PluginProbe ʕ •ᴥ•ʔ
GiveWP – Donation Plugin and Fundraising Platform / 2.1.2
GiveWP – Donation Plugin and Fundraising Platform v2.1.2
4.16.2 4.16.1 4.16.0 4.15.5 4.15.4 4.15.3 4.15.2 4.15.1 4.15.0 2.3.0 2.3.1 2.3.2 2.30.0 2.31.0 2.31.1 2.32.0 2.33.0 2.33.1 2.33.2 2.33.3 2.33.4 2.33.5 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.5.0 2.5.1 2.5.10 2.5.11 2.5.12 2.5.13 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.5.7 2.5.8 2.5.9 2.6.0 2.6.1 2.6.2 2.6.3 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.9.0 2.9.1 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.10.0 3.11.0 3.12.0 3.12.1 3.12.2 3.12.3 3.13.0 3.14.0 3.14.1 3.14.2 3.15.0 3.15.1 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.17.0 3.17.1 3.17.2 3.18.0 3.19.0 3.19.1 3.19.2 3.19.3 3.19.4 3.2.0 3.2.1 3.2.2 3.20.0 3.21.0 3.21.1 3.22.0 3.22.1 3.22.2 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.5.1 3.6.0 3.6.1 3.6.2 3.7.0 3.8.0 3.9.0 4.0.0 4.1.0 4.1.1 4.10.0 4.10.1 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.14.5 4.14.6 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.1 4.7.0 4.7.1 4.8.0 4.8.1 4.9.0 trunk 1.9.0 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.12.1 2.12.2 2.12.3 2.13.0 2.13.1 2.13.2 2.13.3 2.13.4 2.14.0 2.15.0 2.16.0 2.16.1 2.17.0 2.17.1 2.17.3 2.18.0 2.18.1 2.19.1 2.19.2 2.19.3 2.19.4 2.19.5 2.19.6 2.19.7 2.19.8 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.20.0 2.20.1 2.20.2 2.21.0 2.21.1 2.21.2 2.21.3 2.21.4 2.22.0 2.22.1 2.22.2 2.22.3 2.23.0 2.23.1 2.23.2 2.24.0 2.24.1 2.24.2 2.25.0 2.25.1 2.25.2 2.25.3 2.26.0 2.27.0 2.27.1 2.27.2 2.27.3 2.28.0 2.29.0 2.29.1 2.29.2
give / includes / login-register.php
give / includes Last commit date
admin 8 years ago api 8 years ago deprecated 8 years ago donors 8 years ago emails 8 years ago forms 8 years ago gateways 8 years ago libraries 8 years ago payments 8 years ago actions.php 8 years ago ajax-functions.php 8 years ago class-give-async-process.php 8 years ago class-give-background-updater.php 8 years ago class-give-cache.php 8 years ago class-give-cli-commands.php 8 years ago class-give-cron.php 8 years ago class-give-db-donor-meta.php 8 years ago class-give-db-donors.php 8 years ago class-give-db-form-meta.php 8 years ago class-give-db-logs-meta.php 8 years ago class-give-db-logs.php 8 years ago class-give-db-meta.php 8 years ago class-give-db-payment-meta.php 8 years ago class-give-db-sequential-ordering.php 8 years ago class-give-db.php 8 years ago class-give-donate-form.php 8 years ago class-give-donor.php 8 years ago class-give-email-access.php 8 years ago class-give-gravatars.php 8 years ago class-give-html-elements.php 8 years ago class-give-license-handler.php 8 years ago class-give-logging.php 8 years ago class-give-roles.php 8 years ago class-give-scripts.php 8 years ago class-give-session.php 8 years ago class-give-stats.php 8 years ago class-give-template-loader.php 8 years ago class-give-tooltips.php 8 years ago class-give-translation.php 8 years ago class-notices.php 8 years ago country-functions.php 8 years ago currency-functions.php 8 years ago error-tracking.php 8 years ago filters.php 8 years ago formatting.php 8 years ago import-functions.php 8 years ago install.php 8 years ago login-register.php 8 years ago misc-functions.php 8 years ago plugin-compatibility.php 8 years ago post-types.php 8 years ago price-functions.php 8 years ago process-donation.php 8 years ago shortcodes.php 8 years ago template-functions.php 8 years ago user-functions.php 8 years ago
login-register.php
406 lines
1 <?php
2 /**
3 * Login / Register Functions
4 *
5 * @package Give
6 * @subpackage Functions/Login
7 * @copyright Copyright (c) 2016, WordImpress
8 * @license https://opensource.org/licenses/gpl-license GNU Public License
9 * @since 1.0
10 */
11
12 // Exit if accessed directly.
13 if ( ! defined( 'ABSPATH' ) ) {
14 exit;
15 }
16
17 /**
18 * Login Form
19 *
20 * @since 1.0
21 * @global $give_login_redirect
22 * @global $give_logout_redirect
23 *
24 * @param string $login_redirect Login redirect page URL
25 * @param string $logout_redirect Logout redirect page URL
26 *
27 * @return string Login form
28 */
29 function give_login_form( $login_redirect = '', $logout_redirect = '' ) {
30
31 if ( empty( $login_redirect ) ) {
32 $login_redirect = add_query_arg( 'give-login-success', 'true', give_get_history_page_uri() );
33 }
34
35 if ( empty( $logout_redirect ) ) {
36 $logout_redirect = add_query_arg( 'give-logout-success', 'true', give_get_current_page_url() );
37 }
38
39 // Add user_logout action to logout url.
40 $logout_redirect = add_query_arg(
41 array(
42 'give_action' => 'user_logout',
43 'give_logout_nonce' => wp_create_nonce( 'give-logout-nonce' ),
44 'give_logout_redirect' => urlencode( $logout_redirect ),
45 ),
46 home_url( '/' )
47 );
48
49 ob_start();
50
51 give_get_template(
52 'shortcode-login',
53 array(
54 'give_login_redirect' => $login_redirect,
55 'give_logout_redirect' => $logout_redirect,
56 )
57 );
58
59 return apply_filters( 'give_login_form', ob_get_clean() );
60 }
61
62 /**
63 * Registration Form
64 *
65 * @since 2.0
66 * @global $give_register_redirect
67 *
68 * @param string $redirect Redirect page URL
69 *
70 * @return string Register form
71 */
72 function give_register_form( $redirect = '' ) {
73 if ( empty( $redirect ) ) {
74 $redirect = give_get_current_page_url();
75 }
76
77 ob_start();
78
79 if ( ! is_user_logged_in() ) {
80 give_get_template(
81 'shortcode-register',
82 array(
83 'give_register_redirect' => $redirect,
84 )
85 );
86 }
87
88 return apply_filters( 'give_register_form', ob_get_clean() );
89 }
90
91 /**
92 * Process Login Form
93 *
94 * @since 1.0
95 *
96 * @param array $data Data sent from the login form
97 *
98 * @return void
99 */
100 function give_process_login_form( $data ) {
101 if ( wp_verify_nonce( $data['give_login_nonce'], 'give-login-nonce' ) ) {
102
103 // Set Receipt Access Session.
104 if ( ! empty( $_GET['payment_key'] ) ) {
105 Give()->session->set( 'receipt_access', true );
106 }
107
108 $user_data = get_user_by( 'login', $data['give_user_login'] );
109 if ( ! $user_data ) {
110 $user_data = get_user_by( 'email', $data['give_user_login'] );
111 }
112 if ( $user_data ) {
113 $user_ID = $user_data->ID;
114 $user_email = $user_data->user_email;
115 if ( wp_check_password( $data['give_user_pass'], $user_data->user_pass, $user_ID ) ) {
116 give_log_user_in( $user_data->ID, $data['give_user_login'], $data['give_user_pass'] );
117 } else {
118 give_set_error( 'password_incorrect', __( 'The password you entered is incorrect.', 'give' ) );
119 }
120 } else {
121 give_set_error( 'username_incorrect', __( 'The username you entered does not exist.', 'give' ) );
122 }
123 // Check for errors and redirect if none present
124 $errors = give_get_errors();
125 if ( ! $errors ) {
126 $redirect = apply_filters( 'give_login_redirect', $data['give_login_redirect'], $user_ID );
127 wp_redirect( $redirect );
128 give_die();
129 }
130 }
131 }
132
133 add_action( 'give_user_login', 'give_process_login_form' );
134
135
136 /**
137 * Process User Logout
138 *
139 * @since 1.0
140 *
141 * @param array $data Data sent from the give login form page
142 *
143 * @return void
144 */
145 function give_process_user_logout( $data ) {
146 if ( wp_verify_nonce( $data['give_logout_nonce'], 'give-logout-nonce' ) && is_user_logged_in() ) {
147
148 // Prevent occurring of any custom action on wp_logout.
149 remove_all_actions( 'wp_logout' );
150
151 /**
152 * Fires before processing user logout.
153 *
154 * @since 1.0
155 */
156 do_action( 'give_before_user_logout' );
157
158 // Logout user.
159 wp_logout();
160
161 /**
162 * Fires after processing user logout.
163 *
164 * @since 1.0
165 */
166 do_action( 'give_after_user_logout' );
167
168 wp_redirect( $data['give_logout_redirect'] );
169 give_die();
170 }
171 }
172
173 add_action( 'give_user_logout', 'give_process_user_logout' );
174
175 /**
176 * Log User In
177 *
178 * @since 1.0
179 *
180 * @param int $user_id User ID
181 * @param string $user_login Username
182 * @param string $user_pass Password
183 *
184 * @return bool
185 */
186 function give_log_user_in( $user_id, $user_login, $user_pass ) {
187
188 if ( $user_id < 1 ) {
189 return false;
190 }
191
192 wp_set_auth_cookie( $user_id );
193 wp_set_current_user( $user_id, $user_login );
194
195 /**
196 * Fires after the user has successfully logged in.
197 *
198 * @since 1.0
199 *
200 * @param string $user_login Username.
201 * @param WP_User $$user WP_User object of the logged-in user.
202 */
203 do_action( 'wp_login', $user_login, get_userdata( $user_id ) );
204
205 /**
206 * Fires after give user has successfully logged in.
207 *
208 * @since 1.0
209 *
210 * @param int $$user_id User id.
211 * @param string $user_login Username.
212 * @param string $user_pass User password.
213 */
214 do_action( 'give_log_user_in', $user_id, $user_login, $user_pass );
215 }
216
217
218 /**
219 * Process Register Form
220 *
221 * @since 2.0
222 *
223 * @param array $data Data sent from the register form
224 *
225 * @return bool
226 */
227 function give_process_register_form( $data ) {
228
229 if ( is_user_logged_in() ) {
230 return false;
231 }
232
233 if ( empty( $_POST['give_register_submit'] ) ) {
234 return false;
235 }
236
237 /**
238 * Fires before processing user registration.
239 *
240 * @since 1.0
241 */
242 do_action( 'give_pre_process_register_form' );
243
244 if ( empty( $data['give_user_login'] ) ) {
245 give_set_error( 'empty_username', esc_html__( 'Invalid username.', 'give' ) );
246 }
247
248 if ( username_exists( $data['give_user_login'] ) ) {
249 give_set_error( 'username_unavailable', esc_html__( 'Username already taken.', 'give' ) );
250 }
251
252 if ( ! validate_username( $data['give_user_login'] ) ) {
253 give_set_error( 'username_invalid', esc_html__( 'Invalid username.', 'give' ) );
254 }
255
256 if ( email_exists( $data['give_user_email'] ) ) {
257 give_set_error( 'email_unavailable', esc_html__( 'Email address already taken.', 'give' ) );
258 }
259
260 if ( empty( $data['give_user_email'] ) || ! is_email( $data['give_user_email'] ) ) {
261 give_set_error( 'email_invalid', esc_html__( 'Invalid email.', 'give' ) );
262 }
263
264 if ( ! empty( $data['give_payment_email'] ) && $data['give_payment_email'] != $data['give_user_email'] && ! is_email( $data['give_payment_email'] ) ) {
265 give_set_error( 'payment_email_invalid', esc_html__( 'Invalid payment email.', 'give' ) );
266 }
267
268 if ( empty( $_POST['give_user_pass'] ) ) {
269 give_set_error( 'empty_password', esc_html__( 'Please enter a password.', 'give' ) );
270 }
271
272 if ( ( ! empty( $_POST['give_user_pass'] ) && empty( $_POST['give_user_pass2'] ) ) || ( $_POST['give_user_pass'] !== $_POST['give_user_pass2'] ) ) {
273 give_set_error( 'password_mismatch', esc_html__( 'Passwords don\'t match.', 'give' ) );
274 }
275
276 /**
277 * Fires while processing user registration.
278 *
279 * @since 1.0
280 */
281 do_action( 'give_process_register_form' );
282
283 // Check for errors and redirect if none present
284 $errors = give_get_errors();
285
286 if ( empty( $errors ) ) {
287
288 $redirect = apply_filters( 'give_register_redirect', $data['give_redirect'] );
289
290 give_register_and_login_new_user( array(
291 'user_login' => $data['give_user_login'],
292 'user_pass' => $data['give_user_pass'],
293 'user_email' => $data['give_user_email'],
294 'user_registered' => date( 'Y-m-d H:i:s' ),
295 'role' => get_option( 'default_role' ),
296 ) );
297
298 wp_redirect( $redirect );
299 give_die();
300 }
301 }
302
303 add_action( 'give_user_register', 'give_process_register_form' );
304
305
306 /**
307 * Email access login form.
308 *
309 * @since 1.8.17
310 *
311 * @return bool
312 */
313 function give_email_access_login() {
314
315 // Verify nonce.
316 if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'give' ) ) {
317 return false;
318 }
319
320 // Need email to proceed.
321 $email = isset( $_POST['give_email'] ) ? give_clean( $_POST['give_email'] ) : '';
322 if ( empty( $email ) ) {
323 give_set_error( 'give_empty_email', __( 'Please enter the email address you used for your donation.', 'give' ) );
324 }
325
326 $recaptcha_key = give_get_option( 'recaptcha_key' );
327 $recaptcha_secret = give_get_option( 'recaptcha_secret' );
328
329 $enable_recaptcha = ( give_is_setting_enabled( give_get_option( 'enable_recaptcha' ) ) ) && ! empty( $recaptcha_key ) && ! empty( $recaptcha_secret ) ? true : false;
330 $access_token = ! empty( $_GET['payment_key'] ) ? $_GET['payment_key'] : '';
331
332 // Use reCAPTCHA.
333 if ( $enable_recaptcha ) {
334
335 $args = array(
336 'secret' => $recaptcha_secret,
337 'response' => $_POST['g-recaptcha-response'],
338 'remoteip' => $_POST['give_ip'],
339 );
340
341 if ( ! empty( $args['response'] ) ) {
342 $request = wp_remote_post( 'https://www.google.com/recaptcha/api/siteverify', array(
343 'body' => $args,
344 ) );
345 if ( ! is_wp_error( $request ) || 200 == wp_remote_retrieve_response_code( $request ) ) {
346
347 $response = json_decode( $request['body'], true );
348
349 // reCAPTCHA fail.
350 if ( ! $response['success'] ) {
351 give_set_error( 'give_recaptcha_test_failed', apply_filters( 'give_recaptcha_test_failed_message', __( 'reCAPTCHA test failed.', 'give' ) ) );
352 }
353 } else {
354
355 // Connection issue.
356 give_set_error( 'give_recaptcha_connection_issue', apply_filters( 'give_recaptcha_connection_issue_message', __( 'Unable to connect to reCAPTCHA server.', 'give' ) ) );
357
358 } // End if().
359 } else {
360
361 give_set_error( 'give_recaptcha_failed', apply_filters( 'give_recaptcha_failed_message', __( 'It looks like the reCAPTCHA test has failed.', 'give' ) ) );
362
363 } // End if().
364 } // End if().
365
366 // If no errors or only expired token key error - then send email.
367 if ( ! give_get_errors() ) {
368
369 $donor = Give()->donors->get_donor_by( 'email', $email );
370
371 Give()->email_access->init();
372
373 // Verify that donor object is present and donor is connected with its user profile or not.
374 if ( is_object( $donor ) ) {
375
376 // Verify that email can be sent.
377 if ( ! Give()->email_access->can_send_email( $donor->id ) ) {
378
379 $_POST['email-access-exhausted'] = true;
380
381 return false;
382
383 } else {
384 // Send the email. Requests not
385 $email_sent = Give()->email_access->send_email( $donor->id, $donor->email );
386
387 if ( ! $email_sent ) {
388 give_set_error( 'give_email_access_send_issue', __( 'Unable to send email. Please try again.', 'give' ) );
389 return false;
390 }
391
392 $_POST['email-access-sent'] = true;
393
394 return true;
395 }
396 } else {
397
398 give_set_error( 'give-no-donations', __( 'We were unable to find any donations associated with the email address provided. Please try again using another email.', 'give' ) );
399
400 }
401 } // End if().
402
403 }
404
405 add_action( 'give_email_access_form_login', 'give_email_access_login' );
406