From fc6182c026f6f142fe6e43c252eb5de52e883907 Mon Sep 17 00:00:00 2001 From: Mykyta Synelnikov Date: Fri, 7 Jul 2023 00:45:12 +0300 Subject: [PATCH] - additional changes from latest Champ commit; --- includes/admin/class-secure.php | 9 ++++++--- includes/common/class-secure.php | 4 +++- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/includes/admin/class-secure.php b/includes/admin/class-secure.php index 6f03f854..ef282792 100644 --- a/includes/admin/class-secure.php +++ b/includes/admin/class-secure.php @@ -129,6 +129,7 @@ if ( ! class_exists( 'um\admin\Secure' ) ) { } $metadata = get_user_meta( $user_id, 'um_user_blocked__metadata', true ); + $user->update_user_level_from_caps(); // Restore Roles. if ( isset( $metadata['roles'] ) ) { @@ -147,8 +148,10 @@ if ( ! class_exists( 'um\admin\Secure' ) ) { delete_user_meta( $user_id, 'um_user_blocked__timestamp' ); // Don't need to reset a password. - update_user_meta( $user_id, 'um_secure_has_reset_password', true ); - update_user_meta( $user_id, 'um_secure_has_reset_password__timestamp', current_time( 'mysql' ) ); + if ( UM()->options()->get( 'display_login_form_notice' ) ) { + update_user_meta( $user_id, 'um_secure_has_reset_password', true ); + update_user_meta( $user_id, 'um_secure_has_reset_password__timestamp', current_time( 'mysql' ) ); + } // Clear Cache. UM()->user()->remove_cache( $user_id ); @@ -251,7 +254,7 @@ if ( ! class_exists( 'um\admin\Secure' ) ) { 'id' => 'secure_notify_admins_banned_accounts', 'type' => 'checkbox', 'label' => __( 'Notify Administrators', 'ultimate-member' ), - 'description' => __( 'When enabled, All administrators will be notified when someone has suspicious activities in Profile & Register forms.', 'ultimate-member' ), + 'description' => __( 'When enabled, All administrators will be notified when someone has suspicious activities in the Account, Profile & Register forms.', 'ultimate-member' ), 'conditional' => array( 'secure_ban_admins_accounts', '=', 1 ), ), array( diff --git a/includes/common/class-secure.php b/includes/common/class-secure.php index a316c89c..85f9c4bf 100644 --- a/includes/common/class-secure.php +++ b/includes/common/class-secure.php @@ -206,7 +206,9 @@ if ( ! class_exists( 'um\common\Secure' ) ) { */ public function revoke_caps( $user ) { $user_agent = ''; - if ( isset( $_SERVER['HTTP_USER_AGENT'] ) ) { + if ( isset( $_REQUEST['nonce'], $_REQUEST['action'] ) && 'um_secure_scan_affected_users' === $_REQUEST['action'] && wp_verify_nonce( $_REQUEST['nonce'], 'um-admin-nonce' ) && current_user_can( 'manage_options' ) ) { + $user_agent = __( 'Ultimate Member Scanner', 'ultimate-member' ); + } elseif ( isset( $_SERVER['HTTP_USER_AGENT'] ) ) { $user_agent = sanitize_text_field( wp_unslash( $_SERVER['HTTP_USER_AGENT'] ) ); } // Capture details.