/** * Gets the user links for the current user's role * * Callback for "tml_user_links" hook in method Theme_My_Login_Template::display() * * @see Theme_My_Login_Template::display() * @since 6.0 * @access public * * @param array $links Default user links * @return array New user links */ public function get_user_links($links = array()) { if (!is_user_logged_in()) { return $links; } $current_user = wp_get_current_user(); if (is_multisite() && empty($current_user->roles)) { $current_user->roles = array('subscriber'); } foreach ((array) $current_user->roles as $role) { if ($links = $this->get_option($role)) { } break; } // Define and allow filtering of replacement variables $replacements = apply_filters('tml_custom_user_links_variables', array('%user_id%' => $current_user->ID, '%username%' => $current_user->user_nicename)); // Replace variables in link foreach ((array) $links as $key => $link) { $links[$key]['url'] = Theme_My_Login_Common::replace_vars($link['url'], $current_user->ID, $replacements); } return $links; }
/** * Sanitizes settings * * Callback for register_setting() * * @since 6.0 * @access public * * @param string|array $settings Settings passed in from filter * @return string|array Sanitized settings */ public function save_settings($settings) { $settings['new_user']['admin_disable'] = isset($settings['new_user']['admin_disable']); $settings['reset_pass']['admin_disable'] = isset($settings['reset_pass']['admin_disable']); if (class_exists('Theme_My_Login_User_Moderation')) { $settings['user_approval']['admin_disable'] = isset($settings['user_approval']['admin_disable']); $settings['user_denial']['disable'] = isset($settings['user_denial']['disable']); } $settings = Theme_My_Login_Common::array_merge_recursive($this->get_options(), $settings); return $settings; }
/** * Returns requested action URL * * @since 6.0 * @access public * * @param string $action Action to retrieve * @param string $scheme Scheme to give the URL context * @return string The requested action URL */ public function get_action_url($action = '', $scheme = 'login') { $instance = $this->get_option('instance'); if ($action == $this->get_option('default_action')) { $args = array(); if ($instance) { $args['instance'] = $instance; } $url = Theme_My_Login_Common::get_current_url($args); } else { $url = Theme_My_Login::get_page_link($action); } $url = set_url_scheme($url, $scheme); return apply_filters('tml_action_url', $url, $action, $scheme, $instance); }
/** * Handles logout redirection * * Callback for "logout_redirect" hook in method Theme_My_Login::the_request() * * @see Theme_My_Login::the_request() * @since 6.0 * @access public * * @param string $redirect_to Default redirect * @param string $request Requested redirect * @param WP_User|WP_Error WP_User if user logged in, WP_Error otherwise * @return string New redirect */ public function logout_redirect($redirect_to, $request, $user) { // Determine the correct referer if (!($http_referer = wp_get_original_referer())) { $http_referer = wp_get_referer(); } // Remove some arguments that may be present and shouldn't be $http_referer = remove_query_arg(array('instance', 'action', 'checkemail', 'error', 'loggedout', 'registered', 'redirect_to', 'updated', 'key', '_wpnonce'), $http_referer); // Make sure $user object exists and is a WP_User instance if (!is_wp_error($user) && is_a($user, 'WP_User')) { if (is_multisite() && empty($user->roles)) { $user->roles = array('subscriber'); } $user_role = reset($user->roles); $redirection = $this->get_option($user_role, array()); if ('referer' == $redirection['logout_type']) { // Send 'em back to the referer $redirect_to = $http_referer; } elseif ('custom' == $redirection['logout_type']) { // Send 'em to the specified URL $redirect_to = $redirection['logout_url']; // Allow a few user specific variables $redirect_to = Theme_My_Login_Common::replace_vars($redirect_to, $user->ID, array('%user_id%' => $user->ID)); } } // Make sure $redirect_to isn't empty or pointing to an admin URL (causing an endless loop) if (empty($redirect_to) || false !== strpos($redirect_to, 'wp-admin')) { $redirect_to = add_query_arg('loggedout', 'true', wp_login_url()); } return $redirect_to; }
/** * Handles "send_activation" action for login page * * Callback for "tml_request_send_activation" hook in method Theme_My_Login::the_request(); * * @see Theme_My_Login::the_request(); * @since 6.0 * @access public */ public static function send_activation() { global $wpdb; $login = isset($_GET['login']) ? trim($_GET['login']) : ''; if (!($user_id = $wpdb->get_var($wpdb->prepare("SELECT ID FROM {$wpdb->users} WHERE user_login = %s", $login)))) { $redirect_to = Theme_My_Login_Common::get_current_url(array('sendactivation' => 'failed')); wp_redirect($redirect_to); exit; } do_action('tml_user_activation_resend', $user_id); $user = new WP_User($user_id); if (in_array('pending', (array) $user->roles)) { // Send activation e-mail self::new_user_activation_notification($user->ID); // Now redirect them $redirect_to = Theme_My_Login_Common::get_current_url(array('sendactivation' => 'sent')); wp_redirect($redirect_to); exit; } }
/** * Get the redirect URL for a user. * * @since 6.4.1 * * @param WP_User $user User object * @param string $type Optional. Type of redirect. Accepts 'login' * or 'logout'. Default is 'login'. * @param string $default Optional. Default URL if somehow not found * @return string Redirect URL */ public function get_redirect_for_user($user, $type = 'login', $default = '') { // Make sure we have a default if (empty($default)) { $default = admin_url('profile.php'); } // Bail if $user is not a WP_User if (!$user instanceof WP_User) { return $default; } // Make sure $type is valid if (!('login' == $type || 'logout' == $type)) { $type = 'login'; } // Make sure the user has a role if (is_multisite() && empty($user->roles)) { $user->roles = array('subscriber'); } // Get the user's role $user_role = reset($user->roles); // Get the redirection settings for the user's role $redirection = $this->get_option($user_role, array()); // Determine which redirection type is being used switch ($redirection["{$type}_type"]) { case 'referer': // Get the referer if (!($referer = wp_get_original_referer())) { $referer = wp_get_referer(); } // Strip unwanted arguments from the referer $referer = Theme_My_Login_Common::strip_query_args($referer); // Is the URL a single post type? if ($page_id = url_to_postid($referer)) { // Bail if the referer is TML page if (Theme_My_Login::is_tml_page(null, $page_id)) { return $default; } } // Send 'em back to the referer $redirect_to = $referer; break; case 'custom': // Send 'em to the specified URL $redirect_to = $redirection["{$type}_url"]; // Allow a few user specific variables $redirect_to = str_replace(array('%user_id%', '%user_nicename%'), array($user->ID, $user->user_nicename), $redirect_to); break; } // Make sure $redirect_to isn't empty if (empty($redirect_to)) { $redirect_to = $default; } return $redirect_to; }
/** * Changes the user denial e-mail message * * Callback for "user_denial_notification_message" hook in Theme_My_Login_User_Moderation_Admin::deny_user() * * @see Theme_My_Login_User_Moderation_Admin::deny_user() * @since 6.1 * @access public * * @param string $message The default message * @param int $user_id The user's ID * @return string The filtered message */ public function user_denial_notification_message_filter($message, $user_id) { $_message = $this->get_option(array('user_denial', 'message')); return empty($_message) ? $message : Theme_My_Login_Common::replace_vars($_message, $user_id); }
/** * Returns requested action URL * * @since 6.0 * @access public * * @param string $action Action to retrieve * @return string The requested action URL */ public function get_action_url($action = '') { $instance = $this->get_option('instance'); if ($action == $this->get_option('default_action')) { $args = array(); if ($instance) { $args['instance'] = $instance; } $url = Theme_My_Login_Common::get_current_url($args); } else { $url = Theme_My_Login::get_page_link($action); } // Respect FORCE_SSL_LOGIN if ('login' == $action && force_ssl_login()) { $url = preg_replace('|^http://|', 'https://', $url); } return apply_filters('tml_action_url', $url, $action, $instance); }
/** * Handles "unlock" action for login page * * Callback for "tml_request_activate" hook in method Theme_My_Login::the_request(); * * @see Theme_My_Login::the_request(); * @since 6.3 */ public function request_unlock() { $user = self::check_user_unlock_key($_GET['key'], $_GET['login']); $redirect_to = Theme_My_Login_Common::get_current_url(); if (is_wp_error($user)) { $redirect_to = add_query_arg('unlock', 'invalidkey', $redirect_to); wp_redirect($redirect_to); exit; } self::unlock_user($user->ID); $redirect_to = add_query_arg('unlock', 'complete', $redirect_to); wp_redirect($redirect_to); exit; }
/** * Displays the registration page * * @since 6.1 * @access public * * @param object $template Theme_My_Login_Template object */ public function tml_display_register(&$template) { global $wpdb, $blogname, $blog_title, $domain, $path, $active_signup; $theme_my_login = Theme_My_Login::get_object(); do_action('before_signup_form'); echo '<div class="login mu_register" id="theme-my-login' . esc_attr($template->get_option('instance')) . '">'; $active_signup = get_site_option('registration'); if (!$active_signup) { $active_signup = 'all'; } $active_signup = apply_filters('wpmu_active_signup', $active_signup); // return "all", "none", "blog" or "user" // Make the signup type translatable. $i18n_signup['all'] = _x('all', 'Multisite active signup type'); $i18n_signup['none'] = _x('none', 'Multisite active signup type'); $i18n_signup['blog'] = _x('blog', 'Multisite active signup type'); $i18n_signup['user'] = _x('user', 'Multisite active signup type'); if (is_super_admin()) { echo '<p class="message">' . sprintf(__('Greetings Site Administrator! You are currently allowing “%s” registrations. To change or disable registration go to your <a href="%s">Options page</a>.', 'theme-my-login'), $i18n_signup[$active_signup], esc_url(network_admin_url('ms-options.php'))) . '</p>'; } $newblogname = isset($_GET['new']) ? strtolower(preg_replace('/^-|-$|[^-a-zA-Z0-9]/', '', $_GET['new'])) : null; $current_user = wp_get_current_user(); if ($active_signup == "none") { _e('Registration has been disabled.', 'theme-my-login'); } elseif ($active_signup == 'blog' && !is_user_logged_in()) { printf(__('You must first <a href="%s">log in</a>, and then you can create a new site.', 'theme-my-login'), wp_login_url(Theme_My_Login_Common::get_current_url())); } else { $stage = isset($_POST['stage']) ? $_POST['stage'] : 'default'; switch ($stage) { case 'validate-user-signup': if ($active_signup == 'all' || $_POST['signup_for'] == 'blog' && $active_signup == 'blog' || $_POST['signup_for'] == 'user' && $active_signup == 'user') { $result = wpmu_validate_user_signup($_POST['user_name'], $_POST['user_email']); extract($result); $theme_my_login->errors = $errors; if ($errors->get_error_code()) { $this->signup_user($user_name, $user_email); break; } if ('blog' == $_POST['signup_for']) { $this->signup_blog($user_name, $user_email); break; } wpmu_signup_user($user_name, $user_email, apply_filters('add_signup_meta', array())); ?> <h2><?php printf(__('%s is your new username', 'theme-my-login'), $user_name); ?> </h2> <p><?php _e('But, before you can start using your new username, <strong>you must activate it</strong>.', 'theme-my-login'); ?> </p> <p><?php printf(__('Check your inbox at <strong>%1$s</strong> and click the link given.', 'theme-my-login'), $user_email); ?> </p> <p><?php _e('If you do not activate your username within two days, you will have to sign up again.', 'theme-my-login'); ?> </p> <?php do_action('signup_finished'); } else { _e('User registration has been disabled.', 'theme-my-login'); } break; case 'validate-blog-signup': if ($active_signup == 'all' || $active_signup == 'blog') { // Re-validate user info. $result = wpmu_validate_user_signup($_POST['user_name'], $_POST['user_email']); extract($result); $theme_my_login->errors = $errors; if ($errors->get_error_code()) { $this->signup_user($user_name, $user_email); break; } $result = wpmu_validate_blog_signup($_POST['blogname'], $_POST['blog_title']); extract($result); $theme_my_login->errors = $errors; if ($errors->get_error_code()) { $this->signup_blog($user_name, $user_email, $blogname, $blog_title); break; } $public = (int) $_POST['blog_public']; $meta = array('lang_id' => 1, 'public' => $public); $meta = apply_filters('add_signup_meta', $meta); wpmu_signup_blog($domain, $path, $blog_title, $user_name, $user_email, $meta); ?> <h2><?php printf(__('Congratulations! Your new site, %s, is almost ready.', 'theme-my-login'), "<a href='http://{$domain}{$path}'>{$blog_title}</a>"); ?> </h2> <p><?php _e('But, before you can start using your site, <strong>you must activate it</strong>.', 'theme-my-login'); ?> </p> <p><?php printf(__('Check your inbox at <strong>%s</strong> and click the link given.', 'theme-my-login'), $user_email); ?> </p> <p><?php _e('If you do not activate your site within two days, you will have to sign up again.', 'theme-my-login'); ?> </p> <h2><?php _e('Still waiting for your email?', 'theme-my-login'); ?> </h2> <p> <?php _e('If you haven’t received your email yet, there are a number of things you can do:', 'theme-my-login'); ?> <ul id="noemail-tips"> <li><p><strong><?php _e('Wait a little longer. Sometimes delivery of email can be delayed by processes outside of our control.', 'theme-my-login'); ?> </strong></p></li> <li><p><?php _e('Check the junk or spam folder of your email client. Sometime emails wind up there by mistake.', 'theme-my-login'); ?> </p></li> <li><?php printf(__('Have you entered your email correctly? You have entered %s, if it’s incorrect, you will not receive your email.', 'theme-my-login'), $user_email); ?> </li> </ul> </p> <?php do_action('signup_finished'); } else { _e('Site registration has been disabled.', 'theme-my-login'); } break; case 'gimmeanotherblog': $current_user = wp_get_current_user(); if (!is_user_logged_in()) { die; } $result = wpmu_validate_blog_signup($_POST['blogname'], $_POST['blog_title'], $current_user); extract($result); $theme_my_login->errors = $errors; if ($errors->get_error_code()) { $this->signup_another_blog($blogname, $blog_title); break; } $public = (int) $_POST['blog_public']; $meta = apply_filters('signup_create_blog_meta', array('lang_id' => 1, 'public' => $public)); // deprecated $meta = apply_filters('add_signup_meta', $meta); wpmu_create_blog($domain, $path, $blog_title, $current_user->ID, $meta, $wpdb->siteid); ?> <h2><?php printf(__('The site %s is yours.', 'theme-my-login'), "<a href='http://{$domain}{$path}'>{$blog_title}</a>"); ?> </h2> <p> <?php printf(__('<a href="http://%1$s">http://%2$s</a> is your new site. <a href="%3$s">Log in</a> as “%4$s” using your existing password.', 'theme-my-login'), $domain . $path, $domain . $path, "http://" . $domain . $path . "wp-login.php", $current_user->user_login); ?> </p> <?php do_action('signup_finished'); break; case 'default': default: $user_email = isset($_POST['user_email']) ? $_POST['user_email'] : ''; do_action('preprocess_signup_form'); // populate the form from invites, elsewhere? if (is_user_logged_in() && ($active_signup == 'all' || $active_signup == 'blog')) { $this->signup_another_blog($newblogname); } elseif (is_user_logged_in() == false && ($active_signup == 'all' || $active_signup == 'user')) { $this->signup_user($newblogname, $user_email); } elseif (is_user_logged_in() == false && $active_signup == 'blog') { _e('Sorry, new registrations are not allowed at this time.', 'theme-my-login'); } else { _e('You are logged in already. No need to register again!', 'theme-my-login'); } if ($newblogname) { $newblog = get_blogaddress_by_name($newblogname); if ($active_signup == 'blog' || $active_signup == 'all') { printf(__('<p><em>The site you were looking for, <strong>%s</strong> does not exist, but you can create it now!</em></p>', 'theme-my-login'), $newblog); } else { printf(__('<p><em>The site you were looking for, <strong>%s</strong>, does not exist.</em></p>', 'theme-my-login'), $newblog); } } break; } } echo '</div>'; do_action('after_signup_form'); }