function bb_new_user($user_login, $user_email, $user_url, $user_status = 0) { global $wp_users_object, $bbdb; // is_email check + dns if (!($user_email = bb_verify_email($user_email))) { return new WP_Error('user_email', __('Invalid email address'), $user_email); } if (!($user_login = sanitize_user($user_login, true))) { return new WP_Error('user_login', __('Invalid username'), $user_login); } // user_status = 1 means the user has not yet been verified $user_status = is_numeric($user_status) ? (int) $user_status : 0; $user_nicename = $_user_nicename = bb_user_nicename_sanitize($user_login); if (strlen($_user_nicename) < 1) { return new WP_Error('user_login', __('Invalid username'), $user_login); } while (is_numeric($user_nicename) || ($existing_user = bb_get_user_by_nicename($user_nicename))) { $user_nicename = bb_slug_increment($_user_nicename, $existing_user->user_nicename, 50); } $user_url = bb_fix_link($user_url); $user_registered = bb_current_time('mysql'); $password = wp_generate_password(); $user_pass = wp_hash_password($password); $user = $wp_users_object->new_user(compact('user_login', 'user_email', 'user_url', 'user_nicename', 'user_status', 'user_pass')); if (is_wp_error($user)) { if ('user_nicename' == $user->get_error_code()) { return new WP_Error('user_login', $user->get_error_message()); } return $user; } $user_id = $bbdb->insert_id; $options = bb_get_option('approve_user_registration_options'); bb_update_usermeta($user_id, $bbdb->prefix . 'capabilities', array('waitingapproval' => true, 'member' => true)); approve_user_registration_send_pass($user_id, $password); do_action('bb_new_user', $user['ID'], $user['plain_pass']); return $user['ID']; }
function bb_manage_user_fields($edit_user = '') { global $nxt_roles, $nxt_users_object, $bbdb; // Cap checks $user_roles = $nxt_roles->role_names; $can_keep_gate = bb_current_user_can('keep_gate'); if ('post' == strtolower($_SERVER['REQUEST_METHOD'])) { bb_check_admin_referer('user-manage'); // Instantiate required vars $_POST = stripslashes_deep($_POST); $create_user_errors = new nxt_Error(); // User login $trimmed_user_login = str_replace(' ', '', $_POST['user_login']); $user_login = sanitize_user($_POST['user_login'], true); $user_meta['first_name'] = $_POST['first_name']; $user_meta['last_name'] = $_POST['last_name']; $user_display_name = $_POST['display_name']; $user_email = $_POST['user_email']; $user_url = $_POST['user_url']; $user_meta['from'] = $_POST['from']; $user_meta['occ'] = $_POST['occ']; $user_meta['interest'] = $_POST['interest']; $user_role = $_POST['userrole']; $user_meta['throttle'] = $_POST['throttle']; $user_pass1 = $_POST['pass1']; $user_pass2 = $_POST['pass2']; $user_status = 0; $user_pass = false; $user_url = $user_url ? bb_fix_link($user_url) : ''; // Check user_login if (!isset($_GET['action']) && empty($user_login)) { $create_user_errors->add('user_login', __('Username is a required field.')); } else { if ($user_login !== $trimmed_user_login) { $create_user_errors->add('user_login', sprintf(__('%s is an invalid username. How\'s this one?'), esc_html($_POST['user_login']))); $user_login = $trimmed_user_login; } } // Check email if (isset($user_email) && empty($user_email)) { $create_user_errors->add('user_email', __('Email address is a required field.')); } // Password Sanity Check if ((!empty($user_pass1) || !empty($user_pass2)) && $user_pass1 !== $user_pass2) { $create_user_errors->add('pass', __('You must enter the same password twice.')); } elseif (!isset($_GET['action']) && (empty($user_pass1) && empty($user_pass2))) { $create_user_errors->add('pass', __('You must enter a password.')); } elseif (isset($_GET['action']) && (empty($user_pass1) && empty($user_pass2))) { $user_pass = ''; } else { $user_pass = $user_pass1; } // No errors if (!$create_user_errors->get_error_messages()) { // Create or udpate switch ($_POST['action']) { case 'create': $goback = bb_get_uri('bb-admin/users.php', array('created' => 'true'), BB_URI_CONTEXT_FORM_ACTION + BB_URI_CONTEXT_BB_ADMIN); $user = $nxt_users_object->new_user(compact('user_login', 'user_email', 'user_url', 'user_nicename', 'user_status', 'user_pass')); // Error handler if (is_nxt_error($user)) { bb_admin_notice($user); unset($goback); // Update additional user data } else { // Update caps bb_update_usermeta($user['ID'], $bbdb->prefix . 'capabilities', array($user_role => true)); // Update all user meta foreach ($user_meta as $key => $value) { bb_update_usermeta($user['ID'], $key, $value); } // Don't send email if empty if (!empty($user_pass)) { bb_send_pass($user['ID'], $user_pass); } do_action('bb_new_user', $user['ID'], $user_pass); } break; case 'update': $goback = bb_get_uri('bb-admin/users.php', array('updated' => 'true'), BB_URI_CONTEXT_FORM_ACTION + BB_URI_CONTEXT_BB_ADMIN); $user = $nxt_users_object->get_user($_GET['user_id'], array('output' => ARRAY_A)); bb_update_user($user['ID'], $user_email, $user_url, $user_display_name); // Don't change PW if empty if (!empty($user_pass)) { bb_update_user_password($user['ID'], $user_pass); } // Error handler if (is_nxt_error($user)) { bb_admin_notice($user); unset($goback); // Update additional user data } else { // Update caps bb_update_usermeta($user['ID'], $bbdb->prefix . 'capabilities', array($user_role => true)); // Update all user meta foreach ($user_meta as $key => $value) { bb_update_usermeta($user['ID'], $key, $value); } // Don't send email if empty if (!empty($user_pass)) { bb_send_pass($user['ID'], $user_pass); } do_action('bb_update_user', $user['ID'], $user_pass); } break; } // Redirect if (isset($goback) && !empty($goback)) { bb_safe_redirect($goback); } // Error handler } else { bb_admin_notice($create_user_errors); } } elseif (isset($_GET['action']) && $_GET['action'] == 'edit') { if (isset($_GET['user_id']) && is_numeric($_GET['user_id'])) { $disabled = true; // Get the user if (empty($edit_user)) { $edit_user = bb_get_user(bb_get_user_id($_GET['user_id'])); } // Instantiate required vars $user_login = $edit_user->user_login; $user_meta['first_name'] = $edit_user->first_name; $user_meta['last_name'] = $edit_user->last_name; $user_display_name = $edit_user->display_name; $user_email = $edit_user->user_email; $user_url = $edit_user->user_url; $user_meta['from'] = $edit_user->from; $user_meta['occ'] = $edit_user->occ; $user_meta['interest'] = $edit_user->interest; $user_role = array_search('true', $edit_user->capabilities); $user_meta['throttle'] = $edit_user->throttle; // Keymasters can't demote themselves if ($edit_user->ID == bb_get_current_user_info('id') && $can_keep_gate || isset($edit_user->capabilities) && is_array($edit_user->capabilities) && array_key_exists('keymaster', $edit_user->capabilities) && !$can_keep_gate) { $user_roles = array('keymaster' => $user_roles['keymaster']); } elseif (!$can_keep_gate) { unset($user_roles['keymaster']); } } } // Load password strength checker nxt_enqueue_script('password-strength-meter'); nxt_enqueue_script('profile-edit'); // Generate a few PW hints $some_pass_hints = ''; for ($l = 3; $l != 0; $l--) { $some_pass_hints .= '<p>' . bb_generate_password() . '</p>'; } // Create the user fields $user_fields = array('user_login' => array('title' => __('Username'), 'note' => __('Required! Unique identifier for new user.'), 'value' => $user_login, 'disabled' => $disabled), 'first_name' => array('title' => __('First Name'), 'value' => $user_meta['first_name']), 'last_name' => array('title' => __('Last Name'), 'value' => $user_meta['last_name']), 'display_name' => array('title' => __('Display Name'), 'value' => $user_display_name), 'user_email' => array('title' => __('Email'), 'note' => __('Required! Will be used for notifications and profile settings changes.'), 'value' => $user_email), 'user_url' => array('title' => __('Website'), 'class' => array('long', 'code'), 'note' => __('The full URL of user\'s homepage or blog.'), 'value' => $user_url), 'from' => array('title' => __('Location'), 'class' => array('long'), 'value' => $user_meta['from']), 'occ' => array('title' => __('Occupation'), 'class' => array('long'), 'value' => $user_meta['occ']), 'interest' => array('title' => __('Interests'), 'class' => array('long'), 'value' => $user_meta['interest']), 'userrole' => array('title' => __('User Role'), 'type' => 'select', 'options' => $user_roles, 'note' => __('Allow user the above privileges.'), 'value' => $user_role), 'pass1' => array('title' => __('New Password'), 'type' => 'password', 'class' => array('short', 'text', 'code'), 'note' => __('Hints: ') . $some_pass_hints, 'value' => $user_pass1), 'pass2' => array('title' => __('Repeat New Password'), 'type' => 'password', 'class' => array('short', 'text', 'code'), 'note' => __('If you ignore hints, remember: the password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers and symbols like ! " ? $ % ^ & ).'), 'value' => $user_pass2), 'email_pass' => array('title' => '', 'type' => 'checkbox', 'options' => array('1' => array('label' => __('Email the new password.'), 'attributes' => array('checked' => true)))), 'pass-strength-fake-input' => array('title' => __('Password Strength'), 'type' => 'hidden')); return apply_filters('bb_manage_user_fields', $user_fields); }
$user->capabilities = array('inactive' => true); } // Store the profile info keys $profile_info_keys = bb_get_profile_info_keys('profile-edit'); // Store additional keys if the current user has access to them if (bb_current_user_can('edit_users')) { $profile_admin_keys = bb_get_profile_admin_keys('profile-edit'); $assignable_caps = bb_get_assignable_caps(); } // Instantiate the error object $errors = new nxt_Error(); if ('post' == strtolower($_SERVER['REQUEST_METHOD'])) { $_POST = stripslashes_deep($_POST); bb_check_admin_referer('edit-profile_' . $user_id); // Fix the URL before sanitizing it $user_url = bb_fix_link($_POST['user_url']); // Sanitize the profile info keys and check for missing required data foreach ($profile_info_keys as $key => $label) { ${$key} = apply_filters('sanitize_profile_info', $_POST[$key], $key, $_POST[$key]); if (!${$key} && $label[0] == 1) { $errors->add($key, sprintf(__('%s is required.'), esc_html($label[1]))); ${$key} = false; } } // Find out if we have a valid email address if (isset($user_email) && !($user_email = is_email($user_email))) { $errors->add('user_email', __('Invalid email address'), array('data' => $_POST['user_email'])); } // Deal with errors for users who can edit others data if (bb_current_user_can('edit_users')) { // Get the user object
function bb_new_user($user_login, $user_email, $user_url, $user_status = 1) { global $wp_users_object, $bbdb; // is_email check + dns if (!($user_email = is_email($user_email))) { return new WP_Error('user_email', __('Invalid email address'), $user_email); } if (!($user_login = sanitize_user($user_login, true))) { return new WP_Error('user_login', __('Invalid username'), $user_login); } // user_status = 1 means the user has not yet been verified $user_status = is_numeric($user_status) ? (int) $user_status : 1; if (defined('BB_INSTALLING')) { $user_status = 0; } $user_nicename = $_user_nicename = bb_user_nicename_sanitize($user_login); if (strlen($_user_nicename) < 1) { return new WP_Error('user_login', __('Invalid username'), $user_login); } while (is_numeric($user_nicename) || ($existing_user = bb_get_user_by_nicename($user_nicename))) { $user_nicename = bb_slug_increment($_user_nicename, $existing_user->user_nicename, 50); } $user_url = $user_url ? bb_fix_link($user_url) : ''; $user_pass = bb_generate_password(); $user = $wp_users_object->new_user(compact('user_login', 'user_email', 'user_url', 'user_nicename', 'user_status', 'user_pass')); if (is_wp_error($user)) { if ('user_nicename' == $user->get_error_code()) { return new WP_Error('user_login', $user->get_error_message()); } return $user; } if (BB_INSTALLING) { bb_update_usermeta($user['ID'], $bbdb->prefix . 'capabilities', array('keymaster' => true)); } else { bb_update_usermeta($user['ID'], $bbdb->prefix . 'capabilities', array('member' => true)); bb_send_pass($user['ID'], $user['plain_pass']); } do_action('bb_new_user', $user['ID'], $user['plain_pass']); return $user['ID']; }
/** * Updates a user's details in the database * * {@internal Missing Long Description}} * * @since 0.7.2 * @global bbdb $bbdb * * @param int $user_id * @param string $user_email * @param string $user_url * @return int */ function bb_update_user($user_id, $user_email, $user_url, $display_name) { global $wp_users_object; $user_id = (int) $user_id; $user_url = bb_fix_link($user_url); $wp_users_object->update_user($user_id, compact('user_email', 'user_url', 'display_name')); do_action('bb_update_user', $user_id); return $user_id; }
function bb_li_connect() { global $wp_users_object, $li_attr; //li authorization if (!$_SESSION['oauth']['linkedin']['authorized'] === TRUE) { try_li_connect(); } $me = get_li_profile(); if (!$me) { bb_die("Linkedin Connect failed"); exit; } $li_id = trim($me->{$li_attr}['id']); //bb_die($li_id); if (!$li_id) { bb_die("LinkedIn Connect failed, no user id found."); exit; } // Check if the user has already connected before $user_id = li_get_userid_by_linkedin_id($li_id); if (!$user_id) { // User did not exist yet, lets create the local account // First order of business is to find a unused usable account name for ($i = 1;; $i++) { $user_login = strtolower(sanitize_user(li_get_user_displayname($me), true)); $user_login = str_replace(' ', '_', $user_login); $user_login = str_replace('__', '_', $user_login); if (strlen($user_login) < 2) { $user_login = "******"; } if (strlen($user_login) > 50 - strlen($i)) { $user_login = substr($user_login, 0, 50 - strlen($i)); } if ($i > 1) { $user_login .= $i; } // A very rare potential race condition exists here, if two users with the same name // happen to register at the same time. One of them would fail, and have to retry. if (bb_get_user($user_login, array('by' => 'login')) === false) { break; } } $user_nicename = $user_login; $user_email = $user_login . "@none.local"; $user_url = trim($me->{$li_attr}['public-profile-url']); $user_url = $user_url ? bb_fix_link($user_url) : ''; $user_status = 0; $user_pass = bb_generate_password(); // User may have given permission to use his/her real email. Lets use it if so. /*if (isset($me['email']) && $me['email'] != '' && is_email($me['email'])) { $user_email = trim($me['email']); if (bb_get_user($user_email, array ('by' => 'email')) !== false) { // Uh oh. A user with this email already exists. This does not work out for us. bb_die("Error: an user account with the email address '$user_email' already exists."); } }*/ $user = $wp_users_object->new_user(compact('user_login', 'user_email', 'user_url', 'user_nicename', 'user_status', 'user_pass')); if (!$user || is_wp_error($user)) { bb_die("Creating new user failed"); exit; } $user_id = $user['ID']; //bb_die($user_id); bb_update_usermeta($user_id, $bbdb->prefix . 'capabilities', array('member' => true)); bb_update_usermeta($user_id, 'linkedin_id', $li_id); bb_update_usermeta($user_id, 'prompt_email', '1'); // will prompt user for email until set false. 1=true 0=false bb_update_usermeta($user_id, 'li_avatar', trim($me->{$li_attr}['picture-url'])); // user avatar bb_update_user($user_id, $user_email, $user_url, li_get_user_displayname($me)); bb_update_usermeta($user_id, 'first_name', trim($me->{$li_attr}['first-name'])); bb_update_usermeta($user_id, 'last_name', trim($me->{$li_attr}['last-name'])); bb_update_usermeta($user_id, 'occ', trim($me->{$li_attr}['headline'])); bb_update_usermeta($user_id, 'interest', trim($me->{$li_attr}['industry'])); do_action('bb_new_user', $user_id, $user_pass); do_action('register_user', $user_id); } else { bb_update_usermeta($user_id, 'prompt_email', '1'); bb_update_usermeta($user_id, 'li_avatar', trim($me->{$li_attr}['picture-url'])); if (!bb_get_option('li_allow_useredit')) { // enforce first name, last name and display name if the users are not allowed to change them bb_update_user($user_id, bb_get_user_email($user_id), get_user_link($user_id), li_get_user_displayname($me)); bb_update_usermeta($user_id, 'first_name', trim($me->{$li_attr}['first-name'])); bb_update_usermeta($user_id, 'last_name', trim($me->{$li_attr}['last-name'])); bb_update_usermeta($user_id, 'occ', trim($me->{$li_attr}['headline'])); bb_update_usermeta($user_id, 'interest', trim($me->{$li_attr}['industry'])); } } bb_set_auth_cookie($user_id, true); do_action('bb_user_login', $user_id); $redirect_url = $_REQUEST['li_bb_connect']; if (strpos($redirect_url, bb_get_option('uri')) !== 0) { $redirect_url = bb_get_option('uri'); } bb_safe_redirect($redirect_url); exit; }