--- a/wp/wp-admin/includes/user.php Mon Oct 14 18:06:33 2019 +0200
+++ b/wp/wp-admin/includes/user.php Mon Oct 14 18:28:13 2019 +0200
@@ -25,77 +25,98 @@
* @since 2.0.0
*
* @param int $user_id Optional. User ID.
- * @return int|WP_Error user id of the updated user
+ * @return int|WP_Error user id of the updated user.
*/
function edit_user( $user_id = 0 ) {
$wp_roles = wp_roles();
- $user = new stdClass;
+ $user = new stdClass;
+ $user_id = (int) $user_id;
if ( $user_id ) {
- $update = true;
- $user->ID = (int) $user_id;
- $userdata = get_userdata( $user_id );
+ $update = true;
+ $user->ID = $user_id;
+ $userdata = get_userdata( $user_id );
$user->user_login = wp_slash( $userdata->user_login );
} else {
$update = false;
}
- if ( !$update && isset( $_POST['user_login'] ) )
- $user->user_login = sanitize_user($_POST['user_login'], true);
+ if ( ! $update && isset( $_POST['user_login'] ) ) {
+ $user->user_login = sanitize_user( $_POST['user_login'], true );
+ }
$pass1 = $pass2 = '';
- if ( isset( $_POST['pass1'] ) )
+ if ( isset( $_POST['pass1'] ) ) {
$pass1 = $_POST['pass1'];
- if ( isset( $_POST['pass2'] ) )
+ }
+ if ( isset( $_POST['pass2'] ) ) {
$pass2 = $_POST['pass2'];
-
- if ( isset( $_POST['role'] ) && current_user_can( 'edit_users' ) ) {
- $new_role = sanitize_text_field( $_POST['role'] );
- $potential_role = isset($wp_roles->role_objects[$new_role]) ? $wp_roles->role_objects[$new_role] : false;
- // Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
- // Multisite super admins can freely edit their blog roles -- they possess all caps.
- if ( ( is_multisite() && current_user_can( 'manage_sites' ) ) || $user_id != get_current_user_id() || ($potential_role && $potential_role->has_cap( 'edit_users' ) ) )
- $user->role = $new_role;
-
- // If the new role isn't editable by the logged-in user die with error
- $editable_roles = get_editable_roles();
- if ( ! empty( $new_role ) && empty( $editable_roles[$new_role] ) )
- wp_die( __( 'Sorry, you are not allowed to give users that role.' ), 403 );
}
- if ( isset( $_POST['email'] ))
+ if ( isset( $_POST['role'] ) && current_user_can( 'promote_users' ) && ( ! $user_id || current_user_can( 'promote_user', $user_id ) ) ) {
+ $new_role = sanitize_text_field( $_POST['role'] );
+
+ // If the new role isn't editable by the logged-in user die with error.
+ $editable_roles = get_editable_roles();
+ if ( ! empty( $new_role ) && empty( $editable_roles[ $new_role ] ) ) {
+ wp_die( __( 'Sorry, you are not allowed to give users that role.' ), 403 );
+ }
+
+ $potential_role = isset( $wp_roles->role_objects[ $new_role ] ) ? $wp_roles->role_objects[ $new_role ] : false;
+
+ /*
+ * Don't let anyone with 'promote_users' edit their own role to something without it.
+ * Multisite super admins can freely edit their roles, they possess all caps.
+ */
+ if (
+ ( is_multisite() && current_user_can( 'manage_network_users' ) ) ||
+ $user_id !== get_current_user_id() ||
+ ( $potential_role && $potential_role->has_cap( 'promote_users' ) )
+ ) {
+ $user->role = $new_role;
+ }
+ }
+
+ if ( isset( $_POST['email'] ) ) {
$user->user_email = sanitize_text_field( wp_unslash( $_POST['email'] ) );
+ }
if ( isset( $_POST['url'] ) ) {
- if ( empty ( $_POST['url'] ) || $_POST['url'] == 'http://' ) {
+ if ( empty( $_POST['url'] ) || $_POST['url'] == 'http://' ) {
$user->user_url = '';
} else {
$user->user_url = esc_url_raw( $_POST['url'] );
- $protocols = implode( '|', array_map( 'preg_quote', wp_allowed_protocols() ) );
- $user->user_url = preg_match('/^(' . $protocols . '):/is', $user->user_url) ? $user->user_url : 'http://'.$user->user_url;
+ $protocols = implode( '|', array_map( 'preg_quote', wp_allowed_protocols() ) );
+ $user->user_url = preg_match( '/^(' . $protocols . '):/is', $user->user_url ) ? $user->user_url : 'http://' . $user->user_url;
}
}
- if ( isset( $_POST['first_name'] ) )
+ if ( isset( $_POST['first_name'] ) ) {
$user->first_name = sanitize_text_field( $_POST['first_name'] );
- if ( isset( $_POST['last_name'] ) )
+ }
+ if ( isset( $_POST['last_name'] ) ) {
$user->last_name = sanitize_text_field( $_POST['last_name'] );
- if ( isset( $_POST['nickname'] ) )
+ }
+ if ( isset( $_POST['nickname'] ) ) {
$user->nickname = sanitize_text_field( $_POST['nickname'] );
- if ( isset( $_POST['display_name'] ) )
+ }
+ if ( isset( $_POST['display_name'] ) ) {
$user->display_name = sanitize_text_field( $_POST['display_name'] );
+ }
- if ( isset( $_POST['description'] ) )
+ if ( isset( $_POST['description'] ) ) {
$user->description = trim( $_POST['description'] );
+ }
foreach ( wp_get_user_contact_methods( $user ) as $method => $name ) {
- if ( isset( $_POST[$method] ))
- $user->$method = sanitize_text_field( $_POST[$method] );
+ if ( isset( $_POST[ $method ] ) ) {
+ $user->$method = sanitize_text_field( $_POST[ $method ] );
+ }
}
if ( $update ) {
- $user->rich_editing = isset( $_POST['rich_editing'] ) && 'false' === $_POST['rich_editing'] ? 'false' : 'true';
- $user->syntax_highlighting = isset( $_POST['syntax_highlighting'] ) && 'false' === $_POST['syntax_highlighting'] ? 'false' : 'true';
- $user->admin_color = isset( $_POST['admin_color'] ) ? sanitize_text_field( $_POST['admin_color'] ) : 'fresh';
+ $user->rich_editing = isset( $_POST['rich_editing'] ) && 'false' === $_POST['rich_editing'] ? 'false' : 'true';
+ $user->syntax_highlighting = isset( $_POST['syntax_highlighting'] ) && 'false' === $_POST['syntax_highlighting'] ? 'false' : 'true';
+ $user->admin_color = isset( $_POST['admin_color'] ) ? sanitize_text_field( $_POST['admin_color'] ) : 'fresh';
$user->show_admin_bar_front = isset( $_POST['admin_bar_front'] ) ? 'true' : 'false';
- $user->locale = '';
+ $user->locale = '';
if ( isset( $_POST['locale'] ) ) {
$locale = sanitize_text_field( $_POST['locale'] );
@@ -114,14 +135,16 @@
$user->comment_shortcuts = isset( $_POST['comment_shortcuts'] ) && 'true' == $_POST['comment_shortcuts'] ? 'true' : '';
$user->use_ssl = 0;
- if ( !empty($_POST['use_ssl']) )
+ if ( ! empty( $_POST['use_ssl'] ) ) {
$user->use_ssl = 1;
+ }
$errors = new WP_Error();
/* checking that username has been typed */
- if ( $user->user_login == '' )
+ if ( $user->user_login == '' ) {
$errors->add( 'user_login', __( '<strong>ERROR</strong>: Please enter a username.' ) );
+ }
/* checking that nickname has been typed */
if ( $update && empty( $user->nickname ) ) {
@@ -145,7 +168,7 @@
}
// Check for "\" in password.
- if ( false !== strpos( wp_unslash( $pass1 ), "\\" ) ) {
+ if ( false !== strpos( wp_unslash( $pass1 ), '\\' ) ) {
$errors->add( 'pass', __( '<strong>ERROR</strong>: Passwords may not contain the character "\\".' ), array( 'form-field' => 'pass1' ) );
}
@@ -154,14 +177,17 @@
$errors->add( 'pass', __( '<strong>ERROR</strong>: Please enter the same password in both password fields.' ), array( 'form-field' => 'pass1' ) );
}
- if ( !empty( $pass1 ) )
+ if ( ! empty( $pass1 ) ) {
$user->user_pass = $pass1;
+ }
- if ( !$update && isset( $_POST['user_login'] ) && !validate_username( $_POST['user_login'] ) )
- $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ));
+ if ( ! $update && isset( $_POST['user_login'] ) && ! validate_username( $_POST['user_login'] ) ) {
+ $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ) );
+ }
- if ( !$update && username_exists( $user->user_login ) )
- $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' ));
+ if ( ! $update && username_exists( $user->user_login ) ) {
+ $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' ) );
+ }
/** This filter is documented in wp-includes/user.php */
$illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );
@@ -173,10 +199,10 @@
/* checking email address */
if ( empty( $user->user_email ) ) {
$errors->add( 'empty_email', __( '<strong>ERROR</strong>: Please enter an email address.' ), array( 'form-field' => 'email' ) );
- } elseif ( !is_email( $user->user_email ) ) {
+ } elseif ( ! is_email( $user->user_email ) ) {
$errors->add( 'invalid_email', __( '<strong>ERROR</strong>: The email address isn’t correct.' ), array( 'form-field' => 'email' ) );
- } elseif ( ( $owner_id = email_exists($user->user_email) ) && ( !$update || ( $owner_id != $user->ID ) ) ) {
- $errors->add( 'email_exists', __('<strong>ERROR</strong>: This email is already registered, please choose another one.'), array( 'form-field' => 'email' ) );
+ } elseif ( ( $owner_id = email_exists( $user->user_email ) ) && ( ! $update || ( $owner_id != $user->ID ) ) ) {
+ $errors->add( 'email_exists', __( '<strong>ERROR</strong>: This email is already registered, please choose another one.' ), array( 'form-field' => 'email' ) );
}
/**
@@ -190,8 +216,9 @@
*/
do_action_ref_array( 'user_profile_update_errors', array( &$errors, $update, &$user ) );
- if ( $errors->get_error_codes() )
+ if ( $errors->has_errors() ) {
return $errors;
+ }
if ( $update ) {
$user_id = wp_update_user( $user );
@@ -200,14 +227,14 @@
$notify = isset( $_POST['send_user_notification'] ) ? 'both' : 'admin';
/**
- * Fires after a new user has been created.
- *
- * @since 4.4.0
- *
- * @param int $user_id ID of the newly created user.
- * @param string $notify Type of notification that should happen. See wp_send_new_user_notifications()
- * for more information on possible values.
- */
+ * Fires after a new user has been created.
+ *
+ * @since 4.4.0
+ *
+ * @param int $user_id ID of the newly created user.
+ * @param string $notify Type of notification that should happen. See wp_send_new_user_notifications()
+ * for more information on possible values.
+ */
do_action( 'edit_user_created_user', $user_id, $notify );
}
return $user_id;
@@ -217,7 +244,7 @@
* Fetch a filtered list of user roles that the current user is
* allowed to edit.
*
- * Simple function who's main purpose is to allow filtering of the
+ * Simple function whose main purpose is to allow filtering of the
* list of roles in the $wp_roles object so that plugins can remove
* inappropriate ones depending on the situation or user making edits.
* Specifically because without filtering anyone with the edit_users
@@ -227,7 +254,7 @@
*
* @since 2.8.0
*
- * @return array
+ * @return array[] Array of arrays containing role information.
*/
function get_editable_roles() {
$all_roles = wp_roles()->roles;
@@ -237,7 +264,7 @@
*
* @since 2.8.0
*
- * @param array $all_roles List of roles.
+ * @param array[] $all_roles Array of arrays containing role information.
*/
$editable_roles = apply_filters( 'editable_roles', $all_roles );
@@ -255,8 +282,9 @@
function get_user_to_edit( $user_id ) {
$user = get_userdata( $user_id );
- if ( $user )
+ if ( $user ) {
$user->filter = 'edit';
+ }
return $user;
}
@@ -273,7 +301,7 @@
*/
function get_users_drafts( $user_id ) {
global $wpdb;
- $query = $wpdb->prepare("SELECT ID, post_title FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'draft' AND post_author = %d ORDER BY post_modified DESC", $user_id);
+ $query = $wpdb->prepare( "SELECT ID, post_title FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'draft' AND post_author = %d ORDER BY post_modified DESC", $user_id );
/**
* Filters the user's drafts query string.
@@ -309,11 +337,12 @@
return false;
}
- $id = (int) $id;
+ $id = (int) $id;
$user = new WP_User( $id );
- if ( !$user->exists() )
+ if ( ! $user->exists() ) {
return false;
+ }
// Normalize $reassign to null or a user ID. 'novalue' was an older default.
if ( 'novalue' === $reassign ) {
@@ -348,36 +377,40 @@
*
* @since 3.4.0
*
- * @param array $post_types_to_delete Post types to delete.
- * @param int $id User ID.
+ * @param string[] $post_types_to_delete Array of post types to delete.
+ * @param int $id User ID.
*/
$post_types_to_delete = apply_filters( 'post_types_to_delete_with_user', $post_types_to_delete, $id );
$post_types_to_delete = implode( "', '", $post_types_to_delete );
- $post_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_author = %d AND post_type IN ('$post_types_to_delete')", $id ) );
+ $post_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_author = %d AND post_type IN ('$post_types_to_delete')", $id ) );
if ( $post_ids ) {
- foreach ( $post_ids as $post_id )
+ foreach ( $post_ids as $post_id ) {
wp_delete_post( $post_id );
+ }
}
// Clean links
- $link_ids = $wpdb->get_col( $wpdb->prepare("SELECT link_id FROM $wpdb->links WHERE link_owner = %d", $id) );
+ $link_ids = $wpdb->get_col( $wpdb->prepare( "SELECT link_id FROM $wpdb->links WHERE link_owner = %d", $id ) );
if ( $link_ids ) {
- foreach ( $link_ids as $link_id )
- wp_delete_link($link_id);
+ foreach ( $link_ids as $link_id ) {
+ wp_delete_link( $link_id );
+ }
}
} else {
$post_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_author = %d", $id ) );
- $wpdb->update( $wpdb->posts, array('post_author' => $reassign), array('post_author' => $id) );
+ $wpdb->update( $wpdb->posts, array( 'post_author' => $reassign ), array( 'post_author' => $id ) );
if ( ! empty( $post_ids ) ) {
- foreach ( $post_ids as $post_id )
+ foreach ( $post_ids as $post_id ) {
clean_post_cache( $post_id );
+ }
}
- $link_ids = $wpdb->get_col( $wpdb->prepare("SELECT link_id FROM $wpdb->links WHERE link_owner = %d", $id) );
- $wpdb->update( $wpdb->links, array('link_owner' => $reassign), array('link_owner' => $id) );
+ $link_ids = $wpdb->get_col( $wpdb->prepare( "SELECT link_id FROM $wpdb->links WHERE link_owner = %d", $id ) );
+ $wpdb->update( $wpdb->links, array( 'link_owner' => $reassign ), array( 'link_owner' => $id ) );
if ( ! empty( $link_ids ) ) {
- foreach ( $link_ids as $link_id )
+ foreach ( $link_ids as $link_id ) {
clean_bookmark_cache( $link_id );
+ }
}
}
@@ -386,8 +419,9 @@
remove_user_from_blog( $id, get_current_blog_id() );
} else {
$meta = $wpdb->get_col( $wpdb->prepare( "SELECT umeta_id FROM $wpdb->usermeta WHERE user_id = %d", $id ) );
- foreach ( $meta as $mid )
+ foreach ( $meta as $mid ) {
delete_metadata_by_mid( 'user', $mid );
+ }
$wpdb->delete( $wpdb->users, array( 'ID' => $id ) );
}
@@ -415,10 +449,10 @@
*
* @param int $id User ID.
*/
-function wp_revoke_user($id) {
+function wp_revoke_user( $id ) {
$id = (int) $id;
- $user = new WP_User($id);
+ $user = new WP_User( $id );
$user->remove_all_caps();
}
@@ -429,16 +463,17 @@
*
* @param false $errors Deprecated.
*/
-function default_password_nag_handler($errors = false) {
+function default_password_nag_handler( $errors = false ) {
global $user_ID;
// Short-circuit it.
- if ( ! get_user_option('default_password_nag') )
+ if ( ! get_user_option( 'default_password_nag' ) ) {
return;
+ }
// get_user_setting = JS saved UI setting. else no-js-fallback code.
- if ( 'hide' == get_user_setting('default_password_nag') || isset($_GET['default_password_nag']) && '0' == $_GET['default_password_nag'] ) {
- delete_user_setting('default_password_nag');
- update_user_option($user_ID, 'default_password_nag', false, true);
+ if ( 'hide' == get_user_setting( 'default_password_nag' ) || isset( $_GET['default_password_nag'] ) && '0' == $_GET['default_password_nag'] ) {
+ delete_user_setting( 'default_password_nag' );
+ update_user_option( $user_ID, 'default_password_nag', false, true );
}
}
@@ -448,17 +483,18 @@
* @param int $user_ID
* @param object $old_data
*/
-function default_password_nag_edit_user($user_ID, $old_data) {
+function default_password_nag_edit_user( $user_ID, $old_data ) {
// Short-circuit it.
- if ( ! get_user_option('default_password_nag', $user_ID) )
+ if ( ! get_user_option( 'default_password_nag', $user_ID ) ) {
return;
+ }
- $new_data = get_userdata($user_ID);
+ $new_data = get_userdata( $user_ID );
// Remove the nag if the password has been changed.
if ( $new_data->user_pass != $old_data->user_pass ) {
- delete_user_setting('default_password_nag');
- update_user_option($user_ID, 'default_password_nag', false, true);
+ delete_user_setting( 'default_password_nag' );
+ update_user_option( $user_ID, 'default_password_nag', false, true );
}
}
@@ -470,16 +506,17 @@
function default_password_nag() {
global $pagenow;
// Short-circuit it.
- if ( 'profile.php' == $pagenow || ! get_user_option('default_password_nag') )
+ if ( 'profile.php' == $pagenow || ! get_user_option( 'default_password_nag' ) ) {
return;
+ }
echo '<div class="error default-password-nag">';
echo '<p>';
- echo '<strong>' . __('Notice:') . '</strong> ';
- _e('You’re using the auto-generated password for your account. Would you like to change it?');
+ echo '<strong>' . __( 'Notice:' ) . '</strong> ';
+ _e( 'You’re using the auto-generated password for your account. Would you like to change it?' );
echo '</p><p>';
- printf( '<a href="%s">' . __('Yes, take me to my profile page') . '</a> | ', get_edit_profile_url() . '#password' );
- printf( '<a href="%s" id="default-password-nag-no">' . __('No thanks, do not remind me again') . '</a>', '?default_password_nag=0' );
+ printf( '<a href="%s">' . __( 'Yes, take me to my profile page' ) . '</a> | ', get_edit_profile_url() . '#password' );
+ printf( '<a href="%s" id="default-password-nag-no">' . __( 'No thanks, do not remind me again' ) . '</a>', '?default_password_nag=0' );
echo '</p></div>';
}
@@ -487,7 +524,8 @@
* @since 3.5.0
* @access private
*/
-function delete_users_add_js() { ?>
+function delete_users_add_js() {
+ ?>
<script>
jQuery(document).ready( function($) {
var submit = $('#submit').prop('disabled', true);
@@ -499,7 +537,7 @@
});
});
</script>
-<?php
+ <?php
}
/**
@@ -509,34 +547,40 @@
*
* @since 2.7.0
*
- * @param object $user User data object
+ * @param object $user User data object.
*/
-function use_ssl_preference($user) {
-?>
+function use_ssl_preference( $user ) {
+ ?>
<tr class="user-use-ssl-wrap">
- <th scope="row"><?php _e('Use https')?></th>
- <td><label for="use_ssl"><input name="use_ssl" type="checkbox" id="use_ssl" value="1" <?php checked('1', $user->use_ssl); ?> /> <?php _e('Always use https when visiting the admin'); ?></label></td>
+ <th scope="row"><?php _e( 'Use https' ); ?></th>
+ <td><label for="use_ssl"><input name="use_ssl" type="checkbox" id="use_ssl" value="1" <?php checked( '1', $user->use_ssl ); ?> /> <?php _e( 'Always use https when visiting the admin' ); ?></label></td>
</tr>
-<?php
+ <?php
}
/**
- *
* @param string $text
* @return string
*/
function admin_created_user_email( $text ) {
$roles = get_editable_roles();
- $role = $roles[ $_REQUEST['role'] ];
- /* translators: 1: Site name, 2: site URL, 3: role */
- return sprintf( __( 'Hi,
+ $role = $roles[ $_REQUEST['role'] ];
+ /* translators: 1: site name, 2: site URL, 3: role */
+ return sprintf(
+ __(
+ 'Hi,
You\'ve been invited to join \'%1$s\' at
%2$s with the role of %3$s.
If you do not want to join this site please ignore
this email. This invitation will expire in a few days.
Please click the following link to activate your user account:
-%%s' ), wp_specialchars_decode( get_bloginfo( 'name' ), ENT_QUOTES ), home_url(), wp_specialchars_decode( translate_user_role( $role['name'] ) ) );
+%%s'
+ ),
+ wp_specialchars_decode( get_bloginfo( 'name' ), ENT_QUOTES ),
+ home_url(),
+ wp_specialchars_decode( translate_user_role( $role['name'] ) )
+ );
}
/**
@@ -574,24 +618,26 @@
* @access private
*
* @param int $request_id Request ID.
- * @return int|WP_Error $request Request ID on success or WP_Error.
+ * @return int|WP_Error $result Request ID on success or WP_Error.
*/
function _wp_privacy_completed_request( $request_id ) {
- $request_id = absint( $request_id );
- $request_data = wp_get_user_request_data( $request_id );
+ $request_id = absint( $request_id );
+ $request = wp_get_user_request_data( $request_id );
- if ( ! $request_data ) {
+ if ( ! $request ) {
return new WP_Error( 'privacy_request_error', __( 'Invalid request.' ) );
}
update_post_meta( $request_id, '_wp_user_request_completed_timestamp', time() );
- $request = wp_update_post( array(
- 'ID' => $request_id,
- 'post_status' => 'request-completed',
- ) );
+ $result = wp_update_post(
+ array(
+ 'ID' => $request_id,
+ 'post_status' => 'request-completed',
+ )
+ );
- return $request;
+ return $result;
}
/**
@@ -712,29 +758,33 @@
*/
function _wp_personal_data_cleanup_requests() {
/** This filter is documented in wp-includes/user.php */
- $expires = (int) apply_filters( 'user_request_key_expiration', DAY_IN_SECONDS );
+ $expires = (int) apply_filters( 'user_request_key_expiration', DAY_IN_SECONDS );
- $requests_query = new WP_Query( array(
- 'post_type' => 'user_request',
- 'posts_per_page' => -1,
- 'post_status' => 'request-pending',
- 'fields' => 'ids',
- 'date_query' => array(
- array(
- 'column' => 'post_modified_gmt',
- 'before' => $expires . ' seconds ago',
+ $requests_query = new WP_Query(
+ array(
+ 'post_type' => 'user_request',
+ 'posts_per_page' => -1,
+ 'post_status' => 'request-pending',
+ 'fields' => 'ids',
+ 'date_query' => array(
+ array(
+ 'column' => 'post_modified_gmt',
+ 'before' => $expires . ' seconds ago',
+ ),
),
- ),
- ) );
+ )
+ );
$request_ids = $requests_query->posts;
foreach ( $request_ids as $request_id ) {
- wp_update_post( array(
- 'ID' => $request_id,
- 'post_status' => 'request-failed',
- 'post_password' => '',
- ) );
+ wp_update_post(
+ array(
+ 'ID' => $request_id,
+ 'post_status' => 'request-failed',
+ 'post_password' => '',
+ )
+ );
}
}
@@ -755,10 +805,22 @@
// "Borrow" xfn.js for now so we don't have to create new files.
wp_enqueue_script( 'xfn' );
- $requests_table = new WP_Privacy_Data_Export_Requests_Table( array(
- 'plural' => 'privacy_requests',
- 'singular' => 'privacy_request',
- ) );
+ $requests_table = new WP_Privacy_Data_Export_Requests_Table(
+ array(
+ 'plural' => 'privacy_requests',
+ 'singular' => 'privacy_request',
+ 'screen' => 'export_personal_data',
+ )
+ );
+
+ $requests_table->screen->set_screen_reader_content(
+ array(
+ 'heading_views' => __( 'Filter export personal data list' ),
+ 'heading_pagination' => __( 'Export personal data list navigation' ),
+ 'heading_list' => __( 'Export personal data list' ),
+ )
+ );
+
$requests_table->process_bulk_action();
$requests_table->prepare_items();
?>
@@ -768,7 +830,7 @@
<?php settings_errors(); ?>
- <form method="post" class="wp-privacy-request-form">
+ <form action="<?php echo esc_url( admin_url( 'tools.php?page=export_personal_data' ) ); ?>" method="post" class="wp-privacy-request-form">
<h2><?php esc_html_e( 'Add Data Export Request' ); ?></h2>
<p><?php esc_html_e( 'An email will be sent to the user at this email address asking them to verify the request.' ); ?></p>
@@ -826,10 +888,21 @@
// "Borrow" xfn.js for now so we don't have to create new files.
wp_enqueue_script( 'xfn' );
- $requests_table = new WP_Privacy_Data_Removal_Requests_Table( array(
- 'plural' => 'privacy_requests',
- 'singular' => 'privacy_request',
- ) );
+ $requests_table = new WP_Privacy_Data_Removal_Requests_Table(
+ array(
+ 'plural' => 'privacy_requests',
+ 'singular' => 'privacy_request',
+ 'screen' => 'remove_personal_data',
+ )
+ );
+
+ $requests_table->screen->set_screen_reader_content(
+ array(
+ 'heading_views' => __( 'Filter erase personal data list' ),
+ 'heading_pagination' => __( 'Erase personal data list navigation' ),
+ 'heading_list' => __( 'Erase personal data list' ),
+ )
+ );
$requests_table->process_bulk_action();
$requests_table->prepare_items();
@@ -841,7 +914,7 @@
<?php settings_errors(); ?>
- <form method="post" class="wp-privacy-request-form">
+ <form action="<?php echo esc_url( admin_url( 'tools.php?page=remove_personal_data' ) ); ?>" method="post" class="wp-privacy-request-form">
<h2><?php esc_html_e( 'Add Data Erasure Request' ); ?></h2>
<p><?php esc_html_e( 'An email will be sent to the user at this email address asking them to verify the request.' ); ?></p>
@@ -972,7 +1045,7 @@
*/
function _wp_privacy_requests_screen_options() {
$args = array(
- 'option' => str_replace( 'tools_page_', '', get_current_screen()->id ) . '_requests_per_page',
+ 'option' => str_replace( 'tools_page_', '', get_current_screen()->id ) . '_requests_per_page',
);
add_screen_option( 'per_page', $args );
}
@@ -1036,7 +1109,15 @@
* @return array Default sortable columns.
*/
protected function get_sortable_columns() {
- return array();
+ // The initial sorting is by 'Requested' (post_date) and descending.
+ // With initial sorting, the first click on 'Requested' should be ascending.
+ // With 'Requester' sorting active, the next click on 'Requested' should be descending.
+ $desc_first = isset( $_GET['orderby'] );
+
+ return array(
+ 'email' => 'requester',
+ 'created_timestamp' => array( 'requested', $desc_first ),
+ );
}
/**
@@ -1100,13 +1181,47 @@
$views = array();
$admin_url = admin_url( 'tools.php?page=' . $this->request_type );
$counts = $this->get_request_counts();
+ $total_requests = absint( array_sum( (array) $counts ) );
$current_link_attributes = empty( $current_status ) ? ' class="current" aria-current="page"' : '';
- $views['all'] = '<a href="' . esc_url( $admin_url ) . "\" $current_link_attributes>" . esc_html__( 'All' ) . ' (' . absint( array_sum( (array) $counts ) ) . ')</a>';
+ $status_label = sprintf(
+ /* translators: %s: all requests count */
+ _nx(
+ 'All <span class="count">(%s)</span>',
+ 'All <span class="count">(%s)</span>',
+ $total_requests,
+ 'requests'
+ ),
+ number_format_i18n( $total_requests )
+ );
+
+ $views['all'] = sprintf(
+ '<a href="%s"%s>%s</a>',
+ esc_url( $admin_url ),
+ $current_link_attributes,
+ $status_label
+ );
foreach ( $statuses as $status => $label ) {
+ $post_status = get_post_status_object( $status );
+ if ( ! $post_status ) {
+ continue;
+ }
+
$current_link_attributes = $status === $current_status ? ' class="current" aria-current="page"' : '';
- $views[ $status ] = '<a href="' . esc_url( add_query_arg( 'filter-status', $status, $admin_url ) ) . "\" $current_link_attributes>" . esc_html( $label ) . ' (' . absint( $counts->$status ) . ')</a>';
+ $total_status_requests = absint( $counts->{$status} );
+ $status_label = sprintf(
+ translate_nooped_plural( $post_status->label_count, $total_status_requests ),
+ number_format_i18n( $total_status_requests )
+ );
+ $status_link = add_query_arg( 'filter-status', $status, $admin_url );
+
+ $views[ $status ] = sprintf(
+ '<a href="%s"%s>%s</a>',
+ esc_url( $status_link ),
+ $current_link_attributes,
+ $status_label
+ );
}
return $views;
@@ -1134,8 +1249,8 @@
public function process_bulk_action() {
$action = $this->current_action();
$request_ids = isset( $_REQUEST['request_id'] ) ? wp_parse_id_list( wp_unslash( $_REQUEST['request_id'] ) ) : array();
-
- $count = 0;
+
+ $count = 0;
if ( $request_ids ) {
check_admin_referer( 'bulk-privacy_requests' );
@@ -1181,18 +1296,11 @@
* Prepare items to output.
*
* @since 4.9.6
+ * @since 5.1.0 Added support for column sorting.
*/
public function prepare_items() {
global $wpdb;
- $primary = $this->get_primary_column_name();
- $this->_column_headers = array(
- $this->get_columns(),
- array(),
- $this->get_sortable_columns(),
- $primary,
- );
-
$this->items = array();
$posts_per_page = $this->get_items_per_page( $this->request_type . '_requests_per_page' );
$args = array(
@@ -1204,6 +1312,19 @@
's' => isset( $_REQUEST['s'] ) ? sanitize_text_field( $_REQUEST['s'] ) : '',
);
+ $orderby_mapping = array(
+ 'requester' => 'post_title',
+ 'requested' => 'post_date',
+ );
+
+ if ( isset( $_REQUEST['orderby'] ) && isset( $orderby_mapping[ $_REQUEST['orderby'] ] ) ) {
+ $args['orderby'] = $orderby_mapping[ $_REQUEST['orderby'] ];
+ }
+
+ if ( isset( $_REQUEST['order'] ) && in_array( strtoupper( $_REQUEST['order'] ), array( 'ASC', 'DESC' ), true ) ) {
+ $args['order'] = strtoupper( $_REQUEST['order'] );
+ }
+
if ( ! empty( $_REQUEST['filter-status'] ) ) {
$filter_status = isset( $_REQUEST['filter-status'] ) ? sanitize_text_field( $_REQUEST['filter-status'] ) : '';
$args['post_status'] = $filter_status;
@@ -1288,7 +1409,7 @@
return '';
}
- $time_diff = current_time( 'timestamp', true ) - $timestamp;
+ $time_diff = time() - $timestamp;
if ( $time_diff >= 0 && $time_diff < DAY_IN_SECONDS ) {
/* translators: human readable timestamp */
@@ -1409,7 +1530,7 @@
$download_data_markup .= '<span class="export-personal-data-idle"><button type="button" class="button-link export-personal-data-handle">' . __( 'Download Personal Data' ) . '</button></span>' .
'<span style="display:none" class="export-personal-data-processing" >' . __( 'Downloading Data...' ) . '</span>' .
'<span style="display:none" class="export-personal-data-success"><button type="button" class="button-link export-personal-data-handle">' . __( 'Download Personal Data Again' ) . '</button></span>' .
- '<span style="display:none" class="export-personal-data-failed">' . __( 'Download has failed.' ) . ' <button type="button" class="button-link">' . __( 'Retry' ) . '</button></span>';
+ '<span style="display:none" class="export-personal-data-failed">' . __( 'Download failed.' ) . ' <button type="button" class="button-link">' . __( 'Retry' ) . '</button></span>';
$download_data_markup .= '</div>';
@@ -1449,7 +1570,7 @@
'">';
?>
- <span class="export-personal-data-idle"><button type="button" class="button export-personal-data-handle"><?php _e( 'Email Data' ); ?></button></span>
+ <span class="export-personal-data-idle"><button type="button" class="button export-personal-data-handle"><?php _e( 'Send Export Link' ); ?></button></span>
<span style="display:none" class="export-personal-data-processing button updating-message" ><?php _e( 'Sending Email...' ); ?></span>
<span style="display:none" class="export-personal-data-success success-message" ><?php _e( 'Email sent.' ); ?></span>
<span style="display:none" class="export-personal-data-failed"><?php _e( 'Email could not be sent.' ); ?> <button type="button" class="button export-personal-data-handle"><?php _e( 'Retry' ); ?></button></span>
@@ -1461,10 +1582,18 @@
submit_button( __( 'Retry' ), 'secondary', 'privacy_action_email_retry[' . $item->ID . ']', false );
break;
case 'request-completed':
- echo '<a href="' . esc_url( wp_nonce_url( add_query_arg( array(
- 'action' => 'delete',
- 'request_id' => array( $item->ID ),
- ), admin_url( 'tools.php?page=export_personal_data' ) ), 'bulk-privacy_requests' ) ) . '" class="button">' . esc_html__( 'Remove request' ) . '</a>';
+ echo '<a href="' . esc_url(
+ wp_nonce_url(
+ add_query_arg(
+ array(
+ 'action' => 'delete',
+ 'request_id' => array( $item->ID ),
+ ),
+ admin_url( 'tools.php?page=export_personal_data' )
+ ),
+ 'bulk-privacy_requests'
+ )
+ ) . '" class="button">' . esc_html__( 'Remove request' ) . '</a>';
break;
}
}
@@ -1575,10 +1704,18 @@
submit_button( __( 'Retry' ), 'secondary', 'privacy_action_email_retry[' . $item->ID . ']', false );
break;
case 'request-completed':
- echo '<a href="' . esc_url( wp_nonce_url( add_query_arg( array(
- 'action' => 'delete',
- 'request_id' => array( $item->ID ),
- ), admin_url( 'tools.php?page=remove_personal_data' ) ), 'bulk-privacy_requests' ) ) . '" class="button">' . esc_html__( 'Remove request' ) . '</a>';
+ echo '<a href="' . esc_url(
+ wp_nonce_url(
+ add_query_arg(
+ array(
+ 'action' => 'delete',
+ 'request_id' => array( $item->ID ),
+ ),
+ admin_url( 'tools.php?page=remove_personal_data' )
+ ),
+ 'bulk-privacy_requests'
+ )
+ ) . '" class="button">' . esc_html__( 'Remove request' ) . '</a>';
break;
}
}