PageRenderTime 65ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 1ms

/wp-content/plugins/buddypress/bp-core/bp-core-signup.php

https://bitbucket.org/openfarmtech/weblog-content
PHP | 625 lines | 359 code | 153 blank | 113 comment | 124 complexity | c89ed5bbaa1fe96e4a1930c6acf8de2a MD5 | raw file
Possible License(s): GPL-2.0, AGPL-1.0, LGPL-2.0, LGPL-3.0, BSD-3-Clause, GPL-3.0, LGPL-2.1, AGPL-3.0, CC-BY-SA-3.0
  1. <?php
  2. /********************************************************************************
  3. * Screen Functions
  4. *
  5. * Screen functions are the controllers of BuddyPress. They will execute when their
  6. * specific URL is caught. They will first save or manipulate data using business
  7. * functions, then pass on the user to a template file.
  8. */
  9. function bp_core_screen_signup() {
  10. global $bp, $wpdb;
  11. if ( $bp->current_component != BP_REGISTER_SLUG )
  12. return false;
  13. /* If the user is logged in, redirect away from here */
  14. if ( is_user_logged_in() )
  15. bp_core_redirect( $bp->root_domain );
  16. /* If signups are disabled, just re-direct */
  17. if ( !bp_get_signup_allowed() )
  18. bp_core_redirect( $bp->root_domain );
  19. $bp->signup->step = 'request-details';
  20. /* If the signup page is submitted, validate and save */
  21. if ( isset( $_POST['signup_submit'] ) ) {
  22. /* Check the nonce */
  23. check_admin_referer( 'bp_new_signup' );
  24. require_once( ABSPATH . WPINC . '/registration.php' );
  25. /* Check the base account details for problems */
  26. $account_details = bp_core_validate_user_signup( $_POST['signup_username'], $_POST['signup_email'] );
  27. /* If there are errors with account details, set them for display */
  28. if ( !empty( $account_details['errors']->errors['user_name'] ) )
  29. $bp->signup->errors['signup_username'] = $account_details['errors']->errors['user_name'][0];
  30. if ( !empty( $account_details['errors']->errors['user_email'] ) )
  31. $bp->signup->errors['signup_email'] = $account_details['errors']->errors['user_email'][0];
  32. /* Check that both password fields are filled in */
  33. if ( empty( $_POST['signup_password'] ) || empty( $_POST['signup_password_confirm'] ) )
  34. $bp->signup->errors['signup_password'] = __( 'Please make sure you enter your password twice', 'buddypress' );
  35. /* Check that the passwords match */
  36. if ( ( !empty( $_POST['signup_password'] ) && !empty( $_POST['signup_password_confirm'] ) ) && $_POST['signup_password'] != $_POST['signup_password_confirm'] )
  37. $bp->signup->errors['signup_password'] = __( 'The passwords you entered do not match.', 'buddypress' );
  38. $bp->signup->username = $_POST['signup_username'];
  39. $bp->signup->email = $_POST['signup_email'];
  40. /* Now we've checked account details, we can check profile information */
  41. if ( function_exists( 'xprofile_check_is_required_field' ) ) {
  42. /* Make sure hidden field is passed and populated */
  43. if ( isset( $_POST['signup_profile_field_ids'] ) && !empty( $_POST['signup_profile_field_ids'] ) ) {
  44. /* Let's compact any profile field info into an array */
  45. $profile_field_ids = explode( ',', $_POST['signup_profile_field_ids'] );
  46. /* Loop through the posted fields formatting any datebox values then validate the field */
  47. foreach ( (array) $profile_field_ids as $field_id ) {
  48. if ( !isset( $_POST['field_' . $field_id] ) ) {
  49. if ( isset( $_POST['field_' . $field_id . '_day'] ) )
  50. $_POST['field_' . $field_id] = strtotime( $_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year'] );
  51. }
  52. /* Create errors for required fields without values */
  53. if ( xprofile_check_is_required_field( $field_id ) && empty( $_POST['field_' . $field_id] ) )
  54. $bp->signup->errors['field_' . $field_id] = __( 'This is a required field', 'buddypress' );
  55. }
  56. /* This situation doesn't naturally occur so bounce to website root */
  57. } else {
  58. bp_core_redirect( $bp->root_domain );
  59. }
  60. }
  61. /* Finally, let's check the blog details, if the user wants a blog and blog creation is enabled */
  62. if ( isset( $_POST['signup_with_blog'] ) ) {
  63. $active_signup = $bp->site_options['registration'];
  64. if ( 'blog' == $active_signup || 'all' == $active_signup ) {
  65. $blog_details = bp_core_validate_blog_signup( $_POST['signup_blog_url'], $_POST['signup_blog_title'] );
  66. /* If there are errors with blog details, set them for display */
  67. if ( !empty( $blog_details['errors']->errors['blogname'] ) )
  68. $bp->signup->errors['signup_blog_url'] = $blog_details['errors']->errors['blogname'][0];
  69. if ( !empty( $blog_details['errors']->errors['blog_title'] ) )
  70. $bp->signup->errors['signup_blog_title'] = $blog_details['errors']->errors['blog_title'][0];
  71. }
  72. }
  73. do_action( 'bp_signup_validate' );
  74. /* Add any errors to the action for the field in the template for display. */
  75. if ( !empty( $bp->signup->errors ) ) {
  76. foreach ( (array)$bp->signup->errors as $fieldname => $error_message )
  77. add_action( 'bp_' . $fieldname . '_errors', create_function( '', 'echo "<div class=\"error\">' . $error_message . '</div>";' ) );
  78. } else {
  79. $bp->signup->step = 'save-details';
  80. /* No errors! Let's register those deets. */
  81. $active_signup = $bp->site_options['registration'];
  82. if ( 'none' != $active_signup ) {
  83. /* Let's compact any profile field info into usermeta */
  84. $profile_field_ids = explode( ',', $_POST['signup_profile_field_ids'] );
  85. /* Loop through the posted fields formatting any datebox values then add to usermeta */
  86. foreach ( (array) $profile_field_ids as $field_id ) {
  87. if ( !isset( $_POST['field_' . $field_id] ) ) {
  88. if ( isset( $_POST['field_' . $field_id . '_day'] ) )
  89. $_POST['field_' . $field_id] = strtotime( $_POST['field_' . $field_id . '_day'] . $_POST['field_' . $field_id . '_month'] . $_POST['field_' . $field_id . '_year'] );
  90. }
  91. if ( !empty( $_POST['field_' . $field_id] ) )
  92. $usermeta['field_' . $field_id] = $_POST['field_' . $field_id];
  93. }
  94. /* Store the profile field ID's in usermeta */
  95. $usermeta['profile_field_ids'] = $_POST['signup_profile_field_ids'];
  96. /* Hash and store the password */
  97. $usermeta['password'] = wp_hash_password( $_POST['signup_password'] );
  98. /* If the user decided to create a blog, save those details to usermeta */
  99. if ( 'blog' == $active_signup || 'all' == $active_signup ) {
  100. $usermeta['public'] = ( 'public' == $_POST['signup_blog_privacy'] ) ? true : false;
  101. }
  102. $usermeta = apply_filters( 'bp_signup_usermeta', $usermeta );
  103. /* Finally, sign up the user and/or blog */
  104. if ( isset( $_POST['signup_with_blog'] ) && bp_core_is_multisite() )
  105. bp_core_signup_blog( $blog_details['domain'], $blog_details['path'], $blog_details['blog_title'], $_POST['signup_username'], $_POST['signup_email'], $usermeta );
  106. else {
  107. bp_core_signup_user( $_POST['signup_username'], $_POST['signup_password'], $_POST['signup_email'], $usermeta );
  108. }
  109. $bp->signup->step = 'completed-confirmation';
  110. }
  111. do_action( 'bp_complete_signup' );
  112. }
  113. }
  114. $bp->avatar_admin->step = 'upload-image';
  115. /* If user has uploaded a new avatar */
  116. if ( !empty( $_FILES ) ) {
  117. /* Check the nonce */
  118. check_admin_referer( 'bp_avatar_upload' );
  119. $bp->signup->step = 'completed-confirmation';
  120. if ( bp_core_is_multisite() ) {
  121. /* Get the activation key */
  122. if ( !$bp->signup->key = $wpdb->get_var( $wpdb->prepare( "SELECT activation_key FROM {$wpdb->signups} WHERE user_login = %s AND user_email = %s", $_POST[ 'signup_username' ], $_POST[ 'signup_email' ] ) ) ) {
  123. bp_core_add_message( __( 'There was a problem uploading your avatar, please try uploading it again', 'buddypress' ) );
  124. } else {
  125. /* Hash the key to create the upload folder (added security so people don't sniff the activation key) */
  126. $bp->signup->avatar_dir = wp_hash( $bp->signup->key );
  127. }
  128. } else {
  129. $user_id = bp_core_get_userid( $_POST['signup_username'] );
  130. $bp->signup->avatar_dir = wp_hash( $user_id );
  131. }
  132. /* Pass the file to the avatar upload handler */
  133. if ( bp_core_avatar_handle_upload( $_FILES, 'bp_core_signup_avatar_upload_dir' ) ) {
  134. $bp->avatar_admin->step = 'crop-image';
  135. /* Make sure we include the jQuery jCrop file for image cropping */
  136. add_action( 'wp', 'bp_core_add_jquery_cropper' );
  137. }
  138. }
  139. /* If the image cropping is done, crop the image and save a full/thumb version */
  140. if ( isset( $_POST['avatar-crop-submit'] ) ) {
  141. /* Check the nonce */
  142. check_admin_referer( 'bp_avatar_cropstore' );
  143. /* Reset the avatar step so we can show the upload form again if needed */
  144. $bp->signup->step = 'completed-confirmation';
  145. $bp->avatar_admin->step = 'upload-image';
  146. if ( !bp_core_avatar_handle_crop( array( 'original_file' => $_POST['image_src'], 'crop_x' => $_POST['x'], 'crop_y' => $_POST['y'], 'crop_w' => $_POST['w'], 'crop_h' => $_POST['h'] ) ) )
  147. bp_core_add_message( __( 'There was a problem cropping your avatar, please try uploading it again', 'buddypress' ), 'error' );
  148. else
  149. bp_core_add_message( __( 'Your new avatar was uploaded successfully', 'buddypress' ) );
  150. }
  151. bp_core_load_template( 'registration/register' );
  152. }
  153. add_action( 'wp', 'bp_core_screen_signup', 3 );
  154. function bp_core_screen_activation() {
  155. global $bp, $wpdb;
  156. if ( BP_ACTIVATION_SLUG != $bp->current_component )
  157. return false;
  158. /* Check if an activation key has been passed */
  159. if ( isset( $_GET['key'] ) ) {
  160. require_once( ABSPATH . WPINC . '/registration.php' );
  161. /* Activate the signup */
  162. $user = apply_filters( 'bp_core_activate_account', bp_core_activate_signup( $_GET['key'] ) );
  163. /* If there was errors, add a message and redirect */
  164. if ( $user->errors ) {
  165. bp_core_add_message( __( 'There was an error activating your account, please try again.', 'buddypress' ), 'error' );
  166. bp_core_redirect( $bp->root_domain . '/' . BP_ACTIVATION_SLUG );
  167. }
  168. /* Check for an uploaded avatar and move that to the correct user folder */
  169. if ( bp_core_is_multisite() )
  170. $hashed_key = wp_hash( $_GET['key'] );
  171. else
  172. $hashed_key = wp_hash( $user );
  173. /* Check if the avatar folder exists. If it does, move rename it, move it and delete the signup avatar dir */
  174. if ( file_exists( BP_AVATAR_UPLOAD_PATH . '/avatars/signups/' . $hashed_key ) )
  175. @rename( BP_AVATAR_UPLOAD_PATH . '/avatars/signups/' . $hashed_key, BP_AVATAR_UPLOAD_PATH . '/avatars/' . $user );
  176. bp_core_add_message( __( 'Your account is now active!', 'buddypress' ) );
  177. $bp->activation_complete = true;
  178. }
  179. if ( '' != locate_template( array( 'registration/activate' ), false ) )
  180. bp_core_load_template( apply_filters( 'bp_core_template_activate', 'activate' ) );
  181. else
  182. bp_core_load_template( apply_filters( 'bp_core_template_activate', 'registration/activate' ) );
  183. }
  184. add_action( 'wp', 'bp_core_screen_activation', 3 );
  185. /********************************************************************************
  186. * Business Functions
  187. *
  188. * Business functions are where all the magic happens in BuddyPress. They will
  189. * handle the actual saving or manipulation of information. Usually they will
  190. * hand off to a database class for data access, then return
  191. * true or false on success or failure.
  192. */
  193. /**
  194. * bp_core_flush_illegal_names()
  195. *
  196. * Flush illegal names by getting and setting 'illegal_names' site option
  197. */
  198. function bp_core_flush_illegal_names() {
  199. $illegal_names = get_site_option( 'illegal_names' );
  200. update_site_option( 'illegal_names', $illegal_names );
  201. }
  202. /**
  203. * bp_core_illegal_names()
  204. *
  205. * Filter the illegal_names site option and make sure it includes a few
  206. * specific BuddyPress and Multi-site slugs
  207. *
  208. * @param array|string $value Illegal names from field
  209. * @param array|string $oldvalue The value as it is currently
  210. * @return array Merged and unique array of illegal names
  211. */
  212. function bp_core_illegal_names( $value = '', $oldvalue = '' ) {
  213. // Make sure $value is array
  214. if ( empty( $value ) )
  215. $db_illegal_names = array();
  216. if ( is_array( $value ) )
  217. $db_illegal_names = $value;
  218. elseif ( is_string( $value ) )
  219. $db_illegal_names = implode( ' ', $names );
  220. // Add our slugs to the array and allow them to be filtered
  221. $filtered_illegal_names = apply_filters( 'bp_core_illegal_usernames', array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator', BP_GROUPS_SLUG, BP_MEMBERS_SLUG, BP_FORUMS_SLUG, BP_BLOGS_SLUG, BP_ACTIVITY_SLUG, BP_XPROFILE_SLUG, BP_FRIENDS_SLUG, BP_SEARCH_SLUG, BP_SETTINGS_SLUG, BP_REGISTER_SLUG, BP_ACTIVATION_SLUG ) );
  222. // Merge the arrays together
  223. $merged_names = array_merge( (array)$filtered_illegal_names, (array)$db_illegal_names );
  224. // Remove duplicates
  225. $illegal_names = array_unique( (array)$merged_names );
  226. return apply_filters( 'bp_core_illegal_names', $illegal_names );
  227. }
  228. add_filter( 'pre_update_site_option_illegal_names', 'bp_core_illegal_names', 10, 2 );
  229. /**
  230. * bp_core_validate_user_signup()
  231. *
  232. * Validate a user name and email address when creating a new user.
  233. *
  234. * @global object $wpdb DB Layer
  235. * @param string $user_name Username to validate
  236. * @param string $user_email Email address to validate
  237. * @return array Results of user validation including errors, if any
  238. */
  239. function bp_core_validate_user_signup( $user_name, $user_email ) {
  240. global $wpdb;
  241. $errors = new WP_Error();
  242. $user_email = sanitize_email( $user_email );
  243. if ( empty( $user_name ) )
  244. $errors->add( 'user_name', __( 'Please enter a username', 'buddypress' ) );
  245. $maybe = array();
  246. preg_match( "/[a-z0-9]+/", $user_name, $maybe );
  247. // Make sure illegal names include BuddyPress slugs and values
  248. bp_core_flush_illegal_names();
  249. if ( !validate_username( $user_name ) || in_array( $user_name, (array)$illegal_names ) || $user_name != $maybe[0] )
  250. $errors->add( 'user_name', __( 'Only lowercase letters and numbers allowed', 'buddypress' ) );
  251. if( strlen( $user_name ) < 4 )
  252. $errors->add( 'user_name', __( 'Username must be at least 4 characters', 'buddypress' ) );
  253. if ( strpos( ' ' . $user_name, '_' ) != false )
  254. $errors->add( 'user_name', __( 'Sorry, usernames may not contain the character "_"!', 'buddypress' ) );
  255. /* Is the user_name all numeric? */
  256. $match = array();
  257. preg_match( '/[0-9]*/', $user_name, $match );
  258. if ( $match[0] == $user_name )
  259. $errors->add( 'user_name', __( 'Sorry, usernames must have letters too!', 'buddypress' ) );
  260. if ( !is_email( $user_email ) )
  261. $errors->add( 'user_email', __( 'Please check your email address.', 'buddypress' ) );
  262. $limited_email_domains = get_site_option( 'limited_email_domains', 'buddypress' );
  263. if ( is_array( $limited_email_domains ) && empty( $limited_email_domains ) == false ) {
  264. $emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) );
  265. if ( in_array( $emaildomain, (array)$limited_email_domains ) == false )
  266. $errors->add( 'user_email', __( 'Sorry, that email address is not allowed!', 'buddypress' ) );
  267. }
  268. /* Check if the username has been used already. */
  269. if ( username_exists( $user_name ) )
  270. $errors->add( 'user_name', __( 'Sorry, that username already exists!', 'buddypress' ) );
  271. /* Check if the email address has been used already. */
  272. if ( email_exists( $user_email ) )
  273. $errors->add( 'user_email', __( 'Sorry, that email address is already used!', 'buddypress' ) );
  274. $result = array( 'user_name' => $user_name, 'user_email' => $user_email, 'errors' => $errors );
  275. /* Apply WPMU legacy filter */
  276. $result = apply_filters( 'wpmu_validate_user_signup', $result );
  277. return apply_filters( 'bp_core_validate_user_signup', $result );
  278. }
  279. function bp_core_validate_blog_signup( $blog_url, $blog_title ) {
  280. if ( !bp_core_is_multisite() || !function_exists( 'wpmu_validate_blog_signup' ) )
  281. return false;
  282. return apply_filters( 'bp_core_validate_blog_signup', wpmu_validate_blog_signup( $blog_url, $blog_title ) );
  283. }
  284. function bp_core_signup_user( $user_login, $user_password, $user_email, $usermeta ) {
  285. global $bp, $wpdb;
  286. /* Multisite installs have their own install procedure */
  287. if ( bp_core_is_multisite() ) {
  288. wpmu_signup_user( $user_login, $user_email, $usermeta );
  289. } else {
  290. $errors = new WP_Error();
  291. $user_id = wp_insert_user( array(
  292. 'user_login' => $user_login,
  293. 'user_pass' => $user_password,
  294. 'display_name' => sanitize_title( $user_login ),
  295. 'user_email' => $user_email
  296. ) );
  297. if ( !$user_id ) {
  298. $errors->add( 'registerfail', sprintf( __('<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !', 'buddypress' ), get_option( 'admin_email' ) ) );
  299. return $errors;
  300. }
  301. /* Update the user status to '2' which we will use as 'not activated' (0 = active, 1 = spam, 2 = not active) */
  302. $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->users SET user_status = 2 WHERE ID = %d", $user_id ) );
  303. /* Set any profile data */
  304. if ( function_exists( 'xprofile_set_field_data' ) ) {
  305. if ( !empty( $usermeta['profile_field_ids'] ) ) {
  306. $profile_field_ids = explode( ',', $usermeta['profile_field_ids'] );
  307. foreach( (array)$profile_field_ids as $field_id ) {
  308. $current_field = $usermeta["field_{$field_id}"];
  309. if ( !empty( $current_field ) )
  310. xprofile_set_field_data( $field_id, $user_id, $current_field );
  311. }
  312. }
  313. }
  314. }
  315. $bp->signup->username = $user_login;
  316. /***
  317. * Now generate an activation key and send an email to the user so they can activate their account
  318. * and validate their email address. Multisite installs send their own email, so this is only for single blog installs.
  319. *
  320. * To disable sending activation emails you can user the filter 'bp_core_signup_send_activation_key' and return false.
  321. */
  322. if ( apply_filters( 'bp_core_signup_send_activation_key', true ) ) {
  323. if ( !bp_core_is_multisite() ) {
  324. $activation_key = wp_hash( $user_id );
  325. update_usermeta( $user_id, 'activation_key', $activation_key );
  326. bp_core_signup_send_validation_email( $user_id, $user_email, $activation_key );
  327. }
  328. }
  329. do_action( 'bp_core_signup_user', $user_id, $user_login, $user_password, $user_email, $usermeta );
  330. return $user_id;
  331. }
  332. function bp_core_signup_blog( $blog_domain, $blog_path, $blog_title, $user_name, $user_email, $usermeta ) {
  333. if ( !bp_core_is_multisite() || !function_exists( 'wpmu_signup_blog' ) )
  334. return false;
  335. return apply_filters( 'bp_core_signup_blog', wpmu_signup_blog( $blog_domain, $blog_path, $blog_title, $user_name, $user_email, $usermeta ) );
  336. }
  337. function bp_core_activate_signup( $key ) {
  338. global $bp, $wpdb;
  339. $user = false;
  340. /* Multisite installs have their own activation routine */
  341. if ( bp_core_is_multisite() ) {
  342. $user = wpmu_activate_signup( $key );
  343. /* If there was errors, add a message and redirect */
  344. if ( $user->errors ) {
  345. bp_core_add_message( __( 'There was an error activating your account, please try again.', 'buddypress' ), 'error' );
  346. bp_core_redirect( $bp->root_domain . '/' . BP_ACTIVATION_SLUG );
  347. }
  348. $user_id = $user['user_id'];
  349. /* Set any profile data */
  350. if ( function_exists( 'xprofile_set_field_data' ) ) {
  351. if ( !empty( $user['meta']['profile_field_ids'] ) ) {
  352. $profile_field_ids = explode( ',', $user['meta']['profile_field_ids'] );
  353. foreach( (array)$profile_field_ids as $field_id ) {
  354. $current_field = $user['meta']["field_{$field_id}"];
  355. if ( !empty( $current_field ) )
  356. xprofile_set_field_data( $field_id, $user_id, $current_field );
  357. }
  358. }
  359. }
  360. } else {
  361. /* Get the user_id based on the $key */
  362. $user_id = $wpdb->get_var( $wpdb->prepare( "SELECT user_id FROM $wpdb->usermeta WHERE meta_value = %s", $key ) );
  363. if ( empty( $user_id ) )
  364. return new WP_Error( 'invalid_key', __( 'Invalid activation key', 'buddypress' ) );
  365. /* Change the user's status so they become active */
  366. if ( !$wpdb->query( $wpdb->prepare( "UPDATE $wpdb->users SET user_status = 0 WHERE ID = %d", $user_id ) ) )
  367. return new WP_Error( 'invalid_key', __( 'Invalid activation key', 'buddypress' ) );
  368. /* Notify the site admin of a new user registration */
  369. wp_new_user_notification( $user_id );
  370. /* Remove the activation key meta */
  371. delete_usermeta( $user_id, 'activation_key' );
  372. }
  373. /* Update the user_url and display_name */
  374. wp_update_user( array( 'ID' => $user_id, 'user_url' => bp_core_get_user_domain( $user_id, sanitize_title( $user_login ), $user_login ), 'display_name' => bp_core_get_user_displayname( $user_id ) ) );
  375. /* Add a last active entry */
  376. update_usermeta( $user_id, 'last_activity', gmdate( "Y-m-d H:i:s" ) );
  377. /* Set the password on multisite installs */
  378. if ( bp_core_is_multisite() && !empty( $user['meta']['password'] ) )
  379. $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->users SET user_pass = %s WHERE ID = %d", $user['meta']['password'], $user_id ) );
  380. /* Delete the total member cache */
  381. wp_cache_delete( 'bp_total_member_count', 'bp' );
  382. do_action( 'bp_core_activated_user', $user_id, $key, $user );
  383. return $user_id;
  384. }
  385. function bp_core_new_user_activity( $user ) {
  386. if ( empty( $user ) || !function_exists( 'bp_activity_add' ) )
  387. return false;
  388. if ( is_array( $user ) )
  389. $user_id = $user['user_id'];
  390. else
  391. $user_id = $user;
  392. if ( empty( $user_id ) )
  393. return false;
  394. $userlink = bp_core_get_userlink( $user_id );
  395. bp_activity_add( array(
  396. 'user_id' => $user_id,
  397. 'action' => apply_filters( 'bp_core_activity_registered_member_action', sprintf( __( '%s became a registered member', 'buddypress' ), $userlink ), $user_id ),
  398. 'component' => 'profile',
  399. 'type' => 'new_member'
  400. ) );
  401. }
  402. add_action( 'bp_core_activated_user', 'bp_core_new_user_activity' );
  403. function bp_core_map_user_registration( $user_id ) {
  404. /* Only map data when the site admin is adding users, not on registration. */
  405. if ( !is_admin() )
  406. return false;
  407. /* Add a last active entry */
  408. update_usermeta( $user_id, 'last_activity', gmdate( "Y-m-d H:i:s" ) );
  409. /* Add the user's fullname to Xprofile */
  410. if ( function_exists( 'xprofile_set_field_data' ) ) {
  411. $firstname = get_usermeta( $user_id, 'first_name' );
  412. $lastname = ' ' . get_usermeta( $user_id, 'last_name' );
  413. $name = $firstname . $lastname;
  414. if ( empty( $name ) || ' ' == $name )
  415. $name = get_usermeta( $user_id, 'nickname' );
  416. xprofile_set_field_data( 1, $user_id, $name );
  417. }
  418. }
  419. add_action( 'user_register', 'bp_core_map_user_registration' );
  420. function bp_core_signup_avatar_upload_dir() {
  421. global $bp;
  422. if ( !$bp->signup->avatar_dir )
  423. return false;
  424. $path = BP_AVATAR_UPLOAD_PATH . '/avatars/signups/' . $bp->signup->avatar_dir;
  425. $newbdir = $path;
  426. if ( !file_exists( $path ) )
  427. @wp_mkdir_p( $path );
  428. $newurl = BP_AVATAR_URL . '/avatars/signups/' . $bp->signup->avatar_dir;
  429. $newburl = $newurl;
  430. $newsubdir = '/avatars/signups/' . $bp->signup->avatar_dir;
  431. return apply_filters( 'bp_core_signup_avatar_upload_dir', array( 'path' => $path, 'url' => $newurl, 'subdir' => $newsubdir, 'basedir' => $newbdir, 'baseurl' => $newburl, 'error' => false ) );
  432. }
  433. function bp_core_signup_send_validation_email( $user_id, $user_email, $key ) {
  434. $activate_url = bp_get_activation_page() ."?key=$key";
  435. $activate_url = clean_url( $activate_url );
  436. $admin_email = get_site_option( "admin_email" );
  437. if ( empty( $admin_email ) )
  438. $admin_email = 'noreply@' . $_SERVER['SERVER_NAME'];
  439. $from_name = ( '' == get_option( 'blogname' ) ) ? 'BuddyPress' : wp_specialchars( get_option( 'blogname' ) );
  440. $message_headers = "MIME-Version: 1.0\n" . "From: \"{$from_name}\" <{$admin_email}>\n" . "Content-Type: text/plain; charset=\"" . get_option( 'blog_charset' ) . "\"\n";
  441. $message = sprintf( __( "Thanks for registering! To complete the activation of your account please click the following link:\n\n%s\n\n", 'buddypress' ), $activate_url );
  442. $subject = '[' . $from_name . '] ' . __( 'Activate Your Account', 'buddypress' );
  443. /* Send the message */
  444. $to = apply_filters( 'bp_core_activation_signup_user_notification_to', $user_email );
  445. $subject = apply_filters( 'bp_core_activation_signup_user_notification_subject', $subject );
  446. $message = apply_filters( 'bp_core_activation_signup_user_notification_message', $message );
  447. wp_mail( $to, $subject, $message, $message_headers );
  448. }
  449. /* Stop user accounts logging in that have not been activated (user_status = 2) */
  450. function bp_core_signup_disable_inactive( $auth_obj, $username ) {
  451. global $bp, $wpdb;
  452. if ( !$user_id = bp_core_get_userid( $username ) )
  453. return $auth_obj;
  454. $user_status = (int) $wpdb->get_var( $wpdb->prepare( "SELECT user_status FROM $wpdb->users WHERE ID = %d", $user_id ) );
  455. if ( 2 == $user_status )
  456. bp_core_redirect( $bp->root_domain );
  457. else
  458. return $auth_obj;
  459. }
  460. add_filter( 'authenticate', 'bp_core_signup_disable_inactive', 11, 2 );
  461. /* Kill the wp-signup.php if custom registration signup templates are present */
  462. function bp_core_wpsignup_redirect() {
  463. if ( false === strpos( $_SERVER['SCRIPT_NAME'], 'wp-signup.php') && $_GET['action'] != 'register' )
  464. return false;
  465. if ( locate_template( array( 'registration/register.php' ), false ) || locate_template( array( 'register.php' ), false ) )
  466. bp_core_redirect( bp_get_root_domain() . '/' . BP_REGISTER_SLUG . '/' );
  467. }
  468. if ( bp_core_is_multisite() )
  469. add_action( 'wp', 'bp_core_wpsignup_redirect' );
  470. else
  471. add_action( 'init', 'bp_core_wpsignup_redirect' );
  472. ?>