PHP Cross Reference of WordPress Subversion HEAD |
| [ Index ] [ Classes ] [ Functions ] [ Variables ] [ Constants ] |
[Summary view] [Print] [Text view]
1 <?php 2 3 // Creates a new user from the "Users" form using $_POST information. 4 function add_user() { 5 if ( func_num_args() ) { // The hackiest hack that ever did hack 6 global $current_user, $wp_roles; 7 $user_id = (int) func_get_arg( 0 ); 8 9 if ( isset( $_POST['role'] ) ) { 10 if( $user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap( 'edit_users' ) ) { 11 $user = new WP_User( $user_id ); 12 $user->set_role( $_POST['role'] ); 13 } 14 } 15 } else { 16 add_action( 'user_register', 'add_user' ); // See above 17 return edit_user(); 18 } 19 } 20 21 function edit_user( $user_id = 0 ) { 22 global $current_user, $wp_roles, $wpdb; 23 if ( $user_id != 0 ) { 24 $update = true; 25 $user->ID = (int) $user_id; 26 $userdata = get_userdata( $user_id ); 27 $user->user_login = $wpdb->escape( $userdata->user_login ); 28 } else { 29 $update = false; 30 $user = ''; 31 } 32 33 if ( isset( $_POST['user_login'] )) 34 $user->user_login = wp_specialchars( trim( $_POST['user_login'] )); 35 36 $pass1 = $pass2 = ''; 37 if ( isset( $_POST['pass1'] )) 38 $pass1 = $_POST['pass1']; 39 if ( isset( $_POST['pass2'] )) 40 $pass2 = $_POST['pass2']; 41 42 if ( isset( $_POST['role'] ) && current_user_can( 'edit_users' ) ) { 43 if( $user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap( 'edit_users' )) 44 $user->role = $_POST['role']; 45 } 46 47 if ( isset( $_POST['email'] )) 48 $user->user_email = wp_specialchars( trim( $_POST['email'] )); 49 if ( isset( $_POST['url'] ) ) { 50 $user->user_url = clean_url( trim( $_POST['url'] )); 51 $user->user_url = preg_match('/^(https?|ftps?|mailto|news|irc|gopher|nntp|feed|telnet):/is', $user->user_url) ? $user->user_url : 'http://'.$user->user_url; 52 } 53 if ( isset( $_POST['first_name'] )) 54 $user->first_name = wp_specialchars( trim( $_POST['first_name'] )); 55 if ( isset( $_POST['last_name'] )) 56 $user->last_name = wp_specialchars( trim( $_POST['last_name'] )); 57 if ( isset( $_POST['nickname'] )) 58 $user->nickname = wp_specialchars( trim( $_POST['nickname'] )); 59 if ( isset( $_POST['display_name'] )) 60 $user->display_name = wp_specialchars( trim( $_POST['display_name'] )); 61 if ( isset( $_POST['description'] )) 62 $user->description = trim( $_POST['description'] ); 63 if ( isset( $_POST['jabber'] )) 64 $user->jabber = wp_specialchars( trim( $_POST['jabber'] )); 65 if ( isset( $_POST['aim'] )) 66 $user->aim = wp_specialchars( trim( $_POST['aim'] )); 67 if ( isset( $_POST['yim'] )) 68 $user->yim = wp_specialchars( trim( $_POST['yim'] )); 69 if ( !$update ) 70 $user->rich_editing = 'true'; // Default to true for new users. 71 else if ( isset( $_POST['rich_editing'] ) ) 72 $user->rich_editing = $_POST['rich_editing']; 73 else 74 $user->rich_editing = 'false'; 75 76 $errors = new WP_Error(); 77 78 /* checking that username has been typed */ 79 if ( $user->user_login == '' ) 80 $errors->add( 'user_login', __( '<strong>ERROR</strong>: Please enter a username.' )); 81 82 /* checking the password has been typed twice */ 83 do_action_ref_array( 'check_passwords', array ( $user->user_login, & $pass1, & $pass2 )); 84 85 if ( $update ) { 86 if ( empty($pass1) && !empty($pass2) ) 87 $errors->add( 'pass', __( '<strong>ERROR</strong>: You entered your new password only once.' ), array( 'form-field' => 'pass1' ) ); 88 elseif ( !empty($pass1) && empty($pass2) ) 89 $errors->add( 'pass', __( '<strong>ERROR</strong>: You entered your new password only once.' ), array( 'form-field' => 'pass2' ) ); 90 } else { 91 if ( empty($pass1) ) 92 $errors->add( 'pass', __( '<strong>ERROR</strong>: Please enter your password.' ), array( 'form-field' => 'pass1' ) ); 93 elseif ( empty($pass2) ) 94 $errors->add( 'pass', __( '<strong>ERROR</strong>: Please enter your password twice.' ), array( 'form-field' => 'pass2' ) ); 95 } 96 97 /* Check for "\" in password */ 98 if( strpos( " ".$pass1, "\\" ) ) 99 $errors->add( 'pass', __( '<strong>ERROR</strong>: Passwords may not contain the character "\\".' ), array( 'form-field' => 'pass1' ) ); 100 101 /* checking the password has been typed twice the same */ 102 if ( $pass1 != $pass2 ) 103 $errors->add( 'pass', __( '<strong>ERROR</strong>: Please enter the same password in the two password fields.' ), array( 'form-field' => 'pass1' ) ); 104 105 if (!empty ( $pass1 )) 106 $user->user_pass = $pass1; 107 108 if ( !$update && !validate_username( $user->user_login ) ) 109 $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid. Please enter a valid username.' )); 110 111 if (!$update && username_exists( $user->user_login )) 112 $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' )); 113 114 /* checking e-mail address */ 115 if ( empty ( $user->user_email ) ) { 116 $errors->add( 'user_email', __( '<strong>ERROR</strong>: Please enter an e-mail address.' ), array( 'form-field' => 'email' ) ); 117 } else 118 if (!is_email( $user->user_email ) ) { 119 $errors->add( 'user_email', __( "<strong>ERROR</strong>: The e-mail address isn't correct." ), array( 'form-field' => 'email' ) ); 120 } 121 122 if ( $errors->get_error_codes() ) 123 return $errors; 124 125 if ( $update ) { 126 $user_id = wp_update_user( get_object_vars( $user )); 127 } else { 128 $user_id = wp_insert_user( get_object_vars( $user )); 129 wp_new_user_notification( $user_id ); 130 } 131 return $user_id; 132 } 133 134 function get_author_user_ids() { 135 global $wpdb; 136 $level_key = $wpdb->prefix . 'user_level'; 137 138 $query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key' AND meta_value != '0'"; 139 140 return $wpdb->get_col( $query ); 141 } 142 143 function get_editable_authors( $user_id ) { 144 global $wpdb; 145 146 $editable = get_editable_user_ids( $user_id ); 147 148 if( !$editable ) { 149 return false; 150 } else { 151 $editable = join(',', $editable); 152 $authors = $wpdb->get_results( "SELECT * FROM $wpdb->users WHERE ID IN ($editable) ORDER BY display_name" ); 153 } 154 155 return apply_filters('get_editable_authors', $authors); 156 } 157 158 function get_editable_user_ids( $user_id, $exclude_zeros = true ) { 159 global $wpdb; 160 161 $user = new WP_User( $user_id ); 162 163 if ( ! $user->has_cap('edit_others_posts') ) { 164 if ( $user->has_cap('edit_posts') || $exclude_zeros == false ) 165 return array($user->id); 166 else 167 return false; 168 } 169 170 $level_key = $wpdb->prefix . 'user_level'; 171 172 $query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key'"; 173 if ( $exclude_zeros ) 174 $query .= " AND meta_value != '0'"; 175 176 return $wpdb->get_col( $query ); 177 } 178 179 function get_nonauthor_user_ids() { 180 global $wpdb; 181 $level_key = $wpdb->prefix . 'user_level'; 182 183 $query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key' AND meta_value = '0'"; 184 185 return $wpdb->get_col( $query ); 186 } 187 188 function get_others_unpublished_posts($user_id, $type='any') { 189 global $wpdb; 190 191 $editable = get_editable_user_ids( $user_id ); 192 193 if ( in_array($type, array('draft', 'pending')) ) 194 $type_sql = " post_status = '$type' "; 195 else 196 $type_sql = " ( post_status = 'draft' OR post_status = 'pending' ) "; 197 198 $dir = ( 'pending' == $type ) ? 'ASC' : 'DESC'; 199 200 if( !$editable ) { 201 $other_unpubs = ''; 202 } else { 203 $editable = join(',', $editable); 204 $other_unpubs = $wpdb->get_results("SELECT ID, post_title, post_author FROM $wpdb->posts WHERE post_type = 'post' AND $type_sql AND post_author IN ($editable) AND post_author != '$user_id' ORDER BY post_modified $dir"); 205 } 206 207 return apply_filters('get_others_drafts', $other_unpubs); 208 } 209 210 function get_others_drafts($user_id) { 211 return get_others_unpublished_posts($user_id, 'draft'); 212 } 213 214 function get_others_pending($user_id) { 215 return get_others_unpublished_posts($user_id, 'pending'); 216 } 217 218 function get_user_to_edit( $user_id ) { 219 $user = new WP_User( $user_id ); 220 $user->user_login = attribute_escape($user->user_login); 221 $user->user_email = attribute_escape($user->user_email); 222 $user->user_url = clean_url($user->user_url); 223 $user->first_name = attribute_escape($user->first_name); 224 $user->last_name = attribute_escape($user->last_name); 225 $user->display_name = attribute_escape($user->display_name); 226 $user->nickname = attribute_escape($user->nickname); 227 $user->aim = attribute_escape($user->aim); 228 $user->yim = attribute_escape($user->yim); 229 $user->jabber = attribute_escape($user->jabber); 230 $user->description = wp_specialchars($user->description); 231 232 return $user; 233 } 234 235 function get_users_drafts( $user_id ) { 236 global $wpdb; 237 $user_id = (int) $user_id; 238 $query = "SELECT ID, post_title FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'draft' AND post_author = $user_id ORDER BY post_modified DESC"; 239 $query = apply_filters('get_users_drafts', $query); 240 return $wpdb->get_results( $query ); 241 } 242 243 function wp_delete_user($id, $reassign = 'novalue') { 244 global $wpdb; 245 246 $id = (int) $id; 247 248 if ($reassign == 'novalue') { 249 $post_ids = $wpdb->get_col("SELECT ID FROM $wpdb->posts WHERE post_author = $id"); 250 251 if ($post_ids) { 252 foreach ($post_ids as $post_id) 253 wp_delete_post($post_id); 254 } 255 256 // Clean links 257 $wpdb->query("DELETE FROM $wpdb->links WHERE link_owner = $id"); 258 } else { 259 $reassign = (int) $reassign; 260 $wpdb->query("UPDATE $wpdb->posts SET post_author = {$reassign} WHERE post_author = {$id}"); 261 $wpdb->query("UPDATE $wpdb->links SET link_owner = {$reassign} WHERE link_owner = {$id}"); 262 } 263 264 // FINALLY, delete user 265 do_action('delete_user', $id); 266 267 $wpdb->query("DELETE FROM $wpdb->users WHERE ID = $id"); 268 $wpdb->query("DELETE FROM $wpdb->usermeta WHERE user_id = '$id'"); 269 270 wp_cache_delete($id, 'users'); 271 wp_cache_delete($user->user_login, 'userlogins'); 272 wp_cache_delete($user->user_email, 'useremail'); 273 274 return true; 275 } 276 277 function wp_revoke_user($id) { 278 $id = (int) $id; 279 280 $user = new WP_User($id); 281 $user->remove_all_caps(); 282 } 283 284 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated Thu Dec 6 06:47:08 2007 for RedAlt XRefs | Cross-referenced by PHPXref 0.6 and RedAlt |