Changeset 6072
- Timestamp:
- 06/11/2012 09:20:17 PM (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/bp-members/bp-members-functions.php
r6049 r6072 847 847 * redirect them to the home page and stop them from logging in. 848 848 * 849 * @pa ckage BuddyPress Core850 * @ param $auth_obj The WP authorization object851 * @param $username The username of the user logging in.852 * @ uses get_user_by() Get the userdata object for a user based on their username853 * @uses bp_core_redirect() Safe redirect to a page854 * @return $auth_obj If the user is not a spammer, return the authorization object 855 */ 856 function bp_core_boot_spammer( $auth_obj, $username ) { 857 858 if ( !$user = get_user_by( 'login', $username ) ) 859 return $auth_obj;860 861 if ( ( is_multisite() && (int) $user->spam ) || 1 == (int) $user->user_status)849 * @param obj $user Either the WP_User object or the WP_Error object 850 * @return obj If the user is not a spammer, return the WP_User object. Otherwise a new WP_Error object. 851 * 852 * @since 1.1.2 853 */ 854 function bp_core_boot_spammer( $user ) { 855 // check to see if the $user has already failed logging in, if so return $user as-is 856 if ( is_wp_error( $user ) || empty( $user ) ) 857 return $user; 858 859 // the user exists; now do a check to see if the user is a spammer 860 // if the user is a spammer, stop them in their tracks! 861 if ( is_a( $user, 'WP_User' ) && ( ( is_multisite() && (int) $user->spam ) || 1 == $user->user_status ) ) 862 862 return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Your account has been marked as a spammer.', 'buddypress' ) ); 863 else 864 return $auth_obj; 865 } 866 add_filter( 'authenticate', 'bp_core_boot_spammer', 30, 2 ); 863 864 // user is good to go! 865 return $user; 866 } 867 add_filter( 'authenticate', 'bp_core_boot_spammer', 30 ); 867 868 868 869 /** … … 1272 1273 } 1273 1274 1274 // Stop user accounts logging in that have not been activated (user_status = 2) 1275 function bp_core_signup_disable_inactive( $auth_obj, $username ) { 1276 global $wpdb; 1277 1278 if ( !$user_id = bp_core_get_userid( $username ) ) 1279 return $auth_obj; 1280 1281 $user_status = (int) $wpdb->get_var( $wpdb->prepare( "SELECT user_status FROM $wpdb->users WHERE ID = %d", $user_id ) ); 1282 1283 if ( 2 == $user_status ) 1275 /** 1276 * Stop user accounts logging in that have not been activated yet (user_status = 2). 1277 * 1278 * Note: This is only applicable for single site WordPress installs. 1279 * Multisite has their own DB table - 'wp_signups' - dedicated for unactivated users. 1280 * See {@link wpmu_signup_user()} and {@link wpmu_validate_user_signup()}. 1281 * 1282 * @param obj $user Either the WP_User object or the WP_Error object 1283 * @return obj If the user is not a spammer, return the WP_User object. Otherwise a new WP_Error object. 1284 * 1285 * @since 1.2.2 1286 */ 1287 function bp_core_signup_disable_inactive( $user ) { 1288 // check to see if the $user has already failed logging in, if so return $user as-is 1289 if ( is_wp_error( $user ) || empty( $user ) ) 1290 return $user; 1291 1292 // the user exists; now do a check to see if the user has activated their account or not 1293 // NOTE: this is only applicable for single site WordPress installs! 1294 // if unactivated, stop the login now! 1295 if ( is_a( $user, 'WP_User' ) && 2 == $user->user_status ) 1284 1296 return new WP_Error( 'bp_account_not_activated', __( '<strong>ERROR</strong>: Your account has not been activated. Check your email for the activation link.', 'buddypress' ) ); 1285 else 1286 return $auth_obj; 1287 } 1288 add_filter( 'authenticate', 'bp_core_signup_disable_inactive', 30, 2 ); 1289 1290 // Kill the wp-signup.php if custom registration signup templates are present 1297 1298 // user has activated their account! all clear! 1299 return $user; 1300 } 1301 add_filter( 'authenticate', 'bp_core_signup_disable_inactive', 30 ); 1302 1303 /** 1304 * Kill the wp-signup.php if custom registration signup templates are present 1305 */ 1291 1306 function bp_core_wpsignup_redirect() { 1292 1307 $action = !empty( $_GET['action'] ) ? $_GET['action'] : '';
Note: See TracChangeset
for help on using the changeset viewer.