From 42e95c084ab7597556b3dbd86400ca1cd72cdeba Mon Sep 17 00:00:00 2001
From: champsupertramp <heychampsupertramp@gmail.com>
Date: Thu, 21 Apr 2016 20:05:23 +0800
Subject: [PATCH] Add reset password limit options

---
 core/um-actions-password.php | 21 +++++++++++++++++----
 um-config.php                | 30 ++++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+), 4 deletions(-)

diff --git a/core/um-actions-password.php b/core/um-actions-password.php
index f2cf8723..66c289d1 100644
--- a/core/um-actions-password.php
+++ b/core/um-actions-password.php
@@ -108,16 +108,29 @@
 		if ( ( !is_email( $user ) && !username_exists( $user ) ) || ( is_email( $user ) && !email_exists( $user ) ) ) {
 			$ultimatemember->form->add_error('username_b', __('We can\'t find an account registered with that address or username','ultimatemember') );
 		} else {
+
 			if ( is_email( $user ) ) {
 				$user_id = email_exists( $user );
 			} else {
 				$user_id = username_exists( $user );
 			}
+
 			$attempts = (int)get_user_meta( $user_id, 'password_rst_attempts', true );
-			if ( $attempts >= 3 ) {
-				$ultimatemember->form->add_error('username_b', __('You have reached the limit for requesting password change for this user already. Contact support if you cannot open the email','ultimatemember') );
-			} else {
-				update_user_meta( $user_id, 'password_rst_attempts', $attempts + 1 );
+			$is_admin = user_can( intval( $user_id ),'manage_options' );
+
+			if( um_get_option('enable_reset_password_limit') ){ // if reset password limit is set
+
+				if(  um_get_option('disable_admin_reset_password_limit') &&  $is_admin ){
+					// Triggers this when a user has admin capabilities and when reset password limit is disabled for admins
+				}else{
+					$limit = um_get_option('reset_password_limit_number');
+					if ( $attempts >= $limit ) {
+						$ultimatemember->form->add_error('username_b', __('You have reached the limit for requesting password change for this user already. Contact support if you cannot open the email','ultimatemember') );
+					} else {
+						update_user_meta( $user_id, 'password_rst_attempts', $attempts + 1 );
+					}
+				}
+
 			}
 		}
 
diff --git a/um-config.php b/um-config.php
index 8b37ffde..7051857e 100644
--- a/um-config.php
+++ b/um-config.php
@@ -476,6 +476,36 @@ $this->sections[] = array(
 				'off'			=> __('No','ultimatemember'),
         ),
 
+        array(
+                'id'       		=> 'enable_reset_password_limit',
+                'type'     		=> 'switch',
+                'title'   		=> __( 'Enable the Reset Password Limit?','ultimatemember' ),
+				'default' 		=> 1,
+				'on'			=> __('Yes','ultimatemember'),
+				'off'			=> __('No','ultimatemember'),
+        ),
+
+		array(
+                'id'       		=> 'reset_password_limit_number',
+                'type'     		=> 'text',
+                'title'   		=> __( 'Reset Password Limit','ultimatemember' ),
+				'desc' 	   		=> __('Set the maximum reset password limit. If reached the maximum limit, user will be locked from using this.','ultimatemember'),
+				'default'		=> 3,
+				'validate'		=> 'numeric',
+				'required'		=> array('enable_reset_password_limit','=',1),
+			
+        ),
+
+        array(
+                'id'       		=> 'disable_admin_reset_password_limit',
+                'type'     		=> 'switch',
+                'title'   		=> __( 'Disable the Reset Password Limit for Admins only?','ultimatemember' ),
+				'default' 		=> 0,
+				'on'			=> __('Yes','ultimatemember'),
+				'off'			=> __('No','ultimatemember'),
+				'required'		=> array('enable_reset_password_limit','=',1),
+        ),
+
         array(
 				'id'       		=> 'wpadmin_allow_ips',
                 'type'     		=> 'textarea',