diff --git a/composer.json b/composer.json
new file mode 100644
index 0000000..ac94ab8
--- /dev/null
+++ b/composer.json
@@ -0,0 +1,7 @@
+{
+ "name" : "jaredatch/Disable-Users",
+ "type" : "wordpress-plugin",
+ "require" : {
+ "composer/installers": "~1.0"
+ }
+}
\ No newline at end of file
diff --git a/init.php b/init.php
index cafae69..c11b0da 100644
--- a/init.php
+++ b/init.php
@@ -3,22 +3,22 @@
* Plugin Name: Disable Users
* Plugin URI: http://wordpress.org/extend/disable-users
* Description: This plugin provides the ability to disable specific user accounts.
- * Version: 1.0.5
- * Author: Jared Atchison
- * Author URI: http://jaredatchison.com
+ * Version: 2.0
+ * Author: Jared Atchison, khromov
+ * Author URI: http://jaredatchison.com
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* @author Jared Atchison
- * @version 1.0.5
+ * @version 2.0
* @package JA_DisableUsers
* @copyright Copyright (c) 2015, Jared Atchison
* @link http://jaredatchison.com
@@ -35,18 +35,61 @@ final class ja_disable_users {
function __construct() {
// Actions
- add_action( 'init', array( $this, 'load_textdomain' ) );
- add_action( 'show_user_profile', array( $this, 'use_profile_field' ) );
- add_action( 'edit_user_profile', array( $this, 'use_profile_field' ) );
- add_action( 'personal_options_update', array( $this, 'user_profile_field_save' ) );
- add_action( 'edit_user_profile_update', array( $this, 'user_profile_field_save' ) );
- add_action( 'wp_login', array( $this, 'user_login' ), 10, 2 );
+ add_action( 'init', array( $this, 'load_textdomain' ) );
+ add_action( 'show_user_profile', array( $this, 'use_profile_field' ) );
+ add_action( 'edit_user_profile', array( $this, 'use_profile_field' ) );
+ add_action( 'personal_options_update', array( $this, 'user_profile_field_save' ) );
+ add_action( 'edit_user_profile_update', array( $this, 'user_profile_field_save' ) );
add_action( 'manage_users_custom_column', array( $this, 'manage_users_column_content' ), 10, 3 );
- add_action( 'admin_footer-users.php', array( $this, 'manage_users_css' ) );
-
+ add_action( 'admin_footer-users.php', array( $this, 'manage_users_css' ) );
+ add_action( 'admin_post_ja_disable_user', array( $this, 'toggle_user' ) );
+ add_action( 'admin_post_ja_enable_user', array( $this, 'toggle_user' ) );
+
// Filters
- add_filter( 'login_message', array( $this, 'user_login_message' ) );
- add_filter( 'manage_users_columns', array( $this, 'manage_users_columns' ) );
+ add_filter( 'manage_users_columns', array( $this, 'manage_users_columns' ) );
+ add_filter( 'wpmu_users_columns', array( $this, 'manage_users_columns' ) );
+ add_filter( 'authenticate', array( $this, 'user_login' ), 1000, 3 );
+
+ }
+
+ /**
+ * Gets the capability associated with banning a user
+ * @return string
+ */
+ function get_edit_cap() {
+ return is_multisite() ? 'manage_network_users' : 'edit_users';
+ }
+
+ /**
+ * Toggles the users disabled status
+ *
+ * @since 1.1.0
+ */
+ function toggle_user() {
+ $nonce_name = ( isset( $_GET['action'] ) && $_GET['action'] === 'ja_disable_user' ) ? 'ja_disable_user_' : 'ja_enable_user_';
+ if ( current_user_can( $this->get_edit_cap() ) && isset( $_GET['ja_user_id'] ) && isset( $_GET['ja_nonce'] ) && wp_verify_nonce( $_GET['ja_nonce'], $nonce_name . $_GET['ja_user_id'] ) ) {
+
+ //Don't disable super admins
+ if ( is_multisite() && is_super_admin( (int) $_GET['ja_user_id'] ) ) {
+ wp_die( __( 'Super admins can not be disabled.', 'ja_disable_users' ) );
+ }
+
+ update_user_meta( (int) $_GET['ja_user_id'], 'ja_disable_user', ( $nonce_name === 'ja_disable_user_' ? true : false ) );
+
+ //Log out user - https://wordpress.stackexchange.com/questions/184161/destroy-user-sessions-based-on-user-id
+ $sessions = WP_Session_Tokens::get_instance( (int) $_GET['ja_user_id'] );
+ $sessions->destroy_all();
+
+ //Redirect back
+ if ( isset( $_GET['ja_return_url'] ) ) {
+ wp_safe_redirect( $_GET['ja_return_url'] );
+ exit;
+ } else {
+ wp_die( __( 'The user has been updated.', 'ja_disable_users' ) );
+ }
+ } else {
+ wp_die( __( 'You are not allowed to perform this action, or your nonce expired.', 'ja_disable_users' ) );
+ }
}
/**
@@ -65,27 +108,35 @@ public function load_textdomain() {
* Add the field to user profiles
*
* @since 1.0.0
+ *
* @param object $user
*/
public function use_profile_field( $user ) {
+ //Super admins can not be banned
+ if ( is_multisite() && is_super_admin( $user->ID ) ) {
+ return;
+ }
+
// Only show this option to users who can delete other users
- if ( !current_user_can( 'edit_users' ) )
+ if ( ! current_user_can( $this->get_edit_cap() ) ) {
return;
+ }
?>
-
+
get_edit_cap() ) ) {
return;
+ }
- if ( !isset( $_POST['ja_disable_user'] ) ) {
- $disabled = 0;
+ if ( ! isset( $_POST['ja_disable_user'] ) ) {
+ $disabled = false;
} else {
- $disabled = $_POST['ja_disable_user'];
+ $disabled = (int) $_POST['ja_disable_user'] ? true : false;
}
-
+
update_user_meta( $user_id, 'ja_disable_user', $disabled );
}
/**
- * After login check to see if user account is disabled
+ * @param $user
+ * @param $username
+ * @param $password
*
- * @since 1.0.0
- * @param string $user_login
- * @param object $user
+ * @return mixed
*/
- public function user_login( $user_login, $user = null ) {
-
- if ( !$user ) {
- $user = get_user_by('login', $user_login);
- }
- if ( !$user ) {
- // not logged in - definitely not disabled
- return;
- }
- // Get user meta
- $disabled = get_user_meta( $user->ID, 'ja_disable_user', true );
-
- // Is the use logging in disabled?
- if ( $disabled == '1' ) {
- // Clear cookies, a.k.a log user out
- wp_clear_auth_cookie();
-
- // Build login URL and then redirect
- $login_url = site_url( 'wp-login.php', 'login' );
- $login_url = add_query_arg( 'disabled', '1', $login_url );
- wp_redirect( $login_url );
- exit;
- }
- }
+ public function user_login( $user, $username, $password ) {
- /**
- * Show a notice to users who try to login and are disabled
- *
- * @since 1.0.0
- * @param string $message
- * @return string
- */
- public function user_login_message( $message ) {
+ //If this is a valid user, check if the user is disabled before logging in
+ if ( is_a( $user, 'WP_User' ) ) {
+ $disabled = get_user_meta( $user->ID, 'ja_disable_user', true );
- // Show the error message if it seems to be a disabled user
- if ( isset( $_GET['disabled'] ) && $_GET['disabled'] == 1 )
- $message = '' . apply_filters( 'ja_disable_users_notice', __( 'Account disabled', 'ja_disable_users' ) ) . '
';
+ // Is the use logging in disabled?
+ if ( $disabled ) {
+ return new WP_Error( 'ja_user_disabled', apply_filters( 'js_user_disabled_message', __( 'ERROR: Account disabled.', 'ja_disable_users' ) ) );
+ }
+ }
- return $message;
+ //Pass on any existing errors
+ return $user;
}
/**
* Add custom disabled column to users list
*
* @since 1.0.3
+ *
* @param array $defaults
+ *
* @return array
*/
public function manage_users_columns( $defaults ) {
- $defaults['ja_user_disabled'] = __( 'Disabled', 'ja_disable_users' );
+ $defaults['ja_user_disabled'] = __( 'User status', 'ja_disable_users' );
+
return $defaults;
}
@@ -175,27 +211,64 @@ public function manage_users_columns( $defaults ) {
* Set content of disabled users column
*
* @since 1.0.3
+ *
* @param empty $empty
* @param string $column_name
* @param int $user_ID
+ *
* @return string
*/
public function manage_users_column_content( $empty, $column_name, $user_ID ) {
if ( $column_name == 'ja_user_disabled' ) {
- if ( get_the_author_meta( 'ja_disable_user', $user_ID ) == 1 ) {
- return __( 'Disabled', 'ja_disable_users' );
+
+ //Super admins can't be disabled
+ if ( is_super_admin( $user_ID ) ) {
+ return '✔';
+ }
+
+ $user_disabled = get_the_author_meta( 'ja_disable_user', $user_ID );
+ $nonce = $user_disabled ? wp_create_nonce( 'ja_enable_user_' . $user_ID ) : wp_create_nonce( 'ja_disable_user_' . $user_ID );
+ $return_url = urlencode_deep( ( is_ssl() ? 'https' : 'http' ) . '://' . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"] );
+
+ if ( $user_disabled ) {
+ $link_url = admin_url( "admin-post.php?action=ja_enable_user&ja_user_id={$user_ID}&ja_nonce={$nonce}&ja_return_url={$return_url}&message=1" );
+
+ return '✘
' . __( 'Enable', 'ja_disable_users' ) . '';
+ } else {
+ $link_url = admin_url( "admin-post.php?action=ja_disable_user&ja_user_id={$user_ID}&ja_nonce={$nonce}&ja_return_url={$return_url}&message=1" );
+
+ return '✔
' . __( 'Disable', 'ja_disable_users' ) . '';
}
}
+
+ return $empty;
}
/**
- * Specifiy the width of our custom column
+ * Add basic styles
*
* @since 1.0.3
- */
+ */
public function manage_users_css() {
- echo '';
+ ?>
+
+ ERROR: Account disabled."
+msgstr "FEL: Användarkontot är inaktiverat"
+
+#: ../init.php:194
+msgid "User status"
+msgstr "Status"
+
+#: ../init.php:222
+msgid "Enable"
+msgstr "Aktivera"
+
+#: ../init.php:226
+msgid "Disable"
+msgstr "Inaktivera"
diff --git a/languages/ja_disable_users.pot b/languages/ja_disable_users.pot
index 9092ca9..011be13 100644
--- a/languages/ja_disable_users.pot
+++ b/languages/ja_disable_users.pot
@@ -1,29 +1,51 @@
+#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: Disable Users\n"
-"POT-Creation-Date: 2015-10-08 22:43+0100\n"
+"POT-Creation-Date: 2017-08-04 16:25+0200\n"
"PO-Revision-Date: 2015-10-08 22:44+0100\n"
"Language-Team: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"X-Generator: Poedit 1.5.4\n"
+"X-Generator: Poedit 2.0.3\n"
"X-Poedit-KeywordsList: __;_e;esc_html__;esc_html_e\n"
"X-Poedit-Basepath: .\n"
+"Last-Translator: \n"
"X-Poedit-SearchPath-0: ..\n"
-#: ../init.php:76
+#: ../init.php:74
+msgid "Super admins can not be disabled."
+msgstr ""
+
+#: ../init.php:85
+msgid "The user has been updated."
+msgstr ""
+
+#: ../init.php:89
+msgid "You are not allowed to perform this action, or your nonce expired."
+msgstr ""
+
+#: ../init.php:125
msgid " Disable User Account"
msgstr ""
-#: ../init.php:80
-msgid "If checked, the user cannot login with this account."
+#: ../init.php:129
+msgid "If checked, the user will not be able to login with this account."
+msgstr ""
+
+#: ../init.php:177
+msgid "ERROR: Account disabled."
+msgstr ""
+
+#: ../init.php:194
+msgid "User status"
msgstr ""
-#: ../init.php:152
-msgid "Account disabled"
+#: ../init.php:222
+msgid "Enable"
msgstr ""
-#: ../init.php:166 ../init.php:183
-msgid "Disabled"
+#: ../init.php:226
+msgid "Disable"
msgstr ""
diff --git a/readme.txt b/readme.txt
index 0954a4e..047cc2a 100644
--- a/readme.txt
+++ b/readme.txt
@@ -40,6 +40,14 @@ Yes, there is a filter in place for that, `ja_disable_users_notice`.
== Changelog ==
+= 2.0 =
+
+* Add multisite compatibility
+* Add enable/disable links from user lists
+* Use better hook for user login checking (supports XML-RPC)
+* Add Swedish translation
+* Reformat code to WordPress official code style
+
= 1.0.5 (11/11/2015) =
* Added pl_PL transnation - Props Dominik Kocuj