private function get_user_info()
{
$switch_to_user = '';
if (!is_multisite() || current_user_can('manage_network_users')) {
$anchor_start = '<a href="' . wp_nonce_url("user-edit.php?user_id={$this->user_to_edit->ID}", "ure_user_{$this->user_to_edit->ID}") . '" >';
$anchor_end = '</a>';
if (class_exists('user_switching') && current_user_can('switch_to_user', $this->user_to_edit->ID)) {
$switch_to_user_link = user_switching::switch_to_url($this->user_to_edit);
$switch_to_user = '******' . esc_url($switch_to_user_link) . '">' . esc_html__('Switch To', 'user-switching') . '</a>';
}
} else {
$anchor_start = '';
$anchor_end = '';
}
$user_info = ' <span style="font-weight: bold;">' . $anchor_start . $this->user_to_edit->user_login;
if ($this->user_to_edit->display_name !== $this->user_to_edit->user_login) {
$user_info .= ' (' . $this->user_to_edit->display_name . ')';
}
$user_info .= $anchor_end . '</span>';
if (is_multisite() && is_super_admin($this->user_to_edit->ID)) {
$user_info .= ' <span style="font-weight: bold; color:red;">' . esc_html__('Network Super Admin', 'user-role-editor') . '</span>';
}
if (!empty($switch_to_user)) {
$user_info .= ' ' . $switch_to_user;
}
return $user_info;
}
/**
* Prepare user row actions
*
* @param WP_User $user
*
* @return array
*
* @access protected
*/
protected function prepareRowActions(WP_User $user)
{
$max = AAM_Core_API::maxLevel(wp_get_current_user()->allcaps);
if ($max < AAM_Core_API::maxLevel($user->allcaps)) {
$actions = array('no-manage', 'no-lock', 'no-edit');
} else {
$actions = array('manage');
$prefix = $user->ID == get_current_user_id() ? 'no-' : '';
$actions[] = $prefix . ($user->user_status ? 'unlock' : 'lock');
$actions[] = 'edit';
}
if (class_exists('user_switching')) {
$url = user_switching::maybe_switch_url($user);
if (!in_array('edit', $actions) || empty($url)) {
$actions[] = 'no-switch';
} else {
$actions[] = 'switch|' . $url;
}
}
return $actions;
}
function testOldUserCookieAuthentication()
{
$admin = $this->testers['admin'];
$editor = $this->testers['editor'];
$expiry = time() + 172800;
// A valid authentication cookie should pass authentication:
$auth_cookie = wp_generate_auth_cookie($editor->ID, $expiry, 'auth');
$_COOKIE[USER_SWITCHING_COOKIE] = json_encode(array($auth_cookie));
$this->assertTrue(user_switching::authenticate_old_user($editor));
$this->assertFalse(user_switching::authenticate_old_user($admin));
// An expired but otherwise valid authentication cookie should not pass authentication:
$auth_cookie = wp_generate_auth_cookie($editor->ID, time() - 1000, 'auth');
$_COOKIE[USER_SWITCHING_COOKIE] = json_encode(array($auth_cookie));
$this->assertFalse(user_switching::authenticate_old_user($editor));
$this->assertFalse(user_switching::authenticate_old_user($admin));
// A valid authentication cookie with the incorrect scheme should not pass authentication:
$logged_in_cookie = wp_generate_auth_cookie($editor->ID, $expiry, 'logged_in');
$_COOKIE[USER_SWITCHING_COOKIE] = json_encode(array($logged_in_cookie));
$this->assertFalse(user_switching::authenticate_old_user($editor));
$this->assertFalse(user_switching::authenticate_old_user($admin));
$logged_in_cookie = wp_generate_auth_cookie($editor->ID, $expiry, 'secure_auth');
$_COOKIE[USER_SWITCHING_COOKIE] = json_encode(array($logged_in_cookie));
$this->assertFalse(user_switching::authenticate_old_user($editor));
$this->assertFalse(user_switching::authenticate_old_user($admin));
// A malformed cookie should not pass authentication and not trigger any PHP errors:
$_COOKIE[USER_SWITCHING_COOKIE] = 'hello';
$this->assertFalse(user_switching::authenticate_old_user($editor));
$this->assertFalse(user_switching::authenticate_old_user($admin));
// A non-JSON-encoded cookie should not pass authentication and not trigger any PHP errors:
$auth_cookie = wp_generate_auth_cookie($editor->ID, $expiry, 'auth');
$_COOKIE[USER_SWITCHING_COOKIE] = $auth_cookie;
$this->assertFalse(user_switching::authenticate_old_user($editor));
$this->assertFalse(user_switching::authenticate_old_user($admin));
// No cookie should not pass authentication and not trigger any PHP errors:
unset($_COOKIE[USER_SWITCHING_COOKIE]);
$this->assertFalse(user_switching::authenticate_old_user($editor));
$this->assertFalse(user_switching::authenticate_old_user($admin));
}
/**
* Gets the URL to switch to the user
* if the User Switching plugin is active
*
* @access public
* @since 2.1
*/
public function get_switch_to_url()
{
if (!class_exists('user_switching')) {
return false;
}
$link = user_switching::maybe_switch_url($this);
if ($link) {
$link = add_query_arg('redirect_to', urlencode(home_url()), $link);
return $link;
} else {
return false;
}
}
/**
* Authenticate an old user by verifying the latest entry in the auth cookie.
*
* @param WP_User $user A WP_User object (usually from the logged_in cookie).
* @return bool Whether verification with the auth cookie passed.
*/
public static function authenticate_old_user(WP_User $user)
{
$cookie = user_switching_get_auth_cookie();
if (!empty($cookie)) {
if (user_switching::secure_auth_cookie()) {
$scheme = 'secure_auth';
} else {
$scheme = 'auth';
}
if ($old_user_id = wp_validate_auth_cookie(end($cookie), $scheme)) {
return $user->ID === $old_user_id;
}
}
return false;
}
function testCurrentUrl()
{
$url = add_query_arg('foo', 'bar', home_url('baz'));
$this->go_to($url);
$this->assertSame(user_switching::current_url(), $url);
}
function current_user_switched()
{
if (!is_user_logged_in()) {
return false;
}
return user_switching::get_old_user();
}
*/
if (!defined('URE_PLUGIN_URL')) {
die;
// Silence is golden, direct call is prohibited
}
$edit_user_caps_mode = $this->get_edit_user_caps_mode();
?>
<div class="has-sidebar-content">
<?php
$switch_to_user = '';
if (!is_multisite() || current_user_can('manage_network_users')) {
$anchor_start = '<a href="' . wp_nonce_url("user-edit.php?user_id={$this->user_to_edit->ID}", "ure_user_{$this->user_to_edit->ID}") . '" >';
$anchor_end = '</a>';
if (class_exists('user_switching') && current_user_can('switch_to_user', $this->user_to_edit->ID)) {
$switch_to_user_link = user_switching::switch_to_url($this->user_to_edit);
$switch_to_user = '******' . esc_url($switch_to_user_link) . '">' . esc_html__('Switch To', 'user-switching') . '</a>';
}
} else {
$anchor_start = '';
$anchor_end = '';
}
$user_info = ' <span style="font-weight: bold;">' . $anchor_start . $this->user_to_edit->user_login;
if ($this->user_to_edit->display_name !== $this->user_to_edit->user_login) {
$user_info .= ' (' . $this->user_to_edit->display_name . ')';
}
$user_info .= $anchor_end . '</span>';
if (is_multisite() && is_super_admin($this->user_to_edit->ID)) {
$user_info .= ' <span style="font-weight: bold; color:red;">' . esc_html__('Network Super Admin', 'user-role-editor') . '</span>';
}
if (!empty($switch_to_user)) {
/**
* function abus_user_search()
* searches for the required user depending what was entered into the search box
* in the admin bar
*/
function abus_user_search()
{
global $user_switching;
/* get the posted query search, current url and nonce */
$q = $_POST['query'];
$url = $_POST['currenturl'];
$nonce = $_POST['nonce'];
/* check nonce passes for intent */
if (!wp_verify_nonce($nonce, 'abus_nonce')) {
exit;
}
$args = array('search' => $q, 'search_columns' => array('user_login'));
/* query the users */
$user_query = new WP_User_Query($args);
echo '<div class="abus_user_results">';
/* check we have results returned */
if (!empty($user_query->results)) {
/* loop through each returned user */
foreach ($user_query->results as $user) {
/* if this user is the current user - skip to next user */
if ($user->ID == get_current_user_id()) {
continue;
}
$link = user_switching::maybe_switch_url($user);
if ($link) {
$link = add_query_arg('redirect_to', apply_filters('abus_switch_to_url', $url), $link);
echo '<p class="result"><a href="' . esc_url($link, $user) . '">' . $user->display_name . '</a></p>';
}
}
/* no users match search */
} else {
echo '<p class="result">No users found.</p>';
}
echo '</div>';
die;
}
