wp-signup.php 28 KB
Newer Older
godog's avatar
godog committed
1
2
3
4
5
<?php

/** Sets up the WordPress Environment. */
require( dirname(__FILE__) . '/wp-load.php' );

root's avatar
root committed
6
add_action( 'wp_head', 'wp_no_robots' );
godog's avatar
godog committed
7

lucha's avatar
lucha committed
8
require( dirname( __FILE__ ) . '/wp-blog-header.php' );
godog's avatar
godog committed
9

lechuck's avatar
lechuck committed
10
if ( is_array( get_site_option( 'illegal_names' )) && isset( $_GET[ 'new' ] ) && in_array( $_GET[ 'new' ], get_site_option( 'illegal_names' ) ) ) {
godog's avatar
godog committed
11
12
13
14
	wp_redirect( network_home_url() );
	die();
}

lechuck's avatar
lechuck committed
15
16
17
18
19
/**
 * Prints signup_header via wp_head
 *
 * @since MU
 */
godog's avatar
godog committed
20
function do_signup_header() {
lucha's avatar
lucha committed
21
	/**
lechuck's avatar
lechuck committed
22
	 * Fires within the head section of the site sign-up screen.
lucha's avatar
lucha committed
23
24
25
	 *
	 * @since 3.0.0
	 */
shammash's avatar
shammash committed
26
	do_action( 'signup_header' );
godog's avatar
godog committed
27
28
29
30
}
add_action( 'wp_head', 'do_signup_header' );

if ( !is_multisite() ) {
lechuck's avatar
lechuck committed
31
	wp_redirect( wp_registration_url() );
godog's avatar
godog committed
32
33
34
35
	die();
}

if ( !is_main_site() ) {
lechuck's avatar
lechuck committed
36
	wp_redirect( network_site_url( 'wp-signup.php' ) );
godog's avatar
godog committed
37
38
39
40
41
42
	die();
}

// Fix for page title
$wp_query->is_404 = false;

lechuck's avatar
lechuck committed
43
44
45
46
47
48
49
/**
 * Fires before the Site Signup page is loaded.
 *
 * @since 4.4.0
 */
do_action( 'before_signup_header' );

lechuck's avatar
lechuck committed
50
51
52
53
54
/**
 * Prints styles for front-end Multisite signup pages
 *
 * @since MU
 */
godog's avatar
godog committed
55
56
57
58
59
60
61
62
63
64
65
function wpmu_signup_stylesheet() {
	?>
	<style type="text/css">
		.mu_register { width: 90%; margin:0 auto; }
		.mu_register form { margin-top: 2em; }
		.mu_register .error { font-weight:700; padding:10px; color:#333333; background:#FFEBE8; border:1px solid #CC0000; }
		.mu_register input[type="submit"],
			.mu_register #blog_title,
			.mu_register #user_email,
			.mu_register #blogname,
			.mu_register #user_name { width:100%; font-size: 24px; margin:5px 0; }
lechuck's avatar
lechuck committed
66
		.mu_register #site-language { display: block; }
godog's avatar
godog committed
67
68
69
70
71
72
73
74
75
76
		.mu_register .prefix_address,
			.mu_register .suffix_address {font-size: 18px;display:inline; }
		.mu_register label { font-weight:700; font-size:15px; display:block; margin:10px 0; }
		.mu_register label.checkbox { display:inline; }
		.mu_register .mu_alert { font-weight:700; padding:10px; color:#333333; background:#ffffe0; border:1px solid #e6db55; }
	</style>
	<?php
}

add_action( 'wp_head', 'wpmu_signup_stylesheet' );
lechuck's avatar
lechuck committed
77
get_header( 'wp-signup' );
godog's avatar
godog committed
78

lucha's avatar
lucha committed
79
80
81
82
83
/**
 * Fires before the site sign-up form.
 *
 * @since 3.0.0
 */
godog's avatar
godog committed
84
85
do_action( 'before_signup_form' );
?>
lechuck's avatar
lechuck committed
86
87
<div id="signup-content" class="widecolumn">
<div class="mu_register wp-signup-container">
godog's avatar
godog committed
88
<?php
lechuck's avatar
lechuck committed
89
90
91
92
93
94
95
96
97
/**
 * Generates and displays the Signup and Create Site forms
 *
 * @since MU
 *
 * @param string $blogname The new site name
 * @param string $blog_title The new site title
 * @param array $errors
 */
lucha's avatar
lucha committed
98
99
function show_blog_form( $blogname = '', $blog_title = '', $errors = '' ) {
	$current_site = get_current_site();
godog's avatar
godog committed
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
	// Blog name
	if ( !is_subdomain_install() )
		echo '<label for="blogname">' . __('Site Name:') . '</label>';
	else
		echo '<label for="blogname">' . __('Site Domain:') . '</label>';

	if ( $errmsg = $errors->get_error_message('blogname') ) { ?>
		<p class="error"><?php echo $errmsg ?></p>
	<?php }

	if ( !is_subdomain_install() )
		echo '<span class="prefix_address">' . $current_site->domain . $current_site->path . '</span><input name="blogname" type="text" id="blogname" value="'. esc_attr($blogname) .'" maxlength="60" /><br />';
	else
		echo '<input name="blogname" type="text" id="blogname" value="'.esc_attr($blogname).'" maxlength="60" /><span class="suffix_address">.' . ( $site_domain = preg_replace( '|^www\.|', '', $current_site->domain ) ) . '</span><br />';

	if ( !is_user_logged_in() ) {
		if ( !is_subdomain_install() )
root's avatar
root committed
117
			$site = $current_site->domain . $current_site->path . __( 'sitename' );
godog's avatar
godog committed
118
		else
root's avatar
root committed
119
120
			$site = __( 'domain' ) . '.' . $site_domain . $current_site->path;
		echo '<p>(<strong>' . sprintf( __('Your address will be %s.'), $site ) . '</strong>) ' . __( 'Must be at least 4 characters, letters and numbers only. It cannot be changed, so choose carefully!' ) . '</p>';
godog's avatar
godog committed
121
122
123
124
125
126
127
128
129
130
131
	}

	// Blog Title
	?>
	<label for="blog_title"><?php _e('Site Title:') ?></label>
	<?php if ( $errmsg = $errors->get_error_message('blog_title') ) { ?>
		<p class="error"><?php echo $errmsg ?></p>
	<?php }
	echo '<input name="blog_title" type="text" id="blog_title" value="'.esc_attr($blog_title).'" />';
	?>

lechuck's avatar
lechuck committed
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
	<?php
	// Site Language.
	$languages = signup_get_available_languages();

	if ( ! empty( $languages ) ) :
		?>
		<p>
			<label for="site-language"><?php _e( 'Site Language:' ); ?></label>
			<?php
			// Network default.
			$lang = get_site_option( 'WPLANG' );

			if ( isset( $_POST['WPLANG'] ) ) {
				$lang = $_POST['WPLANG'];
			}

			// Use US English if the default isn't available.
			if ( ! in_array( $lang, $languages ) ) {
				$lang = '';
			}

			wp_dropdown_languages( array(
				'name'                        => 'WPLANG',
				'id'                          => 'site-language',
				'selected'                    => $lang,
				'languages'                   => $languages,
				'show_available_translations' => false,
			) );
			?>
		</p>
	<?php endif; // Languages. ?>

godog's avatar
godog committed
164
165
166
	<div id="privacy">
        <p class="privacy-intro">
            <label for="blog_public_on"><?php _e('Privacy:') ?></label>
lechuck's avatar
lechuck committed
167
            <?php _e( 'Allow search engines to index this site.' ); ?>
godog's avatar
godog committed
168
169
170
171
172
173
174
175
176
177
178
179
180
            <br style="clear:both" />
            <label class="checkbox" for="blog_public_on">
                <input type="radio" id="blog_public_on" name="blog_public" value="1" <?php if ( !isset( $_POST['blog_public'] ) || $_POST['blog_public'] == '1' ) { ?>checked="checked"<?php } ?> />
                <strong><?php _e( 'Yes' ); ?></strong>
            </label>
            <label class="checkbox" for="blog_public_off">
                <input type="radio" id="blog_public_off" name="blog_public" value="0" <?php if ( isset( $_POST['blog_public'] ) && $_POST['blog_public'] == '0' ) { ?>checked="checked"<?php } ?> />
                <strong><?php _e( 'No' ); ?></strong>
            </label>
        </p>
	</div>

	<?php
lucha's avatar
lucha committed
181
182
183
184
185
186
187
188
	/**
	 * Fires after the site sign-up form.
	 *
	 * @since 3.0.0
	 *
	 * @param array $errors An array possibly containing 'blogname' or 'blog_title' errors.
	 */
	do_action( 'signup_blogform', $errors );
godog's avatar
godog committed
189
190
}

lechuck's avatar
lechuck committed
191
192
193
194
195
196
197
/**
 * Validate the new site signup
 *
 * @since MU
 *
 * @return array Contains the new site data and error messages.
 */
godog's avatar
godog committed
198
199
200
201
202
203
204
205
function validate_blog_form() {
	$user = '';
	if ( is_user_logged_in() )
		$user = wp_get_current_user();

	return wpmu_validate_blog_signup($_POST['blogname'], $_POST['blog_title'], $user);
}

lechuck's avatar
lechuck committed
206
207
208
209
210
211
212
213
214
/**
 * Display user registration form
 *
 * @since MU
 *
 * @param string $user_name The entered username
 * @param string $user_email The entered email address
 * @param array $errors
 */
godog's avatar
godog committed
215
216
217
218
219
220
221
222
223
224
225
226
227
228
function show_user_form($user_name = '', $user_email = '', $errors = '') {
	// User name
	echo '<label for="user_name">' . __('Username:') . '</label>';
	if ( $errmsg = $errors->get_error_message('user_name') ) {
		echo '<p class="error">'.$errmsg.'</p>';
	}
	echo '<input name="user_name" type="text" id="user_name" value="'. esc_attr($user_name) .'" maxlength="60" /><br />';
	_e( '(Must be at least 4 characters, letters and numbers only.)' );
	?>

	<label for="user_email"><?php _e( 'Email&nbsp;Address:' ) ?></label>
	<?php if ( $errmsg = $errors->get_error_message('user_email') ) { ?>
		<p class="error"><?php echo $errmsg ?></p>
	<?php } ?>
lucha's avatar
lucha committed
229
	<input name="user_email" type="email" id="user_email" value="<?php  echo esc_attr($user_email) ?>" maxlength="200" /><br /><?php _e('We send your registration email to this address. (Double-check your email address before continuing.)') ?>
godog's avatar
godog committed
230
231
232
233
	<?php
	if ( $errmsg = $errors->get_error_message('generic') ) {
		echo '<p class="error">' . $errmsg . '</p>';
	}
lucha's avatar
lucha committed
234
235
236
237
238
239
240
	/**
	 * Fires at the end of the user registration form on the site sign-up form.
	 *
	 * @since 3.0.0
	 *
	 * @param array $errors An array possibly containing 'user_name' or 'user_email' errors.
	 */
godog's avatar
godog committed
241
242
243
	do_action( 'signup_extra_fields', $errors );
}

lechuck's avatar
lechuck committed
244
245
246
247
248
249
250
/**
 * Validate user signup name and email
 *
 * @since MU
 *
 * @return array Contains username, email, and error messages.
 */
godog's avatar
godog committed
251
252
253
254
function validate_user_form() {
	return wpmu_validate_user_signup($_POST['user_name'], $_POST['user_email']);
}

lechuck's avatar
lechuck committed
255
256
257
258
259
260
/**
 * Allow returning users to sign up for another site
 *
 * @since MU
 *
 * @param string $blogname The new site name
lechuck's avatar
lechuck committed
261
 * @param string $blog_title The new site title.
lechuck's avatar
lechuck committed
262
263
 * @param array $errors
 */
lucha's avatar
lucha committed
264
function signup_another_blog( $blogname = '', $blog_title = '', $errors = '' ) {
godog's avatar
godog committed
265
266
267
268
269
270
	$current_user = wp_get_current_user();

	if ( ! is_wp_error($errors) ) {
		$errors = new WP_Error();
	}

lucha's avatar
lucha committed
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
	$signup_defaults = array(
		'blogname'   => $blogname,
		'blog_title' => $blog_title,
		'errors'     => $errors
	);

	/**
	 * Filter the default site sign-up variables.
	 *
	 * @since 3.0.0
	 *
	 * @param array $signup_defaults {
	 *     An array of default site sign-up variables.
	 *
	 *     @type string $blogname   The site blogname.
	 *     @type string $blog_title The site title.
	 *     @type array  $errors     An array possibly containing 'blogname' or 'blog_title' errors.
	 * }
	 */
	$filtered_results = apply_filters( 'signup_another_blog_init', $signup_defaults );

godog's avatar
godog committed
292
293
294
295
	$blogname = $filtered_results['blogname'];
	$blog_title = $filtered_results['blog_title'];
	$errors = $filtered_results['errors'];

lucha's avatar
lucha committed
296
	echo '<h2>' . sprintf( __( 'Get <em>another</em> %s site in seconds' ), get_current_site()->site_name ) . '</h2>';
godog's avatar
godog committed
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319

	if ( $errors->get_error_code() ) {
		echo '<p>' . __( 'There was a problem, please correct the form below and try again.' ) . '</p>';
	}
	?>
	<p><?php printf( __( 'Welcome back, %s. By filling out the form below, you can <strong>add another site to your account</strong>. There is no limit to the number of sites you can have, so create to your heart&#8217;s content, but write responsibly!' ), $current_user->display_name ) ?></p>

	<?php
	$blogs = get_blogs_of_user($current_user->ID);
	if ( !empty($blogs) ) { ?>

			<p><?php _e( 'Sites you are already a member of:' ) ?></p>
			<ul>
				<?php foreach ( $blogs as $blog ) {
					$home_url = get_home_url( $blog->userblog_id );
					echo '<li><a href="' . esc_url( $home_url ) . '">' . $home_url . '</a></li>';
				} ?>
			</ul>
	<?php } ?>

	<p><?php _e( 'If you&#8217;re not going to use a great site domain, leave it for a new user. Now have at it!' ) ?></p>
	<form id="setupform" method="post" action="wp-signup.php">
		<input type="hidden" name="stage" value="gimmeanotherblog" />
lucha's avatar
lucha committed
320
321
322
323
324
325
326
327
328
329
330
		<?php
		/**
		 * Hidden sign-up form fields output when creating another site or user.
		 *
		 * @since MU
		 *
		 * @param string $context A string describing the steps of the sign-up process. The value can be
		 *                        'create-another-site', 'validate-user', or 'validate-site'.
		 */
		do_action( 'signup_hidden_fields', 'create-another-site' );
		?>
godog's avatar
godog committed
331
332
333
334
335
336
		<?php show_blog_form($blogname, $blog_title, $errors); ?>
		<p class="submit"><input type="submit" name="submit" class="submit" value="<?php esc_attr_e( 'Create Site' ) ?>" /></p>
	</form>
	<?php
}

lechuck's avatar
lechuck committed
337
/**
lechuck's avatar
lechuck committed
338
 * Validate a new site signup.
lechuck's avatar
lechuck committed
339
340
341
 *
 * @since MU
 *
lechuck's avatar
lechuck committed
342
 * @return null|bool True if site signup was validated, false if error.
lechuck's avatar
lechuck committed
343
 *                   The function halts all execution if the user is not logged in.
lechuck's avatar
lechuck committed
344
 */
godog's avatar
godog committed
345
346
347
function validate_another_blog_signup() {
	global $wpdb, $blogname, $blog_title, $errors, $domain, $path;
	$current_user = wp_get_current_user();
lechuck's avatar
lechuck committed
348
	if ( ! is_user_logged_in() ) {
godog's avatar
godog committed
349
		die();
lechuck's avatar
lechuck committed
350
	}
godog's avatar
godog committed
351
352

	$result = validate_blog_form();
lucha's avatar
lucha committed
353
354
355
356
357
358
359

	// Extracted values set/overwrite globals.
	$domain = $result['domain'];
	$path = $result['path'];
	$blogname = $result['blogname'];
	$blog_title = $result['blog_title'];
	$errors = $result['errors'];
godog's avatar
godog committed
360
361
362
363
364
365
366

	if ( $errors->get_error_code() ) {
		signup_another_blog($blogname, $blog_title, $errors);
		return false;
	}

	$public = (int) $_POST['blog_public'];
lucha's avatar
lucha committed
367
368
369
370
371
372

	$blog_meta_defaults = array(
		'lang_id' => 1,
		'public'  => $public
	);

lechuck's avatar
lechuck committed
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
	// Handle the language setting for the new site.
	if ( ! empty( $_POST['WPLANG'] ) ) {

		$languages = signup_get_available_languages();

		if ( in_array( $_POST['WPLANG'], $languages ) ) {
			$language = wp_unslash( sanitize_text_field( $_POST['WPLANG'] ) );

			if ( $language ) {
				$blog_meta_defaults['WPLANG'] = $language;
			}
		}

	}

lucha's avatar
lucha committed
388
389
390
391
392
393
394
395
	/**
	 * Filter the new site meta variables.
	 *
	 * @since MU
	 * @deprecated 3.0.0 Use the 'add_signup_meta' filter instead.
	 *
	 * @param array $blog_meta_defaults An array of default blog meta variables.
	 */
lucha's avatar
lucha committed
396
	$meta_defaults = apply_filters( 'signup_create_blog_meta', $blog_meta_defaults );
lechuck's avatar
lechuck committed
397

lucha's avatar
lucha committed
398
399
400
401
402
403
404
405
406
407
408
409
	/**
	 * Filter the new default site meta variables.
	 *
	 * @since 3.0.0
	 *
	 * @param array $meta {
	 *     An array of default site meta variables.
	 *
	 *     @type int $lang_id     The language ID.
	 *     @type int $blog_public Whether search engines should be discouraged from indexing the site. 1 for true, 0 for false.
	 * }
	 */
lucha's avatar
lucha committed
410
	$meta = apply_filters( 'add_signup_meta', $meta_defaults );
godog's avatar
godog committed
411

lechuck's avatar
lechuck committed
412
413
414
415
416
417
418
	$blog_id = wpmu_create_blog( $domain, $path, $blog_title, $current_user->ID, $meta, $wpdb->siteid );

	if ( is_wp_error( $blog_id ) ) {
		return false;
	}

	confirm_another_blog_signup( $domain, $path, $blog_title, $current_user->user_login, $current_user->user_email, $meta, $blog_id );
godog's avatar
godog committed
419
420
421
	return true;
}

lechuck's avatar
lechuck committed
422
/**
lechuck's avatar
lechuck committed
423
 * Confirm a new site signup.
lechuck's avatar
lechuck committed
424
425
 *
 * @since MU
lechuck's avatar
lechuck committed
426
427
428
429
430
431
432
433
434
 * @since 4.4.0 Added the `$blog_id` parameter.
 *
 * @param string $domain     The domain URL.
 * @param string $path       The site root path.
 * @param string $blog_title The site title.
 * @param string $user_name  The username.
 * @param string $user_email The user's email address.
 * @param array  $meta       Any additional meta from the 'add_signup_meta' filter in validate_blog_signup().
 * @param int    $blog_id    The site ID.
lechuck's avatar
lechuck committed
435
 */
lechuck's avatar
lechuck committed
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
function confirm_another_blog_signup( $domain, $path, $blog_title, $user_name, $user_email = '', $meta = array(), $blog_id = 0 ) {

	if ( $blog_id ) {
		switch_to_blog( $blog_id );
		$home_url  = home_url( '/' );
		$login_url = wp_login_url();
		restore_current_blog();
	} else {
		$home_url  = 'http://' . $domain . $path;
		$login_url = 'http://' . $domain . $path . 'wp-login.php';
	}

	$site = sprintf( '<a href="%1$s">%2$s</a>',
		esc_url( $home_url ),
		$blog_title
	);

godog's avatar
godog committed
453
	?>
lechuck's avatar
lechuck committed
454
	<h2><?php printf( __( 'The site %s is yours.' ), $site ); ?></h2>
godog's avatar
godog committed
455
	<p>
lechuck's avatar
lechuck committed
456
457
458
459
460
461
462
		<?php printf(
			__( '<a href="%1$s">%2$s</a> is your new site. <a href="%3$s">Log in</a> as &#8220;%4$s&#8221; using your existing password.' ),
			esc_url( $home_url ),
			untrailingslashit( $domain . $path ),
			esc_url( $login_url ),
			$user_name
		); ?>
godog's avatar
godog committed
463
464
	</p>
	<?php
lucha's avatar
lucha committed
465
466
467
468
469
	/**
	 * Fires when the site or user sign-up process is complete.
	 *
	 * @since 3.0.0
	 */
godog's avatar
godog committed
470
471
472
	do_action( 'signup_finished' );
}

lechuck's avatar
lechuck committed
473
474
475
476
477
478
479
480
481
/**
 * Setup the new user signup process
 *
 * @since MU
 *
 * @param string $user_name The username
 * @param string $user_email The user's email
 * @param array $errors
 */
lucha's avatar
lucha committed
482
483
function signup_user( $user_name = '', $user_email = '', $errors = '' ) {
	global $active_signup;
godog's avatar
godog committed
484
485
486
487

	if ( !is_wp_error($errors) )
		$errors = new WP_Error();

lechuck's avatar
lechuck committed
488
	$signup_for = isset( $_POST[ 'signup_for' ] ) ? esc_html( $_POST[ 'signup_for' ] ) : 'blog';
godog's avatar
godog committed
489

lucha's avatar
lucha committed
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
	$signup_user_defaults = array(
		'user_name'  => $user_name,
		'user_email' => $user_email,
		'errors'     => $errors,
	);

	/**
	 * Filter the default user variables used on the user sign-up form.
	 *
	 * @since 3.0.0
	 *
	 * @param array $signup_user_defaults {
	 *     An array of default user variables.
	 *
	 *     @type string $user_name  The user username.
	 *     @type string $user_email The user email address.
	 *     @type array  $errors     An array of possible errors relevant to the sign-up user.
	 * }
	 */
	$filtered_results = apply_filters( 'signup_user_init', $signup_user_defaults );
godog's avatar
godog committed
510
511
512
513
514
515
	$user_name = $filtered_results['user_name'];
	$user_email = $filtered_results['user_email'];
	$errors = $filtered_results['errors'];

	?>

lucha's avatar
lucha committed
516
	<h2><?php printf( __( 'Get your own %s account in seconds' ), get_current_site()->site_name ) ?></h2>
lucha's avatar
lucha committed
517
	<form id="setupform" method="post" action="wp-signup.php" novalidate="novalidate">
godog's avatar
godog committed
518
		<input type="hidden" name="stage" value="validate-user-signup" />
lucha's avatar
lucha committed
519
520
521
522
		<?php
		/** This action is documented in wp-signup.php */
		do_action( 'signup_hidden_fields', 'validate-user' );
		?>
godog's avatar
godog committed
523
524
525
526
527
528
529
530
		<?php show_user_form($user_name, $user_email, $errors); ?>

		<p>
		<?php if ( $active_signup == 'blog' ) { ?>
			<input id="signupblog" type="hidden" name="signup_for" value="blog" />
		<?php } elseif ( $active_signup == 'user' ) { ?>
			<input id="signupblog" type="hidden" name="signup_for" value="user" />
		<?php } else { ?>
lechuck's avatar
lechuck committed
531
			<input id="signupblog" type="radio" name="signup_for" value="blog" <?php checked( $signup_for, 'blog' ); ?> />
godog's avatar
godog committed
532
533
			<label class="checkbox" for="signupblog"><?php _e('Gimme a site!') ?></label>
			<br />
lechuck's avatar
lechuck committed
534
			<input id="signupuser" type="radio" name="signup_for" value="user" <?php checked( $signup_for, 'user' ); ?> />
godog's avatar
godog committed
535
536
537
538
539
540
541
542
543
			<label class="checkbox" for="signupuser"><?php _e('Just a username, please.') ?></label>
		<?php } ?>
		</p>

		<p class="submit"><input type="submit" name="submit" class="submit" value="<?php esc_attr_e('Next') ?>" /></p>
	</form>
	<?php
}

lechuck's avatar
lechuck committed
544
545
546
547
548
549
550
/**
 * Validate the new user signup
 *
 * @since MU
 *
 * @return bool True if new user signup was validated, false if error
 */
godog's avatar
godog committed
551
552
function validate_user_signup() {
	$result = validate_user_form();
lucha's avatar
lucha committed
553
554
555
	$user_name = $result['user_name'];
	$user_email = $result['user_email'];
	$errors = $result['errors'];
godog's avatar
godog committed
556
557
558
559
560
561
562
563
564
565
566

	if ( $errors->get_error_code() ) {
		signup_user($user_name, $user_email, $errors);
		return false;
	}

	if ( 'blog' == $_POST['signup_for'] ) {
		signup_blog($user_name, $user_email);
		return false;
	}

lucha's avatar
lucha committed
567
568
	/** This filter is documented in wp-signup.php */
	wpmu_signup_user( $user_name, $user_email, apply_filters( 'add_signup_meta', array() ) );
godog's avatar
godog committed
569
570
571
572
573

	confirm_user_signup($user_name, $user_email);
	return true;
}

lechuck's avatar
lechuck committed
574
575
576
577
578
579
580
581
/**
 * New user signup confirmation
 *
 * @since MU
 *
 * @param string $user_name The username
 * @param string $user_email The user's email address
 */
godog's avatar
godog committed
582
583
function confirm_user_signup($user_name, $user_email) {
	?>
lechuck's avatar
lechuck committed
584
585
	<h2><?php /* translators: %s: username */
	printf( __( '%s is your new username' ), $user_name) ?></h2>
godog's avatar
godog committed
586
	<p><?php _e( 'But, before you can start using your new username, <strong>you must activate it</strong>.' ) ?></p>
lechuck's avatar
lechuck committed
587
588
	<p><?php /* translators: %s: email address */
	printf( __( 'Check your inbox at %s and click the link given.' ), '<strong>' . $user_email . '</strong>' ); ?></p>
godog's avatar
godog committed
589
590
	<p><?php _e( 'If you do not activate your username within two days, you will have to sign up again.' ); ?></p>
	<?php
lucha's avatar
lucha committed
591
	/** This action is documented in wp-signup.php */
godog's avatar
godog committed
592
593
594
	do_action( 'signup_finished' );
}

lechuck's avatar
lechuck committed
595
596
597
598
599
600
601
602
603
604
605
/**
 * Setup the new site signup
 *
 * @since MU
 *
 * @param string $user_name The username
 * @param string $user_email The user's email address
 * @param string $blogname The site name
 * @param string $blog_title The site title
 * @param array $errors
 */
godog's avatar
godog committed
606
607
608
609
function signup_blog($user_name = '', $user_email = '', $blogname = '', $blog_title = '', $errors = '') {
	if ( !is_wp_error($errors) )
		$errors = new WP_Error();

lucha's avatar
lucha committed
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
	$signup_blog_defaults = array(
		'user_name'  => $user_name,
		'user_email' => $user_email,
		'blogname'   => $blogname,
		'blog_title' => $blog_title,
		'errors'     => $errors
	);

	/**
	 * Filter the default site creation variables for the site sign-up form.
	 *
	 * @since 3.0.0
	 *
	 * @param array $signup_blog_defaults {
	 *     An array of default site creation variables.
	 *
	 *     @type string $user_name  The user username.
	 *     @type string $user_email The user email address.
	 *     @type string $blogname   The blogname.
	 *     @type string $blog_title The title of the site.
	 *     @type array  $errors     An array of possible errors relevant to new site creation variables.
	 * }
	 */
	$filtered_results = apply_filters( 'signup_blog_init', $signup_blog_defaults );

godog's avatar
godog committed
635
636
637
638
639
640
641
642
643
644
645
646
647
	$user_name = $filtered_results['user_name'];
	$user_email = $filtered_results['user_email'];
	$blogname = $filtered_results['blogname'];
	$blog_title = $filtered_results['blog_title'];
	$errors = $filtered_results['errors'];

	if ( empty($blogname) )
		$blogname = $user_name;
	?>
	<form id="setupform" method="post" action="wp-signup.php">
		<input type="hidden" name="stage" value="validate-blog-signup" />
		<input type="hidden" name="user_name" value="<?php echo esc_attr($user_name) ?>" />
		<input type="hidden" name="user_email" value="<?php echo esc_attr($user_email) ?>" />
lucha's avatar
lucha committed
648
649
650
651
		<?php
		/** This action is documented in wp-signup.php */
		do_action( 'signup_hidden_fields', 'validate-site' );
		?>
godog's avatar
godog committed
652
653
654
655
656
657
		<?php show_blog_form($blogname, $blog_title, $errors); ?>
		<p class="submit"><input type="submit" name="submit" class="submit" value="<?php esc_attr_e('Signup') ?>" /></p>
	</form>
	<?php
}

lechuck's avatar
lechuck committed
658
659
660
661
662
663
664
/**
 * Validate new site signup
 *
 * @since MU
 *
 * @return bool True if the site signup was validated, false if error
 */
godog's avatar
godog committed
665
666
function validate_blog_signup() {
	// Re-validate user info.
lucha's avatar
lucha committed
667
668
669
670
	$user_result = wpmu_validate_user_signup( $_POST['user_name'], $_POST['user_email'] );
	$user_name = $user_result['user_name'];
	$user_email = $user_result['user_email'];
	$user_errors = $user_result['errors'];
godog's avatar
godog committed
671

lucha's avatar
lucha committed
672
673
	if ( $user_errors->get_error_code() ) {
		signup_user( $user_name, $user_email, $user_errors );
godog's avatar
godog committed
674
675
676
		return false;
	}

lucha's avatar
lucha committed
677
678
679
680
681
682
	$result = wpmu_validate_blog_signup( $_POST['blogname'], $_POST['blog_title'] );
	$domain = $result['domain'];
	$path = $result['path'];
	$blogname = $result['blogname'];
	$blog_title = $result['blog_title'];
	$errors = $result['errors'];
godog's avatar
godog committed
683
684
685
686
687
688
689

	if ( $errors->get_error_code() ) {
		signup_blog($user_name, $user_email, $blogname, $blog_title, $errors);
		return false;
	}

	$public = (int) $_POST['blog_public'];
lucha's avatar
lucha committed
690
	$signup_meta = array ('lang_id' => 1, 'public' => $public);
lucha's avatar
lucha committed
691

lechuck's avatar
lechuck committed
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
	// Handle the language setting for the new site.
	if ( ! empty( $_POST['WPLANG'] ) ) {

		$languages = signup_get_available_languages();

		if ( in_array( $_POST['WPLANG'], $languages ) ) {
			$language = wp_unslash( sanitize_text_field( $_POST['WPLANG'] ) );

			if ( $language ) {
				$signup_meta['WPLANG'] = $language;
			}
		}

	}

lucha's avatar
lucha committed
707
	/** This filter is documented in wp-signup.php */
lucha's avatar
lucha committed
708
	$meta = apply_filters( 'add_signup_meta', $signup_meta );
godog's avatar
godog committed
709
710
711
712
713
714

	wpmu_signup_blog($domain, $path, $blog_title, $user_name, $user_email, $meta);
	confirm_blog_signup($domain, $path, $blog_title, $user_name, $user_email, $meta);
	return true;
}

lechuck's avatar
lechuck committed
715
716
717
718
719
720
721
722
723
724
725
726
727
/**
 * New site signup confirmation
 *
 * @since MU
 *
 * @param string $domain The domain URL
 * @param string $path The site root path
 * @param string $blog_title The new site title
 * @param string $user_name The user's username
 * @param string $user_email The user's email address
 * @param array $meta Any additional meta from the 'add_signup_meta' filter in validate_blog_signup()
 */
function confirm_blog_signup( $domain, $path, $blog_title, $user_name = '', $user_email = '', $meta = array() ) {
godog's avatar
godog committed
728
	?>
lechuck's avatar
lechuck committed
729
730
	<h2><?php /* translators: %s: site address */
	printf( __( 'Congratulations! Your new site, %s, is almost ready.' ), "<a href='http://{$domain}{$path}'>{$blog_title}</a>" ) ?></h2>
godog's avatar
godog committed
731
732

	<p><?php _e( 'But, before you can start using your site, <strong>you must activate it</strong>.' ) ?></p>
lechuck's avatar
lechuck committed
733
734
	<p><?php /* translators: %s: email address */
	printf( __( 'Check your inbox at %s and click the link given.' ), '<strong>' . $user_email . '</strong>' ); ?></p>
godog's avatar
godog committed
735
736
737
738
739
740
741
	<p><?php _e( 'If you do not activate your site within two days, you will have to sign up again.' ); ?></p>
	<h2><?php _e( 'Still waiting for your email?' ); ?></h2>
	<p>
		<?php _e( 'If you haven&#8217;t received your email yet, there are a number of things you can do:' ) ?>
		<ul id="noemail-tips">
			<li><p><strong><?php _e( 'Wait a little longer. Sometimes delivery of email can be delayed by processes outside of our control.' ) ?></strong></p></li>
			<li><p><?php _e( 'Check the junk or spam folder of your email client. Sometime emails wind up there by mistake.' ) ?></p></li>
lechuck's avatar
lechuck committed
742
			<li><?php printf( __( 'Have you entered your email correctly? You have entered %s, if it&#8217;s incorrect, you will not receive your email.' ), $user_email ) ?></li>
godog's avatar
godog committed
743
744
745
		</ul>
	</p>
	<?php
lucha's avatar
lucha committed
746
	/** This action is documented in wp-signup.php */
godog's avatar
godog committed
747
748
749
	do_action( 'signup_finished' );
}

lechuck's avatar
lechuck committed
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
/**
 * Retrieves languages available during the site/user signup process.
 *
 * @since 4.4.0
 *
 * @see get_available_languages()
 *
 * @return array List of available languages.
 */
function signup_get_available_languages() {
	/**
	 * Filter the list of available languages for front-end site signups.
	 *
	 * Passing an empty array to this hook will disable output of the setting on the
	 * signup form, and the default language will be used when creating the site.
	 *
	 * Languages not already installed will be stripped.
	 *
	 * @since 4.4.0
	 *
	 * @param array $available_languages Available languages.
	 */
	$languages = (array) apply_filters( 'signup_get_available_languages', get_available_languages() );

	/*
	 * Strip any non-installed languages and return.
	 *
	 * Re-call get_available_languages() here in case a language pack was installed
	 * in a callback hooked to the 'signup_get_available_languages' filter before this point.
	 */
	return array_intersect_assoc( $languages, get_available_languages() );
}

godog's avatar
godog committed
783
// Main
lucha's avatar
lucha committed
784
785
786
787
788
789
790
791
792
793
$active_signup = get_site_option( 'registration', 'none' );
/**
 * Filter the type of site sign-up.
 *
 * @since 3.0.0
 *
 * @param string $active_signup String that returns registration type. The value can be
 *                              'all', 'none', 'blog', or 'user'.
 */
$active_signup = apply_filters( 'wpmu_active_signup', $active_signup );
godog's avatar
godog committed
794
795
796
797
798
799
800
801

// Make the signup type translatable.
$i18n_signup['all'] = _x('all', 'Multisite active signup type');
$i18n_signup['none'] = _x('none', 'Multisite active signup type');
$i18n_signup['blog'] = _x('blog', 'Multisite active signup type');
$i18n_signup['user'] = _x('user', 'Multisite active signup type');

if ( is_super_admin() )
root's avatar
root committed
802
	echo '<div class="mu_alert">' . sprintf( __( 'Greetings Site Administrator! You are currently allowing &#8220;%s&#8221; registrations. To change or disable registration go to your <a href="%s">Options page</a>.' ), $i18n_signup[$active_signup], esc_url( network_admin_url( 'settings.php' ) ) ) . '</div>';
godog's avatar
godog committed
803
804
805
806

$newblogname = isset($_GET['new']) ? strtolower(preg_replace('/^-|-$|[^-a-zA-Z0-9]/', '', $_GET['new'])) : null;

$current_user = wp_get_current_user();
shammash's avatar
shammash committed
807
if ( $active_signup == 'none' ) {
godog's avatar
godog committed
808
809
	_e( 'Registration has been disabled.' );
} elseif ( $active_signup == 'blog' && !is_user_logged_in() ) {
lechuck's avatar
lechuck committed
810
	$login_url = wp_login_url( network_site_url( 'wp-signup.php' ) );
godog's avatar
godog committed
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
	echo sprintf( __( 'You must first <a href="%s">log in</a>, and then you can create a new site.' ), $login_url );
} else {
	$stage = isset( $_POST['stage'] ) ?  $_POST['stage'] : 'default';
	switch ( $stage ) {
		case 'validate-user-signup' :
			if ( $active_signup == 'all' || $_POST[ 'signup_for' ] == 'blog' && $active_signup == 'blog' || $_POST[ 'signup_for' ] == 'user' && $active_signup == 'user' )
				validate_user_signup();
			else
				_e( 'User registration has been disabled.' );
		break;
		case 'validate-blog-signup':
			if ( $active_signup == 'all' || $active_signup == 'blog' )
				validate_blog_signup();
			else
				_e( 'Site registration has been disabled.' );
			break;
		case 'gimmeanotherblog':
			validate_another_blog_signup();
			break;
		case 'default':
		default :
			$user_email = isset( $_POST[ 'user_email' ] ) ? $_POST[ 'user_email' ] : '';
lucha's avatar
lucha committed
833
834
835
836
837
838
			/**
			 * Fires when the site sign-up form is sent.
			 *
			 * @since 3.0.0
			 */
			do_action( 'preprocess_signup_form' );
godog's avatar
godog committed
839
840
			if ( is_user_logged_in() && ( $active_signup == 'all' || $active_signup == 'blog' ) )
				signup_another_blog($newblogname);
lechuck's avatar
lechuck committed
841
			elseif ( ! is_user_logged_in() && ( $active_signup == 'all' || $active_signup == 'user' ) )
godog's avatar
godog committed
842
				signup_user( $newblogname, $user_email );
lechuck's avatar
lechuck committed
843
			elseif ( ! is_user_logged_in() && ( $active_signup == 'blog' ) )
godog's avatar
godog committed
844
845
846
847
848
849
850
851
				_e( 'Sorry, new registrations are not allowed at this time.' );
			else
				_e( 'You are logged in already. No need to register again!' );

			if ( $newblogname ) {
				$newblog = get_blogaddress_by_name( $newblogname );

				if ( $active_signup == 'blog' || $active_signup == 'all' )
lechuck's avatar
lechuck committed
852
853
854
855
					/* translators: %s: site address */
					printf( '<p><em>' . __( 'The site you were looking for, %s, does not exist, but you can create it now!' ) . '</em></p>',
						'<strong>' . $newblog . '</strong>'
					);
godog's avatar
godog committed
856
				else
lechuck's avatar
lechuck committed
857
858
859
860
					/* translators: %s: site address */
					printf( '<p><em>' . __( 'The site you were looking for, %s, does not exist.' ) . '</em></p>',
						'<strong>' . $newblog . '</strong>'
					);
godog's avatar
godog committed
861
862
863
864
865
866
867
			}
			break;
	}
}
?>
</div>
</div>
lucha's avatar
lucha committed
868
869
870
871
872
873
874
<?php
/**
 * Fires after the sign-up forms, before wp_footer.
 *
 * @since 3.0.0
 */
do_action( 'after_signup_form' ); ?>
godog's avatar
godog committed
875

lechuck's avatar
lechuck committed
876
<?php get_footer( 'wp-signup' );