/**
* Installs the blog
*
* {@internal Missing Long Description}}
*
* @since 2.1.0
*
* @param string $blog_title Blog title.
* @param string $user_name User's username.
* @param string $user_email User's email.
* @param bool $public Whether blog is public.
* @param null $deprecated Optional. Not used.
* @param string $user_password Optional. User's chosen password. Will default to a random password.
* @return array Array keys 'url', 'user_id', 'password', 'password_message'.
*/
function nxt_install($blog_title, $user_name, $user_email, $public, $deprecated = '', $user_password = '')
{
global $nxt_rewrite;
if (!empty($deprecated)) {
_deprecated_argument(__FUNCTION__, '2.6');
}
nxt_check_mysql_version();
nxt_cache_flush();
make_db_current_silent();
populate_options();
populate_roles();
update_option('blogname', $blog_title);
update_option('admin_email', $user_email);
update_option('blog_public', $public);
$guessurl = nxt_guess_url();
update_option('siteurl', $guessurl);
// If not a public blog, don't ping.
if (!$public) {
update_option('default_pingback_flag', 0);
}
// Create default user. If the user already exists, the user tables are
// being shared among blogs. Just set the role in that case.
$user_id = username_exists($user_name);
$user_password = trim($user_password);
$email_password = false;
if (!$user_id && empty($user_password)) {
$user_password = nxt_generate_password(12, false);
$message = __('<strong><em>Note that password</em></strong> carefully! It is a <em>random</em> password that was generated just for you.');
$user_id = nxt_create_user($user_name, $user_password, $user_email);
update_user_option($user_id, 'default_password_nag', true, true);
$email_password = true;
} else {
if (!$user_id) {
// Password has been provided
$message = '<em>' . __('Your chosen password.') . '</em>';
$user_id = nxt_create_user($user_name, $user_password, $user_email);
} else {
$message = __('User already exists. Password inherited.');
}
}
$user = new nxt_User($user_id);
$user->set_role('administrator');
nxt_install_defaults($user_id);
$nxt_rewrite->flush_rules();
nxt_new_blog_notification($blog_title, $guessurl, $user_id, $email_password ? $user_password : __('The password you chose during the install.'));
nxt_cache_flush();
return array('url' => $guessurl, 'user_id' => $user_id, 'password' => $user_password, 'password_message' => $message);
}
function M_Membership($id, $name = '')
{
global $nxtdb;
if ($id != 0) {
parent::__construct($id, $name);
}
$this->db =& $nxtdb;
foreach ($this->tables as $table) {
$this->{$table} = membership_db_prefix($this->db, $table);
}
$this->transition_through_subscription();
}
/**
* Remove all capabilities from user.
*
* @since 2.1.0
*
* @param int $id User ID.
*/
function nxt_revoke_user($id)
{
$id = (int) $id;
$user = new nxt_User($id);
$user->remove_all_caps();
}
/**
* @deprecated 3.1.0
*
* @param int $user_id User ID.
* @param bool $exclude_zeros Optional, default is true. Whether to exclude zeros.
* @return unknown
*/
function get_editable_user_ids($user_id, $exclude_zeros = true, $post_type = 'post')
{
_deprecated_function(__FUNCTION__, '3.1', 'get_users()');
global $nxtdb;
$user = new nxt_User($user_id);
$post_type_obj = get_post_type_object($post_type);
if (!$user->has_cap($post_type_obj->cap->edit_others_posts)) {
if ($user->has_cap($post_type_obj->cap->edit_posts) || !$exclude_zeros) {
return array($user->ID);
} else {
return array();
}
}
if (!is_multisite()) {
$level_key = $nxtdb->get_blog_prefix() . 'user_level';
} else {
$level_key = $nxtdb->get_blog_prefix() . 'capabilities';
}
// nxtmu site admins don't have user_levels
$query = $nxtdb->prepare("SELECT user_id FROM {$nxtdb->usermeta} WHERE meta_key = %s", $level_key);
if ($exclude_zeros) {
$query .= " AND meta_value != '0'";
}
return $nxtdb->get_col($query);
}
for ($j = 0; $j < 12; $j++) {
if ($ddate_m == $dmonths[$j]) {
$ddate_m = $j + 1;
}
}
$time_zn = intval($date_arr[4]) * 36;
$ddate_U = gmmktime($ddate_H, $ddate_i, $ddate_s, $ddate_m, $ddate_d, $ddate_Y);
$ddate_U = $ddate_U - $time_zn;
$post_date = gmdate('Y-m-d H:i:s', $ddate_U + $time_difference);
$post_date_gmt = gmdate('Y-m-d H:i:s', $ddate_U);
}
}
}
// Set $post_status based on $author_found and on author's publish_posts capability
if ($author_found) {
$user = new nxt_User($post_author);
$post_status = $user->has_cap('publish_posts') ? 'publish' : 'pending';
} else {
// Author not found in DB, set status to pending. Author already set to admin.
$post_status = 'pending';
}
$subject = trim($subject);
if ($content_type == 'multipart/alternative') {
$content = explode('--' . $boundary, $content);
$content = $content[2];
// match case-insensitive content-transfer-encoding
if (preg_match('/Content-Transfer-Encoding: quoted-printable/i', $content, $delim)) {
$content = explode($delim[0], $content);
$content = $content[1];
}
$content = strip_tags($content, '<img><p><br><i><b><u><em><strong><strike><font><span><div>');
/**
* Add OpenID HTML link tags when appropriate.
*/
function openid_provider_link_tags()
{
if (is_front_page()) {
if (!defined('OPENID_DISALLOW_OWNER') || !OPENID_DISALLOW_OWNER) {
$user = get_user_by('login', get_option('openid_blog_owner'));
}
} else {
if (is_author()) {
global $nxt_query;
$user = $nxt_query->get_queried_object();
}
}
if (isset($user) && $user) {
// if user doesn't have capability, bail
$user_object = new nxt_User($user->ID);
if (!$user_object->has_cap('use_openid_provider')) {
return;
}
if (get_user_meta($user->ID, 'openid_delegate', true)) {
$services = get_user_meta($user->ID, 'openid_delegate_services', true);
$openid_1 = false;
$openid_2 = false;
foreach ($services as $service) {
if (!$openid_1 && $service['openid:Delegate']) {
echo '
<link rel="openid.server" href="' . $service['URI'] . '" />
<link rel="openid.delegate" href="' . $service['openid:Delegate'] . '" />';
$openid_1 = true;
}
if (!$openid_2 && $service['LocalID']) {
echo '
<link rel="openid2.provider" href="' . $service['URI'] . '" />
<link rel="openid2.local_id" href="' . $service['LocalID'] . '" />';
$openid_2 = true;
}
}
} else {
$server = openid_server_url();
$identifier = get_author_posts_url($user->ID);
echo '
<link rel="openid2.provider" href="' . $server . '" />
<link rel="openid2.local_id" href="' . $identifier . '" />
<link rel="openid.server" href="' . $server . '" />
<link rel="openid.delegate" href="' . $identifier . '" />';
}
}
}
/**
* has_student_caps( $user_id )
*
* Checks if $user_id has response management capabilities
*
* @param Int $user_id ID of the user capabilities to be checked, default null
* @return True if $user_id is eligible and False if not.
*/
function has_student_caps($user_id = null)
{
global $bp;
if (!$user_id) {
$user_id = $bp->loggedin_user->id;
}
$user_role = xprofile_get_field_data(__('Role'), $user_id);
// Go away teacher
if (__('Student', 'bpsp') != $user_role && !empty($user_role)) {
return false;
}
// Treat super admins
if (is_super_admin($user_id)) {
$this->add_response_caps($user_id);
}
$user = new nxt_User($user_id);
foreach ($this->students_caps as $c) {
if (!$user->has_cap($c)) {
$user->add_cap($c);
}
}
return true;
}
function update_membershipadmin_capability($user_id)
{
$user = new nxt_User($user_id);
if (!empty($_POST['membershipadmin']) && $_POST['membershipadmin'] == 'yes') {
$user->add_cap('membershipadmin');
} else {
$user->remove_cap('membershipadmin');
}
}
case 'promote':
check_admin_referer('bulk-users');
$editable_roles = get_editable_roles();
if (empty($editable_roles[$_REQUEST['new_role']])) {
nxt_die(__('You can’t give users that role.'));
}
if (isset($_REQUEST['users'])) {
$userids = $_REQUEST['users'];
$update = 'promote';
foreach ($userids as $user_id) {
$user_id = (int) $user_id;
// If the user doesn't already belong to the blog, bail.
if (!is_user_member_of_blog($user_id)) {
nxt_die(__('Cheatin’ uh?'));
}
$user = new nxt_User($user_id);
$user->set_role($_REQUEST['new_role']);
}
} else {
$update = 'err_promote';
}
break;
}
restore_current_blog();
nxt_safe_redirect(add_query_arg('update', $update, $referer));
exit;
}
if (isset($_GET['action']) && 'update-site' == $_GET['action']) {
nxt_safe_redirect($referer);
exit;
}
/**
* Retrieve user info by a given field
*
* @since 2.8.0
*
* @param string $field The field to retrieve the user with. id | slug | email | login
* @param int|string $value A value for $field. A user ID, slug, email address, or login name.
* @return bool|object False on failure, nxt_User object on success
*/
function get_user_by($field, $value)
{
$userdata = nxt_User::get_data_by($field, $value);
if (!$userdata) {
return false;
}
$user = new nxt_User();
$user->init($userdata);
return $user;
}
/**
* Create a new NXTClass user with the specified identity URL and user data.
*
* @param string $identity_url OpenID to associate with the newly
* created account
* @param array $user_data array of user data
*/
function openid_create_new_user($identity_url, &$user_data)
{
global $nxtdb;
// Identity URL is new, so create a user
@(include_once ABSPATH . 'nxt-admin/upgrade-functions.php');
// 2.1
@(include_once ABSPATH . nxtINC . '/registration-functions.php');
// 2.0.4
// otherwise, try to use preferred username
if (empty($username) && array_key_exists('nickname', $user_data)) {
$username = openid_generate_new_username($user_data['nickname'], false);
}
// finally, build username from OpenID URL
if (empty($username)) {
$username = openid_generate_new_username($identity_url);
}
$user_data['user_login'] = $username;
$user_data['user_pass'] = substr(md5(uniqid(microtime())), 0, 7);
$user_id = nxt_insert_user($user_data);
if ($user_id) {
// created ok
$user_data['ID'] = $user_id;
// XXX this all looks redundant, see openid_set_current_user
$user = new nxt_User($user_id);
if (!nxt_login($user->user_login, $user_data['user_pass'])) {
openid_message(__('User was created fine, but nxt_login() for the new user failed. This is probably a bug.', 'openid'));
openid_status('error');
openid_error(openid_message());
return;
}
// notify of user creation
nxt_new_user_notification($user->user_login);
nxt_clearcookie();
nxt_setcookie($user->user_login, md5($user->user_pass), true, '', '', true);
// Bind the provided identity to the just-created user
openid_add_user_identity($user_id, $identity_url);
openid_status('redirect');
if (!$user->has_cap('edit_posts')) {
$redirect_to = '/nxt-admin/profile.php';
}
} else {
// failed to create user for some reason.
openid_message(__('OpenID authentication successful, but failed to create NXTClass user. This is probably a bug.', 'openid'));
openid_status('error');
openid_error(openid_message());
}
}
/**
* Insert an user into the database.
*
* Can update a current user or insert a new user based on whether the user's ID
* is present.
*
* Can be used to update the user's info (see below), set the user's role, and
* set the user's preference on whether they want the rich editor on.
*
* Most of the $userdata array fields have filters associated with the values.
* The exceptions are 'rich_editing', 'role', 'jabber', 'aim', 'yim',
* 'user_registered', and 'ID'. The filters have the prefix 'pre_user_' followed
* by the field name. An example using 'description' would have the filter
* called, 'pre_user_description' that can be hooked into.
*
* The $userdata array can contain the following fields:
* 'ID' - An integer that will be used for updating an existing user.
* 'user_pass' - A string that contains the plain text password for the user.
* 'user_login' - A string that contains the user's username for logging in.
* 'user_nicename' - A string that contains a nicer looking name for the user.
* The default is the user's username.
* 'user_url' - A string containing the user's URL for the user's web site.
* 'user_email' - A string containing the user's email address.
* 'display_name' - A string that will be shown on the site. Defaults to user's
* username. It is likely that you will want to change this, for appearance.
* 'nickname' - The user's nickname, defaults to the user's username.
* 'first_name' - The user's first name.
* 'last_name' - The user's last name.
* 'description' - A string containing content about the user.
* 'rich_editing' - A string for whether to enable the rich editor. False
* if not empty.
* 'user_registered' - The date the user registered. Format is 'Y-m-d H:i:s'.
* 'role' - A string used to set the user's role.
* 'jabber' - User's Jabber account.
* 'aim' - User's AOL IM account.
* 'yim' - User's Yahoo IM account.
*
* @since 2.0.0
* @uses $nxtdb NXTClass database layer.
* @uses apply_filters() Calls filters for most of the $userdata fields with the prefix 'pre_user'. See note above.
* @uses do_action() Calls 'profile_update' hook when updating giving the user's ID
* @uses do_action() Calls 'user_register' hook when creating a new user giving the user's ID
*
* @param array $userdata An array of user data.
* @return int|nxt_Error The newly created user's ID or a nxt_Error object if the user could not be created.
*/
function nxt_insert_user($userdata)
{
global $nxtdb;
extract($userdata, EXTR_SKIP);
// Are we updating or creating?
if (!empty($ID)) {
$ID = (int) $ID;
$update = true;
$old_user_data = nxt_User::get_data_by('id', $ID);
} else {
$update = false;
// Hash the password
$user_pass = nxt_hash_password($user_pass);
}
$user_login = sanitize_user($user_login, true);
$user_login = apply_filters('pre_user_login', $user_login);
//Remove any non-printable chars from the login string to see if we have ended up with an empty username
$user_login = trim($user_login);
if (empty($user_login)) {
return new nxt_Error('empty_user_login', __('Cannot create a user with an empty login name.'));
}
if (!$update && username_exists($user_login)) {
return new nxt_Error('existing_user_login', __('This username is already registered.'));
}
if (empty($user_nicename)) {
$user_nicename = sanitize_title($user_login);
}
$user_nicename = apply_filters('pre_user_nicename', $user_nicename);
if (empty($user_url)) {
$user_url = '';
}
$user_url = apply_filters('pre_user_url', $user_url);
if (empty($user_email)) {
$user_email = '';
}
$user_email = apply_filters('pre_user_email', $user_email);
if (!$update && !defined('nxt_IMPORTING') && email_exists($user_email)) {
return new nxt_Error('existing_user_email', __('This email address is already registered.'));
}
if (empty($display_name)) {
$display_name = $user_login;
}
$display_name = apply_filters('pre_user_display_name', $display_name);
if (empty($nickname)) {
$nickname = $user_login;
}
$nickname = apply_filters('pre_user_nickname', $nickname);
if (empty($first_name)) {
$first_name = '';
}
$first_name = apply_filters('pre_user_first_name', $first_name);
if (empty($last_name)) {
$last_name = '';
}
$last_name = apply_filters('pre_user_last_name', $last_name);
if (empty($description)) {
$description = '';
}
$description = apply_filters('pre_user_description', $description);
if (empty($rich_editing)) {
$rich_editing = 'true';
}
if (empty($comment_shortcuts)) {
$comment_shortcuts = 'false';
}
if (empty($admin_color)) {
$admin_color = 'fresh';
}
$admin_color = preg_replace('|[^a-z0-9 _.\\-@]|i', '', $admin_color);
if (empty($use_ssl)) {
$use_ssl = 0;
}
if (empty($user_registered)) {
$user_registered = gmdate('Y-m-d H:i:s');
}
if (empty($show_admin_bar_front)) {
$show_admin_bar_front = 'true';
}
$user_nicename_check = $nxtdb->get_var($nxtdb->prepare("SELECT ID FROM {$nxtdb->users} WHERE user_nicename = %s AND user_login != %s LIMIT 1", $user_nicename, $user_login));
if ($user_nicename_check) {
$suffix = 2;
while ($user_nicename_check) {
$alt_user_nicename = $user_nicename . "-{$suffix}";
$user_nicename_check = $nxtdb->get_var($nxtdb->prepare("SELECT ID FROM {$nxtdb->users} WHERE user_nicename = %s AND user_login != %s LIMIT 1", $alt_user_nicename, $user_login));
$suffix++;
}
$user_nicename = $alt_user_nicename;
}
$data = compact('user_pass', 'user_email', 'user_url', 'user_nicename', 'display_name', 'user_registered');
$data = stripslashes_deep($data);
if ($update) {
$nxtdb->update($nxtdb->users, $data, compact('ID'));
$user_id = (int) $ID;
} else {
$nxtdb->insert($nxtdb->users, $data + compact('user_login'));
$user_id = (int) $nxtdb->insert_id;
}
$user = new nxt_User($user_id);
foreach (_get_additional_user_keys($user) as $key) {
if (isset(${$key})) {
update_user_meta($user_id, $key, ${$key});
}
}
if (isset($role)) {
$user->set_role($role);
} elseif (!$update) {
$user->set_role(get_option('default_role'));
}
nxt_cache_delete($user_id, 'users');
nxt_cache_delete($user_login, 'userlogins');
if ($update) {
do_action('profile_update', $user_id, $old_user_data);
} else {
do_action('user_register', $user_id);
}
return $user_id;
}
/**
* Remove a user from a blog.
*
* Use the 'remove_user_from_blog' action to fire an event when
* users are removed from a blog.
*
* Accepts an optional $reassign parameter, if you want to
* reassign the user's blog posts to another user upon removal.
*
* @since MU 1.0
*
* @param int $user_id ID of the user you're removing.
* @param int $blog_id ID of the blog you're removing the user from.
* @param string $reassign Optional. A user to whom to reassign posts.
* @return bool
*/
function remove_user_from_blog($user_id, $blog_id = '', $reassign = '')
{
global $nxtdb;
switch_to_blog($blog_id);
$user_id = (int) $user_id;
do_action('remove_user_from_blog', $user_id, $blog_id);
// If being removed from the primary blog, set a new primary if the user is assigned
// to multiple blogs.
$primary_blog = get_user_meta($user_id, 'primary_blog', true);
if ($primary_blog == $blog_id) {
$new_id = '';
$new_domain = '';
$blogs = get_blogs_of_user($user_id);
foreach ((array) $blogs as $blog) {
if ($blog->userblog_id == $blog_id) {
continue;
}
$new_id = $blog->userblog_id;
$new_domain = $blog->domain;
break;
}
update_user_meta($user_id, 'primary_blog', $new_id);
update_user_meta($user_id, 'source_domain', $new_domain);
}
// nxt_revoke_user($user_id);
$user = new nxt_User($user_id);
if (empty($user->ID)) {
restore_current_blog();
return new nxt_Error('user_does_not_exist', __('That user does not exist.'));
}
$user->remove_all_caps();
$blogs = get_blogs_of_user($user_id);
if (count($blogs) == 0) {
update_user_meta($user_id, 'primary_blog', '');
update_user_meta($user_id, 'source_domain', '');
}
if ($reassign != '') {
$reassign = (int) $reassign;
$nxtdb->query($nxtdb->prepare("UPDATE {$nxtdb->posts} SET post_author = %d WHERE post_author = %d", $reassign, $user_id));
$nxtdb->query($nxtdb->prepare("UPDATE {$nxtdb->links} SET link_owner = %d WHERE link_owner = %d", $reassign, $user_id));
}
restore_current_blog();
return true;
}
/**
* Constructor
*
* Retrieves the userdata and passes it to {@link nxt_User::init()}.
*
* @since 2.0.0
* @access public
*
* @param int|string $id User's ID
* @param string $name Optional. User's username
* @param int $blog_id Optional Blog ID, defaults to current blog.
* @return nxt_User
*/
function __construct($id = 0, $name = '', $blog_id = '')
{
if (!isset(self::$back_compat_keys)) {
$prefix = $GLOBALS['nxtdb']->prefix;
self::$back_compat_keys = array('user_firstname' => 'first_name', 'user_lastname' => 'last_name', 'user_description' => 'description', 'user_level' => $prefix . 'user_level', $prefix . 'usersettings' => $prefix . 'user-settings', $prefix . 'usersettingstime' => $prefix . 'user-settings-time');
}
if (!empty($id) && !is_numeric($id)) {
$name = $id;
$id = 0;
}
if ($id) {
$data = self::get_data_by('id', $id);
} else {
$data = self::get_data_by('login', $name);
}
if ($data) {
$this->init($data, $blog_id);
}
}
/**
* has_grade_caps( $user_id )
*
* Checks if $user_id has grade management capabilities
*
* @param Int $user_id ID of the user capabilities to be checked
* @return True if $user_id is eligible and False if not.
*/
function has_gradebook_caps($user_id)
{
$is_ok = true;
//Treat super admins
if (is_super_admin($user_id)) {
$this->add_grade_caps($user_id);
}
$user = new nxt_User($user_id);
foreach ($this->caps as $c) {
if (!$user->has_cap($c)) {
$is_ok = false;
}
}
if (!get_option('bpsp_allow_only_admins')) {
if (!bp_group_is_admin()) {
$is_ok = false;
}
}
return $is_ok;
}
/**
* Function for safely deleting a role and transferring the deleted role's users to the default role. Note that
* this function can be extremely intensive. Whenever a role is deleted, it's best for the site admin to assign
* the user's of the role to a different role beforehand.
*
* @since 0.2.0
* @param string $role The name of the role to delete.
*/
function members_delete_role($role)
{
/* Get the default role. */
$default_role = get_option('default_role');
/* Don't delete the default role. Site admins should change the default before attempting to delete the role. */
if ($role == $default_role) {
return;
}
/* Get all users with the role to be deleted. */
$users = get_users(array('role' => $role));
/* Check if there are any users with the role we're deleting. */
if (is_array($users)) {
/* If users are found, loop through them. */
foreach ($users as $user) {
/* Create a new user object. */
$new_user = new nxt_User($user->ID);
/* If the user has the role, remove it and set the default. Do we need this check? */
if ($new_user->has_cap($role)) {
$new_user->remove_role($role);
$new_user->set_role($default_role);
}
}
}
/* Remove the role. */
remove_role($role);
}
/**
* Validates whether this comment is allowed to be made.
*
* @since 2.0.0
* @uses $nxtdb
* @uses apply_filters() Calls 'pre_comment_approved' hook on the type of comment
* @uses apply_filters() Calls 'comment_duplicate_trigger' hook on commentdata.
* @uses do_action() Calls 'check_comment_flood' hook on $comment_author_IP, $comment_author_email, and $comment_date_gmt
*
* @param array $commentdata Contains information on the comment
* @return mixed Signifies the approval status (0|1|'spam')
*/
function nxt_allow_comment($commentdata)
{
global $nxtdb;
extract($commentdata, EXTR_SKIP);
// Simple duplicate check
// expected_slashed ($comment_post_ID, $comment_author, $comment_author_email, $comment_content)
$dupe = "SELECT comment_ID FROM {$nxtdb->comments} WHERE comment_post_ID = '{$comment_post_ID}' AND comment_approved != 'trash' AND ( comment_author = '{$comment_author}' ";
if ($comment_author_email) {
$dupe .= "OR comment_author_email = '{$comment_author_email}' ";
}
$dupe .= ") AND comment_content = '{$comment_content}' LIMIT 1";
if ($nxtdb->get_var($dupe)) {
do_action('comment_duplicate_trigger', $commentdata);
if (defined('DOING_AJAX')) {
die(__('Duplicate comment detected; it looks as though you’ve already said that!'));
}
nxt_die(__('Duplicate comment detected; it looks as though you’ve already said that!'));
}
do_action('check_comment_flood', $comment_author_IP, $comment_author_email, $comment_date_gmt);
if (isset($user_id) && $user_id) {
$userdata = get_userdata($user_id);
$user = new nxt_User($user_id);
$post_author = $nxtdb->get_var($nxtdb->prepare("SELECT post_author FROM {$nxtdb->posts} WHERE ID = %d LIMIT 1", $comment_post_ID));
}
if (isset($userdata) && ($user_id == $post_author || $user->has_cap('moderate_comments'))) {
// The author and the admins get respect.
$approved = 1;
} else {
// Everyone else's comments will be checked.
if (check_comment($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent, $comment_type)) {
$approved = 1;
} else {
$approved = 0;
}
if (nxt_blacklist_check($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent)) {
$approved = 'spam';
}
}
$approved = apply_filters('pre_comment_approved', $approved, $commentdata);
return $approved;
}
