/**
* Display pending email change notice on user edit page
*
* @since 2.6.0 bbPress (r5660)
*
* @uses bbp_get_displayed_user_id() To get the displayed user ID
* @uses bbp_is_single_user_edit() To check if it's the profile edit page
* @uses bbp_get_user_profile_edit_url() To get the displayed user profile edit URL
* @uses add_query_arg() To add dismiss query argument to URL
* @uses wp_nonce_url() To add nonce to URL
*/
function bbp_notice_edit_user_pending_email()
{
// Bail if not on users own profile
if (!bbp_is_user_home_edit()) {
return;
}
// Check for pending email address change
$user_id = bbp_get_displayed_user_id();
$key = $user_id . '_new_email';
$new_email = get_option($key);
// Bail if no pending email address change
if (empty($new_email['newemail'])) {
return;
}
// Build the nonced URL to dismiss the pending change
$user_url = bbp_get_user_profile_edit_url($user_id);
$nonce = "dismiss-{$key}";
$args = array('action' => 'bbp-update-user-email', 'dismiss' => $key);
// Build the variables to pass into printf()
$dismiss_url = wp_nonce_url(add_query_arg($args, $user_url), $nonce);
$dismiss_link = '<a href="' . esc_url($dismiss_url) . '">' . esc_html_x('Cancel', 'Dismiss pending user email address change', 'bbpress') . '</a>';
$coded_email = '<code>' . esc_html($new_email['newemail']) . '</code>';
?>
<div class="bbp-template-notice info">
<ul>
<li><?php
printf(__('There is a pending email address change to %1$s. %2$s', 'bbpress'), $coded_email, $dismiss_link);
?>
</li>
</ul>
</div>
<?php
}
/**
* Handles the front end user editing
*
* @uses is_multisite() To check if it's a multisite
* @uses bbp_is_user_home() To check if the user is at home (the display page
* is the one of the logged in user)
* @uses get_option() To get the displayed user's new email id option
* @uses wpdb::prepare() To sanitize our sql query
* @uses wpdb::get_var() To execute our query and get back the variable
* @uses wpdb::query() To execute our query
* @uses wp_update_user() To update the user
* @uses delete_option() To delete the displayed user's email id option
* @uses bbp_get_user_profile_edit_url() To get the edit profile url
* @uses wp_safe_redirect() To redirect to the url
* @uses bbp_verify_nonce_request() To verify the nonce and check the request
* @uses current_user_can() To check if the current user can edit the user
* @uses do_action() Calls 'personal_options_update' or
* 'edit_user_options_update' (based on if it's the user home)
* with the displayed user id
* @uses edit_user() To edit the user based on the post data
* @uses get_userdata() To get the user data
* @uses is_email() To check if the string is an email id or not
* @uses wpdb::get_blog_prefix() To get the blog prefix
* @uses is_network_admin() To check if the user is the network admin
* @uses is_super_admin() To check if the user is super admin
* @uses revoke_super_admin() To revoke super admin priviledges
* @uses grant_super_admin() To grant super admin priviledges
* @uses is_wp_error() To check if the value retrieved is a {@link WP_Error}
*/
function bbp_edit_user_handler()
{
// Bail if not a POST action
if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) {
return;
}
// Bail if action is not 'bbp-update-user'
if (empty($_POST['action']) || 'bbp-update-user' !== $_POST['action']) {
return;
}
// Get the displayed user ID
$user_id = bbp_get_displayed_user_id();
// Execute confirmed email change. See send_confirmation_on_profile_email().
if (is_multisite() && bbp_is_user_home_edit() && isset($_GET['newuseremail'])) {
$new_email = get_option($user_id . '_new_email');
if ($new_email['hash'] == $_GET['newuseremail']) {
$user = new stdClass();
$user->ID = $user_id;
$user->user_email = esc_html(trim($new_email['newemail']));
global $wpdb;
if ($wpdb->get_var($wpdb->prepare("SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", bbp_get_displayed_user_field('user_login')))) {
$wpdb->query($wpdb->prepare("UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, bbp_get_displayed_user_field('user_login')));
}
wp_update_user(get_object_vars($user));
delete_option($user_id . '_new_email');
wp_safe_redirect(add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($user_id)));
exit;
}
// Delete new email address from user options
} elseif (is_multisite() && bbp_is_user_home_edit() && !empty($_GET['dismiss']) && $user_id . '_new_email' == $_GET['dismiss']) {
delete_option($user_id . '_new_email');
wp_safe_redirect(add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($user_id)));
exit;
}
// Nonce check
if (!bbp_verify_nonce_request('update-user_' . $user_id)) {
bbp_add_error('bbp_update_user_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress'));
return;
}
// Cap check
if (!current_user_can('edit_user', $user_id)) {
bbp_add_error('bbp_update_user_capability', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress'));
return;
}
// Do action based on who's profile you're editing
$edit_action = bbp_is_user_home_edit() ? 'personal_options_update' : 'edit_user_profile_update';
do_action($edit_action, $user_id);
// Handle user edit
$edit_user = edit_user($user_id);
// Error(s) editng the user, so copy them into the global
if (is_wp_error($edit_user)) {
bbpress()->errors = $edit_user;
// Successful edit to redirect
} elseif (is_integer($edit_user)) {
// Maybe update super admin ability
if (is_multisite() && !bbp_is_user_home_edit()) {
empty($_POST['super_admin']) ? revoke_super_admin($edit_user) : grant_super_admin($edit_user);
}
$redirect = add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($edit_user));
wp_safe_redirect($redirect);
exit;
}
}
/**
* @covers ::bbp_get_user_profile_edit_url
*/
public function test_bbp_get_user_profile_edit_url()
{
// Pretty permalinks
$this->set_permalink_structure('/%postname%/');
$profile_edit_url = 'http://' . WP_TESTS_DOMAIN . '/forums/users/' . $this->keymaster_userdata->user_nicename . '/edit/';
// String.
$this->assertSame($profile_edit_url, bbp_get_user_profile_edit_url($this->keymaster_id));
// Ugly permalinks
$this->set_permalink_structure();
$profile_edit_url = 'http://' . WP_TESTS_DOMAIN . '/?bbp_user='******'&edit=1';
// String.
$this->assertSame($profile_edit_url, bbp_get_user_profile_edit_url($this->keymaster_id));
}
/**
* Handles the front end user editing
*
* @uses is_multisite() To check if it's a multisite
* @uses bbp_is_user_home() To check if the user is at home (the display page
* is the one of the logged in user)
* @uses get_option() To get the displayed user's new email id option
* @uses wpdb::prepare() To sanitize our sql query
* @uses wpdb::get_var() To execute our query and get back the variable
* @uses wpdb::query() To execute our query
* @uses wp_update_user() To update the user
* @uses delete_option() To delete the displayed user's email id option
* @uses bbp_get_user_profile_edit_url() To get the edit profile url
* @uses wp_safe_redirect() To redirect to the url
* @uses bbp_verify_nonce_request() To verify the nonce and check the request
* @uses current_user_can() To check if the current user can edit the user
* @uses do_action() Calls 'personal_options_update' or
* 'edit_user_options_update' (based on if it's the user home)
* with the displayed user id
* @uses edit_user() To edit the user based on the post data
* @uses get_userdata() To get the user data
* @uses is_email() To check if the string is an email id or not
* @uses wpdb::get_blog_prefix() To get the blog prefix
* @uses is_network_admin() To check if the user is the network admin
* @uses is_super_admin() To check if the user is super admin
* @uses revoke_super_admin() To revoke super admin priviledges
* @uses grant_super_admin() To grant super admin priviledges
* @uses is_wp_error() To check if the value retrieved is a {@link WP_Error}
*/
function bbp_edit_user_handler()
{
// Bail if not a POST action
if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) {
return;
}
// Bail if action is not 'bbp-update-user'
if (empty($_POST['action']) || 'bbp-update-user' !== $_POST['action']) {
return;
}
// Get the displayed user ID
$user_id = bbp_get_displayed_user_id();
global $wpdb, $user_login, $super_admins;
// Execute confirmed email change. See send_confirmation_on_profile_email().
if (is_multisite() && bbp_is_user_home_edit() && isset($_GET['newuseremail'])) {
$new_email = get_option($user_id . '_new_email');
if ($new_email['hash'] == $_GET['newuseremail']) {
$user = new stdClass();
$user->ID = $user_id;
$user->user_email = esc_html(trim($new_email['newemail']));
if ($wpdb->get_var($wpdb->prepare("SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", bbp_get_displayed_user_field('user_login')))) {
$wpdb->query($wpdb->prepare("UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, bbp_get_displayed_user_field('user_login')));
}
wp_update_user(get_object_vars($user));
delete_option($user_id . '_new_email');
wp_safe_redirect(add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($user_id)));
exit;
}
} elseif (is_multisite() && bbp_is_user_home_edit() && !empty($_GET['dismiss']) && $user_id . '_new_email' == $_GET['dismiss']) {
delete_option($user_id . '_new_email');
wp_safe_redirect(add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($user_id)));
exit;
}
// Nonce check
if (!bbp_verify_nonce_request('update-user_' . $user_id)) {
bbp_add_error('bbp_update_user_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress'));
return;
}
// Cap check
if (!current_user_can('edit_user', $user_id)) {
bbp_add_error('bbp_update_user_capability', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress'));
return;
}
// Do action based on who's profile you're editing
$edit_action = bbp_is_user_home_edit() ? 'personal_options_update' : 'edit_user_profile_update';
do_action($edit_action, $user_id);
// Multisite handles the trouble for us ;)
if (!is_multisite()) {
$edit_user = edit_user($user_id);
// Single site means we need to do some manual labor
} else {
$user = get_userdata($user_id);
// Update the email address in signups, if present.
if ($user->user_login && isset($_POST['email']) && is_email($_POST['email']) && $wpdb->get_var($wpdb->prepare("SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $user->user_login))) {
$wpdb->query($wpdb->prepare("UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $_POST['email'], $user_login));
}
// WPMU must delete the user from the current blog if WP added him after editing.
$delete_role = false;
$blog_prefix = $wpdb->get_blog_prefix();
if ($user_id != $user_id) {
$cap = $wpdb->get_var("SELECT meta_value FROM {$wpdb->usermeta} WHERE user_id = '{$user_id}' AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'");
if (!is_network_admin() && null == $cap && $_POST['role'] == '') {
$_POST['role'] = 'contributor';
$delete_role = true;
}
}
$edit_user = edit_user($user_id);
// stops users being added to current blog when they are edited
if (true === $delete_role) {
delete_user_meta($user_id, $blog_prefix . 'capabilities');
}
if (is_multisite() && is_network_admin() & !bbp_is_user_home_edit() && current_user_can('manage_network_options') && !isset($super_admins) && empty($_POST['super_admin']) == is_super_admin($user_id)) {
empty($_POST['super_admin']) ? revoke_super_admin($user_id) : grant_super_admin($user_id);
}
}
// Error(s) editng the user, so copy them into the global
if (is_wp_error($edit_user)) {
bbpress()->errors = $edit_user;
// Successful edit to redirect
} elseif (is_integer($edit_user)) {
$redirect = add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($edit_user));
wp_safe_redirect($redirect);
exit;
}
}
<?php
/** Top Bar */
?>
<div id="topbar">
<div class="inner">
<div class="left">
Welcome to Aquagraphite Support Forum :)
</div>
<div class="right">
<?php
if (is_user_logged_in()) {
echo '<a href="' . bbp_get_user_profile_edit_url(bbp_get_user_id('', false, true)) . '">Edit Profile</a> or ';
echo '<a href="' . wp_logout_url($redirect = home_url()) . '">Logout</a>';
} else {
echo '<a href="' . wp_login_url($redirect = home_url(), $force_reauth = false) . '">Login</a> or ';
echo '<a href="' . wp_login_url() . '?action=register">Register</a>';
}
?>
</div>
<div class="clearfix"></div>
</div>
</div>
/**
* Output URL to the profile edit page of a user
*
* @since bbPress (r2688)
*
* @param int $user_id Optional. User id
* @param string $user_nicename Optional. User nicename
* @uses bbp_get_user_profile_edit_url() To get user profile edit url
*/
function bbp_user_profile_edit_url($user_id = 0, $user_nicename = '')
{
echo bbp_get_user_profile_edit_url($user_id, $user_nicename);
}
?>
<div id="topbar">
<div class="container">
<div class="row">
<div class="col-xs-12 col-md-8">
<div class="as-text-topbar-header">
<div class="time-zone-wrapper">
<span class="iva_visitor_time"><span class="iva-time"><strong>Your Time: </strong></span><span class="time-zone-visitor-icon dslc-icon "></span> <span id="your_time">11:40:47</span></span>
-
<span class="iva_support_time"><span class="iva-time"><strong>Our Time: </strong></span><span class="time-zone-support-icon dslc-icon "></span> <span id="our_time">10:10:47</span></span>
</div>
</div>
</div>
<div class="col-xs-12 col-md-4">
<div class="as-group-button-topbar">
<?php
if (is_user_logged_in()) {
echo '<a href="' . bbp_get_user_profile_edit_url(bbp_get_user_id('', false, true)) . '" class="as-btn-style as-bg-color">Edit Profile</a>';
echo '<a href="' . wp_logout_url($redirect = home_url()) . '" class="as-btn-style">Logout</a>';
} else {
echo '<a href="' . wp_login_url($redirect = home_url(), $force_reauth = false) . '" class="as-btn-style">Login</a>';
echo '<a href="' . wp_login_url() . '?action=register" class="as-btn-style as-bg-color">Register</a>';
}
?>
</div>
</div>
<div class="clearfix"></div>
</div>
</div>
</div>
function cb_bbp_author_details($cb_author_id, $cb_desc = true)
{
$cb_author_email = get_the_author_meta('publicemail', $cb_author_id);
$cb_author_name = get_the_author_meta('display_name', $cb_author_id);
$cb_author_position = get_the_author_meta('position', $cb_author_id);
$cb_author_tw = get_the_author_meta('twitter', $cb_author_id);
$cb_author_go = get_the_author_meta('googleplus', $cb_author_id);
$cb_author_www = get_the_author_meta('url', $cb_author_id);
$cb_author_desc = get_the_author_meta('description', $cb_author_id);
$cb_author_posts = count_user_posts($cb_author_id);
$cb_author_output = NULL;
$cb_author_output .= '<div class="cb-author-details cb-bbp clearfix"><div class="cb-mask"><a href="' . bbp_get_user_profile_url() . '" title="' . bbp_get_displayed_user_field('display_name') . '" rel="me">' . get_avatar(bbp_get_displayed_user_field('user_email', 'raw'), apply_filters('bbp_single_user_details_avatar_size', 150)) . '</a></div><div class="cb-meta"><h3><a href="' . bbp_get_user_profile_url() . '" title="' . bbp_get_displayed_user_field('display_name') . '">' . $cb_author_name . '</a></h3>';
if ($cb_author_position != NULL) {
$cb_author_output .= '<div class="cb-author-position">' . $cb_author_position . '</div>';
}
if ($cb_author_desc != NULL && $cb_desc == true) {
$cb_author_output .= '<p class="cb-author-bio">' . $cb_author_desc . '</p>';
}
if ($cb_author_email != NULL || $cb_author_www != NULL || $cb_author_tw != NULL || $cb_author_go != NULL) {
$cb_author_output .= '<div class="cb-author-page-contact">';
}
if ($cb_author_email != NULL) {
$cb_author_output .= '<a href="mailto:' . $cb_author_email . '"><i class="icon-envelope-alt cb-tip-bot" title="' . __('Email', 'cubell') . '"></i></a>';
}
if ($cb_author_www != NULL) {
$cb_author_output .= ' <a href="' . $cb_author_www . '" target="_blank"><i class="icon-link cb-tip-bot" title="' . __('Website', 'cubell') . '"></i></a> ';
}
if ($cb_author_tw != NULL) {
$cb_author_output .= ' <a href="//www.twitter.com/' . $cb_author_tw . '" target="_blank" ><i class="icon-twitter cb-tip-bot" title="Twitter"></i></a>';
}
if ($cb_author_go != NULL) {
$cb_author_output .= ' <a href="' . $cb_author_go . '" rel="publisher" target="_top" title="Google+" class="cb-googleplus cb-tip-bot" ><img src="//ssl.gstatic.com/images/icons/gplus-32.png" data-src-retina="//ssl.gstatic.com/images/icons/gplus-64.png" alt="Google+" ></a>';
}
if ($cb_author_email != NULL || $cb_author_www != NULL || $cb_author_go != NULL || $cb_author_tw != NULL) {
$cb_author_output .= '</div>';
}
$cb_author_output .= '<div id="cb-user-nav"><ul>';
if (bbp_is_single_user_replies()) {
$cb_user_current = 'current';
}
$cb_author_output .= '<li class="';
if (bbp_is_single_user_topics()) {
$cb_author_output .= 'current';
}
$cb_author_output .= '"><span class="bbp-user-topics-created-link"><a href="' . bbp_get_user_topics_created_url() . '">' . __('Topics Started', 'bbpress') . '</a></span></li>';
$cb_author_output .= '<li class="';
if (bbp_is_single_user_replies()) {
$cb_author_output .= 'current';
}
$cb_author_output .= '"><span class="bbp-user-replies-created-link"><a href="' . bbp_get_user_replies_created_url() . '">' . __('Replies Created', 'bbpress') . '</a></span></li>';
if (bbp_is_favorites_active()) {
$cb_author_output .= '<li class="';
if (bbp_is_favorites()) {
$cb_author_output .= 'current';
}
$cb_author_output .= '"><span class="bbp-user-favorites-link"><a href="' . bbp_get_favorites_permalink() . '">' . __('Favorites', 'bbpress') . '</a></span></li>';
}
if (bbp_is_user_home() || current_user_can('edit_users')) {
if (bbp_is_subscriptions_active()) {
$cb_author_output .= '<li class="';
if (bbp_is_subscriptions()) {
$cb_author_output .= 'current';
}
$cb_author_output .= '"><span class="bbp-user-subscriptions-link"><a href="' . bbp_get_subscriptions_permalink() . '">' . __('Subscriptions', 'bbpress') . '</a></span></li>';
}
$cb_author_output .= '<li class="';
if (bbp_is_single_user_edit()) {
$cb_author_output .= 'current';
}
$cb_author_output .= '"><span class="bbp-user-edit-link"><a href="' . bbp_get_user_profile_edit_url() . '">' . __('Edit', 'bbpress') . '</a></span></li>';
}
$cb_author_output .= '</ul></div><!-- #cb-user-nav -->';
$cb_author_output .= '</div></div>';
return $cb_author_output;
}
/**
* Sends an email when an email address change occurs on POST requests
*
* @since 2.6.0 bbPress (r5660)
*
* @see send_confirmation_on_profile_email()
*
* @uses bbp_parse_args() To parse the option arguments
* @uses bbp_add_error() To provide feedback to user
* @uses bbp_get_displayed_user_field() To get the user_login
* @uses bbp_get_user_profile_edit_url() To get the user profile edit link
* @uses add_query_arg() To add arguments the link
* @uses wp_mail() To send the notification
*/
function bbp_edit_user_email_send_notification($user_id = 0, $args = array())
{
// Parse args
$r = bbp_parse_args($args, array('hash' => '', 'newemail' => ''));
// Bail if any relevant parameters are empty
if (empty($user_id) || empty($r['hash']) || empty($r['newemail'])) {
bbp_add_error('bbp_user_email_invalid_hash', __('<strong>ERROR</strong>: An error occurred while updating your email address.', 'bbpress'), array('form-field' => 'email'));
return;
}
// Build the nonced URL to dismiss the pending change
$user_login = bbp_get_displayed_user_field('user_login', 'raw');
$user_url = bbp_get_user_profile_edit_url($user_id);
$confirm_url = add_query_arg(array('action' => 'bbp-update-user-email', 'newuseremail' => $r['hash']), $user_url);
$email_text = __('%1$s
Someone requested a change to the email address on your account.
Please click the following link to confirm this change:
%2$s
If you did not request this, you can safely ignore and delete this notification.
This email was sent to: %3$s
Regards,
The %4$s Team
%5$s', 'bbpress');
/**
* Filter the email text sent when a user changes emails.
*
* The following strings have a special meaning and will get replaced dynamically:
*
* %1$s - The current user's username
* %2$s - The link to click on to confirm the email change
* %3$s - The new email
* %4$s - The name of the site
* %5$s - The URL to the site
*
* @param string $email_text Text in the email.
* @param string $r New user email that the current user has changed to.
*/
$content = apply_filters('bbp_user_email_update_content', $email_text, $r);
// Build the email message
$message = sprintf($content, $user_login, $confirm_url, $r['newemail'], get_site_option('site_name'), network_home_url());
// Build the email subject
$subject = sprintf(__('[%s] New Email Address', 'bbpress'), wp_specialchars_decode(get_option('blogname')));
// Send the email
wp_mail($r['newemail'], $subject, $message);
}
