core/um-form.php

<?php

class UM_Form {

	public $form_suffix;

	function __construct() {

		$this->post_form = null;

		$this->form_suffix = null;

		$this->errors = null;

		$this->processing = null;

		add_action('init', array(&$this, 'form_init'), 2);

		add_action('init', array(&$this, 'field_declare'), 10);

	}

	/**
	 * Count the form errors.
	 * @return integer
	 */
	function count_errors() {
		$errors = $this->errors;

		if( $errors && is_array( $errors ) ) {
			return count( $errors );
		}

		return 0;
	}


	/**
	 * Appends field errors
	 * @param string $key 
	 * @param string $error 
	 */
	function add_error( $key, $error ) {
		if ( ! isset( $this->errors[ $key ] ) ){

			$error = apply_filters('um_submit_form_error', $error , $key );

			$this->errors[ $key ] = $error;
		}
	}

	
	/**
	 * If a form has errors
	 * @param  string  $key 
	 * @return boolean     
	 */
	function has_error( $key ) {
		if ( isset($this->errors[$key]) )
			return true;
		return false;
	}

	
	/**
	 * Declare all fields
	 */
	function field_declare(){
		global $ultimatemember;
		if ( isset( $ultimatemember->builtin->custom_fields ) ) {
			$this->all_fields = $ultimatemember->builtin->custom_fields;
		} else {
			$this->all_fields = null;
		}
	}


	/**
	 * Validate form
	 */
	function form_init(){
		global $ultimatemember;

		if ( isset( $_SERVER['REQUEST_METHOD'] ) ) {
			$http_post = ('POST' == $_SERVER['REQUEST_METHOD']);
		} else {
			$http_post = 'POST';
		}

		
		if ( $http_post && !is_admin() && isset( $_POST['form_id'] ) && is_numeric($_POST['form_id']) ) {
			
			do_action("um_before_submit_form_post", $_POST );

			$this->form_id = $_POST['form_id'];
			$this->form_status = get_post_status( $this->form_id );


			if ( $this->form_status == 'publish' ) {

				/* save entire form as global */
				$this->post_form = apply_filters('um_submit_post_form' ,$_POST );

				$this->post_form = $this->beautify( $this->post_form );

				$this->form_data = $ultimatemember->query->post_data( $this->form_id );

				$this->post_form['submitted'] = $this->post_form;

				$this->post_form = array_merge( $this->form_data, $this->post_form );

				
				$secure_form_post = apply_filters('um_secure_form_post', true );
 				
 				if( isset( $this->form_data['custom_fields'] ) 
 					&& strstr( $this->form_data['custom_fields'], 'role_' )
 					&& $secure_form_post  ){  // Secure selected role
					
					$custom_field_roles = $this->custom_field_roles( $this->form_data['custom_fields'] );
                    
                    $role = $_POST['role'];

                    if( is_array( $_POST['role'] ) ){
                    	$role = current( $_POST['role'] );
                    }

					if ( isset( $custom_field_roles ) && is_array(  $custom_field_roles ) && ! in_array( $role , $custom_field_roles ) ) {
						wp_die( __( 'This is not possible for security reasons.','ultimatemember') );
					} 

					$this->post_form['role'] = $role;
					$this->post_form['submitted']['role'] = $role;

				}else if( isset( $this->post_form['mode'] ) && $this->post_form['mode'] == 'register' ) {
					$role = $this->assigned_role( $this->form_id );
					$this->post_form['role'] = $role;
					$this->post_form['submitted']['role'] = $role;
				}
                
               
				if ( isset( $_POST[ $ultimatemember->honeypot ] ) && $_POST[ $ultimatemember->honeypot ] != '' ){
					wp_die('Hello, spam bot!');
				}

				if ( !in_array( $this->form_data['mode'], array('login') ) ) {

					$form_timestamp  = trim($_POST['timestamp']);
					$live_timestamp  = current_time( 'timestamp' );

					if ( $form_timestamp == '' && um_get_option('enable_timebot') == 1 )
						wp_die( __('Hello, spam bot!') );

					if ( !current_user_can('manage_options') && $live_timestamp - $form_timestamp < 6 && um_get_option('enable_timebot') == 1  )
						wp_die( __('Whoa, slow down! You\'re seeing this message because you tried to submit a form too fast and we think you might be a spam bot. If you are a real human being please wait a few seconds before submitting the form. Thanks!') );

				}

				$this->post_form = apply_filters('um_submit_form_data', $this->post_form, $this->post_form['mode'] );

				/* Continue based on form mode - pre-validation */

				do_action('um_submit_form_errors_hook', $this->post_form );

				do_action("um_submit_form_{$this->post_form['mode']}", $this->post_form );

			}

		}

	}


	/**
	 * Beautify form data
	 * @param  array $form 
	 * @return array $form
	 */
	function beautify( $form ){

		if (isset($form['form_id'])){

			$this->form_suffix = '-' . $form['form_id'];

			$this->processing = $form['form_id'];

			foreach( $form as $key => $value ){
				if ( strstr( $key, $this->form_suffix ) ) {
					$a_key = str_replace( $this->form_suffix, '', $key );
					$form[ $a_key ] = $value;
					unset( $form[ $key ] );
				}
			}

		}

		return $form;
	}


	/**
	 * Display form type as Title
	 * @param  string $mode  
	 * @param  integer $post_id
	 * @return string $output
	 */
	function display_form_type( $mode, $post_id ){
		$output = null;
		switch( $mode ){
			case 'login':
				$output = 'Login';
				break;
			case 'profile':
				$output = 'Profile';
				break;
			case 'register':
				$output = 'Register';
				break;
		}
		return $output;
	}

	/**
	 * Assigned roles to a form
	 * @param  integer $post_id
	 * @return string $role
	 */
	function assigned_role( $post_id ){

		$mode = $this->form_type( $post_id );
		$use_globals = get_post_meta( $post_id, "_um_{mode}_use_globals", true);
       
        $global_role = um_get_option('default_role'); // Form Global settings

		if( $use_globals == 0 ){ // Non-Global settings
			$role = get_post_meta( $post_id, "_um_{mode}_role", true );
		}

		if( ! $role || $role == 0 ){ // custom role is default, return default role's slug
			$role = $global_role;
		}

		return $role;
	
	}

	/**
	 * Get form type
	 * @param  integer $post_id 
	 * @return string
	 */
	function form_type( $post_id ){
		
		$mode = get_post_meta( $post_id, '_um_mode', true );
		
		return $mode;
	} 
    
    /**
     * Get custom field roles
     * @param  string $custom_fields serialized 
     * @return array  roles
     */
    function custom_field_roles( $custom_fields ){
        
        if( is_serialized( $custom_fields ) ){
        	$fields = unserialize( $custom_fields );

        	if( ! is_array( $fields )  ) return false;

        	foreach ( $fields  as $field_key => $field_settings ) {

        		 if( strstr( $field_key , 'role_') ){
        		 		if( is_array( $field_settings['options'] ) ){
                        	return array_keys( $field_settings['options'] );
        		 		}
        		 }

        	}

        }

    	return false;
    }
}
first sync 2014-12-15 22:38:07 +02:00			`<?php`

			`class UM_Form {`

			`public $form_suffix;`
Fix invalid role 2016-01-31 11:31:46 -08:00
first sync 2014-12-15 22:38:07 +02:00			`function __construct() {`
Fix invalid role 2016-01-31 11:31:46 -08:00
first sync 2014-12-15 22:38:07 +02:00			`$this->post_form = null;`

			`$this->form_suffix = null;`
Fix invalid role 2016-01-31 11:31:46 -08:00
first sync 2014-12-15 22:38:07 +02:00			`$this->errors = null;`
Fix invalid role 2016-01-31 11:31:46 -08:00
Update 1.1.6 2015-04-07 20:10:23 +02:00			`$this->processing = null;`
Fix invalid role 2016-01-31 11:31:46 -08:00
Added Login Checks 2014-12-30 20:18:29 +02:00			`add_action('init', array(&$this, 'form_init'), 2);`
Fix invalid role 2016-01-31 11:31:46 -08:00
first sync 2014-12-15 22:38:07 +02:00			`add_action('init', array(&$this, 'field_declare'), 10);`
Fix invalid role 2016-01-31 11:31:46 -08:00
first sync 2014-12-15 22:38:07 +02:00			`}`
Fix invalid role 2016-01-31 11:31:46 -08:00
Add support for wordfence and limit login 2016-03-17 18:17:03 -07:00			`/**`
			`* Count the form errors.`
			`* @return integer`
			`*/`
			`function count_errors() {`
			`$errors = $this->errors;`

			`if( $errors && is_array( $errors ) ) {`
			`return count( $errors );`
			`}`

			`return 0;`
			`}`

Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00
			`/**`
			`* Appends field errors`
			`* @param string $key`
			`* @param string $error`
			`*/`
first sync 2014-12-15 22:38:07 +02:00			`function add_error( $key, $error ) {`
Add new filter 'um_submit_form_error' 2016-05-17 19:35:56 +08:00			`if ( ! isset( $this->errors[ $key ] ) ){`

Fix add error filter 2016-05-21 12:38:06 +08:00			`$error = apply_filters('um_submit_form_error', $error , $key );`
Add new filter 'um_submit_form_error' 2016-05-17 19:35:56 +08:00
			`$this->errors[ $key ] = $error;`
first sync 2014-12-15 22:38:07 +02:00			`}`
			`}`
Fix invalid role 2016-01-31 11:31:46 -08:00
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00
			`/**`
			`* If a form has errors`
			`* @param string $key`
			`* @return boolean`
			`*/`
first sync 2014-12-15 22:38:07 +02:00			`function has_error( $key ) {`
			`if ( isset($this->errors[$key]) )`
			`return true;`
			`return false;`
			`}`
Fix invalid role 2016-01-31 11:31:46 -08:00
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00
			`/**`
			`* Declare all fields`
			`*/`
first sync 2014-12-15 22:38:07 +02:00			`function field_declare(){`
			`global $ultimatemember;`
Fix for cronjobs and WP-CLI issues 2015-12-16 16:44:07 +02:00			`if ( isset( $ultimatemember->builtin->custom_fields ) ) {`
			`$this->all_fields = $ultimatemember->builtin->custom_fields;`
			`} else {`
			`$this->all_fields = null;`
			`}`
first sync 2014-12-15 22:38:07 +02:00			`}`
Fix invalid role 2016-01-31 11:31:46 -08:00
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00
			`/**`
			`* Validate form`
			`*/`
first sync 2014-12-15 22:38:07 +02:00			`function form_init(){`
			`global $ultimatemember;`
Fix invalid role 2016-01-31 11:31:46 -08:00
Update 1.3.29 2015-11-05 19:51:31 +08:00			`if ( isset( $_SERVER['REQUEST_METHOD'] ) ) {`
			`$http_post = ('POST' == $_SERVER['REQUEST_METHOD']);`
			`} else {`
			`$http_post = 'POST';`
			`}`
Fix invalid role 2016-01-31 11:31:46 -08:00
Add filters and action hooks in form post 2016-06-14 16:02:16 +08:00
Version 1.0.40 2015-02-04 20:31:39 +02:00			`if ( $http_post && !is_admin() && isset( $_POST['form_id'] ) && is_numeric($_POST['form_id']) ) {`
Add filters and action hooks in form post 2016-06-14 16:02:16 +08:00
			`do_action("um_before_submit_form_post", $_POST );`
Update 1.2.93 2015-05-05 18:06:39 +03:00
first sync 2014-12-15 22:38:07 +02:00			`$this->form_id = $_POST['form_id'];`
			`$this->form_status = get_post_status( $this->form_id );`
Add support for wordfence and limit login 2016-03-17 18:17:03 -07:00
Fix invalid role 2016-01-31 11:31:46 -08:00
first sync 2014-12-15 22:38:07 +02:00			`if ( $this->form_status == 'publish' ) {`

			`/* save entire form as global */`
Add filters and action hooks in form post 2016-06-14 16:02:16 +08:00			`$this->post_form = apply_filters('um_submit_post_form' ,$_POST );`
Fix invalid role 2016-01-31 11:31:46 -08:00
first sync 2014-12-15 22:38:07 +02:00			`$this->post_form = $this->beautify( $this->post_form );`
Added password reset limit and other fixes 2016-01-30 02:18:32 +02:00
first sync 2014-12-15 22:38:07 +02:00			`$this->form_data = $ultimatemember->query->post_data( $this->form_id );`
Add support for wordfence and limit login 2016-03-17 18:17:03 -07:00
first sync 2014-12-15 22:38:07 +02:00			`$this->post_form['submitted'] = $this->post_form;`
Fix invalid role 2016-01-31 11:31:46 -08:00
first sync 2014-12-15 22:38:07 +02:00			`$this->post_form = array_merge( $this->form_data, $this->post_form );`
Add support for wordfence and limit login 2016-03-17 18:17:03 -07:00
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00
Add filters and action hooks in form post 2016-06-14 16:02:16 +08:00			`$secure_form_post = apply_filters('um_secure_form_post', true );`
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00
			`if( isset( $this->form_data['custom_fields'] )`
			`&& strstr( $this->form_data['custom_fields'], 'role_' )`
			`&& $secure_form_post ){ // Secure selected role`

			`$custom_field_roles = $this->custom_field_roles( $this->form_data['custom_fields'] );`
Fix role validation on registration process 2016-09-06 20:14:12 +08:00
			`$role = $_POST['role'];`
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00
Fix role validation on registration process 2016-09-06 20:14:12 +08:00			`if( is_array( $_POST['role'] ) ){`
			`$role = current( $_POST['role'] );`
			`}`

Fix role validation on registration process 2016-09-11 12:40:52 +08:00			`if ( isset( $custom_field_roles ) && is_array( $custom_field_roles ) && ! in_array( $role , $custom_field_roles ) ) {`
Fix form security validation 2016-02-20 15:47:27 +08:00			`wp_die( __( 'This is not possible for security reasons.','ultimatemember') );`
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00			`}`

Fix role validation on registration process 2016-09-06 20:14:12 +08:00			`$this->post_form['role'] = $role;`
			`$this->post_form['submitted']['role'] = $role;`

Fix missing user in member directory after profile update 2016-09-07 23:36:07 +08:00			`}else if( isset( $this->post_form['mode'] ) && $this->post_form['mode'] == 'register' ) {`
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00			`$role = $this->assigned_role( $this->form_id );`
Fix form validation and security notice 2016-09-01 19:54:38 +08:00			`$this->post_form['role'] = $role;`
			`$this->post_form['submitted']['role'] = $role;`
Added password reset limit and other fixes 2016-01-30 02:18:32 +02:00			`}`
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00

Add braces 2016-03-08 22:50:11 +08:00			`if ( isset( $_POST[ $ultimatemember->honeypot ] ) && $_POST[ $ultimatemember->honeypot ] != '' ){`
first sync 2014-12-15 22:38:07 +02:00			`wp_die('Hello, spam bot!');`
Add braces 2016-03-08 22:50:11 +08:00			`}`
Update 1.2.93 2015-05-05 18:06:39 +03:00
first sync 2014-12-15 22:38:07 +02:00			`if ( !in_array( $this->form_data['mode'], array('login') ) ) {`
Fix invalid role 2016-01-31 11:31:46 -08:00
first sync 2014-12-15 22:38:07 +02:00			`$form_timestamp = trim($_POST['timestamp']);`
Update 1.0.56 2015-02-15 20:31:41 +02:00			`$live_timestamp = current_time( 'timestamp' );`
Fix invalid role 2016-01-31 11:31:46 -08:00
Update 1.0.76 2015-03-07 13:07:49 +02:00			`if ( $form_timestamp == '' && um_get_option('enable_timebot') == 1 )`
first sync 2014-12-15 22:38:07 +02:00			`wp_die( __('Hello, spam bot!') );`

Update 1.2.92 2015-05-02 02:49:05 +03:00			`if ( !current_user_can('manage_options') && $live_timestamp - $form_timestamp < 6 && um_get_option('enable_timebot') == 1 )`
Password reset feature and code changes 2014-12-22 01:45:24 +02:00			`wp_die( __('Whoa, slow down! You\'re seeing this message because you tried to submit a form too fast and we think you might be a spam bot. If you are a real human being please wait a few seconds before submitting the form. Thanks!') );`
first sync 2014-12-15 22:38:07 +02:00
			`}`
Fix invalid role 2016-01-31 11:31:46 -08:00
Add filter 'um_submit_form_data' 2016-05-22 14:20:50 +08:00			`$this->post_form = apply_filters('um_submit_form_data', $this->post_form, $this->post_form['mode'] );`

first sync 2014-12-15 22:38:07 +02:00			`/* Continue based on form mode - pre-validation */`
Add support for wordfence and limit login 2016-03-17 18:17:03 -07:00
Release 1.0.0 2015-01-18 18:20:34 +02:00			`do_action('um_submit_form_errors_hook', $this->post_form );`
Added Login Checks 2014-12-30 20:18:29 +02:00
Login Process 2014-12-22 15:09:14 +02:00			`do_action("um_submit_form_{$this->post_form['mode']}", $this->post_form );`
first sync 2014-12-15 22:38:07 +02:00
			`}`
Fix invalid role 2016-01-31 11:31:46 -08:00
first sync 2014-12-15 22:38:07 +02:00			`}`

			`}`
Fix invalid role 2016-01-31 11:31:46 -08:00
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00
			`/**`
			`* Beautify form data`
			`* @param array $form`
			`* @return array $form`
			`*/`
first sync 2014-12-15 22:38:07 +02:00			`function beautify( $form ){`
Fix invalid role 2016-01-31 11:31:46 -08:00
first sync 2014-12-15 22:38:07 +02:00			`if (isset($form['form_id'])){`
Fix invalid role 2016-01-31 11:31:46 -08:00
first sync 2014-12-15 22:38:07 +02:00			`$this->form_suffix = '-' . $form['form_id'];`
Fix invalid role 2016-01-31 11:31:46 -08:00
Update 1.1.6 2015-04-07 20:10:23 +02:00			`$this->processing = $form['form_id'];`
Fix invalid role 2016-01-31 11:31:46 -08:00
Add filter 'um_submit_form_data' 2016-05-22 14:20:50 +08:00			`foreach( $form as $key => $value ){`
			`if ( strstr( $key, $this->form_suffix ) ) {`
			`$a_key = str_replace( $this->form_suffix, '', $key );`
			`$form[ $a_key ] = $value;`
			`unset( $form[ $key ] );`
first sync 2014-12-15 22:38:07 +02:00			`}`
			`}`
Fix invalid role 2016-01-31 11:31:46 -08:00
first sync 2014-12-15 22:38:07 +02:00			`}`
Fix invalid role 2016-01-31 11:31:46 -08:00
first sync 2014-12-15 22:38:07 +02:00			`return $form;`
			`}`
Fix invalid role 2016-01-31 11:31:46 -08:00
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00
			`/**`
			`* Display form type as Title`
			`* @param string $mode`
			`* @param integer $post_id`
			`* @return string $output`
			`*/`
			`function display_form_type( $mode, $post_id ){`
first sync 2014-12-15 22:38:07 +02:00			`$output = null;`
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00			`switch( $mode ){`
first sync 2014-12-15 22:38:07 +02:00			`case 'login':`
			`$output = 'Login';`
			`break;`
			`case 'profile':`
			`$output = 'Profile';`
			`break;`
			`case 'register':`
			`$output = 'Register';`
			`break;`
			`}`
			`return $output;`
			`}`
Fix invalid role 2016-01-31 11:31:46 -08:00
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00			`/**`
			`* Assigned roles to a form`
			`* @param integer $post_id`
			`* @return string $role`
			`*/`
Fix form role and validation 2016-02-19 19:18:04 +08:00			`function assigned_role( $post_id ){`
Validate roles for forms without custom fields 2016-02-20 16:14:40 +08:00
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00			`$mode = $this->form_type( $post_id );`
			`$use_globals = get_post_meta( $post_id, "_um_{mode}_use_globals", true);`

			`$global_role = um_get_option('default_role'); // Form Global settings`
Add support for wordfence and limit login 2016-03-17 18:17:03 -07:00
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00			`if( $use_globals == 0 ){ // Non-Global settings`
			`$role = get_post_meta( $post_id, "_um_{mode}_role", true );`
Validate roles for forms without custom fields 2016-02-20 16:14:40 +08:00			`}`
Fix form role and validation 2016-02-19 19:18:04 +08:00
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00			`if( ! $role \|\| $role == 0 ){ // custom role is default, return default role's slug`
			`$role = $global_role;`
Fix form role and validation 2016-02-19 19:18:04 +08:00			`}`
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00
Fix form role and validation 2016-02-19 19:18:04 +08:00			`return $role;`
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00
Fix form role and validation 2016-02-19 19:18:04 +08:00			`}`
Fix assigning of role on registration process 2016-09-05 22:12:25 +08:00
			`/**`
			`* Get form type`
			`* @param integer $post_id`
			`* @return string`
			`*/`
			`function form_type( $post_id ){`

			`$mode = get_post_meta( $post_id, '_um_mode', true );`

			`return $mode;`
			`}`

			`/**`
			`* Get custom field roles`
			`* @param string $custom_fields serialized`
			`* @return array roles`
			`*/`
			`function custom_field_roles( $custom_fields ){`

			`if( is_serialized( $custom_fields ) ){`
			`$fields = unserialize( $custom_fields );`

			`if( ! is_array( $fields ) ) return false;`

			`foreach ( $fields as $field_key => $field_settings ) {`

			`if( strstr( $field_key , 'role_') ){`
			`if( is_array( $field_settings['options'] ) ){`
			`return array_keys( $field_settings['options'] );`
			`}`
			`}`

			`}`

			`}`

			`return false;`
			`}`
Fix invalid role 2016-01-31 11:31:46 -08:00			`}`