BP_REST_Account_Settings_Options_Endpoint::update_general_fields( WP_REST_Request $request )

	public function update_general_fields( $request ) {
		$post_fields = $request->get_param( 'fields' );

		// Define local defaults.
		$bp            = buddypress(); // The instance.
		$email_error   = false;
		$pass_error    = false;
		$pass_changed  = false;        // true if the user changes their password .
		$email_changed = false;        // true if the user changes their email.
		$feedback      = array();      // array of strings for feedback.

		add_filter( 'bp_displayed_user_id', array( $this, 'bp_rest_get_displayed_user' ), 999 );

		// The core userdata of the user who is currently being displayed.
		$bp->displayed_user->userdata = bp_core_get_core_userdata( bp_displayed_user_id() );

		// Fetch the full name displayed user.
		$bp->displayed_user->fullname = isset( $bp->displayed_user->userdata->display_name ) ? $bp->displayed_user->userdata->display_name : '';

		// The domain for the user currently being displayed.
		$bp->displayed_user->domain = bp_core_get_user_domain( bp_displayed_user_id() );

		if (
			( is_super_admin() )
			|| (
				isset( $post_fields['current_password'] )
				&& ! empty( $post_fields['current_password'] )
				&& wp_check_password(
					$post_fields['current_password'],
					$bp->displayed_user->userdata->user_pass,
					bp_displayed_user_id()
				)
			)
		) {

			$update_user = get_userdata( bp_displayed_user_id() );

			/* Email Change Attempt ******************************************/

			if ( ! empty( $post_fields['account_email'] ) ) {

				// What is missing from the profile page vs signup.
				// let's double check the goodies.
				$user_email     = sanitize_email( esc_html( trim( $post_fields['account_email'] ) ) );
				$old_user_email = $bp->displayed_user->userdata->user_email;

				// User is changing email address.
				if ( $old_user_email !== $user_email ) {

					// Run some tests on the email address.
					$email_checks = bp_core_validate_email_address( $user_email );

					if ( true !== $email_checks ) {
						if ( isset( $email_checks['invalid'] ) ) {
							$email_error = 'invalid';
						}

						if ( isset( $email_checks['domain_banned'] ) || isset( $email_checks['domain_not_allowed'] ) ) {
							$email_error = 'blocked';
						}

						if ( isset( $email_checks['in_use'] ) ) {
							$email_error = 'taken';
						}
					}

					// Store a hash to enable email validation.
					if ( false === $email_error ) {
						$hash = wp_generate_password( 32, false );

						$pending_email = array(
							'hash'     => $hash,
							'newemail' => $user_email,
						);

						bp_update_user_meta( bp_displayed_user_id(), 'pending_email_change', $pending_email );
						$verify_link = bp_displayed_user_domain() . bp_get_settings_slug() . '/?verify_email_change=' . $hash;

						// Send the verification email.
						$args = array(
							'tokens' => array(
								'displayname'    => bp_core_get_user_displayname( bp_displayed_user_id() ),
								'old-user.email' => $old_user_email,
								'user.email'     => $user_email,
								'verify.url'     => esc_url( $verify_link ),
							),
						);
						bp_send_email( 'settings-verify-email-change', bp_displayed_user_id(), $args );

						// We mark that the change has taken place so as to ensure a.
						// success message, even though verification is still required.
						$post_fields['account_email'] = $update_user->user_email;
						$email_changed                = true;
					}

					// No change.
				} else {
					$email_error = false;
				}

				// Email address cannot be empty.
			} else {
				$email_error = 'empty';
			}

			/* Password Change Attempt ***************************************/
			if (
				! empty( $post_fields['pass1'] )
				&& ! empty( $post_fields['pass2'] )
			) {

				if (
					( $post_fields['pass1'] === $post_fields['pass2'] )
					&& ! strpos( ' ' . wp_unslash( $post_fields['pass1'] ), '\\' )
				) {

					// Password change attempt is successful.
					if (
						( ! empty( $post_fields['current_password'] ) && $post_fields['current_password'] !== $post_fields['pass1'] )
						|| is_super_admin()
					) {
						$update_user->user_pass = $post_fields['pass1'];
						$pass_changed           = true;

						// The new password is the same as the current password.
					} else {
						$pass_error = 'same';
					}

					// Password change attempt was unsuccessful.
				} else {
					$pass_error = 'mismatch';
				}

				// Both password fields were empty.
			} elseif (
				empty( $post_fields['pass1'] )
				&& empty( $post_fields['pass2'] )
			) {
				$pass_error = false;

				// One of the password boxes was left empty.
			} elseif (
				( empty( $post_fields['pass1'] ) && ! empty( $post_fields['pass2'] ) )
				|| ( ! empty( $post_fields['pass1'] ) && empty( $post_fields['pass2'] ) )
			) {
				$pass_error = 'empty';
			}

			// The structure of the $update_user object changed in WP 3.3, but wp_update_user() still expects the old format.
			if ( isset( $update_user->data ) && is_object( $update_user->data ) ) {
				$update_user = $update_user->data;
				$update_user = get_object_vars( $update_user );

				// Unset the password field to prevent it from emptying out the user's user_pass field in the database.
				// @see wp_update_user().
				if ( false === $pass_changed ) {
					unset( $update_user['user_pass'] );
				}
			}

			// Clear cached data, so that the changed settings take effect on the current page load.
			if (
				( false === $email_error )
				&& ( false === $pass_error )
				&& ( wp_update_user( $update_user ) )
			) {
				$bp->displayed_user->userdata = bp_core_get_core_userdata( bp_displayed_user_id() );
			}

			// Password Error.
		} else {
			$pass_error = 'invalid';
		}

		// Email feedback.
		switch ( $email_error ) {
			case 'invalid':
				$feedback['email_invalid'] = __( 'That email address is invalid. Check the formatting and try again.', 'buddyboss' );
				break;
			case 'blocked':
				$feedback['email_blocked'] = __( 'That email address is currently unavailable for use.', 'buddyboss' );
				break;
			case 'taken':
				$feedback['email_taken'] = __( 'That email address is already taken.', 'buddyboss' );
				break;
			case 'empty':
				$feedback['email_empty'] = __( 'Email address cannot be empty.', 'buddyboss' );
				break;
			case false:
				// No change.
				break;
		}

		// Password feedback.
		switch ( $pass_error ) {
			case 'invalid':
				$feedback['pass_error'] = __( 'Your current password is invalid.', 'buddyboss' );
				break;
			case 'mismatch':
				$feedback['pass_mismatch'] = __( 'The new password fields did not match.', 'buddyboss' );
				break;
			case 'empty':
				$feedback['pass_empty'] = __( 'One of the password fields was empty.', 'buddyboss' );
				break;
			case 'same':
				$feedback['pass_same'] = __( 'The new password must be different from the current password.', 'buddyboss' );
				break;
			case false:
				// No change.
				break;
		}

		// Some kind of errors occurred.
		if (
			( ( false === $email_error ) || ( false === $pass_error ) )
			&& ( ( true !== $pass_changed ) && ( true !== $email_changed ) )
		) {
			$feedback['nochange'] = __( 'No changes were made to your account.', 'buddyboss' );
		}

		$notice = $this->bp_rest_settings_pending_email_notice();

		remove_filter( 'bp_displayed_user_id', array( $this, 'bp_rest_get_displayed_user' ), 999 );

		if ( empty( $feedback ) ) {
			return array(
				'error'  => false,
				'notice' => $notice,
			);
		} else {
			return array(
				'error'  => $feedback,
				'notice' => $notice,
			);
		}

		return false;
	}