2007-05-25 03:16:21 -04:00
< ? php
2008-10-01 21:03:26 -04:00
/**
* WordPress user administration API .
*
* @ package WordPress
* @ subpackage Administration
*/
/**
* Creates a new user from the " Users " form using $_POST information .
*
2013-12-24 13:57:12 -05:00
* @ since 2.0 . 0
2008-10-01 21:03:26 -04:00
*
2015-05-29 16:17:26 -04:00
* @ return int | WP_Error WP_Error or User ID .
2008-10-01 21:03:26 -04:00
*/
2007-05-25 03:16:21 -04:00
function add_user () {
2012-01-05 15:38:40 -05:00
return edit_user ();
2007-05-25 03:16:21 -04:00
}
2008-10-01 21:03:26 -04:00
/**
2009-01-06 17:00:05 -05:00
* Edit user settings based on contents of $_POST
2008-10-01 21:03:26 -04:00
*
2009-01-06 17:00:05 -05:00
* Used on user - edit . php and profile . php to manage and process user options , passwords etc .
2008-10-01 21:03:26 -04:00
*
2013-12-24 13:57:12 -05:00
* @ since 2.0 . 0
2008-10-01 21:03:26 -04:00
*
* @ param int $user_id Optional . User ID .
2015-05-29 16:17:26 -04:00
* @ return int | WP_Error user id of the updated user
2008-10-01 21:03:26 -04:00
*/
2007-05-25 03:16:21 -04:00
function edit_user ( $user_id = 0 ) {
2015-05-28 17:41:30 -04:00
$wp_roles = wp_roles ();
2017-11-30 18:11:00 -05:00
$user = new stdClass ;
2018-03-19 16:29:34 -04:00
$user_id = ( int ) $user_id ;
2010-11-15 01:38:10 -05:00
if ( $user_id ) {
2017-11-30 18:11:00 -05:00
$update = true ;
2018-03-19 16:29:34 -04:00
$user -> ID = $user_id ;
2017-11-30 18:11:00 -05:00
$userdata = get_userdata ( $user_id );
2013-03-01 12:14:09 -05:00
$user -> user_login = wp_slash ( $userdata -> user_login );
2007-05-25 03:16:21 -04:00
} else {
$update = false ;
}
2017-11-30 18:11:00 -05:00
if ( ! $update && isset ( $_POST [ 'user_login' ] ) ) {
$user -> user_login = sanitize_user ( $_POST [ 'user_login' ], true );
}
2007-05-25 03:16:21 -04:00
$pass1 = $pass2 = '' ;
2017-11-30 18:11:00 -05:00
if ( isset ( $_POST [ 'pass1' ] ) ) {
2013-06-25 07:14:50 -04:00
$pass1 = $_POST [ 'pass1' ];
2017-11-30 18:11:00 -05:00
}
if ( isset ( $_POST [ 'pass2' ] ) ) {
2013-06-25 07:14:50 -04:00
$pass2 = $_POST [ 'pass2' ];
2017-11-30 18:11:00 -05:00
}
2007-05-25 03:16:21 -04:00
2018-03-19 16:29:34 -04:00
if ( isset ( $_POST [ 'role' ] ) && current_user_can ( 'promote_users' ) && ( ! $user_id || current_user_can ( 'promote_user' , $user_id ) ) ) {
$new_role = sanitize_text_field ( $_POST [ 'role' ] );
2009-01-06 17:00:05 -05:00
2018-03-19 16:29:34 -04:00
// If the new role isn't editable by the logged-in user die with error.
2009-01-06 17:00:05 -05:00
$editable_roles = get_editable_roles ();
2017-11-30 18:11:00 -05:00
if ( ! empty ( $new_role ) && empty ( $editable_roles [ $new_role ] ) ) {
2017-06-25 14:46:44 -04:00
wp_die ( __ ( 'Sorry, you are not allowed to give users that role.' ), 403 );
2017-11-30 18:11:00 -05:00
}
2018-03-19 16:29:34 -04:00
$potential_role = isset ( $wp_roles -> role_objects [ $new_role ] ) ? $wp_roles -> role_objects [ $new_role ] : false ;
/*
* Don 't let anyone with ' promote_users ' edit their own role to something without it .
* Multisite super admins can freely edit their roles , they possess all caps .
*/
if (
( is_multisite () && current_user_can ( 'manage_network_users' ) ) ||
$user_id !== get_current_user_id () ||
( $potential_role && $potential_role -> has_cap ( 'promote_users' ) )
) {
$user -> role = $new_role ;
}
2007-05-25 03:16:21 -04:00
}
2017-11-30 18:11:00 -05:00
if ( isset ( $_POST [ 'email' ] ) ) {
2014-10-19 16:30:19 -04:00
$user -> user_email = sanitize_text_field ( wp_unslash ( $_POST [ 'email' ] ) );
2017-11-30 18:11:00 -05:00
}
2013-03-01 11:28:40 -05:00
if ( isset ( $_POST [ 'url' ] ) ) {
2017-11-30 18:11:00 -05:00
if ( empty ( $_POST [ 'url' ] ) || $_POST [ 'url' ] == 'http://' ) {
2009-05-13 18:41:05 -04:00
$user -> user_url = '' ;
} else {
2013-03-01 11:28:40 -05:00
$user -> user_url = esc_url_raw ( $_POST [ 'url' ] );
2017-11-30 18:11:00 -05:00
$protocols = implode ( '|' , array_map ( 'preg_quote' , wp_allowed_protocols () ) );
$user -> user_url = preg_match ( '/^(' . $protocols . '):/is' , $user -> user_url ) ? $user -> user_url : 'http://' . $user -> user_url ;
2009-05-13 18:41:05 -04:00
}
2007-05-25 03:16:21 -04:00
}
2017-11-30 18:11:00 -05:00
if ( isset ( $_POST [ 'first_name' ] ) ) {
2013-03-01 11:28:40 -05:00
$user -> first_name = sanitize_text_field ( $_POST [ 'first_name' ] );
2017-11-30 18:11:00 -05:00
}
if ( isset ( $_POST [ 'last_name' ] ) ) {
2013-03-01 11:28:40 -05:00
$user -> last_name = sanitize_text_field ( $_POST [ 'last_name' ] );
2017-11-30 18:11:00 -05:00
}
if ( isset ( $_POST [ 'nickname' ] ) ) {
2013-03-01 11:28:40 -05:00
$user -> nickname = sanitize_text_field ( $_POST [ 'nickname' ] );
2017-11-30 18:11:00 -05:00
}
if ( isset ( $_POST [ 'display_name' ] ) ) {
2013-03-01 11:28:40 -05:00
$user -> display_name = sanitize_text_field ( $_POST [ 'display_name' ] );
2017-11-30 18:11:00 -05:00
}
2013-03-01 11:28:40 -05:00
2017-11-30 18:11:00 -05:00
if ( isset ( $_POST [ 'description' ] ) ) {
2013-03-01 11:28:40 -05:00
$user -> description = trim ( $_POST [ 'description' ] );
2017-11-30 18:11:00 -05:00
}
2009-09-14 09:57:48 -04:00
2013-09-24 14:14:09 -04:00
foreach ( wp_get_user_contact_methods ( $user ) as $method => $name ) {
2017-11-30 18:11:00 -05:00
if ( isset ( $_POST [ $method ] ) ) {
$user -> $method = sanitize_text_field ( $_POST [ $method ] );
}
2009-09-14 09:57:48 -04:00
}
if ( $update ) {
2017-11-30 18:11:00 -05:00
$user -> rich_editing = isset ( $_POST [ 'rich_editing' ] ) && 'false' === $_POST [ 'rich_editing' ] ? 'false' : 'true' ;
$user -> syntax_highlighting = isset ( $_POST [ 'syntax_highlighting' ] ) && 'false' === $_POST [ 'syntax_highlighting' ] ? 'false' : 'true' ;
$user -> admin_color = isset ( $_POST [ 'admin_color' ] ) ? sanitize_text_field ( $_POST [ 'admin_color' ] ) : 'fresh' ;
2013-03-01 11:28:40 -05:00
$user -> show_admin_bar_front = isset ( $_POST [ 'admin_bar_front' ] ) ? 'true' : 'false' ;
2017-11-30 18:11:00 -05:00
$user -> locale = '' ;
2016-10-03 03:04:29 -04:00
if ( isset ( $_POST [ 'locale' ] ) ) {
$locale = sanitize_text_field ( $_POST [ 'locale' ] );
2016-11-08 18:01:31 -05:00
if ( 'site-default' === $locale ) {
2016-10-03 03:04:29 -04:00
$locale = '' ;
2016-11-16 15:12:31 -05:00
} elseif ( '' === $locale ) {
2016-11-08 18:01:31 -05:00
$locale = 'en_US' ;
2016-11-16 15:12:31 -05:00
} elseif ( ! in_array ( $locale , get_available_languages (), true ) ) {
$locale = '' ;
2016-10-03 03:04:29 -04:00
}
2016-11-08 18:01:31 -05:00
$user -> locale = $locale ;
2016-10-03 03:04:29 -04:00
}
2009-08-06 17:59:52 -04:00
}
2007-05-25 03:16:21 -04:00
2013-03-01 11:28:40 -05:00
$user -> comment_shortcuts = isset ( $_POST [ 'comment_shortcuts' ] ) && 'true' == $_POST [ 'comment_shortcuts' ] ? 'true' : '' ;
2008-12-09 13:03:31 -05:00
2008-08-21 13:40:38 -04:00
$user -> use_ssl = 0 ;
2017-11-30 18:11:00 -05:00
if ( ! empty ( $_POST [ 'use_ssl' ] ) ) {
2008-08-21 13:40:38 -04:00
$user -> use_ssl = 1 ;
2017-11-30 18:11:00 -05:00
}
2008-08-21 13:40:38 -04:00
2007-05-25 03:16:21 -04:00
$errors = new WP_Error ();
/* checking that username has been typed */
2017-11-30 18:11:00 -05:00
if ( $user -> user_login == '' ) {
2013-03-07 01:00:16 -05:00
$errors -> add ( 'user_login' , __ ( '<strong>ERROR</strong>: Please enter a username.' ) );
2017-11-30 18:11:00 -05:00
}
2015-09-25 00:44:25 -04:00
2015-09-24 13:49:25 -04:00
/* checking that nickname has been typed */
2015-09-25 00:44:25 -04:00
if ( $update && empty ( $user -> nickname ) ) {
$errors -> add ( 'nickname' , __ ( '<strong>ERROR</strong>: Please enter a nickname.' ) );
2015-09-24 13:49:25 -04:00
}
2015-09-25 00:44:25 -04:00
2013-12-01 12:54:10 -05:00
/**
* Fires before the password and confirm password fields are checked for congruity .
*
* @ since 1.5 . 1
*
* @ param string $user_login The username .
2017-10-02 18:03:33 -04:00
* @ param string $pass1 The password ( passed by reference ) .
* @ param string $pass2 The confirmed password ( passed by reference ) .
2013-12-01 12:54:10 -05:00
*/
2013-03-07 01:00:16 -05:00
do_action_ref_array ( 'check_passwords' , array ( $user -> user_login , & $pass1 , & $pass2 ) );
2007-05-25 03:16:21 -04:00
2016-03-22 19:07:27 -04:00
// Check for blank password when adding a user.
if ( ! $update && empty ( $pass1 ) ) {
$errors -> add ( 'pass' , __ ( '<strong>ERROR</strong>: Please enter a password.' ), array ( 'form-field' => 'pass1' ) );
}
// Check for "\" in password.
2017-11-30 18:11:00 -05:00
if ( false !== strpos ( wp_unslash ( $pass1 ), '\\' ) ) {
2007-11-01 02:23:16 -04:00
$errors -> add ( 'pass' , __ ( '<strong>ERROR</strong>: Passwords may not contain the character "\\".' ), array ( 'form-field' => 'pass1' ) );
2016-03-22 19:07:27 -04:00
}
2007-05-25 03:16:21 -04:00
2016-03-22 19:07:27 -04:00
// Checking the password has been typed twice the same.
if ( ( $update || ! empty ( $pass1 ) ) && $pass1 != $pass2 ) {
2015-10-10 09:22:26 -04:00
$errors -> add ( 'pass' , __ ( '<strong>ERROR</strong>: Please enter the same password in both password fields.' ), array ( 'form-field' => 'pass1' ) );
2016-03-22 19:07:27 -04:00
}
2007-05-25 03:16:21 -04:00
2017-11-30 18:11:00 -05:00
if ( ! empty ( $pass1 ) ) {
2007-05-25 03:16:21 -04:00
$user -> user_pass = $pass1 ;
2017-11-30 18:11:00 -05:00
}
2007-05-25 03:16:21 -04:00
2017-11-30 18:11:00 -05:00
if ( ! $update && isset ( $_POST [ 'user_login' ] ) && ! validate_username ( $_POST [ 'user_login' ] ) ) {
$errors -> add ( 'user_login' , __ ( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ) );
}
2007-05-25 03:16:21 -04:00
2017-11-30 18:11:00 -05:00
if ( ! $update && username_exists ( $user -> user_login ) ) {
$errors -> add ( 'user_login' , __ ( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' ) );
}
2007-05-25 03:16:21 -04:00
2015-11-21 22:51:28 -05:00
/** This filter is documented in wp-includes/user.php */
2015-11-12 11:34:27 -05:00
$illegal_logins = ( array ) apply_filters ( 'illegal_user_logins' , array () );
2015-11-12 11:30:28 -05:00
if ( in_array ( strtolower ( $user -> user_login ), array_map ( 'strtolower' , $illegal_logins ) ) ) {
2015-12-04 18:25:26 -05:00
$errors -> add ( 'invalid_username' , __ ( '<strong>ERROR</strong>: Sorry, that username is not allowed.' ) );
2015-10-15 01:43:26 -04:00
}
2015-08-27 23:17:21 -04:00
/* checking email address */
2009-09-14 09:57:48 -04:00
if ( empty ( $user -> user_email ) ) {
2015-08-27 23:17:21 -04:00
$errors -> add ( 'empty_email' , __ ( '<strong>ERROR</strong>: Please enter an email address.' ), array ( 'form-field' => 'email' ) );
2017-11-30 18:11:00 -05:00
} elseif ( ! is_email ( $user -> user_email ) ) {
2012-10-05 15:04:34 -04:00
$errors -> add ( 'invalid_email' , __ ( '<strong>ERROR</strong>: The email address isn’t correct.' ), array ( 'form-field' => 'email' ) );
2017-11-30 18:11:00 -05:00
} elseif ( ( $owner_id = email_exists ( $user -> user_email ) ) && ( ! $update || ( $owner_id != $user -> ID ) ) ) {
$errors -> add ( 'email_exists' , __ ( '<strong>ERROR</strong>: This email is already registered, please choose another one.' ), array ( 'form-field' => 'email' ) );
2009-04-17 14:43:40 -04:00
}
2007-05-25 03:16:21 -04:00
2013-12-01 12:54:10 -05:00
/**
* Fires before user profile update errors are returned .
*
* @ since 2.8 . 0
*
2017-10-02 18:03:33 -04:00
* @ param WP_Error $errors WP_Error object ( passed by reference ) .
2015-08-27 13:16:21 -04:00
* @ param bool $update Whether this is a user update .
2017-10-02 18:03:33 -04:00
* @ param stdClass $user User object ( passed by reference ) .
2013-12-01 12:54:10 -05:00
*/
2013-03-07 01:00:16 -05:00
do_action_ref_array ( 'user_profile_update_errors' , array ( & $errors , $update , & $user ) );
2009-05-24 19:47:49 -04:00
2018-02-26 21:31:31 -05:00
if ( $errors -> has_errors () ) {
2007-05-25 03:16:21 -04:00
return $errors ;
2017-11-30 18:11:00 -05:00
}
2007-05-25 03:16:21 -04:00
if ( $update ) {
2012-08-10 11:36:54 -04:00
$user_id = wp_update_user ( $user );
2007-05-25 03:16:21 -04:00
} else {
2012-08-10 11:36:54 -04:00
$user_id = wp_insert_user ( $user );
2015-11-25 17:38:29 -05:00
$notify = isset ( $_POST [ 'send_user_notification' ] ) ? 'both' : 'admin' ;
2015-09-16 18:19:24 -04:00
/**
2017-11-26 18:57:55 -05:00
* Fires after a new user has been created .
*
* @ since 4.4 . 0
*
* @ param int $user_id ID of the newly created user .
* @ param string $notify Type of notification that should happen . See wp_send_new_user_notifications ()
* for more information on possible values .
*/
2015-11-25 17:38:29 -05:00
do_action ( 'edit_user_created_user' , $user_id , $notify );
2007-05-25 03:16:21 -04:00
}
return $user_id ;
}
2009-01-06 17:00:05 -05:00
/**
2009-03-17 22:43:45 -04:00
* Fetch a filtered list of user roles that the current user is
* allowed to edit .
2009-01-06 17:00:05 -05:00
*
2009-03-17 22:43:45 -04:00
* Simple function who ' s main purpose is to allow filtering of the
2009-01-06 17:00:05 -05:00
* list of roles in the $wp_roles object so that plugins can remove
2011-09-03 10:18:10 -04:00
* inappropriate ones depending on the situation or user making edits .
2009-01-06 17:00:05 -05:00
* Specifically because without filtering anyone with the edit_users
* capability can edit others to be administrators , even if they are
* only editors or authors . This filter allows admins to delegate
2009-03-17 22:43:45 -04:00
* user management .
2009-01-06 17:00:05 -05:00
*
2013-12-24 13:57:12 -05:00
* @ since 2.8 . 0
2009-01-06 17:00:05 -05:00
*
2018-03-25 14:10:32 -04:00
* @ return array [] Array of arrays containing role information .
2009-01-06 17:00:05 -05:00
*/
function get_editable_roles () {
2015-05-28 17:41:30 -04:00
$all_roles = wp_roles () -> roles ;
2013-12-01 12:54:10 -05:00
/**
2016-05-22 14:01:30 -04:00
* Filters the list of editable roles .
2013-12-01 12:54:10 -05:00
*
* @ since 2.8 . 0
*
2018-03-25 14:10:32 -04:00
* @ param array [] $all_roles Array of arrays containing role information .
2013-12-01 12:54:10 -05:00
*/
$editable_roles = apply_filters ( 'editable_roles' , $all_roles );
2009-03-17 22:43:45 -04:00
2009-01-06 17:00:05 -05:00
return $editable_roles ;
}
2008-10-01 21:03:26 -04:00
/**
* Retrieve user data and filter it .
*
2010-12-01 14:24:38 -05:00
* @ since 2.0 . 5
2008-10-01 21:03:26 -04:00
*
* @ param int $user_id User ID .
2013-09-01 23:25:09 -04:00
* @ return WP_User | bool WP_User object on success , false on failure .
2008-10-01 21:03:26 -04:00
*/
2007-05-25 03:16:21 -04:00
function get_user_to_edit ( $user_id ) {
2012-08-02 21:06:05 -04:00
$user = get_userdata ( $user_id );
2009-08-06 17:59:52 -04:00
2017-11-30 18:11:00 -05:00
if ( $user ) {
2013-09-01 23:25:09 -04:00
$user -> filter = 'edit' ;
2017-11-30 18:11:00 -05:00
}
2007-05-25 03:16:21 -04:00
return $user ;
}
2008-10-01 21:03:26 -04:00
/**
* Retrieve the user ' s drafts .
*
2010-12-01 14:24:38 -05:00
* @ since 2.0 . 0
2008-10-01 21:03:26 -04:00
*
2015-10-14 19:44:25 -04:00
* @ global wpdb $wpdb WordPress database abstraction object .
2015-05-28 17:41:30 -04:00
*
2008-10-01 21:03:26 -04:00
* @ param int $user_id User ID .
* @ return array
*/
2007-05-25 03:16:21 -04:00
function get_users_drafts ( $user_id ) {
global $wpdb ;
2017-11-30 18:11:00 -05:00
$query = $wpdb -> prepare ( " SELECT ID, post_title FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'draft' AND post_author = %d ORDER BY post_modified DESC " , $user_id );
2013-12-01 12:54:10 -05:00
/**
2016-05-22 14:01:30 -04:00
* Filters the user ' s drafts query string .
2013-12-01 12:54:10 -05:00
*
* @ since 2.0 . 0
*
* @ param string $query The user ' s drafts query string .
*/
$query = apply_filters ( 'get_users_drafts' , $query );
2007-05-25 03:16:21 -04:00
return $wpdb -> get_results ( $query );
}
2008-10-01 21:03:26 -04:00
/**
* Remove user and optionally reassign posts and links to another user .
*
2015-04-05 10:44:27 -04:00
* If the $reassign parameter is not assigned to a User ID , then all posts will
2016-05-23 13:28:27 -04:00
* be deleted of that user . The action { @ see 'delete_user' } that is passed the User ID
2008-10-01 21:03:26 -04:00
* being deleted will be run after the posts are either reassigned or deleted .
* The user meta will also be deleted that are for that User ID .
*
2010-12-01 14:24:38 -05:00
* @ since 2.0 . 0
2008-10-01 21:03:26 -04:00
*
2015-10-14 19:44:25 -04:00
* @ global wpdb $wpdb WordPress database abstraction object .
2015-05-28 17:41:30 -04:00
*
2008-10-01 21:03:26 -04:00
* @ param int $id User ID .
* @ param int $reassign Optional . Reassign posts and links to new User ID .
* @ return bool True when finished .
*/
2014-03-07 22:16:14 -05:00
function wp_delete_user ( $id , $reassign = null ) {
2007-05-25 03:16:21 -04:00
global $wpdb ;
2015-09-10 22:25:23 -04:00
if ( ! is_numeric ( $id ) ) {
return false ;
}
2017-11-30 18:11:00 -05:00
$id = ( int ) $id ;
2012-04-18 17:07:31 -04:00
$user = new WP_User ( $id );
2009-04-16 22:13:00 -04:00
2017-11-30 18:11:00 -05:00
if ( ! $user -> exists () ) {
2013-02-01 23:41:02 -05:00
return false ;
2017-11-30 18:11:00 -05:00
}
2013-02-01 23:41:02 -05:00
2014-03-07 22:16:14 -05:00
// Normalize $reassign to null or a user ID. 'novalue' was an older default.
if ( 'novalue' === $reassign ) {
$reassign = null ;
} elseif ( null !== $reassign ) {
$reassign = ( int ) $reassign ;
}
2013-12-01 12:54:10 -05:00
/**
* Fires immediately before a user is deleted from the database .
*
* @ since 2.0 . 0
*
2014-03-07 22:16:14 -05:00
* @ param int $id ID of the user to delete .
* @ param int | null $reassign ID of the user to reassign posts and links to .
* Default null , for no reassignment .
2013-12-01 12:54:10 -05:00
*/
2014-03-07 20:23:15 -05:00
do_action ( 'delete_user' , $id , $reassign );
2007-05-25 03:16:21 -04:00
2014-03-07 22:16:14 -05:00
if ( null === $reassign ) {
2012-05-08 13:01:50 -04:00
$post_types_to_delete = array ();
foreach ( get_post_types ( array (), 'objects' ) as $post_type ) {
if ( $post_type -> delete_with_user ) {
$post_types_to_delete [] = $post_type -> name ;
} elseif ( null === $post_type -> delete_with_user && post_type_supports ( $post_type -> name , 'author' ) ) {
$post_types_to_delete [] = $post_type -> name ;
}
}
2007-05-25 03:16:21 -04:00
2013-12-01 12:54:10 -05:00
/**
2016-05-22 14:01:30 -04:00
* Filters the list of post types to delete with a user .
2013-12-01 12:54:10 -05:00
*
* @ since 3.4 . 0
*
2018-03-25 14:10:32 -04:00
* @ param string [] $post_types_to_delete Array of post types to delete .
* @ param int $id User ID .
2013-12-01 12:54:10 -05:00
*/
2012-05-08 13:01:50 -04:00
$post_types_to_delete = apply_filters ( 'post_types_to_delete_with_user' , $post_types_to_delete , $id );
$post_types_to_delete = implode ( " ', ' " , $post_types_to_delete );
2017-11-30 18:11:00 -05:00
$post_ids = $wpdb -> get_col ( $wpdb -> prepare ( " SELECT ID FROM $wpdb->posts WHERE post_author = %d AND post_type IN (' $post_types_to_delete ') " , $id ) );
2010-01-19 14:23:11 -05:00
if ( $post_ids ) {
2017-11-30 18:11:00 -05:00
foreach ( $post_ids as $post_id ) {
2012-05-08 13:01:50 -04:00
wp_delete_post ( $post_id );
2017-11-30 18:11:00 -05:00
}
2007-05-25 03:16:21 -04:00
}
// Clean links
2017-11-30 18:11:00 -05:00
$link_ids = $wpdb -> get_col ( $wpdb -> prepare ( " SELECT link_id FROM $wpdb->links WHERE link_owner = %d " , $id ) );
2009-04-16 22:13:00 -04:00
if ( $link_ids ) {
2017-11-30 18:11:00 -05:00
foreach ( $link_ids as $link_id ) {
wp_delete_link ( $link_id );
}
2009-04-16 22:13:00 -04:00
}
2007-05-25 03:16:21 -04:00
} else {
2012-09-10 15:56:08 -04:00
$post_ids = $wpdb -> get_col ( $wpdb -> prepare ( " SELECT ID FROM $wpdb->posts WHERE post_author = %d " , $id ) );
2017-11-30 18:11:00 -05:00
$wpdb -> update ( $wpdb -> posts , array ( 'post_author' => $reassign ), array ( 'post_author' => $id ) );
2012-09-10 15:56:08 -04:00
if ( ! empty ( $post_ids ) ) {
2017-11-30 18:11:00 -05:00
foreach ( $post_ids as $post_id ) {
2012-09-10 15:56:08 -04:00
clean_post_cache ( $post_id );
2017-11-30 18:11:00 -05:00
}
2012-09-10 15:56:08 -04:00
}
2017-11-30 18:11:00 -05:00
$link_ids = $wpdb -> get_col ( $wpdb -> prepare ( " SELECT link_id FROM $wpdb->links WHERE link_owner = %d " , $id ) );
$wpdb -> update ( $wpdb -> links , array ( 'link_owner' => $reassign ), array ( 'link_owner' => $id ) );
2012-09-10 15:56:08 -04:00
if ( ! empty ( $link_ids ) ) {
2017-11-30 18:11:00 -05:00
foreach ( $link_ids as $link_id ) {
2012-09-10 15:56:08 -04:00
clean_bookmark_cache ( $link_id );
2017-11-30 18:11:00 -05:00
}
2012-09-10 15:56:08 -04:00
}
2007-05-25 03:16:21 -04:00
}
// FINALLY, delete user
2012-04-24 18:13:47 -04:00
if ( is_multisite () ) {
remove_user_from_blog ( $id , get_current_blog_id () );
2010-01-14 19:21:13 -05:00
} else {
2012-04-24 18:13:47 -04:00
$meta = $wpdb -> get_col ( $wpdb -> prepare ( " SELECT umeta_id FROM $wpdb->usermeta WHERE user_id = %d " , $id ) );
2017-11-30 18:11:00 -05:00
foreach ( $meta as $mid ) {
2012-04-24 18:13:47 -04:00
delete_metadata_by_mid ( 'user' , $mid );
2017-11-30 18:11:00 -05:00
}
2012-04-24 18:13:47 -04:00
$wpdb -> delete ( $wpdb -> users , array ( 'ID' => $id ) );
2010-01-14 19:21:13 -05:00
}
2007-05-25 03:16:21 -04:00
2012-04-18 17:24:53 -04:00
clean_user_cache ( $user );
2013-12-01 12:54:10 -05:00
/**
* Fires immediately after a user is deleted from the database .
*
* @ since 2.9 . 0
*
2014-03-07 22:16:14 -05:00
* @ param int $id ID of the deleted user .
* @ param int | null $reassign ID of the user to reassign posts and links to .
* Default null , for no reassignment .
2013-12-01 12:54:10 -05:00
*/
2014-03-07 20:23:15 -05:00
do_action ( 'deleted_user' , $id , $reassign );
2007-05-25 03:16:21 -04:00
return true ;
}
2008-10-01 21:03:26 -04:00
/**
* Remove all capabilities from user .
*
2010-12-01 14:24:38 -05:00
* @ since 2.1 . 0
2008-10-01 21:03:26 -04:00
*
* @ param int $id User ID .
*/
2017-11-30 18:11:00 -05:00
function wp_revoke_user ( $id ) {
2007-05-25 03:16:21 -04:00
$id = ( int ) $id ;
2017-11-30 18:11:00 -05:00
$user = new WP_User ( $id );
2007-05-25 03:16:21 -04:00
$user -> remove_all_caps ();
}
2010-12-01 14:24:38 -05:00
/**
* @ since 2.8 . 0
2015-05-28 17:41:30 -04:00
*
* @ global int $user_ID
*
* @ param false $errors Deprecated .
*/
2017-11-30 18:11:00 -05:00
function default_password_nag_handler ( $errors = false ) {
2009-05-06 12:19:40 -04:00
global $user_ID ;
2014-07-17 05:14:16 -04:00
// Short-circuit it.
2017-11-30 18:11:00 -05:00
if ( ! get_user_option ( 'default_password_nag' ) ) {
2009-05-06 12:19:40 -04:00
return ;
2017-11-30 18:11:00 -05:00
}
2009-05-06 12:19:40 -04:00
2014-07-17 05:14:16 -04:00
// get_user_setting = JS saved UI setting. else no-js-fallback code.
2017-11-30 18:11:00 -05:00
if ( 'hide' == get_user_setting ( 'default_password_nag' ) || isset ( $_GET [ 'default_password_nag' ] ) && '0' == $_GET [ 'default_password_nag' ] ) {
delete_user_setting ( 'default_password_nag' );
update_user_option ( $user_ID , 'default_password_nag' , false , true );
2009-05-03 13:06:29 -04:00
}
}
2009-05-06 12:19:40 -04:00
2010-12-01 14:24:38 -05:00
/**
* @ since 2.8 . 0
2015-05-29 16:17:26 -04:00
*
* @ param int $user_ID
* @ param object $old_data
2010-12-01 14:24:38 -05:00
*/
2017-11-30 18:11:00 -05:00
function default_password_nag_edit_user ( $user_ID , $old_data ) {
2014-07-17 05:14:16 -04:00
// Short-circuit it.
2017-11-30 18:11:00 -05:00
if ( ! get_user_option ( 'default_password_nag' , $user_ID ) ) {
2009-05-06 12:19:40 -04:00
return ;
2017-11-30 18:11:00 -05:00
}
2009-05-06 12:19:40 -04:00
2017-11-30 18:11:00 -05:00
$new_data = get_userdata ( $user_ID );
2009-05-06 12:19:40 -04:00
2014-07-17 05:14:16 -04:00
// Remove the nag if the password has been changed.
if ( $new_data -> user_pass != $old_data -> user_pass ) {
2017-11-30 18:11:00 -05:00
delete_user_setting ( 'default_password_nag' );
update_user_option ( $user_ID , 'default_password_nag' , false , true );
2009-05-06 12:19:40 -04:00
}
}
2010-12-01 14:24:38 -05:00
/**
* @ since 2.8 . 0
2015-05-28 17:41:30 -04:00
*
* @ global string $pagenow
2010-12-01 14:24:38 -05:00
*/
2009-05-03 13:06:29 -04:00
function default_password_nag () {
2010-09-13 12:49:04 -04:00
global $pagenow ;
2014-07-17 05:14:16 -04:00
// Short-circuit it.
2017-11-30 18:11:00 -05:00
if ( 'profile.php' == $pagenow || ! get_user_option ( 'default_password_nag' ) ) {
2009-05-03 13:06:29 -04:00
return ;
2017-11-30 18:11:00 -05:00
}
2009-05-03 13:06:29 -04:00
2010-04-20 13:15:07 -04:00
echo '<div class="error default-password-nag">' ;
echo '<p>' ;
2017-11-30 18:11:00 -05:00
echo '<strong>' . __ ( 'Notice:' ) . '</strong> ' ;
_e ( 'You’re using the auto-generated password for your account. Would you like to change it?' );
2010-04-27 17:57:18 -04:00
echo '</p><p>' ;
2017-11-30 18:11:00 -05:00
printf ( '<a href="%s">' . __ ( 'Yes, take me to my profile page' ) . '</a> | ' , get_edit_profile_url () . '#password' );
printf ( '<a href="%s" id="default-password-nag-no">' . __ ( 'No thanks, do not remind me again' ) . '</a>' , '?default_password_nag=0' );
2009-05-03 13:06:29 -04:00
echo '</p></div>' ;
}
2015-09-10 12:47:24 -04:00
/**
* @ since 3.5 . 0
* @ access private
*/
2017-11-30 18:11:00 -05:00
function delete_users_add_js () {
?>
2015-09-10 12:47:24 -04:00
< script >
jQuery ( document ) . ready ( function ( $ ) {
var submit = $ ( '#submit' ) . prop ( 'disabled' , true );
$ ( 'input[name="delete_option"]' ) . one ( 'change' , function () {
submit . prop ( 'disabled' , false );
});
$ ( '#reassign_user' ) . focus ( function () {
$ ( '#delete_option1' ) . prop ( 'checked' , true ) . trigger ( 'change' );
});
});
</ script >
< ? php
2015-09-10 17:33:33 -04:00
}
/**
* Optional SSL preference that can be turned on by hooking to the 'personal_options' action .
*
2016-05-23 13:28:27 -04:00
* See the { @ see 'personal_options' } action .
*
2015-09-10 17:33:33 -04:00
* @ since 2.7 . 0
*
* @ param object $user User data object
*/
2017-11-30 18:11:00 -05:00
function use_ssl_preference ( $user ) {
2015-09-10 17:33:33 -04:00
?>
< tr class = " user-use-ssl-wrap " >
2017-11-30 18:11:00 -05:00
< th scope = " row " >< ? php _e ( 'Use https' ); ?> </th>
< td >< label for = " use_ssl " >< input name = " use_ssl " type = " checkbox " id = " use_ssl " value = " 1 " < ? php checked ( '1' , $user -> use_ssl ); ?> /> <?php _e( 'Always use https when visiting the admin' ); ?></label></td>
2015-09-10 17:33:33 -04:00
</ tr >
< ? php
}
/**
* @ param string $text
* @ return string
*/
function admin_created_user_email ( $text ) {
$roles = get_editable_roles ();
2017-11-30 18:11:00 -05:00
$role = $roles [ $_REQUEST [ 'role' ] ];
2018-03-11 12:44:34 -04:00
/* translators: 1: site name, 2: site URL, 3: role */
2017-11-30 18:11:00 -05:00
return sprintf (
__ (
' Hi ,
2015-09-10 17:33:33 -04:00
You\ ' ve been invited to join \ ' % 1 $s\ ' at
% 2 $s with the role of % 3 $s .
If you do not want to join this site please ignore
this email . This invitation will expire in a few days .
Please click the following link to activate your user account :
2017-11-30 18:11:00 -05:00
%% s '
), wp_specialchars_decode ( get_bloginfo ( 'name' ), ENT_QUOTES ), home_url (), wp_specialchars_decode ( translate_user_role ( $role [ 'name' ] ) )
);
2015-09-25 00:44:25 -04:00
}
2018-04-10 14:02:30 -04:00
/**
* Get action description from the name .
*
* @ since 5.0 . 0
* @ access private
*
* @ return string
*/
function _wp_privacy_action_description ( $request_type ) {
switch ( $request_type ) {
case 'user_export_request' :
return __ ( 'Export Personal Data' );
case 'user_remove_request' :
return __ ( 'Remove Personal Data' );
}
}
/**
* Log a request and send to the user .
*
* @ since 5.0 . 0
* @ access private
*
* @ param string $email_address Email address sending the request to .
* @ param string $action Action being requested .
* @ param string $description Description of request .
* @ return bool | WP_Error depending on success .
*/
function _wp_privacy_create_request ( $email_address , $action , $description ) {
$user_id = 0 ;
$user = get_user_by ( 'email' , $email_address );
if ( $user ) {
$user_id = $user -> ID ;
}
$privacy_request_id = wp_insert_post ( array (
'post_author' => $user_id ,
'post_status' => 'request-pending' ,
'post_type' => $action ,
'post_date' => current_time ( 'mysql' , false ),
'post_date_gmt' => current_time ( 'mysql' , true ),
), true );
if ( is_wp_error ( $privacy_request_id ) ) {
return $privacy_request_id ;
}
update_post_meta ( $privacy_request_id , '_user_email' , $email_address );
update_post_meta ( $privacy_request_id , '_action_name' , $action );
update_post_meta ( $privacy_request_id , '_confirmed_timestamp' , false );
return wp_send_account_verification_key ( $email_address , $action , $description , array (
'privacy_request_id' => $privacy_request_id ,
) );
}
/**
* Resend an existing request and return the result .
*
* @ since 5.0 . 0
* @ access private
*
* @ param int $privacy_request_id Request ID .
* @ return bool | WP_Error
*/
function _wp_privacy_resend_request ( $privacy_request_id ) {
$privacy_request_id = absint ( $privacy_request_id );
$privacy_request = get_post ( $privacy_request_id );
if ( ! $privacy_request || ! in_array ( $privacy_request -> post_type , _wp_privacy_action_request_types (), true ) ) {
return new WP_Error ( 'privacy_request_error' , __ ( 'Invalid request.' ) );
}
$email_address = get_post_meta ( $privacy_request_id , '_user_email' , true );
$action = get_post_meta ( $privacy_request_id , '_action_name' , true );
$description = _wp_privacy_action_description ( $action );
$result = wp_send_account_verification_key ( $email_address , $action , $description , array (
'privacy_request_id' => $privacy_request_id ,
) );
if ( is_wp_error ( $result ) ) {
return $result ;
} elseif ( ! $result ) {
return new WP_Error ( 'privacy_request_error' , __ ( 'Unable to initiate confirmation request.' ) );
}
wp_update_post ( array (
'ID' => $privacy_request_id ,
'post_status' => 'request-pending' ,
'post_date' => current_time ( 'mysql' , false ),
'post_date_gmt' => current_time ( 'mysql' , true ),
) );
return true ;
}
/**
* Marks a request as completed by the admin and logs the datetime .
*
* @ since 5.0 . 0
* @ access private
*
* @ param int $privacy_request_id Request ID .
* @ return bool | WP_Error
*/
function _wp_privacy_completed_request ( $privacy_request_id ) {
$privacy_request_id = absint ( $privacy_request_id );
$privacy_request = get_post ( $privacy_request_id );
if ( ! $privacy_request || ! in_array ( $privacy_request -> post_type , _wp_privacy_action_request_types (), true ) ) {
return new WP_Error ( 'privacy_request_error' , __ ( 'Invalid request.' ) );
}
wp_update_post ( array (
'ID' => $privacy_request_id ,
'post_status' => 'request-completed' ,
) );
update_post_meta ( $privacy_request_id , '_completed_timestamp' , time () );
}
/**
* Handle list table actions .
*
* @ since 5.0 . 0
* @ access private
*/
function _wp_personal_data_handle_actions () {
if ( isset ( $_POST [ 'export_personal_data_email_retry' ] ) ) { // WPCS: input var ok.
check_admin_referer ( 'bulk-privacy_requests' );
$request_id = absint ( current ( array_keys ( ( array ) wp_unslash ( $_POST [ 'export_personal_data_email_retry' ] ) ) ) ); // WPCS: input var ok, sanitization ok.
$result = _wp_privacy_resend_request ( $request_id );
if ( is_wp_error ( $result ) ) {
add_settings_error (
'export_personal_data_email_retry' ,
'export_personal_data_email_retry' ,
$result -> get_error_message (),
'error'
);
} else {
add_settings_error (
'export_personal_data_email_retry' ,
'export_personal_data_email_retry' ,
__ ( 'Confirmation request re-resent successfully.' ),
'updated'
);
}
} elseif ( isset ( $_POST [ 'export_personal_data_email_send' ] ) ) { // WPCS: input var ok.
check_admin_referer ( 'bulk-privacy_requests' );
$request_id = absint ( current ( array_keys ( ( array ) wp_unslash ( $_POST [ 'export_personal_data_email_send' ] ) ) ) ); // WPCS: input var ok, sanitization ok.
$result = false ;
/**
* TODO : Email the data to the user here .
*/
if ( is_wp_error ( $result ) ) {
add_settings_error (
'export_personal_data_email_send' ,
'export_personal_data_email_send' ,
$result -> get_error_message (),
'error'
);
} else {
_wp_privacy_completed_request ( $request_id );
add_settings_error (
'export_personal_data_email_send' ,
'export_personal_data_email_send' ,
__ ( 'Personal data was sent to the user successfully.' ),
'updated'
);
}
} elseif ( isset ( $_POST [ 'action' ] ) ) {
$action = isset ( $_POST [ 'action' ] ) ? sanitize_key ( wp_unslash ( $_POST [ 'action' ] ) ) : '' ; // WPCS: input var ok, CSRF ok.
switch ( $action ) {
case 'add_export_personal_data_request' :
case 'add_remove_personal_data_request' :
check_admin_referer ( 'personal-data-request' );
if ( ! isset ( $_POST [ 'type_of_action' ], $_POST [ 'username_or_email_to_export' ] ) ) { // WPCS: input var ok.
add_settings_error (
'action_type' ,
'action_type' ,
__ ( 'Invalid action.' ),
'error'
);
}
$action_type = sanitize_text_field ( wp_unslash ( $_POST [ 'type_of_action' ] ) ); // WPCS: input var ok.
$username_or_email_address = sanitize_text_field ( wp_unslash ( $_POST [ 'username_or_email_to_export' ] ) ); // WPCS: input var ok.
$email_address = '' ;
if ( ! in_array ( $action_type , _wp_privacy_action_request_types (), true ) ) {
add_settings_error (
'action_type' ,
'action_type' ,
__ ( 'Invalid action.' ),
'error'
);
}
if ( ! is_email ( $username_or_email_address ) ) {
$user = get_user_by ( 'login' , $username_or_email_address );
if ( ! $user instanceof WP_User ) {
add_settings_error (
'username_or_email_to_export' ,
'username_or_email_to_export' ,
__ ( 'Unable to add export request. A valid email address or username must be supplied.' ),
'error'
);
} else {
$email_address = $user -> user_email ;
}
} else {
$email_address = $username_or_email_address ;
}
if ( ! empty ( $email_address ) ) {
$result = _wp_privacy_create_request ( $email_address , $action_type , _wp_privacy_action_description ( $action_type ) );
if ( is_wp_error ( $result ) ) {
add_settings_error (
'username_or_email_to_export' ,
'username_or_email_to_export' ,
$result -> get_error_message (),
'error'
);
} elseif ( ! $result ) {
add_settings_error (
'username_or_email_to_export' ,
'username_or_email_to_export' ,
__ ( 'Unable to initiate confirmation request.' ),
'error'
);
} else {
add_settings_error (
'username_or_email_to_export' ,
'username_or_email_to_export' ,
__ ( 'Confirmation request initiated successfully.' ),
'updated'
);
}
}
break ;
}
}
}
/**
* Personal data export .
*
* @ since 5.0 . 0
* @ access private
*/
function _wp_personal_data_export_page () {
if ( ! current_user_can ( 'manage_options' ) ) {
wp_die ( esc_html__ ( 'Sorry, you are not allowed to manage privacy on this site.' ) );
}
_wp_personal_data_handle_actions ();
$requests_table = new WP_Privacy_Data_Export_Requests_Table ( array (
'plural' => 'privacy_requests' ,
'singular' => 'privacy_request' ,
) );
$requests_table -> process_bulk_action ();
$requests_table -> prepare_items ();
?>
< div class = " wrap nosubsub " >
< h1 >< ? php esc_html_e ( 'Export Personal Data' ); ?> </h1>
< hr class = " wp-header-end " />
< ? php settings_errors (); ?>
< form method = " post " class = " wp-privacy-request-form " >
< h2 >< ? php esc_html_e ( 'Add Data Export Request' ); ?> </h2>
< p >< ? php esc_html_e ( 'An email will be sent to the user at this email address asking them to verify the request.' ); ?> </p>
< div class = " wp-privacy-request-form-field " >
< label for = " username_or_email_to_export " >< ? php esc_html_e ( 'Username or email address' ); ?> </label>
< input type = " text " required class = " regular-text " id = " username_or_email_to_export " name = " username_or_email_to_export " />
< ? php submit_button ( __ ( 'Send Request' ), 'secondary' , 'submit' , false ); ?>
</ div >
< ? php wp_nonce_field ( 'personal-data-request' ); ?>
< input type = " hidden " name = " action " value = " add_export_personal_data_request " />
< input type = " hidden " name = " type_of_action " value = " user_export_request " />
</ form >
< hr />
< ? php $requests_table -> views (); ?>
< form class = " search-form wp-clearfix " >
< ? php $requests_table -> search_box ( __ ( 'Search Requests' ), 'requests' ); ?>
< input type = " hidden " name = " page " value = " export_personal_data " />
< input type = " hidden " name = " filter-status " value = " <?php echo isset( $_REQUEST['filter-status'] ) ? esc_attr( sanitize_text_field( $_REQUEST['filter-status'] ) ) : ''; ?> " />
< input type = " hidden " name = " orderby " value = " <?php echo isset( $_REQUEST['orderby'] ) ? esc_attr( sanitize_text_field( $_REQUEST['orderby'] ) ) : ''; ?> " />
< input type = " hidden " name = " order " value = " <?php echo isset( $_REQUEST['order'] ) ? esc_attr( sanitize_text_field( $_REQUEST['order'] ) ) : ''; ?> " />
</ form >
< form method = " post " >
< ? php
$requests_table -> display ();
$requests_table -> embed_scripts ();
?>
</ form >
</ div >
< ? php
}
/**
* Personal data anonymization .
*
* @ since 5.0 . 0
* @ access private
*/
function _wp_personal_data_removal_page () {
if ( ! current_user_can ( 'manage_options' ) ) {
wp_die ( esc_html__ ( 'Sorry, you are not allowed to manage privacy on this site.' ) );
}
_wp_personal_data_handle_actions ();
$requests_table = new WP_Privacy_Data_Removal_Requests_Table ( array (
'plural' => 'privacy_requests' ,
'singular' => 'privacy_request' ,
) );
$requests_table -> process_bulk_action ();
$requests_table -> prepare_items ();
?>
< div class = " wrap nosubsub " >
< h1 >< ? php esc_html_e ( 'Remove Personal Data' ); ?> </h1>
< hr class = " wp-header-end " />
< ? php settings_errors (); ?>
< form method = " post " class = " wp-privacy-request-form " >
< h2 >< ? php esc_html_e ( 'Add Data Removal Request' ); ?> </h2>
< p >< ? php esc_html_e ( 'An email will be sent to the user at this email address asking them to verify the request.' ); ?> </p>
< div class = " wp-privacy-request-form-field " >
< label for = " username_or_email_to_export " >< ? php esc_html_e ( 'Username or email address' ); ?> </label>
< input type = " text " required class = " regular-text " id = " username_or_email_to_export " name = " username_or_email_to_export " />
< ? php submit_button ( __ ( 'Send Request' ), 'secondary' , 'submit' , false ); ?>
</ div >
< ? php wp_nonce_field ( 'personal-data-request' ); ?>
< input type = " hidden " name = " action " value = " add_remove_personal_data_request " />
< input type = " hidden " name = " type_of_action " value = " user_remove_request " />
</ form >
< hr />
< ? php $requests_table -> views (); ?>
< form class = " search-form wp-clearfix " >
< ? php $requests_table -> search_box ( __ ( 'Search Requests' ), 'requests' ); ?>
< input type = " hidden " name = " page " value = " export_personal_data " />
< input type = " hidden " name = " filter-status " value = " <?php echo isset( $_REQUEST['filter-status'] ) ? esc_attr( sanitize_text_field( $_REQUEST['filter-status'] ) ) : ''; ?> " />
< input type = " hidden " name = " orderby " value = " <?php echo isset( $_REQUEST['orderby'] ) ? esc_attr( sanitize_text_field( $_REQUEST['orderby'] ) ) : ''; ?> " />
< input type = " hidden " name = " order " value = " <?php echo isset( $_REQUEST['order'] ) ? esc_attr( sanitize_text_field( $_REQUEST['order'] ) ) : ''; ?> " />
</ form >
< form method = " post " >
< ? php
$requests_table -> display ();
$requests_table -> embed_scripts ();
?>
</ form >
</ div >
< ? php
}
/**
* Add requests pages .
*
* @ since 5.0 . 0
* @ access private
*/
function _wp_privacy_hook_requests_page () {
add_submenu_page ( 'tools.php' , __ ( 'Export Personal Data' ), __ ( 'Export Personal Data' ), 'manage_options' , 'export_personal_data' , '_wp_personal_data_export_page' );
add_submenu_page ( 'tools.php' , __ ( 'Remove Personal Data' ), __ ( 'Remove Personal Data' ), 'manage_options' , 'remove_personal_data' , '_wp_personal_data_removal_page' );
}
// TODO: move the following classes in new files.
if ( ! class_exists ( 'WP_List_Table' ) ) {
require_once ( ABSPATH . 'wp-admin/includes/class-wp-list-table.php' );
}
/**
* WP_Privacy_Requests_Table class .
*/
abstract class WP_Privacy_Requests_Table extends WP_List_Table {
/**
* Action name for the requests this table will work with . Classes
* which inherit from WP_Privacy_Requests_Table should define this .
* e . g . 'user_export_request'
*
* @ since 5.0 . 0
*
* @ var string $request_type Name of action .
*/
protected $request_type = 'INVALID' ;
/**
* Get columns to show in the list table .
*
* @ since 5.0 . 0
*
* @ param array Array of columns .
*/
public function get_columns () {
$columns = array (
'cb' => '<input type="checkbox" />' ,
'email' => __ ( 'Requester' ),
'status' => __ ( 'Status' ),
'requested' => __ ( 'Requested' ),
'next_steps' => __ ( 'Next Steps' ),
);
return $columns ;
}
/**
* Get a list of sortable columns .
*
* @ since 5.0 . 0
*
* @ return array
*/
protected function get_sortable_columns () {
return array ();
}
/**
* Default primary column .
*
* @ since 5.0 . 0
*
* @ return string
*/
protected function get_default_primary_column_name () {
return 'email' ;
}
/**
* Get an associative array ( id => link ) with the list
* of views available on this table .
*
* @ since 5.0 . 0
*
* @ return array
*/
protected function get_views () {
$current_status = isset ( $_REQUEST [ 'filter-status' ] ) ? sanitize_text_field ( $_REQUEST [ 'filter-status' ] ) : '' ;
$statuses = _wp_privacy_statuses ();
$views = array ();
$admin_url = admin_url ( 'tools.php?page=' . $this -> request_type );
$counts = wp_count_posts ( $this -> request_type );
$current_link_attributes = empty ( $current_status ) ? ' class="current" aria-current="page"' : '' ;
$views [ 'all' ] = '<a href="' . esc_url ( $admin_url ) . " \" $current_link_attributes > " . esc_html__ ( 'All' ) . ' (' . absint ( array_sum ( ( array ) $counts ) ) . ')</a>' ;
foreach ( $statuses as $status => $label ) {
$current_link_attributes = $status === $current_status ? ' class="current" aria-current="page"' : '' ;
$views [ $status ] = '<a href="' . esc_url ( add_query_arg ( 'filter-status' , $status , $admin_url ) ) . " \" $current_link_attributes > " . esc_html ( $label ) . ' (' . absint ( $counts -> $status ) . ')</a>' ;
}
return $views ;
}
/**
* Get bulk actions .
*
* @ since 5.0 . 0
*
* @ return array
*/
protected function get_bulk_actions () {
return array (
'delete' => __ ( 'Remove' ),
'resend' => __ ( 'Resend email' ),
);
}
/**
* Process bulk actions .
*
* @ since 5.0 . 0
*/
public function process_bulk_action () {
$action = $this -> current_action ();
$request_ids = isset ( $_REQUEST [ 'request_id' ] ) ? wp_parse_id_list ( wp_unslash ( $_REQUEST [ 'request_id' ] ) ) : array (); // WPCS: input var ok, CSRF ok.
if ( $request_ids ) {
check_admin_referer ( 'bulk-privacy_requests' );
}
switch ( $action ) {
case 'delete' :
$count = 0 ;
foreach ( $request_ids as $request_id ) {
if ( wp_delete_post ( $request_id , true ) ) {
$count ++ ;
}
}
add_settings_error (
'bulk_action' ,
'bulk_action' ,
sprintf ( _n ( 'Deleted %d request' , 'Deleted %d requests' , $count ), $count ),
'updated'
);
break ;
case 'resend' :
$count = 0 ;
foreach ( $request_ids as $request_id ) {
if ( _wp_privacy_resend_request ( $request_id ) ) {
$count ++ ;
}
}
add_settings_error (
'bulk_action' ,
'bulk_action' ,
sprintf ( _n ( 'Re-sent %d request' , 'Re-sent %d requests' , $count ), $count ),
'updated'
);
break ;
}
}
/**
* Prepare items to output .
*
* @ since 5.0 . 0
*/
public function prepare_items () {
global $wpdb ;
$primary = $this -> get_primary_column_name ();
$this -> _column_headers = array (
$this -> get_columns (),
array (),
$this -> get_sortable_columns (),
$primary ,
);
$this -> items = array ();
$posts_per_page = 20 ;
$args = array (
'post_type' => $this -> request_type ,
'posts_per_page' => $posts_per_page ,
'offset' => isset ( $_REQUEST [ 'paged' ] ) ? max ( 0 , absint ( $_REQUEST [ 'paged' ] ) - 1 ) * $posts_per_page : 0 ,
'post_status' => 'any' ,
);
if ( ! empty ( $_REQUEST [ 'filter-status' ] ) ) {
$filter_status = isset ( $_REQUEST [ 'filter-status' ] ) ? sanitize_text_field ( $_REQUEST [ 'filter-status' ] ) : '' ;
$args [ 'post_status' ] = $filter_status ;
}
if ( ! empty ( $_REQUEST [ 's' ] ) ) {
$args [ 'meta_query' ] = array (
$name_query ,
'relation' => 'AND' ,
array (
'key' => '_user_email' ,
'value' => isset ( $_REQUEST [ 's' ] ) ? sanitize_text_field ( $_REQUEST [ 's' ] ) : '' ,
'compare' => 'LIKE'
),
);
}
$privacy_requests_query = new WP_Query ( $args );
$privacy_requests = $privacy_requests_query -> posts ;
foreach ( $privacy_requests as $privacy_request ) {
$this -> items [] = array (
'request_id' => $privacy_request -> ID ,
'user_id' => $privacy_request -> post_author ,
'email' => get_post_meta ( $privacy_request -> ID , '_user_email' , true ),
'action' => get_post_meta ( $privacy_request -> ID , '_action_name' , true ),
'requested' => strtotime ( $privacy_request -> post_date_gmt ),
'confirmed' => get_post_meta ( $privacy_request -> ID , '_confirmed_timestamp' , true ),
'completed' => get_post_meta ( $privacy_request -> ID , '_completed_timestamp' , true ),
);
}
$this -> set_pagination_args (
array (
'total_items' => $privacy_requests_query -> found_posts ,
'per_page' => $posts_per_page ,
)
);
}
/**
* Checkbox column .
*
* @ since 5.0 . 0
*
* @ param array $item Item being shown .
* @ return string
*/
public function column_cb ( $item ) {
return sprintf ( '<input type="checkbox" name="request_id[]" value="%1$s" /><span class="spinner"></span>' , esc_attr ( $item [ 'request_id' ] ) );
}
/**
* Status column .
*
* @ since 5.0 . 0
*
* @ param array $item Item being shown .
* @ return string
*/
public function column_status ( $item ) {
$status = get_post_status ( $item [ 'request_id' ] );
$status_object = get_post_status_object ( $status );
if ( ! $status_object || empty ( $status_object -> label ) ) {
return '-' ;
}
$timestamp = false ;
switch ( $status ) {
case 'request-confirmed' :
$timestamp = $item [ 'confirmed' ];
break ;
case 'request-completed' :
$timestamp = $item [ 'completed' ];
break ;
}
echo '<span class="status-label status-' . esc_attr ( $status ) . '">' ;
echo esc_html ( $status_object -> label );
if ( $timestamp ) {
echo ' (' . $this -> get_timestamp_as_date ( $timestamp ) . ')' ;
}
echo '</span>' ;
}
/**
* Convert timestamp for display .
*
* @ since 5.0 . 0
*
* @ param int $timestamp Event timestamp .
* @ return string
*/
protected function get_timestamp_as_date ( $timestamp ) {
if ( empty ( $timestamp ) ) {
return '' ;
}
$time_diff = current_time ( 'timestamp' , true ) - $timestamp ;
if ( $time_diff >= 0 && $time_diff < DAY_IN_SECONDS ) {
return sprintf ( __ ( '%s ago' ), human_time_diff ( $timestamp ) );
}
return date_i18n ( get_option ( 'date_format' ), $timestamp );
}
/**
* Default column handler .
*
* @ since 5.0 . 0
*
* @ param array $item Item being shown .
* @ param string $column_name Name of column being shown .
* @ return string
*/
public function column_default ( $item , $column_name ) {
$cell_value = $item [ $column_name ];
if ( in_array ( $column_name , array ( 'requested' ), true ) ) {
return $this -> get_timestamp_as_date ( $cell_value );
}
return $cell_value ;
}
/**
* Actions column . Overriden by children .
*
* @ since 5.0 . 0
*
* @ param array $item Item being shown .
* @ return string
*/
public function column_email ( $item ) {
return sprintf ( '%1$s %2$s' , $item [ 'email' ], $this -> row_actions ( array () ) );
}
/**
* Next steps column . Overriden by children .
*
* @ since 5.0 . 0
*
* @ param array $item Item being shown .
*/
public function column_next_steps ( $item ) {}
/**
* Generates content for a single row of the table
*
* @ since 5.0 . 0
*
* @ param object $item The current item
*/
public function single_row ( $item ) {
$status = get_post_status ( $item [ 'request_id' ] );
echo '<tr class="status-' . esc_attr ( $status ) . '">' ;
$this -> single_row_columns ( $item );
echo '</tr>' ;
}
/**
* Embed scripts used to perform actions . Overriden by children .
*
* @ since 5.0 . 0
*/
public function embed_scripts () {}
}
/**
* WP_Privacy_Data_Export_Requests_Table class .
*
* @ since 5.0 . 0
*/
class WP_Privacy_Data_Export_Requests_Table extends WP_Privacy_Requests_Table {
/**
* Action name for the requests this table will work with . Classes
* which inherit from WP_Privacy_Requests_Table should define this .
* e . g . 'user_export_request'
*
* @ since 5.0 . 0
*
* @ var string $request_type Name of action .
*/
protected $request_type = 'user_export_request' ;
/**
* Actions column .
*
* @ since 5.0 . 0
*
* @ param array $item Item being shown .
* @ return string
*/
public function column_email ( $item ) {
$row_actions = array (
'download_data' => __ ( 'Download Personal Data' ),
);
return sprintf ( '%1$s %2$s' , $item [ 'email' ], $this -> row_actions ( $row_actions ) );
}
/**
* Next steps column .
*
* @ since 5.0 . 0
*
* @ param array $item Item being shown .
*/
public function column_next_steps ( $item ) {
$status = get_post_status ( $item [ 'request_id' ] );
switch ( $status ) {
case 'request-pending' :
esc_html_e ( 'Waiting for confirmation' );
break ;
case 'request-confirmed' :
// TODO Complete in follow on patch.
break ;
case 'request-failed' :
submit_button ( __ ( 'Retry' ), 'secondary' , 'export_personal_data_email_retry[' . $item [ 'request_id' ] . ']' , false );
break ;
case 'request-completed' :
echo '<a href="' . esc_url ( wp_nonce_url ( add_query_arg ( array (
'action' => 'delete' ,
'request_id' => array ( $item [ 'request_id' ] )
), admin_url ( 'tools.php?page=export_personal_data' ) ), 'bulk-privacy_requests' ) ) . '">' . esc_html__ ( 'Remove request' ) . '</a>' ;
break ;
}
}
}
/**
* WP_Privacy_Data_Removal_Requests_Table class .
*
* @ since 5.0 . 0
*/
class WP_Privacy_Data_Removal_Requests_Table extends WP_Privacy_Requests_Table {
/**
* Action name for the requests this table will work with . Classes
* which inherit from WP_Privacy_Requests_Table should define this .
* e . g . 'user_remove_request'
*
* @ since 5.0 . 0
*
* @ var string $request_type Name of action .
*/
protected $request_type = 'user_remove_request' ;
/**
* Actions column .
*
* @ since 5.0 . 0
*
* @ param array $item Item being shown .
* @ return string
*/
public function column_email ( $item ) {
$row_actions = array (
// TODO Complete in follow on patch.
'remove_data' => __ ( 'Remove Personal Data' ),
);
// If we have a user ID, include a delete user action.
if ( ! empty ( $item [ 'user_id' ] ) ) {
// TODO Complete in follow on patch.
$row_actions [ 'delete_user' ] = __ ( 'Delete User' );
}
return sprintf ( '%1$s %2$s' , $item [ 'email' ], $this -> row_actions ( $row_actions ) );
}
/**
* Next steps column .
*
* @ since 5.0 . 0
*
* @ param array $item Item being shown .
*/
public function column_next_steps ( $item ) {
}
}