Version Description
- Fix site crashing on Bluehost
- Add requester IP address to password reset emails
- Fix multisite settings for WP 5.5+
- Default AJAX requests to off
- Bring wp-login.php duplicated code up to date
Download this release
Release Info
Developer | jfarthing84 |
Plugin | Theme My Login |
Version | 7.1.2 |
Comparing to | |
See all releases |
Code changes from version 7.1.1 to 7.1.2
- admin/settings.php +13 -5
- includes/actions.php +2 -5
- includes/compat.php +14 -2
- includes/forms.php +1 -3
- includes/functions.php +1 -1
- includes/options.php +1 -1
- readme.txt +8 -1
- theme-my-login.php +2 -2
admin/settings.php
CHANGED
@@ -138,7 +138,7 @@ function tml_admin_get_settings_fields() {
|
|
138 |
'label_for' => 'tml_ajax',
|
139 |
'label' => __( 'Enable AJAX requests', 'theme-my-login' ),
|
140 |
'value' => '1',
|
141 |
-
'checked' => get_site_option( 'tml_ajax', '
|
142 |
),
|
143 |
),
|
144 |
);
|
@@ -583,14 +583,22 @@ function tml_admin_save_ms_settings() {
|
|
583 |
return;
|
584 |
}
|
585 |
|
586 |
-
|
587 |
$whitelist_options = apply_filters( 'whitelist_options', array() );
|
588 |
|
589 |
-
|
590 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
591 |
}
|
592 |
|
593 |
-
foreach ( $
|
594 |
$option = trim( $option );
|
595 |
$value = null;
|
596 |
if ( isset( $_POST[ $option ] ) ) {
|
138 |
'label_for' => 'tml_ajax',
|
139 |
'label' => __( 'Enable AJAX requests', 'theme-my-login' ),
|
140 |
'value' => '1',
|
141 |
+
'checked' => get_site_option( 'tml_ajax', '0' ),
|
142 |
),
|
143 |
),
|
144 |
);
|
583 |
return;
|
584 |
}
|
585 |
|
586 |
+
/** This filter is documented in wp-admin/options.php */
|
587 |
$whitelist_options = apply_filters( 'whitelist_options', array() );
|
588 |
|
589 |
+
/* This filter is documented in wp-admin/options.php */
|
590 |
+
$allowed_options = apply_filters( 'allowed_options', $whitelist_options );
|
591 |
+
|
592 |
+
if ( ! isset( $allowed_options[ $option_page ] ) ) {
|
593 |
+
wp_die(
|
594 |
+
sprintf(
|
595 |
+
__( '<strong>Error</strong>: Options page %s not found in the options whitelist.' ),
|
596 |
+
'<code>' . esc_html( $option_page ) . '</code>'
|
597 |
+
)
|
598 |
+
);
|
599 |
}
|
600 |
|
601 |
+
foreach ( $allowed_options[ $option_page ] as $option ) {
|
602 |
$option = trim( $option );
|
603 |
$value = null;
|
604 |
if ( isset( $_POST[ $option ] ) ) {
|
includes/actions.php
CHANGED
@@ -509,16 +509,13 @@ function tml_login_handler() {
|
|
509 |
$errors->add( 'registerdisabled', __( 'User registration is currently not allowed.' ) );
|
510 |
|
511 |
} elseif ( isset( $_GET['checkemail'] ) && 'confirm' == $_GET['checkemail'] ) {
|
512 |
-
$errors->add( 'confirm', __( 'Check your email for the confirmation link
|
513 |
-
|
514 |
-
} elseif ( isset( $_GET['checkemail'] ) && 'newpass' == $_GET['checkemail'] ) {
|
515 |
-
$errors->add( 'newpass', __( 'Check your email for your new password.' ), 'message' );
|
516 |
|
517 |
} elseif ( isset( $_GET['checkemail'] ) && 'registered' == $_GET['checkemail'] ) {
|
518 |
if ( tml_allow_user_passwords() ) {
|
519 |
$errors->add( 'registered', __( 'Registration complete. You may now log in.', 'theme-my-login' ), 'message' );
|
520 |
} else {
|
521 |
-
$errors->add( 'registered', __( 'Registration complete. Please check your email
|
522 |
}
|
523 |
|
524 |
} elseif ( isset( $_GET['resetpass'] ) && 'complete' == $_GET['resetpass'] ) {
|
509 |
$errors->add( 'registerdisabled', __( 'User registration is currently not allowed.' ) );
|
510 |
|
511 |
} elseif ( isset( $_GET['checkemail'] ) && 'confirm' == $_GET['checkemail'] ) {
|
512 |
+
$errors->add( 'confirm', sprintf( __( 'Check your email for the confirmation link, then visit the <a href="%s">login page</a>.' ), wp_login_url() ) , 'message' );
|
|
|
|
|
|
|
513 |
|
514 |
} elseif ( isset( $_GET['checkemail'] ) && 'registered' == $_GET['checkemail'] ) {
|
515 |
if ( tml_allow_user_passwords() ) {
|
516 |
$errors->add( 'registered', __( 'Registration complete. You may now log in.', 'theme-my-login' ), 'message' );
|
517 |
} else {
|
518 |
+
$errors->add( 'registered', sprintf( __( 'Registration complete. Please check your email, then visit the <a href="%s">login page</a>.' ), wp_login_url() ), 'message' );
|
519 |
}
|
520 |
|
521 |
} elseif ( isset( $_GET['resetpass'] ) && 'complete' == $_GET['resetpass'] ) {
|
includes/compat.php
CHANGED
@@ -22,7 +22,7 @@ function tml_retrieve_password() {
|
|
22 |
$user_data = false;
|
23 |
|
24 |
if ( empty( $_POST['user_login'] ) || ! is_string( $_POST['user_login'] ) ) {
|
25 |
-
$errors->add( 'empty_username', __( '<strong>Error</strong>:
|
26 |
} elseif ( strpos( $_POST['user_login'], '@' ) ) {
|
27 |
$user_data = get_user_by( 'email', trim( wp_unslash( $_POST['user_login'] ) ) );
|
28 |
if ( empty( $user_data ) ) {
|
@@ -36,6 +36,9 @@ function tml_retrieve_password() {
|
|
36 |
/** This action is documented in wp-login.php */
|
37 |
do_action( 'lostpassword_post', $errors, $user_data );
|
38 |
|
|
|
|
|
|
|
39 |
if ( $errors->get_error_code() ) {
|
40 |
return $errors;
|
41 |
}
|
@@ -89,7 +92,16 @@ function tml_retrieve_password_notification( $user, $key ) {
|
|
89 |
$message .= sprintf( __( 'Username: %s' ), $user->user_login ) . "\r\n\r\n";
|
90 |
$message .= __( 'If this was a mistake, just ignore this email and nothing will happen.' ) . "\r\n\r\n";
|
91 |
$message .= __( 'To reset your password, visit the following address:' ) . "\r\n\r\n";
|
92 |
-
$message .= network_site_url( "wp-login.php?action=rp&key=$key&login=" . rawurlencode( $user->user_login ), 'login' ) . "\r\n";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
93 |
|
94 |
/* translators: Password reset email subject. %s: Site name */
|
95 |
$title = sprintf( __( '[%s] Password Reset' ), $site_name );
|
22 |
$user_data = false;
|
23 |
|
24 |
if ( empty( $_POST['user_login'] ) || ! is_string( $_POST['user_login'] ) ) {
|
25 |
+
$errors->add( 'empty_username', __( '<strong>Error</strong>: Please enter a username or email address.' ) );
|
26 |
} elseif ( strpos( $_POST['user_login'], '@' ) ) {
|
27 |
$user_data = get_user_by( 'email', trim( wp_unslash( $_POST['user_login'] ) ) );
|
28 |
if ( empty( $user_data ) ) {
|
36 |
/** This action is documented in wp-login.php */
|
37 |
do_action( 'lostpassword_post', $errors, $user_data );
|
38 |
|
39 |
+
/** This filter is documented in wp-login.php */
|
40 |
+
$errors = apply_filters( 'lostpassword_errors', $errors, $user_data );
|
41 |
+
|
42 |
if ( $errors->get_error_code() ) {
|
43 |
return $errors;
|
44 |
}
|
92 |
$message .= sprintf( __( 'Username: %s' ), $user->user_login ) . "\r\n\r\n";
|
93 |
$message .= __( 'If this was a mistake, just ignore this email and nothing will happen.' ) . "\r\n\r\n";
|
94 |
$message .= __( 'To reset your password, visit the following address:' ) . "\r\n\r\n";
|
95 |
+
$message .= network_site_url( "wp-login.php?action=rp&key=$key&login=" . rawurlencode( $user->user_login ), 'login' ) . "\r\n\r\n";
|
96 |
+
|
97 |
+
$requester_ip = $_SERVER['REMOTE_ADDR'];
|
98 |
+
if ( $requester_ip ) {
|
99 |
+
$message .= sprintf(
|
100 |
+
/* translators: %s: IP address of password reset requester. */
|
101 |
+
__( 'This password reset request originated from the IP address %s.' ),
|
102 |
+
$requester_ip
|
103 |
+
) . "\r\n";
|
104 |
+
}
|
105 |
|
106 |
/* translators: Password reset email subject. %s: Site name */
|
107 |
$title = sprintf( __( '[%s] Password Reset' ), $site_name );
|
includes/forms.php
CHANGED
@@ -79,9 +79,7 @@ function tml_register_login_form() {
|
|
79 |
|
80 |
tml_add_form_field( 'login', 'redirect_to', array(
|
81 |
'type' => 'hidden',
|
82 |
-
'value' =>
|
83 |
-
! empty( $redirect_to ) ? $redirect_to : admin_url(), $redirect_to, null
|
84 |
-
),
|
85 |
'priority' => 30,
|
86 |
) );
|
87 |
}
|
79 |
|
80 |
tml_add_form_field( 'login', 'redirect_to', array(
|
81 |
'type' => 'hidden',
|
82 |
+
'value' => ! empty( $redirect_to ) ? $redirect_to : admin_url(),
|
|
|
|
|
83 |
'priority' => 30,
|
84 |
) );
|
85 |
}
|
includes/functions.php
CHANGED
@@ -686,7 +686,7 @@ function tml_validate_new_user_password( $errors = null ) {
|
|
686 |
$errors->add( 'password_backslash', __( '<strong>Error</strong>: Passwords may not contain the character "\\".', 'theme-my-login' ) );
|
687 |
|
688 |
} elseif ( $_POST['user_pass1'] !== $_POST['user_pass2'] ) {
|
689 |
-
$errors->add( 'password_mismatch', __( '<strong>Error</strong>: Please enter the same password in both password fields.', 'theme-my-login' ) );
|
690 |
}
|
691 |
}
|
692 |
|
686 |
$errors->add( 'password_backslash', __( '<strong>Error</strong>: Passwords may not contain the character "\\".', 'theme-my-login' ) );
|
687 |
|
688 |
} elseif ( $_POST['user_pass1'] !== $_POST['user_pass2'] ) {
|
689 |
+
$errors->add( 'password_mismatch', __( '<strong>Error</strong>: Passwords don’t match. Please enter the same password in both password fields.', 'theme-my-login' ) );
|
690 |
}
|
691 |
}
|
692 |
|
includes/options.php
CHANGED
@@ -68,7 +68,7 @@ function tml_use_permalinks() {
|
|
68 |
* @return bool Whether forms should use AJAX or not.
|
69 |
*/
|
70 |
function tml_use_ajax() {
|
71 |
-
$use_ajax = get_site_option( 'tml_ajax',
|
72 |
|
73 |
/**
|
74 |
* Filter whether forms should use AJAX or not.
|
68 |
* @return bool Whether forms should use AJAX or not.
|
69 |
*/
|
70 |
function tml_use_ajax() {
|
71 |
+
$use_ajax = get_site_option( 'tml_ajax', false );
|
72 |
|
73 |
/**
|
74 |
* Filter whether forms should use AJAX or not.
|
readme.txt
CHANGED
@@ -2,7 +2,7 @@
|
|
2 |
Contributors: thememylogin, jfarthing84
|
3 |
Tags: login, register, password, branding, customize, widget, wp-login, wp-login.php
|
4 |
Requires at least: 5.4
|
5 |
-
Tested up to: 5.4
|
6 |
Stable tag: trunk
|
7 |
|
8 |
The ultimate login branding solution! Theme My Login offers matchless customization of your WordPress user experience!
|
@@ -59,6 +59,13 @@ Report bugs, suggest ideas and participate in development at [GitHub](https://gi
|
|
59 |
|
60 |
== Changelog ==
|
61 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
62 |
= 7.1.1 =
|
63 |
* Implement option to enable/disable AJAX
|
64 |
* Fix AJAX not working on certain server environments
|
2 |
Contributors: thememylogin, jfarthing84
|
3 |
Tags: login, register, password, branding, customize, widget, wp-login, wp-login.php
|
4 |
Requires at least: 5.4
|
5 |
+
Tested up to: 5.5.4
|
6 |
Stable tag: trunk
|
7 |
|
8 |
The ultimate login branding solution! Theme My Login offers matchless customization of your WordPress user experience!
|
59 |
|
60 |
== Changelog ==
|
61 |
|
62 |
+
= 7.1.2 =
|
63 |
+
* Fix site crashing on Bluehost
|
64 |
+
* Add requester IP address to password reset emails
|
65 |
+
* Fix multisite settings for WP 5.5+
|
66 |
+
* Default AJAX requests to off
|
67 |
+
* Bring wp-login.php duplicated code up to date
|
68 |
+
|
69 |
= 7.1.1 =
|
70 |
* Implement option to enable/disable AJAX
|
71 |
* Fix AJAX not working on certain server environments
|
theme-my-login.php
CHANGED
@@ -10,7 +10,7 @@
|
|
10 |
Plugin Name: Theme My Login
|
11 |
Plugin URI: https://thememylogin.com
|
12 |
Description: Creates an alternate login, registration and password recovery experience within your theme.
|
13 |
-
Version: 7.1.
|
14 |
Author: Theme My Login
|
15 |
Author URI: https://thememylogin.com
|
16 |
License: GPLv2
|
@@ -24,7 +24,7 @@ Network: true
|
|
24 |
*
|
25 |
* @since 7.0
|
26 |
*/
|
27 |
-
define( 'THEME_MY_LOGIN_VERSION', '7.1.
|
28 |
|
29 |
/**
|
30 |
* Stores the path to TML.
|
10 |
Plugin Name: Theme My Login
|
11 |
Plugin URI: https://thememylogin.com
|
12 |
Description: Creates an alternate login, registration and password recovery experience within your theme.
|
13 |
+
Version: 7.1.2
|
14 |
Author: Theme My Login
|
15 |
Author URI: https://thememylogin.com
|
16 |
License: GPLv2
|
24 |
*
|
25 |
* @since 7.0
|
26 |
*/
|
27 |
+
define( 'THEME_MY_LOGIN_VERSION', '7.1.2' );
|
28 |
|
29 |
/**
|
30 |
* Stores the path to TML.
|