mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-06-05 15:09:37 +09:00
- file uploading/downloading fixes;
This commit is contained in:
nikitozzzzzzz
@@ -54,6 +54,12 @@ if ( ! class_exists( 'UM' ) ) {
|
||||
public $is_filtering;
|
||||
|
||||
|
||||
/**
|
||||
* @var
|
||||
*/
|
||||
public $permalinks;
|
||||
|
||||
|
||||
/**
|
||||
* @var array Languages
|
||||
*/
|
||||
@@ -173,6 +179,9 @@ if ( ! class_exists( 'UM' ) ) {
|
||||
* @since 2.0.18
|
||||
*/
|
||||
function _um_construct() {
|
||||
if ( get_option( 'permalink_structure' ) )
|
||||
$this->permalinks = true;
|
||||
|
||||
//register autoloader for include UM classes
|
||||
spl_autoload_register( array( $this, 'um__autoloader' ) );
|
||||
|
||||
|
||||
@@ -2232,10 +2232,10 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
$output .= '<div class="um-field-area" style="text-align: center">';
|
||||
if ($this->field_value( $key, $default, $data )) {
|
||||
if ( ! in_array( $key, array( 'profile_photo', 'cover_photo' ) ) ) {
|
||||
if (isset( $this->set_mode ) && $this->set_mode == 'register') {
|
||||
if ( isset( $this->set_mode ) && $this->set_mode == 'register' ) {
|
||||
$imgValue = UM()->uploader()->get_core_temp_url() . "/" . $this->field_value( $key, $default, $data );
|
||||
} else {
|
||||
$imgValue = UM()->uploader()->get_upload_base_url() . um_user( 'ID' ) . '/' . $this->field_value( $key, $default, $data );
|
||||
$imgValue = UM()->files()->get_download_link( $this->set_id, $key, um_user( 'ID' ) );
|
||||
}
|
||||
$img = '<img src="' . $imgValue . '" alt="" />';
|
||||
} else {
|
||||
@@ -2289,7 +2289,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
if (isset( $data['label'] )) {
|
||||
$output .= $this->field_label( $label, $key, $data );
|
||||
}
|
||||
$modal_label = ( isset( $data['label'] ) ) ? $data['label'] : __( 'Upload Photo', 'ultimate-member' );
|
||||
$modal_label = ( isset( $data['label'] ) ) ? $data['label'] : __( 'Upload File', 'ultimate-member' );
|
||||
$output .= '<div class="um-field-area" style="text-align: center">';
|
||||
if ($this->field_value( $key, $default, $data )) {
|
||||
$file_field_value = $this->field_value( $key, $default, $data );
|
||||
@@ -2310,7 +2310,7 @@ if ( ! class_exists( 'um\core\Fields' ) ) {
|
||||
$file_url = UM()->uploader()->get_core_temp_url() . DIRECTORY_SEPARATOR . $this->field_value( $key, $default, $data );
|
||||
$file_dir = UM()->uploader()->get_core_temp_dir() . DIRECTORY_SEPARATOR . $this->field_value( $key, $default, $data );
|
||||
} else {
|
||||
$file_url = UM()->uploader()->get_upload_base_url() . um_user( 'ID' ) . '/' . $this->field_value( $key, $default, $data );
|
||||
$file_url = UM()->files()->get_download_link( $this->set_id, $key, um_user( 'ID' ) );
|
||||
$file_dir = UM()->uploader()->get_upload_base_dir() . um_user( 'ID' ) . DIRECTORY_SEPARATOR . $this->field_value( $key, $default, $data );
|
||||
}
|
||||
|
||||
|
||||
@@ -39,6 +39,9 @@ if ( ! class_exists( 'um\core\Files' ) ) {
|
||||
|
||||
$this->setup_paths();
|
||||
|
||||
//add_action( 'template_redirect', array( &$this, 'file_download' ) );
|
||||
add_action( 'template_redirect', array( &$this, 'download_routing' ) );
|
||||
|
||||
$this->fonticon = array(
|
||||
'pdf' => array('icon' => 'um-faicon-file-pdf-o', 'color' => '#D24D4D' ),
|
||||
'txt' => array('icon' => 'um-faicon-file-text-o' ),
|
||||
@@ -66,6 +69,144 @@ if ( ! class_exists( 'um\core\Files' ) ) {
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* File download link generate
|
||||
*
|
||||
* @param int $form_id
|
||||
* @param string $field_key
|
||||
* @param int $user_id
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
function get_download_link( $form_id, $field_key, $user_id ) {
|
||||
$field_key = urlencode( $field_key );
|
||||
|
||||
if ( UM()->permalinks ) {
|
||||
$url = get_site_url( get_current_blog_id() );
|
||||
$nonce = wp_create_nonce( $user_id . $form_id . 'um-download-nonce' );
|
||||
return $url . "/um-download/{$form_id}/{$field_key}/{$user_id}/{$nonce}";
|
||||
} else {
|
||||
$url = get_site_url( get_current_blog_id() );
|
||||
$nonce = wp_create_nonce( $user_id . $form_id . 'um-download-nonce' );
|
||||
return add_query_arg( array( 'um_action' => 'download', 'um_form' => $form_id, 'um_field' => $field_key, 'um_user' => $user_id, 'um_verify' => $nonce ), $url );
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @return bool
|
||||
*/
|
||||
function download_routing() {
|
||||
if ( 'download' !== get_query_var( 'um_action' ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if ( empty( get_query_var( 'um_form' ) ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$form_id = get_query_var( 'um_form' );
|
||||
|
||||
if ( empty( get_query_var( 'um_field' ) ) ) {
|
||||
return false;
|
||||
}
|
||||
$field_key = urldecode( get_query_var( 'um_field' ) );
|
||||
|
||||
if ( empty( get_query_var( 'um_user' ) ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$user_id = get_query_var( 'um_user' );
|
||||
$user = get_userdata( $user_id );
|
||||
|
||||
if ( empty( $user ) || is_wp_error( $user ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if ( empty( get_query_var( 'um_verify' ) ) ||
|
||||
! wp_verify_nonce( get_query_var( 'um_verify' ), $user_id . $form_id . 'um-download-nonce' ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
um_fetch_user( $user_id );
|
||||
$field_data = get_post_meta( $form_id, '_um_custom_fields', true );
|
||||
if ( empty( $field_data[ $field_key ] ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if ( ! um_can_view_field( $field_data[ $field_key ] ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$field_value = UM()->fields()->field_value( $field_key );
|
||||
if ( empty( $field_value ) ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$download_type = $field_data[ $field_key ]['type'];
|
||||
|
||||
if ( $download_type === 'file' ) {
|
||||
$this->file_download( $user_id, $field_key, $field_value );
|
||||
} else {
|
||||
$this->image_download( $user_id, $field_key, $field_value );
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param $user_id
|
||||
* @param $field_key
|
||||
* @param $field_value
|
||||
*/
|
||||
function image_download( $user_id, $field_key, $field_value ) {
|
||||
$file_path = UM()->uploader()->get_upload_base_dir() . $user_id . DIRECTORY_SEPARATOR . $field_value;
|
||||
$file_info = get_user_meta( $user_id, $field_key . "_metadata", true );
|
||||
|
||||
$size = filesize( $file_path );
|
||||
$originalname = $file_info['original_name'];
|
||||
$type = $file_info['type'];
|
||||
|
||||
header('Content-Description: File Transfer');
|
||||
header('Content-Type: ' . $type );
|
||||
header('Content-Disposition: inline; filename="' . $originalname . '"');
|
||||
header('Content-Transfer-Encoding: binary');
|
||||
header('Expires: 0');
|
||||
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
|
||||
header('Pragma: public');
|
||||
header('Content-Length: ' . $size);
|
||||
readfile( $file_path );
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param $user_id
|
||||
* @param $field_key
|
||||
* @param $field_value
|
||||
*/
|
||||
function file_download( $user_id, $field_key, $field_value ) {
|
||||
$file_path = UM()->uploader()->get_upload_base_dir() . $user_id . DIRECTORY_SEPARATOR . $field_value;
|
||||
$file_info = get_user_meta( $user_id, $field_key . "_metadata", true );
|
||||
|
||||
$size = filesize( $file_path );
|
||||
$originalname = $file_info['original_name'];
|
||||
$type = $file_info['type'];
|
||||
|
||||
header('Content-Description: File Transfer');
|
||||
header('Content-Type: ' . $type );
|
||||
header('Content-Disposition: attachment; filename="' . $originalname . '"');
|
||||
header('Content-Transfer-Encoding: binary');
|
||||
header('Expires: 0');
|
||||
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
|
||||
header('Pragma: public');
|
||||
header('Content-Length: ' . $size);
|
||||
readfile( $file_path );
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Remove file by AJAX
|
||||
*/
|
||||
|
||||
@@ -44,6 +44,8 @@ if ( ! class_exists( 'um\core\Rewrite' ) ) {
|
||||
|
||||
$public_query_vars[] = 'um_page';
|
||||
$public_query_vars[] = 'um_action';
|
||||
$public_query_vars[] = 'um_field';
|
||||
$public_query_vars[] = 'um_form';
|
||||
$public_query_vars[] = 'um_resource';
|
||||
$public_query_vars[] = 'um_method';
|
||||
$public_query_vars[] = 'um_verify';
|
||||
@@ -63,6 +65,7 @@ if ( ! class_exists( 'um\core\Rewrite' ) ) {
|
||||
$newrules = array();
|
||||
|
||||
$newrules['um-api/([^/]+)/([^/]+)/([^/]+)/([^/]+)/?$'] = 'index.php?um_page=api&um_action=$matches[1]&um_resource=$matches[2]&um_method=$matches[3]&um_verify=$matches[4]';
|
||||
$newrules['um-download/([^/]+)/([^/]+)/([^/]+)/([^/]+)/?$'] = 'index.php?um_action=download&um_form=$matches[1]&um_field=$matches[2]&um_user=$matches[3]&um_verify=$matches[4]';
|
||||
|
||||
if ( isset( UM()->config()->permalinks['user'] ) ) {
|
||||
|
||||
|
||||
@@ -1673,7 +1673,6 @@ if ( ! class_exists( 'um\core\User' ) ) {
|
||||
|
||||
// update user
|
||||
if ( count( $args ) > 1 ) {
|
||||
|
||||
//if isset roles argument validate role to properly for security reasons
|
||||
if ( isset( $args['role'] ) ) {
|
||||
global $wp_roles;
|
||||
|
||||
@@ -229,9 +229,9 @@ function um_user_edit_profile( $args ) {
|
||||
}
|
||||
|
||||
if ( isset( $args['submitted'][ $key ] ) ) {
|
||||
|
||||
if ( isset( $fields[ $key ]['type'] ) && in_array( $fields[ $key ]['type'], array( 'image', 'file' ) ) &&
|
||||
( um_is_temp_file( $args['submitted'][ $key ] ) || $args['submitted'][ $key ] == 'empty_file' ) ) {
|
||||
( /*um_is_file_owner( UM()->uploader()->get_upload_base_url() . um_user( 'ID' ) . '/' . $args['submitted'][ $key ], um_user( 'ID' ) ) ||*/
|
||||
um_is_temp_file( $args['submitted'][ $key ] ) || $args['submitted'][ $key ] == 'empty_file' ) ) {
|
||||
|
||||
$files[ $key ] = $args['submitted'][ $key ];
|
||||
|
||||
|
||||
@@ -223,26 +223,26 @@ add_filter( 'um_profile_field_filter_hook__date', 'um_profile_field_filter_hook_
|
||||
* @return string
|
||||
*/
|
||||
function um_profile_field_filter_hook__file( $value, $data ) {
|
||||
$uri = UM()->uploader()->get_upload_base_url() . um_user( 'ID' ) . '/' . $value;
|
||||
$file_type = wp_check_filetype( $value );
|
||||
|
||||
$uri = UM()->files()->get_download_link( UM()->fields()->set_id, $data['metakey'], um_user( 'ID' ) );
|
||||
|
||||
if ( ! file_exists( UM()->uploader()->get_upload_base_dir() . um_user( 'ID' ) . DIRECTORY_SEPARATOR . $value ) ) {
|
||||
$value = __('This file has been removed.','ultimate-member');
|
||||
$value = __( 'This file has been removed.', 'ultimate-member' );
|
||||
} else {
|
||||
$file_info = um_user( $data['metakey']."_metadata" );
|
||||
if( isset( $file_info['original_name'] ) && ! empty( $file_info['original_name'] ) ){
|
||||
$file_info = um_user( $data['metakey'] . "_metadata" );
|
||||
if ( ! empty( $file_info['original_name'] ) ) {
|
||||
$value = $file_info['original_name'];
|
||||
}
|
||||
$value = '<div class="um-single-file-preview show">
|
||||
<div class="um-single-fileinfo">
|
||||
<a href="' . $uri . '" target="_blank">
|
||||
<a href="' . esc_attr( $uri ) . '" target="_blank">
|
||||
<span class="icon" style="background:'. UM()->files()->get_fonticon_bg_by_ext( $file_type['ext'] ) . '"><i class="'. UM()->files()->get_fonticon_by_ext( $file_type['ext'] ) .'"></i></span>
|
||||
<span class="filename">' . esc_attr( $value ) . '</span>
|
||||
</a>
|
||||
</div>
|
||||
</div>';
|
||||
}
|
||||
|
||||
|
||||
return $value;
|
||||
}
|
||||
add_filter( 'um_profile_field_filter_hook__file', 'um_profile_field_filter_hook__file', 99, 2 );
|
||||
@@ -257,15 +257,15 @@ add_filter( 'um_profile_field_filter_hook__file', 'um_profile_field_filter_hook_
|
||||
* @return string
|
||||
*/
|
||||
function um_profile_field_filter_hook__image( $value, $data ) {
|
||||
$uri = UM()->uploader()->get_upload_base_url() . um_user( 'ID' ) . '/' . $value;
|
||||
$title = ( isset( $data['title'] ) ) ? $data['title'] : __('Untitled photo');
|
||||
$uri = UM()->files()->get_download_link( UM()->fields()->set_id, $data['metakey'], um_user( 'ID' ) );
|
||||
$title = ( isset( $data['title'] ) ) ? $data['title'] : __( 'Untitled photo', 'ultimate-member' );
|
||||
|
||||
// if value is an image tag
|
||||
if( preg_match( '/\<img.*src=\"([^"]+).*/', $value, $matches ) ) {
|
||||
$uri = $matches[1];
|
||||
$value = '<div class="um-photo"><a href="#" class="um-photo-modal" data-src="'.$uri.'"><img src="'. $uri .'" alt="'.$title.'" title="'.$title.'" class="" /></a></div>';
|
||||
$value = '<div class="um-photo"><a href="#" class="um-photo-modal" data-src="' . esc_attr( $uri ) . '"><img src="' . esc_attr( $uri ) . '" alt="' . esc_attr( $title ) . '" title="' . esc_attr( $title ) . '" class="" /></a></div>';
|
||||
} else if ( file_exists( UM()->uploader()->get_upload_base_dir() . um_user( 'ID' ) . DIRECTORY_SEPARATOR . $value ) ) {
|
||||
$value = '<div class="um-photo"><a href="#" class="um-photo-modal" data-src="'.$uri.'"><img src="'. $uri .'" alt="'.$title.'" title="'.$title.'" class="" /></a></div>';
|
||||
$value = '<div class="um-photo"><a href="#" class="um-photo-modal" data-src="' . esc_attr( $uri ) . '"><img src="' . esc_attr( $uri ) . '" alt="' . esc_attr( $title ) . '" title="' . esc_attr( $title ) . '" class="" /></a></div>';
|
||||
} else {
|
||||
$value = '';
|
||||
}
|
||||
|
||||
@@ -790,7 +790,7 @@ function um_is_file_owner( $url, $user_id = null, $image_path = false ) {
|
||||
|
||||
$filename = wp_basename( parse_url( $url, PHP_URL_PATH ) );
|
||||
|
||||
$file = $user_basedir . '/' . $filename;
|
||||
$file = $user_basedir . DIRECTORY_SEPARATOR . $filename;
|
||||
if ( file_exists( $file ) ) {
|
||||
if ( $image_path ) {
|
||||
return $file;
|
||||
@@ -2186,8 +2186,10 @@ function um_user( $data, $attrs = null ) {
|
||||
|
||||
case 'submitted':
|
||||
$array = um_profile( $data );
|
||||
if (empty( $array )) return '';
|
||||
$array = unserialize( $array );
|
||||
if ( empty( $array ) ) {
|
||||
return '';
|
||||
}
|
||||
$array = maybe_unserialize( $array );
|
||||
|
||||
return $array;
|
||||
break;
|
||||
|
||||
+3
-2
@@ -6,7 +6,7 @@ Donate link:
|
||||
Tags: community, member, membership, user-profile, user-registration
|
||||
Requires at least: 4.7
|
||||
Tested up to: 4.9
|
||||
Stable tag: 2.0.25
|
||||
Stable tag: 2.0.26
|
||||
License: GNU Version 2 or Any Later Version
|
||||
License URI: http://www.gnu.org/licenses/gpl-3.0.txt
|
||||
|
||||
@@ -131,11 +131,12 @@ The plugin works with popular caching plugins by automatically excluding Ultimat
|
||||
|
||||
= Important: UM2.0+ is a significant update to the code base from 1.3.88. Please make sure you take a full-site backup with restore point before updating the plugin =
|
||||
|
||||
= 2.0.26: August 29, 2018 =
|
||||
= 2.0.26: September 17, 2018 =
|
||||
|
||||
* Bugfixes:
|
||||
- File/Image email placeholders after registration form submitting
|
||||
- File/Image forms fields values on submit/edit
|
||||
- Fixed multisite file/image upload process
|
||||
|
||||
= 2.0.25: August 20, 2018 =
|
||||
|
||||
|
||||
Reference in New Issue
Block a user