public function __construct()
{
parent::__construct(site_url('pnfw/unregister/'), 'POST');
global $wpdb;
$push_tokens = $wpdb->get_blog_prefix() . 'push_tokens';
$user_id = $wpdb->get_var($wpdb->prepare("SELECT user_id FROM {$push_tokens} WHERE token = %s AND os = %s", $this->token, $this->os));
$res = $wpdb->delete($push_tokens, array("token" => $this->token, "os" => $this->os));
if ($res === false) {
$this->json_error('500', __('Unable to delete token', 'pnfw'));
}
$user = new WP_User($user_id);
if (in_array(PNFW_Push_Notifications_for_WordPress_Lite::USER_ROLE, $user->roles) && empty($user->user_email)) {
pnfw_log(PNFW_SYSTEM_LOG, sprintf(__("Automatically deleted the anonymous user %s (%s) since left without tokens.", 'pnfw'), $user->user_login, $user_id));
require_once ABSPATH . 'wp-admin/includes/user.php';
if (is_multisite()) {
require_once ABSPATH . 'wp-admin/includes/ms.php';
if (is_user_member_of_blog($user_id)) {
wpmu_delete_user($user_id);
}
} else {
wp_delete_user($user_id);
}
}
exit;
}
/**
* Override multisite mapped meta-capabilities
*
* @since 0.1.0
*/
function wp_user_edit_map_meta_caps($caps = array(), $cap = '', $user_id = 0, $args = array())
{
// What cap are we checking
switch ($cap) {
// Ability to edit users of sites
case 'edit_user':
case 'edit_users':
case 'manage_network_users':
// Allow user to edit themselves
if ('edit_user' === $cap && isset($args[0]) && $user_id === $args[0]) {
break;
}
// Already not allowed?
$index = array_search('do_not_allow', $caps);
// If previously not allowed, undo it; we'll check our own way
if (false !== $index) {
unset($caps[$index]);
}
// If multisite, user must be a member of the site
if (is_multisite() && isset($args[0]) && !is_user_member_of_blog($args[0])) {
$caps[] = 'do_not_allow';
// Admins cannot modify super admins
} elseif (isset($args[0]) && is_super_admin($args[0])) {
$caps[] = 'do_not_allow';
// Fallback on `edit_users`
} else {
$caps[] = 'edit_users';
}
break;
}
// Always return capabilities
return $caps;
}
function callback($path = '', $blog_id = 0, $user_id = 0)
{
$blog_id = $this->api->switch_to_blog_and_validate_user($this->api->get_blog_id($blog_id));
if (is_wp_error($blog_id)) {
return $blog_id;
}
if (!current_user_can_for_blog($blog_id, 'list_users')) {
return new WP_Error('unauthorized', 'User cannot view users for specified site', 403);
}
// Get the user by ID or login
$get_by = false !== strpos($path, '/users/login:'******'login' : 'id';
$user = get_user_by($get_by, $user_id);
if (!$user) {
return new WP_Error('unknown_user', 'Unknown user', 404);
}
if (!is_user_member_of_blog($user->ID, $blog_id)) {
return new WP_Error('unknown_user_for_site', 'Unknown user for site', 404);
}
if ('GET' === $this->api->method) {
return $this->get_user($user->ID);
} else {
if ('POST' === $this->api->method) {
if (!current_user_can_for_blog($blog_id, 'promote_users')) {
return new WP_Error('unauthorized', 'User cannot promote users for specified site', 403);
}
if (get_current_user_id() == $user_id) {
return new WP_Error('unauthorized', 'You cannot change your own role', 403);
}
return $this->update_user($user_id);
} else {
return new WP_Error('bad_request', 'An unsupported request method was used.');
}
}
}
/**
Load all our strings
*/
function load_strings()
{
$this->please_log_in = "<p class=\"s2_message\">" . sprintf(__('To manage your subscription options please <a href="%1$s">login.</a>', 'subscribe2'), get_option('siteurl') . '/wp-login.php') . "</p>";
$this->profile = "<p class=\"s2_message\">" . sprintf(__('You may manage your subscription options from your <a href="%1$s">profile</a>', 'subscribe2'), get_option('siteurl') . "/wp-admin/admin.php?page=s2") . "</p>";
if ($this->s2_mu === true) {
global $blog_id;
$user_ID = get_current_user_id();
if (!is_user_member_of_blog($user_ID, $blog_id)) {
// if we are on multisite and the user is not a member of this blog change the link
$this->profile = "<p class=\"s2_message\">" . sprintf(__('<a href="%1$s">Subscribe</a> to email notifications when this blog posts new content.', 'subscribe2'), get_option('siteurl') . "/wp-admin/?s2mu_subscribe=" . $blog_id) . "</p>";
}
}
$this->confirmation_sent = "<p class=\"s2_message\">" . __('A confirmation message is on its way!', 'subscribe2') . "</p>";
$this->already_subscribed = "<p class=\"s2_error\">" . __('That email address is already subscribed.', 'subscribe2') . "</p>";
$this->not_subscribed = "<p class=\"s2_error\">" . __('That email address is not subscribed.', 'subscribe2') . "</p>";
$this->not_an_email = "<p class=\"s2_error\">" . __('Sorry, but that does not look like an email address to me.', 'subscribe2') . "</p>";
$this->barred_domain = "<p class=\"s2_error\">" . __('Sorry, email addresses at that domain are currently barred due to spam, please use an alternative email address.', 'subscribe2') . "</p>";
$this->error = "<p class=\"s2_error\">" . __('Sorry, there seems to be an error on the server. Please try again later.', 'subscribe2') . "</p>";
// confirmation messages
$this->no_such_email = "<p class=\"s2_error\">" . __('No such email address is registered.', 'subscribe2') . "</p>";
$this->added = "<p class=\"s2_message\">" . __('You have successfully subscribed!', 'subscribe2') . "</p>";
$this->deleted = "<p class=\"s2_message\">" . __('You have successfully unsubscribed.', 'subscribe2') . "</p>";
/**/
$this->subscribe = __('subscribe', 'subscribe2');
//ACTION replacement in subscribing confirmation email
/**/
$this->unsubscribe = __('unsubscribe', 'subscribe2');
//ACTION replacement in unsubscribing in confirmation email
}
function callback($path = '', $blog_id = 0, $user_id = 0)
{
$blog_id = $this->api->switch_to_blog_and_validate_user($this->api->get_blog_id($blog_id));
if (is_wp_error($blog_id)) {
return $blog_id;
}
if (!current_user_can_for_blog($blog_id, 'list_users')) {
return new WP_Error('unauthorized', 'User cannot view users for specified site', 403);
}
if (!is_user_member_of_blog($user_id, $blog_id)) {
return new WP_Error('unauthorized', 'User cannot view users for specified site', 403);
}
if ('GET' === $this->api->method) {
return $this->get_user($user_id);
} else {
if ('POST' === $this->api->method) {
if (!current_user_can_for_blog($blog_id, 'promote_users')) {
return new WP_Error('unauthorized', 'User cannot promote users for specified site', 403);
}
if (get_current_user_id() == $user_id) {
return new WP_Error('unauthorized', 'You cannot change your own role', 403);
}
return $this->update_user($user_id);
} else {
return new WP_Error('bad_request', 'An unsupported request method was used.');
}
}
}
/**
* Check whether a given request has proper authorization to view feedback item.
*
* @param WP_REST_Request $request Full details about the request.
* @return WP_Error|boolean
*/
public function get_item_permissions_check($request)
{
if (!is_user_member_of_blog(get_current_user_id(), get_current_blog_id())) {
return new WP_Error('rest_cannot_view', esc_html__('Sorry, you cannot view this resource.', 'jetpack'), array('status' => 401));
}
return true;
}
function get_jetpack_modules()
{
if (is_user_member_of_blog()) {
return array_values(Jetpack_Options::get_option('active_modules', array()));
}
return null;
}
function jmm_shortcode_thissite_func($atts, $content = null)
{
$jmm_options = get_option('helfjmm_options');
if (isset($_POST['jmm-join-site']) || isset($_POST['join-site'])) {
// This is the magic sauce.
do_action('jmm_joinsite', array('JMM', 'join_site'));
}
if (!is_user_logged_in()) {
if (get_option('users_can_register') == 1) {
// If user isn't logged in but we allow for registration....
// IF we have a custom URL, use it, else send to /wp-signup.php
if (!is_null($jmm_options['perpage']) && $jmm_options['perpage'] != "XXXXXX") {
$goto = get_permalink($jmm_options['perpage']);
} else {
$goto = '/wp-signup.php';
}
// Here is our form
return '<form action="' . $goto . '" method="post" id="notmember">
<input type="hidden" name="action" value="jmm-join-site">
<input type="submit" value="' . __('Register For An Account', 'join-my-multisite') . '" name="join-site" id="join-site" class="button">
</form>';
}
// If we don't allow registration, we show nothing. On to the next one!
} elseif (!is_user_member_of_blog()) {
// If user IS logged in, then let's invite them to play.
return '<form action="?jmm-join-site" method="post" id="notmember">
<input type="hidden" name="action" value="jmm-join-site">
<input type="submit" value="' . __('Join This Site', 'join-my-multisite') . '" name="join-site" id="join-site" class="button">
</form>';
} else {
// Otherwise we're already a member, hello, mum!
return '<p>' . __('Howdy, Member!', 'join-my-multisite') . '</p>';
}
}
/**
* Displays the to-do list administration
* @param $atts shortcode attributes
* @return string To-Do List
*/
public function display_admin($atts)
{
$this->atts = $atts;
$atts = shortcode_atts(array('title' => '', 'completed' => 0), $this->atts, 'todoadmin');
$this->list = '';
CTDL_Loader::frontend_admin_enqueue_scripts();
$this->list = '<div id="ctdl-frontend-admin">';
if ($atts['title'] != '') {
$this->list .= '<h3 class="todo-title">' . esc_html($atts['title']) . $this->show_heading() . '</h3>';
}
if (is_user_logged_in() && is_user_member_of_blog()) {
list($this->url, $action) = CTDL_Lib::set_variables();
// get the existing to-do data and show the edit form if editing a to-do item
if ($action == 'edit-todo') {
$this->edit_todo_item($this->url);
} else {
$this->list .= '<div class="ctdl-tables">';
$this->display();
if (1 == $atts['completed']) {
$this->display(1);
}
$this->list .= '</div>';
$this->list .= $this->create_new_todo_form();
}
} else {
$this->list .= esc_html__('You must be logged in to view', 'cleverness-to-do-list');
}
$this->list .= '</div>';
return $this->list;
}
/**
Load all our strings
*/
function load_strings()
{
// adjust the output of Subscribe2 here
$this->please_log_in = "<p class=\"s2_message\">" . __('To manage your subscription options please', 'subscribe2') . " <a href=\"" . get_option('siteurl') . "/wp-login.php\">" . __('login', 'subscribe2') . "</a>.</p>";
$this->profile = "<p class=\"s2_message\">" . __('You may manage your subscription options from your', 'subscribe2') . " <a href=\"" . get_option('siteurl') . "/wp-admin/admin.php?page=s2\">" . __('profile', 'subscribe2') . "</a>.</p>";
if ($this->s2_mu === true) {
global $blog_id;
$user_ID = get_current_user_id();
if (!is_user_member_of_blog($user_ID, $blog_id)) {
// if we are on multisite and the user is not a member of this blog change the link
$this->profile = "<p class=\"s2_message\"><a href=\"" . get_option('siteurl') . "/wp-admin/?s2mu_subscribe=" . $blog_id . "\">" . __('Subscribe', 'subscribe2') . "</a> " . __('to email notifications when this blog posts new content', 'subscribe2') . ".</p>";
}
}
$this->confirmation_sent = "<p class=\"s2_message\">" . __('A confirmation message is on its way!', 'subscribe2') . "</p>";
$this->already_subscribed = "<p class=\"s2_error\">" . __('That email address is already subscribed.', 'subscribe2') . "</p>";
$this->not_subscribed = "<p class=\"s2_error\">" . __('That email address is not subscribed.', 'subscribe2') . "</p>";
$this->not_an_email = "<p class=\"s2_error\">" . __('Sorry, but that does not look like an email address to me.', 'subscribe2') . "</p>";
$this->barred_domain = "<p class=\"s2_error\">" . __('Sorry, email addresses at that domain are currently barred due to spam, please use an alternative email address.', 'subscribe2') . "</p>";
$this->error = "<p class=\"s2_error\">" . __('Sorry, there seems to be an error on the server. Please try again later.', 'subscribe2') . "</p>";
$this->no_page = __('You must to create a WordPress page for this plugin to work correctly.', 'subscribe2');
$this->mail_sent = "<p class=\"s2_message\">" . __('Message sent!', 'subscribe2') . "</p>";
$this->mail_failed = "<p class=\"s2_error\">" . __('Message failed! Check your settings and check with your hosting provider', 'subscribe2') . "</p>";
// confirmation messages
$this->no_such_email = "<p class=\"s2_error\">" . __('No such email address is registered.', 'subscribe2') . "</p>";
$this->added = "<p class=\"s2_message\">" . __('You have successfully subscribed!', 'subscribe2') . "</p>";
$this->deleted = "<p class=\"s2_message\">" . __('You have successfully unsubscribed.', 'subscribe2') . "</p>";
$this->subscribe = __('subscribe', 'subscribe2');
//ACTION replacement in subscribing confirmation email
$this->unsubscribe = __('unsubscribe', 'subscribe2');
//ACTION replacement in unsubscribing in confirmation email
// menu strings
$this->options_saved = __('Options saved!', 'subscribe2');
$this->options_reset = __('Options reset!', 'subscribe2');
}
function widget($args, $instance)
{
extract($args);
/* User-selected settings. */
//$title = isset( $instance['title'] ) ? apply_filters('widget_title', $instance['title'] ) : "" ;
$title = isset($instance['title']) ? apply_filters('widget_title', $instance['title']) : "";
$notregistered = isset($instance['notreg']) ? $instance['notreg'] : "";
$notmember = isset($instance['notmember']) ? $instance['notmember'] : "";
$member = isset($instance['member']) ? $instance['member'] : "";
$welcome = isset($instance['welcome']) ? $instance['welcome'] : "";
$show_form = isset($instance['show_form']) ? $instance['show_form'] : "";
$jmm_options = get_option('helfjmm_options');
global $current_user, $blog_id, $user_login;
/* Before widget (defined by themes). */
echo $before_widget;
/* Title of widget (before and after defined by themes). */
if ($title) {
echo $before_title . $title . $after_title;
}
if (isset($_POST['jmm-join-site']) || isset($_POST['join-site'])) {
// This is the magic sauce.
do_action('jmm_joinsite', array('JMM', 'join_site'));
echo '<p>' . $welcome . '</p>';
} else {
if (!is_user_logged_in()) {
if (get_option('users_can_register') == 1) {
// If user isn't logged in but we allow for registration....
// IF we have a custom URL, use it, else send to /wp-signup.php for this site (becuase join my SITE, not network)
if (!is_null($jmm_options['perpage']) && $jmm_options['perpage'] != "XXXXXX") {
$goto = get_permalink($jmm_options['perpage']);
} else {
$goto = '/wp-signup.php';
}
// Here is our form
echo '<form action="' . $goto . '" method="post" id="notmember">';
echo '<input type="hidden" name="action" value="jmm-join-site">';
echo '<input type="submit" value="' . $notregistered . '" name="join-site" id="join-site" class="button">';
echo '</form>';
// Do we show the inline login form?
if ($show_form == 'on') {
echo '<br /><h3 class="widget-title">' . __("Log in") . '</h3>';
wp_login_form(array('value_remember' => 1));
}
}
// If we don't allow registration, we show nothing. On to the next one!
} elseif (!is_user_member_of_blog()) {
// If user IS logged in, then let's invite them to play.
echo '<form action="?jmm-join-site" method="post" id="notmember">';
echo '<input type="hidden" name="action" value="jmm-join-site">';
echo '<input type="submit" value="' . $notmember . '" name="join-site" id="join-site" class="button">';
echo '</form>';
} else {
// Otherwise we're already a member, hello, mum!
echo '<p>' . $member . '</p>';
}
}
/* After widget (defined by themes). */
echo $after_widget;
}
/**
* Removes a user from the current site.
* @param int $user_id
* @return array|WP_Error
*/
function remove_user($user_id)
{
if (!current_user_can('remove_users')) {
return new WP_Error('unauthorized', 'User cannot remove users for specified site.', 403);
}
if (!is_user_member_of_blog($user_id, get_current_blog_id())) {
return new WP_Error('invalid_input', 'User is not a member of the specified site.', 400);
}
return array('success' => remove_user_from_blog($user_id, get_current_blog_id()));
}
function pnfw_delete_plugin()
{
global $wpdb;
$table_name = $wpdb->get_blog_prefix() . 'push_tokens';
$wpdb->query("DROP TABLE IF EXISTS {$table_name};");
$table_name = $wpdb->get_blog_prefix() . 'push_viewed';
$wpdb->query("DROP TABLE IF EXISTS {$table_name};");
$table_name = $wpdb->get_blog_prefix() . 'push_sent';
$wpdb->query("DROP TABLE IF EXISTS {$table_name};");
$table_name = $wpdb->get_blog_prefix() . 'push_excluded_categories';
$wpdb->query("DROP TABLE IF EXISTS {$table_name};");
$table_name = $wpdb->get_blog_prefix() . 'push_logs';
$wpdb->query("DROP TABLE IF EXISTS {$table_name};");
$table_name = $wpdb->get_blog_prefix() . 'postmeta';
$wpdb->query("DELETE FROM {$table_name} WHERE meta_key = 'pnfw_do_not_send_push_notifications_for_this_post' OR meta_key = 'pnfw_user_cat';");
$user_query = new WP_User_Query(array('role' => 'app_subscriber'));
foreach ($user_query->results as $user) {
if (empty($user->user_email)) {
if (is_multisite()) {
require_once ABSPATH . 'wp-admin/includes/ms.php';
if (is_user_member_of_blog($user->ID)) {
wpmu_delete_user($user->ID);
}
} else {
wp_delete_user($user->ID);
}
}
}
delete_option('pnfw_db_version');
delete_option('pnfw_posts_per_page');
delete_option('pnfw_last_save_timestamp');
delete_option('pnfw_enable_push_notifications');
delete_option('pnfw_ios_push_notifications');
delete_option('pnfw_android_push_notifications');
delete_option('pnfw_kindle_push_notifications');
delete_option('pnfw_url_scheme');
delete_option('pnfw_ios_use_sandbox');
delete_option('pnfw_sandbox_ssl_certificate_media_id');
delete_option('pnfw_sandbox_ssl_certificate_password');
delete_option('pnfw_production_ssl_certificate_media_id');
delete_option('pnfw_production_ssl_certificate_password');
delete_option('pnfw_ios_payload_sound');
delete_option('pnfw_google_api_key');
delete_option('pnfw_adm_client_id');
delete_option('pnfw_adm_client_secret');
delete_option('pnfw_api_consumer_key');
delete_option('pnfw_api_consumer_secret');
delete_option('pnfw_enabled_post_types');
delete_option('pnfw_enabled_object_taxonomies');
delete_option('pnfw_use_wpautop');
delete_option('pnfw_disable_email_verification');
delete_option('pnfw_add_message_field_in_payload');
delete_option('pnfw_uninstall_data');
flush_rewrite_rules();
}
static function join_site()
{
global $current_user, $blog_id;
$jmm_options = get_option('helfjmm_options');
if (!is_user_logged_in()) {
return false;
}
if (!is_user_member_of_blog()) {
add_user_to_blog($blog_id, $current_user->ID, $jmm_options['role']);
}
}
/**
* @param array $item A singular item (one full row's worth of data)
*
* @return string Text to be placed inside the column <td>
*/
function column_title($item)
{
list($user_id, $blog_id) = explode(':', $item['ID']);
// Build row actions
$actions = array('visit' => sprintf('<a href="%s">%s</a>', get_site_url($blog_id), __('Visit Book')));
// Only include admin link if user has admin rights to the book in question
if (is_super_admin($user_id) || is_user_member_of_blog($user_id, $blog_id)) {
$actions['dashboard'] = sprintf('<a href="%s">%s</a>', get_admin_url($blog_id), __('Visit Admin', 'pressbooks'));
}
// Return the title contents
return sprintf('<span class="title">%1$s</span> %2$s', $item['title'], $this->row_actions($actions));
}
/**
* Checks that both the editing user and the user being edited are
* members of the blog and prevents the super admin being edited.
*/
function rl_edit_permission_check()
{
global $current_user, $profileuser;
$screen = get_current_screen();
get_currentuserinfo();
if (!is_super_admin($current_user->ID) && in_array($screen->base, array('user-edit', 'user-edit-network'))) {
if (is_super_admin($profileuser->ID)) {
wp_die(__('You do not have permission to edit this user.'));
} elseif (!(is_user_member_of_blog($profileuser->ID, get_current_blog_id()) && is_user_member_of_blog($current_user->ID, get_current_blog_id()))) {
wp_die(__('You do not have permission to edit this user.'));
} elseif (array_key_exists('email', $_POST) || array_key_exists('email', $_GET) && count(get_blogs_of_user($profileuser->ID)) > 1) {
wp_die(__('You do not have permission to edit this user password.'));
}
}
}
/**
* Check members only (hooked into dlm_can_download) checks if the download is members only and enfoces log in.
*
* Other plugins can use the 'dlm_can_download' filter directly to change access rights.
*
* @access public
*
* @param boolean $can_download
* @param mixed $download
*
* @return boolean
*/
public function check_members_only($can_download, $download)
{
// Check if download is a 'members only' download
if (false !== $can_download && $download->is_members_only()) {
// Check if user is logged in
if (!is_user_logged_in()) {
$can_download = false;
} else {
if (is_multisite() && !is_user_member_of_blog(get_current_user_id(), get_current_blog_id())) {
$can_download = false;
}
}
}
return $can_download;
}
function editorize_save_post($post_id)
{
if (!isset($_POST['editorize_nonce']) || !wp_verify_nonce($_POST['editorize_nonce'], 'editorize_add_editor')) {
return;
}
$current_post_editor = editorize_get_post_editor($post_id);
if ($current_post_editor == get_current_user_id() || !current_user_can('edit_others_posts')) {
return;
}
$post_editor = !empty($_POST['editorize_post_editor']) ? intval($_POST['editorize_post_editor']) : 0;
if (!$post_editor || !is_user_member_of_blog($post_editor)) {
delete_post_meta($post_id, '_post_editor_id');
} else {
update_post_meta($post_id, '_post_editor_id', $post_editor);
}
}
/**
* Adds the default roles for all sites to a user, specified by $user_id
*/
function msum_add_roles($user_id)
{
foreach (msum_get_blog_list(0, 'all') as $key => $blog) {
if (is_user_member_of_blog($user_id, $blog['blog_id'])) {
continue;
}
switch_to_blog($blog['blog_id']);
$role = get_option('msum_default_user_role', 'none');
// if no default set, use 'none'
if ($role != 'none') {
add_user_to_blog($blog['blog_id'], $user_id, $role);
}
restore_current_blog();
}
update_user_meta($user_id, 'msum_has_caps', 'true');
}
/**
* Test that usermeta cache is cleared after user deletion.
*
* @ticket 19500
*/
function test_is_user_member_of_blog()
{
$old_current = get_current_user_id();
$user_id = $this->factory->user->create(array('role' => 'subscriber'));
wp_set_current_user($user_id);
$this->assertTrue(is_user_member_of_blog());
$this->assertTrue(is_user_member_of_blog(0, 0));
$this->assertTrue(is_user_member_of_blog(0, get_current_blog_id()));
$this->assertTrue(is_user_member_of_blog($user_id));
$this->assertTrue(is_user_member_of_blog($user_id, get_current_blog_id()));
// Will only remove the user from the current site in multisite; this is desired
// and will achieve the desired effect with is_user_member_of_blog().
wp_delete_user($user_id);
$this->assertFalse(is_user_member_of_blog($user_id));
$this->assertFalse(is_user_member_of_blog($user_id, get_current_blog_id()));
wp_set_current_user($old_current);
}
/**
* Method to read a customer object.
*
* @since 2.7.0
* @param WC_Customer
*/
public function read(&$customer)
{
global $wpdb;
// User object is required.
if (!$customer->get_id() || !($user_object = get_user_by('id', $customer->get_id())) || empty($user_object->ID)) {
throw new Exception(__('Invalid customer.', 'woocommerce'));
}
// Only users on this site should be read.
if (is_multisite() && !is_user_member_of_blog($customer->get_id())) {
throw new Exception(__('Invalid customer.', 'woocommerce'));
}
$customer_id = $customer->get_id();
$customer->set_props(array_map('wc_flatten_meta_callback', get_user_meta($customer_id)));
$customer->set_props(array('is_paying_customer' => get_user_meta($customer_id, 'paying_customer', true), 'email' => $user_object->user_email, 'username' => $user_object->user_login, 'date_created' => strtotime($user_object->user_registered), 'date_modified' => get_user_meta($customer_id, 'last_update', true), 'role' => !empty($user_object->roles[0]) ? $user_object->roles[0] : 'customer'));
$customer->read_meta_data();
$customer->set_object_read(true);
do_action('woocommerce_customer_loaded', $customer);
}
function rublon2factor_authenticate($user, $username, $password)
{
$user = wp_authenticate_username_password($user, $username, $password);
if (is_wp_error($user)) {
return $user;
} else {
do_action('rublon_pre_authenticate', $user);
$user_id = RublonHelper::getUserId($user);
if (is_user_member_of_blog($user_id) && RublonHelper::isSiteRegistered()) {
wp_logout();
$remember = !empty($_POST['rememberme']);
$authURL = RublonHelper::authenticateWithRublon($user, $remember);
if (empty($authURL)) {
if (RublonHelper::canShowBusinessEditionUpgradeBoxAfterLogin($user)) {
RublonHelper::setMessage('BUSINESS_EDITION_UPGRADE_BOX', 'updated', 'RC');
}
$levels = RublonRolesProtection::getProtectionTypesLevels();
if ($levels[RublonHelper::getUserProtectionType()] >= $levels[RublonHelper::PROTECTION_TYPE_MOBILE]) {
$user_email = RublonHelper::getUserEmail($user);
$obfuscated_email = RublonHelper::obfuscateEmail($user_email);
RublonHelper::setMessage('ROLE_BLOCKED|' . base64_encode($obfuscated_email), 'error', 'LM');
$return_page = RublonHelper::getReturnPage();
wp_safe_redirect(wp_login_url($return_page));
exit;
} else {
RublonHelper::setMobileUserStatus($user, RublonHelper::NO);
return $user;
}
} else {
RublonHelper::setLoginToken($user);
wp_redirect($authURL);
exit;
}
} else {
return $user;
}
}
}
/**
* Does the given user need to be migrated?
*
* @param int $user_id
* @param int $blog_id Optional.
*
* @return bool
*/
private function is_user_required_for_blog($user_id, $blog_id = 0)
{
static $users = array();
if (empty($user_id)) {
$user_id = 0;
}
if (empty($blog_id)) {
$blog_id = 0;
}
if (isset($users[$blog_id][$user_id])) {
return $users[$blog_id][$user_id];
}
if (!is_multisite()) {
$users[$blog_id][$user_id] = true;
return $users[$blog_id][$user_id];
}
$subsites = $this->subsites_list();
if (empty($subsites) || !array_key_exists($blog_id, $subsites)) {
$users[$blog_id][$user_id] = false;
return $users[$blog_id][$user_id];
}
if (is_user_member_of_blog($user_id, $blog_id)) {
$users[$blog_id][$user_id] = true;
return $users[$blog_id][$user_id];
}
// If the user has any posts that are going to be migrated, we need the user regardless of whether they still have access.
switch_to_blog($blog_id);
$user_posts = count_user_posts($user_id);
restore_current_blog();
if (0 < $user_posts) {
$users[$blog_id][$user_id] = true;
return $users[$blog_id][$user_id];
}
// If here, user not required.
$users[$blog_id][$user_id] = false;
return $users[$blog_id][$user_id];
}
/**
* Read a customer from the database.
* @since 2.7.0
* @param integer $id
*/
public function read($id)
{
global $wpdb;
// User object is required.
if (!$id || !($user_object = get_user_by('id', $id)) || empty($user_object->ID)) {
$this->set_id(0);
return;
}
// Only users on this site should be read.
if (is_multisite() && !is_user_member_of_blog($id)) {
$this->set_id(0);
return;
}
$this->set_id($user_object->ID);
$this->set_props(array_map(array($this, 'flatten_post_meta'), get_user_meta($id)));
$this->set_props(array('is_paying_customer' => get_user_meta($id, 'paying_customer', true), 'email' => $user_object->user_email, 'username' => $user_object->user_login, 'date_created' => strtotime($user_object->user_registered), 'date_modified' => get_user_meta($id, 'last_update', true), 'role' => !empty($user_object->roles[0]) ? $user_object->roles[0] : 'customer'));
$this->read_meta_data();
}
/**
* Checks if the current user belong to a given blog.
*
* @since MU
* @deprecated 3.3.0
* @deprecated Use is_user_member_of_blog()
* @see is_user_member_of_blog()
*
* @param int $blog_id Blog ID
* @return bool True if the current users belong to $blog_id, false if not.
*/
function is_blog_user($blog_id = 0)
{
_deprecated_function(__FUNCTION__, '3.3', 'is_user_member_of_blog()');
return is_user_member_of_blog(get_current_user_id(), $blog_id);
}
static function can_current_user_connect($_blog_id = false)
{
global $current_user;
if (!$_blog_id) {
$_blog_id = GPlus_Authorship_Utils::get_blog_id();
}
if (is_user_member_of_blog($current_user->ID, $_blog_id) || is_super_admin($current_user->ID)) {
return true;
}
return false;
}
/**
* Process the login form.
*/
public static function process_login()
{
$nonce_value = isset($_POST['_wpnonce']) ? $_POST['_wpnonce'] : '';
$nonce_value = isset($_POST['woocommerce-login-nonce']) ? $_POST['woocommerce-login-nonce'] : $nonce_value;
if (!empty($_POST['login']) && wp_verify_nonce($nonce_value, 'woocommerce-login')) {
try {
$creds = array('user_password' => $_POST['password'], 'remember' => isset($_POST['rememberme']));
$username = trim($_POST['username']);
$validation_error = new WP_Error();
$validation_error = apply_filters('woocommerce_process_login_errors', $validation_error, $_POST['username'], $_POST['password']);
if ($validation_error->get_error_code()) {
throw new Exception('<strong>' . __('Error:', 'woocommerce') . '</strong> ' . $validation_error->get_error_message());
}
if (empty($username)) {
throw new Exception('<strong>' . __('Error:', 'woocommerce') . '</strong> ' . __('Username is required.', 'woocommerce'));
}
if (empty($_POST['password'])) {
throw new Exception('<strong>' . __('Error:', 'woocommerce') . '</strong> ' . __('Password is required.', 'woocommerce'));
}
if (is_email($username) && apply_filters('woocommerce_get_username_from_email', true)) {
$user = get_user_by('email', $username);
if (isset($user->user_login)) {
$creds['user_login'] = $user->user_login;
} else {
throw new Exception('<strong>' . __('Error:', 'woocommerce') . '</strong> ' . __('A user could not be found with this email address.', 'woocommerce'));
}
} else {
$creds['user_login'] = $username;
}
// On multisite, ensure user exists on current site, if not add them before allowing login.
if (is_multisite()) {
$user_data = get_user_by('login', $username);
if ($user_data && !is_user_member_of_blog($user_data->ID, get_current_blog_id())) {
add_user_to_blog(get_current_blog_id(), $user_data->ID, 'customer');
}
}
// Perform the login
$user = wp_signon(apply_filters('woocommerce_login_credentials', $creds), is_ssl());
if (is_wp_error($user)) {
$message = $user->get_error_message();
$message = str_replace('<strong>' . esc_html($creds['user_login']) . '</strong>', '<strong>' . esc_html($username) . '</strong>', $message);
throw new Exception($message);
} else {
if (!empty($_POST['redirect'])) {
$redirect = $_POST['redirect'];
} elseif (wp_get_referer()) {
$redirect = wp_get_referer();
} else {
$redirect = wc_get_page_permalink('myaccount');
}
wp_redirect(apply_filters('woocommerce_login_redirect', $redirect, $user));
exit;
}
} catch (Exception $e) {
wc_add_notice(apply_filters('login_errors', $e->getMessage()), 'error');
do_action('woocommerce_login_failed');
}
}
}
/**
* Private. Set all user interface settings.
*
* @package WordPress
* @subpackage Option
* @since 2.8.0
*
* @param array $user_settings
* @return bool
*/
function wp_set_all_user_settings($user_settings)
{
global $_updated_user_settings;
if (!($user_id = get_current_user_id())) {
return false;
}
if (is_super_admin() && !is_user_member_of_blog()) {
return;
}
$settings = '';
foreach ($user_settings as $name => $value) {
$_name = preg_replace('/[^A-Za-z0-9_]+/', '', $name);
$_value = preg_replace('/[^A-Za-z0-9_]+/', '', $value);
if (!empty($_name)) {
$settings .= $_name . '=' . $_value . '&';
}
}
$settings = rtrim($settings, '&');
parse_str($settings, $_updated_user_settings);
update_user_option($user_id, 'user-settings', $settings, false);
update_user_option($user_id, 'user-settings-time', time(), false);
return true;
}
/**
* Converts a JLSuggest database string into a URL.
*
* @since 6.0
*
* @param string $value The JLSuggest database string to convert.
* @param bool $get_src_if_media Whether to get the URL to the actual media item rather than the URL to its WP-powered singular page, if the item is an attachment.
* @return string The URL of the referenced destination
*/
function jlsuggest_value_to_url($value, $get_src_if_media = false)
{
list($to_genus, $to_type, $to_id) = $this->jlsuggest_value_explode($value);
switch ($to_genus) {
case 'url':
return $to_id;
break;
case 'posttype':
$to_id = (int) $to_id;
switch (get_post_status($to_id)) {
case 'publish':
if ($get_src_if_media && 'attachment' == get_post_type($to_id)) {
return wp_get_attachment_url($to_id);
}
return get_permalink($to_id);
case false:
//Post doesn't exist
//Post doesn't exist
default:
//Post exists but isn't published
return false;
}
break;
case 'taxonomy':
$to_id = (int) $to_id;
$term_link = get_term_link($to_id, $to_type);
if ($term_link && !is_wp_error($term_link)) {
return $term_link;
}
return false;
break;
case 'home':
return suwp::get_blog_home_url();
break;
case 'author':
$to_id = (int) $to_id;
if (is_user_member_of_blog($to_id)) {
return get_author_posts_url($to_id);
}
return false;
break;
case 'internal-link-alias':
if ($this->plugin->module_exists('internal-link-aliases')) {
$alias_dir = $this->get_setting('alias_dir', 'go', 'internal-link-aliases');
$aliases = $this->get_setting('aliases', array(), 'internal-link-aliases');
if (isset($aliases[$to_id]['to'])) {
$u_alias_to = urlencode($aliases[$to_id]['to']);
return get_bloginfo('url') . "/{$alias_dir}/{$u_alias_to}/";
}
}
return false;
break;
}
return false;
}
/**
* Handles sending password retrieval email to customer.
*
* Based on retrieve_password() in core wp-login.php
*
* @access public
* @uses $wpdb WordPress Database object
* @return bool True: when finish. False: on error
*/
public static function retrieve_password()
{
global $wpdb, $wp_hasher;
if (empty($_POST['user_login'])) {
wc_add_notice(__('Enter a username or e-mail address.', 'woocommerce'), 'error');
return false;
} else {
// Check on username first, as customers can use emails as usernames.
$login = trim($_POST['user_login']);
$user_data = get_user_by('login', $login);
}
// If no user found, check if it login is email and lookup user based on email.
if (!$user_data && is_email($_POST['user_login']) && apply_filters('woocommerce_get_username_from_email', true)) {
$user_data = get_user_by('email', trim($_POST['user_login']));
}
do_action('lostpassword_post');
if (!$user_data) {
wc_add_notice(__('Invalid username or e-mail.', 'woocommerce'), 'error');
return false;
}
if (is_multisite() && !is_user_member_of_blog($user_data->ID, get_current_blog_id())) {
wc_add_notice(__('Invalid username or e-mail.', 'woocommerce'), 'error');
return false;
}
// redefining user_login ensures we return the right case in the email
$user_login = $user_data->user_login;
$user_email = $user_data->user_email;
do_action('retrieve_password', $user_login);
$allow = apply_filters('allow_password_reset', true, $user_data->ID);
if (!$allow) {
wc_add_notice(__('Password reset is not allowed for this user', 'woocommerce'), 'error');
return false;
} elseif (is_wp_error($allow)) {
wc_add_notice($allow->get_error_message(), 'error');
return false;
}
$key = wp_generate_password(20, false);
do_action('retrieve_password_key', $user_login, $key);
// Now insert the key, hashed, into the DB.
if (empty($wp_hasher)) {
require_once ABSPATH . 'wp-includes/class-phpass.php';
$wp_hasher = new PasswordHash(8, true);
}
$hashed = $wp_hasher->HashPassword($key);
$wpdb->update($wpdb->users, array('user_activation_key' => $hashed), array('user_login' => $user_login));
// Send email notification
WC()->mailer();
// load email classes
do_action('woocommerce_reset_password_notification', $user_login, $key);
wc_add_notice(__('Check your e-mail for the confirmation link.', 'woocommerce'));
return true;
}
