$user_data['last_name'] = $fbuser['last_name'];
$user_data['display_name'] = $fbuser['first_name'];
$user_data['user_url'] = $fbuser["profile_url"];
$user_data['user_email'] = $fbuser["email"];
//Run a filter so the user can be modified to something different before registration
//NOTE: If the user has selected "pretty names", this'll change FB_xxx to i.e. "John.Smith"
$user_data = apply_filters('nxtfb_insert_user', $user_data, $fbuser);
$user_data = apply_filters('nxtfb_inserting_user', $user_data, array('nxt_ID' => $user_login_id, 'FB_ID' => $fb_uid, 'facebook' => $facebook, 'FB_UserData' => $fbuser));
//Insert a new user to our database and make sure it worked
$user_login_id = nxt_insert_user($user_data);
if (is_nxt_error($user_login_id)) {
j_die("Error: nxt_insert_user failed!<br/><br/>" . "If you get this error while running a nxtclass MultiSite installation, it means you'll need to purchase the <a href=\"{$jfb_homepage}#premium\">premium version</a> of this plugin to enable full MultiSite support.<br/><br/>" . "If you're <u><i>not</i></u> using MultiSite, please report this bug to the plugin author on the support page <a href=\"{$jfb_homepage}#feedback\">here</a>.<br /><br />" . "Error message: " . (function_exists(array(&$user_login_id, 'get_error_message')) ? $user_login_id->get_error_message() : "Undefined") . "<br />" . "nxt_ALLOW_MULTISITE: " . (defined('nxt_ALLOW_MULTISITE') ? constant('nxt_ALLOW_MULTISITE') : "Undefined") . "<br />" . "is_multisite: " . (function_exists('is_multisite') ? is_multisite() : "Undefined"));
}
//Success! Notify the site admin.
$user_login_name = $user_data['user_login'];
nxt_new_user_notification($user_login_name);
//Run an action so i.e. usermeta can be added to a user after registration
do_action('nxtfb_inserted_user', array('nxt_ID' => $user_login_id, 'FB_ID' => $fb_uid, 'facebook' => $facebook, 'nxt_UserData' => $user_data));
}
//Tag the user with our meta so we can recognize them next time, without resorting to email hashes
update_user_meta($user_login_id, $jfb_uid_meta_name, $fb_uid);
$jfb_log .= "nxt: Updated usermeta ({$jfb_uid_meta_name})\n";
//Also store the user's facebook avatar(s), in case the user wants to use them later
if ($fbuser['pic_square']) {
update_user_meta($user_login_id, 'facebook_avatar_thumb', $fbuser['pic_square']);
update_user_meta($user_login_id, 'facebook_avatar_full', $fbuser['pic_big']);
$jfb_log .= "nxt: Updated avatars (" . $fbuser['pic_square'] . ")\n";
} else {
update_user_meta($user_login_id, 'facebook_avatar_thumb', '');
update_user_meta($user_login_id, 'facebook_avatar_full', '');
$jfb_log .= "FB: User does not have a profile picture; clearing cached avatar (if present).\n";
/**
* Edit user settings based on contents of $_POST
*
* Used on user-edit.php and profile.php to manage and process user options, passwords etc.
*
* @since 2.0
*
* @param int $user_id Optional. User ID.
* @return int user id of the updated user
*/
function edit_user($user_id = 0)
{
global $nxt_roles, $nxtdb;
$user = new stdClass();
if ($user_id) {
$update = true;
$user->ID = (int) $user_id;
$userdata = get_userdata($user_id);
$user->user_login = $nxtdb->escape($userdata->user_login);
} else {
$update = false;
}
if (!$update && isset($_POST['user_login'])) {
$user->user_login = sanitize_user($_POST['user_login'], true);
}
$pass1 = $pass2 = '';
if (isset($_POST['pass1'])) {
$pass1 = $_POST['pass1'];
}
if (isset($_POST['pass2'])) {
$pass2 = $_POST['pass2'];
}
if (isset($_POST['role']) && current_user_can('edit_users')) {
$new_role = sanitize_text_field($_POST['role']);
$potential_role = isset($nxt_roles->role_objects[$new_role]) ? $nxt_roles->role_objects[$new_role] : false;
// Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
// Multisite super admins can freely edit their blog roles -- they possess all caps.
if (is_multisite() && current_user_can('manage_sites') || $user_id != get_current_user_id() || $potential_role && $potential_role->has_cap('edit_users')) {
$user->role = $new_role;
}
// If the new role isn't editable by the logged-in user die with error
$editable_roles = get_editable_roles();
if (!empty($new_role) && empty($editable_roles[$new_role])) {
nxt_die(__('You can’t give users that role.'));
}
}
if (isset($_POST['email'])) {
$user->user_email = sanitize_text_field($_POST['email']);
}
if (isset($_POST['url'])) {
if (empty($_POST['url']) || $_POST['url'] == 'http://') {
$user->user_url = '';
} else {
$user->user_url = esc_url_raw($_POST['url']);
$user->user_url = preg_match('/^(https?|ftps?|mailto|news|irc|gopher|nntp|feed|telnet):/is', $user->user_url) ? $user->user_url : 'http://' . $user->user_url;
}
}
if (isset($_POST['first_name'])) {
$user->first_name = sanitize_text_field($_POST['first_name']);
}
if (isset($_POST['last_name'])) {
$user->last_name = sanitize_text_field($_POST['last_name']);
}
if (isset($_POST['nickname'])) {
$user->nickname = sanitize_text_field($_POST['nickname']);
}
if (isset($_POST['display_name'])) {
$user->display_name = sanitize_text_field($_POST['display_name']);
}
if (isset($_POST['description'])) {
$user->description = trim($_POST['description']);
}
foreach (_nxt_get_user_contactmethods($user) as $method => $name) {
if (isset($_POST[$method])) {
$user->{$method} = sanitize_text_field($_POST[$method]);
}
}
if ($update) {
$user->rich_editing = isset($_POST['rich_editing']) && 'false' == $_POST['rich_editing'] ? 'false' : 'true';
$user->admin_color = isset($_POST['admin_color']) ? sanitize_text_field($_POST['admin_color']) : 'fresh';
$user->show_admin_bar_front = isset($_POST['admin_bar_front']) ? 'true' : 'false';
}
$user->comment_shortcuts = isset($_POST['comment_shortcuts']) && 'true' == $_POST['comment_shortcuts'] ? 'true' : '';
$user->use_ssl = 0;
if (!empty($_POST['use_ssl'])) {
$user->use_ssl = 1;
}
$errors = new nxt_Error();
/* checking that username has been typed */
if ($user->user_login == '') {
$errors->add('user_login', __('<strong>ERROR</strong>: Please enter a username.'));
}
/* checking the password has been typed twice */
do_action_ref_array('check_passwords', array($user->user_login, &$pass1, &$pass2));
if ($update) {
if (empty($pass1) && !empty($pass2)) {
$errors->add('pass', __('<strong>ERROR</strong>: You entered your new password only once.'), array('form-field' => 'pass1'));
} elseif (!empty($pass1) && empty($pass2)) {
$errors->add('pass', __('<strong>ERROR</strong>: You entered your new password only once.'), array('form-field' => 'pass2'));
}
} else {
if (empty($pass1)) {
$errors->add('pass', __('<strong>ERROR</strong>: Please enter your password.'), array('form-field' => 'pass1'));
} elseif (empty($pass2)) {
$errors->add('pass', __('<strong>ERROR</strong>: Please enter your password twice.'), array('form-field' => 'pass2'));
}
}
/* Check for "\" in password */
if (false !== strpos(stripslashes($pass1), "\\")) {
$errors->add('pass', __('<strong>ERROR</strong>: Passwords may not contain the character "\\".'), array('form-field' => 'pass1'));
}
/* checking the password has been typed twice the same */
if ($pass1 != $pass2) {
$errors->add('pass', __('<strong>ERROR</strong>: Please enter the same password in the two password fields.'), array('form-field' => 'pass1'));
}
if (!empty($pass1)) {
$user->user_pass = $pass1;
}
if (!$update && isset($_POST['user_login']) && !validate_username($_POST['user_login'])) {
$errors->add('user_login', __('<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.'));
}
if (!$update && username_exists($user->user_login)) {
$errors->add('user_login', __('<strong>ERROR</strong>: This username is already registered. Please choose another one.'));
}
/* checking e-mail address */
if (empty($user->user_email)) {
$errors->add('empty_email', __('<strong>ERROR</strong>: Please enter an e-mail address.'), array('form-field' => 'email'));
} elseif (!is_email($user->user_email)) {
$errors->add('invalid_email', __('<strong>ERROR</strong>: The e-mail address isn’t correct.'), array('form-field' => 'email'));
} elseif (($owner_id = email_exists($user->user_email)) && (!$update || $owner_id != $user->ID)) {
$errors->add('email_exists', __('<strong>ERROR</strong>: This email is already registered, please choose another one.'), array('form-field' => 'email'));
}
// Allow plugins to return their own errors.
do_action_ref_array('user_profile_update_errors', array(&$errors, $update, &$user));
if ($errors->get_error_codes()) {
return $errors;
}
if ($update) {
$user_id = nxt_update_user(get_object_vars($user));
} else {
$user_id = nxt_insert_user(get_object_vars($user));
nxt_new_user_notification($user_id, isset($_POST['send_password']) ? $pass1 : '');
}
return $user_id;
}
$action = $nxt_list_table->current_action();
if ($action) {
switch_to_blog($id);
switch ($action) {
case 'newuser':
check_admin_referer('add-user', '_nxtnonce_add-new-user');
$user = $_POST['user'];
if (!is_array($_POST['user']) || empty($user['username']) || empty($user['email'])) {
$update = 'err_new';
} else {
$password = nxt_generate_password(12, false);
$user_id = nxtmu_create_user(esc_html(strtolower($user['username'])), $password, esc_html($user['email']));
if (false == $user_id) {
$update = 'err_new_dup';
} else {
nxt_new_user_notification($user_id, $password);
add_user_to_blog($id, $user_id, $_POST['new_role']);
$update = 'newuser';
}
}
break;
case 'adduser':
check_admin_referer('add-user', '_nxtnonce_add-user');
if (!empty($_POST['newuser'])) {
$update = 'adduser';
$newuser = $_POST['newuser'];
$userid = $nxtdb->get_var($nxtdb->prepare("SELECT ID FROM " . $nxtdb->users . " WHERE user_login = %s", $newuser));
if ($userid) {
$user = $nxtdb->get_var("SELECT user_id FROM " . $nxtdb->usermeta . " WHERE user_id='{$userid}' AND meta_key='{$blog_prefix}capabilities'");
if ($user == false) {
add_user_to_blog($id, $userid, $_POST['new_role']);
/**
* Create a new NXTClass user with the specified identity URL and user data.
*
* @param string $identity_url OpenID to associate with the newly
* created account
* @param array $user_data array of user data
*/
function openid_create_new_user($identity_url, &$user_data)
{
global $nxtdb;
// Identity URL is new, so create a user
@(include_once ABSPATH . 'nxt-admin/upgrade-functions.php');
// 2.1
@(include_once ABSPATH . nxtINC . '/registration-functions.php');
// 2.0.4
// otherwise, try to use preferred username
if (empty($username) && array_key_exists('nickname', $user_data)) {
$username = openid_generate_new_username($user_data['nickname'], false);
}
// finally, build username from OpenID URL
if (empty($username)) {
$username = openid_generate_new_username($identity_url);
}
$user_data['user_login'] = $username;
$user_data['user_pass'] = substr(md5(uniqid(microtime())), 0, 7);
$user_id = nxt_insert_user($user_data);
if ($user_id) {
// created ok
$user_data['ID'] = $user_id;
// XXX this all looks redundant, see openid_set_current_user
$user = new nxt_User($user_id);
if (!nxt_login($user->user_login, $user_data['user_pass'])) {
openid_message(__('User was created fine, but nxt_login() for the new user failed. This is probably a bug.', 'openid'));
openid_status('error');
openid_error(openid_message());
return;
}
// notify of user creation
nxt_new_user_notification($user->user_login);
nxt_clearcookie();
nxt_setcookie($user->user_login, md5($user->user_pass), true, '', '', true);
// Bind the provided identity to the just-created user
openid_add_user_identity($user_id, $identity_url);
openid_status('redirect');
if (!$user->has_cap('edit_posts')) {
$redirect_to = '/nxt-admin/profile.php';
}
} else {
// failed to create user for some reason.
openid_message(__('OpenID authentication successful, but failed to create NXTClass user. This is probably a bug.', 'openid'));
openid_status('error');
openid_error(openid_message());
}
}
function bp_core_activate_signup($key)
{
global $bp, $nxtdb;
$user = false;
// Multisite installs have their own activation routine
if (is_multisite()) {
$user = nxtmu_activate_signup($key);
// If there were errors, add a message and redirect
if (!empty($user->errors)) {
return $user;
}
$user_id = $user['user_id'];
// Set any profile data
if (bp_is_active('xprofile')) {
if (!empty($user['meta']['profile_field_ids'])) {
$profile_field_ids = explode(',', $user['meta']['profile_field_ids']);
foreach ((array) $profile_field_ids as $field_id) {
$current_field = isset($user['meta']["field_{$field_id}"]) ? $user['meta']["field_{$field_id}"] : false;
if (!empty($current_field)) {
xprofile_set_field_data($field_id, $user_id, $current_field);
}
}
}
}
} else {
// Get the user_id based on the $key
$user_id = $nxtdb->get_var($nxtdb->prepare("SELECT user_id FROM {$nxtdb->usermeta} WHERE meta_key = 'activation_key' AND meta_value = %s", $key));
if (empty($user_id)) {
return new nxt_Error('invalid_key', __('Invalid activation key', 'buddypress'));
}
// Change the user's status so they become active
if (!$nxtdb->query($nxtdb->prepare("UPDATE {$nxtdb->users} SET user_status = 0 WHERE ID = %d", $user_id))) {
return new nxt_Error('invalid_key', __('Invalid activation key', 'buddypress'));
}
// Notify the site admin of a new user registration
nxt_new_user_notification($user_id);
// Remove the activation key meta
delete_user_meta($user_id, 'activation_key');
}
// Update the display_name
nxt_update_user(array('ID' => $user_id, 'display_name' => bp_core_get_user_displayname($user_id)));
// Set the password on multisite installs
if (is_multisite() && !empty($user['meta']['password'])) {
$nxtdb->query($nxtdb->prepare("UPDATE {$nxtdb->users} SET user_pass = %s WHERE ID = %d", $user['meta']['password'], $user_id));
}
// Delete the total member cache
nxt_cache_delete('bp_total_member_count', 'bp');
do_action('bp_core_activated_user', $user_id, $key, $user);
return $user_id;
}
function do_subscription_shortcode($atts, $content = null, $code = "")
{
global $nxt_query;
$error = array();
$page = addslashes($_REQUEST['action']);
$M_options = get_option('membership_options', array());
switch ($page) {
case 'validatepage1':
// Page 1 of the form has been submitted - validate
include_once ABSPATH . nxtINC . '/registration.php';
$required = array('user_login' => __('Username', 'membership'), 'user_email' => __('Email address', 'membership'), 'user_email2' => __('Email address confirmation', 'membership'), 'password' => __('Password', 'membership'), 'password2' => __('Password confirmation', 'membership'));
$error = array();
foreach ($required as $key => $message) {
if (empty($_POST[$key])) {
$error[] = __('Please ensure that the ', 'membership') . "<strong>" . $message . "</strong>" . __(' information is completed.', 'membership');
}
}
if ($_POST['user_email'] != $_POST['user_email2']) {
$error[] = __('Please ensure the email addresses match.', 'membership');
}
if ($_POST['password'] != $_POST['password2']) {
$error[] = __('Please ensure the passwords match.', 'membership');
}
if (username_exists(sanitize_user($_POST['user_login']))) {
$error[] = __('That username is already taken, sorry.', 'membership');
}
if (email_exists($_POST['user_email'])) {
$error[] = __('That email address is already taken, sorry.', 'membership');
}
if (function_exists('get_site_option')) {
$terms = get_site_option('signup_tos_data');
} else {
$terms = '';
}
if (!empty($terms)) {
if (empty($_POST['tosagree'])) {
$error[] = __('You need to agree to the terms of service to register.', 'membership');
}
}
$error = apply_filters('membership_subscription_form_before_registration_process', $error);
if (empty($error)) {
// Pre - error reporting check for final add user
$user_id = nxt_create_user(sanitize_user($_POST['user_login']), $_POST['password'], $_POST['user_email']);
if (is_nxt_error($user_id) && method_exists($userid, 'get_error_message')) {
$error[] = $userid->get_error_message();
} else {
$member = new M_Membership($user_id);
if (empty($M_options['enableincompletesignups']) || $M_options['enableincompletesignups'] != 'yes') {
$member->deactivate();
}
if (has_action('membership_susbcription_form_registration_notification')) {
do_action('membership_susbcription_form_registration_notification', $user_id, $_POST['password']);
} else {
nxt_new_user_notification($user_id, $_POST['password']);
}
}
}
do_action('membership_subscription_form_registration_process', $error, $user_id);
if (!empty($error)) {
$content .= "<div class='error'>";
$content .= implode('<br/>', $error);
$content .= "</div>";
$content .= $this->show_subpage_one(true);
} else {
// everything seems fine (so far), so we have our queued user so let's
// look at picking a subscription.
$content .= $this->show_subpage_two($user_id);
}
break;
case 'validatepage1bp':
global $bp;
include_once ABSPATH . nxtINC . '/registration.php';
$required = array('signup_username' => __('Username', 'membership'), 'signup_email' => __('Email address', 'membership'), 'signup_password' => __('Password', 'membership'), 'signup_password_confirm' => __('Password confirmation', 'membership'));
$error = array();
foreach ($required as $key => $message) {
if (empty($_POST[$key])) {
$error[] = __('Please ensure that the ', 'membership') . "<strong>" . $message . "</strong>" . __(' information is completed.', 'membership');
}
}
if ($_POST['signup_password'] != $_POST['signup_password_confirm']) {
$error[] = __('Please ensure the passwords match.', 'membership');
}
if (username_exists(sanitize_user($_POST['signup_username']))) {
$error[] = __('That username is already taken, sorry.', 'membership');
}
if (email_exists($_POST['signup_email'])) {
$error[] = __('That email address is already taken, sorry.', 'membership');
}
$meta_array = array();
// xprofile required fields
/* Now we've checked account details, we can check profile information */
if (function_exists('xprofile_check_is_required_field')) {
/* Make sure hidden field is passed and populated */
if (isset($_POST['signup_profile_field_ids']) && !empty($_POST['signup_profile_field_ids'])) {
/* Let's compact any profile field info into an array */
$profile_field_ids = explode(',', $_POST['signup_profile_field_ids']);
/* Loop through the posted fields formatting any datebox values then validate the field */
foreach ((array) $profile_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (isset($_POST['field_' . $field_id . '_day'])) {
$_POST['field_' . $field_id] = strtotime($_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year']);
}
}
/* Create errors for required fields without values */
if (xprofile_check_is_required_field($field_id) && empty($_POST['field_' . $field_id])) {
$field = new BP_Xprofile_Field($field_id);
$error[] = __('Please ensure that the ', 'membership') . "<strong>" . $field->name . "</strong>" . __(' information is completed.', 'membership');
}
$meta_array[$field_id] = $_POST['field_' . $field_id];
}
}
}
$error = apply_filters('membership_subscription_form_before_registration_process', $error);
if (empty($error)) {
// Pre - error reporting check for final add user
$user_id = nxt_create_user(sanitize_user($_POST['signup_username']), $_POST['signup_password'], $_POST['signup_email']);
if (is_nxt_error($user_id) && method_exists($userid, 'get_error_message')) {
$error[] = $userid->get_error_message();
} else {
$member = new M_Membership($user_id);
if (empty($M_options['enableincompletesignups']) || $M_options['enableincompletesignups'] != 'yes') {
$member->deactivate();
}
if (has_action('membership_susbcription_form_registration_notification')) {
do_action('membership_susbcription_form_registration_notification', $user_id, $_POST['password']);
} else {
nxt_new_user_notification($user_id, $_POST['signup_password']);
}
foreach ((array) $meta_array as $field_id => $field_content) {
if (function_exists('xprofile_set_field_data')) {
xprofile_set_field_data($field_id, $user_id, $field_content);
}
}
}
}
do_action('membership_subscription_form_registration_process', $error, $user_id);
if (!empty($error)) {
$content .= "<div class='error'>";
$content .= implode('<br/>', $error);
$content .= "</div>";
$content .= $this->show_subpage_one(true);
} else {
// everything seems fine (so far), so we have our queued user so let's
// look at picking a subscription.
$content .= $this->show_subpage_two($user_id);
}
break;
case 'validatepage2':
$content = apply_filters('membership_subscription_form_subscription_process', $content, $error);
break;
case 'page2':
case 'page1':
default:
if (!is_user_logged_in()) {
$content .= $this->show_subpage_one();
} else {
// logged in check for sub
$user = nxt_get_current_user();
$member = new M_Membership($user->ID);
if ($member->is_member()) {
// This person is a member - display already registered stuff
$content .= $this->show_subpage_member();
} else {
// Show page two;
$content .= $this->show_subpage_two($user->ID);
}
}
break;
}
$content = apply_filters('membership_subscription_form', $content);
return $content;
}
