Merge pull request #802 from ultimatemember/fix/forms-fields-validation

Fix/forms fields validation
This commit is contained in:
Nikita Sinelnikov
2021-04-07 14:33:12 +03:00
committed by GitHub
7 changed files with 156 additions and 93 deletions
+7 -8
View File
@@ -124,14 +124,13 @@ jQuery(document).ready(function() {
function unselectEmptyOption( e ) {
var $element = jQuery( e.currentTarget );
var $selected = $element.find(':selected');
if ( $selected.length > 1 ) {
$selected.each( function ( i, option ) {
if ( option.value === '' ) {
option.selected = false;
$element.trigger( 'change' );
}
});
}
$selected.each( function ( i, option ) {
if ( option.value === '' ) {
option.selected = false;
$element.trigger( 'change' );
}
});
}
if ( typeof( jQuery.fn.select2 ) === 'function' ) {
+1 -1
View File
File diff suppressed because one or more lines are too long
+1 -1
View File
@@ -2280,7 +2280,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Metabox' ) ) {
$privacy_options = array(
'1' => __( 'Everyone', 'ultimate-member' ),
'2' => __( 'Members', 'ultimate-member' ),
'-1' => __( 'Only visible to profile owner and admins', 'ultimate-member' ),
'-1' => __( 'Only visible to profile owner and users who can edit other member accounts', 'ultimate-member' ),
'-3' => __( 'Only visible to profile owner and specific roles', 'ultimate-member' ),
'-2' => __( 'Only specific member roles', 'ultimate-member' ),
);
+9 -9
View File
@@ -366,12 +366,15 @@ if ( ! class_exists( 'um\core\Form' ) ) {
*/
$this->post_form = apply_filters( 'um_submit_post_form', $_POST );
if ( isset( $this->post_form[ UM()->honeypot ] ) && $this->post_form[ UM()->honeypot ] != '' ) {
wp_die( __( 'Hello, spam bot!', 'ultimate-member' ) );
}
$this->post_form = $this->beautify( $this->post_form );
$this->post_form['submitted'] = $this->post_form;
$this->form_data = UM()->query()->post_data( $this->form_id );
$this->post_form['submitted'] = $this->post_form;
$this->post_form = array_merge( $this->form_data, $this->post_form );
// Remove role from post_form at first if role ! empty and there aren't custom fields with role name
@@ -438,10 +441,6 @@ if ( ! class_exists( 'um\core\Form' ) ) {
}
if ( isset( $_POST[ UM()->honeypot ] ) && $_POST[ UM()->honeypot ] != '' ) {
wp_die( __( 'Hello, spam bot!', 'ultimate-member' ) );
}
/**
* UM hook
*
@@ -518,18 +517,19 @@ if ( ! class_exists( 'um\core\Form' ) ) {
/**
* Beautify form data
*
* @param array $form
* @return array $form
*/
function beautify( $form ){
function beautify( $form ) {
if (isset($form['form_id'])){
if ( isset( $form['form_id'] ) ) {
$this->form_suffix = '-' . $form['form_id'];
$this->processing = $form['form_id'];
foreach( $form as $key => $value ){
foreach ( $form as $key => $value ) {
if ( strstr( $key, $this->form_suffix ) ) {
$a_key = str_replace( $this->form_suffix, '', $key );
$form[ $a_key ] = $value;
+1 -1
View File
@@ -2211,7 +2211,7 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
$dropdown_actions = $this->build_user_actions_list( $user_id );
$actions = array();
$can_edit = UM()->roles()->um_current_user_can( 'edit', $user_id ) || UM()->roles()->um_user_can( 'can_edit_everyone' );
$can_edit = UM()->roles()->um_current_user_can( 'edit', $user_id );
// Replace hook 'um_members_just_after_name'
ob_start();
+131 -71
View File
@@ -106,14 +106,54 @@ add_action( 'um_submit_form_errors_hook__blockedwords', 'um_submit_form_errors_h
* @param $args
*/
function um_submit_form_errors_hook( $args ) {
$form_id = $args['form_id'];
$mode = $args['mode'];
$fields = unserialize( $args['custom_fields'] );
/**
* UM hook
*
* @type action
* @title um_submit_form_errors_hook__blockedips
* @description Submit form validation
* @input_vars
* [{"var":"$args","type":"array","desc":"Form Arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_submit_form_errors_hook__blockedips', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_submit_form_errors_hook__blockedips', 'my_submit_form_errors_hook__blockedips', 10, 1 );
* function my_submit_form_errors_hook__blockedips( $args ) {
* // your code here
* }
* ?>
*/
do_action( 'um_submit_form_errors_hook__blockedips', $args );
/**
* UM hook
*
* @type action
* @title um_submit_form_errors_hook__blockedemails
* @description Submit form validation
* @input_vars
* [{"var":"$args","type":"array","desc":"Form Arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_submit_form_errors_hook__blockedemails', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_submit_form_errors_hook__blockedemails', 'my_submit_form_errors_hook__blockedemails', 10, 1 );
* function my_submit_form_errors_hook__blockedemails( $args ) {
* // your code here
* }
* ?>
*/
do_action( 'um_submit_form_errors_hook__blockedemails', $args );
if ( $mode == 'register' ) {
/**
* UM hook
*
@@ -137,6 +177,7 @@ function um_submit_form_errors_hook( $args ) {
} elseif ( $mode == 'profile' ) {
/**
* UM hook
*
@@ -158,50 +199,9 @@ function um_submit_form_errors_hook( $args ) {
*/
do_action( 'um_submit_form_errors_hook__profile', $args );
}
} elseif ( $mode == 'login' ) {
/**
* UM hook
*
* @type action
* @title um_submit_form_errors_hook__blockedips
* @description Submit form validation
* @input_vars
* [{"var":"$args","type":"array","desc":"Form Arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_submit_form_errors_hook__blockedips', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_submit_form_errors_hook__blockedips', 'my_submit_form_errors_hook__blockedips', 10, 1 );
* function my_submit_form_errors_hook__blockedips( $args ) {
* // your code here
* }
* ?>
*/
do_action( 'um_submit_form_errors_hook__blockedips', $args );
/**
* UM hook
*
* @type action
* @title um_submit_form_errors_hook__blockedemails
* @description Submit form validation
* @input_vars
* [{"var":"$args","type":"array","desc":"Form Arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_submit_form_errors_hook__blockedemails', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_submit_form_errors_hook__blockedemails', 'my_submit_form_errors_hook__blockedemails', 10, 1 );
* function my_submit_form_errors_hook__blockedemails( $args ) {
* // your code here
* }
* ?>
*/
do_action( 'um_submit_form_errors_hook__blockedemails', $args );
if ( $mode == 'login' ) {
/**
* UM hook
*
@@ -222,6 +222,8 @@ function um_submit_form_errors_hook( $args ) {
* ?>
*/
do_action( 'um_submit_form_errors_hook_login', $args );
/**
* UM hook
*
@@ -243,27 +245,12 @@ function um_submit_form_errors_hook( $args ) {
*/
do_action( 'um_submit_form_errors_hook_logincheck', $args );
} else {
/**
* UM hook
*
* @type action
* @title um_submit_form_errors_hook_
* @description Submit form validation
* @input_vars
* [{"var":"$args","type":"array","desc":"Form Arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_submit_form_errors_hook_', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_submit_form_errors_hook_', 'my_submit_form_errors_hook', 10, 1 );
* function my_submit_form_errors_hook( $args ) {
* // your code here
* }
* ?>
*/
do_action( 'um_submit_form_errors_hook_', $args );
}
if ( $mode != 'login' ) {
/**
* UM hook
*
@@ -285,6 +272,28 @@ function um_submit_form_errors_hook( $args ) {
*/
do_action( 'um_submit_form_errors_hook__blockedwords', $args );
/**
* UM hook
*
* @type action
* @title um_submit_form_errors_hook_
* @description Submit form validation
* @input_vars
* [{"var":"$args","type":"array","desc":"Form Arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_submit_form_errors_hook_', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_submit_form_errors_hook_', 'my_submit_form_errors_hook', 10, 1 );
* function my_submit_form_errors_hook( $args ) {
* // your code here
* }
* ?>
*/
do_action( 'um_submit_form_errors_hook_', $args );
}
}
@@ -411,13 +420,25 @@ function um_submit_form_errors_hook_( $args ) {
$form_id = $args['form_id'];
$mode = $args['mode'];
$fields = unserialize( $args['custom_fields'] );
$um_profile_photo = um_profile('profile_photo');
$um_profile_photo = um_profile('profile_photo');
if ( get_post_meta( $form_id, '_um_profile_photo_required', true ) && ( empty( $args['profile_photo'] ) && empty( $um_profile_photo ) ) ) {
UM()->form()->add_error('profile_photo', __( 'Profile Photo is required.', 'ultimate-member' ) );
}
if ( ! empty( $fields ) ) {
$can_edit = false;
$current_user_roles = [];
if ( is_user_logged_in() ) {
$can_edit = UM()->roles()->um_current_user_can( 'edit', $args['user_id'] );
um_fetch_user( get_current_user_id() );
$current_user_roles = um_user( 'roles' );
um_reset_user();
}
foreach ( $fields as $key => $array ) {
if ( $mode == 'profile' ) {
@@ -427,13 +448,52 @@ function um_submit_form_errors_hook_( $args ) {
}
}
if ( isset( $array['public'] ) && -2 == $array['public'] && ! empty( $array['roles'] ) && is_user_logged_in() ) {
$current_user_roles = um_user( 'roles' );
if ( empty( $current_user_roles ) || count( array_intersect( $current_user_roles, $array['roles'] ) ) <= 0 ) {
continue;
$can_view = true;
if ( isset( $array['public'] ) && $mode != 'register' ) {
switch ( $array['public'] ) {
case '1': // Everyone
break;
case '2': // Members
if ( ! is_user_logged_in() ) {
$can_view = false;
}
break;
case '-1': // Only visible to profile owner and admins
if ( ! is_user_logged_in() ) {
$can_view = false;
} elseif ( $args['user_id'] != get_current_user_id() && ! $can_edit ) {
$can_view = false;
}
break;
case '-2': // Only specific member roles
if ( ! is_user_logged_in() ) {
$can_view = false;
} elseif ( ! empty( $array['roles'] ) && count( array_intersect( $current_user_roles, $array['roles'] ) ) <= 0 ) {
$can_view = false;
}
break;
case '-3': // Only visible to profile owner and specific roles
if ( ! is_user_logged_in() ) {
$can_view = false;
} elseif ( $args['user_id'] != get_current_user_id() && ! empty( $array['roles'] ) && count( array_intersect( $current_user_roles, $array['roles'] ) ) <= 0 ) {
$can_view = false;
}
break;
default:
$can_view = apply_filters( 'um_can_view_field_custom', $can_view, $array );
break;
}
}
$can_view = apply_filters( 'um_can_view_field', $can_view, $array );
if ( ! $can_view ) {
continue;
}
/**
* UM hook
*
+6 -2
View File
@@ -1514,8 +1514,12 @@ function um_can_view_field( $data ) {
if ( isset( $data['public'] ) && UM()->fields()->set_mode != 'register' ) {
$can_edit = false;
$current_user_roles = [];
if ( is_user_logged_in() ) {
$can_edit = UM()->roles()->um_current_user_can( 'edit', um_user( 'ID' ) );
$previous_user = um_user( 'ID' );
um_fetch_user( get_current_user_id() );
@@ -1531,10 +1535,10 @@ function um_can_view_field( $data ) {
$can_view = false;
}
break;
case '-1': // Only visible to profile owner and admins
case '-1': // Only visible to profile owner and users who can edit other member accounts
if ( ! is_user_logged_in() ) {
$can_view = false;
} elseif ( ! um_is_user_himself() && ! UM()->roles()->um_user_can( 'can_edit_everyone' ) ) {
} elseif ( ! um_is_user_himself() && ! $can_edit ) {
$can_view = false;
}
break;