| [ Index ] |
PHP Cross Reference of BuddyPress |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * BuddyPress Members Admin 4 * 5 * @package BuddyPress 6 * @subpackage MembersAdmin 7 * @since 2.0.0 8 */ 9 10 // Exit if accessed directly. 11 defined( 'ABSPATH' ) || exit; 12 13 if ( !class_exists( 'BP_Members_Admin' ) ) : 14 15 /** 16 * Load Members admin area. 17 * 18 * @since 2.0.0 19 */ 20 class BP_Members_Admin { 21 22 /** Directory *************************************************************/ 23 24 /** 25 * Path to the BP Members Admin directory. 26 * 27 * @var string $admin_dir 28 */ 29 public $admin_dir = ''; 30 31 /** URLs ******************************************************************/ 32 33 /** 34 * URL to the BP Members Admin directory. 35 * 36 * @var string $admin_url 37 */ 38 public $admin_url = ''; 39 40 /** 41 * URL to the BP Members Admin CSS directory. 42 * 43 * @var string $css_url 44 */ 45 public $css_url = ''; 46 47 /** 48 * URL to the BP Members Admin JS directory. 49 * 50 * @var string 51 */ 52 public $js_url = ''; 53 54 /** Other *****************************************************************/ 55 56 /** 57 * Screen id for edit user's profile page. 58 * 59 * @var string 60 */ 61 public $user_page = ''; 62 63 /** 64 * Setup BP Members Admin. 65 * 66 * @since 2.0.0 67 * 68 * @return BP_Members_Admin 69 */ 70 public static function register_members_admin() { 71 if ( ! is_admin() ) { 72 return; 73 } 74 75 $bp = buddypress(); 76 77 if ( empty( $bp->members->admin ) ) { 78 $bp->members->admin = new self; 79 } 80 81 return $bp->members->admin; 82 } 83 84 /** 85 * Constructor method. 86 * 87 * @since 2.0.0 88 */ 89 public function __construct() { 90 $this->setup_globals(); 91 $this->setup_actions(); 92 } 93 94 /** 95 * Set admin-related globals. 96 * 97 * @since 2.0.0 98 */ 99 private function setup_globals() { 100 $bp = buddypress(); 101 102 // Paths and URLs 103 $this->admin_dir = trailingslashit( $bp->plugin_dir . 'bp-members/admin' ); // Admin path. 104 $this->admin_url = trailingslashit( $bp->plugin_url . 'bp-members/admin' ); // Admin URL. 105 $this->css_url = trailingslashit( $this->admin_url . 'css' ); // Admin CSS URL. 106 $this->js_url = trailingslashit( $this->admin_url . 'js' ); // Admin CSS URL. 107 108 // Capability depends on config. 109 $this->capability = bp_core_do_network_admin() ? 'manage_network_users' : 'edit_users'; 110 111 // The Edit Profile Screen id. 112 $this->user_page = ''; 113 114 // The Show Profile Screen id. 115 $this->user_profile = is_network_admin() ? 'users' : 'profile'; 116 117 // The current user id. 118 $this->current_user_id = get_current_user_id(); 119 120 // The user id being edited. 121 $this->user_id = 0; 122 123 // Is a member editing their own profile. 124 $this->is_self_profile = false; 125 126 // The screen ids to load specific css for. 127 $this->screen_id = array(); 128 129 // The stats metabox default position. 130 $this->stats_metabox = new StdClass(); 131 132 // BuddyPress edit user's profile args. 133 $this->edit_profile_args = array( 'page' => 'bp-profile-edit' ); 134 $this->edit_profile_url = ''; 135 $this->edit_url = ''; 136 137 // Data specific to signups. 138 $this->users_page = ''; 139 $this->signups_page = ''; 140 $this->users_url = bp_get_admin_url( 'users.php' ); 141 $this->users_screen = bp_core_do_network_admin() ? 'users-network' : 'users'; 142 143 // Specific config: BuddyPress is not network activated. 144 $this->subsite_activated = (bool) is_multisite() && ! bp_is_network_activated(); 145 146 // When BuddyPress is not network activated, only Super Admin can moderate signups. 147 if ( ! empty( $this->subsite_activated ) ) { 148 $this->capability = 'manage_network_users'; 149 } 150 } 151 152 /** 153 * Set admin-related actions and filters. 154 * 155 * @since 2.0.0 156 */ 157 private function setup_actions() { 158 159 /** Extended Profile ************************************************* 160 */ 161 162 // Enqueue all admin JS and CSS. 163 add_action( 'bp_admin_enqueue_scripts', array( $this, 'enqueue_scripts' ) ); 164 165 // Add some page specific output to the <head>. 166 add_action( 'bp_admin_head', array( $this, 'admin_head' ), 999 ); 167 168 // Add menu item to all users menu. 169 add_action( 'admin_menu', array( $this, 'admin_menus' ), 5 ); 170 add_action( 'network_admin_menu', array( $this, 'admin_menus' ), 5 ); 171 add_action( 'user_admin_menu', array( $this, 'user_profile_menu' ), 5 ); 172 173 // Create the Profile Navigation (Profile/Extended Profile). 174 add_action( 'edit_user_profile', array( $this, 'profile_nav' ), 99, 1 ); 175 add_action( 'show_user_profile', array( $this, 'profile_nav' ), 99, 1 ); 176 177 // Editing users of a specific site. 178 add_action( "admin_head-site-users.php", array( $this, 'profile_admin_head' ) ); 179 180 // Add a row action to users listing. 181 if ( bp_core_do_network_admin() ) { 182 add_filter( 'ms_user_row_actions', array( $this, 'row_actions' ), 10, 2 ); 183 add_action( 'admin_init', array( $this, 'add_edit_profile_url_filter' ) ); 184 add_action( 'wp_after_admin_bar_render', array( $this, 'remove_edit_profile_url_filter' ) ); 185 } 186 187 // Add user row actions for single site. 188 add_filter( 'user_row_actions', array( $this, 'row_actions' ), 10, 2 ); 189 190 // Process changes to member type. 191 add_action( 'bp_members_admin_load', array( $this, 'process_member_type_update' ) ); 192 193 /** Signups ********************************************************** 194 */ 195 196 if ( is_admin() ) { 197 198 // Filter non multisite user query to remove sign-up users. 199 if ( ! is_multisite() ) { 200 add_action( 'pre_user_query', array( $this, 'remove_signups_from_user_query' ), 10, 1 ); 201 } 202 203 // Reorganise the views navigation in users.php and signups page. 204 if ( current_user_can( $this->capability ) ) { 205 $user_screen = $this->users_screen; 206 207 /** 208 * Users screen on multiblog is users, but signups 209 * need to be managed in the network for this case 210 */ 211 if ( bp_is_network_activated() && bp_is_multiblog_mode() && false === strpos( $user_screen, '-network' ) ) { 212 $user_screen .= '-network'; 213 } 214 215 add_filter( "views_{$user_screen}", array( $this, 'signup_filter_view' ), 10, 1 ); 216 add_filter( 'set-screen-option', array( $this, 'signup_screen_options' ), 10, 3 ); 217 } 218 219 // Registration is turned on. 220 add_action( 'update_site_option_registration', array( $this, 'multisite_registration_on' ), 10, 2 ); 221 add_action( 'update_option_users_can_register', array( $this, 'single_site_registration_on' ), 10, 2 ); 222 } 223 224 /** Users List - Members Types *************************************** 225 */ 226 227 if ( is_admin() && bp_get_member_types() ) { 228 229 // Add "Change type" <select> to WP admin users list table and process bulk members type changes. 230 add_action( 'restrict_manage_users', array( $this, 'users_table_output_type_change_select' ) ); 231 add_action( 'load-users.php', array( $this, 'users_table_process_bulk_type_change' ) ); 232 233 // Add the member type column to the WP admin users list table. 234 add_filter( 'manage_users_columns', array( $this, 'users_table_add_type_column' ) ); 235 add_filter( 'manage_users_custom_column', array( $this, 'users_table_populate_type_cell' ), 10, 3 ); 236 237 // Filter WP admin users list table to include users of the specified type. 238 add_filter( 'pre_get_users', array( $this, 'users_table_filter_by_type' ) ); 239 } 240 } 241 242 /** 243 * Create registration pages when multisite user registration is turned on. 244 * 245 * @since 2.7.0 246 * 247 * @param string $option_name Current option name; value is always 'registration'. 248 * @param string $value 249 */ 250 public function multisite_registration_on( $option_name, $value ) { 251 if ( 'user' === $value || 'all' === $value ) { 252 bp_core_add_page_mappings( array( 253 'register' => 1, 254 'activate' => 1 255 ) ); 256 } 257 } 258 259 /** 260 * Create registration pages when single site registration is turned on. 261 * 262 * @since 2.7.0 263 * 264 * @param string $old_value 265 * @param string $value 266 */ 267 public function single_site_registration_on( $old_value, $value ) { 268 // Single site. 269 if ( ! is_multisite() && ! empty( $value ) ) { 270 bp_core_add_page_mappings( array( 271 'register' => 1, 272 'activate' => 1 273 ) ); 274 } 275 } 276 277 /** 278 * Get the user ID. 279 * 280 * Look for $_GET['user_id']. If anything else, force the user ID to the 281 * current user's ID so they aren't left without a user to edit. 282 * 283 * @since 2.1.0 284 * 285 * @return int 286 */ 287 private function get_user_id() { 288 if ( ! empty( $this->user_id ) ) { 289 return $this->user_id; 290 } 291 292 $this->user_id = (int) get_current_user_id(); 293 294 // We'll need a user ID when not on self profile. 295 if ( ! empty( $_GET['user_id'] ) ) { 296 $this->user_id = (int) $_GET['user_id']; 297 } 298 299 return $this->user_id; 300 } 301 302 /** 303 * Can the current user edit the one displayed. 304 * 305 * Self profile editing / or bp_moderate check. 306 * This might be replaced by more granular capabilities 307 * in the future. 308 * 309 * @since 2.1.0 310 * 311 * @param int $user_id ID of the user being checked for edit ability. 312 * 313 * @return bool 314 */ 315 private function member_can_edit( $user_id = 0 ) { 316 $retval = false; 317 318 // Bail if no user ID was passed. 319 if ( empty( $user_id ) ) { 320 return $retval; 321 } 322 323 // Member can edit if they are viewing their own profile. 324 if ( $this->current_user_id === $user_id ) { 325 $retval = true; 326 327 // Trust the 'bp_moderate' capability. 328 } else { 329 $retval = bp_current_user_can( 'bp_moderate' ); 330 } 331 332 return $retval; 333 } 334 335 /** 336 * Get admin notice when saving a user or member profile. 337 * 338 * @since 2.1.0 339 * 340 * @return array 341 */ 342 private function get_user_notice() { 343 344 // Setup empty notice for return value. 345 $notice = array(); 346 347 // Updates. 348 if ( ! empty( $_REQUEST['updated'] ) ) { 349 switch ( $_REQUEST['updated'] ) { 350 case 'avatar': 351 $notice = array( 352 'class' => 'updated', 353 'message' => __( 'Profile photo was deleted.', 'buddypress' ) 354 ); 355 break; 356 case 'ham' : 357 $notice = array( 358 'class' => 'updated', 359 'message' => __( 'User removed as spammer.', 'buddypress' ) 360 ); 361 break; 362 case 'spam' : 363 $notice = array( 364 'class' => 'updated', 365 'message' => __( 'User marked as spammer. Spam users are visible only to site admins.', 'buddypress' ) 366 ); 367 break; 368 case 1 : 369 $notice = array( 370 'class' => 'updated', 371 'message' => __( 'Profile updated.', 'buddypress' ) 372 ); 373 break; 374 } 375 } 376 377 // Errors. 378 if ( ! empty( $_REQUEST['error'] ) ) { 379 switch ( $_REQUEST['error'] ) { 380 case 'avatar': 381 $notice = array( 382 'class' => 'error', 383 'message' => __( 'There was a problem deleting that profile photo. Please try again.', 'buddypress' ) 384 ); 385 break; 386 case 'ham' : 387 $notice = array( 388 'class' => 'error', 389 'message' => __( 'User could not be removed as spammer.', 'buddypress' ) 390 ); 391 break; 392 case 'spam' : 393 $notice = array( 394 'class' => 'error', 395 'message' => __( 'User could not be marked as spammer.', 'buddypress' ) 396 ); 397 break; 398 case 1 : 399 $notice = array( 400 'class' => 'error', 401 'message' => __( 'An error occurred while trying to update the profile.', 'buddypress' ) 402 ); 403 break; 404 case 2: 405 $notice = array( 406 'class' => 'error', 407 'message' => __( 'Your changes have not been saved. Please fill in all required fields, and save your changes again.', 'buddypress' ) 408 ); 409 break; 410 case 3: 411 $notice = array( 412 'class' => 'error', 413 'message' => __( 'There was a problem updating some of your profile information. Please try again.', 'buddypress' ) 414 ); 415 break; 416 } 417 } 418 419 return $notice; 420 } 421 422 /** 423 * Create the /user/ admin Profile submenus for all members. 424 * 425 * @since 2.1.0 426 * 427 */ 428 public function user_profile_menu() { 429 430 // Setup the hooks array. 431 $hooks = array(); 432 433 // Add the faux "Edit Profile" submenu page. 434 $hooks['user'] = $this->user_page = add_submenu_page( 435 'profile.php', 436 __( 'Edit Profile', 'buddypress' ), 437 __( 'Edit Profile', 'buddypress' ), 438 'exist', 439 'bp-profile-edit', 440 array( $this, 'user_admin' ) 441 ); 442 443 // Setup the screen ID's. 444 $this->screen_id = array( 445 $this->user_page . '-user', 446 $this->user_profile . '-user' 447 ); 448 449 // Loop through new hooks and add method actions. 450 foreach ( $hooks as $key => $hook ) { 451 add_action( "load-{$hook}", array( $this, $key . '_admin_load' ) ); 452 } 453 454 // Add the profile_admin_head method to proper admin_head actions. 455 add_action( "admin_head-{$this->user_page}", array( $this, 'profile_admin_head' ) ); 456 add_action( "admin_head-profile.php", array( $this, 'profile_admin_head' ) ); 457 } 458 459 /** 460 * Create the All Users / Profile > Edit Profile and All Users Signups submenus. 461 * 462 * @since 2.0.0 463 * 464 */ 465 public function admin_menus() { 466 467 // Setup the hooks array. 468 $hooks = array(); 469 470 // Manage user's profile. 471 $hooks['user'] = $this->user_page = add_submenu_page( 472 $this->user_profile . '.php', 473 __( 'Edit Profile', 'buddypress' ), 474 __( 'Edit Profile', 'buddypress' ), 475 'read', 476 'bp-profile-edit', 477 array( $this, 'user_admin' ) 478 ); 479 480 // Only show sign-ups where they belong. 481 if ( ( ! bp_is_network_activated() && ! is_network_admin() ) || ( is_network_admin() && bp_is_network_activated() ) ) { 482 483 // Manage signups. 484 $hooks['signups'] = $this->signups_page = add_users_page( 485 __( 'Manage Signups', 'buddypress' ), 486 __( 'Manage Signups', 'buddypress' ), 487 $this->capability, 488 'bp-signups', 489 array( $this, 'signups_admin' ) 490 ); 491 } 492 493 $edit_page = 'user-edit'; 494 $profile_page = 'profile'; 495 $this->users_page = 'users'; 496 497 // Self profile check is needed for this pages. 498 $page_head = array( 499 $edit_page . '.php', 500 $profile_page . '.php', 501 $this->user_page, 502 $this->users_page . '.php', 503 ); 504 505 // Append '-network' to each array item if in network admin. 506 if ( is_network_admin() ) { 507 $edit_page .= '-network'; 508 $profile_page .= '-network'; 509 $this->user_page .= '-network'; 510 $this->users_page .= '-network'; 511 $this->signups_page .= '-network'; 512 } 513 514 // Setup the screen ID's. 515 $this->screen_id = array( 516 $edit_page, 517 $this->user_page, 518 $profile_page 519 ); 520 521 // Loop through new hooks and add method actions. 522 foreach ( $hooks as $key => $hook ) { 523 add_action( "load-{$hook}", array( $this, $key . '_admin_load' ) ); 524 } 525 526 // Add the profile_admin_head method to proper admin_head actions. 527 foreach ( $page_head as $head ) { 528 add_action( "admin_head-{$head}", array( $this, 'profile_admin_head' ) ); 529 } 530 } 531 532 /** 533 * Highlight the Users menu if on Edit Profile and check if on the user's admin profile. 534 * 535 * @since 2.1.0 536 */ 537 public function profile_admin_head() { 538 global $submenu_file, $parent_file; 539 540 // Is the user editing their own profile? 541 if ( is_user_admin() || ( defined( 'IS_PROFILE_PAGE' ) && IS_PROFILE_PAGE ) ) { 542 $this->is_self_profile = true; 543 544 // Is the user attempting to edit their own profile. 545 } elseif ( isset( $_GET['user_id' ] ) || ( isset( $_GET['page'] ) && ( 'bp-profile-edit' === $_GET['page'] ) ) ) { 546 $this->is_self_profile = (bool) ( $this->get_user_id() === $this->current_user_id ); 547 } 548 549 // Force the parent file to users.php to open the correct top level menu 550 // but only if not editing a site via the network site editing page. 551 if ( 'sites.php' !== $parent_file ) { 552 $parent_file = 'users.php'; 553 $submenu_file = 'users.php'; 554 } 555 556 // Editing your own profile, so recheck some vars. 557 if ( true === $this->is_self_profile ) { 558 559 // Use profile.php as the edit page. 560 $edit_page = 'profile.php'; 561 562 // Set profile.php as the parent & sub files to correct the menu nav. 563 if ( is_blog_admin() || is_user_admin() ) { 564 $parent_file = 'profile.php'; 565 $submenu_file = 'profile.php'; 566 } 567 568 // Not editing yourself, so use user-edit.php. 569 } else { 570 $edit_page = 'user-edit.php'; 571 } 572 573 if ( is_user_admin() ) { 574 $this->edit_profile_url = add_query_arg( $this->edit_profile_args, user_admin_url( 'profile.php' ) ); 575 $this->edit_url = user_admin_url( 'profile.php' ); 576 577 } elseif ( is_blog_admin() ) { 578 $this->edit_profile_url = add_query_arg( $this->edit_profile_args, admin_url( 'users.php' ) ); 579 $this->edit_url = admin_url( $edit_page ); 580 581 } elseif ( is_network_admin() ) { 582 $this->edit_profile_url = add_query_arg( $this->edit_profile_args, network_admin_url( 'users.php' ) ); 583 $this->edit_url = network_admin_url( $edit_page ); 584 } 585 } 586 587 /** 588 * Remove the Edit Profile page. 589 * 590 * We add these pages in order to integrate with WP's Users panel, but 591 * we want them to show up as a row action of the WP panel, not as separate 592 * subnav items under the Users menu. 593 * 594 * @since 2.0.0 595 */ 596 public function admin_head() { 597 remove_submenu_page( 'users.php', 'bp-profile-edit' ); 598 remove_submenu_page( 'profile.php', 'bp-profile-edit' ); 599 } 600 601 /** Community Profile *****************************************************/ 602 603 /** 604 * Add some specific styling to the Edit User and Edit User's Profile page. 605 * 606 * @since 2.0.0 607 */ 608 public function enqueue_scripts() { 609 if ( ! in_array( get_current_screen()->id, $this->screen_id ) ) { 610 return; 611 } 612 613 $min = bp_core_get_minified_asset_suffix(); 614 $css = $this->css_url . "admin{$min}.css"; 615 616 /** 617 * Filters the CSS URL to enqueue in the Members admin area. 618 * 619 * @since 2.0.0 620 * 621 * @param string $css URL to the CSS admin file to load. 622 */ 623 $css = apply_filters( 'bp_members_admin_css', $css ); 624 625 wp_enqueue_style( 'bp-members-css', $css, array(), bp_get_version() ); 626 627 wp_style_add_data( 'bp-members-css', 'rtl', 'replace' ); 628 if ( $min ) { 629 wp_style_add_data( 'bp-members-css', 'suffix', $min ); 630 } 631 632 // Only load JavaScript for BuddyPress profile. 633 if ( get_current_screen()->id == $this->user_page ) { 634 $js = $this->js_url . "admin{$min}.js"; 635 636 /** 637 * Filters the JS URL to enqueue in the Members admin area. 638 * 639 * @since 2.0.0 640 * 641 * @param string $js URL to the JavaScript admin file to load. 642 */ 643 $js = apply_filters( 'bp_members_admin_js', $js ); 644 wp_enqueue_script( 'bp-members-js', $js, array( 'jquery' ), bp_get_version(), true ); 645 646 if ( ! bp_core_get_root_option( 'bp-disable-avatar-uploads' ) && buddypress()->avatar->show_avatars ) { 647 /** 648 * Get Thickbox. 649 * 650 * We cannot simply use add_thickbox() here as WordPress is not playing 651 * nice with Thickbox width/height see https://core.trac.wordpress.org/ticket/17249 652 * Using media-upload might be interesting in the future for the send to editor stuff 653 * and we make sure the tb_window is wide enough 654 */ 655 wp_enqueue_style ( 'thickbox' ); 656 wp_enqueue_script( 'media-upload' ); 657 658 // Get Avatar Uploader. 659 bp_attachments_enqueue_scripts( 'BP_Attachment_Avatar' ); 660 } 661 } 662 663 /** 664 * Fires after all of the members JavaScript and CSS are enqueued. 665 * 666 * @since 2.0.0 667 * 668 * @param string $id ID of the current screen. 669 * @param array $screen_id Array of allowed screens to add scripts and styles to. 670 */ 671 do_action( 'bp_members_admin_enqueue_scripts', get_current_screen()->id, $this->screen_id ); 672 } 673 674 /** 675 * Create the Profile navigation in Edit User & Edit Profile pages. 676 * 677 * @since 2.0.0 678 * 679 * @param object|null $user User to create profile navigation for. 680 * @param string $active Which profile to highlight. 681 * @return string|null 682 */ 683 public function profile_nav( $user = null, $active = 'WordPress' ) { 684 685 // Bail if no user ID exists here. 686 if ( empty( $user->ID ) ) { 687 return; 688 } 689 690 // Add the user ID to query arguments when not editing yourself. 691 if ( false === $this->is_self_profile ) { 692 $query_args = array( 'user_id' => $user->ID ); 693 } else { 694 $query_args = array(); 695 } 696 697 // Conditionally add a referer if it exists in the existing request. 698 if ( ! empty( $_REQUEST['wp_http_referer'] ) ) { 699 $wp_http_referer = wp_unslash( $_REQUEST['wp_http_referer'] ); 700 $wp_http_referer = wp_validate_redirect( esc_url_raw( $wp_http_referer ) ); 701 $query_args['wp_http_referer'] = urlencode( $wp_http_referer ); 702 } 703 704 // Setup the two distinct "edit" URL's. 705 $community_url = add_query_arg( $query_args, $this->edit_profile_url ); 706 $wordpress_url = add_query_arg( $query_args, $this->edit_url ); 707 708 $bp_active = false; 709 $wp_active = ' nav-tab-active'; 710 if ( 'BuddyPress' === $active ) { 711 $bp_active = ' nav-tab-active'; 712 $wp_active = false; 713 } ?> 714 715 <h2 id="profile-nav" class="nav-tab-wrapper"> 716 <?php 717 /** 718 * In configs where BuddyPress is not network activated, as regular 719 * admins do not have the capacity to edit other users, we must add 720 * this check. 721 */ 722 if ( current_user_can( 'edit_user', $user->ID ) ) : ?> 723 724 <a class="nav-tab<?php echo esc_attr( $wp_active ); ?>" href="<?php echo esc_url( $wordpress_url );?>"><?php _e( 'Profile', 'buddypress' ); ?></a> 725 726 <?php endif; ?> 727 728 <a class="nav-tab<?php echo esc_attr( $bp_active ); ?>" href="<?php echo esc_url( $community_url );?>"><?php _e( 'Extended Profile', 'buddypress' ); ?></a> 729 </h2> 730 731 <?php 732 } 733 734 /** 735 * Set up the user's profile admin page. 736 * 737 * Loaded before the page is rendered, this function does all initial 738 * setup, including: processing form requests, registering contextual 739 * help, and setting up screen options. 740 * 741 * @since 2.0.0 742 * @since 6.0.0 The `delete_avatar` action is now managed into this method. 743 */ 744 public function user_admin_load() { 745 746 // Get the user ID. 747 $user_id = $this->get_user_id(); 748 749 // Can current user edit this profile? 750 if ( ! $this->member_can_edit( $user_id ) ) { 751 wp_die( __( 'You cannot edit the requested user.', 'buddypress' ) ); 752 } 753 754 // Build redirection URL. 755 $redirect_to = remove_query_arg( array( 'action', 'error', 'updated', 'spam', 'ham', 'delete_avatar' ), $_SERVER['REQUEST_URI'] ); 756 $doaction = ! empty( $_REQUEST['action'] ) ? $_REQUEST['action'] : false; 757 758 if ( ! empty( $_REQUEST['user_status'] ) ) { 759 $spam = (bool) ( 'spam' === $_REQUEST['user_status'] ); 760 761 if ( $spam !== bp_is_user_spammer( $user_id ) ) { 762 $doaction = $_REQUEST['user_status']; 763 } 764 } 765 766 /** 767 * Fires at the start of the signups admin load. 768 * 769 * @since 2.0.0 770 * 771 * @param string $doaction Current bulk action being processed. 772 * @param array $_REQUEST Current $_REQUEST global. 773 */ 774 do_action_ref_array( 'bp_members_admin_load', array( $doaction, $_REQUEST ) ); 775 776 /** 777 * Filters the allowed actions for use in the user admin page. 778 * 779 * @since 2.0.0 780 * 781 * @param array $value Array of allowed actions to use. 782 */ 783 $allowed_actions = apply_filters( 'bp_members_admin_allowed_actions', array( 'update', 'delete_avatar', 'spam', 'ham' ) ); 784 785 // Prepare the display of the Community Profile screen. 786 if ( ! in_array( $doaction, $allowed_actions ) ) { 787 add_screen_option( 'layout_columns', array( 'default' => 2, 'max' => 2, ) ); 788 789 get_current_screen()->add_help_tab( array( 790 'id' => 'bp-profile-edit-overview', 791 'title' => __( 'Overview', 'buddypress' ), 792 'content' => 793 '<p>' . __( 'This is the admin view of a user's profile.', 'buddypress' ) . '</p>' . 794 '<p>' . __( 'In the main column, you can edit the fields of the user's extended profile.', 'buddypress' ) . '</p>' . 795 '<p>' . __( 'In the right-hand column, you can update the user's status, delete the user's avatar, and view recent statistics.', 'buddypress' ) . '</p>' 796 ) ); 797 798 // Help panel - sidebar links. 799 get_current_screen()->set_help_sidebar( 800 '<p><strong>' . __( 'For more information:', 'buddypress' ) . '</strong></p>' . 801 '<p>' . __( '<a href="https://codex.buddypress.org/administrator-guide/extended-profiles/">Managing Profiles</a>', 'buddypress' ) . '</p>' . 802 '<p>' . __( '<a href="https://buddypress.org/support/">Support Forums</a>', 'buddypress' ) . '</p>' 803 ); 804 805 // Register metaboxes for the edit screen. 806 add_meta_box( 807 'submitdiv', 808 _x( 'Status', 'members user-admin edit screen', 'buddypress' ), 809 array( $this, 'user_admin_status_metabox' ), 810 get_current_screen()->id, 811 'side', 812 'core' 813 ); 814 815 // In case xprofile is not active. 816 $this->stats_metabox->context = 'normal'; 817 $this->stats_metabox->priority = 'core'; 818 819 /** 820 * Fires before loading the profile fields if component is active. 821 * 822 * Plugins should not use this hook, please use 'bp_members_admin_user_metaboxes' instead. 823 * 824 * @since 2.0.0 825 * 826 * @param int $user_id Current user ID for the screen. 827 * @param string $id Current screen ID. 828 * @param object $stats_metabox Object holding position data for use with the stats metabox. 829 */ 830 do_action_ref_array( 'bp_members_admin_xprofile_metabox', array( $user_id, get_current_screen()->id, $this->stats_metabox ) ); 831 832 // If xProfile is inactive, difficult to know what's profile we're on. 833 if ( 'normal' === $this->stats_metabox->context ) { 834 $display_name = bp_core_get_user_displayname( $user_id ); 835 } else { 836 $display_name = __( 'Member', 'buddypress' ); 837 } 838 839 // Set the screen id. 840 $screen_id = get_current_screen()->id; 841 842 // User Stat metabox. 843 add_meta_box( 844 'bp_members_admin_user_stats', 845 sprintf( 846 /* translators: %s: member name */ 847 _x( "%s's Stats", 'members user-admin edit screen', 'buddypress' ), 848 $display_name 849 ), 850 array( $this, 'user_admin_stats_metabox' ), 851 $screen_id, 852 sanitize_key( $this->stats_metabox->context ), 853 sanitize_key( $this->stats_metabox->priority ) 854 ); 855 856 if ( buddypress()->avatar->show_avatars ) { 857 // Avatar Metabox. 858 add_meta_box( 859 'bp_members_user_admin_avatar', 860 _x( 'Profile Photo', 'members user-admin edit screen', 'buddypress' ), 861 array( $this, 'user_admin_avatar_metabox' ), 862 $screen_id, 863 'side', 864 'low' 865 ); 866 } 867 868 // Member Type metabox. Only added if member types have been registered. 869 $member_types = bp_get_member_types(); 870 if ( ! empty( $member_types ) ) { 871 add_meta_box( 872 'bp_members_admin_member_type', 873 _x( 'Member Type', 'members user-admin edit screen', 'buddypress' ), 874 array( $this, 'user_admin_member_type_metabox' ), 875 $screen_id, 876 'side', 877 'core' 878 ); 879 } 880 881 /** 882 * Fires at the end of the Community Profile screen. 883 * 884 * Plugins can restrict metabox to "bp_moderate" admins by checking if 885 * the first argument ($this->is_self_profile) is false in their callback. 886 * They can also restrict their metabox to self profile editing 887 * by setting it to true. 888 * 889 * @since 2.0.0 890 * 891 * @param bool $is_self_profile Whether or not it is the current user's profile. 892 * @param int $user_id Current user ID. 893 */ 894 do_action( 'bp_members_admin_user_metaboxes', $this->is_self_profile, $user_id ); 895 896 // Enqueue JavaScript files. 897 wp_enqueue_script( 'postbox' ); 898 wp_enqueue_script( 'dashboard' ); 899 900 // Spam or Ham user. 901 } elseif ( in_array( $doaction, array( 'spam', 'ham' ) ) && empty( $this->is_self_profile ) ) { 902 903 check_admin_referer( 'edit-bp-profile_' . $user_id ); 904 905 if ( bp_core_process_spammer_status( $user_id, $doaction ) ) { 906 $redirect_to = add_query_arg( 'updated', $doaction, $redirect_to ); 907 } else { 908 $redirect_to = add_query_arg( 'error', $doaction, $redirect_to ); 909 } 910 911 bp_core_redirect( $redirect_to ); 912 913 // Eventually delete avatar. 914 } elseif ( 'delete_avatar' === $doaction ) { 915 916 // Check the nonce. 917 check_admin_referer( 'delete_avatar' ); 918 919 $redirect_to = remove_query_arg( '_wpnonce', $redirect_to ); 920 921 if ( bp_core_delete_existing_avatar( array( 'item_id' => $user_id ) ) ) { 922 $redirect_to = add_query_arg( 'updated', 'avatar', $redirect_to ); 923 } else { 924 $redirect_to = add_query_arg( 'error', 'avatar', $redirect_to ); 925 } 926 927 bp_core_redirect( $redirect_to ); 928 929 // Update other stuff once above ones are done. 930 } else { 931 $this->redirect = $redirect_to; 932 933 /** 934 * Fires at end of user profile admin load if doaction does not match any available actions. 935 * 936 * @since 2.0.0 937 * 938 * @param string $doaction Current bulk action being processed. 939 * @param int $user_id Current user ID. 940 * @param array $_REQUEST Current $_REQUEST global. 941 * @param string $redirect Determined redirect url to send user to. 942 */ 943 do_action_ref_array( 'bp_members_admin_update_user', array( $doaction, $user_id, $_REQUEST, $this->redirect ) ); 944 945 bp_core_redirect( $this->redirect ); 946 } 947 } 948 949 /** 950 * Display the user's profile. 951 * 952 * @since 2.0.0 953 */ 954 public function user_admin() { 955 956 if ( ! bp_current_user_can( 'bp_moderate' ) && empty( $this->is_self_profile ) ) { 957 die( '-1' ); 958 } 959 960 // Get the user ID. 961 $user_id = $this->get_user_id(); 962 $user = get_user_to_edit( $user_id ); 963 964 // Construct title. 965 if ( true === $this->is_self_profile ) { 966 $title = __( 'Profile', 'buddypress' ); 967 } else { 968 $title = __( 'Edit User', 'buddypress' ); 969 } 970 971 // Construct URL for form. 972 $request_url = remove_query_arg( array( 'action', 'error', 'updated', 'spam', 'ham' ), $_SERVER['REQUEST_URI'] ); 973 $form_action_url = add_query_arg( 'action', 'update', $request_url ); 974 $wp_http_referer = false; 975 if ( ! empty( $_REQUEST['wp_http_referer'] ) ) { 976 $wp_http_referer = wp_unslash( $_REQUEST['wp_http_referer'] ); 977 $wp_http_referer = remove_query_arg( array( 'action', 'updated' ), $wp_http_referer ); 978 $wp_http_referer = wp_validate_redirect( esc_url_raw( $wp_http_referer ) ); 979 } 980 981 // Prepare notice for admin. 982 $notice = $this->get_user_notice(); 983 984 if ( ! empty( $notice ) ) : ?> 985 986 <div <?php if ( 'updated' === $notice['class'] ) : ?>id="message" <?php endif; ?>class="<?php echo esc_attr( $notice['class'] ); ?> notice is-dismissible"> 987 988 <p><?php echo esc_html( $notice['message'] ); ?></p> 989 990 <?php if ( !empty( $wp_http_referer ) && ( 'updated' === $notice['class'] ) ) : ?> 991 992 <p><a href="<?php echo esc_url( $wp_http_referer ); ?>"><?php esc_html_e( '← Back to Users', 'buddypress' ); ?></a></p> 993 994 <?php endif; ?> 995 996 </div> 997 998 <?php endif; ?> 999 1000 <div class="wrap" id="community-profile-page"> 1001 <h1 class="wp-heading-inline"><?php echo esc_html( $title ); ?></h1> 1002 1003 <?php if ( empty( $this->is_self_profile ) ) : ?> 1004 1005 <?php if ( current_user_can( 'create_users' ) ) : ?> 1006 1007 <a href="user-new.php" class="page-title-action"><?php echo esc_html_x( 'Add New', 'user', 'buddypress' ); ?></a> 1008 1009 <?php elseif ( is_multisite() && current_user_can( 'promote_users' ) ) : ?> 1010 1011 <a href="user-new.php" class="page-title-action"><?php echo esc_html_x( 'Add Existing', 'user', 'buddypress' ); ?></a> 1012 1013 <?php endif; ?> 1014 1015 <?php endif; ?> 1016 1017 <hr class="wp-header-end"> 1018 1019 <?php if ( ! empty( $user ) ) : 1020 1021 $this->profile_nav( $user, 'BuddyPress' ); ?> 1022 1023 <form action="<?php echo esc_url( $form_action_url ); ?>" id="your-profile" method="post"> 1024 <div id="poststuff"> 1025 1026 <div id="post-body" class="metabox-holder columns-<?php echo 1 == get_current_screen()->get_columns() ? '1' : '2'; ?>"> 1027 1028 <div id="postbox-container-1" class="postbox-container"> 1029 <?php do_meta_boxes( get_current_screen()->id, 'side', $user ); ?> 1030 </div> 1031 1032 <div id="postbox-container-2" class="postbox-container"> 1033 <?php do_meta_boxes( get_current_screen()->id, 'normal', $user ); ?> 1034 <?php do_meta_boxes( get_current_screen()->id, 'advanced', $user ); ?> 1035 </div> 1036 </div><!-- #post-body --> 1037 1038 </div><!-- #poststuff --> 1039 1040 <?php wp_nonce_field( 'closedpostboxes', 'closedpostboxesnonce', false ); ?> 1041 <?php wp_nonce_field( 'meta-box-order', 'meta-box-order-nonce', false ); ?> 1042 <?php wp_nonce_field( 'edit-bp-profile_' . $user->ID ); ?> 1043 1044 </form> 1045 1046 <?php else : ?> 1047 1048 <p><?php 1049 printf( 1050 '%1$s <a href="%2$s">%3$s</a>', 1051 __( 'No user found with this ID.', 'buddypress' ), 1052 esc_url( bp_get_admin_url( 'users.php' ) ), 1053 __( 'Go back and try again.', 'buddypress' ) 1054 ); 1055 ?></p> 1056 1057 <?php endif; ?> 1058 1059 </div><!-- .wrap --> 1060 <?php 1061 } 1062 1063 /** 1064 * Render the Status metabox for user's profile screen. 1065 * 1066 * Actions are: 1067 * - Update profile fields if xProfile component is active 1068 * - Spam/Unspam user 1069 * 1070 * @since 2.0.0 1071 * 1072 * @param WP_User|null $user The WP_User object to be edited. 1073 */ 1074 public function user_admin_status_metabox( $user = null ) { 1075 1076 // Bail if no user id or if the user has not activated their account yet. 1077 if ( empty( $user->ID ) ) { 1078 return; 1079 } 1080 1081 // Bail if user has not been activated yet (how did you get here?). 1082 if ( isset( $user->user_status ) && ( 2 == $user->user_status ) ) : ?> 1083 1084 <p class="not-activated"><?php esc_html_e( 'User account has not yet been activated', 'buddypress' ); ?></p><br/> 1085 1086 <?php return; 1087 1088 endif; ?> 1089 1090 <div class="submitbox" id="submitcomment"> 1091 <div id="minor-publishing"> 1092 <div id="misc-publishing-actions"> 1093 <?php 1094 1095 // Get the spam status once here to compare against below. 1096 $is_spammer = bp_is_user_spammer( $user->ID ); 1097 1098 /** 1099 * In configs where BuddyPress is not network activated, 1100 * regular admins cannot mark a user as a spammer on front 1101 * end. This prevent them to do it in the back end. 1102 * 1103 * Also prevent admins from marking themselves or other 1104 * admins as spammers. 1105 */ 1106 if ( ( empty( $this->is_self_profile ) && ( ! in_array( $user->user_login, get_super_admins() ) ) && empty( $this->subsite_activated ) ) || ( ! empty( $this->subsite_activated ) && current_user_can( 'manage_network_users' ) ) ) : ?> 1107 1108 <div class="misc-pub-section" id="comment-status-radio"> 1109 <label class="approved"><input type="radio" name="user_status" value="ham" <?php checked( $is_spammer, false ); ?>><?php esc_html_e( 'Active', 'buddypress' ); ?></label><br /> 1110 <label class="spam"><input type="radio" name="user_status" value="spam" <?php checked( $is_spammer, true ); ?>><?php esc_html_e( 'Spammer', 'buddypress' ); ?></label> 1111 </div> 1112 1113 <?php endif ;?> 1114 1115 <div class="misc-pub-section curtime misc-pub-section-last"> 1116 <?php 1117 1118 // Translators: Publish box date format, see http://php.net/date. 1119 $datef = __( 'M j, Y @ G:i', 'buddypress' ); 1120 $date = date_i18n( $datef, strtotime( $user->user_registered ) ); 1121 ?> 1122 <span id="timestamp"> 1123 <?php 1124 /* translators: %s: registration date */ 1125 printf( __( 'Registered on: %s', 'buddypress' ), '<strong>' . $date . '</strong>' ); 1126 ?> 1127 </span> 1128 </div> 1129 </div> <!-- #misc-publishing-actions --> 1130 1131 <div class="clear"></div> 1132 </div><!-- #minor-publishing --> 1133 1134 <div id="major-publishing-actions"> 1135 1136 <div id="publishing-action"> 1137 <a class="button bp-view-profile" href="<?php echo esc_url( bp_core_get_user_domain( $user->ID ) ); ?>" target="_blank"><?php esc_html_e( 'View Profile', 'buddypress' ); ?></a> 1138 <?php submit_button( esc_html__( 'Update Profile', 'buddypress' ), 'primary', 'save', false ); ?> 1139 </div> 1140 <div class="clear"></div> 1141 </div><!-- #major-publishing-actions --> 1142 1143 </div><!-- #submitcomment --> 1144 1145 <?php 1146 } 1147 1148 /** 1149 * Render the fallback metabox in case a user has been marked as a spammer. 1150 * 1151 * @since 2.0.0 1152 * 1153 * @param WP_User|null $user The WP_User object to be edited. 1154 */ 1155 public function user_admin_spammer_metabox( $user = null ) { 1156 ?> 1157 <p> 1158 <?php 1159 /* translators: %s: member name */ 1160 printf( __( '%s has been marked as a spammer. All BuddyPress data associated with the user has been removed', 'buddypress' ), esc_html( bp_core_get_user_displayname( $user->ID ) ) ); 1161 ?> 1162 </p> 1163 <?php 1164 } 1165 1166 /** 1167 * Render the Stats metabox to moderate inappropriate images. 1168 * 1169 * @since 2.0.0 1170 * 1171 * @param WP_User|null $user The WP_User object to be edited. 1172 */ 1173 public function user_admin_stats_metabox( $user = null ) { 1174 1175 // Bail if no user ID. 1176 if ( empty( $user->ID ) ) { 1177 return; 1178 } 1179 1180 // If account is not activated last activity is the time user registered. 1181 if ( isset( $user->user_status ) && 2 == $user->user_status ) { 1182 $last_active = $user->user_registered; 1183 1184 // Account is activated, getting user's last activity. 1185 } else { 1186 $last_active = bp_get_user_last_activity( $user->ID ); 1187 } 1188 1189 $datef = __( 'M j, Y @ G:i', 'buddypress' ); 1190 $date = date_i18n( $datef, strtotime( $last_active ) ); ?> 1191 1192 <ul> 1193 <li class="bp-members-profile-stats"> 1194 <?php 1195 /* translators: %s: date */ 1196 printf( __( 'Last active: %1$s', 'buddypress' ), '<strong>' . $date . '</strong>' ); 1197 ?> 1198 </li> 1199 1200 <?php 1201 // Loading other stats only if user has activated their account. 1202 if ( empty( $user->user_status ) ) { 1203 1204 /** 1205 * Fires in the user stats metabox if the user has activated their account. 1206 * 1207 * @since 2.0.0 1208 * 1209 * @param array $value Array holding the user ID. 1210 * @param object $user Current displayed user object. 1211 */ 1212 do_action( 'bp_members_admin_user_stats', array( 'user_id' => $user->ID ), $user ); 1213 } 1214 ?> 1215 </ul> 1216 1217 <?php 1218 } 1219 1220 /** 1221 * Render the Avatar metabox to moderate inappropriate images. 1222 * 1223 * @since 6.0.0 1224 * 1225 * @param WP_User|null $user The WP_User object for the user being edited. 1226 */ 1227 public function user_admin_avatar_metabox( $user = null ) { 1228 1229 if ( empty( $user->ID ) ) { 1230 return; 1231 } ?> 1232 1233 <div class="avatar"> 1234 1235 <?php echo bp_core_fetch_avatar( array( 1236 'item_id' => $user->ID, 1237 'object' => 'user', 1238 'type' => 'full', 1239 'title' => $user->display_name 1240 ) ); ?> 1241 1242 <?php if ( bp_get_user_has_avatar( $user->ID ) ) : 1243 1244 $query_args = array( 1245 'user_id' => $user->ID, 1246 'action' => 'delete_avatar' 1247 ); 1248 1249 if ( ! empty( $_REQUEST['wp_http_referer'] ) ) { 1250 $wp_http_referer = wp_unslash( $_REQUEST['wp_http_referer'] ); 1251 $wp_http_referer = remove_query_arg( array( 'action', 'updated' ), $wp_http_referer ); 1252 $wp_http_referer = wp_validate_redirect( esc_url_raw( $wp_http_referer ) ); 1253 $query_args['wp_http_referer'] = urlencode( $wp_http_referer ); 1254 } 1255 1256 $community_url = add_query_arg( $query_args, $this->edit_profile_url ); 1257 $delete_link = wp_nonce_url( $community_url, 'delete_avatar' ); ?> 1258 1259 <a href="<?php echo esc_url( $delete_link ); ?>" class="bp-members-avatar-user-admin"><?php esc_html_e( 'Delete Profile Photo', 'buddypress' ); ?></a> 1260 1261 <?php endif; 1262 1263 // Load the Avatar UI templates if user avatar uploads are enabled. 1264 if ( ! bp_core_get_root_option( 'bp-disable-avatar-uploads' ) ) : ?> 1265 <a href="#TB_inline?width=800px&height=400px&inlineId=bp-members-avatar-editor" class="thickbox bp-members-avatar-user-edit"><?php esc_html_e( 'Edit Profile Photo', 'buddypress' ); ?></a> 1266 <div id="bp-members-avatar-editor" style="display:none;"> 1267 <?php bp_attachments_get_template_part( 'avatars/index' ); ?> 1268 </div> 1269 <?php endif; ?> 1270 1271 </div> 1272 <?php 1273 } 1274 1275 /** 1276 * Render the Member Type metabox. 1277 * 1278 * @since 2.2.0 1279 * 1280 * @param WP_User|null $user The WP_User object to be edited. 1281 */ 1282 public function user_admin_member_type_metabox( $user = null ) { 1283 1284 // Bail if no user ID. 1285 if ( empty( $user->ID ) ) { 1286 return; 1287 } 1288 1289 $types = bp_get_member_types( array(), 'objects' ); 1290 $current_type = bp_get_member_type( $user->ID ); 1291 ?> 1292 1293 <label for="bp-members-profile-member-type" class="screen-reader-text"><?php 1294 /* translators: accessibility text */ 1295 esc_html_e( 'Select member type', 'buddypress' ); 1296 ?></label> 1297 <select name="bp-members-profile-member-type" id="bp-members-profile-member-type"> 1298 <option value="" <?php selected( '', $current_type ); ?>><?php 1299 /* translators: no option picked in select box */ 1300 esc_attr_e( '----', 'buddypress' ); 1301 ?></option> 1302 <?php foreach ( $types as $type ) : ?> 1303 <option value="<?php echo esc_attr( $type->name ) ?>" <?php selected( $type->name, $current_type ) ?>><?php echo esc_html( $type->labels['singular_name'] ) ?></option> 1304 <?php endforeach; ?> 1305 </select> 1306 1307 <?php 1308 1309 wp_nonce_field( 'bp-member-type-change-' . $user->ID, 'bp-member-type-nonce' ); 1310 } 1311 1312 /** 1313 * Process changes from the Member Type metabox. 1314 * 1315 * @since 2.2.0 1316 */ 1317 public function process_member_type_update() { 1318 if ( ! isset( $_POST['bp-member-type-nonce'] ) || ! isset( $_POST['bp-members-profile-member-type'] ) ) { 1319 return; 1320 } 1321 1322 $user_id = $this->get_user_id(); 1323 1324 check_admin_referer( 'bp-member-type-change-' . $user_id, 'bp-member-type-nonce' ); 1325 1326 // Permission check. 1327 if ( ! bp_current_user_can( 'bp_moderate' ) && $user_id != bp_loggedin_user_id() ) { 1328 return; 1329 } 1330 1331 // Member type string must either reference a valid member type, or be empty. 1332 $member_type = stripslashes( $_POST['bp-members-profile-member-type'] ); 1333 if ( ! empty( $member_type ) && ! bp_get_member_type_object( $member_type ) ) { 1334 return; 1335 } 1336 1337 /* 1338 * If an invalid member type is passed, someone's doing something 1339 * fishy with the POST request, so we can fail silently. 1340 */ 1341 if ( bp_set_member_type( $user_id, $member_type ) ) { 1342 // @todo Success messages can't be posted because other stuff happens on the page load. 1343 } 1344 } 1345 1346 /** 1347 * Add a link to Profile in Users listing row actions. 1348 * 1349 * @since 2.0.0 1350 * 1351 * @param array|string $actions WordPress row actions (edit, delete). 1352 * @param object|null $user The object for the user row. 1353 * @return null|string|array Merged actions. 1354 */ 1355 public function row_actions( $actions = '', $user = null ) { 1356 1357 // Bail if no user ID. 1358 if ( empty( $user->ID ) ) { 1359 return; 1360 } 1361 1362 // Setup args array. 1363 $args = array(); 1364 1365 // Add the user ID if it's not for the current user. 1366 if ( $user->ID !== $this->current_user_id ) { 1367 $args['user_id'] = $user->ID; 1368 } 1369 1370 // Add the referer. 1371 $wp_http_referer = wp_unslash( $_SERVER['REQUEST_URI'] ); 1372 $wp_http_referer = wp_validate_redirect( esc_url_raw( $wp_http_referer ) ); 1373 $args['wp_http_referer'] = urlencode( $wp_http_referer ); 1374 1375 // Add the "Extended" link if the current user can edit this user. 1376 if ( current_user_can( 'edit_user', $user->ID ) || bp_current_user_can( 'bp_moderate' ) ) { 1377 1378 // Add query args and setup the Extended link. 1379 $edit_profile = add_query_arg( $args, $this->edit_profile_url ); 1380 $edit_profile_link = sprintf( '<a href="%1$s">%2$s</a>', esc_url( $edit_profile ), esc_html__( 'Extended', 'buddypress' ) ); 1381 1382 /** 1383 * Check the edit action is available 1384 * and preserve the order edit | profile | remove/delete. 1385 */ 1386 if ( ! empty( $actions['edit'] ) ) { 1387 $edit_action = $actions['edit']; 1388 unset( $actions['edit'] ); 1389 1390 $new_edit_actions = array( 1391 'edit' => $edit_action, 1392 'edit-profile' => $edit_profile_link, 1393 ); 1394 1395 // If not available simply add the edit profile action. 1396 } else { 1397 $new_edit_actions = array( 'edit-profile' => $edit_profile_link ); 1398 } 1399 1400 $actions = array_merge( $new_edit_actions, $actions ); 1401 } 1402 1403 return $actions; 1404 } 1405 1406 /** 1407 * Add a filter to edit profile url in WP Admin Bar. 1408 * 1409 * @since 2.1.0 1410 */ 1411 public function add_edit_profile_url_filter() { 1412 add_filter( 'bp_members_edit_profile_url', array( $this, 'filter_adminbar_profile_link' ), 10, 3 ); 1413 } 1414 1415 /** 1416 * Filter the profile url. 1417 * 1418 * @since 2.1.0 1419 * 1420 * 1421 * @param string $profile_link Profile Link for admin bar. 1422 * @param string $url Profile URL. 1423 * @param int $user_id User ID. 1424 * @return string 1425 */ 1426 public function filter_adminbar_profile_link( $profile_link = '', $url = '', $user_id = 0 ) { 1427 if ( ! is_super_admin( $user_id ) && is_admin() ) { 1428 $profile_link = user_admin_url( 'profile.php' ); 1429 } 1430 return $profile_link; 1431 } 1432 1433 /** 1434 * Remove the filter to edit profile url in WP Admin Bar. 1435 * 1436 * @since 2.1.0 1437 */ 1438 public function remove_edit_profile_url_filter() { 1439 remove_filter( 'bp_members_edit_profile_url', array( $this, 'filter_adminbar_profile_link' ), 10 ); 1440 } 1441 1442 /** Signups Management ****************************************************/ 1443 1444 /** 1445 * Display the admin preferences about signups pagination. 1446 * 1447 * @since 2.0.0 1448 * 1449 * @param int $value Value for signup option. 1450 * @param string $option Value for the option key. 1451 * @param int $new_value Value for the saved option. 1452 * @return int The pagination preferences. 1453 */ 1454 public function signup_screen_options( $value = 0, $option = '', $new_value = 0 ) { 1455 if ( 'users_page_bp_signups_network_per_page' != $option && 'users_page_bp_signups_per_page' != $option ) { 1456 return $value; 1457 } 1458 1459 // Per page. 1460 $new_value = (int) $new_value; 1461 if ( $new_value < 1 || $new_value > 999 ) { 1462 return $value; 1463 } 1464 1465 return $new_value; 1466 } 1467 1468 /** 1469 * Make sure no signups will show in users list. 1470 * 1471 * This is needed to handle signups that may have not been activated 1472 * before the 2.0.0 upgrade. 1473 * 1474 * @since 2.0.0 1475 * 1476 * @param WP_User_Query|null $query The users query. 1477 * @return WP_User_Query|null The users query without the signups. 1478 */ 1479 public function remove_signups_from_user_query( $query = null ) { 1480 global $wpdb; 1481 1482 // Bail if this is an ajax request. 1483 if ( defined( 'DOING_AJAX' ) ) { 1484 return; 1485 } 1486 1487 // Bail if updating BuddyPress. 1488 if ( bp_is_update() ) { 1489 return; 1490 } 1491 1492 // Bail if there is no current admin screen. 1493 if ( ! function_exists( 'get_current_screen' ) || ! get_current_screen() ) { 1494 return; 1495 } 1496 1497 // Get current screen. 1498 $current_screen = get_current_screen(); 1499 1500 // Bail if not on a users page. 1501 if ( ! isset( $current_screen->id ) || $this->users_page !== $current_screen->id ) { 1502 return; 1503 } 1504 1505 // Bail if already querying by an existing role. 1506 if ( ! empty( $query->query_vars['role'] ) ) { 1507 return; 1508 } 1509 1510 $query->query_where .= " AND {$wpdb->users}.user_status != 2"; 1511 } 1512 1513 /** 1514 * Filter the WP Users List Table views to include 'bp-signups'. 1515 * 1516 * @since 2.0.0 1517 * 1518 * @param array $views WP List Table views. 1519 * @return array The views with the signup view added. 1520 */ 1521 public function signup_filter_view( $views = array() ) { 1522 global $role; 1523 1524 // Remove the 'current' class from All if we're on the signups view. 1525 if ( 'registered' === $role ) { 1526 $views['all'] = str_replace( 'class="current"', '', $views['all'] ); 1527 $class = 'current'; 1528 } else { 1529 $class = ''; 1530 } 1531 1532 $signups = BP_Signup::count_signups(); 1533 1534 if ( is_network_admin() ) { 1535 $base_url = network_admin_url( 'users.php' ); 1536 } else { 1537 $base_url = bp_get_admin_url( 'users.php' ); 1538 } 1539 1540 $url = add_query_arg( 'page', 'bp-signups', $base_url ); 1541 1542 /* translators: %s: number of pending accounts */ 1543 $text = sprintf( _x( 'Pending %s', 'signup users', 'buddypress' ), '<span class="count">(' . number_format_i18n( $signups ) . ')</span>' ); 1544 1545 $views['registered'] = sprintf( '<a href="%1$s" class="%2$s">%3$s</a>', esc_url( $url ), $class, $text ); 1546 1547 return $views; 1548 } 1549 1550 /** 1551 * Load the Signup WP Users List table. 1552 * 1553 * @since 2.0.0 1554 * 1555 * @param string $class The name of the class to use. 1556 * @param string $required The parent class. 1557 * @return WP_List_Table|null The List table. 1558 */ 1559 public static function get_list_table_class( $class = '', $required = '' ) { 1560 if ( empty( $class ) ) { 1561 return; 1562 } 1563 1564 if ( ! empty( $required ) ) { 1565 require_once( ABSPATH . 'wp-admin/includes/class-wp-' . $required . '-list-table.php' ); 1566 } 1567 1568 return new $class(); 1569 } 1570 1571 /** 1572 * Set up the signups admin page. 1573 * 1574 * Loaded before the page is rendered, this function does all initial 1575 * setup, including: processing form requests, registering contextual 1576 * help, and setting up screen options. 1577 * 1578 * @since 2.0.0 1579 * 1580 * @global $bp_members_signup_list_table 1581 */ 1582 public function signups_admin_load() { 1583 global $bp_members_signup_list_table; 1584 1585 // Build redirection URL. 1586 $redirect_to = remove_query_arg( array( 'action', 'error', 'updated', 'activated', 'notactivated', 'deleted', 'notdeleted', 'resent', 'notresent', 'do_delete', 'do_resend', 'do_activate', '_wpnonce', 'signup_ids' ), $_SERVER['REQUEST_URI'] ); 1587 $doaction = bp_admin_list_table_current_bulk_action(); 1588 1589 /** 1590 * Fires at the start of the signups admin load. 1591 * 1592 * @since 2.0.0 1593 * 1594 * @param string $doaction Current bulk action being processed. 1595 * @param array $_REQUEST Current $_REQUEST global. 1596 */ 1597 do_action( 'bp_signups_admin_load', $doaction, $_REQUEST ); 1598 1599 /** 1600 * Filters the allowed actions for use in the user signups admin page. 1601 * 1602 * @since 2.0.0 1603 * 1604 * @param array $value Array of allowed actions to use. 1605 */ 1606 $allowed_actions = apply_filters( 'bp_signups_admin_allowed_actions', array( 'do_delete', 'do_activate', 'do_resend' ) ); 1607 1608 // Prepare the display of the Community Profile screen. 1609 if ( ! in_array( $doaction, $allowed_actions ) || ( -1 == $doaction ) ) { 1610 1611 if ( is_network_admin() ) { 1612 $bp_members_signup_list_table = self::get_list_table_class( 'BP_Members_MS_List_Table', 'ms-users' ); 1613 } else { 1614 $bp_members_signup_list_table = self::get_list_table_class( 'BP_Members_List_Table', 'users' ); 1615 } 1616 1617 // The per_page screen option. 1618 add_screen_option( 'per_page', array( 'label' => _x( 'Pending Accounts', 'Pending Accounts per page (screen options)', 'buddypress' ) ) ); 1619 1620 get_current_screen()->add_help_tab( array( 1621 'id' => 'bp-signups-overview', 1622 'title' => __( 'Overview', 'buddypress' ), 1623 'content' => 1624 '<p>' . __( 'This is the administration screen for pending accounts on your site.', 'buddypress' ) . '</p>' . 1625 '<p>' . __( 'From the screen options, you can customize the displayed columns and the pagination of this screen.', 'buddypress' ) . '</p>' . 1626 '<p>' . __( 'You can reorder the list of your pending accounts by clicking on the Username, Email or Registered column headers.', 'buddypress' ) . '</p>' . 1627 '<p>' . __( 'Using the search form, you can find pending accounts more easily. The Username and Email fields will be included in the search.', 'buddypress' ) . '</p>' 1628 ) ); 1629 1630 get_current_screen()->add_help_tab( array( 1631 'id' => 'bp-signups-actions', 1632 'title' => __( 'Actions', 'buddypress' ), 1633 'content' => 1634 '<p>' . __( 'Hovering over a row in the pending accounts list will display action links that allow you to manage pending accounts. You can perform the following actions:', 'buddypress' ) . '</p>' . 1635 '<ul><li>' . __( '"Email" takes you to the confirmation screen before being able to send the activation link to the desired pending account. You can only send the activation email once per day.', 'buddypress' ) . '</li>' . 1636 '<li>' . __( '"Delete" allows you to delete a pending account from your site. You will be asked to confirm this deletion.', 'buddypress' ) . '</li></ul>' . 1637 '<p>' . __( 'By clicking on a Username you will be able to activate a pending account from the confirmation screen.', 'buddypress' ) . '</p>' . 1638 '<p>' . __( 'Bulk actions allow you to perform these 3 actions for the selected rows.', 'buddypress' ) . '</p>' 1639 ) ); 1640 1641 // Help panel - sidebar links. 1642 get_current_screen()->set_help_sidebar( 1643 '<p><strong>' . __( 'For more information:', 'buddypress' ) . '</strong></p>' . 1644 '<p>' . __( '<a href="https://buddypress.org/support/">Support Forums</a>', 'buddypress' ) . '</p>' 1645 ); 1646 1647 // Add accessible hidden headings and text for the Pending Users screen. 1648 get_current_screen()->set_screen_reader_content( array( 1649 /* translators: accessibility text */ 1650 'heading_views' => __( 'Filter users list', 'buddypress' ), 1651 /* translators: accessibility text */ 1652 'heading_pagination' => __( 'Pending users list navigation', 'buddypress' ), 1653 /* translators: accessibility text */ 1654 'heading_list' => __( 'Pending users list', 'buddypress' ), 1655 ) ); 1656 1657 } else { 1658 if ( ! empty( $_REQUEST['signup_ids' ] ) ) { 1659 $signups = wp_parse_id_list( $_REQUEST['signup_ids' ] ); 1660 } 1661 1662 // Handle resent activation links. 1663 if ( 'do_resend' == $doaction ) { 1664 1665 // Nonce check. 1666 check_admin_referer( 'signups_resend' ); 1667 1668 $resent = BP_Signup::resend( $signups ); 1669 1670 if ( empty( $resent ) ) { 1671 $redirect_to = add_query_arg( 'error', $doaction, $redirect_to ); 1672 } else { 1673 $query_arg = array( 'updated' => 'resent' ); 1674 1675 if ( ! empty( $resent['resent'] ) ) { 1676 $query_arg['resent'] = count( $resent['resent'] ); 1677 } 1678 1679 if ( ! empty( $resent['errors'] ) ) { 1680 $query_arg['notsent'] = count( $resent['errors'] ); 1681 set_transient( '_bp_admin_signups_errors', $resent['errors'], 30 ); 1682 } 1683 1684 $redirect_to = add_query_arg( $query_arg, $redirect_to ); 1685 } 1686 1687 bp_core_redirect( $redirect_to ); 1688 1689 // Handle activated accounts. 1690 } elseif ( 'do_activate' == $doaction ) { 1691 1692 // Nonce check. 1693 check_admin_referer( 'signups_activate' ); 1694 1695 $activated = BP_Signup::activate( $signups ); 1696 1697 if ( empty( $activated ) ) { 1698 $redirect_to = add_query_arg( 'error', $doaction, $redirect_to ); 1699 } else { 1700 $query_arg = array( 'updated' => 'activated' ); 1701 1702 if ( ! empty( $activated['activated'] ) ) { 1703 $query_arg['activated'] = count( $activated['activated'] ); 1704 } 1705 1706 if ( ! empty( $activated['errors'] ) ) { 1707 $query_arg['notactivated'] = count( $activated['errors'] ); 1708 set_transient( '_bp_admin_signups_errors', $activated['errors'], 30 ); 1709 } 1710 1711 $redirect_to = add_query_arg( $query_arg, $redirect_to ); 1712 } 1713 1714 bp_core_redirect( $redirect_to ); 1715 1716 // Handle sign-ups delete. 1717 } elseif ( 'do_delete' == $doaction ) { 1718 1719 // Nonce check. 1720 check_admin_referer( 'signups_delete' ); 1721 1722 $deleted = BP_Signup::delete( $signups ); 1723 1724 if ( empty( $deleted ) ) { 1725 $redirect_to = add_query_arg( 'error', $doaction, $redirect_to ); 1726 } else { 1727 $query_arg = array( 'updated' => 'deleted' ); 1728 1729 if ( ! empty( $deleted['deleted'] ) ) { 1730 $query_arg['deleted'] = count( $deleted['deleted'] ); 1731 } 1732 1733 if ( ! empty( $deleted['errors'] ) ) { 1734 $query_arg['notdeleted'] = count( $deleted['errors'] ); 1735 set_transient( '_bp_admin_signups_errors', $deleted['errors'], 30 ); 1736 } 1737 1738 $redirect_to = add_query_arg( $query_arg, $redirect_to ); 1739 } 1740 1741 bp_core_redirect( $redirect_to ); 1742 1743 // Plugins can update other stuff from here. 1744 } else { 1745 $this->redirect = $redirect_to; 1746 1747 /** 1748 * Fires at end of signups admin load if doaction does not match any actions. 1749 * 1750 * @since 2.0.0 1751 * 1752 * @param string $doaction Current bulk action being processed. 1753 * @param array $_REQUEST Current $_REQUEST global. 1754 * @param string $redirect Determined redirect url to send user to. 1755 */ 1756 do_action( 'bp_members_admin_update_signups', $doaction, $_REQUEST, $this->redirect ); 1757 1758 bp_core_redirect( $this->redirect ); 1759 } 1760 } 1761 } 1762 1763 /** 1764 * Display any activation errors. 1765 * 1766 * @since 2.0.0 1767 */ 1768 public function signups_display_errors() { 1769 1770 // Look for sign-up errors. 1771 $errors = get_transient( '_bp_admin_signups_errors' ); 1772 1773 // Bail if no activation errors. 1774 if ( empty( $errors ) ) { 1775 return; 1776 } 1777 1778 // Loop through errors and display them. 1779 foreach ( $errors as $error ) : ?> 1780 1781 <li><?php echo esc_html( $error[0] );?>: <?php echo esc_html( $error[1] );?></li> 1782 1783 <?php endforeach; 1784 1785 // Delete the redirect transient. 1786 delete_transient( '_bp_admin_signups_errors' ); 1787 } 1788 1789 /** 1790 * Get admin notice when viewing the sign-up page. 1791 * 1792 * @since 2.1.0 1793 * 1794 * @return array 1795 */ 1796 private function get_signup_notice() { 1797 1798 // Setup empty notice for return value. 1799 $notice = array(); 1800 1801 // Updates. 1802 if ( ! empty( $_REQUEST['updated'] ) ) { 1803 switch ( $_REQUEST['updated'] ) { 1804 case 'resent': 1805 $notice = array( 1806 'class' => 'updated', 1807 'message' => '' 1808 ); 1809 1810 if ( ! empty( $_REQUEST['resent'] ) ) { 1811 $notice['message'] .= sprintf( 1812 /* translators: %s: number of activation emails sent */ 1813 _nx( '%s activation email successfully sent! ', '%s activation emails successfully sent! ', 1814 absint( $_REQUEST['resent'] ), 1815 'signup resent', 1816 'buddypress' 1817 ), 1818 number_format_i18n( absint( $_REQUEST['resent'] ) ) 1819 ); 1820 } 1821 1822 if ( ! empty( $_REQUEST['notsent'] ) ) { 1823 $notice['message'] .= sprintf( 1824 /* translators: %s: number of unsent activation emails */ 1825 _nx( '%s activation email was not sent.', '%s activation emails were not sent.', 1826 absint( $_REQUEST['notsent'] ), 1827 'signup notsent', 1828 'buddypress' 1829 ), 1830 number_format_i18n( absint( $_REQUEST['notsent'] ) ) 1831 ); 1832 1833 if ( empty( $_REQUEST['resent'] ) ) { 1834 $notice['class'] = 'error'; 1835 } 1836 } 1837 1838 break; 1839 1840 case 'activated': 1841 $notice = array( 1842 'class' => 'updated', 1843 'message' => '' 1844 ); 1845 1846 if ( ! empty( $_REQUEST['activated'] ) ) { 1847 $notice['message'] .= sprintf( 1848 /* translators: %s: number of activated accounts */ 1849 _nx( '%s account successfully activated! ', '%s accounts successfully activated! ', 1850 absint( $_REQUEST['activated'] ), 1851 'signup resent', 1852 'buddypress' 1853 ), 1854 number_format_i18n( absint( $_REQUEST['activated'] ) ) 1855 ); 1856 } 1857 1858 if ( ! empty( $_REQUEST['notactivated'] ) ) { 1859 $notice['message'] .= sprintf( 1860 /* translators: %s: number of accounts not activated */ 1861 _nx( '%s account was not activated.', '%s accounts were not activated.', 1862 absint( $_REQUEST['notactivated'] ), 1863 'signup notsent', 1864 'buddypress' 1865 ), 1866 number_format_i18n( absint( $_REQUEST['notactivated'] ) ) 1867 ); 1868 1869 if ( empty( $_REQUEST['activated'] ) ) { 1870 $notice['class'] = 'error'; 1871 } 1872 } 1873 1874 break; 1875 1876 case 'deleted': 1877 $notice = array( 1878 'class' => 'updated', 1879 'message' => '' 1880 ); 1881 1882 if ( ! empty( $_REQUEST['deleted'] ) ) { 1883 $notice['message'] .= sprintf( 1884 /* translators: %s: number of deleted signups */ 1885 _nx( '%s sign-up successfully deleted!', '%s sign-ups successfully deleted!', 1886 absint( $_REQUEST['deleted'] ), 1887 'signup deleted', 1888 'buddypress' 1889 ), 1890 number_format_i18n( absint( $_REQUEST['deleted'] ) ) 1891 ); 1892 } 1893 1894 if ( ! empty( $_REQUEST['notdeleted'] ) ) { 1895 $notice['message'] .= sprintf( 1896 /* translators: %s: number of deleted signups not deleted */ 1897 _nx( '%s sign-up was not deleted.', '%s sign-ups were not deleted.', 1898 absint( $_REQUEST['notdeleted'] ), 1899 'signup notdeleted', 1900 'buddypress' 1901 ), 1902 number_format_i18n( absint( $_REQUEST['notdeleted'] ) ) 1903 ); 1904 1905 if ( empty( $_REQUEST['deleted'] ) ) { 1906 $notice['class'] = 'error'; 1907 } 1908 } 1909 1910 break; 1911 } 1912 } 1913 1914 // Errors. 1915 if ( ! empty( $_REQUEST['error'] ) ) { 1916 switch ( $_REQUEST['error'] ) { 1917 case 'do_resend': 1918 $notice = array( 1919 'class' => 'error', 1920 'message' => esc_html__( 'There was a problem sending the activation emails. Please try again.', 'buddypress' ), 1921 ); 1922 break; 1923 1924 case 'do_activate': 1925 $notice = array( 1926 'class' => 'error', 1927 'message' => esc_html__( 'There was a problem activating accounts. Please try again.', 'buddypress' ), 1928 ); 1929 break; 1930 1931 case 'do_delete': 1932 $notice = array( 1933 'class' => 'error', 1934 'message' => esc_html__( 'There was a problem deleting sign-ups. Please try again.', 'buddypress' ), 1935 ); 1936 break; 1937 } 1938 } 1939 1940 return $notice; 1941 } 1942 1943 /** 1944 * Signups admin page router. 1945 * 1946 * Depending on the context, display 1947 * - the list of signups, 1948 * - or the delete confirmation screen, 1949 * - or the activate confirmation screen, 1950 * - or the "resend" email confirmation screen. 1951 * 1952 * Also prepare the admin notices. 1953 * 1954 * @since 2.0.0 1955 */ 1956 public function signups_admin() { 1957 $doaction = bp_admin_list_table_current_bulk_action(); 1958 1959 // Prepare notices for admin. 1960 $notice = $this->get_signup_notice(); 1961 1962 // Display notices. 1963 if ( ! empty( $notice ) ) : 1964 if ( 'updated' === $notice['class'] ) : ?> 1965 1966 <div id="message" class="<?php echo esc_attr( $notice['class'] ); ?> notice is-dismissible"> 1967 1968 <?php else: ?> 1969 1970 <div class="<?php echo esc_attr( $notice['class'] ); ?> notice is-dismissible"> 1971 1972 <?php endif; ?> 1973 1974 <p><?php echo $notice['message']; ?></p> 1975 1976 <?php if ( ! empty( $_REQUEST['notactivated'] ) || ! empty( $_REQUEST['notdeleted'] ) || ! empty( $_REQUEST['notsent'] ) ) :?> 1977 1978 <ul><?php $this->signups_display_errors();?></ul> 1979 1980 <?php endif ;?> 1981 1982 </div> 1983 1984 <?php endif; 1985 1986 // Show the proper screen. 1987 switch ( $doaction ) { 1988 case 'activate' : 1989 case 'delete' : 1990 case 'resend' : 1991 $this->signups_admin_manage( $doaction ); 1992 break; 1993 1994 default: 1995 $this->signups_admin_index(); 1996 break; 1997 1998 } 1999 } 2000 2001 /** 2002 * This is the list of the Pending accounts (signups). 2003 * 2004 * @since 2.0.0 2005 * 2006 * @global $plugin_page 2007 * @global $bp_members_signup_list_table 2008 */ 2009 public function signups_admin_index() { 2010 global $plugin_page, $bp_members_signup_list_table; 2011 2012 $usersearch = ! empty( $_REQUEST['s'] ) ? stripslashes( $_REQUEST['s'] ) : ''; 2013 2014 // Prepare the group items for display. 2015 $bp_members_signup_list_table->prepare_items(); 2016 2017 if ( is_network_admin() ) { 2018 $form_url = network_admin_url( 'users.php' ); 2019 } else { 2020 $form_url = bp_get_admin_url( 'users.php' ); 2021 } 2022 2023 $form_url = add_query_arg( 2024 array( 2025 'page' => 'bp-signups', 2026 ), 2027 $form_url 2028 ); 2029 2030 $search_form_url = remove_query_arg( 2031 array( 2032 'action', 2033 'deleted', 2034 'notdeleted', 2035 'error', 2036 'updated', 2037 'delete', 2038 'activate', 2039 'activated', 2040 'notactivated', 2041 'resend', 2042 'resent', 2043 'notresent', 2044 'do_delete', 2045 'do_activate', 2046 'do_resend', 2047 'action2', 2048 '_wpnonce', 2049 'signup_ids' 2050 ), $_SERVER['REQUEST_URI'] 2051 ); 2052 2053 ?> 2054 2055 <div class="wrap"> 2056 <h1 class="wp-heading-inline"><?php _e( 'Users', 'buddypress' ); ?></h1> 2057 2058 <?php if ( current_user_can( 'create_users' ) ) : ?> 2059 2060 <a href="user-new.php" class="page-title-action"><?php echo esc_html_x( 'Add New', 'user', 'buddypress' ); ?></a> 2061 2062 <?php elseif ( is_multisite() && current_user_can( 'promote_users' ) ) : ?> 2063 2064 <a href="user-new.php" class="page-title-action"><?php echo esc_html_x( 'Add Existing', 'user', 'buddypress' ); ?></a> 2065 2066 <?php endif; 2067 2068 if ( $usersearch ) { 2069 printf( '<span class="subtitle">' . __( 'Search results for “%s”', 'buddypress' ) . '</span>', esc_html( $usersearch ) ); 2070 } 2071 ?> 2072 2073 <hr class="wp-header-end"> 2074 2075 <?php // Display each signups on its own row. ?> 2076 <?php $bp_members_signup_list_table->views(); ?> 2077 2078 <form id="bp-signups-search-form" action="<?php echo esc_url( $search_form_url ) ;?>"> 2079 <input type="hidden" name="page" value="<?php echo esc_attr( $plugin_page ); ?>" /> 2080 <?php $bp_members_signup_list_table->search_box( __( 'Search Pending Users', 'buddypress' ), 'bp-signups' ); ?> 2081 </form> 2082 2083 <form id="bp-signups-form" action="<?php echo esc_url( $form_url );?>" method="post"> 2084 <?php $bp_members_signup_list_table->display(); ?> 2085 </form> 2086 </div> 2087 <?php 2088 } 2089 2090 /** 2091 * This is the confirmation screen for actions. 2092 * 2093 * @since 2.0.0 2094 * 2095 * @param string $action Delete, activate, or resend activation link. 2096 * 2097 * @return null|false 2098 */ 2099 public function signups_admin_manage( $action = '' ) { 2100 if ( ! current_user_can( $this->capability ) || empty( $action ) ) { 2101 die( '-1' ); 2102 } 2103 2104 // Get the user IDs from the URL. 2105 $ids = false; 2106 if ( ! empty( $_POST['allsignups'] ) ) { 2107 $ids = wp_parse_id_list( $_POST['allsignups'] ); 2108 } elseif ( ! empty( $_GET['signup_id'] ) ) { 2109 $ids = absint( $_GET['signup_id'] ); 2110 } 2111 2112 if ( empty( $ids ) ) { 2113 return false; 2114 } 2115 2116 // Query for signups, and filter out those IDs that don't 2117 // correspond to an actual signup. 2118 $signups_query = BP_Signup::get( array( 2119 'include' => $ids, 2120 ) ); 2121 2122 $signups = $signups_query['signups']; 2123 $signup_ids = wp_list_pluck( $signups, 'signup_id' ); 2124 2125 // Set up strings. 2126 switch ( $action ) { 2127 case 'delete' : 2128 $header_text = __( 'Delete Pending Accounts', 'buddypress' ); 2129 if ( 1 == count( $signup_ids ) ) { 2130 $helper_text = __( 'You are about to delete the following account:', 'buddypress' ); 2131 } else { 2132 $helper_text = __( 'You are about to delete the following accounts:', 'buddypress' ); 2133 } 2134 break; 2135 2136 case 'activate' : 2137 $header_text = __( 'Activate Pending Accounts', 'buddypress' ); 2138 if ( 1 == count( $signup_ids ) ) { 2139 $helper_text = __( 'You are about to activate the following account:', 'buddypress' ); 2140 } else { 2141 $helper_text = __( 'You are about to activate the following accounts:', 'buddypress' ); 2142 } 2143 break; 2144 2145 case 'resend' : 2146 $header_text = __( 'Resend Activation Emails', 'buddypress' ); 2147 if ( 1 == count( $signup_ids ) ) { 2148 $helper_text = __( 'You are about to resend an activation email to the following account:', 'buddypress' ); 2149 } else { 2150 $helper_text = __( 'You are about to resend an activation email to the following accounts:', 'buddypress' ); 2151 } 2152 break; 2153 } 2154 2155 // These arguments are added to all URLs. 2156 $url_args = array( 'page' => 'bp-signups' ); 2157 2158 // These arguments are only added when performing an action. 2159 $action_args = array( 2160 'action' => 'do_' . $action, 2161 'signup_ids' => implode( ',', $signup_ids ) 2162 ); 2163 2164 if ( is_network_admin() ) { 2165 $base_url = network_admin_url( 'users.php' ); 2166 } else { 2167 $base_url = bp_get_admin_url( 'users.php' ); 2168 } 2169 2170 $cancel_url = add_query_arg( $url_args, $base_url ); 2171 $action_url = wp_nonce_url( 2172 add_query_arg( 2173 array_merge( $url_args, $action_args ), 2174 $base_url 2175 ), 2176 'signups_' . $action 2177 ); 2178 2179 // Prefetch registration field data. 2180 $fdata = array(); 2181 if ( 'activate' === $action && bp_is_active( 'xprofile' ) ) { 2182 $field_groups = bp_xprofile_get_groups( array( 2183 'exclude_fields' => 1, 2184 'update_meta_cache' => false, 2185 'fetch_fields' => true, 2186 ) ); 2187 2188 foreach( $field_groups as $fg ) { 2189 foreach( $fg->fields as $f ) { 2190 $fdata[ $f->id ] = $f->name; 2191 } 2192 } 2193 } 2194 2195 ?> 2196 2197 <div class="wrap"> 2198 <h1 class="wp-heading-inline"><?php echo esc_html( $header_text ); ?></h1> 2199 <hr class="wp-header-end"> 2200 2201 <p><?php echo esc_html( $helper_text ); ?></p> 2202 2203 <ol class="bp-signups-list"> 2204 <?php foreach ( $signups as $signup ) : 2205 $last_notified = mysql2date( 'Y/m/d g:i:s a', $signup->date_sent ); 2206 $profile_field_ids = array(); 2207 2208 // Get all xprofile field IDs except field 1. 2209 if ( ! empty( $signup->meta['profile_field_ids'] ) ) { 2210 $profile_field_ids = array_flip( explode( ',', $signup->meta['profile_field_ids'] ) ); 2211 unset( $profile_field_ids[1] ); 2212 } ?> 2213 2214 <li> 2215 <strong><?php echo esc_html( $signup->user_login ) ?></strong> 2216 2217 <?php if ( 'activate' == $action ) : ?> 2218 <table class="wp-list-table widefat fixed striped"> 2219 <tbody> 2220 <tr> 2221 <td class="column-fields"><?php esc_html_e( 'Display Name', 'buddypress' ); ?></td> 2222 <td><?php echo esc_html( $signup->user_name ); ?></td> 2223 </tr> 2224 2225 <tr> 2226 <td class="column-fields"><?php esc_html_e( 'Email', 'buddypress' ); ?></td> 2227 <td><?php echo sanitize_email( $signup->user_email ); ?></td> 2228 </tr> 2229 2230 <?php if ( bp_is_active( 'xprofile' ) && ! empty( $profile_field_ids ) ) : ?> 2231 <?php foreach ( $profile_field_ids as $pid => $noop ) : 2232 $field_value = isset( $signup->meta[ "field_{$pid}" ] ) ? $signup->meta[ "field_{$pid}" ] : ''; ?> 2233 <tr> 2234 <td class="column-fields"><?php echo esc_html( $fdata[ $pid ] ); ?></td> 2235 <td><?php echo $this->format_xprofile_field_for_display( $field_value ); ?></td> 2236 </tr> 2237 2238 <?php endforeach; ?> 2239 2240 <?php endif; ?> 2241 2242 <?php 2243 /** 2244 * Fires inside the table listing the activate action confirmation details. 2245 * 2246 * @since 6.0.0 2247 * 2248 * @param object $signup The Sign-up Object. 2249 */ 2250 do_action( 'bp_activate_signup_confirmation_details', $signup ); 2251 ?> 2252 2253 </tbody> 2254 </table> 2255 2256 <?php 2257 /** 2258 * Fires outside the table listing the activate action confirmation details. 2259 * 2260 * @since 6.0.0 2261 * 2262 * @param object $signup The Sign-up Object. 2263 */ 2264 do_action( 'bp_activate_signup_confirmation_after_details', $signup ); 2265 ?> 2266 2267 <?php endif; ?> 2268 2269 <?php if ( 'resend' == $action ) : ?> 2270 2271 <p class="description"> 2272 <?php 2273 /* translators: %s: notification date */ 2274 printf( esc_html__( 'Last notified: %s', 'buddypress'), $last_notified ); 2275 ?> 2276 2277 <?php if ( ! empty( $signup->recently_sent ) ) : ?> 2278 2279 <span class="attention wp-ui-text-notification"> <?php esc_html_e( '(less than 24 hours ago)', 'buddypress' ); ?></span> 2280 2281 <?php endif; ?> 2282 </p> 2283 2284 <?php endif; ?> 2285 2286 </li> 2287 2288 <?php endforeach; ?> 2289 </ol> 2290 2291 <?php if ( 'delete' === $action ) : ?> 2292 2293 <p><strong><?php esc_html_e( 'This action cannot be undone.', 'buddypress' ) ?></strong></p> 2294 2295 <?php endif ; ?> 2296 2297 <a class="button-primary" href="<?php echo esc_url( $action_url ); ?>"><?php esc_html_e( 'Confirm', 'buddypress' ); ?></a> 2298 <a class="button" href="<?php echo esc_url( $cancel_url ); ?>"><?php esc_html_e( 'Cancel', 'buddypress' ) ?></a> 2299 </div> 2300 2301 <?php 2302 } 2303 2304 /** Users List Management ****************************************************/ 2305 2306 /** 2307 * Display a dropdown to bulk change the member type of selected user(s). 2308 * 2309 * @since 2.7.0 2310 * 2311 * @param string $which Where this dropdown is displayed - top or bottom. 2312 */ 2313 public function users_table_output_type_change_select( $which = 'top' ) { 2314 2315 // Bail if current user cannot promote users. 2316 if ( ! bp_current_user_can( 'promote_users' ) ) { 2317 return; 2318 } 2319 2320 // `$which` is only passed in WordPress 4.6+. Avoid duplicating controls in earlier versions. 2321 static $displayed = false; 2322 if ( version_compare( bp_get_major_wp_version(), '4.6', '<' ) && $displayed ) { 2323 return; 2324 } 2325 $displayed = true; 2326 2327 $id_name = 'bottom' === $which ? 'bp_change_type2' : 'bp_change_type'; 2328 2329 $types = bp_get_member_types( array(), 'objects' ); ?> 2330 2331 <label class="screen-reader-text" for="<?php echo $id_name; ?>"><?php _e( 'Change member type to…', 'buddypress' ) ?></label> 2332 <select name="<?php echo $id_name; ?>" id="<?php echo $id_name; ?>" style="display:inline-block;float:none;"> 2333 <option value=""><?php _e( 'Change member type to…', 'buddypress' ) ?></option> 2334 2335 <?php foreach( $types as $type ) : ?> 2336 2337 <option value="<?php echo esc_attr( $type->name ); ?>"><?php echo esc_html( $type->labels['singular_name'] ); ?></option> 2338 2339 <?php endforeach; ?> 2340 2341 <option value="remove_member_type"><?php _e( 'No Member Type', 'buddypress' ) ?></option> 2342 2343 </select> 2344 <?php 2345 wp_nonce_field( 'bp-bulk-users-change-type-' . bp_loggedin_user_id(), 'bp-bulk-users-change-type-nonce' ); 2346 submit_button( __( 'Change', 'buddypress' ), 'button', 'bp_change_member_type', false ); 2347 } 2348 2349 /** 2350 * Process bulk member type change submission from the WP admin users list table. 2351 * 2352 * @since 2.7.0 2353 */ 2354 public function users_table_process_bulk_type_change() { 2355 // Output the admin notice. 2356 $this->users_type_change_notice(); 2357 2358 // Bail if no users are specified or if this isn't a BuddyPress action. 2359 if ( empty( $_REQUEST['users'] ) 2360 || ( empty( $_REQUEST['bp_change_type'] ) && empty( $_REQUEST['bp_change_type2'] ) ) 2361 || empty( $_REQUEST['bp_change_member_type'] ) 2362 ) { 2363 return; 2364 } 2365 2366 // Bail if nonce check fails. 2367 check_admin_referer( 'bp-bulk-users-change-type-' . bp_loggedin_user_id(), 'bp-bulk-users-change-type-nonce' ); 2368 2369 // Bail if current user cannot promote users. 2370 if ( ! bp_current_user_can( 'promote_users' ) ) { 2371 return; 2372 } 2373 2374 $new_type = ''; 2375 if ( ! empty( $_REQUEST['bp_change_type2'] ) ) { 2376 $new_type = sanitize_text_field( $_REQUEST['bp_change_type2'] ); 2377 } elseif ( ! empty( $_REQUEST['bp_change_type'] ) ) { 2378 $new_type = sanitize_text_field( $_REQUEST['bp_change_type'] ); 2379 } 2380 2381 // Check that the selected type actually exists. 2382 if ( 'remove_member_type' != $new_type && null === bp_get_member_type_object( $new_type ) ) { 2383 $error = true; 2384 } else { 2385 // Run through user ids. 2386 $error = false; 2387 foreach ( (array) $_REQUEST['users'] as $user_id ) { 2388 $user_id = (int) $user_id; 2389 2390 // Get the old member type to check against. 2391 $member_type = bp_get_member_type( $user_id ); 2392 2393 if ( 'remove_member_type' === $new_type ) { 2394 // Remove the current member type, if there's one to remove. 2395 if ( $member_type ) { 2396 $removed = bp_remove_member_type( $user_id, $member_type ); 2397 if ( false === $removed || is_wp_error( $removed ) ) { 2398 $error = true; 2399 } 2400 } 2401 } else { 2402 // Set the new member type. 2403 if ( $new_type !== $member_type ) { 2404 $set = bp_set_member_type( $user_id, $new_type ); 2405 if ( false === $set || is_wp_error( $set ) ) { 2406 $error = true; 2407 } 2408 } 2409 } 2410 } 2411 } 2412 2413 // If there were any errors, show the error message. 2414 if ( $error ) { 2415 $redirect = add_query_arg( array( 'updated' => 'member-type-change-error' ), wp_get_referer() ); 2416 } else { 2417 $redirect = add_query_arg( array( 'updated' => 'member-type-change-success' ), wp_get_referer() ); 2418 } 2419 2420 wp_redirect( $redirect ); 2421 exit(); 2422 } 2423 2424 /** 2425 * Display an admin notice upon member type bulk update. 2426 * 2427 * @since 2.7.0 2428 */ 2429 public function users_type_change_notice() { 2430 $updated = isset( $_REQUEST['updated'] ) ? $_REQUEST['updated'] : false; 2431 2432 // Display feedback. 2433 if ( $updated && in_array( $updated, array( 'member-type-change-error', 'member-type-change-success' ), true ) ) { 2434 2435 if ( 'member-type-change-error' === $updated ) { 2436 $notice = __( 'There was an error while changing member type. Please try again.', 'buddypress' ); 2437 $type = 'error'; 2438 } else { 2439 $notice = __( 'Member type was changed successfully.', 'buddypress' ); 2440 $type = 'updated'; 2441 } 2442 2443 bp_core_add_admin_notice( $notice, $type ); 2444 } 2445 } 2446 2447 /** 2448 * Add member type column to the WordPress admin users list table. 2449 * 2450 * @since 2.7.0 2451 * 2452 * @param array $columns Users table columns. 2453 * 2454 * @return array $columns 2455 */ 2456 public function users_table_add_type_column( $columns = array() ) { 2457 $columns[ bp_get_member_type_tax_name() ] = _x( 'Member Type', 'Label for the WP users table member type column', 'buddypress' ); 2458 2459 return $columns; 2460 } 2461 2462 /** 2463 * Return member's type for display in the WP admin users list table. 2464 * 2465 * @since 2.7.0 2466 * 2467 * @param string $retval 2468 * @param string $column_name 2469 * @param int $user_id 2470 * 2471 * @return string Member type as a link to filter all users. 2472 */ 2473 public function users_table_populate_type_cell( $retval = '', $column_name = '', $user_id = 0 ) { 2474 // Only looking for member type column. 2475 if ( bp_get_member_type_tax_name() !== $column_name ) { 2476 return $retval; 2477 } 2478 2479 // Get the member type. 2480 $type = bp_get_member_type( $user_id ); 2481 2482 // Output the 2483 if ( $type_obj = bp_get_member_type_object( $type ) ) { 2484 $url = add_query_arg( array( 'bp-member-type' => urlencode( $type ) ) ); 2485 $retval = '<a href="' . esc_url( $url ) . '">' . esc_html( $type_obj->labels['singular_name'] ) . '</a>'; 2486 } 2487 2488 return $retval; 2489 } 2490 2491 /** 2492 * Filter WP Admin users list table to include users of the specified type. 2493 * 2494 * @param WP_Query $query 2495 * 2496 * @since 2.7.0 2497 */ 2498 public function users_table_filter_by_type( $query ) { 2499 global $pagenow; 2500 2501 if ( is_admin() && 'users.php' === $pagenow && ! empty( $_REQUEST['bp-member-type'] ) ) { 2502 $type_slug = sanitize_text_field( $_REQUEST['bp-member-type'] ); 2503 2504 // Check that the type is registered. 2505 if ( null == bp_get_member_type_object( $type_slug ) ) { 2506 return; 2507 } 2508 2509 // Get the list of users that are assigned to this member type. 2510 $type = bp_get_term_by( 'slug', $type_slug, bp_get_member_type_tax_name() ); 2511 2512 if ( empty( $type->term_id ) ) { 2513 return; 2514 } 2515 2516 $user_ids = bp_get_objects_in_term( $type->term_id, bp_get_member_type_tax_name() ); 2517 2518 if ( $user_ids && ! is_wp_error( $user_ids ) ) { 2519 $query->set( 'include', (array) $user_ids ); 2520 } 2521 } 2522 } 2523 2524 /** 2525 * Formats a signup's xprofile field data for display. 2526 * 2527 * Operates recursively on arrays, which are then imploded with commas. 2528 * 2529 * @since 2.8.0 2530 * 2531 * @param string|array $value Field value. 2532 * @return string 2533 */ 2534 protected function format_xprofile_field_for_display( $value ) { 2535 if ( is_array( $value ) ) { 2536 $value = array_map( array( $this, 'format_xprofile_field_for_display' ), $value ); 2537 $value = implode( ', ', $value ); 2538 } else { 2539 $value = stripslashes( $value ); 2540 $value = esc_html( $value ); 2541 } 2542 2543 return $value; 2544 } 2545 } 2546 endif; // End class_exists check.
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Sep 24 01:03:44 2020 | Cross-referenced by PHPXref 0.7.1 |