Merge pull request #123 from jonfalcon/master

Add search widget, Fix search users by tag, Add support for wordfence and limit login
This commit is contained in:
Champ Camba
2016-03-19 10:35:28 +08:00
11 changed files with 285 additions and 64 deletions
+15
View File
@@ -765,3 +765,18 @@ small.um-max-filesize span{
background-repeat: no-repeat;
background-size: 24px 24px;
}
.um-search-area {
position: relative;
max-width: 300px;
}
.um-search-area .um-search-field {
width: 100%;
}
.um-search-area .um-search-icon {
position: absolute;
top: 7px;
right: 10px;
}
+4
View File
@@ -288,4 +288,8 @@ jQuery(document).ready(function() {
return false;
});
jQuery(document).on('click', '#um-search-button', function() {
jQuery(this).parents('form').submit();
});
});
+82 -53
View File
@@ -6,24 +6,24 @@
add_action('um_submit_form_errors_hook_login', 'um_submit_form_errors_hook_login', 10);
function um_submit_form_errors_hook_login( $args ){
global $ultimatemember;
$is_email = false;
$form_id = $args['form_id'];
$mode = $args['mode'];
if ( isset( $args['username'] ) && $args['username'] == '' ) {
$ultimatemember->form->add_error( 'username', __('Please enter your username or email','ultimatemember') );
}
if ( isset( $args['user_login'] ) && $args['user_login'] == '' ) {
$ultimatemember->form->add_error( 'user_login', __('Please enter your username','ultimatemember') );
}
if ( isset( $args['user_email'] ) && $args['user_email'] == '' ) {
$ultimatemember->form->add_error( 'user_email', __('Please enter your email','ultimatemember') );
}
if ( isset( $args['username'] ) ) {
$field = 'username';
if ( is_email( $args['username'] ) ) {
@@ -42,7 +42,7 @@
$field = 'user_login';
$user_name = $args['user_login'];
}
if ( !username_exists( $user_name ) ) {
if ( $is_email ) {
$ultimatemember->form->add_error( $field, __(' Sorry, we can\'t find an account with that email address','ultimatemember') );
@@ -54,23 +54,52 @@
$ultimatemember->form->add_error( 'user_password', __('Please enter your password','ultimatemember') );
}
}
$user = get_user_by( 'login', $user_name );
if ( $user && wp_check_password( $args['user_password'], $user->data->user_pass, $user->ID) ) {
$ultimatemember->login->auth_id = username_exists( $user_name );
} else {
$ultimatemember->form->add_error( 'user_password', __('Password is incorrect. Please try again.','ultimatemember') );
}
// add a way for other plugins like wp limit login
// to limit the login attempts
$user = apply_filters( 'authenticate', null, $user_name, $args['user_password'] );
// if there is an error notify wp
if( $ultimatemember->form->has_error( $field ) || $ultimatemember->form->has_error( $user_password ) ) {
do_action( 'wp_login_failed', $user_name );
}
}
/**
* Display the login errors from other plugins
*/
add_action( 'um_before_login_fields', 'um_display_login_errors' );
function um_display_login_errors( $args ) {
global $ultimatemember;
if( $ultimatemember->form->count_errors() > 0 ) {
$error = array_values( $ultimatemember->form->errors );
$error = array_shift( $error );
}
// hook for other plugins to display error
$errors = trim( apply_filters( 'login_errors', $error ) );
if( trim( $errors ) )
{
echo '<p class="um-notice err"><i class="um-icon-ios-close-empty" onclick="jQuery(this).parent().fadeOut();"></i>' . $errors . '</p>';
}
}
/***
*** @login checks thru the frontend login
***/
add_action('um_submit_form_errors_hook_logincheck', 'um_submit_form_errors_hook_logincheck', 9999 );
function um_submit_form_errors_hook_logincheck($args){
global $ultimatemember;
// Logout if logged in
if ( is_user_logged_in() ) {
wp_logout();
@@ -78,10 +107,10 @@
$user_id = ( isset( $ultimatemember->login->auth_id ) ) ? $ultimatemember->login->auth_id : '';
um_fetch_user( $user_id );
$status = um_user('account_status'); // account status
switch( $status ) {
// If user can't login to site...
case 'inactive':
case 'awaiting_admin_review':
@@ -90,15 +119,15 @@
um_reset_user();
exit( wp_redirect( add_query_arg( 'err', esc_attr( $status ), $ultimatemember->permalinks->get_current_url() ) ) );
break;
}
if ( isset( $args['form_id'] ) && $args['form_id'] == $ultimatemember->shortcodes->core_login_form() && $ultimatemember->form->errors && !isset( $_POST[ $ultimatemember->honeypot ] ) ) {
exit( wp_redirect( um_get_core_page('login') ) );
}
}
/***
*** @store last login timestamp
***/
@@ -107,7 +136,7 @@
delete_user_meta( $user_id, '_um_last_login' );
update_user_meta( $user_id, '_um_last_login', current_time( 'timestamp' ) );
}
add_action( 'wp_login', 'um_store_lastlogin_timestamp_' );
function um_store_lastlogin_timestamp_( $login ) {
$user = get_user_by('login',$login);
@@ -115,7 +144,7 @@
delete_user_meta( $user_id, '_um_last_login' );
update_user_meta( $user_id, '_um_last_login', current_time( 'timestamp' ) );
}
/***
*** @login user
***/
@@ -125,57 +154,57 @@
extract( $args );
$rememberme = ( isset($args['rememberme']) ) ? 1 : 0;
if ( um_get_option('deny_admin_frontend_login') && strstr( um_user('wp_roles' ), 'administrator' ) )
wp_die( __('This action has been prevented for security measures.','ultimatemember') );
$ultimatemember->user->auto_login( um_user('ID'), $rememberme );
// Hook that runs after successful login and before user is redirected
do_action('um_on_login_before_redirect', um_user('ID') );
// Priority redirect
if ( isset( $args['redirect_to'] ) && ! empty( $args['redirect_to'] ) ) {
exit( wp_redirect( urldecode( $args['redirect_to'] ) ) );
}
// Role redirect
$after = um_user('after_login');
switch( $after ) {
case 'redirect_admin':
exit( wp_redirect( admin_url() ) );
break;
case 'redirect_profile':
exit( wp_redirect( um_user_profile_url() ) );
break;
case 'redirect_url':
exit( wp_redirect( um_user('login_redirect_url') ) );
break;
case 'refresh':
exit( wp_redirect( $ultimatemember->permalinks->get_current_url() ) );
break;
}
}
/***
*** @form processing
***/
add_action('um_submit_form_login', 'um_submit_form_login', 10);
function um_submit_form_login($args){
global $ultimatemember;
if ( !isset($ultimatemember->form->errors) ) {
do_action( 'um_user_login', $args );
}
do_action('um_user_login_extra_hook', $args );
}
/***
@@ -187,18 +216,18 @@
// DO NOT add when reviewing user's details
if ( $ultimatemember->user->preview == true && is_admin() ) return;
$primary_btn_word = $args['primary_btn_word'];
$primary_btn_word = apply_filters('um_login_form_button_one', $primary_btn_word, $args );
$secondary_btn_word = $args['secondary_btn_word'];
$secondary_btn_word = apply_filters('um_login_form_button_two', $secondary_btn_word, $args );
$secondary_btn_url = ( isset( $args['secondary_btn_url'] ) && $args['secondary_btn_url'] ) ? $args['secondary_btn_url'] : um_get_core_page('register');
$secondary_btn_url = apply_filters('um_login_form_button_two_url', $secondary_btn_url, $args );
?>
<div class="um-col-alt">
<?php if ( isset( $args['show_rememberme'] ) && $args['show_rememberme'] ) {
@@ -207,20 +236,20 @@
} ?>
<?php if ( isset($args['secondary_btn']) && $args['secondary_btn'] != 0 ) { ?>
<div class="um-left um-half"><input type="submit" value="<?php echo $primary_btn_word; ?>" class="um-button" /></div>
<div class="um-right um-half"><a href="<?php echo $secondary_btn_url; ?>" class="um-button um-alt"><?php echo $secondary_btn_word; ?></a></div>
<?php } else { ?>
<div class="um-center"><input type="submit" value="<?php echo $args['primary_btn_word']; ?>" class="um-button" /></div>
<?php } ?>
<div class="um-clear"></div>
</div>
<?php
}
@@ -228,27 +257,27 @@
*** @Display a forgot password link
***/
add_action('um_after_login_fields', 'um_after_login_submit', 1001);
function um_after_login_submit( $args ){
function um_after_login_submit( $args ){
global $ultimatemember;
if ( $args['forgot_pass_link'] == 0 ) return;
?>
<div class="um-col-alt-b">
<a href="<?php echo um_get_core_page('password-reset'); ?>" class="um-link-alt"><?php _e('Forgot your password?','ultimatemember'); ?></a>
</div>
<?php
}
/***
*** @Show Fields
***/
add_action('um_main_login_fields', 'um_add_login_fields', 100);
function um_add_login_fields($args){
global $ultimatemember;
echo $ultimatemember->fields->display( 'login', $args );
}
}
+10 -4
View File
@@ -16,14 +16,14 @@
extract( $args );
$query = $ultimatemember->permalinks->get_query_array();
foreach( $ultimatemember->members->core_search_fields as $key ) {
if ( isset( $query[$key] ) && ! empty( $query[$key] ) ) {
$query_args['search'] = '*' . trim($query[$key]) . '*';
}
}
return $query_args;
}
@@ -66,6 +66,12 @@
$query = $ultimatemember->permalinks->get_query_array();
// if searching
if( isset( $query['search'] ) ) {
$query_args['search'] = '*' . um_filter_search( $query['search'] ) . '*';
unset( $query['search'] );
}
if ( $query && is_array( $query ) ) {
foreach( $query as $field => $value ) {
@@ -147,7 +153,7 @@
'value' => '',
'compare' => '!='
)
);
}
+19 -5
View File
@@ -20,6 +20,20 @@ class UM_Form {
}
/**
* Count the form errors.
* @return integer
*/
function count_errors() {
$errors = $this->errors;
if( $errors && is_array( $errors ) ) {
return count( $errors );
}
return 0;
}
/***
*** @add errors
***/
@@ -67,7 +81,7 @@ class UM_Form {
$this->form_id = $_POST['form_id'];
$this->form_status = get_post_status( $this->form_id );
if ( $this->form_status == 'publish' ) {
@@ -77,11 +91,11 @@ class UM_Form {
$this->post_form = $this->beautify( $this->post_form );
$this->form_data = $ultimatemember->query->post_data( $this->form_id );
$this->post_form['submitted'] = $this->post_form;
$this->post_form = array_merge( $this->form_data, $this->post_form );
$role = $this->assigned_role( $this->form_id );
if( $role && isset( $this->form_data['custom_fields'] ) && ! strstr( $this->form_data['custom_fields'], 'role_' ) ){ // has assigned role. Validate non-global forms
@@ -114,7 +128,7 @@ class UM_Form {
}
/* Continue based on form mode - pre-validation */
do_action('um_submit_form_errors_hook', $this->post_form );
do_action("um_submit_form_{$this->post_form['mode']}", $this->post_form );
@@ -171,7 +185,7 @@ class UM_Form {
function assigned_role( $post_id ){
$register_use_globals = get_post_meta( $post_id, '_um_register_use_globals', true);
if( $register_use_globals == 1 ){
$role = um_get_option('default_role');
}else if( $register_use_globals == 0 ){
+5 -1
View File
@@ -78,11 +78,15 @@ class UM_Members {
$type = 'select';
} else if ( 'user_tags' == $attrs['type'] ) {
$attrs['options'] = apply_filters('um_multiselect_options_user_tags', array(), $attrs);
$attrs['custom'] = 1;
$type = 'select';
} else {
$type = 'text';
}
// filter all search fields
$attrs = apply_filters( 'um_search_fields', $attrs );
switch( $type ) {
case 'select':
@@ -143,7 +147,7 @@ class UM_Members {
$query_args = array();
$query_args = apply_filters( 'um_prepare_user_query_args', $query_args, $args );
$users = new WP_User_Query( $query_args );
// number of profiles for mobile
if ( $ultimatemember->mobile->isMobile() && isset( $profiles_per_page_mobile ) )
$profiles_per_page = $profiles_per_page_mobile;
+43
View File
@@ -1524,3 +1524,46 @@ function um_fetch_user( $user_id ) {
return $value;
}
/**
* Filters the search query.
*
* @param string $search
* @return string
*/
function um_filter_search($search) {
$search = trim( strip_tags( $search ) );
$search = preg_replace('/[^a-z \.\@\_\-]+/i', '', $search);
return $search;
}
/**
* Returns the user search query
* @return string
*/
function um_get_search_query() {
global $ultimatemember;
$query = $ultimatemember->permalinks->get_query_array();
$search = isset( $query['search'] ) ? $query['search'] : '';
return um_filter_search($search);
}
/**
* Returns the ultimate member search form
* @return string
*/
function um_get_search_form() {
return do_shortcode( '[ultimatemember_searchform]' );
}
/**
* Display the search form.
*
* @return string
*/
function um_search_form() {
echo um_get_search_form();
}
+17
View File
@@ -13,6 +13,7 @@ class UM_Shortcodes {
add_shortcode('um_loggedin', array(&$this, 'um_loggedin'));
add_shortcode('um_loggedout', array(&$this, 'um_loggedout'));
add_shortcode('um_show_content', array(&$this, 'um_shortcode_show_content_for_role') );
add_shortcode('ultimatemember_searchform', array(&$this, 'ultimatemember_searchform') );
add_filter('body_class', array(&$this, 'body_class'), 0);
@@ -570,4 +571,20 @@ class UM_Shortcodes {
return '';
}
public function ultimatemember_searchform($args = array(), $content = "") {
// turn off buffer
ob_start();
// load template
$this->load_template( 'searchform' );
// get the buffer
$template = ob_get_contents();
// clear the buffer
ob_end_clean();
return $template;
}
}
+71
View File
@@ -0,0 +1,71 @@
<?php
class um_search_widget extends WP_Widget {
function __construct() {
parent::__construct(
// Base ID of your widget
'um_search_widget',
// Widget name will appear in UI
__('Ultimate Member - Search', 'ultimatemember'),
// Widget description
array( 'description' => __( 'Shows users they follow in a widget.', 'ultimatemember' ), )
);
}
// Creating widget front-end
public function widget( $args, $instance ) {
$title = apply_filters( 'widget_title', $instance['title'] );
// before and after widget arguments are defined by themes
echo $args['before_widget'];
if ( ! empty( $title ) ) {
echo $args['before_title'] . $title . $args['after_title'];
}
// display the search form
um_search_form();
echo $args['after_widget'];
}
// Widget Backend
public function form( $instance ) {
global $ultimatemember;
if ( isset( $instance[ 'title' ] ) ) {
$title = $instance[ 'title' ];
} else {
$title = __( 'Search Users', 'ultimatemember' );
}
if ( isset( $instance[ 'max' ] ) ) {
$max = $instance[ 'max' ];
} else {
$max = 11;
}
// Widget admin form
?>
<p>
<label for="<?php echo $this->get_field_id( 'title' ); ?>"><?php _e( 'Title:' ); ?></label>
<input class="widefat" id="<?php echo $this->get_field_id( 'title' ); ?>" name="<?php echo $this->get_field_name( 'title' ); ?>" type="text" value="<?php echo esc_attr( $title ); ?>" />
</p>
<?php
}
// Updating widget replacing old instances with new
public function update( $new_instance, $old_instance ) {
$instance = array();
$instance['title'] = ( ! empty( $new_instance['title'] ) ) ? strip_tags( $new_instance['title'] ) : '';
return $instance;
}
}
+8
View File
@@ -0,0 +1,8 @@
<form role="search" method="get" class="search-form um-search-form" action="<?php echo esc_url( um_get_core_page( 'members' ) ); ?>">
<input type="hidden" name="um_search" value="1">
<div class="um-search-area">
<span class="screen-reader-text"><?php echo _x( 'Search for:', 'label' ); ?></span>
<input type="search" class="um-search-field search-field" placeholder="<?php echo esc_attr_x( 'Search &hellip;', 'placeholder' ); ?>" value="<?php echo um_get_search_query(); ?>" name="search" title="<?php echo esc_attr_x( 'Search for:', 'label' ); ?>" />
<a href="javascript: void(0);" id="um-search-button" class="um-search-icon um-faicon um-faicon-search"></a>
</div>
</form>
+11 -1
View File
@@ -58,6 +58,12 @@ class UM_API {
__('This add-on enables you to link gravatar photos to user accounts with their email address.', 'ultimatemember'),
);
// include widgets
require_once um_path . 'core/widgets/um-search-widget.php';
// init widgets
add_action( 'widgets_init', array(&$this, 'widgets_init' ) );
}
/***
@@ -198,6 +204,10 @@ class UM_API {
}
function widgets_init() {
register_widget( 'um_search_widget' );
}
}
$ultimatemember = new UM_API();
$ultimatemember = new UM_API();