Touched profile user php. Removing the visual editor, color scheme selection and other details in the WordPress admin area

I would like to devote this lesson to creating personal profile for registered users (addition to the lesson Creating user registration on the site). Now users will be able to add their avatar, change their first and last name, add their place of residence and birthday. To do this, in the table users let's add a few fields:

Now let's create a profile page profile.php and add it to the page index.php link to it

Echo"
My profile"; Now the code for the page itself profile.php

Profile<?php echo $login; ?>

Profile



"; echo " ".$array["name_user"]." ".$array["lastname"]."
"; switch ($array["birthdate_month"])(//Convert the month number into the name case "1" : $month = "January"; break; case "2" : $month = "February"; break; case " 3" : $month = "March"; break; case "4" : $month = "April"; break; case "5" : $month = "May"; break; case "6" : $month = "June "; break; case "7" : $month = "July"; break; case "8" : $month = "August"; break; case "9" : $month = "September"; break; case "10" : $month = "October"; break; case "11" : $month = "November"; break; $month = "December"; echo "Registration date: ".$array[" reg_date"]."
"; echo "Gender: ".$array["sex"]."
"; echo "Birthday: ".$array["birthdate_day"]." ".$month." ".$array["birthdate_year"]."
"; echo "Country: ".$array["country"]."
"; echo "City: ".$array["city"]."
"; if($_GET["id"] == $id_user)(//Only the owner can edit the profile echo "Edit profile"; ) )else( print<<Entrance:
Login: Password:
RegistrationPassword recovery HERE; ) ?>

Naturally, by going to this page, we will see a standard avatar noAvatar.jpg and possibly a first and last name, if the user indicated them during registration, the remaining items will be empty. At the very end of this page there is a link to the profile editing page edit.php. The code for this page is very light and consists of data entry forms. Due to the rather large volume, I will not give it here in full, but will give only a part; it will be possible to get it in full in the source files.

All other forms are similar and will refer to one handler save_edit.php, which will make changes to the database. It also has a fairly large code, and I won’t present it here either, but will just tell you a little about what happens in it (you can also find the full code in the source files). First of all, we create an avatar, if the user has uploaded it, of course, otherwise we leave the standard one. If this is the case, then first of all we download it to the folder avatars(by the way, create this folder and give it write permissions 755) after checking with allowed extensions. Then a new image is created with a format depending on the selected mode: $rezim = 1 a square image is created, $rezim = 2 the picture is proportional to the original one. You also need to set the width of the created image $w and quality $quality. We save the created image in jpg format using the function imagejpeg and generate a random name for it. Now you need to delete the old image and update it in the database with a new one. That's all for the images.

All other items in this file are intended to update personal data about the user and are simple queries to the database to update fields. Before updating, the existence of incoming variables and their safety are checked using stripslashes And htmlspecialchars. If the update is successful, we immediately redirect the user to the profile page.
Now we will make sure that the logged in user can see all other registered users. To do this, let's create a page user.php, which will display all users in a loop.

I already wrote about WordPress users (see the link). But like any tool (except a sledgehammer), Adminimize is not ideal and it cannot remove everything completely, although this is thanks only to WordPress programmers.

This post was born spontaneously, you can say thanks to the guest Blow. The gist of his question was this (more like a series of questions):

1. How to hide "Selection" color scheme» for the user?

2. How to hide “Hot Keys” and “Visual Editor” in the WordPress panel?

I'll get straight to the point. Using this method, you can hide any elements for the user in his profile and on other pages as well. The easiest way is to edit the display file!

For “Profile” this is a file user-edit.php, which is in the folder wp-admin. You need to edit it very carefully, otherwise you can “pay” well for your experiments.

Solution (unified):

1. Download the file to your PC and make a copy of it (safe....)

2. We are looking for the HTML code that is responsible for displaying the information we need.

3. Carefully comment on it and “fill” it back with a replacement.

Now practice (edit User-edit.php):

Honestly, I don’t remember what version of WP I have on the test site, but it’s definitely not lower than 2.8.2.

First, I downloaded the file to my PC and looked at the code using Chrome Code Viewer, and found the required code in Notepad++.

(two dashes on each side “-”)

1. Hide the “Visual Editor”

Change to code:

—>

ps: do not copy this code, but change it yourself - there is a high probability of errors!!!

2. Hide “Select color scheme”.

You, I hope, noticed the difference between the codes - a total of 7 characters were added. To hide this item we are looking for if (count($_wp_admin_css_colors) > 1) and comment below the line all the code between to

3. Hide “Hot Keys”.

In the second lesson we will write two more classes and completely finish the internal part of the script.

Plan

The goal of this tutorial series is to create a simple application that allows users to register, log in, log out, and change settings. The class that will contain all the information about the user will be called User and it will be defined in the User.class.php file. The class that will be responsible for input/output will be called UserTools (UserTools.class.php).

A little about class naming

The proper etiquette is to name files that describe a class with the same name as the class itself. This makes it easy to determine the purpose of each file in the classes folder.

It is also common to add .class or .inc to the end of the class file name. This way we clearly define the purpose of the file and can use .htaccess to restrict access to these files.

User Class (User.class.php)

This class will define each user. With growth this application The definition of "User" may change significantly. Fortunately, OOP programming makes it easy to add additional user attributes.

Constructor

In this class we will use a constructor - this is a function that is automatically called when creating the next copy of the class. This allows us to automatically publish some attributes after the project is created. In this class, the constructor will take a single argument: an associative array that contains one row from the users table of our database.

require_once "DB.class.php"; class User ( public $id; public $username; public $hashedPassword; public $email;
public $joinDate;
//The constructor is called when a new object is created//Takes an associative array with the DB row as an argument. function __construct($data) ( $this->id = (isset($data["id"])) ? $data["id"] : ""; $this->username = (isset($data[" username"])) ? $data["username"] : ""; $this->hashedPassword = (isset($data["password"])) ? $data["password"] : ""; $this- >email = (isset($data["email"])) ? $data["email"] : ""; $this->joinDate = (isset($data["join_date"])) $data[" join_date"] : ""; )
public function save($isNewUser = false) ( //create a new database object. $db = new DB(); //if the user is already registered and we"re //just updating their info. if(!$isNewUser ) ( //set the data array $data = array("username" => ""$this->username"", "password" => ""$this->hashedPassword"",
"email" => ""$this->email"");
//update the row in the database $db->update($data, "users", "id = ".$this->id); )else ( //if the user is being registered for the first time. $data = array("username" => ""$this->username"", "password" => ""$this->hashedPassword"" , "email" => ""$this->email"", "join_date" => """.date("Y-m-d H:i:s",time())."""); id = $db->insert($data, "users"); $this->joinDate = time(); return true; ) ) ?>

Explanation

The first part of the code, outside the class zone, ensures that the class is connected to the database (since the User class has a function that requires this class).

Instead of variables of the “protected” class (used in the 1st lesson), we define them as “public”. This means that any code outside the class has access to these variables when working with the User object.

The constructor takes an array in which the columns in the table are keys. We define a class variable using $this->variablename. In the example of this class, we first check whether the value of a certain key exists. If yes, then we set the class variable to that value. Otherwise, the empty string. The code uses the short form of notation if:

$value = (3 == 4) ? "A" : "B";

IN in this example we check to see if 3 equals four! If yes - then $value = “A”, no - $value = “B”. In our example, the result is $value = “B”.

We save information about Users in the database

The save function is used to make changes to the database table with the current values ​​in the User object. This function uses the DB class we created in the first lesson. Using class variables, the $data array is set. If user data is being saved for the first time, then $isNewUser is passed as $true (false by default). If $isNewUser = $true then the insert() function of the DB class is called. Otherwise, the update() function is called. In both cases, information from the user object will be stored in the database.

Class UserTools.class.php

This class will contain functions that are related to users: login(), logout(), checkUsernameExists() and get(). But with the expansion of this application, you can add many more.

//UserTools.class.php require_once "User.class.php"; require_once "DB.class.php";
class UserTools(
//Log the user in. First checks to see if the //username and password match a row in the database. //If it is successful, set the session variables //and store the user object within.
public function login($username, $password)
{
$hashedPassword = md5($password); $result = mysql_query("SELECT * FROM users WHERE username = "$username" AND password = "$hashedPassword""); if(mysql_num_rows($result) == 1) ( $_SESSION["user"] = serialize(new User(mysql_fetch_assoc($result))); $_SESSION["login_time"] = time(); $_SESSION["logged_in "] = 1; return true; )else( return false; ) )
//Log the user out. Destroy the session variables. public function logout() ( unset($_SESSION["user"]); unset($_SESSION["login_time"]); unset($_SESSION["logged_in"]); session_destroy(); ) //Check to see if a username exists. //This is called during registration to make sure all user names are unique. public function checkUsernameExists($username) ( $result = mysql_query("select id from users where username="$username""); if(mysql_num_rows($result) == 0) ( return false; )else( return true; )
}
//get a user //returns a User object. Takes the users id as an input public function get($id) ( $db = new DB(); $result = $db->select("users", "id = $id"); return new User($result ); ) )
?>

login() function

The login() function is clear by its name. It takes the user arguments $username and $password and checks that they match. If everything matches, creates a User object with all the information and saves it in the session. Please note that we are only using the PHP serialize() function. It creates a stored version of the object that can be easily unserialized using unserialize(). Also, the login time will be saved. This can be used later to provide users with information about the length of stay on the site.

You may also notice that we set $_SESSION["logged_in"] to 1. This allows us to easily check on each page whether the user is logged in. It is enough to check only this variable.

logout() function

Also simple function. PHP function unset() clears variables in memory, while session_destroy() will delete the session.

checkUsernameExists() function

Anyone who knows English will easily understand the function. It simply asks the database whether a similar login has been used or not.

get() function

This function takes the unique id of the user and makes a query to the database using the DB class, namely the select() function. It will take an associative array with a number of user information and create a new User object, passing the array to the constructor.

Where can I use this? For example, if you create a page that needs to display specific user profiles, you will need to dynamically fetch this information. This is how you can do it: (let's say the URL is http://www.website.com/profile.php?userID=3)

//note: you will have to open up a database connection first. //see Part 1 for further information on doing so. //You"ll also have to make sure that you"ve included the class files.
$tools = new UserTools(); $user = $tools->get($_REQUEST["userID"]); echo "Username: ".$user->username.""; echo "Joined On: ".$user->joinDate."";

Easily! Is it true?

The final touch on the server side: global.inc.php

global.inc.php is required for every page on the site. Why? This way we will place all the usual operations that we will need on the page. For example, we will start session_start(). The database connection will also open.

require_once "classes/UserTools.class.php";
require_once "classes/DB.class.php";
//connect to the database $db = new DB(); $db->connect();
//initialize UserTools object $userTools = new UserTools(); //start the session
session_start();
//refresh session variables if logged in if(isset($_SESSION["logged_in"])) ( $user = unserialize($_SESSION["user"]); $_SESSION["user"] = serialize($userTools-> get($user->id) ) ?>

What is he doing?

There are several things going on here. First of all, we open a connection to the database.

After connecting, we start the session_start() function. The function creates a session or continues the current one if the user is already logged in. Since our application is designed for users to log in/out, this feature is required on every page.

Next, we check whether the user is logged in. If so, we'll update $_SESSION["user"] to reflect the most latest information about the user. For example, if a user changes his email, the old one will be stored in the session. But with auto update this will not happen.

This concludes the second part! Look out for the final lesson on this topic tomorrow.

All the best!

Share