[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)

Search

title

Body

[close]

/wp-includes/ -> class-wp-user.php (source)

   1  <?php
   2  /**
   3   * User API: WP_User class
   4   *
   5   * @package WordPress
   6   * @subpackage Users
   7   * @since 4.4.0
   8   */
   9  
  10  /**
  11   * Core class used to implement the WP_User object.
  12   *
  13   * @since 2.0.0
  14   *
  15   * @property string $nickname
  16   * @property string $description
  17   * @property string $user_description
  18   * @property string $first_name
  19   * @property string $user_firstname
  20   * @property string $last_name
  21   * @property string $user_lastname
  22   * @property string $user_login
  23   * @property string $user_pass
  24   * @property string $user_nicename
  25   * @property string $user_email
  26   * @property string $user_url
  27   * @property string $user_registered
  28   * @property string $user_activation_key
  29   * @property string $user_status
  30   * @property int    $user_level
  31   * @property string $display_name
  32   * @property string $spam
  33   * @property string $deleted
  34   * @property string $locale
  35   * @property string $rich_editing
  36   * @property string $syntax_highlighting
  37   * @property string $use_ssl
  38   */
  39  #[AllowDynamicProperties]
  40  class WP_User {
  41      /**
  42       * User data container.
  43       *
  44       * @since 2.0.0
  45       * @var stdClass
  46       */
  47      public $data;
  48  
  49      /**
  50       * The user's ID.
  51       *
  52       * @since 2.1.0
  53       * @var int
  54       */
  55      public $ID = 0;
  56  
  57      /**
  58       * Capabilities that the individual user has been granted outside of those inherited from their role.
  59       *
  60       * @since 2.0.0
  61       * @var bool[] Array of key/value pairs where keys represent a capability name
  62       *             and boolean values represent whether the user has that capability.
  63       */
  64      public $caps = array();
  65  
  66      /**
  67       * User metadata option name.
  68       *
  69       * @since 2.0.0
  70       * @var string
  71       */
  72      public $cap_key;
  73  
  74      /**
  75       * The roles the user is part of.
  76       *
  77       * @since 2.0.0
  78       * @var string[]
  79       */
  80      public $roles = array();
  81  
  82      /**
  83       * All capabilities the user has, including individual and role based.
  84       *
  85       * @since 2.0.0
  86       * @var bool[] Array of key/value pairs where keys represent a capability name
  87       *             and boolean values represent whether the user has that capability.
  88       */
  89      public $allcaps = array();
  90  
  91      /**
  92       * The filter context applied to user data fields.
  93       *
  94       * @since 2.9.0
  95       * @var string
  96       */
  97      public $filter = null;
  98  
  99      /**
 100       * The site ID the capabilities of this user are initialized for.
 101       *
 102       * @since 4.9.0
 103       * @var int
 104       */
 105      private $site_id = 0;
 106  
 107      /**
 108       * @since 3.3.0
 109       * @var array
 110       */
 111      private static $back_compat_keys;
 112  
 113      /**
 114       * Constructor.
 115       *
 116       * Retrieves the userdata and passes it to WP_User::init().
 117       *
 118       * @since 2.0.0
 119       *
 120       * @global wpdb $wpdb WordPress database abstraction object.
 121       *
 122       * @param int|string|stdClass|WP_User $id      User's ID, a WP_User object, or a user object from the DB.
 123       * @param string                      $name    Optional. User's username
 124       * @param int                         $site_id Optional Site ID, defaults to current site.
 125       */
 126  	public function __construct( $id = 0, $name = '', $site_id = '' ) {
 127          global $wpdb;
 128  
 129          if ( ! isset( self::$back_compat_keys ) ) {
 130              $prefix = $wpdb->prefix;
 131  
 132              self::$back_compat_keys = array(
 133                  'user_firstname'             => 'first_name',
 134                  'user_lastname'              => 'last_name',
 135                  'user_description'           => 'description',
 136                  'user_level'                 => $prefix . 'user_level',
 137                  $prefix . 'usersettings'     => $prefix . 'user-settings',
 138                  $prefix . 'usersettingstime' => $prefix . 'user-settings-time',
 139              );
 140          }
 141  
 142          if ( $id instanceof WP_User ) {
 143              $this->init( $id->data, $site_id );
 144              return;
 145          } elseif ( is_object( $id ) ) {
 146              $this->init( $id, $site_id );
 147              return;
 148          }
 149  
 150          if ( ! empty( $id ) && ! is_numeric( $id ) ) {
 151              $name = $id;
 152              $id   = 0;
 153          }
 154  
 155          if ( $id ) {
 156              $data = self::get_data_by( 'id', $id );
 157          } else {
 158              $data = self::get_data_by( 'login', $name );
 159          }
 160  
 161          if ( $data ) {
 162              $this->init( $data, $site_id );
 163          } else {
 164              $this->data = new stdClass();
 165          }
 166      }
 167  
 168      /**
 169       * Sets up object properties, including capabilities.
 170       *
 171       * @since 3.3.0
 172       *
 173       * @param object $data    User DB row object.
 174       * @param int    $site_id Optional. The site ID to initialize for.
 175       */
 176  	public function init( $data, $site_id = '' ) {
 177          if ( ! isset( $data->ID ) ) {
 178              $data->ID = 0;
 179          }
 180          $this->data = $data;
 181          $this->ID   = (int) $data->ID;
 182  
 183          $this->for_site( $site_id );
 184      }
 185  
 186      /**
 187       * Returns only the main user fields.
 188       *
 189       * @since 3.3.0
 190       * @since 4.4.0 Added 'ID' as an alias of 'id' for the `$field` parameter.
 191       *
 192       * @global wpdb $wpdb WordPress database abstraction object.
 193       *
 194       * @param string     $field The field to query against: Accepts 'id', 'ID', 'slug', 'email' or 'login'.
 195       * @param string|int $value The field value.
 196       * @return object|false Raw user object.
 197       */
 198  	public static function get_data_by( $field, $value ) {
 199          global $wpdb;
 200  
 201          // 'ID' is an alias of 'id'.
 202          if ( 'ID' === $field ) {
 203              $field = 'id';
 204          }
 205  
 206          if ( 'id' === $field ) {
 207              // Make sure the value is numeric to avoid casting objects, for example, to int 1.
 208              if ( ! is_numeric( $value ) ) {
 209                  return false;
 210              }
 211              $value = (int) $value;
 212              if ( $value < 1 ) {
 213                  return false;
 214              }
 215          } else {
 216              $value = trim( $value );
 217          }
 218  
 219          if ( ! $value ) {
 220              return false;
 221          }
 222  
 223          switch ( $field ) {
 224              case 'id':
 225                  $user_id  = $value;
 226                  $db_field = 'ID';
 227                  break;
 228              case 'slug':
 229                  $user_id  = wp_cache_get( $value, 'userslugs' );
 230                  $db_field = 'user_nicename';
 231                  break;
 232              case 'email':
 233                  $user_id  = wp_cache_get( $value, 'useremail' );
 234                  $db_field = 'user_email';
 235                  break;
 236              case 'login':
 237                  $value    = sanitize_user( $value );
 238                  $user_id  = wp_cache_get( $value, 'userlogins' );
 239                  $db_field = 'user_login';
 240                  break;
 241              default:
 242                  return false;
 243          }
 244  
 245          if ( false !== $user_id ) {
 246              $user = wp_cache_get( $user_id, 'users' );
 247              if ( $user ) {
 248                  return $user;
 249              }
 250          }
 251  
 252          $user = $wpdb->get_row(
 253              $wpdb->prepare(
 254                  "SELECT * FROM $wpdb->users WHERE $db_field = %s LIMIT 1",
 255                  $value
 256              )
 257          );
 258          if ( ! $user ) {
 259              return false;
 260          }
 261  
 262          update_user_caches( $user );
 263  
 264          return $user;
 265      }
 266  
 267      /**
 268       * Magic method for checking the existence of a certain custom field.
 269       *
 270       * @since 3.3.0
 271       *
 272       * @param string $key User meta key to check if set.
 273       * @return bool Whether the given user meta key is set.
 274       */
 275  	public function __isset( $key ) {
 276          if ( 'id' === $key ) {
 277              _deprecated_argument(
 278                  'WP_User->id',
 279                  '2.1.0',
 280                  sprintf(
 281                      /* translators: %s: WP_User->ID */
 282                      __( 'Use %s instead.' ),
 283                      '<code>WP_User->ID</code>'
 284                  )
 285              );
 286              $key = 'ID';
 287          }
 288  
 289          if ( isset( $this->data->$key ) ) {
 290              return true;
 291          }
 292  
 293          if ( isset( self::$back_compat_keys[ $key ] ) ) {
 294              $key = self::$back_compat_keys[ $key ];
 295          }
 296  
 297          return metadata_exists( 'user', $this->ID, $key );
 298      }
 299  
 300      /**
 301       * Magic method for accessing custom fields.
 302       *
 303       * @since 3.3.0
 304       *
 305       * @param string $key User meta key to retrieve.
 306       * @return mixed Value of the given user meta key (if set). If `$key` is 'id', the user ID.
 307       */
 308  	public function __get( $key ) {
 309          if ( 'id' === $key ) {
 310              _deprecated_argument(
 311                  'WP_User->id',
 312                  '2.1.0',
 313                  sprintf(
 314                      /* translators: %s: WP_User->ID */
 315                      __( 'Use %s instead.' ),
 316                      '<code>WP_User->ID</code>'
 317                  )
 318              );
 319              return $this->ID;
 320          }
 321  
 322          if ( isset( $this->data->$key ) ) {
 323              $value = $this->data->$key;
 324          } else {
 325              if ( isset( self::$back_compat_keys[ $key ] ) ) {
 326                  $key = self::$back_compat_keys[ $key ];
 327              }
 328              $value = get_user_meta( $this->ID, $key, true );
 329          }
 330  
 331          if ( $this->filter ) {
 332              $value = sanitize_user_field( $key, $value, $this->ID, $this->filter );
 333          }
 334  
 335          return $value;
 336      }
 337  
 338      /**
 339       * Magic method for setting custom user fields.
 340       *
 341       * This method does not update custom fields in the database. It only stores
 342       * the value on the WP_User instance.
 343       *
 344       * @since 3.3.0
 345       *
 346       * @param string $key   User meta key.
 347       * @param mixed  $value User meta value.
 348       */
 349  	public function __set( $key, $value ) {
 350          if ( 'id' === $key ) {
 351              _deprecated_argument(
 352                  'WP_User->id',
 353                  '2.1.0',
 354                  sprintf(
 355                      /* translators: %s: WP_User->ID */
 356                      __( 'Use %s instead.' ),
 357                      '<code>WP_User->ID</code>'
 358                  )
 359              );
 360              $this->ID = $value;
 361              return;
 362          }
 363  
 364          $this->data->$key = $value;
 365      }
 366  
 367      /**
 368       * Magic method for unsetting a certain custom field.
 369       *
 370       * @since 4.4.0
 371       *
 372       * @param string $key User meta key to unset.
 373       */
 374  	public function __unset( $key ) {
 375          if ( 'id' === $key ) {
 376              _deprecated_argument(
 377                  'WP_User->id',
 378                  '2.1.0',
 379                  sprintf(
 380                      /* translators: %s: WP_User->ID */
 381                      __( 'Use %s instead.' ),
 382                      '<code>WP_User->ID</code>'
 383                  )
 384              );
 385          }
 386  
 387          if ( isset( $this->data->$key ) ) {
 388              unset( $this->data->$key );
 389          }
 390  
 391          if ( isset( self::$back_compat_keys[ $key ] ) ) {
 392              unset( self::$back_compat_keys[ $key ] );
 393          }
 394      }
 395  
 396      /**
 397       * Determines whether the user exists in the database.
 398       *
 399       * @since 3.4.0
 400       *
 401       * @return bool True if user exists in the database, false if not.
 402       */
 403  	public function exists() {
 404          return ! empty( $this->ID );
 405      }
 406  
 407      /**
 408       * Retrieves the value of a property or meta key.
 409       *
 410       * Retrieves from the users and usermeta table.
 411       *
 412       * @since 3.3.0
 413       *
 414       * @param string $key Property
 415       * @return mixed
 416       */
 417  	public function get( $key ) {
 418          return $this->__get( $key );
 419      }
 420  
 421      /**
 422       * Determines whether a property or meta key is set.
 423       *
 424       * Consults the users and usermeta tables.
 425       *
 426       * @since 3.3.0
 427       *
 428       * @param string $key Property.
 429       * @return bool
 430       */
 431  	public function has_prop( $key ) {
 432          return $this->__isset( $key );
 433      }
 434  
 435      /**
 436       * Returns an array representation.
 437       *
 438       * @since 3.5.0
 439       *
 440       * @return array Array representation.
 441       */
 442  	public function to_array() {
 443          return get_object_vars( $this->data );
 444      }
 445  
 446      /**
 447       * Makes private/protected methods readable for backward compatibility.
 448       *
 449       * @since 4.3.0
 450       *
 451       * @param string $name      Method to call.
 452       * @param array  $arguments Arguments to pass when calling.
 453       * @return mixed|false Return value of the callback, false otherwise.
 454       */
 455  	public function __call( $name, $arguments ) {
 456          if ( '_init_caps' === $name ) {
 457              return $this->_init_caps( ...$arguments );
 458          }
 459          return false;
 460      }
 461  
 462      /**
 463       * Sets up capability object properties.
 464       *
 465       * Will set the value for the 'cap_key' property to current database table
 466       * prefix, followed by 'capabilities'. Will then check to see if the
 467       * property matching the 'cap_key' exists and is an array. If so, it will be
 468       * used.
 469       *
 470       * @since 2.1.0
 471       * @deprecated 4.9.0 Use WP_User::for_site()
 472       *
 473       * @global wpdb $wpdb WordPress database abstraction object.
 474       *
 475       * @param string $cap_key Optional capability key
 476       */
 477  	protected function _init_caps( $cap_key = '' ) {
 478          global $wpdb;
 479  
 480          _deprecated_function( __METHOD__, '4.9.0', 'WP_User::for_site()' );
 481  
 482          if ( empty( $cap_key ) ) {
 483              $this->cap_key = $wpdb->get_blog_prefix( $this->site_id ) . 'capabilities';
 484          } else {
 485              $this->cap_key = $cap_key;
 486          }
 487  
 488          $this->caps = $this->get_caps_data();
 489  
 490          $this->get_role_caps();
 491      }
 492  
 493      /**
 494       * Retrieves all of the capabilities of the user's roles, and merges them with
 495       * individual user capabilities.
 496       *
 497       * All of the capabilities of the user's roles are merged with the user's individual
 498       * capabilities. This means that the user can be denied specific capabilities that
 499       * their role might have, but the user is specifically denied.
 500       *
 501       * @since 2.0.0
 502       *
 503       * @return bool[] Array of key/value pairs where keys represent a capability name
 504       *                and boolean values represent whether the user has that capability.
 505       */
 506  	public function get_role_caps() {
 507          $switch_site = false;
 508          if ( is_multisite() && get_current_blog_id() !== $this->site_id ) {
 509              $switch_site = true;
 510  
 511              switch_to_blog( $this->site_id );
 512          }
 513  
 514          $wp_roles = wp_roles();
 515  
 516          // Filter out caps that are not role names and assign to $this->roles.
 517          if ( is_array( $this->caps ) ) {
 518              $this->roles = array_filter( array_keys( $this->caps ), array( $wp_roles, 'is_role' ) );
 519          }
 520  
 521          // Build $allcaps from role caps, overlay user's $caps.
 522          $this->allcaps = array();
 523          foreach ( (array) $this->roles as $role ) {
 524              $the_role      = $wp_roles->get_role( $role );
 525              $this->allcaps = array_merge( (array) $this->allcaps, (array) $the_role->capabilities );
 526          }
 527          $this->allcaps = array_merge( (array) $this->allcaps, (array) $this->caps );
 528  
 529          if ( $switch_site ) {
 530              restore_current_blog();
 531          }
 532  
 533          return $this->allcaps;
 534      }
 535  
 536      /**
 537       * Adds role to user.
 538       *
 539       * Updates the user's meta data option with capabilities and roles.
 540       *
 541       * @since 2.0.0
 542       *
 543       * @param string $role Role name.
 544       */
 545  	public function add_role( $role ) {
 546          if ( empty( $role ) ) {
 547              return;
 548          }
 549  
 550          if ( in_array( $role, $this->roles, true ) ) {
 551              return;
 552          }
 553  
 554          $this->caps[ $role ] = true;
 555          update_user_meta( $this->ID, $this->cap_key, $this->caps );
 556          $this->get_role_caps();
 557          $this->update_user_level_from_caps();
 558  
 559          /**
 560           * Fires immediately after the user has been given a new role.
 561           *
 562           * @since 4.3.0
 563           *
 564           * @param int    $user_id The user ID.
 565           * @param string $role    The new role.
 566           */
 567          do_action( 'add_user_role', $this->ID, $role );
 568      }
 569  
 570      /**
 571       * Removes role from user.
 572       *
 573       * @since 2.0.0
 574       *
 575       * @param string $role Role name.
 576       */
 577  	public function remove_role( $role ) {
 578          if ( ! in_array( $role, $this->roles, true ) ) {
 579              return;
 580          }
 581  
 582          unset( $this->caps[ $role ] );
 583          update_user_meta( $this->ID, $this->cap_key, $this->caps );
 584          $this->get_role_caps();
 585          $this->update_user_level_from_caps();
 586  
 587          /**
 588           * Fires immediately after a role as been removed from a user.
 589           *
 590           * @since 4.3.0
 591           *
 592           * @param int    $user_id The user ID.
 593           * @param string $role    The removed role.
 594           */
 595          do_action( 'remove_user_role', $this->ID, $role );
 596      }
 597  
 598      /**
 599       * Sets the role of the user.
 600       *
 601       * This will remove the previous roles of the user and assign the user the
 602       * new one. You can set the role to an empty string and it will remove all
 603       * of the roles from the user.
 604       *
 605       * @since 2.0.0
 606       *
 607       * @param string $role Role name.
 608       */
 609  	public function set_role( $role ) {
 610          if ( 1 === count( $this->roles ) && current( $this->roles ) === $role ) {
 611              return;
 612          }
 613  
 614          foreach ( (array) $this->roles as $oldrole ) {
 615              unset( $this->caps[ $oldrole ] );
 616          }
 617  
 618          $old_roles = $this->roles;
 619  
 620          if ( ! empty( $role ) ) {
 621              $this->caps[ $role ] = true;
 622              $this->roles         = array( $role => true );
 623          } else {
 624              $this->roles = array();
 625          }
 626  
 627          update_user_meta( $this->ID, $this->cap_key, $this->caps );
 628          $this->get_role_caps();
 629          $this->update_user_level_from_caps();
 630  
 631          foreach ( $old_roles as $old_role ) {
 632              if ( ! $old_role || $old_role === $role ) {
 633                  continue;
 634              }
 635  
 636              /** This action is documented in wp-includes/class-wp-user.php */
 637              do_action( 'remove_user_role', $this->ID, $old_role );
 638          }
 639  
 640          if ( $role && ! in_array( $role, $old_roles, true ) ) {
 641              /** This action is documented in wp-includes/class-wp-user.php */
 642              do_action( 'add_user_role', $this->ID, $role );
 643          }
 644  
 645          /**
 646           * Fires after the user's role has changed.
 647           *
 648           * @since 2.9.0
 649           * @since 3.6.0 Added $old_roles to include an array of the user's previous roles.
 650           *
 651           * @param int      $user_id   The user ID.
 652           * @param string   $role      The new role.
 653           * @param string[] $old_roles An array of the user's previous roles.
 654           */
 655          do_action( 'set_user_role', $this->ID, $role, $old_roles );
 656      }
 657  
 658      /**
 659       * Chooses the maximum level the user has.
 660       *
 661       * Will compare the level from the $item parameter against the $max
 662       * parameter. If the item is incorrect, then just the $max parameter value
 663       * will be returned.
 664       *
 665       * Used to get the max level based on the capabilities the user has. This
 666       * is also based on roles, so if the user is assigned the Administrator role
 667       * then the capability 'level_10' will exist and the user will get that
 668       * value.
 669       *
 670       * @since 2.0.0
 671       *
 672       * @param int    $max  Max level of user.
 673       * @param string $item Level capability name.
 674       * @return int Max Level.
 675       */
 676  	public function level_reduction( $max, $item ) {
 677          if ( preg_match( '/^level_(10|[0-9])$/i', $item, $matches ) ) {
 678              $level = (int) $matches[1];
 679              return max( $max, $level );
 680          } else {
 681              return $max;
 682          }
 683      }
 684  
 685      /**
 686       * Updates the maximum user level for the user.
 687       *
 688       * Updates the 'user_level' user metadata (includes prefix that is the
 689       * database table prefix) with the maximum user level. Gets the value from
 690       * the all of the capabilities that the user has.
 691       *
 692       * @since 2.0.0
 693       *
 694       * @global wpdb $wpdb WordPress database abstraction object.
 695       */
 696  	public function update_user_level_from_caps() {
 697          global $wpdb;
 698          $this->user_level = array_reduce( array_keys( $this->allcaps ), array( $this, 'level_reduction' ), 0 );
 699          update_user_meta( $this->ID, $wpdb->get_blog_prefix() . 'user_level', $this->user_level );
 700      }
 701  
 702      /**
 703       * Adds capability and grant or deny access to capability.
 704       *
 705       * @since 2.0.0
 706       *
 707       * @param string $cap   Capability name.
 708       * @param bool   $grant Whether to grant capability to user.
 709       */
 710  	public function add_cap( $cap, $grant = true ) {
 711          $this->caps[ $cap ] = $grant;
 712          update_user_meta( $this->ID, $this->cap_key, $this->caps );
 713          $this->get_role_caps();
 714          $this->update_user_level_from_caps();
 715      }
 716  
 717      /**
 718       * Removes capability from user.
 719       *
 720       * @since 2.0.0
 721       *
 722       * @param string $cap Capability name.
 723       */
 724  	public function remove_cap( $cap ) {
 725          if ( ! isset( $this->caps[ $cap ] ) ) {
 726              return;
 727          }
 728          unset( $this->caps[ $cap ] );
 729          update_user_meta( $this->ID, $this->cap_key, $this->caps );
 730          $this->get_role_caps();
 731          $this->update_user_level_from_caps();
 732      }
 733  
 734      /**
 735       * Removes all of the capabilities of the user.
 736       *
 737       * @since 2.1.0
 738       *
 739       * @global wpdb $wpdb WordPress database abstraction object.
 740       */
 741  	public function remove_all_caps() {
 742          global $wpdb;
 743          $this->caps = array();
 744          delete_user_meta( $this->ID, $this->cap_key );
 745          delete_user_meta( $this->ID, $wpdb->get_blog_prefix() . 'user_level' );
 746          $this->get_role_caps();
 747      }
 748  
 749      /**
 750       * Returns whether the user has the specified capability.
 751       *
 752       * This function also accepts an ID of an object to check against if the capability is a meta capability. Meta
 753       * capabilities such as `edit_post` and `edit_user` are capabilities used by the `map_meta_cap()` function to
 754       * map to primitive capabilities that a user or role has, such as `edit_posts` and `edit_others_posts`.
 755       *
 756       * Example usage:
 757       *
 758       *     $user->has_cap( 'edit_posts' );
 759       *     $user->has_cap( 'edit_post', $post->ID );
 760       *     $user->has_cap( 'edit_post_meta', $post->ID, $meta_key );
 761       *
 762       * While checking against a role in place of a capability is supported in part, this practice is discouraged as it
 763       * may produce unreliable results.
 764       *
 765       * @since 2.0.0
 766       * @since 5.3.0 Formalized the existing and already documented `...$args` parameter
 767       *              by adding it to the function signature.
 768       *
 769       * @see map_meta_cap()
 770       *
 771       * @param string $cap     Capability name.
 772       * @param mixed  ...$args Optional further parameters, typically starting with an object ID.
 773       * @return bool Whether the user has the given capability, or, if an object ID is passed, whether the user has
 774       *              the given capability for that object.
 775       */
 776  	public function has_cap( $cap, ...$args ) {
 777          if ( is_numeric( $cap ) ) {
 778              _deprecated_argument( __FUNCTION__, '2.0.0', __( 'Usage of user levels is deprecated. Use capabilities instead.' ) );
 779              $cap = $this->translate_level_to_cap( $cap );
 780          }
 781  
 782          $caps = map_meta_cap( $cap, $this->ID, ...$args );
 783  
 784          // Multisite super admin has all caps by definition, Unless specifically denied.
 785          if ( is_multisite() && is_super_admin( $this->ID ) ) {
 786              if ( in_array( 'do_not_allow', $caps, true ) ) {
 787                  return false;
 788              }
 789              return true;
 790          }
 791  
 792          // Maintain BC for the argument passed to the "user_has_cap" filter.
 793          $args = array_merge( array( $cap, $this->ID ), $args );
 794  
 795          /**
 796           * Dynamically filter a user's capabilities.
 797           *
 798           * @since 2.0.0
 799           * @since 3.7.0 Added the `$user` parameter.
 800           *
 801           * @param bool[]   $allcaps Array of key/value pairs where keys represent a capability name
 802           *                          and boolean values represent whether the user has that capability.
 803           * @param string[] $caps    Required primitive capabilities for the requested capability.
 804           * @param array    $args {
 805           *     Arguments that accompany the requested capability check.
 806           *
 807           *     @type string    $0 Requested capability.
 808           *     @type int       $1 Concerned user ID.
 809           *     @type mixed  ...$2 Optional second and further parameters, typically object ID.
 810           * }
 811           * @param WP_User  $user    The user object.
 812           */
 813          $capabilities = apply_filters( 'user_has_cap', $this->allcaps, $caps, $args, $this );
 814  
 815          // Everyone is allowed to exist.
 816          $capabilities['exist'] = true;
 817  
 818          // Nobody is allowed to do things they are not allowed to do.
 819          unset( $capabilities['do_not_allow'] );
 820  
 821          // Must have ALL requested caps.
 822          foreach ( (array) $caps as $cap ) {
 823              if ( empty( $capabilities[ $cap ] ) ) {
 824                  return false;
 825              }
 826          }
 827  
 828          return true;
 829      }
 830  
 831      /**
 832       * Converts numeric level to level capability name.
 833       *
 834       * Prepends 'level_' to level number.
 835       *
 836       * @since 2.0.0
 837       *
 838       * @param int $level Level number, 1 to 10.
 839       * @return string
 840       */
 841  	public function translate_level_to_cap( $level ) {
 842          return 'level_' . $level;
 843      }
 844  
 845      /**
 846       * Sets the site to operate on. Defaults to the current site.
 847       *
 848       * @since 3.0.0
 849       * @deprecated 4.9.0 Use WP_User::for_site()
 850       *
 851       * @param int $blog_id Optional. Site ID, defaults to current site.
 852       */
 853  	public function for_blog( $blog_id = '' ) {
 854          _deprecated_function( __METHOD__, '4.9.0', 'WP_User::for_site()' );
 855  
 856          $this->for_site( $blog_id );
 857      }
 858  
 859      /**
 860       * Sets the site to operate on. Defaults to the current site.
 861       *
 862       * @since 4.9.0
 863       *
 864       * @global wpdb $wpdb WordPress database abstraction object.
 865       *
 866       * @param int $site_id Site ID to initialize user capabilities for. Default is the current site.
 867       */
 868  	public function for_site( $site_id = '' ) {
 869          global $wpdb;
 870  
 871          if ( ! empty( $site_id ) ) {
 872              $this->site_id = absint( $site_id );
 873          } else {
 874              $this->site_id = get_current_blog_id();
 875          }
 876  
 877          $this->cap_key = $wpdb->get_blog_prefix( $this->site_id ) . 'capabilities';
 878  
 879          $this->caps = $this->get_caps_data();
 880  
 881          $this->get_role_caps();
 882      }
 883  
 884      /**
 885       * Gets the ID of the site for which the user's capabilities are currently initialized.
 886       *
 887       * @since 4.9.0
 888       *
 889       * @return int Site ID.
 890       */
 891  	public function get_site_id() {
 892          return $this->site_id;
 893      }
 894  
 895      /**
 896       * Gets the available user capabilities data.
 897       *
 898       * @since 4.9.0
 899       *
 900       * @return bool[] List of capabilities keyed by the capability name,
 901       *                e.g. `array( 'edit_posts' => true, 'delete_posts' => false )`.
 902       */
 903  	private function get_caps_data() {
 904          $caps = get_user_meta( $this->ID, $this->cap_key, true );
 905  
 906          if ( ! is_array( $caps ) ) {
 907              return array();
 908          }
 909  
 910          return $caps;
 911      }
 912  }


Generated : Tue Dec 24 08:20:01 2024 Cross-referenced by PHPXref