mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-06-05 15:09:37 +09:00
- fixed CVE ID: CVE-2024-8519
- WPCS;
This commit is contained in:
Mykyta Synelnikov
@@ -392,21 +392,18 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
|
||||
return $classes;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Logged-in only content
|
||||
*
|
||||
* @param array $args
|
||||
* @param array $args
|
||||
* @param string $content
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
function um_loggedin( $args = array(), $content = "" ) {
|
||||
ob_start();
|
||||
|
||||
public function um_loggedin( $args = array(), $content = '' ) {
|
||||
$args = shortcode_atts(
|
||||
array(
|
||||
'lock_text' => __( 'This content has been restricted to logged in users only. Please <a href="{login_referrer}">login</a> to view this content.', 'ultimate-member' ),
|
||||
'lock_text' => __( 'This content has been restricted to logged-in users only. Please <a href="{login_referrer}">login</a> to view this content.', 'ultimate-member' ),
|
||||
'show_lock' => 'yes',
|
||||
),
|
||||
$args,
|
||||
@@ -414,50 +411,32 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
|
||||
);
|
||||
|
||||
if ( ! is_user_logged_in() ) {
|
||||
// Hide content for not logged-in users. Maybe display locked content notice.
|
||||
if ( 'no' === $args['show_lock'] ) {
|
||||
echo '';
|
||||
} else {
|
||||
$args['lock_text'] = $this->convert_locker_tags( $args['lock_text'] );
|
||||
UM()->get_template( 'login-to-view.php', '', $args, true );
|
||||
}
|
||||
} else {
|
||||
if ( version_compare( get_bloginfo('version'),'5.4', '<' ) ) {
|
||||
echo do_shortcode( $this->convert_locker_tags( wpautop( $content ) ) );
|
||||
} else {
|
||||
echo apply_shortcodes( $this->convert_locker_tags( wpautop( $content ) ) );
|
||||
return '';
|
||||
}
|
||||
|
||||
$args['lock_text'] = $this->convert_locker_tags( $args['lock_text'] );
|
||||
return UM()->get_template( 'login-to-view.php', '', $args );
|
||||
}
|
||||
|
||||
$output = ob_get_clean();
|
||||
|
||||
return htmlspecialchars_decode( $output, ENT_NOQUOTES );
|
||||
return apply_shortcodes( $this->convert_locker_tags( wpautop( $content ) ) );
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Logged-out only content
|
||||
*
|
||||
* @param array $args
|
||||
* @param array $args
|
||||
* @param string $content
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
function um_loggedout( $args = array(), $content = '' ) {
|
||||
ob_start();
|
||||
|
||||
// Hide for logged in users
|
||||
public function um_loggedout( $args = array(), $content = '' ) {
|
||||
if ( is_user_logged_in() ) {
|
||||
echo '';
|
||||
} else {
|
||||
if ( version_compare( get_bloginfo('version'),'5.4', '<' ) ) {
|
||||
echo do_shortcode( wpautop( $content ) );
|
||||
} else {
|
||||
echo apply_shortcodes( wpautop( $content ) );
|
||||
}
|
||||
// Hide for logged-in users
|
||||
return '';
|
||||
}
|
||||
|
||||
$output = ob_get_clean();
|
||||
return $output;
|
||||
return apply_shortcodes( $this->convert_locker_tags( wpautop( $content ) ) );
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -1192,9 +1171,9 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
|
||||
*
|
||||
* @return mixed|string
|
||||
*/
|
||||
function convert_locker_tags( $str ) {
|
||||
add_filter( 'um_template_tags_patterns_hook', array( &$this, 'add_placeholder' ), 10, 1 );
|
||||
add_filter( 'um_template_tags_replaces_hook', array( &$this, 'add_replace_placeholder' ), 10, 1 );
|
||||
public function convert_locker_tags( $str ) {
|
||||
add_filter( 'um_template_tags_patterns_hook', array( &$this, 'add_placeholder' ) );
|
||||
add_filter( 'um_template_tags_replaces_hook', array( &$this, 'add_replace_placeholder' ) );
|
||||
return um_convert_tags( $str, array(), false );
|
||||
}
|
||||
|
||||
@@ -1319,18 +1298,22 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
|
||||
* @param string $content
|
||||
* @return string
|
||||
*/
|
||||
function um_shortcode_show_content_for_role( $atts = array() , $content = '' ) {
|
||||
public function um_shortcode_show_content_for_role( $atts = array(), $content = '' ) {
|
||||
global $user_ID;
|
||||
|
||||
if ( ! is_user_logged_in() ) {
|
||||
return;
|
||||
return '';
|
||||
}
|
||||
|
||||
$a = shortcode_atts( array(
|
||||
'roles' => '',
|
||||
'not' => '',
|
||||
'is_profile' => false,
|
||||
), $atts );
|
||||
$a = shortcode_atts(
|
||||
array(
|
||||
'roles' => '',
|
||||
'not' => '',
|
||||
'is_profile' => false,
|
||||
),
|
||||
$atts,
|
||||
'um_show_content'
|
||||
);
|
||||
|
||||
if ( $a['is_profile'] ) {
|
||||
um_fetch_user( um_profile_id() );
|
||||
@@ -1341,39 +1324,26 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
|
||||
$current_user_roles = um_user( 'roles' );
|
||||
|
||||
if ( ! empty( $a['not'] ) && ! empty( $a['roles'] ) ) {
|
||||
if ( version_compare( get_bloginfo('version'),'5.4', '<' ) ) {
|
||||
return do_shortcode( $this->convert_locker_tags( $content ) );
|
||||
} else {
|
||||
return apply_shortcodes( $this->convert_locker_tags( $content ) );
|
||||
}
|
||||
return apply_shortcodes( $this->convert_locker_tags( $content ) );
|
||||
}
|
||||
|
||||
if ( ! empty( $a['not'] ) ) {
|
||||
$not_in_roles = explode( ",", $a['not'] );
|
||||
$not_in_roles = explode( ',', $a['not'] );
|
||||
|
||||
if ( is_array( $not_in_roles ) && ( empty( $current_user_roles ) || count( array_intersect( $current_user_roles, $not_in_roles ) ) <= 0 ) ) {
|
||||
if ( version_compare( get_bloginfo('version'),'5.4', '<' ) ) {
|
||||
return do_shortcode( $this->convert_locker_tags( $content ) );
|
||||
} else {
|
||||
return apply_shortcodes( $this->convert_locker_tags( $content ) );
|
||||
}
|
||||
return apply_shortcodes( $this->convert_locker_tags( $content ) );
|
||||
}
|
||||
} else {
|
||||
$roles = explode( ",", $a['roles'] );
|
||||
$roles = explode( ',', $a['roles'] );
|
||||
|
||||
if ( ! empty( $current_user_roles ) && is_array( $roles ) && count( array_intersect( $current_user_roles, $roles ) ) > 0 ) {
|
||||
if ( version_compare( get_bloginfo('version'),'5.4', '<' ) ) {
|
||||
return do_shortcode( $this->convert_locker_tags( $content ) );
|
||||
} else {
|
||||
return apply_shortcodes( $this->convert_locker_tags( $content ) );
|
||||
}
|
||||
return apply_shortcodes( $this->convert_locker_tags( $content ) );
|
||||
}
|
||||
}
|
||||
|
||||
return '';
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param array $args
|
||||
* @param string $content
|
||||
@@ -1426,36 +1396,36 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
|
||||
|
||||
$search_value = array_values( $query );
|
||||
|
||||
$template = UM()->get_template( 'searchform.php', '', array( 'query' => $query, 'search_value' => $search_value[0], 'members_page' => um_get_core_page( 'members' ) ) );
|
||||
|
||||
return $template;
|
||||
$t_args = array(
|
||||
'query' => $query,
|
||||
'search_value' => $search_value[0],
|
||||
'members_page' => um_get_core_page( 'members' ),
|
||||
);
|
||||
return UM()->get_template( 'searchform.php', '', $t_args );
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* UM Placeholders for login referrer
|
||||
*
|
||||
* @param $placeholders
|
||||
* @param array $placeholders
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
function add_placeholder( $placeholders ) {
|
||||
public function add_placeholder( $placeholders ) {
|
||||
$placeholders[] = '{login_referrer}';
|
||||
return $placeholders;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* UM Replace Placeholders for login referrer
|
||||
*
|
||||
* @param $replace_placeholders
|
||||
* @param array $replace_placeholders
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
function add_replace_placeholder( $replace_placeholders ) {
|
||||
public function add_replace_placeholder( $replace_placeholders ) {
|
||||
$replace_placeholders[] = um_dynamic_login_page_redirect();
|
||||
return $replace_placeholders;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user