Merge pull request #45 from ultimatemember/dev

WPML and Multisite fixes, admin sanitizer
This commit is contained in:
Ultimate Member
2015-12-09 13:26:26 +02:00
5 changed files with 26 additions and 20 deletions
+2 -2
View File
@@ -240,8 +240,8 @@
$uri = add_query_arg('user[]', $user_id, $uri);
$redirect = add_query_arg('user[]', $user_id, $redirect);
}
$uri = add_query_arg('confirm', 1, $uri);
$redirect = add_query_arg('_refer', urlencode($uri), $redirect);
$uri = add_query_arg('_refer', $_POST['_wp_http_referer'], $redirect);
$redirect = add_query_arg('confirm', 1, $uri);
exit( wp_redirect($redirect) );
+7 -5
View File
@@ -161,18 +161,20 @@ class UM_Admin_Notices {
case 'confirm_delete':
$confirm_uri = urldecode($_REQUEST['_refer']);
$confirm_uri = sanitize_text_field( urldecode($_REQUEST['_wp_http_referer']) );
$users = '';
foreach( $_REQUEST['user'] as $user_id ) {
$user = get_userdata( $user_id );
$users .= '#' . $user_id . ': ' . $user->user_login . '<br />';
if( isset( $_REQUEST['user'] ) ){
foreach( $_REQUEST['user'] as $user_id ) {
$user = get_userdata( $user_id );
$users .= '#' . $user_id . ': ' . $user->user_login . '<br />';
}
}
$ignore = admin_url('users.php');
$messages[0]['err_content'] = sprintf(__('Are you sure you want to delete the selected user(s)? The following users will be deleted: <p>%s</p> <strong>This cannot be undone!</strong>','ultimatemember'), $users);
$messages[0]['err_content'] .= '<p><a href="'. esc_attr( $confirm_uri ) .'" class="button-primary">' . __('Remove','ultimatemember') . '</a>&nbsp;&nbsp;<a href="'.$ignore.'" class="button">' . __('Undo','ultimatemember') . '</a></p>';
$messages[0]['err_content'] .= '<p><a href="'. esc_html( $confirm_uri ) .'" class="button-primary">' . __('Remove','ultimatemember') . '</a>&nbsp;&nbsp;<a href="'.$ignore.'" class="button">' . __('Undo','ultimatemember') . '</a></p>';
break;
+12 -11
View File
@@ -159,9 +159,9 @@ class UM_Admin_Users {
global $ultimatemember;
$admin_err = 0;
if (isset($_REQUEST) && !empty ($_REQUEST) ){
// bulk change role
if (isset($_REQUEST['users']) && is_array($_REQUEST['users']) && isset($_REQUEST['um_changeit']) && $_REQUEST['um_changeit'] != '' && isset($_REQUEST['um_change_role']) && !empty($_REQUEST['um_change_role']) ){
@@ -171,7 +171,7 @@ class UM_Admin_Users {
check_admin_referer('bulk-users');
$users = $_REQUEST['users'];
$new_role = $_REQUEST['um_change_role'];
$new_role = current( array_filter( $_REQUEST['um_change_role'] ) );
foreach($users as $user_id){
$ultimatemember->user->set( $user_id );
@@ -207,9 +207,9 @@ class UM_Admin_Users {
check_admin_referer('bulk-users');
$users = $_REQUEST['users'];
$bulk_action = $_REQUEST['um_bulk_action'];
if ( $bulk_action == 'um_delete' ) { // this needs confirmation
$bulk_action = current( array_filter( $_REQUEST['um_bulk_action']) );
if ( in_array('um_delete', $bulk_action ) > -1 ) { // this needs confirmation
$uri = admin_url('users.php');
$userids = array_map( 'intval', (array) $_REQUEST['users'] );
@@ -254,8 +254,9 @@ class UM_Admin_Users {
}
// filter by user role
if ( isset($_REQUEST['um_filter_role']) && ! isset( $_REQUEST['new_role'] ) && $_REQUEST['um_filter_role'] ) {
exit( wp_redirect( admin_url('users.php?um_role=' . $_REQUEST['um_filter_role'] ) ) );
if ( isset($_REQUEST['um_filter_role']) && ( ! isset( $_REQUEST['new_role'] ) || empty( $_REQUEST['new_role'] ) ) && $_REQUEST['um_filter_role'] ) {
$filter_role = current( array_filter( $_REQUEST['um_filter_role'] ) );
exit( wp_redirect( admin_url('users.php?um_role=' .$filter_role ) ) );
}
}
@@ -271,7 +272,7 @@ class UM_Admin_Users {
<div class="actions">
<label class="screen-reader-text" for="um_filter_role"><?php _e('Filter by','ultimatemember'); ?></label>
<select name="um_filter_role" id="um_filter_role" class="umaf-selectjs" style="width: 120px">
<select name="um_filter_role[]" id="um_filter_role" class="umaf-selectjs" style="width: 120px">
<option value="0"><?php _e('Filter by','ultimatemember'); ?></option>
<?php
$roles = $ultimatemember->query->get_roles();
@@ -287,7 +288,7 @@ class UM_Admin_Users {
<div class="actions">
<label class="screen-reader-text" for="um_bulk_action"><?php _e('Take Action','ultimatemember'); ?></label>
<select name="um_bulk_action" id="um_bulk_action" class="umaf-selectjs" style="width: 200px">
<select name="um_bulk_action[]" id="um_bulk_action" class="umaf-selectjs" style="width: 200px">
<option value="0"><?php _e('Take Action','ultimatemember'); ?></option>
<?php echo $ultimatemember->user->get_bulk_admin_actions(); ?>
</select>
@@ -299,7 +300,7 @@ class UM_Admin_Users {
<div class="actions">
<label class="screen-reader-text" for="um_change_role"><?php _e('Community role&hellip;','ultimatemember'); ?></label>
<select name="um_change_role" id="um_change_role" class="umaf-selectjs" style="width: 160px">
<select name="um_change_role[]" id="um_change_role" class="umaf-selectjs" style="width: 160px">
<?php foreach($ultimatemember->query->get_roles( $add_default = 'Community role&hellip;' ) as $key => $value) { ?>
<option value="<?php echo $key; ?>"><?php echo $value; ?></option>
<?php } ?>
+1 -1
View File
@@ -11,7 +11,7 @@
if ( get_current_blog_id() == '1' ) return $dir;
$split = explode('sites',$dir);
$split = explode('sites/',$dir);
$um_dir = 'ultimatemember/';
$dir = $split[0] . $um_dir;
+4 -1
View File
@@ -424,7 +424,10 @@ function um_profile_id() {
$url = add_query_arg( 'updated', esc_attr( $updated ), $url );
}
if ( function_exists('icl_get_current_language') && icl_get_current_language() != icl_get_default_language() && $slug == 'account' ) {
if ( function_exists('icl_get_current_language') && icl_get_current_language() != icl_get_default_language() ) {
$url = um_get_url_for_language( $ultimatemember->permalinks->core[ $slug ], icl_get_current_language() );
if ( get_post_meta( get_the_ID() , '_um_wpml_account', true ) == 1 ) {
$url = get_permalink( get_the_ID() );
}