Ejemplo n.º 1
0
/**
 * AJAX handler for adding a user to a post with a given type
 *
 * @param string $type Type of user to add to the post (co_author, reviewer)
 * @return array Array of data pertaining to user added and JSON data.
 */
function annowf_add_user($type)
{
    check_ajax_referer('anno_manage_' . $type, '_ajax_nonce-manage-' . $type);
    $message = 'error';
    $html = '';
    if (isset($_POST['post_id']) && isset($_POST['user'])) {
        $user_login = trim($_POST['user']);
        $user = get_user_by('login', $user_login);
        // Check if the user already exists if we're adding via email
        if (empty($user) && anno_is_valid_email($user_login)) {
            $users = get_users(array('search' => $user_login));
            if (!empty($users) && is_array($users)) {
                $user = $users[0];
            }
        }
        if (!empty($user)) {
            $post = get_post($_POST['post_id']);
            $co_authors = anno_get_authors(absint($_POST['post_id']));
            $reviewers = anno_get_reviewers(absint($_POST['post_id']));
            if ($type == 'reviewer') {
                $type_string = _x('reviewer', 'noun describing user', 'anno');
            } else {
                $type_string = _x('co-author', 'noun describing user', 'anno');
            }
            if ($post->post_author == $user->ID) {
                $html = sprintf(_x('Cannot add author as a %s', 'Adding user error message for article meta box', 'anno'), $type_string);
            } else {
                if (in_array($user->ID, $co_authors)) {
                    $html = sprintf(_x('Cannot add %s as %s. User is already a co-author', 'Adding user error message for article meta box', 'anno'), $user->user_login, $type_string);
                } else {
                    if (in_array($user->ID, $reviewers)) {
                        $html = sprintf(_x('Cannot add %s as %s. User is already a reviewer', 'Adding user error message for article meta box', 'anno'), $user->user_login, $type_string);
                    } else {
                        if (anno_add_user_to_post($type, $user->ID, absint($_POST['post_id']))) {
                            $message = 'success';
                            ob_start();
                            annowf_user_li_markup($user, $type);
                            $html = ob_get_contents();
                            ob_end_clean();
                        }
                    }
                }
            }
        } else {
            $html = sprintf(_x('User \'%s\' not found', 'Adding user error message for article meta box', 'anno'), $user_login);
        }
    }
    return array('message' => $message, 'html' => $html, 'user' => $user);
}
Ejemplo n.º 2
0
/**
 * Ajax response to adding a user to the snapshot
 */
function anno_snapshot_add_user()
{
    $response = array('result' => '', 'html' => '');
    $user_login = trim($_POST['user']);
    $user = get_user_by('login', $user_login);
    // Check if the user already exists if we're adding via email
    if (empty($user) && anno_is_valid_email($user_login)) {
        $users = get_users(array('search' => $user_login));
        if (!empty($users) && is_array($users)) {
            $user = $users[0];
        }
    }
    if (!empty($user)) {
        $user_data = anno_snapshot_user_data($user->ID);
        $response['html'] = anno_snapshot_user_markup($user_data, anno_snapshot_allowed_keys());
        $response['result'] = 'success';
        $response['status'] = __('User Added', 'anno');
    } else {
        $response['status'] = sprintf(_x('User \'%s\' not found', 'Adding user error message for snapshot meta box', 'anno'), $user_login);
        $response['result'] = 'error';
    }
    echo json_encode($response);
    die;
}
/**
 * AJAX handler that looks up an article based on PMID and parses the data for a reference.
 * Echos a JSON encoded array
 * 
 * @return void
 */
function anno_reference_import_doi()
{
    check_ajax_referer('anno_import_doi', '_ajax_nonce-import-doi');
    if (!isset($_POST['doi'])) {
        anno_reference_error_response();
    } else {
        $doi = $_POST['doi'];
    }
    $lookup_response = array('message' => 'error', 'text' => _x('An error has occurred, please try again later', 'pmid lookup error message', 'anno'));
    // DOIs cannot contain any control characters. As defined here: http://www.doi.org/handbook_2000/appendix_1.html
    $doi = trim($doi);
    if (preg_match('/[\\x00-\\x1F\\x7F]/', $doi)) {
        anno_reference_error_response(_x('Invalid DOI', 'pmid lookup error message', 'anno'));
    }
    // Generate the URL for lookup
    $crossref_login = cfct_get_option('crossref_login');
    $crossref_pass = cfct_get_option('crossref_pass');
    // Empty login, or empty password and login is not an email.
    if (empty($crossref_login) || empty($crossref_pass) && !anno_is_valid_email($crossref_login)) {
        anno_reference_error_response(_x('Invalid CrossRef Login', 'pmid lookup error message', 'anno'));
    } else {
        if (empty($croossref_pass)) {
            $url = 'http://www.crossref.org/openurl/?pid=' . $crossref_login . '&id=doi:' . $doi . '&noredirect=true';
        } else {
            $url = 'http://www.crossref.org/openurl/?pid=' . $crossref_login . ':' . $crossref_pass . '&id=doi:' . $doi . '&noredirect=true';
        }
    }
    // Use wp.com functions if available for lookup.
    if (function_exists('vip_safe_wp_remote_get')) {
        $response = vip_safe_wp_remote_get($url);
    } else {
        $response = wp_remote_get($url);
    }
    if (is_wp_error($response) || isset($response['response']['code']) && $response['response']['code'] != 200 || !isset($response['body'])) {
        anno_reference_error_response();
    } else {
        include_once CFCT_PATH . 'functions/phpquery/phpquery.php';
        phpQuery::newDocumentXML($response['body']);
        phpQuery::getDocument();
        $html = pq('html');
        // If we find an HTML tag, echo error.
        if ($html->length > 0) {
            // We should only hit an HTML page for malformed URLs or invalid logins
            // @TODO error for invalid login.
            anno_reference_error_response(_x('Invalid DOI', 'pmid lookup error message', 'anno'));
        }
        $query_status = pq('query')->attr('status');
        // Error if unresolved
        if ($query_status == 'unresolved') {
            $lookup_response = anno_reference_error_response(pq('msg')->text());
        } else {
            if ($query_status == 'resolved') {
                $text = '';
                // There should only be a single 'first' author.
                $prime_author = pq('contributor[sequence="first"][contributor_role="author"]');
                $author_text = anno_reference_doi_process_author($prime_author);
                if (!empty($author_text)) {
                    $author_arr[] = $author_text;
                }
                $additional_authors = pq('contributor[sequence="additional"][contributor_role="author"]');
                foreach ($additional_authors as $additional_author) {
                    $additional_author = pq($additional_author);
                    $author_text = anno_reference_doi_process_author($additional_author);
                    if (!empty($author_text)) {
                        $author_arr[] = $author_text;
                    }
                }
                $text .= implode(', ', $author_arr) . '. ';
                // Title
                $title = pq('article_title')->text();
                if (!empty($title)) {
                    // Titles do not have periods
                    $text .= $title . '. ';
                }
                // Source
                $source = pq('journal_title')->text();
                if (!empty($source)) {
                    $text .= $source . '. ';
                }
                // Date, Volume, Issue, Page
                $date_meta = '';
                $date = pq('year')->text();
                $volume = pq('volume')->text();
                $issue = pq('issue')->text();
                $first_page = pq('first_page')->text();
                $last_page = pq('last_page')->text();
                if (!empty($date)) {
                    $date_meta .= $date;
                }
                if (!empty($volume) || !empty($issue) || !empty($page)) {
                    $date_meta .= ';';
                    if (!empty($volume)) {
                        $date_meta .= $volume;
                    }
                    if (!empty($issue)) {
                        $date_meta .= '(' . $issue . ')';
                    }
                    if (!empty($first_page)) {
                        $date_meta .= ':' . $first_page;
                    }
                    if (!empty($last_page)) {
                        $date_meta .= '-' . $last_page;
                    }
                }
                if (!empty($date_meta)) {
                    $text .= $date_meta . '. ';
                }
                $text .= _x('DOI:', 'Reference text for doi lookup', 'anno') . $doi . '.';
                $lookup_response = array('message' => 'success', 'text' => esc_textarea($text));
            } else {
                anno_reference_error_response();
            }
        }
    }
    echo json_encode($lookup_response);
    die;
}
Ejemplo n.º 4
0
/**
 * Creates a new user, and sends that user an email. Returns a WP Error if the user was unable to be created.
 *
 * @param string $username Username to create
 * @param string $email Email of user to create
 * @return int|WP_Error ID of new user, or, WP_Error
 */
function anno_invite_contributor($user_login, $user_email, $extra = array())
{
    // Wish to be able to invite other contributors, so no create_user check
    $current_user = wp_get_current_user();
    // wp_insert_user handles all other errors
    if (!anno_is_valid_email($user_email)) {
        return new WP_Error('invalid_email', _x('Invalid email address', 'error for creating new user', 'anno'));
    }
    // We don't want wp_insert_user to just sanitize the username stripping characters, the user should be alerted if the user input is wrong
    if (!anno_is_valid_username($user_login)) {
        return new WP_Error('invalid_username', _x('Invalid username', 'error for creating new user', 'anno'));
    }
    // Create User
    $user_pass = wp_generate_password();
    $user_login = esc_sql($user_login);
    $user_email = esc_sql($user_email);
    $role = 'contributor';
    $userdata = compact('user_login', 'user_pass', 'user_email', 'role');
    array_merge($extra, $userdata);
    $user_id = wp_insert_user($userdata);
    $blogname = get_bloginfo('name');
    // Send notifiction with PW, Username.
    if (!is_wp_error($user_id)) {
        $subject = sprintf(_x('You have been invited to join %s', 'email subject %s represents blogname', 'anno'), $blogname);
        $message = sprintf(_x('%s has created a user with your email address for %s.
Please use the following credentials to login and change your password:

Username: %s
Password: %s
%s', 'User creation email body. %s mapping: User who created this new user, blogname, username, password, profile url.', 'anno'), $current_user->display_name, $blogname, $user_login, $user_pass, esc_url(admin_url('profile.php')));
        wp_mail($user_email, $subject, $message);
    }
    return $user_id;
}
 /**
  * Map old author logins to local user IDs based on decisions made
  * in import options form. Can map to an existing user, create a new user
  * or falls back to the current user in case of error with either of the previous
  */
 function get_author_mapping()
 {
     if (!isset($_POST['imported_authors'])) {
         return;
     }
     $create_users = $this->allow_create_users();
     $this->author_errors = array();
     $this->new_user_credentials = array();
     foreach ((array) $_POST['imported_authors'] as $i => $old_id) {
         // Used to determine whether or not we're creating a new user on import.
         $create_new_user = false;
         $user_id = 0;
         $old_id = trim($old_id);
         if (!empty($_POST['user_map'][$i])) {
             $user = get_userdata(intval($_POST['user_map'][$i]));
             if (isset($user->ID)) {
                 if ($old_id) {
                     $this->processed_authors[$old_id] = $user->ID;
                 }
                 $this->author_mapping[$old_id] = $user->ID;
                 $user_id = $user->ID;
             }
         } else {
             if (!empty($_POST['lookup_email'][$i]) || !empty($_POST['lookup_username'][$i])) {
                 // Validate email
                 // Search via email
                 if (!empty($_POST['lookup_email'][$i]) && !empty($_POST['lookup_username'][$i])) {
                     $this->author_errors[$i][] = _x('Please enter an Email <strong>OR</strong> a Username to search for.', 'importer error message', 'anno');
                 } else {
                     if (!empty($_POST['lookup_email'][$i])) {
                         $lookup_email = $_POST['lookup_email'][$i];
                         if (!anno_is_valid_email($lookup_email)) {
                             $this->author_errors[$i][] = _x('Please enter a valid email to search for.', 'importer error message', 'anno');
                         } else {
                             $users = get_users(array('search' => $lookup_email));
                             if (empty($users)) {
                                 $this->author_errors[$i][] = sprintf(_x('Could not find user with email: %s', 'importer error message, %s: email address', 'anno'), $lookup_email);
                             } else {
                                 if (is_array($users)) {
                                     $user_id = $users[0]->ID;
                                 }
                             }
                         }
                     } else {
                         if (!empty($_POST['lookup_username'][$i])) {
                             $lookup_username = $_POST['lookup_username'][$i];
                             if (!anno_is_valid_username($lookup_username)) {
                                 $this->author_errors[$i][] = _x('Please enter a valid username to search for.', 'importer error message', 'anno');
                             } else {
                                 //@TODO only search user_login column
                                 $users = get_users(array('search' => $lookup_username));
                                 if (empty($users)) {
                                     $this->author_errors[$i][] = sprintf(_x('Could not find user with username: %s', 'importer error message, %s: username', 'anno'), $lookup_username);
                                 } else {
                                     if (is_array($users)) {
                                         $user_id = $users[0]->ID;
                                     }
                                 }
                             }
                         }
                     }
                 }
             } else {
                 if ($create_users && (empty($_POST['lookup_email'][$i]) && empty($_POST['lookup_username'][$i])) && !empty($_POST['user_new'][$i]['user_email'])) {
                     if (!empty($_POST['user_new'][$i]['user_email'])) {
                         // Username is email.
                         $user_new_email = $user_new_login = $_POST['user_new'][$i]['user_email'];
                     } else {
                         $this->author_errors[$i][] = _x('Email cannot be empty when creating a new user.', 'importer error message', 'anno');
                         $user_new_email = null;
                     }
                     // email_exists($user_email) username_exists( $user_login )
                     if (email_exists($user_new_email) || username_exists($user_new_login)) {
                         $this->author_errors[$i][] = _x('This email address is already registered.', 'importer error message', 'anno');
                     }
                     if (!$this->have_author_errors($i)) {
                         if (!anno_is_valid_email($user_new_email) || !anno_is_valid_username($user_new_login)) {
                             $this->author_errors[$i][] = _x('Please enter a valid email when creating a new user.', 'importer error message', 'anno');
                         }
                         if (!$this->have_author_errors($i)) {
                             $this->new_user_credentials[$i]['old_id'] = $old_id;
                             $this->new_user_credentials[$i]['user_login'] = $user_new_login;
                             $this->new_user_credentials[$i]['user_email'] = $user_new_email;
                             $create_new_user = true;
                         }
                     }
                 }
             }
         }
         // user_id is empty, so no lookup was attempted, and we're not creating a new user
         if (empty($user_id) && !$create_new_user) {
             // Map to current user.
             $user_id = get_current_user_id();
         }
         // Map users, $user_id is only set when we've found a user to map to.
         if (!$create_new_user && !empty($user_id)) {
             if ($old_id) {
                 $this->processed_authors[$old_id] = $user_id;
             }
             $this->author_mapping[$old_id] = $user_id;
         }
     }
 }