/**
* AJAX handler for adding a user to a post with a given type
*
* @param string $type Type of user to add to the post (co_author, reviewer)
* @return array Array of data pertaining to user added and JSON data.
*/
function annowf_add_user($type)
{
check_ajax_referer('anno_manage_' . $type, '_ajax_nonce-manage-' . $type);
$message = 'error';
$html = '';
if (isset($_POST['post_id']) && isset($_POST['user'])) {
$user_login = trim($_POST['user']);
$user = get_user_by('login', $user_login);
// Check if the user already exists if we're adding via email
if (empty($user) && anno_is_valid_email($user_login)) {
$users = get_users(array('search' => $user_login));
if (!empty($users) && is_array($users)) {
$user = $users[0];
}
}
if (!empty($user)) {
$post = get_post($_POST['post_id']);
$co_authors = anno_get_authors(absint($_POST['post_id']));
$reviewers = anno_get_reviewers(absint($_POST['post_id']));
if ($type == 'reviewer') {
$type_string = _x('reviewer', 'noun describing user', 'anno');
} else {
$type_string = _x('co-author', 'noun describing user', 'anno');
}
if ($post->post_author == $user->ID) {
$html = sprintf(_x('Cannot add author as a %s', 'Adding user error message for article meta box', 'anno'), $type_string);
} else {
if (in_array($user->ID, $co_authors)) {
$html = sprintf(_x('Cannot add %s as %s. User is already a co-author', 'Adding user error message for article meta box', 'anno'), $user->user_login, $type_string);
} else {
if (in_array($user->ID, $reviewers)) {
$html = sprintf(_x('Cannot add %s as %s. User is already a reviewer', 'Adding user error message for article meta box', 'anno'), $user->user_login, $type_string);
} else {
if (anno_add_user_to_post($type, $user->ID, absint($_POST['post_id']))) {
$message = 'success';
ob_start();
annowf_user_li_markup($user, $type);
$html = ob_get_contents();
ob_end_clean();
}
}
}
}
} else {
$html = sprintf(_x('User \'%s\' not found', 'Adding user error message for article meta box', 'anno'), $user_login);
}
}
return array('message' => $message, 'html' => $html, 'user' => $user);
}
/**
* Ajax response to adding a user to the snapshot
*/
function anno_snapshot_add_user()
{
$response = array('result' => '', 'html' => '');
$user_login = trim($_POST['user']);
$user = get_user_by('login', $user_login);
// Check if the user already exists if we're adding via email
if (empty($user) && anno_is_valid_email($user_login)) {
$users = get_users(array('search' => $user_login));
if (!empty($users) && is_array($users)) {
$user = $users[0];
}
}
if (!empty($user)) {
$user_data = anno_snapshot_user_data($user->ID);
$response['html'] = anno_snapshot_user_markup($user_data, anno_snapshot_allowed_keys());
$response['result'] = 'success';
$response['status'] = __('User Added', 'anno');
} else {
$response['status'] = sprintf(_x('User \'%s\' not found', 'Adding user error message for snapshot meta box', 'anno'), $user_login);
$response['result'] = 'error';
}
echo json_encode($response);
die;
}
/**
* AJAX handler that looks up an article based on PMID and parses the data for a reference.
* Echos a JSON encoded array
*
* @return void
*/
function anno_reference_import_doi()
{
check_ajax_referer('anno_import_doi', '_ajax_nonce-import-doi');
if (!isset($_POST['doi'])) {
anno_reference_error_response();
} else {
$doi = $_POST['doi'];
}
$lookup_response = array('message' => 'error', 'text' => _x('An error has occurred, please try again later', 'pmid lookup error message', 'anno'));
// DOIs cannot contain any control characters. As defined here: http://www.doi.org/handbook_2000/appendix_1.html
$doi = trim($doi);
if (preg_match('/[\\x00-\\x1F\\x7F]/', $doi)) {
anno_reference_error_response(_x('Invalid DOI', 'pmid lookup error message', 'anno'));
}
// Generate the URL for lookup
$crossref_login = cfct_get_option('crossref_login');
$crossref_pass = cfct_get_option('crossref_pass');
// Empty login, or empty password and login is not an email.
if (empty($crossref_login) || empty($crossref_pass) && !anno_is_valid_email($crossref_login)) {
anno_reference_error_response(_x('Invalid CrossRef Login', 'pmid lookup error message', 'anno'));
} else {
if (empty($croossref_pass)) {
$url = 'http://www.crossref.org/openurl/?pid=' . $crossref_login . '&id=doi:' . $doi . '&noredirect=true';
} else {
$url = 'http://www.crossref.org/openurl/?pid=' . $crossref_login . ':' . $crossref_pass . '&id=doi:' . $doi . '&noredirect=true';
}
}
// Use wp.com functions if available for lookup.
if (function_exists('vip_safe_wp_remote_get')) {
$response = vip_safe_wp_remote_get($url);
} else {
$response = wp_remote_get($url);
}
if (is_wp_error($response) || isset($response['response']['code']) && $response['response']['code'] != 200 || !isset($response['body'])) {
anno_reference_error_response();
} else {
include_once CFCT_PATH . 'functions/phpquery/phpquery.php';
phpQuery::newDocumentXML($response['body']);
phpQuery::getDocument();
$html = pq('html');
// If we find an HTML tag, echo error.
if ($html->length > 0) {
// We should only hit an HTML page for malformed URLs or invalid logins
// @TODO error for invalid login.
anno_reference_error_response(_x('Invalid DOI', 'pmid lookup error message', 'anno'));
}
$query_status = pq('query')->attr('status');
// Error if unresolved
if ($query_status == 'unresolved') {
$lookup_response = anno_reference_error_response(pq('msg')->text());
} else {
if ($query_status == 'resolved') {
$text = '';
// There should only be a single 'first' author.
$prime_author = pq('contributor[sequence="first"][contributor_role="author"]');
$author_text = anno_reference_doi_process_author($prime_author);
if (!empty($author_text)) {
$author_arr[] = $author_text;
}
$additional_authors = pq('contributor[sequence="additional"][contributor_role="author"]');
foreach ($additional_authors as $additional_author) {
$additional_author = pq($additional_author);
$author_text = anno_reference_doi_process_author($additional_author);
if (!empty($author_text)) {
$author_arr[] = $author_text;
}
}
$text .= implode(', ', $author_arr) . '. ';
// Title
$title = pq('article_title')->text();
if (!empty($title)) {
// Titles do not have periods
$text .= $title . '. ';
}
// Source
$source = pq('journal_title')->text();
if (!empty($source)) {
$text .= $source . '. ';
}
// Date, Volume, Issue, Page
$date_meta = '';
$date = pq('year')->text();
$volume = pq('volume')->text();
$issue = pq('issue')->text();
$first_page = pq('first_page')->text();
$last_page = pq('last_page')->text();
if (!empty($date)) {
$date_meta .= $date;
}
if (!empty($volume) || !empty($issue) || !empty($page)) {
$date_meta .= ';';
if (!empty($volume)) {
$date_meta .= $volume;
}
if (!empty($issue)) {
$date_meta .= '(' . $issue . ')';
}
if (!empty($first_page)) {
$date_meta .= ':' . $first_page;
}
if (!empty($last_page)) {
$date_meta .= '-' . $last_page;
}
}
if (!empty($date_meta)) {
$text .= $date_meta . '. ';
}
$text .= _x('DOI:', 'Reference text for doi lookup', 'anno') . $doi . '.';
$lookup_response = array('message' => 'success', 'text' => esc_textarea($text));
} else {
anno_reference_error_response();
}
}
}
echo json_encode($lookup_response);
die;
}
/**
* Creates a new user, and sends that user an email. Returns a WP Error if the user was unable to be created.
*
* @param string $username Username to create
* @param string $email Email of user to create
* @return int|WP_Error ID of new user, or, WP_Error
*/
function anno_invite_contributor($user_login, $user_email, $extra = array())
{
// Wish to be able to invite other contributors, so no create_user check
$current_user = wp_get_current_user();
// wp_insert_user handles all other errors
if (!anno_is_valid_email($user_email)) {
return new WP_Error('invalid_email', _x('Invalid email address', 'error for creating new user', 'anno'));
}
// We don't want wp_insert_user to just sanitize the username stripping characters, the user should be alerted if the user input is wrong
if (!anno_is_valid_username($user_login)) {
return new WP_Error('invalid_username', _x('Invalid username', 'error for creating new user', 'anno'));
}
// Create User
$user_pass = wp_generate_password();
$user_login = esc_sql($user_login);
$user_email = esc_sql($user_email);
$role = 'contributor';
$userdata = compact('user_login', 'user_pass', 'user_email', 'role');
array_merge($extra, $userdata);
$user_id = wp_insert_user($userdata);
$blogname = get_bloginfo('name');
// Send notifiction with PW, Username.
if (!is_wp_error($user_id)) {
$subject = sprintf(_x('You have been invited to join %s', 'email subject %s represents blogname', 'anno'), $blogname);
$message = sprintf(_x('%s has created a user with your email address for %s.
Please use the following credentials to login and change your password:
Username: %s
Password: %s
%s', 'User creation email body. %s mapping: User who created this new user, blogname, username, password, profile url.', 'anno'), $current_user->display_name, $blogname, $user_login, $user_pass, esc_url(admin_url('profile.php')));
wp_mail($user_email, $subject, $message);
}
return $user_id;
}
/**
* Map old author logins to local user IDs based on decisions made
* in import options form. Can map to an existing user, create a new user
* or falls back to the current user in case of error with either of the previous
*/
function get_author_mapping()
{
if (!isset($_POST['imported_authors'])) {
return;
}
$create_users = $this->allow_create_users();
$this->author_errors = array();
$this->new_user_credentials = array();
foreach ((array) $_POST['imported_authors'] as $i => $old_id) {
// Used to determine whether or not we're creating a new user on import.
$create_new_user = false;
$user_id = 0;
$old_id = trim($old_id);
if (!empty($_POST['user_map'][$i])) {
$user = get_userdata(intval($_POST['user_map'][$i]));
if (isset($user->ID)) {
if ($old_id) {
$this->processed_authors[$old_id] = $user->ID;
}
$this->author_mapping[$old_id] = $user->ID;
$user_id = $user->ID;
}
} else {
if (!empty($_POST['lookup_email'][$i]) || !empty($_POST['lookup_username'][$i])) {
// Validate email
// Search via email
if (!empty($_POST['lookup_email'][$i]) && !empty($_POST['lookup_username'][$i])) {
$this->author_errors[$i][] = _x('Please enter an Email <strong>OR</strong> a Username to search for.', 'importer error message', 'anno');
} else {
if (!empty($_POST['lookup_email'][$i])) {
$lookup_email = $_POST['lookup_email'][$i];
if (!anno_is_valid_email($lookup_email)) {
$this->author_errors[$i][] = _x('Please enter a valid email to search for.', 'importer error message', 'anno');
} else {
$users = get_users(array('search' => $lookup_email));
if (empty($users)) {
$this->author_errors[$i][] = sprintf(_x('Could not find user with email: %s', 'importer error message, %s: email address', 'anno'), $lookup_email);
} else {
if (is_array($users)) {
$user_id = $users[0]->ID;
}
}
}
} else {
if (!empty($_POST['lookup_username'][$i])) {
$lookup_username = $_POST['lookup_username'][$i];
if (!anno_is_valid_username($lookup_username)) {
$this->author_errors[$i][] = _x('Please enter a valid username to search for.', 'importer error message', 'anno');
} else {
//@TODO only search user_login column
$users = get_users(array('search' => $lookup_username));
if (empty($users)) {
$this->author_errors[$i][] = sprintf(_x('Could not find user with username: %s', 'importer error message, %s: username', 'anno'), $lookup_username);
} else {
if (is_array($users)) {
$user_id = $users[0]->ID;
}
}
}
}
}
}
} else {
if ($create_users && (empty($_POST['lookup_email'][$i]) && empty($_POST['lookup_username'][$i])) && !empty($_POST['user_new'][$i]['user_email'])) {
if (!empty($_POST['user_new'][$i]['user_email'])) {
// Username is email.
$user_new_email = $user_new_login = $_POST['user_new'][$i]['user_email'];
} else {
$this->author_errors[$i][] = _x('Email cannot be empty when creating a new user.', 'importer error message', 'anno');
$user_new_email = null;
}
// email_exists($user_email) username_exists( $user_login )
if (email_exists($user_new_email) || username_exists($user_new_login)) {
$this->author_errors[$i][] = _x('This email address is already registered.', 'importer error message', 'anno');
}
if (!$this->have_author_errors($i)) {
if (!anno_is_valid_email($user_new_email) || !anno_is_valid_username($user_new_login)) {
$this->author_errors[$i][] = _x('Please enter a valid email when creating a new user.', 'importer error message', 'anno');
}
if (!$this->have_author_errors($i)) {
$this->new_user_credentials[$i]['old_id'] = $old_id;
$this->new_user_credentials[$i]['user_login'] = $user_new_login;
$this->new_user_credentials[$i]['user_email'] = $user_new_email;
$create_new_user = true;
}
}
}
}
}
// user_id is empty, so no lookup was attempted, and we're not creating a new user
if (empty($user_id) && !$create_new_user) {
// Map to current user.
$user_id = get_current_user_id();
}
// Map users, $user_id is only set when we've found a user to map to.
if (!$create_new_user && !empty($user_id)) {
if ($old_id) {
$this->processed_authors[$old_id] = $user_id;
}
$this->author_mapping[$old_id] = $user_id;
}
}
}