get_users( array $args = array() ): array
Retrieves list of users matching criteria.
Contents
Description
See also
Parameters
-
$args
array Optional -
Arguments to retrieve users. See WP_User_Query::prepare_query() for more information on accepted arguments.
More Arguments from WP_User_Query::prepare_query( ... $query )
Array or string of query parameters.
blog_id
intThe site ID. Default is the current site.role
string|string[]An array or a comma-separated list of role names that users must match to be included in results. Note that this is an inclusive list: users must match *each* role.role__in
string[]An array of role names. Matched users must have at least one of these roles.role__not_in
string[]An array of role names to exclude. Users matching one or more of these roles will not be included in results.meta_key
string|string[]Meta key or keys to filter by.meta_value
string|string[]Meta value or values to filter by.meta_compare
stringMySQL operator used for comparing the meta value.
See WP_Meta_Query::__construct() for accepted values and default value.meta_compare_key
stringMySQL operator used for comparing the meta key.
See WP_Meta_Query::__construct() for accepted values and default value.meta_type
stringMySQL data type that the meta_value column will be CAST to for comparisons.
See WP_Meta_Query::__construct() for accepted values and default value.meta_type_key
stringMySQL data type that the meta_key column will be CAST to for comparisons.
See WP_Meta_Query::__construct() for accepted values and default value.meta_query
arrayAn associative array of WP_Meta_Query arguments.
See WP_Meta_Query::__construct() for accepted values.capability
string|string[]An array or a comma-separated list of capability names that users must match to be included in results. Note that this is an inclusive list: users must match *each* capability.
Does NOT work for capabilities not in the database or filtered via 'map_meta_cap'.
capability__in
string[]An array of capability names. Matched users must have at least one of these capabilities.
Does NOT work for capabilities not in the database or filtered via 'map_meta_cap'.
capability__not_in
string[]An array of capability names to exclude. Users matching one or more of these capabilities will not be included in results.
Does NOT work for capabilities not in the database or filtered via 'map_meta_cap'.
include
int[]An array of user IDs to include.exclude
int[]An array of user IDs to exclude.search
stringSearch keyword. Searches for possible string matches on columns.
When$search_columns
is left empty, it tries to determine which column to search in based on search string.search_columns
string[]Array of column names to be searched. Accepts'ID'
,'user_login'
,'user_email'
,'user_url'
,'user_nicename'
,'display_name'
.
orderby
string|arrayField(s) to sort the retrieved users by. May be a single value, an array of values, or a multi-dimensional array with fields as keys and orders ('ASC'
or'DESC'
) as values. Accepted values are:
'ID'
'display_name'
(or'name'
)'include'
'user_login'
(or'login'
)'login__in'
'user_nicename'
(or'nicename'
),'nicename__in'
- 'user_email (or
'email'
) 'user_url'
(or'url'
),'user_registered'
(or'registered'
)'post_count'
'meta_value'
,'meta_value_num'
- The value of
$meta_key
- An array key of
$meta_query
To use'meta_value'
or'meta_value_num'
,$meta_key
must be also be defined. Default'user_login'
.
order
stringDesignates ascending or descending order of users. Order values passed as part of an$orderby
array take precedence over this parameter. Accepts'ASC'
,'DESC'
. Default'ASC'
.offset
intNumber of users to offset in retrieved results. Can be used in conjunction with pagination. Default 0.number
intNumber of users to limit the query for. Can be used in conjunction with pagination. Value -1 (all) is supported, but should be used with caution on larger sites.
Default -1 (all users).paged
intWhen used with number, defines the page of results to return.
Default 1.count_total
boolWhether to count the total number of users found. If pagination is not needed, setting this to false can improve performance.
Default true.fields
string|string[]Which fields to return. Single or all fields (string), or array of fields. Accepts:
'ID'
'display_name'
'user_login'
'user_nicename'
'user_email'
'user_url'
'user_registered'
'user_pass'
'user_activation_key'
'user_status'
'spam'
(only available on multisite installs)'deleted'
(only available on multisite installs)'all'
for all fields and loads user meta.'all_with_meta'
Deprecated. Use'all'
.
'all'
.who
stringType of users to query. Accepts'authors'
.
Default empty (all users).has_published_posts
bool|string[]Pass an array of post types to filter results to users who have published posts in those post types.true
is an alias for all public post types.nicename
stringThe user nicename.nicename__in
string[]An array of nicenames to include. Users matching one of these nicenames will be included in results.nicename__not_in
string[]An array of nicenames to exclude. Users matching one of these nicenames will not be included in results.login
stringThe user login.login__in
string[]An array of logins to include. Users matching one of these logins will be included in results.login__not_in
string[]An array of logins to exclude. Users matching one of these logins will not be included in results.cache_results
boolWhether to cache user information. Default true.
Default:
array()
Return
array List of users.
More Information
Return value is an array of IDs, stdClass objects, or WP_User objects, depending on the value of the ‘fields‘ parameter.
- If ‘fields‘ is set to ‘all’ (default), or ‘all_with_meta’, it will return an array of WP_User objects.
- If ‘fields‘ is set to an array of wp_users table fields, it will return an array of stdClass objects with only those fields.
- If ‘fields‘ is set to any individual wp_users table field, an array of IDs will be returned.
Source
File: wp-includes/user.php
.
View all references
function get_users( $args = array() ) {
$args = wp_parse_args( $args );
$args['count_total'] = false;
$user_search = new WP_User_Query( $args );
return (array) $user_search->get_results();
}
Changelog
Version | Description |
---|---|
3.1.0 | Introduced. |
User Contributed Notes
You must log in before being able to contribute a note or feedback.
Please note that if you search by `meta_value` and it ends up being `”` (an empty string), the query, which is really a wrap over the `WP_User_Query` class and hence this applies to other functions as well, ends up forfeiting the check for the `meta_value` and simply downgrades to searching by `meta_key` only.
Please be very careful when you have `meta_values` that are dynamic or that you can’t/don’t check for this exact case, if the list that you retrieve using this query is used for something important, you might end up with security holes.
“User input should be parsed”. Yes, but, user input should not be immediately `esc_html`’d or the like, escape at output, sanitize before queries and now that we know this, check for validity — but here lies the problem, we, as well as some people who’ve been with WP for 10+ years didn’t know about this behavior. A `preg_match` fixes it all, yes, but only if your assumptions are updated with this knowledge.
Additionally, this is not a case of “you just forgot to parse”, we parse everything that comes inside and had security audits on our core codebase pieces but just simply weren’t aware of this behavior and assumed we didn’t even need to parse.
I’ve opened a ticket about it if you’re interested in a PoC and how it affected us specifically: https://core.trac.wordpress.org/ticket/49641
An example of fetching users that match any one of an array of roles using
role__in
.An example using the ‘search’ field.
This example will find and display all users that have a user name, ID, email of “john”. You can also do wild card search by adding an * before or after your search query. For example, to search for all users that start with “jo”, you would pass something like “jo*”.
The results will be all users whose user names, IDs, or emails that start with “jo”. The * can be placed before or after your search query. When placed before, the results will be all users that end in your query.
A basic example to display all subscribers in an unordered list.
An example of querying by a specific field.
WP_User_Query now accepts fields options in WordPress 6.0
https://make.wordpress.org/core/2022/04/29/wp_user_query-now-accepts-fields-options-in-wordpress-6-0/
The default value of the
number
parameter is -1, which means it lists all the users. It can cause performance issues on larger sites, so it should be used with caution.