BP_REST_Signup_Endpoint::create_item( WP_REST_Request $request )
Create signup.
Description
Parameters
- $request
-
(Required) Full data about the request.
Return
(WP_REST_Response) | WP_Error
Source
File: bp-members/classes/class-bp-rest-signup-endpoint.php
public function create_item( $request ) {
$bp = buddypress();
$request->set_param( 'context', 'edit' );
$form_fields = $this->signup_form_items( $request );
$form_fields = $form_fields->get_data();
$param = $request->get_params();
$posted_data = array();
if ( ! empty( $form_fields ) ) {
$form_fields = array_column( $form_fields, 'id' );
$form_fields = array_flip( $form_fields );
$posted_data = array_intersect_key( $param, $form_fields );
}
if ( empty( $posted_data ) ) {
return new WP_Error(
'bp_rest_signup_cannot_create',
__( 'Cannot create new signup.', 'buddyboss' ),
array(
'status' => 500,
)
);
}
// verification for phpcs.
wp_verify_nonce( wp_create_nonce( 'rest_signup' ), 'rest_signup' );
$_POST = array();
$_POST = $posted_data;
$user_name = (
function_exists( 'bp_get_signup_username_value' )
? bp_get_signup_username_value()
: (
isset( $_POST['signup_username'] )
? filter_input( INPUT_POST, 'signup_username' )
: ''
)
);
$user_email = (
function_exists( 'bp_get_signup_email_value' )
? bp_get_signup_email_value()
: (
isset( $_POST['signup_email'] )
? filter_input( INPUT_POST, 'signup_email' )
: ''
)
);
// Check the base account details for problems.
$account_details = bp_core_validate_user_signup( $user_name, $user_email );
$email_opt = function_exists( 'bp_register_confirm_email' ) && true === bp_register_confirm_email() ? true : false;
$password_opt = function_exists( 'bp_register_confirm_password' ) ? bp_register_confirm_password() : true;
// If there are errors with account details, set them for display.
if ( ! empty( $account_details['errors']->errors['user_name'] ) ) {
$bp->signup->errors['signup_username'] = $account_details['errors']->errors['user_name'][0];
}
if ( ! empty( $account_details['errors']->errors['user_email'] ) ) {
$bp->signup->errors['signup_email'] = $account_details['errors']->errors['user_email'][0];
}
// Check that both password fields are filled in.
if ( isset( $_POST['signup_password'] ) && empty( $_POST['signup_password'] ) ) {
$bp->signup->errors['signup_password'] = __( 'Please make sure to enter your password.', 'buddyboss' );
}
// if email opt enabled.
if ( true === $email_opt ) {
// Check that both password fields are filled in.
if ( empty( $_POST['signup_email'] ) || empty( $_POST['signup_email_confirm'] ) ) {
$bp->signup->errors['signup_email'] = __( 'Please make sure to enter your email twice.', 'buddyboss' );
}
// Check that the passwords match.
if (
( ! empty( $_POST['signup_email'] ) && ! empty( $_POST['signup_email_confirm'] ) )
&& $_POST['signup_email'] !== $_POST['signup_email_confirm']
) {
$bp->signup->errors['signup_email'] = __( 'The emails entered do not match.', 'buddyboss' );
}
}
// if password opt enabled.
if ( true === $password_opt ) {
// Check that both password fields are filled in.
if ( empty( $_POST['signup_password'] ) || empty( $_POST['signup_password_confirm'] ) ) {
$bp->signup->errors['signup_password'] = __( 'Please make sure to enter your password twice.', 'buddyboss' );
}
// Check that the passwords match.
if (
( ! empty( $_POST['signup_password'] ) && ! empty( $_POST['signup_password_confirm'] ) )
&& $_POST['signup_password'] !== $_POST['signup_password_confirm']
) {
$bp->signup->errors['signup_password'] = __( 'The passwords entered do not match.', 'buddyboss' );
}
}
$bp->signup->username = $user_name;
$bp->signup->email = $user_email;
// Now we've checked account details, we can check profile information.
if ( bp_is_active( 'xprofile' ) ) {
$xprofile_fields = array_filter(
$posted_data,
function ( $v, $k ) {
return strpos( $k, 'field_' ) === 0;
},
ARRAY_FILTER_USE_BOTH
);
$profile_field_ids = array();
// Make sure hidden field is passed and populated.
if ( isset( $xprofile_fields ) && ! empty( $xprofile_fields ) ) {
// Loop through the posted fields formatting any datebox values then validate the field.
foreach ( (array) $xprofile_fields as $field => $value ) {
$field_id = str_replace( 'field_', '', $field );
$profile_field_ids[] = $field_id;
bp_xprofile_maybe_format_datebox_post_data( $field_id );
// Trim post fields.
if ( isset( $_POST[ 'field_' . $field_id ] ) ) {
if ( is_array( $_POST[ 'field_' . $field_id ] ) ) {
$_POST[ 'field_' . $field_id ] = array_map( 'trim', $_POST[ 'field_' . $field_id ] ); // phpcs:ignore
} else {
$_POST[ 'field_' . $field_id ] = trim( $_POST[ 'field_' . $field_id ] ); // phpcs:ignore
}
}
// Create errors for required fields without values.
if ( xprofile_check_is_required_field( $field_id ) && empty( $_POST[ 'field_' . $field_id ] ) && ! bp_current_user_can( 'bp_moderate' ) ) {
$bp->signup->errors[ 'field_' . $field_id ] = __( 'This is a required field.', 'buddyboss' );
} else {
// Validate xprofile.
$message = ( function_exists( 'xprofile_validate_field' ) ? xprofile_validate_field( $field_id, $_POST[ 'field_' . $field_id ], '' ) : '' ); // phpcs:ignore
if ( isset( $_POST[ 'field_' . $field_id ] ) && ! empty( $message ) ) {
$bp->signup->errors[ 'field_' . $field_id ] = $message;
}
}
}
}
}
// Finally, let's check the blog details, if the user wants a blog and blog creation is enabled.
if ( isset( $_POST['signup_with_blog'] ) ) {
$active_signup = bp_core_get_root_option( 'registration' );
if ( 'blog' === $active_signup || 'all' === $active_signup ) {
$blog_details = bp_core_validate_blog_signup( $_POST['signup_blog_url'], $_POST['signup_blog_title'] ); // phpcs:ignore
// If there are errors with blog details, set them for display.
if ( ! empty( $blog_details['errors']->errors['blogname'] ) ) {
$bp->signup->errors['signup_blog_url'] = $blog_details['errors']->errors['blogname'][0];
}
if ( ! empty( $blog_details['errors']->errors['blog_title'] ) ) {
$bp->signup->errors['signup_blog_title'] = $blog_details['errors']->errors['blog_title'][0];
}
}
}
if ( ! empty( $bp->signup->errors ) ) {
if ( function_exists( 'bp_xprofile_nickname_field_id' ) && isset( $bp->signup->errors['signup_username'] ) ) {
if ( ! isset( $bp->signup->errors[ 'field_' . bp_xprofile_nickname_field_id() ] ) ) {
$bp->signup->errors[ 'field_' . bp_xprofile_nickname_field_id() ] = $bp->signup->errors['signup_username'];
}
unset( $bp->signup->errors['signup_username'] );
}
return new WP_Error(
'bp_rest_register_errors',
$bp->signup->errors,
array(
'status' => 200,
)
);
}
// No errors! Let's register those deets.
$active_signup = bp_core_get_root_option( 'registration' );
if ( 'none' === $active_signup ) {
return new WP_Error(
'bp_rest_signup_disabled',
__( 'Sorry, you are not authorized to perform this action.', 'buddyboss' ),
array(
'status' => rest_authorization_required_code(),
)
);
}
// Make sure the profiles fields module is enabled.
if ( bp_is_active( 'xprofile' ) && isset( $profile_field_ids ) && ! empty( $profile_field_ids ) ) {
/**
* Loop through the posted fields, formatting any
* datebox values, then add to usermeta.
*/
foreach ( (array) $profile_field_ids as $field_id ) {
bp_xprofile_maybe_format_datebox_post_data( $field_id );
if ( ! empty( $_POST[ 'field_' . $field_id ] ) ) {
$usermeta[ 'field_' . $field_id ] = $_POST[ 'field_' . $field_id ]; // phpcs:ignore
}
if ( ! empty( $_POST[ 'field_' . $field_id . '_visibility' ] ) ) {
$usermeta[ 'field_' . $field_id . '_visibility' ] = $_POST[ 'field_' . $field_id . '_visibility' ]; // phpcs:ignore
}
}
// Store the profile field ID's in usermeta.
$usermeta['profile_field_ids'] = implode( ',', $profile_field_ids );
}
// Hash and store the password.
$usermeta['password'] = wp_hash_password( $_POST['signup_password'] ); // phpcs:ignore
// If the user decided to create a blog, save those details to usermeta.
if ( 'blog' === $active_signup || 'all' === $active_signup ) {
$usermeta['public'] = (
(
isset( $_POST['signup_blog_privacy'] )
&& 'public' === $_POST['signup_blog_privacy']
)
? true
: false
);
}
/**
* Filters the user meta used for signup.
*
* @param array $usermeta Array of user meta to add to signup.
*
* @since 0.1.0
*/
$usermeta = apply_filters( 'bp_signup_usermeta', $usermeta );
// Finally, sign up the user and/or blog.
if ( isset( $_POST['signup_with_blog'] ) && is_multisite() ) {
$wp_user_id = bp_core_signup_blog(
$blog_details['domain'],
$blog_details['path'],
$blog_details['blog_title'],
$user_name,
$user_email,
$usermeta
);
} else {
$wp_user_id = bp_core_signup_user(
$user_name,
filter_input( INPUT_POST, 'signup_password' ),
$user_email,
$usermeta
);
}
if ( is_wp_error( $wp_user_id ) ) {
return new WP_Error(
'bp_rest_signup_cannot_create',
$wp_user_id->get_error_message(),
array(
'status' => 500,
)
);
}
$signup = $this->get_signup_object( $user_name );
$signup_update = $this->update_additional_fields_for_object( $signup, $request );
if ( is_wp_error( $signup_update ) ) {
return new WP_Error(
'bp_rest_rest_errors',
__( 'Sorry, you are not authorized to perform this action.', 'buddyboss' ),
array(
'status' => rest_authorization_required_code(),
)
);
}
$retval = array();
$retval['success'] = true;
$retval['message'] = __( 'Before you can login, you need to confirm your email address via the email we just sent to you.', 'buddyboss' );
$retval['data'] = array();
$retval['data'] = $this->prepare_response_for_collection(
$this->prepare_item_for_response( $signup, $request )
);
$response = rest_ensure_response( $retval );
/**
* Fires after a signup item is created via the REST API.
*
* @param BP_Signup $signup The created signup.
* @param WP_REST_Response $response The response data.
* @param WP_REST_Request $request The request sent to the API.
*
* @since 0.1.0
*/
do_action( 'bp_rest_signup_create_item', $signup, $response, $request );
return $response;
}
Changelog
| Version | Description |
|---|---|
| 0.1.0 | Introduced. |
Questions?
We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.