From 009a8b376b9cc610042c821f3792347fc25e09c9 Mon Sep 17 00:00:00 2001 From: Gabe Habayeb Date: Thu, 4 Jan 2018 11:48:42 -0500 Subject: [PATCH 1/5] added bulk action --- .DS_Store | Bin 0 -> 6148 bytes composer.json | 7 + init.php | 273 +++++++++++++++++++--------- languages/ja_disable_users-pl_PL.mo | Bin languages/ja_disable_users-pl_PL.po | 0 languages/ja_disable_users-sv_SE.mo | Bin 0 -> 1257 bytes languages/ja_disable_users-sv_SE.po | 52 ++++++ languages/ja_disable_users.pot | 40 +++- readme.txt | 8 + 9 files changed, 290 insertions(+), 90 deletions(-) create mode 100644 .DS_Store create mode 100755 composer.json mode change 100644 => 100755 init.php mode change 100644 => 100755 languages/ja_disable_users-pl_PL.mo mode change 100644 => 100755 languages/ja_disable_users-pl_PL.po create mode 100755 languages/ja_disable_users-sv_SE.mo create mode 100755 languages/ja_disable_users-sv_SE.po mode change 100644 => 100755 languages/ja_disable_users.pot mode change 100644 => 100755 readme.txt diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..a5c424f5bb1f1ff0d234e5b5f73dc9f0ce05057e GIT binary patch literal 6148 zcmeHK%}T>S5Z-O8CWx4WV2`!HQk;z05jr6N$d45UMg3%ws$mL*YrK@!5+p_ zJ9W}Y(s9Ojq8E6+tL*DI4(GPx-UR-%XB?czQR)PdKVC?`zYQWUo_69%U7 zt(d51RI}{#q+T^fI9B9-3?tIEsGc+27b=~o)0D{qNT8qD2@(j@b?kp z6+{%U@hyR9Dzp?95+MS@WhtO6l2M8mJ)#{*-}l8Rt`) literal 0 HcmV?d00001 diff --git a/composer.json b/composer.json new file mode 100755 index 0000000..ac94ab8 --- /dev/null +++ b/composer.json @@ -0,0 +1,7 @@ +{ + "name" : "jaredatch/Disable-Users", + "type" : "wordpress-plugin", + "require" : { + "composer/installers": "~1.0" + } +} \ No newline at end of file diff --git a/init.php b/init.php old mode 100644 new mode 100755 index cafae69..638dc4e --- a/init.php +++ b/init.php @@ -3,22 +3,22 @@ * Plugin Name: Disable Users * Plugin URI: http://wordpress.org/extend/disable-users * Description: This plugin provides the ability to disable specific user accounts. - * Version: 1.0.5 - * Author: Jared Atchison - * Author URI: http://jaredatchison.com + * Version: 2.0 + * Author: Jared Atchison, khromov + * Author URI: http://jaredatchison.com * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * @author Jared Atchison - * @version 1.0.5 + * @version 2.0 * @package JA_DisableUsers * @copyright Copyright (c) 2015, Jared Atchison * @link http://jaredatchison.com @@ -35,18 +35,99 @@ final class ja_disable_users { function __construct() { // Actions - add_action( 'init', array( $this, 'load_textdomain' ) ); - add_action( 'show_user_profile', array( $this, 'use_profile_field' ) ); - add_action( 'edit_user_profile', array( $this, 'use_profile_field' ) ); - add_action( 'personal_options_update', array( $this, 'user_profile_field_save' ) ); - add_action( 'edit_user_profile_update', array( $this, 'user_profile_field_save' ) ); - add_action( 'wp_login', array( $this, 'user_login' ), 10, 2 ); + add_action( 'init', array( $this, 'load_textdomain' ) ); + add_action( 'show_user_profile', array( $this, 'use_profile_field' ) ); + add_action( 'edit_user_profile', array( $this, 'use_profile_field' ) ); + add_action( 'personal_options_update', array( $this, 'user_profile_field_save' ) ); + add_action( 'edit_user_profile_update', array( $this, 'user_profile_field_save' ) ); add_action( 'manage_users_custom_column', array( $this, 'manage_users_column_content' ), 10, 3 ); - add_action( 'admin_footer-users.php', array( $this, 'manage_users_css' ) ); - + add_action( 'admin_footer-users.php', array( $this, 'manage_users_css' ) ); + add_action( 'admin_post_ja_disable_user', array( $this, 'toggle_user' ) ); + add_action( 'admin_post_ja_enable_user', array( $this, 'toggle_user' ) ); + // Filters - add_filter( 'login_message', array( $this, 'user_login_message' ) ); - add_filter( 'manage_users_columns', array( $this, 'manage_users_columns' ) ); + add_filter( 'manage_users_columns', array( $this, 'manage_users_columns' ) ); + add_filter( 'wpmu_users_columns', array( $this, 'manage_users_columns' ) ); + add_filter( 'authenticate', array( $this, 'user_login' ), 1000, 3 ); + add_filter( 'bulk_actions-users', array( $this, 'register_my_bulk_actions' ) ); + add_filter( 'handle_bulk_actions-users', array( $this,'my_bulk_action_handler'), 10, 3 ); + + + } + + public function my_bulk_action_handler( $redirect_to, $doaction, $userIDs ) { + if ( $doaction !== 'toggle_user' ) { + return $redirect_to; + } + + if ( current_user_can( $this->get_edit_cap() ) ) { + + foreach ( $userIDs as $userID ) { + // Perform action for each post. + if ( is_multisite() && is_super_admin( (int) $userID ) ) { + wp_die( __( 'Super admins can not be disabled.', 'ja_disable_users' ) ); + } + + $user_disabled = get_the_author_meta( 'ja_disable_user', $userID ); + if($user_disabled) { + $nonce_name = 'ja_enable_user_' ; + } else { + $nonce_name = 'ja_disable_user_' ; + } + + update_user_meta( (int) $userID, 'ja_disable_user', ( $nonce_name === 'ja_disable_user_' ? true : false ) ); + $sessions = WP_Session_Tokens::get_instance( (int) $userID ); + $sessions->destroy_all(); + + } + } + // $redirect_to = add_query_arg( 'bulk_emailed_posts', count( $post_ids ), $redirect_to ); + return $redirect_to; + } + public function register_my_bulk_actions($bulk_actions) { + $bulk_actions['toggle_user'] = __( 'Toggle User Permission', 'toggle_user'); + return $bulk_actions; + } + + + /** + * Gets the capability associated with banning a user + * @return string + */ + function get_edit_cap() { + return is_multisite() ? 'manage_network_users' : 'edit_users'; + } + + /** + * Toggles the users disabled status + * + * @since 1.1.0 + */ + function toggle_user() { + $nonce_name = ( isset( $_GET['action'] ) && $_GET['action'] === 'ja_disable_user' ) ? 'ja_disable_user_' : 'ja_enable_user_'; + if ( current_user_can( $this->get_edit_cap() ) && isset( $_GET['ja_user_id'] ) && isset( $_GET['ja_nonce'] ) && wp_verify_nonce( $_GET['ja_nonce'], $nonce_name . $_GET['ja_user_id'] ) ) { + + //Don't disable super admins + if ( is_multisite() && is_super_admin( (int) $_GET['ja_user_id'] ) ) { + wp_die( __( 'Super admins can not be disabled.', 'ja_disable_users' ) ); + } + + update_user_meta( (int) $_GET['ja_user_id'], 'ja_disable_user', ( $nonce_name === 'ja_disable_user_' ? true : false ) ); + + //Log out user - https://wordpress.stackexchange.com/questions/184161/destroy-user-sessions-based-on-user-id + $sessions = WP_Session_Tokens::get_instance( (int) $_GET['ja_user_id'] ); + $sessions->destroy_all(); + + //Redirect back + if ( isset( $_GET['ja_return_url'] ) ) { + wp_safe_redirect( $_GET['ja_return_url'] ); + exit; + } else { + wp_die( __( 'The user has been updated.', 'ja_disable_users' ) ); + } + } else { + wp_die( __( 'You are not allowed to perform this action, or your nonce expired.', 'ja_disable_users' ) ); + } } /** @@ -65,27 +146,35 @@ public function load_textdomain() { * Add the field to user profiles * * @since 1.0.0 + * * @param object $user */ public function use_profile_field( $user ) { + //Super admins can not be banned + if ( is_multisite() && is_super_admin( $user->ID ) ) { + return; + } + // Only show this option to users who can delete other users - if ( !current_user_can( 'edit_users' ) ) + if ( ! current_user_can( $this->get_edit_cap() ) ) { return; + } ?> - - - - - - - -
- - - ID ) ); ?> /> - -
+ + + + + + + +
+ + + ID ) ); ?> /> + +
get_edit_cap() ) ) { return; + } - if ( !isset( $_POST['ja_disable_user'] ) ) { - $disabled = 0; + if ( ! isset( $_POST['ja_disable_user'] ) ) { + $disabled = false; } else { - $disabled = $_POST['ja_disable_user']; + $disabled = (int) $_POST['ja_disable_user'] ? true : false; } - + update_user_meta( $user_id, 'ja_disable_user', $disabled ); } /** - * After login check to see if user account is disabled + * @param $user + * @param $username + * @param $password * - * @since 1.0.0 - * @param string $user_login - * @param object $user + * @return mixed */ - public function user_login( $user_login, $user = null ) { - - if ( !$user ) { - $user = get_user_by('login', $user_login); - } - if ( !$user ) { - // not logged in - definitely not disabled - return; - } - // Get user meta - $disabled = get_user_meta( $user->ID, 'ja_disable_user', true ); - - // Is the use logging in disabled? - if ( $disabled == '1' ) { - // Clear cookies, a.k.a log user out - wp_clear_auth_cookie(); - - // Build login URL and then redirect - $login_url = site_url( 'wp-login.php', 'login' ); - $login_url = add_query_arg( 'disabled', '1', $login_url ); - wp_redirect( $login_url ); - exit; - } - } + public function user_login( $user, $username, $password ) { - /** - * Show a notice to users who try to login and are disabled - * - * @since 1.0.0 - * @param string $message - * @return string - */ - public function user_login_message( $message ) { + //If this is a valid user, check if the user is disabled before logging in + if ( is_a( $user, 'WP_User' ) ) { + $disabled = get_user_meta( $user->ID, 'ja_disable_user', true ); - // Show the error message if it seems to be a disabled user - if ( isset( $_GET['disabled'] ) && $_GET['disabled'] == 1 ) - $message = '
' . apply_filters( 'ja_disable_users_notice', __( 'Account disabled', 'ja_disable_users' ) ) . '
'; + // Is the use logging in disabled? + if ( $disabled ) { + return new WP_Error( 'ja_user_disabled', apply_filters( 'js_user_disabled_message', __( 'ERROR: Account disabled.', 'ja_disable_users' ) ) ); + } + } - return $message; + //Pass on any existing errors + return $user; } /** * Add custom disabled column to users list * * @since 1.0.3 + * * @param array $defaults + * * @return array */ public function manage_users_columns( $defaults ) { - $defaults['ja_user_disabled'] = __( 'Disabled', 'ja_disable_users' ); + $defaults['ja_user_disabled'] = __( 'User status', 'ja_disable_users' ); + return $defaults; } @@ -175,27 +249,64 @@ public function manage_users_columns( $defaults ) { * Set content of disabled users column * * @since 1.0.3 + * * @param empty $empty * @param string $column_name * @param int $user_ID + * * @return string */ public function manage_users_column_content( $empty, $column_name, $user_ID ) { if ( $column_name == 'ja_user_disabled' ) { - if ( get_the_author_meta( 'ja_disable_user', $user_ID ) == 1 ) { - return __( 'Disabled', 'ja_disable_users' ); + + //Super admins can't be disabled + if ( is_super_admin( $user_ID ) ) { + return ''; + } + + $user_disabled = get_the_author_meta( 'ja_disable_user', $user_ID ); + $nonce = $user_disabled ? wp_create_nonce( 'ja_enable_user_' . $user_ID ) : wp_create_nonce( 'ja_disable_user_' . $user_ID ); + $return_url = urlencode_deep( ( is_ssl() ? 'https' : 'http' ) . '://' . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"] ); + + if ( $user_disabled ) { + $link_url = admin_url( "admin-post.php?action=ja_enable_user&ja_user_id={$user_ID}&ja_nonce={$nonce}&ja_return_url={$return_url}&message=1" ); + + return '
' . __( 'Enable', 'ja_disable_users' ) . ''; + } else { + $link_url = admin_url( "admin-post.php?action=ja_disable_user&ja_user_id={$user_ID}&ja_nonce={$nonce}&ja_return_url={$return_url}&message=1" ); + + return '
' . __( 'Disable', 'ja_disable_users' ) . ''; } } + + return $empty; } /** - * Specifiy the width of our custom column + * Add basic styles * * @since 1.0.3 - */ + */ public function manage_users_css() { - echo ''; + ?> + + YxP5Qdv2yMTcUf&(9iiuMA68O8}8)|h|-aZrR&ti&KVMV*<7J@L5P>h5vK zkvms@0dU~PUiP%&k{dsQD_7tb@b*j`dnH;bJzdjPZ`DlKd_6b!R$$d&S715pEbKp+ zU*BQZU_W3dV3&^xaUT2|{0nS=%isfW9()a60^fnB!O!4B@C)dlo&7_I+wlK6Ue){t zUWES>JPDqe6QT`X0DawU(D(HQ^z}Z14e%2Px$@bcpkKZ}zaS+}!TdX+oIq%~yuP?+ zozbdyzqPTkzH#s7p%>F~lITJ?N;50Bb529CQtc+BXO_(*Oth4b5^Fn@^f?)DdV^e_ zsqis-S)P;9j<%V66gf?~?qv!mu8+9PlB~*wVzU?_MW(|{SxTguBu@M2PIUXyLXs5~ zqf|QIV%d^)(iK*`)CEbyWxmXFy~n994D}sthLfr;)9MCkL;Jcgh*b#_zZzx6%XN(2 z<-`SRY4DtlMQBWiU!i<^TkEWMgGYv?mkCzTL`(}&{caF7g6J02@5GDs>(N3KAu!nB zappCCAGcV=wWW1I*GOe^>9mQd)|RSQ$Q}n>mcto8COfV@U3=P^_Erz0+9RzTD`@PG z(2V0(?&c_$nQG!?uX=|&w#Z9)!R^JVCct=~FraY9EN7D6U3TvIbFftETaT_)! zH7Z@Zw9uq#yL462{1Vl#HK+NTEKSnyKp}{r5!R08ceT}?onAFQc&}1v2KXG9yo2|K zG9?Et8~b+>Ye)N;Ey@37iRHs^u|A}fos%SU$423{$Ccv1>{}}x4fJs6r*@K$napqv zBpuEQrKF$tp2Wk$0WaqppAEen{A-Xpz@+o;Opi7c%QJGgJB)cb=g7g~W;Nw21^J`0 en!|r~@WF9ztICDjfw)BPiu(Qw;IIe655+GFW_8Q} literal 0 HcmV?d00001 diff --git a/languages/ja_disable_users-sv_SE.po b/languages/ja_disable_users-sv_SE.po new file mode 100755 index 0000000..3d424dd --- /dev/null +++ b/languages/ja_disable_users-sv_SE.po @@ -0,0 +1,52 @@ +msgid "" +msgstr "" +"Project-Id-Version: Disable Users\n" +"POT-Creation-Date: 2017-08-04 16:31+0200\n" +"PO-Revision-Date: 2017-08-04 16:33+0200\n" +"Last-Translator: \n" +"Language-Team: \n" +"Language: sv\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Poedit 2.0.3\n" +"X-Poedit-KeywordsList: __;_e;esc_html__;esc_html_e\n" +"X-Poedit-Basepath: .\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" +"X-Poedit-SearchPath-0: ..\n" + +#: ../init.php:74 +msgid "Super admins can not be disabled." +msgstr "Superadministratörer kan ej inaktiveras." + +#: ../init.php:85 +msgid "The user has been updated." +msgstr "Användaren har uppdaterats." + +#: ../init.php:89 +msgid "You are not allowed to perform this action, or your nonce expired." +msgstr "Du har inte tillåtelse att utföra den här åtgärden." + +#: ../init.php:125 +msgid "Disable User Account" +msgstr "Inaktivera användarkonto" + +#: ../init.php:129 +msgid "If checked, the user will not be able to login with this account." +msgstr "Om detta alternativ är ikryssat kommer användaren inte att kunna logga in." + +#: ../init.php:177 +msgid "ERROR: Account disabled." +msgstr "FEL: Användarkontot är inaktiverat" + +#: ../init.php:194 +msgid "User status" +msgstr "Status" + +#: ../init.php:222 +msgid "Enable" +msgstr "Aktivera" + +#: ../init.php:226 +msgid "Disable" +msgstr "Inaktivera" diff --git a/languages/ja_disable_users.pot b/languages/ja_disable_users.pot old mode 100644 new mode 100755 index 9092ca9..011be13 --- a/languages/ja_disable_users.pot +++ b/languages/ja_disable_users.pot @@ -1,29 +1,51 @@ +#, fuzzy msgid "" msgstr "" "Project-Id-Version: Disable Users\n" -"POT-Creation-Date: 2015-10-08 22:43+0100\n" +"POT-Creation-Date: 2017-08-04 16:25+0200\n" "PO-Revision-Date: 2015-10-08 22:44+0100\n" "Language-Team: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"X-Generator: Poedit 1.5.4\n" +"X-Generator: Poedit 2.0.3\n" "X-Poedit-KeywordsList: __;_e;esc_html__;esc_html_e\n" "X-Poedit-Basepath: .\n" +"Last-Translator: \n" "X-Poedit-SearchPath-0: ..\n" -#: ../init.php:76 +#: ../init.php:74 +msgid "Super admins can not be disabled." +msgstr "" + +#: ../init.php:85 +msgid "The user has been updated." +msgstr "" + +#: ../init.php:89 +msgid "You are not allowed to perform this action, or your nonce expired." +msgstr "" + +#: ../init.php:125 msgid " Disable User Account" msgstr "" -#: ../init.php:80 -msgid "If checked, the user cannot login with this account." +#: ../init.php:129 +msgid "If checked, the user will not be able to login with this account." +msgstr "" + +#: ../init.php:177 +msgid "ERROR: Account disabled." +msgstr "" + +#: ../init.php:194 +msgid "User status" msgstr "" -#: ../init.php:152 -msgid "Account disabled" +#: ../init.php:222 +msgid "Enable" msgstr "" -#: ../init.php:166 ../init.php:183 -msgid "Disabled" +#: ../init.php:226 +msgid "Disable" msgstr "" diff --git a/readme.txt b/readme.txt old mode 100644 new mode 100755 index 0954a4e..047cc2a --- a/readme.txt +++ b/readme.txt @@ -40,6 +40,14 @@ Yes, there is a filter in place for that, `ja_disable_users_notice`. == Changelog == += 2.0 = + +* Add multisite compatibility +* Add enable/disable links from user lists +* Use better hook for user login checking (supports XML-RPC) +* Add Swedish translation +* Reformat code to WordPress official code style + = 1.0.5 (11/11/2015) = * Added pl_PL transnation - Props Dominik Kocuj From 76706a4e26c8b5910a5df1928151cad5d0983d93 Mon Sep 17 00:00:00 2001 From: Gabe Habayeb Date: Thu, 4 Jan 2018 11:49:32 -0500 Subject: [PATCH 2/5] added bulk action --- .gitignore | 1 + 1 file changed, 1 insertion(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..63123fb --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.DS_store From 471b80fcc9e36c789e897e4a7cf1945937f38d1d Mon Sep 17 00:00:00 2001 From: Gabe Habayeb Date: Thu, 4 Jan 2018 11:50:30 -0500 Subject: [PATCH 3/5] added bulk action --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 63123fb..e43b0f9 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -.DS_store +.DS_Store From df3622d2e9d1f235b358ce9071155f74b30e4a4e Mon Sep 17 00:00:00 2001 From: Gabe Habayeb Date: Thu, 4 Jan 2018 11:51:33 -0500 Subject: [PATCH 4/5] .DS_Store banished! --- .DS_Store | Bin 6148 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 .DS_Store diff --git a/.DS_Store b/.DS_Store deleted file mode 100644 index a5c424f5bb1f1ff0d234e5b5f73dc9f0ce05057e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6148 zcmeHK%}T>S5Z-O8CWx4WV2`!HQk;z05jr6N$d45UMg3%ws$mL*YrK@!5+p_ zJ9W}Y(s9Ojq8E6+tL*DI4(GPx-UR-%XB?czQR)PdKVC?`zYQWUo_69%U7 zt(d51RI}{#q+T^fI9B9-3?tIEsGc+27b=~o)0D{qNT8qD2@(j@b?kp z6+{%U@hyR9Dzp?95+MS@WhtO6l2M8mJ)#{*-}l8Rt`) From 059dab415e7d1181d6fdb881789e757b427d734e Mon Sep 17 00:00:00 2001 From: Gabe Habayeb Date: Thu, 4 Jan 2018 11:54:09 -0500 Subject: [PATCH 5/5] modified readme --- readme.txt | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/readme.txt b/readme.txt index 047cc2a..054a61d 100755 --- a/readme.txt +++ b/readme.txt @@ -1,9 +1,9 @@ === Disable Users === -Contributors: jaredatch +Contributors: jaredatch, khromov, gabehab Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=AD8KTWTTDX9JL Tags: users, login, disable Requires at least: 4.0.0 -Tested up to: 4.3 +Tested up to: 4.8 Stable tag: trunk License: GPLv2 @@ -39,6 +39,8 @@ Yes, there is a filter in place for that, `ja_disable_users_notice`. 2. Message when a disabled user tries to login. == Changelog == += 2.1 = +* Added bulk action which allows toggle of multiple users at once. = 2.0 =