File "user-new.php"
Full Path: /home/ycoalition/public_html/blog/wp-admin/network/user-new.php
File size: 8 KB
MIME-type: text/x-php
Charset: utf-8
<?php
/**
* New User Administration Screen.
*
* @package WordPress
* @subpackage Administration
*/
/** WordPress Administration Bootstrap */
require_once __DIR__ . '/admin.php';
if ( is_multisite() ) {
if ( ! current_user_can( 'create_users' ) && ! current_user_can( 'promote_users' ) ) {
wp_die(
'<h1>' . __( 'You need a higher level of permission.' ) . '</h1>' .
'<p>' . __( 'Sorry, you are not allowed to add users to this network.' ) . '</p>',
403
);
}
} elseif ( ! current_user_can( 'create_users' ) ) {
wp_die(
'<h1>' . __( 'You need a higher level of permission.' ) . '</h1>' .
'<p>' . __( 'Sorry, you are not allowed to create users.' ) . '</p>',
403
);
}
if ( is_multisite() ) {
add_filter( 'wpmu_signup_user_notification_email', 'admin_created_user_email' );
}
if ( isset( $_REQUEST['action'] ) && 'adduser' === $_REQUEST['action'] ) {
check_admin_referer( 'add-user', '_wpnonce_add-user' );
$user_details = null;
$user_email = wp_unslash( $_REQUEST['email'] );
if ( str_contains( $user_email, '@' ) ) {
$user_details = get_user_by( 'email', $user_email );
} else {
if ( current_user_can( 'manage_network_users' ) ) {
$user_details = get_user_by( 'login', $user_email );
} else {
wp_redirect( add_query_arg( array( 'update' => 'enter_email' ), 'user-new.php' ) );
die();
}
}
if ( ! $user_details ) {
wp_redirect( add_query_arg( array( 'update' => 'does_not_exist' ), 'user-new.php' ) );
die();
}
if ( ! current_user_can( 'promote_user', $user_details->ID ) ) {
wp_die(
'<h1>' . __( 'You need a higher level of permission.' ) . '</h1>' .
'<p>' . __( 'Sorry, you are not allowed to add users to this network.' ) . '</p>',
403
);
}
// Adding an existing user to this blog.
$new_user_email = array();
$redirect = 'user-new.php';
$username = $user_details->user_login;
$user_id = $user_details->ID;
if ( array_key_exists( $blog_id, get_blogs_of_user( $user_id ) ) ) {
$redirect = add_query_arg( array( 'update' => 'addexisting' ), 'user-new.php' );
} else {
if ( isset( $_POST['noconfirmation'] ) && current_user_can( 'manage_network_users' ) ) {
$result = add_existing_user_to_blog(
array(
'user_id' => $user_id,
'role' => $_REQUEST['role'],
)
);
if ( ! is_wp_error( $result ) ) {
$redirect = add_query_arg(
array(
'update' => 'addnoconfirmation',
'user_id' => $user_id,
),
'user-new.php'
);
} else {
$redirect = add_query_arg( array( 'update' => 'could_not_add' ), 'user-new.php' );
}
} else {
$newuser_key = wp_generate_password( 20, false );
add_option(
'new_user_' . $newuser_key,
array(
'user_id' => $user_id,
'email' => $user_details->user_email,
'role' => $_REQUEST['role'],
)
);
$roles = get_editable_roles();
$role = $roles[ $_REQUEST['role'] ];
/**
* Fires immediately after an existing user is invited to join the site, but before the notification is sent.
*
* @since 4.4.0
*
* @param int $user_id The invited user's ID.
* @param array $role Array containing role information for the invited user.
* @param string $newuser_key The key of the invitation.
*/
do_action( 'invite_user', $user_id, $role, $newuser_key );
$switched_locale = switch_to_user_locale( $user_id );
if ( '' !== get_option( 'blogname' ) ) {
$site_title = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES );
} else {
$site_title = parse_url( home_url(), PHP_URL_HOST );
}
/* translators: 1: Site title, 2: Site URL, 3: User role, 4: Activation URL. */
$message = __(
'Hi,
You\'ve been invited to join \'%1$s\' at
%2$s with the role of %3$s.
Please click the following link to confirm the invite:
%4$s'
);
$new_user_email['to'] = $user_details->user_email;
$new_user_email['subject'] = sprintf(
/* translators: Joining confirmation notification email subject. %s: Site title. */
__( '[%s] Joining Confirmation' ),
$site_title
);
$new_user_email['message'] = sprintf(
$message,
get_option( 'blogname' ),
home_url(),
wp_specialchars_decode( translate_user_role( $role['name'] ) ),
home_url( "/newbloguser/$newuser_key/" )
);
$new_user_email['headers'] = '';
/**
* Filters the contents of the email sent when an existing user is invited to join the site.
*
* @since 5.6.0
*
* @param array $new_user_email {
* Used to build wp_mail().
*
* @type string $to The email address of the invited user.
* @type string $subject The subject of the email.
* @type string $message The content of the email.
* @type string $headers Headers.
* }
* @param int $user_id The invited user's ID.
* @param array $role Array containing role information for the invited user.
* @param string $newuser_key The key of the invitation.
*
*/
$new_user_email = apply_filters( 'invited_user_email', $new_user_email, $user_id, $role, $newuser_key );
wp_mail(
$new_user_email['to'],
$new_user_email['subject'],
$new_user_email['message'],
$new_user_email['headers']
);
if ( $switched_locale ) {
restore_previous_locale();
}
$redirect = add_query_arg( array( 'update' => 'add' ), 'user-new.php' );
}
}
wp_redirect( $redirect );
die();
} elseif ( isset( $_REQUEST['action'] ) && 'createuser' === $_REQUEST['action'] ) {
check_admin_referer( 'create-user', '_wpnonce_create-user' );
if ( ! current_user_can( 'create_users' ) ) {
wp_die(
'<h1>' . __( 'You need a higher level of permission.' ) . '</h1>' .
'<p>' . __( 'Sorry, you are not allowed to create users.' ) . '</p>',
403
);
}
if ( ! is_multisite() ) {
$user_id = edit_user();
if ( is_wp_error( $user_id ) ) {
$add_user_errors = $user_id;
} else {
if ( current_user_can( 'list_users' ) ) {
$redirect = 'users.php?update=add&id=' . $user_id;
} else {
$redirect = add_query_arg( 'update', 'add', 'user-new.php' );
}
wp_redirect( $redirect );
die();
}
} else {
// Adding a new user to this site.
$new_user_email = wp_unslash( $_REQUEST['email'] );
$user_details = wpmu_validate_user_signup( $_REQUEST['user_login'], $new_user_email );
if ( is_wp_error( $user_details['errors'] ) && $user_details['errors']->has_errors() ) {
$add_user_errors = $user_details['errors'];
} else {
/** This filter is documented in wp-includes/user.php */
$new_user_login = apply_filters( 'pre_user_login', sanitize_user( wp_unslash( $_REQUEST['user_login'] ), true ) );
if ( isset( $_POST['noconfirmation'] ) && current_user_can( 'manage_network_users' ) ) {
add_filter( 'wpmu_signup_user_notification', '__return_false' ); // Disable confirmation email.
add_filter( 'wpmu_welcome_user_notification', '__return_false' ); // Disable welcome email.
}
wpmu_signup_user(
$new_user_login,
$new_user_email,
array(
'add_to_blog' => get_current_blog_id(),
'new_role' => $_REQUEST['role'],
)
);
if ( isset( $_POST['noconfirmation'] ) && current_user_can( 'manage_network_users' ) ) {
$key = $wpdb->get_var( $wpdb->prepare( "SELECT activation_key FROM {$wpdb->signups} WHERE user_login = %s AND user_email = %s", $new_user_login, $new_user_email ) );
$new_user = wpmu_activate_signup( $key );
if ( is_wp_error( $new_user ) ) {
$redirect = add_query_arg( array( 'update' => 'addnoconfirmation' ), 'user-new.php' );
} elseif ( ! is_user_member_of_blog( $new_user['user_id'] ) ) {
$redirect = add_query_arg( array( 'update' => 'created_could_not_add' ), 'user-new.php' );
} else {
$redirect = add_query_arg(
array(
'update' => 'addnoconfirmation',
'user_id' => $new_user['user_id'],
),
'user-new.php'
);
}
} else {
$redirect = add_query_arg( array( 'update' => 'newuserconfirmation' ), 'user-new.php' );
}
wp_redirect( $redirect );
die();
}
}
}
// Used in the HTML title tag.
$title = __( 'Add New User' );
$parent_file