Changeset 42343 for trunk/src/wp-admin/includes/user.php

Timestamp:

11/30/2017 11:09:33 PM (8 years ago)

Author:

pento

Message:

Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.

File:

• trunk/src/wp-admin/includes/user.php (modified) (21 diffs)

trunk/src/wp-admin/includes/user.php

@@ -30 +30 @@
 function edit_user( $user_id = 0 ) {
     $wp_roles = wp_roles();
-    $user = new stdClass;
+    $user     = new stdClass;
     if ( $user_id ) {
-        $update = true;
-        $user->ID = (int) $user_id;
-        $userdata = get_userdata( $user_id );
+        $update           = true;
+        $user->ID         = (int) $user_id;
+        $userdata         = get_userdata( $user_id );
         $user->user_login = wp_slash( $userdata->user_login );
     } else {
@@ -40 +40 @@
     }
 
-    if ( !$update && isset( $_POST['user_login'] ) )
-        $user->user_login = sanitize_user($_POST['user_login'], true);
+    if ( ! $update && isset( $_POST['user_login'] ) ) {
+        $user->user_login = sanitize_user( $_POST['user_login'], true );
+    }
 
     $pass1 = $pass2 = '';
-    if ( isset( $_POST['pass1'] ) )
+    if ( isset( $_POST['pass1'] ) ) {
         $pass1 = $_POST['pass1'];
-    if ( isset( $_POST['pass2'] ) )
+    }
+    if ( isset( $_POST['pass2'] ) ) {
         $pass2 = $_POST['pass2'];
+    }
 
     if ( isset( $_POST['role'] ) && current_user_can( 'edit_users' ) ) {
-        $new_role = sanitize_text_field( $_POST['role'] );
-        $potential_role = isset($wp_roles->role_objects[$new_role]) ? $wp_roles->role_objects[$new_role] : false;
+        $new_role       = sanitize_text_field( $_POST['role'] );
+        $potential_role = isset( $wp_roles->role_objects[ $new_role ] ) ? $wp_roles->role_objects[ $new_role ] : false;
         // Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
         // Multisite super admins can freely edit their blog roles -- they possess all caps.
-        if ( ( is_multisite() && current_user_can( 'manage_sites' ) ) || $user_id != get_current_user_id() || ($potential_role && $potential_role->has_cap( 'edit_users' ) ) )
+        if ( ( is_multisite() && current_user_can( 'manage_sites' ) ) || $user_id != get_current_user_id() || ( $potential_role && $potential_role->has_cap( 'edit_users' ) ) ) {
             $user->role = $new_role;
+        }
 
         // If the new role isn't editable by the logged-in user die with error
         $editable_roles = get_editable_roles();
-        if ( ! empty( $new_role ) && empty( $editable_roles[$new_role] ) )
+        if ( ! empty( $new_role ) && empty( $editable_roles[ $new_role ] ) ) {
             wp_die( __( 'Sorry, you are not allowed to give users that role.' ), 403 );
-    }
-
-    if ( isset( $_POST['email'] ))
+        }
+    }
+
+    if ( isset( $_POST['email'] ) ) {
         $user->user_email = sanitize_text_field( wp_unslash( $_POST['email'] ) );
+    }
     if ( isset( $_POST['url'] ) ) {
-        if ( empty ( $_POST['url'] ) || $_POST['url'] == 'http://' ) {
+        if ( empty( $_POST['url'] ) || $_POST['url'] == 'http://' ) {
             $user->user_url = '';
         } else {
             $user->user_url = esc_url_raw( $_POST['url'] );
-            $protocols = implode( '|', array_map( 'preg_quote', wp_allowed_protocols() ) );
-            $user->user_url = preg_match('/^(' . $protocols . '):/is', $user->user_url) ? $user->user_url : 'http://'.$user->user_url;
-        }
-    }
-    if ( isset( $_POST['first_name'] ) )
+            $protocols      = implode( '|', array_map( 'preg_quote', wp_allowed_protocols() ) );
+            $user->user_url = preg_match( '/^(' . $protocols . '):/is', $user->user_url ) ? $user->user_url : 'http://' . $user->user_url;
+        }
+    }
+    if ( isset( $_POST['first_name'] ) ) {
         $user->first_name = sanitize_text_field( $_POST['first_name'] );
-    if ( isset( $_POST['last_name'] ) )
+    }
+    if ( isset( $_POST['last_name'] ) ) {
         $user->last_name = sanitize_text_field( $_POST['last_name'] );
-    if ( isset( $_POST['nickname'] ) )
+    }
+    if ( isset( $_POST['nickname'] ) ) {
         $user->nickname = sanitize_text_field( $_POST['nickname'] );
-    if ( isset( $_POST['display_name'] ) )
+    }
+    if ( isset( $_POST['display_name'] ) ) {
         $user->display_name = sanitize_text_field( $_POST['display_name'] );
-
-    if ( isset( $_POST['description'] ) )
+    }
+
+    if ( isset( $_POST['description'] ) ) {
         $user->description = trim( $_POST['description'] );
+    }
 
     foreach ( wp_get_user_contact_methods( $user ) as $method => $name ) {
-        if ( isset( $_POST[$method] ))
-            $user->$method = sanitize_text_field( $_POST[$method] );
+        if ( isset( $_POST[ $method ] ) ) {
+            $user->$method = sanitize_text_field( $_POST[ $method ] );
+        }
     }
 
     if ( $update ) {
-        $user->rich_editing = isset( $_POST['rich_editing'] ) && 'false' === $_POST['rich_editing'] ? 'false' : 'true';
-        $user->syntax_highlighting = isset( $_POST['syntax_highlighting'] ) && 'false' === $_POST['syntax_highlighting'] ? 'false' : 'true';
-        $user->admin_color = isset( $_POST['admin_color'] ) ? sanitize_text_field( $_POST['admin_color'] ) : 'fresh';
+        $user->rich_editing         = isset( $_POST['rich_editing'] ) && 'false' === $_POST['rich_editing'] ? 'false' : 'true';
+        $user->syntax_highlighting  = isset( $_POST['syntax_highlighting'] ) && 'false' === $_POST['syntax_highlighting'] ? 'false' : 'true';
+        $user->admin_color          = isset( $_POST['admin_color'] ) ? sanitize_text_field( $_POST['admin_color'] ) : 'fresh';
         $user->show_admin_bar_front = isset( $_POST['admin_bar_front'] ) ? 'true' : 'false';
-        $user->locale = '';
+        $user->locale               = '';
 
         if ( isset( $_POST['locale'] ) ) {
@@ -115 +127 @@
 
     $user->use_ssl = 0;
-    if ( !empty($_POST['use_ssl']) )
+    if ( ! empty( $_POST['use_ssl'] ) ) {
         $user->use_ssl = 1;
+    }
 
     $errors = new WP_Error();
 
     /* checking that username has been typed */
-    if ( $user->user_login == '' )
+    if ( $user->user_login == '' ) {
         $errors->add( 'user_login', __( '<strong>ERROR</strong>: Please enter a username.' ) );
+    }
 
     /* checking that nickname has been typed */
@@ -146 +160 @@
 
     // Check for "\" in password.
-    if ( false !== strpos( wp_unslash( $pass1 ), "\\" ) ) {
+    if ( false !== strpos( wp_unslash( $pass1 ), '\\' ) ) {
         $errors->add( 'pass', __( '<strong>ERROR</strong>: Passwords may not contain the character "\\".' ), array( 'form-field' => 'pass1' ) );
     }
@@ -155 +169 @@
     }
 
-    if ( !empty( $pass1 ) )
+    if ( ! empty( $pass1 ) ) {
         $user->user_pass = $pass1;
-
-    if ( !$update && isset( $_POST['user_login'] ) && !validate_username( $_POST['user_login'] ) )
-        $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ));
-
-    if ( !$update && username_exists( $user->user_login ) )
-        $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' ));
+    }
+
+    if ( ! $update && isset( $_POST['user_login'] ) && ! validate_username( $_POST['user_login'] ) ) {
+        $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ) );
+    }
+
+    if ( ! $update && username_exists( $user->user_login ) ) {
+        $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' ) );
+    }
 
     /** This filter is documented in wp-includes/user.php */
@@ -174 +191 @@
     if ( empty( $user->user_email ) ) {
         $errors->add( 'empty_email', __( '<strong>ERROR</strong>: Please enter an email address.' ), array( 'form-field' => 'email' ) );
-    } elseif ( !is_email( $user->user_email ) ) {
+    } elseif ( ! is_email( $user->user_email ) ) {
         $errors->add( 'invalid_email', __( '<strong>ERROR</strong>: The email address isn&#8217;t correct.' ), array( 'form-field' => 'email' ) );
-    } elseif ( ( $owner_id = email_exists($user->user_email) ) && ( !$update || ( $owner_id != $user->ID ) ) ) {
-        $errors->add( 'email_exists', __('<strong>ERROR</strong>: This email is already registered, please choose another one.'), array( 'form-field' => 'email' ) );
+    } elseif ( ( $owner_id = email_exists( $user->user_email ) ) && ( ! $update || ( $owner_id != $user->ID ) ) ) {
+        $errors->add( 'email_exists', __( '<strong>ERROR</strong>: This email is already registered, please choose another one.' ), array( 'form-field' => 'email' ) );
     }
 
@@ -191 +208 @@
     do_action_ref_array( 'user_profile_update_errors', array( &$errors, $update, &$user ) );
 
-    if ( $errors->get_error_codes() )
+    if ( $errors->get_error_codes() ) {
         return $errors;
+    }
 
     if ( $update ) {
@@ -256 +274 @@
     $user = get_userdata( $user_id );
 
-    if ( $user )
+    if ( $user ) {
         $user->filter = 'edit';
+    }
 
     return $user;
@@ -274 +293 @@
 function get_users_drafts( $user_id ) {
     global $wpdb;
-    $query = $wpdb->prepare("SELECT ID, post_title FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'draft' AND post_author = %d ORDER BY post_modified DESC", $user_id);
+    $query = $wpdb->prepare( "SELECT ID, post_title FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'draft' AND post_author = %d ORDER BY post_modified DESC", $user_id );
 
     /**
@@ -310 +329 @@
     }
 
-    $id = (int) $id;
+    $id   = (int) $id;
     $user = new WP_User( $id );
 
-    if ( !$user->exists() )
+    if ( ! $user->exists() ) {
         return false;
+    }
 
     // Normalize $reassign to null or a user ID. 'novalue' was an older default.
@@ -354 +374 @@
         $post_types_to_delete = apply_filters( 'post_types_to_delete_with_user', $post_types_to_delete, $id );
         $post_types_to_delete = implode( "', '", $post_types_to_delete );
-        $post_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_author = %d AND post_type IN ('$post_types_to_delete')", $id ) );
+        $post_ids             = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_author = %d AND post_type IN ('$post_types_to_delete')", $id ) );
         if ( $post_ids ) {
-            foreach ( $post_ids as $post_id )
+            foreach ( $post_ids as $post_id ) {
                 wp_delete_post( $post_id );
+            }
         }
 
         // Clean links
-        $link_ids = $wpdb->get_col( $wpdb->prepare("SELECT link_id FROM $wpdb->links WHERE link_owner = %d", $id) );
+        $link_ids = $wpdb->get_col( $wpdb->prepare( "SELECT link_id FROM $wpdb->links WHERE link_owner = %d", $id ) );
 
         if ( $link_ids ) {
-            foreach ( $link_ids as $link_id )
-                wp_delete_link($link_id);
+            foreach ( $link_ids as $link_id ) {
+                wp_delete_link( $link_id );
+            }
         }
     } else {
         $post_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_author = %d", $id ) );
-        $wpdb->update( $wpdb->posts, array('post_author' => $reassign), array('post_author' => $id) );
+        $wpdb->update( $wpdb->posts, array( 'post_author' => $reassign ), array( 'post_author' => $id ) );
         if ( ! empty( $post_ids ) ) {
-            foreach ( $post_ids as $post_id )
+            foreach ( $post_ids as $post_id ) {
                 clean_post_cache( $post_id );
-        }
-        $link_ids = $wpdb->get_col( $wpdb->prepare("SELECT link_id FROM $wpdb->links WHERE link_owner = %d", $id) );
-        $wpdb->update( $wpdb->links, array('link_owner' => $reassign), array('link_owner' => $id) );
+            }
+        }
+        $link_ids = $wpdb->get_col( $wpdb->prepare( "SELECT link_id FROM $wpdb->links WHERE link_owner = %d", $id ) );
+        $wpdb->update( $wpdb->links, array( 'link_owner' => $reassign ), array( 'link_owner' => $id ) );
         if ( ! empty( $link_ids ) ) {
-            foreach ( $link_ids as $link_id )
+            foreach ( $link_ids as $link_id ) {
                 clean_bookmark_cache( $link_id );
+            }
         }
     }
@@ -387 +411 @@
     } else {
         $meta = $wpdb->get_col( $wpdb->prepare( "SELECT umeta_id FROM $wpdb->usermeta WHERE user_id = %d", $id ) );
-        foreach ( $meta as $mid )
+        foreach ( $meta as $mid ) {
             delete_metadata_by_mid( 'user', $mid );
+        }
 
         $wpdb->delete( $wpdb->users, array( 'ID' => $id ) );
@@ -416 +441 @@
  * @param int $id User ID.
  */
-function wp_revoke_user($id) {
+function wp_revoke_user( $id ) {
     $id = (int) $id;
 
-    $user = new WP_User($id);
+    $user = new WP_User( $id );
     $user->remove_all_caps();
 }
@@ -430 +455 @@
  * @param false $errors Deprecated.
  */
-function default_password_nag_handler($errors = false) {
+function default_password_nag_handler( $errors = false ) {
     global $user_ID;
     // Short-circuit it.
-    if ( ! get_user_option('default_password_nag') )
+    if ( ! get_user_option( 'default_password_nag' ) ) {
         return;
+    }
 
     // get_user_setting = JS saved UI setting. else no-js-fallback code.
-    if ( 'hide' == get_user_setting('default_password_nag') || isset($_GET['default_password_nag']) && '0' == $_GET['default_password_nag'] ) {
-        delete_user_setting('default_password_nag');
-        update_user_option($user_ID, 'default_password_nag', false, true);
+    if ( 'hide' == get_user_setting( 'default_password_nag' ) || isset( $_GET['default_password_nag'] ) && '0' == $_GET['default_password_nag'] ) {
+        delete_user_setting( 'default_password_nag' );
+        update_user_option( $user_ID, 'default_password_nag', false, true );
     }
 }
@@ -449 +475 @@
  * @param object $old_data
  */
-function default_password_nag_edit_user($user_ID, $old_data) {
+function default_password_nag_edit_user( $user_ID, $old_data ) {
     // Short-circuit it.
-    if ( ! get_user_option('default_password_nag', $user_ID) )
+    if ( ! get_user_option( 'default_password_nag', $user_ID ) ) {
         return;
-
-    $new_data = get_userdata($user_ID);
+    }
+
+    $new_data = get_userdata( $user_ID );
 
     // Remove the nag if the password has been changed.
     if ( $new_data->user_pass != $old_data->user_pass ) {
-        delete_user_setting('default_password_nag');
-        update_user_option($user_ID, 'default_password_nag', false, true);
+        delete_user_setting( 'default_password_nag' );
+        update_user_option( $user_ID, 'default_password_nag', false, true );
     }
 }
@@ -471 +498 @@
     global $pagenow;
     // Short-circuit it.
-    if ( 'profile.php' == $pagenow || ! get_user_option('default_password_nag') )
+    if ( 'profile.php' == $pagenow || ! get_user_option( 'default_password_nag' ) ) {
         return;
+    }
 
     echo '<div class="error default-password-nag">';
     echo '<p>';
-    echo '<strong>' . __('Notice:') . '</strong> ';
-    _e('You&rsquo;re using the auto-generated password for your account. Would you like to change it?');
+    echo '<strong>' . __( 'Notice:' ) . '</strong> ';
+    _e( 'You&rsquo;re using the auto-generated password for your account. Would you like to change it?' );
     echo '</p><p>';
-    printf( '<a href="%s">' . __('Yes, take me to my profile page') . '</a> | ', get_edit_profile_url() . '#password' );
-    printf( '<a href="%s" id="default-password-nag-no">' . __('No thanks, do not remind me again') . '</a>', '?default_password_nag=0' );
+    printf( '<a href="%s">' . __( 'Yes, take me to my profile page' ) . '</a> | ', get_edit_profile_url() . '#password' );
+    printf( '<a href="%s" id="default-password-nag-no">' . __( 'No thanks, do not remind me again' ) . '</a>', '?default_password_nag=0' );
     echo '</p></div>';
 }
@@ -488 +516 @@
  * @access private
  */
-function delete_users_add_js() { ?>
+function delete_users_add_js() {
+    ?>
 <script>
 jQuery(document).ready( function($) {
@@ -512 +541 @@
  * @param object $user User data object
  */
-function use_ssl_preference($user) {
+function use_ssl_preference( $user ) {
 ?>
     <tr class="user-use-ssl-wrap">
-        <th scope="row"><?php _e('Use https')?></th>
-        <td><label for="use_ssl"><input name="use_ssl" type="checkbox" id="use_ssl" value="1" <?php checked('1', $user->use_ssl); ?> /> <?php _e('Always use https when visiting the admin'); ?></label></td>
+        <th scope="row"><?php _e( 'Use https' ); ?></th>
+        <td><label for="use_ssl"><input name="use_ssl" type="checkbox" id="use_ssl" value="1" <?php checked( '1', $user->use_ssl ); ?> /> <?php _e( 'Always use https when visiting the admin' ); ?></label></td>
     </tr>
 <?php
@@ -522 +551 @@
 
 /**
- *
  * @param string $text
  * @return string
@@ -528 +556 @@
 function admin_created_user_email( $text ) {
     $roles = get_editable_roles();
-    $role = $roles[ $_REQUEST['role'] ];
+    $role  = $roles[ $_REQUEST['role'] ];
     /* translators: 1: Site name, 2: site URL, 3: role */
-    return sprintf( __( 'Hi,
+    return sprintf(
+        __(
+            'Hi,
 You\'ve been invited to join \'%1$s\' at
 %2$s with the role of %3$s.
@@ -537 +567 @@
 
 Please click the following link to activate your user account:
-%%s' ), wp_specialchars_decode( get_bloginfo( 'name' ), ENT_QUOTES ), home_url(), wp_specialchars_decode( translate_user_role( $role['name'] ) ) );
-}
+%%s'
+        ), wp_specialchars_decode( get_bloginfo( 'name' ), ENT_QUOTES ), home_url(), wp_specialchars_decode( translate_user_role( $role['name'] ) )
+    );
+}