diff --git a/includes/core/class-validation.php b/includes/core/class-validation.php index 6f088f26..f48a9adb 100644 --- a/includes/core/class-validation.php +++ b/includes/core/class-validation.php @@ -73,7 +73,7 @@ if ( ! class_exists( 'um\core\Validation' ) ) { } //validation of correct values from options in wp-admin - if ( in_array( $fields[ $key ]['type'], array( 'select', 'radio' ) ) && + if ( in_array( $fields[ $key ]['type'], array( 'select' ) ) && isset( $value ) && ! empty( $fields[ $key ]['options'] ) && ! in_array( $value, $fields[ $key ]['options'] ) ) { unset( $changes[ $key ] ); @@ -81,7 +81,7 @@ if ( ! class_exists( 'um\core\Validation' ) ) { //validation of correct values from options in wp-admin //the user cannot set invalid value in the hidden input at the page - if ( in_array( $fields[ $key ]['type'], array( 'multiselect', 'checkbox' ) ) && + if ( in_array( $fields[ $key ]['type'], array( 'multiselect', 'checkbox', 'radio' ) ) && isset( $value ) && ! empty( $fields[ $key ]['options'] ) ) { $changes[ $key ] = array_intersect( $value, $fields[ $key ]['options'] ); diff --git a/includes/core/um-actions-profile.php b/includes/core/um-actions-profile.php index ba470faa..ad117070 100644 --- a/includes/core/um-actions-profile.php +++ b/includes/core/um-actions-profile.php @@ -247,7 +247,7 @@ function um_user_edit_profile( $args ) { } //validation of correct values from options in wp-admin - if ( in_array( $array['type'], array( 'select', 'radio' ) ) && + if ( in_array( $array['type'], array( 'select' ) ) && isset( $args['submitted'][ $key ] ) && ! empty( $array['options'] ) && ! in_array( $args['submitted'][ $key ], $array['options'] ) ) { continue; @@ -255,7 +255,7 @@ function um_user_edit_profile( $args ) { //validation of correct values from options in wp-admin //the user cannot set invalid value in the hidden input at the page - if ( in_array( $array['type'], array( 'multiselect', 'checkbox' ) ) && + if ( in_array( $array['type'], array( 'multiselect', 'checkbox', 'radio' ) ) && isset( $args['submitted'][ $key ] ) && ! empty( $array['options'] ) ) { $args['submitted'][ $key ] = array_intersect( $args['submitted'][ $key ], $array['options'] ); diff --git a/includes/core/um-filters-fields.php b/includes/core/um-filters-fields.php index d9aab8c2..66c87e88 100644 --- a/includes/core/um-filters-fields.php +++ b/includes/core/um-filters-fields.php @@ -658,14 +658,38 @@ function um_profile_field_filter_xss_validation( $value, $data, $type = '' ) { $value = stripslashes( $value ); $data['validate'] = isset( $data['validate'] ) ? $data['validate'] : ''; - if( 'text' == $type && ! in_array( $data['validate'], array( 'unique_email' ) ) || 'password' == $type ) { + if ( 'text' == $type && ! in_array( $data['validate'], array( 'unique_email' ) ) || 'password' == $type ) { $value = esc_attr( $value ); - } elseif( $type == 'url' ) { + } elseif ( $type == 'url' ) { $value = esc_url( $value ); } elseif ( 'textarea' == $type ) { if ( empty( $data['html'] ) ) { $value = wp_kses_post( $value ); } + } elseif ( 'rating' == $type ) { + if ( ! is_numeric( $value ) ) { + $value = 0; + } else { + if ( $data['number'] == 5 ) { + if ( ! in_array( $value, range( 1, 5 ) ) ) { + $value = 0; + } + } elseif ( $data['number'] == 10 ) { + if ( ! in_array( $value, range( 1, 10 ) ) ) { + $value = 0; + } + } + } + } elseif ( 'select' == $type || 'radio' == $type ) { + if ( ! empty( $data['options'] ) && ! in_array( $value, $data['options'] ) ) { + $value = ''; + } + } + } elseif ( ! empty( $value ) ) { + if ( 'multiselect' == $type || 'checkbox' == $type ) { + if ( ! empty( $data['options'] ) && is_array( $value ) ) { + $value = array_intersect( $value, $data['options'] ); + } } } diff --git a/ultimate-member.php b/ultimate-member.php index 821dc922..db436234 100644 --- a/ultimate-member.php +++ b/ultimate-member.php @@ -3,7 +3,7 @@ Plugin Name: Ultimate Member Plugin URI: http://ultimatemember.com/ Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress -Version: 2.0.45 +Version: 2.0.46-beta1 Author: Ultimate Member Author URI: http://ultimatemember.com/ Text Domain: ultimate-member