$jfb_log .= "nxt: No user found. Automatically registering (FB_" . $fb_uid . ")\n";
$user_data = array();
$user_data['user_login'] = "******" . $fb_uid;
$user_data['user_pass'] = nxt_generate_password();
$user_data['user_nicename'] = sanitize_title($user_data['user_login']);
$user_data['first_name'] = $fbuser['first_name'];
$user_data['last_name'] = $fbuser['last_name'];
$user_data['display_name'] = $fbuser['first_name'];
$user_data['user_url'] = $fbuser["profile_url"];
$user_data['user_email'] = $fbuser["email"];
//Run a filter so the user can be modified to something different before registration
//NOTE: If the user has selected "pretty names", this'll change FB_xxx to i.e. "John.Smith"
$user_data = apply_filters('nxtfb_insert_user', $user_data, $fbuser);
$user_data = apply_filters('nxtfb_inserting_user', $user_data, array('nxt_ID' => $user_login_id, 'FB_ID' => $fb_uid, 'facebook' => $facebook, 'FB_UserData' => $fbuser));
//Insert a new user to our database and make sure it worked
$user_login_id = nxt_insert_user($user_data);
if (is_nxt_error($user_login_id)) {
j_die("Error: nxt_insert_user failed!<br/><br/>" . "If you get this error while running a nxtclass MultiSite installation, it means you'll need to purchase the <a href=\"{$jfb_homepage}#premium\">premium version</a> of this plugin to enable full MultiSite support.<br/><br/>" . "If you're <u><i>not</i></u> using MultiSite, please report this bug to the plugin author on the support page <a href=\"{$jfb_homepage}#feedback\">here</a>.<br /><br />" . "Error message: " . (function_exists(array(&$user_login_id, 'get_error_message')) ? $user_login_id->get_error_message() : "Undefined") . "<br />" . "nxt_ALLOW_MULTISITE: " . (defined('nxt_ALLOW_MULTISITE') ? constant('nxt_ALLOW_MULTISITE') : "Undefined") . "<br />" . "is_multisite: " . (function_exists('is_multisite') ? is_multisite() : "Undefined"));
}
//Success! Notify the site admin.
$user_login_name = $user_data['user_login'];
nxt_new_user_notification($user_login_name);
//Run an action so i.e. usermeta can be added to a user after registration
do_action('nxtfb_inserted_user', array('nxt_ID' => $user_login_id, 'FB_ID' => $fb_uid, 'facebook' => $facebook, 'nxt_UserData' => $user_data));
}
//Tag the user with our meta so we can recognize them next time, without resorting to email hashes
update_user_meta($user_login_id, $jfb_uid_meta_name, $fb_uid);
$jfb_log .= "nxt: Updated usermeta ({$jfb_uid_meta_name})\n";
//Also store the user's facebook avatar(s), in case the user wants to use them later
if ($fbuser['pic_square']) {
update_user_meta($user_login_id, 'facebook_avatar_thumb', $fbuser['pic_square']);
/**
* Edit user settings based on contents of $_POST
*
* Used on user-edit.php and profile.php to manage and process user options, passwords etc.
*
* @since 2.0
*
* @param int $user_id Optional. User ID.
* @return int user id of the updated user
*/
function edit_user($user_id = 0)
{
global $nxt_roles, $nxtdb;
$user = new stdClass();
if ($user_id) {
$update = true;
$user->ID = (int) $user_id;
$userdata = get_userdata($user_id);
$user->user_login = $nxtdb->escape($userdata->user_login);
} else {
$update = false;
}
if (!$update && isset($_POST['user_login'])) {
$user->user_login = sanitize_user($_POST['user_login'], true);
}
$pass1 = $pass2 = '';
if (isset($_POST['pass1'])) {
$pass1 = $_POST['pass1'];
}
if (isset($_POST['pass2'])) {
$pass2 = $_POST['pass2'];
}
if (isset($_POST['role']) && current_user_can('edit_users')) {
$new_role = sanitize_text_field($_POST['role']);
$potential_role = isset($nxt_roles->role_objects[$new_role]) ? $nxt_roles->role_objects[$new_role] : false;
// Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
// Multisite super admins can freely edit their blog roles -- they possess all caps.
if (is_multisite() && current_user_can('manage_sites') || $user_id != get_current_user_id() || $potential_role && $potential_role->has_cap('edit_users')) {
$user->role = $new_role;
}
// If the new role isn't editable by the logged-in user die with error
$editable_roles = get_editable_roles();
if (!empty($new_role) && empty($editable_roles[$new_role])) {
nxt_die(__('You can’t give users that role.'));
}
}
if (isset($_POST['email'])) {
$user->user_email = sanitize_text_field($_POST['email']);
}
if (isset($_POST['url'])) {
if (empty($_POST['url']) || $_POST['url'] == 'http://') {
$user->user_url = '';
} else {
$user->user_url = esc_url_raw($_POST['url']);
$user->user_url = preg_match('/^(https?|ftps?|mailto|news|irc|gopher|nntp|feed|telnet):/is', $user->user_url) ? $user->user_url : 'http://' . $user->user_url;
}
}
if (isset($_POST['first_name'])) {
$user->first_name = sanitize_text_field($_POST['first_name']);
}
if (isset($_POST['last_name'])) {
$user->last_name = sanitize_text_field($_POST['last_name']);
}
if (isset($_POST['nickname'])) {
$user->nickname = sanitize_text_field($_POST['nickname']);
}
if (isset($_POST['display_name'])) {
$user->display_name = sanitize_text_field($_POST['display_name']);
}
if (isset($_POST['description'])) {
$user->description = trim($_POST['description']);
}
foreach (_nxt_get_user_contactmethods($user) as $method => $name) {
if (isset($_POST[$method])) {
$user->{$method} = sanitize_text_field($_POST[$method]);
}
}
if ($update) {
$user->rich_editing = isset($_POST['rich_editing']) && 'false' == $_POST['rich_editing'] ? 'false' : 'true';
$user->admin_color = isset($_POST['admin_color']) ? sanitize_text_field($_POST['admin_color']) : 'fresh';
$user->show_admin_bar_front = isset($_POST['admin_bar_front']) ? 'true' : 'false';
}
$user->comment_shortcuts = isset($_POST['comment_shortcuts']) && 'true' == $_POST['comment_shortcuts'] ? 'true' : '';
$user->use_ssl = 0;
if (!empty($_POST['use_ssl'])) {
$user->use_ssl = 1;
}
$errors = new nxt_Error();
/* checking that username has been typed */
if ($user->user_login == '') {
$errors->add('user_login', __('<strong>ERROR</strong>: Please enter a username.'));
}
/* checking the password has been typed twice */
do_action_ref_array('check_passwords', array($user->user_login, &$pass1, &$pass2));
if ($update) {
if (empty($pass1) && !empty($pass2)) {
$errors->add('pass', __('<strong>ERROR</strong>: You entered your new password only once.'), array('form-field' => 'pass1'));
} elseif (!empty($pass1) && empty($pass2)) {
$errors->add('pass', __('<strong>ERROR</strong>: You entered your new password only once.'), array('form-field' => 'pass2'));
}
} else {
if (empty($pass1)) {
$errors->add('pass', __('<strong>ERROR</strong>: Please enter your password.'), array('form-field' => 'pass1'));
} elseif (empty($pass2)) {
$errors->add('pass', __('<strong>ERROR</strong>: Please enter your password twice.'), array('form-field' => 'pass2'));
}
}
/* Check for "\" in password */
if (false !== strpos(stripslashes($pass1), "\\")) {
$errors->add('pass', __('<strong>ERROR</strong>: Passwords may not contain the character "\\".'), array('form-field' => 'pass1'));
}
/* checking the password has been typed twice the same */
if ($pass1 != $pass2) {
$errors->add('pass', __('<strong>ERROR</strong>: Please enter the same password in the two password fields.'), array('form-field' => 'pass1'));
}
if (!empty($pass1)) {
$user->user_pass = $pass1;
}
if (!$update && isset($_POST['user_login']) && !validate_username($_POST['user_login'])) {
$errors->add('user_login', __('<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.'));
}
if (!$update && username_exists($user->user_login)) {
$errors->add('user_login', __('<strong>ERROR</strong>: This username is already registered. Please choose another one.'));
}
/* checking e-mail address */
if (empty($user->user_email)) {
$errors->add('empty_email', __('<strong>ERROR</strong>: Please enter an e-mail address.'), array('form-field' => 'email'));
} elseif (!is_email($user->user_email)) {
$errors->add('invalid_email', __('<strong>ERROR</strong>: The e-mail address isn’t correct.'), array('form-field' => 'email'));
} elseif (($owner_id = email_exists($user->user_email)) && (!$update || $owner_id != $user->ID)) {
$errors->add('email_exists', __('<strong>ERROR</strong>: This email is already registered, please choose another one.'), array('form-field' => 'email'));
}
// Allow plugins to return their own errors.
do_action_ref_array('user_profile_update_errors', array(&$errors, $update, &$user));
if ($errors->get_error_codes()) {
return $errors;
}
if ($update) {
$user_id = nxt_update_user(get_object_vars($user));
} else {
$user_id = nxt_insert_user(get_object_vars($user));
nxt_new_user_notification($user_id, isset($_POST['send_password']) ? $pass1 : '');
}
return $user_id;
}
/**
* Create a new NXTClass user with the specified identity URL and user data.
*
* @param string $identity_url OpenID to associate with the newly
* created account
* @param array $user_data array of user data
*/
function openid_create_new_user($identity_url, &$user_data)
{
global $nxtdb;
// Identity URL is new, so create a user
@(include_once ABSPATH . 'nxt-admin/upgrade-functions.php');
// 2.1
@(include_once ABSPATH . nxtINC . '/registration-functions.php');
// 2.0.4
// otherwise, try to use preferred username
if (empty($username) && array_key_exists('nickname', $user_data)) {
$username = openid_generate_new_username($user_data['nickname'], false);
}
// finally, build username from OpenID URL
if (empty($username)) {
$username = openid_generate_new_username($identity_url);
}
$user_data['user_login'] = $username;
$user_data['user_pass'] = substr(md5(uniqid(microtime())), 0, 7);
$user_id = nxt_insert_user($user_data);
if ($user_id) {
// created ok
$user_data['ID'] = $user_id;
// XXX this all looks redundant, see openid_set_current_user
$user = new nxt_User($user_id);
if (!nxt_login($user->user_login, $user_data['user_pass'])) {
openid_message(__('User was created fine, but nxt_login() for the new user failed. This is probably a bug.', 'openid'));
openid_status('error');
openid_error(openid_message());
return;
}
// notify of user creation
nxt_new_user_notification($user->user_login);
nxt_clearcookie();
nxt_setcookie($user->user_login, md5($user->user_pass), true, '', '', true);
// Bind the provided identity to the just-created user
openid_add_user_identity($user_id, $identity_url);
openid_status('redirect');
if (!$user->has_cap('edit_posts')) {
$redirect_to = '/nxt-admin/profile.php';
}
} else {
// failed to create user for some reason.
openid_message(__('OpenID authentication successful, but failed to create NXTClass user. This is probably a bug.', 'openid'));
openid_status('error');
openid_error(openid_message());
}
}
/**
* A simpler way of inserting an user into the database.
*
* Creates a new user with just the username, password, and email. For more
* complex user creation use nxt_insert_user() to specify more information.
*
* @since 2.0.0
* @see nxt_insert_user() More complete way to create a new user
*
* @param string $username The user's username.
* @param string $password The user's password.
* @param string $email The user's email (optional).
* @return int The new user's ID.
*/
function nxt_create_user($username, $password, $email = '')
{
$user_login = esc_sql($username);
$user_email = esc_sql($email);
$user_pass = $password;
$userdata = compact('user_login', 'user_email', 'user_pass');
return nxt_insert_user($userdata);
}
function bp_core_signup_user($user_login, $user_password, $user_email, $usermeta)
{
global $bp, $nxtdb;
// Multisite installs have their own install procedure
if (is_multisite()) {
nxtmu_signup_user($user_login, $user_email, $usermeta);
// On multisite, the user id is not created until the user activates the account
// but we need to cast $user_id to pass to the filters
$user_id = false;
} else {
$errors = new nxt_Error();
$user_id = nxt_insert_user(array('user_login' => $user_login, 'user_pass' => $user_password, 'display_name' => sanitize_title($user_login), 'user_email' => $user_email));
if (is_nxt_error($user_id) || empty($user_id)) {
$errors->add('registerfail', sprintf(__('<strong>ERROR</strong>: Couldn’t register you... please contact the <a href="mailto:%s">webmaster</a> !', 'buddypress'), get_option('admin_email')));
return $errors;
}
// Update the user status to '2' which we will use as 'not activated' (0 = active, 1 = spam, 2 = not active)
$nxtdb->query($nxtdb->prepare("UPDATE {$nxtdb->users} SET user_status = 2 WHERE ID = %d", $user_id));
// Set any profile data
if (bp_is_active('xprofile')) {
if (!empty($usermeta['profile_field_ids'])) {
$profile_field_ids = explode(',', $usermeta['profile_field_ids']);
foreach ((array) $profile_field_ids as $field_id) {
if (empty($usermeta["field_{$field_id}"])) {
continue;
}
$current_field = $usermeta["field_{$field_id}"];
xprofile_set_field_data($field_id, $user_id, $current_field);
}
}
}
}
$bp->signup->username = $user_login;
/***
* Now generate an activation key and send an email to the user so they can activate their account
* and validate their email address. Multisite installs send their own email, so this is only for single blog installs.
*
* To disable sending activation emails you can user the filter 'bp_core_signup_send_activation_key' and return false.
*/
if (apply_filters('bp_core_signup_send_activation_key', true)) {
if (!is_multisite()) {
$activation_key = nxt_hash($user_id);
update_user_meta($user_id, 'activation_key', $activation_key);
bp_core_signup_send_validation_email($user_id, $user_email, $activation_key);
}
}
do_action('bp_core_signup_user', $user_id, $user_login, $user_password, $user_email, $usermeta);
return $user_id;
}
/**
* Map old author logins to local user IDs based on decisions made
* in import options form. Can map to an existing user, create a new user
* or falls back to the current user in case of error with either of the previous
*/
function get_author_mapping()
{
if (!isset($_POST['imported_authors'])) {
return;
}
$create_users = $this->allow_create_users();
foreach ((array) $_POST['imported_authors'] as $i => $old_login) {
// Multsite adds strtolower to sanitize_user. Need to sanitize here to stop breakage in process_posts.
$santized_old_login = sanitize_user($old_login, true);
$old_id = isset($this->authors[$old_login]['author_id']) ? intval($this->authors[$old_login]['author_id']) : false;
if (!empty($_POST['user_map'][$i])) {
$user = get_userdata(intval($_POST['user_map'][$i]));
if (isset($user->ID)) {
if ($old_id) {
$this->processed_authors[$old_id] = $user->ID;
}
$this->author_mapping[$santized_old_login] = $user->ID;
}
} else {
if ($create_users) {
if (!empty($_POST['user_new'][$i])) {
$user_id = nxt_create_user($_POST['user_new'][$i], nxt_generate_password());
} else {
if ($this->version != '1.0') {
$user_data = array('user_login' => $old_login, 'user_pass' => nxt_generate_password(), 'user_email' => isset($this->authors[$old_login]['author_email']) ? $this->authors[$old_login]['author_email'] : '', 'display_name' => $this->authors[$old_login]['author_display_name'], 'first_name' => isset($this->authors[$old_login]['author_first_name']) ? $this->authors[$old_login]['author_first_name'] : '', 'last_name' => isset($this->authors[$old_login]['author_last_name']) ? $this->authors[$old_login]['author_last_name'] : '');
$user_id = nxt_insert_user($user_data);
}
}
if (!is_nxt_error($user_id)) {
if ($old_id) {
$this->processed_authors[$old_id] = $user_id;
}
$this->author_mapping[$santized_old_login] = $user_id;
} else {
printf(__('Failed to create new user for %s. Their posts will be attributed to the current user.', 'nxtclass-importer'), esc_html($this->authors[$old_login]['author_display_name']));
if (defined('IMPORT_DEBUG') && IMPORT_DEBUG) {
echo ' ' . $user_id->get_error_message();
}
echo '<br />';
}
}
}
// failsafe: if the user_id was invalid, default to the current user
if (!isset($this->author_mapping[$santized_old_login])) {
if ($old_id) {
$this->processed_authors[$old_id] = (int) get_current_user_id();
}
$this->author_mapping[$santized_old_login] = (int) get_current_user_id();
}
}
}
