2017-07-26 14:57:52 +03:00
|
|
|
<?php
|
|
|
|
|
namespace um\core;
|
|
|
|
|
|
2023-06-30 21:55:59 +03:00
|
|
|
if ( ! defined( 'ABSPATH' ) ) {
|
|
|
|
|
exit;
|
|
|
|
|
}
|
2019-10-17 21:44:11 +03:00
|
|
|
|
2018-03-26 01:27:46 +03:00
|
|
|
if ( ! class_exists( 'um\core\Register' ) ) {
|
2018-03-20 13:24:38 +02:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Class Register
|
|
|
|
|
* @package um\core
|
|
|
|
|
*/
|
|
|
|
|
class Register {
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Register constructor.
|
|
|
|
|
*/
|
2023-06-30 21:55:59 +03:00
|
|
|
public function __construct() {
|
|
|
|
|
add_action( 'um_after_register_fields', array( $this, 'add_nonce' ) );
|
|
|
|
|
add_action( 'um_submit_form_register', array( $this, 'verify_nonce' ), 1, 2 );
|
2018-03-20 13:24:38 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Add registration form notice
|
|
|
|
|
*/
|
|
|
|
|
public function add_nonce() {
|
|
|
|
|
wp_nonce_field( 'um_register_form' );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Verify nonce handler
|
|
|
|
|
*
|
2023-06-30 21:55:59 +03:00
|
|
|
* @param array $args
|
|
|
|
|
* @param array $form_data
|
2018-03-20 13:24:38 +02:00
|
|
|
*/
|
2023-06-30 21:55:59 +03:00
|
|
|
public function verify_nonce( $args, $form_data ) {
|
2018-03-20 13:24:38 +02:00
|
|
|
/**
|
2023-06-30 21:55:59 +03:00
|
|
|
* Filters allow nonce verifying while UM Register submission.
|
2018-03-20 13:24:38 +02:00
|
|
|
*
|
2023-06-30 21:55:59 +03:00
|
|
|
* @param {bool} $allow_nonce Is allowed verify nonce on register. By default, allowed = `true`.
|
|
|
|
|
* @param {array} $form_data Form's metakeys. Since 2.6.7.
|
|
|
|
|
*
|
|
|
|
|
* @return {bool} Is allowed verify.
|
|
|
|
|
*
|
|
|
|
|
* @since 2.0
|
|
|
|
|
* @hook um_register_allow_nonce_verification
|
|
|
|
|
*
|
|
|
|
|
* @example <caption>Disable verifying nonce on the register page.</caption>
|
|
|
|
|
* add_filter( 'um_login_allow_nonce_verification', '__return_false' );
|
2018-03-20 13:24:38 +02:00
|
|
|
*/
|
2023-06-30 21:55:59 +03:00
|
|
|
$allow_nonce_verification = apply_filters( 'um_register_allow_nonce_verification', true, $form_data );
|
|
|
|
|
if ( ! $allow_nonce_verification ) {
|
|
|
|
|
return;
|
2018-03-20 13:24:38 +02:00
|
|
|
}
|
|
|
|
|
|
2023-06-30 21:55:59 +03:00
|
|
|
if ( empty( $args['_wpnonce'] ) || ! wp_verify_nonce( $args['_wpnonce'], 'um_register_form' ) ) {
|
2023-07-18 12:06:17 +03:00
|
|
|
/**
|
|
|
|
|
* Filters URL for redirect if register form nonce isn't verified.
|
|
|
|
|
*
|
|
|
|
|
* @param {string} $error_url URL for redirect if register form nonce isn't verified.
|
|
|
|
|
*
|
|
|
|
|
* @return {string} URL for redirect.
|
|
|
|
|
*
|
|
|
|
|
* @since 2.0
|
|
|
|
|
* @hook um_register_invalid_nonce_redirect_url
|
|
|
|
|
*
|
|
|
|
|
* @example <caption>Change URL for redirect if register form nonce isn't verified.</caption>
|
|
|
|
|
* function my_um_register_invalid_nonce_redirect_url( $error_url ) {
|
|
|
|
|
* return '{your_custom_url}';
|
|
|
|
|
* }
|
|
|
|
|
* add_filter( 'um_register_invalid_nonce_redirect_url', 'my_um_register_invalid_nonce_redirect_url' );
|
|
|
|
|
*/
|
2023-06-30 21:55:59 +03:00
|
|
|
$url = apply_filters( 'um_register_invalid_nonce_redirect_url', add_query_arg( array( 'err' => 'invalid_nonce' ) ) );
|
2023-07-18 09:39:34 +03:00
|
|
|
um_safe_redirect( $url );
|
2023-06-30 21:55:59 +03:00
|
|
|
exit;
|
2018-03-20 13:24:38 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-06-30 21:55:59 +03:00
|
|
|
}
|
