public function __construct() { parent::__construct(site_url('pnfw/unregister/'), 'POST'); global $wpdb; $push_tokens = $wpdb->get_blog_prefix() . 'push_tokens'; $user_id = $wpdb->get_var($wpdb->prepare("SELECT user_id FROM {$push_tokens} WHERE token = %s AND os = %s", $this->token, $this->os)); $res = $wpdb->delete($push_tokens, array("token" => $this->token, "os" => $this->os)); if ($res === false) { $this->json_error('500', __('Unable to delete token', 'pnfw')); } $user = new WP_User($user_id); if (in_array(PNFW_Push_Notifications_for_WordPress_Lite::USER_ROLE, $user->roles) && empty($user->user_email)) { pnfw_log(PNFW_SYSTEM_LOG, sprintf(__("Automatically deleted the anonymous user %s (%s) since left without tokens.", 'pnfw'), $user->user_login, $user_id)); require_once ABSPATH . 'wp-admin/includes/user.php'; if (is_multisite()) { require_once ABSPATH . 'wp-admin/includes/ms.php'; if (is_user_member_of_blog($user_id)) { wpmu_delete_user($user_id); } } else { wp_delete_user($user_id); } } exit; }
/** * Override multisite mapped meta-capabilities * * @since 0.1.0 */ function wp_user_edit_map_meta_caps($caps = array(), $cap = '', $user_id = 0, $args = array()) { // What cap are we checking switch ($cap) { // Ability to edit users of sites case 'edit_user': case 'edit_users': case 'manage_network_users': // Allow user to edit themselves if ('edit_user' === $cap && isset($args[0]) && $user_id === $args[0]) { break; } // Already not allowed? $index = array_search('do_not_allow', $caps); // If previously not allowed, undo it; we'll check our own way if (false !== $index) { unset($caps[$index]); } // If multisite, user must be a member of the site if (is_multisite() && isset($args[0]) && !is_user_member_of_blog($args[0])) { $caps[] = 'do_not_allow'; // Admins cannot modify super admins } elseif (isset($args[0]) && is_super_admin($args[0])) { $caps[] = 'do_not_allow'; // Fallback on `edit_users` } else { $caps[] = 'edit_users'; } break; } // Always return capabilities return $caps; }
function callback($path = '', $blog_id = 0, $user_id = 0) { $blog_id = $this->api->switch_to_blog_and_validate_user($this->api->get_blog_id($blog_id)); if (is_wp_error($blog_id)) { return $blog_id; } if (!current_user_can_for_blog($blog_id, 'list_users')) { return new WP_Error('unauthorized', 'User cannot view users for specified site', 403); } // Get the user by ID or login $get_by = false !== strpos($path, '/users/login:'******'login' : 'id'; $user = get_user_by($get_by, $user_id); if (!$user) { return new WP_Error('unknown_user', 'Unknown user', 404); } if (!is_user_member_of_blog($user->ID, $blog_id)) { return new WP_Error('unknown_user_for_site', 'Unknown user for site', 404); } if ('GET' === $this->api->method) { return $this->get_user($user->ID); } else { if ('POST' === $this->api->method) { if (!current_user_can_for_blog($blog_id, 'promote_users')) { return new WP_Error('unauthorized', 'User cannot promote users for specified site', 403); } if (get_current_user_id() == $user_id) { return new WP_Error('unauthorized', 'You cannot change your own role', 403); } return $this->update_user($user_id); } else { return new WP_Error('bad_request', 'An unsupported request method was used.'); } } }
/** Load all our strings */ function load_strings() { $this->please_log_in = "<p class=\"s2_message\">" . sprintf(__('To manage your subscription options please <a href="%1$s">login.</a>', 'subscribe2'), get_option('siteurl') . '/wp-login.php') . "</p>"; $this->profile = "<p class=\"s2_message\">" . sprintf(__('You may manage your subscription options from your <a href="%1$s">profile</a>', 'subscribe2'), get_option('siteurl') . "/wp-admin/admin.php?page=s2") . "</p>"; if ($this->s2_mu === true) { global $blog_id; $user_ID = get_current_user_id(); if (!is_user_member_of_blog($user_ID, $blog_id)) { // if we are on multisite and the user is not a member of this blog change the link $this->profile = "<p class=\"s2_message\">" . sprintf(__('<a href="%1$s">Subscribe</a> to email notifications when this blog posts new content.', 'subscribe2'), get_option('siteurl') . "/wp-admin/?s2mu_subscribe=" . $blog_id) . "</p>"; } } $this->confirmation_sent = "<p class=\"s2_message\">" . __('A confirmation message is on its way!', 'subscribe2') . "</p>"; $this->already_subscribed = "<p class=\"s2_error\">" . __('That email address is already subscribed.', 'subscribe2') . "</p>"; $this->not_subscribed = "<p class=\"s2_error\">" . __('That email address is not subscribed.', 'subscribe2') . "</p>"; $this->not_an_email = "<p class=\"s2_error\">" . __('Sorry, but that does not look like an email address to me.', 'subscribe2') . "</p>"; $this->barred_domain = "<p class=\"s2_error\">" . __('Sorry, email addresses at that domain are currently barred due to spam, please use an alternative email address.', 'subscribe2') . "</p>"; $this->error = "<p class=\"s2_error\">" . __('Sorry, there seems to be an error on the server. Please try again later.', 'subscribe2') . "</p>"; // confirmation messages $this->no_such_email = "<p class=\"s2_error\">" . __('No such email address is registered.', 'subscribe2') . "</p>"; $this->added = "<p class=\"s2_message\">" . __('You have successfully subscribed!', 'subscribe2') . "</p>"; $this->deleted = "<p class=\"s2_message\">" . __('You have successfully unsubscribed.', 'subscribe2') . "</p>"; /**/ $this->subscribe = __('subscribe', 'subscribe2'); //ACTION replacement in subscribing confirmation email /**/ $this->unsubscribe = __('unsubscribe', 'subscribe2'); //ACTION replacement in unsubscribing in confirmation email }
function callback($path = '', $blog_id = 0, $user_id = 0) { $blog_id = $this->api->switch_to_blog_and_validate_user($this->api->get_blog_id($blog_id)); if (is_wp_error($blog_id)) { return $blog_id; } if (!current_user_can_for_blog($blog_id, 'list_users')) { return new WP_Error('unauthorized', 'User cannot view users for specified site', 403); } if (!is_user_member_of_blog($user_id, $blog_id)) { return new WP_Error('unauthorized', 'User cannot view users for specified site', 403); } if ('GET' === $this->api->method) { return $this->get_user($user_id); } else { if ('POST' === $this->api->method) { if (!current_user_can_for_blog($blog_id, 'promote_users')) { return new WP_Error('unauthorized', 'User cannot promote users for specified site', 403); } if (get_current_user_id() == $user_id) { return new WP_Error('unauthorized', 'You cannot change your own role', 403); } return $this->update_user($user_id); } else { return new WP_Error('bad_request', 'An unsupported request method was used.'); } } }
/** * Check whether a given request has proper authorization to view feedback item. * * @param WP_REST_Request $request Full details about the request. * @return WP_Error|boolean */ public function get_item_permissions_check($request) { if (!is_user_member_of_blog(get_current_user_id(), get_current_blog_id())) { return new WP_Error('rest_cannot_view', esc_html__('Sorry, you cannot view this resource.', 'jetpack'), array('status' => 401)); } return true; }
function get_jetpack_modules() { if (is_user_member_of_blog()) { return array_values(Jetpack_Options::get_option('active_modules', array())); } return null; }
function jmm_shortcode_thissite_func($atts, $content = null) { $jmm_options = get_option('helfjmm_options'); if (isset($_POST['jmm-join-site']) || isset($_POST['join-site'])) { // This is the magic sauce. do_action('jmm_joinsite', array('JMM', 'join_site')); } if (!is_user_logged_in()) { if (get_option('users_can_register') == 1) { // If user isn't logged in but we allow for registration.... // IF we have a custom URL, use it, else send to /wp-signup.php if (!is_null($jmm_options['perpage']) && $jmm_options['perpage'] != "XXXXXX") { $goto = get_permalink($jmm_options['perpage']); } else { $goto = '/wp-signup.php'; } // Here is our form return '<form action="' . $goto . '" method="post" id="notmember"> <input type="hidden" name="action" value="jmm-join-site"> <input type="submit" value="' . __('Register For An Account', 'join-my-multisite') . '" name="join-site" id="join-site" class="button"> </form>'; } // If we don't allow registration, we show nothing. On to the next one! } elseif (!is_user_member_of_blog()) { // If user IS logged in, then let's invite them to play. return '<form action="?jmm-join-site" method="post" id="notmember"> <input type="hidden" name="action" value="jmm-join-site"> <input type="submit" value="' . __('Join This Site', 'join-my-multisite') . '" name="join-site" id="join-site" class="button"> </form>'; } else { // Otherwise we're already a member, hello, mum! return '<p>' . __('Howdy, Member!', 'join-my-multisite') . '</p>'; } }
/** * Displays the to-do list administration * @param $atts shortcode attributes * @return string To-Do List */ public function display_admin($atts) { $this->atts = $atts; $atts = shortcode_atts(array('title' => '', 'completed' => 0), $this->atts, 'todoadmin'); $this->list = ''; CTDL_Loader::frontend_admin_enqueue_scripts(); $this->list = '<div id="ctdl-frontend-admin">'; if ($atts['title'] != '') { $this->list .= '<h3 class="todo-title">' . esc_html($atts['title']) . $this->show_heading() . '</h3>'; } if (is_user_logged_in() && is_user_member_of_blog()) { list($this->url, $action) = CTDL_Lib::set_variables(); // get the existing to-do data and show the edit form if editing a to-do item if ($action == 'edit-todo') { $this->edit_todo_item($this->url); } else { $this->list .= '<div class="ctdl-tables">'; $this->display(); if (1 == $atts['completed']) { $this->display(1); } $this->list .= '</div>'; $this->list .= $this->create_new_todo_form(); } } else { $this->list .= esc_html__('You must be logged in to view', 'cleverness-to-do-list'); } $this->list .= '</div>'; return $this->list; }
/** Load all our strings */ function load_strings() { // adjust the output of Subscribe2 here $this->please_log_in = "<p class=\"s2_message\">" . __('To manage your subscription options please', 'subscribe2') . " <a href=\"" . get_option('siteurl') . "/wp-login.php\">" . __('login', 'subscribe2') . "</a>.</p>"; $this->profile = "<p class=\"s2_message\">" . __('You may manage your subscription options from your', 'subscribe2') . " <a href=\"" . get_option('siteurl') . "/wp-admin/admin.php?page=s2\">" . __('profile', 'subscribe2') . "</a>.</p>"; if ($this->s2_mu === true) { global $blog_id; $user_ID = get_current_user_id(); if (!is_user_member_of_blog($user_ID, $blog_id)) { // if we are on multisite and the user is not a member of this blog change the link $this->profile = "<p class=\"s2_message\"><a href=\"" . get_option('siteurl') . "/wp-admin/?s2mu_subscribe=" . $blog_id . "\">" . __('Subscribe', 'subscribe2') . "</a> " . __('to email notifications when this blog posts new content', 'subscribe2') . ".</p>"; } } $this->confirmation_sent = "<p class=\"s2_message\">" . __('A confirmation message is on its way!', 'subscribe2') . "</p>"; $this->already_subscribed = "<p class=\"s2_error\">" . __('That email address is already subscribed.', 'subscribe2') . "</p>"; $this->not_subscribed = "<p class=\"s2_error\">" . __('That email address is not subscribed.', 'subscribe2') . "</p>"; $this->not_an_email = "<p class=\"s2_error\">" . __('Sorry, but that does not look like an email address to me.', 'subscribe2') . "</p>"; $this->barred_domain = "<p class=\"s2_error\">" . __('Sorry, email addresses at that domain are currently barred due to spam, please use an alternative email address.', 'subscribe2') . "</p>"; $this->error = "<p class=\"s2_error\">" . __('Sorry, there seems to be an error on the server. Please try again later.', 'subscribe2') . "</p>"; $this->no_page = __('You must to create a WordPress page for this plugin to work correctly.', 'subscribe2'); $this->mail_sent = "<p class=\"s2_message\">" . __('Message sent!', 'subscribe2') . "</p>"; $this->mail_failed = "<p class=\"s2_error\">" . __('Message failed! Check your settings and check with your hosting provider', 'subscribe2') . "</p>"; // confirmation messages $this->no_such_email = "<p class=\"s2_error\">" . __('No such email address is registered.', 'subscribe2') . "</p>"; $this->added = "<p class=\"s2_message\">" . __('You have successfully subscribed!', 'subscribe2') . "</p>"; $this->deleted = "<p class=\"s2_message\">" . __('You have successfully unsubscribed.', 'subscribe2') . "</p>"; $this->subscribe = __('subscribe', 'subscribe2'); //ACTION replacement in subscribing confirmation email $this->unsubscribe = __('unsubscribe', 'subscribe2'); //ACTION replacement in unsubscribing in confirmation email // menu strings $this->options_saved = __('Options saved!', 'subscribe2'); $this->options_reset = __('Options reset!', 'subscribe2'); }
function widget($args, $instance) { extract($args); /* User-selected settings. */ //$title = isset( $instance['title'] ) ? apply_filters('widget_title', $instance['title'] ) : "" ; $title = isset($instance['title']) ? apply_filters('widget_title', $instance['title']) : ""; $notregistered = isset($instance['notreg']) ? $instance['notreg'] : ""; $notmember = isset($instance['notmember']) ? $instance['notmember'] : ""; $member = isset($instance['member']) ? $instance['member'] : ""; $welcome = isset($instance['welcome']) ? $instance['welcome'] : ""; $show_form = isset($instance['show_form']) ? $instance['show_form'] : ""; $jmm_options = get_option('helfjmm_options'); global $current_user, $blog_id, $user_login; /* Before widget (defined by themes). */ echo $before_widget; /* Title of widget (before and after defined by themes). */ if ($title) { echo $before_title . $title . $after_title; } if (isset($_POST['jmm-join-site']) || isset($_POST['join-site'])) { // This is the magic sauce. do_action('jmm_joinsite', array('JMM', 'join_site')); echo '<p>' . $welcome . '</p>'; } else { if (!is_user_logged_in()) { if (get_option('users_can_register') == 1) { // If user isn't logged in but we allow for registration.... // IF we have a custom URL, use it, else send to /wp-signup.php for this site (becuase join my SITE, not network) if (!is_null($jmm_options['perpage']) && $jmm_options['perpage'] != "XXXXXX") { $goto = get_permalink($jmm_options['perpage']); } else { $goto = '/wp-signup.php'; } // Here is our form echo '<form action="' . $goto . '" method="post" id="notmember">'; echo '<input type="hidden" name="action" value="jmm-join-site">'; echo '<input type="submit" value="' . $notregistered . '" name="join-site" id="join-site" class="button">'; echo '</form>'; // Do we show the inline login form? if ($show_form == 'on') { echo '<br /><h3 class="widget-title">' . __("Log in") . '</h3>'; wp_login_form(array('value_remember' => 1)); } } // If we don't allow registration, we show nothing. On to the next one! } elseif (!is_user_member_of_blog()) { // If user IS logged in, then let's invite them to play. echo '<form action="?jmm-join-site" method="post" id="notmember">'; echo '<input type="hidden" name="action" value="jmm-join-site">'; echo '<input type="submit" value="' . $notmember . '" name="join-site" id="join-site" class="button">'; echo '</form>'; } else { // Otherwise we're already a member, hello, mum! echo '<p>' . $member . '</p>'; } } /* After widget (defined by themes). */ echo $after_widget; }
/** * Removes a user from the current site. * @param int $user_id * @return array|WP_Error */ function remove_user($user_id) { if (!current_user_can('remove_users')) { return new WP_Error('unauthorized', 'User cannot remove users for specified site.', 403); } if (!is_user_member_of_blog($user_id, get_current_blog_id())) { return new WP_Error('invalid_input', 'User is not a member of the specified site.', 400); } return array('success' => remove_user_from_blog($user_id, get_current_blog_id())); }
function pnfw_delete_plugin() { global $wpdb; $table_name = $wpdb->get_blog_prefix() . 'push_tokens'; $wpdb->query("DROP TABLE IF EXISTS {$table_name};"); $table_name = $wpdb->get_blog_prefix() . 'push_viewed'; $wpdb->query("DROP TABLE IF EXISTS {$table_name};"); $table_name = $wpdb->get_blog_prefix() . 'push_sent'; $wpdb->query("DROP TABLE IF EXISTS {$table_name};"); $table_name = $wpdb->get_blog_prefix() . 'push_excluded_categories'; $wpdb->query("DROP TABLE IF EXISTS {$table_name};"); $table_name = $wpdb->get_blog_prefix() . 'push_logs'; $wpdb->query("DROP TABLE IF EXISTS {$table_name};"); $table_name = $wpdb->get_blog_prefix() . 'postmeta'; $wpdb->query("DELETE FROM {$table_name} WHERE meta_key = 'pnfw_do_not_send_push_notifications_for_this_post' OR meta_key = 'pnfw_user_cat';"); $user_query = new WP_User_Query(array('role' => 'app_subscriber')); foreach ($user_query->results as $user) { if (empty($user->user_email)) { if (is_multisite()) { require_once ABSPATH . 'wp-admin/includes/ms.php'; if (is_user_member_of_blog($user->ID)) { wpmu_delete_user($user->ID); } } else { wp_delete_user($user->ID); } } } delete_option('pnfw_db_version'); delete_option('pnfw_posts_per_page'); delete_option('pnfw_last_save_timestamp'); delete_option('pnfw_enable_push_notifications'); delete_option('pnfw_ios_push_notifications'); delete_option('pnfw_android_push_notifications'); delete_option('pnfw_kindle_push_notifications'); delete_option('pnfw_url_scheme'); delete_option('pnfw_ios_use_sandbox'); delete_option('pnfw_sandbox_ssl_certificate_media_id'); delete_option('pnfw_sandbox_ssl_certificate_password'); delete_option('pnfw_production_ssl_certificate_media_id'); delete_option('pnfw_production_ssl_certificate_password'); delete_option('pnfw_ios_payload_sound'); delete_option('pnfw_google_api_key'); delete_option('pnfw_adm_client_id'); delete_option('pnfw_adm_client_secret'); delete_option('pnfw_api_consumer_key'); delete_option('pnfw_api_consumer_secret'); delete_option('pnfw_enabled_post_types'); delete_option('pnfw_enabled_object_taxonomies'); delete_option('pnfw_use_wpautop'); delete_option('pnfw_disable_email_verification'); delete_option('pnfw_add_message_field_in_payload'); delete_option('pnfw_uninstall_data'); flush_rewrite_rules(); }
static function join_site() { global $current_user, $blog_id; $jmm_options = get_option('helfjmm_options'); if (!is_user_logged_in()) { return false; } if (!is_user_member_of_blog()) { add_user_to_blog($blog_id, $current_user->ID, $jmm_options['role']); } }
/** * @param array $item A singular item (one full row's worth of data) * * @return string Text to be placed inside the column <td> */ function column_title($item) { list($user_id, $blog_id) = explode(':', $item['ID']); // Build row actions $actions = array('visit' => sprintf('<a href="%s">%s</a>', get_site_url($blog_id), __('Visit Book'))); // Only include admin link if user has admin rights to the book in question if (is_super_admin($user_id) || is_user_member_of_blog($user_id, $blog_id)) { $actions['dashboard'] = sprintf('<a href="%s">%s</a>', get_admin_url($blog_id), __('Visit Admin', 'pressbooks')); } // Return the title contents return sprintf('<span class="title">%1$s</span> %2$s', $item['title'], $this->row_actions($actions)); }
/** * Checks that both the editing user and the user being edited are * members of the blog and prevents the super admin being edited. */ function rl_edit_permission_check() { global $current_user, $profileuser; $screen = get_current_screen(); get_currentuserinfo(); if (!is_super_admin($current_user->ID) && in_array($screen->base, array('user-edit', 'user-edit-network'))) { if (is_super_admin($profileuser->ID)) { wp_die(__('You do not have permission to edit this user.')); } elseif (!(is_user_member_of_blog($profileuser->ID, get_current_blog_id()) && is_user_member_of_blog($current_user->ID, get_current_blog_id()))) { wp_die(__('You do not have permission to edit this user.')); } elseif (array_key_exists('email', $_POST) || array_key_exists('email', $_GET) && count(get_blogs_of_user($profileuser->ID)) > 1) { wp_die(__('You do not have permission to edit this user password.')); } } }
/** * Check members only (hooked into dlm_can_download) checks if the download is members only and enfoces log in. * * Other plugins can use the 'dlm_can_download' filter directly to change access rights. * * @access public * * @param boolean $can_download * @param mixed $download * * @return boolean */ public function check_members_only($can_download, $download) { // Check if download is a 'members only' download if (false !== $can_download && $download->is_members_only()) { // Check if user is logged in if (!is_user_logged_in()) { $can_download = false; } else { if (is_multisite() && !is_user_member_of_blog(get_current_user_id(), get_current_blog_id())) { $can_download = false; } } } return $can_download; }
function editorize_save_post($post_id) { if (!isset($_POST['editorize_nonce']) || !wp_verify_nonce($_POST['editorize_nonce'], 'editorize_add_editor')) { return; } $current_post_editor = editorize_get_post_editor($post_id); if ($current_post_editor == get_current_user_id() || !current_user_can('edit_others_posts')) { return; } $post_editor = !empty($_POST['editorize_post_editor']) ? intval($_POST['editorize_post_editor']) : 0; if (!$post_editor || !is_user_member_of_blog($post_editor)) { delete_post_meta($post_id, '_post_editor_id'); } else { update_post_meta($post_id, '_post_editor_id', $post_editor); } }
/** * Adds the default roles for all sites to a user, specified by $user_id */ function msum_add_roles($user_id) { foreach (msum_get_blog_list(0, 'all') as $key => $blog) { if (is_user_member_of_blog($user_id, $blog['blog_id'])) { continue; } switch_to_blog($blog['blog_id']); $role = get_option('msum_default_user_role', 'none'); // if no default set, use 'none' if ($role != 'none') { add_user_to_blog($blog['blog_id'], $user_id, $role); } restore_current_blog(); } update_user_meta($user_id, 'msum_has_caps', 'true'); }
/** * Test that usermeta cache is cleared after user deletion. * * @ticket 19500 */ function test_is_user_member_of_blog() { $old_current = get_current_user_id(); $user_id = $this->factory->user->create(array('role' => 'subscriber')); wp_set_current_user($user_id); $this->assertTrue(is_user_member_of_blog()); $this->assertTrue(is_user_member_of_blog(0, 0)); $this->assertTrue(is_user_member_of_blog(0, get_current_blog_id())); $this->assertTrue(is_user_member_of_blog($user_id)); $this->assertTrue(is_user_member_of_blog($user_id, get_current_blog_id())); // Will only remove the user from the current site in multisite; this is desired // and will achieve the desired effect with is_user_member_of_blog(). wp_delete_user($user_id); $this->assertFalse(is_user_member_of_blog($user_id)); $this->assertFalse(is_user_member_of_blog($user_id, get_current_blog_id())); wp_set_current_user($old_current); }
/** * Method to read a customer object. * * @since 2.7.0 * @param WC_Customer */ public function read(&$customer) { global $wpdb; // User object is required. if (!$customer->get_id() || !($user_object = get_user_by('id', $customer->get_id())) || empty($user_object->ID)) { throw new Exception(__('Invalid customer.', 'woocommerce')); } // Only users on this site should be read. if (is_multisite() && !is_user_member_of_blog($customer->get_id())) { throw new Exception(__('Invalid customer.', 'woocommerce')); } $customer_id = $customer->get_id(); $customer->set_props(array_map('wc_flatten_meta_callback', get_user_meta($customer_id))); $customer->set_props(array('is_paying_customer' => get_user_meta($customer_id, 'paying_customer', true), 'email' => $user_object->user_email, 'username' => $user_object->user_login, 'date_created' => strtotime($user_object->user_registered), 'date_modified' => get_user_meta($customer_id, 'last_update', true), 'role' => !empty($user_object->roles[0]) ? $user_object->roles[0] : 'customer')); $customer->read_meta_data(); $customer->set_object_read(true); do_action('woocommerce_customer_loaded', $customer); }
function rublon2factor_authenticate($user, $username, $password) { $user = wp_authenticate_username_password($user, $username, $password); if (is_wp_error($user)) { return $user; } else { do_action('rublon_pre_authenticate', $user); $user_id = RublonHelper::getUserId($user); if (is_user_member_of_blog($user_id) && RublonHelper::isSiteRegistered()) { wp_logout(); $remember = !empty($_POST['rememberme']); $authURL = RublonHelper::authenticateWithRublon($user, $remember); if (empty($authURL)) { if (RublonHelper::canShowBusinessEditionUpgradeBoxAfterLogin($user)) { RublonHelper::setMessage('BUSINESS_EDITION_UPGRADE_BOX', 'updated', 'RC'); } $levels = RublonRolesProtection::getProtectionTypesLevels(); if ($levels[RublonHelper::getUserProtectionType()] >= $levels[RublonHelper::PROTECTION_TYPE_MOBILE]) { $user_email = RublonHelper::getUserEmail($user); $obfuscated_email = RublonHelper::obfuscateEmail($user_email); RublonHelper::setMessage('ROLE_BLOCKED|' . base64_encode($obfuscated_email), 'error', 'LM'); $return_page = RublonHelper::getReturnPage(); wp_safe_redirect(wp_login_url($return_page)); exit; } else { RublonHelper::setMobileUserStatus($user, RublonHelper::NO); return $user; } } else { RublonHelper::setLoginToken($user); wp_redirect($authURL); exit; } } else { return $user; } } }
/** * Does the given user need to be migrated? * * @param int $user_id * @param int $blog_id Optional. * * @return bool */ private function is_user_required_for_blog($user_id, $blog_id = 0) { static $users = array(); if (empty($user_id)) { $user_id = 0; } if (empty($blog_id)) { $blog_id = 0; } if (isset($users[$blog_id][$user_id])) { return $users[$blog_id][$user_id]; } if (!is_multisite()) { $users[$blog_id][$user_id] = true; return $users[$blog_id][$user_id]; } $subsites = $this->subsites_list(); if (empty($subsites) || !array_key_exists($blog_id, $subsites)) { $users[$blog_id][$user_id] = false; return $users[$blog_id][$user_id]; } if (is_user_member_of_blog($user_id, $blog_id)) { $users[$blog_id][$user_id] = true; return $users[$blog_id][$user_id]; } // If the user has any posts that are going to be migrated, we need the user regardless of whether they still have access. switch_to_blog($blog_id); $user_posts = count_user_posts($user_id); restore_current_blog(); if (0 < $user_posts) { $users[$blog_id][$user_id] = true; return $users[$blog_id][$user_id]; } // If here, user not required. $users[$blog_id][$user_id] = false; return $users[$blog_id][$user_id]; }
/** * Read a customer from the database. * @since 2.7.0 * @param integer $id */ public function read($id) { global $wpdb; // User object is required. if (!$id || !($user_object = get_user_by('id', $id)) || empty($user_object->ID)) { $this->set_id(0); return; } // Only users on this site should be read. if (is_multisite() && !is_user_member_of_blog($id)) { $this->set_id(0); return; } $this->set_id($user_object->ID); $this->set_props(array_map(array($this, 'flatten_post_meta'), get_user_meta($id))); $this->set_props(array('is_paying_customer' => get_user_meta($id, 'paying_customer', true), 'email' => $user_object->user_email, 'username' => $user_object->user_login, 'date_created' => strtotime($user_object->user_registered), 'date_modified' => get_user_meta($id, 'last_update', true), 'role' => !empty($user_object->roles[0]) ? $user_object->roles[0] : 'customer')); $this->read_meta_data(); }
/** * Checks if the current user belong to a given blog. * * @since MU * @deprecated 3.3.0 * @deprecated Use is_user_member_of_blog() * @see is_user_member_of_blog() * * @param int $blog_id Blog ID * @return bool True if the current users belong to $blog_id, false if not. */ function is_blog_user($blog_id = 0) { _deprecated_function(__FUNCTION__, '3.3', 'is_user_member_of_blog()'); return is_user_member_of_blog(get_current_user_id(), $blog_id); }
static function can_current_user_connect($_blog_id = false) { global $current_user; if (!$_blog_id) { $_blog_id = GPlus_Authorship_Utils::get_blog_id(); } if (is_user_member_of_blog($current_user->ID, $_blog_id) || is_super_admin($current_user->ID)) { return true; } return false; }
/** * Process the login form. */ public static function process_login() { $nonce_value = isset($_POST['_wpnonce']) ? $_POST['_wpnonce'] : ''; $nonce_value = isset($_POST['woocommerce-login-nonce']) ? $_POST['woocommerce-login-nonce'] : $nonce_value; if (!empty($_POST['login']) && wp_verify_nonce($nonce_value, 'woocommerce-login')) { try { $creds = array('user_password' => $_POST['password'], 'remember' => isset($_POST['rememberme'])); $username = trim($_POST['username']); $validation_error = new WP_Error(); $validation_error = apply_filters('woocommerce_process_login_errors', $validation_error, $_POST['username'], $_POST['password']); if ($validation_error->get_error_code()) { throw new Exception('<strong>' . __('Error:', 'woocommerce') . '</strong> ' . $validation_error->get_error_message()); } if (empty($username)) { throw new Exception('<strong>' . __('Error:', 'woocommerce') . '</strong> ' . __('Username is required.', 'woocommerce')); } if (empty($_POST['password'])) { throw new Exception('<strong>' . __('Error:', 'woocommerce') . '</strong> ' . __('Password is required.', 'woocommerce')); } if (is_email($username) && apply_filters('woocommerce_get_username_from_email', true)) { $user = get_user_by('email', $username); if (isset($user->user_login)) { $creds['user_login'] = $user->user_login; } else { throw new Exception('<strong>' . __('Error:', 'woocommerce') . '</strong> ' . __('A user could not be found with this email address.', 'woocommerce')); } } else { $creds['user_login'] = $username; } // On multisite, ensure user exists on current site, if not add them before allowing login. if (is_multisite()) { $user_data = get_user_by('login', $username); if ($user_data && !is_user_member_of_blog($user_data->ID, get_current_blog_id())) { add_user_to_blog(get_current_blog_id(), $user_data->ID, 'customer'); } } // Perform the login $user = wp_signon(apply_filters('woocommerce_login_credentials', $creds), is_ssl()); if (is_wp_error($user)) { $message = $user->get_error_message(); $message = str_replace('<strong>' . esc_html($creds['user_login']) . '</strong>', '<strong>' . esc_html($username) . '</strong>', $message); throw new Exception($message); } else { if (!empty($_POST['redirect'])) { $redirect = $_POST['redirect']; } elseif (wp_get_referer()) { $redirect = wp_get_referer(); } else { $redirect = wc_get_page_permalink('myaccount'); } wp_redirect(apply_filters('woocommerce_login_redirect', $redirect, $user)); exit; } } catch (Exception $e) { wc_add_notice(apply_filters('login_errors', $e->getMessage()), 'error'); do_action('woocommerce_login_failed'); } } }
/** * Private. Set all user interface settings. * * @package WordPress * @subpackage Option * @since 2.8.0 * * @param array $user_settings * @return bool */ function wp_set_all_user_settings($user_settings) { global $_updated_user_settings; if (!($user_id = get_current_user_id())) { return false; } if (is_super_admin() && !is_user_member_of_blog()) { return; } $settings = ''; foreach ($user_settings as $name => $value) { $_name = preg_replace('/[^A-Za-z0-9_]+/', '', $name); $_value = preg_replace('/[^A-Za-z0-9_]+/', '', $value); if (!empty($_name)) { $settings .= $_name . '=' . $_value . '&'; } } $settings = rtrim($settings, '&'); parse_str($settings, $_updated_user_settings); update_user_option($user_id, 'user-settings', $settings, false); update_user_option($user_id, 'user-settings-time', time(), false); return true; }
/** * Converts a JLSuggest database string into a URL. * * @since 6.0 * * @param string $value The JLSuggest database string to convert. * @param bool $get_src_if_media Whether to get the URL to the actual media item rather than the URL to its WP-powered singular page, if the item is an attachment. * @return string The URL of the referenced destination */ function jlsuggest_value_to_url($value, $get_src_if_media = false) { list($to_genus, $to_type, $to_id) = $this->jlsuggest_value_explode($value); switch ($to_genus) { case 'url': return $to_id; break; case 'posttype': $to_id = (int) $to_id; switch (get_post_status($to_id)) { case 'publish': if ($get_src_if_media && 'attachment' == get_post_type($to_id)) { return wp_get_attachment_url($to_id); } return get_permalink($to_id); case false: //Post doesn't exist //Post doesn't exist default: //Post exists but isn't published return false; } break; case 'taxonomy': $to_id = (int) $to_id; $term_link = get_term_link($to_id, $to_type); if ($term_link && !is_wp_error($term_link)) { return $term_link; } return false; break; case 'home': return suwp::get_blog_home_url(); break; case 'author': $to_id = (int) $to_id; if (is_user_member_of_blog($to_id)) { return get_author_posts_url($to_id); } return false; break; case 'internal-link-alias': if ($this->plugin->module_exists('internal-link-aliases')) { $alias_dir = $this->get_setting('alias_dir', 'go', 'internal-link-aliases'); $aliases = $this->get_setting('aliases', array(), 'internal-link-aliases'); if (isset($aliases[$to_id]['to'])) { $u_alias_to = urlencode($aliases[$to_id]['to']); return get_bloginfo('url') . "/{$alias_dir}/{$u_alias_to}/"; } } return false; break; } return false; }
/** * Handles sending password retrieval email to customer. * * Based on retrieve_password() in core wp-login.php * * @access public * @uses $wpdb WordPress Database object * @return bool True: when finish. False: on error */ public static function retrieve_password() { global $wpdb, $wp_hasher; if (empty($_POST['user_login'])) { wc_add_notice(__('Enter a username or e-mail address.', 'woocommerce'), 'error'); return false; } else { // Check on username first, as customers can use emails as usernames. $login = trim($_POST['user_login']); $user_data = get_user_by('login', $login); } // If no user found, check if it login is email and lookup user based on email. if (!$user_data && is_email($_POST['user_login']) && apply_filters('woocommerce_get_username_from_email', true)) { $user_data = get_user_by('email', trim($_POST['user_login'])); } do_action('lostpassword_post'); if (!$user_data) { wc_add_notice(__('Invalid username or e-mail.', 'woocommerce'), 'error'); return false; } if (is_multisite() && !is_user_member_of_blog($user_data->ID, get_current_blog_id())) { wc_add_notice(__('Invalid username or e-mail.', 'woocommerce'), 'error'); return false; } // redefining user_login ensures we return the right case in the email $user_login = $user_data->user_login; $user_email = $user_data->user_email; do_action('retrieve_password', $user_login); $allow = apply_filters('allow_password_reset', true, $user_data->ID); if (!$allow) { wc_add_notice(__('Password reset is not allowed for this user', 'woocommerce'), 'error'); return false; } elseif (is_wp_error($allow)) { wc_add_notice($allow->get_error_message(), 'error'); return false; } $key = wp_generate_password(20, false); do_action('retrieve_password_key', $user_login, $key); // Now insert the key, hashed, into the DB. if (empty($wp_hasher)) { require_once ABSPATH . 'wp-includes/class-phpass.php'; $wp_hasher = new PasswordHash(8, true); } $hashed = $wp_hasher->HashPassword($key); $wpdb->update($wpdb->users, array('user_activation_key' => $hashed), array('user_login' => $user_login)); // Send email notification WC()->mailer(); // load email classes do_action('woocommerce_reset_password_notification', $user_login, $key); wc_add_notice(__('Check your e-mail for the confirmation link.', 'woocommerce')); return true; }