/** * AJAX handler for adding a user to a post with a given type * * @param string $type Type of user to add to the post (co_author, reviewer) * @return array Array of data pertaining to user added and JSON data. */ function annowf_add_user($type) { check_ajax_referer('anno_manage_' . $type, '_ajax_nonce-manage-' . $type); $message = 'error'; $html = ''; if (isset($_POST['post_id']) && isset($_POST['user'])) { $user_login = trim($_POST['user']); $user = get_user_by('login', $user_login); // Check if the user already exists if we're adding via email if (empty($user) && anno_is_valid_email($user_login)) { $users = get_users(array('search' => $user_login)); if (!empty($users) && is_array($users)) { $user = $users[0]; } } if (!empty($user)) { $post = get_post($_POST['post_id']); $co_authors = anno_get_authors(absint($_POST['post_id'])); $reviewers = anno_get_reviewers(absint($_POST['post_id'])); if ($type == 'reviewer') { $type_string = _x('reviewer', 'noun describing user', 'anno'); } else { $type_string = _x('co-author', 'noun describing user', 'anno'); } if ($post->post_author == $user->ID) { $html = sprintf(_x('Cannot add author as a %s', 'Adding user error message for article meta box', 'anno'), $type_string); } else { if (in_array($user->ID, $co_authors)) { $html = sprintf(_x('Cannot add %s as %s. User is already a co-author', 'Adding user error message for article meta box', 'anno'), $user->user_login, $type_string); } else { if (in_array($user->ID, $reviewers)) { $html = sprintf(_x('Cannot add %s as %s. User is already a reviewer', 'Adding user error message for article meta box', 'anno'), $user->user_login, $type_string); } else { if (anno_add_user_to_post($type, $user->ID, absint($_POST['post_id']))) { $message = 'success'; ob_start(); annowf_user_li_markup($user, $type); $html = ob_get_contents(); ob_end_clean(); } } } } } else { $html = sprintf(_x('User \'%s\' not found', 'Adding user error message for article meta box', 'anno'), $user_login); } } return array('message' => $message, 'html' => $html, 'user' => $user); }
/** * Ajax response to adding a user to the snapshot */ function anno_snapshot_add_user() { $response = array('result' => '', 'html' => ''); $user_login = trim($_POST['user']); $user = get_user_by('login', $user_login); // Check if the user already exists if we're adding via email if (empty($user) && anno_is_valid_email($user_login)) { $users = get_users(array('search' => $user_login)); if (!empty($users) && is_array($users)) { $user = $users[0]; } } if (!empty($user)) { $user_data = anno_snapshot_user_data($user->ID); $response['html'] = anno_snapshot_user_markup($user_data, anno_snapshot_allowed_keys()); $response['result'] = 'success'; $response['status'] = __('User Added', 'anno'); } else { $response['status'] = sprintf(_x('User \'%s\' not found', 'Adding user error message for snapshot meta box', 'anno'), $user_login); $response['result'] = 'error'; } echo json_encode($response); die; }
/** * AJAX handler that looks up an article based on PMID and parses the data for a reference. * Echos a JSON encoded array * * @return void */ function anno_reference_import_doi() { check_ajax_referer('anno_import_doi', '_ajax_nonce-import-doi'); if (!isset($_POST['doi'])) { anno_reference_error_response(); } else { $doi = $_POST['doi']; } $lookup_response = array('message' => 'error', 'text' => _x('An error has occurred, please try again later', 'pmid lookup error message', 'anno')); // DOIs cannot contain any control characters. As defined here: http://www.doi.org/handbook_2000/appendix_1.html $doi = trim($doi); if (preg_match('/[\\x00-\\x1F\\x7F]/', $doi)) { anno_reference_error_response(_x('Invalid DOI', 'pmid lookup error message', 'anno')); } // Generate the URL for lookup $crossref_login = cfct_get_option('crossref_login'); $crossref_pass = cfct_get_option('crossref_pass'); // Empty login, or empty password and login is not an email. if (empty($crossref_login) || empty($crossref_pass) && !anno_is_valid_email($crossref_login)) { anno_reference_error_response(_x('Invalid CrossRef Login', 'pmid lookup error message', 'anno')); } else { if (empty($croossref_pass)) { $url = 'http://www.crossref.org/openurl/?pid=' . $crossref_login . '&id=doi:' . $doi . '&noredirect=true'; } else { $url = 'http://www.crossref.org/openurl/?pid=' . $crossref_login . ':' . $crossref_pass . '&id=doi:' . $doi . '&noredirect=true'; } } // Use wp.com functions if available for lookup. if (function_exists('vip_safe_wp_remote_get')) { $response = vip_safe_wp_remote_get($url); } else { $response = wp_remote_get($url); } if (is_wp_error($response) || isset($response['response']['code']) && $response['response']['code'] != 200 || !isset($response['body'])) { anno_reference_error_response(); } else { include_once CFCT_PATH . 'functions/phpquery/phpquery.php'; phpQuery::newDocumentXML($response['body']); phpQuery::getDocument(); $html = pq('html'); // If we find an HTML tag, echo error. if ($html->length > 0) { // We should only hit an HTML page for malformed URLs or invalid logins // @TODO error for invalid login. anno_reference_error_response(_x('Invalid DOI', 'pmid lookup error message', 'anno')); } $query_status = pq('query')->attr('status'); // Error if unresolved if ($query_status == 'unresolved') { $lookup_response = anno_reference_error_response(pq('msg')->text()); } else { if ($query_status == 'resolved') { $text = ''; // There should only be a single 'first' author. $prime_author = pq('contributor[sequence="first"][contributor_role="author"]'); $author_text = anno_reference_doi_process_author($prime_author); if (!empty($author_text)) { $author_arr[] = $author_text; } $additional_authors = pq('contributor[sequence="additional"][contributor_role="author"]'); foreach ($additional_authors as $additional_author) { $additional_author = pq($additional_author); $author_text = anno_reference_doi_process_author($additional_author); if (!empty($author_text)) { $author_arr[] = $author_text; } } $text .= implode(', ', $author_arr) . '. '; // Title $title = pq('article_title')->text(); if (!empty($title)) { // Titles do not have periods $text .= $title . '. '; } // Source $source = pq('journal_title')->text(); if (!empty($source)) { $text .= $source . '. '; } // Date, Volume, Issue, Page $date_meta = ''; $date = pq('year')->text(); $volume = pq('volume')->text(); $issue = pq('issue')->text(); $first_page = pq('first_page')->text(); $last_page = pq('last_page')->text(); if (!empty($date)) { $date_meta .= $date; } if (!empty($volume) || !empty($issue) || !empty($page)) { $date_meta .= ';'; if (!empty($volume)) { $date_meta .= $volume; } if (!empty($issue)) { $date_meta .= '(' . $issue . ')'; } if (!empty($first_page)) { $date_meta .= ':' . $first_page; } if (!empty($last_page)) { $date_meta .= '-' . $last_page; } } if (!empty($date_meta)) { $text .= $date_meta . '. '; } $text .= _x('DOI:', 'Reference text for doi lookup', 'anno') . $doi . '.'; $lookup_response = array('message' => 'success', 'text' => esc_textarea($text)); } else { anno_reference_error_response(); } } } echo json_encode($lookup_response); die; }
/** * Creates a new user, and sends that user an email. Returns a WP Error if the user was unable to be created. * * @param string $username Username to create * @param string $email Email of user to create * @return int|WP_Error ID of new user, or, WP_Error */ function anno_invite_contributor($user_login, $user_email, $extra = array()) { // Wish to be able to invite other contributors, so no create_user check $current_user = wp_get_current_user(); // wp_insert_user handles all other errors if (!anno_is_valid_email($user_email)) { return new WP_Error('invalid_email', _x('Invalid email address', 'error for creating new user', 'anno')); } // We don't want wp_insert_user to just sanitize the username stripping characters, the user should be alerted if the user input is wrong if (!anno_is_valid_username($user_login)) { return new WP_Error('invalid_username', _x('Invalid username', 'error for creating new user', 'anno')); } // Create User $user_pass = wp_generate_password(); $user_login = esc_sql($user_login); $user_email = esc_sql($user_email); $role = 'contributor'; $userdata = compact('user_login', 'user_pass', 'user_email', 'role'); array_merge($extra, $userdata); $user_id = wp_insert_user($userdata); $blogname = get_bloginfo('name'); // Send notifiction with PW, Username. if (!is_wp_error($user_id)) { $subject = sprintf(_x('You have been invited to join %s', 'email subject %s represents blogname', 'anno'), $blogname); $message = sprintf(_x('%s has created a user with your email address for %s. Please use the following credentials to login and change your password: Username: %s Password: %s %s', 'User creation email body. %s mapping: User who created this new user, blogname, username, password, profile url.', 'anno'), $current_user->display_name, $blogname, $user_login, $user_pass, esc_url(admin_url('profile.php'))); wp_mail($user_email, $subject, $message); } return $user_id; }
/** * Map old author logins to local user IDs based on decisions made * in import options form. Can map to an existing user, create a new user * or falls back to the current user in case of error with either of the previous */ function get_author_mapping() { if (!isset($_POST['imported_authors'])) { return; } $create_users = $this->allow_create_users(); $this->author_errors = array(); $this->new_user_credentials = array(); foreach ((array) $_POST['imported_authors'] as $i => $old_id) { // Used to determine whether or not we're creating a new user on import. $create_new_user = false; $user_id = 0; $old_id = trim($old_id); if (!empty($_POST['user_map'][$i])) { $user = get_userdata(intval($_POST['user_map'][$i])); if (isset($user->ID)) { if ($old_id) { $this->processed_authors[$old_id] = $user->ID; } $this->author_mapping[$old_id] = $user->ID; $user_id = $user->ID; } } else { if (!empty($_POST['lookup_email'][$i]) || !empty($_POST['lookup_username'][$i])) { // Validate email // Search via email if (!empty($_POST['lookup_email'][$i]) && !empty($_POST['lookup_username'][$i])) { $this->author_errors[$i][] = _x('Please enter an Email <strong>OR</strong> a Username to search for.', 'importer error message', 'anno'); } else { if (!empty($_POST['lookup_email'][$i])) { $lookup_email = $_POST['lookup_email'][$i]; if (!anno_is_valid_email($lookup_email)) { $this->author_errors[$i][] = _x('Please enter a valid email to search for.', 'importer error message', 'anno'); } else { $users = get_users(array('search' => $lookup_email)); if (empty($users)) { $this->author_errors[$i][] = sprintf(_x('Could not find user with email: %s', 'importer error message, %s: email address', 'anno'), $lookup_email); } else { if (is_array($users)) { $user_id = $users[0]->ID; } } } } else { if (!empty($_POST['lookup_username'][$i])) { $lookup_username = $_POST['lookup_username'][$i]; if (!anno_is_valid_username($lookup_username)) { $this->author_errors[$i][] = _x('Please enter a valid username to search for.', 'importer error message', 'anno'); } else { //@TODO only search user_login column $users = get_users(array('search' => $lookup_username)); if (empty($users)) { $this->author_errors[$i][] = sprintf(_x('Could not find user with username: %s', 'importer error message, %s: username', 'anno'), $lookup_username); } else { if (is_array($users)) { $user_id = $users[0]->ID; } } } } } } } else { if ($create_users && (empty($_POST['lookup_email'][$i]) && empty($_POST['lookup_username'][$i])) && !empty($_POST['user_new'][$i]['user_email'])) { if (!empty($_POST['user_new'][$i]['user_email'])) { // Username is email. $user_new_email = $user_new_login = $_POST['user_new'][$i]['user_email']; } else { $this->author_errors[$i][] = _x('Email cannot be empty when creating a new user.', 'importer error message', 'anno'); $user_new_email = null; } // email_exists($user_email) username_exists( $user_login ) if (email_exists($user_new_email) || username_exists($user_new_login)) { $this->author_errors[$i][] = _x('This email address is already registered.', 'importer error message', 'anno'); } if (!$this->have_author_errors($i)) { if (!anno_is_valid_email($user_new_email) || !anno_is_valid_username($user_new_login)) { $this->author_errors[$i][] = _x('Please enter a valid email when creating a new user.', 'importer error message', 'anno'); } if (!$this->have_author_errors($i)) { $this->new_user_credentials[$i]['old_id'] = $old_id; $this->new_user_credentials[$i]['user_login'] = $user_new_login; $this->new_user_credentials[$i]['user_email'] = $user_new_email; $create_new_user = true; } } } } } // user_id is empty, so no lookup was attempted, and we're not creating a new user if (empty($user_id) && !$create_new_user) { // Map to current user. $user_id = get_current_user_id(); } // Map users, $user_id is only set when we've found a user to map to. if (!$create_new_user && !empty($user_id)) { if ($old_id) { $this->processed_authors[$old_id] = $user_id; } $this->author_mapping[$old_id] = $user_id; } } }