Changeset 13216

Timestamp:

02/16/2024 04:46:29 AM (19 months ago)

Author:

dd32

Message:

Registration: Add bulk block, and add room for a reason to be provided, query by country.

Location:

sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login

Files:

• admin/class-user-registrations-list-table.php (modified) (8 diffs)
• admin/ui.php (modified) (5 diffs)
• functions-registration.php (modified) (3 diffs)

sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/admin/class-user-registrations-list-table.php

@@ -43 +43 @@
         $current_view = $_REQUEST['view'] ?? $default;
 
-        if ( isset( $_GET['s'] ) ) {
+        if ( ! empty( $_GET['s'] ) ) {
             $default = 'search';
             $views[0] = [
@@ -144 +144 @@
     }
 
-    function get_columns() {
+    public function get_columns() {
         return [
+            'cb'              => '<input type="checkbox" />',
             'user_login'      => 'User Login',
             'meta'            => 'Meta',
@@ -159 +160 @@
             'user_registered' => array( 'user_registered', true ),
         ];
-     }
+    }
+
+    protected function get_bulk_actions() {
+        return array(
+            'reg_block' => 'Block Reg / Ban user',
+        );
+    }
 
     function prepare_items() {
@@ -184 +191 @@
         }
 
-        $per_page     = $this->get_items_per_page( 'users_per_page', 100 );
+        $per_page     = $_GET['per_page'] ?? $this->get_items_per_page( 'users_per_page', 100 );
         $current_page = $this->get_pagenum();
 
@@ -215 +222 @@
         ]);
 
+    }
+
+    protected function bulk_actions( $which = '' ) {
+        parent::bulk_actions( $which );
+
+        if ( 'top' !== $which ) {
+            return;
+        }
+        ?>
+
+        <fieldset class="alignleft actions">
+            <input name="block_reason" id="block_reason" placeholder="Ban/Block reason. Used for bulk + single." style="width: 32em;padding: 0.4em;margin: 0;" value="<?php echo esc_attr( $_REQUEST['block_reason'] ?? '' ); ?>" />
+        </fieldset>
+        <?php
     }
 
@@ -249 +270 @@
     }
 
+    public function column_cb( $item ) {
+        return sprintf(
+            '<input type="checkbox" name="pending_ids[]" value="%1$s" />',
+            esc_attr( $item->pending_id ),
+        );
+    }
+
     function column_default( $item, $column_name ) {
         echo esc_html( $item->$column_name );
@@ -348 +376 @@
         echo '<div>';
 
-        echo implode( ', ',
-            array_map(
-                function( $ip ) {
-                    return $this->link_to_search( $ip ) .
-                        ( is_callable( 'WordPressdotorg\GeoIP\query' ) ?
-                            ' ' . \WordPressdotorg\GeoIP\query( $ip, 'country_short' ) : '' );
-                },
-                array_filter( array_unique( [
-                    $meta->registration_ip ?? false,
-                    $meta->confirmed_ip ?? false
-                ] ) )
-            )
-        );
+        $ips = [];
+        foreach ( [ 'registration', 'confirmed' ] as $field ) {
+            if ( empty( $meta->{$field . '_ip'} ) ) {
+                continue;
+            }
+            $ip = $meta->{$field . '_ip'};
+
+            $meta->{$field . '_ip_country'} ??= ( is_callable( 'WordPressdotorg\GeoIP\query' ) ? ' ' . \WordPressdotorg\GeoIP\query( $ip, 'country_short' ) : '' );
+
+            $ips[] = $ip . ' ' . $meta->{$field . '_ip_country'};
+        }
+
+        echo implode( ', ', array_map( array( $this, 'link_to_Search' ), array_unique( $ips ) ) );
 
         echo '<hr>';
@@ -446 +474 @@
 
         return implode( '', array_map( function( $s ) {
-            if ( strlen( $s ) >= 3 ) {
+            if ( strlen( $s ) >= 3 || preg_match( '/^[A-Z]{2}$/', $s ) /* country */ ) {
                 return '<a href="' . add_query_arg( 's', urlencode( $s ), admin_url( 'admin.php?page=user-registrations' ) ) . '">' . esc_html( $s ) . '</a>';
             }

sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/admin/ui.php

@@ -89 +89 @@
 
             var url = $this.prop('href') + '&ajax=1';
+            if ( url.indexOf( 'block_account' ) !== -1 ) {
+                if ( ! $('block_reason').val() ) {
+                    $('block_reason').val( prompt( 'Reason for blocking?' ) || '' );
+                }
+                url += '&block_reason=' + encodeURIComponent( $('block_reason').val() );
+            }
 
             $.get( url, function( data ) {
@@ -375 +381 @@
     check_admin_referer( 'block_' . $email );
 
-    $user = wporg_get_pending_user( $email );
-    if ( $user ) {
-        $user['cleared']             = 0;
-        $user['user_activation_key'] = '';
-        $user['user_profile_key']    = '';
-
-        wporg_update_pending_user( $user );
-    }
+    wporg_login_block_registration( $user );
 
     if ( isset( $_GET['ajax'] ) ) {
@@ -396 +395 @@
 } );
 
+function wporg_login_block_registration( $user ) {
+    $user = wporg_get_pending_user( $user );
+    if ( $user ) {
+        $user['cleared']             = 0;
+        $user['user_activation_key'] = '';
+        $user['user_profile_key']    = '';
+
+        wporg_update_pending_user( $user );
+
+        return true;
+    }
+
+    return false;
+}
+
 add_action( 'admin_post_login_delete', function() { 
     if ( ! current_user_can( 'promote_users' ) ) {
@@ -427 +441 @@
     }
 
-    if ( empty( $_REQUEST['user'] ) ) {
+    $user   = $_REQUEST['user'] ?? '';
+    $reason = $_REQUEST['block_reason'] ?? '';
+    if ( empty( $user ) ) {
         die();
     }
 
-    $pending_user = wporg_get_pending_user( $_REQUEST['user'] );
-    if ( ! $pending_user || ! $pending_user['created'] ) {
-        die();
-    }
-
-    $user = get_user_by( 'slug', $pending_user['user_login'] );
+    $pending_user = wporg_get_pending_user( $user );
     if ( ! $user ) {
         die();
     }
 
-    $table = new User_Registrations_List_Table();
-
-    ob_start();
-    $pending_as_object       = (object) $pending_user;
-    $pending_as_object->meta = (object) $pending_as_object->meta;
-    $pending_as_object->user = $user;
-
-    unset( $pending_as_object->meta->registration_ip, $pending_as_object->meta->confirmed_ip );
-
-    $table->column_meta( $pending_as_object );
-    $meta_column = ob_get_clean();
-    $meta_column = wp_strip_all_tags( str_replace( '<br>', "\n", $meta_column ), false );
+    $user = get_user_by( 'slug', $pending_user['user_login'] );
 
     check_admin_referer( 'block_account_' . $user->ID );
 
-    if ( $user && defined( 'WPORG_SUPPORT_FORUMS_BLOGID' ) ) {
-
-        // Switch first so that bbPress loads with the correct context.
-        // This also ensures that the bbp_participant code doesn't kick in.
-        switch_to_blog( WPORG_SUPPORT_FORUMS_BLOGID );
-
-        // Load the support forums.. 
-        include_once WP_PLUGIN_DIR . '/bbpress/bbpress.php';
-        include_once WP_PLUGIN_DIR . '/support-forums/support-forums.php';
-
-        // bbPress roles still aren't quite right, need to switch away and back..
-        // This is hacky, but otherwise the bbp_set_user_role() call below will appear to succeed, but no role alteration will actually happen.
-        restore_current_blog();
-        switch_to_blog( WPORG_SUPPORT_FORUMS_BLOGID );
-
-        add_filter( 'wporg_bbp_forum_role_changed_note_text', function( $text ) use ( $meta_column ) {
-            return trim( "{$meta_column}\n\n{$text}" );
-        } );
-
-        // Set the user to blocked. Support forum hooks will take care of the rest.
-        bbp_set_user_role( $user->ID, bbp_get_blocked_role() );
-
-        restore_current_blog();
+    $result = wporg_login_block_account( $pending_user, $reason );
+    if ( ! $result ) {
+        die();
     }
 
@@ -493 +473 @@
 } );
 
+function wporg_login_block_account( $user, $reason = '' ) {
+    $pending_user = wporg_get_pending_user( $user );
+    if ( ! $pending_user || ! $pending_user['created'] ) {
+        return false;
+    }
+
+    $user = get_user_by( 'slug', $pending_user['user_login'] );
+    if ( ! $user ) {
+        return false;
+    }
+
+    $table = new User_Registrations_List_Table();
+
+    ob_start();
+    $pending_as_object       = (object) $pending_user;
+    $pending_as_object->meta = (object) $pending_as_object->meta;
+    $pending_as_object->user = $user;
+
+    unset( $pending_as_object->meta->registration_ip, $pending_as_object->meta->confirmed_ip );
+
+    $table->column_meta( $pending_as_object );
+    $meta_column = ob_get_clean();
+    $meta_column = wp_strip_all_tags( str_replace( '<br>', "\n", $meta_column ), false );
+
+    if ( $user && defined( 'WPORG_SUPPORT_FORUMS_BLOGID' ) ) {
+
+        // Switch first so that bbPress loads with the correct context.
+        // This also ensures that the bbp_participant code doesn't kick in.
+        switch_to_blog( WPORG_SUPPORT_FORUMS_BLOGID );
+
+        // Load the support forums.. 
+        include_once WP_PLUGIN_DIR . '/bbpress/bbpress.php';
+        include_once WP_PLUGIN_DIR . '/support-forums/support-forums.php';
+
+        // bbPress roles still aren't quite right, need to switch away and back..
+        // This is hacky, but otherwise the bbp_set_user_role() call below will appear to succeed, but no role alteration will actually happen.
+        restore_current_blog();
+        switch_to_blog( WPORG_SUPPORT_FORUMS_BLOGID );
+
+        // Load the Support Forums, for logging and whatnot.
+        WordPressdotorg\Forums\Plugin::get_instance();
+
+        $callback = function( $text ) use ( $callback, $reason, $meta_column ) {
+            remove_filter( 'wporg_bbp_forum_role_changed_note_text', $callback );
+
+            return trim( "{$reason}\n{$meta_column}\n\n{$text}" );
+        };
+        add_filter( 'wporg_bbp_forum_role_changed_note_text', $callback );
+
+        // Set the user to blocked. Support forum hooks will take care of the rest.
+        bbp_set_user_role( $user->ID, bbp_get_blocked_role() );
+
+        restore_current_blog();
+    }
+
+    return true;
+}
+
+add_action( 'load-toplevel_page_user-registrations', function() {
+    // Perform bulk actions.
+    $action = $_REQUEST['action'] ?? ( $_REQUEST['action2'] ?? '' );
+    if (
+        empty( $_REQUEST['pending_ids'] ) ||
+        'reg_block' !== $action ||
+        ! wp_verify_nonce( $_REQUEST['_wpnonce'], 'bulk-toplevel_page_user-registrations' )
+    ) {
+        return;
+    }
+
+    $reason = $_REQUEST['block_reason'] ?? '';
+    foreach ( (array) $_REQUEST['pending_ids'] as $pending_id ) {
+        $pending_user = wporg_get_pending_user( $pending_id );
+        if ( ! $pending_user ) {
+            continue;
+        }
+
+        if ( $pending_user['created'] ) {
+            wporg_login_block_account( $pending_user, $reason );
+        } else {
+            wporg_login_block_registration( $pending_user );
+        }
+    }
+
+    $url = remove_query_arg( array( 'pending_ids', 'action', 'action2', '_wpnonce', '_wp_http_referer' ) );
+    $url = add_query_arg( 'action', 'blocked_account', $url );
+    wp_safe_redirect( $url );
+    exit;
+} );

sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/functions-registration.php

@@ -83 +83 @@
         'meta' => $meta + array(
             'registration_ip'  => $_SERVER['REMOTE_ADDR'], // Spam & fraud control. Will be discarded after the account is created.
+            'registration_ip_country' => ( is_callable( 'WordPressdotorg\GeoIP\query' ) ? ' ' . \WordPressdotorg\GeoIP\query( $_SERVER['REMOTE_ADDR'], 'country_short' ) : '' )
         ),
         'scores' => array(
@@ -191 +192 @@
 /**
  * Fetches a pending user record from the database by username or Email.
- */
-function wporg_get_pending_user( $login_or_email ) {
+ *
+ * @param string|int $who The username, email address, or user ID.
+ */
+function wporg_get_pending_user( $who ) {
     global $wpdb;
 
     // Is it a pending user object already?
-    if ( is_array( $login_or_email ) && isset( $login_or_email['pending_id'] ) ) {
-        return $login_or_email;
-    }
-
-    $login_or_email = trim( $login_or_email );
-    if ( ! $login_or_email ) {
+    if ( is_array( $who ) && isset( $who['pending_id'] ) ) {
+        return $who;
+    }
+
+    if ( is_numeric( $who ) && (int) $who == $who ) {
+        $field = 'pending_id';
+    } elseif ( str_contains( $who, '@' ) ) {
+        $field = 'user_email';
+    } else {
+        $field = 'user_login';
+    }
+
+    $who = trim( $who );
+    if ( ! $who ) {
         return false;
     }
 
     $pending_user = $wpdb->get_row( $wpdb->prepare(
-        "SELECT * FROM `{$wpdb->base_prefix}user_pending_registrations` WHERE ( `user_login` = %s OR `user_email` = %s ) LIMIT 1",
-        $login_or_email,
-        $login_or_email
+        "SELECT * FROM `{$wpdb->base_prefix}user_pending_registrations` WHERE %i = %s LIMIT 1",
+        $field,
+        $who
     ), ARRAY_A );
 
@@ -323 +334 @@
 
     // Update the pending record with the new details.
-    $pending_user['created'] = 1;
-    $pending_user['created_date'] = gmdate( 'Y-m-d H:i:s' );
-    $pending_user['meta']['confirmed_ip'] = $_SERVER['REMOTE_ADDR']; // Spam/Fraud purposes, will be deleted once not needed.
+    $pending_user['created']                      = 1;
+    $pending_user['created_date']                 = gmdate( 'Y-m-d H:i:s' );
+    $pending_user['meta']['confirmed_ip']         = $_SERVER['REMOTE_ADDR'];
+    $pending_user['meta']['confirmed_ip_country'] = ( is_callable( 'WordPressdotorg\GeoIP\query' ) ? ' ' . \WordPressdotorg\GeoIP\query( $_SERVER['REMOTE_ADDR'], 'country_short' ): '' );
 
     // reCaptcha v3 logging.