Addons.php
1 day ago
Admin.php
1 day ago
Ajax.php
1 day ago
Announcements.php
1 day ago
Assets.php
1 day ago
Backend_Page_Trait.php
1 year ago
BaseController.php
1 year ago
Config.php
1 day ago
Container.php
11 months ago
Course.php
1 day ago
Course_Embed.php
3 years ago
Course_Filter.php
1 day ago
Course_List.php
1 day ago
Course_Settings_Tabs.php
1 day ago
Course_Widget.php
1 year ago
Custom_Validation.php
1 day ago
Dashboard.php
1 day ago
Earnings.php
9 months ago
FormHandler.php
1 day ago
Frontend.php
1 day ago
Gutenberg.php
1 year ago
Icon.php
1 day ago
Input.php
1 day ago
Instructor.php
1 day ago
Instructors_List.php
1 day ago
Lesson.php
1 day ago
Options_V2.php
1 day ago
Permalink.php
1 day ago
Post_types.php
2 days ago
Private_Course_Access.php
1 day ago
Q_And_A.php
1 day ago
Question_Answers_List.php
11 months ago
Quiz.php
1 day ago
QuizBuilder.php
1 day ago
Quiz_Attempts_List.php
1 day ago
RestAPI.php
2 years ago
Reviews.php
1 day ago
Rewrite_Rules.php
2 years ago
SampleCourse.php
1 day ago
Shortcode.php
1 day ago
Singleton.php
1 year ago
Student.php
1 day ago
Students_List.php
1 year ago
Taxonomies.php
1 year ago
Template.php
1 day ago
Theme_Compatibility.php
3 years ago
Tools.php
1 year ago
Tools_V2.php
4 weeks ago
Tutor.php
1 day ago
TutorEDD.php
1 day ago
Tutor_Base.php
2 years ago
Tutor_Setup.php
1 day ago
Upgrader.php
1 day ago
User.php
1 day ago
UserPreference.php
1 day ago
Utils.php
1 day ago
Video_Stream.php
3 years ago
WhatsNew.php
10 months ago
Withdraw.php
1 day ago
Withdraw_Requests_List.php
11 months ago
WooCommerce.php
1 day ago
FormHandler.php
206 lines
| 1 | <?php |
| 2 | /** |
| 3 | * Manage Form |
| 4 | * |
| 5 | * @package Tutor |
| 6 | * @author Themeum <support@themeum.com> |
| 7 | * @link https://themeum.com |
| 8 | * @since 1.4.3 |
| 9 | */ |
| 10 | |
| 11 | namespace TUTOR; |
| 12 | |
| 13 | if ( ! defined( 'ABSPATH' ) ) { |
| 14 | exit; |
| 15 | } |
| 16 | |
| 17 | /** |
| 18 | * FormHandler class |
| 19 | * |
| 20 | * @since 1.4.3 |
| 21 | */ |
| 22 | class FormHandler { |
| 23 | |
| 24 | /** |
| 25 | * Constructor |
| 26 | * |
| 27 | * @since 1.4.3 |
| 28 | * @return void |
| 29 | */ |
| 30 | public function __construct() { |
| 31 | add_action( 'tutor_action_tutor_retrieve_password', array( $this, 'tutor_retrieve_password' ) ); |
| 32 | add_action( 'tutor_action_tutor_process_reset_password', array( $this, 'tutor_process_reset_password' ) ); |
| 33 | add_filter( 'tutor_lostpassword_url', array( $this, 'lostpassword_url' ) ); |
| 34 | } |
| 35 | |
| 36 | /** |
| 37 | * Retrieve Password |
| 38 | * |
| 39 | * @since 1.4.3 |
| 40 | * |
| 41 | * @return void|bool |
| 42 | */ |
| 43 | public function tutor_retrieve_password() { |
| 44 | tutils()->checking_nonce(); |
| 45 | |
| 46 | /** |
| 47 | * To check spam or other logic before form process. |
| 48 | * |
| 49 | * @since 2.1.10 |
| 50 | */ |
| 51 | $before_form_process = apply_filters( 'tutor_before_retrieve_password_form_process', null ); |
| 52 | if ( is_wp_error( $before_form_process ) ) { |
| 53 | tutor_flash_set( 'danger', $before_form_process->get_error_message() ); |
| 54 | return false; |
| 55 | } |
| 56 | |
| 57 | //phpcs:ignore WordPress.Security.NonceVerification.Missing |
| 58 | $login = sanitize_user( tutils()->array_get( 'user_login', $_POST ) ); |
| 59 | |
| 60 | if ( empty( $login ) ) { |
| 61 | tutor_flash_set( 'danger', __( 'Enter a username or email address.', 'tutor' ) ); |
| 62 | return false; |
| 63 | } else { |
| 64 | // Check on username first, as customers can use emails as usernames. |
| 65 | $user_data = get_user_by( 'login', $login ); |
| 66 | } |
| 67 | |
| 68 | // If no user found, check if it login is email and lookup user based on email. |
| 69 | if ( ! $user_data && is_email( $login ) && apply_filters( 'tutor_get_username_from_email', true ) ) { |
| 70 | $user_data = get_user_by( 'email', $login ); |
| 71 | } |
| 72 | |
| 73 | $errors = new \WP_Error(); |
| 74 | |
| 75 | do_action( 'lostpassword_post', $errors ); |
| 76 | |
| 77 | if ( $errors->get_error_code() ) { |
| 78 | tutor_flash_set( 'danger', $errors->get_error_message() ); |
| 79 | return false; |
| 80 | } |
| 81 | |
| 82 | if ( ! $user_data ) { |
| 83 | tutor_flash_set( 'danger', __( 'Invalid username or email.', 'tutor' ) ); |
| 84 | return false; |
| 85 | } |
| 86 | |
| 87 | if ( is_multisite() && ! is_user_member_of_blog( $user_data->ID, get_current_blog_id() ) ) { |
| 88 | tutor_flash_set( 'danger', __( 'Invalid username or email.', 'tutor' ) ); |
| 89 | return false; |
| 90 | } |
| 91 | |
| 92 | // Redefining user_login ensures we return the right case in the email. |
| 93 | $user_login = $user_data->user_login; |
| 94 | |
| 95 | do_action( 'retrieve_password', $user_login ); |
| 96 | |
| 97 | $allow = apply_filters( 'allow_password_reset', true, $user_data->ID ); |
| 98 | |
| 99 | if ( ! $allow ) { |
| 100 | tutor_flash_set( 'danger', __( 'Password reset is not allowed for this user', 'tutor' ) ); |
| 101 | return false; |
| 102 | } elseif ( is_wp_error( $allow ) ) { |
| 103 | tutor_flash_set( 'danger', $allow->get_error_message() ); |
| 104 | return false; |
| 105 | } |
| 106 | |
| 107 | $errors = retrieve_password(); |
| 108 | if ( is_wp_error( $errors ) ) { |
| 109 | tutor_flash_set( 'danger', $errors->get_error_message() ); |
| 110 | return false; |
| 111 | } |
| 112 | |
| 113 | $html = '<p> ' . __( "We've sent an email to this account's email address. Click the link in the email to reset your password. If you don't see the email, check other places it might be, like your junk, spam, social, promotion or others folders.", 'tutor' ) . '</p>'; |
| 114 | tutor_flash_set( 'success', $html ); |
| 115 | } |
| 116 | |
| 117 | /** |
| 118 | * Get lost password URL |
| 119 | * |
| 120 | * @since 1.4.3 |
| 121 | * |
| 122 | * @param string $url URL. |
| 123 | * @return string |
| 124 | */ |
| 125 | public function lostpassword_url( $url ) { |
| 126 | return tutils()->tutor_dashboard_url( 'retrieve-password' ); |
| 127 | } |
| 128 | |
| 129 | /** |
| 130 | * Handle reset password request |
| 131 | * |
| 132 | * @since 1.4.3 |
| 133 | * @return void|bool |
| 134 | */ |
| 135 | public function tutor_process_reset_password() { |
| 136 | tutils()->checking_nonce(); |
| 137 | |
| 138 | $reset_key = Input::post( 'reset_key' ); |
| 139 | $user_id = Input::post( 'user_id', 0, Input::TYPE_INT ); |
| 140 | $password = Input::post( 'password' ); |
| 141 | $confirm_password = Input::post( 'confirm_password' ); |
| 142 | |
| 143 | $user = get_user_by( 'ID', $user_id ); |
| 144 | $user = check_password_reset_key( $reset_key, $user->user_login ); |
| 145 | |
| 146 | if ( is_wp_error( $user ) ) { |
| 147 | tutor_flash_set( 'danger', __( 'This key is invalid or has already been used. Please reset your password again if needed.', 'tutor' ) ); |
| 148 | return false; |
| 149 | } |
| 150 | |
| 151 | if ( $user instanceof \WP_User ) { |
| 152 | if ( ! $password ) { |
| 153 | tutor_flash_set( 'danger', __( 'Please enter your password.', 'tutor' ) ); |
| 154 | return false; |
| 155 | } |
| 156 | |
| 157 | if ( $password !== $confirm_password ) { |
| 158 | tutor_flash_set( 'danger', __( 'Passwords do not match.', 'tutor' ) ); |
| 159 | return false; |
| 160 | } |
| 161 | |
| 162 | tutils()->reset_password( $user, $password ); |
| 163 | |
| 164 | do_action( 'tutor_user_reset_password', $user ); |
| 165 | |
| 166 | // Perform the login. |
| 167 | $creds = array( |
| 168 | 'user_login' => $user->user_login, |
| 169 | 'user_password' => $password, |
| 170 | 'remember' => true, |
| 171 | ); |
| 172 | $user = wp_signon( apply_filters( 'tutor_login_credentials', $creds ), is_ssl() ); |
| 173 | |
| 174 | do_action( 'tutor_user_reset_password_login', $user ); |
| 175 | |
| 176 | wp_safe_redirect( tutor_utils()->tutor_dashboard_url() ); |
| 177 | exit; |
| 178 | } |
| 179 | } |
| 180 | |
| 181 | /** |
| 182 | * Get e-mail from address |
| 183 | * |
| 184 | * @since 1.4.3 |
| 185 | * @return string |
| 186 | */ |
| 187 | public function get_from_address() { |
| 188 | $from_address = get_tutor_option( 'email_from_address' ); |
| 189 | $default = ! $from_address ? get_option( 'admin_email' ) : $from_address; |
| 190 | return apply_filters( 'tutor_email_from_address', $default ); |
| 191 | } |
| 192 | |
| 193 | /** |
| 194 | * Get e-mail from name |
| 195 | * |
| 196 | * @since 1.4.3 |
| 197 | * @return string |
| 198 | */ |
| 199 | public function get_from_name() { |
| 200 | $from_name = get_tutor_option( 'email_from_name' ); |
| 201 | $default = ! $from_name ? get_option( 'blogname' ) : $from_name; |
| 202 | return apply_filters( 'tutor_email_from_name', $default ); |
| 203 | } |
| 204 | |
| 205 | } |
| 206 |