diff --git a/assets/css/um-styles.css b/assets/css/um-styles.css index a0826f6b..b2aa1265 100644 --- a/assets/css/um-styles.css +++ b/assets/css/um-styles.css @@ -765,3 +765,18 @@ small.um-max-filesize span{ background-repeat: no-repeat; background-size: 24px 24px; } + +.um-search-area { + position: relative; + max-width: 300px; +} + +.um-search-area .um-search-field { + width: 100%; +} + +.um-search-area .um-search-icon { + position: absolute; + top: 7px; + right: 10px; +} diff --git a/assets/js/um-scripts.js b/assets/js/um-scripts.js index 39b8593d..0bf86eb4 100644 --- a/assets/js/um-scripts.js +++ b/assets/js/um-scripts.js @@ -288,4 +288,8 @@ jQuery(document).ready(function() { return false; }); + jQuery(document).on('click', '#um-search-button', function() { + jQuery(this).parents('form').submit(); + }); + }); diff --git a/core/um-actions-login.php b/core/um-actions-login.php index 682db10e..3ba247af 100644 --- a/core/um-actions-login.php +++ b/core/um-actions-login.php @@ -6,24 +6,24 @@ add_action('um_submit_form_errors_hook_login', 'um_submit_form_errors_hook_login', 10); function um_submit_form_errors_hook_login( $args ){ global $ultimatemember; - + $is_email = false; - + $form_id = $args['form_id']; $mode = $args['mode']; if ( isset( $args['username'] ) && $args['username'] == '' ) { $ultimatemember->form->add_error( 'username', __('Please enter your username or email','ultimatemember') ); } - + if ( isset( $args['user_login'] ) && $args['user_login'] == '' ) { $ultimatemember->form->add_error( 'user_login', __('Please enter your username','ultimatemember') ); } - + if ( isset( $args['user_email'] ) && $args['user_email'] == '' ) { $ultimatemember->form->add_error( 'user_email', __('Please enter your email','ultimatemember') ); } - + if ( isset( $args['username'] ) ) { $field = 'username'; if ( is_email( $args['username'] ) ) { @@ -42,7 +42,7 @@ $field = 'user_login'; $user_name = $args['user_login']; } - + if ( !username_exists( $user_name ) ) { if ( $is_email ) { $ultimatemember->form->add_error( $field, __(' Sorry, we can\'t find an account with that email address','ultimatemember') ); @@ -54,23 +54,52 @@ $ultimatemember->form->add_error( 'user_password', __('Please enter your password','ultimatemember') ); } } - + $user = get_user_by( 'login', $user_name ); if ( $user && wp_check_password( $args['user_password'], $user->data->user_pass, $user->ID) ) { $ultimatemember->login->auth_id = username_exists( $user_name ); } else { $ultimatemember->form->add_error( 'user_password', __('Password is incorrect. Please try again.','ultimatemember') ); } - + + // add a way for other plugins like wp limit login + // to limit the login attempts + $user = apply_filters( 'authenticate', null, $user_name, $args['user_password'] ); + + // if there is an error notify wp + if( $ultimatemember->form->has_error( $field ) || $ultimatemember->form->has_error( $user_password ) ) { + do_action( 'wp_login_failed', $user_name ); + } } - + + /** + * Display the login errors from other plugins + */ + add_action( 'um_before_login_fields', 'um_display_login_errors' ); + function um_display_login_errors( $args ) { + global $ultimatemember; + + if( $ultimatemember->form->count_errors() > 0 ) { + $error = array_values( $ultimatemember->form->errors ); + $error = array_shift( $error ); + } + + // hook for other plugins to display error + $errors = trim( apply_filters( 'login_errors', $error ) ); + + if( trim( $errors ) ) + { + echo '
' . $errors . '
'; + } + } + /*** *** @login checks thru the frontend login ***/ add_action('um_submit_form_errors_hook_logincheck', 'um_submit_form_errors_hook_logincheck', 9999 ); function um_submit_form_errors_hook_logincheck($args){ global $ultimatemember; - + // Logout if logged in if ( is_user_logged_in() ) { wp_logout(); @@ -78,10 +107,10 @@ $user_id = ( isset( $ultimatemember->login->auth_id ) ) ? $ultimatemember->login->auth_id : ''; um_fetch_user( $user_id ); - + $status = um_user('account_status'); // account status switch( $status ) { - + // If user can't login to site... case 'inactive': case 'awaiting_admin_review': @@ -90,15 +119,15 @@ um_reset_user(); exit( wp_redirect( add_query_arg( 'err', esc_attr( $status ), $ultimatemember->permalinks->get_current_url() ) ) ); break; - + } - + if ( isset( $args['form_id'] ) && $args['form_id'] == $ultimatemember->shortcodes->core_login_form() && $ultimatemember->form->errors && !isset( $_POST[ $ultimatemember->honeypot ] ) ) { exit( wp_redirect( um_get_core_page('login') ) ); } - + } - + /*** *** @store last login timestamp ***/ @@ -107,7 +136,7 @@ delete_user_meta( $user_id, '_um_last_login' ); update_user_meta( $user_id, '_um_last_login', current_time( 'timestamp' ) ); } - + add_action( 'wp_login', 'um_store_lastlogin_timestamp_' ); function um_store_lastlogin_timestamp_( $login ) { $user = get_user_by('login',$login); @@ -115,7 +144,7 @@ delete_user_meta( $user_id, '_um_last_login' ); update_user_meta( $user_id, '_um_last_login', current_time( 'timestamp' ) ); } - + /*** *** @login user ***/ @@ -125,57 +154,57 @@ extract( $args ); $rememberme = ( isset($args['rememberme']) ) ? 1 : 0; - + if ( um_get_option('deny_admin_frontend_login') && strstr( um_user('wp_roles' ), 'administrator' ) ) wp_die( __('This action has been prevented for security measures.','ultimatemember') ); - + $ultimatemember->user->auto_login( um_user('ID'), $rememberme ); - + // Hook that runs after successful login and before user is redirected do_action('um_on_login_before_redirect', um_user('ID') ); - + // Priority redirect if ( isset( $args['redirect_to'] ) && ! empty( $args['redirect_to'] ) ) { exit( wp_redirect( urldecode( $args['redirect_to'] ) ) ); } - + // Role redirect $after = um_user('after_login'); switch( $after ) { - + case 'redirect_admin': exit( wp_redirect( admin_url() ) ); break; - + case 'redirect_profile': exit( wp_redirect( um_user_profile_url() ) ); break; - + case 'redirect_url': exit( wp_redirect( um_user('login_redirect_url') ) ); break; - + case 'refresh': exit( wp_redirect( $ultimatemember->permalinks->get_current_url() ) ); break; - + } - + } - + /*** *** @form processing ***/ add_action('um_submit_form_login', 'um_submit_form_login', 10); function um_submit_form_login($args){ global $ultimatemember; - + if ( !isset($ultimatemember->form->errors) ) { do_action( 'um_user_login', $args ); } - + do_action('um_user_login_extra_hook', $args ); - + } /*** @@ -187,18 +216,18 @@ // DO NOT add when reviewing user's details if ( $ultimatemember->user->preview == true && is_admin() ) return; - + $primary_btn_word = $args['primary_btn_word']; $primary_btn_word = apply_filters('um_login_form_button_one', $primary_btn_word, $args ); - + $secondary_btn_word = $args['secondary_btn_word']; $secondary_btn_word = apply_filters('um_login_form_button_two', $secondary_btn_word, $args ); - + $secondary_btn_url = ( isset( $args['secondary_btn_url'] ) && $args['secondary_btn_url'] ) ? $args['secondary_btn_url'] : um_get_core_page('register'); $secondary_btn_url = apply_filters('um_login_form_button_two_url', $secondary_btn_url, $args ); - + ?> - + - + - + - + fields->display( 'login', $args ); - - } \ No newline at end of file + + } diff --git a/core/um-actions-password.php b/core/um-actions-password.php index c0434708..f2cf8723 100644 --- a/core/um-actions-password.php +++ b/core/um-actions-password.php @@ -1,5 +1,5 @@ user_email; @@ -19,15 +19,15 @@ $ultimatemember->password->reset_request['user_id'] = $data->ID; $ultimatemember->password->reset_request['user_email'] = $user_email; - + um_fetch_user( $data->ID ); - + $ultimatemember->user->password_reset(); um_reset_user(); - + } - + /*** *** @process a change request ***/ @@ -37,32 +37,32 @@ extract( $args ); wp_set_password( $args['user_password'], $args['user_id'] ); - + delete_user_meta( $args['user_id'], 'reset_pass_hash'); delete_user_meta( $args['user_id'], 'reset_pass_hash_token'); delete_user_meta( $args['user_id'], 'password_rst_attempts'); do_action('um_after_changing_user_password', $args['user_id'] ); - - + + if ( is_user_logged_in() ) { wp_logout(); } - + exit( wp_redirect( um_get_core_page('login', 'password_changed') ) ); - + } - + /** * Overrides password changed notification - * + * */ function um_send_password_change_email( $args ){ global $ultimatemember; um_fetch_user( $user_id ); - + $ultimatemember->user->password_changed(); um_reset_user(); @@ -70,7 +70,7 @@ return false; } - + /*** *** @This is executed after changing password ***/ @@ -79,20 +79,20 @@ global $ultimatemember; } - + /*** *** @Error handler: reset password ***/ add_action('um_reset_password_errors_hook','um_reset_password_errors_hook'); function um_reset_password_errors_hook( $args ) { global $ultimatemember; - + if ( $_POST[ $ultimatemember->honeypot ] != '' ) wp_die('Hello, spam bot!'); $form_timestamp = trim($_POST['timestamp']); $live_timestamp = current_time( 'timestamp' ); - + if ( $form_timestamp == '' && um_get_option('enable_timebot') == 1 ) wp_die( __('Hello, spam bot!') ); @@ -102,9 +102,9 @@ if ( strlen(trim( $_POST['username_b'] ) ) == 0 ) { $ultimatemember->form->add_error('username_b', __('Please provide your username or email','ultimatemember') ); } - + $user = $_POST['username_b']; - + if ( ( !is_email( $user ) && !username_exists( $user ) ) || ( is_email( $user ) && !email_exists( $user ) ) ) { $ultimatemember->form->add_error('username_b', __('We can\'t find an account registered with that address or username','ultimatemember') ); } else { @@ -120,38 +120,38 @@ update_user_meta( $user_id, 'password_rst_attempts', $attempts + 1 ); } } - + } - + /*** *** @Error handler: changing password ***/ add_action('um_change_password_errors_hook','um_change_password_errors_hook'); function um_change_password_errors_hook( $args ) { global $ultimatemember; - + if ( $_POST[ $ultimatemember->honeypot ] != '' ) wp_die('Hello, spam bot!'); $form_timestamp = trim($_POST['timestamp']); $live_timestamp = current_time( 'timestamp' ); - + if ( $form_timestamp == '' && um_get_option('enable_timebot') == 1 ) wp_die( __('Hello, spam bot!') ); if ( $live_timestamp - $form_timestamp < 3 && um_get_option('enable_timebot') == 1 ) wp_die( __('Whoa, slow down! You\'re seeing this message because you tried to submit a form too fast and we think you might be a spam bot. If you are a real human being please wait a few seconds before submitting the form. Thanks!') ); - + if ( !$args['user_password'] ) { $ultimatemember->form->add_error('user_password', __('You must enter a new password','ultimatemember') ); } if ( um_get_option('reset_require_strongpass') ) { - + if ( strlen( utf8_decode( $args['user_password'] ) ) < 8 ) { $ultimatemember->form->add_error('user_password', __('Your password must contain at least 8 characters','ultimatemember') ); } - + if ( strlen( utf8_decode( $args['user_password'] ) ) > 30 ) { $ultimatemember->form->add_error('user_password', __('Your password must contain less than 30 characters','ultimatemember') ); } @@ -159,99 +159,101 @@ if ( !$ultimatemember->validation->strong_pass( $args['user_password'] ) ) { $ultimatemember->form->add_error('user_password', __('Your password must contain at least one lowercase letter, one capital letter and one number','ultimatemember') ); } - + } if ( !$args['confirm_user_password'] ) { $ultimatemember->form->add_error('confirm_user_password', __('You must confirm your new password','ultimatemember') ); } - + if ( $args['user_password'] != $args['confirm_user_password'] ) { $ultimatemember->form->add_error('confirm_user_password', __('Your passwords do not match','ultimatemember') ); } } - + /*** *** @hidden fields ***/ add_action('um_change_password_page_hidden_fields','um_change_password_page_hidden_fields'); function um_change_password_page_hidden_fields( $args ) { - + ?> - + - + - + - + - + builtin->get_specific_fields('password_reset_text,username_b'); ?> - + $data ) { $output .= $ultimatemember->fields->edit_field( $key, $data ); }echo $output; ?> - + + ++ + +
+ + "> + + + diff --git a/um-config.php b/um-config.php index c833e65d..7df81853 100644 --- a/um-config.php +++ b/um-config.php @@ -1594,6 +1594,30 @@ foreach( $tabs as $id => $tab ) { 'off' => __('Off','ultimatemember'), ); + $tab_options[] = array( + 'id' => 'profile_tab_' . $id . '_privacy', + 'type' => 'select', + 'select2' => array( 'allowClear' => 0, 'minimumResultsForSearch' => -1 ), + 'title' => sprintf( __( 'Who can see %s Tab?','ultimatemember' ), $tab ), + 'desc' => __( 'Select which users can view this tab.','ultimatemember' ), + 'default' => 0, + 'options' => $ultimatemember->profile->tabs_privacy(), + 'required' => array( 'profile_tab_' . $id, '=', 1 ), + ); + + $tab_options[] = array( + 'id' => 'profile_tab_' . $id . '_roles', + 'type' => 'select', + 'multi' => true, + 'select2' => array( 'allowClear' => 1, 'minimumResultsForSearch' => -1 ), + 'title' => __( 'Allowed roles','ultimatemember' ), + 'desc' => __( 'Select the the user roles allowed to view this tab.','ultimatemember' ), + 'default' => '', + 'options' => $ultimatemember->query->get_roles(), + 'placeholder' => __( 'Choose user roles...','ultimatemember' ), + 'required' => array( 'profile_tab_' . $id . '_privacy', '=', 4 ), + ); + } $tab_options[] = array( diff --git a/um-init.php b/um-init.php index 30be66f3..5ad179ad 100644 --- a/um-init.php +++ b/um-init.php @@ -58,6 +58,12 @@ class UM_API { __('This add-on enables you to link gravatar photos to user accounts with their email address.', 'ultimatemember'), ); + // include widgets + require_once um_path . 'core/widgets/um-search-widget.php'; + + // init widgets + add_action( 'widgets_init', array(&$this, 'widgets_init' ) ); + } /*** @@ -198,6 +204,10 @@ class UM_API { } + function widgets_init() { + register_widget( 'um_search_widget' ); + } + } -$ultimatemember = new UM_API(); \ No newline at end of file +$ultimatemember = new UM_API();