/**
* Creates a new user with args passed through an array or string of arguments.
*
* wp_nonce_field( 'register' ) must be used on the register form
*
* @param: username [string] - The desired username for the new user
* @param: email [string] - The desired email address for the new user
* @param: use_password [bool] [default: false] - Whether to specify a password on registration
* @param: password [string] - If use_password is true, the desired password for the new user
* @param: use_tos [bool] [default: true] - Whether the user needs to accept Terms of Service
* @param: tos [string] - If use_tos is true, the value to the accept Terms of Service checkbox
* @param: unique_email [bool] [default: false] - Set to true if only one username is allowed per email address
* @param: do_redirect [bool] [default: true] Whether to redirect the user after registration is complete
* @param: redirect [string] [default: User Profile Page] - The url to redirect the user to after successful login
* @param: send_email [bool] [default: true] Whether to send an email containing the username and password of the newly registered user
* @param: profile_info [array] [dafault: false] An array containing values to be used in wp_update_user() such as first_name, last_name
* @param: validate [bool] [default: true]
* @param: require_verify_email [bool] [default: false] Sends the user an email with a Activate Account link to activate their account
* @param: override_nonce [bool] [default: false] Bypasses the nonce check, not recommended in most situations
*
* @return: Int ID, the ID of the newly registered user [on error returns error string] or WP_Error
*/
function hma_new_user($args)
{
if (is_user_logged_in()) {
hm_error_message('You are already logged in', 'register');
return new WP_Error('already-logged-in');
}
$checks = array('use_password' => false, 'tos' => '', 'use_tos' => true, 'unique_email' => false, 'do_redirect' => true, 'do_login' => false, 'redirect' => '', 'send_email' => false, 'override_nonce' => false);
$defaults = array('user_login' => '', 'user_email' => '', 'user_pass' => false, 'role' => 'subscriber', 'validate' => true);
$original_args = $args;
$default_args = array_merge($defaults, $checks);
$args = wp_parse_args($args, $default_args);
extract($args, EXTR_SKIP);
$validation = apply_filters('hma_registration_info', $args);
unset($args['user_pass2']);
unset($original_args['user_pass2']);
unset($user_pass2);
if (is_wp_error($validation) && $validate == true) {
return $validation;
}
// Merge arrays overwritting defaults, remove any non-standard keys keys with empty values.
$user_vars = array_filter(array('user_login' => $user_login, 'user_pass' => $user_pass, 'user_email' => $user_email, 'display_name' => $display_name));
// Check for require_verify_email, send email and store temp data
if ($require_verify_email) {
$original_args['require_verify_email'] = false;
$unverified_users = (array) get_option('unverified_users');
$unverified_users[time()] = $original_args;
update_option('unverified_users', $unverified_users);
$message = "Please click the link below to activate your account for " . get_bloginfo() . "\n \n";
$message .= '<a href="' . get_bloginfo('url') . '/login/?verify_email=' . $user_vars['user_email'] . '&key=' . time() . '">' . get_bloginfo('url') . '/login/?verify_email=' . $user_vars['user_email'] . '&key=' . time() . '</a>';
$headers = 'From: ' . get_bloginfo() . ' <noreply@' . get_bloginfo('url') . '>' . "\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1 \r\n\r\n";
wp_mail($user_vars['user_email'], 'Please activate your account for ' . get_bloginfo(), $message, $headers);
return hm_return_success('sent-email-activation', '<p class="message success">You have been sent an activation email, please follow the link in the email sent to ' . $user_vars['user_email'] . '</p>');
}
$user_id = wp_insert_user($user_vars);
if (!$user_id || is_wp_error($user_id)) {
return $user_id;
}
// Setup the users role
if ($role) {
$user = new WP_User($user_id);
$user->set_role($role);
}
// Get any remaining variable that were passed
$meta_vars = array_diff_key($original_args, $defaults, $checks, $user_vars);
foreach ((array) $meta_vars as $key => $value) {
if (hma_is_profile_field($key) || !hma_custom_profile_fields()) {
update_user_meta($user_id, $key, $value);
}
}
$user = get_userdata($user_id);
// Send Notifcation email if specified
if ($send_email) {
$email = hma_email_registration_success($user, $user_pass);
}
// If they chose a password, login them in
if (($use_password == 'true' || $do_login == true) && !empty($user->ID)) {
wp_login($user->user_login, $user_pass);
wp_clearcookie();
wp_setcookie($user->user_login, $user_pass, false);
do_action('wp_login', $user->user_login);
wp_set_current_user($user->ID);
}
// Redirect the user if is set
if ($redirect !== '' && !empty($user->ID) && $do_redirect == true) {
wp_redirect($redirect);
exit;
}
do_action('hma_registered_user', $user);
return $user_id;
}
/**
* Process the edit profile form submission
*
* @return null
*/
function hma_profile_submitted()
{
check_admin_referer('hma_profile_submitted');
$current_user = wp_get_current_user();
// check the user is logged in
if (!is_user_logged_in()) {
return;
}
// Loop through all data and only user user_* fields or fields which have been registered using hma_register_profile_field
foreach ($_POST as $key => $value) {
if (!hma_is_profile_field($key) && hma_custom_profile_fields() || !hma_custom_profile_fields() && strpos($key, 'user_') !== 0) {
continue;
}
$user_data[$key] = is_string($value) ? esc_attr($value) : array_map('esc_attr', $value);
}
// Check that the passwords match if they were $_POST'd
if (!empty($_POST['user_pass']) && isset($_POST['user_pass2']) && $_POST['user_pass'] !== $_POST['user_pass2']) {
hm_error_message('The passwords you entered do not match', 'update-user');
return;
}
if (!empty($_POST['user_pass'])) {
$user_data['user_pass'] = esc_attr($_POST['user_pass']);
}
if (!empty($_POST['user_email'])) {
$user_data['user_email'] = esc_attr($_POST['user_email']);
}
$user_data['ID'] = $current_user->ID;
if (isset($_POST['first_name'])) {
$user_data['first_name'] = esc_attr($_POST['first_name']);
}
if (isset($_POST['last_name'])) {
$user_data['last_name'] = esc_attr($_POST['last_name']);
}
if (isset($_POST['nickname'])) {
$user_data['nickname'] = esc_attr($_POST['nickname']);
}
$user_data['user_login'] = $current_user->user_login;
if (isset($_POST['description'])) {
$user_data['description'] = esc_attr($_POST['description']);
}
if (isset($_POST['display_name'])) {
$name = trim($_POST['display_name']);
$match = preg_match_all('/([\\S^\\,]*)/', esc_attr($_POST['display_name']), $matches);
foreach (array_filter((array) $matches[0]) as $match) {
$name = trim(str_replace($match, $user_data[$match], $name));
}
$user_data['display_name'] = $name;
$user_data['display_name_preference'] = esc_attr($_POST['display_name']);
}
if (!empty($_FILES['user_avatar']['name'])) {
$user_data['user_avatar'] = esc_attr($_FILES['user_avatar']);
}
$success = hma_update_user_info($user_data);
// Unlink any SSO providers
if (!is_wp_error($success) && !empty($_POST['unlink_sso_providers']) && array_filter((array) $_POST['unlink_sso_providers'])) {
if (empty($user_data['user_pass'])) {
hm_error_message('The social network(s) could not be unlinked because you did not enter your password', 'update-user');
} else {
foreach (array_filter((array) $_POST['unlink_sso_providers']) as $sso_provider_id) {
$sso_provider = hma_get_sso_provider($sso_provider_id);
$sso_provider->unlink();
}
}
}
if ($_POST['redirect_to']) {
$redirect = esc_attr($_POST['redirect_to']);
} elseif ($_POST['referer']) {
$redirect = esc_attr($_POST['referer']);
} elseif (wp_get_referer()) {
$redirect = wp_get_referer();
} else {
$redirect = get_bloginfo('edit_profile_url', 'display');
}
do_action('hma_update_user_profile_completed', $redirect);
wp_redirect(add_query_arg('message', is_wp_error($success) ? $success->get_error_code() : '1', $redirect));
exit;
}
