10h30/ultimatemember
1
0
Fork 0
mirror of https://github.com/10h30/ultimatemember.git synced 2026-06-05 15:09:37 +09:00
Code Issues Packages Projects Releases Wiki Activity

- removed Secure admin notice;

Browse Source 
- changed Secure to Security;
This commit is contained in:
Mykyta Synelnikov
2024-02-14 15:23:03 +02:00
parent 53bde16d12
commit 457c66791b
7 changed files with 9 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files
assets/js/admin/secure.js → assets/js/admin/security.js
View File
assets/js/admin/secure.min.js → assets/js/admin/security.min.js
Vendored
View File
includes/admin/class-enqueue.php
+2 -2
View File
@@ -584,8 +584,8 @@ final class Enqueue extends \um\common\Enqueue {
wp_enqueue_style( 'um_admin_roles' );
} elseif ( 'ultimate-member_page_um_options' === $hook ) {
// phpcs:ignore WordPress.Security.NonceVerification
if ( isset( $_GET['tab'], $_GET['section'] ) && 'advanced' === $_GET['tab'] && 'secure' === $_GET['section'] ) {
wp_register_script( 'um_admin_secure', $js_url . 'admin/secure' . $suffix . '.js', array( 'jquery', 'wp-i18n' ), UM_VERSION, true );
if ( isset( $_GET['tab'], $_GET['section'] ) && 'advanced' === $_GET['tab'] && 'security' === $_GET['section'] ) {
wp_register_script( 'um_admin_secure', $js_url . 'admin/security' . $suffix . '.js', array( 'jquery', 'wp-i18n' ), UM_VERSION, true );
wp_set_script_translations( 'um_admin_secure', 'ultimate-member' );
wp_enqueue_script( 'um_admin_secure' );
}
includes/admin/class-secure.php
+2 -7
View File
@@ -90,11 +90,6 @@ if ( ! class_exists( 'um\admin\Secure' ) ) {
*/
public function admin_init() {
global $wpdb;
// Dismiss admin notice after the first visit to Secure settings page.
if ( isset( $_REQUEST['page'], $_REQUEST['tab'], $_REQUEST['section'] ) && 'um_options' === sanitize_key( $_REQUEST['page'] ) && 'advanced' === sanitize_key( $_REQUEST['tab'] ) && 'secure' === sanitize_key( $_REQUEST['section'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification
UM()->admin()->notices()->dismiss( 'secure_settings' );
}
if ( isset( $_REQUEST['um_secure_expire_all_sessions'] ) && ! wp_doing_ajax() ) {
if ( ! wp_verify_nonce( $_REQUEST['_wpnonce'], 'um-secure-expire-session-nonce' ) || ! current_user_can( 'manage_options' ) ) {
// This nonce is not valid or current logged-in user has no administrative rights.
@@ -300,8 +295,8 @@ if ( ! class_exists( 'um\admin\Secure' ) ) {
)
);
$settings['advanced']['sections']['secure'] = array(
'title' => __( 'Secure', 'ultimate-member' ),
$settings['advanced']['sections']['security'] = array(
'title' => __( 'Security', 'ultimate-member' ),
'description' => __( 'This feature scans for suspicious registered accounts, bans the usage of administrative capabilities to site subscribers/members, allows the website administrators to force all users to reset their passwords, preventing users from logging-in using their old passwords that may have been exposed.', 'ultimate-member' ),
'fields' => $secure_fields,
);
includes/admin/core/class-admin-notices.php
+3 -39
View File
@@ -31,8 +31,6 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
add_action( 'wp_ajax_um_dismiss_notice', array( &$this, 'dismiss_notice' ) );
add_action( 'admin_init', array( &$this, 'force_dismiss_notice' ) );
add_action( 'current_screen', array( &$this, 'create_list_for_screen' ) );
}
/**
@@ -82,13 +80,6 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
do_action( 'um_admin_create_notices' );
}
public function create_list_for_screen() {
if ( UM()->admin()->screen()->is_own_screen() ) {
$this->secure_settings();
}
}
/**
* @return array
*/
@@ -838,39 +829,12 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
}
}
/**
* First time installed Secure settings.
*/
public function secure_settings() {
ob_start();
?>
<p>
<strong><?php esc_html_e( 'Important Update', 'ultimate-member' ); ?></strong><br/>
<?php esc_html_e( 'Ultimate Member has a new additional feature to secure your Ultimate Member forms to prevent attacks from injecting accounts with administrative roles &amp; capabilities.', 'ultimate-member' ); ?>
</p>
<p>
<a class="button button-primary" href="<?php echo esc_attr( admin_url( 'admin.php?page=um_options&tab=advanced&section=secure&um_dismiss_notice=secure_settings&um_admin_nonce=' . wp_create_nonce( 'um-admin-nonce' ) ) ); ?>"><?php esc_html_e( 'Manage Security Settings', 'ultimate-member' ); ?></a>
<a class="button" target="_blank" href="https://docs.ultimatemember.com/article/1869-security-feature"><?php esc_html_e( 'Read the documentation', 'ultimate-member' ); ?></a>
</p>
<?php
$message = ob_get_clean();
$this->add_notice(
'secure_settings',
array(
'class' => 'warning',
'message' => $message,
'dismissible' => true,
),
1
);
}
public function common_secure() {
if ( UM()->options()->get( 'lock_register_forms' ) ) {
ob_start();
?>
<p>
<?php esc_html_e( 'Your Register forms are now locked. You can unlock them in Ultimate Member > Settings > Secure > Lock All Register Forms.', 'ultimate-member' ); ?>
<?php esc_html_e( 'Your Register forms are now locked. You can unlock them in Ultimate Member > Settings > Advanced > Security > Lock All Register Forms.', 'ultimate-member' ); ?>
</p>
<?php
$message = ob_get_clean();
@@ -889,7 +853,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
ob_start();
?>
<p>
<?php esc_html_e( 'Mandatory password changes has been enabled. You can disable them in Ultimate Member > Settings > Secure > Display Login form notice to reset passwords.', 'ultimate-member' ); ?>
<?php esc_html_e( 'Mandatory password changes has been enabled. You can disable them in Ultimate Member > Settings > Advanced > Security > Display Login form notice to reset passwords.', 'ultimate-member' ); ?>
</p>
<?php
$message = ob_get_clean();
@@ -908,7 +872,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Notices' ) ) {
ob_start();
?>
<p>
<?php esc_html_e( 'Ban for administrative capabilities is enabled. You can disable them in Ultimate Member > Settings > Secure > Enable ban for administrative capabilities.', 'ultimate-member' ); ?>
<?php esc_html_e( 'Ban for administrative capabilities is enabled. You can disable them in Ultimate Member > Settings > Advanced > Security > Enable ban for administrative capabilities.', 'ultimate-member' ); ?>
</p>
<?php
$message = ob_get_clean();
includes/ajax/class-secure.php
+1 -1
View File
@@ -285,7 +285,7 @@ class Secure {
$lock_register_forms_url = admin_url( 'admin.php?page=um_options&tab=advanced&section=secure&um_secure_lock_register_forms=1&_wpnonce=' . wp_create_nonce( 'um_secure_lock_register_forms' ) );
$content .= $br . esc_html__( '1. Please temporarily lock all your active Register forms.', 'ultimate-member' );
$content .= ' <a href="' . esc_attr( $lock_register_forms_url ) . '" target="_blank">' . esc_html__( 'Click here to lock them now.', 'ultimate-member' ) . '</a>';
$content .= ' ' . esc_html__( 'You can unblock the Register forms later. Just go to Ultimate Member > Settings > Secure > uncheck the option "Lock All Register Forms".', 'ultimate-member' );
$content .= ' ' . esc_html__( 'You can unblock the Register forms later. Just go to Ultimate Member > Settings > Advanced > Security and uncheck the option "Lock All Register Forms".', 'ultimate-member' );
$content .= $br . $br;
$suspicious_accounts_url = admin_url( 'users.php?um_status=inactive' );
includes/class-config.php
+1 -1
View File
@@ -507,7 +507,7 @@ if ( ! class_exists( 'um\Config' ) ) {
),
'suspicious-activity' => array(
'key' => 'suspicious-activity',
'title' => __( 'Secure: Suspicious Account Activity', 'ultimate-member' ),
'title' => __( 'Security: Suspicious Account Activity', 'ultimate-member' ),
'subject' => __( '[{site_name}] Suspicious Account Activity', 'ultimate-member' ),
'body' => 'This is to inform you that there are suspicious activities with the following accounts: {user_profile_link}',
'description' => __( 'Whether to receive notification when suspicious account activity is detected.', 'ultimate-member' ),