mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-07-11 18:56:10 +09:00
Validate roles for forms without custom fields
This commit is contained in:
+13
-9
@@ -82,22 +82,19 @@ class UM_Form {
|
|||||||
$this->post_form = array_merge( $this->form_data, $this->post_form );
|
$this->post_form = array_merge( $this->form_data, $this->post_form );
|
||||||
|
|
||||||
$role = $this->assigned_role( $this->form_id );
|
$role = $this->assigned_role( $this->form_id );
|
||||||
|
|
||||||
if( $role ){ // has assigned role. Validate non-global forms
|
if( $role && isset( $this->form_data['custom_fields'] ) && ! strstr( $this->form_data['custom_fields'], 'role_' ) ){ // has assigned role. Validate non-global forms
|
||||||
if ( isset( $this->form_data['role'] ) && ( (boolean) $this->form_data['role'] ) && isset( $_POST['role'] ) && $_POST['role'] != $role ) {
|
if ( isset( $this->form_data['role'] ) && ( (boolean) $this->form_data['role'] ) && isset( $_POST['role'] ) && $_POST['role'] != $role ) {
|
||||||
wp_die( __( 'This is not possible for security reasons.','ultimatemember') );
|
wp_die( __( 'This is not possible for security reasons.','ultimatemember') );
|
||||||
} else {
|
} else {
|
||||||
if ( isset( $this->form_data['custom_fields'] ) && strstr( $this->form_data['custom_fields'], 'role_' ) ) {
|
if ( isset( $_POST['role'] ) ) {
|
||||||
// In this case, admin allowed users to choose a role during registration
|
if ( $role != $_POST['role'] ) {
|
||||||
} else {
|
|
||||||
if ( isset( $_POST['role'] ) ) {
|
|
||||||
if ( $role != $_POST['role'] ) {
|
|
||||||
wp_die( __( 'This is not possible for security reasons.','ultimatemember') );
|
wp_die( __( 'This is not possible for security reasons.','ultimatemember') );
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( isset( $_POST[ $ultimatemember->honeypot ] ) && $_POST[ $ultimatemember->honeypot ] != '' )
|
if ( isset( $_POST[ $ultimatemember->honeypot ] ) && $_POST[ $ultimatemember->honeypot ] != '' )
|
||||||
wp_die('Hello, spam bot!');
|
wp_die('Hello, spam bot!');
|
||||||
|
|
||||||
@@ -170,7 +167,14 @@ class UM_Form {
|
|||||||
}
|
}
|
||||||
|
|
||||||
function assigned_role( $post_id ){
|
function assigned_role( $post_id ){
|
||||||
$role = get_post_meta( $post_id, '_um_register_role', true );
|
|
||||||
|
$register_use_globals = get_post_meta( $post_id, '_um_register_use_globals', true);
|
||||||
|
|
||||||
|
if( $register_use_globals == 1 ){
|
||||||
|
$role = um_get_option('default_role');
|
||||||
|
}else if( $register_use_globals == 0 ){
|
||||||
|
$role = get_post_meta( $post_id, '_um_register_role', true );
|
||||||
|
}
|
||||||
|
|
||||||
if( ! $role ){
|
if( ! $role ){
|
||||||
$role = false;
|
$role = false;
|
||||||
|
|||||||
Reference in New Issue
Block a user