assets
1 year ago
messages
1 year ago
register-user-action.php
7 months ago
register-user.php
1 year ago
register-user-action.php
305 lines
| 1 | <?php |
| 2 | |
| 3 | namespace JFB_Modules\Actions_V2\Register_User; |
| 4 | |
| 5 | use Jet_Form_Builder\Actions\Action_Handler; |
| 6 | use JFB_Modules\Actions_V2\Update_User\Properties\User_Meta_Property; |
| 7 | use Jet_Form_Builder\Actions\Types\Base; |
| 8 | use Jet_Form_Builder\Classes\Tools; |
| 9 | use Jet_Form_Builder\Exceptions\Action_Exception; |
| 10 | |
| 11 | /** |
| 12 | * Define Base_Type class |
| 13 | */ |
| 14 | class Register_User_Action extends Base { |
| 15 | |
| 16 | public function get_name() { |
| 17 | return __( 'Register User', 'jet-form-builder' ); |
| 18 | } |
| 19 | |
| 20 | public function get_id() { |
| 21 | return 'register_user'; |
| 22 | } |
| 23 | |
| 24 | /** |
| 25 | * @throws Action_Exception |
| 26 | */ |
| 27 | public function can_register() { |
| 28 | $allow_register = $this->settings['allow_register'] ?? false; |
| 29 | $role_can_register = $this->settings['role_can_register'] ?? false; |
| 30 | |
| 31 | if ( $allow_register && ! $role_can_register ) { |
| 32 | throw new Action_Exception( 'failed', '`role_can_register` is empty' ); |
| 33 | } |
| 34 | |
| 35 | if ( is_user_logged_in() ) { |
| 36 | $user = wp_get_current_user(); |
| 37 | |
| 38 | if ( $allow_register && ! in_array( $role_can_register, $user->roles, true ) ) { |
| 39 | throw new Action_Exception( 'not_enough_cap' ); |
| 40 | } |
| 41 | |
| 42 | if ( ! $allow_register ) { |
| 43 | if ( isset( $this->settings['add_user_id'] ) && $this->settings['add_user_id'] ) { |
| 44 | jet_fb_action_handler()->response_data['user_id'] = (int) $user->ID; |
| 45 | jet_fb_context()->update_request( $user->ID, 'user_id' ); |
| 46 | return false; |
| 47 | } |
| 48 | |
| 49 | throw new Action_Exception( 'already_logged_in' ); |
| 50 | } |
| 51 | } elseif ( $allow_register ) { |
| 52 | throw new Action_Exception( 'not_logged_in' ); |
| 53 | } |
| 54 | |
| 55 | return true; |
| 56 | } |
| 57 | |
| 58 | /** |
| 59 | * @param array $request |
| 60 | * @param Action_Handler $handler |
| 61 | * |
| 62 | * @return mixed|void |
| 63 | * @throws Action_Exception |
| 64 | */ |
| 65 | public function do_action( array $request, Action_Handler $handler ) { |
| 66 | if ( ! $this->can_register() ) { |
| 67 | return; |
| 68 | } |
| 69 | |
| 70 | $fields_map = ! empty( $this->settings['fields_map'] ) ? $this->settings['fields_map'] : array(); |
| 71 | |
| 72 | // Prepare fields |
| 73 | $username = false; |
| 74 | $email = false; |
| 75 | $password = false; |
| 76 | $fname = false; |
| 77 | $lname = false; |
| 78 | $user_url = false; |
| 79 | $remember_field = $this->settings['remember_me_field'] ?? ''; |
| 80 | $is_remember = ! empty( $request[ $remember_field ] ); |
| 81 | |
| 82 | // If fields map for login, password or email is not set - abort but allow submit form (its not user fault) |
| 83 | if ( empty( $fields_map['login'] ) || empty( $fields_map['email'] ) || empty( $fields_map['password'] ) ) { |
| 84 | return; |
| 85 | } |
| 86 | |
| 87 | /** |
| 88 | * Validate username |
| 89 | */ |
| 90 | $raw_username = ! empty( $request[ $fields_map['login'] ] ) ? $request[ $fields_map['login'] ] : false; |
| 91 | |
| 92 | if ( ! $raw_username ) { |
| 93 | throw new Action_Exception( 'empty_username' ); |
| 94 | } |
| 95 | |
| 96 | $username = sanitize_user( $raw_username ); |
| 97 | |
| 98 | if ( $username !== $raw_username ) { |
| 99 | throw new Action_Exception( 'sanitize_user' ); |
| 100 | } |
| 101 | |
| 102 | if ( username_exists( $username ) ) { |
| 103 | throw new Action_Exception( 'username_exists' ); |
| 104 | } |
| 105 | // username - ok |
| 106 | |
| 107 | /** |
| 108 | * Validate email |
| 109 | */ |
| 110 | $raw_email = ! empty( $request[ $fields_map['email'] ] ) ? $request[ $fields_map['email'] ] : false; |
| 111 | |
| 112 | if ( ! $raw_email ) { |
| 113 | throw new Action_Exception( 'empty_email' ); |
| 114 | } |
| 115 | |
| 116 | $email = sanitize_email( $raw_email ); |
| 117 | |
| 118 | if ( $email !== $raw_email ) { |
| 119 | throw new Action_Exception( 'empty_email' ); |
| 120 | } |
| 121 | |
| 122 | if ( email_exists( $email ) ) { |
| 123 | |
| 124 | throw new Action_Exception( 'email_exists' ); |
| 125 | } |
| 126 | // email - ok |
| 127 | |
| 128 | /** |
| 129 | * Validate password |
| 130 | */ |
| 131 | $password = ! empty( $request[ $fields_map['password'] ] ) ? $request[ $fields_map['password'] ] : false; |
| 132 | |
| 133 | if ( ! $password ) { |
| 134 | throw new Action_Exception( 'empty_password' ); |
| 135 | } |
| 136 | |
| 137 | $is_password_hashed = Tools::is_wp_password_hash( $password ); |
| 138 | |
| 139 | if ( ! empty( $fields_map['confirm_password'] ) ) { |
| 140 | // Skip password validation for GATEWAY.SUCCESS event - passwords were already validated during form submission |
| 141 | $is_gateway_success = jet_fb_events()->is_current( 'GATEWAY.SUCCESS' ); |
| 142 | $is_gateway_failed = jet_fb_events()->is_current( 'GATEWAY.FAILED' ); |
| 143 | |
| 144 | if ( $is_gateway_success || $is_gateway_failed || $is_password_hashed ) { |
| 145 | $confirm_password = $password; |
| 146 | } else { |
| 147 | $confirm_password = ! empty( $request[ $fields_map['confirm_password'] ] ) ? $request[ $fields_map['confirm_password'] ] : false; |
| 148 | |
| 149 | if ( $confirm_password !== $password ) { |
| 150 | throw new Action_Exception( 'password_mismatch' ); |
| 151 | } |
| 152 | } |
| 153 | } |
| 154 | // password - ok |
| 155 | if ( ! empty( $fields_map['first_name'] ) ) { |
| 156 | $fname = ! empty( $request[ $fields_map['first_name'] ] ) ? $request[ $fields_map['first_name'] ] : false; |
| 157 | } |
| 158 | |
| 159 | if ( ! empty( $fields_map['last_name'] ) ) { |
| 160 | $lname = ! empty( $request[ $fields_map['last_name'] ] ) ? $request[ $fields_map['last_name'] ] : false; |
| 161 | } |
| 162 | |
| 163 | if ( ! empty( $fields_map['user_url'] ) ) { |
| 164 | $user_url = ! empty( $request[ $fields_map['user_url'] ] ) ? $request[ $fields_map['user_url'] ] : false; |
| 165 | } |
| 166 | |
| 167 | $metafields_map = ! empty( $this->settings['meta_fields_map'] ) ? $this->settings['meta_fields_map'] : array(); |
| 168 | $metadata = array(); |
| 169 | |
| 170 | if ( ! empty( $metafields_map ) ) { |
| 171 | foreach ( $metafields_map as $form_field => $meta_field ) { |
| 172 | /** |
| 173 | * We need this because WordPress automatically use this on insert to the database |
| 174 | */ |
| 175 | $meta_field = remove_accents( $meta_field ); |
| 176 | |
| 177 | /** |
| 178 | * @since 3.1.6 |
| 179 | */ |
| 180 | if ( in_array( $meta_field, User_Meta_Property::get_restricted_keys(), true ) ) { |
| 181 | continue; |
| 182 | } |
| 183 | if ( ! empty( $request[ $form_field ] ) ) { |
| 184 | $metadata[ $meta_field ] = $request[ $form_field ]; |
| 185 | } |
| 186 | } |
| 187 | } |
| 188 | |
| 189 | $userarr = array( |
| 190 | 'user_pass' => $password, |
| 191 | 'user_login' => $username, |
| 192 | 'user_email' => $email, |
| 193 | 'first_name' => $fname, |
| 194 | 'last_name' => $lname, |
| 195 | 'user_url' => $user_url, |
| 196 | ); |
| 197 | |
| 198 | $user_roles = isset( $this->settings['user_role'] ) ? Tools::get_array_of_user_roles( $this->settings['user_role'] ) : ''; |
| 199 | |
| 200 | if ( ! empty( $user_roles ) ) { |
| 201 | $main_role = Tools::get_main_user_role_by_priority( $user_roles ); |
| 202 | if ( ! empty( $main_role ) ) { |
| 203 | $userarr['role'] = $main_role; |
| 204 | } |
| 205 | } |
| 206 | |
| 207 | $user_id = wp_insert_user( $userarr ); |
| 208 | |
| 209 | if ( ! is_wp_error( $user_id ) ) { |
| 210 | |
| 211 | if ( ! empty( $user_roles ) ) { |
| 212 | $user = new \WP_User( $user_id ); |
| 213 | foreach ( $user_roles as $role ) { |
| 214 | if ( $role !== $main_role && 'administrator' !== $role ) { |
| 215 | $user->add_role( $role ); |
| 216 | } |
| 217 | } |
| 218 | } |
| 219 | |
| 220 | if ( $is_password_hashed ) { |
| 221 | global $wpdb; |
| 222 | |
| 223 | $wpdb->update( |
| 224 | $wpdb->users, |
| 225 | array( 'user_pass' => $password ), |
| 226 | array( 'ID' => $user_id ), |
| 227 | array( '%s' ), |
| 228 | array( '%d' ) |
| 229 | ); |
| 230 | } |
| 231 | |
| 232 | if ( ! empty( $metadata ) ) { |
| 233 | foreach ( $metadata as $meta_key => $meta_value ) { |
| 234 | |
| 235 | if ( $this->is_repeater_val( $meta_value ) ) { |
| 236 | |
| 237 | $prepared_value = array(); |
| 238 | |
| 239 | foreach ( $meta_value as $index => $row ) { |
| 240 | |
| 241 | $prepared_row = array(); |
| 242 | |
| 243 | foreach ( $row as $item_key => $item_value ) { |
| 244 | |
| 245 | $item_key = ! empty( $metafields_map[ $item_key ] ) ? Tools::sanitize_text_field( $metafields_map[ $item_key ] ) : $item_key; |
| 246 | |
| 247 | $prepared_row[ $item_key ] = $item_value; |
| 248 | } |
| 249 | |
| 250 | $prepared_value[ 'item-' . $index ] = $prepared_row; |
| 251 | } |
| 252 | |
| 253 | $meta_value = $prepared_value; |
| 254 | } |
| 255 | |
| 256 | update_user_meta( $user_id, $meta_key, $meta_value ); |
| 257 | } |
| 258 | } |
| 259 | |
| 260 | if ( ! empty( $this->settings['log_in'] ) ) { |
| 261 | |
| 262 | if ( $is_password_hashed ) { |
| 263 | // Clear user cache to ensure fresh data |
| 264 | clean_user_cache( $user_id ); |
| 265 | |
| 266 | // Get fresh user object |
| 267 | $user_obj = get_userdata( $user_id ); |
| 268 | |
| 269 | if ( $user_obj ) { |
| 270 | // Set current user first |
| 271 | wp_set_current_user( $user_id, $user_obj->user_login ); |
| 272 | |
| 273 | wp_set_auth_cookie( $user_id, $is_remember, is_ssl() ); |
| 274 | // Trigger wp_login action for compatibility with other plugins |
| 275 | do_action( 'wp_login', $user_obj->user_login, $user_obj ); |
| 276 | } |
| 277 | } else { |
| 278 | $user = wp_signon( |
| 279 | array( |
| 280 | 'user_login' => $username, |
| 281 | 'user_password' => $password, |
| 282 | 'remember' => $is_remember, |
| 283 | ) |
| 284 | ); |
| 285 | |
| 286 | if ( ! is_wp_error( $user ) ) { |
| 287 | wp_set_current_user( $user->ID ); |
| 288 | } |
| 289 | } |
| 290 | } |
| 291 | |
| 292 | if ( ! empty( $this->settings['add_user_id'] ) && $this->settings['add_user_id'] ) { |
| 293 | $handler->response_data['user_id'] = $user_id; |
| 294 | jet_fb_context()->update_request( $user_id, 'user_id' ); |
| 295 | } |
| 296 | } else { |
| 297 | // phpcs:ignore WordPress.Security.EscapeOutput.ExceptionNotEscaped |
| 298 | throw new Action_Exception( 'failed', $userarr ); |
| 299 | } |
| 300 | } |
| 301 | |
| 302 | |
| 303 | |
| 304 | } |
| 305 |