/**
* Connceting to Twitter network for retreiving profile informaion
*
* @access public
* @since 1.0
* @return void
*/
public function login()
{
$callback_url = upme_add_query_string($this->callback_url(), 'upme_social_login=Twitter&upme_social_action=verify');
$upme_social_action = isset($_GET['upme_social_action']) ? $_GET['upme_social_action'] : '';
$response = new stdClass();
/* Configuring settings for Twitter application */
$app_config = array('appKey' => $this->upme_settings['social_login_twitter_app_key'], 'appSecret' => $this->upme_settings['social_login_twitter_app_secret']);
@session_start();
if ($upme_social_action == 'login') {
$twitter_api = new upme_TwitterOAuth($app_config['appKey'], $app_config['appSecret']);
/* Retrive access token from Twitter */
$response_twitter = $twitter_api->getRequestToken($callback_url);
$_SESSION['oauth_token'] = $response_twitter['oauth_token'];
$_SESSION['oauth_token_secret'] = $response_twitter['oauth_token_secret'];
if ($twitter_api->http_code == 200) {
/* Generate the URL and redirect to Twitter for authentication */
$url = $twitter_api->getAuthorizeURL($response_twitter['oauth_token']);
$this->redirect($url);
} else {
$response->error_code = $twitter_api->http_code;
$response->error_message = upme_language_entry('Request token retrieval failed');
$this->handle_social_error('Twitter', $response->error_code);
}
} elseif (isset($_REQUEST['oauth_token']) && isset($_REQUEST['oauth_verifier'])) {
$twitter_api = new upme_TwitterOAuth($app_config['appKey'], $app_config['appSecret'], $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
$access_token = $twitter_api->getAccessToken($_GET['oauth_verifier']);
$_SESSION['access_token'] = $access_token;
$user_info = $twitter_api->get('account/verify_credentials');
if ($user_info) {
$response->status = TRUE;
$response->upme_network_type = 'twitter';
$response->first_name = str_replace(' ', '', $user_info->name);
$response->last_name = '';
$response->email = $user_info->screen_name . '@twitter.com';
$response->username = $user_info->screen_name;
$response->error_message = '';
} else {
/* Handling Twitter specific errors */
$response->status = FALSE;
$response->error_code = 'user_profile_failed';
$response->error_message = upme_language_entry('Error retrieving profile information');
$this->handle_social_error('Twitter', $response->error_code);
}
}
return $response;
}
/**
* Connceting to Facebook network for retreiving profile informaion
*
* @access public
* @since 1.0
* @return void
*/
public function login()
{
$callback_url = upme_add_query_string($this->callback_url(), 'upme_social_login=Facebook&upme_social_action=verify');
$upme_social_action = isset($_GET['upme_social_action']) ? $_GET['upme_social_action'] : '';
$response = new stdClass();
/* Configuring settings for LinkedIn application */
$app_config = array('appId' => $this->upme_settings['social_login_facebook_app_id'], 'secret' => $this->upme_settings['social_login_facebook_app_secret']);
$facebook = new upme_Facebook($app_config);
if ($upme_social_action == 'login') {
/* Get the login URL and redirect the user to Facebook for authentication */
$loginUrl = $facebook->getLoginUrl(array('redirect_uri' => $callback_url, 'scope' => 'email'));
$this->redirect($loginUrl);
exit;
} else {
/* Retreive the user information from Facebook */
$user = $facebook->getUser();
if ($user) {
try {
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
/* Handling Facebook specific errors */
$user = null;
$response->error_code = $e->getCode();
$response->error_message = $e->getMessage();
$this->handle_social_error('Facebook', $response->error_code);
}
}
if ($user) {
/* Create the user profile object from response */
$response->status = TRUE;
$response->upme_network_type = 'facebook';
$response->first_name = $user_profile['first_name'];
$response->last_name = $user_profile['last_name'];
$response->email = $user_profile['email'];
$response->username = $user_profile['email'];
$response->error_message = '';
} else {
/* Handling Facebook specific errors */
$response->error_code = 'auth_invalid';
$response->error_message = upme_language_entry('Invalid Authorization');
$this->handle_social_error('Facebook', $response->error_code);
}
}
return $response;
}
public function profile_delete_request()
{
global $upme_email_templates;
$user_id = isset($_POST['user_id']) ? $_POST['user_id'] : 0;
$profile_delete_hash = wp_generate_password(12, false);
if ($user_id != 0) {
$user = new WP_User($user_id);
$username = $user->user_login;
// Create profile delete confirmation link
$link = get_permalink($this->upme_settings['login_page_id']);
$query_str = "upme_action=upme_delete_profile&upme_id=" . $user_id . "&upme_profile_delete_code=" . $profile_delete_hash;
$profile_delete_confirm_link = upme_add_query_string($link, $query_str);
// Send email with profile remove confirmation link
$send_params = array('profile_delete_confirm_link' => $profile_delete_confirm_link, 'username' => $username, 'email' => $user->user_email);
$admin_email_status = $upme_email_templates->upme_send_emails('delete_profile_confirm', $user->user_email, '', '', $send_params, $user_id);
// Add random key to verify the delete profile confirmation link
update_user_meta($user_id, '_upme_delete_profile_hash', $profile_delete_hash);
echo json_encode(array('status' => 'success', 'msg' => __('Profile removal request success. We sent you an email with confirmation link. Please click the link to confirm the request.', 'upme')));
} else {
echo json_encode(array('status' => 'error', 'msg' => __('Profile removal request failed.', 'upme')));
}
exit;
}
function get_errors()
{
global $upme;
$display = null;
// Get global login redirect settings
$upme_settings = get_option('upme_options');
$login_redirect_page_id = (int) isset($upme_settings['login_redirect_page_id']) ? $upme_settings['login_redirect_page_id'] : 0;
$reset_password_page_id = (int) isset($upme_settings['reset_password_page_id']) ? $upme_settings['reset_password_page_id'] : 0;
$action = isset($_GET['action']) ? $_GET['action'] : '';
$key = isset($_GET['key']) ? $_GET['key'] : '';
$login = isset($_GET['login']) ? $_GET['login'] : '';
$upme_reset_status = isset($_GET['upme_reset_status']) ? $_GET['upme_reset_status'] : '';
$info_message = '';
$user_data = get_user_by('login', $login);
$user_id = '';
if ($user_data instanceof WP_User) {
$user_id = $user_data->ID;
}
if ('upme_reset_pass' == $action && '' != $key) {
$reset_pass_key = get_user_meta($user_id, 'upme_reset_pass_key', true);
if ('expired' == $reset_pass_key) {
$this->errors[] = __('This password key has expired or has already been used. Please initiate a new password reset.', 'upme');
if ($reset_password_page_id) {
$url = get_permalink($reset_password_page_id);
$url = upme_add_query_string($url, 'upme_reset_status=expired');
}
wp_redirect($url);
} else {
if ($reset_pass_key != $key) {
$this->errors[] = __('Invalid Reset Password Key', 'upme');
} else {
$this->success[] = __('Please enter the new password.', 'upme');
}
}
} elseif ('expired' == $upme_reset_status) {
$this->errors[] = __('This password key has expired or has already been used. Please initiate a new password reset.', 'upme');
}
if (isset($this->errors) && is_array($this->errors)) {
$display .= '<div class="upme-errors">';
foreach ($this->errors as $newError) {
$display .= '<span class="upme-error upme-error-block"><i class="upme-icon upme-icon-remove"></i>' . $newError . '</span>';
}
$display .= '</div>';
} else {
if (isset($this->success) && is_array($this->success)) {
$display .= '<div class="upme-success">';
foreach ($this->success as $newMsg) {
$display .= '<span class="upme-success upme-success-block"><i class="upme-icon upme-icon-ok"></i>' . $newMsg . '</span>';
}
$display .= '</div>';
} else {
if ($login_redirect_page_id) {
$url = get_permalink($login_redirect_page_id);
} else {
$url = $_SERVER['REQUEST_URI'];
}
wp_redirect($url);
}
}
return $display;
}
/**
* Redirect users to login screen to login redirect URL based on the error codes
* and settings defined in UPME
*
* @access public
* @since 1.0
* @uses handle_social_error,upme_new_user_notification,validate_email_confirmation
* automatic_user_login, redirect_registered_users
* @param object $result Result object created from the response generated from social network
* This object will contain all the user profile data requested by the application
* @return void
*/
public function redirect_registered_users($user_id, $activation_status, $approval_status, $type)
{
/* Get login page from UPME settings */
$login_page_id = (int) isset($this->upme_settings['login_page_id']) ? $this->upme_settings['login_page_id'] : 0;
if ('ACTIVE' == $activation_status && 'ACTIVE' == $approval_status) {
/* Automatically log the user when Activation and Approval status is set to TRUE */
wp_set_auth_cookie($user_id, false, is_ssl());
$login_redirect_page_id = (int) isset($this->upme_settings['login_redirect_page_id']) ? $this->upme_settings['login_redirect_page_id'] : 0;
if ($login_redirect_page_id) {
$url = get_permalink($login_redirect_page_id);
wp_redirect($url);
exit;
} else {
$url = get_permalink($login_page_id);
wp_redirect($url);
exit;
}
} else {
if ('INACTIVE' == $activation_status && 'INACTIVE' == $approval_status) {
/* Redirect Activation + confirmation pending users to the login screen with respoective error message */
if ($login_page_id) {
if ($type == 'reg') {
$url = upme_add_query_string(get_permalink($login_page_id), 'upme_login_error=reg_activation_approval');
} else {
$url = upme_add_query_string(get_permalink($login_page_id), 'upme_login_error=activation_approval');
}
wp_redirect($url);
exit;
}
} else {
if ('INACTIVE' == $activation_status) {
/* Redirect Activation pending users to the login screen with respoective error message */
if ($login_page_id) {
if ($type == 'reg') {
$url = upme_add_query_string(get_permalink($login_page_id), 'upme_login_error=reg_activation');
} else {
$url = upme_add_query_string(get_permalink($login_page_id), 'upme_login_error=activation');
}
wp_redirect($url);
exit;
}
} else {
if ('INACTIVE' == $approval_status) {
/* Redirect Approval pending users to the login screen with respoective error message */
if ($login_page_id) {
if ($type == 'reg') {
$url = upme_add_query_string(get_permalink($login_page_id), 'upme_login_error=reg_approval');
} else {
$url = upme_add_query_string(get_permalink($login_page_id), 'upme_login_error=approval');
}
wp_redirect($url);
exit;
}
} else {
}
}
}
}
}
/**
* Connceting to Google network for retreiving profile informaion
*
* @access public
* @since 1.0
* @return void
*/
public function login()
{
$callback_url = upme_add_query_string($this->callback_url(), 'upme_social_login=Google&upme_social_action=verify');
$redirect_url = upme_add_query_string($this->callback_url(), 'upme_social_login=Google&upme_social_action=verify');
$upme_social_action = isset($_GET['upme_social_action']) ? $_GET['upme_social_action'] : '';
$response = new stdClass();
/* Configuring settings for Google application */
$client_id = $this->upme_settings['social_login_google_client_id'];
$client_secret = $this->upme_settings['social_login_google_client_secret'];
@session_start();
$client = new Google_Client();
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($callback_url);
$client->addScope("https://www.googleapis.com/auth/plus.profile.emails.read");
$service = new Google_Service_Plus($client);
if ($upme_social_action == 'login') {
if (!(isset($_SESSION['googleplus_access_token']) && $_SESSION['googleplus_access_token'])) {
$authUrl = $client->createAuthUrl();
$this->redirect($authUrl);
die;
} else {
$this->redirect($callback_url);
die;
}
} elseif (isset($_GET['code'])) {
// Perform HTTP Request to OpenID server to validate key
$client->authenticate($_GET['code']);
$_SESSION['googleplus_access_token'] = $client->getAccessToken();
$this->redirect($callback_url);
die;
} elseif (isset($_SESSION['googleplus_access_token']) && $_SESSION['googleplus_access_token']) {
$client->setAccessToken($_SESSION['googleplus_access_token']);
try {
$user = $service->people->get("me", array());
} catch (Exception $fault) {
unset($_SESSION['googleplus_access_token']);
$this->redirect($callback_url);
die;
}
if (!empty($user)) {
// OK HERE KEY IS VALID
if (!empty($user->emails)) {
$response->email = $user->emails[0]->value;
$response->username = $user->emails[0]->value;
$response->first_name = $user->name->givenName;
$response->upme_network_type = 'google';
$response->status = TRUE;
$response->error_message = '';
} else {
$response->status = FALSE;
$response->error_code = 'auth_invalid';
$response->error_message = upme_language_entry('Invalid Authorization.');
$this->handle_social_error('Google', $response->error_code);
}
} else {
$response->status = FALSE;
$response->error_code = "signature_verify_failed";
$response->error_message = upme_language_entry('Invalid Authorization.');
$this->handle_social_error('Google', $response->error_code);
}
} elseif ($get['openid_mode'] == 'cancel') {
$response->status = FALSE;
$response->error_code = 'cancel_request';
$response->error_message = upme_language_entry('User Canceled Request.');
$this->handle_social_error('Google', $response->error_code);
} else {
$response->status = FALSE;
$response->error_code = 'auth_invalid';
$response->error_message = upme_language_entry('User Login Failed.');
$this->handle_social_error('Google', $response->error_code);
}
return $response;
}
function view_profile($id = null, $width = null, $view = null, $group = null, $show_stats = null, $show_social_bar = null, $use_in_sidebar = null, $users_per_page = null, $hide_until_search = null, $role = null, $recent_posts = null, $logout_redirect = null, $new_window = null, $modal = null, $modal_view = null, $show_result_count = null, $limit_results = null)
{
global $upme_save, $upme_options;
$display = null;
unset($this->searched_users);
/* Search running? */
if (isset($_REQUEST['upme-search-fired'])) {
$current_option = $upme_options->upme_settings;
if ($hide_until_search == 'true' && $current_option['require_search_input'] == '1') {
if ($this->check_search_input()) {
$hide_until_search = false;
} else {
$this->no_search_input = true;
$hide_until_search = true;
}
} else {
$hide_until_search = false;
}
}
$sidebar_class = null;
if ($use_in_sidebar) {
$sidebar_class = 'upme-sidebar';
}
// Manage restricted viewing of user profiles in list pages
$restricted_message = $this->get_option('html_other_profiles_restricted');
$restricted_profile_status = false;
if (is_user_logged_in()) {
$restricted_profile_status = $this->restricted_user_profile($this->logged_in_user, $this->get_option('users_can_view'));
}
$users = array();
/* Ignore id if group is used */
if ($group && !$restricted_profile_status) {
/* allow search */
$this->allow_search = true;
/* pagination */
$pagination_bar = '';
if (!$hide_until_search && $group == 'all') {
if ($users_per_page) {
$pagination_bar .= $this->pagination($users_per_page, $group, $role);
/* Show limited number of users from given list */
if ('true' == $limit_results || 'yes' == $limit_results) {
$pagination_bar = '';
}
}
}
/* Loop of users */
$args = array('orderby' => $this->profile_order_field, 'order' => $this->profile_order);
if ($group != 'all') {
$users = explode(',', $group);
}
/* Setup offset/page and array of users */
if ($users_per_page) {
$args = $this->setup_page($args, $users_per_page);
}
/* Modify args */
if (!$hide_until_search) {
if (isset($_REQUEST['upme-search-fired']) || $group == 'all') {
if (!isset($this->searched_users)) {
$args['show_random'] = $this->show_random;
$args['result_range_start'] = $this->result_range_start;
$args['result_range_count'] = $this->result_range_count;
$args['search_fired'] = TRUE;
$this->search_result($args);
}
foreach ($this->searched_users as $user) {
$users[] = $user->ID;
}
}
}
if ('true' == strtolower($show_result_count) || 'yes' == strtolower($show_result_count)) {
$display .= '<div class="upme-search-result-count">';
$search_result_msg = __('Your search has returned <span>' . $this->total_matching_user . '</span> results', 'upme');
$display .= apply_filters('upme_search_result_count_message', $search_result_msg, $this->total_matching_user);
$display .= '</div>';
}
$display .= $pagination_bar;
} else {
if ($group && $restricted_profile_status) {
return $restricted_message;
} else {
if (!$group && $restricted_profile_status) {
if ($this->logged_in_user == $id || $this->author_filtering_status) {
$users[] = $id;
} else {
return $restricted_message;
}
} else {
$users[] = $id;
}
}
}
$pic_class = 'upme-pic';
if (upme_is_safari()) {
$pic_class = 'upme-pic safari';
}
/* Loop and display users */
if (!$hide_until_search) {
if ($users) {
$display .= '<div class="upme-column-wrap">';
foreach ($users as $id) {
// Show custom field as profile title
$current_options = $this->upme_options;
$profile_title_field = $this->upme_options['profile_title_field'];
$profile_title_display = $this->upme_profile_title_value($profile_title_field, $id);
/* Block profile based on custom status and display information to user */
$validate_profile_visibility_params = array('user_id' => $id, 'status' => 'true', 'info' => '', 'context' => 'full_profile');
$profile_visibility = apply_filters('upme_validate_profile_visibility', $validate_profile_visibility_params);
if (isset($profile_visibility['status']) && !$profile_visibility['status']) {
$display .= upme_profile_visibility_info($profile_visibility, $profile_title_display);
continue;
}
/* <-- Block profile --> */
$display .= '<div class="upme-wrap upme-' . $id . ' upme-width-' . $width . ' ' . $sidebar_class . '">
<div class="upme-inner upme-clearfix upme-view-panel">';
if (isset($this->upme_options['profile_cover_image_status']) && $this->upme_options['profile_cover_image_status'] && is_null($view)) {
$cover_image = get_user_meta($id, 'user_cover_pic', true);
$cover_image_display = '';
if ($cover_image != '') {
$cover_image_display = '<img src="' . $cover_image . '" />';
}
$display .= '<div class="upme-cover-image">' . $cover_image_display . '</div>';
}
/* UPME Filters for after profile head section */
$display .= apply_filters('upme_profile_before_head', '', $id);
if ('compact' == $view) {
$display .= apply_filters('upme_compact_profile_before_head', '', $id);
} else {
$display .= apply_filters('upme_full_profile_before_head', '', $id);
}
// End Filters
$display .= '<div class="upme-head">
<div class="upme-left">';
// Enable profile loading on new window
$new_window_display = 'yes' == $new_window || 'true' == $new_window ? ' target="_blank" ' : '';
$new_window_display_pic = $new_window_display;
$params = array('id' => $id, 'view' => $view, 'modal' => $modal, 'group' => $group, 'use_in_sidebar' => $use_in_sidebar, 'context' => 'normal');
/* UPME Filter for customizing profile URL */
$profile_url = apply_filters('upme_custom_profile_url', $this->profile_link($id), $params);
// End Filter
// Override new window setting when modal is set
if ('yes' == $modal || 'true' == $modal) {
$new_window_display = ' class="profile-fancybox " data-url="' . $profile_url . '"';
$profile_url = '#upme_inner_modal';
}
$profile_pic_display = '';
if ($this->get_option('clickable_profile')) {
if ($this->get_option('clickable_profile') == 1) {
if ('compact' == $view) {
$profile_pic_display .= '<a href="' . $profile_url . '" upme-data-user-id="' . $id . '" ' . $new_window_display . '>' . $this->pic($id, 50) . '</a>';
} else {
$profile_pic_display .= '<a href="' . $profile_url . '">' . $this->pic($id, 50) . '</a>';
}
} else {
$profile_pic_display .= '<a href="' . get_author_posts_url($id) . '" ' . $new_window_display_pic . '>' . $this->pic($id, 50) . '</a>';
}
} else {
$profile_pic_display .= $this->pic($id, 50);
}
$display .= '<div class="' . $pic_class . '">';
/* UPME Filter for customizing profile picture */
$params = array('id' => $id, 'view' => $view, 'modal' => $modal, 'use_in_sidebar' => $use_in_sidebar, 'context' => 'normal');
$profile_pic_display = apply_filters('upme_custom_profile_pic', $profile_pic_display, $params);
$display .= $profile_pic_display;
// End Filter
$display .= '</div>';
if ($this->can_edit_profile($this->logged_in_user, $id)) {
$display .= '<div class="upme-name">
<div class="upme-field-name">';
if ($this->get_option('clickable_profile')) {
if ($this->get_option('clickable_profile') == 1) {
if ('compact' == $view) {
$display .= '<a href="' . $profile_url . '" upme-data-user-id="' . $id . '" ' . $new_window_display . ' >';
} else {
if ('yes' != $modal_view && 'true' != $modal_view) {
$display .= '<a href="' . $profile_url . '" >';
}
}
} else {
if ('yes' != $modal_view && 'true' != $modal_view) {
$display .= '<a href="' . get_author_posts_url($id) . '" ' . $new_window_display_pic . '>';
}
}
$display .= $profile_title_display;
$display .= '</a>';
} else {
$display .= $profile_title_display;
}
$display .= '</div>';
/* UPME filter for adding contents into header section between profile title and buttons */
$profile_header_fields_params = array('id' => $id, 'view' => $view, 'modal' => $modal, 'use_in_sidebar' => $use_in_sidebar, 'context' => 'normal');
$display .= apply_filters('upme_profile_header_fields', '', $profile_header_fields_params);
if ($use_in_sidebar == 'yes' || $use_in_sidebar) {
$link = get_permalink($this->get_option('profile_page_id'));
$class = "upme-button-alt";
$link_text = __('View Profile', 'upme');
} else {
$link = '#edit';
$class = "upme-button-alt upme-fire-editor upme-fire-editor-view";
$link_text = __('Edit Profile', 'upme');
}
//Enable customlogout url
$logout_url = '';
if ($logout_redirect) {
$logout_url = ' redirect_to=' . $logout_redirect;
}
//Change link for modal edit button
$target_window = '';
// Enable profile view/edit modes based on loading window
$params = array('logout_url' => $logout_url, 'group' => $group, 'use_in_sidebar' => $use_in_sidebar, 'view' => $view);
if (isset($_POST['upme_modal_profile']) && 'yes' == $_POST['upme_modal_profile']) {
$link = $this->profile_link($id);
$link = upme_add_query_string($profile_url, 'upme_modal_target_link=yes');
$target_window = ' target="_blank" ';
$edit_buttons = '<a ' . $target_window . ' href="' . $link . '" class="' . $class . '">' . $link_text . '</a> ' . do_shortcode('[upme_logout wrap_div="false" user_id="' . $id . '" ' . $logout_url . ']');
$params['type'] = 'modal';
$display .= '<div class="upme-field-edit-modal">';
/* UPME Filters for profile edit buttons panel */
$display .= apply_filters('upme_profile_edit_bar', $edit_buttons, $id, $params);
// End Filter
$display .= '</div>
</div>';
} else {
$edit_buttons = '<a href="' . $link . '" class="' . $class . '">' . $link_text . '</a> ' . do_shortcode('[upme_logout wrap_div="false" user_id="' . $id . '" ' . $logout_url . ']');
$params['type'] = $view;
$display .= '<div class="upme-field-edit">';
/* UPME Filters for profile edit buttons panel */
$display .= apply_filters('upme_profile_edit_bar', $edit_buttons, $id, $params);
// End Filter
$display .= '</div>
</div>';
}
} else {
$display .= '<div class="upme-name">
<div class="upme-field-name ">';
if ($this->get_option('clickable_profile')) {
if ($this->get_option('clickable_profile') == 1) {
if ('compact' == $view) {
$display .= '<a href="' . $profile_url . '" upme-data-user-id="' . $id . '" ' . $new_window_display . '>';
} else {
if ('yes' != $modal_view && 'true' != $modal_view) {
$display .= '<a href="' . $profile_url . '" >';
}
}
} else {
if ('yes' != $modal_view && 'true' != $modal_view) {
$display .= '<a href="' . get_author_posts_url($id) . '" ' . $new_window_display_pic . '>';
}
}
$display .= $profile_title_display;
$display .= '</a>';
} else {
$display .= $profile_title_display;
}
$display .= '</div>';
$profile_header_fields_params = array('id' => $id, 'view' => $view, 'modal' => $modal, 'use_in_sidebar' => $use_in_sidebar, 'context' => 'normal');
$display .= apply_filters('upme_profile_header_fields', '', $profile_header_fields_params);
$display .= '</div>';
}
$display .= '</div>';
if (($width == '2' || $width == '3') && $view != 'compact') {
$display .= '<div class="upme-clear"></div>';
}
$display .= '<div class="upme-right">';
if ($show_social_bar != 'no' && $show_social_bar != 'false') {
$display .= $this->show_user_social_profiles($id);
}
if ($show_stats != 'no' && $show_stats != 'false') {
$display .= $this->show_user_stats($id);
}
$display .= '</div><div class="upme-clear"></div>';
$user_profile_form_name = get_user_meta($id, 'upme-register-form-name', true);
if ($user_profile_form_name == '') {
$user_profile_form_name = $this->profile_form_name;
}
/* UPME Filters for customizing profile form name */
$profile_form_name_params = array('user_id' => $id, 'view' => $view, 'page_form_name' => $this->profile_form_name, 'profile_form_name' => $user_profile_form_name, 'width' => $width);
$user_profile_form_name = apply_filters('upme_profile_form_name', $user_profile_form_name, $profile_form_name_params);
// End Filter
/* UPME Filters for profile header buttons panel */
$header_bar_params = array('view' => $view, 'form_name' => $user_profile_form_name, 'width' => $width);
$display .= apply_filters('upme_profile_header_bar', '', $id, $header_bar_params);
// End Filter
$display .= '</div>';
/* UPME Filters for after profile head section */
$display .= apply_filters('upme_profile_after_head', '', $id);
/* UPME Filters for tabs */
$profile_tabbed_sections_params = array('id' => $id, 'view' => $view, 'group' => $group);
$display .= apply_filters('upme_profile_tabbed_sections', '', $profile_tabbed_sections_params);
if ('compact' == $view) {
$display .= apply_filters('upme_compact_profile_after_head', '', $id);
} else {
$display .= apply_filters('upme_full_profile_after_head', '', $id);
}
// End Filters
$display .= '<div id="upme-profile-panel" class="upme-profile-tab-panel upme-main upme-main-' . $view . '">';
$display .= '<div id="upme-profile-view-msg-holder" class="" style="display:none;" ></div>';
/* Display errors */
if (isset($_POST['upme-submit-' . $id])) {
$display .= $upme_save->get_errors($id);
}
$display .= $this->show_profile_fields($id, $view);
$display .= $this->edit_profile_fields($id, $width, $sidebar_class);
$display .= '</div>';
// Add dynamic AJAX based forms into View Profile section
$form_params = array('id' => $id, 'view' => $view);
$display .= apply_filters('upme_profile_view_forms', '', $form_params);
/////////////////////////
/* UPME Filters for after profile head section */
$display .= apply_filters('upme_profile_after_fields', '', $id);
if ('compact' == $view) {
$display .= apply_filters('upme_compact_profile_after_fields', '', $id);
} else {
$display .= apply_filters('upme_full_profile_after_fields', '', $id);
}
// End Filters
if ('1' == $current_options['show_recent_user_posts'] && 'no' != $recent_posts && !$view) {
$post_limit = $current_options['maximum_allowed_posts'];
$feature_image_status = $current_options['show_feature_image_posts'];
$display .= $this->show_profile_posts($id, $post_limit, $feature_image_status, $view);
}
$display .= '</div>
</div>';
}
// Display inline fancybox container and loading image, when modal window is not enables
if ('yes' != $modal_view && 'true' != $modal_view) {
$display .= '<div id="upme_inner_modal" style="display:none"></div>';
$display .= '<div id="upme_inner_modal_loader" style="display:none"><img src="' . upme_url . 'css/images/fancybox/fancybox_loading.gif" /></div>';
}
$display .= '</div>';
} else {
$display .= '<p>' . sprintf(__('Nothing found matching the selected criteria.', 'upme')) . '</p>';
}
} else {
if (isset($this->no_search_input) && $this->no_search_input == true) {
$display .= '<p>' . sprintf(__('Please enter search criteria.', 'upme')) . '</p>';
}
}
/* pagination */
$pagination_bar_bottom = '';
if (!$hide_until_search) {
if ($group == 'all') {
if ($users_per_page) {
$display .= '<div class="upme-clear"></div>';
$pagination_bar_bottom .= $this->pagination($users_per_page, $group, $role);
/* Show limited number of users from given list */
if ('true' == $limit_results || 'yes' == $limit_results) {
$pagination_bar_bottom = '';
}
$display .= $pagination_bar_bottom;
if (!isset($this->upme_search) || isset($this->upme_search) && $this->upme_search == false) {
// Show Hidden Form in case there is no search form
$display .= '<form action="" method="post" id="upme-pagination-form">';
$display .= '<input type="hidden" name="userspage" id="upme-pagination-form-per-page" />';
$display .= '</form>';
}
}
}
}
return $display;
}
function request_new_pass()
{
global $wpdb, $current_site, $wp_hasher, $upme_email_templates;
if (strpos($_POST['user_details'], '@')) {
$user_data = get_user_by('email', trim($_POST['user_details']));
if (empty($user_data)) {
echo "invalid_email";
die;
}
} else {
$login = trim($_POST['user_details']);
$user_data = get_user_by('login', $login);
}
if (!$user_data) {
echo "invalid";
die;
}
// redefining user_login ensures we return the right case in the email
$user_login = $user_data->user_login;
$user_email = $user_data->user_email;
do_action('retreive_password', $user_login);
// Misspelled and deprecated
do_action('retrieve_password', $user_login);
$allow = apply_filters('allow_password_reset', true, $user_data->ID);
if (!$allow) {
echo "not_allowed";
die;
}
// Generate something random for a key...
$key = wp_generate_password(20, false);
do_action('retrieve_password_key', $user_login, $key);
// Set upme reset password key for validation in reset password form
$reset_pass_key = $key;
update_user_meta($user_data->ID, 'upme_reset_pass_key', $key);
$current_option = get_option('upme_options');
$reset_page_url = get_permalink($current_option['reset_password_page_id']);
$query_str = 'action=upme_reset_pass&key=' . $reset_pass_key . '&login='******'Someone requested that the password be reset for the following account:', 'upme') . "\r\n\r\n";
$message .= network_home_url('/') . "\r\n\r\n";
$message .= sprintf(__('Username: %s', 'upme'), $user_login) . "\r\n\r\n";
$message .= __('If this was a mistake, just ignore this email and nothing will happen.', 'upme') . "\r\n\r\n";
$message .= __('To reset your password, visit the following address:', 'upme') . "\r\n\r\n";
$message .= '<' . $reset_page_url . '>';
if (is_multisite()) {
$blogname = $GLOBALS['current_site']->site_name;
} else {
// The blogname option is escaped with esc_html on the way into the database in sanitize_option
// we want to reverse this for the plain text arena of emails.
$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
}
$title = sprintf(__('[%s] Password Reset', 'upme'), $blogname);
$title = apply_filters('retrieve_password_title', $title);
$message = apply_filters('retrieve_password_message', $message, $key);
/* UPME Filter for customizing new user activation email content for admins */
$message = apply_filters('upme_reset_pass_content', $message, $user_login, $user_email, $reset_page_url);
// End Filter
/* UPME Filter for customizing new user activation email subject for admins */
$title = apply_filters('upme_reset_pass_subject', $title);
// End Filter
$send_params = array('reset_page_url' => $reset_page_url, 'username' => $user_login);
$email_status = $upme_email_templates->upme_send_emails('forgot_password', $user_email, $title, $message, $send_params, $user_data->ID);
if ($message && !$email_status) {
echo "mail_error";
die;
}
echo "success";
die;
}
function create()
{
global $upme_roles, $upme_email_templates, $upme_save;
require_once ABSPATH . 'wp-includes/pluggable.php';
// Verify whether registration form name is modified
if (isset($_POST['upme-register-form-name'])) {
$upme_secret_key = get_option('upme_secret_key');
$register_form_name = $_POST['upme-register-form-name'];
$register_form_name_hash = $_POST['upme-hidden-register-form-name-hash'];
if ($register_form_name_hash != hash('sha256', $register_form_name . $upme_secret_key)) {
// Invailid form name was defined by manually editing
$this->errors[] = __('Invalid registration form.', 'upme');
return;
}
$this->registration_form_name = $register_form_name;
}
/* UPME action for adding restrictions before registration */
$before_registration_validation_params = array();
do_action('upme_before_registration_restrictions', $this->usermeta, $before_registration_validation_params);
/* END action */
/* Create profile when there is no error */
if (!isset($this->errors)) {
// Set date format from admin settings
$upme_settings = get_option('upme_options');
$upme_date_format = (string) isset($upme_settings['date_format']) ? $upme_settings['date_format'] : 'mm/dd/yy';
/* Create account, update user meta */
$sanitized_user_login = sanitize_user($_POST['user_login']);
/* Get password */
if (isset($_POST['user_pass']) && $_POST['user_pass'] != '') {
$user_pass = $_POST['user_pass'];
} else {
$user_pass = wp_generate_password(12, false);
/* UPME Filters for before registration head section */
$registration_generated_password_params = array('meta' => $this->usermeta);
$user_pass = apply_filters('upme_registration_generated_password', $user_pass, $registration_generated_password_params);
// End Filters
}
/* New user */
$user_id = wp_create_user($sanitized_user_login, $user_pass, $_POST['user_email']);
if (!$user_id) {
/* UPME action for handling failure in new user creation */
$new_user_registration_fail_params = array();
do_action('upme_new_user_registration_fail', $user_id, $new_user_registration_fail_params);
/* END action */
} else {
global $upme;
/* Force custom user role on registration using shortcode attributes */
if (isset($_POST['upme-hidden-register-form-user-role'])) {
$upme_secret_key = get_option('upme_secret_key');
$register_user_role = $_POST['upme-hidden-register-form-user-role'];
$register_user_role_hash = $_POST['upme-hidden-register-form-user-role-hash'];
if ($register_user_role_hash == hash('sha256', $register_user_role . $upme_secret_key) && get_role($register_user_role)) {
$user = new WP_User($user_id);
$user->set_role($register_user_role);
} else {
// Invailid user role was defined by manually editing
return;
}
} else {
/* Allow users to select the role without forcing */
$allow_user_role_registration = $upme_settings['select_user_role_in_registration'];
// Set new users role specified in the registration page
// This will only used when Select User Role in Registration setting is enabled
$allowed_user_roles = $upme_roles->upme_allowed_user_roles_registration();
$user_role = isset($this->usermeta['user_role']) ? $this->usermeta['user_role'] : '';
if (!empty($user_role) && isset($allowed_user_roles[$user_role]) && $allow_user_role_registration) {
$user = new WP_User($user_id);
$user->set_role($user_role);
}
}
// Get profile fields
$profile_fields = get_option('upme_profile_fields');
// Get list of dattime fields
$date_time_fields = array();
foreach ($profile_fields as $key => $field) {
extract($field);
// Filter date/time custom fields
if (isset($profile_fields[$key]['field']) && $profile_fields[$key]['field'] == 'datetime') {
array_push($date_time_fields, $profile_fields[$key]['meta']);
}
}
/* Now update all user meta */
foreach ($this->usermeta as $key => $value) {
// save checkboxes
if (is_array($value)) {
// checkboxes
$value = implode(', ', $value);
}
if (in_array($key, $date_time_fields)) {
if ('' != $value) {
$formatted_date = upme_date_format_to_standerd($value, $upme_date_format);
$value = $formatted_date;
}
}
/* UPME action for adding custom filtering for each field save registration */
$before_registration_field_update_params = array('user_id' => $user_id, 'meta' => $key, 'value' => $value);
do_action('upme_before_registration_field_update', $before_registration_field_update_params);
/* END action */
// Prevent passwords from saving in user meta table
if ('user_pass' != $key && 'user_pass_confirm' != $key) {
update_user_meta($user_id, $key, esc_attr($value));
}
/* UPME action for adding custom filtering for each field save registration */
$after_registration_field_update_params = array('user_id' => $user_id, 'meta' => $key, 'value' => $value);
do_action('upme_after_registration_field_update', $after_registration_field_update_params);
/* END action */
/* update core fields - email, url, pass */
if (in_array($key, array('user_email', 'user_url', 'display_name'))) {
wp_update_user(array('ID' => $user_id, $key => esc_attr($value)));
}
}
// Save file upload fields on registration
$upme_save->userid = $user_id;
$upload_params = array();
$upme_save->process_registration_upload($_FILES, '2', $upload_params);
// Check user selected passwrod setting for saving the activation details
}
// Set approval status when user profile approvals are enabled
$approval_setting_status = $this->validate_user_approval();
if ($approval_setting_status) {
$approval_status = 'INACTIVE';
update_user_meta($user_id, 'upme_approval_status', $approval_status);
} else {
$approval_status = 'ACTIVE';
update_user_meta($user_id, 'upme_approval_status', $approval_status);
}
// Set Profile Status to active by default
update_user_meta($user_id, 'upme_user_profile_status', 'ACTIVE');
// Set the password nag when user selected password setting is disabled
// Set activation status and codes when selected password setting is enabled
$upme_settings = get_option('upme_options');
$set_pass = (bool) $upme_settings['set_password'];
$activation_setting_status = $this->validate_email_confirmation();
$activation_status = '';
if (!$set_pass) {
update_user_option($user_id, 'default_password_nag', true, true);
//Set up the Password change nag.
}
if ($activation_setting_status) {
$activation_status = 'INACTIVE';
update_user_meta($user_id, 'upme_activation_status', $activation_status);
} else {
$activation_status = 'ACTIVE';
update_user_meta($user_id, 'upme_activation_status', $activation_status);
}
$activation_code = wp_generate_password(12, false);
update_user_meta($user_id, 'upme_activation_code', $activation_code);
// Set automatic login based on the setting value in admin
if ($this->validate_automatic_login()) {
wp_set_auth_cookie($user_id, false, is_ssl());
}
/* action after Account Creation */
do_action('upme_user_register', $user_id);
if (!empty($activation_status) && 'INACTIVE' == $activation_status || !empty($approval_status) && 'INACTIVE' == $approval_status) {
$user = new WP_User($user_id);
$username = $user->user_login;
$current_option = get_option('upme_options');
$link = get_permalink($current_option['profile_page_id']);
$query_str = "upme_action=upme_activate&upme_id=" . $user_id . "&upme_activation_code=" . $activation_code;
$activation_link = upme_add_query_string($link, $query_str);
if ('INACTIVE' == $activation_status && 'INACTIVE' == $approval_status) {
// Activation and approval enabled
$send_params = array('activation_link' => $activation_link, 'username' => $username, 'email' => $user->user_email, 'password' => $user_pass);
if ($current_option['notifications_all_admins']) {
$admin_emails_list = implode(',', $upme_roles->get_admin_emails());
$admin_email_status = $upme_email_templates->upme_send_emails('reg_activation_approval_admin', $admin_emails_list, '', '', $send_params, $user_id);
} else {
$admin_email_status = $upme_email_templates->upme_send_emails('reg_activation_approval_admin', get_option('admin_email'), '', '', $send_params, $user_id);
}
$email_status = $upme_email_templates->upme_send_emails('reg_activation_approval_user', $user->user_email, '', '', $send_params, $user_id);
} else {
if ('INACTIVE' == $activation_status) {
// Activation enabled
$send_params = array('activation_link' => $activation_link, 'username' => $username, 'email' => $user->user_email, 'password' => $user_pass);
if ($current_option['notifications_all_admins']) {
$admin_emails_list = implode(',', $upme_roles->get_admin_emails());
$admin_email_status = $upme_email_templates->upme_send_emails('reg_activation_admin', $admin_emails_list, '', '', $send_params, $user_id);
} else {
$admin_email_status = $upme_email_templates->upme_send_emails('reg_activation_admin', get_option('admin_email'), '', '', $send_params, $user_id);
}
$email_status = $upme_email_templates->upme_send_emails('reg_activation_user', $user->user_email, '', '', $send_params, $user_id);
} else {
if ('INACTIVE' == $approval_status) {
// Approval enabled
$send_params = array('username' => $username, 'email' => $user->user_email, 'password' => $user_pass);
if ($current_option['notifications_all_admins']) {
$admin_emails_list = implode(',', $upme_roles->get_admin_emails());
$admin_email_status = $upme_email_templates->upme_send_emails('reg_approval_admin', $admin_emails_list, '', '', $send_params, $user_id);
} else {
$admin_email_status = $upme_email_templates->upme_send_emails('reg_approval_admin', get_option('admin_email'), '', '', $send_params, $user_id);
}
$email_status = $upme_email_templates->upme_send_emails('reg_approval_user', $user->user_email, '', '', $send_params, $user_id);
}
}
}
//upme_new_user_notification($user_id, $user_pass,$activation_status,$activation_code);
} else {
$user = new WP_User($user_id);
$username = $user->user_login;
$current_option = get_option('upme_options');
$link = get_permalink($current_option['login_page_id']);
$send_params = array('username' => $username, 'password' => $user_pass, 'login_link' => $link);
$email_status = $upme_email_templates->upme_send_emails('reg_default_user', '', '', '', $send_params, $user_id);
$send_params = array('username' => $username, 'email' => $user->user_email);
$admin_email_status = $upme_email_templates->upme_send_emails('reg_default_admin', '', '', '', $send_params, $user_id);
if (!$email_status && !$admin_email_status) {
wp_new_user_notification($user_id, $user_pass);
}
}
}
}
/**
* Connceting to LinkedIn network for retreiving profile informaion
*
* @access public
* @since 1.0
* @return void
*/
public function login()
{
$callback_url = upme_add_query_string($this->callback_url(), 'upme_social_login=Linkedin&upme_social_action=verify');
$upme_social_action = isset($_GET['upme_social_action']) ? $_GET['upme_social_action'] : '';
$response = new stdClass();
/* Configuring settings for LinkedIn application */
$app_config = array('appKey' => $this->upme_settings['social_login_linkedin_app_key'], 'appSecret' => $this->upme_settings['social_login_linkedin_app_secret'], 'callbackUrl' => $callback_url);
@session_start();
$linkedin_api = new upme_LinkedIn($app_config);
if ($upme_social_action == 'login') {
/* Retrive access token from LinkedIn */
$response_linkedin = $linkedin_api->retrieveTokenRequest(array('scope' => 'r_emailaddress'));
if ($response_linkedin['success'] === TRUE) {
/* Redirect the user to LinkedIn for login and authorizing the application */
$_SESSION['oauth']['linkedin']['request'] = $response_linkedin['linkedin'];
$this->redirect(upme_LinkedIn::_URL_AUTH . $response_linkedin['linkedin']['oauth_token']);
} else {
$response->error_code = 'req_token_fail';
$response->error_message = upme_language_entry('Request token retrieval failed');
$this->handle_error('Linkedin', $response->error_code);
}
} elseif (isset($_GET['oauth_verifier'])) {
/* LinkedIn has sent a response, user has granted permission, take the temp access
token, the user's secret and the verifier to request the user's real secret key */
$response_linkedin = $linkedin_api->retrieveTokenAccess($_SESSION['oauth']['linkedin']['request']['oauth_token'], $_SESSION['oauth']['linkedin']['request']['oauth_token_secret'], $_GET['oauth_verifier']);
if ($response_linkedin['success'] === TRUE) {
$linkedin_api->setTokenAccess($response_linkedin['linkedin']);
$linkedin_api->setResponseFormat(upme_LinkedIn::_RESPONSE_JSON);
/* Get user profile information using the retrived access token */
$user_result = $linkedin_api->profile('~:(email-address,id,first-name,last-name,picture-url)');
if ($user_result['success'] === TRUE) {
/* setting the user data object from the response */
$data = json_decode($user_result['linkedin']);
$response->status = TRUE;
$response->upme_network_type = 'linkedin';
$response->first_name = $data->firstName;
$response->last_name = $data->lastName;
$response->email = $data->emailAddress;
$response->username = $data->emailAddress;
$response->error_message = '';
} else {
/* Handling LinkedIn specific errors */
$response->status = FALSE;
$response->error_code = 'req_profile_fail';
$response->error_message = upme_language_entry('Error retrieving profile information');
$this->handle_social_error('Linkedin', $response->error_code);
}
} else {
/* Handling LinkedIn specific errors */
$response->status = FALSE;
$response->error_code = 'access_token_fail';
$response->error_message = upme_language_entry('Access token retrieval failed');
$this->handle_social_error('Linkedin', $response->error_code);
}
} else {
/* Handling LinkedIn specific errors */
if (isset($_GET['oauth_problem']) && $_GET['oauth_problem'] == 'user_refused') {
$response->status = FALSE;
$response->error_code = 'user_refused';
$response->error_message = upme_language_entry('User refused by application.');
$this->handle_social_error('Linkedin', $response->error_code);
} else {
$response->status = FALSE;
$response->error_code = 'req_cancel';
$response->error_message = upme_language_entry('Request cancelled by user!');
$this->handle_social_error('Linkedin', $response->error_code);
}
}
return $response;
}
function upme_new_user_notification($user_id, $plaintext_pass = '', $activation_status = '', $activation_code = '')
{
global $upme_email_templates;
$user = new WP_User($user_id);
$user_login = stripslashes($user->user_login);
$user_email = stripslashes($user->user_email);
$message = sprintf(__('New user registration on %s:', 'upme'), get_option('blogname')) . "\r\n\r\n";
$message .= sprintf(__('Username: %s', 'upme'), $user_login) . "\r\n\r\n";
$message .= sprintf(__('E-mail: %s', 'upme'), $user_email) . "\r\n";
/* UPME Filter for customizing new user activation email content for admins */
$message = apply_filters('upme_new_user_act_admin_content', $message, $user_login, $user_email);
// End Filter
$subject = sprintf(__('[%s] New User Registration', 'upme'), get_option('blogname'));
/* UPME Filter for customizing new user activation email subject for admins */
$subject = apply_filters('upme_new_user_act_admin_subject', $subject);
// End Filter
$send_params = array('username' => $user_login, 'email' => $user_email);
$admin_email = get_option('admin_email');
$admin_user = get_user_by('email', $admin_email);
$email_status = $upme_email_templates->upme_send_emails('reg_email_confirm_admin', get_option('admin_email'), $subject, $message, $send_params, $user_id);
// @wp_mail(
// get_option('admin_email'),
// $subject,
// $message
// );
if (empty($plaintext_pass)) {
return;
}
if (!empty($activation_status) && 'INACTIVE' == $activation_status) {
$current_option = get_option('upme_options');
$link = get_permalink($current_option['profile_page_id']);
$query_str = "upme_action=upme_activate&upme_id=" . $user_id . "&upme_activation_code=" . $activation_code;
$activation_link = upme_add_query_string($link, $query_str);
$message = sprintf(__("Someone (hopefully you) has used this email to register at %s :", 'upme'), get_option('blogname')) . "\r\n\r\n";
$message .= __('Please click the link below to verify your ownership of this email:', 'upme') . "\r\n\r\n";
$message .= __('You will not be able to log in to use your account until you do so:', 'upme') . "\r\n\r\n";
$message .= sprintf(__('%s'), $activation_link, $activation_link) . "\r\n\r\n";
$message .= __('Thanks', 'upme') . "\r\n";
$message .= sprintf(__('%s'), get_option('blogname'), 'upme') . "\r\n";
/* UPME Filter for customizing new user activation email content for users */
$message = apply_filters('upme_new_user_act_content', $message, $user_login, $user_email, $activation_link);
// End Filter
$subject = sprintf(__('[%s] Action Required: Email Verification', 'upme'), get_option('blogname'));
/* UPME Filter for customizing new user activation email content for users */
$subject = apply_filters('upme_new_user_act_subject', $subject);
// End Filter
$send_params = array('username' => $user_login, 'password' => $plaintext_pass, 'activation_link' => $activation_link);
$email_status = $upme_email_templates->upme_send_emails('reg_email_confirm_user', $user_email, $subject, $message, $send_params, $user_id);
// wp_mail(
// $user_email,
// $subject,
// $message
// );
}
}
