@@ -503,7 +600,7 @@ if ( ! class_exists( 'um\admin\Users_Columns' ) ) {
* @param string $uri
* @return string
*/
- private function set_redirect_uri( $uri ) {
+ public function set_redirect_uri( $uri ) {
if ( ! empty( $_REQUEST['s'] ) ) {
$uri = add_query_arg( 's', sanitize_text_field( $_REQUEST['s'] ), $uri );
}
diff --git a/includes/admin/core/class-admin-notices.php b/includes/admin/core/class-admin-notices.php
index b9222e09..94641895 100644
--- a/includes/admin/core/class-admin-notices.php
+++ b/includes/admin/core/class-admin-notices.php
@@ -490,9 +490,6 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
case 'um_settings_updated':
$messages[0]['content'] = __( 'Settings have been saved successfully.', 'ultimate-member' );
break;
- case 'um_user_updated':
- $messages[0]['content'] = __( 'User has been updated.', 'ultimate-member' );
- break;
case 'um_users_updated':
$messages[0]['content'] = __( 'Users have been updated.', 'ultimate-member' );
break;
diff --git a/includes/admin/core/class-admin-users.php b/includes/admin/core/class-admin-users.php
deleted file mode 100644
index 8612c377..00000000
--- a/includes/admin/core/class-admin-users.php
+++ /dev/null
@@ -1,170 +0,0 @@
-
- */
- do_action( "um_admin_custom_hook_{$action}", UM()->user()->id );
- break;
-
- case 'um_delete':
- if ( is_admin() ) {
- wp_die( esc_html__( 'This action is not allowed in backend.', 'ultimate-member' ) );
- }
- UM()->user()->delete();
- break;
- }
- }
-
- /**
- * Add UM Bulk actions to Users List Table
- * @deprecated 2.8.7
- */
- public function restrict_manage_users() {
- ?>
-
-
-
-
-
-
-
-
-
-
-
-
- roles()->get_priority_user_role( get_current_user_id() );
- $role = get_role( $rolename );
-
- if ( empty( $role ) ) {
- wp_die( esc_html__( 'You do not have enough permissions to do that.', 'ultimate-member' ) );
- }
-
- if ( ! current_user_can( 'edit_users' ) && ! $role->has_cap( 'edit_users' ) ) {
- wp_die( esc_html__( 'You do not have enough permissions to do that.', 'ultimate-member' ) );
- }
-
- check_admin_referer( 'bulk-users' );
-
- $users = array_map( 'absint', (array) $_REQUEST['users'] );
- $bulk_action = current( array_filter( $_REQUEST['um_bulk_action'] ) );
-
- foreach ( $users as $user_id ) {
- UM()->user()->set( $user_id );
-
- /**
- * UM hook
- *
- * @type action
- * @title um_admin_user_action_hook
- * @description Action on bulk user action
- * @input_vars
- * [{"var":"$bulk_action","type":"string","desc":"Bulk Action"}]
- * @change_log
- * ["Since: 2.0"]
- * @usage add_action( 'um_admin_user_action_hook{$action}', 'function_name', 10, 1 );
- * @example
- *
- */
- do_action( 'um_admin_user_action_hook', $bulk_action );
-
- /**
- * UM hook
- *
- * @type action
- * @title um_admin_user_action_{$bulk_action}_hook
- * @description Action on bulk user action
- * @change_log
- * ["Since: 2.0"]
- * @usage add_action( 'um_admin_user_action_{$bulk_action}_hook', 'function_name', 10 );
- * @example
- *
- */
- do_action( "um_admin_user_action_{$bulk_action}_hook" );
- }
-
- $uri = $this->set_redirect_uri( admin_url( 'users.php' ) );
- $uri = add_query_arg( 'update', 'um_users_updated', $uri );
-
- wp_safe_redirect( $uri );
- exit;
- }
-
- if ( ! empty( $_REQUEST['um_bulkedit'] ) ) {
- $uri = $this->set_redirect_uri( admin_url( 'users.php' ) );
- wp_safe_redirect( $uri );
- exit;
- }
- }
- }
-}
diff --git a/includes/class-init.php b/includes/class-init.php
index 8cd2d914..9c8f811b 100644
--- a/includes/class-init.php
+++ b/includes/class-init.php
@@ -1451,7 +1451,7 @@ if ( ! class_exists( 'UM' ) ) {
require_once 'core/um-actions-form.php';
require_once 'core/um-actions-access.php';
require_once 'core/um-actions-wpadmin.php';
- require_once 'core/um-actions-core.php';
+// require_once 'core/um-actions-core.php';
require_once 'core/um-actions-ajax.php';
require_once 'core/um-actions-login.php';
require_once 'core/um-actions-register.php';
diff --git a/includes/common/class-users.php b/includes/common/class-users.php
index e440f621..f8a8b512 100644
--- a/includes/common/class-users.php
+++ b/includes/common/class-users.php
@@ -103,10 +103,10 @@ class Users {
public function statuses_list() {
$statuses = array(
'approved' => __( 'Approved', 'ultimate-member' ),
- 'awaiting_admin_review' => __( 'Pending review', 'ultimate-member' ),
+ 'awaiting_admin_review' => __( 'Pending administrator review', 'ultimate-member' ),
'awaiting_email_confirmation' => __( 'Waiting email confirmation', 'ultimate-member' ),
- 'inactive' => __( 'Inactive', 'ultimate-member' ),
- 'rejected' => __( 'Rejected', 'ultimate-member' ),
+ 'inactive' => __( 'Membership inactive', 'ultimate-member' ),
+ 'rejected' => __( 'Membership rejected', 'ultimate-member' ),
);
/**
* Filters the user statuses added via Ultimate Member plugin.
@@ -114,13 +114,13 @@ class Users {
* Note: Statuses format is 'key' => 'title'
*
* @since 2.8.7
- * @hook um_admin_get_user_statuses
+ * @hook um_user_statuses
*
* @param {array} $statuses User statuses in Ultimate Member environment.
*
* @return {array} User statuses.
*/
- return apply_filters( 'um_admin_get_user_statuses', $statuses );
+ return apply_filters( 'um_user_statuses', $statuses );
}
/**
@@ -184,8 +184,18 @@ class Users {
*
* @return string
*/
- public function get_status( $user_id ) {
- return get_user_meta( $user_id, 'account_status', true );
+ public function get_status( $user_id, $format = 'raw' ) {
+ $status = get_user_meta( $user_id, 'account_status', true );
+ if ( 'raw' === $format ) {
+ return $status;
+ }
+
+ $all_statuses = $this->statuses_list();
+ if ( array_key_exists( $status, $all_statuses ) ) {
+ return $all_statuses[ $status ];
+ }
+
+ return __( 'Undefined', 'ultimate-member' );
}
/**
@@ -280,9 +290,34 @@ class Users {
return get_password_reset_key( $userdata );
}
- public function can_activation_send( $user_id ) {
+ public function can_current_user_edit_user( $user_id ) {
$current_user_id = get_current_user_id();
if ( $current_user_id === $user_id ) {
+ return true;
+ }
+
+ if ( ! self::user_exists( $user_id ) ) {
+ return false;
+ }
+
+ $rolename = UM()->roles()->get_priority_user_role( $current_user_id );
+ $role = get_role( $rolename );
+
+ if ( null === $role ) {
+ return false;
+ }
+
+ // Make Ultimate Member bulk actions only when the current user has 'edit_users' capability.
+ if ( ! current_user_can( 'edit_users' ) && ! $role->has_cap( 'edit_users' ) ) {
+ return false;
+ }
+
+ return true;
+ }
+
+ public function can_activation_send( $user_id ) {
+ $current_user_id = get_current_user_id();
+ if ( $current_user_id === $user_id || ! self::user_exists( $user_id ) ) {
return false;
}
@@ -357,7 +392,7 @@ class Users {
*/
public function can_be_deactivated( $user_id ) {
$current_user_id = get_current_user_id();
- if ( $current_user_id === $user_id ) {
+ if ( $current_user_id === $user_id || ! self::user_exists( $user_id ) ) {
return false;
}
@@ -440,7 +475,7 @@ class Users {
*/
public function can_be_rejected( $user_id ) {
$current_user_id = get_current_user_id();
- if ( $current_user_id === $user_id ) {
+ if ( $current_user_id === $user_id || ! self::user_exists( $user_id ) ) {
return false;
}
@@ -523,7 +558,7 @@ class Users {
*/
public function can_be_set_as_pending( $user_id ) {
$current_user_id = get_current_user_id();
- if ( $current_user_id === $user_id ) {
+ if ( $current_user_id === $user_id || ! self::user_exists( $user_id ) ) {
return false;
}
@@ -598,7 +633,7 @@ class Users {
*/
public function can_be_approved( $user_id ) {
$current_user_id = get_current_user_id();
- if ( $current_user_id === $user_id ) {
+ if ( $current_user_id === $user_id || ! self::user_exists( $user_id ) ) {
return false;
}
@@ -618,6 +653,27 @@ class Users {
return 'approved' !== $status;
}
+ /**
+ * @param int $user_id
+ *
+ * @return bool
+ */
+ public static function user_exists( $user_id ) {
+ /**
+ * @var bool[] $search_results
+ */
+ static $search_results = array();
+
+ if ( array_key_exists( $user_id, $search_results ) ) {
+ return $search_results[ $user_id ];
+ }
+
+ $user = get_userdata( $user_id );
+
+ $search_results[ $user_id ] = false !== $user;
+ return $search_results[ $user_id ];
+ }
+
/**
* Approve user.
*
@@ -684,7 +740,7 @@ class Users {
*/
public function can_be_reactivated( $user_id ) {
$current_user_id = get_current_user_id();
- if ( $current_user_id === $user_id ) {
+ if ( $current_user_id === $user_id || ! self::user_exists( $user_id ) ) {
return false;
}
diff --git a/includes/core/class-member-directory.php b/includes/core/class-member-directory.php
index d9cdea0e..ea83dffa 100644
--- a/includes/core/class-member-directory.php
+++ b/includes/core/class-member-directory.php
@@ -2589,21 +2589,18 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
return $pagination_data;
}
-
/**
* @param int $user_id
*
* @return array
*/
- function build_user_actions_list( $user_id ) {
-
+ private function build_user_actions_list( $user_id ) {
$actions = array();
if ( ! is_user_logged_in() ) {
return $actions;
}
- if ( get_current_user_id() != $user_id ) {
-
+ if ( get_current_user_id() !== $user_id ) {
if ( UM()->roles()->um_current_user_can( 'edit', $user_id ) ) {
$actions['um-editprofile'] = array(
'title' => esc_html__( 'Edit Profile', 'ultimate-member' ),
@@ -2611,31 +2608,17 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
);
}
- /**
- * UM hook
- *
- * @type filter
- * @title um_admin_user_actions_hook
- * @description Extend admin actions for each user
- * @input_vars
- * [{"var":"$actions","type":"array","desc":"Actions for user"}]
- * @change_log
- * ["Since: 2.0"]
- * @usage
- *
- * @example
- *
- */
- $admin_actions = apply_filters( 'um_admin_user_actions_hook', array(), $user_id );
+ $admin_actions = UM()->frontend()->users()->get_actions_list( $user_id );
if ( ! empty( $admin_actions ) ) {
foreach ( $admin_actions as $id => $arr ) {
- $url = add_query_arg( array( 'um_action' => $id, 'uid' => $user_id ), um_get_core_page( 'user' ) );
+ $url = add_query_arg(
+ array(
+ 'um_action' => $id,
+ 'uid' => $user_id,
+ 'nonce' => wp_create_nonce( $id . $user_id ),
+ ),
+ um_user_profile_url( $user_id )
+ );
$actions[ $id ] = array(
'title' => esc_html( $arr['label'] ),
@@ -2645,9 +2628,7 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
}
$actions = apply_filters( 'um_member_directory_users_card_actions', $actions, $user_id );
-
} else {
-
if ( empty( UM()->user()->cannot_edit ) ) {
$actions['um-editprofile'] = array(
'title' => esc_html__( 'Edit Profile', 'ultimate-member' ),
@@ -2671,15 +2652,13 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
return $actions;
}
-
/**
* @param int $user_id
* @param array $directory_data
*
* @return array
*/
- function build_user_card_data( $user_id, $directory_data ) {
-
+ public function build_user_card_data( $user_id, $directory_data ) {
um_fetch_user( $user_id );
$dropdown_actions = $this->build_user_actions_list( $user_id );
diff --git a/includes/core/class-rewrite.php b/includes/core/class-rewrite.php
index 13578add..7d238716 100644
--- a/includes/core/class-rewrite.php
+++ b/includes/core/class-rewrite.php
@@ -234,8 +234,8 @@ if ( ! class_exists( 'um\core\Rewrite' ) ) {
$user_id = $this->get_user_id_by_user_login_slug();
}
- if ( 'user_id' === $permalink_base ) {
- $user_id = UM()->user()->user_exists_by_id( um_queried_user() );
+ if ( 'user_id' === $permalink_base && UM()->common()->users()::user_exists( um_queried_user() ) ) {
+ $user_id = um_queried_user();
}
if ( 'hash' === $permalink_base ) {
diff --git a/includes/core/class-user.php b/includes/core/class-user.php
index 0654ef31..68f53dd9 100644
--- a/includes/core/class-user.php
+++ b/includes/core/class-user.php
@@ -1725,28 +1725,7 @@ if ( ! class_exists( 'um\core\User' ) ) {
function get_admin_actions() {
$items = array();
- /**
- * UM hook
- *
- * @type filter
- * @title um_admin_user_actions_hook
- * @description Extend admin actions for each user
- * @input_vars
- * [{"var":"$actions","type":"array","desc":"Actions for user"}]
- * @change_log
- * ["Since: 2.0"]
- * @usage
- *
- * @example
- *
- */
- $actions = apply_filters( 'um_admin_user_actions_hook', array(), um_profile_id() );
+ $actions = UM()->frontend()->users()->get_actions_list( um_profile_id() );
if ( empty( $actions ) ) {
return $items;
}
@@ -1756,10 +1735,9 @@ if ( ! class_exists( 'um\core\User' ) ) {
array(
'um_action' => $id,
'uid' => um_profile_id(),
+ 'nonce' => wp_create_nonce( $id . um_profile_id() ),
)
);
- /*$url = add_query_arg( 'um_action', $id );
- $url = add_query_arg( 'uid', um_profile_id(), $url );*/
$items[] = '
' . esc_html( $arr['label'] ) . '';
}
return $items;
@@ -2111,32 +2089,15 @@ if ( ! class_exists( 'um\core\User' ) ) {
/**
* This method checks if a user exists or not in your site based on the user ID.
*
- * @usage user()->user_exists_by_id( $user_id ); ?>
+ * @deprecated 2.8.7
*
* @param int $user_id A user ID must be passed to check if the user exists
*
* @return bool|int
- *
- * @example Basic Usage
-
- user()->user_exists_by_id( 15 );
- if ( $boolean ) {
- // That user exists
- }
-
- ?>
-
- *
*/
public function user_exists_by_id( $user_id ) {
- $aux = get_userdata( absint( $user_id ) );
- if ( $aux == false ) {
- return false;
- } else {
- return $user_id;
- }
+ _deprecated_function( __METHOD__, '2.8.7', 'UM()->common()->users()::user_exists' );
+ return UM()->common()->users()::user_exists( $user_id ) ? $user_id : false;
}
/**
diff --git a/includes/core/um-actions-core.php b/includes/core/um-actions-core.php
deleted file mode 100644
index f0e0ef08..00000000
--- a/includes/core/um-actions-core.php
+++ /dev/null
@@ -1,161 +0,0 @@
-user()->user_exists_by_id( $uid ) ) {
- return;
- }
-
- if ( ! empty( $uid ) && is_super_admin( $uid ) ) {
- wp_die( esc_html__( 'Super administrators can not be modified.', 'ultimate-member' ) );
- }
-
- $role = get_role( UM()->roles()->get_priority_user_role( get_current_user_id() ) );
- $can_edit_users = current_user_can( 'edit_users' ) && $role->has_cap( 'edit_users' );
-
- switch ( $action ) {
- default:
- /**
- * UM hook
- *
- * @type action
- * @title um_action_user_request_hook
- * @description Integration for user actions
- * @input_vars
- * [{"var":"$action","type":"string","desc":"Action for user"},
- * {"var":"$user_id","type":"int","desc":"User ID"}]
- * @change_log
- * ["Since: 2.0"]
- * @usage add_action( 'um_action_user_request_hook', 'function_name', 10, 2 );
- * @example
- *
- */
- do_action( 'um_action_user_request_hook', $action, $uid );
- break;
-
- case 'edit':
- UM()->fields()->editing = true;
- if ( ! um_is_myprofile() ) {
- if ( ! UM()->roles()->um_current_user_can( 'edit', um_profile_id() ) ) {
- exit( wp_redirect( UM()->permalinks()->get_current_url( true ) ) );
- }
- } else {
- if ( ! um_can_edit_my_profile() ) {
- $url = um_edit_my_profile_cancel_uri();
- exit( wp_redirect( $url ) );
- }
- }
- break;
-
- case 'um_switch_user':
- if ( ! current_user_can( 'manage_options' ) ) {
- return;
- }
- UM()->user()->auto_login( $uid );
- exit( wp_redirect( UM()->permalinks()->get_current_url( true ) ) );
- break;
-
- case 'um_reject_membership':
- if ( ! $can_edit_users ) {
- wp_die( esc_html__( 'You do not have permission to make this action.', 'ultimate-member' ) );
- }
-
- um_fetch_user( $uid );
- UM()->common()->users()->reject( $uid );
- exit( wp_redirect( UM()->permalinks()->get_current_url( true ) ) );
- break;
-
- case 'um_approve_membership':
- if ( ! $can_edit_users ) {
- wp_die( esc_html__( 'You do not have permission to make this action.', 'ultimate-member' ) );
- }
-
- um_fetch_user( $uid );
-
- UM()->common()->users()->approve( $uid );
- exit( wp_redirect( UM()->permalinks()->get_current_url( true ) ) );
- break;
-
- case 'um_reactivate':
- if ( ! $can_edit_users ) {
- wp_die( esc_html__( 'You do not have permission to make this action.', 'ultimate-member' ) );
- }
-
- um_fetch_user( $uid );
-
- UM()->common()->users()->reactivate( $uid );
- exit( wp_redirect( UM()->permalinks()->get_current_url( true ) ) );
- break;
-
- case 'um_put_as_pending':
- if ( ! $can_edit_users ) {
- wp_die( esc_html__( 'You do not have permission to make this action.', 'ultimate-member' ) );
- }
-
- um_fetch_user( $uid );
- UM()->common()->users()->set_as_pending( $uid );
- exit( wp_redirect( UM()->permalinks()->get_current_url( true ) ) );
- break;
-
- case 'um_resend_activation':
- if ( ! $can_edit_users ) {
- wp_die( esc_html__( 'You do not have permission to make this action.', 'ultimate-member' ) );
- }
-
- um_fetch_user( $uid );
- UM()->common()->users()->send_activation( $uid );
- exit( wp_redirect( UM()->permalinks()->get_current_url( true ) ) );
- break;
-
- case 'um_deactivate':
- if ( ! $can_edit_users ) {
- wp_die( esc_html__( 'You do not have permission to make this action.', 'ultimate-member' ) );
- }
-
- um_fetch_user( $uid );
- UM()->common()->users()->deactivate( $uid );
- exit( wp_redirect( UM()->permalinks()->get_current_url( true ) ) );
- break;
-
- case 'um_delete':
- if ( ! UM()->roles()->um_current_user_can( 'delete', $uid ) ) {
- wp_die( esc_html__( 'You do not have permission to delete this user.', 'ultimate-member' ) );
- }
-
- um_fetch_user( $uid );
- UM()->user()->delete();
- exit( wp_redirect( UM()->permalinks()->get_current_url( true ) ) );
- break;
-
- }
-}
-add_action( 'template_redirect', 'um_action_request_process', 10000 );
diff --git a/includes/core/um-filters-user.php b/includes/core/um-filters-user.php
index c696a411..4d0eb375 100644
--- a/includes/core/um-filters-user.php
+++ b/includes/core/um-filters-user.php
@@ -3,61 +3,6 @@ if ( ! defined( 'ABSPATH' ) ) {
exit;
}
-/**
- * Main admin user actions.
- *
- * @param array $actions
- * @param int $user_id
- *
- * @return array
- */
-function um_admin_user_actions_hook( $actions, $user_id ) {
- um_fetch_user( $user_id );
-
- $role = get_role( UM()->roles()->get_priority_user_role( get_current_user_id() ) );
-
- $can_edit_users = null !== $role && current_user_can( 'edit_users' ) && $role->has_cap( 'edit_users' );
- if ( $can_edit_users ) {
- $account_status = um_user( 'account_status' );
-
- if ( 'awaiting_admin_review' === $account_status ) {
- $actions['um_approve_membership'] = array( 'label' => __( 'Approve Membership', 'ultimate-member' ) );
- $actions['um_reject_membership'] = array( 'label' => __( 'Reject Membership', 'ultimate-member' ) );
- }
-
- if ( 'rejected' === $account_status ) {
- $actions['um_approve_membership'] = array( 'label' => __( 'Approve Membership', 'ultimate-member' ) );
- }
-
- if ( 'approved' === $account_status ) {
- $actions['um_put_as_pending'] = array( 'label' => __( 'Put as Pending Review', 'ultimate-member' ) );
- }
-
- if ( 'awaiting_email_confirmation' === $account_status ) {
- $actions['um_resend_activation'] = array( 'label' => __( 'Resend Activation Email', 'ultimate-member' ) );
- }
-
- if ( 'inactive' !== $account_status ) {
- $actions['um_deactivate'] = array( 'label' => __( 'Deactivate this account', 'ultimate-member' ) );
- }
-
- if ( 'inactive' === $account_status ) {
- $actions['um_reactivate'] = array( 'label' => __( 'Reactivate this account', 'ultimate-member' ) );
- }
- }
-
- if ( UM()->roles()->um_current_user_can( 'delete', $user_id ) ) {
- $actions['um_delete'] = array( 'label' => __( 'Delete this user', 'ultimate-member' ) );
- }
-
- if ( current_user_can( 'manage_options' ) && ! is_super_admin( $user_id ) ) {
- $actions['um_switch_user'] = array( 'label' => __( 'Login as this user', 'ultimate-member' ) );
- }
-
- return $actions;
-}
-add_filter( 'um_admin_user_actions_hook', 'um_admin_user_actions_hook', 10, 2 );
-
/**
* Filter user basename.
*
diff --git a/includes/frontend/class-actions-listener.php b/includes/frontend/class-actions-listener.php
new file mode 100644
index 00000000..467d0a6f
--- /dev/null
+++ b/includes/frontend/class-actions-listener.php
@@ -0,0 +1,207 @@
+common()->users()::user_exists( $user_id ) ) {
+ return;
+ }
+
+ if ( get_current_user_id() === $user_id ) {
+ return;
+ }
+
+ if ( ! empty( $user_id ) && is_super_admin( $user_id ) ) {
+ wp_die( esc_html__( 'Super administrators can not be modified.', 'ultimate-member' ) );
+ }
+
+ $action = sanitize_key( $_REQUEST['um_action'] );
+ // phpcs:enable WordPress.Security.NonceVerification -- there is nonce verification below for each case
+ switch ( $action ) {
+ case 'approve_user':
+ if ( ! wp_verify_nonce( $_REQUEST['nonce'], "approve_user{$user_id}" ) ) {
+ wp_die( esc_html__( 'The link you followed has expired.', 'ultimate-member' ) );
+ }
+
+ if ( ! UM()->common()->users()->can_current_user_edit_user( $user_id ) ) {
+ wp_die( esc_html__( 'You do not have permission to edit this user.', 'ultimate-member' ) );
+ }
+
+ $result = UM()->common()->users()->approve( $user_id );
+ if ( ! $result ) {
+ wp_die( esc_html__( 'Something went wrong.', 'ultimate-member' ) );
+ }
+
+ um_safe_redirect( UM()->permalinks()->get_current_url( true ) );
+ exit;
+ case 'reactivate_user':
+ if ( ! wp_verify_nonce( $_REQUEST['nonce'], "reactivate_user{$user_id}" ) ) {
+ wp_die( esc_html__( 'The link you followed has expired.', 'ultimate-member' ) );
+ }
+
+ if ( ! UM()->common()->users()->can_current_user_edit_user( $user_id ) ) {
+ wp_die( esc_html__( 'You do not have permission to edit this user.', 'ultimate-member' ) );
+ }
+
+ $result = UM()->common()->users()->reactivate( $user_id );
+ if ( ! $result ) {
+ wp_die( esc_html__( 'Something went wrong.', 'ultimate-member' ) );
+ }
+
+ um_safe_redirect( UM()->permalinks()->get_current_url( true ) );
+ exit;
+ case 'put_user_as_pending':
+ if ( ! wp_verify_nonce( $_REQUEST['nonce'], "put_user_as_pending{$user_id}" ) ) {
+ wp_die( esc_html__( 'The link you followed has expired.', 'ultimate-member' ) );
+ }
+
+ if ( ! UM()->common()->users()->can_current_user_edit_user( $user_id ) ) {
+ wp_die( esc_html__( 'You do not have permission to edit this user.', 'ultimate-member' ) );
+ }
+
+ $result = UM()->common()->users()->set_as_pending( $user_id );
+ if ( ! $result ) {
+ wp_die( esc_html__( 'Something went wrong.', 'ultimate-member' ) );
+ }
+
+ um_safe_redirect( UM()->permalinks()->get_current_url( true ) );
+ exit;
+ case 'resend_user_activation':
+ if ( ! wp_verify_nonce( $_REQUEST['nonce'], "resend_user_activation{$user_id}" ) ) {
+ wp_die( esc_html__( 'The link you followed has expired.', 'ultimate-member' ) );
+ }
+
+ if ( ! UM()->common()->users()->can_current_user_edit_user( $user_id ) ) {
+ wp_die( esc_html__( 'You do not have permission to edit this user.', 'ultimate-member' ) );
+ }
+
+ $result = UM()->common()->users()->send_activation( $user_id );
+ if ( ! $result ) {
+ wp_die( esc_html__( 'Something went wrong.', 'ultimate-member' ) );
+ }
+
+ um_safe_redirect( UM()->permalinks()->get_current_url( true ) );
+ exit;
+ case 'reject_user':
+ if ( ! wp_verify_nonce( $_REQUEST['nonce'], "reject_user{$user_id}" ) ) {
+ wp_die( esc_html__( 'The link you followed has expired.', 'ultimate-member' ) );
+ }
+
+ if ( ! UM()->common()->users()->can_current_user_edit_user( $user_id ) ) {
+ wp_die( esc_html__( 'You do not have permission to edit this user.', 'ultimate-member' ) );
+ }
+
+ $result = UM()->common()->users()->reject( $user_id );
+ if ( ! $result ) {
+ wp_die( esc_html__( 'Something went wrong.', 'ultimate-member' ) );
+ }
+
+ um_safe_redirect( UM()->permalinks()->get_current_url( true ) );
+ exit;
+ case 'deactivate_user':
+ if ( ! wp_verify_nonce( $_REQUEST['nonce'], "deactivate_user{$user_id}" ) ) {
+ wp_die( esc_html__( 'The link you followed has expired.', 'ultimate-member' ) );
+ }
+
+ if ( ! UM()->common()->users()->can_current_user_edit_user( $user_id ) ) {
+ wp_die( esc_html__( 'You do not have permission to edit this user.', 'ultimate-member' ) );
+ }
+
+ $result = UM()->common()->users()->deactivate( $user_id );
+ if ( ! $result ) {
+ wp_die( esc_html__( 'Something went wrong.', 'ultimate-member' ) );
+ }
+
+ um_safe_redirect( UM()->permalinks()->get_current_url( true ) );
+ exit;
+ case 'switch_user':
+ if ( ! current_user_can( 'manage_options' ) ) {
+ return;
+ }
+
+ if ( ! wp_verify_nonce( $_REQUEST['nonce'], "switch_user{$user_id}" ) ) {
+ wp_die( esc_html__( 'The link you followed has expired.', 'ultimate-member' ) );
+ }
+
+ UM()->user()->auto_login( $user_id );
+
+ um_safe_redirect( UM()->permalinks()->get_current_url( true ) );
+ exit;
+ case 'delete':
+ if ( ! wp_verify_nonce( $_REQUEST['nonce'], "delete{$user_id}" ) ) {
+ wp_die( esc_html__( 'The link you followed has expired.', 'ultimate-member' ) );
+ }
+
+ if ( ! UM()->roles()->um_current_user_can( 'delete', $user_id ) ) {
+ wp_die( esc_html__( 'You do not have permission to delete this user.', 'ultimate-member' ) );
+ }
+
+ um_fetch_user( $user_id );
+ UM()->user()->delete();
+
+ um_safe_redirect( UM()->permalinks()->get_current_url( true ) );
+ exit;
+ default:
+ /**
+ * UM hook
+ *
+ * @type action
+ * @title um_action_user_request_hook
+ * @description Integration for user actions
+ * @input_vars
+ * [{"var":"$action","type":"string","desc":"Action for user"},
+ * {"var":"$user_id","type":"int","desc":"User ID"}]
+ * @change_log
+ * ["Since: 2.0"]
+ * @usage add_action( 'um_action_user_request_hook', 'function_name', 10, 2 );
+ * @example
+ *
+ */
+ do_action( 'um_action_user_request_hook', $action, $user_id );
+ break;
+ }
+ }
+ }
+}
diff --git a/includes/frontend/class-init.php b/includes/frontend/class-init.php
index b34cd983..1d3d460f 100644
--- a/includes/frontend/class-init.php
+++ b/includes/frontend/class-init.php
@@ -20,9 +20,25 @@ if ( ! class_exists( 'um\frontend\Init' ) ) {
* @used-by \UM::includes()
*/
public function includes() {
+ $this->actions_listener();
$this->enqueue();
$this->modal();
$this->secure();
+ $this->user_profile();
+ $this->users();
+ }
+
+ /**
+ * @since 2.8.7
+ *
+ * @return Actions_Listener
+ */
+ public function actions_listener() {
+ if ( empty( UM()->classes['um\frontend\actions_listener'] ) ) {
+ UM()->classes['um\frontend\actions_listener'] = new Actions_Listener();
+ }
+
+ return UM()->classes['um\frontend\actions_listener'];
}
/**
@@ -62,5 +78,29 @@ if ( ! class_exists( 'um\frontend\Init' ) ) {
}
return UM()->classes['um\frontend\secure'];
}
+
+ /**
+ * @since 2.8.7
+ *
+ * @return User_Profile
+ */
+ public function user_profile() {
+ if ( empty( UM()->classes['um\frontend\user_profile'] ) ) {
+ UM()->classes['um\frontend\user_profile'] = new User_Profile();
+ }
+ return UM()->classes['um\frontend\user_profile'];
+ }
+
+ /**
+ * @since 2.8.7
+ *
+ * @return Users
+ */
+ public function users() {
+ if ( empty( UM()->classes['um\frontend\users'] ) ) {
+ UM()->classes['um\frontend\users'] = new Users();
+ }
+ return UM()->classes['um\frontend\users'];
+ }
}
}
diff --git a/includes/frontend/class-user-profile.php b/includes/frontend/class-user-profile.php
new file mode 100644
index 00000000..f77cd3cc
--- /dev/null
+++ b/includes/frontend/class-user-profile.php
@@ -0,0 +1,69 @@
+common()->users()::user_exists( $uid ) ) {
+ return;
+ }
+
+ if ( ! empty( $uid ) && is_super_admin( $uid ) ) {
+ wp_die( esc_html__( 'Super administrators can not be modified.', 'ultimate-member' ) );
+ }
+
+ UM()->fields()->editing = true;
+
+ if ( ! um_is_myprofile() && ! UM()->roles()->um_current_user_can( 'edit', um_profile_id() ) ) {
+ um_safe_redirect( UM()->permalinks()->get_current_url( true ) );
+ exit;
+ }
+
+ if ( ! um_can_edit_my_profile() ) {
+ um_safe_redirect( um_edit_my_profile_cancel_uri() );
+ exit;
+ }
+ }
+ }
+}
diff --git a/includes/frontend/class-users.php b/includes/frontend/class-users.php
new file mode 100644
index 00000000..585cbcd9
--- /dev/null
+++ b/includes/frontend/class-users.php
@@ -0,0 +1,81 @@
+roles()->get_priority_user_role( get_current_user_id() );
+ $role = get_role( $priority_role );
+
+ $can_edit_users = null !== $role && current_user_can( 'edit_users' ) && $role->has_cap( 'edit_users' );
+ if ( $can_edit_users ) {
+ if ( UM()->common()->users()->can_be_approved( $user_id ) ) {
+ $actions['approve_user'] = array( 'label' => __( 'Approve Membership', 'ultimate-member' ) );
+ }
+ if ( UM()->common()->users()->can_be_reactivated( $user_id ) ) {
+ $actions['reactivate_user'] = array( 'label' => __( 'Reactivate this account', 'ultimate-member' ) );
+ }
+ if ( UM()->common()->users()->can_be_set_as_pending( $user_id ) ) {
+ $actions['put_user_as_pending'] = array( 'label' => __( 'Put as Pending Review', 'ultimate-member' ) );
+ }
+ if ( UM()->common()->users()->can_activation_send( $user_id ) ) {
+ $actions['resend_user_activation'] = array( 'label' => __( 'Resend Activation Email', 'ultimate-member' ) );
+ }
+ if ( UM()->common()->users()->can_be_rejected( $user_id ) ) {
+ $actions['reject_user'] = array( 'label' => __( 'Reject Membership', 'ultimate-member' ) );
+ }
+ if ( UM()->common()->users()->can_be_deactivated( $user_id ) ) {
+ $actions['deactivate_user'] = array( 'label' => __( 'Deactivate this account', 'ultimate-member' ) );
+ }
+ }
+
+ if ( UM()->roles()->um_current_user_can( 'delete', $user_id ) ) {
+ $actions['delete'] = array( 'label' => __( 'Delete this user', 'ultimate-member' ) );
+ }
+
+ if ( current_user_can( 'manage_options' ) && ! is_super_admin( $user_id ) ) {
+ $actions['switch_user'] = array( 'label' => __( 'Login as this user', 'ultimate-member' ) );
+ }
+
+ /**
+ * Filters users actions list in Ultimate Member frontend.
+ *
+ * @since 1.3.x
+ * @hook um_admin_user_actions_hook
+ *
+ * @param {array} $actions CPT keys.
+ * @param {int} $user_id User ID.
+ *
+ * @return {array} CPT keys.
+ *
+ * @example
Add `um_custom_action` action to the users actions list on frontend.
+ * function um_custom_admin_user_actions_hook( $actions, $user_id ) {
+ * $actions['um_custom_action'] = array( 'label' => 'um_custom_action_label' );
+ * return $actions;
+ * }
+ * add_filter( 'um_admin_user_actions_hook', 'um_custom_admin_user_actions_hook', 10, 2 );
+ */
+ return apply_filters( 'um_admin_user_actions_hook', $actions, $user_id );
+ }
+}
diff --git a/includes/um-deprecated-hooks.php b/includes/um-deprecated-hooks.php
index 0a0fa5c7..3231ab27 100644
--- a/includes/um-deprecated-hooks.php
+++ b/includes/um-deprecated-hooks.php
@@ -65,3 +65,33 @@ if ( ! defined( 'ABSPATH' ) ) {
*
* @param {int} $user_id User ID. Since 2.0
*/
+
+/**
+ * Fires for handle admin user_action scripts.
+ *
+ * @since 1.3.x
+ * @depecated 2.8.7 WordPress native `handle_bulk_actions-users` hook is used. Use action hook `um_handle_bulk_actions-users-{$current_action}` for custom user bulk actions instead.
+ * @hook um_admin_user_action_hook
+ *
+ * @param {string} $bulk_action Bulk action key
+ */
+
+/**
+ * Fires for handle admin user_action scripts.
+ * Where $bulk_action is a bulk action key
+ *
+ * @since 1.3.x
+ * @depecated 2.8.7 WordPress native `handle_bulk_actions-users` hook is used. Use action hook `um_handle_bulk_actions-users-{$current_action}` for custom user bulk actions instead.
+ * @hook um_admin_user_action_{$bulk_action}_hook
+ */
+
+/**
+ * Fires for handle custom admin user_action scripts.
+ * Where $action is a bulk action key
+ *
+ * @since 1.3.x
+ * @depecated 2.8.7 WordPress native `handle_bulk_actions-users` hook is used. Use action hook `um_handle_bulk_actions-users-{$current_action}` for custom user bulk actions instead.
+ * @hook um_admin_custom_hook_{$action}
+ *
+ * @param {int} $user_id User ID.
+ */