/**
* Action method for completing the 'login' action. This action is used when a user is logging in from
* nxt-login.php.
*
* @param string $identity_url verified OpenID URL
*/
function openid_finish_login($identity_url, $action)
{
if ($action != 'login') {
return;
}
// create new user account if appropriate
$user_id = get_user_by_openid($identity_url);
if ($identity_url && !$user_id && get_option('users_can_register')) {
$user_data =& openid_get_user_data($identity_url);
openid_create_new_user($identity_url, $user_data);
}
// return to nxt-login page
$url = get_option('siteurl') . '/nxt-login.php';
if (empty($identity_url)) {
$url = add_query_arg('openid_error', openid_message(), $url);
}
$url = add_query_arg(array('finish_openid' => 1, 'identity_url' => urlencode($identity_url), 'redirect_to' => $_SESSION['openid_finish_url'], '_nxtnonce' => nxt_create_nonce('openid_login_' . md5($identity_url))), $url);
nxt_safe_redirect($url);
exit;
}
/**
* Saves option for number of rows when listing posts, pages, comments, etc.
*
* @since 2.8
**/
function set_screen_options()
{
if (isset($_POST['nxt_screen_options']) && is_array($_POST['nxt_screen_options'])) {
check_admin_referer('screen-options-nonce', 'screenoptionnonce');
if (!($user = nxt_get_current_user())) {
return;
}
$option = $_POST['nxt_screen_options']['option'];
$value = $_POST['nxt_screen_options']['value'];
if (!preg_match('/^[a-z_-]+$/', $option)) {
return;
}
$option = str_replace('-', '_', $option);
$map_option = $option;
$type = str_replace('edit_', '', $map_option);
$type = str_replace('_per_page', '', $type);
if (in_array($type, get_post_types())) {
$map_option = 'edit_per_page';
}
if (in_array($type, get_taxonomies())) {
$map_option = 'edit_tags_per_page';
}
switch ($map_option) {
case 'edit_per_page':
case 'users_per_page':
case 'edit_comments_per_page':
case 'upload_per_page':
case 'edit_tags_per_page':
case 'plugins_per_page':
// Network admin
// Network admin
case 'sites_network_per_page':
case 'users_network_per_page':
case 'site_users_network_per_page':
case 'plugins_network_per_page':
case 'themes_network_per_page':
case 'site_themes_network_per_page':
$value = (int) $value;
if ($value < 1 || $value > 999) {
return;
}
break;
default:
$value = apply_filters('set-screen-option', false, $option, $value);
if (false === $value) {
return;
}
break;
}
update_user_meta($user->ID, $option, $value);
nxt_safe_redirect(remove_query_arg(array('pagenum', 'apage', 'paged'), nxt_get_referer()));
exit;
}
}
case 'unmatureblog':
check_admin_referer('unmatureblog');
if (!current_user_can('manage_sites')) {
nxt_die(__('You do not have permission to access this page.'));
}
update_blog_status($id, 'mature', '0');
nxt_safe_redirect(add_query_arg(array('updated' => 'true', 'action' => 'unmature'), nxt_get_referer()));
exit;
break;
case 'matureblog':
check_admin_referer('matureblog');
if (!current_user_can('manage_sites')) {
nxt_die(__('You do not have permission to access this page.'));
}
update_blog_status($id, 'mature', '1');
nxt_safe_redirect(add_query_arg(array('updated' => 'true', 'action' => 'mature'), nxt_get_referer()));
exit;
break;
// Common
// Common
case 'confirm':
check_admin_referer('confirm');
if (!headers_sent()) {
nocache_headers();
header('Content-Type: text/html; charset=utf-8');
}
if ($current_site->blog_id == $id) {
nxt_die(__('You are not allowed to change the current site.'));
}
?>
<!DOCTYPE html>
nxt_safe_redirect(add_query_arg('error', 'none', $referer));
exit;
}
$main_theme = get_current_theme();
$files_to_delete = $theme_info = array();
foreach ($themes as $key => $theme) {
$data = get_theme_data(nxt_CONTENT_DIR . '/themes/' . $theme . '/style.css');
if ($data['Name'] == $main_theme) {
unset($themes[$key]);
} else {
$files_to_delete = array_merge($files_to_delete, list_files(nxt_CONTENT_DIR . "/themes/{$theme}"));
$theme_info[$theme] = $data;
}
}
if (empty($themes)) {
nxt_safe_redirect(add_query_arg('error', 'main', $referer));
exit;
}
include ABSPATH . 'nxt-admin/update.php';
$parent_file = 'themes.php';
if (!isset($_REQUEST['verify-delete'])) {
nxt_enqueue_script('jquery');
require_once ABSPATH . 'nxt-admin/admin-header.php';
?>
<div class="wrap">
<?php
$themes_to_delete = count($themes);
screen_icon();
echo '<h2>' . _n('Delete Theme', 'Delete Themes', $themes_to_delete) . '</h2>';
?>
<div class="error"><p><strong><?php
nxt_die(__('Cheatin’ uh?'));
}
$user = new nxt_User($user_id);
$user->set_role($_REQUEST['new_role']);
}
} else {
$update = 'err_promote';
}
break;
}
restore_current_blog();
nxt_safe_redirect(add_query_arg('update', $update, $referer));
exit;
}
if (isset($_GET['action']) && 'update-site' == $_GET['action']) {
nxt_safe_redirect($referer);
exit;
}
add_screen_option('per_page', array('label' => _x('Users', 'users per page (screen options)')));
$site_url_no_http = preg_replace('#^http(s)?://#', '', get_blogaddress_by_id($id));
$title_site_url_linked = sprintf(__('Edit Site: <a href="%1$s">%2$s</a>'), get_blogaddress_by_id($id), $site_url_no_http);
$title = sprintf(__('Edit Site: %s'), $site_url_no_http);
$parent_file = 'sites.php';
$submenu_file = 'sites.php';
require '../admin-header.php';
?>
<div class="wrap">
<?php
screen_icon('ms-admin');
?>
function redirect()
{
global $M_options;
$url = get_permalink((int) $M_options['nocontent_page']);
nxt_safe_redirect($url);
exit;
}
}
}
update_user_status($val, 'spam', '1');
break;
case 'notspam':
$userfunction = 'all_notspam';
$blogs = get_blogs_of_user($val, true);
foreach ((array) $blogs as $key => $details) {
update_blog_status($details->userblog_id, 'spam', '0');
}
update_user_status($val, 'spam', '0');
break;
}
}
}
nxt_safe_redirect(add_query_arg(array('updated' => 'true', 'action' => $userfunction), nxt_get_referer()));
} else {
$location = network_admin_url('users.php');
if (!empty($_REQUEST['paged'])) {
$location = add_query_arg('paged', (int) $_REQUEST['paged'], $location);
}
nxt_redirect($location);
}
exit;
break;
case 'dodelete':
check_admin_referer('ms-users-delete');
if (!(current_user_can('manage_network_users') && current_user_can('delete_users'))) {
nxt_die(__('You do not have permission to access this page.'));
}
if (!empty($_POST['blog']) && is_array($_POST['blog'])) {
<?php
/**
* Creates the password cookie and redirects back to where the
* visitor was before.
*
* @package NXTClass
*/
/** Make sure that the NXTClass bootstrap has run before continuing. */
require dirname(__FILE__) . '/nxt-load.php';
// 10 days
setcookie('nxt-postpass_' . COOKIEHASH, stripslashes($_POST['post_password']), time() + 864000, COOKIEPATH);
nxt_safe_redirect(nxt_get_referer());
exit;
if ($unspammed) {
$redirect_to = add_query_arg('unspammed', $unspammed, $redirect_to);
}
if ($trashed) {
$redirect_to = add_query_arg('trashed', $trashed, $redirect_to);
}
if ($untrashed) {
$redirect_to = add_query_arg('untrashed', $untrashed, $redirect_to);
}
if ($deleted) {
$redirect_to = add_query_arg('deleted', $deleted, $redirect_to);
}
if ($trashed || $spammed) {
$redirect_to = add_query_arg('ids', join(',', $comment_ids), $redirect_to);
}
nxt_safe_redirect($redirect_to);
exit;
} elseif (!empty($_GET['_nxt_http_referer'])) {
nxt_redirect(remove_query_arg(array('_nxt_http_referer', '_nxtnonce'), stripslashes($_SERVER['REQUEST_URI'])));
exit;
}
$nxt_list_table->prepare_items();
nxt_enqueue_script('admin-comments');
enqueue_comment_hotkeys_js();
if ($post_id) {
$title = sprintf(__('Comments on “%s”'), nxt_html_excerpt(_draft_or_post_title($post_id), 50));
} else {
$title = __('Comments');
}
add_screen_option('per_page', array('label' => _x('Comments', 'comments per page (screen options)')));
get_current_screen()->add_help_tab(array('id' => 'overview', 'title' => __('Overview'), 'content' => '<p>' . __('You can manage comments made on your site similar to the way you manage posts and other content. This screen is customizable in the same ways as other management screens, and you can act on comments using the on-hover action links or the Bulk Actions.') . '</p>'));
/**
* wooframework_ajax_banner_close function.
*
* @access public
* @since 1.0.0
*/
function wooframework_ajax_banner_close()
{
if (!current_user_can('install_plugins')) {
nxt_die(__('You do not have sufficient permissions to access this page.', 'woothemes'));
}
if (!check_admin_referer('wooframework_banner_close')) {
nxt_die(__('You have taken too long. Please go back and retry.', 'woothemes'));
}
$banner = isset($_GET['banner']) ? $_GET['banner'] : '';
if (!$banner) {
die;
}
// Run the update.
$response = set_user_setting('wooframeworkhidebanner' . $banner, '1');
$sendback = remove_query_arg(array('trashed', 'untrashed', 'deleted', 'ids'), nxt_get_referer());
nxt_safe_redirect($sendback);
exit;
}
function handle_ping_updates()
{
global $action, $page, $pings;
nxt_reset_vars(array('action', 'page'));
$pings = $this->get_pings();
if (isset($_GET['doaction']) || isset($_GET['doaction2'])) {
if (addslashes($_GET['action']) == 'delete' || addslashes($_GET['action2']) == 'delete') {
$action = 'bulk-delete';
}
}
switch (addslashes($action)) {
case 'added':
check_admin_referer('add-ping');
$ping =& new M_Ping(0);
if (!M_can_add_pings()) {
nxt_safe_redirect(add_query_arg('msg', 4, 'admin.php?page=' . $page));
} else {
if ($ping->add()) {
nxt_safe_redirect(add_query_arg('msg', 3, 'admin.php?page=' . $page));
} else {
nxt_safe_redirect(add_query_arg('msg', 4, 'admin.php?page=' . $page));
}
}
break;
case 'updated':
$id = (int) $_POST['ID'];
check_admin_referer('update-ping-' . $id);
if ($id) {
$ping =& new M_Ping($id);
if ($ping->update()) {
nxt_safe_redirect(add_query_arg('msg', 1, 'admin.php?page=' . $page));
} else {
nxt_safe_redirect(add_query_arg('msg', 2, 'admin.php?page=' . $page));
}
} else {
nxt_safe_redirect(add_query_arg('msg', 2, 'admin.php?page=' . $page));
}
break;
case 'delete':
if (isset($_GET['ping'])) {
$id = (int) $_GET['ping'];
check_admin_referer('delete-ping_' . $id);
$ping =& new M_Ping($id);
if ($ping->delete()) {
nxt_safe_redirect(add_query_arg('msg', 5, nxt_get_referer()));
} else {
nxt_safe_redirect(add_query_arg('msg', 6, nxt_get_referer()));
}
}
break;
case 'bulk-delete':
check_admin_referer('bulk-pings');
foreach ($_GET['pingcheck'] as $value) {
if (is_numeric($value)) {
$id = (int) $value;
$ping =& new M_Ping($id);
$ping->delete();
}
}
nxt_safe_redirect(add_query_arg('msg', 7, nxt_get_referer()));
break;
case 'history':
$history = (int) $_GET['history'];
if (isset($_GET['resend'])) {
switch ($_GET['resend']) {
case 'new':
$ping = new M_Ping(false);
$ping->resend_historic_ping($history, true);
nxt_safe_redirect(add_query_arg('msg', 1, nxt_get_referer()));
break;
case 'over':
$ping = new M_Ping(false);
$ping->resend_historic_ping($history, false);
nxt_safe_redirect(add_query_arg('msg', 1, nxt_get_referer()));
break;
}
}
break;
}
}
function show_noaccess_page($nxt_query, $forceviewing = false)
{
global $M_options;
if (!empty($nxt_query->queried_object_id) && !empty($M_options['registration_page']) && $nxt_query->queried_object_id == $M_options['registration_page']) {
// We know what we are looking at, the registration page has been set and we are trying to access it
return;
}
if (!empty($nxt_query->queried_object_id) && !empty($M_options['account_page']) && $nxt_query->queried_object_id == $M_options['account_page']) {
// We know what we are looking at, the registration page has been set and we are trying to access it
return;
}
if (!empty($nxt_query->queried_object_id) && !empty($M_options['nocontent_page']) && $nxt_query->queried_object_id == $M_options['nocontent_page']) {
return;
}
if (!empty($nxt_query->query_vars['protectedfile']) && !$forceviewing) {
return;
}
//post_type] => nav_menu_item
if ($nxt_query->query_vars['post_type'] == 'nav_menu_item') {
// we've started looking at menus - implement bad bit of code until find a better method
define('M_REACHED_MENU', 'yup');
}
// If still here then we need to redirect to the no-access page
if (!empty($M_options['nocontent_page']) && $nxt_query->queried_object_id != $M_options['nocontent_page'] && !defined('M_REACHED_MENU')) {
// grab the content form the no content page
$url = get_permalink((int) $M_options['nocontent_page']);
nxt_safe_redirect($url);
exit;
//$post = get_post( $M_options['nocontent_page'] );
} else {
}
}
/**
* Action method for completing the 'verify' action. This action is used adding an identity URL to a
* NXTClass user through the admin interface.
*
* @param string $identity_url verified OpenID URL
*/
function openid_finish_verify($identity_url, $action)
{
if ($action != 'verify') {
return;
}
$message;
$user = nxt_get_current_user();
if (empty($identity_url)) {
$message = openid_message();
if (empty($message)) {
$message = 1;
}
} else {
if (!openid_add_identity($user->ID, $identity_url)) {
$message = 2;
} else {
$message = 3;
// ensure that profile URL is a verified OpenID
require_once 'Auth/OpenID.php';
require_once ABSPATH . 'nxt-admin/includes/admin.php';
if (!openid_ensure_url_match($user)) {
nxt_update_user(array('ID' => $user->ID, 'user_url' => $identity_url));
$update_url = 1;
}
}
}
$finish_url = $_SESSION['openid_finish_url'];
$finish_url = add_query_arg('status', openid_status(), $finish_url);
$finish_url = add_query_arg('message', $message, $finish_url);
if (isset($update_url) && $update_url) {
$finish_url = add_query_arg('update_url', $update_url, $finish_url);
}
nxt_safe_redirect($finish_url);
exit;
}
