PluginProbe ʕ •ᴥ•ʔ
Tutor LMS – eLearning and online course solution / 1.6.0
Tutor LMS – eLearning and online course solution v1.6.0
3.9.14 3.9.13 3.9.12 3.9.11 trunk 1.0.0 1.0.0-alpha 1.0.1 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9 1.1.0 1.1.1 1.2.0 1.2.1 1.2.11 1.2.12 1.2.13 1.2.20 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 1.4.9 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.5.9 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.6.9 1.7.0 1.7.1 1.7.2 1.7.3 1.7.4 1.7.5 1.7.6 1.7.7 1.7.8 1.7.9 1.8.0 1.8.1 1.8.10 1.8.2 1.8.3 1.8.4 1.8.5 1.8.6 1.8.7 1.8.8 1.8.9 1.9.0 1.9.1 1.9.10 1.9.11 1.9.12 1.9.13 1.9.14 1.9.15 1.9.16 1.9.2 1.9.3 1.9.4 1.9.5 1.9.6 1.9.7 1.9.8 1.9.9 2.0.0 2.0.1 2.0.10 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.0.8 2.0.9 2.1.0 2.1.1 2.1.10 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.1.9 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.3.0 2.4.0 2.5.0 2.6.0 2.6.1 2.6.2 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.7.6 2.7.7 3.0.0 3.0.1 3.0.2 3.1.0 3.2.0 3.2.1 3.2.2 3.2.3 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.6.0 3.6.1 3.6.2 3.6.3 3.6.4 3.7.0 3.7.1 3.7.2 3.7.3 3.7.4 3.8.0 3.8.1 3.8.2 3.8.3 3.9.0 3.9.1 3.9.10 3.9.2 3.9.3 3.9.4 3.9.5 3.9.6 3.9.7 3.9.8 3.9.9
tutor / classes / FormHandler.php
tutor / classes Last commit date
Addons.php 6 years ago Admin.php 6 years ago Ajax.php 6 years ago Assets.php 6 years ago Course.php 6 years ago Course_Settings_Tabs.php 6 years ago Course_Widget.php 6 years ago Dashboard.php 6 years ago Email.php 6 years ago FormHandler.php 6 years ago Frontend.php 6 years ago Gutenberg.php 6 years ago Instructor.php 6 years ago Instructors_List.php 6 years ago Lesson.php 6 years ago Options.php 6 years ago Post_types.php 6 years ago Q_and_A.php 6 years ago Question_Answers_List.php 6 years ago Quiz.php 6 years ago Quiz_Attempts_List.php 6 years ago RestAPI.php 6 years ago Rewrite_Rules.php 6 years ago Shortcode.php 6 years ago Student.php 6 years ago Students_List.php 6 years ago Taxonomies.php 6 years ago Template.php 6 years ago Theme_Compatibility.php 6 years ago Tools.php 6 years ago Tutor.php 6 years ago TutorEDD.php 6 years ago Tutor_Base.php 6 years ago Tutor_List_Table.php 6 years ago Tutor_Setup.php 6 years ago Upgrader.php 6 years ago User.php 6 years ago Utils.php 6 years ago Video_Stream.php 6 years ago Withdraw.php 6 years ago Withdraw_Requests_List.php 6 years ago WooCommerce.php 6 years ago
FormHandler.php
234 lines
1 <?php
2 /**
3 * FormHandler class
4 *
5 * @author: themeum
6 * @author_uri: https://themeum.com
7 * @package Tutor
8 * @since v.1.4.3
9 */
10
11 namespace TUTOR;
12
13
14 if ( ! defined( 'ABSPATH' ) )
15 exit;
16
17
18 class FormHandler {
19
20 public function __construct() {
21 add_action('tutor_action_tutor_user_login', array($this, 'process_login'));
22 add_action('tutor_action_tutor_retrieve_password', array($this, 'tutor_retrieve_password'));
23 add_action('tutor_action_tutor_process_reset_password', array($this, 'tutor_process_reset_password'));
24
25 add_action( 'tutor_reset_password_notification', array( $this, 'reset_password_notification' ), 10, 2 );
26 add_filter( 'tutor_lostpassword_url', array( $this, 'lostpassword_url' ) );
27 }
28
29 public function process_login(){
30 tutils()->checking_nonce();
31
32 $username = tutils()->array_get('log', $_POST);
33 $password = tutils()->array_get('pwd', $_POST);
34
35 try {
36 $creds = array(
37 'user_login' => trim( wp_unslash( $username ) ), // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
38 'user_password' => $password, // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized, WordPress.Security.ValidatedSanitizedInput.MissingUnslash
39 'remember' => isset( $_POST['rememberme'] ), // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
40 );
41
42 $validation_error = new \WP_Error();
43 $validation_error = apply_filters( 'tutor_process_login_errors', $validation_error, $creds['user_login'], $creds['user_password'] );
44
45 if ( $validation_error->get_error_code() ) {
46 throw new \Exception( '<strong>' . __( 'Error:', 'tutor' ) . '</strong> ' . $validation_error->get_error_message() );
47 }
48
49 if ( empty( $creds['user_login'] ) ) {
50 throw new \Exception( '<strong>' . __( 'Error:', 'tutor' ) . '</strong> ' . __( 'Username is required.', 'tutor' ) );
51 }
52
53 // On multisite, ensure user exists on current site, if not add them before allowing login.
54 if ( is_multisite() ) {
55 $user_data = get_user_by( is_email( $creds['user_login'] ) ? 'email' : 'login', $creds['user_login'] );
56
57 if ( $user_data && ! is_user_member_of_blog( $user_data->ID, get_current_blog_id() ) ) {
58 add_user_to_blog( get_current_blog_id(), $user_data->ID, 'customer' );
59 }
60 }
61
62 // Perform the login.
63 $user = wp_signon( apply_filters( 'tutor_login_credentials', $creds ), is_ssl() );
64
65 if ( is_wp_error( $user ) ) {
66 $message = $user->get_error_message();
67 $message = str_replace( '<strong>' . esc_html( $creds['user_login'] ) . '</strong>', '<strong>' . esc_html( $creds['user_login'] ) . '</strong>', $message );
68 throw new \Exception( $message );
69 } else {
70 tutor_redirect_back(apply_filters('tutor_login_redirect_url', tutils()->tutor_dashboard_url()));
71 }
72 } catch ( \Exception $e ) {
73 tutor_flash_set('warning', apply_filters( 'login_errors', $e->getMessage()) );
74 do_action( 'tutor_login_failed' );
75 }
76 }
77
78 public function tutor_retrieve_password(){
79 tutils()->checking_nonce();
80
81 $login = sanitize_user( tutils()->array_get('user_login', $_POST));
82
83 if ( empty( $login ) ) {
84 tutor_flash_set('danger', __( 'Enter a username or email address.', 'tutor' ));
85 return false;
86 } else {
87 // Check on username first, as customers can use emails as usernames.
88 $user_data = get_user_by( 'login', $login );
89 }
90
91 // If no user found, check if it login is email and lookup user based on email.
92 if ( ! $user_data && is_email( $login ) && apply_filters( 'tutor_get_username_from_email', true ) ) {
93 $user_data = get_user_by( 'email', $login );
94 }
95
96 $errors = new \WP_Error();
97
98 do_action( 'lostpassword_post', $errors );
99
100 if ( $errors->get_error_code() ) {
101 tutor_flash_set('danger', $errors->get_error_message() );
102 return false;
103 }
104
105 if ( ! $user_data ) {
106 tutor_flash_set('danger', __( 'Invalid username or email.', 'tutor' ) );
107 return false;
108 }
109
110 if ( is_multisite() && ! is_user_member_of_blog( $user_data->ID, get_current_blog_id() ) ) {
111 tutor_flash_set('danger', __( 'Invalid username or email.', 'tutor' ) );
112 return false;
113 }
114
115 // Redefining user_login ensures we return the right case in the email.
116 $user_login = $user_data->user_login;
117
118 do_action( 'retrieve_password', $user_login );
119
120 $allow = apply_filters( 'allow_password_reset', true, $user_data->ID );
121
122 if ( ! $allow ) {
123 tutor_flash_set('danger', __( 'Password reset is not allowed for this user', 'tutor' ) );
124 return false;
125 } elseif ( is_wp_error( $allow ) ) {
126 tutor_flash_set('danger', $allow->get_error_message() );
127 return false;
128 }
129
130 // Get password reset key (function introduced in WordPress 4.4).
131 $key = get_password_reset_key($user_data);
132
133 // Send email notification.
134 do_action( 'tutor_reset_password_notification', $user_login, $key );
135 }
136
137 public function reset_password_notification( $user_login = '', $reset_key = ''){
138 $this->sendNotification($user_login, $reset_key);
139
140 $html = "<h3>".__('Check your E-Mail', 'tutor')."</h3>";
141 $html .= "<p>".__("We've sent an email to this account's email address. Click the link in the email to reset your password", 'tutor')."</p>";
142 $html .= "<p>".__("If you don't see the email, check other places it might be, like your junk, spam, social, promotion or others folders.", 'tutor')."</p>";
143 tutor_flash_set('success', $html);
144 }
145
146 public function lostpassword_url($url){
147 return tutils()->tutor_dashboard_url('retrieve-password');
148 }
149
150 public function tutor_process_reset_password(){
151 tutils()->checking_nonce();
152
153 $reset_key = sanitize_text_field(tutils()->array_get('reset_key', $_POST));
154 $user_id = (int) sanitize_text_field(tutils()->array_get('user_id', $_POST));
155 $password = sanitize_text_field(tutils()->array_get('password', $_POST));
156 $confirm_password = sanitize_text_field(tutils()->array_get('confirm_password', $_POST));
157
158 $user = get_user_by('ID', $user_id);
159 $user = check_password_reset_key( $reset_key, $user->user_login );
160
161 if ( is_wp_error( $user ) ) {
162 tutor_flash_set('danger', __( 'This key is invalid or has already been used. Please reset your password again if needed.', 'tutor') );
163 return false;
164 }
165
166
167 if ( $user instanceof \WP_User ) {
168 if ( !$password ) {
169 tutor_flash_set('danger', __( 'Please enter your password.', 'tutor') );
170 return false;
171 }
172
173 if ( $password !== $confirm_password) {
174 tutor_flash_set('danger', __( 'Passwords do not match.', 'tutor') );
175 return false;
176 }
177
178 tutils()->reset_password($user, $password);
179
180 do_action( 'tutor_user_reset_password', $user );
181
182 // Perform the login.
183 $creds = array('user_login' => $user->user_login, 'user_password' => $password, 'remember' => true);
184 $user = wp_signon( apply_filters( 'tutor_login_credentials', $creds ), is_ssl() );
185
186 do_action( 'tutor_user_reset_password_login', $user );
187
188 wp_safe_redirect( tutils()->tutor_dashboard_url() );
189 exit;
190 }
191 }
192
193 /**
194 * @param $user_login
195 * @param $reset_key
196 *
197 * Send E-Mail notification
198 * We are sending directly right now, later we will introduce centralised E-Mail notification System...
199 */
200 public function sendNotification($user_login, $reset_key){
201 //Send the E-Mail to user
202
203 $user_data = get_user_by( 'login', $user_login );
204
205 $variable = array(
206 'user_login' => $user_login,
207 'reset_key' => $reset_key,
208 'user_id' => $user_data->ID,
209 );
210
211 $html = tutor_get_template_html('email.send-reset-password', $variable);
212 $subject = sprintf(__( 'Password Reset Request for %s', 'tutor' ), get_option( 'blogname' ));
213
214 $header = 'Content-Type: text/html' . "\r\n";
215
216 add_filter( 'wp_mail_from', array( $this, 'get_from_address' ) );
217 add_filter( 'wp_mail_from_name', array( $this, 'get_from_name' ) );
218
219 wp_mail($user_data->user_email, $subject, $html, $header);
220
221 remove_filter( 'wp_mail_from', array( $this, 'get_from_address' ) );
222 remove_filter( 'wp_mail_from_name', array( $this, 'get_from_name' ) );
223 }
224
225 public function get_from_address(){
226 return apply_filters('tutor_email_from_address', get_tutor_option('email_from_address'));
227 }
228
229 public function get_from_name(){
230 return apply_filters('tutor_email_from_name', get_tutor_option('email_from_name'));
231 }
232
233
234 }