BP_REST_Account_Settings_Options_Endpoint::update_general_fields( WP_REST_Request $request )

Update general fields.

Description

from bp-settings\actions\general.php.

Parameters

$request: (Required) Full details about the request.

Return

(array|bool|void)

Source

File: bp-settings/classes/class-bp-rest-account-settings-options-endpoint.php

public function update_general_fields( $request ) {
    $post_fields = $request->get_param( 'fields' );
 
    // Define local defaults.
    $bp            = buddypress(); // The instance.
    $email_error   = false;
    $pass_error    = false;
    $pass_changed  = false;        // true if the user changes their password .
    $email_changed = false;        // true if the user changes their email.
    $feedback      = array();      // array of strings for feedback.
 
    add_filter( 'bp_displayed_user_id', array( $this, 'bp_rest_get_displayed_user' ), 999 );
 
    // The core userdata of the user who is currently being displayed.
    $bp->displayed_user->userdata = bp_core_get_core_userdata( bp_displayed_user_id() );
 
    // Fetch the full name displayed user.
    $bp->displayed_user->fullname = isset( $bp->displayed_user->userdata->display_name ) ? $bp->displayed_user->userdata->display_name : '';
 
    // The domain for the user currently being displayed.
    $bp->displayed_user->domain = bp_core_get_user_domain( bp_displayed_user_id() );
 
    if (
        ( is_super_admin() )
        || (
            isset( $post_fields['current_password'] )
            && ! empty( $post_fields['current_password'] )
            && wp_check_password(
                $post_fields['current_password'],
                $bp->displayed_user->userdata->user_pass,
                bp_displayed_user_id()
            )
        )
    ) {
 
        $update_user = get_userdata( bp_displayed_user_id() );
 
        /* Email Change Attempt ******************************************/
 
        if ( ! empty( $post_fields['account_email'] ) ) {
 
            // What is missing from the profile page vs signup.
            // let's double check the goodies.
            $user_email     = sanitize_email( esc_html( trim( $post_fields['account_email'] ) ) );
            $old_user_email = $bp->displayed_user->userdata->user_email;
 
            // User is changing email address.
            if ( $old_user_email !== $user_email ) {
 
                // Run some tests on the email address.
                $email_checks = bp_core_validate_email_address( $user_email );
 
                if ( true !== $email_checks ) {
                    if ( isset( $email_checks['invalid'] ) ) {
                        $email_error = 'invalid';
                    }
 
                    if ( isset( $email_checks['domain_banned'] ) || isset( $email_checks['domain_not_allowed'] ) ) {
                        $email_error = 'blocked';
                    }
 
                    if ( isset( $email_checks['in_use'] ) ) {
                        $email_error = 'taken';
                    }
                }
 
                // Store a hash to enable email validation.
                if ( false === $email_error ) {
                    $hash = wp_generate_password( 32, false );
 
                    $pending_email = array(
                        'hash'     => $hash,
                        'newemail' => $user_email,
                    );
 
                    bp_update_user_meta( bp_displayed_user_id(), 'pending_email_change', $pending_email );
                    $verify_link = bp_displayed_user_domain() . bp_get_settings_slug() . '/?verify_email_change=' . $hash;
 
                    // Send the verification email.
                    $args = array(
                        'tokens' => array(
                            'displayname'    => bp_core_get_user_displayname( bp_displayed_user_id() ),
                            'old-user.email' => $old_user_email,
                            'user.email'     => $user_email,
                            'verify.url'     => esc_url( $verify_link ),
                        ),
                    );
                    bp_send_email( 'settings-verify-email-change', bp_displayed_user_id(), $args );
 
                    // We mark that the change has taken place so as to ensure a.
                    // success message, even though verification is still required.
                    $post_fields['account_email'] = $update_user->user_email;
                    $email_changed                = true;
                }
 
                // No change.
            } else {
                $email_error = false;
            }
 
            // Email address cannot be empty.
        } else {
            $email_error = 'empty';
        }
 
        /* Password Change Attempt ***************************************/
        if (
            ! empty( $post_fields['pass1'] )
            && ! empty( $post_fields['pass2'] )
        ) {
 
            if (
                ( $post_fields['pass1'] === $post_fields['pass2'] )
                && ! strpos( ' ' . wp_unslash( $post_fields['pass1'] ), '\\' )
            ) {
 
                // Password change attempt is successful.
                if (
                    ( ! empty( $post_fields['current_password'] ) && $post_fields['current_password'] !== $post_fields['pass1'] )
                    || is_super_admin()
                ) {
                    $update_user->user_pass = $post_fields['pass1'];
                    $pass_changed           = true;
 
                    // The new password is the same as the current password.
                } else {
                    $pass_error = 'same';
                }
 
                // Password change attempt was unsuccessful.
            } else {
                $pass_error = 'mismatch';
            }
 
            // Both password fields were empty.
        } elseif (
            empty( $post_fields['pass1'] )
            && empty( $post_fields['pass2'] )
        ) {
            $pass_error = false;
 
            // One of the password boxes was left empty.
        } elseif (
            ( empty( $post_fields['pass1'] ) && ! empty( $post_fields['pass2'] ) )
            || ( ! empty( $post_fields['pass1'] ) && empty( $post_fields['pass2'] ) )
        ) {
            $pass_error = 'empty';
        }
 
        // The structure of the $update_user object changed in WP 3.3, but wp_update_user() still expects the old format.
        if ( isset( $update_user->data ) && is_object( $update_user->data ) ) {
            $update_user = $update_user->data;
            $update_user = get_object_vars( $update_user );
 
            // Unset the password field to prevent it from emptying out the user's user_pass field in the database.
            // @see wp_update_user().
            if ( false === $pass_changed ) {
                unset( $update_user['user_pass'] );
            }
        }
 
        // Clear cached data, so that the changed settings take effect on the current page load.
        if (
            ( false === $email_error )
            && ( false === $pass_error )
            && ( wp_update_user( $update_user ) )
        ) {
            $bp->displayed_user->userdata = bp_core_get_core_userdata( bp_displayed_user_id() );
        }
 
        // Password Error.
    } else {
        $pass_error = 'invalid';
    }
 
    // Email feedback.
    switch ( $email_error ) {
        case 'invalid':
            $feedback['email_invalid'] = __( 'That email address is invalid. Check the formatting and try again.', 'buddyboss' );
            break;
        case 'blocked':
            $feedback['email_blocked'] = __( 'That email address is currently unavailable for use.', 'buddyboss' );
            break;
        case 'taken':
            $feedback['email_taken'] = __( 'That email address is already taken.', 'buddyboss' );
            break;
        case 'empty':
            $feedback['email_empty'] = __( 'Email address cannot be empty.', 'buddyboss' );
            break;
        case false:
            // No change.
            break;
    }
 
    // Password feedback.
    switch ( $pass_error ) {
        case 'invalid':
            $feedback['pass_error'] = __( 'Your current password is invalid.', 'buddyboss' );
            break;
        case 'mismatch':
            $feedback['pass_mismatch'] = __( 'The new password fields did not match.', 'buddyboss' );
            break;
        case 'empty':
            $feedback['pass_empty'] = __( 'One of the password fields was empty.', 'buddyboss' );
            break;
        case 'same':
            $feedback['pass_same'] = __( 'The new password must be different from the current password.', 'buddyboss' );
            break;
        case false:
            // No change.
            break;
    }
 
    // Some kind of errors occurred.
    if (
        ( ( false === $email_error ) || ( false === $pass_error ) )
        && ( ( true !== $pass_changed ) && ( true !== $email_changed ) )
    ) {
        $feedback['nochange'] = __( 'No changes were made to your account.', 'buddyboss' );
    }
 
    $notice = $this->bp_rest_settings_pending_email_notice();
 
    remove_filter( 'bp_displayed_user_id', array( $this, 'bp_rest_get_displayed_user' ), 999 );
 
    if ( empty( $feedback ) ) {
        return array(
            'error'  => false,
            'notice' => $notice,
        );
    } else {
        return array(
            'error'  => $feedback,
            'notice' => $notice,
        );
    }
 
    return false;
}

Expand full source code Collapse full source code

Uses

Uses
Uses	Description
bp-settings/classes/class-bp-rest-account-settings-options-endpoint.php: BP_REST_Account_Settings_Options_Endpoint::bp_rest_settings_pending_email_notice()	Add the ‘pending email change’ message to the settings page.
bp-settings/bp-settings-template.php: bp_get_settings_slug()	Return the settings component slug.
bp-loader.php: buddypress()	The main function responsible for returning the one true BuddyBoss Instance to functions everywhere.
bp-members/bp-members-functions.php: bp_core_validate_email_address()	Check that an email address is valid for use.
bp-members/bp-members-functions.php: bp_core_get_user_displayname()	Fetch the display name for a user.
bp-members/bp-members-functions.php: bp_core_get_core_userdata()	Fetch everything in the wp_users table for a user, without any usermeta.
bp-members/bp-members-functions.php: bp_core_get_user_domain()	Return the domain for the passed user: e.g. http://example.com/members/andy/.
bp-members/bp-members-template.php: bp_displayed_user_domain()	Generate the link for the displayed user’s profile.
bp-core/bp-core-template.php: bp_displayed_user_id()	Get the ID of the currently displayed user.
bp-core/bp-core-functions.php: bp_send_email()	Send email, similar to WordPress’ wp_mail().
bp-core/bp-core-functions.php: bp_update_user_meta()	Update a piece of usermeta.

Show 6 more uses Hide more uses

Used By
Used By	Description
bp-settings/classes/class-bp-rest-account-settings-options-endpoint.php: BP_REST_Account_Settings_Options_Endpoint::update_item()	Update Account Settings options.

Questions?

We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.

Contents

Description

Parameters

Return

Source

Related

Uses

Questions?