Exemple #1
0
/**
 * Appends WP-Members registration fields to Users > Add New User screen.
 *
 * @since 2.9.0
 */
function wpmem_do_wp_newuser_form()
{
    global $wpmem;
    echo '<table class="form-table"><tbody>';
    $wpmem_fields = $wpmem->fields;
    //get_option( 'wpmembers_fields' );
    $exclude = wpmem_get_excluded_meta('register');
    foreach ($wpmem_fields as $field) {
        if ($field[6] == 'n' && !in_array($field[2], $exclude)) {
            $req = $field[5] == 'y' ? ' <span class="description">' . __('(required)') . '</span>' : '';
            echo '<tr>
				<th scope="row">
					<label for="' . $field[2] . '">' . __($field[1], 'wp-members') . $req . '</label>
				</th>
				<td>';
            // determine the field type and generate accordingly.
            switch ($field[3]) {
                case 'select':
                    $val = isset($_POST[$field[2]]) ? $_POST[$field[2]] : '';
                    echo wpmem_create_formfield($field[2], $field[3], $field[7], $val);
                    break;
                case 'textarea':
                    echo '<textarea name="' . $field[2] . '" id="' . $field[2] . '" class="textarea">';
                    echo isset($_POST[$field[2]]) ? esc_textarea($_POST[$field[2]]) : '';
                    echo '</textarea>';
                    break;
                case 'checkbox':
                    $val = isset($_POST[$field[2]]) ? $_POST[$field[2]] : '';
                    $val = !$_POST && $field[8] == 'y' ? $field[7] : $val;
                    echo wpmem_create_formfield($field[2], $field[3], $field[7], $val);
                    break;
                default:
                    echo '<input type="' . $field[3] . '" name="' . $field[2] . '" id="' . $field[2] . '" class="input" value="';
                    echo isset($_POST[$field[2]]) ? esc_attr($_POST[$field[2]]) : '';
                    echo '" size="25" />';
                    break;
            }
            echo '</td>
				</tr>';
        }
    }
    echo '</tbody></table>';
}
Exemple #2
0
/**
 * Builds the email for admin notification of new user registration.
 *
 * @since 2.3
 *
 * @uses wp_mail
 *
 * @param int   $user_id
 * @param array $wpmem_fields
 * @param array $field_data
 */
function wpmem_notify_admin( $user_id, $wpmem_fields, $field_data = null ) {

	global $wpmem;

	// WP default user fields.
	$wp_user_fields = array(
		'user_login',
		'user_nicename',
		'user_url',
		'user_registered',
		'display_name',
		'first_name',
		'last_name',
		'nickname',
		'description',
	);

	// Get the user data.
	$user = get_userdata( $user_id );
	
	// Get the email stored values.
	$arr  = get_option( 'wpmembers_email_notify' );

	// Userdata for default shortcodes.
	$arr['user_id']       = $user_id;
	$arr['user_login']    = stripslashes( $user->user_login );
	$arr['user_email']    = stripslashes( $user->user_email );
	$arr['blogname']      = wp_specialchars_decode( get_option ( 'blogname' ), ENT_QUOTES );
	$arr['user_ip']       = get_user_meta( $user_id, 'wpmem_reg_ip', true );
	$arr['reg_link']      = esc_url( get_user_meta( $user_id, 'wpmem_reg_url', true ) );
	$arr['act_link']      = get_bloginfo ( 'wpurl' ) . "/wp-admin/user-edit.php?user_id=".$user_id;
	$arr['exp_type']      = ( defined( 'WPMEM_EXP_MODULE' ) && $wpmem->use_exp == 1 ) ? get_user_meta( $user_id, 'exp_type', true ) : '';
	$arr['exp_date']      = ( defined( 'WPMEM_EXP_MODULE' ) && $wpmem->use_exp == 1 ) ? get_user_meta( $user_id, 'expires',  true ) : '';
	$arr['do_shortcodes'] = true;
	$arr['add_footer']    = true;
	$arr['disable']       = false;

	// Builds an array of the user data fields.
	$field_arr = array();
	foreach ( $wpmem_fields as $meta ) {
		if ( $meta[4] == 'y' ) {
			$name = $meta[1];
			if ( ! in_array( $meta[2], wpmem_get_excluded_meta( 'email' ) ) ) {
				if ( ( $meta[2] != 'user_email' ) && ( $meta[2] != 'password' ) ) {
					if ( $meta[2] == 'user_url' ) {
						$val = esc_url( $user->user_url );
					} elseif ( in_array( $meta[2], $wp_user_fields ) ) {
						$val = esc_html( $user->$meta[2] );
					} else {
						$val = esc_html( get_user_meta( $user_id, $meta[2], true ) );
					}
					$field_arr[ $name ] = $val;
				}
			}
		}
	}
	$arr['field_arr'] = $field_arr;

	// Apply filters (if set) for the sending email address.
	global $wpmem_mail_from, $wpmem_mail_from_name;
	add_filter( 'wp_mail_from',      'wpmem_mail_from'      );
	add_filter( 'wp_mail_from_name', 'wpmem_mail_from_name' );
	$default_header = ( $wpmem_mail_from && $wpmem_mail_from_name ) ? 'From: ' . $wpmem_mail_from_name . ' <' . $wpmem_mail_from . '>' : '';

	/**
	 * Filters the email headers.
	 *
	 * @since 2.7.4
	 *
	 * @param mixed  $default_header The email headers (default = null).
	 * @param string $toggle         Toggle to determine what email is being generated (newreg|newmod|appmod|repass|admin).
	 */
	$arr['headers'] = apply_filters( 'wpmem_email_headers', $default_header, 'admin' );

	// Handle backward compatibility for customizations that may call the email function directly.
	if ( ! $wpmem_fields ) {
		$wpmem_fields = $wpmem->fields; //get_option( 'wpmembers_fields' );
	}

	/**
	 * Filters the address the admin notification is sent to.
	 *
	 * @since 2.7.5
	 *
	 * @param string The email address of the admin to send to.
	 */
	$arr['admin_email'] = apply_filters( 'wpmem_notify_addr', get_option( 'admin_email' ) );

	/**
	 * Filter the email.
	 *
	 * This is a new and more powerful filter than was previously available for
	 * emails. This new filter passes the email subject, body, user ID, and several
	 * other settings and parameters for use in the filter function. It also passes
	 * an array of the WP-Members fields, and an array of the posted registration
	 * data from the register function.
	 *
	 * @since 2.9.8
	 *
	 * @param array $arr              An array containing email body, subject, user id, and additional settings.
	 * @param array $wpmem_fields     An array of the WP-Members fields.
	 * @param array $arr['field_arr'] An array of the posted registration data.
	 */
	$arr = apply_filters( 'wpmem_notify_filter', $arr, $wpmem_fields, $field_data );

	// If emails are not disabled, continue the email process.
	if ( ! $arr['disable'] ) {

		// Split field_arr into field_str.
		$field_str = '';
		foreach ( $arr['field_arr'] as $key => $val ) {
			$field_str.= $key . ': ' . $val . "\r\n";
		}

		// Get the email footer if needed.
		$foot = ( $arr['add_footer'] ) ? get_option ( 'wpmembers_email_footer' ) : '';

		// If doing shortcode replacements.
		if ( $arr['do_shortcodes'] ) {

			// Setup default shortcodes.
			$shortcd = array(
				'[blogname]',
				'[username]',
				'[email]',
				'[reglink]',
				'[exp-type]',
				'[exp-data]',
				'[user-ip]',
				'[activate-user]',
				'[fields]',
			);

			// Replacement values for default shortcodes.
			$replace = array(
				$arr['blogname'],
				$arr['user_login'],
				$arr['user_email'],
				$arr['reg_link'],
				$arr['exp_type'],
				$arr['exp_date'],
				$arr['user_ip'],
				$arr['act_link'],
				$field_str,
			);

			// Create the custom field shortcodes.
			foreach ( $wpmem_fields as $field ) {
				$shortcd[] = '[' . $field[2] . ']';
				$replace[] = get_user_meta( $user_id, $field[2], true );
			}

			// Get the subject, body, and footer shortcodes.
			$arr['subj'] = str_replace( $shortcd, $replace, $arr['subj'] );
			$arr['body'] = str_replace( $shortcd, $replace, $arr['body'] );
			$foot = ( $arr['add_footer'] ) ? str_replace( $shortcd, $replace, $foot ) : '';
		}

		// Append footer if needed.
		$arr['body'] = ( $arr['add_footer'] ) ? $arr['body'] . "\r\n" . $foot : $arr['body'];

		/**
		 * Filters the admin notification email.
		 *
		 * @since 2.8.2
		 *
		 * @param string $arr['body'] The admin notification email body.
		 */
		$arr['body'] = apply_filters( 'wpmem_email_notify', $arr['body'] );

		// Send the message.
		wp_mail( $arr['admin_email'], stripslashes( $arr['subj'] ), stripslashes( $arr['body'] ), $arr['headers'] );
	}
}
/**
 * Updates WP-Members fields from the WP user profile screen.
 *
 * @since 2.1
 */
function wpmem_admin_update()
{
    global $wpmem;
    $user_id = $_REQUEST['user_id'];
    $wpmem_fields = $wpmem->fields;
    // get_option( 'wpmembers_fields' );
    /**
     * Fires before the user profile is updated.
     *
     * @since 2.9.2
     *
     * @param int   $user_id      The user ID.
     * @param array $wpmem_fields Array of the custom fields.
     */
    do_action('wpmem_admin_pre_user_update', $user_id, $wpmem_fields);
    $fields = array();
    $chk_pass = false;
    foreach ($wpmem_fields as $meta) {
        if ($meta[6] == "n" && $meta[3] != 'password' && $meta[3] != 'checkbox') {
            isset($_POST[$meta[2]]) ? $fields[$meta[2]] = $_POST[$meta[2]] : false;
        } elseif ($meta[2] == 'password' && $meta[4] == 'y') {
            $chk_pass = true;
        } elseif ($meta[3] == 'checkbox') {
            $fields[$meta[2]] = isset($_POST[$meta[2]]) ? $_POST[$meta[2]] : '';
        }
    }
    /**
     * Filter the submitted field values for backend profile update.
     *
     * @since 2.8.2
     *
     * @param array $fields An array of the posted form values.
     * @param int   $user_id The ID of the user being updated.
     */
    $fields = apply_filters('wpmem_admin_profile_update', $fields, $user_id);
    // Get any excluded meta fields.
    $exclude = wpmem_get_excluded_meta('admin-profile');
    foreach ($fields as $key => $val) {
        if (!in_array($key, $exclude)) {
            update_user_meta($user_id, $key, $val);
        }
    }
    if ($wpmem->mod_reg == 1) {
        $wpmem_activate_user = isset($_POST['activate_user']) == '' ? -1 : $_POST['activate_user'];
        if ($wpmem_activate_user == 1) {
            wpmem_a_activate_user($user_id, $chk_pass);
        } elseif ($wpmem_activate_user == 0) {
            wpmem_a_deactivate_user($user_id);
        }
    }
    defined('WPMEM_EXP_MODULE') && $wpmem->use_exp == 1 ? wpmem_a_extend_user($user_id) : '';
    /**
     * Fires after the user profile is updated.
     *
     * @since 2.9.2
     *
     * @param int $user_id The user ID.
     */
    do_action('wpmem_admin_after_user_update', $user_id);
    return;
}
 /**
  * Register function
  *
  * Handles registering new users and updating existing users.
  *
  * @since 2.2.1
  *
  * @param  string $toggle toggles the function between 'register' and 'update'.
  * @global int    $user_ID
  * @global string $wpmem_themsg
  * @global array  $userdata
  * @return string $wpmem_themsg|success|editsuccess
  */
 function wpmem_registration($toggle)
 {
     // get the globals
     global $user_ID, $wpmem_themsg, $userdata;
     // check the nonce
     if (defined('WPMEM_USE_NONCE')) {
         if (empty($_POST) || !wp_verify_nonce($_POST['wpmem-form-submit'], 'wpmem-validate-submit')) {
             $wpmem_themsg = __('There was an error processing the form.', 'wp-members');
             return;
         }
     }
     // is this a registration or a user profile update?
     if ($toggle == 'register') {
         $fields['username'] = isset($_POST['log']) ? sanitize_user($_POST['log']) : '';
     }
     // add the user email to the $fields array for _data hooks
     $fields['user_email'] = isset($_POST['user_email']) ? $_POST['user_email'] : '';
     // build the $fields array from $_POST data
     $wpmem_fields = get_option('wpmembers_fields');
     foreach ($wpmem_fields as $meta) {
         if ($meta[4] == 'y') {
             if ($meta[2] != 'password') {
                 $fields[$meta[2]] = isset($_POST[$meta[2]]) ? sanitize_text_field($_POST[$meta[2]]) : '';
             } else {
                 // we do have password as part of the registration form
                 $fields['password'] = isset($_POST['password']) ? $_POST['password'] : '';
             }
         }
     }
     /**
      * Filter the submitted form field date prior to validation.
      *
      * @since 2.8.2
      *
      * @param array $fields An array of the posted form field data.
      */
     $fields = apply_filters('wpmem_pre_validate_form', $fields);
     // check for required fields
     $wpmem_fields_rev = array_reverse($wpmem_fields);
     foreach ($wpmem_fields_rev as $meta) {
         $pass_arr = array('password', 'confirm_password', 'password_confirm');
         $pass_chk = $toggle == 'update' && in_array($meta[2], $pass_arr) ? true : false;
         if ($meta[5] == 'y' && $pass_chk == false) {
             if (!$fields[$meta[2]]) {
                 $wpmem_themsg = sprintf(__('Sorry, %s is a required field.', 'wp-members'), $meta[1]);
             }
         }
     }
     switch ($toggle) {
         case "register":
             if (is_multisite()) {
                 // multisite has different requirements
                 $result = wpmu_validate_user_signup($fields['username'], $fields['user_email']);
                 $errors = $result['errors'];
                 if ($errors->errors) {
                     $wpmem_themsg = $errors->get_error_message();
                     return $wpmem_themsg;
                     exit;
                 }
             } else {
                 if (!$fields['username']) {
                     $wpmem_themsg = __('Sorry, username is a required field', 'wp-members');
                     return $wpmem_themsg;
                     exit;
                 }
                 if (!validate_username($fields['username'])) {
                     $wpmem_themsg = __('The username cannot include non-alphanumeric characters.', 'wp-members');
                     return $wpmem_themsg;
                     exit;
                 }
                 if (!is_email($fields['user_email'])) {
                     $wpmem_themsg = __('You must enter a valid email address.', 'wp-members');
                     return $wpmem_themsg;
                     exit;
                 }
                 if (username_exists($fields['username'])) {
                     return "user";
                     exit;
                 }
                 if (email_exists($fields['user_email'])) {
                     return "email";
                     exit;
                 }
             }
             if ($wpmem_themsg) {
                 return "empty";
                 exit;
             }
             // if form contains password and email confirmation, validate that they match
             if (array_key_exists('confirm_password', $fields) && $fields['confirm_password'] != $fields['password']) {
                 $wpmem_themsg = __('Passwords did not match.', 'wp-members');
             }
             if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
                 $wpmem_themsg = __('Emails did not match.', 'wp-members');
             }
             $wpmem_captcha = get_option('wpmembers_captcha');
             // get the captcha settings (api keys)
             if (WPMEM_CAPTCHA == 1 && $wpmem_captcha['recaptcha']) {
                 // if captcha is on, check the captcha
                 if ($wpmem_captcha['recaptcha']['public'] && $wpmem_captcha['recaptcha']['private']) {
                     // if there is no api key, the captcha never displayed to the end user
                     if (!$_POST["recaptcha_response_field"]) {
                         // validate for empty captcha field
                         $wpmem_themsg = __('You must complete the CAPTCHA form.', 'wp-members');
                         return "empty";
                         exit;
                     }
                 }
                 // check to see if the recaptcha library has already been loaded by another plugin
                 if (!function_exists('_recaptcha_qsencode')) {
                     require_once 'lib/recaptchalib.php';
                 }
                 $publickey = $wpmem_captcha['recaptcha']['public'];
                 $privatekey = $wpmem_captcha['recaptcha']['private'];
                 // the response from reCAPTCHA
                 $resp = null;
                 // the error code from reCAPTCHA, if any
                 $error = null;
                 if ($_POST["recaptcha_response_field"]) {
                     $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
                     if (!$resp->is_valid) {
                         // set the error code so that we can display it
                         global $wpmem_captcha_err;
                         $wpmem_captcha_err = $resp->error;
                         $wpmem_captcha_err = wpmem_get_captcha_err($wpmem_captcha_err);
                         return "captcha";
                         exit;
                     }
                 }
                 // end check recaptcha
             } elseif (WPMEM_CAPTCHA == 2) {
                 if (defined('REALLYSIMPLECAPTCHA_VERSION')) {
                     /** Validate Really Simple Captcha */
                     $wpmem_captcha = new ReallySimpleCaptcha();
                     // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
                     $wpmem_captcha_prefix = isset($_POST['captcha_prefix']) ? $_POST['captcha_prefix'] : '';
                     // This variable holds the CAPTCHA response, entered by the user
                     $wpmem_captcha_code = isset($_POST['captcha_code']) ? $_POST['captcha_code'] : '';
                     // Check CAPTCHA validity
                     $wpmem_captcha_correct = $wpmem_captcha->check($wpmem_captcha_prefix, $wpmem_captcha_code) ? true : false;
                     // clean up the tmp directory
                     $wpmem_captcha->remove($wpmem_captcha_prefix);
                     $wpmem_captcha->cleanup();
                     // If CAPTCHA validation fails (incorrect value entered in CAPTCHA field), return an error
                     if (!$wpmem_captcha_correct) {
                         $wpmem_themsg = wpmem_get_captcha_err('really-simple');
                         return "empty";
                         exit;
                     }
                 }
             }
             // check for user defined password
             $fields['password'] = !isset($_POST['password']) ? wp_generate_password() : $_POST['password'];
             // add for _data hooks
             $fields['user_registered'] = gmdate('Y-m-d H:i:s');
             $fields['user_role'] = get_option('default_role');
             $fields['wpmem_reg_ip'] = $_SERVER['REMOTE_ADDR'];
             $fields['wpmem_reg_url'] = $_REQUEST['redirect_to'];
             /**
              * these native fields are not installed by default, but if they
              * are added, use the $_POST value - otherwise, default to username. 
              * value can be filtered with wpmem_register_data
              */
             $fields['user_nicename'] = isset($_POST['user_nicename']) ? sanitize_title($_POST['user_nicename']) : $fields['username'];
             $fields['display_name'] = isset($_POST['display_name']) ? sanitize_user($_POST['display_name']) : $fields['username'];
             $fields['nickname'] = isset($_POST['nickname']) ? sanitize_user($_POST['nickname']) : $fields['username'];
             /**
              * Filter registration data after validation before data insertion.
              *
              * @since 2.8.2
              *
              * @param array $fields An array of the registration field data.
              */
             $fields = apply_filters('wpmem_register_data', $fields);
             /**
              * Fires before any insertion/emails.
              *
              * This action is the final step in pre registering a user. This
              * can be used for attaching custom validation to the registration
              * process. It cannot be used for changing any user registration
              * data. Use the wpmem_register_data filter for that.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_pre_register_data', $fields);
             // if the _pre_register_data hook sends back an error message
             if ($wpmem_themsg) {
                 return $wpmem_themsg;
             }
             // main new user fields are ready
             $new_user_fields = array('user_pass' => $fields['password'], 'user_login' => $fields['username'], 'user_nicename' => $fields['user_nicename'], 'user_email' => $fields['user_email'], 'display_name' => $fields['display_name'], 'nickname' => $fields['nickname'], 'user_registered' => $fields['user_registered'], 'role' => $fields['user_role']);
             // get any excluded meta fields
             $excluded_meta = wpmem_get_excluded_meta('register');
             // user_url, first_name, last_name, description, jabber, aim, yim
             $new_user_fields_meta = array('user_url', 'first_name', 'last_name', 'description', 'jabber', 'aim', 'yim');
             foreach ($wpmem_fields as $meta) {
                 if (in_array($meta[2], $new_user_fields_meta)) {
                     if ($meta[4] == 'y' && !in_array($meta[2], $excluded_meta)) {
                         $new_user_fields[$meta[2]] = $fields[$meta[2]];
                     }
                 }
             }
             // inserts to wp_users table
             $fields['ID'] = wp_insert_user($new_user_fields);
             // set remaining fields to wp_usermeta table
             foreach ($wpmem_fields as $meta) {
                 // if the field is not excluded, update accordingly
                 if (!in_array($meta[2], $excluded_meta) && !in_array($meta[2], $new_user_fields_meta)) {
                     if ($meta[4] == 'y' && $meta[2] != 'user_email') {
                         update_user_meta($fields['ID'], $meta[2], $fields[$meta[2]]);
                     }
                 }
             }
             // capture IP address of user at registration
             update_user_meta($fields['ID'], 'wpmem_reg_ip', $fields['wpmem_reg_ip']);
             // store the registration url
             update_user_meta($fields['ID'], 'wpmem_reg_url', $fields['wpmem_reg_url']);
             // set user expiration, if used
             if (WPMEM_USE_EXP == 1 && WPMEM_MOD_REG != 1) {
                 wpmem_set_exp($fields['ID']);
             }
             /**
              * Fires after user insertion but before email.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_post_register_data', $fields);
             require_once 'wp-members-email.php';
             // if this was successful, and you have email properly
             // configured, send a notification email to the user
             wpmem_inc_regemail($fields['ID'], $fields['password'], WPMEM_MOD_REG, $wpmem_fields, $fields);
             // notify admin of new reg, if needed;
             if (WPMEM_NOTIFY_ADMIN == 1) {
                 wpmem_notify_admin($fields['ID'], $wpmem_fields);
             }
             /**
              * Fires after registration is complete.
              *
              * @since 2.7.1
              */
             do_action('wpmem_register_redirect');
             // successful registration message
             return "success";
             exit;
             break;
         case "update":
             if ($wpmem_themsg) {
                 return "updaterr";
                 exit;
             }
             // doing a check for existing email is not the same as a new reg. check first to
             // see if it's different, then check if it is a valid address and it exists.
             global $current_user;
             get_currentuserinfo();
             if ($fields['user_email'] != $current_user->user_email) {
                 if (email_exists($fields['user_email'])) {
                     return "email";
                     exit;
                 }
                 if (!is_email($fields['user_email'])) {
                     $wpmem_themsg = __('You must enter a valid email address.', 'wp-members');
                     return "updaterr";
                     exit;
                 }
             }
             // if form includes email confirmation, validate that they match
             if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
                 $wpmem_themsg = __('Emails did not match.', 'wp-members');
             }
             // add the user_ID to the fields array
             $fields['ID'] = $user_ID;
             /**
              * Filter registration data after validation before data insertion.
              *
              * @since 2.8.2
              *
              * @param array $fields An array of the registration field data.
              */
             $fields = apply_filters('wpmem_register_data', $fields);
             /**
              * Fires before data insertion.
              *
              * This action is the final step in pre updating a user. This
              * can be used for attaching custom validation to the update
              * process. It cannot be used for changing any user update
              * data. Use the wpmem_register_data filter for that.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted update data.
              */
             do_action('wpmem_pre_update_data', $fields);
             // if the _pre_update_data hook sends back an error message
             // @todo - double check this. it should probably return "updaterr" and the hook should globalize wpmem_themsg
             if ($wpmem_themsg) {
                 return $wpmem_themsg;
             }
             // a list of fields that can be updated by wp_update_user
             $native_fields = array('user_nicename', 'user_url', 'user_email', 'display_name', 'nickname', 'first_name', 'last_name', 'description', 'role', 'jabber', 'aim', 'yim');
             $native_update = array('ID' => $user_ID);
             foreach ($wpmem_fields as $meta) {
                 // if the field is not excluded, update accordingly
                 if (!in_array($meta[2], wpmem_get_excluded_meta('update'))) {
                     switch ($meta[2]) {
                         // if the field can be updated by wp_update_user
                         case in_array($meta[2], $native_fields):
                             $fields[$meta[2]] = isset($fields[$meta[2]]) ? $fields[$meta[2]] : '';
                             //wp_update_user( array( 'ID' => $user_ID, $meta[2] => $fields[$meta[2]] ) );
                             $native_update[$meta[2]] = $fields[$meta[2]];
                             break;
                             // if the field is password
                         // if the field is password
                         case 'password':
                             // do nothing...
                             break;
                             // everything else goes into wp_usermeta
                         // everything else goes into wp_usermeta
                         default:
                             if ($meta[4] == 'y') {
                                 update_user_meta($user_ID, $meta[2], $fields[$meta[2]]);
                             }
                             break;
                     }
                 }
             }
             // update wp_update_user fields
             wp_update_user($native_update);
             /**
              * Fires at the end of user update data insertion.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_post_update_data', $fields);
             return "editsuccess";
             exit;
             break;
     }
 }
Exemple #5
0
 /**
  * Register function.
  *
  * Handles registering new users and updating existing users.
  *
  * @since 2.2.1
  *
  * @param  string $toggle toggles the function between 'register' and 'update'.
  * @global int    $user_ID
  * @global string $wpmem_themsg
  * @global array  $userdata
  * @return string $wpmem_themsg|success|editsuccess
  */
 function wpmem_registration($toggle)
 {
     // Get the globals.
     global $user_ID, $wpmem, $wpmem_themsg, $userdata;
     // Check the nonce.
     if (defined('WPMEM_USE_NONCE')) {
         if (empty($_POST) || !wp_verify_nonce($_POST['wpmem-form-submit'], 'wpmem-validate-submit')) {
             $wpmem_themsg = __('There was an error processing the form.', 'wp-members');
             return;
         }
     }
     // Is this a registration or a user profile update?
     if ($toggle == 'register') {
         $fields['username'] = isset($_POST['log']) ? sanitize_user($_POST['log']) : '';
     }
     // Add the user email to the $fields array for _data hooks.
     $fields['user_email'] = isset($_POST['user_email']) ? $_POST['user_email'] : '';
     // Build the $fields array from $_POST data.
     $wpmem_fields = $wpmem->fields;
     // get_option( 'wpmembers_fields' );
     foreach ($wpmem_fields as $meta) {
         if ($meta[4] == 'y') {
             if ($meta[2] != 'password') {
                 $fields[$meta[2]] = isset($_POST[$meta[2]]) ? sanitize_text_field($_POST[$meta[2]]) : '';
             } else {
                 // We do have password as part of the registration form.
                 $fields['password'] = isset($_POST['password']) ? $_POST['password'] : '';
             }
         }
     }
     /**
      * Filter the submitted form field date prior to validation.
      *
      * @since 2.8.2
      *
      * @param array $fields An array of the posted form field data.
      */
     $fields = apply_filters('wpmem_pre_validate_form', $fields);
     // Check for required fields, reverse the array for logical error message order.
     $wpmem_fields_rev = array_reverse($wpmem_fields);
     foreach ($wpmem_fields_rev as $meta) {
         $pass_arr = array('password', 'confirm_password', 'password_confirm');
         $pass_chk = $toggle == 'update' && in_array($meta[2], $pass_arr) ? true : false;
         if ($meta[5] == 'y' && $pass_chk == false) {
             if (!$fields[$meta[2]]) {
                 $wpmem_themsg = sprintf(__('Sorry, %s is a required field.', 'wp-members'), $meta[1]);
             }
         }
     }
     switch ($toggle) {
         case "register":
             if (is_multisite()) {
                 // Multisite has different requirements.
                 $result = wpmu_validate_user_signup($fields['username'], $fields['user_email']);
                 $errors = $result['errors'];
                 if ($errors->errors) {
                     $wpmem_themsg = $errors->get_error_message();
                     return $wpmem_themsg;
                     exit;
                 }
             } else {
                 // Validate username and email fields.
                 $wpmem_themsg = email_exists($fields['user_email']) ? "email" : $wpmem_themsg;
                 $wpmem_themsg = username_exists($fields['username']) ? "user" : $wpmem_themsg;
                 $wpmem_themsg = !is_email($fields['user_email']) ? __('You must enter a valid email address.', 'wp-members') : $wpmem_themsg;
                 $wpmem_themsg = !validate_username($fields['username']) ? __('The username cannot include non-alphanumeric characters.', 'wp-members') : $wpmem_themsg;
                 $wpmem_themsg = !$fields['username'] ? __('Sorry, username is a required field', 'wp-members') : $wpmem_themsg;
                 // If there is an error from username, email, or required field validation, stop registration and return the error.
                 if ($wpmem_themsg) {
                     return $wpmem_themsg;
                     exit;
                 }
             }
             // If form contains password and email confirmation, validate that they match.
             if (array_key_exists('confirm_password', $fields) && $fields['confirm_password'] != $fields['password']) {
                 $wpmem_themsg = __('Passwords did not match.', 'wp-members');
             }
             if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
                 $wpmem_themsg = __('Emails did not match.', 'wp-members');
             }
             // Get the captcha settings (api keys).
             $wpmem_captcha = get_option('wpmembers_captcha');
             // If captcha is on, check the captcha.
             if ($wpmem->captcha == 1 && $wpmem_captcha['recaptcha']) {
                 // If there is no api key, the captcha never displayed to the end user.
                 if ($wpmem_captcha['recaptcha']['public'] && $wpmem_captcha['recaptcha']['private']) {
                     if (!$_POST["recaptcha_response_field"]) {
                         // validate for empty captcha field
                         $wpmem_themsg = __('You must complete the CAPTCHA form.', 'wp-members');
                         return "empty";
                         exit;
                     }
                 }
                 // Check to see if the recaptcha library has already been loaded by another plugin.
                 if (!function_exists('_recaptcha_qsencode')) {
                     require_once WPMEM_PATH . 'lib/recaptchalib.php';
                 }
                 $publickey = $wpmem_captcha['recaptcha']['public'];
                 $privatekey = $wpmem_captcha['recaptcha']['private'];
                 // The response from reCAPTCHA.
                 $resp = null;
                 // The error code from reCAPTCHA, if any.
                 $error = null;
                 if ($_POST["recaptcha_response_field"]) {
                     $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
                     if (!$resp->is_valid) {
                         // Set the error code so that we can display it.
                         global $wpmem_captcha_err;
                         $wpmem_captcha_err = $resp->error;
                         $wpmem_captcha_err = wpmem_get_captcha_err($wpmem_captcha_err);
                         return "captcha";
                         exit;
                     }
                 }
                 // End check recaptcha.
             } elseif ($wpmem->captcha == 2) {
                 if (defined('REALLYSIMPLECAPTCHA_VERSION')) {
                     // Validate Really Simple Captcha.
                     $wpmem_captcha = new ReallySimpleCaptcha();
                     // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer.
                     $wpmem_captcha_prefix = isset($_POST['captcha_prefix']) ? $_POST['captcha_prefix'] : '';
                     // This variable holds the CAPTCHA response, entered by the user.
                     $wpmem_captcha_code = isset($_POST['captcha_code']) ? $_POST['captcha_code'] : '';
                     // Check CAPTCHA validity.
                     $wpmem_captcha_correct = $wpmem_captcha->check($wpmem_captcha_prefix, $wpmem_captcha_code) ? true : false;
                     // Clean up the tmp directory.
                     $wpmem_captcha->remove($wpmem_captcha_prefix);
                     $wpmem_captcha->cleanup();
                     // If CAPTCHA validation fails (incorrect value entered in CAPTCHA field), return an error.
                     if (!$wpmem_captcha_correct) {
                         $wpmem_themsg = wpmem_get_captcha_err('really-simple');
                         return "empty";
                         exit;
                     }
                 }
             } elseif ($wpmem->captcha == 3 && $wpmem_captcha['recaptcha']) {
                 // Get the captcha response.
                 if (isset($_POST['g-recaptcha-response'])) {
                     $captcha = $_POST['g-recaptcha-response'];
                 }
                 // If there is no captcha value, return error.
                 if (!$captcha) {
                     $wpmem_themsg = __('You must complete the CAPTCHA form.', 'wp-members');
                     return "empty";
                     exit;
                 }
                 // We need the private key for validation.
                 $privatekey = $wpmem_captcha['recaptcha']['private'];
                 // Validate the captcha.
                 $response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=" . $privatekey . "&response=" . $captcha . "&remoteip=" . $_SERVER['REMOTE_ADDR']);
                 // Decode the json response.
                 $response = json_decode($response, true);
                 // If captcha validation was unsuccessful.
                 if ($response['success'] == false) {
                     $wpmem_themsg = __('CAPTCHA was not valid.', 'wp-members');
                     return "empty";
                     exit;
                 }
             }
             // Check for user defined password.
             $fields['password'] = !isset($_POST['password']) ? wp_generate_password() : $_POST['password'];
             // Add for _data hooks
             $fields['user_registered'] = gmdate('Y-m-d H:i:s');
             $fields['user_role'] = get_option('default_role');
             $fields['wpmem_reg_ip'] = $_SERVER['REMOTE_ADDR'];
             $fields['wpmem_reg_url'] = isset($_REQUEST['wpmem_reg_page']) ? $_REQUEST['wpmem_reg_page'] : $_REQUEST['redirect_to'];
             /*
              * These native fields are not installed by default, but if they
              * are added, use the $_POST value - otherwise, default to username.
              * Value can be filtered with wpmem_register_data.
              */
             $fields['user_nicename'] = isset($_POST['user_nicename']) ? sanitize_title($_POST['user_nicename']) : $fields['username'];
             $fields['display_name'] = isset($_POST['display_name']) ? sanitize_user($_POST['display_name']) : $fields['username'];
             $fields['nickname'] = isset($_POST['nickname']) ? sanitize_user($_POST['nickname']) : $fields['username'];
             /**
              * Filter registration data after validation before data insertion.
              *
              * @since 2.8.2
              *
              * @param array  $fields An array of the registration field data.
              * @param string $toggle A switch to indicate the action (new|edit).
              */
             $fields = apply_filters('wpmem_register_data', $fields, 'new');
             /**
              * Fires before any insertion/emails.
              *
              * This action is the final step in pre registering a user. This
              * can be used for attaching custom validation to the registration
              * process. It cannot be used for changing any user registration
              * data. Use the wpmem_register_data filter for that.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_pre_register_data', $fields);
             // If the _pre_register_data hook sends back an error message.
             if ($wpmem_themsg) {
                 return $wpmem_themsg;
             }
             // Main new user fields are ready.
             $new_user_fields = array('user_pass' => $fields['password'], 'user_login' => $fields['username'], 'user_nicename' => $fields['user_nicename'], 'user_email' => $fields['user_email'], 'display_name' => $fields['display_name'], 'nickname' => $fields['nickname'], 'user_registered' => $fields['user_registered'], 'role' => $fields['user_role']);
             // Get any excluded meta fields.
             $excluded_meta = wpmem_get_excluded_meta('register');
             // Fields for wp_insert_user: user_url, first_name, last_name, description, jabber, aim, yim.
             $new_user_fields_meta = array('user_url', 'first_name', 'last_name', 'description', 'jabber', 'aim', 'yim');
             foreach ($wpmem_fields as $meta) {
                 if (in_array($meta[2], $new_user_fields_meta)) {
                     if ($meta[4] == 'y' && !in_array($meta[2], $excluded_meta)) {
                         $new_user_fields[$meta[2]] = $fields[$meta[2]];
                     }
                 }
             }
             // Inserts to wp_users table.
             $fields['ID'] = wp_insert_user($new_user_fields);
             // Set remaining fields to wp_usermeta table.
             foreach ($wpmem_fields as $meta) {
                 // If the field is not excluded, update accordingly.
                 if (!in_array($meta[2], $excluded_meta) && !in_array($meta[2], $new_user_fields_meta)) {
                     if ($meta[4] == 'y' && $meta[2] != 'user_email') {
                         update_user_meta($fields['ID'], $meta[2], $fields[$meta[2]]);
                     }
                 }
             }
             // Capture IP address of user at registration.
             update_user_meta($fields['ID'], 'wpmem_reg_ip', $fields['wpmem_reg_ip']);
             // Store the registration url.
             update_user_meta($fields['ID'], 'wpmem_reg_url', $fields['wpmem_reg_url']);
             // Set user expiration, if used.
             if ($wpmem->use_exp == 1 && $wpmem->mod_reg != 1) {
                 wpmem_set_exp($fields['ID']);
             }
             /**
              * Fires after user insertion but before email.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_post_register_data', $fields);
             require_once WPMEM_PATH . 'inc/email.php';
             /*
              * If this was successful, and you have email properly
              * configured, send a notification email to the user.
              */
             wpmem_inc_regemail($fields['ID'], $fields['password'], $wpmem->mod_reg, $wpmem_fields, $fields);
             // Notify admin of new reg, if needed.
             if ($wpmem->notify == 1) {
                 wpmem_notify_admin($fields['ID'], $wpmem_fields);
             }
             /**
              * Fires after registration is complete.
              *
              * @since 2.7.1
              */
             do_action('wpmem_register_redirect');
             // successful registration message
             return "success";
             exit;
             break;
         case "update":
             if ($wpmem_themsg) {
                 return "updaterr";
                 exit;
             }
             /*
              * Doing a check for existing email is not the same as a new reg. check first to 
              * see if it's different, then check if it is a valid address and it exists.
              */
             global $current_user;
             get_currentuserinfo();
             if ($fields['user_email'] != $current_user->user_email) {
                 if (email_exists($fields['user_email'])) {
                     return "email";
                     exit;
                 }
                 if (!is_email($fields['user_email'])) {
                     $wpmem_themsg = __('You must enter a valid email address.', 'wp-members');
                     return "updaterr";
                     exit;
                 }
             }
             // If form includes email confirmation, validate that they match.
             if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
                 $wpmem_themsg = __('Emails did not match.', 'wp-members');
             }
             // Add the user_ID to the fields array.
             $fields['ID'] = $user_ID;
             /**
              * Filter registration data after validation before data insertion.
              *
              * @since 2.8.2
              *
              * @param array  $fields An array of the registration field data.
              * @param string $toggle A switch to indicate the action (new|edit).
              */
             $fields = apply_filters('wpmem_register_data', $fields, 'edit');
             /**
              * Fires before data insertion.
              *
              * This action is the final step in pre updating a user. This
              * can be used for attaching custom validation to the update
              * process. It cannot be used for changing any user update
              * data. Use the wpmem_register_data filter for that.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted update data.
              */
             do_action('wpmem_pre_update_data', $fields);
             /*
              * If the _pre_update_data hook sends back an error message.
              * @todo - double check this. it should probably return "updaterr" and the hook should globalize wpmem_themsg
              */
             if ($wpmem_themsg) {
                 return $wpmem_themsg;
             }
             // A list of fields that can be updated by wp_update_user.
             $native_fields = array('user_nicename', 'user_url', 'user_email', 'display_name', 'nickname', 'first_name', 'last_name', 'description', 'role', 'jabber', 'aim', 'yim');
             $native_update = array('ID' => $user_ID);
             foreach ($wpmem_fields as $meta) {
                 // If the field is not excluded, update accordingly.
                 if (!in_array($meta[2], wpmem_get_excluded_meta('update'))) {
                     switch ($meta[2]) {
                         // If the field can be updated by wp_update_user.
                         case in_array($meta[2], $native_fields):
                             $fields[$meta[2]] = isset($fields[$meta[2]]) ? $fields[$meta[2]] : '';
                             $native_update[$meta[2]] = $fields[$meta[2]];
                             break;
                             // If the field is password.
                         // If the field is password.
                         case 'password':
                             // Do nothing.
                             break;
                             // Everything else goes into wp_usermeta.
                         // Everything else goes into wp_usermeta.
                         default:
                             if ($meta[4] == 'y') {
                                 update_user_meta($user_ID, $meta[2], $fields[$meta[2]]);
                             }
                             break;
                     }
                 }
             }
             // Update wp_update_user fields.
             wp_update_user($native_update);
             /**
              * Fires at the end of user update data insertion.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_post_update_data', $fields);
             return "editsuccess";
             exit;
             break;
     }
 }
Exemple #6
0
 /**
  * Builds the email for admin notification of new user registration.
  *
  * @since 2.3
  *
  * @global object $wpmem                The WP_Members object.
  * @global string $wpmem_mail_from      The email from address.
  * @global string $wpmem_mail_from_name The email from name.
  * @param  int    $user_ID              The User's ID.
  * @param  array  $wpmem_fields         Array of the WP-Members fields (defaults to null).
  * @param  array  $fields               Array of the registration data (defaults to null).
  */
 function wpmem_notify_admin($user_id, $wpmem_fields, $field_data = null)
 {
     global $wpmem;
     // WP default user fields.
     $wp_user_fields = array('user_login', 'user_nicename', 'user_url', 'user_registered', 'display_name', 'first_name', 'last_name', 'nickname', 'description');
     // Get the user data.
     $user = get_userdata($user_id);
     // Get the email stored values.
     $arr = get_option('wpmembers_email_notify');
     // Userdata for default shortcodes.
     $arr['user_id'] = $user_id;
     $arr['user_login'] = stripslashes($user->user_login);
     $arr['user_email'] = stripslashes($user->user_email);
     $arr['blogname'] = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
     $arr['user_ip'] = is_array($field_data) ? $field_data['wpmem_reg_ip'] : get_user_meta($user_id, 'wpmem_reg_ip', true);
     $arr['reg_link'] = esc_url(get_user_meta($user_id, 'wpmem_reg_url', true));
     $arr['act_link'] = esc_url(add_query_arg('user_id', $user_id, get_admin_url('', 'user-edit.php')));
     $arr['exp_type'] = defined('WPMEM_EXP_MODULE') && $wpmem->use_exp == 1 ? get_user_meta($user_id, 'exp_type', true) : '';
     $arr['exp_date'] = defined('WPMEM_EXP_MODULE') && $wpmem->use_exp == 1 ? get_user_meta($user_id, 'expires', true) : '';
     $arr['do_shortcodes'] = true;
     $arr['add_footer'] = true;
     $arr['footer'] = get_option('wpmembers_email_footer');
     $arr['disable'] = false;
     // Builds an array of the user data fields.
     $field_arr = array();
     foreach ($wpmem_fields as $field) {
         if ($field[4] == 'y') {
             $meta_key = $field[2];
             if (!in_array($meta_key, wpmem_get_excluded_meta('email'))) {
                 if ($meta_key != 'user_email' && $meta_key != 'password') {
                     if ($meta_key == 'user_url') {
                         $val = esc_url($user->user_url);
                     } elseif (in_array($meta_key, $wp_user_fields)) {
                         $val = esc_html($user->{$meta_key});
                     } elseif ('file' == $field[3] || 'image' == $field[3]) {
                         $val = wp_get_attachment_url(get_user_meta($user_id, $meta_key, true));
                     } else {
                         $val = is_array($field_data) ? esc_html($field_data[$meta_key]) : esc_html(get_user_meta($user_id, $meta_key, true));
                     }
                     $field_arr[$field[1]] = $val;
                 }
             }
         }
     }
     $arr['field_arr'] = $field_arr;
     // Apply filters (if set) for the sending email address.
     $default_header = $wpmem->email['from'] && $wpmem->email['from_name'] ? 'From: "' . $wpmem->email['from_name'] . '" <' . $wpmem->email['from'] . '>' : '';
     /** This filter is documented in email.php */
     $arr['headers'] = apply_filters('wpmem_email_headers', $default_header, 'admin');
     // Handle backward compatibility for customizations that may call the email function directly.
     if (!$wpmem_fields) {
         $wpmem_fields = $wpmem->fields;
     }
     /**
      * Filters the address the admin notification is sent to.
      *
      * @since 2.7.5
      *
      * @param string The email address of the admin to send to.
      */
     $arr['admin_email'] = apply_filters('wpmem_notify_addr', get_option('admin_email'));
     /**
      * Filter the email.
      *
      * This is a new and more powerful filter than was previously available for
      * emails. This new filter passes the email subject, body, user ID, and several
      * other settings and parameters for use in the filter function. It also passes
      * an array of the WP-Members fields, and an array of the posted registration
      * data from the register function.
      *
      * @since 2.9.8
      *
      * @param array $arr              An array containing email body, subject, user id, and additional settings.
      * @param array $wpmem_fields     An array of the WP-Members fields.
      * @param array $arr['field_arr'] An array of the posted registration data.
      */
     $arr = apply_filters('wpmem_notify_filter', $arr, $wpmem_fields, $field_data);
     // If emails are not disabled, continue the email process.
     if (!$arr['disable']) {
         // Split field_arr into field_str.
         $field_str = '';
         foreach ($arr['field_arr'] as $key => $val) {
             $field_str .= $key . ': ' . $val . "\r\n";
         }
         // Get the email footer if needed.
         $foot = $arr['add_footer'] ? $arr['footer'] : '';
         // If doing shortcode replacements.
         if ($arr['do_shortcodes']) {
             $shortcodes = array('blogname' => $arr['blogname'], 'username' => $arr['user_login'], 'email' => $arr['user_email'], 'reglink' => $arr['reg_link'], 'exp-type' => $arr['exp_type'], 'exp-data' => $arr['exp_date'], 'exp-date' => $arr['exp_date'], 'user-ip' => $arr['user_ip'], 'activate-user' => $arr['act_link'], 'fields' => $field_str);
             // Add custom field shortcodes.
             foreach ($wpmem_fields as $field) {
                 $meta_key = $field[2];
                 $val = is_array($field_data) && 'y' == $field[4] ? $field_data[$meta_key] : get_user_meta($user_id, $meta_key, true);
                 $shortcodes[$key] = $val;
             }
             /**
              * Filter available email shortcodes.
              *
              * @since 3.1.0
              *
              * @param array  $shortcodes
              * @param string $toggle
              */
             $shortcodes = apply_filters('wpmem_email_shortcodes', $shortcodes, 'notify');
             $shortcd = array();
             $replace = array();
             foreach ($shortcodes as $key => $val) {
                 // Shortcodes.
                 $shortcd[] = '[' . $key . ']';
                 // Replacement values.
                 $replace[] = $val;
             }
             // Create the custom field shortcodes.
             foreach ($wpmem_fields as $field) {
                 $meta_key = $field[2];
                 $shortcd[] = '[' . $meta_key . ']';
                 $replace[] = is_array($field_data) && 'y' == $field[4] ? $field_data[$meta_key] : get_user_meta($user_id, $meta_key, true);
             }
             // Get the subject, body, and footer shortcodes.
             $arr['subj'] = str_replace($shortcd, $replace, $arr['subj']);
             $arr['body'] = str_replace($shortcd, $replace, $arr['body']);
             $foot = $arr['add_footer'] ? str_replace($shortcd, $replace, $foot) : '';
         }
         // Append footer if needed.
         $arr['body'] = $arr['add_footer'] ? $arr['body'] . "\r\n" . $foot : $arr['body'];
         /**
          * Filters the admin notification email.
          *
          * @since 2.8.2
          *
          * @param string $arr['body'] The admin notification email body.
          */
         $arr['body'] = apply_filters('wpmem_email_notify', $arr['body']);
         // Apply from and from name email filters.
         add_filter('wp_mail_from', 'wpmem_mail_from');
         add_filter('wp_mail_from_name', 'wpmem_mail_from_name');
         // Send the message.
         wp_mail($arr['admin_email'], stripslashes($arr['subj']), stripslashes($arr['body']), $arr['headers']);
     }
 }
/**
 * Inserts registration data from the native WP registration
 *
 * @since 2.8.3
 *
 * @param $user_id
 */
function wpmem_wp_reg_finalize($user_id)
{
    $native_reg = isset($_POST['wp-submit']) && $_POST['wp-submit'] == 'Register' ? true : false;
    $add_new = isset($_POST['action']) && $_POST['action'] == 'createuser' ? true : false;
    if ($native_reg || $add_new) {
        // get the fields
        $wpmem_fields = get_option('wpmembers_fields');
        // get any excluded meta fields
        $exclude = wpmem_get_excluded_meta('register');
        foreach ($wpmem_fields as $meta) {
            if (isset($_POST[$meta[2]]) && !in_array($meta[2], $exclude)) {
                update_user_meta($user_id, $meta[2], sanitize_text_field($_POST[$meta[2]]));
            }
        }
    }
    return;
}
Exemple #8
0
/**
 * updates WP-Members fields from the WP user profile screen
 *
 * @since 2.6.5
 *
 * @global int $user_id
 */
function wpmem_profile_update()
{
    global $user_id;
    // get the fields
    $wpmem_fields = get_option('wpmembers_fields');
    // get any excluded meta fields
    $exclude = wpmem_get_excluded_meta('user-profile');
    foreach ($wpmem_fields as $meta) {
        // if this is not an excluded meta field
        if (!in_array($meta[2], $exclude)) {
            // if the field is user editable,
            if ($meta[4] == "y" && $meta[6] == "n" && $meta[3] != 'password') {
                // check for required fields
                $chk = '';
                if ($meta[5] == "n" || !$meta[5]) {
                    $chk = 'ok';
                }
                if ($meta[5] == "y" && $_POST[$meta[2]] != '') {
                    $chk = 'ok';
                }
                // check for field value
                $field_val = isset($_POST[$meta[2]]) ? $_POST[$meta[2]] : '';
                if ($chk == 'ok') {
                    update_user_meta($user_id, $meta[2], $field_val);
                }
            }
        }
    }
}
Exemple #9
0
/**
 * Inserts registration data from the native WP registration.
 *
 * @since 2.8.3
 * @since 3.1.1 Added new 3.1 field types and activate user support.
 *
 * @todo Compartmentalize file upload along with main register function.
 *
 * @global object $wpmem The WP-Members object class.
 * @param int $user_id The WP user ID.
 */
function wpmem_wp_reg_finalize($user_id)
{
    global $wpmem;
    $native_reg = isset($_POST['wp-submit']) && $_POST['wp-submit'] == esc_attr(__('Register')) ? true : false;
    $add_new = isset($_POST['action']) && $_POST['action'] == 'createuser' ? true : false;
    if ($native_reg || $add_new) {
        // Get any excluded meta fields.
        $exclude = wpmem_get_excluded_meta('register');
        foreach ($wpmem->fields as $meta) {
            if (isset($_POST[$meta[2]]) && !in_array($meta[2], $exclude) && 'file' != $meta[3] && 'image' != $meta[3]) {
                if ('multiselect' == $meta[3] || 'multicheckbox' == $meta[3]) {
                    $delimiter = isset($meta[8]) ? $meta[8] : '|';
                    $data = implode($delimiter, $_POST[$meta[2]]);
                } else {
                    $data = $_POST[$meta[2]];
                }
                update_user_meta($user_id, $meta[2], sanitize_text_field($data));
            }
        }
        // If moderated registration and activate is checked, set active flags.
        if (is_admin() && $add_new && 1 == $wpmem->mod_reg && isset($_POST['activate_user'])) {
            update_user_meta($user_id, 'active', 1);
            wpmem_set_user_status($user_id, 0);
        }
    }
    return;
}
Exemple #10
0
/**
 * Inserts registration data from the native WP registration.
 *
 * @since 2.8.3
 *
 * @global object $wpmem The WP-Members object class.
 *
 * @param int $user_id The WP user ID.
 */
function wpmem_wp_reg_finalize($user_id)
{
    global $wpmem;
    $native_reg = isset($_POST['wp-submit']) && $_POST['wp-submit'] == esc_attr(__('Register')) ? true : false;
    $add_new = isset($_POST['action']) && $_POST['action'] == 'createuser' ? true : false;
    if ($native_reg || $add_new) {
        // Get any excluded meta fields.
        // @todo This needs to change to $wpmem->excluded_fields($tag).
        $exclude = wpmem_get_excluded_meta('register');
        foreach ($wpmem->fields as $meta) {
            if (isset($_POST[$meta[2]]) && !in_array($meta[2], $exclude)) {
                update_user_meta($user_id, $meta[2], sanitize_text_field($_POST[$meta[2]]));
            }
        }
    }
    return;
}
 /**
  * Builds the email for admin notification of new user registration
  *
  * @since 2.3
  *
  * @uses wp_mail
  *
  * @param int $user_id
  * @param array $wpmem_fields
  */
 function wpmem_notify_admin($user_id, $wpmem_fields)
 {
     $wp_user_fields = array('user_login', 'user_nicename', 'user_url', 'user_registered', 'display_name', 'first_name', 'last_name', 'nickname', 'description');
     $user = get_userdata($user_id);
     $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
     $user_ip = get_user_meta($user_id, 'wpmem_reg_ip', true);
     $reg_link = esc_url(get_user_meta($user_id, 'wpmem_reg_url', true));
     $act_link = get_bloginfo('wpurl') . "/wp-admin/user-edit.php?user_id=" . $user_id;
     $exp_type = WPMEM_USE_EXP == 1 ? get_user_meta($user_id, 'exp_type', 'true') : '';
     $exp_date = WPMEM_USE_EXP == 1 ? get_user_meta($user_id, 'expires', 'true') : '';
     $field_str = '';
     foreach ($wpmem_fields as $meta) {
         if ($meta[4] == 'y') {
             $name = $meta[1];
             if (!in_array($meta[2], wpmem_get_excluded_meta('email'))) {
                 if ($meta[2] != 'user_email' && $meta[2] != 'password') {
                     if ($meta[2] == 'user_url') {
                         $val = esc_url($user->user_url);
                     } elseif (in_array($meta[2], $wp_user_fields)) {
                         $val = esc_html($user->{$meta}[2]);
                     } else {
                         $val = esc_html(get_user_meta($user_id, $meta[2], 'true'));
                     }
                     $field_str .= "{$name}: {$val} \r\n";
                 }
             }
         }
     }
     /** Setup default shortcodes */
     $shortcd = array('[blogname]', '[username]', '[email]', '[reglink]', '[exp-type]', '[exp-data]', '[user-ip]', '[activate-user]', '[fields]');
     $replace = array($blogname, $user->user_login, $user->user_email, $reg_link, $exp_type, $exp_date, $user_ip, $act_link, $field_str);
     /** create the custom field shortcodes */
     foreach ($wpmem_fields as $field) {
         $shortcd[] = '[' . $field[2] . ']';
         $replace[] = get_user_meta($user_id, $field[2], true);
     }
     $arr = get_option('wpmembers_email_notify');
     $subj = str_replace($shortcd, $replace, $arr['subj']);
     $body = str_replace($shortcd, $replace, $arr['body']);
     $foot = get_option('wpmembers_email_footer');
     $foot = str_replace($shortcd, $replace, $foot);
     $body .= "\r\n" . $foot;
     /**
      * Filters the admin notification email.
      *
      * @since 2.8.2
      *
      * @param string $body The admin notification email body.
      */
     $body = apply_filters('wpmem_email_notify', $body);
     /* Apply filters (if set) for the sending email address */
     add_filter('wp_mail_from', 'wpmem_mail_from');
     add_filter('wp_mail_from_name', 'wpmem_mail_from_name');
     /**
      * Filters the address the admin notification is sent to.
      *
      * @since 2.7.5
      *
      * @param string The email address of the admin to send to.
      */
     $admin_email = apply_filters('wpmem_notify_addr', get_option('admin_email'));
     /**
      * Filters the email headers.
      *
      * @since 2.7.4
      *
      * @param mixed The email headers (default = null).
      */
     $headers = apply_filters('wpmem_email_headers', '');
     /* Send the message */
     wp_mail($admin_email, stripslashes($subj), stripslashes($body), $headers);
 }
Exemple #12
0
/**
 * updates WP-Members fields from the WP user profile screen.
 *
 * @since 2.6.5
 *
 * @global int $user_id
 */
function wpmem_profile_update()
{
    global $wpmem, $user_id;
    // Get the fields.
    $wpmem_fields = $wpmem->fields;
    //get_option( 'wpmembers_fields' );
    // Get any excluded meta fields.
    $exclude = wpmem_get_excluded_meta('user-profile');
    foreach ($wpmem_fields as $meta) {
        // If this is not an excluded meta field.
        if (!in_array($meta[2], $exclude)) {
            // If the field is user editable.
            if ($meta[4] == "y" && $meta[6] == "n" && $meta[3] != 'password' && $meta[3] != 'file' && $meta[3] != 'image') {
                // Check for required fields.
                $chk = '';
                if ($meta[5] == "n" || !$meta[5]) {
                    $chk = 'ok';
                }
                if ($meta[5] == "y" && $_POST[$meta[2]] != '') {
                    $chk = 'ok';
                }
                // Check for field value.
                if ($meta[3] == 'multiselect' || $meta[3] == 'multicheckbox') {
                    $field_val = isset($_POST[$meta[2]]) ? implode('|', $_POST[$meta[2]]) : '';
                } else {
                    $field_val = isset($_POST[$meta[2]]) ? $_POST[$meta[2]] : '';
                }
                if ($chk == 'ok') {
                    update_user_meta($user_id, $meta[2], $field_val);
                }
            }
        }
    }
}
Exemple #13
0
/**
 * Appends WP-Members registration fields to Users > Add New User screen.
 *
 * @since 2.9.0
 * @since 3.1.1 Updated to support new (3.1.0) field types and user activation.
 */
function wpmem_do_wp_newuser_form()
{
    global $wpmem;
    echo '<table class="form-table"><tbody>';
    $wpmem_fields = $wpmem->fields;
    //get_option( 'wpmembers_fields' );
    $exclude = wpmem_get_excluded_meta('register');
    foreach ($wpmem_fields as $field) {
        $meta_key = $field[2];
        if ($field[6] == 'n' && !in_array($meta_key, $exclude)) {
            $req = $field[5] == 'y' ? ' <span class="description">' . __('(required)') . '</span>' : '';
            echo '<tr>
				<th scope="row">
					<label for="' . $meta_key . '">' . __($field[1], 'wp-members') . $req . '</label>
				</th>
				<td>';
            // determine the field type and generate accordingly.
            switch ($field[3]) {
                case 'select':
                    $val = isset($_POST[$meta_key]) ? $_POST[$meta_key] : '';
                    echo wpmem_create_formfield($meta_key, $field[3], $field[7], $val);
                    break;
                case 'textarea':
                    echo '<textarea name="' . $meta_key . '" id="' . $meta_key . '" class="textarea">';
                    echo isset($_POST[$meta_key]) ? esc_textarea($_POST[$meta_key]) : '';
                    echo '</textarea>';
                    break;
                case 'checkbox':
                    $val = isset($_POST[$meta_key]) ? $_POST[$meta_key] : '';
                    $val = !$_POST && $field[8] == 'y' ? $field[7] : $val;
                    echo wpmem_create_formfield($meta_key, $field[3], $field[7], $val);
                    break;
                case 'multiselect':
                case 'multicheckbox':
                case 'radio':
                    $valtochk = isset($_POST[$meta_key]) ? $_POST[$meta_key] : '';
                    $formfield_args = array('name' => $meta_key, 'type' => $field[3], 'value' => $field[7], 'compare' => $valtochk, 'required' => 'y' == $field[5] ? true : false);
                    if ('multicheckbox' == $field[3] || 'multiselect' == $field[3]) {
                        $formfield_args['delimiter'] = isset($field[8]) ? $field[8] : '|';
                    }
                    echo $wpmem->forms->create_form_field($formfield_args);
                    break;
                case 'file':
                case 'image':
                    break;
                default:
                    echo '<input type="' . $field[3] . '" name="' . $meta_key . '" id="' . $meta_key . '" class="input" value="';
                    echo isset($_POST[$meta_key]) ? esc_attr($_POST[$meta_key]) : '';
                    echo '" size="25" />';
                    break;
            }
            echo '</td>
				</tr>';
        }
    }
    // If moderated registration is enabled, add checkbox to set user as active.
    if (1 == $wpmem->mod_reg) {
        echo '<tr>
				<th scope="row">
					<label for="activate_user">' . __('Activate this user?', 'wp-members') . '</label>
				</th>
				<td>' . $wpmem->forms->create_form_field(array('name' => 'activate_user', 'type' => 'checkbox', 'value' => 1, 'compare' => '')) . '</td>
			  </tr>';
    }
    echo '</tbody></table>';
}