Fix invalid role

This commit is contained in:
jonfalcon
2016-01-31 11:31:46 -08:00
parent 5ddbdc8a3c
commit a7c67c0dd9
+33 -33
View File
@@ -3,23 +3,23 @@
class UM_Form {
public $form_suffix;
function __construct() {
$this->post_form = null;
$this->form_suffix = null;
$this->errors = null;
$this->processing = null;
add_action('init', array(&$this, 'form_init'), 2);
add_action('init', array(&$this, 'field_declare'), 10);
}
/***
*** @add errors
***/
@@ -28,7 +28,7 @@ class UM_Form {
$this->errors[$key] = $error;
}
}
/***
*** @has error
***/
@@ -37,7 +37,7 @@ class UM_Form {
return true;
return false;
}
/***
*** @declare all fields
***/
@@ -49,38 +49,38 @@ class UM_Form {
$this->all_fields = null;
}
}
/***
*** @Checks that we've a form
***/
function form_init(){
global $ultimatemember;
if ( isset( $_SERVER['REQUEST_METHOD'] ) ) {
$http_post = ('POST' == $_SERVER['REQUEST_METHOD']);
} else {
$http_post = 'POST';
}
if ( $http_post && !is_admin() && isset( $_POST['form_id'] ) && is_numeric($_POST['form_id']) ) {
$this->form_id = $_POST['form_id'];
$this->form_status = get_post_status( $this->form_id );
if ( $this->form_status == 'publish' ) {
/* save entire form as global */
$this->post_form = $_POST;
$this->post_form = $this->beautify( $this->post_form );
$this->form_data = $ultimatemember->query->post_data( $this->form_id );
$this->post_form['submitted'] = $this->post_form;
$this->post_form = array_merge( $this->form_data, $this->post_form );
if ( isset( $this->form_data['role'] ) && $_POST['role'] != $this->form_data['role'] ) {
if ( isset( $this->form_data['role'] ) && ( (boolean) $this->form_data['role'] ) && $_POST['role'] != $this->form_data['role'] ) {
wp_die( __( 'This is not possible for security reasons.','ultimatemember') );
} else {
if ( isset( $this->form_data['custom_fields'] ) && strstr( $this->form_data['custom_fields'], 'role_' ) ) {
@@ -99,10 +99,10 @@ class UM_Form {
wp_die('Hello, spam bot!');
if ( !in_array( $this->form_data['mode'], array('login') ) ) {
$form_timestamp = trim($_POST['timestamp']);
$live_timestamp = current_time( 'timestamp' );
if ( $form_timestamp == '' && um_get_option('enable_timebot') == 1 )
wp_die( __('Hello, spam bot!') );
@@ -110,30 +110,30 @@ class UM_Form {
wp_die( __('Whoa, slow down! You\'re seeing this message because you tried to submit a form too fast and we think you might be a spam bot. If you are a real human being please wait a few seconds before submitting the form. Thanks!') );
}
/* Continue based on form mode - pre-validation */
do_action('um_submit_form_errors_hook', $this->post_form );
do_action("um_submit_form_{$this->post_form['mode']}", $this->post_form );
}
}
}
/***
*** @Beautify form data
***/
function beautify( $form ){
if (isset($form['form_id'])){
$this->form_suffix = '-' . $form['form_id'];
$this->processing = $form['form_id'];
foreach($form as $key => $value){
if (strstr($key, $this->form_suffix) ) {
$a_key = str_replace( $this->form_suffix, '', $key);
@@ -141,12 +141,12 @@ class UM_Form {
unset($form[$key]);
}
}
}
return $form;
}
/***
*** @Display Form Type as Text
***/
@@ -165,5 +165,5 @@ class UM_Form {
}
return $output;
}
}
}