Changeset 6317 for trunk/bp-settings/bp-settings-actions.php
- Timestamp:
- 09/07/2012 02:50:43 PM (13 years ago)
- File:
-
- 1 edited
-
trunk/bp-settings/bp-settings-actions.php (modified) (8 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/bp-settings/bp-settings-actions.php
r6269 r6317 27 27 */ 28 28 function bp_settings_action_general() { 29 global $bp;30 29 31 30 // Bail if not a POST action 32 31 if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) 32 return; 33 34 // Bail if no submit action 35 if ( ! isset( $_POST['submit'] ) ) 33 36 return; 34 37 … … 44 47 45 48 // Define local defaults 46 $email_error = false; // invalid|blocked|taken|empty|nochange 47 $pass_error = false; // invalid|mismatch|empty|nochange 48 $pass_changed = false; // true if the user changes their password 49 $email_changed = false; // true if the user changes their email 50 $feedback_type = 'error'; // success|error 51 $feedback = array(); // array of strings for feedback 52 53 54 if ( isset( $_POST['submit'] ) ) { 55 56 // Nonce check 57 check_admin_referer('bp_settings_general'); 58 59 // Validate the user again for the current password when making a big change 60 if ( ( is_super_admin() ) || ( !empty( $_POST['pwd'] ) && wp_check_password( $_POST['pwd'], $bp->displayed_user->userdata->user_pass, bp_displayed_user_id() ) ) ) { 61 62 $update_user = get_userdata( bp_displayed_user_id() ); 63 64 /** Email Change Attempt ******************************************/ 65 66 if ( !empty( $_POST['email'] ) ) { 67 68 // What is missing from the profile page vs signup - lets double check the goodies 69 $user_email = sanitize_email( esc_html( trim( $_POST['email'] ) ) ); 70 71 // User is changing email address 72 if ( $bp->displayed_user->userdata->user_email != $user_email ) { 73 74 // Run some tests on the email address 75 $email_checks = bp_core_validate_email_address( $user_email ); 76 77 if ( true !== $email_checks ) { 78 if ( isset( $email_checks['invalid'] ) ) { 79 $email_error = 'invalid'; 80 } 81 82 if ( isset( $email_checks['domain_banned'] ) || isset( $email_checks['domain_not_allowed'] ) ) { 83 $email_error = 'blocked'; 84 } 85 86 if ( isset( $email_checks['in_use'] ) ) { 87 $email_error = 'taken'; 88 } 49 $bp = buddypress(); // The instance 50 $email_error = false; // invalid|blocked|taken|empty|nochange 51 $pass_error = false; // invalid|mismatch|empty|nochange 52 $pass_changed = false; // true if the user changes their password 53 $email_changed = false; // true if the user changes their email 54 $feedback_type = 'error'; // success|error 55 $feedback = array(); // array of strings for feedback 56 57 // Nonce check 58 check_admin_referer('bp_settings_general'); 59 60 // Validate the user again for the current password when making a big change 61 if ( ( is_super_admin() ) || ( !empty( $_POST['pwd'] ) && wp_check_password( $_POST['pwd'], $bp->displayed_user->userdata->user_pass, bp_displayed_user_id() ) ) ) { 62 63 $update_user = get_userdata( bp_displayed_user_id() ); 64 65 /** Email Change Attempt ******************************************/ 66 67 if ( !empty( $_POST['email'] ) ) { 68 69 // What is missing from the profile page vs signup - lets double check the goodies 70 $user_email = sanitize_email( esc_html( trim( $_POST['email'] ) ) ); 71 72 // User is changing email address 73 if ( $bp->displayed_user->userdata->user_email != $user_email ) { 74 75 // Run some tests on the email address 76 $email_checks = bp_core_validate_email_address( $user_email ); 77 78 if ( true !== $email_checks ) { 79 if ( isset( $email_checks['invalid'] ) ) { 80 $email_error = 'invalid'; 89 81 } 90 82 91 // Yay we made it! 92 if ( false === $email_error ) { 93 $update_user->user_email = $user_email; 94 $email_changed = true; 83 if ( isset( $email_checks['domain_banned'] ) || isset( $email_checks['domain_not_allowed'] ) ) { 84 $email_error = 'blocked'; 95 85 } 96 86 97 // No change98 } else {99 $email_error = false;87 if ( isset( $email_checks['in_use'] ) ) { 88 $email_error = 'taken'; 89 } 100 90 } 101 91 102 // Email address cannot be empty 92 // Yay we made it! 93 if ( false === $email_error ) { 94 $update_user->user_email = $user_email; 95 $email_changed = true; 96 } 97 98 // No change 103 99 } else { 104 $email_error = 'empty';100 $email_error = false; 105 101 } 106 102 107 /** Password Change Attempt ***************************************/ 108 109 if ( !empty( $_POST['pass1'] ) && !empty( $_POST['pass2'] ) ) { 110 111 // Password change attempt is successful 112 if ( ( $_POST['pass1'] == $_POST['pass2'] ) && !strpos( " " . $_POST['pass1'], "\\" ) ) { 113 $update_user->user_pass = $_POST['pass1']; 114 $pass_changed = true; 115 116 // Password change attempt was unsuccessful 117 } else { 118 $pass_error = 'mismatch'; 119 } 120 121 // Both password fields were empty 122 } elseif ( empty( $_POST['pass1'] ) && empty( $_POST['pass2'] ) ) { 123 $pass_error = false; 124 125 // One of the password boxes was left empty 126 } elseif ( ( empty( $_POST['pass1'] ) && !empty( $_POST['pass2'] ) ) || ( !empty( $_POST['pass1'] ) && empty( $_POST['pass2'] ) ) ) { 127 $pass_error = 'empty'; 103 // Email address cannot be empty 104 } else { 105 $email_error = 'empty'; 106 } 107 108 /** Password Change Attempt ***************************************/ 109 110 if ( !empty( $_POST['pass1'] ) && !empty( $_POST['pass2'] ) ) { 111 112 // Password change attempt is successful 113 if ( ( $_POST['pass1'] == $_POST['pass2'] ) && !strpos( " " . $_POST['pass1'], "\\" ) ) { 114 $update_user->user_pass = $_POST['pass1']; 115 $pass_changed = true; 116 117 // Password change attempt was unsuccessful 118 } else { 119 $pass_error = 'mismatch'; 128 120 } 129 121 130 // The structure of the $update_user object changed in WP 3.3, but 131 // wp_update_user() still expects the old format 132 if ( isset( $update_user->data ) && is_object( $update_user->data ) ) { 133 $update_user = $update_user->data; 134 $update_user = get_object_vars( $update_user ); 135 136 // Unset the password field to prevent it from emptying out the 137 // user's user_pass field in the database. 138 // @see wp_update_user() 139 if ( false === $pass_changed ) { 140 unset( $update_user['user_pass'] ); 141 } 122 // Both password fields were empty 123 } elseif ( empty( $_POST['pass1'] ) && empty( $_POST['pass2'] ) ) { 124 $pass_error = false; 125 126 // One of the password boxes was left empty 127 } elseif ( ( empty( $_POST['pass1'] ) && !empty( $_POST['pass2'] ) ) || ( !empty( $_POST['pass1'] ) && empty( $_POST['pass2'] ) ) ) { 128 $pass_error = 'empty'; 129 } 130 131 // The structure of the $update_user object changed in WP 3.3, but 132 // wp_update_user() still expects the old format 133 if ( isset( $update_user->data ) && is_object( $update_user->data ) ) { 134 $update_user = $update_user->data; 135 $update_user = get_object_vars( $update_user ); 136 137 // Unset the password field to prevent it from emptying out the 138 // user's user_pass field in the database. 139 // @see wp_update_user() 140 if ( false === $pass_changed ) { 141 unset( $update_user['user_pass'] ); 142 142 } 143 144 // Make sure these changes are in $bp for the current page load 145 if ( ( false === $email_error ) && ( false === $pass_error ) && ( wp_update_user( $update_user ) ) ) { 146 $bp->displayed_user->userdata = bp_core_get_core_userdata( bp_displayed_user_id() ); 147 } 148 149 // Password Error 143 } 144 145 // Make sure these changes are in $bp for the current page load 146 if ( ( false === $email_error ) && ( false === $pass_error ) && ( wp_update_user( $update_user ) ) ) { 147 $bp->displayed_user->userdata = bp_core_get_core_userdata( bp_displayed_user_id() ); 148 } 149 150 // Password Error 151 } else { 152 $pass_error = 'invalid'; 153 } 154 155 // Email feedback 156 switch ( $email_error ) { 157 case 'invalid' : 158 $feedback['email_invalid'] = __( 'That email address is invalid. Check the formatting and try again.', 'buddypress' ); 159 break; 160 case 'blocked' : 161 $feedback['email_blocked'] = __( 'That email address is currently unavailable for use.', 'buddypress' ); 162 break; 163 case 'taken' : 164 $feedback['email_taken'] = __( 'That email address is already taken.', 'buddypress' ); 165 break; 166 case 'empty' : 167 $feedback['email_empty'] = __( 'Email address cannot be empty.', 'buddypress' ); 168 break; 169 case false : 170 // No change 171 break; 172 } 173 174 // Password feedback 175 switch ( $pass_error ) { 176 case 'invalid' : 177 $feedback['pass_error'] = __( 'Your current password is invalid.', 'buddypress' ); 178 break; 179 case 'mismatch' : 180 $feedback['pass_mismatch'] = __( 'The new password fields did not match.', 'buddypress' ); 181 break; 182 case 'empty' : 183 $feedback['pass_empty'] = __( 'One of the password fields was empty.', 'buddypress' ); 184 break; 185 case false : 186 // No change 187 break; 188 } 189 190 // No errors so show a simple success message 191 if ( ( ( false === $email_error ) || ( false == $pass_error ) ) && ( ( true === $pass_changed ) || ( true === $email_changed ) ) ) { 192 $feedback[] = __( 'Your settings have been saved.', 'buddypress' ); 193 $feedback_type = 'success'; 194 195 // Some kind of errors occurred 196 } elseif ( ( ( false === $email_error ) || ( false === $pass_error ) ) && ( ( false === $pass_changed ) || ( false === $email_changed ) ) ) { 197 if ( bp_is_my_profile() ) { 198 $feedback['nochange'] = __( 'No changes were made to your account.', 'buddypress' ); 150 199 } else { 151 $pass_error = 'invalid'; 152 } 153 154 // Email feedback 155 switch ( $email_error ) { 156 case 'invalid' : 157 $feedback['email_invalid'] = __( 'That email address is invalid. Check the formatting and try again.', 'buddypress' ); 158 break; 159 case 'blocked' : 160 $feedback['email_blocked'] = __( 'That email address is currently unavailable for use.', 'buddypress' ); 161 break; 162 case 'taken' : 163 $feedback['email_taken'] = __( 'That email address is already taken.', 'buddypress' ); 164 break; 165 case 'empty' : 166 $feedback['email_empty'] = __( 'Email address cannot be empty.', 'buddypress' ); 167 break; 168 case false : 169 // No change 170 break; 171 } 172 173 // Password feedback 174 switch ( $pass_error ) { 175 case 'invalid' : 176 $feedback['pass_error'] = __( 'Your current password is invalid.', 'buddypress' ); 177 break; 178 case 'mismatch' : 179 $feedback['pass_mismatch'] = __( 'The new password fields did not match.', 'buddypress' ); 180 break; 181 case 'empty' : 182 $feedback['pass_empty'] = __( 'One of the password fields was empty.', 'buddypress' ); 183 break; 184 case false : 185 // No change 186 break; 187 } 188 189 // No errors so show a simple success message 190 if ( ( ( false === $email_error ) || ( false == $pass_error ) ) && ( ( true === $pass_changed ) || ( true === $email_changed ) ) ) { 191 $feedback[] = __( 'Your settings have been saved.', 'buddypress' ); 192 $feedback_type = 'success'; 193 194 // Some kind of errors occurred 195 } elseif ( ( ( false === $email_error ) || ( false === $pass_error ) ) && ( ( false === $pass_changed ) || ( false === $email_changed ) ) ) { 196 if ( bp_is_my_profile() ) { 197 $feedback['nochange'] = __( 'No changes were made to your account.', 'buddypress' ); 198 } else { 199 $feedback['nochange'] = __( 'No changes were made to this account.', 'buddypress' ); 200 } 201 } 202 203 // Set the feedback 204 bp_core_add_message( implode( '</p><p>', $feedback ), $feedback_type ); 205 206 // Execute additional code 207 do_action( 'bp_core_general_settings_after_save' ); 208 209 // Redirect to prevent issues with browser back button 210 bp_core_redirect( trailingslashit( bp_displayed_user_domain() . bp_get_settings_slug() . '/general' ) ); 211 } 200 $feedback['nochange'] = __( 'No changes were made to this account.', 'buddypress' ); 201 } 202 } 203 204 // Set the feedback 205 bp_core_add_message( implode( '</p><p>', $feedback ), $feedback_type ); 206 207 // Execute additional code 208 do_action( 'bp_core_general_settings_after_save' ); 209 210 // Redirect to prevent issues with browser back button 211 bp_core_redirect( trailingslashit( bp_displayed_user_domain() . bp_get_settings_slug() . '/general' ) ); 212 212 } 213 213 add_action( 'bp_actions', 'bp_settings_action_general' ); … … 222 222 // Bail if not a POST action 223 223 if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) 224 return; 225 226 // Bail if no submit action 227 if ( ! isset( $_POST['submit'] ) ) 224 228 return; 225 229 … … 234 238 } 235 239 236 if ( isset( $_POST['submit'] ) ) { 237 check_admin_referer( 'bp_settings_notifications' ); 238 239 if ( isset( $_POST['notifications'] ) ) { 240 foreach ( (array) $_POST['notifications'] as $key => $value ) { 241 if ( $meta_key = bp_get_user_meta_key( $key ) ) { 242 bp_update_user_meta( (int) bp_displayed_user_id(), $meta_key, $value ); 243 } 240 check_admin_referer( 'bp_settings_notifications' ); 241 242 if ( isset( $_POST['notifications'] ) ) { 243 foreach ( (array) $_POST['notifications'] as $key => $value ) { 244 if ( $meta_key = bp_get_user_meta_key( $key ) ) { 245 bp_update_user_meta( (int) bp_displayed_user_id(), $meta_key, $value ); 244 246 } 245 247 } 246 247 // Switch feedback for super admins 248 if ( bp_is_my_profile() ) {249 bp_core_add_message( __( 'Your notification settings have been saved.', 'buddypress' ), 'success' );250 } else {251 bp_core_add_message( __( "This user's notification settings have been saved.", 'buddypress' ), 'success' );252 }253 254 do_action( 'bp_core_notification_settings_after_save' ); 255 256 bp_core_redirect( bp_displayed_user_domain() . bp_get_settings_slug() . '/notifications/' ); 257 }248 } 249 250 // Switch feedback for super admins 251 if ( bp_is_my_profile() ) { 252 bp_core_add_message( __( 'Your notification settings have been saved.', 'buddypress' ), 'success' ); 253 } else { 254 bp_core_add_message( __( "This user's notification settings have been saved.", 'buddypress' ), 'success' ); 255 } 256 257 do_action( 'bp_core_notification_settings_after_save' ); 258 259 bp_core_redirect( bp_displayed_user_domain() . bp_get_settings_slug() . '/notifications/' ); 258 260 } 259 261 add_action( 'bp_actions', 'bp_settings_action_notifications' ); … … 268 270 // Bail if not a POST action 269 271 if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) 272 return; 273 274 // Bail if no submit action 275 if ( ! isset( $_POST['capabilities-submit'] ) ) 270 276 return; 271 277 … … 280 286 } 281 287 282 if ( isset( $_POST['capabilities-submit'] ) ) { 283 284 // Nonce check 285 check_admin_referer( 'capabilities' ); 286 287 do_action( 'bp_settings_capabilities_before_save' ); 288 289 /** Spam **************************************************************/ 290 291 $is_spammer = !empty( $_POST['user-spammer'] ) ? true : false; 292 293 if ( bp_is_user_spammer( bp_displayed_user_id() ) != $is_spammer ) { 294 $status = ( true == $is_spammer ) ? 'spam' : 'ham'; 295 bp_core_process_spammer_status( bp_displayed_user_id(), $status ); 296 do_action( 'bp_core_action_set_spammer_status', bp_displayed_user_id(), $status ); 297 } 298 299 /** Other *************************************************************/ 300 301 do_action( 'bp_settings_capabilities_after_save' ); 302 303 // Redirect to the root domain 304 bp_core_redirect( bp_displayed_user_domain() . bp_get_settings_slug() . '/capabilities/' ); 305 } 288 // Nonce check 289 check_admin_referer( 'capabilities' ); 290 291 do_action( 'bp_settings_capabilities_before_save' ); 292 293 /** Spam **************************************************************/ 294 295 $is_spammer = !empty( $_POST['user-spammer'] ) ? true : false; 296 297 if ( bp_is_user_spammer( bp_displayed_user_id() ) != $is_spammer ) { 298 $status = ( true == $is_spammer ) ? 'spam' : 'ham'; 299 bp_core_process_spammer_status( bp_displayed_user_id(), $status ); 300 do_action( 'bp_core_action_set_spammer_status', bp_displayed_user_id(), $status ); 301 } 302 303 /** Other *************************************************************/ 304 305 do_action( 'bp_settings_capabilities_after_save' ); 306 307 // Redirect to the root domain 308 bp_core_redirect( bp_displayed_user_domain() . bp_get_settings_slug() . '/capabilities/' ); 306 309 } 307 310 add_action( 'bp_actions', 'bp_settings_action_capabilities' ); … … 316 319 // Bail if not a POST action 317 320 if ( 'POST' !== strtoupper( $_SERVER['REQUEST_METHOD'] ) ) 321 return; 322 323 // Bail if no submit action 324 if ( ! isset( $_POST['delete-account-understand'] ) ) 318 325 return; 319 326 … … 328 335 } 329 336 330 if ( isset( $_POST['delete-account-understand'] ) ) { 331 332 // Nonce check 333 check_admin_referer( 'delete-account' ); 334 335 // Get username now because it might be gone soon! 336 $username = bp_get_displayed_user_fullname(); 337 338 // delete the users account 339 if ( bp_core_delete_account( bp_displayed_user_id() ) ) { 340 341 // Add feedback ater deleting a user 342 bp_core_add_message( sprintf( __( '%s was successfully deleted.', 'buddypress' ), $username ), 'success' ); 343 344 // Redirect to the root domain 345 bp_core_redirect( bp_get_root_domain() ); 346 } 337 // Nonce check 338 check_admin_referer( 'delete-account' ); 339 340 // Get username now because it might be gone soon! 341 $username = bp_get_displayed_user_fullname(); 342 343 // delete the users account 344 if ( bp_core_delete_account( bp_displayed_user_id() ) ) { 345 346 // Add feedback ater deleting a user 347 bp_core_add_message( sprintf( __( '%s was successfully deleted.', 'buddypress' ), $username ), 'success' ); 348 349 // Redirect to the root domain 350 bp_core_redirect( bp_get_root_domain() ); 347 351 } 348 352 } 349 353 add_action( 'bp_actions', 'bp_settings_action_delete_account' ); 350 351 ?>
Note: See TracChangeset
for help on using the changeset viewer.