User Switching - Version 1.0.4

Version Description

  • Support for the new logout_redirect and removable_query_args filters in WordPress 4.2.

=

Download this release

Release Info

Developer johnbillion
Plugin Icon 128x128 User Switching
Version 1.0.4
Comparing to
See all releases

Code changes from version 1.0.3 to 1.0.4

Files changed (2) hide show
  1. readme.txt +8 -11
  2. user-switching.php +68 -20
readme.txt CHANGED
@@ -3,8 +3,8 @@
3
  Contributors: johnbillion
4
  Tags: users, profiles, user switching, fast user switching, multisite, buddypress, bbpress, become, user management, developer
5
  Requires at least: 3.1
6
- Tested up to: 4.1
7
- Stable tag: 1.0.3
8
  License: GPL v2 or later
9
 
10
  Instant switching between user accounts in WordPress.
@@ -62,7 +62,7 @@ See the [FAQ](https://wordpress.org/plugins/user-switching/faq/) for information
62
  * Español (Spanish)
63
  * Türkçe (Turkish)
64
 
65
- Thanks to translations by Hassan Hisham, Tunghsiao Liu, Francois-Xavier Bénard, Ralph Stenzel, Rami Y, Yusuke Hayasaki, Tommixoft, Amin Ab, Bartosz Arendt, Raphael Mendonça, R J, Max Samael, Eko Ikhyar, Marcelo Pedra, Abdullah Pazarbasi, ArianServ, SilverXp, Evi Giannakou, Petya Raykovska, Martin Sauter, Yaser Tallo, Enrique Errando, Sami Keijonen, Ishka Michocka, Alessandro Curci, Alessandro Tesoro, and Ante Sepic!
66
 
67
  == Screenshots ==
68
 
@@ -122,19 +122,19 @@ When a user switches off, the `switch_off_user` hook is called with the old user
122
 
123
  == Upgrade Notice ==
124
 
125
- = 1.0.3 =
126
-
127
- * Croatian translation, plus a small fix to avoid PHP notices triggered by poorly coded plugins.
128
 
129
  == Changelog ==
130
 
131
- = 1.0.3 =
 
132
 
 
133
  * Croation translation.
134
  * Avoid PHP notices caused by other plugins which erroneously use boolean `true` as a capability.
135
 
136
  = 1.0.2 =
137
-
138
  * Turkish translation by Abdullah Pazarbasi.
139
  * Romanian translation by ArianServ.
140
  * Dutch translation by Thom.
@@ -145,18 +145,15 @@ When a user switches off, the `switch_off_user` hook is called with the old user
145
  * Updated Arabic, Spanish, German, and Polish translations.
146
 
147
  = 1.0.1 =
148
-
149
  * Shorten the names of User Switching's cookies to avoid problems with Suhosin's over-zealous default rules.
150
  * Add backwards compatibility for the deprecated `OLDUSER_COOKIE` constant.
151
 
152
  = 1.0 =
153
-
154
  * Security hardening for sites that use HTTPS in the admin area and HTTP on the front end.
155
  * Add an extra auth check before the nonce verification.
156
  * Pretty icon next to the switch back links.
157
 
158
  = 0.9 =
159
-
160
  * Minor fixes for the `login_redirect` filter.
161
  * Increase the specificity of the `switch_to_old_user` and `switch_off` nonces.
162
 
3
  Contributors: johnbillion
4
  Tags: users, profiles, user switching, fast user switching, multisite, buddypress, bbpress, become, user management, developer
5
  Requires at least: 3.1
6
+ Tested up to: 4.1.1
7
+ Stable tag: 1.0.4
8
  License: GPL v2 or later
9
 
10
  Instant switching between user accounts in WordPress.
62
  * Español (Spanish)
63
  * Türkçe (Turkish)
64
 
65
+ Thanks to translations by Hassan Hisham, Tunghsiao Liu, Francois-Xavier Bénard, Ralph Stenzel, Rami Y, Yusuke Hayasaki, Tommixoft, Amin Ab, Bartosz Arendt, Raphael Mendonça, R J, Max Samael, Eko Ikhyar, Marcelo Pedra, Abdullah Pazarbasi, ArianServ, SilverXp, Evi Giannakou, Petya Raykovska, Martin Sauter, Yaser Tallo, Enrique Errando, Sami Keijonen, Kalina Michocka, Alessandro Curci, Alessandro Tesoro, and Ante Sepic!
66
 
67
  == Screenshots ==
68
 
122
 
123
  == Upgrade Notice ==
124
 
125
+ = 1.0.4 =
126
+ * Support for the new `logout_redirect` and `removable_query_args` filters in WordPress 4.2.
 
127
 
128
  == Changelog ==
129
 
130
+ = 1.0.4 =
131
+ * Support for the new `logout_redirect` and `removable_query_args` filters in WordPress 4.2.
132
 
133
+ = 1.0.3 =
134
  * Croation translation.
135
  * Avoid PHP notices caused by other plugins which erroneously use boolean `true` as a capability.
136
 
137
  = 1.0.2 =
 
138
  * Turkish translation by Abdullah Pazarbasi.
139
  * Romanian translation by ArianServ.
140
  * Dutch translation by Thom.
145
  * Updated Arabic, Spanish, German, and Polish translations.
146
 
147
  = 1.0.1 =
 
148
  * Shorten the names of User Switching's cookies to avoid problems with Suhosin's over-zealous default rules.
149
  * Add backwards compatibility for the deprecated `OLDUSER_COOKIE` constant.
150
 
151
  = 1.0 =
 
152
  * Security hardening for sites that use HTTPS in the admin area and HTTP on the front end.
153
  * Add an extra auth check before the nonce verification.
154
  * Pretty icon next to the switch back links.
155
 
156
  = 0.9 =
 
157
  * Minor fixes for the `login_redirect` filter.
158
  * Increase the specificity of the `switch_to_old_user` and `switch_off` nonces.
159
 
user-switching.php CHANGED
@@ -2,7 +2,7 @@
2
  /*
3
  Plugin Name: User Switching
4
  Description: Instant switching between user accounts in WordPress
5
- Version: 1.0.3
6
  Plugin URI: https://johnblackbourn.com/wordpress-plugin-user-switching/
7
  Author: John Blackbourn
8
  Author URI: https://johnblackbourn.com/
@@ -30,7 +30,7 @@ class user_switching {
30
  /**
31
  * Class constructor. Set up some filters and actions.
32
  */
33
- public function __construct() {
34
 
35
  # Required functionality:
36
  add_filter( 'user_has_cap', array( $this, 'filter_user_has_cap' ), 10, 3 );
@@ -45,6 +45,8 @@ class user_switching {
45
  # Nice-to-haves:
46
  add_filter( 'ms_user_row_actions', array( $this, 'filter_user_row_actions' ), 10, 2 );
47
  add_filter( 'login_message', array( $this, 'filter_login_message' ), 1 );
 
 
48
  add_action( 'wp_footer', array( $this, 'action_wp_footer' ) );
49
  add_action( 'personal_options', array( $this, 'action_personal_options' ) );
50
  add_action( 'admin_bar_menu', array( $this, 'action_admin_bar_menu' ), 11 );
@@ -132,6 +134,8 @@ class user_switching {
132
  return;
133
  }
134
 
 
 
135
  switch ( $_REQUEST['action'] ) {
136
 
137
  # We're attempting to switch to another user:
@@ -150,7 +154,7 @@ class user_switching {
150
  $user = switch_to_user( $user_id, self::remember() );
151
  if ( $user ) {
152
 
153
- $redirect_to = self::get_redirect( $user );
154
 
155
  # Redirect to the dashboard or the home URL depending on capabilities:
156
  $args = array( 'user_switched' => 'true' );
@@ -187,7 +191,7 @@ class user_switching {
187
  # Switch user:
188
  if ( switch_to_user( $old_user->ID, self::remember(), false ) ) {
189
 
190
- $redirect_to = self::get_redirect( $old_user );
191
  $args = array( 'user_switched' => 'true', 'switched_back' => 'true' );
192
  if ( $redirect_to ) {
193
  wp_safe_redirect( add_query_arg( $args, $redirect_to ) );
@@ -203,19 +207,17 @@ class user_switching {
203
  # We're attempting to switch off the current user:
204
  case 'switch_off':
205
 
206
- $user = wp_get_current_user();
207
-
208
  # Check authentication:
209
  if ( !current_user_can( 'switch_off' ) ) {
210
  wp_die( __( 'Could not switch off.', 'user-switching' ) );
211
  }
212
 
213
  # Check intent:
214
- check_admin_referer( "switch_off_{$user->ID}" );
215
 
216
  # Switch off:
217
  if ( switch_off_user() ) {
218
- $redirect_to = self::get_redirect();
219
  $args = array( 'switched_off' => 'true' );
220
  if ( $redirect_to ) {
221
  wp_safe_redirect( add_query_arg( $args, $redirect_to ) );
@@ -235,20 +237,24 @@ class user_switching {
235
  /**
236
  * Fetch the URL to redirect to for a given user (used after switching).
237
  *
238
- * @param WP_User|null A WP_User object (optional).
 
239
  * @return string The URL to redirect to.
240
  */
241
- protected static function get_redirect( WP_User $user = null ) {
242
 
243
  if ( isset( $_REQUEST['redirect_to'] ) and !empty( $_REQUEST['redirect_to'] ) ) {
244
  $redirect_to = self::remove_query_args( $_REQUEST['redirect_to'] );
 
245
  } else {
246
  $redirect_to = '';
 
247
  }
248
 
249
- if ( $user ) {
250
- $requested_redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '';
251
- $redirect_to = apply_filters( 'login_redirect', $redirect_to, $requested_redirect_to, $user );
 
252
  }
253
 
254
  return $redirect_to;
@@ -387,12 +393,27 @@ class user_switching {
387
 
388
  }
389
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
390
  /**
391
  * Adds a 'Switch back to {user}' link to the WordPress footer if the admin toolbar isn't showing.
392
  */
393
  public function action_wp_footer() {
394
 
395
- if ( !is_admin_bar_showing() and $old_user = self::get_old_user() ) {
396
  $link = sprintf( __( 'Switch back to %1$s (%2$s)', 'user-switching' ), $old_user->display_name, $old_user->user_login );
397
  $url = add_query_arg( array(
398
  'redirect_to' => urlencode( self::current_url() )
@@ -508,6 +529,20 @@ class user_switching {
508
 
509
  }
510
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
511
  /**
512
  * Helper function. Returns the switch to or switch back URL for a given user.
513
  *
@@ -581,12 +616,12 @@ class user_switching {
581
  * @return string The URL with the listed query args removed.
582
  */
583
  public static function remove_query_args( $url ) {
584
- return remove_query_arg( array(
585
- 'user_switched', 'switched_off', 'switched_back',
586
  'message', 'update', 'updated', 'settings-updated', 'saved',
587
  'activated', 'activate', 'deactivate', 'enabled', 'disabled',
588
  'locked', 'skipped', 'deleted', 'trashed', 'untrashed'
589
- ), $url );
 
590
  }
591
 
592
  /**
@@ -658,6 +693,21 @@ class user_switching {
658
  return $required_caps;
659
  }
660
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
661
  }
662
 
663
  if ( !function_exists( 'user_switching_set_olduser_cookie' ) ) {
@@ -836,6 +886,4 @@ function current_user_switched() {
836
  }
837
  }
838
 
839
- global $user_switching;
840
-
841
- $user_switching = new user_switching;
2
  /*
3
  Plugin Name: User Switching
4
  Description: Instant switching between user accounts in WordPress
5
+ Version: 1.0.4
6
  Plugin URI: https://johnblackbourn.com/wordpress-plugin-user-switching/
7
  Author: John Blackbourn
8
  Author URI: https://johnblackbourn.com/
30
  /**
31
  * Class constructor. Set up some filters and actions.
32
  */
33
+ private function __construct() {
34
 
35
  # Required functionality:
36
  add_filter( 'user_has_cap', array( $this, 'filter_user_has_cap' ), 10, 3 );
45
  # Nice-to-haves:
46
  add_filter( 'ms_user_row_actions', array( $this, 'filter_user_row_actions' ), 10, 2 );
47
  add_filter( 'login_message', array( $this, 'filter_login_message' ), 1 );
48
+ add_filter( 'removable_query_args', array( $this, 'filter_removable_query_args' ) );
49
+ add_action( 'wp_meta', array( $this, 'action_wp_meta' ) );
50
  add_action( 'wp_footer', array( $this, 'action_wp_footer' ) );
51
  add_action( 'personal_options', array( $this, 'action_personal_options' ) );
52
  add_action( 'admin_bar_menu', array( $this, 'action_admin_bar_menu' ), 11 );
134
  return;
135
  }
136
 
137
+ $current_user = ( is_user_logged_in() ) ? wp_get_current_user() : null;
138
+
139
  switch ( $_REQUEST['action'] ) {
140
 
141
  # We're attempting to switch to another user:
154
  $user = switch_to_user( $user_id, self::remember() );
155
  if ( $user ) {
156
 
157
+ $redirect_to = self::get_redirect( $user, $current_user );
158
 
159
  # Redirect to the dashboard or the home URL depending on capabilities:
160
  $args = array( 'user_switched' => 'true' );
191
  # Switch user:
192
  if ( switch_to_user( $old_user->ID, self::remember(), false ) ) {
193
 
194
+ $redirect_to = self::get_redirect( $old_user, $current_user );
195
  $args = array( 'user_switched' => 'true', 'switched_back' => 'true' );
196
  if ( $redirect_to ) {
197
  wp_safe_redirect( add_query_arg( $args, $redirect_to ) );
207
  # We're attempting to switch off the current user:
208
  case 'switch_off':
209
 
 
 
210
  # Check authentication:
211
  if ( !current_user_can( 'switch_off' ) ) {
212
  wp_die( __( 'Could not switch off.', 'user-switching' ) );
213
  }
214
 
215
  # Check intent:
216
+ check_admin_referer( "switch_off_{$current_user->ID}" );
217
 
218
  # Switch off:
219
  if ( switch_off_user() ) {
220
+ $redirect_to = self::get_redirect( null, $current_user );
221
  $args = array( 'switched_off' => 'true' );
222
  if ( $redirect_to ) {
223
  wp_safe_redirect( add_query_arg( $args, $redirect_to ) );
237
  /**
238
  * Fetch the URL to redirect to for a given user (used after switching).
239
  *
240
+ * @param WP_User $new_user The new user's WP_User object (optional).
241
+ * @param WP_User $old_user The old user's WP_User object (optional).
242
  * @return string The URL to redirect to.
243
  */
244
+ protected static function get_redirect( WP_User $new_user = null, WP_User $old_user = null ) {
245
 
246
  if ( isset( $_REQUEST['redirect_to'] ) and !empty( $_REQUEST['redirect_to'] ) ) {
247
  $redirect_to = self::remove_query_args( $_REQUEST['redirect_to'] );
248
+ $requested_redirect_to = $_REQUEST['redirect_to'];
249
  } else {
250
  $redirect_to = '';
251
+ $requested_redirect_to = '';
252
  }
253
 
254
+ if ( ! $new_user ) {
255
+ $redirect_to = apply_filters( 'logout_redirect', $redirect_to, $requested_redirect_to, $old_user );
256
+ } else {
257
+ $redirect_to = apply_filters( 'login_redirect', $redirect_to, $requested_redirect_to, $new_user );
258
  }
259
 
260
  return $redirect_to;
393
 
394
  }
395
 
396
+ /**
397
+ * Adds a 'Switch back to {user}' link to the Meta sidebar widget if the admin toolbar isn't showing.
398
+ */
399
+ public function action_wp_meta() {
400
+
401
+ if ( !is_admin_bar_showing() and $old_user = self::get_old_user() ) {
402
+ $link = sprintf( __( 'Switch back to %1$s (%2$s)', 'user-switching' ), $old_user->display_name, $old_user->user_login );
403
+ $url = add_query_arg( array(
404
+ 'redirect_to' => urlencode( self::current_url() )
405
+ ), self::switch_back_url( $old_user ) );
406
+ echo '<li id="user_switching_switch_on"><a href="' . $url . '">' . $link . '</a></li>';
407
+ }
408
+
409
+ }
410
+
411
  /**
412
  * Adds a 'Switch back to {user}' link to the WordPress footer if the admin toolbar isn't showing.
413
  */
414
  public function action_wp_footer() {
415
 
416
+ if ( !did_action( 'wp_meta' ) and !is_admin_bar_showing() and $old_user = self::get_old_user() ) {
417
  $link = sprintf( __( 'Switch back to %1$s (%2$s)', 'user-switching' ), $old_user->display_name, $old_user->user_login );
418
  $url = add_query_arg( array(
419
  'redirect_to' => urlencode( self::current_url() )
529
 
530
  }
531
 
532
+ /**
533
+ * Filter the list of query arguments which get removed from admin area URLs in WordPress.
534
+ *
535
+ * @link https://core.trac.wordpress.org/ticket/23367
536
+ *
537
+ * @param array $args List of removable query arguments.
538
+ * @return array Updated list of removable query arguments.
539
+ */
540
+ public function filter_removable_query_args( array $args ) {
541
+ return array_merge( $args, array(
542
+ 'user_switched', 'switched_off', 'switched_back',
543
+ ) );
544
+ }
545
+
546
  /**
547
  * Helper function. Returns the switch to or switch back URL for a given user.
548
  *
616
  * @return string The URL with the listed query args removed.
617
  */
618
  public static function remove_query_args( $url ) {
619
+ $args = apply_filters( 'removable_query_args', array(
 
620
  'message', 'update', 'updated', 'settings-updated', 'saved',
621
  'activated', 'activate', 'deactivate', 'enabled', 'disabled',
622
  'locked', 'skipped', 'deleted', 'trashed', 'untrashed'
623
+ ) );
624
+ return remove_query_arg( $args, $url );
625
  }
626
 
627
  /**
693
  return $required_caps;
694
  }
695
 
696
+ /**
697
+ * Singleton instantiator.
698
+ *
699
+ * @return user_switching User Switching instance.
700
+ */
701
+ public static function get_instance() {
702
+ static $instance;
703
+
704
+ if ( ! isset( $instance ) ) {
705
+ $instance = new user_switching;
706
+ }
707
+
708
+ return $instance;
709
+ }
710
+
711
  }
712
 
713
  if ( !function_exists( 'user_switching_set_olduser_cookie' ) ) {
886
  }
887
  }
888
 
889
+ $GLOBALS['user_switching'] = user_switching::get_instance();