Create New Item
×
Item Type
File
Folder
Item Name
×
Search file in folder and subfolders...
File Manager
/
wp-includes
/
wp-admin
/
includes
Advanced Search
Upload
New Item
Settings
Back
Back Up
Advanced Editor
Save
<?php function add_user() { return edit_user(); } function edit_user($user_id = 0) { $wp_roles = wp_roles(); $user = new stdClass(); $user_id = (int) $user_id; if ($user_id) { $update = true; $user->ID = $user_id; $userdata = get_userdata($user_id); $user->user_login = wp_slash($userdata->user_login); } else { $update = false; } if (!$update && isset($_POST['user_login'])) { $user->user_login = sanitize_user(wp_unslash($_POST['user_login']), true); } $pass1 = ''; $pass2 = ''; if (isset($_POST['pass1'])) { $pass1 = trim($_POST['pass1']); } if (isset($_POST['pass2'])) { $pass2 = trim($_POST['pass2']); } if (isset($_POST['role']) && current_user_can('promote_users') && (!$user_id || current_user_can('promote_user', $user_id))) { $new_role = sanitize_text_field($_POST['role']); $editable_roles = get_editable_roles(); if (!empty($new_role) && empty($editable_roles[$new_role])) { wp_die(__('Sorry, you are not allowed to give users that role.'), 403); } $potential_role = isset($wp_roles->role_objects[$new_role]) ? $wp_roles->role_objects[$new_role] : false; if (is_multisite() && current_user_can('manage_network_users') || get_current_user_id() !== $user_id || $potential_role && $potential_role->has_cap('promote_users')) { $user->role = $new_role; } } if (isset($_POST['email'])) { $user->user_email = sanitize_text_field(wp_unslash($_POST['email'])); } if (isset($_POST['url'])) { if (empty($_POST['url']) || 'http://' === $_POST['url']) { $user->user_url = ''; } else { $user->user_url = esc_url_raw($_POST['url']); $protocols = implode('|', array_map('preg_quote', wp_allowed_protocols())); $user->user_url = preg_match('/^(' . $protocols . '):/is', $user->user_url) ? $user->user_url : 'http://' . $user->user_url; } } if (isset($_POST['first_name'])) { $user->first_name = sanitize_text_field($_POST['first_name']); } if (isset($_POST['last_name'])) { $user->last_name = sanitize_text_field($_POST['last_name']); } if (isset($_POST['nickname'])) { $user->nickname = sanitize_text_field($_POST['nickname']); } if (isset($_POST['display_name'])) { $user->display_name = sanitize_text_field($_POST['display_name']); } if (isset($_POST['description'])) { $user->description = trim($_POST['description']); } foreach (wp_get_user_contact_methods($user) as $method => $name) { if (isset($_POST[$method])) { $user->{$method} = sanitize_text_field($_POST[$method]); } } if (isset($_POST['locale'])) { $locale = sanitize_text_field($_POST['locale']); if ('site-default' === $locale) { $locale = ''; } elseif ('' === $locale) { $locale = 'en_US'; } elseif (!in_array($locale, get_available_languages(), true)) { $locale = ''; } $user->locale = $locale; } if ($update) { $user->rich_editing = isset($_POST['rich_editing']) && 'false' === $_POST['rich_editing'] ? 'false' : 'true'; $user->syntax_highlighting = isset($_POST['syntax_highlighting']) && 'false' === $_POST['syntax_highlighting'] ? 'false' : 'true'; $user->admin_color = isset($_POST['admin_color']) ? sanitize_text_field($_POST['admin_color']) : 'fresh'; $user->show_admin_bar_front = isset($_POST['admin_bar_front']) ? 'true' : 'false'; } $user->comment_shortcuts = isset($_POST['comment_shortcuts']) && 'true' === $_POST['comment_shortcuts'] ? 'true' : ''; $user->use_ssl = 0; if (!empty($_POST['use_ssl'])) { $user->use_ssl = 1; } $errors = new WP_Error(); if ('' === $user->user_login) { $errors->add('user_login', __('<strong>Error</strong>: Please enter a username.')); } if ($update && empty($user->nickname)) { $errors->add('nickname', __('<strong>Error</strong>: Please enter a nickname.')); } do_action_ref_array('check_passwords', array($user->user_login, &$pass1, &$pass2)); if (!$update && empty($pass1)) { $errors->add('pass', __('<strong>Error</strong>: Please enter a password.'), array('form-field' => 'pass1')); } if (false !== strpos(wp_unslash($pass1), '\\')) { $errors->add('pass', __('<strong>Error</strong>: Passwords may not contain the character "\\".'), array('form-field' => 'pass1')); } if (($update || !empty($pass1)) && $pass1 != $pass2) { $errors->add('pass', __('<strong>Error</strong>: Passwords don’t match. Please enter the same password in both password fields.'), array('form-field' => 'pass1')); } if (!empty($pass1)) { $user->user_pass = $pass1; } if (!$update && isset($_POST['user_login']) && !validate_username($_POST['user_login'])) { $errors->add('user_login', __('<strong>Error</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.')); } if (!$update && username_exists($user->user_login)) { $errors->add('user_login', __('<strong>Error</strong>: This username is already registered. Please choose another one.')); } $illegal_logins = (array) apply_filters('illegal_user_logins', array()); if (in_array(strtolower($user->user_login), array_map('strtolower', $illegal_logins), true)) { $errors->add('invalid_username', __('<strong>Error</strong>: Sorry, that username is not allowed.')); } if (empty($user->user_email)) { $errors->add('empty_email', __('<strong>Error</strong>: Please enter an email address.'), array('form-field' => 'email')); } elseif (!is_email($user->user_email)) { $errors->add('invalid_email', __('<strong>Error</strong>: The email address isn’t correct.'), array('form-field' => 'email')); } else { $owner_id = email_exists($user->user_email); if ($owner_id && (!$update || $owner_id != $user->ID)) { $errors->add('email_exists', __('<strong>Error</strong>: This email is already registered. Please choose another one.'), array('form-field' => 'email')); } } do_action_ref_array('user_profile_update_errors', array(&$errors, $update, &$user)); if ($errors->has_errors()) { return $errors; } if ($update) { $user_id = wp_update_user($user); } else { $user_id = wp_insert_user($user); $notify = isset($_POST['send_user_notification']) ? 'both' : 'admin'; do_action('edit_user_created_user', $user_id, $notify); } return $user_id; } function get_editable_roles() { $all_roles = wp_roles()->roles; $editable_roles = apply_filters('editable_roles', $all_roles); return $editable_roles; } function get_user_to_edit($user_id) { $user = get_userdata($user_id); if ($user) { $user->filter = 'edit'; } return $user; } function get_users_drafts($user_id) { global $wpdb; $query = $wpdb->prepare("SELECT ID, post_title FROM {$wpdb->posts} WHERE post_type = 'post' AND post_status = 'draft' AND post_author = %d ORDER BY post_modified DESC", $user_id); $query = apply_filters('get_users_drafts', $query); return $wpdb->get_results($query); } function wp_delete_user($id, $reassign = null) { global $wpdb; if (!is_numeric($id)) { return false; } $id = (int) $id; $user = new WP_User($id); if (!$user->exists()) { return false; } if ('novalue' === $reassign) { $reassign = null; } elseif (null !== $reassign) { $reassign = (int) $reassign; } do_action('delete_user', $id, $reassign, $user); if (null === $reassign) { $post_types_to_delete = array(); foreach (get_post_types(array(), 'objects') as $post_type) { if ($post_type->delete_with_user) { $post_types_to_delete[] = $post_type->name; } elseif (null === $post_type->delete_with_user && post_type_supports($post_type->name, 'author')) { $post_types_to_delete[] = $post_type->name; } } $post_types_to_delete = apply_filters('post_types_to_delete_with_user', $post_types_to_delete, $id); $post_types_to_delete = implode("', '", $post_types_to_delete); $post_ids = $wpdb->get_col($wpdb->prepare("SELECT ID FROM {$wpdb->posts} WHERE post_author = %d AND post_type IN ('{$post_types_to_delete}')", $id)); if ($post_ids) { foreach ($post_ids as $post_id) { wp_delete_post($post_id); } } $link_ids = $wpdb->get_col($wpdb->prepare("SELECT link_id FROM {$wpdb->links} WHERE link_owner = %d", $id)); if ($link_ids) { foreach ($link_ids as $link_id) { wp_delete_link($link_id); } } } else { $post_ids = $wpdb->get_col($wpdb->prepare("SELECT ID FROM {$wpdb->posts} WHERE post_author = %d", $id)); $wpdb->update($wpdb->posts, array('post_author' => $reassign), array('post_author' => $id)); if (!empty($post_ids)) { foreach ($post_ids as $post_id) { clean_post_cache($post_id); } } $link_ids = $wpdb->get_col($wpdb->prepare("SELECT link_id FROM {$wpdb->links} WHERE link_owner = %d", $id)); $wpdb->update($wpdb->links, array('link_owner' => $reassign), array('link_owner' => $id)); if (!empty($link_ids)) { foreach ($link_ids as $link_id) { clean_bookmark_cache($link_id); } } } if (is_multisite()) { remove_user_from_blog($id, get_current_blog_id()); } else { $meta = $wpdb->get_col($wpdb->prepare("SELECT umeta_id FROM {$wpdb->usermeta} WHERE user_id = %d", $id)); foreach ($meta as $mid) { delete_metadata_by_mid('user', $mid); } $wpdb->delete($wpdb->users, array('ID' => $id)); } clean_user_cache($user); do_action('deleted_user', $id, $reassign, $user); return true; } function wp_revoke_user($id) { $id = (int) $id; $user = new WP_User($id); $user->remove_all_caps(); } function default_password_nag_handler($errors = false) { global $user_ID; if (!get_user_option('default_password_nag')) { return; } if ('hide' === get_user_setting('default_password_nag') || isset($_GET['default_password_nag']) && '0' == $_GET['default_password_nag']) { delete_user_setting('default_password_nag'); update_user_option($user_ID, 'default_password_nag', false, true); } } function default_password_nag_edit_user($user_ID, $old_data) { if (!get_user_option('default_password_nag', $user_ID)) { return; } $new_data = get_userdata($user_ID); if ($new_data->user_pass != $old_data->user_pass) { delete_user_setting('default_password_nag'); update_user_option($user_ID, 'default_password_nag', false, true); } } function default_password_nag() { global $pagenow; if ('profile.php' === $pagenow || !get_user_option('default_password_nag')) { return; } echo '<div class="error default-password-nag">'; echo '<p>'; echo '<strong>' . __('Notice:') . '</strong> '; _e('You’re using the auto-generated password for your account. Would you like to change it?'); echo '</p><p>'; printf('<a href="%s">' . __('Yes, take me to my profile page') . '</a> | ', get_edit_profile_url() . '#password'); printf('<a href="%s" id="default-password-nag-no">' . __('No thanks, do not remind me again') . '</a>', '?default_password_nag=0'); echo '</p></div>'; } function delete_users_add_js() { ?> <script> jQuery(document).ready( function($) { var submit = $('#submit').prop('disabled', true); $('input[name="delete_option"]').one('change', function() { submit.prop('disabled', false); }); $('#reassign_user').focus( function() { $('#delete_option1').prop('checked', true).trigger('change'); }); }); </script> <?php } function use_ssl_preference($user) { ?> <tr class="user-use-ssl-wrap"> <th scope="row"><?php _e('Use https'); ?></th> <td><label for="use_ssl"><input name="use_ssl" type="checkbox" id="use_ssl" value="1" <?php checked('1', $user->use_ssl); ?> /> <?php _e('Always use https when visiting the admin'); ?></label></td> </tr> <?php } function admin_created_user_email($text) { $roles = get_editable_roles(); $role = $roles[$_REQUEST['role']]; return sprintf(__('Hi, You\'ve been invited to join \'%1$s\' at %2$s with the role of %3$s. If you do not want to join this site please ignore this email. This invitation will expire in a few days. Please click the following link to activate your user account: %%s'), wp_specialchars_decode(get_bloginfo('name'), ENT_QUOTES), home_url(), wp_specialchars_decode(translate_user_role($role['name']))); } function wp_is_authorize_application_password_request_valid($request, $user) { $error = new WP_Error(); if (!empty($request['success_url'])) { $scheme = wp_parse_url($request['success_url'], PHP_URL_SCHEME); if ('http' === $scheme) { $error->add('invalid_redirect_scheme', __('The success url must be served over a secure connection.')); } } if (!empty($request['reject_url'])) { $scheme = wp_parse_url($request['reject_url'], PHP_URL_SCHEME); if ('http' === $scheme) { $error->add('invalid_redirect_scheme', __('The rejection url must be served over a secure connection.')); } } if (!empty($request['app_id']) && !wp_is_uuid($request['app_id'])) { $error->add('invalid_app_id', __('The app id must be a uuid.')); } do_action('wp_authorize_application_password_request_errors', $error, $request, $user); if ($error->has_errors()) { return $error; } return true; }