mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-06-05 15:09:37 +09:00
- fixed wp-login error when use email with wrong password;
This commit is contained in:
nikitasinelnikov
@@ -1,4 +1,4 @@
|
||||
<?php if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
|
||||
<?php if ( ! defined( 'ABSPATH' ) ) exit;
|
||||
|
||||
|
||||
/**
|
||||
@@ -8,34 +8,39 @@
|
||||
*/
|
||||
function um_submit_form_errors_hook__blockedemails( $args ) {
|
||||
$emails = UM()->options()->get( 'blocked_emails' );
|
||||
if ( ! $emails )
|
||||
if ( ! $emails ) {
|
||||
return;
|
||||
}
|
||||
|
||||
$emails = array_map("rtrim", explode("\n", $emails));
|
||||
$emails = array_map( 'rtrim', explode( "\n", $emails ) );
|
||||
|
||||
if ( isset( $args['user_email'] ) && is_email( $args['user_email'] ) ) {
|
||||
|
||||
$domain = explode('@', $args['user_email'] );
|
||||
$check_domain = str_replace($domain[0], '*', $args['user_email']);
|
||||
$domain = explode( '@', $args['user_email'] );
|
||||
$check_domain = str_replace( $domain[0], '*', $args['user_email'] );
|
||||
|
||||
if ( in_array( $args['user_email'], $emails ) )
|
||||
exit( wp_redirect( esc_url( add_query_arg('err', 'blocked_email') ) ) );
|
||||
if ( in_array( $args['user_email'], $emails ) ) {
|
||||
exit( wp_redirect( esc_url( add_query_arg( 'err', 'blocked_email' ) ) ) );
|
||||
}
|
||||
|
||||
if ( in_array( $check_domain, $emails ) )
|
||||
exit( wp_redirect( esc_url( add_query_arg('err', 'blocked_domain') ) ) );
|
||||
if ( in_array( $check_domain, $emails ) ) {
|
||||
exit( wp_redirect( esc_url( add_query_arg( 'err', 'blocked_domain' ) ) ) );
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if ( isset( $args['username'] ) && is_email( $args['username'] ) ) {
|
||||
|
||||
$domain = explode('@', $args['username'] );
|
||||
$check_domain = str_replace($domain[0], '*', $args['username']);
|
||||
$domain = explode( '@', $args['username'] );
|
||||
$check_domain = str_replace( $domain[0], '*', $args['username'] );
|
||||
|
||||
if ( in_array( $args['username'], $emails ) )
|
||||
exit( wp_redirect( esc_url( add_query_arg('err', 'blocked_email') ) ) );
|
||||
if ( in_array( $args['username'], $emails ) ) {
|
||||
exit( wp_redirect( esc_url( add_query_arg( 'err', 'blocked_email' ) ) ) );
|
||||
}
|
||||
|
||||
if ( in_array( $check_domain, $emails ) )
|
||||
exit( wp_redirect( esc_url( add_query_arg('err', 'blocked_domain') ) ) );
|
||||
if ( in_array( $check_domain, $emails ) ) {
|
||||
exit( wp_redirect( esc_url( add_query_arg( 'err', 'blocked_domain' ) ) ) );
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
@@ -47,18 +52,19 @@ add_action( 'um_submit_form_errors_hook__blockedemails', 'um_submit_form_errors_
|
||||
*
|
||||
* @param $args
|
||||
*/
|
||||
function um_submit_form_errors_hook__blockedips($args){
|
||||
$ips = UM()->options()->get('blocked_ips');
|
||||
if ( !$ips )
|
||||
function um_submit_form_errors_hook__blockedips( $args ) {
|
||||
$ips = UM()->options()->get( 'blocked_ips' );
|
||||
if ( ! $ips ) {
|
||||
return;
|
||||
}
|
||||
|
||||
$ips = array_map("rtrim", explode("\n", $ips));
|
||||
$ips = array_map( 'rtrim', explode( "\n", $ips ) );
|
||||
$user_ip = um_user_ip();
|
||||
|
||||
foreach($ips as $ip) {
|
||||
$ip = str_replace('*','',$ip);
|
||||
if ( !empty( $ip ) && strpos($user_ip, $ip) === 0) {
|
||||
exit( wp_redirect( esc_url( add_query_arg('err', 'blocked_ip') ) ) );
|
||||
foreach ( $ips as $ip ) {
|
||||
$ip = str_replace( '*', '', $ip );
|
||||
if ( ! empty( $ip ) && strpos( $user_ip, $ip ) === 0 ) {
|
||||
exit( wp_redirect( esc_url( add_query_arg( 'err', 'blocked_ip' ) ) ) );
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -71,24 +77,24 @@ add_action( 'um_submit_form_errors_hook__blockedips', 'um_submit_form_errors_hoo
|
||||
* @param $args
|
||||
*/
|
||||
function um_submit_form_errors_hook__blockedwords( $args ) {
|
||||
$words = UM()->options()->get( 'blocked_words' );
|
||||
if ( empty( $words ) ) {
|
||||
return;
|
||||
}
|
||||
|
||||
$form_id = $args['form_id'];
|
||||
$mode = $args['mode'];
|
||||
$fields = unserialize( $args['custom_fields'] );
|
||||
|
||||
$words = UM()->options()->get('blocked_words');
|
||||
if ( $words != '' ) {
|
||||
|
||||
$words = array_map("rtrim", explode("\n", $words));
|
||||
if ( ! empty( $fields ) && is_array( $fields ) ) {
|
||||
foreach ( $fields as $key => $array ) {
|
||||
if ( isset($array['validate']) && in_array( $array['validate'], array('unique_username','unique_email','unique_username_or_email') ) ) {
|
||||
if ( ! UM()->form()->has_error( $key ) && isset( $args[$key] ) && in_array( $args[$key], $words ) ) {
|
||||
UM()->form()->add_error( $key, __('You are not allowed to use this word as your username.','ultimate-member') );
|
||||
}
|
||||
$words = array_map( 'rtrim', explode( "\n", $words ) );
|
||||
if ( ! empty( $fields ) && is_array( $fields ) ) {
|
||||
foreach ( $fields as $key => $array ) {
|
||||
if ( isset( $array['validate'] ) && in_array( $array['validate'], array( 'unique_username', 'unique_email', 'unique_username_or_email' ) ) ) {
|
||||
if ( ! UM()->form()->has_error( $key ) && isset( $args[ $key ] ) && in_array( $args[ $key ], $words ) ) {
|
||||
UM()->form()->add_error( $key, __( 'You are not allowed to use this word as your username.', 'ultimate-member' ) );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
add_action( 'um_submit_form_errors_hook__blockedwords', 'um_submit_form_errors_hook__blockedwords', 10 );
|
||||
@@ -127,9 +133,10 @@ function um_submit_form_errors_hook( $args ) {
|
||||
* }
|
||||
* ?>
|
||||
*/
|
||||
do_action( "um_submit_form_errors_hook__registration", $args );
|
||||
do_action( 'um_submit_form_errors_hook__registration', $args );
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
@@ -149,7 +156,7 @@ function um_submit_form_errors_hook( $args ) {
|
||||
* }
|
||||
* ?>
|
||||
*/
|
||||
do_action( "um_submit_form_errors_hook__blockedips", $args );
|
||||
do_action( 'um_submit_form_errors_hook__blockedips', $args );
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
@@ -169,7 +176,7 @@ function um_submit_form_errors_hook( $args ) {
|
||||
* }
|
||||
* ?>
|
||||
*/
|
||||
do_action( "um_submit_form_errors_hook__blockedemails", $args );
|
||||
do_action( 'um_submit_form_errors_hook__blockedemails', $args );
|
||||
|
||||
if ( $mode == 'login' ) {
|
||||
/**
|
||||
@@ -253,7 +260,7 @@ function um_submit_form_errors_hook( $args ) {
|
||||
* }
|
||||
* ?>
|
||||
*/
|
||||
do_action( "um_submit_form_errors_hook__blockedwords", $args );
|
||||
do_action( 'um_submit_form_errors_hook__blockedwords', $args );
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -27,22 +27,25 @@ function um_submit_form_errors_hook_login( $args ) {
|
||||
}
|
||||
|
||||
if ( isset( $args['username'] ) ) {
|
||||
$authenticate = $args['username'];
|
||||
$field = 'username';
|
||||
if ( is_email( $args['username'] ) ) {
|
||||
$is_email = true;
|
||||
$data = get_user_by('email', $args['username'] );
|
||||
$user_name = (isset ( $data->user_login ) ) ? $data->user_login : null;
|
||||
$user_name = isset( $data->user_login ) ? $data->user_login : null;
|
||||
} else {
|
||||
$user_name = $args['username'];
|
||||
}
|
||||
} elseif ( isset( $args['user_email'] ) ) {
|
||||
$authenticate = $args['user_email'];
|
||||
$field = 'user_email';
|
||||
$is_email = true;
|
||||
$data = get_user_by('email', $args['user_email'] );
|
||||
$user_name = (isset ( $data->user_login ) ) ? $data->user_login : null;
|
||||
$user_name = isset( $data->user_login ) ? $data->user_login : null;
|
||||
} else {
|
||||
$field = 'user_login';
|
||||
$user_name = $args['user_login'];
|
||||
$authenticate = $args['user_login'];
|
||||
}
|
||||
|
||||
if ( $args['user_password'] == '' ) {
|
||||
@@ -56,18 +59,16 @@ function um_submit_form_errors_hook_login( $args ) {
|
||||
UM()->form()->add_error( 'user_password', __( 'Password is incorrect. Please try again.', 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
$user = apply_filters( 'authenticate', null, $user_name, $args['user_password'] );
|
||||
|
||||
$authenticate_user = apply_filters( 'wp_authenticate_user', $user_name, $args['user_password'] );
|
||||
|
||||
// @since 4.18 replacement for 'wp_login_failed' action hook
|
||||
// see WP function wp_authenticate()
|
||||
$ignore_codes = array('empty_username', 'empty_password');
|
||||
$ignore_codes = array( 'empty_username', 'empty_password' );
|
||||
|
||||
$user = apply_filters( 'authenticate', null, $authenticate, $args['user_password'] );
|
||||
if ( is_wp_error( $user ) && ! in_array( $user->get_error_code(), $ignore_codes ) ) {
|
||||
UM()->form()->add_error( $user->get_error_code(), __( $user->get_error_message(), 'ultimate-member' ) );
|
||||
}
|
||||
|
||||
$authenticate_user = apply_filters( 'wp_authenticate_user', $user_name, $args['user_password'] );
|
||||
if ( is_wp_error( $authenticate_user ) && ! in_array( $authenticate_user->get_error_code(), $ignore_codes ) ) {
|
||||
UM()->form()->add_error( $authenticate_user->get_error_code(), __( $authenticate_user->get_error_message(), 'ultimate-member' ) );
|
||||
}
|
||||
@@ -469,18 +470,4 @@ add_action( 'um_after_login_fields', 'um_after_login_submit', 1001 );
|
||||
function um_add_login_fields( $args ) {
|
||||
echo UM()->fields()->display( 'login', $args );
|
||||
}
|
||||
add_action( 'um_main_login_fields', 'um_add_login_fields', 100 );
|
||||
|
||||
|
||||
/**
|
||||
* Remove authenticate filter
|
||||
* @uses 'wp_authenticate_username_password_before'
|
||||
*
|
||||
* @param $user
|
||||
* @param $username
|
||||
* @param $password
|
||||
*/
|
||||
function um_auth_username_password_before( $user, $username, $password ) {
|
||||
remove_filter( 'authenticate', 'wp_authenticate_username_password', 20 );
|
||||
}
|
||||
add_action( 'wp_authenticate_username_password_before', 'um_auth_username_password_before', 10, 3 );
|
||||
add_action( 'um_main_login_fields', 'um_add_login_fields', 100 );
|
||||
@@ -55,7 +55,7 @@ add_filter( 'login_message', 'um_custom_wp_err_messages' );
|
||||
|
||||
|
||||
/**
|
||||
* Check for blocked ip
|
||||
* Check for blocked IPs or Email on wp-login.php form
|
||||
*
|
||||
* @param $user
|
||||
* @param $username
|
||||
@@ -65,47 +65,8 @@ add_filter( 'login_message', 'um_custom_wp_err_messages' );
|
||||
*/
|
||||
function um_wp_form_errors_hook_ip_test( $user, $username, $password ) {
|
||||
if ( ! empty( $username ) ) {
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
* @type action
|
||||
* @title um_submit_form_errors_hook__blockedips
|
||||
* @description Hook that runs after user reset their password
|
||||
* @input_vars
|
||||
* [{"var":"$args","type":"array","desc":"Form data"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_submit_form_errors_hook__blockedips', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_submit_form_errors_hook__blockedips', 'my_submit_form_errors_hook__blockedips', 10, 1 );
|
||||
* function my_submit_form_errors_hook__blockedips( $args ) {
|
||||
* // your code here
|
||||
* }
|
||||
* ?>
|
||||
*/
|
||||
do_action( "um_submit_form_errors_hook__blockedips", $args = array() );
|
||||
/**
|
||||
* UM hook
|
||||
*
|
||||
* @type action
|
||||
* @title um_submit_form_errors_hook__blockedemails
|
||||
* @description Hook that runs after user reset their password
|
||||
* @input_vars
|
||||
* [{"var":"$args","type":"array","desc":"Form data"}]
|
||||
* @change_log
|
||||
* ["Since: 2.0"]
|
||||
* @usage add_action( 'um_submit_form_errors_hook__blockedemails', 'function_name', 10, 1 );
|
||||
* @example
|
||||
* <?php
|
||||
* add_action( 'um_submit_form_errors_hook__blockedemails', 'my_submit_form_errors_hook__blockedemails', 10, 1 );
|
||||
* function my_submit_form_errors_hook__blockedemails( $args ) {
|
||||
* // your code here
|
||||
* }
|
||||
* ?>
|
||||
*/
|
||||
do_action( "um_submit_form_errors_hook__blockedemails", $args = array( 'username' => $username ) );
|
||||
|
||||
do_action( 'um_submit_form_errors_hook__blockedips', array() );
|
||||
do_action( 'um_submit_form_errors_hook__blockedemails', array( 'username' => $username ) );
|
||||
}
|
||||
|
||||
return $user;
|
||||
@@ -124,35 +85,34 @@ add_filter( 'authenticate', 'um_wp_form_errors_hook_ip_test', 10, 3 );
|
||||
*/
|
||||
function um_wp_form_errors_hook_logincheck( $user, $username, $password ) {
|
||||
|
||||
do_action( 'wp_authenticate_username_password_before', $user, $username, $password );
|
||||
|
||||
if ( isset( $user->ID ) ) {
|
||||
|
||||
um_fetch_user( $user->ID );
|
||||
$status = um_user('account_status');
|
||||
$status = um_user( 'account_status' );
|
||||
|
||||
switch( $status ) {
|
||||
case 'inactive':
|
||||
return new WP_Error( $status, __('Your account has been disabled.','ultimate-member') );
|
||||
return new WP_Error( $status, __( 'Your account has been disabled.', 'ultimate-member' ) );
|
||||
break;
|
||||
case 'awaiting_admin_review':
|
||||
return new WP_Error( $status, __('Your account has not been approved yet.','ultimate-member') );
|
||||
return new WP_Error( $status, __( 'Your account has not been approved yet.', 'ultimate-member' ) );
|
||||
break;
|
||||
case 'awaiting_email_confirmation':
|
||||
return new WP_Error( $status, __('Your account is awaiting e-mail verification.','ultimate-member') );
|
||||
return new WP_Error( $status, __( 'Your account is awaiting e-mail verification.', 'ultimate-member' ) );
|
||||
break;
|
||||
case 'rejected':
|
||||
return new WP_Error( $status, __('Your membership request has been rejected.','ultimate-member') );
|
||||
return new WP_Error( $status, __( 'Your membership request has been rejected.', 'ultimate-member' ) );
|
||||
break;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
return wp_authenticate_username_password( $user, $username, $password );
|
||||
return $user;
|
||||
|
||||
}
|
||||
add_filter( 'authenticate', 'um_wp_form_errors_hook_logincheck', 50, 3 );
|
||||
|
||||
|
||||
/**
|
||||
* Change lost password url in UM Login form
|
||||
* @param string $lostpassword_url
|
||||
@@ -160,11 +120,10 @@ add_filter( 'authenticate', 'um_wp_form_errors_hook_logincheck', 50, 3 );
|
||||
*/
|
||||
function um_lostpassword_url( $lostpassword_url ) {
|
||||
|
||||
if( um_is_core_page("login") ){
|
||||
return um_get_core_page("password-reset");
|
||||
if ( um_is_core_page( 'login' ) ) {
|
||||
return um_get_core_page( 'password-reset' );
|
||||
}
|
||||
|
||||
return $lostpassword_url;
|
||||
}
|
||||
add_filter( 'lostpassword_url', 'um_lostpassword_url', 10, 1 );
|
||||
|
||||
add_filter( 'lostpassword_url', 'um_lostpassword_url', 10, 1 );
|
||||
@@ -145,6 +145,12 @@ The plugin works with popular caching plugins by automatically excluding Ultimat
|
||||
* To learn more about version 2.1 please see this [topic](https://wordpress.org/support/topic/version-2-1-4/)
|
||||
* UM2.1+ is a significant update to the Member Directories' code base from 2.0.x. Please make sure you take a full-site backup with restore point before updating the plugin
|
||||
|
||||
= 2.1.6: June 1, 2020 =
|
||||
|
||||
* Bugfixes:
|
||||
|
||||
- Fixed wp-login.php and UM login form validation/errors triggers when using email for login
|
||||
|
||||
= 2.1.5: April 2, 2020 =
|
||||
|
||||
* Enhancements:
|
||||
|
||||
Reference in New Issue
Block a user