mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-07-13 19:56:27 +09:00
Add support for wordfence and limit login
This commit is contained in:
+82
-53
@@ -6,24 +6,24 @@
|
||||
add_action('um_submit_form_errors_hook_login', 'um_submit_form_errors_hook_login', 10);
|
||||
function um_submit_form_errors_hook_login( $args ){
|
||||
global $ultimatemember;
|
||||
|
||||
|
||||
$is_email = false;
|
||||
|
||||
|
||||
$form_id = $args['form_id'];
|
||||
$mode = $args['mode'];
|
||||
|
||||
if ( isset( $args['username'] ) && $args['username'] == '' ) {
|
||||
$ultimatemember->form->add_error( 'username', __('Please enter your username or email','ultimatemember') );
|
||||
}
|
||||
|
||||
|
||||
if ( isset( $args['user_login'] ) && $args['user_login'] == '' ) {
|
||||
$ultimatemember->form->add_error( 'user_login', __('Please enter your username','ultimatemember') );
|
||||
}
|
||||
|
||||
|
||||
if ( isset( $args['user_email'] ) && $args['user_email'] == '' ) {
|
||||
$ultimatemember->form->add_error( 'user_email', __('Please enter your email','ultimatemember') );
|
||||
}
|
||||
|
||||
|
||||
if ( isset( $args['username'] ) ) {
|
||||
$field = 'username';
|
||||
if ( is_email( $args['username'] ) ) {
|
||||
@@ -42,7 +42,7 @@
|
||||
$field = 'user_login';
|
||||
$user_name = $args['user_login'];
|
||||
}
|
||||
|
||||
|
||||
if ( !username_exists( $user_name ) ) {
|
||||
if ( $is_email ) {
|
||||
$ultimatemember->form->add_error( $field, __(' Sorry, we can\'t find an account with that email address','ultimatemember') );
|
||||
@@ -54,23 +54,52 @@
|
||||
$ultimatemember->form->add_error( 'user_password', __('Please enter your password','ultimatemember') );
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$user = get_user_by( 'login', $user_name );
|
||||
if ( $user && wp_check_password( $args['user_password'], $user->data->user_pass, $user->ID) ) {
|
||||
$ultimatemember->login->auth_id = username_exists( $user_name );
|
||||
} else {
|
||||
$ultimatemember->form->add_error( 'user_password', __('Password is incorrect. Please try again.','ultimatemember') );
|
||||
}
|
||||
|
||||
|
||||
// add a way for other plugins like wp limit login
|
||||
// to limit the login attempts
|
||||
$user = apply_filters( 'authenticate', null, $user_name, $args['user_password'] );
|
||||
|
||||
// if there is an error notify wp
|
||||
if( $ultimatemember->form->has_error( $field ) || $ultimatemember->form->has_error( $user_password ) ) {
|
||||
do_action( 'wp_login_failed', $user_name );
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Display the login errors from other plugins
|
||||
*/
|
||||
add_action( 'um_before_login_fields', 'um_display_login_errors' );
|
||||
function um_display_login_errors( $args ) {
|
||||
global $ultimatemember;
|
||||
|
||||
if( $ultimatemember->form->count_errors() > 0 ) {
|
||||
$error = array_values( $ultimatemember->form->errors );
|
||||
$error = array_shift( $error );
|
||||
}
|
||||
|
||||
// hook for other plugins to display error
|
||||
$errors = trim( apply_filters( 'login_errors', $error ) );
|
||||
|
||||
if( trim( $errors ) )
|
||||
{
|
||||
echo '<p class="um-notice err"><i class="um-icon-ios-close-empty" onclick="jQuery(this).parent().fadeOut();"></i>' . $errors . '</p>';
|
||||
}
|
||||
}
|
||||
|
||||
/***
|
||||
*** @login checks thru the frontend login
|
||||
***/
|
||||
add_action('um_submit_form_errors_hook_logincheck', 'um_submit_form_errors_hook_logincheck', 9999 );
|
||||
function um_submit_form_errors_hook_logincheck($args){
|
||||
global $ultimatemember;
|
||||
|
||||
|
||||
// Logout if logged in
|
||||
if ( is_user_logged_in() ) {
|
||||
wp_logout();
|
||||
@@ -78,10 +107,10 @@
|
||||
|
||||
$user_id = ( isset( $ultimatemember->login->auth_id ) ) ? $ultimatemember->login->auth_id : '';
|
||||
um_fetch_user( $user_id );
|
||||
|
||||
|
||||
$status = um_user('account_status'); // account status
|
||||
switch( $status ) {
|
||||
|
||||
|
||||
// If user can't login to site...
|
||||
case 'inactive':
|
||||
case 'awaiting_admin_review':
|
||||
@@ -90,15 +119,15 @@
|
||||
um_reset_user();
|
||||
exit( wp_redirect( add_query_arg( 'err', esc_attr( $status ), $ultimatemember->permalinks->get_current_url() ) ) );
|
||||
break;
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
if ( isset( $args['form_id'] ) && $args['form_id'] == $ultimatemember->shortcodes->core_login_form() && $ultimatemember->form->errors && !isset( $_POST[ $ultimatemember->honeypot ] ) ) {
|
||||
exit( wp_redirect( um_get_core_page('login') ) );
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
/***
|
||||
*** @store last login timestamp
|
||||
***/
|
||||
@@ -107,7 +136,7 @@
|
||||
delete_user_meta( $user_id, '_um_last_login' );
|
||||
update_user_meta( $user_id, '_um_last_login', current_time( 'timestamp' ) );
|
||||
}
|
||||
|
||||
|
||||
add_action( 'wp_login', 'um_store_lastlogin_timestamp_' );
|
||||
function um_store_lastlogin_timestamp_( $login ) {
|
||||
$user = get_user_by('login',$login);
|
||||
@@ -115,7 +144,7 @@
|
||||
delete_user_meta( $user_id, '_um_last_login' );
|
||||
update_user_meta( $user_id, '_um_last_login', current_time( 'timestamp' ) );
|
||||
}
|
||||
|
||||
|
||||
/***
|
||||
*** @login user
|
||||
***/
|
||||
@@ -125,57 +154,57 @@
|
||||
extract( $args );
|
||||
|
||||
$rememberme = ( isset($args['rememberme']) ) ? 1 : 0;
|
||||
|
||||
|
||||
if ( um_get_option('deny_admin_frontend_login') && strstr( um_user('wp_roles' ), 'administrator' ) )
|
||||
wp_die( __('This action has been prevented for security measures.','ultimatemember') );
|
||||
|
||||
|
||||
$ultimatemember->user->auto_login( um_user('ID'), $rememberme );
|
||||
|
||||
|
||||
// Hook that runs after successful login and before user is redirected
|
||||
do_action('um_on_login_before_redirect', um_user('ID') );
|
||||
|
||||
|
||||
// Priority redirect
|
||||
if ( isset( $args['redirect_to'] ) && ! empty( $args['redirect_to'] ) ) {
|
||||
exit( wp_redirect( urldecode( $args['redirect_to'] ) ) );
|
||||
}
|
||||
|
||||
|
||||
// Role redirect
|
||||
$after = um_user('after_login');
|
||||
switch( $after ) {
|
||||
|
||||
|
||||
case 'redirect_admin':
|
||||
exit( wp_redirect( admin_url() ) );
|
||||
break;
|
||||
|
||||
|
||||
case 'redirect_profile':
|
||||
exit( wp_redirect( um_user_profile_url() ) );
|
||||
break;
|
||||
|
||||
|
||||
case 'redirect_url':
|
||||
exit( wp_redirect( um_user('login_redirect_url') ) );
|
||||
break;
|
||||
|
||||
|
||||
case 'refresh':
|
||||
exit( wp_redirect( $ultimatemember->permalinks->get_current_url() ) );
|
||||
break;
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
/***
|
||||
*** @form processing
|
||||
***/
|
||||
add_action('um_submit_form_login', 'um_submit_form_login', 10);
|
||||
function um_submit_form_login($args){
|
||||
global $ultimatemember;
|
||||
|
||||
|
||||
if ( !isset($ultimatemember->form->errors) ) {
|
||||
do_action( 'um_user_login', $args );
|
||||
}
|
||||
|
||||
|
||||
do_action('um_user_login_extra_hook', $args );
|
||||
|
||||
|
||||
}
|
||||
|
||||
/***
|
||||
@@ -187,18 +216,18 @@
|
||||
|
||||
// DO NOT add when reviewing user's details
|
||||
if ( $ultimatemember->user->preview == true && is_admin() ) return;
|
||||
|
||||
|
||||
$primary_btn_word = $args['primary_btn_word'];
|
||||
$primary_btn_word = apply_filters('um_login_form_button_one', $primary_btn_word, $args );
|
||||
|
||||
|
||||
$secondary_btn_word = $args['secondary_btn_word'];
|
||||
$secondary_btn_word = apply_filters('um_login_form_button_two', $secondary_btn_word, $args );
|
||||
|
||||
|
||||
$secondary_btn_url = ( isset( $args['secondary_btn_url'] ) && $args['secondary_btn_url'] ) ? $args['secondary_btn_url'] : um_get_core_page('register');
|
||||
$secondary_btn_url = apply_filters('um_login_form_button_two_url', $secondary_btn_url, $args );
|
||||
|
||||
|
||||
?>
|
||||
|
||||
|
||||
<div class="um-col-alt">
|
||||
|
||||
<?php if ( isset( $args['show_rememberme'] ) && $args['show_rememberme'] ) {
|
||||
@@ -207,20 +236,20 @@
|
||||
} ?>
|
||||
|
||||
<?php if ( isset($args['secondary_btn']) && $args['secondary_btn'] != 0 ) { ?>
|
||||
|
||||
|
||||
<div class="um-left um-half"><input type="submit" value="<?php echo $primary_btn_word; ?>" class="um-button" /></div>
|
||||
<div class="um-right um-half"><a href="<?php echo $secondary_btn_url; ?>" class="um-button um-alt"><?php echo $secondary_btn_word; ?></a></div>
|
||||
|
||||
|
||||
<?php } else { ?>
|
||||
|
||||
|
||||
<div class="um-center"><input type="submit" value="<?php echo $args['primary_btn_word']; ?>" class="um-button" /></div>
|
||||
|
||||
|
||||
<?php } ?>
|
||||
|
||||
|
||||
<div class="um-clear"></div>
|
||||
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
<?php
|
||||
}
|
||||
|
||||
@@ -228,27 +257,27 @@
|
||||
*** @Display a forgot password link
|
||||
***/
|
||||
add_action('um_after_login_fields', 'um_after_login_submit', 1001);
|
||||
function um_after_login_submit( $args ){
|
||||
function um_after_login_submit( $args ){
|
||||
global $ultimatemember;
|
||||
|
||||
if ( $args['forgot_pass_link'] == 0 ) return;
|
||||
|
||||
|
||||
?>
|
||||
|
||||
|
||||
<div class="um-col-alt-b">
|
||||
<a href="<?php echo um_get_core_page('password-reset'); ?>" class="um-link-alt"><?php _e('Forgot your password?','ultimatemember'); ?></a>
|
||||
</div>
|
||||
|
||||
|
||||
<?php
|
||||
}
|
||||
|
||||
|
||||
/***
|
||||
*** @Show Fields
|
||||
***/
|
||||
add_action('um_main_login_fields', 'um_add_login_fields', 100);
|
||||
function um_add_login_fields($args){
|
||||
global $ultimatemember;
|
||||
|
||||
|
||||
echo $ultimatemember->fields->display( 'login', $args );
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
+19
-5
@@ -20,6 +20,20 @@ class UM_Form {
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Count the form errors.
|
||||
* @return integer
|
||||
*/
|
||||
function count_errors() {
|
||||
$errors = $this->errors;
|
||||
|
||||
if( $errors && is_array( $errors ) ) {
|
||||
return count( $errors );
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/***
|
||||
*** @add errors
|
||||
***/
|
||||
@@ -67,7 +81,7 @@ class UM_Form {
|
||||
|
||||
$this->form_id = $_POST['form_id'];
|
||||
$this->form_status = get_post_status( $this->form_id );
|
||||
|
||||
|
||||
|
||||
if ( $this->form_status == 'publish' ) {
|
||||
|
||||
@@ -77,11 +91,11 @@ class UM_Form {
|
||||
$this->post_form = $this->beautify( $this->post_form );
|
||||
|
||||
$this->form_data = $ultimatemember->query->post_data( $this->form_id );
|
||||
|
||||
|
||||
$this->post_form['submitted'] = $this->post_form;
|
||||
|
||||
$this->post_form = array_merge( $this->form_data, $this->post_form );
|
||||
|
||||
|
||||
$role = $this->assigned_role( $this->form_id );
|
||||
|
||||
if( $role && isset( $this->form_data['custom_fields'] ) && ! strstr( $this->form_data['custom_fields'], 'role_' ) ){ // has assigned role. Validate non-global forms
|
||||
@@ -114,7 +128,7 @@ class UM_Form {
|
||||
}
|
||||
|
||||
/* Continue based on form mode - pre-validation */
|
||||
|
||||
|
||||
do_action('um_submit_form_errors_hook', $this->post_form );
|
||||
|
||||
do_action("um_submit_form_{$this->post_form['mode']}", $this->post_form );
|
||||
@@ -171,7 +185,7 @@ class UM_Form {
|
||||
function assigned_role( $post_id ){
|
||||
|
||||
$register_use_globals = get_post_meta( $post_id, '_um_register_use_globals', true);
|
||||
|
||||
|
||||
if( $register_use_globals == 1 ){
|
||||
$role = um_get_option('default_role');
|
||||
}else if( $register_use_globals == 0 ){
|
||||
|
||||
Reference in New Issue
Block a user