User Switching - Version 1.3.0

Version Description

Download this release

Release Info

Developer johnbillion
Plugin Icon 128x128 User Switching
Version 1.3.0
Comparing to
See all releases

Code changes from version 1.2.0 to 1.3.0

Files changed (3) hide show
  1. composer.json +1 -0
  2. readme.txt +2 -2
  3. user-switching.php +42 -43
composer.json CHANGED
@@ -26,6 +26,7 @@
26
  "johnpbloch/wordpress": ">=4.8.0@stable",
27
  "johnbillion/php-docs-standards": "^1.2",
28
  "phpunit/phpunit": "^5",
 
29
  "wp-coding-standards/wpcs": "^0.13"
30
  },
31
  "extra": {
26
  "johnpbloch/wordpress": ">=4.8.0@stable",
27
  "johnbillion/php-docs-standards": "^1.2",
28
  "phpunit/phpunit": "^5",
29
+ "wimg/php-compatibility": "^8",
30
  "wp-coding-standards/wpcs": "^0.13"
31
  },
32
  "extra": {
readme.txt CHANGED
@@ -3,8 +3,8 @@
3
  Contributors: johnbillion
4
  Tags: users, profiles, user switching, fast user switching, multisite, buddypress, bbpress, become, user management, developer
5
  Requires at least: 3.7
6
- Tested up to: 4.8
7
- Stable tag: 1.2.0
8
  License: GPL v2 or later
9
 
10
  Instant switching between user accounts in WordPress.
3
  Contributors: johnbillion
4
  Tags: users, profiles, user switching, fast user switching, multisite, buddypress, bbpress, become, user management, developer
5
  Requires at least: 3.7
6
+ Tested up to: 4.9
7
+ Stable tag: 1.3.0
8
  License: GPL v2 or later
9
 
10
  Instant switching between user accounts in WordPress.
user-switching.php CHANGED
@@ -10,7 +10,7 @@
10
  *
11
  * Plugin Name: User Switching
12
  * Description: Instant switching between user accounts in WordPress
13
- * Version: 1.2.0
14
  * Plugin URI: https://johnblackbourn.com/wordpress-plugin-user-switching/
15
  * Author: John Blackbourn
16
  * Author URI: https://johnblackbourn.com/
@@ -35,7 +35,7 @@
35
  class user_switching {
36
 
37
  /**
38
- * Class constructor. Set up some filters and actions.
39
  */
40
  private function __construct() {
41
 
@@ -64,7 +64,7 @@ class user_switching {
64
  }
65
 
66
  /**
67
- * Define the names of our cookies.
68
  */
69
  public function action_plugins_loaded() {
70
 
@@ -86,7 +86,7 @@ class user_switching {
86
  }
87
 
88
  /**
89
- * Output the 'Switch To' link on the user editing screen if we have permission to switch to this user.
90
  *
91
  * @param WP_User $user User object for this screen.
92
  */
@@ -106,7 +106,7 @@ class user_switching {
106
  }
107
 
108
  /**
109
- * Return whether or not the current logged in user is being remembered in the form of a persistent browser cookie
110
  * (ie. they checked the 'Remember Me' check box when they logged in). This is used to persist the 'remember me'
111
  * value when the user switches to another user.
112
  *
@@ -135,7 +135,7 @@ class user_switching {
135
  }
136
 
137
  /**
138
- * Load localisation files and route actions depending on the 'action' query var.
139
  */
140
  public function action_init() {
141
 
@@ -264,7 +264,7 @@ class user_switching {
264
  }
265
 
266
  /**
267
- * Fetch the URL to redirect to for a given user (used after switching).
268
  *
269
  * @param WP_User $new_user Optional. The new user's WP_User object.
270
  * @param WP_User $old_user Optional. The old user's WP_User object.
@@ -313,7 +313,7 @@ class user_switching {
313
  }
314
 
315
  /**
316
- * Display the 'Switched to {user}' and 'Switch back to {user}' messages in the admin area.
317
  */
318
  public function action_admin_notices() {
319
  $user = wp_get_current_user();
@@ -350,7 +350,7 @@ class user_switching {
350
  );
351
 
352
  /**
353
- * Filter the contents of the message that's displayed to switched users in the admin area.
354
  *
355
  * @since 1.1.0
356
  *
@@ -397,7 +397,7 @@ class user_switching {
397
  }
398
 
399
  /**
400
- * Validate the old user cookie and return its user data.
401
  *
402
  * @return bool|WP_User False if there's no old user cookie or it's invalid, WP_User object if it's present and valid.
403
  */
@@ -414,7 +414,7 @@ class user_switching {
414
  }
415
 
416
  /**
417
- * Authenticate an old user by verifying the latest entry in the auth cookie.
418
  *
419
  * @param WP_User $user A WP_User object (usually from the logged_in cookie).
420
  * @return bool Whether verification with the auth cookie passed.
@@ -612,12 +612,12 @@ class user_switching {
612
  * Adds a 'Switch To' link to each member's profile page and profile listings in BuddyPress.
613
  */
614
  public function action_bp_button() {
615
- global $bp, $members_template;
616
 
617
- if ( ! empty( $members_template ) && empty( $bp->displayed_user->id ) ) {
618
- $user = get_userdata( $members_template->member->id );
619
- } else {
620
- $user = get_userdata( $bp->displayed_user->id );
621
  }
622
 
623
  if ( ! $user ) {
@@ -634,23 +634,15 @@ class user_switching {
634
  'redirect_to' => urlencode( bp_core_get_user_domain( $user->ID ) ),
635
  ), $link );
636
 
637
- // Workaround for https://buddypress.trac.wordpress.org/ticket/4212
638
- $components = array_keys( $bp->active_components );
639
- if ( ! empty( $components ) ) {
640
- $component = reset( $components );
641
- } else {
642
- $component = 'core';
643
- }
644
 
645
- // @codingStandardsIgnoreStart
646
  echo bp_get_button( array(
647
  'id' => 'user_switching',
648
- 'component' => $component,
649
  'link_href' => esc_url( $link ),
650
  'link_text' => esc_html__( 'Switch To', 'user-switching' ),
651
  'wrapper_id' => 'user_switching_switch_to',
652
  ) );
653
- // @codingStandardsIgnoreEnd
654
 
655
  }
656
 
@@ -683,7 +675,7 @@ class user_switching {
683
  }
684
 
685
  /**
686
- * Filter the list of query arguments which get removed from admin area URLs in WordPress.
687
  *
688
  * @link https://core.trac.wordpress.org/ticket/23367
689
  *
@@ -699,7 +691,7 @@ class user_switching {
699
  }
700
 
701
  /**
702
- * Helper function. Returns the switch to or switch back URL for a given user.
703
  *
704
  * @param WP_User $user The user to be switched to.
705
  * @return string|bool The required URL, or false if there's no old user or the user doesn't have the required capability.
@@ -719,7 +711,7 @@ class user_switching {
719
  }
720
 
721
  /**
722
- * Helper function. Returns the nonce-secured URL needed to switch to a given user ID.
723
  *
724
  * @param WP_User $user The user to be switched to.
725
  * @return string The required URL.
@@ -728,11 +720,12 @@ class user_switching {
728
  return wp_nonce_url( add_query_arg( array(
729
  'action' => 'switch_to_user',
730
  'user_id' => $user->ID,
 
731
  ), wp_login_url() ), "switch_to_user_{$user->ID}" );
732
  }
733
 
734
  /**
735
- * Helper function. Returns the nonce-secured URL needed to switch back to the originating user.
736
  *
737
  * @param WP_User $user The old user.
738
  * @return string The required URL.
@@ -740,11 +733,12 @@ class user_switching {
740
  public static function switch_back_url( WP_User $user ) {
741
  return wp_nonce_url( add_query_arg( array(
742
  'action' => 'switch_to_olduser',
 
743
  ), wp_login_url() ), "switch_to_olduser_{$user->ID}" );
744
  }
745
 
746
  /**
747
- * Helper function. Returns the nonce-secured URL needed to switch off the current user.
748
  *
749
  * @param WP_User $user The user to be switched off.
750
  * @return string The required URL.
@@ -752,11 +746,12 @@ class user_switching {
752
  public static function switch_off_url( WP_User $user ) {
753
  return wp_nonce_url( add_query_arg( array(
754
  'action' => 'switch_off',
 
755
  ), wp_login_url() ), "switch_off_{$user->ID}" );
756
  }
757
 
758
  /**
759
- * Helper function. Returns the current URL.
760
  *
761
  * @return string The current URL.
762
  */
@@ -765,7 +760,7 @@ class user_switching {
765
  }
766
 
767
  /**
768
- * Helper function. Removes a list of common confirmation-style query args from a URL.
769
  *
770
  * @param string $url A URL.
771
  * @return string The URL with query args removed.
@@ -779,7 +774,7 @@ class user_switching {
779
  }
780
 
781
  /**
782
- * Helper function. Should User Switching's equivalent of the 'logged_in' cookie be secure?
783
  *
784
  * This is used to set the 'secure' flag on the old user cookie, for enhanced security.
785
  *
@@ -792,7 +787,7 @@ class user_switching {
792
  }
793
 
794
  /**
795
- * Helper function. Should User Switching's equivalent of the 'auth' cookie be secure?
796
  *
797
  * This is used to determine whether to set a secure auth cookie or not.
798
  *
@@ -803,7 +798,7 @@ class user_switching {
803
  }
804
 
805
  /**
806
- * Filter a user's capabilities so they can be altered at runtime.
807
  *
808
  * This is used to:
809
  * - Grant the 'switch_to_user' capability to the user if they have the ability to edit the user they're trying to
@@ -817,9 +812,9 @@ class user_switching {
817
  * @param array $args {
818
  * Arguments that accompany the requested capability check.
819
  *
820
- * @type string $0 Requested capability.
821
- * @type int $1 Concerned user ID.
822
- * @type mixed $2 Optional second parameter.
823
  * }
824
  * @param WP_User $user Concerned user object.
825
  * @return bool[] Concerned user's capabilities.
@@ -834,7 +829,7 @@ class user_switching {
834
  }
835
 
836
  /**
837
- * Filter the required primitive capabilities for the given primitive or meta capability.
838
  *
839
  * This is used to:
840
  * - Add the 'do_not_allow' capability to the list of required capabilities when a Super Admin is trying to switch
@@ -844,8 +839,12 @@ class user_switching {
844
  *
845
  * @param string[] $required_caps Required primitive capabilities for the requested capability.
846
  * @param string $cap Capability or meta capability being checked.
847
- * @param int $user_id Current user ID.
848
- * @param array $args Arguments that accompany this capability check.
 
 
 
 
849
  * @return string[] Required capabilities for the requested action.
850
  */
851
  public function filter_map_meta_cap( array $required_caps, $cap, $user_id, array $args ) {
@@ -1063,7 +1062,7 @@ function switch_off_user() {
1063
 
1064
  if ( ! function_exists( 'current_user_switched' ) ) {
1065
  /**
1066
- * Helper function. Did the current user switch into their account?
1067
  *
1068
  * @return bool|WP_User False if the user isn't logged in or they didn't switch in; old user object (which evaluates to
1069
  * true) if the user switched into the current user account.
10
  *
11
  * Plugin Name: User Switching
12
  * Description: Instant switching between user accounts in WordPress
13
+ * Version: 1.3.0
14
  * Plugin URI: https://johnblackbourn.com/wordpress-plugin-user-switching/
15
  * Author: John Blackbourn
16
  * Author URI: https://johnblackbourn.com/
35
  class user_switching {
36
 
37
  /**
38
+ * Class constructor. Sets up some filters and actions.
39
  */
40
  private function __construct() {
41
 
64
  }
65
 
66
  /**
67
+ * Defines the names of our cookies.
68
  */
69
  public function action_plugins_loaded() {
70
 
86
  }
87
 
88
  /**
89
+ * Outputs the 'Switch To' link on the user editing screen if we have permission to switch to this user.
90
  *
91
  * @param WP_User $user User object for this screen.
92
  */
106
  }
107
 
108
  /**
109
+ * Returns whether or not the current logged in user is being remembered in the form of a persistent browser cookie
110
  * (ie. they checked the 'Remember Me' check box when they logged in). This is used to persist the 'remember me'
111
  * value when the user switches to another user.
112
  *
135
  }
136
 
137
  /**
138
+ * Loads localisation files and routes actions depending on the 'action' query var.
139
  */
140
  public function action_init() {
141
 
264
  }
265
 
266
  /**
267
+ * Fetches the URL to redirect to for a given user (used after switching).
268
  *
269
  * @param WP_User $new_user Optional. The new user's WP_User object.
270
  * @param WP_User $old_user Optional. The old user's WP_User object.
313
  }
314
 
315
  /**
316
+ * Displays the 'Switched to {user}' and 'Switch back to {user}' messages in the admin area.
317
  */
318
  public function action_admin_notices() {
319
  $user = wp_get_current_user();
350
  );
351
 
352
  /**
353
+ * Filters the contents of the message that's displayed to switched users in the admin area.
354
  *
355
  * @since 1.1.0
356
  *
397
  }
398
 
399
  /**
400
+ * Validates the old user cookie and returns its user data.
401
  *
402
  * @return bool|WP_User False if there's no old user cookie or it's invalid, WP_User object if it's present and valid.
403
  */
414
  }
415
 
416
  /**
417
+ * Authenticates an old user by verifying the latest entry in the auth cookie.
418
  *
419
  * @param WP_User $user A WP_User object (usually from the logged_in cookie).
420
  * @return bool Whether verification with the auth cookie passed.
612
  * Adds a 'Switch To' link to each member's profile page and profile listings in BuddyPress.
613
  */
614
  public function action_bp_button() {
615
+ $user = null;
616
 
617
+ if ( bp_is_user() ) {
618
+ $user = get_userdata( bp_displayed_user_id() );
619
+ } elseif ( bp_is_members_directory() ) {
620
+ $user = get_userdata( bp_get_member_user_id() );
621
  }
622
 
623
  if ( ! $user ) {
634
  'redirect_to' => urlencode( bp_core_get_user_domain( $user->ID ) ),
635
  ), $link );
636
 
637
+ $components = array_keys( buddypress()->active_components );
 
 
 
 
 
 
638
 
 
639
  echo bp_get_button( array(
640
  'id' => 'user_switching',
641
+ 'component' => reset( $components ),
642
  'link_href' => esc_url( $link ),
643
  'link_text' => esc_html__( 'Switch To', 'user-switching' ),
644
  'wrapper_id' => 'user_switching_switch_to',
645
  ) );
 
646
 
647
  }
648
 
675
  }
676
 
677
  /**
678
+ * Filters the list of query arguments which get removed from admin area URLs in WordPress.
679
  *
680
  * @link https://core.trac.wordpress.org/ticket/23367
681
  *
691
  }
692
 
693
  /**
694
+ * Returns the switch to or switch back URL for a given user.
695
  *
696
  * @param WP_User $user The user to be switched to.
697
  * @return string|bool The required URL, or false if there's no old user or the user doesn't have the required capability.
711
  }
712
 
713
  /**
714
+ * Returns the nonce-secured URL needed to switch to a given user ID.
715
  *
716
  * @param WP_User $user The user to be switched to.
717
  * @return string The required URL.
720
  return wp_nonce_url( add_query_arg( array(
721
  'action' => 'switch_to_user',
722
  'user_id' => $user->ID,
723
+ 'nr' => 1,
724
  ), wp_login_url() ), "switch_to_user_{$user->ID}" );
725
  }
726
 
727
  /**
728
+ * Returns the nonce-secured URL needed to switch back to the originating user.
729
  *
730
  * @param WP_User $user The old user.
731
  * @return string The required URL.
733
  public static function switch_back_url( WP_User $user ) {
734
  return wp_nonce_url( add_query_arg( array(
735
  'action' => 'switch_to_olduser',
736
+ 'nr' => 1,
737
  ), wp_login_url() ), "switch_to_olduser_{$user->ID}" );
738
  }
739
 
740
  /**
741
+ * Returns the nonce-secured URL needed to switch off the current user.
742
  *
743
  * @param WP_User $user The user to be switched off.
744
  * @return string The required URL.
746
  public static function switch_off_url( WP_User $user ) {
747
  return wp_nonce_url( add_query_arg( array(
748
  'action' => 'switch_off',
749
+ 'nr' => 1,
750
  ), wp_login_url() ), "switch_off_{$user->ID}" );
751
  }
752
 
753
  /**
754
+ * Returns the current URL.
755
  *
756
  * @return string The current URL.
757
  */
760
  }
761
 
762
  /**
763
+ * Removes a list of common confirmation-style query args from a URL.
764
  *
765
  * @param string $url A URL.
766
  * @return string The URL with query args removed.
774
  }
775
 
776
  /**
777
+ * Returns whether or not User Switching's equivalent of the 'logged_in' cookie should be secure.
778
  *
779
  * This is used to set the 'secure' flag on the old user cookie, for enhanced security.
780
  *
787
  }
788
 
789
  /**
790
+ * Returns whether or not User Switching's equivalent of the 'auth' cookie should be secure.
791
  *
792
  * This is used to determine whether to set a secure auth cookie or not.
793
  *
798
  }
799
 
800
  /**
801
+ * Filters a user's capabilities so they can be altered at runtime.
802
  *
803
  * This is used to:
804
  * - Grant the 'switch_to_user' capability to the user if they have the ability to edit the user they're trying to
812
  * @param array $args {
813
  * Arguments that accompany the requested capability check.
814
  *
815
+ * @type string $0 Requested capability.
816
+ * @type int $1 Concerned user ID.
817
+ * @type mixed ...$2 Optional second and further parameters.
818
  * }
819
  * @param WP_User $user Concerned user object.
820
  * @return bool[] Concerned user's capabilities.
829
  }
830
 
831
  /**
832
+ * Filters the required primitive capabilities for the given primitive or meta capability.
833
  *
834
  * This is used to:
835
  * - Add the 'do_not_allow' capability to the list of required capabilities when a Super Admin is trying to switch
839
  *
840
  * @param string[] $required_caps Required primitive capabilities for the requested capability.
841
  * @param string $cap Capability or meta capability being checked.
842
+ * @param int $user_id Concerned user ID.
843
+ * @param array $args {
844
+ * Arguments that accompany the requested capability check.
845
+ *
846
+ * @type mixed ...$0 Optional second and further parameters.
847
+ * }
848
  * @return string[] Required capabilities for the requested action.
849
  */
850
  public function filter_map_meta_cap( array $required_caps, $cap, $user_id, array $args ) {
1062
 
1063
  if ( ! function_exists( 'current_user_switched' ) ) {
1064
  /**
1065
+ * Returns whether or not the current user switched into their account.
1066
  *
1067
  * @return bool|WP_User False if the user isn't logged in or they didn't switch in; old user object (which evaluates to
1068
  * true) if the user switched into the current user account.