I don’t always enjoy coding, because I’m not always fluent in every coding language and it may take me up to three days to figure out what I want to do. In many cases people don’t share the code they custom built and that makes things even harder when I have to figure it all out by my lonesome. In the last two days, I’m proud to say, I figured out two big hurdles ALL ON MY OWN – take that PHP! Those two big hurdles? Organizing a classifieds site for horse lovers by location (this still could use some improvements I’m sure) – the second hurdle was building a members directory, complete with custom fields like phone numbers that the members themselves create and manage. Okay so I may be gloating a little much, but this is a big deal for me and for you because I’m going to share with you how to do it. Want an example of what I did? http://horse-stallions.com

Building a custom members directory for WordPress

You will need the following files open via FTP to code:

(this tutorial will not be very good for beginners in case you need to do a little debugging for your specific theme)

A custom page for your members to login/off (this is a whole different beast we will have to deal with in another tutorial)
Hint:

if(!empty($_POST['action']))
{

require_once(ABSPATH . ‘wp-admin/includes/user.php’);

require_once(ABSPATH . WPINC . ‘/registration.php’);

check_admin_referer(‘update-profile_’ . $user_ID);

$errors = edit_user($user_ID);

if ( is_wp_error( $errors ) ) {

foreach( $errors->get_error_messages() as $message )
$errmsg = “$message”;
//exit;

}
A custom page for your members to manage their information let’s call this manage.php
Dowload the profiler app and open it up (you’ll be customizing this too) profiler.php
Download the user photo plugin
In the main wordpress directory open up:
- permissions.php
- wordpress-signup.php
- users.php
- users-new.php
- ms-users.php
- registration.php
- users.php

Let’s start with the page users use (front-end): I am calling this manage.php

Start by making this page a template. Again if you don’t know how to do this I’ll need to make another tutorial for that later.
- Hint:
  
  <?php
  /*
  Template Name: 3. My Account Page
  */
Once you’ve finished with this page go to wordpress, make a new page and in the right hand side choose that template.
Then the code (you will need to build your own site template and fill it in where necessary including footer, header, content):

<div><div id=”formbox”>

<h2><?php echo $GLOBALS['_LANG']['_accinfo']; ?></h2>
<hr><br>

<?php if ( isset($_GET['updated']) ) { ?>

<p><strong><?php _e(‘Your profile has been updated.’,'cp’)?></strong></p>

<?php } ?>

<?php echo $errmsg; ?>

<form name=”profile” action=”" method=”post” enctype=”multipart/form-data”>
<?php wp_nonce_field(‘update-profile_’ . $user_ID) ?>
<input type=”hidden” name=”from” value=”profile” />
<input type=”hidden” name=”action” value=”update” />
<input type=”hidden” name=”checkuser_id” value=”<?php echo $user_ID ?>” />
<input type=”hidden” name=”dashboard_url” value=”<?php echo get_option(“dashboard_url”); ?>” />
<input type=”hidden” name=”user_id” id=”user_id” value=”<?php echo $user_id; ?>” />

<table style=”640px;”>
<tr>
<th><label for=”user_login”><?php _e(‘Username’,'cp’); ?></label></th>
<td><input type=”text” name=”user_login” id=”user_login” value=”<?php if(isset($userdata->user_login)){ echo $userdata->user_login; } ?>” size=”35″ maxlength=”100″ disabled /></td>
</tr>
<tr>
<th><label for=”first_name”><?php _e(‘First Name’,'cp’) ?></label></th>
<td><input type=”text” name=”first_name” id=”first_name” value=”<?php if(isset($userdata->first_name)){ echo $userdata->first_name; } ?>” size=”35″ maxlength=”100″ /></td>
</tr>
<tr>
<th><label for=”last_name”><?php _e(‘Last Name’,'cp’) ?></label></th>
<td><input type=”text” name=”last_name” id=”last_name” value=”<?php if(isset($userdata->last_name)){ echo $userdata->last_name; } ?>” size=”35″ maxlength=”100″ /></td>
</tr>

<tr>
<th><label for=”email”><?php _e(‘Email’,'cp’) ?></label></th>
<td><input type=”text” name=”email” id=”email” value=”<?php echo $userdata->user_email ?>” size=”35″ maxlength=”100″ /></td>
</tr>

<tr>
<th><label for=”members”><?php _e(‘Members Email’,'cp’) ?></label></th>
<td><input type=”text” name=”members” id=”members” value=”<?php echo $userdata->members ?>” size=”35″ maxlength=”100″ /></td>
</tr>

<tr>
<th><label for=”Phone”><?php _e(‘Phone’,'cp’) ?></label></th>
<td><input type=”text” name=”Phone” id=”Phone” value=”<?php echo $userdata->Phone ?>” size=”35″ maxlength=”100″ /></td>
</tr>

<tr>
<th><label for=”url”> Website URL</label></th>
<td><input type=”text” name=”url” id=”url” value=”<?php echo $userdata->user_url ?>” size=”35″ maxlength=”100″ /></td>
</tr>

<tr>
<th><label for=”description”><?php echo $GLOBALS['_LANG']['_accme']; ?></label></th>
<td><textarea name=”description” id=”description” rows=”8″ cols=”50″><?php if(isset($userdata->description)){ echo $userdata->description; } ?></textarea></td>
</tr>
</table>

<p><a href=”javascript:void(0);” onClick=”document.profile.submit();”>Update</a></p>

<hr><br>
<!–<h2>Personal Information </h2><br>
<table style=”640px;”>–>
<?php
do_action(‘profile_personal_options’);

?>

<!–</table>–>

<h2><?php echo $GLOBALS['_LANG']['_password']; ?></h2><br>
<table style=”640px;”>

<?php
$show_password_fields = apply_filters(‘show_password_fields’, true);
if ( $show_password_fields ) :
?>
<tr>
<th><label for=”pass1″><?php _e(‘New Password’,'cp’); ?></label></th>
<td>
<input type=”password” name=”pass1″ id=”pass1″ size=”35″ maxlength=”50″ value=”" /><br/><small><?php _e(‘Leave this field blank unless you\’d like to change your password.’,'cp’); ?></small>
</td>
</tr>
<tr>
<th><label for=”pass1″><?php _e(‘Password Again’,'cp’); ?></label></th>
<td>
<input type=”password” name=”pass2″ id=”pass2″ size=”35″ maxlength=”50″ value=”" /><br/><small><?php _e(‘Type your new password again.’,'cp’); ?></small></td>
</tr>
<tr>

</tr>
<?php endif; ?>
</table>
<br />

<p><a href=”javascript:void(0);” onClick=”document.profile.submit();”>Update</a></p>
<hr><br>
<?php
if(function_exists(‘userphoto_exists’)){

echo ‘<h2>Website Photo </h2><br>’;

do_action(‘show_user_profile’);

echo “<div id=’user-photo’>”;
if(userphoto_exists($user_ID))
userphoto($user_ID);
else
echo get_avatar($userdata->user_email, 96);
echo “</div>”;

?>

<?php if($userdata->userphoto_image_file): ?>
<table style=”640px;”>
<tr>
<th> </th>
<td>
<p><label><input type=”checkbox” name=”userphoto_delete” id=”userphoto_delete” /> <?php _e(‘Delete existing photo?’,'cp’) ?></label></p>
</td>
</tr>
</table>
<?php endif; ?>

<p><a href=”javascript:void(0);” onClick=”document.profile.submit();”>Update</a></p>
<?php } ?>
</form>

</div>
</div>
Profiler I added a “members email” and “Phone” number. You can use find to see what all I had to add into these files and then copy what I added to add even more information.

<?php
/* Copyright 2007 – 2008 Eric Schulz. All Rights Reserved.

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details:

http://www.gnu.org/licenses/gpl-2.0.html

*/

/*
Plugin Name: Profiler
Plugin URI: http://wordpress.org/extend/plugins/profiler/
Description: An enhanced version of the Profiler plugin with support for multiple users. It allows you to display the information of every registered user on your site in a special members area. Each user has their own profile which can be modified from the WordPress admin interface by either the user or an administrator.
Author: Eric Schulz
Version: 1.2.8
*/

//hooks for the actions and filters
//calls the add_menu_page function to add a menu
add_action(‘admin_menu’, ‘pf_admin_menu’);
//inserts the stylesheet for formatting the directory and profiles
add_action(‘wp_head’, ‘pf_insert_style’);
//hook the directory page to display it
add_filter(‘the_content’, ‘pf_start_train’, 1);
//register a widget only after all of the plugins have been loaded
add_action(‘plugins_loaded’, ‘pf_stats_widget_init’);
//==========================================================================================

//adds the admin menu
function pf_admin_menu()
{
//options page hook
add_options_page(‘Profiler Options’, ‘Profiler’, 10, basename(__FILE__), ‘pf_options’);
}

//returns an array with the requested users’ IDs
//takes order arguments for sorting purposes
function pf_uids($start, $records, $order, $ordertype)
{
global $wpdb;

$roles = pf_get_enabledroles();

$uids = $wpdb->get_col(“SELECT ID FROM $wpdb->users
WHERE ID = ANY
(SELECT user_id FROM $wpdb->usermeta
WHERE meta_value IN ($roles)) ORDER BY $order $ordertype
LIMIT $start, $records
“);

foreach($uids as $key=>$value)
{
$uids[$key] = $value;
}

return $uids;
}

//returns an array with a user’s profile information
function pf_get_vars($id)
{
$uinfo = get_userdata($id);

foreach($uinfo as $key=>$value)
{
$vars[$key] = $value;
}

//let’s see if this works any better than strictly using $vars['wp_capabilities']
$vars['wp_capabilities'] = get_usermeta($id, ‘wp_capabilities’);

return $vars;
}

//returns a list of the roles that have been selected from the options menu
function pf_get_enabledroles()
{
$administrator = get_option(‘pf_show_roles_admin’);
$subscriber = get_option(‘pf_show_roles_subscriber’);
$author = get_option(‘pf_show_roles_author’);
$editor = get_option(‘pf_show_roles_editor’);
$contributor = get_option(‘pf_show_roles_contributor’);
$none = get_option(‘pf_show_roles_none’);

$roleslist = array(‘\’a:1:{s:13:\”administrator\”;b:1;}\”=>$administrator, ‘\’a:1:{s:10:\”subscriber\”;b:1;}\”=>$subscriber, ‘\’a:1:{s:6:\”author\”;b:1;}\”=>$author, ‘\’a:1:{s:6:\”editor\”;b:1;}\”=>$editor, ‘\’a:1:{s:11:\”contributor\”;b:1;}\”=>$contributor, ‘\’a:0:{}\”=>$none);

$roles = array();

foreach($roleslist as $key=>$value)
{
if($value == ‘yes’)
array_push($roles, $key);
else
{}
}

//create a string for use in a MySQL statement
$roles = implode(‘, ‘, $roles);

return $roles;
}

//returns the total number of registered users
function pf_user_count()
{
global $wpdb;

$count = $wpdb->get_var(“SELECT COUNT(ID)
FROM $wpdb->users”);

return $count;
}

function pf_get_user_stats($id)
{
global $wpdb;

$stats = $wpdb->get_row(“SELECT
(SELECT COUNT(post_author) FROM $wpdb->posts WHERE post_author = $id) AS post_count,
(SELECT COUNT(user_id) FROM $wpdb->comments WHERE user_id = $id) AS comment_count”, ARRAY_A);

return $stats;
}

//returns the total number of users, posts, and comments
function pf_get_stats()
{
global $wpdb;

$stats = $wpdb->get_row(“SELECT
(SELECT COUNT(ID) FROM $wpdb->users) AS user_count,
(SELECT COUNT(ID) FROM $wpdb->posts WHERE post_type = ‘post’ AND post_status = ‘publish’) AS post_count,
(SELECT COUNT(ID) FROM $wpdb->posts WHERE post_type = ‘page’ AND post_status = ‘publish’) AS page_count,
(SELECT COUNT(comment_ID) FROM $wpdb->comments) AS comment_count”, ARRAY_A);

return $stats;
}

function pf_name_to_id($name)
{
global $wpdb;

//replace the spaces in a name with hypens for pretty urls
$name = str_replace(‘-’, ‘ ‘, $name);

$id = $wpdb->get_var(“SELECT ID
FROM $wpdb->users
WHERE display_name = ‘$name’”);

return $id;
}

function pf_get_display_name($id)
{
global $wpdb;

$display_name = $wpdb->get_var(“SELECT display_name
FROM $wpdb->users
WHERE ID = $id”);

$display_name = str_replace(‘ ‘, ‘-’, $display_name);

return $display_name;
}

//returns the smallest ID number that exists
function pf_minuser()
{
global $wpdb;

$min = $wpdb->get_var(“SELECT MIN(ID)
FROM $wpdb->users
“);

return $min;
}

//returns the largest ID number that exists
function pf_maxuser()
{
global $wpdb;

$max = $wpdb->get_var(“SELECT MAX(ID)
FROM $wpdb->users
“);
return $max;
}

//checks to see if a user exists and returns false if they do not
//also checks to see if they are assigned to an enabled role
function pf_user_exists($id)
{
global $wpdb;

$roles = pf_get_enabledroles();

if(is_numeric($id))
{
$bool = $wpdb->get_var(“SELECT ID
FROM $wpdb->users
WHERE ID = ANY
(SELECT user_id FROM $wpdb->usermeta
WHERE user_id = $id AND meta_value IN ($roles))
“);
}

if(isset($bool))
return TRUE;
else
return FALSE;
}

//returns an object contains arrays for a user’s recent posts
function pf_recent_posts($id, $limit)
{
global $wpdb;

$posts = $wpdb->get_results(“SELECT post_title, ID
FROM $wpdb->posts
WHERE post_author = $id AND post_type = ‘post’
ORDER BY post_date DESC
LIMIT $limit
“);

return $posts;
}

//returns an object containing arrays for a user’s recent comments
function pf_recent_comments($id, $limit)
{
global $wpdb;

//filter list
//%whisper% – PMs made with the Whisper plugin

$comments = $wpdb->get_results(“SELECT comment_ID, comment_post_ID, SUBSTRING(comment_content, 1, 150) AS comment_content
FROM $wpdb->comments
WHERE user_id = $id
AND
comment_type NOT LIKE ‘%whisper%’
ORDER BY comment_ID DESC
LIMIT $limit
“);

return $comments;
}

//change the character to use in the url depending on the current url and permalink structure
//returns “?” or “&”. whichever will work
//========================until I discover a better way of doing this========================
function pf_single_url_char()
{
$url = $_SERVER['REQUEST_URI'];
$permalink = get_permalink(get_the_id());

if(strpos($permalink, ‘?’))
return ‘&’;
else
return ‘?’;
}

function pf_singlepagi_url_char()
{
$url = $_SERVER['REQUEST_URI'];
$permalink = get_permalink(get_the_id());

if(strpos($permalink, ‘?’))
return ‘&’;
else
return ‘?’;
}

function pf_directory_url_char()
{
$page = round($_GET['page']);
$url = $_SERVER['REQUEST_URI'];
$permalink = get_permalink(get_the_id());

if(strpos($url, ‘?’))
return ‘&’;
else
return ‘?’;
}

function pf_directorypagi_url_char()
{
$page = round($_GET['page']);
$url = $_SERVER['REQUEST_URI'];
$permalink = get_permalink(get_the_id());

if(strpos($permalink, ‘?’))
return ‘&’;
else
return ‘?’;
}
//========================until I discover a better way of doing this========================

//inserts a stylesheet for formatting the directory and profiles
function pf_insert_style()
{
echo ‘<link rel=”stylesheet” href=”‘, bloginfo(‘url’), ‘/wp-content/plugins/profiler/pfstyle.css’, ‘” type=”text/css” media=”screen” />’;
}

//widget functions contained inside one initialization function
function pf_stats_widget_init()
{
function pf_stats_widget($args)
{
$widget_title = get_option(‘pf_widget_title’);
//$before_widget = ”;
//$before_title = ”;
$title = “<h2>$widget_title</h2>”;
$after_title = ‘<ul>’;
$after_widget = ‘</ul>’;

if (!function_exists(‘register_sidebar_widget’))
return;
//if the function exists, display the required variables
//needed for compatibility with certain themes
else
echo $before_widget . $before_title . $title . $after_title;

$stats = pf_get_stats();

echo ‘<li>Members: ‘, $stats['user_count'], ‘</li>’;
echo ‘<div>’;
echo ‘<li>Posts: ‘, $stats['post_count'], ‘</li>’;
echo ‘<li>Pages: ‘, $stats['page_count'], ‘</li>’;
echo ‘<li>Comments: ‘, $stats['comment_count'], ‘</li>’;
echo ‘</div>’;

echo $after_widget;
}

//widget configuration page
function pf_stats_widget_control()
{
$widget_title = get_option(‘pf_widget_title’);
if($_POST['pf_widget_submit'])
update_option(‘pf_widget_title’, strip_tags($_POST['pf_widget_title']));
echo ‘<p>Title<input name=”pf_widget_title” type=”text” value=”‘ . $widget_title . ‘” /></p>’;
echo ‘<input type=”hidden” id=”pf_widget_submit” name=”pf_widget_submit” value=”1″ />’;
}

//create a widget
register_sidebar_widget(‘Profiler Stats’, ‘pf_stats_widget’);
//create the widgets edit menu
register_widget_control(‘Profiler Stats’, ‘pf_stats_widget_control’);
}

//called when each time a post or page is viewed
//whoo whoo!
function pf_start_train($content)
{
//only display the directory on the specified page
if(get_the_ID() == get_option(‘pf_directory_page_id’))
{
$user = $_GET['user'];

if(is_numeric($user) && pf_user_exists($user))
{}
else
$user = pf_name_to_id($_GET['user']);

$page = round($_GET['page']);

//if a number is given for the user and the user exists
if(isset($user) && pf_user_exists($user))
pf_output_single($user);
//if a number is given for the page
elseif(isset($page) && is_numeric($page))
pf_prepare_directory();
//if invalid characters are given for the user
elseif(isset($user) && !pf_user_exists($user))
{
echo pf_backlink();
echo “<p>Invalid user specified.</p>”;
}
//if invalid characters are given for the page
elseif(isset($page) && !is_numeric($page))
{
echo pf_backlink();
echo “<p>Invalid page specified.</p>”;
}
//if the user is viewing a standard permalink
//with no user or page specified
else
pf_prepare_directory();
}

//make sure to include the content
//or all the posts will be blank!
return $content;
}

//outputs a single profile for the specified user id
function pf_output_single($id)
{
$vars = pf_get_vars($id);
$grav_size = get_option(‘pf_gravatar_size’);
$recent_posts = pf_recent_posts($id, get_option(‘pf_recent_posts_per_profile’));
$recent_comments = pf_recent_comments($id, get_option(‘pf_recent_comments_per_profile’));

//variables based on the results of pf_get_vars
foreach($vars as $key=>$value)
{
//if the variable is a string, we need to convert any HTML tags to HTML entities
//to protect from XSS
if(is_string($value))
$$key = htmlspecialchars($value);
else
$$key = $value;
}

$output = “<h3>Profile</h3>”;

if(get_option(‘pf_show_gravatars’) == ‘yes’)
{
if(function_exists(‘get_avatar’))
{
$output .= “<p>” . get_avatar($id, $grav_size) . “</p>”;
}
else
{
$grav_url = “http://www.gravatar.com/avatar/” . md5($user_email) . “?s=” . $grav_size . “&d=http://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536″ . “?s=” . $grav_size;
$output .= “<p><img src=’$grav_url’/></p>”;
}
}

if(get_option(‘pf_show_userphotos’) == ‘yes’)
{
if(function_exists(‘userphoto_the_author_photo’))
{
if(get_option(‘pf_show_userphotos_type’) == ’1′)
{
$userphototype = USERPHOTO_FULL_SIZE;
}
else
{
$userphototype = USERPHOTO_THUMBNAIL_SIZE;
}
$output .= “<p>” . userphoto__get_userphoto($id, $userphototype, “”, “”, array(), “”) . “</p>”;
}

}

$output .= “<p>$display_name</p>”;
if(get_option(‘pf_show_emails’) == ‘yes’)
$output .= “<p>Email: <a href=” . “mailto:” . $user_email . “>” . antispambot($user_email) . “</a></p>”;
if(get_option(‘Phone’) == ‘yes’)
$output .= “<p> Phone: $Phone</p>”;
if(get_option(‘members’) == ‘yes’)
$output .= “<p>Email: <a href=” . “mailto:” . $members . “>” . antispambot($members) . “</a></p>”;
if($user_url != ” && $user_url != ‘http://’)
$output .= “<p>Website: <a href=” . $user_url . ” rel=\”nofollow\”>$user_url</a></p>”;

$output .= “<p>Join date: ” . pf_format_datetime($user_registered) . “</p>”;

if($user_description != ”)
{
$output .= “<h3>About Me</h3>”;
$output .= “<p>$user_description</p>”;
}

//display an author’s recent posts, if any
if(get_option(‘pf_recent_posts_per_profile’) > 0 && !empty($recent_posts))
$output .= “<h3>Recent Posts</h3>”;
foreach($recent_posts as $key=>$post)
{
$output .= “<a href=” . get_permalink($post->ID) . “>” . $post->post_title . “</a><br />”;
}

//display an author’s recent comments, if any
if(get_option(‘pf_recent_comments_per_profile’) > 0 && !empty($recent_comments))
$output .= “<h3>Recent Comments</h3>”;
foreach($recent_comments as $key=>$comment)
{
$output .= “<a href=” . get_permalink($comment->comment_post_ID) . “#comment-” . $comment->comment_ID . “>” . get_the_title($comment->comment_post_ID) . “</a><br />”;
$output .= ‘<div style=”font-size: 11px;font-style: italic;width: 75%; “>’ . $comment->comment_content . ‘</div>’;

}

echo pf_backlink();

echo ‘<div>’;
echo $output;
echo ‘</div>’;

pf_insert_pagination_single();
}

//inserts the navigation bar on single profiles
function pf_insert_pagination_single()
{
$character = pf_singlepagi_url_char();
$user = $_GET['user'];
if(is_numeric($user) && pf_user_exists($user))
{}
else
$user = pf_name_to_id($user);

for($i = 1; $i <= pf_maxuser(); $i++)
{
if(pf_user_exists($user – $i))
{
$prev = $user – $i;
break;
}
else
$prev = $user;
}

for($i = 1; $i <= pf_maxuser(); $i++)
{
if(pf_user_exists($user + $i))
{
$next = $user + $i;
break;
}
else
$next = $user;
}

echo ‘<div>’;

if($prev != $user)
echo “<a href=”, the_permalink(), $character, “user=”, pf_get_display_name($prev), “>« Previous</a>”;
else
echo ‘« Previous’;

//divider
echo ” – “;

if($next != $user)
echo “<a href=”, the_permalink(), $character, “user=”, pf_get_display_name($next), “>Next »</a>”;
else
echo ‘Next »’;

echo ‘</div>’;
}

//prepares the directory to be displayed
function pf_prepare_directory()
{
$page = round($_GET['page']);
if($page < 1)
$page = 1;
$usersperpage = get_option(pf_users_per_page);
$lastpage = ceil(pf_user_count() / $usersperpage);

if($page > $lastpage)
{
echo pf_backlink($lastpage);
echo “<p>Invalid page specified.</p>”;
}
else
{
if(!isset($page))
$page = 1;

$start = ($page * $usersperpage) – $usersperpage;
$records = $usersperpage;

pf_output_directory($start, $records, $lastpage);
}
}

function pf_output_directory($start, $records, $lastpage)
{
$uids = pf_uids($start, $records, get_option(‘pf_sort_directory_by’), get_option(‘pf_sort_directory_order’));
$page = round($_GET['page']);
$character = pf_directory_url_char();

$output .= ‘<table border=”0″>’;
$output .= ‘<tr>’;
$output .= ‘<th>Name</th>’;
if(get_option(‘pf_roles_enabled’) == ‘yes’)
$output .= ‘<th>Role</th>’;
if(get_option(‘pf_show_emails’) == ‘yes’)
$output .= ‘<th>Email</th>’;
if(get_option(‘members’) == ‘yes’)
$output .= ‘<th>Email</th>’;
if(get_option(‘Phone’) == ‘yes’)
$output .= ‘<th>Phone</th>’;
$output .= ‘<th style=”text-align: center;”>Website</th>’;
$output .= ‘<th>Joined</th>’;
$output .= ‘</tr>’;

foreach($uids as $key=>$value)
{
//sets the required variables for the current user in the loop
$vars = pf_get_vars($value);
$vars['ID'] = pf_get_display_name($vars['ID']);

//get the user’s role as a title
if(get_option(‘pf_roles_enabled’) == ‘yes’)
$role = ucfirst(pf_user_role($vars['wp_capabilities']));

$output .= “<tr>”;
$output .= “<td><a href=” . $_SERVER['REQUEST_URI'] . $character . “user=” . $vars['ID'] . “>” . $vars['display_name'] . “</a></td>”;
if(get_option(‘pf_roles_enabled’) == ‘yes’)
$output .= “<td>” . $role . “</td>”;
if(get_option(‘pf_show_emails’) == ‘yes’)
$output .= “<td><a href=” . “mailto:” . $vars['user_email'] . “>” . antispambot($vars['user_email']) . “</a></td>”;
if(get_option(‘members’) == ‘yes’)
$output .= “<td><a href=” . “mailto:” . $vars['members'] . “>” . antispambot($vars['members']) . “</a></td>”;
if(get_option(‘Phone’) == ‘yes’)
$output .= “<td>”. antispambot($vars['Phone']) . “</td>”;
//only display the url if they have entered a url
if($vars['user_url'] != ‘http://’ && $vars['user_url'] != ”)
$output .= ‘<td style=”text-align: center;”>’ . “<a href=” . $vars['user_url'] . ” rel=\”nofollow\”>www</a></td>”;
else
$output .= “<td />”;
$output .= “<td>” . pf_format_datetime($vars['user_registered']) . “</td>”;
$output .= “</tr>”;
}

$output .= ‘</table>’;

echo ‘<div>’;
echo $output;
echo ‘</div>’;

pf_directory_pagination($lastpage);
}

function pf_directory_pagination($lastpage)
{
$page = round($_GET['page']);
if($page < 1)
$page = 1;
$character = pf_directorypagi_url_char();

//if a page number is not set
//the user is on the first page
if(!isset($page))
$page = 1;

//pagination for the directory
echo ‘<div>’;
//go back one page
if($page > 1)
echo “<a href=”, the_permalink(), $character, “page=”, $page – 1, “> « </a>”;
else
echo ” « “;
//page number navigation
for($i = 1; $i <= $lastpage; $i++)
{
if($i != $page)
echo “<a href=”, the_permalink(), $character, “page=”, $i, “> $i </a>”;
else
echo $i;
}
//go forward one page
if($page < $lastpage)
echo “<a href=”, the_permalink(), $character, “page=”, $page + 1, “> » </a>”;
else
echo ” » “;
echo ‘</div>’;
}

function pf_backlink($lastpage = ”)
{
$page = round($_GET['page']);
if(empty($page))
$page = 1;
$character = pf_single_url_char();

echo $lastpage;

if(isset($page) && $lastpage == ”)
{
$output =
‘<div>’ .
“<a href=” . get_permalink() . $character . “page=” . $page . “>« Back to the directory</a>” .
‘</div>’;
}
//if the current page is greater than the last page, the user
//has entered an invalid page number
elseif($page > $lastpage)
{
echo $test;
$output =
‘<div>’ .
“<a href=” . get_permalink() . $character . “page=” . $lastpage . “>« Back to the directory</a>” .
‘</div>’;
}
else
{
$output =
‘<div>’ .
“<a href=” . get_permalink() . “>« Back to the directory</a>” .
‘</div>’;
}

return $output;
}

//used to display the values in arrays and objects for debugging purposes
function pf_print_r($array)
{
echo “<pre>”;
print_r($array);
echo “</pre>”;
}

//gets the role of a user
//ex: administrator, contributor
function pf_user_role($level)
{
$role = array_keys($level);
$role = implode($role);
return $role;
}

//converts a mysql datetime field to a unix timestamp and uses the date()
//function to output it as day-month-year
//think about using strtotime http://us2.php.net/strtotime
function pf_format_datetime($timestamp)
{
list($year, $month, $day) = explode(‘-’, $timestamp);
return date(‘m-d-y’, mktime(0,0,0,$month, $day, $year));
}

function pf_escape($var)
{
global $wpdb;
$var = $wpdb->escape($var);
return $var;
}

//===========================================================================================
//Admin menu options and related functions
//===========================================================================================

//adds a page, naturally
function pf_add_page($title)
{
$name = strtolower($title);

$post_title     = $title;
$post_date      = ”;
$post_date_gmt = ”;
$post_content   = ”;
$comment_status = ‘closed’;
$ping_status    = ”;
$post_status    = ‘publish’;
$post_name      = $name;
$post_parent    = ”;
$menu_order     = ”;
$post_type      = ‘page’;
$post_password = ”;
$guid           = ”;
$post_author    = ”;

$postdata = compact(‘post_author’, ‘post_date’, ‘post_date_gmt’, ‘post_content’, ‘post_title’, ‘post_status’, ‘post_name’, ‘comment_status’, ‘ping_status’, ‘guid’, ‘post_parent’, ‘menu_order’, ‘post_type’, ‘post_password’);

$post_id = wp_insert_post($postdata);
update_option(‘pf_directory_page_id’, $post_id);
}

//check to see if the directory page exists
//if it doesn’t, let the user create it again from the options menu
function pf_repair_directory_page()
{
$pageid = get_option(‘pf_directory_page_id’);

if(!get_the_title($pageid))
update_option(‘pf_issetup’, ‘false’);
else
return;
}

//prints those nice update messages that happen
//when you save options and update posts
function pf_update_msg($msg, $type)
{
if($type == ‘success’)
echo ‘<div id=”message”><p><b>’ . $msg . ‘</p></b></div>’;
elseif($type == ‘error’)
echo ‘<div id=”message”><p><b>’ . $msg . ‘</p></b></div>’;
}

//set the default options
//only overrides options that haven’t already been set
function pf_default_options()
{
add_option(‘pf_users_per_page’, 10);
add_option(‘pf_users_per_page’, 10);
add_option(‘pf_sort_directory_by’, ‘display_name’);
add_option(‘pf_sort_directory_order’, ‘ASC’);
add_option(‘pf_recent_posts_per_profile’, 5);
add_option(‘pf_recent_comments_per_profile’, 5);
add_option(‘pf_show_gravatars’, ‘checked’);
add_option(‘pf_show_userphotos’, ‘checked’);
add_option(‘pf_show_emails’, ‘unchecked’);
add_option(‘Phone’, ‘checked’);
add_option(‘members’, ‘checked’);
add_option(‘pf_roles_enabled’, ”);
add_option(‘pf_show_roles_admin’, ‘yes’);
add_option(‘pf_show_roles_subscriber’, ‘yes’);
add_option(‘pf_show_roles_author’, ‘yes’);
add_option(‘pf_show_roles_editor’, ‘yes’);
add_option(‘pf_show_roles_contributor’, ‘yes’);
add_option(‘pf_show_roles_none’, ‘yes’);
add_option(‘pf_gravatar_size’, ’80′);
add_option(‘pf_directory_page_id’, -1);
pf_repair_directory_page();
add_option(‘pf_issetup’, ‘false’);
add_option(‘pf_widget_title’, ‘Members’);
}

function pf_setup()
{
$title = $_POST["page_title"];

if(isset($title))
{
if($title != ”)
update_option(‘pf_issetup’, ‘true’);
pf_option_create_page();
}

if(get_option(‘pf_issetup’) != ‘true’)
{
?>
<table>
<tr valign=”top”>

<h3><?php _e(‘Setup’) ?></h3>

<th scope=”row”><?php _e(‘Directory Title’) ?></th>
<form method=”POST” action=”<?php echo $SERVER_['PHP_SELF'];?>”>
<td><input name=”page_title” type=”text” id=”page_title” value=”" size=”30″ />
<input type=”submit” name=”submit” value=”<?php _e(‘Create Page’) ?>” />
</tr>
</form>
</table>
<?php
}
}

function pf_option_create_page()
{
$title = $_POST["page_title"];

if($title != ”)
{
pf_add_page($title);
$pageid = get_option(‘pf_directory_page_id’);
pf_update_msg(‘The directory has been created.<br />’ . ‘<a href=”‘ . get_permalink($pageid) . ‘”>’ . ‘View directory’ . ‘</a>’, ‘success’);
}
else
pf_update_msg(‘The directory title cannot be left blank.’, ‘error’);

}

function pf_options()
{
?>

<?php
pf_default_options();
?>

<div>

<h2><?php _e(‘Profiler Options’) ?></h2>

<?php
pf_setup();
?>

<?php //=========================================== ?>

<form method=”post” action=”options.php”>

<h3><?php _e(‘Global options’) ?></h3>

<table>
<tr>
<th scope=”row”>
<label for=”pf_show_emails”>
<input name=”pf_show_emails” type=”checkbox” id=”pf_show_emails” value=”yes” <?php checked(‘yes’, get_option(‘pf_show_emails’)); ?> />
<?php _e(‘Show email addresses’) ?>
</label>
</th>
</tr>
</table>

<table>
<tr>
<th scope=”row”>
<label for=”members”>
<input name=”members” type=”checkbox” id=”members” value=”yes” <?php checked(‘yes’, get_option(‘members’)); ?> />
<?php _e(‘Show Members Email’) ?>
</label>
</th>
</tr>
</table>

<table>
<tr>
<th scope=”row”>
<label for=”Phone”>
<input name=”Phone” type=”checkbox” id=”Phone” value=”yes” <?php checked(‘yes’, get_option(‘Phone’)); ?> />
<?php _e(‘Show Phone numbers’) ?>
</label>
</th>
</tr>
</table>

<table>
<tr>
<th scope=”row”>
<label for=”pf_roles_enabled”>
<input name=”pf_roles_enabled” type=”checkbox” id=”pf_roles_enabled” value=”yes” <?php checked(‘yes’, get_option(‘pf_roles_enabled’)); ?> />
<?php _e(‘Show roles’) ?>
</label>
</th>
</tr>
</table>

<table>
<tr valign=”top”>
<th scope=”row”><?php _e(‘Show profiles for these roles’) ?></th>
<td>
<label for=”pf_show_roles_admin”><input name=”pf_show_roles_admin” type=”checkbox” id=”pf_show_roles_admin” value=”yes” <?php checked(‘yes’, get_option(‘pf_show_roles_admin’)); ?> />
Administrator
<br />
</label>
<label for=”pf_show_roles_subscriber”><input name=”pf_show_roles_subscriber” type=”checkbox” id=”pf_show_roles_subscriber” value=”yes” <?php checked(‘yes’, get_option(‘pf_show_roles_subscriber’)); ?> />
Subscriber
<br />
</label>
<label for=”pf_show_roles_author”><input name=”pf_show_roles_author” type=”checkbox” id=”pf_show_roles_author” value=”yes” <?php checked(‘yes’, get_option(‘pf_show_roles_author’)); ?> />
Author
<br />
</label>
<label for=”pf_show_roles_editor”><input name=”pf_show_roles_editor” type=”checkbox” id=”pf_show_roles_editor” value=”yes” <?php checked(‘yes’, get_option(‘pf_show_roles_editor’)); ?> />
Editor
<br />
</label>
<label for=”pf_show_roles_contributor”><input name=”pf_show_roles_contributor” type=”checkbox” id=”pf_show_roles_contributor” value=”yes” <?php checked(‘yes’, get_option(‘pf_show_roles_contributor’)); ?> />
Contributor
<br />
</label>
<label for=”pf_show_roles_none”><input name=”pf_show_roles_none” type=”checkbox” id=”pf_show_roles_none” value=”yes” <?php checked(‘yes’, get_option(‘pf_show_roles_none’)); ?> />
No role
<br />
</label>
</tr>
</table>

<h3><?php _e(‘Directory Options’) ?></h3>
<table>
<tr valign=”top”>
<th scope=”row”><?php _e(‘Users per page’) ?></th>
<td><input name=”pf_users_per_page” type=”text” id=”pf_users_per_page” value=”<?php form_option(‘pf_users_per_page’); ?>” size=”2″ />
</tr>
</table>
<table>
<tr valign=”top”>
<th scope=”row”><?php _e(‘Sorting’) ?></th>
<td>
<?php
$validorders = array(“Name” => “display_name”, “Email” => “user_email”, “Phone” => “Phone”, “members” => “members”, “Website” => “user_url”, “Join Date” => “user_registered”);
$validorderbys = array(“Descending” => “DESC”, “Ascending” => “ASC”);

echo “<label for=’pf_sort_directory’>Sort by: <select name=’pf_sort_directory_by’ id=’pf_sort_directory_by’>”;
foreach($validorders as $key=>$value)
{
if($value == get_option(‘pf_sort_directory_by’))
{
echo “<option value=\”" . $value . “\” selected=\”yes\”>” . $key . “</option>”;
}
else
{
echo “<option value=\”" . $value . “\”>” . $key . “</option>”;
}
}
?>
</select>
</label>
<?php
echo “<label for=’pf_sort_directory_order’><select name=’pf_sort_directory_order’ id=’pf_sort_directory_order’>”;
foreach($validorderbys as $key=>$value)
{
if($value == get_option(‘pf_sort_directory_order’))
{
echo “<option value=\”" . $value . “\” selected=\”yes\”>” . $key . “</option>”;
}
else
{
echo “<option value=\”" . $value . “\”>” . $key . “</option>”;
}
}
?>
</select>
</label>
</td>
</tr>
</table>

<h3><?php _e(‘Profile Options’) ?></h3>
<table>
<tr valign=”top”>
<th scope=”row”>
<label for=”pf_show_gravatars”>
<input name=”pf_show_gravatars” type=”checkbox” id=”pf_show_gravatars” value=”yes” <?php checked(‘yes’, get_option(‘pf_show_gravatars’)); ?> />
<?php _e(‘Show <a href=”http://gravatar.com/”>Gravatars</a>’) ?>
</label>
</th>
</tr>
</table>

<table>
<tr valign=”top”>
<th scope=”row”>
<label for=”pf_show_userphotos”>
<input name=”pf_show_userphotos” type=”checkbox” id=”pf_show_userphotos” value=”yes” <?php checked(‘yes’, get_option(‘pf_show_userphotos’)); ?> />
<?php _e(‘Show <a href=”http://wordpress.org/extend/plugins/user-photo/”>User Photos</a>’) ?>
</label>
<p><input id=”pf_show_userphotos_full” type=”radio” name=”pf_show_userphotos_type” value=”1″ <?php checked(’1′, get_option(‘pf_show_userphotos_type’)); ?> />
<label for=”pf_show_userphotos_full”><?php _e(‘Full-Size’);?></label></p>
<p><input id=”pf_show_userphotos_thumb” type=”radio” name=”pf_show_userphotos_type” value=”0″ <?php checked(’0′, get_option(‘pf_show_userphotos_type’)); ?> />
<label for=”pf_show_userphotos_thumb”><?php _e(‘Thumbnail’);?></label></p>
</th>
</tr>
</table>

<table>
<th scope=”row”><?php _e(‘Gravatar size (pixels)’) ?></th>
<td><input name=”pf_gravatar_size” type=”text” id=”pf_gravatar_size” value=”<?php form_option(‘pf_gravatar_size’); ?>” size=”2″ />
</tr>
<th scope=”row”><?php _e(‘Recent posts per profile’) ?></th>
<td><input name=”pf_recent_posts_per_profile” type=”text” id=”pf_recent_posts_per_profile” value=”<?php form_option(‘pf_recent_posts_per_profile’); ?>” size=”2″ />
</tr>
<th scope=”row”><?php _e(‘Recent comments per profile’) ?></th>
<td><input name=”pf_recent_comments_per_profile” type=”text” id=”pf_recent_comments_per_profile” value=”<?php form_option(‘pf_recent_comments_per_profile’); ?>” size=”2″ />
</table>

<?php wp_nonce_field(‘update-options’) ?>
<p>
<input type=”hidden” name=”action” value=”update” />
<input type=”hidden” name=”page_options” value=”pf_users_per_page, pf_sort_directory_by, pf_sort_directory_order, pf_recent_posts_per_profile, pf_recent_comments_per_profile, pf_show_gravatars, pf_show_userphotos, pf_show_userphotos_type, pf_show_emails, Phone, members, pf_gravatar_size, pf_show_roles_admin, pf_show_roles_subscriber, pf_show_roles_author, pf_show_roles_editor, pf_show_roles_contributor, pf_show_roles_none, pf_roles_enabled” />
<input type=”submit” name=”Submit” value=”<?php _e(‘Save Changes’) ?>” />
</p>
</form>
</div>

<?php
}
?>
Permisions (same thing added Phone and Members Email)<?php
/**
* Provide profile attributes which should be included in the Permissions plugin.
*
* @param array $permissions existing permissions
* @return array new permissions
*/
function ext_profile_permissions($permissions) {
$permissions['profile'] = array(
‘name’ => ‘Profile Permissions’,
‘order’ => 1,
‘fields’ => array(
‘given-name’ => ‘First Name’,
‘additional-name’ => ‘Middle Name(s)’,
‘family-name’ => ‘Last Name’,
‘nickname’ => ‘Nickname’,
‘-1′ => ‘-’,
‘urls’ => ‘Website(s)’,
‘email’ => ‘E-mail Address’,
‘aim’ => ‘AIM’,
‘yim’ => ‘Y!IM’,
‘jabber’ => ‘Jabber’,
‘-2′ => ‘-’,
‘note’ => ‘About Me’,
‘photo’ => ‘Photo’,
‘org’ => ‘Organization’,
‘-3′ => ‘-’,
‘street-address’ => ‘Street Address’,
‘locality’ => ‘City’,
‘region’ => ‘Province/State’,
‘postal-code’ => ‘Postal Code’,
‘country-name’ => ‘Country’,
‘Phone’ => ‘Phone’,
‘members’ => ‘members’,
‘-4′ => ‘-’,
)
);

return $permissions;
}

add_filter(‘diso_permission_fields’, ‘ext_profile_permissions’);

?>
WP-Signup<?php
/** Sets up the WordPress Environment. */
require( dirname(__FILE__) . ‘/wp-load.php’ );

add_action( ‘wp_head’, ‘signuppageheaders’ ) ;

require( ‘./wp-blog-header.php’ );
require_once( ABSPATH . WPINC . ‘/registration.php’ );

if ( is_array( get_site_option( ‘illegal_names’ )) && isset( $_GET[ 'new' ] ) && in_array( $_GET[ 'new' ], get_site_option( ‘illegal_names’ ) ) == true ) {
wp_redirect( network_home_url() );
die();
}

function do_signup_header() {
do_action(“signup_header”);
}
add_action( ‘wp_head’, ‘do_signup_header’ );

function signuppageheaders() {
echo “<meta name=’robots’ content=’noindex,nofollow’ />\n”;
}

if ( !is_multisite() ) {
wp_redirect( get_option( ‘siteurl’ ) . “/wp-login.php?action=register” );
die();
}

if ( !is_main_site() ) {
wp_redirect( network_home_url( ‘wp-signup.php’ ) );
die();
}

// Fix for page title
$wp_query->is_404 = false;

function wpmu_signup_stylesheet() {
?>
<style type=”text/css”>
.mu_register { width: 90%; margin:0 auto; }
.mu_register form { margin-top: 2em; }
.mu_register .error { font-weight:700; padding:10px; color:#333333; background:#FFEBE8; border:1px solid #CC0000; }
.mu_register input[type="submit"],
.mu_register #blog_title,
.mu_register #user_email,
.mu_register #Phone,
.mu_register #members,
.mu_register #blogname,
.mu_register #user_name { width:100%; font-size: 24px; margin:5px 0; }
.mu_register .prefix_address,
.mu_register .suffix_address {font-size: 18px;display:inline; }
.mu_register label { font-weight:700; font-size:15px; display:block; margin:10px 0; }
.mu_register label.checkbox { display:inline; }
.mu_register .mu_alert { font-weight:700; padding:10px; color:#333333; background:#ffffe0; border:1px solid #e6db55; }
</style>
<?php
}

add_action( ‘wp_head’, ‘wpmu_signup_stylesheet’ );
get_header();

do_action( ‘before_signup_form’ );
?>
<div id=”content”>
<div>
<?php
function show_blog_form($blogname = ”, $blog_title = ”, $errors = ”) {
global $current_site;
// Blog name
if ( !is_subdomain_install() )
echo ‘<label for=”blogname”>’ . __(‘Site Name:’) . ‘</label>’;
else
echo ‘<label for=”blogname”>’ . __(‘Site Domain:’) . ‘</label>’;

if ( $errmsg = $errors->get_error_message(‘blogname’) ) { ?>
<p><?php echo $errmsg ?></p>
<?php }

if ( !is_subdomain_install() )
echo ‘<span>’ . $current_site->domain . $current_site->path . ‘</span><input name=”blogname” type=”text” id=”blogname” value=”‘. esc_attr($blogname) .’” maxlength=”60″ /><br />’;
else
echo ‘<input name=”blogname” type=”text” id=”blogname” value=”‘.esc_attr($blogname).’” maxlength=”60″ /><span>.’ . ( $site_domain = preg_replace( ‘|^www\.|’, ”, $current_site->domain ) ) . ‘</span><br />’;

if ( !is_user_logged_in() ) {
print ‘(<strong>’ . __( ‘Your address will be ‘ );
if ( !is_subdomain_install() )
print $current_site->domain . $current_site->path . __( ‘sitename’ );
else
print __( ‘domain.’ ) . $site_domain . $current_site->path;
echo ‘.</strong>) ‘ . __( ‘Must be at least 4 characters, letters and numbers only. It cannot be changed, so choose carefully!’ ) . ‘</p>’;
}

// Blog Title
?>
<label for=”blog_title”><?php _e(‘Site Title:’) ?></label>
<?php if ( $errmsg = $errors->get_error_message(‘blog_title’) ) { ?>
<p><?php echo $errmsg ?></p>
<?php }
echo ‘<input name=”blog_title” type=”text” id=”blog_title” value=”‘.esc_attr($blog_title).’” />’;
?>

<div id=”privacy”>
<p>
<label for=”blog_public_on”><?php _e(‘Privacy:’) ?></label>
<?php _e(‘Allow my site to appear in search engines like Google, Technorati, and in public listings around this network.’); ?>
<br style=”clear:both” />
<label for=”blog_public_on”>
<input type=”radio” id=”blog_public_on” name=”blog_public” value=”1″ <?php if ( !isset( $_POST['blog_public'] ) || $_POST['blog_public'] == ’1′ ) { ?>checked=”checked”<?php } ?> />
<strong><?php _e( ‘Yes’ ); ?></strong>
</label>
<label for=”blog_public_off”>
<input type=”radio” id=”blog_public_off” name=”blog_public” value=”0″ <?php if ( isset( $_POST['blog_public'] ) && $_POST['blog_public'] == ’0′ ) { ?>checked=”checked”<?php } ?> />
<strong><?php _e( ‘No’ ); ?></strong>
</label>
</p>
</div>

<?php
do_action(‘signup_blogform’, $errors);
}

function validate_blog_form() {
$user = ”;
if ( is_user_logged_in() )
$user = wp_get_current_user();

return wpmu_validate_blog_signup($_POST['blogname'], $_POST['blog_title'], $user);
}

function show_user_form($user_name = ”, $user_email = ”, $errors = ”) {
// User name
echo ‘<label for=”user_name”>’ . __(‘Username:’) . ‘</label>’;
if ( $errmsg = $errors->get_error_message(‘user_name’) ) {
echo ‘<p>’.$errmsg.’</p>’;
}
echo ‘<input name=”user_name” type=”text” id=”user_name” value=”‘. esc_attr($user_name) .’” maxlength=”60″ /><br />’;
_e( ‘(Must be at least 4 characters, letters and numbers only.)’ );
?>

<label for=”user_email”><?php _e( ‘Email Address:’ ) ?></label>
<?php if ( $errmsg = $errors->get_error_message(‘user_email’) ) { ?>
<p><?php echo $errmsg ?></p>
<?php } ?>
<input name=”user_email” type=”text” id=”user_email” value=”<?php echo esc_attr($user_email) ?>” maxlength=”200″ /><br /><?php _e(‘We send your registration email to this address. (Double-check your email address before continuing.)’) ?>
<?php
if ( $errmsg = $errors->get_error_message(‘generic’) ) {
echo ‘<p>’ . $errmsg . ‘</p>’;
}
do_action( ‘signup_extra_fields’, $errors );
}

function validate_user_form() {
return wpmu_validate_user_signup($_POST['user_name'], $_POST['user_email']);
}

function signup_another_blog($blogname = ”, $blog_title = ”, $errors = ”) {
global $current_site;
$current_user = wp_get_current_user();

if ( ! is_wp_error($errors) ) {
$errors = new WP_Error();
}

// allow definition of default variables
$filtered_results = apply_filters(‘signup_another_blog_init’, array(‘blogname’ => $blogname, ‘blog_title’ => $blog_title, ‘errors’ => $errors ));
$blogname = $filtered_results['blogname'];
$blog_title = $filtered_results['blog_title'];
$errors = $filtered_results['errors'];

echo ‘<h2>’ . sprintf( __( ‘Get <em>another</em> %s site in seconds’ ), $current_site->site_name ) . ‘</h2>’;

if ( $errors->get_error_code() ) {
echo ‘<p>’ . __( ‘There was a problem, please correct the form below and try again.’ ) . ‘</p>’;
}
?>
<p><?php printf( __( ‘Welcome back, %s. By filling out the form below, you can <strong>add another site to your account</strong>. There is no limit to the number of sites you can have, so create to your heart’s content, but write responsibly!’ ), $current_user->display_name ) ?></p>

<?php
$blogs = get_blogs_of_user($current_user->ID);
if ( !empty($blogs) ) { ?>

<p><?php _e( ‘Sites you are already a member of:’ ) ?></p>
<ul>
<?php foreach ( $blogs as $blog ) {
$home_url = get_home_url( $blog->userblog_id );
echo ‘<li><a href=”‘ . esc_url( $home_url ) . ‘”>’ . $home_url . ‘</a></li>’;
} ?>
</ul>
<?php } ?>

<p><?php _e( ‘If you’re not going to use a great site domain, leave it for a new user. Now have at it!’ ) ?></p>
<form id=”setupform” method=”post” action=”wp-signup.php”>
<input type=”hidden” name=”stage” value=”gimmeanotherblog” />
<?php do_action( “signup_hidden_fields” ); ?>
<?php show_blog_form($blogname, $blog_title, $errors); ?>
<p><input type=”submit” name=”submit” value=”<?php esc_attr_e( ‘Create Site’ ) ?>” /></p>
</form>
<?php
}

function validate_another_blog_signup() {
global $wpdb, $blogname, $blog_title, $errors, $domain, $path;
$current_user = wp_get_current_user();
if ( !is_user_logged_in() )
die();

$result = validate_blog_form();
extract($result);

if ( $errors->get_error_code() ) {
signup_another_blog($blogname, $blog_title, $errors);
return false;
}

$public = (int) $_POST['blog_public'];
$meta = apply_filters( ‘signup_create_blog_meta’, array( ‘lang_id’ => 1, ‘public’ => $public ) ); // deprecated
$meta = apply_filters( ‘add_signup_meta’, $meta );

wpmu_create_blog( $domain, $path, $blog_title, $current_user->id, $meta, $wpdb->siteid );
confirm_another_blog_signup($domain, $path, $blog_title, $current_user->user_login, $current_user->user_email, $meta);
return true;
}

function confirm_another_blog_signup($domain, $path, $blog_title, $user_name, $user_email = ”, $meta = ”) {
?>
<h2><?php printf( __( ‘The site %s is yours.’ ), “<a href=’http://{$domain}{$path}’>{$blog_title}</a>” ) ?></h2>
<p>
<?php printf( __( ‘<a href=”http://%1$s”>http://%2$s</a> is your new site. <a href=”%3$s”>Log in</a> as “%4$s” using your existing password.’ ), $domain.$path, $domain.$path, “http://” . $domain.$path . “wp-login.php”, $user_name ) ?>
</p>
<?php
do_action( ‘signup_finished’ );
}

function signup_user($user_name = ”, $user_email = ”, $errors = ”) {
global $current_site, $active_signup;

if ( !is_wp_error($errors) )
$errors = new WP_Error();
if ( isset( $_POST[ 'signup_for' ] ) )
$signup[ esc_html( $_POST[ 'signup_for' ] ) ] = ‘checked=”checked”‘;
else
$signup[ 'blog' ] = ‘checked=”checked”‘;

//TODO – This doesn’t seem to do anything do we really need it?
$signup['user'] = isset( $signup['user'] ) ? $signup['user'] : ”;

// allow definition of default variables
$filtered_results = apply_filters(‘signup_user_init’, array(‘user_name’ => $user_name, ‘user_email’ => $user_email, ‘errors’ => $errors ));
$user_name = $filtered_results['user_name'];
$user_email = $filtered_results['user_email'];
$errors = $filtered_results['errors'];

?>

<h2><?php printf( __( ‘Get your own %s account in seconds’ ), $current_site->site_name ) ?></h2>
<form id=”setupform” method=”post” action=”wp-signup.php”>
<input type=”hidden” name=”stage” value=”validate-user-signup” />
<?php do_action( “signup_hidden_fields” ); ?>
<?php show_user_form($user_name, $user_email, $errors); ?>

<p>
<?php if ( $active_signup == ‘blog’ ) { ?>
<input id=”signupblog” type=”hidden” name=”signup_for” value=”blog” />
<?php } elseif ( $active_signup == ‘user’ ) { ?>
<input id=”signupblog” type=”hidden” name=”signup_for” value=”user” />
<?php } else { ?>
<input id=”signupblog” type=”radio” name=”signup_for” value=”blog” <?php echo $signup['blog'] ?> />
<label for=”signupblog”><?php _e(‘Gimme a site!’) ?></label>
<br />
<input id=”signupuser” type=”radio” name=”signup_for” value=”user” <?php echo $signup['user'] ?> />
<label for=”signupuser”><?php _e(‘Just a username, please.’) ?></label>
<?php } ?>
</p>

<p><input type=”submit” name=”submit” value=”<?php esc_attr_e(‘Next’) ?>” /></p>
</form>
<?php
}

function validate_user_signup() {
$result = validate_user_form();
extract($result);

if ( $errors->get_error_code() ) {
signup_user($user_name, $user_email, $errors);
return false;
}

if ( ‘blog’ == $_POST['signup_for'] ) {
signup_blog($user_name, $user_email);
return false;
}

wpmu_signup_user($user_name, $user_email, apply_filters( “add_signup_meta”, array() ) );

confirm_user_signup($user_name, $user_email);
return true;
}

function confirm_user_signup($user_name, $user_email) {
?>
<h2><?php printf( __( ‘%s is your new username’ ), $user_name) ?></h2>
<p><?php _e( ‘But, before you can start using your new username, <strong>you must activate it</strong>.’ ) ?></p>
<p><?php printf(__( ‘Check your inbox at <strong>%1$s</strong> and click the link given.’ ), $user_email) ?></p>
<p><?php _e( ‘If you do not activate your username within two days, you will have to sign up again.’ ); ?></p>
<?php
do_action( ‘signup_finished’ );
}

function signup_blog($user_name = ”, $user_email = ”, $blogname = ”, $blog_title = ”, $errors = ”) {
if ( !is_wp_error($errors) )
$errors = new WP_Error();

// allow definition of default variables
$filtered_results = apply_filters(‘signup_blog_init’, array(‘user_name’ => $user_name, ‘user_email’ => $user_email, ‘blogname’ => $blogname, ‘blog_title’ => $blog_title, ‘errors’ => $errors ));
$user_name = $filtered_results['user_name'];
$user_email = $filtered_results['user_email'];
$blogname = $filtered_results['blogname'];
$blog_title = $filtered_results['blog_title'];
$errors = $filtered_results['errors'];

if ( empty($blogname) )
$blogname = $user_name;
?>
<form id=”setupform” method=”post” action=”wp-signup.php”>
<input type=”hidden” name=”stage” value=”validate-blog-signup” />
<input type=”hidden” name=”user_name” value=”<?php echo esc_attr($user_name) ?>” />
<input type=”hidden” name=”user_email” value=”<?php echo esc_attr($user_email) ?>” />
<?php do_action( “signup_hidden_fields” ); ?>
<?php show_blog_form($blogname, $blog_title, $errors); ?>
<p><input type=”submit” name=”submit” value=”<?php esc_attr_e(‘Signup’) ?>” /></p>
</form>
<?php
}

function validate_blog_signup() {
// Re-validate user info.
$result = wpmu_validate_user_signup($_POST['user_name'], $_POST['user_email']);
extract($result);

if ( $errors->get_error_code() ) {
signup_user($user_name, $user_email, $errors);
return false;
}

$result = wpmu_validate_blog_signup($_POST['blogname'], $_POST['blog_title']);
extract($result);

if ( $errors->get_error_code() ) {
signup_blog($user_name, $user_email, $blogname, $blog_title, $errors);
return false;
}

$public = (int) $_POST['blog_public'];
$meta = array (‘lang_id’ => 1, ‘public’ => $public);
$meta = apply_filters( “add_signup_meta”, $meta );

wpmu_signup_blog($domain, $path, $blog_title, $user_name, $user_email, $meta);
confirm_blog_signup($domain, $path, $blog_title, $user_name, $user_email, $meta);
return true;
}

function confirm_blog_signup($domain, $path, $blog_title, $user_name = ”, $user_email = ”, $meta) {
?>
<h2><?php printf( __( ‘Congratulations! Your new site, %s, is almost ready.’ ), “<a href=’http://{$domain}{$path}’>{$blog_title}</a>” ) ?></h2>

<p><?php _e( ‘But, before you can start using your site, <strong>you must activate it</strong>.’ ) ?></p>
<p><?php printf( __( ‘Check your inbox at <strong>%s</strong> and click the link given.’ ), $user_email) ?></p>
<p><?php _e( ‘If you do not activate your site within two days, you will have to sign up again.’ ); ?></p>
<h2><?php _e( ‘Still waiting for your email?’ ); ?></h2>
<p>
<?php _e( ‘If you haven’t received your email yet, there are a number of things you can do:’ ) ?>
<ul id=”noemail-tips”>
<li><p><strong><?php _e( ‘Wait a little longer. Sometimes delivery of email can be delayed by processes outside of our control.’ ) ?></strong></p></li>
<li><p><?php _e( ‘Check the junk or spam folder of your email client. Sometime emails wind up there by mistake.’ ) ?></p></li>
<li><?php printf( __( ‘Have you entered your email correctly? You have entered %s, if it’s incorrect, you will not receive your email.’ ), $user_email ) ?></li>
</ul>
</p>
<?php
do_action( ‘signup_finished’ );
}

// Main
$active_signup = get_site_option( ‘registration’ );
if ( !$active_signup )
$active_signup = ‘all’;

$active_signup = apply_filters( ‘wpmu_active_signup’, $active_signup ); // return “all”, “none”, “blog” or “user”

// Make the signup type translatable.
$i18n_signup['all'] = _x(‘all’, ‘Multisite active signup type’);
$i18n_signup['none'] = _x(‘none’, ‘Multisite active signup type’);
$i18n_signup['blog'] = _x(‘blog’, ‘Multisite active signup type’);
$i18n_signup['user'] = _x(‘user’, ‘Multisite active signup type’);

if ( is_super_admin() )
echo ‘<div>’ . sprintf( __( ‘Greetings Site Administrator! You are currently allowing “%s” registrations. To change or disable registration go to your <a href=”%s”>Options page</a>.’ ), $i18n_signup[$active_signup], esc_url( network_admin_url( ‘ms-options.php’ ) ) ) . ‘</div>’;

$newblogname = isset($_GET['new']) ? strtolower(preg_replace(‘/^-|-$|[^-a-zA-Z0-9]/’, ”, $_GET['new'])) : null;

$current_user = wp_get_current_user();
if ( $active_signup == “none” ) {
_e( ‘Registration has been disabled.’ );
} elseif ( $active_signup == ‘blog’ && !is_user_logged_in() ) {
if ( is_ssl() )
$proto = ‘https://’;
else
$proto = ‘http://’;
$login_url = site_url( ‘wp-login.php?redirect_to=’ . urlencode($proto . $_SERVER['HTTP_HOST'] . ‘/wp-signup.php’ ));
echo sprintf( __( ‘You must first <a href=”%s”>log in</a>, and then you can create a new site.’ ), $login_url );
} else {
$stage = isset( $_POST['stage'] ) ? $_POST['stage'] : ‘default’;
switch ( $stage ) {
case ‘validate-user-signup’ :
if ( $active_signup == ‘all’ || $_POST[ 'signup_for' ] == ‘blog’ && $active_signup == ‘blog’ || $_POST[ 'signup_for' ] == ‘user’ && $active_signup == ‘user’ )
validate_user_signup();
else
_e( ‘User registration has been disabled.’ );
break;
case ‘validate-blog-signup’:
if ( $active_signup == ‘all’ || $active_signup == ‘blog’ )
validate_blog_signup();
else
_e( ‘Site registration has been disabled.’ );
break;
case ‘gimmeanotherblog’:
validate_another_blog_signup();
break;
case ‘default’:
default :
$user_email = isset( $_POST[ 'user_email' ] ) ? $_POST[ 'user_email' ] : ”;
do_action( “preprocess_signup_form” ); // populate the form from invites, elsewhere?
if ( is_user_logged_in() && ( $active_signup == ‘all’ || $active_signup == ‘blog’ ) )
signup_another_blog($newblogname);
elseif ( is_user_logged_in() == false && ( $active_signup == ‘all’ || $active_signup == ‘user’ ) )
signup_user( $newblogname, $user_email );
elseif ( is_user_logged_in() == false && ( $active_signup == ‘blog’ ) )
_e( ‘Sorry, new registrations are not allowed at this time.’ );
else
_e( ‘You are logged in already. No need to register again!’ );

if ( $newblogname ) {
$newblog = get_blogaddress_by_name( $newblogname );

if ( $active_signup == ‘blog’ || $active_signup == ‘all’ )
printf( __( ‘<p><em>The site you were looking for, <strong>%s</strong> does not exist, but you can create it now!</em></p>’ ), $newblog );
else
printf( __( ‘<p><em>The site you were looking for, <strong>%s</strong>, does not exist.</em></p>’ ), $newblog );
}
break;
}
}
?>
</div>
</div>
<?php do_action( ‘after_signup_form’ ); ?>

<?php get_footer(); ?>
users.php<?php
/**
* Users administration panel.
*
* @package WordPress
* @subpackage Administration
*/

/** WordPress Administration Bootstrap */
require_once(‘./admin.php’);

/** WordPress Registration API */
require_once( ABSPATH . WPINC . ‘/registration.php’);

if ( !current_user_can(‘list_users’) )
wp_die(__(‘Cheatin’ uh?’));

$title = __(‘Users’);
$parent_file = ‘users.php’;

// contextual help – choose Help on the top right of admin panel to preview this.
add_contextual_help($current_screen,
‘<p>’ . __(‘This screen lists all the existing users for your site. Each user has one of five defined roles as set by the site admin: Site Administrator, Editor, Author, Contributor, or Subscriber. Users with roles other than Administrator will see fewer options when they are logged in, based on their role.’) . ‘</p>’ .
‘<p>’ . __(‘You can customize the display of information on this screen as you can on other screens, by using the Screen Options tab and the on-screen filters.’) . ‘</p>’ .
‘<p>’ . __(‘To add a new user for your site, click the Add New button at the top of the screen or Add New in the Users menu section.’) . ‘</p>’ .
‘<p><strong>’ . __(‘For more information:’) . ‘</strong></p>’ .
‘<p>’ . __(‘<a href=”http://codex.wordpress.org/Users_Authors_and_Users_SubPanel” target=”_blank”>Documentation on Authors and Users</a>’) . ‘</p>’ .
‘<p>’ . __(‘<a href=”http://codex.wordpress.org/Roles_and_Capabilities” target=”_blank”>Roles and Capabilities Descriptions</a>’) . ‘</p>’ .
‘<p>’ . __(‘<a href=”http://wordpress.org/support/” target=”_blank”>Support Forums</a>’) . ‘</p>’
);

$update = $doaction = ”;
if ( isset($_REQUEST['action']) )
$doaction = $_REQUEST['action'] ? $_REQUEST['action'] : $_REQUEST['action2'];

if ( empty($doaction) ) {
if ( isset($_GET['changeit']) && !empty($_GET['new_role']) )
$doaction = ‘promote’;
}

if ( empty($_REQUEST) ) {
$referer = ‘<input type=”hidden” name=”wp_http_referer” value=”‘. esc_attr(stripslashes($_SERVER['REQUEST_URI'])) . ‘” />’;
} elseif ( isset($_REQUEST['wp_http_referer']) ) {
$redirect = remove_query_arg(array(‘wp_http_referer’, ‘updated’, ‘delete_count’), stripslashes($_REQUEST['wp_http_referer']));
$referer = ‘<input type=”hidden” name=”wp_http_referer” value=”‘ . esc_attr($redirect) . ‘” />’;
} else {
$redirect = ‘users.php’;
$referer = ”;
}

switch ($doaction) {

/* Bulk Dropdown menu Role changes */
case ‘promote’:
check_admin_referer(‘bulk-users’);

if ( empty($_REQUEST['users']) ) {
wp_redirect($redirect);
exit();
}

$editable_roles = get_editable_roles();
if ( empty( $editable_roles[$_REQUEST['new_role']] ) )
wp_die(__(‘You can’t give users that role.’));

$userids = $_REQUEST['users'];
$update = ‘promote’;
foreach ( $userids as $id ) {
$id = (int) $id;

if ( ! current_user_can(‘promote_user’, $id) )
wp_die(__(‘You can’t edit that user.’));
// The new role of the current user must also have promote_users caps
if ( $id == $current_user->ID && !$wp_roles->role_objects[$_REQUEST['new_role']]->has_cap(‘promote_users’) ) {
$update = ‘err_admin_role’;
continue;
}

// If the user doesn’t already belong to the blog, bail.
if ( is_multisite() && !is_user_member_of_blog( $id ) )
wp_die(__(‘Cheatin’ uh?’));

$user = new WP_User($id);
$user->set_role($_REQUEST['new_role']);
}

wp_redirect(add_query_arg(‘update’, $update, $redirect));
exit();

break;

case ‘dodelete’:
if ( is_multisite() )
wp_die( __(‘User deletion is not allowed from this screen.’) );

check_admin_referer(‘delete-users’);

if ( empty($_REQUEST['users']) ) {
wp_redirect($redirect);
exit();
}

if ( ! current_user_can( ‘delete_users’ ) )
wp_die(__(‘You can’t delete users.’));

$userids = $_REQUEST['users'];
$update = ‘del’;
$delete_count = 0;

foreach ( (array) $userids as $id) {
$id = (int) $id;

if ( ! current_user_can( ‘delete_user’, $id ) )
wp_die(__( ‘You can’t delete that user.’ ) );

if ( $id == $current_user->ID ) {
$update = ‘err_admin_del’;
continue;
}
switch ( $_REQUEST['delete_option'] ) {
case ‘delete’:
if ( current_user_can(‘delete_user’, $id) )
wp_delete_user($id);
break;
case ‘reassign’:
if ( current_user_can(‘delete_user’, $id) )
wp_delete_user($id, $_REQUEST['reassign_user']);
break;
}
++$delete_count;
}

$redirect = add_query_arg( array(‘delete_count’ => $delete_count, ‘update’ => $update), $redirect);
wp_redirect($redirect);
exit();

break;

case ‘delete’:
if ( is_multisite() )
wp_die( __(‘User deletion is not allowed from this screen.’) );

check_admin_referer(‘bulk-users’);

if ( empty($_REQUEST['users']) && empty($_REQUEST['user']) ) {
wp_redirect($redirect);
exit();
}

if ( ! current_user_can( ‘delete_users’ ) )
$errors = new WP_Error( ‘edit_users’, __( ‘You can’t delete users.’ ) );

if ( empty($_REQUEST['users']) )
$userids = array(intval($_REQUEST['user']));
else
$userids = $_REQUEST['users'];

include (‘admin-header.php’);
?>
<form action=”" method=”post” name=”updateusers” id=”updateusers”>
<?php wp_nonce_field(‘delete-users’) ?>
<?php echo $referer; ?>

<div>
<?php screen_icon(); ?>
<h2><?php _e(‘Delete Users’); ?></h2>
<p><?php _e(‘You have specified these users for deletion:’); ?></p>
<ul>
<?php
$go_delete = false;
foreach ( (array) $userids as $id ) {
$id = (int) $id;
$user = new WP_User($id);
if ( $id == $current_user->ID ) {
echo “<li>” . sprintf(__(‘ID #%1s: %2s <strong>The current user will not be deleted.</strong>’), $id, $user->user_login) . “</li>\n”;
} else {
echo “<li><input type=\”hidden\” name=\”users[]\” value=\”" . esc_attr($id) . “\” />” . sprintf(__(‘ID #%1s: %2s’), $id, $user->user_login) . “</li>\n”;
$go_delete = true;
}
}
// @todo Delete is always for !is_multisite(). Use API.
if ( !is_multisite() ) {
$all_logins = $wpdb->get_results(“SELECT ID, user_login FROM $wpdb->users ORDER BY user_login”);
} else {
// WPMU only searches users of current blog
$all_logins = $wpdb->get_results(“SELECT ID, user_login FROM $wpdb->users, $wpdb->usermeta WHERE $wpdb->users.ID = $wpdb->usermeta.user_id AND meta_key = ‘”.$wpdb->prefix.”capabilities’ ORDER BY user_login”);
}
$user_dropdown = ‘<select name=”reassign_user”>’;
foreach ( (array) $all_logins as $login )
if ( $login->ID == $current_user->ID || !in_array($login->ID, $userids) )
$user_dropdown .= “<option value=\”" . esc_attr($login->ID) . “\”>{$login->user_login}</option>”;
$user_dropdown .= ‘</select>’;
?>
</ul>
<?php if ( $go_delete ) : ?>
<fieldset><p><legend><?php _e(‘What should be done with posts and links owned by this user?’); ?></legend></p>
<ul style=”list-style:none;”>
<li><label><input type=”radio” id=”delete_option0″ name=”delete_option” value=”delete” checked=”checked” />
<?php _e(‘Delete all posts and links.’); ?></label></li>
<li><input type=”radio” id=”delete_option1″ name=”delete_option” value=”reassign” />
<?php echo ‘<label for=”delete_option1″>’.__(‘Attribute all posts and links to:’).”</label> $user_dropdown”; ?></li>
</ul></fieldset>
<input type=”hidden” name=”action” value=”dodelete” />
<p><input type=”submit” name=”submit” value=”<?php esc_attr_e(‘Confirm Deletion’); ?>” /></p>
<?php else : ?>
<p><?php _e(‘There are no valid users selected for deletion.’); ?></p>
<?php endif; ?>
</div>
</form>
<?php

break;

case ‘doremove’:
check_admin_referer(‘remove-users’);

if ( empty($_REQUEST['users']) ) {
wp_redirect($redirect);
exit;
}

if ( !current_user_can(‘remove_users’) )
die(__(‘You can’t remove users.’));

$userids = $_REQUEST['users'];

$update = ‘remove’;
foreach ( $userids as $id ) {
$id = (int) $id;
if ( $id == $current_user->id && !is_super_admin() ) {
$update = ‘err_admin_remove’;
continue;
}
if ( !current_user_can(‘remove_user’, $id) ) {
$update = ‘err_admin_remove’;
continue;
}
remove_user_from_blog($id, $blog_id);
}

$redirect = add_query_arg( array(‘update’ => $update), $redirect);
wp_redirect($redirect);
exit;

break;

case ‘remove’:

check_admin_referer(‘bulk-users’);

if ( empty($_REQUEST['users']) && empty($_REQUEST['user']) ) {
wp_redirect($redirect);
exit();
}

if ( !current_user_can(‘remove_users’) )
$error = new WP_Error(‘edit_users’, __(‘You can’t remove users.’));

if ( empty($_REQUEST['users']) )
$userids = array(intval($_REQUEST['user']));
else
$userids = $_REQUEST['users'];

include (‘admin-header.php’);
?>
<form action=”" method=”post” name=”updateusers” id=”updateusers”>
<?php wp_nonce_field(‘remove-users’) ?>
<?php echo $referer; ?>

<div>
<?php screen_icon(); ?>
<h2><?php _e(‘Remove Users from Site’); ?></h2>
<p><?php _e(‘You have specified these users for removal:’); ?></p>
<ul>
<?php
$go_remove = false;
foreach ( $userids as $id ) {
$id = (int) $id;
$user = new WP_User($id);
if ( $id == $current_user->id && !is_super_admin() ) {
echo “<li>” . sprintf(__(‘ID #%1s: %2s <strong>The current user will not be removed.</strong>’), $id, $user->user_login) . “</li>\n”;
} elseif ( !current_user_can(‘remove_user’, $id) ) {
echo “<li>” . sprintf(__(‘ID #%1s: %2s <strong>You don\’t have permission to remove this user.</strong>’), $id, $user->user_login) . “</li>\n”;
} else {
echo “<li><input type=\”hidden\” name=\”users[]\” value=\”{$id}\” />” . sprintf(__(‘ID #%1s: %2s’), $id, $user->user_login) . “</li>\n”;
$go_remove = true;
}
}
?>
<?php if ( $go_remove ) : ?>
<input type=”hidden” name=”action” value=”doremove” />
<p><input type=”submit” name=”submit” value=”<?php esc_attr_e(‘Confirm Removal’); ?>” /></p>
<?php else : ?>
<p><?php _e(‘There are no valid users selected for removal.’); ?></p>
<?php endif; ?>
</div>
</form>
<?php

break;

default:

if ( !empty($_GET['_wp_http_referer']) ) {
wp_redirect(remove_query_arg(array(‘_wp_http_referer’, ‘_wpnonce’), stripslashes($_SERVER['REQUEST_URI'])));
exit;
}

include(‘./admin-header.php’);

$usersearch = isset($_GET['usersearch']) ? $_GET['usersearch'] : null;
$userspage = isset($_GET['userspage']) ? $_GET['userspage'] : null;
$role = isset($_GET['role']) ? $_GET['role'] : null;

// Query the user IDs for this page
$wp_user_search = new WP_User_Search($usersearch, $userspage, $role);

// Query the post counts for this page
$post_counts = count_many_users_posts($wp_user_search->get_results());

// Query the users for this page
cache_users($wp_user_search->get_results());

$messages = array();
if ( isset($_GET['update']) ) :
switch($_GET['update']) {
case ‘del’:
case ‘del_many’:
$delete_count = isset($_GET['delete_count']) ? (int) $_GET['delete_count'] : 0;
$messages[] = ‘<div id=”message”><p>’ . sprintf(_n(‘%s user deleted’, ‘%s users deleted’, $delete_count), $delete_count) . ‘</p></div>’;
break;
case ‘add’:
$messages[] = ‘<div id=”message”><p>’ . __(‘New user created.’) . ‘</p></div>’;
break;
case ‘promote’:
$messages[] = ‘<div id=”message”><p>’ . __(‘Changed roles.’) . ‘</p></div>’;
break;
case ‘err_admin_role’:
$messages[] = ‘<div id=”message”><p>’ . __(‘The current user’s role must have user editing capabilities.’) . ‘</p></div>’;
$messages[] = ‘<div id=”message”><p>’ . __(‘Other user roles have been changed.’) . ‘</p></div>’;
break;
case ‘err_admin_del’:
$messages[] = ‘<div id=”message”><p>’ . __(‘You can’t delete the current user.’) . ‘</p></div>’;
$messages[] = ‘<div id=”message”><p>’ . __(‘Other users have been deleted.’) . ‘</p></div>’;
break;
case ‘remove’:
$messages[] = ‘<div id=”message”><p>’ . __(‘User removed from this site.’) . ‘</p></div>’;
break;
case ‘err_admin_remove’:
$messages[] = ‘<div id=”message”><p>’ . __(“You can’t remove the current user.”) . ‘</p></div>’;
$messages[] = ‘<div id=”message”><p>’ . __(‘Other users have been removed.’) . ‘</p></div>’;
break;
}
endif; ?>

<?php if ( isset($errors) && is_wp_error( $errors ) ) : ?>
<div>
<ul>
<?php
foreach ( $errors->get_error_messages() as $err )
echo “<li>$err</li>\n”;
?>
</ul>
</div>
<?php endif;

if ( ! empty($messages) ) {
foreach ( $messages as $msg )
echo $msg;
} ?>

<div>
<?php screen_icon(); ?>
<h2><?php echo esc_html( $title ); if ( current_user_can( ‘create_users’ ) ) { ?> <a href=”user-new.php”><?php echo esc_html_x(‘Add New’, ‘user’); ?></a><?php }
if ( isset($_GET['usersearch']) && $_GET['usersearch'] )
printf( ‘<span>’ . __(‘Search results for “%s”’) . ‘</span>’, esc_html( $_GET['usersearch'] ) ); ?>
</h2>

<div>
<form id=”list-filter” action=”" method=”get”>
<ul>
<?php
$users_of_blog = count_users();
$total_users = $users_of_blog['total_users'];
$avail_roles =& $users_of_blog['avail_roles'];
unset($users_of_blog);

$current_role = false;
$class = empty($role) ? ” : ”;
$role_links = array();
$role_links[] = “<li><a href=’users.php’$class>” . sprintf( _nx( ‘All <span>(%s)</span>’, ‘All <span>(%s)</span>’, $total_users, ‘users’ ), number_format_i18n( $total_users ) ) . ‘</a>’;
foreach ( $wp_roles->get_names() as $this_role => $name ) {
if ( !isset($avail_roles[$this_role]) )
continue;

$class = ”;

if ( $this_role == $role ) {
$current_role = $role;
$class = ”;
}

$name = translate_user_role( $name );
/* translators: User role name with count */
$name = sprintf( __(‘%1$s <span>(%2$s)</span>’), $name, $avail_roles[$this_role] );
$role_links[] = “<li><a href=’users.php?role=$this_role’$class>$name</a>”;
}
echo implode( ” |</li>\n”, $role_links) . ‘</li>’;
unset($role_links);
?>
</ul>
</form>
</div>

<form action=”" method=”get”>
<p>
<label for=”user-search-input”><?php _e( ‘Search Users’ ); ?>:</label>
<input type=”text” id=”user-search-input” name=”usersearch” value=”<?php echo esc_attr($wp_user_search->search_term); ?>” />
<input type=”submit” value=”<?php esc_attr_e( ‘Search Users’ ); ?>” />
</p>
</form>

<form id=”posts-filter” action=”" method=”get”>
<div>

<?php if ( $wp_user_search->results_are_paged() ) : ?>
<div><?php $wp_user_search->page_links(); ?></div>
<?php endif; ?>

<div>
<select name=”action”>
<option value=”" selected=”selected”><?php _e(‘Bulk Actions’); ?></option>
<?php if ( !is_multisite() && current_user_can(‘delete_users’) ) { ?>
<option value=”delete”><?php _e(‘Delete’); ?></option>
<?php } else { ?>
<option value=”remove”><?php _e(‘Remove’); ?></option>
<?php } ?>
</select>
<input type=”submit” value=”<?php esc_attr_e(‘Apply’); ?>” name=”doaction” id=”doaction” />
<label for=”new_role”><?php _e(‘Change role to…’) ?></label><select name=”new_role” id=”new_role”><option value=”><?php _e(‘Change role to…’) ?></option><?php wp_dropdown_roles(); ?></select>
<input type=”submit” value=”<?php esc_attr_e(‘Change’); ?>” name=”changeit” />
<?php wp_nonce_field(‘bulk-users’); ?>
</div>

<br />
</div>

<?php if ( is_wp_error( $wp_user_search->search_errors ) ) : ?>
<div>
<ul>
<?php
foreach ( $wp_user_search->search_errors->get_error_messages() as $message )
echo “<li>$message</li>”;
?>
</ul>
</div>
<?php endif; ?>

<?php if ( $wp_user_search->get_results() ) : ?>

<?php if ( $wp_user_search->is_search() ) : ?>
<p><a href=”users.php”><?php _e(‘← Back to All Users’); ?></a></p>
<?php endif; ?>

<table cellspacing=”0″>
<thead>
<tr>
<?php print_column_headers(‘users’) ?>
</tr>
</thead>

<tfoot>
<tr>
<?php print_column_headers(‘users’, false) ?>
</tr>
</tfoot>

<tbody id=”users”>
<?php
$style = ”;
foreach ( $wp_user_search->get_results() as $userid ) {
$user_object = new WP_User($userid);
$roles = $user_object->roles;
$role = array_shift($roles);

if ( is_multisite() && empty( $role ) )
continue;

$style = ( ” == $style ) ? ” : ”;
echo “\n\t”, user_row( $user_object, $style, $role, $post_counts[ $userid ] );
}
?>
</tbody>
</table>

<div>

<?php if ( $wp_user_search->results_are_paged() ) : ?>
<div><?php $wp_user_search->page_links(); ?></div>
<?php endif; ?>

<div>
<select name=”action2″>
<option value=”" selected=”selected”><?php _e(‘Bulk Actions’); ?></option>
<?php if ( !is_multisite() && current_user_can(‘delete_users’) ) { ?>
<option value=”delete”><?php _e(‘Delete’); ?></option>
<?php } else { ?>
<option value=”remove”><?php _e(‘Remove’); ?></option>
<?php } ?></select>
<input type=”submit” value=”<?php esc_attr_e(‘Apply’); ?>” name=”doaction2″ id=”doaction2″ />
</div>

<br />
</div>

<?php endif; ?>

</form>
</div>

<?php
if ( is_multisite() ) {
foreach ( array(‘user_login’ => ‘user_login’, ‘first_name’ => ‘user_firstname’, ‘last_name’ => ‘user_lastname’, ‘email’ => ‘user_email’, ‘Phone’ => ‘Phone’, ‘members’ => ‘members’, ‘url’ => ‘user_uri’, ‘role’ => ‘user_role’) as $formpost => $var ) {
$var = ‘new_’ . $var;
$$var = isset($_REQUEST[$formpost]) ? esc_attr(stripslashes($_REQUEST[$formpost])) : ”;
}
unset($name);
}
?>

<br />
<?php
break;

} // end of the $doaction switch

include(‘./admin-footer.php’);
?>
user-new.php<?php
/**
* New User Administration Panel.
*
* @package WordPress
* @subpackage Administration
*/

/** WordPress Administration Bootstrap */
require_once(‘./admin.php’);

if ( !current_user_can(‘create_users’) )
wp_die(__(‘Cheatin’ uh?’));

if ( is_multisite() && !get_site_option( ‘add_new_users’ ) )
wp_die( __(‘Page disabled by the administrator’) );

/** WordPress Registration API */
require_once( ABSPATH . WPINC . ‘/registration.php’);

if ( is_multisite() ) {
function admin_created_user_email( $text ) {
return sprintf( __( “Hi,
You’ve been invited to join ‘%s’ at
%s as a %s.
If you do not want to join this site please ignore
this email. This invitation will expire in a few days.

Please click the following link to activate your user account:
%%s” ), get_bloginfo(‘name’), site_url(), esc_html( $_REQUEST[ 'role' ] ) );
}
add_filter( ‘wpmu_signup_user_notification_email’, ‘admin_created_user_email’ );

function admin_created_user_subject( $text ) {
return “[" . get_bloginfo('name') . "] Your site invite”;
}
}

if ( isset($_REQUEST['action']) && ‘adduser’ == $_REQUEST['action'] ) {
check_admin_referer(‘add-user’);

if ( !is_multisite() ) {
$user_id = add_user();

if ( is_wp_error( $user_id ) ) {
$add_user_errors = $user_id;
} else {
if ( current_user_can(‘edit_users’) ) {
$new_user_login = apply_filters(‘pre_user_login’, sanitize_user(stripslashes($_REQUEST['user_login']), true));
$redirect = ‘users.php?usersearch=’. urlencode($new_user_login) . ‘&update=add’ . ‘#user-’ . $user_id;
} else {
$redirect = add_query_arg( ‘update’, ‘add’, ‘user-new.php’ );
}
wp_redirect( $redirect );
die();
}
} else {
$user_login = preg_replace( “/\s+/”, ”, sanitize_user( $_REQUEST[ 'user_login' ], true ) );
$user_details = $wpdb->get_row( $wpdb->prepare( “SELECT * FROM {$wpdb->users} WHERE user_login = %s AND user_email = %s”, $user_login, $_REQUEST[ 'email' ] ) );
if ( $user_details ) {
// Adding an existing user to this blog
$new_user_email = esc_html(trim($_REQUEST['email']));
$redirect = ‘user-new.php’;
$username = $user_details->user_login;
$user_id = $user_details->ID;
if ( ( $username != null && !is_super_admin( $user_id ) ) && ( array_key_exists($blog_id, get_blogs_of_user($user_id)) ) ) {
$redirect = add_query_arg( array(‘update’ => ‘addexisting’), ‘user-new.php’ );
} else {
if ( isset( $_POST[ 'noconfirmation' ] ) && is_super_admin() ) {
add_existing_user_to_blog( array( ‘user_id’ => $user_id, ‘role’ => $_REQUEST[ 'role' ] ) );
$redirect = add_query_arg( array(‘update’ => ‘addnoconfirmation’), ‘user-new.php’ );
} else {
$newuser_key = substr( md5( $user_id ), 0, 5 );
add_option( ‘new_user_’ . $newuser_key, array( ‘user_id’ => $user_id, ‘email’ => $user_details->user_email, ‘role’ => $_REQUEST[ 'role' ] ) );
$message = __(“Hi,\n\nYou have been invited to join ‘%s’ at\n%s as a %s.\nPlease click the following link to confirm the invite:\n%s\n”);
wp_mail( $new_user_email, sprintf( __( ‘[%s] Joining confirmation’ ), get_option( ‘blogname’ ) ), sprintf($message, get_option(‘blogname’), site_url(), $_REQUEST[ 'role' ], site_url(“/newbloguser/$newuser_key/”)));
$redirect = add_query_arg( array(‘update’ => ‘add’), ‘user-new.php’ );
}
}
wp_redirect( $redirect );
die();
} else {
// Adding a new user to this blog
$user_details = wpmu_validate_user_signup( $_REQUEST[ 'user_login' ], $_REQUEST[ 'email' ] );
unset( $user_details[ 'errors' ]->errors[ 'user_email_used' ] );
if ( is_wp_error( $user_details[ 'errors' ] ) && !empty( $user_details[ 'errors' ]->errors ) ) {
$add_user_errors = $user_details[ 'errors' ];
} else {
$new_user_login = apply_filters(‘pre_user_login’, sanitize_user(stripslashes($_REQUEST['user_login']), true));
if ( isset( $_POST[ 'noconfirmation' ] ) && is_super_admin() ) {
add_filter( ‘wpmu_signup_user_notification’, ‘__return_false’ ); // Disable confirmation email
}
wpmu_signup_user( $new_user_login, $_REQUEST[ 'email' ], array( ‘add_to_blog’ => $wpdb->blogid, ‘new_role’ => $_REQUEST[ 'role' ] ) );
if ( isset( $_POST[ 'noconfirmation' ] ) && is_super_admin() ) {
$key = $wpdb->get_var( $wpdb->prepare( “SELECT activation_key FROM {$wpdb->signups} WHERE user_login = %s AND user_email = %s”, $new_user_login, $_REQUEST[ 'email' ] ) );
wpmu_activate_signup( $key );
$redirect = add_query_arg( array(‘update’ => ‘addnoconfirmation’), ‘user-new.php’ );
} else {
$redirect = add_query_arg( array(‘update’ => ‘newuserconfimation’), ‘user-new.php’ );
}
wp_redirect( $redirect );
die();
}
}
}
}

$title = __(‘Add New User’);
$parent_file = ‘users.php’;

add_contextual_help($current_screen,
‘<p>’ . __(‘To add a new user to your site, fill in the form on this screen. If you’re not sure which role to assign, you can use the link below to review the different roles and their capabilities. Here is a basic overview of roles:’) . ‘</p>’ .
‘<ul>’ .
‘<li>’ . __(‘Administrators have access to all the administration features.’) . ‘</li>’ .
‘<li>’ . __(‘Editors can publish posts, manage posts as well as manage other people’s posts, etc.’) . ‘</li>’ .
‘<li>’ . __(‘Authors can publish and manage their own posts.’) . ‘</li>’ .
‘<li>’ . __(‘Contributors can write and manage their posts but not publish posts or upload media files.’) . ‘</li>’ .
‘<li>’ . __(‘Subscribers can read comments/comment/receive newsletters, etc.’) . ‘</li>’ .
‘</ul>’ .
‘<p>’ . __(‘You must assign a password to the new user, but don’t worry; when they log in for the first time they will be prompted to change it. The username, however, cannot be changed.’) . ‘</p>’ .
‘<p>’ . __(‘New users will receive an email letting them know they’ve been added as a user for your site. By default, this email will also contain their password. Uncheck the box if you don’t want the password to be included in the welcome email.’) . ‘</p>’ .
‘<p>’ . __(‘Remember to click the Add User button at the bottom of this screen when you are finished.’) . ‘</p>’ .
‘<p><strong>’ . __(‘For more information:’) . ‘</strong></p>’ .
‘<p>’ . __(‘<a href=”http://codex.wordpress.org/Users_Add_New_SubPanel” target=”_blank”>Documentation on Adding New Users</a>’) . ‘</p>’ .
‘<p>’ . __(‘<a href=”http://wordpress.org/support/” target=”_blank”>Support Forums</a>’) . ‘</p>’
);

wp_enqueue_script(‘wp-ajax-response’);
wp_enqueue_script(‘user-profile’);
wp_enqueue_script(‘password-strength-meter’);

require_once (‘admin-header.php’);

if ( isset($_GET['update']) ) {
$messages = array();
if ( is_multisite() ) {
switch ( $_GET['update'] ) {
case “newuserconfimation”:
$messages[] = __(‘Invitation email sent to new user. A confirmation link must be clicked before their account is created.’);
break;
case “add”:
$messages[] = __(‘Invitation email sent to user. A confirmation link must be clicked for them to be added to your site.’);
break;
case “addnoconfirmation”:
$messages[] = __(‘User has been added to your site.’);
break;
case “addexisting”:
$messages[] = __(‘That user is already a member of this site.’);
break;
}
} else {
if ( ‘add’ == $_GET['update'] )
$messages[] = __(‘User added.’);
}
}
?>
<div>
<?php screen_icon(); ?>
<h2 id=”add-new-user”><?php _e(‘Add New User’) ?></h2>

<?php if ( isset($errors) && is_wp_error( $errors ) ) : ?>
<div>
<ul>
<?php
foreach ( $errors->get_error_messages() as $err )
echo “<li>$err</li>\n”;
?>
</ul>
</div>
<?php endif;

if ( ! empty( $messages ) ) {
foreach ( $messages as $msg )
echo ‘<div id=”message”><p>’ . $msg . ‘</p></div>’;
} ?>

<?php if ( isset($add_user_errors) && is_wp_error( $add_user_errors ) ) : ?>
<div>
<?php
foreach ( $add_user_errors->get_error_messages() as $message )
echo “<p>$message</p>”;
?>
</div>
<?php endif; ?>
<div id=”ajax-response”></div>

<?php
if ( !is_multisite() ) {
if ( get_option(‘users_can_register’) )
echo ‘<p>’ . sprintf(__(‘Users can <a href=”%1$s”>register themselves</a> or you can manually create users here.’), site_url(‘wp-register.php’)) . ‘</p>’;
else
echo ‘<p>’ . sprintf(__(‘Users cannot currently <a href=”%1$s”>register themselves</a>, but you can manually create users here.’), admin_url(‘options-general.php#users_can_register’)) . ‘</p>’;
} else {
echo ‘<p>’ . __( ‘You can add new users to your site in two ways:’ ) . ‘<ol><li> ‘ . __( ‘Enter the username and email address of an existing user on this site.’ ) . ‘</li><li> ‘ . __( ‘Enter the username and the email address of a person who is not already a member of this site. Choose the username carefully, it cannot be changed.’ ) . ‘</li></ol></p>’;
echo ‘<p>’ . __( ‘That person will be sent an email asking them to click a link confirming the invite. New users will then be sent an email with a randomly generated password and a login link.’ ) . ‘</p>’;
}
?>
<form action=”#add-new-user” method=”post” name=”adduser” id=”adduser”<?php do_action(‘user_new_form_tag’);?>>
<?php wp_nonce_field(‘add-user’) ?>
<?php
//Load up the passed data, else set to a default.
foreach ( array(‘user_login’ => ‘login’, ‘first_name’ => ‘firstname’, ‘last_name’ => ‘lastname’,
‘email’ => ‘email’, ‘Phone’ => ‘Phone’, ‘members’ => ‘members’, ‘url’ => ‘uri’, ‘role’ => ‘role’) as $post_field => $var ) {
$var = “new_user_$var”;
if ( ! isset($$var) )
$$var = isset($_POST[$post_field]) ? stripslashes($_POST[$post_field]) : ”;
}
$new_user_send_password = !$_POST || isset($_POST['send_password']);
?>
<table>
<tr>
<th scope=”row”><label for=”user_login”><?php _e(‘Username’); ?> <span><?php _e(‘(required)’); ?></span></label>
<input name=”action” type=”hidden” id=”action” value=”adduser” /></th>
<td><input name=”user_login” type=”text” id=”user_login” value=”<?php echo esc_attr($new_user_login); ?>” aria-required=”true” /></td>
</tr>
<tr>
<th scope=”row”><label for=”email”><?php _e(‘E-mail’); ?> <span><?php _e(‘(required)’); ?></span></label></th>
<td><input name=”email” type=”text” id=”email” value=”<?php echo esc_attr($new_user_email); ?>” /></td>
</tr>
<?php if ( !is_multisite() ) { ?>
<tr>
<th scope=”row”><label for=”first_name”><?php _e(‘First Name’) ?> </label></th>
<td><input name=”first_name” type=”text” id=”first_name” value=”<?php echo esc_attr($new_user_firstname); ?>” /></td>
</tr>
<tr>
<th scope=”row”><label for=”last_name”><?php _e(‘Last Name’) ?> </label></th>
<td><input name=”last_name” type=”text” id=”last_name” value=”<?php echo esc_attr($new_user_lastname); ?>” /></td>
</tr>
<tr>
<th scope=”row”><label for=”url”><?php _e(‘Website’) ?></label></th>
<td><input name=”url” type=”text” id=”url” value=”<?php echo esc_attr($new_user_uri); ?>” /></td>
</tr>
<tr>
<th scope=”row”><label for=”Phone”><?php _e(‘Phone’) ?></label></th>
<td><input name=”Phone” type=”text” id=”Phone” value=”<?php echo esc_attr($new_user_Phone); ?>” /></td>
</tr>
<tr>
<th scope=”row”><label for=”members”><?php _e(‘members’) ?></label></th>
<td><input name=”members” type=”text” id=”members” value=”<?php echo esc_attr($members); ?>” /></td>
</tr>
<?php if ( apply_filters(‘show_password_fields’, true) ) : ?>
<tr>
<th scope=”row”><label for=”pass1″><?php _e(‘Password’); ?> <span><?php /* translators: password input field */_e(‘(twice, required)’); ?></span></label></th>
<td><input name=”pass1″ type=”password” id=”pass1″ autocomplete=”off” />
<br />
<input name=”pass2″ type=”password” id=”pass2″ autocomplete=”off” />
<br />
<div id=”pass-strength-result”><?php _e(‘Strength indicator’); ?></div>
<p><?php _e(‘Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers and symbols like ! ” ? $ % ^ & ).’); ?></p>
</td>
</tr>
<tr>
<th scope=”row”><label for=”send_password”><?php _e(‘Send Password?’) ?></label></th>
<td><label for=”send_password”><input type=”checkbox” name=”send_password” id=”send_password” <?php checked($new_user_send_password, true); ?> /> <?php _e(‘Send this password to the new user by email.’); ?></label></td>
</tr>
<?php endif; ?>
<?php } // !is_multisite ?>
<tr>
<th scope=”row”><label for=”role”><?php _e(‘Role’); ?></label></th>
<td><select name=”role” id=”role”>
<?php
if ( !$new_user_role )
$new_user_role = !empty($current_role) ? $current_role : get_option(‘default_role’);
wp_dropdown_roles($new_user_role);
?>
</select>
</td>
</tr>
<?php if ( is_multisite() && is_super_admin() ) { ?>
<tr>
<th scope=”row”><label for=”noconfirmation”><?php _e(‘Skip Confirmation Email’) ?></label></th>
<td><label for=”noconfirmation”><input type=”checkbox” name=”noconfirmation” id=”noconfirmation” value=”1″ /> <?php _e( ‘Site administrators can add a user without sending the confirmation email.’ ); ?></label></td>
</tr>
<?php } ?>
</table>
<p>
<input name=”adduser” type=”submit” id=”addusersub” value=”<?php esc_attr_e(‘Add User’) ?>” />
</p>
</form>

</div>
<?php
include(‘./admin-footer.php’);
?>
ms-users.php<?php
/**
* Multisite users administration panel.
*
* @package WordPress
* @subpackage Multisite
* @since 3.0.0
*/

require_once( ‘./admin.php’ );

if ( !is_multisite() )
wp_die( __( ‘Multisite support is not enabled.’ ) );

if ( ! current_user_can( ‘manage_network_users’ ) )
wp_die( __( ‘You do not have permission to access this page.’ ) );

$title = __( ‘Users’ );
$parent_file = ‘ms-admin.php’;

add_contextual_help($current_screen,
‘<p>’ . __(‘This table shows all users across the network and the sites to which they are assigned.’) . ‘</p>’ .
‘<p>’ . __(‘Hover over any user on the list to make the edit links appear. The Edit link on the left will take you to his or her Edit User profile page; the Edit link on the right by any site name goes to an Edit Site screen for that site.’) . ‘</p>’ .
‘<p>’ . __(‘You can also go to the user’s profile page by clicking on the individual username.’) . ‘</p>’ .
‘<p>’ . __(‘You can sort the table by clicking on any of the bold headings and switch between list and excerpt views by using the icons in the upper right.’) . ‘</p>’ .
‘<p>’ . __(‘The bulk action will permanently delete selected users, or mark/unmark those selected as spam. Spam users will have posts removed and will be unable to sign up again with the same email addresses.’) . ‘</p>’ .
‘<p>’ . __(‘Add User will add that person to this table and send them an email.’) . ‘</p>’ .
‘<p>’ . __(‘Users who are signed up to the network without a site are added as subscribers to the main or primary dashboard site, giving them profile pages to manage their accounts. These users will only see Dashboard and My Sites in the main navigation until a site is created for them.’) . ‘</p>’ .
‘<p>’ . __(‘You can make an existing user an additional super admin by going to the Edit User profile page and checking the box to grant that privilege.’) . ‘</p>’ .
‘<p><strong>’ . __(‘For more information:’) . ‘</strong></p>’ .
‘<p>’ . __(‘<a href=”http://codex.wordpress.org/Super_Admin_Users_SubPanel” target=”_blank”>Network Users Documentation</a>’) . ‘</p>’ .
‘<p>’ . __(‘<a href=”http://wordpress.org/support/” target=”_blank”>Support Forums</a>’) . ‘</p>’
);

wp_enqueue_script( ‘admin-forms’ );

require_once( ‘./admin-header.php’ );

if ( isset( $_GET['updated'] ) && $_GET['updated'] == ‘true’ && ! empty( $_GET['action'] ) ) {
?>
<div id=”message”><p>
<?php
switch ( $_GET['action'] ) {
case ‘delete’:
_e( ‘User deleted.’ );
break;
case ‘all_spam’:
_e( ‘Users marked as spam.’ );
break;
case ‘all_notspam’:
_e( ‘Users removed from spam.’ );
break;
case ‘all_delete’:
_e( ‘Users deleted.’ );
break;
case ‘add’:
_e( ‘User added.’ );
break;
}
?>
</p></div>
<?php
}

$pagenum = isset( $_GET['paged'] ) ? absint( $_GET['paged'] ) : 0;
if ( empty( $pagenum ) )
$pagenum = 1;

$per_page = (int) get_user_option( ‘ms_users_per_page’ );
if ( empty( $per_page ) || $per_page < 1 )
$per_page = 15;

$per_page = apply_filters( ‘ms_users_per_page’, $per_page );

$s = isset( $_GET['s'] ) ? stripslashes( trim( $_GET[ 's' ] ) ) : ”;
$like_s = esc_sql( like_escape( $s ) );

$query = “SELECT * FROM {$wpdb->users}”;

if ( !empty( $like_s ) ) {
$query .= ” WHERE user_login LIKE ‘%$like_s%’ OR user_email LIKE ‘%$like_s%’”;
}

$order_by = isset( $_GET['sortby'] ) ? $_GET['sortby'] : ‘id’;
if ( $order_by == ‘email’ ) {
$query .= ‘ ORDER BY user_email ‘;
} elseif ( $order_by == ‘login’ ) {
$query .= ‘ ORDER BY user_login ‘;
} elseif ( $order_by == ‘name’ ) {
$query .= ‘ ORDER BY display_name ‘;
} elseif ( $order_by == ‘registered’ ) {
$query .= ‘ ORDER BY user_registered ‘;
} else {
$order_by = ‘id’;
$query .= ‘ ORDER BY ID ‘;
}

$order = ( isset( $_GET['order'] ) && ‘DESC’ == $_GET['order'] ) ? ‘DESC’ : ‘ASC’;
$query .= $order;

$total = $wpdb->get_var( str_replace( ‘SELECT *’, ‘SELECT COUNT(ID)’, $query ) );

$query .= ” LIMIT ” . intval( ( $pagenum – 1 ) * $per_page) . “, ” . intval( $per_page );

$user_list = $wpdb->get_results( $query, ARRAY_A );

$num_pages = ceil( $total / $per_page );
$page_links = paginate_links( array(
‘base’ => add_query_arg( ‘paged’, ‘%#%’ ),
‘format’ => ”,
‘prev_text’ => __( ‘«’ ),
‘next_text’ => __( ‘»’ ),
‘total’ => $num_pages,
‘current’ => $pagenum
));

if ( empty( $_GET['mode'] ) )
$mode = ‘list’;
else
$mode = esc_attr( $_GET['mode'] );

?>
<div>
<?php screen_icon(); ?>
<h2><?php esc_html_e( ‘Users’ ); ?>
<a href=”#form-add-user”><?php echo esc_html_x( ‘Add New’ , ‘users’); ?></a>
<?php
if ( isset( $_GET['s'] ) && $_GET['s'] )
printf( ‘<span>’ . __( ‘Search results for “%s”’ ) . ‘</span>’, esc_html( $s ) );
?>
</h2>

<form action=”ms-users.php” method=”get”>
<p>
<input type=”text” name=”s” value=”<?php echo esc_attr( $s ); ?>” id=”user-search-input” />
<input type=”submit” id=”post-query-submit” value=”<?php esc_attr_e( ‘Search Users’ ) ?>” />
</p>
</form>

<form id=”form-user-list” action=’ms-edit.php?action=allusers’ method=’post’>
<input type=”hidden” name=”mode” value=”<?php echo esc_attr( $mode ); ?>” />
<div>
<div>
<select name=”action”>
<option value=”-1″ selected=”selected”><?php _e( ‘Bulk Actions’ ); ?></option>
<option value=”delete”><?php _e( ‘Delete’ ); ?></option>
<option value=”spam”><?php _ex( ‘Mark as Spam’, ‘user’ ); ?></option>
<option value=”notspam”><?php _ex( ‘Not Spam’, ‘user’ ); ?></option>
</select>
<input type=”submit” value=”<?php esc_attr_e( ‘Apply’ ); ?>” name=”doaction” id=”doaction” />
<?php wp_nonce_field( ‘bulk-ms-users’, ‘_wpnonce_bulk-ms-users’ ); ?>
</div>

<?php if ( $page_links ) { ?>
<div>
<?php $page_links_text = sprintf( ‘<span>’ . __( ‘Displaying %s–%s of %s’ ) . ‘</span>%s’,
number_format_i18n( ( $pagenum – 1 ) * $per_page + 1 ),
number_format_i18n( min( $pagenum * $per_page, $total ) ),
number_format_i18n( $total ),
$page_links
); echo $page_links_text; ?>
</div>
<?php } ?>

<div>
<a href=”<?php echo esc_url( add_query_arg( ‘mode’, ‘list’, $_SERVER['REQUEST_URI'] ) ) ?>”><img <?php if ( ‘list’ == $mode ) echo ‘class=”current”‘; ?> id=”view-switch-list” src=”<?php echo esc_url( includes_url( ‘images/blank.gif’ ) ); ?>” width=”20″ height=”20″ title=”<?php _e( ‘List View’ ) ?>” alt=”<?php _e( ‘List View’ ) ?>” /></a>
<a href=”<?php echo esc_url( add_query_arg( ‘mode’, ‘excerpt’, $_SERVER['REQUEST_URI'] ) ) ?>”><img <?php if ( ‘excerpt’ == $mode ) echo ‘class=”current”‘; ?> id=”view-switch-excerpt” src=”<?php echo esc_url( includes_url( ‘images/blank.gif’ ) ); ?>” width=”20″ height=”20″ title=”<?php _e( ‘Excerpt View’ ) ?>” alt=”<?php _e( ‘Excerpt View’ ) ?>” /></a>
</div>
</div>
<div></div>

<?php
// define the columns to display, the syntax is ‘internal name’ => ‘display name’
$users_columns = array(
‘id’           => __( ‘ID’ ),
‘login’      => __( ‘Username’ ),
‘name’       => __( ‘Name’ ),
‘email’      => __( ‘E-mail’ ),
‘members’      => __( ‘Members Email’ ),
‘Phone’      => __( ‘Phone’ ),
‘registered’ => _x( ‘Registered’, ‘user’ ),
‘blogs’      => __( ‘Sites’ )
);
$users_columns = apply_filters( ‘wpmu_users_columns’, $users_columns );
?>
<table>
<thead>
<tr>
<th scope=”col”>
<input type=”checkbox” />
</th>
<?php
$col_url = ”;
foreach($users_columns as $column_id => $column_display_name) {
$column_link = “<a href=’”;
$order2 = ”;
if ( $order_by == $column_id )
$order2 = ( $order == ‘DESC’ ) ? ‘ASC’ : ‘DESC’;

$column_link .= esc_url( add_query_arg( array( ‘order’ => $order2, ‘paged’ => $pagenum, ‘sortby’ => $column_id ), remove_query_arg( array( ‘action’, ‘updated’ ), $_SERVER['REQUEST_URI'] ) ) );
$column_link .= “‘>{$column_display_name}</a>”;
$col_url .= ‘<th scope=”col”>’ . ( $column_id == ‘blogs’ ? $column_display_name : $column_link ) . ‘</th>’;
}
echo $col_url; ?>
</tr>
</thead>
<tfoot>
<tr>
<th scope=”col”>
<input type=”checkbox” />
</th>
<?php echo $col_url; ?>
</tr>
</tfoot>
<tbody id=”the-user-list”>
<?php if ( $user_list ) {
$class = ”;
$super_admins = get_super_admins();
foreach ( (array) $user_list as $user ) {
$class = ( ‘alternate’ == $class ) ? ” : ‘alternate’;

$status_list = array( ‘spam’ => ‘site-spammed’, ‘deleted’ => ‘site-deleted’ );

foreach ( $status_list as $status => $col ) {
if ( $user[$status] )
$class = $col;
}

?>
<tr>
<?php
foreach( (array) $users_columns as $column_name=>$column_display_name ) :
switch( $column_name ) {
case ‘id’: ?>
<th scope=”row”>
<input type=”checkbox” id=”blog_<?php echo $user['ID'] ?>” name=”allusers[]” value=”<?php echo esc_attr( $user['ID'] ) ?>” />
</th>
<th valign=”top” scope=”row”>
<?php echo $user['ID'] ?>
</th>
<?php
break;

case ‘login’:
$avatar   = get_avatar( $user['user_email'], 32 );
$edit_link = ( $current_user->ID == $user['ID'] ) ? ‘profile.php’ : ‘user-edit.php?user_id=’ . $user['ID'];
?>
<td>
<?php echo $avatar; ?><strong><a href=”<?php echo esc_url( admin_url( $edit_link ) ); ?>”><?php echo stripslashes( $user['user_login'] ); ?></a><?php
if ( in_array( $user['user_login'], $super_admins ) )
echo ‘ – ‘ . __( ‘Super admin’ );
?></strong>
<br/>
<div>
<span><a href=”<?php echo esc_url( admin_url( $edit_link ) ); ?>”><?php _e( ‘Edit’ ); ?></a></span>
<?php if ( ! in_array( $user['user_login'], $super_admins ) ) { ?>
| <span><a href=”<?php echo $delete   = esc_url( admin_url( add_query_arg( ‘_wp_http_referer’, urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), wp_nonce_url( ‘ms-edit.php’, ‘deleteuser’ ) . ‘&action=deleteuser&id=’ . $user['ID'] ) ) ); ?>”><?php _e( ‘Delete’ ); ?></a></span>
<?php } ?>
</div>
</td>
<?php
break;

case ‘name’: ?>
<td><?php echo $user['display_name'] ?></td>
<?php
break;

case ‘email’: ?>
<td><a href=”mailto:<?php echo $user['user_email'] ?>”><?php echo $user['user_email'] ?></a></td>
<?php
break;

case ‘registered’:
if ( ‘list’ == $mode )
$date = ‘Y/m/d’;
else
$date = ‘Y/m/d \<\b\r \/\> g:i:s a’;
?>
<td><?php echo mysql2date( __( $date ), $user['user_registered'] ); ?></td>
<?php
break;

case ‘blogs’:
$blogs = get_blogs_of_user( $user['ID'], true );
?>
<td>
<?php
if ( is_array( $blogs ) ) {
foreach ( (array) $blogs as $key => $val ) {
$path   = ( $val->path == ‘/’ ) ? ” : $val->path;
echo ‘<a href=”‘. esc_url( admin_url( ‘ms-sites.php?action=editblog&id=’ . $val->userblog_id ) ) .’”>’ . str_replace( ‘.’ . $current_site->domain, ”, $val->domain . $path ) . ‘</a>’;
echo ‘ <small>’;

// Edit
echo ‘<a href=”‘. esc_url( admin_url( ‘ms-sites.php?action=editblog&id=’ . $val->userblog_id ) ) .’”>’ . __( ‘Edit’ ) . ‘</a> | ‘;

// View
echo ‘<a ‘;
if ( get_blog_status( $val->userblog_id, ‘spam’ ) == 1 )
echo ‘style=”background-color: #faa” ‘;
echo ‘href=”‘ . esc_url( get_home_url( $val->userblog_id ) ) . ‘”>’ . __( ‘View’ ) . ‘</a>’;

echo ‘</small><br />’;
}
}
?>
</td>
<?php
break;

default: ?>
<td><?php do_action( ‘manage_users_custom_column’, $column_name, $user['ID'] ); ?></td>
<?php
break;
}
endforeach
?>
</tr>
<?php
}
} else {
?>
<tr>
<td colspan=”<?php echo (int) count($users_columns); ?>”><?php _e( ‘No users found.’ ) ?></td>
</tr>
<?php
} // end if ($users)
?>
</tbody>
</table>

<div>
<?php
if ( $page_links )
echo “<div class=’tablenav-pages’>$page_links_text</div>”;
?>

<div>
<select name=”action2″>
<option value=”-1″ selected=”selected”><?php _e( ‘Bulk Actions’ ); ?></option>
<option value=”delete”><?php _e( ‘Delete’ ); ?></option>
<option value=”spam”><?php _ex( ‘Mark as Spam’, ‘user’ ); ?></option>
<option value=”notspam”><?php _ex( ‘Not Spam’, ‘user’ ); ?></option>
</select>
<input type=”submit” value=”<?php esc_attr_e( ‘Apply’ ); ?>” name=”doaction2″ id=”doaction2″ />
</div>
<br />
</div>

</form>
</div>

<?php
if ( apply_filters( ‘show_adduser_fields’, true ) ) :
?>
<div id=”form-add-user”>
<h3><?php _e( ‘Add User’ ) ?></h3>
<form action=”ms-edit.php?action=adduser” method=”post”>
<table>
<tr>
<th scope=”row”><?php _e( ‘Username’ ) ?></th>
<td><input type=”text” name=”user[username]” /></td>
</tr>
<tr>
<th scope=”row”><?php _e( ‘Email’ ) ?></th>
<td><input type=”text” name=”user[email]” /></td>
</tr>
<tr>
<td colspan=”2″><?php _e( ‘Username and password will be mailed to the above email address.’ ) ?></td>
</tr>
</table>
<p>
<?php wp_nonce_field( ‘add-user’, ‘_wpnonce_add-user’ ) ?>
<input type=”submit” value=”<?php esc_attr_e( ‘Add user’ ) ?>” /></p>
</form>
</div>
<?php endif; ?>

<?php include( ‘./admin-footer.php’ ); ?>
Registration.php<?php
/**
* User Registration API
*
* @package WordPress
*/

/**
* Checks whether the given username exists.
*
* @since 2.0.0
*
* @param string $username Username.
* @return null|int The user’s ID on success, and null on failure.
*/
function username_exists( $username ) {
if ( $user = get_userdatabylogin( $username ) ) {
return $user->ID;
} else {
return null;
}
}

/**
* Checks whether the given email exists.
*
* @since 2.1.0
* @uses $wpdb
*
* @param string $email Email.
* @return bool|int The user’s ID on success, and false on failure.
*/
function email_exists( $email ) {
if ( $user = get_user_by_email($email) )
return $user->ID;

return false;
}

/**
* Checks whether an username is valid.
*
* @since 2.0.1
* @uses apply_filters() Calls ‘validate_username’ hook on $valid check and $username as parameters
*
* @param string $username Username.
* @return bool Whether username given is valid
*/
function validate_username( $username ) {
$sanitized = sanitize_user( $username, true );
$valid = ( $sanitized == $username );
return apply_filters( ‘validate_username’, $valid, $username );
}

/**
* Insert an user into the database.
*
* Can update a current user or insert a new user based on whether the user’s ID
* is present.
*
* Can be used to update the user’s info (see below), set the user’s role, and
* set the user’s preference on whether they want the rich editor on.
*
* Most of the $userdata array fields have filters associated with the values.
* The exceptions are ‘rich_editing’, ‘role’, ‘jabber’, ‘aim’, ‘yim’,
* ‘user_registered’, and ‘ID’. The filters have the prefix ‘pre_user_’ followed
* by the field name. An example using ‘description’ would have the filter
* called, ‘pre_user_description’ that can be hooked into.
*
* The $userdata array can contain the following fields:
* ‘ID’ – An integer that will be used for updating an existing user.
* ‘user_pass’ – A string that contains the plain text password for the user.
* ‘user_login’ – A string that contains the user’s username for logging in.
* ‘user_nicename’ – A string that contains a nicer looking name for the user.
*       The default is the user’s username.
* ‘user_url’ – A string containing the user’s URL for the user’s web site.
* ‘user_email’ – A string containing the user’s email address.
* ‘display_name’ – A string that will be shown on the site. Defaults to user’s
*       username. It is likely that you will want to change this, for both
*       appearance and security through obscurity (that is if you don’t use and
*       delete the default ‘admin’ user).
* ‘nickname’ – The user’s nickname, defaults to the user’s username.
* ‘first_name’ – The user’s first name.
* ‘last_name’ – The user’s last name.
* ‘description’ – A string containing content about the user.
* ‘rich_editing’ – A string for whether to enable the rich editor. False
*       if not empty.
* ‘user_registered’ – The date the user registered. Format is ‘Y-m-d H:i:s’.
* ‘role’ – A string used to set the user’s role.
* ‘jabber’ – User’s Jabber account.
* ‘aim’ – User’s AOL IM account.
* ‘yim’ – User’s Yahoo IM account.
*
* @since 2.0.0
* @uses $wpdb WordPress database layer.
* @uses apply_filters() Calls filters for most of the $userdata fields with the prefix ‘pre_user’. See note above.
* @uses do_action() Calls ‘profile_update’ hook when updating giving the user’s ID
* @uses do_action() Calls ‘user_register’ hook when creating a new user giving the user’s ID
*
* @param array $userdata An array of user data.
* @return int|WP_Error The newly created user’s ID or a WP_Error object if the user could not be created.
*/
function wp_insert_user($userdata) {
global $wpdb;

extract($userdata, EXTR_SKIP);

// Are we updating or creating?
if ( !empty($ID) ) {
$ID = (int) $ID;
$update = true;
$old_user_data = get_userdata($ID);
} else {
$update = false;
// Hash the password
$user_pass = wp_hash_password($user_pass);
}

$user_login = sanitize_user($user_login, true);
$user_login = apply_filters(‘pre_user_login’, $user_login);

//Remove any non-printable chars from the login string to see if we have ended up with an empty username
$user_login = trim($user_login);

if ( empty($user_login) )
return new WP_Error(‘empty_user_login’, __(‘Cannot create a user with an empty login name.’) );

if ( !$update && username_exists( $user_login ) )
return new WP_Error(‘existing_user_login’, __(‘This username is already registered.’) );

if ( empty($user_nicename) )
$user_nicename = sanitize_title( $user_login );
$user_nicename = apply_filters(‘pre_user_nicename’, $user_nicename);

if ( empty($user_url) )
$user_url = ”;
$user_url = apply_filters(‘pre_user_url’, $user_url);

if ( empty($user_email) )
$user_email = ”;
$user_email = apply_filters(‘pre_user_email’, $user_email);

if ( !$update && ! defined( ‘WP_IMPORTING’ ) && email_exists($user_email) )
return new WP_Error(‘existing_user_email’, __(‘This email address is already registered.’) );

if ( empty($display_name) )
$display_name = $user_login;
$display_name = apply_filters(‘pre_user_display_name’, $display_name);

if ( empty($nickname) )
$nickname = $user_login;
$nickname = apply_filters(‘pre_user_nickname’, $nickname);

if ( empty($first_name) )
$first_name = ”;
$first_name = apply_filters(‘pre_user_first_name’, $first_name);

if ( empty($last_name) )
$last_name = ”;
$last_name = apply_filters(‘pre_user_last_name’, $last_name);

if ( empty($description) )
$description = ”;
$description = apply_filters(‘pre_user_description’, $description);

if ( empty($rich_editing) )
$rich_editing = ‘true’;

if ( empty($comment_shortcuts) )
$comment_shortcuts = ‘false’;

if ( empty($admin_color) )
$admin_color = ‘fresh’;
$admin_color = preg_replace(‘|[^a-z0-9 _.\-@]|i’, ”, $admin_color);

if ( empty($use_ssl) )
$use_ssl = 0;

if ( empty($user_registered) )
$user_registered = gmdate(‘Y-m-d H:i:s’);

$user_nicename_check = $wpdb->get_var( $wpdb->prepare(“SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1″ , $user_nicename, $user_login));

if ( $user_nicename_check ) {
$suffix = 2;
while ($user_nicename_check) {
$alt_user_nicename = $user_nicename . “-$suffix”;
$user_nicename_check = $wpdb->get_var( $wpdb->prepare(“SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1″ , $alt_user_nicename, $user_login));
$suffix++;
}
$user_nicename = $alt_user_nicename;
}

$data = compact( ‘user_pass’, ‘user_email’, ‘user_url’, ‘user_nicename’, ‘display_name’, ‘user_registered’ );
$data = stripslashes_deep( $data );

if ( $update ) {
$wpdb->update( $wpdb->users, $data, compact( ‘ID’ ) );
$user_id = (int) $ID;
} else {
$wpdb->insert( $wpdb->users, $data + compact( ‘user_login’ ) );
$user_id = (int) $wpdb->insert_id;
}

update_user_meta( $user_id, ‘first_name’, $first_name);
update_user_meta( $user_id, ‘last_name’, $last_name);
update_user_meta( $user_id, ‘nickname’, $nickname );
update_user_meta( $user_id, ‘description’, $description );
update_user_meta( $user_id, ‘rich_editing’, $rich_editing);
update_user_meta( $user_id, ‘comment_shortcuts’, $comment_shortcuts);
update_user_meta( $user_id, ‘admin_color’, $admin_color);
update_user_meta( $user_id, ‘use_ssl’, $use_ssl);

foreach ( _wp_get_user_contactmethods() as $method => $name ) {
if ( empty($$method) )
$$method = ”;

update_user_meta( $user_id, $method, $$method );
}

if ( isset($role) ) {
$user = new WP_User($user_id);
$user->set_role($role);
} elseif ( !$update ) {
$user = new WP_User($user_id);
$user->set_role(get_option(‘default_role’));
}

wp_cache_delete($user_id, ‘users’);
wp_cache_delete($user_login, ‘userlogins’);

if ( $update )
do_action(‘profile_update’, $user_id, $old_user_data);
else
do_action(‘user_register’, $user_id);

return $user_id;
}

/**
* Update an user in the database.
*
* It is possible to update a user’s password by specifying the ‘user_pass’
* value in the $userdata parameter array.
*
* If $userdata does not contain an ‘ID’ key, then a new user will be created
* and the new user’s ID will be returned.
*
* If current user’s password is being updated, then the cookies will be
* cleared.
*
* @since 2.0.0
* @see wp_insert_user() For what fields can be set in $userdata
* @uses wp_insert_user() Used to update existing user or add new one if user doesn’t exist already
*
* @param array $userdata An array of user data.
* @return int The updated user’s ID.
*/
function wp_update_user($userdata) {
$ID = (int) $userdata['ID'];

// First, get all of the original fields
$user = get_userdata($ID);

// Escape data pulled from DB.
$user = add_magic_quotes(get_object_vars($user));

// If password is changing, hash it now.
if ( ! empty($userdata['user_pass']) ) {
$plaintext_pass = $userdata['user_pass'];
$userdata['user_pass'] = wp_hash_password($userdata['user_pass']);
}

wp_cache_delete($user[ 'user_email' ], ‘useremail’);

// Merge old and new fields with new fields overwriting old ones.
$userdata = array_merge($user, $userdata);
$user_id = wp_insert_user($userdata);

// Update the cookies if the password changed.
$current_user = wp_get_current_user();
if ( $current_user->id == $ID ) {
if ( isset($plaintext_pass) ) {
wp_clear_auth_cookie();
wp_set_auth_cookie($ID);
}
}

return $user_id;
}

/**
* A simpler way of inserting an user into the database.
*
* Creates a new user with just the username, password, and email. For a more
* detail creation of a user, use wp_insert_user() to specify more infomation.
*
* @since 2.0.0
* @see wp_insert_user() More complete way to create a new user
*
* @param string $username The user’s username.
* @param string $password The user’s password.
* @param string $email The user’s email (optional).
* @return int The new user’s ID.
*/
function wp_create_user($username, $password, $email = ”) {
$user_login = esc_sql( $username );
$user_email = esc_sql( $email    );
$user_pass = $password;

$userdata = compact(‘user_login’, ‘user_email’, ‘user_pass’);
return wp_insert_user($userdata);
}

/**
* Set up the default contact methods
*
* @access private
* @since
*
* @return array $user_contactmethods Array of contact methods and their labels.
*/
function _wp_get_user_contactmethods() {
$user_contactmethods = array(
‘aim’ => __(‘AIM’),
‘yim’ => __(‘Yahoo IM’),
‘Phone’ => __(‘Phone’),
‘members’ => __(‘Members Email’),
‘jabber’ => __(‘Jabber / Google Talk’)
);
return apply_filters(‘user_contactmethods’,$user_contactmethods);
}

?>
User.php (upside of this file is that you can also see/edit everything using the wordpress dashboard)<?php
/**
* WordPress User API
*
* @package WordPress
*/

/**
* Authenticate user with remember capability.
*
* The credentials is an array that has ‘user_login’, ‘user_password’, and
* ‘remember’ indices. If the credentials is not given, then the log in form
* will be assumed and used if set.
*
* The various authentication cookies will be set by this function and will be
* set for a longer period depending on if the ‘remember’ credential is set to
* true.
*
* @since 2.5.0
*
* @param array $credentials Optional. User info in order to sign on.
* @param bool $secure_cookie Optional. Whether to use secure cookie.
* @return object Either WP_Error on failure, or WP_User on success.
*/
function wp_signon( $credentials = ”, $secure_cookie = ” ) {
if ( empty($credentials) ) {
if ( ! empty($_POST['log']) )
$credentials['user_login'] = $_POST['log'];
if ( ! empty($_POST['pwd']) )
$credentials['user_password'] = $_POST['pwd'];
if ( ! empty($_POST['rememberme']) )
$credentials['remember'] = $_POST['rememberme'];
}

if ( !empty($credentials['remember']) )
$credentials['remember'] = true;
else
$credentials['remember'] = false;

// TODO do we deprecate the wp_authentication action?
do_action_ref_array(‘wp_authenticate’, array(&$credentials['user_login'], &$credentials['user_password']));

if ( ” === $secure_cookie )
$secure_cookie = is_ssl();

global $auth_secure_cookie; // XXX ugly hack to pass this to wp_authenticate_cookie
$auth_secure_cookie = $secure_cookie;

add_filter(‘authenticate’, ‘wp_authenticate_cookie’, 30, 3);

$user = wp_authenticate($credentials['user_login'], $credentials['user_password']);

if ( is_wp_error($user) ) {
if ( $user->get_error_codes() == array(‘empty_username’, ‘empty_password’) ) {
$user = new WP_Error(”, ”);
}

return $user;
}

wp_set_auth_cookie($user->ID, $credentials['remember'], $secure_cookie);
do_action(‘wp_login’, $credentials['user_login']);
return $user;
}

/**
* Authenticate the user using the username and password.
*/
add_filter(‘authenticate’, ‘wp_authenticate_username_password’, 20, 3);
function wp_authenticate_username_password($user, $username, $password) {
if ( is_a($user, ‘WP_User’) ) { return $user; }

if ( empty($username) || empty($password) ) {
$error = new WP_Error();

if ( empty($username) )
$error->add(‘empty_username’, __(‘<strong>ERROR</strong>: The username field is empty.’));

if ( empty($password) )
$error->add(‘empty_password’, __(‘<strong>ERROR</strong>: The password field is empty.’));

return $error;
}

$userdata = get_user_by(‘login’, $username);

if ( !$userdata )
return new WP_Error(‘invalid_username’, sprintf(__(‘<strong>ERROR</strong>: Invalid username. <a href=”%s” title=”Password Lost and Found”>Lost your password</a>?’), site_url(‘wp-login.php?action=lostpassword’, ‘login’)));

if ( is_multisite() ) {
// Is user marked as spam?
if ( 1 == $userdata->spam)
return new WP_Error(‘invalid_username’, __(‘<strong>ERROR</strong>: Your account has been marked as a spammer.’));

// Is a user’s blog marked as spam?
if ( !is_super_admin( $userdata->ID ) && isset($userdata->primary_blog) ) {
$details = get_blog_details( $userdata->primary_blog );
if ( is_object( $details ) && $details->spam == 1 )
return new WP_Error(‘blog_suspended’, __(‘Site Suspended.’));
}
}

$userdata = apply_filters(‘wp_authenticate_user’, $userdata, $password);
if ( is_wp_error($userdata) )
return $userdata;

if ( !wp_check_password($password, $userdata->user_pass, $userdata->ID) )
return new WP_Error(‘incorrect_password’, sprintf(__(‘<strong>ERROR</strong>: Incorrect password. <a href=”%s” title=”Password Lost and Found”>Lost your password</a>?’), site_url(‘wp-login.php?action=lostpassword’, ‘login’)));

$user = new WP_User($userdata->ID);
return $user;
}

/**
* Authenticate the user using the WordPress auth cookie.
*/
function wp_authenticate_cookie($user, $username, $password) {
if ( is_a($user, ‘WP_User’) ) { return $user; }

if ( empty($username) && empty($password) ) {
$user_id = wp_validate_auth_cookie();
if ( $user_id )
return new WP_User($user_id);

global $auth_secure_cookie;

if ( $auth_secure_cookie )
$auth_cookie = SECURE_AUTH_COOKIE;
else
$auth_cookie = AUTH_COOKIE;

if ( !empty($_COOKIE[$auth_cookie]) )
return new WP_Error(‘expired_session’, __(‘Please log in again.’));

// If the cookie is not set, be silent.
}

return $user;
}

/**
* Number of posts user has written.
*
* @since 3.0.0
* @uses $wpdb WordPress database object for queries.
*
* @param int $userid User ID.
* @return int Amount of posts user has written.
*/
function count_user_posts($userid) {
global $wpdb;

$where = get_posts_by_author_sql(‘post’, TRUE, $userid);

$count = $wpdb->get_var( “SELECT COUNT(*) FROM $wpdb->posts $where” );

return apply_filters(‘get_usernumposts’, $count, $userid);
}

/**
* Number of posts written by a list of users.
*
* @since 3.0.0
* @param array $userid User ID number list.
* @return array Amount of posts each user has written.
*/
function count_many_users_posts($users) {
global $wpdb;

$count = array();
if ( ! is_array($users) || empty( $users ) )
return $count;

$userlist = implode( ‘,’, $users );
$where = get_posts_by_author_sql( ‘post’ );

$result = $wpdb->get_results( “SELECT post_author, COUNT(*) FROM $wpdb->posts $where AND post_author IN ($userlist) GROUP BY post_author”, ARRAY_N );
foreach ( $result as $row ) {
$count[ $row[0] ] = $row[1];
}

foreach ( $users as $id ) {
if ( ! isset( $count[ $id ] ) )
$count[ $id ] = 0;
}

return $count;
}

/**
* Check that the user login name and password is correct.
*
* @since 0.71
* @todo xmlrpc only. Maybe move to xmlrpc.php.
*
* @param string $user_login User name.
* @param string $user_pass User password.
* @return bool False if does not authenticate, true if username and password authenticates.
*/
function user_pass_ok($user_login, $user_pass) {
$user = wp_authenticate($user_login, $user_pass);
if ( is_wp_error($user) )
return false;

return true;
}

//
// User option functions
//

/**
* Get the current user’s ID
*
* @since MU
*
* @uses wp_get_current_user
*
* @return int The current user’s ID
*/
function get_current_user_id() {
$user = wp_get_current_user();
return ( isset( $user->ID ) ? (int) $user->ID : 0 );
}

/**
* Retrieve user option that can be either per Site or per Network.
*
* If the user ID is not given, then the current user will be used instead. If
* the user ID is given, then the user data will be retrieved. The filter for
* the result, will also pass the original option name and finally the user data
* object as the third parameter.
*
* The option will first check for the per site name and then the per Network name.
*
* @since 2.0.0
* @uses $wpdb WordPress database object for queries.
* @uses apply_filters() Calls ‘get_user_option_$option’ hook with result,
*       option parameter, and user data object.
*
* @param string $option User option name.
* @param int $user Optional. User ID.
* @param bool $deprecated Use get_option() to check for an option in the options table.
* @return mixed
*/
function get_user_option( $option, $user = 0, $deprecated = ” ) {
global $wpdb;

if ( !empty( $deprecated ) )
_deprecated_argument( __FUNCTION__, ’3.0′ );

if ( empty($user) ) {
$user = wp_get_current_user();
$user = $user->ID;
}

$user = get_userdata($user);

// Keys used as object vars cannot have dashes.
$key = str_replace(‘-’, ”, $option);

if ( isset( $user->{$wpdb->prefix . $key} ) ) // Blog specific
$result = $user->{$wpdb->prefix . $key};
elseif ( isset( $user->{$key} ) ) // User specific and cross-blog
$result = $user->{$key};
else
$result = false;

return apply_filters(“get_user_option_{$option}”, $result, $option, $user);
}

/**
* Update user option with global blog capability.
*
* User options are just like user metadata except that they have support for
* global blog options. If the ‘global’ parameter is false, which it is by default
* it will prepend the WordPress table prefix to the option name.
*
* Deletes the user option if $newvalue is empty.
*
* @since 2.0.0
* @uses $wpdb WordPress database object for queries
*
* @param int $user_id User ID
* @param string $option_name User option name.
* @param mixed $newvalue User option value.
* @param bool $global Optional. Whether option name is global or blog specific. Default false (blog specific).
* @return unknown
*/
function update_user_option( $user_id, $option_name, $newvalue, $global = false ) {
global $wpdb;

if ( !$global )
$option_name = $wpdb->prefix . $option_name;

// For backward compatibility. See differences between update_user_meta() and deprecated update_usermeta().
// http://core.trac.wordpress.org/ticket/13088
if ( is_null( $newvalue ) || is_scalar( $newvalue ) && empty( $newvalue ) )
return delete_user_meta( $user_id, $option_name );

return update_user_meta( $user_id, $option_name, $newvalue );
}

/**
* Delete user option with global blog capability.
*
* User options are just like user metadata except that they have support for
* global blog options. If the ‘global’ parameter is false, which it is by default
* it will prepend the WordPress table prefix to the option name.
*
* @since 3.0.0
* @uses $wpdb WordPress database object for queries
*
* @param int $user_id User ID
* @param string $option_name User option name.
* @param bool $global Optional. Whether option name is global or blog specific. Default false (blog specific).
* @return unknown
*/
function delete_user_option( $user_id, $option_name, $global = false ) {
global $wpdb;

if ( !$global )
$option_name = $wpdb->prefix . $option_name;
return delete_user_meta( $user_id, $option_name );
}

/**
* Get users for the blog.
*
* For setups that use the multi-blog feature. Can be used outside of the
* multi-blog feature.
*
* @since 2.2.0
* @uses $wpdb WordPress database object for queries
* @uses $blog_id The Blog id of the blog for those that use more than one blog
*
* @param int $id Blog ID.
* @return array List of users that are part of that Blog ID
*/
function get_users_of_blog( $id = ” ) {
global $wpdb, $blog_id;
if ( empty($id) )
$id = (int) $blog_id;
$blog_prefix = $wpdb->get_blog_prefix($id);
$users = $wpdb->get_results( “SELECT user_id, user_id AS ID, user_login, display_name, user_email, Phone, members, user_Phone, meta_value FROM $wpdb->users, $wpdb->usermeta WHERE {$wpdb->users}.ID = {$wpdb->usermeta}.user_id AND meta_key = ‘{$blog_prefix}capabilities’ ORDER BY {$wpdb->usermeta}.user_id” );
return $users;
}

/**
* Add meta data field to a user.
*
* Post meta data is called “Custom Fields” on the Administration Panels.
*
* @since 3.0.0
* @uses add_metadata()
* @link http://codex.wordpress.org/Function_Reference/add_user_meta
*
* @param int $user_id Post ID.
* @param string $key Metadata name.
* @param mixed $value Metadata value.
* @param bool $unique Optional, default is false. Whether the same key should not be added.
* @return bool False for failure. True for success.
*/
function add_user_meta($user_id, $meta_key, $meta_value, $unique = false) {
return add_metadata(‘user’, $user_id, $meta_key, $meta_value, $unique);
}

/**
* Remove metadata matching criteria from a user.
*
* You can match based on the key, or key and value. Removing based on key and
* value, will keep from removing duplicate metadata with the same key. It also
* allows removing all metadata matching key, if needed.
*
* @since 3.0.0
* @uses delete_metadata()
* @link http://codex.wordpress.org/Function_Reference/delete_user_meta
*
* @param int $user_id user ID
* @param string $meta_key Metadata name.
* @param mixed $meta_value Optional. Metadata value.
* @return bool False for failure. True for success.
*/
function delete_user_meta($user_id, $meta_key, $meta_value = ”) {
return delete_metadata(‘user’, $user_id, $meta_key, $meta_value);
}

/**
* Retrieve user meta field for a user.
*
* @since 3.0.0
* @uses get_metadata()
* @link http://codex.wordpress.org/Function_Reference/get_user_meta
*
* @param int $user_id Post ID.
* @param string $key The meta key to retrieve.
* @param bool $single Whether to return a single value.
* @return mixed Will be an array if $single is false. Will be value of meta data field if $single
* is true.
*/
function get_user_meta($user_id, $key, $single = false) {
return get_metadata(‘user’, $user_id, $key, $single);
}

/**
* Update user meta field based on user ID.
*
* Use the $prev_value parameter to differentiate between meta fields with the
* same key and user ID.
*
* If the meta field for the user does not exist, it will be added.
*
* @since 3.0.0
* @uses update_metadata
* @link http://codex.wordpress.org/Function_Reference/update_user_meta
*
* @param int $user_id Post ID.
* @param string $key Metadata key.
* @param mixed $value Metadata value.
* @param mixed $prev_value Optional. Previous value to check before removing.
* @return bool False on failure, true if success.
*/
function update_user_meta($user_id, $meta_key, $meta_value, $prev_value = ”) {
return update_metadata(‘user’, $user_id, $meta_key, $meta_value, $prev_value);
}

/**
* Count number of users who have each of the user roles.
*
* Assumes there are neither duplicated nor orphaned capabilities meta_values.
* Assumes role names are unique phrases. Same assumption made by WP_User_Search::prepare_query()
* Using $strategy = ‘time’ this is CPU-intensive and should handle around 10^7 users.
* Using $strategy = ‘memory’ this is memory-intensive and should handle around 10^5 users, but see WP Bug #12257.
*
* @since 3.0.0
* @param string $strategy ‘time’ or ‘memory’
* @return array Includes a grand total and an array of counts indexed by role strings.
*/
function count_users($strategy = ‘time’) {
global $wpdb, $blog_id, $wp_roles;

// Initialize
$id = (int) $blog_id;
$blog_prefix = $wpdb->get_blog_prefix($id);
$result = array();

if ( ‘time’ == $strategy ) {
global $wp_roles;

if ( ! isset( $wp_roles ) )
$wp_roles = new WP_Roles();

$avail_roles = $wp_roles->get_names();

// Build a CPU-intensive query that will return concise information.
$select_count = array();
foreach ( $avail_roles as $this_role => $name ) {
$select_count[] = “COUNT(NULLIF(`meta_value` LIKE ‘%” . like_escape($this_role) . “%’, FALSE))”;
}
$select_count = implode(‘, ‘, $select_count);

// Add the meta_value index to the selection list, then run the query.
$row = $wpdb->get_row( “SELECT $select_count, COUNT(*) FROM $wpdb->usermeta WHERE meta_key = ‘{$blog_prefix}capabilities’”, ARRAY_N );

// Run the previous loop again to associate results with role names.
$col = 0;
$role_counts = array();
foreach ( $avail_roles as $this_role => $name ) {
$count = (int) $row[$col++];
if ($count > 0) {
$role_counts[$this_role] = $count;
}
}

// Get the meta_value index from the end of the result set.
$total_users = (int) $row[$col];

$result['total_users'] = $total_users;
$result['avail_roles'] =& $role_counts;
} else {
$avail_roles = array();

$users_of_blog = $wpdb->get_col( “SELECT meta_value FROM $wpdb->usermeta WHERE meta_key = ‘{$blog_prefix}capabilities’” );

foreach ( $users_of_blog as $caps_meta ) {
$b_roles = unserialize($caps_meta);
if ( is_array($b_roles) ) {
foreach ( $b_roles as $b_role => $val ) {
if ( isset($avail_roles[$b_role]) ) {
$avail_roles[$b_role]++;
} else {
$avail_roles[$b_role] = 1;
}
}
}
}

$result['total_users'] = count( $users_of_blog );
$result['avail_roles'] =& $avail_roles;
}

return $result;
}

//
// Private helper functions
//

/**
* Set up global user vars.
*
* Used by wp_set_current_user() for back compat. Might be deprecated in the future.
*
* @since 2.0.4
* @global string $userdata User description.
* @global string $user_login The user username for logging in
* @global int $user_level The level of the user
* @global int $user_ID The ID of the user
* @global string $user_email The email address of the user
* @global string $user_url The url in the user’s profile
* @global string $user_pass_md5 MD5 of the user’s password
* @global string $user_identity The display name of the user
*
* @param int $for_user_id Optional. User ID to set up global data.
*/
function setup_userdata($for_user_id = ”) {
global $user_login, $userdata, $user_level, $user_ID, $user_email, $Phone, $members, $user_url, $user_pass_md5, $user_identity;

if ( ” == $for_user_id )
$user = wp_get_current_user();
else
$user = new WP_User($for_user_id);

$userdata   = $user->data;
$user_ID    = (int) $user->ID;
$user_level = (int) isset($user->user_level) ? $user->user_level : 0;

if ( 0 == $user->ID ) {
$user_login = $user_email = $user_url = $Phone = $members = $user_pass_md5 = $user_identity = ”;
return;
}

$user_login   = $user->user_login;
$user_email   = $user->user_email;
$members   = $members->members;
$Phone   = $Phone->Phone;
$user_url   = $user->user_url;
$user_pass_md5   = md5($user->user_pass);
$user_identity   = $user->display_name;
}

/**
* Create dropdown HTML content of users.
*
* The content can either be displayed, which it is by default or retrieved by
* setting the ‘echo’ argument. The ‘include’ and ‘exclude’ arguments do not
* need to be used; all users will be displayed in that case. Only one can be
* used, either ‘include’ or ‘exclude’, but not both.
*
* The available arguments are as follows:
* <ol>
* <li>show_option_all – Text to show all and whether HTML option exists.</li>
* <li>show_option_none – Text for show none and whether HTML option exists.
*     </li>
* <li>orderby – SQL order by clause for what order the users appear. Default is
* ‘display_name’.</li>
* <li>order – Default is ‘ASC’. Can also be ‘DESC’.</li>
* <li>include – User IDs to include.</li>
* <li>exclude – User IDs to exclude.</li>
* <li>multi – Default is ‘false’. Whether to skip the ID attribute on the ‘select’ element. A ‘true’ value is overridden when id argument is set.</li>
* <li>show – Default is ‘display_name’. User table column to display. If the selected item is empty then the user_login will be displayed in parentesis</li>
* <li>echo – Default is ’1′. Whether to display or retrieve content.</li>
* <li>selected – Which User ID is selected.</li>
* <li>name – Default is ‘user’. Name attribute of select element.</li>
* <li>id – Default is the value of the ‘name’ parameter. ID attribute of select element.</li>
* <li>class – Class attribute of select element.</li>
* <li>blog_id – ID of blog (Multisite only). Defaults to ID of current blog.</li>
* </ol>
*
* @since 2.3.0
* @uses $wpdb WordPress database object for queries
*
* @param string|array $args Optional. Override defaults.
* @return string|null Null on display. String of HTML content on retrieve.
*/
function wp_dropdown_users( $args = ” ) {
global $wpdb;
$defaults = array(
‘show_option_all’ => ”, ‘show_option_none’ => ”,
‘orderby’ => ‘display_name’, ‘order’ => ‘ASC’,
‘include’ => ”, ‘exclude’ => ”, ‘multi’ => 0,
‘show’ => ‘display_name’, ‘echo’ => 1,
‘selected’ => 0, ‘name’ => ‘user’, ‘class’ => ”, ‘blog_id’ => $GLOBALS['blog_id'],
‘id’ => ”,
);

$defaults['selected'] = is_author() ? get_query_var( ‘author’ ) : 0;

$r = wp_parse_args( $args, $defaults );
extract( $r, EXTR_SKIP );

$blog_prefix = $wpdb->get_blog_prefix( $blog_id );
$query = “SELECT {$wpdb->users}.* FROM $wpdb->users, $wpdb->usermeta WHERE {$wpdb->users}.ID = {$wpdb->usermeta}.user_id AND meta_key = ‘{$blog_prefix}capabilities’”;

$query_where = array();

if ( is_array($include) )
$include = join(‘,’, $include);
$include = preg_replace(‘/[^0-9,]/’, ”, $include); // (int)
if ( $include )
$query_where[] = “ID IN ($include)”;

if ( is_array($exclude) )
$exclude = join(‘,’, $exclude);
$exclude = preg_replace(‘/[^0-9,]/’, ”, $exclude); // (int)
if ( $exclude )
$query_where[] = “ID NOT IN ($exclude)”;

if ( $query_where )
$query .= ” AND ” . join(‘ AND’, $query_where);

$query .= ” ORDER BY $orderby $order”;

$users = $wpdb->get_results( $query );

$output = ”;
if ( !empty($users) ) {
$name = esc_attr( $name );
if ( $multi && ! $id )
$id = ”;
else
$id = $id ? ” id=’” . esc_attr( $id ) . “‘” : ” id=’$name’”;

$output = “<select name=’{$name}’{$id} class=’$class’>\n”;

if ( $show_option_all )
$output .= “\t<option value=’0′>$show_option_all</option>\n”;

if ( $show_option_none ) {
$_selected = selected( -1, $selected, false );
$output .= “\t<option value=’-1′$_selected>$show_option_none</option>\n”;
}

foreach ( (array) $users as $user ) {
$user->ID = (int) $user->ID;
$_selected = selected( $user->ID, $selected, false );
$display = !empty($user->$show) ? $user->$show : ‘(‘. $user->user_login . ‘)’;
$output .= “\t<option value=’$user->ID’$_selected>” . esc_html($display) . “</option>\n”;
}

$output .= “</select>”;
}

$output = apply_filters(‘wp_dropdown_users’, $output);

if ( $echo )
echo $output;

return $output;
}

/**
* Add user meta data as properties to given user object.
*
* The finished user data is cached, but the cache is not used to fill in the
* user data for the given object. Once the function has been used, the cache
* should be used to retrieve user data. The intention is if the current data
* had been cached already, there would be no need to call this function.
*
* @access private
* @since 2.5.0
* @uses $wpdb WordPress database object for queries
*
* @param object $user The user data object.
*/
function _fill_user( &$user ) {
$metavalues = get_user_metavalues(array($user->ID));
_fill_single_user($user, $metavalues[$user->ID]);
}

/**
* Perform the query to get the $metavalues array(s) needed by _fill_user and _fill_many_users
*
* @since 3.0.0
* @param array $ids User ID numbers list.
* @return array of arrays. The array is indexed by user_id, containing $metavalues object arrays.
*/
function get_user_metavalues($ids) {
global $wpdb;

$clean = array_map(‘intval’, $ids);
if ( 0 == count($clean) )
return $objects;

$list = implode(‘,’, $clean);

$show = $wpdb->hide_errors();
$metavalues = $wpdb->get_results(“SELECT user_id, meta_key, meta_value FROM $wpdb->usermeta WHERE user_id IN ($list)”);
$wpdb->show_errors($show);

$objects = array();
foreach($clean as $id) {
$objects[$id] = array();
}
foreach($metavalues as $meta_object) {
$objects[$meta_object->user_id][] = $meta_object;
}

return $objects;
}

/**
* Unserialize user metadata, fill $user object, then cache everything.
*
* @since 3.0.0
* @param object $user The User object.
* @param array $metavalues An array of objects provided by get_user_metavalues()
*/
function _fill_single_user( &$user, &$metavalues ) {
global $wpdb;

foreach ( $metavalues as $meta ) {
$value = maybe_unserialize($meta->meta_value);
// Keys used as object vars cannot have dashes.
$key = str_replace(‘-’, ”, $meta->meta_key);
$user->{$key} = $value;
}

$level = $wpdb->prefix . ‘user_level’;
if ( isset( $user->{$level} ) )
$user->user_level = $user->{$level};

// For backwards compat.
if ( isset($user->first_name) )
$user->user_firstname = $user->first_name;
if ( isset($user->last_name) )
$user->user_lastname = $user->last_name;
if ( isset($user->description) )
$user->user_description = $user->description;

update_user_caches($user);
}

/**
* Take an array of user objects, fill them with metas, and cache them.
*
* @since 3.0.0
* @param array $users User objects
*/
function _fill_many_users( &$users ) {
$ids = array();
foreach($users as $user_object) {
$ids[] = $user_object->ID;
}

$metas = get_user_metavalues($ids);

foreach($users as $user_object) {
if (isset($metas[$user_object->ID])) {
_fill_single_user($user_object, $metas[$user_object->ID]);
}
}
}

/**
* Sanitize every user field.
*
* If the context is ‘raw’, then the user object or array will get minimal santization of the int fields.
*
* @since 2.3.0
* @uses sanitize_user_field() Used to sanitize the fields.
*
* @param object|array $user The User Object or Array
* @param string $context Optional, default is ‘display’. How to sanitize user fields.
* @return object|array The now sanitized User Object or Array (will be the same type as $user)
*/
function sanitize_user_object($user, $context = ‘display’) {
if ( is_object($user) ) {
if ( !isset($user->ID) )
$user->ID = 0;
if ( isset($user->data) )
$vars = get_object_vars( $user->data );
else
$vars = get_object_vars($user);
foreach ( array_keys($vars) as $field ) {
if ( is_string($user->$field) || is_numeric($user->$field) )
$user->$field = sanitize_user_field($field, $user->$field, $user->ID, $context);
}
$user->filter = $context;
} else {
if ( !isset($user['ID']) )
$user['ID'] = 0;
foreach ( array_keys($user) as $field )
$user[$field] = sanitize_user_field($field, $user[$field], $user['ID'], $context);
$user['filter'] = $context;
}

return $user;
}

/**
* Sanitize user field based on context.
*
* Possible context values are: ‘raw’, ‘edit’, ‘db’, ‘display’, ‘attribute’ and ‘js’. The
* ‘display’ context is used by default. ‘attribute’ and ‘js’ contexts are treated like ‘display’
* when calling filters.
*
* @since 2.3.0
* @uses apply_filters() Calls ‘edit_$field’ and ‘${field_no_prefix}_edit_pre’ passing $value and
* $user_id if $context == ‘edit’ and field name prefix == ‘user_’.
*
* @uses apply_filters() Calls ‘edit_user_$field’ passing $value and $user_id if $context == ‘db’.
* @uses apply_filters() Calls ‘pre_$field’ passing $value if $context == ‘db’ and field name prefix == ‘user_’.
* @uses apply_filters() Calls ‘${field}_pre’ passing $value if $context == ‘db’ and field name prefix != ‘user_’.
*
* @uses apply_filters() Calls ‘$field’ passing $value, $user_id and $context if $context == anything
* other than ‘raw’, ‘edit’ and ‘db’ and field name prefix == ‘user_’.
* @uses apply_filters() Calls ‘user_$field’ passing $value if $context == anything other than ‘raw’,
* ‘edit’ and ‘db’ and field name prefix != ‘user_’.
*
* @param string $field The user Object field name.
* @param mixed $value The user Object value.
* @param int $user_id user ID.
* @param string $context How to sanitize user fields. Looks for ‘raw’, ‘edit’, ‘db’, ‘display’,
*               ‘attribute’ and ‘js’.
* @return mixed Sanitized value.
*/
function sanitize_user_field($field, $value, $user_id, $context) {
$int_fields = array(‘ID’);
if ( in_array($field, $int_fields) )
$value = (int) $value;

if ( ‘raw’ == $context )
return $value;

if ( !is_string($value) && !is_numeric($value) )
return $value;

$prefixed = false;
if ( false !== strpos($field, ‘user_’) ) {
$prefixed = true;
$field_no_prefix = str_replace(‘user_’, ”, $field);
}

if ( ‘edit’ == $context ) {
if ( $prefixed ) {
$value = apply_filters(“edit_$field”, $value, $user_id);
} else {
$value = apply_filters(“edit_user_$field”, $value, $user_id);
}

if ( ‘description’ == $field )
$value = esc_html($value);
else
$value = esc_attr($value);
} else if ( ‘db’ == $context ) {
if ( $prefixed ) {
$value = apply_filters(“pre_$field”, $value);
} else {
$value = apply_filters(“pre_user_$field”, $value);
}
} else {
// Use display filters by default.
if ( $prefixed )
$value = apply_filters($field, $value, $user_id, $context);
else
$value = apply_filters(“user_$field”, $value, $user_id, $context);
}

if ( ‘user_url’ == $field )
$value = esc_url($value);

if ( ‘attribute’ == $context )
$value = esc_attr($value);
else if ( ‘js’ == $context )
$value = esc_js($value);

return $value;
}

/**
* Update all user caches
*
* @since 3.0.0
*
* @param object $user User object to be cached
*/
function update_user_caches(&$user) {
wp_cache_add($user->ID, $user, ‘users’);
wp_cache_add($user->user_login, $user->ID, ‘userlogins’);
wp_cache_add($user->user_email, $user->ID, ‘useremail’);
wp_cache_add($user->members, $user->ID, ‘members’);
wp_cache_add($user->Phone, $user->ID, ‘Phone’);
wp_cache_add($user->user_nicename, $user->ID, ‘userslugs’);
}

/**
* Clean all user caches
*
* @since 3.0.0
*
* @param int $id User ID
*/
function clean_user_cache($id) {
$user = new WP_User($id);

wp_cache_delete($id, ‘users’);
wp_cache_delete($user->user_login, ‘userlogins’);
wp_cache_delete($user->user_email, ‘useremail’);
wp_cache_delete($user->user_nicename, ‘userslugs’);
}

?>

You may want to consider recalling or renaming some of these files to protect your site from hackers. Let me know if you see problems with my code so I can share it with everyone else. You are welcome for saving you 4 days.