/** * Process ajax user avatar upload request. * Sanitize file and pass to upload_file(). Rename image to md5 and store file * name in user meta. Also remove existing avtar if exists * @return void */ public function avatar_upload() { if (ap_user_can_upload_avatar() && ap_verify_nonce('upload_avatar_' . get_current_user_id())) { $photo = $this->upload_photo('thumbnail'); if (false === $photo) { ap_send_json(ap_ajax_responce(array('message' => $this->upload_error, 'message_type' => 'error'))); } $file = str_replace('\\', '\\\\', $photo['file']); $photo['file'] = $file; $photo['small_url'] = str_replace(basename($photo['url']), 'small_' . basename($photo['url']), $photo['url']); $small_name = str_replace(basename($photo['file']), 'small_' . basename($photo['file']), $photo['file']); $photo['small_file'] = $small_name; $userid = get_current_user_id(); // Remove previous image. $previous_avatar = get_user_meta($userid, '_ap_avatar', true); if ($previous_avatar['file'] && file_exists($previous_avatar['file'])) { unlink($previous_avatar['file']); } if ($previous_avatar['small_file'] && file_exists($previous_avatar['small_file'])) { unlink($previous_avatar['small_file']); } // Resize thumbnail. $image = wp_get_image_editor($file); if (!is_wp_error($image)) { $image->resize(200, 200, true); $image->save($file); $image->resize(50, 50, true); $image->save($small_name); } update_user_meta($userid, '_ap_avatar', $photo); do_action('ap_after_avatar_upload', $userid, $photo); ap_ajax_json(array('status' => true, 'action' => 'avatar_uploaded', 'user_id' => $userid, 'message' => __('Avatar uploaded successfully.', 'anspress-question-answer'), 'html' => get_avatar($userid, 150))); } ap_ajax_json(array('message' => __('There was an error while uploading avatar, please check your image', 'anspress-question-answer'), 'message_type' => 'error')); }
/** * Process user profile and account fields */ public function ap_user_profile_form() { $user_id = get_current_user_id(); $group = sanitize_text_field($_POST['group']); if (!ap_user_can_edit_profile()) { $this->result = array('message' => 'no_permission'); return; } if (!ap_verify_nonce('nonce_user_profile_' . $user_id . '_' . $group)) { ap_send_json(ap_ajax_responce('something_wrong')); } $user_fields = ap_get_user_fields($group, $user_id); $validate_fields = array(); foreach ($user_fields as $field) { if (isset($field['sanitize'])) { $validate_fields[$field['name']]['sanitize'] = $field['sanitize']; } if ($field['validate']) { $validate_fields[$field['name']]['validate'] = $field['validate']; } } $validate = new AnsPress_Validation($validate_fields); $ap_errors = $validate->get_errors(); // If error in form then return. if ($validate->have_error()) { ap_send_json(ap_ajax_responce(array('form' => $_POST['ap_form_action'], 'message_type' => 'error', 'message' => __('Check missing fields and then re-submit.', 'ap'), 'errors' => $ap_errors))); return; } $fields = $validate->get_sanitized_fields(); $default_fields = array('name', 'first_name', 'last_name', 'nickname', 'display_name', 'user_email', 'description'); if (is_array($user_fields) && !empty($user_fields)) { foreach ($user_fields as $field) { if (isset($fields[$field['name']]) && in_array($field['name'], $default_fields)) { wp_update_user(array('ID' => $user_id, $field['name'] => $fields[$field['name']])); // If email is updated then send verification email. if ($field['name'] == 'user_email') { wp_new_user_notification($user_id, null, 'both'); } } elseif ($field['name'] == 'password' && $_POST['password'] == $_POST['password-1']) { wp_set_password($_POST['password'], $user_id); } elseif (isset($fields[$field['name']])) { update_user_meta($user_id, $field['name'], $fields[$field['name']]); } } } $this->result = array('message' => 'profile_updated_successfully', 'action' => 'updated_user_field', 'do' => array('updateHtml' => '#ap_user_profile_form'), 'html' => ap_user_get_fields('', $group)); }
public function delete_activity() { if (!ap_verify_nonce('ap_delete_activity') || !is_super_admin() || !isset($_POST['args'][0])) { $this->something_wrong(); } $activity_id = (int) $_POST['args'][0]; $row = ap_delete_activity($activity_id); if (false !== $row) { $this->send(array('message' => 'delete_activity', 'action' => 'delete_activity', 'do' => array('remove_if_exists' => '#activity-' . $activity_id))); } $this->something_wrong(); }
/** * Ajax callback for processing comment flag button. * @since 2.4 */ public function flag_comment() { $comment_id = (int) $_POST['comment_id']; if (!ap_verify_nonce('flag_' . $comment_id) || !is_user_logged_in()) { $this->something_wrong(); } $userid = get_current_user_id(); $is_flagged = ap_is_user_flagged_comment($comment_id); if ($is_flagged) { ap_send_json(ap_ajax_responce(array('message' => 'already_flagged_comment'))); } else { ap_insert_comment_flag($userid, $comment_id); $count = ap_comment_flag_count($comment_id); update_comment_meta($comment_id, ANSPRESS_FLAG_META, $count); $this->send(array('message' => 'flagged_comment', 'action' => 'flagged', 'view' => array($comment_id . '_comment_flag' => $count), 'count' => $count)); } $this->something_wrong(); }