10h30/ultimatemember
1
0
Fork 0
mirror of https://github.com/10h30/ultimatemember.git synced 2026-06-05 15:09:37 +09:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1219 from ultimatemember/fix/remove_extract_frontend

Browse Source 
Remove extract() frontend
This commit is contained in:
Mykyta Synelnikov
2023-06-28 21:41:00 +03:00
committed by GitHub
parent fc07de48b7 3e35529c8d
commit 78a1a32530
22 changed files with 2002 additions and 2635 deletions
Download Patch File Download Diff File Expand all files Collapse all files
assets/dynamic_css/dynamic-directory.php
+38
View File
@@ -0,0 +1,38 @@
<?php
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
if ( empty( $args['css_profile_card_bg'] ) && empty( $args['css_card_thickness'] ) &&
empty( $args['css_profile_card_text'] ) && empty( $args['css_card_bordercolor'] ) &&
empty( $args['css_img_bordercolor'] ) ) {
return;
}
?>
<style>
<?php if ( ! empty( $args['css_profile_card_bg'] ) ) { ?>
.um-<?php echo esc_attr( $args['form_id'] ); ?> .um-member {
background: <?php echo esc_attr( $args['css_profile_card_bg'] ); ?>;
}
<?php } ?>
<?php if ( ! empty( $args['css_card_thickness'] ) ) { ?>
.um-<?php echo esc_attr( $args['form_id'] ); ?> .um-member {
border-width: <?php echo esc_attr( $args['css_card_thickness'] ); ?>;
}
<?php } ?>
<?php if ( ! empty( $args['css_profile_card_text'] ) ) { ?>
.um-<?php echo esc_attr( $args['form_id'] ); ?> .um-member-card * {
color: <?php echo esc_attr( $args['css_profile_card_text'] ); ?>;
}
<?php } ?>
<?php if ( ! empty( $args['css_card_bordercolor'] ) ) { ?>
.um-<?php echo esc_attr( $args['form_id'] ); ?> .um-member {
border-color: <?php echo esc_attr( $args['css_card_bordercolor'] ); ?>;
}
<?php } ?>
<?php if ( ! empty( $args['css_img_bordercolor'] ) ) { ?>
.um-<?php echo esc_attr( $args['form_id'] ); ?> .um-member-photo img {
border-color: <?php echo esc_attr( $args['css_img_bordercolor'] ); ?>;
}
<?php } ?>
</style>
assets/dynamic_css/dynamic-global.php
+21
View File
@@ -0,0 +1,21 @@
<?php
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
if ( ! isset( $args['max_width'] ) && ! isset( $args['align'] ) ) {
return;
}
?>
<style>
<?php if ( isset( $args['max_width'] ) && $args['max_width'] ) { ?>
.um-<?php echo esc_attr( $args['form_id'] ); ?>.um {
max-width: <?php echo esc_attr( $args['max_width'] ); ?>;
}
<?php } ?>
<?php if ( isset( $args['align'] ) && in_array( $args['align'], array( 'left', 'right' ), true ) ) { ?>
.um-<?php echo esc_attr( $args['form_id'] ); ?>.um {
margin-<?php echo esc_attr( $args['align'] ); ?>: 0px !important;
}
<?php } ?>
</style>
assets/dynamic_css/dynamic-profile.php
+37
View File
@@ -0,0 +1,37 @@
<?php
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
if ( ! isset( $args['photosize'] ) || 'original' === $args['photosize'] ) {
$args['photosize'] = um_get_metadefault( 'profile_photosize' ); // Cannot be more than metadefault value.
}
$args['photosize'] = absint( $args['photosize'] );
$photosize_up = ( $args['photosize'] / 2 ) + 10;
$meta_padding = ( $args['photosize'] + 60 ) . 'px';
?>
<style>
<?php if ( ! empty( $args['area_max_width'] ) ) { ?>
.um-<?php echo esc_attr( $args['form_id'] ); ?>.um .um-profile-body {
max-width: <?php echo esc_attr( $args['area_max_width'] ); ?>;
}
<?php } ?>
.um-<?php echo esc_attr( $args['form_id'] ); ?>.um .um-profile-photo a.um-profile-photo-img {
width: <?php echo esc_attr( $args['photosize'] ); ?>px;
height: <?php echo esc_attr( $args['photosize'] ); ?>px;
}
.um-<?php echo esc_attr( $args['form_id'] ); ?>.um .um-profile-photo a.um-profile-photo-img {
top: -<?php echo esc_attr( $photosize_up ); ?>px;
}
<?php if ( is_rtl() ) { ?>
.um-<?php echo esc_attr( $args['form_id'] ); ?>.um .um-profile-meta {
padding-right: <?php echo esc_attr( $meta_padding ); ?>;
}
<?php } else { ?>
.um-<?php echo esc_attr( $args['form_id'] ); ?>.um .um-profile-meta {
padding-left: <?php echo esc_attr( $meta_padding ); ?>;
}
<?php } ?>
</style>
assets/dynamic_css/dynamic_directory.php
-45
View File
@@ -1,45 +0,0 @@
<style type="text/css">
<?php
if ( isset( $css_profile_card_bg ) && ! empty( $css_profile_card_bg ) ) {
print ".um-$form_id .um-member {
background: $css_profile_card_bg;
}";
}
if ( isset( $css_card_thickness ) && ! empty( $css_card_thickness ) ) {
print ".um-$form_id .um-member {
border-width: $css_card_thickness;
}";
}
if ( isset( $css_profile_card_text ) && ! empty( $css_profile_card_text ) ) {
print ".um-$form_id .um-member-card * {
color: $css_profile_card_text;
}";
}
if ( isset( $css_card_bordercolor ) && ! empty( $css_card_bordercolor ) ) {
print ".um-$form_id .um-member {
border-color: $css_card_bordercolor;
}";
}
if ( isset( $css_img_bordercolor ) && ! empty( $css_img_bordercolor ) ) {
print ".um-$form_id .um-member-photo img {
border-color: $css_img_bordercolor;
}";
}
?>
</style>
assets/dynamic_css/dynamic_global.php
-17
View File
@@ -1,17 +0,0 @@
<style type="text/css">
<?php
if ( isset( $max_width ) && $max_width ) {
print ".um-$form_id.um {
max-width: {$max_width};
}";
}
if ( isset( $align ) && in_array( $align, array( 'left', 'right' ) ) ) {
print ".um-$form_id.um {
margin-$align: 0px !important;
}";
}
?>
</style>
assets/dynamic_css/dynamic_profile.php
-49
View File
@@ -1,49 +0,0 @@
<?php if ( ! defined( 'ABSPATH' ) ) exit; ?>
<style type="text/css">
<?php if ( ! $photosize || $photosize == 'original' ) {
//cannot be more than metadefault value
$photosize = um_get_metadefault( 'profile_photosize' );
}
$photosize = filter_var( $photosize, FILTER_SANITIZE_NUMBER_INT );
$photosize_up = ( $photosize / 2 ) + 10;
$meta_padding = ( $photosize + 60 ) . 'px';
if ( $area_max_width ) {
print "
.um-$form_id.um .um-profile-body {
max-width: $area_max_width;
}
";
}
print "
.um-$form_id.um .um-profile-photo a.um-profile-photo-img {
width: ".$photosize."px;
height: ".$photosize."px;
}
";
print "
.um-$form_id.um .um-profile-photo a.um-profile-photo-img {
top: -".$photosize_up."px;
}
";
if ( is_rtl() ) {
print "
.um-$form_id.um .um-profile-meta {
padding-right: $meta_padding;
}
";
} else {
print "
.um-$form_id.um .um-profile-meta {
padding-left: $meta_padding;
}
";
}
?>
</style>
includes/class-functions.php
+13 -5
View File
@@ -171,14 +171,23 @@ if ( ! class_exists( 'UM_Functions' ) ) {
*
* @return string|void
*/
function get_template( $template_name, $basename = '', $t_args = array(), $echo = false ) {
public function get_template( $template_name, $basename = '', $t_args = array(), $echo = false ) {
if ( ! empty( $t_args ) && is_array( $t_args ) ) {
extract( $t_args );
/*
* This use of extract() cannot be removed. There are many possible ways that
* templates could depend on variables that it creates existing, and no way to
* detect and deprecate it.
*
* Passing the EXTR_SKIP flag is the safest option, ensuring globals and
* function variables cannot be overwritten.
*/
// phpcs:ignore WordPress.PHP.DontExtract.extract_extract
extract( $t_args, EXTR_SKIP );
}
$path = '';
if ( $basename ) {
// use '/' instead of "DIRECTORY_SEPARATOR", because wp_normalize_path makes the correct replace
// use '/' instead of "DIRECTORY_SEPARATOR", because wp_normalize_path makes the correct replacement
$array = explode( '/', wp_normalize_path( trim( $basename ) ) );
$path = $array[0];
}
@@ -189,7 +198,6 @@ if ( ! class_exists( 'UM_Functions' ) ) {
return;
}
/**
* UM hook
*
@@ -240,7 +248,7 @@ if ( ! class_exists( 'UM_Functions' ) ) {
* ?>
*/
do_action( 'um_before_template_part', $template_name, $path, $located, $t_args );
include( $located );
include $located;
/**
* UM hook
includes/core/class-account.php
+3 -58
View File
@@ -245,69 +245,14 @@ if ( ! class_exists( 'um\core\Account' ) ) {
$this->current_tab = apply_filters( 'um_change_default_tab', $this->current_tab, $args );
/**
* UM hook
*
* @type action
* @title um_pre_{$mode}_shortcode
* @description Make some action before account tabs loading
* @input_vars
* [{"var":"$args","type":"array","desc":"Account Page Arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_pre_{$mode}_shortcode', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_pre_{$mode}_shortcode', 'my_pre_account_shortcode', 10, 1 );
* function my_pre_account_shortcode( $args ) {
* // your code here
* }
* ?>
*/
/** This filter is documented in includes/core/class-shortcodes.php */
do_action( "um_pre_{$args['mode']}_shortcode", $args );
/**
* UM hook
*
* @type action
* @title um_before_form_is_loaded
* @description Make some action before account tabs loading
* @input_vars
* [{"var":"$args","type":"array","desc":"Account Page Arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_before_form_is_loaded', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_before_form_is_loaded', 'my_before_form_is_loaded', 10, 1 );
* function my_before_form_is_loaded( $args ) {
* // your code here
* }
* ?>
*/
/** This filter is documented in includes/core/class-shortcodes.php */
do_action( 'um_before_form_is_loaded', $args );
/**
* UM hook
*
* @type action
* @title um_before_{$mode}_form_is_loaded
* @description Make some action before account tabs loading
* @input_vars
* [{"var":"$args","type":"array","desc":"Account Page Arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_before_{$mode}_form_is_loaded', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_before_{$mode}_form_is_loaded', 'my_before_account_form_is_loaded', 10, 1 );
* function my_before_account_form_is_loaded( $args ) {
* // your code here
* }
* ?>
*/
/** This filter is documented in includes/core/class-shortcodes.php */
do_action( "um_before_{$args['mode']}_form_is_loaded", $args );
UM()->shortcodes()->template_load( $args['template'], $args );
}
if ( ! is_admin() && ! defined( 'DOING_AJAX' ) ) {
includes/core/class-fields.php
+946 -1159
View File
File diff suppressed because it is too large Load Diff
includes/core/class-files.php
+16 -23
View File
@@ -1,12 +1,12 @@
<?php
namespace um\core;
// Exit if accessed directly
if ( ! defined( 'ABSPATH' ) ) exit;
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
if ( ! class_exists( 'um\core\Files' ) ) {
/**
* Class Files
* @package um\core
@@ -313,57 +313,50 @@ if ( ! class_exists( 'um\core\Files' ) ) {
}
}
/**
* Resize image AJAX handler
*/
function ajax_resize_image() {
public function ajax_resize_image() {
UM()->check_ajax_nonce();
/**
* @var $key
* @var $src
* @var $coord
* @var $user_id
*/
extract( $_REQUEST );
if ( ! isset( $src ) || ! isset( $coord ) ) {
// phpcs:disable WordPress.Security.NonceVerification -- verified by the `check_ajax_nonce()`
if ( ! isset( $_REQUEST['src'], $_REQUEST['coord'], $_REQUEST['key'] ) ) {
wp_send_json_error( esc_js( __( 'Invalid parameters', 'ultimate-member' ) ) );
}
$coord_n = substr_count( $coord, "," );
if ( $coord_n != 3 ) {
$coord_n = substr_count( $_REQUEST['coord'], ',' );
if ( 3 !== $coord_n ) {
wp_send_json_error( esc_js( __( 'Invalid coordinates', 'ultimate-member' ) ) );
}
$key = sanitize_text_field( $_REQUEST['key'] );
$coord = sanitize_text_field( $_REQUEST['coord'] );
$user_id = empty( $_REQUEST['user_id'] ) ? get_current_user_id() : absint( $_REQUEST['user_id'] );
UM()->fields()->set_id = isset( $_POST['set_id'] ) ? absint( $_POST['set_id'] ) : null;
UM()->fields()->set_mode = isset( $_POST['set_mode'] ) ? sanitize_text_field( $_POST['set_mode'] ) : null;
if ( UM()->fields()->set_mode != 'register' && ! UM()->roles()->um_current_user_can( 'edit', $user_id ) ) {
if ( 'register' !== UM()->fields()->set_mode && ! UM()->roles()->um_current_user_can( 'edit', $user_id ) ) {
$ret['error'] = esc_js( __( 'You have no permission to edit this user', 'ultimate-member' ) );
wp_send_json_error( $ret );
}
$src = esc_url_raw( $src );
$src = esc_url_raw( $_REQUEST['src'] );
$image_path = um_is_file_owner( $src, $user_id, true );
if ( ! $image_path ) {
wp_send_json_error( esc_js( __( 'Invalid file ownership', 'ultimate-member' ) ) );
}
UM()->uploader()->replace_upload_dir = true;
$output = UM()->uploader()->resize_image( $image_path, $src, sanitize_text_field( $key ), $user_id, sanitize_text_field( $coord ) );
$output = UM()->uploader()->resize_image( $image_path, $src, $key, $user_id, $coord );
UM()->uploader()->replace_upload_dir = false;
delete_option( "um_cache_userdata_{$user_id}" );
// phpcs:enable WordPress.Security.NonceVerification -- verified by the `check_ajax_nonce()`
wp_send_json_success( $output );
}
/**
* Image upload by AJAX
*
includes/core/class-form.php
+27 -44
View File
@@ -63,58 +63,43 @@ if ( ! class_exists( 'um\core\Form' ) ) {
add_action( 'init', array( &$this, 'field_declare' ), 10 );
}
/**
*
*/
public function ajax_muted_action() {
UM()->check_ajax_nonce();
// phpcs:disable WordPress.Security.NonceVerification
if ( ! isset( $_REQUEST['hook'] ) ) {
die( esc_html__( 'Invalid hook', 'ultimate-member' ) );
}
if ( isset( $_REQUEST['user_id'] ) ) {
$user_id = absint( $_REQUEST['user_id'] );
}
if ( ! isset( $user_id ) || ! UM()->roles()->um_current_user_can( 'edit', $user_id ) ) {
die( esc_html__( 'You can not edit this user.', 'ultimate-member' ) );
}
$hook = sanitize_key( $_REQUEST['hook'] );
/**
* @var $user_id
* @var $hook
* Fires on AJAX muted action.
*
* @since 1.3.x
* @hook um_run_ajax_function__{$hook}
*
* @param {array} $request Request.
*
* @example <caption>Make any custom action on AJAX muted action.</caption>
* function my_run_ajax_function( $request ) {
* // your code here
* }
* add_action( 'um_run_ajax_function__{$hook}', 'my_run_ajax_function', 10, 1 );
*/
extract( $_REQUEST );
if ( isset( $user_id ) ) {
$user_id = absint( $user_id );
}
if ( isset( $hook ) ) {
$hook = sanitize_key( $hook );
}
if ( ! UM()->roles()->um_current_user_can( 'edit', $user_id ) ) {
die( esc_html__( 'You can not edit this user', 'ultimate-member' ) );
}
switch ( $hook ) {
default:
/**
* UM hook
*
* @type action
* @title um_run_ajax_function__{$hook}
* @description Action on AJAX muted action
* @input_vars
* [{"var":"$request","type":"int","desc":"Request"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_run_ajax_function__{$hook}', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_run_ajax_function__{$hook}', 'my_run_ajax_function', 10, 1 );
* function my_run_ajax_function( $request ) {
* // your code here
* }
* ?>
*/
do_action( "um_run_ajax_function__{$hook}", $_REQUEST );
break;
}
do_action( "um_run_ajax_function__{$hook}", $_REQUEST );
// phpcs:enable WordPress.Security.NonceVerification
}
/**
*
*/
@@ -608,11 +593,9 @@ if ( ! class_exists( 'um\core\Form' ) ) {
* ?>
*/
do_action( "um_submit_form_{$this->post_form['mode']}", $this->post_form );
}
}
/**
* Beautify form data
*
includes/core/class-password.php
+37 -98
View File
@@ -33,7 +33,6 @@ if ( ! class_exists( 'um\core\Password' ) ) {
add_action( 'um_change_password_process_hook', array( &$this, 'um_change_password_process_hook' ) );
}
/**
* Get Reset URL
*
@@ -109,7 +108,6 @@ if ( ! class_exists( 'um\core\Password' ) ) {
return $classes;
}
/**
* Shortcode
*
@@ -117,44 +115,41 @@ if ( ! class_exists( 'um\core\Password' ) ) {
*
* @return string
*/
function ultimatemember_password( $args = array() ) {
ob_start();
$defaults = array(
'template' => 'password-reset',
'mode' => 'password',
'form_id' => 'um_password_id',
'max_width' => '450px',
'align' => 'center',
public function ultimatemember_password( $args = array() ) {
/** There is possible to use 'shortcode_atts_ultimatemember_password' filter for getting customized $atts. This filter is documented in wp-includes/shortcodes.php "shortcode_atts_{$shortcode}" */
$args = shortcode_atts(
array(
'template' => 'password-reset',
'mode' => 'password',
'form_id' => 'um_password_id',
'max_width' => '450px',
'align' => 'center',
),
$args,
'ultimatemember_password'
);
$args = wp_parse_args( $args, $defaults );
if ( empty( $args['use_custom_settings'] ) ) {
$args = array_merge( $args, UM()->shortcodes()->get_css_args( $args ) );
} else {
$args = array_merge( UM()->shortcodes()->get_css_args( $args ), $args );
}
/**
* UM hook
* Filters extend Reset Password Arguments
*
* @type filter
* @title um_reset_password_shortcode_args_filter
* @description Extend Reset Password Arguments
* @input_vars
* [{"var":"$args","type":"array","desc":"Shortcode arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_reset_password_shortcode_args_filter', 'function_name', 10, 1 ); ?>
* @example
* <?php
* add_filter( 'um_reset_password_shortcode_args_filter', 'my_reset_password_shortcode_args', 10, 1 );
* @since 1.3.x
* @hook um_reset_password_shortcode_args_filter
*
* @param {array} $args Shortcode arguments.
*
* @return {array} Shortcode arguments.
*
* @example <caption>Extend Reset Password Arguments.</caption>
* function my_reset_password_shortcode_args( $args ) {
* // your code here
* return $args;
* }
* ?>
* add_filter( 'um_reset_password_shortcode_args_filter', 'my_reset_password_shortcode_args', 10, 1 );
*/
$args = apply_filters( 'um_reset_password_shortcode_args_filter', $args );
@@ -162,7 +157,7 @@ if ( ! class_exists( 'um\core\Password' ) ) {
// then COOKIE are valid then get data from them and populate hidden fields for the password reset form
$args['template'] = 'password-change';
$args['rp_key'] = '';
$rp_cookie = 'wp-resetpass-' . COOKIEHASH;
$rp_cookie = 'wp-resetpass-' . COOKIEHASH;
if ( isset( $_COOKIE[ $rp_cookie ] ) && 0 < strpos( $_COOKIE[ $rp_cookie ], ':' ) ) {
list( $rp_login, $rp_key ) = explode( ':', wp_unslash( $_COOKIE[ $rp_cookie ] ), 2 );
@@ -171,86 +166,30 @@ if ( ! class_exists( 'um\core\Password' ) ) {
}
}
UM()->fields()->set_id = 'um_password_id';
if ( empty( $args['mode'] ) || empty( $args['template'] ) ) {
return '';
}
/**
* @var $mode
* @var $template
*/
extract( $args, EXTR_SKIP );
UM()->fields()->set_id = $args['form_id'];
/**
* UM hook
*
* @type action
* @title um_pre_{$mode}_shortcode
* @description Action pre-load password form shortcode
* @input_vars
* [{"var":"$args","type":"array","desc":"Form shortcode pre-loading"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_pre_{$mode}_shortcode', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_pre_{$mode}_shortcode', 'my_pre_password_shortcode', 10, 1 );
* function my_pre_password_shortcode( $args ) {
* // your code here
* }
* ?>
*/
do_action( "um_pre_{$mode}_shortcode", $args );
/**
* UM hook
*
* @type action
* @title um_before_form_is_loaded
* @description Action pre-load password form shortcode
* @input_vars
* [{"var":"$args","type":"array","desc":"Form shortcode pre-loading"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_before_form_is_loaded', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_before_form_is_loaded', 'my_before_form_is_loaded', 10, 1 );
* function my_before_form_is_loaded( $args ) {
* // your code here
* }
* ?>
*/
do_action( "um_before_form_is_loaded", $args );
/**
* UM hook
*
* @type action
* @title um_before_{$mode}_form_is_loaded
* @description Action pre-load password form shortcode
* @input_vars
* [{"var":"$args","type":"array","desc":"Form shortcode pre-loading"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_before_{$mode}_form_is_loaded', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_before_{$mode}_form_is_loaded', 'my_before_form_is_loaded', 10, 1 );
* function my_before_form_is_loaded( $args ) {
* // your code here
* }
* ?>
*/
do_action( "um_before_{$mode}_form_is_loaded", $args );
ob_start();
UM()->shortcodes()->template_load( $template, $args );
/** This filter is documented in includes/core/class-shortcodes.php */
do_action( "um_pre_{$args['mode']}_shortcode", $args );
/** This filter is documented in includes/core/class-shortcodes.php */
do_action( 'um_before_form_is_loaded', $args );
/** This filter is documented in includes/core/class-shortcodes.php */
do_action( "um_before_{$args['mode']}_form_is_loaded", $args );
UM()->shortcodes()->template_load( $args['template'], $args );
if ( ! is_admin() && ! defined( 'DOING_AJAX' ) ) {
UM()->shortcodes()->dynamic_css( $args );
}
$output = ob_get_clean();
return $output;
return ob_get_clean();
}
/**
* Check if a legitimate password reset request is in action
*
includes/core/class-query.php
+52 -72
View File
@@ -1,87 +1,78 @@
<?php
namespace um\core;
// Exit if accessed directly.
if ( ! defined( 'ABSPATH' ) ) exit;
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
if ( ! class_exists( 'um\core\Query' ) ) {
/**
* Class Query
* @package um\core
*/
class Query {
/**
* @var array
*/
public $wp_pages = array();
/**
* @var array
*/
public $roles = array();
/**
* Query constructor.
*/
public function __construct() {
}
/**
* Ajax pagination for posts
*/
public function ajax_paginate() {
UM()->check_ajax_nonce();
/**
* @var $hook
* @var $args
*/
extract( $_REQUEST );
// phpcs:disable WordPress.Security.NonceVerification
if ( ! isset( $_REQUEST['hook'] ) ) {
wp_send_json_error( __( 'Invalid hook.', 'ultimate-member' ) );
}
$hook = sanitize_key( $_REQUEST['hook'] );
$args = ! empty( $_REQUEST['args'] ) ? $_REQUEST['args'] : array();
// phpcs:enable WordPress.Security.NonceVerification
ob_start();
/**
* UM hook
* Fires on posts loading by AJAX in User Profile tabs.
*
* @type action
* @title um_ajax_load_posts__{$hook}
* @description Action on posts loading by AJAX
* @input_vars
* [{"var":"$args","type":"array","desc":"Query arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_ajax_load_posts__{$hook}', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_ajax_load_posts__{$hook}', 'my_ajax_load_posts', 10, 1 );
* @since 1.3.x
* @hook um_ajax_load_posts__{$hook}
*
* @param {array} $args Request.
*
* @example <caption>Make any custom action on when posts loading by AJAX in User Profile.</caption>
* function my_ajax_load_posts( $args ) {
* // your code here
* }
* ?>
* add_action( 'um_ajax_load_posts__{$hook}', 'my_ajax_load_posts', 10, 1 );
*/
do_action( "um_ajax_load_posts__{$hook}", $args );
$output = ob_get_clean();
// @todo: investigate using WP_KSES
die( $output );
}
/**
* Get wp pages
*
* @return array|string
*/
function wp_pages() {
public function wp_pages() {
global $wpdb;
if( isset( $this->wp_pages ) && ! empty( $this->wp_pages ) ){
@@ -114,13 +105,12 @@ if ( ! class_exists( 'um\core\Query' ) ) {
return $array;
}
/**
* Get all forms
*
* @return mixed
*/
function forms() {
public function forms() {
$results = array();
$args = array(
@@ -137,65 +127,55 @@ if ( ! class_exists( 'um\core\Query' ) ) {
return $results;
}
/**
* Do custom queries
*
* @param $args
* @param array $args
*
* @return array|bool|int|\WP_Query
*/
function make( $args ) {
public function make( $args ) {
$defaults = array(
'post_type' => 'post',
'post_status' => array('publish')
'post_type' => 'post',
'post_status' => array( 'publish' ),
);
$args = wp_parse_args( $args, $defaults );
$args = wp_parse_args( $args, $defaults );
if ( isset( $args['post__in'] ) && empty( $args['post__in'] ) )
if ( isset( $args['post__in'] ) && empty( $args['post__in'] ) ) {
return false;
}
extract( $args );
if ( $post_type == 'comment' ) { // comments
if ( 'comment' === $args['post_type'] ) {
// Comments query.
unset( $args['post_type'] );
/**
* UM hook
* Filters excluded comment types.
*
* @type filter
* @title um_excluded_comment_types
* @description Extend excluded comment types
* @input_vars
* [{"var":"$types","type":"array","desc":"Comment Types"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_excluded_comment_types', 'function_name', 10, 1 ); ?>
* @example
* <?php
* add_filter( 'um_excluded_comment_types', 'my_excluded_comment_types', 10, 1 );
* function my_profile_active_tab( $types ) {
* @since 1.3.x
* @hook um_excluded_comment_types
*
* @param {array} $types Comment Types.
*
* @return {array} Comment Types.
*
* @example <caption>Extend excluded comment types.</caption>
* function my_excluded_comment_types( $types ) {
* // your code here
* return $types;
* }
* ?>
* add_filter( 'um_excluded_comment_types', 'my_excluded_comment_types' );
*/
$args['type__not_in'] = apply_filters( 'um_excluded_comment_types', array('') );
$args['type__not_in'] = apply_filters( 'um_excluded_comment_types', array( '' ) );
$comments = get_comments($args);
return $comments;
} else {
$custom_posts = new \WP_Query();
$args['post_status'] = is_array( $args['post_status'] ) ? $args['post_status'] : explode( ',', $args['post_status'] );
$custom_posts->query( $args );
return $custom_posts;
return get_comments( $args );
}
$custom_posts = new \WP_Query();
$args['post_status'] = is_array( $args['post_status'] ) ? $args['post_status'] : explode( ',', $args['post_status'] );
$custom_posts->query( $args );
return $custom_posts;
}
@@ -206,7 +186,7 @@ if ( ! class_exists( 'um\core\Query' ) ) {
*
* @return array
*/
function get_recent_users($number = 5){
function get_recent_users( $number = 5 ) {
$args = array( 'fields' => 'ID', 'number' => $number, 'orderby' => 'user_registered', 'order' => 'desc' );
$users = new \WP_User_Query( $args );
includes/core/class-roles-capabilities.php
+36 -16
View File
@@ -592,19 +592,24 @@ if ( ! class_exists( 'um\core\Roles_Capabilities' ) ) {
/**
* Get role data
* Get role data.
*
* @param int $role_id Role ID.
*
* @param int $roleID Role ID
* @return array
*/
function role_data( $roleID ) {
if ( strpos( $roleID, 'um_' ) === 0 ) {
$roleID = substr( $roleID, 3 );
$role_data = get_option( "um_role_{$roleID}_meta", array() );
public function role_data( $role_id ) {
if ( empty( $role_id ) ) {
return array();
}
if ( strpos( $role_id, 'um_' ) === 0 ) {
$role_id = substr( $role_id, 3 );
$role_data = get_option( "um_role_{$role_id}_meta", array() );
}
if ( empty( $role_data ) ) {
$role_data = get_option( "um_role_{$roleID}_meta", array() );
$role_data = get_option( "um_role_{$role_id}_meta", array() );
}
if ( ! $role_data ) {
@@ -612,21 +617,36 @@ if ( ! class_exists( 'um\core\Roles_Capabilities' ) ) {
}
$temp = array();
foreach ( $role_data as $key=>$value ) {
foreach ( $role_data as $key => $value ) {
if ( strpos( $key, '_um_' ) === 0 ) {
$key = preg_replace('/_um_/', '', $key, 1);
$key = preg_replace( '/_um_/', '', $key, 1 );
}
//$key = str_replace( '_um_', '', $key, $count );
$temp[ $key ] = $value;
}
$temp = apply_filters( 'um_change_role_data', $temp, $roleID );
return $temp;
/**
* Filters the Ultimate Member related user role data.
*
* @since 2.0
* @hook um_change_role_data
*
* @param {array} $role_data Role data.
* @param {string} $role_id Role ID.
*
* @return {array} Role data.
*
* @example <caption>Set {some_capability_key} capability for subscriber user role.</caption>
* function my_change_role_data( $role_data, $role_id ) {
* // your code here
* if ( 'subscriber' === $role_id ) {
* $role_data['{some_capability_key}'] = true;
* }
* return $role_data;
* }
* add_filter( 'um_change_role_data', 'my_change_role_data', 10, 2 );
*/
return apply_filters( 'um_change_role_data', $temp, $role_id );
}
/**
* Query for UM roles
*
includes/core/class-shortcodes.php
+188 -186
View File
@@ -297,16 +297,23 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
if ( isset( $this->set_args ) && is_array( $this->set_args ) ) {
$args = $this->set_args;
unset( $args['file'] );
unset( $args['theme_file'] );
unset( $args['tpl'] );
unset( $args['file'], $args['theme_file'], $args['tpl'] );
$args = apply_filters( 'um_template_load_args', $args, $tpl );
extract( $args );
/*
* This use of extract() cannot be removed. There are many possible ways that
* templates could depend on variables that it creates existing, and no way to
* detect and deprecate it.
*
* Passing the EXTR_SKIP flag is the safest option, ensuring globals and
* function variables cannot be overwritten.
*/
// phpcs:ignore WordPress.PHP.DontExtract.extract_extract
extract( $args, EXTR_SKIP );
}
$file = um_path . "templates/{$tpl}.php";
$file = UM_PATH . "templates/{$tpl}.php";
$theme_file = get_stylesheet_directory() . "/ultimate-member/templates/{$tpl}.php";
if ( file_exists( $theme_file ) ) {
$file = $theme_file;
@@ -582,7 +589,6 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
}
}
/**
* Shortcode
*
@@ -590,11 +596,10 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
*
* @return string
*/
function ultimatemember( $args = array() ) {
public function ultimatemember( $args = array() ) {
return $this->load( $args );
}
/**
* Load a module with global function
*
@@ -602,47 +607,43 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
*
* @return string
*/
function load( $args ) {
public function load( $args ) {
$defaults = array();
$args = wp_parse_args( $args, $defaults );
$args = wp_parse_args( $args, $defaults );
// when to not continue
$this->form_id = isset( $args['form_id'] ) ? $args['form_id'] : null;
if ( ! $this->form_id ) {
return;
// When to not continue.
if ( ! array_key_exists( 'form_id', $args ) ) {
return '';
}
$this->form_id = $args['form_id'];
$this->form_status = get_post_status( $this->form_id );
if ( $this->form_status != 'publish' ) {
return;
if ( 'publish' !== $this->form_status ) {
return '';
}
// get data into one global array
$post_data = UM()->query()->post_data( $this->form_id );
$args = array_merge( $args, $post_data );
$args = array_merge( $args, $post_data );
ob_start();
/**
* UM hook
* Filters arguments for loading Ultimate Member shortcodes.
*
* @type filter
* @title um_pre_args_setup
* @description Change arguments on load shortcode
* @input_vars
* [{"var":"$post_data","type":"string","desc":"$_POST data"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_pre_args_setup', 'function_name', 10, 1 ); ?>
* @example
* <?php
* add_filter( 'um_pre_args_setup', 'my_pre_args_setup', 10, 1 );
* function my_pre_args_setup( $post_data ) {
* @since 1.3.x
* @hook um_pre_args_setup
*
* @param {array} $args Data for loading shortcode.
*
* @return {array} Data for loading shortcode.
*
* @example <caption>Change arguments on load shortcode.</caption>
* function my_pre_args_setup( $args ) {
* // your code here
* return $post_data;
* return $args;
* }
* ?>
* add_filter( 'um_pre_args_setup', 'my_pre_args_setup' );
*/
$args = apply_filters( 'um_pre_args_setup', $args );
@@ -650,7 +651,7 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
$args['template'] = '';
}
if ( isset( $post_data['template'] ) && $post_data['template'] != $args['template'] ) {
if ( isset( $post_data['template'] ) && $post_data['template'] !== $args['template'] ) {
$args['template'] = $post_data['template'];
}
@@ -662,7 +663,7 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
$post_data['template'] = $post_data['mode'];
}
if ( 'directory' == $args['mode'] ) {
if ( 'directory' === $args['mode'] ) {
wp_enqueue_script( 'um_members' );
if ( is_rtl() ) {
wp_enqueue_style( 'um_members_rtl' );
@@ -671,7 +672,7 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
}
}
if ( 'directory' != $args['mode'] ) {
if ( 'directory' !== $args['mode'] ) {
$args = array_merge( $post_data, $args );
if ( empty( $args['use_custom_settings'] ) ) {
@@ -680,254 +681,255 @@ if ( ! class_exists( 'um\core\Shortcodes' ) ) {
$args = array_merge( $this->get_css_args( $args ), $args );
}
}
// filter for arguments
/**
* UM hook
* Filters change arguments on load shortcode.
*
* @type filter
* @title um_shortcode_args_filter
* @description Change arguments on load shortcode
* @input_vars
* [{"var":"$args","type":"string","desc":"Shortcode arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_shortcode_args_filter', 'function_name', 10, 1 ); ?>
* @example
* <?php
* add_filter( 'um_shortcode_args_filter', 'my_shortcode_args', 10, 1 );
* @since 1.3.x
* @hook um_shortcode_args_filter
*
* @param {array} $args Shortcode arguments.
*
* @return {array} Shortcode arguments.
*
* @example <caption>Change arguments on load shortcode.</caption>
* function my_shortcode_args( $args ) {
* // your code here
* return $args;
* }
* ?>
* add_filter( 'um_shortcode_args_filter', 'my_shortcode_args' );
*/
$args = apply_filters( 'um_shortcode_args_filter', $args );
/**
* @var string $mode
*/
extract( $args, EXTR_SKIP );
//not display on admin preview
if ( empty( $_POST['act_id'] ) || sanitize_key( $_POST['act_id'] ) !== 'um_admin_preview_form' ) {
if ( ! array_key_exists( 'mode', $args ) || ! array_key_exists( 'template', $args ) ) {
ob_get_clean();
return '';
}
$mode = $args['mode'];
// Not display on admin preview.
if ( empty( $_POST['act_id'] ) || 'um_admin_preview_form' !== sanitize_key( $_POST['act_id'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification
/**
* Filters the ability to show registration form for the logged-in users.
* Set it to true for displaying registration form for the logged-in users.
*
* @since 2.1.20
* @hook um_registration_for_loggedin_users
*
* @param {bool} $show Show registration form for the logged-in users. By default, it's false
* @param {array} $args Shortcode arguments.
*
* @return {bool} Show registration form for the logged-in users.
*
* @example <caption>Show registration form for the logged-in users for all UM registration forms on your website.</caption>
* add_filter( 'um_registration_for_loggedin_users', '__return_true' );
*/
$enable_loggedin_registration = apply_filters( 'um_registration_for_loggedin_users', false, $args );
if ( 'register' == $mode && is_user_logged_in() && ! $enable_loggedin_registration ) {
if ( ! $enable_loggedin_registration && 'register' === $mode && is_user_logged_in() ) {
ob_get_clean();
return __( 'You are already registered', 'ultimate-member' );
return __( 'You are already registered.', 'ultimate-member' );
}
}
if ( ! is_user_logged_in() && isset( $args['is_block'] ) && 1 === (int) $args['is_block'] && 'profile' === $mode ) {
return;
if ( isset( $args['is_block'] ) && 1 === (int) $args['is_block'] && 'profile' === $mode && ! is_user_logged_in() ) {
ob_get_clean();
return '';
}
// for profiles only
if ( $mode == 'profile' && um_profile_id() ) {
//set requested user if it's not setup from permalinks (for not profile page in edit mode)
// For profiles only.
if ( 'profile' === $mode && um_profile_id() ) {
// Set requested user if it's not setup from permalinks (for not profile page in edit mode).
if ( ! um_get_requested_user() ) {
um_set_requested_user( um_profile_id() );
}
if ( ! empty( $args['use_custom_settings'] ) ) { // Option "Apply custom settings to this form"
if ( ! empty( $args['role'] ) ) { // Option "Make this profile form role-specific"
if ( ! empty( $args['use_custom_settings'] ) && ! empty( $args['role'] ) ) {
// Option "Apply custom settings to this form". Option "Make this profile form role-specific".
// Show the first Profile Form with role selected, don't show profile forms below the page with other role-specific setting.
if ( empty( $this->profile_role ) ) {
$current_user_roles = UM()->roles()->get_all_user_roles( um_profile_id() );
// show the first Profile Form with role selected, don't show profile forms below the page with other role-specific setting
if ( empty( $this->profile_role ) ) {
$current_user_roles = UM()->roles()->get_all_user_roles( um_profile_id() );
if ( empty( $current_user_roles ) ) {
ob_get_clean();
return '';
} elseif ( is_array( $args['role'] ) ) {
if ( ! count( array_intersect( $args['role'], $current_user_roles ) ) ) {
ob_get_clean();
return '';
}
} else {
if ( ! in_array( $args['role'], $current_user_roles ) ) {
ob_get_clean();
return '';
}
}
$this->profile_role = $args['role'];
} elseif ( $this->profile_role != $args['role'] ) {
if ( empty( $current_user_roles ) ) {
ob_get_clean();
return '';
}
if ( is_array( $args['role'] ) ) {
if ( ! count( array_intersect( $args['role'], $current_user_roles ) ) ) {
ob_get_clean();
return '';
}
} elseif ( ! in_array( $args['role'], $current_user_roles, true ) ) {
ob_get_clean();
return '';
}
$this->profile_role = $args['role'];
} elseif ( $this->profile_role !== $args['role'] ) {
ob_get_clean();
return '';
}
}
}
/**
* UM hook
* Fires before loading form shortcode.
*
* @type action
* @title um_pre_{$mode}_shortcode
* @description Action pre-load form shortcode
* @input_vars
* [{"var":"$args","type":"array","desc":"Form shortcode pre-loading"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_pre_{$mode}_shortcode', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_pre_{$mode}_shortcode', 'my_pre_shortcode', 10, 1 );
* function my_pre_shortcode( $args ) {
* Note: $mode can be 'profile', 'login', 'register', 'account'.
*
* @since 1.3.x
* @hook um_pre_{$mode}_shortcode
*
* @param {array} $args Form shortcode arguments.
*
* @example <caption>Make any custom action before loading a registration form shortcode.</caption>
* function my_pre_register_shortcode( $args ) {
* // your code here
* }
* ?>
* add_action( 'um_pre_register_shortcode', 'my_pre_register_shortcode' );
* @example <caption>Make any custom action before loading a login form shortcode.</caption>
* function my_pre_login_shortcode( $args ) {
* // your code here
* }
* add_action( 'um_pre_login_shortcode', 'my_pre_login_shortcode' );
* @example <caption>Make any custom action before loading a password reset form shortcode.</caption>
* function my_pre_password_shortcode( $args ) {
* // your code here
* }
* add_action( 'um_pre_password_shortcode', 'my_pre_password_shortcode' );
* @example <caption>Make any custom action before loading a profile form shortcode.</caption>
* function my_pre_profile_shortcode( $args ) {
* // your code here
* }
* add_action( 'um_pre_profile_shortcode', 'my_pre_profile_shortcode' );
* @example <caption>Make any custom action before loading an account form shortcode.</caption>
* function my_pre_account_shortcode( $args ) {
* // your code here
* }
* add_action( 'um_pre_account_shortcode', 'my_pre_account_shortcode' );
*/
do_action( "um_pre_{$mode}_shortcode", $args );
/**
* UM hook
* Fires before loading form shortcode.
*
* @type action
* @title um_before_form_is_loaded
* @description Action pre-load form shortcode
* @input_vars
* [{"var":"$args","type":"array","desc":"Form shortcode pre-loading"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_before_form_is_loaded', 'function_name', 10, 1 );
* @example
* <?php
* @since 1.3.x
* @hook um_before_form_is_loaded
*
* @param {array} $args Form shortcode arguments.
*
* @example <caption>Make any custom action before loading UM form shortcode.</caption>
* function my_pre_shortcode( $args ) {
* // your code here
* }
* add_action( 'um_before_form_is_loaded', 'my_pre_shortcode', 10, 1 );
* function my_pre_shortcode( $args ) {
* // your code here
* }
* ?>
*/
do_action( "um_before_form_is_loaded", $args );
do_action( 'um_before_form_is_loaded', $args );
/**
* UM hook
* Fires before loading a form shortcode.
*
* @type action
* @title um_before_{$mode}_form_is_loaded
* @description Action pre-load form shortcode
* @input_vars
* [{"var":"$args","type":"array","desc":"Form shortcode pre-loading"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_before_{$mode}_form_is_loaded', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_before_{$mode}_form_is_loaded', 'my_pre_shortcode', 10, 1 );
* function my_pre_shortcode( $args ) {
* // your code here
* }
* ?>
* @since 1.3.x
* @todo Deprecate since 2.7.0. Use `um_pre_{$mode}_shortcode` or `um_before_form_is_loaded` instead.
* @hook um_before_{$mode}_form_is_loaded
*
* @param {array} $args Form shortcode arguments.
*/
do_action( "um_before_{$mode}_form_is_loaded", $args );
$this->template_load( $template, $args );
$this->template_load( $args['template'], $args );
$this->dynamic_css( $args );
if ( um_get_requested_user() || $mode == 'logout' ) {
if ( 'logout' === $mode || um_get_requested_user() ) {
um_reset_user();
}
/**
* UM hook
* Fires after load shortcode content.
*
* @type action
* @title um_after_everything_output
* @description Action after load shortcode content
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_after_everything_output', 'function_name', 10 );
* @example
* <?php
* add_action( 'um_after_everything_output', 'my_after_everything_output', 10 );
* function my_after_everything_output() {
* @since 2.0
* @hook um_after_everything_output
*
* @param {array} $args Form shortcode arguments.
*
* @example <caption>Make any custom action after load shortcode content.</caption>
* function my_pre_shortcode() {
* // your code here
* }
* ?>
* add_action( 'um_after_everything_output', 'my_pre_shortcode', 10 );
*/
do_action( 'um_after_everything_output' );
$output = ob_get_clean();
return $output;
return ob_get_clean();
}
/**
* Get dynamic CSS args
*
* @param $args
* @return array
*/
function get_css_args( $args ) {
public function get_css_args( $args ) {
$arr = um_styling_defaults( $args['mode'] );
$arr = array_merge( $arr, array( 'form_id' => $args['form_id'], 'mode' => $args['mode'] ) );
$arr = array_merge(
$arr,
array(
'form_id' => $args['form_id'],
'mode' => $args['mode'],
)
);
return $arr;
}
/**
* Load dynamic css
* Load dynamic CSS.
*
* @param array $args
*
* @return string
*/
function dynamic_css( $args = array() ) {
public function dynamic_css( $args = array() ) {
/**
* UM hook
* Filters for disable global dynamic CSS. It's false by default, set it to true to disable.
*
* @type filter
* @title um_disable_dynamic_global_css
* @description Turn on for disable global dynamic CSS for fix the issue #306
* @input_vars
* [{"var":"$disable","type":"bool","desc":"Disable global CSS"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_disable_dynamic_global_css', 'function_name', 10, 1 ); ?>
* @example
* <?php
* add_filter( 'um_disable_dynamic_global_css', 'my_disable_dynamic_global_css', 10, 1 );
* function my_disable_dynamic_global_css( $disable ) {
* // your code here
* return $disable;
* }
* ?>
* @since 2.0
* @hook um_disable_dynamic_global_css
*
* @param {bool} $disable Disable global CSS.
*
* @return {bool} Disable global CSS.
*
* @example <caption>Turn off enqueue of global dynamic CSS.</caption>
* add_filter( 'um_disable_dynamic_global_css', '__return_true' );
*/
$disable_css = apply_filters( 'um_disable_dynamic_global_css', false );
if ( $disable_css )
if ( $disable_css ) {
return '';
}
/**
* @var $mode
*/
extract( $args );
if ( empty( $args['form_id'] ) ) {
return '';
}
include_once um_path . 'assets/dynamic_css/dynamic_global.php';
include_once UM_PATH . 'assets/dynamic_css/dynamic-global.php';
if ( isset( $mode ) && in_array( $mode, array( 'profile', 'directory' ) ) ) {
$file = um_path . 'assets/dynamic_css/dynamic_' . $mode . '.php';
if ( array_key_exists( 'mode', $args ) && in_array( $args['mode'], array( 'profile', 'directory' ), true ) ) {
$file = UM_PATH . 'assets/dynamic_css/dynamic-' . $args['mode'] . '.php';
if ( file_exists( $file ) )
if ( file_exists( $file ) ) {
include_once $file;
}
}
return '';
}
/**
* Loads a template file
*
* @param $template
* @param array $args
*/
function template_load( $template, $args = array() ) {
public function template_load( $template, $args = array() ) {
if ( is_array( $args ) ) {
$this->set_args = $args;
}
includes/core/rest/class-api-v1.php
+119 -218
View File
@@ -1,9 +1,9 @@
<?php
namespace um\core\rest;
if ( ! defined( 'ABSPATH' ) ) exit;
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
@@ -19,7 +19,6 @@ if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
*/
const VERSION = '1.0';
/**
* REST_API constructor.
*/
@@ -29,7 +28,6 @@ if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
add_filter( 'query_vars', array( $this, 'query_vars' ) );
}
/**
* Registers query vars for API access
*
@@ -59,7 +57,6 @@ if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
return $vars;
}
/**
* Validate the API request
*/
@@ -89,11 +86,9 @@ if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
$this->invalid_auth();
}
}
}
}
/**
* Retrieve the user ID based on the public key provided
*
@@ -116,10 +111,10 @@ if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
if ( false === $user ) {
$user = $wpdb->get_var( $wpdb->prepare(
"SELECT user_id
FROM $wpdb->usermeta
WHERE meta_key = 'um_user_public_key' AND
meta_value = %s
"SELECT user_id
FROM $wpdb->usermeta
WHERE meta_key = 'um_user_public_key' AND
meta_value = %s
LIMIT 1",
$key
) );
@@ -134,106 +129,82 @@ if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
return false;
}
/**
* Process Get users API Request
* Process Get users API Request.
*
* @param $args
* @param array $args
*
* @return array
*/
public function get_users( $args ) {
/**
* @var int $number
* @var string $orderby
* @var string $order
* @var string $include
* @var string $exclude
*/
extract( $args );
$response = array();
if ( ! $number ) {
$number = 10;
}
$number = array_key_exists( 'number', $args ) && is_numeric( $args['number'] ) ? absint( $args['number'] ) : 10;
$orderby = array_key_exists( 'orderby', $args ) ? sanitize_key( $args['orderby'] ) : 'user_registered';
$order = array_key_exists( 'order', $args ) ? sanitize_key( $args['order'] ) : 'desc';
if ( ! $orderby ) {
$orderby = 'user_registered';
}
$loop_a = array(
'number' => $number,
'orderby' => $orderby,
'order' => $order,
);
if ( ! $order ) {
$order = 'desc';
}
$loop_a = array( 'number' => $number, 'orderby' => $orderby, 'order' => $order );
if ( $include ) {
$include = explode(',', $include );
if ( array_key_exists( 'include', $args ) ) {
$include = explode( ',', sanitize_text_field( $args['include'] ) );
$loop_a['include'] = $include;
}
if ( $exclude ) {
$exclude = explode(',', $exclude );
if ( array_key_exists( 'exclude', $args ) ) {
$exclude = explode( ',', sanitize_text_field( $args['exclude'] ) );
$loop_a['exclude'] = $exclude;
}
$loop = get_users( $loop_a );
foreach ( $loop as $user ) {
unset( $user->data->user_status );
unset( $user->data->user_activation_key );
unset( $user->data->user_pass );
unset( $user->data->user_status, $user->data->user_activation_key, $user->data->user_pass );
um_fetch_user( $user->ID );
foreach ( $user as $key => $val ) {
if ( $key != 'data' ) {
if ( 'data' !== $key ) {
continue;
}
$key = 'profile';
$val->roles = $user->roles;
$val->first_name = um_user('first_name');
$val->last_name = um_user('last_name');
$val->account_status = um_user('account_status');
$val->profile_pic_original = um_get_user_avatar_url('', 'original');
$val->profile_pic_normal = um_get_user_avatar_url('', 200);
$val->profile_pic_small = um_get_user_avatar_url('', 40);
$val->cover_photo = $this->getsrc( um_user('cover_photo', 1000) );
$val->roles = $user->roles;
$val->first_name = um_user( 'first_name' );
$val->last_name = um_user( 'last_name' );
$val->account_status = um_user( 'account_status' );
$val->profile_pic_original = um_get_user_avatar_url( '', 'original' );
$val->profile_pic_normal = um_get_user_avatar_url( '', 200 );
$val->profile_pic_small = um_get_user_avatar_url( '', 40 );
$val->cover_photo = $this->getsrc( um_user( 'cover_photo', 1000 ) );
/**
* UM hook
* Filters the output data for Rest API userdata call.
*
* @type filter
* @title um_rest_userdata
* @description Change output data for Rest API userdata call
* @input_vars
* [{"var":"$value","type":"array","desc":"Output Data"},
* {"var":"$user_id","type":"string","desc":"User ID"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_rest_userdata', 'function_name', 10, 2 ); ?>
* @example
* <?php
* add_filter( 'um_rest_userdata', 'my_rest_userdata', 10, 2 );
* function my_rest_userdata( $value, $user_id ) {
* @param {mixed} $val User data value.
* @param {int} $user_id User ID.
*
* @return {mixed} User data value.
*
* @since 2.0
* @hook um_rest_userdata
*
* @example <caption>Force change the output data for Rest API userdata call.</caption>
* function my_custom_um_rest_userdata( $value, $user_id ) {
* // your code here
* return $value;
* return $response;
* }
* ?>
* add_filter( 'um_rest_userdata', 'my_custom_um_rest_userdata', 10, 2 );
*/
$val = apply_filters( 'um_rest_userdata', $val, $user->ID );
$response[ $user->ID ] = $val;
$response[ $user->ID ] = apply_filters( 'um_rest_userdata', $val, $user->ID );
}
}
return $response;
}
/**
* Update user API query
*
@@ -242,26 +213,28 @@ if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
* @return array
*/
public function update_user( $args ) {
/**
* @var int $id
* @var string $data
* @var string $value
*/
extract( $args );
$response = array();
$error = array();
$error = array();
if ( ! $id ) {
if ( empty( $args['id'] ) ) {
$error['error'] = __( 'You must provide a user ID', 'ultimate-member' );
return $error;
}
if ( ! $data ) {
if ( empty( $args['data'] ) ) {
$error['error'] = __( 'You need to provide data to update', 'ultimate-member' );
return $error;
}
if ( ! array_key_exists( 'value', $args ) ) {
$error['error'] = __( 'You need to provide value to update', 'ultimate-member' );
return $error;
}
$id = absint( $args['id'] );
$data = sanitize_text_field( $args['data'] );
$value = sanitize_text_field( $args['value'] );
um_fetch_user( $id );
switch ( $data ) {
@@ -271,35 +244,16 @@ if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
break;
case 'role':
$wp_user_object = new \WP_User( $id );
$old_roles = $wp_user_object->roles;
$old_roles = $wp_user_object->roles;
$wp_user_object->set_role( $value );
/**
* UM hook
*
* @type action
* @title um_after_member_role_upgrade
* @description Action after user role was changed
* @input_vars
* [{"var":"$new_roles","type":"array","desc":"New User Roles"},
* {"var":"$old_roles","type":"array","desc":"Old roles"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_after_member_role_upgrade', 'function_name', 10, 2 );
* @example
* <?php
* add_action( 'um_after_member_role_upgrade', 'my_after_member_role_upgrade', 10, 2 );
* function my_after_member_role_upgrade( $new_roles, $old_roles ) {
* // your code here
* }
* ?>
*/
/** This action is documented in includes/core/class-user.php */
do_action( 'um_after_member_role_upgrade', array( $value ), $old_roles, $id );
$response['success'] = __( 'User role has been changed.', 'ultimate-member' );
break;
default:
update_user_meta( $id, $data, esc_attr( $value ) );
update_user_meta( $id, $data, $value );
$response['success'] = __( 'User meta has been changed.', 'ultimate-member' );
break;
}
@@ -307,7 +261,6 @@ if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
return $response;
}
/**
* Process delete user via API
*
@@ -316,19 +269,16 @@ if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
* @return array
*/
public function delete_user( $args ) {
/**
* @var int $id
*/
extract( $args );
$response = array();
$error = array();
$error = array();
if ( ! isset( $id ) ) {
if ( empty( $args['id'] ) ) {
$error['error'] = __( 'You must provide a user ID', 'ultimate-member' );
return $error;
}
$id = absint( $args['id'] );
$user = get_userdata( $id );
if ( ! $user ) {
$error['error'] = __( 'Invalid user specified', 'ultimate-member' );
@@ -343,7 +293,6 @@ if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
return $response;
}
/**
* Process Get user API Request
*
@@ -352,145 +301,101 @@ if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
* @return array|mixed
*/
public function get_auser( $args ) {
/**
* @var int $um_id
* @var string $um_fields
*/
extract( $args );
$response = array();
$error = array();
$error = array();
if ( ! isset( $id ) ) {
$error['error'] = __('You must provide a user ID','ultimate-member');
if ( empty( $args['id'] ) ) {
$error['error'] = __( 'You must provide a user ID', 'ultimate-member' );
return $error;
}
$id = absint( $args['id'] );
$user = get_userdata( $id );
if ( ! $user ) {
$error['error'] = __('Invalid user specified','ultimate-member');
$error['error'] = __( 'Invalid user specified', 'ultimate-member' );
return $error;
}
unset( $user->data->user_status );
unset( $user->data->user_activation_key );
unset( $user->data->user_pass );
unset( $user->data->user_status, $user->data->user_activation_key, $user->data->user_pass );
um_fetch_user( $user->ID );
if ( isset( $fields ) && $fields ) {
$fields = explode(',', $fields );
$response['ID'] = $user->ID;
if ( array_key_exists( 'fields', $args ) ) {
$fields = explode( ',', sanitize_text_field( $args['fields'] ) );
$response['ID'] = $user->ID;
$response['username'] = $user->user_login;
foreach ( $fields as $field ) {
switch ( $field ) {
default:
$response[ $field ] = ( um_profile( $field ) ) ? um_profile( $field ) : '';
$profile_data = um_profile( $field );
$response[ $field ] = $profile_data ? $profile_data : '';
/**
* UM hook
* Filters the output data for Rest API user authentication call.
*
* @type filter
* @title um_rest_get_auser
* @description Change output data for Rest API user authentification call
* @input_vars
* [{"var":"$response","type":"array","desc":"Output Data"},
* {"var":"$field","type":"string","desc":"Field Key"},
* {"var":"$user_id","type":"int","desc":"User ID"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_rest_get_auser', 'function_name', 10, 3 ); ?>
* @example
* <?php
* add_filter( 'um_rest_get_auser', 'my_rest_get_auser', 10, 3 );
* function my_rest_get_auser( $response, $field, $user_id ) {
* @param {array} $response REST API response.
* @param {string} $field Field Options.
* @param {int} $user_id User ID.
*
* @return {array} REST API response.
*
* @since 2.0
* @hook um_rest_get_auser
*
* @example <caption>Force change the output data for Rest API user authentication call.</caption>
* function my_custom_um_rest_get_auser( $response, $field, $user_id ) {
* // your code here
* return $response;
* }
* ?>
* add_filter( 'um_rest_get_auser', 'my_custom_um_rest_get_auser', 10, 3 );
*/
$response = apply_filters( 'um_rest_get_auser', $response, $field, $user->ID );
break;
case 'cover_photo':
$response['cover_photo'] = $this->getsrc( um_user('cover_photo', 1000) );
$response['cover_photo'] = $this->getsrc( um_user( 'cover_photo', 1000 ) );
break;
case 'profile_pic':
$response['profile_pic_original'] = um_get_user_avatar_url('', 'original');
$response['profile_pic_normal'] = um_get_user_avatar_url('', 200);
$response['profile_pic_small'] = um_get_user_avatar_url('', 40);
$response['profile_pic_original'] = um_get_user_avatar_url( '', 'original' );
$response['profile_pic_normal'] = um_get_user_avatar_url( '', 200 );
$response['profile_pic_small'] = um_get_user_avatar_url( '', 40 );
break;
case 'status':
$response['status'] = um_user('account_status');
$response['status'] = um_user( 'account_status' );
break;
case 'role':
//get priority role here
$response['role'] = um_user( 'role' );
break;
case 'email':
case 'user_email':
$response['email'] = um_user('user_email');
$response['email'] = um_user( 'user_email' );
break;
}
}
} else {
foreach ( $user as $key => $val ) {
if ( $key != 'data' ) {
if ( 'data' !== $key ) {
continue;
}
$key = 'profile';
$val->roles = $user->roles;
$val->first_name = um_user( 'first_name' );
$val->last_name = um_user('last_name' );
$val->account_status = um_user( 'account_status' );
$val->roles = $user->roles;
$val->first_name = um_user( 'first_name' );
$val->last_name = um_user( 'last_name' );
$val->account_status = um_user( 'account_status' );
$val->profile_pic_original = um_get_user_avatar_url( '', 'original' );
$val->profile_pic_normal = um_get_user_avatar_url( '', 200 );
$val->profile_pic_small = um_get_user_avatar_url( '', 40 );
$val->cover_photo = $this->getsrc( um_user( 'cover_photo', 1000 ) );
$val->profile_pic_normal = um_get_user_avatar_url( '', 200 );
$val->profile_pic_small = um_get_user_avatar_url( '', 40 );
$val->cover_photo = $this->getsrc( um_user( 'cover_photo', 1000 ) );
/**
* UM hook
*
* @type filter
* @title um_rest_userdata
* @description Change output data for Rest API userdata call
* @input_vars
* [{"var":"$value","type":"array","desc":"Output Data"},
* {"var":"$user_id","type":"string","desc":"User ID"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_rest_userdata', 'function_name', 10, 2 ); ?>
* @example
* <?php
* add_filter( 'um_rest_userdata', 'my_rest_userdata', 10, 2 );
* function my_rest_userdata( $value, $user_id ) {
* // your code here
* return $value;
* }
* ?>
*/
$val = apply_filters( 'um_rest_userdata', $val, $user->ID );
$response = $val;
/** This filter is documented in includes/core/rest/class-api-v1.php */
$response = apply_filters( 'um_rest_userdata', $val, $user->ID );
}
}
return $response;
}
/**
* Get source
*
@@ -499,13 +404,12 @@ if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
* @return string
*/
public function getsrc( $image ) {
if (preg_match('/<img.+?src(?: )*=(?: )*[\'"](.*?)[\'"]/si', $image, $arrResult)) {
return $arrResult[1];
if ( preg_match( '/<img.+?src(?: )*=(?: )*[\'"](.*?)[\'"]/si', $image, $arr_result ) ) {
return $arr_result[1];
}
return '';
}
/**
* Retrieve the output format
*/
@@ -515,27 +419,24 @@ if ( ! class_exists( 'um\core\rest\API_v1' ) ) {
$format = isset( $wp_query->query_vars['format'] ) ? $wp_query->query_vars['format'] : 'json';
/**
* UM hook
* Filters the REST API output format. JSON by default.
*
* @type filter
* @title um_api_output_format
* @description UM Rest API output format
* @input_vars
* [{"var":"$format","type":"string","desc":"Format"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_api_output_format', 'function_name', 10, 1 ); ?>
* @example
* <?php
* add_filter( 'um_api_output_format', 'my_api_output_format', 10, 1 );
* function my_api_output_format( $format ) {
* @param {string} $format REST API output format.
*
* @return {string} REST API output format.
*
* @since 1.3.x
* @hook um_api_output_format
*
* @example <caption>Changing the REST API output format.</caption>
* function my_custom_um_api_output_format( $format ) {
* // your code here
* $format = 'xml';
* return $format;
* }
* ?>
* add_filter( 'um_api_output_format', 'my_custom_um_api_output_format' );
*/
return apply_filters( 'um_api_output_format', $format );
}
}
}
}
includes/core/rest/class-api-v2.php
+95 -246
View File
@@ -1,13 +1,12 @@
<?php
namespace um\core\rest;
if ( ! defined( 'ABSPATH' ) ) exit;
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
if ( ! class_exists( 'um\core\rest\API_v2' ) ) {
/**
* Class API_v2
* @package um\core\rest
@@ -19,7 +18,6 @@ if ( ! class_exists( 'um\core\rest\API_v2' ) ) {
*/
const VERSION = '2.0';
/**
* REST_API constructor.
*/
@@ -29,7 +27,6 @@ if ( ! class_exists( 'um\core\rest\API_v2' ) ) {
add_filter( 'query_vars', array( $this, 'query_vars' ) );
}
/**
* Registers query vars for API access
*
@@ -59,7 +56,6 @@ if ( ! class_exists( 'um\core\rest\API_v2' ) ) {
return $vars;
}
/**
* Validate the API request
*/
@@ -92,7 +88,6 @@ if ( ! class_exists( 'um\core\rest\API_v2' ) ) {
}
}
/**
* Retrieve the user ID based on the public key provided
*
@@ -115,10 +110,10 @@ if ( ! class_exists( 'um\core\rest\API_v2' ) ) {
if ( false === $user ) {
$user = $wpdb->get_var( $wpdb->prepare(
"SELECT user_id
FROM $wpdb->usermeta
WHERE meta_key = 'um_user_public_key' AND
meta_value = %s
"SELECT user_id
FROM $wpdb->usermeta
WHERE meta_key = 'um_user_public_key' AND
meta_value = %s
LIMIT 1",
$key
) );
@@ -133,107 +128,65 @@ if ( ! class_exists( 'um\core\rest\API_v2' ) ) {
return false;
}
/**
* Process Get users API Request
*
* @param $args
* @param array $args
*
* @return array
*/
public function get_users( $args ) {
/**
* @var int $um_number
* @var string $um_orderby
* @var string $um_order
* @var string $um_include
* @var string $um_exclude
*/
extract( $args );
$response = array();
if ( ! $um_number ) {
$um_number = 10;
$number = array_key_exists( 'um_number', $args ) && is_numeric( $args['um_number'] ) ? absint( $args['um_number'] ) : 10;
$orderby = array_key_exists( 'um_orderby', $args ) ? sanitize_key( $args['um_orderby'] ) : 'user_registered';
$order = array_key_exists( 'um_order', $args ) ? sanitize_key( $args['um_order'] ) : 'desc';
$loop_a = array(
'number' => $number,
'orderby' => $orderby,
'order' => $order,
);
if ( array_key_exists( 'um_include', $args ) ) {
$include = explode( ',', sanitize_text_field( $args['um_include'] ) );
$loop_a['include'] = $include;
}
if ( ! $um_orderby ) {
$um_orderby = 'user_registered';
}
if ( ! $um_order ) {
$um_order = 'desc';
}
$loop_a = array( 'number' => $um_number, 'orderby' => $um_orderby, 'order' => $um_order );
if ( $um_include ) {
$um_include = explode(',', $um_include );
$loop_a['include'] = $um_include;
}
if ( $um_exclude ) {
$um_exclude = explode(',', $um_exclude );
$loop_a['exclude'] = $um_exclude;
if ( array_key_exists( 'um_exclude', $args ) ) {
$exclude = explode( ',', sanitize_text_field( $args['um_exclude'] ) );
$loop_a['exclude'] = $exclude;
}
$loop = get_users( $loop_a );
foreach ( $loop as $user ) {
unset( $user->data->user_status );
unset( $user->data->user_activation_key );
unset( $user->data->user_pass );
unset( $user->data->user_status, $user->data->user_activation_key, $user->data->user_pass );
um_fetch_user( $user->ID );
foreach ( $user as $key => $val ) {
if ( $key != 'data' ) {
if ( 'data' !== $key ) {
continue;
}
$key = 'profile';
$val->roles = $user->roles;
$val->first_name = um_user( 'first_name' );
$val->last_name = um_user( 'last_name' );
$val->account_status = um_user( 'account_status' );
$val->roles = $user->roles;
$val->first_name = um_user( 'first_name' );
$val->last_name = um_user( 'last_name' );
$val->account_status = um_user( 'account_status' );
$val->profile_pic_original = um_get_user_avatar_url( '', 'original' );
$val->profile_pic_normal = um_get_user_avatar_url( '', 200 );
$val->profile_pic_small = um_get_user_avatar_url( '', 40 );
$val->cover_photo = $this->getsrc( um_user( 'cover_photo', 1000 ) );
$val->profile_pic_normal = um_get_user_avatar_url( '', 200 );
$val->profile_pic_small = um_get_user_avatar_url( '', 40 );
$val->cover_photo = $this->getsrc( um_user( 'cover_photo', 1000 ) );
/**
* UM hook
*
* @type filter
* @title um_rest_userdata
* @description Change output data for Rest API userdata call
* @input_vars
* [{"var":"$value","type":"array","desc":"Output Data"},
* {"var":"$user_id","type":"string","desc":"User ID"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_rest_userdata', 'function_name', 10, 2 ); ?>
* @example
* <?php
* add_filter( 'um_rest_userdata', 'my_rest_userdata', 10, 2 );
* function my_rest_userdata( $value, $user_id ) {
* // your code here
* return $value;
* }
* ?>
*/
$val = apply_filters( 'um_rest_userdata', $val, $user->ID );
$response[ $user->ID ] = $val;
/** This filter is documented in includes/core/rest/class-api-v1.php */
$response[ $user->ID ] = apply_filters( 'um_rest_userdata', $val, $user->ID );
}
}
return $response;
}
/**
* Update user API query
*
@@ -242,64 +195,47 @@ if ( ! class_exists( 'um\core\rest\API_v2' ) ) {
* @return array
*/
public function update_user( $args ) {
/**
* @var int $um_id
* @var string $um_data
* @var string $um_value
*/
extract( $args );
$response = array();
$error = array();
$error = array();
if ( ! $um_id ) {
if ( empty( $args['um_id'] ) ) {
$error['error'] = __( 'You must provide a user ID', 'ultimate-member' );
return $error;
}
if ( ! $um_data ) {
if ( empty( $args['um_data'] ) ) {
$error['error'] = __( 'You need to provide data to update', 'ultimate-member' );
return $error;
}
um_fetch_user( $um_id );
if ( ! array_key_exists( 'um_value', $args ) ) {
$error['error'] = __( 'You need to provide value to update', 'ultimate-member' );
return $error;
}
switch ( $um_data ) {
$id = absint( $args['um_id'] );
$data = sanitize_text_field( $args['um_data'] );
$value = sanitize_text_field( $args['um_value'] );
um_fetch_user( $id );
switch ( $data ) {
case 'status':
UM()->user()->set_status( $um_value );
UM()->user()->set_status( $value );
$response['success'] = __( 'User status has been changed.', 'ultimate-member' );
break;
case 'role':
$wp_user_object = new \WP_User( $um_id );
$old_roles = $wp_user_object->roles;
$wp_user_object->set_role( $um_value );
$wp_user_object = new \WP_User( $id );
$old_roles = $wp_user_object->roles;
$wp_user_object->set_role( $value );
/**
* UM hook
*
* @type action
* @title um_after_member_role_upgrade
* @description Action after user role was changed
* @input_vars
* [{"var":"$new_roles","type":"array","desc":"New User Roles"},
* {"var":"$old_roles","type":"array","desc":"Old roles"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_after_member_role_upgrade', 'function_name', 10, 2 );
* @example
* <?php
* add_action( 'um_after_member_role_upgrade', 'my_after_member_role_upgrade', 10, 2 );
* function my_after_member_role_upgrade( $new_roles, $old_roles ) {
* // your code here
* }
* ?>
*/
do_action( 'um_after_member_role_upgrade', array( $um_value ), $old_roles, $um_id );
/** This action is documented in includes/core/class-user.php */
do_action( 'um_after_member_role_upgrade', array( $value ), $old_roles, $id );
$response['success'] = __( 'User role has been changed.', 'ultimate-member' );
break;
default:
update_user_meta( $um_id, $um_data, esc_attr( $um_value ) );
update_user_meta( $id, $data, $value );
$response['success'] = __( 'User meta has been changed.', 'ultimate-member' );
break;
}
@@ -307,35 +243,31 @@ if ( ! class_exists( 'um\core\rest\API_v2' ) ) {
return $response;
}
/**
* Process delete user via API
* Process delete user via API.
*
* @param $args
* @param array $args
*
* @return array
*/
public function delete_user( $args ) {
/**
* @var int $um_id
*/
extract( $args );
$response = array();
$error = array();
$error = array();
if ( ! isset( $um_id ) ) {
if ( empty( $args['um_id'] ) ) {
$error['error'] = __( 'You must provide a user ID', 'ultimate-member' );
return $error;
}
$user = get_userdata( $um_id );
$id = absint( $args['um_id'] );
$user = get_userdata( $id );
if ( ! $user ) {
$error['error'] = __( 'Invalid user specified', 'ultimate-member' );
return $error;
}
um_fetch_user( $um_id );
um_fetch_user( $id );
UM()->user()->delete();
$response['success'] = __( 'User has been successfully deleted.', 'ultimate-member' );
@@ -343,7 +275,6 @@ if ( ! class_exists( 'um\core\rest\API_v2' ) ) {
return $response;
}
/**
* Process Get user API Request
*
@@ -352,88 +283,54 @@ if ( ! class_exists( 'um\core\rest\API_v2' ) ) {
* @return array
*/
public function get_auser( $args ) {
/**
* @var int $um_id
* @var string $um_fields
*/
extract( $args );
$response = array();
$error = array();
$error = array();
if ( ! isset( $um_id ) ) {
if ( empty( $args['um_id'] ) ) {
$error['error'] = __( 'You must provide a user ID', 'ultimate-member' );
return $error;
}
$user = get_userdata( $um_id );
$id = absint( $args['um_id'] );
$user = get_userdata( $id );
if ( ! $user ) {
$error['error'] = __('Invalid user specified','ultimate-member');
$error['error'] = __( 'Invalid user specified', 'ultimate-member' );
return $error;
}
unset( $user->data->user_status );
unset( $user->data->user_activation_key );
unset( $user->data->user_pass );
unset( $user->data->user_status, $user->data->user_activation_key, $user->data->user_pass );
um_fetch_user( $user->ID );
if ( isset( $um_fields ) && $um_fields ) {
$um_fields = explode(',', $um_fields );
$response['ID'] = $user->ID;
if ( array_key_exists( 'um_fields', $args ) ) {
$fields = explode( ',', sanitize_text_field( $args['um_fields'] ) );
$response['ID'] = $user->ID;
$response['username'] = $user->user_login;
foreach ( $um_fields as $field ) {
foreach ( $fields as $field ) {
switch ( $field ) {
default:
$response[ $field ] = ( um_profile( $field ) ) ? um_profile( $field ) : '';
$profile_data = um_profile( $field );
$response[ $field ] = $profile_data ? $profile_data : '';
/**
* UM hook
*
* @type filter
* @title um_rest_get_auser
* @description Change output data for Rest API user authentification call
* @input_vars
* [{"var":"$response","type":"array","desc":"Output Data"},
* {"var":"$field","type":"string","desc":"Field Key"},
* {"var":"$user_id","type":"int","desc":"User ID"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_rest_get_auser', 'function_name', 10, 3 ); ?>
* @example
* <?php
* add_filter( 'um_rest_get_auser', 'my_rest_get_auser', 10, 3 );
* function my_rest_get_auser( $response, $field, $user_id ) {
* // your code here
* return $response;
* }
* ?>
*/
/** This filter is documented in includes/core/rest/class-api-v1.php */
$response = apply_filters( 'um_rest_get_auser', $response, $field, $user->ID );
break;
case 'cover_photo':
$response['cover_photo'] = $this->getsrc( um_user( 'cover_photo', 1000 ) );
break;
case 'profile_pic':
$response['profile_pic_original'] = um_get_user_avatar_url( '', 'original' );
$response['profile_pic_normal'] = um_get_user_avatar_url( '', 200 );
$response['profile_pic_small'] = um_get_user_avatar_url( '', 40 );
$response['profile_pic_normal'] = um_get_user_avatar_url( '', 200 );
$response['profile_pic_small'] = um_get_user_avatar_url( '', 40 );
break;
case 'status':
$response['status'] = um_user( 'account_status' );
break;
case 'role':
//get priority role here
$response['role'] = um_user( 'role' );
break;
case 'email':
case 'user_email':
$response['email'] = um_user( 'user_email' );
@@ -441,55 +338,28 @@ if ( ! class_exists( 'um\core\rest\API_v2' ) ) {
}
}
} else {
foreach ( $user as $key => $val ) {
if ( $key != 'data' ) {
if ( 'data' !== $key ) {
continue;
}
if ( $key == 'data' ) {
$key = 'profile';
$val->roles = $user->roles;
$val->first_name = um_user( 'first_name' );
$val->last_name = um_user( 'last_name' );
$val->account_status = um_user( 'account_status' );
$val->profile_pic_original = um_get_user_avatar_url( '', 'original' );
$val->profile_pic_normal = um_get_user_avatar_url( '', 200 );
$val->profile_pic_small = um_get_user_avatar_url( '', 40 );
$val->cover_photo = $this->getsrc( um_user( 'cover_photo', 1000 ) );
/**
* UM hook
*
* @type filter
* @title um_rest_userdata
* @description Change output data for Rest API userdata call
* @input_vars
* [{"var":"$value","type":"array","desc":"Output Data"},
* {"var":"$user_id","type":"string","desc":"User ID"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_rest_userdata', 'function_name', 10, 2 ); ?>
* @example
* <?php
* add_filter( 'um_rest_userdata', 'my_rest_userdata', 10, 2 );
* function my_rest_userdata( $value, $user_id ) {
* // your code here
* return $value;
* }
* ?>
*/
$val = apply_filters( 'um_rest_userdata', $val, $user->ID );
}
$response = $val;
$val->roles = $user->roles;
$val->first_name = um_user( 'first_name' );
$val->last_name = um_user( 'last_name' );
$val->account_status = um_user( 'account_status' );
$val->profile_pic_original = um_get_user_avatar_url( '', 'original' );
$val->profile_pic_normal = um_get_user_avatar_url( '', 200 );
$val->profile_pic_small = um_get_user_avatar_url( '', 40 );
$val->cover_photo = $this->getsrc( um_user( 'cover_photo', 1000 ) );
/** This filter is documented in includes/core/rest/class-api-v1.php */
$response = apply_filters( 'um_rest_userdata', $val, $user->ID );
}
}
return $response;
}
/**
* Get source
*
@@ -498,13 +368,12 @@ if ( ! class_exists( 'um\core\rest\API_v2' ) ) {
* @return string
*/
public function getsrc( $image ) {
if (preg_match('/<img.+?src(?: )*=(?: )*[\'"](.*?)[\'"]/si', $image, $arrResult)) {
return $arrResult[1];
if ( preg_match( '/<img.+?src(?: )*=(?: )*[\'"](.*?)[\'"]/si', $image, $arr_result ) ) {
return $arr_result[1];
}
return '';
}
/**
* Retrieve the output format
*/
@@ -513,28 +382,8 @@ if ( ! class_exists( 'um\core\rest\API_v2' ) ) {
$format = isset( $wp_query->query_vars['um_format'] ) ? $wp_query->query_vars['um_format'] : 'json';
/**
* UM hook
*
* @type filter
* @title um_api_output_format
* @description UM Rest API output format
* @input_vars
* [{"var":"$format","type":"string","desc":"Format"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_api_output_format', 'function_name', 10, 1 ); ?>
* @example
* <?php
* add_filter( 'um_api_output_format', 'my_api_output_format', 10, 1 );
* function my_api_output_format( $format ) {
* // your code here
* return $format;
* }
* ?>
*/
/** This filter is documented in includes/core/rest/class-api-v1.php */
return apply_filters( 'um_api_output_format', $format );
}
}
}
}
includes/core/um-actions-form.php
+9 -10
View File
@@ -416,8 +416,8 @@ function um_check_conditions_on_submit( $condition, $fields, $args, $reset = fal
*/
function um_submit_form_errors_hook_( $args ) {
$form_id = $args['form_id'];
$mode = $args['mode'];
$fields = unserialize( $args['custom_fields'] );
$mode = $args['mode'];
$fields = unserialize( $args['custom_fields'] );
$um_profile_photo = um_profile('profile_photo');
if ( get_post_meta( $form_id, '_um_profile_photo_required', true ) && ( empty( $args['profile_photo'] ) && empty( $um_profile_photo ) ) ) {
@@ -425,12 +425,12 @@ function um_submit_form_errors_hook_( $args ) {
}
if ( ! empty( $fields ) ) {
$can_edit = false;
$current_user_roles = [];
$can_edit = false;
$current_user_roles = array();
if ( is_user_logged_in() ) {
$can_edit = UM()->roles()->um_current_user_can( 'edit', $args['user_id'] );
if ( array_key_exists( 'user_id', $args ) ) {
$can_edit = UM()->roles()->um_current_user_can( 'edit', $args['user_id'] );
}
um_fetch_user( get_current_user_id() );
$current_user_roles = um_user( 'roles' );
@@ -439,7 +439,7 @@ function um_submit_form_errors_hook_( $args ) {
foreach ( $fields as $key => $array ) {
if ( $mode == 'profile' ) {
if ( 'profile' === $mode ) {
$restricted_fields = UM()->fields()->get_restricted_fields_for_edit();
if ( is_array( $restricted_fields ) && in_array( $key, $restricted_fields ) ) {
continue;
@@ -447,7 +447,7 @@ function um_submit_form_errors_hook_( $args ) {
}
$can_view = true;
if ( isset( $array['public'] ) && $mode != 'register' ) {
if ( isset( $array['public'] ) && 'register' !== $mode ) {
switch ( $array['public'] ) {
case '1': // Everyone
@@ -491,7 +491,6 @@ function um_submit_form_errors_hook_( $args ) {
continue;
}
/**
* UM hook
*
includes/core/um-actions-login.php
+43 -55
View File
@@ -1,5 +1,7 @@
<?php if ( ! defined( 'ABSPATH' ) ) exit;
<?php
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
/**
* Error procesing hook for login
@@ -13,7 +15,6 @@ function um_submit_form_errors_hook_login( $args ) {
$mode = $args['mode'];
$user_password = $args['user_password'];
if ( isset( $args['username'] ) && $args['username'] == '' ) {
UM()->form()->add_error( 'username', __( 'Please enter your username or email', 'ultimate-member' ) );
}
@@ -190,101 +191,88 @@ function um_store_lastlogin_timestamp_( $login ) {
}
add_action( 'wp_login', 'um_store_lastlogin_timestamp_' );
/**
* Login user process
*
* @param array $args
*/
function um_user_login( $args ) {
extract( $args );
// phpcs:disable WordPress.Security.NonceVerification -- already verified here
$rememberme = ( isset( $_REQUEST['rememberme'], $args['rememberme'] ) && 1 === (int) $args['rememberme'] ) ? 1 : 0;
$rememberme = ( isset( $args['rememberme'] ) && 1 == $args['rememberme'] && isset( $_REQUEST['rememberme'] ) ) ? 1 : 0;
if ( ( UM()->options()->get( 'deny_admin_frontend_login' ) && ! isset( $_GET['provider'] ) ) && strrpos( um_user('wp_roles' ), 'administrator' ) !== false ) {
// @todo check using the 'deny_admin_frontend_login' option
if ( false !== strrpos( um_user( 'wp_roles' ), 'administrator' ) && ( ! isset( $_GET['provider'] ) && UM()->options()->get( 'deny_admin_frontend_login' ) ) ) {
wp_die( esc_html__( 'This action has been prevented for security measures.', 'ultimate-member' ) );
}
UM()->user()->auto_login( um_user( 'ID' ), $rememberme );
/**
* UM hook
* Fires after successful login and before user is redirected.
*
* @type action
* @title um_on_login_before_redirect
* @description Hook that runs after successful login and before user is redirected
* @input_vars
* [{"var":"$user_id","type":"int","desc":"User ID"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_on_login_before_redirect', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_on_login_before_redirect', 'my_on_login_before_redirect', 10, 1 );
* @since 1.3.x
* @hook um_on_login_before_redirect
*
* @param {int} $user_id User ID.
*
* @example <caption>Make any custom action after successful login and before user is redirected.</caption>
* function my_on_login_before_redirect( $user_id ) {
* // your code here
* }
* ?>
* add_action( 'um_on_login_before_redirect', 'my_on_login_before_redirect', 10, 1 );
*/
do_action( 'um_on_login_before_redirect', um_user( 'ID' ) );
// Priority redirect
if ( ! empty( $args['redirect_to'] ) ) {
exit( wp_safe_redirect( $args['redirect_to'] ) );
// Priority redirect from $_GET attribute.
if ( ! empty( $args['redirect_to'] ) ) {
wp_safe_redirect( $args['redirect_to'] );
exit;
}
// Role redirect
$after_login = um_user( 'after_login' );
if ( empty( $after_login ) ) {
exit( wp_redirect( um_user_profile_url() ) );
wp_safe_redirect( um_user_profile_url() );
exit;
}
switch ( $after_login ) {
case 'redirect_admin':
exit( wp_redirect( admin_url() ) );
break;
wp_safe_redirect( admin_url() );
exit;
case 'redirect_url':
/**
* UM hook
* Filters change redirect URL after successful login.
*
* @type filter
* @title um_login_redirect_url
* @description Change redirect URL after successful login
* @input_vars
* [{"var":"$url","type":"string","desc":"Redirect URL"},
* {"var":"$id","type":"int","desc":"User ID"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_login_redirect_url', 'function_name', 10, 2 ); ?>
* @example
* <?php
* add_filter( 'um_login_redirect_url', 'my_login_redirect_url', 10, 2 );
* @since 2.0
* @hook um_login_redirect_url
*
* @param {string} $can_view Redirect URL.
* @param {int} $user_id User ID.
*
* @return {string} Redirect URL.
*
* @example <caption>Change redirect URL.</caption>
* function my_login_redirect_url( $url, $id ) {
* // your code here
* return $url;
* }
* ?>
* add_filter( 'um_login_redirect_url', 'my_login_redirect_url', 10, 2 );
*/
$redirect_url = apply_filters( 'um_login_redirect_url', um_user( 'login_redirect_url' ), um_user( 'ID' ) );
exit( wp_redirect( $redirect_url ) );
break;
wp_safe_redirect( $redirect_url );
exit;
case 'refresh':
exit( wp_redirect( UM()->permalinks()->get_current_url() ) );
break;
wp_safe_redirect( UM()->permalinks()->get_current_url() );
exit;
case 'redirect_profile':
default:
exit( wp_redirect( um_user_profile_url() ) );
break;
wp_safe_redirect( um_user_profile_url() );
exit;
}
// phpcs:enable WordPress.Security.NonceVerification -- already verified here
}
add_action( 'um_user_login', 'um_user_login', 10 );
add_action( 'um_user_login', 'um_user_login' );
/**
* Form processing
includes/core/um-actions-misc.php
+75 -64
View File
@@ -1,8 +1,8 @@
<?php if ( ! defined( 'ABSPATH' ) ) {
<?php
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
/**
* Add a force redirect to from $_get
*
@@ -66,132 +66,125 @@ function um_browser_url_redirect_to( $args ) {
}
add_action( 'um_after_form_fields', 'um_browser_url_redirect_to' );
/**
* Add a notice to form
* Add a notice to UM Form after submission
*
* @param $args
* @param array $args
*/
function um_add_update_notice( $args ) {
extract( $args );
$output = '';
$err = '';
$success = '';
if ( ! empty( $_REQUEST['updated'] ) && ! UM()->form()->errors ) {
switch ( sanitize_key( $_REQUEST['updated'] ) ) {
// Skip if there are errors while submission.
if ( UM()->form()->errors ) {
return;
}
// phpcs:disable WordPress.Security.NonceVerification -- used for echo and already verified here.
if ( ! empty( $_REQUEST['updated'] ) ) {
$updated = sanitize_key( $_REQUEST['updated'] );
switch ( $updated ) {
default:
/**
* UM hook
* Filters a custom success message.
*
* @type filter
* @title um_custom_success_message_handler
* @description Add custom success message
* @input_vars
* [{"var":"$success","type":"string","desc":"Message"},
* {"var":"$updated","type":"array","desc":"Updated data"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_custom_success_message_handler', 'function_name', 10, 2 ); ?>
* @example
* <?php
* add_filter( 'um_custom_success_message_handler', 'my_custom_success_message', 10, 2 );
* function my_custom_success_message( $success, $updated ) {
* // your code here
* @since 1.3.x
* @since 2.6.4 Added `$args` parameter.
* @hook um_custom_success_message_handler
*
* @param {string} $success Success message.
* @param {string} $updated Updated key.
* @param {array} $args UM Form shortcode arguments.
*
* @return {string} Message.
*
* @example <caption>It adds a custom message for `custom_key_on_profile` updated key.</caption>
* function my_custom_success_message( $success, $updated, $args ) {
* if ( 'custom_key_on_profile' === $updated ) {
* $success = 'Some custom message';
* }
* return $success;
* }
* ?>
* add_filter( 'um_custom_success_message_handler', 'my_custom_success_message', 10, 3 );
*/
$success = apply_filters( 'um_custom_success_message_handler', $success, sanitize_key( $_REQUEST['updated'] ) );
$success = apply_filters( 'um_custom_success_message_handler', $success, $updated, $args );
break;
case 'account':
$success = __( 'Your account was updated successfully.', 'ultimate-member' );
break;
case 'password_changed':
$success = __( 'You have successfully changed your password.', 'ultimate-member' );
break;
case 'account_active':
$success = __( 'Your account is now active! You can login.', 'ultimate-member' );
break;
}
}
if ( ! empty( $_REQUEST['err'] ) && ! UM()->form()->errors ) {
switch( sanitize_key( $_REQUEST['err'] ) ) {
if ( ! empty( $_REQUEST['err'] ) ) {
$request_error = sanitize_key( $_REQUEST['err'] );
switch ( $request_error ) {
default:
/**
* UM hook
* Filters a custom error message.
*
* @type filter
* @title um_custom_error_message_handler
* @description Add custom error message
* @input_vars
* [{"var":"$error","type":"string","desc":"Error message"},
* {"var":"$request_error","type":"array","desc":"Error data"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_custom_error_message_handler', 'function_name', 10, 2 ); ?>
* @example
* <?php
* add_filter( 'um_custom_error_message_handler', 'my_custom_error_message', 10, 2 );
* function my_custom_error_message( $error, $request_error ) {
* // your code here
* @since 1.3.x
* @since 2.6.4 Added `$args` parameter.
* @hook um_custom_error_message_handler
*
* @param {string} $error Error message.
* @param {string} $request_error Error data.
* @param {array} $args UM Form shortcode arguments.
*
* @return {string} Error message.
*
* @example <caption>It adds a custom error for `custom_key_on_profile` error key.</caption>
* function my_custom_error_message( $error, $request_error, $args ) {
* if ( 'custom_key_on_profile' === $request_error ) {
* $error = 'Some custom message';
* }
* return $error;
* }
* ?>
* add_filter( 'um_custom_error_message_handler', 'my_custom_error_message', 10, 3 );
*/
$err = apply_filters( 'um_custom_error_message_handler', $err, sanitize_key( $_REQUEST['err'] ) );
if ( ! $err ) {
$err = apply_filters( 'um_custom_error_message_handler', $err, $request_error, $args );
if ( empty( $err ) ) {
$err = __( 'An error has been encountered', 'ultimate-member' );
}
break;
case 'registration_disabled':
$err = __( 'Registration is currently disabled', 'ultimate-member' );
break;
case 'blocked_email':
$err = __( 'This email address has been blocked.', 'ultimate-member' );
break;
case 'blocked_domain':
$err = __( 'We do not accept registrations from that domain.', 'ultimate-member' );
break;
case 'blocked_ip':
$err = __( 'Your IP address has been blocked.', 'ultimate-member' );
break;
case 'inactive':
$err = __( 'Your account has been disabled.', 'ultimate-member' );
break;
case 'awaiting_admin_review':
$err = __( 'Your account has not been approved yet.', 'ultimate-member' );
break;
case 'awaiting_email_confirmation':
$err = __( 'Your account is awaiting e-mail verification.', 'ultimate-member' );
break;
case 'rejected':
$err = __( 'Your membership request has been rejected.', 'ultimate-member' );
break;
case 'invalid_nonce':
$err = __( 'An error has been encountered. Probably page was cached. Please try again.', 'ultimate-member' );
break;
}
}
// phpcs:enable WordPress.Security.NonceVerification -- used for echo and already verified here.
add_filter( 'um_late_escaping_allowed_tags', 'um_form_notices_additional_tags', 10, 2 );
if ( ! empty( $err ) ) {
$output .= '<p class="um-notice err"><i class="um-icon-ios-close-empty" onclick="jQuery(this).parent().fadeOut();"></i>' . $err . '</p>';
@@ -201,6 +194,24 @@ function um_add_update_notice( $args ) {
$output .= '<p class="um-notice success"><i class="um-icon-ios-close-empty" onclick="jQuery(this).parent().fadeOut();"></i>' . $success . '</p>';
}
echo $output;
echo wp_kses( $output, UM()->get_allowed_html( 'templates' ) );
remove_filter( 'um_late_escaping_allowed_tags', 'um_form_notices_additional_tags' );
}
add_action( 'um_before_form', 'um_add_update_notice', 500 );
/**
* Extends allowed tags for displaying UM Form notices.
*
* @since 2.6.4
*
* @param array $allowed_html
* @param string $context
* @return array
*/
function um_form_notices_additional_tags( $allowed_html, $context ) {
if ( 'templates' === $context ) {
$allowed_html['i']['onclick'] = true;
}
return $allowed_html;
}
includes/core/um-actions-profile.php
+145 -151
View File
@@ -1,170 +1,169 @@
<?php if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
<?php
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
/**
* Um_profile_content_{main_tab}
* It renders the content of main profile tab.
*
* @param $args
* @param array $args
*/
function um_profile_content_main( $args ) {
if ( ! array_key_exists( 'mode', $args ) ) {
return;
}
$mode = $args['mode'];
/**
* @var $mode
*/
extract( $args );
if ( ! UM()->options()->get( 'profile_tab_main' ) && ! isset( $_REQUEST['um_action'] ) ) {
// phpcs:ignore WordPress.Security.NonceVerification -- $_REQUEST is used for echo only
if ( ! isset( $_REQUEST['um_action'] ) && ! UM()->options()->get( 'profile_tab_main' ) ) {
return;
}
/**
* UM hook
* Filters user's ability to view a profile
*
* @type filter
* @title um_profile_can_view_main
* @description Check user can view profile
* @input_vars
* [{"var":"$view","type":"bool","desc":"Can view?"},
* {"var":"$user_id","type":"int","desc":"User profile ID"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_profile_can_view_main', 'function_name', 10, 2 ); ?>
* @example
* <?php
* add_filter( 'um_profile_can_view_main', 'my_profile_can_view_main', 10, 2 );
* function my_profile_can_view_main( $view, $user_id ) {
* // your code here
* return $view;
* @since 1.3.x
* @hook um_profile_can_view_main
*
* @param {int} $can_view Can view profile. It's -1 by default.
* @param {int} $profile_id User Profile ID.
*
* @return {int} Can view profile. Set it to -1 for displaying and vice versa to hide.
*
* @example <caption>Make profile hidden.</caption>
* function my_profile_can_view_main( $can_view, $profile_id ) {
* $can_view = 1; // make profile hidden.
* return $can_view;
* }
* ?>
* add_filter( 'um_profile_can_view_main', 'my_profile_can_view_main', 10, 2 );
*/
$can_view = apply_filters( 'um_profile_can_view_main', -1, um_profile_id() );
if ( $can_view == -1 ) {
if ( -1 === (int) $can_view ) {
/**
* UM hook
* Fires before UM Form content.
*
* @type action
* @title um_before_form
* @description Some actions before profile form
* @input_vars
* [{"var":"$args","type":"array","desc":"Profile form shortcode arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_before_form', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_before_form', 'my_before_form', 10, 1 );
* @since 1.3.x
* @hook um_before_form
*
* @param {array} $args UM Form shortcode arguments.
*
* @example <caption>Make any custom action before UM form.</caption>
* function my_before_form( $args ) {
* // your code here
* }
* ?>
* add_action( 'um_before_form', 'my_before_form' );
*/
do_action( 'um_before_form', $args );
/**
* UM hook
* Fires before UM Form fields.
*
* @type action
* @title um_before_{$mode}_fields
* @description Some actions before profile form fields
* @input_vars
* [{"var":"$args","type":"array","desc":"{Profile} form shortcode arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_before_{$mode}_fields', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_before_{$mode}_fields', 'my_before_fields', 10, 1 );
* function my_before_form( $args ) {
* Note: $mode can be equals to 'login', 'profile', 'register'.
*
* @since 1.3.x
* @hook um_before_{$mode}_fields
*
* @param {array} $args UM Form shortcode arguments.
*
* @example <caption>Make any custom action before UM Profile form fields.</caption>
* function my_before_profile_fields( $args ) {
* // your code here
* }
* ?>
* add_action( 'um_before_profile_fields', 'my_before_profile_fields' );
* @example <caption>Make any custom action before UM Login form fields.</caption>
* function my_before_login_fields( $args ) {
* // your code here
* }
* add_action( 'um_before_login_fields', 'my_before_login_fields' );
* @example <caption>Make any custom action before UM Register form fields.</caption>
* function my_before_register_fields( $args ) {
* // your code here
* }
* add_action( 'um_before_register_fields', 'my_before_register_fields' );
*/
do_action( "um_before_{$mode}_fields", $args );
/**
* UM hook
* Fires for rendering UM Form fields.
*
* @type action
* @title um_main_{$mode}_fields
* @description Some actions before login form fields
* @input_vars
* [{"var":"$args","type":"array","desc":"Login form shortcode arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_before_{$mode}_fields', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_before_{$mode}_fields', 'my_before_fields', 10, 1 );
* function my_before_form( $args ) {
* Note: $mode can be equals to 'login', 'profile', 'register'.
*
* @since 1.3.x
* @hook um_main_{$mode}_fields
*
* @param {array} $args UM Form shortcode arguments.
*
* @example <caption>Make any custom action when profile form fields are rendered.</caption>
* function my_main_profile_fields( $args ) {
* // your code here
* }
* ?>
* add_action( 'um_main_profile_fields', 'my_main_profile_fields' );
* @example <caption>Make any custom action when login form fields are rendered.</caption>
* function my_main_login_fields( $args ) {
* // your code here
* }
* add_action( 'um_main_login_fields', 'my_main_login_fields' );
* @example <caption>Make any custom action when register form fields are rendered.</caption>
* function my_main_register_fields( $args ) {
* // your code here
* }
* add_action( 'um_main_register_fields', 'my_main_register_fields' );
*/
do_action( "um_main_{$mode}_fields", $args );
/**
* UM hook
* Fires after UM Form fields.
*
* @type action
* @title um_after_form_fields
* @description Some actions after login form fields
* @input_vars
* [{"var":"$args","type":"array","desc":"Login form shortcode arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_after_form_fields', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_after_form_fields', 'my_after_form_fields', 10, 1 );
* @since 1.3.x
* @hook um_after_form_fields
*
* @param {array} $args UM Form shortcode arguments.
*
* @example <caption>Make any custom action after UM Form fields.</caption>
* function my_after_form_fields( $args ) {
* // your code here
* }
* ?>
* add_action( 'um_after_form_fields', 'my_after_form_fields' );
*/
do_action( 'um_after_form_fields', $args );
/**
* UM hook
* Fires after UM Form fields.
*
* @type action
* @title um_after_{$mode}_fields
* @description Some actions after profile form fields
* @input_vars
* [{"var":"$args","type":"array","desc":"Profile form shortcode arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_after_{$mode}_fields', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_after_{$mode}_fields', 'my_after_form_fields', 10, 1 );
* function my_after_form_fields( $args ) {
* Note: $mode can be equals to 'login', 'profile', 'register'.
*
* @since 1.3.x
* @hook um_after_{$mode}_fields
*
* @param {array} $args UM Form shortcode arguments.
*
* @example <caption>Make any custom action after profile form fields.</caption>
* function my_after_profile_fields( $args ) {
* // your code here
* }
* ?>
* add_action( 'um_after_profile_fields', 'my_after_profile_fields' );
* @example <caption>Make any custom action after login form fields.</caption>
* function my_after_login_fields( $args ) {
* // your code here
* }
* add_action( 'um_after_login_fields', 'my_after_login_fields' );
* @example <caption>Make any custom action after register form fields.</caption>
* function my_after_register_fields( $args ) {
* // your code here
* }
* add_action( 'um_after_register_fields', 'my_after_register_fields' );
*/
do_action( "um_after_{$mode}_fields", $args );
/**
* UM hook
* Fires after UM Form content.
*
* @type action
* @title um_after_form
* @description Some actions after profile form fields
* @input_vars
* [{"var":"$args","type":"array","desc":"Profile form shortcode arguments"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_after_form', 'function_name', 10, 1 );
* @example
* <?php
* add_action( 'um_after_form', 'my_after_form', 10, 1 );
* @since 1.3.x
* @hook um_after_form
*
* @param {array} $args UM Form shortcode arguments.
*
* @example <caption>Make any custom action after UM Form content.</caption>
* function my_after_form( $args ) {
* // your code here
* }
* ?>
* add_action( 'um_after_form', 'my_after_form' );
*/
do_action( 'um_after_form', $args );
@@ -173,7 +172,7 @@ function um_profile_content_main( $args ) {
<div class="um-profile-note">
<span>
<i class="um-faicon-lock"></i>
<?php echo $can_view; ?>
<?php echo esc_html( $can_view ); ?>
</span>
</div>
<?php
@@ -181,7 +180,6 @@ function um_profile_content_main( $args ) {
}
add_action( 'um_profile_content_main', 'um_profile_content_main' );
/**
* Update user's profile
*
@@ -1365,54 +1363,50 @@ function um_profile_header( $args ) {
}
add_action( 'um_profile_header', 'um_profile_header', 9 );
/**
* Adds profile permissions to view/edit
* Adds profile permissions to view/edit.
*
* @param $args
* @param array $args
*/
function um_pre_profile_shortcode( $args ) {
/**
* @var $mode
*/
extract( $args );
// It handles only UM Profile forms.
if ( ! array_key_exists( 'mode', $args ) || 'profile' !== $args['mode'] ) {
return;
}
if ( $mode == 'profile' ) {
if ( UM()->fields()->editing ) {
if ( um_get_requested_user() ) {
if ( ! UM()->roles()->um_current_user_can( 'edit', um_get_requested_user() ) ) {
um_redirect_home( um_get_requested_user(), um_is_myprofile() );
}
um_fetch_user( um_get_requested_user() );
if ( UM()->fields()->editing ) {
if ( um_get_requested_user() ) {
if ( ! UM()->roles()->um_current_user_can( 'edit', um_get_requested_user() ) ) {
um_redirect_home( um_get_requested_user(), um_is_myprofile() );
}
um_fetch_user( um_get_requested_user() );
}
} else {
UM()->fields()->viewing = 1;
if ( um_get_requested_user() ) {
if ( ! um_is_myprofile() && ! um_can_view_profile( um_get_requested_user() ) ) {
um_redirect_home( um_get_requested_user(), um_is_myprofile() );
}
if ( ! UM()->roles()->um_current_user_can( 'edit', um_get_requested_user() ) ) {
UM()->user()->cannot_edit = 1;
}
um_fetch_user( um_get_requested_user() );
} else {
UM()->fields()->viewing = 1;
if ( ! is_user_logged_in() ) {
um_redirect_home( um_get_requested_user(), um_is_myprofile() );
}
if ( um_get_requested_user() ) {
if ( ! um_can_view_profile( um_get_requested_user() ) && ! um_is_myprofile() ) {
um_redirect_home( um_get_requested_user(), um_is_myprofile() );
}
if ( ! UM()->roles()->um_current_user_can( 'edit', um_get_requested_user() ) ) {
UM()->user()->cannot_edit = 1;
}
um_fetch_user( um_get_requested_user() );
} else {
if ( ! is_user_logged_in() ) {
um_redirect_home( um_get_requested_user(), um_is_myprofile() );
}
if ( ! um_user( 'can_edit_profile' ) ) {
UM()->user()->cannot_edit = 1;
}
if ( ! um_user( 'can_edit_profile' ) ) {
UM()->user()->cannot_edit = 1;
}
}
}
}
add_action( 'um_pre_profile_shortcode', 'um_pre_profile_shortcode' );
/**
* Display the edit profile icon
*
includes/core/um-actions-register.php
+102 -119
View File
@@ -1,11 +1,13 @@
<?php if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
<?php
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
/**
* Account automatically approved
* Account automatically approved.
*
* @param $user_id
* @param $args
* @param int $user_id
* @param array $args
*/
function um_post_registration_approved_hook( $user_id, $args ) {
um_fetch_user( $user_id );
@@ -14,12 +16,11 @@ function um_post_registration_approved_hook( $user_id, $args ) {
}
add_action( 'um_post_registration_approved_hook', 'um_post_registration_approved_hook', 10, 2 );
/**
* Account needs email validation
* Account needs email validation.
*
* @param $user_id
* @param $args
* @param int $user_id
* @param array $args
*/
function um_post_registration_checkmail_hook( $user_id, $args ) {
um_fetch_user( $user_id );
@@ -28,20 +29,18 @@ function um_post_registration_checkmail_hook( $user_id, $args ) {
}
add_action( 'um_post_registration_checkmail_hook', 'um_post_registration_checkmail_hook', 10, 2 );
/**
* Account needs admin review
* Account needs admin review.
*
* @param $user_id
* @param $args
* @param int $user_id
* @param array $args
*/
function um_post_registration_pending_hook( $user_id, $args ) {
um_fetch_user( $user_id );
UM()->user()->pending();
}
add_action('um_post_registration_pending_hook', 'um_post_registration_pending_hook', 10, 2);
add_action( 'um_post_registration_pending_hook', 'um_post_registration_pending_hook', 10, 2 );
/**
* After insert a new user
@@ -118,7 +117,6 @@ function um_after_insert_user( $user_id, $args ) {
}
add_action( 'um_user_register', 'um_after_insert_user', 1, 2 );
/**
* Send notification about registration
*
@@ -131,7 +129,7 @@ function um_send_registration_notification( $user_id, $args ) {
$emails = um_multi_admin_email();
if ( ! empty( $emails ) ) {
foreach ( $emails as $email ) {
if ( um_user( 'account_status' ) != 'pending' ) {
if ( 'pending' !== um_user( 'account_status' ) ) {
UM()->mail()->send( $email, 'notification_new_user', array( 'admin' => true ) );
} else {
UM()->mail()->send( $email, 'notification_review', array( 'admin' => true ) );
@@ -141,7 +139,6 @@ function um_send_registration_notification( $user_id, $args ) {
}
add_action( 'um_registration_complete', 'um_send_registration_notification', 10, 2 );
/**
* Check user status and redirect it after registration
*
@@ -270,7 +267,6 @@ function um_check_user_status( $user_id, $args ) {
}
add_action( 'um_registration_complete', 'um_check_user_status', 100, 2 );
function um_submit_form_errors_hook__registration( $args ) {
// Check for "\" in password.
if ( array_key_exists( 'user_password', $args ) && false !== strpos( wp_unslash( trim( $args['user_password'] ) ), '\\' ) ) {
@@ -280,68 +276,66 @@ function um_submit_form_errors_hook__registration( $args ) {
add_action( 'um_submit_form_errors_hook__registration', 'um_submit_form_errors_hook__registration', 10, 1 );
/**
* Registration form submit handler
* Registration form submit handler.
*
* @param $args
* @return bool|int|WP_Error
* @param array $args
*/
function um_submit_form_register( $args ) {
if ( isset( UM()->form()->errors ) ) {
return false;
return;
}
/**
* UM hook
* Filters user data submitted by a registration form.
*
* @type filter
* @title um_add_user_frontend_submitted
* @description Extend user data on registration form submit
* @input_vars
* [{"var":"$submitted","type":"array","desc":"Registration data"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_add_user_frontend_submitted', 'function_name', 10, 1 ); ?>
* @example
* <?php
* add_filter( 'um_add_user_frontend_submitted', 'my_add_user_frontend_submitted', 10, 1 );
* Note: Data is already sanitized here.
*
* @since 1.3.x
* @hook um_add_user_frontend_submitted
*
* @param {array} $submitted Submitted registration data.
*
* @return {array} Extended registration data.
*
* @example <caption>Extends registration data.</caption>
* function my_add_user_frontend_submitted( $submitted ) {
* // your code here
* return $submitted;
* }
* ?>
* add_filter( 'um_add_user_frontend_submitted', 'my_add_user_frontend_submitted' );
*/
$args = apply_filters( 'um_add_user_frontend_submitted', $args );
extract( $args );
if ( ! empty( $username ) && empty( $user_login ) ) {
$user_login = $username;
if ( ! empty( $args['user_login'] ) ) {
$user_login = $args['user_login'];
}
if ( ! empty( $args['username'] ) && empty( $args['user_login'] ) ) {
$user_login = $args['username'];
}
if ( ! empty( $first_name ) && ! empty( $last_name ) && empty( $user_login ) ) {
if ( ! empty( $args['first_name'] ) && ! empty( $args['last_name'] ) && empty( $user_login ) ) {
switch ( UM()->options()->get( 'permalink_base' ) ) {
case 'name':
$user_login = str_replace( " ", ".", $first_name . " " . $last_name );
$user_login = str_replace( ' ', '.', $args['first_name'] . ' ' . $args['last_name'] );
break;
case 'name_dash':
$user_login = str_replace( " ", "-", $first_name . " " . $last_name );
$user_login = str_replace( ' ', '-', $args['first_name'] . ' ' . $args['last_name'] );
break;
case 'name_plus':
$user_login = str_replace( " ", "+", $first_name . " " . $last_name );
$user_login = str_replace( ' ', '+', $args['first_name'] . ' ' . $args['last_name'] );
break;
default:
$user_login = str_replace( " ", "", $first_name . " " . $last_name );
$user_login = str_replace( ' ', '', $args['first_name'] . ' ' . $args['last_name'] );
break;
}
$user_login = sanitize_user( strtolower( remove_accents( $user_login ) ), true );
if ( ! empty( $user_login ) ) {
$count = 1;
$count = 1;
$temp_user_login = $user_login;
while ( username_exists( $temp_user_login ) ) {
$temp_user_login = $user_login . $count;
@@ -351,56 +345,57 @@ function um_submit_form_register( $args ) {
}
}
if ( empty( $user_login ) && ! empty( $user_email ) ) {
$user_login = $user_email;
if ( empty( $user_login ) && ! empty( $args['user_email'] ) ) {
$user_login = $args['user_email'];
}
$unique_userID = uniqid();
$unique_user_id = uniqid();
// see dbDelta and WP native DB structure user_login varchar(60)
if ( empty( $user_login ) || mb_strlen( $user_login ) > 60 && ! is_email( $user_login ) ) {
$user_login = 'user' . $unique_userID;
if ( empty( $user_login ) || ( mb_strlen( $user_login ) > 60 && ! is_email( $user_login ) ) ) {
$user_login = 'user' . $unique_user_id;
while ( username_exists( $user_login ) ) {
$unique_userID = uniqid();
$user_login = 'user' . $unique_userID;
$unique_user_id = uniqid();
$user_login = 'user' . $unique_user_id;
}
}
if ( isset( $username ) && is_email( $username ) ) {
$user_email = $username;
if ( isset( $args['username'] ) && is_email( $args['username'] ) ) {
$user_email = $args['username'];
} elseif ( ! empty( $args['user_email'] ) ) {
$user_email = $args['user_email'];
}
if ( ! isset( $user_password ) ) {
if ( ! isset( $args['user_password'] ) ) {
$user_password = UM()->validation()->generate( 8 );
} else {
$user_password = $args['user_password'];
}
if ( empty( $user_email ) ) {
$site_url = @$_SERVER['SERVER_NAME'];
$user_email = 'nobody' . $unique_userID . '@' . $site_url;
$site_url = wp_parse_url( get_site_url(), PHP_URL_HOST );
$user_email = 'nobody' . $unique_user_id . '@' . $site_url;
while ( email_exists( $user_email ) ) {
$unique_userID = uniqid();
$user_email = 'nobody' . $unique_userID . '@' . $site_url;
$unique_user_id = uniqid();
$user_email = 'nobody' . $unique_user_id . '@' . $site_url;
}
/**
* UM hook
* Filters change user default email if it's empty on registration.
*
* @type filter
* @title um_user_register_submitted__email
* @description Change user default email if it's empty on registration
* @input_vars
* [{"var":"$user_email","type":"string","desc":"Default email"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_user_register_submitted__email', 'function_name', 10, 1 ); ?>
* @example
* <?php
* add_filter( 'um_user_register_submitted__email', 'my_user_register_submitted__email', 10, 1 );
* @since 1.3.x
* @hook um_user_register_submitted__email
*
* @param {string} $user_email Default email.
*
* @return {string} Default customized email.
*
* @example <caption>Change user default email if it's empty on registration.</caption>
* function my_user_register_submitted__email( $user_email ) {
* // your code here
* return $user_email;
* }
* ?>
* add_filter( 'um_user_register_submitted__email', 'my_user_register_submitted__email' );
*/
$user_email = apply_filters( 'um_user_register_submitted__email', $user_email );
}
@@ -417,10 +412,10 @@ function um_submit_form_register( $args ) {
$args['submitted'] = array_merge( $args['submitted'], $credentials );
// set timestamp
$timestamp = current_time( 'timestamp' );
// Set registration timestamp.
$timestamp = current_time( 'timestamp' ); // @todo Working on timestamps.
$args['submitted']['timestamp'] = $timestamp;
$args['timestamp'] = $timestamp;
$args['timestamp'] = $timestamp;
$args = array_merge( $args, $credentials );
@@ -433,70 +428,58 @@ function um_submit_form_register( $args ) {
$exclude_roles = array_diff( array_keys( $wp_roles->roles ), UM()->roles()->get_editable_user_roles() );
//if role is properly set it
if ( ! in_array( $args['role'], $exclude_roles ) ) {
if ( ! in_array( $args['role'], $exclude_roles, true ) ) {
$user_role = $args['role'];
}
}
/**
* UM hook
* Filters change user role on registration process
*
* @type filter
* @title um_registration_user_role
* @description Change user role on registration process
* @input_vars
* [{"var":"$role","type":"string","desc":"User role"},
* {"var":"$submitted","type":"array","desc":"Registration data"}]
* @change_log
* ["Since: 2.0"]
* @usage
* <?php add_filter( 'um_registration_user_role', 'function_name', 10, 2 ); ?>
* @example
* <?php
* add_filter( 'um_registration_user_role', 'my_registration_user_role', 10, 2 );
* function my_user_register_submitted__email( $role, $submitted ) {
* @since 2.0
* @hook um_registration_user_role
*
* @param {string} $user_role User role.
* @param {array} $args Registration data.
*
* @return {string} User role.
*
* @example <caption>Change user role on registration process.</caption>
* function my_registration_user_role( $user_role, $args ) {
* // your code here
* return $role;
* return $user_role;
* }
* ?>
* add_filter( 'um_registration_user_role', 'my_registration_user_role', 10, 2 );
*/
$user_role = apply_filters( 'um_registration_user_role', $user_role, $args );
$userdata = array(
'user_login' => $user_login,
'user_pass' => $user_password,
'user_email' => $user_email,
'role' => $user_role,
'user_login' => $user_login,
'user_pass' => $user_password,
'user_email' => $user_email,
'role' => $user_role,
);
$user_id = wp_insert_user( $userdata );
/**
* UM hook
* Fires after complete UM user registration.
*
* @type action
* @title um_user_register
* @description After complete UM user registration.
* @input_vars
* [{"var":"$user_id","type":"int","desc":"User ID"},
* {"var":"$args","type":"array","desc":"Form data"}]
* @change_log
* ["Since: 2.0"]
* @usage add_action( 'um_user_register', 'function_name', 10, 2 );
* @example
* <?php
* add_action( 'um_user_register', 'my_user_register', 10, 2 );
* function my_user_register( $user_id, $args ) {
* @since 2.0
* @hook um_user_register
*
* @param {int} $user_id User ID.
* @param {array} $args Form data.
*
* @example <caption>Make any custom action after complete UM user registration.</caption>
* function my_um_user_register( $user_id, $args ) {
* // your code here
* }
* ?>
* add_action( 'um_user_register', 'my_um_user_register', 10, 2 );
*/
do_action( 'um_user_register', $user_id, $args );
return $user_id;
}
add_action( 'um_submit_form_register', 'um_submit_form_register', 10 );
add_action( 'um_submit_form_register', 'um_submit_form_register' );
/**
* Show the submit button