PluginProbe ʕ •ᴥ•ʔ
GiveWP – Donation Plugin and Fundraising Platform / 2.0.2
GiveWP – Donation Plugin and Fundraising Platform v2.0.2
4.16.3 4.16.2 4.16.1 4.16.0 4.15.5 4.15.4 4.15.3 4.15.2 4.15.1 4.15.0 2.3.0 2.3.1 2.3.2 2.30.0 2.31.0 2.31.1 2.32.0 2.33.0 2.33.1 2.33.2 2.33.3 2.33.4 2.33.5 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.5.0 2.5.1 2.5.10 2.5.11 2.5.12 2.5.13 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.5.7 2.5.8 2.5.9 2.6.0 2.6.1 2.6.2 2.6.3 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.9.0 2.9.1 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.10.0 3.11.0 3.12.0 3.12.1 3.12.2 3.12.3 3.13.0 3.14.0 3.14.1 3.14.2 3.15.0 3.15.1 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.17.0 3.17.1 3.17.2 3.18.0 3.19.0 3.19.1 3.19.2 3.19.3 3.19.4 3.2.0 3.2.1 3.2.2 3.20.0 3.21.0 3.21.1 3.22.0 3.22.1 3.22.2 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.5.1 3.6.0 3.6.1 3.6.2 3.7.0 3.8.0 3.9.0 4.0.0 4.1.0 4.1.1 4.10.0 4.10.1 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.14.5 4.14.6 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.1 4.7.0 4.7.1 4.8.0 4.8.1 4.9.0 trunk 1.9.0 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.12.1 2.12.2 2.12.3 2.13.0 2.13.1 2.13.2 2.13.3 2.13.4 2.14.0 2.15.0 2.16.0 2.16.1 2.17.0 2.17.1 2.17.3 2.18.0 2.18.1 2.19.1 2.19.2 2.19.3 2.19.4 2.19.5 2.19.6 2.19.7 2.19.8 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.20.0 2.20.1 2.20.2 2.21.0 2.21.1 2.21.2 2.21.3 2.21.4 2.22.0 2.22.1 2.22.2 2.22.3 2.23.0 2.23.1 2.23.2 2.24.0 2.24.1 2.24.2 2.25.0 2.25.1 2.25.2 2.25.3 2.26.0 2.27.0 2.27.1 2.27.2 2.27.3 2.28.0 2.29.0 2.29.1 2.29.2
give / includes / login-register.php
give / includes Last commit date
admin 8 years ago api 8 years ago deprecated 8 years ago donors 8 years ago emails 8 years ago forms 8 years ago gateways 8 years ago libraries 8 years ago payments 8 years ago actions.php 8 years ago ajax-functions.php 8 years ago class-give-async-process.php 8 years ago class-give-background-updater.php 8 years ago class-give-cache.php 8 years ago class-give-cli-commands.php 8 years ago class-give-cron.php 8 years ago class-give-db-donor-meta.php 8 years ago class-give-db-donors.php 8 years ago class-give-db-form-meta.php 8 years ago class-give-db-logs-meta.php 8 years ago class-give-db-logs.php 8 years ago class-give-db-meta.php 8 years ago class-give-db-payment-meta.php 8 years ago class-give-db.php 8 years ago class-give-donate-form.php 8 years ago class-give-donor.php 8 years ago class-give-email-access.php 8 years ago class-give-gravatars.php 8 years ago class-give-html-elements.php 8 years ago class-give-license-handler.php 8 years ago class-give-logging.php 8 years ago class-give-roles.php 8 years ago class-give-session.php 8 years ago class-give-stats.php 8 years ago class-give-template-loader.php 9 years ago class-give-tooltips.php 8 years ago class-give-translation.php 8 years ago class-notices.php 8 years ago country-functions.php 8 years ago currency-functions.php 8 years ago error-tracking.php 8 years ago filters.php 8 years ago formatting.php 8 years ago import-functions.php 8 years ago install.php 8 years ago login-register.php 8 years ago misc-functions.php 8 years ago plugin-compatibility.php 8 years ago post-types.php 8 years ago price-functions.php 8 years ago process-donation.php 8 years ago scripts.php 8 years ago shortcodes.php 8 years ago template-functions.php 8 years ago user-functions.php 8 years ago
login-register.php
405 lines
1 <?php
2 /**
3 * Login / Register Functions
4 *
5 * @package Give
6 * @subpackage Functions/Login
7 * @copyright Copyright (c) 2016, WordImpress
8 * @license https://opensource.org/licenses/gpl-license GNU Public License
9 * @since 1.0
10 */
11
12 // Exit if accessed directly.
13 if ( ! defined( 'ABSPATH' ) ) {
14 exit;
15 }
16
17 /**
18 * Login Form
19 *
20 * @since 1.0
21 * @global $give_login_redirect
22 * @global $give_logout_redirect
23 *
24 * @param string $login_redirect Login redirect page URL
25 * @param string $logout_redirect Logout redirect page URL
26 *
27 * @return string Login form
28 */
29 function give_login_form( $login_redirect = '', $logout_redirect = '' ) {
30
31 if ( empty( $login_redirect ) ) {
32 $login_redirect = add_query_arg( 'give-login-success', 'true', give_get_history_page_uri() );
33 }
34
35 if ( empty( $logout_redirect ) ) {
36 $logout_redirect = add_query_arg( 'give-logout-success', 'true', give_get_current_page_url() );
37 }
38
39 // Add user_logout action to logout url.
40 $logout_redirect = add_query_arg(
41 array(
42 'give_action' => 'user_logout',
43 'give_logout_nonce' => wp_create_nonce( 'give-logout-nonce' ),
44 'give_logout_redirect' => urlencode( $logout_redirect ),
45 ),
46 home_url( '/' )
47 );
48
49 ob_start();
50
51 give_get_template(
52 'shortcode-login',
53 array(
54 'give_login_redirect' => $login_redirect,
55 'give_logout_redirect' => $logout_redirect,
56 )
57 );
58
59 return apply_filters( 'give_login_form', ob_get_clean() );
60 }
61
62 /**
63 * Registration Form
64 *
65 * @since 2.0
66 * @global $give_register_redirect
67 *
68 * @param string $redirect Redirect page URL
69 *
70 * @return string Register form
71 */
72 function give_register_form( $redirect = '' ) {
73 if ( empty( $redirect ) ) {
74 $redirect = give_get_current_page_url();
75 }
76
77 ob_start();
78
79 if ( ! is_user_logged_in() ) {
80 give_get_template(
81 'shortcode-register',
82 array(
83 'give_register_redirect' => $redirect,
84 )
85 );
86 }
87
88 return apply_filters( 'give_register_form', ob_get_clean() );
89 }
90
91 /**
92 * Process Login Form
93 *
94 * @since 1.0
95 *
96 * @param array $data Data sent from the login form
97 *
98 * @return void
99 */
100 function give_process_login_form( $data ) {
101 if ( wp_verify_nonce( $data['give_login_nonce'], 'give-login-nonce' ) ) {
102
103 // Set Receipt Access Session.
104 if ( ! empty( $_GET['payment_key'] ) ) {
105 Give()->session->set( 'receipt_access', true );
106 }
107
108 $user_data = get_user_by( 'login', $data['give_user_login'] );
109 if ( ! $user_data ) {
110 $user_data = get_user_by( 'email', $data['give_user_login'] );
111 }
112 if ( $user_data ) {
113 $user_ID = $user_data->ID;
114 $user_email = $user_data->user_email;
115 if ( wp_check_password( $data['give_user_pass'], $user_data->user_pass, $user_ID ) ) {
116 give_log_user_in( $user_data->ID, $data['give_user_login'], $data['give_user_pass'] );
117 } else {
118 give_set_error( 'password_incorrect', __( 'The password you entered is incorrect.', 'give' ) );
119 }
120 } else {
121 give_set_error( 'username_incorrect', __( 'The username you entered does not exist.', 'give' ) );
122 }
123 // Check for errors and redirect if none present
124 $errors = give_get_errors();
125 if ( ! $errors ) {
126 $redirect = apply_filters( 'give_login_redirect', $data['give_login_redirect'], $user_ID );
127 wp_redirect( $redirect );
128 give_die();
129 }
130 }
131 }
132
133 add_action( 'give_user_login', 'give_process_login_form' );
134
135
136 /**
137 * Process User Logout
138 *
139 * @since 1.0
140 *
141 * @param array $data Data sent from the give login form page
142 *
143 * @return void
144 */
145 function give_process_user_logout( $data ) {
146 if ( wp_verify_nonce( $data['give_logout_nonce'], 'give-logout-nonce' ) && is_user_logged_in() ) {
147
148 // Prevent occurring of any custom action on wp_logout.
149 remove_all_actions( 'wp_logout' );
150
151 /**
152 * Fires before processing user logout.
153 *
154 * @since 1.0
155 */
156 do_action( 'give_before_user_logout' );
157
158 // Logout user.
159 wp_logout();
160
161 /**
162 * Fires after processing user logout.
163 *
164 * @since 1.0
165 */
166 do_action( 'give_after_user_logout' );
167
168 wp_redirect( $data['give_logout_redirect'] );
169 give_die();
170 }
171 }
172
173 add_action( 'give_user_logout', 'give_process_user_logout' );
174
175 /**
176 * Log User In
177 *
178 * @since 1.0
179 *
180 * @param int $user_id User ID
181 * @param string $user_login Username
182 * @param string $user_pass Password
183 *
184 * @return bool
185 */
186 function give_log_user_in( $user_id, $user_login, $user_pass ) {
187
188 if ( $user_id < 1 ) {
189 return false;
190 }
191
192 wp_set_auth_cookie( $user_id );
193 wp_set_current_user( $user_id, $user_login );
194
195 /**
196 * Fires after the user has successfully logged in.
197 *
198 * @since 1.0
199 *
200 * @param string $user_login Username.
201 * @param WP_User $$user WP_User object of the logged-in user.
202 */
203 do_action( 'wp_login', $user_login, get_userdata( $user_id ) );
204
205 /**
206 * Fires after give user has successfully logged in.
207 *
208 * @since 1.0
209 *
210 * @param int $$user_id User id.
211 * @param string $user_login Username.
212 * @param string $user_pass User password.
213 */
214 do_action( 'give_log_user_in', $user_id, $user_login, $user_pass );
215 }
216
217
218 /**
219 * Process Register Form
220 *
221 * @since 2.0
222 *
223 * @param array $data Data sent from the register form
224 *
225 * @return bool
226 */
227 function give_process_register_form( $data ) {
228
229 if ( is_user_logged_in() ) {
230 return false;
231 }
232
233 if ( empty( $_POST['give_register_submit'] ) ) {
234 return false;
235 }
236
237 /**
238 * Fires before processing user registration.
239 *
240 * @since 1.0
241 */
242 do_action( 'give_pre_process_register_form' );
243
244 if ( empty( $data['give_user_login'] ) ) {
245 give_set_error( 'empty_username', esc_html__( 'Invalid username.', 'give' ) );
246 }
247
248 if ( username_exists( $data['give_user_login'] ) ) {
249 give_set_error( 'username_unavailable', esc_html__( 'Username already taken.', 'give' ) );
250 }
251
252 if ( ! validate_username( $data['give_user_login'] ) ) {
253 give_set_error( 'username_invalid', esc_html__( 'Invalid username.', 'give' ) );
254 }
255
256 if ( email_exists( $data['give_user_email'] ) ) {
257 give_set_error( 'email_unavailable', esc_html__( 'Email address already taken.', 'give' ) );
258 }
259
260 if ( empty( $data['give_user_email'] ) || ! is_email( $data['give_user_email'] ) ) {
261 give_set_error( 'email_invalid', esc_html__( 'Invalid email.', 'give' ) );
262 }
263
264 if ( ! empty( $data['give_payment_email'] ) && $data['give_payment_email'] != $data['give_user_email'] && ! is_email( $data['give_payment_email'] ) ) {
265 give_set_error( 'payment_email_invalid', esc_html__( 'Invalid payment email.', 'give' ) );
266 }
267
268 if ( empty( $_POST['give_user_pass'] ) ) {
269 give_set_error( 'empty_password', esc_html__( 'Please enter a password.', 'give' ) );
270 }
271
272 if ( ( ! empty( $_POST['give_user_pass'] ) && empty( $_POST['give_user_pass2'] ) ) || ( $_POST['give_user_pass'] !== $_POST['give_user_pass2'] ) ) {
273 give_set_error( 'password_mismatch', esc_html__( 'Passwords don\'t match.', 'give' ) );
274 }
275
276 /**
277 * Fires while processing user registration.
278 *
279 * @since 1.0
280 */
281 do_action( 'give_process_register_form' );
282
283 // Check for errors and redirect if none present
284 $errors = give_get_errors();
285
286 if ( empty( $errors ) ) {
287
288 $redirect = apply_filters( 'give_register_redirect', $data['give_redirect'] );
289
290 give_register_and_login_new_user( array(
291 'user_login' => $data['give_user_login'],
292 'user_pass' => $data['give_user_pass'],
293 'user_email' => $data['give_user_email'],
294 'user_registered' => date( 'Y-m-d H:i:s' ),
295 'role' => get_option( 'default_role' ),
296 ) );
297
298 wp_redirect( $redirect );
299 give_die();
300 }
301 }
302
303 add_action( 'give_user_register', 'give_process_register_form' );
304
305
306 /**
307 * Email access login form.
308 *
309 * @since 1.8.17
310 *
311 * @return bool
312 */
313 function give_email_access_login() {
314
315 // Verify nonce.
316 if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'give' ) ) {
317 return false;
318 }
319
320 // Need email to proceed.
321 $email = isset( $_POST['give_email'] ) ? give_clean( $_POST['give_email'] ) : '';
322 if ( empty( $email ) ) {
323 give_set_error( 'give_empty_email', __( 'Please enter the email address you used for your donation.', 'give' ) );
324 }
325
326 $recaptcha_key = give_get_option( 'recaptcha_key' );
327 $recaptcha_secret = give_get_option( 'recaptcha_secret' );
328 $enable_recaptcha = ! empty( $recaptcha_key ) && ! empty( $recaptcha_secret ) ? true : false;
329 $access_token = ! empty( $_GET['payment_key'] ) ? $_GET['payment_key'] : '';
330
331 // Use reCAPTCHA.
332 if ( $enable_recaptcha ) {
333
334 $args = array(
335 'secret' => $recaptcha_secret,
336 'response' => $_POST['g-recaptcha-response'],
337 'remoteip' => $_POST['give_ip'],
338 );
339
340 if ( ! empty( $args['response'] ) ) {
341 $request = wp_remote_post( 'https://www.google.com/recaptcha/api/siteverify', array(
342 'body' => $args,
343 ) );
344 if ( ! is_wp_error( $request ) || 200 == wp_remote_retrieve_response_code( $request ) ) {
345
346 $response = json_decode( $request['body'], true );
347
348 // reCAPTCHA fail.
349 if ( ! $response['success'] ) {
350 give_set_error( 'give_recaptcha_test_failed', apply_filters( 'give_recaptcha_test_failed_message', __( 'reCAPTCHA test failed.', 'give' ) ) );
351 }
352 } else {
353
354 // Connection issue.
355 give_set_error( 'give_recaptcha_connection_issue', apply_filters( 'give_recaptcha_connection_issue_message', __( 'Unable to connect to reCAPTCHA server.', 'give' ) ) );
356
357 } // End if().
358 } else {
359
360 give_set_error( 'give_recaptcha_failed', apply_filters( 'give_recaptcha_failed_message', __( 'It looks like the reCAPTCHA test has failed.', 'give' ) ) );
361
362 } // End if().
363 } // End if().
364
365 // If no errors or only expired token key error - then send email.
366 if ( ! give_get_errors() ) {
367
368 $donor = Give()->donors->get_donor_by( 'email', $email );
369
370 Give()->email_access->init();
371
372 // Verify that donor object is present and donor is connected with its user profile or not.
373 if ( is_object( $donor ) ) {
374
375 // Verify that email can be sent.
376 if ( ! Give()->email_access->can_send_email( $donor->id ) ) {
377
378 $_POST['email-access-exhausted'] = true;
379
380 return false;
381
382 } else {
383 // Send the email. Requests not
384 $email_sent = Give()->email_access->send_email( $donor->id, $donor->email );
385
386 if ( ! $email_sent ) {
387 give_set_error( 'give_email_access_send_issue', __( 'Unable to send email. Please try again.', 'give' ) );
388 return false;
389 }
390
391 $_POST['email-access-sent'] = true;
392
393 return true;
394 }
395 } else {
396
397 give_set_error( 'give-no-donations', __( 'We were unable to find any donations associated with the email address provided. Please try again using another email.', 'give' ) );
398
399 }
400 } // End if().
401
402 }
403
404 add_action( 'give_email_access_form_login', 'give_email_access_login' );
405