Skip to:
Content

BuddyPress.org

Changeset 5829


Ignore:
Timestamp:
02/23/2012 06:18:39 AM (12 years ago)
Author:
johnjamesjacoby
Message:

First pass at adding user capabilities screen and action to settings component:

  • Add capabilities template
  • Unhook core spammer and deleted user actions and move to settings
  • Route admin bar links appropriately to new locations
  • Allow delete-account to be accessed by super admins in place of broken alerts
  • Improve general settings feedback
  • @todo - backpat post mortem
  • See #4038
Location:
trunk
Files:
1 added
9 edited

Legend:

Unmodified
Added
Removed
  • trunk/bp-members/bp-members-actions.php

    r5803 r5829  
    5656    }
    5757}
    58 add_action( 'bp_actions', 'bp_core_action_set_spammer_status' );
     58// Unhooked in BuddyPress (1.6) - moved to settings
     59//add_action( 'bp_actions', 'bp_core_action_set_spammer_status' );
    5960
    6061/**
     
    9192    }
    9293}
    93 add_action( 'bp_actions', 'bp_core_action_delete_user' );
     94// Unhooked in BuddyPress (1.6) - moved to settings
     95//add_action( 'bp_actions', 'bp_core_action_delete_user' );
    9496
    9597/**
  • trunk/bp-members/bp-members-adminbar.php

    r5704 r5829  
    110110
    111111    // User Admin > Spam/unspam
    112     if ( !bp_is_user_spammer( bp_displayed_user_id() ) ) {
    113         $wp_admin_bar->add_menu( array(
    114             'parent' => $bp->user_admin_menu_id,
    115             'id'     => $bp->user_admin_menu_id . '-spam-user',
    116             'title'  => __( 'Mark as Spammer', 'buddypress' ),
    117             'href'   => wp_nonce_url( bp_displayed_user_domain() . 'admin/mark-spammer/', 'mark-unmark-spammer' ),
    118             'meta'   => array( 'onclick' => 'confirm(" ' . __( 'Are you sure you want to mark this user as a spammer?', 'buddypress' ) . '");' )
    119         ) );
    120     } else {
    121         $wp_admin_bar->add_menu( array(
    122             'parent' => $bp->user_admin_menu_id,
    123             'id'     => $bp->user_admin_menu_id . '-unspam-user',
    124             'title'  => __( 'Not a Spammer', 'buddypress' ),
    125             'href'   => wp_nonce_url( bp_displayed_user_domain() . 'admin/unmark-spammer/', 'mark-unmark-spammer' ),
    126             'meta'   => array( 'onclick' => 'confirm(" ' . __( 'Are you sure you want to mark this user as not a spammer?', 'buddypress' ) . '");' )
    127         ) );
    128     }
     112    $wp_admin_bar->add_menu( array(
     113        'parent' => $bp->user_admin_menu_id,
     114        'id'     => $bp->user_admin_menu_id . '-user-capabilities',
     115        'title'  => __( 'User Capabilities', 'buddypress' ),
     116        'href'   => bp_displayed_user_domain() . 'settings/capabilities/'
     117    ) );
    129118
    130119    // User Admin > Delete Account
     
    133122        'id'     => $bp->user_admin_menu_id . '-delete-user',
    134123        'title'  => __( 'Delete Account', 'buddypress' ),
    135         'href'   => wp_nonce_url( bp_displayed_user_domain() . 'admin/delete-user/', 'delete-user' ),
    136         'meta'   => array( 'onclick' => 'confirm(" ' . __( "Are you sure you want to delete this user's account?", 'buddypress' ) . '");' )
     124        'href'   => bp_displayed_user_domain() . 'settings/delete-account/'
    137125    ) );
    138126}
  • trunk/bp-members/bp-members-functions.php

    r5803 r5829  
    489489 * Processes a spammed or unspammed user
    490490 *
    491  * This function is called in two ways:
    492  *  - in bp_core_action_set_spammer_status() (when spamming from the front-end)
    493  *  - by bp_core_mark_user_spam_admin() or bp_core_mark_user_ham_admin() (when spamming from the
    494  *    Dashboard)
    495  *
    496  * @since 1.6
     491 * This function is called in three ways:
     492 *  - in bp_settings_action_capabilities() (from the front-end)
     493 *  - by bp_core_mark_user_spam_admin()    (from wp-admin)
     494 *  - bp_core_mark_user_ham_admin()        (from wp-admin)
     495 *
     496 * @since BuddyPress (1.6)
    497497 *
    498498 * @param int $user_id The user being spammed/hammed
     
    519519    }
    520520
    521     $is_spam = 'spam' == $status;
     521    $is_spam = ( 'spam' == $status );
    522522
    523523    // Only you can prevent infinite loops
    524524    remove_action( 'make_spam_user', 'bp_core_mark_user_spam_admin' );
    525     remove_action( 'make_ham_user', 'bp_core_mark_user_ham_admin' );
     525    remove_action( 'make_ham_user',  'bp_core_mark_user_ham_admin' );
    526526
    527527    // When marking as spam in the Dashboard, these actions are handled by WordPress
    528528    if ( !is_admin() ) {
     529
    529530        // Get the blogs for the user
    530531        $blogs = get_blogs_of_user( $user_id, true );
     
    551552        // Call multisite actions in single site mode for good measure
    552553        if ( !is_multisite() ) {
    553             $wp_action = $is_spam ? 'make_spam_user' : 'make_ham_user';
     554            $wp_action = ( true === $is_spam ) ? 'make_spam_user' : 'make_ham_user';
    554555            do_action( $wp_action, bp_displayed_user_id() );
    555556        }
     
    557558
    558559    // Hide this user's activity
    559     if ( $is_spam && bp_is_active( 'activity' ) ) {
     560    if ( ( true === $is_spam ) && bp_is_active( 'activity' ) ) {
    560561        bp_activity_hide_user_activity( $user_id );
    561562    }
    562563
    563564    // We need a special hook for is_spam so that components can delete data at spam time
    564     $bp_action = $is_spam ? 'bp_make_spam_user' : 'bp_make_ham_user';
     565    $bp_action = ( true === $is_spam ) ? 'bp_make_spam_user' : 'bp_make_ham_user';
    565566    do_action( $bp_action, $user_id );
    566567
     
    574575 * Hook to WP's make_spam_user and run our custom BP spam functions
    575576 *
    576  * @since 1.6
     577 * @since BuddyPress (1.6)
    577578 *
    578579 * @param int $user_id The user id passed from the make_spam_user hook
     
    586587 * Hook to WP's make_ham_user and run our custom BP spam functions
    587588 *
    588  * @since 1.6
     589 * @since BuddyPress (1.6)
    589590 *
    590591 * @param int $user_id The user id passed from the make_ham_user hook
     
    751752 *
    752753 * @package BuddyPress Core
    753  * @global object $bp Global BuddyPress settings object
    754  * @uses bp_current_user_can() Checks to see if the user is a site administrator.
    755754 * @uses wpmu_delete_user() Deletes a user from the system on multisite installs.
    756755 * @uses wp_delete_user() Deletes a user from the system on singlesite installs.
    757756 */
    758757function bp_core_delete_account( $user_id = 0 ) {
    759     global $bp, $wp_version;
    760 
    761     if ( !$user_id )
     758
     759    if ( empty( $user_id ) )
    762760        $user_id = bp_loggedin_user_id();
    763761
    764762    // Make sure account deletion is not disabled
    765     if ( !empty( $bp->site_options['bp-disable-account-deletion'] ) && !bp_current_user_can( 'bp_moderate' ) )
     763    if ( bp_disable_account_deletion() )
    766764        return false;
    767765
     
    772770    // Specifically handle multi-site environment
    773771    if ( is_multisite() ) {
    774         if ( $wp_version >= '3.0' )
    775             require( ABSPATH . '/wp-admin/includes/ms.php' );
    776         else
    777             require( ABSPATH . '/wp-admin/includes/mu.php' );
    778 
     772        require( ABSPATH . '/wp-admin/includes/ms.php'   );
    779773        require( ABSPATH . '/wp-admin/includes/user.php' );
    780774
  • trunk/bp-settings/bp-settings-actions.php

    r5785 r5829  
    1212if ( !defined( 'ABSPATH' ) ) exit;
    1313
    14 /** General *******************************************************************/
    15 
    16 function bp_core_screen_general_settings() {
     14/**
     15 * Handles the changing and saving of user email addressos and passwords
     16 *
     17 * We do quite a bit of logic and error handling here to make sure that users
     18 * do not accidentally lock themselves out of their accounts. We also try to
     19 * provide as accurate of feedback as possible without exposing anyone else's
     20 * inforation to them.
     21 *
     22 * Special considerations are made for super admins that are able to edit any
     23 * users accounts already, without knowing their existing password.
     24 *
     25 * @global BuddyPress $bp
     26 * @return If no reason to proceed
     27 */
     28function bp_settings_action_general() {
    1729    global $bp;
    1830
     31    // Bail if not a POST action
     32    if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
     33        return;
     34
     35    // Bail if not in settings
     36    if ( ! bp_is_settings_component() || ! bp_is_current_action( 'general' ) )
     37        return;
     38
     39    // 404 if there are any additional action variables attached
    1940    if ( bp_action_variables() ) {
    2041        bp_do_404();
     
    2243    }
    2344
    24     // Setup private variables
    25     $bp_settings_updated = $pass_error = $email_error = $pwd_error = false;
     45    // Define local defaults
     46    $email_error   = false;   // invalid|blocked|taken|empty|nochange
     47    $pass_error    = false;   // invalid|mismatch|empty|nochange
     48    $pass_changed  = false;   // true if the user changes their password
     49    $feedback_type = 'error'; // success|error
     50    $feedback      = array(); // array of strings for feedback
     51
     52    /** Handle Form ***********************************************************/
    2653
    2754    if ( isset( $_POST['submit'] ) ) {
     
    3158
    3259        // Validate the user again for the current password when making a big change
    33         if ( bp_current_user_can( 'bp_moderate' ) || ( !empty( $_POST['pwd'] ) && $_POST['pwd'] != '' && wp_check_password( $_POST['pwd'], $bp->displayed_user->userdata->user_pass, bp_displayed_user_id() ) ) ) {
     60        if ( ( is_super_admin() ) || ( !empty( $_POST['pwd'] ) && wp_check_password( $_POST['pwd'], $bp->displayed_user->userdata->user_pass, bp_displayed_user_id() ) ) ) {
    3461
    3562            $update_user = get_userdata( bp_displayed_user_id() );
    3663
    37             // Make sure changing an email address does not already exist
    38             if ( $_POST['email'] != '' ) {
     64            /** Email Change Attempt ******************************************/
     65
     66            if ( !empty( $_POST['email'] ) ) {
    3967
    4068                // What is missing from the profile page vs signup - lets double check the goodies
    4169                $user_email = sanitize_email( esc_html( trim( $_POST['email'] ) ) );
    4270
    43                 // Is email valid
    44                 if ( !is_email( $user_email ) )
    45                     $email_error = true;
    46 
    47                 // Get blocked email domains
    48                 $limited_email_domains = get_site_option( 'limited_email_domains', 'buddypress' );
    49 
    50                 // If blocked email domains exist, see if this is one of them
    51                 if ( is_array( $limited_email_domains ) && empty( $limited_email_domains ) == false ) {
    52                     $emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) );
    53 
    54                     if ( in_array( $emaildomain, (array) $limited_email_domains ) == false ) {
    55                         $email_error = true;
     71                // Skip this if no change to email
     72                if ( $bp->displayed_user->userdata->user_email != $user_email ) {
     73
     74                    // Is email valid
     75                    if ( !is_email( $user_email ) )
     76                        $email_error = 'invalid';
     77
     78                    // Get blocked email domains
     79                    $limited_email_domains = get_site_option( 'limited_email_domains', 'buddypress' );
     80
     81                    // If blocked email domains exist, see if this is one of them
     82                    if ( is_array( $limited_email_domains ) && empty( $limited_email_domains ) == false ) {
     83                        $emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) );
     84
     85                        if ( in_array( $emaildomain, (array) $limited_email_domains ) == false ) {
     86                            $email_error = 'blocked';
     87                        }
    5688                    }
    57                 }
    58 
    59                 // No errors, and email address doesn't match
    60                 if ( ( false === $email_error ) && ( $bp->displayed_user->userdata->user_email != $user_email ) ) {
    61 
    62                     // We don't want email dupes in the system
    63                     if ( email_exists( $user_email ) )
    64                         $email_error = true;
    65 
    66                     // Set updated user email to this email address
     89
     90                    // No errors, and email address doesn't match
     91                    if ( ( false === $email_error ) && email_exists( $user_email ) ) {
     92                        $email_error = 'taken';
     93                    }
     94
     95                // No change
     96                } else {
     97                    $email_error = 'nochange';
     98                }
     99
     100                // Yay we made it!
     101                if ( false === $email_error ) {
    67102                    $update_user->user_email = $user_email;
    68103                }
    69             }
    70 
    71             // Password change
     104
     105            // Email address cannot be empty
     106            } else {
     107                $email_error = 'empty';
     108            }
     109
     110            /** Password Change Attempt ***************************************/
     111
    72112            if ( !empty( $_POST['pass1'] ) && !empty( $_POST['pass2'] ) ) {
    73113
    74114                // Password change attempt is successful
    75                 if ( $_POST['pass1'] == $_POST['pass2'] && !strpos( " " . $_POST['pass1'], "\\" ) ) {
     115                if ( ( $_POST['pass1'] == $_POST['pass2'] ) && !strpos( " " . $_POST['pass1'], "\\" ) ) {
    76116                    $update_user->user_pass = $_POST['pass1'];
     117                    $pass_changed = true;
    77118
    78119                // Password change attempt was unsuccessful
    79120                } else {
    80                     $pass_error = true;
    81                 }
     121                    $pass_error = 'mismatch';
     122                }
     123
     124            // Both password fields were empty
     125            } elseif ( empty( $_POST['pass1'] ) && empty( $_POST['pass2'] ) ) {
     126                $pass_error = 'nochange';
    82127
    83128            // One of the password boxes was left empty
    84             } else if ( ( empty( $_POST['pass1'] ) && !empty( $_POST['pass2'] ) ) || ( !empty( $_POST['pass1'] ) && empty( $_POST['pass2'] ) ) ) {
    85                 $pass_error = true;
    86 
    87             // Not a password change attempt so empty the user_pass
    88             } else {
    89                 // unset( $update_user->user_pass ); // WP_User has no __unset()
    90                 $update_user->user_pass = null;
     129            } elseif ( ( empty( $_POST['pass1'] ) && !empty( $_POST['pass2'] ) ) || ( !empty( $_POST['pass1'] ) && empty( $_POST['pass2'] ) ) ) {
     130                $pass_error = 'empty';
    91131            }
    92132
     
    95135            if ( isset( $update_user->data ) && is_object( $update_user->data ) ) {
    96136                $update_user = $update_user->data;
     137                $update_user = get_object_vars( $update_user );
     138
     139                // Unset the password field to prevent it from emptying out the
     140                // user's user_pass field in the database.
     141                // @see wp_update_user()
     142                if ( false === $pass_changed ) {
     143                    unset( $update_user['user_pass'] );
     144                }
    97145            }
    98146
    99147            // Make sure these changes are in $bp for the current page load
    100             if ( ( false === $email_error ) && ( false === $pass_error ) && ( wp_update_user( get_object_vars( $update_user ) ) ) ) {
     148            if ( ( false === $email_error ) && ( false === $pass_error ) && ( wp_update_user( $update_user ) ) ) {
    101149                $bp->displayed_user->userdata = bp_core_get_core_userdata( bp_displayed_user_id() );
    102                 $bp_settings_updated = true;
    103150            }
    104151
    105152        // Password Error
    106153        } else {
    107             $pwd_error = true;
    108         }
    109 
    110         // Add user feedback messages
    111         if ( empty( $pass_error ) && empty( $pwd_error ) && ( empty( $email_error ) ) )
    112             bp_core_add_message( __( 'Changes saved.', 'buddypress' ), 'success' );
    113 
    114         elseif ( !empty( $pass_error ) )
    115             bp_core_add_message( __( 'Your new passwords did not match.', 'buddypress' ), 'error' );
    116 
    117         elseif ( !empty( $pwd_error ) )
    118             bp_core_add_message( __( 'Your existing password is incorrect.', 'buddypress' ), 'error' );
    119 
    120         elseif ( !empty( $email_error ) )
    121             bp_core_add_message( __( 'Sorry, that email address is already used or is invalid.', 'buddypress' ), 'error' );
     154            $pass_error = 'invalid';
     155        }
     156
     157        // Email feedback
     158        switch ( $email_error ) {
     159            case 'invalid' :
     160                $feedback['email_invalid']  = __( 'That email address is invalid. Check the formatting and try again.', 'buddypress' );
     161                break;
     162            case 'blocked' :
     163                $feedback['email_blocked']  = __( 'That email address is currently unavailable for use.', 'buddypress' );
     164                break;
     165            case 'taken' :
     166                $feedback['email_taken']    = __( 'That email address is already taken.', 'buddypress' );
     167                break;
     168            case 'empty' :
     169                $feedback['email_empty']    = __( 'Email address cannot be empty.', 'buddypress' );
     170                break;
     171            case 'nochange' :
     172                $email_error = false;
     173                break;
     174        }
     175
     176        // Password feedback
     177        switch ( $pass_error ) {
     178            case 'invalid' :
     179                $feedback['pass_error']    = __( 'Your current password is invalid.', 'buddypress' );
     180                break;
     181            case 'mismatch' :
     182                $feedback['pass_mismatch'] = __( 'The new password fields did not match.', 'buddypress' );
     183                break;
     184            case 'empty' :
     185                $feedback['pass_empty']    = __( 'One of the password fields was empty.', 'buddypress' );
     186                break;
     187            case 'nochange' :
     188                $pass_error = false;
     189                break;
     190        }
     191
     192        // No errors so show a simple success message
     193        if ( ( false === $email_error ) && ( ( false == $pass_error ) && ( true === $pass_changed ) ) ) {
     194            $feedback[]    = __( 'Your settings have been saved.', 'buddypress' );
     195            $feedback_type = 'success';
     196
     197        // Some kind of errors occurred
     198        } elseif ( ( false === $email_error ) && ( ( false == $pass_error ) && ( false === $pass_changed ) ) ) {
     199            if ( bp_is_my_profile() ) {
     200                $feedback['nochange'] = __( 'No changes were made to your account.', 'buddypress' );
     201            } else {
     202                $feedback['nochange'] = __( 'No changes were made to this account.', 'buddypress' );
     203            }
     204        }
     205
     206        // Set the feedback
     207        bp_core_add_message( implode( '</p><p>', $feedback ), $feedback_type );
    122208
    123209        // Execute additional code
    124210        do_action( 'bp_core_general_settings_after_save' );
    125        
    126         bp_core_redirect( bp_displayed_user_domain() . bp_get_settings_slug() . '/general/' );
    127     }
    128 
    129     // Load the template
    130     bp_core_load_template( apply_filters( 'bp_core_screen_general_settings', 'members/single/settings/general' ) );
     211
     212        // Redirect to prevent issues with browser back button
     213        bp_core_redirect( trailingslashit( bp_displayed_user_domain() . bp_get_settings_slug() . '/general' ) );
     214    }
    131215}
    132 
    133 /** Notifications *************************************************************/
    134 
    135 function bp_core_screen_notification_settings() {
    136 
     216add_action( 'bp_actions', 'bp_settings_action_general' );
     217
     218/**
     219 * Handles the changing and saving of user notification settings
     220 *
     221 * @return If no reason to proceed
     222 */
     223function bp_settings_action_notifications() {
     224
     225    // Bail if not a POST action
     226    if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
     227        return;
     228
     229    // Bail if not in settings
     230    if ( ! bp_is_settings_component() || ! bp_is_current_action( 'notifications' ) )
     231        return false;
     232
     233    // 404 if there are any additional action variables attached
    137234    if ( bp_action_variables() ) {
    138235        bp_do_404();
     
    141238
    142239    if ( isset( $_POST['submit'] ) ) {
    143         check_admin_referer('bp_settings_notifications');
     240        check_admin_referer( 'bp_settings_notifications' );
    144241
    145242        if ( isset( $_POST['notifications'] ) ) {
    146243            foreach ( (array) $_POST['notifications'] as $key => $value ) {
    147                 if ( $meta_key = bp_get_user_meta_key( $key ) )
    148                     bp_update_user_meta( (int)bp_displayed_user_id(), $meta_key, $value );
    149             }
    150         }
    151 
    152         bp_core_add_message( __( 'Changes saved.', 'buddypress' ), 'success' );
     244                if ( $meta_key = bp_get_user_meta_key( $key ) ) {
     245                    bp_update_user_meta( (int) bp_displayed_user_id(), $meta_key, $value );
     246                }
     247            }
     248        }
     249
     250        // Switch feedback for super admins
     251        if ( bp_is_my_profile() ) {
     252            bp_core_add_message( __( 'Your notification settings have been saved.',        'buddypress' ), 'success' );
     253        } else {
     254            bp_core_add_message( __( "This user's notification settings have been saved.", 'buddypress' ), 'success' );
     255        }
    153256
    154257        do_action( 'bp_core_notification_settings_after_save' );
     
    156259        bp_core_redirect( bp_displayed_user_domain() . bp_get_settings_slug() . '/notifications/' );
    157260    }
    158 
    159     bp_core_load_template( apply_filters( 'bp_core_screen_notification_settings', 'members/single/settings/notifications' ) );
    160261}
    161 
    162 /** Delete Account ************************************************************/
    163 
    164 function bp_core_screen_delete_account() {
    165 
     262add_action( 'bp_actions', 'bp_settings_action_notifications' );
     263
     264/**
     265 * Handles the setting of user capabilities, spamming, hamming, role, etc...
     266 *
     267 * @return If no reason to proceed
     268 */
     269function bp_settings_action_capabilities() {
     270
     271    // Bail if not a POST action
     272    if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
     273        return;
     274
     275    // Bail if not in settings
     276    if ( ! bp_is_settings_component() || ! bp_is_current_action( 'capabilities' ) )
     277        return false;
     278
     279    // 404 if there are any additional action variables attached
    166280    if ( bp_action_variables() ) {
    167281        bp_do_404();
     
    169283    }
    170284
     285    if ( isset( $_POST['capabilities-submit'] ) ) {
     286
     287        // Nonce check
     288        check_admin_referer( 'capabilities' );
     289
     290        do_action( 'bp_settings_capabilities_before_save' );
     291
     292        /** Spam **************************************************************/
     293
     294        $is_spammer = !empty( $_POST['user-spammer'] ) ? true : false;
     295
     296        if ( bp_is_user_spammer( bp_displayed_user_id() ) != $is_spammer ) {
     297            $status = ( true == $is_spammer ) ? 'spam' : 'ham';
     298            bp_core_process_spammer_status( bp_displayed_user_id(), $status );
     299            do_action( 'bp_core_action_set_spammer_status', bp_displayed_user_id(), $status );
     300        }
     301
     302        /** Other *************************************************************/
     303
     304        do_action( 'bp_settings_capabilities_after_save' );
     305
     306        // Redirect to the root domain
     307        bp_core_redirect( bp_displayed_user_domain() . bp_get_settings_slug() . '/capabilities/' );
     308    }
     309}
     310add_action( 'bp_actions', 'bp_settings_action_capabilities' );
     311
     312/**
     313 * Handles the deleting of a user
     314 *
     315 * @return If no reason to proceed
     316 */
     317function bp_settings_action_delete_account() {
     318
     319    // Bail if not a POST action
     320    if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) )
     321        return;
     322
     323    // Bail if not in settings
     324    if ( ! bp_is_settings_component() || ! bp_is_current_action( 'delete-account' ) )
     325        return false;
     326
     327    // 404 if there are any additional action variables attached
     328    if ( bp_action_variables() ) {
     329        bp_do_404();
     330        return;
     331    }
     332
    171333    if ( isset( $_POST['delete-account-understand'] ) ) {
     334
    172335        // Nonce check
    173336        check_admin_referer( 'delete-account' );
    174337
     338        // Get username now because it might be gone soon!
     339        $username = bp_get_displayed_user_fullname();
     340
    175341        // delete the users account
    176342        if ( bp_core_delete_account( bp_displayed_user_id() ) ) {
    177             bp_core_redirect( home_url() );
    178         }
    179     }
    180 
    181     // Load the template
    182     bp_core_load_template( apply_filters( 'bp_core_screen_delete_account', 'members/single/settings/delete-account' ) );
     343
     344            // Add feedback ater deleting a user
     345            bp_core_add_message( sprintf( __( '%s was successfully deleted.', 'buddypress' ), $username ), 'success' );
     346
     347            // Redirect to the root domain
     348            bp_core_redirect( bp_get_root_domain() );
     349        }
     350    }
    183351}
     352add_action( 'bp_actions', 'bp_settings_action_delete_account' );
    184353
    185354?>
  • trunk/bp-settings/bp-settings-loader.php

    r5704 r5829  
    5050     *
    5151     * @since 1.5
    52      * @global obj $bp
    5352     */
    5453    function setup_globals() {
     
    6968    /**
    7069     * Setup BuddyBar navigation
    71      *
    72      * @global obj $bp
    7370     */
    7471    function setup_nav() {
    75         global $bp;
    7672
    7773        // Define local variable
     
    8480            'position'                => 100,
    8581            'show_for_displayed_user' => bp_core_can_edit_settings(),
    86             'screen_function'         => 'bp_core_screen_general_settings',
     82            'screen_function'         => 'bp_settings_screen_general',
    8783            'default_subnav_slug'     => 'general'
    8884        );
     
    104100            'parent_url'      => $settings_link,
    105101            'parent_slug'     => $this->slug,
    106             'screen_function' => 'bp_core_screen_general_settings',
     102            'screen_function' => 'bp_settings_screen_general',
    107103            'position'        => 10,
    108104            'user_has_access' => bp_core_can_edit_settings()
     
    115111            'parent_url'      => $settings_link,
    116112            'parent_slug'     => $this->slug,
    117             'screen_function' => 'bp_core_screen_notification_settings',
     113            'screen_function' => 'bp_settings_screen_notification',
    118114            'position'        => 20,
    119115            'user_has_access' => bp_core_can_edit_settings()
    120116        );
    121117
     118        // Add Spam Account nav item
     119        if ( bp_current_user_can( 'bp_moderate' ) ) {
     120            $sub_nav[] = array(
     121                'name'            => __( 'Capabilities', 'buddypress' ),
     122                'slug'            => 'capabilities',
     123                'parent_url'      => $settings_link,
     124                'parent_slug'     => $this->slug,
     125                'screen_function' => 'bp_settings_screen_capabilities',
     126                'position'        => 80,
     127                'user_has_access' => ! bp_is_my_profile()
     128            );
     129        }
     130
    122131        // Add Delete Account nav item
    123         if ( !bp_current_user_can( 'bp_moderate' ) && empty( $bp->site_options['bp-disable-account-deletion'] ) ) {
     132        if ( ! bp_disable_account_deletion() ) {
    124133            $sub_nav[] = array(
    125134                'name'            => __( 'Delete Account', 'buddypress' ),
     
    127136                'parent_url'      => $settings_link,
    128137                'parent_slug'     => $this->slug,
    129                 'screen_function' => 'bp_core_screen_delete_account',
     138                'screen_function' => 'bp_settings_screen_delete_account',
    130139                'position'        => 90,
    131                 'user_has_access' => bp_is_my_profile()
     140                'user_has_access' => bp_is_my_profile() || !is_super_admin( bp_displayed_user_id() )
    132141            );
    133142        }
  • trunk/bp-settings/bp-settings-screens.php

    r5690 r5829  
    55 *
    66 * @package BuddyPress
    7  * @subpackage SettingsFunctions
     7 * @subpackage SettingsScreens
    88 */
    99
     
    1111if ( !defined( 'ABSPATH' ) ) exit;
    1212
     13/**
     14 * Show the general settings template
     15 *
     16 * @since BuddyPress (1.5)
     17 *
     18 * @return If we shouldn't be here
     19 */
     20function bp_settings_screen_general() {
     21
     22    if ( bp_action_variables() ) {
     23        bp_do_404();
     24        return;
     25    }
     26
     27    bp_core_load_template( apply_filters( 'bp_settings_screen_general_settings', 'members/single/settings/general' ) );
     28}
     29
     30/**
     31 * Show the notifications settings template
     32 *
     33 * @since BuddyPress (1.5)
     34 *
     35 * @return If we shouldn't be here
     36 */
     37function bp_settings_screen_notification() {
     38
     39    if ( bp_action_variables() ) {
     40        bp_do_404();
     41        return;
     42    }
     43
     44    bp_core_load_template( apply_filters( 'bp_settings_screen_notification_settings', 'members/single/settings/notifications' ) );
     45}
     46
     47/**
     48 * Show the delete-account settings template
     49 *
     50 * @since BuddyPress (1.5)
     51 *
     52 * @return If we shouldn't be here
     53 */
     54function bp_settings_screen_delete_account() {
     55
     56    if ( bp_action_variables() ) {
     57        bp_do_404();
     58        return;
     59    }
     60
     61    // Load the template
     62    bp_core_load_template( apply_filters( 'bp_settings_screen_delete_account', 'members/single/settings/delete-account' ) );
     63}
     64
     65/**
     66 * Show the capabilities settings template
     67 *
     68 * @since BuddyPress (1.6)
     69 *
     70 * @return If we shouldn't be here
     71 */
     72function bp_settings_screen_capabilities() {
     73
     74    if ( bp_action_variables() ) {
     75        bp_do_404();
     76        return;
     77    }
     78
     79    // Load the template
     80    bp_core_load_template( apply_filters( 'bp_settings_screen_capabilities', 'members/single/settings/capabilities' ) );
     81}
     82
    1383?>
  • trunk/bp-themes/bp-default/members/single/settings/delete-account.php

    r5737 r5829  
    5050                <h3><?php _e( 'Delete Account', 'buddypress' ); ?></h3>
    5151
     52                <div id="message" class="info">
     53                   
     54                    <?php if ( bp_is_my_profile() ) : ?>
     55
     56                        <p><?php _e( 'Deleting your account will delete all of the content you have created. It will be completely irrecoverable.', 'buddypress' ); ?></p>
     57                       
     58                    <?php else : ?>
     59
     60                        <p><?php _e( 'Deleting this account will delete all of the content it has created. It will be completely irrecoverable.', 'buddypress' ); ?></p>
     61
     62                    <?php endif; ?>
     63
     64                </div>
     65
    5266                <form action="<?php echo bp_displayed_user_domain() . bp_get_settings_slug() . '/delete-account'; ?>" name="account-delete-form" id="account-delete-form" class="standard-form" method="post">
    53 
    54                     <div id="message" class="info">
    55                         <p><?php _e( 'WARNING: Deleting your account will completely remove ALL content associated with it. There is no way back, please be careful with this option.', 'buddypress' ); ?></p>
    56                     </div>
    57 
    58                     <input type="checkbox" name="delete-account-understand" id="delete-account-understand" value="1" onclick="if(this.checked) { document.getElementById('delete-account-button').disabled = ''; } else { document.getElementById('delete-account-button').disabled = 'disabled'; }" /> <?php _e( 'I understand the consequences of deleting my account.', 'buddypress' ); ?>
    5967
    6068                    <?php do_action( 'bp_members_delete_account_before_submit' ); ?>
    6169
     70                    <label>
     71                        <input type="checkbox" name="delete-account-understand" id="delete-account-understand" value="1" onclick="if(this.checked) { document.getElementById('delete-account-button').disabled = ''; } else { document.getElementById('delete-account-button').disabled = 'disabled'; }" />
     72                         <?php _e( 'I understand the consequences.', 'buddypress' ); ?>
     73                    </label>
     74
    6275                    <div class="submit">
    63                         <input type="submit" disabled="disabled" value="<?php _e( 'Delete My Account', 'buddypress' ); ?>" id="delete-account-button" name="delete-account-button" />
     76                        <input type="submit" disabled="disabled" value="<?php _e( 'Delete Account', 'buddypress' ); ?>" id="delete-account-button" name="delete-account-button" />
    6477                    </div>
    6578
     
    6780
    6881                    <?php wp_nonce_field( 'delete-account' ); ?>
     82
    6983                </form>
    7084
  • trunk/bp-themes/bp-default/members/single/settings/general.php

    r5737 r5829  
    77 * @subpackage bp-default
    88 */
    9 ?>
    109
    11 <?php get_header( 'buddypress' ); ?>
     10get_header( 'buddypress' ); ?>
    1211
    1312    <div id="content">
     
    5453                <form action="<?php echo bp_displayed_user_domain() . bp_get_settings_slug() . '/general'; ?>" method="post" class="standard-form" id="settings-form">
    5554
    56                     <label for="pwd"><?php _e( 'Current Password <span>(required to update email or change current password)</span>', 'buddypress' ); ?></label>
    57                     <input type="password" name="pwd" id="pwd" size="16" value="" class="settings-input small" /> &nbsp;<a href="<?php echo site_url( add_query_arg( array( 'action' => 'lostpassword' ), 'wp-login.php' ), 'login' ); ?>" title="<?php _e( 'Password Lost and Found', 'buddypress' ); ?>"><?php _e( 'Lost your password?', 'buddypress' ); ?></a>
     55                    <?php if ( !is_super_admin() ) : ?>
     56
     57                        <label for="pwd"><?php _e( 'Current Password <span>(required to update email or change current password)</span>', 'buddypress' ); ?></label>
     58                        <input type="password" name="pwd" id="pwd" size="16" value="" class="settings-input small" /> &nbsp;<a href="<?php echo site_url( add_query_arg( array( 'action' => 'lostpassword' ), 'wp-login.php' ), 'login' ); ?>" title="<?php _e( 'Password Lost and Found', 'buddypress' ); ?>"><?php _e( 'Lost your password?', 'buddypress' ); ?></a>
     59
     60                    <?php endif; ?>
    5861
    5962                    <label for="email"><?php _e( 'Account Email', 'buddypress' ); ?></label>
  • trunk/bp-themes/bp-default/members/single/settings/notifications.php

    r5737 r5829  
    77 * @subpackage bp-default
    88 */
    9 ?>
    109
    11 <?php get_header( 'buddypress' ); ?>
     10get_header( 'buddypress' ); ?>
    1211
    1312    <div id="content">
Note: See TracChangeset for help on using the changeset viewer.