diff --git a/core/um-actions-password.php b/core/um-actions-password.php index c0434708..f2cf8723 100644 --- a/core/um-actions-password.php +++ b/core/um-actions-password.php @@ -1,5 +1,5 @@ user_email; @@ -19,15 +19,15 @@ $ultimatemember->password->reset_request['user_id'] = $data->ID; $ultimatemember->password->reset_request['user_email'] = $user_email; - + um_fetch_user( $data->ID ); - + $ultimatemember->user->password_reset(); um_reset_user(); - + } - + /*** *** @process a change request ***/ @@ -37,32 +37,32 @@ extract( $args ); wp_set_password( $args['user_password'], $args['user_id'] ); - + delete_user_meta( $args['user_id'], 'reset_pass_hash'); delete_user_meta( $args['user_id'], 'reset_pass_hash_token'); delete_user_meta( $args['user_id'], 'password_rst_attempts'); do_action('um_after_changing_user_password', $args['user_id'] ); - - + + if ( is_user_logged_in() ) { wp_logout(); } - + exit( wp_redirect( um_get_core_page('login', 'password_changed') ) ); - + } - + /** * Overrides password changed notification - * + * */ function um_send_password_change_email( $args ){ global $ultimatemember; um_fetch_user( $user_id ); - + $ultimatemember->user->password_changed(); um_reset_user(); @@ -70,7 +70,7 @@ return false; } - + /*** *** @This is executed after changing password ***/ @@ -79,20 +79,20 @@ global $ultimatemember; } - + /*** *** @Error handler: reset password ***/ add_action('um_reset_password_errors_hook','um_reset_password_errors_hook'); function um_reset_password_errors_hook( $args ) { global $ultimatemember; - + if ( $_POST[ $ultimatemember->honeypot ] != '' ) wp_die('Hello, spam bot!'); $form_timestamp = trim($_POST['timestamp']); $live_timestamp = current_time( 'timestamp' ); - + if ( $form_timestamp == '' && um_get_option('enable_timebot') == 1 ) wp_die( __('Hello, spam bot!') ); @@ -102,9 +102,9 @@ if ( strlen(trim( $_POST['username_b'] ) ) == 0 ) { $ultimatemember->form->add_error('username_b', __('Please provide your username or email','ultimatemember') ); } - + $user = $_POST['username_b']; - + if ( ( !is_email( $user ) && !username_exists( $user ) ) || ( is_email( $user ) && !email_exists( $user ) ) ) { $ultimatemember->form->add_error('username_b', __('We can\'t find an account registered with that address or username','ultimatemember') ); } else { @@ -120,38 +120,38 @@ update_user_meta( $user_id, 'password_rst_attempts', $attempts + 1 ); } } - + } - + /*** *** @Error handler: changing password ***/ add_action('um_change_password_errors_hook','um_change_password_errors_hook'); function um_change_password_errors_hook( $args ) { global $ultimatemember; - + if ( $_POST[ $ultimatemember->honeypot ] != '' ) wp_die('Hello, spam bot!'); $form_timestamp = trim($_POST['timestamp']); $live_timestamp = current_time( 'timestamp' ); - + if ( $form_timestamp == '' && um_get_option('enable_timebot') == 1 ) wp_die( __('Hello, spam bot!') ); if ( $live_timestamp - $form_timestamp < 3 && um_get_option('enable_timebot') == 1 ) wp_die( __('Whoa, slow down! You\'re seeing this message because you tried to submit a form too fast and we think you might be a spam bot. If you are a real human being please wait a few seconds before submitting the form. Thanks!') ); - + if ( !$args['user_password'] ) { $ultimatemember->form->add_error('user_password', __('You must enter a new password','ultimatemember') ); } if ( um_get_option('reset_require_strongpass') ) { - + if ( strlen( utf8_decode( $args['user_password'] ) ) < 8 ) { $ultimatemember->form->add_error('user_password', __('Your password must contain at least 8 characters','ultimatemember') ); } - + if ( strlen( utf8_decode( $args['user_password'] ) ) > 30 ) { $ultimatemember->form->add_error('user_password', __('Your password must contain less than 30 characters','ultimatemember') ); } @@ -159,99 +159,101 @@ if ( !$ultimatemember->validation->strong_pass( $args['user_password'] ) ) { $ultimatemember->form->add_error('user_password', __('Your password must contain at least one lowercase letter, one capital letter and one number','ultimatemember') ); } - + } if ( !$args['confirm_user_password'] ) { $ultimatemember->form->add_error('confirm_user_password', __('You must confirm your new password','ultimatemember') ); } - + if ( $args['user_password'] != $args['confirm_user_password'] ) { $ultimatemember->form->add_error('confirm_user_password', __('Your passwords do not match','ultimatemember') ); } } - + /*** *** @hidden fields ***/ add_action('um_change_password_page_hidden_fields','um_change_password_page_hidden_fields'); function um_change_password_page_hidden_fields( $args ) { - + ?> - + - + - + - + - + builtin->get_specific_fields('password_reset_text,username_b'); ?> - + $data ) { $output .= $ultimatemember->fields->edit_field( $key, $data ); }echo $output; ?> - + + +
- +
- +
- +
- + builtin->get_specific_fields('user_password'); ?> - + $data ) { $output .= $ultimatemember->fields->edit_field( $key, $data ); }echo $output; ?> - +
- +
- +
- +
- + $tab ) { + if( !$this->can_view_tab( $id ) ) { + unset( $tabs[$id] ); + } + } + } + + return $tabs; } - + /*** *** @tabs that are active ***/ @@ -27,7 +38,7 @@ class UM_Profile { } return $tabs; } - + /*** *** @primary tabs only ***/ @@ -40,7 +51,7 @@ class UM_Profile { } return $primary; } - + /*** *** @Activated tabs in backend ***/ @@ -55,7 +66,63 @@ class UM_Profile { } return ( isset( $primary ) ) ? $primary : ''; } - + + /*** + *** @Privacy options + ***/ + function tabs_privacy() { + $privacy = array( + 0 => 'Anyone', + 1 => 'Guests only', + 2 => 'Members only', + 3 => 'Only the owner', + 4 => 'Specific roles' + ); + + return $privacy; + } + + /*** + *** @Check if the user can view the current tab + ***/ + function can_view_tab( $tab ) { + global $ultimatemember; + + $privacy = intval( um_get_option( 'profile_tab_' . $tab . '_privacy' ) ); + $can_view = false; + + switch( $privacy ) { + case 1: + $can_view = is_user_logged_in() ? false : true; + break; + + case 2: + $can_view = is_user_logged_in() ? true : false; + break; + + case 3: + $can_view = get_current_user_id() == um_user( 'ID' ) ? true : false; + break; + + case 4: + $can_view = false; + if( is_user_logged_in() ) { + $roles = um_get_option( 'profile_tab_' . $tab . '_roles' ); + if( is_array( $roles ) + && in_array( $ultimatemember->user->get_role(), $roles ) ) { + $can_view = true; + } + } + break; + + default: + $can_view = true; + break; + } + + return $can_view; + } + /*** *** @Get active_tab ***/ @@ -66,53 +133,53 @@ class UM_Profile { if ( get_query_var('profiletab') ) { $this->active_tab = get_query_var('profiletab'); } - + $this->active_tab = apply_filters( 'um_profile_active_tab', $this->active_tab ); return $this->active_tab; } - + /*** *** @Get active active_subnav ***/ function active_subnav() { - + $this->active_subnav = null; - + if ( get_query_var('subnav') ) { $this->active_subnav = get_query_var('subnav'); } - + return $this->active_subnav; } - + /*** *** @Show meta in profile ***/ function show_meta( $array ) { global $ultimatemember; $output = ''; - + foreach( $array as $key ) { $data = ''; if ( $key && um_filtered_value( $key ) ) { - + if ( isset( $ultimatemember->builtin->all_user_fields[$key]['icon'] ) ) { $icon = $ultimatemember->builtin->all_user_fields[$key]['icon']; } else { $icon = ''; } - + $icon = ( isset( $icon ) && !empty( $icon ) ) ? '' : ''; - + if ( !um_get_option('profile_show_metaicon') ) $icon = ''; - + $value = um_filtered_value( $key ); - + $items[] = '' . $icon . $value . ''; $items[] = ''; - + } } @@ -126,4 +193,4 @@ class UM_Profile { return $output; } -} \ No newline at end of file +} diff --git a/um-config.php b/um-config.php index c833e65d..7df81853 100644 --- a/um-config.php +++ b/um-config.php @@ -1594,6 +1594,30 @@ foreach( $tabs as $id => $tab ) { 'off' => __('Off','ultimatemember'), ); + $tab_options[] = array( + 'id' => 'profile_tab_' . $id . '_privacy', + 'type' => 'select', + 'select2' => array( 'allowClear' => 0, 'minimumResultsForSearch' => -1 ), + 'title' => sprintf( __( 'Who can see %s Tab?','ultimatemember' ), $tab ), + 'desc' => __( 'Select which users can view this tab.','ultimatemember' ), + 'default' => 0, + 'options' => $ultimatemember->profile->tabs_privacy(), + 'required' => array( 'profile_tab_' . $id, '=', 1 ), + ); + + $tab_options[] = array( + 'id' => 'profile_tab_' . $id . '_roles', + 'type' => 'select', + 'multi' => true, + 'select2' => array( 'allowClear' => 1, 'minimumResultsForSearch' => -1 ), + 'title' => __( 'Allowed roles','ultimatemember' ), + 'desc' => __( 'Select the the user roles allowed to view this tab.','ultimatemember' ), + 'default' => '', + 'options' => $ultimatemember->query->get_roles(), + 'placeholder' => __( 'Choose user roles...','ultimatemember' ), + 'required' => array( 'profile_tab_' . $id . '_privacy', '=', 4 ), + ); + } $tab_options[] = array(