mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-06-05 15:09:37 +09:00
- closed #1100;
This commit is contained in:
Nikita Sinelnikov
@@ -556,10 +556,24 @@ if ( ! class_exists( 'um\core\Password' ) ) {
|
||||
}
|
||||
|
||||
if ( UM()->options()->get( 'require_strongpass' ) ) {
|
||||
wp_fix_server_vars();
|
||||
|
||||
$rp_cookie = 'wp-resetpass-' . COOKIEHASH;
|
||||
if ( ! is_user_logged_in() && isset( $_COOKIE[ $rp_cookie ] ) && 0 < strpos( $_COOKIE[ $rp_cookie ], ':' ) ) {
|
||||
list( $rp_login, $rp_key ) = explode( ':', wp_unslash( $_COOKIE[ $rp_cookie ] ), 2 );
|
||||
|
||||
$user = check_password_reset_key( $rp_key, $rp_login );
|
||||
um_fetch_user( $user->ID );
|
||||
} elseif ( is_user_logged_in() ) {
|
||||
um_fetch_user( get_current_user_id() );
|
||||
}
|
||||
|
||||
$min_length = UM()->options()->get( 'password_min_chars' );
|
||||
$min_length = ! empty( $min_length ) ? $min_length : 8;
|
||||
$max_length = UM()->options()->get( 'password_max_chars' );
|
||||
$max_length = ! empty( $max_length ) ? $max_length : 30;
|
||||
$user_login = um_user( 'user_login' );
|
||||
$user_email = um_user( 'user_email' );
|
||||
|
||||
if ( mb_strlen( wp_unslash( $args['user_password'] ) ) < $min_length ) {
|
||||
UM()->form()->add_error( 'user_password', sprintf( __( 'Your password must contain at least %d characters', 'ultimate-member' ), $min_length ) );
|
||||
@@ -569,6 +583,14 @@ if ( ! class_exists( 'um\core\Password' ) ) {
|
||||
UM()->form()->add_error( 'user_password', sprintf( __( 'Your password must contain less than %d characters', 'ultimate-member' ), $max_length ) );
|
||||
}
|
||||
|
||||
if ( strpos( strtolower( $user_login ), strtolower( $args['user_password'] ) ) > -1 ) {
|
||||
UM()->form()->add_error( 'user_password', __( 'Your password cannot contain the part of your username', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
if ( strpos( strtolower( $user_email ), strtolower( $args['user_password'] ) ) > -1 ) {
|
||||
UM()->form()->add_error( 'user_password', __( 'Your password cannot contain the part of your email address', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
if ( ! UM()->validation()->strong_pass( $args['user_password'] ) ) {
|
||||
UM()->form()->add_error( 'user_password', __( 'Your password must contain at least one lowercase letter, one capital letter and one number', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
@@ -93,6 +93,13 @@ function um_submit_account_errors_hook( $args ) {
|
||||
$max_length = UM()->options()->get( 'password_max_chars' );
|
||||
$max_length = ! empty( $max_length ) ? $max_length : 30;
|
||||
|
||||
if ( is_user_logged_in() ) {
|
||||
um_fetch_user( get_current_user_id() );
|
||||
}
|
||||
|
||||
$user_login = um_user( 'user_login' );
|
||||
$user_email = um_user( 'user_email' );
|
||||
|
||||
if ( mb_strlen( wp_unslash( $args['user_password'] ) ) < $min_length ) {
|
||||
UM()->form()->add_error( 'user_password', sprintf( __( 'Your password must contain at least %d characters', 'ultimate-member' ), $min_length ) );
|
||||
}
|
||||
@@ -101,6 +108,14 @@ function um_submit_account_errors_hook( $args ) {
|
||||
UM()->form()->add_error( 'user_password', sprintf( __( 'Your password must contain less than %d characters', 'ultimate-member' ), $max_length ) );
|
||||
}
|
||||
|
||||
if ( strpos( strtolower( $user_login ), strtolower( $args['user_password'] ) ) > -1 ) {
|
||||
UM()->form()->add_error( 'user_password', __( 'Your password cannot contain the part of your username', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
if ( strpos( strtolower( $user_email ), strtolower( $args['user_password'] ) ) > -1 ) {
|
||||
UM()->form()->add_error( 'user_password', __( 'Your password cannot contain the part of your email address', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
if ( ! UM()->validation()->strong_pass( $args['user_password'] ) ) {
|
||||
UM()->form()->add_error( 'user_password', __( 'Your password must contain at least one lowercase letter, one capital letter and one number', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
@@ -621,6 +621,14 @@ function um_submit_form_errors_hook_( $args ) {
|
||||
}
|
||||
|
||||
if ( isset( $array['force_good_pass'] ) && $array['force_good_pass'] == 1 ) {
|
||||
if ( isset( $args['user_login'] ) && strpos( strtolower( $args['user_login'] ), strtolower( $args['user_password'] ) ) > -1 ) {
|
||||
UM()->form()->add_error( 'user_password', __( 'Your password cannot contain the part of your username', 'ultimate-member' ));
|
||||
}
|
||||
|
||||
if ( isset( $args['user_email'] ) && strpos( strtolower( $args['user_email'] ), strtolower( $args['user_password'] ) ) > -1 ) {
|
||||
UM()->form()->add_error( 'user_password', __( 'Your password cannot contain the part of your email address', 'ultimate-member' ));
|
||||
}
|
||||
|
||||
if ( ! UM()->validation()->strong_pass( $args[ $key ] ) ) {
|
||||
UM()->form()->add_error( $key, __( 'Your password must contain at least one lowercase letter, one capital letter and one number', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user