/** * Installs the blog * * {@internal Missing Long Description}} * * @since 2.1.0 * * @param string $blog_title Blog title. * @param string $user_name User's username. * @param string $user_email User's email. * @param bool $public Whether blog is public. * @param null $deprecated Optional. Not used. * @param string $user_password Optional. User's chosen password. Will default to a random password. * @return array Array keys 'url', 'user_id', 'password', 'password_message'. */ function nxt_install($blog_title, $user_name, $user_email, $public, $deprecated = '', $user_password = '') { global $nxt_rewrite; if (!empty($deprecated)) { _deprecated_argument(__FUNCTION__, '2.6'); } nxt_check_mysql_version(); nxt_cache_flush(); make_db_current_silent(); populate_options(); populate_roles(); update_option('blogname', $blog_title); update_option('admin_email', $user_email); update_option('blog_public', $public); $guessurl = nxt_guess_url(); update_option('siteurl', $guessurl); // If not a public blog, don't ping. if (!$public) { update_option('default_pingback_flag', 0); } // Create default user. If the user already exists, the user tables are // being shared among blogs. Just set the role in that case. $user_id = username_exists($user_name); $user_password = trim($user_password); $email_password = false; if (!$user_id && empty($user_password)) { $user_password = nxt_generate_password(12, false); $message = __('<strong><em>Note that password</em></strong> carefully! It is a <em>random</em> password that was generated just for you.'); $user_id = nxt_create_user($user_name, $user_password, $user_email); update_user_option($user_id, 'default_password_nag', true, true); $email_password = true; } else { if (!$user_id) { // Password has been provided $message = '<em>' . __('Your chosen password.') . '</em>'; $user_id = nxt_create_user($user_name, $user_password, $user_email); } else { $message = __('User already exists. Password inherited.'); } } $user = new nxt_User($user_id); $user->set_role('administrator'); nxt_install_defaults($user_id); $nxt_rewrite->flush_rules(); nxt_new_blog_notification($blog_title, $guessurl, $user_id, $email_password ? $user_password : __('The password you chose during the install.')); nxt_cache_flush(); return array('url' => $guessurl, 'user_id' => $user_id, 'password' => $user_password, 'password_message' => $message); }
function M_Membership($id, $name = '') { global $nxtdb; if ($id != 0) { parent::__construct($id, $name); } $this->db =& $nxtdb; foreach ($this->tables as $table) { $this->{$table} = membership_db_prefix($this->db, $table); } $this->transition_through_subscription(); }
/** * Remove all capabilities from user. * * @since 2.1.0 * * @param int $id User ID. */ function nxt_revoke_user($id) { $id = (int) $id; $user = new nxt_User($id); $user->remove_all_caps(); }
/** * @deprecated 3.1.0 * * @param int $user_id User ID. * @param bool $exclude_zeros Optional, default is true. Whether to exclude zeros. * @return unknown */ function get_editable_user_ids($user_id, $exclude_zeros = true, $post_type = 'post') { _deprecated_function(__FUNCTION__, '3.1', 'get_users()'); global $nxtdb; $user = new nxt_User($user_id); $post_type_obj = get_post_type_object($post_type); if (!$user->has_cap($post_type_obj->cap->edit_others_posts)) { if ($user->has_cap($post_type_obj->cap->edit_posts) || !$exclude_zeros) { return array($user->ID); } else { return array(); } } if (!is_multisite()) { $level_key = $nxtdb->get_blog_prefix() . 'user_level'; } else { $level_key = $nxtdb->get_blog_prefix() . 'capabilities'; } // nxtmu site admins don't have user_levels $query = $nxtdb->prepare("SELECT user_id FROM {$nxtdb->usermeta} WHERE meta_key = %s", $level_key); if ($exclude_zeros) { $query .= " AND meta_value != '0'"; } return $nxtdb->get_col($query); }
for ($j = 0; $j < 12; $j++) { if ($ddate_m == $dmonths[$j]) { $ddate_m = $j + 1; } } $time_zn = intval($date_arr[4]) * 36; $ddate_U = gmmktime($ddate_H, $ddate_i, $ddate_s, $ddate_m, $ddate_d, $ddate_Y); $ddate_U = $ddate_U - $time_zn; $post_date = gmdate('Y-m-d H:i:s', $ddate_U + $time_difference); $post_date_gmt = gmdate('Y-m-d H:i:s', $ddate_U); } } } // Set $post_status based on $author_found and on author's publish_posts capability if ($author_found) { $user = new nxt_User($post_author); $post_status = $user->has_cap('publish_posts') ? 'publish' : 'pending'; } else { // Author not found in DB, set status to pending. Author already set to admin. $post_status = 'pending'; } $subject = trim($subject); if ($content_type == 'multipart/alternative') { $content = explode('--' . $boundary, $content); $content = $content[2]; // match case-insensitive content-transfer-encoding if (preg_match('/Content-Transfer-Encoding: quoted-printable/i', $content, $delim)) { $content = explode($delim[0], $content); $content = $content[1]; } $content = strip_tags($content, '<img><p><br><i><b><u><em><strong><strike><font><span><div>');
/** * Add OpenID HTML link tags when appropriate. */ function openid_provider_link_tags() { if (is_front_page()) { if (!defined('OPENID_DISALLOW_OWNER') || !OPENID_DISALLOW_OWNER) { $user = get_user_by('login', get_option('openid_blog_owner')); } } else { if (is_author()) { global $nxt_query; $user = $nxt_query->get_queried_object(); } } if (isset($user) && $user) { // if user doesn't have capability, bail $user_object = new nxt_User($user->ID); if (!$user_object->has_cap('use_openid_provider')) { return; } if (get_user_meta($user->ID, 'openid_delegate', true)) { $services = get_user_meta($user->ID, 'openid_delegate_services', true); $openid_1 = false; $openid_2 = false; foreach ($services as $service) { if (!$openid_1 && $service['openid:Delegate']) { echo ' <link rel="openid.server" href="' . $service['URI'] . '" /> <link rel="openid.delegate" href="' . $service['openid:Delegate'] . '" />'; $openid_1 = true; } if (!$openid_2 && $service['LocalID']) { echo ' <link rel="openid2.provider" href="' . $service['URI'] . '" /> <link rel="openid2.local_id" href="' . $service['LocalID'] . '" />'; $openid_2 = true; } } } else { $server = openid_server_url(); $identifier = get_author_posts_url($user->ID); echo ' <link rel="openid2.provider" href="' . $server . '" /> <link rel="openid2.local_id" href="' . $identifier . '" /> <link rel="openid.server" href="' . $server . '" /> <link rel="openid.delegate" href="' . $identifier . '" />'; } } }
/** * has_student_caps( $user_id ) * * Checks if $user_id has response management capabilities * * @param Int $user_id ID of the user capabilities to be checked, default null * @return True if $user_id is eligible and False if not. */ function has_student_caps($user_id = null) { global $bp; if (!$user_id) { $user_id = $bp->loggedin_user->id; } $user_role = xprofile_get_field_data(__('Role'), $user_id); // Go away teacher if (__('Student', 'bpsp') != $user_role && !empty($user_role)) { return false; } // Treat super admins if (is_super_admin($user_id)) { $this->add_response_caps($user_id); } $user = new nxt_User($user_id); foreach ($this->students_caps as $c) { if (!$user->has_cap($c)) { $user->add_cap($c); } } return true; }
function update_membershipadmin_capability($user_id) { $user = new nxt_User($user_id); if (!empty($_POST['membershipadmin']) && $_POST['membershipadmin'] == 'yes') { $user->add_cap('membershipadmin'); } else { $user->remove_cap('membershipadmin'); } }
case 'promote': check_admin_referer('bulk-users'); $editable_roles = get_editable_roles(); if (empty($editable_roles[$_REQUEST['new_role']])) { nxt_die(__('You can’t give users that role.')); } if (isset($_REQUEST['users'])) { $userids = $_REQUEST['users']; $update = 'promote'; foreach ($userids as $user_id) { $user_id = (int) $user_id; // If the user doesn't already belong to the blog, bail. if (!is_user_member_of_blog($user_id)) { nxt_die(__('Cheatin’ uh?')); } $user = new nxt_User($user_id); $user->set_role($_REQUEST['new_role']); } } else { $update = 'err_promote'; } break; } restore_current_blog(); nxt_safe_redirect(add_query_arg('update', $update, $referer)); exit; } if (isset($_GET['action']) && 'update-site' == $_GET['action']) { nxt_safe_redirect($referer); exit; }
/** * Retrieve user info by a given field * * @since 2.8.0 * * @param string $field The field to retrieve the user with. id | slug | email | login * @param int|string $value A value for $field. A user ID, slug, email address, or login name. * @return bool|object False on failure, nxt_User object on success */ function get_user_by($field, $value) { $userdata = nxt_User::get_data_by($field, $value); if (!$userdata) { return false; } $user = new nxt_User(); $user->init($userdata); return $user; }
/** * Create a new NXTClass user with the specified identity URL and user data. * * @param string $identity_url OpenID to associate with the newly * created account * @param array $user_data array of user data */ function openid_create_new_user($identity_url, &$user_data) { global $nxtdb; // Identity URL is new, so create a user @(include_once ABSPATH . 'nxt-admin/upgrade-functions.php'); // 2.1 @(include_once ABSPATH . nxtINC . '/registration-functions.php'); // 2.0.4 // otherwise, try to use preferred username if (empty($username) && array_key_exists('nickname', $user_data)) { $username = openid_generate_new_username($user_data['nickname'], false); } // finally, build username from OpenID URL if (empty($username)) { $username = openid_generate_new_username($identity_url); } $user_data['user_login'] = $username; $user_data['user_pass'] = substr(md5(uniqid(microtime())), 0, 7); $user_id = nxt_insert_user($user_data); if ($user_id) { // created ok $user_data['ID'] = $user_id; // XXX this all looks redundant, see openid_set_current_user $user = new nxt_User($user_id); if (!nxt_login($user->user_login, $user_data['user_pass'])) { openid_message(__('User was created fine, but nxt_login() for the new user failed. This is probably a bug.', 'openid')); openid_status('error'); openid_error(openid_message()); return; } // notify of user creation nxt_new_user_notification($user->user_login); nxt_clearcookie(); nxt_setcookie($user->user_login, md5($user->user_pass), true, '', '', true); // Bind the provided identity to the just-created user openid_add_user_identity($user_id, $identity_url); openid_status('redirect'); if (!$user->has_cap('edit_posts')) { $redirect_to = '/nxt-admin/profile.php'; } } else { // failed to create user for some reason. openid_message(__('OpenID authentication successful, but failed to create NXTClass user. This is probably a bug.', 'openid')); openid_status('error'); openid_error(openid_message()); } }
/** * Insert an user into the database. * * Can update a current user or insert a new user based on whether the user's ID * is present. * * Can be used to update the user's info (see below), set the user's role, and * set the user's preference on whether they want the rich editor on. * * Most of the $userdata array fields have filters associated with the values. * The exceptions are 'rich_editing', 'role', 'jabber', 'aim', 'yim', * 'user_registered', and 'ID'. The filters have the prefix 'pre_user_' followed * by the field name. An example using 'description' would have the filter * called, 'pre_user_description' that can be hooked into. * * The $userdata array can contain the following fields: * 'ID' - An integer that will be used for updating an existing user. * 'user_pass' - A string that contains the plain text password for the user. * 'user_login' - A string that contains the user's username for logging in. * 'user_nicename' - A string that contains a nicer looking name for the user. * The default is the user's username. * 'user_url' - A string containing the user's URL for the user's web site. * 'user_email' - A string containing the user's email address. * 'display_name' - A string that will be shown on the site. Defaults to user's * username. It is likely that you will want to change this, for appearance. * 'nickname' - The user's nickname, defaults to the user's username. * 'first_name' - The user's first name. * 'last_name' - The user's last name. * 'description' - A string containing content about the user. * 'rich_editing' - A string for whether to enable the rich editor. False * if not empty. * 'user_registered' - The date the user registered. Format is 'Y-m-d H:i:s'. * 'role' - A string used to set the user's role. * 'jabber' - User's Jabber account. * 'aim' - User's AOL IM account. * 'yim' - User's Yahoo IM account. * * @since 2.0.0 * @uses $nxtdb NXTClass database layer. * @uses apply_filters() Calls filters for most of the $userdata fields with the prefix 'pre_user'. See note above. * @uses do_action() Calls 'profile_update' hook when updating giving the user's ID * @uses do_action() Calls 'user_register' hook when creating a new user giving the user's ID * * @param array $userdata An array of user data. * @return int|nxt_Error The newly created user's ID or a nxt_Error object if the user could not be created. */ function nxt_insert_user($userdata) { global $nxtdb; extract($userdata, EXTR_SKIP); // Are we updating or creating? if (!empty($ID)) { $ID = (int) $ID; $update = true; $old_user_data = nxt_User::get_data_by('id', $ID); } else { $update = false; // Hash the password $user_pass = nxt_hash_password($user_pass); } $user_login = sanitize_user($user_login, true); $user_login = apply_filters('pre_user_login', $user_login); //Remove any non-printable chars from the login string to see if we have ended up with an empty username $user_login = trim($user_login); if (empty($user_login)) { return new nxt_Error('empty_user_login', __('Cannot create a user with an empty login name.')); } if (!$update && username_exists($user_login)) { return new nxt_Error('existing_user_login', __('This username is already registered.')); } if (empty($user_nicename)) { $user_nicename = sanitize_title($user_login); } $user_nicename = apply_filters('pre_user_nicename', $user_nicename); if (empty($user_url)) { $user_url = ''; } $user_url = apply_filters('pre_user_url', $user_url); if (empty($user_email)) { $user_email = ''; } $user_email = apply_filters('pre_user_email', $user_email); if (!$update && !defined('nxt_IMPORTING') && email_exists($user_email)) { return new nxt_Error('existing_user_email', __('This email address is already registered.')); } if (empty($display_name)) { $display_name = $user_login; } $display_name = apply_filters('pre_user_display_name', $display_name); if (empty($nickname)) { $nickname = $user_login; } $nickname = apply_filters('pre_user_nickname', $nickname); if (empty($first_name)) { $first_name = ''; } $first_name = apply_filters('pre_user_first_name', $first_name); if (empty($last_name)) { $last_name = ''; } $last_name = apply_filters('pre_user_last_name', $last_name); if (empty($description)) { $description = ''; } $description = apply_filters('pre_user_description', $description); if (empty($rich_editing)) { $rich_editing = 'true'; } if (empty($comment_shortcuts)) { $comment_shortcuts = 'false'; } if (empty($admin_color)) { $admin_color = 'fresh'; } $admin_color = preg_replace('|[^a-z0-9 _.\\-@]|i', '', $admin_color); if (empty($use_ssl)) { $use_ssl = 0; } if (empty($user_registered)) { $user_registered = gmdate('Y-m-d H:i:s'); } if (empty($show_admin_bar_front)) { $show_admin_bar_front = 'true'; } $user_nicename_check = $nxtdb->get_var($nxtdb->prepare("SELECT ID FROM {$nxtdb->users} WHERE user_nicename = %s AND user_login != %s LIMIT 1", $user_nicename, $user_login)); if ($user_nicename_check) { $suffix = 2; while ($user_nicename_check) { $alt_user_nicename = $user_nicename . "-{$suffix}"; $user_nicename_check = $nxtdb->get_var($nxtdb->prepare("SELECT ID FROM {$nxtdb->users} WHERE user_nicename = %s AND user_login != %s LIMIT 1", $alt_user_nicename, $user_login)); $suffix++; } $user_nicename = $alt_user_nicename; } $data = compact('user_pass', 'user_email', 'user_url', 'user_nicename', 'display_name', 'user_registered'); $data = stripslashes_deep($data); if ($update) { $nxtdb->update($nxtdb->users, $data, compact('ID')); $user_id = (int) $ID; } else { $nxtdb->insert($nxtdb->users, $data + compact('user_login')); $user_id = (int) $nxtdb->insert_id; } $user = new nxt_User($user_id); foreach (_get_additional_user_keys($user) as $key) { if (isset(${$key})) { update_user_meta($user_id, $key, ${$key}); } } if (isset($role)) { $user->set_role($role); } elseif (!$update) { $user->set_role(get_option('default_role')); } nxt_cache_delete($user_id, 'users'); nxt_cache_delete($user_login, 'userlogins'); if ($update) { do_action('profile_update', $user_id, $old_user_data); } else { do_action('user_register', $user_id); } return $user_id; }
/** * Remove a user from a blog. * * Use the 'remove_user_from_blog' action to fire an event when * users are removed from a blog. * * Accepts an optional $reassign parameter, if you want to * reassign the user's blog posts to another user upon removal. * * @since MU 1.0 * * @param int $user_id ID of the user you're removing. * @param int $blog_id ID of the blog you're removing the user from. * @param string $reassign Optional. A user to whom to reassign posts. * @return bool */ function remove_user_from_blog($user_id, $blog_id = '', $reassign = '') { global $nxtdb; switch_to_blog($blog_id); $user_id = (int) $user_id; do_action('remove_user_from_blog', $user_id, $blog_id); // If being removed from the primary blog, set a new primary if the user is assigned // to multiple blogs. $primary_blog = get_user_meta($user_id, 'primary_blog', true); if ($primary_blog == $blog_id) { $new_id = ''; $new_domain = ''; $blogs = get_blogs_of_user($user_id); foreach ((array) $blogs as $blog) { if ($blog->userblog_id == $blog_id) { continue; } $new_id = $blog->userblog_id; $new_domain = $blog->domain; break; } update_user_meta($user_id, 'primary_blog', $new_id); update_user_meta($user_id, 'source_domain', $new_domain); } // nxt_revoke_user($user_id); $user = new nxt_User($user_id); if (empty($user->ID)) { restore_current_blog(); return new nxt_Error('user_does_not_exist', __('That user does not exist.')); } $user->remove_all_caps(); $blogs = get_blogs_of_user($user_id); if (count($blogs) == 0) { update_user_meta($user_id, 'primary_blog', ''); update_user_meta($user_id, 'source_domain', ''); } if ($reassign != '') { $reassign = (int) $reassign; $nxtdb->query($nxtdb->prepare("UPDATE {$nxtdb->posts} SET post_author = %d WHERE post_author = %d", $reassign, $user_id)); $nxtdb->query($nxtdb->prepare("UPDATE {$nxtdb->links} SET link_owner = %d WHERE link_owner = %d", $reassign, $user_id)); } restore_current_blog(); return true; }
/** * Constructor * * Retrieves the userdata and passes it to {@link nxt_User::init()}. * * @since 2.0.0 * @access public * * @param int|string $id User's ID * @param string $name Optional. User's username * @param int $blog_id Optional Blog ID, defaults to current blog. * @return nxt_User */ function __construct($id = 0, $name = '', $blog_id = '') { if (!isset(self::$back_compat_keys)) { $prefix = $GLOBALS['nxtdb']->prefix; self::$back_compat_keys = array('user_firstname' => 'first_name', 'user_lastname' => 'last_name', 'user_description' => 'description', 'user_level' => $prefix . 'user_level', $prefix . 'usersettings' => $prefix . 'user-settings', $prefix . 'usersettingstime' => $prefix . 'user-settings-time'); } if (!empty($id) && !is_numeric($id)) { $name = $id; $id = 0; } if ($id) { $data = self::get_data_by('id', $id); } else { $data = self::get_data_by('login', $name); } if ($data) { $this->init($data, $blog_id); } }
/** * has_grade_caps( $user_id ) * * Checks if $user_id has grade management capabilities * * @param Int $user_id ID of the user capabilities to be checked * @return True if $user_id is eligible and False if not. */ function has_gradebook_caps($user_id) { $is_ok = true; //Treat super admins if (is_super_admin($user_id)) { $this->add_grade_caps($user_id); } $user = new nxt_User($user_id); foreach ($this->caps as $c) { if (!$user->has_cap($c)) { $is_ok = false; } } if (!get_option('bpsp_allow_only_admins')) { if (!bp_group_is_admin()) { $is_ok = false; } } return $is_ok; }
/** * Function for safely deleting a role and transferring the deleted role's users to the default role. Note that * this function can be extremely intensive. Whenever a role is deleted, it's best for the site admin to assign * the user's of the role to a different role beforehand. * * @since 0.2.0 * @param string $role The name of the role to delete. */ function members_delete_role($role) { /* Get the default role. */ $default_role = get_option('default_role'); /* Don't delete the default role. Site admins should change the default before attempting to delete the role. */ if ($role == $default_role) { return; } /* Get all users with the role to be deleted. */ $users = get_users(array('role' => $role)); /* Check if there are any users with the role we're deleting. */ if (is_array($users)) { /* If users are found, loop through them. */ foreach ($users as $user) { /* Create a new user object. */ $new_user = new nxt_User($user->ID); /* If the user has the role, remove it and set the default. Do we need this check? */ if ($new_user->has_cap($role)) { $new_user->remove_role($role); $new_user->set_role($default_role); } } } /* Remove the role. */ remove_role($role); }
/** * Validates whether this comment is allowed to be made. * * @since 2.0.0 * @uses $nxtdb * @uses apply_filters() Calls 'pre_comment_approved' hook on the type of comment * @uses apply_filters() Calls 'comment_duplicate_trigger' hook on commentdata. * @uses do_action() Calls 'check_comment_flood' hook on $comment_author_IP, $comment_author_email, and $comment_date_gmt * * @param array $commentdata Contains information on the comment * @return mixed Signifies the approval status (0|1|'spam') */ function nxt_allow_comment($commentdata) { global $nxtdb; extract($commentdata, EXTR_SKIP); // Simple duplicate check // expected_slashed ($comment_post_ID, $comment_author, $comment_author_email, $comment_content) $dupe = "SELECT comment_ID FROM {$nxtdb->comments} WHERE comment_post_ID = '{$comment_post_ID}' AND comment_approved != 'trash' AND ( comment_author = '{$comment_author}' "; if ($comment_author_email) { $dupe .= "OR comment_author_email = '{$comment_author_email}' "; } $dupe .= ") AND comment_content = '{$comment_content}' LIMIT 1"; if ($nxtdb->get_var($dupe)) { do_action('comment_duplicate_trigger', $commentdata); if (defined('DOING_AJAX')) { die(__('Duplicate comment detected; it looks as though you’ve already said that!')); } nxt_die(__('Duplicate comment detected; it looks as though you’ve already said that!')); } do_action('check_comment_flood', $comment_author_IP, $comment_author_email, $comment_date_gmt); if (isset($user_id) && $user_id) { $userdata = get_userdata($user_id); $user = new nxt_User($user_id); $post_author = $nxtdb->get_var($nxtdb->prepare("SELECT post_author FROM {$nxtdb->posts} WHERE ID = %d LIMIT 1", $comment_post_ID)); } if (isset($userdata) && ($user_id == $post_author || $user->has_cap('moderate_comments'))) { // The author and the admins get respect. $approved = 1; } else { // Everyone else's comments will be checked. if (check_comment($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent, $comment_type)) { $approved = 1; } else { $approved = 0; } if (nxt_blacklist_check($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent)) { $approved = 'spam'; } } $approved = apply_filters('pre_comment_approved', $approved, $commentdata); return $approved; }