From 2fd759727b847f6eebb222089c7fb8db6537c44a Mon Sep 17 00:00:00 2001 From: Nikita Sinelnikov Date: Mon, 23 Aug 2021 17:13:39 +0300 Subject: [PATCH 1/4] - changed version; --- includes/core/class-form.php | 3 ++- readme.txt | 6 ++++++ ultimate-member.php | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/includes/core/class-form.php b/includes/core/class-form.php index d2410fa5..4d7dfa5b 100644 --- a/includes/core/class-form.php +++ b/includes/core/class-form.php @@ -312,7 +312,8 @@ if ( ! class_exists( 'um\core\Form' ) ) { /** * Return the errors as a WordPress Error object - * @return WP_Error + * + * @return \WP_Error */ function get_wp_error() { $wp_error = new \WP_Error(); diff --git a/readme.txt b/readme.txt index 1fe0148f..cab2520e 100644 --- a/readme.txt +++ b/readme.txt @@ -155,6 +155,12 @@ The plugin works with popular caching plugins by automatically excluding Ultimat * To learn more about version 2.1 please see this [docs](https://docs.ultimatemember.com/article/1512-upgrade-2-1-0) * UM2.1+ is a significant update to the Member Directories' code base from 2.0.x. Please make sure you take a full-site backup with restore point before updating the plugin += 2.2.4: September xx, 2021 = + +* Bugfixes: + + - Fixed: Handling the login form errors via \WP_Error + = 2.2.3: August 25, 2021 = * Enhancements: diff --git a/ultimate-member.php b/ultimate-member.php index 8a630fee..a415c156 100644 --- a/ultimate-member.php +++ b/ultimate-member.php @@ -3,7 +3,7 @@ Plugin Name: Ultimate Member Plugin URI: http://ultimatemember.com/ Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress -Version: 2.2.3 +Version: 2.2.4-alpha Author: Ultimate Member Author URI: http://ultimatemember.com/ Text Domain: ultimate-member From 6a5f2771fcb5f781de2e7885400bc1cfb9e7a59f Mon Sep 17 00:00:00 2001 From: Nikita Sinelnikov Date: Wed, 25 Aug 2021 14:55:22 +0300 Subject: [PATCH 2/4] - fixed leave review admin notice; --- includes/admin/assets/js/um-admin-global.js | 25 ++++---- includes/admin/core/class-admin-notices.php | 64 ++++++++------------- 2 files changed, 39 insertions(+), 50 deletions(-) diff --git a/includes/admin/assets/js/um-admin-global.js b/includes/admin/assets/js/um-admin-global.js index 54721a04..d0f5caf6 100644 --- a/includes/admin/assets/js/um-admin-global.js +++ b/includes/admin/assets/js/um-admin-global.js @@ -28,15 +28,6 @@ jQuery(document).ready(function() { jQuery(this).parents('.um-admin-notice').find( '.notice-dismiss' ).trigger('click'); }); - jQuery(document.body).on('click', '.um_opt_in_link', function (e) { - jQuery(this).parents('.um-admin-notice').find( '.notice-dismiss' ).trigger('click'); - }); - - - jQuery(document.body).on('click', '#um_opt_in_start', function (e) { - jQuery(this).parents('.um-admin-notice').find( '.notice-dismiss' ).trigger('click'); - }); - jQuery(document.body).on( 'click', '.um-admin-notice.is-dismissible .notice-dismiss', function(e) { var notice_key = jQuery(this).parents('.um-admin-notice').data('key'); @@ -50,10 +41,24 @@ jQuery(document).ready(function() { return true; }, error: function( data ) { + um_admin_dismiss_notice_fallback( notice_key ); return false; } }); }); -}); \ No newline at end of file +}); + +/** + * Dismiss fallback of ajax request + */ +function um_admin_dismiss_notice_fallback( notice_key ) { + var href_index = ""; + if ( window.location.href.indexOf("?") > -1 ) { + href_index = window.location.href + "&"; + } else { + href_index = window.location.href + "?"; + } + window.location.href = href_index + "um_dismiss_notice=" + notice_key + "&um_admin_nonce=" + um_admin_scripts.nonce; +} diff --git a/includes/admin/core/class-admin-notices.php b/includes/admin/core/class-admin-notices.php index 50d7fe51..f2b5aaf8 100644 --- a/includes/admin/core/class-admin-notices.php +++ b/includes/admin/core/class-admin-notices.php @@ -32,6 +32,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) { add_action( 'admin_notices', array( &$this, 'render_notices' ), 1 ); add_action( 'wp_ajax_um_dismiss_notice', array( &$this, 'dismiss_notice' ) ); + add_action( 'admin_init', array( &$this, 'force_dismiss_notice' ) ); } @@ -44,12 +45,11 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) { $this->exif_extension_notice(); $this->show_update_messages(); $this->check_wrong_install_folder(); - //$this->admin_notice_opt_in(); $this->need_upgrade(); $this->check_wrong_licenses(); // removed for now to avoid the bad reviews - //$this->reviews_notice(); + $this->reviews_notice(); //$this->future_changed(); @@ -483,44 +483,6 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) { } - /** - * Show admin notices - */ - public function admin_notice_opt_in() { - - if ( ! current_user_can( 'manage_options' ) ) { - return; - } - - //backward compatibility - $hide_notice = get_option( 'um_tracking_notice' ); - - if ( $hide_notice ) { - return; - } - - ob_start(); ?> - -

- %s! We hope you like the plugin. To fund full-time development and support of the plugin we also sell extensions. If you subscribe to our mailing list we will send you a 20%% discount code for one of our access passes.', 'ultimate-member' ), ultimatemember_plugin_name, 'https://ultimatemember.com/pricing/' ); ?> -

- -

- -   - -

- - add_notice( 'opt_in_notice', array( - 'class' => 'updated', - 'message' => $message, - 'dismissible' => true - ), 2 ); - } - - function check_wrong_licenses() { $invalid_license = 0; $arr_inactive_license_keys = array(); @@ -691,11 +653,33 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) { } $hidden_notices = get_option( 'um_hidden_admin_notices', array() ); + if ( ! is_array( $hidden_notices ) ) { + $hidden_notices = array(); + } + $hidden_notices[] = sanitize_key( $_POST['key'] ); update_option( 'um_hidden_admin_notices', $hidden_notices ); wp_send_json_success(); } + + + function force_dismiss_notice() { + if ( ! empty( $_REQUEST['um_dismiss_notice'] ) && ! empty( $_REQUEST['um_admin_nonce'] ) ) { + if ( wp_verify_nonce( $_REQUEST['um_admin_nonce'], 'um-admin-nonce' ) ) { + $hidden_notices = get_option( 'um_hidden_admin_notices', array() ); + if ( ! is_array( $hidden_notices ) ) { + $hidden_notices = array(); + } + + $hidden_notices[] = sanitize_key( $_REQUEST['um_dismiss_notice'] ); + + update_option( 'um_hidden_admin_notices', $hidden_notices ); + } else { + wp_die( __( 'Security Check', 'ultimate-member' ) ); + } + } + } } } From f1754e46797436ea5adffbd516e716e202427ec3 Mon Sep 17 00:00:00 2001 From: Nikita Sinelnikov Date: Thu, 26 Aug 2021 14:53:12 +0300 Subject: [PATCH 3/4] - Fixed: Hiding comments feed for pages with active comments - Fixed: Changing the post title to the restricted value while displaying in the loop that uses direct `post_title` variable - Fixed: PHP errors related to not passed function attributes from 3rd-party plugins or themes when using WP native hooks --- includes/core/class-access.php | 99 +++++++++++++++++++++++++--------- readme.txt | 3 ++ 2 files changed, 77 insertions(+), 25 deletions(-) diff --git a/includes/core/class-access.php b/includes/core/class-access.php index 92837eb6..9f117d53 100644 --- a/includes/core/class-access.php +++ b/includes/core/class-access.php @@ -106,7 +106,6 @@ if ( ! class_exists( 'um\core\Access' ) ) { add_action( 'um_access_check_individual_term_settings', array( &$this, 'um_access_check_individual_term_settings' ) ); add_action( 'um_access_check_global_settings', array( &$this, 'um_access_check_global_settings' ) ); - add_action( 'plugins_loaded', array( &$this, 'disable_restriction_pre_queries' ), 1 ); } @@ -498,7 +497,7 @@ if ( ! class_exists( 'um\core\Access' ) ) { * * @return object */ - function custom_count_posts_handler( $counts, $type, $perm ) { + function custom_count_posts_handler( $counts, $type = 'post', $perm = '' ) { if ( current_user_can( 'administrator' ) ) { return $counts; } @@ -597,17 +596,19 @@ if ( ! class_exists( 'um\core\Access' ) ) { /** * Exclude restricted posts in widgets * - * @param string $sql_where + * @param string $sql_where * @param array $parsed_args * * @return string */ - function exclude_restricted_posts_archives_widget( $sql_where, $parsed_args ) { + function exclude_restricted_posts_archives_widget( $sql_where, $parsed_args = array() ) { if ( current_user_can( 'administrator' ) ) { return $sql_where; } - $exclude_posts = $this->exclude_posts_array( false, $parsed_args['post_type'] ); + $post_type = ! empty( $parsed_args['post_type'] ) ? $parsed_args['post_type'] : false; + + $exclude_posts = $this->exclude_posts_array( false, $post_type ); if ( ! empty( $exclude_posts ) ) { $exclude_string = implode( ',', $exclude_posts ); $sql_where .= ' AND ID NOT IN ( ' . $exclude_string . ' )'; @@ -620,19 +621,23 @@ if ( ! class_exists( 'um\core\Access' ) ) { /** * Exclude posts from next, previous navigation * - * @param string $where - * @param bool $in_same_term - * @param array $excluded_terms - * @param string $taxonomy. - * @param \WP_Post $post + * @param string $where + * @param bool $in_same_term + * @param string|array $excluded_terms + * @param string $taxonomy + * @param null|\WP_Post $post * * @return string */ - function exclude_navigation_posts( $where, $in_same_term, $excluded_terms, $taxonomy, $post ) { + function exclude_navigation_posts( $where, $in_same_term = false, $excluded_terms = '', $taxonomy = 'category', $post = null ) { if ( current_user_can( 'administrator' ) ) { return $where; } + if ( empty( $post ) ) { + return $where; + } + $exclude_posts = $this->exclude_posts_array( false, $post->post_type ); if ( ! empty( $exclude_posts ) ) { $exclude_string = implode( ',', $exclude_posts ); @@ -726,7 +731,7 @@ if ( ! class_exists( 'um\core\Access' ) ) { * * @return string */ - function filter_restricted_post_excerpt( $post_excerpt, $post ) { + function filter_restricted_post_excerpt( $post_excerpt = '', $post = null ) { if ( empty( $post ) ) { return $post_excerpt; } @@ -774,7 +779,11 @@ if ( ! class_exists( 'um\core\Access' ) ) { * * @return bool */ - function filter_post_thumbnail( $has_thumbnail, $post, $thumbnail_id ) { + function filter_post_thumbnail( $has_thumbnail, $post = null, $thumbnail_id = false ) { + if ( empty( $thumbnail_id ) ) { + return $has_thumbnail; + } + if ( current_user_can( 'administrator' ) ) { return $has_thumbnail; } @@ -839,7 +848,7 @@ if ( ! class_exists( 'um\core\Access' ) ) { * @return array */ function get_available_comments_post_types() { - global $wp_taxonomies; + global $wp_taxonomies, $wpdb; $restricted_posts = UM()->options()->get( 'restricted_access_post_metabox' ); if ( empty( $restricted_posts ) ) { @@ -860,7 +869,17 @@ if ( ! class_exists( 'um\core\Access' ) ) { $restricted_posts = array_unique( $restricted_posts ); foreach ( $restricted_posts as $k => $post_type ) { if ( 'closed' === get_default_comment_status( $post_type ) ) { - unset( $restricted_posts[ $k ] ); + $open_comments = $wpdb->get_var( $wpdb->prepare( + "SELECT ID + FROM {$wpdb->posts} + WHERE post_type = %s AND + comment_status != 'closed'", + $post_type + ) ); + + if ( empty( $open_comments ) ) { + unset( $restricted_posts[ $k ] ); + } } } @@ -894,12 +913,12 @@ if ( ! class_exists( 'um\core\Access' ) ) { /** - * @param object $stats + * @param array|object $stats * @param int $post_id Post ID. Can be 0 for the whole website * * @return object */ - function custom_comments_count_handler( $stats, $post_id ) { + function custom_comments_count_handler( $stats = array(), $post_id = 0 ) { if ( ! empty( $stats ) || current_user_can( 'administrator' ) ) { return $stats; } @@ -1044,7 +1063,7 @@ if ( ! class_exists( 'um\core\Access' ) ) { * @param int $post_id * @return boolean */ - function disable_comments_open_number( $count, $post_id ) { + function disable_comments_open_number( $count, $post_id = 0 ) { if ( current_user_can( 'administrator' ) ) { return $count; } @@ -1070,11 +1089,11 @@ if ( ! class_exists( 'um\core\Access' ) ) { /** * Protect Post Types in menu query * Restrict content new logic - * @param $menu_items - * @param $args + * @param array $menu_items + * @param array $args * @return array */ - function filter_menu( $menu_items, $args ) { + function filter_menu( $menu_items, $args = array() ) { //if empty if ( empty( $menu_items ) ) { return $menu_items; @@ -1209,12 +1228,42 @@ if ( ! class_exists( 'um\core\Access' ) ) { } + /** + * @param \WP_Post $post + * + * @return \WP_Post + */ + function maybe_replace_title( $post ) { + if ( ! UM()->options()->get( 'restricted_post_title_replace' ) ) { + return $post; + } + + if ( current_user_can( 'administrator' ) ) { + return $post; + } + + if ( ! is_a( $post, '\WP_Post' ) ) { + return $post; + } + + $ignore = apply_filters( 'um_ignore_restricted_title', false, $post->ID ); + if ( $ignore ) { + return $post; + } + + $restricted_global_title = UM()->options()->get( 'restricted_access_post_title' ); + $post->post_title = stripslashes( $restricted_global_title ); + + return $post; + } + + /** * Protect Post Types in query * Restrict content new logic * - * @param $posts - * @param \WP_Query $query + * @param array $posts + * @param array|\WP_Query $query * @return array */ function filter_protected_posts( $posts, $query ) { @@ -1296,7 +1345,7 @@ if ( ! class_exists( 'um\core\Access' ) ) { */ do_action( 'um_access_fix_external_post_content' ); - $filtered_posts[] = $post; + $filtered_posts[] = $this->maybe_replace_title( $post ); continue; } } elseif ( '1' == $restriction['_um_noaccess_action'] ) { @@ -1319,7 +1368,7 @@ if ( ! class_exists( 'um\core\Access' ) ) { } } else { if ( UM()->options()->get( 'disable_restriction_pre_queries' ) || empty( $restriction['_um_access_hide_from_queries'] ) ) { - $filtered_posts[] = $post; + $filtered_posts[] = $this->maybe_replace_title( $post ); continue; } } diff --git a/readme.txt b/readme.txt index 38106311..b8f990f3 100644 --- a/readme.txt +++ b/readme.txt @@ -159,6 +159,9 @@ The plugin works with popular caching plugins by automatically excluding Ultimat * Bugfixes: + - Fixed: Hiding comments feed for pages with active comments + - Fixed: Changing the post title to the restricted value while displaying in the loop that uses direct `post_title` variable + - Fixed: PHP errors related to not passed function attributes from 3rd-party plugins or themes when using WP native hooks - Fixed: Handling the login form errors via \WP_Error = 2.2.3: August 25, 2021 = From 32034e6dbecd9e3558d2cc20bcc62b2dc4ab6512 Mon Sep 17 00:00:00 2001 From: Nikita Sinelnikov Date: Fri, 27 Aug 2021 14:17:15 +0300 Subject: [PATCH 4/4] - 2.2.4 release; --- README.md | 2 +- includes/admin/core/class-admin-notices.php | 2 +- readme.txt | 4 ++-- ultimate-member.php | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 33ef45bc..c99d5436 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ GNU Version 2 or Any Later Version ## Releases -[Official Release Version: 2.2.3](https://github.com/ultimatemember/ultimatemember/releases/tag/2.2.3). +[Official Release Version: 2.2.4](https://github.com/ultimatemember/ultimatemember/releases/tag/2.2.4). ## Changelog diff --git a/includes/admin/core/class-admin-notices.php b/includes/admin/core/class-admin-notices.php index f2b5aaf8..8f698f02 100644 --- a/includes/admin/core/class-admin-notices.php +++ b/includes/admin/core/class-admin-notices.php @@ -49,7 +49,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) { $this->check_wrong_licenses(); // removed for now to avoid the bad reviews - $this->reviews_notice(); + //$this->reviews_notice(); //$this->future_changed(); diff --git a/readme.txt b/readme.txt index b8f990f3..287fde6f 100644 --- a/readme.txt +++ b/readme.txt @@ -7,7 +7,7 @@ Tags: community, member, membership, user-profile, user-registration Requires PHP: 5.6 Requires at least: 5.0 Tested up to: 5.8 -Stable tag: 2.2.3 +Stable tag: 2.2.4 License: GNU Version 2 or Any Later Version License URI: http://www.gnu.org/licenses/gpl-3.0.txt @@ -155,7 +155,7 @@ The plugin works with popular caching plugins by automatically excluding Ultimat * To learn more about version 2.1 please see this [docs](https://docs.ultimatemember.com/article/1512-upgrade-2-1-0) * UM2.1+ is a significant update to the Member Directories' code base from 2.0.x. Please make sure you take a full-site backup with restore point before updating the plugin -= 2.2.4: September xx, 2021 = += 2.2.4: August 27, 2021 = * Bugfixes: diff --git a/ultimate-member.php b/ultimate-member.php index a415c156..becf008d 100644 --- a/ultimate-member.php +++ b/ultimate-member.php @@ -3,7 +3,7 @@ Plugin Name: Ultimate Member Plugin URI: http://ultimatemember.com/ Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress -Version: 2.2.4-alpha +Version: 2.2.4 Author: Ultimate Member Author URI: http://ultimatemember.com/ Text Domain: ultimate-member