WordPressを読む 32-5 /blog/wp-includes/user.php 5
2014/12/17
目次
- 1 /blog/wp-includes/user.php 5
- 2 関数 wp_update_user()
- 3 関数 wp_create_user()
- 4 関数 _get_additional_user_keys()
- 5 関数 wp_get_user_contact_methods()
- 6 関数 _wp_get_user_contactmethods()
- 7 関数 check_password_reset_key()
- 8 関数 reset_password()
- 9 関数 register_new_user()
- 10 関数 wp_get_session_token()
- 11 関数 wp_get_all_sessions()
- 12 関数 wp_destroy_current_session()
- 13 関数 wp_destroy_other_sessions()
- 14 関数 wp_destroy_all_sessions()
/blog/wp-includes/user.php 5
関数 wp_update_user()
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 | /** * Update an user in the database. * * It is possible to update a user's password by specifying the 'user_pass' * value in the $userdata parameter array. * * If current user's password is being updated, then the cookies will be * cleared. * * @since 2.0.0 * * @see wp_insert_user() For what fields can be set in $userdata. * * @param mixed $userdata An array of user data or a user object of type stdClass or WP_User. * @return int|WP_Error The updated user's ID or a WP_Error object if the user could not be updated. */ function wp_update_user($userdata) { if ( is_a( $userdata, 'stdClass' ) ) $userdata = get_object_vars( $userdata ); elseif ( is_a( $userdata, 'WP_User' ) ) $userdata = $userdata->to_array(); $ID = (int) $userdata['ID']; // First, get all of the original fields $user_obj = get_userdata( $ID ); if ( ! $user_obj ) return new WP_Error( 'invalid_user_id', __( 'Invalid user ID.' ) ); $user = $user_obj->to_array(); // Add additional custom fields foreach ( _get_additional_user_keys( $user_obj ) as $key ) { $user[ $key ] = get_user_meta( $ID, $key, true ); } // Escape data pulled from DB. $user = add_magic_quotes( $user ); // If password is changing, hash it now. if ( ! empty($userdata['user_pass']) ) { $plaintext_pass = $userdata['user_pass']; $userdata['user_pass'] = wp_hash_password($userdata['user_pass']); } wp_cache_delete($user[ 'user_email' ], 'useremail'); // Merge old and new fields with new fields overwriting old ones. $userdata = array_merge($user, $userdata); $user_id = wp_insert_user($userdata); // Update the cookies if the password changed. $current_user = wp_get_current_user(); if ( $current_user->ID == $ID ) { if ( isset($plaintext_pass) ) { wp_clear_auth_cookie(); // Here we calculate the expiration length of the current auth cookie and compare it to the default expiration. // If it's greater than this, then we know the user checked 'Remember Me' when they logged in. $logged_in_cookie = wp_parse_auth_cookie( '', 'logged_in' ); /** This filter is documented in wp-includes/pluggable.php */ $default_cookie_life = apply_filters( 'auth_cookie_expiration', ( 2 * DAY_IN_SECONDS ), $ID, false ); $remember = ( ( $logged_in_cookie['expiration'] - time() ) > $default_cookie_life ); wp_set_auth_cookie( $ID, $remember ); } } return $user_id; } |
関数 wp_create_user()
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | /** * A simpler way of inserting an user into the database. * * Creates a new user with just the username, password, and email. For more * complex user creation use wp_insert_user() to specify more information. * * @since 2.0.0 * @see wp_insert_user() More complete way to create a new user * * @param string $username The user's username. * @param string $password The user's password. * @param string $email The user's email (optional). * @return int The new user's ID. */ function wp_create_user($username, $password, $email = '') { $user_login = wp_slash( $username ); $user_email = wp_slash( $email ); $user_pass = $password; $userdata = compact('user_login', 'user_email', 'user_pass'); return wp_insert_user($userdata); } |
関数 _get_additional_user_keys()
1 2 3 4 5 6 7 8 9 10 11 12 13 | /** * Return a list of meta keys that wp_insert_user() is supposed to set. * * @since 3.3.0 * @access private * * @param object $user WP_User instance. * @return array */ function _get_additional_user_keys( $user ) { $keys = array( 'first_name', 'last_name', 'nickname', 'description', 'rich_editing', 'comment_shortcuts', 'admin_color', 'use_ssl', 'show_admin_bar_front' ); return array_merge( $keys, array_keys( wp_get_user_contact_methods( $user ) ) ); } |
関数 wp_get_user_contact_methods()
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 | /** * Set up the user contact methods. * * Default contact methods were removed in 3.6. A filter dictates contact methods. * * @since 3.7.0 * * @param WP_User $user Optional. WP_User object. * @return array Array of contact methods and their labels. */ function wp_get_user_contact_methods( $user = null ) { $methods = array(); if ( get_site_option( 'initial_db_version' ) < 23588 ) { $methods = array( 'aim' => __( 'AIM' ), 'yim' => __( 'Yahoo IM' ), 'jabber' => __( 'Jabber / Google Talk' ) ); } /** * Filter the user contact methods. * * @since 2.9.0 * * @param array $methods Array of contact methods and their labels. * @param WP_User $user WP_User object. */ return apply_filters( 'user_contactmethods', $methods, $user ); } |
関数 _wp_get_user_contactmethods()
1 2 3 4 5 6 7 8 9 | /** * The old private function for setting up user contact methods. * * @since 2.9.0 * @access private */ function _wp_get_user_contactmethods( $user = null ) { return wp_get_user_contact_methods( $user ); } |
関数 check_password_reset_key()
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 | /** * Retrieves a user row based on password reset key and login * * A key is considered 'expired' if it exactly matches the value of the * user_activation_key field, rather than being matched after going through the * hashing process. This field is now hashed; old values are no longer accepted * but have a different WP_Error code so good user feedback can be provided. * * @global wpdb $wpdb WordPress database object for queries. * * @param string $key Hash to validate sending user's password. * @param string $login The user login. * @return WP_User|WP_Error WP_User object on success, WP_Error object for invalid or expired keys. */ function check_password_reset_key($key, $login) { global $wpdb, $wp_hasher; $key = preg_replace('/[^a-z0-9]/i', '', $key); if ( empty( $key ) || !is_string( $key ) ) return new WP_Error('invalid_key', __('Invalid key')); if ( empty($login) || !is_string($login) ) return new WP_Error('invalid_key', __('Invalid key')); $row = $wpdb->get_row( $wpdb->prepare( "SELECT ID, user_activation_key FROM $wpdb->users WHERE user_login = %s", $login ) ); if ( ! $row ) return new WP_Error('invalid_key', __('Invalid key')); if ( empty( $wp_hasher ) ) { require_once ABSPATH . WPINC . '/class-phpass.php'; $wp_hasher = new PasswordHash( 8, true ); } if ( $wp_hasher->CheckPassword( $key, $row->user_activation_key ) ) return get_userdata( $row->ID ); if ( $key === $row->user_activation_key ) { $return = new WP_Error( 'expired_key', __( 'Invalid key' ) ); $user_id = $row->ID; /** * Filter the return value of check_password_reset_key() when an * old-style key is used (plain-text key was stored in the database). * * @since 3.7.0 * * @param WP_Error $return A WP_Error object denoting an expired key. * Return a WP_User object to validate the key. * @param int $user_id The matched user ID. */ return apply_filters( 'password_reset_key_expired', $return, $user_id ); } return new WP_Error( 'invalid_key', __( 'Invalid key' ) ); } |
関数 reset_password()
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | /** * Handles resetting the user's password. * * @param object $user The user * @param string $new_pass New password for the user in plaintext */ function reset_password( $user, $new_pass ) { /** * Fires before the user's password is reset. * * @since 1.5.0 * * @param object $user The user. * @param string $new_pass New user password. */ do_action( 'password_reset', $user, $new_pass ); wp_set_password( $new_pass, $user->ID ); update_user_option( $user->ID, 'default_password_nag', false, true ); wp_password_change_notification( $user ); } |
関数 register_new_user()
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 | /** * Handles registering a new user. * * @param string $user_login User's username for logging in * @param string $user_email User's email address to send password and add * @return int|WP_Error Either user's ID or error on failure. */ function register_new_user( $user_login, $user_email ) { $errors = new WP_Error(); $sanitized_user_login = sanitize_user( $user_login ); /** * Filter the email address of a user being registered. * * @since 2.1.0 * * @param string $user_email The email address of the new user. */ $user_email = apply_filters( 'user_registration_email', $user_email ); // Check the username if ( $sanitized_user_login == '' ) { $errors->add( 'empty_username', __( '<strong>ERROR</strong>: Please enter a username.' ) ); } elseif ( ! validate_username( $user_login ) ) { $errors->add( 'invalid_username', __( '<strong>ERROR</strong>: This username is invalid because it uses illegal characters. Please enter a valid username.' ) ); $sanitized_user_login = ''; } elseif ( username_exists( $sanitized_user_login ) ) { $errors->add( 'username_exists', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' ) ); } // Check the e-mail address if ( $user_email == '' ) { $errors->add( 'empty_email', __( '<strong>ERROR</strong>: Please type your e-mail address.' ) ); } elseif ( ! is_email( $user_email ) ) { $errors->add( 'invalid_email', __( '<strong>ERROR</strong>: The email address isn’t correct.' ) ); $user_email = ''; } elseif ( email_exists( $user_email ) ) { $errors->add( 'email_exists', __( '<strong>ERROR</strong>: This email is already registered, please choose another one.' ) ); } /** * Fires when submitting registration form data, before the user is created. * * @since 2.1.0 * * @param string $sanitized_user_login The submitted username after being sanitized. * @param string $user_email The submitted email. * @param WP_Error $errors Contains any errors with submitted username and email, * e.g., an empty field, an invalid username or email, * or an existing username or email. */ do_action( 'register_post', $sanitized_user_login, $user_email, $errors ); /** * Filter the errors encountered when a new user is being registered. * * The filtered WP_Error object may, for example, contain errors for an invalid * or existing username or email address. A WP_Error object should always returned, * but may or may not contain errors. * * If any errors are present in $errors, this will abort the user's registration. * * @since 2.1.0 * * @param WP_Error $errors A WP_Error object containing any errors encountered * during registration. * @param string $sanitized_user_login User's username after it has been sanitized. * @param string $user_email User's email. */ $errors = apply_filters( 'registration_errors', $errors, $sanitized_user_login, $user_email ); if ( $errors->get_error_code() ) return $errors; $user_pass = wp_generate_password( 12, false ); $user_id = wp_create_user( $sanitized_user_login, $user_pass, $user_email ); if ( ! $user_id || is_wp_error( $user_id ) ) { $errors->add( 'registerfail', sprintf( __( '<strong>ERROR</strong>: Couldn’t register you… please contact the <a href="mailto:%s">webmaster</a> !' ), get_option( 'admin_email' ) ) ); return $errors; } update_user_option( $user_id, 'default_password_nag', true, true ); //Set up the Password change nag. wp_new_user_notification( $user_id, $user_pass ); return $user_id; } |
関数 wp_get_session_token()
1 2 3 4 5 6 7 8 9 10 11 | /** * Retrieve the current session token from the logged_in cookie. * * @since 4.0.0 * * @return string Token. */ function wp_get_session_token() { $cookie = wp_parse_auth_cookie( '', 'logged_in' ); return ! empty( $cookie['token'] ) ? $cookie['token'] : ''; } |
関数 wp_get_all_sessions()
1 2 3 4 5 6 7 8 9 10 | /** * Retrieve a list of sessions for the current user. * * @since 4.0.0 * @return array Array of sessions. */ function wp_get_all_sessions() { $manager = WP_Session_Tokens::get_instance( get_current_user_id() ); return $manager->get_all(); } |
関数 wp_destroy_current_session()
1 2 3 4 5 6 7 8 9 10 11 12 | /** * Remove the current session token from the database. * * @since 4.0.0 */ function { $token = wp_get_session_token(); if ( $token ) { $manager = WP_Session_Tokens::get_instance( get_current_user_id() ); $manager->destroy( $token ); } } |
関数 wp_destroy_other_sessions()
1 2 3 4 5 6 7 8 9 10 11 12 | /** * Remove all but the current session token for the current user for the database. * * @since 4.0.0 */ function wp_destroy_other_sessions() { $token = wp_get_session_token(); if ( $token ) { $manager = WP_Session_Tokens::get_instance( get_current_user_id() ); $manager->destroy_others( $token ); } } |
関数 wp_destroy_all_sessions()
1 2 3 4 5 6 7 8 9 | /** * Remove all session tokens for the current user from the database. * * @since 4.0.0 */ function wp_destroy_all_sessions() { $manager = WP_Session_Tokens::get_instance( get_current_user_id() ); $manager->destroy_all(); } |