mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-07-13 03:36:28 +09:00
Merge pull request #1235 from ultimatemember/development/2.6.8
Version 2.6.8
This commit is contained in:
@@ -44,7 +44,7 @@ GNU Version 2 or Any Later Version
|
||||
|
||||
### IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSION 2.6.7 PATCHES SECURITY PRIVILEGE ESCALATION VULNERABILITY. PLEASE SEE [THIS ARTICLE](https://docs.ultimatemember.com/article/1866-security-incident-update-and-recommended-actions) FOR MORE INFORMATION
|
||||
|
||||
[Official Release Version: 2.6.7](https://github.com/ultimatemember/ultimatemember/releases/tag/2.6.7).
|
||||
[Official Release Version: 2.6.8](https://github.com/ultimatemember/ultimatemember/releases/tag/2.6.8).
|
||||
|
||||
## Changelog
|
||||
|
||||
|
||||
@@ -1,3 +1,35 @@
|
||||
@-webkit-keyframes um-ajax-spinning {
|
||||
0% {
|
||||
-webkit-transform: rotate(0deg);
|
||||
transform: rotate(0deg); }
|
||||
100% {
|
||||
-webkit-transform: rotate(360deg);
|
||||
transform: rotate(360deg); } }
|
||||
|
||||
@-moz-keyframes um-ajax-spinning {
|
||||
0% {
|
||||
-webkit-transform: rotate(0deg);
|
||||
transform: rotate(0deg); }
|
||||
100% {
|
||||
-webkit-transform: rotate(360deg);
|
||||
transform: rotate(360deg); } }
|
||||
|
||||
@-ms-keyframes um-ajax-spinning {
|
||||
0% {
|
||||
-webkit-transform: rotate(0deg);
|
||||
transform: rotate(0deg); }
|
||||
100% {
|
||||
-webkit-transform: rotate(360deg);
|
||||
transform: rotate(360deg); } }
|
||||
|
||||
@keyframes um-ajax-spinning {
|
||||
0% {
|
||||
-webkit-transform: rotate(0deg);
|
||||
transform: rotate(0deg); }
|
||||
100% {
|
||||
-webkit-transform: rotate(360deg);
|
||||
transform: rotate(360deg); } }
|
||||
|
||||
/*
|
||||
- General
|
||||
*/
|
||||
@@ -101,6 +133,7 @@
|
||||
position: relative;
|
||||
padding: 60px 20px 20px 20px;
|
||||
margin: 0 0 60px 0;
|
||||
position: relative;
|
||||
}
|
||||
.um-admin-drag-row:last-child {margin-bottom: 0}
|
||||
|
||||
@@ -278,10 +311,49 @@
|
||||
position: relative;
|
||||
}
|
||||
|
||||
.um-admin-row-loading {
|
||||
position: absolute;
|
||||
width: 100%;
|
||||
height: calc( 100% + 30px );
|
||||
top: -30px;
|
||||
left: 0;
|
||||
background: rgba(241, 241, 241, 0.6);
|
||||
z-index: 999;
|
||||
display: none;
|
||||
}
|
||||
.um-admin-row-loading > span {
|
||||
display: block;
|
||||
-webkit-transition: 0.1s opacity;
|
||||
-moz-transition: 0.1s opacity;
|
||||
-ms-transition: 0.1s opacity;
|
||||
-o-transition: 0.1s opacity;
|
||||
transition: 0.1s opacity;
|
||||
color: #c6c6c6 !important;
|
||||
-webkit-animation: um-ajax-spinning 1.1s infinite linear;
|
||||
animation: um-ajax-spinning 1.1s infinite linear;
|
||||
border-top: 0.2em solid rgba(0, 0, 0, 1);
|
||||
border-right: 0.2em solid rgba(0, 0, 0, 1);
|
||||
border-bottom: 0.2em solid rgba(0, 0, 0, 1);
|
||||
border-left: 0.2em solid #c6c6c6;
|
||||
font-size: 1.75em;
|
||||
filter: alpha(opacity=0);
|
||||
-ms-transform: translateZ(0);
|
||||
transform: translateZ(0);
|
||||
border-radius: 50%;
|
||||
width: 40px;
|
||||
height: 40px;
|
||||
margin: -20px 0 0 -20px;
|
||||
outline: 0;
|
||||
padding: 0;
|
||||
vertical-align: baseline;
|
||||
position: absolute;
|
||||
left: 50%;
|
||||
top: 50%;
|
||||
}
|
||||
|
||||
/*
|
||||
- UI Placeholders
|
||||
*/
|
||||
|
||||
.um-row-placeholder {
|
||||
width: 100%;
|
||||
border: 2px dashed #aaa;
|
||||
@@ -315,4 +387,4 @@
|
||||
|
||||
#UM_preview_form .um-admin-modal-body {
|
||||
position: relative;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,6 +3,11 @@
|
||||
color: #555;
|
||||
}
|
||||
|
||||
.um-admin-notice.notice-warning {
|
||||
border-color: #dba617 !important;
|
||||
color: #555;
|
||||
}
|
||||
|
||||
.um-admin-notice.upgraded {
|
||||
border-color: #0085ba !important;
|
||||
color: #555;
|
||||
|
||||
@@ -1,49 +1,52 @@
|
||||
.um-settings-section .description {
|
||||
font-style: italic;
|
||||
font-style: italic;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
.um-notification-status {
|
||||
margin-right: 18px;
|
||||
font-size: 28px;
|
||||
line-height: 22px;
|
||||
.um-block-notice {
|
||||
background: #fff;
|
||||
font-family:-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Oxygen-Sans,Ubuntu,Cantarell,Helvetica Neue,sans-serif;
|
||||
font-size:13px;
|
||||
padding: 20px;
|
||||
border: 1px solid #000;
|
||||
}
|
||||
|
||||
.um-notification-status {
|
||||
color: #a00;
|
||||
float:left;
|
||||
box-sizing: border-box;
|
||||
-moz-box-sizing: border-box;
|
||||
-webkit-box-sizing: border-box;
|
||||
margin-right: 18px;
|
||||
font-size: 28px;
|
||||
line-height: 22px;
|
||||
}
|
||||
|
||||
.um-notification-status {
|
||||
color: #a00;
|
||||
float:left;
|
||||
box-sizing: border-box;
|
||||
-moz-box-sizing: border-box;
|
||||
-webkit-box-sizing: border-box;
|
||||
}
|
||||
|
||||
.um-notification-status.um-notification-is-active {
|
||||
color: #46b450;
|
||||
color: #46b450;
|
||||
}
|
||||
|
||||
.um-email-configure span {
|
||||
line-height: 24px;
|
||||
line-height: 24px;
|
||||
}
|
||||
|
||||
.um-long-field {
|
||||
width:100%;
|
||||
width:100%;
|
||||
}
|
||||
|
||||
.um-medium-field {
|
||||
width:50%;
|
||||
width:50%;
|
||||
}
|
||||
|
||||
.um-small-field {
|
||||
width:25%;
|
||||
width:25%;
|
||||
}
|
||||
|
||||
.column-configure {
|
||||
width: 60px;
|
||||
text-align: center;
|
||||
width: 60px;
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
.wp-list-table.templates .column-core_version {
|
||||
@@ -61,47 +64,47 @@
|
||||
}
|
||||
|
||||
th.column-email.column-primary {
|
||||
padding-left: 48px;
|
||||
padding-left: 48px;
|
||||
}
|
||||
|
||||
.um-nav-tab-wrapper {
|
||||
margin-right: 20px;
|
||||
margin-right: 20px;
|
||||
}
|
||||
|
||||
#um-settings-emails {
|
||||
float:left;
|
||||
width:calc( 100% - 20px );
|
||||
margin-right: 20px;
|
||||
float:left;
|
||||
width:calc( 100% - 20px );
|
||||
margin-right: 20px;
|
||||
}
|
||||
#um-settings-form {
|
||||
float:left;
|
||||
width:calc( 100% - 10px );
|
||||
margin-right: 10px;
|
||||
float:left;
|
||||
width:calc( 100% - 10px );
|
||||
margin-right: 10px;
|
||||
}
|
||||
|
||||
#um-settings-form .subsubsub {
|
||||
float:left;
|
||||
width:100%;
|
||||
float:left;
|
||||
width:100%;
|
||||
}
|
||||
|
||||
|
||||
.um-settings-line .multi-checkbox-line {
|
||||
float:left;
|
||||
width:100%;
|
||||
clear: both;
|
||||
margin: 0 0 10px 0;
|
||||
padding: 0;
|
||||
float:left;
|
||||
width:100%;
|
||||
clear: both;
|
||||
margin: 0 0 10px 0;
|
||||
padding: 0;
|
||||
}
|
||||
|
||||
.um-settings-line .multi-checkbox-column {
|
||||
float:left;
|
||||
margin: 0;
|
||||
padding:0;
|
||||
float:left;
|
||||
margin: 0;
|
||||
padding:0;
|
||||
}
|
||||
|
||||
.um-settings-line .multi-checkbox-column label {
|
||||
float:left;
|
||||
width:100%;
|
||||
float:left;
|
||||
width:100%;
|
||||
}
|
||||
|
||||
|
||||
@@ -113,120 +116,120 @@ th.column-email.column-primary {
|
||||
.wrap-licenses td,
|
||||
.wrap-licenses th,
|
||||
.wrap-licenses caption {
|
||||
display: block;
|
||||
display: block;
|
||||
}
|
||||
.wrap-licenses .form-table tr {
|
||||
float: left;
|
||||
margin: 0 15px 15px 0;
|
||||
background: #fff;
|
||||
border: 1px solid #ccc;
|
||||
width: 30.5%;
|
||||
max-width: 350px;
|
||||
padding: 14px;
|
||||
min-height: 240px;
|
||||
position: relative;
|
||||
box-sizing: border-box;
|
||||
float: left;
|
||||
margin: 0 15px 15px 0;
|
||||
background: #fff;
|
||||
border: 1px solid #ccc;
|
||||
width: 30.5%;
|
||||
max-width: 350px;
|
||||
padding: 14px;
|
||||
min-height: 240px;
|
||||
position: relative;
|
||||
box-sizing: border-box;
|
||||
}
|
||||
.wrap-licenses .form-table th {
|
||||
background: #f9f9f9;
|
||||
padding: 14px;
|
||||
border-bottom: 1px solid #ccc;
|
||||
margin: -14px -14px 20px;
|
||||
width: 100%;
|
||||
background: #f9f9f9;
|
||||
padding: 14px;
|
||||
border-bottom: 1px solid #ccc;
|
||||
margin: -14px -14px 20px;
|
||||
width: 100%;
|
||||
}
|
||||
.wrap-licenses .form-table td {
|
||||
padding: 0;
|
||||
padding: 0;
|
||||
}
|
||||
.wrap-licenses td input.regular-text {
|
||||
margin: 0 0 8px;
|
||||
width: 100%;
|
||||
margin: 0 0 8px;
|
||||
width: 100%;
|
||||
}
|
||||
.wrap-licenses .edd-license-data[class*="edd-license-"] {
|
||||
position: absolute;
|
||||
background: #fafafa;
|
||||
padding: 14px;
|
||||
border-top: 1px solid #eee;
|
||||
margin: 20px -14px -14px;
|
||||
min-height: 67px;
|
||||
width: 100%;
|
||||
bottom: 14px;
|
||||
box-sizing: border-box;
|
||||
position: absolute;
|
||||
background: #fafafa;
|
||||
padding: 14px;
|
||||
border-top: 1px solid #eee;
|
||||
margin: 20px -14px -14px;
|
||||
min-height: 67px;
|
||||
width: 100%;
|
||||
bottom: 14px;
|
||||
box-sizing: border-box;
|
||||
}
|
||||
.wrap-licenses .edd-license-data[class*="edd-license-"] a {
|
||||
color: #444;
|
||||
color: #444;
|
||||
}
|
||||
.wrap-licenses .edd-license-data[class*="edd-license-"] a:hover {
|
||||
text-decoration: none;
|
||||
text-decoration: none;
|
||||
}
|
||||
.wrap-licenses .edd-license-data.license-expires-soon-notice {
|
||||
background-color: #00a0d2;
|
||||
color: #fff;
|
||||
border-color: #00a0d2;
|
||||
background-color: #00a0d2;
|
||||
color: #fff;
|
||||
border-color: #00a0d2;
|
||||
}
|
||||
.wrap-licenses .edd-license-data.edd-license-expired {
|
||||
background-color: #e24e4e;
|
||||
color: #fff;
|
||||
border-color: #e24e4e;
|
||||
background-color: #e24e4e;
|
||||
color: #fff;
|
||||
border-color: #e24e4e;
|
||||
}
|
||||
|
||||
.wrap-licenses .edd-license-data.edd-license-valid {
|
||||
background-color: #5abc55;
|
||||
color: #fff;
|
||||
border-color: #5abc55;
|
||||
background-color: #5abc55;
|
||||
color: #fff;
|
||||
border-color: #5abc55;
|
||||
}
|
||||
.wrap-licenses .edd-license-data.edd-license-error,
|
||||
.wrap-licenses .edd-license-data.edd-license-missing,
|
||||
.wrap-licenses .edd-license-data.edd-license-invalid,
|
||||
.wrap-licenses .edd-license-data.edd-license-site_inactive,
|
||||
.wrap-licenses .edd-license-data.edd-license-item_name_mismatch {
|
||||
background-color: #ffebcd;
|
||||
border-color: #ffebcd;
|
||||
background-color: #ffebcd;
|
||||
border-color: #ffebcd;
|
||||
}
|
||||
.wrap-licenses .edd-license-data p {
|
||||
font-size: 13px;
|
||||
margin-top: 0;
|
||||
font-size: 13px;
|
||||
margin-top: 0;
|
||||
}
|
||||
.wrap-licenses .edd-license-data.license-expires-soon-notice a,
|
||||
.wrap-licenses .edd-license-data.edd-license-expired a {
|
||||
color: #fff;
|
||||
color: #fff;
|
||||
}
|
||||
.wrap-licenses .edd-license-data.license-expires-soon-notice a:hover,
|
||||
.wrap-licenses .edd-license-data.edd-license-expired a:hover {
|
||||
text-decoration: none;
|
||||
text-decoration: none;
|
||||
}
|
||||
.wrap-licenses ~ p.submit {
|
||||
clear: both;
|
||||
clear: both;
|
||||
}
|
||||
|
||||
@media screen and (max-width: 980px) {
|
||||
.wrap-licenses .form-table tr {
|
||||
width:calc( 50% - 15px );
|
||||
max-width: none;
|
||||
}
|
||||
.wrap-licenses .form-table tr {
|
||||
width:calc( 50% - 15px );
|
||||
max-width: none;
|
||||
}
|
||||
}
|
||||
|
||||
@media screen and (max-width: 782px) {
|
||||
.wrap-licenses .form-table tr {
|
||||
width:100%;
|
||||
margin-right: 0;
|
||||
max-width: none;
|
||||
}
|
||||
.wrap-licenses .form-table tr {
|
||||
width:100%;
|
||||
margin-right: 0;
|
||||
max-width: none;
|
||||
}
|
||||
|
||||
|
||||
.um-settings-line .multi-checkbox-column {
|
||||
width:100% !important;
|
||||
}
|
||||
.um-settings-line .multi-checkbox-column label {
|
||||
line-height: 30px !important;
|
||||
}
|
||||
.um-settings-line .multi-checkbox-column {
|
||||
width:100% !important;
|
||||
}
|
||||
.um-settings-line .multi-checkbox-column label {
|
||||
line-height: 30px !important;
|
||||
}
|
||||
|
||||
.um-medium-field {
|
||||
width:100%;
|
||||
}
|
||||
.um-medium-field {
|
||||
width:100%;
|
||||
}
|
||||
|
||||
.um-small-field {
|
||||
width:50%;
|
||||
}
|
||||
.um-small-field {
|
||||
width:50%;
|
||||
}
|
||||
|
||||
.wp-list-table.templates .column-core_version {
|
||||
width: auto;
|
||||
@@ -241,30 +244,30 @@ th.column-email.column-primary {
|
||||
|
||||
/*
|
||||
.email_template_wrapper .copy_button_overlay {
|
||||
position:absolute;
|
||||
top:0;
|
||||
bottom:0;
|
||||
width:calc( 100% - 30px );
|
||||
z-index: 2;
|
||||
background: rgba( 241, 241, 241, 0.95 );
|
||||
text-align: center;
|
||||
padding-top: 30%;
|
||||
padding-right: 20px;
|
||||
padding-left: 20px;
|
||||
position:absolute;
|
||||
top:0;
|
||||
bottom:0;
|
||||
width:calc( 100% - 30px );
|
||||
z-index: 2;
|
||||
background: rgba( 241, 241, 241, 0.95 );
|
||||
text-align: center;
|
||||
padding-top: 30%;
|
||||
padding-right: 20px;
|
||||
padding-left: 20px;
|
||||
}
|
||||
|
||||
.email_template_wrapper .copy_button_overlay > span {
|
||||
color: #444;
|
||||
margin: 0 0 15px 0;
|
||||
display: inline-block;
|
||||
color: #444;
|
||||
margin: 0 0 15px 0;
|
||||
display: inline-block;
|
||||
}
|
||||
|
||||
.email_template_wrapper.in_theme .copy_button_overlay {
|
||||
display: none !important;
|
||||
display: none !important;
|
||||
}
|
||||
*/
|
||||
|
||||
.um_setting_ajax_button_response.complete {
|
||||
color:darkgreen;
|
||||
font-style: italic;
|
||||
color:darkgreen;
|
||||
font-style: italic;
|
||||
}
|
||||
|
||||
@@ -1,3 +1,31 @@
|
||||
function um_builder_delete_field_ajax( callback ) {
|
||||
if ( UM.admin.builder.fieldsToDelete.length > 0 ) {
|
||||
let fieldDelete = UM.admin.builder.fieldsToDelete.shift();
|
||||
let arg1 = jQuery( fieldDelete ).find('[data-silent_action="um_admin_remove_field"]').data('arg1');
|
||||
let arg2 = jQuery( fieldDelete ).find('[data-silent_action="um_admin_remove_field"]').data('arg2');
|
||||
|
||||
jQuery.ajax({
|
||||
url: wp.ajax.settings.url,
|
||||
type: 'POST',
|
||||
data: {
|
||||
action:'um_do_ajax_action',
|
||||
act_id : 'um_admin_remove_field',
|
||||
arg1 : arg1,
|
||||
arg2 : arg2,
|
||||
nonce: um_admin_scripts.nonce
|
||||
},
|
||||
success: function( data ) {
|
||||
um_builder_delete_field_ajax( callback );
|
||||
},
|
||||
error: function( data ) {
|
||||
callback();
|
||||
}
|
||||
});
|
||||
} else {
|
||||
callback();
|
||||
}
|
||||
}
|
||||
|
||||
jQuery(document).ready(function() {
|
||||
|
||||
jQuery(document).ajaxStart( function() {
|
||||
@@ -9,6 +37,10 @@ jQuery(document).ready(function() {
|
||||
return false;
|
||||
}
|
||||
|
||||
var act_id = jQuery(this).data('silent_action');
|
||||
var arg1 = jQuery(this).data('arg1');
|
||||
var arg2 = jQuery(this).data('arg2');
|
||||
|
||||
var in_row = '';
|
||||
var in_sub_row = '';
|
||||
var in_column = '';
|
||||
@@ -22,10 +54,6 @@ jQuery(document).ready(function() {
|
||||
in_group = demon_settings.data('in_group');
|
||||
}
|
||||
|
||||
var act_id = jQuery(this).data('silent_action');
|
||||
var arg1 = jQuery(this).data('arg1');
|
||||
var arg2 = jQuery(this).data('arg2');
|
||||
|
||||
jQuery('.tipsy').hide();
|
||||
|
||||
um_admin_remove_modal();
|
||||
@@ -55,4 +83,4 @@ jQuery(document).ready(function() {
|
||||
|
||||
return false;
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
@@ -42,4 +42,4 @@ jQuery( document ).ready( function() {
|
||||
if ( um_admin_builder_data.hide_footer ) {
|
||||
jQuery('#wpfooter').hide();
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
@@ -1,3 +1,16 @@
|
||||
if ( typeof (window.UM) !== 'object' ) {
|
||||
window.UM = {};
|
||||
}
|
||||
|
||||
if ( typeof (window.UM.admin) !== 'object' ) {
|
||||
window.UM.admin = {};
|
||||
}
|
||||
|
||||
UM.admin.builder = {
|
||||
deleteProcess: [],
|
||||
fieldsToDelete: [],
|
||||
}
|
||||
|
||||
function UM_Drag_and_Drop() {
|
||||
jQuery('.um-admin-drag-col,.um-admin-drag-group').sortable({
|
||||
items: '.um-admin-drag-fld',
|
||||
@@ -5,66 +18,66 @@ function UM_Drag_and_Drop() {
|
||||
placeholder: "um-fld-placeholder",
|
||||
forcePlaceholderSize:true,
|
||||
update: function(event, ui){
|
||||
|
||||
|
||||
jQuery('#publish').attr('disabled','disabled');
|
||||
|
||||
|
||||
if ( ui.item.hasClass('um-field-type-group') && ui.item.parents('.um-field-type-group').length > 0 ) {
|
||||
|
||||
|
||||
jQuery('.um-admin-drag-col,.um-admin-drag-group').sortable('cancel');
|
||||
|
||||
|
||||
jQuery('#publish').prop('disabled', false);
|
||||
|
||||
|
||||
} else {
|
||||
|
||||
|
||||
UM_Change_Field_Col();
|
||||
|
||||
|
||||
UM_Change_Field_Grp();
|
||||
|
||||
|
||||
UM_Rows_Refresh();
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
jQuery('.um-admin-drag-rowsubs').sortable({
|
||||
items: '.um-admin-drag-rowsub',
|
||||
placeholder: "um-rowsub-placeholder",
|
||||
forcePlaceholderSize:true,
|
||||
zIndex: 9999999999,
|
||||
update: function(){
|
||||
|
||||
|
||||
jQuery('#publish').attr('disabled','disabled');
|
||||
|
||||
|
||||
UM_update_subrows();
|
||||
|
||||
|
||||
UM_Rows_Refresh();
|
||||
|
||||
|
||||
}
|
||||
}).disableSelection();
|
||||
|
||||
|
||||
jQuery('.um-admin-drag-rowsub').sortable({
|
||||
items: '.um-admin-drag-col',
|
||||
zIndex: 9999999999,
|
||||
update: function(){
|
||||
|
||||
|
||||
jQuery('#publish').attr('disabled','disabled');
|
||||
|
||||
|
||||
row = jQuery(this);
|
||||
row.find('.um-admin-drag-col').removeClass('cols-1 cols-2 cols-3 cols-last cols-middle');
|
||||
row.find('.um-admin-drag-col').addClass('cols-' + row.find('.um-admin-drag-col').length );
|
||||
row.find('.um-admin-drag-col:last').addClass('cols-last');
|
||||
if ( row.find('.um-admin-drag-col').length == 3 ) {row.find('.um-admin-drag-col:eq(1)').addClass('cols-middle');}
|
||||
|
||||
|
||||
UM_Change_Field_Col();
|
||||
|
||||
|
||||
UM_Change_Field_Grp();
|
||||
|
||||
|
||||
UM_Rows_Refresh();
|
||||
|
||||
|
||||
}
|
||||
}).disableSelection();
|
||||
|
||||
|
||||
jQuery('.um-admin-drag-ajax').sortable({
|
||||
items: '.um-admin-drag-row',
|
||||
handle: ".um-admin-drag-row-start",
|
||||
@@ -75,15 +88,15 @@ function UM_Drag_and_Drop() {
|
||||
jQuery('.tipsy').remove();
|
||||
},
|
||||
update: function(){
|
||||
|
||||
|
||||
jQuery('#publish').attr('disabled','disabled');
|
||||
|
||||
|
||||
UM_update_rows();
|
||||
|
||||
|
||||
UM_Change_Field_Col();
|
||||
|
||||
|
||||
UM_Change_Field_Grp();
|
||||
|
||||
|
||||
UM_Rows_Refresh();
|
||||
|
||||
}
|
||||
@@ -152,7 +165,7 @@ function UM_Change_Field_Grp(){
|
||||
function UM_Rows_Refresh(){
|
||||
|
||||
jQuery('.um_update_order_fields').empty();
|
||||
|
||||
|
||||
/* ROWS */
|
||||
var c = 0;
|
||||
jQuery('.um-admin-drag-row').each(function(){
|
||||
@@ -162,41 +175,41 @@ function UM_Rows_Refresh(){
|
||||
|
||||
col_num = '';
|
||||
row.find('.um-admin-drag-rowsub').each(function(){
|
||||
|
||||
|
||||
subrow = jQuery(this);
|
||||
|
||||
|
||||
subrow.find('.um-admin-drag-col').removeClass('cols-1 cols-2 cols-3 cols-last cols-middle');
|
||||
subrow.find('.um-admin-drag-col').addClass('cols-' + subrow.find('.um-admin-drag-col').length );
|
||||
subrow.find('.um-admin-drag-col:last').addClass('cols-last');
|
||||
if ( subrow.find('.um-admin-drag-col').length == 3 ) {subrow.find('.um-admin-drag-col:eq(1)').addClass('cols-middle');}
|
||||
|
||||
|
||||
if ( !col_num ) {
|
||||
col_num = subrow.find('.um-admin-drag-col').length;
|
||||
} else {
|
||||
col_num = col_num + ':' + subrow.find('.um-admin-drag-col').length;
|
||||
}
|
||||
|
||||
|
||||
});
|
||||
|
||||
|
||||
jQuery('.um_update_order_fields').append('<input type="hidden" name="_um_rowcols_'+c+'_cols" id="_um_rowcols_'+c+'_cols" value="'+col_num+'" />');
|
||||
|
||||
|
||||
sub_rows_count = row.find('.um-admin-drag-rowsub').length;
|
||||
|
||||
|
||||
var origin_id = jQuery(this).attr('data-original');
|
||||
|
||||
jQuery('.um_update_order_fields').append('<input type="hidden" name="_um_row_'+c+'" id="_um_row_'+c+'" value="_um_row_'+c+'" />');
|
||||
jQuery('.um_update_order_fields').append('<input type="hidden" name="_um_roworigin_'+c+'_val" id="_um_roworigin_'+c+'_val" value="'+origin_id+'" />');
|
||||
jQuery('.um_update_order_fields').append('<input type="hidden" name="_um_rowsub_'+c+'_rows" id="_um_rowsub_'+c+'_rows" value="'+sub_rows_count+'" />');
|
||||
|
||||
|
||||
jQuery(this).attr('data-original', '_um_row_'+c );
|
||||
|
||||
|
||||
});
|
||||
|
||||
/* FIELDS */
|
||||
var order;
|
||||
order = 0;
|
||||
jQuery('.um-admin-drag-col .um-admin-drag-fld').each(function(){
|
||||
|
||||
|
||||
if ( !jQuery(this).hasClass('group') ) {
|
||||
var group = jQuery(this).data('group');
|
||||
if ( group != '' ) {
|
||||
@@ -210,14 +223,14 @@ function UM_Rows_Refresh(){
|
||||
jQuery('.um_update_order_fields').append('<input type="hidden" name="um_group_'+jQuery(this).data('key')+'" id="um_group_'+jQuery(this).data('key')+'" value="" />');
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
order++;
|
||||
|
||||
row = jQuery(this).parents('.um-admin-drag-row').index()+1;
|
||||
row = '_um_row_'+row;
|
||||
|
||||
|
||||
saved_col = jQuery(this).data('column');
|
||||
|
||||
|
||||
if ( saved_col == 3 ){
|
||||
jQuery(this).appendTo( jQuery(this).parents('.um-admin-drag-rowsub').find('.um-admin-drag-col:eq(2)') );
|
||||
}
|
||||
@@ -226,21 +239,21 @@ function UM_Rows_Refresh(){
|
||||
}
|
||||
|
||||
sub_row = jQuery(this).parents('.um-admin-drag-rowsub').index();
|
||||
|
||||
|
||||
jQuery('.um_update_order_fields').append('<input type="hidden" name="um_position_'+jQuery(this).data('key')+'" id="um_position_'+jQuery(this).data('key')+'" value="'+order+'" />');
|
||||
|
||||
|
||||
jQuery('.um_update_order_fields').append('<input type="hidden" name="um_row_'+jQuery(this).data('key')+'" id="um_row_'+jQuery(this).data('key')+'" value="'+row+'" />');
|
||||
|
||||
|
||||
jQuery('.um_update_order_fields').append('<input type="hidden" name="um_subrow_'+jQuery(this).data('key')+'" id="um_subrow_'+jQuery(this).data('key')+'" value="'+sub_row+'" />');
|
||||
|
||||
|
||||
jQuery('.um_update_order_fields').append('<input type="hidden" name="um_col_'+jQuery(this).data('key')+'" id="um_col_'+jQuery(this).data('key')+'" value="'+saved_col+'" />');
|
||||
|
||||
|
||||
});
|
||||
|
||||
|
||||
UM_Drag_and_Drop();
|
||||
|
||||
|
||||
UM_Add_Icon();
|
||||
|
||||
|
||||
jQuery.ajax({
|
||||
url: wp.ajax.settings.url,
|
||||
type: 'POST',
|
||||
@@ -249,38 +262,38 @@ function UM_Rows_Refresh(){
|
||||
jQuery('#publish').prop('disabled', false);
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
}
|
||||
|
||||
function UM_Add_Icon(){
|
||||
|
||||
var add_icon_html = '<a href="#" class="um-admin-drag-add-field um-admin-tipsy-n" title="Add Field" data-modal="UM_fields" data-modal-size="normal" data-dynamic-content="um_admin_show_fields" data-arg2="'+jQuery('.um-admin-drag-ajax').data('form_id')+'" data-arg1=""><i class="um-icon-plus"></i></a>';
|
||||
|
||||
|
||||
jQuery('.um-admin-drag-col').each(function(){
|
||||
if ( jQuery(this).find('.um-admin-drag-add-field').length == 0 ) {
|
||||
jQuery(this).append(add_icon_html);
|
||||
} else {
|
||||
jQuery(this).find('.um-admin-drag-add-field').remove();
|
||||
jQuery(this).append(add_icon_html);
|
||||
jQuery(this).append(add_icon_html);
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
jQuery('.um-admin-drag-group').each(function(){
|
||||
if ( jQuery(this).find('.um-admin-drag-add-field').length == 0 ) {
|
||||
jQuery(this).append(add_icon_html);
|
||||
} else {
|
||||
jQuery(this).find('.um-admin-drag-add-field').remove();
|
||||
jQuery(this).append(add_icon_html);
|
||||
jQuery(this).append(add_icon_html);
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
}
|
||||
|
||||
jQuery(document).ready(function() {
|
||||
if ( !jQuery('.um-admin-drag').length ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
UM_Drag_and_Drop();
|
||||
|
||||
/* add field to respected area */
|
||||
@@ -302,19 +315,19 @@ jQuery(document).ready(function() {
|
||||
in_column = 1;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if ( jQuery(this).parents('.um-admin-drag-group').length ) {
|
||||
in_group = jQuery(this).parents('.um-admin-drag-fld.um-field-type-group').data('key');
|
||||
} else {
|
||||
in_group = '';
|
||||
}
|
||||
|
||||
|
||||
jQuery('.um-col-demon-settings').data('in_row', in_row);
|
||||
jQuery('.um-col-demon-settings').data('in_sub_row', in_sub_row);
|
||||
jQuery('.um-col-demon-settings').data('in_column', in_column);
|
||||
jQuery('.um-col-demon-settings').data('in_group', in_group);
|
||||
});
|
||||
|
||||
|
||||
/* add row */
|
||||
jQuery(document.body).on('click', '*[data-row_action="add_row"]', function(){
|
||||
var dragg = jQuery('.um-admin-drag-ajax');
|
||||
@@ -325,7 +338,7 @@ jQuery(document).ready(function() {
|
||||
UM_update_subrows();
|
||||
UM_Rows_Refresh();
|
||||
});
|
||||
|
||||
|
||||
/* add sub row */
|
||||
jQuery(document.body).on('click', '*[data-row_action="add_subrow"]', function(){
|
||||
var dragg = jQuery(this).parents('.um-admin-drag-row').find('.um-admin-drag-rowsubs');
|
||||
@@ -333,23 +346,69 @@ jQuery(document).ready(function() {
|
||||
UM_update_subrows();
|
||||
UM_Rows_Refresh();
|
||||
});
|
||||
|
||||
/* remove element */
|
||||
jQuery(document.body).on('click', 'a[data-remove_element^="um-"]',function(){
|
||||
element = jQuery(this).data('remove_element');
|
||||
|
||||
jQuery(this).parents('.' +element).find('.um-admin-drag-fld').each(function(){
|
||||
jQuery(this).find('a[data-silent_action="um_admin_remove_field"]').trigger('click');
|
||||
/* remove element: Row, Subrow */
|
||||
jQuery(document.body).on('click', 'a[data-remove_element^="um-"]',function(){
|
||||
let deleteButton = jQuery(this);
|
||||
let element = jQuery(this).data('remove_element');
|
||||
let loadingWrapper = jQuery(this).parents('.' + element ).children('.um-admin-row-loading');
|
||||
|
||||
let row = jQuery(this).parents('.um-admin-drag-row').index();
|
||||
let subrow = jQuery(this).parents('.um-admin-drag-rowsub').index();
|
||||
|
||||
let fieldPosition= {row,subrow};
|
||||
let deleteExists= false;
|
||||
jQuery.each( UM.admin.builder.deleteProcess, function(i) {
|
||||
if ( fieldPosition.row === UM.admin.builder.deleteProcess[i].row && fieldPosition.subrow === UM.admin.builder.deleteProcess[i].subrow ) {
|
||||
deleteExists = true;
|
||||
return false;
|
||||
}
|
||||
});
|
||||
|
||||
jQuery(this).parents('.' +element).remove();
|
||||
jQuery('.tipsy').remove();
|
||||
UM_Rows_Refresh();
|
||||
|
||||
if ( deleteExists ) {
|
||||
return;
|
||||
}
|
||||
|
||||
loadingWrapper.show();
|
||||
|
||||
UM.admin.builder.deleteProcess.push({row,subrow});
|
||||
|
||||
UM.admin.builder.fieldsToDelete = jQuery(this).parents('.' +element).find('.um-admin-drag-fld').toArray();
|
||||
|
||||
if ( UM.admin.builder.fieldsToDelete.length > 0 ) {
|
||||
um_builder_delete_field_ajax( function () {
|
||||
deleteButton.parents('.' +element).remove();
|
||||
jQuery('.tipsy').remove();
|
||||
UM_Rows_Refresh();
|
||||
|
||||
jQuery.each( UM.admin.builder.deleteProcess, function(i) {
|
||||
if ( fieldPosition.row === UM.admin.builder.deleteProcess[i].row && fieldPosition.subrow === UM.admin.builder.deleteProcess[i].subrow ) {
|
||||
UM.admin.builder.deleteProcess.splice(i, 1);
|
||||
return false;
|
||||
}
|
||||
});
|
||||
|
||||
loadingWrapper.hide();
|
||||
} );
|
||||
} else {
|
||||
jQuery(this).parents('.' +element).remove();
|
||||
jQuery('.tipsy').remove();
|
||||
UM_Rows_Refresh();
|
||||
|
||||
jQuery.each( UM.admin.builder.deleteProcess, function(i) {
|
||||
if ( fieldPosition.row === UM.admin.builder.deleteProcess[i].row && fieldPosition.subrow === UM.admin.builder.deleteProcess[i].subrow ) {
|
||||
UM.admin.builder.deleteProcess.splice(i, 1);
|
||||
return false;
|
||||
}
|
||||
});
|
||||
|
||||
loadingWrapper.hide();
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
/* dynamically change columns */
|
||||
jQuery(document.body).on('click', '.um-admin-drag-ctrls.columns a', function(){
|
||||
|
||||
|
||||
var row = jQuery(this).parents('.um-admin-drag-rowsub');
|
||||
var tab = jQuery(this);
|
||||
var tabs = jQuery(this).parent();
|
||||
@@ -358,21 +417,21 @@ jQuery(document).ready(function() {
|
||||
var existing_cols = row.find('.um-admin-drag-col').length;
|
||||
var required_cols = tab.data('cols');
|
||||
var needed_cols = required_cols - existing_cols;
|
||||
|
||||
|
||||
if ( needed_cols > 0 ) {
|
||||
|
||||
|
||||
for (i = 0; i < needed_cols; i++){
|
||||
row.find('.um-admin-drag-col-dynamic').append('<div class="um-admin-drag-col"></div>');
|
||||
}
|
||||
|
||||
|
||||
row.find('.um-admin-drag-col').removeClass('cols-1 cols-2 cols-3 cols-last cols-middle');
|
||||
row.find('.um-admin-drag-col').addClass('cols-' + row.find('.um-admin-drag-col').length );
|
||||
row.find('.um-admin-drag-col:last').addClass('cols-last');
|
||||
|
||||
|
||||
if ( row.find('.um-admin-drag-col').length == 3 ) {row.find('.um-admin-drag-col:eq(1)').addClass('cols-middle');}
|
||||
|
||||
|
||||
} else if ( needed_cols < 0 ) {
|
||||
|
||||
|
||||
needed_cols = needed_cols + 3;
|
||||
if ( needed_cols == 2 ) {
|
||||
row.find('.um-admin-drag-col:first').append( row.find('.um-admin-drag-col.cols-last').html() );
|
||||
@@ -384,25 +443,25 @@ jQuery(document).ready(function() {
|
||||
row.find('.um-admin-drag-col.cols-last').remove();
|
||||
row.find('.um-admin-drag-col.cols-middle').remove();
|
||||
}
|
||||
|
||||
|
||||
row.find('.um-admin-drag-col').removeClass('cols-1 cols-2 cols-3 cols-last cols-middle');
|
||||
row.find('.um-admin-drag-col').addClass('cols-' + row.find('.um-admin-drag-col:visible').length );
|
||||
row.find('.um-admin-drag-col:last').addClass('cols-last');
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
if ( allow_update_via_col_click == true ) {
|
||||
UM_Change_Field_Col();
|
||||
UM_Rows_Refresh();
|
||||
}
|
||||
|
||||
});
|
||||
|
||||
|
||||
/* trigger columns at start */
|
||||
allow_update_via_col_click = false;
|
||||
jQuery('.um-admin-drag-ctrls.columns a.active').each(function(){
|
||||
jQuery(this).trigger('click');
|
||||
}).promise().done( function(){ allow_update_via_col_click = true; } );
|
||||
|
||||
|
||||
UM_Rows_Refresh();
|
||||
});
|
||||
});
|
||||
|
||||
@@ -91,6 +91,7 @@ jQuery(document).ready(function() {
|
||||
um_admin_modal_responsive();
|
||||
} else {
|
||||
jQuery('.um-col-demon-settings').data('in_row', '').data('in_sub_row', '').data('in_column', '').data('in_group', '');
|
||||
jQuery('.tipsy').hide();
|
||||
um_admin_remove_modal();
|
||||
um_admin_update_builder();
|
||||
}
|
||||
|
||||
@@ -22,7 +22,7 @@ function um_admin_new_modal( id, ajax, size ) {
|
||||
jQuery('#' + id).prependTo('.um-admin-modal');
|
||||
jQuery('#' + id).show();
|
||||
jQuery('.um-admin-modal').show();
|
||||
|
||||
|
||||
jQuery('.um-admin-modal-head').append('<a href="javascript:void(0);" data-action="UM_remove_modal" class="um-admin-modal-close"><i class="um-faicon-times"></i></a>');
|
||||
|
||||
if ( ajax == true ) {
|
||||
@@ -92,7 +92,7 @@ function um_admin_modal_ajaxcall( act_id, arg1, arg2, arg3 ) {
|
||||
in_sub_row = '';
|
||||
in_column = '';
|
||||
in_group = '';
|
||||
|
||||
|
||||
if ( jQuery('.um-col-demon-settings').data('in_column') ) {
|
||||
in_row = jQuery('.um-col-demon-settings').data('in_row');
|
||||
in_sub_row = jQuery('.um-col-demon-settings').data('in_sub_row');
|
||||
@@ -101,7 +101,7 @@ function um_admin_modal_ajaxcall( act_id, arg1, arg2, arg3 ) {
|
||||
}
|
||||
|
||||
var form_mode = jQuery('input[type=hidden][id=form__um_mode]').val();
|
||||
|
||||
|
||||
jQuery.ajax({
|
||||
url: wp.ajax.settings.url,
|
||||
type: 'POST',
|
||||
@@ -186,19 +186,23 @@ function um_admin_remove_modal() {
|
||||
/*tinyMCE.execCommand('mceRemoveEditor', true, 'um_editor_edit');
|
||||
jQuery('.um-hidden-editor-edit').html( jQuery('.um-admin-editor:visible').contents() );
|
||||
tinyMCE.execCommand('mceAddEditor', true, 'um_editor_edit');*/
|
||||
|
||||
|
||||
} else {
|
||||
jQuery('#wp-um_editor_new-wrap').remove();
|
||||
|
||||
/*tinyMCE.execCommand('mceRemoveEditor', true, 'um_editor_new');
|
||||
jQuery('.um-hidden-editor-new').html( jQuery('.um-admin-editor:visible').contents() );
|
||||
tinyMCE.execCommand('mceAddEditor', true, 'um_editor_new');*/
|
||||
|
||||
|
||||
}
|
||||
|
||||
jQuery('.um_tiny_placeholder').replaceWith( jQuery( $um_tiny_editor ).html() );
|
||||
}
|
||||
|
||||
if ( 'undefined' !== typeof window.UM.admin.allTooltips && window.UM.admin.allTooltips.length > 0 ) {
|
||||
window.UM.admin.allTooltips.tooltip('close');
|
||||
}
|
||||
jQuery('.tipsy').hide();
|
||||
jQuery('body').removeClass('um-admin-modal-open');
|
||||
jQuery('.um-admin-modal div[id^="UM_"]').hide().appendTo('body');
|
||||
jQuery('.um-admin-modal,.um-admin-overlay').remove();
|
||||
@@ -226,7 +230,7 @@ function um_admin_modal_add_attr( id, value ) {
|
||||
**/
|
||||
|
||||
jQuery(document).ready(function() {
|
||||
|
||||
|
||||
/**
|
||||
disable link
|
||||
**/
|
||||
@@ -234,7 +238,7 @@ jQuery(document).ready(function() {
|
||||
e.preventDefault();
|
||||
return false;
|
||||
});
|
||||
|
||||
|
||||
/**
|
||||
toggle area
|
||||
**/
|
||||
@@ -298,7 +302,7 @@ jQuery(document).ready(function() {
|
||||
} );
|
||||
|
||||
});
|
||||
|
||||
|
||||
/**
|
||||
reset conditions
|
||||
**/
|
||||
@@ -311,7 +315,7 @@ jQuery(document).ready(function() {
|
||||
um_admin_live_update_scripts();
|
||||
um_admin_modal_responsive();
|
||||
});
|
||||
|
||||
|
||||
/**
|
||||
remove a condition
|
||||
**/
|
||||
@@ -336,14 +340,15 @@ jQuery(document).ready(function() {
|
||||
um_admin_live_update_scripts();
|
||||
um_admin_modal_responsive();
|
||||
});
|
||||
|
||||
|
||||
/**
|
||||
remove modal via action
|
||||
**/
|
||||
jQuery(document.body).on('click', '.um-admin-overlay, a[data-action="UM_remove_modal"]', function(){
|
||||
jQuery('.tipsy').hide();
|
||||
um_admin_remove_modal();
|
||||
});
|
||||
|
||||
|
||||
/**
|
||||
fire new modal
|
||||
**/
|
||||
@@ -353,26 +358,26 @@ jQuery(document).ready(function() {
|
||||
var modal_id = jQuery(this).attr('data-modal');
|
||||
|
||||
if ( jQuery(this).attr('data-back') ) {
|
||||
|
||||
|
||||
jQuery('#UM_fonticons').find('a.um-admin-modal-back').attr("data-modal", jQuery(this).attr('data-back') );
|
||||
var current_icon = jQuery( '#' + jQuery(this).attr('data-back') ).find('input#_icon').val();
|
||||
if ( current_icon == '' ) {
|
||||
jQuery('#UM_fonticons').find('.um-admin-icons span').removeClass('highlighted');
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
if ( jQuery(this).data('dynamic-content') ) {
|
||||
um_admin_new_modal( modal_id, true, jQuery(this).data('modal-size') );
|
||||
um_admin_modal_ajaxcall( jQuery(this).data('dynamic-content'), jQuery(this).data('arg1'), jQuery(this).data('arg2'), jQuery(this).data('arg3') );
|
||||
} else {
|
||||
um_admin_new_modal( modal_id );
|
||||
}
|
||||
|
||||
|
||||
return false;
|
||||
|
||||
});
|
||||
|
||||
|
||||
/**
|
||||
choose font icon
|
||||
**/
|
||||
@@ -382,7 +387,7 @@ jQuery(document).ready(function() {
|
||||
jQuery(this).addClass('highlighted');
|
||||
jQuery('#UM_fonticons').find('a.um-admin-modal-back').attr("data-code", icon);
|
||||
});
|
||||
|
||||
|
||||
/**
|
||||
submit font icon
|
||||
**/
|
||||
@@ -401,10 +406,11 @@ jQuery(document).ready(function() {
|
||||
}
|
||||
jQuery(this).attr('data-code', '');
|
||||
if ( v_id == '.postbox' ) {
|
||||
jQuery('.tipsy').hide();
|
||||
um_admin_remove_modal();
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
/**
|
||||
restore font icon
|
||||
**/
|
||||
@@ -419,7 +425,7 @@ jQuery(document).ready(function() {
|
||||
element.find('.um-admin-icon-value').html( wp.i18n.__( 'No Icon', 'ultimate-member' ) );
|
||||
jQuery(this).hide();
|
||||
});
|
||||
|
||||
|
||||
/**
|
||||
search font icons
|
||||
**/
|
||||
@@ -433,14 +439,14 @@ jQuery(document).ready(function() {
|
||||
um_admin_modal_responsive();
|
||||
});
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* Retrieve options from a callback function
|
||||
*/
|
||||
jQuery(document.body).on('blur',"#_custom_dropdown_options_source", function(){
|
||||
var me = jQuery(this);
|
||||
var _options = jQuery('textarea[id=_options]');
|
||||
|
||||
|
||||
if( me.val() != '' ){
|
||||
var um_option_callback = me.val();
|
||||
jQuery.ajax({
|
||||
@@ -452,17 +458,17 @@ jQuery(document).ready(function() {
|
||||
nonce: um_admin_scripts.nonce
|
||||
},
|
||||
complete: function(){
|
||||
|
||||
|
||||
},
|
||||
success: function( response ){
|
||||
var arr_opts = [];
|
||||
|
||||
|
||||
for (var key in response.data ){
|
||||
arr_opts.push( response.data[ key ] );
|
||||
}
|
||||
|
||||
_options.val( arr_opts.join('\n') );
|
||||
|
||||
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@@ -1,3 +1,11 @@
|
||||
if ( typeof (window.UM) !== 'object' ) {
|
||||
window.UM = {};
|
||||
}
|
||||
|
||||
if ( typeof (window.UM.admin) !== 'object' ) {
|
||||
window.UM.admin = {};
|
||||
}
|
||||
|
||||
function um_admin_init_datetimepicker() {
|
||||
jQuery('.um-datepicker:not(.picker__input)').each(function(){
|
||||
elem = jQuery(this);
|
||||
@@ -79,7 +87,7 @@ function um_admin_init_datetimepicker() {
|
||||
|
||||
function um_init_tooltips() {
|
||||
if ( jQuery( '.um_tooltip' ).length > 0 ) {
|
||||
jQuery( '.um_tooltip' ).tooltip({
|
||||
window.UM.admin.allTooltips = jQuery( '.um_tooltip' ).tooltip({
|
||||
tooltipClass: "um_tooltip",
|
||||
content: function () {
|
||||
return jQuery( this ).attr( 'title' );
|
||||
@@ -109,7 +117,7 @@ jQuery(document).ready(function() {
|
||||
});
|
||||
return false;
|
||||
});
|
||||
|
||||
|
||||
/**
|
||||
remove a field dropdown
|
||||
**/
|
||||
@@ -124,7 +132,7 @@ jQuery(document).ready(function() {
|
||||
});
|
||||
return false;
|
||||
});
|
||||
|
||||
|
||||
/**
|
||||
Ajax link
|
||||
**/
|
||||
@@ -132,7 +140,7 @@ jQuery(document).ready(function() {
|
||||
e.preventDefault();
|
||||
return false;
|
||||
});
|
||||
|
||||
|
||||
/**
|
||||
On/Off Buttons
|
||||
**/
|
||||
@@ -149,7 +157,7 @@ jQuery(document).ready(function() {
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
/**
|
||||
WP Color Picker
|
||||
**/
|
||||
@@ -157,12 +165,12 @@ jQuery(document).ready(function() {
|
||||
jQuery('.um-admin-colorpicker').wpColorPicker();
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
Tooltips
|
||||
**/
|
||||
um_init_tooltips();
|
||||
|
||||
|
||||
if( typeof tipsy !== 'undefined' ){
|
||||
jQuery('.um-admin-tipsy-n').tipsy({gravity: 'n', opacity: 1, live: 'a.live' });
|
||||
jQuery('.um-admin-tipsy-w').tipsy({gravity: 'w', opacity: 1, live: 'a.live' });
|
||||
@@ -170,7 +178,7 @@ jQuery(document).ready(function() {
|
||||
jQuery('.um-admin-tipsy-s').tipsy({gravity: 's', opacity: 1, live: 'a.live' });
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
Conditional fields
|
||||
**/
|
||||
@@ -197,7 +205,7 @@ jQuery(document).ready(function() {
|
||||
jQuery('.' + jQuery(this).data('cond1-hide') ).show();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if ( jQuery(this).data('cond2') ) {
|
||||
if ( value == jQuery(this).data('cond2') ) {
|
||||
jQuery('.' + jQuery(this).data('cond2-show') ).show();
|
||||
@@ -212,7 +220,7 @@ jQuery(document).ready(function() {
|
||||
jQuery('.' + jQuery(this).data('cond2-hide') ).show();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if ( jQuery(this).data('cond3') ) {
|
||||
if ( value == jQuery(this).data('cond3') ) {
|
||||
jQuery('.' + jQuery(this).data('cond3-show') ).show();
|
||||
@@ -222,16 +230,16 @@ jQuery(document).ready(function() {
|
||||
jQuery('.' + jQuery(this).data('cond3-hide') ).show();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
});jQuery('.um-adm-conditional').each(function(){jQuery(this).trigger('change');});
|
||||
|
||||
|
||||
/**
|
||||
Conditional fields for
|
||||
Radio Group
|
||||
**/
|
||||
jQuery('.um-conditional-radio-group input[type=radio]').on('click', function(){
|
||||
var holder = jQuery('.um-conditional-radio-group');
|
||||
|
||||
|
||||
var val = jQuery(this).val();
|
||||
var cond1 = holder.data('cond1');
|
||||
var show1 = holder.data('cond1-show');
|
||||
@@ -240,7 +248,7 @@ jQuery(document).ready(function() {
|
||||
} else {
|
||||
jQuery('.' + show1).hide();
|
||||
}
|
||||
|
||||
|
||||
var val2 = jQuery(this).val();
|
||||
var cond2 = holder.data('cond2');
|
||||
var show2 = holder.data('cond2-show');
|
||||
@@ -249,7 +257,7 @@ jQuery(document).ready(function() {
|
||||
} else {
|
||||
jQuery('.' + show2).hide();
|
||||
}
|
||||
|
||||
|
||||
});jQuery('.um-conditional-radio-group input[type=radio]:checked').each(function(){jQuery(this).trigger('click');});
|
||||
|
||||
|
||||
@@ -258,7 +266,7 @@ jQuery(document).ready(function() {
|
||||
Conditional fields for
|
||||
nav-menu editor options
|
||||
**/
|
||||
|
||||
|
||||
jQuery('.um-nav-mode').each( function() {
|
||||
if ( jQuery(this).find('select').val() == 2 ) {
|
||||
jQuery(this).parents('.um-nav-edit').find('.um-nav-roles').show();
|
||||
@@ -275,4 +283,4 @@ jQuery(document).ready(function() {
|
||||
jQuery(this).parents('.um-nav-edit').find('.um-nav-roles').hide();
|
||||
}
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
@@ -0,0 +1,78 @@
|
||||
jQuery(document).on("ready", function(){
|
||||
|
||||
const scan_results_wrapper = jQuery(".um-secure-scan-results");
|
||||
const scan_button_elem = jQuery(".um-secure-scan-content");
|
||||
const scan_capabilities = jQuery("input[data-field_id^='banned_capabilities']");
|
||||
|
||||
var UM_Secure = {
|
||||
init: function() {
|
||||
scan_results_wrapper.css({
|
||||
'margin-top': '10px',
|
||||
'padding': '10px',
|
||||
'padding-bottom': '10px',
|
||||
'background-color': '#fff',
|
||||
'display': 'block',
|
||||
'max-height': '200px',
|
||||
'height': '500px',
|
||||
'overflow-y': 'scroll',
|
||||
});
|
||||
|
||||
scan_button_elem.on("click", function(e){
|
||||
UM_Secure.effect();
|
||||
e.preventDefault();
|
||||
var me = jQuery(this);
|
||||
me.prop("disabled", true);
|
||||
scan_results_wrapper.empty();
|
||||
|
||||
UM_Secure.log( wp.i18n.__( 'Scanning site..', 'ultimate-member' ) );
|
||||
|
||||
UM_Secure.ajax('');
|
||||
|
||||
});
|
||||
scan_capabilities.on("change", function(){
|
||||
scan_button_elem.after( ' <small style="color: red;">' + wp.i18n.__( 'You can start the scan now but you must save the settings to apply the selected capabilities after the scan is complete.', 'ultimate-member' ) + '</small>' );
|
||||
scan_capabilities.off("change");
|
||||
})
|
||||
},
|
||||
ajax: function( last_capability ) {
|
||||
let checkedCaps = [];
|
||||
let checkedCapsInputs = scan_results_wrapper.parents('.um-form-table').find('input[type="checkbox"][data-field_id^="banned_capabilities_"]:checked');
|
||||
checkedCapsInputs.each(function (){
|
||||
checkedCaps.push( jQuery(this).data('field_id').replace('banned_capabilities_', '') );
|
||||
});
|
||||
|
||||
var request = {
|
||||
nonce: um_admin_scripts.nonce,
|
||||
capabilities: checkedCaps,
|
||||
last_scanned_capability: last_capability,
|
||||
};
|
||||
|
||||
wp.ajax.send('um_secure_scan_affected_users', {
|
||||
data: request,
|
||||
success: function (response) {
|
||||
if ( ! response.completed ) {
|
||||
UM_Secure.ajax( response.last_scanned_capability );
|
||||
UM_Secure.log( response.message );
|
||||
} else if ( response.completed ) {
|
||||
scan_results_wrapper.empty();
|
||||
UM_Secure.log( response.recommendations );
|
||||
scan_results_wrapper.find('.current').removeClass('current');
|
||||
scan_button_elem.removeAttr('disabled');
|
||||
}
|
||||
},
|
||||
});
|
||||
},
|
||||
log: function( str ) {
|
||||
scan_results_wrapper.find('.current').removeClass('current');
|
||||
scan_results_wrapper.append( '<span class="current">' + str + '</span><br/>' );
|
||||
},
|
||||
effect: function() {
|
||||
var blink = function(){
|
||||
scan_results_wrapper.find(".current").fadeTo(100, 0.1).fadeTo(200, 1.0);
|
||||
};
|
||||
setInterval(blink, 1000);
|
||||
}
|
||||
};
|
||||
|
||||
UM_Secure.init();
|
||||
});
|
||||
@@ -88,6 +88,10 @@ if ( ! class_exists( 'um\admin\Admin' ) ) {
|
||||
add_filter( 'post_updated_messages', array( &$this, 'post_updated_messages' ) );
|
||||
}
|
||||
|
||||
public function includes() {
|
||||
$this->notices();
|
||||
$this->secure();
|
||||
}
|
||||
|
||||
function init_variables() {
|
||||
$this->role_meta = apply_filters(
|
||||
@@ -1076,7 +1080,6 @@ if ( ! class_exists( 'um\admin\Admin' ) ) {
|
||||
return $value;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param $value
|
||||
*
|
||||
@@ -1087,6 +1090,15 @@ if ( ! class_exists( 'um\admin\Admin' ) ) {
|
||||
return $value;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $value
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function sanitize_wp_capabilities_assoc( $value ) {
|
||||
$value = array_map( 'sanitize_key', array_filter( $value ) );
|
||||
return $value;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sanitize role meta fields when wp-admin form has been submitted
|
||||
@@ -1626,9 +1638,9 @@ if ( ! class_exists( 'um\admin\Admin' ) ) {
|
||||
update_option( 'um_last_manual_upgrades_request', time() );
|
||||
}
|
||||
|
||||
$url = add_query_arg( array( 'page' => 'ultimatemember', 'update' => 'got_updates' ), admin_url( 'admin.php' ) );
|
||||
$url = add_query_arg( array( 'page' => 'ultimatemember', 'update' => 'um_got_updates' ), admin_url( 'admin.php' ) );
|
||||
} else {
|
||||
$url = add_query_arg( array( 'page' => 'ultimatemember', 'update' => 'often_updates' ), admin_url( 'admin.php' ) );
|
||||
$url = add_query_arg( array( 'page' => 'ultimatemember', 'update' => 'um_often_updates' ), admin_url( 'admin.php' ) );
|
||||
}
|
||||
exit( wp_redirect( $url ) );
|
||||
}
|
||||
@@ -1687,7 +1699,7 @@ if ( ! class_exists( 'um\admin\Admin' ) ) {
|
||||
$url = add_query_arg(
|
||||
array(
|
||||
'page' => 'ultimatemember',
|
||||
'update' => 'cleared_cache',
|
||||
'update' => 'um_cleared_cache',
|
||||
),
|
||||
admin_url( 'admin.php' )
|
||||
);
|
||||
@@ -1725,7 +1737,7 @@ if ( ! class_exists( 'um\admin\Admin' ) ) {
|
||||
$url = add_query_arg(
|
||||
array(
|
||||
'page' => 'ultimatemember',
|
||||
'update' => 'cleared_status_cache',
|
||||
'update' => 'um_cleared_status_cache',
|
||||
),
|
||||
admin_url( 'admin.php' )
|
||||
);
|
||||
@@ -1745,7 +1757,7 @@ if ( ! class_exists( 'um\admin\Admin' ) ) {
|
||||
|
||||
UM()->files()->remove_dir( UM()->files()->upload_temp );
|
||||
|
||||
$url = add_query_arg( array( 'page' => 'ultimatemember', 'update' => 'purged_temp' ), admin_url( 'admin.php' ) );
|
||||
$url = add_query_arg( array( 'page' => 'ultimatemember', 'update' => 'um_purged_temp' ), admin_url( 'admin.php' ) );
|
||||
exit( wp_redirect( $url ) );
|
||||
}
|
||||
|
||||
@@ -1796,7 +1808,7 @@ if ( ! class_exists( 'um\admin\Admin' ) ) {
|
||||
$url = add_query_arg(
|
||||
array(
|
||||
'post_type' => 'um_form',
|
||||
'update' => 'form_duplicated',
|
||||
'update' => 'um_form_duplicated',
|
||||
),
|
||||
admin_url( 'edit.php' )
|
||||
);
|
||||
@@ -1879,7 +1891,7 @@ if ( ! class_exists( 'um\admin\Admin' ) ) {
|
||||
|
||||
um_reset_user();
|
||||
|
||||
wp_redirect( add_query_arg( 'update', 'user_updated', admin_url( '?page=ultimatemember' ) ) );
|
||||
wp_redirect( add_query_arg( 'update', 'um_user_updated', admin_url( '?page=ultimatemember' ) ) );
|
||||
exit;
|
||||
|
||||
}
|
||||
@@ -2056,17 +2068,28 @@ if ( ! class_exists( 'um\admin\Admin' ) ) {
|
||||
return $parent_file;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @since 2.0
|
||||
*
|
||||
* @return core\Admin_Notices()
|
||||
*/
|
||||
function notices() {
|
||||
public function notices() {
|
||||
if ( empty( UM()->classes['admin_notices'] ) ) {
|
||||
UM()->classes['admin_notices'] = new core\Admin_Notices();
|
||||
}
|
||||
return UM()->classes['admin_notices'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @return Secure
|
||||
*/
|
||||
public function secure() {
|
||||
if ( empty( UM()->classes['um\admin\secure'] ) ) {
|
||||
UM()->classes['um\admin\secure'] = new Secure();
|
||||
}
|
||||
return UM()->classes['um\admin\secure'];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,382 @@
|
||||
<?php
|
||||
/**
|
||||
* Usermeta which we use:
|
||||
*
|
||||
* um_user_blocked__metadata
|
||||
* um_user_blocked
|
||||
* um_user_blocked__timestamp
|
||||
*
|
||||
* um_secure_has_reset_password
|
||||
* um_secure_has_reset_password__timestamp
|
||||
*/
|
||||
namespace um\admin;
|
||||
|
||||
use WP_Session_Tokens;
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( ! class_exists( 'um\admin\Secure' ) ) {
|
||||
|
||||
/**
|
||||
* Class Secure
|
||||
*
|
||||
* @package um\admin
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
class Secure {
|
||||
|
||||
/**
|
||||
* Used for flushing user metas.
|
||||
*
|
||||
* @var bool
|
||||
*/
|
||||
private $need_flush_meta = false;
|
||||
|
||||
/**
|
||||
* Secure constructor.
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function __construct() {
|
||||
add_action( 'admin_init', array( $this, 'admin_init' ) );
|
||||
add_filter( 'um_settings_structure', array( $this, 'add_settings' ) );
|
||||
add_filter( 'manage_users_custom_column', array( $this, 'add_restore_account' ), 9999, 3 );
|
||||
add_filter( 'pre_get_users', array( $this, 'filter_users_by_date_registered' ) );
|
||||
|
||||
add_action( 'um_settings_before_save', array( $this, 'check_secure_changes' ) );
|
||||
add_action( 'um_settings_save', array( $this, 'on_settings_save' ) );
|
||||
|
||||
add_action( 'admin_enqueue_scripts', array( $this, 'admin_scripts' ) );
|
||||
|
||||
add_action( 'wp_ajax_um_secure_scan_affected_users', array( $this, 'ajax_scanner' ) );
|
||||
}
|
||||
|
||||
public function admin_scripts( $hook ) {
|
||||
// phpcs:disable WordPress.Security.NonceVerification
|
||||
if ( 'ultimate-member_page_um_options' !== $hook || ( isset( $_GET['tab'] ) && 'secure' !== $_GET['tab'] ) ) {
|
||||
return;
|
||||
}
|
||||
// phpcs:enable WordPress.Security.NonceVerification
|
||||
|
||||
wp_register_script( 'um_admin_secure', UM()->admin_enqueue()->js_url . 'um-admin-secure.js', array( 'jquery' ), UM_VERSION, true );
|
||||
wp_enqueue_script( 'um_admin_secure' );
|
||||
}
|
||||
|
||||
/**
|
||||
* Filter users by Register Date
|
||||
*
|
||||
* @since 2.6.8
|
||||
* @param object $query WP query `pre_get_users`
|
||||
*/
|
||||
public function filter_users_by_date_registered( $query ) {
|
||||
global $pagenow;
|
||||
if ( is_admin() && 'users.php' === $pagenow ) {
|
||||
// phpcs:disable WordPress.Security.NonceVerification
|
||||
$date_from = isset( $_GET['um_secure_date_from'] ) ? $_GET['um_secure_date_from'] : null;
|
||||
$date_to = isset( $_GET['um_secure_date_to'] ) ? $_GET['um_secure_date_to'] : null;
|
||||
// phpcs:enable WordPress.Security.NonceVerification
|
||||
if ( ! $date_to ) {
|
||||
$query->set(
|
||||
'date_query',
|
||||
array(
|
||||
'after' => human_time_diff( $date_from, strtotime( current_time( 'mysql' ) ) ) . ' ago',
|
||||
'inclusive' => true,
|
||||
)
|
||||
);
|
||||
} elseif ( $date_from && $date_to ) {
|
||||
$query->set(
|
||||
'date_query',
|
||||
array(
|
||||
'after' => human_time_diff( $date_from, strtotime( current_time( 'mysql' ) ) ) . ' ago',
|
||||
'before' => human_time_diff( $date_to, strtotime( current_time( 'mysql' ) ) ) . ' ago',
|
||||
'inclusive' => true,
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
return $query;
|
||||
}
|
||||
|
||||
/**
|
||||
* Handle secure actions.
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function admin_init() {
|
||||
global $wpdb;
|
||||
// Dismiss admin notice after the first visit to Secure settings page.
|
||||
if ( isset( $_REQUEST['page'] ) && isset( $_REQUEST['tab'] ) &&
|
||||
'um_options' === sanitize_key( $_REQUEST['page'] ) && 'secure' === sanitize_key( $_REQUEST['tab'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification
|
||||
UM()->admin()->notices()->dismiss( 'secure_settings' );
|
||||
}
|
||||
|
||||
if ( isset( $_REQUEST['um_secure_expire_all_sessions'] ) && ! wp_doing_ajax() ) {
|
||||
if ( ! wp_verify_nonce( $_REQUEST['_wpnonce'], 'um-secure-expire-session-nonce' ) || ! current_user_can( 'manage_options' ) ) {
|
||||
// This nonce is not valid or current logged-in user has no administrative rights.
|
||||
wp_die( esc_html__( 'Security check', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* Destroy all user sessions except the current logged-in user.
|
||||
*/
|
||||
$wpdb->query( $wpdb->prepare( 'DELETE FROM ' . $wpdb->usermeta . ' WHERE meta_key="session_tokens" AND user_id != %d', get_current_user_id() ) );
|
||||
|
||||
if ( UM()->options()->get( 'display_login_form_notice' ) ) {
|
||||
global $wpdb;
|
||||
$wpdb->query(
|
||||
$wpdb->prepare(
|
||||
"DELETE FROM {$wpdb->usermeta} WHERE user_id != %d AND ( meta_key = 'um_secure_has_reset_password' OR meta_key = 'um_secure_has_reset_password__timestamp' )",
|
||||
get_current_user_id()
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
wp_safe_redirect( add_query_arg( 'update', 'um_secure_expire_sessions', wp_get_referer() ) );
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( isset( $_REQUEST['um_secure_restore_account'], $_REQUEST['user_id'] ) && ! wp_doing_ajax() ) {
|
||||
$user_id = absint( $_REQUEST['user_id'] );
|
||||
if ( ! wp_verify_nonce( $_REQUEST['_wpnonce'], 'um-security-restore-account-nonce-' . $user_id ) || ! current_user_can( 'manage_options' ) ) {
|
||||
// This nonce is not valid or current logged-in user has no administrative rights.
|
||||
wp_die( esc_html__( 'Security check', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
$user = get_userdata( $user_id );
|
||||
if ( ! $user ) {
|
||||
wp_die( esc_html__( 'Invalid user.', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
um_fetch_user( $user_id );
|
||||
$metadata = get_user_meta( $user_id, 'um_user_blocked__metadata', true );
|
||||
$user->update_user_level_from_caps();
|
||||
|
||||
// Restore Roles.
|
||||
if ( isset( $metadata['roles'] ) ) {
|
||||
foreach ( $metadata['roles'] as $role ) {
|
||||
$user->add_role( $role );
|
||||
}
|
||||
}
|
||||
// Restore Account Status.
|
||||
if ( isset( $metadata['account_status'] ) ) {
|
||||
UM()->user()->set_status( $metadata['account_status'] );
|
||||
}
|
||||
|
||||
// Delete blocked meta.
|
||||
delete_user_meta( $user_id, 'um_user_blocked__metadata' );
|
||||
delete_user_meta( $user_id, 'um_user_blocked' );
|
||||
delete_user_meta( $user_id, 'um_user_blocked__timestamp' );
|
||||
|
||||
// Don't need to reset a password.
|
||||
if ( UM()->options()->get( 'display_login_form_notice' ) ) {
|
||||
update_user_meta( $user_id, 'um_secure_has_reset_password', true );
|
||||
update_user_meta( $user_id, 'um_secure_has_reset_password__timestamp', current_time( 'mysql' ) );
|
||||
}
|
||||
|
||||
// Clear Cache.
|
||||
UM()->user()->remove_cache( $user_id );
|
||||
um_reset_user();
|
||||
wp_safe_redirect( add_query_arg( 'update', 'um_secure_restore', wp_get_referer() ) );
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Register Secure Settings
|
||||
*
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @param array $settings
|
||||
* @return array
|
||||
*/
|
||||
public function add_settings( $settings ) {
|
||||
$nonce = wp_create_nonce( 'um-secure-expire-session-nonce' );
|
||||
$count_users = count_users();
|
||||
|
||||
$banned_capabilities = array();
|
||||
$banned_admin_capabilities = UM()->common()->secure()->get_banned_capabilities_list();
|
||||
foreach ( $banned_admin_capabilities as $cap ) {
|
||||
$banned_capabilities[ $cap ] = $cap;
|
||||
}
|
||||
|
||||
$disabled_capabilities = UM()->options()->get_default( 'banned_capabilities' );
|
||||
$disabled_capabilities_text = '<strong>' . implode( '</strong>, <strong>', $disabled_capabilities ) . '</strong>';
|
||||
|
||||
$scanner_content = '<button class="button um-secure-scan-content">' . esc_html__( 'Scan Now', 'ultimate-member' ) . '</button>';
|
||||
$scanner_content .= '<span class="um-secure-scan-results">';
|
||||
$scanner_content .= esc_html__( 'Last scan:', 'ultimate-member' ) . ' ';
|
||||
$scan_status = get_option( 'um_secure_scan_status' );
|
||||
$last_scanned_time = get_option( 'um_secure_last_time_scanned' );
|
||||
if ( ! empty( $last_scanned_time ) ) {
|
||||
$scanner_content .= human_time_diff( strtotime( $last_scanned_time ), strtotime( current_time( 'mysql' ) ) ) . ' ' . esc_html__( 'ago', 'ultimate-member' );
|
||||
if ( 'started' === $scan_status ) {
|
||||
$scanner_content .= ' - ' . esc_html__( 'Not Completed.', 'ultimate-member' );
|
||||
}
|
||||
} else {
|
||||
$scanner_content .= esc_html__( 'Not Scanned yet.', 'ultimate-member' );
|
||||
}
|
||||
$scanner_content .= '</span>';
|
||||
|
||||
$secure_fields = array(
|
||||
array(
|
||||
'id' => 'banned_capabilities',
|
||||
'type' => 'multi_checkbox',
|
||||
'multi' => true,
|
||||
'assoc' => true,
|
||||
'checkbox_key' => true,
|
||||
'columns' => 2,
|
||||
'options_disabled' => $disabled_capabilities,
|
||||
'options' => $banned_capabilities,
|
||||
'label' => __( 'Banned Administrative Capabilities', 'ultimate-member' ),
|
||||
// translators: %s are disabled default capabilities that are enabled by default.
|
||||
'description' => sprintf( __( 'All the above are default Administrator & Super Admin capabilities. When someone tries to inject capabilities to the Account, Profile & Register forms submission, it will be flagged with this option. The %s capabilities are locked to ensure no users will be created with these capabilities.', 'ultimate-member' ), $disabled_capabilities_text ),
|
||||
),
|
||||
array(
|
||||
'id' => 'secure_scan_affected_users',
|
||||
'type' => 'info_text',
|
||||
'label' => __( 'Scanner', 'ultimate-member' ),
|
||||
'value' => $scanner_content,
|
||||
'description' => __( 'Scan your site to check for vulnerabilities prior to Ultimate Member version 2.6.7 and get recommendations to secure your site.', 'ultimate-member' ),
|
||||
),
|
||||
array(
|
||||
'id' => 'lock_register_forms',
|
||||
'type' => 'checkbox',
|
||||
'label' => __( 'Lock All Register Forms', 'ultimate-member' ),
|
||||
'description' => __( 'This prevents all users from registering with Ultimate Member on your site.', 'ultimate-member' ),
|
||||
),
|
||||
array(
|
||||
'id' => 'display_login_form_notice',
|
||||
'type' => 'checkbox',
|
||||
'label' => __( 'Display Login form notice to reset passwords', 'ultimate-member' ),
|
||||
'description' => __( 'Enforces users to reset their passwords( one-time ) and prevent from entering old password.', 'ultimate-member' ),
|
||||
),
|
||||
);
|
||||
|
||||
$count_users_exclude_me = $count_users['total_users'] - 1;
|
||||
if ( $count_users_exclude_me > 0 ) {
|
||||
$secure_fields[] = array(
|
||||
'id' => 'force_reset_passwords',
|
||||
'type' => 'info_text',
|
||||
'label' => __( 'Expire All Users Sessions', 'ultimate-member' ),
|
||||
// translators: %d is the users count.
|
||||
'value' => '<a class="button um_secure_force_reset_passwords" href="' . admin_url( '?um_secure_expire_all_sessions=1&_wpnonce=' . esc_attr( $nonce ) ) . '" onclick=\'return confirm("' . esc_js( __( 'Are you sure that you want to make all users sessions expired?', 'ultimate-member' ) ) . '");\'>' . esc_html( sprintf( __( 'Logout Users (%d)', 'ultimate-member' ), $count_users_exclude_me ) ) . '</a>',
|
||||
'description' => __( 'This will log out all users on your site and forces them to reset passwords <br/>when <strong>"Display Login form notice to reset passwords" is enabled/checked.</strong>', 'ultimate-member' ),
|
||||
);
|
||||
}
|
||||
|
||||
$secure_fields = array_merge(
|
||||
$secure_fields,
|
||||
array(
|
||||
array(
|
||||
'id' => 'secure_ban_admins_accounts',
|
||||
'type' => 'checkbox',
|
||||
'label' => __( 'Enable ban for administrative capabilities', 'ultimate-member' ),
|
||||
'description' => __( ' When someone tries to inject capabilities to the Account, Profile & Register forms submission, it will be banned.', 'ultimate-member' ),
|
||||
),
|
||||
array(
|
||||
'id' => 'secure_notify_admins_banned_accounts',
|
||||
'type' => 'checkbox',
|
||||
'label' => __( 'Notify Administrators', 'ultimate-member' ),
|
||||
'description' => __( 'When enabled, All administrators will be notified when someone has suspicious activities in the Account, Profile & Register forms.', 'ultimate-member' ),
|
||||
'conditional' => array( 'secure_ban_admins_accounts', '=', 1 ),
|
||||
),
|
||||
array(
|
||||
'id' => 'secure_notify_admins_banned_accounts__interval',
|
||||
'type' => 'select',
|
||||
'options' => array(
|
||||
'instant' => __( 'Send Immediately', 'ultimate-member' ),
|
||||
'hourly' => __( 'Hourly', 'ultimate-member' ),
|
||||
'daily' => __( 'Daily', 'ultimate-member' ),
|
||||
),
|
||||
'label' => __( 'Notification Schedule', 'ultimate-member' ),
|
||||
'conditional' => array( 'secure_notify_admins_banned_accounts', '=', 1 ),
|
||||
),
|
||||
array(
|
||||
'id' => 'secure_allowed_redirect_hosts',
|
||||
'type' => 'textarea',
|
||||
'label' => __( 'Allowed hosts for safe redirect (one host per line)', 'ultimate-member' ),
|
||||
'description' => __( 'Extend allowed hosts for frontend pages redirects', 'ultimate-member' ),
|
||||
),
|
||||
)
|
||||
);
|
||||
|
||||
$settings['secure'] = array(
|
||||
'title' => __( 'Secure', 'ultimate-member' ),
|
||||
'fields' => $secure_fields,
|
||||
);
|
||||
|
||||
return $settings;
|
||||
}
|
||||
|
||||
/**
|
||||
* Append blocked status to the `account_status` column rows.
|
||||
*
|
||||
* @param string $val Default column row value.
|
||||
* @param string $column_name Current column name.
|
||||
* @param int $user_id User ID in loop.
|
||||
*
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function add_restore_account( $val, $column_name, $user_id ) {
|
||||
if ( 'account_status' === $column_name ) {
|
||||
um_fetch_user( $user_id );
|
||||
$is_blocked = um_user( 'um_user_blocked' );
|
||||
$account_status = um_user( 'account_status' );
|
||||
if ( ! empty( $is_blocked ) && in_array( $account_status, array( 'rejected', 'inactive' ), true ) ) {
|
||||
$datetime = um_user( 'um_user_blocked__timestamp' );
|
||||
$val .= '<div><small>' . esc_html__( 'Blocked Due to Suspicious Activity', 'ultimate-member' ) . '</small></div>';
|
||||
$nonce = wp_create_nonce( 'um-security-restore-account-nonce-' . $user_id );
|
||||
$restore_account_url = admin_url( 'users.php?user_id=' . $user_id . '&um_secure_restore_account=1&_wpnonce=' . $nonce );
|
||||
$action = ' · <a href=" ' . esc_attr( $restore_account_url ) . ' " onclick=\'return confirm("' . esc_js( __( 'Are you sure that you want to restore this account after getting flagged for suspicious activity?', 'ultimate-member' ) ) . '");\'><small>' . esc_html__( 'Restore Account', 'ultimate-member' ) . '</small></a>';
|
||||
if ( ! empty( $datetime ) ) {
|
||||
$val .= '<div><small>' . human_time_diff( strtotime( $datetime ), strtotime( current_time( 'mysql' ) ) ) . ' ' . __( 'ago', 'ultimate-member' ) . '</small>' . $action . '</div>';
|
||||
}
|
||||
}
|
||||
um_reset_user();
|
||||
}
|
||||
return $val;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
public function check_secure_changes() {
|
||||
if ( isset( $_POST['um_options']['display_login_form_notice'] ) ) { //phpcs:ignore WordPress.Security.NonceVerification
|
||||
$current_option_value = UM()->options()->get( 'display_login_form_notice' );
|
||||
if ( empty( $current_option_value ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
if ( empty( $_POST['um_options']['display_login_form_notice'] ) ) { //phpcs:ignore WordPress.Security.NonceVerification
|
||||
$this->need_flush_meta = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
public function on_settings_save() {
|
||||
if ( isset( $_POST['um_options']['display_login_form_notice'] ) && ! empty( $this->need_flush_meta ) ) { //phpcs:ignore WordPress.Security.NonceVerification
|
||||
global $wpdb;
|
||||
$wpdb->query(
|
||||
"DELETE FROM {$wpdb->usermeta} WHERE meta_key = 'um_secure_has_reset_password' OR meta_key = 'um_secure_has_reset_password__timestamp'"
|
||||
);
|
||||
}
|
||||
|
||||
if ( isset( $_POST['um_options']['secure_notify_admins_banned_accounts'] ) ) { //phpcs:ignore WordPress.Security.NonceVerification
|
||||
if ( ! empty( $_POST['um_options']['secure_notify_admins_banned_accounts'] ) ) { //phpcs:ignore WordPress.Security.NonceVerification
|
||||
UM()->options()->update( 'suspicious-activity_on', 1 );
|
||||
} else {
|
||||
UM()->options()->update( 'suspicious-activity_on', 0 );
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -410,6 +410,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Builder' ) ) {
|
||||
if ( empty( $fields ) ) {
|
||||
?>
|
||||
<div class="um-admin-drag-row">
|
||||
<span class="um-admin-row-loading"><span></span></span>
|
||||
<!-- Master Row Actions -->
|
||||
<div class="um-admin-drag-row-icons">
|
||||
<a href="javascript:void(0);" class="um-admin-drag-rowsub-add um-admin-tipsy-n" title="<?php esc_attr_e( 'Add Row', 'ultimate-member' ); ?>" data-row_action="add_subrow"><i class="um-icon-plus"></i></a>
|
||||
@@ -419,6 +420,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Builder' ) ) {
|
||||
<div class="um-admin-clear"></div>
|
||||
<div class="um-admin-drag-rowsubs">
|
||||
<div class="um-admin-drag-rowsub">
|
||||
<span class="um-admin-row-loading"><span></span></span>
|
||||
<!-- Column Layout -->
|
||||
<div class="um-admin-drag-ctrls columns">
|
||||
<a href="javascript:void(0);" class="active" data-cols="1"></a>
|
||||
@@ -462,6 +464,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Builder' ) ) {
|
||||
foreach ( $rows as $row_id => $array ) {
|
||||
?>
|
||||
<div class="um-admin-drag-row" data-original="<?php echo esc_attr( $row_id ); ?>">
|
||||
<span class="um-admin-row-loading"><span></span></span>
|
||||
<!-- Master Row Actions -->
|
||||
<div class="um-admin-drag-row-icons">
|
||||
<a href="javascript:void(0);" class="um-admin-drag-rowsub-add um-admin-tipsy-n" title="<?php esc_attr_e( 'Add Row', 'ultimate-member' ); ?>" data-row_action="add_subrow"><i class="um-icon-plus"></i></a>
|
||||
@@ -481,6 +484,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Builder' ) ) {
|
||||
$subrow_fields = $this->get_fields_in_subrow( $row_fields, $c );
|
||||
?>
|
||||
<div class="um-admin-drag-rowsub">
|
||||
<span class="um-admin-row-loading"><span></span></span>
|
||||
<!-- Column Layout -->
|
||||
<div class="um-admin-drag-ctrls columns">
|
||||
<?php
|
||||
|
||||
@@ -175,6 +175,7 @@ if ( ! class_exists( 'um\admin\core\Admin_DragDrop' ) ) {
|
||||
<div class="um-col-demon-settings" data-in_row="" data-in_sub_row="" data-in_column="" data-in_group=""></div>
|
||||
|
||||
<div class="um-col-demon-row" style="display:none;">
|
||||
<span class="um-admin-row-loading"><span></span></span>
|
||||
|
||||
<div class="um-admin-drag-row-icons">
|
||||
<a href="javascript:void(0);" class="um-admin-drag-rowsub-add um-admin-tipsy-n" title="<?php esc_attr_e( 'Add Row', 'ultimate-member' ); ?>" data-row_action="add_subrow"><i class="um-icon-plus"></i></a>
|
||||
@@ -186,6 +187,7 @@ if ( ! class_exists( 'um\admin\core\Admin_DragDrop' ) ) {
|
||||
|
||||
<div class="um-admin-drag-rowsubs">
|
||||
<div class="um-admin-drag-rowsub">
|
||||
<span class="um-admin-row-loading"><span></span></span>
|
||||
|
||||
<div class="um-admin-drag-ctrls columns">
|
||||
<a href="javascript:void(0);" class="active" data-cols="1"></a>
|
||||
|
||||
@@ -411,7 +411,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Enqueue' ) ) {
|
||||
wp_register_style( 'um_admin_modal', $this->css_url . 'um-admin-modal.css', array( 'wp-color-picker' ), ultimatemember_version );
|
||||
wp_enqueue_style( 'um_admin_modal' );
|
||||
|
||||
wp_register_script( 'um_admin_modal', $this->js_url . 'um-admin-modal.js', array( 'jquery', 'editor', 'wp-util', 'wp-color-picker', 'wp-tinymce', 'wp-i18n' ), ultimatemember_version, true );
|
||||
wp_register_script( 'um_admin_modal', $this->js_url . 'um-admin-modal.js', array( 'jquery', 'editor', 'wp-util', 'wp-color-picker', 'wp-tinymce', 'wp-i18n', 'jquery-ui-tooltip', 'um_admin_scripts' ), ultimatemember_version, true );
|
||||
wp_enqueue_script( 'um_admin_modal' );
|
||||
}
|
||||
|
||||
|
||||
@@ -54,4 +54,4 @@ if ( ! class_exists( 'um\admin\core\Admin_Forms_Settings' ) ) {
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -117,13 +117,14 @@ if ( ! class_exists( 'um\admin\core\Admin_Forms' ) ) {
|
||||
$data['value'] = esc_attr( $data['value'] );
|
||||
}
|
||||
|
||||
if( in_array( $data['type'], array('info_text') ) ){
|
||||
if ( 'info_text' === $data['type'] ) {
|
||||
$arr_kses = array(
|
||||
'a' => array(
|
||||
'href' => array(),
|
||||
'title' => array(),
|
||||
'target' => array(),
|
||||
'class' => array(),
|
||||
'href' => array(),
|
||||
'title' => array(),
|
||||
'target' => array(),
|
||||
'class' => array(),
|
||||
'onclick' => array(),
|
||||
),
|
||||
'button' => array(
|
||||
'class' => array(),
|
||||
@@ -1185,15 +1186,14 @@ if ( ! class_exists( 'um\admin\core\Admin_Forms' ) ) {
|
||||
* @return bool|string
|
||||
*/
|
||||
function render_multi_checkbox( $field_data ) {
|
||||
|
||||
if ( empty( $field_data['id'] ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$id = ( ! empty( $this->form_data['prefix_id'] ) ? $this->form_data['prefix_id'] : '' ) . '_' . $field_data['id'];
|
||||
|
||||
$class = ! empty( $field_data['class'] ) ? $field_data['class'] : '';
|
||||
$class .= ! empty( $field_data['size'] ) ? $field_data['size'] : 'um-long-field';
|
||||
$class = ! empty( $field_data['class'] ) ? $field_data['class'] : '';
|
||||
$class .= ! empty( $field_data['size'] ) ? $field_data['size'] : 'um-long-field';
|
||||
$class_attr = ' class="um-forms-field ' . esc_attr( $class ) . '" ';
|
||||
|
||||
$name = $field_data['id'];
|
||||
@@ -1204,19 +1204,27 @@ if ( ! class_exists( 'um\admin\core\Admin_Forms' ) ) {
|
||||
$values = array();
|
||||
}
|
||||
|
||||
$i = 0;
|
||||
$i = 0;
|
||||
$html = '';
|
||||
|
||||
$columns = ( ! empty( $field_data['columns'] ) && is_numeric( $field_data['columns'] ) ) ? $field_data['columns'] : 1;
|
||||
while ( $i < $columns ) {
|
||||
$per_page = ceil( count( $field_data['options'] ) / $columns );
|
||||
$section_fields_per_page = array_slice( $field_data['options'], $i*$per_page, $per_page, true );
|
||||
$html .= '<span class="um-form-fields-section" style="width:' . floor( 100 / $columns ) . '% !important;">';
|
||||
$per_page = ceil( count( $field_data['options'] ) / $columns );
|
||||
$section_fields_per_page = array_slice( $field_data['options'], $i * $per_page, $per_page, true );
|
||||
$html .= '<span class="um-form-fields-section" style="width:' . floor( 100 / $columns ) . '% !important;">';
|
||||
|
||||
foreach ( $section_fields_per_page as $k => $title ) {
|
||||
$id_attr = ' id="' . esc_attr( $id . '_' . $k ) . '" ';
|
||||
$id_attr = ' id="' . esc_attr( $id . '_' . $k ) . '" ';
|
||||
$for_attr = ' for="' . esc_attr( $id . '_' . $k ) . '" ';
|
||||
$name_attr = ' name="' . $name . '[' . $k . ']" ';
|
||||
|
||||
if ( ! empty( $field_data['assoc'] ) ) {
|
||||
$name_attr = ' name="' . esc_attr( $name ) . '[]" ';
|
||||
$value_attr = ' value="' . esc_attr( $k ) . '" ';
|
||||
} else {
|
||||
$name_attr = ' name="' . esc_attr( $name ) . '[' . esc_attr( $k ) . ']" ';
|
||||
$value_attr = ' value="1" ';
|
||||
}
|
||||
$disabed_attr = '';
|
||||
|
||||
$data = array(
|
||||
'field_id' => $field_data['id'] . '_' . $k,
|
||||
@@ -1228,14 +1236,18 @@ if ( ! class_exists( 'um\admin\core\Admin_Forms' ) ) {
|
||||
|
||||
$data_attr = '';
|
||||
foreach ( $data as $key => $value ) {
|
||||
if ( $value == 'checkbox_key' ) {
|
||||
if ( 'checkbox_key' === $value ) {
|
||||
$value = $k;
|
||||
}
|
||||
$data_attr .= ' data-' . $key . '="' . esc_attr( $value ) . '" ';
|
||||
}
|
||||
|
||||
if ( isset( $field_data['options_disabled'] ) && in_array( $k, $field_data['options_disabled'], true ) ) {
|
||||
$disabed_attr = 'disabled="disabled"';
|
||||
}
|
||||
|
||||
$html .= "<label $for_attr>
|
||||
<input type=\"checkbox\" " . checked( in_array( $k, $values ), true, false ) . "$id_attr $name_attr $data_attr value=\"1\" $class_attr>
|
||||
<input type=\"checkbox\" " . checked( in_array( $k, $values, true ), true, false ) . "$disabed_attr $id_attr $name_attr $data_attr $value_attr $class_attr>
|
||||
<span>$title</span>
|
||||
</label>";
|
||||
}
|
||||
|
||||
@@ -171,8 +171,8 @@ if ( ! class_exists( 'um\admin\core\Admin_GDPR' ) ) {
|
||||
global $wpdb;
|
||||
|
||||
$metadata = $wpdb->get_results( $wpdb->prepare(
|
||||
"SELECT meta_key, meta_value
|
||||
FROM {$wpdb->usermeta}
|
||||
"SELECT meta_key, meta_value
|
||||
FROM {$wpdb->usermeta}
|
||||
WHERE user_id = %d",
|
||||
$user_id
|
||||
), ARRAY_A );
|
||||
@@ -295,7 +295,8 @@ if ( ! class_exists( 'um\admin\core\Admin_GDPR' ) ) {
|
||||
if ( $deleted ) {
|
||||
$items_removed = true;
|
||||
} else {
|
||||
$messages[] = sprintf( __( 'Your %s was unable to be removed at this time.', 'ultimate-member' ), $metadata['name'] );
|
||||
// translators: %s: metadata name.
|
||||
$messages[] = sprintf( __( 'Your %s was unable to be removed at this time.', 'ultimate-member' ), $metadata['name'] );
|
||||
$items_retained = true;
|
||||
}
|
||||
}
|
||||
@@ -313,4 +314,4 @@ if ( ! class_exists( 'um\admin\core\Admin_GDPR' ) ) {
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@@ -69,7 +69,9 @@ if ( ! class_exists( 'um\admin\core\Admin_Menu' ) ) {
|
||||
|
||||
ob_start();
|
||||
|
||||
printf( __( 'If you like Ultimate Member please consider leaving a %s review. It will help us to grow the plugin and make it more popular. Thank you.', 'ultimate-member' ), $link ) ?>
|
||||
// translators: %s: Review link.
|
||||
echo wp_kses( sprintf( __( 'If you like Ultimate Member please consider leaving a %s review. It will help us to grow the plugin and make it more popular. Thank you.', 'ultimate-member' ), $link ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
?>
|
||||
|
||||
<script type="text/javascript">
|
||||
jQuery( 'a.um-admin-rating-link' ).click(function() {
|
||||
|
||||
@@ -1092,6 +1092,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Metabox' ) ) {
|
||||
$where = array( 'ID' => $post_id );
|
||||
|
||||
if ( empty( $_POST['post_title'] ) ) {
|
||||
// translators: %s: Directory id.
|
||||
$_POST['post_title'] = sprintf( __( 'Directory #%s', 'ultimate-member' ), $post_id );
|
||||
}
|
||||
|
||||
@@ -1188,6 +1189,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Metabox' ) ) {
|
||||
|
||||
$where = array( 'ID' => $post_id );
|
||||
if ( empty( $_POST['post_title'] ) ) {
|
||||
// translators: %s: Form id.
|
||||
$_POST['post_title'] = sprintf( __( 'Form #%s', 'ultimate-member' ), $post_id );
|
||||
}
|
||||
$wpdb->update( $wpdb->posts, array( 'post_title' => sanitize_text_field( $_POST['post_title'] ) ), $where );
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
<?php
|
||||
namespace um\admin\core;
|
||||
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) exit;
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
|
||||
@@ -33,6 +33,8 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
|
||||
add_action( 'wp_ajax_um_dismiss_notice', array( &$this, 'dismiss_notice' ) );
|
||||
add_action( 'admin_init', array( &$this, 'force_dismiss_notice' ) );
|
||||
|
||||
add_action( 'current_screen', array( &$this, 'create_list_for_screen' ) );
|
||||
}
|
||||
|
||||
|
||||
@@ -59,6 +61,8 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
|
||||
//$this->future_changed();
|
||||
|
||||
$this->common_secure();
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
@@ -79,6 +83,12 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
do_action( 'um_admin_create_notices' );
|
||||
}
|
||||
|
||||
public function create_list_for_screen() {
|
||||
if ( UM()->admin()->is_um_screen() ) {
|
||||
$this->secure_settings();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @return array
|
||||
@@ -236,11 +246,16 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
'strong' => array(),
|
||||
);
|
||||
|
||||
$this->add_notice( 'lock_registration', array(
|
||||
'class' => 'info',
|
||||
'message' => '<p>' . wp_kses( sprintf( __( 'The <strong>"Membership - Anyone can register"</strong> option on the general settings <a href="%s">page</a> is enabled. This means users can register via the standard WordPress wp-login.php page. If you do not want users to be able to register via this page and only register via the Ultimate Member registration form, you should deactivate this option. You can dismiss this notice if you wish to keep the wp-login.php registration page open.', 'ultimate-member' ), admin_url( 'options-general.php' ) . '#users_can_register' ), $allowed_html ) . '</p>',
|
||||
'dismissible' => true,
|
||||
), 10 );
|
||||
$this->add_notice(
|
||||
'lock_registration',
|
||||
array(
|
||||
'class' => 'info',
|
||||
// translators: %s: Setting link.
|
||||
'message' => '<p>' . wp_kses( sprintf( __( 'The <strong>"Membership - Anyone can register"</strong> option on the general settings <a href="%s">page</a> is enabled. This means users can register via the standard WordPress wp-login.php page. If you do not want users to be able to register via this page and only register via the Ultimate Member registration form, you should deactivate this option. You can dismiss this notice if you wish to keep the wp-login.php registration page open.', 'ultimate-member' ), admin_url( 'options-general.php' ) . '#users_can_register' ), $allowed_html ) . '</p>',
|
||||
'dismissible' => true,
|
||||
),
|
||||
10
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -346,10 +361,15 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
$this->add_notice( 'old_extensions', array(
|
||||
'class' => 'error',
|
||||
'message' => '<p>' . sprintf( __( '<strong>%s %s</strong> requires 2.0 extensions. You have pre 2.0 extensions installed on your site. <br /> Please update %s extensions to latest versions. For more info see this <a href="%s" target="_blank">doc</a>.', 'ultimate-member' ), ultimatemember_plugin_name, ultimatemember_version, ultimatemember_plugin_name, 'https://docs.ultimatemember.com/article/201-how-to-update-your-site' ) . '</p>',
|
||||
), 0 );
|
||||
$this->add_notice(
|
||||
'old_extensions',
|
||||
array(
|
||||
'class' => 'error',
|
||||
// translators: %1$s is a plugin name; %2$s is a plugin version; %3$s is a plugin name; %4$s is a doc link.
|
||||
'message' => '<p>' . sprintf( __( '<strong>%1$s %2$s</strong> requires 2.0 extensions. You have pre 2.0 extensions installed on your site. <br /> Please update %3$s extensions to latest versions. For more info see this <a href="%4$s" target="_blank">doc</a>.', 'ultimate-member' ), ultimatemember_plugin_name, ultimatemember_version, ultimatemember_plugin_name, 'https://docs.ultimatemember.com/article/201-how-to-update-your-site' ) . '</p>',
|
||||
),
|
||||
0
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
@@ -369,7 +389,10 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
ob_start(); ?>
|
||||
|
||||
<p>
|
||||
<?php printf( __( '%s needs to create several pages (User Profiles, Account, Registration, Login, Password Reset, Logout, Member Directory) to function correctly.', 'ultimate-member' ), ultimatemember_plugin_name ); ?>
|
||||
<?php
|
||||
// translators: %s: Plugin name.
|
||||
echo wp_kses( sprintf( __( '%s needs to create several pages (User Profiles, Account, Registration, Login, Password Reset, Logout, Member Directory) to function correctly.', 'ultimate-member' ), ultimatemember_plugin_name ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
?>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
@@ -417,123 +440,115 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
/**
|
||||
* EXIF library notice
|
||||
*/
|
||||
function exif_extension_notice() {
|
||||
public function exif_extension_notice() {
|
||||
$hide_exif_notice = get_option( 'um_hide_exif_notice' );
|
||||
|
||||
if ( ! extension_loaded( 'exif' ) && ! $hide_exif_notice ) {
|
||||
$this->add_notice( 'exif_disabled', array(
|
||||
'class' => 'updated',
|
||||
'message' => '<p>' . sprintf(__( 'Exif is not enabled on your server. Mobile photo uploads will not be rotated correctly until you enable the exif extension. <a href="%s">Hide this notice</a>', 'ultimate-member' ), add_query_arg('um_adm_action', 'um_hide_exif_notice') ) . '</p>',
|
||||
), 10 );
|
||||
$this->add_notice(
|
||||
'exif_disabled',
|
||||
array(
|
||||
'class' => 'updated',
|
||||
// translators: %s: query args.
|
||||
'message' => '<p>' . sprintf( __( 'Exif is not enabled on your server. Mobile photo uploads will not be rotated correctly until you enable the exif extension. <a href="%s">Hide this notice</a>', 'ultimate-member' ), add_query_arg( 'um_adm_action', 'um_hide_exif_notice' ) ) . '</p>',
|
||||
),
|
||||
10
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Updating users
|
||||
*/
|
||||
function show_update_messages() {
|
||||
|
||||
public function show_update_messages() {
|
||||
if ( ! isset( $_REQUEST['update'] ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
$update = sanitize_key( $_REQUEST['update'] );
|
||||
switch( $update ) {
|
||||
|
||||
case 'confirm_delete':
|
||||
$request_users = array_map( 'absint', (array) $_REQUEST['user'] );
|
||||
|
||||
$confirm_uri = admin_url( 'users.php?' . http_build_query( array(
|
||||
'um_adm_action' => 'delete_users',
|
||||
'user' => $request_users,
|
||||
'confirm' => 1
|
||||
) ) );
|
||||
$users = '';
|
||||
|
||||
if ( isset( $request_users ) ) {
|
||||
foreach ( $request_users as $user_id ) {
|
||||
$user = get_userdata( $user_id );
|
||||
$users .= '#' . $user_id . ': ' . $user->user_login . '<br />';
|
||||
}
|
||||
}
|
||||
|
||||
$ignore = admin_url( 'users.php' );
|
||||
|
||||
$messages[0]['err_content'] = sprintf( __( 'Are you sure you want to delete the selected user(s)? The following users will be deleted: <p>%s</p> <strong>This cannot be undone!</strong>', 'ultimate-member' ), $users );
|
||||
$messages[0]['err_content'] .= '<p><a href="'. esc_url( $confirm_uri ) .'" class="button-primary">' . __( 'Remove', 'ultimate-member' ) . '</a> <a href="' . esc_url( $ignore ) . '" class="button">' . __( 'Undo', 'ultimate-member' ) . '</a></p>';
|
||||
|
||||
break;
|
||||
|
||||
case 'language_updated':
|
||||
$messages[0]['content'] = __( 'Your translation files have been updated successfully.', 'ultimate-member' );
|
||||
break;
|
||||
|
||||
case 'purged_temp':
|
||||
switch ( $update ) {
|
||||
case 'um_purged_temp':
|
||||
$messages[0]['content'] = __( 'Your temp uploads directory is now clean.', 'ultimate-member' );
|
||||
break;
|
||||
|
||||
case 'cleared_cache':
|
||||
case 'um_cleared_cache':
|
||||
$messages[0]['content'] = __( 'Your user cache is now removed.', 'ultimate-member' );
|
||||
break;
|
||||
|
||||
case 'cleared_status_cache':
|
||||
case 'um_cleared_status_cache':
|
||||
$messages[0]['content'] = __( 'Your user statuses cache is now removed.', 'ultimate-member' );
|
||||
break;
|
||||
|
||||
case 'got_updates':
|
||||
case 'um_got_updates':
|
||||
$messages[0]['content'] = __( 'You have the latest updates.', 'ultimate-member' );
|
||||
break;
|
||||
|
||||
case 'often_updates':
|
||||
case 'um_often_updates':
|
||||
$messages[0]['err_content'] = __( 'Try again later. You can run this action once daily.', 'ultimate-member' );
|
||||
break;
|
||||
|
||||
case 'form_duplicated':
|
||||
case 'um_form_duplicated':
|
||||
$messages[0]['content'] = __( 'The form has been duplicated successfully.', 'ultimate-member' );
|
||||
break;
|
||||
|
||||
case 'settings_updated':
|
||||
case 'um_settings_updated':
|
||||
$messages[0]['content'] = __( 'Settings have been saved successfully.', 'ultimate-member' );
|
||||
break;
|
||||
|
||||
case 'user_updated':
|
||||
case 'um_user_updated':
|
||||
$messages[0]['content'] = __( 'User has been updated.', 'ultimate-member' );
|
||||
break;
|
||||
|
||||
case 'users_updated':
|
||||
case 'um_users_updated':
|
||||
$messages[0]['content'] = __( 'Users have been updated.', 'ultimate-member' );
|
||||
break;
|
||||
|
||||
case 'users_role_updated':
|
||||
$messages[0]['content'] = __( 'Changed roles.', 'ultimate-member' );
|
||||
case 'um_secure_expire_sessions':
|
||||
$messages[0]['content'] = __( 'All users sessions have been successfully destroyed.', 'ultimate-member' );
|
||||
break;
|
||||
case 'um_secure_restore':
|
||||
$messages[0]['content'] = __( 'Account has been successfully restored.', 'ultimate-member' );
|
||||
break;
|
||||
default:
|
||||
/**
|
||||
* Filters the custom admin notice after um_adm_action.
|
||||
*
|
||||
* @param {array} $messages Admin notice messages.
|
||||
* @param {string} $update Update action key.
|
||||
*
|
||||
* @return {array} Admin notice messages.
|
||||
*
|
||||
* @since 2.6.8
|
||||
* @hook um_adm_action_custom_update_notice
|
||||
*
|
||||
* @example <caption>Add custom admin notice after {custom_update_key} action.</caption>
|
||||
* function my_um_adm_action_custom_update_notice( $messages, $update ) {
|
||||
* if ( 'custom_update_key' === $update ) {
|
||||
* $messages[0]['content'] = 'custom notice text';
|
||||
* }
|
||||
* return $messages;
|
||||
* }
|
||||
* add_filter( 'um_adm_action_custom_update_notice', 'my_um_adm_action_custom_update_notice', 10, 2 );
|
||||
*/
|
||||
$messages = apply_filters( 'um_adm_action_custom_update_notice', array(), $update );
|
||||
break;
|
||||
|
||||
case 'err_users_updated':
|
||||
$messages[0]['err_content'] = __( 'Super administrators cannot be modified.', 'ultimate-member' );
|
||||
$messages[1]['content'] = __( 'Other users have been updated.', 'ultimate-member' );
|
||||
|
||||
}
|
||||
|
||||
if ( ! empty( $messages ) ) {
|
||||
foreach ( $messages as $message ) {
|
||||
if ( isset( $message['err_content'] ) ) {
|
||||
$this->add_notice( 'actions', array(
|
||||
'class' => 'error',
|
||||
'message' => '<p>' . $message['err_content'] . '</p>',
|
||||
), 50 );
|
||||
$this->add_notice(
|
||||
'actions',
|
||||
array(
|
||||
'class' => 'error',
|
||||
'message' => '<p>' . $message['err_content'] . '</p>',
|
||||
),
|
||||
50
|
||||
);
|
||||
} else {
|
||||
$this->add_notice( 'actions', array(
|
||||
'class' => 'updated',
|
||||
'message' => '<p>' . $message['content'] . '</p>',
|
||||
), 50 );
|
||||
$this->add_notice(
|
||||
'actions',
|
||||
array(
|
||||
'class' => 'updated',
|
||||
'message' => '<p>' . $message['content'] . '</p>',
|
||||
),
|
||||
50
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Check if plugin is installed with correct folder
|
||||
*/
|
||||
@@ -546,10 +561,15 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
}
|
||||
|
||||
if ( $invalid_folder ) {
|
||||
$this->add_notice( 'invalid_dir', array(
|
||||
'class' => 'error',
|
||||
'message' => '<p>' . sprintf( __( 'You have installed <strong>%s</strong> with wrong folder name. Correct folder name is <strong>"ultimate-member"</strong>.', 'ultimate-member' ), ultimatemember_plugin_name ) . '</p>',
|
||||
), 1 );
|
||||
$this->add_notice(
|
||||
'invalid_dir',
|
||||
array(
|
||||
'class' => 'error',
|
||||
// translators: %s: Plugin name.
|
||||
'message' => '<p>' . sprintf( __( 'You have installed <strong>%s</strong> with wrong folder name. Correct folder name is <strong>"ultimate-member"</strong>.', 'ultimate-member' ), ultimatemember_plugin_name ) . '</p>',
|
||||
),
|
||||
1
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -576,17 +596,27 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
}
|
||||
|
||||
if ( ! empty( $arr_inactive_license_keys ) ) {
|
||||
$this->add_notice( 'license_key', array(
|
||||
'class' => 'error',
|
||||
'message' => '<p>' . sprintf( __( 'There are %d inactive %s license keys for this site. This site is not authorized to get plugin updates. You can active this site on <a href="%s">www.ultimatemember.com</a>.', 'ultimate-member' ), count( $arr_inactive_license_keys ) , ultimatemember_plugin_name, UM()->store_url ) . '</p>',
|
||||
), 3 );
|
||||
$this->add_notice(
|
||||
'license_key',
|
||||
array(
|
||||
'class' => 'error',
|
||||
// translators: %1$s is a inactive license number; %2$s is a plugin name; %3$s is a store link.
|
||||
'message' => '<p>' . sprintf( __( 'There are %1$s inactive %2$s license keys for this site. This site is not authorized to get plugin updates. You can active this site on <a href="%3$s">www.ultimatemember.com</a>.', 'ultimate-member' ), count( $arr_inactive_license_keys ), ultimatemember_plugin_name, UM()->store_url ) . '</p>',
|
||||
),
|
||||
3
|
||||
);
|
||||
}
|
||||
|
||||
if ( $invalid_license ) {
|
||||
$this->add_notice( 'license_key', array(
|
||||
'class' => 'error',
|
||||
'message' => '<p>' . sprintf( __( 'You have %d invalid or expired license keys for %s. Please go to the <a href="%s">Licenses page</a> to correct this issue.', 'ultimate-member' ), $invalid_license, ultimatemember_plugin_name, add_query_arg( array('page'=>'um_options', 'tab' => 'licenses'), admin_url( 'admin.php' ) ) ) . '</p>',
|
||||
), 3 );
|
||||
$this->add_notice(
|
||||
'license_key',
|
||||
array(
|
||||
'class' => 'error',
|
||||
// translators: %1$s is a invalid license; %2$s is a plugin name; %3$s is a license link.
|
||||
'message' => '<p>' . sprintf( __( 'You have %1$s invalid or expired license keys for %2$s. Please go to the <a href="%3$s">Licenses page</a> to correct this issue.', 'ultimate-member' ), $invalid_license, ultimatemember_plugin_name, add_query_arg( array( 'page' => 'um_options', 'tab' => 'licenses' ), admin_url( 'admin.php' ) ) ) . '</p>',
|
||||
),
|
||||
3
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -599,7 +629,10 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
ob_start(); ?>
|
||||
|
||||
<p>
|
||||
<?php printf( __( '<strong>%s version %s</strong> needs to be updated to work correctly.<br />It is necessary to update the structure of the database and options that are associated with <strong>%s %s</strong>.<br />Please visit <a href="%s">"Upgrade"</a> page and run the upgrade process.', 'ultimate-member' ), ultimatemember_plugin_name, ultimatemember_version, ultimatemember_plugin_name, ultimatemember_version, $url ); ?>
|
||||
<?php
|
||||
// translators: %1$s is a plugin name; %2$s is a plugin version; %3$s is a plugin name; %4$s is a plugin version; %5$s is a upgrade link.
|
||||
echo wp_kses( sprintf( __( '<strong>%1$s version %2$s</strong> needs to be updated to work correctly.<br />It is necessary to update the structure of the database and options that are associated with <strong>%3$s %4$s</strong>.<br />Please visit <a href="%5$s">"Upgrade"</a> page and run the upgrade process.', 'ultimate-member' ), ultimatemember_plugin_name, ultimatemember_version, ultimatemember_plugin_name, ultimatemember_version, $url ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
?>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
@@ -621,10 +654,15 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
'message' => '<p>' . __( 'Settings successfully upgraded', 'ultimate-member' ) . '</p>',
|
||||
), 4 );
|
||||
} else {
|
||||
$this->add_notice( 'upgrade', array(
|
||||
'class' => 'updated',
|
||||
'message' => '<p>' . sprintf( __( '<strong>%s %s</strong> Successfully Upgraded', 'ultimate-member' ), ultimatemember_plugin_name, ultimatemember_version ) . '</p>',
|
||||
), 4 );
|
||||
$this->add_notice(
|
||||
'upgrade',
|
||||
array(
|
||||
'class' => 'updated',
|
||||
// translators: %1$s is a plugin name title; %2$s is a plugin version.
|
||||
'message' => '<p>' . sprintf( __( '<strong>%1$s %2$s</strong> Successfully Upgraded', 'ultimate-member' ), ultimatemember_plugin_name, ultimatemember_version ) . '</p>',
|
||||
),
|
||||
4
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -650,7 +688,10 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
|
||||
<div id="um_start_review_notice">
|
||||
<p>
|
||||
<?php printf( __( 'Hey there! It\'s been one month since you installed %s. How have you found the plugin so far?', 'ultimate-member' ), ultimatemember_plugin_name ) ?>
|
||||
<?php
|
||||
// translators: %s: plugin name.
|
||||
echo wp_kses( sprintf( __( 'Hey there! It\'s been one month since you installed %s. How have you found the plugin so far?', 'ultimate-member' ), ultimatemember_plugin_name ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
?>
|
||||
</p>
|
||||
<p>
|
||||
<a href="javascript:void(0);" id="um_add_review_love"><?php _e( 'I love it!', 'ultimate-member' ) ?></a> |
|
||||
@@ -704,7 +745,10 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
ob_start(); ?>
|
||||
|
||||
<p>
|
||||
<?php printf( __( '<strong>%s</strong> future plans! Detailed future list is <a href="%s" target="_blank">here</a>', 'ultimate-member' ), ultimatemember_plugin_name, '#' ); ?>
|
||||
<?php
|
||||
// translators: %1$s is a plugin name; %2$s is a #.
|
||||
echo wp_kses( sprintf( __( '<strong>%1$s</strong> future plans! Detailed future list is <a href="%2$s" target="_blank">here</a>', 'ultimate-member' ), ultimatemember_plugin_name, '#' ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
?>
|
||||
</p>
|
||||
|
||||
<?php $message = ob_get_clean();
|
||||
@@ -715,7 +759,6 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
), 2 );
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Check Templates Versions notice
|
||||
*/
|
||||
@@ -746,26 +789,242 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* First time installed Secure settings.
|
||||
*/
|
||||
public function secure_settings() {
|
||||
ob_start();
|
||||
?>
|
||||
<p>
|
||||
<strong><?php esc_html_e( 'Important Update', 'ultimate-member' ); ?></strong><br/>
|
||||
<?php esc_html_e( 'Ultimate Member has a new additional feature to secure your Ultimate Member forms to prevent attacks from injecting accounts with administrative roles & capabilities.', 'ultimate-member' ); ?>
|
||||
</p>
|
||||
<p>
|
||||
<a class="button button-primary" href="<?php echo esc_attr( admin_url( 'admin.php?page=um_options&tab=secure&um_dismiss_notice=secure_settings&um_admin_nonce=' . wp_create_nonce( 'um-admin-nonce' ) ) ); ?>"><?php esc_html_e( 'Manage Security Settings', 'ultimate-member' ); ?></a>
|
||||
<a class="button" target="_blank" href="https://docs.ultimatemember.com/article/1869-security-feature"><?php esc_html_e( 'Read the documentation', 'ultimate-member' ); ?></a>
|
||||
</p>
|
||||
<?php
|
||||
$message = ob_get_clean();
|
||||
$this->add_notice(
|
||||
'secure_settings',
|
||||
array(
|
||||
'class' => 'warning',
|
||||
'message' => $message,
|
||||
'dismissible' => true,
|
||||
),
|
||||
1
|
||||
);
|
||||
}
|
||||
|
||||
function dismiss_notice() {
|
||||
public function common_secure() {
|
||||
if ( UM()->options()->get( 'lock_register_forms' ) ) {
|
||||
ob_start();
|
||||
?>
|
||||
<p>
|
||||
<?php esc_html_e( 'Your Register forms are now locked. You can unlock them in Ultimate Member > Settings > Secure > Lock All Register Forms.', 'ultimate-member' ); ?>
|
||||
</p>
|
||||
<?php
|
||||
$message = ob_get_clean();
|
||||
$this->add_notice(
|
||||
'common_secure_register',
|
||||
array(
|
||||
'class' => 'warning',
|
||||
'message' => $message,
|
||||
'dismissible' => true,
|
||||
),
|
||||
1
|
||||
);
|
||||
}
|
||||
|
||||
if ( UM()->options()->get( 'display_login_form_notice' ) ) {
|
||||
ob_start();
|
||||
?>
|
||||
<p>
|
||||
<?php esc_html_e( 'Mandatory password changes has been enabled. You can disable them in Ultimate Member > Settings > Secure > Display Login form notice to reset passwords.', 'ultimate-member' ); ?>
|
||||
</p>
|
||||
<?php
|
||||
$message = ob_get_clean();
|
||||
$this->add_notice(
|
||||
'common_secure_password_reset',
|
||||
array(
|
||||
'class' => 'warning',
|
||||
'message' => $message,
|
||||
'dismissible' => true,
|
||||
),
|
||||
1
|
||||
);
|
||||
}
|
||||
|
||||
if ( UM()->options()->get( 'secure_ban_admins_accounts' ) ) {
|
||||
ob_start();
|
||||
?>
|
||||
<p>
|
||||
<?php esc_html_e( 'Ban for administrative capabilities is enabled. You can disable them in Ultimate Member > Settings > Secure > Enable ban for administrative capabilities.', 'ultimate-member' ); ?>
|
||||
</p>
|
||||
<?php
|
||||
$message = ob_get_clean();
|
||||
$this->add_notice(
|
||||
'common_secure_suspicious_activity',
|
||||
array(
|
||||
'class' => 'warning',
|
||||
'message' => $message,
|
||||
'dismissible' => true,
|
||||
),
|
||||
1
|
||||
);
|
||||
}
|
||||
|
||||
$this->check_new_user_role();
|
||||
$this->check_registration_forms();
|
||||
}
|
||||
|
||||
private function check_new_user_role() {
|
||||
$arr_banned_caps = UM()->options()->get( 'banned_capabilities' );
|
||||
if ( empty( $arr_banned_caps ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
$global_role = get_option( 'default_role' ); // WP Global settings
|
||||
$caps = get_role( $global_role )->capabilities;
|
||||
foreach ( array_keys( $caps ) as $cap ) {
|
||||
if ( in_array( $cap, $arr_banned_caps, true ) ) {
|
||||
ob_start();
|
||||
?>
|
||||
<p>
|
||||
<?php esc_html_e( 'The role selected in WordPress native "Settings > New User Default Role" setting has Administrative capabilities.', 'ultimate-member' ); ?>
|
||||
</p>
|
||||
<?php
|
||||
$message = ob_get_clean();
|
||||
$this->add_notice(
|
||||
'default_role_suspicious_activity',
|
||||
array(
|
||||
'class' => 'notice-warning',
|
||||
'message' => $message,
|
||||
'dismissible' => true,
|
||||
),
|
||||
1
|
||||
);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
$um_global_role = UM()->options()->get( 'register_role' ); // UM Settings Global settings
|
||||
if ( ! empty( $um_global_role ) ) {
|
||||
$caps = get_role( $um_global_role )->capabilities;
|
||||
foreach ( array_keys( $caps ) as $cap ) {
|
||||
if ( in_array( $cap, $arr_banned_caps, true ) ) {
|
||||
ob_start();
|
||||
?>
|
||||
<p>
|
||||
<?php esc_html_e( 'The role selected in "Ultimate Member > Settings > Appearance > Registration Form > Registration Default Role" setting has Administrative capabilities.', 'ultimate-member' ); ?>
|
||||
</p>
|
||||
<?php
|
||||
$message = ob_get_clean();
|
||||
$this->add_notice(
|
||||
'register_role_suspicious_activity',
|
||||
array(
|
||||
'class' => 'notice-warning',
|
||||
'message' => $message,
|
||||
'dismissible' => true,
|
||||
),
|
||||
1
|
||||
);
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private function check_registration_forms() {
|
||||
$arr_banned_caps = UM()->options()->get( 'banned_capabilities' );
|
||||
if ( empty( $arr_banned_caps ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
$um_forms = get_posts(
|
||||
array(
|
||||
'post_type' => 'um_form',
|
||||
'meta_query' => array(
|
||||
array(
|
||||
'key' => '_um_mode',
|
||||
'value' => 'register',
|
||||
),
|
||||
array(
|
||||
'key' => '_um_register_use_custom_settings',
|
||||
'value' => true,
|
||||
),
|
||||
),
|
||||
'numberposts' => -1,
|
||||
'fields' => 'ids',
|
||||
)
|
||||
);
|
||||
|
||||
$content = '';
|
||||
foreach ( $um_forms as $form_id ) {
|
||||
$role = get_post_meta( $form_id, '_um_register_role', true );
|
||||
if ( empty( $role ) ) {
|
||||
continue;
|
||||
}
|
||||
|
||||
$caps = get_role( $role )->capabilities;
|
||||
foreach ( array_keys( $caps ) as $cap ) {
|
||||
if ( in_array( $cap, $arr_banned_caps, true ) ) {
|
||||
$content .= '<br /><a target="_blank" href="' . get_edit_post_link( $form_id ) . '">' . get_the_title( $form_id ) . '</a> contains <strong>administrative role</strong>.';
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ( empty( $content ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
ob_start();
|
||||
?>
|
||||
<p>
|
||||
<?php // translators: %s are link(s) to the forms. ?>
|
||||
<?php echo wp_kses( sprintf( __( 'Register forms have Administrative roles, we recommend that you assign a non-admin roles to secure the forms. %s', 'ultimate-member' ), $content ), UM()->get_allowed_html( 'admin_notice' ) ); ?>
|
||||
</p>
|
||||
<?php
|
||||
$message = ob_get_clean();
|
||||
$this->add_notice(
|
||||
'forms_secure_suspicious_activity',
|
||||
array(
|
||||
'class' => 'notice-warning',
|
||||
'message' => $message,
|
||||
'dismissible' => true,
|
||||
),
|
||||
1
|
||||
);
|
||||
}
|
||||
|
||||
public function dismiss_notice() {
|
||||
UM()->admin()->check_ajax_nonce();
|
||||
|
||||
if ( empty( $_POST['key'] ) ) {
|
||||
wp_send_json_error( __( 'Wrong Data', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
$hidden_notices = get_option( 'um_hidden_admin_notices', array() );
|
||||
if ( ! is_array( $hidden_notices ) ) {
|
||||
$hidden_notices = array();
|
||||
}
|
||||
|
||||
$hidden_notices[] = sanitize_key( $_POST['key'] );
|
||||
|
||||
update_option( 'um_hidden_admin_notices', $hidden_notices );
|
||||
$this->dismiss( sanitize_key( $_POST['key'] ) );
|
||||
|
||||
wp_send_json_success();
|
||||
}
|
||||
|
||||
/**
|
||||
* Dismiss notice by key.
|
||||
*
|
||||
* @param string $key
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function dismiss( $key ) {
|
||||
$hidden_notices = get_option( 'um_hidden_admin_notices', array() );
|
||||
if ( ! is_array( $hidden_notices ) ) {
|
||||
$hidden_notices = array();
|
||||
}
|
||||
$hidden_notices[] = $key;
|
||||
update_option( 'um_hidden_admin_notices', $hidden_notices );
|
||||
}
|
||||
|
||||
function force_dismiss_notice() {
|
||||
if ( ! empty( $_REQUEST['um_dismiss_notice'] ) && ! empty( $_REQUEST['um_admin_nonce'] ) ) {
|
||||
|
||||
@@ -245,7 +245,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
|
||||
$from = ( absint( $_POST['page'] ) * $per_page ) - $per_page + 1;
|
||||
$to = absint( $_POST['page'] ) * $per_page;
|
||||
|
||||
// translators: %1$s is a metadata from name; %2$s is a metadata to.
|
||||
wp_send_json_success( array( 'message' => sprintf( __( 'Metadata from %1$s to %2$s was upgraded successfully...', 'ultimate-member' ), $from, $to ) ) );
|
||||
} else {
|
||||
do_action( 'um_same_page_update_ajax_action', $cb_func );
|
||||
@@ -947,6 +947,24 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
'uninstall_on_delete' => array(
|
||||
'sanitize' => 'bool',
|
||||
),
|
||||
'lock_register_forms' => array(
|
||||
'sanitize' => 'bool',
|
||||
),
|
||||
'display_login_form_notice' => array(
|
||||
'sanitize' => 'bool',
|
||||
),
|
||||
'banned_capabilities' => array(
|
||||
'sanitize' => array( UM()->admin(), 'sanitize_wp_capabilities_assoc' ),
|
||||
),
|
||||
'secure_notify_admins_banned_accounts' => array(
|
||||
'sanitize' => 'bool',
|
||||
),
|
||||
'secure_notify_admins_banned_accounts__interval' => array(
|
||||
'sanitize' => 'key',
|
||||
),
|
||||
'secure_allowed_redirect_hosts' => array(
|
||||
'sanitize' => 'textarea',
|
||||
),
|
||||
)
|
||||
);
|
||||
|
||||
@@ -2272,7 +2290,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
//redirect after save settings
|
||||
$arg = array(
|
||||
'page' => 'um_options',
|
||||
'update' => 'settings_updated',
|
||||
'update' => 'um_settings_updated',
|
||||
);
|
||||
|
||||
if ( ! empty( $_GET['tab'] ) ) {
|
||||
@@ -2737,9 +2755,10 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
|
||||
case 'expired' :
|
||||
|
||||
$class = 'expired';
|
||||
$class = 'expired';
|
||||
$messages[] = sprintf(
|
||||
__( 'Your license key expired on %s. Please <a href="%s" target="_blank">renew your license key</a>.', 'ultimate-member' ),
|
||||
// translators: %1$s is a expiry date; %2$s is a renew link.
|
||||
__( 'Your license key expired on %1$s. Please <a href="%2$s" target="_blank">renew your license key</a>.', 'ultimate-member' ),
|
||||
date_i18n( get_option( 'date_format' ), strtotime( $license->expires, current_time( 'timestamp' ) ) ),
|
||||
'https://ultimatemember.com/checkout/?edd_license_key=' . $value . '&utm_campaign=admin&utm_source=licenses&utm_medium=expired'
|
||||
);
|
||||
@@ -2752,6 +2771,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
|
||||
$class = 'error';
|
||||
$messages[] = sprintf(
|
||||
// translators: %s: support link name.
|
||||
__( 'Your license key has been disabled. Please <a href="%s" target="_blank">contact support</a> for more information.', 'ultimate-member' ),
|
||||
'https://ultimatemember.com/support?utm_campaign=admin&utm_source=licenses&utm_medium=revoked'
|
||||
);
|
||||
@@ -2764,6 +2784,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
|
||||
$class = 'error';
|
||||
$messages[] = sprintf(
|
||||
// translators: %s: account page.
|
||||
__( 'Invalid license. Please <a href="%s" target="_blank">visit your account page</a> and verify it.', 'ultimate-member' ),
|
||||
'https://ultimatemember.com/account?utm_campaign=admin&utm_source=licenses&utm_medium=missing'
|
||||
);
|
||||
@@ -2777,7 +2798,8 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
|
||||
$class = 'error';
|
||||
$messages[] = sprintf(
|
||||
__( 'Your %s is not active for this URL. Please <a href="%s" target="_blank">visit your account page</a> to manage your license key URLs.', 'ultimate-member' ),
|
||||
// translators: %1$s is a item name title; %2$s is a account page.
|
||||
__( 'Your %1$s is not active for this URL. Please <a href="%2$s" target="_blank">visit your account page</a> to manage your license key URLs.', 'ultimate-member' ),
|
||||
$field_data['item_name'],
|
||||
'https://ultimatemember.com/account?utm_campaign=admin&utm_source=licenses&utm_medium=invalid'
|
||||
);
|
||||
@@ -2789,6 +2811,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
case 'item_name_mismatch' :
|
||||
|
||||
$class = 'error';
|
||||
// translators: %s: item name.
|
||||
$messages[] = sprintf( __( 'This appears to be an invalid license key for %s.', 'ultimate-member' ), $field_data['item_name'] );
|
||||
|
||||
$license_status = 'license-' . $class . '-notice';
|
||||
@@ -2798,6 +2821,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
case 'no_activations_left':
|
||||
|
||||
$class = 'error';
|
||||
// translators: %s: account link.
|
||||
$messages[] = sprintf( __( 'Your license key has reached its activation limit. <a href="%s">View possible upgrades</a> now.', 'ultimate-member' ), 'https://ultimatemember.com/account' );
|
||||
|
||||
$license_status = 'license-' . $class . '-notice';
|
||||
@@ -2816,7 +2840,8 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
|
||||
$class = 'error';
|
||||
$error = ! empty( $license->error ) ? $license->error : __( 'unknown_error', 'ultimate-member' );
|
||||
$messages[] = sprintf( __( 'There was an error with this license key: %s. Please <a href="%s">contact our support team</a>.', 'ultimate-member' ), $error, 'https://ultimatemember.com/support' );
|
||||
// translators: %1$s is an error; %2$s is a support link.
|
||||
$messages[] = sprintf( __( 'There was an error with this license key: %1$s. Please <a href="%2$s">contact our support team</a>.', 'ultimate-member' ), $error, 'https://ultimatemember.com/support' );
|
||||
|
||||
$license_status = 'license-' . $class . '-notice';
|
||||
break;
|
||||
@@ -2824,7 +2849,8 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
} else {
|
||||
$class = 'error';
|
||||
$error = ! empty( $license->error ) ? $license->error : __( 'unknown_error', 'ultimate-member' );
|
||||
$messages[] = sprintf( __( 'There was an error with this license key: %s. Please <a href="%s">contact our support team</a>.', 'ultimate-member' ), $error, 'https://ultimatemember.com/support' );
|
||||
// translators: %1$s is an error; %2$s is a support link.
|
||||
$messages[] = sprintf( __( 'There was an error with this license key: %1$s. Please <a href="%2$s">contact our support team</a>.', 'ultimate-member' ), $error, 'https://ultimatemember.com/support' );
|
||||
|
||||
$license_status = 'license-' . $class . '-notice';
|
||||
}
|
||||
@@ -2837,7 +2863,8 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
$class = 'error';
|
||||
$error = ! empty( $errors[0] ) ? $errors[0] : __( 'unknown_error', 'ultimate-member' );
|
||||
$errors_data = ! empty( $errors_data[0][0] ) ? ', ' . $errors_data[0][0] : '';
|
||||
$messages[] = sprintf( __( 'There was an error with this license key: %s%s. Please <a href="%s">contact our support team</a>.', 'ultimate-member' ), $error, $errors_data, 'https://ultimatemember.com/support' );
|
||||
// translators: %1$s is an error; %2$s is a error data; %3$s is a support link.
|
||||
$messages[] = sprintf( __( 'There was an error with this license key: %1$s%2$s. Please <a href="%3$s">contact our support team</a>.', 'ultimate-member' ), $error, $errors_data, 'https://ultimatemember.com/support' );
|
||||
|
||||
$license_status = 'license-' . $class . '-notice';
|
||||
|
||||
@@ -2849,7 +2876,8 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
|
||||
$class = 'expired';
|
||||
$messages[] = sprintf(
|
||||
__( 'Your license key expired on %s. Please <a href="%s" target="_blank">renew your license key</a>.', 'ultimate-member' ),
|
||||
// translators: %1$s is a expiry date; %2$s is a renew link.
|
||||
__( 'Your license key expired on %1$s. Please <a href="%2$s" target="_blank">renew your license key</a>.', 'ultimate-member' ),
|
||||
date_i18n( get_option( 'date_format' ), strtotime( $license->expires, current_time( 'timestamp' ) ) ),
|
||||
'https://ultimatemember.com/checkout/?edd_license_key=' . $value . '&utm_campaign=admin&utm_source=licenses&utm_medium=expired'
|
||||
);
|
||||
@@ -2862,6 +2890,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
|
||||
$class = 'error';
|
||||
$messages[] = sprintf(
|
||||
// translators: %s: support link name.
|
||||
__( 'Your license key has been disabled. Please <a href="%s" target="_blank">contact support</a> for more information.', 'ultimate-member' ),
|
||||
'https://ultimatemember.com/support?utm_campaign=admin&utm_source=licenses&utm_medium=revoked'
|
||||
);
|
||||
@@ -2874,6 +2903,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
|
||||
$class = 'error';
|
||||
$messages[] = sprintf(
|
||||
// translators: %s: account page.
|
||||
__( 'Invalid license. Please <a href="%s" target="_blank">visit your account page</a> and verify it.', 'ultimate-member' ),
|
||||
'https://ultimatemember.com/account?utm_campaign=admin&utm_source=licenses&utm_medium=missing'
|
||||
);
|
||||
@@ -2887,7 +2917,8 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
|
||||
$class = 'error';
|
||||
$messages[] = sprintf(
|
||||
__( 'Your %s is not active for this URL. Please <a href="%s" target="_blank">visit your account page</a> to manage your license key URLs.', 'ultimate-member' ),
|
||||
// translators: %1$s is a item name title; %2$s is a account page.
|
||||
__( 'Your %1$s is not active for this URL. Please <a href="%2$s" target="_blank">visit your account page</a> to manage your license key URLs.', 'ultimate-member' ),
|
||||
$field_data['item_name'],
|
||||
'https://ultimatemember.com/account?utm_campaign=admin&utm_source=licenses&utm_medium=invalid'
|
||||
);
|
||||
@@ -2899,6 +2930,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
case 'item_name_mismatch' :
|
||||
|
||||
$class = 'error';
|
||||
// translators: %s: item name.
|
||||
$messages[] = sprintf( __( 'This appears to be an invalid license key for %s.', 'ultimate-member' ), $field_data['item_name'] );
|
||||
|
||||
$license_status = 'license-' . $class . '-notice';
|
||||
@@ -2908,6 +2940,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
case 'no_activations_left':
|
||||
|
||||
$class = 'error';
|
||||
// translators: %s: account link.
|
||||
$messages[] = sprintf( __( 'Your license key has reached its activation limit. <a href="%s">View possible upgrades</a> now.', 'ultimate-member' ), 'https://ultimatemember.com/account' );
|
||||
|
||||
$license_status = 'license-' . $class . '-notice';
|
||||
@@ -2939,7 +2972,8 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
} elseif( $expiration > $now && $expiration - $now < ( DAY_IN_SECONDS * 30 ) ) {
|
||||
|
||||
$messages[] = sprintf(
|
||||
__( 'Your license key expires soon! It expires on %s. <a href="%s" target="_blank">Renew your license key</a>.', 'ultimate-member' ),
|
||||
// translators: %1$s is a expiry date; %2$s is a renew link.
|
||||
__( 'Your license key expires soon! It expires on %1$s. <a href="%2$s" target="_blank">Renew your license key</a>.', 'ultimate-member' ),
|
||||
date_i18n( get_option( 'date_format' ), strtotime( $license->expires, current_time( 'timestamp' ) ) ),
|
||||
'https://ultimatemember.com/checkout/?edd_license_key=' . $value . '&utm_campaign=admin&utm_source=licenses&utm_medium=renew'
|
||||
);
|
||||
@@ -2949,6 +2983,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
} else {
|
||||
|
||||
$messages[] = sprintf(
|
||||
// translators: %s: expiry date.
|
||||
__( 'Your license key expires on %s.', 'ultimate-member' ),
|
||||
date_i18n( get_option( 'date_format' ), strtotime( $license->expires, current_time( 'timestamp' ) ) )
|
||||
);
|
||||
@@ -2967,6 +3002,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Settings' ) ) {
|
||||
$class = 'empty';
|
||||
|
||||
$messages[] = sprintf(
|
||||
// translators: %s: item name.
|
||||
__( 'To receive updates, please enter your valid %s license key.', 'ultimate-member' ),
|
||||
$field_data['item_name']
|
||||
);
|
||||
|
||||
@@ -134,7 +134,10 @@ if ( ! class_exists( 'um\admin\core\Admin_Upgrade' ) ) {
|
||||
</style>
|
||||
|
||||
<span class="um_plugin_upgrade_notice">
|
||||
<?php printf( __( '%s is a major update, and we highly recommend creating a full backup of your site before updating.', 'ultimate-member' ), $args['new_version'] ); ?>
|
||||
<?php
|
||||
// translators: %s: new version.
|
||||
echo wp_kses( sprintf( __( '%s is a major update, and we highly recommend creating a full backup of your site before updating.', 'ultimate-member' ), $args['new_version'] ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
?>
|
||||
</span>
|
||||
|
||||
<?php ob_get_flush();
|
||||
@@ -251,8 +254,18 @@ if ( ! class_exists( 'um\admin\core\Admin_Upgrade' ) ) {
|
||||
$um_last_version_upgrade = get_option( 'um_last_version_upgrade', __( 'empty', 'ultimate-member' ) ); ?>
|
||||
|
||||
<div class="wrap">
|
||||
<h2><?php printf( __( '%s - Upgrade Process', 'ultimate-member' ), ultimatemember_plugin_name ) ?></h2>
|
||||
<p><?php printf( __( 'You have installed <strong>%s</strong> version. Your latest DB version is <strong>%s</strong>. We recommend creating a backup of your site before running the update process. Do not exit the page before the update process has complete.', 'ultimate-member' ), ultimatemember_version, $um_last_version_upgrade ) ?></p>
|
||||
<h2>
|
||||
<?php
|
||||
// translators: %s: plugin name.
|
||||
echo wp_kses( sprintf( __( '%s - Upgrade Process', 'ultimate-member' ), ultimatemember_plugin_name ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
?>
|
||||
</h2>
|
||||
<p>
|
||||
<?php
|
||||
// translators: %1$s is a plugin version; %2$s is a last version upgrade.
|
||||
echo wp_kses( sprintf( __( 'You have installed <strong>%1$s</strong> version. Your latest DB version is <strong>%2$s</strong>. We recommend creating a backup of your site before running the update process. Do not exit the page before the update process has complete.', 'ultimate-member' ), ultimatemember_version, $um_last_version_upgrade ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
?>
|
||||
</p>
|
||||
<p><?php _e( 'After clicking the <strong>"Run"</strong> button, the update process will start. All information will be displayed in the <strong>"Upgrade Log"</strong> field.', 'ultimate-member' ); ?></p>
|
||||
<p><?php _e( 'If the update was successful, you will see a corresponding message. Otherwise, contact technical support if the update failed.', 'ultimate-member' ); ?></p>
|
||||
<h4><?php _e( 'Upgrade Log', 'ultimate-member' ) ?></h4>
|
||||
|
||||
@@ -537,20 +537,11 @@ if ( ! class_exists( 'um\admin\core\Admin_Users' ) ) {
|
||||
do_action( "um_admin_user_action_{$bulk_action}_hook" );
|
||||
}
|
||||
|
||||
// Finished. redirect now
|
||||
//if ( $admin_err == 0 ) {
|
||||
|
||||
$uri = $this->set_redirect_uri( admin_url( 'users.php' ) );
|
||||
$uri = add_query_arg( 'update', 'users_updated', $uri );
|
||||
$uri = add_query_arg( 'update', 'um_users_updated', $uri );
|
||||
|
||||
wp_redirect( $uri );
|
||||
exit;
|
||||
|
||||
/*} else {
|
||||
wp_redirect( admin_url( 'users.php?update=err_users_updated' ) );
|
||||
exit;
|
||||
}*/
|
||||
|
||||
} elseif ( ! empty( $_REQUEST['um_bulkedit'] ) ) {
|
||||
|
||||
$uri = $this->set_redirect_uri( admin_url( 'users.php' ) );
|
||||
|
||||
@@ -320,9 +320,10 @@ $ListTable->items = array_slice( $emails, ( $paged - 1 ) * $per_page, $per_page
|
||||
$ListTable->wpc_set_pagination_args( array( 'total_items' => count( $emails ), 'per_page' => $per_page ) ); ?>
|
||||
|
||||
<p class="description" style="margin: 20px 0 0 0;">
|
||||
<?php printf( __( 'You may get more details about email notifications customization <a href="%s">here</a>', 'ultimate-member' ),
|
||||
'https://docs.ultimatemember.com/article/1335-email-templates'
|
||||
); ?>
|
||||
<?php
|
||||
// translators: %s: doc link.
|
||||
echo wp_kses( sprintf( __( 'You may get more details about email notifications customization <a href="%s">here</a>', 'ultimate-member' ), 'https://docs.ultimatemember.com/article/1335-email-templates' ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
?>
|
||||
</p>
|
||||
|
||||
<form action="" method="get" name="um-settings-emails" id="um-settings-emails">
|
||||
@@ -330,4 +331,4 @@ $ListTable->wpc_set_pagination_args( array( 'total_items' => count( $emails ), '
|
||||
<input type="hidden" name="tab" value="email" />
|
||||
|
||||
<?php $ListTable->display(); ?>
|
||||
</form>
|
||||
</form>
|
||||
|
||||
@@ -84,9 +84,10 @@ function um_upgrade_update_users_per_page20beta1() {
|
||||
}
|
||||
|
||||
$from = ( absint( $_POST['page'] ) * $users_per_page ) - $users_per_page + 1;
|
||||
$to = absint( $_POST['page'] ) * $users_per_page;
|
||||
$to = absint( $_POST['page'] ) * $users_per_page;
|
||||
|
||||
wp_send_json_success( array( 'message' => sprintf( __( 'Users from %s to %s was upgraded successfully...', 'ultimate-member' ), $from, $to ) ) );
|
||||
// translators: %1$s is a from; %2$s is a to.
|
||||
wp_send_json_success( array( 'message' => sprintf( __( 'Users from %1$s to %2$s was upgraded successfully...', 'ultimate-member' ), $from, $to ) ) );
|
||||
} else {
|
||||
wp_send_json_error();
|
||||
}
|
||||
@@ -213,9 +214,10 @@ function um_upgrade_update_forum_per_page20beta1() {
|
||||
}
|
||||
|
||||
$from = ( absint( $_POST['page'] ) * $posts_per_page ) - $posts_per_page + 1;
|
||||
$to = absint( $_POST['page'] ) * $posts_per_page;
|
||||
$to = absint( $_POST['page'] ) * $posts_per_page;
|
||||
|
||||
wp_send_json_success( array( 'message' => sprintf( __( 'Forums from %s to %s was upgraded successfully...', 'ultimate-member' ), $from, $to ) ) );
|
||||
// translators: %1$s is a from; %2$s is a to.
|
||||
wp_send_json_success( array( 'message' => sprintf( __( 'Forums from %1$s to %2$s was upgraded successfully...', 'ultimate-member' ), $from, $to ) ) );
|
||||
} else {
|
||||
wp_send_json_error();
|
||||
}
|
||||
@@ -300,9 +302,10 @@ function um_upgrade_update_products_per_page20beta1() {
|
||||
}
|
||||
|
||||
$from = ( absint( $_POST['page'] ) * $posts_per_page ) - $posts_per_page + 1;
|
||||
$to = absint( $_POST['page'] ) * $posts_per_page;
|
||||
$to = absint( $_POST['page'] ) * $posts_per_page;
|
||||
|
||||
wp_send_json_success( array( 'message' => sprintf( __( 'Woocommerce Products from %s to %s was upgraded successfully...', 'ultimate-member' ), $from, $to ) ) );
|
||||
// translators: %1$s is a from; %2$s is a to.
|
||||
wp_send_json_success( array( 'message' => sprintf( __( 'Woocommerce Products from %1$s to %2$s was upgraded successfully...', 'ultimate-member' ), $from, $to ) ) );
|
||||
} else {
|
||||
wp_send_json_error();
|
||||
}
|
||||
|
||||
@@ -46,7 +46,7 @@ function um_upgrade_metadata_per_user213beta3() {
|
||||
um.meta_value as meta_value
|
||||
FROM {$wpdb->users} u
|
||||
LEFT JOIN {$wpdb->usermeta} um ON ( um.user_id = u.ID AND um.meta_key IN( 'account_status','hide_in_members','synced_gravatar_hashed_id','synced_profile_photo','profile_photo','cover_photo','_um_verified' ) )
|
||||
WHERE u.ID >= %d AND
|
||||
WHERE u.ID >= %d AND
|
||||
u.ID <= %d",
|
||||
$min_max['MinID'],
|
||||
$min_max['MaxID']
|
||||
@@ -113,9 +113,10 @@ function um_upgrade_metadata_per_user213beta3() {
|
||||
}
|
||||
|
||||
$from = ( absint( $_POST['page'] ) * $per_page ) - $per_page + 1;
|
||||
$to = absint( $_POST['page'] ) * $per_page;
|
||||
$to = absint( $_POST['page'] ) * $per_page;
|
||||
|
||||
wp_send_json_success( array( 'message' => sprintf( __( 'Metadata from %s to %s users were upgraded successfully...', 'ultimate-member' ), $from, $to ) ) );
|
||||
// translators: %1$s is a from; %2$s is a to.
|
||||
wp_send_json_success( array( 'message' => sprintf( __( 'Metadata from %1$s to %2$s users were upgraded successfully...', 'ultimate-member' ), $from, $to ) ) );
|
||||
}
|
||||
|
||||
|
||||
|
||||
+4
-3
@@ -103,7 +103,7 @@ function um_upgrade_usermeta_part230() {
|
||||
$wpdb->prepare(
|
||||
"SELECT user_id,
|
||||
meta_key,
|
||||
meta_value
|
||||
meta_value
|
||||
FROM {$wpdb->usermeta}
|
||||
WHERE meta_key IN( '" . implode( "','", $fields_for_upgrade ) . "' )
|
||||
LIMIT %d, %d",
|
||||
@@ -127,9 +127,10 @@ function um_upgrade_usermeta_part230() {
|
||||
}
|
||||
|
||||
$from = ( absint( $_POST['page'] ) * $per_page ) - $per_page + 1;
|
||||
$to = absint( $_POST['page'] ) * $per_page;
|
||||
$to = absint( $_POST['page'] ) * $per_page;
|
||||
|
||||
wp_send_json_success( array( 'message' => sprintf( __( 'Metadata from %s to %s row were upgraded successfully...', 'ultimate-member' ), $from, $to ) ) );
|
||||
// translators: %1$s is a from; %2$s is a to.
|
||||
wp_send_json_success( array( 'message' => sprintf( __( 'Metadata from %1$s to %2$s row were upgraded successfully...', 'ultimate-member' ), $from, $to ) ) );
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -5,8 +5,8 @@
|
||||
global $wpdb;
|
||||
|
||||
$count = $wpdb->get_var(
|
||||
"SELECT COUNT( option_id )
|
||||
FROM {$wpdb->options}
|
||||
"SELECT COUNT( option_id )
|
||||
FROM {$wpdb->options}
|
||||
WHERE option_name LIKE 'um_cache_userdata_%'"
|
||||
);
|
||||
?>
|
||||
@@ -15,7 +15,10 @@ $count = $wpdb->get_var(
|
||||
|
||||
<p>
|
||||
<a href="<?php echo esc_url( add_query_arg( 'um_adm_action', 'user_cache' ) ); ?>" class="button">
|
||||
<?php echo esc_html( sprintf( __( 'Clear cache of %s users', 'ultimate-member' ), $count ) ); ?>
|
||||
<?php
|
||||
// translators: %s: users number.
|
||||
echo esc_html( sprintf( __( 'Clear cache of %s users', 'ultimate-member' ), $count ) );
|
||||
?>
|
||||
</a>
|
||||
<a href="<?php echo esc_url( add_query_arg( 'um_adm_action', 'user_status_cache' ) ); ?>" class="button">
|
||||
<?php esc_html_e( 'Clear user statuses cache', 'ultimate-member' ); ?>
|
||||
|
||||
@@ -1,10 +1,14 @@
|
||||
<?php if ( ! defined( 'ABSPATH' ) ) exit;
|
||||
|
||||
<?php if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( $this->dir_size( 'temp' ) > 0.1 ) { ?>
|
||||
|
||||
<p>
|
||||
<?php printf( __( 'You can free up <span class="red">%s MB</span> by purging your temp upload directory.', 'ultimate-member' ), $this->dir_size( 'temp' ) ); ?>
|
||||
<?php
|
||||
// translators: %s: temp folder size.
|
||||
echo wp_kses( sprintf( __( 'You can free up <span class="red">%s MB</span> by purging your temp upload directory.', 'ultimate-member' ), $this->dir_size( 'temp' ) ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
?>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
@@ -19,4 +23,4 @@ if ( $this->dir_size( 'temp' ) > 0.1 ) { ?>
|
||||
<?php _e( 'Your temp uploads directory is <span class="ok">clean</span>. There is nothing to purge.', 'ultimate-member' ); ?>
|
||||
</p>
|
||||
|
||||
<?php } ?>
|
||||
<?php } ?>
|
||||
|
||||
@@ -7,7 +7,10 @@
|
||||
<?php _e( 'Forms', 'ultimate-member' ); ?>
|
||||
</h3>
|
||||
<p>
|
||||
<?php printf( __( '%s provides you with forms for user registration, login and profiles.', 'ultimate-member' ), ultimatemember_plugin_name ); ?>
|
||||
<?php
|
||||
// translators: %s: plugin name.
|
||||
echo wp_kses( sprintf( __( '%s provides you with forms for user registration, login and profiles.', 'ultimate-member' ), ultimatemember_plugin_name ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
?>
|
||||
</p>
|
||||
<p>
|
||||
<?php _e( 'Via these forms you are collecting personal data from your users.', 'ultimate-member' ); ?>
|
||||
@@ -33,8 +36,11 @@
|
||||
<?php _e( 'Where we send your data', 'ultimate-member' ); ?>
|
||||
</h2>
|
||||
<p>
|
||||
<?php printf( __( '%s does not send any user data outside of your site by default.', 'ultimate-member' ), ultimatemember_plugin_name ); ?>
|
||||
<?php
|
||||
// translators: %s: plugin name.
|
||||
echo wp_kses( sprintf( __( '%s does not send any user data outside of your site by default.', 'ultimate-member' ), ultimatemember_plugin_name ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
?>
|
||||
</p>
|
||||
<p>
|
||||
<?php _e( 'If you have extended the functionality of the plugin (e.g sending registered user data to MailChimp via our MailChimp extension, this user info may be passed to these external services. These services may be located abroad and outwith the EU.', 'ultimate-member' ); ?>
|
||||
</p>
|
||||
</p>
|
||||
|
||||
@@ -1,10 +1,16 @@
|
||||
<?php if ( ! defined( 'ABSPATH' ) ) exit; ?>
|
||||
|
||||
<?php if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
} ?>
|
||||
|
||||
<div id="UM_fonticons" style="display:none">
|
||||
|
||||
<div class="um-admin-modal-head">
|
||||
<h3><?php printf( __( 'Choose from %s available icons', 'ultimate-member' ), count( UM()->fonticons()->all ) ); ?></h3>
|
||||
<h3>
|
||||
<?php
|
||||
// translators: %s: icons nubber.
|
||||
echo wp_kses( sprintf( __( 'Choose from %s available icons', 'ultimate-member' ), count( UM()->fonticons()->all ) ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
?>
|
||||
</h3>
|
||||
</div>
|
||||
|
||||
<div class="um-admin-modal-body"></div>
|
||||
@@ -14,4 +20,4 @@
|
||||
<a href="javascript:void(0);" class="button um-admin-modal-back um-admin-modal-cancel" data-action="UM_remove_modal"><?php _e( 'Cancel', 'ultimate-member' ) ?></a>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -0,0 +1,38 @@
|
||||
<?php
|
||||
namespace um\ajax;
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( ! class_exists( 'um\ajax\Init' ) ) {
|
||||
|
||||
/**
|
||||
* Class Init
|
||||
*
|
||||
* @package um\ajax
|
||||
*/
|
||||
class Init {
|
||||
|
||||
/**
|
||||
* Create classes' instances where __construct isn't empty for hooks init
|
||||
*
|
||||
* @used-by \UM::includes()
|
||||
*/
|
||||
public function includes() {
|
||||
$this->secure();
|
||||
}
|
||||
|
||||
/**
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @return Secure
|
||||
*/
|
||||
public function secure() {
|
||||
if ( empty( UM()->classes['um\ajax\secure'] ) ) {
|
||||
UM()->classes['um\ajax\secure'] = new Secure();
|
||||
}
|
||||
return UM()->classes['um\ajax\secure'];
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,515 @@
|
||||
<?php
|
||||
namespace um\ajax;
|
||||
|
||||
use WP_Session_Tokens;
|
||||
use WP_User_Query;
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
/**
|
||||
* Class Secure
|
||||
*
|
||||
* @package um\ajax
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
class Secure {
|
||||
|
||||
/**
|
||||
* Secure constructor.
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function __construct() {
|
||||
add_action( 'wp_ajax_um_secure_scan_affected_users', array( $this, 'ajax_scanner' ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* Scan affected users
|
||||
*/
|
||||
public function ajax_scanner() {
|
||||
if ( ! wp_verify_nonce( $_REQUEST['nonce'], 'um-admin-nonce' ) || ! current_user_can( 'manage_options' ) ) {
|
||||
wp_die( esc_attr__( 'Security Check', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
$last_scanned_capability = sanitize_key( $_REQUEST['last_scanned_capability'] );
|
||||
|
||||
if ( empty( $last_scanned_capability ) ) {
|
||||
delete_option( 'um_secure_scanned_details' );
|
||||
update_option( 'um_secure_scan_status', 'started' );
|
||||
update_option( 'um_secure_last_time_scanned', current_time( 'mysql' ) );
|
||||
}
|
||||
|
||||
$scan_details = get_option( 'um_secure_scanned_details', array() );
|
||||
|
||||
if ( ! empty( $_REQUEST['capabilities'] ) ) {
|
||||
$request_capabilities = is_array( $_REQUEST['capabilities'] ) ? $_REQUEST['capabilities'] : array( $_REQUEST['capabilities'] );
|
||||
$arr_banned_caps = array_map( 'sanitize_key', $request_capabilities );
|
||||
} else {
|
||||
$arr_banned_caps = UM()->options()->get( 'banned_capabilities' );
|
||||
}
|
||||
|
||||
$proceed = false;
|
||||
$completed = false;
|
||||
$message = '';
|
||||
$scanned_cap = '';
|
||||
$user_affected = false;
|
||||
$count_users = 0;
|
||||
|
||||
$last_element = end( $arr_banned_caps );
|
||||
|
||||
foreach ( $arr_banned_caps as $cap ) {
|
||||
|
||||
if ( empty( $last_scanned_capability ) ) {
|
||||
$proceed = true;
|
||||
} else {
|
||||
if ( $last_scanned_capability === $cap ) { // if this was the last capability, skip this and proceed the next loop.
|
||||
$proceed = true;
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if ( ! $proceed ) {
|
||||
continue;
|
||||
}
|
||||
|
||||
$args = array(
|
||||
'capability' => $cap,
|
||||
'role__not_in' => array( 'administrator' ),
|
||||
'fields' => 'ids',
|
||||
);
|
||||
$wp_user_query = new WP_User_Query( $args );
|
||||
$count_users = $wp_user_query->get_total();
|
||||
if ( $count_users <= 0 ) {
|
||||
// translators: %s capability name
|
||||
$message = wp_kses( sprintf( __( '<strong>`%s`</strong> <span style="color:green">is safe.</span>', 'ultimate-member' ), $cap ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
} else {
|
||||
$user_affected = true;
|
||||
// translators: %1$s capability name, has affected %2$d user account
|
||||
$message = wp_kses( sprintf( _n( '<strong>`%1$s`</strong> <span style="color:red">has affected %2$d user account.</span>', '<strong>`%1$s`</strong> <span style="color:red">has affected %2$d user accounts.</span>', $count_users, 'ultimate-member' ), $cap, $count_users ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
}
|
||||
|
||||
if ( $last_element === $cap ) {
|
||||
$completed = true;
|
||||
update_option( 'um_secure_scan_status', 'completed' );
|
||||
}
|
||||
|
||||
$scanned_cap = $cap;
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
if ( $user_affected ) {
|
||||
$scan_details['affected_caps'][] = $scanned_cap;
|
||||
|
||||
$scan_details['scanned_caps'][ $scanned_cap ] = array(
|
||||
'total_affected_users' => $count_users,
|
||||
'users' => $wp_user_query->get_results(),
|
||||
);
|
||||
|
||||
if ( ! isset( $scan_details['scanned_caps']['total_all_cap_flagged'] ) ) {
|
||||
$scan_details['scanned_caps']['total_all_cap_flagged'] = 1;
|
||||
} else {
|
||||
++$scan_details['scanned_caps']['total_all_cap_flagged'];
|
||||
}
|
||||
}
|
||||
|
||||
if ( ! isset( $scan_details['scanned_caps']['total_all_affected_users'] ) ) {
|
||||
$scan_details['scanned_caps']['total_all_affected_users'] = absint( $count_users );
|
||||
} else {
|
||||
$scan_details['scanned_caps']['total_all_affected_users'] = absint( $scan_details['scanned_caps']['total_all_affected_users'] ) + absint( $count_users );
|
||||
}
|
||||
|
||||
update_option( 'um_secure_scanned_details', $scan_details );
|
||||
|
||||
wp_send_json_success(
|
||||
array(
|
||||
'last_scanned_capability' => $scanned_cap,
|
||||
'message' => $message,
|
||||
'completed' => $completed,
|
||||
'recommendations' => $completed ? wp_kses( $this->scan_recommendations(), UM()->get_allowed_html( 'templates' ) ) : '',
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Recommendations after the scan completed.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function scan_recommendations() {
|
||||
global $wp_roles, $wpdb;
|
||||
$br = '</br>';
|
||||
$check = '<span class="dashicons dashicons-yes-alt" style="color:green"></span>';
|
||||
$flag = '<span class="dashicons dashicons-flag" style="color:red"></span>';
|
||||
$warning = '<span class="dashicons dashicons-warning" style="color:red"></span>';
|
||||
|
||||
$all_plugins = get_plugins();
|
||||
$active_plugins = apply_filters( 'active_plugins', get_option( 'active_plugins' ) );
|
||||
$um_forms = get_posts( 'post_type=um_form&numberposts=-1&fields=ids' );
|
||||
|
||||
$content = '-----' . $br . $br;
|
||||
|
||||
$suspicious_accounts = new WP_User_Query(
|
||||
array(
|
||||
'relation' => 'AND',
|
||||
'number' => -1,
|
||||
'meta_query' => array(
|
||||
'relation' => 'OR',
|
||||
array(
|
||||
'key' => 'submitted',
|
||||
'value' => sprintf( ':"%s";', $wpdb->prefix . '_capabilities' ),
|
||||
'compare' => 'LIKE',
|
||||
),
|
||||
array(
|
||||
'key' => 'submitted',
|
||||
'value' => sprintf( ':"%s";', $wpdb->prefix . '_user_level' ),
|
||||
'compare' => 'LIKE',
|
||||
),
|
||||
array(
|
||||
'key' => 'submitted',
|
||||
'value' => sprintf( '.*%s";', '_capabilities' ),
|
||||
'compare' => 'REGEXP',
|
||||
),
|
||||
array(
|
||||
'key' => 'submitted',
|
||||
'value' => sprintf( '.*%s";', '_user_level' ),
|
||||
'compare' => 'REGEXP',
|
||||
),
|
||||
),
|
||||
)
|
||||
);
|
||||
|
||||
$suspicious_accounts_count = $suspicious_accounts->get_total();
|
||||
$susp_accounts = $suspicious_accounts->get_results();
|
||||
$arr_dates_registered = array();
|
||||
$arr_suspected_accounts = array();
|
||||
|
||||
/**
|
||||
* Disable and Kick-out Suspicious accounts.
|
||||
*/
|
||||
if ( $suspicious_accounts_count > 0 ) {
|
||||
if ( ! empty( $susp_accounts ) ) {
|
||||
foreach ( $susp_accounts as $user ) {
|
||||
|
||||
$arr_suspected_accounts[] = $user->ID;
|
||||
$arr_dates_registered[] = $user->user_registered;
|
||||
|
||||
if ( $user->__get( 'um_user_blocked' ) ) {
|
||||
continue;
|
||||
}
|
||||
|
||||
UM()->common()->secure()->revoke_caps( $user );
|
||||
// Get an instance of WP_User_Meta_Session_Tokens
|
||||
$sessions_manager = WP_Session_Tokens::get_instance( $user->ID );
|
||||
// Remove all the session data for all users.
|
||||
$sessions_manager->destroy_all();
|
||||
}
|
||||
}
|
||||
|
||||
$arr_dates_in_timestamp = array_map( 'strtotime', $arr_dates_registered );
|
||||
|
||||
$oldest_date = min( $arr_dates_in_timestamp );
|
||||
$newest_date = max( $arr_dates_in_timestamp );
|
||||
|
||||
$might_affected_users = new WP_User_Query(
|
||||
array(
|
||||
'number' => -1,
|
||||
'exclude' => $arr_suspected_accounts,
|
||||
'date_query' => array(
|
||||
'after' => gmdate( 'F d, Y', strtotime( '-1 day', $oldest_date ) ),
|
||||
'before' => gmdate( 'F d, Y', strtotime( '+1 day', $newest_date ) ),
|
||||
),
|
||||
)
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Get Site Health's Total issues to resolve
|
||||
*/
|
||||
$get_issues = get_transient( 'health-check-site-status-result' );
|
||||
|
||||
$issue_counts = array();
|
||||
|
||||
if ( false !== $get_issues ) {
|
||||
$issue_counts = json_decode( $get_issues, true );
|
||||
}
|
||||
|
||||
if ( ! is_array( $issue_counts ) || ! $issue_counts ) {
|
||||
$issue_counts = array(
|
||||
'recommended' => 0,
|
||||
'critical' => 0,
|
||||
);
|
||||
}
|
||||
|
||||
$site_health_issues_total = $issue_counts['recommended'] + $issue_counts['critical'];
|
||||
|
||||
$content .= '<div style="font-size:19px;padding-bottom:10px;width:100%; display:block;border-bottom:1px solid #ccc;" id="um-secure-scanner-complete">' . ( $suspicious_accounts_count > 0 ? $warning : $check ) . esc_html__( 'Scan Complete.', 'ultimate-member' ) . '</div>';
|
||||
|
||||
$option = get_option( 'um_secure_scanned_details', $susp_accounts );
|
||||
$scan_details = $option['scanned_caps'];
|
||||
|
||||
if ( $suspicious_accounts_count > 0 ) {
|
||||
update_option( 'um_secure_found_suspicious_accounts', true );
|
||||
$content .= $br . $flag . '<strong>' . esc_html__( 'Suspicious Accounts Detected!', 'ultimate-member' ) . '</strong> <br/>';
|
||||
// translators: %s suspicious account
|
||||
$content .= $br . wp_kses( sprintf( _n( 'We have found <strong style="color:red;">%s suspicious account</strong> created on your site via Ultimate Member Forms.', 'We have found <strong style="color:red;">%s suspicious accounts</strong> created on your site via Ultimate Member Forms.', $suspicious_accounts_count, 'ultimate-member' ), $suspicious_accounts_count ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
$content .= $br . wp_kses( __( 'We\'ve temporarily disabled the suspicious account(s) for you to <strong>take actions</strong>.', 'ultimate-member' ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
|
||||
if ( $might_affected_users->get_total() > 0 ) {
|
||||
$od = gmdate( 'F d, Y', $oldest_date );
|
||||
$nd = gmdate( 'F d, Y', $newest_date );
|
||||
if ( $od !== $nd ) {
|
||||
$date_registered = $od . ' to ' . $nd;
|
||||
} else {
|
||||
$date_registered = $od;
|
||||
}
|
||||
// translators: %s suspicious account
|
||||
$content .= $br . $br . wp_kses( sprintf( _n( 'Also, We\'ve found <strong style="color:red;">%s account</strong>', 'Also, We\'ve found <strong style="color:red;">%s accounts</strong>', $might_affected_users->get_total(), 'ultimate-member' ), $might_affected_users->get_total() ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
// translators: %s account creation date
|
||||
$content .= ' ' . wp_kses( sprintf( _n( 'created on %s when the suspicious account was created.', 'created on %s when the suspicious accounts were created.', $suspicious_accounts_count, 'ultimate-member' ), $date_registered ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
}
|
||||
} else {
|
||||
$content .= $br . '<strong>' . esc_html__( 'Suspicious Accounts', 'ultimate-member' ) . '</strong> <br/>';
|
||||
$content .= $br . $check . ' ' . esc_html__( 'No suspicious accounts found', 'ultimate-member' ) . '<br/>';
|
||||
}
|
||||
|
||||
$content .= $br . $br . wp_kses( __( 'PLEASE READ OUR <strong>RECOMMENDATIONS</strong> BELOW: ', 'ultimate-member' ), UM()->get_allowed_html( 'admin_notice' ) ) . $br;
|
||||
|
||||
$content .= $br . '<div style="padding:10px; border:1px solid #ccc;">' . wp_kses( __( '<strong style="color:red">WARNING:</strong> Ensure that you\'ve created a full backup of your site as your restoration point before changing anything on your site with our recommendations.', 'ultimate-member' ), UM()->get_allowed_html( 'admin_notice' ) ) . '</div>';
|
||||
if ( $suspicious_accounts_count > 0 ) {
|
||||
$lock_register_forms_url = admin_url( 'admin.php?page=um_options&tab=secure&um_secure_lock_register_forms=1&_wpnonce=' . wp_create_nonce( 'um_secure_lock_register_forms' ) );
|
||||
$content .= $br . esc_html__( '1. Please temporarily lock all your active Register forms.', 'ultimate-member' );
|
||||
$content .= ' <a href="' . esc_attr( $lock_register_forms_url ) . '" target="_blank">' . esc_html__( 'Click here to lock them now.', 'ultimate-member' ) . '</a>';
|
||||
$content .= ' ' . esc_html__( 'You can unblock the Register forms later. Just go to Ultimate Member > Settings > Secure > uncheck the option "Lock All Register Forms".', 'ultimate-member' );
|
||||
$content .= $br . $br;
|
||||
$suspicious_accounts_url = admin_url( 'users.php?um_status=inactive' );
|
||||
|
||||
if ( $might_affected_users->get_total() > 0 ) {
|
||||
$od = gmdate( 'F d, Y', $oldest_date );
|
||||
$nd = gmdate( 'F d, Y', $newest_date );
|
||||
if ( $od !== $nd ) {
|
||||
$suspicious_accounts_url = admin_url( 'users.php?um_secure_date_from=' . $oldest_date . '&um_secure_date_to=' . $newest_date );
|
||||
} else {
|
||||
$suspicious_accounts_url = admin_url( 'users.php?um_secure_date_from=' . $oldest_date );
|
||||
}
|
||||
}
|
||||
|
||||
$content .= esc_html__( '2. Review all suspicious accounts and delete them completely.', 'ultimate-member' );
|
||||
$content .= ' <a href="' . esc_attr( $suspicious_accounts_url ) . '" target="_blank">' . esc_html__( 'Click here to review accounts.', 'ultimate-member' ) . '</a>';
|
||||
$content .= $br . $br;
|
||||
|
||||
$nonce = wp_create_nonce( 'um-secure-expire-session-nonce' );
|
||||
$destroy_all_sessions_url = admin_url( '?um_secure_expire_all_sessions=1&_wpnonce=' . esc_attr( $nonce ) . '&except_me=1' );
|
||||
$content .= esc_html__( '3. If accounts are suspicious to you, please destroy all user sessions to logout active users on your site.', 'ultimate-member' );
|
||||
$content .= ' <a href="' . esc_attr( $destroy_all_sessions_url ) . '" target="_blank">' . esc_html__( 'Click here to Destroy Sessions now', 'ultimate-member' ) . '</a>';
|
||||
|
||||
$content .= $br . $br;
|
||||
$content .= esc_html__( '4. Run a complete scan on your site using third-party Security plugins such as', 'ultimate-member' );
|
||||
$content .= ' <a target="_blank" href="' . esc_attr( admin_url( 'plugin-install.php?s=Jetpack%2520Protect%2520WP%2520Scan&tab=search&type=term' ) ) . '">' . esc_html__( 'WPScan/Jetpack Protect or WordFence Security', 'ultimate-member' ) . '</a>.';
|
||||
|
||||
$content .= $br . $br;
|
||||
$nonce = wp_create_nonce( 'um-secure-enable-reset-pass-nonce' );
|
||||
$reset_pass_sessions_url = admin_url( '?um_secure_enable_reset_password=1&_wpnonce=' . esc_attr( $nonce ) . '&except_me=1' );
|
||||
|
||||
$content .= esc_html__( '5. Force users to Reset their Passwords.', 'ultimate-member' );
|
||||
$content .= ' <a target="_blank" href="' . esc_attr( $reset_pass_sessions_url ) . '">' . esc_html__( 'Click here to enable this option', 'ultimate-member' ) . '</a>.';
|
||||
$content .= ' ' . esc_html__( 'When this option is enabled, users will be asked to reset their passwords(one-time) on the next login in the UM Login form.', 'ultimate-member' );
|
||||
$content .= $br . $br;
|
||||
|
||||
$content .= esc_html__( '6. Once your site is secured, please create or enable Daily Backups of your server/site. You can contact your hosting provider to assist you on this matter.', 'ultimate-member' );
|
||||
$content .= $br . $br;
|
||||
|
||||
$content .= esc_html__( '👇 MORE RECOMMENDATIONS BELOW.', 'ultimate-member' );
|
||||
}
|
||||
|
||||
$content .= $br . $br . '<strong>' . esc_html__( 'Review & Resolve Issues with Site Health Check tool', 'ultimate-member' ) . '</strong>';
|
||||
$content .= $br . esc_html__( 'Site Health is a tool in WordPress that helps you monitor how your site is doing. It shows critical information about your WordPress configuration and items that require your attention.', 'ultimate-member' );
|
||||
if ( $site_health_issues_total > 0 ) {
|
||||
// translators: %d issue in the Site Health status
|
||||
$content .= $br . $flag . esc_html( sprintf( _n( 'There\'s %d issue in the Site Health status', 'There are %d issues in the Site Health status', $site_health_issues_total, 'ultimate-member' ), $site_health_issues_total ) );
|
||||
$content .= ': <a target="_blank" href="' . admin_url( 'site-health.php' ) . '">' . esc_html__( 'Review Site Health Status', 'ultimate-member' ) . '</a>';
|
||||
} else {
|
||||
$content .= $br . $check . esc_html__( 'There are no issues found in the Site Health status', 'ultimate-member' );
|
||||
}
|
||||
|
||||
$content .= $br . $br . '<strong>' . esc_html__( 'Default WP Register Form', 'ultimate-member' ) . '</strong>';
|
||||
if ( get_option( 'users_can_register' ) ) {
|
||||
$content .= $br . $flag . wp_kses( __( 'The default WordPress Register form is enabled. If you\'re getting Spam User Registrations, we recommend that you enable a Challenge-Response plugin such as our <a href="https://wordpress.org/plugins/um-recaptcha/" target="_blank">Ultimate Member - Google reCAPTCHA</a> extension.', 'ultimate-member' ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
$content .= $br;
|
||||
} else {
|
||||
$content .= $br . $check . esc_html__( 'The default WordPress Register form is disabled.', 'ultimate-member' ) . $br;
|
||||
}
|
||||
|
||||
$content .= $br . '<strong>' . esc_html__( 'Secure Register Forms', 'ultimate-member' ) . '</strong>';
|
||||
$content .= $br . esc_html__( 'We\'ve removed the assignment of administrative roles for Register forms due to vulnerabilities in previous versions of the plugin. If your Register forms still have Administrative roles, we recommend that you assign a non-admin roles to secure the forms.', 'ultimate-member' ) . $br;
|
||||
foreach ( $um_forms as $fid ) {
|
||||
switch ( get_post_meta( $fid, '_um_mode', true ) ) {
|
||||
case 'register':
|
||||
$is_customized = absint( get_post_meta( $fid, '_um_register_use_custom_settings', true ) );
|
||||
$arr_banned_caps = UM()->options()->get( 'banned_capabilities' );
|
||||
$has_banned_cap = false;
|
||||
$role = get_post_meta( $fid, '_um_register_role', true );
|
||||
|
||||
if ( ! empty( $is_customized ) && ! empty( $role ) ) {
|
||||
$caps = get_role( $role )->capabilities;
|
||||
if ( is_array( $arr_banned_caps ) ) {
|
||||
foreach ( array_keys( $caps ) as $cap ) {
|
||||
if ( in_array( $cap, $arr_banned_caps, true ) ) {
|
||||
$content .= $br . '<a target="_blank" href="' . get_edit_post_link( $fid ) . '">' . get_the_title( $fid ) . '</a> ' . wp_kses( __( 'contains <strong>administrative role</strong>', 'ultimate-member' ), UM()->get_allowed_html( 'admin_notice' ) ) . ' ' . $flag;
|
||||
$has_banned_cap = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ( ! $has_banned_cap || ! $is_customized ) {
|
||||
$content .= $br . '<a target="_blank" href="' . get_edit_post_link( $fid ) . '">' . get_the_title( $fid ) . '</a> ' . wp_kses( __( 'is <strong>secured</strong>', 'ultimate-member' ), UM()->get_allowed_html( 'admin_notice' ) ) . ' ' . $check;
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
$content .= $br;
|
||||
|
||||
$content .= $br . '<strong>' . esc_html__( 'Block Disposable Email Addresses/Domains', 'ultimate-member' ) . '</strong>';
|
||||
if ( empty( UM()->options()->get( 'blocked_emails' ) ) ) {
|
||||
$content .= $br . $flag . wp_kses( __( 'You are not blocking email addresses or disposable email domains that are mostly used for Spam Account Registrations. You can get the list of disposable email domains with our basic extension <a href="https://docs.ultimatemember.com/article/1870-block-disposable-email-domains" target="_blank">Block Disposable Email Domains</a>.', 'ultimate-member' ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
$content .= $br;
|
||||
} else {
|
||||
$content .= $br . $check . esc_html__( 'Blocked Emails option is already set.', 'ultimate-member' );
|
||||
$content .= $br;
|
||||
}
|
||||
|
||||
$content .= $br . '<strong>' . esc_html__( 'Manage User Roles & Capabilities', 'ultimate-member' ) . '</strong>';
|
||||
if ( absint( $scan_details['total_all_affected_users'] ) > 0 ) {
|
||||
$count_flagged_caps = $scan_details['total_all_cap_flagged'];
|
||||
$count_users = $scan_details['total_all_affected_users'];
|
||||
$affected_caps = $option['affected_caps'];
|
||||
$affected_roles = array();
|
||||
|
||||
$all_roles = $wp_roles->roles;
|
||||
$editable_roles = apply_filters( 'editable_roles', $all_roles );
|
||||
foreach ( $affected_caps as $cap ) {
|
||||
foreach ( $editable_roles as $role_key => $role ) {
|
||||
if ( array_key_exists( $cap, $role['capabilities'] ) ) {
|
||||
$affected_roles[ $role_key ] = $role['name'];
|
||||
}
|
||||
}
|
||||
}
|
||||
// translators: %d users count
|
||||
$content .= $br . $flag . esc_html( sprintf( _n( 'We have found %d user account', 'We have found %d user accounts', $count_users, 'ultimate-member' ), $count_users ) );
|
||||
// translators: %d count of banned capabilities
|
||||
$content .= sprintf( _n( ' affected by %d capability selected in the Banned Administrative Capabilities.', ' affected by one of the %d capabilities selected in the Banned Administrative Capabilities.', $count_flagged_caps, 'ultimate-member' ), $count_flagged_caps );
|
||||
|
||||
$content .= $br . '- ' . implode( '<br/> - ', $affected_caps );
|
||||
|
||||
$content .= $br . $br . esc_html__( 'The flagged capabilities are related to the following roles: ', 'ultimate-member' ) . $br . ' - ' . implode( '<br/> - ', array_values( $affected_roles ) );
|
||||
// translators: %s is the role settings URL
|
||||
$content .= $br . $br . wp_kses( sprintf( __( 'The affected user accounts will be flagged as suspicious when they update their Profile/Account. If you are not using these capabilities, you may remove them from the roles in the <a target="_blank" href="%s">User Role settings</a>.', 'ultimate-member' ), admin_url( 'admin.php?page=um_roles' ) ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
// translators: %s is the plugins page URL
|
||||
$content .= ' ' . wp_kses( sprintf( __( 'If the roles are not created via Ultimate Member > User Roles, you can use a <a href="%s" target="_blank">third-party plugin</a> to modify the role capability.', 'ultimate-member' ), admin_url( 'plugin-install.php?s=User%2520Role%2520Editor%2520WordPress%2520&tab=search&type=term' ) ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
$content .= $br . $br . esc_html__( 'We strongly recommend that you never assign roles with the same capabilities as your administrators for your members/users and that may allow them to access the admin-side features and functionalities of your WordPress site.', 'ultimate-member' );
|
||||
} else {
|
||||
$content .= $br . $check . esc_html__( 'Roles & Capabilities are all secured. No users are using the same capabilities as your administrators.', 'ultimate-member' );
|
||||
}
|
||||
|
||||
$content .= $br . $br . '<strong>' . esc_html__( 'Require Strong Passwords', 'ultimate-member' ) . '</strong>';
|
||||
if ( ! UM()->options()->get( 'require_strongpass' ) ) {
|
||||
$content .= $br . $flag . esc_html__( 'We recommend that you enable and require "Strong Password" feature for all the Register, Reset Password & Account forms.', 'ultimate-member' );
|
||||
$content .= $br . ' <a href="' . admin_url( 'admin.php?page=um_options§ion=users' ) . '" target="_blank" >' . esc_html__( 'Click here to enable.', 'ultimate-member' ) . '</a>';
|
||||
} else {
|
||||
$content .= $br . $check . esc_html__( 'Your forms are already configured to require of using strong passwords.', 'ultimate-member' );
|
||||
}
|
||||
|
||||
$content .= $br . $br . '<strong>' . esc_html__( 'Secure Site\'s Connection', 'ultimate-member' ) . '</strong>';
|
||||
if ( ! isset( $_SERVER['HTTPS'] ) || 'on' !== $_SERVER['HTTPS'] ) {
|
||||
$content .= $br . $flag . esc_html__( 'Your site cannot provide a secure connection. Please contact your hosting provider to enable SSL certifications on your server.', 'ultimate-member' );
|
||||
} else {
|
||||
$content .= $br . $check . esc_html__( 'Your site provides a secure connection with SSL.', 'ultimate-member' );
|
||||
}
|
||||
|
||||
$content .= $br . $br . '<strong>' . esc_html__( 'Install Challenge-Response plugin to Login & Register Forms', 'ultimate-member' ) . '</strong>';
|
||||
if ( ! array_key_exists( 'um-recaptcha/um-recaptcha.php', $all_plugins ) ) {
|
||||
$content .= $br . $flag . wp_kses( __( 'We recommend that you install and enable <a href="https://wordpress.org/plugins/um-recaptcha/" target="_blank">Ultimate Member - Google reCAPTCHA</a> to your Reset Password, Login & Register forms.', 'ultimate-member' ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
} else {
|
||||
if ( in_array( 'um-recaptcha/um-recaptcha.php', $active_plugins, true ) ) {
|
||||
$content .= $br . $check . esc_html__( 'Ultimate Member - Google reCAPTCHA is active.', 'ultimate-member' );
|
||||
foreach ( $um_forms as $fid ) {
|
||||
switch ( get_post_meta( $fid, '_um_mode', true ) ) {
|
||||
case 'register':
|
||||
$has_captcha = get_post_meta( $fid, '_um_register_g_recaptcha_status', true );
|
||||
if ( ! empty( $has_captcha ) ) {
|
||||
// translators: %1$s is UM form edit link, %2$s is the UM form title
|
||||
$content .= $br . ' ' . wp_kses( sprintf( __( '- Register: <a target="_blank" href="%1$s">%2$s</a> reCAPTCHA is <strong>enabled</strong>', 'ultimate-member' ), get_edit_post_link( $fid ), get_the_title( $fid ) ), UM()->get_allowed_html( 'admin_notice' ) ) . ' ' . $check;
|
||||
} else {
|
||||
// translators: %1$s is UM form edit link, %2$s is the UM form title
|
||||
$content .= $br . ' ' . wp_kses( sprintf( __( '- Register: <a target="_blank" href="%1$s">%2$s</a> reCAPTCHA is <strong>disabled</strong>', 'ultimate-member' ), get_edit_post_link( $fid ), get_the_title( $fid ) ), UM()->get_allowed_html( 'admin_notice' ) ) . ' ' . $flag;
|
||||
}
|
||||
break;
|
||||
case 'login':
|
||||
$has_captcha = get_post_meta( $fid, '_um_login_g_recaptcha_status', true );
|
||||
if ( ! empty( $has_captcha ) ) {
|
||||
// translators: %1$s is UM form edit link, %2$s is the UM form title
|
||||
$content .= $br . ' ' . wp_kses( sprintf( __( '- Login: <a target="_blank" href="%1$s">%2$s</a> reCAPTCHA is <strong>enabled</strong>', 'ultimate-member' ), get_edit_post_link( $fid ), get_the_title( $fid ) ), UM()->get_allowed_html( 'admin_notice' ) ) . ' ' . $check;
|
||||
} else {
|
||||
// translators: %1$s is UM form edit link, %2$s is the UM form title
|
||||
$content .= $br . ' ' . wp_kses( sprintf( __( '- Login: <a target="_blank" href="%1$s">%2$s</a> reCAPTCHA is <strong>disabled</strong>', 'ultimate-member' ), get_edit_post_link( $fid ), get_the_title( $fid ) ), UM()->get_allowed_html( 'admin_notice' ) ) . ' ' . $flag;
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
$reset_pass_form = UM()->options()->get( 'g_recaptcha_password_reset' );
|
||||
if ( ! empty( $reset_pass_form ) ) {
|
||||
$content .= $br . ' ' . wp_kses( __( '- Reset Password Form\'s Google reCAPTCHA is <strong>enabled</strong>', 'ultimate-member' ), UM()->get_allowed_html( 'admin_notice' ) ) . ' ' . $check;
|
||||
} else {
|
||||
$content .= $br . ' ' . wp_kses( __( '- Reset Password Form\'s Google reCAPTCHA is <strong>disabled</strong>', 'ultimate-member' ), UM()->get_allowed_html( 'admin_notice' ) ) . ' ' . $flag;
|
||||
}
|
||||
} else {
|
||||
$content .= $br . $flag . esc_html__( 'Ultimate Member - Google reCAPTCHA is installed but not activated.', 'ultimate-member' );
|
||||
}
|
||||
}
|
||||
|
||||
$update_plugins = get_site_transient( 'update_plugins' );
|
||||
$update_themes = get_site_transient( 'update_themes' );
|
||||
$update_wp_core = get_site_transient( 'update_core' );
|
||||
global $wp_version;
|
||||
$content .= $br . $br . '<strong>' . esc_html__( 'Keep Themes & Plugins up to date.', 'ultimate-member' ) . '</strong>';
|
||||
$content .= $br . esc_html__( 'It is important that you update your themes/plugins if the theme/plugin creators update is aimed at fixing security, bug and vulnerability issues. It is not a good idea to ignore available updates as this may give hackers an advantage when trying to access your website.', 'ultimate-member' );
|
||||
|
||||
if ( ! empty( $update_plugins->response ) ) {
|
||||
// translators: %d count of plugins for update
|
||||
$content .= $br . $br . $flag . sprintf( _n( 'There\'s %d plugin that requires an update.', 'There are %d plugins that require updates', count( $update_plugins->response ), 'ultimate-member' ), count( $update_plugins->response ) ) . ' <a target="_blank" href="' . admin_url( 'update-core.php' ) . '">' . esc_html__( 'Update Plugins Now', 'ultimate-member' ) . '</a>';
|
||||
foreach ( $update_plugins->response as $plugin_name => $data ) {
|
||||
$content .= $br . ' - ' . $plugin_name;
|
||||
}
|
||||
} else {
|
||||
$content .= $br . $br . $check . esc_html__( 'Plugins are up to date.', 'ultimate-member' );
|
||||
}
|
||||
|
||||
if ( ! empty( $update_themes->response ) ) {
|
||||
// translators: %d count of themes for update
|
||||
$content .= $br . $br . $flag . sprintf( _n( 'There\'s %d theme that requires an update.', 'There are %d themes that require updates', count( $update_plugins->response ), 'ultimate-member' ), count( $update_plugins->response ) ) . ' <a target="_blank" href="' . admin_url( 'update-core.php' ) . '">' . esc_html__( 'Update Themes Now', 'ultimate-member' ) . '</a>';
|
||||
foreach ( $update_themes->response as $theme_name => $data ) {
|
||||
$content .= $br . ' - ' . $theme_name;
|
||||
}
|
||||
} else {
|
||||
$content .= $br . $br . $check . esc_html__( 'Themes are up to date.', 'ultimate-member' );
|
||||
}
|
||||
|
||||
if ( isset( $update_themes->current ) && $wp_version !== $update_themes->current ) {
|
||||
$content .= $br . $br . $flag . esc_html__( 'There\'s a new version of WordPress.', 'ultimate-member' ) . '<a target="_blank" href="' . admin_url( 'update-core.php' ) . '">' . esc_html__( 'Update WordPress Now', 'ultimate-member' ) . '</a>';
|
||||
} else {
|
||||
$content .= $br . $br . $check . esc_html__( 'You\'re using the latest version of WordPress', 'ultimate-member' ) . '(' . esc_attr( $wp_version ) . ')';
|
||||
}
|
||||
|
||||
$content .= $br . $br . wp_kses( __( 'That\'s all. If you have any recommendation on how to secure your site or have questions, please contact us on our <a href="https://ultimatemember.com/feedback/" target="_blank">feedback page</a>.', 'ultimate-member' ), UM()->get_allowed_html( 'admin_notice' ) );
|
||||
|
||||
update_option( 'um_secure_scan_result_content', $content );
|
||||
|
||||
return $content;
|
||||
}
|
||||
}
|
||||
@@ -195,7 +195,6 @@ if ( ! class_exists( 'um\Config' ) ) {
|
||||
'_um_secondary_color',
|
||||
);
|
||||
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
@@ -496,10 +495,18 @@ if ( ! class_exists( 'um\Config' ) ) {
|
||||
'body' => '{display_name} has just deleted their {site_name} account.',
|
||||
'description' => __('Whether to receive notification when an account is deleted','ultimate-member'),
|
||||
'recipient' => 'admin'
|
||||
)
|
||||
),
|
||||
'suspicious-activity' => array(
|
||||
'key' => 'suspicious-activity',
|
||||
'title' => __( 'Secure: Suspicious Account Activity', 'ultimate-member' ),
|
||||
'subject' => __( '[{site_name}] Suspicious Account Activity', 'ultimate-member' ),
|
||||
'body' => 'This is to inform you that there are suspicious activities with the following accounts: {user_profile_link}',
|
||||
'description' => __( 'Whether to receive notification when suspicious account activity is detected.', 'ultimate-member' ),
|
||||
'recipient' => 'admin',
|
||||
'default_active' => true,
|
||||
),
|
||||
) );
|
||||
|
||||
|
||||
//settings defaults
|
||||
$this->settings_defaults = array(
|
||||
'restricted_access_post_metabox' => array( 'post' => 1, 'page' => 1 ),
|
||||
@@ -559,9 +566,9 @@ if ( ! class_exists( 'um\Config' ) ) {
|
||||
'form_asterisk' => 0,
|
||||
'profile_title' => '{display_name} | {site_name}',
|
||||
'profile_desc' => '{display_name} is on {site_name}. Join {site_name} to view {display_name}\'s profile',
|
||||
'admin_email' => get_bloginfo('admin_email'),
|
||||
'mail_from' => get_bloginfo('name'),
|
||||
'mail_from_addr' => get_bloginfo('admin_email'),
|
||||
'admin_email' => get_bloginfo( 'admin_email' ),
|
||||
'mail_from' => get_bloginfo( 'name' ),
|
||||
'mail_from_addr' => get_bloginfo( 'admin_email' ),
|
||||
'email_html' => 1,
|
||||
'image_orientation_by_exif' => 0,
|
||||
'image_compression' => 60,
|
||||
@@ -573,9 +580,18 @@ if ( ! class_exists( 'um\Config' ) ) {
|
||||
'um_profile_object_cache_stop' => 0,
|
||||
'rest_api_version' => '2.0',
|
||||
'member_directory_own_table' => 0,
|
||||
'profile_show_bio' => false,
|
||||
'profile_show_html_bio' => 0,
|
||||
'profile_bio_maxchars' => 180,
|
||||
'profile_noindex' => 0,
|
||||
'activation_link_expiry_time' => '',
|
||||
'lock_register_forms' => false,
|
||||
'display_login_form_notice' => false,
|
||||
'secure_ban_admins_accounts' => false,
|
||||
'banned_capabilities' => array( 'manage_options', 'promote_users', 'level_10' ),
|
||||
'secure_notify_admins_banned_accounts' => false,
|
||||
'secure_notify_admins_banned_accounts__interval' => 'instant',
|
||||
'secure_allowed_redirect_hosts' => '',
|
||||
);
|
||||
|
||||
add_filter( 'um_get_tabs_from_config', '__return_true' );
|
||||
|
||||
@@ -193,13 +193,17 @@ if ( ! class_exists( 'um\Dependencies' ) ) {
|
||||
|
||||
$message = '';
|
||||
if ( version_compare( ultimatemember_version, $um_required_ver, '<' ) ) {
|
||||
$message = sprintf( __( 'This version of <strong>"%s"</strong> requires the core <strong>%s</strong> plugin to be <strong>%s</strong> or higher.', 'ultimate-member' ), $ext_title, ultimatemember_plugin_name, $um_required_ver ) .
|
||||
'<br />' .
|
||||
sprintf( __( 'Please update <strong>%s</strong> to the latest version.', 'ultimate-member' ), ultimatemember_plugin_name );
|
||||
} elseif ( empty( $this->ext_required_version[$ext_key] ) || version_compare( $this->ext_required_version[$ext_key], $ext_ver, '>' ) ) {
|
||||
$message = sprintf( __( 'Sorry, but this version of <strong>%s</strong> does not work with extension <strong>"%s" %s</strong> version.', 'ultimate-member' ), ultimatemember_plugin_name, $ext_title, $ext_ver ) .
|
||||
'<br />' .
|
||||
sprintf( __( 'Please update extension <strong>"%s"</strong> to the latest version.', 'ultimate-member' ), $ext_title );
|
||||
// translators: %1$s is a extension name; %2$s is a plugin name; %3$s is a required version.
|
||||
$message = sprintf( __( 'This version of <strong>"%1$s"</strong> requires the core <strong>%2$s</strong> plugin to be <strong>%3$s</strong> or higher.', 'ultimate-member' ), $ext_title, ultimatemember_plugin_name, $um_required_ver ) .
|
||||
'<br />' .
|
||||
// translators: %s: plugin name.
|
||||
sprintf( __( 'Please update <strong>%s</strong> to the latest version.', 'ultimate-member' ), ultimatemember_plugin_name );
|
||||
} elseif ( empty( $this->ext_required_version[ $ext_key ] ) || version_compare( $this->ext_required_version[ $ext_key ], $ext_ver, '>' ) ) {
|
||||
// translators: %1$s is a plugin name; %2$s is a extension name; %3$s is a extension version.
|
||||
$message = sprintf( __( 'Sorry, but this version of <strong>%1$s</strong> does not work with extension <strong>"%2$s" %3$s</strong> version.', 'ultimate-member' ), ultimatemember_plugin_name, $ext_title, $ext_ver ) .
|
||||
'<br />' .
|
||||
// translators: %s: extension name.
|
||||
sprintf( __( 'Please update extension <strong>"%s"</strong> to the latest version.', 'ultimate-member' ), $ext_title );
|
||||
}
|
||||
|
||||
return $message;
|
||||
@@ -208,9 +212,11 @@ if ( ! class_exists( 'um\Dependencies' ) ) {
|
||||
if ( ! self::$active_plugins ) self::init();
|
||||
|
||||
if ( ! in_array( "um-{$ext_key}/um-{$ext_key}.php", self::$active_plugins ) && ! array_key_exists( "um-{$ext_key}/um-{$ext_key}.php", self::$active_plugins ) ) {
|
||||
$message = sprintf( __( 'Please check <strong>"%s" %s</strong> extension\'s folder name.', 'ultimate-member' ), $ext_title, $ext_ver ) .
|
||||
'<br />' .
|
||||
sprintf( __( 'Correct folder name is <strong>"%s"</strong>', 'ultimate-member' ), "um-{$ext_key}" );
|
||||
// translators: %1$s is a extension name; %2$s is a extension version.
|
||||
$message = sprintf( __( 'Please check <strong>"%1$s" %2$s</strong> extension\'s folder name.', 'ultimate-member' ), $ext_title, $ext_ver ) .
|
||||
'<br />' .
|
||||
// translators: %s: extension name.
|
||||
sprintf( __( 'Correct folder name is <strong>"%s"</strong>', 'ultimate-member' ), "um-{$ext_key}" );
|
||||
|
||||
return $message;
|
||||
}
|
||||
|
||||
@@ -98,6 +98,7 @@ if ( ! class_exists( 'um\Extensions' ) ) {
|
||||
|
||||
$settings['licenses']['fields'][] = array(
|
||||
'id' => "um_{$slug}_license_key",
|
||||
// translators: %s: extension name.
|
||||
'label' => sprintf( __( '%s License Key', 'ultimate-member' ), $extension['title'] ),
|
||||
'item_name' => $extension['item_name'],
|
||||
'author' => 'Ultimate Member',
|
||||
@@ -227,4 +228,4 @@ if ( ! class_exists( 'um\Extensions' ) ) {
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -568,6 +568,9 @@ if ( ! class_exists( 'UM_Functions' ) ) {
|
||||
'charoff' => true,
|
||||
'valign' => true,
|
||||
),
|
||||
'a' => array(
|
||||
'onclick' => array(),
|
||||
),
|
||||
);
|
||||
break;
|
||||
case 'templates':
|
||||
|
||||
+39
-12
@@ -527,8 +527,10 @@ if ( ! class_exists( 'UM' ) ) {
|
||||
}
|
||||
|
||||
//run setup
|
||||
$this->common()->create_post_types();
|
||||
$this->common()->cpt()->create_post_types();
|
||||
$this->setup()->run_setup();
|
||||
|
||||
$this->cron()->schedule_events();
|
||||
}
|
||||
|
||||
|
||||
@@ -549,10 +551,11 @@ if ( ! class_exists( 'UM' ) ) {
|
||||
*/
|
||||
public function includes() {
|
||||
|
||||
$this->common();
|
||||
$this->common()->includes();
|
||||
$this->access();
|
||||
|
||||
if ( $this->is_request( 'ajax' ) ) {
|
||||
$this->ajax()->includes();
|
||||
$this->admin();
|
||||
$this->ajax_init();
|
||||
$this->admin_ajax_hooks();
|
||||
@@ -565,6 +568,7 @@ if ( ! class_exists( 'UM' ) ) {
|
||||
$this->plugin_updater();
|
||||
$this->theme_updater();
|
||||
} elseif ( $this->is_request( 'admin' ) ) {
|
||||
$this->admin()->includes();
|
||||
$this->admin();
|
||||
$this->admin_menu();
|
||||
$this->admin_upgrade();
|
||||
@@ -572,7 +576,6 @@ if ( ! class_exists( 'UM' ) ) {
|
||||
$this->columns();
|
||||
$this->admin_enqueue();
|
||||
$this->metabox();
|
||||
$this->admin()->notices();
|
||||
$this->users();
|
||||
$this->dragdrop();
|
||||
$this->admin_gdpr();
|
||||
@@ -580,6 +583,7 @@ if ( ! class_exists( 'UM' ) ) {
|
||||
$this->plugin_updater();
|
||||
$this->theme_updater();
|
||||
} elseif ( $this->is_request( 'frontend' ) ) {
|
||||
$this->frontend()->includes();
|
||||
$this->enqueue();
|
||||
$this->account();
|
||||
$this->password();
|
||||
@@ -607,6 +611,7 @@ if ( ! class_exists( 'UM' ) ) {
|
||||
$this->gdpr();
|
||||
$this->member_directory();
|
||||
$this->blocks();
|
||||
$this->secure();
|
||||
|
||||
//if multisite networks active
|
||||
if ( is_multisite() ) {
|
||||
@@ -649,7 +654,6 @@ if ( ! class_exists( 'UM' ) ) {
|
||||
return $this->classes['blocks'];
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Get extension API
|
||||
*
|
||||
@@ -688,19 +692,43 @@ if ( ! class_exists( 'UM' ) ) {
|
||||
return $this->classes[ $key ];
|
||||
}
|
||||
|
||||
/**
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @return um\ajax\Init
|
||||
*/
|
||||
public function ajax() {
|
||||
if ( empty( $this->classes['um\ajax\init'] ) ) {
|
||||
$this->classes['um\ajax\init'] = new um\ajax\Init();
|
||||
}
|
||||
|
||||
return $this->classes['um\ajax\init'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @since 2.0
|
||||
* @since 2.6.8 changed namespace and class content.
|
||||
*
|
||||
* @return um\core\Common()
|
||||
* @return um\common\Init
|
||||
*/
|
||||
function common() {
|
||||
if ( empty( $this->classes['common'] ) ) {
|
||||
$this->classes['common'] = new um\core\Common();
|
||||
public function common() {
|
||||
if ( empty( $this->classes['um\common\init'] ) ) {
|
||||
$this->classes['um\common\init'] = new um\common\Init();
|
||||
}
|
||||
return $this->classes['common'];
|
||||
return $this->classes['um\common\init'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @return um\frontend\Init
|
||||
*/
|
||||
public function frontend() {
|
||||
if ( empty( $this->classes['um\frontend\init'] ) ) {
|
||||
$this->classes['um\frontend\init'] = new um\frontend\Init();
|
||||
}
|
||||
return $this->classes['um\frontend\init'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @since 2.0
|
||||
@@ -760,7 +788,6 @@ if ( ! class_exists( 'UM' ) ) {
|
||||
new um\core\AJAX_Common();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @since 2.0.30
|
||||
*/
|
||||
@@ -775,9 +802,9 @@ if ( ! class_exists( 'UM' ) ) {
|
||||
/**
|
||||
* @since 2.0
|
||||
*
|
||||
* @return um\admin\Admin()
|
||||
* @return um\admin\Admin
|
||||
*/
|
||||
function admin() {
|
||||
public function admin() {
|
||||
if ( empty( $this->classes['admin'] ) ) {
|
||||
$this->classes['admin'] = new um\admin\Admin();
|
||||
}
|
||||
|
||||
@@ -0,0 +1,92 @@
|
||||
<?php
|
||||
namespace um\common;
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( ! class_exists( 'um\common\CPT' ) ) {
|
||||
|
||||
/**
|
||||
* Class CPT
|
||||
*
|
||||
* @package um\common
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
class CPT {
|
||||
|
||||
public function hooks() {
|
||||
add_action( 'init', array( &$this, 'create_post_types' ), 1 );
|
||||
}
|
||||
|
||||
/**
|
||||
* Create taxonomies for use for UM
|
||||
*/
|
||||
public function create_post_types() {
|
||||
register_post_type(
|
||||
'um_form',
|
||||
array(
|
||||
'labels' => array(
|
||||
'name' => __( 'Forms', 'ultimate-member' ),
|
||||
'singular_name' => __( 'Form', 'ultimate-member' ),
|
||||
'add_new' => __( 'Add New', 'ultimate-member' ),
|
||||
'add_new_item' => __( 'Add New Form', 'ultimate-member' ),
|
||||
'edit_item' => __( 'Edit Form', 'ultimate-member' ),
|
||||
'not_found' => __( 'You did not create any forms yet', 'ultimate-member' ),
|
||||
'not_found_in_trash' => __( 'Nothing found in Trash', 'ultimate-member' ),
|
||||
'search_items' => __( 'Search Forms', 'ultimate-member' ),
|
||||
),
|
||||
'capabilities' => array(
|
||||
'edit_post' => 'manage_options',
|
||||
'read_post' => 'manage_options',
|
||||
'delete_post' => 'manage_options',
|
||||
'edit_posts' => 'manage_options',
|
||||
'edit_others_posts' => 'manage_options',
|
||||
'delete_posts' => 'manage_options',
|
||||
'publish_posts' => 'manage_options',
|
||||
'read_private_posts' => 'manage_options',
|
||||
),
|
||||
'show_ui' => true,
|
||||
'show_in_menu' => false,
|
||||
'public' => false,
|
||||
'show_in_rest' => true,
|
||||
'supports' => array( 'title' ),
|
||||
)
|
||||
);
|
||||
|
||||
if ( UM()->options()->get( 'members_page' ) ) {
|
||||
register_post_type(
|
||||
'um_directory',
|
||||
array(
|
||||
'labels' => array(
|
||||
'name' => __( 'Member Directories', 'ultimate-member' ),
|
||||
'singular_name' => __( 'Member Directory', 'ultimate-member' ),
|
||||
'add_new' => __( 'Add New', 'ultimate-member' ),
|
||||
'add_new_item' => __( 'Add New Member Directory', 'ultimate-member' ),
|
||||
'edit_item' => __( 'Edit Member Directory', 'ultimate-member' ),
|
||||
'not_found' => __( 'You did not create any member directories yet', 'ultimate-member' ),
|
||||
'not_found_in_trash' => __( 'Nothing found in Trash', 'ultimate-member' ),
|
||||
'search_items' => __( 'Search Member Directories', 'ultimate-member' ),
|
||||
),
|
||||
'capabilities' => array(
|
||||
'edit_post' => 'manage_options',
|
||||
'read_post' => 'manage_options',
|
||||
'delete_post' => 'manage_options',
|
||||
'edit_posts' => 'manage_options',
|
||||
'edit_others_posts' => 'manage_options',
|
||||
'delete_posts' => 'manage_options',
|
||||
'publish_posts' => 'manage_options',
|
||||
'read_private_posts' => 'manage_options',
|
||||
),
|
||||
'show_ui' => true,
|
||||
'show_in_menu' => false,
|
||||
'public' => false,
|
||||
'show_in_rest' => true,
|
||||
'supports' => array( 'title' ),
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,77 @@
|
||||
<?php
|
||||
namespace um\common;
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( ! class_exists( 'um\common\Init' ) ) {
|
||||
|
||||
/**
|
||||
* Class Init
|
||||
*
|
||||
* @package um\common
|
||||
*/
|
||||
class Init {
|
||||
|
||||
/**
|
||||
* Create classes' instances where __construct isn't empty for hooks init
|
||||
*
|
||||
* @used-by \UM::includes()
|
||||
*/
|
||||
public function includes() {
|
||||
$this->cpt()->hooks();
|
||||
$this->screen();
|
||||
$this->secure()->hooks();
|
||||
$this->site_health();
|
||||
}
|
||||
|
||||
/**
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @return CPT
|
||||
*/
|
||||
public function cpt() {
|
||||
if ( empty( UM()->classes['um\common\cpt'] ) ) {
|
||||
UM()->classes['um\common\cpt'] = new CPT();
|
||||
}
|
||||
return UM()->classes['um\common\cpt'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @return Screen
|
||||
*/
|
||||
public function screen() {
|
||||
if ( empty( UM()->classes['um\common\screen'] ) ) {
|
||||
UM()->classes['um\common\screen'] = new Screen();
|
||||
}
|
||||
return UM()->classes['um\common\screen'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @return Secure
|
||||
*/
|
||||
public function secure() {
|
||||
if ( empty( UM()->classes['um\common\secure'] ) ) {
|
||||
UM()->classes['um\common\secure'] = new Secure();
|
||||
}
|
||||
return UM()->classes['um\common\secure'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @return Site_Health
|
||||
*/
|
||||
public function site_health() {
|
||||
if ( empty( UM()->classes['um\common\site_health'] ) ) {
|
||||
UM()->classes['um\common\site_health'] = new Site_Health();
|
||||
}
|
||||
return UM()->classes['um\common\site_health'];
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,44 @@
|
||||
<?php
|
||||
namespace um\common;
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( ! class_exists( 'um\common\Screen' ) ) {
|
||||
|
||||
/**
|
||||
* Class Screen
|
||||
*
|
||||
* @package um\common
|
||||
*/
|
||||
class Screen {
|
||||
|
||||
/**
|
||||
* Screen constructor.
|
||||
*/
|
||||
public function __construct() {
|
||||
add_filter( 'body_class', array( &$this, 'remove_admin_bar' ), 1000, 1 );
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove admin bar classes
|
||||
*
|
||||
* @param array $classes
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function remove_admin_bar( $classes ) {
|
||||
if ( is_user_logged_in() ) {
|
||||
if ( um_user( 'can_not_see_adminbar' ) ) {
|
||||
$search = array_search( 'admin-bar', $classes, true );
|
||||
if ( ! empty( $search ) ) {
|
||||
unset( $classes[ $search ] );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return $classes;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,258 @@
|
||||
<?php
|
||||
namespace um\common;
|
||||
|
||||
use WP_User;
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( ! class_exists( 'um\common\Secure' ) ) {
|
||||
|
||||
/**
|
||||
* Class Secure
|
||||
*
|
||||
* @package um\common
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
class Secure {
|
||||
|
||||
public function hooks() {
|
||||
add_action( 'wp', array( $this, 'schedule_events' ) );
|
||||
add_filter( 'um_get_option_filter__banned_capabilities', array( $this, 'add_default_capabilities' ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* Add callbacks to Schedule Events.
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function schedule_events() {
|
||||
if ( ! UM()->options()->get( 'secure_ban_admins_accounts' ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
if ( UM()->options()->get( 'secure_notify_admins_banned_accounts' ) ) {
|
||||
$notification_interval = UM()->options()->get( 'secure_notify_admins_banned_accounts__interval' );
|
||||
if ( 'instant' === $notification_interval ) {
|
||||
return;
|
||||
}
|
||||
|
||||
if ( 'hourly' === $notification_interval ) {
|
||||
add_action( 'um_hourly_scheduled_events', array( $this, 'notify_administrators_hourly' ) );
|
||||
} elseif ( 'daily' === $notification_interval ) {
|
||||
add_action( 'um_daily_scheduled_events', array( $this, 'notify_administrators_daily' ) );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Notify Administrators hourly - Suspicious activities in an hour
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function notify_administrators_hourly() {
|
||||
$user_ids = get_users(
|
||||
array(
|
||||
'fields' => 'ids',
|
||||
'meta_query' => array(
|
||||
'relation' => 'AND',
|
||||
array(
|
||||
'key' => 'um_user_blocked__timestamp',
|
||||
'value' => gmdate( 'Y-m-d H:i:s', strtotime( '-1 hour' ) ),
|
||||
'compare' => '>=',
|
||||
'type' => 'DATETIME',
|
||||
),
|
||||
),
|
||||
)
|
||||
);
|
||||
|
||||
$this->send_notification( $user_ids );
|
||||
}
|
||||
|
||||
/**
|
||||
* Notify Administrators daily - Today's suspicious activity
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function notify_administrators_daily() {
|
||||
$user_ids = get_users(
|
||||
array(
|
||||
'fields' => 'ids',
|
||||
'relation' => 'AND',
|
||||
'meta_query' => array(
|
||||
'relation' => 'AND',
|
||||
array(
|
||||
'key' => 'um_user_blocked__timestamp',
|
||||
'value' => gmdate( 'Y-m-d H:i:s', strtotime( '-1 day' ) ),
|
||||
'compare' => '>=',
|
||||
'type' => 'DATE',
|
||||
),
|
||||
array(
|
||||
'key' => 'um_user_blocked__timestamp',
|
||||
'value' => gmdate( 'Y-m-d H:i:s', strtotime( 'now' ) ),
|
||||
'compare' => '<=',
|
||||
'type' => 'DATE',
|
||||
),
|
||||
),
|
||||
)
|
||||
);
|
||||
|
||||
$this->send_notification( $user_ids );
|
||||
}
|
||||
|
||||
public function send_notification( $user_ids ) {
|
||||
$banned_profile_links = '';
|
||||
foreach ( $user_ids as $uid ) {
|
||||
um_fetch_user( $uid );
|
||||
$banned_profile_links .= UM()->user()->get_profile_link( $uid ) . ' ' . um_user( 'account_status' ) . '<br />';
|
||||
}
|
||||
um_reset_user();
|
||||
|
||||
$emails = um_multi_admin_email();
|
||||
if ( ! empty( $emails ) ) {
|
||||
foreach ( $emails as $email ) {
|
||||
UM()->mail()->send(
|
||||
$email,
|
||||
'suspicious-activity',
|
||||
array(
|
||||
'admin' => true,
|
||||
'tags' => array(
|
||||
'{banned_profile_links}',
|
||||
),
|
||||
'tags_replace' => array(
|
||||
$banned_profile_links,
|
||||
),
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the banned capabilities list.
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function get_banned_capabilities_list() {
|
||||
/**
|
||||
* Filters the banned capabilities for UM Register forms.
|
||||
*
|
||||
* @param {array} $capabilities WordPress Administrative Capabilities.
|
||||
*
|
||||
* @return {array} Banned admin capabilities.
|
||||
*
|
||||
* @since 2.6.8
|
||||
* @hook um_secure_register_form_banned_capabilities
|
||||
*
|
||||
* @example <caption>Added `read` capability as banned.</caption>
|
||||
* function my_banned_capabilities( $capabilities ) {
|
||||
* $capabilities[] = 'read';
|
||||
* return $capabilities;
|
||||
* }
|
||||
* add_filter( 'um_secure_register_form_banned_capabilities', 'my_banned_capabilities' );
|
||||
*/
|
||||
$banned_admin_capabilities = apply_filters(
|
||||
'um_secure_register_form_banned_capabilities',
|
||||
array(
|
||||
'create_sites',
|
||||
'delete_sites',
|
||||
'manage_network',
|
||||
'manage_sites',
|
||||
'manage_network_users',
|
||||
'manage_network_plugins',
|
||||
'manage_network_themes',
|
||||
'manage_network_options',
|
||||
'upgrade_network',
|
||||
'setup_network',
|
||||
'activate_plugins',
|
||||
'edit_dashboard',
|
||||
'edit_theme_options',
|
||||
'export',
|
||||
'import',
|
||||
'list_users',
|
||||
'remove_users',
|
||||
'switch_themes',
|
||||
'customize',
|
||||
'delete_site',
|
||||
'update_core',
|
||||
'update_plugins',
|
||||
'update_themes',
|
||||
'install_plugins',
|
||||
'install_themes',
|
||||
'delete_themes',
|
||||
'delete_plugins',
|
||||
'edit_plugins',
|
||||
'edit_themes',
|
||||
'edit_files',
|
||||
'edit_users',
|
||||
'add_users',
|
||||
'create_users',
|
||||
'delete_users',
|
||||
'level_10',
|
||||
'manage_options',
|
||||
'promote_users',
|
||||
)
|
||||
);
|
||||
return $banned_admin_capabilities;
|
||||
}
|
||||
|
||||
/**
|
||||
* Revoke Caps & Mark rejected as suspicious
|
||||
*
|
||||
* @param WP_User $user
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function revoke_caps( $user ) {
|
||||
$user_agent = '';
|
||||
if ( isset( $_REQUEST['nonce'], $_REQUEST['action'] ) && 'um_secure_scan_affected_users' === $_REQUEST['action'] && wp_verify_nonce( $_REQUEST['nonce'], 'um-admin-nonce' ) && current_user_can( 'manage_options' ) ) {
|
||||
$user_agent = __( 'Ultimate Member Scanner', 'ultimate-member' );
|
||||
} elseif ( isset( $_SERVER['HTTP_USER_AGENT'] ) ) {
|
||||
$user_agent = sanitize_text_field( wp_unslash( $_SERVER['HTTP_USER_AGENT'] ) );
|
||||
}
|
||||
|
||||
um_fetch_user( $user->ID );
|
||||
|
||||
// Capture details.
|
||||
$captured = array(
|
||||
'capabilities' => $user->allcaps,
|
||||
'submitted' => ! empty( UM()->form()->post_form ) ? UM()->form()->post_form : '',
|
||||
'roles' => $user->roles,
|
||||
'user_agent' => $user_agent,
|
||||
'account_status' => um_user( 'status' ),
|
||||
);
|
||||
update_user_meta( $user->ID, 'um_user_blocked__metadata', $captured );
|
||||
|
||||
$user->remove_all_caps();
|
||||
$user->update_user_level_from_caps();
|
||||
|
||||
if ( is_user_logged_in() ) {
|
||||
UM()->user()->set_status( 'inactive' );
|
||||
} else {
|
||||
UM()->user()->set_status( 'rejected' );
|
||||
}
|
||||
um_reset_user();
|
||||
update_user_meta( $user->ID, 'um_user_blocked', 'suspicious_activity' );
|
||||
update_user_meta( $user->ID, 'um_user_blocked__timestamp', current_time( 'mysql' ) );
|
||||
UM()->user()->remove_cache( $user->ID );
|
||||
}
|
||||
|
||||
/**
|
||||
* Always add default banned capabilities.
|
||||
*
|
||||
* @param mixed $option_value
|
||||
*
|
||||
* @return mixed
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function add_default_capabilities( $option_value ) {
|
||||
if ( is_array( $option_value ) ) {
|
||||
$option_value = array_merge( $option_value, UM()->options()->get_default( 'banned_capabilities' ) );
|
||||
}
|
||||
return $option_value;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,42 @@
|
||||
<?php
|
||||
namespace um\common;
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( ! class_exists( 'um\common\Site_Health' ) ) {
|
||||
|
||||
/**
|
||||
* Class Site_Health
|
||||
*
|
||||
* @package um\common
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
class Site_Health {
|
||||
|
||||
/**
|
||||
* Site_Health constructor.
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function __construct() {
|
||||
add_filter( 'site_status_test_php_modules', array( $this, 'add_required_modules' ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* Extends required PHP libraries.
|
||||
*
|
||||
* @param array $modules
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function add_required_modules( $modules ) {
|
||||
$modules['mbstring']['required'] = true;
|
||||
$modules['exif']['required'] = true;
|
||||
$modules['iconv']['required'] = true;
|
||||
return $modules;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,55 +1,53 @@
|
||||
<?php
|
||||
namespace um\core;
|
||||
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) exit;
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( ! class_exists( 'um\core\Account' ) ) {
|
||||
|
||||
|
||||
/**
|
||||
* Class Account
|
||||
* @package um\core
|
||||
*/
|
||||
class Account {
|
||||
|
||||
/**
|
||||
* @var array
|
||||
*/
|
||||
private $account_exist = array();
|
||||
|
||||
/**
|
||||
* @var
|
||||
*/
|
||||
var $tabs;
|
||||
|
||||
public $tabs;
|
||||
|
||||
/**
|
||||
* @var string
|
||||
*/
|
||||
var $current_tab = 'general';
|
||||
|
||||
public $current_tab = 'general';
|
||||
|
||||
/**
|
||||
* @var array
|
||||
*/
|
||||
var $displayed_fields = array();
|
||||
|
||||
public $displayed_fields = array();
|
||||
|
||||
/**
|
||||
* @var array
|
||||
*/
|
||||
var $tab_output = array();
|
||||
|
||||
public $tab_output = array();
|
||||
|
||||
/**
|
||||
* Account constructor.
|
||||
*/
|
||||
function __construct() {
|
||||
public function __construct() {
|
||||
add_shortcode( 'ultimatemember_account', array( &$this, 'ultimatemember_account' ) );
|
||||
add_action( 'template_redirect', array( &$this, 'account_page_restrict' ), 10001 );
|
||||
add_action( 'template_redirect', array( &$this, 'account_submit' ), 10002 );
|
||||
add_filter( 'um_predefined_fields_hook', array( &$this, 'predefined_fields_hook' ), 1 );
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Init AllTabs for user account
|
||||
*
|
||||
@@ -150,7 +148,6 @@ if ( ! class_exists( 'um\core\Account' ) ) {
|
||||
return apply_filters( 'um_account_page_default_tabs_hook', $tabs );
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Account Shortcode
|
||||
*
|
||||
@@ -159,47 +156,54 @@ if ( ! class_exists( 'um\core\Account' ) ) {
|
||||
* @return false|string
|
||||
* @throws \Exception
|
||||
*/
|
||||
function ultimatemember_account( $args = array() ) {
|
||||
public function ultimatemember_account( $args = array() ) {
|
||||
if ( ! is_user_logged_in() ) {
|
||||
return '';
|
||||
}
|
||||
|
||||
um_fetch_user( get_current_user_id() );
|
||||
|
||||
ob_start();
|
||||
|
||||
$defaults = array(
|
||||
'template' => 'account',
|
||||
'mode' => 'account',
|
||||
'form_id' => 'um_account_id',
|
||||
/** There is possible to use 'shortcode_atts_ultimatemember_account' filter for getting customized $args. This filter is documented in wp-includes/shortcodes.php "shortcode_atts_{$shortcode}" */
|
||||
$args = shortcode_atts(
|
||||
array(
|
||||
'template' => 'account',
|
||||
'mode' => 'account',
|
||||
'form_id' => 'um_account_id',
|
||||
'tab' => '',
|
||||
),
|
||||
$args,
|
||||
'ultimatemember_account'
|
||||
);
|
||||
$args = wp_parse_args( $args, $defaults );
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
* Filters Account shortcode arguments.
|
||||
*
|
||||
* @type filter
|
||||
* @title um_account_shortcode_args_filter
|
||||
* @description Account Shortcode Arguments
|
||||
* @input_vars
|
||||
* [{"var":"$args","type":"array","desc":"Shortcode Arguments"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_filter( 'um_account_shortcode_args_filter', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_filter( 'um_account_shortcode_args_filter', 'my_account_shortcode_args', 10, 1 );
|
||||
* @since 1.3.x
|
||||
* @hook um_account_shortcode_args_filter
|
||||
* @deprecated 2.6.8
|
||||
* @todo Fully deprecate since 2.6.9. Use `shortcode_atts_ultimatemember_account` instead.
|
||||
*
|
||||
* @param {array} $args Shortcode arguments.
|
||||
*
|
||||
* @return {array} Shortcode arguments.
|
||||
*
|
||||
* @example <caption>Change Account arguments.</caption>
|
||||
* function my_account_shortcode_args( $args ) {
|
||||
* // your code here
|
||||
* $args['tab'] = 'password';
|
||||
* return $args;
|
||||
* }
|
||||
* ?>
|
||||
* add_filter( 'um_account_shortcode_args_filter', 'my_account_shortcode_args' );
|
||||
*/
|
||||
$args = apply_filters( 'um_account_shortcode_args_filter', $args );
|
||||
|
||||
$account_hash = md5( wp_json_encode( $args ) );
|
||||
if ( in_array( $account_hash, $this->account_exist, true ) ) {
|
||||
return '';
|
||||
}
|
||||
|
||||
if ( ! empty( $args['tab'] ) ) {
|
||||
|
||||
if ( $args['tab'] == 'account' ) {
|
||||
if ( 'account' === $args['tab'] ) {
|
||||
$args['tab'] = 'general';
|
||||
}
|
||||
|
||||
@@ -213,36 +217,50 @@ if ( ! class_exists( 'um\core\Account' ) ) {
|
||||
<form method="post" action="">
|
||||
<?php
|
||||
/**
|
||||
* UM hook
|
||||
* Fires for render account form hidden fields.
|
||||
*
|
||||
* @type action
|
||||
* @title um_account_page_hidden_fields
|
||||
* @description Make some action before account tab loading
|
||||
* @input_vars
|
||||
* [{"var":"$args","type":"array","desc":"Account Page Arguments"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_before_template_part', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_account_page_hidden_fields', 'my_account_page_hidden_fields', 10, 1 );
|
||||
* @since 1.3.x
|
||||
* @hook um_account_page_hidden_fields
|
||||
*
|
||||
* @param {array} $args Account shortcode arguments.
|
||||
*
|
||||
* @example <caption>Make some action before account tab loading.</caption>
|
||||
* function my_account_page_hidden_fields( $args ) {
|
||||
* // your code here
|
||||
* }
|
||||
* ?>
|
||||
* add_action( 'um_account_page_hidden_fields', 'my_account_page_hidden_fields' );
|
||||
*/
|
||||
do_action( 'um_account_page_hidden_fields', $args );
|
||||
|
||||
$this->render_account_tab( $args['tab'], $this->tabs[ $args['tab'] ], $args ); ?>
|
||||
$this->render_account_tab( $args['tab'], $this->tabs[ $args['tab'] ], $args );
|
||||
?>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
<?php }
|
||||
|
||||
<?php
|
||||
}
|
||||
} else {
|
||||
|
||||
$this->init_tabs( $args );
|
||||
|
||||
/**
|
||||
* Filters Account shortcode default tab.
|
||||
*
|
||||
* @since 2.0
|
||||
* @hook um_change_default_tab
|
||||
*
|
||||
* @param {string} $tab Current account tab.
|
||||
* @param {array} $args Shortcode arguments.
|
||||
*
|
||||
* @return {string} Current account tab.
|
||||
*
|
||||
* @example <caption>Change Account default tab to Password.</caption>
|
||||
* function my_um_change_default_tab( $tab, $args ) {
|
||||
* $tab = 'password';
|
||||
* return $tab;
|
||||
* }
|
||||
* add_filter( 'um_change_default_tab', 'my_um_change_default_tab, 10, 2 );
|
||||
*/
|
||||
$this->current_tab = apply_filters( 'um_change_default_tab', $this->current_tab, $args );
|
||||
|
||||
/** This filter is documented in includes/core/class-shortcodes.php */
|
||||
@@ -263,6 +281,8 @@ if ( ! class_exists( 'um\core\Account' ) ) {
|
||||
|
||||
$this->account_fields_hash();
|
||||
|
||||
$this->account_exist[] = $account_hash;
|
||||
|
||||
return $output;
|
||||
}
|
||||
|
||||
|
||||
@@ -167,11 +167,15 @@ if ( ! class_exists( 'um\core\Blocks' ) ) {
|
||||
*/
|
||||
public function forms_render( $atts ) {
|
||||
if ( isset( $atts['form_id'] ) && '' !== $atts['form_id'] ) {
|
||||
$mode = get_post_meta( $atts['form_id'], '_um_mode', true );
|
||||
if ( 'profile' === $mode && ( um_is_core_page( 'account' ) || um_is_core_page( 'user' ) ) ) {
|
||||
return '';
|
||||
if ( um_is_core_page( 'account' ) ) {
|
||||
if ( defined( 'REST_REQUEST' ) && REST_REQUEST ) {
|
||||
return '<div class="um-block-notice">' . esc_html__( 'This block cannot be used on this page', 'ultimate-member' ) . '</div>';
|
||||
} else {
|
||||
return '';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$shortcode = '[ultimatemember is_block="1"';
|
||||
|
||||
if ( isset( $atts['form_id'] ) && '' !== $atts['form_id'] ) {
|
||||
@@ -206,9 +210,14 @@ if ( ! class_exists( 'um\core\Blocks' ) ) {
|
||||
* @uses apply_shortcodes()
|
||||
*/
|
||||
public function account_render( $atts ) {
|
||||
if ( um_is_core_page( 'account' ) || um_is_core_page( 'user' ) ) {
|
||||
return '';
|
||||
if ( um_is_core_page( 'user' ) ) {
|
||||
if ( defined( 'REST_REQUEST' ) && REST_REQUEST ) {
|
||||
return '<div class="um-block-notice">' . esc_html__( 'This block cannot be used on this page', 'ultimate-member' ) . '</div>';
|
||||
} else {
|
||||
return '';
|
||||
}
|
||||
}
|
||||
|
||||
$shortcode = '[ultimatemember_account is_block="1"';
|
||||
|
||||
if ( isset( $atts['tab'] ) && 'all' !== $atts['tab'] ) {
|
||||
|
||||
@@ -1,118 +0,0 @@
|
||||
<?php
|
||||
namespace um\core;
|
||||
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) exit;
|
||||
|
||||
|
||||
if ( ! class_exists( 'um\core\Common' ) ) {
|
||||
|
||||
|
||||
/**
|
||||
* Class Common
|
||||
*
|
||||
* @package um\core
|
||||
*/
|
||||
class Common {
|
||||
|
||||
|
||||
/**
|
||||
* Common constructor.
|
||||
*/
|
||||
function __construct() {
|
||||
add_action( 'init', array( &$this, 'create_post_types' ), 1 );
|
||||
|
||||
add_filter( 'body_class', array( &$this, 'remove_admin_bar' ), 1000, 1 );
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Remove admin bar classes
|
||||
*
|
||||
* @param array $classes
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
function remove_admin_bar( $classes ) {
|
||||
|
||||
if ( is_user_logged_in() ) {
|
||||
if ( um_user( 'can_not_see_adminbar' ) ) {
|
||||
$search = array_search( 'admin-bar', $classes );
|
||||
if ( ! empty( $search ) ) {
|
||||
unset( $classes[ $search ] );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return $classes;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Create taxonomies for use for UM
|
||||
*/
|
||||
function create_post_types() {
|
||||
|
||||
register_post_type( 'um_form', array(
|
||||
'labels' => array(
|
||||
'name' => __( 'Forms', 'ultimate-member' ),
|
||||
'singular_name' => __( 'Form', 'ultimate-member' ),
|
||||
'add_new' => __( 'Add New', 'ultimate-member' ),
|
||||
'add_new_item' => __( 'Add New Form', 'ultimate-member' ),
|
||||
'edit_item' => __( 'Edit Form', 'ultimate-member' ),
|
||||
'not_found' => __( 'You did not create any forms yet', 'ultimate-member' ),
|
||||
'not_found_in_trash' => __( 'Nothing found in Trash', 'ultimate-member' ),
|
||||
'search_items' => __( 'Search Forms', 'ultimate-member' ),
|
||||
),
|
||||
'capabilities' => array(
|
||||
'edit_post' => 'manage_options',
|
||||
'read_post' => 'manage_options',
|
||||
'delete_post' => 'manage_options',
|
||||
'edit_posts' => 'manage_options',
|
||||
'edit_others_posts' => 'manage_options',
|
||||
'delete_posts' => 'manage_options',
|
||||
'publish_posts' => 'manage_options',
|
||||
'read_private_posts' => 'manage_options',
|
||||
),
|
||||
'show_ui' => true,
|
||||
'show_in_menu' => false,
|
||||
'public' => false,
|
||||
'show_in_rest' => true,
|
||||
'supports' => array( 'title' ),
|
||||
) );
|
||||
|
||||
if ( UM()->options()->get( 'members_page' ) || ! get_option( 'um_options' ) ) {
|
||||
|
||||
register_post_type( 'um_directory', array(
|
||||
'labels' => array(
|
||||
'name' => __( 'Member Directories', 'ultimate-member' ),
|
||||
'singular_name' => __( 'Member Directory', 'ultimate-member' ),
|
||||
'add_new' => __( 'Add New', 'ultimate-member' ),
|
||||
'add_new_item' => __( 'Add New Member Directory', 'ultimate-member' ),
|
||||
'edit_item' => __( 'Edit Member Directory', 'ultimate-member' ),
|
||||
'not_found' => __( 'You did not create any member directories yet', 'ultimate-member' ),
|
||||
'not_found_in_trash' => __( 'Nothing found in Trash', 'ultimate-member' ),
|
||||
'search_items' => __( 'Search Member Directories', 'ultimate-member' ),
|
||||
),
|
||||
'capabilities' => array(
|
||||
'edit_post' => 'manage_options',
|
||||
'read_post' => 'manage_options',
|
||||
'delete_post' => 'manage_options',
|
||||
'edit_posts' => 'manage_options',
|
||||
'edit_others_posts' => 'manage_options',
|
||||
'delete_posts' => 'manage_options',
|
||||
'publish_posts' => 'manage_options',
|
||||
'read_private_posts' => 'manage_options',
|
||||
),
|
||||
'show_ui' => true,
|
||||
'show_in_menu' => false,
|
||||
'public' => false,
|
||||
'show_in_rest' => true,
|
||||
'supports' => array( 'title' ),
|
||||
) );
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,122 +1,126 @@
|
||||
<?php
|
||||
namespace um\core;
|
||||
|
||||
// Exit if accessed directly
|
||||
if ( ! defined( 'ABSPATH' ) ) exit;
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( ! class_exists( 'um\core\Cron' ) ) {
|
||||
|
||||
|
||||
/**
|
||||
* Class Cron
|
||||
* @package um\core
|
||||
*/
|
||||
class Cron {
|
||||
|
||||
|
||||
/**
|
||||
* Cron constructor.
|
||||
*/
|
||||
public function __construct() {
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
* @type filter
|
||||
* @title um_cron_disable
|
||||
* @description Make UM Cron Actions Enabled or Disabled
|
||||
* @input_vars
|
||||
* [{"var":"$cron_disable","type":"bool","desc":"Disable UM Cron?"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_filter( 'um_cron_disable', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_filter( 'um_cron_disable', 'my_cron_disable', 10, 1 );
|
||||
* function my_predefined_field( $cron_disable ) {
|
||||
* // your code here
|
||||
* return $cron_disable;
|
||||
* }
|
||||
* ?>
|
||||
*/
|
||||
$um_cron = apply_filters( 'um_cron_disable', false );
|
||||
if ( $um_cron ) {
|
||||
return;
|
||||
}
|
||||
|
||||
add_filter( 'cron_schedules', array( $this, 'add_schedules' ) );
|
||||
add_action( 'wp', array( $this, 'schedule_Events' ) );
|
||||
add_action( 'wp', array( $this, 'schedule_events' ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* @return bool
|
||||
*/
|
||||
private function cron_disabled() {
|
||||
/**
|
||||
* Filters variable for disable Ultimate Member WP Cron actions.
|
||||
*
|
||||
* @since 2.0
|
||||
* @hook um_cron_disable
|
||||
*
|
||||
* @param {bool} $is_disabled Shortcode arguments.
|
||||
*
|
||||
* @return {bool} Do Cron actions are disabled? True for disable.
|
||||
*
|
||||
* @example <caption>Disable all Ultimate Member WP Cron actions.</caption>
|
||||
* add_filter( 'um_cron_disable', '__return_true' );
|
||||
*/
|
||||
return apply_filters( 'um_cron_disable', false );
|
||||
}
|
||||
|
||||
/**
|
||||
* Adds once weekly to the existing schedules.
|
||||
*
|
||||
* @param array $schedules
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function add_schedules( $schedules = array() ) {
|
||||
if ( $this->cron_disabled() ) {
|
||||
return $schedules;
|
||||
}
|
||||
|
||||
// Adds once weekly to the existing schedules.
|
||||
$schedules['weekly'] = array(
|
||||
'interval' => 604800,
|
||||
'display' => __( 'Once Weekly', 'ultimate-member' )
|
||||
'display' => __( 'Once Weekly', 'ultimate-member' ),
|
||||
);
|
||||
|
||||
return $schedules;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
public function schedule_Events() {
|
||||
public function schedule_events() {
|
||||
if ( $this->cron_disabled() ) {
|
||||
return;
|
||||
}
|
||||
|
||||
$this->weekly_events();
|
||||
$this->daily_events();
|
||||
$this->twicedaily_events();
|
||||
$this->hourly_events();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
private function weekly_events() {
|
||||
$sunday_start = wp_date( 'w' );
|
||||
$week_start = $sunday_start - absint( get_option( 'start_of_week' ) );
|
||||
$week_start_day = strtotime( '-' . $week_start . ' days' );
|
||||
$time = mktime( 0, 0, 0, wp_date( 'm', $week_start_day ), wp_date( 'd', $week_start_day ), wp_date( 'Y', $week_start_day ) );
|
||||
if ( ! wp_next_scheduled( 'um_weekly_scheduled_events' ) ) {
|
||||
wp_schedule_event( current_time( 'timestamp' ), 'weekly', 'um_weekly_scheduled_events' );
|
||||
wp_schedule_event( $time, 'weekly', 'um_weekly_scheduled_events' );
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
private function daily_events() {
|
||||
if ( ! wp_next_scheduled( 'um_daily_scheduled_events' ) ) {
|
||||
wp_schedule_event( current_time( 'timestamp' ), 'daily', 'um_daily_scheduled_events' );
|
||||
$time = mktime( 0, 0, 0, wp_date( 'm' ), wp_date( 'd' ), wp_date( 'Y' ) );
|
||||
wp_schedule_event( $time, 'daily', 'um_daily_scheduled_events' );
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
private function twicedaily_events() {
|
||||
if ( ! wp_next_scheduled( 'um_twicedaily_scheduled_events' ) ) {
|
||||
wp_schedule_event( current_time( 'timestamp' ), 'twicedaily', 'um_twicedaily_scheduled_events' );
|
||||
$time = mktime( 0, 0, 0, wp_date( 'm' ), wp_date( 'd' ), wp_date( 'Y' ) );
|
||||
wp_schedule_event( $time, 'twicedaily', 'um_twicedaily_scheduled_events' );
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
private function hourly_events() {
|
||||
if ( ! wp_next_scheduled( 'um_hourly_scheduled_events' ) ) {
|
||||
wp_schedule_event( current_time( 'timestamp' ), 'hourly', 'um_hourly_scheduled_events' );
|
||||
$time = mktime( wp_date( 'H' ), 0, 0, wp_date( 'm' ), wp_date( 'd' ), wp_date( 'Y' ) );
|
||||
wp_schedule_event( $time, 'hourly', 'um_hourly_scheduled_events' );
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Breaks all Ultimate Member registered schedule events.
|
||||
*/
|
||||
public function unschedule_events() {
|
||||
wp_clear_scheduled_hook( 'um_weekly_scheduled_events' );
|
||||
wp_clear_scheduled_hook( 'um_daily_scheduled_events' );
|
||||
|
||||
@@ -60,6 +60,7 @@ if ( ! class_exists( 'um\core\Date_Time' ) ) {
|
||||
$mins = 1;
|
||||
}
|
||||
|
||||
// translators: %s: min time.
|
||||
$since = sprintf( _n( '%s min', '%s mins', $mins, 'ultimate-member' ), $mins );
|
||||
|
||||
} elseif ( $diff < DAY_IN_SECONDS && $diff >= HOUR_IN_SECONDS ) {
|
||||
@@ -69,6 +70,7 @@ if ( ! class_exists( 'um\core\Date_Time' ) ) {
|
||||
$hours = 1;
|
||||
}
|
||||
|
||||
// translators: %s: hours.
|
||||
$since = sprintf( _n( '%s hr', '%s hrs', $hours, 'ultimate-member' ), $hours );
|
||||
|
||||
} elseif ( $diff < WEEK_IN_SECONDS && $diff >= DAY_IN_SECONDS ) {
|
||||
@@ -79,22 +81,27 @@ if ( ! class_exists( 'um\core\Date_Time' ) ) {
|
||||
}
|
||||
|
||||
if ( $days == 1 ) {
|
||||
// translators: %s: time.
|
||||
$since = sprintf( __( 'Yesterday at %s', 'ultimate-member' ), date_i18n( get_option( 'time_format' ), $from ) );
|
||||
} else {
|
||||
$since = sprintf( __( '%s at %s', 'ultimate-member' ), date_i18n( 'F d', $from ), date_i18n( get_option( 'time_format' ), $from ) );
|
||||
// translators: %1$s is a date; %2$s is a time.
|
||||
$since = sprintf( __( '%1$s at %2$s', 'ultimate-member' ), date_i18n( 'F d', $from ), date_i18n( get_option( 'time_format' ), $from ) );
|
||||
}
|
||||
|
||||
} elseif ( $diff < 30 * DAY_IN_SECONDS && $diff >= WEEK_IN_SECONDS ) {
|
||||
|
||||
$since = sprintf( __( '%s at %s', 'ultimate-member' ), date_i18n( 'F d', $from ), date_i18n( get_option( 'time_format' ), $from ) );
|
||||
// translators: %1$s is a date; %2$s is a time.
|
||||
$since = sprintf( __( '%1$s at %2$s', 'ultimate-member' ), date_i18n( 'F d', $from ), date_i18n( get_option( 'time_format' ), $from ) );
|
||||
|
||||
} elseif ( $diff < YEAR_IN_SECONDS && $diff >= 30 * DAY_IN_SECONDS ) {
|
||||
|
||||
$since = sprintf( __( '%s at %s','ultimate-member'), date_i18n( 'F d', $from ), date_i18n( get_option( 'time_format' ), $from ) );
|
||||
// translators: %1$s is a date; %2$s is a time.
|
||||
$since = sprintf( __( '%1$s at %2$s', 'ultimate-member' ), date_i18n( 'F d', $from ), date_i18n( get_option( 'time_format' ), $from ) );
|
||||
|
||||
} elseif ( $diff >= YEAR_IN_SECONDS ) {
|
||||
|
||||
$since = sprintf( __( '%s at %s', 'ultimate-member' ), date_i18n( get_option( 'date_format' ), $from ), date_i18n( get_option( 'time_format' ), $from ) );
|
||||
// translators: %1$s is a date; %2$s is a time.
|
||||
$since = sprintf( __( '%1$s at %2$s', 'ultimate-member' ), date_i18n( get_option( 'date_format' ), $from ), date_i18n( get_option( 'time_format' ), $from ) );
|
||||
|
||||
}
|
||||
|
||||
@@ -143,9 +150,11 @@ if ( ! class_exists( 'um\core\Date_Time' ) ) {
|
||||
$age--;
|
||||
}
|
||||
if ( $age == 1 ) {
|
||||
// translators: %s: age.
|
||||
return sprintf( __( '%s year old', 'ultimate-member' ), $age );
|
||||
}
|
||||
if ( $age > 1 ) {
|
||||
// translators: %s: age.
|
||||
return sprintf( __( '%s years old', 'ultimate-member' ), $age );
|
||||
}
|
||||
if ( $age == 0 ) {
|
||||
@@ -189,4 +198,4 @@ if ( ! class_exists( 'um\core\Date_Time' ) ) {
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -508,26 +508,25 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
function field_error( $text, $force_show = false ) {
|
||||
public function field_error( $text, $force_show = false ) {
|
||||
|
||||
if ( empty( $text ) ) {
|
||||
return '';
|
||||
}
|
||||
|
||||
if ( $force_show ) {
|
||||
$output = '<div class="um-field-error"><span class="um-field-arrow"><i class="um-faicon-caret-up"></i></span>' . esc_attr( $text ) . '</div>';
|
||||
$output = '<div class="um-field-error"><span class="um-field-arrow"><i class="um-faicon-caret-up"></i></span>' . wp_kses( $text, UM()->get_allowed_html( 'templates' ) ) . '</div>';
|
||||
return $output;
|
||||
}
|
||||
|
||||
|
||||
if ( isset( $this->set_id ) && UM()->form()->processing == $this->set_id ) {
|
||||
$output = '<div class="um-field-error"><span class="um-field-arrow"><i class="um-faicon-caret-up"></i></span>' . esc_attr( $text ) . '</div>';
|
||||
if ( isset( $this->set_id ) && UM()->form()->processing === $this->set_id ) {
|
||||
$output = '<div class="um-field-error"><span class="um-field-arrow"><i class="um-faicon-caret-up"></i></span>' . wp_kses( $text, UM()->get_allowed_html( 'templates' ) ) . '</div>';
|
||||
} else {
|
||||
$output = '';
|
||||
}
|
||||
|
||||
if ( ! UM()->form()->processing ) {
|
||||
$output = '<div class="um-field-error"><span class="um-field-arrow"><i class="um-faicon-caret-up"></i></span>' . esc_attr( $text ) . '</div>';
|
||||
$output = '<div class="um-field-error"><span class="um-field-arrow"><i class="um-faicon-caret-up"></i></span>' . wp_kses( $text, UM()->get_allowed_html( 'templates' ) ) . '</div>';
|
||||
}
|
||||
|
||||
return $output;
|
||||
@@ -542,26 +541,25 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
function field_notice( $text, $force_show = false ) {
|
||||
public function field_notice( $text, $force_show = false ) {
|
||||
|
||||
if ( empty( $text ) ) {
|
||||
return '';
|
||||
}
|
||||
|
||||
if ( $force_show ) {
|
||||
$output = '<div class="um-field-notice"><span class="um-field-arrow"><i class="um-faicon-caret-up"></i></span>' . esc_attr( $text ) . '</div>';
|
||||
$output = '<div class="um-field-notice"><span class="um-field-arrow"><i class="um-faicon-caret-up"></i></span>' . wp_kses( $text, UM()->get_allowed_html( 'templates' ) ) . '</div>';
|
||||
return $output;
|
||||
}
|
||||
|
||||
|
||||
if ( isset( $this->set_id ) && UM()->form()->processing == $this->set_id ) {
|
||||
$output = '<div class="um-field-notice"><span class="um-field-arrow"><i class="um-faicon-caret-up"></i></span>' . esc_attr( $text ) . '</div>';
|
||||
if ( isset( $this->set_id ) && UM()->form()->processing === $this->set_id ) {
|
||||
$output = '<div class="um-field-notice"><span class="um-field-arrow"><i class="um-faicon-caret-up"></i></span>' . wp_kses( $text, UM()->get_allowed_html( 'templates' ) ) . '</div>';
|
||||
} else {
|
||||
$output = '';
|
||||
}
|
||||
|
||||
if ( ! UM()->form()->processing ) {
|
||||
$output = '<div class="um-field-notice"><span class="um-field-arrow"><i class="um-faicon-caret-up"></i></span>' . esc_attr( $text ) . '</div>';
|
||||
$output = '<div class="um-field-notice"><span class="um-field-arrow"><i class="um-faicon-caret-up"></i></span>' . wp_kses( $text, UM()->get_allowed_html( 'templates' ) ) . '</div>';
|
||||
}
|
||||
|
||||
return $output;
|
||||
@@ -1381,8 +1379,9 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
|
||||
if ( $has_custom_source ) {
|
||||
|
||||
$opts = apply_filters( "um_get_field__{$data['metakey']}", array() );
|
||||
$arr_options = $opts['options'];
|
||||
/** This filter is documented in includes/core/class-fields.php */
|
||||
$opts = apply_filters( "um_get_field__{$data['metakey']}", array() );
|
||||
$arr_options = array_key_exists( 'options', $opts ) ? $opts['options'] : array();
|
||||
|
||||
} elseif ( function_exists( $data['custom_dropdown_options_source'] ) ) {
|
||||
if ( isset( $data['parent_dropdown_relationship'] ) ) {
|
||||
@@ -1627,7 +1626,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
|
||||
$fields_without_metakey = UM()->builtin()->get_fields_without_metakey();
|
||||
|
||||
if ( ! in_array( $array['type'], $fields_without_metakey ) ) {
|
||||
if ( ! in_array( $array['type'], $fields_without_metakey, true ) ) {
|
||||
$array['classes'] .= ' um-field-' . esc_attr( $key );
|
||||
}
|
||||
$array['classes'] .= ' um-field-' . esc_attr( $array['type'] );
|
||||
@@ -1647,9 +1646,8 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
case 'text':
|
||||
|
||||
$array['disabled'] = '';
|
||||
|
||||
if ( $key == 'user_login' && isset( $this->set_mode ) && $this->set_mode == 'account' ) {
|
||||
$array['disabled'] = 'disabled="disabled"';
|
||||
if ( 'user_login' === $key && 'account' === $this->set_mode ) {
|
||||
$array['disabled'] = ' disabled="disabled" ';
|
||||
}
|
||||
|
||||
$array['input'] = 'text';
|
||||
@@ -1759,37 +1757,10 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
|
||||
$array['date_min'] = $past;
|
||||
$array['date_max'] = $future;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
* @type filter
|
||||
* @title um_get_field_date
|
||||
* @description Extend field date
|
||||
* @input_vars
|
||||
* [{"var":"$data","type":"array","desc":"Field Date Data"}]
|
||||
* @change_log
|
||||
* ["Since: 2.5.4"]
|
||||
* @usage add_filter( 'um_get_field_date', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_filter( 'um_get_field_date', 'my_get_field_date', 10, 1 );
|
||||
* function my_get_field_date( $data ) {
|
||||
* // your code here
|
||||
* return $data;
|
||||
* }
|
||||
* ?>
|
||||
*/
|
||||
$array = apply_filters( 'um_get_field_date', $array );
|
||||
|
||||
break;
|
||||
|
||||
case 'time':
|
||||
|
||||
$array['input'] = 'text';
|
||||
|
||||
if ( ! isset( $array['format'] ) ) {
|
||||
@@ -2019,31 +1990,45 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
}
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
* Filters the field data by the field type. Where $type is the field's type.
|
||||
*
|
||||
* @type filter
|
||||
* @title um_get_field__{$key}
|
||||
* @description Extend field data by field $key
|
||||
* @input_vars
|
||||
* [{"var":"$data","type":"array","desc":"Field Data"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_filter( 'um_get_field__{$key}', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_filter( 'um_get_field__{$key}', 'my_get_field', 10, 1 );
|
||||
* function my_get_field( $data ) {
|
||||
* // your code here
|
||||
* return $data;
|
||||
* @param {array} $field_data Field data.
|
||||
*
|
||||
* @return {array} Field data.
|
||||
*
|
||||
* @since 2.0 First hook version applied only for the date type.
|
||||
* @since 2.6.8 Added support for all field type.
|
||||
*
|
||||
* @hook um_get_field_{$type}
|
||||
*
|
||||
* @example <caption>Disable all date-type fields.</caption>
|
||||
* function my_custom_get_field_date( $field_data ) {
|
||||
* $field_data['disabled'] = ' disabled="disabled" ';
|
||||
* return $field_data;
|
||||
* }
|
||||
* ?>
|
||||
* add_filter( 'um_get_field_date', 'my_custom_get_field_date' );
|
||||
*/
|
||||
$array = apply_filters( "um_get_field__{$key}", $array );
|
||||
|
||||
return $array;
|
||||
$array = apply_filters( "um_get_field_{$array['type']}", $array );
|
||||
/**
|
||||
* Filters the field data by the metakey. Where $key is the field's metakey.
|
||||
*
|
||||
* @param {array} $field_data Field data.
|
||||
*
|
||||
* @return {array} Field data.
|
||||
*
|
||||
* @since 1.3.x
|
||||
* @hook um_get_field__{$key}
|
||||
*
|
||||
* @example <caption>Disable 'first_name' field.</caption>
|
||||
* function my_custom_disable_first_name( $field_data ) {
|
||||
* $field_data['disabled'] = ' disabled="disabled" ';
|
||||
* return $field_data;
|
||||
* }
|
||||
* add_filter( 'um_get_field__first_name', 'my_custom_disable_first_name' );
|
||||
*/
|
||||
return apply_filters( "um_get_field__{$key}", $array );
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param $option_value
|
||||
*
|
||||
@@ -2109,8 +2094,8 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
$form_suffix = UM()->form()->form_suffix;
|
||||
}
|
||||
|
||||
$output = '';
|
||||
$disabled = '';
|
||||
$output = '';
|
||||
|
||||
if ( empty( $_um_profile_id ) ) {
|
||||
$_um_profile_id = um_user( 'ID' );
|
||||
}
|
||||
@@ -2133,6 +2118,11 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
}
|
||||
$type = $data['type'];
|
||||
|
||||
$disabled = '';
|
||||
if ( isset( $data['disabled'] ) ) {
|
||||
$disabled = $data['disabled'];
|
||||
}
|
||||
|
||||
if ( isset( $data['in_group'] ) && '' !== $data['in_group'] && 'group' !== $rule ) {
|
||||
return '';
|
||||
}
|
||||
@@ -2190,7 +2180,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
|
||||
if ( ! empty( $this->editing ) && 'profile' === $this->set_mode ) {
|
||||
if ( ! UM()->roles()->um_user_can( 'can_edit_everyone' ) ) {
|
||||
if ( isset( $data['editable'] ) && 0 === $data['editable'] ) {
|
||||
if ( empty( $data['editable'] ) ) {
|
||||
$disabled = ' disabled="disabled" ';
|
||||
}
|
||||
}
|
||||
@@ -2540,7 +2530,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
$output .= $this->field_label( $label_confirm_pass, $key, $data );
|
||||
} elseif ( isset( $data['label'] ) ) {
|
||||
$data['label'] = __( $data['label'], 'ultimate-member' );
|
||||
/* translators: 1: label, 2: key, 3: data. */
|
||||
// translators: %s: label.
|
||||
$output .= $this->field_label( sprintf( __( 'Confirm %s', 'ultimate-member' ), $data['label'] ), $key, $data );
|
||||
}
|
||||
|
||||
@@ -2558,10 +2548,10 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
if ( ! empty( $data['label_confirm_pass'] ) ) {
|
||||
$placeholder = __( $data['label_confirm_pass'], 'ultimate-member' );
|
||||
} elseif ( ! empty( $placeholder ) && ! isset( $data['label'] ) ) {
|
||||
/* translators: 1: placeholder. */
|
||||
// translators: %s: placeholder.
|
||||
$placeholder = sprintf( __( 'Confirm %s', 'ultimate-member' ), $placeholder );
|
||||
} elseif ( isset( $data['label'] ) ) {
|
||||
/* translators: 1: label. */
|
||||
// translators: %s: label.
|
||||
$placeholder = sprintf( __( 'Confirm %s', 'ultimate-member' ), $data['label'] );
|
||||
}
|
||||
|
||||
@@ -3235,13 +3225,15 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
/**
|
||||
* Filters enable options pair by field $data.
|
||||
*
|
||||
* @since 2.0
|
||||
* @since 1.3.x `um_multiselect_option_value`
|
||||
* @since 2.0 renamed to `um_select_options_pair`
|
||||
*
|
||||
* @hook um_select_options_pair
|
||||
*
|
||||
* @param {bool|null} $options_pair Enable pairs.
|
||||
* @param {array} $data Field Data.
|
||||
*
|
||||
* @return {bool} Enable pairs.
|
||||
* @return {bool} Enable pairs. Set to `true` if a field requires text keys.
|
||||
*
|
||||
* @example <caption>Enable options pair.</caption>
|
||||
* function my_um_select_options_pair( $options_pair, $data ) {
|
||||
@@ -3334,28 +3326,6 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
$output .= $this->field_label( $data['label'], $key, $data );
|
||||
}
|
||||
|
||||
/**
|
||||
* Filters multiselect keyword data.
|
||||
*
|
||||
* @since 1.3.x
|
||||
* @hook um_multiselect_option_value
|
||||
*
|
||||
* @param {int} $keyword If 1 - keyword is enabled. It's 0 by default.
|
||||
* @param {string} $type Field type. Deprecated since 2.6.7
|
||||
* @param {array} $data Field data. Added since 2.6.7
|
||||
*
|
||||
* @return {int} Enabled keyword.
|
||||
*
|
||||
* @example <caption>Change multiselect keyword data. Enable it.</caption>
|
||||
* function my_multiselect_option_value( $keyword, $data ) {
|
||||
* // your code here
|
||||
* $keyword = 1;
|
||||
* return $keyword;
|
||||
* }
|
||||
* add_filter( 'um_multiselect_option_value', 'my_multiselect_option_value', 10, 2 );
|
||||
*/
|
||||
$use_keyword = apply_filters( 'um_multiselect_option_value', 0, $data );
|
||||
|
||||
$has_icon = ! empty( $data['icon'] ) && isset( $this->field_icons ) && 'field' === $this->field_icons;
|
||||
|
||||
$output .= '<div class="um-field-area ' . ( $has_icon ? 'um-field-area-has-icon' : '' ) . ' ">';
|
||||
@@ -3363,7 +3333,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
$output .= '<div class="um-field-icon"><i class="' . esc_attr( $data['icon'] ) . '"></i></div>';
|
||||
}
|
||||
|
||||
$output .= '<select ' . $disabled . ' multiple="multiple" name="' . esc_attr( $field_name ) . '[]" id="' . esc_attr( $field_id ) . '" data-maxsize="' . esc_attr( $max_selections ) . '" data-validate="' . esc_attr( $validate ) . '" data-key="' . esc_attr( $key ) . '" class="' . $this->get_class( $key, $data, $class ) . ' um-user-keyword_' . $use_keyword . '" style="width: 100%" data-placeholder="' . esc_attr( $placeholder ) . '">';
|
||||
$output .= '<select ' . $disabled . ' multiple="multiple" name="' . esc_attr( $field_name ) . '[]" id="' . esc_attr( $field_id ) . '" data-maxsize="' . esc_attr( $max_selections ) . '" data-validate="' . esc_attr( $validate ) . '" data-key="' . esc_attr( $key ) . '" class="' . $this->get_class( $key, $data, $class ) . '" style="width: 100%" data-placeholder="' . esc_attr( $placeholder ) . '">';
|
||||
|
||||
if ( isset( $options ) && 'builtin' === $options ) {
|
||||
$options = UM()->builtin()->get( $data['filter'] );
|
||||
@@ -4519,6 +4489,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
} else {
|
||||
$edit_url = um_edit_profile_url();
|
||||
}
|
||||
// translators: %s: edit user link.
|
||||
$output .= '<p class="um-profile-note">' . $emo . '<span>' . sprintf( __( 'Your profile is looking a little empty. Why not <a href="%s">add</a> some information!', 'ultimate-member' ), esc_url( $edit_url ) ) . '</span></p>';
|
||||
} else {
|
||||
$output .= '<p class="um-profile-note">' . $emo . '<span>' . __( 'This user has not added any information to their profile yet.', 'ultimate-member' ) . '</span></p>';
|
||||
@@ -4863,7 +4834,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
|
||||
$fields_without_metakey = UM()->builtin()->get_fields_without_metakey();
|
||||
|
||||
if ( in_array( $data['type'], $fields_without_metakey ) ) {
|
||||
if ( in_array( $data['type'], $fields_without_metakey, true ) ) {
|
||||
unset( $field_atts['id'] );
|
||||
|
||||
if ( empty( $field_atts['data-key'] ) ) {
|
||||
|
||||
@@ -493,6 +493,14 @@ if ( ! class_exists( 'um\core\Form' ) ) {
|
||||
|
||||
$cf_metakeys[] = 'profile_photo';
|
||||
$cf_metakeys[] = 'cover_photo';
|
||||
|
||||
if ( ! empty( $this->form_data['use_custom_settings'] ) && ! empty( $this->form_data['show_bio'] ) ) {
|
||||
$cf_metakeys[] = UM()->profile()->get_show_bio_key( $this->form_data );
|
||||
} else {
|
||||
if ( UM()->options()->get( 'profile_show_bio' ) ) {
|
||||
$cf_metakeys[] = UM()->profile()->get_show_bio_key( $this->form_data );
|
||||
}
|
||||
}
|
||||
}
|
||||
// Add required usermeta for register.
|
||||
if ( 'register' === $this->form_data['mode'] ) {
|
||||
@@ -580,7 +588,7 @@ if ( ! class_exists( 'um\core\Form' ) ) {
|
||||
unset( $this->post_form['role'] );
|
||||
} else {
|
||||
$custom_field_roles = $this->custom_field_roles( $this->form_data['custom_fields'] );
|
||||
if ( ! empty( $custom_field_roles ) ) {
|
||||
if ( ! empty( $custom_field_roles ) && ! empty( $this->post_form['role'] ) ) {
|
||||
if ( is_array( $this->post_form['role'] ) ) {
|
||||
$role = current( $this->post_form['role'] );
|
||||
$role = sanitize_key( $role );
|
||||
@@ -955,9 +963,10 @@ if ( ! class_exists( 'um\core\Form' ) ) {
|
||||
|
||||
if ( strstr( $field_key, 'role_' ) && array_key_exists( 'options', $field_settings ) && is_array( $field_settings['options'] ) ) {
|
||||
|
||||
if ( isset( $this->post_form['mode'] ) && 'profile' === $this->post_form['mode'] &&
|
||||
isset( $field_settings['editable'] ) && $field_settings['editable'] == 0 ) {
|
||||
continue;
|
||||
if ( isset( $this->post_form['mode'] ) && 'profile' === $this->post_form['mode'] ) {
|
||||
if ( empty( $field_settings['editable'] ) || ! um_can_edit_field( $field_settings ) ) {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if ( ! um_can_view_field( $field_settings ) ) {
|
||||
|
||||
@@ -61,9 +61,24 @@ if ( ! class_exists( 'um\core\Login' ) ) {
|
||||
}
|
||||
|
||||
if ( empty( $args['_wpnonce'] ) || ! wp_verify_nonce( $args['_wpnonce'], 'um_login_form' ) ) {
|
||||
// @todo add hookdocs
|
||||
/**
|
||||
* Filters URL for redirect if login form nonce isn't verified.
|
||||
*
|
||||
* @param {string} $error_url URL for redirect if login form nonce isn't verified.
|
||||
*
|
||||
* @return {string} URL for redirect.
|
||||
*
|
||||
* @since 2.0
|
||||
* @hook um_login_invalid_nonce_redirect_url
|
||||
*
|
||||
* @example <caption>Change URL for redirect if login form nonce isn't verified.</caption>
|
||||
* function my_um_login_invalid_nonce_redirect_url( $error_url ) {
|
||||
* return '{your_custom_url}';
|
||||
* }
|
||||
* add_filter( 'um_login_invalid_nonce_redirect_url', 'my_um_login_invalid_nonce_redirect_url' );
|
||||
*/
|
||||
$url = apply_filters( 'um_login_invalid_nonce_redirect_url', add_query_arg( array( 'err' => 'invalid_nonce' ) ) );
|
||||
wp_safe_redirect( $url );
|
||||
um_safe_redirect( $url );
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -74,47 +74,42 @@ if ( ! class_exists( 'um\core\Logout' ) ) {
|
||||
wp_destroy_current_session();
|
||||
wp_logout();
|
||||
session_unset();
|
||||
exit( wp_safe_redirect( esc_url_raw( $_REQUEST['redirect_to'] ) ) );
|
||||
} else if ( 'redirect_home' === um_user( 'after_logout' ) ) {
|
||||
um_safe_redirect( esc_url_raw( $_REQUEST['redirect_to'] ) );
|
||||
} elseif ( 'redirect_home' === um_user( 'after_logout' ) ) {
|
||||
wp_destroy_current_session();
|
||||
wp_logout();
|
||||
session_unset();
|
||||
exit( wp_safe_redirect( home_url() ) );
|
||||
wp_safe_redirect( home_url() );
|
||||
exit;
|
||||
} else {
|
||||
/**
|
||||
* UM hook
|
||||
* Filters URL for redirect after logout.
|
||||
*
|
||||
* @type filter
|
||||
* @title um_logout_redirect_url
|
||||
* @description Change redirect URL after logout
|
||||
* @input_vars
|
||||
* [{"var":"$url","type":"string","desc":"Redirect URL"},
|
||||
* {"var":"$id","type":"int","desc":"User ID"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage
|
||||
* <?php add_filter( 'um_logout_redirect_url', 'function_name', 10, 2 ); ?>
|
||||
* @example
|
||||
* <?php
|
||||
* add_filter( 'um_logout_redirect_url', 'my_logout_redirect_url', 10, 2 );
|
||||
* function my_logout_redirect_url( $url, $id ) {
|
||||
* // your code here
|
||||
* return $url;
|
||||
* @param {string} $logout_redirect_url URL for redirect after logout.
|
||||
* @param {int} $user_id User ID who logged out.
|
||||
*
|
||||
* @return {string} Redirect URL.
|
||||
*
|
||||
* @since 2.0
|
||||
* @hook um_logout_redirect_url
|
||||
*
|
||||
* @example <caption>Change URL for redirect after logout.</caption>
|
||||
* function my_logout_redirect_url( $logout_redirect_url, $user_id ) {
|
||||
* return '{your_custom_url}';
|
||||
* }
|
||||
* ?>
|
||||
* add_filter( 'um_logout_redirect_url', 'my_logout_redirect_url', 10, 2 );
|
||||
*/
|
||||
$redirect_url = apply_filters( 'um_logout_redirect_url', um_user( 'logout_redirect_url' ), um_user( 'ID' ) );
|
||||
wp_destroy_current_session();
|
||||
wp_logout();
|
||||
session_unset();
|
||||
exit( wp_safe_redirect( $redirect_url ) );
|
||||
um_safe_redirect( $redirect_url );
|
||||
}
|
||||
|
||||
} else {
|
||||
add_filter( 'wp_safe_redirect_fallback', array( &$this, 'safe_redirect_default' ), 10, 2 );
|
||||
exit( wp_safe_redirect( home_url() ) );
|
||||
wp_safe_redirect( home_url() );
|
||||
exit;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -343,6 +343,7 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
|
||||
}
|
||||
|
||||
if ( isset( $data['type'] ) && in_array( $data['type'], $this->sorting_supported_fields ) ) {
|
||||
// translators: %s: title.
|
||||
if ( isset( $data['title'] ) && array_search( sprintf( __( '%s DESC', 'ultimate-member' ), $data['title'] ), $this->sort_fields ) !== false ) {
|
||||
$data['title'] = $data['title'] . ' (' . $key . ')';
|
||||
}
|
||||
@@ -352,7 +353,9 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// translators: %s: title.
|
||||
$this->sort_fields[ $key . '_desc' ] = sprintf( __( '%s DESC', 'ultimate-member' ), $title );
|
||||
// translators: %s: title.
|
||||
$this->sort_fields[ $key . '_asc' ] = sprintf( __( '%s ASC', 'ultimate-member' ), $title );
|
||||
}
|
||||
}
|
||||
@@ -676,16 +679,7 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
|
||||
|
||||
$attrs['options'] = UM()->fields()->get_options_from_callback( $attrs, $attrs['type'] );
|
||||
} else {
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
* @type filter
|
||||
* @title um_select_option_value
|
||||
* @description Enable options pair by field $data
|
||||
* @input_vars
|
||||
* [{"var":"$options_pair","type":"null","desc":"Enable pairs"},
|
||||
* {"var":"$data","type":"array","desc":"Field Data"}]
|
||||
*/
|
||||
/** This filter is documented in includes/core/class-fields.php */
|
||||
$option_pairs = apply_filters( 'um_select_options_pair', null, $attrs );
|
||||
}
|
||||
|
||||
@@ -2658,26 +2652,21 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
|
||||
|
||||
wp_send_json_success( $member_directory_response );
|
||||
}
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
* Fires just before the users query for getting users in member directory.
|
||||
*
|
||||
* @type action
|
||||
* @title um_user_before_query
|
||||
* @description Action before users query on member directory
|
||||
* @input_vars
|
||||
* [{"var":"$query_args","type":"array","desc":"Query arguments"},
|
||||
* {"var":"$md_class","type":"um\core\Member_Directory","desc":"Member Directory class"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_user_before_query', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_user_before_query', 'my_user_before_query', 10, 1 );
|
||||
* function my_user_before_query( $query_args ) {
|
||||
* // your code here
|
||||
* @since 1.3.x
|
||||
* @since 2.1.0 Added `$member_directory_class` variable.
|
||||
* @hook um_user_before_query
|
||||
*
|
||||
* @param {array} $args Query arguments.
|
||||
* @param {object} $member_directory_class Member Directory class. Since 2.1.0 version.
|
||||
*
|
||||
* @example <caption>Add custom arguments for query.</caption>
|
||||
* function my_user_before_query( $query_args, $md_class ) {
|
||||
* $query_args['{custom_key}'] = 'custom_value';
|
||||
* }
|
||||
* ?>
|
||||
* add_action( 'um_user_before_query', 'my_user_before_query', 10, 2 );
|
||||
*/
|
||||
do_action( 'um_user_before_query', $this->query_args, $this );
|
||||
|
||||
@@ -2692,24 +2681,19 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
|
||||
remove_filter( 'get_meta_sql', array( &$this, 'change_meta_sql' ), 10 );
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
* Fires just after the users query for getting users in member directory.
|
||||
*
|
||||
* @type action
|
||||
* @title um_user_after_query
|
||||
* @description Action before users query on member directory
|
||||
* @input_vars
|
||||
* [{"var":"$query_args","type":"array","desc":"Query arguments"},
|
||||
* {"var":"$user_query","type":"array","desc":"User Query"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_user_after_query', 'function_name', 10, 2 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_user_after_query', 'my_user_after_query', 10, 2 );
|
||||
* @since 1.3.x
|
||||
* @hook um_user_after_query
|
||||
*
|
||||
* @param {array} $query_args Query arguments.
|
||||
* @param {object} $user_query Query results.
|
||||
*
|
||||
* @example <caption>Make some custom action after getting the users in member directory.</caption>
|
||||
* function my_user_after_query( $query_args, $user_query ) {
|
||||
* // your code here
|
||||
* }
|
||||
* ?>
|
||||
* add_action( 'um_user_after_query', 'my_user_after_query', 10, 2 );
|
||||
*/
|
||||
do_action( 'um_user_after_query', $this->query_args, $user_query );
|
||||
|
||||
|
||||
@@ -114,12 +114,13 @@ if ( ! class_exists( 'um\core\Options' ) ) {
|
||||
* @use UM()->config()
|
||||
*
|
||||
* @param $option_id
|
||||
* @return bool
|
||||
* @return mixed
|
||||
*/
|
||||
function get_default( $option_id ) {
|
||||
$settings_defaults = UM()->config()->settings_defaults;
|
||||
if ( ! isset( $settings_defaults[ $option_id ] ) )
|
||||
if ( ! isset( $settings_defaults[ $option_id ] ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $settings_defaults[ $option_id ];
|
||||
}
|
||||
|
||||
@@ -239,7 +239,7 @@ if ( ! class_exists( 'um\core\Password' ) ) {
|
||||
if ( isset( $_GET['hash'] ) && isset( $_GET['login'] ) ) {
|
||||
$value = sprintf( '%s:%s', wp_unslash( $_GET['login'] ), wp_unslash( $_GET['hash'] ) );
|
||||
$this->setcookie( $rp_cookie, $value );
|
||||
|
||||
// Not `um_safe_redirect()` because password-reset page is predefined page and is situated on the same host.
|
||||
wp_safe_redirect( remove_query_arg( array( 'hash', 'login' ) ) );
|
||||
exit;
|
||||
}
|
||||
@@ -271,6 +271,10 @@ if ( ! class_exists( 'um\core\Password' ) ) {
|
||||
}
|
||||
|
||||
if ( $this->is_reset_request() ) {
|
||||
$form_data = array(
|
||||
'mode' => 'password',
|
||||
);
|
||||
|
||||
UM()->form()->post_form = wp_unslash( $_POST );
|
||||
|
||||
if ( empty( UM()->form()->post_form['mode'] ) ) {
|
||||
@@ -278,47 +282,43 @@ if ( ! class_exists( 'um\core\Password' ) ) {
|
||||
}
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
* Fires for handle validate errors on the reset password form submit.
|
||||
*
|
||||
* @type action
|
||||
* @title um_reset_password_errors_hook
|
||||
* @description Action on reset password submit form
|
||||
* @input_vars
|
||||
* [{"var":"$post","type":"array","desc":"Form submitted"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_reset_password_errors_hook', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_reset_password_errors_hook', 'my_reset_password_errors', 10, 1 );
|
||||
* function my_reset_password_errors( $post ) {
|
||||
* @since 1.3.x
|
||||
* @since 2.6.8 Added $form_data attribute.
|
||||
*
|
||||
* @hook um_reset_password_errors_hook
|
||||
*
|
||||
* @param {array} $submission_data Form submitted data.
|
||||
* @param {array} $form_data Form data. Since 2.6.8
|
||||
*
|
||||
* @example <caption>Make any custom validation on password reset form.</caption>
|
||||
* function my_reset_password_errors( $submission_data, $form_data ) {
|
||||
* // your code here
|
||||
* }
|
||||
* ?>
|
||||
* add_action( 'um_reset_password_errors_hook', 'my_reset_password_errors', 10, 2 );
|
||||
*/
|
||||
do_action( 'um_reset_password_errors_hook', UM()->form()->post_form );
|
||||
do_action( 'um_reset_password_errors_hook', UM()->form()->post_form, $form_data );
|
||||
|
||||
if ( ! isset( UM()->form()->errors ) ) {
|
||||
/**
|
||||
* UM hook
|
||||
* Fires for handle the reset password form when submitted data is valid.
|
||||
*
|
||||
* @type action
|
||||
* @title um_reset_password_process_hook
|
||||
* @description Action on reset password success submit form
|
||||
* @input_vars
|
||||
* [{"var":"$post","type":"array","desc":"Form submitted"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_reset_password_process_hook', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_reset_password_process_hook', 'my_reset_password_process', 10, 1 );
|
||||
* function my_reset_password_process( $post ) {
|
||||
* @since 1.3.x
|
||||
* @since 2.6.8 Added $form_data attribute.
|
||||
*
|
||||
* @hook um_reset_password_process_hook
|
||||
*
|
||||
* @param {array} $submission_data Form submitted data.
|
||||
* @param {array} $form_data Form data. Since 2.6.8
|
||||
*
|
||||
* @example <caption>Make any custom action when password reset form is submitted.</caption>
|
||||
* function my_reset_password_process( $submission_data, $form_data ) {
|
||||
* // your code here
|
||||
* }
|
||||
* ?>
|
||||
* add_action( 'um_reset_password_process_hook', 'my_reset_password_process', 10, 2 );
|
||||
*/
|
||||
do_action( 'um_reset_password_process_hook', UM()->form()->post_form );
|
||||
do_action( 'um_reset_password_process_hook', UM()->form()->post_form, $form_data );
|
||||
}
|
||||
}
|
||||
|
||||
@@ -517,10 +517,12 @@ if ( ! class_exists( 'um\core\Password' ) ) {
|
||||
$user_email = um_user( 'user_email' );
|
||||
|
||||
if ( mb_strlen( wp_unslash( $args['user_password'] ) ) < $min_length ) {
|
||||
// translators: %s: min length.
|
||||
UM()->form()->add_error( 'user_password', sprintf( __( 'Your password must contain at least %d characters', 'ultimate-member' ), $min_length ) );
|
||||
}
|
||||
|
||||
if ( mb_strlen( wp_unslash( $args['user_password'] ) ) > $max_length ) {
|
||||
// translators: %s: max length.
|
||||
UM()->form()->add_error( 'user_password', sprintf( __( 'Your password must contain less than %d characters', 'ultimate-member' ), $max_length ) );
|
||||
}
|
||||
|
||||
|
||||
@@ -55,9 +55,24 @@ if ( ! class_exists( 'um\core\Register' ) ) {
|
||||
}
|
||||
|
||||
if ( empty( $args['_wpnonce'] ) || ! wp_verify_nonce( $args['_wpnonce'], 'um_register_form' ) ) {
|
||||
// @todo add hookdocs
|
||||
/**
|
||||
* Filters URL for redirect if register form nonce isn't verified.
|
||||
*
|
||||
* @param {string} $error_url URL for redirect if register form nonce isn't verified.
|
||||
*
|
||||
* @return {string} URL for redirect.
|
||||
*
|
||||
* @since 2.0
|
||||
* @hook um_register_invalid_nonce_redirect_url
|
||||
*
|
||||
* @example <caption>Change URL for redirect if register form nonce isn't verified.</caption>
|
||||
* function my_um_register_invalid_nonce_redirect_url( $error_url ) {
|
||||
* return '{your_custom_url}';
|
||||
* }
|
||||
* add_filter( 'um_register_invalid_nonce_redirect_url', 'my_um_register_invalid_nonce_redirect_url' );
|
||||
*/
|
||||
$url = apply_filters( 'um_register_invalid_nonce_redirect_url', add_query_arg( array( 'err' => 'invalid_nonce' ) ) );
|
||||
wp_safe_redirect( $url );
|
||||
um_safe_redirect( $url );
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -13,6 +13,11 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
|
||||
*/
|
||||
class Shortcodes {
|
||||
|
||||
/**
|
||||
* @var array
|
||||
*/
|
||||
public $forms_exist = array();
|
||||
|
||||
/**
|
||||
* @var string
|
||||
*/
|
||||
@@ -597,6 +602,32 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
|
||||
* @return string
|
||||
*/
|
||||
public function ultimatemember( $args = array() ) {
|
||||
/**
|
||||
* Filters variable for disable singleton shortcode loading on the same page.
|
||||
* Note: Set it to `true` if you need to render the same form twice or more on the same page.
|
||||
*
|
||||
* @since 2.6.8
|
||||
* @hook um_ultimatemember_shortcode_disable_singleton
|
||||
*
|
||||
* @param {bool} $disable Disabled singleton. By default, it's `false`.
|
||||
* @param {array} $args Shortcode arguments.
|
||||
*
|
||||
* @return {bool} Disabled singleton or not.
|
||||
*
|
||||
* @example <caption>Turn on ability to use ultimatemember shortcode twice.</caption>
|
||||
* add_filter( 'um_ultimatemember_shortcode_disable_singleton', '__return_true' );
|
||||
*/
|
||||
$disable_singleton_shortcode = apply_filters( 'um_ultimatemember_shortcode_disable_singleton', false, $args );
|
||||
if ( false === $disable_singleton_shortcode ) {
|
||||
if ( isset( $args['form_id'] ) ) {
|
||||
$id = $args['form_id'];
|
||||
if ( isset( $this->forms_exist[ $id ] ) && true === $this->forms_exist[ $id ] ) {
|
||||
return '';
|
||||
}
|
||||
$this->forms_exist[ $id ] = true;
|
||||
}
|
||||
}
|
||||
|
||||
return $this->load( $args );
|
||||
}
|
||||
|
||||
|
||||
@@ -791,8 +791,10 @@ if ( ! class_exists( 'um\core\Uploader' ) ) {
|
||||
} elseif ( isset( $data['max_file_size'] ) && ( $image_info['size'] > $data['max_file_size'] ) ) {
|
||||
$error = $data['max_file_size_error'];
|
||||
} elseif ( isset( $data['min_width'] ) && ( $image_info['width'] < $data['min_width'] ) ) {
|
||||
// translators: %s: min widdth.
|
||||
$error = sprintf( __( 'Your photo is too small. It must be at least %spx wide.', 'ultimate-member' ), $data['min_width'] );
|
||||
} elseif ( isset( $data['min_height'] ) && ( $image_info['height'] < $data['min_height'] ) ) {
|
||||
// translators: %s: min height.
|
||||
$error = sprintf( __( 'Your photo is too small. It must be at least %spx high.', 'ultimate-member' ), $data['min_height'] );
|
||||
}
|
||||
|
||||
|
||||
@@ -1409,14 +1409,15 @@ if ( ! class_exists( 'um\core\User' ) ) {
|
||||
*
|
||||
* @param {int} $user_id User ID.
|
||||
* @param {array} $submitted_data $_POST Submission array.
|
||||
* @param {array} $form_data Form data. Since 2.6.8.
|
||||
*
|
||||
* @example <caption>Make any custom action before save registration details to the user.</caption>
|
||||
* function my_before_save_registration_details( $user_id, $submitted_data ) {
|
||||
* function my_before_save_registration_details( $user_id, $submitted_data, $form_data ) {
|
||||
* // your code here
|
||||
* }
|
||||
* add_action( 'um_before_save_registration_details', 'my_before_save_registration_details', 10, 2 );
|
||||
* add_action( 'um_before_save_registration_details', 'my_before_save_registration_details', 10, 3 );
|
||||
*/
|
||||
do_action( 'um_before_save_registration_details', $this->id, $submitted );
|
||||
do_action( 'um_before_save_registration_details', $this->id, $submitted, $form_data );
|
||||
|
||||
update_user_meta( $this->id, 'submitted', $submitted );
|
||||
|
||||
|
||||
@@ -90,13 +90,16 @@ if ( ! class_exists( 'um\core\Validation' ) ) {
|
||||
|
||||
// Dynamic dropdown options population
|
||||
$has_custom_source = apply_filters("um_has_dropdown_options_source__{$key}", false );
|
||||
if ( in_array( $fields[ $key ]['type'], array( 'select','multiselect' ) ) && $has_custom_source ){
|
||||
$arr_options = apply_filters("um_get_field__{$key}", $fields[ $key ]['options'] );
|
||||
$fields[ $key ]['options'] = array_keys( $arr_options['options'] );
|
||||
if ( in_array( $fields[ $key ]['type'], array( 'select','multiselect' ), true ) && $has_custom_source ) {
|
||||
/** This filter is documented in includes/core/class-fields.php */
|
||||
$fields[ $key ] = apply_filters( "um_get_field__{$key}", $fields[ $key ] );
|
||||
if ( is_array( $fields[ $key ] ) && array_key_exists( 'options', $fields[ $key ] ) ) {
|
||||
$fields[ $key ]['options'] = array_keys( $fields[ $key ]['options'] );
|
||||
}
|
||||
}
|
||||
|
||||
// Dropdown options source from callback function
|
||||
if ( in_array( $fields[ $key ]['type'], array( 'select','multiselect' ) ) &&
|
||||
if ( in_array( $fields[ $key ]['type'], array( 'select','multiselect' ), true ) &&
|
||||
isset( $fields[ $key ]['custom_dropdown_options_source'] ) &&
|
||||
! empty( $fields[ $key ]['custom_dropdown_options_source'] ) &&
|
||||
function_exists( $fields[ $key ]['custom_dropdown_options_source'] ) ) {
|
||||
|
||||
@@ -503,7 +503,9 @@ function um_submit_form_errors_hook_( $submitted_data, $form_data ) {
|
||||
}
|
||||
}
|
||||
} catch ( Exception $e ) {
|
||||
// translators: %s: title.
|
||||
UM()->form()->add_error( $key, sprintf( __( '%s - wrong conditions.', 'ultimate-member' ), $array['title'] ) );
|
||||
// translators: %s: title.
|
||||
$notice = '<div class="um-field-error">' . sprintf( __( '%s - wrong conditions.', 'ultimate-member' ), $array['title'] ) . '</div><!-- ' . $e->getMessage() . ' -->';
|
||||
add_action( 'um_after_profile_fields', function() use ( $notice ) {
|
||||
echo $notice;
|
||||
@@ -512,14 +514,17 @@ function um_submit_form_errors_hook_( $submitted_data, $form_data ) {
|
||||
}
|
||||
|
||||
if ( isset( $array['type'] ) && $array['type'] == 'checkbox' && isset( $array['required'] ) && $array['required'] == 1 && ! isset( $submitted_data[ $key ] ) ) {
|
||||
// translators: %s: title.
|
||||
UM()->form()->add_error( $key, sprintf( __( '%s is required.', 'ultimate-member' ), $array['title'] ) );
|
||||
}
|
||||
|
||||
if ( isset( $array['type'] ) && $array['type'] == 'radio' && isset( $array['required'] ) && $array['required'] == 1 && ! isset( $submitted_data[ $key ] ) && ! in_array( $key, array( 'role_radio', 'role_select' ) ) ) {
|
||||
// translators: %s: title.
|
||||
UM()->form()->add_error( $key, sprintf( __( '%s is required.', 'ultimate-member'), $array['title'] ) );
|
||||
}
|
||||
|
||||
if ( isset( $array['type'] ) && $array['type'] == 'multiselect' && isset( $array['required'] ) && $array['required'] == 1 && ! isset( $submitted_data[ $key ] ) && ! in_array( $key, array( 'role_radio', 'role_select' ) ) ) {
|
||||
// translators: %s: title.
|
||||
UM()->form()->add_error( $key, sprintf( __( '%s is required.', 'ultimate-member' ), $array['title'] ) );
|
||||
}
|
||||
|
||||
@@ -557,6 +562,7 @@ function um_submit_form_errors_hook_( $submitted_data, $form_data ) {
|
||||
if ( empty( $array['label'] ) ) {
|
||||
UM()->form()->add_error( $key, __( 'This field is required', 'ultimate-member' ) );
|
||||
} else {
|
||||
// translators: %s: title.
|
||||
UM()->form()->add_error( $key, sprintf( __( '%s is required', 'ultimate-member' ), $array['label'] ) );
|
||||
}
|
||||
}
|
||||
@@ -568,6 +574,7 @@ function um_submit_form_errors_hook_( $submitted_data, $form_data ) {
|
||||
|
||||
if ( isset( $array['max_words'] ) && $array['max_words'] > 0 ) {
|
||||
if ( str_word_count( $submitted_data[ $key ], 0, "éèàôù" ) > $array['max_words'] ) {
|
||||
// translators: %s: max words.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'You are only allowed to enter a maximum of %s words', 'ultimate-member' ), $array['max_words'] ) );
|
||||
}
|
||||
}
|
||||
@@ -575,9 +582,11 @@ function um_submit_form_errors_hook_( $submitted_data, $form_data ) {
|
||||
if ( isset( $array['min_chars'] ) && $array['min_chars'] > 0 ) {
|
||||
if ( $submitted_data[ $key ] && mb_strlen( $submitted_data[ $key ] ) < $array['min_chars'] ) {
|
||||
if ( empty( $array['label'] ) ) {
|
||||
// translators: %s: min chars.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'This field must contain at least %s characters', 'ultimate-member' ), $array['min_chars'] ) );
|
||||
} else {
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Your %s must contain at least %s characters', 'ultimate-member' ), $array['label'], $array['min_chars'] ) );
|
||||
// translators: %1$s is a label; %2$s is a min chars.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Your %1$s must contain at least %2$s characters', 'ultimate-member' ), $array['label'], $array['min_chars'] ) );
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -585,9 +594,11 @@ function um_submit_form_errors_hook_( $submitted_data, $form_data ) {
|
||||
if ( isset( $array['max_chars'] ) && $array['max_chars'] > 0 ) {
|
||||
if ( $submitted_data[ $key ] && mb_strlen( $submitted_data[ $key ] ) > $array['max_chars'] ) {
|
||||
if ( empty( $array['label'] ) ) {
|
||||
// translators: %s: max chars.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'This field must contain less than %s characters', 'ultimate-member' ), $array['max_chars'] ) );
|
||||
} else {
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Your %s must contain less than %s characters', 'ultimate-member' ), $array['label'], $array['max_chars'] ) );
|
||||
// translators: %1$s is a label; %2$s is a max chars.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Your %1$s must contain less than %2$s characters', 'ultimate-member' ), $array['label'], $array['max_chars'] ) );
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -629,24 +640,28 @@ function um_submit_form_errors_hook_( $submitted_data, $form_data ) {
|
||||
|
||||
if ( isset( $array['min_selections'] ) && $array['min_selections'] > 0 ) {
|
||||
if ( ( ! isset( $submitted_data[ $key ] ) ) || ( isset( $submitted_data[ $key ] ) && is_array( $submitted_data[ $key ] ) && count( $submitted_data[ $key ] ) < $array['min_selections'] ) ) {
|
||||
// translators: %s: min selections.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Please select at least %s choices', 'ultimate-member' ), $array['min_selections'] ) );
|
||||
}
|
||||
}
|
||||
|
||||
if ( isset( $array['max_selections'] ) && $array['max_selections'] > 0 ) {
|
||||
if ( isset( $submitted_data[ $key ] ) && is_array( $submitted_data[ $key ] ) && count( $submitted_data[ $key ] ) > $array['max_selections'] ) {
|
||||
// translators: %s: max selections.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'You can only select up to %s choices', 'ultimate-member' ), $array['max_selections'] ) );
|
||||
}
|
||||
}
|
||||
|
||||
if ( isset( $array['min'] ) && is_numeric( $submitted_data[ $key ] ) ) {
|
||||
if ( isset( $submitted_data[ $key ] ) && $submitted_data[ $key ] < $array['min'] ) {
|
||||
// translators: %s: min limit.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Minimum number limit is %s', 'ultimate-member' ), $array['min'] ) );
|
||||
}
|
||||
}
|
||||
|
||||
if ( isset( $array['max'] ) && is_numeric( $submitted_data[ $key ] ) ) {
|
||||
if ( isset( $submitted_data[ $key ] ) && $submitted_data[ $key ] > $array['max'] ) {
|
||||
// translators: %s: max limit.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Maximum number limit is %s', 'ultimate-member' ), $array['max'] ) );
|
||||
}
|
||||
}
|
||||
@@ -697,36 +712,42 @@ function um_submit_form_errors_hook_( $submitted_data, $form_data ) {
|
||||
|
||||
case 'youtube_url':
|
||||
if ( ! UM()->validation()->is_url( $submitted_data[ $key ], 'youtube.com' ) && ! UM()->validation()->is_url( $submitted_data[ $key ], 'youtu.be' ) ) {
|
||||
// translators: %s: label.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Please enter a valid %s username or profile URL', 'ultimate-member' ), $array['label'] ) );
|
||||
}
|
||||
break;
|
||||
|
||||
case 'spotify_url':
|
||||
if ( ! UM()->validation()->is_url( $submitted_data[ $key ], 'open.spotify.com' ) ) {
|
||||
// translators: %s: label.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Please enter a valid %s URL', 'ultimate-member' ), $array['label'] ) );
|
||||
}
|
||||
break;
|
||||
|
||||
case 'telegram_url':
|
||||
if ( ! UM()->validation()->is_url( $submitted_data[ $key ], 't.me' ) ) {
|
||||
// translators: %s: label.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Please enter a valid %s username or profile URL', 'ultimate-member' ), $array['label'] ) );
|
||||
}
|
||||
break;
|
||||
|
||||
case 'soundcloud_url':
|
||||
if ( ! UM()->validation()->is_url( $submitted_data[ $key ], 'soundcloud.com' ) ) {
|
||||
// translators: %s: label.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Please enter a valid %s username or profile URL','ultimate-member'), $array['label'] ) );
|
||||
}
|
||||
break;
|
||||
|
||||
case 'facebook_url':
|
||||
if ( ! UM()->validation()->is_url( $submitted_data[ $key ], 'facebook.com' ) ) {
|
||||
// translators: %s: label.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Please enter a valid %s username or profile URL', 'ultimate-member' ), $array['label'] ) );
|
||||
}
|
||||
break;
|
||||
|
||||
case 'twitter_url':
|
||||
if ( ! UM()->validation()->is_url( $submitted_data[ $key ], 'twitter.com' ) ) {
|
||||
// translators: %s: label.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Please enter a valid %s username or profile URL', 'ultimate-member' ), $array['label'] ) );
|
||||
}
|
||||
break;
|
||||
@@ -734,12 +755,14 @@ function um_submit_form_errors_hook_( $submitted_data, $form_data ) {
|
||||
case 'instagram_url':
|
||||
|
||||
if ( ! UM()->validation()->is_url( $submitted_data[ $key ], 'instagram.com' ) ) {
|
||||
// translators: %s: label.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Please enter a valid %s profile URL', 'ultimate-member' ), $array['label'] ) );
|
||||
}
|
||||
break;
|
||||
|
||||
case 'linkedin_url':
|
||||
if ( ! UM()->validation()->is_url( $submitted_data[ $key ], 'linkedin.com' ) ) {
|
||||
// translators: %s: label.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Please enter a valid %s username or profile URL', 'ultimate-member' ), $array['label'] ) );
|
||||
}
|
||||
break;
|
||||
@@ -753,6 +776,7 @@ function um_submit_form_errors_hook_( $submitted_data, $form_data ) {
|
||||
case 'tiktok_url':
|
||||
|
||||
if ( ! UM()->validation()->is_url( $submitted_data[ $key ], 'tiktok.com' ) ) {
|
||||
// translators: %s: label.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Please enter a valid %s profile URL', 'ultimate-member' ), $array['label'] ) );
|
||||
}
|
||||
break;
|
||||
@@ -760,6 +784,7 @@ function um_submit_form_errors_hook_( $submitted_data, $form_data ) {
|
||||
case 'twitch_url':
|
||||
|
||||
if ( ! UM()->validation()->is_url( $submitted_data[ $key ], 'twitch.tv' ) ) {
|
||||
// translators: %s: label.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Please enter a valid %s profile URL', 'ultimate-member' ), $array['label'] ) );
|
||||
}
|
||||
break;
|
||||
@@ -767,6 +792,7 @@ function um_submit_form_errors_hook_( $submitted_data, $form_data ) {
|
||||
case 'reddit_url':
|
||||
|
||||
if ( ! UM()->validation()->is_url( $submitted_data[ $key ], 'reddit.com' ) ) {
|
||||
// translators: %s: label.
|
||||
UM()->form()->add_error( $key, sprintf( __( 'Please enter a valid %s profile URL', 'ultimate-member' ), $array['label'] ) );
|
||||
}
|
||||
break;
|
||||
@@ -911,6 +937,7 @@ function um_submit_form_errors_hook_( $submitted_data, $form_data ) {
|
||||
|
||||
if ( $profile_show_bio ) {
|
||||
if ( mb_strlen( str_replace( array( "\r\n", "\n", "\r\t", "\t" ), ' ', $submitted_data['description'] ) ) > $max_chars && $max_chars ) {
|
||||
// translators: %s: max chars.
|
||||
UM()->form()->add_error( 'description', sprintf( __( 'Your user description must contain less than %s characters', 'ultimate-member' ), $max_chars ) );
|
||||
}
|
||||
}
|
||||
|
||||
@@ -140,11 +140,13 @@ function um_submit_form_errors_hook_logincheck( $submitted_data, $form_data ) {
|
||||
case 'awaiting_email_confirmation':
|
||||
case 'rejected':
|
||||
um_reset_user();
|
||||
// Not `um_safe_redirect()` because UM()->permalinks()->get_current_url() is situated on the same host.
|
||||
wp_safe_redirect( add_query_arg( 'err', esc_attr( $status ), UM()->permalinks()->get_current_url() ) );
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( isset( $form_data['form_id'] ) && absint( $form_data['form_id'] ) === absint( UM()->shortcodes()->core_login_form() ) && UM()->form()->errors && ! isset( $_POST[ UM()->honeypot ] ) ) {
|
||||
// Not `um_safe_redirect()` because predefined login page is situated on the same host.
|
||||
wp_safe_redirect( um_get_core_page( 'login' ) );
|
||||
exit;
|
||||
}
|
||||
@@ -217,19 +219,21 @@ function um_user_login( $submitted_data ) {
|
||||
|
||||
// Priority redirect from $_GET attribute.
|
||||
if ( ! empty( $submitted_data['redirect_to'] ) ) {
|
||||
wp_safe_redirect( $submitted_data['redirect_to'] );
|
||||
um_safe_redirect( $submitted_data['redirect_to'] );
|
||||
exit;
|
||||
}
|
||||
|
||||
// Role redirect
|
||||
$after_login = um_user( 'after_login' );
|
||||
if ( empty( $after_login ) ) {
|
||||
// Not `um_safe_redirect()` because predefined user profile page is situated on the same host.
|
||||
wp_safe_redirect( um_user_profile_url() );
|
||||
exit;
|
||||
}
|
||||
|
||||
switch ( $after_login ) {
|
||||
case 'redirect_admin':
|
||||
// Not `um_safe_redirect()` because is redirected to wp-admin.
|
||||
wp_safe_redirect( admin_url() );
|
||||
exit;
|
||||
case 'redirect_url':
|
||||
@@ -252,13 +256,15 @@ function um_user_login( $submitted_data ) {
|
||||
* add_filter( 'um_login_redirect_url', 'my_login_redirect_url', 10, 2 );
|
||||
*/
|
||||
$redirect_url = apply_filters( 'um_login_redirect_url', um_user( 'login_redirect_url' ), um_user( 'ID' ) );
|
||||
wp_safe_redirect( $redirect_url );
|
||||
um_safe_redirect( $redirect_url );
|
||||
exit;
|
||||
case 'refresh':
|
||||
// Not `um_safe_redirect()` because UM()->permalinks()->get_current_url() is situated on the same host.
|
||||
wp_safe_redirect( UM()->permalinks()->get_current_url() );
|
||||
exit;
|
||||
case 'redirect_profile':
|
||||
default:
|
||||
// Not `um_safe_redirect()` because predefined user profile page is situated on the same host.
|
||||
wp_safe_redirect( um_user_profile_url() );
|
||||
exit;
|
||||
}
|
||||
|
||||
@@ -39,25 +39,21 @@ function um_browser_url_redirect_to( $args ) {
|
||||
}
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
* Filters 'redirect_to' URL for UM login forms.
|
||||
*
|
||||
* @type filter
|
||||
* @title um_browser_url_redirect_to__filter
|
||||
* @description Add redirect to field to form and change URL for it
|
||||
* @input_vars
|
||||
* [{"var":"$url","type":"string","desc":"Redirect to URL"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage
|
||||
* <?php add_filter( 'um_browser_url_redirect_to__filter', 'function_name', 10, 1 ); ?>
|
||||
* @example
|
||||
* <?php
|
||||
* add_filter( 'um_browser_url_redirect_to__filter', 'my_browser_url_redirect_to', 10, 1 );
|
||||
* function my_browser_url_redirect_to( $url ) {
|
||||
* // your code here
|
||||
* @param {string} $url Redirect URL.
|
||||
*
|
||||
* @return {string} Custom redirect URL.
|
||||
*
|
||||
* @since 1.3.x
|
||||
* @hook um_browser_url_redirect_to__filter
|
||||
*
|
||||
* @example <caption>Force redirect user after login to account page.</caption>
|
||||
* function my_browser_url_redirect_to__filter( $url ) {
|
||||
* $url = '{site_url}/account';
|
||||
* return $url;
|
||||
* }
|
||||
* ?>
|
||||
* add_filter( 'um_browser_url_redirect_to__filter', 'my_browser_url_redirect_to__filter' );
|
||||
*/
|
||||
$url = apply_filters( 'um_browser_url_redirect_to__filter', $url );
|
||||
if ( ! empty( $url ) ) {
|
||||
|
||||
@@ -340,6 +340,7 @@ function um_user_edit_profile( $args, $form_data ) {
|
||||
} else {
|
||||
if ( 'password' === $array['type'] ) {
|
||||
$to_update[ $key ] = wp_hash_password( $args['submitted'][ $key ] );
|
||||
// translators: %s: title.
|
||||
$args['submitted'][ $key ] = sprintf( __( 'Your choosed %s', 'ultimate-member' ), $array['title'] );
|
||||
} else {
|
||||
if ( isset( $userinfo[ $key ] ) && $args['submitted'][ $key ] != $userinfo[ $key ] ) {
|
||||
@@ -357,9 +358,13 @@ function um_user_edit_profile( $args, $form_data ) {
|
||||
}
|
||||
|
||||
$description_key = UM()->profile()->get_show_bio_key( $args );
|
||||
if ( ! isset( $to_update[ $description_key ] ) && ! empty( $form_data['show_bio'] ) ) {
|
||||
if ( isset( $args['submitted'][ $description_key ] ) ) {
|
||||
if ( ! isset( $to_update[ $description_key ] ) && isset( $args['submitted'][ $description_key ] ) ) {
|
||||
if ( ! empty( $form_data['use_custom_settings'] ) && ! empty( $form_data['show_bio'] ) ) {
|
||||
$to_update[ $description_key ] = $args['submitted'][ $description_key ];
|
||||
} else {
|
||||
if ( UM()->options()->get( 'profile_show_bio' ) ) {
|
||||
$to_update[ $description_key ] = $args['submitted'][ $description_key ];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -507,6 +512,7 @@ function um_user_edit_profile( $args, $form_data ) {
|
||||
// Finally redirect to profile.
|
||||
$url = um_user_profile_url( $user_id );
|
||||
$url = apply_filters( 'um_update_profile_redirect_after', $url, $user_id, $args );
|
||||
// Not `um_safe_redirect()` because predefined user profile page is situated on the same host.
|
||||
wp_safe_redirect( um_edit_my_profile_cancel_uri( $url ) );
|
||||
exit;
|
||||
}
|
||||
@@ -1233,7 +1239,12 @@ function um_profile_header( $args ) {
|
||||
<?php } ?>
|
||||
|
||||
<div class="um-profile-status <?php echo esc_attr( um_user( 'account_status' ) ); ?>">
|
||||
<span><?php printf( __( 'This user account status is %s', 'ultimate-member' ), um_user( 'account_status_name' ) ); ?></span>
|
||||
<span>
|
||||
<?php
|
||||
// translators: %s: profile status.
|
||||
printf( __( 'This user account status is %s', 'ultimate-member' ), um_user( 'account_status_name' ) );
|
||||
?>
|
||||
</span>
|
||||
</div>
|
||||
|
||||
<?php
|
||||
|
||||
@@ -146,32 +146,70 @@ add_action( 'um_registration_complete', 'um_send_registration_notification' );
|
||||
function um_check_user_status( $user_id, $args, $form_data = null ) {
|
||||
$status = um_user( 'account_status' );
|
||||
/**
|
||||
* UM hook
|
||||
* Fires after complete UM user registration.
|
||||
* Where $status can be equal to 'approved', 'checkmail' or 'pending'.
|
||||
*
|
||||
* @type action
|
||||
* @title um_post_registration_{$status}_hook
|
||||
* @description After complete UM user registration.
|
||||
* @input_vars
|
||||
* [{"var":"$user_id","type":"int","desc":"User ID"},
|
||||
* {"var":"$args","type":"array","desc":"Form data"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_post_registration_{$status}_hook', 'function_name', 10, 2 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_post_registration_{$status}_hook', 'my_post_registration', 10, 2 );
|
||||
* function my_post_registration( $user_id, $args ) {
|
||||
* @since 1.3.x
|
||||
* @since 2.6.8 Added $form_data argument.
|
||||
*
|
||||
* @hook um_post_registration_{$status}_hook
|
||||
*
|
||||
* @param {int} $user_id User ID.
|
||||
* @param {array} $submitted_data Registration form submitted data.
|
||||
* @param {array} $form_data Form data. Since 2.6.8
|
||||
*
|
||||
* @example <caption>Make a custom action after complete UM user registration when user get an approved status.</caption>
|
||||
* function my_um_post_registration( $user_id, $submitted_data, $form_data ) {
|
||||
* // your code here
|
||||
* }
|
||||
* ?>
|
||||
* add_action( 'um_post_registration_approved_hook', 'my_um_post_registration', 10, 3 );
|
||||
* @example <caption>Make a custom action after complete UM user registration when user requires email activation.</caption>
|
||||
* function my_um_post_registration( $user_id, $submitted_data, $form_data ) {
|
||||
* // your code here
|
||||
* }
|
||||
* add_action( 'um_post_registration_checkmail_hook', 'my_um_post_registration', 10, 3 );
|
||||
* @example <caption>Make a custom action after complete UM user registration when user requires admin review.</caption>
|
||||
* function my_um_post_registration( $user_id, $submitted_data, $form_data ) {
|
||||
* // your code here
|
||||
* }
|
||||
* add_action( 'um_post_registration_pending_hook', 'my_um_post_registration', 10, 3 );
|
||||
*/
|
||||
do_action( "um_post_registration_{$status}_hook", $user_id, $args );
|
||||
do_action( "um_post_registration_{$status}_hook", $user_id, $args, $form_data );
|
||||
|
||||
if ( is_null( $form_data ) || is_admin() ) {
|
||||
return;
|
||||
}
|
||||
|
||||
do_action( "track_{$status}_user_registration" );
|
||||
/**
|
||||
* Fires after complete UM user registration. Only for the frontend action which is run before autologin and redirects.
|
||||
* Where $status can be equal to 'approved', 'checkmail' or 'pending'.
|
||||
*
|
||||
* @since 1.3.x
|
||||
* @since 2.6.8 Added $user_id, $submitted_data, $form_data arguments.
|
||||
*
|
||||
* @hook track_{$status}_user_registration
|
||||
*
|
||||
* @param {int} $user_id User ID. Since 2.6.8
|
||||
* @param {array} $submitted_data Registration form submitted data. Since 2.6.8
|
||||
* @param {array} $form_data Form data. Since 2.6.8
|
||||
*
|
||||
* @example <caption>Make a custom action after complete UM user registration when user get an approved status.</caption>
|
||||
* function my_um_post_registration( $user_id, $submitted_data, $form_data ) {
|
||||
* // your code here
|
||||
* }
|
||||
* add_action( 'track_approved_user_registration', 'my_um_post_registration', 10, 3 );
|
||||
* @example <caption>Make a custom action after complete UM user registration when user requires email activation.</caption>
|
||||
* function my_um_post_registration( $user_id, $submitted_data, $form_data ) {
|
||||
* // your code here
|
||||
* }
|
||||
* add_action( 'track_checkmail_user_registration', 'my_um_post_registration', 10, 3 );
|
||||
* @example <caption>Make a custom action after complete UM user registration when user requires admin review.</caption>
|
||||
* function my_um_post_registration( $user_id, $submitted_data, $form_data ) {
|
||||
* // your code here
|
||||
* }
|
||||
* add_action( 'track_pending_user_registration', 'my_um_post_registration', 10, 3 );
|
||||
*/
|
||||
do_action( "track_{$status}_user_registration", $user_id, $args, $form_data );
|
||||
|
||||
if ( 'approved' === $status ) {
|
||||
// Check if user is logged in because there can be the customized way when through 'um_registration_for_loggedin_users' hook the registration is enabled for the logged-in users (e.g. Administrator).
|
||||
@@ -182,72 +220,60 @@ function um_check_user_status( $user_id, $args, $form_data = null ) {
|
||||
UM()->user()->generate_profile_slug( $user_id );
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
* Fires after complete UM user registration and autologin.
|
||||
*
|
||||
* @type action
|
||||
* @title um_registration_after_auto_login
|
||||
* @description After complete UM user registration and autologin.
|
||||
* @input_vars
|
||||
* [{"var":"$user_id","type":"int","desc":"User ID"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_registration_after_auto_login', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_registration_after_auto_login', 'my_registration_after_auto_login', 10, 1 );
|
||||
* function my_registration_after_auto_login( $user_id ) {
|
||||
* @since 1.3.65
|
||||
* @hook um_registration_after_auto_login
|
||||
*
|
||||
* @param {int} $user_id User ID.
|
||||
*
|
||||
* @example <caption>Make a custom action after complete UM user registration and autologin.</caption>
|
||||
* function my_um_registration_after_auto_login( $user_id ) {
|
||||
* // your code here
|
||||
* }
|
||||
* ?>
|
||||
* add_action( 'um_registration_after_auto_login', 'my_um_registration_after_auto_login' );
|
||||
*/
|
||||
do_action( 'um_registration_after_auto_login', $user_id );
|
||||
|
||||
// Priority redirect
|
||||
if ( isset( $args['redirect_to'] ) ) {
|
||||
wp_safe_redirect( urldecode( $args['redirect_to'] ) );
|
||||
exit;
|
||||
um_safe_redirect( urldecode( $args['redirect_to'] ) );
|
||||
}
|
||||
|
||||
um_fetch_user( $user_id );
|
||||
|
||||
if ( 'redirect_url' === um_user( 'auto_approve_act' ) && '' !== um_user( 'auto_approve_url' ) ) {
|
||||
wp_safe_redirect( um_user( 'auto_approve_url' ) );
|
||||
exit;
|
||||
um_safe_redirect( um_user( 'auto_approve_url' ) );
|
||||
}
|
||||
|
||||
if ( 'redirect_profile' === um_user( 'auto_approve_act' ) ) {
|
||||
// Not `um_safe_redirect()` because predefined user profile page is situated on the same host.
|
||||
wp_safe_redirect( um_user_profile_url() );
|
||||
exit;
|
||||
}
|
||||
} else {
|
||||
if ( 'redirect_url' === um_user( $status . '_action' ) && '' !== um_user( $status . '_url' ) ) {
|
||||
/**
|
||||
* UM hook
|
||||
* Filters the redirect URL for pending user after registration.
|
||||
*
|
||||
* @type filter
|
||||
* @title um_registration_pending_user_redirect
|
||||
* @description Change redirect URL for pending user after registration
|
||||
* @input_vars
|
||||
* [{"var":"$url","type":"string","desc":"Redirect URL"},
|
||||
* {"var":"$status","type":"string","desc":"User status"},
|
||||
* {"var":"$user_id","type":"int","desc":"User ID"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage
|
||||
* <?php add_filter( 'um_registration_pending_user_redirect', 'function_name', 10, 3 ); ?>
|
||||
* @example
|
||||
* <?php
|
||||
* add_filter( 'um_registration_pending_user_redirect', 'my_registration_pending_user_redirect', 10, 3 );
|
||||
* @since 2.0
|
||||
* @hook um_registration_pending_user_redirect
|
||||
*
|
||||
* @param {string} $url Redirect URL.
|
||||
* @param {string} $status User status.
|
||||
* @param {int} $user_id User ID.
|
||||
*
|
||||
* @return {string} Redirect URL.
|
||||
*
|
||||
* @example <caption>Change redirect URL for pending user after registration.</caption>
|
||||
* function my_registration_pending_user_redirect( $url, $status, $user_id ) {
|
||||
* // your code here
|
||||
* return $url;
|
||||
* }
|
||||
* ?>
|
||||
* add_filter( 'um_registration_pending_user_redirect', 'my_registration_pending_user_redirect', 10, 3 );
|
||||
*/
|
||||
$redirect_url = apply_filters( 'um_registration_pending_user_redirect', um_user( $status . '_url' ), $status, um_user( 'ID' ) );
|
||||
|
||||
wp_safe_redirect( $redirect_url );
|
||||
exit;
|
||||
um_safe_redirect( $redirect_url );
|
||||
}
|
||||
|
||||
if ( 'show_message' === um_user( $status . '_action' ) && '' !== um_user( $status . '_message' ) ) {
|
||||
@@ -256,7 +282,7 @@ function um_check_user_status( $user_id, $args, $form_data = null ) {
|
||||
// Add only priority role to URL.
|
||||
$url = add_query_arg( 'um_role', esc_attr( um_user( 'role' ) ), $url );
|
||||
$url = add_query_arg( 'um_form_id', esc_attr( $form_data['form_id'] ), $url );
|
||||
|
||||
// Not `um_safe_redirect()` because UM()->permalinks()->get_current_url() is situated on the same host.
|
||||
wp_safe_redirect( $url );
|
||||
exit;
|
||||
}
|
||||
@@ -714,6 +740,7 @@ function um_form_register_redirect() {
|
||||
$page_id = UM()->options()->get( UM()->options()->get_core_page_id( 'register' ) );
|
||||
$register_post = get_post( $page_id );
|
||||
if ( ! empty( $register_post ) ) {
|
||||
// Not `um_safe_redirect()` because predefined register page is situated on the same host.
|
||||
wp_safe_redirect( get_permalink( $page_id ) );
|
||||
exit();
|
||||
}
|
||||
|
||||
@@ -1,29 +1,30 @@
|
||||
<?php if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
|
||||
|
||||
<?php
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
/**
|
||||
* Disables first and last name fields in account page
|
||||
* Disables first and last name fields in account page.
|
||||
*
|
||||
* @param array $fields
|
||||
* @return array
|
||||
* @uses um_get_field__first_name, um_get_field__last_name
|
||||
*/
|
||||
function um_account_disable_name_fields( $fields ){
|
||||
function um_account_disable_name_fields( $fields ) {
|
||||
if ( ! UM()->options()->get( 'account_name_disable' ) ) {
|
||||
return $fields;
|
||||
}
|
||||
|
||||
if ( um_is_core_page( 'account' ) ) {
|
||||
$fields['disabled'] = 'disabled="disabled"';
|
||||
$fields['disabled'] = ' disabled="disabled" ';
|
||||
}
|
||||
|
||||
return $fields;
|
||||
}
|
||||
add_filter( 'um_get_field__first_name', 'um_account_disable_name_fields', 10 ,1 );
|
||||
add_filter( 'um_get_field__last_name', 'um_account_disable_name_fields', 10 ,1 );
|
||||
|
||||
add_filter( 'um_get_field__first_name', 'um_account_disable_name_fields' );
|
||||
add_filter( 'um_get_field__last_name', 'um_account_disable_name_fields' );
|
||||
|
||||
/**
|
||||
* Sanitize inputs on Account update
|
||||
* Sanitize inputs on Account update.
|
||||
*
|
||||
* @param $data
|
||||
*
|
||||
@@ -32,12 +33,15 @@ add_filter( 'um_get_field__last_name', 'um_account_disable_name_fields', 10 ,1 )
|
||||
function um_account_sanitize_data( $data ) {
|
||||
foreach ( $data as $key => $value ) {
|
||||
if ( is_array( $value ) ) {
|
||||
$data[ $key ] = array_filter( $value, function( $var ) {
|
||||
$var = trim( esc_html( strip_tags( $var ) ) );
|
||||
return $var;
|
||||
});
|
||||
$data[ $key ] = array_filter(
|
||||
$value,
|
||||
function( $var ) {
|
||||
$var = trim( esc_html( wp_strip_all_tags( $var ) ) );
|
||||
return $var;
|
||||
}
|
||||
);
|
||||
} else {
|
||||
$data[ $key ] = trim( esc_html( strip_tags( $value ) ) );
|
||||
$data[ $key ] = trim( esc_html( wp_strip_all_tags( $value ) ) );
|
||||
}
|
||||
}
|
||||
|
||||
@@ -45,11 +49,11 @@ function um_account_sanitize_data( $data ) {
|
||||
}
|
||||
add_filter( 'um_account_pre_updating_profile_array', 'um_account_sanitize_data', 10, 1 );
|
||||
|
||||
|
||||
/**
|
||||
* Fix for the account field "Avoid indexing my profile by search engines"
|
||||
* Fix for the account field "Avoid indexing my profile by search engines".
|
||||
*
|
||||
* @since 2.1.16
|
||||
* @param bool $value
|
||||
* @param mixed|int $value
|
||||
* @return int
|
||||
*/
|
||||
function um_account_profile_noindex_value( $value ) {
|
||||
@@ -58,4 +62,4 @@ function um_account_profile_noindex_value( $value ) {
|
||||
}
|
||||
return $value;
|
||||
}
|
||||
add_filter( 'um_profile_profile_noindex_empty__filter', 'um_account_profile_noindex_value' );
|
||||
add_filter( 'um_profile_profile_noindex_empty__filter', 'um_account_profile_noindex_value' );
|
||||
|
||||
@@ -209,6 +209,7 @@ function um_profile_field_filter_hook__user_registered( $value, $data ) {
|
||||
return '';
|
||||
}
|
||||
$value = strtotime( $value );
|
||||
// translators: %s: date.
|
||||
$value = sprintf( __( 'Joined %s', 'ultimate-member' ), date_i18n( get_option( 'date_format' ), $value ) );
|
||||
return $value;
|
||||
}
|
||||
@@ -478,6 +479,7 @@ function um_profile_field_filter_hook__( $value, $data, $type = '' ) {
|
||||
if ( UM()->options()->get( 'allow_url_redirect_confirm' ) && $value !== wp_validate_redirect( $value ) ) {
|
||||
$onclick_alert = sprintf(
|
||||
' onclick="' . esc_attr( 'return confirm( "%s" );' ) . '"',
|
||||
// translators: %s: link.
|
||||
esc_js( sprintf( __( 'This link leads to a 3rd-party website. Make sure the link is safe and you really want to go to this website: \'%s\'', 'ultimate-member' ), $value ) )
|
||||
);
|
||||
}
|
||||
@@ -706,7 +708,9 @@ function um_field_non_utf8_value( $value ) {
|
||||
if ( function_exists( 'mb_detect_encoding' ) ) {
|
||||
$encoding = mb_detect_encoding( $value, 'utf-8, iso-8859-1, ascii', true );
|
||||
if ( strcasecmp( $encoding, 'UTF-8' ) !== 0 ) {
|
||||
$value = iconv( $encoding, 'utf-8', $value );
|
||||
if ( function_exists( 'iconv' ) ) {
|
||||
$value = iconv( $encoding, 'utf-8', $value );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -824,16 +828,7 @@ function um_profile_field_filter_xss_validation( $value, $data, $type = '' ) {
|
||||
}
|
||||
} elseif ( 'select' == $type || 'radio' == $type ) {
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
* @type filter
|
||||
* @title um_select_option_value
|
||||
* @description Enable options pair by field $data
|
||||
* @input_vars
|
||||
* [{"var":"$options_pair","type":"null","desc":"Enable pairs"},
|
||||
* {"var":"$data","type":"array","desc":"Field Data"}]
|
||||
*/
|
||||
/** This filter is documented in includes/core/class-fields.php */
|
||||
$option_pairs = apply_filters( 'um_select_options_pair', null, $data );
|
||||
|
||||
$array = empty( $data['options'] ) ? array() : $data['options'];
|
||||
@@ -859,16 +854,7 @@ function um_profile_field_filter_xss_validation( $value, $data, $type = '' ) {
|
||||
} elseif ( ! empty( $value ) && is_array( $value ) ) {
|
||||
if ( 'multiselect' == $type || 'checkbox' == $type ) {
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
* @type filter
|
||||
* @title um_select_option_value
|
||||
* @description Enable options pair by field $data
|
||||
* @input_vars
|
||||
* [{"var":"$options_pair","type":"null","desc":"Enable pairs"},
|
||||
* {"var":"$data","type":"array","desc":"Field Data"}]
|
||||
*/
|
||||
/** This filter is documented in includes/core/class-fields.php */
|
||||
$option_pairs = apply_filters( 'um_select_options_pair', null, $data );
|
||||
|
||||
$arr = $data['options'];
|
||||
|
||||
@@ -62,7 +62,7 @@ function um_dynamic_user_profile_title( $title, $id = '' ) {
|
||||
}
|
||||
}
|
||||
|
||||
if ( ! function_exists( 'utf8_decode' ) ) {
|
||||
if ( ! function_exists( 'mb_convert_encoding' ) ) {
|
||||
return $title;
|
||||
}
|
||||
|
||||
|
||||
@@ -285,6 +285,7 @@ add_filter( 'um_clean_user_basename_filter', 'um_clean_user_basename_filter', 2,
|
||||
* @return array
|
||||
*/
|
||||
function um_before_update_profile( $changes, $user_id ) {
|
||||
// todo check if this option required and maybe there are some WordPress native ways how to make that without custom unused functions. Maybe fully deprecate 'um_force_utf8_strings' option which doesn't exist in UI.
|
||||
if ( ! UM()->options()->get( 'um_force_utf8_strings' ) ) {
|
||||
return $changes;
|
||||
}
|
||||
|
||||
@@ -0,0 +1,38 @@
|
||||
<?php
|
||||
namespace um\frontend;
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( ! class_exists( 'um\frontend\Init' ) ) {
|
||||
|
||||
/**
|
||||
* Class Init
|
||||
*
|
||||
* @package um\frontend
|
||||
*/
|
||||
class Init {
|
||||
|
||||
/**
|
||||
* Create classes' instances where __construct isn't empty for hooks init
|
||||
*
|
||||
* @used-by \UM::includes()
|
||||
*/
|
||||
public function includes() {
|
||||
$this->secure();
|
||||
}
|
||||
|
||||
/**
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @return Secure
|
||||
*/
|
||||
public function secure() {
|
||||
if ( empty( UM()->classes['um\frontend\secure'] ) ) {
|
||||
UM()->classes['um\frontend\secure'] = new Secure();
|
||||
}
|
||||
return UM()->classes['um\frontend\secure'];
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,286 @@
|
||||
<?php
|
||||
namespace um\frontend;
|
||||
|
||||
use WP_Error;
|
||||
use WP_User;
|
||||
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( ! class_exists( 'um\frontend\Secure' ) ) {
|
||||
|
||||
/**
|
||||
* Class Secure
|
||||
*
|
||||
* @package um\frontend
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
class Secure {
|
||||
|
||||
/**
|
||||
* Secure constructor.
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function __construct() {
|
||||
add_action( 'init', array( $this, 'init' ) );
|
||||
|
||||
add_action( 'um_before_login_fields', array( $this, 'reset_password_notice' ), 1 );
|
||||
|
||||
add_action( 'um_before_login_fields', array( $this, 'under_maintenance_notice' ), 1 );
|
||||
|
||||
add_action( 'um_submit_form_register', array( $this, 'block_register_forms' ) );
|
||||
|
||||
add_action( 'um_user_login', array( $this, 'login_validate_expired_pass' ), 1 );
|
||||
|
||||
add_action( 'validate_password_reset', array( $this, 'avoid_old_password' ), 1, 2 );
|
||||
}
|
||||
|
||||
/**
|
||||
* Adds handlers on form submissions.
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function init() {
|
||||
if ( ! UM()->options()->get( 'secure_ban_admins_accounts' ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks the integrity of Current User's Capabilities
|
||||
*/
|
||||
add_action( 'um_after_save_registration_details', array( $this, 'secure_user_capabilities' ), 1 );
|
||||
add_action( 'um_after_save_registration_details', array( $this, 'maybe_set_whitelisted_password' ), 2 );
|
||||
if ( is_user_logged_in() && ! current_user_can( 'manage_options' ) ) { // Exclude current Logged-in Administrator from validation checks.
|
||||
add_action( 'um_after_user_updated', array( $this, 'secure_user_capabilities' ), 1 );
|
||||
add_action( 'um_after_user_account_updated', array( $this, 'secure_user_capabilities' ), 1 );
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Add Login notice for Reset Password
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function reset_password_notice() {
|
||||
if ( ! UM()->options()->get( 'display_login_form_notice' ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
// phpcs:disable WordPress.Security.NonceVerification
|
||||
if ( ! isset( $_REQUEST['notice'] ) || 'expired_password' !== $_REQUEST['notice'] ) {
|
||||
return;
|
||||
}
|
||||
// phpcs:enable WordPress.Security.NonceVerification
|
||||
|
||||
echo "<p class='um-notice warning'>";
|
||||
echo wp_kses(
|
||||
sprintf(
|
||||
// translators: One-time change requires you to reset your password
|
||||
__( '<strong>Important:</strong> Your password has expired. This (one-time) change requires you to reset your password. Please <a href="%s">click here</a> to reset your password via Email.', 'ultimate-member' ),
|
||||
um_get_core_page( 'password-reset' )
|
||||
),
|
||||
array(
|
||||
'strong' => array(),
|
||||
'a' => array(
|
||||
'href' => array(),
|
||||
),
|
||||
)
|
||||
);
|
||||
echo '</p>';
|
||||
}
|
||||
|
||||
/**
|
||||
* Add Login notice for Under Maintance
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function under_maintenance_notice() {
|
||||
if ( ! UM()->options()->get( 'lock_register_forms' ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
// phpcs:disable WordPress.Security.NonceVerification
|
||||
if ( ! isset( $_GET['notice'] ) || 'maintenance' !== $_GET['notice'] ) {
|
||||
return;
|
||||
}
|
||||
// phpcs:enable WordPress.Security.NonceVerification
|
||||
|
||||
echo "<p class='um-notice warning'>";
|
||||
echo wp_kses(
|
||||
__( '<strong>Important:</strong> Our website is currently under maintenance. Please check back soon.', 'ultimate-member' ),
|
||||
array(
|
||||
'strong' => array(),
|
||||
'a' => array(
|
||||
'href' => array(),
|
||||
),
|
||||
)
|
||||
);
|
||||
echo '</p>';
|
||||
}
|
||||
|
||||
/**
|
||||
* Block all UM Register form submissions.
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function block_register_forms() {
|
||||
if ( UM()->options()->get( 'lock_register_forms' ) ) {
|
||||
$login_url = add_query_arg( 'notice', 'maintenance', um_get_core_page( 'login' ) );
|
||||
nocache_headers();
|
||||
// Not `um_safe_redirect()` because predefined login page is situated on the same host.
|
||||
wp_safe_redirect( $login_url );
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Validate when user has expired password
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function login_validate_expired_pass() {
|
||||
if ( UM()->options()->get( 'display_login_form_notice' ) ) {
|
||||
$expired_password_reset = get_user_meta( um_user( 'ID' ), 'um_secure_has_reset_password', true );
|
||||
if ( ! $expired_password_reset ) {
|
||||
$login_url = add_query_arg( 'notice', 'expired_password', um_get_core_page( 'login' ) );
|
||||
// Not `um_safe_redirect()` because predefined login page is situated on the same host.
|
||||
wp_safe_redirect( $login_url );
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Prevent users from using Old Passwords on UM Password Reset form.
|
||||
*
|
||||
* @param WP_Error $errors
|
||||
* @param WP_User|WP_Error $user
|
||||
*
|
||||
* @since 2.6.8
|
||||
*/
|
||||
public function avoid_old_password( $errors, $user ) {
|
||||
if ( empty( $_POST['_um_password_change'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification
|
||||
return;
|
||||
}
|
||||
|
||||
if ( ! UM()->options()->get( 'display_login_form_notice' ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
if ( isset( $_REQUEST['user_password'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification
|
||||
$new_user_pass = wp_unslash( $_REQUEST['user_password'] ); // phpcs:ignore WordPress.Security.NonceVerification
|
||||
if ( wp_check_password( $new_user_pass, $user->data->user_pass, $user->ID ) ) {
|
||||
UM()->form()->add_error( 'user_password', __( 'Your new password cannot be same as old password.', 'ultimate-member' ) );
|
||||
$errors->add( 'um_block_old_password', __( 'Your new password cannot be same as old password.', 'ultimate-member' ) );
|
||||
} else {
|
||||
update_user_meta( $user->ID, 'um_secure_has_reset_password', true );
|
||||
update_user_meta( $user->ID, 'um_secure_has_reset_password__timestamp', current_time( 'mysql' ) );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Secure user capabilities and revoke administrative ones.
|
||||
*
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @param int $user_id
|
||||
*/
|
||||
public function secure_user_capabilities( $user_id ) {
|
||||
global $wpdb;
|
||||
$user = get_userdata( $user_id );
|
||||
if ( empty( $user ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Fetch the WP_User object of our user.
|
||||
um_fetch_user( $user_id );
|
||||
$has_admin_cap = false;
|
||||
$arr_banned_caps = UM()->options()->get( 'banned_capabilities' );
|
||||
|
||||
if ( is_array( $arr_banned_caps ) ) {
|
||||
foreach ( $arr_banned_caps as $cap ) {
|
||||
/**
|
||||
* When there's at least one administrator cap added to the user,
|
||||
* immediately revoke caps and mark as rejected.
|
||||
*/
|
||||
if ( $user->has_cap( $cap ) ) {
|
||||
$has_admin_cap = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ( ! $has_admin_cap ) {
|
||||
/**
|
||||
* Double-check if *_user_level has been modified with the highest level
|
||||
* when user has no administrative capabilities.
|
||||
*/
|
||||
$user_level = um_user( $wpdb->get_blog_prefix() . 'user_level' );
|
||||
if ( ! empty( $user_level ) && 10 === absint( $user_level ) ) {
|
||||
$has_admin_cap = true;
|
||||
}
|
||||
}
|
||||
|
||||
if ( ! $has_admin_cap ) {
|
||||
/**
|
||||
* Validate submitted raw data for banned metakeys.
|
||||
*/
|
||||
if ( ! empty( UM()->form()->post_form['submitted'] ) && is_array( UM()->form()->post_form['submitted'] ) ) {
|
||||
foreach ( array_keys( UM()->form()->post_form['submitted'] ) as $submitted_metakey ) {
|
||||
if ( UM()->user()->is_metakey_banned( $submitted_metakey ) ) {
|
||||
$has_admin_cap = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ( $has_admin_cap ) {
|
||||
UM()->common()->secure()->revoke_caps( $user );
|
||||
/**
|
||||
* Notify Administrators Immediately
|
||||
*/
|
||||
if ( UM()->options()->get( 'secure_notify_admins_banned_accounts' ) ) {
|
||||
$interval = UM()->options()->get( 'secure_notify_admins_banned_accounts__interval' );
|
||||
if ( 'instant' === $interval ) {
|
||||
UM()->common()->secure()->send_notification( array( $user_id ) );
|
||||
}
|
||||
}
|
||||
|
||||
// Destroy Sessions & Redirect.
|
||||
wp_destroy_current_session();
|
||||
wp_logout();
|
||||
session_unset();
|
||||
$redirect = apply_filters( 'um_secure_blocked_user_redirect_immediately', true );
|
||||
if ( $redirect ) {
|
||||
$login_url = add_query_arg( 'err', 'inactive', um_get_core_page( 'login' ) );
|
||||
// Not `um_safe_redirect()` because predefined login page is situated on the same host.
|
||||
wp_safe_redirect( $login_url );
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Set meta (no need to reset his password) if the user is a new registered.
|
||||
*
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @param int $user_id
|
||||
*/
|
||||
public function maybe_set_whitelisted_password( $user_id ) {
|
||||
$user = get_userdata( $user_id );
|
||||
if ( empty( $user ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
if ( UM()->options()->get( 'display_login_form_notice' ) ) {
|
||||
update_user_meta( $user_id, 'um_secure_has_reset_password', true );
|
||||
update_user_meta( $user_id, 'um_secure_has_reset_password__timestamp', current_time( 'mysql' ) );
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
+178
-18
@@ -844,8 +844,9 @@ function um_user_submitted_registration_formatted( $style = false ) {
|
||||
function um_user_submited_display( $k, $title, $data = array(), $style = true ) {
|
||||
$output = '';
|
||||
|
||||
if ( 'form_id' == $k && isset( $data['form_id'] ) && ! empty( $data['form_id'] ) ) {
|
||||
$v = sprintf( __( '%s - Form ID#: %s', 'ultimate-member' ), get_the_title( $data['form_id'] ), $data['form_id'] );
|
||||
if ( 'form_id' === $k && ! empty( $data['form_id'] ) ) {
|
||||
// translators: %1$s is a form title; %2$s is a form ID.
|
||||
$v = sprintf( __( '%1$s - Form ID#: %2$s', 'ultimate-member' ), get_the_title( $data['form_id'] ), $data['form_id'] );
|
||||
} else {
|
||||
$v = um_user( $k );
|
||||
}
|
||||
@@ -855,23 +856,22 @@ function um_user_submited_display( $k, $title, $data = array(), $style = true )
|
||||
}
|
||||
|
||||
$fields_without_metakey = UM()->builtin()->get_fields_without_metakey();
|
||||
$type = UM()->fields()->get_field_type( $k );
|
||||
if ( in_array( $type, $fields_without_metakey ) ) {
|
||||
$type = UM()->fields()->get_field_type( $k );
|
||||
if ( in_array( $type, $fields_without_metakey, true ) ) {
|
||||
return '';
|
||||
}
|
||||
|
||||
if ( ! $v ) {
|
||||
if ( $style ) {
|
||||
return "<p><label>$title: </label><span>" . __( '(empty)', 'ultimate-member' ) ."</span></p>";
|
||||
} else {
|
||||
return '';
|
||||
return "<p><label>$title: </label><span>" . esc_html__( '(empty)', 'ultimate-member' ) . '</span></p>';
|
||||
}
|
||||
return '';
|
||||
}
|
||||
|
||||
if ( $type == 'image' || $type == 'file' ) {
|
||||
if ( in_array( $type, array( 'image', 'file' ), true ) ) {
|
||||
$file = basename( $v );
|
||||
|
||||
$filedata = get_user_meta( um_user( 'ID' ), $k . "_metadata", true );
|
||||
$filedata = get_user_meta( um_user( 'ID' ), $k . '_metadata', true );
|
||||
|
||||
$baseurl = UM()->uploader()->get_upload_base_url();
|
||||
if ( ! file_exists( UM()->uploader()->get_upload_base_dir() . um_user( 'ID' ) . DIRECTORY_SEPARATOR . $file ) ) {
|
||||
@@ -888,14 +888,38 @@ function um_user_submited_display( $k, $title, $data = array(), $style = true )
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Filters submitted data info before displaying in modal window or submit to admin email.
|
||||
*
|
||||
* @param {string|array} $value Submitted value.
|
||||
* @param {string} $k Submitted data metakey.
|
||||
* @param {array} $data Submitted data
|
||||
* @param {bool} $style If styled echo
|
||||
*
|
||||
* @return {string|array} Is allowed verify.
|
||||
*
|
||||
* @since 2.6.8
|
||||
* @hook um_submitted_data_value
|
||||
*
|
||||
* @example <caption>Change submitted data info before echo.</caption>
|
||||
* function my_um_submitted_data_value ( $value, $metakey, $data, $style ) {
|
||||
* if ( 'some_metakey' === $metakey ) {
|
||||
* $value = 'new_value';
|
||||
* }
|
||||
* return $value;
|
||||
* }
|
||||
* add_filter( 'um_submitted_data_value', 'my_um_submitted_data_value', 10, 4 );
|
||||
*/
|
||||
$v = apply_filters( 'um_submitted_data_value', $v, $k, $data, $style );
|
||||
|
||||
if ( is_array( $v ) ) {
|
||||
$v = implode( ',', $v );
|
||||
}
|
||||
|
||||
if ( $k == 'timestamp' ) {
|
||||
$v = date( "d M Y H:i", $v );
|
||||
} elseif ( $k == 'use_gdpr_agreement' ) {
|
||||
$v = date( "d M Y H:i", $v );
|
||||
if ( 'timestamp' === $k ) {
|
||||
$v = wp_date( get_option( 'date_format', 'Y-m-d' ) . ' ' . get_option( 'time_format', 'H:i:s' ), $v );
|
||||
} elseif ( 'use_gdpr_agreement' === $k ) {
|
||||
$v = wp_date( get_option( 'date_format', 'Y-m-d' ) . ' ' . get_option( 'time_format', 'H:i:s' ), $v );
|
||||
}
|
||||
|
||||
if ( $style ) {
|
||||
@@ -1685,6 +1709,26 @@ function um_edit_profile_url( $user_id = null ) {
|
||||
$url = remove_query_arg( 'subnav', $url );
|
||||
$url = add_query_arg( 'um_action', 'edit', $url );
|
||||
|
||||
/**
|
||||
* Filters change edit profile URL.
|
||||
*
|
||||
* @param {string} $url Edit profile URL.
|
||||
* @param {int} $user_id User ID.
|
||||
*
|
||||
* @return {string} Edit profile URL.
|
||||
*
|
||||
* @since 2.6.8
|
||||
* @hook um_edit_profile_url
|
||||
*
|
||||
* @example <caption>Add/remove your custom $_GET attribute to all links.</caption>
|
||||
* function my_um_edit_profile_url( $url, $user_id ) {
|
||||
* $url = add_query_arg( '{attr_value}', '{attr_key}', $url ); // replace to your custom value and key.
|
||||
* return $url;
|
||||
* }
|
||||
* add_filter( 'um_edit_profile_url', 'my_um_edit_profile_url', 10, 2 );
|
||||
*/
|
||||
$url = apply_filters( 'um_edit_profile_url', $url, $user_id );
|
||||
|
||||
return $url;
|
||||
}
|
||||
|
||||
@@ -2619,9 +2663,13 @@ function um_force_utf8_string( $value ) {
|
||||
if ( is_array( $value ) ) {
|
||||
$arr_value = array();
|
||||
foreach ( $value as $key => $v ) {
|
||||
if ( ! function_exists( 'utf8_decode' ) ) {
|
||||
continue;
|
||||
}
|
||||
|
||||
$utf8_decoded_value = utf8_decode( $v );
|
||||
|
||||
if ( mb_check_encoding( $utf8_decoded_value, 'UTF-8' ) ) {
|
||||
if ( function_exists( 'mb_check_encoding' ) && mb_check_encoding( $utf8_decoded_value, 'UTF-8' ) ) {
|
||||
array_push( $arr_value, $utf8_decoded_value );
|
||||
} else {
|
||||
array_push( $arr_value, $v );
|
||||
@@ -2631,11 +2679,12 @@ function um_force_utf8_string( $value ) {
|
||||
|
||||
return $arr_value;
|
||||
} else {
|
||||
if ( function_exists( 'utf8_decode' ) ) {
|
||||
$utf8_decoded_value = utf8_decode( $value );
|
||||
|
||||
$utf8_decoded_value = utf8_decode( $value );
|
||||
|
||||
if (mb_check_encoding( $utf8_decoded_value, 'UTF-8' )) {
|
||||
return $utf8_decoded_value;
|
||||
if ( function_exists( 'mb_check_encoding' ) && mb_check_encoding( $utf8_decoded_value, 'UTF-8' ) ) {
|
||||
return $utf8_decoded_value;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2792,3 +2841,114 @@ function um_is_amp( $check_theme_support = true ) {
|
||||
|
||||
return apply_filters( 'um_is_amp', $is_amp );
|
||||
}
|
||||
|
||||
/**
|
||||
* UM safe redirect. By default, you can be redirected only to WordPress installation Home URL. Fallback URL is wp-admin URL.
|
||||
* But it can be changed through filters and extended by UM Setting "Allowed hosts for safe redirect (one host per line)" and filter `um_wp_safe_redirect_fallback`.
|
||||
*
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @param string $url redirect URL.
|
||||
*/
|
||||
function um_safe_redirect( $url ) {
|
||||
add_filter( 'allowed_redirect_hosts', 'um_allowed_redirect_hosts' );
|
||||
add_filter( 'wp_safe_redirect_fallback', 'um_wp_safe_redirect_fallback', 10, 2 );
|
||||
|
||||
wp_safe_redirect( $url );
|
||||
exit;
|
||||
}
|
||||
|
||||
/**
|
||||
* UM allowed hosts
|
||||
*
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @param array $hosts Allowed hosts.
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
function um_allowed_redirect_hosts( $hosts ) {
|
||||
$secure_hosts = UM()->options()->get( 'secure_allowed_redirect_hosts' );
|
||||
$secure_hosts = explode( "\n", $secure_hosts );
|
||||
$secure_hosts = array_unique( $secure_hosts );
|
||||
|
||||
$additional_hosts = array();
|
||||
foreach ( $secure_hosts as $host ) {
|
||||
if ( '' !== trim( $host ) ) {
|
||||
$host = trim( $host );
|
||||
$host = str_replace( array( 'http://', 'https://' ), '', $host );
|
||||
$host = trim( $host, '/' );
|
||||
$host = strtolower( $host );
|
||||
|
||||
if ( ! in_array( $host, $additional_hosts, true ) ) {
|
||||
$additional_hosts[] = $host;
|
||||
}
|
||||
|
||||
if ( strpos( $host, 'www.' ) !== false ) {
|
||||
$strip_www = str_replace( 'www.', '', $host );
|
||||
if ( ! in_array( $strip_www, $additional_hosts, true ) ) {
|
||||
$additional_hosts[] = $strip_www;
|
||||
}
|
||||
} else {
|
||||
$added_www = 'www.' . $host;
|
||||
if ( ! in_array( $added_www, $additional_hosts, true ) ) {
|
||||
$additional_hosts[] = $added_www;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
/**
|
||||
* Filters change allowed hosts. When `wp_safe_redirect()` function is used for the Ultimate Member frontend redirects.
|
||||
*
|
||||
* @since 2.6.8
|
||||
* @hook um_allowed_redirect_hosts
|
||||
*
|
||||
* @param {array} $additional_hosts Allowed hosts.
|
||||
* @param {array} $hosts Default hosts.
|
||||
*
|
||||
* @return {array} Allowed hosts.
|
||||
*
|
||||
* @example <caption>Change allowed hosts.</caption>
|
||||
* function my_um_allowed_redirect_hosts( $additional_hosts, $hosts ) {
|
||||
* // your code here
|
||||
* return $allowed_hosts;
|
||||
* }
|
||||
* add_filter( 'um_allowed_redirect_hosts', 'my_um_allowed_redirect_hosts', 10, 2 );
|
||||
*/
|
||||
$additional_hosts = apply_filters( 'um_allowed_redirect_hosts', $additional_hosts, $hosts );
|
||||
return array_merge( $hosts, $additional_hosts );
|
||||
}
|
||||
|
||||
/**
|
||||
* UM fallback redirect URL
|
||||
*
|
||||
* @since 2.6.8
|
||||
*
|
||||
* @param string $url Fallback URL.
|
||||
* @param string $status Redirect status.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
function um_wp_safe_redirect_fallback( $url, $status ) {
|
||||
/**
|
||||
* Filters change fallback URL. When `wp_safe_redirect()` function is used for the Ultimate Member frontend redirects.
|
||||
* It's `home_url()` by default.
|
||||
*
|
||||
* @since 2.6.8
|
||||
* @hook um_wp_safe_redirect_fallback
|
||||
*
|
||||
* @param {string} $url UM Fallback URL.
|
||||
* @param {string} $default_fallback Default fallback URL.
|
||||
* @param {string} $status Redirect status.
|
||||
*
|
||||
* @return {string} Fallback URL.
|
||||
*
|
||||
* @example <caption>Change fallback URL.</caption>
|
||||
* function my_um_wp_safe_redirect_fallback( $url, $status ) {
|
||||
* // your code here
|
||||
* return $url;
|
||||
* }
|
||||
* add_filter( 'um_wp_safe_redirect_fallback', 'my_um_wp_safe_redirect_fallback', 10, 2 );
|
||||
*/
|
||||
return apply_filters( 'um_wp_safe_redirect_fallback', home_url( '/' ), $url, $status );
|
||||
}
|
||||
|
||||
+1137
-597
File diff suppressed because it is too large
Load Diff
+41
-1
@@ -7,7 +7,7 @@ Tags: community, member, membership, user-profile, user-registration
|
||||
Requires PHP: 5.6
|
||||
Requires at least: 5.5
|
||||
Tested up to: 6.2
|
||||
Stable tag: 2.6.7
|
||||
Stable tag: 2.6.8
|
||||
License: GNU Version 2 or Any Later Version
|
||||
License URI: http://www.gnu.org/licenses/gpl-3.0.txt
|
||||
|
||||
@@ -141,6 +141,10 @@ The plugin does not restrict access to the wp-login.php page when active, so tha
|
||||
|
||||
No, you do not need to use our plugin’s login or registration pages and can use another plugin or the default WordPress methods for user registration and login.
|
||||
|
||||
= Are additional PHP modules necessary for the plugin to work correctly? =
|
||||
|
||||
No specific extensions are needed. But we highly recommended keep active these PHP modules: `mbstring`, `json`, `dom`, `exif`, `gd`, `fileinfo`, `curl`, `iconv`. wp-admin > Tools > Site Health page has a summary about your installation and required modules. All major extensions are listed [here](https://make.wordpress.org/hosting/handbook/server-environment/#php-extensions).
|
||||
|
||||
== Screenshots ==
|
||||
|
||||
1. Screenshot 1
|
||||
@@ -162,6 +166,42 @@ No, you do not need to use our plugin’s login or registration pages and can us
|
||||
|
||||
IMPORTANT: PLEASE UPDATE THE PLUGIN TO AT LEAST VERSION 2.6.7 IMMEDIATELY. VERSION 2.6.7 PATCHES SECURITY PRIVILEGE ESCALATION VULNERABILITY. PLEASE SEE [THIS ARTICLE](https://docs.ultimatemember.com/article/1866-security-incident-update-and-recommended-actions) FOR MORE INFORMATION
|
||||
|
||||
= 2.6.8: July 19, 2023 =
|
||||
|
||||
* Enhancements:
|
||||
|
||||
- Added: Secure settings. [Read more](https://docs.ultimatemember.com/article/1869-security-feature)
|
||||
- Added: Admin notices about possible security issues. For example, regarding the roles with which the user can register on the site
|
||||
- Added: `um_edit_profile_url` hook for force changing user profile edit URL
|
||||
- Added: Additional hook attributes to 'um_reset_password_errors_hook' and 'um_reset_password_process_hook'
|
||||
- Added: $form_data attribute to 'um_before_save_registration_details' hook
|
||||
- Added: `um_safe_redirect()` function for handle `wp_safe_redirect()` function with new the "Allowed hosts for safe redirect" setting
|
||||
- Updated: [Hooks Documentation v2](https://ultimatemember.github.io/ultimatemember/hooks/)
|
||||
|
||||
* Bugfixes:
|
||||
|
||||
- Fixed: Updating user description if there isn't custom field on profile form, but field is displayed on profile top
|
||||
- Fixed: Delete Row and Sub-Row actions in UM Form Builder. Avoid cases when fields from rows and sub-rows are still in form after delete their parents rows
|
||||
- Fixed: Ultimate Member WP Cron schedule events starting time. Daily event starts since 12:00AM for now. The similar for weekly and twice-daily events
|
||||
- Fixed: Custom sorting label issue on the Member Directory header
|
||||
- Fixed: Disabled not-editable fields on UM Forms
|
||||
- Fixed: Disabled fields attribute on UM Forms
|
||||
- Fixed: Registration with empty role. Set default if role fields on the form are empty when form is submitted
|
||||
- Fixed: Admin notices after UM actions has unique key with 'um_' prefix for now
|
||||
- Fixed: Escaping form errors. It used `esc_html()` but now there is `wp_kses()`
|
||||
- Fixed: Stop render 2 similar shortcodes on the same page (e.g. 2 login forms with the same `form_id`). To return back use [`um_ultimatemember_shortcode_disable_singleton`](https://ultimatemember.github.io/ultimatemember/hooks/um_ultimatemember_shortcode_disable_singleton.html) hook
|
||||
- Fixed: Stop render Ultimate Member forms (Login, Profile, Registration, Member Directory) on the predefined Account page
|
||||
- Fixed: Using blocks with Ultimate Member shortcodes on the predefined Ultimate Member pages
|
||||
- Fixed: Using some specific functions which cannot exist if PHP modules are disabled
|
||||
|
||||
* Deprecated:
|
||||
|
||||
- Deprecated: Unnecessary `um_multiselect_option_value` hook
|
||||
|
||||
* Templates required update:
|
||||
|
||||
- members.php
|
||||
|
||||
= 2.6.7: July 1, 2023 =
|
||||
|
||||
* Bugfixes:
|
||||
|
||||
@@ -0,0 +1,36 @@
|
||||
<?php
|
||||
/**
|
||||
* Template for the "Secure: Suspicious Account Activity".
|
||||
* Whether to receive notification when suspicious account activity is detected.
|
||||
*
|
||||
* This template can be overridden by copying it to {your-theme}/ultimate-member/email/suspicious-activity.php
|
||||
*
|
||||
* @version 2.6.8
|
||||
*/
|
||||
if ( ! defined( 'ABSPATH' ) ) {
|
||||
exit;
|
||||
}
|
||||
?>
|
||||
<div style="max-width: 560px;padding: 20px;background: #ffffff;border-radius: 5px;margin:40px auto;font-family: Open Sans,Helvetica,Arial;font-size: 15px;color: #666;">
|
||||
|
||||
<div style="color: #444444;font-weight: normal;">
|
||||
<div style="text-align: center;font-weight:600;font-size:26px;padding: 10px 0;border-bottom: solid 3px #eeeeee;">{site_name}</div>
|
||||
|
||||
<div style="clear:both"></div>
|
||||
</div>
|
||||
|
||||
<div style="padding: 0 30px 30px 30px;border-bottom: 3px solid #eeeeee;">
|
||||
|
||||
<div style="padding: 30px 0;font-size: 14px;">This is to inform you that there are suspicious activities with the following account(s):</div>
|
||||
<div style="padding: 30px 0;font-size: 14px;">{banned_profile_links}</div>
|
||||
<div style="padding: 30px 0;font-size: 14px;">Due to that we have set each account(s) status to rejected or deactivated, revoked roles & destroyed the login session.</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div style="color: #999;padding: 20px 30px">
|
||||
|
||||
<div style="">- Sent via Ultimate Member plugin.</div>
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
+50
-38
@@ -6,7 +6,7 @@
|
||||
*
|
||||
* Page: "Members"
|
||||
*
|
||||
* @version 2.6.3
|
||||
* @version 2.6.8
|
||||
*
|
||||
* @var array $args
|
||||
*/
|
||||
@@ -64,11 +64,11 @@ if ( count( $args['view_types'] ) == 1 ) {
|
||||
|
||||
// Sorting
|
||||
$default_sorting = ! empty( $args['sortby'] ) ? $args['sortby'] : 'user_registered_desc';
|
||||
if ( $default_sorting == 'other' && ! empty( $args['sortby_custom'] ) ) {
|
||||
if ( 'other' === $default_sorting && ! empty( $args['sortby_custom'] ) ) {
|
||||
$default_sorting = $args['sortby_custom'];
|
||||
}
|
||||
|
||||
$sort_from_url = '';
|
||||
$sort_from_url = '';
|
||||
$custom_sorting_titles = array();
|
||||
if ( ! empty( $args['enable_sorting'] ) ) {
|
||||
$sorting_options = empty( $args['sorting_fields'] ) ? array() : $args['sorting_fields'];
|
||||
@@ -77,10 +77,10 @@ if ( ! empty( $args['enable_sorting'] ) ) {
|
||||
if ( ! empty( $sorting_options ) ) {
|
||||
foreach ( $sorting_options as $option ) {
|
||||
if ( is_array( $option ) ) {
|
||||
$option_keys = array_keys( $option );
|
||||
$option_keys = array_keys( $option );
|
||||
$sorting_options_prepared[] = $option_keys[0];
|
||||
|
||||
$custom_sorting_titles[ $option_keys[0] ] = $option[ $option_keys[0] ];
|
||||
$custom_sorting_titles[ $option_keys[0] ] = ! empty( $option['label'] ) ? $option['label'] : $option[ $option_keys[0] ];
|
||||
} else {
|
||||
$sorting_options_prepared[] = $option;
|
||||
}
|
||||
@@ -89,17 +89,17 @@ if ( ! empty( $args['enable_sorting'] ) ) {
|
||||
|
||||
$all_sorting_options = UM()->member_directory()->sort_fields;
|
||||
|
||||
if ( ! in_array( $default_sorting, $sorting_options_prepared ) ) {
|
||||
if ( ! in_array( $default_sorting, $sorting_options_prepared, true ) ) {
|
||||
$sorting_options_prepared[] = $default_sorting;
|
||||
|
||||
$label = $default_sorting;
|
||||
if ( ! empty( $args['sortby_custom_label'] ) && 'other' == $args['sortby'] ) {
|
||||
if ( ! empty( $args['sortby_custom_label'] ) && 'other' === $args['sortby'] ) {
|
||||
$label = $args['sortby_custom_label'];
|
||||
} elseif ( ! empty( $all_sorting_options[ $default_sorting ] ) ) {
|
||||
$label = $all_sorting_options[ $default_sorting ];
|
||||
}
|
||||
|
||||
$label = ( $label == 'random' ) ? __( 'Random', 'ultimate-member' ) : $label;
|
||||
$label = ( 'random' === $label ) ? __( 'Random', 'ultimate-member' ) : $label;
|
||||
|
||||
$custom_sorting_titles[ $default_sorting ] = $label;
|
||||
}
|
||||
@@ -109,32 +109,34 @@ if ( ! empty( $args['enable_sorting'] ) ) {
|
||||
}
|
||||
|
||||
$sorting_options = apply_filters( 'um_member_directory_pre_display_sorting', $sorting_options, $args );
|
||||
$sort_from_url = ( ! empty( $_GET[ 'sort_' . $unique_hash ] ) && in_array( sanitize_text_field( $_GET[ 'sort_' . $unique_hash ] ), array_keys( $sorting_options ) ) ) ? sanitize_text_field( $_GET[ 'sort_' . $unique_hash ] ) : $default_sorting;
|
||||
$sort_from_url = ( ! empty( $_GET[ 'sort_' . $unique_hash ] ) && in_array( sanitize_text_field( $_GET[ 'sort_' . $unique_hash ] ), array_keys( $sorting_options ) ) ) ? sanitize_text_field( $_GET[ 'sort_' . $unique_hash ] ) : $default_sorting;
|
||||
}
|
||||
|
||||
$current_page = ( ! empty( $_GET[ 'page_' . $unique_hash ] ) && is_numeric( $_GET[ 'page_' . $unique_hash ] ) ) ? absint( $_GET[ 'page_' . $unique_hash ] ) : 1;
|
||||
|
||||
//Search
|
||||
$search = isset( $args['search'] ) ? $args['search'] : false;
|
||||
$search = isset( $args['search'] ) ? $args['search'] : false;
|
||||
$show_search = empty( $args['roles_can_search'] ) || ( ! empty( $priority_user_role ) && in_array( $priority_user_role, $args['roles_can_search'] ) );
|
||||
$search_from_url = '';
|
||||
if ( $search && $show_search ) {
|
||||
$search_from_url = ! empty( $_GET[ 'search_' . $unique_hash ] ) ? stripslashes( sanitize_text_field( $_GET[ 'search_' . $unique_hash ] ) ) : '';
|
||||
}
|
||||
|
||||
|
||||
//Filters
|
||||
$filters = isset( $args['filters'] ) ? $args['filters'] : false;
|
||||
$show_filters = empty( $args['roles_can_filter'] ) || ( ! empty( $priority_user_role ) && in_array( $priority_user_role, $args['roles_can_filter'] ) );
|
||||
$filters = isset( $args['filters'] ) ? $args['filters'] : false;
|
||||
$show_filters = empty( $args['roles_can_filter'] ) || ( ! empty( $priority_user_role ) && in_array( $priority_user_role, $args['roles_can_filter'] ) );
|
||||
$search_filters = array();
|
||||
if ( isset( $args['search_fields'] ) ) {
|
||||
$search_filters = apply_filters( 'um_frontend_member_search_filters', array_unique( array_filter( $args['search_fields'] ) ) );
|
||||
}
|
||||
|
||||
if ( ! empty( $search_filters ) ) {
|
||||
$search_filters = array_filter( $search_filters, function( $item ) {
|
||||
return in_array( $item, array_keys( UM()->member_directory()->filter_fields ) );
|
||||
});
|
||||
$search_filters = array_filter(
|
||||
$search_filters,
|
||||
function( $item ) {
|
||||
return array_key_exists( $item, UM()->member_directory()->filter_fields );
|
||||
}
|
||||
);
|
||||
|
||||
$search_filters = array_values( $search_filters );
|
||||
}
|
||||
@@ -236,7 +238,7 @@ $postid = ! empty( $post->ID ) ? $post->ID : '';
|
||||
?>
|
||||
|
||||
<div class="um <?php echo esc_attr( $this->get_class( $mode ) ); ?> um-<?php echo esc_attr( substr( md5( $form_id ), 10, 5 ) ); ?>"
|
||||
data-hash="<?php echo esc_attr( substr( md5( $form_id ), 10, 5 ) ) ?>" data-base-post="<?php echo esc_attr( $postid ) ?>"
|
||||
data-hash="<?php echo esc_attr( substr( md5( $form_id ), 10, 5 ) ) ?>" data-base-post="<?php echo esc_attr( $postid ) ?>"
|
||||
data-must-search="<?php echo esc_attr( $must_search ); ?>" data-searched="<?php echo $not_searched ? '0' : '1'; ?>"
|
||||
data-view_type="<?php echo esc_attr( $current_view ) ?>" data-page="<?php echo esc_attr( $current_page ) ?>"
|
||||
data-sorting="<?php echo esc_attr( $sort_from_url ) ?>">
|
||||
@@ -256,37 +258,47 @@ $postid = ! empty( $post->ID ) ? $post->ID : '';
|
||||
<input type="button" class="um-do-search um-button" value="<?php esc_attr_e( 'Search', 'ultimate-member' ); ?>" />
|
||||
</div>
|
||||
</div>
|
||||
<?php }
|
||||
<?php
|
||||
}
|
||||
|
||||
if ( ( ! empty( $args['enable_sorting'] ) && ! empty( $sorting_options ) && count( $sorting_options ) > 1 ) ||
|
||||
( $filters && $show_filters && count( $search_filters ) ) ||
|
||||
! $single_view ) { ?>
|
||||
( $filters && $show_filters && count( $search_filters ) ) ||
|
||||
! $single_view ) {
|
||||
?>
|
||||
<div class="um-member-directory-header-row">
|
||||
<div class="um-member-directory-nav-line">
|
||||
<?php if ( ! $single_view ) {
|
||||
<?php
|
||||
if ( ! $single_view ) {
|
||||
$view_types = 0;
|
||||
|
||||
foreach ( UM()->member_directory()->view_types as $key => $value ) {
|
||||
if ( in_array( $key, $args['view_types'] ) ) {
|
||||
if ( empty( $view_types ) ) { ?>
|
||||
<span class="um-member-directory-view-type<?php if ( $not_searched ) {?> um-disabled<?php } ?>">
|
||||
<?php }
|
||||
|
||||
$view_types++; ?>
|
||||
if ( in_array( $key, $args['view_types'], true ) ) {
|
||||
if ( empty( $view_types ) ) {
|
||||
?>
|
||||
<span class="um-member-directory-view-type<?php if ( $not_searched ) { ?> um-disabled<?php } ?>">
|
||||
<?php
|
||||
}
|
||||
// translators: %s: title.
|
||||
$data_title = sprintf( __( 'Change to %s', 'ultimate-member' ), $value['title'] );
|
||||
$view_types++;
|
||||
?>
|
||||
|
||||
<a href="javascript:void(0)"
|
||||
class="um-member-directory-view-type-a<?php if ( ! $not_searched ) {?> um-tip-n<?php } ?>"
|
||||
data-type="<?php echo $key; ?>"
|
||||
data-default="<?php echo ( $default_view == $key ) ? 1 : 0; ?>"
|
||||
title="<?php printf( esc_attr__( 'Change to %s', 'ultimate-member' ), $value['title'] ) ?>"
|
||||
default-title="<?php echo esc_attr( $value['title'] ); ?>"
|
||||
next-item="" ><i class="<?php echo $value['icon']; ?>"></i></a>
|
||||
<?php }
|
||||
class="um-member-directory-view-type-a<?php if ( ! $not_searched ) { ?> um-tip-n<?php } ?>"
|
||||
data-type="<?php echo esc_attr( $key ); ?>"
|
||||
data-default="<?php echo ( $default_view === $key ) ? 1 : 0; ?>"
|
||||
title="<?php echo esc_attr( $data_title ); ?>"
|
||||
default-title="<?php echo esc_attr( $value['title'] ); ?>"
|
||||
next-item="" ><i class="<?php echo esc_attr( $value['icon'] ); ?>"></i></a>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
|
||||
if ( ! empty( $view_types ) ) { ?>
|
||||
if ( ! empty( $view_types ) ) {
|
||||
?>
|
||||
</span>
|
||||
<?php }
|
||||
<?php
|
||||
}
|
||||
}
|
||||
|
||||
if ( ! empty( $args['enable_sorting'] ) && ! empty( $sorting_options ) && count( $sorting_options ) > 1 ) { ?>
|
||||
@@ -336,8 +348,8 @@ $postid = ! empty( $post->ID ) ? $post->ID : '';
|
||||
<strong>{{{filter.label}}}</strong>: {{{filter.value_label}}}
|
||||
<# } #>
|
||||
<div class="um-members-filter-remove um-tip-n" data-name="{{{filter.name}}}"
|
||||
data-value="{{{filter.value}}}" data-range="{{{filter.range}}}"
|
||||
data-type="{{{filter.type}}}" title="<?php esc_attr_e( 'Remove filter', 'ultimate-member' ) ?>">×</div>
|
||||
data-value="{{{filter.value}}}" data-range="{{{filter.range}}}"
|
||||
data-type="{{{filter.type}}}" title="<?php esc_attr_e( 'Remove filter', 'ultimate-member' ) ?>">×</div>
|
||||
</div>
|
||||
<# }); #>
|
||||
<# } #>
|
||||
|
||||
@@ -25,6 +25,11 @@ $link = apply_filters( 'um_user_profile_comment_url', get_permalink( $comment->c
|
||||
</a>
|
||||
</div>
|
||||
<div class="um-item-meta">
|
||||
<span><?php printf( __( 'On <a href="%1$s">%2$s</a>','ultimate-member' ), $link, $comment_title ); ?></span>
|
||||
<span>
|
||||
<?php
|
||||
// translators: %1$s is a link; %2$s is a title.
|
||||
printf( __( 'On <a href="%1$s">%2$s</a>','ultimate-member' ), $link, $comment_title );
|
||||
?>
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -34,7 +34,10 @@ if ( ! defined( 'ABSPATH' ) ) {
|
||||
|
||||
<div class="um-item-meta">
|
||||
<span>
|
||||
<?php printf( __( '%s ago', 'ultimate-member' ), human_time_diff( get_the_time( 'U', $post->ID ), current_time( 'timestamp' ) ) ); ?>
|
||||
<?php
|
||||
// translators: %s: years.
|
||||
printf( __( '%s ago', 'ultimate-member' ), human_time_diff( get_the_time( 'U', $post->ID ), current_time( 'timestamp' ) ) );
|
||||
?>
|
||||
</span>
|
||||
<span>
|
||||
<?php _e( 'in', 'ultimate-member' ); ?>: <?php the_category( ', ', '', $post->ID ); ?>
|
||||
@@ -45,6 +48,7 @@ if ( ! defined( 'ABSPATH' ) ) {
|
||||
if ( $num_comments == 0 ) {
|
||||
$comments = __( 'no comments', 'ultimate-member' );
|
||||
} elseif ( $num_comments > 1 ) {
|
||||
// translators: %s: coments number.
|
||||
$comments = sprintf( __( '%s comments', 'ultimate-member' ), $num_comments );
|
||||
} else {
|
||||
$comments = __( '1 comment', 'ultimate-member' );
|
||||
|
||||
+1
-1
@@ -3,7 +3,7 @@
|
||||
Plugin Name: Ultimate Member
|
||||
Plugin URI: http://ultimatemember.com/
|
||||
Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress
|
||||
Version: 2.6.7
|
||||
Version: 2.6.8
|
||||
Author: Ultimate Member
|
||||
Author URI: http://ultimatemember.com/
|
||||
Text Domain: ultimate-member
|
||||
|
||||
Reference in New Issue
Block a user