/** * Display pending email change notice on user edit page * * @since 2.6.0 bbPress (r5660) * * @uses bbp_get_displayed_user_id() To get the displayed user ID * @uses bbp_is_single_user_edit() To check if it's the profile edit page * @uses bbp_get_user_profile_edit_url() To get the displayed user profile edit URL * @uses add_query_arg() To add dismiss query argument to URL * @uses wp_nonce_url() To add nonce to URL */ function bbp_notice_edit_user_pending_email() { // Bail if not on users own profile if (!bbp_is_user_home_edit()) { return; } // Check for pending email address change $user_id = bbp_get_displayed_user_id(); $key = $user_id . '_new_email'; $new_email = get_option($key); // Bail if no pending email address change if (empty($new_email['newemail'])) { return; } // Build the nonced URL to dismiss the pending change $user_url = bbp_get_user_profile_edit_url($user_id); $nonce = "dismiss-{$key}"; $args = array('action' => 'bbp-update-user-email', 'dismiss' => $key); // Build the variables to pass into printf() $dismiss_url = wp_nonce_url(add_query_arg($args, $user_url), $nonce); $dismiss_link = '<a href="' . esc_url($dismiss_url) . '">' . esc_html_x('Cancel', 'Dismiss pending user email address change', 'bbpress') . '</a>'; $coded_email = '<code>' . esc_html($new_email['newemail']) . '</code>'; ?> <div class="bbp-template-notice info"> <ul> <li><?php printf(__('There is a pending email address change to %1$s. %2$s', 'bbpress'), $coded_email, $dismiss_link); ?> </li> </ul> </div> <?php }
/** * Handles the front end user editing * * @uses is_multisite() To check if it's a multisite * @uses bbp_is_user_home() To check if the user is at home (the display page * is the one of the logged in user) * @uses get_option() To get the displayed user's new email id option * @uses wpdb::prepare() To sanitize our sql query * @uses wpdb::get_var() To execute our query and get back the variable * @uses wpdb::query() To execute our query * @uses wp_update_user() To update the user * @uses delete_option() To delete the displayed user's email id option * @uses bbp_get_user_profile_edit_url() To get the edit profile url * @uses wp_safe_redirect() To redirect to the url * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses current_user_can() To check if the current user can edit the user * @uses do_action() Calls 'personal_options_update' or * 'edit_user_options_update' (based on if it's the user home) * with the displayed user id * @uses edit_user() To edit the user based on the post data * @uses get_userdata() To get the user data * @uses is_email() To check if the string is an email id or not * @uses wpdb::get_blog_prefix() To get the blog prefix * @uses is_network_admin() To check if the user is the network admin * @uses is_super_admin() To check if the user is super admin * @uses revoke_super_admin() To revoke super admin priviledges * @uses grant_super_admin() To grant super admin priviledges * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error} */ function bbp_edit_user_handler() { // Bail if not a POST action if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) { return; } // Bail if action is not 'bbp-update-user' if (empty($_POST['action']) || 'bbp-update-user' !== $_POST['action']) { return; } // Get the displayed user ID $user_id = bbp_get_displayed_user_id(); // Execute confirmed email change. See send_confirmation_on_profile_email(). if (is_multisite() && bbp_is_user_home_edit() && isset($_GET['newuseremail'])) { $new_email = get_option($user_id . '_new_email'); if ($new_email['hash'] == $_GET['newuseremail']) { $user = new stdClass(); $user->ID = $user_id; $user->user_email = esc_html(trim($new_email['newemail'])); global $wpdb; if ($wpdb->get_var($wpdb->prepare("SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", bbp_get_displayed_user_field('user_login')))) { $wpdb->query($wpdb->prepare("UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, bbp_get_displayed_user_field('user_login'))); } wp_update_user(get_object_vars($user)); delete_option($user_id . '_new_email'); wp_safe_redirect(add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($user_id))); exit; } // Delete new email address from user options } elseif (is_multisite() && bbp_is_user_home_edit() && !empty($_GET['dismiss']) && $user_id . '_new_email' == $_GET['dismiss']) { delete_option($user_id . '_new_email'); wp_safe_redirect(add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($user_id))); exit; } // Nonce check if (!bbp_verify_nonce_request('update-user_' . $user_id)) { bbp_add_error('bbp_update_user_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Cap check if (!current_user_can('edit_user', $user_id)) { bbp_add_error('bbp_update_user_capability', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Do action based on who's profile you're editing $edit_action = bbp_is_user_home_edit() ? 'personal_options_update' : 'edit_user_profile_update'; do_action($edit_action, $user_id); // Handle user edit $edit_user = edit_user($user_id); // Error(s) editng the user, so copy them into the global if (is_wp_error($edit_user)) { bbpress()->errors = $edit_user; // Successful edit to redirect } elseif (is_integer($edit_user)) { // Maybe update super admin ability if (is_multisite() && !bbp_is_user_home_edit()) { empty($_POST['super_admin']) ? revoke_super_admin($edit_user) : grant_super_admin($edit_user); } $redirect = add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($edit_user)); wp_safe_redirect($redirect); exit; } }
/** * @covers ::bbp_get_user_profile_edit_url */ public function test_bbp_get_user_profile_edit_url() { // Pretty permalinks $this->set_permalink_structure('/%postname%/'); $profile_edit_url = 'http://' . WP_TESTS_DOMAIN . '/forums/users/' . $this->keymaster_userdata->user_nicename . '/edit/'; // String. $this->assertSame($profile_edit_url, bbp_get_user_profile_edit_url($this->keymaster_id)); // Ugly permalinks $this->set_permalink_structure(); $profile_edit_url = 'http://' . WP_TESTS_DOMAIN . '/?bbp_user='******'&edit=1'; // String. $this->assertSame($profile_edit_url, bbp_get_user_profile_edit_url($this->keymaster_id)); }
/** * Handles the front end user editing * * @uses is_multisite() To check if it's a multisite * @uses bbp_is_user_home() To check if the user is at home (the display page * is the one of the logged in user) * @uses get_option() To get the displayed user's new email id option * @uses wpdb::prepare() To sanitize our sql query * @uses wpdb::get_var() To execute our query and get back the variable * @uses wpdb::query() To execute our query * @uses wp_update_user() To update the user * @uses delete_option() To delete the displayed user's email id option * @uses bbp_get_user_profile_edit_url() To get the edit profile url * @uses wp_safe_redirect() To redirect to the url * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses current_user_can() To check if the current user can edit the user * @uses do_action() Calls 'personal_options_update' or * 'edit_user_options_update' (based on if it's the user home) * with the displayed user id * @uses edit_user() To edit the user based on the post data * @uses get_userdata() To get the user data * @uses is_email() To check if the string is an email id or not * @uses wpdb::get_blog_prefix() To get the blog prefix * @uses is_network_admin() To check if the user is the network admin * @uses is_super_admin() To check if the user is super admin * @uses revoke_super_admin() To revoke super admin priviledges * @uses grant_super_admin() To grant super admin priviledges * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error} */ function bbp_edit_user_handler() { // Bail if not a POST action if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) { return; } // Bail if action is not 'bbp-update-user' if (empty($_POST['action']) || 'bbp-update-user' !== $_POST['action']) { return; } // Get the displayed user ID $user_id = bbp_get_displayed_user_id(); global $wpdb, $user_login, $super_admins; // Execute confirmed email change. See send_confirmation_on_profile_email(). if (is_multisite() && bbp_is_user_home_edit() && isset($_GET['newuseremail'])) { $new_email = get_option($user_id . '_new_email'); if ($new_email['hash'] == $_GET['newuseremail']) { $user = new stdClass(); $user->ID = $user_id; $user->user_email = esc_html(trim($new_email['newemail'])); if ($wpdb->get_var($wpdb->prepare("SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", bbp_get_displayed_user_field('user_login')))) { $wpdb->query($wpdb->prepare("UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, bbp_get_displayed_user_field('user_login'))); } wp_update_user(get_object_vars($user)); delete_option($user_id . '_new_email'); wp_safe_redirect(add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($user_id))); exit; } } elseif (is_multisite() && bbp_is_user_home_edit() && !empty($_GET['dismiss']) && $user_id . '_new_email' == $_GET['dismiss']) { delete_option($user_id . '_new_email'); wp_safe_redirect(add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($user_id))); exit; } // Nonce check if (!bbp_verify_nonce_request('update-user_' . $user_id)) { bbp_add_error('bbp_update_user_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Cap check if (!current_user_can('edit_user', $user_id)) { bbp_add_error('bbp_update_user_capability', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Do action based on who's profile you're editing $edit_action = bbp_is_user_home_edit() ? 'personal_options_update' : 'edit_user_profile_update'; do_action($edit_action, $user_id); // Multisite handles the trouble for us ;) if (!is_multisite()) { $edit_user = edit_user($user_id); // Single site means we need to do some manual labor } else { $user = get_userdata($user_id); // Update the email address in signups, if present. if ($user->user_login && isset($_POST['email']) && is_email($_POST['email']) && $wpdb->get_var($wpdb->prepare("SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $user->user_login))) { $wpdb->query($wpdb->prepare("UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $_POST['email'], $user_login)); } // WPMU must delete the user from the current blog if WP added him after editing. $delete_role = false; $blog_prefix = $wpdb->get_blog_prefix(); if ($user_id != $user_id) { $cap = $wpdb->get_var("SELECT meta_value FROM {$wpdb->usermeta} WHERE user_id = '{$user_id}' AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'"); if (!is_network_admin() && null == $cap && $_POST['role'] == '') { $_POST['role'] = 'contributor'; $delete_role = true; } } $edit_user = edit_user($user_id); // stops users being added to current blog when they are edited if (true === $delete_role) { delete_user_meta($user_id, $blog_prefix . 'capabilities'); } if (is_multisite() && is_network_admin() & !bbp_is_user_home_edit() && current_user_can('manage_network_options') && !isset($super_admins) && empty($_POST['super_admin']) == is_super_admin($user_id)) { empty($_POST['super_admin']) ? revoke_super_admin($user_id) : grant_super_admin($user_id); } } // Error(s) editng the user, so copy them into the global if (is_wp_error($edit_user)) { bbpress()->errors = $edit_user; // Successful edit to redirect } elseif (is_integer($edit_user)) { $redirect = add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($edit_user)); wp_safe_redirect($redirect); exit; } }
<?php /** Top Bar */ ?> <div id="topbar"> <div class="inner"> <div class="left"> Welcome to Aquagraphite Support Forum :) </div> <div class="right"> <?php if (is_user_logged_in()) { echo '<a href="' . bbp_get_user_profile_edit_url(bbp_get_user_id('', false, true)) . '">Edit Profile</a> or '; echo '<a href="' . wp_logout_url($redirect = home_url()) . '">Logout</a>'; } else { echo '<a href="' . wp_login_url($redirect = home_url(), $force_reauth = false) . '">Login</a> or '; echo '<a href="' . wp_login_url() . '?action=register">Register</a>'; } ?> </div> <div class="clearfix"></div> </div> </div>
/** * Output URL to the profile edit page of a user * * @since bbPress (r2688) * * @param int $user_id Optional. User id * @param string $user_nicename Optional. User nicename * @uses bbp_get_user_profile_edit_url() To get user profile edit url */ function bbp_user_profile_edit_url($user_id = 0, $user_nicename = '') { echo bbp_get_user_profile_edit_url($user_id, $user_nicename); }
?> <div id="topbar"> <div class="container"> <div class="row"> <div class="col-xs-12 col-md-8"> <div class="as-text-topbar-header"> <div class="time-zone-wrapper"> <span class="iva_visitor_time"><span class="iva-time"><strong>Your Time: </strong></span><span class="time-zone-visitor-icon dslc-icon "></span> <span id="your_time">11:40:47</span></span> - <span class="iva_support_time"><span class="iva-time"><strong>Our Time: </strong></span><span class="time-zone-support-icon dslc-icon "></span> <span id="our_time">10:10:47</span></span> </div> </div> </div> <div class="col-xs-12 col-md-4"> <div class="as-group-button-topbar"> <?php if (is_user_logged_in()) { echo '<a href="' . bbp_get_user_profile_edit_url(bbp_get_user_id('', false, true)) . '" class="as-btn-style as-bg-color">Edit Profile</a>'; echo '<a href="' . wp_logout_url($redirect = home_url()) . '" class="as-btn-style">Logout</a>'; } else { echo '<a href="' . wp_login_url($redirect = home_url(), $force_reauth = false) . '" class="as-btn-style">Login</a>'; echo '<a href="' . wp_login_url() . '?action=register" class="as-btn-style as-bg-color">Register</a>'; } ?> </div> </div> <div class="clearfix"></div> </div> </div> </div>
function cb_bbp_author_details($cb_author_id, $cb_desc = true) { $cb_author_email = get_the_author_meta('publicemail', $cb_author_id); $cb_author_name = get_the_author_meta('display_name', $cb_author_id); $cb_author_position = get_the_author_meta('position', $cb_author_id); $cb_author_tw = get_the_author_meta('twitter', $cb_author_id); $cb_author_go = get_the_author_meta('googleplus', $cb_author_id); $cb_author_www = get_the_author_meta('url', $cb_author_id); $cb_author_desc = get_the_author_meta('description', $cb_author_id); $cb_author_posts = count_user_posts($cb_author_id); $cb_author_output = NULL; $cb_author_output .= '<div class="cb-author-details cb-bbp clearfix"><div class="cb-mask"><a href="' . bbp_get_user_profile_url() . '" title="' . bbp_get_displayed_user_field('display_name') . '" rel="me">' . get_avatar(bbp_get_displayed_user_field('user_email', 'raw'), apply_filters('bbp_single_user_details_avatar_size', 150)) . '</a></div><div class="cb-meta"><h3><a href="' . bbp_get_user_profile_url() . '" title="' . bbp_get_displayed_user_field('display_name') . '">' . $cb_author_name . '</a></h3>'; if ($cb_author_position != NULL) { $cb_author_output .= '<div class="cb-author-position">' . $cb_author_position . '</div>'; } if ($cb_author_desc != NULL && $cb_desc == true) { $cb_author_output .= '<p class="cb-author-bio">' . $cb_author_desc . '</p>'; } if ($cb_author_email != NULL || $cb_author_www != NULL || $cb_author_tw != NULL || $cb_author_go != NULL) { $cb_author_output .= '<div class="cb-author-page-contact">'; } if ($cb_author_email != NULL) { $cb_author_output .= '<a href="mailto:' . $cb_author_email . '"><i class="icon-envelope-alt cb-tip-bot" title="' . __('Email', 'cubell') . '"></i></a>'; } if ($cb_author_www != NULL) { $cb_author_output .= ' <a href="' . $cb_author_www . '" target="_blank"><i class="icon-link cb-tip-bot" title="' . __('Website', 'cubell') . '"></i></a> '; } if ($cb_author_tw != NULL) { $cb_author_output .= ' <a href="//www.twitter.com/' . $cb_author_tw . '" target="_blank" ><i class="icon-twitter cb-tip-bot" title="Twitter"></i></a>'; } if ($cb_author_go != NULL) { $cb_author_output .= ' <a href="' . $cb_author_go . '" rel="publisher" target="_top" title="Google+" class="cb-googleplus cb-tip-bot" ><img src="//ssl.gstatic.com/images/icons/gplus-32.png" data-src-retina="//ssl.gstatic.com/images/icons/gplus-64.png" alt="Google+" ></a>'; } if ($cb_author_email != NULL || $cb_author_www != NULL || $cb_author_go != NULL || $cb_author_tw != NULL) { $cb_author_output .= '</div>'; } $cb_author_output .= '<div id="cb-user-nav"><ul>'; if (bbp_is_single_user_replies()) { $cb_user_current = 'current'; } $cb_author_output .= '<li class="'; if (bbp_is_single_user_topics()) { $cb_author_output .= 'current'; } $cb_author_output .= '"><span class="bbp-user-topics-created-link"><a href="' . bbp_get_user_topics_created_url() . '">' . __('Topics Started', 'bbpress') . '</a></span></li>'; $cb_author_output .= '<li class="'; if (bbp_is_single_user_replies()) { $cb_author_output .= 'current'; } $cb_author_output .= '"><span class="bbp-user-replies-created-link"><a href="' . bbp_get_user_replies_created_url() . '">' . __('Replies Created', 'bbpress') . '</a></span></li>'; if (bbp_is_favorites_active()) { $cb_author_output .= '<li class="'; if (bbp_is_favorites()) { $cb_author_output .= 'current'; } $cb_author_output .= '"><span class="bbp-user-favorites-link"><a href="' . bbp_get_favorites_permalink() . '">' . __('Favorites', 'bbpress') . '</a></span></li>'; } if (bbp_is_user_home() || current_user_can('edit_users')) { if (bbp_is_subscriptions_active()) { $cb_author_output .= '<li class="'; if (bbp_is_subscriptions()) { $cb_author_output .= 'current'; } $cb_author_output .= '"><span class="bbp-user-subscriptions-link"><a href="' . bbp_get_subscriptions_permalink() . '">' . __('Subscriptions', 'bbpress') . '</a></span></li>'; } $cb_author_output .= '<li class="'; if (bbp_is_single_user_edit()) { $cb_author_output .= 'current'; } $cb_author_output .= '"><span class="bbp-user-edit-link"><a href="' . bbp_get_user_profile_edit_url() . '">' . __('Edit', 'bbpress') . '</a></span></li>'; } $cb_author_output .= '</ul></div><!-- #cb-user-nav -->'; $cb_author_output .= '</div></div>'; return $cb_author_output; }
/** * Sends an email when an email address change occurs on POST requests * * @since 2.6.0 bbPress (r5660) * * @see send_confirmation_on_profile_email() * * @uses bbp_parse_args() To parse the option arguments * @uses bbp_add_error() To provide feedback to user * @uses bbp_get_displayed_user_field() To get the user_login * @uses bbp_get_user_profile_edit_url() To get the user profile edit link * @uses add_query_arg() To add arguments the link * @uses wp_mail() To send the notification */ function bbp_edit_user_email_send_notification($user_id = 0, $args = array()) { // Parse args $r = bbp_parse_args($args, array('hash' => '', 'newemail' => '')); // Bail if any relevant parameters are empty if (empty($user_id) || empty($r['hash']) || empty($r['newemail'])) { bbp_add_error('bbp_user_email_invalid_hash', __('<strong>ERROR</strong>: An error occurred while updating your email address.', 'bbpress'), array('form-field' => 'email')); return; } // Build the nonced URL to dismiss the pending change $user_login = bbp_get_displayed_user_field('user_login', 'raw'); $user_url = bbp_get_user_profile_edit_url($user_id); $confirm_url = add_query_arg(array('action' => 'bbp-update-user-email', 'newuseremail' => $r['hash']), $user_url); $email_text = __('%1$s Someone requested a change to the email address on your account. Please click the following link to confirm this change: %2$s If you did not request this, you can safely ignore and delete this notification. This email was sent to: %3$s Regards, The %4$s Team %5$s', 'bbpress'); /** * Filter the email text sent when a user changes emails. * * The following strings have a special meaning and will get replaced dynamically: * * %1$s - The current user's username * %2$s - The link to click on to confirm the email change * %3$s - The new email * %4$s - The name of the site * %5$s - The URL to the site * * @param string $email_text Text in the email. * @param string $r New user email that the current user has changed to. */ $content = apply_filters('bbp_user_email_update_content', $email_text, $r); // Build the email message $message = sprintf($content, $user_login, $confirm_url, $r['newemail'], get_site_option('site_name'), network_home_url()); // Build the email subject $subject = sprintf(__('[%s] New Email Address', 'bbpress'), wp_specialchars_decode(get_option('blogname'))); // Send the email wp_mail($r['newemail'], $subject, $message); }