PluginProbe ʕ •ᴥ•ʔ
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress / 3.1
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress v3.1
4.16.18 4.16.17 4.16.16 trunk 1.0 1.0.1 1.0.2 1.1 1.1.1 1.1.2 1.1.3 1.1.4 1.1.5 1.1.5a 1.1.6 1.1.7 1.2 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.3 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.4 1.4.1 1.4.2 1.5 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.6 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.7 1.7.1 1.7.2 1.8 1.8.1 1.8.10 1.8.2 1.8.3 1.8.4 1.8.5 1.8.6 1.8.7 1.8.8 1.8.9 1.9 1.9.1 1.9.10 1.9.11 1.9.12 1.9.13 1.9.2 1.9.3 1.9.4 1.9.5 1.9.6 1.9.7 1.9.8 1.9.9 2.1.9 2.2.10 2.2.11 2.2.12 2.2.13 2.2.14 2.2.15 2.2.16 2.2.2 2.2.5 2.2.6 2.2.7 2.2.8 2.2.9 3.0 3.1 3.1.1 3.1.10 3.1.11 3.1.12 3.1.13 3.1.14 3.1.15 3.1.16 3.1.17 3.1.18 3.1.19 3.1.2 3.1.3 3.1.4 3.1.5 3.1.6 3.1.7 3.1.8 3.1.9 3.2.0 3.2.1 3.2.10 3.2.11 3.2.12 3.2.13 3.2.14 3.2.15 3.2.16 3.2.2 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.2.8 3.2.9 4.0.0 4.0.1 4.0.2 4.0.3 4.1.0 4.1.1 4.1.2 4.1.3 4.1.4 4.10.0 4.10.1 4.10.2 4.10.3 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.13.3 4.13.4 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.15.0 4.15.1 4.15.10 4.15.11 4.15.12 4.15.13 4.15.14 4.15.15 4.15.16 4.15.17 4.15.18 4.15.19 4.15.2 4.15.20 4.15.20.1 4.15.21 4.15.22 4.15.23 4.15.24 4.15.25 4.15.3 4.15.4 4.15.5 4.15.6 4.15.7 4.15.8 4.15.9 4.16.0 4.16.1 4.16.10 4.16.11 4.16.12 4.16.13 4.16.14 4.16.15 4.16.2 4.16.3 4.16.4 4.16.5 4.16.6 4.16.7 4.16.8 4.16.9 4.2.0 4.3.0 4.3.1 4.3.2 4.4.0 4.4.1 4.5.0 4.5.1 4.5.2 4.5.3 4.5.4 4.5.5 4.6.0 4.7.0 4.8.0 4.9.0
wp-user-avatar / src / ShortcodeParser / FormProcessor.php
wp-user-avatar / src / ShortcodeParser Last commit date
Builder 5 years ago MyAccount 5 years ago EditProfileTag.php 5 years ago FormProcessor.php 5 years ago FrontendProfileTag.php 5 years ago LoginFormTag.php 5 years ago MelangeTag.php 5 years ago MemberDirectoryTag.php 5 years ago PasswordResetTag.php 5 years ago RegistrationFormTag.php 5 years ago index.php 5 years ago
FormProcessor.php
288 lines
1 <?php
2
3 namespace ProfilePress\Core\ShortcodeParser;
4
5 use ProfilePress\Core\Classes\EditUserProfile;
6 use ProfilePress\Core\Classes\LoginAuth;
7 use ProfilePress\Core\Classes\PasswordReset;
8 use ProfilePress\Core\Classes\RegistrationAuth;
9
10 class FormProcessor
11 {
12 /**
13 * When a password reset form is submitted to generate a reset key to be emailed,
14 * it holds both success and error message.
15 *
16 * @var array
17 */
18 public $password_reset_form_error = [];
19
20 public $login_form_error = [];
21
22 public $edit_profile_form_error = [];
23
24 public $registration_form_error = [];
25
26 public $myac_change_password_error = '';
27
28 public function set_global_state($key, $value, $form_id = false)
29 {
30 $GLOBALS['pp_form_processor_' . $key] = $value;
31
32 if ($form_id) {
33 $GLOBALS['pp_form_processor_form_id_' . $key] = $form_id;
34 }
35 }
36
37 public function get_global_state_error($key)
38 {
39 return isset($GLOBALS['pp_form_processor_' . $key]) ? $GLOBALS['pp_form_processor_' . $key] : false;
40 }
41
42 public function restore_form_error($key)
43 {
44 $form_id = isset($GLOBALS['pp_form_processor_form_id_' . $key]) ? $GLOBALS['pp_form_processor_form_id_' . $key] : false;
45
46 if ($form_id) {
47 $this->$key = [];
48
49 return $this->$key[$form_id] = $this->get_global_state_error($key);
50 }
51
52 $this->$key = $this->get_global_state_error($key);
53 }
54
55 /**
56 * @return string|void
57 */
58 public function process_myaccount_change_password()
59 {
60 if ( ! isset($_POST['ppmyac_form_action']) || isset($_POST['ppmyac_form_action']) && $_POST['ppmyac_form_action'] !== 'changePassword') {
61 return;
62 }
63
64 if ( ! ppress_verify_nonce()) return;
65
66 $user = wp_get_current_user();
67
68 $current_password = $_POST['password_current'];
69 $new_password = $_POST['password_new'];
70 $new_password_confirm = $_POST['password_confirm_new'];
71
72 if ($new_password !== $new_password_confirm) {
73 return $this->myac_change_password_error = esc_html__('Passwords do not match.', 'wp-user-avatar');
74 }
75
76 if ($user instanceof \WP_User && wp_check_password($current_password, $user->data->user_pass, $user->ID) && is_user_logged_in()) {
77
78 $updated_user_id = wp_update_user([
79 'ID' => $user->ID,
80 'user_pass' => $new_password,
81 ]);
82
83 do_action('ppress_myaccount_after_password_change');
84
85 if (is_wp_error($updated_user_id)) {
86 return $this->myac_change_password_error = $updated_user_id->get_error_message();
87 }
88
89 wp_safe_redirect(esc_url_raw(add_query_arg('edit', 'true')));
90 exit;
91 }
92
93 $this->myac_change_password_error = __('The password you entered is incorrect.', 'wp-user-avatar');
94 }
95
96 public function process_edit_profile_form()
97 {
98 global $post;
99
100 // check if the page being viewed contains the "edit profile" shortcode. if true, redirect to login page
101 if (isset($post->post_content) && has_shortcode($post->post_content, 'profilepress-edit-profile')) {
102 if ( ! is_user_logged_in()) {
103 wp_safe_redirect(ppress_login_url());
104 exit;
105 }
106 }
107
108 if (isset($_POST['eup_remove_avatar']) && $_POST['eup_remove_avatar'] == 'removed') {
109 EditUserProfile::remove_user_avatar();
110 }
111
112 if (isset($_POST['eup_remove_cover_image']) && $_POST['eup_remove_cover_image'] == 'removed') {
113 EditUserProfile::remove_user_cover_image();
114 }
115
116 if (isset($_POST['eup_submit'])) {
117
118 $state_key = 'edit_profile_form_error';
119
120 if ($this->get_global_state_error($state_key)) {
121 return $this->restore_form_error($state_key);
122 }
123
124 $form_id = absint(ppressPOST_var('pp_melange_id', @$_POST['editprofile_form_id'], true));
125
126 $redirect = ppressPOST_var('editprofile_redirect', '', true);
127
128 if ( ! empty($_POST['melange_redirect'])) {
129 $redirect = esc_url_raw($_POST['melange_redirect']);
130 }
131
132 $is_melange = isset($_POST['is_melange']) && $_POST['is_melange'] == 'true';
133
134 $response = EditUserProfile::process_func($form_id, $redirect, $is_melange);
135
136 if ( ! empty($response)) {
137
138 if ( ! $form_id) {
139 $this->set_global_state($state_key, $response);
140 $this->edit_profile_form_error = $response;
141 } else {
142 $this->set_global_state($state_key, $response, $form_id);
143 $this->edit_profile_form_error[$form_id] = $response;
144 }
145 }
146 }
147 }
148
149 public function process_registration_form()
150 {
151 if (isset($_POST['reg_submit'])) {
152
153 $state_key = 'registration_form_error';
154
155 if ($this->get_global_state_error($state_key)) {
156 return $this->restore_form_error($state_key);
157 }
158
159 $form_id = absint(ppressPOST_var('pp_melange_id', @$_POST['signup_form_id'], true));
160
161 $redirect = ppressPOST_var('signup_redirect', '', true);
162 if ( ! empty($_POST['melange_redirect'])) {
163 $redirect = esc_url_raw($_POST['melange_redirect']);
164 }
165
166 $no_login_redirect = ! empty($_POST['signup_no_login_redirect']) ? esc_url_raw($_POST['signup_no_login_redirect']) : '';
167
168 $is_melange = isset($_POST['is_melange']) && $_POST['is_melange'] == 'true';
169
170 $response = RegistrationAuth::register_new_user($_POST, $form_id, $redirect, $is_melange, $no_login_redirect);
171
172 if ( ! empty($response)) {
173 $response = html_entity_decode($response);
174
175 $this->registration_form_error[$form_id] = $response;
176
177 $this->set_global_state($state_key, $response, $form_id);
178 }
179 }
180 }
181
182 public function process_login_form()
183 {
184 if (isset($_GET['pp-sl-error']) && ! empty($_GET['pp-sl-error'])) {
185 $error = esc_html__('Authentication failed. Please try again', 'wp-user-avatar');
186
187 if ($_GET['pp-sl-error'] != 'true') {
188 $error = sanitize_text_field(rawurldecode($_GET['pp-sl-error']));
189 }
190
191 $this->login_form_error = '<div class="profilepress-login-status">' . $error . '</div>';
192 }
193
194 if (isset($_POST['login_submit'])) {
195
196 $state_key = 'login_form_error';
197
198 if ($this->get_global_state_error($state_key)) {
199 return $this->restore_form_error($state_key);
200 }
201
202 $username = trim($_POST['login_username']);
203 $password = $_POST['login_password'];
204 $remember_login = sanitize_text_field(@$_POST['login_remember']);
205
206 $form_id = absint(! empty($_POST['pp_melange_id']) ? $_POST['pp_melange_id'] : @$_POST['login_form_id']);
207
208 $redirect = ! empty($_POST['login_redirect']) ? esc_url_raw($_POST['login_redirect']) : '';
209 if ( ! empty($_POST['melange_redirect'])) {
210 $redirect = esc_url_raw($_POST['melange_redirect']);
211 }
212
213 $login_status = LoginAuth::login_auth($username, $password, $remember_login, $form_id, $redirect);
214
215 $login_error = '';
216
217 if (is_wp_error($login_status)) {
218 $login_error = '<div class="profilepress-login-status">';
219 $login_error .= $login_status->get_error_message();
220 $login_error .= '</div>';
221 }
222
223 if ( ! empty($login_error)) {
224 $this->login_form_error = [];
225 $this->login_form_error[$form_id] = $login_error;
226
227 $this->set_global_state($state_key, $login_error, $form_id);
228 }
229 }
230 }
231
232 public function process_password_reset_form()
233 {
234 $parsed_error = PasswordReset::parse_password_reset_error_codes();
235
236 if ( ! empty($parsed_error)) {
237 $this->password_reset_form_error = $parsed_error;
238 }
239
240 if ( ! isset($_POST['password_reset_submit']) || empty($_POST['password_reset_submit'])) return;
241
242 $state_key = 'password_reset_form_error';
243
244 if ($this->get_global_state_error($state_key)) {
245 return $this->restore_form_error($state_key);
246 }
247
248 $form_id = absint(! empty($_POST['pp_melange_id']) ? $_POST['pp_melange_id'] : @$_POST['passwordreset_form_id']);
249
250 $is_melange = isset($_POST['is_melange']) && $_POST['is_melange'] == 'true';
251
252 $response = PasswordReset::password_reset_status($_POST['user_login'], $form_id, $is_melange);
253
254 if ( ! empty($response)) {
255 $response = wp_specialchars_decode($response);
256
257 $this->password_reset_form_error = [];
258 $this->password_reset_form_error[$form_id] = $response;
259
260 $this->set_global_state($state_key, $response, $form_id);
261 }
262 }
263
264 public function check_password_reset_key()
265 {
266 if ( ! isset($_REQUEST['key'], $_REQUEST['login'])) return;
267
268 // Verify key / login combo
269 $user = check_password_reset_key(sanitize_text_field($_REQUEST['key']), sanitize_text_field($_REQUEST['login']));
270
271 if ($user && ! is_wp_error($user)) return;
272
273 if ($user && $user->get_error_code() === 'expired_key') {
274 wp_safe_redirect(ppress_password_reset_url() . '?error=expiredkey');
275 exit;
276 }
277
278 wp_safe_redirect(ppress_password_reset_url() . '?error=invalidkey');
279 exit;
280 }
281
282 public function process_password_reset_handler_form()
283 {
284 if (isset($_REQUEST['reset_password'], $_REQUEST['reset_key'], $_REQUEST['reset_login'])) {
285 PasswordReset::get_instance()->do_password_reset();
286 }
287 }
288 }