/** * Wrapper function for the members_can_user_view_post() function. This function checks if the currently * logged-in user can view the content of a specific post. * * @since 0.2.0 * @param int $post_id The ID of the post to check. * @return bool True if the user can view the post. False if the user cannot view the post. */ function members_can_current_user_view_post($post_id = '') { /* Get the current user object. */ $current_user = nxt_get_current_user(); /* Return the members_can_user_view_post() function, which returns true/false. */ return members_can_user_view_post($current_user->ID, $post_id); }
function confirm_delete_users($users) { $current_user = nxt_get_current_user(); if (!is_array($users)) { return false; } screen_icon(); ?> <h2><?php esc_html_e('Users'); ?> </h2> <p><?php _e('Transfer or delete posts and links before deleting users.'); ?> </p> <form action="users.php?action=dodelete" method="post"> <input type="hidden" name="dodelete" /> <?php nxt_nonce_field('ms-users-delete'); $site_admins = get_super_admins(); $admin_out = "<option value='{$current_user->ID}'>{$current_user->user_login}</option>"; foreach ($allusers = (array) $_POST['allusers'] as $key => $val) { if ($val != '' && $val != '0') { $delete_user = new nxt_User($val); if (!current_user_can('delete_user', $delete_user->ID)) { nxt_die(sprintf(__('Warning! User %s cannot be deleted.'), $delete_user->user_login)); } if (in_array($delete_user->user_login, $site_admins)) { nxt_die(sprintf(__('Warning! User cannot be deleted. The user %s is a network admnistrator.'), $delete_user->user_login)); } echo "<input type='hidden' name='user[]' value='{$val}'/>\n"; $blogs = get_blogs_of_user($val, true); if (!empty($blogs)) { ?> <br /><fieldset><p><legend><?php printf(__("What should be done with posts and links owned by <em>%s</em>?"), $delete_user->user_login); ?> </legend></p> <?php foreach ((array) $blogs as $key => $details) { $blog_users = get_users(array('blog_id' => $details->userblog_id)); if (is_array($blog_users) && !empty($blog_users)) { $user_site = "<a href='" . esc_url(get_home_url($details->userblog_id)) . "'>{$details->blogname}</a>"; $user_dropdown = "<select name='blog[{$val}][{$key}]'>"; $user_list = ''; foreach ($blog_users as $user) { if (!in_array($user->ID, $allusers)) { $user_list .= "<option value='{$user->ID}'>{$user->user_login}</option>"; } } if ('' == $user_list) { $user_list = $admin_out; } $user_dropdown .= $user_list; $user_dropdown .= "</select>\n"; ?> <ul style="list-style:none;"> <li><?php printf(__('Site: %s'), $user_site); ?> </li> <li><label><input type="radio" id="delete_option0" name="delete[<?php echo $details->userblog_id . '][' . $delete_user->ID; ?> ]" value="delete" checked="checked" /> <?php _e('Delete all posts and links.'); ?> </label></li> <li><label><input type="radio" id="delete_option1" name="delete[<?php echo $details->userblog_id . '][' . $delete_user->ID; ?> ]" value="reassign" /> <?php echo __('Attribute all posts and links to:') . '</label>' . $user_dropdown; ?> </li> </ul> <?php } } echo "</fieldset>"; } } } submit_button(__('Confirm Deletion'), 'delete'); ?> </form> <?php return true; }
/** * Renders the student-only page showing all a list of all comments that * they have left on other blogs on the site. * * @access private * @since 0.2 */ public function _student_admin_page() { global $blog_id; $current_blog_id = $blog_id; $student_id = nxt_get_current_user()->ID; // Create a lookup table for blog names and URLs $all_blogs = array(); foreach (ClassBlogs_Utils::get_all_blog_ids() as $blog_id) { $all_blogs[$blog_id] = array('name' => ClassBlogs_NXTClass::get_blog_option($blog_id, 'blogname'), 'url' => ClassBlogs_NXTClass::get_blogaddress_by_id($blog_id)); } // Paginate the data, restricting the data set to only comments that the // current student wrote $comments = array(); foreach ($this->get_sitewide_comments(false) as $comment) { if ((int) $comment->user_id === $student_id) { $comments[] = $comment; } } $paginator = new ClassBlogs_Paginator($comments, self::COMMENTS_PER_ADMIN_PAGE); $current_page = array_key_exists('paged', $_GET) ? absint($_GET['paged']) : 1; ?> <div class="wrap"> <div id="icon-edit-comments" class="icon32"></div> <h2><?php _e('My Comments', 'classblogs'); ?> </h2> <p> <?php _e("This page allows you to view all of the comments that you have left on other students' blogs.", 'classblogs'); ?> </p> <?php $paginator->show_admin_page_links($current_page); ?> <table class="widefat cb-sw-comments-table" id="cb-sw-my-comments-list"> <thead> <tr> <th class="blog"><?php _e('Blog', 'classblogs'); ?> </th> <th class="post"><?php _e('Post', 'classblogs'); ?> </th> <th class="content"><?php _e('Content', 'classblogs'); ?> </th> <th class="status"><?php _e('Status', 'classblogs'); ?> </th> <th class="posted"><?php _e('Date', 'classblogs'); ?> </th> </tr> </thead> <tfoot> <tr> <th class="blog"><?php _e('Blog', 'classblogs'); ?> </th> <th class="post"><?php _e('Post', 'classblogs'); ?> </th> <th class="content"><?php _e('Content', 'classblogs'); ?> </th> <th class="status"><?php _e('Status', 'classblogs'); ?> </th> <th class="posted"><?php _e('Date', 'classblogs'); ?> </th> </tr> </tfoot> <tbody> <?php foreach ($paginator->get_items_for_page($current_page) as $comment) { ClassBlogs_NXTClass::switch_to_blog($comment->cb_sw_blog_id); $status = nxt_get_comment_status($comment->comment_ID); ?> <tr class="<?php echo $status; ?> "> <td class="blog"> <strong> <?php printf('<a href="%s">%s</a>', esc_url($all_blogs[$comment->cb_sw_blog_id]['url']), esc_html($all_blogs[$comment->cb_sw_blog_id]['name'])); ?> </strong> </td> <td class="post"> <strong> <?php printf('<a href="%s">%s</a>', esc_url(get_comment_link($comment)), esc_html($comment->post_title)); ?> </strong> </td> <td class="content"> <?php comment_text($comment->comment_ID); ?> </td> <td class="status"> <?php if ($status == 'approved') { _e('Approved', 'classblogs'); } elseif ($status == 'deleted' || $status == 'trash') { _e('Deleted', 'classblogs'); } elseif ($status == 'spam') { _e('Spam', 'classblogs'); } elseif ($status == 'unapproved') { _e('Unapproved', 'classblogs'); } else { _e('Unknown', 'classblogs'); } ?> </td> <td class="posted"> <?php printf('<span class="date">%s</span> <span class="time">%s</span>', mysql2date(get_option('date_format'), $comment->comment_date), mysql2date(get_option('time_format'), $comment->comment_date)); ?> </td> </tr> <?php } ClassBlogs_Utils::restore_blog($current_blog_id); ?> </tbody> </table> <?php $paginator->show_admin_page_links($current_page, 'bottom'); ?> </div> <?php }
/** * Handles the logic to display the student-facing admin dashboard widget * that shows their word count for the current and previous weeks. * * @access private * @since 0.1 */ public function _handle_student_dashboard_widget() { $date = new DateTime(); $student_id = nxt_get_current_user()->ID; $required_words = $this->get_option('required_weekly_words'); // Get the word count for the current and previous weeks $current_count = $this->_get_student_word_count_for_week($student_id, $date); $date->modify('-1 week'); $previous_count = $this->_get_student_word_count_for_week($student_id, $date); // Display the word counts in the dashboard widget ?> <div class="count current <?php if ($required_words && $current_count < $required_words) { echo 'under'; } ?> "> <h5><?php _e('This Week', 'classblogs'); ?> </h5> <p><?php echo number_format($current_count); ?> </p> </div> <div class="count previous <?php if ($required_words && $previous_count < $required_words) { echo 'under'; } ?> "> <h5><?php _e('Previous Week', 'classblogs'); ?> </h5> <p><?php echo number_format($previous_count); ?> </p> </div> <div class="clearfix"></div> <?php if ($required_words) { ?> <p class="required"> <?php _e('Words required per week', 'classblogs'); ?> <span class="quantity"><?php echo number_format($required_words); ?> </span> </p> <?php } ?> <?php }
function send_ping($sub_id = false, $level_id = false, $user_id = false) { $this->ping = $this->get_ping(); if (!class_exists('nxt_Http')) { include_once ABSPATH . nxtINC . '/class-http.php'; } $pingdata = $this->pingconstants; if (empty($user_id)) { $user = nxt_get_current_user(); $member = new M_Membership($user->ID); } else { $member = new M_Membership($user_id); } foreach ($pingdata as $key => $value) { switch ($key) { case '%blogname%': $pingdata[$key] = get_option('blogname'); break; case '%blogurl%': $pingdata[$key] = get_option('home'); break; case '%username%': $pingdata[$key] = $member->user_login; break; case '%usernicename%': $pingdata[$key] = $member->user_nicename; break; case '%networkname%': $pingdata[$key] = get_site_option('site_name'); break; case '%networkurl%': $pingdata[$key] = get_site_option('siteurl'); break; case '%subscriptionname%': if (!$sub_id) { $ids = $member->get_subscription_ids(); if (!empty($ids)) { $sub_id = $ids[0]; } } if (!empty($sub_id)) { $sub =& new M_Subscription($sub_id); $pingdata[$key] = $sub->sub_name(); } else { $pingdata[$key] = ''; } break; case '%levelname%': if (!$level_id) { $ids = $member->get_level_ids(); if (!empty($ids)) { $levels = $ids[0]; } } if (!empty($levels->level_id)) { $level =& new M_Level($levels->level_id); $pingdata[$key] = $level->level_title(); } else { $pingdata[$key] = ''; } break; case '%timestamp%': $pingdata[$key] = time(); break; default: $pingdata[$key] = apply_filter('membership_pingfield_' . $key, ''); break; } } $url = $this->ping->pingurl; // Globally replace the values in the ping and then make it into an array to send $pingmessage = str_replace(array_keys($pingdata), array_values($pingdata), $this->ping->pinginfo); $pingmessage = array_map('trim', explode("\n", $pingmessage)); // make the ping message into a sendable bit of text $pingtosend = array(); foreach ($pingmessage as $key => $value) { $temp = explode("=", $value); $pingtosend[$temp[0]] = $temp[1]; } // Send the request if (class_exists('nxt_Http')) { $request = new nxt_Http(); switch ($this->ping->pingtype) { case 'GET': $url = untrailingslashit($url) . "?"; foreach ($pingtosend as $key => $val) { if (substr($url, -1) != '?') { $url .= "&"; } $url .= $key . "=" . urlencode($val); } $result = $request->request($url, array('method' => 'GET', 'body' => '')); break; case 'POST': $result = $request->request($url, array('method' => 'POST', 'body' => $pingtosend)); break; } /* 'headers': an array of response headers, such as "x-powered-by" => "PHP/5.2.1" 'body': the response string sent by the server, as you would see it with you web browser 'response': an array of HTTP response codes. Typically, you'll want to have array('code'=>200, 'message'=>'OK') 'cookies': an array of cookie information */ $this->add_history($pingtosend, $result); } }
/** * Count number of posts of a post type and is user has permissions to view. * * This function provides an efficient method of finding the amount of post's * type a blog has. Another method is to count the amount of items in * get_posts(), but that method has a lot of overhead with doing so. Therefore, * when developing for 2.5+, use this function instead. * * The $perm parameter checks for 'readable' value and if the user can read * private posts, it will display that for the user that is signed in. * * @since 2.5.0 * @link http://codex.nxtclass.org/Template_Tags/nxt_count_posts * * @param string $type Optional. Post type to retrieve count * @param string $perm Optional. 'readable' or empty. * @return object Number of posts for each status */ function nxt_count_posts($type = 'post', $perm = '') { global $nxtdb; $user = nxt_get_current_user(); $cache_key = $type; $query = "SELECT post_status, COUNT( * ) AS num_posts FROM {$nxtdb->posts} WHERE post_type = %s"; if ('readable' == $perm && is_user_logged_in()) { $post_type_object = get_post_type_object($type); if (!current_user_can($post_type_object->cap->read_private_posts)) { $cache_key .= '_' . $perm . '_' . $user->ID; $query .= " AND (post_status != 'private' OR ( post_author = '{$user->ID}' AND post_status = 'private' ))"; } } $query .= ' GROUP BY post_status'; $count = nxt_cache_get($cache_key, 'counts'); if (false !== $count) { return $count; } $count = $nxtdb->get_results($nxtdb->prepare($query, $type), ARRAY_A); $stats = array(); foreach (get_post_stati() as $state) { $stats[$state] = 0; } foreach ((array) $count as $row) { $stats[$row['post_status']] = $row['num_posts']; } $stats = (object) $stats; nxt_cache_set($cache_key, $stats, 'counts'); return $stats; }
function widget($args, $instance) { //Get args and output the title extract($args); echo $before_widget; $title = apply_filters('widget_title', $instance['title']); if ($title) { echo $before_title . $title . $after_title; } //If logged in, show "Welcome, User!" if (is_user_logged_in()) { ?> <div style='text-align:center'> <?php $userdata = nxt_get_current_user(); echo __('Welcome') . ', ' . $userdata->display_name; ?> !<br /> <small> <a href="<?php echo get_option('siteurl'); ?> /nxt-admin/profile.php"><?php _e("Edit Profile"); ?> </a> | <a href=" <?php echo nxt_logout_url($_SERVER['REQUEST_URI']); ?> "><?php _e("Logout"); ?> </a> </small> </div> <?php //Otherwise, show the login form (with Facebook Connect button) } else { ?> <form name='loginform' id='loginform' action='<?php echo get_option('siteurl'); ?> /nxt-login.php' method='post'> <label>User:</label><br /> <input type='text' name='log' id='user_login' class='input' tabindex='20' /><input type='submit' name='nxt-submit' id='nxt-submit' value='Login' tabindex='23' /><br /> <label>Pass:</label><br /> <input type='password' name='pwd' id='user_pass' class='input' tabindex='21' /> <span id="forgotText"><a href="<?php echo get_option('siteurl'); ?> /nxt-login.php?action=lostpassword" rel="nofollow" ><?php _e('Forgot'); ?> ?</a></span><br /> <?php //echo "<input name='rememberme' type='hidden' id='rememberme' value='forever' />"; ?> <?php echo nxt_register('', ''); ?> <input type='hidden' name='redirect_to' value='<?php echo htmlspecialchars($_SERVER['REQUEST_URI']); ?> ' /> </form> <?php global $opt_jfb_hide_button; if (!get_option($opt_jfb_hide_button)) { jfb_output_facebook_btn(); //jfb_output_facebook_init(); This is output in nxt_footer as of 1.5.4 //jfb_output_facebook_callback(); This is output in nxt_footer as of 1.9.0 } } echo $after_widget; }
function bp_blogs_validate_blog_form() { $user = ''; if (is_user_logged_in()) { $user = nxt_get_current_user(); } return nxtmu_validate_blog_signup($_POST['blogname'], $_POST['blog_title'], $user); }
/** * Creates a random, one time use token. * * @since 2.0.3 * * @param string|int $action Scalar value to add context to the nonce. * @return string The one use form token */ function nxt_create_nonce($action = -1) { $user = nxt_get_current_user(); $uid = (int) $user->ID; $i = nxt_nonce_tick(); return substr(nxt_hash($i . $action . $uid, 'nonce'), -12, 10); }
function huddle_bp_blogs_validate_blog_signup() { global $nxtdb, $current_user, $blogname, $blog_title, $errors, $domain, $path, $current_site; if (!check_admin_referer('bp_blog_signup_form')) { return false; } $current_user = nxt_get_current_user(); if (!is_user_logged_in()) { die; } $result = bp_blogs_validate_blog_form(); extract($result); if ($errors->get_error_code()) { unset($_POST['submit']); huddle_bp_show_blog_signup_form($blogname, $blog_title, $errors); return false; } $public = (int) $_POST['blog_public']; $meta = apply_filters('signup_create_blog_meta', array('lang_id' => 1, 'public' => $public)); // depreciated $meta = apply_filters('add_signup_meta', $meta); // If this is a subdomain install, set up the site inside the root domain. if (is_subdomain_install()) { $domain = $blogname . '.' . preg_replace('|^www\\.|', '', $current_site->domain); } nxtmu_create_blog($domain, $path, $blog_title, $current_user->id, $meta, $nxtdb->siteid); bp_blogs_confirm_blog_signup($domain, $path, $blog_title, $current_user->user_login, $current_user->user_email, $meta); return true; }
function setup_globals() { global $bp; /** Database **********************************************************/ // Get the base database prefix if (empty($bp->table_prefix)) { $bp->table_prefix = bp_core_get_table_prefix(); } // The domain for the root of the site where the main blog resides if (empty($bp->root_domain)) { $bp->root_domain = bp_core_get_root_domain(); } // Fetches all of the core BuddyPress settings in one fell swoop if (empty($bp->site_options)) { $bp->site_options = bp_core_get_root_options(); } // The names of the core NXTClass pages used to display BuddyPress content if (empty($bp->pages)) { $bp->pages = bp_core_get_directory_pages(); } /** Admin Bar *********************************************************/ // Set the 'My Account' global to prevent debug notices $bp->my_account_menu_id = false; /** Component and Action **********************************************/ // Used for overriding the 2nd level navigation menu so it can be used to // display custom navigation for an item (for example a group) $bp->is_single_item = false; // Sets up the array container for the component navigation rendered // by bp_get_nav() $bp->bp_nav = array(); // Sets up the array container for the component options navigation // rendered by bp_get_options_nav() $bp->bp_options_nav = array(); // Contains an array of all the active components. The key is the slug, // value the internal ID of the component. //$bp->active_components = array(); /** Basic current user data *******************************************/ // Logged in user is the 'current_user' $current_user = nxt_get_current_user(); // The user ID of the user who is currently logged in. $bp->loggedin_user->id = $current_user->ID; /** Avatars ***********************************************************/ // Fetches the default Gravatar image to use if the user/group/blog has no avatar or gravatar $bp->grav_default->user = apply_filters('bp_user_gravatar_default', $bp->site_options['avatar_default']); $bp->grav_default->group = apply_filters('bp_group_gravatar_default', $bp->grav_default->user); $bp->grav_default->blog = apply_filters('bp_blog_gravatar_default', $bp->grav_default->user); // Notifications Table $bp->core->table_name_notifications = $bp->table_prefix . 'bp_notifications'; /** * Used to determine if user has admin rights on current content. If the * logged in user is viewing their own profile and wants to delete * something, is_item_admin is used. This is a generic variable so it * can be used by other components. It can also be modified, so when * viewing a group 'is_item_admin' would be 'true' if they are a group * admin, and 'false' if they are not. */ bp_update_is_item_admin(bp_user_has_access(), 'core'); // Is the logged in user is a mod for the current item? bp_update_is_item_mod(false, 'core'); do_action('bp_core_setup_globals'); }
/** * Set up the current user. * * @since 2.0.0 */ function init() { nxt_get_current_user(); }
/** * Update an user in the database. * * It is possible to update a user's password by specifying the 'user_pass' * value in the $userdata parameter array. * * If $userdata does not contain an 'ID' key, then a new user will be created * and the new user's ID will be returned. * * If current user's password is being updated, then the cookies will be * cleared. * * @since 2.0.0 * @see nxt_insert_user() For what fields can be set in $userdata * @uses nxt_insert_user() Used to update existing user or add new one if user doesn't exist already * * @param array $userdata An array of user data. * @return int The updated user's ID. */ function nxt_update_user($userdata) { $ID = (int) $userdata['ID']; // First, get all of the original fields $user_obj = get_userdata($ID); $user = get_object_vars($user_obj->data); // Add additional custom fields foreach (_get_additional_user_keys($user_obj) as $key) { $user[$key] = get_user_meta($ID, $key, true); } // Escape data pulled from DB. $user = add_magic_quotes($user); // If password is changing, hash it now. if (!empty($userdata['user_pass'])) { $plaintext_pass = $userdata['user_pass']; $userdata['user_pass'] = nxt_hash_password($userdata['user_pass']); } nxt_cache_delete($user['user_email'], 'useremail'); // Merge old and new fields with new fields overwriting old ones. $userdata = array_merge($user, $userdata); $user_id = nxt_insert_user($userdata); // Update the cookies if the password changed. $current_user = nxt_get_current_user(); if ($current_user->ID == $ID) { if (isset($plaintext_pass)) { nxt_clear_auth_cookie(); nxt_set_auth_cookie($ID); } } return $user_id; }
/** * Check whether a usermeta key has to do with the current blog. * * @since MU * @uses nxt_get_current_user() * * @param string $key * @param int $user_id Optional. Defaults to current user. * @param int $blog_id Optional. Defaults to current blog. * @return bool */ function is_user_option_local($key, $user_id = 0, $blog_id = 0) { global $nxtdb; $current_user = nxt_get_current_user(); if ($user_id == 0) { $user_id = $current_user->ID; } if ($blog_id == 0) { $blog_id = $nxtdb->blogid; } $local_key = $nxtdb->base_prefix . $blog_id . '_' . $key; if (isset($current_user->{$local_key})) { return true; } return false; }
function jfb_debug_nonce_components() { global $opt_jfb_generated_nonce; $user = nxt_get_current_user(); $uid = (int) $user->id; $nonce_life = apply_filters('nonce_life', 86400); $time = time(); $nonce_tick = ceil(time() / ($nonce_life / 2)); $tick_verify = nxt_nonce_tick(); $hash = nxt_hash($i . $action . $uid, 'nonce'); $nonce = substr($hash, -12, 10); return "NONCE: {$nonce}, uid: {$uid}, life: {$nonce_life}, time: {$time}, tick: {$nonce_tick}, verify: {$tick_verify}, hash: {$hash}"; }
/** * Duplicated code from nxt-comments-post.php to check for presence of comment author name and email * address. */ function openid_require_name_email() { $user = nxt_get_current_user(); global $comment_author, $comment_author_email; if (get_option('require_name_email') && !$user->ID) { if (6 > strlen($comment_author_email) || '' == $comment_author) { nxt_die(__('Error: please fill the required fields (name, email).', 'openid')); } elseif (!is_email($comment_author_email)) { nxt_die(__('Error: please enter a valid email address.', 'openid')); } } }
/** * Determine if the current user trusts the the relying party of the OpenID authentication request. * * @uses do_action() Calls the 'openid_server_trust_form' hook action when displaying the trust form. * @uses do_action() Calls the 'openid_server_trust_submit' hook action when processing the submitted trust form. * @uses apply_filters() Calls 'openid_server_store_trusted_site' before storing trusted site data. */ function openid_server_user_trust($request) { $user = nxt_get_current_user(); if ($_REQUEST['openid_trust']) { $trust = null; if ($_REQUEST['openid_trust'] == 'cancel') { $trust = false; } else { check_admin_referer('openid-server_trust'); $trust = true; } do_action('openid_server_trust_submit', $trust, $request); if ($trust) { // store trusted site (unless hidden constant is set) if (!defined('OPENID_NO_AUTO_TRUST') || !OPENID_NO_AUTO_TRUST) { $site = array('url' => $request->trust_root, 'last_login' => time()); $site = apply_filters('openid_server_store_trusted_site', $site); $trusted_sites = get_user_meta($user->ID, 'openid_trusted_sites', true); $site_hash = md5($request->trust_root); $trusted_sites[$site_hash] = $site; update_user_meta($user->ID, 'openid_trusted_sites', $trusted_sites); } } return $trust; } else { // prompt the user to make a trust decision @session_start(); $_SESSION['openid_server_request'] = $request; ob_start(); echo ' <style type="text/css"> #banner { margin-bottom: 4em; } #banner #site { float: left; color: #555; } #banner #loggedin { font-size: 0.7em; float: right; } p.trust_form_add { margin: 3em auto 1em; padding: 0.5em; border: 1px solid #999; background: #FFEBE8; width: 80%; font-size: 0.8em; -moz-border-radius: 3px; } #submit { font-size: 18px; padding: 10px 35px; margin-left: 1em; } </style> <div id="banner"> <div id="site">' . get_option('blogname') . '</div>'; if (is_user_logged_in()) { $user = nxt_get_current_user(); $logout_url = site_url('nxt-login.php?action=logout&redirect_to=' . urlencode(openid_server_url()), 'login'); echo ' <div id="loggedin">' . sprintf(__('Logged in as %1$s (%2$s). <a href="%3$s">Use a different account?</a>', 'openid'), $user->display_name, $user->user_login, $logout_url) . '</div>'; } echo ' </div> <form action="' . openid_server_url() . '" method="post"> <h1>' . __('Verify Your Identity', 'openid') . '</h1> <p style="margin: 1.5em 0 1em 0;">' . sprintf(__('%s has asked to verify your identity.', 'openid'), '<strong>' . $request->trust_root . '</strong>') . '</p> <p style="margin: 1em 0;">' . __('Click <strong>Continue</strong> to verify your identity and login without creating a new password.', 'openid') . '</p>'; do_action('openid_server_trust_form'); echo ' <p class="submit" style="text-align: center; margin-top: 2.4em;"> <a href="' . add_query_arg('openid_trust', 'cancel', openid_server_url()) . '">' . __('Cancel and go back', 'openid') . '</a> <input type="submit" id="submit" name="openid_trust" value="' . __('Continue', 'openid') . '" /> </p> <p style="margin: 3em 0 1em 0; font-size: 0.8em;">' . sprintf(__('Manage or remove access on the <a href="%s" target="_blank">Trusted Sites</a> page.', 'openid'), admin_url((current_user_can('edit_users') ? 'users.php' : 'profile.php') . '?page=openid_trusted_sites')) . '</p> <p style="margin: 1em 0; font-size: 0.8em;">' . sprintf(__('<a href="%s" target="_blank">Edit your profile</a> to change the information that gets shared with Trusted Sites.', 'openid'), admin_url('profile.php')) . '</p> '; nxt_nonce_field('openid-server_trust', '_nxtnonce', true); echo ' </form>'; $html = ob_get_contents(); ob_end_clean(); openid_page($html, __('Verify Your Identity', 'openid')); } }
/** * Displays a welcome panel to introduce users to NXTClass. * * @since 3.3 */ function nxt_welcome_panel() { global $nxt_version; if (!current_user_can('edit_theme_options')) { return; } $classes = 'welcome-panel'; $option = get_user_meta(get_current_user_id(), 'show_welcome_panel', true); // 0 = hide, 1 = toggled to show or single site creator, 2 = multisite site owner $hide = 0 == $option || 2 == $option && nxt_get_current_user()->user_email != get_option('admin_email'); if ($hide) { $classes .= ' hidden'; } list($display_version) = explode('-', $nxt_version); ?> <div id="welcome-panel" class="<?php echo esc_attr($classes); ?> "> <?php nxt_nonce_field('welcome-panel-nonce', 'welcomepanelnonce', false); ?> <a class="welcome-panel-close" href="<?php echo esc_url(admin_url('?welcome=0')); ?> "><?php _e('Dismiss'); ?> </a> <div class="nxt-badge"><?php printf(__('Version %s'), $display_version); ?> </div> <div class="welcome-panel-content"> <h3><?php _e('Welcome to your new NXTClass site! '); ?> </h3> <p class="about-description"><?php _e('If you need help getting started, check out our documentation on <a href="http://codex.nxtclass.org/First_Steps_With_NXTClass">First Steps with NXTClass</a>. If you’d rather dive right in, here are a few things most people do first when they set up a new NXTClass site. If you need help, use the Help tabs in the upper right corner to get information on how to use your current screen and where to go for more assistance.'); ?> </p> <div class="welcome-panel-column-container"> <div class="welcome-panel-column"> <h4><span class="icon16 icon-settings"></span> <?php _e('Basic Settings'); ?> </h4> <p><?php _e('Here are a few easy things you can do to get your feet wet. Make sure to click Save on each Settings screen.'); ?> </p> <ul> <li><?php echo sprintf(__('<a href="%s">Choose your privacy setting</a>'), esc_url(admin_url('options-privacy.php'))); ?> </li> <li><?php echo sprintf(__('<a href="%s">Select your tagline and time zone</a>'), esc_url(admin_url('options-general.php'))); ?> </li> <li><?php echo sprintf(__('<a href="%s">Turn comments on or off</a>'), esc_url(admin_url('options-discussion.php'))); ?> </li> <li><?php echo sprintf(__('<a href="%s">Fill in your profile</a>'), esc_url(admin_url('profile.php'))); ?> </li> </ul> </div> <div class="welcome-panel-column"> <h4><span class="icon16 icon-page"></span> <?php _e('Add Real Content'); ?> </h4> <p><?php _e('Check out the sample page & post editors to see how it all works, then delete the default content and write your own!'); ?> </p> <ul> <li><?php echo sprintf(__('View the <a href="%1$s">sample page</a> and <a href="%2$s">post</a>'), esc_url(get_permalink(2)), esc_url(get_permalink(1))); ?> </li> <li><?php echo sprintf(__('Delete the <a href="%1$s">sample page</a> and <a href="%2$s">post</a>'), esc_url(admin_url('edit.php?post_type=page')), esc_url(admin_url('edit.php'))); ?> </li> <li><?php echo sprintf(__('<a href="%s">Create an About Me page</a>'), esc_url(admin_url('edit.php?post_type=page'))); ?> </li> <li><?php echo sprintf(__('<a href="%s">Write your first post</a>'), esc_url(admin_url('post-new.php'))); ?> </li> </ul> </div> <div class="welcome-panel-column welcome-panel-last"> <h4><span class="icon16 icon-appearance"></span> <?php _e('Customize Your Site'); ?> </h4> <?php $ct = current_theme_info(); if (empty($ct->stylesheet_dir)) { echo '<p>'; printf(__('<a href="%s">Install a theme</a> to get started customizing your site.'), esc_url(admin_url('themes.php'))); echo '</p>'; } else { $customize_links = array(); if ('twentyeleven' == $ct->stylesheet) { $customize_links[] = sprintf(__('<a href="%s">Choose light or dark</a>'), esc_url(admin_url('themes.php?page=theme_options'))); } if (current_theme_supports('custom-background')) { $customize_links[] = sprintf(__('<a href="%s">Set a background color</a>'), esc_url(admin_url('themes.php?page=custom-background'))); } if (current_theme_supports('custom-header')) { $customize_links[] = sprintf(__('<a href="%s">Select a new header image</a>'), esc_url(admin_url('themes.php?page=custom-header'))); } if (current_theme_supports('widgets')) { $customize_links[] = sprintf(__('<a href="%s">Add some widgets</a>'), esc_url(admin_url('widgets.php'))); } if (!empty($customize_links)) { echo '<p>'; printf(__('Use the current theme — %1$s — or <a href="%2$s">choose a new one</a>. If you stick with %3$s, here are a few ways to make your site look unique.'), $ct->title, esc_url(admin_url('themes.php')), $ct->title); echo '</p>'; ?> <ul> <?php foreach ($customize_links as $customize_link) { ?> <li><?php echo $customize_link; ?> </li> <?php } ?> </ul> <?php } else { echo '<p>'; printf(__('Use the current theme — %1$s — or <a href="%2$s">choose a new one</a>.'), $ct->title, esc_url(admin_url('themes.php'))); echo '</p>'; } } ?> </div> </div> <p class="welcome-panel-dismiss"><?php printf(__('Already know what you’re doing? <a href="%s">Dismiss this message</a>.'), esc_url(admin_url('?welcome=0'))); ?> </p> </div> </div> <?php }
function send_confirmation_on_profile_email() { global $errors, $nxtdb; $current_user = nxt_get_current_user(); if (!is_object($errors)) { $errors = new nxt_Error(); } if ($current_user->ID != $_POST['user_id']) { return false; } if ($current_user->user_email != $_POST['email']) { if (!is_email($_POST['email'])) { $errors->add('user_email', __("<strong>ERROR</strong>: The e-mail address isn't correct."), array('form-field' => 'email')); return; } if ($nxtdb->get_var($nxtdb->prepare("SELECT user_email FROM {$nxtdb->users} WHERE user_email=%s", $_POST['email']))) { $errors->add('user_email', __("<strong>ERROR</strong>: The e-mail address is already used."), array('form-field' => 'email')); delete_option($current_user->ID . '_new_email'); return; } $hash = md5($_POST['email'] . time() . mt_rand()); $new_user_email = array('hash' => $hash, 'newemail' => $_POST['email']); update_option($current_user->ID . '_new_email', $new_user_email); $content = apply_filters('new_user_email_content', __("Dear user,\n\nYou recently requested to have the email address on your account changed.\nIf this is correct, please click on the following link to change it:\n###ADMIN_URL###\n\nYou can safely ignore and delete this email if you do not want to\ntake this action.\n\nThis email has been sent to ###EMAIL###\n\nRegards,\nAll at ###SITENAME###\n###SITEURL###"), $new_user_email); $content = str_replace('###ADMIN_URL###', esc_url(admin_url('profile.php?newuseremail=' . $hash)), $content); $content = str_replace('###EMAIL###', $_POST['email'], $content); $content = str_replace('###SITENAME###', get_site_option('site_name'), $content); $content = str_replace('###SITEURL###', network_home_url(), $content); nxt_mail($_POST['email'], sprintf(__('[%s] New Email Address'), get_option('blogname')), $content); $_POST['email'] = $current_user->user_email; } }
function wlcms_get_current_user_role() { global $nxt_roles; $current_user = nxt_get_current_user(); $roles = $current_user->roles; $role = array_shift($roles); return isset($nxt_roles->role_names[$role]) ? $nxt_roles->role_names[$role] : false; }
/** * {@internal Missing Short Description}} * * Wrap iframe content (produced by $content_func) in a doctype, html head/body * etc any additional function args will be passed to content_func. * * @since 2.5.0 * * @param unknown_type $content_func */ function nxt_iframe($content_func) { _nxt_admin_html_begin(); ?> <title><?php bloginfo('name'); ?> › <?php _e('Uploads'); ?> — <?php _e('NXTClass'); ?> </title> <?php nxt_enqueue_style('colors'); // Check callback name for 'media' if (is_array($content_func) && !empty($content_func[1]) && 0 === strpos((string) $content_func[1], 'media') || !is_array($content_func) && 0 === strpos($content_func, 'media')) { nxt_enqueue_style('media'); } nxt_enqueue_style('ie'); ?> <script type="text/javascript"> //<![CDATA[ addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof nxtOnload!='function'){nxtOnload=func;}else{var oldonload=nxtOnload;nxtOnload=function(){oldonload();func();}}}; var userSettings = {'url':'<?php echo SITECOOKIEPATH; ?> ','uid':'<?php if (!isset($current_user)) { $current_user = nxt_get_current_user(); } echo $current_user->ID; ?> ','time':'<?php echo time(); ?> '}; var ajaxurl = '<?php echo admin_url('admin-ajax.php'); ?> ', pagenow = 'media-upload-popup', adminpage = 'media-upload-popup', isRtl = <?php echo (int) is_rtl(); ?> ; //]]> </script> <?php do_action('admin_enqueue_scripts', 'media-upload-popup'); do_action('admin_print_styles-media-upload-popup'); do_action('admin_print_styles'); do_action('admin_print_scripts-media-upload-popup'); do_action('admin_print_scripts'); do_action('admin_head-media-upload-popup'); do_action('admin_head'); if (is_string($content_func)) { do_action("admin_head_{$content_func}"); } ?> </head> <body<?php if (isset($GLOBALS['body_id'])) { echo ' id="' . $GLOBALS['body_id'] . '"'; } ?> class="no-js"> <script type="text/javascript"> document.body.className = document.body.className.replace('no-js', 'js'); </script> <?php $args = func_get_args(); $args = array_slice($args, 1); call_user_func_array($content_func, $args); do_action('admin_print_footer_scripts'); ?> <script type="text/javascript">if(typeof nxtOnload=='function')nxtOnload();</script> </body> </html> <?php }
function validate_another_blog_signup() { global $nxtdb, $blogname, $blog_title, $errors, $domain, $path; $current_user = nxt_get_current_user(); if (!is_user_logged_in()) { die; } $result = validate_blog_form(); extract($result); if ($errors->get_error_code()) { signup_another_blog($blogname, $blog_title, $errors); return false; } $public = (int) $_POST['blog_public']; $meta = apply_filters('signup_create_blog_meta', array('lang_id' => 1, 'public' => $public)); // deprecated $meta = apply_filters('add_signup_meta', $meta); nxtmu_create_blog($domain, $path, $blog_title, $current_user->ID, $meta, $nxtdb->siteid); confirm_another_blog_signup($domain, $path, $blog_title, $current_user->user_login, $current_user->user_email, $meta); return true; }
/** * Saves option for number of rows when listing posts, pages, comments, etc. * * @since 2.8 **/ function set_screen_options() { if (isset($_POST['nxt_screen_options']) && is_array($_POST['nxt_screen_options'])) { check_admin_referer('screen-options-nonce', 'screenoptionnonce'); if (!($user = nxt_get_current_user())) { return; } $option = $_POST['nxt_screen_options']['option']; $value = $_POST['nxt_screen_options']['value']; if (!preg_match('/^[a-z_-]+$/', $option)) { return; } $option = str_replace('-', '_', $option); $map_option = $option; $type = str_replace('edit_', '', $map_option); $type = str_replace('_per_page', '', $type); if (in_array($type, get_post_types())) { $map_option = 'edit_per_page'; } if (in_array($type, get_taxonomies())) { $map_option = 'edit_tags_per_page'; } switch ($map_option) { case 'edit_per_page': case 'users_per_page': case 'edit_comments_per_page': case 'upload_per_page': case 'edit_tags_per_page': case 'plugins_per_page': // Network admin // Network admin case 'sites_network_per_page': case 'users_network_per_page': case 'site_users_network_per_page': case 'plugins_network_per_page': case 'themes_network_per_page': case 'site_themes_network_per_page': $value = (int) $value; if ($value < 1 || $value > 999) { return; } break; default: $value = apply_filters('set-screen-option', false, $option, $value); if (false === $value) { return; } break; } update_user_meta($user->ID, $option, $value); nxt_safe_redirect(remove_query_arg(array('pagenum', 'apage', 'paged'), nxt_get_referer())); exit; } }
/** * Handles the logic to display the pseudonym admin page to a student. * * @access private * @since 0.1 */ public function _admin_page() { // Get information on the user and their blog URL $current_user = nxt_get_current_user(); $username = $current_user->user_login; $blog_url = home_url(); // Validate the pseudonym $username_valid = true; if ($_POST) { // Apply the pseudonym to the user and their blog if the username // does not conflict with an existing user or blog check_admin_referer($this->get_uid()); $username = ClassBlogs_Utils::sanitize_user_input($_POST['new_username']); $username_valid = $this->_validate_username($username); if ($username_valid) { global $blog_id; $current_user = nxt_get_current_user(); $this->_apply_pseudonym($current_user->ID, $blog_id, $username); // Display the updated information to the user $blog_url = home_url(); $message = array(__('You successfully changed your username. Your new user information is as follows.', 'classblogs'), '<p>'); $message[] = sprintf('<strong>%s</strong><br />%s<br /><br />', __('Username', 'classblogs'), esc_html($username)); if (ClassBlogs_Utils::is_multisite()) { $message[] = sprintf('<strong>%s</strong><br />%s<br /><br />', __('Blog URL', 'classblogs'), sprintf('<a href="%1$s">%1$s</a>', esc_url($blog_url))); } $message[] = '</p>'; ClassBlogs_Admin::show_admin_message(implode("\n", $message)); } else { if (!$username) { $error = __('You cannot have a blank username.', 'classblogs'); } else { $error = sprintf(__('The username %s is invalid or conflicts with another user or blog. Please choose a different username.', 'classblogs'), '<strong>' . esc_html($username) . '</strong>'); } ClassBlogs_Admin::show_admin_error($error); } } ?> <div class="wrap"> <div id="icon-users" class="icon32"></div> <h2><?php _e('Change Username', 'classblogs'); ?> </h2> <p id="student-pseudonym-instructions"> <?php _e('If you have already changed your display name but still wish for there to be no trace of your actual identity on the blog, you can use this page to change the username that you use to log in to the blog.', 'classblogs'); ?> </p> <form method="post" action="" id="cb-username-form"> <table class="form-table"> <tr valign="top"> <th scope="row"><?php _e('New Username', 'classblogs'); ?> </th> <td> <input type="text" name="new_username" id="new-username" /><br /> <label for="new-username"><?php _e('Changing this will change the username that you use to access your blog and the URL at which it can be found.', 'classblogs'); ?> </label> <hr /> <label for="new-username"> <?php printf(__('Your current username is %s', 'classblogs'), '<strong>' . esc_html($current_user->user_login) . '</strong>'); ?> </label><br /> <?php if (ClassBlogs_Utils::is_multisite()) { ?> <label for="new-username"> <?php printf(__('Your current blog URL is %s', 'classblogs'), sprintf('<a href="%1$s">%1$s</a>', esc_url($blog_url))); ?> </label> <?php } ?> </td> </tr> </table> <?php nxt_nonce_field($this->get_uid()); ?> <p class="submit"><input class="button-primary" type="submit" name="Submit" value="<?php _e('Change Username', 'classblogs'); ?> " /></p> <strong style="color: #a00">You will only be able to change your username once</strong> </form> <script type="text/javascript"> jQuery("#cb-username-form").submit(function() { return confirm( "<?php _e('You can only change your username once. Are you sure that you wish to change it now?', 'classblogs'); ?> " ); }); </script> </div> <?php }
/** * Try to pre-populate SReg data from user's profile. The following fields * are not handled by the plugin: dob, gender, postcode, country, and language. * Other plugins may provide this data by implementing the filter * openid_server_sreg_${fieldname}. * * @uses apply_filters() Calls 'openid_server_sreg_*' before returning sreg values, * where '*' is the name of the sreg attribute. */ function openid_server_sreg_from_profile($field) { $user = nxt_get_current_user(); $value = ''; switch ($field) { case 'nickname': $value = get_user_meta($user->ID, 'nickname', true); break; case 'email': $value = $user->user_email; break; case 'fullname': $value = get_user_meta($user->ID, 'display_name', true); break; } $value = apply_filters('openid_server_sreg_' . $field, $value, $user->ID); return $value; }
} set_theme_mod('nav_menu_locations', array_map('absint', $_POST['menu-locations'])); die('1'); break; case 'meta-box-order': check_ajax_referer('meta-box-order'); $order = isset($_POST['order']) ? (array) $_POST['order'] : false; $page_columns = isset($_POST['page_columns']) ? $_POST['page_columns'] : 'auto'; if ($page_columns != 'auto') { $page_columns = (int) $page_columns; } $page = isset($_POST['page']) ? $_POST['page'] : ''; if ($page != sanitize_key($page)) { die('0'); } if (!($user = nxt_get_current_user())) { die('-1'); } if ($order) { update_user_option($user->ID, "meta-box-order_{$page}", $order, true); } if ($page_columns) { update_user_option($user->ID, "screen_layout_{$page}", $page_columns, true); } die('1'); break; case 'get-permalink': check_ajax_referer('getpermalink', 'getpermalinknonce'); $post_id = isset($_POST['post_id']) ? intval($_POST['post_id']) : 0; die(add_query_arg(array('preview' => 'true'), get_permalink($post_id))); break;
/** * Add the "My Account" submenu items. * * @since 3.1.0 */ function nxt_admin_bar_my_account_menu($nxt_admin_bar) { $user_id = get_current_user_id(); $current_user = nxt_get_current_user(); $profile_url = get_edit_profile_url($user_id); if (!$user_id) { return; } $nxt_admin_bar->add_group(array('parent' => 'my-account', 'id' => 'user-actions')); $user_info = get_avatar($user_id, 64); $user_info .= "<span class='display-name'>{$current_user->display_name}</span>"; if ($current_user->display_name !== $current_user->user_nicename) { $user_info .= "<span class='username'>{$current_user->user_nicename}</span>"; } $nxt_admin_bar->add_menu(array('parent' => 'user-actions', 'id' => 'user-info', 'title' => $user_info, 'href' => $profile_url, 'meta' => array('tabindex' => -1))); $nxt_admin_bar->add_menu(array('parent' => 'user-actions', 'id' => 'edit-profile', 'title' => __('Edit My Profile'), 'href' => $profile_url)); $nxt_admin_bar->add_menu(array('parent' => 'user-actions', 'id' => 'logout', 'title' => __('Log Out'), 'href' => nxt_logout_url())); }
/** * Delete the user settings of the current user. * * @package NXTClass * @subpackage Option * @since 2.7.0 */ function delete_all_user_settings() { if (!($user = nxt_get_current_user())) { return; } update_user_option($user->ID, 'user-settings', '', false); setcookie('nxt-settings-' . $user->ID, ' ', time() - 31536000, SITECOOKIEPATH); }
jfb_debug_checkpoint('start'); //If present, include the Premium addon @(include_once realpath(dirname(__FILE__)) . "/../nxt-FB-AutoConnect-Premium.php"); if (!defined('JFB_PREMIUM')) { @(include_once "Premium.php"); } //Start logging $browser = jfb_get_browser(); $jfb_log = "Starting login process (Client: " . $_SERVER['REMOTE_ADDR'] . ", Version: {$jfb_version}, Browser: " . $browser['shortname'] . " " . $browser['version'] . " for " . $browser['platform'] . ")\n"; //Run one hook before ANYTHING happens. do_action('nxtfb_prelogin'); //Check the nonce to make sure this was a valid login attempt (unless the user has disabled nonce checking) if (!get_option($opt_jfb_disablenonce)) { if (nxt_verify_nonce($_REQUEST[$jfb_nonce_name], $jfb_nonce_name) != 1) { //If there's already a user logged in, tell the user and give them a link back to where they were. $currUser = nxt_get_current_user(); if ($currUser->ID) { $msg = "User \"{$currUser->user_login}\" has already logged in via another browser session.\n"; $jfb_log .= $msg; j_mail("FB Double-Login: "******" -> " . get_bloginfo('name')); die($msg . "<br /><br /><a href=\"" . $_POST['redirectTo'] . "\">Continue</a>"); } //If the nonce failed for some other reason, report the error. $jfb_log .= "nxt: nonce check failed (expected '" . nxt_create_nonce($jfb_nonce_name) . "', received '" . $_REQUEST['_nxtnonce'] . "')\n" . " Original Components) " . get_option($opt_jfb_generated_nonce) . "\n" . " Current Components) " . jfb_debug_nonce_components() . "\n"; if (function_exists('get_plugins')) { $plugins = get_plugins(); $jfb_log .= " Active Plugins:\n"; foreach ($plugins as $plugin) { $jfb_log .= " " . $plugin['Name'] . ' ' . $plugin['Version'] . "\n"; } }
function get_userdata_by_various($id_or_name = null) { if ($id_or_name === null) { $user = nxt_get_current_user(); if ($user == null) { return false; } return $user->data; } else { if (is_numeric($id_or_name)) { return get_user_by('id', $id_or_name); } else { return get_user_by('login', $id_or_name); } } }