PluginProbe ʕ •ᴥ•ʔ
Secure Custom Fields / trunk
Secure Custom Fields vtrunk
6.9.1 6.9.0 6.8.9 6.8.7 6.8.8 6.8.6 6.8.4 6.8.5 trunk 6.4.0-beta1 6.4.0-beta2 6.4.1 6.4.1-beta3 6.4.1-beta4 6.4.1-beta5 6.4.1-beta6 6.4.1-beta7 6.4.2 6.5.0 6.5.1 6.5.2 6.5.3 6.5.4 6.5.5 6.5.6 6.5.7 6.6.0 6.7.0 6.7.1 6.8.0 6.8.1 6.8.2 6.8.3
secure-custom-fields / includes / forms / form-user.php
secure-custom-fields / includes / forms Last commit date
WC_Order.php 10 hours ago form-attachment.php 1 year ago form-comment.php 7 months ago form-customizer.php 10 months ago form-front.php 3 weeks ago form-gutenberg.php 1 year ago form-nav-menu.php 7 months ago form-post.php 1 month ago form-taxonomy.php 2 weeks ago form-user.php 7 months ago form-widget.php 10 months ago index.php 1 year ago
form-user.php
361 lines
1 <?php
2
3 if ( ! defined( 'ABSPATH' ) ) {
4 exit; // Exit if accessed directly
5 }
6
7 if ( ! class_exists( 'ACF_Form_User' ) ) :
8
9 class ACF_Form_User {
10
11
12 /** @var string The current view (new, edit, register) */
13 var $view = '';
14
15
16 /**
17 * This function will setup the class functionality
18 *
19 * @type function
20 * @date 5/03/2014
21 * @since ACF 5.0.0
22 *
23 * @param n/a
24 * @return n/a
25 */
26 function __construct() {
27
28 // enqueue
29 add_action( 'admin_enqueue_scripts', array( $this, 'admin_enqueue_scripts' ) );
30 add_action( 'login_form_register', array( $this, 'login_form_register' ) );
31
32 // render
33 add_action( 'show_user_profile', array( $this, 'render_edit' ) );
34 add_action( 'edit_user_profile', array( $this, 'render_edit' ) );
35 add_action( 'user_new_form', array( $this, 'render_new' ) );
36 add_action( 'register_form', array( $this, 'render_register' ) );
37
38 // save
39 add_action( 'user_register', array( $this, 'save_user' ) );
40 add_action( 'profile_update', array( $this, 'save_user' ) );
41
42 // Perform validation before new user is registered.
43 add_filter( 'registration_errors', array( $this, 'filter_registration_errors' ), 10, 3 );
44 }
45
46
47 /**
48 * admin_enqueue_scripts
49 *
50 * Checks current screen and enqueues scripts
51 *
52 * @date 17/4/18
53 * @since ACF 5.6.9
54 *
55 * @return void
56 */
57 function admin_enqueue_scripts() {
58
59 // bail early if not valid screen
60 if ( ! acf_is_screen( array( 'profile', 'user', 'user-edit', 'profile-network', 'user-network', 'user-edit-network' ) ) ) {
61 return;
62 }
63
64 // enqueue
65 acf_enqueue_scripts();
66 }
67
68
69 /**
70 * login_form_register
71 *
72 * Customizes and enqueues scripts
73 *
74 * @date 17/4/18
75 * @since ACF 5.6.9
76 *
77 * @return void
78 */
79 function login_form_register() {
80
81 // customize action prefix so that "admin_head" = "login_head"
82 acf_enqueue_scripts(
83 array(
84 'context' => 'login',
85 )
86 );
87 }
88
89
90 /**
91 * Called during the user register form
92 *
93 * @type function
94 * @date 8/10/13
95 * @since ACF 5.0.0
96 *
97 * @return void
98 */
99 function render_register() {
100
101 // render
102 $this->render(
103 array(
104 'user_id' => 0,
105 'view' => 'register',
106 'el' => 'div',
107 )
108 );
109 }
110
111
112 /**
113 * Called during the user edit form
114 *
115 * @type function
116 * @date 8/10/13
117 * @since ACF 5.0.0
118 *
119 * @return void
120 */
121 function render_edit( $user ) {
122
123 // add compatibility with front-end user profile edit forms such as bbPress
124 if ( ! is_admin() ) {
125 acf_enqueue_scripts();
126 }
127
128 // render
129 $this->render(
130 array(
131 'user_id' => $user->ID,
132 'view' => 'edit',
133 'el' => 'tr',
134 )
135 );
136 }
137
138
139 /**
140 * description
141 *
142 * @type function
143 * @date 8/10/13
144 * @since ACF 5.0.0
145 *
146 * @param $post_id (int)
147 * @return $post_id (int)
148 */
149 function render_new() {
150
151 // Multisite uses a different 'user-new.php' form. Don't render fields here
152 if ( is_multisite() ) {
153 return;
154 }
155
156 // render
157 $this->render(
158 array(
159 'user_id' => 0,
160 'view' => 'add',
161 'el' => 'tr',
162 )
163 );
164 }
165
166
167 /**
168 * This function will render ACF fields for a given $post_id parameter
169 *
170 * @type function
171 * @since ACF 5.0.0
172 *
173 * @param $user_id (int) this can be set to 0 for a new user
174 * @param $user_form (string) used for location rule matching. edit | add | register
175 * @param $el (string)
176 * @return n/a
177 */
178 function render( $args = array() ) {
179
180 // Allow $_POST data to persist across form submission attempts.
181 if ( isset( $_POST['acf'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Missing
182 add_filter( 'acf/pre_load_value', array( $this, 'filter_pre_load_value' ), 10, 3 );
183 }
184
185 // defaults
186 $args = wp_parse_args(
187 $args,
188 array(
189 'user_id' => 0,
190 'view' => 'edit',
191 'el' => 'tr',
192 )
193 );
194
195 // vars
196 $post_id = 'user_' . $args['user_id'];
197
198 // get field groups
199 $field_groups = acf_get_field_groups(
200 array(
201 'user_id' => $args['user_id'] ? $args['user_id'] : 'new',
202 'user_form' => $args['view'],
203 )
204 );
205
206 // bail early if no field groups
207 if ( empty( $field_groups ) ) {
208 return;
209 }
210
211 // form data
212 acf_form_data(
213 array(
214 'screen' => 'user',
215 'post_id' => $post_id,
216 'validation' => ( $args['view'] == 'register' ) ? 0 : 1,
217 )
218 );
219
220 // elements
221 $before = '<table class="form-table"><tbody>';
222 $after = '</tbody></table>';
223
224 if ( $args['el'] == 'div' ) {
225 $before = '<div class="acf-user-' . esc_attr( $args['view'] ) . '-fields acf-fields -clear">';
226 $after = '</div>';
227 }
228
229 // loop
230 foreach ( $field_groups as $field_group ) {
231
232 // vars
233 $fields = acf_get_fields( $field_group );
234
235 // title
236 if ( 'default' === $field_group['style'] ) {
237 echo '<h2>' . acf_esc_html( acf_get_field_group_title( $field_group ) ) . '</h2>';
238 }
239
240 // render
241 echo $before; //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- safe HTML string.
242 acf_render_fields( $fields, $post_id, $args['el'], $field_group['instruction_placement'] );
243 echo $after; //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- safe HTML string.
244 }
245
246 // actions
247 add_action( 'acf/input/admin_footer', array( $this, 'admin_footer' ), 10, 1 );
248 }
249
250
251 /**
252 * description
253 *
254 * @type function
255 * @date 27/03/2015
256 * @since ACF 5.1.5
257 *
258 * @param $post_id (int)
259 * @return $post_id (int)
260 */
261 function admin_footer() {
262
263 // script
264 ?>
265 <script type="text/javascript">
266 (function($) {
267
268 // vars
269 var view = '<?php echo esc_attr( $this->view ); ?>';
270
271 // add missing spinners
272 var $submit = $('input.button-primary');
273 if (!$submit.next('.spinner').length) {
274 $submit.after('<span class="spinner"></span>');
275 }
276
277 })(jQuery);
278 </script>
279 <?php
280 }
281
282
283 /**
284 * description
285 *
286 * @type function
287 * @date 8/10/13
288 * @since ACF 5.0.0
289 *
290 * @param $post_id (int)
291 * @return $post_id (int)
292 */
293 function save_user( $user_id ) {
294
295 // verify nonce
296 if ( ! acf_verify_nonce( 'user' ) ) {
297 return $user_id;
298 }
299
300 // save
301 if ( acf_validate_save_post( true ) ) {
302 acf_save_post( "user_$user_id" );
303 }
304 }
305
306 /**
307 * filter_registration_errors
308 *
309 * Validates $_POST data and appends any errors to prevent new user registration.
310 *
311 * @date 12/7/19
312 * @since ACF 5.8.1
313 *
314 * @param WP_Error $errors A WP_Error object containing any errors encountered during registration.
315 * @param string $sanitized_user_login User's username after it has been sanitized.
316 * @param string $user_email User's email.
317 * @return WP_Error
318 */
319 function filter_registration_errors( $errors, $sanitized_user_login, $user_email ) {
320 if ( ! acf_validate_save_post() ) {
321 $acf_errors = acf_get_validation_errors();
322 foreach ( $acf_errors as $acf_error ) {
323 $errors->add(
324 acf_idify( $acf_error['input'] ),
325 /* translators: %s: Error message. */
326 acf_esc_html( acf_punctify( sprintf( __( '<strong>Error</strong>: %s', 'secure-custom-fields' ), $acf_error['message'] ) ) )
327 );
328 }
329 }
330 return $errors;
331 }
332
333 /**
334 * filter_pre_load_value
335 *
336 * Checks if a $_POST value exists for this field to allow persistent values.
337 *
338 * @date 12/7/19
339 * @since ACF 5.8.2
340 *
341 * @param null $null A null placeholder.
342 * @param (int|string) $post_id The post id.
343 * @param array $field The field array.
344 * @return mixed
345 */
346 function filter_pre_load_value( $null, $post_id, $field ) {
347 $field_key = $field['key'];
348 // phpcs:disable WordPress.Security.NonceVerification.Missing -- Verified in save_user().
349 if ( isset( $_POST['acf'][ $field_key ] ) ) {
350 return $_POST['acf'][ $field_key ]; // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- Sanitized elsewhere.
351 }
352 // phpcs:enable WordPress.Security.NonceVerification.Missing
353 return $null;
354 }
355 }
356
357 // instantiate
358 acf_new_instance( 'ACF_Form_User' );
359 endif; // class_exists check
360
361 ?>