/** * Communicates the sidebars that appeared on the page at the very end of the page, * and at the very end of the wp_footer, * * @since 3.9.0 * @access public * * @global array $wp_registered_sidebars * @global array $wp_registered_widgets */ public function export_preview_data() { global $wp_registered_sidebars, $wp_registered_widgets; $switched_locale = switch_to_locale(get_user_locale()); $l10n = array('widgetTooltip' => __('Shift-click to edit this widget.')); if ($switched_locale) { restore_previous_locale(); } // Prepare Customizer settings to pass to JavaScript. $settings = array('renderedSidebars' => array_fill_keys(array_unique($this->rendered_sidebars), true), 'renderedWidgets' => array_fill_keys(array_keys($this->rendered_widgets), true), 'registeredSidebars' => array_values($wp_registered_sidebars), 'registeredWidgets' => $wp_registered_widgets, 'l10n' => $l10n, 'selectiveRefreshableWidgets' => $this->get_selective_refreshable_widgets()); foreach ($settings['registeredWidgets'] as &$registered_widget) { unset($registered_widget['callback']); // may not be JSON-serializeable } ?> <script type="text/javascript"> var _wpWidgetCustomizerPreviewSettings = <?php echo wp_json_encode($settings); ?> ; </script> <?php }
/** * Exports data in preview after it has finished rendering so that partials can be added at runtime. * * @since 4.5.0 * @access public */ public function export_preview_data() { $partials = array(); foreach ($this->partials() as $partial) { if ($partial->check_capabilities()) { $partials[$partial->id] = $partial->json(); } } $switched_locale = switch_to_locale(get_user_locale()); $l10n = array('shiftClickToEdit' => __('Shift-click to edit this element.'), 'clickEditMenu' => __('Click to edit this menu.'), 'clickEditWidget' => __('Click to edit this widget.'), 'clickEditTitle' => __('Click to edit the site title.'), 'clickEditMisc' => __('Click to edit this element.'), 'badDocumentWrite' => sprintf(__('%s is forbidden'), 'document.write()')); if ($switched_locale) { restore_previous_locale(); } $exports = array('partials' => $partials, 'renderQueryVar' => self::RENDER_QUERY_VAR, 'l10n' => $l10n); // Export data to JS. echo sprintf('<script>var _customizePartialRefreshExports = %s;</script>', wp_json_encode($exports)); }
public function test_restore_previous_locale_restores_wp_locale_global() { global $wp_locale; $expected = array('thousands_sep' => ',', 'decimal_point' => '.'); switch_to_locale('de_DE'); restore_previous_locale(); $this->assertEqualSetsWithIndex($expected, $wp_locale->number_format); }
/** * @ticket 26511 */ public function test_theme_translation_after_switching_locale() { switch_theme('internationalized-theme'); require_once get_stylesheet_directory() . '/functions.php'; switch_to_locale('de_DE'); $expected = i18n_theme_test(); restore_previous_locale(); switch_theme(WP_DEFAULT_THEME); $this->assertSame('Das ist ein Dummy Theme', $expected); }
/** * Update a user in the database. * * It is possible to update a user's password by specifying the 'user_pass' * value in the $userdata parameter array. * * If current user's password is being updated, then the cookies will be * cleared. * * @since 2.0.0 * * @see wp_insert_user() For what fields can be set in $userdata. * * @param mixed $userdata An array of user data or a user object of type stdClass or WP_User. * @return int|WP_Error The updated user's ID or a WP_Error object if the user could not be updated. */ function wp_update_user($userdata) { if ($userdata instanceof stdClass) { $userdata = get_object_vars($userdata); } elseif ($userdata instanceof WP_User) { $userdata = $userdata->to_array(); } $ID = isset($userdata['ID']) ? (int) $userdata['ID'] : 0; if (!$ID) { return new WP_Error('invalid_user_id', __('Invalid user ID.')); } // First, get all of the original fields $user_obj = get_userdata($ID); if (!$user_obj) { return new WP_Error('invalid_user_id', __('Invalid user ID.')); } $user = $user_obj->to_array(); // Add additional custom fields foreach (_get_additional_user_keys($user_obj) as $key) { $user[$key] = get_user_meta($ID, $key, true); } // Escape data pulled from DB. $user = add_magic_quotes($user); if (!empty($userdata['user_pass']) && $userdata['user_pass'] !== $user_obj->user_pass) { // If password is changing, hash it now $plaintext_pass = $userdata['user_pass']; $userdata['user_pass'] = wp_hash_password($userdata['user_pass']); /** * Filters whether to send the password change email. * * @since 4.3.0 * * @see wp_insert_user() For `$user` and `$userdata` fields. * * @param bool $send Whether to send the email. * @param array $user The original user array. * @param array $userdata The updated user array. * */ $send_password_change_email = apply_filters('send_password_change_email', true, $user, $userdata); } if (isset($userdata['user_email']) && $user['user_email'] !== $userdata['user_email']) { /** * Filters whether to send the email change email. * * @since 4.3.0 * * @see wp_insert_user() For `$user` and `$userdata` fields. * * @param bool $send Whether to send the email. * @param array $user The original user array. * @param array $userdata The updated user array. * */ $send_email_change_email = apply_filters('send_email_change_email', true, $user, $userdata); } wp_cache_delete($user['user_email'], 'useremail'); wp_cache_delete($user['user_nicename'], 'userslugs'); // Merge old and new fields with new fields overwriting old ones. $userdata = array_merge($user, $userdata); $user_id = wp_insert_user($userdata); if (!is_wp_error($user_id)) { $blog_name = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); $switched_locale = false; if (!empty($send_password_change_email) || !empty($send_email_change_email)) { $switched_locale = switch_to_locale(get_user_locale($user_id)); } if (!empty($send_password_change_email)) { /* translators: Do not translate USERNAME, ADMIN_EMAIL, EMAIL, SITENAME, SITEURL: those are placeholders. */ $pass_change_text = __('Hi ###USERNAME###, This notice confirms that your password was changed on ###SITENAME###. If you did not change your password, please contact the Site Administrator at ###ADMIN_EMAIL### This email has been sent to ###EMAIL### Regards, All at ###SITENAME### ###SITEURL###'); $pass_change_email = array('to' => $user['user_email'], 'subject' => __('[%s] Notice of Password Change'), 'message' => $pass_change_text, 'headers' => ''); /** * Filters the contents of the email sent when the user's password is changed. * * @since 4.3.0 * * @param array $pass_change_email { * Used to build wp_mail(). * @type string $to The intended recipients. Add emails in a comma separated string. * @type string $subject The subject of the email. * @type string $message The content of the email. * The following strings have a special meaning and will get replaced dynamically: * - ###USERNAME### The current user's username. * - ###ADMIN_EMAIL### The admin email in case this was unexpected. * - ###EMAIL### The old email. * - ###SITENAME### The name of the site. * - ###SITEURL### The URL to the site. * @type string $headers Headers. Add headers in a newline (\r\n) separated string. * } * @param array $user The original user array. * @param array $userdata The updated user array. * */ $pass_change_email = apply_filters('password_change_email', $pass_change_email, $user, $userdata); $pass_change_email['message'] = str_replace('###USERNAME###', $user['user_login'], $pass_change_email['message']); $pass_change_email['message'] = str_replace('###ADMIN_EMAIL###', get_option('admin_email'), $pass_change_email['message']); $pass_change_email['message'] = str_replace('###EMAIL###', $user['user_email'], $pass_change_email['message']); $pass_change_email['message'] = str_replace('###SITENAME###', $blog_name, $pass_change_email['message']); $pass_change_email['message'] = str_replace('###SITEURL###', home_url(), $pass_change_email['message']); wp_mail($pass_change_email['to'], sprintf($pass_change_email['subject'], $blog_name), $pass_change_email['message'], $pass_change_email['headers']); } if (!empty($send_email_change_email)) { /* translators: Do not translate USERNAME, ADMIN_EMAIL, EMAIL, SITENAME, SITEURL: those are placeholders. */ $email_change_text = __('Hi ###USERNAME###, This notice confirms that your email was changed on ###SITENAME###. If you did not change your email, please contact the Site Administrator at ###ADMIN_EMAIL### This email has been sent to ###EMAIL### Regards, All at ###SITENAME### ###SITEURL###'); $email_change_email = array('to' => $user['user_email'], 'subject' => __('[%s] Notice of Email Change'), 'message' => $email_change_text, 'headers' => ''); /** * Filters the contents of the email sent when the user's email is changed. * * @since 4.3.0 * * @param array $email_change_email { * Used to build wp_mail(). * @type string $to The intended recipients. * @type string $subject The subject of the email. * @type string $message The content of the email. * The following strings have a special meaning and will get replaced dynamically: * - ###USERNAME### The current user's username. * - ###ADMIN_EMAIL### The admin email in case this was unexpected. * - ###EMAIL### The old email. * - ###SITENAME### The name of the site. * - ###SITEURL### The URL to the site. * @type string $headers Headers. * } * @param array $user The original user array. * @param array $userdata The updated user array. */ $email_change_email = apply_filters('email_change_email', $email_change_email, $user, $userdata); $email_change_email['message'] = str_replace('###USERNAME###', $user['user_login'], $email_change_email['message']); $email_change_email['message'] = str_replace('###ADMIN_EMAIL###', get_option('admin_email'), $email_change_email['message']); $email_change_email['message'] = str_replace('###EMAIL###', $user['user_email'], $email_change_email['message']); $email_change_email['message'] = str_replace('###SITENAME###', $blog_name, $email_change_email['message']); $email_change_email['message'] = str_replace('###SITEURL###', home_url(), $email_change_email['message']); wp_mail($email_change_email['to'], sprintf($email_change_email['subject'], $blog_name), $email_change_email['message'], $email_change_email['headers']); } if ($switched_locale) { restore_previous_locale(); } } // Update the cookies if the password changed. $current_user = wp_get_current_user(); if ($current_user->ID == $ID) { if (isset($plaintext_pass)) { wp_clear_auth_cookie(); // Here we calculate the expiration length of the current auth cookie and compare it to the default expiration. // If it's greater than this, then we know the user checked 'Remember Me' when they logged in. $logged_in_cookie = wp_parse_auth_cookie('', 'logged_in'); /** This filter is documented in wp-includes/pluggable.php */ $default_cookie_life = apply_filters('auth_cookie_expiration', 2 * DAY_IN_SECONDS, $ID, false); $remember = $logged_in_cookie['expiration'] - time() > $default_cookie_life; wp_set_auth_cookie($ID, $remember); } } return $user_id; }
/** * Print JavaScript settings for preview frame. * * @since 3.4.0 */ public function customize_preview_settings() { $post_values = $this->unsanitized_post_values(array('exclude_changeset' => true)); $setting_validities = $this->validate_setting_values($post_values); $exported_setting_validities = array_map(array($this, 'prepare_setting_validity_for_js'), $setting_validities); // Note that the REQUEST_URI is not passed into home_url() since this breaks subdirectory installs. $self_url = empty($_SERVER['REQUEST_URI']) ? home_url('/') : esc_url_raw(wp_unslash($_SERVER['REQUEST_URI'])); $state_query_params = array('customize_theme', 'customize_changeset_uuid', 'customize_messenger_channel'); $self_url = remove_query_arg($state_query_params, $self_url); $allowed_urls = $this->get_allowed_urls(); $allowed_hosts = array(); foreach ($allowed_urls as $allowed_url) { $parsed = wp_parse_url($allowed_url); if (empty($parsed['host'])) { continue; } $host = $parsed['host']; if (!empty($parsed['port'])) { $host .= ':' . $parsed['port']; } $allowed_hosts[] = $host; } $switched_locale = switch_to_locale(get_user_locale()); $l10n = array('shiftClickToEdit' => __('Shift-click to edit this element.'), 'linkUnpreviewable' => __('This link is not live-previewable.'), 'formUnpreviewable' => __('This form is not live-previewable.')); if ($switched_locale) { restore_previous_locale(); } $settings = array('changeset' => array('uuid' => $this->_changeset_uuid), 'timeouts' => array('selectiveRefresh' => 250, 'keepAliveSend' => 1000), 'theme' => array('stylesheet' => $this->get_stylesheet(), 'active' => $this->is_theme_active()), 'url' => array('self' => $self_url, 'allowed' => array_map('esc_url_raw', $this->get_allowed_urls()), 'allowedHosts' => array_unique($allowed_hosts), 'isCrossDomain' => $this->is_cross_domain()), 'channel' => $this->messenger_channel, 'activePanels' => array(), 'activeSections' => array(), 'activeControls' => array(), 'settingValidities' => $exported_setting_validities, 'nonce' => current_user_can('customize') ? $this->get_nonces() : array(), 'l10n' => $l10n, '_dirty' => array_keys($post_values)); foreach ($this->panels as $panel_id => $panel) { if ($panel->check_capabilities()) { $settings['activePanels'][$panel_id] = $panel->active(); foreach ($panel->sections as $section_id => $section) { if ($section->check_capabilities()) { $settings['activeSections'][$section_id] = $section->active(); } } } } foreach ($this->sections as $id => $section) { if ($section->check_capabilities()) { $settings['activeSections'][$id] = $section->active(); } } foreach ($this->controls as $id => $control) { if ($control->check_capabilities()) { $settings['activeControls'][$id] = $control->active(); } } ?> <script type="text/javascript"> var _wpCustomizeSettings = <?php echo wp_json_encode($settings); ?> ; _wpCustomizeSettings.values = {}; (function( v ) { <?php /* * Serialize settings separately from the initial _wpCustomizeSettings * serialization in order to avoid a peak memory usage spike. * @todo We may not even need to export the values at all since the pane syncs them anyway. */ foreach ($this->settings as $id => $setting) { if ($setting->check_capabilities()) { printf("v[%s] = %s;\n", wp_json_encode($id), wp_json_encode($setting->js_value())); } } ?> })( _wpCustomizeSettings.values ); </script> <?php }
* @param array $role The role of invited user. * @param string $newuser_key The key of the invitation. */ do_action('invite_user', $user_id, $role, $newuser_key); $switched_locale = switch_to_locale(get_user_locale($user_details)); /* translators: 1: Site name, 2: site URL, 3: role, 4: activation URL */ $message = __('Hi, You\'ve been invited to join \'%1$s\' at %2$s with the role of %3$s. Please click the following link to confirm the invite: %4$s'); wp_mail($new_user_email, sprintf(__('[%s] Joining confirmation'), wp_specialchars_decode(get_option('blogname'))), sprintf($message, get_option('blogname'), home_url(), wp_specialchars_decode(translate_user_role($role['name'])), home_url("/newbloguser/{$newuser_key}/"))); if ($switched_locale) { restore_previous_locale(); } $redirect = add_query_arg(array('update' => 'add'), 'user-new.php'); } } wp_redirect($redirect); die; } elseif (isset($_REQUEST['action']) && 'createuser' == $_REQUEST['action']) { check_admin_referer('create-user', '_wpnonce_create-user'); if (!current_user_can('create_users')) { wp_die('<h1>' . __('Cheatin’ uh?') . '</h1>' . '<p>' . __('Sorry, you are not allowed to create users.') . '</p>', 403); } if (!is_multisite()) { $user_id = edit_user(); if (is_wp_error($user_id)) { $add_user_errors = $user_id;
/** * Sends an email when an email address change is requested. * * @since 3.0.0 * * @global WP_Error $errors WP_Error object. * @global wpdb $wpdb WordPress database object. */ function send_confirmation_on_profile_email() { global $errors, $wpdb; $current_user = wp_get_current_user(); if (!is_object($errors)) { $errors = new WP_Error(); } if ($current_user->ID != $_POST['user_id']) { return false; } if ($current_user->user_email != $_POST['email']) { if (!is_email($_POST['email'])) { $errors->add('user_email', __("<strong>ERROR</strong>: The email address isn’t correct."), array('form-field' => 'email')); return; } if ($wpdb->get_var($wpdb->prepare("SELECT user_email FROM {$wpdb->users} WHERE user_email=%s", $_POST['email']))) { $errors->add('user_email', __("<strong>ERROR</strong>: The email address is already used."), array('form-field' => 'email')); delete_user_meta($current_user->ID, '_new_email'); return; } $hash = md5($_POST['email'] . time() . mt_rand()); $new_user_email = array('hash' => $hash, 'newemail' => $_POST['email']); update_user_meta($current_user->ID, '_new_email', $new_user_email); $switched_locale = switch_to_locale(get_user_locale()); /* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */ $email_text = __('Howdy ###USERNAME###, You recently requested to have the email address on your account changed. If this is correct, please click on the following link to change it: ###ADMIN_URL### You can safely ignore and delete this email if you do not want to take this action. This email has been sent to ###EMAIL### Regards, All at ###SITENAME### ###SITEURL###'); /** * Filters the email text sent when a user changes emails. * * The following strings have a special meaning and will get replaced dynamically: * ###USERNAME### The current user's username. * ###ADMIN_URL### The link to click on to confirm the email change. * ###EMAIL### The new email. * ###SITENAME### The name of the site. * ###SITEURL### The URL to the site. * * @since MU * * @param string $email_text Text in the email. * @param string $new_user_email New user email that the current user has changed to. */ $content = apply_filters('new_user_email_content', $email_text, $new_user_email); $content = str_replace('###USERNAME###', $current_user->user_login, $content); $content = str_replace('###ADMIN_URL###', esc_url(self_admin_url('profile.php?newuseremail=' . $hash)), $content); $content = str_replace('###EMAIL###', $_POST['email'], $content); $content = str_replace('###SITENAME###', get_site_option('site_name'), $content); $content = str_replace('###SITEURL###', network_home_url(), $content); wp_mail($_POST['email'], sprintf(__('[%s] New Email Address'), wp_specialchars_decode(get_option('blogname'))), $content); $_POST['email'] = $current_user->user_email; if ($switched_locale) { restore_previous_locale(); } } }
/** * Notify a user that their account activation has been successful. * * Filter {@see 'wpmu_welcome_user_notification'} to disable or bypass. * * Filter {@see 'update_welcome_user_email'} and {@see 'update_welcome_user_subject'} to * modify the content and subject line of the notification email. * * @since MU * * @param int $user_id * @param string $password * @param array $meta Optional. Not used in the default function, but is passed along to hooks for customization. * @return bool */ function wpmu_welcome_user_notification($user_id, $password, $meta = array()) { $current_network = get_network(); /** * Filters whether to bypass the welcome email after user activation. * * Returning false disables the welcome email. * * @since MU * * @param int $user_id User ID. * @param string $password User password. * @param array $meta Signup meta data. */ if (!apply_filters('wpmu_welcome_user_notification', $user_id, $password, $meta)) { return false; } $welcome_email = get_site_option('welcome_user_email'); $user = get_userdata($user_id); $switched_locale = switch_to_locale(get_user_locale($user)); /** * Filters the content of the welcome email after user activation. * * Content should be formatted for transmission via wp_mail(). * * @since MU * * @param string $welcome_email The message body of the account activation success email. * @param int $user_id User ID. * @param string $password User password. * @param array $meta Signup meta data. */ $welcome_email = apply_filters('update_welcome_user_email', $welcome_email, $user_id, $password, $meta); $welcome_email = str_replace('SITE_NAME', $current_network->site_name, $welcome_email); $welcome_email = str_replace('USERNAME', $user->user_login, $welcome_email); $welcome_email = str_replace('PASSWORD', $password, $welcome_email); $welcome_email = str_replace('LOGINLINK', wp_login_url(), $welcome_email); $admin_email = get_site_option('admin_email'); if ($admin_email == '') { $admin_email = 'support@' . $_SERVER['SERVER_NAME']; } $from_name = get_site_option('site_name') == '' ? 'WordPress' : esc_html(get_site_option('site_name')); $message_headers = "From: \"{$from_name}\" <{$admin_email}>\n" . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n"; $message = $welcome_email; if (empty($current_network->site_name)) { $current_network->site_name = 'WordPress'; } /* translators: New user notification email subject. 1: Network name, 2: New user login */ $subject = __('New %1$s User: %2$s'); /** * Filters the subject of the welcome email after user activation. * * @since MU * * @param string $subject Subject of the email. */ $subject = apply_filters('update_welcome_user_subject', sprintf($subject, $current_network->site_name, $user->user_login)); wp_mail($user->user_email, wp_specialchars_decode($subject), $message, $message_headers); if ($switched_locale) { restore_previous_locale(); } return true; }
/** * Email login credentials to a newly-registered user. * * A new user registration notification is also sent to admin email. * * @since 2.0.0 * @since 4.3.0 The `$plaintext_pass` parameter was changed to `$notify`. * @since 4.3.1 The `$plaintext_pass` parameter was deprecated. `$notify` added as a third parameter. * @since 4.6.0 The `$notify` parameter accepts 'user' for sending notification only to the user created. * * @global wpdb $wpdb WordPress database object for queries. * @global PasswordHash $wp_hasher Portable PHP password hashing framework instance. * * @param int $user_id User ID. * @param null $deprecated Not used (argument deprecated). * @param string $notify Optional. Type of notification that should happen. Accepts 'admin' or an empty * string (admin only), 'user', or 'both' (admin and user). Default empty. */ function wp_new_user_notification($user_id, $deprecated = null, $notify = '') { if ($deprecated !== null) { _deprecated_argument(__FUNCTION__, '4.3.1'); } global $wpdb, $wp_hasher; $user = get_userdata($user_id); // The blogname option is escaped with esc_html on the way into the database in sanitize_option // we want to reverse this for the plain text arena of emails. $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); if ('user' !== $notify) { $switched_locale = switch_to_locale(get_locale()); $message = sprintf(__('New user registration on your site %s:'), $blogname) . "\r\n\r\n"; $message .= sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n"; $message .= sprintf(__('Email: %s'), $user->user_email) . "\r\n"; @wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message); if ($switched_locale) { restore_previous_locale(); } } // `$deprecated was pre-4.3 `$plaintext_pass`. An empty `$plaintext_pass` didn't sent a user notification. if ('admin' === $notify || empty($deprecated) && empty($notify)) { return; } // Generate something random for a password reset key. $key = wp_generate_password(20, false); /** This action is documented in wp-login.php */ do_action('retrieve_password_key', $user->user_login, $key); // Now insert the key, hashed, into the DB. if (empty($wp_hasher)) { $wp_hasher = new PasswordHash(8, true); } $hashed = time() . ':' . $wp_hasher->HashPassword($key); $wpdb->update($wpdb->users, array('user_activation_key' => $hashed), array('user_login' => $user->user_login)); $switched_locale = switch_to_locale(get_user_locale($user)); $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n"; $message .= __('To set your password, visit the following address:') . "\r\n\r\n"; $message .= '<' . network_site_url("wp-login.php?action=rp&key={$key}&login="******">\r\n\r\n"; $message .= wp_login_url() . "\r\n"; wp_mail($user->user_email, sprintf(__('[%s] Your username and password info'), $blogname), $message); if ($switched_locale) { restore_previous_locale(); } }