Merge branch 'development/2.8.x' into feature/wp_admin_settings

This commit is contained in:
Mykyta Synelnikov
2024-01-18 15:05:04 +02:00
committed by GitHub
52 changed files with 830 additions and 482 deletions
+201 -132
View File
@@ -1,19 +1,23 @@
<?php
namespace um\core;
// Exit if accessed directly
if ( ! defined( 'ABSPATH' ) ) exit;
use WP_Comment_Query;
use WP_Post;
use WP_Query;
use WP_Term_Query;
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
if ( ! class_exists( 'um\core\Access' ) ) {
/**
* Class Access
* @package um\core
*/
class Access {
/**
* If true then we use individual restrict content options
* for post
@@ -22,30 +26,26 @@ if ( ! class_exists( 'um\core\Access' ) ) {
*/
private $singular_page;
/**
* @var bool
*/
private $redirect_handler;
/**
* @var bool
*/
private $allow_access;
private $ignore_exclude = false;
/**
* Access constructor.
*/
function __construct() {
public function __construct() {
$this->singular_page = false;
$this->redirect_handler = false;
$this->allow_access = false;
$this->allow_access = false;
// NEW HOOKS
// Navigation line below the post content, change query to exclude restricted
@@ -140,7 +140,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
*
* @return array
*/
function exclude_posts_array( $force = false, $post_types = false ) {
public function exclude_posts_array( $force = false, $post_types = false ) {
if ( $this->ignore_exclude ) {
return array();
}
@@ -335,16 +335,14 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $exclude_posts;
}
/**
* Get array with restricted terms
*
* @param \WP_Term_Query $query
* @param WP_Term_Query $query
*
* @return array
*/
function exclude_terms_array( $query ) {
public function exclude_terms_array( $query ) {
$exclude = array();
$restricted_taxonomies = UM()->options()->get( 'restricted_access_taxonomy_metabox' );
@@ -415,11 +413,10 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $exclude;
}
/**
* @param \WP_Term_Query $query
* @param WP_Term_Query $query
*/
function exclude_hidden_terms_query( $query ) {
public function exclude_hidden_terms_query( $query ) {
if ( current_user_can( 'administrator' ) || ! empty( $query->query_vars['um_ignore_exclude'] ) ) {
return;
}
@@ -430,11 +427,10 @@ if ( ! class_exists( 'um\core\Access' ) ) {
}
}
/**
* @param \WP_Query $query
* @param WP_Query $query
*/
function exclude_posts( $query ) {
public function exclude_posts( $query ) {
if ( current_user_can( 'administrator' ) ) {
return;
}
@@ -472,16 +468,15 @@ if ( ! class_exists( 'um\core\Access' ) ) {
}
}
/**
* Exclude restricted post from query if there is a single query that exclude post_not_in by default in \WP_Query
* Exclude restricted post from query if there is a single query that exclude post_not_in by default in WP_Query
*
* @param string $where
* @param \WP_Query $query
* @param string $where
* @param WP_Query $query
*
* @return mixed
*/
function exclude_posts_where( $where, $query ) {
public function exclude_posts_where( $where, $query ) {
if ( current_user_can( 'administrator' ) ) {
return $where;
}
@@ -502,18 +497,17 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $where;
}
/**
* Change the posts count based on restriction settings
*
* @param object $counts Post counts
* @param string $type Post type
* @param string $perm The permission to determine if the posts are 'readable'
* by the current user.
* @param string $type Post type
* @param string $perm The permission to determine if the posts are 'readable'
* by the current user.
*
* @return object
*/
function custom_count_posts_handler( $counts, $type = 'post', $perm = '' ) {
public function custom_count_posts_handler( $counts, $type = 'post', $perm = '' ) {
if ( current_user_can( 'administrator' ) ) {
return $counts;
}
@@ -565,7 +559,6 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $counts;
}
/**
* Exclude restricted posts in Recent Posts widget
*
@@ -573,7 +566,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
*
* @return array
*/
function exclude_restricted_posts_widget( $array ) {
public function exclude_restricted_posts_widget( $array ) {
if ( current_user_can( 'administrator' ) ) {
return $array;
}
@@ -587,7 +580,6 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $array;
}
/**
* Exclude restricted posts in Recent Posts widget
*
@@ -595,7 +587,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
*
* @return array
*/
function exclude_restricted_pages( $array ) {
public function exclude_restricted_pages( $array ) {
if ( current_user_can( 'administrator' ) ) {
return $array;
}
@@ -608,16 +600,15 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $array;
}
/**
* Exclude restricted posts in widgets
*
* @param string $sql_where
* @param array $parsed_args
* @param array $parsed_args
*
* @return string
*/
function exclude_restricted_posts_archives_widget( $sql_where, $parsed_args = array() ) {
public function exclude_restricted_posts_archives_widget( $sql_where, $parsed_args = array() ) {
if ( current_user_can( 'administrator' ) ) {
return $sql_where;
}
@@ -633,7 +624,6 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $sql_where;
}
/**
* Exclude posts from next, previous navigation
*
@@ -641,11 +631,11 @@ if ( ! class_exists( 'um\core\Access' ) ) {
* @param bool $in_same_term
* @param string|array $excluded_terms
* @param string $taxonomy
* @param null|\WP_Post $post
* @param null|WP_Post $post
*
* @return string
*/
function exclude_navigation_posts( $where, $in_same_term = false, $excluded_terms = '', $taxonomy = 'category', $post = null ) {
public function exclude_navigation_posts( $where, $in_same_term = false, $excluded_terms = '', $taxonomy = 'category', $post = null ) {
if ( current_user_can( 'administrator' ) ) {
return $where;
}
@@ -663,16 +653,15 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $where;
}
/**
* Replace titles of restricted posts
* Replace titles of restricted posts.
*
* @param string $title
* @param int|null $id
* @param string $title Post title.
* @param int|null $id Post ID.
*
* @return string
*/
function filter_restricted_post_title( $title, $id = null ) {
public function filter_restricted_post_title( $title, $id = null ) {
if ( ! UM()->options()->get( 'restricted_post_title_replace' ) ) {
return $title;
}
@@ -689,6 +678,29 @@ if ( ! class_exists( 'um\core\Access' ) ) {
$id = absint( $id );
}
/**
* Filters a marker for ignoring restricted post title changes.
*
* @param {bool} $ignore Marker for ignoring restricted post title changes. Default `false`. Set to `true` if you want to ignore and show real title.
* @param {int} $post_id Post ID.
*
* @return {bool} Marker for ignoring restricted post title changes.
*
* @since 2.2.3
* @hook um_ignore_restricted_title
*
* @example <caption>Leave real post titles even they are restricted. By post ID (for ID = 400).</caption>
* function change_restricted_title( $ignore, $id ) {
* // your code here
* if ( 400 === $id ) {
* $ignore = true;
* }
* return $ignore;
* }
* add_filter( 'um_ignore_restricted_title', 'change_restricted_title', 10, 2 );
* @example <caption>Leave real post titles even they are restricted. For all posts: site-wide logic.</caption>
* add_filter( 'um_ignore_restricted_title', '__return_true' );
*/
$ignore = apply_filters( 'um_ignore_restricted_title', false, $id );
if ( $ignore ) {
return $title;
@@ -696,21 +708,20 @@ if ( ! class_exists( 'um\core\Access' ) ) {
if ( $this->is_restricted( $id ) ) {
$restricted_global_title = UM()->options()->get( 'restricted_access_post_title' );
$title = stripslashes( $restricted_global_title );
$title = stripslashes( $restricted_global_title );
}
return $title;
}
/**
* Replace content of restricted posts
* Replace content of restricted posts.
*
* @param string $content
* @param string $content Post Content.
*
* @return string
*/
function filter_restricted_post_content( $content ) {
public function filter_restricted_post_content( $content ) {
if ( current_user_can( 'administrator' ) ) {
return $content;
}
@@ -720,6 +731,31 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $content;
}
/**
* Filters a marker for ignoring restricted post content changes.
*
* Note: Use with caution! You can make your posts not restricted by using this filter hook.
*
* @param {bool} $ignore Marker for ignoring restricted post content changes. Default `false`. Set to `true` if you want to ignore and show real content.
* @param {int} $post_id Post ID.
*
* @return {bool} Marker for ignoring restricted post content changes.
*
* @since 2.2.3
* @hook um_ignore_restricted_content
*
* @example <caption>Leave real post content even they are restricted. By post ID (for ID = 400).</caption>
* function change_restricted_content( $ignore, $id ) {
* // your code here
* if ( 400 === $id ) {
* $ignore = true;
* }
* return $ignore;
* }
* add_filter( 'um_ignore_restricted_content', 'change_restricted_content', 10, 2 );
* @example <caption>Leave real post content even they are restricted. For all posts: site-wide logic.</caption>
* add_filter( 'um_ignore_restricted_content', '__return_true' );
*/
$ignore = apply_filters( 'um_ignore_restricted_content', false, $id );
if ( $ignore ) {
return $content;
@@ -741,16 +777,15 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $content;
}
/**
* Replace excerpt of restricted posts
* Replace excerpt of restricted posts.
*
* @param string $post_excerpt
* @param \WP_Post $post
* @param string $post_excerpt Post Excerpt.
* @param WP_Post $post WP_Post instance.
*
* @return string
*/
function filter_restricted_post_excerpt( $post_excerpt = '', $post = null ) {
public function filter_restricted_post_excerpt( $post_excerpt = '', $post = null ) {
if ( empty( $post ) ) {
return $post_excerpt;
}
@@ -759,6 +794,31 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $post_excerpt;
}
/**
* Filters a marker for ignoring restricted post excerpt changes.
*
* Note: Use with caution! You can make your posts not restricted by using this filter hook.
*
* @param {bool} $ignore Marker for ignoring restricted post excerpt changes. Default `false`. Set to `true` if you want to ignore and show real content.
* @param {int} $post_id Post ID.
*
* @return {bool} Marker for ignoring restricted post excerpt changes.
*
* @since 2.2.3
* @hook um_ignore_restricted_excerpt
*
* @example <caption>Leave real post excerpt even they are restricted. By post ID (for ID = 400).</caption>
* function change_restricted_excerpt( $ignore, $id ) {
* // your code here
* if ( 400 === $id ) {
* $ignore = true;
* }
* return $ignore;
* }
* add_filter( 'um_ignore_restricted_excerpt', 'change_restricted_excerpt', 10, 2 );
* @example <caption>Leave real post excerpt even they are restricted. For all posts: site-wide logic.</caption>
* add_filter( 'um_ignore_restricted_excerpt', '__return_true' );
*/
$ignore = apply_filters( 'um_ignore_restricted_excerpt', false, $post->ID );
if ( $ignore ) {
return $post_excerpt;
@@ -771,16 +831,15 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $post_excerpt;
}
/**
* Hide attachment if the post is restricted
*
* @param string $url
* @param int $attachment_id
* @param int $attachment_id
*
* @return boolean|string
*/
function filter_attachment( $url, $attachment_id ) {
public function filter_attachment( $url, $attachment_id ) {
if ( current_user_can( 'administrator' ) ) {
return $url;
}
@@ -788,7 +847,6 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return ( $attachment_id && $this->is_restricted( $attachment_id ) ) ? false : $url;
}
/**
* Hide attachment if the post is restricted
*
@@ -798,7 +856,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
*
* @return bool
*/
function filter_post_thumbnail( $has_thumbnail, $post = null, $thumbnail_id = false ) {
public function filter_post_thumbnail( $has_thumbnail, $post = null, $thumbnail_id = false ) {
if ( empty( $thumbnail_id ) ) {
return $has_thumbnail;
}
@@ -825,14 +883,12 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $has_thumbnail;
}
/**
* Exclude comments from restricted posts in widgets
*
* @param \WP_Comment_Query $query
* @param WP_Comment_Query $query
*/
function exclude_posts_comments( $query ) {
public function exclude_posts_comments( $query ) {
if ( current_user_can( 'administrator' ) ) {
return;
}
@@ -862,11 +918,10 @@ if ( ! class_exists( 'um\core\Access' ) ) {
}
}
/**
* @return array
*/
function get_available_comments_post_types() {
public function get_available_comments_post_types() {
global $wp_taxonomies, $wpdb;
$restricted_posts = UM()->options()->get( 'restricted_access_post_metabox' );
@@ -907,16 +962,15 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $restricted_posts;
}
/**
* Exclude comments from comments feed
*
* @param string $where
* @param \WP_Query $query
* @param string $where
* @param WP_Query $query
*
* @return string
*/
function exclude_posts_comments_feed( $where, $query ) {
public function exclude_posts_comments_feed( $where, $query ) {
if ( current_user_can( 'administrator' ) ) {
return $where;
}
@@ -924,20 +978,19 @@ if ( ! class_exists( 'um\core\Access' ) ) {
$exclude_posts = $this->exclude_posts_array( true, $this->get_available_comments_post_types() );
if ( ! empty( $exclude_posts ) ) {
$exclude_string = implode( ',', $exclude_posts );
$where .= ' AND comment_post_ID NOT IN ( ' . $exclude_string . ' )';
$where .= ' AND comment_post_ID NOT IN ( ' . $exclude_string . ' )';
}
return $where;
}
/**
* @param array|object $stats
* @param int $post_id Post ID. Can be 0 for the whole website
*
* @return object
*/
function custom_comments_count_handler( $stats = array(), $post_id = 0 ) {
public function custom_comments_count_handler( $stats = array(), $post_id = 0 ) {
if ( ! empty( $stats ) || current_user_can( 'administrator' ) ) {
return $stats;
}
@@ -963,14 +1016,13 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $stats_object;
}
/**
* @param int $post_id
* @param array $exclude_posts
*
* @return array
*/
function get_comment_count( $post_id = 0, $exclude_posts = array() ) {
public function get_comment_count( $post_id = 0, $exclude_posts = array() ) {
static $cache = array();
if ( isset( $cache[ $post_id ] ) ) {
@@ -1044,15 +1096,15 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $comment_count;
}
/**
* Disable comments if user has not permission to access this post
*
* @param mixed $open
* @param int $post_id
* @return boolean
*
* @return bool
*/
function disable_comments_open( $open, $post_id ) {
public function disable_comments_open( $open, $post_id ) {
if ( current_user_can( 'administrator' ) ) {
return $open;
}
@@ -1074,15 +1126,15 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $open;
}
/**
* Disable comments if user has not permission to access this post
*
* @param int $count
* @param int $post_id
* @return boolean
*
* @return bool
*/
function disable_comments_open_number( $count, $post_id = 0 ) {
public function disable_comments_open_number( $count, $post_id = 0 ) {
if ( current_user_can( 'administrator' ) ) {
return $count;
}
@@ -1104,15 +1156,15 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $count;
}
/**
* Protect Post Types in menu query
* Restrict content new logic
* @param array $menu_items
* @param array $args
*
* @return array
*/
function filter_menu( $menu_items, $args = array() ) {
public function filter_menu( $menu_items, $args = array() ) {
//if empty
if ( empty( $menu_items ) ) {
return $menu_items;
@@ -1159,14 +1211,13 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $filtered_items;
}
/**
* @param $block_content
* @param $block
*
* @return string
*/
function restrict_blocks( $block_content, $block ) {
public function restrict_blocks( $block_content, $block ) {
if ( is_admin() ) {
return $block_content;
}
@@ -1246,13 +1297,12 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $block_content;
}
/**
* @param \WP_Post $post
* @param WP_Post $post
*
* @return \WP_Post
* @return WP_Post
*/
function maybe_replace_title( $post ) {
public function maybe_replace_title( $post ) {
if ( ! UM()->options()->get( 'restricted_post_title_replace' ) ) {
return $post;
}
@@ -1261,28 +1311,28 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $post;
}
if ( ! is_a( $post, '\WP_Post' ) ) {
if ( ! is_a( $post, WP_Post::class ) ) {
return $post;
}
/** This filter is documented in includes/core/class-access.php */
$ignore = apply_filters( 'um_ignore_restricted_title', false, $post->ID );
if ( $ignore ) {
return $post;
}
$restricted_global_title = UM()->options()->get( 'restricted_access_post_title' );
$post->post_title = stripslashes( $restricted_global_title );
$post->post_title = stripslashes( $restricted_global_title );
return $post;
}
/**
* @param \WP_Post $nav_item
* @param WP_Post $nav_item
*
* @return \WP_Post
* @return WP_Post
*/
function maybe_replace_nav_menu_title( $nav_item ) {
public function maybe_replace_nav_menu_title( $nav_item ) {
if ( ! UM()->options()->get( 'restricted_post_title_replace' ) ) {
return $nav_item;
}
@@ -1291,7 +1341,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $nav_item;
}
if ( ! is_a( $nav_item, '\WP_Post' ) ) {
if ( ! is_a( $nav_item, WP_Post::class ) ) {
return $nav_item;
}
@@ -1306,21 +1356,21 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $nav_item;
}
/**
* Protect Post Types in query
* Restrict content new logic
*
* @param array $posts
* @param array|\WP_Query $query
* @param array $posts Posts query result.
* @param array|WP_Query $query WP_Query instance.
*
* @return array
*/
function filter_protected_posts( $posts, $query ) {
public function filter_protected_posts( $posts, $query ) {
if ( current_user_can( 'administrator' ) ) {
return $posts;
}
//Woocommerce AJAX fixes....remove filtration on wc-ajax which goes to Front Page
// Woocommerce AJAX fixes....remove filtration on wc-ajax which goes to Front Page.
if ( ! empty( $_GET['wc-ajax'] ) && defined( 'WC_DOING_AJAX' ) && WC_DOING_AJAX ) {
return $posts;
}
@@ -1336,8 +1386,8 @@ if ( ! class_exists( 'um\core\Access' ) ) {
$is_singular = ! empty( $query->is_singular ) ? true : false;
}
if ( is_object( $query ) && is_a( $query, '\WP_Query' ) &&
( $query->is_main_query() || ! empty( $query->query_vars['um_main_query'] ) ) ) {
if ( is_object( $query ) && is_a( $query, WP_Query::class ) &&
( $query->is_main_query() || ! empty( $query->query_vars['um_main_query'] ) ) ) {
if ( $is_singular ) {
if ( ! UM()->options()->get( 'disable_restriction_pre_queries' ) && $this->is_restricted( $posts[0]->ID ) ) {
$content_restriction = $this->get_post_privacy_settings( $posts[0]->ID );
@@ -1394,7 +1444,30 @@ if ( ! class_exists( 'um\core\Access' ) ) {
*/
do_action( 'um_access_fix_external_post_content' );
$filtered_posts[] = $this->maybe_replace_title( $post );
$filtered_post = $this->maybe_replace_title( $post );
/**
* Filters restricted via Ultimate Member settings post instance.
*
* @param {object} $filtered_post Restricted `WP_Post` instance.
* @param {object} $post Base `WP_Post` instance before restriction settings apply.
* @param {object} $query `WP_Query` for getting posts.
*
* @return {object} Restricted `WP_Post` instance.
*
* @since 2.8.2
* @hook um_access_restricted_post_instance
*
* @example <caption>Change restricted post title to custom one.</caption>
* function restricted_post_instance( $filtered_post, $original_post, $query ) {
* // your code here
* $filtered_post->post_title = 'This post is restricted';
* return $filtered_post;
* }
* add_filter( 'um_access_restricted_post_instance', 'restricted_post_instance', 10, 3 );
*/
$filtered_post = apply_filters( 'um_access_restricted_post_instance', $filtered_post, $post, $query );
$filtered_posts[] = $filtered_post;
continue;
}
} elseif ( '1' == $restriction['_um_noaccess_action'] ) {
@@ -1417,7 +1490,11 @@ if ( ! class_exists( 'um\core\Access' ) ) {
}
} else {
if ( empty( $restriction['_um_access_hide_from_queries'] ) || UM()->options()->get( 'disable_restriction_pre_queries' ) ) {
$filtered_posts[] = $this->maybe_replace_title( $post );
$filtered_post = $this->maybe_replace_title( $post );
/** This filter is documented in includes/core/class-access.php */
$filtered_post = apply_filters( 'um_access_restricted_post_instance', $filtered_post, $post, $query );
$filtered_posts[] = $filtered_post;
continue;
}
}
@@ -1427,13 +1504,12 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $filtered_posts;
}
/**
* Set custom access actions and redirection
*
* Old global restrict content logic
*/
function template_redirect() {
public function template_redirect() {
global $post, $wp_query;
//if we logged by administrator it can access to all content
@@ -1532,11 +1608,10 @@ if ( ! class_exists( 'um\core\Access' ) ) {
$this->check_access();
}
/**
* Check Blog page Content Restriction settings
*/
function um_access_check_blog_page_settings() {
public function um_access_check_blog_page_settings() {
global $wp_query;
if ( ! empty( $wp_query->is_home ) && ! empty( $wp_query->is_posts_page ) ) {
@@ -1574,7 +1649,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
/**
* Check individual term Content Restriction settings
*/
function um_access_check_individual_term_settings() {
public function um_access_check_individual_term_settings() {
//check only tax|tags|categories - skip archive, author, and date lists
if ( ! ( is_tax() || is_tag() || is_category() ) ) {
return;
@@ -1627,7 +1702,6 @@ if ( ! class_exists( 'um\core\Access' ) ) {
}
}
/**
* @param $template
* @param $type
@@ -1635,7 +1709,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
*
* @return string
*/
function taxonomy_message( $template, $type, $templates ) {
public function taxonomy_message( $template, $type, $templates ) {
return UM()->locate_template( 'restricted-taxonomy.php' );
}
@@ -1646,15 +1720,14 @@ if ( ! class_exists( 'um\core\Access' ) ) {
*
* @return string
*/
function blog_message( $template, $type, $templates ) {
public function blog_message( $template, $type, $templates ) {
return UM()->locate_template( 'restricted-blog.php' );
}
/**
* Check global accessible settings
*/
function um_access_check_global_settings() {
public function um_access_check_global_settings() {
global $post;
$curr = UM()->permalinks()->get_current_url();
@@ -1776,13 +1849,12 @@ if ( ! class_exists( 'um\core\Access' ) ) {
}
}
/**
* Check access
*
* @return bool
*/
function check_access() {
public function check_access() {
if ( $this->allow_access === true ) {
return true;
}
@@ -1795,7 +1867,6 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return false;
}
/**
* Sends a HTTP header to limit rendering of pages to same origin iframes when loading sensitive pages.
*
@@ -1812,7 +1883,6 @@ if ( ! class_exists( 'um\core\Access' ) ) {
}
}
/**
* Sets a custom access referer in a redirect URL
*
@@ -1821,7 +1891,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
*
* @return string
*/
function set_referer( $url, $referer ) {
public function set_referer( $url, $referer ) {
/**
* UM hook
@@ -1852,13 +1922,13 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $url;
}
/**
* Get privacy settings for post
* return false if post is not private
* Restrict content new logic
*
* @param \WP_Post|int $post Post ID or object
* @param WP_Post|int $post Post ID or object
*
* @return bool|array
*/
public function get_post_privacy_settings( $post ) {
@@ -1867,7 +1937,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return false;
}
if ( ! is_numeric( $post ) && ! is_a( $post, \WP_Post::class ) ) {
if ( ! is_numeric( $post ) && ! is_a( $post, WP_Post::class ) ) {
return false;
}
@@ -2014,15 +2084,15 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return false;
}
/**
* Helper for checking if the user can some of the roles array
*
* @param $user_id
* @param $roles
*
* @return bool
*/
function user_can( $user_id, $roles ) {
public function user_can( $user_id, $roles ) {
$user_can = false;
if ( ! empty( $roles ) ) {
@@ -2037,7 +2107,6 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $user_can;
}
/**
* Helper for 3rd-party integrations with content restriction settings
*
@@ -2045,7 +2114,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
*
* @return bool
*/
function um_custom_restriction( $restriction ) {
public function um_custom_restriction( $restriction ) {
/**
* UM hook
*
@@ -2070,16 +2139,16 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return apply_filters( 'um_custom_restriction', true, $restriction );
}
/**
* Is post restricted?
*
* @param int $post_id
* @param bool $on_single_page
* @param bool $ignore_cache
*
* @return bool
*/
function is_restricted( $post_id, $on_single_page = false, $ignore_cache = false ) {
public function is_restricted( $post_id, $on_single_page = false, $ignore_cache = false ) {
// break for incorrect post
if ( empty( $post_id ) ) {
return false;
@@ -2169,16 +2238,16 @@ if ( ! class_exists( 'um\core\Access' ) ) {
return $restricted;
}
/**
* Is term restricted?
*
* @param int $term_id
* @param bool $on_term_page
* @param bool $ignore_cache
*
* @return bool
*/
function is_restricted_term( $term_id, $on_term_page = false, $ignore_cache = false ) {
public function is_restricted_term( $term_id, $on_term_page = false, $ignore_cache = false ) {
static $cache = array();
if ( isset( $cache[ $term_id ] ) && ! $ignore_cache ) {
+3 -3
View File
@@ -2963,7 +2963,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
} else {
$img_value = UM()->files()->get_download_link( $this->set_id, $key, um_user( 'ID' ) );
}
$img = '<img src="' . esc_attr( $img_value ) . '" alt="" />';
$img = '<img class="fusion-lazyload-ignore" src="' . esc_attr( $img_value ) . '" alt="" />';
} else {
$img = '';
}
@@ -2981,7 +2981,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
if ( empty( $disabled ) ) {
$output .= '<a href="javascript:void(0);" class="cancel"><i class="um-icon-close"></i></a>';
}
$output .= '<img src="" alt="" /><div class="um-clear"></div></div>';
$output .= '<img class="fusion-lazyload-ignore" src="" alt="" /><div class="um-clear"></div></div>';
if ( empty( $disabled ) ) {
$output .= '<a href="javascript:void(0);" data-modal="um_upload_single" data-modal-size="' . esc_attr( $data['modal_size'] ) . '" data-modal-copy="1" class="um-button um-btn-auto-width">' . esc_html( $data['button_text'] ) . '</a>';
}
@@ -3014,7 +3014,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
}
$nonce = wp_create_nonce( 'um_upload_nonce-' . $this->timestamp );
$output .= '<div class="um-single-image-preview ' . esc_attr( $data['crop_class'] ) . '" data-crop="' . esc_attr( $data['crop_data'] ) . '" data-ratio="' . esc_attr( $data['ratio'] ) . '" data-min_width="' . esc_attr( $data['min_width'] ) . '" data-min_height="' . esc_attr( $data['min_height'] ) . '" data-coord=""><a href="javascript:void(0);" class="cancel"><i class="um-icon-close"></i></a><img src="" alt="" /><div class="um-clear"></div></div><div class="um-clear"></div>';
$output .= '<div class="um-single-image-preview ' . esc_attr( $data['crop_class'] ) . '" data-crop="' . esc_attr( $data['crop_data'] ) . '" data-ratio="' . esc_attr( $data['ratio'] ) . '" data-min_width="' . esc_attr( $data['min_width'] ) . '" data-min_height="' . esc_attr( $data['min_height'] ) . '" data-coord=""><a href="javascript:void(0);" class="cancel"><i class="um-icon-close"></i></a><img class="fusion-lazyload-ignore" src="" alt="" /><div class="um-clear"></div></div><div class="um-clear"></div>';
$output .= '<div class="um-single-image-upload" data-user_id="' . esc_attr( $_um_profile_id ) . '" data-nonce="' . esc_attr( $nonce ) . '" data-timestamp="' . esc_attr( $this->timestamp ) . '" ' . $data_icon . ' data-set_id="' . esc_attr( $set_id ) . '" data-set_mode="' . esc_attr( $set_mode ) . '" data-type="' . esc_attr( $type ) . '" data-key="' . esc_attr( $key ) . '" data-max_size="' . esc_attr( $data['max_size'] ) . '" data-max_size_error="' . esc_attr( $data['max_size_error'] ) . '" data-min_size_error="' . esc_attr( $data['min_size_error'] ) . '" data-extension_error="' . esc_attr( $data['extension_error'] ) . '" data-allowed_types="' . esc_attr( $allowed_types ) . '" data-upload_text="' . esc_attr( $data['upload_text'] ) . '" data-max_files_error="' . esc_attr( $data['max_files_error'] ) . '" data-upload_help_text="' . esc_attr( $data['upload_help_text'] ) . '">' . esc_html( $data['button_text'] ) . '</div>';
$output .= '<div class="um-modal-footer">
<div class="um-modal-right">
+13 -1
View File
@@ -305,7 +305,7 @@ if ( ! class_exists( 'um\core\Mail' ) ) {
* }
* add_filter( 'um_email_template_body_attrs', 'my_email_template_body_attrs', 10, 3 );
*/
$body_attrs = apply_filters( 'um_email_template_body_attrs', 'style="background: #f2f2f2;-webkit-font-smoothing: antialiased;-moz-osx-font-smoothing: grayscale;"', $slug, $args );
$body_attrs = apply_filters( 'um_email_template_body_attrs', 'style="background: #fff;-webkit-font-smoothing: antialiased;-moz-osx-font-smoothing: grayscale;"', $slug, $args );
?>
<body <?php echo $body_attrs; ?>>
@@ -623,6 +623,8 @@ if ( ! class_exists( 'um\core\Mail' ) ) {
$placeholders[] = '{login_url}';
$placeholders[] = '{password}';
$placeholders[] = '{account_activation_link}';
$placeholders[] = '{action_url}';
$placeholders[] = '{action_title}';
return $placeholders;
}
@@ -641,6 +643,16 @@ if ( ! class_exists( 'um\core\Mail' ) ) {
$replace_placeholders[] = um_get_core_page( 'login' );
$replace_placeholders[] = esc_html__( 'Your set password', 'ultimate-member' );
$replace_placeholders[] = um_user( 'account_activation_link' );
$set_password_required = get_user_meta( um_user( 'ID' ), 'um_set_password_required', true );
if ( empty( $set_password_required ) || 'pending' === um_user( 'status' ) ) {
$replace_placeholders[] = um_get_core_page( 'login' );
$replace_placeholders[] = esc_html__( 'Login to our site', 'ultimate-member' );
} else {
$replace_placeholders[] = um_user( 'password_reset_link' );
$replace_placeholders[] = esc_html__( 'Set your password', 'ultimate-member' );
}
return $replace_placeholders;
}
}
+3 -3
View File
@@ -817,8 +817,8 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
$label = ! empty( $attrs['label'] ) ? $attrs['label'] : $attrs['title'];
if ( $range ) {
$min = strtotime( $range[0] );
$max = strtotime( $range[1] );
$min = $range[0];
$max = $range[1];
?>
<input type="text" id="<?php echo $filter; ?>_from" name="<?php echo $filter; ?>_from" class="um-datepicker-filter"
placeholder="<?php esc_attr_e( sprintf( '%s From', stripslashes( $label ) ), 'ultimate-member' ); ?>"
@@ -1031,7 +1031,7 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
if ( empty( $meta['total'] ) || 1 === absint( $meta['total'] ) ) {
$range = false;
} elseif ( array_key_exists( 'min', $meta ) && array_key_exists( 'max', $meta ) ) {
$range = array( $meta['min'], $meta['max'] );
$range = array( strtotime( $meta['min'] ), strtotime( $meta['max'] ) );
}
break;
case 'user_registered':
+14
View File
@@ -155,6 +155,7 @@ if ( ! class_exists( 'um\core\Password' ) ) {
if ( false !== $this->change_password ) {
// then COOKIE are valid then get data from them and populate hidden fields for the password reset form
$args['rp_mode'] = 'pw_change';
$args['template'] = 'password-change';
$args['rp_key'] = '';
$rp_cookie = 'wp-resetpass-' . COOKIEHASH;
@@ -163,6 +164,14 @@ if ( ! class_exists( 'um\core\Password' ) ) {
$args['login'] = $rp_login;
$args['rp_key'] = $rp_key;
$rp_user_obj = get_user_by( 'login', $rp_login );
if ( false !== $rp_user_obj ) {
$set_password_required = get_user_meta( $rp_user_obj->ID, 'um_set_password_required', true );
if ( ! empty( $set_password_required ) ) {
$args['rp_mode'] = 'pw_set';
}
}
}
}
@@ -599,6 +608,11 @@ if ( ! class_exists( 'um\core\Password' ) ) {
}
$this->setcookie( $rp_cookie, false );
$set_password_required = get_user_meta( $user->ID, 'um_set_password_required', true );
if ( ! empty( $set_password_required ) ) {
delete_user_meta( $user->ID, 'um_set_password_required' );
}
/**
* UM hook
*
+9 -1
View File
@@ -125,8 +125,14 @@ if ( ! class_exists( 'um\core\Permalinks' ) ) {
wp_die( __( 'This activation link is expired.', 'ultimate-member' ) );
}
$redirect = um_get_core_page( 'login', 'account_active' );
$set_password_required = get_user_meta( $user_id, 'um_set_password_required', true );
um_fetch_user( $user_id );
UM()->user()->approve();
if ( ! empty( $set_password_required ) ) {
$redirect = um_user( 'password_reset_link' );
}
um_reset_user();
$user_role = UM()->roles()->get_priority_user_role( $user_id );
@@ -167,7 +173,9 @@ if ( ! class_exists( 'um\core\Permalinks' ) ) {
*/
do_action( 'um_after_email_confirmation', $user_id );
$redirect = empty( $user_role_data['url_email_activate'] ) ? um_get_core_page( 'login', 'account_active' ) : trim( $user_role_data['url_email_activate'] ); // Role setting "URL redirect after e-mail activation"
if ( empty( $set_password_required ) ) {
$redirect = empty( $user_role_data['url_email_activate'] ) ? um_get_core_page( 'login', 'account_active' ) : trim( $user_role_data['url_email_activate'] ); // Role setting "URL redirect after e-mail activation"
}
$redirect = apply_filters( 'um_after_email_confirmation_redirect', $redirect, $user_id, $login );
exit( wp_redirect( $redirect ) );
+60 -1
View File
@@ -74,6 +74,8 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
add_shortcode( 'um_show_content', array( &$this, 'um_shortcode_show_content_for_role' ) );
add_shortcode( 'ultimatemember_searchform', array( &$this, 'ultimatemember_searchform' ) );
add_shortcode( 'um_author_profile_link', array( &$this, 'author_profile_link' ) );
add_filter( 'body_class', array( &$this, 'body_class' ), 0 );
add_filter( 'um_shortcode_args_filter', array( &$this, 'display_logout_form' ), 99 );
@@ -257,7 +259,7 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
foreach ( $array as $slug => $info ) {
if ( um_is_core_page( $slug ) ) {
$classes[] = 'um';
$classes[] = 'um-page';
$classes[] = 'um-page-' . $slug;
if ( is_user_logged_in() ) {
@@ -458,6 +460,63 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
return $output;
}
/**
* Display post author's link to UM User Profile.
*
* @since 2.8.2
*
* Example 1: [um_author_profile_link] current post author User Profile URL
* Example 2: [um_author_profile_link title="User profile" user_id="29"]
* Example 3: [um_author_profile_link title="User profile" user_id="29"]Visit Author Profile[/um_author_profile_link]
* Example 4: [um_author_profile_link raw="1"] for result like http://localhost:8000/user/janedoe/
*
* @param array $attr {
* Attributes of the shortcode.
*
* @type string $class A link class.
* @type string $title A link text.
* @type int $user_id User ID. Author ID if empty.
* @type bool $raw Get raw URL or link layout. `false` by default.
* }
* @param string $content
* @return string Profile link HTML or profile link URL if the link text is empty.
*/
public function author_profile_link( $attr = array(), $content = '' ) {
$default_user_id = 0;
if ( is_singular() ) {
$default_user_id = get_post()->post_author;
} elseif ( is_author() ) {
$default_user_id = get_the_author_meta( 'ID' );
}
$defaults_atts = array(
'class' => 'um-link um-profile-link',
'title' => __( 'Go to profile', 'ultimate-member' ),
'user_id' => $default_user_id,
'raw' => false,
);
$atts = shortcode_atts( $defaults_atts, $attr, 'um_author_profile_link' );
if ( empty( $atts['user_id'] ) ) {
return '';
}
$user_id = absint( $atts['user_id'] );
$url = um_user_profile_url( $user_id );
if ( empty( $url ) ) {
return '';
}
if ( ! empty( $atts['raw'] ) ) {
return $url;
}
$title = ! empty( $atts['title'] ) ? $atts['title'] : __( 'Go to profile', 'ultimate-member' );
$link_html = empty( $content ) ? $title : $content;
return '<a class="' . esc_attr( $atts['class'] ) . '" href="' . esc_url( $url ) . '" title="' . esc_attr( $title ) . '">' . wp_kses_post( $link_html ) . '</a>';
}
/**
* @param array $args
+2 -2
View File
@@ -1690,7 +1690,7 @@ if ( ! class_exists( 'um\core\User' ) ) {
?>
*
*/
function approve( $repeat = true ) {
public function approve( $repeat = true ) {
$user_id = um_user( 'ID' );
if ( ! $repeat ) {
@@ -1702,7 +1702,7 @@ if ( ! class_exists( 'um\core\User' ) ) {
delete_option( "um_cache_userdata_{$user_id}" );
if ( um_user( 'account_status' ) == 'awaiting_admin_review' ) {
if ( 'awaiting_admin_review' === um_user( 'account_status' ) ) {
$userdata = get_userdata( $user_id );
$this->maybe_generate_password_reset_key( $userdata );
+2 -1
View File
@@ -100,10 +100,11 @@ function um_action_request_process() {
wp_die( esc_html__( 'You do not have permission to make this action.', 'ultimate-member' ) );
}
um_fetch_user( $uid );
add_filter( 'um_template_tags_patterns_hook', array( UM()->password(), 'add_placeholder' ), 10, 1 );
add_filter( 'um_template_tags_replaces_hook', array( UM()->password(), 'add_replace_placeholder' ), 10, 1 );
um_fetch_user( $uid );
UM()->user()->approve();
exit( wp_redirect( UM()->permalinks()->get_current_url( true ) ) );
break;
+7 -1
View File
@@ -417,8 +417,10 @@ function um_submit_form_register( $args, $form_data ) {
$user_email = $args['user_email'];
}
$generate_password = false;
if ( ! isset( $args['user_password'] ) ) {
$user_password = UM()->validation()->generate( 8 );
$generate_password = true;
$user_password = UM()->validation()->generate( 8 );
} else {
$user_password = $args['user_password'];
}
@@ -520,6 +522,10 @@ function um_submit_form_register( $args, $form_data ) {
return;
}
if ( true === $generate_password ) {
update_user_meta( $user_id, 'um_set_password_required', true );
}
/**
* Fires after complete UM user registration.
*
+32 -31
View File
@@ -811,79 +811,79 @@ add_filter('um_profile_field_filter_hook__multiselect','um_option_match_callback
add_filter('um_field_select_default_value','um_option_match_callback_view_field', 10, 2);
add_filter('um_field_multiselect_default_value','um_option_match_callback_view_field', 10, 2);
/**
* Apply textdomain in select/multi-select options
*
* @param $value string
* @param $data array
* @param string $value
* @param array $data
*
* @return string
* @uses hook filters: um_profile_field_filter_hook__select, um_profile_field_filter_hook__multiselect
*/
function um_profile_field__select_translate( $value, $data ) {
if ( empty( $value ) ) {
return $value;
}
if ( empty( $value ) ) return $value;
$options = explode( ', ', $value );
$options = explode(", ", $value );
$arr_options = array();
if( is_array( $options ) ){
if ( is_array( $options ) ) {
foreach ( $options as $item ) {
$arr_options[] = __( $item, 'ultimate-member' );
}
}
$value = implode(", ", $arr_options);
return $value;
return implode( ', ', $arr_options );
}
add_filter( 'um_profile_field_filter_hook__select','um_profile_field__select_translate', 10, 2 );
add_filter( 'um_profile_field_filter_hook__multiselect','um_profile_field__select_translate', 10, 2 );
/**
* Cleaning on XSS injection
* @param $value string
* @param $data array
* @param string $type
* @return string $value
* Cleaning on XSS injection.
*
* @param int|string|array $value
* @param array $data
* @param string $type
*
* @return int|string
* @uses hook filters: um_profile_field_filter_hook__
*/
function um_profile_field_filter_xss_validation( $value, $data, $type = '' ) {
if ( ! empty( $value ) && is_string( $value ) ) {
$value = stripslashes( $value );
$value = stripslashes( $value );
$data['validate'] = isset( $data['validate'] ) ? $data['validate'] : '';
if ( 'text' == $type && ! in_array( $data['validate'], array( 'unique_email' ) ) || 'password' == $type ) {
if ( ( 'text' === $type && 'unique_email' !== $data['validate'] ) || 'password' === $type ) {
$value = esc_attr( $value );
} elseif ( $type == 'url' ) {
} elseif ( 'url' === $type ) {
$value = esc_url( $value );
} elseif ( 'textarea' == $type ) {
} elseif ( 'textarea' === $type ) {
if ( empty( $data['html'] ) ) {
$value = wp_kses_post( $value );
}
} elseif ( 'rating' == $type ) {
} elseif ( 'rating' === $type ) {
if ( ! is_numeric( $value ) ) {
$value = 0;
} else {
if ( $data['number'] == 5 ) {
if ( ! in_array( $value, range( 1, 5 ) ) ) {
if ( 5 === absint( $data['number'] ) ) {
if ( ! in_array( $value, range( 1, 5 ), true ) ) {
$value = 0;
}
} elseif ( $data['number'] == 10 ) {
if ( ! in_array( $value, range( 1, 10 ) ) ) {
} elseif ( 10 === $data['number'] ) {
if ( ! in_array( $value, range( 1, 10 ), true ) ) {
$value = 0;
}
}
}
} elseif ( 'select' == $type || 'radio' == $type ) {
} elseif ( 'select' === $type || 'radio' === $type ) {
/** This filter is documented in includes/core/class-fields.php */
$option_pairs = apply_filters( 'um_select_options_pair', null, $data );
$array = empty( $data['options'] ) ? array() : $data['options'];
if ( $data['metakey'] == 'country' && empty( $array ) ) {
if ( 'country' === $data['metakey'] && empty( $array ) ) {
$array = UM()->builtin()->get( 'countries' );
}
@@ -893,6 +893,8 @@ function um_profile_field_filter_xss_validation( $value, $data, $type = '' ) {
$arr = $array;
}
$arr = array_map( 'stripslashes', $arr );
if ( ! empty( $arr ) && ! in_array( $value, array_map( 'trim', $arr ) ) && empty( $data['custom_dropdown_options_source'] ) ) {
$value = '';
} else {
@@ -902,7 +904,7 @@ function um_profile_field_filter_xss_validation( $value, $data, $type = '' ) {
}
}
} elseif ( ! empty( $value ) && is_array( $value ) ) {
if ( 'multiselect' == $type || 'checkbox' == $type ) {
if ( 'multiselect' === $type || 'checkbox' === $type ) {
/** This filter is documented in includes/core/class-fields.php */
$option_pairs = apply_filters( 'um_select_options_pair', null, $data );
@@ -913,8 +915,8 @@ function um_profile_field_filter_xss_validation( $value, $data, $type = '' ) {
}
if ( ! empty( $arr ) && empty( $data['custom_dropdown_options_source'] ) ) {
$arr = wp_unslash( $arr );
$arr = wp_slash( array_map( 'trim', $arr ) );
$arr = wp_unslash( $arr );
$arr = wp_slash( array_map( 'trim', $arr ) );
$value = array_intersect( $value, $arr );
}
@@ -930,7 +932,6 @@ function um_profile_field_filter_xss_validation( $value, $data, $type = '' ) {
}
add_filter( 'um_profile_field_filter_hook__', 'um_profile_field_filter_xss_validation', 10, 3 );
/**
* Trim All form POST submitted data
*
+7
View File
@@ -63,6 +63,13 @@ if ( ! is_admin() ) {
//other filter
foreach ( $menu_items as $item ) {
if ( empty( $item->ID ) ) {
// Left item with empty ID for the cases like in MegaMenu when generated submenu doesn't have the menu item ID.
if ( ! empty( $item->is_mega_menu ) ) {
if ( isset( $item->menu_item_parent ) && in_array( absint( $item->menu_item_parent ), $hide_children_of, true ) ) {
continue;
}
$filtered_items[] = $item;
}
continue;
}