[ Index ] |
PHP Cross Reference of BuddyPress |
[Summary view] [Print] [Text view]
1 <?php 2 3 if ( !function_exists( 'bb_auth' ) ) : 4 function bb_auth( $scheme = 'auth' ) { // Checks if a user has a valid cookie, if not redirects them to the main page 5 if ( !bb_validate_auth_cookie( '', $scheme ) ) { 6 nocache_headers(); 7 if ( 'auth' === $scheme && !bb_is_user_logged_in() ) { 8 $protocol = 'http://'; 9 if ( is_ssl() ) { 10 $protocol = 'https://'; 11 } 12 wp_redirect( bb_get_uri( 'bb-login.php', array( 'redirect_to' => $protocol . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ), BB_URI_CONTEXT_HEADER + BB_URI_CONTEXT_BB_USER_FORMS ) ); 13 } else { 14 wp_redirect( bb_get_uri( null, null, BB_URI_CONTEXT_HEADER ) ); 15 } 16 exit; 17 } 18 } 19 endif; 20 21 // $already_md5 variable is deprecated 22 if ( !function_exists('bb_check_login') ) : 23 function bb_check_login($user, $pass, $already_md5 = false) { 24 global $wp_users_object; 25 26 if ( !bb_get_option( 'email_login' ) || false === strpos( $user, '@' ) ) { // user_login 27 $user = $wp_users_object->get_user( $user, array( 'by' => 'login' ) ); 28 } else { // maybe an email 29 $email_user = $wp_users_object->get_user( $user, array( 'by' => 'email' ) ); 30 $user = $wp_users_object->get_user( $user, array( 'by' => 'login' ) ); 31 // 9 cases. each can be FALSE, USER, or WP_ERROR 32 if ( 33 ( !$email_user && $user ) // FALSE && USER, FALSE && WP_ERROR 34 || 35 ( is_wp_error( $email_user ) && $user && !is_wp_error( $user ) ) // WP_ERROR && USER 36 ) { 37 // nope: it really was a user_login 38 // [sic]: use $user 39 } elseif ( 40 ( $email_user && !$user ) // USER && FALSE, WP_ERROR && FALSE 41 || 42 ( $email_user && !is_wp_error( $email_user ) && is_wp_error( $user ) ) // USER && WP_ERROR 43 ) { 44 // yup: it was an email 45 $user =& $email_user; 46 } elseif ( !$email_user && !$user ) { // FALSE && FALSE 47 // Doesn't matter what it was: neither worked 48 return false; 49 } elseif ( is_wp_error( $email_user ) && is_wp_error( $user ) ) { // WP_ERROR && WP_ERROR 50 // This can't happen. If it does, let's use the email error. It's probably "multiple matches", so maybe logging in with a username will work 51 $user =& $email_user; 52 } elseif ( $email_user && $user ) { // USER && USER 53 // both are user objects 54 if ( $email_user->ID == $user->ID ); // [sic]: they are the same, use $user 55 elseif ( bb_check_password($pass, $user->user_pass, $user->ID) ); // [sic]: use $user 56 elseif ( bb_check_password($pass, $email_user->user_pass, $email_user->ID) ) 57 $user =& $email_user; 58 } else { // This can't happen, that's all 9 cases. 59 // [sic]: use $user 60 } 61 } 62 63 if ( !$user ) 64 return false; 65 66 if ( is_wp_error($user) ) 67 return $user; 68 69 if ( !bb_check_password($pass, $user->user_pass, $user->ID) ) 70 return false; 71 72 // User is logging in for the first time, update their user_status to normal 73 if ( 1 == $user->user_status ) 74 bb_update_user_status( $user->ID, 0 ); 75 76 return $user; 77 } 78 endif; 79 80 if ( !function_exists('bb_get_current_user') ) : 81 function bb_get_current_user() { 82 global $wp_auth_object; 83 return $wp_auth_object->get_current_user(); 84 } 85 endif; 86 87 if ( !function_exists('bb_set_current_user') ) : 88 function bb_set_current_user( $id ) { 89 global $wp_auth_object; 90 $current_user = $wp_auth_object->set_current_user( $id ); 91 92 do_action('bb_set_current_user', isset($current_user->ID) ? $current_user->ID : 0 ); 93 94 return $current_user; 95 } 96 endif; 97 98 if ( !function_exists('bb_current_user') ) : 99 //This is only used at initialization. Use bb_get_current_user_info() (or $bb_current_user global if really needed) to grab user info. 100 function bb_current_user() { 101 if (BB_INSTALLING) 102 return false; 103 104 return bb_get_current_user(); 105 } 106 endif; 107 108 if ( !function_exists('bb_is_user_authorized') ) : 109 function bb_is_user_authorized() { 110 return bb_is_user_logged_in(); 111 } 112 endif; 113 114 if ( !function_exists('bb_is_user_logged_in') ) : 115 function bb_is_user_logged_in() { 116 $current_user = bb_get_current_user(); 117 118 if ( empty($current_user) ) 119 return false; 120 121 return true; 122 } 123 endif; 124 125 if ( !function_exists('bb_login') ) : 126 function bb_login( $login, $password, $remember = false ) { 127 $user = bb_check_login( $login, $password ); 128 if ( $user && !is_wp_error( $user ) ) { 129 bb_set_auth_cookie( $user->ID, $remember ); 130 do_action('bb_user_login', (int) $user->ID ); 131 } 132 133 return $user; 134 } 135 endif; 136 137 if ( !function_exists('bb_logout') ) : 138 function bb_logout() { 139 bb_clear_auth_cookie(); 140 141 do_action('bb_user_logout'); 142 } 143 endif; 144 145 if ( !function_exists( 'bb_validate_auth_cookie' ) ) : 146 function bb_validate_auth_cookie( $cookie = '', $scheme = 'auth' ) { 147 global $wp_auth_object; 148 if ( empty($cookie) && $scheme == 'auth' ) { 149 if ( is_ssl() ) { 150 $scheme = 'secure_auth'; 151 } else { 152 $scheme = 'auth'; 153 } 154 } 155 return $wp_auth_object->validate_auth_cookie( $cookie, $scheme ); 156 } 157 endif; 158 159 if ( !function_exists( 'bb_set_auth_cookie' ) ) : 160 function bb_set_auth_cookie( $user_id, $remember = false, $schemes = false ) { 161 global $wp_auth_object; 162 163 if ( $remember ) { 164 $expiration = $expire = time() + 1209600; 165 } else { 166 $expiration = time() + 172800; 167 $expire = 0; 168 } 169 170 if ( true === $schemes ) { 171 $schemes = array( 'secure_auth', 'logged_in' ); 172 } elseif ( !is_array( $schemes ) ) { 173 $schemes = array(); 174 if ( force_ssl_login() || force_ssl_admin() ) { 175 $schemes[] = 'secure_auth'; 176 } 177 if ( !( force_ssl_login() && force_ssl_admin() ) ) { 178 $schemes[] = 'auth'; 179 } 180 $schemes[] = 'logged_in'; 181 } 182 $schemes = array_unique( $schemes ); 183 184 foreach ( $schemes as $scheme ) { 185 $wp_auth_object->set_auth_cookie( $user_id, $expiration, $expire, $scheme ); 186 } 187 } 188 endif; 189 190 if ( !function_exists('bb_clear_auth_cookie') ) : 191 function bb_clear_auth_cookie() { 192 global $bb, $wp_auth_object; 193 194 $wp_auth_object->clear_auth_cookie(); 195 196 // Old cookies 197 setcookie($bb->authcookie, ' ', time() - 31536000, $bb->cookiepath, $bb->cookiedomain); 198 setcookie($bb->authcookie, ' ', time() - 31536000, $bb->sitecookiepath, $bb->cookiedomain); 199 200 // Even older cookies 201 setcookie($bb->usercookie, ' ', time() - 31536000, $bb->cookiepath, $bb->cookiedomain); 202 setcookie($bb->usercookie, ' ', time() - 31536000, $bb->sitecookiepath, $bb->cookiedomain); 203 setcookie($bb->passcookie, ' ', time() - 31536000, $bb->cookiepath, $bb->cookiedomain); 204 setcookie($bb->passcookie, ' ', time() - 31536000, $bb->sitecookiepath, $bb->cookiedomain); 205 } 206 endif; 207 208 if ( !function_exists('wp_redirect') ) : // [WP11537] 209 /** 210 * Redirects to another page, with a workaround for the IIS Set-Cookie bug. 211 * 212 * @link http://support.microsoft.com/kb/q176113/ 213 * @since 1.5.1 214 * @uses apply_filters() Calls 'wp_redirect' hook on $location and $status. 215 * 216 * @param string $location The path to redirect to 217 * @param int $status Status code to use 218 * @return bool False if $location is not set 219 */ 220 function wp_redirect($location, $status = 302) { 221 global $is_IIS; 222 223 $location = apply_filters('wp_redirect', $location, $status); 224 $status = apply_filters('wp_redirect_status', $status, $location); 225 226 if ( !$location ) // allows the wp_redirect filter to cancel a redirect 227 return false; 228 229 $location = wp_sanitize_redirect($location); 230 231 if ( $is_IIS ) { 232 header("Refresh: 0;url=$location"); 233 } else { 234 if ( php_sapi_name() != 'cgi-fcgi' ) 235 status_header($status); // This causes problems on IIS and some FastCGI setups 236 header("Location: $location"); 237 } 238 } 239 endif; 240 241 if ( !function_exists('wp_sanitize_redirect') ) : // [WP11537] 242 /** 243 * Sanitizes a URL for use in a redirect. 244 * 245 * @since 2.3 246 * 247 * @return string redirect-sanitized URL 248 **/ 249 function wp_sanitize_redirect($location) { 250 $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!]|i', '', $location); 251 $location = wp_kses_no_null($location); 252 253 // remove %0d and %0a from location 254 $strip = array('%0d', '%0a'); 255 $found = true; 256 while($found) { 257 $found = false; 258 foreach( (array) $strip as $val ) { 259 while(strpos($location, $val) !== false) { 260 $found = true; 261 $location = str_replace($val, '', $location); 262 } 263 } 264 } 265 return $location; 266 } 267 endif; 268 269 if ( !function_exists('bb_safe_redirect') ) : // based on [WP6145] (home is different) 270 /** 271 * Performs a safe (local) redirect, using wp_redirect(). 272 * 273 * Checks whether the $location is using an allowed host, if it has an absolute 274 * path. A plugin can therefore set or remove allowed host(s) to or from the 275 * list. 276 * 277 * If the host is not allowed, then the redirect is to the site url 278 * instead. This prevents malicious redirects which redirect to another host, 279 * but only used in a few places. 280 * 281 * @uses apply_filters() Calls 'allowed_redirect_hosts' on an array containing 282 * bbPress host string and $location host string. 283 * 284 * @return void Does not return anything 285 **/ 286 function bb_safe_redirect( $location, $status = 302 ) { 287 288 // Need to look at the URL the way it will end up in wp_redirect() 289 $location = wp_sanitize_redirect($location); 290 291 // browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//' 292 if ( substr($location, 0, 2) == '//' ) 293 $location = 'http:' . $location; 294 295 // In php 5 parse_url may fail if the URL query part contains http://, bug #38143 296 $test = ( $cut = strpos($location, '?') ) ? substr( $location, 0, $cut ) : $location; 297 298 $lp = parse_url($test); 299 $bp = parse_url(bb_get_uri()); 300 301 $allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($bp['host']), isset($lp['host']) ? $lp['host'] : ''); 302 303 if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($bp['host'])) ) 304 $location = bb_get_uri(null, null, BB_URI_CONTEXT_HEADER); 305 306 return wp_redirect($location, $status); 307 } 308 endif; 309 310 if ( !function_exists('bb_nonce_tick') ) : 311 /** 312 * Get the time-dependent variable for nonce creation. 313 * 314 * A nonce has a lifespan of two ticks. Nonces in their second tick may be 315 * updated, e.g. by autosave. 316 * 317 * @since 1.0 318 * 319 * @return int 320 */ 321 function bb_nonce_tick() { 322 $nonce_life = apply_filters('bb_nonce_life', 86400); 323 324 return ceil(time() / ( $nonce_life / 2 )); 325 } 326 endif; 327 328 if ( !function_exists('bb_verify_nonce') ) : 329 /** 330 * Verify that correct nonce was used with time limit. 331 * 332 * The user is given an amount of time to use the token, so therefore, since the 333 * UID and $action remain the same, the independent variable is the time. 334 * 335 * @param string $nonce Nonce that was used in the form to verify 336 * @param string|int $action Should give context to what is taking place and be the same when nonce was created. 337 * @return bool Whether the nonce check passed or failed. 338 */ 339 function bb_verify_nonce($nonce, $action = -1) { 340 $user = bb_get_current_user(); 341 $uid = (int) $user->ID; 342 343 $i = bb_nonce_tick(); 344 345 // Nonce generated 0-12 hours ago 346 if ( substr(bb_hash($i . $action . $uid, 'nonce'), -12, 10) == $nonce ) 347 return 1; 348 // Nonce generated 12-24 hours ago 349 if ( substr(bb_hash(($i - 1) . $action . $uid, 'nonce'), -12, 10) == $nonce ) 350 return 2; 351 // Invalid nonce 352 return false; 353 } 354 endif; 355 356 if ( !function_exists('bb_create_nonce') ) : 357 /** 358 * Creates a random, one time use token. 359 * 360 * @since 2.0.4 361 * 362 * @param string|int $action Scalar value to add context to the nonce. 363 * @return string The one use form token 364 */ 365 function bb_create_nonce($action = -1) { 366 $user = bb_get_current_user(); 367 $uid = (int) $user->ID; 368 369 $i = bb_nonce_tick(); 370 371 return substr(bb_hash($i . $action . $uid, 'nonce'), -12, 10); 372 } 373 endif; 374 375 function _bb_get_key( $key, $default_key = false ) 376 { 377 global $bb_default_secret_key; 378 379 if ( defined( $key ) && '' != constant( $key ) && $bb_default_secret_key != constant( $key ) ) { 380 return constant( $key ); 381 } 382 383 return ''; 384 } 385 386 function _bb_get_salt( $constants, $option = false ) 387 { 388 if ( !is_array( $constants ) ) { 389 $constants = array( $constants ); 390 } 391 392 foreach ($constants as $constant ) { 393 if ( defined( $constant ) ) { 394 return constant( $constant ); 395 } 396 } 397 398 if ( !defined( 'BB_INSTALLING' ) || !BB_INSTALLING ) { 399 if ( !$option ) { 400 $option = strtolower( $constants[0] ); 401 } 402 $salt = bb_get_option( $option ); 403 if ( empty( $salt ) ) { 404 $salt = bb_generate_password( 64 ); 405 bb_update_option( $option, $salt ); 406 } 407 return $salt; 408 } 409 410 return ''; 411 } 412 413 // Not verbatim WP, constants have different names, uses helper functions. 414 if ( !function_exists( 'bb_salt' ) ) : 415 /** 416 * Get salt to add to hashes to help prevent attacks. 417 * 418 * @since 0.9 419 * @link http://api.wordpress.org/secret-key/1.1/bbpress/ Create a set of keys for bb-config.php 420 * @uses _bb_get_key() 421 * @uses _bb_get_salt() 422 * 423 * @return string Salt value for the given scheme 424 */ 425 function bb_salt( $scheme = 'auth' ) 426 { 427 // Deprecated 428 $secret_key = _bb_get_key( 'BB_SECRET_KEY' ); 429 430 switch ($scheme) { 431 case 'auth': 432 $secret_key = _bb_get_key( 'BB_AUTH_KEY' ); 433 $salt = _bb_get_salt( array( 'BB_AUTH_SALT', 'BB_SECRET_SALT' ) ); 434 break; 435 436 case 'secure_auth': 437 $secret_key = _bb_get_key( 'BB_SECURE_AUTH_KEY' ); 438 $salt = _bb_get_salt( 'BB_SECURE_AUTH_SALT' ); 439 break; 440 441 case 'logged_in': 442 $secret_key = _bb_get_key( 'BB_LOGGED_IN_KEY' ); 443 $salt = _bb_get_salt( 'BB_LOGGED_IN_SALT' ); 444 break; 445 446 case 'nonce': 447 $secret_key = _bb_get_key( 'BB_NONCE_KEY' ); 448 $salt = _bb_get_salt( 'BB_NONCE_SALT' ); 449 break; 450 451 default: 452 // ensure each auth scheme has its own unique salt 453 $salt = hash_hmac( 'md5', $scheme, $secret_key ); 454 break; 455 } 456 457 return apply_filters( 'salt', $secret_key . $salt, $scheme ); 458 } 459 endif; 460 461 if ( !function_exists( 'bb_hash' ) ) : 462 function bb_hash( $data, $scheme = 'auth' ) { 463 $salt = bb_salt( $scheme ); 464 465 return hash_hmac( 'md5', $data, $salt ); 466 } 467 endif; 468 469 if ( !function_exists( 'bb_hash_password' ) ) : 470 function bb_hash_password( $password ) { 471 return WP_Pass::hash_password( $password ); 472 } 473 endif; 474 475 if ( !function_exists( 'bb_check_password') ) : 476 function bb_check_password( $password, $hash, $user_id = '' ) { 477 return WP_Pass::check_password( $password, $hash, $user_id ); 478 } 479 endif; 480 481 if ( !function_exists( 'bb_generate_password' ) ) : 482 /** 483 * Generates a random password drawn from the defined set of characters 484 * @return string the password 485 */ 486 function bb_generate_password( $length = 12, $special_chars = true ) { 487 return WP_Pass::generate_password( $length, $special_chars ); 488 } 489 endif; 490 491 if ( !function_exists('bb_check_admin_referer') ) : 492 function bb_check_admin_referer( $action = -1, $query_arg = '_wpnonce' ) { 493 $nonce = ''; 494 if ( isset( $_POST[$query_arg] ) && $_POST[$query_arg] ) { 495 $nonce = $_POST[$query_arg]; 496 } elseif ( isset( $_GET[$query_arg] ) && $_GET[$query_arg] ) { 497 $nonce = $_GET[$query_arg]; 498 } 499 if ( !bb_verify_nonce($nonce, $action) ) { 500 bb_nonce_ays($action); 501 die(); 502 } 503 do_action('bb_check_admin_referer', $action); 504 } 505 endif; 506 507 if ( !function_exists('bb_check_ajax_referer') ) : 508 function bb_check_ajax_referer( $action = -1, $query_arg = false, $die = true ) { 509 $requests = array(); 510 if ( $query_arg ) { 511 $requests[] = $query_arg; 512 } 513 $requests[] = '_ajax_nonce'; 514 $requests[] = '_wpnonce'; 515 516 $nonce = ''; 517 foreach ( $requests as $request ) { 518 if ( isset( $_POST[$request] ) && $_POST[$request] ) { 519 $nonce = $_POST[$request]; 520 break; 521 } elseif ( isset( $_GET[$request] ) && $_GET[$request] ) { 522 $nonce = $_GET[$request]; 523 break; 524 } 525 } 526 527 $result = bb_verify_nonce( $nonce, $action ); 528 529 if ( $die && false == $result ) 530 die('-1'); 531 532 do_action('bb_check_ajax_referer', $action, $result); 533 return $result; 534 } 535 endif; 536 537 if ( !function_exists('bb_break_password') ) : 538 function bb_break_password( $user_id ) { 539 global $bbdb; 540 $user_id = (int) $user_id; 541 if ( !$user = bb_get_user( $user_id ) ) 542 return false; 543 $secret = substr(bb_hash( 'bb_break_password' ), 0, 13); 544 if ( false === strpos( $user->user_pass, '---' ) ) 545 return $bbdb->query( $bbdb->prepare( 546 "UPDATE $bbdb->users SET user_pass = CONCAT(user_pass, '---', %s) WHERE ID = %d", 547 $secret, $user_id 548 ) ); 549 else 550 return true; 551 } 552 endif; 553 554 if ( !function_exists('bb_fix_password') ) : 555 function bb_fix_password( $user_id ) { 556 global $bbdb; 557 $user_id = (int) $user_id; 558 if ( !$user = bb_get_user( $user_id ) ) 559 return false; 560 if ( false === strpos( $user->user_pass, '---' ) ) 561 return true; 562 else 563 return $bbdb->query( $bbdb->prepare( 564 "UPDATE $bbdb->users SET user_pass = SUBSTRING_INDEX(user_pass, '---', 1) WHERE ID = %d", 565 $user_id 566 ) ); 567 } 568 endif; 569 570 if ( !function_exists('bb_has_broken_pass') ) : 571 function bb_has_broken_pass( $user_id = 0 ) { 572 global $bb_current_user; 573 if ( !$user_id ) 574 $user =& $bb_current_user->data; 575 else 576 $user = bb_get_user( $user_id ); 577 578 return ( false !== strpos($user->user_pass, '---' ) ); 579 } 580 endif; 581 582 if ( !function_exists('bb_new_user') ) : 583 function bb_new_user( $user_login, $user_email, $user_url, $user_status = 1 ) { 584 global $wp_users_object, $bbdb; 585 586 // is_email check + dns 587 if ( !$user_email = is_email( $user_email ) ) 588 return new WP_Error( 'user_email', __( 'Invalid email address' ), $user_email ); 589 590 if ( !$user_login = sanitize_user( $user_login, true ) ) 591 return new WP_Error( 'user_login', __( 'Invalid username' ), $user_login ); 592 593 // user_status = 1 means the user has not yet been verified 594 $user_status = is_numeric($user_status) ? (int) $user_status : 1; 595 if ( defined( 'BB_INSTALLING' ) ) 596 $user_status = 0; 597 598 $user_nicename = $_user_nicename = bb_user_nicename_sanitize( $user_login ); 599 if ( strlen( $_user_nicename ) < 1 ) 600 return new WP_Error( 'user_login', __( 'Invalid username' ), $user_login ); 601 602 while ( is_numeric($user_nicename) || $existing_user = bb_get_user_by_nicename( $user_nicename ) ) 603 $user_nicename = bb_slug_increment($_user_nicename, $existing_user->user_nicename, 50); 604 605 $user_url = $user_url ? bb_fix_link( $user_url ) : ''; 606 607 $user_pass = bb_generate_password(); 608 609 $user = $wp_users_object->new_user( compact( 'user_login', 'user_email', 'user_url', 'user_nicename', 'user_status', 'user_pass' ) ); 610 if ( is_wp_error($user) ) { 611 if ( 'user_nicename' == $user->get_error_code() ) 612 return new WP_Error( 'user_login', $user->get_error_message() ); 613 return $user; 614 } 615 616 if (BB_INSTALLING) { 617 bb_update_usermeta( $user['ID'], $bbdb->prefix . 'capabilities', array('keymaster' => true) ); 618 } else { 619 bb_update_usermeta( $user['ID'], $bbdb->prefix . 'capabilities', array('member' => true) ); 620 bb_send_pass( $user['ID'], $user['plain_pass'] ); 621 } 622 623 do_action('bb_new_user', $user['ID'], $user['plain_pass']); 624 return $user['ID']; 625 } 626 endif; 627 628 if ( !function_exists( 'bb_mail' ) ) : 629 /** 630 * Send mail, similar to PHP's mail 631 * 632 * A true return value does not automatically mean that the user received the 633 * email successfully. It just only means that the method used was able to 634 * process the request without any errors. 635 * 636 * Using the two 'bb_mail_from' and 'bb_mail_from_name' hooks allow from 637 * creating a from address like 'Name <email@address.com>' when both are set. If 638 * just 'bb_mail_from' is set, then just the email address will be used with no 639 * name. 640 * 641 * The default content type is 'text/plain' which does not allow using HTML. 642 * However, you can set the content type of the email by using the 643 * 'bb_mail_content_type' filter. 644 * 645 * The default charset is based on the charset used on the blog. The charset can 646 * be set using the 'bb_mail_charset' filter. 647 * 648 * @uses apply_filters() Calls 'bb_mail' hook on an array of all of the parameters. 649 * @uses apply_filters() Calls 'bb_mail_from' hook to get the from email address. 650 * @uses apply_filters() Calls 'bb_mail_from_name' hook to get the from address name. 651 * @uses apply_filters() Calls 'bb_mail_content_type' hook to get the email content type. 652 * @uses apply_filters() Calls 'bb_mail_charset' hook to get the email charset 653 * @uses do_action_ref_array() Calls 'bb_phpmailer_init' hook on the reference to 654 * phpmailer object. 655 * @uses PHPMailer 656 * 657 * @param string $to Email address to send message 658 * @param string $subject Email subject 659 * @param string $message Message contents 660 * @param string|array $headers Optional. Additional headers. 661 * @param string|array $attachments Optional. Files to attach. 662 * @return bool Whether the email contents were sent successfully. 663 */ 664 function bb_mail( $to, $subject, $message, $headers = '', $attachments = array() ) { 665 // Compact the input, apply the filters, and extract them back out 666 extract( apply_filters( 'bb_mail', compact( 'to', 'subject', 'message', 'headers', 'attachments' ) ) ); 667 668 if ( !is_array($attachments) ) 669 $attachments = explode( "\n", $attachments ); 670 671 global $bb_phpmailer; 672 673 // (Re)create it, if it's gone missing 674 if ( !is_object( $bb_phpmailer ) || !is_a( $bb_phpmailer, 'PHPMailer' ) ) { 675 require_once BACKPRESS_PATH . 'class.mailer.php'; 676 require_once BACKPRESS_PATH . 'class.mailer-smtp.php'; 677 $bb_phpmailer = new PHPMailer(); 678 } 679 680 // Headers 681 if ( empty( $headers ) ) { 682 $headers = array(); 683 } else { 684 if ( !is_array( $headers ) ) { 685 // Explode the headers out, so this function can take both 686 // string headers and an array of headers. 687 $tempheaders = (array) explode( "\n", $headers ); 688 } else { 689 $tempheaders = $headers; 690 } 691 $headers = array(); 692 693 // If it's actually got contents 694 if ( !empty( $tempheaders ) ) { 695 // Iterate through the raw headers 696 foreach ( (array) $tempheaders as $header ) { 697 if ( strpos($header, ':') === false ) { 698 if ( false !== stripos( $header, 'boundary=' ) ) { 699 $parts = preg_split('/boundary=/i', trim( $header ) ); 700 $boundary = trim( str_replace( array( "'", '"' ), '', $parts[1] ) ); 701 } 702 continue; 703 } 704 // Explode them out 705 list( $name, $content ) = explode( ':', trim( $header ), 2 ); 706 707 // Cleanup crew 708 $name = trim( $name ); 709 $content = trim( $content ); 710 711 // Mainly for legacy -- process a From: header if it's there 712 if ( 'from' == strtolower($name) ) { 713 if ( strpos($content, '<' ) !== false ) { 714 // So... making my life hard again? 715 $from_name = substr( $content, 0, strpos( $content, '<' ) - 1 ); 716 $from_name = str_replace( '"', '', $from_name ); 717 $from_name = trim( $from_name ); 718 719 $from_email = substr( $content, strpos( $content, '<' ) + 1 ); 720 $from_email = str_replace( '>', '', $from_email ); 721 $from_email = trim( $from_email ); 722 } else { 723 $from_email = trim( $content ); 724 } 725 } elseif ( 'content-type' == strtolower($name) ) { 726 if ( strpos( $content,';' ) !== false ) { 727 list( $type, $charset ) = explode( ';', $content ); 728 $content_type = trim( $type ); 729 if ( false !== stripos( $charset, 'charset=' ) ) { 730 $charset = trim( str_replace( array( 'charset=', '"' ), '', $charset ) ); 731 } elseif ( false !== stripos( $charset, 'boundary=' ) ) { 732 $boundary = trim( str_replace( array( 'BOUNDARY=', 'boundary=', '"' ), '', $charset ) ); 733 $charset = ''; 734 } 735 } else { 736 $content_type = trim( $content ); 737 } 738 } elseif ( 'cc' == strtolower($name) ) { 739 $cc = explode(",", $content); 740 } elseif ( 'bcc' == strtolower($name) ) { 741 $bcc = explode(",", $content); 742 } else { 743 // Add it to our grand headers array 744 $headers[trim( $name )] = trim( $content ); 745 } 746 } 747 } 748 } 749 750 // Empty out the values that may be set 751 $bb_phpmailer->ClearAddresses(); 752 $bb_phpmailer->ClearAllRecipients(); 753 $bb_phpmailer->ClearAttachments(); 754 $bb_phpmailer->ClearBCCs(); 755 $bb_phpmailer->ClearCCs(); 756 $bb_phpmailer->ClearCustomHeaders(); 757 $bb_phpmailer->ClearReplyTos(); 758 759 // From email and name 760 // If we don't have a name from the input headers 761 if ( !isset( $from_name ) ) { 762 $from_name = bb_get_option('name'); 763 } 764 765 // If we don't have an email from the input headers 766 if ( !isset( $from_email ) ) { 767 $from_email = bb_get_option('from_email'); 768 } 769 770 // If there is still no email address 771 if ( !$from_email ) { 772 // Get the site domain and get rid of www. 773 $sitename = strtolower( $_SERVER['SERVER_NAME'] ); 774 if ( substr( $sitename, 0, 4 ) == 'www.' ) { 775 $sitename = substr( $sitename, 4 ); 776 } 777 778 $from_email = 'bbpress@' . $sitename; 779 } 780 781 // Plugin authors can override the potentially troublesome default 782 $bb_phpmailer->From = apply_filters( 'bb_mail_from', $from_email ); 783 $bb_phpmailer->FromName = apply_filters( 'bb_mail_from_name', $from_name ); 784 785 // Set destination address 786 $bb_phpmailer->AddAddress( $to ); 787 788 // Set mail's subject and body 789 $bb_phpmailer->Subject = $subject; 790 $bb_phpmailer->Body = $message; 791 792 // Add any CC and BCC recipients 793 if ( !empty($cc) ) { 794 foreach ( (array) $cc as $recipient ) { 795 $bb_phpmailer->AddCc( trim($recipient) ); 796 } 797 } 798 if ( !empty($bcc) ) { 799 foreach ( (array) $bcc as $recipient) { 800 $bb_phpmailer->AddBcc( trim($recipient) ); 801 } 802 } 803 804 // Set to use PHP's mail() 805 $bb_phpmailer->IsMail(); 806 807 // Set Content-Type and charset 808 // If we don't have a content-type from the input headers 809 if ( !isset( $content_type ) ) { 810 $content_type = 'text/plain'; 811 } 812 813 $content_type = apply_filters( 'bb_mail_content_type', $content_type ); 814 815 $bb_phpmailer->ContentType = $content_type; 816 817 // Set whether it's plaintext or not, depending on $content_type 818 if ( $content_type == 'text/html' ) { 819 $bb_phpmailer->IsHTML( true ); 820 } 821 822 // If we don't have a charset from the input headers 823 if ( !isset( $charset ) ) { 824 $charset = bb_get_option( 'charset' ); 825 } 826 827 // Set the content-type and charset 828 $bb_phpmailer->CharSet = apply_filters( 'bb_mail_charset', $charset ); 829 830 // Set custom headers 831 if ( !empty( $headers ) ) { 832 foreach( (array) $headers as $name => $content ) { 833 $bb_phpmailer->AddCustomHeader( sprintf( '%1$s: %2$s', $name, $content ) ); 834 } 835 if ( false !== stripos( $content_type, 'multipart' ) && ! empty($boundary) ) { 836 $bb_phpmailer->AddCustomHeader( sprintf( "Content-Type: %s;\n\t boundary=\"%s\"", $content_type, $boundary ) ); 837 } 838 } 839 840 if ( !empty( $attachments ) ) { 841 foreach ( $attachments as $attachment ) { 842 $bb_phpmailer->AddAttachment($attachment); 843 } 844 } 845 846 do_action_ref_array( 'bb_phpmailer_init', array( &$bb_phpmailer ) ); 847 848 // Send! 849 $result = @$bb_phpmailer->Send(); 850 851 return $result; 852 } 853 endif; 854 855 if ( !function_exists( 'bb_get_avatar' ) ) : 856 /** 857 * Retrieve the avatar for a user provided a user ID or email address 858 * 859 * @since 0.9 860 * @param int|string $id_or_email A user ID or email address 861 * @param int $size Size of the avatar image 862 * @param string $default URL to a default image to use if no avatar is available 863 * @param string $alt Alternate text to use in image tag. Defaults to blank 864 * @return string <img> tag for the user's avatar 865 */ 866 function bb_get_avatar( $id_or_email, $size = 80, $default = '', $alt = false ) { 867 if ( !bb_get_option('avatars_show') ) 868 return false; 869 870 if ( false === $alt) 871 $safe_alt = ''; 872 else 873 $safe_alt = esc_attr( $alt ); 874 875 if ( !is_numeric($size) ) 876 $size = 80; 877 878 if ( $email = bb_get_user_email($id_or_email) ) { 879 $class = 'photo '; 880 } else { 881 $class = ''; 882 $email = $id_or_email; 883 } 884 885 if ( !$email ) 886 $email = ''; 887 888 if ( empty($default) ) 889 $default = bb_get_option('avatars_default'); 890 891 if ( is_ssl() ) 892 $host = 'https://secure.gravatar.com'; 893 else 894 $host = 'http://www.gravatar.com'; 895 896 switch ($default) { 897 case 'logo': 898 $default = ''; 899 break; 900 case 'blank': 901 $default = bb_get_uri( 'bb-admin/images/blank.gif', null, BB_URI_CONTEXT_IMG_SRC ); 902 break; 903 case 'monsterid': 904 case 'wavatar': 905 case 'identicon': 906 case 'retro': 907 break; 908 case 'default': 909 default: 910 $default = $host . '/avatar/ad516503a11cd5ca435acc9bb6523536?s=' . $size; 911 // ad516503a11cd5ca435acc9bb6523536 == md5('unknown@gravatar.com') 912 break; 913 } 914 915 $src = $host . '/avatar/'; 916 $class .= 'avatar avatar-' . $size; 917 918 if ( !empty($email) ) { 919 $src .= md5( strtolower( $email ) ); 920 } else { 921 $src .= 'd41d8cd98f00b204e9800998ecf8427e'; 922 // d41d8cd98f00b204e9800998ecf8427e == md5('') 923 $class .= ' avatar-noemail'; 924 } 925 926 $src .= '?s=' . $size; 927 $src .= '&d=' . urlencode( $default ); 928 929 $rating = bb_get_option('avatars_rating'); 930 if ( !empty( $rating ) ) 931 $src .= '&r=' . $rating; 932 933 $avatar = '<img alt="' . $safe_alt . '" src="' . $src . '" class="' . $class . '" style="height:' . $size . 'px; width:' . $size . 'px;" />'; 934 935 return apply_filters('bb_get_avatar', $avatar, $id_or_email, $size, $default, $alt); 936 } 937 endif;
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Thu Dec 7 01:01:35 2017 | Cross-referenced by PHPXref 0.7.1 |