diff --git a/core/um-actions-login.php b/core/um-actions-login.php index 682db10e..3ba247af 100644 --- a/core/um-actions-login.php +++ b/core/um-actions-login.php @@ -6,24 +6,24 @@ add_action('um_submit_form_errors_hook_login', 'um_submit_form_errors_hook_login', 10); function um_submit_form_errors_hook_login( $args ){ global $ultimatemember; - + $is_email = false; - + $form_id = $args['form_id']; $mode = $args['mode']; if ( isset( $args['username'] ) && $args['username'] == '' ) { $ultimatemember->form->add_error( 'username', __('Please enter your username or email','ultimatemember') ); } - + if ( isset( $args['user_login'] ) && $args['user_login'] == '' ) { $ultimatemember->form->add_error( 'user_login', __('Please enter your username','ultimatemember') ); } - + if ( isset( $args['user_email'] ) && $args['user_email'] == '' ) { $ultimatemember->form->add_error( 'user_email', __('Please enter your email','ultimatemember') ); } - + if ( isset( $args['username'] ) ) { $field = 'username'; if ( is_email( $args['username'] ) ) { @@ -42,7 +42,7 @@ $field = 'user_login'; $user_name = $args['user_login']; } - + if ( !username_exists( $user_name ) ) { if ( $is_email ) { $ultimatemember->form->add_error( $field, __(' Sorry, we can\'t find an account with that email address','ultimatemember') ); @@ -54,23 +54,52 @@ $ultimatemember->form->add_error( 'user_password', __('Please enter your password','ultimatemember') ); } } - + $user = get_user_by( 'login', $user_name ); if ( $user && wp_check_password( $args['user_password'], $user->data->user_pass, $user->ID) ) { $ultimatemember->login->auth_id = username_exists( $user_name ); } else { $ultimatemember->form->add_error( 'user_password', __('Password is incorrect. Please try again.','ultimatemember') ); } - + + // add a way for other plugins like wp limit login + // to limit the login attempts + $user = apply_filters( 'authenticate', null, $user_name, $args['user_password'] ); + + // if there is an error notify wp + if( $ultimatemember->form->has_error( $field ) || $ultimatemember->form->has_error( $user_password ) ) { + do_action( 'wp_login_failed', $user_name ); + } } - + + /** + * Display the login errors from other plugins + */ + add_action( 'um_before_login_fields', 'um_display_login_errors' ); + function um_display_login_errors( $args ) { + global $ultimatemember; + + if( $ultimatemember->form->count_errors() > 0 ) { + $error = array_values( $ultimatemember->form->errors ); + $error = array_shift( $error ); + } + + // hook for other plugins to display error + $errors = trim( apply_filters( 'login_errors', $error ) ); + + if( trim( $errors ) ) + { + echo '

' . $errors . '

'; + } + } + /*** *** @login checks thru the frontend login ***/ add_action('um_submit_form_errors_hook_logincheck', 'um_submit_form_errors_hook_logincheck', 9999 ); function um_submit_form_errors_hook_logincheck($args){ global $ultimatemember; - + // Logout if logged in if ( is_user_logged_in() ) { wp_logout(); @@ -78,10 +107,10 @@ $user_id = ( isset( $ultimatemember->login->auth_id ) ) ? $ultimatemember->login->auth_id : ''; um_fetch_user( $user_id ); - + $status = um_user('account_status'); // account status switch( $status ) { - + // If user can't login to site... case 'inactive': case 'awaiting_admin_review': @@ -90,15 +119,15 @@ um_reset_user(); exit( wp_redirect( add_query_arg( 'err', esc_attr( $status ), $ultimatemember->permalinks->get_current_url() ) ) ); break; - + } - + if ( isset( $args['form_id'] ) && $args['form_id'] == $ultimatemember->shortcodes->core_login_form() && $ultimatemember->form->errors && !isset( $_POST[ $ultimatemember->honeypot ] ) ) { exit( wp_redirect( um_get_core_page('login') ) ); } - + } - + /*** *** @store last login timestamp ***/ @@ -107,7 +136,7 @@ delete_user_meta( $user_id, '_um_last_login' ); update_user_meta( $user_id, '_um_last_login', current_time( 'timestamp' ) ); } - + add_action( 'wp_login', 'um_store_lastlogin_timestamp_' ); function um_store_lastlogin_timestamp_( $login ) { $user = get_user_by('login',$login); @@ -115,7 +144,7 @@ delete_user_meta( $user_id, '_um_last_login' ); update_user_meta( $user_id, '_um_last_login', current_time( 'timestamp' ) ); } - + /*** *** @login user ***/ @@ -125,57 +154,57 @@ extract( $args ); $rememberme = ( isset($args['rememberme']) ) ? 1 : 0; - + if ( um_get_option('deny_admin_frontend_login') && strstr( um_user('wp_roles' ), 'administrator' ) ) wp_die( __('This action has been prevented for security measures.','ultimatemember') ); - + $ultimatemember->user->auto_login( um_user('ID'), $rememberme ); - + // Hook that runs after successful login and before user is redirected do_action('um_on_login_before_redirect', um_user('ID') ); - + // Priority redirect if ( isset( $args['redirect_to'] ) && ! empty( $args['redirect_to'] ) ) { exit( wp_redirect( urldecode( $args['redirect_to'] ) ) ); } - + // Role redirect $after = um_user('after_login'); switch( $after ) { - + case 'redirect_admin': exit( wp_redirect( admin_url() ) ); break; - + case 'redirect_profile': exit( wp_redirect( um_user_profile_url() ) ); break; - + case 'redirect_url': exit( wp_redirect( um_user('login_redirect_url') ) ); break; - + case 'refresh': exit( wp_redirect( $ultimatemember->permalinks->get_current_url() ) ); break; - + } - + } - + /*** *** @form processing ***/ add_action('um_submit_form_login', 'um_submit_form_login', 10); function um_submit_form_login($args){ global $ultimatemember; - + if ( !isset($ultimatemember->form->errors) ) { do_action( 'um_user_login', $args ); } - + do_action('um_user_login_extra_hook', $args ); - + } /*** @@ -187,18 +216,18 @@ // DO NOT add when reviewing user's details if ( $ultimatemember->user->preview == true && is_admin() ) return; - + $primary_btn_word = $args['primary_btn_word']; $primary_btn_word = apply_filters('um_login_form_button_one', $primary_btn_word, $args ); - + $secondary_btn_word = $args['secondary_btn_word']; $secondary_btn_word = apply_filters('um_login_form_button_two', $secondary_btn_word, $args ); - + $secondary_btn_url = ( isset( $args['secondary_btn_url'] ) && $args['secondary_btn_url'] ) ? $args['secondary_btn_url'] : um_get_core_page('register'); $secondary_btn_url = apply_filters('um_login_form_button_two_url', $secondary_btn_url, $args ); - + ?> - +
- +
- + - +
- + - +
- +
- + - +
- + fields->display( 'login', $args ); - - } \ No newline at end of file + + } diff --git a/core/um-form.php b/core/um-form.php index c7995900..756ff515 100644 --- a/core/um-form.php +++ b/core/um-form.php @@ -20,6 +20,20 @@ class UM_Form { } + /** + * Count the form errors. + * @return integer + */ + function count_errors() { + $errors = $this->errors; + + if( $errors && is_array( $errors ) ) { + return count( $errors ); + } + + return 0; + } + /*** *** @add errors ***/ @@ -67,7 +81,7 @@ class UM_Form { $this->form_id = $_POST['form_id']; $this->form_status = get_post_status( $this->form_id ); - + if ( $this->form_status == 'publish' ) { @@ -77,11 +91,11 @@ class UM_Form { $this->post_form = $this->beautify( $this->post_form ); $this->form_data = $ultimatemember->query->post_data( $this->form_id ); - + $this->post_form['submitted'] = $this->post_form; $this->post_form = array_merge( $this->form_data, $this->post_form ); - + $role = $this->assigned_role( $this->form_id ); if( $role && isset( $this->form_data['custom_fields'] ) && ! strstr( $this->form_data['custom_fields'], 'role_' ) ){ // has assigned role. Validate non-global forms @@ -114,7 +128,7 @@ class UM_Form { } /* Continue based on form mode - pre-validation */ - + do_action('um_submit_form_errors_hook', $this->post_form ); do_action("um_submit_form_{$this->post_form['mode']}", $this->post_form ); @@ -171,7 +185,7 @@ class UM_Form { function assigned_role( $post_id ){ $register_use_globals = get_post_meta( $post_id, '_um_register_use_globals', true); - + if( $register_use_globals == 1 ){ $role = um_get_option('default_role'); }else if( $register_use_globals == 0 ){