diff --git a/README.md b/README.md
index 38336708..296e929b 100644
--- a/README.md
+++ b/README.md
@@ -42,7 +42,7 @@ GNU Version 2 or Any Later Version
## Releases
-[Official Release Version: 2.5.3](https://github.com/ultimatemember/ultimatemember/releases/tag/2.5.3).
+[Official Release Version: 2.5.4](https://github.com/ultimatemember/ultimatemember/releases/tag/2.5.4).
## Changelog
diff --git a/assets/img/extensions/bbpress.png b/assets/img/extensions/bbpress.png
deleted file mode 100644
index 18fef0e7..00000000
Binary files a/assets/img/extensions/bbpress.png and /dev/null differ
diff --git a/assets/img/extensions/bbpress.svg b/assets/img/extensions/bbpress.svg
new file mode 100644
index 00000000..2175c2a7
--- /dev/null
+++ b/assets/img/extensions/bbpress.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/followers.png b/assets/img/extensions/followers.png
deleted file mode 100644
index 48946332..00000000
Binary files a/assets/img/extensions/followers.png and /dev/null differ
diff --git a/assets/img/extensions/followers.svg b/assets/img/extensions/followers.svg
new file mode 100644
index 00000000..ea907a39
--- /dev/null
+++ b/assets/img/extensions/followers.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/friends.png b/assets/img/extensions/friends.png
deleted file mode 100644
index b4eb648e..00000000
Binary files a/assets/img/extensions/friends.png and /dev/null differ
diff --git a/assets/img/extensions/friends.svg b/assets/img/extensions/friends.svg
new file mode 100644
index 00000000..d957905d
--- /dev/null
+++ b/assets/img/extensions/friends.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/groups.png b/assets/img/extensions/groups.png
deleted file mode 100644
index 96495d54..00000000
Binary files a/assets/img/extensions/groups.png and /dev/null differ
diff --git a/assets/img/extensions/groups.svg b/assets/img/extensions/groups.svg
new file mode 100644
index 00000000..55dbf068
--- /dev/null
+++ b/assets/img/extensions/groups.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/mailchimp.png b/assets/img/extensions/mailchimp.png
index bf73551b..329640f2 100644
Binary files a/assets/img/extensions/mailchimp.png and b/assets/img/extensions/mailchimp.png differ
diff --git a/assets/img/extensions/notices.png b/assets/img/extensions/notices.png
deleted file mode 100644
index efc7094c..00000000
Binary files a/assets/img/extensions/notices.png and /dev/null differ
diff --git a/assets/img/extensions/notices.svg b/assets/img/extensions/notices.svg
new file mode 100644
index 00000000..617cbcfa
--- /dev/null
+++ b/assets/img/extensions/notices.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/online-users.png b/assets/img/extensions/online-users.png
deleted file mode 100644
index 57de590b..00000000
Binary files a/assets/img/extensions/online-users.png and /dev/null differ
diff --git a/assets/img/extensions/online-users.svg b/assets/img/extensions/online-users.svg
new file mode 100644
index 00000000..957542b7
--- /dev/null
+++ b/assets/img/extensions/online-users.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/private-content.png b/assets/img/extensions/private-content.png
deleted file mode 100644
index 5dd1ae53..00000000
Binary files a/assets/img/extensions/private-content.png and /dev/null differ
diff --git a/assets/img/extensions/private-content.svg b/assets/img/extensions/private-content.svg
new file mode 100644
index 00000000..8af0e849
--- /dev/null
+++ b/assets/img/extensions/private-content.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/private-messages.png b/assets/img/extensions/private-messages.png
deleted file mode 100644
index e0ec7a07..00000000
Binary files a/assets/img/extensions/private-messages.png and /dev/null differ
diff --git a/assets/img/extensions/private-messages.svg b/assets/img/extensions/private-messages.svg
new file mode 100644
index 00000000..cc2e57c9
--- /dev/null
+++ b/assets/img/extensions/private-messages.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/profile-completeness.png b/assets/img/extensions/profile-completeness.png
deleted file mode 100644
index be831bd6..00000000
Binary files a/assets/img/extensions/profile-completeness.png and /dev/null differ
diff --git a/assets/img/extensions/profile-completeness.svg b/assets/img/extensions/profile-completeness.svg
new file mode 100644
index 00000000..badec146
--- /dev/null
+++ b/assets/img/extensions/profile-completeness.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/profile-tabs.png b/assets/img/extensions/profile-tabs.png
deleted file mode 100644
index 2c45ca7f..00000000
Binary files a/assets/img/extensions/profile-tabs.png and /dev/null differ
diff --git a/assets/img/extensions/profile-tabs.svg b/assets/img/extensions/profile-tabs.svg
new file mode 100644
index 00000000..89ec8a40
--- /dev/null
+++ b/assets/img/extensions/profile-tabs.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/real-time-notifications.png b/assets/img/extensions/real-time-notifications.png
deleted file mode 100644
index c52e26dd..00000000
Binary files a/assets/img/extensions/real-time-notifications.png and /dev/null differ
diff --git a/assets/img/extensions/real-time-notifications.svg b/assets/img/extensions/real-time-notifications.svg
new file mode 100644
index 00000000..c4741a27
--- /dev/null
+++ b/assets/img/extensions/real-time-notifications.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/social-activity.png b/assets/img/extensions/social-activity.png
deleted file mode 100644
index 8b011dac..00000000
Binary files a/assets/img/extensions/social-activity.png and /dev/null differ
diff --git a/assets/img/extensions/social-activity.svg b/assets/img/extensions/social-activity.svg
new file mode 100644
index 00000000..b868eafb
--- /dev/null
+++ b/assets/img/extensions/social-activity.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/social-login.png b/assets/img/extensions/social-login.png
deleted file mode 100644
index 6b516aab..00000000
Binary files a/assets/img/extensions/social-login.png and /dev/null differ
diff --git a/assets/img/extensions/social-login.svg b/assets/img/extensions/social-login.svg
new file mode 100644
index 00000000..73470dea
--- /dev/null
+++ b/assets/img/extensions/social-login.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/terms-conditions.png b/assets/img/extensions/terms-conditions.png
deleted file mode 100644
index c870344e..00000000
Binary files a/assets/img/extensions/terms-conditions.png and /dev/null differ
diff --git a/assets/img/extensions/terms-conditions.svg b/assets/img/extensions/terms-conditions.svg
new file mode 100644
index 00000000..41bce243
--- /dev/null
+++ b/assets/img/extensions/terms-conditions.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/unsplash.png b/assets/img/extensions/unsplash.png
index e7ed16c8..4f92ecae 100644
Binary files a/assets/img/extensions/unsplash.png and b/assets/img/extensions/unsplash.png differ
diff --git a/assets/img/extensions/user-bookmarks.png b/assets/img/extensions/user-bookmarks.png
deleted file mode 100644
index 4f58fd32..00000000
Binary files a/assets/img/extensions/user-bookmarks.png and /dev/null differ
diff --git a/assets/img/extensions/user-bookmarks.svg b/assets/img/extensions/user-bookmarks.svg
new file mode 100644
index 00000000..d2b3ebf4
--- /dev/null
+++ b/assets/img/extensions/user-bookmarks.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/user-locations.png b/assets/img/extensions/user-locations.png
deleted file mode 100644
index b93555e9..00000000
Binary files a/assets/img/extensions/user-locations.png and /dev/null differ
diff --git a/assets/img/extensions/user-locations.svg b/assets/img/extensions/user-locations.svg
new file mode 100644
index 00000000..1863c6aa
--- /dev/null
+++ b/assets/img/extensions/user-locations.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/user-notes.png b/assets/img/extensions/user-notes.png
deleted file mode 100644
index f409ecc2..00000000
Binary files a/assets/img/extensions/user-notes.png and /dev/null differ
diff --git a/assets/img/extensions/user-notes.svg b/assets/img/extensions/user-notes.svg
new file mode 100644
index 00000000..7b945c32
--- /dev/null
+++ b/assets/img/extensions/user-notes.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/user-photos.png b/assets/img/extensions/user-photos.png
deleted file mode 100644
index 68cf922d..00000000
Binary files a/assets/img/extensions/user-photos.png and /dev/null differ
diff --git a/assets/img/extensions/user-photos.svg b/assets/img/extensions/user-photos.svg
new file mode 100644
index 00000000..97918b18
--- /dev/null
+++ b/assets/img/extensions/user-photos.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/user-reviews.png b/assets/img/extensions/user-reviews.png
deleted file mode 100644
index 417d807a..00000000
Binary files a/assets/img/extensions/user-reviews.png and /dev/null differ
diff --git a/assets/img/extensions/user-reviews.svg b/assets/img/extensions/user-reviews.svg
new file mode 100644
index 00000000..1e62a34c
--- /dev/null
+++ b/assets/img/extensions/user-reviews.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/user-tags.png b/assets/img/extensions/user-tags.png
deleted file mode 100644
index 908ac1dc..00000000
Binary files a/assets/img/extensions/user-tags.png and /dev/null differ
diff --git a/assets/img/extensions/user-tags.svg b/assets/img/extensions/user-tags.svg
new file mode 100644
index 00000000..517f8532
--- /dev/null
+++ b/assets/img/extensions/user-tags.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/verified-users.png b/assets/img/extensions/verified-users.png
deleted file mode 100644
index c5547489..00000000
Binary files a/assets/img/extensions/verified-users.png and /dev/null differ
diff --git a/assets/img/extensions/verified-users.svg b/assets/img/extensions/verified-users.svg
new file mode 100644
index 00000000..e33966e9
--- /dev/null
+++ b/assets/img/extensions/verified-users.svg
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/assets/img/extensions/woocommerce.png b/assets/img/extensions/woocommerce.png
index a5aef660..3d042a71 100644
Binary files a/assets/img/extensions/woocommerce.png and b/assets/img/extensions/woocommerce.png differ
diff --git a/includes/admin/assets/css/um-admin-dashboard.css b/includes/admin/assets/css/um-admin-dashboard.css
index 3200d505..6538cd58 100644
--- a/includes/admin/assets/css/um-admin-dashboard.css
+++ b/includes/admin/assets/css/um-admin-dashboard.css
@@ -1,97 +1,180 @@
-#um-extensions-wrap a.plugin-image,
-#um-extensions-wrap a.plugin-image img {
- max-width: 100%;
- display: block;
+#um-extensions-wrap #the-list {
+ margin: 0;
+ width: 100%;
+ display: grid;
+ grid-template-rows: auto 1fr;
+ grid-template-columns: repeat(3, 1fr);
+ grid-gap: 10px;
+ grid-auto-rows: minmax(max-content, auto);
+ -ms-grid-template-rows: auto 1fr;
+ -ms-grid-template-columns: repeat(3, 1fr);
+ -ms-grid-gap: 10px;
+ -ms-grid-auto-rows: minmax(max-content, auto);
+ align-items: center;
}
#um-extensions-wrap .plugin-card {
- width: calc( 33% - 8px );
- clear: none !important;
- margin-right: 8px !important;
- margin-left: 0 !important;
+ padding: 20px;
+ display: flex;
+ flex-direction: column;
+ flex-wrap: nowrap;
+ justify-content: flex-start;
+ align-items: stretch;
+ width: 100%;
+ margin: 0;
}
-
-#um-extensions-wrap .plugin-image img {
- display: inline-block;
- width: 70px;
- margin: auto;
- /* padding-top: 40px; */
- border-radius: 500px;
+#um-extensions-wrap .plugin-image-wrapper {
+ color: #fff;
height: 70px;
- padding: 5px;
- background: #fff;
- box-shadow: 0 4px 6px rgba(50,50,93,.11), 0 1px 3px rgba(0,0,0,.08);
- margin-top: 20px;
+ width: 70px;
+ margin: 0 auto;
+ border-radius: 60px;
+ box-shadow: 0 2px 9px rgb(50 50 93 / 21%);
+ border: solid 4px #fff;
+ display: flex;
+ justify-content: center;
+ align-items: center;
+ overflow: hidden;
+}
+
+#um-extensions-wrap .plugin-image-wrapper a {
+ width: 100%;
+ height: 100%;
+ margin: 0;
+ padding: 0;
+ background-color: #7856ff;
+}
+
+#um-extensions-wrap a.plugin-image.svg-image {
+ display: flex;
+ flex-direction: row;
+ justify-content: center;
+ align-items: center;
+ flex-wrap: nowrap;
+}
+
+#um_bbpress_image {
+ background-color: #fff !important;
+ filter: none !important;
+ width: 70px !important;
+}
+
+#um_mycred_image {
+ background-color: #fff;
+}
+
+#um_groups_image,
+#um_profile-tabs_image,
+#um_user-tags_image,
+#um_friends_image,
+#um_user-reviews_image,
+#um_verified-users_image,
+#um_private-content_image,
+#um_online-users_image {
+ width: 36px !important;
+}
+
+#um_notices_image,
+#um_social-activity_image,
+#um_profile-completeness_image,
+#um_private-messages_image,
+#um_user-photos_image,
+#um_terms-conditions_image {
+ width: 29px !important;
+}
+
+#um_social-login_image {
+ width: 28px !important;
+}
+
+#um_real-time-notifications_image,
+#um_user-notes_image {
+ width: 26px !important;
+}
+
+#um_followers_image,
+#um_user-locations_image {
+ width: 32px !important;
+}
+
+#um_user-bookmarks_image {
+ width: 23px !important;
+}
+
+#um-extensions-wrap a.plugin-image.svg-image img {
+ filter: invert(1);
+ background-color: transparent;
+ width: 38px;
+ height: auto;
+}
+
+#um-extensions-wrap a.plugin-image,
+#um-extensions-wrap a.plugin-image img {
+ display: block;
+}
+
+#um-extensions-wrap .plugin-image:not(.svg-image) img {
+ width: 70px;
+ margin: 0;
+ height: 70px;
+ padding: 0;
+}
+
+#um-extensions-wrap .plugin-card-top {
+ margin: 0;
+ padding: 20px 0 0 0;
+ width: 100%;
+ min-height: 100px;
}
#um-extensions-wrap .plugin-card-top h3 {
text-align: center;
+ margin: 0 0 20px 0;
+ padding: 0;
}
#um-extensions-wrap .plugin-card-top .desc {
text-align: center;
margin: 0 !important;
- padding: 10px 0 0 0 !important;
+ padding: 0 !important;
}
-#um-extensions-wrap .action-links {
- margin: 0 !important;
- padding: 20px 0 0 0 !important;
- position: static;
+#um-extensions-wrap .plugin-action-links {
+ padding: 20px 0 0 0;
width: 100%;
-}
-
-#um-extensions-wrap .action-links ul {
- margin: 0 0 10px 0 !important;
- width: 100%;
-}
-
-#um-extensions-wrap .action-links ul li {
- display: inline;
- float: left;
- clear: none;
- line-height: 28px;
- margin: 0;
+ display: flex;
+ flex-direction: row;
+ justify-content: space-between;
+ align-items: baseline;
+ flex-wrap: nowrap;
}
-@media (max-width: 992px) {
- #um-extensions-wrap .plugin-card {
- width: calc( 50% - 8px );
- }
-}
-
-@media (max-width: 782px) {
- #um-extensions-wrap .plugin-card {
- width: calc( 100% - 8px );
- }
-}
-
-
-
-#um-extensions-wrap .action-links ul li:last-child {
- float: right;
-}
-
-
-#um-extensions-wrap .plugin-card-top {
- min-height: 140px;
-}
-
-@media screen and (max-width: 782px) {
- #um-extensions-wrap .plugin-card {
- width: 100%;
- }
-
+@media (max-width: 1152px) {
#um-extensions-wrap .plugin-card-top {
min-height: 120px;
}
}
-#um-extensions-wrap .plugin-card .name,
-#um-extensions-wrap .plugin-card .desc {
- margin-left: 0;
+@media (max-width: 992px) {
+ #um-extensions-wrap #the-list {
+ grid-template-columns: repeat(2, 1fr);
+ -ms-grid-template-columns: repeat(2, 1fr);
+ }
+}
+
+@media (max-width: 782px) {
+ #um-extensions-wrap #the-list {
+ grid-template-columns: repeat(1, 1fr);
+ -ms-grid-template-columns: repeat(1, 1fr);
+ }
+}
+
+@media screen and (max-width: 782px) {
+ #um-extensions-wrap .plugin-card-top {
+ min-height: 80px;
+ }
}
#um-metaboxes-general h1 sup {
@@ -209,4 +292,4 @@
color: #777 !important;
font-size: 22px !important;
}
-.um-admin-dash-share a:hover {color: #0085ba !important}
\ No newline at end of file
+.um-admin-dash-share a:hover {color: #0085ba !important}
diff --git a/includes/admin/core/class-admin-notices.php b/includes/admin/core/class-admin-notices.php
index 5bdc533e..7b335fc5 100644
--- a/includes/admin/core/class-admin-notices.php
+++ b/includes/admin/core/class-admin-notices.php
@@ -50,6 +50,8 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
$this->lock_registration();
+ $this->extensions_page();
+
// removed for now to avoid the bad reviews
//$this->reviews_notice();
@@ -239,6 +241,39 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
), 10 );
}
+ /**
+ * Checking if the "Membership - Anyone can register" WordPress general setting is active
+ */
+ public function extensions_page() {
+ global $pagenow;
+ if ( isset( $pagenow ) && 'admin.php' === $pagenow && isset( $_GET['page'] ) && 'ultimatemember-extensions' === $_GET['page'] ) {
+ ob_start();
+ ?>
+
+
+ All Access Pass – Get access to all Ultimate Member extensions at a significant discount with our All Access Pass.', 'ultimate-member' ) ?>
+
+
+
+
+
+
+
+ add_notice(
+ 'extensions_all_access',
+ array(
+ 'class' => 'info',
+ 'message' => $message,
+ 'dismissible' => false,
+ ),
+ 10
+ );
+ }
+ }
+
/**
* To store plugin languages
diff --git a/includes/admin/templates/extensions.php b/includes/admin/templates/extensions.php
index 1a0522ec..e4ec4052 100644
--- a/includes/admin/templates/extensions.php
+++ b/includes/admin/templates/extensions.php
@@ -2,72 +2,84 @@
$premium['bbpress'] = array(
'url' => 'https://ultimatemember.com/extensions/bbpress/',
+ 'img' => 'bbpress.svg',
'name' => 'bbPress',
'desc' => 'With the bbPress extension you can integrate Ultimate Member with bbPress',
);
$premium['profile-completeness'] = array(
'url' => 'https://ultimatemember.com/extensions/profile-completeness/',
+ 'img' => 'profile-completeness.svg',
'name' => 'Profile Completeness',
'desc' => 'Encourage or force users to complete their profile on your site',
);
$premium['verified-users'] = array(
'url' => 'https://ultimatemember.com/extensions/verified-users/',
+ 'img' => 'verified-users.svg',
'name' => 'Verified Users',
'desc' => 'Add a user verficiation system to your site so user accounts can be verified',
);
$premium['friends'] = array(
'url' => 'https://ultimatemember.com/extensions/friends/',
+ 'img' => 'friends.svg',
'name' => 'Friends',
'desc' => 'Increase user interaction on your site by allowing users to become friends',
);
$premium['woocommerce'] = array(
'url' => 'https://ultimatemember.com/extensions/woocommerce/',
+ 'img' => 'woocommerce.png',
'name' => 'WooCommerce',
'desc' => 'Integrates the popular e-commerce plugin WooCommerce with Ultimate Member',
);
$premium['notices'] = array(
'url' => 'https://ultimatemember.com/extensions/notices/',
+ 'img' => 'notices.svg',
'name' => 'Notices',
'desc' => 'Alert users to important information using conditional notices',
);
$premium['followers'] = array(
'url' => 'https://ultimatemember.com/extensions/followers/',
+ 'img' => 'followers.svg',
'name' => 'Followers',
'desc' => 'Increase user interaction on your site by allowing users to follow each other',
);
$premium['mycred'] = array(
'url' => 'https://ultimatemember.com/extensions/mycred/',
+ 'img' => 'mycred.png',
'name' => 'myCRED',
'desc' => 'With the myCRED extension you can integrate Ultimate Member with myCRED',
);
$premium['private-messages'] = array(
'url' => 'https://ultimatemember.com/extensions/private-messages/',
+ 'img' => 'private-messages.svg',
'name' => 'Private Messages',
'desc' => 'Add a private messaging system to your site & allow users to message each other',
);
$premium['social-activity'] = array(
'url' => 'https://ultimatemember.com/extensions/social-activity/',
+ 'img' => 'social-activity.svg',
'name' => 'Social Activity',
'desc' => 'Let users create public wall posts & see the activity of other users',
);
$premium['social-login'] = array(
'url' => 'https://ultimatemember.com/extensions/social-login/',
+ 'img' => 'social-login.svg',
'name' => 'Social Login',
'desc' => 'Let users register & login to your site via Facebook, Twitter, G+, LinkedIn, and more',
);
$premium['user-tags'] = array(
'url' => 'https://ultimatemember.com/extensions/user-tags/',
+ 'img' => 'user-tags.svg',
'name' => 'User Tags',
'desc' => 'With this extension you can add a user tag system to your website',
);
@@ -75,6 +87,7 @@ $premium['user-tags'] = array(
$premium['mailchimp'] = array(
'url' => 'https://ultimatemember.com/extensions/mailchimp/',
+ 'img' => 'mailchimp.png',
'name' => 'MailChimp',
'desc' => 'Allow users to subscribe to your mailchimp lists when they signup on your site',
);
@@ -82,24 +95,28 @@ $premium['mailchimp'] = array(
$premium['user-reviews'] = array(
'url' => 'https://ultimatemember.com/extensions/user-reviews/',
+ 'img' => 'user-reviews.svg',
'name' => 'User Reviews',
'desc' => 'Allow users to rate & review each other using a 5 star rate/review system',
);
$premium['real-time-notifications'] = array(
'url' => 'https://ultimatemember.com/extensions/real-time-notifications/',
+ 'img' => 'real-time-notifications.svg',
'name' => 'Real-time Notifications',
'desc' => 'Add a notifications system to your site so users can receive real-time notifications',
);
$premium['private-content'] = array(
'url' => 'https://ultimatemember.com/extensions/private-content/',
+ 'img' => 'private-content.svg',
'name' => 'Private Content',
'desc' => 'Display private content to logged in users that only they can access',
);
$premium['groups'] = array(
'url' => 'https://ultimatemember.com/extensions/groups/',
+ 'img' => 'groups.svg',
'name' => 'Groups',
'desc' => 'Allow users to create and join groups around shared topics, interests etc.',
);
@@ -107,65 +124,76 @@ $premium['groups'] = array(
$premium['user-photos'] = array(
'url' => 'https://ultimatemember.com/extensions/user-photos/',
'name' => 'User Photos',
+ 'img' => 'user-photos.svg',
'desc' => 'Allow users to upload photos to their profile',
);
$premium['user-bookmarks'] = array(
'url' => 'https://ultimatemember.com/extensions/user-bookmarks/',
+ 'img' => 'user-bookmarks.svg',
'name' => 'User Bookmarks',
'desc' => 'Allow users to bookmark content from your website',
);
$premium['unsplash'] = array(
'url' => 'https://ultimatemember.com/extensions/unsplash/',
+ 'img' => 'unsplash.png',
'name' => 'Unsplash',
'desc' => 'Allow users to select a profile cover photo from Unsplash from their profile',
);
$premium['user-locations'] = array(
'url' => 'https://ultimatemember.com/extensions/user-locations/',
+ 'img' => 'user-locations.svg',
'name' => 'User Locations',
'desc' => 'Using the Google Maps API, display users on a map on the member directory page and allow users to add their location via their profile',
);
$premium['user-notes'] = array(
'url' => 'https://ultimatemember.com/extensions/user-notes/',
+ 'img' => 'user-notes.svg',
'name' => 'User Notes',
'desc' => 'Allow users to create public and private notes from their profile',
);
$premium['profile-tabs'] = array(
'url' => 'https://ultimatemember.com/extensions/profile-tabs/',
+ 'img' => 'profile-tabs.svg',
'name' => 'Profile Tabs',
'desc' => 'Add custom tabs to profiles',
);
$free['jobboardwp'] = array(
'url' => 'https://wordpress.org/plugins/um-jobboardwp',
+ 'img' => 'jobboardwp.png',
'name' => 'JobBoardWP',
'desc' => 'Integrates Ultimate Member with the job board plugin JobBoardWP',
);
$free['forumwp'] = array(
'url' => 'https://ultimatemember.com/extensions/forumwp/',
+ 'img' => 'forumwp.png',
'name' => 'ForumWP',
'desc' => 'Integrates Ultimate Member with the forum plugin ForumWP',
);
$free['online-users'] = array(
'url' => 'https://ultimatemember.com/extensions/online-users/',
+ 'img' => 'online-users.svg',
'name' => 'Online Users',
'desc' => 'Display online users on your site so users can see who is online'
);
$free['google-recaptcha'] = array(
'url' => 'https://ultimatemember.com/extensions/google-recaptcha/',
+ 'img' => 'google-recaptcha.png',
'name' => 'Google reCAPTCHA',
'desc' => 'Stop bots on your registration & login forms with Google reCAPTCHA',
);
$free['terms-conditions'] = array(
- 'url' => 'https://ultimatemember.com/extensions/terms-conditions/',
+ 'url' => 'https://ultimatemember.com/extensions/terms-conditions/',
+ 'img' => 'terms-conditions.svg',
'name' => 'Terms & Conditions',
'desc' => 'Add terms & conditions to your registration form',
); ?>
@@ -174,17 +202,6 @@ $free['terms-conditions'] = array(
Ultimate Member - Extensions
-
-
- All Access Pass – Get access to all Ultimate Member extensions at a significant discount with our All Access Pass.', 'ultimate-member' ) ?>
-
-
-
-
-
@@ -206,31 +223,26 @@ $free['terms-conditions'] = array(
foreach ( $premium as $key => $info ) { ?>
-
-
-
+
-
+
-
-
-
-
-
+ get_allowed_html( 'admin_notice' ) ); ?>
+
$info ) { ?>
-
-
-
+
-
+
-
-
-
-
-
+ get_allowed_html( 'admin_notice' ) ); ?>
+
-
\ No newline at end of file
+
diff --git a/includes/class-functions.php b/includes/class-functions.php
index 1c75d127..72f179fa 100644
--- a/includes/class-functions.php
+++ b/includes/class-functions.php
@@ -406,5 +406,333 @@ if ( ! class_exists( 'UM_Functions' ) ) {
return preg_replace( $search, $replace, $subject, 1 );
}
+ /**
+ * @param string $context
+ *
+ * @return array
+ */
+ public function get_allowed_html( $context = '' ) {
+ switch ( $context ) {
+ case 'wp-admin':
+ $allowed_html = array(
+ 'img' => array(
+ 'alt' => true,
+ 'align' => true,
+ 'border' => true,
+ 'height' => true,
+ 'hspace' => true,
+ 'loading' => true,
+ 'longdesc' => true,
+ 'vspace' => true,
+ 'src' => true,
+ 'srcset' => true,
+ 'usemap' => true,
+ 'width' => true,
+ ),
+ 'ul' => array(),
+ 'li' => array(),
+ 'h1' => array(
+ 'align' => true,
+ ),
+ 'h2' => array(
+ 'align' => true,
+ ),
+ 'h3' => array(
+ 'align' => true,
+ ),
+ 'p' => array(
+ 'align' => true,
+ 'dir' => true,
+ 'lang' => true,
+ ),
+ 'form' => array(
+ 'action' => true,
+ 'accept' => true,
+ 'accept-charset' => true,
+ 'enctype' => true,
+ 'method' => true,
+ 'name' => true,
+ 'target' => true,
+ ),
+ 'label' => array(
+ 'for' => true,
+ ),
+ 'select' => array(
+ 'name' => true,
+ 'multiple' => true,
+ 'disabled' => true,
+ 'readonly' => true,
+ 'required' => true,
+ 'autocomplete' => true,
+ ),
+ 'option' => array(
+ 'value' => true,
+ 'selected' => true,
+ 'disabled' => true,
+ ),
+ 'input' => array(
+ 'type' => true,
+ 'name' => true,
+ 'value' => true,
+ 'placeholder' => true,
+ 'readonly' => true,
+ 'disabled' => true,
+ 'checked' => true,
+ 'selected' => true,
+ 'required' => true,
+ 'autocomplete' => true,
+ ),
+ 'textarea' => array(
+ 'cols' => true,
+ 'rows' => true,
+ 'disabled' => true,
+ 'name' => true,
+ 'readonly' => true,
+ 'required' => true,
+ 'autocomplete' => true,
+ ),
+ 'table' => array(
+ 'align' => true,
+ 'bgcolor' => true,
+ 'border' => true,
+ 'cellpadding' => true,
+ 'cellspacing' => true,
+ 'dir' => true,
+ 'rules' => true,
+ 'summary' => true,
+ 'width' => true,
+ ),
+ 'tbody' => array(
+ 'align' => true,
+ 'char' => true,
+ 'charoff' => true,
+ 'valign' => true,
+ ),
+ 'td' => array(
+ 'abbr' => true,
+ 'align' => true,
+ 'axis' => true,
+ 'bgcolor' => true,
+ 'char' => true,
+ 'charoff' => true,
+ 'colspan' => true,
+ 'dir' => true,
+ 'headers' => true,
+ 'height' => true,
+ 'nowrap' => true,
+ 'rowspan' => true,
+ 'scope' => true,
+ 'valign' => true,
+ 'width' => true,
+ ),
+ 'tfoot' => array(
+ 'align' => true,
+ 'char' => true,
+ 'charoff' => true,
+ 'valign' => true,
+ ),
+ 'th' => array(
+ 'abbr' => true,
+ 'align' => true,
+ 'axis' => true,
+ 'bgcolor' => true,
+ 'char' => true,
+ 'charoff' => true,
+ 'colspan' => true,
+ 'headers' => true,
+ 'height' => true,
+ 'nowrap' => true,
+ 'rowspan' => true,
+ 'scope' => true,
+ 'valign' => true,
+ 'width' => true,
+ ),
+ 'thead' => array(
+ 'align' => true,
+ 'char' => true,
+ 'charoff' => true,
+ 'valign' => true,
+ ),
+ 'tr' => array(
+ 'align' => true,
+ 'bgcolor' => true,
+ 'char' => true,
+ 'charoff' => true,
+ 'valign' => true,
+ ),
+ );
+ break;
+ case 'templates':
+ $allowed_html = array(
+ 'style' => array(),
+ 'link' => array(
+ 'rel' => true,
+ 'href' => true,
+ 'media' => true,
+ ),
+ 'form' => array(
+ 'action' => true,
+ 'accept' => true,
+ 'accept-charset' => true,
+ 'enctype' => true,
+ 'method' => true,
+ 'name' => true,
+ 'target' => true,
+ ),
+ 'label' => array(
+ 'for' => true,
+ ),
+ 'select' => array(
+ 'name' => true,
+ 'multiple' => true,
+ 'disabled' => true,
+ 'readonly' => true,
+ 'required' => true,
+ 'autocomplete' => true,
+ ),
+ 'option' => array(
+ 'value' => true,
+ 'selected' => true,
+ 'disabled' => true,
+ ),
+ 'input' => array(
+ 'type' => true,
+ 'name' => true,
+ 'value' => true,
+ 'placeholder' => true,
+ 'readonly' => true,
+ 'disabled' => true,
+ 'checked' => true,
+ 'selected' => true,
+ 'required' => true,
+ 'autocomplete' => true,
+ 'size' => true,
+ 'step' => true,
+ 'min' => true,
+ 'max' => true,
+ 'minlength' => true,
+ 'maxlength' => true,
+ 'pattern' => true,
+ ),
+ 'textarea' => array(
+ 'cols' => true,
+ 'rows' => true,
+ 'disabled' => true,
+ 'name' => true,
+ 'readonly' => true,
+ 'required' => true,
+ 'autocomplete' => true,
+ ),
+ 'img' => array(
+ 'alt' => true,
+ 'align' => true,
+ 'border' => true,
+ 'height' => true,
+ 'hspace' => true,
+ 'loading' => true,
+ 'longdesc' => true,
+ 'vspace' => true,
+ 'src' => true,
+ 'srcset' => true,
+ 'usemap' => true,
+ 'width' => true,
+ ),
+ 'h1' => array(
+ 'align' => true,
+ ),
+ 'h2' => array(
+ 'align' => true,
+ ),
+ 'h3' => array(
+ 'align' => true,
+ ),
+ 'p' => array(
+ 'align' => true,
+ 'dir' => true,
+ 'lang' => true,
+ ),
+ 'ul' => array(),
+ 'li' => array(),
+ 'time' => array(
+ 'datetime' => true,
+ ),
+ );
+ break;
+ case 'admin_notice':
+ $allowed_html = array(
+ 'p' => array(
+ 'align' => true,
+ 'dir' => true,
+ 'lang' => true,
+ ),
+ 'label' => array(
+ 'for' => true,
+ ),
+ 'strong' => array(
+ 'style' => true,
+ ),
+ );
+ break;
+ default:
+ $allowed_html = array();
+ break;
+ }
+
+ $global_allowed = array(
+ 'a' => array(
+ 'href' => array(),
+ 'rel' => true,
+ 'rev' => true,
+ 'name' => true,
+ 'target' => true,
+ 'download' => array(
+ 'valueless' => 'y',
+ ),
+ ),
+ 'em' => array(),
+ 'i' => array(),
+ 'q' => array(
+ 'cite' => true,
+ ),
+ 's' => array(),
+ 'strike' => array(),
+ 'strong' => array(),
+ 'br' => array(),
+ 'div' => array(
+ 'align' => true,
+ 'dir' => true,
+ 'lang' => true,
+ ),
+ 'span' => array(
+ 'dir' => true,
+ 'align' => true,
+ 'lang' => true,
+ ),
+ 'code' => array(),
+ 'hr' => array(
+ 'style' => true,
+ ),
+ );
+
+ $allowed_html = array_merge( $global_allowed, $allowed_html );
+ $allowed_html = array_map( '_wp_add_global_attributes', $allowed_html );
+
+ /**
+ * Filters the allowed HTML tags and their attributes in the late escaping before echo.
+ *
+ * Note: Please use the `wp_kses()` allowed tags structure.
+ *
+ * @since 2.5.4
+ * @hook um_late_escaping_allowed_tags
+ *
+ * @param {array} $allowed_html Allowed HTML tags with attributes.
+ * @param {string} $context Function context 'wp-admin' for Admin Dashboard echo, 'templates' for the frontend.
+ *
+ * @return {array} Allowed HTML tags with attributes.
+ */
+ $allowed_html = apply_filters( 'um_late_escaping_allowed_tags', $allowed_html, $context );
+
+ return $allowed_html;
+ }
}
}
diff --git a/includes/core/class-access.php b/includes/core/class-access.php
index 921b981d..9e445ac5 100644
--- a/includes/core/class-access.php
+++ b/includes/core/class-access.php
@@ -59,10 +59,6 @@ if ( ! class_exists( 'um\core\Access' ) ) {
// change the excerpt of the restricted post
add_filter( 'get_the_excerpt', array( &$this, 'filter_restricted_post_excerpt' ), 999999, 2 );
- // filter attachment
- add_filter( 'wp_get_attachment_url', array( &$this, 'filter_attachment' ), 99, 2 );
- add_filter( 'has_post_thumbnail', array( &$this, 'filter_post_thumbnail' ), 99, 3 );
-
// comments queries
add_action( 'pre_get_comments', array( &$this, 'exclude_posts_comments' ), 99, 1 );
add_filter( 'wp_count_comments', array( &$this, 'custom_comments_count_handler' ), 99, 2 );
@@ -80,20 +76,24 @@ if ( ! class_exists( 'um\core\Access' ) ) {
// check the site's accessible more priority have Individual Post/Term Restriction settings
add_action( 'template_redirect', array( &$this, 'template_redirect' ), 1000 );
+ add_action( 'um_access_check_blog_page_settings', array( &$this, 'um_access_check_blog_page_settings' ) );
add_action( 'um_access_check_individual_term_settings', array( &$this, 'um_access_check_individual_term_settings' ) );
add_action( 'um_access_check_global_settings', array( &$this, 'um_access_check_global_settings' ) );
- add_action( 'plugins_loaded', array( &$this, 'disable_restriction_pre_queries' ), 1 );
+ add_action( 'plugins_loaded', array( &$this, 'initialize_hooks' ), 1 );
}
-
/**
* Rollback function for old business logic to avoid security enhancements with 404 errors
*/
- function disable_restriction_pre_queries() {
+ public function initialize_hooks() {
// Using inside plugins_loaded hook because of there can be earlier direct queries without hooks.
// Avoid using to not getting fatal error for not exists WordPress native functions.
+ // filter attachment
+ add_filter( 'wp_get_attachment_url', array( &$this, 'filter_attachment' ), 99, 2 );
+ add_filter( 'has_post_thumbnail', array( &$this, 'filter_post_thumbnail' ), 99, 3 );
+
// Change recent posts widget query.
add_filter( 'widget_posts_args', array( &$this, 'exclude_restricted_posts_widget' ), 99, 1 );
// Exclude pages displayed by wp_list_pages function.
@@ -131,7 +131,6 @@ if ( ! class_exists( 'um\core\Access' ) ) {
remove_filter( 'wp_count_posts', array( &$this, 'custom_count_posts_handler' ), 99 );
}
-
/**
* Get array with restricted posts
*
@@ -244,12 +243,12 @@ if ( ! class_exists( 'um\core\Access' ) ) {
global $wpdb;
$terms = $wpdb->get_results(
- "SELECT tm.term_id AS term_id,
- tt.taxonomy AS taxonomy
- FROM {$wpdb->termmeta} tm
- LEFT JOIN {$wpdb->term_taxonomy} tt ON tt.term_id = tm.term_id
- WHERE tm.meta_key = 'um_content_restriction' AND
- tt.taxonomy IN('" . implode( "','", $restricted_taxonomies ) . "')",
+ "SELECT tm.term_id AS term_id,
+ tt.taxonomy AS taxonomy
+ FROM {$wpdb->termmeta} tm
+ LEFT JOIN {$wpdb->term_taxonomy} tt ON tt.term_id = tm.term_id
+ WHERE tm.meta_key = 'um_content_restriction' AND
+ tt.taxonomy IN('" . implode( "','", $restricted_taxonomies ) . "')",
ARRAY_A
);
@@ -889,10 +888,10 @@ if ( ! class_exists( 'um\core\Access' ) ) {
foreach ( $restricted_posts as $k => $post_type ) {
if ( 'closed' === get_default_comment_status( $post_type ) ) {
$open_comments = $wpdb->get_var( $wpdb->prepare(
- "SELECT ID
- FROM {$wpdb->posts}
- WHERE post_type = %s AND
- comment_status != 'closed'",
+ "SELECT ID
+ FROM {$wpdb->posts}
+ WHERE post_type = %s AND
+ comment_status != 'closed'",
$post_type
) );
@@ -1337,7 +1336,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
}
if ( is_object( $query ) && is_a( $query, '\WP_Query' ) &&
- ( $query->is_main_query() || ! empty( $query->query_vars['um_main_query'] ) ) ) {
+ ( $query->is_main_query() || ! empty( $query->query_vars['um_main_query'] ) ) ) {
if ( $is_singular ) {
if ( ! UM()->options()->get( 'disable_restriction_pre_queries' ) && $this->is_restricted( $posts[0]->ID ) ) {
$content_restriction = $this->get_post_privacy_settings( $posts[0]->ID );
@@ -1402,14 +1401,14 @@ if ( ! class_exists( 'um\core\Access' ) ) {
if ( ! isset( $restriction['_um_access_redirect'] ) || '0' == $restriction['_um_access_redirect'] ) {
- exit( wp_redirect( esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) ) ) );
+ exit( wp_redirect( esc_url_raw( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) ) ) );
} elseif ( '1' == $restriction['_um_access_redirect'] ) {
if ( ! empty( $restriction['_um_access_redirect_url'] ) ) {
$redirect = $restriction['_um_access_redirect_url'];
} else {
- $redirect = esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) );
+ $redirect = esc_url_raw( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) );
}
exit( wp_redirect( $redirect ) );
@@ -1459,8 +1458,31 @@ if ( ! class_exists( 'um\core\Access' ) ) {
//also skip if we currently at UM Register|Login|Reset Password pages
if ( um_is_core_post( $post, 'register' ) ||
- um_is_core_post( $post, 'password-reset' ) ||
- um_is_core_post( $post, 'login' ) ) {
+ um_is_core_post( $post, 'password-reset' ) ||
+ um_is_core_post( $post, 'login' ) ) {
+ return;
+ }
+
+ /**
+ * UM hook
+ *
+ * @type action
+ * @title um_access_check_blog_page_settings
+ * @description Check blog page individual restrict options
+ * @change_log
+ * ["Since: 2.0"]
+ * @usage add_action( 'um_access_check_blog_page_settings', 'function_name', 10 );
+ * @example
+ *
+ */
+ do_action( 'um_access_check_blog_page_settings' );
+ //exit from function if blog is accessible
+ if ( $this->check_access() ) {
return;
}
@@ -1510,6 +1532,44 @@ if ( ! class_exists( 'um\core\Access' ) ) {
}
+ /**
+ * Check Blog page Content Restriction settings
+ */
+ function um_access_check_blog_page_settings() {
+ global $wp_query;
+
+ if ( ! empty( $wp_query->is_home ) && ! empty( $wp_query->is_posts_page ) ) {
+ $post_id = get_option( 'page_for_posts' );
+ if ( ! empty( $post_id ) ) {
+ $restriction_result = $this->is_restricted( $post_id, true, true );
+ if ( $restriction_result ) {
+ $restriction = get_post_meta( $post_id, 'um_content_restriction', true );
+ if ( '1' == $restriction['_um_noaccess_action'] ) {
+ $curr = UM()->permalinks()->get_current_url();
+
+ if ( ! isset( $restriction['_um_access_redirect'] ) || '0' == $restriction['_um_access_redirect'] ) {
+
+ $this->redirect_handler = $this->set_referer( esc_url_raw( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) ), 'individual_term' );
+
+ } elseif ( '1' == $restriction['_um_access_redirect'] ) {
+
+ if ( ! empty( $restriction['_um_access_redirect_url'] ) ) {
+ $redirect = $restriction['_um_access_redirect_url'];
+ } else {
+ $redirect = esc_url_raw( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) );
+ }
+
+ $this->redirect_handler = $this->set_referer( $redirect, 'individual_term' );
+
+ }
+ } else {
+ add_filter( 'home_template', array( &$this, 'blog_message' ), 10, 3 );
+ }
+ }
+ }
+ }
+ }
+
/**
* Check individual term Content Restriction settings
*/
@@ -1537,21 +1597,21 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return;
}
- if ( $this->is_restricted_term( $term_id, true ) ) {
+ if ( $this->is_restricted_term( $term_id, true, true ) ) {
$restriction = get_term_meta( $term_id, 'um_content_restriction', true );
if ( '1' == $restriction['_um_noaccess_action'] ) {
$curr = UM()->permalinks()->get_current_url();
if ( ! isset( $restriction['_um_access_redirect'] ) || '0' == $restriction['_um_access_redirect'] ) {
- $this->redirect_handler = $this->set_referer( esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) ), 'individual_term' );
+ $this->redirect_handler = $this->set_referer( esc_url_raw( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) ), 'individual_term' );
} elseif ( '1' == $restriction['_um_access_redirect'] ) {
if ( ! empty( $restriction['_um_access_redirect_url'] ) ) {
$redirect = $restriction['_um_access_redirect_url'];
} else {
- $redirect = esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) );
+ $redirect = esc_url_raw( add_query_arg( 'redirect_to', urlencode_deep( $curr ), um_get_core_page( 'login' ) ) );
}
$this->redirect_handler = $this->set_referer( $redirect, 'individual_term' );
@@ -1578,6 +1638,17 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return UM()->locate_template( 'restricted-taxonomy.php' );
}
+ /**
+ * @param $template
+ * @param $type
+ * @param $templates
+ *
+ * @return string
+ */
+ function blog_message( $template, $type, $templates ) {
+ return UM()->locate_template( 'restricted-blog.php' );
+ }
+
/**
* Check global accessible settings
@@ -1621,7 +1692,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
*/
$redirect_homepage = apply_filters( 'um_custom_homepage_redirect_url', $redirect_homepage, um_user( 'ID' ) );
$redirect_to = ! empty( $redirect_homepage ) ? $redirect_homepage : um_get_core_page( 'user' );
- $this->redirect_handler = $this->set_referer( esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), $redirect_to ) ), 'custom_homepage' );
+ $this->redirect_handler = $this->set_referer( esc_url_raw( add_query_arg( 'redirect_to', urlencode_deep( $curr ), $redirect_to ) ), 'custom_homepage' );
} else {
$access = UM()->options()->get( 'accessible' );
@@ -1637,7 +1708,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
$redirect = um_get_core_page( 'login' );
}
- $this->redirect_handler = $this->set_referer( esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), $redirect ) ), 'global' );
+ $this->redirect_handler = $this->set_referer( esc_url_raw( add_query_arg( 'redirect_to', urlencode_deep( $curr ), $redirect ) ), 'global' );
} else {
$this->allow_access = true;
return;
@@ -1659,7 +1730,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
$redirect = um_get_core_page( 'login' );
}
- $this->redirect_handler = $this->set_referer( esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), $redirect ) ), 'global' );
+ $this->redirect_handler = $this->set_referer( esc_url_raw( add_query_arg( 'redirect_to', urlencode_deep( $curr ), $redirect ) ), 'global' );
} else {
$this->allow_access = true;
return;
@@ -1696,7 +1767,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
$redirect = um_get_core_page( 'login' );
}
- $this->redirect_handler = $this->set_referer( esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), $redirect ) ), 'global' );
+ $this->redirect_handler = $this->set_referer( esc_url_raw( add_query_arg( 'redirect_to', urlencode_deep( $curr ), $redirect ) ), 'global' );
} else {
$this->redirect_handler = false;
$this->allow_access = true;
@@ -1982,9 +2053,11 @@ if ( ! class_exists( 'um\core\Access' ) ) {
* Is post restricted?
*
* @param int $post_id
+ * @param bool $on_single_page
+ * @param bool $ignore_cache
* @return bool
*/
- function is_restricted( $post_id ) {
+ function is_restricted( $post_id, $on_single_page = false, $ignore_cache = false ) {
// break for incorrect post
if ( empty( $post_id ) ) {
return false;
@@ -1992,18 +2065,22 @@ if ( ! class_exists( 'um\core\Access' ) ) {
static $cache = array();
- if ( isset( $cache[ $post_id ] ) ) {
+ if ( isset( $cache[ $post_id ] ) && ! $ignore_cache ) {
return $cache[ $post_id ];
}
if ( current_user_can( 'administrator' ) ) {
- $cache[ $post_id ] = false;
+ if ( ! $ignore_cache ) {
+ $cache[ $post_id ] = false;
+ }
return false;
}
$post = get_post( $post_id );
if ( is_user_logged_in() && isset( $post->post_author ) && $post->post_author == get_current_user_id() ) {
- $cache[ $post_id ] = false;
+ if ( ! $ignore_cache ) {
+ $cache[ $post_id ] = false;
+ }
return false;
}
@@ -2016,10 +2093,16 @@ if ( ! class_exists( 'um\core\Access' ) ) {
if ( '0' == $restriction['_um_accessible'] ) {
//post is private
$restricted = false;
+ if ( $on_single_page ) {
+ $this->allow_access = true;
+ }
} elseif ( '1' == $restriction['_um_accessible'] ) {
//if post for not logged in users and user is not logged in
if ( ! is_user_logged_in() ) {
$restricted = false;
+ if ( $on_single_page ) {
+ $this->allow_access = true;
+ }
}
} elseif ( '2' == $restriction['_um_accessible'] ) {
//if post for logged in users and user is not logged in
@@ -2029,21 +2112,37 @@ if ( ! class_exists( 'um\core\Access' ) ) {
if ( empty( $restriction['_um_access_roles'] ) || false === array_search( '1', $restriction['_um_access_roles'] ) ) {
if ( $custom_restrict ) {
$restricted = false;
+ if ( $on_single_page ) {
+ $this->allow_access = true;
+ }
}
} else {
$user_can = $this->user_can( get_current_user_id(), $restriction['_um_access_roles'] );
if ( $user_can && $custom_restrict ) {
$restricted = false;
+ if ( $on_single_page ) {
+ $this->allow_access = true;
+ }
+ }
+ }
+ } else {
+ if ( ! isset( $restriction['_um_noaccess_action'] ) || '0' == $restriction['_um_noaccess_action'] ) {
+ if ( UM()->options()->get( 'disable_restriction_pre_queries' ) || empty( $restriction['_um_access_hide_from_queries'] ) ) {
+ if ( $on_single_page ) {
+ $this->allow_access = true;
+ }
}
}
}
}
}
- $restricted = apply_filters( 'um_is_restricted_post', $restricted, $post_id );
+ $restricted = apply_filters( 'um_is_restricted_post', $restricted, $post_id, $on_single_page );
- $cache[ $post_id ] = $restricted;
+ if ( ! $ignore_cache ) {
+ $cache[ $post_id ] = $restricted;
+ }
return $restricted;
}
@@ -2054,29 +2153,36 @@ if ( ! class_exists( 'um\core\Access' ) ) {
*
* @param int $term_id
* @param bool $on_term_page
+ * @param bool $ignore_cache
* @return bool
*/
- function is_restricted_term( $term_id, $on_term_page = false ) {
+ function is_restricted_term( $term_id, $on_term_page = false, $ignore_cache = false ) {
static $cache = array();
- if ( isset( $cache[ $term_id ] ) ) {
+ if ( isset( $cache[ $term_id ] ) && ! $ignore_cache ) {
return $cache[ $term_id ];
}
if ( current_user_can( 'administrator' ) ) {
- $cache[ $term_id ] = false;
+ if ( ! $ignore_cache ) {
+ $cache[ $term_id ] = false;
+ }
return false;
}
$restricted_taxonomies = UM()->options()->get( 'restricted_access_taxonomy_metabox' );
if ( empty( $restricted_taxonomies ) ) {
- $cache[ $term_id ] = false;
+ if ( ! $ignore_cache ) {
+ $cache[ $term_id ] = false;
+ }
return false;
}
$term = get_term( $term_id );
if ( empty( $term->taxonomy ) || empty( $restricted_taxonomies[ $term->taxonomy ] ) ) {
- $cache[ $term_id ] = false;
+ if ( ! $ignore_cache ) {
+ $cache[ $term_id ] = false;
+ }
return false;
}
@@ -2134,7 +2240,9 @@ if ( ! class_exists( 'um\core\Access' ) ) {
$restricted = apply_filters( 'um_is_restricted_term', $restricted, $term_id, $on_term_page );
- $cache[ $term_id ] = $restricted;
+ if ( ! $ignore_cache ) {
+ $cache[ $term_id ] = $restricted;
+ }
return $restricted;
}
}
diff --git a/includes/core/class-builtin.php b/includes/core/class-builtin.php
index a296437a..6f99deb2 100644
--- a/includes/core/class-builtin.php
+++ b/includes/core/class-builtin.php
@@ -1057,6 +1057,56 @@ if ( ! class_exists( 'um\core\Builtin' ) ) {
'validate' => 'discord',
),
+ 'tiktok' => array(
+ 'title' => __('TikTok','ultimate-member'),
+ 'metakey' => 'tiktok',
+ 'type' => 'url',
+ 'label' => __('TikTok','ultimate-member'),
+ 'required' => 0,
+ 'public' => 1,
+ 'editable' => 1,
+ 'url_target' => '_blank',
+ 'url_rel' => 'nofollow',
+ 'validate' => 'tiktok_url',
+ 'url_text' => 'TikTok',
+ 'advanced' => 'social',
+ 'match' => 'https://tiktok.com/@',
+ ),
+
+ 'twitch' => array(
+ 'title' => __('Twitch','ultimate-member'),
+ 'metakey' => 'twitch',
+ 'type' => 'url',
+ 'label' => __('Twitch','ultimate-member'),
+ 'required' => 0,
+ 'public' => 1,
+ 'editable' => 1,
+ 'icon' => 'um-faicon-twitch',
+ 'url_target' => '_blank',
+ 'url_rel' => 'nofollow',
+ 'validate' => 'twitch_url',
+ 'url_text' => 'Twitch',
+ 'advanced' => 'social',
+ 'match' => 'https://twitch.tv/',
+ ),
+
+ 'reddit' => array(
+ 'title' => __('Reddit','ultimate-member'),
+ 'metakey' => 'reddit',
+ 'type' => 'url',
+ 'label' => __('Reddit','ultimate-member'),
+ 'required' => 0,
+ 'public' => 1,
+ 'editable' => 1,
+ 'icon' => 'um-icon-social-reddit',
+ 'url_target' => '_blank',
+ 'url_rel' => 'nofollow',
+ 'validate' => 'reddit_url',
+ 'url_text' => 'Reddit',
+ 'advanced' => 'social',
+ 'match' => 'https://www.reddit.com/user/',
+ ),
+
'youtube' => array(
'title' => __( 'YouTube', 'ultimate-member' ),
'metakey' => 'youtube',
@@ -1463,31 +1513,34 @@ if ( ! class_exists( 'um\core\Builtin' ) ) {
*/
function validation_types() {
- $array[0] = __('None','ultimate-member');
- $array['alphabetic'] = __('Alphabetic value only','ultimate-member');
- $array['alpha_numeric'] = __('Alpha-numeric value','ultimate-member');
- $array['english'] = __('English letters only','ultimate-member');
- $array['facebook_url'] = __('Facebook URL','ultimate-member');
- $array['google_url'] = __('Google+ URL','ultimate-member');
- $array['instagram_url'] = __('Instagram URL','ultimate-member');
- $array['linkedin_url'] = __('LinkedIn URL','ultimate-member');
- $array['vk_url'] = __('VKontakte URL','ultimate-member');
- $array['lowercase'] = __('Lowercase only','ultimate-member');
- $array['numeric'] = __('Numeric value only','ultimate-member');
- $array['phone_number'] = __('Phone Number','ultimate-member');
- $array['skype'] = __('Skype ID','ultimate-member');
- $array['soundcloud'] = __( 'SoundCloud Profile', 'ultimate-member' );
- $array['twitter_url'] = __('Twitter URL','ultimate-member');
- $array['is_email'] = __('E-mail( Not Unique )','ultimate-member');
- $array['unique_email'] = __('Unique E-mail','ultimate-member');
- $array['unique_value'] = __('Unique Metakey value','ultimate-member');
- $array['unique_username'] = __('Unique Username','ultimate-member');
+ $array[0] = __('None','ultimate-member');
+ $array['alphabetic'] = __('Alphabetic value only','ultimate-member');
+ $array['alpha_numeric'] = __('Alpha-numeric value','ultimate-member');
+ $array['english'] = __('English letters only','ultimate-member');
+ $array['facebook_url'] = __('Facebook URL','ultimate-member');
+ $array['google_url'] = __('Google+ URL','ultimate-member');
+ $array['instagram_url'] = __('Instagram URL','ultimate-member');
+ $array['linkedin_url'] = __('LinkedIn URL','ultimate-member');
+ $array['vk_url'] = __('VKontakte URL','ultimate-member');
+ $array['lowercase'] = __('Lowercase only','ultimate-member');
+ $array['numeric'] = __('Numeric value only','ultimate-member');
+ $array['phone_number'] = __('Phone Number','ultimate-member');
+ $array['skype'] = __('Skype ID','ultimate-member');
+ $array['soundcloud'] = __( 'SoundCloud Profile', 'ultimate-member' );
+ $array['twitter_url'] = __('Twitter URL','ultimate-member');
+ $array['is_email'] = __('E-mail( Not Unique )','ultimate-member');
+ $array['unique_email'] = __('Unique E-mail','ultimate-member');
+ $array['unique_value'] = __('Unique Metakey value','ultimate-member');
+ $array['unique_username'] = __('Unique Username','ultimate-member');
$array['unique_username_or_email'] = __('Unique Username/E-mail','ultimate-member');
- $array['url'] = __('Website URL','ultimate-member');
- $array['youtube_url'] = __('YouTube Profile','ultimate-member');
- $array['telegram_url'] = __('Telegram URL','ultimate-member');
- $array['discord'] = __('Discord ID','ultimate-member');
- $array['custom'] = __('Custom Validation','ultimate-member');
+ $array['url'] = __('Website URL','ultimate-member');
+ $array['youtube_url'] = __('YouTube Profile','ultimate-member');
+ $array['telegram_url'] = __('Telegram URL','ultimate-member');
+ $array['discord'] = __('Discord ID','ultimate-member');
+ $array['tiktok_url'] = __('TikTok URL','ultimate-member');
+ $array['twitch_url'] = __('Twitch URL','ultimate-member');
+ $array['reddit_url'] = __('Reddit URL','ultimate-member');
+ $array['custom'] = __('Custom Validation','ultimate-member');
/**
* UM hook
diff --git a/includes/core/class-fields.php b/includes/core/class-fields.php
index 8ed31ee5..2eb5525f 100644
--- a/includes/core/class-fields.php
+++ b/includes/core/class-fields.php
@@ -1736,6 +1736,28 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
}
+ /**
+ * UM hook
+ *
+ * @type filter
+ * @title um_get_field_date
+ * @description Extend field date
+ * @input_vars
+ * [{"var":"$data","type":"array","desc":"Field Date Data"}]
+ * @change_log
+ * ["Since: 2.5.4"]
+ * @usage add_filter( 'um_get_field_date', 'function_name', 10, 1 );
+ * @example
+ *
+ */
+ $array = apply_filters( 'um_get_field_date', $array );
+
break;
case 'time':
diff --git a/includes/core/class-form.php b/includes/core/class-form.php
index 99476051..11e3159e 100644
--- a/includes/core/class-form.php
+++ b/includes/core/class-form.php
@@ -645,7 +645,24 @@ if ( ! class_exists( 'um\core\Form' ) ) {
break;
case 'textarea':
if ( ! empty( $field['html'] ) || ( UM()->profile()->get_show_bio_key( $form ) === $k && UM()->options()->get( 'profile_show_html_bio' ) ) ) {
- $form[ $k ] = wp_kses_post( $form[ $k ] );
+ $allowed_html = UM()->get_allowed_html( 'templates' );
+ if ( empty( $allowed_html['iframe'] ) ) {
+ $allowed_html['iframe'] = array(
+ 'allow' => true,
+ 'frameborder' => true,
+ 'loading' => true,
+ 'name' => true,
+ 'referrerpolicy' => true,
+ 'sandbox' => true,
+ 'src' => true,
+ 'srcdoc' => true,
+ 'title' => true,
+ 'width' => true,
+ 'height' => true,
+ 'allowfullscreen' => true,
+ );
+ }
+ $form[ $k ] = wp_kses( $form[ $k ], $allowed_html );
} else {
$form[ $k ] = sanitize_textarea_field( $form[ $k ] );
}
diff --git a/includes/core/um-actions-form.php b/includes/core/um-actions-form.php
index 16adb5d5..ce961498 100644
--- a/includes/core/um-actions-form.php
+++ b/includes/core/um-actions-form.php
@@ -620,7 +620,7 @@ function um_submit_form_errors_hook_( $args ) {
}
}
- if ( isset( $array['force_good_pass'] ) && $array['force_good_pass'] == 1 ) {
+ if ( isset( $array['force_good_pass'] ) && $array['force_good_pass'] && ! empty( $args['user_password'] ) ) {
if ( isset( $args['user_login'] ) && strpos( strtolower( $args['user_login'] ), strtolower( $args['user_password'] ) ) > -1 ) {
UM()->form()->add_error( 'user_password', __( 'Your password cannot contain the part of your username', 'ultimate-member' ));
}
@@ -770,6 +770,27 @@ function um_submit_form_errors_hook_( $args ) {
}
break;
+ case 'tiktok_url':
+
+ if ( ! UM()->validation()->is_url( $args[ $key ], 'tiktok.com' ) ) {
+ UM()->form()->add_error( $key, sprintf( __( 'Please enter a valid %s profile URL', 'ultimate-member' ), $array['label'] ) );
+ }
+ break;
+
+ case 'twitch_url':
+
+ if ( ! UM()->validation()->is_url( $args[ $key ], 'twitch.tv' ) ) {
+ UM()->form()->add_error( $key, sprintf( __( 'Please enter a valid %s profile URL', 'ultimate-member' ), $array['label'] ) );
+ }
+ break;
+
+ case 'reddit_url':
+
+ if ( ! UM()->validation()->is_url( $args[ $key ], 'reddit.com' ) ) {
+ UM()->form()->add_error( $key, sprintf( __( 'Please enter a valid %s profile URL', 'ultimate-member' ), $array['label'] ) );
+ }
+ break;
+
case 'url':
if ( ! UM()->validation()->is_url( $args[ $key ] ) ) {
UM()->form()->add_error( $key, __( 'Please enter a valid URL', 'ultimate-member' ) );
@@ -878,7 +899,7 @@ function um_submit_form_errors_hook_( $args ) {
}
}
break;
-
+
case 'alphabetic':
if ( $args[ $key ] != '' ) {
@@ -886,7 +907,7 @@ function um_submit_form_errors_hook_( $args ) {
if ( ! preg_match( '/^\p{L}+$/u', str_replace( ' ', '', $args[ $key ] ) ) ) {
UM()->form()->add_error( $key, __( 'You must provide alphabetic letters', 'ultimate-member' ) );
}
-
+
}
break;
diff --git a/includes/core/um-filters-fields.php b/includes/core/um-filters-fields.php
index 29527944..73e280e4 100644
--- a/includes/core/um-filters-fields.php
+++ b/includes/core/um-filters-fields.php
@@ -434,6 +434,9 @@ function um_profile_field_filter_hook__( $value, $data, $type = '' ) {
if ( $data['validate'] == 'linkedin_url' ) $value = 'https://linkedin.com/' . $value;
if ( $data['validate'] == 'googleplus_url' ) $value = 'https://plus.google.com/' . $value;
if ( $data['validate'] == 'instagram_url' ) $value = 'https://instagram.com/' . $value;
+ if ( $data['validate'] == 'tiktok_url' ) $value = 'https://tiktok.com/' . $value;
+ if ( $data['validate'] == 'twitch_url' ) $value = 'https://twitch.tv/' . $value;
+ if ( $data['validate'] == 'reddit_url' ) $value = 'https://www.reddit.com/user/' . $value;
if ( $data['validate'] == 'vk_url' ) $value = 'https://vk.com/' . $value;
}
diff --git a/readme.txt b/readme.txt
index 40281b63..4e89395b 100644
--- a/readme.txt
+++ b/readme.txt
@@ -1,4 +1,4 @@
-=== Ultimate Member – User Profile, User Registration, Login & Membership Plugin ===
+=== Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin ===
Author URI: https://ultimatemember.com/
Plugin URI: https://ultimatemember.com/
Contributors: ultimatemember, champsupertramp, nsinelnikov
@@ -7,11 +7,11 @@ Tags: community, member, membership, user-profile, user-registration
Requires PHP: 5.6
Requires at least: 5.0
Tested up to: 6.1
-Stable tag: 2.5.3
+Stable tag: 2.5.4
License: GNU Version 2 or Any Later Version
License URI: http://www.gnu.org/licenses/gpl-3.0.txt
-The #1 plugin for front-end user profiles, user registration & login forms, member directories, content restriction and more.
+The #1 plugin for front-end user profiles, user registration & login forms, member directories, content restriction, user roles and more.
== Description ==
@@ -163,6 +163,23 @@ No, you do not need to use our plugin’s login or registration pages and can us
* To learn more about version 2.1 please see this [docs](https://docs.ultimatemember.com/article/1512-upgrade-2-1-0)
* UM2.1+ is a significant update to the Member Directories' code base from 2.0.x. Please make sure you take a full-site backup with restore point before updating the plugin
+= 2.5.4: February 17, 2023 =
+
+* Enhancements:
+
+ - Added: TikTok, Twitch and Reddit fields
+ - Added: Handler of restriction settings for blog page
+ - Added: Support of the `` inside textarea with enabled the "HTML using" option
+ - Added: 'um_get_field_date' hook for filtering date fields
+ - Added: `UM()->get_allowed_html()` function for using it inside wp_kses allowed HTML tags
+
+* Bugfixes:
+
+ - Fixed: Redirect to some links when content is restricted. Using `esc_url_raw()` instead of `esc_url()` for redirect to URLs inside class-access.php
+ - Fixed: Handle restriction settings for attachments, later hook is used for checking capabilities through `current_user_can()`
+ - Fixed: Honeypot triggering in password reset, when not set
+ - Fixed: Small PHP notices and warnings
+
= 2.5.3: December 19, 2022 =
* Bugfixes:
diff --git a/templates/profile.php b/templates/profile.php
index e1fe66f6..7ca2fb9e 100644
--- a/templates/profile.php
+++ b/templates/profile.php
@@ -265,4 +265,4 @@
do_action( 'um_profile_footer', $args ); ?>
-
\ No newline at end of file
+
diff --git a/templates/restricted-blog.php b/templates/restricted-blog.php
new file mode 100644
index 00000000..5f682323
--- /dev/null
+++ b/templates/restricted-blog.php
@@ -0,0 +1,39 @@
+queried_object = UM()->access()->maybe_replace_title( $post );
+
+get_header();
+?>
+
+
+
+
+
+
+
+
+ ID, 'um_content_restriction', true );
+
+ if ( ! isset( $restriction['_um_restrict_by_custom_message'] ) || '0' == $restriction['_um_restrict_by_custom_message'] ) {
+ $restricted_global_message = UM()->options()->get( 'restricted_access_message' );
+ $message = stripslashes( $restricted_global_message );
+ } elseif ( '1' == $restriction['_um_restrict_by_custom_message'] ) {
+ $message = ! empty( $restriction['_um_restrict_custom_message'] ) ? stripslashes( $restriction['_um_restrict_custom_message'] ) : '';
+ }
+
+ // translators: %s: Restricted blog page message.
+ printf( __( '%s', 'ultimate-member' ), $message );
+ ?>
+
+
+
+
+