PluginProbe ʕ •ᴥ•ʔ
Tutor LMS – eLearning and online course solution / 1.5.6
Tutor LMS – eLearning and online course solution v1.5.6
3.9.14 3.9.13 3.9.12 3.9.11 trunk 1.0.0 1.0.0-alpha 1.0.1 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9 1.1.0 1.1.1 1.2.0 1.2.1 1.2.11 1.2.12 1.2.13 1.2.20 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 1.4.9 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.5.9 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.6.9 1.7.0 1.7.1 1.7.2 1.7.3 1.7.4 1.7.5 1.7.6 1.7.7 1.7.8 1.7.9 1.8.0 1.8.1 1.8.10 1.8.2 1.8.3 1.8.4 1.8.5 1.8.6 1.8.7 1.8.8 1.8.9 1.9.0 1.9.1 1.9.10 1.9.11 1.9.12 1.9.13 1.9.14 1.9.15 1.9.16 1.9.2 1.9.3 1.9.4 1.9.5 1.9.6 1.9.7 1.9.8 1.9.9 2.0.0 2.0.1 2.0.10 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.0.8 2.0.9 2.1.0 2.1.1 2.1.10 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.1.9 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.3.0 2.4.0 2.5.0 2.6.0 2.6.1 2.6.2 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.7.6 2.7.7 3.0.0 3.0.1 3.0.2 3.1.0 3.2.0 3.2.1 3.2.2 3.2.3 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.6.0 3.6.1 3.6.2 3.6.3 3.6.4 3.7.0 3.7.1 3.7.2 3.7.3 3.7.4 3.8.0 3.8.1 3.8.2 3.8.3 3.9.0 3.9.1 3.9.10 3.9.2 3.9.3 3.9.4 3.9.5 3.9.6 3.9.7 3.9.8 3.9.9
tutor / classes / FormHandler.php
tutor / classes Last commit date
Addons.php 6 years ago Admin.php 6 years ago Ajax.php 6 years ago Assets.php 6 years ago Course.php 6 years ago Course_Settings_Tabs.php 6 years ago Course_Widget.php 6 years ago Dashboard.php 6 years ago Email.php 6 years ago FormHandler.php 6 years ago Frontend.php 6 years ago Gutenberg.php 6 years ago Instructor.php 6 years ago Instructors_List.php 6 years ago Lesson.php 6 years ago Options.php 6 years ago Post_types.php 6 years ago Q_and_A.php 6 years ago Question_Answers_List.php 6 years ago Quiz.php 6 years ago Quiz_Attempts_List.php 6 years ago RestAPI.php 6 years ago Rewrite_Rules.php 6 years ago Shortcode.php 6 years ago Student.php 6 years ago Students_List.php 6 years ago Taxonomies.php 6 years ago Template.php 6 years ago Theme_Compatibility.php 6 years ago Tools.php 6 years ago Tutor.php 6 years ago TutorEDD.php 6 years ago Tutor_Base.php 6 years ago Tutor_List_Table.php 6 years ago Upgrader.php 6 years ago User.php 6 years ago Utils.php 6 years ago Video_Stream.php 6 years ago Withdraw.php 6 years ago Withdraw_Requests_List.php 6 years ago WooCommerce.php 6 years ago
FormHandler.php
248 lines
1 <?php
2 /**
3 * FormHandler class
4 *
5 * @author: themeum
6 * @author_uri: https://themeum.com
7 * @package Tutor
8 * @since v.1.4.3
9 */
10
11 namespace TUTOR;
12
13
14 if ( ! defined( 'ABSPATH' ) )
15 exit;
16
17
18 class FormHandler {
19
20 public function __construct() {
21 add_action('tutor_action_tutor_user_login', array($this, 'process_login'));
22 add_action('tutor_action_tutor_retrieve_password', array($this, 'tutor_retrieve_password'));
23 add_action('tutor_action_tutor_process_reset_password', array($this, 'tutor_process_reset_password'));
24
25 add_action( 'tutor_reset_password_notification', array( $this, 'reset_password_notification' ), 10, 2 );
26 add_filter( 'tutor_lostpassword_url', array( $this, 'lostpassword_url' ) );
27 }
28
29 public function process_login(){
30 tutils()->checking_nonce();
31
32
33 $username = tutils()->array_get('log', $_POST);
34 $password = tutils()->array_get('pwd', $_POST);
35
36
37 try {
38 $creds = array(
39 'user_login' => trim( wp_unslash( $username ) ), // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
40 'user_password' => $password, // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized, WordPress.Security.ValidatedSanitizedInput.MissingUnslash
41 'remember' => isset( $_POST['rememberme'] ), // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
42 );
43
44
45 $validation_error = new \WP_Error();
46 $validation_error = apply_filters( 'tutor_process_login_errors', $validation_error, $creds['user_login'], $creds['user_password'] );
47
48 if ( $validation_error->get_error_code() ) {
49 throw new \Exception( '<strong>' . __( 'Error:', 'tutor' ) . '</strong> ' . $validation_error->get_error_message() );
50 }
51
52 if ( empty( $creds['user_login'] ) ) {
53 throw new \Exception( '<strong>' . __( 'Error:', 'tutor' ) . '</strong> ' . __( 'Username is required.', 'tutor' ) );
54 }
55
56 // On multisite, ensure user exists on current site, if not add them before allowing login.
57 if ( is_multisite() ) {
58 $user_data = get_user_by( is_email( $creds['user_login'] ) ? 'email' : 'login', $creds['user_login'] );
59
60 if ( $user_data && ! is_user_member_of_blog( $user_data->ID, get_current_blog_id() ) ) {
61 add_user_to_blog( get_current_blog_id(), $user_data->ID, 'customer' );
62 }
63 }
64
65 // Perform the login.
66 $user = wp_signon( apply_filters( 'tutor_login_credentials', $creds ), is_ssl() );
67
68 if ( is_wp_error( $user ) ) {
69 $message = $user->get_error_message();
70 $message = str_replace( '<strong>' . esc_html( $creds['user_login'] ) . '</strong>', '<strong>' . esc_html( $creds['user_login'] ) . '</strong>', $message );
71 throw new \Exception( $message );
72 } else {
73 tutor_redirect_back(apply_filters('tutor_login_redirect_url', tutils()->tutor_dashboard_url()));
74 }
75 } catch ( \Exception $e ) {
76 tutor_flash_set('warning', apply_filters( 'login_errors', $e->getMessage()) );
77 do_action( 'tutor_login_failed' );
78 }
79
80
81
82 }
83
84
85
86
87
88 public function tutor_retrieve_password(){
89 tutils()->checking_nonce();
90
91 //echo '<pre>';
92 //die(print_r($_POST));
93
94 $login = sanitize_user( tutils()->array_get('user_login', $_POST));
95
96 if ( empty( $login ) ) {
97 tutor_flash_set('danger', __( 'Enter a username or email address.', 'tutor' ));
98 return false;
99 } else {
100 // Check on username first, as customers can use emails as usernames.
101 $user_data = get_user_by( 'login', $login );
102 }
103
104 // If no user found, check if it login is email and lookup user based on email.
105 if ( ! $user_data && is_email( $login ) && apply_filters( 'tutor_get_username_from_email', true ) ) {
106 $user_data = get_user_by( 'email', $login );
107 }
108
109 $errors = new \WP_Error();
110
111 do_action( 'lostpassword_post', $errors );
112
113 if ( $errors->get_error_code() ) {
114 tutor_flash_set('danger', $errors->get_error_message() );
115 return false;
116 }
117
118 if ( ! $user_data ) {
119 tutor_flash_set('danger', __( 'Invalid username or email.', 'tutor' ) );
120 return false;
121 }
122
123 if ( is_multisite() && ! is_user_member_of_blog( $user_data->ID, get_current_blog_id() ) ) {
124 tutor_flash_set('danger', __( 'Invalid username or email.', 'tutor' ) );
125 return false;
126 }
127
128 // Redefining user_login ensures we return the right case in the email.
129 $user_login = $user_data->user_login;
130
131 do_action( 'retrieve_password', $user_login );
132
133 $allow = apply_filters( 'allow_password_reset', true, $user_data->ID );
134
135 if ( ! $allow ) {
136 tutor_flash_set('danger', __( 'Password reset is not allowed for this user', 'tutor' ) );
137 return false;
138 } elseif ( is_wp_error( $allow ) ) {
139 tutor_flash_set('danger', $allow->get_error_message() );
140 return false;
141 }
142
143 // Get password reset key (function introduced in WordPress 4.4).
144 $key = get_password_reset_key($user_data);
145
146 // Send email notification.
147 do_action( 'tutor_reset_password_notification', $user_login, $key );
148 }
149
150
151 public function reset_password_notification( $user_login = '', $reset_key = ''){
152 $this->sendNotification($user_login, $reset_key);
153
154 $html = "<h3>".__('Check your E-Mail', 'tutor')."</h3>";
155 $html .= "<p>".__("We've sent an email to this account's email address. Click the link in the email to reset your password", 'tutor')."</p>";
156 $html .= "<p>".__("If you don't see the email, check other places it might be, like your junk, spam, social, promotion or others folders.", 'tutor')."</p>";
157 tutor_flash_set('success', $html);
158 }
159
160 public function lostpassword_url($url){
161 return tutils()->tutor_dashboard_url('retrieve-password');
162 }
163
164 public function tutor_process_reset_password(){
165 tutils()->checking_nonce();
166
167 $reset_key = sanitize_text_field(tutils()->array_get('reset_key', $_POST));
168 $user_id = (int) sanitize_text_field(tutils()->array_get('user_id', $_POST));
169 $password = sanitize_text_field(tutils()->array_get('password', $_POST));
170 $confirm_password = sanitize_text_field(tutils()->array_get('confirm_password', $_POST));
171
172 $user = get_user_by('ID', $user_id);
173 $user = check_password_reset_key( $reset_key, $user->user_login );
174
175 if ( is_wp_error( $user ) ) {
176 tutor_flash_set('danger', __( 'This key is invalid or has already been used. Please reset your password again if needed.', 'tutor') );
177 return false;
178 }
179
180
181 if ( $user instanceof \WP_User ) {
182 if ( !$password ) {
183 tutor_flash_set('danger', __( 'Please enter your password.', 'tutor') );
184 return false;
185 }
186
187 if ( $password !== $confirm_password) {
188 tutor_flash_set('danger', __( 'Passwords do not match.', 'tutor') );
189 return false;
190 }
191
192 tutils()->reset_password($user, $password);
193
194 do_action( 'tutor_user_reset_password', $user );
195
196 // Perform the login.
197 $creds = array('user_login' => $user->user_login, 'user_password' => $password, 'remember' => true);
198 $user = wp_signon( apply_filters( 'tutor_login_credentials', $creds ), is_ssl() );
199
200 do_action( 'tutor_user_reset_password_login', $user );
201
202 wp_safe_redirect( tutils()->tutor_dashboard_url() );
203 exit;
204 }
205 }
206
207 /**
208 * @param $user_login
209 * @param $reset_key
210 *
211 * Send E-Mail notification
212 * We are sending directly right now, later we will introduce centralised E-Mail notification System...
213 */
214 public function sendNotification($user_login, $reset_key){
215 //Send the E-Mail to user
216
217 $user_data = get_user_by( 'login', $user_login );
218
219 $variable = array(
220 'user_login' => $user_login,
221 'reset_key' => $reset_key,
222 'user_id' => $user_data->ID,
223 );
224
225 $html = tutor_get_template_html('email.send-reset-password', $variable);
226 $subject = sprintf(__( 'Password Reset Request for %s', 'tutor' ), get_option( 'blogname' ));
227
228 $header = 'Content-Type: text/html' . "\r\n";
229
230 add_filter( 'wp_mail_from', array( $this, 'get_from_address' ) );
231 add_filter( 'wp_mail_from_name', array( $this, 'get_from_name' ) );
232
233 wp_mail($user_data->user_email, $subject, $html, $header);
234
235 remove_filter( 'wp_mail_from', array( $this, 'get_from_address' ) );
236 remove_filter( 'wp_mail_from_name', array( $this, 'get_from_name' ) );
237 }
238
239 public function get_from_address(){
240 return apply_filters('tutor_email_from_address', get_tutor_option('email_from_address'));
241 }
242
243 public function get_from_name(){
244 return apply_filters('tutor_email_from_name', get_tutor_option('email_from_name'));
245 }
246
247
248 }