| 1 | <?php |
|---|
| 2 | /** |
|---|
| 3 | * The WP_Members_User Class. |
|---|
| 4 | * |
|---|
| 5 | * This is the WP_Members User object class. This class contains functions |
|---|
| 6 | * for login, logout, registration and other user related methods. |
|---|
| 7 | * |
|---|
| 8 | * @package WP-Members |
|---|
| 9 | * @subpackage WP_Members_User Object Class |
|---|
| 10 | * @since 3.0.0 |
|---|
| 11 | */ |
|---|
| 12 | |
|---|
| 13 | // Exit if accessed directly. |
|---|
| 14 | if ( ! defined( 'ABSPATH' ) ) { |
|---|
| 15 | exit(); |
|---|
| 16 | } |
|---|
| 17 | |
|---|
| 18 | class WP_Members_User { |
|---|
| 19 | |
|---|
| 20 | /** |
|---|
| 21 | * Containers for reg form data. |
|---|
| 22 | * |
|---|
| 23 | * @since 3.1.7 |
|---|
| 24 | * @access public |
|---|
| 25 | * @var array |
|---|
| 26 | */ |
|---|
| 27 | public $post_data = array(); |
|---|
| 28 | public $prev_data = array(); |
|---|
| 29 | |
|---|
| 30 | /** |
|---|
| 31 | * Container for user access information. |
|---|
| 32 | * |
|---|
| 33 | * @since 3.2.0 |
|---|
| 34 | * @access public |
|---|
| 35 | * @var array |
|---|
| 36 | */ |
|---|
| 37 | public $access = array(); |
|---|
| 38 | |
|---|
| 39 | public $reg_type; |
|---|
| 40 | |
|---|
| 41 | |
|---|
| 42 | /** |
|---|
| 43 | * The password reset object. |
|---|
| 44 | * |
|---|
| 45 | * @since Unknown |
|---|
| 46 | * @access public |
|---|
| 47 | * @var object |
|---|
| 48 | */ |
|---|
| 49 | public $pwd_reset; |
|---|
| 50 | |
|---|
| 51 | /** |
|---|
| 52 | * Initilize the User object. |
|---|
| 53 | * |
|---|
| 54 | * @since 3.1.7 |
|---|
| 55 | * |
|---|
| 56 | * @param object $settings The WP_Members Object |
|---|
| 57 | */ |
|---|
| 58 | public function __construct( $settings ) { |
|---|
| 59 | |
|---|
| 60 | add_action( 'wpmem_after_init', array( $this, 'load_user_products' ) ); |
|---|
| 61 | |
|---|
| 62 | add_action( 'user_register', array( $this, 'set_reg_type' ), 1 ); |
|---|
| 63 | add_action( 'user_register', array( $this, 'register_finalize' ), 5 ); |
|---|
| 64 | add_action( 'user_register', array( $this, 'post_register_data' ), 9 ); // Changed this to 9 so custom user meta is saved before the default (10) priority. |
|---|
| 65 | add_action( 'user_register', array( $this, 'set_user_exp' ), 25 ); |
|---|
| 66 | add_action( 'user_register', array( $this, 'register_email_to_user' ), 25 ); |
|---|
| 67 | add_action( 'user_register', array( $this, 'register_email_to_admin' ), 25 ); |
|---|
| 68 | |
|---|
| 69 | add_action( 'wpmem_register_redirect', array( $this, 'register_redirect' ), 20 ); // Adds a nonce to the redirect if there is a "redirect_to" attribute in the reg form. |
|---|
| 70 | |
|---|
| 71 | add_filter( 'registration_errors', array( $this, 'wp_register_validate' ), 10, 3 ); // native registration validation |
|---|
| 72 | |
|---|
| 73 | // Load anything the user as access to. |
|---|
| 74 | if ( 1 == $settings->enable_products ) { |
|---|
| 75 | add_action( 'user_register', array( $this, 'set_default_product' ), 6 ); |
|---|
| 76 | } |
|---|
| 77 | |
|---|
| 78 | // On file upload, check that the user folder has an index file. |
|---|
| 79 | add_action( 'wpmem_file_uploaded', array( $this, 'check_folder_for_index' ), 10 , 3 ); |
|---|
| 80 | } |
|---|
| 81 | |
|---|
| 82 | /** |
|---|
| 83 | * Loads the current user's membership products on init. |
|---|
| 84 | * |
|---|
| 85 | * @since 3.4.0 |
|---|
| 86 | */ |
|---|
| 87 | public function load_user_products() { |
|---|
| 88 | if ( is_user_logged_in() ) { |
|---|
| 89 | $this->access = wpmem_get_user_products( get_current_user_id() ); |
|---|
| 90 | } |
|---|
| 91 | } |
|---|
| 92 | |
|---|
| 93 | /** |
|---|
| 94 | * Handle user login. |
|---|
| 95 | * |
|---|
| 96 | * Built from, but replaces, the original wpmem_login() function |
|---|
| 97 | * from core.php. wpmem_login() is currently maintained as a |
|---|
| 98 | * wrapper and is the direct function called for login. |
|---|
| 99 | * |
|---|
| 100 | * @since 3.1.7 |
|---|
| 101 | * @since 3.2.3 Removed wpmem_login_fields filter. |
|---|
| 102 | * @since 3.2.3 Replaced form collection with WP script to facilitate login with username OR email. |
|---|
| 103 | * @since 3.2.3 Changed to wp_safe_redirect(). |
|---|
| 104 | * @since 3.3.9 Added wpmem_set_as_logged_in() to make sure user is set. |
|---|
| 105 | * |
|---|
| 106 | * @return string Returns "loginfailed" if failed login. |
|---|
| 107 | */ |
|---|
| 108 | public function login() { |
|---|
| 109 | |
|---|
| 110 | global $wpmem; |
|---|
| 111 | |
|---|
| 112 | $user = wp_signon( array(), is_ssl() ); |
|---|
| 113 | |
|---|
| 114 | /** |
|---|
| 115 | * Adds a hook point to hijack the login process. |
|---|
| 116 | * |
|---|
| 117 | * Useful for integration with problematic plugins like miniOrange. |
|---|
| 118 | * |
|---|
| 119 | * @since 3.5.0 |
|---|
| 120 | */ |
|---|
| 121 | $user = apply_filters( 'wpmem_after_wp_signon', $user ); |
|---|
| 122 | |
|---|
| 123 | if ( is_wp_error( $user ) ) { |
|---|
| 124 | $wpmem->error = $user; |
|---|
| 125 | return "loginfailed"; |
|---|
| 126 | } else { |
|---|
| 127 | |
|---|
| 128 | // Make sure current user is set. |
|---|
| 129 | // @todo Verify that removing this resovles 2 sessions issues per https://wordpress.org/support/topic/creating-multiple-same-sessions-on-login/ |
|---|
| 130 | // wpmem_set_as_logged_in( $user->ID ); |
|---|
| 131 | |
|---|
| 132 | $redirect_to = wpmem_get( 'redirect_to', false ); |
|---|
| 133 | $redirect_to = ( $redirect_to ) ? esc_url_raw( trim( $redirect_to ) ) : esc_url_raw( wpmem_current_url() ); |
|---|
| 134 | /** This filter defined in wp-login.php */ |
|---|
| 135 | $redirect_to = apply_filters( 'login_redirect', $redirect_to, '', $user ); |
|---|
| 136 | /** |
|---|
| 137 | * Filter the redirect url. |
|---|
| 138 | * |
|---|
| 139 | * This is the plugin's original redirect filter. In 3.1.7, |
|---|
| 140 | * WP's login_redirect filter hook was added to provide better |
|---|
| 141 | * integration support for other plugins and also for users |
|---|
| 142 | * who may already be using WP's filter(s). login_redirect |
|---|
| 143 | * comes first, then wpmem_login_redirect. So wpmem_login_redirect |
|---|
| 144 | * can be used to override a default in login_redirect. |
|---|
| 145 | * |
|---|
| 146 | * @since 2.7.7 |
|---|
| 147 | * @since 2.9.2 Added $user_id |
|---|
| 148 | * |
|---|
| 149 | * @param string $redirect_to The url to direct to. |
|---|
| 150 | * @param int $user->ID The user's primary key ID. |
|---|
| 151 | */ |
|---|
| 152 | $redirect_to = apply_filters( 'wpmem_login_redirect', $redirect_to, $user->ID ); |
|---|
| 153 | wp_safe_redirect( $redirect_to ); |
|---|
| 154 | exit(); |
|---|
| 155 | } |
|---|
| 156 | } |
|---|
| 157 | |
|---|
| 158 | /** |
|---|
| 159 | * Handle user logout. |
|---|
| 160 | * |
|---|
| 161 | * Built from, but replaces, the original wpmem_logout() function |
|---|
| 162 | * from core.php. wpmem_logout() is currently maintained as a |
|---|
| 163 | * wrapper and is the direct function called for logout. |
|---|
| 164 | * |
|---|
| 165 | * @since 3.1.7 |
|---|
| 166 | * @since 3.2.0 Added logout_redirect filter |
|---|
| 167 | * @since 3.4.0 Added $user_id for wp_logout action (to match WP, which added this in 5.5.0). |
|---|
| 168 | * |
|---|
| 169 | * @param string $redirect_to URL to redirect the user to (default: false). |
|---|
| 170 | */ |
|---|
| 171 | public function logout( $redirect_to = false ) { |
|---|
| 172 | |
|---|
| 173 | // Get the user ID for when the action is fired. |
|---|
| 174 | $user_id = get_current_user_id(); |
|---|
| 175 | |
|---|
| 176 | // Default redirect URL. |
|---|
| 177 | $redirect_to = ( $redirect_to ) ? $redirect_to : home_url(); |
|---|
| 178 | |
|---|
| 179 | /** This filter is documented in /wp-login.php */ |
|---|
| 180 | $redirect_to = apply_filters( 'logout_redirect', $redirect_to, $redirect_to, wp_get_current_user() ); |
|---|
| 181 | /** |
|---|
| 182 | * Filter where the user goes when logged out. |
|---|
| 183 | * |
|---|
| 184 | * @since 2.7.1 |
|---|
| 185 | * @since 3.1.7 Moved to WP_Members_Users Class. |
|---|
| 186 | * @since 3.4.0 Added $user_id param. |
|---|
| 187 | * |
|---|
| 188 | * @param string The blog home page. |
|---|
| 189 | */ |
|---|
| 190 | $redirect_to = apply_filters( 'wpmem_logout_redirect', $redirect_to, $user_id ); |
|---|
| 191 | |
|---|
| 192 | wp_destroy_current_session(); |
|---|
| 193 | wp_clear_auth_cookie(); |
|---|
| 194 | wp_set_current_user( 0 ); |
|---|
| 195 | |
|---|
| 196 | /** This action is defined in /wp-includes/pluggable.php. */ |
|---|
| 197 | do_action( 'wp_logout', $user_id ); |
|---|
| 198 | |
|---|
| 199 | wp_safe_redirect( $redirect_to ); |
|---|
| 200 | exit(); |
|---|
| 201 | } |
|---|
| 202 | |
|---|
| 203 | /** |
|---|
| 204 | * Sets the registration type. |
|---|
| 205 | * |
|---|
| 206 | * @since 3.3.0 |
|---|
| 207 | */ |
|---|
| 208 | public function set_reg_type() { |
|---|
| 209 | // Is this a WP-Members registration? |
|---|
| 210 | $this->reg_type['is_wpmem'] = ( 'register' == wpmem_get( 'a' ) ) ? true : false; |
|---|
| 211 | // Is this WP's native registration? Checks the native submit button. |
|---|
| 212 | $this->reg_type['is_native'] = ( esc_html__( 'Register' ) == wpmem_get( 'wp-submit' ) ) ? true : false; |
|---|
| 213 | // Is this a Users > Add New process? Checks the post action. |
|---|
| 214 | $this->reg_type['is_add_new'] = ( 'createuser' == wpmem_get( 'action' ) ) ? true : false; |
|---|
| 215 | // Is this a WooCommerce my account registration? Checks for WC fields. |
|---|
| 216 | $this->reg_type['is_woo'] = ( wpmem_get( 'woocommerce-register-nonce' ) ) ? true : false; |
|---|
| 217 | // Is this a WooCommerce checkout? |
|---|
| 218 | $this->reg_type['is_woo_checkout'] = ( wpmem_get( 'woocommerce_checkout_place_order' ) ) ? true : false; |
|---|
| 219 | // Is this a WooCommerce profile update? |
|---|
| 220 | $this->reg_type['is_woo_update'] = ( wpmem_get( 'save-account-details-nonce' ) ) ? true : false; |
|---|
| 221 | } |
|---|
| 222 | |
|---|
| 223 | /** |
|---|
| 224 | * Checks registration type. |
|---|
| 225 | * |
|---|
| 226 | * @since 3.5.0 |
|---|
| 227 | * |
|---|
| 228 | * @param string $type |
|---|
| 229 | * @return boolean |
|---|
| 230 | */ |
|---|
| 231 | function is_reg_type( $type ) { |
|---|
| 232 | return $this->reg_type[ 'is_' . $type ]; |
|---|
| 233 | } |
|---|
| 234 | |
|---|
| 235 | /** |
|---|
| 236 | * Validate user registration. |
|---|
| 237 | * |
|---|
| 238 | * @since 3.3.0 |
|---|
| 239 | * |
|---|
| 240 | * @global int $user_ID |
|---|
| 241 | * @global string $wpmem_themsg |
|---|
| 242 | * @global array $userdata |
|---|
| 243 | * |
|---|
| 244 | * @param string $tag |
|---|
| 245 | */ |
|---|
| 246 | public function register_validate( $tag ) { |
|---|
| 247 | |
|---|
| 248 | // Get the globals. |
|---|
| 249 | global $user_ID, $wpmem, $wpmem_themsg, $userdata; |
|---|
| 250 | |
|---|
| 251 | // Check the nonce. |
|---|
| 252 | if ( empty( $_POST ) || ! wp_verify_nonce( $_REQUEST[ '_wpmem_' . $tag . '_nonce' ], 'wpmem_longform_nonce' ) ) { |
|---|
| 253 | $wpmem_themsg = wpmem_get_text( 'reg_generic' ); |
|---|
| 254 | return; |
|---|
| 255 | } |
|---|
| 256 | |
|---|
| 257 | // Make sure fields are loaded. |
|---|
| 258 | wpmem_fields( $tag ); |
|---|
| 259 | |
|---|
| 260 | // Is this a registration or a user profile update? |
|---|
| 261 | if ( 'register' == $tag ) { |
|---|
| 262 | $this->post_data['username'] = sanitize_user( wpmem_get( 'username' ) ); |
|---|
| 263 | } |
|---|
| 264 | |
|---|
| 265 | // Add the user email to the $this->post_data array for _data hooks. |
|---|
| 266 | if ( isset( $wpmem->fields['user_email'] ) ) { |
|---|
| 267 | $this->post_data['user_email'] = sanitize_email( wpmem_get( 'user_email' ) ); |
|---|
| 268 | } |
|---|
| 269 | |
|---|
| 270 | // If this is an update, and tos is a field, and the user has the correct saved value, remove tos. |
|---|
| 271 | if ( 'update' == $tag && isset( $wpmem->fields['tos'] ) ) { |
|---|
| 272 | if ( get_user_meta( $user_ID, 'tos', true ) == $wpmem->fields['tos']['checked_value'] ) { |
|---|
| 273 | unset( $wpmem->fields['tos'] ); |
|---|
| 274 | } |
|---|
| 275 | } |
|---|
| 276 | |
|---|
| 277 | // Build the $this->post_data array from $_POST data. |
|---|
| 278 | foreach ( $wpmem->fields as $meta_key => $field ) { |
|---|
| 279 | if ( ( 'register' == $tag && true == $field['register'] ) || ( 'update' == $tag && true == $field['profile'] ) ) { |
|---|
| 280 | if ( 'password' != $meta_key && 'confirm_password' != $meta_key && 'username' != $meta_key ) { |
|---|
| 281 | if ( isset( $_POST[ $meta_key ] ) ) { |
|---|
| 282 | switch ( $field['type'] ) { |
|---|
| 283 | case 'checkbox': |
|---|
| 284 | $this->post_data[ $meta_key ] = sanitize_text_field( $_POST[ $meta_key ] ); |
|---|
| 285 | break; |
|---|
| 286 | case 'multiselect': |
|---|
| 287 | case 'multicheckbox': |
|---|
| 288 | $delimiter = ( isset( $field['delimiter'] ) ) ? $field['delimiter'] : '|'; |
|---|
| 289 | $this->post_data[ $meta_key ] = ( isset( $_POST[ $meta_key ] ) ) ? implode( $delimiter, wpmem_sanitize_array( $_POST[ $meta_key ] ) ) : ''; |
|---|
| 290 | break; |
|---|
| 291 | case 'textarea': |
|---|
| 292 | $this->post_data[ $meta_key ] = sanitize_textarea_field( $_POST[ $meta_key ] ); |
|---|
| 293 | break; |
|---|
| 294 | case 'email': |
|---|
| 295 | $this->post_data[ $meta_key ] = sanitize_email( $_POST[ $meta_key ] ); |
|---|
| 296 | break; |
|---|
| 297 | case 'timestamp': |
|---|
| 298 | $this->post_data[ $meta_key ] = strtotime( $_POST[ $meta_key ] ); |
|---|
| 299 | break; |
|---|
| 300 | default: |
|---|
| 301 | $this->post_data[ $meta_key ] = sanitize_text_field( $_POST[ $meta_key ] ); |
|---|
| 302 | break; |
|---|
| 303 | } |
|---|
| 304 | } else { |
|---|
| 305 | $this->post_data[ $meta_key ] = ''; |
|---|
| 306 | } |
|---|
| 307 | } else { |
|---|
| 308 | // We do have password as part of the registration form. |
|---|
| 309 | if ( isset( $_POST['password'] ) ) { |
|---|
| 310 | $this->post_data['password'] = $_POST['password']; // wp_insert_user() hashes this, so sanitizing is unnessary (and undesirable). |
|---|
| 311 | } |
|---|
| 312 | if ( isset( $_POST['confirm_password'] ) ) { |
|---|
| 313 | $this->post_data['confirm_password'] = $_POST['confirm_password']; |
|---|
| 314 | } |
|---|
| 315 | } |
|---|
| 316 | } |
|---|
| 317 | } |
|---|
| 318 | |
|---|
| 319 | /** |
|---|
| 320 | * Filter the submitted form fields prior to validation. |
|---|
| 321 | * |
|---|
| 322 | * @since 2.8.2 |
|---|
| 323 | * @since 3.1.7 Added $tag |
|---|
| 324 | * @since 3.2.0 Moved to regiser_validate() method in user object class. |
|---|
| 325 | * |
|---|
| 326 | * @param array $this->post_data An array of the posted form field data. |
|---|
| 327 | * @param string $tag |
|---|
| 328 | */ |
|---|
| 329 | $this->post_data = apply_filters( 'wpmem_pre_validate_form', $this->post_data, $tag ); |
|---|
| 330 | |
|---|
| 331 | // Adds integration for custom error codes triggered by "register_post" or contained in "registration_errors" |
|---|
| 332 | // @todo This will move towards integrating all WP-Members registration errors into the "registration_errors" filter |
|---|
| 333 | // and allow for more standardized custom validation. |
|---|
| 334 | /* $errors = new WP_Error(); |
|---|
| 335 | do_action( 'register_post', $sanitized_user_login, $user_email, $errors ); |
|---|
| 336 | $errors = apply_filters( 'registration_errors', $errors, $this->post_data['username'], $this->post_data['user_email'] ); |
|---|
| 337 | if ( count( $errors->get_error_messages() ) > 0 ) { |
|---|
| 338 | $wpmem_themsg = $errors->get_error_message(); |
|---|
| 339 | return; |
|---|
| 340 | } */ |
|---|
| 341 | |
|---|
| 342 | if ( 'update' == $tag ) { |
|---|
| 343 | $pass_arr = array( 'username', 'password', 'confirm_password', 'password_confirm' ); |
|---|
| 344 | foreach ( $pass_arr as $pass ) { |
|---|
| 345 | unset( $wpmem->fields[ $pass ] ); |
|---|
| 346 | } |
|---|
| 347 | } |
|---|
| 348 | |
|---|
| 349 | // Check for required fields, reverse the array for logical error message order. |
|---|
| 350 | foreach ( array_reverse( $wpmem->fields ) as $meta_key => $field ) { |
|---|
| 351 | // Validation if the field is required. |
|---|
| 352 | if ( true == $field['required'] ) { |
|---|
| 353 | if ( 'file' == $field['type'] || 'image' == $field['type'] ) { |
|---|
| 354 | // If this is a new registration. |
|---|
| 355 | if ( 'register' == $tag ) { |
|---|
| 356 | // If the required field is a file type. |
|---|
| 357 | if ( empty( $_FILES[ $meta_key ]['name'] ) ) { |
|---|
| 358 | $wpmem_themsg = sprintf( wpmem_get_text( 'reg_empty_field' ), esc_html__( $field['label'], 'wp-members' ) ); |
|---|
| 359 | } |
|---|
| 360 | } |
|---|
| 361 | } else { |
|---|
| 362 | // If the required field is any other field type. |
|---|
| 363 | if ( ( 'register' == $tag && true == $field['register'] ) || ( 'update' == $tag && true == $field['profile'] ) ) { |
|---|
| 364 | if ( null == $this->post_data[ $meta_key ] ) { |
|---|
| 365 | $wpmem_themsg = sprintf( wpmem_get_text( 'reg_empty_field' ), esc_html__( $field['label'], 'wp-members' ) ); |
|---|
| 366 | } |
|---|
| 367 | } |
|---|
| 368 | } |
|---|
| 369 | } |
|---|
| 370 | |
|---|
| 371 | // Validate file field type. |
|---|
| 372 | if ( 'file' == $field['type'] || 'image' == $field['type'] ) { |
|---|
| 373 | if ( '' == $field['file_types'] ) { |
|---|
| 374 | $field['file_types'] = ( 'image' == $field['type'] ) ? 'gif|png|jpg|jpeg|bmp' : 'doc|docx|pdf|zip'; |
|---|
| 375 | } |
|---|
| 376 | $allowed_file_types = explode( '|', $field['file_types'] ); |
|---|
| 377 | $msg_types = implode( ', ', $allowed_file_types ); |
|---|
| 378 | if ( ! empty( $_FILES[ $meta_key ]['name'] ) ) { |
|---|
| 379 | $extension = pathinfo( $_FILES[ $meta_key ]['name'], PATHINFO_EXTENSION ); |
|---|
| 380 | if ( ! in_array( $extension, $allowed_file_types ) ) { |
|---|
| 381 | $wpmem_themsg = sprintf( wpmem_get_text( 'reg_file_type' ), esc_html__( $field['label'], 'wp-members' ), str_replace( '|', ',', $msg_types ) ); |
|---|
| 382 | } |
|---|
| 383 | } |
|---|
| 384 | } |
|---|
| 385 | } |
|---|
| 386 | |
|---|
| 387 | if ( 'register' == $tag ) { |
|---|
| 388 | if ( is_multisite() ) { |
|---|
| 389 | // Multisite has different requirements. |
|---|
| 390 | $result = wpmu_validate_user_signup( $this->post_data['username'], $this->post_data['user_email'] ); |
|---|
| 391 | $errors = $result['errors']; |
|---|
| 392 | if ( $errors->errors ) { |
|---|
| 393 | $wpmem_themsg = $errors->get_error_message(); |
|---|
| 394 | return $wpmem_themsg; |
|---|
| 395 | exit(); |
|---|
| 396 | } |
|---|
| 397 | |
|---|
| 398 | } else { |
|---|
| 399 | // Validate username and email fields. |
|---|
| 400 | $wpmem_themsg = ( email_exists( $this->post_data['user_email'] ) ) ? "email" : $wpmem_themsg; |
|---|
| 401 | $wpmem_themsg = ( username_exists( $this->post_data['username'] ) ) ? "user" : $wpmem_themsg; |
|---|
| 402 | $wpmem_themsg = ( ! is_email( $this->post_data['user_email']) ) ? wpmem_get_text( 'reg_valid_email' ) : $wpmem_themsg; |
|---|
| 403 | $wpmem_themsg = ( ! validate_username( $this->post_data['username'] ) ) ? wpmem_get_text( 'reg_non_alphanumeric' ) : $wpmem_themsg; |
|---|
| 404 | $wpmem_themsg = ( ! $this->post_data['username'] ) ? wpmem_get_text( 'reg_empty_username' ) : $wpmem_themsg; |
|---|
| 405 | |
|---|
| 406 | // If there is an error from username, email, or required field validation, stop registration and return the error. |
|---|
| 407 | if ( $wpmem_themsg ) { |
|---|
| 408 | return $wpmem_themsg; |
|---|
| 409 | exit(); |
|---|
| 410 | } |
|---|
| 411 | } |
|---|
| 412 | |
|---|
| 413 | // If form contains password and email confirmation, validate that they match. |
|---|
| 414 | if ( array_key_exists( 'confirm_password', $this->post_data ) && $this->post_data['confirm_password'] != $this->post_data ['password'] ) { |
|---|
| 415 | $wpmem_themsg = wpmem_get_text( 'reg_password_match' ); |
|---|
| 416 | } |
|---|
| 417 | if ( array_key_exists( 'confirm_email', $this->post_data ) && $this->post_data['confirm_email'] != $this->post_data ['user_email'] ) { |
|---|
| 418 | $wpmem_themsg = wpmem_get_text( 'reg_email_match' ); |
|---|
| 419 | } |
|---|
| 420 | |
|---|
| 421 | // Process CAPTCHA. |
|---|
| 422 | if ( 0 != $wpmem->captcha ) { |
|---|
| 423 | $check_captcha = WP_Members_Captcha::validate(); |
|---|
| 424 | if ( false === $check_captcha ) { |
|---|
| 425 | return "empty"; // @todo Return and/or set error object. For now changed to return original value. |
|---|
| 426 | } |
|---|
| 427 | } |
|---|
| 428 | |
|---|
| 429 | // Check for user defined password. |
|---|
| 430 | $this->post_data['password'] = wpmem_get( 'password', wp_generate_password() ); |
|---|
| 431 | |
|---|
| 432 | // Add for _data hooks |
|---|
| 433 | $this->post_data['user_registered'] = current_time( 'mysql', 1 ); |
|---|
| 434 | $this->post_data['user_role'] = get_option( 'default_role' ); |
|---|
| 435 | $this->post_data['wpmem_reg_ip'] = sanitize_text_field( wpmem_get_user_ip() ); |
|---|
| 436 | $this->post_data['wpmem_reg_url'] = esc_url_raw( wpmem_get( 'wpmem_reg_page', wpmem_get( 'redirect_to', false, 'request' ), 'request' ) ); |
|---|
| 437 | |
|---|
| 438 | /* |
|---|
| 439 | * These native fields are not installed by default, but if they |
|---|
| 440 | * are added, use the $_POST value - otherwise, default to username. |
|---|
| 441 | * Value can be filtered with wpmem_register_data. |
|---|
| 442 | */ |
|---|
| 443 | $this->post_data['user_nicename'] = sanitize_title( wpmem_get( 'user_nicename', $this->post_data['username'] ) ); |
|---|
| 444 | $this->post_data['display_name'] = sanitize_text_field( wpmem_get( 'display_name', $this->post_data['username'] ) ); |
|---|
| 445 | $this->post_data['nickname'] = sanitize_text_field( wpmem_get( 'nickname', $this->post_data['username'] ) ); |
|---|
| 446 | } |
|---|
| 447 | } |
|---|
| 448 | |
|---|
| 449 | /** |
|---|
| 450 | * Validates registration fields in the native WP registration. |
|---|
| 451 | * |
|---|
| 452 | * @since 2.8.3 |
|---|
| 453 | * @since 3.3.0 Ported from wpmem_wp_reg_validate() in wp-registration.php. |
|---|
| 454 | * |
|---|
| 455 | * @global object $wpmem The WP-Members object class. |
|---|
| 456 | * |
|---|
| 457 | * @param array $errors A WP_Error object containing any errors encountered during registration. |
|---|
| 458 | * @param string $sanitized_user_login User's username after it has been sanitized. |
|---|
| 459 | * @param string $user_email User's email. |
|---|
| 460 | * @return array $errors A WP_Error object containing any errors encountered during registration. |
|---|
| 461 | */ |
|---|
| 462 | public function wp_register_validate( $errors, $sanitized_user_login, $user_email ) { |
|---|
| 463 | |
|---|
| 464 | global $wpmem; |
|---|
| 465 | |
|---|
| 466 | // Get any meta fields that should be excluded. |
|---|
| 467 | $exclude = wpmem_get_excluded_meta( 'wp-register' ); |
|---|
| 468 | |
|---|
| 469 | foreach ( wpmem_fields( 'register_wp' ) as $meta_key => $field ) { |
|---|
| 470 | $is_error = false; |
|---|
| 471 | if ( true == $field['required'] && true == $field['register'] && $meta_key != 'user_email' && ! in_array( $meta_key, $exclude ) ) { |
|---|
| 472 | if ( ( $field['type'] == 'checkbox' || $field['type'] == 'multicheckbox' || $field['type'] == 'multiselect' || $field['type'] == 'radio' ) && ( ! isset( $_POST[ $meta_key ] ) ) ) { |
|---|
| 473 | $is_error = true; |
|---|
| 474 | } |
|---|
| 475 | if ( ( $field['type'] != 'checkbox' && $field['type'] != 'multicheckbox' && $field['type'] != 'multiselect' && $field['type'] != 'radio' ) && ( ! $_POST[ $meta_key ] ) ) { |
|---|
| 476 | $is_error = true; |
|---|
| 477 | } |
|---|
| 478 | if ( $is_error ) { |
|---|
| 479 | $errors->add( 'wpmem_error', sprintf( wpmem_get_text( 'reg_empty_field' ), esc_html__( $field['label'], 'wp-members' ) ) ); |
|---|
| 480 | } |
|---|
| 481 | } |
|---|
| 482 | } |
|---|
| 483 | |
|---|
| 484 | // Process CAPTCHA. |
|---|
| 485 | if ( $wpmem->captcha > 0 ) { |
|---|
| 486 | $check_captcha = WP_Members_Captcha::validate(); |
|---|
| 487 | if ( false === $check_captcha ) { |
|---|
| 488 | $errors->add( 'wpmem_captcha_error', sprintf( wpmem_get_text( 'reg_captcha_err' ), esc_html__( $field['label'], 'wp-members' ) ) ); |
|---|
| 489 | } |
|---|
| 490 | } |
|---|
| 491 | |
|---|
| 492 | return $errors; |
|---|
| 493 | } |
|---|
| 494 | |
|---|
| 495 | /** |
|---|
| 496 | * User registration functions. |
|---|
| 497 | * |
|---|
| 498 | * @since 3.1.7 |
|---|
| 499 | * @since 3.2.6 Added handler for membership field type. |
|---|
| 500 | * @since 3.3.0 Changed from register() to register_finalize(). |
|---|
| 501 | * |
|---|
| 502 | * @global object $wpmem |
|---|
| 503 | * @param int $user_id |
|---|
| 504 | */ |
|---|
| 505 | public function register_finalize( $user_id ) { |
|---|
| 506 | |
|---|
| 507 | global $wpmem; |
|---|
| 508 | |
|---|
| 509 | // If this is WP-Members registration. |
|---|
| 510 | if ( $this->reg_type['is_wpmem'] ) { |
|---|
| 511 | // Put user ID into post_data array. |
|---|
| 512 | $this->post_data['ID'] = $user_id; |
|---|
| 513 | |
|---|
| 514 | // Set remaining fields to wp_usermeta table. |
|---|
| 515 | $new_user_fields_meta = array( 'user_url', 'first_name', 'last_name', 'description' ); |
|---|
| 516 | foreach ( $wpmem->fields as $meta_key => $field ) { |
|---|
| 517 | // If the field is not excluded, update accordingly. |
|---|
| 518 | if ( ! in_array( $meta_key, wpmem_get_excluded_meta( 'register' ) ) && ! in_array( $meta_key, $new_user_fields_meta ) ) { |
|---|
| 519 | if ( $field['register'] && 'user_email' != $meta_key ) { |
|---|
| 520 | // Assign memberships, if applicable. |
|---|
| 521 | if ( 'membership' == $field['type'] && 1 == $wpmem->enable_products ) { |
|---|
| 522 | wpmem_set_user_product( $this->post_data[ $meta_key ], $user_id ); |
|---|
| 523 | } else { |
|---|
| 524 | update_user_meta( $user_id, $meta_key, $this->post_data[ $meta_key ] ); |
|---|
| 525 | } |
|---|
| 526 | } |
|---|
| 527 | } |
|---|
| 528 | } |
|---|
| 529 | |
|---|
| 530 | // Store the registration url. |
|---|
| 531 | update_user_meta( $user_id, 'wpmem_reg_url', $this->post_data['wpmem_reg_url'] ); |
|---|
| 532 | |
|---|
| 533 | // Handle file uploads, if any. |
|---|
| 534 | if ( ! empty( $_FILES ) ) { |
|---|
| 535 | $this->upload_user_files( $user_id, $wpmem->fields ); |
|---|
| 536 | } |
|---|
| 537 | } |
|---|
| 538 | |
|---|
| 539 | // If this is native WP (wp-login.php), Users > Add New, or WooCommerce registration. |
|---|
| 540 | if ( $this->reg_type['is_native'] || $this->reg_type['is_add_new'] || $this->reg_type['is_woo'] ) { |
|---|
| 541 | |
|---|
| 542 | // Add new should process all fields. |
|---|
| 543 | $which_fields = ( $this->reg_type['is_add_new'] ) ? 'all' : 'register_wp'; |
|---|
| 544 | |
|---|
| 545 | // Get any excluded meta fields. |
|---|
| 546 | $exclude = wpmem_get_excluded_meta( 'wp-register' ); |
|---|
| 547 | $fields = wpmem_fields( $which_fields ); |
|---|
| 548 | if ( is_array( $fields ) && ! empty( $fields ) ) { |
|---|
| 549 | foreach ( $fields as $meta_key => $field ) { |
|---|
| 550 | $value = wpmem_get( $meta_key, false ); |
|---|
| 551 | if ( false !== $value && ! in_array( $meta_key, $exclude ) && 'file' != $field['type'] && 'image' != $field['type'] ) { |
|---|
| 552 | if ( 'multiselect' == $field['type'] || 'multicheckbox' == $field['type'] ) { |
|---|
| 553 | $value = implode( $field['delimiter'], $value ); |
|---|
| 554 | } |
|---|
| 555 | $sanitized_value = sanitize_text_field( $value ); |
|---|
| 556 | update_user_meta( $user_id, $meta_key, $sanitized_value ); |
|---|
| 557 | } |
|---|
| 558 | } |
|---|
| 559 | } |
|---|
| 560 | } |
|---|
| 561 | |
|---|
| 562 | // If this is Users > Add New. |
|---|
| 563 | if ( is_admin() && $this->reg_type['is_add_new'] ) { |
|---|
| 564 | // If moderated registration and activate is checked, set active flags. |
|---|
| 565 | if ( 1 == $wpmem->mod_reg && isset( $_POST['activate_user'] ) ) { |
|---|
| 566 | update_user_meta( $user_id, 'active', 1 ); |
|---|
| 567 | wpmem_set_user_status( $user_id, 0 ); |
|---|
| 568 | } |
|---|
| 569 | } |
|---|
| 570 | |
|---|
| 571 | // Capture IP address of all users at registration. |
|---|
| 572 | $user_ip = ( $this->reg_type['is_wpmem'] ) ? $this->post_data['wpmem_reg_ip'] : wpmem_get_user_ip(); // Sanitized at source now. |
|---|
| 573 | update_user_meta( $user_id, 'wpmem_reg_ip', $user_ip ); |
|---|
| 574 | |
|---|
| 575 | } |
|---|
| 576 | |
|---|
| 577 | /** |
|---|
| 578 | * Fires wpmem_post_register_data action. |
|---|
| 579 | * |
|---|
| 580 | * @since 3.3.2 |
|---|
| 581 | * |
|---|
| 582 | * @param int $user_id |
|---|
| 583 | */ |
|---|
| 584 | public function post_register_data( $user_id ) { |
|---|
| 585 | $this->post_data['ID'] = $user_id; |
|---|
| 586 | /** |
|---|
| 587 | * Fires after user insertion but before email. |
|---|
| 588 | * |
|---|
| 589 | * @since 2.7.2 |
|---|
| 590 | * @since 3.3.2 Hooked to user_register. |
|---|
| 591 | * |
|---|
| 592 | * @param array $this->post_data The user's submitted registration data. |
|---|
| 593 | */ |
|---|
| 594 | do_action( 'wpmem_post_register_data', $this->post_data ); |
|---|
| 595 | } |
|---|
| 596 | |
|---|
| 597 | /** |
|---|
| 598 | * Sends emails on registration. |
|---|
| 599 | * |
|---|
| 600 | * @since 3.3.0 |
|---|
| 601 | * |
|---|
| 602 | * @param int $user_id |
|---|
| 603 | */ |
|---|
| 604 | public function register_email_to_user( $user_id ) { |
|---|
| 605 | $send_notification = ( wpmem_is_reg_type( 'wpmem' ) ) ? true : false; |
|---|
| 606 | /** |
|---|
| 607 | * Filter whether register notification is sent. |
|---|
| 608 | * |
|---|
| 609 | * @since 3.5.0 |
|---|
| 610 | * |
|---|
| 611 | * @param boolean $send_notification |
|---|
| 612 | */ |
|---|
| 613 | $send_notification = apply_filters( 'wpmem_enable_user_notification', $send_notification, $user_id ); |
|---|
| 614 | if ( $send_notification ) { |
|---|
| 615 | wpmem_email_to_user( array( |
|---|
| 616 | 'user_id' => $user_id, |
|---|
| 617 | 'password' => $this->post_data['password'], |
|---|
| 618 | 'tag' => ( wpmem_is_enabled( 'mod_reg' ) ) ? 'newmod' : 'newreg', |
|---|
| 619 | 'wpmem_fields' => wpmem_fields(), |
|---|
| 620 | 'fields' => $this->post_data |
|---|
| 621 | ) ); |
|---|
| 622 | } |
|---|
| 623 | } |
|---|
| 624 | |
|---|
| 625 | /** |
|---|
| 626 | * Sends admin notifiction on registration. |
|---|
| 627 | * |
|---|
| 628 | * @since 3.3.0 |
|---|
| 629 | * |
|---|
| 630 | * @param int $user_id |
|---|
| 631 | */ |
|---|
| 632 | public function register_email_to_admin( $user_id ) { |
|---|
| 633 | $allowed_reg_types = array( 'wpmem' ); // @todo |
|---|
| 634 | $send_notification = ( wpmem_is_reg_type( 'wpmem' ) && wpmem_is_enabled( 'notify' ) ) ? true : false; |
|---|
| 635 | /** |
|---|
| 636 | * Filter whether register notification is sent. |
|---|
| 637 | * |
|---|
| 638 | * @since 3.5.0 |
|---|
| 639 | * |
|---|
| 640 | * @param boolean $send_notification |
|---|
| 641 | */ |
|---|
| 642 | $send_notification = apply_filters( 'wpmem_enable_admin_notification', $send_notification, $user_id, wpmem_fields(), $this->post_data ); |
|---|
| 643 | if ( $send_notification ) { |
|---|
| 644 | wpmem_notify_admin( $user_id, wpmem_fields(), $this->post_data ); |
|---|
| 645 | } |
|---|
| 646 | } |
|---|
| 647 | |
|---|
| 648 | /** |
|---|
| 649 | * Redirects user on registration. |
|---|
| 650 | * |
|---|
| 651 | * @since 3.1.7 |
|---|
| 652 | */ |
|---|
| 653 | public function register_redirect() { |
|---|
| 654 | $redirect_to = wpmem_get( 'redirect_to', false ); |
|---|
| 655 | if ( $redirect_to ) { |
|---|
| 656 | $nonce_url = wp_nonce_url( $redirect_to, 'register_redirect', 'reg_nonce' ); |
|---|
| 657 | wp_safe_redirect( $nonce_url ); |
|---|
| 658 | exit(); |
|---|
| 659 | } |
|---|
| 660 | } |
|---|
| 661 | |
|---|
| 662 | /** |
|---|
| 663 | * Password change or reset. |
|---|
| 664 | * |
|---|
| 665 | * @since 3.1.7 |
|---|
| 666 | * |
|---|
| 667 | * @param string $action |
|---|
| 668 | * @return string $result |
|---|
| 669 | */ |
|---|
| 670 | public function password_update( $action ) { |
|---|
| 671 | $this->pwd_reset = new WP_Members_Pwd_Reset; |
|---|
| 672 | if ( isset( $_POST['formsubmit'] ) ) { |
|---|
| 673 | if ( 'link' == $action ) { |
|---|
| 674 | $user = wpmem_get( 'user', false ); |
|---|
| 675 | $user = ( strpos( $user, '@' ) ) ? sanitize_email( $user ) : sanitize_user( $user ); |
|---|
| 676 | $args = array( 'user' => $user ); |
|---|
| 677 | return $this->password_link( $args ); |
|---|
| 678 | } else { |
|---|
| 679 | $args = array( |
|---|
| 680 | 'pass1' => wpmem_get( 'pass1', false ), |
|---|
| 681 | 'pass2' => wpmem_get( 'pass2', false ), |
|---|
| 682 | ); |
|---|
| 683 | return $this->password_change( $args ); |
|---|
| 684 | } |
|---|
| 685 | } |
|---|
| 686 | return; |
|---|
| 687 | } |
|---|
| 688 | |
|---|
| 689 | /** |
|---|
| 690 | * Change a user's password() |
|---|
| 691 | * |
|---|
| 692 | * @since 3.1.7 |
|---|
| 693 | * |
|---|
| 694 | * @return |
|---|
| 695 | */ |
|---|
| 696 | public function password_change( $args ) { |
|---|
| 697 | global $user_ID; |
|---|
| 698 | $is_error = false; |
|---|
| 699 | // Check for both fields being empty. |
|---|
| 700 | $is_error = ( ! $args['pass1'] && ! $args['pass2'] ) ? "pwdchangempty" : $is_error; |
|---|
| 701 | // Make sure the fields match. |
|---|
| 702 | $is_error = ( $args['pass1'] != $args['pass2'] ) ? "pwdchangerr" : $is_error; |
|---|
| 703 | /** |
|---|
| 704 | * Filters the password change error. |
|---|
| 705 | * |
|---|
| 706 | * @since 3.1.5 |
|---|
| 707 | * @since 3.1.7 Moved to user object. |
|---|
| 708 | * |
|---|
| 709 | * @param string $is_error |
|---|
| 710 | * @param int $user_ID The user's numeric ID. |
|---|
| 711 | * @param string $args['pass1'] The user's new plain text password. |
|---|
| 712 | */ |
|---|
| 713 | $is_error = apply_filters( 'wpmem_pwd_change_error', $is_error, $user_ID, $args['pass1'] ); |
|---|
| 714 | // User must be logged in OR must be resetting a forgotten password. |
|---|
| 715 | $is_error = ( ! is_user_logged_in() && 'set_password_from_key' != wpmem_get( 'a', false, 'request' ) ) ? "loggedin" : $is_error; |
|---|
| 716 | // Verify nonce. |
|---|
| 717 | $is_error = ( ! wp_verify_nonce( $_REQUEST['_wpmem_pwdchange_nonce'], 'wpmem_shortform_nonce' ) ) ? "reg_generic" : $is_error; |
|---|
| 718 | if ( $is_error ) { |
|---|
| 719 | return $is_error; |
|---|
| 720 | } |
|---|
| 721 | /** |
|---|
| 722 | * Fires after password change. |
|---|
| 723 | * |
|---|
| 724 | * @since 2.9.0 |
|---|
| 725 | * @since 3.0.5 Added $args['pass1'] to arguments passed. |
|---|
| 726 | * @since 3.1.7 Moved to user object. |
|---|
| 727 | * |
|---|
| 728 | * @param int $user_ID The user's numeric ID. |
|---|
| 729 | * @param string $args['pass1'] The user's new plain text password. |
|---|
| 730 | */ |
|---|
| 731 | do_action( 'wpmem_pwd_change', $user_ID, $args['pass1'] ); |
|---|
| 732 | return "pwdchangesuccess"; |
|---|
| 733 | } |
|---|
| 734 | |
|---|
| 735 | /** |
|---|
| 736 | * Reset a user's password. |
|---|
| 737 | * |
|---|
| 738 | * Replaces WP_Members_User::password_reset() |
|---|
| 739 | * |
|---|
| 740 | * @since Unknown |
|---|
| 741 | * |
|---|
| 742 | */ |
|---|
| 743 | public function password_link( $args ) { |
|---|
| 744 | global $wpmem; |
|---|
| 745 | /** |
|---|
| 746 | * Filter the password reset arguments. |
|---|
| 747 | * |
|---|
| 748 | * @since 3.4.2 |
|---|
| 749 | * |
|---|
| 750 | * @param array The username or email. |
|---|
| 751 | */ |
|---|
| 752 | $arr = apply_filters( 'wpmem_pwdreset_args', $args ); |
|---|
| 753 | |
|---|
| 754 | $errors = new WP_Error(); |
|---|
| 755 | |
|---|
| 756 | if ( ! isset( $arr['user'] ) || '' == $arr['user'] ) { |
|---|
| 757 | // There was an empty field. |
|---|
| 758 | $errors->add( 'empty', wpmem_get_text( 'pwd_reset_empty' ) ); |
|---|
| 759 | return "pwdreseterr"; |
|---|
| 760 | |
|---|
| 761 | } else { |
|---|
| 762 | |
|---|
| 763 | if ( ! wp_verify_nonce( $_REQUEST['_wpmem_pwdreset_nonce'], 'wpmem_shortform_nonce' ) ) { |
|---|
| 764 | $errors->add( 'nonce', wpmem_get_text( 'pwd_reset_nonce' ) ); |
|---|
| 765 | return "reg_generic"; |
|---|
| 766 | } |
|---|
| 767 | |
|---|
| 768 | $user_to_check = ( strpos( $arr['user'], '@' ) ) ? sanitize_email( $arr['user'] ) : sanitize_user( $arr['user'] ); |
|---|
| 769 | |
|---|
| 770 | if ( username_exists( $user_to_check ) ) { |
|---|
| 771 | $user = get_user_by( 'login', $user_to_check ); |
|---|
| 772 | } elseif ( email_exists( $user_to_check ) ) { |
|---|
| 773 | $user = get_user_by( 'email', $user_to_check ); |
|---|
| 774 | } else { |
|---|
| 775 | $user = false; |
|---|
| 776 | } |
|---|
| 777 | |
|---|
| 778 | if ( ! is_wp_error( $user ) && false != $user ) { |
|---|
| 779 | |
|---|
| 780 | $has_error = false; |
|---|
| 781 | |
|---|
| 782 | // Check if user is approved. |
|---|
| 783 | if ( ( wpmem_is_mod_reg() ) && ( ! wpmem_is_user_activated( $user->ID ) ) ) { |
|---|
| 784 | $errors->add( 'acct_not_approved', wpmem_get_text( 'acct_not_approved' ) ); |
|---|
| 785 | $has_error = true; |
|---|
| 786 | } |
|---|
| 787 | |
|---|
| 788 | // Check if user is validated. |
|---|
| 789 | if ( ( wpmem_is_act_link() ) && ( ! wpmem_is_user_confirmed( $user->ID ) ) ) { |
|---|
| 790 | $errors->add( 'acct_not_validated', wpmem_get_text( 'acct_not_validated' ) ); |
|---|
| 791 | $has_error = true; |
|---|
| 792 | } |
|---|
| 793 | |
|---|
| 794 | // If either of these are an error, dump the user object. |
|---|
| 795 | $user = ( $has_error ) ? false : $user; |
|---|
| 796 | } |
|---|
| 797 | |
|---|
| 798 | if ( $user ) { |
|---|
| 799 | wpmem_email_to_user( array( 'user_id'=>$user->ID, 'tag'=>'repass' ) ); |
|---|
| 800 | /** This action is documented in /includes/class-wp-members-user.php */ |
|---|
| 801 | do_action( 'wpmem_pwd_reset', $user->ID, '' ); |
|---|
| 802 | return "pwdresetsuccess"; |
|---|
| 803 | |
|---|
| 804 | } else { |
|---|
| 805 | // Username did not exist, or cannot reset password. |
|---|
| 806 | if ( $errors->has_errors() ) { |
|---|
| 807 | $wpmem->error = $errors; |
|---|
| 808 | } |
|---|
| 809 | return "pwdreseterr"; |
|---|
| 810 | } |
|---|
| 811 | } |
|---|
| 812 | return; |
|---|
| 813 | } |
|---|
| 814 | |
|---|
| 815 | /** |
|---|
| 816 | * Handles resending a confirmation link email. |
|---|
| 817 | * |
|---|
| 818 | * @since 3.5.0 |
|---|
| 819 | * |
|---|
| 820 | * @global object $wpmem |
|---|
| 821 | * @return string $regchk The regchk value. |
|---|
| 822 | */ |
|---|
| 823 | public function resend_confirm() { |
|---|
| 824 | if ( isset( $_POST['formsubmit'] ) ) { |
|---|
| 825 | |
|---|
| 826 | if ( ! wp_verify_nonce( $_REQUEST['_wpmem_reconfirm_nonce'], 'wpmem_shortform_nonce' ) ) { |
|---|
| 827 | return "reg_generic"; |
|---|
| 828 | } |
|---|
| 829 | |
|---|
| 830 | $check_user = wpmem_get( 'user', false ); |
|---|
| 831 | |
|---|
| 832 | $sanitized_user_to_check = ( strpos( $check_user, '@' ) ) ? sanitize_email( $check_user ) : sanitize_user( $check_user ); |
|---|
| 833 | |
|---|
| 834 | if ( username_exists( $sanitized_user_to_check ) ) { |
|---|
| 835 | $user = get_user_by( 'login', $sanitized_user_to_check ); |
|---|
| 836 | } elseif ( email_exists( $sanitized_user_to_check ) ) { |
|---|
| 837 | $user = get_user_by( 'email', $sanitized_user_to_check ); |
|---|
| 838 | } else { |
|---|
| 839 | $user = false; |
|---|
| 840 | } |
|---|
| 841 | |
|---|
| 842 | if ( $user ) { |
|---|
| 843 | // Send it in an email. |
|---|
| 844 | wpmem_email_to_user( array( |
|---|
| 845 | 'user_id' => intval( $user->ID ), |
|---|
| 846 | 'tag' => ( wpmem_is_enabled( 'mod_reg' ) ) ? 'newmod' : 'newreg' |
|---|
| 847 | ) ); |
|---|
| 848 | /** |
|---|
| 849 | * Fires after resending confirmation. |
|---|
| 850 | * |
|---|
| 851 | * @since 3.1.5 |
|---|
| 852 | * |
|---|
| 853 | * @param int $user_ID The user's numeric ID. |
|---|
| 854 | */ |
|---|
| 855 | do_action( 'wpmem_reconfirm', intval( $user->ID ) ); |
|---|
| 856 | return 'reconfirmsuccess'; |
|---|
| 857 | } else { |
|---|
| 858 | return 'reconfirmfailed'; |
|---|
| 859 | } |
|---|
| 860 | } |
|---|
| 861 | return; |
|---|
| 862 | } |
|---|
| 863 | |
|---|
| 864 | /** |
|---|
| 865 | * Handles resending a confirmation email. |
|---|
| 866 | * |
|---|
| 867 | * @since 3.5.0 |
|---|
| 868 | * |
|---|
| 869 | * @global object $wpmem |
|---|
| 870 | * @return string $regchk The regchk value. |
|---|
| 871 | */ |
|---|
| 872 | public function retrieve_username() { |
|---|
| 873 | if ( isset( $_POST['formsubmit'] ) ) { |
|---|
| 874 | |
|---|
| 875 | if ( ! wp_verify_nonce( $_REQUEST['_wpmem_getusername_nonce'], 'wpmem_shortform_nonce' ) ) { |
|---|
| 876 | return "reg_generic"; |
|---|
| 877 | } |
|---|
| 878 | |
|---|
| 879 | $sanitized_email = wpmem_get_sanitized( 'user_email', false, 'post', 'email' ); |
|---|
| 880 | $user = ( false != $sanitized_email ) ? get_user_by( 'email', $sanitized_email ) : false; |
|---|
| 881 | if ( $user ) { |
|---|
| 882 | // Send it in an email. |
|---|
| 883 | wpmem_email_to_user( array( 'user_id'=>intval( $user->ID ), 'tag'=>'getuser' ) ); |
|---|
| 884 | /** |
|---|
| 885 | * Fires after retrieving username. |
|---|
| 886 | * |
|---|
| 887 | * @since 3.0.8 |
|---|
| 888 | * |
|---|
| 889 | * @param int $user_ID The user's numeric ID. |
|---|
| 890 | */ |
|---|
| 891 | do_action( 'wpmem_get_username', intval( $user->ID ) ); |
|---|
| 892 | return 'usernamesuccess'; |
|---|
| 893 | } else { |
|---|
| 894 | return 'usernamefailed'; |
|---|
| 895 | } |
|---|
| 896 | } |
|---|
| 897 | return; |
|---|
| 898 | } |
|---|
| 899 | |
|---|
| 900 | /** |
|---|
| 901 | * Handle user file uploads for registration and profile update. |
|---|
| 902 | * |
|---|
| 903 | * @since 3.1.8 |
|---|
| 904 | * @since 3.2.6 Add file's post ID to $this->post_data. |
|---|
| 905 | * @since 3.4.7 Add wpmem_file_uploaded action hook. |
|---|
| 906 | * |
|---|
| 907 | * @param string $user_id |
|---|
| 908 | * @param array $fields |
|---|
| 909 | */ |
|---|
| 910 | public function upload_user_files( $user_id, $fields ) { |
|---|
| 911 | global $wpmem; |
|---|
| 912 | foreach ( $fields as $meta_key => $field ) { |
|---|
| 913 | if ( ( 'file' == $field['type'] || 'image' == $field['type'] ) && isset( $_FILES[ $meta_key ] ) && is_array( $_FILES[ $meta_key ] ) ) { |
|---|
| 914 | if ( ! empty( $_FILES[ $meta_key ]['name'] ) ) { |
|---|
| 915 | // Upload the file and save it as an attachment. |
|---|
| 916 | $file_post_id = $wpmem->forms->do_file_upload( $_FILES[ $meta_key ], $user_id ); |
|---|
| 917 | // Save the attachment ID as user meta. |
|---|
| 918 | update_user_meta( $user_id, $meta_key, $file_post_id ); |
|---|
| 919 | // Add attachment ID to post data array. |
|---|
| 920 | $this->post_data[ $meta_key ] = $file_post_id; |
|---|
| 921 | /** |
|---|
| 922 | * User uploaded file. |
|---|
| 923 | * |
|---|
| 924 | * @since 3.4.7 |
|---|
| 925 | * |
|---|
| 926 | * @param int $user_id |
|---|
| 927 | * @param string $meta_key |
|---|
| 928 | * @param string $file_post_id |
|---|
| 929 | */ |
|---|
| 930 | do_action( 'wpmem_file_uploaded', $user_id, $meta_key, $file_post_id ); |
|---|
| 931 | } |
|---|
| 932 | } |
|---|
| 933 | } |
|---|
| 934 | } |
|---|
| 935 | |
|---|
| 936 | /** |
|---|
| 937 | * Get user data for all fields in WP-Members. |
|---|
| 938 | * |
|---|
| 939 | * Retrieves user data for all WP-Members fields (and WP default fields) |
|---|
| 940 | * in an array keyed by WP-Members field meta keys. |
|---|
| 941 | * |
|---|
| 942 | * @since 3.2.0 |
|---|
| 943 | * @since 3.2.6 Added option for "all" fields (default:false). |
|---|
| 944 | * |
|---|
| 945 | * @param string $user_id optional (defaults to current user) |
|---|
| 946 | * @param string $all optional (default to false) |
|---|
| 947 | * @return array $user_fields |
|---|
| 948 | */ |
|---|
| 949 | public function user_data( $user_id = false, $all = false ) { |
|---|
| 950 | $user_id = ( $user_id ) ? $user_id : get_current_user_id(); |
|---|
| 951 | if ( true == $all ) { |
|---|
| 952 | $user_info = get_user_meta( $user_id ); |
|---|
| 953 | foreach( $user_info as $key => $value ) { |
|---|
| 954 | $formatted = maybe_unserialize( $value[0] ); |
|---|
| 955 | $user_fields[ $key ] = $formatted; |
|---|
| 956 | } |
|---|
| 957 | } else { |
|---|
| 958 | $fields = wpmem_fields(); |
|---|
| 959 | $user_data = get_userdata( $user_id ); |
|---|
| 960 | $excludes = array( 'first_name', 'last_name', 'description', 'nickname' ); |
|---|
| 961 | foreach ( $fields as $meta => $field ) { |
|---|
| 962 | $meta = ( 'username' == $meta ) ? 'user_login' : $meta; |
|---|
| 963 | if ( $field['native'] == 1 && ! in_array( $meta, $excludes ) ) { |
|---|
| 964 | $user_fields[ $meta ] = $user_data->data->{$meta}; |
|---|
| 965 | } else { |
|---|
| 966 | $user_fields[ $meta ] = get_user_meta( $user_id, $meta, true ); |
|---|
| 967 | } |
|---|
| 968 | } |
|---|
| 969 | } |
|---|
| 970 | return $user_fields; |
|---|
| 971 | } |
|---|
| 972 | |
|---|
| 973 | /** |
|---|
| 974 | * Sets the role for the specified user. |
|---|
| 975 | * |
|---|
| 976 | * @since 3.2.0 |
|---|
| 977 | * |
|---|
| 978 | * @param integer $user_id |
|---|
| 979 | * @param string $role |
|---|
| 980 | * @param string $action (set|add|remove) |
|---|
| 981 | */ |
|---|
| 982 | public function update_user_role( $user_id, $role, $action = 'set' ) { |
|---|
| 983 | $user = new WP_User( $user_id ); |
|---|
| 984 | switch ( $action ) { |
|---|
| 985 | case 'add': |
|---|
| 986 | $user->add_role( $role ); |
|---|
| 987 | break; |
|---|
| 988 | case 'remove': |
|---|
| 989 | $user->remove_role( $role ); |
|---|
| 990 | break; |
|---|
| 991 | default: |
|---|
| 992 | $user->set_role( $role ); |
|---|
| 993 | break; |
|---|
| 994 | } |
|---|
| 995 | } |
|---|
| 996 | |
|---|
| 997 | /** |
|---|
| 998 | * Sets a user's password. |
|---|
| 999 | * |
|---|
| 1000 | * @since 3.2.3 |
|---|
| 1001 | * |
|---|
| 1002 | * @param int $user_id |
|---|
| 1003 | * @param string $password |
|---|
| 1004 | */ |
|---|
| 1005 | public function set_password( $user_id, $password ) { |
|---|
| 1006 | wp_set_password( $password, $user_id ); |
|---|
| 1007 | } |
|---|
| 1008 | |
|---|
| 1009 | /** |
|---|
| 1010 | * Sets user as logged on password change. |
|---|
| 1011 | * |
|---|
| 1012 | * (Hooked to wpmem_pwd_change) |
|---|
| 1013 | * |
|---|
| 1014 | * @since 3.2.0 |
|---|
| 1015 | * |
|---|
| 1016 | * @param int $user_id |
|---|
| 1017 | * @param string $password |
|---|
| 1018 | */ |
|---|
| 1019 | public function set_as_logged_in( $user_id ) { |
|---|
| 1020 | $user = get_user_by( 'id', $user_id ); |
|---|
| 1021 | wp_set_current_user( $user_id, $user->user_login ); |
|---|
| 1022 | wp_set_auth_cookie( $user_id, wpmem_get( 'rememberme', false, 'request' ) ); |
|---|
| 1023 | } |
|---|
| 1024 | |
|---|
| 1025 | /** |
|---|
| 1026 | * Validates user access to content. |
|---|
| 1027 | * |
|---|
| 1028 | * @since 3.2.0 |
|---|
| 1029 | * @todo Currently checks in this order: expiration, role, "other". If expiration product, |
|---|
| 1030 | * and the user is current, then access is granted. This doesn't consider if the |
|---|
| 1031 | * user is current but does not have a required role (if BOTH an expiration and role |
|---|
| 1032 | * product). Maybe add role checking to the expiration block if both exist. |
|---|
| 1033 | * |
|---|
| 1034 | * @global object $wpmem |
|---|
| 1035 | * @param mixed $membership Accepts a single membership slug/meta, or an array of multiple memberships. |
|---|
| 1036 | * @param int $user_id (optional) |
|---|
| 1037 | * @return bool $access |
|---|
| 1038 | */ |
|---|
| 1039 | public function has_access( $membership, $user_id = false ) { |
|---|
| 1040 | global $wpmem; |
|---|
| 1041 | if ( ! is_user_logged_in() && ! $user_id ) { |
|---|
| 1042 | return false; |
|---|
| 1043 | } |
|---|
| 1044 | |
|---|
| 1045 | // Product must be an array. |
|---|
| 1046 | $membership_array = ( ! is_array( $membership ) ) ? explode( ",", $membership ) : $membership; |
|---|
| 1047 | |
|---|
| 1048 | $membership_array = $this->get_membership_stack( $membership_array ); |
|---|
| 1049 | |
|---|
| 1050 | // Current user or requested user. |
|---|
| 1051 | $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id; |
|---|
| 1052 | |
|---|
| 1053 | // Load user memberships array. |
|---|
| 1054 | $memberships = ( false == $user_id ) ? $this->access : wpmem_get_user_memberships( $user_id ); |
|---|
| 1055 | |
|---|
| 1056 | // Start by assuming no access. |
|---|
| 1057 | $access = false; |
|---|
| 1058 | |
|---|
| 1059 | // Start checking memberships. If the user has a valid membership, quit checking. |
|---|
| 1060 | foreach ( $membership_array as $prod ) { |
|---|
| 1061 | $expiration_product = false; |
|---|
| 1062 | $role_product = false; |
|---|
| 1063 | // Does the user have this membership? |
|---|
| 1064 | if ( isset( $memberships[ $prod ] ) ) { |
|---|
| 1065 | // Is this an expiration membership? |
|---|
| 1066 | if ( isset( $wpmem->membership->memberships[ $prod ]['expires'][0] ) && ! is_bool( $memberships[ $prod ] ) ) { |
|---|
| 1067 | $expiration_product = true; |
|---|
| 1068 | if ( $this->is_current( $memberships[ $prod ] ) ) { |
|---|
| 1069 | $access = true; |
|---|
| 1070 | break; |
|---|
| 1071 | } |
|---|
| 1072 | } |
|---|
| 1073 | // Is this a role membership? |
|---|
| 1074 | if ( '' != wpmem_get_membership_role( $prod ) ) { |
|---|
| 1075 | $role_product = true; |
|---|
| 1076 | if ( $memberships[ $prod ] && wpmem_user_has_role( wpmem_get_membership_role( $prod ) ) ) { |
|---|
| 1077 | if ( $expiration_product && ! $this->is_current( $memberships[ $prod ] ) ) { |
|---|
| 1078 | $access = false; |
|---|
| 1079 | break; |
|---|
| 1080 | } |
|---|
| 1081 | $access = true; |
|---|
| 1082 | break; |
|---|
| 1083 | } |
|---|
| 1084 | } |
|---|
| 1085 | if ( ! $expiration_product && ! $role_product && $memberships[ $prod ] ) { |
|---|
| 1086 | $access = true; |
|---|
| 1087 | break; |
|---|
| 1088 | } |
|---|
| 1089 | } |
|---|
| 1090 | } |
|---|
| 1091 | |
|---|
| 1092 | /** |
|---|
| 1093 | * Filter the access result. |
|---|
| 1094 | * |
|---|
| 1095 | * @since 3.2.0 |
|---|
| 1096 | * @since 3.2.3 Added $membership argument. |
|---|
| 1097 | * |
|---|
| 1098 | * @param boolean $access |
|---|
| 1099 | * @param array $membership |
|---|
| 1100 | * @param integer $user_id |
|---|
| 1101 | */ |
|---|
| 1102 | return apply_filters( 'wpmem_user_has_access', $access, $membership_array, $user_id ); |
|---|
| 1103 | |
|---|
| 1104 | } |
|---|
| 1105 | |
|---|
| 1106 | /** |
|---|
| 1107 | * Gets membership hierarchy (if any). |
|---|
| 1108 | * |
|---|
| 1109 | * Replaces original get_product_children() from 3.4.0 which was not as scalable. |
|---|
| 1110 | * |
|---|
| 1111 | * @since 3.4.1 |
|---|
| 1112 | * |
|---|
| 1113 | * @global stdClass $wpmem |
|---|
| 1114 | * @param array $membership_array |
|---|
| 1115 | * $return array $membership_array Product array with child products added. |
|---|
| 1116 | */ |
|---|
| 1117 | public function get_membership_stack( $membership_array ) { |
|---|
| 1118 | |
|---|
| 1119 | global $wpdb, $wpmem; |
|---|
| 1120 | |
|---|
| 1121 | $membership_ids = wpmem_get_memberships_ids(); |
|---|
| 1122 | foreach ( $membership_array as $membership ) { |
|---|
| 1123 | // If the membership exists, check for child/parent relationships (if it doesn't exist and we didn't check here, we'd throw an undefined index error). |
|---|
| 1124 | if ( isset( $membership_ids[ $membership ] ) ) { |
|---|
| 1125 | // Do we need child access? |
|---|
| 1126 | $child_access = get_post_meta( $membership_ids[ $membership ], 'wpmem_product_child_access', true ); |
|---|
| 1127 | if ( 1 == $child_access ) { |
|---|
| 1128 | $args = array( |
|---|
| 1129 | 'post_type' => $wpmem->membership->post_type, |
|---|
| 1130 | 'post_parent' => $membership_ids[ $membership ], // Current post's ID |
|---|
| 1131 | ); |
|---|
| 1132 | //Replaces use of get_children, which unfortunately causes an infinite loop. |
|---|
| 1133 | $sql = 'SELECT post_name FROM ' . $wpdb->prefix . 'posts WHERE post_type = "' . esc_sql( $args['post_type'] ) . '" AND post_parent = "' . esc_sql( $args['post_parent'] ) . '";'; |
|---|
| 1134 | $children = $wpdb->get_results( $sql ); |
|---|
| 1135 | if ( ! empty( $children ) ) { |
|---|
| 1136 | foreach ( $children as $child ) { |
|---|
| 1137 | $membership_array[] = $child->post_name; |
|---|
| 1138 | } |
|---|
| 1139 | } |
|---|
| 1140 | } |
|---|
| 1141 | // Ancestor access is by default. |
|---|
| 1142 | $ancestors = get_post_ancestors( $membership_ids[ $membership ] ); |
|---|
| 1143 | if ( ! empty( $ancestors ) ) { |
|---|
| 1144 | foreach ( $ancestors as $ancestor ) { |
|---|
| 1145 | $membership_array[] = get_post_field( 'post_name', $ancestor ); |
|---|
| 1146 | } |
|---|
| 1147 | } |
|---|
| 1148 | } |
|---|
| 1149 | } |
|---|
| 1150 | return $membership_array; |
|---|
| 1151 | } |
|---|
| 1152 | |
|---|
| 1153 | /** |
|---|
| 1154 | * Loads anything the user has access to. |
|---|
| 1155 | * |
|---|
| 1156 | * @since 3.2.0 |
|---|
| 1157 | * @since 3.2.6 Updated to return empty array if no products exist for this user. |
|---|
| 1158 | * @since 3.3.0 Updated to use individual meta for product access. |
|---|
| 1159 | * |
|---|
| 1160 | * @global object $wpmem |
|---|
| 1161 | * |
|---|
| 1162 | * @param int $user_id |
|---|
| 1163 | * @param stdClass $obj |
|---|
| 1164 | * @return array $memberships { |
|---|
| 1165 | * Memberships the user has as an array keyed by the membership slug. |
|---|
| 1166 | * Memberships the user does not have enabled are not in the array. |
|---|
| 1167 | * If a memberships is an expiration product, the expiration is the |
|---|
| 1168 | * value as a timestamp (epoch time). Note that access can be checked |
|---|
| 1169 | * with wpmem_user_has_access() or wpmem_user_is_expired(). |
|---|
| 1170 | * |
|---|
| 1171 | * @type mixed 1|timestamp |
|---|
| 1172 | * } |
|---|
| 1173 | */ |
|---|
| 1174 | function get_user_products( $user_id = false, $obj = false ) { |
|---|
| 1175 | global $wpmem; |
|---|
| 1176 | $membership_array = ( $obj ) ? $obj->membership->memberships : ( ( isset( $wpmem->membership->memberships ) ) ? $wpmem->membership->memberships : array() ); |
|---|
| 1177 | $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id; |
|---|
| 1178 | foreach ( $membership_array as $membership_meta => $membership ) { |
|---|
| 1179 | $user_product = get_user_meta( $user_id, '_wpmem_products_' . $membership_meta, true ); |
|---|
| 1180 | if ( $user_product ) { |
|---|
| 1181 | $memberships[ $membership_meta ] = $user_product; |
|---|
| 1182 | } |
|---|
| 1183 | $user_product = ''; |
|---|
| 1184 | } |
|---|
| 1185 | return ( isset( $memberships ) ) ? $memberships : array(); |
|---|
| 1186 | } |
|---|
| 1187 | |
|---|
| 1188 | /** |
|---|
| 1189 | * Sets a product as active for a user. |
|---|
| 1190 | * |
|---|
| 1191 | * If the product expires, it sets an expiration date |
|---|
| 1192 | * based on the time period. Otherwise the value is |
|---|
| 1193 | * set to "true" (which does not expire). |
|---|
| 1194 | * |
|---|
| 1195 | * @since 3.2.0 |
|---|
| 1196 | * @since 3.2.6 Added $date to set a specific expiration date. |
|---|
| 1197 | * @since 3.3.0 Updated to new single meta, keeps legacy array for rollback. |
|---|
| 1198 | * @since 3.3.1 Added no gap renewal option. |
|---|
| 1199 | * |
|---|
| 1200 | * @param string $membership |
|---|
| 1201 | * @param int $user_id |
|---|
| 1202 | * @param string $set_date Formatted date should be MySQL timestamp, or simply YYYY-MM-DD. |
|---|
| 1203 | */ |
|---|
| 1204 | function set_user_product( $membership, $user_id = false, $set_date = false ) { |
|---|
| 1205 | |
|---|
| 1206 | global $wpmem; |
|---|
| 1207 | |
|---|
| 1208 | $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id; |
|---|
| 1209 | |
|---|
| 1210 | // New single meta format. @todo This remains when legacy array is removed. |
|---|
| 1211 | $prev_value = get_user_meta( $user_id, '_wpmem_products_' . $membership, true ); |
|---|
| 1212 | |
|---|
| 1213 | // Convert date to add. |
|---|
| 1214 | $expiration_period = ( isset( $wpmem->membership->memberships[ $membership ]['expires'] ) ) ? $wpmem->membership->memberships[ $membership ]['expires'] : false; |
|---|
| 1215 | |
|---|
| 1216 | $renew = ( $prev_value ) ? true : false; |
|---|
| 1217 | |
|---|
| 1218 | // If membership is an expiration product. |
|---|
| 1219 | if ( is_array( $expiration_period ) ) { |
|---|
| 1220 | $new_value = wpmem_generate_membership_expiration_date( $membership, $user_id, $set_date, $prev_value, $renew ); |
|---|
| 1221 | } else { |
|---|
| 1222 | $new_value = true; |
|---|
| 1223 | } |
|---|
| 1224 | |
|---|
| 1225 | // Update product setting. |
|---|
| 1226 | update_user_meta( $user_id, '_wpmem_products_' . $membership, $new_value ); |
|---|
| 1227 | |
|---|
| 1228 | // Update the legacy setting. |
|---|
| 1229 | $user_products = get_user_meta( $user_id, '_wpmem_products', true ); |
|---|
| 1230 | $user_products = ( $user_products ) ? $user_products : array(); |
|---|
| 1231 | $user_products[ $membership ] = ( true === $new_value ) ? true : date( 'Y-m-d H:i:s', $new_value ); |
|---|
| 1232 | update_user_meta( $user_id, '_wpmem_products', $user_products ); |
|---|
| 1233 | |
|---|
| 1234 | /** |
|---|
| 1235 | * Fires when a user product has been set. |
|---|
| 1236 | * |
|---|
| 1237 | * @since 3.3.0 |
|---|
| 1238 | * |
|---|
| 1239 | * @param int $user_id |
|---|
| 1240 | * @param string $membership |
|---|
| 1241 | * @param mixed $new_value |
|---|
| 1242 | * @param string $prev_value |
|---|
| 1243 | * @param bool $renew |
|---|
| 1244 | */ |
|---|
| 1245 | do_action( 'wpmem_user_product_set', $user_id, $membership, $new_value, $prev_value, $renew ); |
|---|
| 1246 | |
|---|
| 1247 | } |
|---|
| 1248 | |
|---|
| 1249 | /** |
|---|
| 1250 | * Removes a product from a user. |
|---|
| 1251 | * |
|---|
| 1252 | * @since 3.2.0 |
|---|
| 1253 | * @since 3.3.0 Updated for new single meta, keeps legacy array for rollback. |
|---|
| 1254 | * |
|---|
| 1255 | * @param string $membership |
|---|
| 1256 | * @param int $user_id |
|---|
| 1257 | */ |
|---|
| 1258 | function remove_user_product( $membership, $user_id = false ) { |
|---|
| 1259 | global $wpmem; |
|---|
| 1260 | $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id; |
|---|
| 1261 | |
|---|
| 1262 | // @todo Legacy version. |
|---|
| 1263 | $user_products = get_user_meta( $user_id, '_wpmem_products', true ); |
|---|
| 1264 | $user_products = ( $user_products ) ? $user_products : array(); |
|---|
| 1265 | if ( $user_products ) { |
|---|
| 1266 | unset( $user_products[ $membership ] ); |
|---|
| 1267 | update_user_meta( $user_id, '_wpmem_products', $user_products ); |
|---|
| 1268 | } |
|---|
| 1269 | |
|---|
| 1270 | // @todo New version. |
|---|
| 1271 | return delete_user_meta( $user_id, '_wpmem_products_' . $membership ); |
|---|
| 1272 | } |
|---|
| 1273 | |
|---|
| 1274 | /** |
|---|
| 1275 | * Utility for expiration validation. |
|---|
| 1276 | * |
|---|
| 1277 | * @since 3.2.0 |
|---|
| 1278 | * @since 3.3.0 Validates date or epoch time. |
|---|
| 1279 | * |
|---|
| 1280 | * @param date $date |
|---|
| 1281 | */ |
|---|
| 1282 | function is_current( $date ) { |
|---|
| 1283 | $date = ( is_numeric( $date ) ) ? $date : strtotime( $date ); |
|---|
| 1284 | return ( time() < $date ) ? true : false; |
|---|
| 1285 | } |
|---|
| 1286 | |
|---|
| 1287 | /** |
|---|
| 1288 | * Check if a user is activated. |
|---|
| 1289 | * |
|---|
| 1290 | * @since 3.2.2 |
|---|
| 1291 | * |
|---|
| 1292 | * @param int $user_id |
|---|
| 1293 | * @return bool $active |
|---|
| 1294 | */ |
|---|
| 1295 | function is_user_activated( $user_id = false ) { |
|---|
| 1296 | $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id; |
|---|
| 1297 | $active = get_user_meta( $user_id, 'active', true ); |
|---|
| 1298 | $is_activated = ( 1 == $active ) ? true : false; |
|---|
| 1299 | /** |
|---|
| 1300 | * Filter whether the user is active or not. |
|---|
| 1301 | * |
|---|
| 1302 | * @since 3.3.5 |
|---|
| 1303 | * |
|---|
| 1304 | * @param bool $is_activated |
|---|
| 1305 | * @param int $user_id |
|---|
| 1306 | */ |
|---|
| 1307 | return apply_filters( 'wpmem_is_user_activated', $is_activated, $user_id ); |
|---|
| 1308 | } |
|---|
| 1309 | |
|---|
| 1310 | /** |
|---|
| 1311 | * Checks if a user is activated during user authentication. |
|---|
| 1312 | * |
|---|
| 1313 | * @since 2.7.1 |
|---|
| 1314 | * @since 3.2.0 Moved from core to user object. |
|---|
| 1315 | * |
|---|
| 1316 | * @param object $user The WordPress User object. |
|---|
| 1317 | * @param string $username The user's username (user_login). |
|---|
| 1318 | * @param string $password The user's password. |
|---|
| 1319 | * @return object $user The WordPress User object. |
|---|
| 1320 | */ |
|---|
| 1321 | function check_activated( $user, $username, $password ) { |
|---|
| 1322 | if ( ! is_wp_error( $user ) && ! is_null( $user ) && false == $this->is_user_activated( $user->ID ) ) { |
|---|
| 1323 | $msg = sprintf( wpmem_get_text( 'user_not_activated' ), '<strong>', '</strong>' ); |
|---|
| 1324 | /** |
|---|
| 1325 | * Filter the activation message. |
|---|
| 1326 | * |
|---|
| 1327 | * @since 3.5.0 |
|---|
| 1328 | * |
|---|
| 1329 | * @param string |
|---|
| 1330 | */ |
|---|
| 1331 | $msg = apply_filters( 'wpmem_user_not_activated_msg', $msg ); |
|---|
| 1332 | $user = new WP_Error( 'authentication_failed', $msg ); |
|---|
| 1333 | } |
|---|
| 1334 | /** |
|---|
| 1335 | * Filters the check_validated result. |
|---|
| 1336 | * |
|---|
| 1337 | * @since 3.4.2 |
|---|
| 1338 | * |
|---|
| 1339 | * @param mixed $user |
|---|
| 1340 | * @param string $username |
|---|
| 1341 | * @param string $password |
|---|
| 1342 | */ |
|---|
| 1343 | return apply_filters( 'wpmem_check_activated', $user, $username, $password ); |
|---|
| 1344 | } |
|---|
| 1345 | |
|---|
| 1346 | /** |
|---|
| 1347 | * Prevents users not activated from resetting their password. |
|---|
| 1348 | * |
|---|
| 1349 | * @since 2.5.1 |
|---|
| 1350 | * @since 3.2.0 Moved to user object, renamed no_reset(). |
|---|
| 1351 | * |
|---|
| 1352 | * @return bool Returns false if the user is not activated, otherwise true. |
|---|
| 1353 | */ |
|---|
| 1354 | function no_reset() { |
|---|
| 1355 | global $wpmem; |
|---|
| 1356 | $raw_val = wpmem_get( 'user_login', false ); |
|---|
| 1357 | if ( $raw_val ) { |
|---|
| 1358 | if ( strpos( $raw_val, '@' ) ) { |
|---|
| 1359 | $user = get_user_by( 'email', sanitize_email( $raw_val ) ); |
|---|
| 1360 | } else { |
|---|
| 1361 | $username = sanitize_user( $raw_val ); |
|---|
| 1362 | $user = get_user_by( 'login', $username ); |
|---|
| 1363 | } |
|---|
| 1364 | if ( $wpmem->mod_reg == 1 ) { |
|---|
| 1365 | if ( get_user_meta( $user->ID, 'active', true ) != 1 ) { |
|---|
| 1366 | return false; |
|---|
| 1367 | } |
|---|
| 1368 | } |
|---|
| 1369 | } |
|---|
| 1370 | |
|---|
| 1371 | return true; |
|---|
| 1372 | } |
|---|
| 1373 | |
|---|
| 1374 | /** |
|---|
| 1375 | * Set expiration for PayPal Subscriptions extension. |
|---|
| 1376 | * |
|---|
| 1377 | * @since 3.3.0 |
|---|
| 1378 | * |
|---|
| 1379 | * @global object $wpmem |
|---|
| 1380 | * |
|---|
| 1381 | * @param int $user_id |
|---|
| 1382 | */ |
|---|
| 1383 | function set_user_exp( $user_id ) { |
|---|
| 1384 | global $wpmem; |
|---|
| 1385 | // Set user expiration, if used. |
|---|
| 1386 | if ( 1 == $wpmem->use_exp && 1 != $wpmem->mod_reg ) { |
|---|
| 1387 | if ( function_exists( 'wpmem_set_exp' ) ) { |
|---|
| 1388 | wpmem_set_exp( $user_id ); |
|---|
| 1389 | } |
|---|
| 1390 | } |
|---|
| 1391 | } |
|---|
| 1392 | |
|---|
| 1393 | /** |
|---|
| 1394 | * Sets default membership product access (if applicable). |
|---|
| 1395 | * |
|---|
| 1396 | * @since 3.3.0 |
|---|
| 1397 | * |
|---|
| 1398 | * @global object $wpmem |
|---|
| 1399 | * |
|---|
| 1400 | * @param int $user_id |
|---|
| 1401 | */ |
|---|
| 1402 | function set_default_product( $user_id ) { |
|---|
| 1403 | global $wpmem; |
|---|
| 1404 | |
|---|
| 1405 | // Get default memberships. |
|---|
| 1406 | $default_products = $wpmem->membership->get_default_products(); |
|---|
| 1407 | |
|---|
| 1408 | // Assign any default memberships to user. |
|---|
| 1409 | foreach ( $default_products as $membership ) { |
|---|
| 1410 | wpmem_set_user_product( $membership, $user_id ); |
|---|
| 1411 | } |
|---|
| 1412 | } |
|---|
| 1413 | |
|---|
| 1414 | /** |
|---|
| 1415 | * Checks user file upload folder for an index.php file. |
|---|
| 1416 | * |
|---|
| 1417 | * @since 3.4.9.4 |
|---|
| 1418 | * |
|---|
| 1419 | * @param int $user_id |
|---|
| 1420 | * @param string $meta_key |
|---|
| 1421 | * @param string $file_post_id |
|---|
| 1422 | */ |
|---|
| 1423 | public function check_folder_for_index( $user_id, $meta_key, $file_post_id ) { |
|---|
| 1424 | $upload_vars = wp_upload_dir( null, false ); |
|---|
| 1425 | wpmem_create_file( array( |
|---|
| 1426 | 'path' => $upload_vars['path'], |
|---|
| 1427 | 'name' => 'index.php', |
|---|
| 1428 | 'contents' => "<?php // Silence is golden." |
|---|
| 1429 | ) ); |
|---|
| 1430 | } |
|---|
| 1431 | } |
|---|