10h30/ultimatemember
1
0
Fork 0
mirror of https://github.com/10h30/ultimatemember.git synced 2026-06-05 15:09:37 +09:00
Code Issues Packages Projects Releases Wiki Activity

- fixed security issue with Profile/Registration form;

Browse Source
This commit is contained in:
nikitasinelnikov
2019-05-08 16:05:27 +03:00
parent f5752e9248
commit f628703b12
8 changed files with 125 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files
includes/core/um-actions-register.php
+6 -5
View File
@@ -56,7 +56,7 @@ function um_after_insert_user( $user_id, $args ) {
um_fetch_user( $user_id );
if ( ! empty( $args['submitted'] ) ) {
UM()->user()->set_registration_details( $args['submitted'] );
UM()->user()->set_registration_details( $args['submitted'], $args );
}
UM()->user()->set_status( um_user( 'status' ) );
@@ -589,8 +589,9 @@ add_action( 'um_main_register_fields', 'um_add_register_fields', 100 );
*/
function um_registration_save_files( $user_id, $args ) {
if ( empty( $args['custom_fields'] ) )
if ( empty( $args['custom_fields'] ) ) {
return;
}
$files = array();
@@ -603,11 +604,11 @@ function um_registration_save_files( $user_id, $args ) {
if ( isset( $args['submitted'][$key] ) ) {
if ( isset( $fields[$key]['type'] ) && in_array( $fields[$key]['type'], array( 'image', 'file' ) ) &&
( um_is_temp_file( $args['submitted'][$key] ) || $args['submitted'][$key] == 'empty_file' )
if ( isset( $fields[ $key ]['type'] ) && in_array( $fields[ $key ]['type'], array( 'image', 'file' ) ) &&
( um_is_temp_file( $args['submitted'][ $key ] ) || $args['submitted'][ $key ] == 'empty_file' )
) {
$files[$key] = $args['submitted'][$key];
$files[ $key ] = $args['submitted'][ $key ];
}
}