User registration & user profile – Profile Builder - Version 2.0.3

Version Description

Fixed bug that made radio buttons field types not to throw error when they are required Fixed XSS security vulnerability in fallback-page.php Reintroduced the filters:'wppb_generated_random_username', 'wppb_userlisting_extra_meta_email' and 'wppb_userlisting_extra_meta_user_name' Fixed the bug when changing the password in a edit profile form we were logged out

Download this release

Release Info

Developer reflectionmedia
Plugin Icon 128x128 User registration & user profile – Profile Builder
Version 2.0.3
Comparing to
See all releases

Code changes from version 2.0.2 to 2.0.3

Files changed (6) hide show
  1. assets/misc/fallback-page.php +29 -29
  2. features/email-confirmation/email-confirmation.php +5 -1
  3. front-end/class-formbuilder.php +2 -2
  4. front-end/register.php +0 -13
  5. index.php +2 -2
  6. readme.txt +7 -1
assets/misc/fallback-page.php CHANGED
@@ -1,30 +1,30 @@
1
- <?php
2
- /*
3
- //load WP if needed
4
- $path_to_wp_install_dir = '';
5
- include_once ( $path_to_wp_install_dir.'wp-load.php' );
6
- */
7
-
8
- $activation_key = ( isset( $_GET['activation_key'] ) ? urldecode( $_GET['activation_key'] ) : '' );
9
- $site_name = ( isset( $_GET['site_name'] ) ? urldecode( $_GET['site_name'] ) : '' );
10
- $site_url = ( isset( $_GET['site_url'] ) ? urldecode( $_GET['site_url'] ) : '' );
11
- $message = ( isset( $_GET['message'] ) ? urldecode( $_GET['message'] ) : '' );
12
- ?>
13
-
14
- <html>
15
- <head>
16
- <style type="text/css">
17
- body {font-family:Arial; padding: 5px; margin-top:100px; text-align: center;}
18
- </style>
19
-
20
- <title><?php echo $site_name; ?></title>
21
- </head>
22
-
23
- <body id="wppb_content">
24
- <h1><?php echo $site_name; ?></h1>
25
-
26
- <?php echo $message; ?>
27
-
28
- <?php echo 'Click <a href="'.$site_url.'">here</a> to return to the main site'; ?>
29
- </body>
30
  </html>
1
+ <?php
2
+ /*
3
+ //load WP if needed
4
+ $path_to_wp_install_dir = '';
5
+ include_once ( $path_to_wp_install_dir.'wp-load.php' );
6
+ */
7
+
8
+ $activation_key = ( isset( $_GET['activation_key'] ) ? urldecode( $_GET['activation_key'] ) : '' );
9
+ $site_name = ( isset( $_GET['site_name'] ) ? urldecode( $_GET['site_name'] ) : '' );
10
+ $site_url = ( isset( $_GET['site_url'] ) ? urldecode( $_GET['site_url'] ) : '' );
11
+ $message = ( isset( $_GET['message'] ) ? urldecode( $_GET['message'] ) : '' );
12
+ ?>
13
+
14
+ <html>
15
+ <head>
16
+ <style type="text/css">
17
+ body {font-family:Arial; padding: 5px; margin-top:100px; text-align: center;}
18
+ </style>
19
+
20
+ <title><?php echo htmlspecialchars( $site_name, ENT_QUOTES ); ?></title>
21
+ </head>
22
+
23
+ <body id="wppb_content">
24
+ <h1><?php echo htmlspecialchars( $site_name, ENT_QUOTES ); ?></h1>
25
+
26
+ <?php echo '<p>'. htmlspecialchars( strip_tags( $message ) ). '</p>'; ?>
27
+
28
+ <?php echo 'Click <a href="'. htmlspecialchars( $site_url, ENT_QUOTES ) .'">here</a> to return to the main site'; ?>
29
+ </body>
30
  </html>
features/email-confirmation/email-confirmation.php CHANGED
@@ -421,7 +421,11 @@ function wppb_manual_activate_signup( $activation_key ) {
421
  * @return mixed Returns false on failure, or int $user_id on success
422
  */
423
  function wppb_create_user( $user_name, $password, $email) {
424
- $user_name = preg_replace( '/\s+/', '', sanitize_user( $user_name, true ) );
 
 
 
 
425
 
426
  $user_id = wp_create_user( $user_name, $password, $email );
427
  if ( is_wp_error($user_id) )
421
  * @return mixed Returns false on failure, or int $user_id on success
422
  */
423
  function wppb_create_user( $user_name, $password, $email) {
424
+ if( is_email( $user_name ) )
425
+ $user_name = apply_filters( 'wppb_generated_random_username', Wordpress_Creation_Kit_PB::wck_generate_slug( trim( $user_name ) ), $user_name );
426
+ else
427
+ $user_name = preg_replace( '/\s+/', '', sanitize_user( $user_name, true ) );
428
+
429
 
430
  $user_id = wp_create_user( $user_name, $password, $email );
431
  if ( is_wp_error($user_id) )
front-end/class-formbuilder.php CHANGED
@@ -156,7 +156,7 @@ class Profile_Builder_Form_Creator{
156
  $password = trim( $_POST['passw1'] );
157
 
158
  if( isset( $wppb_general_settings['loginWith'] ) && ( $wppb_general_settings['loginWith'] == 'email' ) ){
159
- $username = Wordpress_Creation_Kit_PB::wck_generate_slug( trim( $_POST['email'] ) );
160
  }
161
 
162
  /* get user id */
@@ -358,7 +358,7 @@ class Profile_Builder_Form_Creator{
358
 
359
  $wppb_general_settings = get_option( 'wppb_general_settings' );
360
  if( isset( $wppb_general_settings['loginWith'] ) && ( $wppb_general_settings['loginWith'] == 'email' ) ){
361
- $userdata['user_login'] = Wordpress_Creation_Kit_PB::wck_generate_slug( trim( $userdata['user_email'] ) );
362
  }
363
 
364
  if( $this->args['form_type'] == 'register' ){
156
  $password = trim( $_POST['passw1'] );
157
 
158
  if( isset( $wppb_general_settings['loginWith'] ) && ( $wppb_general_settings['loginWith'] == 'email' ) ){
159
+ $username = apply_filters( 'wppb_generated_random_username', Wordpress_Creation_Kit_PB::wck_generate_slug( trim( $_POST['email'] ) ), $_POST['email'] );
160
  }
161
 
162
  /* get user id */
358
 
359
  $wppb_general_settings = get_option( 'wppb_general_settings' );
360
  if( isset( $wppb_general_settings['loginWith'] ) && ( $wppb_general_settings['loginWith'] == 'email' ) ){
361
+ $userdata['user_login'] = apply_filters( 'wppb_generated_random_username', Wordpress_Creation_Kit_PB::wck_generate_slug( trim( $userdata['user_email'] ) ), $userdata['user_email'] );
362
  }
363
 
364
  if( $this->args['form_type'] == 'register' ){
front-end/register.php CHANGED
@@ -28,19 +28,6 @@ function signup_password_random_password_filter( $password ) {
28
  }
29
  add_filter( 'random_password', 'signup_password_random_password_filter' );
30
 
31
- function wppb_generate_random_username( $user_email ){
32
- $user_email = str_replace( array( '@', '-', '_', '.' ), '', $user_email );
33
-
34
- $username = strtolower( 'pbuser'.$email.mktime( date("H"), date("i"), date("s"), date("n"), date("j"), date("Y") ) );
35
-
36
- while ( username_exists( $username ) ){
37
- $username = strtolower( 'pbuser'.$email.mktime( date("H"), date("i"), date("s"), date("n"), date("j"), date("Y") ) );
38
- }
39
-
40
- return apply_filters( 'wppb_generated_random_username', $username, $user_email );
41
- }
42
-
43
-
44
  /**
45
  * Activate a signup.
46
  *
28
  }
29
  add_filter( 'random_password', 'signup_password_random_password_filter' );
30
 
 
 
 
 
 
 
 
 
 
 
 
 
 
31
  /**
32
  * Activate a signup.
33
  *
index.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: Profile Builder
4
  Plugin URI: http://www.cozmoslabs.com/wordpress-profile-builder/
5
  Description: Login, registration and edit profile shortcodes for the front-end. Also you can chose what fields should be displayed or add new (custom) ones both in the front-end and in the dashboard.
6
- Version: 2.0.2
7
  Author: Cozmoslabs, Madalin Ungureanu, Antohe Cristian, Barina Gabriel
8
  Author URI: http://www.cozmoslabs.com/
9
  License: GPL2
@@ -52,7 +52,7 @@ function wppb_return_bytes( $val ) {
52
  *
53
  *
54
  */
55
- define( 'PROFILE_BUILDER_VERSION', '2.0.2' );
56
  define( 'WPPB_PLUGIN_DIR', WP_PLUGIN_DIR . '/' . dirname( plugin_basename( __FILE__ ) ) );
57
  define( 'WPPB_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
58
  define( 'WPPB_SERVER_MAX_UPLOAD_SIZE_BYTE', apply_filters( 'wppb_server_max_upload_size_byte_constant', wppb_return_bytes( ini_get( 'upload_max_filesize') ) ) );
3
  Plugin Name: Profile Builder
4
  Plugin URI: http://www.cozmoslabs.com/wordpress-profile-builder/
5
  Description: Login, registration and edit profile shortcodes for the front-end. Also you can chose what fields should be displayed or add new (custom) ones both in the front-end and in the dashboard.
6
+ Version: 2.0.3
7
  Author: Cozmoslabs, Madalin Ungureanu, Antohe Cristian, Barina Gabriel
8
  Author URI: http://www.cozmoslabs.com/
9
  License: GPL2
52
  *
53
  *
54
  */
55
+ define( 'PROFILE_BUILDER_VERSION', '2.0.3' );
56
  define( 'WPPB_PLUGIN_DIR', WP_PLUGIN_DIR . '/' . dirname( plugin_basename( __FILE__ ) ) );
57
  define( 'WPPB_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
58
  define( 'WPPB_SERVER_MAX_UPLOAD_SIZE_BYTE', apply_filters( 'wppb_server_max_upload_size_byte_constant', wppb_return_bytes( ini_get( 'upload_max_filesize') ) ) );
readme.txt CHANGED
@@ -6,7 +6,7 @@ Tags: registration, user profile, user registration, custom field registration,
6
 
7
  Requires at least: 3.1
8
  Tested up to: 4.0
9
- Stable tag: 2.0.2
10
 
11
  Simple to use profile plugin allowing front-end login, user registration and edit profile by using shortcodes.
12
 
@@ -102,6 +102,12 @@ This plugin adds/removes user fields in the front-end. Both default and extra pr
102
  9. Recover Password Page
103
 
104
  == Changelog ==
 
 
 
 
 
 
105
  = 2.0.2 =
106
  * Brand new user interface.
107
  * Drag & drop to reorder User Profile Fields.
6
 
7
  Requires at least: 3.1
8
  Tested up to: 4.0
9
+ Stable tag: 2.0.3
10
 
11
  Simple to use profile plugin allowing front-end login, user registration and edit profile by using shortcodes.
12
 
102
  9. Recover Password Page
103
 
104
  == Changelog ==
105
+ = 2.0.3 =
106
+ Fixed bug that made radio buttons field types not to throw error when they are required
107
+ Fixed XSS security vulnerability in fallback-page.php
108
+ Reintroduced the filters:'wppb_generated_random_username', 'wppb_userlisting_extra_meta_email' and 'wppb_userlisting_extra_meta_user_name'
109
+ Fixed the bug when changing the password in a edit profile form we were logged out
110
+
111
  = 2.0.2 =
112
  * Brand new user interface.
113
  * Drag & drop to reorder User Profile Fields.