- removed Secure admin notice;

- changed Secure to Security;
This commit is contained in:
Mykyta Synelnikov
2024-02-14 15:23:03 +02:00
parent 53bde16d12
commit 457c66791b
7 changed files with 9 additions and 50 deletions
+2 -2
View File
@@ -584,8 +584,8 @@ final class Enqueue extends \um\common\Enqueue {
wp_enqueue_style( 'um_admin_roles' );
} elseif ( 'ultimate-member_page_um_options' === $hook ) {
// phpcs:ignore WordPress.Security.NonceVerification
if ( isset( $_GET['tab'], $_GET['section'] ) && 'advanced' === $_GET['tab'] && 'secure' === $_GET['section'] ) {
wp_register_script( 'um_admin_secure', $js_url . 'admin/secure' . $suffix . '.js', array( 'jquery', 'wp-i18n' ), UM_VERSION, true );
if ( isset( $_GET['tab'], $_GET['section'] ) && 'advanced' === $_GET['tab'] && 'security' === $_GET['section'] ) {
wp_register_script( 'um_admin_secure', $js_url . 'admin/security' . $suffix . '.js', array( 'jquery', 'wp-i18n' ), UM_VERSION, true );
wp_set_script_translations( 'um_admin_secure', 'ultimate-member' );
wp_enqueue_script( 'um_admin_secure' );
}
+2 -7
View File
@@ -90,11 +90,6 @@ if ( ! class_exists( 'um\admin\Secure' ) ) {
*/
public function admin_init() {
global $wpdb;
// Dismiss admin notice after the first visit to Secure settings page.
if ( isset( $_REQUEST['page'], $_REQUEST['tab'], $_REQUEST['section'] ) && 'um_options' === sanitize_key( $_REQUEST['page'] ) && 'advanced' === sanitize_key( $_REQUEST['tab'] ) && 'secure' === sanitize_key( $_REQUEST['section'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification
UM()->admin()->notices()->dismiss( 'secure_settings' );
}
if ( isset( $_REQUEST['um_secure_expire_all_sessions'] ) && ! wp_doing_ajax() ) {
if ( ! wp_verify_nonce( $_REQUEST['_wpnonce'], 'um-secure-expire-session-nonce' ) || ! current_user_can( 'manage_options' ) ) {
// This nonce is not valid or current logged-in user has no administrative rights.
@@ -300,8 +295,8 @@ if ( ! class_exists( 'um\admin\Secure' ) ) {
)
);
$settings['advanced']['sections']['secure'] = array(
'title' => __( 'Secure', 'ultimate-member' ),
$settings['advanced']['sections']['security'] = array(
'title' => __( 'Security', 'ultimate-member' ),
'description' => __( 'This feature scans for suspicious registered accounts, bans the usage of administrative capabilities to site subscribers/members, allows the website administrators to force all users to reset their passwords, preventing users from logging-in using their old passwords that may have been exposed.', 'ultimate-member' ),
'fields' => $secure_fields,
);
+3 -39
View File
@@ -31,8 +31,6 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
add_action( 'wp_ajax_um_dismiss_notice', array( &$this, 'dismiss_notice' ) );
add_action( 'admin_init', array( &$this, 'force_dismiss_notice' ) );
add_action( 'current_screen', array( &$this, 'create_list_for_screen' ) );
}
/**
@@ -82,13 +80,6 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
do_action( 'um_admin_create_notices' );
}
public function create_list_for_screen() {
if ( UM()->admin()->screen()->is_own_screen() ) {
$this->secure_settings();
}
}
/**
* @return array
*/
@@ -838,39 +829,12 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
}
}
/**
* First time installed Secure settings.
*/
public function secure_settings() {
ob_start();
?>
<p>
<strong><?php esc_html_e( 'Important Update', 'ultimate-member' ); ?></strong><br/>
<?php esc_html_e( 'Ultimate Member has a new additional feature to secure your Ultimate Member forms to prevent attacks from injecting accounts with administrative roles &amp; capabilities.', 'ultimate-member' ); ?>
</p>
<p>
<a class="button button-primary" href="<?php echo esc_attr( admin_url( 'admin.php?page=um_options&tab=advanced&section=secure&um_dismiss_notice=secure_settings&um_admin_nonce=' . wp_create_nonce( 'um-admin-nonce' ) ) ); ?>"><?php esc_html_e( 'Manage Security Settings', 'ultimate-member' ); ?></a>
<a class="button" target="_blank" href="https://docs.ultimatemember.com/article/1869-security-feature"><?php esc_html_e( 'Read the documentation', 'ultimate-member' ); ?></a>
</p>
<?php
$message = ob_get_clean();
$this->add_notice(
'secure_settings',
array(
'class' => 'warning',
'message' => $message,
'dismissible' => true,
),
1
);
}
public function common_secure() {
if ( UM()->options()->get( 'lock_register_forms' ) ) {
ob_start();
?>
<p>
<?php esc_html_e( 'Your Register forms are now locked. You can unlock them in Ultimate Member > Settings > Secure > Lock All Register Forms.', 'ultimate-member' ); ?>
<?php esc_html_e( 'Your Register forms are now locked. You can unlock them in Ultimate Member > Settings > Advanced > Security > Lock All Register Forms.', 'ultimate-member' ); ?>
</p>
<?php
$message = ob_get_clean();
@@ -889,7 +853,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
ob_start();
?>
<p>
<?php esc_html_e( 'Mandatory password changes has been enabled. You can disable them in Ultimate Member > Settings > Secure > Display Login form notice to reset passwords.', 'ultimate-member' ); ?>
<?php esc_html_e( 'Mandatory password changes has been enabled. You can disable them in Ultimate Member > Settings > Advanced > Security > Display Login form notice to reset passwords.', 'ultimate-member' ); ?>
</p>
<?php
$message = ob_get_clean();
@@ -908,7 +872,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
ob_start();
?>
<p>
<?php esc_html_e( 'Ban for administrative capabilities is enabled. You can disable them in Ultimate Member > Settings > Secure > Enable ban for administrative capabilities.', 'ultimate-member' ); ?>
<?php esc_html_e( 'Ban for administrative capabilities is enabled. You can disable them in Ultimate Member > Settings > Advanced > Security > Enable ban for administrative capabilities.', 'ultimate-member' ); ?>
</p>
<?php
$message = ob_get_clean();