mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-06-05 15:09:37 +09:00
- add um safe redirect
This commit is contained in:
ashubawork
@@ -63,7 +63,7 @@ if ( ! class_exists( 'um\core\Login' ) ) {
|
||||
if ( empty( $args['_wpnonce'] ) || ! wp_verify_nonce( $args['_wpnonce'], 'um_login_form' ) ) {
|
||||
// @todo add hookdocs
|
||||
$url = apply_filters( 'um_login_invalid_nonce_redirect_url', add_query_arg( array( 'err' => 'invalid_nonce' ) ) );
|
||||
wp_safe_redirect( $url );
|
||||
um_safe_redirect( $url );
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -74,8 +74,8 @@ if ( ! class_exists( 'um\core\Logout' ) ) {
|
||||
wp_destroy_current_session();
|
||||
wp_logout();
|
||||
session_unset();
|
||||
exit( wp_safe_redirect( esc_url_raw( $_REQUEST['redirect_to'] ) ) );
|
||||
} else if ( 'redirect_home' === um_user( 'after_logout' ) ) {
|
||||
um_safe_redirect( esc_url_raw( $_REQUEST['redirect_to'] ) );
|
||||
} elseif ( 'redirect_home' === um_user( 'after_logout' ) ) {
|
||||
wp_destroy_current_session();
|
||||
wp_logout();
|
||||
session_unset();
|
||||
@@ -107,14 +107,12 @@ if ( ! class_exists( 'um\core\Logout' ) ) {
|
||||
wp_destroy_current_session();
|
||||
wp_logout();
|
||||
session_unset();
|
||||
exit( wp_safe_redirect( $redirect_url ) );
|
||||
um_safe_redirect( $redirect_url );
|
||||
}
|
||||
|
||||
} else {
|
||||
add_filter( 'wp_safe_redirect_fallback', array( &$this, 'safe_redirect_default' ), 10, 2 );
|
||||
exit( wp_safe_redirect( home_url() ) );
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -57,7 +57,7 @@ if ( ! class_exists( 'um\core\Register' ) ) {
|
||||
if ( empty( $args['_wpnonce'] ) || ! wp_verify_nonce( $args['_wpnonce'], 'um_register_form' ) ) {
|
||||
// @todo add hookdocs
|
||||
$url = apply_filters( 'um_register_invalid_nonce_redirect_url', add_query_arg( array( 'err' => 'invalid_nonce' ) ) );
|
||||
wp_safe_redirect( $url );
|
||||
um_safe_redirect( $url );
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -217,7 +217,7 @@ function um_user_login( $submitted_data ) {
|
||||
|
||||
// Priority redirect from $_GET attribute.
|
||||
if ( ! empty( $submitted_data['redirect_to'] ) ) {
|
||||
wp_safe_redirect( $submitted_data['redirect_to'] );
|
||||
um_safe_redirect( $submitted_data['redirect_to'] );
|
||||
exit;
|
||||
}
|
||||
|
||||
@@ -252,7 +252,7 @@ function um_user_login( $submitted_data ) {
|
||||
* add_filter( 'um_login_redirect_url', 'my_login_redirect_url', 10, 2 );
|
||||
*/
|
||||
$redirect_url = apply_filters( 'um_login_redirect_url', um_user( 'login_redirect_url' ), um_user( 'ID' ) );
|
||||
wp_safe_redirect( $redirect_url );
|
||||
um_safe_redirect( $redirect_url );
|
||||
exit;
|
||||
case 'refresh':
|
||||
wp_safe_redirect( UM()->permalinks()->get_current_url() );
|
||||
|
||||
@@ -204,14 +204,14 @@ function um_check_user_status( $user_id, $args, $form_data = null ) {
|
||||
|
||||
// Priority redirect
|
||||
if ( isset( $args['redirect_to'] ) ) {
|
||||
wp_safe_redirect( urldecode( $args['redirect_to'] ) );
|
||||
um_safe_redirect( urldecode( $args['redirect_to'] ) );
|
||||
exit;
|
||||
}
|
||||
|
||||
um_fetch_user( $user_id );
|
||||
|
||||
if ( 'redirect_url' === um_user( 'auto_approve_act' ) && '' !== um_user( 'auto_approve_url' ) ) {
|
||||
wp_safe_redirect( um_user( 'auto_approve_url' ) );
|
||||
um_safe_redirect( um_user( 'auto_approve_url' ));
|
||||
exit;
|
||||
}
|
||||
|
||||
@@ -246,7 +246,7 @@ function um_check_user_status( $user_id, $args, $form_data = null ) {
|
||||
*/
|
||||
$redirect_url = apply_filters( 'um_registration_pending_user_redirect', um_user( $status . '_url' ), $status, um_user( 'ID' ) );
|
||||
|
||||
wp_safe_redirect( $redirect_url );
|
||||
um_safe_redirect( $redirect_url );
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
@@ -2841,3 +2841,117 @@ function um_is_amp( $check_theme_support = true ) {
|
||||
|
||||
return apply_filters( 'um_is_amp', $is_amp );
|
||||
}
|
||||
|
||||
/**
|
||||
* UM safe redirect
|
||||
*
|
||||
* @since 2.6.9
|
||||
*
|
||||
* @param string $url redirect URL.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
function um_safe_redirect( $url ) {
|
||||
add_filter( 'allowed_redirect_hosts', 'um_allowed_redirect_hosts', 10, 1 );
|
||||
add_filter( 'wp_safe_redirect_fallback', 'um_wp_safe_redirect_fallback', 10, 2 );
|
||||
|
||||
wp_safe_redirect( $url );
|
||||
exit;
|
||||
}
|
||||
|
||||
/**
|
||||
* UM allowed hosts
|
||||
*
|
||||
* @since 2.6.9
|
||||
*
|
||||
* @param array $hosts allowed hosts.
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
function um_allowed_redirect_hosts( $hosts ) {
|
||||
$hosts = UM()->options()->get( 'secure_allowed_redirect_hosts' );
|
||||
|
||||
$hosts = explode( "\n", $hosts );
|
||||
$hosts = array_unique( $hosts );
|
||||
|
||||
$additional_hosts = array();
|
||||
|
||||
foreach ( $hosts as $key => $host ) {
|
||||
if ( '' !== trim( $host ) ) {
|
||||
$host = trim( $host );
|
||||
$host = str_replace( array( 'http://', 'https://' ), '', $host );
|
||||
$host = trim( $host, '/' );
|
||||
|
||||
if ( ! in_array( $host, $additional_hosts, true ) ) {
|
||||
$additional_hosts[] = $host;
|
||||
}
|
||||
|
||||
if ( strpos( $host, 'www.' ) !== false ) {
|
||||
if ( ! in_array( str_replace( array( 'www.' ), '', $host ), $additional_hosts, true ) ) {
|
||||
$additional_hosts[] = str_replace( array( 'www.' ), '', $host );
|
||||
}
|
||||
} else {
|
||||
if ( ! in_array( 'www.' . $host, $additional_hosts, true ) ) {
|
||||
$additional_hosts[] = 'www.' . $host;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
/**
|
||||
* Filters change allowed hosts.
|
||||
*
|
||||
* @since 2.6.9
|
||||
* @hook um_allowed_redirect_hosts
|
||||
*
|
||||
* @param {array} $additional_hosts allowed hosts.
|
||||
* @param {array} $hosts default hosts.
|
||||
*
|
||||
* @return {array} allowed hosts.
|
||||
*
|
||||
* @example <caption>Change allowed hosts.</caption>
|
||||
* function my_um_allowed_redirect_hosts( $additional_hosts, $hosts ) {
|
||||
* // your code here
|
||||
* return $allowed_hosts;
|
||||
* }
|
||||
* add_filter( 'um_allowed_redirect_hosts', 'my_um_allowed_redirect_hosts', 10, 2 );
|
||||
*/
|
||||
$additional_hosts = apply_filters( 'um_allowed_redirect_hosts', $additional_hosts, $hosts );
|
||||
|
||||
$allowed_hosts = array_merge( $hosts, $additional_hosts );
|
||||
|
||||
return $allowed_hosts;
|
||||
}
|
||||
|
||||
/**
|
||||
* UM fallback redirect URL
|
||||
*
|
||||
* @since 2.6.9
|
||||
*
|
||||
* @param string $url fallback URL.
|
||||
* @param string $status redirect status.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
function um_wp_safe_redirect_fallback( $url, $status ) {
|
||||
/**
|
||||
* Filters change fallback URL.
|
||||
*
|
||||
* @since 2.6.9
|
||||
* @hook um_wp_safe_redirect_fallback
|
||||
*
|
||||
* @param {string} $url fallback URL.
|
||||
* @param {string} $status status.
|
||||
*
|
||||
* @return {string} fallback URL.
|
||||
*
|
||||
* @example <caption>Change fallback URL.</caption>
|
||||
* function my_um_wp_safe_redirect_fallback( $url, $status ) {
|
||||
* // your code here
|
||||
* return $url;
|
||||
* }
|
||||
* add_filter( 'um_wp_safe_redirect_fallback', 'my_um_wp_safe_redirect_fallback', 10, 2 );
|
||||
*/
|
||||
$url = apply_filters( 'um_wp_safe_redirect_fallback', home_url( '/' ), $status );
|
||||
|
||||
return $url;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user