From be70ef5a66766b72c861db42145e371c9264466b Mon Sep 17 00:00:00 2001 From: ashubawork Date: Thu, 22 Jun 2023 10:21:49 +0300 Subject: [PATCH 01/37] - fix um_profile_content_main() --- includes/core/um-actions-profile.php | 176 +++++++++++---------------- 1 file changed, 72 insertions(+), 104 deletions(-) diff --git a/includes/core/um-actions-profile.php b/includes/core/um-actions-profile.php index f5cd85a0..999bb157 100644 --- a/includes/core/um-actions-profile.php +++ b/includes/core/um-actions-profile.php @@ -1,4 +1,6 @@ -options()->get( 'profile_tab_main' ) && ! isset( $_REQUEST['um_action'] ) ) { + if ( ! UM()->options()->get( 'profile_tab_main' ) && ! isset( $_REQUEST['um_action'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification return; } /** - * UM hook + * Filters check user can view profile * - * @type filter - * @title um_profile_can_view_main - * @description Check user can view profile - * @input_vars - * [{"var":"$view","type":"bool","desc":"Can view?"}, - * {"var":"$user_id","type":"int","desc":"User profile ID"}] - * @change_log - * ["Since: 2.0"] - * @usage - * - * @example - * Can view profile. + * function my_profile_can_view_main( $can_view, $user_id ) { * // your code here - * return $view; + * return $can_view; * } - * ?> + * add_filter( 'um_profile_can_view_main', 'my_profile_can_view_main', 10, 2 ); */ $can_view = apply_filters( 'um_profile_can_view_main', -1, um_profile_id() ); - if ( $can_view == -1 ) { + if ( -1 === (int) $can_view ) { /** - * UM hook + * Fires before form. * - * @type action - * @title um_before_form - * @description Some actions before profile form - * @input_vars - * [{"var":"$args","type":"array","desc":"Profile form shortcode arguments"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_before_form', 'function_name', 10, 1 ); - * @example - * Make any custom action before form. * function my_before_form( $args ) { * // your code here * } - * ?> + * add_action( 'um_before_form', 'my_before_form', 10, 1 ); */ do_action( 'um_before_form', $args ); /** - * UM hook + * Fires before profile form fields. * - * @type action - * @title um_before_{$mode}_fields - * @description Some actions before profile form fields - * @input_vars - * [{"var":"$args","type":"array","desc":"{Profile} form shortcode arguments"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_before_{$mode}_fields', 'function_name', 10, 1 ); - * @example - * Make any custom action before fields. + * function my_before_fields( $args ) { * // your code here * } - * ?> + * add_action( 'um_before_{$mode}_fields', 'my_before_fields', 10, 1 ); */ do_action( "um_before_{$mode}_fields", $args ); /** - * UM hook + * Fires before login form fields. * - * @type action - * @title um_main_{$mode}_fields - * @description Some actions before login form fields - * @input_vars - * [{"var":"$args","type":"array","desc":"Login form shortcode arguments"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_before_{$mode}_fields', 'function_name', 10, 1 ); - * @example - * Make any custom action before login form fields. * function my_before_form( $args ) { * // your code here * } - * ?> + * add_action( 'um_main_{$mode}_fields', 'my_before_form', 10, 1 ); */ do_action( "um_main_{$mode}_fields", $args ); /** - * UM hook + * Fires after login form fields. * - * @type action - * @title um_after_form_fields - * @description Some actions after login form fields - * @input_vars - * [{"var":"$args","type":"array","desc":"Login form shortcode arguments"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_after_form_fields', 'function_name', 10, 1 ); - * @example - * Make any custom action after login form fields. * function my_after_form_fields( $args ) { * // your code here * } - * ?> + * add_action( 'um_after_form_fields', 'my_after_form_fields', 10, 1 ); */ do_action( 'um_after_form_fields', $args ); /** - * UM hook + * Fires after profile form fields. * - * @type action - * @title um_after_{$mode}_fields - * @description Some actions after profile form fields - * @input_vars - * [{"var":"$args","type":"array","desc":"Profile form shortcode arguments"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_after_{$mode}_fields', 'function_name', 10, 1 ); - * @example - * Make any custom action after profile form fields. * function my_after_form_fields( $args ) { * // your code here * } - * ?> + * add_action( 'um_after_{$mode}_fields', 'my_after_form_fields', 10, 1 ); */ do_action( "um_after_{$mode}_fields", $args ); /** - * UM hook + * Fires after profile form fields. * - * @type action - * @title um_after_form - * @description Some actions after profile form fields - * @input_vars - * [{"var":"$args","type":"array","desc":"Profile form shortcode arguments"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_after_form', 'function_name', 10, 1 ); - * @example - * Make any custom action after profile form fields. * function my_after_form( $args ) { * // your code here * } - * ?> + * add_action( 'my_after_form', 'my_after_form', 10, 1 ); */ do_action( 'um_after_form', $args ); @@ -173,7 +141,7 @@ function um_profile_content_main( $args ) {
- +
Date: Thu, 22 Jun 2023 10:47:03 +0300 Subject: [PATCH 02/37] - fix um_user_login() --- includes/core/um-actions-login.php | 55 ++++++++++++------------------ 1 file changed, 22 insertions(+), 33 deletions(-) diff --git a/includes/core/um-actions-login.php b/includes/core/um-actions-login.php index 3c4ae9b7..eeb48526 100644 --- a/includes/core/um-actions-login.php +++ b/includes/core/um-actions-login.php @@ -197,39 +197,32 @@ add_action( 'wp_login', 'um_store_lastlogin_timestamp_' ); * @param array $args */ function um_user_login( $args ) { - extract( $args ); + $rememberme = ( isset( $args['rememberme'] ) && 1 === (int) $args['rememberme'] && isset( $_REQUEST['rememberme'] ) ) ? 1 : 0; // phpcs:ignore WordPress.Security.NonceVerification - $rememberme = ( isset( $args['rememberme'] ) && 1 == $args['rememberme'] && isset( $_REQUEST['rememberme'] ) ) ? 1 : 0; - - if ( ( UM()->options()->get( 'deny_admin_frontend_login' ) && ! isset( $_GET['provider'] ) ) && strrpos( um_user('wp_roles' ), 'administrator' ) !== false ) { + if ( ( UM()->options()->get( 'deny_admin_frontend_login' ) && ! isset( $_GET['provider'] ) ) && strrpos( um_user( 'wp_roles' ), 'administrator' ) !== false ) { // phpcs:ignore WordPress.Security.NonceVerification wp_die( esc_html__( 'This action has been prevented for security measures.', 'ultimate-member' ) ); } UM()->user()->auto_login( um_user( 'ID' ), $rememberme ); /** - * UM hook + * Fires after successful login and before user is redirected. * - * @type action - * @title um_on_login_before_redirect - * @description Hook that runs after successful login and before user is redirected - * @input_vars - * [{"var":"$user_id","type":"int","desc":"User ID"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_on_login_before_redirect', 'function_name', 10, 1 ); - * @example - * Make any custom action after successful login and before user is redirected. * function my_on_login_before_redirect( $user_id ) { * // your code here * } - * ?> + * add_action( 'um_on_login_before_redirect', 'my_on_login_before_redirect', 10, 1 ); */ do_action( 'um_on_login_before_redirect', um_user( 'ID' ) ); // Priority redirect - if ( ! empty( $args['redirect_to'] ) ) { + if ( ! empty( $args['redirect_to'] ) ) { exit( wp_safe_redirect( $args['redirect_to'] ) ); } @@ -247,26 +240,22 @@ function um_user_login( $args ) { case 'redirect_url': /** - * UM hook + * Filters change redirect URL after successful login * - * @type filter - * @title um_login_redirect_url - * @description Change redirect URL after successful login - * @input_vars - * [{"var":"$url","type":"string","desc":"Redirect URL"}, - * {"var":"$id","type":"int","desc":"User ID"}] - * @change_log - * ["Since: 2.0"] - * @usage - * - * @example - * Change redirect URL. * function my_login_redirect_url( $url, $id ) { * // your code here * return $url; * } - * ?> + * add_filter( 'um_login_redirect_url', 'my_login_redirect_url', 10, 2 ); */ $redirect_url = apply_filters( 'um_login_redirect_url', um_user( 'login_redirect_url' ), um_user( 'ID' ) ); exit( wp_redirect( $redirect_url ) ); From d6e96e4fd63a9491e1569c106f4177353bdd965d Mon Sep 17 00:00:00 2001 From: ashubawork Date: Thu, 22 Jun 2023 11:04:59 +0300 Subject: [PATCH 03/37] - fix um_add_update_notice() --- includes/core/um-actions-misc.php | 66 +++++++++++++------------------ 1 file changed, 28 insertions(+), 38 deletions(-) diff --git a/includes/core/um-actions-misc.php b/includes/core/um-actions-misc.php index faf1a977..c5744df3 100644 --- a/includes/core/um-actions-misc.php +++ b/includes/core/um-actions-misc.php @@ -73,38 +73,32 @@ add_action( 'um_after_form_fields', 'um_browser_url_redirect_to' ); * @param $args */ function um_add_update_notice( $args ) { - extract( $args ); - $output = ''; $err = ''; $success = ''; - if ( ! empty( $_REQUEST['updated'] ) && ! UM()->form()->errors ) { - switch ( sanitize_key( $_REQUEST['updated'] ) ) { + if ( ! empty( $_REQUEST['updated'] ) && ! UM()->form()->errors ) { // phpcs:ignore WordPress.Security.NonceVerification + switch ( sanitize_key( $_REQUEST['updated'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification default: /** - * UM hook + * Filters add custom success message * - * @type filter - * @title um_custom_success_message_handler - * @description Add custom success message - * @input_vars - * [{"var":"$success","type":"string","desc":"Message"}, - * {"var":"$updated","type":"array","desc":"Updated data"}] - * @change_log - * ["Since: 2.0"] - * @usage - * - * @example - * Can view profile. * function my_custom_success_message( $success, $updated ) { * // your code here * return $success; * } - * ?> + * add_filter( 'um_custom_success_message_handler', 'my_custom_success_message', 10, 2 ); */ - $success = apply_filters( 'um_custom_success_message_handler', $success, sanitize_key( $_REQUEST['updated'] ) ); + $success = apply_filters( 'um_custom_success_message_handler', $success, sanitize_key( $_REQUEST['updated'] ) ); // phpcs:ignore WordPress.Security.NonceVerification break; case 'account': @@ -122,33 +116,29 @@ function um_add_update_notice( $args ) { } } - if ( ! empty( $_REQUEST['err'] ) && ! UM()->form()->errors ) { - switch( sanitize_key( $_REQUEST['err'] ) ) { + if ( ! empty( $_REQUEST['err'] ) && ! UM()->form()->errors ) { // phpcs:ignore WordPress.Security.NonceVerification + switch ( sanitize_key( $_REQUEST['err'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification default: /** - * UM hook + * Filters add custom error message * - * @type filter - * @title um_custom_error_message_handler - * @description Add custom error message - * @input_vars - * [{"var":"$error","type":"string","desc":"Error message"}, - * {"var":"$request_error","type":"array","desc":"Error data"}] - * @change_log - * ["Since: 2.0"] - * @usage - * - * @example - * Can view profile. * function my_custom_error_message( $error, $request_error ) { * // your code here * return $error; * } - * ?> + * add_filter( 'um_custom_error_message_handler', 'my_custom_error_message', 10, 2 ); */ - $err = apply_filters( 'um_custom_error_message_handler', $err, sanitize_key( $_REQUEST['err'] ) ); + $err = apply_filters( 'um_custom_error_message_handler', $err, sanitize_key( $_REQUEST['err'] ) ); // phpcs:ignore WordPress.Security.NonceVerification if ( ! $err ) { $err = __( 'An error has been encountered', 'ultimate-member' ); } From 915ec79bd10e209a0976b85dd802c6f719cb3fa7 Mon Sep 17 00:00:00 2001 From: ashubawork Date: Thu, 22 Jun 2023 11:19:44 +0300 Subject: [PATCH 04/37] - fix um_pre_profile_shortcode() --- includes/core/um-actions-profile.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/includes/core/um-actions-profile.php b/includes/core/um-actions-profile.php index 999bb157..febbb555 100644 --- a/includes/core/um-actions-profile.php +++ b/includes/core/um-actions-profile.php @@ -1340,12 +1340,12 @@ add_action( 'um_profile_header', 'um_profile_header', 9 ); * @param $args */ function um_pre_profile_shortcode( $args ) { - /** - * @var $mode - */ - extract( $args ); + if ( ! array_key_exists( 'mode', $args ) ) { + return; + } + $mode = $args['mode']; - if ( $mode == 'profile' ) { + if ( 'profile' === $mode ) { if ( UM()->fields()->editing ) { if ( um_get_requested_user() ) { if ( ! UM()->roles()->um_current_user_can( 'edit', um_get_requested_user() ) ) { From 07fc2592bf07b1613606e9d0b31093da41aa3116 Mon Sep 17 00:00:00 2001 From: ashubawork Date: Thu, 22 Jun 2023 12:21:55 +0300 Subject: [PATCH 05/37] - fix um_submit_form_register() --- includes/core/um-actions-register.php | 169 ++++++++++++-------------- 1 file changed, 79 insertions(+), 90 deletions(-) diff --git a/includes/core/um-actions-register.php b/includes/core/um-actions-register.php index 793feb16..e83af67f 100644 --- a/includes/core/um-actions-register.php +++ b/includes/core/um-actions-register.php @@ -291,57 +291,54 @@ function um_submit_form_register( $args ) { } /** - * UM hook + * Filters extend user data on registration form submit * - * @type filter - * @title um_add_user_frontend_submitted - * @description Extend user data on registration form submit - * @input_vars - * [{"var":"$submitted","type":"array","desc":"Registration data"}] - * @change_log - * ["Since: 2.0"] - * @usage - * - * @example - * Registration data. + * function my_add_user_frontend_submitted( $success, $updated ) { * // your code here * return $submitted; * } - * ?> + * add_filter( 'um_add_user_frontend_submitted', 'my_add_user_frontend_submitted', 10, 2 ); */ $args = apply_filters( 'um_add_user_frontend_submitted', $args ); - extract( $args ); - - if ( ! empty( $username ) && empty( $user_login ) ) { - $user_login = $username; + if ( ! empty( $args['user_login'] ) ) { + $user_login = $args['user_login']; + } + if ( ! empty( $args['username'] ) && empty( $args['user_login'] ) ) { + $user_login = $args['username']; } - if ( ! empty( $first_name ) && ! empty( $last_name ) && empty( $user_login ) ) { + if ( ! empty( $args['first_name'] ) && ! empty( $args['last_name'] ) && empty( $user_login ) ) { switch ( UM()->options()->get( 'permalink_base' ) ) { case 'name': - $user_login = str_replace( " ", ".", $first_name . " " . $last_name ); + $user_login = str_replace( ' ', '.', $args['first_name'] . ' ' . $args['last_name'] ); break; case 'name_dash': - $user_login = str_replace( " ", "-", $first_name . " " . $last_name ); + $user_login = str_replace( ' ', '-', $args['first_name'] . ' ' . $args['last_name'] ); break; case 'name_plus': - $user_login = str_replace( " ", "+", $first_name . " " . $last_name ); + $user_login = str_replace( ' ', '+', $args['first_name'] . ' ' . $args['last_name'] ); break; default: - $user_login = str_replace( " ", "", $first_name . " " . $last_name ); + $user_login = str_replace( ' ', '', $args['first_name'] . ' ' . $args['last_name'] ); break; } $user_login = sanitize_user( strtolower( remove_accents( $user_login ) ), true ); if ( ! empty( $user_login ) ) { - $count = 1; + $count = 1; $temp_user_login = $user_login; while ( username_exists( $temp_user_login ) ) { $temp_user_login = $user_login . $count; @@ -351,56 +348,57 @@ function um_submit_form_register( $args ) { } } - if ( empty( $user_login ) && ! empty( $user_email ) ) { - $user_login = $user_email; + if ( empty( $user_login ) && ! empty( $args['user_email'] ) ) { + $user_login = $args['user_email']; } - $unique_userID = uniqid(); + $unique_user_id = uniqid(); // see dbDelta and WP native DB structure user_login varchar(60) if ( empty( $user_login ) || mb_strlen( $user_login ) > 60 && ! is_email( $user_login ) ) { - $user_login = 'user' . $unique_userID; + $user_login = 'user' . $unique_user_id; while ( username_exists( $user_login ) ) { - $unique_userID = uniqid(); - $user_login = 'user' . $unique_userID; + $unique_user_id = uniqid(); + $user_login = 'user' . $unique_user_id; } } - if ( isset( $username ) && is_email( $username ) ) { - $user_email = $username; + if ( isset( $args['username'] ) && is_email( $args['username'] ) ) { + $user_email = $args['username']; + } elseif ( ! empty( $args['user_email'] ) ) { + $user_email = $args['user_email']; } - if ( ! isset( $user_password ) ) { + if ( ! isset( $args['user_password'] ) ) { $user_password = UM()->validation()->generate( 8 ); + } else { + $user_password = $args['user_password']; } if ( empty( $user_email ) ) { - $site_url = @$_SERVER['SERVER_NAME']; - $user_email = 'nobody' . $unique_userID . '@' . $site_url; + $site_url = @$_SERVER['SERVER_NAME']; + $user_email = 'nobody' . $unique_user_id . '@' . $site_url; while ( email_exists( $user_email ) ) { - $unique_userID = uniqid(); - $user_email = 'nobody' . $unique_userID . '@' . $site_url; + $unique_user_id = uniqid(); + $user_email = 'nobody' . $unique_user_id . '@' . $site_url; } + /** - * UM hook + * Filters change user default email if it's empty on registration * - * @type filter - * @title um_user_register_submitted__email - * @description Change user default email if it's empty on registration - * @input_vars - * [{"var":"$user_email","type":"string","desc":"Default email"}] - * @change_log - * ["Since: 2.0"] - * @usage - * - * @example - * Change user default email if it's empty on registration. * function my_user_register_submitted__email( $user_email ) { * // your code here * return $user_email; * } - * ?> + * add_filter( 'um_user_register_submitted__email', 'my_user_register_submitted__email', 10, 1 ); */ $user_email = apply_filters( 'um_user_register_submitted__email', $user_email ); } @@ -418,9 +416,9 @@ function um_submit_form_register( $args ) { $args['submitted'] = array_merge( $args['submitted'], $credentials ); // set timestamp - $timestamp = current_time( 'timestamp' ); + $timestamp = current_time( 'timestamp' ); $args['submitted']['timestamp'] = $timestamp; - $args['timestamp'] = $timestamp; + $args['timestamp'] = $timestamp; $args = array_merge( $args, $credentials ); @@ -439,57 +437,48 @@ function um_submit_form_register( $args ) { } /** - * UM hook + * Filters change user role on registration process * - * @type filter - * @title um_registration_user_role - * @description Change user role on registration process - * @input_vars - * [{"var":"$role","type":"string","desc":"User role"}, - * {"var":"$submitted","type":"array","desc":"Registration data"}] - * @change_log - * ["Since: 2.0"] - * @usage - * - * @example - * Change user role on registration process. + * function my_registration_user_role( $user_role, $args ) { * // your code here - * return $role; + * return $user_role; * } - * ?> + * add_filter( 'um_registration_user_role', 'my_registration_user_role', 10, 2 ); */ $user_role = apply_filters( 'um_registration_user_role', $user_role, $args ); $userdata = array( - 'user_login' => $user_login, - 'user_pass' => $user_password, - 'user_email' => $user_email, - 'role' => $user_role, + 'user_login' => $user_login, + 'user_pass' => $user_password, + 'user_email' => $user_email, + 'role' => $user_role, ); $user_id = wp_insert_user( $userdata ); /** - * UM hook + * Fires after complete UM user registration. * - * @type action - * @title um_user_register - * @description After complete UM user registration. - * @input_vars - * [{"var":"$user_id","type":"int","desc":"User ID"}, - * {"var":"$args","type":"array","desc":"Form data"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_user_register', 'function_name', 10, 2 ); - * @example - * Make any custom action after complete UM user registration. + * function um_user_register( $user_id, $args ) { * // your code here * } - * ?> + * add_action( 'um_user_register', 'um_user_register', 10, 2 ); */ do_action( 'um_user_register', $user_id, $args ); From 5a2a23802ddb6d958513c9277a9ad79844c6fa9e Mon Sep 17 00:00:00 2001 From: ashubawork Date: Thu, 22 Jun 2023 12:35:31 +0300 Subject: [PATCH 06/37] - fix ajax_resize_image() --- includes/core/class-files.php | 30 +++++++++++++----------------- 1 file changed, 13 insertions(+), 17 deletions(-) diff --git a/includes/core/class-files.php b/includes/core/class-files.php index 8a702456..20e65db3 100644 --- a/includes/core/class-files.php +++ b/includes/core/class-files.php @@ -317,37 +317,31 @@ if ( ! class_exists( 'um\core\Files' ) ) { /** * Resize image AJAX handler */ - function ajax_resize_image() { + public function ajax_resize_image() { UM()->check_ajax_nonce(); - /** - * @var $key - * @var $src - * @var $coord - * @var $user_id - */ - extract( $_REQUEST ); + $data = $_REQUEST; // phpcs:ignore WordPress.Security.NonceVerification - if ( ! isset( $src ) || ! isset( $coord ) ) { + if ( ! isset( $data['src'] ) || ! isset( $data['coord'] ) ) { wp_send_json_error( esc_js( __( 'Invalid parameters', 'ultimate-member' ) ) ); } - $coord_n = substr_count( $coord, "," ); - if ( $coord_n != 3 ) { + $coord_n = substr_count( $data['coord'], ',' ); + if ( 3 !== $coord_n ) { wp_send_json_error( esc_js( __( 'Invalid coordinates', 'ultimate-member' ) ) ); } - $user_id = empty( $_REQUEST['user_id'] ) ? get_current_user_id() : absint( $_REQUEST['user_id'] ); + $user_id = empty( $data['user_id'] ) ? get_current_user_id() : absint( $data['user_id'] ); - UM()->fields()->set_id = isset( $_POST['set_id'] ) ? absint( $_POST['set_id'] ) : null; - UM()->fields()->set_mode = isset( $_POST['set_mode'] ) ? sanitize_text_field( $_POST['set_mode'] ) : null; + UM()->fields()->set_id = isset( $_POST['set_id'] ) ? absint( $_POST['set_id'] ) : null; // phpcs:ignore WordPress.Security.NonceVerification + UM()->fields()->set_mode = isset( $_POST['set_mode'] ) ? sanitize_text_field( $_POST['set_mode'] ) : null; // phpcs:ignore WordPress.Security.NonceVerification - if ( UM()->fields()->set_mode != 'register' && ! UM()->roles()->um_current_user_can( 'edit', $user_id ) ) { + if ( 'register' !== UM()->fields()->set_mode && ! UM()->roles()->um_current_user_can( 'edit', $user_id ) ) { $ret['error'] = esc_js( __( 'You have no permission to edit this user', 'ultimate-member' ) ); wp_send_json_error( $ret ); } - $src = esc_url_raw( $src ); + $src = esc_url_raw( $data['src'] ); $image_path = um_is_file_owner( $src, $user_id, true ); if ( ! $image_path ) { @@ -355,7 +349,9 @@ if ( ! class_exists( 'um\core\Files' ) ) { } UM()->uploader()->replace_upload_dir = true; - $output = UM()->uploader()->resize_image( $image_path, $src, sanitize_text_field( $key ), $user_id, sanitize_text_field( $coord ) ); + + $output = UM()->uploader()->resize_image( $image_path, $src, sanitize_text_field( $data['key'] ), $user_id, sanitize_text_field( $data['coord'] ) ); + UM()->uploader()->replace_upload_dir = false; delete_option( "um_cache_userdata_{$user_id}" ); From 709625545eaccec93e6b02bc8d1fd75428a252db Mon Sep 17 00:00:00 2001 From: ashubawork Date: Thu, 22 Jun 2023 12:50:44 +0300 Subject: [PATCH 07/37] - fix ultimatemember_password() --- includes/core/class-password.php | 112 +++++++++++++------------------ 1 file changed, 48 insertions(+), 64 deletions(-) diff --git a/includes/core/class-password.php b/includes/core/class-password.php index dfd14cef..594904a0 100644 --- a/includes/core/class-password.php +++ b/includes/core/class-password.php @@ -115,7 +115,7 @@ if ( ! class_exists( 'um\core\Password' ) ) { * * @return string */ - function ultimatemember_password( $args = array() ) { + public function ultimatemember_password( $args = array() ) { ob_start(); $defaults = array( @@ -125,7 +125,7 @@ if ( ! class_exists( 'um\core\Password' ) ) { 'max_width' => '450px', 'align' => 'center', ); - $args = wp_parse_args( $args, $defaults ); + $args = wp_parse_args( $args, $defaults ); if ( empty( $args['use_custom_settings'] ) ) { $args = array_merge( $args, UM()->shortcodes()->get_css_args( $args ) ); @@ -134,25 +134,21 @@ if ( ! class_exists( 'um\core\Password' ) ) { } /** - * UM hook + * Filters extend Reset Password Arguments * - * @type filter - * @title um_reset_password_shortcode_args_filter - * @description Extend Reset Password Arguments - * @input_vars - * [{"var":"$args","type":"array","desc":"Shortcode arguments"}] - * @change_log - * ["Since: 2.0"] - * @usage - * - * @example - * Extend Reset Password Arguments. * function my_reset_password_shortcode_args( $args ) { * // your code here * return $args; * } - * ?> + * add_filter( 'um_reset_password_shortcode_args_filter', 'my_reset_password_shortcode_args', 10, 1 ); */ $args = apply_filters( 'um_reset_password_shortcode_args_filter', $args ); @@ -160,7 +156,7 @@ if ( ! class_exists( 'um\core\Password' ) ) { // then COOKIE are valid then get data from them and populate hidden fields for the password reset form $args['template'] = 'password-change'; $args['rp_key'] = ''; - $rp_cookie = 'wp-resetpass-' . COOKIEHASH; + $rp_cookie = 'wp-resetpass-' . COOKIEHASH; if ( isset( $_COOKIE[ $rp_cookie ] ) && 0 < strpos( $_COOKIE[ $rp_cookie ], ':' ) ) { list( $rp_login, $rp_key ) = explode( ':', wp_unslash( $_COOKIE[ $rp_cookie ] ), 2 ); @@ -171,70 +167,58 @@ if ( ! class_exists( 'um\core\Password' ) ) { UM()->fields()->set_id = 'um_password_id'; - /** - * @var $mode - * @var $template - */ - extract( $args, EXTR_SKIP ); + if ( ! isset( $mode ) && isset( $args['mode'] ) ) { + $mode = $args['mode']; + } + if ( ! isset( $template ) && isset( $args['template'] ) ) { + $template = $args['template']; + } /** - * UM hook + * Fires pre-load password form shortcode. * - * @type action - * @title um_pre_{$mode}_shortcode - * @description Action pre-load password form shortcode - * @input_vars - * [{"var":"$args","type":"array","desc":"Form shortcode pre-loading"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_pre_{$mode}_shortcode', 'function_name', 10, 1 ); - * @example - * Make any custom action pre-load password form shortcode. * function my_pre_password_shortcode( $args ) { * // your code here * } - * ?> + * add_action( 'um_pre_{$mode}_shortcode', 'my_pre_password_shortcode', 10, 1 ); */ do_action( "um_pre_{$mode}_shortcode", $args ); + /** - * UM hook + * Fires pre-load password form shortcode. * - * @type action - * @title um_before_form_is_loaded - * @description Action pre-load password form shortcode - * @input_vars - * [{"var":"$args","type":"array","desc":"Form shortcode pre-loading"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_before_form_is_loaded', 'function_name', 10, 1 ); - * @example - * Make any custom action pre-load password form shortcode. + * function my_before_form_is_loaded( $args ) { + * // your code here + * } * add_action( 'um_before_form_is_loaded', 'my_before_form_is_loaded', 10, 1 ); - * function my_before_form_is_loaded( $args ) { - * // your code here - * } - * ?> */ - do_action( "um_before_form_is_loaded", $args ); + do_action( 'um_before_form_is_loaded', $args ); + /** - * UM hook + * Fires pre-load password form shortcode. * - * @type action - * @title um_before_{$mode}_form_is_loaded - * @description Action pre-load password form shortcode - * @input_vars - * [{"var":"$args","type":"array","desc":"Form shortcode pre-loading"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_before_{$mode}_form_is_loaded', 'function_name', 10, 1 ); - * @example - * Make any custom action pre-load password form shortcode. * function my_before_form_is_loaded( $args ) { * // your code here * } - * ?> + * add_action( 'um_before_{$mode}_form_is_loaded', 'my_before_form_is_loaded', 10, 1 ); */ do_action( "um_before_{$mode}_form_is_loaded", $args ); From f79712b549719483dfcc37b160fc4b6e15a10458 Mon Sep 17 00:00:00 2001 From: ashubawork Date: Thu, 22 Jun 2023 12:57:43 +0300 Subject: [PATCH 08/37] - fix ajax_muted_action() --- includes/core/class-form.php | 37 ++++++++++++++---------------------- 1 file changed, 14 insertions(+), 23 deletions(-) diff --git a/includes/core/class-form.php b/includes/core/class-form.php index 4b4c60a3..fb390c00 100644 --- a/includes/core/class-form.php +++ b/includes/core/class-form.php @@ -70,18 +70,13 @@ if ( ! class_exists( 'um\core\Form' ) ) { public function ajax_muted_action() { UM()->check_ajax_nonce(); - /** - * @var $user_id - * @var $hook - */ - extract( $_REQUEST ); - - if ( isset( $user_id ) ) { - $user_id = absint( $user_id ); + // phpcs:disable WordPress.Security.NonceVerification + if ( isset( $_REQUEST['user_id'] ) ) { + $user_id = absint( $_REQUEST['user_id'] ); } - if ( isset( $hook ) ) { - $hook = sanitize_key( $hook ); + if ( isset( $_REQUEST['hook'] ) ) { + $hook = sanitize_key( $_REQUEST['hook'] ); } if ( ! UM()->roles()->um_current_user_can( 'edit', $user_id ) ) { @@ -91,27 +86,23 @@ if ( ! class_exists( 'um\core\Form' ) ) { switch ( $hook ) { default: /** - * UM hook + * Fires on AJAX muted action. * - * @type action - * @title um_run_ajax_function__{$hook} - * @description Action on AJAX muted action - * @input_vars - * [{"var":"$request","type":"int","desc":"Request"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_run_ajax_function__{$hook}', 'function_name', 10, 1 ); - * @example - * Make any custom action on AJAX muted action. * function my_run_ajax_function( $request ) { * // your code here * } - * ?> + * add_action( 'um_run_ajax_function__{$hook}', 'my_run_ajax_function', 10, 1 ); */ do_action( "um_run_ajax_function__{$hook}", $_REQUEST ); break; } + // phpcs:enable WordPress.Security.NonceVerification } From 569a341fd27a5e15337539b44f8d61923efc618e Mon Sep 17 00:00:00 2001 From: ashubawork Date: Thu, 22 Jun 2023 13:19:09 +0300 Subject: [PATCH 09/37] - fix ajax_paginate() --- includes/core/class-query.php | 42 +++++++++++++++++------------------ 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/includes/core/class-query.php b/includes/core/class-query.php index ef19440a..2519011c 100644 --- a/includes/core/class-query.php +++ b/includes/core/class-query.php @@ -41,32 +41,32 @@ if ( ! class_exists( 'um\core\Query' ) ) { public function ajax_paginate() { UM()->check_ajax_nonce(); - /** - * @var $hook - * @var $args - */ - extract( $_REQUEST ); + // phpcs:disable WordPress.Security.NonceVerification + if ( isset( $_REQUEST['hook'] ) ) { + $hook = $_REQUEST['hook']; + } + if ( ! empty( $_REQUEST['args'] ) ) { + $args = $_REQUEST['args']; + } else { + $args = array(); + } + // phpcs:enable WordPress.Security.NonceVerification ob_start(); /** - * UM hook + * Fires on posts loading by AJAX. * - * @type action - * @title um_ajax_load_posts__{$hook} - * @description Action on posts loading by AJAX - * @input_vars - * [{"var":"$args","type":"array","desc":"Query arguments"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_ajax_load_posts__{$hook}', 'function_name', 10, 1 ); - * @example - * Make any custom action on posts loading by AJAX. * function my_ajax_load_posts( $args ) { * // your code here * } - * ?> + * add_action( 'um_ajax_load_posts__{$hook}', 'my_ajax_load_posts', 10, 1 ); */ do_action( "um_ajax_load_posts__{$hook}", $args ); @@ -95,9 +95,9 @@ if ( ! class_exists( 'um\core\Query' ) ) { } $pages = $wpdb->get_results( - "SELECT * - FROM {$wpdb->posts} - WHERE post_type = 'page' AND + "SELECT * + FROM {$wpdb->posts} + WHERE post_type = 'page' AND post_status = 'publish'", OBJECT ); From 9cc48e0a8c11e9547697e6a866b0a91d2ca75807 Mon Sep 17 00:00:00 2001 From: ashubawork Date: Thu, 22 Jun 2023 14:40:44 +0300 Subject: [PATCH 10/37] - fix load() --- includes/core/class-query.php | 1 + includes/core/class-shortcodes.php | 174 +++++++++++++---------------- 2 files changed, 76 insertions(+), 99 deletions(-) diff --git a/includes/core/class-query.php b/includes/core/class-query.php index 2519011c..c5583e5c 100644 --- a/includes/core/class-query.php +++ b/includes/core/class-query.php @@ -42,6 +42,7 @@ if ( ! class_exists( 'um\core\Query' ) ) { UM()->check_ajax_nonce(); // phpcs:disable WordPress.Security.NonceVerification + $hook = ''; if ( isset( $_REQUEST['hook'] ) ) { $hook = $_REQUEST['hook']; } diff --git a/includes/core/class-shortcodes.php b/includes/core/class-shortcodes.php index e300d2e2..e736922c 100644 --- a/includes/core/class-shortcodes.php +++ b/includes/core/class-shortcodes.php @@ -602,9 +602,9 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) { * * @return string */ - function load( $args ) { + public function load( $args ) { $defaults = array(); - $args = wp_parse_args( $args, $defaults ); + $args = wp_parse_args( $args, $defaults ); // when to not continue $this->form_id = isset( $args['form_id'] ) ? $args['form_id'] : null; @@ -613,36 +613,32 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) { } $this->form_status = get_post_status( $this->form_id ); - if ( $this->form_status != 'publish' ) { + if ( 'publish' !== $this->form_status ) { return; } // get data into one global array $post_data = UM()->query()->post_data( $this->form_id ); - $args = array_merge( $args, $post_data ); + $args = array_merge( $args, $post_data ); ob_start(); /** - * UM hook + * Filters change arguments on load shortcode * - * @type filter - * @title um_pre_args_setup - * @description Change arguments on load shortcode - * @input_vars - * [{"var":"$post_data","type":"string","desc":"$_POST data"}] - * @change_log - * ["Since: 2.0"] - * @usage - * - * @example - * Change arguments on load shortcode. * function my_pre_args_setup( $post_data ) { * // your code here * return $post_data; * } - * ?> + * add_filter( 'um_pre_args_setup', 'my_pre_args_setup', 10, 1 ); */ $args = apply_filters( 'um_pre_args_setup', $args ); @@ -650,7 +646,7 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) { $args['template'] = ''; } - if ( isset( $post_data['template'] ) && $post_data['template'] != $args['template'] ) { + if ( isset( $post_data['template'] ) && $post_data['template'] !== $args['template'] ) { $args['template'] = $post_data['template']; } @@ -662,7 +658,7 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) { $post_data['template'] = $post_data['mode']; } - if ( 'directory' == $args['mode'] ) { + if ( 'directory' === $args['mode'] ) { wp_enqueue_script( 'um_members' ); if ( is_rtl() ) { wp_enqueue_style( 'um_members_rtl' ); @@ -671,7 +667,7 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) { } } - if ( 'directory' != $args['mode'] ) { + if ( 'directory' !== $args['mode'] ) { $args = array_merge( $post_data, $args ); if ( empty( $args['use_custom_settings'] ) ) { @@ -683,39 +679,35 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) { // filter for arguments /** - * UM hook + * Filters change arguments on load shortcode * - * @type filter - * @title um_shortcode_args_filter - * @description Change arguments on load shortcode - * @input_vars - * [{"var":"$args","type":"string","desc":"Shortcode arguments"}] - * @change_log - * ["Since: 2.0"] - * @usage - * - * @example - * Change arguments on load shortcode. * function my_shortcode_args( $args ) { * // your code here * return $args; * } - * ?> + * add_filter( 'um_shortcode_args_filter', 'my_shortcode_args', 10, 1 ); */ $args = apply_filters( 'um_shortcode_args_filter', $args ); - /** - * @var string $mode - */ - extract( $args, EXTR_SKIP ); + if ( ! array_key_exists( 'mode', $args ) || ! array_key_exists( 'template', $args ) ) { + return; + } + $mode = $args['mode']; //not display on admin preview - if ( empty( $_POST['act_id'] ) || sanitize_key( $_POST['act_id'] ) !== 'um_admin_preview_form' ) { + if ( empty( $_POST['act_id'] ) || 'um_admin_preview_form' !== sanitize_key( $_POST['act_id'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification $enable_loggedin_registration = apply_filters( 'um_registration_for_loggedin_users', false, $args ); - if ( 'register' == $mode && is_user_logged_in() && ! $enable_loggedin_registration ) { + if ( 'register' === $mode && is_user_logged_in() && ! $enable_loggedin_registration ) { ob_get_clean(); return __( 'You are already registered', 'ultimate-member' ); } @@ -726,7 +718,7 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) { } // for profiles only - if ( $mode == 'profile' && um_profile_id() ) { + if ( 'profile' === $mode && um_profile_id() ) { //set requested user if it's not setup from permalinks (for not profile page in edit mode) if ( ! um_get_requested_user() ) { @@ -756,7 +748,7 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) { } $this->profile_role = $args['role']; - } elseif ( $this->profile_role != $args['role'] ) { + } elseif ( $this->profile_role !== $args['role'] ) { ob_get_clean(); return ''; } @@ -765,90 +757,74 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) { } /** - * UM hook + * Fires pre-load form shortcode. * - * @type action - * @title um_pre_{$mode}_shortcode - * @description Action pre-load form shortcode - * @input_vars - * [{"var":"$args","type":"array","desc":"Form shortcode pre-loading"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_pre_{$mode}_shortcode', 'function_name', 10, 1 ); - * @example - * Make any custom action on pre-load form shortcode. * function my_pre_shortcode( $args ) { * // your code here * } - * ?> + * add_action( 'um_pre_{$mode}_shortcode', 'my_pre_shortcode', 10, 1 ); */ do_action( "um_pre_{$mode}_shortcode", $args ); + /** - * UM hook + * Fires pre-load form shortcode. * - * @type action - * @title um_before_form_is_loaded - * @description Action pre-load form shortcode - * @input_vars - * [{"var":"$args","type":"array","desc":"Form shortcode pre-loading"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_before_form_is_loaded', 'function_name', 10, 1 ); - * @example - * Make any custom action on pre-load form shortcode. + * function my_pre_shortcode( $args ) { + * // your code here + * } * add_action( 'um_before_form_is_loaded', 'my_pre_shortcode', 10, 1 ); - * function my_pre_shortcode( $args ) { - * // your code here - * } - * ?> */ - do_action( "um_before_form_is_loaded", $args ); + do_action( 'um_before_form_is_loaded', $args ); + /** - * UM hook + * Fires pre-load form shortcode. * - * @type action - * @title um_before_{$mode}_form_is_loaded - * @description Action pre-load form shortcode - * @input_vars - * [{"var":"$args","type":"array","desc":"Form shortcode pre-loading"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_before_{$mode}_form_is_loaded', 'function_name', 10, 1 ); - * @example - * Make any custom action on pre-load form shortcode. * function my_pre_shortcode( $args ) { * // your code here * } - * ?> + * add_action( 'um_before_{$mode}_form_is_loaded', 'my_pre_shortcode', 10, 1 ); */ do_action( "um_before_{$mode}_form_is_loaded", $args ); - $this->template_load( $template, $args ); + $this->template_load( $args['template'], $args ); $this->dynamic_css( $args ); - if ( um_get_requested_user() || $mode == 'logout' ) { + if ( um_get_requested_user() || 'logout' === $mode ) { um_reset_user(); } /** - * UM hook + * Fires after load shortcode content. * - * @type action - * @title um_after_everything_output - * @description Action after load shortcode content - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_after_everything_output', 'function_name', 10 ); - * @example - * Make any custom action after load shortcode content. + * function my_pre_shortcode() { * // your code here * } - * ?> + * add_action( 'um_after_everything_output', 'my_pre_shortcode', 10 ); */ do_action( 'um_after_everything_output' ); From f6c2e17017a05876af3e9a1a5f998b9382f65aa3 Mon Sep 17 00:00:00 2001 From: ashubawork Date: Thu, 22 Jun 2023 14:49:40 +0300 Subject: [PATCH 11/37] - fix dynamic_css() --- includes/core/class-shortcodes.php | 41 +++++++++++++----------------- 1 file changed, 17 insertions(+), 24 deletions(-) diff --git a/includes/core/class-shortcodes.php b/includes/core/class-shortcodes.php index e736922c..802ec4ff 100644 --- a/includes/core/class-shortcodes.php +++ b/includes/core/class-shortcodes.php @@ -853,44 +853,37 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) { * * @return string */ - function dynamic_css( $args = array() ) { + public function dynamic_css( $args = array() ) { /** - * UM hook + * Filters turn on for disable global dynamic CSS for fix the issue #306 * - * @type filter - * @title um_disable_dynamic_global_css - * @description Turn on for disable global dynamic CSS for fix the issue #306 - * @input_vars - * [{"var":"$disable","type":"bool","desc":"Disable global CSS"}] - * @change_log - * ["Since: 2.0"] - * @usage - * - * @example - * Turn on for disable global dynamic CSS. * function my_disable_dynamic_global_css( $disable ) { * // your code here * return $disable; * } - * ?> + * add_filter( 'um_disable_dynamic_global_css', 'my_disable_dynamic_global_css', 10, 1 ); */ $disable_css = apply_filters( 'um_disable_dynamic_global_css', false ); - if ( $disable_css ) + if ( $disable_css ) { return ''; - - /** - * @var $mode - */ - extract( $args ); + } include_once um_path . 'assets/dynamic_css/dynamic_global.php'; - if ( isset( $mode ) && in_array( $mode, array( 'profile', 'directory' ) ) ) { - $file = um_path . 'assets/dynamic_css/dynamic_' . $mode . '.php'; + if ( isset( $args['mode'] ) && in_array( $args['mode'], array( 'profile', 'directory' ), true ) ) { + $file = um_path . 'assets/dynamic_css/dynamic_' . $args['mode'] . '.php'; - if ( file_exists( $file ) ) + if ( file_exists( $file ) ) { include_once $file; + } } return ''; From a4ec844737f30fedcb7dd3ce264e2a0b5e03a07a Mon Sep 17 00:00:00 2001 From: ashubawork Date: Thu, 22 Jun 2023 15:48:39 +0300 Subject: [PATCH 12/37] - fix view_field() --- includes/core/class-fields.php | 199 ++++++++++++++------------------- 1 file changed, 85 insertions(+), 114 deletions(-) diff --git a/includes/core/class-fields.php b/includes/core/class-fields.php index 34a3677a..60d4d79a 100644 --- a/includes/core/class-fields.php +++ b/includes/core/class-fields.php @@ -4355,52 +4355,35 @@ if ( ! class_exists( 'um\core\Fields' ) ) { * @return string|null * @throws \Exception */ - function view_field( $key, $data, $rule = false ) { + public function view_field( $key, $data, $rule = false ) { $output = ''; // get whole field data if ( is_array( $data ) ) { $data = $this->get_field( $key ); - - if ( is_array( $data ) ) { - /** - * @var $visibility - * @var $type - * @var $default - * @var $classes - * @var $conditional - * @var $content - * @var $divider_text - * @var $spacing - * @var $borderwidth - * @var $borderstyle - * @var $bordercolor - * @var $label - */ - extract( $data ); - } } //hide if empty type if ( ! isset( $data['type'] ) ) { return ''; } + $type = $data['type']; - if ( isset( $data['in_group'] ) && $data['in_group'] != '' && $rule != 'group' ) { + if ( isset( $data['in_group'] ) && '' !== $data['in_group'] && 'group' !== $rule ) { return ''; } //invisible on profile page - if ( $visibility == 'edit' || $type == 'password' ) { + if ( 'edit' === $data['visibility'] || 'password' === $type ) { return ''; } //hide if empty $fields_without_metakey = UM()->builtin()->get_fields_without_metakey(); - if ( ! in_array( $type, $fields_without_metakey ) ) { - $_field_value = $this->field_value( $key, $default, $data ); + if ( ! in_array( $type, $fields_without_metakey, true ) ) { + $_field_value = $this->field_value( $key, $data['classes'], $data ); - if ( ! isset( $_field_value ) || $_field_value == '' ) { + if ( ! isset( $_field_value ) || '' === $_field_value ) { return ''; } } @@ -4410,7 +4393,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) { } // disable these fields in profile view only - if ( in_array( $key, array( 'user_password' ) ) && $this->set_mode == 'profile' ) { + if ( in_array( $key, array( 'user_password' ), true ) && 'profile' === $this->set_mode ) { return ''; } @@ -4418,23 +4401,21 @@ if ( ! class_exists( 'um\core\Fields' ) ) { return ''; } - if ( isset( $data['classes'] ) ) { - $classes = explode( " ", $data['classes'] ); + $classes = explode( ' ', $data['classes'] ); } switch ( $type ) { /* Default */ default: + $_field_value = $this->field_value( $key, $data['default'], $data ); - $_field_value = $this->field_value( $key, $default, $data ); - - if ( ! in_array( $type, $fields_without_metakey ) && ( ! isset( $_field_value ) || $_field_value == '' ) ) { + if ( ! in_array( $type, $fields_without_metakey, true ) && ( ! isset( $_field_value ) || '' === $_field_value ) ) { $output = ''; } else { - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; if ( isset( $data['label'] ) || ! empty( $data['icon'] ) ) { @@ -4445,7 +4426,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) { $output .= $this->field_label( $data['label'], $key, $data ); } - $res = $this->field_value( $key, $default, $data ); + $res = $this->field_value( $key, $data['default'], $data ); if ( ! empty( $res ) ) { $res = stripslashes( $res ); @@ -4462,53 +4443,48 @@ if ( ! class_exists( 'um\core\Fields' ) ) { $data['is_view_field'] = true; /** - * UM hook + * Filters change field HTML on view mode * - * @type filter - * @title um_view_field - * @description Change field HTML on view mode - * @input_vars - * [{"var":"$output","type":"string","desc":"Field HTML"}, - * {"var":"$data","type":"string","desc":"Field Data"}, - * {"var":"$type","type":"string","desc":"Field Type"}] - * @change_log - * ["Since: 2.0"] - * @usage add_filter( 'um_view_field', 'function_name', 10, 3 ); - * @example - * Change field HTML on view mode. + * function my_view_field( $output, $data, $type ) { * // your code here * return $output; * } - * ?> + * add_filter( 'um_view_field', 'my_view_field', 10, 3 ); */ $res = apply_filters( 'um_view_field', $res, $data, $type ); + /** - * UM hook + * Filters field HTML on view mode by field type * - * @type filter - * @title um_view_field_value_{$type} - * @description Change field HTML on view mode by field type - * @input_vars - * [{"var":"$output","type":"string","desc":"Field HTML"}, - * {"var":"$data","type":"string","desc":"Field Data"}] - * @change_log - * ["Since: 2.0"] - * @usage add_filter( 'um_view_field_value_{$type}', 'function_name', 10, 2 ); - * @example - * Change field HTML on view mode by field type. + * function my_view_field( $output, $data ) { * // your code here * return $output; * } - * ?> + * add_filter( 'um_view_field_value_{$type}', 'my_view_field', 10, 2 ); */ $res = apply_filters( "um_view_field_value_{$type}", $res, $data ); $id_attr = ''; - if ( ! in_array( $type, $fields_without_metakey ) ) { + if ( ! in_array( $type, $fields_without_metakey, true ) ) { $id_attr = ' id="' . esc_attr( $key . UM()->form()->form_suffix ) . '"'; } @@ -4525,58 +4501,58 @@ if ( ! class_exists( 'um\core\Fields' ) ) { break; - /* HTML */ + /* HTML */ case 'block': - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>' . $content . '
'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>' . $data['content'] . '
'; break; - /* Shortcode */ + /* Shortcode */ case 'shortcode': - - $content = str_replace( '{profile_id}', um_profile_id(), $content ); - if ( version_compare( get_bloginfo('version'),'5.4', '<' ) ) { + $content = str_replace( '{profile_id}', um_profile_id(), $data['content'] ); + if ( version_compare( get_bloginfo( 'version' ), '5.4', '<' ) ) { $content = do_shortcode( $content ); } else { $content = apply_shortcodes( $content ); } - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>' . $content . '
'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>' . $content . '
'; break; - /* Gap/Space */ + /* Gap/Space */ case 'spacing': - $output .= '
get_atts( $key, $classes, $conditional, $data, array( 'height' => $spacing ) ) . '>
'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data, array( 'height' => $data['spacing'] ) ) . '>
'; break; - /* A line divider */ + /* A line divider */ case 'divider': - $output .= '
get_atts( $key, $classes, $conditional, $data, array( 'border-bottom' => $borderwidth . 'px ' . $borderstyle . ' ' . $bordercolor ) ) . '>'; - if ( $divider_text ) { - $output .= '
' . $divider_text . '
'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data, array( 'border-bottom' => $data['borderwidth'] . 'px ' . $data['borderstyle'] . ' ' . $data['bordercolor'] ) ) . '>'; + if ( $data['divider_text'] ) { + $output .= '
' . $data['divider_text'] . '
'; } $output .= '
'; break; - /* Rating */ + /* Rating */ case 'rating': - - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; if ( isset( $data['label'] ) || ! empty( $data['icon'] ) ) { - $output .= $this->field_label( $label, $key, $data ); + $output .= $this->field_label( $data['label'], $key, $data ); } - ob_start(); ?> + ob_start(); + ?>
-
+
- '; break; @@ -4586,47 +4562,42 @@ if ( ! class_exists( 'um\core\Fields' ) ) { // Custom filter for field output if ( isset( $this->set_mode ) ) { /** - * UM hook + * Filters field HTML by field $key * - * @type filter - * @title um_{$key}_form_show_field - * @description Change field HTML by field $key - * @input_vars - * [{"var":"$output","type":"string","desc":"Field HTML"}, - * {"var":"$mode","type":"string","desc":"Form Mode"}] - * @change_log - * ["Since: 2.0"] - * @usage add_filter( 'um_{$key}_form_show_field', 'function_name', 10, 2 ); - * @example - * Change field HTML by field $key. * function my_form_show_field( $output, $mode ) { * // your code here * return $output; * } - * ?> + * add_filter( 'um_{$key}_form_show_field', 'my_form_show_field', 10, 2 ); */ $output = apply_filters( "um_{$key}_form_show_field", $output, $this->set_mode ); + /** - * UM hook + * Filters field HTML by field $type * - * @type filter - * @title um_{$type}_form_show_field - * @description Change field HTML by field $type - * @input_vars - * [{"var":"$output","type":"string","desc":"Field HTML"}, - * {"var":"$mode","type":"string","desc":"Form Mode"}] - * @change_log - * ["Since: 2.0"] - * @usage add_filter( 'um_{$type}_form_show_field', 'function_name', 10, 2 ); - * @example - * Change field HTML by field $type. * function my_form_show_field( $output, $mode ) { * // your code here * return $output; * } - * ?> + * add_filter( 'um_{$type}_form_show_field', 'my_form_show_field', 10, 2 ); */ $output = apply_filters( "um_{$type}_form_show_field", $output, $this->set_mode ); } From 9f8767b3c888d65388e79888b5afefc5b7ef341a Mon Sep 17 00:00:00 2001 From: ashubawork Date: Thu, 22 Jun 2023 16:07:15 +0300 Subject: [PATCH 13/37] - fix do_ajax_action() --- includes/core/class-fields.php | 61 +++++++++++++++------------------- 1 file changed, 26 insertions(+), 35 deletions(-) diff --git a/includes/core/class-fields.php b/includes/core/class-fields.php index 60d4d79a..d655dc5d 100644 --- a/includes/core/class-fields.php +++ b/includes/core/class-fields.php @@ -4947,57 +4947,48 @@ if ( ! class_exists( 'um\core\Fields' ) ) { /** * */ - function do_ajax_action() { + public function do_ajax_action() { UM()->admin()->check_ajax_nonce(); if ( ! is_user_logged_in() || ! current_user_can( 'manage_options' ) ) { wp_send_json_error( __( 'Please login as administrator', 'ultimate-member' ) ); } - /** - * @var $in_row - * @var $in_sub_row - * @var $in_column - * @var $in_group - * @var $act_id - * @var $arg1 - * @var $arg2 - */ - extract( $_POST ); - $output = null; $position = array(); - if ( ! empty( $in_column ) ) { - $position['in_row'] = '_um_row_' . ( (int) $in_row + 1 ); - $position['in_sub_row'] = $in_sub_row; - $position['in_column'] = $in_column; - $position['in_group'] = $in_group; + // phpcs:disable WordPress.Security.NonceVerification + if ( ! empty( $_POST['in_column'] ) ) { + $position['in_row'] = '_um_row_' . ( (int) $_POST['in_row'] + 1 ); + $position['in_sub_row'] = isset( $_POST['in_sub_row'] ) ? $_POST['in_sub_row'] : ''; + $position['in_column'] = isset( $_POST['in_column'] ) ? $_POST['in_column'] : ''; + $position['in_group'] = isset( $_POST['in_group'] ) ? $_POST['in_group'] : ''; } - switch ( $act_id ) { + if ( isset( $_POST['act_id'] ) ) { + switch ( $_POST['act_id'] ) { + case 'um_admin_duplicate_field': + $this->duplicate_field( $_POST['arg1'], $_POST['arg2'] ); + break; - case 'um_admin_duplicate_field': - $this->duplicate_field( $arg1, $arg2 ); - break; + case 'um_admin_remove_field_global': + $this->delete_field_from_db( $_POST['arg1'] ); + break; - case 'um_admin_remove_field_global': - $this->delete_field_from_db( $arg1 ); - break; + case 'um_admin_remove_field': + $this->delete_field_from_form( $_POST['arg1'], $_POST['arg2'] ); + break; - case 'um_admin_remove_field': - $this->delete_field_from_form( $arg1, $arg2 ); - break; - - case 'um_admin_add_field_from_predefined': - $this->add_field_from_predefined( $arg1, $arg2, $position ); - break; - - case 'um_admin_add_field_from_list': - $this->add_field_from_list( $arg1, $arg2, $position ); - break; + case 'um_admin_add_field_from_predefined': + $this->add_field_from_predefined( $_POST['arg1'], $_POST['arg2'], $position ); + break; + case 'um_admin_add_field_from_list': + $this->add_field_from_list( $_POST['arg1'], $_POST['arg2'], $position ); + break; + } } + // phpcs:enable WordPress.Security.NonceVerification if ( is_array( $output ) ) { print_r( $output ); From a027cfcd70d7156ba869245fe40bc6ec04240cb4 Mon Sep 17 00:00:00 2001 From: ashubawork Date: Thu, 22 Jun 2023 16:11:32 +0300 Subject: [PATCH 14/37] - fix make() --- includes/core/class-query.php | 47 ++++++++++++++++------------------- 1 file changed, 21 insertions(+), 26 deletions(-) diff --git a/includes/core/class-query.php b/includes/core/class-query.php index c5583e5c..1b1ef124 100644 --- a/includes/core/class-query.php +++ b/includes/core/class-query.php @@ -146,51 +146,46 @@ if ( ! class_exists( 'um\core\Query' ) ) { * * @return array|bool|int|\WP_Query */ - function make( $args ) { + public function make( $args ) { $defaults = array( - 'post_type' => 'post', - 'post_status' => array('publish') + 'post_type' => 'post', + 'post_status' => array( 'publish' ), ); - $args = wp_parse_args( $args, $defaults ); + $args = wp_parse_args( $args, $defaults ); - if ( isset( $args['post__in'] ) && empty( $args['post__in'] ) ) + if ( isset( $args['post__in'] ) && empty( $args['post__in'] ) ) { return false; + } - extract( $args ); - - if ( $post_type == 'comment' ) { // comments + if ( 'comment' === $args['post_type'] ) { // comments unset( $args['post_type'] ); /** - * UM hook + * Filters extend excluded comment types * - * @type filter - * @title um_excluded_comment_types - * @description Extend excluded comment types - * @input_vars - * [{"var":"$types","type":"array","desc":"Comment Types"}] - * @change_log - * ["Since: 2.0"] - * @usage - * - * @example - * Extend excluded comment types. + * function my_excluded_comment_types( $types ) { * // your code here * return $types; * } - * ?> + * add_filter( 'um_excluded_comment_types', 'my_excluded_comment_types', 10, 1 ); */ - $args['type__not_in'] = apply_filters( 'um_excluded_comment_types', array('') ); + $args['type__not_in'] = apply_filters( 'um_excluded_comment_types', array( '' ) ); - $comments = get_comments($args); + $comments = get_comments( $args ); return $comments; } else { - $custom_posts = new \WP_Query(); + $custom_posts = new \WP_Query(); $args['post_status'] = is_array( $args['post_status'] ) ? $args['post_status'] : explode( ',', $args['post_status'] ); $custom_posts->query( $args ); From 43263dd0f7124915db8f22bdf587bc9f9aeccf49 Mon Sep 17 00:00:00 2001 From: ashubawork Date: Thu, 22 Jun 2023 16:26:23 +0300 Subject: [PATCH 15/37] - fix new_row_output() --- includes/core/class-fields.php | 69 +++++++++++++++++----------------- 1 file changed, 34 insertions(+), 35 deletions(-) diff --git a/includes/core/class-fields.php b/includes/core/class-fields.php index d655dc5d..6fe88ed5 100644 --- a/includes/core/class-fields.php +++ b/includes/core/class-fields.php @@ -4845,33 +4845,32 @@ if ( ! class_exists( 'um\core\Fields' ) ) { * * @return string */ - function new_row_output( $row_id, $row_array ) { + public function new_row_output( $row_id, $row_array ) { $output = null; - extract( $row_array ); - $padding = ( isset( $padding ) ) ? $padding : ''; - $margin = ( isset( $margin ) ) ? $margin : ''; - $background = ( isset( $background ) ) ? $background : ''; - $text_color = ( isset( $text_color ) ) ? $text_color : ''; - $borderradius = ( isset( $borderradius ) ) ? $borderradius : ''; - $border = ( isset( $border ) ) ? $border : ''; - $bordercolor = ( isset( $bordercolor ) ) ? $bordercolor : ''; - $borderstyle = ( isset( $borderstyle ) ) ? $borderstyle : ''; - $heading = ( isset( $heading ) ) ? $heading : ''; - $css_class = ( isset( $css_class ) ) ? $css_class : ''; + $padding = ( isset( $row_array['padding'] ) ) ? $row_array['padding'] : ''; + $margin = ( isset( $row_array['margin'] ) ) ? $row_array['margin'] : ''; + $background = ( isset( $row_array['background'] ) ) ? $row_array['background'] : ''; + $text_color = ( isset( $row_array['text_color'] ) ) ? $row_array['text_color'] : ''; + $borderradius = ( isset( $row_array['borderradius'] ) ) ? $row_array['borderradius'] : ''; + $border = ( isset( $row_array['border'] ) ) ? $row_array['border'] : ''; + $bordercolor = ( isset( $row_array['bordercolor'] ) ) ? $row_array['bordercolor'] : ''; + $borderstyle = ( isset( $row_array['borderstyle'] ) ) ? $row_array['borderstyle'] : ''; + $heading = ( isset( $row_array['heading'] ) ) ? $row_array['heading'] : ''; + $css_class = ( isset( $row_array['css_class'] ) ) ? $row_array['css_class'] : ''; - $css_padding = ''; - $css_margin = ''; - $css_background = ''; - $css_borderradius = ''; - $css_border = ''; - $css_bordercolor = ''; - $css_borderstyle = ''; + $css_padding = ''; + $css_margin = ''; + $css_background = ''; + $css_borderradius = ''; + $css_border = ''; + $css_bordercolor = ''; + $css_borderstyle = ''; $css_heading_background_color = ''; - $css_heading_padding = ''; - $css_heading_text_color = ''; - $css_heading_borderradius = ''; - $css_text_color = ''; + $css_heading_padding = ''; + $css_heading_text_color = ''; + $css_heading_borderradius = ''; + $css_text_color = ''; // row css rules if ( $padding ) { @@ -4900,30 +4899,30 @@ if ( ! class_exists( 'um\core\Fields' ) ) { } if ( $text_color ) { $css_text_color = 'color: ' . $text_color . ' !important;'; - $css_class .= ' um-customized-row'; + $css_class .= ' um-customized-row'; } // show the heading if ( $heading ) { - if ( ! empty( $heading_background_color ) ) { - $css_heading_background_color = "background-color: $heading_background_color;"; - $css_heading_padding = 'padding: 10px 15px;'; + if ( ! empty( $row_array['heading_background_color'] ) ) { + $css_heading_background_color = 'background-color: ' . $row_array['heading_background_color'] . ';'; + $css_heading_padding = 'padding: 10px 15px;'; } $css_heading_borderradius = empty( $borderradius ) ? '' : "border-radius: $borderradius $borderradius 0px 0px;"; - $css_heading_border = $css_border . $css_borderstyle . $css_bordercolor . $css_heading_borderradius . 'border-bottom-width: 0px;'; - $css_heading_margin = $css_margin . 'margin-bottom: 0px;'; - $css_heading_text_color = empty( $heading_text_color ) ? '' : "color: $heading_text_color;"; - $css_icon_color = empty( $icon_color ) ? '' : "color: $icon_color;"; + $css_heading_border = $css_border . $css_borderstyle . $css_bordercolor . $css_heading_borderradius . 'border-bottom-width: 0px;'; + $css_heading_margin = $css_margin . 'margin-bottom: 0px;'; + $css_heading_text_color = empty( $row_array['heading_text_color'] ) ? '' : 'color: ' . $row_array['heading_text_color'] . ';'; + $css_icon_color = empty( $row_array['icon_color'] ) ? '' : 'color: ' . $row_array['icon_color'] . ';'; $output .= '
'; - if ( ! empty( $icon ) ) { - $output .= ''; + if ( ! empty( $row_array['icon'] ) ) { + $output .= ''; } - if ( ! empty( $heading_text ) ) { - $output .= htmlspecialchars( $heading_text ); + if ( ! empty( $row_array['heading_text'] ) ) { + $output .= htmlspecialchars( $row_array['heading_text'] ); } $output .= '
'; From 9d36b6fdec3ea63dce370843050dbebf9082e7af Mon Sep 17 00:00:00 2001 From: Mykyta Synelnikov Date: Fri, 23 Jun 2023 01:25:48 +0300 Subject: [PATCH 16/37] - reviewed `um_profile_content_main()`; --- includes/core/um-actions-profile.php | 138 ++++++++++++++++----------- 1 file changed, 84 insertions(+), 54 deletions(-) diff --git a/includes/core/um-actions-profile.php b/includes/core/um-actions-profile.php index febbb555..1376c69a 100644 --- a/includes/core/um-actions-profile.php +++ b/includes/core/um-actions-profile.php @@ -1,38 +1,38 @@ -options()->get( 'profile_tab_main' ) && ! isset( $_REQUEST['um_action'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification + // phpcs:ignore WordPress.Security.NonceVerification -- $_REQUEST is used for echo only + if ( ! isset( $_REQUEST['um_action'] ) && ! UM()->options()->get( 'profile_tab_main' ) ) { return; } /** - * Filters check user can view profile + * Filters user's ability to view a profile * - * @since 2.0 + * @since 1.3.x * @hook um_profile_can_view_main * - * @param {int} $can_view Can view profile. - * @param {int} $user_id User ID. + * @param {int} $can_view Can view profile. It's -1 by default. + * @param {int} $profile_id User Profile ID. * - * @return {int} Can view profile. + * @return {int} Can view profile. Set it to -1 for displaying and vice versa to hide. * - * @example Can view profile. - * function my_profile_can_view_main( $can_view, $user_id ) { - * // your code here + * @example Make profile hidden. + * function my_profile_can_view_main( $can_view, $profile_id ) { + * $can_view = 1; // make profile hidden. * return $can_view; * } * add_filter( 'um_profile_can_view_main', 'my_profile_can_view_main', 10, 2 ); @@ -41,98 +41,129 @@ function um_profile_content_main( $args ) { if ( -1 === (int) $can_view ) { /** - * Fires before form. + * Fires before UM Form content. * - * @since 2.0 + * @since 1.3.x * @hook um_before_form * - * @param {array} $args Profile form shortcode arguments. + * @param {array} $args UM Form shortcode arguments. * - * @example Make any custom action before form. + * @example Make any custom action before UM form. * function my_before_form( $args ) { * // your code here * } - * add_action( 'um_before_form', 'my_before_form', 10, 1 ); + * add_action( 'um_before_form', 'my_before_form' ); */ do_action( 'um_before_form', $args ); - /** - * Fires before profile form fields. + * Fires before UM Form fields. * - * @since 2.0 + * Note: $mode can be equals to 'login', 'profile', 'register'. + * + * @since 1.3.x * @hook um_before_{$mode}_fields * - * @param {array} $args Profile form shortcode arguments. + * @param {array} $args UM Form shortcode arguments. * - * @example Make any custom action before fields. - * function my_before_fields( $args ) { + * @example Make any custom action before UM Profile form fields. + * function my_before_profile_fields( $args ) { * // your code here * } - * add_action( 'um_before_{$mode}_fields', 'my_before_fields', 10, 1 ); + * add_action( 'um_before_profile_fields', 'my_before_profile_fields' ); + * @example Make any custom action before UM Login form fields. + * function my_before_login_fields( $args ) { + * // your code here + * } + * add_action( 'um_before_login_fields', 'my_before_login_fields' ); + * @example Make any custom action before UM Register form fields. + * function my_before_register_fields( $args ) { + * // your code here + * } + * add_action( 'um_before_register_fields', 'my_before_register_fields' ); */ do_action( "um_before_{$mode}_fields", $args ); - /** - * Fires before login form fields. + * Fires for rendering UM Form fields. * - * @since 2.0 + * Note: $mode can be equals to 'login', 'profile', 'register'. + * + * @since 1.3.x * @hook um_main_{$mode}_fields * - * @param {array} $args Login form shortcode arguments. + * @param {array} $args UM Form shortcode arguments. * - * @example Make any custom action before login form fields. - * function my_before_form( $args ) { + * @example Make any custom action when profile form fields are rendered. + * function my_main_profile_fields( $args ) { * // your code here * } - * add_action( 'um_main_{$mode}_fields', 'my_before_form', 10, 1 ); + * add_action( 'um_main_profile_fields', 'my_main_profile_fields' ); + * @example Make any custom action when login form fields are rendered. + * function my_main_login_fields( $args ) { + * // your code here + * } + * add_action( 'um_main_login_fields', 'my_main_login_fields' ); + * @example Make any custom action when register form fields are rendered. + * function my_main_register_fields( $args ) { + * // your code here + * } + * add_action( 'um_main_register_fields', 'my_main_register_fields' ); */ do_action( "um_main_{$mode}_fields", $args ); - /** - * Fires after login form fields. + * Fires after UM Form fields. * - * @since 2.0 + * @since 1.3.x * @hook um_after_form_fields * - * @param {array} $args Login form shortcode arguments. + * @param {array} $args UM Form shortcode arguments. * - * @example Make any custom action after login form fields. + * @example Make any custom action after UM Form fields. * function my_after_form_fields( $args ) { * // your code here * } - * add_action( 'um_after_form_fields', 'my_after_form_fields', 10, 1 ); + * add_action( 'um_after_form_fields', 'my_after_form_fields' ); */ do_action( 'um_after_form_fields', $args ); - /** - * Fires after profile form fields. + * Fires after UM Form fields. * - * @since 2.0 + * Note: $mode can be equals to 'login', 'profile', 'register'. + * + * @since 1.3.x * @hook um_after_{$mode}_fields * - * @param {array} $args Profile form shortcode arguments. + * @param {array} $args UM Form shortcode arguments. * * @example Make any custom action after profile form fields. - * function my_after_form_fields( $args ) { + * function my_after_profile_fields( $args ) { * // your code here * } - * add_action( 'um_after_{$mode}_fields', 'my_after_form_fields', 10, 1 ); + * add_action( 'um_after_profile_fields', 'my_after_profile_fields' ); + * @example Make any custom action after login form fields. + * function my_after_login_fields( $args ) { + * // your code here + * } + * add_action( 'um_after_login_fields', 'my_after_login_fields' ); + * @example Make any custom action after register form fields. + * function my_after_register_fields( $args ) { + * // your code here + * } + * add_action( 'um_after_register_fields', 'my_after_register_fields' ); */ do_action( "um_after_{$mode}_fields", $args ); - /** - * Fires after profile form fields. + * Fires after UM Form content. * - * @since 2.0 - * @hook my_after_form + * @since 1.3.x + * @hook um_after_form * - * @param {array} $args Profile form shortcode arguments. + * @param {array} $args UM Form shortcode arguments. * - * @example Make any custom action after profile form fields. + * @example Make any custom action after UM Form content. * function my_after_form( $args ) { * // your code here * } - * add_action( 'my_after_form', 'my_after_form', 10, 1 ); + * add_action( 'um_after_form', 'my_after_form' ); */ do_action( 'um_after_form', $args ); @@ -149,7 +180,6 @@ function um_profile_content_main( $args ) { } add_action( 'um_profile_content_main', 'um_profile_content_main' ); - /** * Update user's profile * From 4c1575ee36194a323fa4cf2b8b389c2239df926e Mon Sep 17 00:00:00 2001 From: Mykyta Synelnikov Date: Fri, 23 Jun 2023 01:56:15 +0300 Subject: [PATCH 17/37] - reviewed `um_user_login()`; --- includes/core/um-actions-login.php | 53 +++++++++++++++--------------- 1 file changed, 26 insertions(+), 27 deletions(-) diff --git a/includes/core/um-actions-login.php b/includes/core/um-actions-login.php index eeb48526..dbf019ea 100644 --- a/includes/core/um-actions-login.php +++ b/includes/core/um-actions-login.php @@ -1,5 +1,7 @@ -form()->add_error( 'username', __( 'Please enter your username or email', 'ultimate-member' ) ); } @@ -190,16 +191,17 @@ function um_store_lastlogin_timestamp_( $login ) { } add_action( 'wp_login', 'um_store_lastlogin_timestamp_' ); - /** * Login user process * * @param array $args */ function um_user_login( $args ) { - $rememberme = ( isset( $args['rememberme'] ) && 1 === (int) $args['rememberme'] && isset( $_REQUEST['rememberme'] ) ) ? 1 : 0; // phpcs:ignore WordPress.Security.NonceVerification + // phpcs:disable WordPress.Security.NonceVerification -- already verified here + $rememberme = ( isset( $_REQUEST['rememberme'], $args['rememberme'] ) && 1 === (int) $args['rememberme'] ) ? 1 : 0; - if ( ( UM()->options()->get( 'deny_admin_frontend_login' ) && ! isset( $_GET['provider'] ) ) && strrpos( um_user( 'wp_roles' ), 'administrator' ) !== false ) { // phpcs:ignore WordPress.Security.NonceVerification + // @todo check using the 'deny_admin_frontend_login' option + if ( false !== strrpos( um_user( 'wp_roles' ), 'administrator' ) && ( ! isset( $_GET['provider'] ) && UM()->options()->get( 'deny_admin_frontend_login' ) ) ) { wp_die( esc_html__( 'This action has been prevented for security measures.', 'ultimate-member' ) ); } @@ -208,7 +210,7 @@ function um_user_login( $args ) { /** * Fires after successful login and before user is redirected. * - * @since 2.0 + * @since 1.3.x * @hook um_on_login_before_redirect * * @param {int} $user_id User ID. @@ -221,29 +223,29 @@ function um_user_login( $args ) { */ do_action( 'um_on_login_before_redirect', um_user( 'ID' ) ); - // Priority redirect + // Priority redirect from $_GET attribute. if ( ! empty( $args['redirect_to'] ) ) { - exit( wp_safe_redirect( $args['redirect_to'] ) ); + wp_safe_redirect( $args['redirect_to'] ); + exit; } // Role redirect $after_login = um_user( 'after_login' ); if ( empty( $after_login ) ) { - exit( wp_redirect( um_user_profile_url() ) ); + wp_safe_redirect( um_user_profile_url() ); + exit; } switch ( $after_login ) { - case 'redirect_admin': - exit( wp_redirect( admin_url() ) ); - break; - + wp_safe_redirect( admin_url() ); + exit; case 'redirect_url': /** - * Filters change redirect URL after successful login + * Filters change redirect URL after successful login. * * @since 2.0 - * @hook um_profile_can_view_main + * @hook um_login_redirect_url * * @param {string} $can_view Redirect URL. * @param {int} $user_id User ID. @@ -258,22 +260,19 @@ function um_user_login( $args ) { * add_filter( 'um_login_redirect_url', 'my_login_redirect_url', 10, 2 ); */ $redirect_url = apply_filters( 'um_login_redirect_url', um_user( 'login_redirect_url' ), um_user( 'ID' ) ); - exit( wp_redirect( $redirect_url ) ); - break; - + wp_safe_redirect( $redirect_url ); + exit; case 'refresh': - exit( wp_redirect( UM()->permalinks()->get_current_url() ) ); - break; - + wp_safe_redirect( UM()->permalinks()->get_current_url() ); + exit; case 'redirect_profile': default: - exit( wp_redirect( um_user_profile_url() ) ); - break; - + wp_safe_redirect( um_user_profile_url() ); + exit; } + // phpcs:enable WordPress.Security.NonceVerification -- already verified here } -add_action( 'um_user_login', 'um_user_login', 10 ); - +add_action( 'um_user_login', 'um_user_login' ); /** * Form processing From f9404bb516fd26eb973915af54caadfc1d339620 Mon Sep 17 00:00:00 2001 From: Mykyta Synelnikov Date: Fri, 23 Jun 2023 03:05:49 +0300 Subject: [PATCH 18/37] - reviewed `um_add_update_notice()`; --- includes/core/um-actions-misc.php | 109 ++++++++++++++++++------------ 1 file changed, 65 insertions(+), 44 deletions(-) diff --git a/includes/core/um-actions-misc.php b/includes/core/um-actions-misc.php index c5744df3..0160e190 100644 --- a/includes/core/um-actions-misc.php +++ b/includes/core/um-actions-misc.php @@ -1,8 +1,8 @@ -form()->errors ) { // phpcs:ignore WordPress.Security.NonceVerification - switch ( sanitize_key( $_REQUEST['updated'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification + // Skip if there are errors while submission. + if ( UM()->form()->errors ) { + return; + } + + // phpcs:disable WordPress.Security.NonceVerification -- used for echo and already verified here. + if ( ! empty( $_REQUEST['updated'] ) ) { + $updated = sanitize_key( $_REQUEST['updated'] ); + switch ( $updated ) { default: /** - * Filters add custom success message + * Filters a custom success message. * - * @since 2.0 + * @since 1.3.x + * @since 2.6.4 Added `$args` parameter. * @hook um_custom_success_message_handler * - * @param {string} $success Message. - * @param {array} $updated Updated data. + * @param {string} $success Success message. + * @param {string} $updated Updated key. + * @param {array} $args UM Form shortcode arguments. * * @return {string} Message. * - * @example Can view profile. - * function my_custom_success_message( $success, $updated ) { - * // your code here + * @example It adds a custom message for `custom_key_on_profile` updated key. + * function my_custom_success_message( $success, $updated, $args ) { + * if ( 'custom_key_on_profile' === $updated ) { + * $success = 'Some custom message'; + * } * return $success; * } - * add_filter( 'um_custom_success_message_handler', 'my_custom_success_message', 10, 2 ); + * add_filter( 'um_custom_success_message_handler', 'my_custom_success_message', 10, 3 ); */ - $success = apply_filters( 'um_custom_success_message_handler', $success, sanitize_key( $_REQUEST['updated'] ) ); // phpcs:ignore WordPress.Security.NonceVerification + $success = apply_filters( 'um_custom_success_message_handler', $success, $updated, $args ); break; - case 'account': $success = __( 'Your account was updated successfully.', 'ultimate-member' ); break; - case 'password_changed': $success = __( 'You have successfully changed your password.', 'ultimate-member' ); break; - case 'account_active': $success = __( 'Your account is now active! You can login.', 'ultimate-member' ); break; - } } - if ( ! empty( $_REQUEST['err'] ) && ! UM()->form()->errors ) { // phpcs:ignore WordPress.Security.NonceVerification - switch ( sanitize_key( $_REQUEST['err'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification - + if ( ! empty( $_REQUEST['err'] ) ) { + $request_error = sanitize_key( $_REQUEST['err'] ); + switch ( $request_error ) { default: /** - * Filters add custom error message + * Filters a custom error message. * - * @since 2.0 + * @since 1.3.x + * @since 2.6.4 Added `$args` parameter. * @hook um_custom_error_message_handler * - * @param {string} $success Error message. - * @param {array} $updated Error data. + * @param {string} $error Error message. + * @param {string} $request_error Error data. + * @param {array} $args UM Form shortcode arguments. * * @return {string} Error message. * - * @example Can view profile. - * function my_custom_error_message( $error, $request_error ) { - * // your code here + * @example It adds a custom error for `custom_key_on_profile` error key. + * function my_custom_error_message( $error, $request_error, $args ) { + * if ( 'custom_key_on_profile' === $request_error ) { + * $error = 'Some custom message'; + * } * return $error; * } - * add_filter( 'um_custom_error_message_handler', 'my_custom_error_message', 10, 2 ); + * add_filter( 'um_custom_error_message_handler', 'my_custom_error_message', 10, 3 ); */ - $err = apply_filters( 'um_custom_error_message_handler', $err, sanitize_key( $_REQUEST['err'] ) ); // phpcs:ignore WordPress.Security.NonceVerification - if ( ! $err ) { + $err = apply_filters( 'um_custom_error_message_handler', $err, $request_error, $args ); + if ( empty( $err ) ) { $err = __( 'An error has been encountered', 'ultimate-member' ); } break; - case 'registration_disabled': $err = __( 'Registration is currently disabled', 'ultimate-member' ); break; - case 'blocked_email': $err = __( 'This email address has been blocked.', 'ultimate-member' ); break; - case 'blocked_domain': $err = __( 'We do not accept registrations from that domain.', 'ultimate-member' ); break; - case 'blocked_ip': $err = __( 'Your IP address has been blocked.', 'ultimate-member' ); break; - case 'inactive': $err = __( 'Your account has been disabled.', 'ultimate-member' ); break; - case 'awaiting_admin_review': $err = __( 'Your account has not been approved yet.', 'ultimate-member' ); break; - case 'awaiting_email_confirmation': $err = __( 'Your account is awaiting e-mail verification.', 'ultimate-member' ); break; - case 'rejected': $err = __( 'Your membership request has been rejected.', 'ultimate-member' ); break; - case 'invalid_nonce': $err = __( 'An error has been encountered. Probably page was cached. Please try again.', 'ultimate-member' ); break; - } } + // phpcs:enable WordPress.Security.NonceVerification -- used for echo and already verified here. + + add_filter( 'um_late_escaping_allowed_tags', 'um_form_notices_additional_tags', 10, 2 ); if ( ! empty( $err ) ) { $output .= '

' . $err . '

'; @@ -191,6 +194,24 @@ function um_add_update_notice( $args ) { $output .= '

' . $success . '

'; } - echo $output; + echo wp_kses( $output, UM()->get_allowed_html( 'templates' ) ); + + remove_filter( 'um_late_escaping_allowed_tags', 'um_form_notices_additional_tags' ); } add_action( 'um_before_form', 'um_add_update_notice', 500 ); + +/** + * Extends allowed tags for displaying UM Form notices. + * + * @since 2.6.4 + * + * @param array $allowed_html + * @param string $context + * @return array + */ +function um_form_notices_additional_tags( $allowed_html, $context ) { + if ( 'templates' === $context ) { + $allowed_html['i']['onclick'] = true; + } + return $allowed_html; +} From f52f266aa849f3bca70754329582dec324199cb7 Mon Sep 17 00:00:00 2001 From: Mykyta Synelnikov Date: Fri, 23 Jun 2023 03:16:42 +0300 Subject: [PATCH 19/37] - reviewed `um_pre_profile_shortcode()`; --- includes/core/um-actions-profile.php | 60 +++++++++++++--------------- 1 file changed, 28 insertions(+), 32 deletions(-) diff --git a/includes/core/um-actions-profile.php b/includes/core/um-actions-profile.php index 1376c69a..74e66ff6 100644 --- a/includes/core/um-actions-profile.php +++ b/includes/core/um-actions-profile.php @@ -1363,54 +1363,50 @@ function um_profile_header( $args ) { } add_action( 'um_profile_header', 'um_profile_header', 9 ); - /** - * Adds profile permissions to view/edit + * Adds profile permissions to view/edit. * - * @param $args + * @param array $args */ function um_pre_profile_shortcode( $args ) { - if ( ! array_key_exists( 'mode', $args ) ) { + // It handles only UM Profile forms. + if ( ! array_key_exists( 'mode', $args ) || 'profile' !== $args['mode'] ) { return; } - $mode = $args['mode']; - if ( 'profile' === $mode ) { - if ( UM()->fields()->editing ) { - if ( um_get_requested_user() ) { - if ( ! UM()->roles()->um_current_user_can( 'edit', um_get_requested_user() ) ) { - um_redirect_home( um_get_requested_user(), um_is_myprofile() ); - } - um_fetch_user( um_get_requested_user() ); + if ( UM()->fields()->editing ) { + if ( um_get_requested_user() ) { + if ( ! UM()->roles()->um_current_user_can( 'edit', um_get_requested_user() ) ) { + um_redirect_home( um_get_requested_user(), um_is_myprofile() ); } + um_fetch_user( um_get_requested_user() ); + } + } else { + UM()->fields()->viewing = 1; + + if ( um_get_requested_user() ) { + if ( ! um_is_myprofile() && ! um_can_view_profile( um_get_requested_user() ) ) { + um_redirect_home( um_get_requested_user(), um_is_myprofile() ); + } + + if ( ! UM()->roles()->um_current_user_can( 'edit', um_get_requested_user() ) ) { + UM()->user()->cannot_edit = 1; + } + + um_fetch_user( um_get_requested_user() ); } else { - UM()->fields()->viewing = 1; + if ( ! is_user_logged_in() ) { + um_redirect_home( um_get_requested_user(), um_is_myprofile() ); + } - if ( um_get_requested_user() ) { - if ( ! um_can_view_profile( um_get_requested_user() ) && ! um_is_myprofile() ) { - um_redirect_home( um_get_requested_user(), um_is_myprofile() ); - } - - if ( ! UM()->roles()->um_current_user_can( 'edit', um_get_requested_user() ) ) { - UM()->user()->cannot_edit = 1; - } - - um_fetch_user( um_get_requested_user() ); - } else { - if ( ! is_user_logged_in() ) { - um_redirect_home( um_get_requested_user(), um_is_myprofile() ); - } - - if ( ! um_user( 'can_edit_profile' ) ) { - UM()->user()->cannot_edit = 1; - } + if ( ! um_user( 'can_edit_profile' ) ) { + UM()->user()->cannot_edit = 1; } } } } add_action( 'um_pre_profile_shortcode', 'um_pre_profile_shortcode' ); - /** * Display the edit profile icon * From 60a5feb18bc32eecb9813286a16689a3bb892326 Mon Sep 17 00:00:00 2001 From: ashubawork Date: Fri, 23 Jun 2023 10:46:35 +0300 Subject: [PATCH 20/37] - fix edit_field() --- includes/core/class-fields.php | 1149 ++++++++++++++------------------ 1 file changed, 518 insertions(+), 631 deletions(-) diff --git a/includes/core/class-fields.php b/includes/core/class-fields.php index 6fe88ed5..acda401f 100644 --- a/includes/core/class-fields.php +++ b/includes/core/class-fields.php @@ -2140,70 +2140,13 @@ if ( ! class_exists( 'um\core\Fields' ) ) { // Merge data passed with original field data. $data = array_merge( $origin_data, $data ); } - - /** - * @var string $in_row - * @var boolean $in_sub_row - * @var boolean $in_column - * @var string $type - * @var string $metakey - * @var int $position - * @var string $title - * @var string $help - * @var array $options - * @var string $visibility - * @var string $label - * @var string $placeholder - * @var boolean $public - * @var boolean $editable - * @var string $icon - * @var boolean $in_group - * @var boolean $required - * @var string $validate - * @var string $default - * @var string $conditional - * @var string $input - * @var string $js_format - * @var string $date_max - * @var string $date_min - * @var string $disabled_weekdays - * @var string $years_x - * @var string $years - * @var string $range - * @var string $intervals - * @var string $height - * @var string $spacing - * @var string $borderwidth - * @var string $borderstyle - * @var string $bordercolor - * @var string $divider_text - * @var string $crop_class - * @var string $crop_data - * @var string $modal_size - * @var string $ratio - * @var string $min_width - * @var string $min_height - * @var string $button_text - * @var string $max_size - * @var string $max_size_error - * @var string $extension_error - * @var string $allowed_types - * @var string $upload_text - * @var string $max_files_error - * @var string $upload_help_text - * @var string $min_size_error - * @var string $filter - * @var string $content - * @var string $max_entries - */ - extract( $data ); } if ( ! isset( $data['type'] ) ) { return ''; } - if ( isset( $data['in_group'] ) && $data['in_group'] != '' && $rule != 'group' ) { + if ( isset( $data['in_group'] ) && '' !== $data['in_group'] && 'group' !== $rule ) { return ''; } @@ -2215,7 +2158,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) { // required option? 'required_opt' - it's field attribute predefined in the field data in code if ( isset( $data['required_opt'] ) ) { $opt = $data['required_opt']; - if ( UM()->options()->get( $opt[0] ) != $opt[1] ) { + if ( UM()->options()->get( $opt[0] ) !== $opt[1] ) { return ''; } } @@ -2229,12 +2172,11 @@ if ( ! class_exists( 'um\core\Fields' ) ) { // fields that need to be disabled in edit mode (profile) (email, username, etc.) $arr_restricted_fields = $this->get_restricted_fields_for_edit( $_um_profile_id ); - if ( in_array( $key, $arr_restricted_fields ) && $this->editing == true && $this->set_mode == 'profile' ) { + if ( in_array( $key, $arr_restricted_fields, true ) && true === $this->editing && 'profile' === $this->set_mode ) { return ''; } - - if ( $visibility == 'view' && $this->set_mode != 'register' ) { + if ( 'view' === $data['visibility'] && 'register' !== $this->set_mode ) { return ''; } @@ -2246,7 +2188,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) { // Stop return empty values build field attributes: - if ( $visibility == 'view' && $this->set_mode == 'register' ) { + if ( 'view' === $data['visibility'] && 'register' === $this->set_mode ) { um_fetch_user( get_current_user_id() ); if ( ! um_user( 'can_edit_everyone' ) ) { @@ -2254,7 +2196,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) { } um_fetch_user( $_um_profile_id ); - if ( isset( $data['public'] ) && $data['public'] == '-2' && $data['roles'] ) { + if ( isset( $data['public'] ) && '-2' === $data['public'] && $data['roles'] ) { $current_user_roles = um_user( 'roles' ); if ( ! empty( $current_user_roles ) && count( array_intersect( $current_user_roles, $data['roles'] ) ) > 0 ) { $disabled = ''; @@ -2262,9 +2204,9 @@ if ( ! class_exists( 'um\core\Fields' ) ) { } } - if ( ! empty( $this->editing ) && $this->set_mode == 'profile' ) { + if ( ! empty( $this->editing ) && 'profile' === $this->set_mode ) { if ( ! UM()->roles()->um_user_can( 'can_edit_everyone' ) ) { - if ( isset( $data['editable'] ) && $data['editable'] == 0 ) { + if ( isset( $data['editable'] ) && 0 === $data['editable'] ) { $disabled = ' disabled="disabled" '; } } @@ -2274,41 +2216,47 @@ if ( ! class_exists( 'um\core\Fields' ) ) { if ( ! isset( $data['autocomplete'] ) ) { $autocomplete = 'off'; + } else { + $autocomplete = $data['autocomplete']; } if ( isset( $data['classes'] ) ) { - $classes = explode( " ", $data['classes'] ); + $classes = explode( ' ', $data['classes'] ); + } else { + $classes = ''; } um_fetch_user( $_um_profile_id ); + if ( ! isset( $data['type'] ) ) { + return ''; + } + $type = $data['type']; + /** - * UM hook + * Filters change field type. * - * @type filter - * @title um_hook_for_field_{$type} - * @description Change field type - * @input_vars - * [{"var":"$type","type":"string","desc":"Field Type"}] - * @change_log - * ["Since: 2.0"] - * @usage add_filter( 'um_hook_for_field_{$type}', 'function_name', 10, 1 ); - * @example - * Change field type. + * function my_field_type( $type ) { * // your code here * return $type; * } - * ?> + * add_filter( 'um_hook_for_field_{$type}', 'my_field_type', 10, 1 ); */ $type = apply_filters( "um_hook_for_field_{$type}", $type ); switch ( $type ) { case 'textarea': case 'multiselect': - $field_id = $field_name = $key; - $field_value = $this->field_value( $key, $default, $data ); + $field_id = $field_name = $key; + $field_value = $this->field_value( $key, $data['default'], $data ); break; case 'select': @@ -2322,30 +2270,26 @@ if ( ! class_exists( 'um\core\Fields' ) ) { } /** - * UM hook + * Filters change core id not allowed duplicate. * - * @type filter - * @title um_completeness_field_id - * @description use for change core id not allowed duplicate - * @input_vars - * [{"var":"$field_id","type":"string","desc":"Field id"}, - * {"var":"$data","type":"array","desc":"Field Data"}] - * {"var":"$args","type":"array","desc":"Optional field arguments"}] - * @change_log - * ["Since: 2.0.13"] - * @usage add_filter( 'um_completeness_field_id', 'function_name', 10, 3 ); - * @example - * Change core id. * function function_name( $field_id, $data, $args ) { * // your code here * return $field_id; * } - * ?> + * add_filter( 'um_completeness_field_id', 'function_name', 10, 3 ); */ $field_id = apply_filters( 'um_completeness_field_id', $field_id, $data, $args ); - /* Begin by field type */ switch ( $type ) { @@ -2354,27 +2298,23 @@ if ( ! class_exists( 'um\core\Fields' ) ) { $mode = ( isset( $this->set_mode ) ) ? $this->set_mode : 'no_mode'; /** - * UM hook + * Filters change field html by $mode and field $type * - * @type filter - * @title um_edit_field_{$mode}_{$type} - * @description Change field html by $mode and field $type - * @input_vars - * [{"var":"$output","type":"string","desc":"Field HTML"}, - * {"var":"$data","type":"array","desc":"Field Data"}] - * @change_log - * ["Since: 2.0"] - * @usage add_filter( 'um_edit_field_{$mode}_{$type}', 'function_name', 10, 2 ); - * @example - * Change field html by $mode and field $type. * function my_edit_field_html( $output, $data ) { * // your code here * return $output; * } - * ?> + * add_filter( 'um_edit_field_{$mode}_{$type}', 'my_edit_field_html', 10, 2 ); */ - $output .= apply_filters( "um_edit_field_{$mode}_{$type}", $output, $data ); break; @@ -2384,26 +2324,23 @@ if ( ! class_exists( 'um\core\Fields' ) ) { case 'vimeo_video': case 'spotify': case 'soundcloud_track': - - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; if ( isset( $data['label'] ) ) { - $output .= $this->field_label( $label, $key, $data ); + $output .= $this->field_label( $data['label'], $key, $data ); } $output .= '
'; - if ( ! empty( $icon ) && isset( $this->field_icons ) && $this->field_icons == 'field' ) { - - $output .= '
'; - + if ( ! empty( $data['icon'] ) && isset( $this->field_icons ) && 'field' === $this->field_icons ) { + $output .= '
'; } $field_name = $key . $form_suffix; - $field_value = $this->field_value( $key, $default, $data ); + $field_value = $this->field_value( $key, $data['default'], $data ); $field_value = ! is_null( $field_value ) ? htmlspecialchars( $field_value ) : null; - $output .= ' + $output .= '
'; @@ -2413,7 +2350,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) { if ( $this->is_error( $key ) ) { $output .= $this->field_error( $this->show_error( $key ) ); - }else if ( $this->is_notice( $key ) ) { + } elseif ( $this->is_notice( $key ) ) { $output .= $this->field_notice( $this->show_notice( $key ) ); } @@ -2422,26 +2359,25 @@ if ( ! class_exists( 'um\core\Fields' ) ) { /* Text */ case 'text': - - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; if ( isset( $data['label'] ) ) { - $output .= $this->field_label( $label, $key, $data ); + $output .= $this->field_label( $data['label'], $key, $data ); } $output .= '
'; - if ( ! empty( $icon ) && isset( $this->field_icons ) && $this->field_icons == 'field' ) { + if ( ! empty( $data['icon'] ) && isset( $this->field_icons ) && 'field' === $this->field_icons ) { - $output .= '
'; + $output .= '
'; } $field_name = $key . $form_suffix; - $field_value = $this->field_value( $key, $default, $data ); + $field_value = $this->field_value( $key, $data['default'], $data ); $field_value = ! is_null( $field_value ) ? htmlspecialchars( $field_value ) : null; - $output .= ' + $output .= '
'; @@ -2460,26 +2396,25 @@ if ( ! class_exists( 'um\core\Fields' ) ) { /* Tel */ case 'tel': - - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; if ( isset( $data['label'] ) ) { - $output .= $this->field_label( $label, $key, $data ); + $output .= $this->field_label( $data['label'], $key, $data ); } $output .= '
'; - if ( ! empty( $icon ) && isset( $this->field_icons ) && $this->field_icons == 'field' ) { + if ( ! empty( $data['icon'] ) && isset( $this->field_icons ) && 'field' === $this->field_icons ) { - $output .= '
'; + $output .= '
'; } $field_name = $key . $form_suffix; - $field_value = $this->field_value( $key, $default, $data ); + $field_value = $this->field_value( $key, $data['default'], $data ); $field_value = ! is_null( $field_value ) ? htmlspecialchars( $field_value ) : null; - $output .= ' + $output .= '
'; @@ -2489,7 +2424,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) { if ( $this->is_error( $key ) ) { $output .= $this->field_error( $this->show_error( $key ) ); - }else if ( $this->is_notice( $key ) ) { + } elseif ( $this->is_notice( $key ) ) { $output .= $this->field_notice( $this->show_notice( $key ) ); } @@ -2498,39 +2433,38 @@ if ( ! class_exists( 'um\core\Fields' ) ) { /* Number */ case 'number': - - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; if ( isset( $data['label'] ) ) { - $output .= $this->field_label( $label, $key, $data ); + $output .= $this->field_label( $data['label'], $key, $data ); } $output .= '
'; - if ( ! empty( $icon ) && isset( $this->field_icons ) && $this->field_icons == 'field' ) { + if ( ! empty( $data['icon'] ) && isset( $this->field_icons ) && 'field' === $this->field_icons ) { - $output .= '
'; + $output .= '
'; } $number_limit = ''; - if ( isset( $min ) ) { - $number_limit .= ' min="' . esc_attr( $min ) . '" '; + if ( isset( $data['min'] ) ) { + $number_limit .= ' min="' . esc_attr( $data['min'] ) . '" '; } - if ( isset( $max ) ) { - $number_limit .= ' max="' . esc_attr( $max ) . '" '; + if ( isset( $data['max'] ) ) { + $number_limit .= ' max="' . esc_attr( $data['max'] ) . '" '; } - $field_value = $this->field_value( $key, $default, $data ); + $field_value = $this->field_value( $key, $data['default'], $data ); $field_value = ! is_null( $field_value ) ? htmlspecialchars( $field_value ) : null; - $output .= ' + $output .= '
'; if ( $this->is_error( $key ) ) { $output .= $this->field_error( $this->show_error( $key ) ); - }else if ( $this->is_notice( $key ) ) { + } elseif ( $this->is_notice( $key ) ) { $output .= $this->field_notice( $this->show_notice( $key ) ); } @@ -2539,34 +2473,33 @@ if ( ! class_exists( 'um\core\Fields' ) ) { /* Password */ case 'password': - $original_key = $key; - if ( $key == 'single_user_password' ) { + if ( 'single_user_password' === $key ) { $key = $original_key; - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; if ( isset( $data['label'] ) ) { - $output .= $this->field_label( $label, $key, $data ); + $output .= $this->field_label( $data['label'], $key, $data ); } $output .= '
'; - if ( ! empty( $icon ) && isset( $this->field_icons ) && $this->field_icons == 'field' ) { + if ( ! empty( $data['icon'] ) && isset( $this->field_icons ) && 'field' === $this->field_icons ) { - $output .= '
'; + $output .= '
'; } - $output .= ' + $output .= '
'; if ( $this->is_error( $key ) ) { $output .= $this->field_error( $this->show_error( $key ) ); - }else if ( $this->is_notice( $key ) ) { + } elseif ( $this->is_notice( $key ) ) { $output .= $this->field_notice( $this->show_notice( $key ) ); } @@ -2574,11 +2507,10 @@ if ( ! class_exists( 'um\core\Fields' ) ) { } else { - if ( UM()->account()->current_password_is_required( 'password' ) && - ( $this->set_mode == 'account' || um_is_core_page( 'account' ) ) ) { + if ( UM()->account()->current_password_is_required( 'password' ) && ( 'account' === $this->set_mode || um_is_core_page( 'account' ) ) ) { - $key = 'current_' . $original_key; - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; + $key = 'current_' . $original_key; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; if ( isset( $data['label'] ) ) { $output .= $this->field_label( __( 'Current Password', 'ultimate-member' ), $key, $data ); @@ -2586,13 +2518,13 @@ if ( ! class_exists( 'um\core\Fields' ) ) { $output .= '
'; - if ( ! empty( $icon ) && isset( $this->field_icons ) && $this->field_icons == 'field') { + if ( ! empty( $data['icon'] ) && isset( $this->field_icons ) && 'field' === $this->field_icons ) { - $output .= '
'; + $output .= '
'; } - $output .= ' + $output .= '
'; @@ -2608,32 +2540,32 @@ if ( ! class_exists( 'um\core\Fields' ) ) { $key = $original_key; - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; - if ( $this->set_mode == 'account' && um_is_core_page( 'account' ) || $this->set_mode == 'password' && um_is_core_page( 'password-reset' ) ) { + if ( 'account' === $this->set_mode && um_is_core_page( 'account' ) || 'password' === $this->set_mode && um_is_core_page( 'password-reset' ) ) { $output .= $this->field_label( __( 'New Password', 'ultimate-member' ), $key, $data ); } elseif ( isset( $data['label'] ) ) { - $output .= $this->field_label( $label, $key, $data ); + $output .= $this->field_label( $data['label'], $key, $data ); } $output .= '
'; - if ( ! empty( $icon ) && isset( $this->field_icons ) && $this->field_icons == 'field') { + if ( ! empty( $data['icon'] ) && isset( $this->field_icons ) && 'field' === $this->field_icons ) { - $output .= '
'; + $output .= '
'; } $name = $key . $form_suffix; - if ( $this->set_mode == 'password' && um_is_core_page( 'password-reset' ) ) { + if ( 'password' === $this->set_mode && um_is_core_page( 'password-reset' ) ) { $name = $key; } - $output .= ' + $output .= '
'; @@ -2645,84 +2577,83 @@ if ( ! class_exists( 'um\core\Fields' ) ) { $output .= '
'; - if ( $this->set_mode != 'login' && isset( $data['force_confirm_pass'] ) && $data['force_confirm_pass'] == 1 ) { + if ( 'login' !== $this->set_mode && isset( $data['force_confirm_pass'] ) && 1 === $data['force_confirm_pass'] ) { - $key = 'confirm_' . $original_key; - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; + $key = 'confirm_' . $original_key; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; if ( ! empty( $data['label_confirm_pass'] ) ) { $label_confirm_pass = __( $data['label_confirm_pass'], 'ultimate-member' ); - $output .= $this->field_label( $label_confirm_pass, $key, $data ); + $output .= $this->field_label( $label_confirm_pass, $key, $data ); } elseif ( isset( $data['label'] ) ) { $data['label'] = __( $data['label'], 'ultimate-member' ); + /* translators: 1: label, 2: key, 3: data. */ $output .= $this->field_label( sprintf( __( 'Confirm %s', 'ultimate-member' ), $data['label'] ), $key, $data ); } $output .= '
'; - if ( ! empty( $icon ) && isset( $this->field_icons ) && $this->field_icons == 'field' ) { + if ( ! empty( $data['icon'] ) && isset( $this->field_icons ) && 'field' === $this->field_icons ) { - $output .= '
'; + $output .= '
'; } $name = $key . $form_suffix; - if ( $this->set_mode == 'password' && um_is_core_page( 'password-reset' ) ) { + if ( 'password' === $this->set_mode && um_is_core_page( 'password-reset' ) ) { $name = $key; } if ( ! empty( $label_confirm_pass ) ) { $placeholder = $label_confirm_pass; - } elseif( ! empty( $placeholder ) && ! isset( $data['label'] ) ) { - $placeholder = sprintf( __( 'Confirm %s', 'ultimate-member' ), $placeholder ); - } elseif( isset( $data['label'] ) ) { + } elseif ( ! empty( $data['placeholder'] ) && ! isset( $data['label'] ) ) { + /* translators: 1: placeholder. */ + $placeholder = sprintf( __( 'Confirm %s', 'ultimate-member' ), $data['placeholder'] ); + } elseif ( isset( $data['label'] ) ) { + /* translators: 1: label. */ $placeholder = sprintf( __( 'Confirm %s', 'ultimate-member' ), $data['label'] ); } - - $output .= ''; - + $output .= ''; $output .= '
'; if ( $this->is_error( $key ) ) { $output .= $this->field_error( $this->show_error( $key ) ); - }else if ( $this->is_notice( $key ) ) { + } elseif ( $this->is_notice( $key ) ) { $output .= $this->field_notice( $this->show_notice( $key ) ); } $output .= '
'; } - } break; /* URL */ case 'url': - - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; if ( isset( $data['label'] ) ) { - $output .= $this->field_label( $label, $key, $data ); + $output .= $this->field_label( $data['label'], $key, $data ); } $output .= '
'; - if ( ! empty( $icon ) && isset( $this->field_icons ) && $this->field_icons == 'field' ) { + if ( ! empty( $data['icon'] ) && isset( $this->field_icons ) && 'field' === $this->field_icons ) { - $output .= '
'; + $output .= '
'; } - $output .= ' + $output .= '
'; if ( $this->is_error( $key ) ) { $output .= $this->field_error( $this->show_error( $key ) ); - }else if ( $this->is_notice( $key ) ) { + } elseif ( $this->is_notice( $key ) ) { $output .= $this->field_notice( $this->show_notice( $key ) ); } @@ -2731,23 +2662,22 @@ if ( ! class_exists( 'um\core\Fields' ) ) { /* Date */ case 'date': + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; - - if (isset( $data['label'] )) { - $output .= $this->field_label( $label, $key, $data ); + if ( isset( $data['label'] ) ) { + $output .= $this->field_label( $data['label'], $key, $data ); } $output .= '
'; - if ( ! empty( $icon ) && isset( $this->field_icons ) && $this->field_icons == 'field' ) { + if ( ! empty( $data['icon'] ) && isset( $this->field_icons ) && 'field' === $this->field_icons ) { - $output .= '
'; + $output .= '
'; } // Normalise date format. - $value = $this->field_value( $key, $default, $data ); + $value = $this->field_value( $key, $data['default'], $data ); if ( $value ) { // numeric (either unix or YYYYMMDD). ACF uses Ymd format of date inside the meta tables. if ( is_numeric( $value ) && strlen( $value ) !== 8 ) { @@ -2759,13 +2689,13 @@ if ( ! class_exists( 'um\core\Fields' ) ) { $value = date( 'Y/m/d', $unixtimestamp ); } - $output .= ' + $output .= '
'; if ( $this->is_error( $key ) ) { $output .= $this->field_error( $this->show_error( $key ) ); - }else if ( $this->is_notice( $key ) ) { + } elseif ( $this->is_notice( $key ) ) { $output .= $this->field_notice( $this->show_notice( $key ) ); } @@ -2774,28 +2704,27 @@ if ( ! class_exists( 'um\core\Fields' ) ) { /* Time */ case 'time': + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; - - if (isset( $data['label'] )) { - $output .= $this->field_label( $label, $key, $data ); + if ( isset( $data['label'] ) ) { + $output .= $this->field_label( $data['label'], $key, $data ); } $output .= '
'; - if ( ! empty( $icon ) && isset( $this->field_icons ) && $this->field_icons == 'field' ) { + if ( ! empty( $data['icon'] ) && isset( $this->field_icons ) && 'field' === $this->field_icons ) { - $output .= '
'; + $output .= '
'; } - $output .= ' + $output .= '
'; if ( $this->is_error( $key ) ) { $output .= $this->field_error( $this->show_error( $key ) ); - }else if ( $this->is_notice( $key ) ) { + } elseif ( $this->is_notice( $key ) ) { $output .= $this->field_notice( $this->show_notice( $key ) ); } @@ -2809,25 +2738,25 @@ if ( ! class_exists( 'um\core\Fields' ) ) { /* Textarea */ case 'textarea': - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; if ( isset( $data['label'] ) ) { - $output .= $this->field_label( $label, $key, $data ); + $output .= $this->field_label( $data['label'], $key, $data ); } $output .= '
'; - if ( isset( $data['html'] ) && $data['html'] != 0 && 'description' !== $key ) { + if ( isset( $data['html'] ) && 0 !== $data['html'] && 'description' !== $key ) { $textarea_settings = array( 'media_buttons' => false, 'wpautop' => false, 'editor_class' => $this->get_class( $key, $data ), - 'editor_height' => $height, + 'editor_height' => $data['height'], 'tinymce' => array( 'toolbar1' => 'formatselect,bullist,numlist,bold,italic,underline,forecolor,blockquote,hr,removeformat,link,unlink,undo,redo', 'toolbar2' => '', - ) + ), ); if ( ! empty( $disabled ) ) { @@ -2835,24 +2764,21 @@ if ( ! class_exists( 'um\core\Fields' ) ) { } /** - * UM hook + * Filters change WP Editor options for textarea init. * - * @type filter - * @title um_form_fields_textarea_settings - * @description Change WP Editor options for textarea init - * @input_vars - * [{"var":"$textarea_settings","type":"array","desc":"WP Editor settings"}] - * @change_log - * ["Since: 2.0"] - * @usage add_filter( 'um_form_fields_textarea_settings', 'function_name', 10, 1 ); - * @example - * Change WP Editor options. + * function function_name( $textarea_settings ) { * // your code here * return $textarea_settings; * } - * ?> + * add_filter( 'um_form_fields_textarea_settings', 'function_name', 10, 1 ); */ $textarea_settings = apply_filters( 'um_form_fields_textarea_settings', $textarea_settings ); @@ -2864,13 +2790,13 @@ if ( ! class_exists( 'um\core\Fields' ) ) { // add the contents of the buffer to the output variable $output .= ob_get_clean(); - $output .= '
' . $placeholder . ''; + $output .= '
' . $data['placeholder'] . ''; } else { $textarea_field_value = ''; if ( ! empty( $field_value ) ) { $textarea_field_value = ! empty( $data['html'] ) ? $field_value : wp_strip_all_tags( $field_value ); } - $output .= ''; + $output .= ''; } $output .= '
'; @@ -2881,7 +2807,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) { if ( $this->is_error( $key ) ) { $output .= $this->field_error( $this->show_error( $key ) ); - }else if ( $this->is_notice( $key ) ) { + } elseif ( $this->is_notice( $key ) ) { $output .= $this->field_notice( $this->show_notice( $key ) ); } @@ -2890,15 +2816,15 @@ if ( ! class_exists( 'um\core\Fields' ) ) { /* Rating */ case 'rating': - $output .= '
get_atts( $key, $classes, $conditional, $data ) . '>'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . '>'; if ( isset( $data['label'] ) ) { - $output .= $this->field_label( $label, $key, $data ); + $output .= $this->field_label( $data['label'], $key, $data ); } $output .= '
'; - $output .= '
'; + $output .= '
'; $output .= '
'; if ( $this->is_error( $key ) ) { @@ -2913,78 +2839,76 @@ if ( ! class_exists( 'um\core\Fields' ) ) { /* Gap/Space */ case 'spacing': - $output .= '
get_atts( $key, $classes, $conditional, $data, array( 'height' => $spacing ) ) . '>
'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data, array( 'height' => $data['spacing'] ) ) . '>
'; break; /* A line divider */ case 'divider': - $output .= '
get_atts( $key, $classes, $conditional, $data, array( 'border-bottom' => $borderwidth . 'px ' . $borderstyle . ' ' . $bordercolor ) ) . '>'; - if ( $divider_text ) { - $output .= '
' . esc_html( $divider_text ) . '
'; + $output .= '
get_atts( $key, $classes, $data['conditional'], $data, array( 'border-bottom' => $data['borderwidth'] . 'px ' . $data['borderstyle'] . ' ' . $data['bordercolor'] ) ) . '>'; + if ( $data['divider_text'] ) { + $output .= '
' . esc_html( $data['divider_text'] ) . '
'; } $output .= '
'; break; /* Single Image Upload */ case 'image': - $output .= '
get_atts( $key, $classes, $conditional, $data ) . ' data-mode="' . esc_attr( $this->set_mode ) . '" data-upload-label="' . ( ! empty( $data['button_text'] ) ? esc_attr( $data['button_text'] ) : esc_attr__( 'Upload', 'ultimate-member' ) ) . '">'; - if ( in_array( $key, array( 'profile_photo', 'cover_photo' ) ) ) { + $output .= '
get_atts( $key, $classes, $data['conditional'], $data ) . ' data-mode="' . esc_attr( $this->set_mode ) . '" data-upload-label="' . ( ! empty( $data['button_text'] ) ? esc_attr( $data['button_text'] ) : esc_attr__( 'Upload', 'ultimate-member' ) ) . '">'; + if ( in_array( $key, array( 'profile_photo', 'cover_photo' ), true ) ) { $field_value = ''; } else { - $field_value = $this->field_value( $key, $default, $data ); + $field_value = $this->field_value( $key, $data['default'], $data ); } $output .= ''; if ( isset( $data['label'] ) ) { - $output .= $this->field_label( $label, $key, $data ); + $output .= $this->field_label( $data['label'], $key, $data ); } $modal_label = ( isset( $data['label'] ) ) ? $data['label'] : __( 'Upload Photo', 'ultimate-member' ); - $output .= '
'; + $output .= '
'; - if ( ! empty( $field_value ) && $field_value != 'empty_file' ) { - if ( ! in_array( $key, array( 'profile_photo', 'cover_photo' ) ) ) { - if ( isset( $this->set_mode ) && 'register' == $this->set_mode ) { - $image_info = get_transient("um_{$field_value}"); + if ( ! empty( $field_value ) && 'empty_file' !== $field_value ) { + if ( ! in_array( $key, array( 'profile_photo', 'cover_photo' ), true ) ) { + if ( isset( $this->set_mode ) && 'register' === $this->set_mode ) { + $image_info = get_transient( "um_{$field_value}" ); } else { - $image_info = um_user( $data['metakey']."_metadata" ); + $image_info = um_user( $data['metakey'] . '_metadata' ); } - if ( ( isset( $this->set_mode ) && $this->set_mode == 'register' ) || file_exists( UM()->uploader()->get_core_temp_dir() . DIRECTORY_SEPARATOR . $field_value ) ) { - $imgValue = UM()->uploader()->get_core_temp_url() . "/" . $this->field_value( $key, $default, $data ); + if ( ( isset( $this->set_mode ) && 'register' === $this->set_mode ) || file_exists( UM()->uploader()->get_core_temp_dir() . DIRECTORY_SEPARATOR . $field_value ) ) { + $img_value = UM()->uploader()->get_core_temp_url() . '/' . $this->field_value( $key, $data['default'], $data ); } else { - $imgValue = UM()->files()->get_download_link( $this->set_id, $key, um_user( 'ID' ) ); + $img_value = UM()->files()->get_download_link( $this->set_id, $key, um_user( 'ID' ) ); } - $img = ''; + $img = ''; } else { $img = ''; } - $output .= '
'; + $output .= '
'; if ( empty( $disabled ) ) { $output .= ''; } $output .= $img; $output .= '
'; if ( empty( $disabled ) ) { - $output .= '' . __( 'Change photo', 'ultimate-member' ) . ''; + $output .= '' . __( 'Change photo', 'ultimate-member' ) . ''; } - - } else { - $output .= '
'; + $output .= '
'; if ( empty( $disabled ) ) { $output .= ''; } $output .= '
'; if ( empty( $disabled ) ) { - $output .= '' . $button_text . ''; + $output .= '' . $data['button_text'] . ''; } } $output .= '
'; /* modal hidden */ if ( empty( $disabled ) ) { - if ( ! isset( $allowed_types ) ) { + if ( ! isset( $data['allowed_types'] ) ) { $allowed_types = 'gif,jpg,jpeg,png'; - } elseif ( is_array( $allowed_types ) ) { - $allowed_types = implode( ',', $allowed_types ); + } elseif ( is_array( $data['allowed_types'] ) ) { + $allowed_types = implode( ',', $data['allowed_types'] ); } $output .= '
'; @@ -2999,8 +2923,8 @@ if ( ! class_exists( 'um\core\Fields' ) ) { } $nonce = wp_create_nonce( 'um_upload_nonce-' . $this->timestamp ); - $output .= '
'; - $output .= '
' . $button_text . '
'; + $output .= '
'; + $output .= '
' . $data['button_text'] . '
'; $output .= '