mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-07-11 18:56:10 +09:00
- fix ajax_resize_image()
This commit is contained in:
@@ -317,37 +317,31 @@ if ( ! class_exists( 'um\core\Files' ) ) {
|
||||
/**
|
||||
* Resize image AJAX handler
|
||||
*/
|
||||
function ajax_resize_image() {
|
||||
public function ajax_resize_image() {
|
||||
UM()->check_ajax_nonce();
|
||||
|
||||
/**
|
||||
* @var $key
|
||||
* @var $src
|
||||
* @var $coord
|
||||
* @var $user_id
|
||||
*/
|
||||
extract( $_REQUEST );
|
||||
$data = $_REQUEST; // phpcs:ignore WordPress.Security.NonceVerification
|
||||
|
||||
if ( ! isset( $src ) || ! isset( $coord ) ) {
|
||||
if ( ! isset( $data['src'] ) || ! isset( $data['coord'] ) ) {
|
||||
wp_send_json_error( esc_js( __( 'Invalid parameters', 'ultimate-member' ) ) );
|
||||
}
|
||||
|
||||
$coord_n = substr_count( $coord, "," );
|
||||
if ( $coord_n != 3 ) {
|
||||
$coord_n = substr_count( $data['coord'], ',' );
|
||||
if ( 3 !== $coord_n ) {
|
||||
wp_send_json_error( esc_js( __( 'Invalid coordinates', 'ultimate-member' ) ) );
|
||||
}
|
||||
|
||||
$user_id = empty( $_REQUEST['user_id'] ) ? get_current_user_id() : absint( $_REQUEST['user_id'] );
|
||||
$user_id = empty( $data['user_id'] ) ? get_current_user_id() : absint( $data['user_id'] );
|
||||
|
||||
UM()->fields()->set_id = isset( $_POST['set_id'] ) ? absint( $_POST['set_id'] ) : null;
|
||||
UM()->fields()->set_mode = isset( $_POST['set_mode'] ) ? sanitize_text_field( $_POST['set_mode'] ) : null;
|
||||
UM()->fields()->set_id = isset( $_POST['set_id'] ) ? absint( $_POST['set_id'] ) : null; // phpcs:ignore WordPress.Security.NonceVerification
|
||||
UM()->fields()->set_mode = isset( $_POST['set_mode'] ) ? sanitize_text_field( $_POST['set_mode'] ) : null; // phpcs:ignore WordPress.Security.NonceVerification
|
||||
|
||||
if ( UM()->fields()->set_mode != 'register' && ! UM()->roles()->um_current_user_can( 'edit', $user_id ) ) {
|
||||
if ( 'register' !== UM()->fields()->set_mode && ! UM()->roles()->um_current_user_can( 'edit', $user_id ) ) {
|
||||
$ret['error'] = esc_js( __( 'You have no permission to edit this user', 'ultimate-member' ) );
|
||||
wp_send_json_error( $ret );
|
||||
}
|
||||
|
||||
$src = esc_url_raw( $src );
|
||||
$src = esc_url_raw( $data['src'] );
|
||||
|
||||
$image_path = um_is_file_owner( $src, $user_id, true );
|
||||
if ( ! $image_path ) {
|
||||
@@ -355,7 +349,9 @@ if ( ! class_exists( 'um\core\Files' ) ) {
|
||||
}
|
||||
|
||||
UM()->uploader()->replace_upload_dir = true;
|
||||
$output = UM()->uploader()->resize_image( $image_path, $src, sanitize_text_field( $key ), $user_id, sanitize_text_field( $coord ) );
|
||||
|
||||
$output = UM()->uploader()->resize_image( $image_path, $src, sanitize_text_field( $data['key'] ), $user_id, sanitize_text_field( $data['coord'] ) );
|
||||
|
||||
UM()->uploader()->replace_upload_dir = false;
|
||||
|
||||
delete_option( "um_cache_userdata_{$user_id}" );
|
||||
|
||||
Reference in New Issue
Block a user