function is_admin_bar_showing() { global $show_admin_bar, $pagenow; // For all these types of requests, we never want an admin bar. if (defined('XMLRPC_REQUEST') || defined('DOING_AJAX') || defined('IFRAME_REQUEST')) { return false; } if (is_embed()) { return false; } // Integrated into the admin. if (is_admin()) { return true; } if (!isset($show_admin_bar)) { if (!is_user_logged_in() || 'wp-login.php' == $pagenow) { $show_admin_bar = false; } else { $show_admin_bar = _get_admin_bar_pref(); } } $show_admin_bar = apply_filters('show_admin_bar', $show_admin_bar); return $show_admin_bar; }
</tr> <?php } ?> <tr class="show-admin-bar user-admin-bar-front-wrap"> <th scope="row"><?php _e('Toolbar'); ?> </th> <td><fieldset><legend class="screen-reader-text"><span><?php _e('Toolbar'); ?> </span></legend> <label for="admin_bar_front"> <input name="admin_bar_front" type="checkbox" id="admin_bar_front" value="1"<?php checked(_get_admin_bar_pref('front', $profileuser->ID)); ?> /> <?php _e('Show Toolbar when viewing site'); ?> </label><br /> </fieldset> </td> </tr> <?php /** * Fires at the end of the 'Personal Options' settings table on the user editing screen. * * @since 2.7.0 *
/** * Detects the user's toolbar preference. * * @access public * @since 1.0.0 */ public function get_admin_bar_pref() { $this->user_wants_admin_bar = _get_admin_bar_pref(); }
" /> <input type="hidden" name="admin_color" value="<?php echo esc_attr($current_user->admin_color); ?> " /> <input type="hidden" name="rich_editing" value="<?php echo esc_attr($current_user->rich_editing); ?> " /> <input type="hidden" name="comment_shortcuts" value="<?php echo esc_attr($current_user->comment_shortcuts); ?> " /> <?php if (_get_admin_bar_pref('front', $user_ID)) { ?> <input type="hidden" name="admin_bar_front" value="true" /> <?php } ?> <input type="submit" id="cpsubmit" class="btn_orange" value="<?php _e('Update Profile »', APP_TD); ?> " name="submit" /> </p> </form> </div><!-- /shadowblock -->
/** * Determine whether the admin bar should be showing. * * @since 3.1.0 * * @return bool Whether the admin bar should be showing. */ function is_admin_bar_showing() { global $show_admin_bar, $pagenow; // For all these types of requests, we never want an admin bar. if (defined('XMLRPC_REQUEST') || defined('DOING_AJAX') || defined('IFRAME_REQUEST')) { return false; } // Integrated into the admin. if (is_admin()) { return true; } if (!isset($show_admin_bar)) { if (!is_user_logged_in() || 'wp-login.php' == $pagenow) { $show_admin_bar = false; } else { $show_admin_bar = _get_admin_bar_pref(); } } /** * Filter whether to show the admin bar. * * Returning false to this hook is the recommended way to hide the admin bar. * The user's display preference is used for logged in users. * * @since 3.1.0 * * @param bool $show_admin_bar Whether the admin bar should be shown. Default false. */ $show_admin_bar = apply_filters('show_admin_bar', $show_admin_bar); return $show_admin_bar; }
/** * Sidebar metabox for administrative user actions * * * @todo Fix delete link to be handled internally and not depend on built-in user management * @since 0.01 * */ function special_actions($object) { global $current_user, $wpdb, $wp_filter, $user_id; $current_user_id = $current_user->ID; $user_id = $object['ID']['default'][0]; $profileuser = get_user_to_edit($user_id); if ($user_id == $current_user_id) { $own_profile = true; } ?> <div id="minor-publishing"> <ul class="wp_crm_advanced_user_actions_wrapper"> <li class="wp_crm_advanced_user_actions"> <div class="wp_crm_toggle_advanced_user_actions wp_crm_link"><?php _e('Toggle Settings'); ?> </div> <div class="wp_crm_advanced_user_actions wp-tab-panel"> <?php if (current_user_can('edit_users')) { ?> <?php if (current_user_can('WP-CRM: Change Passwords')) { ?> <?php _e('Set Password:'******'wp_crm'); ?> <ul class="wp_crm_edit_password"> <li> <input type="password" autocomplete="off" value="" size="16" class="wp_crm_user_password" id="wp_crm_password_1" name="wp_crm[user_data][user_pass][<?php echo rand(1000, 9999); ?> ][value]" /> <span class="description"><?php _e('Type in new password twice to change.'); ?> </span> </li> <li> <input type="password" autocomplete="off" value="" size="16" class="wp_crm_user_password" id="wp_crm_password_2" /> <span class="description"><?php _e('Type your new password again.'); ?> </span> </li> </ul> <?php } ?> <ul> <?php if (current_user_can('edit_roles')) { ?> <li class="wp_crm_edit_roles"> <label for="wp_crm_role"><?php _e('Capability Role:', 'wp_crm'); ?> </label> <select id="wp_crm_role" <?php echo $own_profile ? ' disabled="true" ' : ''; ?> name="wp_crm[user_data][role][<?php echo rand(1000, 9999); ?> ][value]"> <option value=""></option> <?php wp_dropdown_roles($object['role']['default'][0]); ?> </select> </li> <?php } ?> <li class="wp_crm_capability_bar"> <input name="show_admin_bar_front" type="hidden" value="false" /> <input name="show_admin_bar_front" type="checkbox" id="show_admin_bar_front" value="true" <?php checked(_get_admin_bar_pref('front', $profileuser->ID)); ?> /> <label for="show_admin_bar_front"><?php _e('Show Admin Bar when viewing site.'); ?> </label> </li> </ul> <?php } ?> <?php if (current_user_can('WP-CRM: Change Color Scheme')) { _e('Color Scheme:', 'wp_crm'); do_action('admin_color_scheme_picker'); } ?> </div> </li> </ul> <?php if (count($wp_filter['show_user_profile']) || count($wp_filter['profile_personal_options'])) { ?> <div class="wp_crm_user_api_actions"> <?php add_filter('wpi_user_information', array('WP_CRM_F', 'wpi_user_information')); if ($own_profile) { do_action('show_user_profile', $profileuser); } else { do_action('edit_user_profile', $profileuser); } ?> </div> <?php } ?> <?php if (current_user_can('edit_users')) { do_action('wp_crm_metabox_special_actions'); } ?> </div> <div class="major-publishing-actions"> <div class="other-action"> <span class="wp_crm_subtle_link wp_crm_toggle" toggle="wp_crm_user_actions"><?php _e('Show Actions'); ?> </span> </div> <div id="publishing-action"> <input type="hidden" value="Publish" id="original_publish" name="original_publish"> <?php if (current_user_can('edit_users') || current_user_can('add_users') && $object['new']) { ?> <input type="submit" accesskey="p" tabindex="5" value="<?php echo $object['new'] ? __('Save', 'wpp_crm') : __('Update', 'wpp_crm'); ?> " class="button-primary" id="publish" name="publish"> <?php } else { ?> <input type="submit" accesskey="p" tabindex="5" value="<?php echo $object['new'] ? __('Save', 'wpp_crm') : __('Update', 'wpp_crm'); ?> " class="button-primary" id="publish" name="publish" disabled="true"> <?php } ?> </div> <div class="clear"></div> </div> <div class="wp_crm_user_actions hidden"> <ul class="wp_crm_action_list"> <?php if (current_user_can('WP-CRM: Add User Messages')) { ?> <li class="wp_crm_orange_link wp_crm_toggle_message_entry"><?php _e('Add a general note.', 'wp_crm'); ?> </li> <?php } ?> <?php do_action('wp_crm_single_user_actions', $object); ?> <?php if ((current_user_can('remove_users') || current_user_can('delete_users')) && (!$object['new'] && $user_id != $current_user->ID)) { ?> <li class="wp_crm_orange_link"><a href="<?php echo wp_nonce_url("admin.php?wp_crm_action=delete_user&page=wp_crm&user_id={$user_id}", 'wp-crm-delete-user-' . $user_id); ?> " class="submitdelete deletion"><?php _e('Delete'); ?> </a></li> <?php } ?> </ul> </div> <?php }
<th scope="row"><?php _e('Admin Color Scheme')?></th> <td><?php do_action( 'admin_color_scheme_picker' ); ?></td> </tr> <?php endif; // $_wp_admin_css_colors if ( !( IS_PROFILE_PAGE && !$user_can_edit ) ) : ?> <tr> <th scope="row"><?php _e( 'Keyboard Shortcuts' ); ?></th> <td><label for="comment_shortcuts"><input type="checkbox" name="comment_shortcuts" id="comment_shortcuts" value="true" <?php if ( ! empty( $profileuser->comment_shortcuts ) ) checked( 'true', $profileuser->comment_shortcuts ); ?> /> <?php _e('Enable keyboard shortcuts for comment moderation.'); ?></label> <?php _e('<a href="http://codex.wordpress.org/Keyboard_Shortcuts" target="_blank">More information</a>'); ?></td> </tr> <?php endif; ?> <tr class="show-admin-bar"> <th scope="row"><?php _e('Toolbar')?></th> <td><fieldset><legend class="screen-reader-text"><span><?php _e('Toolbar') ?></span></legend> <label for="admin_bar_front"> <input name="admin_bar_front" type="checkbox" id="admin_bar_front" value="1"<?php checked( _get_admin_bar_pref( 'front', $profileuser->ID ) ); ?> /> <?php _e( 'Show Toolbar when viewing site' ); ?></label><br /> </fieldset> </td> </tr> <?php do_action('personal_options', $profileuser); ?> </table> <?php if ( IS_PROFILE_PAGE ) do_action('profile_personal_options', $profileuser); ?> <h3><?php _e('Name') ?></h3> <table class="form-table"> <tr>
/** * Handles the front end user editing * * @param string $action The requested action to compare this function to * @uses is_multisite() To check if it's a multisite * @uses bbp_is_user_home() To check if the user is at home (the display page * is the one of the logged in user) * @uses get_option() To get the displayed user's new email id option * @uses wpdb::prepare() To sanitize our sql query * @uses wpdb::get_var() To execute our query and get back the variable * @uses wpdb::query() To execute our query * @uses wp_update_user() To update the user * @uses delete_option() To delete the displayed user's email id option * @uses bbp_get_user_profile_edit_url() To get the edit profile url * @uses wp_safe_redirect() To redirect to the url * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses current_user_can() To check if the current user can edit the user * @uses do_action() Calls 'personal_options_update' or * 'edit_user_options_update' (based on if it's the user home) * with the displayed user id * @uses edit_user() To edit the user based on the post data * @uses get_userdata() To get the user data * @uses is_email() To check if the string is an email id or not * @uses wpdb::get_blog_prefix() To get the blog prefix * @uses is_network_admin() To check if the user is the network admin * @uses revoke_super_admin() To revoke super admin priviledges * @uses grant_super_admin() To grant super admin priviledges * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error} */ function bbp_edit_user_handler($action = '') { // Bail if action is not 'bbp-update-user' if ('bbp-update-user' !== $action) { return; } // Get the displayed user ID $user_id = bbp_get_displayed_user_id(); // Execute confirmed email change. See send_confirmation_on_profile_email(). if (is_multisite() && bbp_is_user_home_edit() && isset($_GET['newuseremail'])) { $new_email = get_option($user_id . '_new_email'); if (hash_equals($new_email['hash'], $_GET['newuseremail'])) { $user = new WP_User(); $user->ID = $user_id; $user->user_email = esc_html(trim($new_email['newemail'])); global $wpdb; if ($wpdb->get_var($wpdb->prepare("SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", bbp_get_displayed_user_field('user_login', 'raw')))) { $wpdb->query($wpdb->prepare("UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, bbp_get_displayed_user_field('user_login', 'raw'))); } wp_update_user(get_object_vars($user)); delete_option($user_id . '_new_email'); wp_safe_redirect(add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($user_id))); exit; } // Delete new email address from user options } elseif (is_multisite() && bbp_is_user_home_edit() && !empty($_GET['dismiss']) && $user_id . '_new_email' === $_GET['dismiss']) { delete_option($user_id . '_new_email'); wp_safe_redirect(add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($user_id))); exit; } // Nonce check if (!bbp_verify_nonce_request('update-user_' . $user_id)) { bbp_add_error('bbp_update_user_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Cap check if (!current_user_can('edit_user', $user_id)) { bbp_add_error('bbp_update_user_capability', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Do action based on who's profile you're editing $edit_action = bbp_is_user_home_edit() ? 'personal_options_update' : 'edit_user_profile_update'; do_action($edit_action, $user_id); // Prevent edit_user() from wiping out the user's Toolbar on front setting if (!isset($_POST['admin_bar_front']) && _get_admin_bar_pref('front', $user_id)) { $_POST['admin_bar_front'] = 1; } // Handle user edit $edit_user = edit_user($user_id); // Error(s) editng the user, so copy them into the global if (is_wp_error($edit_user)) { bbpress()->errors = $edit_user; // Successful edit to redirect } elseif (is_integer($edit_user)) { // Maybe update super admin ability if (is_multisite() && !bbp_is_user_home_edit()) { empty($_POST['super_admin']) ? revoke_super_admin($edit_user) : grant_super_admin($edit_user); } $redirect = add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($edit_user)); wp_safe_redirect($redirect); exit; } }
/** * Determine whether the admin bar should be showing. * * @since 3.1.0 * * @return bool Whether the admin bar should be showing. */ function is_admin_bar_showing() { global $show_admin_bar; /* For all these types of request we never want an admin bar period */ if (defined('XMLRPC_REQUEST') || defined('APP_REQUEST') || defined('DOING_AJAX') || defined('IFRAME_REQUEST')) { return false; } if (!isset($show_admin_bar)) { if (!is_user_logged_in()) { $show_admin_bar = false; } else { $context = is_admin() ? 'admin' : 'front'; $show_admin_bar = _get_admin_bar_pref($context); } } $show_admin_bar = apply_filters('show_admin_bar', $show_admin_bar); return $show_admin_bar; }
/** * Render the personal options metabox for user profile screen * * @since 0.1.0 * * @param WP_User $user The WP_User object to be edited. */ function wp_user_profiles_personal_options_metabox($user = null) { // Start a buffer ob_start(); ?> <table class="form-table"> <tr class="user-rich-editing-wrap"> <th scope="row"><?php esc_html_e('Visual Editor', 'wp-user-profiles'); ?> </th> <td> <label for="rich_editing"><input name="rich_editing" type="checkbox" id="rich_editing" value="false" <?php checked('false', $user->rich_editing); ?> /> <?php esc_html_e('Disable the visual editor when writing', 'wp-user-profiles'); ?> </label> </td> </tr><?php // Only show if user can moderate comments if (user_can($user->ID, 'moderate_comments')) { ?> <tr class="user-comment-shortcuts-wrap"> <th scope="row"><?php esc_html_e('Keyboard Shortcuts', 'wp-user-profiles'); ?> </th> <td> <label for="comment_shortcuts"><input type="checkbox" name="comment_shortcuts" id="comment_shortcuts" value="true" <?php checked('true', $user->comment_shortcuts); ?> /> <?php esc_html_e('Enable keyboard shortcuts for comment moderation.', 'wp-user-profiles'); ?> </label> </td> </tr><?php } // Only show setting if admin var can be visible if (apply_filters('show_admin_bar', true)) { ?> <tr class="show-admin-bar user-admin-bar-front-wrap"> <th scope="row"><?php esc_html_e('Toolbar', 'wp-user-profiles'); ?> </th> <td> <fieldset> <legend class="screen-reader-text"><span><?php esc_html_e('Toolbar', 'wp-user-profiles'); ?> </span></legend> <label for="admin_bar_front"> <input name="admin_bar_front" type="checkbox" id="admin_bar_front" value="1" <?php checked(_get_admin_bar_pref('front', $user->ID)); ?> /> <?php esc_html_e('Show Toolbar when viewing site', 'wp-user-profiles'); ?> </label> </fieldset> </td> </tr><?php } /** * Fires at the end of the 'Personal Options' settings table on the user editing screen. * * @since 2.7.0 * * @param WP_User $user The current WP_User object. */ do_action('personal_options', $user); ?> </table><?php // Output contents of buffer ob_end_flush(); }
/** * Handles the front end user editing from POST requests * * @since 2.0.0 bbPress (r2790) * * @param string $action The requested action to compare this function to * @uses is_multisite() To check if it's a multisite * @uses bbp_is_user_home() To check if the user is at home (the display page * is the one of the logged in user) * @uses get_option() To get the displayed user's new email id option * @uses wp_update_user() To update the user * @uses delete_option() To delete the displayed user's email id option * @uses bbp_get_user_profile_edit_url() To get the edit profile url * @uses bbp_redirect() To redirect to the url * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses current_user_can() To check if the current user can edit the user * @uses do_action() Calls 'personal_options_update' or * 'edit_user_options_update' (based on if it's the user home) * with the displayed user id * @uses edit_user() To edit the user based on the post data * @uses get_userdata() To get the user data * @uses is_email() To check if the string is an email id or not * @uses is_network_admin() To check if the user is the network admin * @uses revoke_super_admin() To revoke super admin priviledges * @uses grant_super_admin() To grant super admin priviledges * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error} */ function bbp_edit_user_handler($action = '') { // Bail if action is not `bbp-update-user` if ('bbp-update-user' !== $action) { return; } // Get the displayed user ID $user_id = bbp_get_displayed_user_id(); // Nonce check if (!bbp_verify_nonce_request('update-user_' . $user_id)) { bbp_add_error('bbp_update_user_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Cap check if (!current_user_can('edit_user', $user_id)) { bbp_add_error('bbp_update_user_capability', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Empty email check if (empty($_POST['email'])) { bbp_add_error('bbp_user_email_empty', __('<strong>ERROR</strong>: That is not a valid email address.', 'bbpress'), array('form-field' => 'email')); return; } // Get the users current email address to use for comparisons $user_email = bbp_get_displayed_user_field('user_email', 'raw'); // Bail if no email change if ($user_email !== $_POST['email']) { // Check that new email address is valid if (!is_email($_POST['email'])) { bbp_add_error('bbp_user_email_invalid', __('<strong>ERROR</strong>: That is not a valid email address.', 'bbpress'), array('form-field' => 'email')); return; } // Check if email address is already in use if (email_exists($_POST['email'])) { bbp_add_error('bbp_user_email_taken', __('<strong>ERROR</strong>: That email address is already in use.', 'bbpress'), array('form-field' => 'email')); return; } // Update the option $key = $user_id . '_new_email'; $hash = md5($_POST['email'] . time() . mt_rand()); $option = array('hash' => $hash, 'newemail' => $_POST['email']); update_option($key, $option); // Attempt to notify the user of email address change bbp_edit_user_email_send_notification($user_id, $option); // Set the POST email variable back to the user's email address // so `edit_user()` does not attempt to update it. This is not ideal, // but it's also what send_confirmation_on_profile_email() does. $_POST['email'] = $user_email; } // Do action based on who's profile you're editing $edit_action = bbp_is_user_home_edit() ? 'personal_options_update' : 'edit_user_profile_update'; do_action($edit_action, $user_id); // Prevent edit_user() from wiping out the user's Toolbar on front setting if (!isset($_POST['admin_bar_front']) && _get_admin_bar_pref('front', $user_id)) { $_POST['admin_bar_front'] = 1; } // Bail if errors already exist if (bbp_has_errors()) { return; } // Handle user edit $edit_user = edit_user($user_id); // Error(s) editng the user, so copy them into the global if (is_wp_error($edit_user)) { bbpress()->errors = $edit_user; // Successful edit to redirect } elseif (is_integer($edit_user)) { // Maybe update super admin ability if (is_multisite() && !bbp_is_user_home_edit() && current_user_can('manage_network_options') && is_super_admin()) { empty($_POST['super_admin']) ? revoke_super_admin($edit_user) : grant_super_admin($edit_user); } // Redirect $args = array('updated' => 'true'); $user_url = bbp_get_user_profile_edit_url($edit_user); $redirect = add_query_arg($args, $user_url); bbp_redirect($redirect); } }
protected function show_form_content() { $lca = $this->p->cf['lca']; if ($this->menu_lib === 'profile') { $user_id = get_current_user_id(); $profileuser = get_user_to_edit($user_id); $current_color = get_user_option('admin_color', $user_id); if (empty($current_color)) { $current_color = 'fresh'; } // match wordpress behavior (users page for admins, profile page for everyone else) $admin_url = current_user_can('list_users') ? $this->p->util->get_admin_url($this->menu_id, null, 'users') : $this->p->util->get_admin_url($this->menu_id, null, $this->menu_lib); echo '<form name="' . $lca . '" id="' . $lca . '_setting_form" action="user-edit.php" method="post">' . "\n"; echo '<input type="hidden" name="wp_http_referer" value="' . $admin_url . '" />' . "\n"; echo '<input type="hidden" name="action" value="update" />' . "\n"; echo '<input type="hidden" name="user_id" value="' . $user_id . '" />' . "\n"; echo '<input type="hidden" name="nickname" value="' . $profileuser->nickname . '" />' . "\n"; echo '<input type="hidden" name="email" value="' . $profileuser->user_email . '" />' . "\n"; echo '<input type="hidden" name="admin_color" value="' . $current_color . '" />' . "\n"; echo '<input type="hidden" name="rich_editing" value="' . $profileuser->rich_editing . '" />' . "\n"; echo '<input type="hidden" name="comment_shortcuts" value="' . $profileuser->comment_shortcuts . '" />' . "\n"; echo '<input type="hidden" name="admin_bar_front" value="' . _get_admin_bar_pref('front', $user_id) . '" />' . "\n"; wp_nonce_field('update-user_' . $user_id); } elseif ($this->menu_lib === 'setting' || $this->menu_lib === 'submenu') { echo '<form name="' . $lca . '" id="' . $lca . '_setting_form" action="options.php" method="post">' . "\n"; settings_fields($lca . '_setting'); } elseif ($this->menu_lib === 'sitesubmenu') { echo '<form name="' . $lca . '" id="' . $lca . '_setting_form" action="edit.php?action=' . NGFB_SITE_OPTIONS_NAME . '" method="post">' . "\n"; echo '<input type="hidden" name="page" value="' . $this->menu_id . '" />'; } else { return; } wp_nonce_field(self::get_nonce(), NGFB_NONCE); wp_nonce_field('closedpostboxes', 'closedpostboxesnonce', false); wp_nonce_field('meta-box-order', 'meta-box-order-nonce', false); do_meta_boxes($this->pagehook, 'normal', null); do_action($this->p->cf['lca'] . '_form_content_metaboxes_' . SucomUtil::sanitize_hookname($this->menu_id), $this->pagehook); switch ($this->menu_id) { case 'readme': case 'setup': case 'sitereadme': case 'sitesetup': break; default: if ($this->menu_lib === 'profile') { echo $this->get_submit_buttons(_x('Save All Profile Settings', 'submit button', 'nextgen-facebook')); } else { echo $this->get_submit_buttons(); } break; } echo '</form>', "\n"; }