Version Description
Download this release
Release Info
Developer | nsinelnikov |
Plugin | Ultimate Member – User Profile & Membership Plugin |
Version | 2.1.11 |
Comparing to | |
See all releases |
Code changes from version 2.1.10 to 2.1.11
- includes/admin/core/class-admin-enqueue.php +0 -4
- includes/admin/core/class-admin-menu.php +3 -3
- includes/admin/templates/extensions.php +0 -6
- includes/core/class-access.php +12 -7
- includes/core/class-form.php +32 -18
- includes/core/class-plugin-updater.php +37 -0
- includes/core/class-roles-capabilities.php +0 -12
- includes/core/um-actions-form.php +23 -0
- includes/core/um-actions-profile.php +51 -10
- includes/core/um-actions-register.php +2 -0
- includes/um-short-functions.php +37 -6
- readme.txt +11 -4
- ultimate-member.php +1 -1
includes/admin/core/class-admin-enqueue.php
CHANGED
@@ -505,10 +505,6 @@ if ( ! class_exists( 'um\admin\core\Admin_Enqueue' ) ) {
|
|
505 |
/**
|
506 |
* create gutenberg blocks
|
507 |
*/
|
508 |
-
register_block_type( 'um-block/um-user-profile-wall', array(
|
509 |
-
'editor_script' => 'um-blocks-shortcode-js',
|
510 |
-
) );
|
511 |
-
|
512 |
register_block_type( 'um-block/um-forms', array(
|
513 |
'editor_script' => 'um-blocks-shortcode-js',
|
514 |
) );
|
505 |
/**
|
506 |
* create gutenberg blocks
|
507 |
*/
|
|
|
|
|
|
|
|
|
508 |
register_block_type( 'um-block/um-forms', array(
|
509 |
'editor_script' => 'um-blocks-shortcode-js',
|
510 |
) );
|
includes/admin/core/class-admin-menu.php
CHANGED
@@ -125,15 +125,15 @@ if ( ! class_exists( 'um\admin\core\Admin_Menu' ) ) {
|
|
125 |
if ( is_array( $menu ) ) {
|
126 |
foreach ( $menu as $key => $menu_item ) {
|
127 |
if ( 0 === strpos( $menu_item[0], _x( 'Users', 'Admin menu name' ) ) ) {
|
128 |
-
$menu[ $key ][0] .= ' <span class="update-plugins count-'
|
129 |
}
|
130 |
}
|
131 |
}
|
132 |
|
133 |
-
if ( is_array( $submenu ) ) {
|
134 |
foreach ( $submenu['users.php'] as $key => $menu_item ) {
|
135 |
if ( 0 === strpos( $menu_item[0], _x( 'All Users', 'Admin menu name' ) ) ) {
|
136 |
-
$submenu['users.php'][ $key ][0] .= ' <span class="update-plugins count-'.$count.'"><span class="processing-count">'
|
137 |
}
|
138 |
}
|
139 |
}
|
125 |
if ( is_array( $menu ) ) {
|
126 |
foreach ( $menu as $key => $menu_item ) {
|
127 |
if ( 0 === strpos( $menu_item[0], _x( 'Users', 'Admin menu name' ) ) ) {
|
128 |
+
$menu[ $key ][0] .= ' <span class="update-plugins count-' . $count . '"><span class="processing-count">' . $count . '</span></span>';
|
129 |
}
|
130 |
}
|
131 |
}
|
132 |
|
133 |
+
if ( is_array( $submenu ) && isset( $submenu['users.php'] ) ) {
|
134 |
foreach ( $submenu['users.php'] as $key => $menu_item ) {
|
135 |
if ( 0 === strpos( $menu_item[0], _x( 'All Users', 'Admin menu name' ) ) ) {
|
136 |
+
$submenu['users.php'][ $key ][0] .= ' <span class="update-plugins count-' .$count . '"><span class="processing-count">' . $count . '</span></span>';
|
137 |
}
|
138 |
}
|
139 |
}
|
includes/admin/templates/extensions.php
CHANGED
@@ -66,12 +66,6 @@ $premium['social-login'] = array(
|
|
66 |
'desc' => 'Let users register & login to your site via Facebook, Twitter, G+, LinkedIn, and more',
|
67 |
);
|
68 |
|
69 |
-
$premium['instagram'] = array(
|
70 |
-
'url' => 'https://ultimatemember.com/extensions/instagram/',
|
71 |
-
'name' => 'Instagram',
|
72 |
-
'desc' => 'Allow users to show their Instagram photos on their profile',
|
73 |
-
);
|
74 |
-
|
75 |
$premium['user-tags'] = array(
|
76 |
'url' => 'https://ultimatemember.com/extensions/user-tags/',
|
77 |
'name' => 'User Tags',
|
66 |
'desc' => 'Let users register & login to your site via Facebook, Twitter, G+, LinkedIn, and more',
|
67 |
);
|
68 |
|
|
|
|
|
|
|
|
|
|
|
|
|
69 |
$premium['user-tags'] = array(
|
70 |
'url' => 'https://ultimatemember.com/extensions/user-tags/',
|
71 |
'name' => 'User Tags',
|
includes/core/class-access.php
CHANGED
@@ -248,11 +248,12 @@ if ( ! class_exists( 'um\core\Access' ) ) {
|
|
248 |
$ms_empty_role_access = is_multisite() && is_user_logged_in() && !UM()->roles()->get_priority_user_role( um_user('ID') );
|
249 |
|
250 |
if ( is_front_page() ) {
|
251 |
-
if ( is_user_logged_in() &&
|
252 |
|
253 |
$user_default_homepage = um_user( 'default_homepage' );
|
254 |
-
if ( ! empty( $user_default_homepage ) )
|
255 |
return;
|
|
|
256 |
|
257 |
$redirect_homepage = um_user( 'redirect_homepage' );
|
258 |
/**
|
@@ -291,8 +292,9 @@ if ( ! class_exists( 'um\core\Access' ) ) {
|
|
291 |
if ( $home_page_accessible == 0 ) {
|
292 |
//get redirect URL if not set get login page by default
|
293 |
$redirect = UM()->options()->get( 'access_redirect' );
|
294 |
-
if ( ! $redirect )
|
295 |
$redirect = um_get_core_page( 'login' );
|
|
|
296 |
|
297 |
$this->redirect_handler = $this->set_referer( esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), $redirect ) ), 'global' );
|
298 |
} else {
|
@@ -312,8 +314,9 @@ if ( ! class_exists( 'um\core\Access' ) ) {
|
|
312 |
if ( $category_page_accessible == 0 ) {
|
313 |
//get redirect URL if not set get login page by default
|
314 |
$redirect = UM()->options()->get( 'access_redirect' );
|
315 |
-
if ( ! $redirect )
|
316 |
$redirect = um_get_core_page( 'login' );
|
|
|
317 |
|
318 |
$this->redirect_handler = $this->set_referer( esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), $redirect ) ), 'global' );
|
319 |
} else {
|
@@ -326,7 +329,7 @@ if ( ! class_exists( 'um\core\Access' ) ) {
|
|
326 |
|
327 |
$access = UM()->options()->get( 'accessible' );
|
328 |
|
329 |
-
if ( $access == 2 && ( !is_user_logged_in() || $ms_empty_role_access ) ) {
|
330 |
|
331 |
//build exclude URLs pages
|
332 |
$redirects = array();
|
@@ -391,8 +394,9 @@ if ( ! class_exists( 'um\core\Access' ) ) {
|
|
391 |
//also skip if we currently at UM Register|Login|Reset Password pages
|
392 |
if ( um_is_core_post( $post, 'register' ) ||
|
393 |
um_is_core_post( $post, 'password-reset' ) ||
|
394 |
-
um_is_core_post( $post, 'login' ) )
|
395 |
return;
|
|
|
396 |
|
397 |
/**
|
398 |
* UM hook
|
@@ -413,8 +417,9 @@ if ( ! class_exists( 'um\core\Access' ) ) {
|
|
413 |
*/
|
414 |
do_action( 'um_access_check_individual_term_settings' );
|
415 |
//exit from function if term page is accessible
|
416 |
-
if ( $this->check_access() )
|
417 |
return;
|
|
|
418 |
|
419 |
/**
|
420 |
* UM hook
|
248 |
$ms_empty_role_access = is_multisite() && is_user_logged_in() && !UM()->roles()->get_priority_user_role( um_user('ID') );
|
249 |
|
250 |
if ( is_front_page() ) {
|
251 |
+
if ( is_user_logged_in() && ! $ms_empty_role_access ) {
|
252 |
|
253 |
$user_default_homepage = um_user( 'default_homepage' );
|
254 |
+
if ( ! empty( $user_default_homepage ) ) {
|
255 |
return;
|
256 |
+
}
|
257 |
|
258 |
$redirect_homepage = um_user( 'redirect_homepage' );
|
259 |
/**
|
292 |
if ( $home_page_accessible == 0 ) {
|
293 |
//get redirect URL if not set get login page by default
|
294 |
$redirect = UM()->options()->get( 'access_redirect' );
|
295 |
+
if ( ! $redirect ) {
|
296 |
$redirect = um_get_core_page( 'login' );
|
297 |
+
}
|
298 |
|
299 |
$this->redirect_handler = $this->set_referer( esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), $redirect ) ), 'global' );
|
300 |
} else {
|
314 |
if ( $category_page_accessible == 0 ) {
|
315 |
//get redirect URL if not set get login page by default
|
316 |
$redirect = UM()->options()->get( 'access_redirect' );
|
317 |
+
if ( ! $redirect ) {
|
318 |
$redirect = um_get_core_page( 'login' );
|
319 |
+
}
|
320 |
|
321 |
$this->redirect_handler = $this->set_referer( esc_url( add_query_arg( 'redirect_to', urlencode_deep( $curr ), $redirect ) ), 'global' );
|
322 |
} else {
|
329 |
|
330 |
$access = UM()->options()->get( 'accessible' );
|
331 |
|
332 |
+
if ( $access == 2 && ( ! is_user_logged_in() || $ms_empty_role_access ) ) {
|
333 |
|
334 |
//build exclude URLs pages
|
335 |
$redirects = array();
|
394 |
//also skip if we currently at UM Register|Login|Reset Password pages
|
395 |
if ( um_is_core_post( $post, 'register' ) ||
|
396 |
um_is_core_post( $post, 'password-reset' ) ||
|
397 |
+
um_is_core_post( $post, 'login' ) ) {
|
398 |
return;
|
399 |
+
}
|
400 |
|
401 |
/**
|
402 |
* UM hook
|
417 |
*/
|
418 |
do_action( 'um_access_check_individual_term_settings' );
|
419 |
//exit from function if term page is accessible
|
420 |
+
if ( $this->check_access() ) {
|
421 |
return;
|
422 |
+
}
|
423 |
|
424 |
/**
|
425 |
* UM hook
|
includes/core/class-form.php
CHANGED
@@ -379,25 +379,30 @@ if ( ! class_exists( 'um\core\Form' ) ) {
|
|
379 |
$custom_field_roles = $this->custom_field_roles( $this->form_data['custom_fields'] );
|
380 |
|
381 |
if ( ! empty( $_POST['role'] ) ) {
|
382 |
-
$
|
383 |
-
|
384 |
-
|
385 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
386 |
}
|
387 |
-
|
388 |
-
global $wp_roles;
|
389 |
-
$role_keys = array_map( function( $item ) {
|
390 |
-
return 'um_' . $item;
|
391 |
-
}, get_option( 'um_roles', array() ) );
|
392 |
-
$exclude_roles = array_diff( array_keys( $wp_roles->roles ), array_merge( $role_keys, array( 'subscriber' ) ) );
|
393 |
-
|
394 |
-
if ( ! empty( $role ) &&
|
395 |
-
( ! in_array( $role, $custom_field_roles, true ) || in_array( $role, $exclude_roles ) ) ) {
|
396 |
-
wp_die( __( 'This is not possible for security reasons.', 'ultimate-member' ) );
|
397 |
-
}
|
398 |
-
|
399 |
-
$this->post_form['role'] = $role;
|
400 |
-
$this->post_form['submitted']['role'] = $role;
|
401 |
}
|
402 |
|
403 |
} elseif ( isset( $this->post_form['mode'] ) && $this->post_form['mode'] == 'register' ) {
|
@@ -606,6 +611,15 @@ if ( ! class_exists( 'um\core\Form' ) ) {
|
|
606 |
foreach ( $fields as $field_key => $field_settings ) {
|
607 |
|
608 |
if ( strstr( $field_key, 'role_' ) && is_array( $field_settings['options'] ) ) {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
609 |
$intersected_options = array();
|
610 |
foreach ( $field_settings['options'] as $key => $title ) {
|
611 |
if ( false !== $search_key = array_search( $title, $roles ) ) {
|
379 |
$custom_field_roles = $this->custom_field_roles( $this->form_data['custom_fields'] );
|
380 |
|
381 |
if ( ! empty( $_POST['role'] ) ) {
|
382 |
+
if ( ! empty( $custom_field_roles ) ) {
|
383 |
+
$role = $_POST['role'];
|
384 |
+
|
385 |
+
if ( is_array( $_POST['role'] ) ) {
|
386 |
+
$role = current( $_POST['role'] );
|
387 |
+
}
|
388 |
+
|
389 |
+
global $wp_roles;
|
390 |
+
$role_keys = array_map( function( $item ) {
|
391 |
+
return 'um_' . $item;
|
392 |
+
}, get_option( 'um_roles', array() ) );
|
393 |
+
$exclude_roles = array_diff( array_keys( $wp_roles->roles ), array_merge( $role_keys, array( 'subscriber' ) ) );
|
394 |
+
|
395 |
+
if ( ! empty( $role ) &&
|
396 |
+
( ! in_array( $role, $custom_field_roles, true ) || in_array( $role, $exclude_roles ) ) ) {
|
397 |
+
wp_die( __( 'This is not possible for security reasons.', 'ultimate-member' ) );
|
398 |
+
}
|
399 |
+
|
400 |
+
$this->post_form['role'] = $role;
|
401 |
+
$this->post_form['submitted']['role'] = $role;
|
402 |
+
} else {
|
403 |
+
unset( $this->post_form['role'] );
|
404 |
+
unset( $this->post_form['submitted']['role'] );
|
405 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
406 |
}
|
407 |
|
408 |
} elseif ( isset( $this->post_form['mode'] ) && $this->post_form['mode'] == 'register' ) {
|
611 |
foreach ( $fields as $field_key => $field_settings ) {
|
612 |
|
613 |
if ( strstr( $field_key, 'role_' ) && is_array( $field_settings['options'] ) ) {
|
614 |
+
|
615 |
+
if ( $field_settings['editable'] == 0 ) {
|
616 |
+
continue;
|
617 |
+
}
|
618 |
+
|
619 |
+
if ( ! um_can_view_field( $field_settings ) ) {
|
620 |
+
continue;
|
621 |
+
}
|
622 |
+
|
623 |
$intersected_options = array();
|
624 |
foreach ( $field_settings['options'] as $key => $title ) {
|
625 |
if ( false !== $search_key = array_search( $title, $roles ) ) {
|
includes/core/class-plugin-updater.php
CHANGED
@@ -37,6 +37,30 @@ if ( ! class_exists( 'um\core\Plugin_Updater' ) ) {
|
|
37 |
|
38 |
//plugin information info
|
39 |
add_filter( 'plugins_api', array( &$this, 'plugin_information' ), 9999, 3 );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
40 |
}
|
41 |
|
42 |
|
@@ -367,6 +391,10 @@ if ( ! class_exists( 'um\core\Plugin_Updater' ) ) {
|
|
367 |
continue;
|
368 |
}
|
369 |
|
|
|
|
|
|
|
|
|
370 |
$path = wp_normalize_path( WP_PLUGIN_DIR . DIRECTORY_SEPARATOR . $slug );
|
371 |
if ( ! file_exists( $path ) ) {
|
372 |
continue;
|
@@ -390,11 +418,20 @@ if ( ! class_exists( 'um\core\Plugin_Updater' ) ) {
|
|
390 |
if ( version_compare( $plugin_data['Version'], $version_info->new_version, '<' ) ) {
|
391 |
$_transient_data->response[ $slug ] = $version_info;
|
392 |
$_transient_data->response[ $slug ]->plugin = $slug;
|
|
|
|
|
|
|
393 |
}
|
394 |
|
395 |
$_transient_data->last_checked = time();
|
396 |
$_transient_data->checked[ $slug ] = $plugin_data['Version'];
|
397 |
|
|
|
|
|
|
|
|
|
|
|
|
|
398 |
}
|
399 |
}
|
400 |
|
37 |
|
38 |
//plugin information info
|
39 |
add_filter( 'plugins_api', array( &$this, 'plugin_information' ), 9999, 3 );
|
40 |
+
|
41 |
+
// make this only for version which have the update packages
|
42 |
+
//add_filter( 'auto_update_plugin', array( &$this, 'prevent_dangerous_auto_updates' ), 99, 2 );
|
43 |
+
}
|
44 |
+
|
45 |
+
|
46 |
+
/**
|
47 |
+
* Prevent auto-updating the WooCommerce plugin on major releases if there are untested extensions active.
|
48 |
+
*
|
49 |
+
* @since 3.2.0
|
50 |
+
* @param bool $should_update If should update.
|
51 |
+
* @param object $plugin Plugin data.
|
52 |
+
* @return bool
|
53 |
+
*/
|
54 |
+
function prevent_dangerous_auto_updates( $should_update, $plugin ) {
|
55 |
+
if ( ! isset( $plugin->plugin, $plugin->new_version ) ) {
|
56 |
+
return $should_update;
|
57 |
+
}
|
58 |
+
|
59 |
+
if ( 'ultimate-member/ultimate-member.php' !== $plugin->plugin ) {
|
60 |
+
return $should_update;
|
61 |
+
}
|
62 |
+
|
63 |
+
return $should_update;
|
64 |
}
|
65 |
|
66 |
|
391 |
continue;
|
392 |
}
|
393 |
|
394 |
+
/*if ( ! empty( $_transient_data->no_update ) && ! empty( $_transient_data->no_update[ $slug ] ) && $_transient_data->last_checked > time() - DAY_IN_SECONDS ) {
|
395 |
+
continue;
|
396 |
+
}*/
|
397 |
+
|
398 |
$path = wp_normalize_path( WP_PLUGIN_DIR . DIRECTORY_SEPARATOR . $slug );
|
399 |
if ( ! file_exists( $path ) ) {
|
400 |
continue;
|
418 |
if ( version_compare( $plugin_data['Version'], $version_info->new_version, '<' ) ) {
|
419 |
$_transient_data->response[ $slug ] = $version_info;
|
420 |
$_transient_data->response[ $slug ]->plugin = $slug;
|
421 |
+
} else {
|
422 |
+
$_transient_data->no_update[ $slug ] = $version_info;
|
423 |
+
$_transient_data->no_update[ $slug ]->plugin = $slug;
|
424 |
}
|
425 |
|
426 |
$_transient_data->last_checked = time();
|
427 |
$_transient_data->checked[ $slug ] = $plugin_data['Version'];
|
428 |
|
429 |
+
} elseif ( false !== $version_info && is_object( $version_info ) && ! isset( $version_info->new_version ) ) {
|
430 |
+
$_transient_data->no_update[ $slug ] = $version_info;
|
431 |
+
$_transient_data->no_update[ $slug ]->plugin = $slug;
|
432 |
+
|
433 |
+
$_transient_data->last_checked = time();
|
434 |
+
$_transient_data->checked[ $slug ] = $plugin_data['Version'];
|
435 |
}
|
436 |
}
|
437 |
|
includes/core/class-roles-capabilities.php
CHANGED
@@ -345,18 +345,6 @@ if ( ! class_exists( 'um\core\Roles_Capabilities' ) ) {
|
|
345 |
}
|
346 |
|
347 |
|
348 |
-
/**
|
349 |
-
* Set roles to user (remove all previous roles)
|
350 |
-
* make user only with $roles roles
|
351 |
-
*
|
352 |
-
* @param int $user_id
|
353 |
-
* @param string|array $roles
|
354 |
-
*/
|
355 |
-
function set_roles( $user_id, $roles ) {
|
356 |
-
|
357 |
-
}
|
358 |
-
|
359 |
-
|
360 |
/**
|
361 |
* Get user one of UM roles if it has it
|
362 |
*
|
345 |
}
|
346 |
|
347 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
348 |
/**
|
349 |
* Get user one of UM roles if it has it
|
350 |
*
|
includes/core/um-actions-form.php
CHANGED
@@ -135,6 +135,29 @@ function um_submit_form_errors_hook( $args ) {
|
|
135 |
*/
|
136 |
do_action( 'um_submit_form_errors_hook__registration', $args );
|
137 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
138 |
}
|
139 |
|
140 |
/**
|
135 |
*/
|
136 |
do_action( 'um_submit_form_errors_hook__registration', $args );
|
137 |
|
138 |
+
} elseif ( $mode == 'profile' ) {
|
139 |
+
|
140 |
+
/**
|
141 |
+
* UM hook
|
142 |
+
*
|
143 |
+
* @type action
|
144 |
+
* @title um_submit_form_errors_hook__registration
|
145 |
+
* @description Submit registration form validation
|
146 |
+
* @input_vars
|
147 |
+
* [{"var":"$args","type":"array","desc":"Form Arguments"}]
|
148 |
+
* @change_log
|
149 |
+
* ["Since: 2.0"]
|
150 |
+
* @usage add_action( 'um_submit_form_errors_hook__registration', 'function_name', 10, 1 );
|
151 |
+
* @example
|
152 |
+
* <?php
|
153 |
+
* add_action( 'um_submit_form_errors_hook__profile', 'my_submit_form_errors_hook__profile', 10, 1 );
|
154 |
+
* function my_submit_form_errors_registration( $args ) {
|
155 |
+
* // your code here
|
156 |
+
* }
|
157 |
+
* ?>
|
158 |
+
*/
|
159 |
+
do_action( 'um_submit_form_errors_hook__profile', $args );
|
160 |
+
|
161 |
}
|
162 |
|
163 |
/**
|
includes/core/um-actions-profile.php
CHANGED
@@ -367,18 +367,45 @@ function um_user_edit_profile( $args ) {
|
|
367 |
$to_update[ $description_key ] = $args['submitted'][ $description_key ];
|
368 |
}
|
369 |
|
370 |
-
if ( ! empty( $args['submitted']['role'] ) ) {
|
371 |
-
global $wp_roles;
|
372 |
-
$role_keys = array_map( function( $item ) {
|
373 |
-
return 'um_' . $item;
|
374 |
-
}, get_option( 'um_roles' ) );
|
375 |
-
$exclude_roles = array_diff( array_keys( $wp_roles->roles ), array_merge( $role_keys, array( 'subscriber' ) ) );
|
376 |
|
377 |
-
|
378 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
379 |
}
|
380 |
|
381 |
-
$args['roles_before_upgrade'] = UM()->roles()->get_all_user_roles( $user_id );
|
382 |
}
|
383 |
|
384 |
/**
|
@@ -537,6 +564,19 @@ function um_user_edit_profile( $args ) {
|
|
537 |
add_action( 'um_user_edit_profile', 'um_user_edit_profile', 10 );
|
538 |
|
539 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
540 |
add_filter( 'um_user_pre_updating_files_array', array( UM()->validation(), 'validate_files' ), 10, 1 );
|
541 |
add_filter( 'um_before_save_filter_submitted', array( UM()->validation(), 'validate_fields_values' ), 10, 2 );
|
542 |
|
@@ -548,7 +588,7 @@ add_filter( 'um_before_save_filter_submitted', array( UM()->validation(), 'valid
|
|
548 |
* @param $to_update
|
549 |
*/
|
550 |
function um_restore_default_roles( $user_id, $args, $to_update ) {
|
551 |
-
if ( ! empty( $args['submitted']['role'] ) ) {
|
552 |
$wp_user = new WP_User( $user_id );
|
553 |
|
554 |
$role_keys = array_map( function( $item ) {
|
@@ -581,6 +621,7 @@ function um_editing_user_id_input( $args ) {
|
|
581 |
if ( UM()->fields()->editing == 1 && UM()->fields()->set_mode == 'profile' && UM()->user()->target_id ) { ?>
|
582 |
|
583 |
<input type="hidden" name="user_id" id="user_id" value="<?php echo esc_attr( UM()->user()->target_id ); ?>" />
|
|
|
584 |
|
585 |
<?php }
|
586 |
}
|
367 |
$to_update[ $description_key ] = $args['submitted'][ $description_key ];
|
368 |
}
|
369 |
|
|
|
|
|
|
|
|
|
|
|
|
|
370 |
|
371 |
+
// Secure selected role
|
372 |
+
if ( is_admin() ) {
|
373 |
+
|
374 |
+
if ( ! empty( $args['submitted']['role'] ) ) {
|
375 |
+
global $wp_roles;
|
376 |
+
$role_keys = array_map( function( $item ) {
|
377 |
+
return 'um_' . $item;
|
378 |
+
}, get_option( 'um_roles' ) );
|
379 |
+
$exclude_roles = array_diff( array_keys( $wp_roles->roles ), array_merge( $role_keys, array( 'subscriber' ) ) );
|
380 |
+
|
381 |
+
if ( ! in_array( $args['submitted']['role'], $exclude_roles ) ) {
|
382 |
+
$to_update['role'] = $args['submitted']['role'];
|
383 |
+
}
|
384 |
+
|
385 |
+
$args['roles_before_upgrade'] = UM()->roles()->get_all_user_roles( $user_id );
|
386 |
+
}
|
387 |
+
|
388 |
+
} else {
|
389 |
+
|
390 |
+
if ( ( isset( $fields['role'] ) && $fields['role']['editable'] != 0 && um_can_view_field( $fields['role'] ) ) ||
|
391 |
+
( isset( $fields['role_select'] ) && $fields['role_select']['editable'] != 0 && um_can_view_field( $fields['role_select'] ) ) ||
|
392 |
+
( isset( $fields['role_radio'] ) ) && $fields['role_radio']['editable'] != 0 && um_can_view_field( $fields['role_radio'] ) ) {
|
393 |
+
|
394 |
+
if ( ! empty( $args['submitted']['role'] ) ) {
|
395 |
+
global $wp_roles;
|
396 |
+
$role_keys = array_map( function( $item ) {
|
397 |
+
return 'um_' . $item;
|
398 |
+
}, get_option( 'um_roles' ) );
|
399 |
+
$exclude_roles = array_diff( array_keys( $wp_roles->roles ), array_merge( $role_keys, array( 'subscriber' ) ) );
|
400 |
+
|
401 |
+
if ( ! in_array( $args['submitted']['role'], $exclude_roles ) ) {
|
402 |
+
$to_update['role'] = $args['submitted']['role'];
|
403 |
+
}
|
404 |
+
|
405 |
+
$args['roles_before_upgrade'] = UM()->roles()->get_all_user_roles( $user_id );
|
406 |
+
}
|
407 |
}
|
408 |
|
|
|
409 |
}
|
410 |
|
411 |
/**
|
564 |
add_action( 'um_user_edit_profile', 'um_user_edit_profile', 10 );
|
565 |
|
566 |
|
567 |
+
/**
|
568 |
+
* @param array $post_form
|
569 |
+
*/
|
570 |
+
function um_profile_validate_nonce( $post_form ) {
|
571 |
+
$user_id = isset( $post_form['user_id'] ) ? $post_form['user_id'] : '';
|
572 |
+
$nonce = isset( $post_form['profile_nonce'] ) ? $post_form['profile_nonce'] : '';
|
573 |
+
if ( empty( $nonce ) || ! wp_verify_nonce( $nonce, 'um-profile-nonce' . $user_id ) ) {
|
574 |
+
wp_die( __( 'This is not possible for security reasons.', 'ultimate-member' ) );
|
575 |
+
}
|
576 |
+
}
|
577 |
+
add_action( 'um_submit_form_errors_hook__profile', 'um_profile_validate_nonce', 10, 1 );
|
578 |
+
|
579 |
+
|
580 |
add_filter( 'um_user_pre_updating_files_array', array( UM()->validation(), 'validate_files' ), 10, 1 );
|
581 |
add_filter( 'um_before_save_filter_submitted', array( UM()->validation(), 'validate_fields_values' ), 10, 2 );
|
582 |
|
588 |
* @param $to_update
|
589 |
*/
|
590 |
function um_restore_default_roles( $user_id, $args, $to_update ) {
|
591 |
+
if ( ! empty( $args['submitted']['role'] ) && ! empty( $to_update['role'] ) ) {
|
592 |
$wp_user = new WP_User( $user_id );
|
593 |
|
594 |
$role_keys = array_map( function( $item ) {
|
621 |
if ( UM()->fields()->editing == 1 && UM()->fields()->set_mode == 'profile' && UM()->user()->target_id ) { ?>
|
622 |
|
623 |
<input type="hidden" name="user_id" id="user_id" value="<?php echo esc_attr( UM()->user()->target_id ); ?>" />
|
624 |
+
<input type="hidden" name="profile_nonce" id="profile_nonce" value="<?php echo esc_attr( wp_create_nonce( 'um-profile-nonce' . UM()->user()->target_id ) ); ?>" />
|
625 |
|
626 |
<?php }
|
627 |
}
|
includes/core/um-actions-register.php
CHANGED
@@ -206,6 +206,8 @@ function um_check_user_status( $user_id, $args ) {
|
|
206 |
exit( wp_safe_redirect( urldecode( $args['redirect_to'] ) ) );
|
207 |
}
|
208 |
|
|
|
|
|
209 |
if ( um_user( 'auto_approve_act' ) == 'redirect_url' && um_user( 'auto_approve_url' ) !== '' ) {
|
210 |
exit( wp_redirect( um_user( 'auto_approve_url' ) ) );
|
211 |
}
|
206 |
exit( wp_safe_redirect( urldecode( $args['redirect_to'] ) ) );
|
207 |
}
|
208 |
|
209 |
+
um_fetch_user( $user_id );
|
210 |
+
|
211 |
if ( um_user( 'auto_approve_act' ) == 'redirect_url' && um_user( 'auto_approve_url' ) !== '' ) {
|
212 |
exit( wp_redirect( um_user( 'auto_approve_url' ) ) );
|
213 |
}
|
includes/um-short-functions.php
CHANGED
@@ -1574,10 +1574,6 @@ function um_can_view_field( $data ) {
|
|
1574 |
* @return bool
|
1575 |
*/
|
1576 |
function um_can_view_profile( $user_id ) {
|
1577 |
-
if ( ! um_user( 'can_view_all' ) && $user_id != get_current_user_id() && is_user_logged_in() ) {
|
1578 |
-
return false;
|
1579 |
-
}
|
1580 |
-
|
1581 |
if ( UM()->roles()->um_current_user_can( 'edit', $user_id ) ) {
|
1582 |
return true;
|
1583 |
}
|
@@ -1589,19 +1585,24 @@ function um_can_view_profile( $user_id ) {
|
|
1589 |
$temp_id = um_user('ID');
|
1590 |
um_fetch_user( get_current_user_id() );
|
1591 |
|
|
|
|
|
|
|
|
|
|
|
1592 |
if ( ! um_user( 'can_access_private_profile' ) && UM()->user()->is_private_profile( $user_id ) ) {
|
|
|
1593 |
return false;
|
1594 |
}
|
1595 |
|
1596 |
if ( um_user( 'can_view_roles' ) && $user_id != get_current_user_id() ) {
|
1597 |
-
|
1598 |
$can_view_roles = um_user( 'can_view_roles' );
|
1599 |
|
1600 |
if ( ! is_array( $can_view_roles ) ) {
|
1601 |
$can_view_roles = array();
|
1602 |
}
|
1603 |
|
1604 |
-
if ( count( array_intersect( UM()->roles()->get_all_user_roles( $user_id ), $can_view_roles ) ) <= 0 ) {
|
1605 |
um_fetch_user( $temp_id );
|
1606 |
return false;
|
1607 |
}
|
@@ -2769,4 +2770,34 @@ if ( ! function_exists( 'um_is_profile_owner' ) ) {
|
|
2769 |
|
2770 |
return ( $user_id == um_profile_id() );
|
2771 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2772 |
}
|
1574 |
* @return bool
|
1575 |
*/
|
1576 |
function um_can_view_profile( $user_id ) {
|
|
|
|
|
|
|
|
|
1577 |
if ( UM()->roles()->um_current_user_can( 'edit', $user_id ) ) {
|
1578 |
return true;
|
1579 |
}
|
1585 |
$temp_id = um_user('ID');
|
1586 |
um_fetch_user( get_current_user_id() );
|
1587 |
|
1588 |
+
if ( ! um_user( 'can_view_all' ) && $user_id != get_current_user_id() && is_user_logged_in() ) {
|
1589 |
+
um_fetch_user( $temp_id );
|
1590 |
+
return false;
|
1591 |
+
}
|
1592 |
+
|
1593 |
if ( ! um_user( 'can_access_private_profile' ) && UM()->user()->is_private_profile( $user_id ) ) {
|
1594 |
+
um_fetch_user( $temp_id );
|
1595 |
return false;
|
1596 |
}
|
1597 |
|
1598 |
if ( um_user( 'can_view_roles' ) && $user_id != get_current_user_id() ) {
|
|
|
1599 |
$can_view_roles = um_user( 'can_view_roles' );
|
1600 |
|
1601 |
if ( ! is_array( $can_view_roles ) ) {
|
1602 |
$can_view_roles = array();
|
1603 |
}
|
1604 |
|
1605 |
+
if ( count( $can_view_roles ) && count( array_intersect( UM()->roles()->get_all_user_roles( $user_id ), $can_view_roles ) ) <= 0 ) {
|
1606 |
um_fetch_user( $temp_id );
|
1607 |
return false;
|
1608 |
}
|
2770 |
|
2771 |
return ( $user_id == um_profile_id() );
|
2772 |
}
|
2773 |
+
}
|
2774 |
+
|
2775 |
+
|
2776 |
+
/**
|
2777 |
+
* Check whether the current page is in AMP mode or not.
|
2778 |
+
* We need to check for specific functions, as there is no special AMP header.
|
2779 |
+
*
|
2780 |
+
* @since 2.1.11
|
2781 |
+
*
|
2782 |
+
* @param bool $check_theme_support Whether theme support should be checked. Defaults to true.
|
2783 |
+
*
|
2784 |
+
* @uses is_amp_endpoint() AMP by Automattic
|
2785 |
+
* @uses is_better_amp() Better AMP
|
2786 |
+
*
|
2787 |
+
* @return bool
|
2788 |
+
*/
|
2789 |
+
function um_is_amp( $check_theme_support = true ) {
|
2790 |
+
|
2791 |
+
$is_amp = false;
|
2792 |
+
|
2793 |
+
if ( ( function_exists( 'is_amp_endpoint' ) && is_amp_endpoint() ) ||
|
2794 |
+
( function_exists( 'is_better_amp' ) && is_better_amp() ) ) {
|
2795 |
+
$is_amp = true;
|
2796 |
+
}
|
2797 |
+
|
2798 |
+
if ( $is_amp && $check_theme_support ) {
|
2799 |
+
$is_amp = current_theme_supports( 'amp' );
|
2800 |
+
}
|
2801 |
+
|
2802 |
+
return apply_filters( 'um_is_amp', $is_amp );
|
2803 |
}
|
readme.txt
CHANGED
@@ -1,4 +1,4 @@
|
|
1 |
-
=== Ultimate Member
|
2 |
Author URI: https://ultimatemember.com/
|
3 |
Plugin URI: https://ultimatemember.com/
|
4 |
Contributors: ultimatemember, champsupertramp, nsinelnikov
|
@@ -7,11 +7,11 @@ Tags: community, member, membership, user-profile, user-registration
|
|
7 |
Requires PHP: 5.6
|
8 |
Requires at least: 5.0
|
9 |
Tested up to: 5.5.1
|
10 |
-
Stable tag: 2.1.
|
11 |
License: GNU Version 2 or Any Later Version
|
12 |
License URI: http://www.gnu.org/licenses/gpl-3.0.txt
|
13 |
|
14 |
-
The #1 user
|
15 |
|
16 |
== Description ==
|
17 |
|
@@ -50,7 +50,6 @@ Ultimate Member has a range of extensions that allow you to extend the power of
|
|
50 |
* [User Photos](https://ultimatemember.com/extensions/user-photos/) - Allow users to upload photos to their profile
|
51 |
* [Groups](https://ultimatemember.com/extensions/groups/) - Allow users to create and join groups around shared topics, interests etc.
|
52 |
* [Private Content](https://ultimatemember.com/extensions/private-content/) - Display private content to logged in users that only they can access
|
53 |
-
* [Instagram](https://ultimatemember.com/extensions/instagram/) - Allow users to show their Instagram photos on their profile
|
54 |
* [User Tags](https://ultimatemember.com/extensions/user-tags/) - Lets you add a user tag system to your website
|
55 |
* [Social Activity](https://ultimatemember.com/extensions/social-activity/) - Let users create public wall posts & see the activity of other users
|
56 |
* [WooCommerce](https://ultimatemember.com/extensions/woocommerce/) - Allow you to integrate WooCommerce with Ultimate Member
|
@@ -156,6 +155,14 @@ The plugin works with popular caching plugins by automatically excluding Ultimat
|
|
156 |
* To learn more about version 2.1 please see this [docs](https://docs.ultimatemember.com/article/1512-upgrade-2-1-0)
|
157 |
* UM2.1+ is a significant update to the Member Directories' code base from 2.0.x. Please make sure you take a full-site backup with restore point before updating the plugin
|
158 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
159 |
= 2.1.10: September 23, 2020 =
|
160 |
|
161 |
* Enhancements:
|
1 |
+
=== Ultimate Member – User Profile, User Registration, Login & Membership Plugin ===
|
2 |
Author URI: https://ultimatemember.com/
|
3 |
Plugin URI: https://ultimatemember.com/
|
4 |
Contributors: ultimatemember, champsupertramp, nsinelnikov
|
7 |
Requires PHP: 5.6
|
8 |
Requires at least: 5.0
|
9 |
Tested up to: 5.5.1
|
10 |
+
Stable tag: 2.1.11
|
11 |
License: GNU Version 2 or Any Later Version
|
12 |
License URI: http://www.gnu.org/licenses/gpl-3.0.txt
|
13 |
|
14 |
+
The #1 plugin for front-end user profiles, user registration & login forms, member directories, content restriction and more.
|
15 |
|
16 |
== Description ==
|
17 |
|
50 |
* [User Photos](https://ultimatemember.com/extensions/user-photos/) - Allow users to upload photos to their profile
|
51 |
* [Groups](https://ultimatemember.com/extensions/groups/) - Allow users to create and join groups around shared topics, interests etc.
|
52 |
* [Private Content](https://ultimatemember.com/extensions/private-content/) - Display private content to logged in users that only they can access
|
|
|
53 |
* [User Tags](https://ultimatemember.com/extensions/user-tags/) - Lets you add a user tag system to your website
|
54 |
* [Social Activity](https://ultimatemember.com/extensions/social-activity/) - Let users create public wall posts & see the activity of other users
|
55 |
* [WooCommerce](https://ultimatemember.com/extensions/woocommerce/) - Allow you to integrate WooCommerce with Ultimate Member
|
155 |
* To learn more about version 2.1 please see this [docs](https://docs.ultimatemember.com/article/1512-upgrade-2-1-0)
|
156 |
* UM2.1+ is a significant update to the Member Directories' code base from 2.0.x. Please make sure you take a full-site backup with restore point before updating the plugin
|
157 |
|
158 |
+
= 2.1.11: October 6, 2020 =
|
159 |
+
|
160 |
+
* Bugfixes:
|
161 |
+
|
162 |
+
- Fixed can_view_profile() function
|
163 |
+
- Fixed security patch for role change via profile form
|
164 |
+
- Fixed admin-menu PHP notice
|
165 |
+
|
166 |
= 2.1.10: September 23, 2020 =
|
167 |
|
168 |
* Enhancements:
|
ultimate-member.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
Plugin Name: Ultimate Member
|
4 |
Plugin URI: http://ultimatemember.com/
|
5 |
Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress
|
6 |
-
Version: 2.1.
|
7 |
Author: Ultimate Member
|
8 |
Author URI: http://ultimatemember.com/
|
9 |
Text Domain: ultimate-member
|
3 |
Plugin Name: Ultimate Member
|
4 |
Plugin URI: http://ultimatemember.com/
|
5 |
Description: The easiest way to create powerful online communities and beautiful user profiles with WordPress
|
6 |
+
Version: 2.1.11
|
7 |
Author: Ultimate Member
|
8 |
Author URI: http://ultimatemember.com/
|
9 |
Text Domain: ultimate-member
|