diff options
Diffstat (limited to 'wp-includes/ms-functions.php')
-rw-r--r-- | wp-includes/ms-functions.php | 2901 |
1 files changed, 2901 insertions, 0 deletions
diff --git a/wp-includes/ms-functions.php b/wp-includes/ms-functions.php new file mode 100644 index 0000000..09ee2a5 --- /dev/null +++ b/wp-includes/ms-functions.php @@ -0,0 +1,2901 @@ +<?php +/** + * Multisite WordPress API + * + * @package WordPress + * @subpackage Multisite + * @since 3.0.0 + */ + +/** + * Gets the network's site and user counts. + * + * @since MU (3.0.0) + * + * @return int[] { + * Site and user count for the network. + * + * @type int $blogs Number of sites on the network. + * @type int $users Number of users on the network. + * } + */ +function get_sitestats() { + $stats = array( + 'blogs' => get_blog_count(), + 'users' => get_user_count(), + ); + + return $stats; +} + +/** + * Gets one of a user's active blogs. + * + * Returns the user's primary blog, if they have one and + * it is active. If it's inactive, function returns another + * active blog of the user. If none are found, the user + * is added as a Subscriber to the Dashboard Blog and that blog + * is returned. + * + * @since MU (3.0.0) + * + * @param int $user_id The unique ID of the user + * @return WP_Site|void The blog object + */ +function get_active_blog_for_user( $user_id ) { + $blogs = get_blogs_of_user( $user_id ); + if ( empty( $blogs ) ) { + return; + } + + if ( ! is_multisite() ) { + return $blogs[ get_current_blog_id() ]; + } + + $primary_blog = get_user_meta( $user_id, 'primary_blog', true ); + $first_blog = current( $blogs ); + if ( false !== $primary_blog ) { + if ( ! isset( $blogs[ $primary_blog ] ) ) { + update_user_meta( $user_id, 'primary_blog', $first_blog->userblog_id ); + $primary = get_site( $first_blog->userblog_id ); + } else { + $primary = get_site( $primary_blog ); + } + } else { + // TODO: Review this call to add_user_to_blog too - to get here the user must have a role on this blog? + $result = add_user_to_blog( $first_blog->userblog_id, $user_id, 'subscriber' ); + + if ( ! is_wp_error( $result ) ) { + update_user_meta( $user_id, 'primary_blog', $first_blog->userblog_id ); + $primary = $first_blog; + } + } + + if ( ( ! is_object( $primary ) ) || ( 1 == $primary->archived || 1 == $primary->spam || 1 == $primary->deleted ) ) { + $blogs = get_blogs_of_user( $user_id, true ); // If a user's primary blog is shut down, check their other blogs. + $ret = false; + if ( is_array( $blogs ) && count( $blogs ) > 0 ) { + foreach ( (array) $blogs as $blog_id => $blog ) { + if ( get_current_network_id() != $blog->site_id ) { + continue; + } + $details = get_site( $blog_id ); + if ( is_object( $details ) && 0 == $details->archived && 0 == $details->spam && 0 == $details->deleted ) { + $ret = $details; + if ( get_user_meta( $user_id, 'primary_blog', true ) != $blog_id ) { + update_user_meta( $user_id, 'primary_blog', $blog_id ); + } + if ( ! get_user_meta( $user_id, 'source_domain', true ) ) { + update_user_meta( $user_id, 'source_domain', $details->domain ); + } + break; + } + } + } else { + return; + } + return $ret; + } else { + return $primary; + } +} + +/** + * Gets the number of active sites on the installation. + * + * The count is cached and updated twice daily. This is not a live count. + * + * @since MU (3.0.0) + * @since 3.7.0 The `$network_id` parameter has been deprecated. + * @since 4.8.0 The `$network_id` parameter is now being used. + * + * @param int|null $network_id ID of the network. Default is the current network. + * @return int Number of active sites on the network. + */ +function get_blog_count( $network_id = null ) { + return get_network_option( $network_id, 'blog_count' ); +} + +/** + * Gets a blog post from any site on the network. + * + * This function is similar to get_post(), except that it can retrieve a post + * from any site on the network, not just the current site. + * + * @since MU (3.0.0) + * + * @param int $blog_id ID of the blog. + * @param int $post_id ID of the post being looked for. + * @return WP_Post|null WP_Post object on success, null on failure + */ +function get_blog_post( $blog_id, $post_id ) { + switch_to_blog( $blog_id ); + $post = get_post( $post_id ); + restore_current_blog(); + + return $post; +} + +/** + * Adds a user to a blog, along with specifying the user's role. + * + * Use the {@see 'add_user_to_blog'} action to fire an event when users are added to a blog. + * + * @since MU (3.0.0) + * + * @param int $blog_id ID of the blog the user is being added to. + * @param int $user_id ID of the user being added. + * @param string $role User role. + * @return true|WP_Error True on success or a WP_Error object if the user doesn't exist + * or could not be added. + */ +function add_user_to_blog( $blog_id, $user_id, $role ) { + switch_to_blog( $blog_id ); + + $user = get_userdata( $user_id ); + + if ( ! $user ) { + restore_current_blog(); + return new WP_Error( 'user_does_not_exist', __( 'The requested user does not exist.' ) ); + } + + /** + * Filters whether a user should be added to a site. + * + * @since 4.9.0 + * + * @param true|WP_Error $retval True if the user should be added to the site, error + * object otherwise. + * @param int $user_id User ID. + * @param string $role User role. + * @param int $blog_id Site ID. + */ + $can_add_user = apply_filters( 'can_add_user_to_blog', true, $user_id, $role, $blog_id ); + + if ( true !== $can_add_user ) { + restore_current_blog(); + + if ( is_wp_error( $can_add_user ) ) { + return $can_add_user; + } + + return new WP_Error( 'user_cannot_be_added', __( 'User cannot be added to this site.' ) ); + } + + if ( ! get_user_meta( $user_id, 'primary_blog', true ) ) { + update_user_meta( $user_id, 'primary_blog', $blog_id ); + $site = get_site( $blog_id ); + update_user_meta( $user_id, 'source_domain', $site->domain ); + } + + $user->set_role( $role ); + + /** + * Fires immediately after a user is added to a site. + * + * @since MU (3.0.0) + * + * @param int $user_id User ID. + * @param string $role User role. + * @param int $blog_id Blog ID. + */ + do_action( 'add_user_to_blog', $user_id, $role, $blog_id ); + + clean_user_cache( $user_id ); + wp_cache_delete( $blog_id . '_user_count', 'blog-details' ); + + restore_current_blog(); + + return true; +} + +/** + * Removes a user from a blog. + * + * Use the {@see 'remove_user_from_blog'} action to fire an event when + * users are removed from a blog. + * + * Accepts an optional `$reassign` parameter, if you want to + * reassign the user's blog posts to another user upon removal. + * + * @since MU (3.0.0) + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $user_id ID of the user being removed. + * @param int $blog_id Optional. ID of the blog the user is being removed from. Default 0. + * @param int $reassign Optional. ID of the user to whom to reassign posts. Default 0. + * @return true|WP_Error True on success or a WP_Error object if the user doesn't exist. + */ +function remove_user_from_blog( $user_id, $blog_id = 0, $reassign = 0 ) { + global $wpdb; + + switch_to_blog( $blog_id ); + $user_id = (int) $user_id; + + /** + * Fires before a user is removed from a site. + * + * @since MU (3.0.0) + * @since 5.4.0 Added the `$reassign` parameter. + * + * @param int $user_id ID of the user being removed. + * @param int $blog_id ID of the blog the user is being removed from. + * @param int $reassign ID of the user to whom to reassign posts. + */ + do_action( 'remove_user_from_blog', $user_id, $blog_id, $reassign ); + + /* + * If being removed from the primary blog, set a new primary + * if the user is assigned to multiple blogs. + */ + $primary_blog = get_user_meta( $user_id, 'primary_blog', true ); + if ( $primary_blog == $blog_id ) { + $new_id = ''; + $new_domain = ''; + $blogs = get_blogs_of_user( $user_id ); + foreach ( (array) $blogs as $blog ) { + if ( $blog->userblog_id == $blog_id ) { + continue; + } + $new_id = $blog->userblog_id; + $new_domain = $blog->domain; + break; + } + + update_user_meta( $user_id, 'primary_blog', $new_id ); + update_user_meta( $user_id, 'source_domain', $new_domain ); + } + + $user = get_userdata( $user_id ); + if ( ! $user ) { + restore_current_blog(); + return new WP_Error( 'user_does_not_exist', __( 'That user does not exist.' ) ); + } + + $user->remove_all_caps(); + + $blogs = get_blogs_of_user( $user_id ); + if ( count( $blogs ) === 0 ) { + update_user_meta( $user_id, 'primary_blog', '' ); + update_user_meta( $user_id, 'source_domain', '' ); + } + + if ( $reassign ) { + $reassign = (int) $reassign; + $post_ids = $wpdb->get_col( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_author = %d", $user_id ) ); + $link_ids = $wpdb->get_col( $wpdb->prepare( "SELECT link_id FROM $wpdb->links WHERE link_owner = %d", $user_id ) ); + + if ( ! empty( $post_ids ) ) { + $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_author = %d WHERE post_author = %d", $reassign, $user_id ) ); + array_walk( $post_ids, 'clean_post_cache' ); + } + + if ( ! empty( $link_ids ) ) { + $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->links SET link_owner = %d WHERE link_owner = %d", $reassign, $user_id ) ); + array_walk( $link_ids, 'clean_bookmark_cache' ); + } + } + + clean_user_cache( $user_id ); + restore_current_blog(); + + return true; +} + +/** + * Gets the permalink for a post on another blog. + * + * @since MU (3.0.0) 1.0 + * + * @param int $blog_id ID of the source blog. + * @param int $post_id ID of the desired post. + * @return string The post's permalink. + */ +function get_blog_permalink( $blog_id, $post_id ) { + switch_to_blog( $blog_id ); + $link = get_permalink( $post_id ); + restore_current_blog(); + + return $link; +} + +/** + * Gets a blog's numeric ID from its URL. + * + * On a subdirectory installation like example.com/blog1/, + * $domain will be the root 'example.com' and $path the + * subdirectory '/blog1/'. With subdomains like blog1.example.com, + * $domain is 'blog1.example.com' and $path is '/'. + * + * @since MU (3.0.0) + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $domain Website domain. + * @param string $path Optional. Not required for subdomain installations. Default '/'. + * @return int 0 if no blog found, otherwise the ID of the matching blog. + */ +function get_blog_id_from_url( $domain, $path = '/' ) { + $domain = strtolower( $domain ); + $path = strtolower( $path ); + $id = wp_cache_get( md5( $domain . $path ), 'blog-id-cache' ); + + if ( -1 == $id ) { // Blog does not exist. + return 0; + } elseif ( $id ) { + return (int) $id; + } + + $args = array( + 'domain' => $domain, + 'path' => $path, + 'fields' => 'ids', + 'number' => 1, + 'update_site_meta_cache' => false, + ); + $result = get_sites( $args ); + $id = array_shift( $result ); + + if ( ! $id ) { + wp_cache_set( md5( $domain . $path ), -1, 'blog-id-cache' ); + return 0; + } + + wp_cache_set( md5( $domain . $path ), $id, 'blog-id-cache' ); + + return $id; +} + +// +// Admin functions. +// + +/** + * Checks an email address against a list of banned domains. + * + * This function checks against the Banned Email Domains list + * at wp-admin/network/settings.php. The check is only run on + * self-registrations; user creation at wp-admin/network/users.php + * bypasses this check. + * + * @since MU (3.0.0) + * + * @param string $user_email The email provided by the user at registration. + * @return bool True when the email address is banned, false otherwise. + */ +function is_email_address_unsafe( $user_email ) { + $banned_names = get_site_option( 'banned_email_domains' ); + if ( $banned_names && ! is_array( $banned_names ) ) { + $banned_names = explode( "\n", $banned_names ); + } + + $is_email_address_unsafe = false; + + if ( $banned_names && is_array( $banned_names ) && false !== strpos( $user_email, '@', 1 ) ) { + $banned_names = array_map( 'strtolower', $banned_names ); + $normalized_email = strtolower( $user_email ); + + list( $email_local_part, $email_domain ) = explode( '@', $normalized_email ); + + foreach ( $banned_names as $banned_domain ) { + if ( ! $banned_domain ) { + continue; + } + + if ( $email_domain === $banned_domain ) { + $is_email_address_unsafe = true; + break; + } + + if ( str_ends_with( $normalized_email, ".$banned_domain" ) ) { + $is_email_address_unsafe = true; + break; + } + } + } + + /** + * Filters whether an email address is unsafe. + * + * @since 3.5.0 + * + * @param bool $is_email_address_unsafe Whether the email address is "unsafe". Default false. + * @param string $user_email User email address. + */ + return apply_filters( 'is_email_address_unsafe', $is_email_address_unsafe, $user_email ); +} + +/** + * Sanitizes and validates data required for a user sign-up. + * + * Verifies the validity and uniqueness of user names and user email addresses, + * and checks email addresses against allowed and disallowed domains provided by + * administrators. + * + * The {@see 'wpmu_validate_user_signup'} hook provides an easy way to modify the sign-up + * process. The value $result, which is passed to the hook, contains both the user-provided + * info and the error messages created by the function. {@see 'wpmu_validate_user_signup'} + * allows you to process the data in any way you'd like, and unset the relevant errors if + * necessary. + * + * @since MU (3.0.0) + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $user_name The login name provided by the user. + * @param string $user_email The email provided by the user. + * @return array { + * The array of user name, email, and the error messages. + * + * @type string $user_name Sanitized and unique username. + * @type string $orig_username Original username. + * @type string $user_email User email address. + * @type WP_Error $errors WP_Error object containing any errors found. + * } + */ +function wpmu_validate_user_signup( $user_name, $user_email ) { + global $wpdb; + + $errors = new WP_Error(); + + $orig_username = $user_name; + $user_name = preg_replace( '/\s+/', '', sanitize_user( $user_name, true ) ); + + if ( $user_name != $orig_username || preg_match( '/[^a-z0-9]/', $user_name ) ) { + $errors->add( 'user_name', __( 'Usernames can only contain lowercase letters (a-z) and numbers.' ) ); + $user_name = $orig_username; + } + + $user_email = sanitize_email( $user_email ); + + if ( empty( $user_name ) ) { + $errors->add( 'user_name', __( 'Please enter a username.' ) ); + } + + $illegal_names = get_site_option( 'illegal_names' ); + if ( ! is_array( $illegal_names ) ) { + $illegal_names = array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator' ); + add_site_option( 'illegal_names', $illegal_names ); + } + if ( in_array( $user_name, $illegal_names, true ) ) { + $errors->add( 'user_name', __( 'Sorry, that username is not allowed.' ) ); + } + + /** This filter is documented in wp-includes/user.php */ + $illegal_logins = (array) apply_filters( 'illegal_user_logins', array() ); + + if ( in_array( strtolower( $user_name ), array_map( 'strtolower', $illegal_logins ), true ) ) { + $errors->add( 'user_name', __( 'Sorry, that username is not allowed.' ) ); + } + + if ( ! is_email( $user_email ) ) { + $errors->add( 'user_email', __( 'Please enter a valid email address.' ) ); + } elseif ( is_email_address_unsafe( $user_email ) ) { + $errors->add( 'user_email', __( 'You cannot use that email address to signup. There are problems with them blocking some emails from WordPress. Please use another email provider.' ) ); + } + + if ( strlen( $user_name ) < 4 ) { + $errors->add( 'user_name', __( 'Username must be at least 4 characters.' ) ); + } + + if ( strlen( $user_name ) > 60 ) { + $errors->add( 'user_name', __( 'Username may not be longer than 60 characters.' ) ); + } + + // All numeric? + if ( preg_match( '/^[0-9]*$/', $user_name ) ) { + $errors->add( 'user_name', __( 'Sorry, usernames must have letters too!' ) ); + } + + $limited_email_domains = get_site_option( 'limited_email_domains' ); + if ( is_array( $limited_email_domains ) && ! empty( $limited_email_domains ) ) { + $limited_email_domains = array_map( 'strtolower', $limited_email_domains ); + $emaildomain = strtolower( substr( $user_email, 1 + strpos( $user_email, '@' ) ) ); + if ( ! in_array( $emaildomain, $limited_email_domains, true ) ) { + $errors->add( 'user_email', __( 'Sorry, that email address is not allowed!' ) ); + } + } + + // Check if the username has been used already. + if ( username_exists( $user_name ) ) { + $errors->add( 'user_name', __( 'Sorry, that username already exists!' ) ); + } + + // Check if the email address has been used already. + if ( email_exists( $user_email ) ) { + $errors->add( + 'user_email', + sprintf( + /* translators: %s: Link to the login page. */ + __( '<strong>Error:</strong> This email address is already registered. <a href="%s">Log in</a> with this address or choose another one.' ), + wp_login_url() + ) + ); + } + + // Has someone already signed up for this username? + $signup = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->signups WHERE user_login = %s", $user_name ) ); + if ( $signup instanceof stdClass ) { + $registered_at = mysql2date( 'U', $signup->registered ); + $now = time(); + $diff = $now - $registered_at; + // If registered more than two days ago, cancel registration and let this signup go through. + if ( $diff > 2 * DAY_IN_SECONDS ) { + $wpdb->delete( $wpdb->signups, array( 'user_login' => $user_name ) ); + } else { + $errors->add( 'user_name', __( 'That username is currently reserved but may be available in a couple of days.' ) ); + } + } + + $signup = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->signups WHERE user_email = %s", $user_email ) ); + if ( $signup instanceof stdClass ) { + $diff = time() - mysql2date( 'U', $signup->registered ); + // If registered more than two days ago, cancel registration and let this signup go through. + if ( $diff > 2 * DAY_IN_SECONDS ) { + $wpdb->delete( $wpdb->signups, array( 'user_email' => $user_email ) ); + } else { + $errors->add( 'user_email', __( 'That email address has already been used. Please check your inbox for an activation email. It will become available in a couple of days if you do nothing.' ) ); + } + } + + $result = array( + 'user_name' => $user_name, + 'orig_username' => $orig_username, + 'user_email' => $user_email, + 'errors' => $errors, + ); + + /** + * Filters the validated user registration details. + * + * This does not allow you to override the username or email of the user during + * registration. The values are solely used for validation and error handling. + * + * @since MU (3.0.0) + * + * @param array $result { + * The array of user name, email, and the error messages. + * + * @type string $user_name Sanitized and unique username. + * @type string $orig_username Original username. + * @type string $user_email User email address. + * @type WP_Error $errors WP_Error object containing any errors found. + * } + */ + return apply_filters( 'wpmu_validate_user_signup', $result ); +} + +/** + * Processes new site registrations. + * + * Checks the data provided by the user during blog signup. Verifies + * the validity and uniqueness of blog paths and domains. + * + * This function prevents the current user from registering a new site + * with a blogname equivalent to another user's login name. Passing the + * $user parameter to the function, where $user is the other user, is + * effectively an override of this limitation. + * + * Filter {@see 'wpmu_validate_blog_signup'} if you want to modify + * the way that WordPress validates new site signups. + * + * @since MU (3.0.0) + * + * @global wpdb $wpdb WordPress database abstraction object. + * @global string $domain + * + * @param string $blogname The site name provided by the user. Must be unique. + * @param string $blog_title The site title provided by the user. + * @param WP_User|string $user Optional. The user object to check against the new site name. + * Default empty string. + * @return array { + * Array of domain, path, site name, site title, user and error messages. + * + * @type string $domain Domain for the site. + * @type string $path Path for the site. Used in subdirectory installations. + * @type string $blogname The unique site name (slug). + * @type string $blog_title Blog title. + * @type string|WP_User $user By default, an empty string. A user object if provided. + * @type WP_Error $errors WP_Error containing any errors found. + * } + */ +function wpmu_validate_blog_signup( $blogname, $blog_title, $user = '' ) { + global $wpdb, $domain; + + $current_network = get_network(); + $base = $current_network->path; + + $blog_title = strip_tags( $blog_title ); + + $errors = new WP_Error(); + $illegal_names = get_site_option( 'illegal_names' ); + if ( false == $illegal_names ) { + $illegal_names = array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator' ); + add_site_option( 'illegal_names', $illegal_names ); + } + + /* + * On sub dir installations, some names are so illegal, only a filter can + * spring them from jail. + */ + if ( ! is_subdomain_install() ) { + $illegal_names = array_merge( $illegal_names, get_subdirectory_reserved_names() ); + } + + if ( empty( $blogname ) ) { + $errors->add( 'blogname', __( 'Please enter a site name.' ) ); + } + + if ( preg_match( '/[^a-z0-9]+/', $blogname ) ) { + $errors->add( 'blogname', __( 'Site names can only contain lowercase letters (a-z) and numbers.' ) ); + } + + if ( in_array( $blogname, $illegal_names, true ) ) { + $errors->add( 'blogname', __( 'That name is not allowed.' ) ); + } + + /** + * Filters the minimum site name length required when validating a site signup. + * + * @since 4.8.0 + * + * @param int $length The minimum site name length. Default 4. + */ + $minimum_site_name_length = apply_filters( 'minimum_site_name_length', 4 ); + + if ( strlen( $blogname ) < $minimum_site_name_length ) { + /* translators: %s: Minimum site name length. */ + $errors->add( 'blogname', sprintf( _n( 'Site name must be at least %s character.', 'Site name must be at least %s characters.', $minimum_site_name_length ), number_format_i18n( $minimum_site_name_length ) ) ); + } + + // Do not allow users to create a site that conflicts with a page on the main blog. + if ( ! is_subdomain_install() && $wpdb->get_var( $wpdb->prepare( 'SELECT post_name FROM ' . $wpdb->get_blog_prefix( $current_network->site_id ) . "posts WHERE post_type = 'page' AND post_name = %s", $blogname ) ) ) { + $errors->add( 'blogname', __( 'Sorry, you may not use that site name.' ) ); + } + + // All numeric? + if ( preg_match( '/^[0-9]*$/', $blogname ) ) { + $errors->add( 'blogname', __( 'Sorry, site names must have letters too!' ) ); + } + + /** + * Filters the new site name during registration. + * + * The name is the site's subdomain or the site's subdirectory + * path depending on the network settings. + * + * @since MU (3.0.0) + * + * @param string $blogname Site name. + */ + $blogname = apply_filters( 'newblogname', $blogname ); + + $blog_title = wp_unslash( $blog_title ); + + if ( empty( $blog_title ) ) { + $errors->add( 'blog_title', __( 'Please enter a site title.' ) ); + } + + // Check if the domain/path has been used already. + if ( is_subdomain_install() ) { + $mydomain = $blogname . '.' . preg_replace( '|^www\.|', '', $domain ); + $path = $base; + } else { + $mydomain = $domain; + $path = $base . $blogname . '/'; + } + if ( domain_exists( $mydomain, $path, $current_network->id ) ) { + $errors->add( 'blogname', __( 'Sorry, that site already exists!' ) ); + } + + /* + * Do not allow users to create a site that matches an existing user's login name, + * unless it's the user's own username. + */ + if ( username_exists( $blogname ) ) { + if ( ! is_object( $user ) || ( is_object( $user ) && ( $user->user_login != $blogname ) ) ) { + $errors->add( 'blogname', __( 'Sorry, that site is reserved!' ) ); + } + } + + /* + * Has someone already signed up for this domain? + * TODO: Check email too? + */ + $signup = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->signups WHERE domain = %s AND path = %s", $mydomain, $path ) ); + if ( $signup instanceof stdClass ) { + $diff = time() - mysql2date( 'U', $signup->registered ); + // If registered more than two days ago, cancel registration and let this signup go through. + if ( $diff > 2 * DAY_IN_SECONDS ) { + $wpdb->delete( + $wpdb->signups, + array( + 'domain' => $mydomain, + 'path' => $path, + ) + ); + } else { + $errors->add( 'blogname', __( 'That site is currently reserved but may be available in a couple days.' ) ); + } + } + + $result = array( + 'domain' => $mydomain, + 'path' => $path, + 'blogname' => $blogname, + 'blog_title' => $blog_title, + 'user' => $user, + 'errors' => $errors, + ); + + /** + * Filters site details and error messages following registration. + * + * @since MU (3.0.0) + * + * @param array $result { + * Array of domain, path, site name, site title, user and error messages. + * + * @type string $domain Domain for the site. + * @type string $path Path for the site. Used in subdirectory installations. + * @type string $blogname The unique site name (slug). + * @type string $blog_title Site title. + * @type string|WP_User $user By default, an empty string. A user object if provided. + * @type WP_Error $errors WP_Error containing any errors found. + * } + */ + return apply_filters( 'wpmu_validate_blog_signup', $result ); +} + +/** + * Records site signup information for future activation. + * + * @since MU (3.0.0) + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $domain The requested domain. + * @param string $path The requested path. + * @param string $title The requested site title. + * @param string $user The user's requested login name. + * @param string $user_email The user's email address. + * @param array $meta Optional. Signup meta data. By default, contains the requested privacy setting and lang_id. + */ +function wpmu_signup_blog( $domain, $path, $title, $user, $user_email, $meta = array() ) { + global $wpdb; + + $key = substr( md5( time() . wp_rand() . $domain ), 0, 16 ); + + /** + * Filters the metadata for a site signup. + * + * The metadata will be serialized prior to storing it in the database. + * + * @since 4.8.0 + * + * @param array $meta Signup meta data. Default empty array. + * @param string $domain The requested domain. + * @param string $path The requested path. + * @param string $title The requested site title. + * @param string $user The user's requested login name. + * @param string $user_email The user's email address. + * @param string $key The user's activation key. + */ + $meta = apply_filters( 'signup_site_meta', $meta, $domain, $path, $title, $user, $user_email, $key ); + + $wpdb->insert( + $wpdb->signups, + array( + 'domain' => $domain, + 'path' => $path, + 'title' => $title, + 'user_login' => $user, + 'user_email' => $user_email, + 'registered' => current_time( 'mysql', true ), + 'activation_key' => $key, + 'meta' => serialize( $meta ), + ) + ); + + /** + * Fires after site signup information has been written to the database. + * + * @since 4.4.0 + * + * @param string $domain The requested domain. + * @param string $path The requested path. + * @param string $title The requested site title. + * @param string $user The user's requested login name. + * @param string $user_email The user's email address. + * @param string $key The user's activation key. + * @param array $meta Signup meta data. By default, contains the requested privacy setting and lang_id. + */ + do_action( 'after_signup_site', $domain, $path, $title, $user, $user_email, $key, $meta ); +} + +/** + * Records user signup information for future activation. + * + * This function is used when user registration is open but + * new site registration is not. + * + * @since MU (3.0.0) + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $user The user's requested login name. + * @param string $user_email The user's email address. + * @param array $meta Optional. Signup meta data. Default empty array. + */ +function wpmu_signup_user( $user, $user_email, $meta = array() ) { + global $wpdb; + + // Format data. + $user = preg_replace( '/\s+/', '', sanitize_user( $user, true ) ); + $user_email = sanitize_email( $user_email ); + $key = substr( md5( time() . wp_rand() . $user_email ), 0, 16 ); + + /** + * Filters the metadata for a user signup. + * + * The metadata will be serialized prior to storing it in the database. + * + * @since 4.8.0 + * + * @param array $meta Signup meta data. Default empty array. + * @param string $user The user's requested login name. + * @param string $user_email The user's email address. + * @param string $key The user's activation key. + */ + $meta = apply_filters( 'signup_user_meta', $meta, $user, $user_email, $key ); + + $wpdb->insert( + $wpdb->signups, + array( + 'domain' => '', + 'path' => '', + 'title' => '', + 'user_login' => $user, + 'user_email' => $user_email, + 'registered' => current_time( 'mysql', true ), + 'activation_key' => $key, + 'meta' => serialize( $meta ), + ) + ); + + /** + * Fires after a user's signup information has been written to the database. + * + * @since 4.4.0 + * + * @param string $user The user's requested login name. + * @param string $user_email The user's email address. + * @param string $key The user's activation key. + * @param array $meta Signup meta data. Default empty array. + */ + do_action( 'after_signup_user', $user, $user_email, $key, $meta ); +} + +/** + * Sends a confirmation request email to a user when they sign up for a new site. The new site will not become active + * until the confirmation link is clicked. + * + * This is the notification function used when site registration + * is enabled. + * + * Filter {@see 'wpmu_signup_blog_notification'} to bypass this function or + * replace it with your own notification behavior. + * + * Filter {@see 'wpmu_signup_blog_notification_email'} and + * {@see 'wpmu_signup_blog_notification_subject'} to change the content + * and subject line of the email sent to newly registered users. + * + * @since MU (3.0.0) + * + * @param string $domain The new blog domain. + * @param string $path The new blog path. + * @param string $title The site title. + * @param string $user_login The user's login name. + * @param string $user_email The user's email address. + * @param string $key The activation key created in wpmu_signup_blog(). + * @param array $meta Optional. Signup meta data. By default, contains the requested privacy setting and lang_id. + * @return bool + */ +function wpmu_signup_blog_notification( $domain, $path, $title, $user_login, $user_email, $key, $meta = array() ) { + /** + * Filters whether to bypass the new site email notification. + * + * @since MU (3.0.0) + * + * @param string|false $domain Site domain, or false to prevent the email from sending. + * @param string $path Site path. + * @param string $title Site title. + * @param string $user_login User login name. + * @param string $user_email User email address. + * @param string $key Activation key created in wpmu_signup_blog(). + * @param array $meta Signup meta data. By default, contains the requested privacy setting and lang_id. + */ + if ( ! apply_filters( 'wpmu_signup_blog_notification', $domain, $path, $title, $user_login, $user_email, $key, $meta ) ) { + return false; + } + + // Send email with activation link. + if ( ! is_subdomain_install() || get_current_network_id() != 1 ) { + $activate_url = network_site_url( "wp-activate.php?key=$key" ); + } else { + $activate_url = "http://{$domain}{$path}wp-activate.php?key=$key"; // @todo Use *_url() API. + } + + $activate_url = esc_url( $activate_url ); + + $admin_email = get_site_option( 'admin_email' ); + + if ( '' === $admin_email ) { + $admin_email = 'support@' . wp_parse_url( network_home_url(), PHP_URL_HOST ); + } + + $from_name = ( '' !== get_site_option( 'site_name' ) ) ? esc_html( get_site_option( 'site_name' ) ) : 'WordPress'; + $message_headers = "From: \"{$from_name}\" <{$admin_email}>\n" . 'Content-Type: text/plain; charset="' . get_option( 'blog_charset' ) . "\"\n"; + + $user = get_user_by( 'login', $user_login ); + $switched_locale = $user && switch_to_user_locale( $user->ID ); + + $message = sprintf( + /** + * Filters the message content of the new blog notification email. + * + * Content should be formatted for transmission via wp_mail(). + * + * @since MU (3.0.0) + * + * @param string $content Content of the notification email. + * @param string $domain Site domain. + * @param string $path Site path. + * @param string $title Site title. + * @param string $user_login User login name. + * @param string $user_email User email address. + * @param string $key Activation key created in wpmu_signup_blog(). + * @param array $meta Signup meta data. By default, contains the requested privacy setting and lang_id. + */ + apply_filters( + 'wpmu_signup_blog_notification_email', + /* translators: New site notification email. 1: Activation URL, 2: New site URL. */ + __( "To activate your site, please click the following link:\n\n%1\$s\n\nAfter you activate, you will receive *another email* with your login.\n\nAfter you activate, you can visit your site here:\n\n%2\$s" ), + $domain, + $path, + $title, + $user_login, + $user_email, + $key, + $meta + ), + $activate_url, + esc_url( "http://{$domain}{$path}" ), + $key + ); + + $subject = sprintf( + /** + * Filters the subject of the new blog notification email. + * + * @since MU (3.0.0) + * + * @param string $subject Subject of the notification email. + * @param string $domain Site domain. + * @param string $path Site path. + * @param string $title Site title. + * @param string $user_login User login name. + * @param string $user_email User email address. + * @param string $key Activation key created in wpmu_signup_blog(). + * @param array $meta Signup meta data. By default, contains the requested privacy setting and lang_id. + */ + apply_filters( + 'wpmu_signup_blog_notification_subject', + /* translators: New site notification email subject. 1: Network title, 2: New site URL. */ + _x( '[%1$s] Activate %2$s', 'New site notification email subject' ), + $domain, + $path, + $title, + $user_login, + $user_email, + $key, + $meta + ), + $from_name, + esc_url( 'http://' . $domain . $path ) + ); + + wp_mail( $user_email, wp_specialchars_decode( $subject ), $message, $message_headers ); + + if ( $switched_locale ) { + restore_previous_locale(); + } + + return true; +} + +/** + * Sends a confirmation request email to a user when they sign up for a new user account (without signing up for a site + * at the same time). The user account will not become active until the confirmation link is clicked. + * + * This is the notification function used when no new site has + * been requested. + * + * Filter {@see 'wpmu_signup_user_notification'} to bypass this function or + * replace it with your own notification behavior. + * + * Filter {@see 'wpmu_signup_user_notification_email'} and + * {@see 'wpmu_signup_user_notification_subject'} to change the content + * and subject line of the email sent to newly registered users. + * + * @since MU (3.0.0) + * + * @param string $user_login The user's login name. + * @param string $user_email The user's email address. + * @param string $key The activation key created in wpmu_signup_user() + * @param array $meta Optional. Signup meta data. Default empty array. + * @return bool + */ +function wpmu_signup_user_notification( $user_login, $user_email, $key, $meta = array() ) { + /** + * Filters whether to bypass the email notification for new user sign-up. + * + * @since MU (3.0.0) + * + * @param string $user_login User login name. + * @param string $user_email User email address. + * @param string $key Activation key created in wpmu_signup_user(). + * @param array $meta Signup meta data. Default empty array. + */ + if ( ! apply_filters( 'wpmu_signup_user_notification', $user_login, $user_email, $key, $meta ) ) { + return false; + } + + $user = get_user_by( 'login', $user_login ); + $switched_locale = $user && switch_to_user_locale( $user->ID ); + + // Send email with activation link. + $admin_email = get_site_option( 'admin_email' ); + + if ( '' === $admin_email ) { + $admin_email = 'support@' . wp_parse_url( network_home_url(), PHP_URL_HOST ); + } + + $from_name = ( '' !== get_site_option( 'site_name' ) ) ? esc_html( get_site_option( 'site_name' ) ) : 'WordPress'; + $message_headers = "From: \"{$from_name}\" <{$admin_email}>\n" . 'Content-Type: text/plain; charset="' . get_option( 'blog_charset' ) . "\"\n"; + $message = sprintf( + /** + * Filters the content of the notification email for new user sign-up. + * + * Content should be formatted for transmission via wp_mail(). + * + * @since MU (3.0.0) + * + * @param string $content Content of the notification email. + * @param string $user_login User login name. + * @param string $user_email User email address. + * @param string $key Activation key created in wpmu_signup_user(). + * @param array $meta Signup meta data. Default empty array. + */ + apply_filters( + 'wpmu_signup_user_notification_email', + /* translators: New user notification email. %s: Activation URL. */ + __( "To activate your user, please click the following link:\n\n%s\n\nAfter you activate, you will receive *another email* with your login." ), + $user_login, + $user_email, + $key, + $meta + ), + site_url( "wp-activate.php?key=$key" ) + ); + + $subject = sprintf( + /** + * Filters the subject of the notification email of new user signup. + * + * @since MU (3.0.0) + * + * @param string $subject Subject of the notification email. + * @param string $user_login User login name. + * @param string $user_email User email address. + * @param string $key Activation key created in wpmu_signup_user(). + * @param array $meta Signup meta data. Default empty array. + */ + apply_filters( + 'wpmu_signup_user_notification_subject', + /* translators: New user notification email subject. 1: Network title, 2: New user login. */ + _x( '[%1$s] Activate %2$s', 'New user notification email subject' ), + $user_login, + $user_email, + $key, + $meta + ), + $from_name, + $user_login + ); + + wp_mail( $user_email, wp_specialchars_decode( $subject ), $message, $message_headers ); + + if ( $switched_locale ) { + restore_previous_locale(); + } + + return true; +} + +/** + * Activates a signup. + * + * Hook to {@see 'wpmu_activate_user'} or {@see 'wpmu_activate_blog'} for events + * that should happen only when users or sites are self-created (since + * those actions are not called when users and sites are created + * by a Super Admin). + * + * @since MU (3.0.0) + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $key The activation key provided to the user. + * @return array|WP_Error An array containing information about the activated user and/or blog. + */ +function wpmu_activate_signup( $key ) { + global $wpdb; + + $signup = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->signups WHERE activation_key = %s", $key ) ); + + if ( empty( $signup ) ) { + return new WP_Error( 'invalid_key', __( 'Invalid activation key.' ) ); + } + + if ( $signup->active ) { + if ( empty( $signup->domain ) ) { + return new WP_Error( 'already_active', __( 'The user is already active.' ), $signup ); + } else { + return new WP_Error( 'already_active', __( 'The site is already active.' ), $signup ); + } + } + + $meta = maybe_unserialize( $signup->meta ); + $password = wp_generate_password( 12, false ); + + $user_id = username_exists( $signup->user_login ); + + if ( ! $user_id ) { + $user_id = wpmu_create_user( $signup->user_login, $password, $signup->user_email ); + } else { + $user_already_exists = true; + } + + if ( ! $user_id ) { + return new WP_Error( 'create_user', __( 'Could not create user' ), $signup ); + } + + $now = current_time( 'mysql', true ); + + if ( empty( $signup->domain ) ) { + $wpdb->update( + $wpdb->signups, + array( + 'active' => 1, + 'activated' => $now, + ), + array( 'activation_key' => $key ) + ); + + if ( isset( $user_already_exists ) ) { + return new WP_Error( 'user_already_exists', __( 'That username is already activated.' ), $signup ); + } + + /** + * Fires immediately after a new user is activated. + * + * @since MU (3.0.0) + * + * @param int $user_id User ID. + * @param string $password User password. + * @param array $meta Signup meta data. + */ + do_action( 'wpmu_activate_user', $user_id, $password, $meta ); + + return array( + 'user_id' => $user_id, + 'password' => $password, + 'meta' => $meta, + ); + } + + $blog_id = wpmu_create_blog( $signup->domain, $signup->path, $signup->title, $user_id, $meta, get_current_network_id() ); + + // TODO: What to do if we create a user but cannot create a blog? + if ( is_wp_error( $blog_id ) ) { + /* + * If blog is taken, that means a previous attempt to activate this blog + * failed in between creating the blog and setting the activation flag. + * Let's just set the active flag and instruct the user to reset their password. + */ + if ( 'blog_taken' === $blog_id->get_error_code() ) { + $blog_id->add_data( $signup ); + $wpdb->update( + $wpdb->signups, + array( + 'active' => 1, + 'activated' => $now, + ), + array( 'activation_key' => $key ) + ); + } + return $blog_id; + } + + $wpdb->update( + $wpdb->signups, + array( + 'active' => 1, + 'activated' => $now, + ), + array( 'activation_key' => $key ) + ); + + /** + * Fires immediately after a site is activated. + * + * @since MU (3.0.0) + * + * @param int $blog_id Blog ID. + * @param int $user_id User ID. + * @param string $password User password. + * @param string $signup_title Site title. + * @param array $meta Signup meta data. By default, contains the requested privacy setting and lang_id. + */ + do_action( 'wpmu_activate_blog', $blog_id, $user_id, $password, $signup->title, $meta ); + + return array( + 'blog_id' => $blog_id, + 'user_id' => $user_id, + 'password' => $password, + 'title' => $signup->title, + 'meta' => $meta, + ); +} + +/** + * Deletes an associated signup entry when a user is deleted from the database. + * + * @since 5.5.0 + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $id ID of the user to delete. + * @param int|null $reassign ID of the user to reassign posts and links to. + * @param WP_User $user User object. + */ +function wp_delete_signup_on_user_delete( $id, $reassign, $user ) { + global $wpdb; + + $wpdb->delete( $wpdb->signups, array( 'user_login' => $user->user_login ) ); +} + +/** + * Creates a user. + * + * This function runs when a user self-registers as well as when + * a Super Admin creates a new user. Hook to {@see 'wpmu_new_user'} for events + * that should affect all new users, but only on Multisite (otherwise + * use {@see 'user_register'}). + * + * @since MU (3.0.0) + * + * @param string $user_name The new user's login name. + * @param string $password The new user's password. + * @param string $email The new user's email address. + * @return int|false Returns false on failure, or int $user_id on success. + */ +function wpmu_create_user( $user_name, $password, $email ) { + $user_name = preg_replace( '/\s+/', '', sanitize_user( $user_name, true ) ); + + $user_id = wp_create_user( $user_name, $password, $email ); + if ( is_wp_error( $user_id ) ) { + return false; + } + + // Newly created users have no roles or caps until they are added to a blog. + delete_user_option( $user_id, 'capabilities' ); + delete_user_option( $user_id, 'user_level' ); + + /** + * Fires immediately after a new user is created. + * + * @since MU (3.0.0) + * + * @param int $user_id User ID. + */ + do_action( 'wpmu_new_user', $user_id ); + + return $user_id; +} + +/** + * Creates a site. + * + * This function runs when a user self-registers a new site as well + * as when a Super Admin creates a new site. Hook to {@see 'wpmu_new_blog'} + * for events that should affect all new sites. + * + * On subdirectory installations, $domain is the same as the main site's + * domain, and the path is the subdirectory name (eg 'example.com' + * and '/blog1/'). On subdomain installations, $domain is the new subdomain + + * root domain (eg 'blog1.example.com'), and $path is '/'. + * + * @since MU (3.0.0) + * + * @param string $domain The new site's domain. + * @param string $path The new site's path. + * @param string $title The new site's title. + * @param int $user_id The user ID of the new site's admin. + * @param array $options Optional. Array of key=>value pairs used to set initial site options. + * If valid status keys are included ('public', 'archived', 'mature', + * 'spam', 'deleted', or 'lang_id') the given site status(es) will be + * updated. Otherwise, keys and values will be used to set options for + * the new site. Default empty array. + * @param int $network_id Optional. Network ID. Only relevant on multi-network installations. + * Default 1. + * @return int|WP_Error Returns WP_Error object on failure, the new site ID on success. + */ +function wpmu_create_blog( $domain, $path, $title, $user_id, $options = array(), $network_id = 1 ) { + $defaults = array( + 'public' => 0, + ); + $options = wp_parse_args( $options, $defaults ); + + $title = strip_tags( $title ); + $user_id = (int) $user_id; + + // Check if the domain has been used already. We should return an error message. + if ( domain_exists( $domain, $path, $network_id ) ) { + return new WP_Error( 'blog_taken', __( 'Sorry, that site already exists!' ) ); + } + + if ( ! wp_installing() ) { + wp_installing( true ); + } + + $allowed_data_fields = array( 'public', 'archived', 'mature', 'spam', 'deleted', 'lang_id' ); + + $site_data = array_merge( + array( + 'domain' => $domain, + 'path' => $path, + 'network_id' => $network_id, + ), + array_intersect_key( $options, array_flip( $allowed_data_fields ) ) + ); + + // Data to pass to wp_initialize_site(). + $site_initialization_data = array( + 'title' => $title, + 'user_id' => $user_id, + 'options' => array_diff_key( $options, array_flip( $allowed_data_fields ) ), + ); + + $blog_id = wp_insert_site( array_merge( $site_data, $site_initialization_data ) ); + + if ( is_wp_error( $blog_id ) ) { + return $blog_id; + } + + wp_cache_set_sites_last_changed(); + + return $blog_id; +} + +/** + * Notifies the network admin that a new site has been activated. + * + * Filter {@see 'newblog_notify_siteadmin'} to change the content of + * the notification email. + * + * @since MU (3.0.0) + * @since 5.1.0 $blog_id now supports input from the {@see 'wp_initialize_site'} action. + * + * @param WP_Site|int $blog_id The new site's object or ID. + * @param string $deprecated Not used. + * @return bool + */ +function newblog_notify_siteadmin( $blog_id, $deprecated = '' ) { + if ( is_object( $blog_id ) ) { + $blog_id = $blog_id->blog_id; + } + + if ( 'yes' !== get_site_option( 'registrationnotification' ) ) { + return false; + } + + $email = get_site_option( 'admin_email' ); + + if ( is_email( $email ) == false ) { + return false; + } + + $options_site_url = esc_url( network_admin_url( 'settings.php' ) ); + + switch_to_blog( $blog_id ); + $blogname = get_option( 'blogname' ); + $siteurl = site_url(); + restore_current_blog(); + + $msg = sprintf( + /* translators: New site notification email. 1: Site URL, 2: User IP address, 3: URL to Network Settings screen. */ + __( + 'New Site: %1$s +URL: %2$s +Remote IP address: %3$s + +Disable these notifications: %4$s' + ), + $blogname, + $siteurl, + wp_unslash( $_SERVER['REMOTE_ADDR'] ), + $options_site_url + ); + /** + * Filters the message body of the new site activation email sent + * to the network administrator. + * + * @since MU (3.0.0) + * @since 5.4.0 The `$blog_id` parameter was added. + * + * @param string $msg Email body. + * @param int|string $blog_id The new site's ID as an integer or numeric string. + */ + $msg = apply_filters( 'newblog_notify_siteadmin', $msg, $blog_id ); + + /* translators: New site notification email subject. %s: New site URL. */ + wp_mail( $email, sprintf( __( 'New Site Registration: %s' ), $siteurl ), $msg ); + + return true; +} + +/** + * Notifies the network admin that a new user has been activated. + * + * Filter {@see 'newuser_notify_siteadmin'} to change the content of + * the notification email. + * + * @since MU (3.0.0) + * + * @param int $user_id The new user's ID. + * @return bool + */ +function newuser_notify_siteadmin( $user_id ) { + if ( 'yes' !== get_site_option( 'registrationnotification' ) ) { + return false; + } + + $email = get_site_option( 'admin_email' ); + + if ( is_email( $email ) == false ) { + return false; + } + + $user = get_userdata( $user_id ); + + $options_site_url = esc_url( network_admin_url( 'settings.php' ) ); + + $msg = sprintf( + /* translators: New user notification email. 1: User login, 2: User IP address, 3: URL to Network Settings screen. */ + __( + 'New User: %1$s +Remote IP address: %2$s + +Disable these notifications: %3$s' + ), + $user->user_login, + wp_unslash( $_SERVER['REMOTE_ADDR'] ), + $options_site_url + ); + + /** + * Filters the message body of the new user activation email sent + * to the network administrator. + * + * @since MU (3.0.0) + * + * @param string $msg Email body. + * @param WP_User $user WP_User instance of the new user. + */ + $msg = apply_filters( 'newuser_notify_siteadmin', $msg, $user ); + + /* translators: New user notification email subject. %s: User login. */ + wp_mail( $email, sprintf( __( 'New User Registration: %s' ), $user->user_login ), $msg ); + + return true; +} + +/** + * Checks whether a site name is already taken. + * + * The name is the site's subdomain or the site's subdirectory + * path depending on the network settings. + * + * Used during the new site registration process to ensure + * that each site name is unique. + * + * @since MU (3.0.0) + * + * @param string $domain The domain to be checked. + * @param string $path The path to be checked. + * @param int $network_id Optional. Network ID. Only relevant on multi-network installations. + * Default 1. + * @return int|null The site ID if the site name exists, null otherwise. + */ +function domain_exists( $domain, $path, $network_id = 1 ) { + $path = trailingslashit( $path ); + $args = array( + 'network_id' => $network_id, + 'domain' => $domain, + 'path' => $path, + 'fields' => 'ids', + 'number' => 1, + 'update_site_meta_cache' => false, + ); + $result = get_sites( $args ); + $result = array_shift( $result ); + + /** + * Filters whether a site name is taken. + * + * The name is the site's subdomain or the site's subdirectory + * path depending on the network settings. + * + * @since 3.5.0 + * + * @param int|null $result The site ID if the site name exists, null otherwise. + * @param string $domain Domain to be checked. + * @param string $path Path to be checked. + * @param int $network_id Network ID. Only relevant on multi-network installations. + */ + return apply_filters( 'domain_exists', $result, $domain, $path, $network_id ); +} + +/** + * Notifies the site administrator that their site activation was successful. + * + * Filter {@see 'wpmu_welcome_notification'} to disable or bypass. + * + * Filter {@see 'update_welcome_email'} and {@see 'update_welcome_subject'} to + * modify the content and subject line of the notification email. + * + * @since MU (3.0.0) + * + * @param int $blog_id Site ID. + * @param int $user_id User ID. + * @param string $password User password, or "N/A" if the user account is not new. + * @param string $title Site title. + * @param array $meta Optional. Signup meta data. By default, contains the requested privacy setting and lang_id. + * @return bool Whether the email notification was sent. + */ +function wpmu_welcome_notification( $blog_id, $user_id, $password, $title, $meta = array() ) { + $current_network = get_network(); + + /** + * Filters whether to bypass the welcome email sent to the site administrator after site activation. + * + * Returning false disables the welcome email. + * + * @since MU (3.0.0) + * + * @param int|false $blog_id Site ID, or false to prevent the email from sending. + * @param int $user_id User ID of the site administrator. + * @param string $password User password, or "N/A" if the user account is not new. + * @param string $title Site title. + * @param array $meta Signup meta data. By default, contains the requested privacy setting and lang_id. + */ + if ( ! apply_filters( 'wpmu_welcome_notification', $blog_id, $user_id, $password, $title, $meta ) ) { + return false; + } + + $user = get_userdata( $user_id ); + + $switched_locale = switch_to_user_locale( $user_id ); + + $welcome_email = get_site_option( 'welcome_email' ); + if ( false == $welcome_email ) { + /* translators: Do not translate USERNAME, SITE_NAME, BLOG_URL, PASSWORD: those are placeholders. */ + $welcome_email = __( + 'Howdy USERNAME, + +Your new SITE_NAME site has been successfully set up at: +BLOG_URL + +You can log in to the administrator account with the following information: + +Username: USERNAME +Password: PASSWORD +Log in here: BLOG_URLwp-login.php + +We hope you enjoy your new site. Thanks! + +--The Team @ SITE_NAME' + ); + } + + $url = get_blogaddress_by_id( $blog_id ); + + $welcome_email = str_replace( 'SITE_NAME', $current_network->site_name, $welcome_email ); + $welcome_email = str_replace( 'BLOG_TITLE', $title, $welcome_email ); + $welcome_email = str_replace( 'BLOG_URL', $url, $welcome_email ); + $welcome_email = str_replace( 'USERNAME', $user->user_login, $welcome_email ); + $welcome_email = str_replace( 'PASSWORD', $password, $welcome_email ); + + /** + * Filters the content of the welcome email sent to the site administrator after site activation. + * + * Content should be formatted for transmission via wp_mail(). + * + * @since MU (3.0.0) + * + * @param string $welcome_email Message body of the email. + * @param int $blog_id Site ID. + * @param int $user_id User ID of the site administrator. + * @param string $password User password, or "N/A" if the user account is not new. + * @param string $title Site title. + * @param array $meta Signup meta data. By default, contains the requested privacy setting and lang_id. + */ + $welcome_email = apply_filters( 'update_welcome_email', $welcome_email, $blog_id, $user_id, $password, $title, $meta ); + + $admin_email = get_site_option( 'admin_email' ); + + if ( '' === $admin_email ) { + $admin_email = 'support@' . wp_parse_url( network_home_url(), PHP_URL_HOST ); + } + + $from_name = ( '' !== get_site_option( 'site_name' ) ) ? esc_html( get_site_option( 'site_name' ) ) : 'WordPress'; + $message_headers = "From: \"{$from_name}\" <{$admin_email}>\n" . 'Content-Type: text/plain; charset="' . get_option( 'blog_charset' ) . "\"\n"; + $message = $welcome_email; + + if ( empty( $current_network->site_name ) ) { + $current_network->site_name = 'WordPress'; + } + + /* translators: New site notification email subject. 1: Network title, 2: New site title. */ + $subject = __( 'New %1$s Site: %2$s' ); + + /** + * Filters the subject of the welcome email sent to the site administrator after site activation. + * + * @since MU (3.0.0) + * + * @param string $subject Subject of the email. + */ + $subject = apply_filters( 'update_welcome_subject', sprintf( $subject, $current_network->site_name, wp_unslash( $title ) ) ); + + wp_mail( $user->user_email, wp_specialchars_decode( $subject ), $message, $message_headers ); + + if ( $switched_locale ) { + restore_previous_locale(); + } + + return true; +} + +/** + * Notifies the Multisite network administrator that a new site was created. + * + * Filter {@see 'send_new_site_email'} to disable or bypass. + * + * Filter {@see 'new_site_email'} to filter the contents. + * + * @since 5.6.0 + * + * @param int $site_id Site ID of the new site. + * @param int $user_id User ID of the administrator of the new site. + * @return bool Whether the email notification was sent. + */ +function wpmu_new_site_admin_notification( $site_id, $user_id ) { + $site = get_site( $site_id ); + $user = get_userdata( $user_id ); + $email = get_site_option( 'admin_email' ); + + if ( ! $site || ! $user || ! $email ) { + return false; + } + + /** + * Filters whether to send an email to the Multisite network administrator when a new site is created. + * + * Return false to disable sending the email. + * + * @since 5.6.0 + * + * @param bool $send Whether to send the email. + * @param WP_Site $site Site object of the new site. + * @param WP_User $user User object of the administrator of the new site. + */ + if ( ! apply_filters( 'send_new_site_email', true, $site, $user ) ) { + return false; + } + + $switched_locale = false; + $network_admin = get_user_by( 'email', $email ); + + if ( $network_admin ) { + // If the network admin email address corresponds to a user, switch to their locale. + $switched_locale = switch_to_user_locale( $network_admin->ID ); + } else { + // Otherwise switch to the locale of the current site. + $switched_locale = switch_to_locale( get_locale() ); + } + + $subject = sprintf( + /* translators: New site notification email subject. %s: Network title. */ + __( '[%s] New Site Created' ), + get_network()->site_name + ); + + $message = sprintf( + /* translators: New site notification email. 1: User login, 2: Site URL, 3: Site title. */ + __( + 'New site created by %1$s + +Address: %2$s +Name: %3$s' + ), + $user->user_login, + get_site_url( $site->id ), + get_blog_option( $site->id, 'blogname' ) + ); + + $header = sprintf( + 'From: "%1$s" <%2$s>', + _x( 'Site Admin', 'email "From" field' ), + $email + ); + + $new_site_email = array( + 'to' => $email, + 'subject' => $subject, + 'message' => $message, + 'headers' => $header, + ); + + /** + * Filters the content of the email sent to the Multisite network administrator when a new site is created. + * + * Content should be formatted for transmission via wp_mail(). + * + * @since 5.6.0 + * + * @param array $new_site_email { + * Used to build wp_mail(). + * + * @type string $to The email address of the recipient. + * @type string $subject The subject of the email. + * @type string $message The content of the email. + * @type string $headers Headers. + * } + * @param WP_Site $site Site object of the new site. + * @param WP_User $user User object of the administrator of the new site. + */ + $new_site_email = apply_filters( 'new_site_email', $new_site_email, $site, $user ); + + wp_mail( + $new_site_email['to'], + wp_specialchars_decode( $new_site_email['subject'] ), + $new_site_email['message'], + $new_site_email['headers'] + ); + + if ( $switched_locale ) { + restore_previous_locale(); + } + + return true; +} + +/** + * Notifies a user that their account activation has been successful. + * + * Filter {@see 'wpmu_welcome_user_notification'} to disable or bypass. + * + * Filter {@see 'update_welcome_user_email'} and {@see 'update_welcome_user_subject'} to + * modify the content and subject line of the notification email. + * + * @since MU (3.0.0) + * + * @param int $user_id User ID. + * @param string $password User password. + * @param array $meta Optional. Signup meta data. Default empty array. + * @return bool + */ +function wpmu_welcome_user_notification( $user_id, $password, $meta = array() ) { + $current_network = get_network(); + + /** + * Filters whether to bypass the welcome email after user activation. + * + * Returning false disables the welcome email. + * + * @since MU (3.0.0) + * + * @param int $user_id User ID. + * @param string $password User password. + * @param array $meta Signup meta data. Default empty array. + */ + if ( ! apply_filters( 'wpmu_welcome_user_notification', $user_id, $password, $meta ) ) { + return false; + } + + $welcome_email = get_site_option( 'welcome_user_email' ); + + $user = get_userdata( $user_id ); + + $switched_locale = switch_to_user_locale( $user_id ); + + /** + * Filters the content of the welcome email after user activation. + * + * Content should be formatted for transmission via wp_mail(). + * + * @since MU (3.0.0) + * + * @param string $welcome_email The message body of the account activation success email. + * @param int $user_id User ID. + * @param string $password User password. + * @param array $meta Signup meta data. Default empty array. + */ + $welcome_email = apply_filters( 'update_welcome_user_email', $welcome_email, $user_id, $password, $meta ); + $welcome_email = str_replace( 'SITE_NAME', $current_network->site_name, $welcome_email ); + $welcome_email = str_replace( 'USERNAME', $user->user_login, $welcome_email ); + $welcome_email = str_replace( 'PASSWORD', $password, $welcome_email ); + $welcome_email = str_replace( 'LOGINLINK', wp_login_url(), $welcome_email ); + + $admin_email = get_site_option( 'admin_email' ); + + if ( '' === $admin_email ) { + $admin_email = 'support@' . wp_parse_url( network_home_url(), PHP_URL_HOST ); + } + + $from_name = ( '' !== get_site_option( 'site_name' ) ) ? esc_html( get_site_option( 'site_name' ) ) : 'WordPress'; + $message_headers = "From: \"{$from_name}\" <{$admin_email}>\n" . 'Content-Type: text/plain; charset="' . get_option( 'blog_charset' ) . "\"\n"; + $message = $welcome_email; + + if ( empty( $current_network->site_name ) ) { + $current_network->site_name = 'WordPress'; + } + + /* translators: New user notification email subject. 1: Network title, 2: New user login. */ + $subject = __( 'New %1$s User: %2$s' ); + + /** + * Filters the subject of the welcome email after user activation. + * + * @since MU (3.0.0) + * + * @param string $subject Subject of the email. + */ + $subject = apply_filters( 'update_welcome_user_subject', sprintf( $subject, $current_network->site_name, $user->user_login ) ); + + wp_mail( $user->user_email, wp_specialchars_decode( $subject ), $message, $message_headers ); + + if ( $switched_locale ) { + restore_previous_locale(); + } + + return true; +} + +/** + * Gets the current network. + * + * Returns an object containing the 'id', 'domain', 'path', and 'site_name' + * properties of the network being viewed. + * + * @see wpmu_current_site() + * + * @since MU (3.0.0) + * + * @global WP_Network $current_site The current network. + * + * @return WP_Network The current network. + */ +function get_current_site() { + global $current_site; + return $current_site; +} + +/** + * Gets a user's most recent post. + * + * Walks through each of a user's blogs to find the post with + * the most recent post_date_gmt. + * + * @since MU (3.0.0) + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $user_id User ID. + * @return array Contains the blog_id, post_id, post_date_gmt, and post_gmt_ts. + */ +function get_most_recent_post_of_user( $user_id ) { + global $wpdb; + + $user_blogs = get_blogs_of_user( (int) $user_id ); + $most_recent_post = array(); + + /* + * Walk through each blog and get the most recent post + * published by $user_id. + */ + foreach ( (array) $user_blogs as $blog ) { + $prefix = $wpdb->get_blog_prefix( $blog->userblog_id ); + $recent_post = $wpdb->get_row( $wpdb->prepare( "SELECT ID, post_date_gmt FROM {$prefix}posts WHERE post_author = %d AND post_type = 'post' AND post_status = 'publish' ORDER BY post_date_gmt DESC LIMIT 1", $user_id ), ARRAY_A ); + + // Make sure we found a post. + if ( isset( $recent_post['ID'] ) ) { + $post_gmt_ts = strtotime( $recent_post['post_date_gmt'] ); + + /* + * If this is the first post checked + * or if this post is newer than the current recent post, + * make it the new most recent post. + */ + if ( ! isset( $most_recent_post['post_gmt_ts'] ) || ( $post_gmt_ts > $most_recent_post['post_gmt_ts'] ) ) { + $most_recent_post = array( + 'blog_id' => $blog->userblog_id, + 'post_id' => $recent_post['ID'], + 'post_date_gmt' => $recent_post['post_date_gmt'], + 'post_gmt_ts' => $post_gmt_ts, + ); + } + } + } + + return $most_recent_post; +} + +// +// Misc functions. +// + +/** + * Checks an array of MIME types against a list of allowed types. + * + * WordPress ships with a set of allowed upload filetypes, + * which is defined in wp-includes/functions.php in + * get_allowed_mime_types(). This function is used to filter + * that list against the filetypes allowed provided by Multisite + * Super Admins at wp-admin/network/settings.php. + * + * @since MU (3.0.0) + * + * @param array $mimes + * @return array + */ +function check_upload_mimes( $mimes ) { + $site_exts = explode( ' ', get_site_option( 'upload_filetypes', 'jpg jpeg png gif' ) ); + $site_mimes = array(); + foreach ( $site_exts as $ext ) { + foreach ( $mimes as $ext_pattern => $mime ) { + if ( '' !== $ext && str_contains( $ext_pattern, $ext ) ) { + $site_mimes[ $ext_pattern ] = $mime; + } + } + } + return $site_mimes; +} + +/** + * Updates a blog's post count. + * + * WordPress MS stores a blog's post count as an option so as + * to avoid extraneous COUNTs when a blog's details are fetched + * with get_site(). This function is called when posts are published + * or unpublished to make sure the count stays current. + * + * @since MU (3.0.0) + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param string $deprecated Not used. + */ +function update_posts_count( $deprecated = '' ) { + global $wpdb; + update_option( 'post_count', (int) $wpdb->get_var( "SELECT COUNT(ID) FROM {$wpdb->posts} WHERE post_status = 'publish' and post_type = 'post'" ) ); +} + +/** + * Logs the user email, IP, and registration date of a new site. + * + * @since MU (3.0.0) + * @since 5.1.0 Parameters now support input from the {@see 'wp_initialize_site'} action. + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param WP_Site|int $blog_id The new site's object or ID. + * @param int|array $user_id User ID, or array of arguments including 'user_id'. + */ +function wpmu_log_new_registrations( $blog_id, $user_id ) { + global $wpdb; + + if ( is_object( $blog_id ) ) { + $blog_id = $blog_id->blog_id; + } + + if ( is_array( $user_id ) ) { + $user_id = ! empty( $user_id['user_id'] ) ? $user_id['user_id'] : 0; + } + + $user = get_userdata( (int) $user_id ); + if ( $user ) { + $wpdb->insert( + $wpdb->registration_log, + array( + 'email' => $user->user_email, + 'IP' => preg_replace( '/[^0-9., ]/', '', wp_unslash( $_SERVER['REMOTE_ADDR'] ) ), + 'blog_id' => $blog_id, + 'date_registered' => current_time( 'mysql' ), + ) + ); + } +} + +/** + * Ensures that the current site's domain is listed in the allowed redirect host list. + * + * @see wp_validate_redirect() + * @since MU (3.0.0) + * + * @param array|string $deprecated Not used. + * @return string[] { + * An array containing the current site's domain. + * + * @type string $0 The current site's domain. + * } + */ +function redirect_this_site( $deprecated = '' ) { + return array( get_network()->domain ); +} + +/** + * Checks whether an upload is too big. + * + * @since MU (3.0.0) + * + * @blessed + * + * @param array $upload An array of information about the newly-uploaded file. + * @return string|array If the upload is under the size limit, $upload is returned. Otherwise returns an error message. + */ +function upload_is_file_too_big( $upload ) { + if ( ! is_array( $upload ) || defined( 'WP_IMPORTING' ) || get_site_option( 'upload_space_check_disabled' ) ) { + return $upload; + } + + if ( strlen( $upload['bits'] ) > ( KB_IN_BYTES * get_site_option( 'fileupload_maxk', 1500 ) ) ) { + /* translators: %s: Maximum allowed file size in kilobytes. */ + return sprintf( __( 'This file is too big. Files must be less than %s KB in size.' ) . '<br />', get_site_option( 'fileupload_maxk', 1500 ) ); + } + + return $upload; +} + +/** + * Adds a nonce field to the signup page. + * + * @since MU (3.0.0) + */ +function signup_nonce_fields() { + $id = mt_rand(); + echo "<input type='hidden' name='signup_form_id' value='{$id}' />"; + wp_nonce_field( 'signup_form_' . $id, '_signup_form', false ); +} + +/** + * Processes the signup nonce created in signup_nonce_fields(). + * + * @since MU (3.0.0) + * + * @param array $result + * @return array + */ +function signup_nonce_check( $result ) { + if ( ! strpos( $_SERVER['PHP_SELF'], 'wp-signup.php' ) ) { + return $result; + } + + if ( ! wp_verify_nonce( $_POST['_signup_form'], 'signup_form_' . $_POST['signup_form_id'] ) ) { + $result['errors']->add( 'invalid_nonce', __( 'Unable to submit this form, please try again.' ) ); + } + + return $result; +} + +/** + * Corrects 404 redirects when NOBLOGREDIRECT is defined. + * + * @since MU (3.0.0) + */ +function maybe_redirect_404() { + if ( is_main_site() && is_404() && defined( 'NOBLOGREDIRECT' ) ) { + /** + * Filters the redirect URL for 404s on the main site. + * + * The filter is only evaluated if the NOBLOGREDIRECT constant is defined. + * + * @since 3.0.0 + * + * @param string $no_blog_redirect The redirect URL defined in NOBLOGREDIRECT. + */ + $destination = apply_filters( 'blog_redirect_404', NOBLOGREDIRECT ); + + if ( $destination ) { + if ( '%siteurl%' === $destination ) { + $destination = network_home_url(); + } + + wp_redirect( $destination ); + exit; + } + } +} + +/** + * Adds a new user to a blog by visiting /newbloguser/{key}/. + * + * This will only work when the user's details are saved as an option + * keyed as 'new_user_{key}', where '{key}' is a hash generated for the user to be + * added, as when a user is invited through the regular WP Add User interface. + * + * @since MU (3.0.0) + */ +function maybe_add_existing_user_to_blog() { + if ( ! str_contains( $_SERVER['REQUEST_URI'], '/newbloguser/' ) ) { + return; + } + + $parts = explode( '/', $_SERVER['REQUEST_URI'] ); + $key = array_pop( $parts ); + + if ( '' === $key ) { + $key = array_pop( $parts ); + } + + $details = get_option( 'new_user_' . $key ); + if ( ! empty( $details ) ) { + delete_option( 'new_user_' . $key ); + } + + if ( empty( $details ) || is_wp_error( add_existing_user_to_blog( $details ) ) ) { + wp_die( + sprintf( + /* translators: %s: Home URL. */ + __( 'An error occurred adding you to this site. Go to the <a href="%s">homepage</a>.' ), + home_url() + ) + ); + } + + wp_die( + sprintf( + /* translators: 1: Home URL, 2: Admin URL. */ + __( 'You have been added to this site. Please visit the <a href="%1$s">homepage</a> or <a href="%2$s">log in</a> using your username and password.' ), + home_url(), + admin_url() + ), + __( 'WordPress › Success' ), + array( 'response' => 200 ) + ); +} + +/** + * Adds a user to a blog based on details from maybe_add_existing_user_to_blog(). + * + * @since MU (3.0.0) + * + * @param array|false $details { + * User details. Must at least contain values for the keys listed below. + * + * @type int $user_id The ID of the user being added to the current blog. + * @type string $role The role to be assigned to the user. + * } + * @return true|WP_Error|void True on success or a WP_Error object if the user doesn't exist + * or could not be added. Void if $details array was not provided. + */ +function add_existing_user_to_blog( $details = false ) { + if ( is_array( $details ) ) { + $blog_id = get_current_blog_id(); + $result = add_user_to_blog( $blog_id, $details['user_id'], $details['role'] ); + + /** + * Fires immediately after an existing user is added to a site. + * + * @since MU (3.0.0) + * + * @param int $user_id User ID. + * @param true|WP_Error $result True on success or a WP_Error object if the user doesn't exist + * or could not be added. + */ + do_action( 'added_existing_user', $details['user_id'], $result ); + + return $result; + } +} + +/** + * Adds a newly created user to the appropriate blog + * + * To add a user in general, use add_user_to_blog(). This function + * is specifically hooked into the {@see 'wpmu_activate_user'} action. + * + * @since MU (3.0.0) + * + * @see add_user_to_blog() + * + * @param int $user_id User ID. + * @param string $password User password. Ignored. + * @param array $meta Signup meta data. + */ +function add_new_user_to_blog( $user_id, $password, $meta ) { + if ( ! empty( $meta['add_to_blog'] ) ) { + $blog_id = $meta['add_to_blog']; + $role = $meta['new_role']; + remove_user_from_blog( $user_id, get_network()->site_id ); // Remove user from main blog. + + $result = add_user_to_blog( $blog_id, $user_id, $role ); + + if ( ! is_wp_error( $result ) ) { + update_user_meta( $user_id, 'primary_blog', $blog_id ); + } + } +} + +/** + * Corrects From host on outgoing mail to match the site domain. + * + * @since MU (3.0.0) + * + * @param PHPMailer $phpmailer The PHPMailer instance (passed by reference). + */ +function fix_phpmailer_messageid( $phpmailer ) { + $phpmailer->Hostname = get_network()->domain; +} + +/** + * Determines whether a user is marked as a spammer, based on user login. + * + * @since MU (3.0.0) + * + * @param string|WP_User $user Optional. Defaults to current user. WP_User object, + * or user login name as a string. + * @return bool + */ +function is_user_spammy( $user = null ) { + if ( ! ( $user instanceof WP_User ) ) { + if ( $user ) { + $user = get_user_by( 'login', $user ); + } else { + $user = wp_get_current_user(); + } + } + + return $user && isset( $user->spam ) && 1 == $user->spam; +} + +/** + * Updates this blog's 'public' setting in the global blogs table. + * + * Public blogs have a setting of 1, private blogs are 0. + * + * @since MU (3.0.0) + * + * @param int $old_value The old public value. + * @param int $value The new public value. + */ +function update_blog_public( $old_value, $value ) { + update_blog_status( get_current_blog_id(), 'public', (int) $value ); +} + +/** + * Determines whether users can self-register, based on Network settings. + * + * @since MU (3.0.0) + * + * @return bool + */ +function users_can_register_signup_filter() { + $registration = get_site_option( 'registration' ); + return ( 'all' === $registration || 'user' === $registration ); +} + +/** + * Ensures that the welcome message is not empty. Currently unused. + * + * @since MU (3.0.0) + * + * @param string $text + * @return string + */ +function welcome_user_msg_filter( $text ) { + if ( ! $text ) { + remove_filter( 'site_option_welcome_user_email', 'welcome_user_msg_filter' ); + + /* translators: Do not translate USERNAME, PASSWORD, LOGINLINK, SITE_NAME: those are placeholders. */ + $text = __( + 'Howdy USERNAME, + +Your new account is set up. + +You can log in with the following information: +Username: USERNAME +Password: PASSWORD +LOGINLINK + +Thanks! + +--The Team @ SITE_NAME' + ); + update_site_option( 'welcome_user_email', $text ); + } + return $text; +} + +/** + * Determines whether to force SSL on content. + * + * @since 2.8.5 + * + * @param bool $force + * @return bool True if forced, false if not forced. + */ +function force_ssl_content( $force = '' ) { + static $forced_content = false; + + if ( ! $force ) { + $old_forced = $forced_content; + $forced_content = $force; + return $old_forced; + } + + return $forced_content; +} + +/** + * Formats a URL to use https. + * + * Useful as a filter. + * + * @since 2.8.5 + * + * @param string $url URL. + * @return string URL with https as the scheme. + */ +function filter_SSL( $url ) { // phpcs:ignore WordPress.NamingConventions.ValidFunctionName.FunctionNameInvalid + if ( ! is_string( $url ) ) { + return get_bloginfo( 'url' ); // Return home site URL with proper scheme. + } + + if ( force_ssl_content() && is_ssl() ) { + $url = set_url_scheme( $url, 'https' ); + } + + return $url; +} + +/** + * Schedules update of the network-wide counts for the current network. + * + * @since 3.1.0 + */ +function wp_schedule_update_network_counts() { + if ( ! is_main_site() ) { + return; + } + + if ( ! wp_next_scheduled( 'update_network_counts' ) && ! wp_installing() ) { + wp_schedule_event( time(), 'twicedaily', 'update_network_counts' ); + } +} + +/** + * Updates the network-wide counts for the current network. + * + * @since 3.1.0 + * @since 4.8.0 The `$network_id` parameter has been added. + * + * @param int|null $network_id ID of the network. Default is the current network. + */ +function wp_update_network_counts( $network_id = null ) { + wp_update_network_user_counts( $network_id ); + wp_update_network_site_counts( $network_id ); +} + +/** + * Updates the count of sites for the current network. + * + * If enabled through the {@see 'enable_live_network_counts'} filter, update the sites count + * on a network when a site is created or its status is updated. + * + * @since 3.7.0 + * @since 4.8.0 The `$network_id` parameter has been added. + * + * @param int|null $network_id ID of the network. Default is the current network. + */ +function wp_maybe_update_network_site_counts( $network_id = null ) { + $is_small_network = ! wp_is_large_network( 'sites', $network_id ); + + /** + * Filters whether to update network site or user counts when a new site is created. + * + * @since 3.7.0 + * + * @see wp_is_large_network() + * + * @param bool $small_network Whether the network is considered small. + * @param string $context Context. Either 'users' or 'sites'. + */ + if ( ! apply_filters( 'enable_live_network_counts', $is_small_network, 'sites' ) ) { + return; + } + + wp_update_network_site_counts( $network_id ); +} + +/** + * Updates the network-wide users count. + * + * If enabled through the {@see 'enable_live_network_counts'} filter, update the users count + * on a network when a user is created or its status is updated. + * + * @since 3.7.0 + * @since 4.8.0 The `$network_id` parameter has been added. + * + * @param int|null $network_id ID of the network. Default is the current network. + */ +function wp_maybe_update_network_user_counts( $network_id = null ) { + $is_small_network = ! wp_is_large_network( 'users', $network_id ); + + /** This filter is documented in wp-includes/ms-functions.php */ + if ( ! apply_filters( 'enable_live_network_counts', $is_small_network, 'users' ) ) { + return; + } + + wp_update_network_user_counts( $network_id ); +} + +/** + * Updates the network-wide site count. + * + * @since 3.7.0 + * @since 4.8.0 The `$network_id` parameter has been added. + * + * @param int|null $network_id ID of the network. Default is the current network. + */ +function wp_update_network_site_counts( $network_id = null ) { + $network_id = (int) $network_id; + if ( ! $network_id ) { + $network_id = get_current_network_id(); + } + + $count = get_sites( + array( + 'network_id' => $network_id, + 'spam' => 0, + 'deleted' => 0, + 'archived' => 0, + 'count' => true, + 'update_site_meta_cache' => false, + ) + ); + + update_network_option( $network_id, 'blog_count', $count ); +} + +/** + * Updates the network-wide user count. + * + * @since 3.7.0 + * @since 4.8.0 The `$network_id` parameter has been added. + * @since 6.0.0 This function is now a wrapper for wp_update_user_counts(). + * + * @param int|null $network_id ID of the network. Default is the current network. + */ +function wp_update_network_user_counts( $network_id = null ) { + wp_update_user_counts( $network_id ); +} + +/** + * Returns the space used by the current site. + * + * @since 3.5.0 + * + * @return int Used space in megabytes. + */ +function get_space_used() { + /** + * Filters the amount of storage space used by the current site, in megabytes. + * + * @since 3.5.0 + * + * @param int|false $space_used The amount of used space, in megabytes. Default false. + */ + $space_used = apply_filters( 'pre_get_space_used', false ); + + if ( false === $space_used ) { + $upload_dir = wp_upload_dir(); + $space_used = get_dirsize( $upload_dir['basedir'] ) / MB_IN_BYTES; + } + + return $space_used; +} + +/** + * Returns the upload quota for the current blog. + * + * @since MU (3.0.0) + * + * @return int Quota in megabytes. + */ +function get_space_allowed() { + $space_allowed = get_option( 'blog_upload_space' ); + + if ( ! is_numeric( $space_allowed ) ) { + $space_allowed = get_site_option( 'blog_upload_space' ); + } + + if ( ! is_numeric( $space_allowed ) ) { + $space_allowed = 100; + } + + /** + * Filters the upload quota for the current site. + * + * @since 3.7.0 + * + * @param int $space_allowed Upload quota in megabytes for the current blog. + */ + return apply_filters( 'get_space_allowed', $space_allowed ); +} + +/** + * Determines if there is any upload space left in the current blog's quota. + * + * @since 3.0.0 + * + * @return int of upload space available in bytes. + */ +function get_upload_space_available() { + $allowed = get_space_allowed(); + if ( $allowed < 0 ) { + $allowed = 0; + } + $space_allowed = $allowed * MB_IN_BYTES; + if ( get_site_option( 'upload_space_check_disabled' ) ) { + return $space_allowed; + } + + $space_used = get_space_used() * MB_IN_BYTES; + + if ( ( $space_allowed - $space_used ) <= 0 ) { + return 0; + } + + return $space_allowed - $space_used; +} + +/** + * Determines if there is any upload space left in the current blog's quota. + * + * @since 3.0.0 + * @return bool True if space is available, false otherwise. + */ +function is_upload_space_available() { + if ( get_site_option( 'upload_space_check_disabled' ) ) { + return true; + } + + return (bool) get_upload_space_available(); +} + +/** + * Filters the maximum upload file size allowed, in bytes. + * + * @since 3.0.0 + * + * @param int $size Upload size limit in bytes. + * @return int Upload size limit in bytes. + */ +function upload_size_limit_filter( $size ) { + $fileupload_maxk = (int) get_site_option( 'fileupload_maxk', 1500 ); + $max_fileupload_in_bytes = KB_IN_BYTES * $fileupload_maxk; + + if ( get_site_option( 'upload_space_check_disabled' ) ) { + return min( $size, $max_fileupload_in_bytes ); + } + + return min( $size, $max_fileupload_in_bytes, get_upload_space_available() ); +} + +/** + * Determines whether or not we have a large network. + * + * The default criteria for a large network is either more than 10,000 users or more than 10,000 sites. + * Plugins can alter this criteria using the {@see 'wp_is_large_network'} filter. + * + * @since 3.3.0 + * @since 4.8.0 The `$network_id` parameter has been added. + * + * @param string $using 'sites' or 'users'. Default is 'sites'. + * @param int|null $network_id ID of the network. Default is the current network. + * @return bool True if the network meets the criteria for large. False otherwise. + */ +function wp_is_large_network( $using = 'sites', $network_id = null ) { + $network_id = (int) $network_id; + if ( ! $network_id ) { + $network_id = get_current_network_id(); + } + + if ( 'users' === $using ) { + $count = get_user_count( $network_id ); + + $is_large_network = wp_is_large_user_count( $network_id ); + + /** + * Filters whether the network is considered large. + * + * @since 3.3.0 + * @since 4.8.0 The `$network_id` parameter has been added. + * + * @param bool $is_large_network Whether the network has more than 10000 users or sites. + * @param string $component The component to count. Accepts 'users', or 'sites'. + * @param int $count The count of items for the component. + * @param int $network_id The ID of the network being checked. + */ + return apply_filters( 'wp_is_large_network', $is_large_network, 'users', $count, $network_id ); + } + + $count = get_blog_count( $network_id ); + + /** This filter is documented in wp-includes/ms-functions.php */ + return apply_filters( 'wp_is_large_network', $count > 10000, 'sites', $count, $network_id ); +} + +/** + * Retrieves a list of reserved site on a sub-directory Multisite installation. + * + * @since 4.4.0 + * + * @return string[] Array of reserved names. + */ +function get_subdirectory_reserved_names() { + $names = array( + 'page', + 'comments', + 'blog', + 'files', + 'feed', + 'wp-admin', + 'wp-content', + 'wp-includes', + 'wp-json', + 'embed', + ); + + /** + * Filters reserved site names on a sub-directory Multisite installation. + * + * @since 3.0.0 + * @since 4.4.0 'wp-admin', 'wp-content', 'wp-includes', 'wp-json', and 'embed' were added + * to the reserved names list. + * + * @param string[] $subdirectory_reserved_names Array of reserved names. + */ + return apply_filters( 'subdirectory_reserved_names', $names ); +} + +/** + * Sends a confirmation request email when a change of network admin email address is attempted. + * + * The new network admin address will not become active until confirmed. + * + * @since 4.9.0 + * + * @param string $old_value The old network admin email address. + * @param string $value The proposed new network admin email address. + */ +function update_network_option_new_admin_email( $old_value, $value ) { + if ( get_site_option( 'admin_email' ) === $value || ! is_email( $value ) ) { + return; + } + + $hash = md5( $value . time() . mt_rand() ); + $new_admin_email = array( + 'hash' => $hash, + 'newemail' => $value, + ); + update_site_option( 'network_admin_hash', $new_admin_email ); + + $switched_locale = switch_to_user_locale( get_current_user_id() ); + + /* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */ + $email_text = __( + 'Howdy ###USERNAME###, + +You recently requested to have the network admin email address on +your network changed. + +If this is correct, please click on the following link to change it: +###ADMIN_URL### + +You can safely ignore and delete this email if you do not want to +take this action. + +This email has been sent to ###EMAIL### + +Regards, +All at ###SITENAME### +###SITEURL###' + ); + + /** + * Filters the text of the email sent when a change of network admin email address is attempted. + * + * The following strings have a special meaning and will get replaced dynamically: + * ###USERNAME### The current user's username. + * ###ADMIN_URL### The link to click on to confirm the email change. + * ###EMAIL### The proposed new network admin email address. + * ###SITENAME### The name of the network. + * ###SITEURL### The URL to the network. + * + * @since 4.9.0 + * + * @param string $email_text Text in the email. + * @param array $new_admin_email { + * Data relating to the new network admin email address. + * + * @type string $hash The secure hash used in the confirmation link URL. + * @type string $newemail The proposed new network admin email address. + * } + */ + $content = apply_filters( 'new_network_admin_email_content', $email_text, $new_admin_email ); + + $current_user = wp_get_current_user(); + $content = str_replace( '###USERNAME###', $current_user->user_login, $content ); + $content = str_replace( '###ADMIN_URL###', esc_url( network_admin_url( 'settings.php?network_admin_hash=' . $hash ) ), $content ); + $content = str_replace( '###EMAIL###', $value, $content ); + $content = str_replace( '###SITENAME###', wp_specialchars_decode( get_site_option( 'site_name' ), ENT_QUOTES ), $content ); + $content = str_replace( '###SITEURL###', network_home_url(), $content ); + + wp_mail( + $value, + sprintf( + /* translators: Email change notification email subject. %s: Network title. */ + __( '[%s] Network Admin Email Change Request' ), + wp_specialchars_decode( get_site_option( 'site_name' ), ENT_QUOTES ) + ), + $content + ); + + if ( $switched_locale ) { + restore_previous_locale(); + } +} + +/** + * Sends an email to the old network admin email address when the network admin email address changes. + * + * @since 4.9.0 + * + * @param string $option_name The relevant database option name. + * @param string $new_email The new network admin email address. + * @param string $old_email The old network admin email address. + * @param int $network_id ID of the network. + */ +function wp_network_admin_email_change_notification( $option_name, $new_email, $old_email, $network_id ) { + $send = true; + + // Don't send the notification to the default 'admin_email' value. + if ( 'you@example.com' === $old_email ) { + $send = false; + } + + /** + * Filters whether to send the network admin email change notification email. + * + * @since 4.9.0 + * + * @param bool $send Whether to send the email notification. + * @param string $old_email The old network admin email address. + * @param string $new_email The new network admin email address. + * @param int $network_id ID of the network. + */ + $send = apply_filters( 'send_network_admin_email_change_email', $send, $old_email, $new_email, $network_id ); + + if ( ! $send ) { + return; + } + + /* translators: Do not translate OLD_EMAIL, NEW_EMAIL, SITENAME, SITEURL: those are placeholders. */ + $email_change_text = __( + 'Hi, + +This notice confirms that the network admin email address was changed on ###SITENAME###. + +The new network admin email address is ###NEW_EMAIL###. + +This email has been sent to ###OLD_EMAIL### + +Regards, +All at ###SITENAME### +###SITEURL###' + ); + + $email_change_email = array( + 'to' => $old_email, + /* translators: Network admin email change notification email subject. %s: Network title. */ + 'subject' => __( '[%s] Network Admin Email Changed' ), + 'message' => $email_change_text, + 'headers' => '', + ); + // Get network name. + $network_name = wp_specialchars_decode( get_site_option( 'site_name' ), ENT_QUOTES ); + + /** + * Filters the contents of the email notification sent when the network admin email address is changed. + * + * @since 4.9.0 + * + * @param array $email_change_email { + * Used to build wp_mail(). + * + * @type string $to The intended recipient. + * @type string $subject The subject of the email. + * @type string $message The content of the email. + * The following strings have a special meaning and will get replaced dynamically: + * - ###OLD_EMAIL### The old network admin email address. + * - ###NEW_EMAIL### The new network admin email address. + * - ###SITENAME### The name of the network. + * - ###SITEURL### The URL to the site. + * @type string $headers Headers. + * } + * @param string $old_email The old network admin email address. + * @param string $new_email The new network admin email address. + * @param int $network_id ID of the network. + */ + $email_change_email = apply_filters( 'network_admin_email_change_email', $email_change_email, $old_email, $new_email, $network_id ); + + $email_change_email['message'] = str_replace( '###OLD_EMAIL###', $old_email, $email_change_email['message'] ); + $email_change_email['message'] = str_replace( '###NEW_EMAIL###', $new_email, $email_change_email['message'] ); + $email_change_email['message'] = str_replace( '###SITENAME###', $network_name, $email_change_email['message'] ); + $email_change_email['message'] = str_replace( '###SITEURL###', home_url(), $email_change_email['message'] ); + + wp_mail( + $email_change_email['to'], + sprintf( + $email_change_email['subject'], + $network_name + ), + $email_change_email['message'], + $email_change_email['headers'] + ); +} |