Ultimate Member – User Profile & Membership Plugin - Version 1.1.2

Version Description

Download this release

Release Info

Developer ultimatemember
Plugin Icon 128x128 Ultimate Member – User Profile & Membership Plugin
Version 1.1.2
Comparing to
See all releases

Code changes from version 1.1.1 to 1.1.2

core/um-actions-posts.php CHANGED
@@ -7,6 +7,9 @@
7
function um_pre_get_posts($query) {
8
9
if ( !is_admin() && $query->is_main_query() ) {
10
11
if ( $query->is_search || $query->is_archive() || $query->is_home ) {
12
7
function um_pre_get_posts($query) {
8
9
if ( !is_admin() && $query->is_main_query() ) {
10
+
11
+ // Incompatibility with The Events Calendar
12
+ if ( isset( $query->query['post_type'] ) && $query->query['post_type'] == 'tribe_events' ) return;
13
14
if ( $query->is_search || $query->is_archive() || $query->is_home ) {
15
core/um-actions-profile.php CHANGED
@@ -382,7 +382,7 @@
382
function um_pre_profile_shortcode($args){
383
global $ultimatemember;
384
extract( $args );
385
-
386
if ( $mode == 'profile' && $ultimatemember->fields->editing == false ) {
387
$ultimatemember->fields->viewing = 1;
388
@@ -440,7 +440,7 @@
440
<?php
441
442
$items = array(
443
- 'editprofile' => '<a href="'.um_edit_my_profile_uri().'" class="real_url">'.__('Edit Profile','ultimatemember').'</a>',
444
'myaccount' => '<a href="'.um_get_core_page('account').'" class="real_url">'.__('My Account','ultimatemember').'</a>',
445
'logout' => '<a href="'.um_get_core_page('logout').'" class="real_url">'.__('Logout','ultimatemember').'</a>',
446
'cancel' => '<a href="#" class="um-dropdown-hide">'.__('Cancel','ultimatemember').'</a>',
382
function um_pre_profile_shortcode($args){
383
global $ultimatemember;
384
extract( $args );
385
+
386
if ( $mode == 'profile' && $ultimatemember->fields->editing == false ) {
387
$ultimatemember->fields->viewing = 1;
388
440
<?php
441
442
$items = array(
443
+ 'editprofile' => '<a href="'.um_edit_profile_url().'" class="real_url">'.__('Edit Profile','ultimatemember').'</a>',
444
'myaccount' => '<a href="'.um_get_core_page('account').'" class="real_url">'.__('My Account','ultimatemember').'</a>',
445
'logout' => '<a href="'.um_get_core_page('logout').'" class="real_url">'.__('Logout','ultimatemember').'</a>',
446
'cancel' => '<a href="#" class="um-dropdown-hide">'.__('Cancel','ultimatemember').'</a>',
core/um-actions-register.php CHANGED
@@ -90,6 +90,8 @@
90
if ( !isset( $args['role'] ) ) {
91
$role = um_get_option('default_role');
92
}
93
94
$ultimatemember->user->set_role( $role );
95
@@ -186,7 +188,7 @@
186
add_action('um_user_registration', 'um_user_registration', 10);
187
function um_user_registration($args){
188
global $ultimatemember;
189
-
190
do_action('um_add_user_frontend', $args);
191
192
}
@@ -214,17 +216,14 @@
214
215
if ( isset( $args['custom_fields']['role_select'] ) || isset( $args['custom_fields']['role_radio'] ) ) return;
216
217
- if (isset($args['role']) && !empty($args['role'])){
218
-
219
- echo '<input type="hidden" name="role" id="role" value="'.$args['role'].'" />';
220
-
221
} else {
222
-
223
- $default_role = um_get_option('default_role');
224
- echo '<input type="hidden" name="role" id="role" value="'.$default_role.'" />';
225
-
226
}
227
-
228
}
229
230
/***
90
if ( !isset( $args['role'] ) ) {
91
$role = um_get_option('default_role');
92
}
93
+
94
+ $ultimatemember->user->is_secure_role( $role );
95
96
$ultimatemember->user->set_role( $role );
97
188
add_action('um_user_registration', 'um_user_registration', 10);
189
function um_user_registration($args){
190
global $ultimatemember;
191
+
192
do_action('um_add_user_frontend', $args);
193
194
}
216
217
if ( isset( $args['custom_fields']['role_select'] ) || isset( $args['custom_fields']['role_radio'] ) ) return;
218
219
+ if (isset($args['role']) && !empty($args['role'])) {
220
+ $role = $args['role'];
221
} else {
222
+ $role = um_get_option('default_role');
223
}
224
+
225
+ echo '<input type="hidden" name="role" id="role" value="' . $role . '" />';
226
+
227
}
228
229
/***
core/um-fields.php CHANGED
@@ -2026,7 +2026,7 @@ class UM_Fields {
2026
}
2027
2028
if ( um_is_myprofile() ) {
2029
- $output .= '<p class="um-profile-note">' . $emo .'<span>' . sprintf(__('Your profile is looking a little empty. Why not <a href="%s">add</a> some information!','ultimatemember'), add_query_arg('um_action','edit') ) . '</span></p>';
2030
} else {
2031
$output .= '<p class="um-profile-note">'. $emo . '<span>' . __('This user has not added any information to their profile yet.','ultimatemember') . '</span></p>';
2032
}
2026
}
2027
2028
if ( um_is_myprofile() ) {
2029
+ $output .= '<p class="um-profile-note">' . $emo .'<span>' . sprintf(__('Your profile is looking a little empty. Why not <a href="%s">add</a> some information!','ultimatemember'), um_edit_profile_url() ) . '</span></p>';
2030
} else {
2031
$output .= '<p class="um-profile-note">'. $emo . '<span>' . __('This user has not added any information to their profile yet.','ultimatemember') . '</span></p>';
2032
}
core/um-short-functions.php CHANGED
@@ -472,19 +472,6 @@ function um_reset_user() {
472
return false;
473
}
474
475
- /***
476
- *** @Returns profile edit link
477
- ***/
478
- function um_edit_my_profile_uri() {
479
- global $ultimatemember;
480
- $url = $ultimatemember->permalinks->get_current_url( get_option('permalink_structure') );
481
- $url = remove_query_arg('profiletab', $url);
482
- $url = remove_query_arg('subnav', $url);
483
- $url = add_query_arg('profiletab', 'main', $url);
484
- $url = add_query_arg('um_action', 'edit', $url);
485
- return $url;
486
- }
487
-
488
/***
489
*** @remove edit profile args from url
490
***/
@@ -655,6 +642,18 @@ function um_reset_user() {
655
return $return;
656
}
657
658
/***
659
*** @checks if user can edit his profile
660
***/
@@ -825,6 +824,14 @@ function um_fetch_user( $user_id ) {
825
return $uri;
826
}
827
828
/***
829
*** @get avatar uri
830
***/
472
return false;
473
}
474
475
/***
476
*** @remove edit profile args from url
477
***/
642
return $return;
643
}
644
645
+ /***
646
+ *** @Returns the edit profile link
647
+ ***/
648
+ function um_edit_profile_url(){
649
+ global $ultimatemember;
650
+ $url = remove_query_arg('profiletab');
651
+ $url = remove_query_arg('subnav', $url);
652
+ $url = add_query_arg('profiletab', 'main',$url);
653
+ $url = add_query_arg('um_action','edit', $url);
654
+ return $url;
655
+ }
656
+
657
/***
658
*** @checks if user can edit his profile
659
***/
824
return $uri;
825
}
826
827
+ /***
828
+ *** @get avatar URL instead of image
829
+ ***/
830
+ function um_get_avatar_url($get_avatar){
831
+ preg_match('/src="(.*?)"/i', $get_avatar, $matches);
832
+ return $matches[1];
833
+ }
834
+
835
/***
836
*** @get avatar uri
837
***/
core/um-user.php CHANGED
@@ -173,6 +173,21 @@ class UM_User {
173
$this->set(0, $clean);
174
}
175
176
/***
177
*** @Clean user profile
178
***/
173
$this->set(0, $clean);
174
}
175
176
+ /***
177
+ *** @Security check for roles
178
+ ***/
179
+ function is_secure_role( $role ) {
180
+
181
+ if ( is_admin() ) return;
182
+
183
+ if ( $role == 'admin' )
184
+ wp_die( __('This is not allowed for security reasons.','ultimatemember') );
185
+
186
+ if ( um_get_option('advanced_denied_roles') && strstr( um_get_option('advanced_denied_roles'), $role ) )
187
+ wp_die( __('This is not allowed for security reasons.','ultimatemember') );
188
+
189
+ }
190
+
191
/***
192
*** @Clean user profile
193
***/
index.php CHANGED
@@ -3,7 +3,7 @@
3
Plugin Name: Ultimate Member
4
Plugin URI: http://ultimatemember.com/
5
Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress
6
- Version: 1.1.1
7
Author: Ultimate Member
8
Author URI: http://ultimatemember.com/
9
*/
3
Plugin Name: Ultimate Member
4
Plugin URI: http://ultimatemember.com/
5
Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress
6
+ Version: 1.1.2
7
Author: Ultimate Member
8
Author URI: http://ultimatemember.com/
9
*/
readme.txt CHANGED
@@ -7,7 +7,7 @@ Tags: access control, author, authors, author profile, comments, community, comm
7
Requires at least: 4.1
8
Tested up to: 4.1.1
9
10
- Stable Tag: 1.1.1
11
12
License: GNU Version 2 or Any Later Version
13
@@ -206,6 +206,12 @@ The plugin works with popular caching plugins by automatically excluding Ultimat
206
207
== Changelog ==
208
209
= 1.1.1: March 29, 2015 =
210
211
* Fixed: bug where you user could use an already existing e-mail in account page
7
Requires at least: 4.1
8
Tested up to: 4.1.1
9
10
+ Stable Tag: 1.1.2
11
12
License: GNU Version 2 or Any Later Version
13
206
207
== Changelog ==
208
209
+ = 1.1.2: March 30, 2015 =
210
+
211
+ * Fixed: Important security patch - please update
212
+ * Fixed: conflict with The Events Calendar plugin
213
+ * Fixed: bug with edit profile link
214
+
215
= 1.1.1: March 29, 2015 =
216
217
* Fixed: bug where you user could use an already existing e-mail in account page
um-config.php CHANGED
@@ -1757,6 +1757,14 @@ $this->sections[] = array(
1757
'full_width' => true,
1758
),
1759
1760
array(
1761
'id' => 'enable_timebot',
1762
'type' => 'switch',
1757
'full_width' => true,
1758
),
1759
1760
+ array(
1761
+ 'id' => 'advanced_denied_roles',
1762
+ 'type' => 'text',
1763
+ 'title' => __( 'Do not allow registering these roles','ultimatemember' ),
1764
+ 'default' => '',
1765
+ 'desc' => __('Comma seperate roles (role slugs) that can not be registered from frontend ever for security.','ultimatemember'),
1766
+ ),
1767
+
1768
array(
1769
'id' => 'enable_timebot',
1770
'type' => 'switch',