$user_data['last_name'] = $fbuser['last_name']; $user_data['display_name'] = $fbuser['first_name']; $user_data['user_url'] = $fbuser["profile_url"]; $user_data['user_email'] = $fbuser["email"]; //Run a filter so the user can be modified to something different before registration //NOTE: If the user has selected "pretty names", this'll change FB_xxx to i.e. "John.Smith" $user_data = apply_filters('nxtfb_insert_user', $user_data, $fbuser); $user_data = apply_filters('nxtfb_inserting_user', $user_data, array('nxt_ID' => $user_login_id, 'FB_ID' => $fb_uid, 'facebook' => $facebook, 'FB_UserData' => $fbuser)); //Insert a new user to our database and make sure it worked $user_login_id = nxt_insert_user($user_data); if (is_nxt_error($user_login_id)) { j_die("Error: nxt_insert_user failed!<br/><br/>" . "If you get this error while running a nxtclass MultiSite installation, it means you'll need to purchase the <a href=\"{$jfb_homepage}#premium\">premium version</a> of this plugin to enable full MultiSite support.<br/><br/>" . "If you're <u><i>not</i></u> using MultiSite, please report this bug to the plugin author on the support page <a href=\"{$jfb_homepage}#feedback\">here</a>.<br /><br />" . "Error message: " . (function_exists(array(&$user_login_id, 'get_error_message')) ? $user_login_id->get_error_message() : "Undefined") . "<br />" . "nxt_ALLOW_MULTISITE: " . (defined('nxt_ALLOW_MULTISITE') ? constant('nxt_ALLOW_MULTISITE') : "Undefined") . "<br />" . "is_multisite: " . (function_exists('is_multisite') ? is_multisite() : "Undefined")); } //Success! Notify the site admin. $user_login_name = $user_data['user_login']; nxt_new_user_notification($user_login_name); //Run an action so i.e. usermeta can be added to a user after registration do_action('nxtfb_inserted_user', array('nxt_ID' => $user_login_id, 'FB_ID' => $fb_uid, 'facebook' => $facebook, 'nxt_UserData' => $user_data)); } //Tag the user with our meta so we can recognize them next time, without resorting to email hashes update_user_meta($user_login_id, $jfb_uid_meta_name, $fb_uid); $jfb_log .= "nxt: Updated usermeta ({$jfb_uid_meta_name})\n"; //Also store the user's facebook avatar(s), in case the user wants to use them later if ($fbuser['pic_square']) { update_user_meta($user_login_id, 'facebook_avatar_thumb', $fbuser['pic_square']); update_user_meta($user_login_id, 'facebook_avatar_full', $fbuser['pic_big']); $jfb_log .= "nxt: Updated avatars (" . $fbuser['pic_square'] . ")\n"; } else { update_user_meta($user_login_id, 'facebook_avatar_thumb', ''); update_user_meta($user_login_id, 'facebook_avatar_full', ''); $jfb_log .= "FB: User does not have a profile picture; clearing cached avatar (if present).\n";
/** * Edit user settings based on contents of $_POST * * Used on user-edit.php and profile.php to manage and process user options, passwords etc. * * @since 2.0 * * @param int $user_id Optional. User ID. * @return int user id of the updated user */ function edit_user($user_id = 0) { global $nxt_roles, $nxtdb; $user = new stdClass(); if ($user_id) { $update = true; $user->ID = (int) $user_id; $userdata = get_userdata($user_id); $user->user_login = $nxtdb->escape($userdata->user_login); } else { $update = false; } if (!$update && isset($_POST['user_login'])) { $user->user_login = sanitize_user($_POST['user_login'], true); } $pass1 = $pass2 = ''; if (isset($_POST['pass1'])) { $pass1 = $_POST['pass1']; } if (isset($_POST['pass2'])) { $pass2 = $_POST['pass2']; } if (isset($_POST['role']) && current_user_can('edit_users')) { $new_role = sanitize_text_field($_POST['role']); $potential_role = isset($nxt_roles->role_objects[$new_role]) ? $nxt_roles->role_objects[$new_role] : false; // Don't let anyone with 'edit_users' (admins) edit their own role to something without it. // Multisite super admins can freely edit their blog roles -- they possess all caps. if (is_multisite() && current_user_can('manage_sites') || $user_id != get_current_user_id() || $potential_role && $potential_role->has_cap('edit_users')) { $user->role = $new_role; } // If the new role isn't editable by the logged-in user die with error $editable_roles = get_editable_roles(); if (!empty($new_role) && empty($editable_roles[$new_role])) { nxt_die(__('You can’t give users that role.')); } } if (isset($_POST['email'])) { $user->user_email = sanitize_text_field($_POST['email']); } if (isset($_POST['url'])) { if (empty($_POST['url']) || $_POST['url'] == 'http://') { $user->user_url = ''; } else { $user->user_url = esc_url_raw($_POST['url']); $user->user_url = preg_match('/^(https?|ftps?|mailto|news|irc|gopher|nntp|feed|telnet):/is', $user->user_url) ? $user->user_url : 'http://' . $user->user_url; } } if (isset($_POST['first_name'])) { $user->first_name = sanitize_text_field($_POST['first_name']); } if (isset($_POST['last_name'])) { $user->last_name = sanitize_text_field($_POST['last_name']); } if (isset($_POST['nickname'])) { $user->nickname = sanitize_text_field($_POST['nickname']); } if (isset($_POST['display_name'])) { $user->display_name = sanitize_text_field($_POST['display_name']); } if (isset($_POST['description'])) { $user->description = trim($_POST['description']); } foreach (_nxt_get_user_contactmethods($user) as $method => $name) { if (isset($_POST[$method])) { $user->{$method} = sanitize_text_field($_POST[$method]); } } if ($update) { $user->rich_editing = isset($_POST['rich_editing']) && 'false' == $_POST['rich_editing'] ? 'false' : 'true'; $user->admin_color = isset($_POST['admin_color']) ? sanitize_text_field($_POST['admin_color']) : 'fresh'; $user->show_admin_bar_front = isset($_POST['admin_bar_front']) ? 'true' : 'false'; } $user->comment_shortcuts = isset($_POST['comment_shortcuts']) && 'true' == $_POST['comment_shortcuts'] ? 'true' : ''; $user->use_ssl = 0; if (!empty($_POST['use_ssl'])) { $user->use_ssl = 1; } $errors = new nxt_Error(); /* checking that username has been typed */ if ($user->user_login == '') { $errors->add('user_login', __('<strong>ERROR</strong>: Please enter a username.')); } /* checking the password has been typed twice */ do_action_ref_array('check_passwords', array($user->user_login, &$pass1, &$pass2)); if ($update) { if (empty($pass1) && !empty($pass2)) { $errors->add('pass', __('<strong>ERROR</strong>: You entered your new password only once.'), array('form-field' => 'pass1')); } elseif (!empty($pass1) && empty($pass2)) { $errors->add('pass', __('<strong>ERROR</strong>: You entered your new password only once.'), array('form-field' => 'pass2')); } } else { if (empty($pass1)) { $errors->add('pass', __('<strong>ERROR</strong>: Please enter your password.'), array('form-field' => 'pass1')); } elseif (empty($pass2)) { $errors->add('pass', __('<strong>ERROR</strong>: Please enter your password twice.'), array('form-field' => 'pass2')); } } /* Check for "\" in password */ if (false !== strpos(stripslashes($pass1), "\\")) { $errors->add('pass', __('<strong>ERROR</strong>: Passwords may not contain the character "\\".'), array('form-field' => 'pass1')); } /* checking the password has been typed twice the same */ if ($pass1 != $pass2) { $errors->add('pass', __('<strong>ERROR</strong>: Please enter the same password in the two password fields.'), array('form-field' => 'pass1')); } if (!empty($pass1)) { $user->user_pass = $pass1; } if (!$update && isset($_POST['user_login']) && !validate_username($_POST['user_login'])) { $errors->add('user_login', __('<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.')); } if (!$update && username_exists($user->user_login)) { $errors->add('user_login', __('<strong>ERROR</strong>: This username is already registered. Please choose another one.')); } /* checking e-mail address */ if (empty($user->user_email)) { $errors->add('empty_email', __('<strong>ERROR</strong>: Please enter an e-mail address.'), array('form-field' => 'email')); } elseif (!is_email($user->user_email)) { $errors->add('invalid_email', __('<strong>ERROR</strong>: The e-mail address isn’t correct.'), array('form-field' => 'email')); } elseif (($owner_id = email_exists($user->user_email)) && (!$update || $owner_id != $user->ID)) { $errors->add('email_exists', __('<strong>ERROR</strong>: This email is already registered, please choose another one.'), array('form-field' => 'email')); } // Allow plugins to return their own errors. do_action_ref_array('user_profile_update_errors', array(&$errors, $update, &$user)); if ($errors->get_error_codes()) { return $errors; } if ($update) { $user_id = nxt_update_user(get_object_vars($user)); } else { $user_id = nxt_insert_user(get_object_vars($user)); nxt_new_user_notification($user_id, isset($_POST['send_password']) ? $pass1 : ''); } return $user_id; }
$action = $nxt_list_table->current_action(); if ($action) { switch_to_blog($id); switch ($action) { case 'newuser': check_admin_referer('add-user', '_nxtnonce_add-new-user'); $user = $_POST['user']; if (!is_array($_POST['user']) || empty($user['username']) || empty($user['email'])) { $update = 'err_new'; } else { $password = nxt_generate_password(12, false); $user_id = nxtmu_create_user(esc_html(strtolower($user['username'])), $password, esc_html($user['email'])); if (false == $user_id) { $update = 'err_new_dup'; } else { nxt_new_user_notification($user_id, $password); add_user_to_blog($id, $user_id, $_POST['new_role']); $update = 'newuser'; } } break; case 'adduser': check_admin_referer('add-user', '_nxtnonce_add-user'); if (!empty($_POST['newuser'])) { $update = 'adduser'; $newuser = $_POST['newuser']; $userid = $nxtdb->get_var($nxtdb->prepare("SELECT ID FROM " . $nxtdb->users . " WHERE user_login = %s", $newuser)); if ($userid) { $user = $nxtdb->get_var("SELECT user_id FROM " . $nxtdb->usermeta . " WHERE user_id='{$userid}' AND meta_key='{$blog_prefix}capabilities'"); if ($user == false) { add_user_to_blog($id, $userid, $_POST['new_role']);
/** * Create a new NXTClass user with the specified identity URL and user data. * * @param string $identity_url OpenID to associate with the newly * created account * @param array $user_data array of user data */ function openid_create_new_user($identity_url, &$user_data) { global $nxtdb; // Identity URL is new, so create a user @(include_once ABSPATH . 'nxt-admin/upgrade-functions.php'); // 2.1 @(include_once ABSPATH . nxtINC . '/registration-functions.php'); // 2.0.4 // otherwise, try to use preferred username if (empty($username) && array_key_exists('nickname', $user_data)) { $username = openid_generate_new_username($user_data['nickname'], false); } // finally, build username from OpenID URL if (empty($username)) { $username = openid_generate_new_username($identity_url); } $user_data['user_login'] = $username; $user_data['user_pass'] = substr(md5(uniqid(microtime())), 0, 7); $user_id = nxt_insert_user($user_data); if ($user_id) { // created ok $user_data['ID'] = $user_id; // XXX this all looks redundant, see openid_set_current_user $user = new nxt_User($user_id); if (!nxt_login($user->user_login, $user_data['user_pass'])) { openid_message(__('User was created fine, but nxt_login() for the new user failed. This is probably a bug.', 'openid')); openid_status('error'); openid_error(openid_message()); return; } // notify of user creation nxt_new_user_notification($user->user_login); nxt_clearcookie(); nxt_setcookie($user->user_login, md5($user->user_pass), true, '', '', true); // Bind the provided identity to the just-created user openid_add_user_identity($user_id, $identity_url); openid_status('redirect'); if (!$user->has_cap('edit_posts')) { $redirect_to = '/nxt-admin/profile.php'; } } else { // failed to create user for some reason. openid_message(__('OpenID authentication successful, but failed to create NXTClass user. This is probably a bug.', 'openid')); openid_status('error'); openid_error(openid_message()); } }
function bp_core_activate_signup($key) { global $bp, $nxtdb; $user = false; // Multisite installs have their own activation routine if (is_multisite()) { $user = nxtmu_activate_signup($key); // If there were errors, add a message and redirect if (!empty($user->errors)) { return $user; } $user_id = $user['user_id']; // Set any profile data if (bp_is_active('xprofile')) { if (!empty($user['meta']['profile_field_ids'])) { $profile_field_ids = explode(',', $user['meta']['profile_field_ids']); foreach ((array) $profile_field_ids as $field_id) { $current_field = isset($user['meta']["field_{$field_id}"]) ? $user['meta']["field_{$field_id}"] : false; if (!empty($current_field)) { xprofile_set_field_data($field_id, $user_id, $current_field); } } } } } else { // Get the user_id based on the $key $user_id = $nxtdb->get_var($nxtdb->prepare("SELECT user_id FROM {$nxtdb->usermeta} WHERE meta_key = 'activation_key' AND meta_value = %s", $key)); if (empty($user_id)) { return new nxt_Error('invalid_key', __('Invalid activation key', 'buddypress')); } // Change the user's status so they become active if (!$nxtdb->query($nxtdb->prepare("UPDATE {$nxtdb->users} SET user_status = 0 WHERE ID = %d", $user_id))) { return new nxt_Error('invalid_key', __('Invalid activation key', 'buddypress')); } // Notify the site admin of a new user registration nxt_new_user_notification($user_id); // Remove the activation key meta delete_user_meta($user_id, 'activation_key'); } // Update the display_name nxt_update_user(array('ID' => $user_id, 'display_name' => bp_core_get_user_displayname($user_id))); // Set the password on multisite installs if (is_multisite() && !empty($user['meta']['password'])) { $nxtdb->query($nxtdb->prepare("UPDATE {$nxtdb->users} SET user_pass = %s WHERE ID = %d", $user['meta']['password'], $user_id)); } // Delete the total member cache nxt_cache_delete('bp_total_member_count', 'bp'); do_action('bp_core_activated_user', $user_id, $key, $user); return $user_id; }
function do_subscription_shortcode($atts, $content = null, $code = "") { global $nxt_query; $error = array(); $page = addslashes($_REQUEST['action']); $M_options = get_option('membership_options', array()); switch ($page) { case 'validatepage1': // Page 1 of the form has been submitted - validate include_once ABSPATH . nxtINC . '/registration.php'; $required = array('user_login' => __('Username', 'membership'), 'user_email' => __('Email address', 'membership'), 'user_email2' => __('Email address confirmation', 'membership'), 'password' => __('Password', 'membership'), 'password2' => __('Password confirmation', 'membership')); $error = array(); foreach ($required as $key => $message) { if (empty($_POST[$key])) { $error[] = __('Please ensure that the ', 'membership') . "<strong>" . $message . "</strong>" . __(' information is completed.', 'membership'); } } if ($_POST['user_email'] != $_POST['user_email2']) { $error[] = __('Please ensure the email addresses match.', 'membership'); } if ($_POST['password'] != $_POST['password2']) { $error[] = __('Please ensure the passwords match.', 'membership'); } if (username_exists(sanitize_user($_POST['user_login']))) { $error[] = __('That username is already taken, sorry.', 'membership'); } if (email_exists($_POST['user_email'])) { $error[] = __('That email address is already taken, sorry.', 'membership'); } if (function_exists('get_site_option')) { $terms = get_site_option('signup_tos_data'); } else { $terms = ''; } if (!empty($terms)) { if (empty($_POST['tosagree'])) { $error[] = __('You need to agree to the terms of service to register.', 'membership'); } } $error = apply_filters('membership_subscription_form_before_registration_process', $error); if (empty($error)) { // Pre - error reporting check for final add user $user_id = nxt_create_user(sanitize_user($_POST['user_login']), $_POST['password'], $_POST['user_email']); if (is_nxt_error($user_id) && method_exists($userid, 'get_error_message')) { $error[] = $userid->get_error_message(); } else { $member = new M_Membership($user_id); if (empty($M_options['enableincompletesignups']) || $M_options['enableincompletesignups'] != 'yes') { $member->deactivate(); } if (has_action('membership_susbcription_form_registration_notification')) { do_action('membership_susbcription_form_registration_notification', $user_id, $_POST['password']); } else { nxt_new_user_notification($user_id, $_POST['password']); } } } do_action('membership_subscription_form_registration_process', $error, $user_id); if (!empty($error)) { $content .= "<div class='error'>"; $content .= implode('<br/>', $error); $content .= "</div>"; $content .= $this->show_subpage_one(true); } else { // everything seems fine (so far), so we have our queued user so let's // look at picking a subscription. $content .= $this->show_subpage_two($user_id); } break; case 'validatepage1bp': global $bp; include_once ABSPATH . nxtINC . '/registration.php'; $required = array('signup_username' => __('Username', 'membership'), 'signup_email' => __('Email address', 'membership'), 'signup_password' => __('Password', 'membership'), 'signup_password_confirm' => __('Password confirmation', 'membership')); $error = array(); foreach ($required as $key => $message) { if (empty($_POST[$key])) { $error[] = __('Please ensure that the ', 'membership') . "<strong>" . $message . "</strong>" . __(' information is completed.', 'membership'); } } if ($_POST['signup_password'] != $_POST['signup_password_confirm']) { $error[] = __('Please ensure the passwords match.', 'membership'); } if (username_exists(sanitize_user($_POST['signup_username']))) { $error[] = __('That username is already taken, sorry.', 'membership'); } if (email_exists($_POST['signup_email'])) { $error[] = __('That email address is already taken, sorry.', 'membership'); } $meta_array = array(); // xprofile required fields /* Now we've checked account details, we can check profile information */ if (function_exists('xprofile_check_is_required_field')) { /* Make sure hidden field is passed and populated */ if (isset($_POST['signup_profile_field_ids']) && !empty($_POST['signup_profile_field_ids'])) { /* Let's compact any profile field info into an array */ $profile_field_ids = explode(',', $_POST['signup_profile_field_ids']); /* Loop through the posted fields formatting any datebox values then validate the field */ foreach ((array) $profile_field_ids as $field_id) { if (!isset($_POST['field_' . $field_id])) { if (isset($_POST['field_' . $field_id . '_day'])) { $_POST['field_' . $field_id] = strtotime($_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year']); } } /* Create errors for required fields without values */ if (xprofile_check_is_required_field($field_id) && empty($_POST['field_' . $field_id])) { $field = new BP_Xprofile_Field($field_id); $error[] = __('Please ensure that the ', 'membership') . "<strong>" . $field->name . "</strong>" . __(' information is completed.', 'membership'); } $meta_array[$field_id] = $_POST['field_' . $field_id]; } } } $error = apply_filters('membership_subscription_form_before_registration_process', $error); if (empty($error)) { // Pre - error reporting check for final add user $user_id = nxt_create_user(sanitize_user($_POST['signup_username']), $_POST['signup_password'], $_POST['signup_email']); if (is_nxt_error($user_id) && method_exists($userid, 'get_error_message')) { $error[] = $userid->get_error_message(); } else { $member = new M_Membership($user_id); if (empty($M_options['enableincompletesignups']) || $M_options['enableincompletesignups'] != 'yes') { $member->deactivate(); } if (has_action('membership_susbcription_form_registration_notification')) { do_action('membership_susbcription_form_registration_notification', $user_id, $_POST['password']); } else { nxt_new_user_notification($user_id, $_POST['signup_password']); } foreach ((array) $meta_array as $field_id => $field_content) { if (function_exists('xprofile_set_field_data')) { xprofile_set_field_data($field_id, $user_id, $field_content); } } } } do_action('membership_subscription_form_registration_process', $error, $user_id); if (!empty($error)) { $content .= "<div class='error'>"; $content .= implode('<br/>', $error); $content .= "</div>"; $content .= $this->show_subpage_one(true); } else { // everything seems fine (so far), so we have our queued user so let's // look at picking a subscription. $content .= $this->show_subpage_two($user_id); } break; case 'validatepage2': $content = apply_filters('membership_subscription_form_subscription_process', $content, $error); break; case 'page2': case 'page1': default: if (!is_user_logged_in()) { $content .= $this->show_subpage_one(); } else { // logged in check for sub $user = nxt_get_current_user(); $member = new M_Membership($user->ID); if ($member->is_member()) { // This person is a member - display already registered stuff $content .= $this->show_subpage_member(); } else { // Show page two; $content .= $this->show_subpage_two($user->ID); } } break; } $content = apply_filters('membership_subscription_form', $content); return $content; }