Addons.php
6 years ago
Admin.php
6 years ago
Ajax.php
6 years ago
Assets.php
6 years ago
Course.php
6 years ago
Course_Settings_Tabs.php
6 years ago
Course_Widget.php
6 years ago
Dashboard.php
6 years ago
Email.php
6 years ago
FormHandler.php
6 years ago
Frontend.php
6 years ago
Gutenberg.php
6 years ago
Instructor.php
6 years ago
Instructors_List.php
6 years ago
Lesson.php
6 years ago
Options.php
6 years ago
Post_types.php
6 years ago
Q_and_A.php
6 years ago
Question_Answers_List.php
6 years ago
Quiz.php
6 years ago
Quiz_Attempts_List.php
6 years ago
RestAPI.php
6 years ago
Rewrite_Rules.php
6 years ago
Shortcode.php
6 years ago
Student.php
6 years ago
Students_List.php
6 years ago
Taxonomies.php
6 years ago
Template.php
6 years ago
Theme_Compatibility.php
6 years ago
Tools.php
6 years ago
Tutor.php
6 years ago
TutorEDD.php
6 years ago
Tutor_Base.php
6 years ago
Tutor_List_Table.php
6 years ago
Upgrader.php
6 years ago
User.php
6 years ago
Utils.php
6 years ago
Video_Stream.php
6 years ago
Withdraw.php
6 years ago
Withdraw_Requests_List.php
6 years ago
WooCommerce.php
6 years ago
FormHandler.php
248 lines
| 1 | <?php |
| 2 | /** |
| 3 | * FormHandler class |
| 4 | * |
| 5 | * @author: themeum |
| 6 | * @author_uri: https://themeum.com |
| 7 | * @package Tutor |
| 8 | * @since v.1.4.3 |
| 9 | */ |
| 10 | |
| 11 | namespace TUTOR; |
| 12 | |
| 13 | |
| 14 | if ( ! defined( 'ABSPATH' ) ) |
| 15 | exit; |
| 16 | |
| 17 | |
| 18 | class FormHandler { |
| 19 | |
| 20 | public function __construct() { |
| 21 | add_action('tutor_action_tutor_user_login', array($this, 'process_login')); |
| 22 | add_action('tutor_action_tutor_retrieve_password', array($this, 'tutor_retrieve_password')); |
| 23 | add_action('tutor_action_tutor_process_reset_password', array($this, 'tutor_process_reset_password')); |
| 24 | |
| 25 | add_action( 'tutor_reset_password_notification', array( $this, 'reset_password_notification' ), 10, 2 ); |
| 26 | add_filter( 'tutor_lostpassword_url', array( $this, 'lostpassword_url' ) ); |
| 27 | } |
| 28 | |
| 29 | public function process_login(){ |
| 30 | tutils()->checking_nonce(); |
| 31 | |
| 32 | |
| 33 | $username = tutils()->array_get('log', $_POST); |
| 34 | $password = tutils()->array_get('pwd', $_POST); |
| 35 | |
| 36 | |
| 37 | try { |
| 38 | $creds = array( |
| 39 | 'user_login' => trim( wp_unslash( $username ) ), // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized |
| 40 | 'user_password' => $password, // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized, WordPress.Security.ValidatedSanitizedInput.MissingUnslash |
| 41 | 'remember' => isset( $_POST['rememberme'] ), // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized |
| 42 | ); |
| 43 | |
| 44 | |
| 45 | $validation_error = new \WP_Error(); |
| 46 | $validation_error = apply_filters( 'tutor_process_login_errors', $validation_error, $creds['user_login'], $creds['user_password'] ); |
| 47 | |
| 48 | if ( $validation_error->get_error_code() ) { |
| 49 | throw new \Exception( '<strong>' . __( 'Error:', 'tutor' ) . '</strong> ' . $validation_error->get_error_message() ); |
| 50 | } |
| 51 | |
| 52 | if ( empty( $creds['user_login'] ) ) { |
| 53 | throw new \Exception( '<strong>' . __( 'Error:', 'tutor' ) . '</strong> ' . __( 'Username is required.', 'tutor' ) ); |
| 54 | } |
| 55 | |
| 56 | // On multisite, ensure user exists on current site, if not add them before allowing login. |
| 57 | if ( is_multisite() ) { |
| 58 | $user_data = get_user_by( is_email( $creds['user_login'] ) ? 'email' : 'login', $creds['user_login'] ); |
| 59 | |
| 60 | if ( $user_data && ! is_user_member_of_blog( $user_data->ID, get_current_blog_id() ) ) { |
| 61 | add_user_to_blog( get_current_blog_id(), $user_data->ID, 'customer' ); |
| 62 | } |
| 63 | } |
| 64 | |
| 65 | // Perform the login. |
| 66 | $user = wp_signon( apply_filters( 'tutor_login_credentials', $creds ), is_ssl() ); |
| 67 | |
| 68 | if ( is_wp_error( $user ) ) { |
| 69 | $message = $user->get_error_message(); |
| 70 | $message = str_replace( '<strong>' . esc_html( $creds['user_login'] ) . '</strong>', '<strong>' . esc_html( $creds['user_login'] ) . '</strong>', $message ); |
| 71 | throw new \Exception( $message ); |
| 72 | } else { |
| 73 | tutor_redirect_back(apply_filters('tutor_login_redirect_url', tutils()->tutor_dashboard_url())); |
| 74 | } |
| 75 | } catch ( \Exception $e ) { |
| 76 | tutor_flash_set('warning', apply_filters( 'login_errors', $e->getMessage()) ); |
| 77 | do_action( 'tutor_login_failed' ); |
| 78 | } |
| 79 | |
| 80 | |
| 81 | |
| 82 | } |
| 83 | |
| 84 | |
| 85 | |
| 86 | |
| 87 | |
| 88 | public function tutor_retrieve_password(){ |
| 89 | tutils()->checking_nonce(); |
| 90 | |
| 91 | //echo '<pre>'; |
| 92 | //die(print_r($_POST)); |
| 93 | |
| 94 | $login = sanitize_user( tutils()->array_get('user_login', $_POST)); |
| 95 | |
| 96 | if ( empty( $login ) ) { |
| 97 | tutor_flash_set('danger', __( 'Enter a username or email address.', 'tutor' )); |
| 98 | return false; |
| 99 | } else { |
| 100 | // Check on username first, as customers can use emails as usernames. |
| 101 | $user_data = get_user_by( 'login', $login ); |
| 102 | } |
| 103 | |
| 104 | // If no user found, check if it login is email and lookup user based on email. |
| 105 | if ( ! $user_data && is_email( $login ) && apply_filters( 'tutor_get_username_from_email', true ) ) { |
| 106 | $user_data = get_user_by( 'email', $login ); |
| 107 | } |
| 108 | |
| 109 | $errors = new \WP_Error(); |
| 110 | |
| 111 | do_action( 'lostpassword_post', $errors ); |
| 112 | |
| 113 | if ( $errors->get_error_code() ) { |
| 114 | tutor_flash_set('danger', $errors->get_error_message() ); |
| 115 | return false; |
| 116 | } |
| 117 | |
| 118 | if ( ! $user_data ) { |
| 119 | tutor_flash_set('danger', __( 'Invalid username or email.', 'tutor' ) ); |
| 120 | return false; |
| 121 | } |
| 122 | |
| 123 | if ( is_multisite() && ! is_user_member_of_blog( $user_data->ID, get_current_blog_id() ) ) { |
| 124 | tutor_flash_set('danger', __( 'Invalid username or email.', 'tutor' ) ); |
| 125 | return false; |
| 126 | } |
| 127 | |
| 128 | // Redefining user_login ensures we return the right case in the email. |
| 129 | $user_login = $user_data->user_login; |
| 130 | |
| 131 | do_action( 'retrieve_password', $user_login ); |
| 132 | |
| 133 | $allow = apply_filters( 'allow_password_reset', true, $user_data->ID ); |
| 134 | |
| 135 | if ( ! $allow ) { |
| 136 | tutor_flash_set('danger', __( 'Password reset is not allowed for this user', 'tutor' ) ); |
| 137 | return false; |
| 138 | } elseif ( is_wp_error( $allow ) ) { |
| 139 | tutor_flash_set('danger', $allow->get_error_message() ); |
| 140 | return false; |
| 141 | } |
| 142 | |
| 143 | // Get password reset key (function introduced in WordPress 4.4). |
| 144 | $key = get_password_reset_key($user_data); |
| 145 | |
| 146 | // Send email notification. |
| 147 | do_action( 'tutor_reset_password_notification', $user_login, $key ); |
| 148 | } |
| 149 | |
| 150 | |
| 151 | public function reset_password_notification( $user_login = '', $reset_key = ''){ |
| 152 | $this->sendNotification($user_login, $reset_key); |
| 153 | |
| 154 | $html = "<h3>".__('Check your E-Mail', 'tutor')."</h3>"; |
| 155 | $html .= "<p>".__("We've sent an email to this account's email address. Click the link in the email to reset your password", 'tutor')."</p>"; |
| 156 | $html .= "<p>".__("If you don't see the email, check other places it might be, like your junk, spam, social, promotion or others folders.", 'tutor')."</p>"; |
| 157 | tutor_flash_set('success', $html); |
| 158 | } |
| 159 | |
| 160 | public function lostpassword_url($url){ |
| 161 | return tutils()->tutor_dashboard_url('retrieve-password'); |
| 162 | } |
| 163 | |
| 164 | public function tutor_process_reset_password(){ |
| 165 | tutils()->checking_nonce(); |
| 166 | |
| 167 | $reset_key = sanitize_text_field(tutils()->array_get('reset_key', $_POST)); |
| 168 | $user_id = (int) sanitize_text_field(tutils()->array_get('user_id', $_POST)); |
| 169 | $password = sanitize_text_field(tutils()->array_get('password', $_POST)); |
| 170 | $confirm_password = sanitize_text_field(tutils()->array_get('confirm_password', $_POST)); |
| 171 | |
| 172 | $user = get_user_by('ID', $user_id); |
| 173 | $user = check_password_reset_key( $reset_key, $user->user_login ); |
| 174 | |
| 175 | if ( is_wp_error( $user ) ) { |
| 176 | tutor_flash_set('danger', __( 'This key is invalid or has already been used. Please reset your password again if needed.', 'tutor') ); |
| 177 | return false; |
| 178 | } |
| 179 | |
| 180 | |
| 181 | if ( $user instanceof \WP_User ) { |
| 182 | if ( !$password ) { |
| 183 | tutor_flash_set('danger', __( 'Please enter your password.', 'tutor') ); |
| 184 | return false; |
| 185 | } |
| 186 | |
| 187 | if ( $password !== $confirm_password) { |
| 188 | tutor_flash_set('danger', __( 'Passwords do not match.', 'tutor') ); |
| 189 | return false; |
| 190 | } |
| 191 | |
| 192 | tutils()->reset_password($user, $password); |
| 193 | |
| 194 | do_action( 'tutor_user_reset_password', $user ); |
| 195 | |
| 196 | // Perform the login. |
| 197 | $creds = array('user_login' => $user->user_login, 'user_password' => $password, 'remember' => true); |
| 198 | $user = wp_signon( apply_filters( 'tutor_login_credentials', $creds ), is_ssl() ); |
| 199 | |
| 200 | do_action( 'tutor_user_reset_password_login', $user ); |
| 201 | |
| 202 | wp_safe_redirect( tutils()->tutor_dashboard_url() ); |
| 203 | exit; |
| 204 | } |
| 205 | } |
| 206 | |
| 207 | /** |
| 208 | * @param $user_login |
| 209 | * @param $reset_key |
| 210 | * |
| 211 | * Send E-Mail notification |
| 212 | * We are sending directly right now, later we will introduce centralised E-Mail notification System... |
| 213 | */ |
| 214 | public function sendNotification($user_login, $reset_key){ |
| 215 | //Send the E-Mail to user |
| 216 | |
| 217 | $user_data = get_user_by( 'login', $user_login ); |
| 218 | |
| 219 | $variable = array( |
| 220 | 'user_login' => $user_login, |
| 221 | 'reset_key' => $reset_key, |
| 222 | 'user_id' => $user_data->ID, |
| 223 | ); |
| 224 | |
| 225 | $html = tutor_get_template_html('email.send-reset-password', $variable); |
| 226 | $subject = sprintf(__( 'Password Reset Request for %s', 'tutor' ), get_option( 'blogname' )); |
| 227 | |
| 228 | $header = 'Content-Type: text/html' . "\r\n"; |
| 229 | |
| 230 | add_filter( 'wp_mail_from', array( $this, 'get_from_address' ) ); |
| 231 | add_filter( 'wp_mail_from_name', array( $this, 'get_from_name' ) ); |
| 232 | |
| 233 | wp_mail($user_data->user_email, $subject, $html, $header); |
| 234 | |
| 235 | remove_filter( 'wp_mail_from', array( $this, 'get_from_address' ) ); |
| 236 | remove_filter( 'wp_mail_from_name', array( $this, 'get_from_name' ) ); |
| 237 | } |
| 238 | |
| 239 | public function get_from_address(){ |
| 240 | return apply_filters('tutor_email_from_address', get_tutor_option('email_from_address')); |
| 241 | } |
| 242 | |
| 243 | public function get_from_name(){ |
| 244 | return apply_filters('tutor_email_from_name', get_tutor_option('email_from_name')); |
| 245 | } |
| 246 | |
| 247 | |
| 248 | } |