function Add_Edit_User() { global $wpdb, $feup_success, $ewd_feup_fields_table_name, $ewd_feup_user_fields_table_name, $ewd_feup_user_table_name; $Salt = get_option("EWD_FEUP_Hash_Salt"); $Sign_Up_Email = get_option("EWD_FEUP_Sign_Up_Email"); $Default_User_Level = get_option("EWD_Default_User_Level"); $Use_Crypt = get_option("EWD_FEUP_Use_Crypt"); $Email_Confirmation = get_option("EWD_FEUP_Email_Confirmation"); $Admin_Approval = get_option("EWD_FEUP_Admin_Approval"); $Sql = "SELECT * FROM {$ewd_feup_fields_table_name} "; $Fields = $wpdb->get_results($Sql); $date = date("Y-m-d H:i:s"); $UserCookie = CheckLoginCookie(); if (!isset($_POST['Admin_Approved'])) { $_POST['Admin_Approved'] = null; } if (!isset($_POST['action'])) { $_POST['action'] = null; } if (!isset($_POST['ewd-feup-action'])) { $_POST['ewd-feup-action'] = null; } $User = $wpdb->get_row($wpdb->prepare("SELECT User_ID FROM {$ewd_feup_user_table_name} WHERE Username='******'", $UserCookie['Username'])); if (is_object($User)) { $User_ID = $User->User_ID; } if (is_admin()) { $User_ID = $_POST['User_ID']; } if (isset($_POST['Omit_Fields'])) { $Omitted_Fields = explode(",", $_POST['Omit_Fields']); } else { $Omitted_Fields = array(); } if (isset($_POST['Username'])) { $User_Fields['Username'] = $_POST['Username']; } // check if the password is empty - so we won't try to update it if it is empty if (empty($_POST['User_Password'])) { unset($_POST['User_Password']); } if ($Use_Crypt == "Yes") { if (isset($_POST['User_Password'])) { $User_Fields['User_Password'] = Generate_Password($_POST['User_Password']); } } else { if (isset($_POST['User_Password'])) { $User_Fields['User_Password'] = sha1(md5($_POST['User_Password'] . $Salt)); } } if (isset($_POST['Level_ID'])) { $User_Fields['Level_ID'] = $_POST['Level_ID']; } else { $User_Fields['Level_ID'] = $Default_User_Level; } if ($_POST['Admin_Approved'] == "Yes") { $User_Fields['User_Admin_Approved'] = "Yes"; } if ($_POST['Admin_Approved'] == "No") { $User_Fields['User_Admin_Approved'] = "No"; } if ($_POST['User_Password'] != $_POST['Confirm_User_Password']) { $user_update = array("Message_Type" => "Error", "Message" => __("The passwords you entered did not match.", "EWD_FEUP")); return $user_update; } if ($_POST['action'] == "Add_User" or $_POST['ewd-feup-action'] == "register") { if (empty($_POST['User_Password'])) { $user_update = array("Message_Type" => "Error", "Message" => __("The password cannot be empty.", "EWD_FEUP")); return $user_update; } $wpdb->get_results($wpdb->prepare("SELECT User_ID FROM {$ewd_feup_user_table_name} WHERE Username='******'", $_POST['Username'])); if ($wpdb->num_rows > 0) { $user_update = array("Message_Type" => "Error", "Message" => __("There is already a user with that Username, please select a different one.", "EWD_FEUP")); return $user_update; } if (strlen($_POST['Username']) < 3) { $user_update = array("Message_Type" => "Error", "Message" => __("Username must be at least 3 characters.", "EWD_FEUP")); return $user_update; } } if ($_POST['ewd-feup-action'] != "edit-account") { if (!isset($Additional_Fields_Array)) { $Additional_Fields_Array = array(); } foreach ($Fields as $Field) { if (!in_array($Field->Field_Name, $Omitted_Fields)) { $Additional_Fields_Array[$Field->Field_Name]['Field_ID'] = $Field->Field_ID; $Additional_Fields_Array[$Field->Field_Name]['Field_Name'] = $Field->Field_Name; $Field_Name = str_replace(" ", "_", $Field->Field_Name); if ($Field->Field_Type == "file") { $File_Upload_Return = Handle_File_Upload($Field_Name); if ($File_Upload_Return['Success'] == "No") { return $File_Upload_Return['Data']; } elseif ($File_Upload_Return['Success'] == "N/A") { unset($Additional_Fields_Array[$Field->Field_Name]); } else { $Additional_Fields_Array[$Field->Field_Name]['Field_Value'] = $File_Upload_Return['Data']; } } elseif (is_array($_POST[$Field_Name])) { $Additional_Fields_Array[$Field->Field_Name]['Field_Value'] = stripslashes_deep(implode(",", $_POST[$Field_Name])); } else { $Additional_Fields_Array[$Field->Field_Name]['Field_Value'] = stripslashes_deep($_POST[$Field_Name]); } } } } if (!isset($error)) { /* Pass the data to the appropriate function in Update_Admin_Databases.php to create the user */ if ($_POST['action'] == "Add_User" or $_POST['ewd-feup-action'] == "register") { if (is_object($User)) { $user_update = __("There is already an account with that Username. Please select a different one.", "EWD_FEUP"); return $user_update; } if (!isset($User_Fields['User_Admin_Approved'])) { $User_Fields['User_Admin_Approved'] = "No"; } if (!isset($User_Fields['User_Email_Confirmed'])) { $User_Fields['User_Email_Confirmed'] = "No"; } $User_Fields['User_Date_Created'] = $date; $User_Fields['User_Last_Login'] = $date; $user_update = Add_EWD_FEUP_User($User_Fields); $User_ID = $wpdb->insert_id; if (!isset($Additional_Fields_Array)) { $Additional_Fields_Array = array(); } foreach ($Additional_Fields_Array as $Field) { $user_update = Add_EWD_FEUP_User_Field($Field['Field_ID'], $User_ID, $Field['Field_Name'], $Field['Field_Value'], $date); } if ($_POST['ewd-feup-action'] == "register") { $user_update = __("Your account has been succesfully created.", "EWD_FEUP"); if ($Sign_Up_Email == "Yes") { EWD_FEUP_Send_Email($User_Fields, $Additional_Fields_Array, $User_ID); } if ($Email_Confirmation != "Yes" and $Admin_Approval != "Yes") { CreateLoginCookie($_POST['Username'], $_POST['User_Password']); $feup_success = true; } } } else { if (isset($User_Fields)) { $user_update = Edit_EWD_FEUP_User($User_ID, $User_Fields); } if (!isset($Additional_Fields_Array)) { $Additional_Fields_Array = array(); } if (is_array($Additional_Fields_Array)) { foreach ($Additional_Fields_Array as $Field) { $CurrentField = $wpdb->get_row($wpdb->prepare("SELECT User_Field_ID FROM {$ewd_feup_user_fields_table_name} WHERE Field_ID='%d' AND User_ID='%d'", $Field['Field_ID'], $User_ID)); if ($CurrentField->User_Field_ID != "") { $user_update = Edit_EWD_FEUP_User_Field($Field['Field_ID'], $User_ID, $Field['Field_Name'], $Field['Field_Value']); } else { $user_update = Add_EWD_FEUP_User_Field($Field['Field_ID'], $User_ID, $Field['Field_Name'], $Field['Field_Value'], $date); } } } if ($_POST['ewd-feup-action'] == "edit-account") { CreateLoginCookie($_POST['Username'], $_POST['User_Password']); } } $user_update = array("Message_Type" => "Update", "Message" => $user_update); $feup_success = true; return $user_update; } else { $output_error = array("Message_Type" => "Error", "Message" => $error); return $output_error; } }
function Edit_Account_Info_User() { global $wpdb, $feup_success, $ewd_feup_fields_table_name, $ewd_feup_user_fields_table_name, $ewd_feup_user_table_name; $Salt = get_option("EWD_FEUP_Hash_Salt"); $Sign_Up_Email = get_option("EWD_FEUP_Sign_Up_Email"); $Default_User_Level = get_option("EWD_Default_User_Level"); $Use_Crypt = get_option("EWD_FEUP_Use_Crypt"); $Email_Confirmation = get_option("EWD_FEUP_Email_Confirmation"); $Admin_Approval = get_option("EWD_FEUP_Admin_Approval"); $tt_settings = $wpdb->get_results("SELECT * FROM tt_settings"); $res = ah_flatten($tt_settings, 'name'); $Sql = "SELECT * FROM {$ewd_feup_fields_table_name} "; $Fields = $wpdb->get_results($Sql); $date = date("Y-m-d H:i:s"); $UserCookie = CheckLoginCookie(); if (!isset($_POST['Admin_Approved'])) { $_POST['Admin_Approved'] = null; } if (!isset($_POST['action'])) { $_POST['action'] = null; } if (!isset($_POST['ewd-feup-action'])) { $_POST['ewd-feup-action'] = null; } $User = $wpdb->get_row($wpdb->prepare("SELECT User_ID FROM {$ewd_feup_user_table_name} WHERE Username='******'", $UserCookie['Username'])); if (is_object($User)) { $User_ID = $User->User_ID; } if (is_admin()) { $User_ID = $_POST['User_ID']; } if (isset($_POST['Omit_Fields'])) { $Omitted_Fields = explode(",", $_POST['Omit_Fields']); } else { $Omitted_Fields = array(); } if (isset($_POST['Username'])) { $User_Fields['Username'] = $_POST['Username']; } if (isset($_POST['user_email'])) { $User_Fields['user_email'] = $_POST['user_email']; } if (isset($_POST['subscription'])) { $User_Fields['subscription'] = $_POST['subscription']; } // check if the password is empty - so we won't try to update it if it is empty if (empty($_POST['User_Password'])) { unset($_POST['User_Password']); } if ($Use_Crypt == "Yes") { if (isset($_POST['User_Password'])) { $User_Fields['User_Password'] = Generate_Password($_POST['User_Password']); } } else { if (isset($_POST['User_Password'])) { $User_Fields['User_Password'] = sha1(md5($_POST['User_Password'] . $Salt)); } } if (isset($_POST['Level_ID'])) { $User_Fields['Level_ID'] = $_POST['Level_ID']; } else { $User_Fields['Level_ID'] = $Default_User_Level; } if ($_POST['Admin_Approved'] == "Yes") { $User_Fields['User_Admin_Approved'] = "Yes"; } if ($_POST['Admin_Approved'] == "No") { $User_Fields['User_Admin_Approved'] = "No"; } if ($_POST['User_Password'] != $_POST['Confirm_User_Password']) { $user_update = array("Message_Type" => "Error", "Message" => __("The passwords you entered did not match.", "EWD_FEUP")); return $user_update; } if ($_POST['action'] == "Add_User" or $_POST['ewd-feup-action'] == "register") { if (empty($_POST['User_Password'])) { $user_update = array("Message_Type" => "Error", "Message" => __("The phone number must be your 10 digit number.", "EWD_FEUP")); return $user_update; } $wpdb->get_results($wpdb->prepare("SELECT User_ID FROM {$ewd_feup_user_table_name} WHERE Username='******'", $_POST['Username'])); if ($wpdb->num_rows > 0) { $user_update = array("Message_Type" => "Error", "Message" => __("Doppelgänger alert! There is already a user with that phone number. Please try a different one.", "EWD_FEUP")); return $user_update; } //remove placeholder text $newUsername = str_replace("_", "", $_POST['Username']); if (strlen($newUsername) < 10) { $user_update = array("Message_Type" => "Error", "Message" => __("Phone must be at least 10 characters.", "EWD_FEUP")); return $user_update; } } if ($_POST['ewd-feup-action'] != "edit-account") { foreach ($Fields as $Field) { if (!in_array($Field->Field_Name, $Omitted_Fields)) { $Additional_Fields_Array[$Field->Field_Name]['Field_ID'] = $Field->Field_ID; $Additional_Fields_Array[$Field->Field_Name]['Field_Name'] = $Field->Field_Name; $Field_Name = str_replace(" ", "_", $Field->Field_Name); if ($Field->Field_Type == "file") { $File_Upload_Return = Handle_File_Upload($Field_Name); if ($File_Upload_Return['Success'] == "No") { return $File_Upload_Return['Data']; } elseif ($File_Upload_Return['Success'] == "N/A") { unset($Additional_Fields_Array[$Field->Field_Name]); } else { $Additional_Fields_Array[$Field->Field_Name]['Field_Value'] = $File_Upload_Return['Data']; } } elseif (is_array($_POST[$Field_Name])) { $Additional_Fields_Array[$Field->Field_Name]['Field_Value'] = stripslashes_deep(implode(",", $_POST[str_replace("...", "___", $Field_Name)])); } else { $Additional_Fields_Array[$Field->Field_Name]['Field_Value'] = stripslashes_deep($_POST[str_replace("...", "___", $Field_Name)]); } } } } if (!isset($error)) { /* Pass the data to the appropriate function in Update_Admin_Databases.php to create the user */ if ($_POST['action'] == "Add_User" or $_POST['ewd-feup-action'] == "register") { /*** Time converted to 24 hr format ***/ /*echo "<pre>"; print_r($Additional_Fields_Array); echo "</pre>"; */ $bf_date1 = $Additional_Fields_Array['Breakfast']['Field_Value']; $bf_date = date('H:ia ', strtotime($bf_date1)); //echo $bf_date; $lnh_date1 = $Additional_Fields_Array['Lunch']['Field_Value']; $lnh_date = date('H:ia ', strtotime($lnh_date1)); //echo $lnh_date; $dnr_date1 = $Additional_Fields_Array['Dinner']['Field_Value']; $dnr_date = date('H:ia ', strtotime($dnr_date1)); //echo $dnr_date; if ($User->User_ID != "") { $user_update = __("There is already an account with that Username. Please select a different one.", "EWD_FEUP"); return $user_update; } if (!isset($User_Fields['User_Admin_Approved'])) { $User_Fields['User_Admin_Approved'] = "No"; } if (!isset($User_Fields['User_Email_Confirmed'])) { $User_Fields['User_Email_Confirmed'] = "No"; } $User_Fields['User_Date_Created'] = $date; $User_Fields['User_Last_Login'] = $date; $res = ah_flatten($tt_settings, 'name'); $expiry_date = new DateTime(); $dti = new DateInterval('P' . $tt_settings['default_trial_period']['value'] . 'D'); $expiry_date->add($dti); $expiry_date = $expiry_date->format('Y-m-d'); $Additional_Fields_Array['Membership Expiry Date']['Field_Value'] = $expiry_date; $user_update = Add_EWD_FEUP_User($User_Fields); $User_ID = $wpdb->insert_id; //Custom code if ($Additional_Fields_Array['Time zone']) { $offset = preg_replace('/[a-zA-Z()]/', '', $Additional_Fields_Array['Time zone']['Field_Value']); $operator = preg_replace('/[0-9]/', '', $offset); $vals = preg_replace('/[-+]/', '', $offset); $b = preg_replace('/[A-Za-z]/', '', $bf_date); $l = preg_replace('/[A-Za-z]/', '', $lnh_date); $d = preg_replace('/[A-Za-z]/', '', $dnr_date); //echo $operator."<br>"; //echo $vals; if ($offset) { //print_r($bf_date);die; date_default_timezone_set('UTC'); if ($vals < 9) { $vals = str_replace('0', '', $vals); } if (trim($operator) == '-') { $brk = date('H:ia', strtotime($b) + $vals * 60 * 60); $lunch = date('H:ia', strtotime($l) + $vals * 60 * 60); $dinner = date('H:ia', strtotime($d) + $vals * 60 * 60); } elseif (trim($operator) == '+') { $brk = date('H:ia', strtotime($b) - $vals * 60 * 60); $lunch = date('H:ia', strtotime($l) - $vals * 60 * 60); $dinner = date('H:ia', strtotime($d) - $vals * 60 * 60); } else { $brk = $bf_date; $lunch = $lnh_date; $dinner = $dnr_date; } $Additional_Fields_Array['Breakfast']['Field_Value'] = $brk; $Additional_Fields_Array['Lunch']['Field_Value'] = $lunch; $Additional_Fields_Array['Dinner']['Field_Value'] = $dinner; } } /*echo "<br><br><br><pre>"; print_r($Additional_Fields_Array); echo "</pre>"; */ //die(); //Custom code end foreach ($Additional_Fields_Array as $Field) { $user_update = Add_EWD_FEUP_User_Field($Field['Field_ID'], $User_ID, $Field['Field_Name'], $Field['Field_Value'], $date); } if ($_POST['ewd-feup-action'] == "register") { $user_update = __("Your account has been succesfully created.", "EWD_FEUP"); if ($Sign_Up_Email == "Yes") { EWD_FEUP_Send_Email($User_Fields, $Additional_Fields_Array); } if ($Email_Confirmation != "Yes" and $Admin_Approval != "Yes") { CreateLoginCookie($_POST['Username'], $_POST['User_Password']); $feup_success = true; } } } else { $bf_date1 = $Additional_Fields_Array['Breakfast']['Field_Value']; $bf_date = date('H:ia ', strtotime($bf_date1)); //echo $bf_date; $lnh_date1 = $Additional_Fields_Array['Lunch']['Field_Value']; $lnh_date = date('H:ia ', strtotime($lnh_date1)); //echo $lnh_date; $dnr_date1 = $Additional_Fields_Array['Dinner']['Field_Value']; $dnr_date = date('H:ia ', strtotime($dnr_date1)); //echo $dnr_date; if (isset($User_Fields)) { $user_update = Edit_EWD_FEUP_User($User_ID, $User_Fields); } if (is_array($Additional_Fields_Array)) { //print_r($Additional_Fields_Array);die; //Custom code if ($Additional_Fields_Array['Time zone']) { $offset = preg_replace('/[a-zA-Z()]/', '', $Additional_Fields_Array['Time zone']['Field_Value']); $operator = preg_replace('/[0-9]/', '', $offset); $vals = preg_replace('/[-+]/', '', $offset); $b = preg_replace('/[A-Za-z]/', '', $bf_date); $l = preg_replace('/[A-Za-z]/', '', $lnh_date); $d = preg_replace('/[A-Za-z]/', '', $dnr_date); //echo $vals;die; if ($offset) { //print_r($bf_date);die; date_default_timezone_set('UTC'); if ($vals < 9) { $vals = str_replace('0', '', $vals); } if (trim($operator) == '-') { $brk = date('H:ia', strtotime($b) + $vals * 60 * 60); $lunch = date('H:ia', strtotime($l) + $vals * 60 * 60); $dinner = date('H:ia', strtotime($d) + $vals * 60 * 60); } elseif (trim($operator) == '+') { $brk = date('H:ia', strtotime($b) - $vals * 60 * 60); $lunch = date('H:ia', strtotime($l) - $vals * 60 * 60); $dinner = date('H:ia', strtotime($d) - $vals * 60 * 60); } else { $brk = $bf_date; $lunch = $lnh_date; $dinner = $dnr_date; } $Additional_Fields_Array['Breakfast']['Field_Value'] = $brk; $Additional_Fields_Array['Lunch']['Field_Value'] = $lunch; $Additional_Fields_Array['Dinner']['Field_Value'] = $dinner; } } //Custom code end //only update First name Last name $Additional_Fields_Array = array_intersect_key($Additional_Fields_Array, array_flip(array('First Name', 'Last Name'))); foreach ($Additional_Fields_Array as $Field) { $CurrentField = $wpdb->get_row($wpdb->prepare("SELECT User_Field_ID FROM {$ewd_feup_user_fields_table_name} WHERE Field_ID='%d' AND User_ID='%d'", $Field['Field_ID'], $User_ID)); if ($CurrentField->User_Field_ID != "") { $user_update = Edit_EWD_FEUP_User_Field($Field['Field_ID'], $User_ID, $Field['Field_Name'], $Field['Field_Value']); } else { $user_update = Add_EWD_FEUP_User_Field($Field['Field_ID'], $User_ID, $Field['Field_Name'], $Field['Field_Value'], $date); } } } if ($_POST['ewd-feup-action'] == "edit-account") { CreateLoginCookie($_POST['Username'], $_POST['User_Password']); } } $user_update = array("Message_Type" => "Update", "Message" => $user_update); $feup_success = true; // Brian3T sends sms here //find uid if ($_POST['ewd-feup-action'] == "register") { $sql = "SELECT `User_ID` FROM `wp_ewd_feup_users` ORDER BY User_ID DESC LIMIT 1"; $result = $wpdb->get_results($sql); if (isset($result[0]->User_ID)) { global $uid; $uid = $result[0]->User_ID; call_send_signup_mms($uid); } } else { session_start(); unset($_SESSION['first_sms_sent_to']); } return $user_update; } else { $output_error = array("Message_Type" => "Error", "Message" => $error); return $output_error; } }
function Add_FEUP_Users_From_Spreadsheet($Excel_File_Name) { global $wpdb; global $ewd_feup_user_table_name; global $ewd_feup_user_fields_table_name; global $ewd_feup_levels_table_name; global $ewd_feup_fields_table_name; global $EWD_FEUP_Full_Version; $Sign_Up_Email = get_option("EWD_FEUP_Sign_Up_Email"); $Use_Crypt = get_option("EWD_FEUP_Use_Crypt"); if (!wp_verify_nonce($_POST['_wpnonce'])) { return __("There has been a validation error.", 'EWD_FEUP'); } $Excel_URL = '../wp-content/plugins/front-end-only-users/user-sheets/' . $Excel_File_Name; // Uses the PHPExcel class to simplify the file parsing process include_once '../wp-content/plugins/front-end-only-users/PHPExcel/Classes/PHPExcel.php'; // Build the workbook object out of the uploaded spredsheet $inputFileType = PHPExcel_IOFactory::identify($Excel_URL); $objReader = PHPExcel_IOFactory::createReader($inputFileType); $objWorkBook = $objReader->load($Excel_URL); // Create a worksheet object out of the product sheet in the workbook $sheet = $objWorkBook->getActiveSheet(); //List of fields that can be accepted via upload $Allowed_Fields = array("Username" => "Username", "Password" => "User_Password", "Level" => "Level_Name", "Email Confirmed" => "User_Email_Confirmed", "Admin Approved" => "User_Admin_Approved"); $Custom_Fields_From_DB = $wpdb->get_results("SELECT Field_ID, Field_Name, Field_Options, Field_Type FROM {$ewd_feup_fields_table_name}"); if (is_array($Custom_Fields_From_DB)) { foreach ($Custom_Fields_From_DB as $Custom_Field_From_DB) { $Allowable_Custom_Fields[$Custom_Field_From_DB->Field_Name] = $Custom_Field_From_DB->Field_Name; $Field_IDs[$Custom_Field_From_DB->Field_Name] = $Custom_Field_From_DB->Field_ID; } } // Get column names $highestColumn = $sheet->getHighestColumn(); $highestColumnIndex = PHPExcel_Cell::columnIndexFromString($highestColumn); for ($column = 0; $column < $highestColumnIndex; $column++) { $Titles[$column] = trim($sheet->getCellByColumnAndRow($column, 1)->getValue()); } // Make sure all columns are acceptable based on the acceptable fields above foreach ($Titles as $key => $Title) { if ($Title != "" and !array_key_exists($Title, $Allowed_Fields) and !array_key_exists($Title, $Allowable_Custom_Fields)) { $Error = __("You have a column which is not recognized: ", 'EWD_FEUP') . $Title . __(". <br>Please make sure that the column names match the user field labels exactly.", 'EWD_FEUP'); $user_update = array("Message_Type" => "Error", "Message" => $Error); return $user_update; } if ($Title == "") { $Error = __("You have a blank column that has been edited.<br>Please delete that column and re-upload your spreadsheet.", 'EWD_FEUP'); $user_update = array("Message_Type" => "Error", "Message" => $Error); return $user_update; } if (is_array($Allowable_Custom_Fields)) { if (array_key_exists($Title, $Allowable_Custom_Fields)) { $Custom_Fields[$key] = $Title; unset($Titles[$key]); } } } if (!is_array($Custom_Fields)) { $Custom_Fields = array(); } // Put the spreadsheet data into a multi-dimensional array to facilitate processing $highestRow = $sheet->getHighestRow(); for ($row = 2; $row <= $highestRow; $row++) { for ($column = 0; $column < $highestColumnIndex; $column++) { $Data[$row][$column] = $sheet->getCellByColumnAndRow($column, $row)->getValue(); } } // Create an array of the levels currently in the FEUP database, // with Level_Name as the key and Level_ID as the value $Levels_From_DB = $wpdb->get_results("SELECT * FROM {$ewd_feup_levels_table_name}"); foreach ($Levels_From_DB as $Level) { $Levels[$Level->Level_Name] = $Level->Level_ID; } // Creates an array of the field names which are going to be inserted into the database // and then turns that array into a string so that it can be used in the query for ($column = 0; $column < $highestColumnIndex; $column++) { if ($Allowed_Fields[$Titles[$column]] != "Level_Name" and !array_key_exists($column, $Custom_Fields)) { $Fields[] = $Allowed_Fields[$Titles[$column]]; } if ($Allowed_Fields[$Titles[$column]] == "Level_Name") { $Level_Column = $column; $Fields[] = "Level_ID"; } if ($Allowed_Fields[$Titles[$column]] == "User_Password") { $Password_Column = $column; } } $FieldsString = implode(",", $Fields); $ShowStatus = "Show"; $Today = date("Y-m-d H:i:s"); $wpdb->show_errors(); // Create the query to insert the users one at a time into the database and then run it foreach ($Data as $User) { // Create an array of the values that are being inserted for each user foreach ($User as $Col_Index => $Value) { if ((!isset($Password_Column) or $Password_Column != $Col_Index) and (!isset($Level_Column) or $Level_Column != $Col_Index) and !array_key_exists($Col_Index, $Custom_Fields)) { $Values[] = esc_sql($Value); } if (isset($Level_Column) and $Level_Column == $Col_Index) { $Values[] = $Levels[$Value]; } if (isset($Password_Column) and $Password_Column == $Col_Index) { if ($Use_Crypt == "Yes") { $Values[] = Generate_Password($Value); } else { $Values[] = sha1(md5($Value . $Salt)); } } if (array_key_exists($Col_Index, $Custom_Fields)) { $Custom_Fields_To_Insert[$Custom_Fields[$Col_Index]] = $Value; } } $ValuesString = implode("','", $Values); $wpdb->query($wpdb->prepare("INSERT INTO {$ewd_feup_user_table_name} (" . $FieldsString . ", User_Date_Created) VALUES ('" . $ValuesString . "','%s')", $Today)); $User_ID = $wpdb->insert_id; if ($Sign_Up_Email == "Yes") { EWD_FEUP_Send_Email(array(), array(), $User_ID); } if (is_array($Custom_Fields_To_Insert)) { foreach ($Custom_Fields_To_Insert as $Field => $Value) { $Trimmed_Field = trim($Field); $Field_ID = $Field_IDs[$Trimmed_Field]; $wpdb->query($wpdb->prepare("INSERT INTO {$ewd_feup_user_fields_table_name} (Field_ID, User_ID, Field_Name, Field_Value, User_Field_Date_Created) VALUES (%d, %d, %s, %s, %s)", $Field_ID, $User_ID, $Trimmed_Field, $Value, $Today)); } } unset($Values); unset($User_ID); unset($ValuesString); unset($Custom_Fields_To_Insert); } $message = __("Users added successfully.", 'EWD_FEUP'); $user_update = array("Message_Type" => "Update", "Message" => $message); return $user_update; }
function Add_Edit_User() { global $wpdb, $feup_success, $ewd_feup_fields_table_name, $ewd_feup_user_fields_table_name, $ewd_feup_user_table_name; $Salt = get_option("EWD_FEUP_Hash_Salt"); $Sign_Up_Email = get_option("EWD_FEUP_Sign_Up_Email"); $Default_User_Level = get_option("EWD_Default_User_Level"); $Minimum_Password_Length = get_option("EWD_FEUP_Minimum_Password_Length"); $Use_Crypt = get_option("EWD_FEUP_Use_Crypt"); $Use_Captcha = get_option("EWD_FEUP_Use_Captcha"); $Email_Confirmation = get_option("EWD_FEUP_Email_Confirmation"); $Admin_Approval = get_option("EWD_FEUP_Admin_Approval"); $Email_On_Admin_Approval = get_option("EWD_FEUP_Email_On_Admin_Approval"); $Admin_Email_On_Registration = get_option("EWD_FEUP_Admin_Email_On_Registration"); $feup_Label_Captcha_Fail = get_option("EWD_FEUP_Label_Captcha_Fail"); if ($feup_Label_Captcha_Fail == "") { $feup_Label_Captcha_Fail = __("The Captcha text did not match the image", 'EWD_FEUP'); } $Sql = "SELECT * FROM {$ewd_feup_fields_table_name} "; $Fields = $wpdb->get_results($Sql); $date = date("Y-m-d H:i:s"); $UserCookie = CheckLoginCookie(); if ($UserCookie['Username'] != "" and ($_POST['action'] == "Add_User" or $_POST['ewd-feup-action'] == "register")) { $user_update = array("Message_Type" => "Error", "Message" => __("You are currently logged in. Please log out to create a new account.", "EWD_FEUP")); return $user_update; } if (!isset($_POST['Admin_Approved'])) { $_POST['Admin_Approved'] = null; } if (!isset($_POST['Email_Confirmed'])) { $_POST['Email_Confirmed'] = null; } if (!isset($_POST['User_Membership_Fees_Paid'])) { $_POST['User_Membership_Fees_Paid'] = null; } if (!isset($_POST['action'])) { $_POST['action'] = null; } if (!isset($_POST['ewd-feup-action'])) { $_POST['ewd-feup-action'] = null; } if (!isset($_POST['ewd-registration-type'])) { $_POST['ewd-registration-type'] = null; } if (isset($_POST['User_Account_Expiry'])) { $User_Fields['User_Account_Expiry'] = $_POST['User_Account_Expiry']; } if ($_POST['ewd-feup-action'] == "register" and $Use_Captcha == "Yes") { $Validate_Captcha = EWD_FEUP_Validate_Captcha(); } else { $Validate_Captcha = "Yes"; } $User = $wpdb->get_row($wpdb->prepare("SELECT User_ID FROM {$ewd_feup_user_table_name} WHERE Username='******'", $UserCookie['Username'])); if (is_object($User)) { $User_ID = $User->User_ID; } if (is_admin()) { $User_ID = $_POST['User_ID']; } if (isset($User_ID)) { $User = $wpdb->get_row($wpdb->prepare("SELECT User_Admin_Approved FROM {$ewd_feup_user_table_name} WHERE User_ID='%d'", $User_ID)); $User_Current_Admin_Approved = $User->User_Admin_Approved; } else { $User_Current_Admin_Approved = "No"; } if (isset($_POST['Omit_Fields'])) { $Omitted_Fields = explode(",", $_POST['Omit_Fields']); } else { $Omitted_Fields = array(); } if (isset($_POST['Username'])) { $User_Fields['Username'] = $_POST['Username']; } if ($_POST['ewd-registration-type'] != null) { $User_Fields['User_Registration_Type'] = $_POST['ewd-registration-type']; } // check if the password is empty - so we won't try to update it if it is empty if (empty($_POST['User_Password'])) { unset($_POST['User_Password']); } if (strlen($_POST['User_Password']) < $Minimum_Password_Length) { unset($_POST['User_Password']); unset($_POST['Confirm_User_Password']); } if ($Use_Crypt == "Yes") { if (isset($_POST['User_Password'])) { $User_Fields['User_Password'] = Generate_Password($_POST['User_Password']); } } else { if (isset($_POST['User_Password'])) { $User_Fields['User_Password'] = sha1(md5($_POST['User_Password'] . $Salt)); } } if (isset($_POST['Level_ID'])) { $User_Fields['Level_ID'] = $_POST['Level_ID']; } elseif ($_POST['ewd-feup-omit-level'] != "Yes") { $User_Fields['Level_ID'] = $Default_User_Level; } if ($_POST['Admin_Approved'] == "Yes") { $User_Fields['User_Admin_Approved'] = "Yes"; } if ($_POST['Admin_Approved'] == "No") { $User_Fields['User_Admin_Approved'] = "No"; } if ($_POST['Email_Confirmation'] == "Yes") { $User_Fields['User_Email_Confirmed'] = "Yes"; } if ($_POST['Email_Confirmation'] == "No") { $User_Fields['User_Email_Confirmed'] = "No"; } if ($_POST['User_Membership_Fees_Paid'] == "Yes") { $User_Fields['User_Membership_Fees_Paid'] = "Yes"; } if ($_POST['User_Membership_Fees_Paid'] == "No") { $User_Fields['User_Membership_Fees_Paid'] = "No"; } if ($_POST['User_Password'] != $_POST['Confirm_User_Password']) { $user_update = array("Message_Type" => "Error", "Message" => __("The passwords you entered did not match.", "EWD_FEUP")); return $user_update; } if ($_POST['action'] == "Add_User" or $_POST['ewd-feup-action'] == "register") { if (empty($_POST['User_Password'])) { $user_update = array("Message_Type" => "Error", "Message" => __("The password entered was too short.", "EWD_FEUP")); return $user_update; } $wpdb->get_results($wpdb->prepare("SELECT User_ID FROM {$ewd_feup_user_table_name} WHERE Username='******'", $_POST['Username'])); if ($wpdb->num_rows > 0) { $user_update = array("Message_Type" => "Error", "Message" => __("There is already a user with that Username, please select a different one.", "EWD_FEUP")); return $user_update; } if (strlen($_POST['Username']) < 3) { $user_update = array("Message_Type" => "Error", "Message" => __("Username must be at least 3 characters.", "EWD_FEUP")); return $user_update; } } if ($_POST['ewd-feup-action'] != "edit-account") { if (!isset($Additional_Fields_Array)) { $Additional_Fields_Array = array(); } foreach ($Fields as $Field) { if (!in_array($Field->Field_Name, $Omitted_Fields)) { if ($Field->Field_Options != "") { $Field_Allowed_Values = explode(",", $Field->Field_Options); } $Field_Name = str_replace(" ", "_", $Field->Field_Name); if (!is_array($Field_Allowed_Values) or in_array($_POST[$Field_Name], $Field_Allowed_Values) or is_array($_POST[$Field_Name])) { $Additional_Fields_Array[$Field->Field_Name]['Field_ID'] = $Field->Field_ID; $Additional_Fields_Array[$Field->Field_Name]['Field_Name'] = $Field->Field_Name; if ($Field->Field_Type == "file" or $Field->Field_Type == "picture") { $File_Upload_Return = Handle_File_Upload($Field_Name); if ($File_Upload_Return['Success'] == "No") { return $File_Upload_Return['Data']; } elseif ($File_Upload_Return['Success'] == "N/A") { unset($Additional_Fields_Array[$Field->Field_Name]); } else { $Additional_Fields_Array[$Field->Field_Name]['Field_Value'] = $File_Upload_Return['Data']; } } elseif (is_array($_POST[$Field_Name])) { $Additional_Fields_Array[$Field->Field_Name]['Field_Value'] = stripslashes_deep(implode(",", $_POST[$Field_Name])); } else { $Additional_Fields_Array[$Field->Field_Name]['Field_Value'] = stripslashes_deep($_POST[$Field_Name]); } } unset($Field_Allowed_Values); } } } if (!isset($error) and $Validate_Captcha == "Yes") { /* Pass the data to the appropriate function in Update_Admin_Databases.php to create the user */ if ($_POST['action'] == "Add_User" or $_POST['ewd-feup-action'] == "register") { if (is_object($User)) { $user_update = __("There is already an account with that Username. Please select a different one.", "EWD_FEUP"); return $user_update; } if (!isset($User_Fields['User_Admin_Approved'])) { $User_Fields['User_Admin_Approved'] = "No"; } if (!isset($User_Fields['User_Email_Confirmed'])) { $User_Fields['User_Email_Confirmed'] = "No"; } $User_Fields['User_Date_Created'] = $date; $User_Fields['User_Last_Login'] = $date; $user_update = Add_EWD_FEUP_User($User_Fields); $User_ID = $wpdb->insert_id; if (!isset($Additional_Fields_Array)) { $Additional_Fields_Array = array(); } foreach ($Additional_Fields_Array as $Field) { $user_update = Add_EWD_FEUP_User_Field($Field['Field_ID'], $User_ID, $Field['Field_Name'], $Field['Field_Value'], $date); } if ($Sign_Up_Email == "Yes") { EWD_FEUP_Send_Email($User_Fields, $Additional_Fields_Array, $User_ID); } if ($_POST['ewd-feup-action'] == "register") { $user_update = __("Your account has been succesfully created.", "EWD_FEUP"); if ($Admin_Email_On_Registration == "Yes") { EWD_FEUP_Send_Admin_Registration_Email($User_Fields, $Additional_Fields_Array, $User_ID); } if ($Email_Confirmation != "Yes" and $Admin_Approval != "Yes") { Confirm_Login(); //CreateLoginCookie($_POST['Username'], $_POST['User_Password']); $feup_success = true; } } } else { if (isset($User_Fields)) { $user_update = Edit_EWD_FEUP_User($User_ID, $User_Fields); } if (!isset($Additional_Fields_Array)) { $Additional_Fields_Array = array(); } if (is_array($Additional_Fields_Array)) { foreach ($Additional_Fields_Array as $Field) { $CurrentField = $wpdb->get_row($wpdb->prepare("SELECT User_Field_ID FROM {$ewd_feup_user_fields_table_name} WHERE Field_ID='%d' AND User_ID='%d'", $Field['Field_ID'], $User_ID)); if ($CurrentField->User_Field_ID != "") { $user_update = Edit_EWD_FEUP_User_Field($Field['Field_ID'], $User_ID, $Field['Field_Name'], $Field['Field_Value']); } else { $user_update = Add_EWD_FEUP_User_Field($Field['Field_ID'], $User_ID, $Field['Field_Name'], $Field['Field_Value'], $date); } } } if ($_POST['ewd-feup-action'] == "edit-account") { CreateLoginCookie($_POST['Username'], $_POST['User_Password']); } } // If the user receives admin approval for the first time and the option is selected, send them an e-mail //Need to check earlier, as it already gets set before this if ($User_Current_Admin_Approved == "No" and $User_Fields['User_Admin_Approved'] == "Yes" and $Email_On_Admin_Approval == "Yes") { EWD_FEUP_Send_Admin_Approval_Email($User_Fields, $Additional_Fields_Array, $User_ID); } $user_update = array("Message_Type" => "Update", "Message" => $user_update); $feup_success = true; return $user_update; } else { if ($Validate_Captcha != "Yes") { $error = "The Captcha text did not match the image"; } $output_error = array("Message_Type" => "Error", "Message" => $error); return $output_error; } }