/**
* Handle the loading of the signup screen.
*/
function bp_core_screen_signup()
{
global $bp;
if (!bp_is_current_component('register') || bp_current_action()) {
return;
}
// Not a directory
bp_update_is_directory(false, 'register');
// If the user is logged in, redirect away from here
if (is_user_logged_in()) {
if (bp_is_component_front_page('register')) {
$redirect_to = trailingslashit(bp_get_root_domain() . '/' . bp_get_members_root_slug());
} else {
$redirect_to = bp_get_root_domain();
}
/**
* Filters the URL to redirect logged in users to when visiting registration page.
*
* @since BuddyPress (1.5.1)
*
* @param string $redirect_to URL to redirect user to.
*/
bp_core_redirect(apply_filters('bp_loggedin_register_page_redirect_to', $redirect_to));
return;
}
$bp->signup->step = 'request-details';
if (!bp_get_signup_allowed()) {
$bp->signup->step = 'registration-disabled';
// If the signup page is submitted, validate and save
} elseif (isset($_POST['signup_submit']) && bp_verify_nonce_request('bp_new_signup')) {
/**
* Fires before the validation of a new signup.
*
* @since BuddyPress (2.0.0)
*/
do_action('bp_signup_pre_validate');
// Check the base account details for problems
$account_details = bp_core_validate_user_signup($_POST['signup_username'], $_POST['signup_email']);
// If there are errors with account details, set them for display
if (!empty($account_details['errors']->errors['user_name'])) {
$bp->signup->errors['signup_username'] = $account_details['errors']->errors['user_name'][0];
}
if (!empty($account_details['errors']->errors['user_email'])) {
$bp->signup->errors['signup_email'] = $account_details['errors']->errors['user_email'][0];
}
// Check that both password fields are filled in
if (empty($_POST['signup_password']) || empty($_POST['signup_password_confirm'])) {
$bp->signup->errors['signup_password'] = __('Please make sure you enter your password twice', 'buddypress');
}
// Check that the passwords match
if (!empty($_POST['signup_password']) && !empty($_POST['signup_password_confirm']) && $_POST['signup_password'] != $_POST['signup_password_confirm']) {
$bp->signup->errors['signup_password'] = __('The passwords you entered do not match.', 'buddypress');
}
$bp->signup->username = $_POST['signup_username'];
$bp->signup->email = $_POST['signup_email'];
// Now we've checked account details, we can check profile information
if (bp_is_active('xprofile')) {
// Make sure hidden field is passed and populated
if (isset($_POST['signup_profile_field_ids']) && !empty($_POST['signup_profile_field_ids'])) {
// Let's compact any profile field info into an array
$profile_field_ids = explode(',', $_POST['signup_profile_field_ids']);
// Loop through the posted fields formatting any datebox values then validate the field
foreach ((array) $profile_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (!empty($_POST['field_' . $field_id . '_day']) && !empty($_POST['field_' . $field_id . '_month']) && !empty($_POST['field_' . $field_id . '_year'])) {
$_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year']));
}
}
// Create errors for required fields without values
if (xprofile_check_is_required_field($field_id) && empty($_POST['field_' . $field_id])) {
$bp->signup->errors['field_' . $field_id] = __('This is a required field', 'buddypress');
}
}
// This situation doesn't naturally occur so bounce to website root
} else {
bp_core_redirect(bp_get_root_domain());
}
}
// Finally, let's check the blog details, if the user wants a blog and blog creation is enabled
if (isset($_POST['signup_with_blog'])) {
$active_signup = $bp->site_options['registration'];
if ('blog' == $active_signup || 'all' == $active_signup) {
$blog_details = bp_core_validate_blog_signup($_POST['signup_blog_url'], $_POST['signup_blog_title']);
// If there are errors with blog details, set them for display
if (!empty($blog_details['errors']->errors['blogname'])) {
$bp->signup->errors['signup_blog_url'] = $blog_details['errors']->errors['blogname'][0];
}
if (!empty($blog_details['errors']->errors['blog_title'])) {
$bp->signup->errors['signup_blog_title'] = $blog_details['errors']->errors['blog_title'][0];
}
}
}
/**
* Fires after the validation of a new signup.
*
* @since BuddyPress (1.1.0)
*/
do_action('bp_signup_validate');
// Add any errors to the action for the field in the template for display.
if (!empty($bp->signup->errors)) {
foreach ((array) $bp->signup->errors as $fieldname => $error_message) {
// addslashes() and stripslashes() to avoid create_function()
// syntax errors when the $error_message contains quotes
/**
* Filters the error message in the loop.
*
* @since BuddyPress (1.5.0)
*
* @param string $value Error message wrapped in html.
*/
add_action('bp_' . $fieldname . '_errors', create_function('', 'echo apply_filters(\'bp_members_signup_error_message\', "<div class=\\"error\\">" . stripslashes( \'' . addslashes($error_message) . '\' ) . "</div>" );'));
}
} else {
$bp->signup->step = 'save-details';
// No errors! Let's register those deets.
$active_signup = !empty($bp->site_options['registration']) ? $bp->site_options['registration'] : '';
if ('none' != $active_signup) {
// Make sure the extended profiles module is enabled
if (bp_is_active('xprofile')) {
// Let's compact any profile field info into usermeta
$profile_field_ids = explode(',', $_POST['signup_profile_field_ids']);
// Loop through the posted fields formatting any datebox values then add to usermeta - @todo This logic should be shared with the same in xprofile_screen_edit_profile()
foreach ((array) $profile_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (!empty($_POST['field_' . $field_id . '_day']) && !empty($_POST['field_' . $field_id . '_month']) && !empty($_POST['field_' . $field_id . '_year'])) {
// Concatenate the values
$date_value = $_POST['field_' . $field_id . '_day'] . ' ' . $_POST['field_' . $field_id . '_month'] . ' ' . $_POST['field_' . $field_id . '_year'];
// Turn the concatenated value into a timestamp
$_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($date_value));
}
}
if (!empty($_POST['field_' . $field_id])) {
$usermeta['field_' . $field_id] = $_POST['field_' . $field_id];
}
if (!empty($_POST['field_' . $field_id . '_visibility'])) {
$usermeta['field_' . $field_id . '_visibility'] = $_POST['field_' . $field_id . '_visibility'];
}
}
// Store the profile field ID's in usermeta
$usermeta['profile_field_ids'] = $_POST['signup_profile_field_ids'];
}
// Hash and store the password
$usermeta['password'] = wp_hash_password($_POST['signup_password']);
// If the user decided to create a blog, save those details to usermeta
if ('blog' == $active_signup || 'all' == $active_signup) {
$usermeta['public'] = isset($_POST['signup_blog_privacy']) && 'public' == $_POST['signup_blog_privacy'] ? true : false;
}
/**
* Filters the user meta used for signup.
*
* @since BuddyPress (1.1.0)
*
* @param array $usermeta Array of user meta to add to signup.
*/
$usermeta = apply_filters('bp_signup_usermeta', $usermeta);
// Finally, sign up the user and/or blog
if (isset($_POST['signup_with_blog']) && is_multisite()) {
$wp_user_id = bp_core_signup_blog($blog_details['domain'], $blog_details['path'], $blog_details['blog_title'], $_POST['signup_username'], $_POST['signup_email'], $usermeta);
} else {
$wp_user_id = bp_core_signup_user($_POST['signup_username'], $_POST['signup_password'], $_POST['signup_email'], $usermeta);
}
if (is_wp_error($wp_user_id)) {
$bp->signup->step = 'request-details';
bp_core_add_message($wp_user_id->get_error_message(), 'error');
} else {
$bp->signup->step = 'completed-confirmation';
}
}
/**
* Fires after the completion of a new signup.
*
* @since BuddyPress (1.1.0)
*/
do_action('bp_complete_signup');
}
}
/**
* Fires right before the loading of the Member registration screen template file.
*
* @since BuddyPress (1.5.0)
*/
do_action('bp_core_screen_signup');
/**
* Filters the template to load for the Member registration page screen.
*
* @since BuddyPress (1.5.0)
*
* @param string $value Path to the Member registration template to load.
*/
bp_core_load_template(apply_filters('bp_core_template_register', array('register', 'registration/register')));
}
function do_subscription_form()
{
global $wp_query, $M_options, $bp;
if (isset($_REQUEST['action'])) {
$page = addslashes($_REQUEST['action']);
}
if (empty($page)) {
$page = 'subscriptionform';
}
$content = '';
switch ($page) {
case 'subscriptionform':
$content = $this->output_subscriptionform();
break;
case 'registeruser':
if (!is_user_logged_in()) {
$content = $this->output_registeruser();
} else {
$content = $this->output_paymentpage();
}
break;
case 'subscriptionsignup':
if (!is_user_logged_in()) {
$content = $this->output_registeruser();
} else {
$content = $this->output_paymentpage();
}
break;
case 'validatepage1':
// Page 1 of the form has been submitted - validate
//include_once(ABSPATH . WPINC . '/registration.php');
$required = array('user_login' => __('Username', 'membership'), 'user_email' => __('Email address', 'membership'), 'password' => __('Password', 'membership'), 'password2' => __('Password confirmation', 'membership'));
$error = new WP_Error();
foreach ($required as $key => $message) {
if (empty($_POST[$key])) {
$error->add($key, __('Please ensure that the ', 'membership') . "<strong>" . $message . "</strong>" . __(' information is completed.', 'membership'));
}
}
if ($_POST['password'] != $_POST['password2']) {
$error->add('passmatch', __('Please ensure the passwords match.', 'membership'));
}
if (!validate_username($_POST['user_login'])) {
$error->add('usernamenotvalid', __('The username is not valid, sorry.', 'membership'));
}
if (username_exists(sanitize_user($_POST['user_login']))) {
$error->add('usernameexists', __('That username is already taken, sorry.', 'membership'));
}
if (!is_email($_POST['user_email'])) {
$error->add('emailnotvalid', __('The email address is not valid, sorry.', 'membership'));
}
if (email_exists($_POST['user_email'])) {
$error->add('emailexists', __('That email address is already taken, sorry.', 'membership'));
}
$error = apply_filters('membership_subscription_form_before_registration_process', $error);
$result = array('user_name' => $_POST['user_login'], 'orig_username' => $_POST['user_login'], 'user_email' => $_POST['user_email'], 'errors' => $error);
$result = apply_filters('wpmu_validate_user_signup', $result);
$error = $result['errors'];
// Hack for now - eeek
$anyerrors = $error->get_error_code();
if (empty($anyerrors)) {
// No errors so far - error reporting check for final add user *note $error should always be an error object becuase we created it as such.
$user_id = wp_create_user(sanitize_user($_POST['user_login']), $_POST['password'], $_POST['user_email']);
if (is_wp_error($user_id) && method_exists($userid, 'get_error_message')) {
$error->add('userid', $user_id->get_error_message());
} else {
$member = new M_Membership($user_id);
if (defined('MEMBERSHIP_DEACTIVATE_USER_ON_REGISTRATION') && MEMBERSHIP_DEACTIVATE_USER_ON_REGISTRATION == true) {
$member->deactivate();
} else {
$creds = array('user_login' => $_POST['user_login'], 'user_password' => $_POST['password'], 'remember' => true);
if (!headers_sent()) {
$is_ssl = isset($_SERVER['https']) && strtolower($_SERVER['https']) == 'on' ? true : false;
$user = @wp_signon($creds, $is_ssl);
if (is_wp_error($user) && method_exists($user, 'get_error_message')) {
$error->add('userlogin', $user->get_error_message());
} else {
// Set the current user up
wp_set_current_user($user_id);
}
} else {
// Set the current user up
wp_set_current_user($user_id);
}
}
if (has_action('membership_susbcription_form_registration_notification')) {
do_action('membership_susbcription_form_registration_notification', $user_id, $_POST['password']);
} else {
wp_new_user_notification($user_id, $_POST['password']);
}
}
do_action('membership_subscription_form_registration_process', $error, $user_id);
} else {
do_action('membership_subscription_form_registration_process', $error, 0);
}
// Hack for now - eeek
$anyerrors = $error->get_error_code();
if (!empty($anyerrors)) {
// we have an error - output
// Show the page again so that it can display the errors
$content = $this->output_registeruser($error);
} else {
$content = $this->output_paymentpage($user_id);
}
break;
case 'validatepage1bp':
global $bp;
//include_once(ABSPATH . WPINC . '/registration.php');
$required = array('signup_username' => __('Username', 'membership'), 'signup_email' => __('Email address', 'membership'), 'signup_password' => __('Password', 'membership'), 'signup_password_confirm' => __('Password confirmation', 'membership'));
$error = new WP_Error();
foreach ($required as $key => $message) {
if (empty($_POST[$key])) {
$error->add($key, __('Please ensure that the ', 'membership') . "<strong>" . $message . "</strong>" . __(' information is completed.', 'membership'));
}
}
if ($_POST['signup_password'] != $_POST['signup_password_confirm']) {
$error->add('passmatch', __('Please ensure the passwords match.', 'membership'));
}
if (!validate_username($_POST['signup_username'])) {
$error->add('usernamenotvalid', __('The username is not valid, sorry.', 'membership'));
}
if (username_exists(sanitize_user($_POST['signup_username']))) {
$error->add('usernameexists', __('That username is already taken, sorry.', 'membership'));
}
if (!is_email($_POST['signup_email'])) {
$error->add('emailnotvalid', __('The email address is not valid, sorry.', 'membership'));
}
if (email_exists($_POST['signup_email'])) {
$error->add('emailexists', __('That email address is already taken, sorry.', 'membership'));
}
// Initial fix provided by user: cmurtagh - modified to add extra checks and rejigged a bit
// Run the buddypress validation
do_action('bp_signup_validate');
// Add any errors to the action for the field in the template for display.
if (!empty($bp->signup->errors)) {
foreach ((array) $bp->signup->errors as $fieldname => $error_message) {
$error->add($fieldname, $error_message);
}
}
$meta_array = array();
// xprofile required fields
/* Now we've checked account details, we can check profile information */
//if ( function_exists( 'xprofile_check_is_required_field' ) ) {
if (function_exists('bp_is_active') && bp_is_active('xprofile')) {
/* Make sure hidden field is passed and populated */
if (isset($_POST['signup_profile_field_ids']) && !empty($_POST['signup_profile_field_ids'])) {
/* Let's compact any profile field info into an array */
$profile_field_ids = explode(',', $_POST['signup_profile_field_ids']);
/* Loop through the posted fields formatting any datebox values then validate the field */
foreach ((array) $profile_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (isset($_POST['field_' . $field_id . '_day'])) {
$_POST['field_' . $field_id] = strtotime($_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year']);
}
}
/* Create errors for required fields without values */
if (xprofile_check_is_required_field($field_id) && empty($_POST['field_' . $field_id])) {
$field = new BP_Xprofile_Field($field_id);
$error->add($field->name, __('Please ensure that the ', 'membership') . "<strong>" . $field->name . "</strong>" . __(' information is completed.', 'membership'));
}
$meta_array[$field_id] = $_POST['field_' . $field_id];
}
}
}
$error = apply_filters('membership_subscription_form_before_registration_process', $error);
// Hack for now - eeek
$anyerrors = $error->get_error_code();
if (empty($anyerrors)) {
// No errors so far - error reporting check for final add user *note $error should always be an error object becuase we created it as such.
$user_id = wp_create_user(sanitize_user($_POST['signup_username']), $_POST['signup_password'], $_POST['signup_email']);
if (is_wp_error($user_id) && method_exists($userid, 'get_error_message')) {
$error->add('userid', $user_id->get_error_message());
} else {
$member = new M_Membership($user_id);
if (defined('MEMBERSHIP_DEACTIVATE_USER_ON_REGISTRATION') && MEMBERSHIP_DEACTIVATE_USER_ON_REGISTRATION == true) {
$member->deactivate();
} else {
$creds = array('user_login' => $_POST['signup_username'], 'user_password' => $_POST['signup_password'], 'remember' => true);
if (!headers_sent()) {
$is_ssl = isset($_SERVER['https']) && strtolower($_SERVER['https']) == 'on' ? true : false;
$user = @wp_signon($creds, $is_ssl);
if (is_wp_error($user) && method_exists($user, 'get_error_message')) {
$error->add('userlogin', $user->get_error_message());
} else {
// Set the current user up
wp_set_current_user($user_id);
}
} else {
// Set the current user up
wp_set_current_user($user_id);
}
}
if (has_action('membership_susbcription_form_registration_notification')) {
do_action('membership_susbcription_form_registration_notification', $user_id, $_POST['signup_password']);
} else {
wp_new_user_notification($user_id, $_POST['signup_password']);
}
// Add the bp filter for usermeta signup
$meta_array = apply_filters('bp_signup_usermeta', $meta_array);
foreach ((array) $meta_array as $field_id => $field_content) {
if (function_exists('xprofile_set_field_data')) {
xprofile_set_field_data($field_id, $user_id, $field_content);
}
}
}
do_action('membership_subscription_form_registration_process', $error, $user_id);
} else {
do_action('membership_subscription_form_registration_process', $error, 0);
}
// Hack for now - eeek
$anyerrors = $error->get_error_code();
if (!empty($anyerrors)) {
// Show the page so that it can display the errors
$content = $this->output_registeruser($error);
} else {
// everything seems fine (so far), so we have our queued user so let's
// run the bp complete signup action
do_action('bp_complete_signup');
// display the payment forms
$content = $this->output_paymentpage($user_id);
}
break;
}
return $content;
}
/**
* Handles the display of the profile edit page by loading the correct template file.
* Also checks to make sure this can only be accessed for the logged in users profile.
*
* @package BuddyPress XProfile
* @uses bp_is_my_profile() Checks to make sure the current user being viewed equals the logged in user
* @uses bp_core_load_template() Looks for and loads a template file within the current member theme (folder/filename)
*/
function xprofile_screen_edit_profile()
{
global $bp;
if (!bp_is_my_profile() && !is_super_admin()) {
return false;
}
// Make sure a group is set.
if (!bp_action_variable(1)) {
bp_core_redirect(bp_displayed_user_domain() . $bp->profile->slug . '/edit/group/1');
}
// Check the field group exists
if (!bp_is_action_variable('group') || !xprofile_get_field_group(bp_action_variable(1))) {
bp_do_404();
return;
}
// Check to see if any new information has been submitted
if (isset($_POST['field_ids'])) {
// Check the nonce
check_admin_referer('bp_xprofile_edit');
// Check we have field ID's
if (empty($_POST['field_ids'])) {
bp_core_redirect(trailingslashit($bp->displayed_user->domain . $bp->profile->slug . '/edit/group/' . bp_action_variable(1)));
}
// Explode the posted field IDs into an array so we know which
// fields have been submitted
$posted_field_ids = explode(',', $_POST['field_ids']);
$is_required = array();
// Loop through the posted fields formatting any datebox values
// then validate the field
foreach ((array) $posted_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (!empty($_POST['field_' . $field_id . '_day']) && !empty($_POST['field_' . $field_id . '_month']) && !empty($_POST['field_' . $field_id . '_year'])) {
// Concatenate the values
$date_value = $_POST['field_' . $field_id . '_day'] . ' ' . $_POST['field_' . $field_id . '_month'] . ' ' . $_POST['field_' . $field_id . '_year'];
// Turn the concatenated value into a timestamp
$_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($date_value));
}
}
$is_required[$field_id] = xprofile_check_is_required_field($field_id);
if ($is_required[$field_id] && empty($_POST['field_' . $field_id])) {
$errors = true;
}
}
// There are errors
if (!empty($errors)) {
bp_core_add_message(__('Please make sure you fill in all required fields in this profile field group before saving.', 'buddypress'), 'error');
// No errors
} else {
// Reset the errors var
$errors = false;
// Now we've checked for required fields, lets save the values.
foreach ((array) $posted_field_ids as $field_id) {
// Certain types of fields (checkboxes, multiselects) may come through empty. Save them as an empty array so that they don't get overwritten by the default on the next edit.
if (empty($_POST['field_' . $field_id])) {
$value = array();
} else {
$value = $_POST['field_' . $field_id];
}
if (!xprofile_set_field_data($field_id, $bp->displayed_user->id, $value, $is_required[$field_id])) {
$errors = true;
} else {
do_action('xprofile_profile_field_data_updated', $field_id, $value);
}
}
do_action('xprofile_updated_profile', $bp->displayed_user->id, $posted_field_ids, $errors);
// Set the feedback messages
if ($errors) {
bp_core_add_message(__('There was a problem updating some of your profile information, please try again.', 'buddypress'), 'error');
} else {
bp_core_add_message(__('Changes saved.', 'buddypress'));
}
// Redirect back to the edit screen to display the updates and message
bp_core_redirect(trailingslashit(bp_displayed_user_domain() . $bp->profile->slug . '/edit/group/' . bp_action_variable(1)));
}
}
do_action('xprofile_screen_edit_profile');
bp_core_load_template(apply_filters('xprofile_template_edit_profile', 'members/single/home'));
}
/**
* Handles the display of the profile edit page by loading the correct template file.
* Also checks to make sure this can only be accessed for the logged in users profile.
*
* @package BuddyPress XProfile
* @uses bp_is_my_profile() Checks to make sure the current user being viewed equals the logged in user
* @uses bp_core_load_template() Looks for and loads a template file within the current member theme (folder/filename)
*/
function xprofile_screen_edit_profile()
{
if (!bp_is_my_profile() && !bp_current_user_can('bp_moderate')) {
return false;
}
$bp = buddypress();
// Make sure a group is set.
if (!bp_action_variable(1)) {
bp_core_redirect(trailingslashit(bp_displayed_user_domain() . $bp->profile->slug . '/edit/group/1'));
}
// Check the field group exists
if (!bp_is_action_variable('group') || !xprofile_get_field_group(bp_action_variable(1))) {
bp_do_404();
return;
}
// No errors
$errors = false;
// Check to see if any new information has been submitted
if (isset($_POST['field_ids'])) {
// Check the nonce
check_admin_referer('bp_xprofile_edit');
// Check we have field ID's
if (empty($_POST['field_ids'])) {
bp_core_redirect(trailingslashit(bp_displayed_user_domain() . $bp->profile->slug . '/edit/group/' . bp_action_variable(1)));
}
// Explode the posted field IDs into an array so we know which
// fields have been submitted
$posted_field_ids = wp_parse_id_list($_POST['field_ids']);
$is_required = array();
// Loop through the posted fields formatting any datebox values
// then validate the field
foreach ((array) $posted_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (!empty($_POST['field_' . $field_id . '_day']) && !empty($_POST['field_' . $field_id . '_month']) && !empty($_POST['field_' . $field_id . '_year'])) {
// Concatenate the values
$date_value = $_POST['field_' . $field_id . '_day'] . ' ' . $_POST['field_' . $field_id . '_month'] . ' ' . $_POST['field_' . $field_id . '_year'];
// Turn the concatenated value into a timestamp
$_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($date_value));
}
}
$is_required[$field_id] = xprofile_check_is_required_field($field_id);
if ($is_required[$field_id] && empty($_POST['field_' . $field_id])) {
$errors = true;
}
}
// There are errors
if (!empty($errors)) {
bp_core_add_message(__('Please make sure you fill in all required fields in this profile field group before saving.', 'buddypress'), 'error');
// No errors
} else {
// Reset the errors var
$errors = false;
// Now we've checked for required fields, lets save the values.
$old_values = $new_values = array();
foreach ((array) $posted_field_ids as $field_id) {
// Certain types of fields (checkboxes, multiselects) may come through empty. Save them as an empty array so that they don't get overwritten by the default on the next edit.
$value = isset($_POST['field_' . $field_id]) ? $_POST['field_' . $field_id] : '';
$visibility_level = !empty($_POST['field_' . $field_id . '_visibility']) ? $_POST['field_' . $field_id . '_visibility'] : 'public';
// Save the old and new values. They will be
// passed to the filter and used to determine
// whether an activity item should be posted
$old_values[$field_id] = array('value' => xprofile_get_field_data($field_id, bp_displayed_user_id()), 'visibility' => xprofile_get_field_visibility_level($field_id, bp_displayed_user_id()));
// Update the field data and visibility level
xprofile_set_field_visibility_level($field_id, bp_displayed_user_id(), $visibility_level);
$field_updated = xprofile_set_field_data($field_id, bp_displayed_user_id(), $value, $is_required[$field_id]);
$value = xprofile_get_field_data($field_id, bp_displayed_user_id());
$new_values[$field_id] = array('value' => $value, 'visibility' => xprofile_get_field_visibility_level($field_id, bp_displayed_user_id()));
if (!$field_updated) {
$errors = true;
} else {
/**
* Fires on each iteration of an XProfile field being saved with no error.
*
* @since BuddyPress (1.1.0)
*
* @param int $field_id ID of the field that was saved.
* @param string $value Value that was saved to the field.
*/
do_action('xprofile_profile_field_data_updated', $field_id, $value);
}
}
/**
* Fires after all XProfile fields have been saved for the current profile.
*
* @since BuddyPress (1.0.0)
*
* @param int $value Displayed user ID.
* @param array $posted_field_ids Array of field IDs that were edited.
* @param bool $errors Whether or not any errors occurred.
* @param array $old_values Array of original values before updated.
* @param array $new_values Array of newly saved values after update.
*/
do_action('xprofile_updated_profile', bp_displayed_user_id(), $posted_field_ids, $errors, $old_values, $new_values);
// Set the feedback messages
if (!empty($errors)) {
bp_core_add_message(__('There was a problem updating some of your profile information. Please try again.', 'buddypress'), 'error');
} else {
bp_core_add_message(__('Changes saved.', 'buddypress'));
}
// Redirect back to the edit screen to display the updates and message
bp_core_redirect(trailingslashit(bp_displayed_user_domain() . $bp->profile->slug . '/edit/group/' . bp_action_variable(1)));
}
}
/**
* Fires right before the loading of the XProfile edit screen template file.
*
* @since BuddyPress (1.0.0)
*/
do_action('xprofile_screen_edit_profile');
/**
* Filters the template to load for the XProfile edit screen.
*
* @since BuddyPress (1.0.0)
*
* @param string $template Path to the XProfile edit template to load.
*/
bp_core_load_template(apply_filters('xprofile_template_edit_profile', 'members/single/home'));
}
/**
* Save the profile fields in Members community profile page.
*
* Loaded before the page is rendered, this function is processing form
* requests.
*
* @since 2.0.0
*
* @param string $doaction Action being run.
* @param int $user_id ID for the user whose profile is being saved.
* @param array $request Request being made.
* @param string $redirect_to Where to redirect user to.
*/
public function user_admin_load($doaction = '', $user_id = 0, $request = array(), $redirect_to = '')
{
// Eventually delete avatar.
if ('delete_avatar' === $doaction) {
check_admin_referer('delete_avatar');
$redirect_to = remove_query_arg('_wpnonce', $redirect_to);
if (bp_core_delete_existing_avatar(array('item_id' => $user_id))) {
$redirect_to = add_query_arg('updated', 'avatar', $redirect_to);
} else {
$redirect_to = add_query_arg('error', 'avatar', $redirect_to);
}
bp_core_redirect($redirect_to);
// Update profile fields.
} elseif (isset($_POST['field_ids'])) {
// Check the nonce.
check_admin_referer('edit-bp-profile_' . $user_id);
// Check we have field ID's.
if (empty($_POST['field_ids'])) {
$redirect_to = add_query_arg('error', '1', $redirect_to);
bp_core_redirect($redirect_to);
}
/**
* Unlike front-end edit-fields screens, the wp-admin/profile
* displays all groups of fields on a single page, so the list of
* field ids is an array gathering for each group of fields a
* distinct comma separated list of ids.
*
* As a result, before using the wp_parse_id_list() function, we
* must ensure that these ids are "merged" into a single comma
* separated list.
*/
$merge_ids = join(',', $_POST['field_ids']);
// Explode the posted field IDs into an array so we know which fields have been submitted.
$posted_field_ids = wp_parse_id_list($merge_ids);
$is_required = array();
// Loop through the posted fields formatting any datebox values then validate the field.
foreach ((array) $posted_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (!empty($_POST['field_' . $field_id . '_day']) && !empty($_POST['field_' . $field_id . '_month']) && !empty($_POST['field_' . $field_id . '_year'])) {
// Concatenate the values.
$date_value = $_POST['field_' . $field_id . '_day'] . ' ' . $_POST['field_' . $field_id . '_month'] . ' ' . $_POST['field_' . $field_id . '_year'];
// Turn the concatenated value into a timestamp.
$_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($date_value));
}
}
$is_required[$field_id] = xprofile_check_is_required_field($field_id) && !bp_current_user_can('bp_moderate');
if ($is_required[$field_id] && empty($_POST['field_' . $field_id])) {
$redirect_to = add_query_arg('error', '2', $redirect_to);
bp_core_redirect($redirect_to);
}
}
// Set the errors var.
$errors = false;
// Now we've checked for required fields, let's save the values.
foreach ((array) $posted_field_ids as $field_id) {
// Certain types of fields (checkboxes, multiselects) may come
// through empty. Save them as an empty array so that they don't
// get overwritten by the default on the next edit.
$value = isset($_POST['field_' . $field_id]) ? $_POST['field_' . $field_id] : '';
if (!xprofile_set_field_data($field_id, $user_id, $value, $is_required[$field_id])) {
$errors = true;
} else {
/**
* Fires after the saving of each profile field, if successful.
*
* @since 1.1.0
*
* @param int $field_id ID of the field being updated.
* @param string $value Value that was saved to the field.
*/
do_action('xprofile_profile_field_data_updated', $field_id, $value);
}
// Save the visibility level.
$visibility_level = !empty($_POST['field_' . $field_id . '_visibility']) ? $_POST['field_' . $field_id . '_visibility'] : 'public';
xprofile_set_field_visibility_level($field_id, $user_id, $visibility_level);
}
/**
* Fires after all of the profile fields have been saved.
*
* @since 1.0.0
*
* @param int $user_id ID of the user whose data is being saved.
* @param array $posted_field_ids IDs of the fields that were submitted.
* @param bool $errors Whether or not errors occurred during saving.
*/
do_action('xprofile_updated_profile', $user_id, $posted_field_ids, $errors);
// Set the feedback messages.
if (!empty($errors)) {
$redirect_to = add_query_arg('error', '3', $redirect_to);
} else {
$redirect_to = add_query_arg('updated', '1', $redirect_to);
}
bp_core_redirect($redirect_to);
}
}
/* Check for required BuddyPress fields. */
if ($bp_field_ids && $xprofile_active) {
/* Index required fields */
$is_required = array();
/* Check for required fields */
foreach ((array) $bp_field_ids as $field_id) {
/* Special case for date fields. */
if (!isset($_POST['field_' . $field_id])) {
if (!empty($_POST['field_' . $field_id . '_day']) && !empty($_POST['field_' . $field_id . '_month']) && !empty($_POST['field_' . $field_id . '_year'])) {
$date_value = $_POST['field_' . $field_id . '_day'] . ' ' . $_POST['field_' . $field_id . '_month'] . ' ' . $_POST['field_' . $field_id . '_year'];
/* Merge date fields */
$_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($date_value));
}
}
/* Mark field as required */
$is_required[$field_id] = xprofile_check_is_required_field($field_id);
if ($is_required[$field_id] && empty($_POST['field_' . $field_id])) {
$field = xprofile_get_field($field_id);
$errors->add('field_' . $field_id, sprintf(__('%s is required.', 'membership'), $field->name));
unset($field);
}
}
}
if (!empty($_POST['pass1']) && $_POST['pass1'] != $_POST['pass2']) {
$errors->add('pass1', __('Your password settings do not match', 'membership'));
}
/* Update the user. */
if (!$errors->get_error_code()) {
/* Update user with fields from $_POST and get response. */
$response = edit_user($user_id);
/* If there are no errors and Extended Profiles are active... */
function bp_core_screen_signup()
{
global $bp, $wpdb;
if (!bp_is_current_component('register')) {
return;
}
// Not a directory
bp_update_is_directory(false, 'register');
// If the user is logged in, redirect away from here
if (is_user_logged_in()) {
if (bp_is_component_front_page('register')) {
$redirect_to = bp_get_root_domain() . '/' . bp_get_members_root_slug();
} else {
$redirect_to = bp_get_root_domain();
}
bp_core_redirect(apply_filters('bp_loggedin_register_page_redirect_to', $redirect_to));
return;
}
$bp->signup->step = 'request-details';
if (!bp_get_signup_allowed()) {
$bp->signup->step = 'registration-disabled';
} elseif (isset($_POST['signup_submit'])) {
// Check the nonce
check_admin_referer('bp_new_signup');
// Check the base account details for problems
$account_details = bp_core_validate_user_signup($_POST['signup_username'], $_POST['signup_email']);
// If there are errors with account details, set them for display
if (!empty($account_details['errors']->errors['user_name'])) {
$bp->signup->errors['signup_username'] = $account_details['errors']->errors['user_name'][0];
}
if (!empty($account_details['errors']->errors['user_email'])) {
$bp->signup->errors['signup_email'] = $account_details['errors']->errors['user_email'][0];
}
// Check that both password fields are filled in
if (empty($_POST['signup_password']) || empty($_POST['signup_password_confirm'])) {
$bp->signup->errors['signup_password'] = __('Please make sure you enter your password twice', 'buddypress');
}
// Check that the passwords match
if (!empty($_POST['signup_password']) && !empty($_POST['signup_password_confirm']) && $_POST['signup_password'] != $_POST['signup_password_confirm']) {
$bp->signup->errors['signup_password'] = __('The passwords you entered do not match.', 'buddypress');
}
$bp->signup->username = $_POST['signup_username'];
$bp->signup->email = $_POST['signup_email'];
// Now we've checked account details, we can check profile information
if (bp_is_active('xprofile')) {
// Make sure hidden field is passed and populated
if (isset($_POST['signup_profile_field_ids']) && !empty($_POST['signup_profile_field_ids'])) {
// Let's compact any profile field info into an array
$profile_field_ids = explode(',', $_POST['signup_profile_field_ids']);
// Loop through the posted fields formatting any datebox values then validate the field
foreach ((array) $profile_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (!empty($_POST['field_' . $field_id . '_day']) && !empty($_POST['field_' . $field_id . '_month']) && !empty($_POST['field_' . $field_id . '_year'])) {
$_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year']));
}
}
// Create errors for required fields without values
if (xprofile_check_is_required_field($field_id) && empty($_POST['field_' . $field_id])) {
$bp->signup->errors['field_' . $field_id] = __('This is a required field', 'buddypress');
}
}
// This situation doesn't naturally occur so bounce to website root
} else {
bp_core_redirect(bp_get_root_domain());
}
}
// Finally, let's check the blog details, if the user wants a blog and blog creation is enabled
if (isset($_POST['signup_with_blog'])) {
$active_signup = $bp->site_options['registration'];
if ('blog' == $active_signup || 'all' == $active_signup) {
$blog_details = bp_core_validate_blog_signup($_POST['signup_blog_url'], $_POST['signup_blog_title']);
// If there are errors with blog details, set them for display
if (!empty($blog_details['errors']->errors['blogname'])) {
$bp->signup->errors['signup_blog_url'] = $blog_details['errors']->errors['blogname'][0];
}
if (!empty($blog_details['errors']->errors['blog_title'])) {
$bp->signup->errors['signup_blog_title'] = $blog_details['errors']->errors['blog_title'][0];
}
}
}
do_action('bp_signup_validate');
// Add any errors to the action for the field in the template for display.
if (!empty($bp->signup->errors)) {
foreach ((array) $bp->signup->errors as $fieldname => $error_message) {
add_action('bp_' . $fieldname . '_errors', create_function('', 'echo apply_filters(\'bp_members_signup_error_message\', "<div class=\\"error\\">' . $error_message . '</div>" );'));
}
} else {
$bp->signup->step = 'save-details';
// No errors! Let's register those deets.
$active_signup = !empty($bp->site_options['registration']) ? $bp->site_options['registration'] : '';
if ('none' != $active_signup) {
// Let's compact any profile field info into usermeta
$profile_field_ids = explode(',', $_POST['signup_profile_field_ids']);
// Loop through the posted fields formatting any datebox values then add to usermeta
foreach ((array) $profile_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (isset($_POST['field_' . $field_id . '_day'])) {
$_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year']));
}
}
if (!empty($_POST['field_' . $field_id])) {
$usermeta['field_' . $field_id] = $_POST['field_' . $field_id];
}
}
// Store the profile field ID's in usermeta
$usermeta['profile_field_ids'] = $_POST['signup_profile_field_ids'];
// Hash and store the password
$usermeta['password'] = wp_hash_password($_POST['signup_password']);
// If the user decided to create a blog, save those details to usermeta
if ('blog' == $active_signup || 'all' == $active_signup) {
$usermeta['public'] = isset($_POST['signup_blog_privacy']) && 'public' == $_POST['signup_blog_privacy'] ? true : false;
}
$usermeta = apply_filters('bp_signup_usermeta', $usermeta);
// Finally, sign up the user and/or blog
if (isset($_POST['signup_with_blog']) && is_multisite()) {
bp_core_signup_blog($blog_details['domain'], $blog_details['path'], $blog_details['blog_title'], $_POST['signup_username'], $_POST['signup_email'], $usermeta);
} else {
bp_core_signup_user($_POST['signup_username'], $_POST['signup_password'], $_POST['signup_email'], $usermeta);
}
$bp->signup->step = 'completed-confirmation';
}
do_action('bp_complete_signup');
}
}
do_action('bp_core_screen_signup');
bp_core_load_template(apply_filters('bp_core_template_register', 'registration/register'));
}
/**
* Check the xprofile fields validation
* when using buddypress registration form on signup
*
* @since 1.0.2.5
* @return void
*/
private function _check_xprofile_fields()
{
$bp = buddypress();
// Make sure hidden field is passed and populated.
if (isset($_POST['signup_profile_field_ids']) && !empty($_POST['signup_profile_field_ids'])) {
// Let's compact any profile field info into an array.
$profile_field_ids = explode(',', $_POST['signup_profile_field_ids']);
// Loop through the posted fields formatting any datebox values then validate the field.
foreach ((array) $profile_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (!empty($_POST['field_' . $field_id . '_day']) && !empty($_POST['field_' . $field_id . '_month']) && !empty($_POST['field_' . $field_id . '_year'])) {
$_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year']));
}
}
// Create errors for required fields without values.
if (xprofile_check_is_required_field($field_id) && empty($_POST['field_' . $field_id]) && !bp_current_user_can('bp_moderate')) {
$bp->signup->errors['field_' . $field_id] = __('This is a required field', 'membership2');
}
}
// This situation doesn't naturally occur so bounce to website root.
} else {
bp_core_redirect(bp_get_root_domain());
}
}
/**
* Saves Buddypress profile data.
*
* @uses WP_CRM_Core::wp_crm_save_user_data()
* @param array $data. Request (POST,GET)
* @author peshkov@UD
*/
static function bp_save_profile_data($data)
{
global $bp;
if (empty($data['bp']) || empty($data['user_id'])) {
return;
}
//* Set necessary variables */
$user_id = $data['user_id'];
$user_data = $data['wp_crm']['user_data'];
$data = $data['bp'];
$errors = false;
$posted_field_ids = array();
$is_required = array();
//* Set xprofile full name from display_name */
$display_name = WP_CRM_F::get_first_value($user_data['display_name']);
if (!empty($display_name)) {
$fullname_field_name = bp_xprofile_fullname_field_name();
$fullname_field_id = xprofile_get_field_id_from_name($fullname_field_name);
$data["field_{$fullname_field_id}"] = $display_name;
}
//* Get all posted field ids */
foreach ($data as $name => $value) {
$field_id = str_replace(array('field_', '_day', '_month', '_year'), '', $name);
array_push($posted_field_ids, $field_id);
}
$posted_field_ids = array_unique($posted_field_ids);
//* Validate the field */
foreach ($posted_field_ids as $field_id) {
if (!isset($data['field_' . $field_id])) {
if (!empty($data['field_' . $field_id . '_day']) && !empty($data['field_' . $field_id . '_month']) && !empty($data['field_' . $field_id . '_year'])) {
/* Concatenate the values */
$date_value = $data['field_' . $field_id . '_day'] . ' ' . $data['field_' . $field_id . '_month'] . ' ' . $data['field_' . $field_id . '_year'];
/* Turn the concatenated value into a timestamp */
$data['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($date_value));
}
}
$is_required[$field_id] = xprofile_check_is_required_field($field_id);
if ($is_required[$field_id] && empty($data['field_' . $field_id])) {
$errors = true;
}
}
//** There are errors */
if ($errors) {
WP_CRM_F::add_message(__('Please make sure you fill in all required Buddypress fields in this profile field group before saving.', ud_get_wp_crm()->domain), 'bad');
//** No errors */
} else {
//** Now we've checked for required fields, lets save the values. */
foreach ($posted_field_ids as $field_id) {
//** Certain types of fields (checkboxes, multiselects) may come through empty. */
//** Save them as an empty array so that they don't get overwritten by the default on the next edit. */
if (empty($data['field_' . $field_id])) {
$value = array();
} else {
$value = $data['field_' . $field_id];
}
if (!xprofile_set_field_data($field_id, $user_id, $value, $is_required[$field_id])) {
$errors = true;
} else {
do_action('xprofile_profile_field_data_updated', $field_id, $value);
}
}
//** Set the feedback message if we have error */
if ($errors) {
WP_CRM_F::add_message(__('There was a problem updating some of Buddypress profile information, please try again.', ud_get_wp_crm()->domain), 'bad');
}
}
}
function bp_core_screen_signup() {
global $bp, $wpdb;
if ( $bp->current_component != BP_REGISTER_SLUG )
return false;
/* If the user is logged in, redirect away from here */
if ( is_user_logged_in() )
bp_core_redirect( $bp->root_domain );
/* If signups are disabled, just re-direct */
if ( !bp_get_signup_allowed() )
bp_core_redirect( $bp->root_domain );
$bp->signup->step = 'request-details';
/* If the signup page is submitted, validate and save */
if ( isset( $_POST['signup_submit'] ) ) {
/* Check the nonce */
check_admin_referer( 'bp_new_signup' );
require_once( ABSPATH . WPINC . '/registration.php' );
/* Check the base account details for problems */
$account_details = bp_core_validate_user_signup( $_POST['signup_username'], $_POST['signup_email'] );
/* If there are errors with account details, set them for display */
if ( !empty( $account_details['errors']->errors['user_name'] ) )
$bp->signup->errors['signup_username'] = $account_details['errors']->errors['user_name'][0];
if ( !empty( $account_details['errors']->errors['user_email'] ) )
$bp->signup->errors['signup_email'] = $account_details['errors']->errors['user_email'][0];
/* Check that both password fields are filled in */
if ( empty( $_POST['signup_password'] ) || empty( $_POST['signup_password_confirm'] ) )
$bp->signup->errors['signup_password'] = __( 'Please make sure you enter your password twice', 'buddypress' );
/* Check that the passwords match */
if ( ( !empty( $_POST['signup_password'] ) && !empty( $_POST['signup_password_confirm'] ) ) && $_POST['signup_password'] != $_POST['signup_password_confirm'] )
$bp->signup->errors['signup_password'] = __( 'The passwords you entered do not match.', 'buddypress' );
$bp->signup->username = $_POST['signup_username'];
$bp->signup->email = $_POST['signup_email'];
/* Now we've checked account details, we can check profile information */
if ( function_exists( 'xprofile_check_is_required_field' ) ) {
/* Make sure hidden field is passed and populated */
if ( isset( $_POST['signup_profile_field_ids'] ) && !empty( $_POST['signup_profile_field_ids'] ) ) {
/* Let's compact any profile field info into an array */
$profile_field_ids = explode( ',', $_POST['signup_profile_field_ids'] );
/* Loop through the posted fields formatting any datebox values then validate the field */
foreach ( (array) $profile_field_ids as $field_id ) {
if ( !isset( $_POST['field_' . $field_id] ) ) {
if ( isset( $_POST['field_' . $field_id . '_day'] ) )
$_POST['field_' . $field_id] = strtotime( $_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year'] );
}
/* Create errors for required fields without values */
if ( xprofile_check_is_required_field( $field_id ) && empty( $_POST['field_' . $field_id] ) )
$bp->signup->errors['field_' . $field_id] = __( 'This is a required field', 'buddypress' );
}
/* This situation doesn't naturally occur so bounce to website root */
} else {
bp_core_redirect( $bp->root_domain );
}
}
/* Finally, let's check the blog details, if the user wants a blog and blog creation is enabled */
if ( isset( $_POST['signup_with_blog'] ) ) {
$active_signup = $bp->site_options['registration'];
if ( 'blog' == $active_signup || 'all' == $active_signup ) {
$blog_details = bp_core_validate_blog_signup( $_POST['signup_blog_url'], $_POST['signup_blog_title'] );
/* If there are errors with blog details, set them for display */
if ( !empty( $blog_details['errors']->errors['blogname'] ) )
$bp->signup->errors['signup_blog_url'] = $blog_details['errors']->errors['blogname'][0];
if ( !empty( $blog_details['errors']->errors['blog_title'] ) )
$bp->signup->errors['signup_blog_title'] = $blog_details['errors']->errors['blog_title'][0];
}
}
do_action( 'bp_signup_validate' );
/* Add any errors to the action for the field in the template for display. */
if ( !empty( $bp->signup->errors ) ) {
foreach ( (array)$bp->signup->errors as $fieldname => $error_message )
add_action( 'bp_' . $fieldname . '_errors', create_function( '', 'echo "<div class=\"error\">' . $error_message . '</div>";' ) );
} else {
$bp->signup->step = 'save-details';
/* No errors! Let's register those deets. */
$active_signup = $bp->site_options['registration'];
if ( 'none' != $active_signup ) {
/* Let's compact any profile field info into usermeta */
$profile_field_ids = explode( ',', $_POST['signup_profile_field_ids'] );
/* Loop through the posted fields formatting any datebox values then add to usermeta */
foreach ( (array) $profile_field_ids as $field_id ) {
if ( !isset( $_POST['field_' . $field_id] ) ) {
if ( isset( $_POST['field_' . $field_id . '_day'] ) )
$_POST['field_' . $field_id] = strtotime( $_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year'] );
}
if ( !empty( $_POST['field_' . $field_id] ) )
$usermeta['field_' . $field_id] = $_POST['field_' . $field_id];
}
/* Store the profile field ID's in usermeta */
$usermeta['profile_field_ids'] = $_POST['signup_profile_field_ids'];
/* Hash and store the password */
$usermeta['password'] = wp_hash_password( $_POST['signup_password'] );
/* If the user decided to create a blog, save those details to usermeta */
if ( 'blog' == $active_signup || 'all' == $active_signup ) {
$usermeta['public'] = ( 'public' == $_POST['signup_blog_privacy'] ) ? true : false;
}
$usermeta = apply_filters( 'bp_signup_usermeta', $usermeta );
/* Finally, sign up the user and/or blog */
if ( isset( $_POST['signup_with_blog'] ) && bp_core_is_multisite() )
bp_core_signup_blog( $blog_details['domain'], $blog_details['path'], $blog_details['blog_title'], $_POST['signup_username'], $_POST['signup_email'], $usermeta );
else {
bp_core_signup_user( $_POST['signup_username'], $_POST['signup_password'], $_POST['signup_email'], $usermeta );
}
$bp->signup->step = 'completed-confirmation';
}
do_action( 'bp_complete_signup' );
}
}
$bp->avatar_admin->step = 'upload-image';
/* If user has uploaded a new avatar */
if ( !empty( $_FILES ) ) {
/* Check the nonce */
check_admin_referer( 'bp_avatar_upload' );
$bp->signup->step = 'completed-confirmation';
if ( bp_core_is_multisite() ) {
/* Get the activation key */
if ( !$bp->signup->key = $wpdb->get_var( $wpdb->prepare( "SELECT activation_key FROM {$wpdb->signups} WHERE user_login = %s AND user_email = %s", $_POST[ 'signup_username' ], $_POST[ 'signup_email' ] ) ) ) {
bp_core_add_message( __( 'There was a problem uploading your avatar, please try uploading it again', 'buddypress' ) );
} else {
/* Hash the key to create the upload folder (added security so people don't sniff the activation key) */
$bp->signup->avatar_dir = wp_hash( $bp->signup->key );
}
} else {
$user_id = bp_core_get_userid( $_POST['signup_username'] );
$bp->signup->avatar_dir = wp_hash( $user_id );
}
/* Pass the file to the avatar upload handler */
if ( bp_core_avatar_handle_upload( $_FILES, 'bp_core_signup_avatar_upload_dir' ) ) {
$bp->avatar_admin->step = 'crop-image';
/* Make sure we include the jQuery jCrop file for image cropping */
add_action( 'wp', 'bp_core_add_jquery_cropper' );
}
}
/* If the image cropping is done, crop the image and save a full/thumb version */
if ( isset( $_POST['avatar-crop-submit'] ) ) {
/* Check the nonce */
check_admin_referer( 'bp_avatar_cropstore' );
/* Reset the avatar step so we can show the upload form again if needed */
$bp->signup->step = 'completed-confirmation';
$bp->avatar_admin->step = 'upload-image';
if ( !bp_core_avatar_handle_crop( array( 'original_file' => $_POST['image_src'], 'crop_x' => $_POST['x'], 'crop_y' => $_POST['y'], 'crop_w' => $_POST['w'], 'crop_h' => $_POST['h'] ) ) )
bp_core_add_message( __( 'There was a problem cropping your avatar, please try uploading it again', 'buddypress' ), 'error' );
else
bp_core_add_message( __( 'Your new avatar was uploaded successfully', 'buddypress' ) );
}
bp_core_load_template( 'registration/register' );
}
function bp_ajax_submit_register_form()
{
global $bp;
// Check the nonce
check_admin_referer('bp_new_signup');
// Check the base account details for problems
$account_details = bp_core_validate_user_signup($_POST['signup_username'], $_POST['signup_email']);
// If there are errors with account details, set them for display
if (!empty($account_details['errors']->errors['user_name'])) {
$bp->signup->errors['signup_username'] = $account_details['errors']->errors['user_name'][0];
}
if (!empty($account_details['errors']->errors['user_email'])) {
$bp->signup->errors['signup_email'] = $account_details['errors']->errors['user_email'][0];
}
// Check that both password fields are filled in
if (empty($_POST['signup_password']) || empty($_POST['signup_password_confirm'])) {
$bp->signup->errors['signup_password'] = __('Please make sure you enter your password twice', 'buddypress');
}
// Check that the passwords match
if (!empty($_POST['signup_password']) && !empty($_POST['signup_password_confirm']) && $_POST['signup_password'] != $_POST['signup_password_confirm']) {
$bp->signup->errors['signup_password'] = __('The passwords you entered do not match.', 'buddypress');
}
$bp->signup->username = $_POST['signup_username'];
$bp->signup->email = $_POST['signup_email'];
// Now we've checked account details, we can check profile information
if (bp_is_active('xprofile')) {
// Make sure hidden field is passed and populated
if (isset($_POST['signup_profile_field_ids']) && !empty($_POST['signup_profile_field_ids'])) {
// Let's compact any profile field info into an array
$profile_field_ids = explode(',', $_POST['signup_profile_field_ids']);
// Loop through the posted fields formatting any datebox values then validate the field
foreach ((array) $profile_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (!empty($_POST['field_' . $field_id . '_day']) && !empty($_POST['field_' . $field_id . '_month']) && !empty($_POST['field_' . $field_id . '_year'])) {
$_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year']));
}
}
// Create errors for required fields without values
if (xprofile_check_is_required_field($field_id) && empty($_POST['field_' . $field_id])) {
$bp->signup->errors['field_' . $field_id] = __('This is a required field', 'buddypress');
}
}
// This situation doesn't naturally occur so bounce to website root
} else {
bp_core_redirect(bp_get_root_domain());
}
}
// Finally, let's check the blog details, if the user wants a blog and blog creation is enabled
if (isset($_POST['signup_with_blog'])) {
$active_signup = $bp->site_options['registration'];
if ('blog' == $active_signup || 'all' == $active_signup) {
$blog_details = bp_core_validate_blog_signup($_POST['signup_blog_url'], $_POST['signup_blog_title']);
// If there are errors with blog details, set them for display
if (!empty($blog_details['errors']->errors['blogname'])) {
$bp->signup->errors['signup_blog_url'] = $blog_details['errors']->errors['blogname'][0];
}
if (!empty($blog_details['errors']->errors['blog_title'])) {
$bp->signup->errors['signup_blog_title'] = $blog_details['errors']->errors['blog_title'][0];
}
}
}
do_action('bp_signup_validate');
// Add any errors to the action for the field in the template for display.
if (!empty($bp->signup->errors)) {
$response['status'] = 'error';
$response['errors'] = $bp->signup->errors;
echo json_encode($response);
exit;
/*foreach ( (array) $bp->signup->errors as $fieldname => $error_message ) {
// addslashes() and stripslashes() to avoid create_function()
// syntax errors when the $error_message contains quotes
add_action( 'bp_' . $fieldname . '_errors', create_function( '', 'echo apply_filters(\'bp_members_signup_error_message\', "<div class=\"error\">" . stripslashes( \'' . addslashes( $error_message ) . '\' ) . "</div>" );' ) );
}*/
} else {
$bp->signup->step = 'save-details';
// No errors! Let's register those deets.
$active_signup = !empty($bp->site_options['registration']) ? $bp->site_options['registration'] : '';
if ('none' != $active_signup) {
// Let's compact any profile field info into usermeta
$profile_field_ids = explode(',', $_POST['signup_profile_field_ids']);
// Loop through the posted fields formatting any datebox values then add to usermeta
foreach ((array) $profile_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (isset($_POST['field_' . $field_id . '_day'])) {
$_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year']));
}
}
if (!empty($_POST['field_' . $field_id])) {
$usermeta['field_' . $field_id] = $_POST['field_' . $field_id];
}
}
// Store the profile field ID's in usermeta
$usermeta['profile_field_ids'] = $_POST['signup_profile_field_ids'];
// Hash and store the password
$usermeta['password'] = wp_hash_password($_POST['signup_password']);
// If the user decided to create a blog, save those details to usermeta
if ('blog' == $active_signup || 'all' == $active_signup) {
$usermeta['public'] = isset($_POST['signup_blog_privacy']) && 'public' == $_POST['signup_blog_privacy'] ? true : false;
}
$usermeta = apply_filters('bp_signup_usermeta', $usermeta);
// Finally, sign up the user and/or blog
if (isset($_POST['signup_with_blog']) && is_multisite()) {
$wp_user_id = bp_core_signup_blog($blog_details['domain'], $blog_details['path'], $blog_details['blog_title'], $_POST['signup_username'], $_POST['signup_email'], $usermeta);
} else {
$wp_user_id = bp_core_signup_user($_POST['signup_username'], $_POST['signup_password'], $_POST['signup_email'], $usermeta);
}
if (is_wp_error($wp_user_id)) {
$bp->signup->step = 'request-details';
bp_core_add_message(strip_tags($wp_user_id->get_error_message()), 'error');
$response['status'] = 'user-error';
$response['error-msg'] = strip_tags($wp_user_id->get_error_message());
echo json_encode($response);
exit;
} else {
$bp->signup->step = 'completed-confirmation';
$response['status'] = 'success';
echo json_encode($response);
exit;
}
}
do_action('bp_complete_signup');
}
echo 'form is submitted successfully.';
exit;
}
/**
* Save the profile fields in Members community profile page.
*
* Loaded before the page is rendered, this function is processing form
* requests.
*
* @access public
* @since BuddyPress (2.0.0)
*/
public function user_admin_load($doaction = '', $user_id = 0, $request = array(), $redirect_to = '')
{
// Eventually delete avatar
if ('delete_avatar' == $doaction) {
check_admin_referer('delete_avatar');
$redirect_to = remove_query_arg('_wpnonce', $redirect_to);
if (bp_core_delete_existing_avatar(array('item_id' => $user_id))) {
$redirect_to = add_query_arg('updated', 'avatar', $redirect_to);
} else {
$redirect_to = add_query_arg('error', 'avatar', $redirect_to);
}
bp_core_redirect($redirect_to);
// Update profile fields
} else {
// Check to see if any new information has been submitted
if (isset($_POST['field_ids'])) {
// Check the nonce
check_admin_referer('edit-bp-profile_' . $user_id);
// Check we have field ID's
if (empty($_POST['field_ids'])) {
$redirect_to = add_query_arg('error', '1', $redirect_to);
bp_core_redirect($redirect_to);
}
/**
* Unlike front-end edit-fields screens, the wp-admin/profile displays all
* groups of fields on a single page, so the list of field ids is an array
* gathering for each group of fields a distinct comma separated list of ids.
* As a result, before using the wp_parse_id_list() function, we must ensure
* that these ids are "merged" into a single comma separated list.
*/
$merge_ids = join(',', $_POST['field_ids']);
// Explode the posted field IDs into an array so we know which fields have been submitted
$posted_field_ids = wp_parse_id_list($merge_ids);
$is_required = array();
// Loop through the posted fields formatting any datebox values then validate the field
foreach ((array) $posted_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (!empty($_POST['field_' . $field_id . '_day']) && !empty($_POST['field_' . $field_id . '_month']) && !empty($_POST['field_' . $field_id . '_year'])) {
// Concatenate the values
$date_value = $_POST['field_' . $field_id . '_day'] . ' ' . $_POST['field_' . $field_id . '_month'] . ' ' . $_POST['field_' . $field_id . '_year'];
// Turn the concatenated value into a timestamp
$_POST['field_' . $field_id] = date('Y-m-d H:i:s', strtotime($date_value));
}
}
$is_required[$field_id] = xprofile_check_is_required_field($field_id);
if ($is_required[$field_id] && empty($_POST['field_' . $field_id])) {
$redirect_to = add_query_arg('error', '2', $redirect_to);
bp_core_redirect($redirect_to);
}
}
// Set the errors var
$errors = false;
// Now we've checked for required fields, let's save the values.
foreach ((array) $posted_field_ids as $field_id) {
// Certain types of fields (checkboxes, multiselects) may come through empty. Save them as an empty array so that they don't get overwritten by the default on the next edit.
$value = isset($_POST['field_' . $field_id]) ? $_POST['field_' . $field_id] : '';
if (!xprofile_set_field_data($field_id, $user_id, $value, $is_required[$field_id])) {
$errors = true;
} else {
do_action('xprofile_profile_field_data_updated', $field_id, $value);
}
// Save the visibility level
$visibility_level = !empty($_POST['field_' . $field_id . '_visibility']) ? $_POST['field_' . $field_id . '_visibility'] : 'public';
xprofile_set_field_visibility_level($field_id, $user_id, $visibility_level);
}
do_action('xprofile_updated_profile', $user_id, $posted_field_ids, $errors);
// Set the feedback messages
if (!empty($errors)) {
$redirect_to = add_query_arg('error', '3', $redirect_to);
} else {
$redirect_to = add_query_arg('updated', '1', $redirect_to);
}
bp_core_redirect($redirect_to);
}
}
}
/**
* Save the profile fields in Members community profile page.
*
* Loaded before the page is rendered, this function is processing form
* requests.
*
* @since 2.0.0
*
* @param string $doaction Action being run.
* @param int $user_id ID for the user whose profile is being saved.
* @param array $request Request being made.
* @param string $redirect_to Where to redirect user to.
*/
public function user_admin_load($doaction = '', $user_id = 0, $request = array(), $redirect_to = '')
{
// Eventually delete avatar.
if ('delete_avatar' === $doaction) {
check_admin_referer('delete_avatar');
$redirect_to = remove_query_arg('_wpnonce', $redirect_to);
if (bp_core_delete_existing_avatar(array('item_id' => $user_id))) {
$redirect_to = add_query_arg('updated', 'avatar', $redirect_to);
} else {
$redirect_to = add_query_arg('error', 'avatar', $redirect_to);
}
bp_core_redirect($redirect_to);
} elseif (isset($_POST['field_ids'])) {
// Update profile fields.
// Check the nonce.
check_admin_referer('edit-bp-profile_' . $user_id);
// Check we have field ID's.
if (empty($_POST['field_ids'])) {
$redirect_to = add_query_arg('error', '1', $redirect_to);
bp_core_redirect($redirect_to);
}
/**
* Unlike front-end edit-fields screens, the wp-admin/profile
* displays all groups of fields on a single page, so the list of
* field ids is an array gathering for each group of fields a
* distinct comma separated list of ids.
*
* As a result, before using the wp_parse_id_list() function, we
* must ensure that these ids are "merged" into a single comma
* separated list.
*/
$merge_ids = join(',', $_POST['field_ids']);
// Explode the posted field IDs into an array so we know which fields have been submitted.
$posted_field_ids = wp_parse_id_list($merge_ids);
$is_required = array();
// Loop through the posted fields formatting any datebox values then validate the field.
foreach ((array) $posted_field_ids as $field_id) {
bp_xprofile_maybe_format_datebox_post_data($field_id);
$is_required[$field_id] = xprofile_check_is_required_field($field_id) && !bp_current_user_can('bp_moderate');
if ($is_required[$field_id] && empty($_POST['field_' . $field_id])) {
$redirect_to = add_query_arg('error', '2', $redirect_to);
bp_core_redirect($redirect_to);
}
}
// Set the errors var.
$errors = false;
// Now we've checked for required fields, let's save the values.
$old_values = $new_values = array();
foreach ((array) $posted_field_ids as $field_id) {
/*
* Certain types of fields (checkboxes, multiselects) may come
* through empty. Save them as an empty array so that they don't
* get overwritten by the default on the next edit.
*/
$value = isset($_POST['field_' . $field_id]) ? $_POST['field_' . $field_id] : '';
$visibility_level = !empty($_POST['field_' . $field_id . '_visibility']) ? $_POST['field_' . $field_id . '_visibility'] : 'public';
/*
* Save the old and new values. They will be
* passed to the filter and used to determine
* whether an activity item should be posted.
*/
$old_values[$field_id] = array('value' => xprofile_get_field_data($field_id, $user_id), 'visibility' => xprofile_get_field_visibility_level($field_id, $user_id));
// Update the field data and visibility level.
xprofile_set_field_visibility_level($field_id, $user_id, $visibility_level);
$field_updated = xprofile_set_field_data($field_id, $user_id, $value, $is_required[$field_id]);
$value = xprofile_get_field_data($field_id, $user_id);
$new_values[$field_id] = array('value' => $value, 'visibility' => xprofile_get_field_visibility_level($field_id, $user_id));
if (!$field_updated) {
$errors = true;
} else {
/**
* Fires after the saving of each profile field, if successful.
*
* @since 1.1.0
*
* @param int $field_id ID of the field being updated.
* @param string $value Value that was saved to the field.
*/
do_action('xprofile_profile_field_data_updated', $field_id, $value);
}
}
/**
* Fires after all XProfile fields have been saved for the current profile.
*
* @since 1.0.0
* @since 2.6.0 Added $old_values and $new_values parameters.
*
* @param int $user_id ID for the user whose profile is being saved.
* @param array $posted_field_ids Array of field IDs that were edited.
* @param bool $errors Whether or not any errors occurred.
* @param array $old_values Array of original values before update.
* @param array $new_values Array of newly saved values after update.
*/
do_action('xprofile_updated_profile', $user_id, $posted_field_ids, $errors, $old_values, $new_values);
// Set the feedback messages.
if (!empty($errors)) {
$redirect_to = add_query_arg('error', '3', $redirect_to);
} else {
$redirect_to = add_query_arg('updated', '1', $redirect_to);
}
bp_core_redirect($redirect_to);
}
}
function process_subscription_form()
{
global $M_options, $bp;
$logged_in = is_user_logged_in();
$subscription = isset($_REQUEST['subscription']) ? $_REQUEST['subscription'] : 0;
$page = isset($_REQUEST['action']) ? $_REQUEST['action'] : 'subscriptionform';
switch ($page) {
case 'validatepage1':
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
return;
}
$required = array('user_login' => __('Username', 'membership'), 'user_email' => __('Email address', 'membership'), 'password' => __('Password', 'membership'), 'password2' => __('Password confirmation', 'membership'));
$this->_register_errors = new WP_Error();
foreach ($required as $key => $message) {
if (empty($_POST[$key])) {
$this->_register_errors->add($key, __('Please ensure that the ', 'membership') . "<strong>" . $message . "</strong>" . __(' information is completed.', 'membership'));
}
}
if ($_POST['password'] != $_POST['password2']) {
$this->_register_errors->add('passmatch', __('Please ensure the passwords match.', 'membership'));
}
if (!validate_username($_POST['user_login'])) {
$this->_register_errors->add('usernamenotvalid', __('The username is not valid, sorry.', 'membership'));
}
if (username_exists(sanitize_user($_POST['user_login']))) {
$this->_register_errors->add('usernameexists', __('That username is already taken, sorry.', 'membership'));
}
if (!is_email($_POST['user_email'])) {
$this->_register_errors->add('emailnotvalid', __('The email address is not valid, sorry.', 'membership'));
}
if (email_exists($_POST['user_email'])) {
$this->_register_errors->add('emailexists', __('That email address is already taken, sorry.', 'membership'));
}
$this->_register_errors = apply_filters('membership_subscription_form_before_registration_process', $this->_register_errors);
$result = apply_filters('wpmu_validate_user_signup', array('user_name' => $_POST['user_login'], 'orig_username' => $_POST['user_login'], 'user_email' => $_POST['user_email'], 'errors' => $this->_register_errors));
$this->_register_errors = $result['errors'];
// Hack for now - eeek
$anyerrors = $this->_register_errors->get_error_code();
if (empty($anyerrors)) {
// No errors so far - error reporting check for final add user *note $error should always be an error object becuase we created it as such.
$user_id = wp_create_user(sanitize_user($_POST['user_login']), $_POST['password'], $_POST['user_email']);
if (is_wp_error($user_id)) {
$this->_register_errors->add('userid', $user_id->get_error_message());
} else {
$member = Membership_Plugin::factory()->get_member($user_id);
if (!headers_sent()) {
$user = @wp_signon(array('user_login' => $_POST['user_login'], 'user_password' => $_POST['password'], 'remember' => true));
if (is_wp_error($user) && method_exists($user, 'get_error_message')) {
$this->_register_errors->add('userlogin', $user->get_error_message());
} else {
// Set the current user up
wp_set_current_user($user_id);
}
} else {
// Set the current user up
wp_set_current_user($user_id);
}
if (has_action('membership_susbcription_form_registration_notification')) {
do_action('membership_susbcription_form_registration_notification', $user_id, $_POST['password']);
} else {
wp_new_user_notification($user_id, $_POST['password']);
}
if (!empty($M_options['freeusersubscription'])) {
$level = !empty($M_options['strangerlevel']) ? $M_options['strangerlevel'] : 0;
//free subscription is active - do 'membership_add_subscription' action so pings are triggered, etc
do_action('membership_add_subscription', $M_options['freeusersubscription'], $level, false, $user_id);
}
}
do_action('membership_subscription_form_registration_process', $this->_register_errors, $user_id);
} else {
do_action('membership_subscription_form_registration_process', $this->_register_errors, 0);
}
// Hack for now - eeek
$anyerrors = $this->_register_errors->get_error_code();
if (empty($anyerrors)) {
// redirect to payments page
wp_redirect(esc_url_raw(add_query_arg(array('action' => 'subscriptionsignup', 'subscription' => $subscription))));
exit;
}
break;
case 'validatepage1bp':
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
return;
}
$required = array('signup_username' => __('Username', 'membership'), 'signup_email' => __('Email address', 'membership'), 'signup_password' => __('Password', 'membership'), 'signup_password_confirm' => __('Password confirmation', 'membership'));
$this->_register_errors = new WP_Error();
foreach ($required as $key => $message) {
if (empty($_POST[$key])) {
$this->_register_errors->add($key, __('Please ensure that the ', 'membership') . "<strong>" . $message . "</strong>" . __(' information is completed.', 'membership'));
}
}
if ($_POST['signup_password'] != $_POST['signup_password_confirm']) {
$this->_register_errors->add('passmatch', __('Please ensure the passwords match.', 'membership'));
}
if (!validate_username($_POST['signup_username'])) {
$this->_register_errors->add('usernamenotvalid', __('The username is not valid, sorry.', 'membership'));
}
if (username_exists(sanitize_user($_POST['signup_username']))) {
$this->_register_errors->add('usernameexists', __('That username is already taken, sorry.', 'membership'));
}
if (!is_email($_POST['signup_email'])) {
$this->_register_errors->add('emailnotvalid', __('The email address is not valid, sorry.', 'membership'));
}
if (email_exists($_POST['signup_email'])) {
$this->_register_errors->add('emailexists', __('That email address is already taken, sorry.', 'membership'));
}
// Initial fix provided by user: cmurtagh - modified to add extra checks and rejigged a bit
// Run the buddypress validation
do_action('bp_signup_validate');
// Add any errors to the action for the field in the template for display.
if (!empty($bp->signup->errors)) {
foreach ((array) $bp->signup->errors as $fieldname => $error_message) {
$this->_register_errors->add($fieldname, $error_message);
}
}
$meta_array = array();
// xprofile required fields
/* Now we've checked account details, we can check profile information */
//if ( function_exists( 'xprofile_check_is_required_field' ) ) {
if (function_exists('bp_is_active') && bp_is_active('xprofile')) {
/* Make sure hidden field is passed and populated */
if (isset($_POST['signup_profile_field_ids']) && !empty($_POST['signup_profile_field_ids'])) {
/* Let's compact any profile field info into an array */
$profile_field_ids = explode(',', $_POST['signup_profile_field_ids']);
/* Loop through the posted fields formatting any datebox values then validate the field */
foreach ((array) $profile_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (isset($_POST['field_' . $field_id . '_day'])) {
$_POST['field_' . $field_id] = strtotime($_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year']);
}
}
/* Create errors for required fields without values */
if (xprofile_check_is_required_field($field_id) && empty($_POST['field_' . $field_id])) {
$field = new BP_Xprofile_Field($field_id);
$this->_register_errors->add($field->name, __('Please ensure that the ', 'membership') . "<strong>" . $field->name . "</strong>" . __(' information is completed.', 'membership'));
}
$meta_array[$field_id] = $_POST['field_' . $field_id];
}
}
}
$this->_register_errors = apply_filters('membership_subscription_form_before_registration_process', $this->_register_errors);
// Hack for now - eeek
$anyerrors = $this->_register_errors->get_error_code();
if (empty($anyerrors)) {
// No errors so far - error reporting check for final add user *note $error should always be an error object becuase we created it as such.
$user_id = wp_create_user(sanitize_user($_POST['signup_username']), $_POST['signup_password'], $_POST['signup_email']);
if (is_wp_error($user_id)) {
$this->_register_errors->add('userid', $user_id->get_error_message());
} else {
$member = Membership_Plugin::factory()->get_member($user_id);
if (!headers_sent()) {
$user = @wp_signon(array('user_login' => $_POST['signup_username'], 'user_password' => $_POST['signup_password'], 'remember' => true));
if (is_wp_error($user) && method_exists($user, 'get_error_message')) {
$this->_register_errors->add('userlogin', $user->get_error_message());
} else {
// Set the current user up
wp_set_current_user($user_id);
}
} else {
// Set the current user up
wp_set_current_user($user_id);
}
if (has_action('membership_susbcription_form_registration_notification')) {
do_action('membership_susbcription_form_registration_notification', $user_id, $_POST['signup_password']);
} else {
wp_new_user_notification($user_id, $_POST['signup_password']);
}
if (function_exists('xprofile_set_field_data')) {
// Add the bp filter for usermeta signup
$meta_array = apply_filters('bp_signup_usermeta', $meta_array);
foreach ((array) $meta_array as $field_id => $field_content) {
xprofile_set_field_data($field_id, $user_id, $field_content);
$visibility_level = !empty($_POST['field_' . $field_id . '_visibility']) ? $_POST['field_' . $field_id . '_visibility'] : 'public';
xprofile_set_field_visibility_level($field_id, $user_id, $visibility_level);
}
// Make sure the User Meta is updated with the xprofile name
$data = explode(' ', xprofile_get_field_data('Name', $user_id, 'array'));
$firstname = array_shift($data);
$lastname = implode(' ', $data);
update_user_meta($user_id, 'first_name', $firstname);
update_user_meta($user_id, 'last_name', $lastname);
}
}
do_action('membership_subscription_form_registration_process', $this->_register_errors, $user_id);
// Hack for now - eeek
$anyerrors = $this->_register_errors->get_error_code();
if (empty($anyerrors)) {
// everything seems fine (so far), so we have our queued user so let's
// run the bp complete signup action
do_action('bp_complete_signup');
// redirect to payments page
wp_redirect(esc_url_raw(add_query_arg(array('action' => 'subscriptionsignup', 'subscription' => $subscription))));
exit;
}
} else {
do_action('membership_subscription_form_registration_process', $this->_register_errors, 0);
}
break;
case 'registeruser':
case 'subscriptionsignup':
$to_sub_id = false;
// free subscription processing
if ($logged_in && $subscription) {
$sub = Membership_Plugin::factory()->get_subscription($subscription);
if ($sub->is_free()) {
$to_sub_id = $subscription;
}
}
// coupon processing
$coupon = filter_input(INPUT_POST, 'coupon_code');
$sub_id = filter_input(INPUT_POST, 'coupon_sub_id', FILTER_VALIDATE_INT);
if ($logged_in && $coupon && $sub_id) {
$coupon = new M_Coupon($coupon);
$coupon_obj = $coupon->get_coupon();
//if ( $coupon->valid_coupon() && $coupon_obj->discount >= 100 && $coupon_obj->discount_type == 'pct' ) {
if ($coupon->valid_for_subscription($sub_id) && $coupon_obj->discount >= 100 && $coupon_obj->discount_type == 'pct') {
$to_sub_id = $sub_id;
$coupon->increment_coupon_used();
}
}
if ($to_sub_id) {
$member = Membership_Plugin::factory()->get_member(get_current_user_id());
$from_sub_id = isset($_REQUEST['from_subscription']) ? absint($_REQUEST['from_subscription']) : 0;
if ($from_sub_id) {
$member->drop_subscription($from_sub_id);
}
$member->create_subscription($to_sub_id);
if (isset($M_options['registrationcompleted_page']) && absint($M_options['registrationcompleted_page'])) {
wp_redirect(get_permalink($M_options['registrationcompleted_page']));
exit;
}
}
break;
}
}
/**
* xprofile_screen_edit_profile()
*
* Handles the display of the profile edit page by loading the correct template file.
* Also checks to make sure this can only be accessed for the logged in users profile.
*
* @package BuddyPress Xprofile
* @uses bp_is_my_profile() Checks to make sure the current user being viewed equals the logged in user
* @uses bp_core_load_template() Looks for and loads a template file within the current member theme (folder/filename)
*/
function xprofile_screen_edit_profile() {
global $bp;
if ( !bp_is_my_profile() && !is_super_admin() )
return false;
/* Make sure a group is set. */
if ( empty( $bp->action_variables[1] ) )
bp_core_redirect( $bp->displayed_user->domain . BP_XPROFILE_SLUG . '/edit/group/1' );
/* Check the field group exists */
if ( !xprofile_get_field_group( $bp->action_variables[1] ) )
bp_core_redirect( $bp->root_domain );
/* Check to see if any new information has been submitted */
if ( isset( $_POST['field_ids'] ) ) {
/* Check the nonce */
check_admin_referer( 'bp_xprofile_edit' );
/* Check we have field ID's */
if ( empty( $_POST['field_ids'] ) )
bp_core_redirect( $bp->displayed_user->domain . BP_XPROFILE_SLUG . '/edit/group/' . $bp->action_variables[1] . '/' );
/* Explode the posted field IDs into an array so we know which fields have been submitted */
$posted_field_ids = explode( ',', $_POST['field_ids'] );
$is_required = array();
/* Loop through the posted fields formatting any datebox values then validate the field */
foreach ( (array)$posted_field_ids as $field_id ) {
if ( !isset( $_POST['field_' . $field_id] ) ) {
if ( is_numeric( $_POST['field_' . $field_id . '_day'] ) ) {
/* Concatenate the values. */
$date_value = $_POST['field_' . $field_id . '_day'] . ' ' .
$_POST['field_' . $field_id . '_month'] . ' ' .
$_POST['field_' . $field_id . '_year'];
/* Turn the concatenated value into a timestamp */
$_POST['field_' . $field_id] = strtotime( $date_value );
}
}
$is_required[$field_id] = xprofile_check_is_required_field( $field_id );
if ( $is_required[$field_id] && empty( $_POST['field_' . $field_id] ) )
$errors = true;
}
if ( !empty( $errors ) )
bp_core_add_message( __( 'Please make sure you fill in all required fields in this profile field group before saving.', 'buddypress' ), 'error' );
else {
/* Reset the errors var */
$errors = false;
/* Now we've checked for required fields, lets save the values. */
foreach ( (array)$posted_field_ids as $field_id ) {
if ( !xprofile_set_field_data( $field_id, $bp->displayed_user->id, $_POST['field_' . $field_id], $is_required[$field_id] ) )
$errors = true;
else
do_action( 'xprofile_profile_field_data_updated', $field_id, $_POST['field_' . $field_id] );
}
do_action( 'xprofile_updated_profile', $bp->displayed_user->id, $posted_field_ids, $errors );
/* Set the feedback messages */
if ( $errors )
bp_core_add_message( __( 'There was a problem updating some of your profile information, please try again.', 'buddypress' ), 'error' );
else
bp_core_add_message( __( 'Changes saved.', 'buddypress' ) );
/* Redirect back to the edit screen to display the updates and message */
bp_core_redirect( $bp->displayed_user->domain . BP_XPROFILE_SLUG . '/edit/group/' . $bp->action_variables[1] . '/' );
}
}
do_action( 'xprofile_screen_edit_profile' );
bp_core_load_template( apply_filters( 'xprofile_template_edit_profile', 'members/single/home' ) );
}
function do_subscription_shortcode($atts, $content = null, $code = "")
{
global $nxt_query;
$error = array();
$page = addslashes($_REQUEST['action']);
$M_options = get_option('membership_options', array());
switch ($page) {
case 'validatepage1':
// Page 1 of the form has been submitted - validate
include_once ABSPATH . nxtINC . '/registration.php';
$required = array('user_login' => __('Username', 'membership'), 'user_email' => __('Email address', 'membership'), 'user_email2' => __('Email address confirmation', 'membership'), 'password' => __('Password', 'membership'), 'password2' => __('Password confirmation', 'membership'));
$error = array();
foreach ($required as $key => $message) {
if (empty($_POST[$key])) {
$error[] = __('Please ensure that the ', 'membership') . "<strong>" . $message . "</strong>" . __(' information is completed.', 'membership');
}
}
if ($_POST['user_email'] != $_POST['user_email2']) {
$error[] = __('Please ensure the email addresses match.', 'membership');
}
if ($_POST['password'] != $_POST['password2']) {
$error[] = __('Please ensure the passwords match.', 'membership');
}
if (username_exists(sanitize_user($_POST['user_login']))) {
$error[] = __('That username is already taken, sorry.', 'membership');
}
if (email_exists($_POST['user_email'])) {
$error[] = __('That email address is already taken, sorry.', 'membership');
}
if (function_exists('get_site_option')) {
$terms = get_site_option('signup_tos_data');
} else {
$terms = '';
}
if (!empty($terms)) {
if (empty($_POST['tosagree'])) {
$error[] = __('You need to agree to the terms of service to register.', 'membership');
}
}
$error = apply_filters('membership_subscription_form_before_registration_process', $error);
if (empty($error)) {
// Pre - error reporting check for final add user
$user_id = nxt_create_user(sanitize_user($_POST['user_login']), $_POST['password'], $_POST['user_email']);
if (is_nxt_error($user_id) && method_exists($userid, 'get_error_message')) {
$error[] = $userid->get_error_message();
} else {
$member = new M_Membership($user_id);
if (empty($M_options['enableincompletesignups']) || $M_options['enableincompletesignups'] != 'yes') {
$member->deactivate();
}
if (has_action('membership_susbcription_form_registration_notification')) {
do_action('membership_susbcription_form_registration_notification', $user_id, $_POST['password']);
} else {
nxt_new_user_notification($user_id, $_POST['password']);
}
}
}
do_action('membership_subscription_form_registration_process', $error, $user_id);
if (!empty($error)) {
$content .= "<div class='error'>";
$content .= implode('<br/>', $error);
$content .= "</div>";
$content .= $this->show_subpage_one(true);
} else {
// everything seems fine (so far), so we have our queued user so let's
// look at picking a subscription.
$content .= $this->show_subpage_two($user_id);
}
break;
case 'validatepage1bp':
global $bp;
include_once ABSPATH . nxtINC . '/registration.php';
$required = array('signup_username' => __('Username', 'membership'), 'signup_email' => __('Email address', 'membership'), 'signup_password' => __('Password', 'membership'), 'signup_password_confirm' => __('Password confirmation', 'membership'));
$error = array();
foreach ($required as $key => $message) {
if (empty($_POST[$key])) {
$error[] = __('Please ensure that the ', 'membership') . "<strong>" . $message . "</strong>" . __(' information is completed.', 'membership');
}
}
if ($_POST['signup_password'] != $_POST['signup_password_confirm']) {
$error[] = __('Please ensure the passwords match.', 'membership');
}
if (username_exists(sanitize_user($_POST['signup_username']))) {
$error[] = __('That username is already taken, sorry.', 'membership');
}
if (email_exists($_POST['signup_email'])) {
$error[] = __('That email address is already taken, sorry.', 'membership');
}
$meta_array = array();
// xprofile required fields
/* Now we've checked account details, we can check profile information */
if (function_exists('xprofile_check_is_required_field')) {
/* Make sure hidden field is passed and populated */
if (isset($_POST['signup_profile_field_ids']) && !empty($_POST['signup_profile_field_ids'])) {
/* Let's compact any profile field info into an array */
$profile_field_ids = explode(',', $_POST['signup_profile_field_ids']);
/* Loop through the posted fields formatting any datebox values then validate the field */
foreach ((array) $profile_field_ids as $field_id) {
if (!isset($_POST['field_' . $field_id])) {
if (isset($_POST['field_' . $field_id . '_day'])) {
$_POST['field_' . $field_id] = strtotime($_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year']);
}
}
/* Create errors for required fields without values */
if (xprofile_check_is_required_field($field_id) && empty($_POST['field_' . $field_id])) {
$field = new BP_Xprofile_Field($field_id);
$error[] = __('Please ensure that the ', 'membership') . "<strong>" . $field->name . "</strong>" . __(' information is completed.', 'membership');
}
$meta_array[$field_id] = $_POST['field_' . $field_id];
}
}
}
$error = apply_filters('membership_subscription_form_before_registration_process', $error);
if (empty($error)) {
// Pre - error reporting check for final add user
$user_id = nxt_create_user(sanitize_user($_POST['signup_username']), $_POST['signup_password'], $_POST['signup_email']);
if (is_nxt_error($user_id) && method_exists($userid, 'get_error_message')) {
$error[] = $userid->get_error_message();
} else {
$member = new M_Membership($user_id);
if (empty($M_options['enableincompletesignups']) || $M_options['enableincompletesignups'] != 'yes') {
$member->deactivate();
}
if (has_action('membership_susbcription_form_registration_notification')) {
do_action('membership_susbcription_form_registration_notification', $user_id, $_POST['password']);
} else {
nxt_new_user_notification($user_id, $_POST['signup_password']);
}
foreach ((array) $meta_array as $field_id => $field_content) {
if (function_exists('xprofile_set_field_data')) {
xprofile_set_field_data($field_id, $user_id, $field_content);
}
}
}
}
do_action('membership_subscription_form_registration_process', $error, $user_id);
if (!empty($error)) {
$content .= "<div class='error'>";
$content .= implode('<br/>', $error);
$content .= "</div>";
$content .= $this->show_subpage_one(true);
} else {
// everything seems fine (so far), so we have our queued user so let's
// look at picking a subscription.
$content .= $this->show_subpage_two($user_id);
}
break;
case 'validatepage2':
$content = apply_filters('membership_subscription_form_subscription_process', $content, $error);
break;
case 'page2':
case 'page1':
default:
if (!is_user_logged_in()) {
$content .= $this->show_subpage_one();
} else {
// logged in check for sub
$user = nxt_get_current_user();
$member = new M_Membership($user->ID);
if ($member->is_member()) {
// This person is a member - display already registered stuff
$content .= $this->show_subpage_member();
} else {
// Show page two;
$content .= $this->show_subpage_two($user->ID);
}
}
break;
}
$content = apply_filters('membership_subscription_form', $content);
return $content;
}