From 37354a5eae2ffe4d9be5ddadc8be04eb462072a8 Mon Sep 17 00:00:00 2001 From: champsupertramp Date: Tue, 6 Sep 2016 20:14:12 +0800 Subject: [PATCH] Fix role validation on registration process --- core/um-form.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/core/um-form.php b/core/um-form.php index 48f4387d..2c7d29e6 100644 --- a/core/um-form.php +++ b/core/um-form.php @@ -117,11 +117,20 @@ class UM_Form { && $secure_form_post ){ // Secure selected role $custom_field_roles = $this->custom_field_roles( $this->form_data['custom_fields'] ); + + $role = $_POST['role']; - if ( isset( $custom_field_roles ) && ! in_array( $_POST['role'] ,$custom_field_roles ) ) { + if( is_array( $_POST['role'] ) ){ + $role = current( $_POST['role'] ); + } + + if ( isset( $custom_field_roles ) && ! in_array( $role , $custom_field_roles ) ) { wp_die( __( 'This is not possible for security reasons.','ultimatemember') ); } + $this->post_form['role'] = $role; + $this->post_form['submitted']['role'] = $role; + }else{ $role = $this->assigned_role( $this->form_id ); $this->post_form['role'] = $role;