function get_profile_user_role() { global $wp_roles, $user_id; $user_id = (int) $user_id; $current_user = wp_get_current_user(); $profileuser = get_user_to_edit($user_id); if ($user_id != $current_user->ID) { $roles = $profileuser->roles; $role = array_shift($roles); return $role; } return; }
$disabled_field = ' disabled="disabled"'; $pass_title = __('New Pass:'******'wphone'); if ($this->current_basename == 'profile.php' || !current_user_can('edit_users')) { // @note PROFILE FORM global $userdata; $subcontext = 'profile'; $edit_user = get_user_to_edit($user_ID); $form_title = __('Your Profile'); $nonceid = 'update-profile_' . $edit_user->ID; $formaction = 'profile-update.php'; } else { // // @note USER EDIT FORM $this->check_user_permissions('edit_users'); $subcontext = 'edit'; $edit_id = (int) $_GET['user_id']; $edit_user = $edit_id ? get_user_to_edit($edit_id) : null; $form_title = __('Edit User'); $nonceid = 'update-user_' . $edit_user->ID; $formaction = 'user-edit.php'; } } else { // @note ADD FORM, LIKE WP AFTER USER LIST $this->check_user_permissions('edit_users'); $this->context = 'list'; $subcontext = 'add'; $form_title = __('Add New User'); $pass_title = __('Password:'******'wphone'); $nonceid = 'add-user'; $formaction = 'users.php'; if (is_wp_error($add_user_errors)) { $selected_form = ' selected="true"';
// Update the user. $errors = edit_user($user_id); // Grant or revoke super admin status if requested. if (is_multisite() && is_network_admin() && !IS_PROFILE_PAGE && current_user_can('manage_network_options') && !isset($super_admins) && empty($_POST['super_admin']) == is_super_admin($user_id)) { empty($_POST['super_admin']) ? revoke_super_admin($user_id) : grant_super_admin($user_id); } if (!is_wp_error($errors)) { $redirect = add_query_arg('updated', true, get_edit_user_link($user_id)); if ($wp_http_referer) { $redirect = add_query_arg('wp_http_referer', urlencode($wp_http_referer), $redirect); } wp_redirect($redirect); exit; } default: $profileuser = get_user_to_edit($user_id); if (!current_user_can('edit_user', $user_id)) { wp_die(__('You do not have permission to edit this user.')); } $sessions = WP_Session_Tokens::get_instance($profileuser->ID); include ABSPATH . 'wp-admin/admin-header.php'; ?> <?php if (!IS_PROFILE_PAGE && is_super_admin($profileuser->ID) && current_user_can('manage_network_options')) { ?> <div class="updated"><p><strong><?php _e('Important:'); ?> </strong> <?php _e('This user has super admin privileges.');
function ure_removeCapability() { global $wpdb, $wp_roles; $mess = ''; if (isset($_GET['removeusercapability']) && $_GET['removeusercapability']) { $capability = $_GET['removeusercapability']; $capsToRemove = ure_getCapsToRemove(); if (!is_array($capsToRemove) || count($capsToRemove) == 0 || !isset($capsToRemove[$capability])) { return sprintf(__('Error! You do not have permission to delete this capability: %s!', 'ure'), $capability); } // process users $usersId = $wpdb->get_col($wpdb->prepare("SELECT {$wpdb->users}.ID FROM {$wpdb->users}")); foreach ($usersId as $user_id) { $user = get_user_to_edit($user_id); if (isset($user->roles[0]) && $user->roles[0] == 'administrator') { continue; } if ($user->has_cap($capability)) { $user->remove_cap($capability); } } // process roles foreach ($wp_roles->role_objects as $wp_role) { if ($wp_role->has_cap($capability)) { $wp_role->remove_cap($capability); } } $mess = sprintf(__('Capability %s is removed successfully', 'ure'), $capability); } return $mess; }
function cimy_delete_user_info($user_id) { global $wpdb, $wpdb_data_table, $cuef_upload_path; if (!current_user_can('edit_user', $user_id)) { return; } $sql = "DELETE FROM " . $wpdb_data_table . " WHERE USER_ID=" . $user_id; $wpdb->query($sql); $profileuser = get_user_to_edit($user_id); $user_login = $profileuser->user_login; $file_path = $cuef_upload_path . $user_login . "/"; // delete all uploaded files for that users cimy_rfr($file_path, "*"); // delete also the subdir if (is_dir($file_path)) { rmdir($file_path); } }
function show_account_page($content = null) { global $bp, $profileuser, $user, $user_id; if (!is_user_logged_in()) { return apply_filters('membership_account_form_not_logged_in', $content); } require_once ABSPATH . 'wp-admin/includes/user.php'; $user = wp_get_current_user(); $user_id = $user->ID; $profileuser = get_user_to_edit($user_id); $content = ''; $content = apply_filters('membership_account_form_before_content', $content); ob_start(); if (defined('MEMBERSHIP_ACCOUNT_FORM') && file_exists(MEMBERSHIP_ACCOUNT_FORM)) { include_once MEMBERSHIP_ACCOUNT_FORM; } elseif (!empty($bp) && file_exists(apply_filters('membership_override_bpaccount_form', membership_dir('membershipincludes/includes/bp.account.form.php'), $user_id))) { include_once apply_filters('membership_override_bpaccount_form', membership_dir('membershipincludes/includes/bp.account.form.php'), $user_id); } elseif (file_exists(apply_filters('membership_override_account_form', membership_dir('membershipincludes/includes/account.form.php'), $user_id))) { include_once apply_filters('membership_override_account_form', membership_dir('membershipincludes/includes/account.form.php'), $user_id); } $content .= ob_get_contents(); ob_end_clean(); $content = apply_filters('membership_account_form_after_content', $content, $user_id); return $content; }
public static function multiple_roles_field($user) { global $pagenow, $user_id; if (in_array($pagenow, array('user-edit.php', 'user-new.php'))) { $editable_roles = get_editable_roles(); if ($user_id) { $user = get_user_to_edit($user_id); $user_roles = array_intersect(array_values($user->roles), array_keys($editable_roles)); } else { $user_roles = null; } $roles = array(); foreach ($editable_roles as $role => $details) { $roles[$role] = translate_user_role($details['name']); } piklist::render('shared/field-user-role', array('user_roles' => $user_roles, 'roles' => $roles), false); } }
function cimy_update_ExtraFields_new_me() { global $wpdb, $wpdb_data_table, $user_ID, $max_length_value, $fields_name_prefix, $cimy_uef_file_types, $user_level, $cimy_uef_domain; include_once ABSPATH . '/wp-admin/includes/user.php'; // if updating meta-data from registration post then exit if (isset($_POST['cimy_post'])) { return; } if (isset($_POST['user_id'])) { $get_user_id = $_POST['user_id']; if (!current_user_can('edit_user', $get_user_id)) { return; } } else { return; } //echo "asd"; if (!function_exists('get_cimyFields')) { return; } $get_user_id = intval($get_user_id); $profileuser = get_user_to_edit($get_user_id); $user_login = $profileuser->user_login; $user_displayname = $profileuser->display_name; $extra_fields = get_cimyFields(false, true); $query = "UPDATE " . $wpdb_data_table . " SET VALUE=CASE FIELD_ID"; $i = 0; $field_ids = ""; $mail_changes = ""; foreach ($extra_fields as $thisField) { $field_id = $thisField["ID"]; $name = $thisField["NAME"]; $type = $thisField["TYPE"]; $label = $thisField["LABEL"]; $rules = $thisField["RULES"]; $unique_id = $fields_name_prefix . $field_id; $input_name = $fields_name_prefix . esc_attr($name); $field_id_data = $input_name . "_" . $field_id . "_data"; $advanced_options = cimy_uef_parse_advanced_options($rules["advanced_options"]); cimy_insert_ExtraFields_if_not_exist($get_user_id, $field_id); // if the current user LOGGED IN has not enough permissions to see the field, skip it // apply only for EXTRA FIELDS if ($rules['show_level'] == 'view_cimy_extra_fields') { if (!current_user_can($rules['show_level'])) { continue; } } else { if ($user_level < $rules['show_level']) { continue; } } // if show_level == anonymous then do NOT ovverride other show_xyz rules if ($rules['show_level'] == -1) { // if flag to show the field in the profile is NOT activated, skip it if (!$rules['show_in_profile']) { continue; } } $prev_value = $wpdb->escape(stripslashes($_POST[$input_name . "_" . $field_id . "_prev_value"])); if (cimy_uef_is_field_disabled($type, $rules['edit'], $prev_value)) { continue; } if (isset($_POST[$input_name]) && !in_array($type, $cimy_uef_file_types)) { if ($type == "dropdown-multi") { $field_value = stripslashes(implode(",", $_POST[$input_name])); } else { $field_value = stripslashes($_POST[$input_name]); } if ($type == "picture-url") { $field_value = str_replace('../', '', $field_value); } if (isset($rules['max_length'])) { $field_value = substr($field_value, 0, $rules['max_length']); } else { $field_value = substr($field_value, 0, $max_length_value); } $field_value = $wpdb->escape($field_value); if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $query .= " WHEN " . $field_id . " THEN "; switch ($type) { case 'dropdown': case 'dropdown-multi': $ret = cimy_dropDownOptions($label, $field_value); $label = $ret['label']; case 'picture-url': case 'textarea': case 'textarea-rich': case 'password': case 'text': $value = "'" . $field_value . "'"; $prev_value = "'" . $prev_value . "'"; break; case 'checkbox': $value = $field_value == '1' ? "'YES'" : "'NO'"; $prev_value = $prev_value == "YES" ? "'YES'" : "'NO'"; break; case 'radio': $value = $field_value == $field_id ? "'selected'" : "''"; $prev_value = "'" . $prev_value . "'"; break; } $query .= $value; } else { $rules = $thisField['RULES']; if (in_array($type, $cimy_uef_file_types)) { if ($type == "avatar") { // since avatars are drawn max to 512px then we can save bandwith resizing, do it! $rules['equal_to'] = 512; } if (isset($_POST[$input_name . '_del'])) { $delete_file = true; } else { $delete_file = false; } if (isset($_POST[$input_name . "_" . $field_id . "_prev_value"])) { $old_file = stripslashes($_POST[$input_name . "_" . $field_id . "_prev_value"]); } else { $old_file = false; } $field_value = cimy_manage_upload($input_name, $user_login, $rules, $old_file, $delete_file, $type, !empty($advanced_options["filename"]) ? $advanced_options["filename"] : ""); if (!empty($field_value) || $delete_file) { if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $value = "'" . $field_value . "'"; $prev_value = "'" . $prev_value . "'"; $query .= " WHEN " . $field_id . " THEN "; $query .= $value; } else { $prev_value = $value; $file_on_server = cimy_uef_get_dir_or_filename($user_login, $old_file, false); if ($type == "picture" || $type == "avatar") { cimy_uef_crop_image($file_on_server, $field_id_data); } } } if ($type == 'checkbox') { // if can be editable then write NO // there is no way to understand if was YES or NO previously // without adding other hidden inputs so write always if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $field_value = "NO"; $value = "'" . $field_value . "'"; $prev_value = $prev_value == "YES" ? "'YES'" : "'NO'"; $query .= " WHEN " . $field_id . " THEN "; $query .= $value; } if ($type == 'dropdown-multi') { // if can be editable then write '' // there is no way to understand if was YES or NO previously // without adding other hidden inputs so write always if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $field_value = ''; $value = "'" . $field_value . "'"; $prev_value = "'" . $prev_value . "'"; $ret = cimy_dropDownOptions($label, $field_value); $label = $ret['label']; $query .= " WHEN " . $field_id . " THEN "; $query .= $value; } } if ($rules["email_admin"] && $value != $prev_value && $type != "registration-date") { $mail_changes .= sprintf(__("%s previous value: %s new value: %s", $cimy_uef_domain), $label, stripslashes($prev_value), stripslashes($value)); $mail_changes .= "\r\n"; } } if ($i > 0) { $query .= " ELSE FIELD_ID END WHERE FIELD_ID IN(" . $field_ids . ") AND USER_ID = " . $get_user_id; // $query WILL BE: UPDATE <table> SET VALUE=CASE FIELD_ID WHEN <field_id1> THEN <value1> [WHEN ... THEN ...] ELSE FIELD_ID END WHERE FIELD_ID IN(<field_id1>, [<field_id2>...]) AND USER_ID=<user_id> $wpdb->query($query); } // mail only if set and if there is something to mail if (!empty($mail_changes)) { $admin_email = get_option('admin_email'); $mail_subject = sprintf(__("%s (%s) has changed one or more fields", $cimy_uef_domain), $user_displayname, $user_login); wp_mail($admin_email, $mail_subject, $mail_changes); } }
protected function check_user_to_edit() { if ($this->ure_object == 'user') { if (!isset($_REQUEST['user_id'])) { return false; // user_id value is missed } $user_id = $_REQUEST['user_id']; if (!is_numeric($user_id)) { return false; } if (!$user_id) { return false; } $this->user_to_edit = get_user_to_edit($user_id); if (empty($this->user_to_edit)) { return false; } } return true; }
/** * Display the user's profile. * * @access public * @since BuddyPress (2.0.0) */ public function user_admin() { if (!current_user_can('bp_moderate')) { die('-1'); } $user = get_user_to_edit($_GET['user_id']); // Construct URL for form $form_url = remove_query_arg(array('action', 'error', 'updated', 'spam', 'ham'), $_SERVER['REQUEST_URI']); $form_url = esc_url(add_query_arg('action', 'update', $form_url)); $wp_http_referer = remove_query_arg(array('action', 'updated'), $_REQUEST['wp_http_referer']); // Prepare notice for admin $notice = array(); if (!empty($_REQUEST['updated'])) { switch ($_REQUEST['updated']) { case 'avatar': $notice = array('class' => 'updated', 'message' => __('Avatar was deleted successfully!', 'buddypress')); break; case 'ham': $notice = array('class' => 'updated', 'message' => __('User removed as spammer.', 'buddypress')); break; case 'spam': $notice = array('class' => 'updated', 'message' => __('User marked as spammer. Spam users are visible only to site admins.', 'buddypress')); break; case 1: $notice = array('class' => 'updated', 'message' => __('Profile updated.', 'buddypress')); break; } } if (!empty($_REQUEST['error'])) { switch ($_REQUEST['error']) { case 'avatar': $notice = array('class' => 'error', 'message' => __('There was a problem deleting that avatar, please try again.', 'buddypress')); break; case 'ham': $notice = array('class' => 'error', 'message' => __('User could not be removed as spammer.', 'buddypress')); break; case 'spam': $notice = array('class' => 'error', 'message' => __('User could not be marked as spammer.', 'buddypress')); break; case 1: $notice = array('class' => 'error', 'message' => __('An error occured while trying to update the profile.', 'buddypress')); break; case 2: $notice = array('class' => 'error', 'message' => __('Please make sure you fill in all required fields in this profile field group before saving.', 'buddypress')); break; case 3: $notice = array('class' => 'error', 'message' => __('There was a problem updating some of your profile information, please try again.', 'buddypress')); break; } } if (!empty($notice)) { if ('updated' === $notice['class']) { ?> <div id="message" class="<?php echo esc_attr($notice['class']); ?> "> <?php } else { ?> <div class="<?php echo esc_attr($notice['class']); ?> "> <?php } ?> <p><?php echo esc_html($notice['message']); ?> </p> <?php if (!empty($wp_http_referer) && 'updated' === $notice['class']) { ?> <p><a href="<?php echo esc_url($wp_http_referer); ?> "><?php esc_html_e('← Back to Users', 'buddypress'); ?> </a></p> <?php } ?> </div> <?php } ?> <div class="wrap" id="community-profile-page"> <?php screen_icon('users'); ?> <h2> <?php _e('Edit User', 'buddypress'); if (current_user_can('create_users')) { ?> <a href="user-new.php" class="add-new-h2"><?php echo esc_html_x('Add New', 'user', 'buddypress'); ?> </a> <?php } elseif (is_multisite() && current_user_can('promote_users')) { ?> <a href="user-new.php" class="add-new-h2"><?php echo esc_html_x('Add Existing', 'user', 'buddypress'); ?> </a> <?php } ?> </h2> <?php if (!empty($user)) { $this->profile_nav($user, 'BuddyPress'); ?> <form action="<?php echo esc_attr($form_url); ?> " id="your-profile" method="post"> <div id="poststuff"> <div id="post-body" class="metabox-holder columns-<?php echo 1 == get_current_screen()->get_columns() ? '1' : '2'; ?> "> <div id="post-body-content"> </div><!-- #post-body-content --> <div id="postbox-container-1" class="postbox-container"> <?php do_meta_boxes(get_current_screen()->id, 'side', $user); ?> </div> <div id="postbox-container-2" class="postbox-container"> <?php do_meta_boxes(get_current_screen()->id, 'normal', $user); ?> <?php do_meta_boxes(get_current_screen()->id, 'advanced', $user); ?> </div> </div><!-- #post-body --> </div><!-- #poststuff --> <?php wp_nonce_field('closedpostboxes', 'closedpostboxesnonce', false); ?> <?php wp_nonce_field('meta-box-order', 'meta-box-order-nonce', false); ?> <?php wp_nonce_field('edit-bp-profile_' . $user->ID); ?> </form> <?php } else { ?> <p><?php printf(__('No user found with this ID. <a href="%s">Go back and try again</a>.', 'buddypress'), esc_url(bp_get_admin_url('users.php'))); ?> </p> <?php } ?> </div><!-- .wrap --> <?php }
function web_invoice_draw_user_selection_form($user_id) { global $wpdb, $blog_id; $_SESSION['last_new_invoice'] = true; ?> <div class="postbox" id="wp_new_web_invoice_div"> <div class="inside"> <form action="admin.php?page=new_web_invoice" method='POST'> <table class="form-table" id="get_user_info"> <tr class=""> <th><?php if (isset($user_id)) { _e("Start New Invoice For: ", WEB_INVOICE_TRANS_DOMAIN); } else { _e("Create New Invoice For: ", WEB_INVOICE_TRANS_DOMAIN); } ?> </th> <td><select name='user_id' class='user_selection'> <option></option> <?php if (is_dir(WP_CONTENT_DIR . '/mu-plugins') || MULTISITE) { $prefix = $wpdb->base_prefix; if ($prefix == "") { $prefix = $wpdb->prefix; } $get_all_users = $wpdb->get_results("SELECT * FROM {$prefix}users LEFT JOIN {$prefix}usermeta on {$prefix}users.id={$prefix}usermeta.user_id WHERE ({$prefix}usermeta.meta_key='primary_blog' and {$prefix}usermeta.meta_value = {$blog_id}) OR ({$prefix}usermeta.meta_key='{$wpdb->prefix}capabilities') ORDER BY {$prefix}users.user_nicename"); } else { $prefix = $wpdb->prefix; $get_all_users = $wpdb->get_results("SELECT ID FROM {$prefix}users ORDER BY {$prefix}users.user_nicename"); } $_used_ids = array(); foreach ($get_all_users as $user) { if (isset($_used_ids[$user->ID])) { continue; } $profileuser = get_user_to_edit($user->ID); echo "<option "; if (isset($user_id) && $user_id == $user->ID) { echo " SELECTED "; } if (!empty($profileuser->last_name) && !empty($profileuser->first_name)) { echo " value=\"" . $user->ID . "\">" . $profileuser->last_name . ", " . $profileuser->first_name . " (" . $profileuser->user_email . ")</option>\n"; } else { echo " value=\"" . $user->ID . "\">" . $profileuser->user_login . " (" . $profileuser->user_email . ")</option>\n"; } $_used_ids[$user->ID] = true; } ?> </select> <input type='submit' class='button' id="web_invoice_create_new_web_invoice" value='<?php _e("Create New Invoice", WEB_INVOICE_TRANS_DOMAIN); ?> ' /> <?php if (web_invoice_number_of_invoices() > 0) { ?> <span id="web_invoice_copy_invoice" class="web_invoice_click_me"><?php _e("copy from another", WEB_INVOICE_TRANS_DOMAIN); ?> </span> <br /> <div class="web_invoice_copy_invoice"><?php $all_invoices = $wpdb->get_results("SELECT * FROM " . Web_Invoice::tablename('main')); ?> <select name="copy_from_template"> <option SELECTED value=""></option> <?php foreach ($all_invoices as $invoice) { $profileuser = get_user_to_edit($invoice->user_id); ?> <option value="<?php echo $invoice->invoice_num; ?> "><?php if (web_invoice_recurring($invoice->invoice_num)) { _e("(recurring)", WEB_INVOICE_TRANS_DOMAIN); } ?> <?php echo $invoice->subject . " - \$" . $invoice->amount; ?> </option> <?php } ?> </select><input type='submit' class='button' value='<?php _e("New Invoice from Template", WEB_INVOICE_TRANS_DOMAIN); ?> ' /> <span id="web_invoice_copy_invoice_cancel" class="web_invoice_click_me"><?php _e("cancel", WEB_INVOICE_TRANS_DOMAIN); ?> </span> </div> <?php } if (!isset($user_id)) { _e("User must have a profile to receive invoices.", WEB_INVOICE_TRANS_DOMAIN); if (current_user_can('create_users')) { if ($GLOBALS['wp_version'] < '2.7') { echo "<a href=\"users.php\">" . __("Create a new user account.", WEB_INVOICE_TRANS_DOMAIN) . "</a>"; } else { echo "<a href=\"user-new.php\">" . __("Create a new user account.", WEB_INVOICE_TRANS_DOMAIN) . "</a>"; } } } ?> </td> </tr> </table> </form> </div> </div> <?php }
/** * Shows the user profile form * * @global type $userdata * @param type $user_id */ function wpuf_user_edit_profile_form($user_id = null) { global $userdata, $wp_http_referer; get_currentuserinfo(); if (!function_exists('get_user_to_edit')) { require_once ABSPATH . '/wp-admin/includes/user.php'; } if (!function_exists('_wp_get_user_contactmethods')) { require_once ABSPATH . '/wp-includes/registration.php'; } if (!$user_id) { $current_user = wp_get_current_user(); $user_id = $user_ID = $current_user->ID; } if (isset($_POST['submit'])) { check_admin_referer('update-profile_' . $user_id); $errors = edit_user($user_id); if (is_wp_error($errors)) { $message = $errors->get_error_message(); $style = 'error'; } else { $message = __('<strong>Success</strong>: Profile updated', 'wpuf'); $style = 'success'; do_action('personal_options_update', $user_id); } } $profileuser = get_user_to_edit($user_id); if (isset($message)) { echo '<div class="' . $style . '">' . $message . '</div>'; } ?> <div class="wpuf-profile"> <form name="profile" id="your-profile" action="" method="post"> <?php wp_nonce_field('update-profile_' . $user_id); ?> <?php if ($wp_http_referer) { ?> <input type="hidden" name="wp_http_referer" value="<?php echo esc_url($wp_http_referer); ?> " /> <?php } ?> <input type="hidden" name="from" value="profile" /> <input type="hidden" name="checkuser_id" value="<?php echo $user_id; ?> " /> <table class="wpuf-table"> <?php do_action('personal_options', $profileuser); ?> </table> <?php do_action('profile_personal_options', $profileuser); ?> <fieldset> <legend><?php _e('Name'); ?> </legend> <table class="wpuf-table"> <tr> <th><label for="user_login1"><?php _e('Username'); ?> </label></th> <td><input type="text" name="user_login" id="user_login1" value="<?php echo esc_attr($profileuser->user_login); ?> " disabled="disabled" class="regular-text" /><br /><em><span class="description"><?php _e('Usernames cannot be changed.'); ?> </span></em></td> </tr> <tr> <th><label for="first_name"><?php _e('First Name'); ?> </label></th> <td><input type="text" name="first_name" id="first_name" value="<?php echo esc_attr($profileuser->first_name); ?> " class="regular-text" /></td> </tr> <tr> <th><label for="last_name"><?php _e('Last Name'); ?> </label></th> <td><input type="text" name="last_name" id="last_name" value="<?php echo esc_attr($profileuser->last_name); ?> " class="regular-text" /></td> </tr> <tr> <th><label for="nickname"><?php _e('Nickname'); ?> <span class="description"><?php _e('(required)'); ?> </span></label></th> <td><input type="text" name="nickname" id="nickname" value="<?php echo esc_attr($profileuser->nickname); ?> " class="regular-text" /></td> </tr> <tr> <th><label for="display_name"><?php _e('Display to Public as'); ?> </label></th> <td> <select name="display_name" id="display_name"> <?php $public_display = array(); $public_display['display_username'] = $profileuser->user_login; $public_display['display_nickname'] = $profileuser->nickname; if (!empty($profileuser->first_name)) { $public_display['display_firstname'] = $profileuser->first_name; } if (!empty($profileuser->last_name)) { $public_display['display_lastname'] = $profileuser->last_name; } if (!empty($profileuser->first_name) && !empty($profileuser->last_name)) { $public_display['display_firstlast'] = $profileuser->first_name . ' ' . $profileuser->last_name; $public_display['display_lastfirst'] = $profileuser->last_name . ' ' . $profileuser->first_name; } if (!in_array($profileuser->display_name, $public_display)) { // Only add this if it isn't duplicated elsewhere $public_display = array('display_displayname' => $profileuser->display_name) + $public_display; } $public_display = array_map('trim', $public_display); $public_display = array_unique($public_display); foreach ($public_display as $id => $item) { ?> <option id="<?php echo $id; ?> " value="<?php echo esc_attr($item); ?> "<?php selected($profileuser->display_name, $item); ?> ><?php echo $item; ?> </option> <?php } ?> </select> </td> </tr> </table> </fieldset> <fieldset> <legend><?php _e('Contact Info'); ?> </legend> <table class="wpuf-table"> <tr> <th><label for="email"><?php _e('E-mail'); ?> <span class="description"><?php _e('(required)'); ?> </span></label></th> <td><input type="text" name="email" id="email" value="<?php echo esc_attr($profileuser->user_email); ?> " class="regular-text" /> </td> </tr> <tr> <th><label for="url"><?php _e('Website'); ?> </label></th> <td><input type="text" name="url" id="url" value="<?php echo esc_attr($profileuser->user_url); ?> " class="regular-text code" /></td> </tr> <?php foreach (_wp_get_user_contactmethods() as $name => $desc) { ?> <tr> <th><label for="<?php echo $name; ?> "><?php echo apply_filters('user_' . $name . '_label', $desc); ?> </label></th> <td><input type="text" name="<?php echo $name; ?> " id="<?php echo $name; ?> " value="<?php echo esc_attr($profileuser->{$name}); ?> " class="regular-text" /></td> </tr> <?php } ?> </table> </fieldset> <fieldset> <legend><?php _e('About Yourself'); ?> </legend> <table class="wpuf-table"> <tr> <th><label for="description"><?php _e('Biographical Info', 'wpuf'); ?> </label></th> <td><textarea name="description" id="description" rows="5" cols="30"><?php echo esc_html($profileuser->description); ?> </textarea><br /> <span class="description"><?php _e('Share a little biographical information to fill out your profile. This may be shown publicly.'); ?> </span></td> </tr> <tr id="password"> <th><label for="pass1"><?php _e('New Password', 'wpuf'); ?> </label></th> <td> <input type="password" name="pass1" id="pass1" size="16" value="" autocomplete="off" /><br /><br /> </td> </tr> <tr> <th><label><?php _e('Confirm Password', 'wpuf'); ?> </label></th> <td> <input type="password" name="pass2" id="pass2" size="16" value="" autocomplete="off" /> <em><span class="description"><?php _e("Type your new password again."); ?> </span></em> </td> </tr> <tr> <th><label><?php _e('Password Strength', 'wpuf'); ?> </label></th> <td> <div id="pass-strength-result"><?php _e('Strength indicator'); ?> </div> <script src="<?php echo admin_url(); ?> /js/password-strength-meter.js"></script> <script type="text/javascript"> var pwsL10n = { empty: "Strength indicator", short: "Very weak", bad: "Weak", good: "Medium", strong: "Strong", mismatch: "Mismatch" }; try{convertEntities(pwsL10n);}catch(e){}; </script> </td> </tr> </table> </fieldset> <?php do_action('show_user_profile', $profileuser); ?> <p class="submit"> <input type="hidden" name="action" value="update" /> <input type="hidden" name="user_id" id="user_id" value="<?php echo esc_attr($user_id); ?> " /> <input type="submit" class="wpuf-submit" value="<?php _e('Update Profile', 'wpuf'); ?> " name="submit" /> </p> </form> </div> <?php }
public function registerAction() { if (count($_POST)) { if ($_POST['agree_to_terms']) { global $wp_version; $partner = new Kaltura_Client_Type_Partner(); $partner->name = $_POST['company'] ? $_POST['company'] : $_POST['first_name'] . ' ' . $_POST['last_name']; $partner->adminEmail = $_POST['email']; $partner->firstName = $_POST['first_name']; $partner->lastName = $_POST['last_name']; $partner->website = $_POST['website']; $partner->description = $_POST['description'] . "\nWordpress all-in-one plugin|" . $wp_version; $partner->country = strlen($_POST['country']) == 2 ? $_POST['country'] : null; $partner->state = strlen($_POST['state']) == 2 ? $_POST['state'] : null; $partner->commercialUse = Kaltura_Client_Enum_CommercialUseType::NON_COMMERCIAL_USE; $partner->phone = $_POST['phone']; $partner->type = Kaltura_Client_Enum_PartnerType::WORDPRESS; $partner->defConversionProfileType = 'wp_default'; $partner->additionalParams = array(); $keyValue = new Kaltura_Client_Type_KeyValue(); $keyValue->key = 'company'; $keyValue->value = $_POST['company']; $partner->additionalParams[] = $keyValue; $keyValue = new Kaltura_Client_Type_KeyValue(); $keyValue->key = 'title'; $keyValue->value = $_POST['job_title']; $partner->additionalParams[] = $keyValue; $keyValue = new Kaltura_Client_Type_KeyValue(); $keyValue->key = 'would_you_like_to_be_contacted'; $keyValue->value = $_POST['would_you_like']; $partner->additionalParams[] = $keyValue; $keyValue = new Kaltura_Client_Type_KeyValue(); $keyValue->key = 'vertical'; $keyValue->value = $_POST['describe_yourself']; $partner->additionalParams[] = $keyValue; $kmodel = KalturaModel::getInstance(); $error = null; try { $partner = $kmodel->registerPartner($partner); } catch (\Exception $ex) { $error = $ex; } if ($error) { $params['error'] = $error->getMessage(); } else { $partnerId = $partner->id; $subPartnerId = $partnerId * 100; $secret = $partner->secret; $adminSecret = $partner->adminSecret; $cmsUser = $partner->adminEmail; // save partner details update_option('kaltura_partner_id', $partnerId); update_option('kaltura_subp_id', $subPartnerId); update_option('kaltura_secret', $secret); update_option('kaltura_admin_secret', $adminSecret); update_option('kaltura_cms_user', $cmsUser); $params['success'] = true; } } else { $params['error'] = 'You must agree to the Kaltura Terms of Use'; } $params['pingOk'] = true; } else { global $user_ID; $profileuser = get_user_to_edit($user_ID); // set defaults $_POST['first_name'] = $profileuser->first_name; $_POST['last_name'] = $profileuser->last_name; $_POST['email'] = $profileuser->user_email; $_POST['company'] = get_bloginfo('name'); $_POST['website'] = get_option('home'); $config = KalturaHelpers::getKalturaConfiguration(); $config->partnerId = 0; // no need to pass partner id for ping $config->subPartnerId = 0; $kalturaClient = new Kaltura_Client_Client($config); $kmodel = KalturaModel::getInstance(); $params['pingOk'] = $kmodel->pingTest($kalturaClient); } $params['countries'] = KalturaHelpers::getCountries(); $params['states'] = KalturaHelpers::getStates(); $this->renderView('admin/register.php', $params); }
function cyc_profile_init() { function cyc_profile_js() { ?> <script type="text/javascript"> function update_nickname() { var nickname = jQuery('#nickname').val(); var display_nickname = jQuery('#display_nickname').val(); if (nickname == '') { jQuery('#display_nickname').remove(); } jQuery('#display_nickname').val(nickname).html(nickname); } jQuery(function ($) { //$('#pass1').keyup( check_pass_strength ) $('.color-palette').click(function () { $(this).siblings('input[name=admin_color]').attr('checked', 'checked') }); }); jQuery(document).ready(function () { jQuery('#pass1,#pass2').attr('autocomplete', 'off'); jQuery('#nickname').blur(update_nickname); }); </script> <?php } function cyc_profile_css() { ?> <style type="text/css"> table.form-table th, table.form-table td { padding: 0; } table.form-table th { width: 150px; vertical-align: text-top; text-align: left; } p.message { padding: 3px 5px; background-color: lightyellow; border: 1px solid yellow; } #display_name { width: 250px; } .field-hint { display: block; clear: both; } </style> <?php } if (!$user_id) { $current_user = wp_get_current_user(); $user_id = $current_user->ID; } // If current user can see more of the admin area then just his profile, doing all this makes no sense. if ($current_user->has_cap('edit_posts') === false && $current_user->has_cap('subscription_agency') === false) { $is_profile_page = true; add_filter('wp_title', 'cyc_title'); add_action('wp_head', 'cyc_profile_js'); add_action('wp_head', 'cyc_profile_css'); wp_enqueue_script('jquery'); wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer')); $user_id = (int) $user_id; $profileuser = get_user_to_edit($user_id); if (!current_user_can('edit_user', $user_id)) { wp_die(__('You do not have permission to edit this user.')); } cyc_head(__('Личный кабинет пользователя')); if ($_GET['updated'] == true) { echo '<p class="message">Ваш профиль обновлён</p>'; } get_template_part('_user', 'profile'); cyc_footer(); die; } }
<?php require_once 'admin.php'; $title = __('Profile'); if (current_user_can('edit_users')) { $parent_file = 'users.php'; } else { $parent_file = 'profile.php'; } include_once 'admin-header.php'; $profileuser = get_user_to_edit($user_ID); $bookmarklet_height = 440; ?> <?php if (isset($_GET['updated'])) { ?> <div id="message" class="updated fade"> <p><strong><?php _e('Profile updated.'); ?> </strong></p> </div> <?php } ?> <div class="wrap"> <h2><?php _e('Your Profile and Personal Options'); ?>
/** * The Admin-facing user edit screen * * @since 1.0.0 * @param $user_id int. The user ID * @return html */ function bbconnect_edit_user($user_id = '') { if ('' == $user_id && isset($_POST['uuid'])) { $user_id = $_POST['uuid']; } if ('' != $user_id) { $_GET['user_id'] = $user_id; } // WORDPRESS SETUP wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer')); if (empty($_GET['user_id'])) { define('IS_PROFILE_PAGE', true); } // SET THE USER INFORMATION global $user_id; $user_id = (int) $user_id; $current_user = wp_get_current_user(); if (!defined('IS_PROFILE_PAGE')) { define('IS_PROFILE_PAGE', $user_id == $current_user->ID); } if (!$user_id && IS_PROFILE_PAGE) { $user_id = $current_user->ID; } elseif (!$user_id && !IS_PROFILE_PAGE) { wp_die(__('Invalid user ID.')); } elseif (!get_userdata($user_id)) { wp_die(__('Invalid user ID.')); } //if ( !current_user_can('edit_user', $user_id) ) if (!bbconnect_user_can('edit_user', array('one' => $current_user->ID, 'two' => $user_id))) { wp_die(__('You do not have permission to edit this user.')); } $profileuser = get_user_to_edit($user_id); global $errors, $updated; if (isset($updated)) { ?> <div id="message" class="updated"> <p><strong><?php echo $updated; ?> </strong></p> </div> <?php } if (isset($errors) && is_wp_error($errors)) { ?> <div class="error"><p><?php echo implode("</p>\n<p>", $errors->get_error_messages()); ?> </p></div> <?php } // SET BBCONNECT POSITIONS // SET GLOBAL VARIABLES global $current_user, $bbconnect_cap; if (current_user_can('list_users')) { $bbconnect_cap = 'admin'; $formdes = admin_url('users.php?page=bbconnect_edit_user&user_id=' . $user_id); } else { $bbconnect_cap = 'user'; $formdes = admin_url('admin.php?page=bbconnect_edit_user_profile&user_id=' . $user_id); } $tabs = apply_filters('bbconnect_user_tabs', array('meta' => array('title' => __('Profile', 'bbconnect'), 'subs' => false), 'actions' => array('title' => __('History', 'bbconnect'), 'subs' => false))); if (isset($_GET['tab'])) { $active = $_GET['tab']; } else { $active = current(array_keys($tabs)); } $tab_nav = ''; foreach ($tabs as $key => $val) { if ($active == $key) { $act_tab = ' nav-tab-active'; } else { $act_tab = ''; } $tab_nav .= '<a href="' . $formdes . '&tab=' . $key . '" class="nav-tab' . $act_tab . '">' . $val['title'] . '</a>'; } if ($user_id == $current_user->ID) { echo '<style>#column_2{display:none;}</style>'; } do_action('bbconnect_pre_admin_profile'); ?> <div id="bbconnect" class="wrap"> <div id="icon-users" class="icon32"><br /></div> <h2><?php echo bbconnect_get_username($user_id); ?> </h2> <h2 class="nav-tab-wrapper"><?php echo $tab_nav; ?> </h2> <?php if (function_exists('bbconnect_profile_quicklinks')) { bbconnect_profile_quicklinks($user_id); } else { echo '<div id="quicklinks-wrapper">You should get the quicklinks addon!</div>'; } ?> <form id="user-form" class="bbconnect-form" enctype="multipart/form-data" action="<?php echo $formdes . '&tab=' . $active; ?> " autocomplete="off" method="POST"> <?php wp_nonce_field('bbconnect-edit-user-nonce'); ?> <div> <?php switch ($active) { case 'meta': do_action('bbconnect_pre_admin_profile_fields'); bbconnect_profile_user_meta(array('user_id' => $user_id, 'bbconnect_cap' => $bbconnect_cap, 'action' => 'edit')); /* THIS IS HERE FOR TEMPORARY HISTORICAL REFERENCES if ( IS_PROFILE_PAGE ) do_action( 'show_user_profile', $profileuser ); else do_action( 'edit_user_profile', $profileuser ); */ ?> <input type="hidden" name="update" value="<?php echo $active; ?> " /> <input type="hidden" name="user_id" id="user_id" value="<?php echo esc_attr($user_id); ?> " /> <div style="clear: both;"> <input id="profile-submission" type="submit" name="edit_user_profile" value="<?php _e('Update!', 'bbconnect'); ?> " class="button-primary" /> </div> <?php if (!current_user_can('edit_users')) { ?> <script type="text/javascript"> jQuery(document).ready(function(){ jQuery('#bbconnect').on('click', '#profile-submission', check_profile); }); </script> <?php } ?> <?php break; case 'actions': bbconnect_actions_editor(array('user_id' => $user_id, 'bbconnect_cap' => $bbconnect_cap, 'action' => 'edit')); break; default: do_action('bbconnect_admin_profile_' . $active); break; } ?> </div> </form> </div> <?php }
/** * Tests the model function that expects slashed data * */ function test_wp_update_user() { $id = $this->factory->user->create(); $id = wp_update_user(array('ID' => $id, 'role' => 'subscriber', 'first_name' => $this->slash_1, 'last_name' => $this->slash_3, 'nickname' => $this->slash_5, 'display_name' => $this->slash_7, 'description' => $this->slash_3)); $user = get_user_to_edit($id); $this->assertEquals(wp_unslash($this->slash_1), $user->first_name); $this->assertEquals(wp_unslash($this->slash_3), $user->last_name); $this->assertEquals(wp_unslash($this->slash_5), $user->nickname); $this->assertEquals(wp_unslash($this->slash_7), $user->display_name); $this->assertEquals(wp_unslash($this->slash_3), $user->description); $id = wp_update_user(array('ID' => $id, 'role' => 'subscriber', 'first_name' => $this->slash_2, 'last_name' => $this->slash_4, 'nickname' => $this->slash_6, 'display_name' => $this->slash_2, 'description' => $this->slash_4)); $user = get_user_to_edit($id); $this->assertEquals(wp_unslash($this->slash_2), $user->first_name); $this->assertEquals(wp_unslash($this->slash_4), $user->last_name); $this->assertEquals(wp_unslash($this->slash_6), $user->nickname); $this->assertEquals(wp_unslash($this->slash_2), $user->display_name); $this->assertEquals(wp_unslash($this->slash_4), $user->description); }
<?php $profileuser = get_user_to_edit(get_current_user_id()); ?> <div id="X_Account-Profile"> <div class="row-fluid"> <form id="X_Account-Profile-Form" class="form-horizontal"> <?php wp_nonce_field('update-user_' . get_current_user_id()); ?> <input type="hidden" name="action" value="xt_ajax_account_profile_update"> <div class="control-group"> <label class="control-label" for="user_login">用户名:</label> <div class="controls"> <input class="required disabled" type="text" name="user_login" id="user_login" disabled value="<?php echo esc_attr($profileuser->user_login); ?> "> </div> </div> <div class="control-group"> <label class="control-label" for="display_name">昵称:</label> <div class="controls"> <input class="required" type="text" name="display_name" id="display_name" value="<?php echo esc_attr($profileuser->display_name); ?> "> </div> </div> <div class="control-group"> <label class="control-label">性别:</label>
/** * Sidebar metabox for administrative user actions * * * @todo Fix delete link to be handled internally and not depend on built-in user management * @since 0.01 * */ function special_actions($object) { global $current_user, $wpdb, $wp_filter, $user_id; $current_user_id = $current_user->ID; $user_id = $object['ID']['default'][0]; $profileuser = get_user_to_edit($user_id); if ($user_id == $current_user_id) { $own_profile = true; } ?> <div id="minor-publishing"> <ul class="wp_crm_advanced_user_actions_wrapper"> <li class="wp_crm_advanced_user_actions"> <div class="wp_crm_toggle_advanced_user_actions wp_crm_link"><?php _e('Toggle Settings'); ?> </div> <div class="wp_crm_advanced_user_actions wp-tab-panel"> <?php if (current_user_can('edit_users')) { ?> <?php if (current_user_can('WP-CRM: Change Passwords')) { ?> <?php _e('Set Password:'******'wp_crm'); ?> <ul class="wp_crm_edit_password"> <li> <input type="password" autocomplete="off" value="" size="16" class="wp_crm_user_password" id="wp_crm_password_1" name="wp_crm[user_data][user_pass][<?php echo rand(1000, 9999); ?> ][value]" /> <span class="description"><?php _e('Type in new password twice to change.'); ?> </span> </li> <li> <input type="password" autocomplete="off" value="" size="16" class="wp_crm_user_password" id="wp_crm_password_2" /> <span class="description"><?php _e('Type your new password again.'); ?> </span> </li> </ul> <?php } ?> <ul> <?php if (current_user_can('edit_roles')) { ?> <li class="wp_crm_edit_roles"> <label for="wp_crm_role"><?php _e('Capability Role:', 'wp_crm'); ?> </label> <select id="wp_crm_role" <?php echo $own_profile ? ' disabled="true" ' : ''; ?> name="wp_crm[user_data][role][<?php echo rand(1000, 9999); ?> ][value]"> <option value=""></option> <?php wp_dropdown_roles($object['role']['default'][0]); ?> </select> </li> <?php } ?> <li class="wp_crm_capability_bar"> <input name="show_admin_bar_front" type="hidden" value="false" /> <input name="show_admin_bar_front" type="checkbox" id="show_admin_bar_front" value="true" <?php checked(_get_admin_bar_pref('front', $profileuser->ID)); ?> /> <label for="show_admin_bar_front"><?php _e('Show Admin Bar when viewing site.'); ?> </label> </li> </ul> <?php } ?> <?php if (current_user_can('WP-CRM: Change Color Scheme')) { _e('Color Scheme:', 'wp_crm'); do_action('admin_color_scheme_picker'); } ?> </div> </li> </ul> <?php if (count($wp_filter['show_user_profile']) || count($wp_filter['profile_personal_options'])) { ?> <div class="wp_crm_user_api_actions"> <?php add_filter('wpi_user_information', array('WP_CRM_F', 'wpi_user_information')); if ($own_profile) { do_action('show_user_profile', $profileuser); } else { do_action('edit_user_profile', $profileuser); } ?> </div> <?php } ?> <?php if (current_user_can('edit_users')) { do_action('wp_crm_metabox_special_actions'); } ?> </div> <div class="major-publishing-actions"> <div class="other-action"> <span class="wp_crm_subtle_link wp_crm_toggle" toggle="wp_crm_user_actions"><?php _e('Show Actions'); ?> </span> </div> <div id="publishing-action"> <input type="hidden" value="Publish" id="original_publish" name="original_publish"> <?php if (current_user_can('edit_users') || current_user_can('add_users') && $object['new']) { ?> <input type="submit" accesskey="p" tabindex="5" value="<?php echo $object['new'] ? __('Save', 'wpp_crm') : __('Update', 'wpp_crm'); ?> " class="button-primary" id="publish" name="publish"> <?php } else { ?> <input type="submit" accesskey="p" tabindex="5" value="<?php echo $object['new'] ? __('Save', 'wpp_crm') : __('Update', 'wpp_crm'); ?> " class="button-primary" id="publish" name="publish" disabled="true"> <?php } ?> </div> <div class="clear"></div> </div> <div class="wp_crm_user_actions hidden"> <ul class="wp_crm_action_list"> <?php if (current_user_can('WP-CRM: Add User Messages')) { ?> <li class="wp_crm_orange_link wp_crm_toggle_message_entry"><?php _e('Add a general note.', 'wp_crm'); ?> </li> <?php } ?> <?php do_action('wp_crm_single_user_actions', $object); ?> <?php if ((current_user_can('remove_users') || current_user_can('delete_users')) && (!$object['new'] && $user_id != $current_user->ID)) { ?> <li class="wp_crm_orange_link"><a href="<?php echo wp_nonce_url("admin.php?wp_crm_action=delete_user&page=wp_crm&user_id={$user_id}", 'wp-crm-delete-user-' . $user_id); ?> " class="submitdelete deletion"><?php _e('Delete'); ?> </a></li> <?php } ?> </ul> </div> <?php }
function web_invoice_send_email($invoice_array, $reminder = false) { global $wpdb; if (is_array($invoice_array)) { $counter = 0; foreach ($invoice_array as $invoice_id) { $invoice_info = $wpdb->get_row("SELECT * FROM " . Web_Invoice::tablename('main') . " WHERE invoice_num = '" . $invoice_id . "'"); $profileuser = get_user_to_edit($invoice_info->user_id); if ($reminder) { $message = strip_tags(web_invoice_show_reminder_email($invoice_id)); $subject = strip_tags(preg_replace_callback('/(%([a-z_]+))/', 'web_invoice_email_apply_variables', get_option('web_invoice_email_send_reminder_subject'))); } else { $message = strip_tags(web_invoice_show_email($invoice_id)); $subject = strip_tags(preg_replace_callback('/(%([a-z_]+))/', 'web_invoice_email_apply_variables', get_option('web_invoice_email_send_invoice_subject'))); } $from = strip_tags(stripslashes(get_option("web_invoice_email_address"))); $from_name = strip_tags(stripslashes(get_option("web_invoice_business_name"))); $headers = "From: {$from_name} <{$from}>"; $message = html_entity_decode($message, ENT_QUOTES, 'UTF-8'); $attachments = array(web_invoice_pdf_file($invoice_id)); if (wp_mail($profileuser->user_email, $subject, $message, $headers, $attachments)) { $counter++; // Success in sending quantified. unlink($attachments[0]); web_invoice_update_log($invoice_id, 'contact', 'Invoice eMailed'); //make sent entry web_invoice_update_invoice_meta($invoice_id, "sent_date", date("Y-m-d", time())); } } return "Successfully sent {$counter} Web Invoices(s)."; } else { $invoice_id = $invoice_array; $invoice_info = $wpdb->get_row("SELECT * FROM " . Web_Invoice::tablename('main') . " WHERE invoice_num = '" . $invoice_array . "'"); $profileuser = get_userdata($invoice_info->user_id); if ($reminder) { $message = strip_tags(web_invoice_show_reminder_email($invoice_id)); $subject = strip_tags(preg_replace_callback('/(%([a-z_]+))/', 'web_invoice_email_apply_variables', get_option('web_invoice_email_send_reminder_subject'))); } else { $message = strip_tags(web_invoice_show_email($invoice_id)); $subject = strip_tags(preg_replace_callback('/(%([a-z_]+))/', 'web_invoice_email_apply_variables', get_option('web_invoice_email_send_invoice_subject'))); } $from = strip_tags(stripslashes(get_option("web_invoice_email_address"))); $from_name = strip_tags(stripslashes(get_option("web_invoice_business_name"))); $headers = "From: {$from_name} <{$from}>"; $message = html_entity_decode($message, ENT_QUOTES, 'UTF-8'); $attachments = array(web_invoice_pdf_file($invoice_id)); if (wp_mail($profileuser->user_email, $subject, $message, $headers, $attachments)) { unlink($attachments[0]); web_invoice_update_invoice_meta($invoice_id, "sent_date", date("Y-m-d", time())); web_invoice_update_log($invoice_id, 'contact', 'Invoice eMailed'); return "Web invoice sent successfully."; } else { return "There was a problem sending the invoice."; } } }
/** * Delete capability * * @global wpdb $wpdb * @global WP_Roles $wp_roles * @return string - information message */ public static function delete() { global $wpdb, $wp_roles; if (!current_user_can('ure_delete_capabilities')) { return esc_html__('Insufficient permissions to work with User Role Editor', 'user-role-editor'); } if (!isset($_POST['user_capability_id']) || empty($_POST['user_capability_id'])) { return 'Wrong Request'; } $lib = URE_Lib::get_instance(); $mess = ''; $capability_id = $_POST['user_capability_id']; $caps_to_remove = $lib->get_caps_to_remove(); if (!is_array($caps_to_remove) || count($caps_to_remove) == 0 || !isset($caps_to_remove[$capability_id])) { return sprintf(esc_html__('Error! You do not have permission to delete this capability: %s!', 'user-role-editor'), $capability_id); } // process users $usersId = $wpdb->get_col("SELECT {$wpdb->users}.ID FROM {$wpdb->users}"); foreach ($usersId as $user_id) { $user = get_user_to_edit($user_id); if ($user->has_cap($capability_id)) { $user->remove_cap($capability_id); } } // process roles foreach ($wp_roles->role_objects as $wp_role) { if ($wp_role->has_cap($capability_id)) { $wp_role->remove_cap($capability_id); } } $mess = sprintf(esc_html__('Capability %s was removed successfully', 'user-role-editor'), $capability_id); return $mess; }
function display_user_profile_fields() { global $wpdb, $user_id, $wpi_settings; $profileuser = get_user_to_edit($user_id); include $wpi_settings['admin']['ui_path'] . '/profile_page_content.php'; }
/** * Outputs profile form HTML * * Callback for "tml_display_profile" hook in method Theme_My_login_Template::display() * * @see Theme_My_Login_Template::display() * @since 6.0 * @access public * * @param object $template Reference to $theme_my_login_template object */ public function tml_display_profile(&$template) { global $current_user, $profileuser, $_wp_admin_css_colors, $wp_version; require_once ABSPATH . 'wp-admin/includes/user.php'; require_once ABSPATH . 'wp-admin/includes/misc.php'; if (isset($_GET['updated']) && 'true' == $_GET['updated']) { Theme_My_Login::get_object()->errors->add('profile_updated', __('Profile updated.'), 'message'); } $current_user = wp_get_current_user(); $profileuser = get_user_to_edit($current_user->ID); $user_role = reset($profileuser->roles); if (is_multisite() && empty($user_role)) { $user_role = 'subscriber'; } $_template = array(); // Allow template override via shortcode or template tag args if (!empty($template->options['profile_template'])) { $_template[] = $template->options['profile_template']; } // Allow role template overrid via shortcode or template tag args if (!empty($template->options["profile_template_{$user_role}"])) { $_template[] = $template->options["profile_template_{$user_role}"]; } // Role template $_template[] = "profile-form-{$user_role}.php"; // Default template $_template[] = 'profile-form.php'; // Load template $template->get_template($_template, true, compact('current_user', 'profileuser', 'user_role', '_wp_admin_css_colors', 'wp_version')); }
/** * Delete capability * * @global wpdb $wpdb * @global WP_Roles $wp_roles * @return string - information message */ protected function delete_capability() { global $wpdb, $wp_roles; $mess = ''; if (!empty($_POST['user_capability_id'])) { $capability_id = $_POST['user_capability_id']; $caps_to_remove = $this->get_caps_to_remove(); if (!is_array($caps_to_remove) || count($caps_to_remove) == 0 || !isset($caps_to_remove[$capability_id])) { return sprintf(__('Error! You do not have permission to delete this capability: %s!', 'ure'), $capability_id); } // process users $usersId = $wpdb->get_col("SELECT {$wpdb->users}.ID FROM {$wpdb->users}"); foreach ($usersId as $user_id) { $user = get_user_to_edit($user_id); if ($user->has_cap($capability_id)) { $user->remove_cap($capability_id); } } // process roles foreach ($wp_roles->role_objects as $wp_role) { if ($wp_role->has_cap($capability_id)) { $wp_role->remove_cap($capability_id); } } $mess = sprintf(__('Capability %s is removed successfully', 'ure'), $capability_id); } return $mess; }
<?php /* If you would like to edit this file, copy it to your current theme's directory and edit it there. Theme My Login will always look in your theme's directory first, before using this default template. */ $GLOBALS['current_user'] = $current_user = wp_get_current_user(); $GLOBALS['profileuser'] = $profileuser = get_user_to_edit($current_user->ID); $user_can_edit = false; foreach (array('posts', 'pages') as $post_cap) { $user_can_edit |= current_user_can("edit_{$post_cap}"); } ?> <div class="login profile" id="theme-my-login<?php $template->the_instance(); ?> "> <?php $template->the_action_template_message('profile'); ?> <?php $template->the_errors(); ?> <form id="your-profile" action="" method="post"> <?php wp_nonce_field('update-user_' . $current_user->ID); ?> <p> <input type="hidden" name="from" value="profile" /> <input type="hidden" name="checkuser_id" value="<?php
/** * Display the user's profile. * * @since 0.1.0 */ function wp_user_profiles_user_admin() { // Reset a bunch of global values wp_reset_vars(array('action', 'user_id', 'wp_http_referer')); // Get the user ID $user_id = !empty($_GET['user_id']) ? (int) $_GET['user_id'] : get_current_user_id(); // Get user $user = get_user_to_edit($user_id); /** * Backwards compatibility for JIT metaboxes * * @since 0.2.0 Use `wp_user_profiles_add_meta_boxes` instead */ do_action('add_meta_boxes', get_current_screen()->id, $user); // Remove possible query arguments $request_url = remove_query_arg(array('action', 'error', 'updated', 'spam', 'ham'), $_SERVER['REQUEST_URI']); // Setup form action URL $form_action_url = add_query_arg(array('action' => 'update'), $request_url); // Arbitrary notice execution point do_action('wp_user_profiles_admin_notices'); ?> <div class="wrap" id="wp-user-profiles-page"> <h1><?php // The page title echo esc_html($user->display_name); // Any arbitrary "page-title-action" class links do_action('wp_user_profiles_title_actions'); ?> </h1> <?php wp_user_profiles_admin_nav($user); ?> <form action="<?php echo esc_url($form_action_url); ?> " id="your-profile" method="post" novalidate="novalidate" <?php do_action('user_edit_form_tag'); ?> > <div id="poststuff"> <div id="post-body" class="metabox-holder columns-<?php echo 1 == get_current_screen()->get_columns() ? '1' : '2'; ?> "> <div id="postbox-container-1" class="postbox-container"> <?php do_meta_boxes(get_current_screen()->id, 'side', $user); ?> </div> <div id="postbox-container-2" class="postbox-container"> <?php do_meta_boxes(get_current_screen()->id, 'normal', $user); ?> <?php do_meta_boxes(get_current_screen()->id, 'advanced', $user); ?> </div> </div> </div> <input type="hidden" name="checkuser_id" value="<?php echo get_current_user_id(); ?> " /> <?php wp_nonce_field('closedpostboxes', 'closedpostboxesnonce', false); ?> <?php wp_nonce_field('meta-box-order', 'meta-box-order-nonce', false); ?> <?php wp_nonce_field('update-user_' . $user->ID); ?> </form> </div><!-- .wrap --> <?php }
/** * Display the user's profile. * * @since 2.0.0 */ public function user_admin() { if (!bp_current_user_can('bp_moderate') && empty($this->is_self_profile)) { die('-1'); } // Get the user ID. $user_id = $this->get_user_id(); $user = get_user_to_edit($user_id); // Construct title. if (true === $this->is_self_profile) { $title = __('Profile', 'buddypress'); } else { $title = __('Edit User', 'buddypress'); } // Construct URL for form. $request_url = remove_query_arg(array('action', 'error', 'updated', 'spam', 'ham'), $_SERVER['REQUEST_URI']); $form_action_url = add_query_arg('action', 'update', $request_url); $wp_http_referer = false; if (!empty($_REQUEST['wp_http_referer'])) { $wp_http_referer = remove_query_arg(array('action', 'updated'), $_REQUEST['wp_http_referer']); } // Prepare notice for admin. $notice = $this->get_user_notice(); if (!empty($notice)) { ?> <div <?php if ('updated' === $notice['class']) { ?> id="message" <?php } ?> class="<?php echo esc_attr($notice['class']); ?> "> <p><?php echo esc_html($notice['message']); ?> </p> <?php if (!empty($wp_http_referer) && 'updated' === $notice['class']) { ?> <p><a href="<?php echo esc_url($wp_http_referer); ?> "><?php esc_html_e('← Back to Users', 'buddypress'); ?> </a></p> <?php } ?> </div> <?php } ?> <div class="wrap" id="community-profile-page"> <h1><?php echo esc_html($title); ?> <?php if (empty($this->is_self_profile)) { ?> <?php if (current_user_can('create_users')) { ?> <a href="user-new.php" class="add-new-h2"><?php echo esc_html_x('Add New', 'user', 'buddypress'); ?> </a> <?php } elseif (is_multisite() && current_user_can('promote_users')) { ?> <a href="user-new.php" class="add-new-h2"><?php echo esc_html_x('Add Existing', 'user', 'buddypress'); ?> </a> <?php } ?> <?php } ?> </h1> <?php if (!empty($user)) { $this->profile_nav($user, 'BuddyPress'); ?> <form action="<?php echo esc_url($form_action_url); ?> " id="your-profile" method="post"> <div id="poststuff"> <div id="post-body" class="metabox-holder columns-<?php echo 1 == get_current_screen()->get_columns() ? '1' : '2'; ?> "> <div id="postbox-container-1" class="postbox-container"> <?php do_meta_boxes(get_current_screen()->id, 'side', $user); ?> </div> <div id="postbox-container-2" class="postbox-container"> <?php do_meta_boxes(get_current_screen()->id, 'normal', $user); ?> <?php do_meta_boxes(get_current_screen()->id, 'advanced', $user); ?> </div> </div><!-- #post-body --> </div><!-- #poststuff --> <?php wp_nonce_field('closedpostboxes', 'closedpostboxesnonce', false); ?> <?php wp_nonce_field('meta-box-order', 'meta-box-order-nonce', false); ?> <?php wp_nonce_field('edit-bp-profile_' . $user->ID); ?> </form> <?php } else { ?> <p><?php printf('%1$s <a href="%2$s">%3$s</a>', __('No user found with this ID.', 'buddypress'), esc_url(bp_get_admin_url('users.php')), __('Go back and try again.', 'buddypress')); ?> </p> <?php } ?> </div><!-- .wrap --> <?php }
/** * Outputs profile form HTML * * Callback for "tml_template_profile" hook in method Theme_My_login_Template::display() * * @see Theme_My_Login_Template::display() * @since 6.0 * @access public * * @param object $template Reference to $theme_my_login_template object */ function get_profile_form(&$template) { global $current_user, $profileuser, $_wp_admin_css_colors, $wp_version; $current_user = wp_get_current_user(); $profileuser = get_user_to_edit($current_user->ID); $role = reset($profileuser->roles); $_template = array(); // Allow template override via shortcode or template tag args if (!empty($template->options['profile_template'])) { $_template[] = $template->options['profile_template']; } // Role template if (!empty($template->options["profile_template_{$role}"])) { $_template[] = $template->options["profile_template_{$role}"]; } $_template[] = "profile-form-{$role}.php"; // Default template $_template[] = 'profile-form.php'; // Load template $template->get_template($_template, '', true, compact('current_user', 'profileuser', '_wp_admin_css_colors', 'wp_version')); }
} $sorter = new ure_TableSorter($column); $fullCapabilities = $sorter->sort($fullCapabilities); if ($ure_object == 'user') { if (!isset($_REQUEST['user_id'])) { $mess .= ' user_id value is missed'; return; } $user_id = $_REQUEST['user_id']; if (!is_numeric($user_id)) { return; } if (!$user_id) { return; } $ure_userToEdit = get_user_to_edit($user_id); if (empty($ure_userToEdit)) { return; } } if (isset($_POST['action']) && $_POST['action'] == 'update' && isset($_POST['user_role'])) { $ure_currentRole = $_POST['user_role']; $ure_capabilitiesToSave = array(); foreach ($fullCapabilities as $availableCapability) { $cap_id = str_replace(' ', URE_SPACE_REPLACER, $availableCapability['inner']); if (isset($_POST[$cap_id])) { $ure_capabilitiesToSave[$availableCapability['inner']] = 1; } } if ($ure_object == 'role') { // save role changes to database
protected function show_form_content() { $lca = $this->p->cf['lca']; if ($this->menu_lib === 'profile') { $user_id = get_current_user_id(); $profileuser = get_user_to_edit($user_id); $current_color = get_user_option('admin_color', $user_id); if (empty($current_color)) { $current_color = 'fresh'; } // match wordpress behavior (users page for admins, profile page for everyone else) $admin_url = current_user_can('list_users') ? $this->p->util->get_admin_url($this->menu_id, null, 'users') : $this->p->util->get_admin_url($this->menu_id, null, $this->menu_lib); echo '<form name="' . $lca . '" id="' . $lca . '_setting_form" action="user-edit.php" method="post">' . "\n"; echo '<input type="hidden" name="wp_http_referer" value="' . $admin_url . '" />' . "\n"; echo '<input type="hidden" name="action" value="update" />' . "\n"; echo '<input type="hidden" name="user_id" value="' . $user_id . '" />' . "\n"; echo '<input type="hidden" name="nickname" value="' . $profileuser->nickname . '" />' . "\n"; echo '<input type="hidden" name="email" value="' . $profileuser->user_email . '" />' . "\n"; echo '<input type="hidden" name="admin_color" value="' . $current_color . '" />' . "\n"; echo '<input type="hidden" name="rich_editing" value="' . $profileuser->rich_editing . '" />' . "\n"; echo '<input type="hidden" name="comment_shortcuts" value="' . $profileuser->comment_shortcuts . '" />' . "\n"; echo '<input type="hidden" name="admin_bar_front" value="' . _get_admin_bar_pref('front', $user_id) . '" />' . "\n"; wp_nonce_field('update-user_' . $user_id); } elseif ($this->menu_lib === 'setting' || $this->menu_lib === 'submenu') { echo '<form name="' . $lca . '" id="' . $lca . '_setting_form" action="options.php" method="post">' . "\n"; settings_fields($lca . '_setting'); } elseif ($this->menu_lib === 'sitesubmenu') { echo '<form name="' . $lca . '" id="' . $lca . '_setting_form" action="edit.php?action=' . NGFB_SITE_OPTIONS_NAME . '" method="post">' . "\n"; echo '<input type="hidden" name="page" value="' . $this->menu_id . '" />'; } else { return; } wp_nonce_field(self::get_nonce(), NGFB_NONCE); wp_nonce_field('closedpostboxes', 'closedpostboxesnonce', false); wp_nonce_field('meta-box-order', 'meta-box-order-nonce', false); do_meta_boxes($this->pagehook, 'normal', null); do_action($this->p->cf['lca'] . '_form_content_metaboxes_' . SucomUtil::sanitize_hookname($this->menu_id), $this->pagehook); switch ($this->menu_id) { case 'readme': case 'setup': case 'sitereadme': case 'sitesetup': break; default: if ($this->menu_lib === 'profile') { echo $this->get_submit_buttons(_x('Save All Profile Settings', 'submit button', 'nextgen-facebook')); } else { echo $this->get_submit_buttons(); } break; } echo '</form>', "\n"; }