/**
* Appends WP-Members registration fields to Users > Add New User screen.
*
* @since 2.9.0
*/
function wpmem_do_wp_newuser_form()
{
global $wpmem;
echo '<table class="form-table"><tbody>';
$wpmem_fields = $wpmem->fields;
//get_option( 'wpmembers_fields' );
$exclude = wpmem_get_excluded_meta('register');
foreach ($wpmem_fields as $field) {
if ($field[6] == 'n' && !in_array($field[2], $exclude)) {
$req = $field[5] == 'y' ? ' <span class="description">' . __('(required)') . '</span>' : '';
echo '<tr>
<th scope="row">
<label for="' . $field[2] . '">' . __($field[1], 'wp-members') . $req . '</label>
</th>
<td>';
// determine the field type and generate accordingly.
switch ($field[3]) {
case 'select':
$val = isset($_POST[$field[2]]) ? $_POST[$field[2]] : '';
echo wpmem_create_formfield($field[2], $field[3], $field[7], $val);
break;
case 'textarea':
echo '<textarea name="' . $field[2] . '" id="' . $field[2] . '" class="textarea">';
echo isset($_POST[$field[2]]) ? esc_textarea($_POST[$field[2]]) : '';
echo '</textarea>';
break;
case 'checkbox':
$val = isset($_POST[$field[2]]) ? $_POST[$field[2]] : '';
$val = !$_POST && $field[8] == 'y' ? $field[7] : $val;
echo wpmem_create_formfield($field[2], $field[3], $field[7], $val);
break;
default:
echo '<input type="' . $field[3] . '" name="' . $field[2] . '" id="' . $field[2] . '" class="input" value="';
echo isset($_POST[$field[2]]) ? esc_attr($_POST[$field[2]]) : '';
echo '" size="25" />';
break;
}
echo '</td>
</tr>';
}
}
echo '</tbody></table>';
}
/**
* Builds the email for admin notification of new user registration.
*
* @since 2.3
*
* @uses wp_mail
*
* @param int $user_id
* @param array $wpmem_fields
* @param array $field_data
*/
function wpmem_notify_admin( $user_id, $wpmem_fields, $field_data = null ) {
global $wpmem;
// WP default user fields.
$wp_user_fields = array(
'user_login',
'user_nicename',
'user_url',
'user_registered',
'display_name',
'first_name',
'last_name',
'nickname',
'description',
);
// Get the user data.
$user = get_userdata( $user_id );
// Get the email stored values.
$arr = get_option( 'wpmembers_email_notify' );
// Userdata for default shortcodes.
$arr['user_id'] = $user_id;
$arr['user_login'] = stripslashes( $user->user_login );
$arr['user_email'] = stripslashes( $user->user_email );
$arr['blogname'] = wp_specialchars_decode( get_option ( 'blogname' ), ENT_QUOTES );
$arr['user_ip'] = get_user_meta( $user_id, 'wpmem_reg_ip', true );
$arr['reg_link'] = esc_url( get_user_meta( $user_id, 'wpmem_reg_url', true ) );
$arr['act_link'] = get_bloginfo ( 'wpurl' ) . "/wp-admin/user-edit.php?user_id=".$user_id;
$arr['exp_type'] = ( defined( 'WPMEM_EXP_MODULE' ) && $wpmem->use_exp == 1 ) ? get_user_meta( $user_id, 'exp_type', true ) : '';
$arr['exp_date'] = ( defined( 'WPMEM_EXP_MODULE' ) && $wpmem->use_exp == 1 ) ? get_user_meta( $user_id, 'expires', true ) : '';
$arr['do_shortcodes'] = true;
$arr['add_footer'] = true;
$arr['disable'] = false;
// Builds an array of the user data fields.
$field_arr = array();
foreach ( $wpmem_fields as $meta ) {
if ( $meta[4] == 'y' ) {
$name = $meta[1];
if ( ! in_array( $meta[2], wpmem_get_excluded_meta( 'email' ) ) ) {
if ( ( $meta[2] != 'user_email' ) && ( $meta[2] != 'password' ) ) {
if ( $meta[2] == 'user_url' ) {
$val = esc_url( $user->user_url );
} elseif ( in_array( $meta[2], $wp_user_fields ) ) {
$val = esc_html( $user->$meta[2] );
} else {
$val = esc_html( get_user_meta( $user_id, $meta[2], true ) );
}
$field_arr[ $name ] = $val;
}
}
}
}
$arr['field_arr'] = $field_arr;
// Apply filters (if set) for the sending email address.
global $wpmem_mail_from, $wpmem_mail_from_name;
add_filter( 'wp_mail_from', 'wpmem_mail_from' );
add_filter( 'wp_mail_from_name', 'wpmem_mail_from_name' );
$default_header = ( $wpmem_mail_from && $wpmem_mail_from_name ) ? 'From: ' . $wpmem_mail_from_name . ' <' . $wpmem_mail_from . '>' : '';
/**
* Filters the email headers.
*
* @since 2.7.4
*
* @param mixed $default_header The email headers (default = null).
* @param string $toggle Toggle to determine what email is being generated (newreg|newmod|appmod|repass|admin).
*/
$arr['headers'] = apply_filters( 'wpmem_email_headers', $default_header, 'admin' );
// Handle backward compatibility for customizations that may call the email function directly.
if ( ! $wpmem_fields ) {
$wpmem_fields = $wpmem->fields; //get_option( 'wpmembers_fields' );
}
/**
* Filters the address the admin notification is sent to.
*
* @since 2.7.5
*
* @param string The email address of the admin to send to.
*/
$arr['admin_email'] = apply_filters( 'wpmem_notify_addr', get_option( 'admin_email' ) );
/**
* Filter the email.
*
* This is a new and more powerful filter than was previously available for
* emails. This new filter passes the email subject, body, user ID, and several
* other settings and parameters for use in the filter function. It also passes
* an array of the WP-Members fields, and an array of the posted registration
* data from the register function.
*
* @since 2.9.8
*
* @param array $arr An array containing email body, subject, user id, and additional settings.
* @param array $wpmem_fields An array of the WP-Members fields.
* @param array $arr['field_arr'] An array of the posted registration data.
*/
$arr = apply_filters( 'wpmem_notify_filter', $arr, $wpmem_fields, $field_data );
// If emails are not disabled, continue the email process.
if ( ! $arr['disable'] ) {
// Split field_arr into field_str.
$field_str = '';
foreach ( $arr['field_arr'] as $key => $val ) {
$field_str.= $key . ': ' . $val . "\r\n";
}
// Get the email footer if needed.
$foot = ( $arr['add_footer'] ) ? get_option ( 'wpmembers_email_footer' ) : '';
// If doing shortcode replacements.
if ( $arr['do_shortcodes'] ) {
// Setup default shortcodes.
$shortcd = array(
'[blogname]',
'[username]',
'[email]',
'[reglink]',
'[exp-type]',
'[exp-data]',
'[user-ip]',
'[activate-user]',
'[fields]',
);
// Replacement values for default shortcodes.
$replace = array(
$arr['blogname'],
$arr['user_login'],
$arr['user_email'],
$arr['reg_link'],
$arr['exp_type'],
$arr['exp_date'],
$arr['user_ip'],
$arr['act_link'],
$field_str,
);
// Create the custom field shortcodes.
foreach ( $wpmem_fields as $field ) {
$shortcd[] = '[' . $field[2] . ']';
$replace[] = get_user_meta( $user_id, $field[2], true );
}
// Get the subject, body, and footer shortcodes.
$arr['subj'] = str_replace( $shortcd, $replace, $arr['subj'] );
$arr['body'] = str_replace( $shortcd, $replace, $arr['body'] );
$foot = ( $arr['add_footer'] ) ? str_replace( $shortcd, $replace, $foot ) : '';
}
// Append footer if needed.
$arr['body'] = ( $arr['add_footer'] ) ? $arr['body'] . "\r\n" . $foot : $arr['body'];
/**
* Filters the admin notification email.
*
* @since 2.8.2
*
* @param string $arr['body'] The admin notification email body.
*/
$arr['body'] = apply_filters( 'wpmem_email_notify', $arr['body'] );
// Send the message.
wp_mail( $arr['admin_email'], stripslashes( $arr['subj'] ), stripslashes( $arr['body'] ), $arr['headers'] );
}
}
/**
* Updates WP-Members fields from the WP user profile screen.
*
* @since 2.1
*/
function wpmem_admin_update()
{
global $wpmem;
$user_id = $_REQUEST['user_id'];
$wpmem_fields = $wpmem->fields;
// get_option( 'wpmembers_fields' );
/**
* Fires before the user profile is updated.
*
* @since 2.9.2
*
* @param int $user_id The user ID.
* @param array $wpmem_fields Array of the custom fields.
*/
do_action('wpmem_admin_pre_user_update', $user_id, $wpmem_fields);
$fields = array();
$chk_pass = false;
foreach ($wpmem_fields as $meta) {
if ($meta[6] == "n" && $meta[3] != 'password' && $meta[3] != 'checkbox') {
isset($_POST[$meta[2]]) ? $fields[$meta[2]] = $_POST[$meta[2]] : false;
} elseif ($meta[2] == 'password' && $meta[4] == 'y') {
$chk_pass = true;
} elseif ($meta[3] == 'checkbox') {
$fields[$meta[2]] = isset($_POST[$meta[2]]) ? $_POST[$meta[2]] : '';
}
}
/**
* Filter the submitted field values for backend profile update.
*
* @since 2.8.2
*
* @param array $fields An array of the posted form values.
* @param int $user_id The ID of the user being updated.
*/
$fields = apply_filters('wpmem_admin_profile_update', $fields, $user_id);
// Get any excluded meta fields.
$exclude = wpmem_get_excluded_meta('admin-profile');
foreach ($fields as $key => $val) {
if (!in_array($key, $exclude)) {
update_user_meta($user_id, $key, $val);
}
}
if ($wpmem->mod_reg == 1) {
$wpmem_activate_user = isset($_POST['activate_user']) == '' ? -1 : $_POST['activate_user'];
if ($wpmem_activate_user == 1) {
wpmem_a_activate_user($user_id, $chk_pass);
} elseif ($wpmem_activate_user == 0) {
wpmem_a_deactivate_user($user_id);
}
}
defined('WPMEM_EXP_MODULE') && $wpmem->use_exp == 1 ? wpmem_a_extend_user($user_id) : '';
/**
* Fires after the user profile is updated.
*
* @since 2.9.2
*
* @param int $user_id The user ID.
*/
do_action('wpmem_admin_after_user_update', $user_id);
return;
}
/**
* Register function
*
* Handles registering new users and updating existing users.
*
* @since 2.2.1
*
* @param string $toggle toggles the function between 'register' and 'update'.
* @global int $user_ID
* @global string $wpmem_themsg
* @global array $userdata
* @return string $wpmem_themsg|success|editsuccess
*/
function wpmem_registration($toggle)
{
// get the globals
global $user_ID, $wpmem_themsg, $userdata;
// check the nonce
if (defined('WPMEM_USE_NONCE')) {
if (empty($_POST) || !wp_verify_nonce($_POST['wpmem-form-submit'], 'wpmem-validate-submit')) {
$wpmem_themsg = __('There was an error processing the form.', 'wp-members');
return;
}
}
// is this a registration or a user profile update?
if ($toggle == 'register') {
$fields['username'] = isset($_POST['log']) ? sanitize_user($_POST['log']) : '';
}
// add the user email to the $fields array for _data hooks
$fields['user_email'] = isset($_POST['user_email']) ? $_POST['user_email'] : '';
// build the $fields array from $_POST data
$wpmem_fields = get_option('wpmembers_fields');
foreach ($wpmem_fields as $meta) {
if ($meta[4] == 'y') {
if ($meta[2] != 'password') {
$fields[$meta[2]] = isset($_POST[$meta[2]]) ? sanitize_text_field($_POST[$meta[2]]) : '';
} else {
// we do have password as part of the registration form
$fields['password'] = isset($_POST['password']) ? $_POST['password'] : '';
}
}
}
/**
* Filter the submitted form field date prior to validation.
*
* @since 2.8.2
*
* @param array $fields An array of the posted form field data.
*/
$fields = apply_filters('wpmem_pre_validate_form', $fields);
// check for required fields
$wpmem_fields_rev = array_reverse($wpmem_fields);
foreach ($wpmem_fields_rev as $meta) {
$pass_arr = array('password', 'confirm_password', 'password_confirm');
$pass_chk = $toggle == 'update' && in_array($meta[2], $pass_arr) ? true : false;
if ($meta[5] == 'y' && $pass_chk == false) {
if (!$fields[$meta[2]]) {
$wpmem_themsg = sprintf(__('Sorry, %s is a required field.', 'wp-members'), $meta[1]);
}
}
}
switch ($toggle) {
case "register":
if (is_multisite()) {
// multisite has different requirements
$result = wpmu_validate_user_signup($fields['username'], $fields['user_email']);
$errors = $result['errors'];
if ($errors->errors) {
$wpmem_themsg = $errors->get_error_message();
return $wpmem_themsg;
exit;
}
} else {
if (!$fields['username']) {
$wpmem_themsg = __('Sorry, username is a required field', 'wp-members');
return $wpmem_themsg;
exit;
}
if (!validate_username($fields['username'])) {
$wpmem_themsg = __('The username cannot include non-alphanumeric characters.', 'wp-members');
return $wpmem_themsg;
exit;
}
if (!is_email($fields['user_email'])) {
$wpmem_themsg = __('You must enter a valid email address.', 'wp-members');
return $wpmem_themsg;
exit;
}
if (username_exists($fields['username'])) {
return "user";
exit;
}
if (email_exists($fields['user_email'])) {
return "email";
exit;
}
}
if ($wpmem_themsg) {
return "empty";
exit;
}
// if form contains password and email confirmation, validate that they match
if (array_key_exists('confirm_password', $fields) && $fields['confirm_password'] != $fields['password']) {
$wpmem_themsg = __('Passwords did not match.', 'wp-members');
}
if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
$wpmem_themsg = __('Emails did not match.', 'wp-members');
}
$wpmem_captcha = get_option('wpmembers_captcha');
// get the captcha settings (api keys)
if (WPMEM_CAPTCHA == 1 && $wpmem_captcha['recaptcha']) {
// if captcha is on, check the captcha
if ($wpmem_captcha['recaptcha']['public'] && $wpmem_captcha['recaptcha']['private']) {
// if there is no api key, the captcha never displayed to the end user
if (!$_POST["recaptcha_response_field"]) {
// validate for empty captcha field
$wpmem_themsg = __('You must complete the CAPTCHA form.', 'wp-members');
return "empty";
exit;
}
}
// check to see if the recaptcha library has already been loaded by another plugin
if (!function_exists('_recaptcha_qsencode')) {
require_once 'lib/recaptchalib.php';
}
$publickey = $wpmem_captcha['recaptcha']['public'];
$privatekey = $wpmem_captcha['recaptcha']['private'];
// the response from reCAPTCHA
$resp = null;
// the error code from reCAPTCHA, if any
$error = null;
if ($_POST["recaptcha_response_field"]) {
$resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
// set the error code so that we can display it
global $wpmem_captcha_err;
$wpmem_captcha_err = $resp->error;
$wpmem_captcha_err = wpmem_get_captcha_err($wpmem_captcha_err);
return "captcha";
exit;
}
}
// end check recaptcha
} elseif (WPMEM_CAPTCHA == 2) {
if (defined('REALLYSIMPLECAPTCHA_VERSION')) {
/** Validate Really Simple Captcha */
$wpmem_captcha = new ReallySimpleCaptcha();
// This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
$wpmem_captcha_prefix = isset($_POST['captcha_prefix']) ? $_POST['captcha_prefix'] : '';
// This variable holds the CAPTCHA response, entered by the user
$wpmem_captcha_code = isset($_POST['captcha_code']) ? $_POST['captcha_code'] : '';
// Check CAPTCHA validity
$wpmem_captcha_correct = $wpmem_captcha->check($wpmem_captcha_prefix, $wpmem_captcha_code) ? true : false;
// clean up the tmp directory
$wpmem_captcha->remove($wpmem_captcha_prefix);
$wpmem_captcha->cleanup();
// If CAPTCHA validation fails (incorrect value entered in CAPTCHA field), return an error
if (!$wpmem_captcha_correct) {
$wpmem_themsg = wpmem_get_captcha_err('really-simple');
return "empty";
exit;
}
}
}
// check for user defined password
$fields['password'] = !isset($_POST['password']) ? wp_generate_password() : $_POST['password'];
// add for _data hooks
$fields['user_registered'] = gmdate('Y-m-d H:i:s');
$fields['user_role'] = get_option('default_role');
$fields['wpmem_reg_ip'] = $_SERVER['REMOTE_ADDR'];
$fields['wpmem_reg_url'] = $_REQUEST['redirect_to'];
/**
* these native fields are not installed by default, but if they
* are added, use the $_POST value - otherwise, default to username.
* value can be filtered with wpmem_register_data
*/
$fields['user_nicename'] = isset($_POST['user_nicename']) ? sanitize_title($_POST['user_nicename']) : $fields['username'];
$fields['display_name'] = isset($_POST['display_name']) ? sanitize_user($_POST['display_name']) : $fields['username'];
$fields['nickname'] = isset($_POST['nickname']) ? sanitize_user($_POST['nickname']) : $fields['username'];
/**
* Filter registration data after validation before data insertion.
*
* @since 2.8.2
*
* @param array $fields An array of the registration field data.
*/
$fields = apply_filters('wpmem_register_data', $fields);
/**
* Fires before any insertion/emails.
*
* This action is the final step in pre registering a user. This
* can be used for attaching custom validation to the registration
* process. It cannot be used for changing any user registration
* data. Use the wpmem_register_data filter for that.
*
* @since 2.7.2
*
* @param array $fields The user's submitted registration data.
*/
do_action('wpmem_pre_register_data', $fields);
// if the _pre_register_data hook sends back an error message
if ($wpmem_themsg) {
return $wpmem_themsg;
}
// main new user fields are ready
$new_user_fields = array('user_pass' => $fields['password'], 'user_login' => $fields['username'], 'user_nicename' => $fields['user_nicename'], 'user_email' => $fields['user_email'], 'display_name' => $fields['display_name'], 'nickname' => $fields['nickname'], 'user_registered' => $fields['user_registered'], 'role' => $fields['user_role']);
// get any excluded meta fields
$excluded_meta = wpmem_get_excluded_meta('register');
// user_url, first_name, last_name, description, jabber, aim, yim
$new_user_fields_meta = array('user_url', 'first_name', 'last_name', 'description', 'jabber', 'aim', 'yim');
foreach ($wpmem_fields as $meta) {
if (in_array($meta[2], $new_user_fields_meta)) {
if ($meta[4] == 'y' && !in_array($meta[2], $excluded_meta)) {
$new_user_fields[$meta[2]] = $fields[$meta[2]];
}
}
}
// inserts to wp_users table
$fields['ID'] = wp_insert_user($new_user_fields);
// set remaining fields to wp_usermeta table
foreach ($wpmem_fields as $meta) {
// if the field is not excluded, update accordingly
if (!in_array($meta[2], $excluded_meta) && !in_array($meta[2], $new_user_fields_meta)) {
if ($meta[4] == 'y' && $meta[2] != 'user_email') {
update_user_meta($fields['ID'], $meta[2], $fields[$meta[2]]);
}
}
}
// capture IP address of user at registration
update_user_meta($fields['ID'], 'wpmem_reg_ip', $fields['wpmem_reg_ip']);
// store the registration url
update_user_meta($fields['ID'], 'wpmem_reg_url', $fields['wpmem_reg_url']);
// set user expiration, if used
if (WPMEM_USE_EXP == 1 && WPMEM_MOD_REG != 1) {
wpmem_set_exp($fields['ID']);
}
/**
* Fires after user insertion but before email.
*
* @since 2.7.2
*
* @param array $fields The user's submitted registration data.
*/
do_action('wpmem_post_register_data', $fields);
require_once 'wp-members-email.php';
// if this was successful, and you have email properly
// configured, send a notification email to the user
wpmem_inc_regemail($fields['ID'], $fields['password'], WPMEM_MOD_REG, $wpmem_fields, $fields);
// notify admin of new reg, if needed;
if (WPMEM_NOTIFY_ADMIN == 1) {
wpmem_notify_admin($fields['ID'], $wpmem_fields);
}
/**
* Fires after registration is complete.
*
* @since 2.7.1
*/
do_action('wpmem_register_redirect');
// successful registration message
return "success";
exit;
break;
case "update":
if ($wpmem_themsg) {
return "updaterr";
exit;
}
// doing a check for existing email is not the same as a new reg. check first to
// see if it's different, then check if it is a valid address and it exists.
global $current_user;
get_currentuserinfo();
if ($fields['user_email'] != $current_user->user_email) {
if (email_exists($fields['user_email'])) {
return "email";
exit;
}
if (!is_email($fields['user_email'])) {
$wpmem_themsg = __('You must enter a valid email address.', 'wp-members');
return "updaterr";
exit;
}
}
// if form includes email confirmation, validate that they match
if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
$wpmem_themsg = __('Emails did not match.', 'wp-members');
}
// add the user_ID to the fields array
$fields['ID'] = $user_ID;
/**
* Filter registration data after validation before data insertion.
*
* @since 2.8.2
*
* @param array $fields An array of the registration field data.
*/
$fields = apply_filters('wpmem_register_data', $fields);
/**
* Fires before data insertion.
*
* This action is the final step in pre updating a user. This
* can be used for attaching custom validation to the update
* process. It cannot be used for changing any user update
* data. Use the wpmem_register_data filter for that.
*
* @since 2.7.2
*
* @param array $fields The user's submitted update data.
*/
do_action('wpmem_pre_update_data', $fields);
// if the _pre_update_data hook sends back an error message
// @todo - double check this. it should probably return "updaterr" and the hook should globalize wpmem_themsg
if ($wpmem_themsg) {
return $wpmem_themsg;
}
// a list of fields that can be updated by wp_update_user
$native_fields = array('user_nicename', 'user_url', 'user_email', 'display_name', 'nickname', 'first_name', 'last_name', 'description', 'role', 'jabber', 'aim', 'yim');
$native_update = array('ID' => $user_ID);
foreach ($wpmem_fields as $meta) {
// if the field is not excluded, update accordingly
if (!in_array($meta[2], wpmem_get_excluded_meta('update'))) {
switch ($meta[2]) {
// if the field can be updated by wp_update_user
case in_array($meta[2], $native_fields):
$fields[$meta[2]] = isset($fields[$meta[2]]) ? $fields[$meta[2]] : '';
//wp_update_user( array( 'ID' => $user_ID, $meta[2] => $fields[$meta[2]] ) );
$native_update[$meta[2]] = $fields[$meta[2]];
break;
// if the field is password
// if the field is password
case 'password':
// do nothing...
break;
// everything else goes into wp_usermeta
// everything else goes into wp_usermeta
default:
if ($meta[4] == 'y') {
update_user_meta($user_ID, $meta[2], $fields[$meta[2]]);
}
break;
}
}
}
// update wp_update_user fields
wp_update_user($native_update);
/**
* Fires at the end of user update data insertion.
*
* @since 2.7.2
*
* @param array $fields The user's submitted registration data.
*/
do_action('wpmem_post_update_data', $fields);
return "editsuccess";
exit;
break;
}
}
/**
* Register function.
*
* Handles registering new users and updating existing users.
*
* @since 2.2.1
*
* @param string $toggle toggles the function between 'register' and 'update'.
* @global int $user_ID
* @global string $wpmem_themsg
* @global array $userdata
* @return string $wpmem_themsg|success|editsuccess
*/
function wpmem_registration($toggle)
{
// Get the globals.
global $user_ID, $wpmem, $wpmem_themsg, $userdata;
// Check the nonce.
if (defined('WPMEM_USE_NONCE')) {
if (empty($_POST) || !wp_verify_nonce($_POST['wpmem-form-submit'], 'wpmem-validate-submit')) {
$wpmem_themsg = __('There was an error processing the form.', 'wp-members');
return;
}
}
// Is this a registration or a user profile update?
if ($toggle == 'register') {
$fields['username'] = isset($_POST['log']) ? sanitize_user($_POST['log']) : '';
}
// Add the user email to the $fields array for _data hooks.
$fields['user_email'] = isset($_POST['user_email']) ? $_POST['user_email'] : '';
// Build the $fields array from $_POST data.
$wpmem_fields = $wpmem->fields;
// get_option( 'wpmembers_fields' );
foreach ($wpmem_fields as $meta) {
if ($meta[4] == 'y') {
if ($meta[2] != 'password') {
$fields[$meta[2]] = isset($_POST[$meta[2]]) ? sanitize_text_field($_POST[$meta[2]]) : '';
} else {
// We do have password as part of the registration form.
$fields['password'] = isset($_POST['password']) ? $_POST['password'] : '';
}
}
}
/**
* Filter the submitted form field date prior to validation.
*
* @since 2.8.2
*
* @param array $fields An array of the posted form field data.
*/
$fields = apply_filters('wpmem_pre_validate_form', $fields);
// Check for required fields, reverse the array for logical error message order.
$wpmem_fields_rev = array_reverse($wpmem_fields);
foreach ($wpmem_fields_rev as $meta) {
$pass_arr = array('password', 'confirm_password', 'password_confirm');
$pass_chk = $toggle == 'update' && in_array($meta[2], $pass_arr) ? true : false;
if ($meta[5] == 'y' && $pass_chk == false) {
if (!$fields[$meta[2]]) {
$wpmem_themsg = sprintf(__('Sorry, %s is a required field.', 'wp-members'), $meta[1]);
}
}
}
switch ($toggle) {
case "register":
if (is_multisite()) {
// Multisite has different requirements.
$result = wpmu_validate_user_signup($fields['username'], $fields['user_email']);
$errors = $result['errors'];
if ($errors->errors) {
$wpmem_themsg = $errors->get_error_message();
return $wpmem_themsg;
exit;
}
} else {
// Validate username and email fields.
$wpmem_themsg = email_exists($fields['user_email']) ? "email" : $wpmem_themsg;
$wpmem_themsg = username_exists($fields['username']) ? "user" : $wpmem_themsg;
$wpmem_themsg = !is_email($fields['user_email']) ? __('You must enter a valid email address.', 'wp-members') : $wpmem_themsg;
$wpmem_themsg = !validate_username($fields['username']) ? __('The username cannot include non-alphanumeric characters.', 'wp-members') : $wpmem_themsg;
$wpmem_themsg = !$fields['username'] ? __('Sorry, username is a required field', 'wp-members') : $wpmem_themsg;
// If there is an error from username, email, or required field validation, stop registration and return the error.
if ($wpmem_themsg) {
return $wpmem_themsg;
exit;
}
}
// If form contains password and email confirmation, validate that they match.
if (array_key_exists('confirm_password', $fields) && $fields['confirm_password'] != $fields['password']) {
$wpmem_themsg = __('Passwords did not match.', 'wp-members');
}
if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
$wpmem_themsg = __('Emails did not match.', 'wp-members');
}
// Get the captcha settings (api keys).
$wpmem_captcha = get_option('wpmembers_captcha');
// If captcha is on, check the captcha.
if ($wpmem->captcha == 1 && $wpmem_captcha['recaptcha']) {
// If there is no api key, the captcha never displayed to the end user.
if ($wpmem_captcha['recaptcha']['public'] && $wpmem_captcha['recaptcha']['private']) {
if (!$_POST["recaptcha_response_field"]) {
// validate for empty captcha field
$wpmem_themsg = __('You must complete the CAPTCHA form.', 'wp-members');
return "empty";
exit;
}
}
// Check to see if the recaptcha library has already been loaded by another plugin.
if (!function_exists('_recaptcha_qsencode')) {
require_once WPMEM_PATH . 'lib/recaptchalib.php';
}
$publickey = $wpmem_captcha['recaptcha']['public'];
$privatekey = $wpmem_captcha['recaptcha']['private'];
// The response from reCAPTCHA.
$resp = null;
// The error code from reCAPTCHA, if any.
$error = null;
if ($_POST["recaptcha_response_field"]) {
$resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
// Set the error code so that we can display it.
global $wpmem_captcha_err;
$wpmem_captcha_err = $resp->error;
$wpmem_captcha_err = wpmem_get_captcha_err($wpmem_captcha_err);
return "captcha";
exit;
}
}
// End check recaptcha.
} elseif ($wpmem->captcha == 2) {
if (defined('REALLYSIMPLECAPTCHA_VERSION')) {
// Validate Really Simple Captcha.
$wpmem_captcha = new ReallySimpleCaptcha();
// This variable holds the CAPTCHA image prefix, which corresponds to the correct answer.
$wpmem_captcha_prefix = isset($_POST['captcha_prefix']) ? $_POST['captcha_prefix'] : '';
// This variable holds the CAPTCHA response, entered by the user.
$wpmem_captcha_code = isset($_POST['captcha_code']) ? $_POST['captcha_code'] : '';
// Check CAPTCHA validity.
$wpmem_captcha_correct = $wpmem_captcha->check($wpmem_captcha_prefix, $wpmem_captcha_code) ? true : false;
// Clean up the tmp directory.
$wpmem_captcha->remove($wpmem_captcha_prefix);
$wpmem_captcha->cleanup();
// If CAPTCHA validation fails (incorrect value entered in CAPTCHA field), return an error.
if (!$wpmem_captcha_correct) {
$wpmem_themsg = wpmem_get_captcha_err('really-simple');
return "empty";
exit;
}
}
} elseif ($wpmem->captcha == 3 && $wpmem_captcha['recaptcha']) {
// Get the captcha response.
if (isset($_POST['g-recaptcha-response'])) {
$captcha = $_POST['g-recaptcha-response'];
}
// If there is no captcha value, return error.
if (!$captcha) {
$wpmem_themsg = __('You must complete the CAPTCHA form.', 'wp-members');
return "empty";
exit;
}
// We need the private key for validation.
$privatekey = $wpmem_captcha['recaptcha']['private'];
// Validate the captcha.
$response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=" . $privatekey . "&response=" . $captcha . "&remoteip=" . $_SERVER['REMOTE_ADDR']);
// Decode the json response.
$response = json_decode($response, true);
// If captcha validation was unsuccessful.
if ($response['success'] == false) {
$wpmem_themsg = __('CAPTCHA was not valid.', 'wp-members');
return "empty";
exit;
}
}
// Check for user defined password.
$fields['password'] = !isset($_POST['password']) ? wp_generate_password() : $_POST['password'];
// Add for _data hooks
$fields['user_registered'] = gmdate('Y-m-d H:i:s');
$fields['user_role'] = get_option('default_role');
$fields['wpmem_reg_ip'] = $_SERVER['REMOTE_ADDR'];
$fields['wpmem_reg_url'] = isset($_REQUEST['wpmem_reg_page']) ? $_REQUEST['wpmem_reg_page'] : $_REQUEST['redirect_to'];
/*
* These native fields are not installed by default, but if they
* are added, use the $_POST value - otherwise, default to username.
* Value can be filtered with wpmem_register_data.
*/
$fields['user_nicename'] = isset($_POST['user_nicename']) ? sanitize_title($_POST['user_nicename']) : $fields['username'];
$fields['display_name'] = isset($_POST['display_name']) ? sanitize_user($_POST['display_name']) : $fields['username'];
$fields['nickname'] = isset($_POST['nickname']) ? sanitize_user($_POST['nickname']) : $fields['username'];
/**
* Filter registration data after validation before data insertion.
*
* @since 2.8.2
*
* @param array $fields An array of the registration field data.
* @param string $toggle A switch to indicate the action (new|edit).
*/
$fields = apply_filters('wpmem_register_data', $fields, 'new');
/**
* Fires before any insertion/emails.
*
* This action is the final step in pre registering a user. This
* can be used for attaching custom validation to the registration
* process. It cannot be used for changing any user registration
* data. Use the wpmem_register_data filter for that.
*
* @since 2.7.2
*
* @param array $fields The user's submitted registration data.
*/
do_action('wpmem_pre_register_data', $fields);
// If the _pre_register_data hook sends back an error message.
if ($wpmem_themsg) {
return $wpmem_themsg;
}
// Main new user fields are ready.
$new_user_fields = array('user_pass' => $fields['password'], 'user_login' => $fields['username'], 'user_nicename' => $fields['user_nicename'], 'user_email' => $fields['user_email'], 'display_name' => $fields['display_name'], 'nickname' => $fields['nickname'], 'user_registered' => $fields['user_registered'], 'role' => $fields['user_role']);
// Get any excluded meta fields.
$excluded_meta = wpmem_get_excluded_meta('register');
// Fields for wp_insert_user: user_url, first_name, last_name, description, jabber, aim, yim.
$new_user_fields_meta = array('user_url', 'first_name', 'last_name', 'description', 'jabber', 'aim', 'yim');
foreach ($wpmem_fields as $meta) {
if (in_array($meta[2], $new_user_fields_meta)) {
if ($meta[4] == 'y' && !in_array($meta[2], $excluded_meta)) {
$new_user_fields[$meta[2]] = $fields[$meta[2]];
}
}
}
// Inserts to wp_users table.
$fields['ID'] = wp_insert_user($new_user_fields);
// Set remaining fields to wp_usermeta table.
foreach ($wpmem_fields as $meta) {
// If the field is not excluded, update accordingly.
if (!in_array($meta[2], $excluded_meta) && !in_array($meta[2], $new_user_fields_meta)) {
if ($meta[4] == 'y' && $meta[2] != 'user_email') {
update_user_meta($fields['ID'], $meta[2], $fields[$meta[2]]);
}
}
}
// Capture IP address of user at registration.
update_user_meta($fields['ID'], 'wpmem_reg_ip', $fields['wpmem_reg_ip']);
// Store the registration url.
update_user_meta($fields['ID'], 'wpmem_reg_url', $fields['wpmem_reg_url']);
// Set user expiration, if used.
if ($wpmem->use_exp == 1 && $wpmem->mod_reg != 1) {
wpmem_set_exp($fields['ID']);
}
/**
* Fires after user insertion but before email.
*
* @since 2.7.2
*
* @param array $fields The user's submitted registration data.
*/
do_action('wpmem_post_register_data', $fields);
require_once WPMEM_PATH . 'inc/email.php';
/*
* If this was successful, and you have email properly
* configured, send a notification email to the user.
*/
wpmem_inc_regemail($fields['ID'], $fields['password'], $wpmem->mod_reg, $wpmem_fields, $fields);
// Notify admin of new reg, if needed.
if ($wpmem->notify == 1) {
wpmem_notify_admin($fields['ID'], $wpmem_fields);
}
/**
* Fires after registration is complete.
*
* @since 2.7.1
*/
do_action('wpmem_register_redirect');
// successful registration message
return "success";
exit;
break;
case "update":
if ($wpmem_themsg) {
return "updaterr";
exit;
}
/*
* Doing a check for existing email is not the same as a new reg. check first to
* see if it's different, then check if it is a valid address and it exists.
*/
global $current_user;
get_currentuserinfo();
if ($fields['user_email'] != $current_user->user_email) {
if (email_exists($fields['user_email'])) {
return "email";
exit;
}
if (!is_email($fields['user_email'])) {
$wpmem_themsg = __('You must enter a valid email address.', 'wp-members');
return "updaterr";
exit;
}
}
// If form includes email confirmation, validate that they match.
if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
$wpmem_themsg = __('Emails did not match.', 'wp-members');
}
// Add the user_ID to the fields array.
$fields['ID'] = $user_ID;
/**
* Filter registration data after validation before data insertion.
*
* @since 2.8.2
*
* @param array $fields An array of the registration field data.
* @param string $toggle A switch to indicate the action (new|edit).
*/
$fields = apply_filters('wpmem_register_data', $fields, 'edit');
/**
* Fires before data insertion.
*
* This action is the final step in pre updating a user. This
* can be used for attaching custom validation to the update
* process. It cannot be used for changing any user update
* data. Use the wpmem_register_data filter for that.
*
* @since 2.7.2
*
* @param array $fields The user's submitted update data.
*/
do_action('wpmem_pre_update_data', $fields);
/*
* If the _pre_update_data hook sends back an error message.
* @todo - double check this. it should probably return "updaterr" and the hook should globalize wpmem_themsg
*/
if ($wpmem_themsg) {
return $wpmem_themsg;
}
// A list of fields that can be updated by wp_update_user.
$native_fields = array('user_nicename', 'user_url', 'user_email', 'display_name', 'nickname', 'first_name', 'last_name', 'description', 'role', 'jabber', 'aim', 'yim');
$native_update = array('ID' => $user_ID);
foreach ($wpmem_fields as $meta) {
// If the field is not excluded, update accordingly.
if (!in_array($meta[2], wpmem_get_excluded_meta('update'))) {
switch ($meta[2]) {
// If the field can be updated by wp_update_user.
case in_array($meta[2], $native_fields):
$fields[$meta[2]] = isset($fields[$meta[2]]) ? $fields[$meta[2]] : '';
$native_update[$meta[2]] = $fields[$meta[2]];
break;
// If the field is password.
// If the field is password.
case 'password':
// Do nothing.
break;
// Everything else goes into wp_usermeta.
// Everything else goes into wp_usermeta.
default:
if ($meta[4] == 'y') {
update_user_meta($user_ID, $meta[2], $fields[$meta[2]]);
}
break;
}
}
}
// Update wp_update_user fields.
wp_update_user($native_update);
/**
* Fires at the end of user update data insertion.
*
* @since 2.7.2
*
* @param array $fields The user's submitted registration data.
*/
do_action('wpmem_post_update_data', $fields);
return "editsuccess";
exit;
break;
}
}
/**
* Builds the email for admin notification of new user registration.
*
* @since 2.3
*
* @global object $wpmem The WP_Members object.
* @global string $wpmem_mail_from The email from address.
* @global string $wpmem_mail_from_name The email from name.
* @param int $user_ID The User's ID.
* @param array $wpmem_fields Array of the WP-Members fields (defaults to null).
* @param array $fields Array of the registration data (defaults to null).
*/
function wpmem_notify_admin($user_id, $wpmem_fields, $field_data = null)
{
global $wpmem;
// WP default user fields.
$wp_user_fields = array('user_login', 'user_nicename', 'user_url', 'user_registered', 'display_name', 'first_name', 'last_name', 'nickname', 'description');
// Get the user data.
$user = get_userdata($user_id);
// Get the email stored values.
$arr = get_option('wpmembers_email_notify');
// Userdata for default shortcodes.
$arr['user_id'] = $user_id;
$arr['user_login'] = stripslashes($user->user_login);
$arr['user_email'] = stripslashes($user->user_email);
$arr['blogname'] = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
$arr['user_ip'] = is_array($field_data) ? $field_data['wpmem_reg_ip'] : get_user_meta($user_id, 'wpmem_reg_ip', true);
$arr['reg_link'] = esc_url(get_user_meta($user_id, 'wpmem_reg_url', true));
$arr['act_link'] = esc_url(add_query_arg('user_id', $user_id, get_admin_url('', 'user-edit.php')));
$arr['exp_type'] = defined('WPMEM_EXP_MODULE') && $wpmem->use_exp == 1 ? get_user_meta($user_id, 'exp_type', true) : '';
$arr['exp_date'] = defined('WPMEM_EXP_MODULE') && $wpmem->use_exp == 1 ? get_user_meta($user_id, 'expires', true) : '';
$arr['do_shortcodes'] = true;
$arr['add_footer'] = true;
$arr['footer'] = get_option('wpmembers_email_footer');
$arr['disable'] = false;
// Builds an array of the user data fields.
$field_arr = array();
foreach ($wpmem_fields as $field) {
if ($field[4] == 'y') {
$meta_key = $field[2];
if (!in_array($meta_key, wpmem_get_excluded_meta('email'))) {
if ($meta_key != 'user_email' && $meta_key != 'password') {
if ($meta_key == 'user_url') {
$val = esc_url($user->user_url);
} elseif (in_array($meta_key, $wp_user_fields)) {
$val = esc_html($user->{$meta_key});
} elseif ('file' == $field[3] || 'image' == $field[3]) {
$val = wp_get_attachment_url(get_user_meta($user_id, $meta_key, true));
} else {
$val = is_array($field_data) ? esc_html($field_data[$meta_key]) : esc_html(get_user_meta($user_id, $meta_key, true));
}
$field_arr[$field[1]] = $val;
}
}
}
}
$arr['field_arr'] = $field_arr;
// Apply filters (if set) for the sending email address.
$default_header = $wpmem->email['from'] && $wpmem->email['from_name'] ? 'From: "' . $wpmem->email['from_name'] . '" <' . $wpmem->email['from'] . '>' : '';
/** This filter is documented in email.php */
$arr['headers'] = apply_filters('wpmem_email_headers', $default_header, 'admin');
// Handle backward compatibility for customizations that may call the email function directly.
if (!$wpmem_fields) {
$wpmem_fields = $wpmem->fields;
}
/**
* Filters the address the admin notification is sent to.
*
* @since 2.7.5
*
* @param string The email address of the admin to send to.
*/
$arr['admin_email'] = apply_filters('wpmem_notify_addr', get_option('admin_email'));
/**
* Filter the email.
*
* This is a new and more powerful filter than was previously available for
* emails. This new filter passes the email subject, body, user ID, and several
* other settings and parameters for use in the filter function. It also passes
* an array of the WP-Members fields, and an array of the posted registration
* data from the register function.
*
* @since 2.9.8
*
* @param array $arr An array containing email body, subject, user id, and additional settings.
* @param array $wpmem_fields An array of the WP-Members fields.
* @param array $arr['field_arr'] An array of the posted registration data.
*/
$arr = apply_filters('wpmem_notify_filter', $arr, $wpmem_fields, $field_data);
// If emails are not disabled, continue the email process.
if (!$arr['disable']) {
// Split field_arr into field_str.
$field_str = '';
foreach ($arr['field_arr'] as $key => $val) {
$field_str .= $key . ': ' . $val . "\r\n";
}
// Get the email footer if needed.
$foot = $arr['add_footer'] ? $arr['footer'] : '';
// If doing shortcode replacements.
if ($arr['do_shortcodes']) {
$shortcodes = array('blogname' => $arr['blogname'], 'username' => $arr['user_login'], 'email' => $arr['user_email'], 'reglink' => $arr['reg_link'], 'exp-type' => $arr['exp_type'], 'exp-data' => $arr['exp_date'], 'exp-date' => $arr['exp_date'], 'user-ip' => $arr['user_ip'], 'activate-user' => $arr['act_link'], 'fields' => $field_str);
// Add custom field shortcodes.
foreach ($wpmem_fields as $field) {
$meta_key = $field[2];
$val = is_array($field_data) && 'y' == $field[4] ? $field_data[$meta_key] : get_user_meta($user_id, $meta_key, true);
$shortcodes[$key] = $val;
}
/**
* Filter available email shortcodes.
*
* @since 3.1.0
*
* @param array $shortcodes
* @param string $toggle
*/
$shortcodes = apply_filters('wpmem_email_shortcodes', $shortcodes, 'notify');
$shortcd = array();
$replace = array();
foreach ($shortcodes as $key => $val) {
// Shortcodes.
$shortcd[] = '[' . $key . ']';
// Replacement values.
$replace[] = $val;
}
// Create the custom field shortcodes.
foreach ($wpmem_fields as $field) {
$meta_key = $field[2];
$shortcd[] = '[' . $meta_key . ']';
$replace[] = is_array($field_data) && 'y' == $field[4] ? $field_data[$meta_key] : get_user_meta($user_id, $meta_key, true);
}
// Get the subject, body, and footer shortcodes.
$arr['subj'] = str_replace($shortcd, $replace, $arr['subj']);
$arr['body'] = str_replace($shortcd, $replace, $arr['body']);
$foot = $arr['add_footer'] ? str_replace($shortcd, $replace, $foot) : '';
}
// Append footer if needed.
$arr['body'] = $arr['add_footer'] ? $arr['body'] . "\r\n" . $foot : $arr['body'];
/**
* Filters the admin notification email.
*
* @since 2.8.2
*
* @param string $arr['body'] The admin notification email body.
*/
$arr['body'] = apply_filters('wpmem_email_notify', $arr['body']);
// Apply from and from name email filters.
add_filter('wp_mail_from', 'wpmem_mail_from');
add_filter('wp_mail_from_name', 'wpmem_mail_from_name');
// Send the message.
wp_mail($arr['admin_email'], stripslashes($arr['subj']), stripslashes($arr['body']), $arr['headers']);
}
}
/**
* Inserts registration data from the native WP registration
*
* @since 2.8.3
*
* @param $user_id
*/
function wpmem_wp_reg_finalize($user_id)
{
$native_reg = isset($_POST['wp-submit']) && $_POST['wp-submit'] == 'Register' ? true : false;
$add_new = isset($_POST['action']) && $_POST['action'] == 'createuser' ? true : false;
if ($native_reg || $add_new) {
// get the fields
$wpmem_fields = get_option('wpmembers_fields');
// get any excluded meta fields
$exclude = wpmem_get_excluded_meta('register');
foreach ($wpmem_fields as $meta) {
if (isset($_POST[$meta[2]]) && !in_array($meta[2], $exclude)) {
update_user_meta($user_id, $meta[2], sanitize_text_field($_POST[$meta[2]]));
}
}
}
return;
}
/**
* updates WP-Members fields from the WP user profile screen
*
* @since 2.6.5
*
* @global int $user_id
*/
function wpmem_profile_update()
{
global $user_id;
// get the fields
$wpmem_fields = get_option('wpmembers_fields');
// get any excluded meta fields
$exclude = wpmem_get_excluded_meta('user-profile');
foreach ($wpmem_fields as $meta) {
// if this is not an excluded meta field
if (!in_array($meta[2], $exclude)) {
// if the field is user editable,
if ($meta[4] == "y" && $meta[6] == "n" && $meta[3] != 'password') {
// check for required fields
$chk = '';
if ($meta[5] == "n" || !$meta[5]) {
$chk = 'ok';
}
if ($meta[5] == "y" && $_POST[$meta[2]] != '') {
$chk = 'ok';
}
// check for field value
$field_val = isset($_POST[$meta[2]]) ? $_POST[$meta[2]] : '';
if ($chk == 'ok') {
update_user_meta($user_id, $meta[2], $field_val);
}
}
}
}
}
/**
* Inserts registration data from the native WP registration.
*
* @since 2.8.3
* @since 3.1.1 Added new 3.1 field types and activate user support.
*
* @todo Compartmentalize file upload along with main register function.
*
* @global object $wpmem The WP-Members object class.
* @param int $user_id The WP user ID.
*/
function wpmem_wp_reg_finalize($user_id)
{
global $wpmem;
$native_reg = isset($_POST['wp-submit']) && $_POST['wp-submit'] == esc_attr(__('Register')) ? true : false;
$add_new = isset($_POST['action']) && $_POST['action'] == 'createuser' ? true : false;
if ($native_reg || $add_new) {
// Get any excluded meta fields.
$exclude = wpmem_get_excluded_meta('register');
foreach ($wpmem->fields as $meta) {
if (isset($_POST[$meta[2]]) && !in_array($meta[2], $exclude) && 'file' != $meta[3] && 'image' != $meta[3]) {
if ('multiselect' == $meta[3] || 'multicheckbox' == $meta[3]) {
$delimiter = isset($meta[8]) ? $meta[8] : '|';
$data = implode($delimiter, $_POST[$meta[2]]);
} else {
$data = $_POST[$meta[2]];
}
update_user_meta($user_id, $meta[2], sanitize_text_field($data));
}
}
// If moderated registration and activate is checked, set active flags.
if (is_admin() && $add_new && 1 == $wpmem->mod_reg && isset($_POST['activate_user'])) {
update_user_meta($user_id, 'active', 1);
wpmem_set_user_status($user_id, 0);
}
}
return;
}
/**
* Inserts registration data from the native WP registration.
*
* @since 2.8.3
*
* @global object $wpmem The WP-Members object class.
*
* @param int $user_id The WP user ID.
*/
function wpmem_wp_reg_finalize($user_id)
{
global $wpmem;
$native_reg = isset($_POST['wp-submit']) && $_POST['wp-submit'] == esc_attr(__('Register')) ? true : false;
$add_new = isset($_POST['action']) && $_POST['action'] == 'createuser' ? true : false;
if ($native_reg || $add_new) {
// Get any excluded meta fields.
// @todo This needs to change to $wpmem->excluded_fields($tag).
$exclude = wpmem_get_excluded_meta('register');
foreach ($wpmem->fields as $meta) {
if (isset($_POST[$meta[2]]) && !in_array($meta[2], $exclude)) {
update_user_meta($user_id, $meta[2], sanitize_text_field($_POST[$meta[2]]));
}
}
}
return;
}
/**
* Builds the email for admin notification of new user registration
*
* @since 2.3
*
* @uses wp_mail
*
* @param int $user_id
* @param array $wpmem_fields
*/
function wpmem_notify_admin($user_id, $wpmem_fields)
{
$wp_user_fields = array('user_login', 'user_nicename', 'user_url', 'user_registered', 'display_name', 'first_name', 'last_name', 'nickname', 'description');
$user = get_userdata($user_id);
$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
$user_ip = get_user_meta($user_id, 'wpmem_reg_ip', true);
$reg_link = esc_url(get_user_meta($user_id, 'wpmem_reg_url', true));
$act_link = get_bloginfo('wpurl') . "/wp-admin/user-edit.php?user_id=" . $user_id;
$exp_type = WPMEM_USE_EXP == 1 ? get_user_meta($user_id, 'exp_type', 'true') : '';
$exp_date = WPMEM_USE_EXP == 1 ? get_user_meta($user_id, 'expires', 'true') : '';
$field_str = '';
foreach ($wpmem_fields as $meta) {
if ($meta[4] == 'y') {
$name = $meta[1];
if (!in_array($meta[2], wpmem_get_excluded_meta('email'))) {
if ($meta[2] != 'user_email' && $meta[2] != 'password') {
if ($meta[2] == 'user_url') {
$val = esc_url($user->user_url);
} elseif (in_array($meta[2], $wp_user_fields)) {
$val = esc_html($user->{$meta}[2]);
} else {
$val = esc_html(get_user_meta($user_id, $meta[2], 'true'));
}
$field_str .= "{$name}: {$val} \r\n";
}
}
}
}
/** Setup default shortcodes */
$shortcd = array('[blogname]', '[username]', '[email]', '[reglink]', '[exp-type]', '[exp-data]', '[user-ip]', '[activate-user]', '[fields]');
$replace = array($blogname, $user->user_login, $user->user_email, $reg_link, $exp_type, $exp_date, $user_ip, $act_link, $field_str);
/** create the custom field shortcodes */
foreach ($wpmem_fields as $field) {
$shortcd[] = '[' . $field[2] . ']';
$replace[] = get_user_meta($user_id, $field[2], true);
}
$arr = get_option('wpmembers_email_notify');
$subj = str_replace($shortcd, $replace, $arr['subj']);
$body = str_replace($shortcd, $replace, $arr['body']);
$foot = get_option('wpmembers_email_footer');
$foot = str_replace($shortcd, $replace, $foot);
$body .= "\r\n" . $foot;
/**
* Filters the admin notification email.
*
* @since 2.8.2
*
* @param string $body The admin notification email body.
*/
$body = apply_filters('wpmem_email_notify', $body);
/* Apply filters (if set) for the sending email address */
add_filter('wp_mail_from', 'wpmem_mail_from');
add_filter('wp_mail_from_name', 'wpmem_mail_from_name');
/**
* Filters the address the admin notification is sent to.
*
* @since 2.7.5
*
* @param string The email address of the admin to send to.
*/
$admin_email = apply_filters('wpmem_notify_addr', get_option('admin_email'));
/**
* Filters the email headers.
*
* @since 2.7.4
*
* @param mixed The email headers (default = null).
*/
$headers = apply_filters('wpmem_email_headers', '');
/* Send the message */
wp_mail($admin_email, stripslashes($subj), stripslashes($body), $headers);
}
/**
* updates WP-Members fields from the WP user profile screen.
*
* @since 2.6.5
*
* @global int $user_id
*/
function wpmem_profile_update()
{
global $wpmem, $user_id;
// Get the fields.
$wpmem_fields = $wpmem->fields;
//get_option( 'wpmembers_fields' );
// Get any excluded meta fields.
$exclude = wpmem_get_excluded_meta('user-profile');
foreach ($wpmem_fields as $meta) {
// If this is not an excluded meta field.
if (!in_array($meta[2], $exclude)) {
// If the field is user editable.
if ($meta[4] == "y" && $meta[6] == "n" && $meta[3] != 'password' && $meta[3] != 'file' && $meta[3] != 'image') {
// Check for required fields.
$chk = '';
if ($meta[5] == "n" || !$meta[5]) {
$chk = 'ok';
}
if ($meta[5] == "y" && $_POST[$meta[2]] != '') {
$chk = 'ok';
}
// Check for field value.
if ($meta[3] == 'multiselect' || $meta[3] == 'multicheckbox') {
$field_val = isset($_POST[$meta[2]]) ? implode('|', $_POST[$meta[2]]) : '';
} else {
$field_val = isset($_POST[$meta[2]]) ? $_POST[$meta[2]] : '';
}
if ($chk == 'ok') {
update_user_meta($user_id, $meta[2], $field_val);
}
}
}
}
}
/**
* Appends WP-Members registration fields to Users > Add New User screen.
*
* @since 2.9.0
* @since 3.1.1 Updated to support new (3.1.0) field types and user activation.
*/
function wpmem_do_wp_newuser_form()
{
global $wpmem;
echo '<table class="form-table"><tbody>';
$wpmem_fields = $wpmem->fields;
//get_option( 'wpmembers_fields' );
$exclude = wpmem_get_excluded_meta('register');
foreach ($wpmem_fields as $field) {
$meta_key = $field[2];
if ($field[6] == 'n' && !in_array($meta_key, $exclude)) {
$req = $field[5] == 'y' ? ' <span class="description">' . __('(required)') . '</span>' : '';
echo '<tr>
<th scope="row">
<label for="' . $meta_key . '">' . __($field[1], 'wp-members') . $req . '</label>
</th>
<td>';
// determine the field type and generate accordingly.
switch ($field[3]) {
case 'select':
$val = isset($_POST[$meta_key]) ? $_POST[$meta_key] : '';
echo wpmem_create_formfield($meta_key, $field[3], $field[7], $val);
break;
case 'textarea':
echo '<textarea name="' . $meta_key . '" id="' . $meta_key . '" class="textarea">';
echo isset($_POST[$meta_key]) ? esc_textarea($_POST[$meta_key]) : '';
echo '</textarea>';
break;
case 'checkbox':
$val = isset($_POST[$meta_key]) ? $_POST[$meta_key] : '';
$val = !$_POST && $field[8] == 'y' ? $field[7] : $val;
echo wpmem_create_formfield($meta_key, $field[3], $field[7], $val);
break;
case 'multiselect':
case 'multicheckbox':
case 'radio':
$valtochk = isset($_POST[$meta_key]) ? $_POST[$meta_key] : '';
$formfield_args = array('name' => $meta_key, 'type' => $field[3], 'value' => $field[7], 'compare' => $valtochk, 'required' => 'y' == $field[5] ? true : false);
if ('multicheckbox' == $field[3] || 'multiselect' == $field[3]) {
$formfield_args['delimiter'] = isset($field[8]) ? $field[8] : '|';
}
echo $wpmem->forms->create_form_field($formfield_args);
break;
case 'file':
case 'image':
break;
default:
echo '<input type="' . $field[3] . '" name="' . $meta_key . '" id="' . $meta_key . '" class="input" value="';
echo isset($_POST[$meta_key]) ? esc_attr($_POST[$meta_key]) : '';
echo '" size="25" />';
break;
}
echo '</td>
</tr>';
}
}
// If moderated registration is enabled, add checkbox to set user as active.
if (1 == $wpmem->mod_reg) {
echo '<tr>
<th scope="row">
<label for="activate_user">' . __('Activate this user?', 'wp-members') . '</label>
</th>
<td>' . $wpmem->forms->create_form_field(array('name' => 'activate_user', 'type' => 'checkbox', 'value' => 1, 'compare' => '')) . '</td>
</tr>';
}
echo '</tbody></table>';
}