|
1
|
|
|
<?php |
|
2
|
|
|
class WPCOM_JSON_API_Update_Invites_Endpoint extends WPCOM_JSON_API_Endpoint { |
|
3
|
|
|
public $blog_id; |
|
4
|
|
|
public $invite_id; |
|
5
|
|
|
public $is_wpcom; |
|
6
|
|
|
public $invite; |
|
7
|
|
|
|
|
8
|
|
|
function callback( $path = '', $blog_id = 0, $invite_id = 0 ) { |
|
9
|
|
|
$blog_id = $this->api->switch_to_blog_and_validate_user( $this->api->get_blog_id( $blog_id ) ); |
|
10
|
|
|
if ( is_wp_error( $blog_id ) ) { |
|
11
|
|
|
return $blog_id; |
|
12
|
|
|
} |
|
13
|
|
|
|
|
14
|
|
|
if ( ! is_multisite() ) { |
|
15
|
|
|
return new WP_Error( 'forbidden', 'To modify invites, site must be on a multisite installation.', 403 ); |
|
16
|
|
|
} |
|
17
|
|
|
|
|
18
|
|
|
if ( ! current_user_can( 'promote_users' ) ) { |
|
19
|
|
|
return new WP_Error( 'unauthorized', 'Your token must have permission to promote users on this blog.', 401 ); |
|
20
|
|
|
} |
|
21
|
|
|
|
|
22
|
|
|
$this->blog_id = $blog_id; |
|
23
|
|
|
$this->invite_id = $invite_id; |
|
24
|
|
|
$this->is_wpcom = defined( 'IS_WPCOM' ) && IS_WPCOM; |
|
25
|
|
|
|
|
26
|
|
|
$invite = $this->get_invite(); |
|
27
|
|
|
if ( false === $invite ) { |
|
28
|
|
|
return new WP_Error( 'unknown_invite', 'Requested invite was not found.', 404 ); |
|
29
|
|
|
} |
|
30
|
|
|
|
|
31
|
|
|
$this->invite = $invite; |
|
32
|
|
|
|
|
33
|
|
|
$returnValue = false; |
|
34
|
|
|
if ( $this->api->ends_with( $this->path, '/delete' ) ) { |
|
35
|
|
|
$returnValue = array( |
|
36
|
|
|
'invite_key' => $invite_id, |
|
37
|
|
|
'deleted' => $this->delete_invite(), |
|
38
|
|
|
); |
|
39
|
|
|
} else if ( $this->api->ends_with( $this->path, '/resend' ) ) { |
|
40
|
|
|
$returnValue = array( |
|
41
|
|
|
'result' => $this->is_wpcom ? $this->resend_wpcom_invite() : $this->resend_self_hosted_invite() |
|
42
|
|
|
); |
|
43
|
|
|
} |
|
44
|
|
|
|
|
45
|
|
|
return $returnValue; |
|
46
|
|
|
} |
|
47
|
|
|
|
|
48
|
|
|
/** |
|
49
|
|
|
* Returns an invite if found or false if not found. |
|
50
|
|
|
* |
|
51
|
|
|
* @return bool|object |
|
52
|
|
|
*/ |
|
53
|
|
|
function get_invite() { |
|
54
|
|
|
global $wpdb, $wpcom_invite_users; |
|
55
|
|
|
|
|
56
|
|
|
$invite = false; |
|
|
|
|
|
|
57
|
|
|
if ( $this->is_wpcom ) { |
|
58
|
|
|
$invite = $wpcom_invite_users->get_invitation( $this->invite_id ); |
|
59
|
|
|
} else { |
|
60
|
|
|
$query = $wpdb->prepare( "SELECT * FROM $wpdb->options WHERE option_name = %s LIMIT 1", $this->invite_id ); |
|
61
|
|
|
$invite = $wpdb->get_results( $query ); |
|
62
|
|
|
|
|
63
|
|
|
$invite = empty( $invite ) ? false : $invite; |
|
64
|
|
|
} |
|
65
|
|
|
|
|
66
|
|
|
return $invite; |
|
67
|
|
|
} |
|
68
|
|
|
|
|
69
|
|
|
/** |
|
70
|
|
|
* Deletes an invitation. |
|
71
|
|
|
* |
|
72
|
|
|
* @return bool Whether the invite was deleted successfully. |
|
73
|
|
|
*/ |
|
74
|
|
|
function delete_invite() { |
|
75
|
|
|
global $wpdb, $wpcom_invite_users; |
|
76
|
|
|
|
|
77
|
|
|
if ( $this->is_wpcom ) { |
|
78
|
|
|
return (bool) $wpcom_invite_users->delete_invitation( $this->invite_id ); |
|
79
|
|
|
} else { |
|
80
|
|
|
$query = $wpdb->prepare( "DELETE FROM $wpdb->options WHERE option_name = %s", $this->invite_id ); |
|
81
|
|
|
return 0 < $wpdb->query( $query ); |
|
82
|
|
|
} |
|
83
|
|
|
} |
|
84
|
|
|
|
|
85
|
|
|
/** |
|
86
|
|
|
* Sends an invitation email to a user to join a self-hosted site. |
|
87
|
|
|
* |
|
88
|
|
|
* This method duplicates the invitation email functionality that is present |
|
89
|
|
|
* in wp-admin/user-new.php. Ideally, we should factor out the functionality |
|
90
|
|
|
* in wp-admin/user-new.php that actually invites a user and sends the invite |
|
91
|
|
|
* from the data validation checks that expect $_POST and $_REQUEST. |
|
92
|
|
|
* |
|
93
|
|
|
* @return bool Whether the email was sent successfully. |
|
94
|
|
|
*/ |
|
95
|
|
|
function resend_self_hosted_invite() { |
|
96
|
|
|
$invite = (array) unserialize( $this->invite[0]->option_value ); |
|
97
|
|
|
$roles = get_editable_roles(); |
|
98
|
|
|
$role = $roles[ $invite['role'] ]; |
|
99
|
|
|
$newuser_key = str_replace( 'new_user_', '', $this->invite_id ); |
|
100
|
|
|
|
|
101
|
|
|
/* translators: 1: Site title 2: Site URL 3: Role name 4: URL to accept invitation */ |
|
102
|
|
|
$message = __( 'Hi, |
|
103
|
|
|
|
|
104
|
|
|
You\'ve been invited to join \'%1$s\' at |
|
105
|
|
|
%2$s with the role of %3$s. |
|
106
|
|
|
|
|
107
|
|
|
Please click the following link to confirm the invite: |
|
108
|
|
|
%4$s', 'jetpack' ); |
|
109
|
|
|
|
|
110
|
|
|
return wp_mail( |
|
111
|
|
|
$invite['email'], |
|
112
|
|
|
sprintf( __( '[%s] Joining confirmation', 'jetpack' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), |
|
113
|
|
|
sprintf( |
|
114
|
|
|
$message, |
|
115
|
|
|
get_option( 'blogname' ), |
|
116
|
|
|
home_url(), |
|
117
|
|
|
wp_specialchars_decode( translate_user_role( $role['name'] ) ), |
|
118
|
|
|
home_url( "/newbloguser/$newuser_key/" ) |
|
119
|
|
|
) |
|
120
|
|
|
); |
|
121
|
|
|
} |
|
122
|
|
|
|
|
123
|
|
|
/** |
|
124
|
|
|
* Sends an invitation email to a user to join a WordPress.com site. |
|
125
|
|
|
* |
|
126
|
|
|
* @return bool Whether the invitation was sent successfully. |
|
127
|
|
|
*/ |
|
128
|
|
|
function resend_wpcom_invite() { |
|
129
|
|
|
global $wpcom_invite_users; |
|
130
|
|
|
|
|
131
|
|
|
$wpcom_invite_users->update_invitation( $this->invite->invite_slug, array( 'invite_date' => gmdate( 'Y-m-d H:i:s' ) ) ); |
|
132
|
|
|
|
|
133
|
|
|
if ( 'follower' == $this->invite->meta['role'] && ! is_private_blog() ) { |
|
134
|
|
|
$wpcom_invite_users->invite_followers( $this->invite->meta['sent_to'] ); |
|
135
|
|
|
} else { |
|
136
|
|
|
$wpcom_invite_users->send_invitation( $this->invite->invite_slug ); |
|
137
|
|
|
} |
|
138
|
|
|
|
|
139
|
|
|
return true; |
|
140
|
|
|
} |
|
141
|
|
|
} |
|
142
|
|
|
|
Automattic /
jetpack
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently.
Both the
$myVarassignment in line 1 and the$higherassignment in line 2 are dead. The first because$myVaris never used and the second because$higheris always overwritten for every possible time line.