コード例 #1
0
ファイル: umAjaxModel.php プロジェクト: hoonio/PhoneAfrika
 function postInsertUser()
 {
     global $userMeta, $user_ID;
     $userMeta->verifyNonce();
     $errors = new WP_Error();
     /// Determine $userID
     $userID = $user_ID;
     if (isset($_REQUEST['user_id'])) {
         $user = new WP_User($user_ID);
         if ($user->has_cap('add_users') && $_REQUEST['user_id']) {
             $userID = esc_attr($_REQUEST['user_id']);
         }
     }
     /// $_REQUEST Validation
     $actionType = @$_REQUEST['action_type'];
     if (empty($actionType)) {
         $errors->add('empty_action_type', __('Action type not set', $userMeta->name));
     }
     if (!isset($_REQUEST['form_key'])) {
         $errors->add('empty_form_name', __('Form name not set', $userMeta->name));
     }
     /// Determine $actionType
     $actionType = strtolower($actionType);
     if ($actionType == 'profile-registration') {
         if ($user_ID) {
             $actionType = 'profile';
         } else {
             $actionType = 'registration';
         }
     }
     /// filter valid key for update
     $validFields = $userMeta->formValidInputField(@$_REQUEST['form_key']);
     if (!$validFields) {
         $errors->add('empty_field', __('No field to Update', $userMeta->name));
     }
     /// Showing error
     if ($errors->get_error_code()) {
         return $userMeta->ShowError($errors);
     }
     // Free version limitation
     //if( ( $actionType <> 'profile' ) && ! ( $userMeta->isPro ) )
     //return $userMeta->showError( sprintf( __( 'type="%s" is not supported in free version', $userMeta->name ), $actionType ) );
     /// Assign $fieldName,$fieldData to $userData. Also validating required and unique
     foreach ($validFields as $fieldName => $fieldData) {
         /// user_login is read-only for profile update, so remove it to being $userData
         /*if( $fieldName == 'user_login' && $actionType == 'profile' )
                         continue;
         
                     if( $fieldName == 'user_pass' && $actionType == 'profile' ){
                         if( !$_REQUEST[$fieldName] )
                             continue;
                     }*/
         if ($actionType == 'profile') {
             if ($fieldName == 'user_login' || $fieldName == 'user_pass' && empty($_REQUEST['user_pass'])) {
                 continue;
             }
         }
         /// Assigning data to $userData
         $userData[$fieldName] = @$_REQUEST[$fieldName];
         /// Handle non-ajax file upload
         if (in_array($fieldData['field_type'], array('user_avatar', 'file'))) {
             if (isset($_FILES[$fieldName])) {
                 $extensions = @$fieldData['allowed_extension'] ? $fieldData['allowed_extension'] : "jpg,png,gif";
                 $maxSize = @$fieldData['max_file_size'] ? $fieldData['max_file_size'] * 1024 : 1024 * 1024;
                 $file = $userMeta->fileUpload($fieldName, $extensions, $maxSize);
                 if (is_wp_error($file)) {
                     if ($file->get_error_code() != 'no_file') {
                         $errors->add($file->get_error_code(), $file->get_error_message());
                     }
                 } else {
                     if (is_string($file)) {
                         $userData[$fieldName] = $file;
                     }
                 }
             }
         }
         // For removing value for cache
         //if( $fieldName == 'user_avatar' OR $fieldName == 'file' )
         //$imageCache[] = $userData[$fieldName];
         /*if( $fieldName == 'user_login' || $fieldName == 'user_email' ){
               $fieldData[ 'required' ] = true;
               $fieldData[ 'unique' ]   = true;
           }*/
         /*if( $fieldName == 'user_pass' && $actionType == 'registration' )
           $fieldData[ 'required' ] = true;*/
         /*if( $fieldData[ 'required' ] ){
               if( !$userData[ $fieldName ] ){
                   $errors->add( 'required', sprintf( __( '%s field is required', $userMeta->name ), $fieldData['field_title'] ) );
                   continue;
               }                        
           }*/
         /*
          * Using umField Class
          */
         if (!isset($fieldData['field_value'])) {
             $fieldData['field_value'] = $userData[$fieldName];
         }
         $field = new umField($fieldData['field_id'], $fieldData, array('user_id' => $userID, 'insert_type' => $actionType));
         if ($fieldName == 'user_pass' && $actionType == 'registration') {
             $field->addRule('required');
         }
         if (isset($_REQUEST[$fieldName . "_retype"])) {
             $field->addRule('equals');
         }
         if (!$field->validate()) {
             foreach ($field->getErrors() as $errKey => $errVal) {
                 $errors->add($errKey, $errVal);
             }
         }
         /*if( isset($_REQUEST[ $fieldName . "_retype" ]) && !empty($_REQUEST[$fieldName]) ){
               if( $_REQUEST[ $fieldName . "_retype" ] != $_REQUEST[$fieldName] )
                   $errors->add( 'retype_required', sprintf( __( '%s field is required to retype', $userMeta->name ), $fieldData['field_title'] ) );
           }
           
           if( $fieldData[ 'unique' ] ){
               $available = $userMeta->isUserFieldAvailable( $fieldName, $userData[ $fieldName ], $userID );
               if( ! $available )
                   $errors->add( 'existing_' . $fieldName, sprintf( __( '%1$s: "%2$s" already taken', $userMeta->name ), $fieldData[ 'field_title' ], $userData[ $fieldName ] ) );								
           }*/
     }
     // If add_user_to_blog set true in UserMeta settings panel
     if (is_multisite() && $actionType == 'registration') {
         $registrationSettings = $userMeta->getSettings('registration');
         if (!empty($registrationSettings['add_user_to_blog'])) {
             if (in_array('existing_user_login', $errors->get_error_codes())) {
                 unset($errors->errors['existing_user_login']);
             }
             if (in_array('existing_user_email', $errors->get_error_codes())) {
                 unset($errors->errors['existing_user_email']);
             }
         }
     }
     if (empty($userData)) {
         return $userMeta->ShowError(__('No data to update', $userMeta->name));
     }
     // Showing error
     if ($errors->get_error_code()) {
         return $userMeta->ShowError($errors);
     }
     /// Run Captcha validation after completed all other validation
     $captchaValidation = $userMeta->isInvalidateCaptcha();
     if ($captchaValidation) {
         $errors->add('invalid_captcha', $captchaValidation);
         return $userMeta->ShowError($errors);
     }
     /**
      * Check allowed role for security purpose
      */
     if (isset($userData['role'])) {
         $ignoreRole = true;
         $fieldData = $userMeta->getFieldData(@$_REQUEST['role_field_id']);
         if (is_array(@$fieldData['allowed_roles'])) {
             if (in_array($userData['role'], $fieldData['allowed_roles'])) {
                 $ignoreRole = false;
             }
         }
         if ($ignoreRole) {
             unset($userData['role']);
         }
     }
     if ($actionType == 'registration') {
         return $userMeta->registerUser($userData, @$imageCache);
     }
     $html = null;
     if ($actionType == 'profile') {
         if (!$user_ID) {
             return $userMeta->showError(__('User must be logged in to update profile', $userMeta->name));
         }
         $userData = apply_filters('user_meta_pre_user_update', $userData);
         if (is_wp_error($userData)) {
             return $userMeta->showError($userData);
         }
         $response = $userMeta->insertUser($userData, $userID);
         if (is_wp_error($response)) {
             return $userMeta->showError($response);
         }
         /// Allow to populate form data based on DB instead of $_REQUEST
         $userMeta->showDataFromDB = true;
         // Removing Cache
         if (isset($imageCache)) {
             $userMeta->removeCache('image_cache', $imageCache, false);
         }
         do_action('user_meta_after_user_update', (object) $response);
         $message = $userMeta->getMsg('profile_updated');
         $html = "<div action_type='{$actionType}'>" . $userMeta->showMessage($message) . "</div>";
     }
     return $userMeta->printAjaxOutput($html);
 }
コード例 #2
0
ファイル: umAjaxModel.php プロジェクト: robbenz/plugs
 function postInsertUser()
 {
     global $userMeta;
     //$userMeta->dump($_REQUEST);die();
     $userMeta->verifyNonce();
     $umUserInsert = new umUserInsert();
     return $umUserInsert->postInsertUserProcess();
     $errors = new WP_Error();
     $user_ID = get_current_user_id();
     /// Determine $userID
     $userID = $user_ID;
     if (isset($_REQUEST['user_id'])) {
         $user = new WP_User($user_ID);
         if ($user->has_cap('add_users') && $_REQUEST['user_id']) {
             $userID = esc_attr($_REQUEST['user_id']);
         }
     }
     $user = new WP_User($userID);
     /// $_REQUEST Validation
     $actionType = @$_REQUEST['action_type'];
     if (empty($actionType)) {
         $errors->add('empty_action_type', __('Action type is empty', $userMeta->name));
     }
     if (!isset($_REQUEST['form_key'])) {
         $errors->add('empty_form_name', __('Form name is empty', $userMeta->name));
     }
     /// Determine $actionType
     $actionType = strtolower($actionType);
     if ($actionType == 'profile-registration') {
         if ($user_ID) {
             $actionType = 'profile';
         } else {
             $actionType = 'registration';
         }
     }
     $formName = $_REQUEST['form_key'];
     $formBuilder = new umFormGenerate($formName, $actionType, $userID);
     if (!$formBuilder->isFound()) {
         $errors->add('not_found', sprintf(__('Form "%s" is not found.', $userMeta->name), $formName));
     }
     /// filter valid key for update
     //$validFields = $userMeta->formValidInputField( @$_REQUEST['form_key'] );
     $validFields = $formBuilder->validInputFields();
     if (!$validFields) {
         $errors->add('empty_field', __('No field to update', $userMeta->name));
     }
     /// Showing error
     if ($errors->get_error_code()) {
         return $userMeta->ShowError($errors);
     }
     // Free version limitation
     //if( ( $actionType <> 'profile' ) && ! ( $userMeta->isPro ) )
     //return $userMeta->showError( sprintf( __( 'type="%s" is not supported in free version', $userMeta->name ), $actionType ) );
     /// Assign $fieldName,$field to $userData. Also validating required and unique
     foreach ($validFields as $fieldName => $field) {
         $field = apply_filters('user_meta_field_config', $field, $field['id'], $formName, $userID);
         if ($actionType == 'profile') {
             if ($fieldName == 'user_login' || $fieldName == 'user_pass' && empty($_REQUEST['user_pass'])) {
                 continue;
             }
         }
         if ($field['field_type'] == 'custom' && isset($field['input_type']) && $field['input_type'] == 'password') {
             if (empty($_REQUEST[$fieldName])) {
                 continue;
             }
         }
         /// Assigning data to $userData
         $userData[$fieldName] = @$_REQUEST[$fieldName];
         if (is_array($userData[$fieldName]) && count($userData[$fieldName]) == 1 && !empty($userData[$fieldName])) {
             $userData[$fieldName] = $userData[$fieldName][0];
         }
         /// Handle non-ajax file upload
         if (in_array($field['field_type'], array('user_avatar', 'file'))) {
             if (isset($_FILES[$fieldName])) {
                 $extensions = !empty($field['allowed_extension']) ? $field['allowed_extension'] : "jpg,png,gif";
                 $maxSize = !empty($field['max_file_size']) ? $field['max_file_size'] * 1024 : 1024 * 1024;
                 $file = $userMeta->fileUpload($fieldName, $extensions, $maxSize);
                 if (is_wp_error($file)) {
                     if ($file->get_error_code() != 'no_file') {
                         $errors->add($file->get_error_code(), $file->get_error_message());
                     }
                 } else {
                     if (is_string($file)) {
                         $umFile = new umFile();
                         $umFile->initFile($field);
                         $userData[$fieldName] = $file;
                     }
                 }
             }
             $userMeta->removeFromFileCache($userData[$fieldName]);
         }
         /*
          * Using umField Class
          */
         if (!isset($field['field_value'])) {
             $field['field_value'] = $userData[$fieldName];
         }
         $umField = new umField($field['id'], $field, array('user_id' => $userID, 'insert_type' => $actionType));
         if ($fieldName == 'user_pass' && $actionType == 'registration') {
             $umField->addRule('required');
         }
         if ($fieldName == 'user_pass' && $actionType == 'profile') {
             if (!empty($field['required_current_password'])) {
                 $umField->addRule('current_password');
             }
         }
         if (isset($_REQUEST[$fieldName . "_retype"])) {
             $umField->addRule('equals');
         }
         if (!$umField->validate()) {
             foreach ($umField->getErrors() as $errKey => $errVal) {
                 $errors->add($errKey, $errVal);
             }
         }
         /*if( isset($_REQUEST[ $fieldName . "_retype" ]) && !empty($_REQUEST[$fieldName]) ){
               if( $_REQUEST[ $fieldName . "_retype" ] != $_REQUEST[$fieldName] )
                   $errors->add( 'retype_required', sprintf( __( '%s field is required to retype', $userMeta->name ), $fieldData['field_title'] ) );
           }
           
           if( $fieldData[ 'unique' ] ){
               $available = $userMeta->isUserFieldAvailable( $fieldName, $userData[ $fieldName ], $userID );
               if( ! $available )
                   $errors->add( 'existing_' . $fieldName, sprintf( __( '%1$s: "%2$s" already taken', $userMeta->name ), $fieldData[ 'field_title' ], $userData[ $fieldName ] ) );								
           }*/
     }
     // If add_user_to_blog set true in UserMeta settings panel
     if (is_multisite() && $actionType == 'registration') {
         $registrationSettings = $userMeta->getSettings('registration');
         if (!empty($registrationSettings['add_user_to_blog'])) {
             if (in_array('existing_user_login', $errors->get_error_codes())) {
                 unset($errors->errors['existing_user_login']);
             }
             if (in_array('existing_user_email', $errors->get_error_codes())) {
                 unset($errors->errors['existing_user_email']);
             }
         }
     }
     if (empty($userData)) {
         return $userMeta->ShowError(__('No data to update', $userMeta->name));
     }
     // Showing error
     if ($errors->get_error_code()) {
         return $userMeta->ShowError($errors);
     }
     /// Run Captcha validation after completed all other validation
     $captchaValidation = $userMeta->isInvalidateCaptcha();
     if ($captchaValidation) {
         $errors->add('invalid_captcha', $captchaValidation);
         return $userMeta->ShowError($errors);
     }
     /**
      * Check allowed role for security purpose
      */
     if (isset($userData['role'])) {
         $ignoreRole = true;
         //$fieldData = $userMeta->getFieldData( @$_REQUEST['role_field_id'] );
         $field = $formBuilder->getField(@$_REQUEST['role_field_id']);
         if (is_array(@$field['allowed_roles'])) {
             if (in_array($userData['role'], $field['allowed_roles'])) {
                 $ignoreRole = false;
             }
         }
         if ($ignoreRole) {
             unset($userData['role']);
         }
     }
     if ($actionType == 'registration') {
         return $userMeta->registerUser($userData, @$imageCache);
     }
     $html = null;
     if ($actionType == 'profile') {
         if (!$user_ID) {
             return $userMeta->showError(__('User must be logged in to update profile', $userMeta->name));
         }
         $userData = apply_filters('user_meta_pre_user_update', $userData, $userID, $formName);
         if (is_wp_error($userData)) {
             return $userMeta->showError($userData);
         }
         /**
          * Profile Update modified data
          */
         $modifiedData = array();
         foreach ($userData as $key => $val) {
             if ($user->{$key} != $val) {
                 $modifiedData[$key] = $user->{$key};
             }
         }
         $response = $userMeta->insertUser($userData, $userID);
         if (is_wp_error($response)) {
             return $userMeta->showError($response);
         }
         if (!empty($modifiedData)) {
             $storedData = get_transient($userMeta->prefix . 'user_modified_data');
             if (empty($storedData)) {
                 $storedData = array();
             }
             $storedData[$userID] = $modifiedData;
             set_transient($userMeta->prefix . 'user_modified_data', $storedData, 30);
         }
         /**
          * End Profile Update modified data
          */
         /// Allow to populate form data based on DB instead of $_REQUEST
         $userMeta->showDataFromDB = true;
         // Commented since 1.1.5rc3
         //if( isset( $imageCache ) )
         //$userMeta->removeCache( 'image_cache', $imageCache, false );
         do_action('user_meta_after_user_update', (object) $response, $formName);
         $message = $userMeta->getMsg('profile_updated');
         $html = "<div action_type='{$actionType}'>" . $userMeta->showMessage($message) . "</div>";
     }
     return $userMeta->printAjaxOutput($html);
 }
コード例 #3
0
ファイル: umUserInsertClass.php プロジェクト: robbenz/plugs
 /**
  * Sanitize and validate user input.
  * 
  * Assume $this->actionType, $this->fields, $this->formName and $this->user already set.
  * Call this function only after calling $this->setForm()
  */
 private function sanitizeFields()
 {
     global $userMeta;
     $userData = array();
     /**
      * Assign $fieldName, $field to $userData. Also validating required and unique
      */
     foreach ($this->fields as $fieldName => $field) {
         $field = apply_filters('user_meta_field_config', $field, $field['id'], $this->formName, $this->userID);
         if ($this->actionType == 'profile') {
             if ($fieldName == 'user_login' || $fieldName == 'user_pass' && empty($_REQUEST['user_pass'])) {
                 continue;
             }
         }
         if ($field['field_type'] == 'custom' && isset($field['input_type']) && $field['input_type'] == 'password') {
             if (empty($_REQUEST[$fieldName])) {
                 continue;
             }
         }
         /// Assigning data to $userData
         $userData[$fieldName] = !empty($_POST[$fieldName]) ? $_POST[$fieldName] : '';
         if (is_array($userData[$fieldName]) && count($userData[$fieldName]) == 1 && !empty($userData[$fieldName])) {
             $userData[$fieldName] = $userData[$fieldName][0];
         }
         if ($userData[$fieldName] && !is_array($userData[$fieldName])) {
             $userData[$fieldName] = esc_attr($userData[$fieldName]);
         }
         /// Handle non-ajax file upload
         if (in_array($field['field_type'], array('user_avatar', 'file'))) {
             if (isset($_FILES[$fieldName])) {
                 $extensions = !empty($field['allowed_extension']) ? $field['allowed_extension'] : "jpg,png,gif";
                 $maxSize = !empty($field['max_file_size']) ? $field['max_file_size'] * 1024 : 1024 * 1024;
                 $file = $userMeta->fileUpload($fieldName, $extensions, $maxSize);
                 if (is_wp_error($file)) {
                     if ($file->get_error_code() != 'no_file') {
                         $errors->add($file->get_error_code(), $file->get_error_message());
                     }
                 } else {
                     if (is_string($file)) {
                         $umFile = new umFile($field);
                         $userData[$fieldName] = $file;
                     }
                 }
             }
             $userMeta->removeFromFileCache($userData[$fieldName]);
         }
         /*
          * Using umField Class
          */
         if (!isset($field['field_value'])) {
             $field['field_value'] = $userData[$fieldName];
         }
         $umField = new umField($field['id'], $field, array('user_id' => $this->userID, 'insert_type' => $this->actionType));
         if ($fieldName == 'user_pass' && $this->actionType == 'registration') {
             $umField->addRule('required');
         }
         if ($fieldName == 'user_pass' && $this->actionType == 'profile') {
             if (!empty($field['required_current_password'])) {
                 $umField->addRule('current_password');
             }
         }
         if (isset($_REQUEST[$fieldName . "_retype"])) {
             $umField->addRule('equals');
         }
         if (!$umField->validate()) {
             foreach ($umField->getErrors() as $errKey => $errVal) {
                 $this->errors->add($errKey, $errVal);
             }
         }
     }
     $this->userData = $userData;
     $this->setMetaData();
 }