10h30/ultimatemember
1
0
Fork 0
mirror of https://github.com/10h30/ultimatemember.git synced 2026-06-05 15:09:37 +09:00
Code Issues Packages Projects Releases Wiki Activity

Refactor form request checks to simplify and optimize logic

Browse Source 
Simplified conditional checks for password and account form submissions by replacing `isset` with `!empty` where applicable. This improves readability and reduces redundancy while maintaining functionality and security. Added comments to clarify nonce verification status.
This commit is contained in:
Mykyta Synelnikov
2025-05-12 15:39:52 +03:00
parent fd558079f0
commit 9804b92583
2 changed files with 10 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files
includes/core/class-password.php
+8 -12
View File
@@ -219,14 +219,9 @@ if ( ! class_exists( 'um\core\Password' ) ) {
*/
public function is_reset_request() {
// phpcs:ignore WordPress.Security.NonceVerification -- already verified here
if ( isset( $_POST['_um_password_reset'] ) && 1 === absint( $_POST['_um_password_reset'] ) ) {
return true;
}
return false;
return ! empty( $_POST['_um_password_reset'] );
}
/**
* Check if a legitimate password change request is in action
*
@@ -234,17 +229,19 @@ if ( ! class_exists( 'um\core\Password' ) ) {
*
* @return bool
*/
function is_change_request() {
if ( isset( $_POST['_um_account'] ) == 1 && isset( $_POST['_um_account_tab'] ) && sanitize_key( $_POST['_um_account_tab'] ) === 'password' ) {
public function is_change_request() {
// phpcs:ignore WordPress.Security.NonceVerification -- already verified here
if ( ! empty( $_POST['_um_account'] ) && isset( $_POST['_um_account_tab'] ) && 'password' === sanitize_key( $_POST['_um_account_tab'] ) ) {
return true;
} elseif ( isset( $_POST['_um_password_change'] ) && $_POST['_um_password_change'] == 1 ) {
}
if ( ! empty( $_POST['_um_password_change'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification -- already verified here
return true;
}
return false;
}
/**
* Password page form
*/
@@ -483,7 +480,6 @@ if ( ! class_exists( 'um\core\Password' ) ) {
exit;
}
/**
* Error handler: changing password
*
@@ -496,7 +492,7 @@ if ( ! class_exists( 'um\core\Password' ) ) {
wp_die( esc_html__( 'Hello, spam bot!', 'ultimate-member' ) );
}
if ( isset( $args['_um_account'] ) == 1 && isset( $args['_um_account_tab'] ) && 'password' === sanitize_key( $args['_um_account_tab'] ) ) {
if ( ! empty( $args['_um_account'] ) && isset( $args['_um_account_tab'] ) && 'password' === sanitize_key( $args['_um_account_tab'] ) ) {
// validate for security on the account change password page
if ( ! is_user_logged_in() ) {
wp_die( esc_html__( 'This is not possible for security reasons.', 'ultimate-member' ) );
includes/um-short-functions.php
+2 -7
View File
@@ -1376,21 +1376,16 @@ function um_get_metadefault( $id ) {
return isset( $core_form_meta_all[ '_um_' . $id ] ) ? $core_form_meta_all[ '_um_' . $id ] : '';
}
/**
* boolean for account page editing
*
* @return bool
*/
function um_submitting_account_page() {
if ( isset( $_POST['_um_account'] ) && $_POST['_um_account'] == 1 && is_user_logged_in() ) {
return true;
}
return false;
// phpcs:ignore WordPress.Security.NonceVerification -- already verified here
return ( ! empty( $_POST['_um_account'] ) && is_user_logged_in() );
}
/**
* Get a user's display name
*