Addons.php
11 months ago
Admin.php
11 months ago
Ajax.php
1 year ago
Announcements.php
1 year ago
Assets.php
11 months ago
Backend_Page_Trait.php
1 year ago
BaseController.php
1 year ago
Config.php
11 months ago
Container.php
11 months ago
Course.php
11 months ago
Course_Embed.php
3 years ago
Course_Filter.php
1 year ago
Course_List.php
1 year ago
Course_Settings_Tabs.php
1 year ago
Course_Widget.php
1 year ago
Custom_Validation.php
3 years ago
Dashboard.php
1 year ago
Earnings.php
1 year ago
FormHandler.php
2 years ago
Frontend.php
1 year ago
Gutenberg.php
1 year ago
Icon.php
11 months ago
Input.php
1 year ago
Instructor.php
1 year ago
Instructors_List.php
11 months ago
Lesson.php
11 months ago
Options_V2.php
11 months ago
Permalink.php
2 years ago
Post_types.php
1 year ago
Private_Course_Access.php
1 year ago
Q_And_A.php
11 months ago
Question_Answers_List.php
11 months ago
Quiz.php
11 months ago
QuizBuilder.php
11 months ago
Quiz_Attempts_List.php
11 months ago
RestAPI.php
2 years ago
Reviews.php
11 months ago
Rewrite_Rules.php
2 years ago
Shortcode.php
1 year ago
Singleton.php
1 year ago
Student.php
1 year ago
Students_List.php
1 year ago
Taxonomies.php
1 year ago
Template.php
11 months ago
Theme_Compatibility.php
3 years ago
Tools.php
1 year ago
Tools_V2.php
1 year ago
Tutor.php
11 months ago
TutorEDD.php
1 year ago
Tutor_Base.php
2 years ago
Tutor_Setup.php
1 year ago
Upgrader.php
1 year ago
User.php
1 year ago
Utils.php
11 months ago
Video_Stream.php
3 years ago
WhatsNew.php
2 years ago
Withdraw.php
1 year ago
Withdraw_Requests_List.php
11 months ago
WooCommerce.php
1 year ago
FormHandler.php
259 lines
| 1 | <?php |
| 2 | /** |
| 3 | * Manage Form |
| 4 | * |
| 5 | * @package Tutor |
| 6 | * @author Themeum <support@themeum.com> |
| 7 | * @link https://themeum.com |
| 8 | * @since 1.4.3 |
| 9 | */ |
| 10 | |
| 11 | namespace TUTOR; |
| 12 | |
| 13 | if ( ! defined( 'ABSPATH' ) ) { |
| 14 | exit; |
| 15 | } |
| 16 | |
| 17 | /** |
| 18 | * FormHandler class |
| 19 | * |
| 20 | * @since 1.4.3 |
| 21 | */ |
| 22 | class FormHandler { |
| 23 | |
| 24 | /** |
| 25 | * Constructor |
| 26 | * |
| 27 | * @since 1.4.3 |
| 28 | * @return void |
| 29 | */ |
| 30 | public function __construct() { |
| 31 | add_action( 'tutor_action_tutor_retrieve_password', array( $this, 'tutor_retrieve_password' ) ); |
| 32 | add_action( 'tutor_action_tutor_process_reset_password', array( $this, 'tutor_process_reset_password' ) ); |
| 33 | |
| 34 | add_action( 'tutor_reset_password_notification', array( $this, 'reset_password_notification' ), 10, 2 ); |
| 35 | add_filter( 'tutor_lostpassword_url', array( $this, 'lostpassword_url' ) ); |
| 36 | } |
| 37 | |
| 38 | /** |
| 39 | * Retrieve Password |
| 40 | * |
| 41 | * @since 1.4.3 |
| 42 | * @return void|bool |
| 43 | */ |
| 44 | public function tutor_retrieve_password() { |
| 45 | tutils()->checking_nonce(); |
| 46 | |
| 47 | /** |
| 48 | * To check spam or other logic before form process. |
| 49 | * |
| 50 | * @since 2.1.10 |
| 51 | */ |
| 52 | $before_form_process = apply_filters( 'tutor_before_retrieve_password_form_process', null ); |
| 53 | if ( is_wp_error( $before_form_process ) ) { |
| 54 | tutor_flash_set( 'danger', $before_form_process->get_error_message() ); |
| 55 | return false; |
| 56 | } |
| 57 | |
| 58 | //phpcs:ignore WordPress.Security.NonceVerification.Missing |
| 59 | $login = sanitize_user( tutils()->array_get( 'user_login', $_POST ) ); |
| 60 | |
| 61 | if ( empty( $login ) ) { |
| 62 | tutor_flash_set( 'danger', __( 'Enter a username or email address.', 'tutor' ) ); |
| 63 | return false; |
| 64 | } else { |
| 65 | // Check on username first, as customers can use emails as usernames. |
| 66 | $user_data = get_user_by( 'login', $login ); |
| 67 | } |
| 68 | |
| 69 | // If no user found, check if it login is email and lookup user based on email. |
| 70 | if ( ! $user_data && is_email( $login ) && apply_filters( 'tutor_get_username_from_email', true ) ) { |
| 71 | $user_data = get_user_by( 'email', $login ); |
| 72 | } |
| 73 | |
| 74 | $errors = new \WP_Error(); |
| 75 | |
| 76 | do_action( 'lostpassword_post', $errors ); |
| 77 | |
| 78 | if ( $errors->get_error_code() ) { |
| 79 | tutor_flash_set( 'danger', $errors->get_error_message() ); |
| 80 | return false; |
| 81 | } |
| 82 | |
| 83 | if ( ! $user_data ) { |
| 84 | tutor_flash_set( 'danger', __( 'Invalid username or email.', 'tutor' ) ); |
| 85 | return false; |
| 86 | } |
| 87 | |
| 88 | if ( is_multisite() && ! is_user_member_of_blog( $user_data->ID, get_current_blog_id() ) ) { |
| 89 | tutor_flash_set( 'danger', __( 'Invalid username or email.', 'tutor' ) ); |
| 90 | return false; |
| 91 | } |
| 92 | |
| 93 | // Redefining user_login ensures we return the right case in the email. |
| 94 | $user_login = $user_data->user_login; |
| 95 | |
| 96 | do_action( 'retrieve_password', $user_login ); |
| 97 | |
| 98 | $allow = apply_filters( 'allow_password_reset', true, $user_data->ID ); |
| 99 | |
| 100 | if ( ! $allow ) { |
| 101 | tutor_flash_set( 'danger', __( 'Password reset is not allowed for this user', 'tutor' ) ); |
| 102 | return false; |
| 103 | } elseif ( is_wp_error( $allow ) ) { |
| 104 | tutor_flash_set( 'danger', $allow->get_error_message() ); |
| 105 | return false; |
| 106 | } |
| 107 | |
| 108 | // Get password reset key (function introduced in WordPress 4.4). |
| 109 | $key = get_password_reset_key( $user_data ); |
| 110 | |
| 111 | // Send email notification. |
| 112 | do_action( 'tutor_reset_password_notification', $user_login, $key ); |
| 113 | } |
| 114 | |
| 115 | /** |
| 116 | * Send notification for rest password |
| 117 | * |
| 118 | * @since 1.4.3 |
| 119 | * |
| 120 | * @param string $user_login username. |
| 121 | * @param string $reset_key reset key. |
| 122 | * |
| 123 | * @return void |
| 124 | */ |
| 125 | public function reset_password_notification( $user_login = '', $reset_key = '' ) { |
| 126 | $this->send_notification( $user_login, $reset_key ); |
| 127 | |
| 128 | $html = '<h3>' . __( 'Check your E-Mail', 'tutor' ) . '</h3>'; |
| 129 | $html .= '<p> ' . __( "We've sent an email to this account's email address. Click the link in the email to reset your password.", 'tutor' ) . '</p>'; |
| 130 | $html .= '<p>' . __( " If you don't see the email, check other places it might be, like your junk, spam, social, promotion or others folders.", 'tutor' ) . '</p>'; |
| 131 | tutor_flash_set( 'success', $html ); |
| 132 | } |
| 133 | |
| 134 | /** |
| 135 | * Get lost password URL |
| 136 | * |
| 137 | * @since 1.4.3 |
| 138 | * |
| 139 | * @param string $url URL. |
| 140 | * @return string |
| 141 | */ |
| 142 | public function lostpassword_url( $url ) { |
| 143 | return tutils()->tutor_dashboard_url( 'retrieve-password' ); |
| 144 | } |
| 145 | |
| 146 | /** |
| 147 | * Handle reset password request |
| 148 | * |
| 149 | * @since 1.4.3 |
| 150 | * @return void|bool |
| 151 | */ |
| 152 | public function tutor_process_reset_password() { |
| 153 | tutils()->checking_nonce(); |
| 154 | |
| 155 | $reset_key = Input::post( 'reset_key' ); |
| 156 | $user_id = Input::post( 'user_id', 0, Input::TYPE_INT ); |
| 157 | $password = Input::post( 'password' ); |
| 158 | $confirm_password = Input::post( 'confirm_password' ); |
| 159 | |
| 160 | $user = get_user_by( 'ID', $user_id ); |
| 161 | $user = check_password_reset_key( $reset_key, $user->user_login ); |
| 162 | |
| 163 | if ( is_wp_error( $user ) ) { |
| 164 | tutor_flash_set( 'danger', __( 'This key is invalid or has already been used. Please reset your password again if needed.', 'tutor' ) ); |
| 165 | return false; |
| 166 | } |
| 167 | |
| 168 | if ( $user instanceof \WP_User ) { |
| 169 | if ( ! $password ) { |
| 170 | tutor_flash_set( 'danger', __( 'Please enter your password.', 'tutor' ) ); |
| 171 | return false; |
| 172 | } |
| 173 | |
| 174 | if ( $password !== $confirm_password ) { |
| 175 | tutor_flash_set( 'danger', __( 'Passwords do not match.', 'tutor' ) ); |
| 176 | return false; |
| 177 | } |
| 178 | |
| 179 | tutils()->reset_password( $user, $password ); |
| 180 | |
| 181 | do_action( 'tutor_user_reset_password', $user ); |
| 182 | |
| 183 | // Perform the login. |
| 184 | $creds = array( |
| 185 | 'user_login' => $user->user_login, |
| 186 | 'user_password' => $password, |
| 187 | 'remember' => true, |
| 188 | ); |
| 189 | $user = wp_signon( apply_filters( 'tutor_login_credentials', $creds ), is_ssl() ); |
| 190 | |
| 191 | do_action( 'tutor_user_reset_password_login', $user ); |
| 192 | |
| 193 | wp_safe_redirect( tutor_utils()->tutor_dashboard_url() ); |
| 194 | exit; |
| 195 | } |
| 196 | } |
| 197 | |
| 198 | /** |
| 199 | * Send Password Reset E-Mail to user. |
| 200 | * We are sending directly right now, later we will introduce centralised E-Mail notification System... |
| 201 | * |
| 202 | * @since 1.4.3 |
| 203 | * |
| 204 | * @param string $user_login login username. |
| 205 | * @param string $reset_key password reset key. |
| 206 | * |
| 207 | * @return void |
| 208 | */ |
| 209 | public function send_notification( $user_login, $reset_key ) { |
| 210 | |
| 211 | $user_data = get_user_by( 'login', $user_login ); |
| 212 | |
| 213 | $variable = array( |
| 214 | 'user_login' => $user_login, |
| 215 | 'reset_key' => $reset_key, |
| 216 | 'user_id' => $user_data->ID, |
| 217 | ); |
| 218 | |
| 219 | $html = tutor_get_template_html( 'email.send-reset-password', $variable ); |
| 220 | /* translators: %s: site name */ |
| 221 | $subject = sprintf( __( 'Password Reset Request for %s', 'tutor' ), get_option( 'blogname' ) ); |
| 222 | |
| 223 | $header = 'Content-Type: text/html' . "\r\n"; |
| 224 | |
| 225 | add_filter( 'wp_mail_from', array( $this, 'get_from_address' ) ); |
| 226 | add_filter( 'wp_mail_from_name', array( $this, 'get_from_name' ) ); |
| 227 | |
| 228 | wp_mail( $user_data->user_email, $subject, $html, $header ); |
| 229 | |
| 230 | remove_filter( 'wp_mail_from', array( $this, 'get_from_address' ) ); |
| 231 | remove_filter( 'wp_mail_from_name', array( $this, 'get_from_name' ) ); |
| 232 | } |
| 233 | |
| 234 | /** |
| 235 | * Get e-mail from address |
| 236 | * |
| 237 | * @since 1.4.3 |
| 238 | * @return string |
| 239 | */ |
| 240 | public function get_from_address() { |
| 241 | $from_address = get_tutor_option( 'email_from_address' ); |
| 242 | $default = ! $from_address ? get_option( 'admin_email' ) : $from_address; |
| 243 | return apply_filters( 'tutor_email_from_address', $default ); |
| 244 | } |
| 245 | |
| 246 | /** |
| 247 | * Get e-mail from name |
| 248 | * |
| 249 | * @since 1.4.3 |
| 250 | * @return string |
| 251 | */ |
| 252 | public function get_from_name() { |
| 253 | $from_name = get_tutor_option( 'email_from_name' ); |
| 254 | $default = ! $from_name ? get_option( 'blogname' ) : $from_name; |
| 255 | return apply_filters( 'tutor_email_from_name', $default ); |
| 256 | } |
| 257 | |
| 258 | } |
| 259 |