edit_user() – Edit user settings based on contents of $_POST

You appear to be a bot. Output may be restricted

Description

Edit user settings based on contents of $_POST

Used on user-edit.php and profile.php to manage and process user options, passwords etc.

Usage

$int|WP_Error = edit_user( $user_id );

Parameters

$user_id
( int ) optional – Optional. User ID.

Returns

int|WP_Error User ID of the updated user or WP_Error on failure.

Source

File name: wordpress/wp-admin/includes/user.php


Lines:

1 to 100 of 221
function edit_user( $user_id = 0 ) {
  $wp_roles = wp_roles();
  $user     = new stdClass;
  $user_id  = (int) $user_id;
  if ( $user_id ) {
    $update           = true;
    $user->ID         = $user_id;
    $userdata         = get_userdata( $user_id );
    $user->user_login = wp_slash( $userdata->user_login );
  } else {
    $update = false;
  }

  if ( ! $update && isset( $_POST['user_login'] ) ) {
    $user->user_login = sanitize_user( wp_unslash( $_POST['user_login'] ), true );
  }

  $pass1 = '';
  $pass2 = '';
  if ( isset( $_POST['pass1'] ) ) {
    $pass1 = trim( $_POST['pass1'] );
  }
  if ( isset( $_POST['pass2'] ) ) {
    $pass2 = trim( $_POST['pass2'] );
  }

  if ( isset( $_POST['role'] ) && current_user_can( 'promote_users' ) && ( ! $user_id || current_user_can( 'promote_user', $user_id ) ) ) {
    $new_role = sanitize_text_field( $_POST['role'] );

    // If the new role isn't editable by the logged-in user die with error.
    $editable_roles = get_editable_roles();
    if ( ! empty( $new_role ) && empty( $editable_roles[ $new_role ] ) ) {
      wp_die( __( 'Sorry, you are not allowed to give users that role.' ), 403 );
    }

    $potential_role = isset( $wp_roles->role_objects[ $new_role ] ) ? $wp_roles->role_objects[ $new_role ] : false;

    /*
		 * Don't let anyone with 'promote_users' edit their own role to something without it.
		 * Multisite super admins can freely edit their roles, they possess all caps.
		 */
    if (
      ( is_multisite() && current_user_can( 'manage_network_users' ) ) ||
      get_current_user_id() !== $user_id ||
      ( $potential_role && $potential_role->has_cap( 'promote_users' ) )
    ) {
      $user->role = $new_role;
    }
  }

  if ( isset( $_POST['email'] ) ) {
    $user->user_email = sanitize_text_field( wp_unslash( $_POST['email'] ) );
  }
  if ( isset( $_POST['url'] ) ) {
    if ( empty( $_POST['url'] ) || 'http://' === $_POST['url'] ) {
      $user->user_url = '';
    } else {
      $user->user_url = sanitize_url( $_POST['url'] );
      $protocols      = implode( '|', array_map( 'preg_quote', wp_allowed_protocols() ) );
      $user->user_url = preg_match( '/^(' . $protocols . '):/is', $user->user_url ) ? $user->user_url : 'http://' . $user->user_url;
    }
  }
  if ( isset( $_POST['first_name'] ) ) {
    $user->first_name = sanitize_text_field( $_POST['first_name'] );
  }
  if ( isset( $_POST['last_name'] ) ) {
    $user->last_name = sanitize_text_field( $_POST['last_name'] );
  }
  if ( isset( $_POST['nickname'] ) ) {
    $user->nickname = sanitize_text_field( $_POST['nickname'] );
  }
  if ( isset( $_POST['display_name'] ) ) {
    $user->display_name = sanitize_text_field( $_POST['display_name'] );
  }

  if ( isset( $_POST['description'] ) ) {
    $user->description = trim( $_POST['description'] );
  }

  foreach ( wp_get_user_contact_methods( $user ) as $method => $name ) {
    if ( isset( $_POST[ $method ] ) ) {
      $user->$method = sanitize_text_field( $_POST[ $method ] );
    }
  }

  if ( isset( $_POST['locale'] ) ) {
    $locale = sanitize_text_field( $_POST['locale'] );
    if ( 'site-default' === $locale ) {
      $locale = '';
    } elseif ( '' === $locale ) {
      $locale = 'en_US';
    } elseif ( ! in_array( $locale, get_available_languages(), true ) ) {
      $locale = '';
    }

    $user->locale = $locale;
  }

  if ( $update ) {

 View on GitHub View on Trac