PluginProbe ʕ •ᴥ•ʔ
GiveWP – Donation Plugin and Fundraising Platform / 2.5.13
GiveWP – Donation Plugin and Fundraising Platform v2.5.13
4.16.2 4.16.1 4.16.0 4.15.5 4.15.4 4.15.3 4.15.2 4.15.1 4.15.0 2.3.0 2.3.1 2.3.2 2.30.0 2.31.0 2.31.1 2.32.0 2.33.0 2.33.1 2.33.2 2.33.3 2.33.4 2.33.5 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.5.0 2.5.1 2.5.10 2.5.11 2.5.12 2.5.13 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.5.7 2.5.8 2.5.9 2.6.0 2.6.1 2.6.2 2.6.3 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.9.0 2.9.1 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.10.0 3.11.0 3.12.0 3.12.1 3.12.2 3.12.3 3.13.0 3.14.0 3.14.1 3.14.2 3.15.0 3.15.1 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.17.0 3.17.1 3.17.2 3.18.0 3.19.0 3.19.1 3.19.2 3.19.3 3.19.4 3.2.0 3.2.1 3.2.2 3.20.0 3.21.0 3.21.1 3.22.0 3.22.1 3.22.2 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.5.1 3.6.0 3.6.1 3.6.2 3.7.0 3.8.0 3.9.0 4.0.0 4.1.0 4.1.1 4.10.0 4.10.1 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.14.5 4.14.6 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.1 4.7.0 4.7.1 4.8.0 4.8.1 4.9.0 trunk 1.9.0 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.12.1 2.12.2 2.12.3 2.13.0 2.13.1 2.13.2 2.13.3 2.13.4 2.14.0 2.15.0 2.16.0 2.16.1 2.17.0 2.17.1 2.17.3 2.18.0 2.18.1 2.19.1 2.19.2 2.19.3 2.19.4 2.19.5 2.19.6 2.19.7 2.19.8 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.20.0 2.20.1 2.20.2 2.21.0 2.21.1 2.21.2 2.21.3 2.21.4 2.22.0 2.22.1 2.22.2 2.22.3 2.23.0 2.23.1 2.23.2 2.24.0 2.24.1 2.24.2 2.25.0 2.25.1 2.25.2 2.25.3 2.26.0 2.27.0 2.27.1 2.27.2 2.27.3 2.28.0 2.29.0 2.29.1 2.29.2
give / includes / login-register.php
give / includes Last commit date
admin 6 years ago api 6 years ago database 6 years ago deprecated 6 years ago donors 6 years ago emails 6 years ago forms 6 years ago frontend 7 years ago gateways 6 years ago libraries 7 years ago payments 6 years ago actions.php 6 years ago ajax-functions.php 6 years ago class-give-async-process.php 7 years ago class-give-background-updater.php 6 years ago class-give-cache-setting.php 6 years ago class-give-cache.php 6 years ago class-give-cli-commands.php 6 years ago class-give-comment.php 7 years ago class-give-cron.php 6 years ago class-give-donate-form.php 6 years ago class-give-donor-wall-widget.php 6 years ago class-give-donor.php 6 years ago class-give-email-access.php 7 years ago class-give-license-handler.php 6 years ago class-give-logging.php 7 years ago class-give-readme-parser.php 7 years ago class-give-roles.php 6 years ago class-give-scripts.php 6 years ago class-give-session.php 6 years ago class-give-stats.php 7 years ago class-give-template-loader.php 8 years ago class-give-tooltips.php 7 years ago class-give-translation.php 8 years ago class-notices.php 6 years ago country-functions.php 6 years ago currencies-list.php 6 years ago currency-functions.php 6 years ago error-tracking.php 7 years ago filters.php 7 years ago formatting.php 6 years ago install.php 6 years ago login-register.php 7 years ago misc-functions.php 6 years ago plugin-compatibility.php 6 years ago post-types.php 6 years ago price-functions.php 7 years ago process-donation.php 6 years ago setting-functions.php 6 years ago shortcodes.php 6 years ago template-functions.php 6 years ago user-functions.php 6 years ago
login-register.php
409 lines
1 <?php
2 /**
3 * Login / Register Functions
4 *
5 * @package Give
6 * @subpackage Functions/Login
7 * @copyright Copyright (c) 2016, GiveWP
8 * @license https://opensource.org/licenses/gpl-license GNU Public License
9 * @since 1.0
10 */
11
12 // Exit if accessed directly.
13 if ( ! defined( 'ABSPATH' ) ) {
14 exit;
15 }
16
17 /**
18 * Login Form
19 *
20 * @since 1.0
21 * @global $give_login_redirect
22 * @global $give_logout_redirect
23 *
24 * @param string $login_redirect Login redirect page URL
25 * @param string $logout_redirect Logout redirect page URL
26 *
27 * @return string Login form
28 */
29 function give_login_form( $login_redirect = '', $logout_redirect = '' ) {
30
31 if ( empty( $login_redirect ) ) {
32 $login_redirect = add_query_arg( 'give-login-success', 'true', give_get_history_page_uri() );
33 }
34
35 if ( empty( $logout_redirect ) ) {
36 $logout_redirect = add_query_arg( 'give-logout-success', 'true', give_get_current_page_url() );
37 }
38
39 // Add user_logout action to logout url.
40 $logout_redirect = add_query_arg(
41 array(
42 'give_action' => 'user_logout',
43 'give_logout_nonce' => wp_create_nonce( 'give-logout-nonce' ),
44 'give_logout_redirect' => urlencode( $logout_redirect ),
45 ),
46 home_url( '/' )
47 );
48
49 ob_start();
50
51 give_get_template(
52 'shortcode-login',
53 array(
54 'give_login_redirect' => $login_redirect,
55 'give_logout_redirect' => $logout_redirect,
56 )
57 );
58
59 return apply_filters( 'give_login_form', ob_get_clean() );
60 }
61
62 /**
63 * Registration Form
64 *
65 * @since 2.0
66 * @global $give_register_redirect
67 *
68 * @param string $redirect Redirect page URL
69 *
70 * @return string Register form
71 */
72 function give_register_form( $redirect = '' ) {
73 if ( empty( $redirect ) ) {
74 $redirect = give_get_current_page_url();
75 }
76
77 ob_start();
78
79 if ( ! is_user_logged_in() ) {
80 give_get_template(
81 'shortcode-register',
82 array(
83 'give_register_redirect' => $redirect,
84 )
85 );
86 }
87
88 return apply_filters( 'give_register_form', ob_get_clean() );
89 }
90
91 /**
92 * Process Login Form
93 *
94 * @since 1.0
95 *
96 * @param array $data Data sent from the login form
97 *
98 * @return void
99 */
100 function give_process_login_form( $data ) {
101
102 if ( wp_verify_nonce( $data['give_login_nonce'], 'give-login-nonce' ) ) {
103
104 // Set Receipt Access Session.
105 if ( ! empty( $_GET['donation_id'] ) ) {
106 Give()->session->set( 'receipt_access', true );
107 }
108
109 $user_data = get_user_by( 'login', $data['give_user_login'] );
110
111 if ( ! $user_data ) {
112 $user_data = get_user_by( 'email', $data['give_user_login'] );
113 }
114
115 if ( $user_data ) {
116
117 $user_id = $user_data->ID;
118
119 if ( wp_check_password( $data['give_user_pass'], $user_data->user_pass, $user_id ) ) {
120 give_log_user_in( $user_data->ID, $data['give_user_login'], $data['give_user_pass'] );
121 } else {
122 give_set_error( 'password_incorrect', __( 'The password you entered is incorrect.', 'give' ) );
123 }
124 } else {
125 give_set_error( 'username_incorrect', __( 'The username you entered does not exist.', 'give' ) );
126 }
127
128 // Check for errors and redirect if none present.
129 $errors = give_get_errors();
130
131 if ( ! $errors ) {
132 $redirect = apply_filters( 'give_login_redirect', $data['give_login_redirect'], $user_id );
133 wp_redirect( $redirect );
134 give_die();
135 }
136 }
137 }
138
139 add_action( 'give_user_login', 'give_process_login_form' );
140
141
142 /**
143 * Process User Logout
144 *
145 * @since 1.0
146 *
147 * @param array $data Data sent from the give login form page
148 *
149 * @return void
150 */
151 function give_process_user_logout( $data ) {
152 if ( wp_verify_nonce( $data['give_logout_nonce'], 'give-logout-nonce' ) && is_user_logged_in() ) {
153
154 // Prevent occurring of any custom action on wp_logout.
155 remove_all_actions( 'wp_logout' );
156
157 /**
158 * Fires before processing user logout.
159 *
160 * @since 1.0
161 */
162 do_action( 'give_before_user_logout' );
163
164 // Logout user.
165 wp_logout();
166
167 /**
168 * Fires after processing user logout.
169 *
170 * @since 1.0
171 */
172 do_action( 'give_after_user_logout' );
173
174 wp_redirect( $data['give_logout_redirect'] );
175 give_die();
176 }
177 }
178
179 add_action( 'give_user_logout', 'give_process_user_logout' );
180
181 /**
182 * Log User In
183 *
184 * @since 1.0
185 *
186 * @param int $user_id User ID
187 * @param string $user_login Username
188 * @param string $user_pass Password
189 *
190 * @return bool
191 */
192 function give_log_user_in( $user_id, $user_login, $user_pass ) {
193
194 if ( $user_id < 1 ) {
195 return false;
196 }
197
198 wp_set_auth_cookie( $user_id );
199 wp_set_current_user( $user_id, $user_login );
200
201 /**
202 * Fires after the user has successfully logged in.
203 *
204 * @since 1.0
205 *
206 * @param string $user_login Username.
207 * @param WP_User $$user WP_User object of the logged-in user.
208 */
209 do_action( 'wp_login', $user_login, get_userdata( $user_id ) );
210
211 /**
212 * Fires after give user has successfully logged in.
213 *
214 * @since 1.0
215 *
216 * @param int $$user_id User id.
217 * @param string $user_login Username.
218 * @param string $user_pass User password.
219 */
220 do_action( 'give_log_user_in', $user_id, $user_login, $user_pass );
221 }
222
223
224 /**
225 * Process Register Form
226 *
227 * @since 2.0
228 *
229 * @param array $data Data sent from the register form
230 *
231 * @return bool
232 */
233 function give_process_register_form( $data ) {
234
235 if ( is_user_logged_in() ) {
236 return false;
237 }
238
239 if ( empty( $_POST['give_register_submit'] ) ) {
240 return false;
241 }
242
243 /**
244 * Fires before processing user registration.
245 *
246 * @since 1.0
247 */
248 do_action( 'give_pre_process_register_form' );
249
250 if ( empty( $data['give_user_login'] ) ) {
251 give_set_error( 'empty_username', esc_html__( 'Invalid username.', 'give' ) );
252 }
253
254 if ( username_exists( $data['give_user_login'] ) ) {
255 give_set_error( 'username_unavailable', esc_html__( 'Username already taken.', 'give' ) );
256 }
257
258 if ( ! validate_username( $data['give_user_login'] ) ) {
259 give_set_error( 'username_invalid', esc_html__( 'Invalid username.', 'give' ) );
260 }
261
262 if ( email_exists( $data['give_user_email'] ) ) {
263 give_set_error( 'email_unavailable', esc_html__( 'Email address already taken.', 'give' ) );
264 }
265
266 if ( empty( $data['give_user_email'] ) || ! is_email( $data['give_user_email'] ) ) {
267 give_set_error( 'email_invalid', esc_html__( 'Invalid email.', 'give' ) );
268 }
269
270 if ( ! empty( $data['give_payment_email'] ) && $data['give_payment_email'] != $data['give_user_email'] && ! is_email( $data['give_payment_email'] ) ) {
271 give_set_error( 'payment_email_invalid', esc_html__( 'Invalid payment email.', 'give' ) );
272 }
273
274 if ( empty( $_POST['give_user_pass'] ) ) {
275 give_set_error( 'empty_password', esc_html__( 'Please enter a password.', 'give' ) );
276 }
277
278 if ( ( ! empty( $_POST['give_user_pass'] ) && empty( $_POST['give_user_pass2'] ) ) || ( $_POST['give_user_pass'] !== $_POST['give_user_pass2'] ) ) {
279 give_set_error( 'password_mismatch', esc_html__( 'Passwords don\'t match.', 'give' ) );
280 }
281
282 /**
283 * Fires while processing user registration.
284 *
285 * @since 1.0
286 */
287 do_action( 'give_process_register_form' );
288
289 // Check for errors and redirect if none present
290 $errors = give_get_errors();
291
292 if ( empty( $errors ) ) {
293
294 $redirect = apply_filters( 'give_register_redirect', $data['give_redirect'] );
295
296 give_register_and_login_new_user( array(
297 'user_login' => $data['give_user_login'],
298 'user_pass' => $data['give_user_pass'],
299 'user_email' => $data['give_user_email'],
300 'user_registered' => date( 'Y-m-d H:i:s' ),
301 'role' => get_option( 'default_role' ),
302 ) );
303
304 wp_redirect( $redirect );
305 give_die();
306 }
307 }
308
309 add_action( 'give_user_register', 'give_process_register_form' );
310
311
312 /**
313 * Email access login form.
314 *
315 * @since 1.8.17
316 *
317 * @return bool
318 */
319 function give_email_access_login() {
320
321 // Verify nonce.
322 if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'give' ) ) {
323 return false;
324 }
325
326 // Need email to proceed.
327 $email = isset( $_POST['give_email'] ) ? give_clean( $_POST['give_email'] ) : '';
328 if ( empty( $email ) ) {
329 give_set_error( 'give_empty_email', __( 'Please enter the email address you used for your donation.', 'give' ) );
330 }
331
332 $recaptcha_key = give_get_option( 'recaptcha_key' );
333 $recaptcha_secret = give_get_option( 'recaptcha_secret' );
334 $enable_recaptcha = ( give_is_setting_enabled( give_get_option( 'enable_recaptcha' ) ) ) && ! empty( $recaptcha_key ) && ! empty( $recaptcha_secret ) ? true : false;
335
336 // Use reCAPTCHA.
337 if ( $enable_recaptcha ) {
338
339 $args = array(
340 'secret' => $recaptcha_secret,
341 'response' => $_POST['g-recaptcha-response'],
342 'remoteip' => $_POST['give_ip'],
343 );
344
345 if ( ! empty( $args['response'] ) ) {
346 $request = wp_remote_post( 'https://www.google.com/recaptcha/api/siteverify', array(
347 'body' => $args,
348 ) );
349 if ( ! is_wp_error( $request ) || 200 == wp_remote_retrieve_response_code( $request ) ) {
350
351 $response = json_decode( $request['body'], true );
352
353 // reCAPTCHA fail.
354 if ( ! $response['success'] ) {
355 give_set_error( 'give_recaptcha_test_failed', apply_filters( 'give_recaptcha_test_failed_message', __( 'reCAPTCHA test failed.', 'give' ) ) );
356 }
357 } else {
358
359 // Connection issue.
360 give_set_error( 'give_recaptcha_connection_issue', apply_filters( 'give_recaptcha_connection_issue_message', __( 'Unable to connect to reCAPTCHA server.', 'give' ) ) );
361
362 } // End if().
363 } else {
364
365 give_set_error( 'give_recaptcha_failed', apply_filters( 'give_recaptcha_failed_message', __( 'It looks like the reCAPTCHA test has failed.', 'give' ) ) );
366
367 } // End if().
368 } // End if().
369
370 // If no errors or only expired token key error - then send email.
371 if ( ! give_get_errors() ) {
372
373 $donor = Give()->donors->get_donor_by( 'email', $email );
374 Give()->email_access->init();
375
376 // Verify that donor object is present and donor is connected with its user profile or not.
377 if ( is_object( $donor ) ) {
378
379 // Verify that email can be sent.
380 if ( ! Give()->email_access->can_send_email( $donor->id ) ) {
381
382 $_POST['email-access-exhausted'] = true;
383
384 return false;
385
386 } else {
387 // Send the email. Requests not
388 $email_sent = Give()->email_access->send_email( $donor->id, $donor->email );
389
390 if ( ! $email_sent ) {
391 give_set_error( 'give_email_access_send_issue', __( 'Unable to send email. Please try again.', 'give' ) );
392 return false;
393 }
394
395 $_POST['email-access-sent'] = true;
396
397 return true;
398 }
399 } else {
400
401 give_set_error( 'give-no-donations', __( 'We were unable to find any donations associated with the email address provided. Please try again using another email.', 'give' ) );
402
403 }
404 } // End if().
405
406 }
407
408 add_action( 'give_email_access_form_login', 'give_email_access_login' );
409