BP_REST_Signup_Endpoint::create_item( WP_REST_Request $request )

Create signup.

Description

Parameters

$request: (Required) Full data about the request.

Return

(WP_REST_Response) | WP_Error

Source

File: bp-members/classes/class-bp-rest-signup-endpoint.php

public function create_item( $request ) {
    $bp = buddypress();
 
    $request->set_param( 'context', 'edit' );
 
    $form_fields = $this->signup_form_items( $request );
    $form_fields = $form_fields->get_data();
    $param       = $request->get_params();
 
    $posted_data = array();
    if ( ! empty( $form_fields ) ) {
        $form_fields = array_column( $form_fields, 'id' );
        $form_fields = array_flip( $form_fields );
        $posted_data = array_intersect_key( $param, $form_fields );
    }
 
    if ( empty( $posted_data ) ) {
        return new WP_Error(
            'bp_rest_signup_cannot_create',
            __( 'Cannot create new signup.', 'buddyboss' ),
            array(
                'status' => 500,
            )
        );
    }
 
    // verification for phpcs.
    wp_verify_nonce( wp_create_nonce( 'rest_signup' ), 'rest_signup' );
 
    $_POST = array();
    $_POST = $posted_data;
 
    $user_name  = (
        function_exists( 'bp_get_signup_username_value' )
        ? bp_get_signup_username_value()
        : (
            isset( $_POST['signup_username'] )
            ? filter_input( INPUT_POST, 'signup_username' )
            : ''
        )
    );
    $user_email = (
        function_exists( 'bp_get_signup_email_value' )
        ? bp_get_signup_email_value()
        : (
            isset( $_POST['signup_email'] )
            ? filter_input( INPUT_POST, 'signup_email' )
            : ''
        )
    );
 
    // Check the base account details for problems.
    $account_details = bp_core_validate_user_signup( $user_name, $user_email );
 
    $email_opt    = function_exists( 'bp_register_confirm_email' ) && true === bp_register_confirm_email() ? true : false;
    $password_opt = function_exists( 'bp_register_confirm_password' ) ? bp_register_confirm_password() : true;
 
    // If there are errors with account details, set them for display.
    if ( ! empty( $account_details['errors']->errors['user_name'] ) ) {
        $bp->signup->errors['signup_username'] = $account_details['errors']->errors['user_name'][0];
    }
 
    if ( ! empty( $account_details['errors']->errors['user_email'] ) ) {
        $bp->signup->errors['signup_email'] = $account_details['errors']->errors['user_email'][0];
    }
 
    // Check that both password fields are filled in.
    if ( isset( $_POST['signup_password'] ) && empty( $_POST['signup_password'] ) ) {
        $bp->signup->errors['signup_password'] = __( 'Please make sure to enter your password.', 'buddyboss' );
    }
 
    // if email opt enabled.
    if ( true === $email_opt ) {
 
        // Check that both password fields are filled in.
        if ( empty( $_POST['signup_email'] ) || empty( $_POST['signup_email_confirm'] ) ) {
            $bp->signup->errors['signup_email'] = __( 'Please make sure to enter your email twice.', 'buddyboss' );
        }
 
        // Check that the passwords match.
        if (
            ( ! empty( $_POST['signup_email'] ) && ! empty( $_POST['signup_email_confirm'] ) )
            && $_POST['signup_email'] !== $_POST['signup_email_confirm']
        ) {
            $bp->signup->errors['signup_email'] = __( 'The emails entered do not match.', 'buddyboss' );
        }
    }
 
    // if password opt enabled.
    if ( true === $password_opt ) {
 
        // Check that both password fields are filled in.
        if ( empty( $_POST['signup_password'] ) || empty( $_POST['signup_password_confirm'] ) ) {
            $bp->signup->errors['signup_password'] = __( 'Please make sure to enter your password twice.', 'buddyboss' );
        }
 
        // Check that the passwords match.
        if (
            ( ! empty( $_POST['signup_password'] ) && ! empty( $_POST['signup_password_confirm'] ) )
            && $_POST['signup_password'] !== $_POST['signup_password_confirm']
        ) {
            $bp->signup->errors['signup_password'] = __( 'The passwords entered do not match.', 'buddyboss' );
        }
    }
 
    $bp->signup->username = $user_name;
    $bp->signup->email    = $user_email;
 
    // Now we've checked account details, we can check profile information.
    if ( bp_is_active( 'xprofile' ) ) {
 
        $xprofile_fields = array_filter(
            $posted_data,
            function ( $v, $k ) {
                return strpos( $k, 'field_' ) === 0;
            },
            ARRAY_FILTER_USE_BOTH
        );
 
        $profile_field_ids = array();
 
        // Make sure hidden field is passed and populated.
        if ( isset( $xprofile_fields ) && ! empty( $xprofile_fields ) ) {
 
            // Loop through the posted fields formatting any datebox values then validate the field.
            foreach ( (array) $xprofile_fields as $field => $value ) {
                $field_id            = str_replace( 'field_', '', $field );
                $profile_field_ids[] = $field_id;
                bp_xprofile_maybe_format_datebox_post_data( $field_id );
 
                // Trim post fields.
                if ( isset( $_POST[ 'field_' . $field_id ] ) ) {
                    if ( is_array( $_POST[ 'field_' . $field_id ] ) ) {
                        $_POST[ 'field_' . $field_id ] = array_map( 'trim', $_POST[ 'field_' . $field_id ] ); // phpcs:ignore
                    } else {
                        $_POST[ 'field_' . $field_id ] = trim( $_POST[ 'field_' . $field_id ] ); // phpcs:ignore
                    }
                }
 
                // Create errors for required fields without values.
                if ( xprofile_check_is_required_field( $field_id ) && empty( $_POST[ 'field_' . $field_id ] ) && ! bp_current_user_can( 'bp_moderate' ) ) {
                    $bp->signup->errors[ 'field_' . $field_id ] = __( 'This is a required field.', 'buddyboss' );
                } else {
                    // Validate xprofile.
                    $message = ( function_exists( 'xprofile_validate_field' ) ? xprofile_validate_field( $field_id, $_POST[ 'field_' . $field_id ], '' ) : '' ); // phpcs:ignore
                    if ( isset( $_POST[ 'field_' . $field_id ] ) && ! empty( $message ) ) {
                        $bp->signup->errors[ 'field_' . $field_id ] = $message;
                    }
                }
            }
        }
    }
 
    // Finally, let's check the blog details, if the user wants a blog and blog creation is enabled.
    if ( isset( $_POST['signup_with_blog'] ) ) {
        $active_signup = bp_core_get_root_option( 'registration' );
 
        if ( 'blog' === $active_signup || 'all' === $active_signup ) {
            $blog_details = bp_core_validate_blog_signup( $_POST['signup_blog_url'], $_POST['signup_blog_title'] ); // phpcs:ignore
 
            // If there are errors with blog details, set them for display.
            if ( ! empty( $blog_details['errors']->errors['blogname'] ) ) {
                $bp->signup->errors['signup_blog_url'] = $blog_details['errors']->errors['blogname'][0];
            }
 
            if ( ! empty( $blog_details['errors']->errors['blog_title'] ) ) {
                $bp->signup->errors['signup_blog_title'] = $blog_details['errors']->errors['blog_title'][0];
            }
        }
    }
 
    if ( ! empty( $bp->signup->errors ) ) {
        if ( function_exists( 'bp_xprofile_nickname_field_id' ) && isset( $bp->signup->errors['signup_username'] ) ) {
            if ( ! isset( $bp->signup->errors[ 'field_' . bp_xprofile_nickname_field_id() ] ) ) {
                $bp->signup->errors[ 'field_' . bp_xprofile_nickname_field_id() ] = $bp->signup->errors['signup_username'];
            }
            unset( $bp->signup->errors['signup_username'] );
        }
 
        return new WP_Error(
            'bp_rest_register_errors',
            $bp->signup->errors,
            array(
                'status' => 200,
            )
        );
    }
 
    // No errors! Let's register those deets.
    $active_signup = bp_core_get_root_option( 'registration' );
 
    if ( 'none' === $active_signup ) {
        return new WP_Error(
            'bp_rest_signup_disabled',
            __( 'Sorry, you are not authorized to perform this action.', 'buddyboss' ),
            array(
                'status' => rest_authorization_required_code(),
            )
        );
    }
 
    // Make sure the profiles fields module is enabled.
    if ( bp_is_active( 'xprofile' ) && isset( $profile_field_ids ) && ! empty( $profile_field_ids ) ) {
 
        /**
         * Loop through the posted fields, formatting any
         * datebox values, then add to usermeta.
         */
        foreach ( (array) $profile_field_ids as $field_id ) {
            bp_xprofile_maybe_format_datebox_post_data( $field_id );
 
            if ( ! empty( $_POST[ 'field_' . $field_id ] ) ) {
                $usermeta[ 'field_' . $field_id ] = $_POST[ 'field_' . $field_id ]; // phpcs:ignore
            }
 
            if ( ! empty( $_POST[ 'field_' . $field_id . '_visibility' ] ) ) {
                $usermeta[ 'field_' . $field_id . '_visibility' ] = $_POST[ 'field_' . $field_id . '_visibility' ]; // phpcs:ignore
            }
        }
 
        // Store the profile field ID's in usermeta.
        $usermeta['profile_field_ids'] = implode( ',', $profile_field_ids );
    }
 
    // Hash and store the password.
    $usermeta['password'] = wp_hash_password( $_POST['signup_password'] ); // phpcs:ignore
 
    // If the user decided to create a blog, save those details to usermeta.
    if ( 'blog' === $active_signup || 'all' === $active_signup ) {
        $usermeta['public'] = (
            (
                isset( $_POST['signup_blog_privacy'] )
                && 'public' === $_POST['signup_blog_privacy']
            )
            ? true
            : false
        );
    }
 
    /**
     * Filters the user meta used for signup.
     *
     * @param array $usermeta Array of user meta to add to signup.
     *
     * @since 0.1.0
     */
    $usermeta = apply_filters( 'bp_signup_usermeta', $usermeta );
 
    // Finally, sign up the user and/or blog.
    if ( isset( $_POST['signup_with_blog'] ) && is_multisite() ) {
        $wp_user_id = bp_core_signup_blog(
            $blog_details['domain'],
            $blog_details['path'],
            $blog_details['blog_title'],
            $user_name,
            $user_email,
            $usermeta
        );
    } else {
        $wp_user_id = bp_core_signup_user(
            $user_name,
            filter_input( INPUT_POST, 'signup_password' ),
            $user_email,
            $usermeta
        );
    }
 
    if ( is_wp_error( $wp_user_id ) ) {
        return new WP_Error(
            'bp_rest_signup_cannot_create',
            $wp_user_id->get_error_message(),
            array(
                'status' => 500,
            )
        );
    }
 
    $signup        = $this->get_signup_object( $user_name );
    $signup_update = $this->update_additional_fields_for_object( $signup, $request );
 
    if ( is_wp_error( $signup_update ) ) {
        return new WP_Error(
            'bp_rest_rest_errors',
            __( 'Sorry, you are not authorized to perform this action.', 'buddyboss' ),
            array(
                'status' => rest_authorization_required_code(),
            )
        );
    }
 
    $retval            = array();
    $retval['success'] = true;
    $retval['message'] = __( 'Before you can login, you need to confirm your email address via the email we just sent to you.', 'buddyboss' );
    $retval['data']    = array();
 
    $retval['data'] = $this->prepare_response_for_collection(
        $this->prepare_item_for_response( $signup, $request )
    );
 
    $response = rest_ensure_response( $retval );
 
    /**
     * Fires after a signup item is created via the REST API.
     *
     * @param BP_Signup        $signup   The created signup.
     * @param WP_REST_Response $response The response data.
     * @param WP_REST_Request  $request  The request sent to the API.
     *
     * @since 0.1.0
     */
    do_action( 'bp_rest_signup_create_item', $signup, $response, $request );
 
    return $response;
}

Expand full source code Collapse full source code

Changelog

Changelog
Version	Description
0.1.0	Introduced.

Uses

Uses
Uses	Description
bp-members/classes/class-bp-rest-signup-endpoint.php: BP_REST_Signup_Endpoint::signup_form_items()	Retrieve Signup Form Fields.
bp-members/classes/class-bp-rest-signup-endpoint.php: BP_REST_Signup_Endpoint::get_signup_object()	Get signup object.
bp-members/classes/class-bp-rest-signup-endpoint.php: BP_REST_Signup_Endpoint::prepare_item_for_response()	Prepares signup to return as an object.
bp-members/classes/class-bp-rest-signup-endpoint.php: bp_rest_signup_create_item	Fires after a signup item is created via the REST API.
bp-core/bp-core-options.php: bp_register_confirm_email()	Display email confirmation field in registrations.
bp-core/bp-core-options.php: bp_register_confirm_password()	Display password confirmation field in registrations.
bp-loader.php: buddypress()	The main function responsible for returning the one true BuddyBoss Instance to functions everywhere.
bp-xprofile/bp-xprofile-functions.php: bp_xprofile_maybe_format_datebox_post_data()	Formats datebox field values passed through a POST request.
bp-xprofile/bp-xprofile-functions.php: bp_xprofile_nickname_field_id()	Get the field id of the nick name field, fallback to default fullname field
bp-xprofile/bp-xprofile-functions.php: xprofile_check_is_required_field()	Check if field is a required field.
bp-xprofile/bp-xprofile-functions.php: xprofile_validate_field()	Validate profile field.
bp-members/bp-members-functions.php: bp_core_validate_user_signup()	Validate a user name and email address when creating a new user.
bp-members/bp-members-functions.php: bp_core_validate_blog_signup()	Validate blog URL and title provided at signup.
bp-members/bp-members-functions.php: bp_core_signup_blog()	Create a blog and user based on data supplied at user registration.
bp-members/bp-members-functions.php: bp_core_signup_user()	Process data submitted at user registration and convert to a signup object.
bp-members/screens/register.php: bp_signup_usermeta	Filters the user meta used for signup.
bp-members/bp-members-template.php: bp_get_signup_email_value()	Get the email address submitted during signup.
bp-members/bp-members-template.php: bp_get_signup_username_value()	Get the username submitted during signup.
bp-core/bp-core-template.php: bp_is_active()	Check whether a given component (or feature of a component) is active.
bp-core/bp-core-caps.php: bp_current_user_can()	Check whether the current user has a given capability.
bp-core/bp-core-options.php: bp_core_get_root_option()	Get a root option.

Show 16 more uses Hide more uses

Questions?

We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.

Contents

Description

Parameters

Return

Source

Changelog

Related

Uses

Questions?