PluginProbe ʕ •ᴥ•ʔ
Download Manager / trunk
Download Manager vtrunk
3.3.62 3.3.61 3.3.60 3.3.59 3.3.58 3.3.57 3.3.56 trunk 2.1.3 2.3.0 2.5.96 2.5.97 2.6.2 2.6.96 2.8.3 2.9.99 3.0.4 3.1.05 3.1.07 3.1.08 3.1.11 3.1.12 3.1.14 3.1.17 3.1.18 3.1.22 3.1.23 3.1.24 3.1.25 3.1.26 3.1.27 3.1.28 3.2.04 3.2.13 3.2.14 3.2.16 3.2.18 3.2.19 3.2.21 3.2.22 3.2.23 3.2.24 3.2.25 3.2.27 3.2.28 3.2.29 3.2.30 3.2.31 3.2.32 3.2.33 3.2.34 3.2.35 3.2.37 3.2.38 3.2.39 3.2.40 3.2.41 3.2.42 3.2.43 3.2.44 3.2.45 3.2.46 3.2.47 3.2.48 3.2.49 3.2.50 3.2.51 3.2.52 3.2.53 3.2.54 3.2.55 3.2.56 3.2.57 3.2.58 3.2.59 3.2.60 3.2.61 3.2.63 3.2.64 3.2.65 3.2.66 3.2.67 3.2.68 3.2.69 3.2.70 3.2.71 3.2.72 3.2.73 3.2.74 3.2.75 3.2.76 3.2.77 3.2.78 3.2.79 3.2.80 3.2.81 3.2.82 3.2.83 3.2.84 3.2.85 3.2.86 3.2.87 3.2.88 3.2.89 3.2.90 3.2.91 3.2.92 3.2.93 3.2.94 3.2.95 3.2.96 3.2.97 3.2.98 3.2.99 3.3.00 3.3.01 3.3.02 3.3.03 3.3.04 3.3.05 3.3.06 3.3.07 3.3.08 3.3.09 3.3.10 3.3.11 3.3.12 3.3.13 3.3.14 3.3.15 3.3.16 3.3.17 3.3.18 3.3.19 3.3.20 3.3.21 3.3.22 3.3.23 3.3.24 3.3.25 3.3.26 3.3.27 3.3.28 3.3.29 3.3.30 3.3.31 3.3.32 3.3.33 3.3.34 3.3.35 3.3.36 3.3.37 3.3.38 3.3.39 3.3.40 3.3.41 3.3.42 3.3.43 3.3.44 3.3.45 3.3.46 3.3.47 3.3.48 3.3.49 3.3.50 3.3.51 3.3.52 3.3.53 3.3.54 3.3.55
download-manager / src / User / Register.php
download-manager / src / User Last commit date
views 5 days ago Dashboard.php 5 months ago EditProfile.php 6 months ago Login.php 5 months ago PublicProfile.php 6 months ago Register.php 6 months ago User.php 3 months ago UserController.php 4 months ago
Register.php
469 lines
1 <?php
2
3
4 namespace WPDM\User;
5
6 use WPDM\__\__;
7 use WPDM\__\Crypt;
8 use WPDM\__\Email;
9 use WPDM\__\__MailUI;
10 use WPDM\__\Session;
11 use WPDM\__\Template;
12 use WPDM\Form\Form;
13
14
15 if(!defined("ABSPATH")) die("Shit happens!");
16
17 class Register
18 {
19 private static $instance;
20
21 public static function getInstance()
22 {
23 if (self::$instance === null) {
24 self::$instance = new self;
25 }
26 return self::$instance;
27 }
28
29 private function __construct()
30 {
31 add_action('init', [$this, 'process']);
32 add_shortcode('wpdm_reg_form', [$this, 'form']);
33
34 add_action('registration_errors', [$this, 'verifyEmail'], 10, 3);
35
36 add_action('user_register', [$this, 'pendingApproval'], 10, 2);
37
38 add_action("register_form", [$this, 'reCaptcha']);
39 add_action("registration_errors", [$this, 'reCaptchaVerify'], 10, 3);
40
41 }
42
43 function reCpathcaActive() {
44 $active_captcha = (int)get_option('__wpdm_recaptcha_regform', 0) === 1 && get_option('_wpdm_recaptcha_secret_key', '') != '';
45 $active_captcha = apply_filters("signup_form_captcha", $active_captcha);
46 return $active_captcha;
47 }
48
49 function reCaptcha() {
50 if($this->reCpathcaActive()) {
51 $form = new Form(['__recap' => [
52 'type' => 'reCaptcha',
53 'attrs' => ['name' => '__recap', 'id' => '__recap'],
54 ]], ['noForm' => true]);
55 echo $form->render();
56 }
57 }
58
59
60 function reCaptchaVerify($errors, $sanitized_user_login, $user_email) {
61 if ($this->reCpathcaActive()) {
62 $ret = wpdm_recaptcha_enterprise_verify(wpdm_query_var('__recap'), 'REGISTER');
63 if (!$ret['success']) {
64 if (!$errors) $errors = new \WP_Error();
65 $errors->add('recaptcha_failed', __('<strong>Error:</strong> Captcha verification failed', 'download-manager'));
66 }
67 }
68 return $errors;
69 }
70
71 static function formFields($params = [])
72 {
73 $reg_data_fields['__phash'] = ['type' => 'hidden', 'attrs' => ['name' => '__phash', 'id' => '__phash', 'value' => Crypt::encrypt($params)]];
74 $reg_data_fields['__reg_nonce'] = ['type' => 'hidden', 'attrs' => ['name' => '__reg_nonce', 'id' => '__reg_nonce', 'value' => '']];
75 $reg_data_fields['loginurl'] = ['type' => 'hidden', 'attrs' => ['name' => 'loginurl', 'id' => 'loginurl', 'value' => $params['loginurl']]];
76 $reg_data_fields['permalink'] = ['type' => 'hidden', 'attrs' => ['name' => 'permalink', 'id' => 'permalink', 'value' => $params['permalink']]];
77 $reg_data_fields['reg_redirect'] = ['type' => 'hidden', 'attrs' => ['name' => 'reg_redirect', 'id' => 'reg_redirect', 'value' => $params['reg_redirect']]];
78 $reg_data_fields['name'] = [
79 'cols' => [
80 ['label' => __("First name", "download-manager"), 'type' => 'text', 'grid_class' => 'col-md-6 col-sm-12', 'attrs' => ['name' => 'wpdm_reg[first_name]', 'id' => 'first_name', 'placeholder' => __('Your First Name', 'download-manager'), 'required' => 'required']],
81 ['label' => __("Last name", "download-manager"), 'type' => 'text', 'grid_class' => 'col-md-6 col-sm-12', 'attrs' => ['name' => 'wpdm_reg[last_name]', 'id' => 'last_name', 'placeholder' => __('Your Last Name', 'download-manager'), 'required' => 'required']]
82 ],
83 ];
84 $reg_data_fields['username'] = array(
85 'label' => __("Username", "download-manager"),
86 'type' => 'text',
87 'attrs' => array('name' => 'wpdm_reg[user_login]', 'id' => 'user_login', 'placeholder' => __('User Login ID', 'download-manager'), 'required' => 'required', 'validate' => 'alphanum'),
88 );
89 $reg_data_fields['email'] = [
90 'label' => __("Email", "download-manager"),
91 'type' => 'email',
92 'attrs' => ['name' => 'wpdm_reg[user_email]', 'id' => 'user_email', 'placeholder' => __("Your Email Address", "download-manager"), 'required' => 'required'],
93 ];
94
95 if ((int)get_option('__wpdm_signup_email_verify', 0) === 0) {
96 $reg_data_fields['password'] = array(
97 'cols' => [
98 ['label' => __("Password", "download-manager"), 'type' => 'password', 'grid_class' => 'col-md-6 col-sm-12', 'attrs' => ['name' => 'wpdm_reg[user_pass]', 'id' => 'reg_password', 'placeholder' => __("Password", "download-manager"), 'required' => 'required', 'strength' => (int)get_option('__wpdm_pwsc', 0)]],
99 ['label' => __("Confirm Password", "download-manager"), 'type' => 'password', 'grid_class' => 'col-md-6 col-sm-12', 'attrs' => ['name' => 'confirm_user_pass', 'data-match' => '#reg_password', 'id' => 'reg_confirm_pass', 'placeholder' => __("Confirm Password", "download-manager"), 'required' => 'required']]
100 ]
101 );
102 }
103 /*if (!isset($params['captcha']) || $params['captcha'] === true) {
104 $show_captcha = (int)get_option('__wpdm_recaptcha_regform', 0) === 1 && get_option('_wpdm_recaptcha_secret_key', '') != '';
105 $show_captcha = apply_filters("signup_form_captcha", $show_captcha);
106 if ($show_captcha) {
107 $reg_data_fields['__recap'] = array(
108 'type' => 'reCaptcha',
109 'attrs' => array('name' => '__recap', 'id' => '__recap'),
110 );
111 }
112 }*/
113 $reg_data_fields = apply_filters("wpdm_register_form_fields", $reg_data_fields);
114 $form = new Form($reg_data_fields, ['name' => 'wpdm_reg_form', 'id' => 'wpdm_reg_form', 'method' => 'POST', 'action' => '', 'submit_button' => [], 'noForm' => true]);
115 return $form->render();
116
117 }
118
119 /**
120 * @usage Short-code callback function for login form
121 * @return string
122 */
123 function form($params = array())
124 {
125
126 if (!get_option('users_can_register')) return \WPDM\__\Messages::warning(__("User registration is disabled", "download-manager"), -1);
127
128 if (!isset($params) || !is_array($params)) $params = array();
129
130 ob_start();
131
132 $_social_only = isset($params['social_only']) && ($params['social_only'] === 'true' || (int)$params['social_only'] === 1) ? true : false;
133 $_verify_email = isset($params['verifyemail']) && ($params['verifyemail'] === 'true' || (int)$params['verifyemail'] === 1) ? true : false;
134 $_show_captcha = !isset($params['captcha']) || ($params['captcha'] === 'true' || (int)$params['captcha'] === 1) ? true : false;
135 $_auto_login = isset($params['autologin']) && ($params['autologin'] === 'true' || (int)$params['autologin'] === 1) ? true : false;
136
137
138 $loginurl = wpdm_login_url();
139 $reg_redirect = $loginurl;
140 if (isset($params['autologin']) && (int)$params['autologin'] === 1) $reg_redirect = wpdm_user_dashboard_url();
141 if (isset($params['redirect'])) $reg_redirect = esc_url($params['redirect']);
142 if (isset($_GET['redirect_to'])) $reg_redirect = esc_url($_GET['redirect_to']);
143
144 $force = uniqid();
145
146 $up = parse_url($reg_redirect);
147 if (isset($up['host']) && $up['host'] != $_SERVER['SERVER_NAME']) $reg_redirect = home_url('/');
148
149 $reg_redirect = esc_attr(esc_url($reg_redirect));
150
151 if (!isset($params['logo'])) $params['logo'] = get_site_icon_url();
152
153 $tmp_reg_info = \WPDM\__\Session::get('tmp_reg_info');
154
155 $__wpdm_social_login = get_option('__wpdm_social_login');
156 $__wpdm_social_login = is_array($__wpdm_social_login) ? $__wpdm_social_login : array();
157
158 $params['loginurl'] = $loginurl;
159 $params['reg_redirect'] = $reg_redirect;
160 $params['permalink'] = get_permalink(get_the_ID());
161 $form_html = self::formFields($params);
162
163 //Template
164 include(Template::locate('reg-form.php', __DIR__.'/views'));
165
166 $content = ob_get_clean();
167 return $content;
168 }
169
170 /**
171 * @usage Register an user
172 */
173 function process()
174 {
175 global $wp_query, $wpdb;
176 if (!isset($_POST['wpdm_reg'])) return;
177
178 __::isAuthentic('wdpmregnonce', WPDM_PUB_NONCE, 'read');
179
180 $shortcode_params = Crypt::decrypt(wpdm_query_var('__phash'), true);
181
182 if (!is_array($shortcode_params)) $shortcode_params = array();
183
184 $_verify_email = (int)get_option('__wpdm_signup_email_verify', 0);
185
186 if (!isset($_REQUEST['__reg_nonce']) || !wp_verify_nonce($_REQUEST['__reg_nonce'], NONCE_KEY)) {
187 $reg_error = apply_filters("wpdm_signup_error", __("Something is Wrong! Please refresh the page and try again", "download-manager"), $error_type = 'nonce');
188 if (wpdm_is_ajax()) {
189 wp_send_json(array('success' => false, 'message' => 'Error: ' . $reg_error));
190 die();
191 }
192 Session::set('wpdm_signup_error', $reg_error, 300);
193 wp_safe_redirect(wpdm_query_var('permalink', 'url'));
194 die();
195 }
196
197 /*if(!isset($shortcode_params['captcha']) || $shortcode_params['captcha'] === true) {
198 $active_captcha = (int)get_option('__wpdm_recaptcha_regform', 0) === 1 && get_option('_wpdm_recaptcha_secret_key', '') != '';
199 $active_captcha = apply_filters("signup_form_captcha", $active_captcha);
200 if ($active_captcha) {
201 $ret = wpdm_remote_post('https://www.google.com/recaptcha/api/siteverify', array('secret' => get_option('_wpdm_recaptcha_secret_key', ''), 'response' => wpdm_query_var('__recap')));
202 $ret = json_decode($ret);
203 if (!$ret->success) {
204 $reg_error = apply_filters("wpdm_signup_error", __("Invalid CAPTCHA!", "download-manager"), $error_type = 'captcha');
205 if (wpdm_is_ajax()) {
206 wp_send_json(array('success' => false, 'message' => 'Error: ' . $reg_error));
207 die();
208 }
209 Session::set('wpdm_signup_error', $reg_error, 300);
210 wp_safe_redirect(wpdm_query_var('permalink', 'url'));
211 die();
212 }
213 }
214 }*/
215
216 if (!get_option('users_can_register') && isset($_POST['wpdm_reg'])) {
217 $reg_error = apply_filters("wpdm_signup_error", __("Error: User registration is disabled!", "download-manager"), $error_type = 'signup_disabled');
218 if (wpdm_is_ajax()) {
219 wp_send_json(array('success' => false, 'message' => $reg_error));
220 die();
221 }
222 Session::set('wpdm_signup_error', $reg_error, 300);
223 wp_safe_redirect(wpdm_query_var('permalink', 'url'));
224 die();
225 }
226
227 Session::set('tmp_reg_info', $_POST['wpdm_reg']);
228
229 $first_name = wpdm_query_var('wpdm_reg/first_name', 'txt');
230 $last_name = wpdm_query_var('wpdm_reg/last_name', 'txt');
231 $user_login = wpdm_query_var('wpdm_reg/user_login', 'txt');
232 $user_email = wpdm_query_var('wpdm_reg/user_email', 'email');
233 $user_pass = wpdm_query_var('wpdm_reg/user_pass', 'html');
234 $full_name = $first_name . " " . $last_name;
235 $display_name = $full_name;
236
237 if(!validate_username($user_login)) {
238 $reg_error = apply_filters("wpdm_signup_error", __("Invalid Username!", "download-manager"), $error_type = 'invalid_username');
239
240 if (wpdm_is_ajax()) {
241 wp_send_json(array('success' => false, 'message' => $reg_error));
242 die();
243 }
244
245 Session::set('wpdm_signup_error', $reg_error, 300);
246 wp_safe_redirect(wpdm_query_var('permalink', 'url'));
247 die();
248 }
249
250 $user_id = username_exists($user_login);
251
252 //Check Username
253 if ($user_login === '') {
254
255 $reg_error = apply_filters("wpdm_signup_error", __("Username is Empty!", "download-manager"), $error_type = 'empty_username');
256
257 if (wpdm_is_ajax()) {
258 wp_send_json(array('success' => false, 'message' => $reg_error));
259 die();
260 }
261
262 Session::set('wpdm_signup_error', $reg_error, 300);
263 wp_safe_redirect(wpdm_query_var('permalink', 'url'));
264 die();
265 }
266
267 //Check Email
268 if (!is_email($user_email)) {
269
270 $reg_error = apply_filters("wpdm_signup_error", __("Invalid email address!", "download-manager"), $error_type = 'invalid_email');
271
272 if (wpdm_is_ajax()) {
273 wp_send_json(array('success' => false, 'message' => $reg_error));
274 die();
275 }
276
277 Session::set('wpdm_signup_error', $reg_error, 300);
278 wp_safe_redirect(wpdm_query_var('permalink', 'url'));
279
280 }
281
282 //If username is available - no other user with the username
283 if (!$user_id) {
284
285 $user_id = email_exists($user_email);
286
287 //If email is available - no other user with the email
288 if (!$user_id) {
289
290 $user_pass = $_verify_email || !isset($user_pass) || $user_pass == '' ? wp_generate_password(12, false) : $user_pass;
291
292 if(!$_verify_email && isset($user_pass) && wpdm_query_var('comfirm_user_pass')){
293 if($user_pass !== wpdm_query_var('confirm_user_pass', 'html')){
294 $reg_error = apply_filters("wpdm_signup_error", __("Passwords not matched!", "download-manager"), $error_type = 'password_match');
295
296 if (wpdm_is_ajax()) {
297 wp_send_json(array('success' => false, 'message' => $reg_error));
298 die();
299 }
300
301 Session::set('wpdm_signup_error', $reg_error, 300);
302 wp_safe_redirect(wpdm_query_var('permalink', 'url'));
303 }
304 }
305
306 $errors = new \WP_Error();
307
308 do_action('register_post', $user_login, $user_email, $errors);
309
310 $errors = apply_filters('registration_errors', $errors, $user_login, $user_email);
311
312 if ($errors->get_error_code()) {
313 if (wpdm_is_ajax()) {
314 wp_send_json(array('success' => false, 'message' => 'Error: ' . $errors->get_error_message()));
315 die();
316 }
317
318 Session::set('wpdm_signup_error', 'Error: ' . $errors->get_error_message(), 300);
319 wp_safe_redirect(wpdm_query_var('permalink', 'url'));
320 die();
321 }
322
323 $user_id = wp_create_user($user_login, $user_pass, $user_email);
324
325 $user_meta = array('ID' => $user_id, 'display_name' => $display_name, 'first_name' => $first_name, 'last_name' => $last_name);
326 wp_update_user($user_meta);
327
328 if(!defined('WPDM_DISABLE_SIGNUP_ROLES') || WPDM_DISABLE_SIGNUP_ROLES === false) {
329 $valid_roles = get_option('__wpdm_signup_roles', array());
330
331 if (isset($shortcode_params['role']) && trim($shortcode_params['role']) !== '' && is_array($valid_roles) && count($valid_roles) > 0 && in_array($shortcode_params['role'], $valid_roles)) {
332 $role = $shortcode_params['role'];
333 //Block front-end signup as administrator or any role with edit_files cap
334 if($role !== 'administrator') {
335 $_role = get_role($role);
336 $caps = is_object($_role) && isset($_role->capabilities) ? $_role->capabilities : array();
337 if (!in_array('edit_files', $caps)) {
338 $user = get_user_by('id', $user_meta['ID']);
339 $user->add_role($role);
340 }
341 }
342
343 }
344 }
345
346
347 //To User
348 $usparams = array('to_email' => $user_email, 'name' => $display_name, 'first_name' => $first_name, 'last_name' => $last_name, 'user_email' => $user_email, 'email' => $user_email, 'username' => $user_login, 'password' => $user_pass);
349
350 foreach ($_POST['wpdm_reg'] as $key => $value) {
351 $usparams["user_" . $key] = $value;
352 }
353
354 //Filter user email params
355 $usparams = apply_filters("wpdm_signup_user_mail_params", $usparams, $user_id);
356
357 \WPDM\__\Email::send("user-signup", $usparams);
358
359 //To Admin
360 $ip = wpdm_get_client_ip();
361 $data = array(
362 array('Name', $display_name),
363 array('Username', $user_login),
364 array('Email', $user_email),
365 array('IP', $ip)
366 );
367 $css = array('col' => array('background: #edf0f2 !important'), 'td' => 'border-bottom:1px solid #e6e7e8');
368 $table = __MailUI::table(null, $data, $css);
369
370 $params['name'] = $display_name;
371 $params['username'] = $user_login;
372 $params['email'] = $user_email;
373 $params['user_email'] = $user_email;
374 $params['user_ip'] = $ip;
375 $params['edit_user_btn'] = "<a class='button' style='display:block;margin:10px 0 0;text-decoration: none;text-align:center;' href='" . admin_url('user-edit.php?user_id=' . $user_id) . "'> " . __("Edit User", "download-manager") . " </a>";
376 //Include all data from signup form
377 foreach ($_POST['wpdm_reg'] as $key => $value) {
378 $params["user_" . $key] = $value;
379 }
380
381 //Filter admin email params
382 $params = apply_filters("wpdm_signup_admin_mail_params", $params, $user_id);
383 \WPDM\__\Email::send("user-signup-admin", $params);
384
385 Session::clear('guest_order');
386 Session::clear('login_error');
387 Session::clear('tmp_reg_info');
388
389 $creds['user_login'] = $user_login;
390 $creds['user_password'] = $user_pass;
391 $creds['remember'] = true;
392
393 if($_verify_email)
394 $reg_success = apply_filters("wpdm_signup_success", __("Your account has been created successfully and login info sent to your mail address.", "download-manager"));
395 else
396 $reg_success = apply_filters("wpdm_signup_success", __("Your account has been created successfully.", "download-manager"));
397
398 do_action("wpdm_user_signup", $user_id, wpdm_query_var('wpdm_reg') );
399
400 $_auto_login = isset($shortcode_params['autologin']) && ($shortcode_params['autologin'] === 'true' || (int)$shortcode_params['autologin'] === 1) ? true : false;
401 if ((int)get_option('__wpdm_signup_autologin', 0) === 1|| $_auto_login) {
402 $reg_success = apply_filters("wpdm_signup_success", __("Your account has been created successfully.", "download-manager"));
403 wp_signon($creds);
404 wp_set_current_user($user_id);
405 wp_set_auth_cookie($user_id);
406 }
407
408 \WPDM\__\Session::set('__wpdm_signup_success', $reg_success, 300);
409
410 if (wpdm_is_ajax()) {
411 $redirect = wpdm_query_var('reg_redirect', 'url');
412 if(!$_auto_login)
413 $redirect = add_query_arg(['signedup' => 1], $redirect);
414 wp_send_json(array('success' => true, 'redirect_to' => $redirect, 'msg' => Session::get('__wpdm_signup_success')));
415 die();
416 }
417 wp_safe_redirect(wpdm_query_var('reg_redirect', 'url'));
418 die();
419 } else {
420 $reg_error = apply_filters("wpdm_signup_error", __("Email already exist!", "download-manager"), $error_type = 'invalid_email');
421
422 if (wpdm_is_ajax()) {
423 wp_send_json(array('success' => false, 'message' => $reg_error));
424 die();
425 }
426
427 \WPDM\__\Session::set('wpdm_signup_error', $reg_error);
428 wp_safe_redirect(wpdm_query_var('permalink', 'url'));
429
430 die();
431 }
432 } else {
433 $reg_error = apply_filters("wpdm_signup_error", __("Username already exists.", "download-manager"), $error_type = 'username_exists');
434
435 if (wpdm_is_ajax()) {
436 wp_send_json(array('success' => false, 'message' => $reg_error));
437 die();
438 }
439
440 Session::set('wpdm_signup_error', $reg_error, 300);
441 wp_safe_redirect(wpdm_query_var('permalink', 'url'));
442 die();
443 }
444
445 }
446
447
448 function verifyEmail($errors, $sanitized_user_login, $user_email)
449 {
450 if (!$errors) $errors = new \WP_Error();
451 if(!is_email($user_email)) return $errors;
452 if (!wpdm_verify_email($user_email)) {
453 $emsg = get_option('__wpdm_blocked_domain_msg');
454 if (trim($emsg) === '') $emsg = __('Your email address is blocked!', 'download-manager');
455 $errors->add('blocked_email', $emsg);
456 }
457 return $errors;
458 }
459
460 function pendingApproval($userID, $userData = [])
461 {
462 if(WPDM()->user->requiresApproval()) {
463 update_user_meta($userID, '__wpdm_user_status', 'pending');
464 }
465 }
466
467 }
468
469