_query_arg('action', 'update', $request_url);
$wp_http_referer = false;
if (!empty($_REQUEST['wp_http_referer'])) {
$wp_http_referer = remove_query_arg(array('action', 'updated'), $_REQUEST['wp_http_referer']);
}
// Prepare notice for admin.
$notice = $this->get_user_notice();
if (!empty($notice)) {
?>
<div <?php
if ('updated' === $notice['class']) {
?>
id="message" <?php
}
?>
class="<?php
echo esc_attr($notice['class']);
?>
">
<p><?php
echo esc_html($notice['message']);
?>
</p>
<?php
if (!empty($wp_http_referer) && 'updated' === $notice['class']) {
?>
<p><a href="<?php
echo esc_url($wp_http_referer);
?>
"><?php
esc_html_e('← Back to Users', 'buddypress');
?>
</a></p>
<?php
}
?>
</div>
<?php
}
?>
<div class="wrap" id="community-profile-page">
<h1><?php
echo esc_html($title);
?>
<?php
if (empty($this->is_self_profile)) {
?>
<?php
if (current_user_can('create_users')) {
?>
<a href="user-new.php" class="add-new-h2"><?php
echo esc_html_x('Add New', 'user', 'buddypress');
?>
</a>
<?php
} elseif (is_multisite() && current_user_can('promote_users')) {
?>
<a href="user-new.php" class="add-new-h2"><?php
echo esc_html_x('Add Existing', 'user', 'buddypress');
?>
</a>
<?php
}
?>
<?php
}
?>
</h1>
<?php
if (!empty($user)) {
$this->profile_nav($user, 'BuddyPress');
?>
<form action="<?php
echo esc_url($form_action_url);
?>
" id="your-profile" method="post">
<div id="poststuff">
<div id="post-body" class="metabox-holder columns-<?php
echo 1 == get_current_screen()->get_columns() ? '1' : '2';
?>
">
<div id="postbox-container-1" class="postbox-container">
<?php
do_meta_boxes(get_current_screen()->id, 'side', $user);
?>
</div>
<div id="postbox-container-2" class="postbox-container">
<?php
do_meta_boxes(get_current_screen()->id, 'normal', $user);
?>
<?php
do_meta_boxes(get_current_screen()->id, 'advanced', $user);
?>
</div>
</div><!-- #post-body -->
</div><!-- #poststuff -->
<?php
wp_nonce_field('closedpostboxes', 'closedpostboxesnonce', false);
?>
<?php
wp_nonce_field('meta-box-order', 'meta-box-order-nonce', false);
?>
<?php
wp_nonce_field('edit-bp-profile_' . $user->ID);
?>
</form>
<?php
} else {
?>
<p><?php
printf('%1$s <a href="%2$s">%3$s</a>', __('No user found with this ID.', 'buddypress'), esc_url(bp_get_admin_url('users.php')), __('Go back and try again.', 'buddypress'));
?>
</p>
<?php
}
?>
</div><!-- .wrap -->
<?php
}
/**
* Outputs profile form HTML
*
* Callback for "tml_template_profile" hook in method Theme_My_login_Template::display()
*
* @see Theme_My_Login_Template::display()
* @since 6.0
* @access public
*
* @param object $template Reference to $theme_my_login_template object
*/
function get_profile_form(&$template)
{
global $current_user, $profileuser, $_wp_admin_css_colors, $wp_version;
$current_user = wp_get_current_user();
$profileuser = get_user_to_edit($current_user->ID);
$role = reset($profileuser->roles);
$_template = array();
// Allow template override via shortcode or template tag args
if (!empty($template->options['profile_template'])) {
$_template[] = $template->options['profile_template'];
}
// Role template
if (!empty($template->options["profile_template_{$role}"])) {
$_template[] = $template->options["profile_template_{$role}"];
}
$_template[] = "profile-form-{$role}.php";
// Default template
$_template[] = 'profile-form.php';
// Load template
$template->get_template($_template, '', true, compact('current_user', 'profileuser', '_wp_admin_css_colors', 'wp_version'));
}
}
$sorter = new ure_TableSorter($column);
$fullCapabilities = $sorter->sort($fullCapabilities);
if ($ure_object == 'user') {
if (!isset($_REQUEST['user_id'])) {
$mess .= ' user_id value is missed';
return;
}
$user_id = $_REQUEST['user_id'];
if (!is_numeric($user_id)) {
return;
}
if (!$user_id) {
return;
}
$ure_userToEdit = get_user_to_edit($user_id);
if (empty($ure_userToEdit)) {
return;
}
}
if (isset($_POST['action']) && $_POST['action'] == 'update' && isset($_POST['user_role'])) {
$ure_currentRole = $_POST['user_role'];
$ure_capabilitiesToSave = array();
foreach ($fullCapabilities as $availableCapability) {
$cap_id = str_replace(' ', URE_SPACE_REPLACER, $availableCapability['inner']);
if (isset($_POST[$cap_id])) {
$ure_capabilitiesToSave[$availableCapability['inner']] = 1;
}
}
if ($ure_object == 'role') {
// save role changes to database
protected function show_form_content()
{
$lca = $this->p->cf['lca'];
if ($this->menu_lib === 'profile') {
$user_id = get_current_user_id();
$profileuser = get_user_to_edit($user_id);
$current_color = get_user_option('admin_color', $user_id);
if (empty($current_color)) {
$current_color = 'fresh';
}
// match wordpress behavior (users page for admins, profile page for everyone else)
$admin_url = current_user_can('list_users') ? $this->p->util->get_admin_url($this->menu_id, null, 'users') : $this->p->util->get_admin_url($this->menu_id, null, $this->menu_lib);
echo '<form name="' . $lca . '" id="' . $lca . '_setting_form" action="user-edit.php" method="post">' . "\n";
echo '<input type="hidden" name="wp_http_referer" value="' . $admin_url . '" />' . "\n";
echo '<input type="hidden" name="action" value="update" />' . "\n";
echo '<input type="hidden" name="user_id" value="' . $user_id . '" />' . "\n";
echo '<input type="hidden" name="nickname" value="' . $profileuser->nickname . '" />' . "\n";
echo '<input type="hidden" name="email" value="' . $profileuser->user_email . '" />' . "\n";
echo '<input type="hidden" name="admin_color" value="' . $current_color . '" />' . "\n";
echo '<input type="hidden" name="rich_editing" value="' . $profileuser->rich_editing . '" />' . "\n";
echo '<input type="hidden" name="comment_shortcuts" value="' . $profileuser->comment_shortcuts . '" />' . "\n";
echo '<input type="hidden" name="admin_bar_front" value="' . _get_admin_bar_pref('front', $user_id) . '" />' . "\n";
wp_nonce_field('update-user_' . $user_id);
} elseif ($this->menu_lib === 'setting' || $this->menu_lib === 'submenu') {
echo '<form name="' . $lca . '" id="' . $lca . '_setting_form" action="options.php" method="post">' . "\n";
settings_fields($lca . '_setting');
} elseif ($this->menu_lib === 'sitesubmenu') {
echo '<form name="' . $lca . '" id="' . $lca . '_setting_form" action="edit.php?action=' . NGFB_SITE_OPTIONS_NAME . '" method="post">' . "\n";
echo '<input type="hidden" name="page" value="' . $this->menu_id . '" />';
} else {
return;
}
wp_nonce_field(self::get_nonce(), NGFB_NONCE);
wp_nonce_field('closedpostboxes', 'closedpostboxesnonce', false);
wp_nonce_field('meta-box-order', 'meta-box-order-nonce', false);
do_meta_boxes($this->pagehook, 'normal', null);
do_action($this->p->cf['lca'] . '_form_content_metaboxes_' . SucomUtil::sanitize_hookname($this->menu_id), $this->pagehook);
switch ($this->menu_id) {
case 'readme':
case 'setup':
case 'sitereadme':
case 'sitesetup':
break;
default:
if ($this->menu_lib === 'profile') {
echo $this->get_submit_buttons(_x('Save All Profile Settings', 'submit button', 'nextgen-facebook'));
} else {
echo $this->get_submit_buttons();
}
break;
}
echo '</form>', "\n";
}
