849 | | * @package BuddyPress Core |
850 | | * @param $auth_obj The WP authorization object |
851 | | * @param $username The username of the user logging in. |
852 | | * @uses get_user_by() Get the userdata object for a user based on their username |
853 | | * @uses bp_core_redirect() Safe redirect to a page |
854 | | * @return $auth_obj If the user is not a spammer, return the authorization object |
| 849 | * @param obj $user Either the WP_User object or the WP_Error object |
| 850 | * @return obj If the user is not a spammer, return the WP_User object. Otherwise a new WP_Error object. |
| 851 | * |
| 852 | * @since 1.1.2 |
856 | | function bp_core_boot_spammer( $auth_obj, $username ) { |
857 | | |
858 | | if ( !$user = get_user_by( 'login', $username ) ) |
859 | | return $auth_obj; |
860 | | |
861 | | if ( ( is_multisite() && (int) $user->spam ) || 1 == (int) $user->user_status ) |
| 854 | function bp_core_boot_spammer( $user ) { |
| 855 | // check to see if the $user has already failed logging in, if so return $user as-is |
| 856 | if ( is_wp_error( $user ) || empty( $user ) ) |
| 857 | return $user; |
| 858 | |
| 859 | // the user exists; now do a check to see if the user is a spammer |
| 860 | // if the user is a spammer, stop them in their tracks! |
| 861 | if ( is_a( $user, 'WP_User' ) && ( ( is_multisite() && (int) $user->spam ) || 1 == $user->user_status ) ) |
1274 | | // Stop user accounts logging in that have not been activated (user_status = 2) |
1275 | | function bp_core_signup_disable_inactive( $auth_obj, $username ) { |
1276 | | global $wpdb; |
1277 | | |
1278 | | if ( !$user_id = bp_core_get_userid( $username ) ) |
1279 | | return $auth_obj; |
1280 | | |
1281 | | $user_status = (int) $wpdb->get_var( $wpdb->prepare( "SELECT user_status FROM $wpdb->users WHERE ID = %d", $user_id ) ); |
1282 | | |
1283 | | if ( 2 == $user_status ) |
| 1275 | /** |
| 1276 | * Stop user accounts logging in that have not been activated yet (user_status = 2). |
| 1277 | * |
| 1278 | * Note: This is only applicable for single site WordPress installs. |
| 1279 | * Multisite has their own DB table - 'wp_signups' - dedicated for unactivated users. |
| 1280 | * See {@link wpmu_signup_user()} and {@link wpmu_validate_user_signup()}. |
| 1281 | * |
| 1282 | * @param obj $user Either the WP_User object or the WP_Error object |
| 1283 | * @return obj If the user is not a spammer, return the WP_User object. Otherwise a new WP_Error object. |
| 1284 | * |
| 1285 | * @since 1.2.2 |
| 1286 | */ |
| 1287 | function bp_core_signup_disable_inactive( $user ) { |
| 1288 | // check to see if the $user has already failed logging in, if so return $user as-is |
| 1289 | if ( is_wp_error( $user ) || empty( $user ) ) |
| 1290 | return $user; |
| 1291 | |
| 1292 | // the user exists; now do a check to see if the user has activated their account or not |
| 1293 | // NOTE: this is only applicable for single site WordPress installs! |
| 1294 | // if unactivated, stop the login now! |
| 1295 | if ( is_a( $user, 'WP_User' ) && 2 == $user->user_status ) |