/**
* Save the profile fields in Members community profile page.
*
* Loaded before the page is rendered, this function is processing form
* requests.
*
* @since 2.0.0
*
* @param string $doaction Action being run.
* @param int $user_id ID for the user whose profile is being saved.
* @param array $request Request being made.
* @param string $redirect_to Where to redirect user to.
*/
public function user_admin_load($doaction = '', $user_id = 0, $request = array(), $redirect_to = '')
{
// Eventually delete avatar.
if ('delete_avatar' === $doaction) {
check_admin_referer('delete_avatar');
$redirect_to = remove_query_arg('_wpnonce', $redirect_to);
if (bp_core_delete_existing_avatar(array('item_id' => $user_id))) {
$redirect_to = add_query_arg('updated', 'avatar', $redirect_to);
} else {
$redirect_to = add_query_arg('error', 'avatar', $redirect_to);
}
bp_core_redirect($redirect_to);
} elseif (isset($_POST['field_ids'])) {
// Update profile fields.
// Check the nonce.
check_admin_referer('edit-bp-profile_' . $user_id);
// Check we have field ID's.
if (empty($_POST['field_ids'])) {
$redirect_to = add_query_arg('error', '1', $redirect_to);
bp_core_redirect($redirect_to);
}
/**
* Unlike front-end edit-fields screens, the wp-admin/profile
* displays all groups of fields on a single page, so the list of
* field ids is an array gathering for each group of fields a
* distinct comma separated list of ids.
*
* As a result, before using the wp_parse_id_list() function, we
* must ensure that these ids are "merged" into a single comma
* separated list.
*/
$merge_ids = join(',', $_POST['field_ids']);
// Explode the posted field IDs into an array so we know which fields have been submitted.
$posted_field_ids = wp_parse_id_list($merge_ids);
$is_required = array();
// Loop through the posted fields formatting any datebox values then validate the field.
foreach ((array) $posted_field_ids as $field_id) {
bp_xprofile_maybe_format_datebox_post_data($field_id);
$is_required[$field_id] = xprofile_check_is_required_field($field_id) && !bp_current_user_can('bp_moderate');
if ($is_required[$field_id] && empty($_POST['field_' . $field_id])) {
$redirect_to = add_query_arg('error', '2', $redirect_to);
bp_core_redirect($redirect_to);
}
}
// Set the errors var.
$errors = false;
// Now we've checked for required fields, let's save the values.
$old_values = $new_values = array();
foreach ((array) $posted_field_ids as $field_id) {
/*
* Certain types of fields (checkboxes, multiselects) may come
* through empty. Save them as an empty array so that they don't
* get overwritten by the default on the next edit.
*/
$value = isset($_POST['field_' . $field_id]) ? $_POST['field_' . $field_id] : '';
$visibility_level = !empty($_POST['field_' . $field_id . '_visibility']) ? $_POST['field_' . $field_id . '_visibility'] : 'public';
/*
* Save the old and new values. They will be
* passed to the filter and used to determine
* whether an activity item should be posted.
*/
$old_values[$field_id] = array('value' => xprofile_get_field_data($field_id, $user_id), 'visibility' => xprofile_get_field_visibility_level($field_id, $user_id));
// Update the field data and visibility level.
xprofile_set_field_visibility_level($field_id, $user_id, $visibility_level);
$field_updated = xprofile_set_field_data($field_id, $user_id, $value, $is_required[$field_id]);
$value = xprofile_get_field_data($field_id, $user_id);
$new_values[$field_id] = array('value' => $value, 'visibility' => xprofile_get_field_visibility_level($field_id, $user_id));
if (!$field_updated) {
$errors = true;
} else {
/**
* Fires after the saving of each profile field, if successful.
*
* @since 1.1.0
*
* @param int $field_id ID of the field being updated.
* @param string $value Value that was saved to the field.
*/
do_action('xprofile_profile_field_data_updated', $field_id, $value);
}
}
/**
* Fires after all XProfile fields have been saved for the current profile.
*
* @since 1.0.0
* @since 2.6.0 Added $old_values and $new_values parameters.
*
* @param int $user_id ID for the user whose profile is being saved.
* @param array $posted_field_ids Array of field IDs that were edited.
* @param bool $errors Whether or not any errors occurred.
* @param array $old_values Array of original values before update.
* @param array $new_values Array of newly saved values after update.
*/
do_action('xprofile_updated_profile', $user_id, $posted_field_ids, $errors, $old_values, $new_values);
// Set the feedback messages.
if (!empty($errors)) {
$redirect_to = add_query_arg('error', '3', $redirect_to);
} else {
$redirect_to = add_query_arg('updated', '1', $redirect_to);
}
bp_core_redirect($redirect_to);
}
}
/**
* Handle the loading of the signup screen.
*
* @since 1.1.0
*/
function bp_core_screen_signup()
{
$bp = buddypress();
if (!bp_is_current_component('register') || bp_current_action()) {
return;
}
// Not a directory.
bp_update_is_directory(false, 'register');
// If the user is logged in, redirect away from here.
if (is_user_logged_in()) {
$redirect_to = bp_is_component_front_page('register') ? bp_get_members_directory_permalink() : bp_get_root_domain();
/**
* Filters the URL to redirect logged in users to when visiting registration page.
*
* @since 1.5.1
*
* @param string $redirect_to URL to redirect user to.
*/
bp_core_redirect(apply_filters('bp_loggedin_register_page_redirect_to', $redirect_to));
return;
}
$bp->signup->step = 'request-details';
if (!bp_get_signup_allowed()) {
$bp->signup->step = 'registration-disabled';
// If the signup page is submitted, validate and save.
} elseif (isset($_POST['signup_submit']) && bp_verify_nonce_request('bp_new_signup')) {
/**
* Fires before the validation of a new signup.
*
* @since 2.0.0
*/
do_action('bp_signup_pre_validate');
// Check the base account details for problems.
$account_details = bp_core_validate_user_signup($_POST['signup_username'], $_POST['signup_email']);
// If there are errors with account details, set them for display.
if (!empty($account_details['errors']->errors['user_name'])) {
$bp->signup->errors['signup_username'] = $account_details['errors']->errors['user_name'][0];
}
if (!empty($account_details['errors']->errors['user_email'])) {
$bp->signup->errors['signup_email'] = $account_details['errors']->errors['user_email'][0];
}
// Check that both password fields are filled in.
if (empty($_POST['signup_password']) || empty($_POST['signup_password_confirm'])) {
$bp->signup->errors['signup_password'] = __('Please make sure you enter your password twice', 'buddypress');
}
// Check that the passwords match.
if (!empty($_POST['signup_password']) && !empty($_POST['signup_password_confirm']) && $_POST['signup_password'] != $_POST['signup_password_confirm']) {
$bp->signup->errors['signup_password'] = __('The passwords you entered do not match.', 'buddypress');
}
$bp->signup->username = $_POST['signup_username'];
$bp->signup->email = $_POST['signup_email'];
// Now we've checked account details, we can check profile information.
if (bp_is_active('xprofile')) {
// Make sure hidden field is passed and populated.
if (isset($_POST['signup_profile_field_ids']) && !empty($_POST['signup_profile_field_ids'])) {
// Let's compact any profile field info into an array.
$profile_field_ids = explode(',', $_POST['signup_profile_field_ids']);
// Loop through the posted fields formatting any datebox values then validate the field.
foreach ((array) $profile_field_ids as $field_id) {
bp_xprofile_maybe_format_datebox_post_data($field_id);
// Create errors for required fields without values.
if (xprofile_check_is_required_field($field_id) && empty($_POST['field_' . $field_id]) && !bp_current_user_can('bp_moderate')) {
$bp->signup->errors['field_' . $field_id] = __('This is a required field', 'buddypress');
}
}
// This situation doesn't naturally occur so bounce to website root.
} else {
bp_core_redirect(bp_get_root_domain());
}
}
// Finally, let's check the blog details, if the user wants a blog and blog creation is enabled.
if (isset($_POST['signup_with_blog'])) {
$active_signup = bp_core_get_root_option('registration');
if ('blog' == $active_signup || 'all' == $active_signup) {
$blog_details = bp_core_validate_blog_signup($_POST['signup_blog_url'], $_POST['signup_blog_title']);
// If there are errors with blog details, set them for display.
if (!empty($blog_details['errors']->errors['blogname'])) {
$bp->signup->errors['signup_blog_url'] = $blog_details['errors']->errors['blogname'][0];
}
if (!empty($blog_details['errors']->errors['blog_title'])) {
$bp->signup->errors['signup_blog_title'] = $blog_details['errors']->errors['blog_title'][0];
}
}
}
/**
* Fires after the validation of a new signup.
*
* @since 1.1.0
*/
do_action('bp_signup_validate');
// Add any errors to the action for the field in the template for display.
if (!empty($bp->signup->errors)) {
foreach ((array) $bp->signup->errors as $fieldname => $error_message) {
/*
* The addslashes() and stripslashes() used to avoid create_function()
* syntax errors when the $error_message contains quotes.
*/
/**
* Filters the error message in the loop.
*
* @since 1.5.0
*
* @param string $value Error message wrapped in html.
*/
add_action('bp_' . $fieldname . '_errors', create_function('', 'echo apply_filters(\'bp_members_signup_error_message\', "<div class=\\"error\\">" . stripslashes( \'' . addslashes($error_message) . '\' ) . "</div>" );'));
}
} else {
$bp->signup->step = 'save-details';
// No errors! Let's register those deets.
$active_signup = bp_core_get_root_option('registration');
if ('none' != $active_signup) {
// Make sure the extended profiles module is enabled.
if (bp_is_active('xprofile')) {
// Let's compact any profile field info into usermeta.
$profile_field_ids = explode(',', $_POST['signup_profile_field_ids']);
/*
* Loop through the posted fields, formatting any
* datebox values, then add to usermeta.
*/
foreach ((array) $profile_field_ids as $field_id) {
bp_xprofile_maybe_format_datebox_post_data($field_id);
if (!empty($_POST['field_' . $field_id])) {
$usermeta['field_' . $field_id] = $_POST['field_' . $field_id];
}
if (!empty($_POST['field_' . $field_id . '_visibility'])) {
$usermeta['field_' . $field_id . '_visibility'] = $_POST['field_' . $field_id . '_visibility'];
}
}
// Store the profile field ID's in usermeta.
$usermeta['profile_field_ids'] = $_POST['signup_profile_field_ids'];
}
// Hash and store the password.
$usermeta['password'] = wp_hash_password($_POST['signup_password']);
// If the user decided to create a blog, save those details to usermeta.
if ('blog' == $active_signup || 'all' == $active_signup) {
$usermeta['public'] = isset($_POST['signup_blog_privacy']) && 'public' == $_POST['signup_blog_privacy'] ? true : false;
}
/**
* Filters the user meta used for signup.
*
* @since 1.1.0
*
* @param array $usermeta Array of user meta to add to signup.
*/
$usermeta = apply_filters('bp_signup_usermeta', $usermeta);
// Finally, sign up the user and/or blog.
if (isset($_POST['signup_with_blog']) && is_multisite()) {
$wp_user_id = bp_core_signup_blog($blog_details['domain'], $blog_details['path'], $blog_details['blog_title'], $_POST['signup_username'], $_POST['signup_email'], $usermeta);
} else {
$wp_user_id = bp_core_signup_user($_POST['signup_username'], $_POST['signup_password'], $_POST['signup_email'], $usermeta);
}
if (is_wp_error($wp_user_id)) {
$bp->signup->step = 'request-details';
bp_core_add_message($wp_user_id->get_error_message(), 'error');
} else {
$bp->signup->step = 'completed-confirmation';
}
}
/**
* Fires after the completion of a new signup.
*
* @since 1.1.0
*/
do_action('bp_complete_signup');
}
}
/**
* Fires right before the loading of the Member registration screen template file.
*
* @since 1.5.0
*/
do_action('bp_core_screen_signup');
/**
* Filters the template to load for the Member registration page screen.
*
* @since 1.5.0
*
* @param string $value Path to the Member registration template to load.
*/
bp_core_load_template(apply_filters('bp_core_template_register', array('register', 'registration/register')));
}
/**
* Handles the display of the profile edit page by loading the correct template file.
* Also checks to make sure this can only be accessed for the logged in users profile.
*
* @since 1.0.0
*
*/
function xprofile_screen_edit_profile()
{
if (!bp_is_my_profile() && !bp_current_user_can('bp_moderate')) {
return false;
}
// Make sure a group is set.
if (!bp_action_variable(1)) {
bp_core_redirect(trailingslashit(bp_displayed_user_domain() . bp_get_profile_slug() . '/edit/group/1'));
}
// Check the field group exists.
if (!bp_is_action_variable('group') || !xprofile_get_field_group(bp_action_variable(1))) {
bp_do_404();
return;
}
// No errors.
$errors = false;
// Check to see if any new information has been submitted.
if (isset($_POST['field_ids'])) {
// Check the nonce.
check_admin_referer('bp_xprofile_edit');
// Check we have field ID's.
if (empty($_POST['field_ids'])) {
bp_core_redirect(trailingslashit(bp_displayed_user_domain() . bp_get_profile_slug() . '/edit/group/' . bp_action_variable(1)));
}
// Explode the posted field IDs into an array so we know which
// fields have been submitted.
$posted_field_ids = wp_parse_id_list($_POST['field_ids']);
$is_required = array();
// Loop through the posted fields formatting any datebox values then validate the field.
foreach ((array) $posted_field_ids as $field_id) {
bp_xprofile_maybe_format_datebox_post_data($field_id);
$is_required[$field_id] = xprofile_check_is_required_field($field_id) && !bp_current_user_can('bp_moderate');
if ($is_required[$field_id] && empty($_POST['field_' . $field_id])) {
$errors = true;
}
}
// There are errors.
if (!empty($errors)) {
bp_core_add_message(__('Please make sure you fill in all required fields in this profile field group before saving.', 'buddypress'), 'error');
// No errors.
} else {
// Reset the errors var.
$errors = false;
// Now we've checked for required fields, lets save the values.
$old_values = $new_values = array();
foreach ((array) $posted_field_ids as $field_id) {
// Certain types of fields (checkboxes, multiselects) may come through empty. Save them as an empty array so that they don't get overwritten by the default on the next edit.
$value = isset($_POST['field_' . $field_id]) ? $_POST['field_' . $field_id] : '';
$visibility_level = !empty($_POST['field_' . $field_id . '_visibility']) ? $_POST['field_' . $field_id . '_visibility'] : 'public';
// Save the old and new values. They will be
// passed to the filter and used to determine
// whether an activity item should be posted.
$old_values[$field_id] = array('value' => xprofile_get_field_data($field_id, bp_displayed_user_id()), 'visibility' => xprofile_get_field_visibility_level($field_id, bp_displayed_user_id()));
// Update the field data and visibility level.
xprofile_set_field_visibility_level($field_id, bp_displayed_user_id(), $visibility_level);
$field_updated = xprofile_set_field_data($field_id, bp_displayed_user_id(), $value, $is_required[$field_id]);
$value = xprofile_get_field_data($field_id, bp_displayed_user_id());
$new_values[$field_id] = array('value' => $value, 'visibility' => xprofile_get_field_visibility_level($field_id, bp_displayed_user_id()));
if (!$field_updated) {
$errors = true;
} else {
/**
* Fires on each iteration of an XProfile field being saved with no error.
*
* @since 1.1.0
*
* @param int $field_id ID of the field that was saved.
* @param string $value Value that was saved to the field.
*/
do_action('xprofile_profile_field_data_updated', $field_id, $value);
}
}
/**
* Fires after all XProfile fields have been saved for the current profile.
*
* @since 1.0.0
*
* @param int $value Displayed user ID.
* @param array $posted_field_ids Array of field IDs that were edited.
* @param bool $errors Whether or not any errors occurred.
* @param array $old_values Array of original values before updated.
* @param array $new_values Array of newly saved values after update.
*/
do_action('xprofile_updated_profile', bp_displayed_user_id(), $posted_field_ids, $errors, $old_values, $new_values);
// Set the feedback messages.
if (!empty($errors)) {
bp_core_add_message(__('There was a problem updating some of your profile information. Please try again.', 'buddypress'), 'error');
} else {
bp_core_add_message(__('Changes saved.', 'buddypress'));
}
// Redirect back to the edit screen to display the updates and message.
bp_core_redirect(trailingslashit(bp_displayed_user_domain() . bp_get_profile_slug() . '/edit/group/' . bp_action_variable(1)));
}
}
/**
* Fires right before the loading of the XProfile edit screen template file.
*
* @since 1.0.0
*/
do_action('xprofile_screen_edit_profile');
/**
* Filters the template to load for the XProfile edit screen.
*
* @since 1.0.0
*
* @param string $template Path to the XProfile edit template to load.
*/
bp_core_load_template(apply_filters('xprofile_template_edit_profile', 'members/single/home'));
}
