Skip to:
Content

BuddyPress.org

Ticket #4676: 4676.03.patch

File 4676.03.patch, 5.0 KB (added by r-a-y, 10 years ago)
  • bp-members/bp-members-functions.php

     
    17071707}
    17081708
    17091709/**
    1710  * Stop user accounts logging in that have not been activated yet (user_status = 2).
     1710 * For unactivated users, display a resend email link on the login page.
    17111711 *
    1712  * Note: This is only applicable for single site WordPress installs.
    1713  * Multisite has their own DB table - 'wp_signups' - dedicated for unactivated users.
    1714  * See {@link wpmu_signup_user()} and {@link wpmu_validate_user_signup()}.
    1715  *
    1716  * @param WP_User|WP_Error $user Either the WP_User object or the WP_Error object
    1717  * @return WP_User|WP_Error If the user is not a spammer, return the WP_User object. Otherwise a new WP_Error object.
     1712 * @param WP_User|WP_Error $user Either the WP_User or the WP_Error object
     1713 * @param string $username The inputted, attempted username.
     1714 * @param string $password The inputted, attempted password.
     1715 * @return WP_User|WP_Error
    17181716 *
    17191717 * @since BuddyPress (1.2.2)
    17201718 */
    1721 function bp_core_signup_disable_inactive( $user ) {
    1722         // check to see if the $user has already failed logging in, if so return $user as-is
    1723         if ( is_wp_error( $user ) || empty( $user ) )
     1719function bp_core_signup_disable_inactive( $user = null, $username = '', $password ='' ) {
     1720        // login form not used
     1721        if( empty( $username ) && empty( $password ) ) {
    17241722                return $user;
     1723        }
    17251724
    1726         // the user exists; now do a check to see if the user has activated their account or not
    1727         // NOTE: this is only applicable for single site WordPress installs!
    1728         // if unactivated, stop the login now!
    1729         if ( is_a( $user, 'WP_User' ) && 2 == $user->user_status )
    1730                 return new WP_Error( 'bp_account_not_activated', __( '<strong>ERROR</strong>: Your account has not been activated. Check your email for the activation link.', 'buddypress' ) );
     1725        // unactivated user - single site (old method)
     1726        // NOTE: this is only applicable for single site WordPress installs that have not defined
     1727        // the BP_SIGNUPS_SKIP_USER_CREATION constant
     1728        if ( is_a( $user, 'WP_User' ) && 2 == $user->user_status ) {
     1729                $user_login = $user->user_login;
    17311730
    1732         // user has activated their account! all clear!
    1733         return $user;
     1731        // potential, unactivated user (new method)
     1732        } elseif ( is_wp_error( $user ) && 'invalid_username' == $user->get_error_code() ) {
     1733                $user_login = $username;
     1734
     1735        // regular user, so stop the rest of this function!
     1736        } else {
     1737                return $user;
     1738        }
     1739
     1740        /**
     1741         * Is this an unactivated user?
     1742         *
     1743         * Since changeset 8119, signups are handled in a similar way on non-multisite
     1744         * and multisite setups. For single sites, if the BP_SIGNUPS_SKIP_USER_CREATION
     1745         * constant is not defiend, the user creation process will still occur for
     1746         * backwards-compatibility reasons (@see bp_core_signup_user()}.
     1747         */
     1748        $signup = BP_Signup::get( array( 'user_login' => sanitize_user( $user_login ) ) );
     1749
     1750        // No signup or more than one, something is wrong let's bail.
     1751        if ( empty( $signup['signups'][0] ) || $signup['total'] > 1 ) {
     1752                return $user;
     1753        }
     1754
     1755        // Unactivated user account found!
     1756        // Set up the feedback message
     1757        $signup_id = $signup['signups'][0]->signup_id;
     1758
     1759        $resend_url_params = array(
     1760                'action' => 'bp-resend-activation',
     1761                'id'     => $signup_id,
     1762        );
     1763
     1764        $resend_url = wp_nonce_url(
     1765                add_query_arg( $resend_url_params, wp_login_url() ),
     1766                'bp-resend-activation'
     1767        );
     1768
     1769        $resend_string = '<br /><br />' .  sprintf( __( 'If you have not received an email yet, <a href="%s">click here to resend it</a>.', 'buddypress' ), $resend_url );
     1770
     1771        return new WP_Error( 'bp_account_not_activated', __( '<strong>ERROR</strong>: Your account has not been activated. Check your email for the activation link.', 'buddypress' ) . $resend_string );
     1772
     1773}
     1774add_filter( 'authenticate', 'bp_core_signup_disable_inactive', 30, 3 );
     1775
     1776/**
     1777 * On the login screen, resends the activation email for a user.
     1778 *
     1779 * @since BuddyPress (2.0.0)
     1780 *
     1781 * @see bp_core_signup_disable_inactive()
     1782 */
     1783function bp_members_login_resend_activation_email() {
     1784        global $error;
     1785
     1786        if ( empty( $_GET['id'] ) || empty( $_GET['_wpnonce'] ) ) {
     1787                return;
     1788        }
     1789
     1790        // verify nonce
     1791        if ( ! wp_verify_nonce( $_GET['_wpnonce'], 'bp-resend-activation' ) ) {
     1792                die( 'Security check' );
     1793        }
     1794
     1795        $signup_id = (int) $_GET['id'];
     1796
     1797        // resend the activation email
     1798        // also updates the 'last sent' and '# of emails sent' values
     1799        $resend = BP_Signup::resend( array( $signup_id ) );
     1800
     1801        // add feedback message
     1802        if ( ! empty( $resend['errors'] ) ) {
     1803                $error = __( '<strong>ERROR</strong>: Your account has already been activated.', 'buddypress' );
     1804        } else {
     1805                $error = __( 'Activation email resent!  Please check your inbox or spam folder.', 'buddypress' );
     1806        }
    17341807}
    1735 add_filter( 'authenticate', 'bp_core_signup_disable_inactive', 30 );
     1808add_action( 'login_form_bp-resend-activation', 'bp_members_login_resend_activation_email' );
    17361809
    17371810/**
    17381811 * Kill the wp-signup.php if custom registration signup templates are present