Addons.php
4 days ago
Admin.php
4 days ago
Ajax.php
4 days ago
Announcements.php
4 days ago
Assets.php
1 day ago
Backend_Page_Trait.php
1 year ago
BaseController.php
1 year ago
Config.php
4 days ago
Container.php
11 months ago
Course.php
4 days ago
Course_Embed.php
3 years ago
Course_Filter.php
4 days ago
Course_List.php
4 days ago
Course_Settings_Tabs.php
4 days ago
Course_Widget.php
1 year ago
Custom_Validation.php
4 days ago
Dashboard.php
4 days ago
Earnings.php
9 months ago
FormHandler.php
4 days ago
Frontend.php
4 days ago
Gutenberg.php
1 year ago
Icon.php
4 days ago
Input.php
4 days ago
Instructor.php
4 days ago
Instructors_List.php
4 days ago
Lesson.php
4 days ago
Options_V2.php
4 days ago
Permalink.php
4 days ago
Post_types.php
5 days ago
Private_Course_Access.php
4 days ago
Q_And_A.php
4 days ago
Question_Answers_List.php
11 months ago
Quiz.php
1 day ago
QuizBuilder.php
4 days ago
Quiz_Attempts_List.php
1 day ago
RestAPI.php
1 day ago
Reviews.php
4 days ago
Rewrite_Rules.php
2 years ago
SampleCourse.php
4 days ago
Shortcode.php
4 days ago
Singleton.php
1 year ago
Student.php
4 days ago
Students_List.php
1 year ago
Taxonomies.php
1 year ago
Template.php
4 days ago
Theme_Compatibility.php
3 years ago
Tools.php
1 year ago
Tools_V2.php
1 month ago
Tutor.php
4 days ago
TutorEDD.php
4 days ago
Tutor_Base.php
2 years ago
Tutor_Setup.php
4 days ago
Upgrader.php
4 days ago
User.php
4 days ago
UserPreference.php
4 days ago
Utils.php
1 day ago
Video_Stream.php
3 years ago
WhatsNew.php
1 day ago
Withdraw.php
4 days ago
Withdraw_Requests_List.php
11 months ago
WooCommerce.php
4 days ago
FormHandler.php
206 lines
| 1 | <?php |
| 2 | /** |
| 3 | * Manage Form |
| 4 | * |
| 5 | * @package Tutor |
| 6 | * @author Themeum <support@themeum.com> |
| 7 | * @link https://themeum.com |
| 8 | * @since 1.4.3 |
| 9 | */ |
| 10 | |
| 11 | namespace TUTOR; |
| 12 | |
| 13 | if ( ! defined( 'ABSPATH' ) ) { |
| 14 | exit; |
| 15 | } |
| 16 | |
| 17 | /** |
| 18 | * FormHandler class |
| 19 | * |
| 20 | * @since 1.4.3 |
| 21 | */ |
| 22 | class FormHandler { |
| 23 | |
| 24 | /** |
| 25 | * Constructor |
| 26 | * |
| 27 | * @since 1.4.3 |
| 28 | * @return void |
| 29 | */ |
| 30 | public function __construct() { |
| 31 | add_action( 'tutor_action_tutor_retrieve_password', array( $this, 'tutor_retrieve_password' ) ); |
| 32 | add_action( 'tutor_action_tutor_process_reset_password', array( $this, 'tutor_process_reset_password' ) ); |
| 33 | add_filter( 'tutor_lostpassword_url', array( $this, 'lostpassword_url' ) ); |
| 34 | } |
| 35 | |
| 36 | /** |
| 37 | * Retrieve Password |
| 38 | * |
| 39 | * @since 1.4.3 |
| 40 | * |
| 41 | * @return void|bool |
| 42 | */ |
| 43 | public function tutor_retrieve_password() { |
| 44 | tutils()->checking_nonce(); |
| 45 | |
| 46 | /** |
| 47 | * To check spam or other logic before form process. |
| 48 | * |
| 49 | * @since 2.1.10 |
| 50 | */ |
| 51 | $before_form_process = apply_filters( 'tutor_before_retrieve_password_form_process', null ); |
| 52 | if ( is_wp_error( $before_form_process ) ) { |
| 53 | tutor_flash_set( 'danger', $before_form_process->get_error_message() ); |
| 54 | return false; |
| 55 | } |
| 56 | |
| 57 | //phpcs:ignore WordPress.Security.NonceVerification.Missing |
| 58 | $login = sanitize_user( tutils()->array_get( 'user_login', $_POST ) ); |
| 59 | |
| 60 | if ( empty( $login ) ) { |
| 61 | tutor_flash_set( 'danger', __( 'Enter a username or email address.', 'tutor' ) ); |
| 62 | return false; |
| 63 | } else { |
| 64 | // Check on username first, as customers can use emails as usernames. |
| 65 | $user_data = get_user_by( 'login', $login ); |
| 66 | } |
| 67 | |
| 68 | // If no user found, check if it login is email and lookup user based on email. |
| 69 | if ( ! $user_data && is_email( $login ) && apply_filters( 'tutor_get_username_from_email', true ) ) { |
| 70 | $user_data = get_user_by( 'email', $login ); |
| 71 | } |
| 72 | |
| 73 | $errors = new \WP_Error(); |
| 74 | |
| 75 | do_action( 'lostpassword_post', $errors ); |
| 76 | |
| 77 | if ( $errors->get_error_code() ) { |
| 78 | tutor_flash_set( 'danger', $errors->get_error_message() ); |
| 79 | return false; |
| 80 | } |
| 81 | |
| 82 | if ( ! $user_data ) { |
| 83 | tutor_flash_set( 'danger', __( 'Invalid username or email.', 'tutor' ) ); |
| 84 | return false; |
| 85 | } |
| 86 | |
| 87 | if ( is_multisite() && ! is_user_member_of_blog( $user_data->ID, get_current_blog_id() ) ) { |
| 88 | tutor_flash_set( 'danger', __( 'Invalid username or email.', 'tutor' ) ); |
| 89 | return false; |
| 90 | } |
| 91 | |
| 92 | // Redefining user_login ensures we return the right case in the email. |
| 93 | $user_login = $user_data->user_login; |
| 94 | |
| 95 | do_action( 'retrieve_password', $user_login ); |
| 96 | |
| 97 | $allow = apply_filters( 'allow_password_reset', true, $user_data->ID ); |
| 98 | |
| 99 | if ( ! $allow ) { |
| 100 | tutor_flash_set( 'danger', __( 'Password reset is not allowed for this user', 'tutor' ) ); |
| 101 | return false; |
| 102 | } elseif ( is_wp_error( $allow ) ) { |
| 103 | tutor_flash_set( 'danger', $allow->get_error_message() ); |
| 104 | return false; |
| 105 | } |
| 106 | |
| 107 | $errors = retrieve_password(); |
| 108 | if ( is_wp_error( $errors ) ) { |
| 109 | tutor_flash_set( 'danger', $errors->get_error_message() ); |
| 110 | return false; |
| 111 | } |
| 112 | |
| 113 | $html = '<p> ' . __( "We've sent an email to this account's email address. Click the link in the email to reset your password. If you don't see the email, check other places it might be, like your junk, spam, social, promotion or others folders.", 'tutor' ) . '</p>'; |
| 114 | tutor_flash_set( 'success', $html ); |
| 115 | } |
| 116 | |
| 117 | /** |
| 118 | * Get lost password URL |
| 119 | * |
| 120 | * @since 1.4.3 |
| 121 | * |
| 122 | * @param string $url URL. |
| 123 | * @return string |
| 124 | */ |
| 125 | public function lostpassword_url( $url ) { |
| 126 | return tutils()->tutor_dashboard_url( 'retrieve-password' ); |
| 127 | } |
| 128 | |
| 129 | /** |
| 130 | * Handle reset password request |
| 131 | * |
| 132 | * @since 1.4.3 |
| 133 | * @return void|bool |
| 134 | */ |
| 135 | public function tutor_process_reset_password() { |
| 136 | tutils()->checking_nonce(); |
| 137 | |
| 138 | $reset_key = Input::post( 'reset_key' ); |
| 139 | $user_id = Input::post( 'user_id', 0, Input::TYPE_INT ); |
| 140 | $password = Input::post( 'password' ); |
| 141 | $confirm_password = Input::post( 'confirm_password' ); |
| 142 | |
| 143 | $user = get_user_by( 'ID', $user_id ); |
| 144 | $user = check_password_reset_key( $reset_key, $user->user_login ); |
| 145 | |
| 146 | if ( is_wp_error( $user ) ) { |
| 147 | tutor_flash_set( 'danger', __( 'This key is invalid or has already been used. Please reset your password again if needed.', 'tutor' ) ); |
| 148 | return false; |
| 149 | } |
| 150 | |
| 151 | if ( $user instanceof \WP_User ) { |
| 152 | if ( ! $password ) { |
| 153 | tutor_flash_set( 'danger', __( 'Please enter your password.', 'tutor' ) ); |
| 154 | return false; |
| 155 | } |
| 156 | |
| 157 | if ( $password !== $confirm_password ) { |
| 158 | tutor_flash_set( 'danger', __( 'Passwords do not match.', 'tutor' ) ); |
| 159 | return false; |
| 160 | } |
| 161 | |
| 162 | tutils()->reset_password( $user, $password ); |
| 163 | |
| 164 | do_action( 'tutor_user_reset_password', $user ); |
| 165 | |
| 166 | // Perform the login. |
| 167 | $creds = array( |
| 168 | 'user_login' => $user->user_login, |
| 169 | 'user_password' => $password, |
| 170 | 'remember' => true, |
| 171 | ); |
| 172 | $user = wp_signon( apply_filters( 'tutor_login_credentials', $creds ), is_ssl() ); |
| 173 | |
| 174 | do_action( 'tutor_user_reset_password_login', $user ); |
| 175 | |
| 176 | wp_safe_redirect( tutor_utils()->tutor_dashboard_url() ); |
| 177 | exit; |
| 178 | } |
| 179 | } |
| 180 | |
| 181 | /** |
| 182 | * Get e-mail from address |
| 183 | * |
| 184 | * @since 1.4.3 |
| 185 | * @return string |
| 186 | */ |
| 187 | public function get_from_address() { |
| 188 | $from_address = get_tutor_option( 'email_from_address' ); |
| 189 | $default = ! $from_address ? get_option( 'admin_email' ) : $from_address; |
| 190 | return apply_filters( 'tutor_email_from_address', $default ); |
| 191 | } |
| 192 | |
| 193 | /** |
| 194 | * Get e-mail from name |
| 195 | * |
| 196 | * @since 1.4.3 |
| 197 | * @return string |
| 198 | */ |
| 199 | public function get_from_name() { |
| 200 | $from_name = get_tutor_option( 'email_from_name' ); |
| 201 | $default = ! $from_name ? get_option( 'blogname' ) : $from_name; |
| 202 | return apply_filters( 'tutor_email_from_name', $default ); |
| 203 | } |
| 204 | |
| 205 | } |
| 206 |