mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-07-13 11:46:27 +09:00
Merge pull request #802 from ultimatemember/fix/forms-fields-validation
Fix/forms fields validation
This commit is contained in:
@@ -124,14 +124,13 @@ jQuery(document).ready(function() {
|
||||
function unselectEmptyOption( e ) {
|
||||
var $element = jQuery( e.currentTarget );
|
||||
var $selected = $element.find(':selected');
|
||||
if ( $selected.length > 1 ) {
|
||||
$selected.each( function ( i, option ) {
|
||||
if ( option.value === '' ) {
|
||||
option.selected = false;
|
||||
$element.trigger( 'change' );
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
$selected.each( function ( i, option ) {
|
||||
if ( option.value === '' ) {
|
||||
option.selected = false;
|
||||
$element.trigger( 'change' );
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
if ( typeof( jQuery.fn.select2 ) === 'function' ) {
|
||||
|
||||
Vendored
+1
-1
File diff suppressed because one or more lines are too long
@@ -2280,7 +2280,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Metabox' ) ) {
|
||||
$privacy_options = array(
|
||||
'1' => __( 'Everyone', 'ultimate-member' ),
|
||||
'2' => __( 'Members', 'ultimate-member' ),
|
||||
'-1' => __( 'Only visible to profile owner and admins', 'ultimate-member' ),
|
||||
'-1' => __( 'Only visible to profile owner and users who can edit other member accounts', 'ultimate-member' ),
|
||||
'-3' => __( 'Only visible to profile owner and specific roles', 'ultimate-member' ),
|
||||
'-2' => __( 'Only specific member roles', 'ultimate-member' ),
|
||||
);
|
||||
|
||||
@@ -366,12 +366,15 @@ if ( ! class_exists( 'um\core\Form' ) ) {
|
||||
*/
|
||||
$this->post_form = apply_filters( 'um_submit_post_form', $_POST );
|
||||
|
||||
if ( isset( $this->post_form[ UM()->honeypot ] ) && $this->post_form[ UM()->honeypot ] != '' ) {
|
||||
wp_die( __( 'Hello, spam bot!', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
$this->post_form = $this->beautify( $this->post_form );
|
||||
$this->post_form['submitted'] = $this->post_form;
|
||||
|
||||
$this->form_data = UM()->query()->post_data( $this->form_id );
|
||||
|
||||
$this->post_form['submitted'] = $this->post_form;
|
||||
|
||||
$this->post_form = array_merge( $this->form_data, $this->post_form );
|
||||
|
||||
// Remove role from post_form at first if role ! empty and there aren't custom fields with role name
|
||||
@@ -438,10 +441,6 @@ if ( ! class_exists( 'um\core\Form' ) ) {
|
||||
|
||||
}
|
||||
|
||||
if ( isset( $_POST[ UM()->honeypot ] ) && $_POST[ UM()->honeypot ] != '' ) {
|
||||
wp_die( __( 'Hello, spam bot!', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
@@ -518,18 +517,19 @@ if ( ! class_exists( 'um\core\Form' ) ) {
|
||||
|
||||
/**
|
||||
* Beautify form data
|
||||
*
|
||||
* @param array $form
|
||||
* @return array $form
|
||||
*/
|
||||
function beautify( $form ){
|
||||
function beautify( $form ) {
|
||||
|
||||
if (isset($form['form_id'])){
|
||||
if ( isset( $form['form_id'] ) ) {
|
||||
|
||||
$this->form_suffix = '-' . $form['form_id'];
|
||||
|
||||
$this->processing = $form['form_id'];
|
||||
|
||||
foreach( $form as $key => $value ){
|
||||
foreach ( $form as $key => $value ) {
|
||||
if ( strstr( $key, $this->form_suffix ) ) {
|
||||
$a_key = str_replace( $this->form_suffix, '', $key );
|
||||
$form[ $a_key ] = $value;
|
||||
|
||||
@@ -2211,7 +2211,7 @@ if ( ! class_exists( 'um\core\Member_Directory' ) ) {
|
||||
$dropdown_actions = $this->build_user_actions_list( $user_id );
|
||||
|
||||
$actions = array();
|
||||
$can_edit = UM()->roles()->um_current_user_can( 'edit', $user_id ) || UM()->roles()->um_user_can( 'can_edit_everyone' );
|
||||
$can_edit = UM()->roles()->um_current_user_can( 'edit', $user_id );
|
||||
|
||||
// Replace hook 'um_members_just_after_name'
|
||||
ob_start();
|
||||
|
||||
@@ -106,14 +106,54 @@ add_action( 'um_submit_form_errors_hook__blockedwords', 'um_submit_form_errors_h
|
||||
* @param $args
|
||||
*/
|
||||
function um_submit_form_errors_hook( $args ) {
|
||||
$form_id = $args['form_id'];
|
||||
|
||||
$mode = $args['mode'];
|
||||
|
||||
$fields = unserialize( $args['custom_fields'] );
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
* @type action
|
||||
* @title um_submit_form_errors_hook__blockedips
|
||||
* @description Submit form validation
|
||||
* @input_vars
|
||||
* [{"var":"$args","type":"array","desc":"Form Arguments"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_submit_form_errors_hook__blockedips', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_submit_form_errors_hook__blockedips', 'my_submit_form_errors_hook__blockedips', 10, 1 );
|
||||
* function my_submit_form_errors_hook__blockedips( $args ) {
|
||||
* // your code here
|
||||
* }
|
||||
* ?>
|
||||
*/
|
||||
do_action( 'um_submit_form_errors_hook__blockedips', $args );
|
||||
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
* @type action
|
||||
* @title um_submit_form_errors_hook__blockedemails
|
||||
* @description Submit form validation
|
||||
* @input_vars
|
||||
* [{"var":"$args","type":"array","desc":"Form Arguments"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_submit_form_errors_hook__blockedemails', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_submit_form_errors_hook__blockedemails', 'my_submit_form_errors_hook__blockedemails', 10, 1 );
|
||||
* function my_submit_form_errors_hook__blockedemails( $args ) {
|
||||
* // your code here
|
||||
* }
|
||||
* ?>
|
||||
*/
|
||||
do_action( 'um_submit_form_errors_hook__blockedemails', $args );
|
||||
|
||||
if ( $mode == 'register' ) {
|
||||
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
@@ -137,6 +177,7 @@ function um_submit_form_errors_hook( $args ) {
|
||||
|
||||
} elseif ( $mode == 'profile' ) {
|
||||
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
@@ -158,50 +199,9 @@ function um_submit_form_errors_hook( $args ) {
|
||||
*/
|
||||
do_action( 'um_submit_form_errors_hook__profile', $args );
|
||||
|
||||
}
|
||||
} elseif ( $mode == 'login' ) {
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
* @type action
|
||||
* @title um_submit_form_errors_hook__blockedips
|
||||
* @description Submit form validation
|
||||
* @input_vars
|
||||
* [{"var":"$args","type":"array","desc":"Form Arguments"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_submit_form_errors_hook__blockedips', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_submit_form_errors_hook__blockedips', 'my_submit_form_errors_hook__blockedips', 10, 1 );
|
||||
* function my_submit_form_errors_hook__blockedips( $args ) {
|
||||
* // your code here
|
||||
* }
|
||||
* ?>
|
||||
*/
|
||||
do_action( 'um_submit_form_errors_hook__blockedips', $args );
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
* @type action
|
||||
* @title um_submit_form_errors_hook__blockedemails
|
||||
* @description Submit form validation
|
||||
* @input_vars
|
||||
* [{"var":"$args","type":"array","desc":"Form Arguments"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_submit_form_errors_hook__blockedemails', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_submit_form_errors_hook__blockedemails', 'my_submit_form_errors_hook__blockedemails', 10, 1 );
|
||||
* function my_submit_form_errors_hook__blockedemails( $args ) {
|
||||
* // your code here
|
||||
* }
|
||||
* ?>
|
||||
*/
|
||||
do_action( 'um_submit_form_errors_hook__blockedemails', $args );
|
||||
|
||||
if ( $mode == 'login' ) {
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
@@ -222,6 +222,8 @@ function um_submit_form_errors_hook( $args ) {
|
||||
* ?>
|
||||
*/
|
||||
do_action( 'um_submit_form_errors_hook_login', $args );
|
||||
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
@@ -243,27 +245,12 @@ function um_submit_form_errors_hook( $args ) {
|
||||
*/
|
||||
do_action( 'um_submit_form_errors_hook_logincheck', $args );
|
||||
|
||||
} else {
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
* @type action
|
||||
* @title um_submit_form_errors_hook_
|
||||
* @description Submit form validation
|
||||
* @input_vars
|
||||
* [{"var":"$args","type":"array","desc":"Form Arguments"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_submit_form_errors_hook_', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_submit_form_errors_hook_', 'my_submit_form_errors_hook', 10, 1 );
|
||||
* function my_submit_form_errors_hook( $args ) {
|
||||
* // your code here
|
||||
* }
|
||||
* ?>
|
||||
*/
|
||||
do_action( 'um_submit_form_errors_hook_', $args );
|
||||
}
|
||||
|
||||
|
||||
if ( $mode != 'login' ) {
|
||||
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
@@ -285,6 +272,28 @@ function um_submit_form_errors_hook( $args ) {
|
||||
*/
|
||||
do_action( 'um_submit_form_errors_hook__blockedwords', $args );
|
||||
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
* @type action
|
||||
* @title um_submit_form_errors_hook_
|
||||
* @description Submit form validation
|
||||
* @input_vars
|
||||
* [{"var":"$args","type":"array","desc":"Form Arguments"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_submit_form_errors_hook_', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_submit_form_errors_hook_', 'my_submit_form_errors_hook', 10, 1 );
|
||||
* function my_submit_form_errors_hook( $args ) {
|
||||
* // your code here
|
||||
* }
|
||||
* ?>
|
||||
*/
|
||||
do_action( 'um_submit_form_errors_hook_', $args );
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@@ -411,13 +420,25 @@ function um_submit_form_errors_hook_( $args ) {
|
||||
$form_id = $args['form_id'];
|
||||
$mode = $args['mode'];
|
||||
$fields = unserialize( $args['custom_fields'] );
|
||||
$um_profile_photo = um_profile('profile_photo');
|
||||
|
||||
$um_profile_photo = um_profile('profile_photo');
|
||||
if ( get_post_meta( $form_id, '_um_profile_photo_required', true ) && ( empty( $args['profile_photo'] ) && empty( $um_profile_photo ) ) ) {
|
||||
UM()->form()->add_error('profile_photo', __( 'Profile Photo is required.', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
if ( ! empty( $fields ) ) {
|
||||
|
||||
$can_edit = false;
|
||||
$current_user_roles = [];
|
||||
if ( is_user_logged_in() ) {
|
||||
|
||||
$can_edit = UM()->roles()->um_current_user_can( 'edit', $args['user_id'] );
|
||||
|
||||
um_fetch_user( get_current_user_id() );
|
||||
$current_user_roles = um_user( 'roles' );
|
||||
um_reset_user();
|
||||
}
|
||||
|
||||
foreach ( $fields as $key => $array ) {
|
||||
|
||||
if ( $mode == 'profile' ) {
|
||||
@@ -427,13 +448,52 @@ function um_submit_form_errors_hook_( $args ) {
|
||||
}
|
||||
}
|
||||
|
||||
if ( isset( $array['public'] ) && -2 == $array['public'] && ! empty( $array['roles'] ) && is_user_logged_in() ) {
|
||||
$current_user_roles = um_user( 'roles' );
|
||||
if ( empty( $current_user_roles ) || count( array_intersect( $current_user_roles, $array['roles'] ) ) <= 0 ) {
|
||||
continue;
|
||||
$can_view = true;
|
||||
if ( isset( $array['public'] ) && $mode != 'register' ) {
|
||||
|
||||
switch ( $array['public'] ) {
|
||||
case '1': // Everyone
|
||||
break;
|
||||
case '2': // Members
|
||||
if ( ! is_user_logged_in() ) {
|
||||
$can_view = false;
|
||||
}
|
||||
break;
|
||||
case '-1': // Only visible to profile owner and admins
|
||||
if ( ! is_user_logged_in() ) {
|
||||
$can_view = false;
|
||||
} elseif ( $args['user_id'] != get_current_user_id() && ! $can_edit ) {
|
||||
$can_view = false;
|
||||
}
|
||||
break;
|
||||
case '-2': // Only specific member roles
|
||||
if ( ! is_user_logged_in() ) {
|
||||
$can_view = false;
|
||||
} elseif ( ! empty( $array['roles'] ) && count( array_intersect( $current_user_roles, $array['roles'] ) ) <= 0 ) {
|
||||
$can_view = false;
|
||||
}
|
||||
break;
|
||||
case '-3': // Only visible to profile owner and specific roles
|
||||
if ( ! is_user_logged_in() ) {
|
||||
$can_view = false;
|
||||
} elseif ( $args['user_id'] != get_current_user_id() && ! empty( $array['roles'] ) && count( array_intersect( $current_user_roles, $array['roles'] ) ) <= 0 ) {
|
||||
$can_view = false;
|
||||
}
|
||||
break;
|
||||
default:
|
||||
$can_view = apply_filters( 'um_can_view_field_custom', $can_view, $array );
|
||||
break;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
$can_view = apply_filters( 'um_can_view_field', $can_view, $array );
|
||||
|
||||
if ( ! $can_view ) {
|
||||
continue;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
|
||||
@@ -1514,8 +1514,12 @@ function um_can_view_field( $data ) {
|
||||
|
||||
if ( isset( $data['public'] ) && UM()->fields()->set_mode != 'register' ) {
|
||||
|
||||
$can_edit = false;
|
||||
$current_user_roles = [];
|
||||
if ( is_user_logged_in() ) {
|
||||
|
||||
$can_edit = UM()->roles()->um_current_user_can( 'edit', um_user( 'ID' ) );
|
||||
|
||||
$previous_user = um_user( 'ID' );
|
||||
um_fetch_user( get_current_user_id() );
|
||||
|
||||
@@ -1531,10 +1535,10 @@ function um_can_view_field( $data ) {
|
||||
$can_view = false;
|
||||
}
|
||||
break;
|
||||
case '-1': // Only visible to profile owner and admins
|
||||
case '-1': // Only visible to profile owner and users who can edit other member accounts
|
||||
if ( ! is_user_logged_in() ) {
|
||||
$can_view = false;
|
||||
} elseif ( ! um_is_user_himself() && ! UM()->roles()->um_user_can( 'can_edit_everyone' ) ) {
|
||||
} elseif ( ! um_is_user_himself() && ! $can_edit ) {
|
||||
$can_view = false;
|
||||
}
|
||||
break;
|
||||
|
||||
Reference in New Issue
Block a user