PluginProbe ʕ •ᴥ•ʔ
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress / 3.2.2
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress v3.2.2
4.16.18 4.16.17 4.16.16 trunk 1.0 1.0.1 1.0.2 1.1 1.1.1 1.1.2 1.1.3 1.1.4 1.1.5 1.1.5a 1.1.6 1.1.7 1.2 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.3 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.4 1.4.1 1.4.2 1.5 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.6 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.7 1.7.1 1.7.2 1.8 1.8.1 1.8.10 1.8.2 1.8.3 1.8.4 1.8.5 1.8.6 1.8.7 1.8.8 1.8.9 1.9 1.9.1 1.9.10 1.9.11 1.9.12 1.9.13 1.9.2 1.9.3 1.9.4 1.9.5 1.9.6 1.9.7 1.9.8 1.9.9 2.1.9 2.2.10 2.2.11 2.2.12 2.2.13 2.2.14 2.2.15 2.2.16 2.2.2 2.2.5 2.2.6 2.2.7 2.2.8 2.2.9 3.0 3.1 3.1.1 3.1.10 3.1.11 3.1.12 3.1.13 3.1.14 3.1.15 3.1.16 3.1.17 3.1.18 3.1.19 3.1.2 3.1.3 3.1.4 3.1.5 3.1.6 3.1.7 3.1.8 3.1.9 3.2.0 3.2.1 3.2.10 3.2.11 3.2.12 3.2.13 3.2.14 3.2.15 3.2.16 3.2.2 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.2.8 3.2.9 4.0.0 4.0.1 4.0.2 4.0.3 4.1.0 4.1.1 4.1.2 4.1.3 4.1.4 4.10.0 4.10.1 4.10.2 4.10.3 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.13.3 4.13.4 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.15.0 4.15.1 4.15.10 4.15.11 4.15.12 4.15.13 4.15.14 4.15.15 4.15.16 4.15.17 4.15.18 4.15.19 4.15.2 4.15.20 4.15.20.1 4.15.21 4.15.22 4.15.23 4.15.24 4.15.25 4.15.3 4.15.4 4.15.5 4.15.6 4.15.7 4.15.8 4.15.9 4.16.0 4.16.1 4.16.10 4.16.11 4.16.12 4.16.13 4.16.14 4.16.15 4.16.2 4.16.3 4.16.4 4.16.5 4.16.6 4.16.7 4.16.8 4.16.9 4.2.0 4.3.0 4.3.1 4.3.2 4.4.0 4.4.1 4.5.0 4.5.1 4.5.2 4.5.3 4.5.4 4.5.5 4.6.0 4.7.0 4.8.0 4.9.0
wp-user-avatar / src / ShortcodeParser / FormProcessor.php
wp-user-avatar / src / ShortcodeParser Last commit date
Builder 4 years ago MyAccount 4 years ago EditProfileTag.php 5 years ago FormProcessor.php 4 years ago FrontendProfileTag.php 4 years ago LoginFormTag.php 4 years ago MelangeTag.php 5 years ago MemberDirectoryTag.php 4 years ago PasswordResetTag.php 4 years ago RegistrationFormTag.php 4 years ago index.php 5 years ago
FormProcessor.php
286 lines
1 <?php
2
3 namespace ProfilePress\Core\ShortcodeParser;
4
5 use ProfilePress\Core\Classes\EditUserProfile;
6 use ProfilePress\Core\Classes\LoginAuth;
7 use ProfilePress\Core\Classes\PasswordReset;
8 use ProfilePress\Core\Classes\RegistrationAuth;
9
10 class FormProcessor
11 {
12 /**
13 * When a password reset form is submitted to generate a reset key to be emailed,
14 * it holds both success and error message.
15 *
16 * @var array
17 */
18 public $password_reset_form_error = [];
19
20 public $login_form_error = [];
21
22 public $edit_profile_form_error = [];
23
24 public $registration_form_error = [];
25
26 public $myac_change_password_error = '';
27
28 public function set_global_state($key, $value, $form_id = false)
29 {
30 $GLOBALS['pp_form_processor_' . $key] = $value;
31
32 if ($form_id) {
33 $GLOBALS['pp_form_processor_form_id_' . $key] = $form_id;
34 }
35 }
36
37 public function get_global_state_error($key)
38 {
39 return isset($GLOBALS['pp_form_processor_' . $key]) ? $GLOBALS['pp_form_processor_' . $key] : false;
40 }
41
42 public function restore_form_error($key)
43 {
44 $form_id = isset($GLOBALS['pp_form_processor_form_id_' . $key]) ? $GLOBALS['pp_form_processor_form_id_' . $key] : false;
45
46 if ($form_id) {
47 $this->$key = [];
48
49 return $this->$key[$form_id] = $this->get_global_state_error($key);
50 }
51
52 $this->$key = $this->get_global_state_error($key);
53 }
54
55 /**
56 * @return string|void
57 */
58 public function process_myaccount_change_password()
59 {
60 if ( ! isset($_POST['ppmyac_form_action']) || isset($_POST['ppmyac_form_action']) && $_POST['ppmyac_form_action'] !== 'changePassword') {
61 return;
62 }
63
64 if ( ! ppress_verify_nonce()) return;
65
66 $user = wp_get_current_user();
67
68 $current_password = $_POST['password_current'];
69 $new_password = $_POST['password_new'];
70 $new_password_confirm = $_POST['password_confirm_new'];
71
72 if ($new_password !== $new_password_confirm) {
73 return $this->myac_change_password_error = esc_html__('Passwords do not match.', 'wp-user-avatar');
74 }
75
76 if ($user instanceof \WP_User && wp_check_password($current_password, $user->data->user_pass, $user->ID) && is_user_logged_in()) {
77
78 $updated_user_id = wp_update_user([
79 'ID' => $user->ID,
80 'user_pass' => $new_password,
81 ]);
82
83 do_action('ppress_myaccount_after_password_change');
84
85 if (is_wp_error($updated_user_id)) {
86 return $this->myac_change_password_error = $updated_user_id->get_error_message();
87 }
88
89 wp_safe_redirect(esc_url_raw(add_query_arg('edit', 'true')));
90 exit;
91 }
92
93 $this->myac_change_password_error = __('The password you entered is incorrect.', 'wp-user-avatar');
94 }
95
96 public function process_edit_profile_form()
97 {
98 // check if the page being viewed contains the "edit profile" shortcode. if true, redirect to login page
99 if (ppress_shortcode_exist_in_post('profilepress-edit-profile')) {
100 if ( ! is_user_logged_in()) {
101 wp_safe_redirect(ppress_login_url());
102 exit;
103 }
104 }
105
106 if (isset($_POST['eup_remove_avatar']) && $_POST['eup_remove_avatar'] == 'removed') {
107 EditUserProfile::remove_user_avatar();
108 }
109
110 if (isset($_POST['eup_remove_cover_image']) && $_POST['eup_remove_cover_image'] == 'removed') {
111 EditUserProfile::remove_user_cover_image();
112 }
113
114 if (isset($_POST['eup_submit'])) {
115
116 $state_key = 'edit_profile_form_error';
117
118 if ($this->get_global_state_error($state_key)) {
119 return $this->restore_form_error($state_key);
120 }
121
122 $form_id = absint(ppressPOST_var('pp_melange_id', @$_POST['editprofile_form_id'], true));
123
124 $redirect = ppressPOST_var('editprofile_redirect', '', true);
125
126 if ( ! empty($_POST['melange_redirect'])) {
127 $redirect = esc_url_raw($_POST['melange_redirect']);
128 }
129
130 $is_melange = isset($_POST['is_melange']) && $_POST['is_melange'] == 'true';
131
132 $response = EditUserProfile::process_func($form_id, $redirect, $is_melange);
133
134 if ( ! empty($response)) {
135
136 if ( ! $form_id) {
137 $this->set_global_state($state_key, $response);
138 $this->edit_profile_form_error = $response;
139 } else {
140 $this->set_global_state($state_key, $response, $form_id);
141 $this->edit_profile_form_error[$form_id] = $response;
142 }
143 }
144 }
145 }
146
147 public function process_registration_form()
148 {
149 if (isset($_POST['reg_submit'])) {
150
151 $state_key = 'registration_form_error';
152
153 if ($this->get_global_state_error($state_key)) {
154 return $this->restore_form_error($state_key);
155 }
156
157 $form_id = absint(ppressPOST_var('pp_melange_id', @$_POST['signup_form_id'], true));
158
159 $redirect = ppressPOST_var('signup_redirect', '', true);
160 if ( ! empty($_POST['melange_redirect'])) {
161 $redirect = sanitize_text_field($_POST['melange_redirect']);
162 }
163
164 $no_login_redirect = ! empty($_POST['signup_no_login_redirect']) ? sanitize_text_field($_POST['signup_no_login_redirect']) : '';
165
166 $is_melange = isset($_POST['is_melange']) && $_POST['is_melange'] == 'true';
167
168 $response = RegistrationAuth::register_new_user($_POST, $form_id, $redirect, $is_melange, $no_login_redirect);
169
170 if ( ! empty($response)) {
171 $response = html_entity_decode($response);
172
173 $this->registration_form_error[$form_id] = $response;
174
175 $this->set_global_state($state_key, $response, $form_id);
176 }
177 }
178 }
179
180 public function process_login_form()
181 {
182 if (isset($_GET['pp-sl-error']) && ! empty($_GET['pp-sl-error'])) {
183 $error = esc_html__('Authentication failed. Please try again', 'wp-user-avatar');
184
185 if ($_GET['pp-sl-error'] != 'true') {
186 $error = sanitize_text_field(rawurldecode($_GET['pp-sl-error']));
187 }
188
189 $this->login_form_error = '<div class="profilepress-login-status">' . $error . '</div>';
190 }
191
192 if (isset($_POST['login_submit'])) {
193
194 $state_key = 'login_form_error';
195
196 if ($this->get_global_state_error($state_key)) {
197 return $this->restore_form_error($state_key);
198 }
199
200 $username = trim($_POST['login_username']);
201 $password = $_POST['login_password'];
202 $remember_login = sanitize_text_field(@$_POST['login_remember']);
203
204 $form_id = absint(! empty($_POST['pp_melange_id']) ? $_POST['pp_melange_id'] : @$_POST['login_form_id']);
205
206 $redirect = ! empty($_POST['login_redirect']) ? sanitize_text_field($_POST['login_redirect']) : '';
207 if ( ! empty($_POST['melange_redirect'])) {
208 $redirect = sanitize_text_field($_POST['melange_redirect']);
209 }
210
211 $login_status = LoginAuth::login_auth($username, $password, $remember_login, $form_id, $redirect);
212
213 $login_error = '';
214
215 if (is_wp_error($login_status)) {
216 $login_error = '<div class="profilepress-login-status">';
217 $login_error .= $login_status->get_error_message();
218 $login_error .= '</div>';
219 }
220
221 if ( ! empty($login_error)) {
222 $this->login_form_error = [];
223 $this->login_form_error[$form_id] = $login_error;
224
225 $this->set_global_state($state_key, $login_error, $form_id);
226 }
227 }
228 }
229
230 public function process_password_reset_form()
231 {
232 $parsed_error = PasswordReset::parse_password_reset_error_codes();
233
234 if ( ! empty($parsed_error)) {
235 $this->password_reset_form_error = $parsed_error;
236 }
237
238 if ( ! isset($_POST['password_reset_submit']) || empty($_POST['password_reset_submit'])) return;
239
240 $state_key = 'password_reset_form_error';
241
242 if ($this->get_global_state_error($state_key)) {
243 return $this->restore_form_error($state_key);
244 }
245
246 $form_id = absint(! empty($_POST['pp_melange_id']) ? $_POST['pp_melange_id'] : @$_POST['passwordreset_form_id']);
247
248 $is_melange = isset($_POST['is_melange']) && $_POST['is_melange'] == 'true';
249
250 $response = PasswordReset::password_reset_status($_POST['user_login'], $form_id, $is_melange);
251
252 if ( ! empty($response)) {
253 $response = wp_specialchars_decode($response);
254
255 $this->password_reset_form_error = [];
256 $this->password_reset_form_error[$form_id] = $response;
257
258 $this->set_global_state($state_key, $response, $form_id);
259 }
260 }
261
262 public function check_password_reset_key()
263 {
264 if ( ! isset($_REQUEST['key'], $_REQUEST['login'])) return;
265
266 // Verify key / login combo
267 $user = check_password_reset_key(sanitize_text_field($_REQUEST['key']), sanitize_text_field($_REQUEST['login']));
268
269 if ($user && ! is_wp_error($user)) return;
270
271 if ($user && $user->get_error_code() === 'expired_key') {
272 wp_safe_redirect(ppress_password_reset_url() . '?error=expiredkey');
273 exit;
274 }
275
276 wp_safe_redirect(ppress_password_reset_url() . '?error=invalidkey');
277 exit;
278 }
279
280 public function process_password_reset_handler_form()
281 {
282 if (isset($_REQUEST['reset_password'], $_REQUEST['reset_key'], $_REQUEST['reset_login'])) {
283 PasswordReset::get_instance()->do_password_reset();
284 }
285 }
286 }