Changeset 10928 for sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/admin/ui.php

Timestamp:

04/27/2021 04:24:21 AM (4 years ago)

Author:

dd32

Message:

Login: Allow registrations with "low reCaptcha scores" to register, but go into a pending-moderation state.

This will allow legitimate users who receive a "Please try again" error to be manually approved.

This will also allow us to experiment with more aggressive anti-spam measures, as the majority of current spam registrations are human generated.

File:

• sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/admin/ui.php (modified) (5 diffs)

sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/admin/ui.php

@@ -13 +13 @@
 });
 
+function wporg_login_admin_action_text( $action ) {
+    switch ( $action ) {
+        case 'resent-email':
+            return 'The registration email has been resent.';
+        case 'approved':
+            return 'The registration has been approved, and a confirmation email has been sent.';
+        case 'deleted':
+            return 'The registration record has been removed.';
+        case 'blocked':
+            return 'The registration has been blocked.';
+        case 'blocked_account':
+            return 'Account blocked.';
+        default:
+            return 'Action performed.';
+    }
+}
+
 function wporg_login_admin_page() {
     $wp_list_table = new User_Registrations_List_Table();
     $wp_list_table->prepare_items();
 
-    echo '<style>
+    ?><script>
+    jQuery( document ).ready( function($) {
+        $( 'table .row-actions a' ).click( function( e ) {
+            e.preventDefault();
+
+            var $this = $(this),
+                $tr   = $this.parents('tr'),
+                $tds  = $tr.find( 'td:not(:first)' );
+
+            $tds.remove();
+            $tr.find( '.row-actions' ).remove();
+            $tr.append( "<td colspan=" + $tds.length + ">...</td>" );
+
+            var url = $this.prop('href') + '&ajax=1';
+
+            $.get( url, function( data ) {
+                $tr.find('td:last').text( data );
+            } );
+        });
+    } );
+    </script>
+    <style>
         table.dashboard_page_user-registrations td > a {
             color: inherit;
@@ -24 +62 @@
             text-decoration: underline;
         }
-    </style>';
+        table.dashboard_page_user-registrations .delete-red {
+            color: #b32d2e;
+        }
+    </style>
+    <?php
 
     echo '<div class="wrap">';
@@ -30 +72 @@
     echo '<hr class="wp-header-end">';
 
-    if ( isset( $_REQUEST['resent-email'] ) ) {
-        echo '<div class="updated notice"><p>The registration email has been resent.</p></div>';
+    if ( isset( $_GET['action'] ) ) {
+        echo '<div class="updated notice"><p>';
+        echo wporg_login_admin_action_text( $_GET['action'] );
+        echo '</p></div>';
     }
 
@@ -37 +81 @@
     printf( '<input type="hidden" name="page" value="%s">', esc_attr( $_GET['page'] ) );
 
-    //$wp_list_table->views();
+    $wp_list_table->views();
     $wp_list_table->search_box( 'Search', 's' );
     $wp_list_table->display();
@@ -58 +102 @@
     }
 
-    wp_safe_redirect( add_query_arg(
-        's',
-        urlencode( $email ),
-        'https://login.wordpress.org/wp-admin/index.php?page=user-registrations&resent-email=true'
-    ) );
-    exit;
-});
+    if ( isset( $_GET['ajax'] ) ) {
+        die( wporg_login_admin_action_text( 'resent-email' ) );
+    }
+
+    wp_safe_redirect( add_query_arg(
+        's',
+        urlencode( $email ),
+        'https://login.wordpress.org/wp-admin/index.php?page=user-registrations&action=resent-email'
+    ) );
+    exit;
+} );
+
+add_action( 'admin_post_login_mark_as_cleared', function() { 
+    if ( ! current_user_can( 'manage_users' ) ) {
+        wp_die();
+    }
+
+    $email = $_REQUEST['email'] ?? '';
+
+    check_admin_referer( 'clear_' . $email );
+
+    $user = wporg_get_pending_user( $email );
+    if ( $user ) {
+        $user['cleared'] = 2;
+        wporg_update_pending_user( $user );
+
+        wporg_login_send_confirmation_email( $user['user_email'] );
+    }
+
+    if ( isset( $_GET['ajax'] ) ) {
+        die( wporg_login_admin_action_text( 'approved' ) );
+    }
+
+    wp_safe_redirect( add_query_arg(
+        's',
+        urlencode( $email ),
+        'https://login.wordpress.org/wp-admin/index.php?page=user-registrations&action=approved'
+    ) );
+    exit;
+} );
+
+add_action( 'admin_post_login_block', function() { 
+    if ( ! current_user_can( 'manage_users' ) ) {
+        wp_die();
+    }
+
+    $email = $_REQUEST['email'] ?? '';
+
+    check_admin_referer( 'block_' . $email );
+
+    $user = wporg_get_pending_user( $email );
+    if ( $user ) {
+        $user['cleared']             = 0;
+        $user['user_activation_key'] = '';
+        $user['user_profile_key']    = '';
+
+        wporg_update_pending_user( $user );
+    }
+
+    if ( isset( $_GET['ajax'] ) ) {
+        die( wporg_login_admin_action_text( 'blocked' ) );
+    }
+
+    wp_safe_redirect( add_query_arg(
+        's',
+        urlencode( $email ),
+        'https://login.wordpress.org/wp-admin/index.php?page=user-registrations&action=blocked'
+    ) );
+    exit;
+} );
+
+add_action( 'admin_post_login_delete', function() { 
+    if ( ! current_user_can( 'manage_users' ) ) {
+        wp_die();
+    }
+
+    $email = $_REQUEST['email'] ?? '';
+
+    check_admin_referer( 'delete_' . $email );
+
+    $user = wporg_get_pending_user( $email );
+    if ( $user ) {
+        wporg_delete_pending_user( $user );
+    }
+
+    if ( isset( $_GET['ajax'] ) ) {
+        die( wporg_login_admin_action_text( 'deleted' ) );
+    }
+
+    wp_safe_redirect( add_query_arg(
+        's',
+        urlencode( $email ),
+        'https://login.wordpress.org/wp-admin/index.php?page=user-registrations&action=deleted'
+    ) );
+    exit;
+} );
+
+add_action( 'admin_post_login_block_account', function() { 
+    if ( ! current_user_can( 'manage_users' ) ) {
+        wp_die();
+    }
+
+    $email = $_REQUEST['email'] ?? '';
+
+    check_admin_referer( 'block_account_' . $email );
+
+    $user = get_user_by( 'email', $email );
+    if ( $user && defined( 'WPORG_SUPPORT_FORUMS_BLOGID' ) ) {
+        // Load the support forums.. 
+        include_once WP_PLUGIN_DIR . '/bbpress/bbpress.php';
+        include_once WP_PLUGIN_DIR . '/support-forums/support-forums.php';
+
+        // Then switch to it (Must be done after bbPress is loaded to get roles)
+        switch_to_blog( WPORG_SUPPORT_FORUMS_BLOGID );
+
+        // Set the user to blocked. Support forum hooks will take care of the rest.
+        bbp_set_user_role( $user->ID, bbp_get_blocked_role() );
+
+        restore_current_blog();
+    }
+
+    if ( isset( $_GET['ajax'] ) ) {
+        die( wporg_login_admin_action_text( 'blocked_account' ) );
+    }
+
+    wp_safe_redirect( add_query_arg(
+        's',
+        urlencode( $email ),
+        'https://login.wordpress.org/wp-admin/index.php?page=user-registrations&action=blocked_account'
+    ) );
+    exit;
+} );
+