public function edit_level($id)
{
//Check we are on the admin end and user has management permission
SwpmMiscUtils::check_user_permission_and_is_admin('membership level edit');
//Check nonce
if (!isset($_POST['_wpnonce_edit_swpmlevel_admin_end']) || !wp_verify_nonce($_POST['_wpnonce_edit_swpmlevel_admin_end'], 'edit_swpmlevel_admin_end')) {
//Nonce check failed.
wp_die(SwpmUtils::_("Error! Nonce verification failed for membership level edit from admin end."));
}
global $wpdb;
$query = $wpdb->prepare("SELECT * FROM " . $wpdb->prefix . "swpm_membership_tbl WHERE id = %d", $id);
$level = $wpdb->get_row($query, ARRAY_A);
$form = new SwpmLevelForm($level);
if ($form->is_valid()) {
$wpdb->update($wpdb->prefix . "swpm_membership_tbl", $form->get_sanitized(), array('id' => $id));
//@todo meta table and collect all relevant info and pass as argument
$custom = apply_filters('swpm_admin_edit_membership_level', array(), $id);
$this->save_custom_fields($id, $custom);
$message = array('succeeded' => true, 'message' => '<p>' . SwpmUtils::_('Membership Level Updated Successfully.') . '</p>');
SwpmTransfer::get_instance()->set('status', $message);
wp_redirect('admin.php?page=simple_wp_membership_levels');
exit(0);
}
$message = array('succeeded' => false, 'message' => SwpmUtils::_('Please correct the following:'), 'extra' => $form->get_errors());
SwpmTransfer::get_instance()->set('status', $message);
}
public static function update_category_list()
{
$selected = filter_input(INPUT_POST, 'membership_level_id');
$selected_level_id = empty($selected) ? 1 : $selected;
$category = $selected_level_id == 1 ? SwpmProtection::get_instance() : SwpmPermission::get_instance($selected_level_id);
$args = array('ids' => array('filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_REQUIRE_ARRAY));
$filtered = filter_input_array(INPUT_POST, $args);
$ids = $filtered['ids'];
$args = array('ids_in_page' => array('filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_REQUIRE_ARRAY));
$filtered = filter_input_array(INPUT_POST, $args);
$ids_in_page = $filtered['ids_in_page'];
$category->remove($ids_in_page, 'category')->apply($ids, 'category')->save();
$message = array('succeeded' => true, 'message' => '<p>' . SwpmUtils::_('Category protection updated!') . '</p>');
SwpmTransfer::get_instance()->set('status', $message);
}
public function edit($id)
{
global $wpdb;
$query = $wpdb->prepare("SELECT * FROM " . $wpdb->prefix . "swpm_membership_tbl WHERE id = %d", $id);
$level = $wpdb->get_row($query, ARRAY_A);
$form = new SwpmLevelForm($level);
if ($form->is_valid()) {
$wpdb->update($wpdb->prefix . "swpm_membership_tbl", $form->get_sanitized(), array('id' => $id));
//@todo meta table and collect all relevant info and pass as argument
$custom = apply_filters('swpm_admin_edit_membership_level', array(), $id);
$this->save_custom_fields($id, $custom);
$message = array('succeeded' => true, 'message' => '<p>' . SwpmUtils::_('Updated Successfully.') . '</p>');
SwpmTransfer::get_instance()->set('status', $message);
wp_redirect('admin.php?page=simple_wp_membership_levels');
exit(0);
}
$message = array('succeeded' => false, 'message' => SwpmUtils::_('Please correct the following:'), 'extra' => $form->get_errors());
SwpmTransfer::get_instance()->set('status', $message);
}
public function reset_password($email)
{
$email = sanitize_email($email);
if (!is_email($email)) {
$message = '<div class="swpm-reset-pw-error">' . SwpmUtils::_("Email address not valid.") . '</div>';
$message = array('succeeded' => false, 'message' => $message);
SwpmTransfer::get_instance()->set('status', $message);
return;
}
global $wpdb;
$query = 'SELECT member_id,user_name,first_name, last_name FROM ' . $wpdb->prefix . 'swpm_members_tbl ' . ' WHERE email = %s';
$user = $wpdb->get_row($wpdb->prepare($query, $email));
if (empty($user)) {
$message = '<div class="swpm-reset-pw-error">' . SwpmUtils::_("No user found with that email address.") . '</div>';
$message .= '<div class="swpm-reset-pw-error-email">' . SwpmUtils::_("Email Address: ") . $email . '</div>';
$message = array('succeeded' => false, 'message' => $message);
SwpmTransfer::get_instance()->set('status', $message);
return;
}
$settings = SwpmSettings::get_instance();
$password = wp_generate_password();
$password_hash = SwpmUtils::encrypt_password(trim($password));
//should use $saned??;
$wpdb->update($wpdb->prefix . "swpm_members_tbl", array('password' => $password_hash), array('member_id' => $user->member_id));
//Update wp user password
add_filter('send_password_change_email', array(&$this, 'dont_send_password_change_email'), 1, 3);
//Stop wordpress from sending a reset password email to admin.
SwpmUtils::update_wp_user($user->user_name, array('plain_password' => $password));
$body = $settings->get_value('reset-mail-body');
$subject = $settings->get_value('reset-mail-subject');
$search = array('{user_name}', '{first_name}', '{last_name}', '{password}');
$replace = array($user->user_name, $user->first_name, $user->last_name, $password);
$body = html_entity_decode($body);
$body = str_replace($search, $replace, $body);
$from = $settings->get_value('email-from');
$headers = "From: " . $from . "\r\n";
wp_mail($email, $subject, $body, $headers);
SwpmLog::log_simple_debug("Member password has been reset. Password reset email sent to: " . $email, true);
$message = '<div class="swpm-reset-pw-success">' . SwpmUtils::_("New password has been sent to your email address.") . '</div>';
$message .= '<div class="swpm-reset-pw-success-email">' . SwpmUtils::_("Email Address: ") . $email . '</div>';
$message = array('succeeded' => false, 'message' => $message);
SwpmTransfer::get_instance()->set('status', $message);
}
public function notices()
{
$message = SwpmTransfer::get_instance()->get('status');
$succeeded = false;
if (empty($message)) {
return false;
}
if ($message['succeeded']) {
echo "<div id='message' class='updated floatr'>";
$succeeded = true;
} else {
echo "<div id='message' class='error floatr'>";
}
echo $message['message'];
$extra = isset($message['extra']) ? $message['extra'] : array();
if (is_string($extra)) {
echo $extra;
} else {
if (is_array($extra)) {
echo '<ul>';
foreach ($extra as $key => $value) {
echo '<li>' . $value . '</li>';
}
echo '</ul>';
}
}
echo "</div>";
return $succeeded;
}
public static function delete_wp_user($user_name)
{
$wp_user_id = username_exists($user_name);
$ud = get_userdata($wp_user_id);
if (!empty($ud) && (isset($ud->wp_capabilities['administrator']) || $ud->wp_user_level == 10)) {
SwpmTransfer::get_instance()->set('status', 'For consistency, we do not allow deleting any associated wordpress account with administrator role.<br/>' . 'Please delete from <a href="users.php">Users</a> menu.');
return;
}
if ($wp_user_id) {
include_once ABSPATH . 'wp-admin/includes/user.php';
wp_delete_user($wp_user_id, 1);
//assigns all related to this user to admin.
}
}
public static function get_instance()
{
self::$_this = empty(self::$_this) ? new SwpmTransfer() : self::$_this;
return self::$_this;
}
public function edit_admin_end($id)
{
//Check we are on the admin end and user has management permission
SwpmMiscUtils::check_user_permission_and_is_admin('member edit by admin');
//Check nonce
if (!isset($_POST['_wpnonce_edit_swpmuser_admin_end']) || !wp_verify_nonce($_POST['_wpnonce_edit_swpmuser_admin_end'], 'edit_swpmuser_admin_end')) {
//Nonce check failed.
wp_die(SwpmUtils::_("Error! Nonce verification failed for user edit from admin end."));
}
global $wpdb;
$query = $wpdb->prepare("SELECT * FROM " . $wpdb->prefix . "swpm_members_tbl WHERE member_id = %d", $id);
$member = $wpdb->get_row($query, ARRAY_A);
$email_address = $member['email'];
$user_name = $member['user_name'];
unset($member['member_id']);
unset($member['user_name']);
$form = new SwpmForm($member);
if ($form->is_valid()) {
$member = $form->get_sanitized();
$plain_password = isset($member['plain_password']) ? $member['plain_password'] : "";
SwpmUtils::update_wp_user($user_name, $member);
unset($member['plain_password']);
$wpdb->update($wpdb->prefix . "swpm_members_tbl", $member, array('member_id' => $id));
$message = array('succeeded' => true, 'message' => '<p>Member profile updated successfully.</p>');
$error = apply_filters('swpm_admin_edit_custom_fields', array(), $member + array('member_id' => $id));
if (!empty($error)) {
$message = array('succeeded' => false, 'message' => SwpmUtils::_('Please correct the following:'), 'extra' => $error);
SwpmTransfer::get_instance()->set('status', $message);
return;
}
SwpmTransfer::get_instance()->set('status', $message);
$send_notification = filter_input(INPUT_POST, 'account_status_change');
if (!empty($send_notification)) {
$settings = SwpmSettings::get_instance();
$from_address = $settings->get_value('email-from');
$headers = 'From: ' . $from_address . "\r\n";
$subject = filter_input(INPUT_POST, 'notificationmailhead');
$body = filter_input(INPUT_POST, 'notificationmailbody');
$settings->set_value('account-change-email-body', $body)->set_value('account-change-email-subject', $subject)->save();
$member['login_link'] = $settings->get_value('login-page-url');
$member['user_name'] = $user_name;
$member['password'] = empty($plain_password) ? SwpmUtils::_("Your current password") : $plain_password;
$values = array_values($member);
$keys = array_map('swpm_enclose_var', array_keys($member));
$body = html_entity_decode(str_replace($keys, $values, $body));
wp_mail($email_address, $subject, $body, $headers);
}
wp_redirect('admin.php?page=simple_wp_membership');
exit(0);
}
$message = array('succeeded' => false, 'message' => SwpmUtils::_('Please correct the following:'), 'extra' => $form->get_errors());
SwpmTransfer::get_instance()->set('status', $message);
}
public static function delete_wp_user($user_name)
{
$wp_user_id = username_exists($user_name);
if (empty($wp_user_id) || !is_numeric($wp_user_id)) {
return;
}
if (!self::is_wp_super_user($wp_user_id)) {
//Not an admin user so it is safe to delete this user.
include_once ABSPATH . 'wp-admin/includes/user.php';
wp_delete_user($wp_user_id, 1);
//assigns all related to this user to admin.
} else {
//This is an admin user. So not going to delete the WP User record.
SwpmTransfer::get_instance()->set('status', 'For safety, we do not allow deletion of any associated wordpress account with administrator role.');
return;
}
}
