WP-Members Membership Plugin - Version 3.3.8

Version Description

  • This update does upgrade the plugin's db version. It adds a new email for user email validation during registration.
  • Revised password reset, now uses WP's user_activation_key instead of custom meta.
  • Revised email validation on registration, now users WP's user_activation_key instead of custom meta.
  • Revised email validation for cleaner use when moderated registration is active. Now, if registration is moderated, user must validate their email before notification is sent to admin. User cannot log in until admin approves the user. (Must enable WP Login Erroe setting in WP-Members options for complete messaging.)
  • Revised email validation now has custom email.
  • Added User Screen column for user email validation/confirmation, updated column for activation (uses dashicons instead of text).
  • Improved handling of User Screen column labels so that if a label is changed in the WP-Members Fields manager, the column is automatically reflected without refreshing the wpmembers_utfields setting.
  • When registration runs wp_insert_user(), the resulting $user object is captured and passed to the wpmem_register_redirect action.
  • The default function in the WP-Members user object runs register_redirect() hooked to the wpmem_register_redirect action. Previously, this was run at the default priority (10). This update moves it to priority 20 (so a custom redirect set at the default priority will run first).
  • Can now customize the plugin's upload directory.
  • Fixes issue with attachment URLs in user profile view when used in multisite.
  • Added new feature settings for turning on/off WP-Members fields in WooCommerce My Account page registration and checkout registration.
  • Added captcha support to native WP registration form.
Download this release

Release Info

Developer cbutlerjr
Plugin Icon 128x128 WP-Members Membership Plugin
Version 3.3.8
Comparing to
See all releases

Code changes from version 3.3.7 to 3.3.8

Files changed (16) hide show
  1. includes/admin/class-wp-members-admin-api.php +22 -2
  2. includes/admin/class-wp-members-admin-users.php +600 -512
  3. includes/admin/tabs/class-wp-members-admin-tab-fields.php +8 -6
  4. includes/admin/tabs/class-wp-members-admin-tab-options.php +9 -3
  5. includes/admin/tabs/class-wp-members-fields-table.php +167 -167
  6. includes/api/api-users.php +31 -2
  7. includes/class-wp-members-email.php +5 -1
  8. includes/class-wp-members-forms.php +48 -6
  9. includes/class-wp-members-pwd-reset.php +288 -332
  10. includes/class-wp-members-user.php +1176 -1167
  11. includes/class-wp-members-validation-link.php +349 -266
  12. includes/class-wp-members.php +27 -12
  13. includes/install.php +762 -718
  14. readme.txt +19 -3
  15. uninstall.php +91 -90
  16. wp-members.php +4 -3
includes/admin/class-wp-members-admin-api.php CHANGED
@@ -147,7 +147,7 @@ class WP_Members_Admin_API {
147
  add_filter( 'manage_users_custom_column', array( 'WP_Members_Admin_Users', 'add_user_column_content' ), 10, 3 );
148
  add_action( 'wpmem_user_activated', array( 'WP_Members_Admin_Users', 'set_activated_user' ) );
149
  add_action( 'wpmem_user_deactivated', array( 'WP_Members_Admin_Users', 'set_deactivated_user' ) );
150
- add_filter( 'user_row_actions', array( 'WP_Members_Admin_Users', 'insert_activate_link' ), 10, 2 );
151
  add_action( 'wpmem_admin_after_profile', array( 'WP_Members_User_Profile', '_show_activate' ), 7 );
152
  add_action( 'wpmem_admin_after_profile', array( 'WP_Members_User_Profile', '_show_expiration' ), 8 );
153
  add_action( 'wpmem_admin_after_profile', array( 'WP_Members_User_Profile', '_show_ip' ), 9 );
@@ -387,7 +387,7 @@ class WP_Members_Admin_API {
387
  function default_emails() {
388
  global $wpmem;
389
 
390
- if ( $wpmem->mod_reg == 0 ) {
391
 
392
  $this->add_email( array(
393
  'name' => 'wpmembers_email_newreg',
@@ -395,6 +395,15 @@ class WP_Members_Admin_API {
395
  'subject_input' => 'wpmembers_email_newreg_subj',
396
  'body_input' => 'wpmembers_email_newreg_body',
397
  ) );
 
 
 
 
 
 
 
 
 
398
 
399
  } else {
400
 
@@ -404,6 +413,16 @@ class WP_Members_Admin_API {
404
  'subject_input' => 'wpmembers_email_newmod_subj',
405
  'body_input' => 'wpmembers_email_newmod_body',
406
  ) );
 
 
 
 
 
 
 
 
 
 
407
  $this->add_email( array(
408
  'name' => 'wpmembers_email_appmod',
409
  'heading' => __( "Registration is Moderated, User is Approved", 'wp-members' ),
@@ -662,6 +681,7 @@ class WP_Members_Admin_API {
662
  function post_types() {
663
  return get_post_types( array( 'public' => true, '_builtin' => false ), 'names', 'and' );
664
  }
 
665
  } // End of WP_Members_Admin_API class.
666
 
667
  // End of file.
147
  add_filter( 'manage_users_custom_column', array( 'WP_Members_Admin_Users', 'add_user_column_content' ), 10, 3 );
148
  add_action( 'wpmem_user_activated', array( 'WP_Members_Admin_Users', 'set_activated_user' ) );
149
  add_action( 'wpmem_user_deactivated', array( 'WP_Members_Admin_Users', 'set_deactivated_user' ) );
150
+ add_filter( 'user_row_actions', array( 'WP_Members_Admin_Users', 'insert_hover_links' ), 10, 2 );
151
  add_action( 'wpmem_admin_after_profile', array( 'WP_Members_User_Profile', '_show_activate' ), 7 );
152
  add_action( 'wpmem_admin_after_profile', array( 'WP_Members_User_Profile', '_show_expiration' ), 8 );
153
  add_action( 'wpmem_admin_after_profile', array( 'WP_Members_User_Profile', '_show_ip' ), 9 );
387
  function default_emails() {
388
  global $wpmem;
389
 
390
+ if ( 0 == $wpmem->mod_reg ) {
391
 
392
  $this->add_email( array(
393
  'name' => 'wpmembers_email_newreg',
395
  'subject_input' => 'wpmembers_email_newreg_subj',
396
  'body_input' => 'wpmembers_email_newreg_body',
397
  ) );
398
+
399
+ if ( 1 == $wpmem->act_link ) {
400
+ $this->add_email( array(
401
+ 'name' => 'wpmembers_email_validated',
402
+ 'heading' => __( "User email validated", 'wp-members' ),
403
+ 'subject_input' => 'wpmembers_email_validated_subj',
404
+ 'body_input' => 'wpmembers_email_validated_body',
405
+ ) );
406
+ }
407
 
408
  } else {
409
 
413
  'subject_input' => 'wpmembers_email_newmod_subj',
414
  'body_input' => 'wpmembers_email_newmod_body',
415
  ) );
416
+
417
+ if ( 1 == $wpmem->act_link ) {
418
+ $this->add_email( array(
419
+ 'name' => 'wpmembers_email_validated',
420
+ 'heading' => __( "User email validated", 'wp-members' ),
421
+ 'subject_input' => 'wpmembers_email_validated_subj',
422
+ 'body_input' => 'wpmembers_email_validated_body',
423
+ ) );
424
+ }
425
+
426
  $this->add_email( array(
427
  'name' => 'wpmembers_email_appmod',
428
  'heading' => __( "Registration is Moderated, User is Approved", 'wp-members' ),
681
  function post_types() {
682
  return get_post_types( array( 'public' => true, '_builtin' => false ), 'names', 'and' );
683
  }
684
+
685
  } // End of WP_Members_Admin_API class.
686
 
687
  // End of file.
includes/admin/class-wp-members-admin-users.php CHANGED
@@ -1,513 +1,601 @@
1
- <?php
2
- /**
3
- * The WP_Members Admin Users Class.
4
- *
5
- * @package WP-Members
6
- * @subpackage WP_Members Admin Users Object Class
7
- * @since 3.3.0
8
- */
9
-
10
- // Exit if accessed directly.
11
- if ( ! defined( 'ABSPATH' ) ) {
12
- exit();
13
- }
14
-
15
- class WP_Members_Admin_Users {
16
-
17
- /**
18
- * Function to add activate/export to the bulk dropdown list.
19
- *
20
- * @since 2.8.2
21
- */
22
- static function bulk_user_action() {
23
- global $wpmem; ?>
24
- <script type="text/javascript">
25
- var $j = jQuery.noConflict();
26
- $j(document).ready(function() {
27
- <?php if( $wpmem->mod_reg == 1 ) { ?>
28
- $j('<option>').val('activate').text('<?php _e( 'Activate', 'wp-members' )?>').appendTo("select[name='action']");
29
- $j('<option>').val('deactivate').text('<?php _e( 'Deactivate', 'wp-members' )?>').appendTo("select[name='action']");
30
- <?php } ?>
31
- $j('<option>').val('export').text('<?php _e( 'Export', 'wp-members' )?>').appendTo("select[name='action']");
32
- $j('<input id="export_all" name="export_all" class="button action" type="submit" value="<?php _e( 'Export All Users', 'wp-members' ); ?>" />').appendTo(".top .bulkactions");
33
- <?php if( $wpmem->mod_reg == 1 ) { ?>
34
- $j('<option>').val('activate').text('<?php _e( 'Activate', 'wp-members' )?>').appendTo("select[name='action2']");
35
- $j('<option>').val('deactivate').text('<?php _e( 'Deactivate', 'wp-members' )?>').appendTo("select[name='action2']");
36
- <?php } ?>
37
- $j('<option>').val('export').text('<?php _e( 'Export', 'wp-members' )?>').appendTo("select[name='action2']");
38
- $j('<input id="export_all" name="export_all" class="button action" type="submit" value="<?php _e( 'Export All Users', 'wp-members' ); ?>" />').appendTo(".bottom .bulkactions");
39
- });
40
- </script><?php
41
- }
42
-
43
- /**
44
- * Function to add activate link to the user row action.
45
- *
46
- * @since 2.8.2
47
- * @since 3.3.5 Updated to use wpmem_is_user_activated().
48
- *
49
- * @param array $actions
50
- * @param $user_object
51
- * @return array $actions
52
- */
53
- static function insert_activate_link( $actions, $user_object ) {
54
- global $wpmem;
55
- if ( 1 == $wpmem->mod_reg && $user_object->ID != get_current_user_id() ) {
56
-
57
- $is_active = wpmem_is_user_activated( $user_object->ID );
58
-
59
- if ( false === $is_active ) {
60
- $action = 'activate';
61
- $term = __( 'Activate', 'wp-members' );
62
- } else {
63
- $action = 'deactivate';
64
- $term = __( 'Deactivate', 'wp-members' );
65
- }
66
- $url = add_query_arg( array( 'action' => $action . '-single', 'user' => $user_object->ID ), "users.php" );
67
- $url = wp_nonce_url( $url, 'activate-user' );
68
- $actions[ $action ] = '<a href="' . $url . '">' . $term . '</a>';
69
- }
70
- return $actions;
71
- }
72
-
73
- /**
74
- * Function to handle bulk actions at page load.
75
- *
76
- * @since 2.8.2
77
- *
78
- * @uses WP_Users_List_Table
79
- *
80
- * @global object $wpmem
81
- */
82
- static function page_load() {
83
-
84
- global $wpmem;
85
- if ( current_user_can( 'list_users' ) ) {
86
- $wpmem->admin->user_search = new WP_Members_Admin_User_Search();
87
- }
88
-
89
- // If exporting all users, do it, then exit.
90
- if ( wpmem_get( 'export_all', false, 'request' ) ) {
91
- $today = date( "Y-m-d" );
92
- wpmem_export_users( array( 'export'=>'all', 'filename'=>'user-export-' . $today . '.csv' ) );
93
- exit();
94
- }
95
-
96
- $wp_list_table = _get_list_table( 'WP_Users_List_Table' );
97
- $action = $wp_list_table->current_action();
98
- $sendback = '';
99
-
100
- switch ( $action ) {
101
-
102
- case 'activate':
103
- case 'deactivate':
104
-
105
- // Validate nonce.
106
- check_admin_referer( 'bulk-users' );
107
-
108
- // Get the users.
109
- if ( isset( $_REQUEST['users'] ) ) {
110
-
111
- $users = $_REQUEST['users'];
112
-
113
- // Update the users.
114
- $x = 0;
115
- foreach ( $users as $user ) {
116
- $user = filter_var( $user, FILTER_VALIDATE_INT );
117
- // Current user cannot activate or deactivate themselves.
118
- if ( $user != get_current_user_id() ) {
119
- // Check to see if the user is already activated, if not, activate.
120
- if ( 'activate' == $action && 1 != get_user_meta( $user, 'active', true ) ) {
121
- wpmem_activate_user( $user );
122
- } elseif( 'deactivate' == $action ) {
123
- wpmem_deactivate_user( $user );
124
- }
125
- $x++;
126
- }
127
- }
128
- $msg = ( 'activate' == $action ) ? urlencode( sprintf( __( '%s users activated', 'wp-members' ), $x ) ) : urlencode( sprintf( __( '%s users deactivated', 'wp-members' ), $x ) );
129
-
130
- } else {
131
- $msg = urlencode( __( 'No users selected', 'wp-members' ) );
132
- }
133
-
134
- // Set the return message.
135
- $sendback = add_query_arg( array( 'activated' => $msg ), $sendback );
136
- break;
137
-
138
- case 'activate-single':
139
- case 'deactivate-single':
140
-
141
- // Validate nonce.
142
- check_admin_referer( 'activate-user' );
143
-
144
- // Get the users.
145
- $users = filter_var( $_REQUEST['user'], FILTER_VALIDATE_INT );
146
-
147
- // Check to see if the user is already activated, if not, activate.
148
- if ( $users == get_current_user_id() ) {
149
- $msg = urlencode( sprintf( esc_html__( 'You cannot activate or deactivate yourself', 'wp-members' ) ) );
150
-
151
- } elseif ( 'activate-single' == $action && 1 != get_user_meta( $users, 'active', true ) ) {
152
- wpmem_activate_user( $users );
153
- $user_info = get_userdata( $users );
154
- $msg = urlencode( sprintf( esc_html__( "%s activated", 'wp-members' ), $user_info->user_login ) );
155
-
156
- } elseif ( 'deactivate-single' == $action ) {
157
- wpmem_deactivate_user( $users );
158
- $user_info = get_userdata( $users );
159
- $msg = urlencode( sprintf( esc_html__( "%s deactivated", 'wp-members' ), $user_info->user_login ) );
160
-
161
- } else {
162
- // Set the return message.
163
- $msg = urlencode( __( "That user is already active", 'wp-members' ) );
164
- }
165
- $sendback = add_query_arg( array( 'activated' => $msg ), $sendback );
166
- break;
167
-
168
- case 'show':
169
-
170
- add_action( 'pre_user_query', array( 'WP_Members_Admin_Users', 'pre_user_query' ) );
171
- return;
172
- break;
173
-
174
- case 'export':
175
-
176
- $users = wpmem_get( 'users', array(), 'request' );
177
- wpmem_export_users( array( 'export'=>'selected' ), wpmem_sanitize_array( $users, 'integer' ) );
178
- return;
179
- break;
180
-
181
- default:
182
- return;
183
- break;
184
-
185
- }
186
-
187
- /**
188
- * Doing user action.
189
- *
190
- * @since 3.3.0
191
- */
192
- do_action( 'wpmem_user_action' );
193
-
194
- // If we did not return already, we need to wp_safe_redirect.
195
- wp_safe_redirect( $sendback );
196
- exit();
197
-
198
- }
199
-
200
- /**
201
- * Function to echo admin update message.
202
- *
203
- * @since 2.8.2
204
- */
205
- static function admin_notices() {
206
-
207
- global $pagenow, $user_action_msg;
208
- if( $pagenow == 'users.php' && isset( $_REQUEST['activated'] ) ) {
209
- $message = esc_html( $_REQUEST['activated'] );
210
- echo "<div class=\"updated\"><p>{$message}</p></div>";
211
- }
212
-
213
- if ( $user_action_msg ) {
214
- echo "<div class=\"updated\"><p>{$user_action_msg}</p></div>";
215
- }
216
- }
217
-
218
- /**
219
- * Function to add user views to the top list.
220
- *
221
- * @since 2.8.2
222
- * @since 3.1.2 Added user view counts as transient.
223
- *
224
- * @global object $wpdb
225
- * @global object $wpmem
226
- * @param array $views
227
- * @return array $views
228
- */
229
- static function views( $views ) {
230
-
231
- global $wpmem;
232
-
233
- // Get the cached user counts.
234
- $user_counts = get_transient( 'wpmem_user_counts' );
235
-
236
- // check to see if data was successfully retrieved from the cache
237
- if ( false === $user_counts ) {
238
-
239
- // @todo For now, 30 seconds. We'll see how things go.
240
- $transient_expires = 30; // Value in seconds, 1 day: ( 60 * 60 * 24 );
241
-
242
- global $wpdb;
243
-
244
- // We need a count of total users.
245
- // @todo - need a more elegant way of this entire process.
246
- $sql = "SELECT COUNT(*) FROM " . $wpdb->users;
247
- $users = $wpdb->get_var( $sql );
248
-
249
- // What needs to be counted?
250
- $count_metas = array(
251
- 'pending' => 'pending', // Used for PayPal Extension
252
- 'trial' => 'trial', // Used for PayPal Extension
253
- 'subscription' => 'subscription', // Used for PayPal Extension
254
- 'expired' => 'expired', // Used for PayPal Extension
255
- 'active' => 'active',
256
- 'notactive' => 'active',
257
- 'deactivated' => 'deactivated',
258
- 'notexported' => 'exported',
259
- );
260
-
261
- // Handle various counts.
262
- $user_counts = array();
263
- foreach ( $count_metas as $key => $meta_key ) {
264
- if ( 'active' == $key ) {
265
- $count = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM " . $wpdb->usermeta . " WHERE meta_key=%s AND meta_value=1", $meta_key ) );
266
- }
267
- if ( 'notactive' == $key || 'notexported' == $key ) {
268
- $users_with_meta = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM " . $wpdb->usermeta . " WHERE meta_key=%s AND meta_value=1", $meta_key ) );
269
- $count = $users - $users_with_meta;
270
- }
271
- if ( 'deactivated' == $key ) {
272
- $count = $wpdb->get_var( "SELECT COUNT(*) FROM " . $wpdb->usermeta . " WHERE meta_key = 'active' AND meta_value = 0" );
273
- }
274
- if ( 'trial' == $key || 'subscription' == $key || 'pending' == $key ) {
275
- $count = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM " . $wpdb->usermeta . " WHERE meta_key = 'exp_type' AND meta_value = \"%s\"", $key ) );
276
- }
277
- if ( 'expired' == $key ) {
278
- $count = $wpdb->get_var( "SELECT COUNT(*) FROM " . $wpdb->usermeta . " WHERE meta_key = 'expires' AND STR_TO_DATE( meta_value, '%m/%d/%Y' ) < CURDATE() AND meta_value != '01/01/1970'" );
279
- }
280
- $user_counts[ $key ] = $count;
281
- }
282
- set_transient( 'wpmem_user_counts', $user_counts, $transient_expires );
283
- }
284
-
285
- if ( defined( 'WPMEM_EXP_MODULE' ) && 1 == $wpmem->use_exp ) {
286
- $views['pending'] = __( 'Pending', 'wp-members' );
287
- $views['trial'] = __( 'Trial', 'wp-members' );
288
- $views['subscription'] = __( 'Subscription', 'wp-members' );
289
- $views['expired'] = __( 'Expired', 'wp-members' );
290
- }
291
- if ( 1 == $wpmem->mod_reg ) {
292
- $views['active'] = __( 'Activated', 'wp-members' );
293
- $views['notactive'] = __( 'Pending Activation', 'wp-members' );
294
- $views['deactivated'] = __( 'Deactivated', 'wp-members' );
295
- }
296
- $views['notexported'] = __( 'Not Exported', 'wp-members' );
297
- $show = sanitize_text_field( wpmem_get( 'show', false, 'get' ) );
298
-
299
- foreach ( $views as $key => $view ) {
300
- if ( isset( $user_counts[ $key ] ) ) {
301
- $link = "users.php?action=show&amp;show=" . $key;
302
- $current = ( $show == $key ) ? ' class="current"' : '';
303
- $views[ $key ] = sprintf(
304
- '<a href="%s" %s>%s <span class="count">(%d)</span></a>',
305
- esc_url( $link ),
306
- $current,
307
- $view,
308
- isset( $user_counts[ $key ] ) ? $user_counts[ $key ] : ''
309
- );
310
- }
311
- }
312
-
313
- /**
314
- * Filters all views before returning to the WP 'views_users' filter.
315
- *
316
- * @since 3.3.0
317
- *
318
- * @param array $views {
319
- *
320
- * @type string The HTML for the view.
321
- * }
322
- */
323
- $views = apply_filters( 'wpmem_views_users', $views, $show );
324
-
325
- return $views;
326
- }
327
-
328
- /**
329
- * Function to add custom user columns to the user table.
330
- *
331
- * @since 2.8.2
332
- *
333
- * @param array $columns
334
- * @return array $columns
335
- */
336
- static function add_user_column( $columns ) {
337
-
338
- global $wpmem_user_columns, $wpmem;
339
-
340
- // Get any columns to be added to the Users > All Users screen.
341
- $wpmem_user_columns = get_option( 'wpmembers_utfields' );
342
-
343
- if ( $wpmem_user_columns ) {
344
- if ( $wpmem->mod_reg != 1 ) {
345
- unset( $wpmem_user_columns['active'] );
346
- }
347
-
348
- $columns = array_merge( $columns, $wpmem_user_columns );
349
- }
350
-
351
- // Makes WP-Members columns sortable.
352
- // @todo - finish debugging class or add sortable functions to users.php.
353
- // require_once( $wpmem->path . 'admin/includes/class-wp-members-sortable-user-columns.php' );
354
- // new WP_Members_Sortable_User_Columns( $wpmem_user_columns );
355
-
356
- return $columns;
357
- }
358
-
359
- /**
360
- * Function to add the user content to the custom column.
361
- *
362
- * @since 2.8.2
363
- *
364
- * @param $value
365
- * @param $column_name
366
- * @param $user_id
367
- * @return The user value for the custom column.
368
- */
369
- static function add_user_column_content( $value, $column_name, $user_id ) {
370
-
371
- // Is the column a WP-Members column?
372
- global $wpmem_user_columns, $wpmem;
373
- $is_wpmem = ( is_array( $wpmem_user_columns ) && array_key_exists( $column_name, $wpmem_user_columns ) ) ? true : false;
374
-
375
- if ( $is_wpmem ) {
376
-
377
- switch ( $column_name ) {
378
-
379
- case 'active':
380
- if ( $wpmem->mod_reg == 1 ) {
381
- /*
382
- * If the column is "active", then return the value or empty.
383
- * Returning in here keeps us from displaying another value.
384
- */
385
- return ( get_user_meta( $user_id , 'active', 'true' ) != 1 ) ? __( 'No', 'wp-members' ) : '';
386
- } else {
387
- return;
388
- }
389
- break;
390
-
391
- case 'user_url':
392
- case 'user_registered':
393
- // Unlike other fields, website/url is not a meta field.
394
- $user_info = get_userdata( $user_id );
395
- return $user_info->$column_name;
396
- break;
397
-
398
- case 'user_id':
399
- return $user_id;
400
-
401
- default:
402
- return get_user_meta( $user_id, $column_name, true );
403
- break;
404
- }
405
-
406
- }
407
-
408
- return $value;
409
- }
410
-
411
- /**
412
- * Adjusts user query based on custom views.
413
- *
414
- * @since 2.8.3
415
- *
416
- * @todo Currently, not activated query returns users who are deactivated. This
417
- * may be confusing for admins, so work on a query that displays only
418
- * users who have never been activated.
419
- *
420
- * @param $user_search
421
- */
422
- static function pre_user_query( $user_search ) {
423
-
424
- global $wpdb;
425
- $show = sanitize_text_field( wpmem_get( 'show', '', 'get' ) );
426
- switch ( $show ) {
427
-
428
- case 'trial':
429
- case 'subscription':
430
- case 'pending':
431
- $replace_query = "WHERE 1=1 AND {$wpdb->users}.ID IN (
432
- SELECT {$wpdb->usermeta}.user_id FROM $wpdb->usermeta
433
- WHERE {$wpdb->usermeta}.meta_key = 'exp_type'
434
- AND {$wpdb->usermeta}.meta_value = \"" . esc_sql( $show ) . "\" )";
435
- break;
436
-
437
- case 'expired':
438
- $replace_query = "WHERE 1=1 AND {$wpdb->users}.ID IN (
439
- SELECT {$wpdb->usermeta}.user_id FROM $wpdb->usermeta
440
- WHERE {$wpdb->usermeta}.meta_key = 'expires'
441
- AND STR_TO_DATE( {$wpdb->usermeta}.meta_value, '%m/%d/%Y' ) < CURDATE()
442
- AND {$wpdb->usermeta}.meta_value != '01/01/1970' )";
443
- break;
444
-
445
- case 'active':
446
- case 'notactive':
447
- case 'notexported':
448
- case 'deactivated':
449
- default:
450
- $key = ( 'notactive' == $show || 'deactivated' == $show ) ? 'active' : 'exported';
451
- $in = ( 'deactivated' == $show ) ? 'IN' : 'NOT IN';
452
- $val = ( 'deactivated' == $show ) ? '0' : '1';
453
- if ( 'active' == $show ) {
454
- $key = 'active'; $in = 'IN';
455
- }
456
- $replace_query = "WHERE 1=1 AND {$wpdb->users}.ID " . esc_sql( $in ) . " (
457
- SELECT {$wpdb->usermeta}.user_id FROM $wpdb->usermeta
458
- WHERE {$wpdb->usermeta}.meta_key = \"" . esc_sql( $key ) . "\"
459
- AND {$wpdb->usermeta}.meta_value = \"" . esc_sql( $val ) . "\" )";
460
- break;
461
- }
462
-
463
- $query_where = str_replace( 'WHERE 1=1', $replace_query, $user_search->query_where );
464
-
465
- /**
466
- * Filters the pre_user_query being applied.
467
- *
468
- * @since 3.3.0
469
- *
470
- * @param string $query_where
471
- */
472
- $query_where = apply_filters( 'wpmem_query_where', $query_where, $show );
473
-
474
- $user_search->query_where = $query_where;
475
- }
476
-
477
- /**
478
- * Use wpmem_post_register_data to set the user_status field to 2 using wp_update_user.
479
- * http://codex.wordpress.org/Function_Reference/wp_update_user
480
- *
481
- * @deprecated 3.3.6 No longer used.
482
- *
483
- * @uses wpmem_set_user_status
484
- * @param $fields
485
- */
486
- static function set_new_user_non_active( $fields ) {
487
- wpmem_set_user_status( $fields['ID'], 2 );
488
- return;
489
- }
490
-
491
- /**
492
- * Use wpmem_user_activated to set the user_status field to 0 using wp_update_user.
493
- *
494
- * @uses wpmem_set_user_status
495
- * @param $user_id
496
- */
497
- static function set_activated_user( $user_id ) {
498
- wpmem_set_user_status( $user_id, 0 );
499
- return;
500
- }
501
-
502
- /**
503
- * Use wpmem_user_deactivated to set the user_status field to 2 using wp_update_user.
504
- *
505
- * @uses wpmem_set_user_status
506
- * @param $user_id
507
- */
508
- static function set_deactivated_user( $user_id ) {
509
- wpmem_set_user_status( $user_id, 2 );
510
- return;
511
- }
512
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
513
  }
1
+ <?php
2
+ /**
3
+ * The WP_Members Admin Users Class.
4
+ *
5
+ * @package WP-Members
6
+ * @subpackage WP_Members Admin Users Object Class
7
+ * @since 3.3.0
8
+ */
9
+
10
+ // Exit if accessed directly.
11
+ if ( ! defined( 'ABSPATH' ) ) {
12
+ exit();
13
+ }
14
+
15
+ class WP_Members_Admin_Users {
16
+
17
+ /**
18
+ * Function to add activate/export to the bulk dropdown list.
19
+ *
20
+ * @since 2.8.2
21
+ */
22
+ static function bulk_user_action() {
23
+ global $wpmem; ?>
24
+ <script type="text/javascript">
25
+ var $j = jQuery.noConflict();
26
+ $j(document).ready(function() {
27
+ <?php if( $wpmem->mod_reg == 1 ) { ?>
28
+ $j('<option>').val('activate').text('<?php _e( 'Activate', 'wp-members' )?>').appendTo("select[name='action']");
29
+ $j('<option>').val('deactivate').text('<?php _e( 'Deactivate', 'wp-members' )?>').appendTo("select[name='action']");
30
+ <?php } ?>
31
+ $j('<option>').val('export').text('<?php _e( 'Export', 'wp-members' )?>').appendTo("select[name='action']");
32
+ $j('<input id="export_all" name="export_all" class="button action" type="submit" value="<?php _e( 'Export All Users', 'wp-members' ); ?>" />').appendTo(".top .bulkactions");
33
+ <?php if( $wpmem->mod_reg == 1 ) { ?>
34
+ $j('<option>').val('activate').text('<?php _e( 'Activate', 'wp-members' )?>').appendTo("select[name='action2']");
35
+ $j('<option>').val('deactivate').text('<?php _e( 'Deactivate', 'wp-members' )?>').appendTo("select[name='action2']");
36
+ <?php } ?>
37
+ $j('<option>').val('export').text('<?php _e( 'Export', 'wp-members' )?>').appendTo("select[name='action2']");
38
+ $j('<input id="export_all" name="export_all" class="button action" type="submit" value="<?php _e( 'Export All Users', 'wp-members' ); ?>" />').appendTo(".bottom .bulkactions");
39
+ });
40
+ </script><?php
41
+ }
42
+
43
+ /**
44
+ * Function to add activate link to the user row action.
45
+ *
46
+ * @since 2.8.2
47
+ * @since 3.3.5 Updated to use wpmem_is_user_activated().
48
+ * @since 3.3.8 Added confirmation link, changed from insert_activate_link().
49
+ *
50
+ * @param array $actions
51
+ * @param $user_object
52
+ * @return array $actions
53
+ */
54
+ static function insert_hover_links( $actions, $user_object ) {
55
+ global $wpmem;
56
+ if ( $user_object->ID != get_current_user_id() ) {
57
+
58
+ if ( 1 == $wpmem->act_link ) {
59
+ $is_user_confirmed = wpmem_is_user_confirmed( $user_object->ID );
60
+ if ( false === $is_user_confirmed ) {
61
+ $action = 'confirm';
62
+ $term = __( 'Confirm', 'wp-members' );
63
+ } else {
64
+ $action = 'unconfirm';
65
+ $term = __( 'Unconfirm', 'wp-members' );
66
+ }
67
+ $url = add_query_arg( array( 'action' => $action . '-single', 'user' => $user_object->ID ), "users.php" );
68
+ $url = wp_nonce_url( $url, 'activate-user' );
69
+ $actions[ $action ] = '<a href="' . $url . '">' . $term . '</a>';
70
+ }
71
+
72
+ if ( 1 == $wpmem->mod_reg ) {
73
+ $is_active = wpmem_is_user_activated( $user_object->ID );
74
+
75
+ if ( false === $is_active ) {
76
+ $action = 'activate';
77
+ $term = __( 'Activate', 'wp-members' );
78
+ } else {
79
+ $action = 'deactivate';
80
+ $term = __( 'Deactivate', 'wp-members' );
81
+ }
82
+ $url = add_query_arg( array( 'action' => $action . '-single', 'user' => $user_object->ID ), "users.php" );
83
+ $url = wp_nonce_url( $url, 'activate-user' );
84
+ $actions[ $action ] = '<a href="' . $url . '">' . $term . '</a>';
85
+ }
86
+ }
87
+ return $actions;
88
+ }
89
+
90
+ /**
91
+ * Function to handle bulk actions at page load.
92
+ *
93
+ * @since 2.8.2
94
+ *
95
+ * @uses WP_Users_List_Table
96
+ *
97
+ * @global object $wpmem
98
+ */
99
+ static function page_load() {
100
+
101
+ global $wpmem;
102
+ if ( current_user_can( 'list_users' ) ) {
103
+ $wpmem->admin->user_search = new WP_Members_Admin_User_Search();
104
+ }
105
+
106
+ // If exporting all users, do it, then exit.
107
+ if ( wpmem_get( 'export_all', false, 'request' ) ) {
108
+ $today = date( "Y-m-d" );
109
+ wpmem_export_users( array( 'export'=>'all', 'filename'=>'user-export-' . $today . '.csv' ) );
110
+ exit();
111
+ }
112
+
113
+ $wp_list_table = _get_list_table( 'WP_Users_List_Table' );
114
+ $action = $wp_list_table->current_action();
115
+ $sendback = '';
116
+
117
+ switch ( $action ) {
118
+
119
+ case 'activate':
120
+ case 'deactivate':
121
+
122
+ // Validate nonce.
123
+ check_admin_referer( 'bulk-users' );
124
+
125
+ // Get the users.
126
+ if ( isset( $_REQUEST['users'] ) ) {
127
+
128
+ $users = $_REQUEST['users'];
129
+
130
+ // Update the users.
131
+ $x = 0;
132
+ foreach ( $users as $user ) {
133
+ $user = filter_var( $user, FILTER_VALIDATE_INT );
134
+ // Current user cannot activate or deactivate themselves.
135
+ if ( $user != get_current_user_id() ) {
136
+ // Check to see if the user is already activated, if not, activate.
137
+ if ( 'activate' == $action && 1 != get_user_meta( $user, 'active', true ) ) {
138
+ wpmem_activate_user( $user );
139
+ } elseif( 'deactivate' == $action ) {
140
+ wpmem_deactivate_user( $user );
141
+ }
142
+ $x++;
143
+ }
144
+ }
145
+ $msg = ( 'activate' == $action ) ? urlencode( sprintf( __( '%s users activated', 'wp-members' ), $x ) ) : urlencode( sprintf( __( '%s users deactivated', 'wp-members' ), $x ) );
146
+
147
+ } else {
148
+ $msg = urlencode( __( 'No users selected', 'wp-members' ) );
149
+ }
150
+
151
+ // Set the return message.
152
+ $sendback = add_query_arg( array( 'activated' => $msg ), $sendback );
153
+ break;
154
+
155
+ case 'activate-single':
156
+ case 'deactivate-single':
157
+
158
+ // Validate nonce.
159
+ check_admin_referer( 'activate-user' );
160
+
161
+ // Get the users.
162
+ $user_id = filter_var( $_REQUEST['user'], FILTER_VALIDATE_INT );
163
+
164
+ // Check to see if the user is already activated, if not, activate.
165
+ if ( $user_id == get_current_user_id() ) {
166
+ $msg = urlencode( sprintf( esc_html__( 'You cannot activate or deactivate yourself', 'wp-members' ) ) );
167
+
168
+ } elseif ( 'activate-single' == $action && false === wpmem_is_user_activated( $user_id ) ) {
169
+ wpmem_activate_user( $user_id );
170
+ $user_info = get_userdata( $user_id );
171
+ $msg = urlencode( sprintf( esc_html__( "%s activated", 'wp-members' ), $user_info->user_login ) );
172
+
173
+ } elseif ( 'deactivate-single' == $action ) {
174
+ wpmem_deactivate_user( $user_id );
175
+ $user_info = get_userdata( $user_id );
176
+ $msg = urlencode( sprintf( esc_html__( "%s deactivated", 'wp-members' ), $user_info->user_login ) );
177
+
178
+ } else {
179
+ // Set the return message.
180
+ $msg = urlencode( __( "That user is already active", 'wp-members' ) );
181
+ }
182
+ $sendback = add_query_arg( array( 'activated' => $msg ), $sendback );
183
+ break;
184
+
185
+ case 'confirm-single':
186
+ case 'unconfirm-single':
187
+
188
+ // Validate nonce.
189
+ check_admin_referer( 'activate-user' );
190
+
191
+ // Get the users.
192
+ $user_id = filter_var( $_REQUEST['user'], FILTER_VALIDATE_INT );
193
+
194
+ // Check to see if the user is already activated, if not, activate.
195
+ if ( $users == get_current_user_id() ) {
196
+ $msg = urlencode( sprintf( esc_html__( 'You cannot confirm or unconfirm yourself', 'wp-members' ) ) );
197
+
198
+ } elseif ( 'confirm-single' == $action && false === wpmem_is_user_confirmed( $user_id ) ) {
199
+ wpmem_set_user_as_confirmed( $user_id );
200
+ $user_info = get_userdata( $user_id );
201
+ $msg = urlencode( sprintf( esc_html__( "%s confirmed", 'wp-members' ), $user_info->user_login ) );
202
+
203
+ } elseif ( 'unconfirm-single' == $action ) {
204
+ wpmem_set_user_as_unconfirmed( $user_id );
205
+ $user_info = get_userdata( $user_id );
206
+ $msg = urlencode( sprintf( esc_html__( "%s unconfirmed", 'wp-members' ), $user_info->user_login ) );
207
+
208
+ } else {
209
+ // Set the return message.
210
+ $msg = urlencode( __( "That user is already confirmed", 'wp-members' ) );
211
+ }
212
+ $sendback = add_query_arg( array( 'activated' => $msg ), $sendback );
213
+ break;
214
+
215
+ case 'show':
216
+
217
+ add_action( 'pre_user_query', array( 'WP_Members_Admin_Users', 'pre_user_query' ) );
218
+ return;
219
+ break;
220
+
221
+ case 'export':
222
+
223
+ $users = wpmem_get( 'users', array(), 'request' );
224
+ wpmem_export_users( array( 'export'=>'selected' ), wpmem_sanitize_array( $users, 'integer' ) );
225
+ return;
226
+ break;
227
+
228
+ default:
229
+ return;
230
+ break;
231
+
232
+ }
233
+
234
+ /**
235
+ * Doing user action.
236
+ *
237
+ * @since 3.3.0
238
+ */
239
+ do_action( 'wpmem_user_action' );
240
+
241
+ // If we did not return already, we need to wp_safe_redirect.
242
+ wp_safe_redirect( $sendback );
243
+ exit();
244
+
245
+ }
246
+
247
+ /**
248
+ * Function to echo admin update message.
249
+ *
250
+ * @since 2.8.2
251
+ */
252
+ static function admin_notices() {
253
+
254
+ global $pagenow, $user_action_msg;
255
+ if( $pagenow == 'users.php' && isset( $_REQUEST['activated'] ) ) {
256
+ $message = esc_html( $_REQUEST['activated'] );
257
+ echo "<div class=\"updated\"><p>{$message}</p></div>";
258
+ }
259
+
260
+ if ( $user_action_msg ) {
261
+ echo "<div class=\"updated\"><p>{$user_action_msg}</p></div>";
262
+ }
263
+ }
264
+
265
+ /**
266
+ * Function to add user views to the top list.
267
+ *
268
+ * @since 2.8.2
269
+ * @since 3.1.2 Added user view counts as transient.
270
+ *
271
+ * @global object $wpdb
272
+ * @global object $wpmem
273
+ * @param array $views
274
+ * @return array $views
275
+ */
276
+ static function views( $views ) {
277
+
278
+ global $wpmem;
279
+
280
+ // Get the cached user counts.
281
+ $user_counts = get_transient( 'wpmem_user_counts' );
282
+
283
+ // check to see if data was successfully retrieved from the cache
284
+ if ( false === $user_counts ) {
285
+
286
+ // @todo For now, 30 seconds. We'll see how things go.
287
+ $transient_expires = 30; // Value in seconds, 1 day: ( 60 * 60 * 24 );
288
+
289
+ global $wpdb;
290
+
291
+ // We need a count of total users.
292
+ // @todo - need a more elegant way of this entire process.
293
+ $sql = "SELECT COUNT(*) FROM " . $wpdb->users;
294
+ $users = $wpdb->get_var( $sql );
295
+
296
+ // What needs to be counted?
297
+ $count_metas = array(
298
+ 'pending' => 'pending', // Used for PayPal Extension
299
+ 'trial' => 'trial', // Used for PayPal Extension
300
+ 'subscription' => 'subscription', // Used for PayPal Extension
301
+ 'expired' => 'expired', // Used for PayPal Extension
302
+ 'active' => 'active',
303
+ 'notactive' => 'active',
304
+ 'deactivated' => 'deactivated',
305
+ 'notexported' => 'exported',
306
+ );
307
+
308
+ // Handle various counts.
309
+ $user_counts = array();
310
+ foreach ( $count_metas as $key => $meta_key ) {
311
+ if ( 'active' == $key ) {
312
+ $count = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM " . $wpdb->usermeta . " WHERE meta_key=%s AND meta_value=1", $meta_key ) );
313
+ }
314
+ if ( 'notactive' == $key || 'notexported' == $key ) {
315
+ $users_with_meta = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM " . $wpdb->usermeta . " WHERE meta_key=%s AND meta_value=1", $meta_key ) );
316
+ $count = $users - $users_with_meta;
317
+ }
318
+ if ( 'deactivated' == $key ) {
319
+ $count = $wpdb->get_var( "SELECT COUNT(*) FROM " . $wpdb->usermeta . " WHERE meta_key = 'active' AND meta_value = 0" );
320
+ }
321
+ if ( 'trial' == $key || 'subscription' == $key || 'pending' == $key ) {
322
+ $count = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM " . $wpdb->usermeta . " WHERE meta_key = 'exp_type' AND meta_value = \"%s\"", $key ) );
323
+ }
324
+ if ( 'expired' == $key ) {
325
+ $count = $wpdb->get_var( "SELECT COUNT(*) FROM " . $wpdb->usermeta . " WHERE meta_key = 'expires' AND STR_TO_DATE( meta_value, '%m/%d/%Y' ) < CURDATE() AND meta_value != '01/01/1970'" );
326
+ }
327
+ $user_counts[ $key ] = $count;
328
+ }
329
+ set_transient( 'wpmem_user_counts', $user_counts, $transient_expires );
330
+ }
331
+
332
+ if ( defined( 'WPMEM_EXP_MODULE' ) && 1 == $wpmem->use_exp ) {
333
+ $views['pending'] = __( 'Pending', 'wp-members' );
334
+ $views['trial'] = __( 'Trial', 'wp-members' );
335
+ $views['subscription'] = __( 'Subscription', 'wp-members' );
336
+ $views['expired'] = __( 'Expired', 'wp-members' );
337
+ }
338
+ if ( 1 == $wpmem->mod_reg ) {
339
+ $views['active'] = __( 'Activated', 'wp-members' );
340
+ $views['notactive'] = __( 'Pending Activation', 'wp-members' );
341
+ $views['deactivated'] = __( 'Deactivated', 'wp-members' );
342
+ }
343
+ $views['notexported'] = __( 'Not Exported', 'wp-members' );
344
+ $show = sanitize_text_field( wpmem_get( 'show', false, 'get' ) );
345
+
346
+ foreach ( $views as $key => $view ) {
347
+ if ( isset( $user_counts[ $key ] ) ) {
348
+ $link = "users.php?action=show&amp;show=" . $key;
349
+ $current = ( $show == $key ) ? ' class="current"' : '';
350
+ $views[ $key ] = sprintf(
351
+ '<a href="%s" %s>%s <span class="count">(%d)</span></a>',
352
+ esc_url( $link ),
353
+ $current,
354
+ $view,
355
+ isset( $user_counts[ $key ] ) ? $user_counts[ $key ] : ''
356
+ );
357
+ }
358
+ }
359
+
360
+ /**
361
+ * Filters all views before returning to the WP 'views_users' filter.
362
+ *
363
+ * @since 3.3.0
364
+ *
365
+ * @param array $views {
366
+ *
367
+ * @type string The HTML for the view.
368
+ * }
369
+ */
370
+ $views = apply_filters( 'wpmem_views_users', $views, $show );
371
+
372
+ return $views;
373
+ }
374
+
375
+ /**
376
+ * Function to add custom user columns to the user table.
377
+ *
378
+ * @since 2.8.2
379
+ *
380
+ * @param array $columns
381
+ * @return array $columns
382
+ */
383
+ static function add_user_column( $columns ) {
384
+
385
+ global $wpmem_user_columns, $wpmem;
386
+
387
+ // Get any columns to be added to the Users > All Users screen.
388
+ $wpmem_user_columns = get_option( 'wpmembers_utfields' );
389
+
390
+ if ( $wpmem_user_columns ) {
391
+ $column_labels = array();
392
+ if ( 1 != $wpmem->mod_reg ) {
393
+ unset( $wpmem_user_columns['active'] );
394
+ }
395
+
396
+ // @todo This is a workaround so that wpmembers_utfields doesn't have to be updated.
397
+ if ( isset( $wpmem_user_columns['active'] ) ) {
398
+ $wpmem_user_columns['active'] = __( 'Activated', 'wp-members' );
399
+ }
400
+
401
+ if ( 1 != $wpmem->act_link ) {
402
+ unset( $wpmem_user_columns['_wpmem_user_confirmed'] );
403
+ }
404
+
405
+ // @todo Need to eventually change the wpmembers_utfields setting so we don't have to do it this way.
406
+ $fields = wpmem_fields();
407
+ foreach ( $wpmem_user_columns as $key => $value ) {
408
+ $column_labels[ $key ] = ( isset( $fields[ $key ] ) ) ? $fields[ $key ]['label'] : $value;
409
+ }
410
+
411
+ /**
412
+ * Filter the User > All Users custom columns before they are merged.
413
+ *
414
+ * @since 3.3.8
415
+ *
416
+ * @param array
417
+ */
418
+ $column_labels = apply_filters( 'wpmem_user_columns', $column_labels );
419
+
420
+ $columns = array_merge( $columns, $column_labels );
421
+ }
422
+
423
+ // Makes WP-Members columns sortable.
424
+ // @todo - finish debugging class or add sortable functions to users.php.
425
+ // require_once( $wpmem->path . 'admin/includes/class-wp-members-sortable-user-columns.php' );
426
+ // new WP_Members_Sortable_User_Columns( $wpmem_user_columns );
427
+
428
+ return $columns;
429
+ }
430
+
431
+ /**
432
+ * Function to add the user content to the custom column.
433
+ *
434
+ * @since 2.8.2
435
+ *
436
+ * @param $value
437
+ * @param $column_name
438
+ * @param $user_id
439
+ * @return The user value for the custom column.
440
+ */
441
+ static function add_user_column_content( $value, $column_name, $user_id ) {
442
+
443
+ // Is the column a WP-Members column?
444
+ global $wpmem_user_columns, $wpmem;
445
+ $is_wpmem = ( is_array( $wpmem_user_columns ) && array_key_exists( $column_name, $wpmem_user_columns ) ) ? true : false;
446
+
447
+ if ( $is_wpmem ) {
448
+
449
+ switch ( $column_name ) {
450
+
451
+ case 'active':
452
+ if ( 1 == $wpmem->mod_reg ) {
453
+ // If the column is "active", then return the value or empty. Returning in here keeps us from displaying another value.
454
+ return ( get_user_meta( $user_id , 'active', 'true' ) != 1 ) ? '<span class="dashicons dashicons-dismiss" style="color:red;"></span>' : '<span class="dashicons dashicons-yes-alt" style="color:green;"></span>';
455
+ } else {
456
+ return;
457
+ }
458
+ break;
459
+
460
+ case '_wpmem_user_confirmed':
461
+ if ( 1 == $wpmem->act_link ) {
462
+ $user_confirmed = get_user_meta( $user_id , '_wpmem_user_confirmed', 'true' );
463
+ return ( $user_confirmed ) ? date_i18n( get_option( 'date_format' ), $user_confirmed ) : __( 'Not confirmed', 'wp-members' );
464
+ } else {
465
+ return;
466
+ }
467
+ break;
468
+
469
+ case 'user_url':
470
+ case 'user_registered':
471
+ // Unlike other fields, website/url is not a meta field.
472
+ $user_info = get_userdata( $user_id );
473
+ return $user_info->$column_name;
474
+ break;
475
+
476
+ case 'user_id':
477
+ return $user_id;
478
+
479
+ default:
480
+ return get_user_meta( $user_id, $column_name, true );
481
+ break;
482
+ }
483
+
484
+ }
485
+
486
+ /**
487
+ * Filter user column content.
488
+ *
489
+ * @since 3.3.8
490
+ *
491
+ * @param string $value
492
+ * @param string $column_name
493
+ * @param int $user_id
494
+ */
495
+ $value = apply_filters( 'wpmem_user_column_content', $value, $column_name, $user_id );
496
+ return $value;
497
+ }
498
+
499
+ /**
500
+ * Adjusts user query based on custom views.
501
+ *
502
+ * @since 2.8.3
503
+ *
504
+ * @todo Currently, not activated query returns users who are deactivated. This
505
+ * may be confusing for admins, so work on a query that displays only
506
+ * users who have never been activated.
507
+ *
508
+ * @param $user_search
509
+ */
510
+ static function pre_user_query( $user_search ) {
511
+
512
+ global $wpdb;
513
+ $show = sanitize_text_field( wpmem_get( 'show', '', 'get' ) );
514
+ switch ( $show ) {
515
+
516
+ case 'trial':
517
+ case 'subscription':
518
+ case 'pending':
519
+ $replace_query = "WHERE 1=1 AND {$wpdb->users}.ID IN (
520
+ SELECT {$wpdb->usermeta}.user_id FROM $wpdb->usermeta
521
+ WHERE {$wpdb->usermeta}.meta_key = 'exp_type'
522
+ AND {$wpdb->usermeta}.meta_value = \"" . esc_sql( $show ) . "\" )";
523
+ break;
524
+
525
+ case 'expired':
526
+ $replace_query = "WHERE 1=1 AND {$wpdb->users}.ID IN (
527
+ SELECT {$wpdb->usermeta}.user_id FROM $wpdb->usermeta
528
+ WHERE {$wpdb->usermeta}.meta_key = 'expires'
529
+ AND STR_TO_DATE( {$wpdb->usermeta}.meta_value, '%m/%d/%Y' ) < CURDATE()
530
+ AND {$wpdb->usermeta}.meta_value != '01/01/1970' )";
531
+ break;
532
+
533
+ case 'active':
534
+ case 'notactive':
535
+ case 'notexported':
536
+ case 'deactivated':
537
+ default:
538
+ $key = ( 'notactive' == $show || 'deactivated' == $show ) ? 'active' : 'exported';
539
+ $in = ( 'deactivated' == $show ) ? 'IN' : 'NOT IN';
540
+ $val = ( 'deactivated' == $show ) ? '0' : '1';
541
+ if ( 'active' == $show ) {
542
+ $key = 'active'; $in = 'IN';
543
+ }
544
+ $replace_query = "WHERE 1=1 AND {$wpdb->users}.ID " . esc_sql( $in ) . " (
545
+ SELECT {$wpdb->usermeta}.user_id FROM $wpdb->usermeta
546
+ WHERE {$wpdb->usermeta}.meta_key = \"" . esc_sql( $key ) . "\"
547
+ AND {$wpdb->usermeta}.meta_value = \"" . esc_sql( $val ) . "\" )";
548
+ break;
549
+ }
550
+
551
+ $query_where = str_replace( 'WHERE 1=1', $replace_query, $user_search->query_where );
552
+
553
+ /**
554
+ * Filters the pre_user_query being applied.
555
+ *
556
+ * @since 3.3.0
557
+ *
558
+ * @param string $query_where
559
+ */
560
+ $query_where = apply_filters( 'wpmem_query_where', $query_where, $show );
561
+
562
+ $user_search->query_where = $query_where;
563
+ }
564
+
565
+ /**
566
+ * Use wpmem_post_register_data to set the user_status field to 2 using wp_update_user.
567
+ * http://codex.wordpress.org/Function_Reference/wp_update_user
568
+ *
569
+ * @deprecated 3.3.6 No longer used.
570
+ *
571
+ * @uses wpmem_set_user_status
572
+ * @param $fields
573
+ */
574
+ static function set_new_user_non_active( $fields ) {
575
+ wpmem_set_user_status( $fields['ID'], 2 );
576
+ return;
577
+ }
578
+
579
+ /**
580
+ * Use wpmem_user_activated to set the user_status field to 0 using wp_update_user.
581
+ *
582
+ * @uses wpmem_set_user_status
583
+ * @param $user_id
584
+ */
585
+ static function set_activated_user( $user_id ) {
586
+ wpmem_set_user_status( $user_id, 0 );
587
+ return;
588
+ }
589
+
590
+ /**
591
+ * Use wpmem_user_deactivated to set the user_status field to 2 using wp_update_user.
592
+ *
593
+ * @uses wpmem_set_user_status
594
+ * @param $user_id
595
+ */
596
+ static function set_deactivated_user( $user_id ) {
597
+ wpmem_set_user_status( $user_id, 2 );
598
+ return;
599
+ }
600
+
601
  }
includes/admin/tabs/class-wp-members-admin-tab-fields.php CHANGED
@@ -443,12 +443,13 @@ Last Row|last_row<?php } } ?></textarea>
443
  }
444
 
445
  $extra_user_screen_items = array(
446
- 'user_registered' => __( 'Registration Date', 'wp-members' ),
447
- 'active' => __( 'Active', 'wp-members' ),
448
- 'wpmem_reg_ip' => __( 'Registration IP', 'wp-members' ),
449
- 'exp_type' => __( 'Subscription Type', 'wp-members' ),
450
- 'expires' => __( 'Expires', 'wp-members' ),
451
- 'user_id' => __( 'User ID', 'wp-members' ),
 
452
  );
453
 
454
  foreach ( $extra_user_screen_items as $key => $item ) {
@@ -456,6 +457,7 @@ Last Row|last_row<?php } } ?></textarea>
456
  if ( 'user_id' == $key
457
  || 'user_registered' == $key
458
  || 'wpmem_reg_ip' == $key
 
459
  || ( 'active' == $key && 1 == $wpmem->mod_reg )
460
  || defined( 'WPMEM_EXP_MODULE' ) && $wpmem->use_exp == 1 && ( 'exp_type' == $key || 'expires' == $key ) ) {
461
  $user_screen_items[ $key ] = array( 'label' => __( $item, 'wp-members' ), 'meta' => $key,
443
  }
444
 
445
  $extra_user_screen_items = array(
446
+ 'user_registered' => __( 'Registration Date', 'wp-members' ),
447
+ '_wpmem_user_confirmed' => __( 'Confirmed', 'wp-members' ),
448
+ 'active' => __( 'Activated', 'wp-members' ),
449
+ 'wpmem_reg_ip' => __( 'Registration IP', 'wp-members' ),
450
+ 'exp_type' => __( 'Subscription Type', 'wp-members' ),
451
+ 'expires' => __( 'Expires', 'wp-members' ),
452
+ 'user_id' => __( 'User ID', 'wp-members' ),
453
  );
454
 
455
  foreach ( $extra_user_screen_items as $key => $item ) {
457
  if ( 'user_id' == $key
458
  || 'user_registered' == $key
459
  || 'wpmem_reg_ip' == $key
460
+ || ( '_wpmem_user_confirmed' == $key && 1 == $wpmem->act_link )
461
  || ( 'active' == $key && 1 == $wpmem->mod_reg )
462
  || defined( 'WPMEM_EXP_MODULE' ) && $wpmem->use_exp == 1 && ( 'exp_type' == $key || 'expires' == $key ) ) {
463
  $user_screen_items[ $key ] = array( 'label' => __( $item, 'wp-members' ), 'meta' => $key,
includes/admin/tabs/class-wp-members-admin-tab-options.php CHANGED
@@ -181,13 +181,15 @@ class WP_Members_Admin_Tab_Options {
181
  array(__('Enable WP Login Error', 'wp-members' ),'wpmem_settings_login_error',__('Use WP login error object instead of WP-Members default login error','wp-members'),'login_error'),
182
  );
183
  if ( wpmem_is_woo_active() ) {
184
- $rows[] = array(__('WooCommerce Registration', 'wp-members', ),'wpmem_settings_wc_reg',__('Add WP-Members fields to WooCommerce registration','wp-members'),'wc_reg');
 
185
  }
186
  ?><ul><?php
187
- foreach ( $rows as $row ) { ?>
188
  <li>
189
  <label><?php echo $row[0]; ?></label>
190
- <?php echo wpmem_create_formfield( $row[1], 'checkbox', '1', $wpmem->{$row[3]} ); ?>&nbsp;&nbsp;
 
191
  <?php if ( $row[2] ) { ?><span class="description"><?php echo $row[2]; ?></span><?php } ?>
192
  </li>
193
  <?php } ?>
@@ -516,6 +518,10 @@ class WP_Members_Admin_Tab_Options {
516
  'register' => ( $regurl ) ? $regurl : '',
517
  'login' => ( $logurl ) ? $logurl : '',
518
  ),
 
 
 
 
519
  'cssurl' => ( $cssurl ) ? $cssurl : '',
520
  'select_style' => $wpmem_settings_style,
521
  'attrib' => filter_var( wpmem_get( 'attribution', 0 ), FILTER_SANITIZE_NUMBER_INT ),
181
  array(__('Enable WP Login Error', 'wp-members' ),'wpmem_settings_login_error',__('Use WP login error object instead of WP-Members default login error','wp-members'),'login_error'),
182
  );
183
  if ( wpmem_is_woo_active() ) {
184
+ $rows[] = array(__('WooCommerce My Account', 'wp-members' ),'wpmem_settings_add_my_account_fields',__('Add WP-Members fields to WooCommerce My Account registration','wp-members'),'add_my_account_fields');
185
+ $rows[] = array(__('WooCommerce Checkout', 'wp-members' ),'wpmem_settings_add_checkout_fields',__('Add WP-Members fields to WooCommerce registration during checkout','wp-members'),'add_checkout_fields');
186
  }
187
  ?><ul><?php
188
+ foreach ( $rows as $key => $row ) { ?>
189
  <li>
190
  <label><?php echo $row[0]; ?></label>
191
+ <?php $checkbox_value = ( 3 == $key || 4 == $key ) ? $wpmem->woo[ $row[3] ] : $wpmem->{$row[3]}; ?>
192
+ <?php echo wpmem_create_formfield( $row[1], 'checkbox', '1', $checkbox_value ); ?>&nbsp;&nbsp;
193
  <?php if ( $row[2] ) { ?><span class="description"><?php echo $row[2]; ?></span><?php } ?>
194
  </li>
195
  <?php } ?>
518
  'register' => ( $regurl ) ? $regurl : '',
519
  'login' => ( $logurl ) ? $logurl : '',
520
  ),
521
+ 'woo' => array(
522
+ 'add_my_account_fields' => filter_var( wpmem_get( 'wpmem_settings_add_my_account_fields', 0 ), FILTER_SANITIZE_NUMBER_INT ),
523
+ 'add_checkout_fields' => filter_var( wpmem_get( 'wpmem_settings_add_checkout_fields', 0 ), FILTER_SANITIZE_NUMBER_INT ),
524
+ ),
525
  'cssurl' => ( $cssurl ) ? $cssurl : '',
526
  'select_style' => $wpmem_settings_style,
527
  'attrib' => filter_var( wpmem_get( 'attribution', 0 ), FILTER_SANITIZE_NUMBER_INT ),
includes/admin/tabs/class-wp-members-fields-table.php CHANGED
@@ -1,168 +1,168 @@
1
- <?php
2
- /**
3
- * WP-Members WP_Members_Fields_Table class
4
- *
5
- * This file is part of the WP-Members plugin by Chad Butler
6
- * You can find out more about this plugin at https://rocketgeek.com
7
- * Copyright (c) 2006-2020 Chad Butler
8
- * WP-Members(tm) is a trademark of butlerblog.com
9
- *
10
- * @package WP-Members
11
- * @author Chad Butler
12
- * @copyright 2006-2020
13
- */
14
-
15
- // Exit if accessed directly.
16
- if ( ! defined( 'ABSPATH' ) ) {
17
- exit();
18
- }
19
-
20
- /**
21
- * Extends the WP_List_Table to create a table of form fields.
22
- *
23
- * @since 3.1.8
24
- */
25
- class WP_Members_Fields_Table extends WP_List_Table {
26
-
27
- private $excludes = array( 'user_registered', 'active', 'wpmem_reg_ip', 'exp_type', 'expires', 'user_id' );
28
-
29
- private $no_delete = array( 'username', 'user_email', 'first_name', 'last_name', 'user_url' );
30
-
31
- /**
32
- * Checkbox at start of row.
33
- *
34
- * @since 3.1.8
35
- *
36
- * @param $item
37
- * @return string The checkbox.
38
- */
39
- function column_cb( $item ) {
40
- if ( in_array( $item['meta'], $this->no_delete ) || in_array( $item['meta'], $this->excludes ) ) {
41
- return;
42
- } else {
43
- return sprintf( '<input type="checkbox" name="delete[]" value="%s" title="%s" />', $item['meta'], __( 'delete', 'wp-members' ) );
44
- }
45
- }
46
-
47
- /**
48
- * Returns table columns.
49
- *
50
- * @since 3.1.8
51
- *
52
- * @return array
53
- */
54
- function get_columns() {
55
- return array(
56
- 'cb' => '<input type="checkbox" />',
57
- 'label' => __( 'Display Label', 'wp-members' ),
58
- 'meta' => __( 'Meta Key', 'wp-members' ),
59
- 'type' => __( 'Field Type', 'wp-members' ),
60
- 'display' => __( 'Display?', 'wp-members' ), // __( 'Registration', 'wp-members' ), @todo Wait until fix
61
- 'req' => __( 'Required', 'wp-members' ),
62
- //'profile' => __( 'Profile', 'wp-members' ), @todo Wait until fix
63
- 'userscrn' => __( 'Users Screen', 'wp-members' ),
64
- 'usearch' => __( 'Users Search', 'wp-members' ),
65
- 'edit' => __( 'Edit', 'wp-members' ),
66
- 'sort' => __( 'Sort', 'wp-members' ),
67
- );
68
- }
69
-
70
- /**
71
- * Set up table columns.
72
- *
73
- * @since 3.1.8
74
- */
75
- function prepare_items() {
76
- $columns = $this->get_columns();
77
- $hidden = array();
78
- $sortable = array();
79
- $this->_column_headers = array( $columns, $hidden, $sortable );
80
- }
81
-
82
- /**
83
- * Iterates through the columns
84
- *
85
- * @since 3.1.8
86
- *
87
- * @param array $item
88
- * @param string $column_name
89
- * @return string $item[ $column_name ]
90
- */
91
- function column_default( $item, $column_name ) {
92
- switch( $column_name ) {
93
- default:
94
- return $item[ $column_name ];
95
- }
96
- }
97
-
98
- /**
99
- * Sets actions in the bulk menu.
100
- *
101
- * @since 3.1.8
102
- *
103
- * @return array $actions
104
- */
105
- function get_bulk_actions() {
106
- $actions = array(
107
- 'delete' => __( 'Delete Selected', 'wp-members' ),
108
- 'save' => __( 'Save Settings', 'wp-members' ),
109
- );
110
- return $actions;
111
- }
112
-
113
- /**
114
- * Handles "delete" column - checkbox
115
- *
116
- * @since 3.1.8
117
- *
118
- * @param array $item
119
- * @return string
120
- */
121
- function column_delete( $item ) {
122
- $can_delete = ( $item['meta_key'] == 'user_nicename' || $item['meta_key'] == 'display_name' || $item['meta_key'] == 'nickname' ) ? true : false;
123
- return ( ( $can_delete ) || ! $item['native'] ) ? sprintf( $item['native'] . '<input type="checkbox" name="field[%s]" value="delete" />', $item['meta'] ) : '';
124
- }
125
-
126
- /**
127
- * Sets rows so that they have field IDs in the id.
128
- *
129
- * @since 3.1.8
130
- *
131
- * @global wpmem
132
- * @param array $columns
133
- */
134
- function single_row( $columns ) {
135
- if ( in_array( $columns['meta'], $this->excludes ) ) {
136
- echo '<tr id="' . esc_attr( $columns['meta'] ) . '" class="nodrag nodrop">';
137
- echo $this->single_row_columns( $columns );
138
- echo "</tr>\n";
139
- } else {
140
- echo '<tr id="list_items_' . esc_attr( $columns['order'] ) . '" class="list_item" list_item="' . esc_attr( $columns['order'] ) . '">';
141
- echo $this->single_row_columns( $columns );
142
- echo "</tr>\n";
143
- }
144
- }
145
-
146
- public function process_bulk_action() {
147
-
148
- //nonce validations,etc
149
-
150
- $action = $this->current_action();
151
-
152
- switch ( $action ) {
153
-
154
- case 'delete':
155
-
156
- // Do whatever you want
157
- wp_safe_redirect( esc_url( add_query_arg() ) );
158
- break;
159
-
160
- default:
161
- // do nothing or something else
162
- return;
163
- break;
164
- }
165
- return;
166
- }
167
-
168
  }
1
+ <?php
2
+ /**
3
+ * WP-Members WP_Members_Fields_Table class
4
+ *
5
+ * This file is part of the WP-Members plugin by Chad Butler
6
+ * You can find out more about this plugin at https://rocketgeek.com
7
+ * Copyright (c) 2006-2020 Chad Butler
8
+ * WP-Members(tm) is a trademark of butlerblog.com
9
+ *
10
+ * @package WP-Members
11
+ * @author Chad Butler
12
+ * @copyright 2006-2020
13
+ */
14
+
15
+ // Exit if accessed directly.
16
+ if ( ! defined( 'ABSPATH' ) ) {
17
+ exit();
18
+ }
19
+
20
+ /**
21
+ * Extends the WP_List_Table to create a table of form fields.
22
+ *
23
+ * @since 3.1.8
24
+ */
25
+ class WP_Members_Fields_Table extends WP_List_Table {
26
+
27
+ private $excludes = array( 'user_registered', '_wpmem_user_confirmed', 'active', 'wpmem_reg_ip', 'exp_type', 'expires', 'user_id' );
28
+
29
+ private $no_delete = array( 'username', 'user_email', 'first_name', 'last_name', 'user_url' );
30
+
31
+ /**
32
+ * Checkbox at start of row.
33
+ *
34
+ * @since 3.1.8
35
+ *
36
+ * @param $item
37
+ * @return string The checkbox.
38
+ */
39
+ function column_cb( $item ) {
40
+ if ( in_array( $item['meta'], $this->no_delete ) || in_array( $item['meta'], $this->excludes ) ) {
41
+ return;
42
+ } else {
43
+ return sprintf( '<input type="checkbox" name="delete[]" value="%s" title="%s" />', $item['meta'], __( 'delete', 'wp-members' ) );
44
+ }
45
+ }
46
+
47
+ /**
48
+ * Returns table columns.
49
+ *
50
+ * @since 3.1.8
51
+ *
52
+ * @return array
53
+ */
54
+ function get_columns() {
55
+ return array(
56
+ 'cb' => '<input type="checkbox" />',
57
+ 'label' => __( 'Display Label', 'wp-members' ),
58
+ 'meta' => __( 'Meta Key', 'wp-members' ),
59
+ 'type' => __( 'Field Type', 'wp-members' ),
60
+ 'display' => __( 'Display?', 'wp-members' ), // __( 'Registration', 'wp-members' ), @todo Wait until fix
61
+ 'req' => __( 'Required', 'wp-members' ),
62
+ //'profile' => __( 'Profile', 'wp-members' ), @todo Wait until fix
63
+ 'userscrn' => __( 'Users Screen', 'wp-members' ),
64
+ 'usearch' => __( 'Users Search', 'wp-members' ),
65
+ 'edit' => __( 'Edit', 'wp-members' ),
66
+ 'sort' => __( 'Sort', 'wp-members' ),
67
+ );
68
+ }
69
+
70
+ /**
71
+ * Set up table columns.
72
+ *
73
+ * @since 3.1.8
74
+ */
75
+ function prepare_items() {
76
+ $columns = $this->get_columns();
77
+ $hidden = array();
78
+ $sortable = array();
79
+ $this->_column_headers = array( $columns, $hidden, $sortable );
80
+ }
81
+
82
+ /**
83
+ * Iterates through the columns
84
+ *
85
+ * @since 3.1.8
86
+ *
87
+ * @param array $item
88
+ * @param string $column_name
89
+ * @return string $item[ $column_name ]
90
+ */
91
+ function column_default( $item, $column_name ) {
92
+ switch( $column_name ) {
93
+ default:
94
+ return $item[ $column_name ];
95
+ }
96
+ }
97
+
98
+ /**
99
+ * Sets actions in the bulk menu.
100
+ *
101
+ * @since 3.1.8
102
+ *
103
+ * @return array $actions
104
+ */
105
+ function get_bulk_actions() {
106
+ $actions = array(
107
+ 'delete' => __( 'Delete Selected', 'wp-members' ),
108
+ 'save' => __( 'Save Settings', 'wp-members' ),
109
+ );
110
+ return $actions;
111
+ }
112
+
113
+ /**
114
+ * Handles "delete" column - checkbox
115
+ *
116
+ * @since 3.1.8
117
+ *
118
+ * @param array $item
119
+ * @return string
120
+ */
121
+ function column_delete( $item ) {
122
+ $can_delete = ( $item['meta_key'] == 'user_nicename' || $item['meta_key'] == 'display_name' || $item['meta_key'] == 'nickname' ) ? true : false;
123
+ return ( ( $can_delete ) || ! $item['native'] ) ? sprintf( $item['native'] . '<input type="checkbox" name="field[%s]" value="delete" />', $item['meta'] ) : '';
124
+ }
125
+
126
+ /**
127
+ * Sets rows so that they have field IDs in the id.
128
+ *
129
+ * @since 3.1.8
130
+ *
131
+ * @global wpmem
132
+ * @param array $columns
133
+ */
134
+ function single_row( $columns ) {
135
+ if ( in_array( $columns['meta'], $this->excludes ) ) {
136
+ echo '<tr id="' . esc_attr( $columns['meta'] ) . '" class="nodrag nodrop">';
137
+ echo $this->single_row_columns( $columns );
138
+ echo "</tr>\n";
139
+ } else {
140
+ echo '<tr id="list_items_' . esc_attr( $columns['order'] ) . '" class="list_item" list_item="' . esc_attr( $columns['order'] ) . '">';
141
+ echo $this->single_row_columns( $columns );
142
+ echo "</tr>\n";
143
+ }
144
+ }
145
+
146
+ public function process_bulk_action() {
147
+
148
+ //nonce validations,etc
149
+
150
+ $action = $this->current_action();
151
+
152
+ switch ( $action ) {
153
+
154
+ case 'delete':
155
+
156
+ // Do whatever you want
157
+ wp_safe_redirect( esc_url( add_query_arg() ) );
158
+ break;
159
+
160
+ default:
161
+ // do nothing or something else
162
+ return;
163
+ break;
164
+ }
165
+ return;
166
+ }
167
+
168
  }
includes/api/api-users.php CHANGED
@@ -597,7 +597,7 @@ function wpmem_user_register( $tag ) {
597
  }
598
 
599
  // Inserts to wp_users table.
600
- wp_insert_user( $new_user_fields );
601
 
602
  /**
603
  * Fires after registration is complete.
@@ -606,10 +606,11 @@ function wpmem_user_register( $tag ) {
606
  * @since 3.1.0 Added $fields
607
  * @since 3.1.7 Changed $fields to $this->post_data
608
  * @since 3.3.0 Moved to registration function.
 
609
  *
610
  * @param array $wpmem->user->post_data The user's submitted registration data.
611
  */
612
- do_action( 'wpmem_register_redirect', $wpmem->user->post_data );
613
 
614
  // successful registration message
615
  return "success";
@@ -911,4 +912,32 @@ function wpmem_set_user_as_confirmed( $user_id ) {
911
  global $wpmem;
912
  $wpmem->act_newreg->set_as_confirmed( $user_id );
913
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
914
  // End of file.
597
  }
598
 
599
  // Inserts to wp_users table.
600
+ $user = wp_insert_user( $new_user_fields );
601
 
602
  /**
603
  * Fires after registration is complete.
606
  * @since 3.1.0 Added $fields
607
  * @since 3.1.7 Changed $fields to $this->post_data
608
  * @since 3.3.0 Moved to registration function.
609
+ * @since 3.3.8 Added $user parameter.
610
  *
611
  * @param array $wpmem->user->post_data The user's submitted registration data.
612
  */
613
+ do_action( 'wpmem_register_redirect', $wpmem->user->post_data, $user );
614
 
615
  // successful registration message
616
  return "success";
912
  global $wpmem;
913
  $wpmem->act_newreg->set_as_confirmed( $user_id );
914
  }
915
+
916
+ /**
917
+ * Sets user as unconfirmed (not validated).
918
+ *
919
+ * @since 3.3.8
920
+ *
921
+ * @param int $user_id
922
+ * @return void
923
+ */
924
+ function wpmem_set_user_as_unconfirmed( $user_id ) {
925
+ global $wpmem;
926
+ $wpmem->act_newreg->set_as_unconfirmed( $user_id );
927
+ }
928
+
929
+ /**
930
+ * Checks if a user is confirmed.
931
+ *
932
+ * @since 3.3.8
933
+ *
934
+ * @global object $wpmem
935
+ * @param int $user_id
936
+ * @return bool
937
+ */
938
+ function wpmem_is_user_confirmed( $user_id = false ) {
939
+ global $wpmem;
940
+ $user_id = ( false === $user_id ) ? get_current_user_id() : $user_id;
941
+ return ( get_user_meta( $user_id, $wpmem->act_newreg->validation_confirm, true ) ) ? true : false;
942
+ }
943
  // End of file.
includes/class-wp-members-email.php CHANGED
@@ -94,7 +94,7 @@ class WP_Members_Email {
94
  $wpmem_fields = wpmem_fields();
95
 
96
  //Determine email to be sent. Stored option is an array with keys 'body' and 'subj'.
97
- $tag_array = array( 'newreg', 'newmod', 'appmod', 'repass', 'getuser' );
98
  switch ( $tag ) {
99
  case 0:
100
  case 1:
@@ -105,6 +105,10 @@ class WP_Members_Email {
105
  $this->settings = get_option( 'wpmembers_email_' . $tag );
106
  $this->settings['tag'] = $tag;
107
  break;
 
 
 
 
108
  default: // case 5:
109
  // This is a custom email.
110
  $this->settings['subj'] = $custom['subj'];
94
  $wpmem_fields = wpmem_fields();
95
 
96
  //Determine email to be sent. Stored option is an array with keys 'body' and 'subj'.
97
+ $tag_array = array( 'newreg', 'newmod', 'appmod', 'repass', 'getuser', 'validated' );
98
  switch ( $tag ) {
99
  case 0:
100
  case 1:
105
  $this->settings = get_option( 'wpmembers_email_' . $tag );
106
  $this->settings['tag'] = $tag;
107
  break;
108
+ case 6:
109
+ $this->settings = get_option( 'wpmembers_email_validated' );
110
+ $this->settings['tag'] = 'validated';
111
+ break;
112
  default: // case 5:
113
  // This is a custom email.
114
  $this->settings['subj'] = $custom['subj'];
includes/class-wp-members-forms.php CHANGED
@@ -388,7 +388,7 @@ class WP_Members_Forms {
388
  function do_file_upload( $file = array(), $user_id = false ) {
389
 
390
  // Filter the upload directory.
391
- add_filter( 'upload_dir', array( &$this,'file_upload_dir' ) );
392
 
393
  // Set up user ID for use in upload process.
394
  $this->file_user_id = ( $user_id ) ? $user_id : 0;
@@ -449,13 +449,17 @@ class WP_Members_Forms {
449
  * @return array $param
450
  */
451
  function file_upload_dir( $param ) {
 
 
 
452
  $user_id = ( isset( $this->file_user_id ) ) ? $this->file_user_id : null;
453
 
454
  $args = array(
455
  'user_id' => $user_id,
456
- 'wpmem_dir' => 'wpmembers/',
457
  'user_dir' => 'user_files/' . $user_id,
458
  );
 
459
  /**
460
  * Filter the user directory elements.
461
  *
@@ -465,9 +469,9 @@ class WP_Members_Forms {
465
  */
466
  $args = apply_filters( 'wpmem_user_upload_dir', $args );
467
 
468
- $param['subdir'] = '/' . $args['wpmem_dir'] . $args['user_dir'];
469
- $param['path'] = $param['basedir'] . '/' . $args['wpmem_dir'] . $args['user_dir'];
470
- $param['url'] = $param['baseurl'] . '/' . $args['wpmem_dir'] . $args['user_dir'];
471
 
472
  return $param;
473
  }
@@ -1053,7 +1057,15 @@ class WP_Members_Forms {
1053
 
1054
  $form_has_file = true;
1055
 
1056
- $attachment_url = wp_get_attachment_url( $val );
 
 
 
 
 
 
 
 
1057
  $empty_file = '<span class="description">' . __( 'None' ) . '</span>';
1058
  if ( 'edit' == $tag ) {
1059
  if ( 'file' == $field['type'] ) {
@@ -1688,6 +1700,36 @@ class WP_Members_Forms {
1688
  );
1689
  }
1690
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1691
 
1692
  if ( isset( $rows ) && is_array( $rows ) ) {
1693
 
388
  function do_file_upload( $file = array(), $user_id = false ) {
389
 
390
  // Filter the upload directory.
391
+ add_filter( 'upload_dir', array( &$this, 'file_upload_dir' ) );
392
 
393
  // Set up user ID for use in upload process.
394
  $this->file_user_id = ( $user_id ) ? $user_id : 0;
449
  * @return array $param
450
  */
451
  function file_upload_dir( $param ) {
452
+
453
+ global $wpmem;
454
+
455
  $user_id = ( isset( $this->file_user_id ) ) ? $this->file_user_id : null;
456
 
457
  $args = array(
458
  'user_id' => $user_id,
459
+ 'wpmem_dir' => $wpmem->upload_base,
460
  'user_dir' => 'user_files/' . $user_id,
461
  );
462
+
463
  /**
464
  * Filter the user directory elements.
465
  *
469
  */
470
  $args = apply_filters( 'wpmem_user_upload_dir', $args );
471
 
472
+ $param['subdir'] = '/' . $args['wpmem_dir'] . '/' . $args['user_dir'];
473
+ $param['path'] = $param['basedir'] . '/' . $args['wpmem_dir'] . '/' . $args['user_dir'];
474
+ $param['url'] = $param['baseurl'] . '/' . $args['wpmem_dir'] . '/' . $args['user_dir'];
475
 
476
  return $param;
477
  }
1057
 
1058
  $form_has_file = true;
1059
 
1060
+ // Handle files differently for multisite vs. single install.
1061
+ // @see: https://core.trac.wordpress.org/ticket/32145
1062
+ if ( is_multisite() ) {
1063
+ $attachment = get_post( $val );
1064
+ $attachment_url = $attachment->guid;
1065
+ } else {
1066
+ $attachment_url = wp_get_attachment_url( $val );
1067
+ }
1068
+
1069
  $empty_file = '<span class="description">' . __( 'None' ) . '</span>';
1070
  if ( 'edit' == $tag ) {
1071
  if ( 'file' == $field['type'] ) {
1700
  );
1701
  }
1702
  }
1703
+
1704
+ // Do recaptcha if enabled.
1705
+ if ( ! $is_woo && isset( $wpmem->captcha ) && $wpmem->captcha > 0 ) {
1706
+
1707
+ $row_before = '<p>';
1708
+ $row_after = '</p>';
1709
+ $label = '';
1710
+
1711
+ if ( in_array( $wpmem->captcha, array( 1, 3, 4 ) ) ) {
1712
+ $captcha = WP_Members_Captcha::recaptcha();
1713
+ } elseif ( 5 == $wpmem->captcha ) {
1714
+ $captcha = WP_Members_Captcha::hcaptcha();
1715
+ } elseif ( 2 == $wpmem->captcha ) {
1716
+ $row = WP_Members_Captcha::rs_captcha( 'array' );
1717
+ $label = $row['label']; //$row['label_text'];
1718
+ $captcha = $row['img'] . $row['hidden'] . $row['field'];
1719
+ }
1720
+ if ( 4 == $wpmem->captcha ) {
1721
+ $row_before = '';
1722
+ $row_after = '';
1723
+ }
1724
+ }
1725
+
1726
+ $rows['captcha'] = array(
1727
+ 'type' => '',
1728
+ 'row_before' => $row_before,
1729
+ 'row_after' => $row_after,
1730
+ 'label' => $label,
1731
+ 'field' => $captcha,
1732
+ );
1733
 
1734
  if ( isset( $rows ) && is_array( $rows ) ) {
1735
 
includes/class-wp-members-pwd-reset.php CHANGED
@@ -1,333 +1,289 @@
1
- <?php
2
-
3
- class WP_Members_Pwd_Reset {
4
-
5
- /**
6
- * Message containers.
7
- *
8
- * @since 3.3.5
9
- */
10
- public $form_submitted_key_not_found;
11
- public $form_load_key_not_found;
12
- public $key_is_expired;
13
-
14
- /**
15
- * Meta containers
16
- *
17
- * @since 3.3.5
18
- */
19
- public $reset_key_meta = '_wpmem_password_reset_key';
20
- public $reset_key_exp = '_wpmem_password_reset_exp';
21
- public $reset_key_nonce = "_wpmem_pwd_reset";
22
- public $form_action = 'set_password_from_key';
23
-
24
- /**
25
- * Initialize the class.
26
- *
27
- * @since 3.3.5
28
- */
29
- function __construct() {
30
-
31
- $this->form_submitted_key_not_found = __( "Sorry, no password reset key was found. Please check your email and try again.", 'wp-members' );
32
- $this->form_load_key_not_found = __( "Sorry, no password reset key was found. Please check your email and try again.", 'wp-members' );
33
- $this->key_is_expired = __( "Sorry, the password reset key is expired.", 'wp-members' );
34
-
35
- add_filter( 'wpmem_email_filter', array( $this, 'add_reset_key_to_email' ), 10, 3 );
36
- add_filter( 'the_content', array( $this, 'display_content' ), 100 );
37
- add_filter( 'wpmem_login_hidden_fields', array( $this, 'add_hidden_form_field' ), 10, 2 );
38
- add_action( 'wpmem_get_action', array( $this, 'get_wpmem_action' ) );
39
- add_filter( 'wpmem_regchk', array( $this, 'change_regchk' ), 10, 2 );
40
- add_filter( 'wpmem_resetpassword_form_defaults', array( $this, 'reset_password_form' ) );
41
- }
42
-
43
- /**
44
- * Create a password reset key for the user.
45
- *
46
- * @since 3.3.5
47
- *
48
- * @param int $user_id
49
- * @return string $key
50
- */
51
- function generate_reset_key( $user_id ) {
52
-
53
- $key = md5( wp_generate_password() );
54
-
55
- /**
56
- * Filter the key expiration.
57
- *
58
- * @since 3.3.5
59
- *
60
- * @param string $key_expires
61
- */
62
- $key_expires = apply_filters( 'wpmem_reset_key_exp', ( time() + 21600 ) );
63
-
64
- update_user_meta( $user_id, $this->reset_key_meta, $key );
65
- update_user_meta( $user_id, $this->reset_key_exp, $key_expires );
66
- return $key;
67
- }
68
-
69
- /**
70
- * Utility for getting the user ID by the password_reset_key.
71
- *
72
- * @since 3.3.5
73
- *
74
- * @param string $key
75
- * @return mixed $user->ID/false
76
- */
77
- function get_user_by_pwd_key( $key ) {
78
- // Get the user account the key is for.
79
- $users = get_users( array(
80
- 'meta_key' => $this->reset_key_meta,
81
- 'meta_value' => $key,
82
- 'number' => 1,
83
- 'count_total' => false
84
- ) );
85
- if ( $users ) {
86
- foreach( $users as $user ) {
87
- return $user->ID;
88
- }
89
- }
90
- return false;
91
- }
92
-
93
- /**
94
- * Check if key is expired.
95
- *
96
- * @since 3.3.5
97
- *
98
- * @param string $key
99
- * @param int $user_id
100
- * @return boolean
101
- */
102
- function key_is_valid( $key, $user_id ) {
103
- $expires = get_user_meta( $user_id, $this->reset_key_exp, true );
104
- return ( time() < $expires ) ? true : false;
105
- }
106
-
107
- /**
108
- * Add reset key to the email.
109
- *
110
- * @since 3.3.5
111
- *
112
- * @param array $arr
113
- * @param array $wpmem_fields
114
- * @param array $field_data
115
- * @return array $arr
116
- */
117
- function add_reset_key_to_email( $arr, $wpmem_fields, $field_data ) {
118
-
119
- if ( $arr['toggle'] == 'repass' ) {
120
-
121
- // Get the stored key.
122
- $key = $this->generate_reset_key( $arr['user_id'] );
123
- $query_args = array(
124
- 'a' => $this->form_action,
125
- 'key' => $key,
126
- );
127
-
128
- // Generate reset link.
129
- $link = add_query_arg( $query_args, trailingslashit( wpmem_profile_url() ) );
130
-
131
- // Does email body have the [reset_link] shortcode?
132
- if ( strpos( $arr['body'], '[reset_link]' ) ) {
133
- $arr['body'] = str_replace( '[reset_link]', $link, $arr['body'] );
134
- } else {
135
- // Add text and link to the email body.
136
- $arr['body'] = $arr['body'] . "\r\n"
137
- . $link;
138
- }
139
- }
140
- return $arr;
141
- }
142
-
143
- /**
144
- * Display page content to user.
145
- *
146
- * @since 3.3.5
147
- *
148
- * @param string $content
149
- * @return string $content
150
- */
151
- function display_content( $content ) {
152
- if ( ! is_user_logged_in() && in_the_loop() && $this->form_action == wpmem_get( 'a', false, 'request' ) ) {
153
- // Define variables
154
- $result = false; $user_id = false;
155
-
156
- // Check for key
157
- $key = sanitize_text_field( wpmem_get( 'key', false, 'request' ) );
158
-
159
- // Validate
160
- if ( 1 == wpmem_get( 'formsubmit' ) && false !== wpmem_get( 'a', false, $this->form_action ) ) {
161
- // form was submitted, validate fields
162
- $user_id = $this->get_user_by_pwd_key( $key );
163
- if ( $user_id ) {
164
- // Key was found, is it expired?
165
- if ( true === $this->key_is_valid( $key, $user_id ) ) {
166
- $result = $this->change_password( $user_id );
167
- } else {
168
- return $this->key_is_expired;
169
- }
170
- } else {
171
- $result = 'submittedkeynotfound';
172
- }
173
- }
174
- if ( $result != 'pwdchangesuccess' ) {
175
-
176
- if ( 'submittedkeynotfound' == $result ) {
177
- // If somehow the form was submitted but the key not found.
178
- return $this->form_submitted_key_not_found;
179
- }
180
-
181
- // If no key found on initial form load, or if no key was passed
182
- if ( $key ) {
183
- $user_id = $this->get_user_by_pwd_key( $key );
184
- if ( ! $user_id ) {
185
- return $this->form_load_key_not_found;
186
- } else {
187
- if ( false === $this->key_is_valid( $key, $user_id ) ) {
188
- return $this->key_is_expired;
189
- }
190
- }
191
- } else {
192
- return $this->form_load_key_not_found;
193
- }
194
-
195
- $content = wpmem_change_password_form();
196
- } else {
197
- $content = wpmem_inc_regmessage( 'pwdchangesuccess' );
198
- if ( $user_id ) {
199
- delete_user_meta( $user_id, $this->reset_key_meta );
200
- delete_user_meta( $user_id, $this->reset_key_exp );
201
- }
202
- }
203
- }
204
- return $content;
205
- }
206
-
207
- /**
208
- * Add hidden form field for form action.
209
- *
210
- * @since 3.3.5
211
- *
212
- * @param string $hidden_fields
213
- * @return string $hidden_fields
214
- */
215
- function add_hidden_form_field( $hidden_fields, $action ) {
216
- if ( $this->form_action == wpmem_get( 'a', false, 'request' ) ) {
217
- $hidden_fields = str_replace( 'pwdchange', $this->form_action, $hidden_fields );
218
- $hidden_fields.= wpmem_create_formfield( $this->reset_key_meta, 'hidden', wpmem_get( 'key', null, 'request' ) );
219
- }
220
- return $hidden_fields;
221
- }
222
-
223
- /**
224
- * Get the wpmem action variable.
225
- *
226
- * @since 3.3.5
227
- */
228
- function get_wpmem_action() {
229
- global $wpmem;
230
- if ( 'pwdreset' == $wpmem->action && isset( $_POST['formsubmit'] ) ) {
231
-
232
- $user_to_check = wpmem_get( 'user', false );
233
- $user_to_check = ( strpos( $user_to_check, '@' ) ) ? sanitize_email( $user_to_check ) : sanitize_user( $user_to_check );
234
-
235
- if ( username_exists( $user_to_check ) ) {
236
- $user = get_user_by( 'login', $user_to_check );
237
- if ( ( 1 == $wpmem->mod_reg ) && ( 1 != get_user_meta( $user->ID, 'active', true ) ) ) {
238
- $user = false;
239
- }
240
- } elseif ( email_exists( $user_to_check ) ) {
241
- $user = get_user_by( 'email', $user_to_check );
242
- } else {
243
- $user = false;
244
- }
245
-
246
- if ( false === $user ) {
247
- return "pwdreseterr";
248
- }
249
-
250
- $new_pass = '';
251
- wpmem_email_to_user( $user->ID, $new_pass, 3 );
252
- do_action( 'wpmem_pwd_reset', $user->ID, $new_pass );
253
- $wpmem->action = 'pwdreset_link';
254
- global $wpmem_regchk;
255
- $wpmem->regchk = 'pwdresetsuccess';
256
- return "pwdresetsuccess";
257
- }
258
- return;
259
- }
260
-
261
- /**
262
- * Changes the wpmem_regchk value.
263
- *
264
- * @since 3.3.5
265
- *
266
- * @param string $regchk
267
- */
268
- function change_regchk( $regchk, $action ) {
269
- global $wpmem;
270
- if ( 'pwdreset_link' == $action && 'pwdresetsuccess' == $wpmem->regchk ) {
271
- global $wpmem;
272
- $wpmem->action = 'pwdreset';
273
- return 'pwdresetsuccess';
274
- }
275
- return $regchk;
276
- }
277
-
278
- /**
279
- * Change a user's password()
280
- * (A custom version of $wpmem->user->password_change().)
281
- *
282
- * @since 3.3.5
283
- *
284
- * @param int $user_id
285
- */
286
- function change_password( $user_id ) {
287
- if ( isset( $_POST['formsubmit'] ) ) {
288
- $args = array(
289
- 'pass1' => wpmem_get( 'pass1', false ),
290
- 'pass2' => wpmem_get( 'pass2', false ),
291
- );
292
- }
293
-
294
- $is_error = false;
295
- // Check for both fields being empty.
296
- $is_error = ( ! $args['pass1'] && ! $args['pass2'] ) ? "pwdchangempty" : $is_error;
297
- // Make sure the fields match.
298
- $is_error = ( $args['pass1'] != $args['pass2'] ) ? "pwdchangerr" : $is_error;
299
- /**
300
- * Filters the password change error.
301
- *
302
- * @since 3.1.5
303
- * @since 3.1.7 Moved to user object.
304
- *
305
- * @param string $is_error
306
- * @param int $user_id The user's numeric ID.
307
- * @param string $args['pass1'] The user's new plain text password.
308
- */
309
- $is_error = apply_filters( 'wpmem_pwd_change_error', $is_error, $user_id, $args['pass1'] );
310
-
311
- // Verify nonce.
312
- $is_error = ( ! wp_verify_nonce( $_REQUEST['_wpmem_pwdchange_nonce'], 'wpmem_shortform_nonce' ) ) ? "reg_generic" : $is_error;
313
- if ( $is_error ) {
314
- return $is_error;
315
- }
316
- wp_set_password( $args['pass1'] , $user_id );
317
- return "pwdchangesuccess";
318
- }
319
-
320
- /**
321
- * Filter the reset password form.
322
- *
323
- * @since 3.3.5
324
- *
325
- * @param array $args
326
- */
327
- function reset_password_form( $args ) {
328
- global $wpmem;
329
- $args['inputs'][0]['name'] = $wpmem->get_text( 'login_username' );
330
- unset( $args['inputs'][1] );
331
- return $args;
332
- }
333
  }
1
+ <?php
2
+ /**
3
+ * An object class for WP-Members Password Reset.
4
+ *
5
+ * @since 3.3.5
6
+ * @since 3.3.8 Rebuild processing to utilize WP native functions and user_activation_key.
7
+ */
8
+ class WP_Members_Pwd_Reset {
9
+
10
+ /**
11
+ * Message containers.
12
+ *
13
+ * @since 3.3.5
14
+ */
15
+ public $form_submitted_key_not_found;
16
+ public $form_load_key_not_found;
17
+ public $key_is_expired;
18
+
19
+ /**
20
+ * Meta containers
21
+ *
22
+ * @since 3.3.5
23
+ */
24
+ public $reset_key_nonce = "_wpmem_pwd_reset";
25
+ public $form_action = 'set_password_from_key';
26
+
27
+ /**
28
+ * Initialize the class.
29
+ *
30
+ * @since 3.3.5
31
+ */
32
+ function __construct() {
33
+
34
+ $defaults = array(
35
+ 'form_submitted_key_not_found' => __( "Sorry, no password reset key was found. Please check your email and try again.", 'wp-members' ),
36
+ 'form_load_key_not_found' => __( "Sorry, no password reset key was found. Please check your email and try again.", 'wp-members' ),
37
+ 'key_is_expired' => __( "Sorry, the password reset key is expired.", 'wp-members' ),
38
+ );
39
+
40
+ /**
41
+ * Filter default dialogs.
42
+ *
43
+ * @since 3.3.8
44
+ *
45
+ * @param array $defaults
46
+ */
47
+ $defaults = apply_filters( 'wpmem_pwd_reset_default_dialogs', $defaults );
48
+
49
+ foreach ( $defaults as $key => $value ) {
50
+ $this->{$key} = $value;
51
+ }
52
+
53
+ add_filter( 'wpmem_email_filter', array( $this, 'add_reset_key_to_email' ), 10, 3 );
54
+ add_filter( 'the_content', array( $this, 'display_content' ), 100 );
55
+ add_filter( 'wpmem_login_hidden_fields', array( $this, 'add_hidden_form_field' ), 10, 2 );
56
+ add_action( 'wpmem_get_action', array( $this, 'get_wpmem_action' ) );
57
+ add_filter( 'wpmem_regchk', array( $this, 'change_regchk' ), 10, 2 );
58
+ add_filter( 'wpmem_resetpassword_form_defaults', array( $this, 'reset_password_form' ) );
59
+ }
60
+
61
+ /**
62
+ * Add reset key to the email.
63
+ *
64
+ * @since 3.3.5
65
+ *
66
+ * @param array $arr
67
+ * @param array $wpmem_fields
68
+ * @param array $field_data
69
+ * @return array $arr
70
+ */
71
+ function add_reset_key_to_email( $arr, $wpmem_fields, $field_data ) {
72
+
73
+ if ( $arr['toggle'] == 'repass' ) {
74
+
75
+ $user = get_user_by( 'ID', $arr['user_id'] );
76
+
77
+ // Get the stored key.
78
+ $key = $this->get_password_reset_key( $user );
79
+ $query_args = array(
80
+ 'a' => $this->form_action,
81
+ 'key' => $key,
82
+ 'login' => $user->user_login,
83
+ );
84
+
85
+ // Generate reset link.
86
+ $link = add_query_arg( $query_args, trailingslashit( wpmem_profile_url() ) );
87
+
88
+ // Does email body have the [reset_link] shortcode?
89
+ if ( strpos( $arr['body'], '[reset_link]' ) ) {
90
+ $arr['body'] = str_replace( '[reset_link]', $link, $arr['body'] );
91
+ } else {
92
+ // Add text and link to the email body.
93
+ $arr['body'] = $arr['body'] . "\r\n"
94
+ . $link;
95
+ }
96
+ }
97
+ return $arr;
98
+ }
99
+
100
+ /**
101
+ * Display page content to user.
102
+ *
103
+ * @since 3.3.5
104
+ *
105
+ * @param string $content
106
+ * @return string $content
107
+ */
108
+ function display_content( $content ) {
109
+
110
+ global $wpmem;
111
+
112
+ if ( ! is_user_logged_in() && in_the_loop() && $this->form_action == wpmem_get( 'a', false, 'request' ) ) {
113
+ // Define variables
114
+ $result = '';
115
+ $user_id = false;
116
+ $msg = '';
117
+ $form = '';
118
+
119
+ // Check for key.
120
+ $key = sanitize_text_field( wpmem_get( 'key', false, 'request' ) );
121
+ $user_login = sanitize_text_field( wpmem_get( 'login', false, 'request' ) );
122
+ $pass1 = wpmem_get( 'pass1', false );
123
+ $pass2 = wpmem_get( 'pass2', false );
124
+
125
+ // Set an error container.
126
+ $errors = new WP_Error();
127
+
128
+ /**
129
+ * Validate the key.
130
+ *
131
+ * WP_Error will be invalid_key or expired_key. Process triggers password_reset_expiration filter
132
+ * filtering DAY_IN_SECONDS default. Filter password_reset_key_expired is also triggered filtering
133
+ * the return value (which can be used to override the expired/invalid check based on user_id).
134
+ *
135
+ * WP filter/actions triggered:
136
+ * - password_reset_expiration
137
+ * - password_reset_key_expired
138
+ *
139
+ * @see https://developer.wordpress.org/reference/functions/check_password_reset_key/
140
+ * @param string Hash to validate sending user's password.
141
+ * @param string The user login.
142
+ * @return WP_User|WP_Error WP_User object on success, WP_Error object for invalid or expired keys (invalid_key|expired_key).
143
+ */
144
+ $user = check_password_reset_key( $key, $user_login );
145
+
146
+ // Validate
147
+ if ( 1 == wpmem_get( 'formsubmit' ) && false !== wpmem_get( 'a', false, $this->form_action ) ) {
148
+
149
+ // Verify nonce.
150
+ if ( ! wp_verify_nonce( $_REQUEST['_wpmem_pwdchange_nonce'], 'wpmem_shortform_nonce' ) ) {
151
+ $errors->add( 'reg_generic', $wpmem->get_text( 'reg_generic' ) );
152
+ }
153
+
154
+ // Make sure submitted passwords match.
155
+ if ( $pass1 !== $pass2 ) {
156
+ // Legacy WP-Members error.
157
+ $result = 'pwdchangerr';
158
+ $msg = wpmem_inc_regmessage( 'pwdchangerr' );
159
+ // WP Error.
160
+ $errors->add( 'password_reset_mismatch', __( 'The passwords do not match.' ) );
161
+ }
162
+
163
+ /** This action is documented in wp-login.php */
164
+ // do_action( 'validate_password_reset', $errors, $user );
165
+
166
+ if ( ( ! $errors->has_errors() ) && isset( $pass1 ) && ! empty( $pass1 ) ) {
167
+ reset_password( $user, $pass1 );
168
+ $msg = wpmem_inc_regmessage( 'pwdchangesuccess' ) . $wpmem->forms->do_login_form( 'pwdreset' );
169
+ $result = 'pwdchangesuccess';
170
+ }
171
+ }
172
+
173
+ if ( $result != 'pwdchangesuccess' ) {
174
+
175
+ if ( 'invalid_key' == $user->get_error_code() ) {
176
+ // If somehow the form was submitted but the key not found.
177
+ $msg = wpmem_inc_regmessage( 'invalid_key', $this->form_submitted_key_not_found );
178
+ }
179
+
180
+ $form = wpmem_change_password_form();
181
+
182
+ }
183
+
184
+ $content = $msg . $form;
185
+ }
186
+
187
+ return $content;
188
+ }
189
+
190
+ /**
191
+ * Add hidden form field for form action.
192
+ *
193
+ * @since 3.3.5
194
+ *
195
+ * @param string $hidden_fields
196
+ * @return string $hidden_fields
197
+ */
198
+ function add_hidden_form_field( $hidden_fields, $action ) {
199
+ if ( $this->form_action == wpmem_get( 'a', false, 'request' ) ) {
200
+ $hidden_fields = str_replace( 'pwdchange', $this->form_action, $hidden_fields );
201
+ $hidden_fields.= wpmem_create_formfield( 'key', 'hidden', wpmem_get( 'key', null, 'request' ) );
202
+ $hidden_fields.= wpmem_create_formfield( 'login', 'hidden', wpmem_get( 'login', null, 'request' ) );
203
+ }
204
+ return $hidden_fields;
205
+ }
206
+
207
+ /**
208
+ * Get the wpmem action variable.
209
+ *
210
+ * @since 3.3.5
211
+ */
212
+ function get_wpmem_action() {
213
+ global $wpmem;
214
+ if ( 'pwdreset' == $wpmem->action && isset( $_POST['formsubmit'] ) ) {
215
+
216
+ $user_to_check = wpmem_get( 'user', false );
217
+ $user_to_check = ( strpos( $user_to_check, '@' ) ) ? sanitize_email( $user_to_check ) : sanitize_user( $user_to_check );
218
+
219
+ if ( username_exists( $user_to_check ) ) {
220
+ $user = get_user_by( 'login', $user_to_check );
221
+ if ( ( 1 == $wpmem->mod_reg ) && ( 1 != get_user_meta( $user->ID, 'active', true ) ) ) {
222
+ $user = false;
223
+ }
224
+ } elseif ( email_exists( $user_to_check ) ) {
225
+ $user = get_user_by( 'email', $user_to_check );
226
+ } else {
227
+ $user = false;
228
+ }
229
+
230
+ if ( false === $user ) {
231
+ return "pwdreseterr";
232
+ }
233
+
234
+ $new_pass = '';
235
+ wpmem_email_to_user( $user->ID, $new_pass, 3 );
236
+ do_action( 'wpmem_pwd_reset', $user->ID, $new_pass );
237
+ $wpmem->action = 'pwdreset_link';
238
+ global $wpmem_regchk;
239
+ $wpmem->regchk = 'pwdresetsuccess';
240
+ return "pwdresetsuccess";
241
+ }
242
+ return;
243
+ }
244
+
245
+ /**
246
+ * Changes the wpmem_regchk value.
247
+ *
248
+ * @since 3.3.5
249
+ *
250
+ * @param string $regchk
251
+ */
252
+ function change_regchk( $regchk, $action ) {
253
+ global $wpmem;
254
+ if ( 'pwdreset_link' == $action && 'pwdresetsuccess' == $wpmem->regchk ) {
255
+ global $wpmem;
256
+ $wpmem->action = 'pwdreset';
257
+ return 'pwdresetsuccess';
258
+ }
259
+ return $regchk;
260
+ }
261
+
262
+ /**
263
+ * Filter the reset password form.
264
+ *
265
+ * @since 3.3.5
266
+ *
267
+ * @param array $args
268
+ */
269
+ function reset_password_form( $args ) {
270
+ global $wpmem;
271
+ $args['inputs'][0]['name'] = $wpmem->get_text( 'login_username' );
272
+ unset( $args['inputs'][1] );
273
+ return $args;
274
+ }
275
+
276
+ /**
277
+ * Sets and gets the password reset key.
278
+ *
279
+ * This function is a wrapper for the WP function get_password_reset_key().
280
+ *
281
+ * @since 3.3.8
282
+ *
283
+ * @param object $user
284
+ * @return string The reset key.
285
+ */
286
+ private function get_password_reset_key( $user ) {
287
+ return get_password_reset_key( $user );
288
+ }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
289
  }
includes/class-wp-members-user.php CHANGED
@@ -1,1168 +1,1177 @@
1
- <?php
2
- /**
3
- * The WP_Members_User Class.
4
- *
5
- * This is the WP_Members User object class. This class contains functions
6
- * for login, logout, registration and other user related methods.
7
- *
8
- * @package WP-Members
9
- * @subpackage WP_Members_User Object Class
10
- * @since 3.0.0
11
- */
12
-
13
- // Exit if accessed directly.
14
- if ( ! defined( 'ABSPATH' ) ) {
15
- exit();
16
- }
17
-
18
- class WP_Members_User {
19
-
20
- /**
21
- * Container for reg form data.
22
- *
23
- * @since 3.1.7
24
- * @access public
25
- * @var array
26
- */
27
- public $post_data = array();
28
-
29
- /**
30
- * Container for user access information.
31
- *
32
- * @since 3.2.0
33
- * @access public
34
- * @var array
35
- */
36
- public $access = array();
37
-
38
- /**
39
- * Initilize the User object.
40
- *
41
- * @since 3.1.7
42
- *
43
- * @param object $settings The WP_Members Object
44
- */
45
- function __construct( $settings ) {
46
- add_action( 'user_register', array( $this, 'set_reg_type' ), 1 );
47
- add_action( 'user_register', array( $this, 'register_finalize' ), 5 ); // @todo This needs rigorous testing, especially front end processing such as WC.
48
- add_action( 'user_register', array( $this, 'post_register_data' ), 9 ); // Changed this to 9 so custom user meta is saved before the default (10) priority.
49
- add_action( 'user_register', array( $this, 'set_user_exp' ), 25 );
50
- add_action( 'user_register', array( $this, 'register_email_to_user' ), 25 ); // @todo This needs rigorous testing for integration with WC or WP native.
51
- add_action( 'user_register', array( $this, 'register_email_to_admin' ), 25 ); // @todo This needs rigorous testing for integration with WC or WP native.register_email_to_admin
52
- add_action( 'wpmem_register_redirect', array( $this, 'register_redirect' ) );
53
-
54
- add_filter( 'registration_errors', array( $this, 'wp_register_validate' ), 10, 3 ); // native registration validation
55
-
56
- // Load anything the user as access to.
57
- if ( 1 == $settings->enable_products ) {
58
- add_action( 'user_register', array( $this, 'set_default_product' ), 6 );
59
-
60
- if ( is_user_logged_in() ) {
61
- $this->access = $this->get_user_products( false, $settings );
62
- }
63
- }
64
- }
65
-
66
- /**
67
- * Handle user login.
68
- *
69
- * Built from, but replaces, the original wpmem_login() function
70
- * from core.php. wpmem_login() is currently maintained as a
71
- * wrapper and is the direct function called for login.
72
- *
73
- * @since 3.1.7
74
- * @since 3.2.3 Removed wpmem_login_fields filter.
75
- * @since 3.2.3 Replaced form collection with WP script to facilitate login with username OR email.
76
- * @since 3.2.3 Changed to wp_safe_redirect().
77
- *
78
- * @return string Returns "loginfailed" if failed login.
79
- */
80
- function login() {
81
-
82
- global $wpmem;
83
-
84
- if ( ! empty( $_POST['log'] ) && ! force_ssl_admin() ) {
85
- $user_name = sanitize_user( $_POST['log'] );
86
- $user = get_user_by( 'login', $user_name );
87
-
88
- if ( ! $user && strpos( $user_name, '@' ) ) {
89
- $user = get_user_by( 'email', $user_name );
90
- }
91
- }
92
-
93
- $user = wp_signon( array(), is_ssl() );
94
-
95
- if ( is_wp_error( $user ) ) {
96
- $wpmem->error = $user->get_error_message();
97
- return "loginfailed";
98
- } else {
99
- $redirect_to = wpmem_get( 'redirect_to', false );
100
- $redirect_to = ( $redirect_to ) ? esc_url_raw( trim( $redirect_to ) ) : esc_url_raw( wpmem_current_url() );
101
- /** This filter defined in wp-login.php */
102
- $redirect_to = apply_filters( 'login_redirect', $redirect_to, '', $user );
103
- /**
104
- * Filter the redirect url.
105
- *
106
- * This is the plugin's original redirect filter. In 3.1.7,
107
- * WP's login_redirect filter hook was added to provide better
108
- * integration support for other plugins and also for users
109
- * who may already be using WP's filter(s). login_redirect
110
- * comes first, then wpmem_login_redirect. So wpmem_login_redirect
111
- * can be used to override a default in login_redirect.
112
- *
113
- * @since 2.7.7
114
- * @since 2.9.2 Added $user_id
115
- *
116
- * @param string $redirect_to The url to direct to.
117
- * @param int $user->ID The user's primary key ID.
118
- */
119
- $redirect_to = apply_filters( 'wpmem_login_redirect', $redirect_to, $user->ID );
120
- wp_safe_redirect( $redirect_to );
121
- exit();
122
- }
123
- }
124
-
125
- /**
126
- * Handle user logout.
127
- *
128
- * Built from, but replaces, the original wpmem_logout() function
129
- * from core.php. wpmem_logout() is currently maintained as a
130
- * wrapper and is the direct function called for logout.
131
- *
132
- * @since 3.1.7
133
- * @since 3.2.0 Added logout_redirect filter
134
- *
135
- * @param string $redirect_to URL to redirect the user to (default: false).
136
- */
137
- function logout( $redirect_to = false ) {
138
- // Default redirect URL.
139
- $redirect_to = ( $redirect_to ) ? $redirect_to : home_url();
140
-
141
- /** This filter is documented in /wp-login.php */
142
- $redirect_to = apply_filters( 'logout_redirect', $redirect_to, $redirect_to, wp_get_current_user() );
143
- /**
144
- * Filter where the user goes when logged out.
145
- *
146
- * @since 2.7.1
147
- * @since 3.1.7 Moved to WP_Members_Users Class.
148
- *
149
- * @param string The blog home page.
150
- */
151
- $redirect_to = apply_filters( 'wpmem_logout_redirect', $redirect_to );
152
-
153
- wp_destroy_current_session();
154
- wp_clear_auth_cookie();
155
-
156
- /** This action is defined in /wp-includes/pluggable.php. */
157
- do_action( 'wp_logout' );
158
-
159
- wp_safe_redirect( $redirect_to );
160
- exit();
161
- }
162
-
163
- /**
164
- * Sets the registration type.
165
- *
166
- * @since 3.3.0
167
- */
168
- function set_reg_type() {
169
- // Is this a WP-Members registration?
170
- $this->reg_type['is_wpmem'] = ( 'register' == wpmem_get( 'a' ) ) ? true : false;
171
- // Is this WP's native registration? Checks the native submit button.
172
- $this->reg_type['is_native'] = ( __( 'Register' ) == wpmem_get( 'wp-submit' ) ) ? true : false;
173
- // Is this a Users > Add New process? Checks the post action.
174
- $this->reg_type['is_add_new'] = ( 'createuser' == wpmem_get( 'action' ) ) ? true : false;
175
- // Is this a WooCommerce my account registration? Checks for WC fields.
176
- $this->reg_type['is_woo'] = ( wpmem_get( 'woocommerce-register-nonce' ) ) ? true : false;
177
- // Is this a WooCommerce checkout?
178
- $this->reg_type['is_woo_checkout'] = ( wpmem_get( 'woocommerce_checkout_place_order' ) ) ? true : false;
179
- }
180
-
181
- /**
182
- * Validate user registration.
183
- *
184
- * @since 3.3.0
185
- *
186
- * @global int $user_ID
187
- * @global string $wpmem_themsg
188
- * @global array $userdata
189
- *
190
- * @param string $tag
191
- */
192
- function register_validate( $tag ) {
193
-
194
- // Get the globals.
195
- global $user_ID, $wpmem, $wpmem_themsg, $userdata;
196
-
197
- // Check the nonce.
198
- if ( empty( $_POST ) || ! wp_verify_nonce( $_REQUEST[ '_wpmem_' . $tag . '_nonce' ], 'wpmem_longform_nonce' ) ) {
199
- $wpmem_themsg = __( 'There was an error processing the form.', 'wp-members' );
200
- return;
201
- }
202
-
203
- // Make sure fields are loaded.
204
- wpmem_fields( $tag );
205
-
206
- // Is this a registration or a user profile update?
207
- if ( 'register' == $tag ) {
208
- $this->post_data['username'] = sanitize_user( wpmem_get( 'username' ) );
209
- }
210
-
211
- // Add the user email to the $this->post_data array for _data hooks.
212
- if ( isset( $wpmem->fields['user_email'] ) ) {
213
- $this->post_data['user_email'] = sanitize_email( wpmem_get( 'user_email' ) );
214
- }
215
-
216
- // If this is an update, and tos is a field, and the user has the correct saved value, remove tos.
217
- if ( 'update' == $tag && isset( $wpmem->fields['tos'] ) ) {
218
- if ( get_user_meta( $user_ID, 'tos', true ) == $wpmem->fields['tos']['checked_value'] ) {
219
- unset( $wpmem->fields['tos'] );
220
- }
221
- }
222
-
223
- // Build the $this->post_data array from $_POST data.
224
- foreach ( $wpmem->fields as $meta_key => $field ) {
225
- if ( ( 'register' == $tag && true == $field['register'] ) || ( 'update' == $tag && true == $field['profile'] ) ) {
226
- if ( 'password' != $meta_key && 'confirm_password' != $meta_key && 'username' != $meta_key ) {
227
- if ( isset( $_POST[ $meta_key ] ) ) {
228
- switch ( $field['type'] ) {
229
- case 'checkbox':
230
- $this->post_data[ $meta_key ] = sanitize_text_field( $_POST[ $meta_key ] );
231
- break;
232
- case 'multiselect':
233
- case 'multicheckbox':
234
- $delimiter = ( isset( $field['delimiter'] ) ) ? $field['delimiter'] : '|';
235
- $this->post_data[ $meta_key ] = ( isset( $_POST[ $meta_key ] ) ) ? implode( $delimiter, wpmem_sanitize_array( $_POST[ $meta_key ] ) ) : '';
236
- break;
237
- case 'textarea':
238
- $this->post_data[ $meta_key ] = sanitize_textarea_field( $_POST[ $meta_key ] );
239
- break;
240
- default:
241
- $this->post_data[ $meta_key ] = sanitize_text_field( $_POST[ $meta_key ] );
242
- break;
243
- }
244
- } else {
245
- $this->post_data[ $meta_key ] = '';
246
- }
247
- } else {
248
- // We do have password as part of the registration form.
249
- if ( isset( $_POST['password'] ) ) {
250
- $this->post_data['password'] = $_POST['password'];
251
- }
252
- if ( isset( $_POST['confirm_password'] ) ) {
253
- $this->post_data['confirm_password'] = $_POST['confirm_password'];
254
- }
255
- }
256
- }
257
- }
258
-
259
- /**
260
- * Filter the submitted form fields prior to validation.
261
- *
262
- * @since 2.8.2
263
- * @since 3.1.7 Added $tag
264
- * @since 3.2.0 Moved to regiser_validate() method in user object class.
265
- *
266
- * @param array $this->post_data An array of the posted form field data.
267
- * @param string $tag
268
- */
269
- $this->post_data = apply_filters( 'wpmem_pre_validate_form', $this->post_data, $tag );
270
-
271
- if ( 'update' == $tag ) {
272
- $pass_arr = array( 'username', 'password', 'confirm_password', 'password_confirm' );
273
- foreach ( $pass_arr as $pass ) {
274
- unset( $wpmem->fields[ $pass ] );
275
- }
276
- }
277
-
278
- // Check for required fields, reverse the array for logical error message order.
279
- foreach ( array_reverse( $wpmem->fields ) as $meta_key => $field ) {
280
- // Validation if the field is required.
281
- if ( true == $field['required'] ) {
282
- if ( 'file' == $field['type'] || 'image' == $field['type'] ) {
283
- // If this is a new registration.
284
- if ( 'register' == $tag ) {
285
- // If the required field is a file type.
286
- if ( empty( $_FILES[ $meta_key ]['name'] ) ) {
287
- $wpmem_themsg = sprintf( $wpmem->get_text( 'reg_empty_field' ), __( $field['label'], 'wp-members' ) );
288
- }
289
- }
290
- } else {
291
- // If the required field is any other field type.
292
- if ( ( 'register' == $tag && true == $field['register'] ) || ( 'update' == $tag && true == $field['profile'] ) ) {
293
- if ( null == $this->post_data[ $meta_key ] ) {
294
- $wpmem_themsg = sprintf( $wpmem->get_text( 'reg_empty_field' ), __( $field['label'], 'wp-members' ) );
295
- }
296
- }
297
- }
298
- }
299
-
300
- // Validate file field type.
301
- if ( 'file' == $field['type'] || 'image' == $field['type'] ) {
302
- if ( '' == $field['file_types'] ) {
303
- $field['file_types'] = ( 'image' == $field['type'] ) ? 'gif|png|jpg|jpeg|bmp' : 'doc|docx|pdf|zip';
304
- }
305
- $allowed_file_types = explode( '|', $field['file_types'] );
306
- $msg_types = implode( ', ', $allowed_file_types );
307
- if ( ! empty( $_FILES[ $meta_key ]['name'] ) ) {
308
- $extension = pathinfo( $_FILES[ $meta_key ]['name'], PATHINFO_EXTENSION );
309
- if ( ! in_array( $extension, $allowed_file_types ) ) {
310
- $wpmem_themsg = sprintf( $wpmem->get_text( 'reg_file_type' ), __( $field['label'], 'wp-members' ), str_replace( '|', ',', $msg_types ) );
311
- }
312
- }
313
- }
314
- }
315
-
316
- if ( 'register' == $tag ) {
317
- if ( is_multisite() ) {
318
- // Multisite has different requirements.
319
- $result = wpmu_validate_user_signup( $this->post_data['username'], $this->post_data['user_email'] );
320
- $errors = $result['errors'];
321
- if ( $errors->errors ) {
322
- $wpmem_themsg = $errors->get_error_message();
323
- return $wpmem_themsg;
324
- exit();
325
- }
326
-
327
- } else {
328
- // Validate username and email fields.
329
- $wpmem_themsg = ( email_exists( $this->post_data['user_email'] ) ) ? "email" : $wpmem_themsg;
330
- $wpmem_themsg = ( username_exists( $this->post_data['username'] ) ) ? "user" : $wpmem_themsg;
331
- $wpmem_themsg = ( ! is_email( $this->post_data['user_email']) ) ? $wpmem->get_text( 'reg_valid_email' ) : $wpmem_themsg;
332
- $wpmem_themsg = ( ! validate_username( $this->post_data['username'] ) ) ? $wpmem->get_text( 'reg_non_alphanumeric' ) : $wpmem_themsg;
333
- $wpmem_themsg = ( ! $this->post_data['username'] ) ? $wpmem->get_text( 'reg_empty_username' ) : $wpmem_themsg;
334
-
335
- // If there is an error from username, email, or required field validation, stop registration and return the error.
336
- if ( $wpmem_themsg ) {
337
- return $wpmem_themsg;
338
- exit();
339
- }
340
- }
341
-
342
- // If form contains password and email confirmation, validate that they match.
343
- if ( array_key_exists( 'confirm_password', $this->post_data ) && $this->post_data['confirm_password'] != $this->post_data ['password'] ) {
344
- $wpmem_themsg = $wpmem->get_text( 'reg_password_match' );
345
- }
346
- if ( array_key_exists( 'confirm_email', $this->post_data ) && $this->post_data['confirm_email'] != $this->post_data ['user_email'] ) {
347
- $wpmem_themsg = $wpmem->get_text( 'reg_email_match' );
348
- }
349
-
350
- // Process CAPTCHA.
351
- if ( 0 != $wpmem->captcha ) {
352
- $check_captcha = WP_Members_Captcha::validate();
353
- if ( false === $check_captcha ) {
354
- return "empty"; // @todo Return and/or set error object. For now changed to return original value.
355
- }
356
- }
357
-
358
- // Check for user defined password.
359
- $this->post_data['password'] = wpmem_get( 'password', wp_generate_password() );
360
-
361
- // Add for _data hooks
362
- $this->post_data['user_registered'] = current_time( 'mysql', 1 );
363
- $this->post_data['user_role'] = get_option( 'default_role' );
364
- $this->post_data['wpmem_reg_ip'] = wpmem_get_user_ip();
365
- $this->post_data['wpmem_reg_url'] = esc_url_raw( wpmem_get( 'wpmem_reg_page', wpmem_get( 'redirect_to', false, 'request' ), 'request' ) );
366
-
367
- /*
368
- * These native fields are not installed by default, but if they
369
- * are added, use the $_POST value - otherwise, default to username.
370
- * Value can be filtered with wpmem_register_data.
371
- */
372
- foreach( array( 'user_nicename', 'display_name', 'nickname' ) as $user_names ) {
373
- $this->post_data[ $user_names ] = sanitize_text_field( wpmem_get( $user_names, $this->post_data['username'] ) );
374
- }
375
- }
376
- }
377
-
378
- /**
379
- * Validates registration fields in the native WP registration.
380
- *
381
- * @since 2.8.3
382
- * @since 3.3.0 Ported from wpmem_wp_reg_validate() in wp-registration.php.
383
- *
384
- * @global object $wpmem The WP-Members object class.
385
- *
386
- * @param array $errors A WP_Error object containing any errors encountered during registration.
387
- * @param string $sanitized_user_login User's username after it has been sanitized.
388
- * @param string $user_email User's email.
389
- * @return array $errors A WP_Error object containing any errors encountered during registration.
390
- */
391
- function wp_register_validate( $errors, $sanitized_user_login, $user_email ) {
392
-
393
- global $wpmem;
394
-
395
- // Get any meta fields that should be excluded.
396
- $exclude = wpmem_get_excluded_meta( 'wp-register' );
397
-
398
- foreach ( wpmem_fields( 'register_wp' ) as $meta_key => $field ) {
399
- $is_error = false;
400
- if ( true == $field['required'] && true == $field['register'] && $meta_key != 'user_email' && ! in_array( $meta_key, $exclude ) ) {
401
- if ( ( $field['type'] == 'checkbox' || $field['type'] == 'multicheckbox' || $field['type'] == 'multiselect' || $field['type'] == 'radio' ) && ( ! isset( $_POST[ $meta_key ] ) ) ) {
402
- $is_error = true;
403
- }
404
- if ( ( $field['type'] != 'checkbox' && $field['type'] != 'multicheckbox' && $field['type'] != 'multiselect' && $field['type'] != 'radio' ) && ( ! $_POST[ $meta_key ] ) ) {
405
- $is_error = true;
406
- }
407
- if ( $is_error ) {
408
- $errors->add( 'wpmem_error', sprintf( $wpmem->get_text( 'reg_empty_field' ), __( $field['label'], 'wp-members' ) ) );
409
- }
410
- }
411
- }
412
-
413
- return $errors;
414
- }
415
-
416
- /**
417
- * User registration functions.
418
- *
419
- * @since 3.1.7
420
- * @since 3.2.6 Added handler for membership field type.
421
- * @since 3.3.0 Changed from register() to register_finalize().
422
- *
423
- * @global object $wpmem
424
- * @param int $user_id
425
- */
426
- function register_finalize( $user_id ) {
427
-
428
- global $wpmem;
429
-
430
- // If this is WP-Members registration.
431
- if ( $this->reg_type['is_wpmem'] ) {
432
- // Put user ID into post_data array.
433
- $this->post_data['ID'] = $user_id;
434
-
435
- // Set remaining fields to wp_usermeta table.
436
- $new_user_fields_meta = array( 'user_url', 'first_name', 'last_name', 'description', 'jabber', 'aim', 'yim' );
437
- foreach ( $wpmem->fields as $meta_key => $field ) {
438
- // If the field is not excluded, update accordingly.
439
- if ( ! in_array( $meta_key, wpmem_get_excluded_meta( 'register' ) ) && ! in_array( $meta_key, $new_user_fields_meta ) ) {
440
- if ( $field['register'] && 'user_email' != $meta_key ) {
441
- // Assign memberships, if applicable.
442
- if ( 'membership' == $field['type'] && 1 == $wpmem->enable_products ) {
443
- wpmem_set_user_product( $this->post_data[ $meta_key ], $user_id );
444
- } else {
445
- update_user_meta( $user_id, $meta_key, $this->post_data[ $meta_key ] );
446
- }
447
- }
448
- }
449
- }
450
-
451
- // Store the registration url.
452
- update_user_meta( $user_id, 'wpmem_reg_url', $this->post_data['wpmem_reg_url'] );
453
-
454
- // Handle file uploads, if any.
455
- if ( ! empty( $_FILES ) ) {
456
- $this->upload_user_files( $user_id, $wpmem->fields );
457
- }
458
- }
459
-
460
- // If this is native WP (wp-login.php), Users > Add New, or WooCommerce registration.
461
- if ( $this->reg_type['is_native'] || $this->reg_type['is_add_new'] || $this->reg_type['is_woo'] ) {
462
- // Get any excluded meta fields.
463
- $exclude = wpmem_get_excluded_meta( 'wp-register' );
464
- foreach ( wpmem_fields( 'register_wp' ) as $meta_key => $field ) {
465
- $value = wpmem_get( $meta_key, false );
466
- if ( false !== $value && ! in_array( $meta_key, $exclude ) && 'file' != $field['type'] && 'image' != $field['type'] ) {
467
- if ( 'multiselect' == $field['type'] || 'multicheckbox' == $field['type'] ) {
468
- $value = implode( $field['delimiter'], $value );
469
- }
470
- $sanitized_value = sanitize_text_field( $value );
471
- update_user_meta( $user_id, $meta_key, $sanitized_value );
472
- }
473
- }
474
- }
475
-
476
- // If this is Users > Add New.
477
- if ( is_admin() && $this->reg_type['is_add_new'] ) {
478
- // If moderated registration and activate is checked, set active flags.
479
- if ( 1 == $wpmem->mod_reg && isset( $_POST['activate_user'] ) ) {
480
- update_user_meta( $user_id, 'active', 1 );
481
- wpmem_set_user_status( $user_id, 0 );
482
- }
483
- }
484
-
485
- // Capture IP address of all users at registration.
486
- $user_ip = ( $this->reg_type['is_wpmem'] ) ? $this->post_data['wpmem_reg_ip'] : wpmem_get_user_ip();
487
- update_user_meta( $user_id, 'wpmem_reg_ip', $user_ip );
488
-
489
- }
490
-
491
- /**
492
- * Fires wpmem_post_register_data action.
493
- *
494
- * @since 3.3.2
495
- *
496
- * @global stdClass $wpmem
497
- * @param int $user_id
498
- */
499
- function post_register_data( $user_id ) {
500
- global $wpmem;
501
- $wpmem->user->post_data['ID'] = $user_id;
502
- /**
503
- * Fires after user insertion but before email.
504
- *
505
- * @since 2.7.2
506
- * @since 3.3.2 Hooked to user_register.
507
- *
508
- * @param array $wpmem->user->post_data The user's submitted registration data.
509
- */
510
- do_action( 'wpmem_post_register_data', $wpmem->user->post_data );
511
- }
512
-
513
- /**
514
- * Sends emails on registration.
515
- *
516
- * @since 3.3.0
517
- *
518
- * @global object $wpmem
519
- *
520
- * @param int $user_id
521
- */
522
- function register_email_to_user( $user_id ) {
523
- global $wpmem;
524
- if ( $this->reg_type['is_wpmem'] ) {
525
- // @todo Work out a better method for this so that it is optional and can be turned on/off for native reg
526
- // Send a notification email to the user.
527
- wpmem_email_to_user( $user_id, $this->post_data['password'], $wpmem->mod_reg, $wpmem->fields, $this->post_data );
528
- }
529
- }
530
-
531
- /**
532
- * Sends admin notifiction on registration.
533
- *
534
- * @since 3.3.0
535
- *
536
- * @global object $wpmem
537
- *
538
- * @param int $user_id
539
- */
540
- function register_email_to_admin( $user_id ) {
541
- global $wpmem;
542
- if ( $this->reg_type['is_wpmem'] ) {
543
- // @todo Work out a better method for this so that it is optional and can be turned on/off for native reg
544
- // Notify admin of new reg, if needed.
545
- if ( 1 == $wpmem->notify ) {
546
- $wpmem->email->notify_admin( $user_id, $wpmem->fields, $this->post_data );
547
- }
548
- }
549
- }
550
-
551
- /**
552
- * Redirects user on registration.
553
- *
554
- * @since 3.1.7
555
- */
556
- function register_redirect() {
557
- $redirect_to = wpmem_get( 'redirect_to', false );
558
- if ( $redirect_to ) {
559
- $nonce_url = wp_nonce_url( $redirect_to, 'register_redirect', 'reg_nonce' );
560
- wp_safe_redirect( $nonce_url );
561
- exit();
562
- }
563
- }
564
-
565
- /**
566
- * Password change or reset.
567
- *
568
- * @since 3.1.7
569
- *
570
- * @param string $action
571
- * @return string $result
572
- */
573
- function password_update( $action ) {
574
- if ( isset( $_POST['formsubmit'] ) ) {
575
- if ( 'reset' == $action ) {
576
- $args = array(
577
- 'user' => sanitize_user( wpmem_get( 'user', false ) ),
578
- 'email' => sanitize_email( wpmem_get( 'email', false ) ),
579
- );
580
- } else {
581
- $args = array(
582
- 'pass1' => wpmem_get( 'pass1', false ),
583
- 'pass2' => wpmem_get( 'pass2', false ),
584
- );
585
- }
586
- return ( 'reset' == $action ) ? $this->password_reset( $args ) : $this->password_change( $args );
587
- }
588
- return;
589
- }
590
-
591
- /**
592
- * Change a user's password()
593
- *
594
- * @since 3.1.7
595
- *
596
- * @return
597
- */
598
- function password_change( $args ) {
599
- global $user_ID;
600
- $is_error = false;
601
- // Check for both fields being empty.
602
- $is_error = ( ! $args['pass1'] && ! $args['pass2'] ) ? "pwdchangempty" : $is_error;
603
- // Make sure the fields match.
604
- $is_error = ( $args['pass1'] != $args['pass2'] ) ? "pwdchangerr" : $is_error;
605
- /**
606
- * Filters the password change error.
607
- *
608
- * @since 3.1.5
609
- * @since 3.1.7 Moved to user object.
610
- *
611
- * @param string $is_error
612
- * @param int $user_ID The user's numeric ID.
613
- * @param string $args['pass1'] The user's new plain text password.
614
- */
615
- $is_error = apply_filters( 'wpmem_pwd_change_error', $is_error, $user_ID, $args['pass1'] );
616
- // User must be logged in.
617
- $is_error = ( ! is_user_logged_in() ) ? "loggedin" : $is_error;
618
- // Verify nonce.
619
- $is_error = ( ! wp_verify_nonce( $_REQUEST['_wpmem_pwdchange_nonce'], 'wpmem_shortform_nonce' ) ) ? "reg_generic" : $is_error;
620
- if ( $is_error ) {
621
- return $is_error;
622
- }
623
- /**
624
- * Fires after password change.
625
- *
626
- * @since 2.9.0
627
- * @since 3.0.5 Added $args['pass1'] to arguments passed.
628
- * @since 3.1.7 Moved to user object.
629
- *
630
- * @param int $user_ID The user's numeric ID.
631
- * @param string $args['pass1'] The user's new plain text password.
632
- */
633
- do_action( 'wpmem_pwd_change', $user_ID, $args['pass1'] );
634
- return "pwdchangesuccess";
635
- }
636
-
637
- /**
638
- * Reset a user's password.
639
- *
640
- * @since 3.1.7
641
- *
642
- */
643
- function password_reset( $args ) {
644
- global $wpmem;
645
- /**
646
- * Filter the password reset arguments.
647
- *
648
- * @since 2.7.1
649
- * @since 3.1.7 Moved to user object.
650
- *
651
- * @param array The username and email.
652
- */
653
- $arr = apply_filters( 'wpmem_pwdreset_args', $args );
654
- if ( ! $arr['user'] || ! $arr['email'] ) {
655
- // There was an empty field.
656
- return "pwdreseterr";
657
-
658
- } else {
659
-
660
- if ( ! wp_verify_nonce( $_REQUEST['_wpmem_pwdreset_nonce'], 'wpmem_shortform_nonce' ) ) {
661
- return "reg_generic";
662
- }
663
- if ( username_exists( $arr['user'] ) ) {
664
- $user = get_user_by( 'login', $arr['user'] );
665
- if ( strtolower( $user->user_email ) !== strtolower( $arr['email'] ) || ( ( $wpmem->mod_reg == 1 ) && ( get_user_meta( $user->ID, 'active', true ) != 1 ) ) ) {
666
- // The username was there, but the email did not match OR the user hasn't been activated.
667
- return "pwdreseterr";
668
- } else {
669
- // Generate a new password.
670
- $new_pass = wp_generate_password();
671
- // Update the users password.
672
- wp_set_password( $new_pass, $user->ID );
673
- // Send it in an email.
674
- wpmem_email_to_user( $user->ID, $new_pass, 3 );
675
- /**
676
- * Fires after password reset.
677
- *
678
- * @since 2.9.0
679
- * @since 3.0.5 Added $new_pass to arguments passed.
680
- * @since 3.1.7 Moved to user object.
681
- *
682
- * @param int $user_ID The user's numeric ID.
683
- * @param string $new_pass The new plain text password.
684
- */
685
- do_action( 'wpmem_pwd_reset', $user->ID, $new_pass );
686
- return "pwdresetsuccess";
687
- }
688
- } else {
689
- // Username did not exist.
690
- return "pwdreseterr";
691
- }
692
- }
693
- return;
694
- }
695
-
696
- /**
697
- * Handles retrieving a forgotten username.
698
- *
699
- * @since 3.0.8
700
- * @since 3.1.6 Dependencies now loaded by object.
701
- * @since 3.1.8 Moved to user object.
702
- *
703
- * @global object $wpmem
704
- * @return string $regchk The regchk value.
705
- */
706
- function retrieve_username() {
707
- global $wpmem;
708
- if ( isset( $_POST['formsubmit'] ) ) {
709
-
710
- if ( ! wp_verify_nonce( $_REQUEST['_wpmem_getusername_nonce'], 'wpmem_shortform_nonce' ) ) {
711
- return "reg_generic";
712
- }
713
-
714
- $email = sanitize_email( $_POST['user_email'] );
715
- $user = ( isset( $_POST['user_email'] ) ) ? get_user_by( 'email', $email ) : false;
716
- if ( $user ) {
717
- // Send it in an email.
718
- wpmem_email_to_user( $user->ID, '', 4 );
719
- /**
720
- * Fires after retrieving username.
721
- *
722
- * @since 3.0.8
723
- *
724
- * @param int $user_ID The user's numeric ID.
725
- */
726
- do_action( 'wpmem_get_username', $user->ID );
727
- return 'usernamesuccess';
728
- } else {
729
- return 'usernamefailed';
730
- }
731
- }
732
- return;
733
- }
734
-
735
- /**
736
- * Handle user file uploads for registration and profile update.
737
- *
738
- * @since 3.1.8
739
- * @since 3.2.6 Add file's post ID to $this->post_data.
740
- *
741
- * @param string $user_id
742
- * @param array $fields
743
- */
744
- function upload_user_files( $user_id, $fields ) {
745
- global $wpmem;
746
- foreach ( $fields as $meta_key => $field ) {
747
- if ( ( 'file' == $field['type'] || 'image' == $field['type'] ) && isset( $_FILES[ $meta_key ] ) && is_array( $_FILES[ $meta_key ] ) ) {
748
- if ( ! empty( $_FILES[ $meta_key ]['name'] ) ) {
749
- // Upload the file and save it as an attachment.
750
- $file_post_id = $wpmem->forms->do_file_upload( $_FILES[ $meta_key ], $user_id );
751
- // Save the attachment ID as user meta.
752
- update_user_meta( $user_id, $meta_key, $file_post_id );
753
- // Add attachement ID to post data array.
754
- $this->post_data[ $meta_key ] = $file_post_id;
755
- }
756
- }
757
- }
758
- }
759
-
760
- /**
761
- * Get user data for all fields in WP-Members.
762
- *
763
- * Retrieves user data for all WP-Members fields (and WP default fields)
764
- * in an array keyed by WP-Members field meta keys.
765
- *
766
- * @since 3.2.0
767
- * @since 3.2.6 Added option for "all" fields (default:false).
768
- *
769
- * @param string $user_id optional (defaults to current user)
770
- * @param string $all optional (default to false)
771
- * @return array $user_fields
772
- */
773
- function user_data( $user_id = false, $all = false ) {
774
- $user_id = ( $user_id ) ? $user_id : get_current_user_id();
775
- if ( true == $all ) {
776
- $user_info = get_user_meta( $user_id );
777
- foreach( $user_info as $key => $value ) {
778
- $formatted = maybe_unserialize( $value[0] );
779
- $user_fields[ $key ] = $formatted;
780
- }
781
- } else {
782
- $fields = wpmem_fields();
783
- $user_data = get_userdata( $user_id );
784
- $excludes = array( 'first_name', 'last_name', 'description', 'nickname' );
785
- foreach ( $fields as $meta => $field ) {
786
- $meta = ( 'username' == $meta ) ? 'user_login' : $meta;
787
- if ( $field['native'] == 1 && ! in_array( $meta, $excludes ) ) {
788
- $user_fields[ $meta ] = $user_data->data->{$meta};
789
- } else {
790
- $user_fields[ $meta ] = get_user_meta( $user_id, $meta, true );
791
- }
792
- }
793
- }
794
- return $user_fields;
795
- }
796
-
797
- /**
798
- * Sets the role for the specified user.
799
- *
800
- * @since 3.2.0
801
- *
802
- * @param integer $user_id
803
- * @param string $role
804
- * @param string $action (set|add|remove)
805
- */
806
- public function update_user_role( $user_id, $role, $action = 'set' ) {
807
- $user = new WP_User( $user_id );
808
- switch ( $action ) {
809
- case 'add':
810
- $user->add_role( $role );
811
- break;
812
- case 'remove':
813
- $user->remove_role( $role );
814
- break;
815
- default:
816
- $user->set_role( $role );
817
- break;
818
- }
819
- }
820
-
821
- /**
822
- * Sets a user's password.
823
- *
824
- * @since 3.2.3
825
- *
826
- * @param int $user_id
827
- * @param string $password
828
- */
829
- function set_password( $user_id, $password ) {
830
- wp_set_password( $password, $user_id );
831
- }
832
-
833
- /**
834
- * Sets user as logged on password change.
835
- *
836
- * (Hooked to wpmem_pwd_change)
837
- *
838
- * @since 3.2.0
839
- *
840
- * @param int $user_id
841
- * @param string $password
842
- */
843
- function set_as_logged_in( $user_id ) {
844
- $user = get_user_by( 'id', $user_id );
845
- wp_set_current_user( $user_id, $user->user_login );
846
- wp_set_auth_cookie( $user_id );
847
- }
848
-
849
- /**
850
- * Validates user access to content.
851
- *
852
- * @since 3.2.0
853
- * @todo Currently checks in this order: expiration, role, "other". If expiration product,
854
- * and the user is current, then access is granted. This doesn't consider if the
855
- * user is current but does not have a required role (if BOTH an expiration and role
856
- * product). Maybe add role checking to the expiration block if both exist.
857
- *
858
- * @global object $wpmem
859
- * @param mixed $product
860
- * @param int $user_id (optional)
861
- * @return bool $access
862
- */
863
- function has_access( $product, $user_id = false ) {
864
- global $wpmem;
865
- if ( false === $user_id && ! is_user_logged_in() ) {
866
- return false;
867
- }
868
-
869
- // Product must be an array.
870
- $product_array = ( ! is_array( $product ) ) ? array( $product ) : $product;
871
-
872
- // Load user memberships array.
873
- $memberships = ( false == $user_id ) ? $this->access : wpmem_get_user_products( $user_id );
874
-
875
- // Current user or requested user.
876
- $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id;
877
-
878
- // Start by assuming no access.
879
- $access = false;
880
-
881
- foreach ( $product_array as $prod ) {
882
- $expiration_product = false;
883
- $role_product = false;
884
- if ( isset( $memberships[ $prod ] ) ) {
885
- // Is this an expiration product?
886
- if ( isset( $wpmem->membership->products[ $prod ]['expires'][0] ) && ! is_bool( $memberships[ $prod ] ) ) {
887
- $expiration_product = true;
888
- if ( $this->is_current( $memberships[ $prod ] ) ) {
889
- $access = true;
890
- break;
891
- }
892
- }
893
- // Is this a role product?
894
- if ( '' != $wpmem->membership->products[ $prod ]['role'] ) {
895
- $role_product = true;
896
- if ( $memberships[ $prod ] && wpmem_user_has_role( $wpmem->membership->products[ $prod ]['role'] ) ) {
897
- if ( $expiration_product && ! $this->is_current( $memberships[ $prod ] ) ) {
898
- $access = false;
899
- break;
900
- }
901
- $access = true;
902
- break;
903
- }
904
- }
905
- if ( ! $expiration_product && ! $role_product && $memberships[ $prod ] ) {
906
- $access = true;
907
- break;
908
- }
909
- }
910
- }
911
-
912
- /**
913
- * Filter the access result.
914
- *
915
- * @since 3.2.0
916
- * @since 3.2.3 Added $product argument.
917
- *
918
- * @param boolean $access
919
- * @param array $product
920
- * @param integer $user_id
921
- * @param array $args
922
- */
923
- return apply_filters( 'wpmem_user_has_access', $access, $product_array, $user_id );
924
-
925
- }
926
-
927
- /**
928
- * Loads anything the user has access to.
929
- *
930
- * @since 3.2.0
931
- * @since 3.2.6 Updated to return empty array if no products exist for this user.
932
- * @since 3.3.0 Updated to use individual meta for product access.
933
- *
934
- * @global object $wpmem
935
- *
936
- * @param int $user_id
937
- * @return array $products
938
- */
939
- function get_user_products( $user_id = false, $obj = false ) {
940
- global $wpmem;
941
- $product_array = ( $obj ) ? $obj->membership->products : $wpmem->membership->products;
942
- $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id;
943
- foreach ( $product_array as $product_meta => $product ) {
944
- $user_product = get_user_meta( $user_id, '_wpmem_products_' . $product_meta, true );
945
- if ( $user_product ) {
946
- $products[ $product_meta ] = $user_product;
947
- }
948
- $user_product = '';
949
- }
950
- return ( isset( $products ) ) ? $products : array();
951
- }
952
-
953
- /**
954
- * Sets a product as active for a user.
955
- *
956
- * If the product expires, it sets an expiration date
957
- * based on the time period. Otherwise the value is
958
- * set to "true" (which does not expire).
959
- *
960
- * @since 3.2.0
961
- * @since 3.2.6 Added $date to set a specific expiration date.
962
- * @since 3.3.0 Updated to new single meta, keeps legacy array for rollback.
963
- * @since 3.3.1 Added no gap renewal option, @todo Needs some possible condensing.
964
- *
965
- * @param string $product
966
- * @param int $user_id
967
- * @param string $set_date Formatted date should be MySQL timestamp, or simply YYYY-MM-DD.
968
- */
969
- function set_user_product( $product, $user_id = false, $set_date = false ) {
970
-
971
- global $wpmem;
972
-
973
- $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id;
974
-
975
- // New single meta format. @todo This remains when legacy array is removed.
976
- $prev_value = get_user_meta( $user_id, '_wpmem_products_' . $product, true );
977
-
978
- // Convert date to add.
979
- $expiration_period = ( isset( $wpmem->membership->products[ $product ]['expires'] ) ) ? $wpmem->membership->products[ $product ]['expires'] : false;
980
-
981
- $renew = ( $prev_value ) ? true : false;
982
-
983
- // If membership is an expiration product.
984
- if ( is_array( $expiration_period ) ) {
985
- $new_value = $wpmem->membership->set_product_expiration( $product, $user_id, $set_date, $prev_value, $renew );
986
- } else {
987
- $new_value = true;
988
- }
989
-
990
- // Update product setting.
991
- update_user_meta( $user_id, '_wpmem_products_' . $product, $new_value );
992
-
993
- // Update the legacy setting.
994
- $user_products = get_user_meta( $user_id, '_wpmem_products', true );
995
- $user_products = ( $user_products ) ? $user_products : array();
996
- $user_products[ $product ] = ( true === $new_value ) ? true : date( 'Y-m-d H:i:s', $new_value );
997
- update_user_meta( $user_id, '_wpmem_products', $user_products );
998
-
999
- /**
1000
- * Fires when a user product has been set.
1001
- *
1002
- * @since 3.3.0
1003
- *
1004
- * @param int $user_id
1005
- * @param string $product
1006
- */
1007
- do_action( 'wpmem_user_product_set', $user_id, $product, $new_value, $prev_value, $renew );
1008
-
1009
- }
1010
-
1011
- /**
1012
- * Removes a product from a user.
1013
- *
1014
- * @since 3.2.0
1015
- * @since 3.3.0 Updated for new single meta, keeps legacy array for rollback.
1016
- *
1017
- * @param string $product
1018
- * @param int $user_id
1019
- */
1020
- function remove_user_product( $product, $user_id = false ) {
1021
- global $wpmem;
1022
- $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id;
1023
-
1024
- // @todo Legacy version.
1025
- $user_products = get_user_meta( $user_id, '_wpmem_products', true );
1026
- $user_products = ( $user_products ) ? $user_products : array();
1027
- if ( $user_products ) {
1028
- unset( $user_products[ $product ] );
1029
- update_user_meta( $user_id, '_wpmem_products', $user_products );
1030
- }
1031
-
1032
- // @todo New version.
1033
- return delete_user_meta( $user_id, '_wpmem_products_' . $product );
1034
- }
1035
-
1036
- /**
1037
- * Utility for expiration validation.
1038
- *
1039
- * @since 3.2.0
1040
- * @since 3.3.0 Validates date or epoch time.
1041
- *
1042
- * @param date $date
1043
- */
1044
- function is_current( $date ) {
1045
- $date = ( is_numeric( $date ) ) ? $date : strtotime( $date );
1046
- return ( time() < $date ) ? true : false;
1047
- }
1048
-
1049
- /**
1050
- * Check if a user is activated.
1051
- *
1052
- * @since 3.2.2
1053
- *
1054
- * @param int $user_id
1055
- * @return bool $active
1056
- */
1057
- function is_user_activated( $user_id = false ) {
1058
- $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id;
1059
- $active = get_user_meta( $user_id, 'active', true );
1060
- $is_activated = ( 1 == $active ) ? true : false;
1061
- /**
1062
- * Filter whether the user is active or not.
1063
- *
1064
- * @since 3.3.5
1065
- *
1066
- * @param bool $is_activated
1067
- * @param int $user_id
1068
- */
1069
- return apply_filters( 'wpmem_is_user_activated', $is_activated, $user_id );
1070
- }
1071
-
1072
- /**
1073
- * Checks if a user is activated during user authentication.
1074
- *
1075
- * @since 2.7.1
1076
- * @since 3.2.0 Moved from core to user object.
1077
- *
1078
- * @param object $user The WordPress User object.
1079
- * @param string $username The user's username (user_login).
1080
- * @param string $password The user's password.
1081
- * @return object $user The WordPress User object.
1082
- */
1083
- function check_activated( $user, $username, $password ) {
1084
- // Password must be validated.
1085
- $pass = ( ( ! is_wp_error( $user ) ) && $password ) ? wp_check_password( $password, $user->user_pass, $user->ID ) : false;
1086
-
1087
- if ( ! $pass ) {
1088
- return $user;
1089
- }
1090
-
1091
- // Activation flag must be validated.
1092
- if ( ! $this->is_user_activated( $user->ID ) ) {
1093
- return new WP_Error( 'authentication_failed', __( '<strong>ERROR</strong>: User has not been activated.', 'wp-members' ) );
1094
- }
1095
-
1096
- // If the user is validated, return the $user object.
1097
- return $user;
1098
- }
1099
-
1100
- /**
1101
- * Prevents users not activated from resetting their password.
1102
- *
1103
- * @since 2.5.1
1104
- * @since 3.2.0 Moved to user object, renamed no_reset().
1105
- *
1106
- * @return bool Returns false if the user is not activated, otherwise true.
1107
- */
1108
- function no_reset() {
1109
- global $wpmem;
1110
- $raw_val = wpmem_get( 'user_login', false );
1111
- if ( $raw_val ) {
1112
- if ( strpos( $raw_val, '@' ) ) {
1113
- $user = get_user_by( 'email', sanitize_email( $raw_val ) );
1114
- } else {
1115
- $username = sanitize_user( $raw_val );
1116
- $user = get_user_by( 'login', $username );
1117
- }
1118
- if ( $wpmem->mod_reg == 1 ) {
1119
- if ( get_user_meta( $user->ID, 'active', true ) != 1 ) {
1120
- return false;
1121
- }
1122
- }
1123
- }
1124
-
1125
- return true;
1126
- }
1127
-
1128
- /**
1129
- * Set expiration for PayPal Subscriptions extension.
1130
- *
1131
- * @since 3.3.0
1132
- *
1133
- * @global object $wpmem
1134
- *
1135
- * @param int $user_id
1136
- */
1137
- function set_user_exp( $user_id ) {
1138
- global $wpmem;
1139
- // Set user expiration, if used.
1140
- if ( 1 == $wpmem->use_exp && 1 != $wpmem->mod_reg ) {
1141
- if ( function_exists( 'wpmem_set_exp' ) ) {
1142
- wpmem_set_exp( $user_id );
1143
- }
1144
- }
1145
- }
1146
-
1147
- /**
1148
- * Sets default membership product access (if applicable).
1149
- *
1150
- * @since 3.3.0
1151
- *
1152
- * @global object $wpmem
1153
- *
1154
- * @param int $user_id
1155
- */
1156
- function set_default_product( $user_id ) {
1157
- global $wpmem;
1158
-
1159
- // Get default memberships.
1160
- $default_products = $wpmem->membership->get_default_products();
1161
-
1162
- // Assign any default memberships to user.
1163
- foreach ( $default_products as $product ) {
1164
- wpmem_set_user_product( $product, $user_id );
1165
- }
1166
- }
1167
-
 
 
 
 
 
 
 
 
 
1168
  }
1
+ <?php
2
+ /**
3
+ * The WP_Members_User Class.
4
+ *
5
+ * This is the WP_Members User object class. This class contains functions
6
+ * for login, logout, registration and other user related methods.
7
+ *
8
+ * @package WP-Members
9
+ * @subpackage WP_Members_User Object Class
10
+ * @since 3.0.0
11
+ */
12
+
13
+ // Exit if accessed directly.
14
+ if ( ! defined( 'ABSPATH' ) ) {
15
+ exit();
16
+ }
17
+
18
+ class WP_Members_User {
19
+
20
+ /**
21
+ * Container for reg form data.
22
+ *
23
+ * @since 3.1.7
24
+ * @access public
25
+ * @var array
26
+ */
27
+ public $post_data = array();
28
+
29
+ /**
30
+ * Container for user access information.
31
+ *
32
+ * @since 3.2.0
33
+ * @access public
34
+ * @var array
35
+ */
36
+ public $access = array();
37
+
38
+ /**
39
+ * Initilize the User object.
40
+ *
41
+ * @since 3.1.7
42
+ *
43
+ * @param object $settings The WP_Members Object
44
+ */
45
+ function __construct( $settings ) {
46
+ add_action( 'user_register', array( $this, 'set_reg_type' ), 1 );
47
+ add_action( 'user_register', array( $this, 'register_finalize' ), 5 ); // @todo This needs rigorous testing, especially front end processing such as WC.
48
+ add_action( 'user_register', array( $this, 'post_register_data' ), 9 ); // Changed this to 9 so custom user meta is saved before the default (10) priority.
49
+ add_action( 'user_register', array( $this, 'set_user_exp' ), 25 );
50
+ add_action( 'user_register', array( $this, 'register_email_to_user' ), 25 ); // @todo This needs rigorous testing for integration with WC or WP native.
51
+ add_action( 'user_register', array( $this, 'register_email_to_admin' ), 25 ); // @todo This needs rigorous testing for integration with WC or WP native.register_email_to_admin
52
+
53
+ add_action( 'wpmem_register_redirect', array( $this, 'register_redirect' ), 20 ); // Adds a nonce to the redirect if there is a "redirect_to" attribute in the reg form.
54
+
55
+ add_filter( 'registration_errors', array( $this, 'wp_register_validate' ), 10, 3 ); // native registration validation
56
+
57
+ // Load anything the user as access to.
58
+ if ( 1 == $settings->enable_products ) {
59
+ add_action( 'user_register', array( $this, 'set_default_product' ), 6 );
60
+
61
+ if ( is_user_logged_in() ) {
62
+ $this->access = $this->get_user_products( false, $settings );
63
+ }
64
+ }
65
+ }
66
+
67
+ /**
68
+ * Handle user login.
69
+ *
70
+ * Built from, but replaces, the original wpmem_login() function
71
+ * from core.php. wpmem_login() is currently maintained as a
72
+ * wrapper and is the direct function called for login.
73
+ *
74
+ * @since 3.1.7
75
+ * @since 3.2.3 Removed wpmem_login_fields filter.
76
+ * @since 3.2.3 Replaced form collection with WP script to facilitate login with username OR email.
77
+ * @since 3.2.3 Changed to wp_safe_redirect().
78
+ *
79
+ * @return string Returns "loginfailed" if failed login.
80
+ */
81
+ function login() {
82
+
83
+ global $wpmem;
84
+
85
+ if ( ! empty( $_POST['log'] ) && ! force_ssl_admin() ) {
86
+ $user_name = sanitize_user( $_POST['log'] );
87
+ $user = get_user_by( 'login', $user_name );
88
+
89
+ if ( ! $user && strpos( $user_name, '@' ) ) {
90
+ $user = get_user_by( 'email', $user_name );
91
+ }
92
+ }
93
+
94
+ $user = wp_signon( array(), is_ssl() );
95
+
96
+ if ( is_wp_error( $user ) ) {
97
+ $wpmem->error = $user->get_error_message();
98
+ return "loginfailed";
99
+ } else {
100
+ $redirect_to = wpmem_get( 'redirect_to', false );
101
+ $redirect_to = ( $redirect_to ) ? esc_url_raw( trim( $redirect_to ) ) : esc_url_raw( wpmem_current_url() );
102
+ /** This filter defined in wp-login.php */
103
+ $redirect_to = apply_filters( 'login_redirect', $redirect_to, '', $user );
104
+ /**
105
+ * Filter the redirect url.
106
+ *
107
+ * This is the plugin's original redirect filter. In 3.1.7,
108
+ * WP's login_redirect filter hook was added to provide better
109
+ * integration support for other plugins and also for users
110
+ * who may already be using WP's filter(s). login_redirect
111
+ * comes first, then wpmem_login_redirect. So wpmem_login_redirect
112
+ * can be used to override a default in login_redirect.
113
+ *
114
+ * @since 2.7.7
115
+ * @since 2.9.2 Added $user_id
116
+ *
117
+ * @param string $redirect_to The url to direct to.
118
+ * @param int $user->ID The user's primary key ID.
119
+ */
120
+ $redirect_to = apply_filters( 'wpmem_login_redirect', $redirect_to, $user->ID );
121
+ wp_safe_redirect( $redirect_to );
122
+ exit();
123
+ }
124
+ }
125
+
126
+ /**
127
+ * Handle user logout.
128
+ *
129
+ * Built from, but replaces, the original wpmem_logout() function
130
+ * from core.php. wpmem_logout() is currently maintained as a
131
+ * wrapper and is the direct function called for logout.
132
+ *
133
+ * @since 3.1.7
134
+ * @since 3.2.0 Added logout_redirect filter
135
+ *
136
+ * @param string $redirect_to URL to redirect the user to (default: false).
137
+ */
138
+ function logout( $redirect_to = false ) {
139
+ // Default redirect URL.
140
+ $redirect_to = ( $redirect_to ) ? $redirect_to : home_url();
141
+
142
+ /** This filter is documented in /wp-login.php */
143
+ $redirect_to = apply_filters( 'logout_redirect', $redirect_to, $redirect_to, wp_get_current_user() );
144
+ /**
145
+ * Filter where the user goes when logged out.
146
+ *
147
+ * @since 2.7.1
148
+ * @since 3.1.7 Moved to WP_Members_Users Class.
149
+ *
150
+ * @param string The blog home page.
151
+ */
152
+ $redirect_to = apply_filters( 'wpmem_logout_redirect', $redirect_to );
153
+
154
+ wp_destroy_current_session();
155
+ wp_clear_auth_cookie();
156
+
157
+ /** This action is defined in /wp-includes/pluggable.php. */
158
+ do_action( 'wp_logout' );
159
+
160
+ wp_safe_redirect( $redirect_to );
161
+ exit();
162
+ }
163
+
164
+ /**
165
+ * Sets the registration type.
166
+ *
167
+ * @since 3.3.0
168
+ */
169
+ function set_reg_type() {
170
+ // Is this a WP-Members registration?
171
+ $this->reg_type['is_wpmem'] = ( 'register' == wpmem_get( 'a' ) ) ? true : false;
172
+ // Is this WP's native registration? Checks the native submit button.
173
+ $this->reg_type['is_native'] = ( __( 'Register' ) == wpmem_get( 'wp-submit' ) ) ? true : false;
174
+ // Is this a Users > Add New process? Checks the post action.
175
+ $this->reg_type['is_add_new'] = ( 'createuser' == wpmem_get( 'action' ) ) ? true : false;
176
+ // Is this a WooCommerce my account registration? Checks for WC fields.
177
+ $this->reg_type['is_woo'] = ( wpmem_get( 'woocommerce-register-nonce' ) ) ? true : false;
178
+ // Is this a WooCommerce checkout?
179
+ $this->reg_type['is_woo_checkout'] = ( wpmem_get( 'woocommerce_checkout_place_order' ) ) ? true : false;
180
+ }
181
+
182
+ /**
183
+ * Validate user registration.
184
+ *
185
+ * @since 3.3.0
186
+ *
187
+ * @global int $user_ID
188
+ * @global string $wpmem_themsg
189
+ * @global array $userdata
190
+ *
191
+ * @param string $tag
192
+ */
193
+ function register_validate( $tag ) {
194
+
195
+ // Get the globals.
196
+ global $user_ID, $wpmem, $wpmem_themsg, $userdata;
197
+
198
+ // Check the nonce.
199
+ if ( empty( $_POST ) || ! wp_verify_nonce( $_REQUEST[ '_wpmem_' . $tag . '_nonce' ], 'wpmem_longform_nonce' ) ) {
200
+ $wpmem_themsg = __( 'There was an error processing the form.', 'wp-members' );
201
+ return;
202
+ }
203
+
204
+ // Make sure fields are loaded.
205
+ wpmem_fields( $tag );
206
+
207
+ // Is this a registration or a user profile update?
208
+ if ( 'register' == $tag ) {
209
+ $this->post_data['username'] = sanitize_user( wpmem_get( 'username' ) );
210
+ }
211
+
212
+ // Add the user email to the $this->post_data array for _data hooks.
213
+ if ( isset( $wpmem->fields['user_email'] ) ) {
214
+ $this->post_data['user_email'] = sanitize_email( wpmem_get( 'user_email' ) );
215
+ }
216
+
217
+ // If this is an update, and tos is a field, and the user has the correct saved value, remove tos.
218
+ if ( 'update' == $tag && isset( $wpmem->fields['tos'] ) ) {
219
+ if ( get_user_meta( $user_ID, 'tos', true ) == $wpmem->fields['tos']['checked_value'] ) {
220
+ unset( $wpmem->fields['tos'] );
221
+ }
222
+ }
223
+
224
+ // Build the $this->post_data array from $_POST data.
225
+ foreach ( $wpmem->fields as $meta_key => $field ) {
226
+ if ( ( 'register' == $tag && true == $field['register'] ) || ( 'update' == $tag && true == $field['profile'] ) ) {
227
+ if ( 'password' != $meta_key && 'confirm_password' != $meta_key && 'username' != $meta_key ) {
228
+ if ( isset( $_POST[ $meta_key ] ) ) {
229
+ switch ( $field['type'] ) {
230
+ case 'checkbox':
231
+ $this->post_data[ $meta_key ] = sanitize_text_field( $_POST[ $meta_key ] );
232
+ break;
233
+ case 'multiselect':
234
+ case 'multicheckbox':
235
+ $delimiter = ( isset( $field['delimiter'] ) ) ? $field['delimiter'] : '|';
236
+ $this->post_data[ $meta_key ] = ( isset( $_POST[ $meta_key ] ) ) ? implode( $delimiter, wpmem_sanitize_array( $_POST[ $meta_key ] ) ) : '';
237
+ break;
238
+ case 'textarea':
239
+ $this->post_data[ $meta_key ] = sanitize_textarea_field( $_POST[ $meta_key ] );
240
+ break;
241
+ default:
242
+ $this->post_data[ $meta_key ] = sanitize_text_field( $_POST[ $meta_key ] );
243
+ break;
244
+ }
245
+ } else {
246
+ $this->post_data[ $meta_key ] = '';
247
+ }
248
+ } else {
249
+ // We do have password as part of the registration form.
250
+ if ( isset( $_POST['password'] ) ) {
251
+ $this->post_data['password'] = $_POST['password'];
252
+ }
253
+ if ( isset( $_POST['confirm_password'] ) ) {
254
+ $this->post_data['confirm_password'] = $_POST['confirm_password'];
255
+ }
256
+ }
257
+ }
258
+ }
259
+
260
+ /**
261
+ * Filter the submitted form fields prior to validation.
262
+ *
263
+ * @since 2.8.2
264
+ * @since 3.1.7 Added $tag
265
+ * @since 3.2.0 Moved to regiser_validate() method in user object class.
266
+ *
267
+ * @param array $this->post_data An array of the posted form field data.
268
+ * @param string $tag
269
+ */
270
+ $this->post_data = apply_filters( 'wpmem_pre_validate_form', $this->post_data, $tag );
271
+
272
+ if ( 'update' == $tag ) {
273
+ $pass_arr = array( 'username', 'password', 'confirm_password', 'password_confirm' );
274
+ foreach ( $pass_arr as $pass ) {
275
+ unset( $wpmem->fields[ $pass ] );
276
+ }
277
+ }
278
+
279
+ // Check for required fields, reverse the array for logical error message order.
280
+ foreach ( array_reverse( $wpmem->fields ) as $meta_key => $field ) {
281
+ // Validation if the field is required.
282
+ if ( true == $field['required'] ) {
283
+ if ( 'file' == $field['type'] || 'image' == $field['type'] ) {
284
+ // If this is a new registration.
285
+ if ( 'register' == $tag ) {
286
+ // If the required field is a file type.
287
+ if ( empty( $_FILES[ $meta_key ]['name'] ) ) {
288
+ $wpmem_themsg = sprintf( $wpmem->get_text( 'reg_empty_field' ), __( $field['label'], 'wp-members' ) );
289
+ }
290
+ }
291
+ } else {
292
+ // If the required field is any other field type.
293
+ if ( ( 'register' == $tag && true == $field['register'] ) || ( 'update' == $tag && true == $field['profile'] ) ) {
294
+ if ( null == $this->post_data[ $meta_key ] ) {
295
+ $wpmem_themsg = sprintf( $wpmem->get_text( 'reg_empty_field' ), __( $field['label'], 'wp-members' ) );
296
+ }
297
+ }
298
+ }
299
+ }
300
+
301
+ // Validate file field type.
302
+ if ( 'file' == $field['type'] || 'image' == $field['type'] ) {
303
+ if ( '' == $field['file_types'] ) {
304
+ $field['file_types'] = ( 'image' == $field['type'] ) ? 'gif|png|jpg|jpeg|bmp' : 'doc|docx|pdf|zip';
305
+ }
306
+ $allowed_file_types = explode( '|', $field['file_types'] );
307
+ $msg_types = implode( ', ', $allowed_file_types );
308
+ if ( ! empty( $_FILES[ $meta_key ]['name'] ) ) {
309
+ $extension = pathinfo( $_FILES[ $meta_key ]['name'], PATHINFO_EXTENSION );
310
+ if ( ! in_array( $extension, $allowed_file_types ) ) {
311
+ $wpmem_themsg = sprintf( $wpmem->get_text( 'reg_file_type' ), __( $field['label'], 'wp-members' ), str_replace( '|', ',', $msg_types ) );
312
+ }
313
+ }
314
+ }
315
+ }
316
+
317
+ if ( 'register' == $tag ) {
318
+ if ( is_multisite() ) {
319
+ // Multisite has different requirements.
320
+ $result = wpmu_validate_user_signup( $this->post_data['username'], $this->post_data['user_email'] );
321
+ $errors = $result['errors'];
322
+ if ( $errors->errors ) {
323
+ $wpmem_themsg = $errors->get_error_message();
324
+ return $wpmem_themsg;
325
+ exit();
326
+ }
327
+
328
+ } else {
329
+ // Validate username and email fields.
330
+ $wpmem_themsg = ( email_exists( $this->post_data['user_email'] ) ) ? "email" : $wpmem_themsg;
331
+ $wpmem_themsg = ( username_exists( $this->post_data['username'] ) ) ? "user" : $wpmem_themsg;
332
+ $wpmem_themsg = ( ! is_email( $this->post_data['user_email']) ) ? $wpmem->get_text( 'reg_valid_email' ) : $wpmem_themsg;
333
+ $wpmem_themsg = ( ! validate_username( $this->post_data['username'] ) ) ? $wpmem->get_text( 'reg_non_alphanumeric' ) : $wpmem_themsg;
334
+ $wpmem_themsg = ( ! $this->post_data['username'] ) ? $wpmem->get_text( 'reg_empty_username' ) : $wpmem_themsg;
335
+
336
+ // If there is an error from username, email, or required field validation, stop registration and return the error.
337
+ if ( $wpmem_themsg ) {
338
+ return $wpmem_themsg;
339
+ exit();
340
+ }
341
+ }
342
+
343
+ // If form contains password and email confirmation, validate that they match.
344
+ if ( array_key_exists( 'confirm_password', $this->post_data ) && $this->post_data['confirm_password'] != $this->post_data ['password'] ) {
345
+ $wpmem_themsg = $wpmem->get_text( 'reg_password_match' );
346
+ }
347
+ if ( array_key_exists( 'confirm_email', $this->post_data ) && $this->post_data['confirm_email'] != $this->post_data ['user_email'] ) {
348
+ $wpmem_themsg = $wpmem->get_text( 'reg_email_match' );
349
+ }
350
+
351
+ // Process CAPTCHA.
352
+ if ( 0 != $wpmem->captcha ) {
353
+ $check_captcha = WP_Members_Captcha::validate();
354
+ if ( false === $check_captcha ) {
355
+ return "empty"; // @todo Return and/or set error object. For now changed to return original value.
356
+ }
357
+ }
358
+
359
+ // Check for user defined password.
360
+ $this->post_data['password'] = wpmem_get( 'password', wp_generate_password() );
361
+
362
+ // Add for _data hooks
363
+ $this->post_data['user_registered'] = current_time( 'mysql', 1 );
364
+ $this->post_data['user_role'] = get_option( 'default_role' );
365
+ $this->post_data['wpmem_reg_ip'] = wpmem_get_user_ip();
366
+ $this->post_data['wpmem_reg_url'] = esc_url_raw( wpmem_get( 'wpmem_reg_page', wpmem_get( 'redirect_to', false, 'request' ), 'request' ) );
367
+
368
+ /*
369
+ * These native fields are not installed by default, but if they
370
+ * are added, use the $_POST value - otherwise, default to username.
371
+ * Value can be filtered with wpmem_register_data.
372
+ */
373
+ foreach( array( 'user_nicename', 'display_name', 'nickname' ) as $user_names ) {
374
+ $this->post_data[ $user_names ] = sanitize_text_field( wpmem_get( $user_names, $this->post_data['username'] ) );
375
+ }
376
+ }
377
+ }
378
+
379
+ /**
380
+ * Validates registration fields in the native WP registration.
381
+ *
382
+ * @since 2.8.3
383
+ * @since 3.3.0 Ported from wpmem_wp_reg_validate() in wp-registration.php.
384
+ *
385
+ * @global object $wpmem The WP-Members object class.
386
+ *
387
+ * @param array $errors A WP_Error object containing any errors encountered during registration.
388
+ * @param string $sanitized_user_login User's username after it has been sanitized.
389
+ * @param string $user_email User's email.
390
+ * @return array $errors A WP_Error object containing any errors encountered during registration.
391
+ */
392
+ function wp_register_validate( $errors, $sanitized_user_login, $user_email ) {
393
+
394
+ global $wpmem;
395
+
396
+ // Get any meta fields that should be excluded.
397
+ $exclude = wpmem_get_excluded_meta( 'wp-register' );
398
+
399
+ foreach ( wpmem_fields( 'register_wp' ) as $meta_key => $field ) {
400
+ $is_error = false;
401
+ if ( true == $field['required'] && true == $field['register'] && $meta_key != 'user_email' && ! in_array( $meta_key, $exclude ) ) {
402
+ if ( ( $field['type'] == 'checkbox' || $field['type'] == 'multicheckbox' || $field['type'] == 'multiselect' || $field['type'] == 'radio' ) && ( ! isset( $_POST[ $meta_key ] ) ) ) {
403
+ $is_error = true;
404
+ }
405
+ if ( ( $field['type'] != 'checkbox' && $field['type'] != 'multicheckbox' && $field['type'] != 'multiselect' && $field['type'] != 'radio' ) && ( ! $_POST[ $meta_key ] ) ) {
406
+ $is_error = true;
407
+ }
408
+ if ( $is_error ) {
409
+ $errors->add( 'wpmem_error', sprintf( $wpmem->get_text( 'reg_empty_field' ), __( $field['label'], 'wp-members' ) ) );
410
+ }
411
+ }
412
+ }
413
+
414
+ // Process CAPTCHA.
415
+ if ( $wpmem->captcha > 0 ) {
416
+ $check_captcha = WP_Members_Captcha::validate();
417
+ if ( false === $check_captcha ) {
418
+ $errors->add( 'wpmem_captcha_error', sprintf( $wpmem->get_text( 'reg_captcha_err' ), __( $field['label'], 'wp-members' ) ) );
419
+ }
420
+ }
421
+
422
+ return $errors;
423
+ }
424
+
425
+ /**
426
+ * User registration functions.
427
+ *
428
+ * @since 3.1.7
429
+ * @since 3.2.6 Added handler for membership field type.
430
+ * @since 3.3.0 Changed from register() to register_finalize().
431
+ *
432
+ * @global object $wpmem
433
+ * @param int $user_id
434
+ */
435
+ function register_finalize( $user_id ) {
436
+
437
+ global $wpmem;
438
+
439
+ // If this is WP-Members registration.
440
+ if ( $this->reg_type['is_wpmem'] ) {
441
+ // Put user ID into post_data array.
442
+ $this->post_data['ID'] = $user_id;
443
+
444
+ // Set remaining fields to wp_usermeta table.
445
+ $new_user_fields_meta = array( 'user_url', 'first_name', 'last_name', 'description', 'jabber', 'aim', 'yim' );
446
+ foreach ( $wpmem->fields as $meta_key => $field ) {
447
+ // If the field is not excluded, update accordingly.
448
+ if ( ! in_array( $meta_key, wpmem_get_excluded_meta( 'register' ) ) && ! in_array( $meta_key, $new_user_fields_meta ) ) {
449
+ if ( $field['register'] && 'user_email' != $meta_key ) {
450
+ // Assign memberships, if applicable.
451
+ if ( 'membership' == $field['type'] && 1 == $wpmem->enable_products ) {
452
+ wpmem_set_user_product( $this->post_data[ $meta_key ], $user_id );
453
+ } else {
454
+ update_user_meta( $user_id, $meta_key, $this->post_data[ $meta_key ] );
455
+ }
456
+ }
457
+ }
458
+ }
459
+
460
+ // Store the registration url.
461
+ update_user_meta( $user_id, 'wpmem_reg_url', $this->post_data['wpmem_reg_url'] );
462
+
463
+ // Handle file uploads, if any.
464
+ if ( ! empty( $_FILES ) ) {
465
+ $this->upload_user_files( $user_id, $wpmem->fields );
466
+ }
467
+ }
468
+
469
+ // If this is native WP (wp-login.php), Users > Add New, or WooCommerce registration.
470
+ if ( $this->reg_type['is_native'] || $this->reg_type['is_add_new'] || $this->reg_type['is_woo'] ) {
471
+ // Get any excluded meta fields.
472
+ $exclude = wpmem_get_excluded_meta( 'wp-register' );
473
+ foreach ( wpmem_fields( 'register_wp' ) as $meta_key => $field ) {
474
+ $value = wpmem_get( $meta_key, false );
475
+ if ( false !== $value && ! in_array( $meta_key, $exclude ) && 'file' != $field['type'] && 'image' != $field['type'] ) {
476
+ if ( 'multiselect' == $field['type'] || 'multicheckbox' == $field['type'] ) {
477
+ $value = implode( $field['delimiter'], $value );
478
+ }
479
+ $sanitized_value = sanitize_text_field( $value );
480
+ update_user_meta( $user_id, $meta_key, $sanitized_value );
481
+ }
482
+ }
483
+ }
484
+
485
+ // If this is Users > Add New.
486
+ if ( is_admin() && $this->reg_type['is_add_new'] ) {
487
+ // If moderated registration and activate is checked, set active flags.
488
+ if ( 1 == $wpmem->mod_reg && isset( $_POST['activate_user'] ) ) {
489
+ update_user_meta( $user_id, 'active', 1 );
490
+ wpmem_set_user_status( $user_id, 0 );
491
+ }
492
+ }
493
+
494
+ // Capture IP address of all users at registration.
495
+ $user_ip = ( $this->reg_type['is_wpmem'] ) ? $this->post_data['wpmem_reg_ip'] : wpmem_get_user_ip();
496
+ update_user_meta( $user_id, 'wpmem_reg_ip', $user_ip );
497
+
498
+ }
499
+
500
+ /**
501
+ * Fires wpmem_post_register_data action.
502
+ *
503
+ * @since 3.3.2
504
+ *
505
+ * @global stdClass $wpmem
506
+ * @param int $user_id
507
+ */
508
+ function post_register_data( $user_id ) {
509
+ global $wpmem;
510
+ $wpmem->user->post_data['ID'] = $user_id;
511
+ /**
512
+ * Fires after user insertion but before email.
513
+ *
514
+ * @since 2.7.2
515
+ * @since 3.3.2 Hooked to user_register.
516
+ *
517
+ * @param array $wpmem->user->post_data The user's submitted registration data.
518
+ */
519
+ do_action( 'wpmem_post_register_data', $wpmem->user->post_data );
520
+ }
521
+
522
+ /**
523
+ * Sends emails on registration.
524
+ *
525
+ * @since 3.3.0
526
+ *
527
+ * @global object $wpmem
528
+ *
529
+ * @param int $user_id
530
+ */
531
+ function register_email_to_user( $user_id ) {
532
+ global $wpmem;
533
+ if ( $this->reg_type['is_wpmem'] ) {
534
+ // @todo Work out a better method for this so that it is optional and can be turned on/off for native reg
535
+ // Send a notification email to the user.
536
+ wpmem_email_to_user( $user_id, $this->post_data['password'], $wpmem->mod_reg, $wpmem->fields, $this->post_data );
537
+ }
538
+ }
539
+
540
+ /**
541
+ * Sends admin notifiction on registration.
542
+ *
543
+ * @since 3.3.0
544
+ *
545
+ * @global object $wpmem
546
+ *
547
+ * @param int $user_id
548
+ */
549
+ function register_email_to_admin( $user_id ) {
550
+ global $wpmem;
551
+ if ( $this->reg_type['is_wpmem'] ) {
552
+ // @todo Work out a better method for this so that it is optional and can be turned on/off for native reg
553
+ // Notify admin of new reg, if needed.
554
+ if ( 1 == $wpmem->notify ) {
555
+ $wpmem->email->notify_admin( $user_id, $wpmem->fields, $this->post_data );
556
+ }
557
+ }
558
+ }
559
+
560
+ /**
561
+ * Redirects user on registration.
562
+ *
563
+ * @since 3.1.7
564
+ */
565
+ function register_redirect() {
566
+ $redirect_to = wpmem_get( 'redirect_to', false );
567
+ if ( $redirect_to ) {
568
+ $nonce_url = wp_nonce_url( $redirect_to, 'register_redirect', 'reg_nonce' );
569
+ wp_safe_redirect( $nonce_url );
570
+ exit();
571
+ }
572
+ }
573
+
574
+ /**
575
+ * Password change or reset.
576
+ *
577
+ * @since 3.1.7
578
+ *
579
+ * @param string $action
580
+ * @return string $result
581
+ */
582
+ function password_update( $action ) {
583
+ if ( isset( $_POST['formsubmit'] ) ) {
584
+ if ( 'reset' == $action ) {
585
+ $args = array(
586
+ 'user' => sanitize_user( wpmem_get( 'user', false ) ),
587
+ 'email' => sanitize_email( wpmem_get( 'email', false ) ),
588
+ );
589
+ } else {
590
+ $args = array(
591
+ 'pass1' => wpmem_get( 'pass1', false ),
592
+ 'pass2' => wpmem_get( 'pass2', false ),
593
+ );
594
+ }
595
+ return ( 'reset' == $action ) ? $this->password_reset( $args ) : $this->password_change( $args );
596
+ }
597
+ return;
598
+ }
599
+
600
+ /**
601
+ * Change a user's password()
602
+ *
603
+ * @since 3.1.7
604
+ *
605
+ * @return
606
+ */
607
+ function password_change( $args ) {
608
+ global $user_ID;
609
+ $is_error = false;
610
+ // Check for both fields being empty.
611
+ $is_error = ( ! $args['pass1'] && ! $args['pass2'] ) ? "pwdchangempty" : $is_error;
612
+ // Make sure the fields match.
613
+ $is_error = ( $args['pass1'] != $args['pass2'] ) ? "pwdchangerr" : $is_error;
614
+ /**
615
+ * Filters the password change error.
616
+ *
617
+ * @since 3.1.5
618
+ * @since 3.1.7 Moved to user object.
619
+ *
620
+ * @param string $is_error
621
+ * @param int $user_ID The user's numeric ID.
622
+ * @param string $args['pass1'] The user's new plain text password.
623
+ */
624
+ $is_error = apply_filters( 'wpmem_pwd_change_error', $is_error, $user_ID, $args['pass1'] );
625
+ // User must be logged in.
626
+ $is_error = ( ! is_user_logged_in() ) ? "loggedin" : $is_error;
627
+ // Verify nonce.
628
+ $is_error = ( ! wp_verify_nonce( $_REQUEST['_wpmem_pwdchange_nonce'], 'wpmem_shortform_nonce' ) ) ? "reg_generic" : $is_error;
629
+ if ( $is_error ) {
630
+ return $is_error;
631
+ }
632
+ /**
633
+ * Fires after password change.
634
+ *
635
+ * @since 2.9.0
636
+ * @since 3.0.5 Added $args['pass1'] to arguments passed.
637
+ * @since 3.1.7 Moved to user object.
638
+ *
639
+ * @param int $user_ID The user's numeric ID.
640
+ * @param string $args['pass1'] The user's new plain text password.
641
+ */
642
+ do_action( 'wpmem_pwd_change', $user_ID, $args['pass1'] );
643
+ return "pwdchangesuccess";
644
+ }
645
+
646
+ /**
647
+ * Reset a user's password.
648
+ *
649
+ * @since 3.1.7
650
+ *
651
+ */
652
+ function password_reset( $args ) {
653
+ global $wpmem;
654
+ /**
655
+ * Filter the password reset arguments.
656
+ *
657
+ * @since 2.7.1
658
+ * @since 3.1.7 Moved to user object.
659
+ *
660
+ * @param array The username and email.
661
+ */
662
+ $arr = apply_filters( 'wpmem_pwdreset_args', $args );
663
+ if ( ! $arr['user'] || ! $arr['email'] ) {
664
+ // There was an empty field.
665
+ return "pwdreseterr";
666
+
667
+ } else {
668
+
669
+ if ( ! wp_verify_nonce( $_REQUEST['_wpmem_pwdreset_nonce'], 'wpmem_shortform_nonce' ) ) {
670
+ return "reg_generic";
671
+ }
672
+ if ( username_exists( $arr['user'] ) ) {
673
+ $user = get_user_by( 'login', $arr['user'] );
674
+ if ( strtolower( $user->user_email ) !== strtolower( $arr['email'] ) || ( ( $wpmem->mod_reg == 1 ) && ( get_user_meta( $user->ID, 'active', true ) != 1 ) ) ) {
675
+ // The username was there, but the email did not match OR the user hasn't been activated.
676
+ return "pwdreseterr";
677
+ } else {
678
+ // Generate a new password.
679
+ $new_pass = wp_generate_password();
680
+ // Update the users password.
681
+ wp_set_password( $new_pass, $user->ID );
682
+ // Send it in an email.
683
+ wpmem_email_to_user( $user->ID, $new_pass, 3 );
684
+ /**
685
+ * Fires after password reset.
686
+ *
687
+ * @since 2.9.0
688
+ * @since 3.0.5 Added $new_pass to arguments passed.
689
+ * @since 3.1.7 Moved to user object.
690
+ *
691
+ * @param int $user_ID The user's numeric ID.
692
+ * @param string $new_pass The new plain text password.
693
+ */
694
+ do_action( 'wpmem_pwd_reset', $user->ID, $new_pass );
695
+ return "pwdresetsuccess";
696
+ }
697
+ } else {
698
+ // Username did not exist.
699
+ return "pwdreseterr";
700
+ }
701
+ }
702
+ return;
703
+ }
704
+
705
+ /**
706
+ * Handles retrieving a forgotten username.
707
+ *
708
+ * @since 3.0.8
709
+ * @since 3.1.6 Dependencies now loaded by object.
710
+ * @since 3.1.8 Moved to user object.
711
+ *
712
+ * @global object $wpmem
713
+ * @return string $regchk The regchk value.
714
+ */
715
+ function retrieve_username() {
716
+ global $wpmem;
717
+ if ( isset( $_POST['formsubmit'] ) ) {
718
+
719
+ if ( ! wp_verify_nonce( $_REQUEST['_wpmem_getusername_nonce'], 'wpmem_shortform_nonce' ) ) {
720
+ return "reg_generic";
721
+ }
722
+
723
+ $email = sanitize_email( $_POST['user_email'] );
724
+ $user = ( isset( $_POST['user_email'] ) ) ? get_user_by( 'email', $email ) : false;
725
+ if ( $user ) {
726
+ // Send it in an email.
727
+ wpmem_email_to_user( $user->ID, '', 4 );
728
+ /**
729
+ * Fires after retrieving username.
730
+ *
731
+ * @since 3.0.8
732
+ *
733
+ * @param int $user_ID The user's numeric ID.
734
+ */
735
+ do_action( 'wpmem_get_username', $user->ID );
736
+ return 'usernamesuccess';
737
+ } else {
738
+ return 'usernamefailed';
739
+ }
740
+ }
741
+ return;
742
+ }
743
+
744
+ /**
745
+ * Handle user file uploads for registration and profile update.
746
+ *
747
+ * @since 3.1.8
748
+ * @since 3.2.6 Add file's post ID to $this->post_data.
749
+ *
750
+ * @param string $user_id
751
+ * @param array $fields
752
+ */
753
+ function upload_user_files( $user_id, $fields ) {
754
+ global $wpmem;
755
+ foreach ( $fields as $meta_key => $field ) {
756
+ if ( ( 'file' == $field['type'] || 'image' == $field['type'] ) && isset( $_FILES[ $meta_key ] ) && is_array( $_FILES[ $meta_key ] ) ) {
757
+ if ( ! empty( $_FILES[ $meta_key ]['name'] ) ) {
758
+ // Upload the file and save it as an attachment.
759
+ $file_post_id = $wpmem->forms->do_file_upload( $_FILES[ $meta_key ], $user_id );
760
+ // Save the attachment ID as user meta.
761
+ update_user_meta( $user_id, $meta_key, $file_post_id );
762
+ // Add attachement ID to post data array.
763
+ $this->post_data[ $meta_key ] = $file_post_id;
764
+ }
765
+ }
766
+ }
767
+ }
768
+
769
+ /**
770
+ * Get user data for all fields in WP-Members.
771
+ *
772
+ * Retrieves user data for all WP-Members fields (and WP default fields)
773
+ * in an array keyed by WP-Members field meta keys.
774
+ *
775
+ * @since 3.2.0
776
+ * @since 3.2.6 Added option for "all" fields (default:false).
777
+ *
778
+ * @param string $user_id optional (defaults to current user)
779
+ * @param string $all optional (default to false)
780
+ * @return array $user_fields
781
+ */
782
+ function user_data( $user_id = false, $all = false ) {
783
+ $user_id = ( $user_id ) ? $user_id : get_current_user_id();
784
+ if ( true == $all ) {
785
+ $user_info = get_user_meta( $user_id );
786
+ foreach( $user_info as $key => $value ) {
787
+ $formatted = maybe_unserialize( $value[0] );
788
+ $user_fields[ $key ] = $formatted;
789
+ }
790
+ } else {
791
+ $fields = wpmem_fields();
792
+ $user_data = get_userdata( $user_id );
793
+ $excludes = array( 'first_name', 'last_name', 'description', 'nickname' );
794
+ foreach ( $fields as $meta => $field ) {
795
+ $meta = ( 'username' == $meta ) ? 'user_login' : $meta;
796
+ if ( $field['native'] == 1 && ! in_array( $meta, $excludes ) ) {
797
+ $user_fields[ $meta ] = $user_data->data->{$meta};
798
+ } else {
799
+ $user_fields[ $meta ] = get_user_meta( $user_id, $meta, true );
800
+ }
801
+ }
802
+ }
803
+ return $user_fields;
804
+ }
805
+
806
+ /**
807
+ * Sets the role for the specified user.
808
+ *
809
+ * @since 3.2.0
810
+ *
811
+ * @param integer $user_id
812
+ * @param string $role
813
+ * @param string $action (set|add|remove)
814
+ */
815
+ public function update_user_role( $user_id, $role, $action = 'set' ) {
816
+ $user = new WP_User( $user_id );
817
+ switch ( $action ) {
818
+ case 'add':
819
+ $user->add_role( $role );
820
+ break;
821
+ case 'remove':
822
+ $user->remove_role( $role );
823
+ break;
824
+ default:
825
+ $user->set_role( $role );
826
+ break;
827
+ }
828
+ }
829
+
830
+ /**
831
+ * Sets a user's password.
832
+ *
833
+ * @since 3.2.3
834
+ *
835
+ * @param int $user_id
836
+ * @param string $password
837
+ */
838
+ function set_password( $user_id, $password ) {
839
+ wp_set_password( $password, $user_id );
840
+ }
841
+
842
+ /**
843
+ * Sets user as logged on password change.
844
+ *
845
+ * (Hooked to wpmem_pwd_change)
846
+ *
847
+ * @since 3.2.0
848
+ *
849
+ * @param int $user_id
850
+ * @param string $password
851
+ */
852
+ function set_as_logged_in( $user_id ) {
853
+ $user = get_user_by( 'id', $user_id );
854
+ wp_set_current_user( $user_id, $user->user_login );
855
+ wp_set_auth_cookie( $user_id );
856
+ }
857
+
858
+ /**
859
+ * Validates user access to content.
860
+ *
861
+ * @since 3.2.0
862
+ * @todo Currently checks in this order: expiration, role, "other". If expiration product,
863
+ * and the user is current, then access is granted. This doesn't consider if the
864
+ * user is current but does not have a required role (if BOTH an expiration and role
865
+ * product). Maybe add role checking to the expiration block if both exist.
866
+ *
867
+ * @global object $wpmem
868
+ * @param mixed $product
869
+ * @param int $user_id (optional)
870
+ * @return bool $access
871
+ */
872
+ function has_access( $product, $user_id = false ) {
873
+ global $wpmem;
874
+ if ( false === $user_id && ! is_user_logged_in() ) {
875
+ return false;
876
+ }
877
+
878
+ // Product must be an array.
879
+ $product_array = ( ! is_array( $product ) ) ? array( $product ) : $product;
880
+
881
+ // Load user memberships array.
882
+ $memberships = ( false == $user_id ) ? $this->access : wpmem_get_user_products( $user_id );
883
+
884
+ // Current user or requested user.
885
+ $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id;
886
+
887
+ // Start by assuming no access.
888
+ $access = false;
889
+
890
+ foreach ( $product_array as $prod ) {
891
+ $expiration_product = false;
892
+ $role_product = false;
893
+ if ( isset( $memberships[ $prod ] ) ) {
894
+ // Is this an expiration product?
895
+ if ( isset( $wpmem->membership->products[ $prod ]['expires'][0] ) && ! is_bool( $memberships[ $prod ] ) ) {
896
+ $expiration_product = true;
897
+ if ( $this->is_current( $memberships[ $prod ] ) ) {
898
+ $access = true;
899
+ break;
900
+ }
901
+ }
902
+ // Is this a role product?
903
+ if ( '' != $wpmem->membership->products[ $prod ]['role'] ) {
904
+ $role_product = true;
905
+ if ( $memberships[ $prod ] && wpmem_user_has_role( $wpmem->membership->products[ $prod ]['role'] ) ) {
906
+ if ( $expiration_product && ! $this->is_current( $memberships[ $prod ] ) ) {
907
+ $access = false;
908
+ break;
909
+ }
910
+ $access = true;
911
+ break;
912
+ }
913
+ }
914
+ if ( ! $expiration_product && ! $role_product && $memberships[ $prod ] ) {
915
+ $access = true;
916
+ break;
917
+ }
918
+ }
919
+ }
920
+
921
+ /**
922
+ * Filter the access result.
923
+ *
924
+ * @since 3.2.0
925
+ * @since 3.2.3 Added $product argument.
926
+ *
927
+ * @param boolean $access
928
+ * @param array $product
929
+ * @param integer $user_id
930
+ * @param array $args
931
+ */
932
+ return apply_filters( 'wpmem_user_has_access', $access, $product_array, $user_id );
933
+
934
+ }
935
+
936
+ /**
937
+ * Loads anything the user has access to.
938
+ *
939
+ * @since 3.2.0
940
+ * @since 3.2.6 Updated to return empty array if no products exist for this user.
941
+ * @since 3.3.0 Updated to use individual meta for product access.
942
+ *
943
+ * @global object $wpmem
944
+ *
945
+ * @param int $user_id
946
+ * @return array $products
947
+ */
948
+ function get_user_products( $user_id = false, $obj = false ) {
949
+ global $wpmem;
950
+ $product_array = ( $obj ) ? $obj->membership->products : $wpmem->membership->products;
951
+ $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id;
952
+ foreach ( $product_array as $product_meta => $product ) {
953
+ $user_product = get_user_meta( $user_id, '_wpmem_products_' . $product_meta, true );
954
+ if ( $user_product ) {
955
+ $products[ $product_meta ] = $user_product;
956
+ }
957
+ $user_product = '';
958
+ }
959
+ return ( isset( $products ) ) ? $products : array();
960
+ }
961
+
962
+ /**
963
+ * Sets a product as active for a user.
964
+ *
965
+ * If the product expires, it sets an expiration date
966
+ * based on the time period. Otherwise the value is
967
+ * set to "true" (which does not expire).
968
+ *
969
+ * @since 3.2.0
970
+ * @since 3.2.6 Added $date to set a specific expiration date.
971
+ * @since 3.3.0 Updated to new single meta, keeps legacy array for rollback.
972
+ * @since 3.3.1 Added no gap renewal option, @todo Needs some possible condensing.
973
+ *
974
+ * @param string $product
975
+ * @param int $user_id
976
+ * @param string $set_date Formatted date should be MySQL timestamp, or simply YYYY-MM-DD.
977
+ */
978
+ function set_user_product( $product, $user_id = false, $set_date = false ) {
979
+
980
+ global $wpmem;
981
+
982
+ $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id;
983
+
984
+ // New single meta format. @todo This remains when legacy array is removed.
985
+ $prev_value = get_user_meta( $user_id, '_wpmem_products_' . $product, true );
986
+
987
+ // Convert date to add.
988
+ $expiration_period = ( isset( $wpmem->membership->products[ $product ]['expires'] ) ) ? $wpmem->membership->products[ $product ]['expires'] : false;
989
+
990
+ $renew = ( $prev_value ) ? true : false;
991
+
992
+ // If membership is an expiration product.
993
+ if ( is_array( $expiration_period ) ) {
994
+ $new_value = $wpmem->membership->set_product_expiration( $product, $user_id, $set_date, $prev_value, $renew );
995
+ } else {
996
+ $new_value = true;
997
+ }
998
+
999
+ // Update product setting.
1000
+ update_user_meta( $user_id, '_wpmem_products_' . $product, $new_value );
1001
+
1002
+ // Update the legacy setting.
1003
+ $user_products = get_user_meta( $user_id, '_wpmem_products', true );
1004
+ $user_products = ( $user_products ) ? $user_products : array();
1005
+ $user_products[ $product ] = ( true === $new_value ) ? true : date( 'Y-m-d H:i:s', $new_value );
1006
+ update_user_meta( $user_id, '_wpmem_products', $user_products );
1007
+
1008
+ /**
1009
+ * Fires when a user product has been set.
1010
+ *
1011
+ * @since 3.3.0
1012
+ *
1013
+ * @param int $user_id
1014
+ * @param string $product
1015
+ */
1016
+ do_action( 'wpmem_user_product_set', $user_id, $product, $new_value, $prev_value, $renew );
1017
+
1018
+ }
1019
+
1020
+ /**
1021
+ * Removes a product from a user.
1022
+ *
1023
+ * @since 3.2.0
1024
+ * @since 3.3.0 Updated for new single meta, keeps legacy array for rollback.
1025
+ *
1026
+ * @param string $product
1027
+ * @param int $user_id
1028
+ */
1029
+ function remove_user_product( $product, $user_id = false ) {
1030
+ global $wpmem;
1031
+ $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id;
1032
+
1033
+ // @todo Legacy version.
1034
+ $user_products = get_user_meta( $user_id, '_wpmem_products', true );
1035
+ $user_products = ( $user_products ) ? $user_products : array();
1036
+ if ( $user_products ) {
1037
+ unset( $user_products[ $product ] );
1038
+ update_user_meta( $user_id, '_wpmem_products', $user_products );
1039
+ }
1040
+
1041
+ // @todo New version.
1042
+ return delete_user_meta( $user_id, '_wpmem_products_' . $product );
1043
+ }
1044
+
1045
+ /**
1046
+ * Utility for expiration validation.
1047
+ *
1048
+ * @since 3.2.0
1049
+ * @since 3.3.0 Validates date or epoch time.
1050
+ *
1051
+ * @param date $date
1052
+ */
1053
+ function is_current( $date ) {
1054
+ $date = ( is_numeric( $date ) ) ? $date : strtotime( $date );
1055
+ return ( time() < $date ) ? true : false;
1056
+ }
1057
+
1058
+ /**
1059
+ * Check if a user is activated.
1060
+ *
1061
+ * @since 3.2.2
1062
+ *
1063
+ * @param int $user_id
1064
+ * @return bool $active
1065
+ */
1066
+ function is_user_activated( $user_id = false ) {
1067
+ $user_id = ( ! $user_id ) ? get_current_user_id() : $user_id;
1068
+ $active = get_user_meta( $user_id, 'active', true );
1069
+ $is_activated = ( 1 == $active ) ? true : false;
1070
+ /**
1071
+ * Filter whether the user is active or not.
1072
+ *
1073
+ * @since 3.3.5
1074
+ *
1075
+ * @param bool $is_activated
1076
+ * @param int $user_id
1077
+ */
1078
+ return apply_filters( 'wpmem_is_user_activated', $is_activated, $user_id );
1079
+ }
1080
+
1081
+ /**
1082
+ * Checks if a user is activated during user authentication.
1083
+ *
1084
+ * @since 2.7.1
1085
+ * @since 3.2.0 Moved from core to user object.
1086
+ *
1087
+ * @param object $user The WordPress User object.
1088
+ * @param string $username The user's username (user_login).
1089
+ * @param string $password The user's password.
1090
+ * @return object $user The WordPress User object.
1091
+ */
1092
+ function check_activated( $user, $username, $password ) {
1093
+ // Password must be validated.
1094
+ $pass = ( ( ! is_wp_error( $user ) ) && $password ) ? wp_check_password( $password, $user->user_pass, $user->ID ) : false;
1095
+
1096
+ if ( ! $pass ) {
1097
+ return $user;
1098
+ }
1099
+
1100
+ // Activation flag must be validated.
1101
+ if ( ! $this->is_user_activated( $user->ID ) ) {
1102
+ return new WP_Error( 'authentication_failed', __( '<strong>ERROR</strong>: User has not been activated.', 'wp-members' ) );
1103
+ }
1104
+
1105
+ // If the user is validated, return the $user object.
1106
+ return $user;
1107
+ }
1108
+
1109
+ /**
1110
+ * Prevents users not activated from resetting their password.
1111
+ *
1112
+ * @since 2.5.1
1113
+ * @since 3.2.0 Moved to user object, renamed no_reset().
1114
+ *
1115
+ * @return bool Returns false if the user is not activated, otherwise true.
1116
+ */
1117
+ function no_reset() {
1118
+ global $wpmem;
1119
+ $raw_val = wpmem_get( 'user_login', false );
1120
+ if ( $raw_val ) {
1121
+ if ( strpos( $raw_val, '@' ) ) {
1122
+ $user = get_user_by( 'email', sanitize_email( $raw_val ) );
1123
+ } else {
1124
+ $username = sanitize_user( $raw_val );
1125
+ $user = get_user_by( 'login', $username );
1126
+ }
1127
+ if ( $wpmem->mod_reg == 1 ) {
1128
+ if ( get_user_meta( $user->ID, 'active', true ) != 1 ) {
1129
+ return false;
1130
+ }
1131
+ }
1132
+ }
1133
+
1134
+ return true;
1135
+ }
1136
+
1137
+ /**
1138
+ * Set expiration for PayPal Subscriptions extension.
1139
+ *
1140
+ * @since 3.3.0
1141
+ *
1142
+ * @global object $wpmem
1143
+ *
1144
+ * @param int $user_id
1145
+ */
1146
+ function set_user_exp( $user_id ) {
1147
+ global $wpmem;
1148
+ // Set user expiration, if used.
1149
+ if ( 1 == $wpmem->use_exp && 1 != $wpmem->mod_reg ) {
1150
+ if ( function_exists( 'wpmem_set_exp' ) ) {
1151
+ wpmem_set_exp( $user_id );
1152
+ }
1153
+ }
1154
+ }
1155
+
1156
+ /**
1157
+ * Sets default membership product access (if applicable).
1158
+ *
1159
+ * @since 3.3.0
1160
+ *
1161
+ * @global object $wpmem
1162
+ *
1163
+ * @param int $user_id
1164
+ */
1165
+ function set_default_product( $user_id ) {
1166
+ global $wpmem;
1167
+
1168
+ // Get default memberships.
1169
+ $default_products = $wpmem->membership->get_default_products();
1170
+
1171
+ // Assign any default memberships to user.
1172
+ foreach ( $default_products as $product ) {
1173
+ wpmem_set_user_product( $product, $user_id );
1174
+ }
1175
+ }
1176
+
1177
  }
includes/class-wp-members-validation-link.php CHANGED
@@ -1,267 +1,350 @@
1
- <?php
2
-
3
- class WP_Members_Validation_Link {
4
-
5
- /**
6
- * Meta containers
7
- *
8
- * @since 3.3.5
9
- */
10
- public $validation_key_meta = '_wpmem_validation_key';
11
- public $validation_key_exp = '_wpmem_validation_exp';
12
- public $validation_confirm = '_wpmem_user_confirmed';
13
-
14
- /**
15
- * Options.
16
- *
17
- * @since 3.3.5
18
- */
19
- public $send_welcome = true;
20
- public $show_success = true;
21
- public $send_notify = true;
22
- public $auto_delete = true;
23
-
24
- /**
25
- * Initialize validation link feature.
26
- *
27
- * @since 3.3.5
28
- */
29
- public function __construct() {
30
-
31
- $this->email_text = __( 'Click to validate your account: ', 'wp-members' );
32
- $this->success_message = __( 'Thank you for validating your account.', 'wp-members' );
33
- $this->expired_message = __( 'Validation key was expired or invalid', 'wp-members' );
34
-
35
- //add_action( 'wpmem_after_init', array( $this, 'default_to_mod' ) );
36
- add_action( 'user_register', array( $this, 'generate_key' ) );
37
- add_action( 'template_redirect', array( $this, 'validate_key' ) );
38
- add_filter( 'authenticate', array( $this, 'check_validated' ), 99, 3 );
39
- add_filter( 'wpmem_email_filter', array( $this, 'add_key_to_email' ), 10, 3 );
40
- add_filter( 'the_content', array( $this, 'validation_success' ), 100 );
41
-
42
- add_action( 'wpmem_account_validation_success', array( $this, 'send_welcome' ) );
43
- add_action( 'wpmem_account_validation_success', array( $this, 'notify_admin' ) );
44
- }
45
-
46
- /**
47
- * Default the site to moderated registration.
48
- *
49
- * @since 3.3.5
50
- *
51
- * @todo This may be temporary. Re-evaluate and see if we can/need to make something specific to this feature.
52
- */
53
- public function default_to_mod() {
54
- global $wpmem;
55
- $wpmem->mod_reg = 1;
56
- }
57
-
58
- /**
59
- * Create a validation key for the user at registration.
60
- *
61
- * @since 3.3.5
62
- *
63
- * @param int $user_id
64
- */
65
- public function generate_key( $user_id ) {
66
-
67
- // Generate a random key.
68
- $key = md5( wp_generate_password() );
69
-
70
- /**
71
- * Filter the key expiration.
72
- *
73
- * @since 3.3.5
74
- *
75
- * @param string $key_expires
76
- */
77
- $key_expires = apply_filters( 'wpmem_validation_key_exp', ( time() + 21600 ) );
78
-
79
- // Save this for the new user account.
80
- add_user_meta( $user_id, $this->validation_key_meta, $key );
81
- add_user_meta( $user_id, $this->validation_key_exp, $key_expires );
82
- }
83
-
84
- /**
85
- * Check if key is expired.
86
- *
87
- * @since 3.3.5
88
- *
89
- * @param string $key
90
- * @param int $user_id
91
- * @return boolean
92
- */
93
- private function key_is_valid( $key, $user_id ) {
94
- $expires = get_user_meta( $user_id, $this->validation_key_exp, true );
95
- return ( time() < $expires ) ? true : false;
96
- }
97
-
98
- /**
99
- * Include the validation key in the new user registration email as a validation link.
100
- *
101
- * @since 3.3.5
102
- *
103
- * @global stdClass $wpmem
104
- * @param array $arr
105
- * @param array $wpmem_fields
106
- * @param array $field_data
107
- * @return array
108
- */
109
- public function add_key_to_email( $arr, $wpmem_fields, $field_data ) {
110
-
111
- global $wpmem;
112
-
113
- /**
114
- * Filter the return url
115
- *
116
- * @since 3.3.5
117
- */
118
- $url = apply_filters( 'wpmem_validation_link_return_url', trailingslashit( wpmem_profile_url() ) );
119
-
120
- $key = get_user_meta( $arr['user_id'], $this->validation_key_meta, true );
121
- $exp = get_user_meta( $arr['user_id'], $this->validation_key_exp, true );
122
- $link = add_query_arg( array( 'a'=>'activate', 'key'=>$key ), $url );
123
-
124
- // Only do this for new registrations.
125
- $email_type = ( 1 == $wpmem->mod_reg ) ? 'newmod' : 'newreg';
126
- if ( $arr['toggle'] == $email_type ) {
127
- // Does email body have the [act_link] shortcode?
128
- if ( strpos( $arr['body'], '[confirm_link]' ) ) {
129
- $arr['body'] = str_replace( '[confirm_link]', $link, $arr['body'] );
130
- } else {
131
- // Add text and link to the email body.
132
- $arr['body'] = $arr['body'] . "\r\n"
133
- . $this->email_text
134
- . $link;
135
- }
136
- }
137
-
138
- return $arr;
139
- }
140
-
141
- /**
142
- * Check for a validation key and if one exists, validate and log in user.
143
- *
144
- * @since 3.3.5
145
- */
146
- public function validate_key() {
147
-
148
- // Check for validation key.
149
- $key = ( 'activate' == wpmem_get( 'a', false, 'get' ) ) ? wpmem_get( 'key', false, 'get' ) : false;
150
- if ( false !== $key ) {
151
-
152
- // Get the user account the key is for.
153
- $users = get_users( array(
154
- 'meta_key' => $this->validation_key_meta,
155
- 'meta_value' => $key,
156
- 'number' => 1,
157
- 'count_total' => false
158
- ) );
159
-
160
- if ( $users ) {
161
- foreach( $users as $user ) {
162
-
163
- if ( true === $this->key_is_valid( $key, $user->ID ) ) {
164
-
165
- $this->validated = true;
166
-
167
- // The provided validation key was valid, log in.
168
- wp_set_auth_cookie( $user->ID, true );
169
- wp_set_current_user( $user->ID );
170
-
171
- // Delete validation_key meta and set active.
172
- $this->set_as_confirmed( $user->ID );
173
-
174
- /**
175
- * Fires when a user has successfully validated their account.
176
- *
177
- * @since 3.3.5
178
- *
179
- * @param int $user_id
180
- */
181
- do_action( 'wpmem_account_validation_success', $user->ID );
182
-
183
- break;
184
-
185
- } else {
186
- $this->validated = false;
187
- break;
188
- }
189
- }
190
-
191
- } else {
192
- $this->validated = false;
193
- }
194
- }
195
- }
196
-
197
- /**
198
- * Display messaging.
199
- *
200
- * Shows success if key validates, expired if it does not.
201
- *
202
- * @since 3.3.5
203
- *
204
- * @param string $content
205
- * @return string $content
206
- */
207
- public function validation_success( $content ) {
208
-
209
- if ( $this->show_success && 'activate' == wpmem_get( 'a', false, 'get' ) && isset( $this->validated ) ) {
210
-
211
- if ( true === $this->validated ) {
212
- $content = wpmem_inc_regmessage( '', $this->success_message ) . $content;
213
- } elseif ( false === $this->validated ) {
214
- $content = wpmem_inc_regmessage( '', $this->expired_message ) . $content;
215
- }
216
- }
217
-
218
- return $content;
219
- }
220
-
221
- /**
222
- * Checks if a user is activated during user authentication.
223
- *
224
- * @since 3.3.5 Moved from core to user object.
225
- *
226
- * @param object $user The WordPress User object.
227
- * @param string $username The user's username (user_login).
228
- * @param string $password The user's password.
229
- * @return object $user The WordPress User object.
230
- */
231
- function check_validated( $user, $username, $password ) {
232
- // Password must be validated.
233
- $pass = ( ( ! is_wp_error( $user ) ) && $password ) ? wp_check_password( $password, $user->user_pass, $user->ID ) : false;
234
-
235
- if ( ! $pass ) {
236
- return $user;
237
- }
238
-
239
- // Validation flag must be confirmed.
240
- $validated = get_user_meta( $user->ID, $this->validation_confirm, true );
241
- if ( false == $validated ) {
242
- return new WP_Error( 'authentication_failed', __( '<strong>ERROR</strong>: User has not confirmed their account.', 'wp-members' ) );
243
- }
244
-
245
- // If the user is validated, return the $user object.
246
- return $user;
247
- }
248
-
249
- public function send_welcome( $user_id ) {
250
- if ( $this->send_welcome ) {
251
- wpmem_email_to_user( $user_id, '', 2 );
252
- }
253
- }
254
-
255
- public function notify_admin( $user_id ) {
256
- if ( $this->send_notify ) {
257
- // global $wpmem;
258
- wpmem_notify_admin( $user_id ); //, $wpmem->fields );
259
- }
260
- }
261
-
262
- public function set_as_confirmed( $user_id ) {
263
- delete_user_meta( $user_id, $this->validation_key_meta );
264
- delete_user_meta( $user_id, $this->validation_key_exp );
265
- update_user_meta( $user_id, $this->validation_confirm, time() );
266
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
267
  }
1
+ <?php
2
+ /**
3
+ *
4
+ *
5
+ */
6
+ class WP_Members_Validation_Link {
7
+
8
+ /**
9
+ * Meta containers
10
+ *
11
+ * @since 3.3.5
12
+ */
13
+ public $validation_confirm = '_wpmem_user_confirmed';
14
+
15
+ /**
16
+ * Options.
17
+ *
18
+ * @since 3.3.5
19
+ */
20
+ public $send_welcome = true;
21
+ public $show_success = true;
22
+ public $send_notify = true;
23
+
24
+ /**
25
+ * Initialize validation link feature.
26
+ *
27
+ * @since 3.3.5
28
+ */
29
+ public function __construct() {
30
+
31
+ $defaults = array(
32
+ 'email_text' => __( 'Click to validate your account: ', 'wp-members' ),
33
+ 'success_message' => __( 'Thank you for validating your account.', 'wp-members' ),
34
+ 'invalid_message' => __( 'Validation key was expired or invalid', 'wp-members' ),
35
+ 'moderated_message' => __( 'Your account is now pending approval', 'wp-members' ),
36
+ );
37
+
38
+ /**
39
+ * Filter default dialogs.
40
+ *
41
+ * @since 3.3.8
42
+ *
43
+ * @param array $defaults
44
+ */
45
+ $defaults = apply_filters( 'wpmem_validation_link_default_dialogs', $defaults );
46
+
47
+ foreach ( $defaults as $key => $value ) {
48
+ $this->{$key} = $value;
49
+ }
50
+
51
+ add_action( 'template_redirect', array( $this, 'validate_key' ) );
52
+ add_filter( 'authenticate', array( $this, 'check_validated' ), 99, 3 );
53
+ add_filter( 'wpmem_email_filter', array( $this, 'add_key_to_email' ), 10, 3 );
54
+ add_filter( 'the_content', array( $this, 'validation_success' ), 100 );
55
+
56
+ add_action( 'wpmem_account_validation_success', array( $this, 'send_welcome' ) );
57
+ add_action( 'wpmem_account_validation_success', array( $this, 'notify_admin' ) );
58
+ }
59
+
60
+ /**
61
+ * Include the validation key in the new user registration email as a validation link.
62
+ *
63
+ * @since 3.3.5
64
+ *
65
+ * @global stdClass $wpmem
66
+ * @param array $arr
67
+ * @param array $wpmem_fields
68
+ * @param array $field_data
69
+ * @return array
70
+ */
71
+ public function add_key_to_email( $arr, $wpmem_fields, $field_data ) {
72
+
73
+ global $wpmem;
74
+
75
+ // Only do this for new registrations.
76
+ $email_type = ( 1 == $wpmem->mod_reg ) ? 'newmod' : 'newreg';
77
+ if ( $arr['toggle'] == $email_type ) {
78
+
79
+ $user = get_user_by( 'ID', $arr['user_id'] );
80
+
81
+ /**
82
+ * Gets the user based on the password key.
83
+ *
84
+ * WP filters/actions triggered:
85
+ * - retrieve_password
86
+ * - allow_password_reset
87
+ * - retrieve_password_key
88
+ *
89
+ * @see: https://developer.wordpress.org/reference/functions/get_password_reset_key/
90
+ * @param WP_User User to retrieve password reset key for.
91
+ * @return string|WP_Error Password reset key on success. WP_Error on error.
92
+ */
93
+ $key = $this->set_validation_key( $user );
94
+
95
+ // Generate confirm link.
96
+ /**
97
+ * Filter the return url
98
+ *
99
+ * @since 3.3.5
100
+ */
101
+ $url = apply_filters( 'wpmem_validation_link_return_url', trailingslashit( wpmem_profile_url() ) );
102
+ $query_args = array(
103
+ 'a' => 'confirm',
104
+ 'key' => $key,
105
+ 'login' => $user->user_login,
106
+ );
107
+ $link = add_query_arg( $query_args, trailingslashit( $url ) );
108
+
109
+ // Does email body have the [confirm_link] shortcode?
110
+ if ( strpos( $arr['body'], '[confirm_link]' ) ) {
111
+ $arr['body'] = str_replace( '[confirm_link]', $link, $arr['body'] );
112
+ } else {
113
+ // Add text and link to the email body.
114
+ $arr['body'] = $arr['body'] . "\r\n"
115
+ . $this->email_text
116
+ . $link;
117
+ }
118
+ }
119
+
120
+ return $arr;
121
+ }
122
+
123
+ /**
124
+ * Check for a validation key and if one exists, validate and log in user.
125
+ *
126
+ * @since 3.3.5
127
+ */
128
+ public function validate_key() {
129
+
130
+ global $wpmem;
131
+
132
+ // Check for validation key.
133
+ $key = ( 'confirm' == wpmem_get( 'a', false, 'get' ) ) ? wpmem_get( 'key', false, 'get' ) : false;
134
+ $login = ( 'confirm' == wpmem_get( 'a', false, 'get' ) ) ? wpmem_get( 'login', false, 'get' ) : false;
135
+
136
+ if ( false !== $key ) {
137
+
138
+ // Set an error container.
139
+ $errors = new WP_Error();
140
+
141
+ /**
142
+ * Validate the key.
143
+ *
144
+ * WP_Error will be invalid_key or expired_key. Process triggers password_reset_expiration filter
145
+ * filtering DAY_IN_SECONDS default. Filter password_reset_key_expired is also triggered filtering
146
+ * the return value (which can be used to override the expired/invalid check based on user_id).
147
+ *
148
+ * WP filter/actions triggered:
149
+ * - password_reset_expiration
150
+ * - password_reset_key_expired
151
+ *
152
+ * @see https://developer.wordpress.org/reference/functions/check_password_reset_key/
153
+ * @param string Hash to validate sending user's password.
154
+ * @param string The user login.
155
+ * @return WP_User|WP_Error WP_User object on success, WP_Error object for invalid or expired keys (invalid_key|expired_key).
156
+ */
157
+ $user = check_password_reset_key( $key, $login );
158
+
159
+ if ( ! is_wp_error( $user ) ) {
160
+
161
+ $this->validated = true;
162
+
163
+ // If registration is not moderated, set the user as logged in.
164
+ if ( 1 != $wpmem->mod_reg ) {
165
+ /**
166
+ * Sets the WP auth cookie.
167
+ *
168
+ * May trigger the following WP filter/actions:
169
+ * - auth_cookie_expiration
170
+ * - secure_auth_cookie
171
+ * - secure_logged_in_cookie
172
+ * - set_auth_cookie
173
+ * - set_logged_in_cookie
174
+ * - send_auth_cookies
175
+ *
176
+ * @see https://developer.wordpress.org/reference/functions/wp_set_auth_cookie/
177
+ */
178
+ wp_set_auth_cookie( $user->ID, true );
179
+
180
+ /**
181
+ * Sets the user as logged in.
182
+ *
183
+ * May trigger the folloiwng WP filter/actions:
184
+ * - set_current_user
185
+ *
186
+ * @see https://developer.wordpress.org/reference/functions/wp_set_current_user/
187
+ */
188
+ wp_set_current_user( $user->ID );
189
+ }
190
+
191
+ // Delete validation_key meta and set active.
192
+ $this->clear_activation_key( $user->ID );
193
+ $this->set_as_confirmed( $user->ID );
194
+
195
+ /**
196
+ * Fires when a user has successfully validated their account.
197
+ *
198
+ * @since 3.3.5
199
+ *
200
+ * @param int $user_id
201
+ */
202
+ do_action( 'wpmem_account_validation_success', $user->ID );
203
+
204
+ } else {
205
+ $this->validated = false;
206
+ }
207
+ }
208
+ }
209
+
210
+ /**
211
+ * Display messaging.
212
+ *
213
+ * Shows success if key validates, expired if it does not.
214
+ *
215
+ * @since 3.3.5
216
+ *
217
+ * @param string $content
218
+ * @return string $content
219
+ */
220
+ public function validation_success( $content ) {
221
+
222
+ global $wpmem;
223
+
224
+ if ( $this->show_success && 'confirm' == wpmem_get( 'a', false, 'get' ) && isset( $this->validated ) ) {
225
+
226
+ if ( true === $this->validated ) {
227
+ $msg = $this->success_message;
228
+
229
+ if ( 1 == $wpmem->mod_reg ) {
230
+ $msg = $msg . $this->moderated_message;
231
+ }
232
+ } elseif ( false === $this->validated ) {
233
+ $msg = $this->invalid_message;
234
+ } else {
235
+ $msg = '';
236
+ }
237
+
238
+ $content = wpmem_inc_regmessage( '', $msg ) . $content;
239
+ }
240
+
241
+ return $content;
242
+ }
243
+
244
+ /**
245
+ * Checks if a user is activated during user authentication.
246
+ *
247
+ * This prevents access via login if the user has not confirmed their email.
248
+ *
249
+ * @since 3.3.5 Moved from core to user object.
250
+ *
251
+ * @param object $user The WordPress User object.
252
+ * @param string $username The user's username (user_login).
253
+ * @param string $password The user's password.
254
+ * @return object $user The WordPress User object.
255
+ */
256
+ function check_validated( $user, $username, $password ) {
257
+ // Password must be validated.
258
+ $pass = ( ( ! is_wp_error( $user ) ) && $password ) ? wp_check_password( $password, $user->user_pass, $user->ID ) : false;
259
+
260
+ if ( ! $pass ) {
261
+ return $user;
262
+ }
263
+
264
+ // Validation flag must be confirmed.
265
+ $validated = get_user_meta( $user->ID, $this->validation_confirm, true ); // @todo Update to use wpmem_is_user_confirmed().
266
+ if ( false == $validated ) {
267
+ return new WP_Error( 'authentication_failed', __( '<strong>ERROR</strong>: User has not confirmed their account.', 'wp-members' ) );
268
+ }
269
+
270
+ // If the user is validated, return the $user object.
271
+ return $user;
272
+ }
273
+
274
+ /**
275
+ * Sends the welcome email to the user upon validation of their email.
276
+ *
277
+ * @since 3.3.5
278
+ * @since 3.3.8 Sends email specific to email validation (previously was moderated approved email).
279
+ *
280
+ * @param int $user_id
281
+ */
282
+ public function send_welcome( $user_id ) {
283
+ if ( $this->send_welcome ) {
284
+ $email_to_send = ( get_option( 'wpmembers_email_validated' ) ) ? 6 : 2;
285
+ wpmem_email_to_user( $user_id, '', $email_to_send );
286
+ }
287
+ }
288
+
289
+ /**
290
+ * Sends notification email to the admin upon validation of the user's email.
291
+ *
292
+ * @since 3.3.5
293
+ *
294
+ * @param int $user_id
295
+ */
296
+ public function notify_admin( $user_id ) {
297
+ if ( $this->send_notify ) {
298
+ // global $wpmem;
299
+ wpmem_notify_admin( $user_id ); //, $wpmem->fields );
300
+ }
301
+ }
302
+
303
+ /**
304
+ * Clears user_activation_key.
305
+ *
306
+ * @since 3.3.8
307
+ *
308
+ * @param int $user_id
309
+ */
310
+ public function clear_activation_key( $user_id ) {
311
+ global $wpdb;
312
+ $result = $wpdb->update( $wpdb->users, array( 'user_activation_key' => '', ), array( 'ID' => $user_id ) );
313
+ //clean_user_cache( $user_id );
314
+ }
315
+
316
+ /**
317
+ * Sets a user activation key.
318
+ *
319
+ * @since 3.3.8
320
+ *
321
+ * @param mixed $user user ID (int)|WP_User (object).
322
+ */
323
+ public function set_validation_key( $user ) {
324
+ $user = ( is_object( $user ) ) ? $user : get_user_by( 'ID', $user );
325
+ return get_password_reset_key( $user );
326
+ }
327
+
328
+ /**
329
+ * Sets user as having validated their email.
330
+ *
331
+ * @since 3.3.8
332
+ *
333
+ * @param int $user_id
334
+ */
335
+ public function set_as_confirmed( $user_id ) {
336
+ update_user_meta( $user_id, $this->validation_confirm, time() );
337
+ }
338
+
339
+ /**
340
+ * Sets user as NOT having validated their email.
341
+ *
342
+ * @since 3.3.8
343
+ *
344
+ * @param int $user_id
345
+ */
346
+ public function set_as_unconfirmed( $user_id ) {
347
+ delete_user_meta( $user_id, $this->validation_confirm );
348
+ $this->set_validation_key( $user_id );
349
+ }
350
  }
includes/class-wp-members.php CHANGED
@@ -330,6 +330,15 @@ class WP_Members {
330
  */
331
  public $login_error = 0;
332
 
 
 
 
 
 
 
 
 
 
333
  /**
334
  * Plugin initialization function.
335
  *
@@ -468,18 +477,24 @@ class WP_Members {
468
 
469
  add_filter( 'register_form', 'wpmem_wp_register_form' ); // adds fields to the default wp registration
470
 
471
- add_action( 'woocommerce_register_form', 'wpmem_woo_register_form' );
472
- add_action( 'woocommerce_register_post', 'wpmem_woo_reg_validate', 10, 3 );
473
- //add_action( 'woocommerce_save_account_details_errors', 'wpmem_woo_reg_validate' );
474
-
475
- add_action( 'woocommerce_checkout_update_order_meta', 'wpmem_woo_checkout_update_meta' );
476
- add_action( 'woocommerce_form_field_multicheckbox', 'wpmem_form_field_wc_custom_field_types', 10, 4 );
477
- add_action( 'woocommerce_form_field_multiselect', 'wpmem_form_field_wc_custom_field_types', 10, 4 );
478
- add_action( 'woocommerce_form_field_radio', 'wpmem_form_field_wc_custom_field_types', 10, 4 );
479
- add_action( 'woocommerce_form_field_select', 'wpmem_form_field_wc_custom_field_types', 10, 4 );
480
- add_action( 'woocommerce_form_field_checkbox', 'wpmem_form_field_wc_custom_field_types', 10, 4 );
481
- if ( ! is_user_logged_in() ) {
482
- add_filter( 'woocommerce_checkout_fields', 'wpmem_woo_checkout_form' );
 
 
 
 
 
 
483
  }
484
 
485
  // Add filters.
330
  */
331
  public $login_error = 0;
332
 
333
+ /**
334
+ * Default file upload directory.
335
+ *
336
+ * @since 3.3.8
337
+ * @access public
338
+ * @var string
339
+ */
340
+ public $upload_base = 'wpmembers';
341
+
342
  /**
343
  * Plugin initialization function.
344
  *
477
 
478
  add_filter( 'register_form', 'wpmem_wp_register_form' ); // adds fields to the default wp registration
479
 
480
+ if ( wpmem_is_woo_active() ) {
481
+
482
+ // Handle "My Account" page registration.
483
+ if ( 1 == $this->woo['add_my_account_fields'] ) {
484
+ add_action( 'woocommerce_register_form', 'wpmem_woo_register_form' );
485
+ add_action( 'woocommerce_register_post', 'wpmem_woo_reg_validate', 10, 3 );
486
+ }
487
+ // Handle Registration checkout
488
+ if ( 1 == $this->woo['add_checkout_fields'] && ! is_user_logged_in() ) {
489
+ add_filter( 'woocommerce_checkout_fields', 'wpmem_woo_checkout_form' );
490
+ add_action( 'woocommerce_checkout_update_order_meta', 'wpmem_woo_checkout_update_meta' );
491
+ //add_action( 'woocommerce_save_account_details_errors', 'wpmem_woo_reg_validate' );
492
+ add_action( 'woocommerce_form_field_multicheckbox', 'wpmem_form_field_wc_custom_field_types', 10, 4 );
493
+ add_action( 'woocommerce_form_field_multiselect', 'wpmem_form_field_wc_custom_field_types', 10, 4 );
494
+ add_action( 'woocommerce_form_field_radio', 'wpmem_form_field_wc_custom_field_types', 10, 4 );
495
+ add_action( 'woocommerce_form_field_select', 'wpmem_form_field_wc_custom_field_types', 10, 4 );
496
+ add_action( 'woocommerce_form_field_checkbox', 'wpmem_form_field_wc_custom_field_types', 10, 4 );
497
+ }
498
  }
499
 
500
  // Add filters.
includes/install.php CHANGED
@@ -1,719 +1,763 @@
1
- <?php
2
- /**
3
- * WP-Members Installation Functions
4
- *
5
- * Functions to install and upgrade WP-Members.
6
- *
7
- * This file is part of the WP-Members plugin by Chad Butler
8
- * You can find out more about this plugin at https://rocketgeek.com
9
- * Copyright (c) 2006-2020 Chad Butler
10
- * WP-Members(tm) is a trademark of butlerblog.com
11
- *
12
- * @package WP-Members
13
- * @author Chad Butler
14
- * @copyright 2006-2020
15
- */
16
-
17
- // Exit if accessed directly.
18
- if ( ! defined( 'ABSPATH' ) ) {
19
- exit();
20
- }
21
-
22
- /**
23
- * @todo Updates/install revisions needed:
24
- * - if reCAPTCHA is "1", update to "3" - reCAPTCHA v1 is fully obsolete by Google.
25
- */
26
-
27
- /**
28
- * Installs or upgrades the plugin.
29
- *
30
- * @since 2.2.2
31
- * @since 3.1.6 Returns $wpmem_settings.
32
- *
33
- * @return array $wpmem_settings
34
- */
35
- function wpmem_do_install() {
36
-
37
- /*
38
- * If you need to force an install, set $chk_force = true.
39
- *
40
- * Important notes:
41
- *
42
- * 1. This will override any settings you already have for any of the plugin settings.
43
- * 2. This will not effect any WP settings or registered users.
44
- */
45
-
46
- $chk_force = false;
47
-
48
- $existing_settings = get_option( 'wpmembers_settings' );
49
-
50
- if ( false === $existing_settings || $chk_force == true ) {
51
-
52
- // New install.
53
- $wpmem_settings = wpmem_install_settings();
54
- wpmem_install_fields();
55
- wpmem_install_dialogs();
56
- wpmem_append_email();
57
- //update_option( 'wpmembers_style', 'generic-no-float.css', '', 'yes' );
58
-
59
- } else {
60
-
61
- // Upgrade.
62
- $wpmem_settings = wpmem_upgrade_settings();
63
-
64
- // Not 100% certain where we needed to add wpmem_append_email(), but it was likely before 3.1.0.
65
- if ( version_compare( $existing_settings['version'], '3.1.1', '<' ) ) {
66
- wpmem_upgrade_dialogs();
67
- wpmem_upgrade_captcha();
68
- wpmem_append_email();
69
- }
70
-
71
- // Only run these if DB version is < 2.2.0
72
- if ( version_compare( $existing_settings['db_version'], '2.2.0', '<' ) ) {
73
- wpmem_upgrade_fields();
74
- wpmem_upgrade_product_expiration();
75
- }
76
- }
77
-
78
- return $wpmem_settings;
79
- }
80
-
81
-
82
- /**
83
- * Updates the existing settings if doing an update.
84
- *
85
- * @since 3.0.0
86
- * @since 3.1.0 Changed from wpmem_update_settings() to wpmem_upgrade_settings().
87
- *
88
- * @return array $wpmem_newsettings
89
- */
90
- function wpmem_upgrade_settings() {
91
-
92
- $wpmem_settings = get_option( 'wpmembers_settings' );
93
-
94
- // Is this an update from pre-3.0 or 3.0+?
95
- $is_three = ( array_key_exists( 'version', $wpmem_settings ) ) ? true : false;
96
-
97
- // If install is 3.0 or higher.
98
- if ( $is_three ) {
99
-
100
- if ( ! isset( $wpmem_settings['enable_products'] ) ) {
101
- $wpmem_settings['enable_products'] = 0;
102
- }
103
-
104
- if ( ! isset( $wpmem_settings['clone_menus'] ) ) {
105
- $wpmem_settings['clone_menus'] = 0;
106
- }
107
-
108
- // reCAPTCHA v1 is obsolete.
109
- if ( isset( $wpmem_settings['captcha'] ) && 1 == $wpmem_settings['captcha'] ) {
110
- $wpmem_settings['captcha'] = 3;
111
- }
112
-
113
- // If old auto excerpt settings exists, update it.
114
- if ( isset( $wpmem_settings['autoex']['auto_ex'] ) ) {
115
- // Update Autoex setting.
116
- if ( $wpmem_settings['autoex']['auto_ex'] == 1 || $wpmem_settings['autoex']['auto_ex'] == "1" ) {
117
- // If Autoex is set, move it to posts/pages.
118
- $wpmem_settings['autoex']['post'] = array( 'enabled' => 1, 'length' => $wpmem_settings['autoex']['auto_ex_len'] );
119
- $wpmem_settings['autoex']['page'] = array( 'enabled' => 1, 'length' => $wpmem_settings['autoex']['auto_ex_len'] );
120
- } else {
121
- // If it is not turned on (!=1), set it to off in new setting (-1).
122
- $wpmem_settings['autoex']['post'] = array( 'enabled' => 0, 'length' => '' );
123
- $wpmem_settings['autoex']['page'] = array( 'enabled' => 0, 'length' => '' );
124
- }
125
- unset( $wpmem_settings['autoex']['auto_ex'] );
126
- unset( $wpmem_settings['autoex']['auto_ex_len'] );
127
- }
128
-
129
- // If post types settings does not exist, set as empty array.
130
- if ( ! isset( $wpmem_settings['post_types'] ) ) {
131
- $wpmem_settings['post_types'] = array();
132
- }
133
-
134
- // If form tags is not set, add default.
135
- if ( ! isset( $wpmem_settings['form_tags'] ) ) {
136
- $wpmem_settings['form_tags'] = array( 'default' => 'Registration Default' );
137
- }
138
-
139
- // If email is set in the settings array, change it back to the pre-3.1 option.
140
- if ( isset( $wpmem_settings['email'] ) ) {
141
- $from = ( is_array( $wpmem_settings['email'] ) ) ? $wpmem_settings['email']['from'] : '';
142
- $name = ( is_array( $wpmem_settings['email'] ) ) ? $wpmem_settings['email']['from_name'] : '';
143
- update_option( 'wpmembers_email_wpfrom', $from );
144
- update_option( 'wpmembers_email_wpname', $name );
145
- unset( $wpmem_settings['email'] );
146
- }
147
-
148
- // @since 3.3.0 Upgrade stylesheet setting.
149
- $wpmem_settings['select_style'] = wpmem_upgrade_style_setting( $wpmem_settings );
150
-
151
- // Version number should be updated no matter what.
152
- $wpmem_settings['version'] = WPMEM_VERSION;
153
- $wpmem_settings['db_version'] = WPMEM_DB_VERSION;
154
-
155
- update_option( 'wpmembers_settings', $wpmem_settings );
156
- return $wpmem_settings;
157
- } else {
158
- // Update pre 3.0 installs (must be 2.5.1 or higher).
159
- // Handle show registration setting change.
160
- $show_reg = ( $wpmem_settings[7] == 0 ) ? 1 : 0;
161
- // Create new settings array.
162
- $wpmem_newsettings = array(
163
- 'version' => WPMEM_VERSION,
164
- 'db_version' => WPMEM_DB_VERSION,
165
- 'block' => array(
166
- 'post' => $wpmem_settings[1],
167
- 'page' => $wpmem_settings[2],
168
- ),
169
- 'show_excerpt' => array(
170
- 'post' => $wpmem_settings[3],
171
- 'page' => $wpmem_settings[3],
172
- ),
173
- 'show_reg' => array(
174
- 'post' => $show_reg,
175
- 'page' => $show_reg,
176
- ),
177
- 'show_login' => array(
178
- 'post' => 1,
179
- 'page' => 1,
180
- ),
181
- 'notify' => $wpmem_settings[4],
182
- 'mod_reg' => $wpmem_settings[5],
183
- 'captcha' => ( 1 == $wpmem_settings[6] ) ? 3 : $wpmem_settings[6], // reCAPTCHA v1 is obsolete, move to v2.
184
- 'use_exp' => $wpmem_settings[9],
185
- 'use_trial' => $wpmem_settings[10],
186
- 'warnings' => $wpmem_settings[11],
187
- 'user_pages' => array(
188
- 'profile' => get_option( 'wpmembers_msurl' ),
189
- 'register' => get_option( 'wpmembers_regurl' ),
190
- 'login' => get_option( 'wpmembers_logurl' ),
191
- ),
192
- 'cssurl' => get_option( 'wpmembers_cssurl' ),
193
- 'select_style' => get_option( 'wpmembers_style' ),
194
- 'attrib' => get_option( 'wpmembers_attrib' ),
195
- 'clone_menus' => 0,
196
- 'enable_products' => 0,
197
- );
198
- // Handle auto excerpt setting change and add to setting array.
199
- $autoex = get_option( 'wpmembers_autoex' );
200
- if ( $autoex['auto_ex'] == 1 || $autoex['auto_ex'] == "1" ) {
201
- // If Autoex is set, move it to posts/pages.
202
- $wpmem_newsettings['autoex']['post'] = array( 'enabled' => 1, 'length' => $autoex['auto_ex_len'] );
203
- $wpmem_newsettings['autoex']['page'] = array( 'enabled' => 1, 'length' => $autoex['auto_ex_len'] );
204
- } else {
205
- // If it is not turned on, set it to off in new setting.
206
- $wpmem_newsettings['autoex']['post'] = array( 'enabled' => 0, 'length' => '' );
207
- $wpmem_newsettings['autoex']['page'] = array( 'enabled' => 0, 'length' => '' );
208
- }
209
-
210
- // Add new settings.
211
- $wpmem_newsettings['post_types'] = array();
212
- $wpmem_settings['form_tags'] = array( 'default' => 'Registration Default' );
213
- $wpmem_settings['select_style'] = wpmem_upgrade_style_setting( $wpmem_settings );
214
-
215
- // Merge settings.
216
- $wpmem_newsettings = array_merge( $wpmem_settings, $wpmem_newsettings );
217
-
218
- update_option( 'wpmembers_settings', $wpmem_newsettings );
219
-
220
- return $wpmem_newsettings;
221
- }
222
- }
223
-
224
- /**
225
- * Adds the fields for email messages.
226
- *
227
- * Was append_email() since 2.7, changed to wpmem_append_email() in 3.0.
228
- *
229
- * @since 2.7
230
- */
231
- function wpmem_append_email() {
232
-
233
- // Email for a new registration.
234
- $subj = 'Your registration info for [blogname]';
235
- $body = 'Thank you for registering for [blogname]
236
-
237
- Your registration information is below.
238
- You may wish to retain a copy for your records.
239
-
240
- username: [username]
241
- password: [password]
242
-
243
- You may log in here:
244
- [reglink]
245
-
246
- You may change your password here:
247
- [user-profile]
248
- ';
249
-
250
- $arr = array(
251
- "subj" => $subj,
252
- "body" => $body,
253
- );
254
-
255
- if ( ! get_option( 'wpmembers_email_newreg' ) ) {
256
- update_option( 'wpmembers_email_newreg', $arr, false );
257
- }
258
-
259
- $arr = $subj = $body = '';
260
-
261
- // Email for new registration, registration is moderated.
262
- $subj = 'Thank you for registering for [blogname]';
263
- $body = 'Thank you for registering for [blogname].
264
- Your registration has been received and is pending approval.
265
- You will receive login instructions upon approval of your account
266
- ';
267
-
268
- $arr = array(
269
- "subj" => $subj,
270
- "body" => $body,
271
- );
272
-
273
- if ( ! get_option( 'wpmembers_email_newmod' ) ) {
274
- update_option( 'wpmembers_email_newmod', $arr, false );
275
- }
276
-
277
- $arr = $subj = $body = '';
278
-
279
- // Email for registration is moderated, user is approved.
280
- $subj = 'Your registration for [blogname] has been approved';
281
- $body = 'Your registration for [blogname] has been approved.
282
-
283
- Your registration information is below.
284
- You may wish to retain a copy for your records.
285
-
286
- username: [username]
287
- password: [password]
288
-
289
- You may log in and change your password here:
290
- [user-profile]
291
-
292
- You originally registered at:
293
- [reglink]
294
- ';
295
-
296
- $arr = array(
297
- "subj" => $subj,
298
- "body" => $body,
299
- );
300
-
301
- if ( ! get_option( 'wpmembers_email_appmod' ) ) {
302
- update_option( 'wpmembers_email_appmod', $arr, false );
303
- }
304
-
305
- $arr = $subj = $body = '';
306
-
307
- // Email for password reset.
308
- $subj = 'Your password reset for [blogname]';
309
- $body = 'Your password for [blogname] has been reset
310
-
311
- Your new password is included below. You may wish to retain a copy for your records.
312
-
313
- password: [password]
314
- ';
315
-
316
- $arr = array(
317
- "subj" => $subj,
318
- "body" => $body,
319
- );
320
-
321
- if ( ! get_option( 'wpmembers_email_repass' ) ) {
322
- update_option( 'wpmembers_email_repass', $arr, false );
323
- }
324
-
325
- $arr = $subj = $body = '';
326
-
327
- // Email for admin notification.
328
- $subj = 'New user registration for [blogname]';
329
- $body = 'The following user registered for [blogname]:
330
-
331
- username: [username]
332
- email: [email]
333
-
334
- [fields]
335
- This user registered here:
336
- [reglink]
337
-
338
- user IP: [user-ip]
339
-
340
- activate user: [activate-user]
341
- ';
342
-
343
- $arr = array(
344
- "subj" => $subj,
345
- "body" => $body,
346
- );
347
-
348
- if ( ! get_option( 'wpmembers_email_notify' ) ) {
349
- update_option( 'wpmembers_email_notify', $arr, false );
350
- }
351
-
352
- $arr = $subj = $body = '';
353
-
354
- // Email footer (no subject).
355
- $body = '----------------------------------
356
- This is an automated message from [blogname]
357
- Please do not reply to this address';
358
-
359
- if ( ! get_option( 'wpmembers_email_footer' ) ) {
360
- update_option( 'wpmembers_email_footer', $body, false );
361
- }
362
-
363
- $arr = $subj = $body = '';
364
-
365
- // Email for retrieve username.
366
- $subj = 'Username for [blogname]';
367
- $body = 'Your username for [blogname] is below.
368
-
369
- username: [username]
370
- ';
371
-
372
- $arr = array(
373
- "subj" => $subj,
374
- "body" => $body,
375
- );
376
-
377
- if ( ! get_option( 'wpmembers_email_getuser' ) ) {
378
- update_option( 'wpmembers_email_getuser', $arr, false );
379
- }
380
-
381
- return true;
382
- }
383
-
384
- /**
385
- * Checks the dialogs array for necessary changes.
386
- *
387
- * @since 2.9.3
388
- * @since 3.0.0 Changed from update_dialogs() to wpmem_update_dialogs().
389
- * @since 3.1.0 Changed from wpmem_update_dialogs() to wpmem_upgrade_dialogs().
390
- * @since 3.1.1 Converts numeric dialog array to associative.
391
- */
392
- function wpmem_upgrade_dialogs() {
393
-
394
- $wpmem_dialogs = get_option( 'wpmembers_dialogs' );
395
-
396
- if ( ! array_key_exists( 'restricted_msg', $wpmem_dialogs ) ) {
397
- // Update is needed.
398
- $new_arr = array();
399
- $new_keys = array( 'restricted_msg', 'user', 'email', 'success', 'editsuccess', 'pwdchangerr', 'pwdchangesuccess', 'pwdreseterr', 'pwdresetsuccess' );
400
- foreach ( $wpmem_dialogs as $key => $val ) {
401
- $new_arr[ $new_keys[ $key ] ] = $val;
402
- }
403
- update_option( 'wpmembers_dialogs', $new_arr, '', 'yes' );
404
- }
405
-
406
- return;
407
- }
408
-
409
- /**
410
- * Downgrades dialogs array for pre-3.1.1 version rollback.
411
- *
412
- * @since 3.1.1
413
- */
414
- function wpmem_downgrade_dialogs() {
415
-
416
- $wpmem_dialogs = get_option( 'wpmembers_dialogs' );
417
-
418
- if ( array_key_exists( 'restricted_msg', $wpmem_dialogs ) ) {
419
- // Update is needed.
420
- $new_arr = array();
421
- $i = 0;
422
- foreach ( $wpmem_dialogs as $key => $val ) {
423
- $new_arr[ $i ] = $val;
424
- $i++;
425
- }
426
- update_option( 'wpmembers_dialogs', $new_arr, '', 'yes' );
427
- }
428
-
429
- return;
430
- }
431
-
432
- /**
433
- * Checks the captcha settings and updates accordingly.
434
- *
435
- * Was update_captcha() since 2.9.5, changed to wpmem_update_captcha() in 3.0.
436
- *
437
- * @since 2.9.5
438
- * @since 3.0.0 Changed from update_captcha() to wpmem_update_captcha().
439
- * @since 3.1.0 Changed from wpmem_update_captcha() to wpmem_upgrade_captcha().
440
- */
441
- function wpmem_upgrade_captcha() {
442
-
443
- $captcha_settings = get_option( 'wpmembers_captcha' );
444
-
445
- // If there captcha settings, update them.
446
- if ( $captcha_settings && ! array_key_exists( 'recaptcha', $captcha_settings ) ) {
447
-
448
- // Check to see if the array keys are numeric.
449
- $is_numeric = false;
450
- foreach ( $captcha_settings as $key => $setting ) {
451
- $is_numeric = ( is_int( $key ) ) ? true : $is_numeric;
452
- }
453
-
454
- if ( $is_numeric ) {
455
- $new_captcha = array();
456
- // These are old recaptcha settings.
457
- $new_captcha['recaptcha']['public'] = $captcha_settings[0];
458
- $new_captcha['recaptcha']['private'] = $captcha_settings[1];
459
- $new_captcha['recaptcha']['theme'] = $captcha_settings[2];
460
- update_option( 'wpmembers_captcha', $new_captcha );
461
- }
462
- }
463
- return;
464
- }
465
-
466
- /**
467
- * Does install of default settings.
468
- *
469
- * @since 3.1.5
470
- * @since 3.1.6 Returns $wpmem_settings
471
- *
472
- * @return array $wpmem_settings
473
- */
474
- function wpmem_install_settings() {
475
-
476
- $wpmem_settings = array(
477
- 'version' => WPMEM_VERSION,
478
- 'db_version' => WPMEM_DB_VERSION,
479
- 'block' => array(
480
- 'post' => ( is_multisite() ) ? 0 : 1,
481
- 'page' => 0,
482
- ),
483
- 'show_excerpt' => array(
484
- 'post' => 0,
485
- 'page' => 0,
486
- ),
487
- 'show_reg' => array(
488
- 'post' => 1,
489
- 'page' => 1,
490
- ),
491
- 'show_login' => array(
492
- 'post' => 1,
493
- 'page' => 1,
494
- ),
495
- 'autoex' => array(
496
- 'post' => array( 'enabled' => 0, 'length' => '' ),
497
- 'page' => array( 'enabled' => 0, 'length' => '' ),
498
- ),
499
- 'enable_products' => 0,
500
- 'clone_menus' => 0,
501
- 'notify' => 0,
502
- 'mod_reg' => 0,
503
- 'captcha' => 0,
504
- 'use_exp' => 0,
505
- 'use_trial' => 0,
506
- 'warnings' => 0,
507
- 'user_pages' => array(
508
- 'profile' => '',
509
- 'register' => '',
510
- 'login' => '',
511
- ),
512
- 'cssurl' => '',
513
- 'select_style' => 'generic-no-float',
514
- 'attrib' => 0,
515
- 'post_types' => array(),
516
- 'form_tags' => array( 'default' => 'Registration Default' ),
517
- );
518
-
519
- // Using update_option to allow for forced update.
520
- update_option( 'wpmembers_settings', $wpmem_settings, '', 'yes' );
521
-
522
- return $wpmem_settings;
523
- }
524
-
525
- /**
526
- * Installs default fields.
527
- *
528
- * @since 3.1.5
529
- *
530
- * @return array $fields {
531
- * @type array {
532
- * order,
533
- * label,
534
- * meta key,
535
- * type,
536
- * display,
537
- * required,
538
- * native,
539
- * checked value,
540
- * checked by default,
541
- * }
542
- * }
543
- */
544
- function wpmem_install_fields() {
545
- $fields = array(
546
- array( 0, 'Choose a Username', 'username', 'text', 'y', 'y', 'y' ),
547
- array( 1, 'First Name', 'first_name', 'text', 'y', 'y', 'y' ),
548
- array( 2, 'Last Name', 'last_name', 'text', 'y', 'y', 'y' ),
549
- array( 3, 'Address 1', 'billing_address_1', 'text', 'y', 'y', 'n' ),
550
- array( 4, 'Address 2', 'billing_address_2', 'text', 'y', 'n', 'n' ),
551
- array( 5, 'City', 'billing_city', 'text', 'y', 'y', 'n' ),
552
- array( 6, 'State', 'billing_state', 'text', 'y', 'y', 'n' ),
553
- array( 7, 'Zip', 'billing_postcode', 'text', 'y', 'y', 'n' ),
554
- array( 8, 'Country', 'billing_country', 'text', 'y', 'y', 'n' ),
555
- array( 9, 'Phone', 'billing_phone', 'text', 'y', 'y', 'n' ),
556
- array( 10, 'Email', 'user_email', 'email', 'y', 'y', 'y' ),
557
- array( 11, 'Confirm Email', 'confirm_email', 'email', 'n', 'n', 'n' ),
558
- array( 12, 'Website', 'user_url', 'url', 'n', 'n', 'y' ),
559
- array( 13, 'Biographical Info', 'description', 'textarea', 'n', 'n', 'y' ),
560
- array( 14, 'Password', 'password', 'password', 'n', 'n', 'n' ),
561
- array( 15, 'Confirm Password', 'confirm_password', 'password', 'n', 'n', 'n' ),
562
- array( 16, 'Terms of Service', 'tos', 'checkbox', 'n', 'n', 'n', 'agree', 'n' ),
563
- );
564
- update_option( 'wpmembers_fields', $fields, '', 'yes' ); // using update_option to allow for forced update
565
- return $fields;
566
- }
567
-
568
- /**
569
- * Installs default dialogs.
570
- *
571
- * @since 3.1.5
572
- */
573
- function wpmem_install_dialogs() {
574
- $wpmem_dialogs_arr = array(
575
- 'restricted_msg' => "This content is restricted to site members. If you are an existing user, please log in. New users may register below.",
576
- 'user' => "Sorry, that username is taken, please try another.",
577
- 'email' => "Sorry, that email address already has an account.<br />Please try another.",
578
- 'success' => "Congratulations! Your registration was successful.<br /><br />You may now log in using the password that was emailed to you.",
579
- 'editsuccess' => "Your information was updated!",
580
- 'pwdchangerr' => "Passwords did not match.<br /><br />Please try again.",
581
- 'pwdchangesuccess' => "Password successfully changed!",
582
- 'pwdreseterr' => "Either the username or email address do not exist in our records.",
583
- 'pwdresetsuccess' => "Password successfully reset!<br /><br />An email containing a new password has been sent to the email address on file for your account.",
584
- );
585
- // Insert TOS dialog placeholder.
586
- $dummy_tos = "Put your TOS (Terms of Service) text here. You can use HTML markup.";
587
- update_option( 'wpmembers_tos', $dummy_tos );
588
- update_option( 'wpmembers_dialogs', $wpmem_dialogs_arr, '', 'yes' ); // using update_option to allow for forced update
589
- }
590
-
591
- /**
592
- * Upgrades fields settings.
593
- *
594
- * @since 3.2.0
595
- */
596
- function wpmem_upgrade_fields() {
597
- $fields = get_option( 'wpmembers_fields' );
598
- $old_style = false;
599
- foreach ( $fields as $key => $val ) {
600
- if ( is_numeric( $key ) ) {
601
- $old_style = true;
602
- $check_array[] = $val[2];
603
- }
604
- }
605
- if ( $old_style && ! in_array( 'username', $check_array ) ) {
606
- $username_array = array( 0, 'Choose a Username', 'username', 'text', 'y', 'y', 'y' );
607
- array_unshift( $fields, $username_array );
608
- update_option( 'wpmembers_fields', $fields, '', 'yes' );
609
- }
610
- }
611
-
612
- /**
613
- * Upgrades the stylesheet setting from pre-3.0.
614
- *
615
- * This is a basic fix for users who have a WP-Members packaged stylesheet saved
616
- * with the full URL. I believe 90% or more users simply use the default stylesheet
617
- * so this should handle most updates.
618
- *
619
- * @since 3.2.7
620
- *
621
- * @param array $settings
622
- */
623
- function wpmem_upgrade_style_setting( $settings ) {
624
-
625
- /*
626
- * IF $settings['style'] is "use_custom", then it's a custom value. Otherwise
627
- * it's the value in $settings['style'].
628
- *
629
- * We need to first check the simple - if it's use_custom - set the new value
630
- * to the custom value ($settings['cssurl']).
631
- *
632
- * Next, logically determine if it's a self-loaded custom value (unlikely),
633
- * or a WP-Members default.
634
- *
635
- * Lastly, as a fallback, set it to the default no-float sheet.
636
- */
637
-
638
- $wpmem_dir = plugin_dir_url ( __DIR__ );
639
-
640
- if ( isset( $settings['style'] ) ) {
641
- if ( 'use_custom' == $settings['style'] ) {
642
-
643
- // Check to see if the custom value is a default stylesheet.
644
- $chk_path_for = '/wp-content/plugins/wp-members/css/';
645
- if ( strpos( $settings['cssurl'], $chk_path_for ) ) {
646
- $strpos = strpos( $settings['cssurl'], $chk_path_for );
647
- $substr = substr( $settings['cssurl'], $strpos );
648
- $style = str_replace( array( $chk_path_for, '.css' ), array( '','' ), $substr );
649
- return $style;
650
- }
651
-
652
- return $settings['style'];
653
- } else {
654
-
655
- // we don't care here if it's http:// or https://
656
- $string = str_replace( array( 'http://', 'https://' ), array( '','' ), $settings['style'] );
657
-
658
- if ( ! strpos( $wpmem_dir, $string ) ) {
659
-
660
- $pieces = explode( '/', $string );
661
- $slug = str_replace( '.css', '', end( $pieces ) );
662
-
663
- // Is $css_slug one of the "official" slugs?
664
- $haystack = array( 'generic-no-float', 'generic-rigid', 'wp-members-2016-no-float', 'wp-members-2015', 'wp-members-2015-no-float', 'wp-members-2014', 'wp-members-2014-no-float' );
665
- if ( in_array( $slug, $haystack ) ) {
666
- return $slug;
667
- }
668
- } else {
669
- // Fallback to purposely load custom value for updating.
670
- return 'use_custom';
671
- }
672
- }
673
- } else {
674
- $maybe_style = get_option( 'wpmembers_style' );
675
- if ( $maybe_style ) {
676
- // Does stylesheet setting point to the WP-Members /css/ directory?
677
- if ( strpos( $maybe_style, $wpmem_dir ) ) {
678
- return str_replace( array( $wpmem_dir . 'css/', '.css' ), array( '', '' ), $settings['style'] );
679
- }
680
- }
681
- }
682
- // Fallback default.
683
- return 'generic-no-float';
684
- }
685
-
686
- /**
687
- * Upgrades product expiration meta from a single meta array
688
- * to individual meta for each product. Single meta array is
689
- * still maintained for legacy reasons and rollback possiblity.
690
- *
691
- * @since 3.3.0
692
- */
693
- function wpmem_upgrade_product_expiration() {
694
- $users = get_users( array( 'fields'=>'ID' ) );
695
- foreach ( $users as $user_id ) {
696
- $products = get_user_meta( $user_id, '_wpmem_products', true );
697
-
698
- // If the user has legacy products, update to new single meta.
699
- if ( $products ) {
700
- // Update each product meta.
701
- foreach ( $products as $key => $product ) {
702
- // If it's an expiration product,
703
- if ( ! is_bool( $product ) ) {
704
- if ( DateTime::createFromFormat( 'Y-m-d H:i:s', $product ) !== FALSE ) {
705
- $value = strtotime( $product );
706
- }
707
- } else {
708
- $value = $product;
709
- }
710
-
711
- // Save new meta
712
- if ( $key ) {
713
- update_user_meta( $user_id, '_wpmem_products_' . $key, $value );
714
- }
715
- }
716
- }
717
- }
718
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
719
  // End of file.
1
+ <?php
2
+ /**
3
+ * WP-Members Installation Functions
4
+ *
5
+ * Functions to install and upgrade WP-Members.
6
+ *
7
+ * This file is part of the WP-Members plugin by Chad Butler
8
+ * You can find out more about this plugin at https://rocketgeek.com
9
+ * Copyright (c) 2006-2020 Chad Butler
10
+ * WP-Members(tm) is a trademark of butlerblog.com
11
+ *
12
+ * @package WP-Members
13
+ * @author Chad Butler
14
+ * @copyright 2006-2020
15
+ */
16
+
17
+ // Exit if accessed directly.
18
+ if ( ! defined( 'ABSPATH' ) ) {
19
+ exit();
20
+ }
21
+
22
+ /**
23
+ * @todo Updates/install revisions needed:
24
+ * - if reCAPTCHA is "1", update to "3" - reCAPTCHA v1 is fully obsolete by Google.
25
+ */
26
+
27
+ /**
28
+ * Installs or upgrades the plugin.
29
+ *
30
+ * @since 2.2.2
31
+ * @since 3.1.6 Returns $wpmem_settings.
32
+ *
33
+ * @return array $wpmem_settings
34
+ */
35
+ function wpmem_do_install() {
36
+
37
+ /*
38
+ * If you need to force an install, set $chk_force = true.
39
+ *
40
+ * Important notes:
41
+ *
42
+ * 1. This will override any settings you already have for any of the plugin settings.
43
+ * 2. This will not effect any WP settings or registered users.
44
+ */
45
+
46
+ $chk_force = false;
47
+
48
+ $existing_settings = get_option( 'wpmembers_settings' );
49
+
50
+ if ( false === $existing_settings || $chk_force == true ) {
51
+
52
+ // New install.
53
+ $wpmem_settings = wpmem_install_settings();
54
+ wpmem_install_fields();
55
+ wpmem_install_dialogs();
56
+ wpmem_append_email();
57
+ //update_option( 'wpmembers_style', 'generic-no-float.css', '', 'yes' );
58
+
59
+ } else {
60
+
61
+ // Upgrade.
62
+ $wpmem_settings = wpmem_upgrade_settings();
63
+
64
+ // Not 100% certain where we needed to add wpmem_append_email(), but it was likely before 3.1.0.
65
+ if ( version_compare( $existing_settings['version'], '3.1.1', '<' ) ) {
66
+ wpmem_upgrade_dialogs();
67
+ wpmem_upgrade_captcha();
68
+ wpmem_append_email();
69
+ }
70
+
71
+ // Only run these if DB version is < 2.2.0
72
+ if ( version_compare( $existing_settings['db_version'], '2.2.0', '<' ) ) {
73
+ wpmem_upgrade_fields();
74
+ wpmem_upgrade_product_expiration();
75
+ }
76
+
77
+ // Only run this if DB version < 2.2.1
78
+ if ( version_compare( $existing_settings['db_version'], '2.2.1', '<' ) ) {
79
+ wpmem_upgrade_validation_email();
80
+ wpmem_upgrade_woo_reg();
81
+ }
82
+ }
83
+
84
+ return $wpmem_settings;
85
+ }
86
+
87
+
88
+ /**
89
+ * Updates the existing settings if doing an update.
90
+ *
91
+ * @since 3.0.0
92
+ * @since 3.1.0 Changed from wpmem_update_settings() to wpmem_upgrade_settings().
93
+ *
94
+ * @return array $wpmem_newsettings
95
+ */
96
+ function wpmem_upgrade_settings() {
97
+
98
+ $wpmem_settings = get_option( 'wpmembers_settings' );
99
+
100
+ // Is this an update from pre-3.0 or 3.0+?
101
+ $is_three = ( array_key_exists( 'version', $wpmem_settings ) ) ? true : false;
102
+
103
+ // If install is 3.0 or higher.
104
+ if ( $is_three ) {
105
+
106
+ if ( ! isset( $wpmem_settings['enable_products'] ) ) {
107
+ $wpmem_settings['enable_products'] = 0;
108
+ }
109
+
110
+ if ( ! isset( $wpmem_settings['clone_menus'] ) ) {
111
+ $wpmem_settings['clone_menus'] = 0;
112
+ }
113
+
114
+ // reCAPTCHA v1 is obsolete.
115
+ if ( isset( $wpmem_settings['captcha'] ) && 1 == $wpmem_settings['captcha'] ) {
116
+ $wpmem_settings['captcha'] = 3;
117
+ }
118
+
119
+ // If old auto excerpt settings exists, update it.
120
+ if ( isset( $wpmem_settings['autoex']['auto_ex'] ) ) {
121
+ // Update Autoex setting.
122
+ if ( $wpmem_settings['autoex']['auto_ex'] == 1 || $wpmem_settings['autoex']['auto_ex'] == "1" ) {
123
+ // If Autoex is set, move it to posts/pages.
124
+ $wpmem_settings['autoex']['post'] = array( 'enabled' => 1, 'length' => $wpmem_settings['autoex']['auto_ex_len'] );
125
+ $wpmem_settings['autoex']['page'] = array( 'enabled' => 1, 'length' => $wpmem_settings['autoex']['auto_ex_len'] );
126
+ } else {
127
+ // If it is not turned on (!=1), set it to off in new setting (-1).
128
+ $wpmem_settings['autoex']['post'] = array( 'enabled' => 0, 'length' => '' );
129
+ $wpmem_settings['autoex']['page'] = array( 'enabled' => 0, 'length' => '' );
130
+ }
131
+ unset( $wpmem_settings['autoex']['auto_ex'] );
132
+ unset( $wpmem_settings['autoex']['auto_ex_len'] );
133
+ }
134
+
135
+ // If post types settings does not exist, set as empty array.
136
+ if ( ! isset( $wpmem_settings['post_types'] ) ) {
137
+ $wpmem_settings['post_types'] = array();
138
+ }
139
+
140
+ // If form tags is not set, add default.
141
+ if ( ! isset( $wpmem_settings['form_tags'] ) ) {
142
+ $wpmem_settings['form_tags'] = array( 'default' => 'Registration Default' );
143
+ }
144
+
145
+ // If email is set in the settings array, change it back to the pre-3.1 option.
146
+ if ( isset( $wpmem_settings['email'] ) ) {
147
+ $from = ( is_array( $wpmem_settings['email'] ) ) ? $wpmem_settings['email']['from'] : '';
148
+ $name = ( is_array( $wpmem_settings['email'] ) ) ? $wpmem_settings['email']['from_name'] : '';
149
+ update_option( 'wpmembers_email_wpfrom', $from );
150
+ update_option( 'wpmembers_email_wpname', $name );
151
+ unset( $wpmem_settings['email'] );
152
+ }
153
+
154
+ // @since 3.3.0 Upgrade stylesheet setting.
155
+ $wpmem_settings['select_style'] = wpmem_upgrade_style_setting( $wpmem_settings );
156
+
157
+ // Version number should be updated no matter what.
158
+ $wpmem_settings['version'] = WPMEM_VERSION;
159
+ $wpmem_settings['db_version'] = WPMEM_DB_VERSION;
160
+
161
+ update_option( 'wpmembers_settings', $wpmem_settings );
162
+ return $wpmem_settings;
163
+ } else {
164
+ // Update pre 3.0 installs (must be 2.5.1 or higher).
165
+ // Handle show registration setting change.
166
+ $show_reg = ( $wpmem_settings[7] == 0 ) ? 1 : 0;
167
+ // Create new settings array.
168
+ $wpmem_newsettings = array(
169
+ 'version' => WPMEM_VERSION,
170
+ 'db_version' => WPMEM_DB_VERSION,
171
+ 'block' => array(
172
+ 'post' => $wpmem_settings[1],
173
+ 'page' => $wpmem_settings[2],
174
+ ),
175
+ 'show_excerpt' => array(
176
+ 'post' => $wpmem_settings[3],
177
+ 'page' => $wpmem_settings[3],
178
+ ),
179
+ 'show_reg' => array(
180
+ 'post' => $show_reg,
181
+ 'page' => $show_reg,
182
+ ),
183
+ 'show_login' => array(
184
+ 'post' => 1,
185
+ 'page' => 1,
186
+ ),
187
+ 'notify' => $wpmem_settings[4],
188
+ 'mod_reg' => $wpmem_settings[5],
189
+ 'captcha' => ( 1 == $wpmem_settings[6] ) ? 3 : $wpmem_settings[6], // reCAPTCHA v1 is obsolete, move to v2.
190
+ 'use_exp' => $wpmem_settings[9],
191
+ 'use_trial' => $wpmem_settings[10],
192
+ 'warnings' => $wpmem_settings[11],
193
+ 'user_pages' => array(
194
+ 'profile' => get_option( 'wpmembers_msurl' ),
195
+ 'register' => get_option( 'wpmembers_regurl' ),
196
+ 'login' => get_option( 'wpmembers_logurl' ),
197
+ ),
198
+ 'cssurl' => get_option( 'wpmembers_cssurl' ),
199
+ 'select_style' => get_option( 'wpmembers_style' ),
200
+ 'attrib' => get_option( 'wpmembers_attrib' ),
201
+ 'clone_menus' => 0,
202
+ 'enable_products' => 0,
203
+ );
204
+ // Handle auto excerpt setting change and add to setting array.
205
+ $autoex = get_option( 'wpmembers_autoex' );
206
+ if ( $autoex['auto_ex'] == 1 || $autoex['auto_ex'] == "1" ) {
207
+ // If Autoex is set, move it to posts/pages.
208
+ $wpmem_newsettings['autoex']['post'] = array( 'enabled' => 1, 'length' => $autoex['auto_ex_len'] );
209
+ $wpmem_newsettings['autoex']['page'] = array( 'enabled' => 1, 'length' => $autoex['auto_ex_len'] );
210
+ } else {
211
+ // If it is not turned on, set it to off in new setting.
212
+ $wpmem_newsettings['autoex']['post'] = array( 'enabled' => 0, 'length' => '' );
213
+ $wpmem_newsettings['autoex']['page'] = array( 'enabled' => 0, 'length' => '' );
214
+ }
215
+
216
+ // Add new settings.
217
+ $wpmem_newsettings['post_types'] = array();
218
+ $wpmem_settings['form_tags'] = array( 'default' => 'Registration Default' );
219
+ $wpmem_settings['select_style'] = wpmem_upgrade_style_setting( $wpmem_settings );
220
+
221
+ // Merge settings.
222
+ $wpmem_newsettings = array_merge( $wpmem_settings, $wpmem_newsettings );
223
+
224
+ update_option( 'wpmembers_settings', $wpmem_newsettings );
225
+
226
+ return $wpmem_newsettings;
227
+ }
228
+ }
229
+
230
+ /**
231
+ * Adds the fields for email messages.
232
+ *
233
+ * Was append_email() since 2.7, changed to wpmem_append_email() in 3.0.
234
+ *
235
+ * @since 2.7
236
+ */
237
+ function wpmem_append_email() {
238
+
239
+ // Email for a new registration.
240
+ $subj = 'Your registration info for [blogname]';
241
+ $body = 'Thank you for registering for [blogname]
242
+
243
+ Your registration information is below.
244
+ You may wish to retain a copy for your records.
245
+
246
+ username: [username]
247
+ password: [password]
248
+
249
+ You may log in here:
250
+ [reglink]
251
+
252
+ You may change your password here:
253
+ [user-profile]
254
+ ';
255
+
256
+ $arr = array(
257
+ "subj" => $subj,
258
+ "body" => $body,
259
+ );
260
+
261
+ if ( ! get_option( 'wpmembers_email_newreg' ) ) {
262
+ update_option( 'wpmembers_email_newreg', $arr, false );
263
+ }
264
+
265
+ $arr = $subj = $body = '';
266
+
267
+ // Email for new registration, registration is moderated.
268
+ $subj = 'Thank you for registering for [blogname]';
269
+ $body = 'Thank you for registering for [blogname].
270
+ Your registration has been received and is pending approval.
271
+ You will receive login instructions upon approval of your account
272
+ ';
273
+
274
+ $arr = array(
275
+ "subj" => $subj,
276
+ "body" => $body,
277
+ );
278
+
279
+ if ( ! get_option( 'wpmembers_email_newmod' ) ) {
280
+ update_option( 'wpmembers_email_newmod', $arr, false );
281
+ }
282
+
283
+ $arr = $subj = $body = '';
284
+
285
+ // Email for registration is moderated, user is approved.
286
+ $subj = 'Your registration for [blogname] has been approved';
287
+ $body = 'Your registration for [blogname] has been approved.
288
+
289
+ Your registration information is below.
290
+ You may wish to retain a copy for your records.
291
+
292
+ username: [username]
293
+ password: [password]
294
+
295
+ You may log in and change your password here:
296
+ [user-profile]
297
+
298
+ You originally registered at:
299
+ [reglink]
300
+ ';
301
+
302
+ $arr = array(
303
+ "subj" => $subj,
304
+ "body" => $body,
305
+ );
306
+
307
+ if ( ! get_option( 'wpmembers_email_appmod' ) ) {
308
+ update_option( 'wpmembers_email_appmod', $arr, false );
309
+ }
310
+
311
+ $arr = $subj = $body = '';
312
+
313
+ // Email for password reset.
314
+ $subj = 'Your password reset for [blogname]';
315
+ $body = 'Your password for [blogname] has been reset
316
+
317
+ Your new password is included below. You may wish to retain a copy for your records.
318
+
319
+ password: [password]
320
+ ';
321
+
322
+ $arr = array(
323
+ "subj" => $subj,
324
+ "body" => $body,
325
+ );
326
+
327
+ if ( ! get_option( 'wpmembers_email_repass' ) ) {
328
+ update_option( 'wpmembers_email_repass', $arr, false );
329
+ }
330
+
331
+ $arr = $subj = $body = '';
332
+
333
+ // Email for admin notification.
334
+ $subj = 'New user registration for [blogname]';
335
+ $body = 'The following user registered for [blogname]:
336
+
337
+ username: [username]
338
+ email: [email]
339
+
340
+ [fields]
341
+ This user registered here:
342
+ [reglink]
343
+
344
+ user IP: [user-ip]
345
+
346
+ activate user: [activate-user]
347
+ ';
348
+
349
+ $arr = array(
350
+ "subj" => $subj,
351
+ "body" => $body,
352
+ );
353
+
354
+ if ( ! get_option( 'wpmembers_email_notify' ) ) {
355
+ update_option( 'wpmembers_email_notify', $arr, false );
356
+ }
357
+
358
+ $arr = $subj = $body = '';
359
+
360
+ // Email footer (no subject).
361
+ $body = '----------------------------------
362
+ This is an automated message from [blogname]
363
+ Please do not reply to this address';
364
+
365
+ if ( ! get_option( 'wpmembers_email_footer' ) ) {
366
+ update_option( 'wpmembers_email_footer', $body, false );
367
+ }
368
+
369
+ $arr = $subj = $body = '';
370
+
371
+ // Email for retrieve username.
372
+ $subj = 'Username for [blogname]';
373
+ $body = 'Your username for [blogname] is below.
374
+
375
+ username: [username]
376
+ ';
377
+
378
+ $arr = array(
379
+ "subj" => $subj,
380
+ "body" => $body,
381
+ );
382
+
383
+ if ( ! get_option( 'wpmembers_email_getuser' ) ) {
384
+ update_option( 'wpmembers_email_getuser', $arr, false );
385
+ }
386
+
387
+ return true;
388
+ }
389
+
390
+ /**
391
+ * Checks the dialogs array for necessary changes.
392
+ *
393
+ * @since 2.9.3
394
+ * @since 3.0.0 Changed from update_dialogs() to wpmem_update_dialogs().
395
+ * @since 3.1.0 Changed from wpmem_update_dialogs() to wpmem_upgrade_dialogs().
396
+ * @since 3.1.1 Converts numeric dialog array to associative.
397
+ */
398
+ function wpmem_upgrade_dialogs() {
399
+
400
+ $wpmem_dialogs = get_option( 'wpmembers_dialogs' );
401
+
402
+ if ( ! array_key_exists( 'restricted_msg', $wpmem_dialogs ) ) {
403
+ // Update is needed.
404
+ $new_arr = array();
405
+ $new_keys = array( 'restricted_msg', 'user', 'email', 'success', 'editsuccess', 'pwdchangerr', 'pwdchangesuccess', 'pwdreseterr', 'pwdresetsuccess' );
406
+ foreach ( $wpmem_dialogs as $key => $val ) {
407
+ $new_arr[ $new_keys[ $key ] ] = $val;
408
+ }
409
+ update_option( 'wpmembers_dialogs', $new_arr, '', 'yes' );
410
+ }
411
+
412
+ return;
413
+ }
414
+
415
+ /**
416
+ * Downgrades dialogs array for pre-3.1.1 version rollback.
417
+ *
418
+ * @since 3.1.1
419
+ */
420
+ function wpmem_downgrade_dialogs() {
421
+
422
+ $wpmem_dialogs = get_option( 'wpmembers_dialogs' );
423
+
424
+ if ( array_key_exists( 'restricted_msg', $wpmem_dialogs ) ) {
425
+ // Update is needed.
426
+ $new_arr = array();
427
+ $i = 0;
428
+ foreach ( $wpmem_dialogs as $key => $val ) {
429
+ $new_arr[ $i ] = $val;
430
+ $i++;
431
+ }
432
+ update_option( 'wpmembers_dialogs', $new_arr, '', 'yes' );
433
+ }
434
+
435
+ return;
436
+ }
437
+
438
+ /**
439
+ * Checks the captcha settings and updates accordingly.
440
+ *
441
+ * Was update_captcha() since 2.9.5, changed to wpmem_update_captcha() in 3.0.
442
+ *
443
+ * @since 2.9.5
444
+ * @since 3.0.0 Changed from update_captcha() to wpmem_update_captcha().
445
+ * @since 3.1.0 Changed from wpmem_update_captcha() to wpmem_upgrade_captcha().
446
+ */
447
+ function wpmem_upgrade_captcha() {
448
+
449
+ $captcha_settings = get_option( 'wpmembers_captcha' );
450
+
451
+ // If there captcha settings, update them.
452
+ if ( $captcha_settings && ! array_key_exists( 'recaptcha', $captcha_settings ) ) {
453
+
454
+ // Check to see if the array keys are numeric.
455
+ $is_numeric = false;
456
+ foreach ( $captcha_settings as $key => $setting ) {
457
+ $is_numeric = ( is_int( $key ) ) ? true : $is_numeric;
458
+ }
459
+
460
+ if ( $is_numeric ) {
461
+ $new_captcha = array();
462
+ // These are old recaptcha settings.
463
+ $new_captcha['recaptcha']['public'] = $captcha_settings[0];
464
+ $new_captcha['recaptcha']['private'] = $captcha_settings[1];
465
+ $new_captcha['recaptcha']['theme'] = $captcha_settings[2];
466
+ update_option( 'wpmembers_captcha', $new_captcha );
467
+ }
468
+ }
469
+ return;
470
+ }
471
+
472
+ /**
473
+ * Does install of default settings.
474
+ *
475
+ * @since 3.1.5
476
+ * @since 3.1.6 Returns $wpmem_settings
477
+ *
478
+ * @return array $wpmem_settings
479
+ */
480
+ function wpmem_install_settings() {
481
+
482
+ $wpmem_settings = array(
483
+ 'version' => WPMEM_VERSION,
484
+ 'db_version' => WPMEM_DB_VERSION,
485
+ 'block' => array(
486
+ 'post' => ( is_multisite() ) ? 0 : 1,
487
+ 'page' => 0,
488
+ ),
489
+ 'show_excerpt' => array(
490
+ 'post' => 0,
491
+ 'page' => 0,
492
+ ),
493
+ 'show_reg' => array(
494
+ 'post' => 1,
495
+ 'page' => 1,
496
+ ),
497
+ 'show_login' => array(
498
+ 'post' => 1,
499
+ 'page' => 1,
500
+ ),
501
+ 'autoex' => array(
502
+ 'post' => array( 'enabled' => 0, 'length' => '' ),
503
+ 'page' => array( 'enabled' => 0, 'length' => '' ),
504
+ ),
505
+ 'enable_products' => 0,
506
+ 'clone_menus' => 0,
507
+ 'notify' => 0,
508
+ 'mod_reg' => 0,
509
+ 'captcha' => 0,
510
+ 'use_exp' => 0,
511
+ 'use_trial' => 0,
512
+ 'warnings' => 0,
513
+ 'user_pages' => array(
514
+ 'profile' => '',
515
+ 'register' => '',
516
+ 'login' => '',
517
+ ),
518
+ 'cssurl' => '',
519
+ 'select_style' => 'generic-no-float',
520
+ 'attrib' => 0,
521
+ 'post_types' => array(),
522
+ 'form_tags' => array( 'default' => 'Registration Default' ),
523
+ );
524
+
525
+ // Using update_option to allow for forced update.
526
+ update_option( 'wpmembers_settings', $wpmem_settings, '', 'yes' );
527
+
528
+ return $wpmem_settings;
529
+ }
530
+
531
+ /**
532
+ * Installs default fields.
533
+ *
534
+ * @since 3.1.5
535
+ *
536
+ * @return array $fields {
537
+ * @type array {
538
+ * order,
539
+ * label,
540
+ * meta key,
541
+ * type,
542
+ * display,
543
+ * required,
544
+ * native,
545
+ * checked value,
546
+ * checked by default,
547
+ * }
548
+ * }
549
+ */
550
+ function wpmem_install_fields() {
551
+ $fields = array(
552
+ array( 0, 'Choose a Username', 'username', 'text', 'y', 'y', 'y' ),
553
+ array( 1, 'First Name', 'first_name', 'text', 'y', 'y', 'y' ),
554
+ array( 2, 'Last Name', 'last_name', 'text', 'y', 'y', 'y' ),
555
+ array( 3, 'Address 1', 'billing_address_1', 'text', 'y', 'y', 'n' ),
556
+ array( 4, 'Address 2', 'billing_address_2', 'text', 'y', 'n', 'n' ),
557
+ array( 5, 'City', 'billing_city', 'text', 'y', 'y', 'n' ),
558
+ array( 6, 'State', 'billing_state', 'text', 'y', 'y', 'n' ),
559
+ array( 7, 'Zip', 'billing_postcode', 'text', 'y', 'y', 'n' ),
560
+ array( 8, 'Country', 'billing_country', 'text', 'y', 'y', 'n' ),
561
+ array( 9, 'Phone', 'billing_phone', 'text', 'y', 'y', 'n' ),
562
+ array( 10, 'Email', 'user_email', 'email', 'y', 'y', 'y' ),
563
+ array( 11, 'Confirm Email', 'confirm_email', 'email', 'n', 'n', 'n' ),
564
+ array( 12, 'Website', 'user_url', 'url', 'n', 'n', 'y' ),
565
+ array( 13, 'Biographical Info', 'description', 'textarea', 'n', 'n', 'y' ),
566
+ array( 14, 'Password', 'password', 'password', 'n', 'n', 'n' ),
567
+ array( 15, 'Confirm Password', 'confirm_password', 'password', 'n', 'n', 'n' ),
568
+ array( 16, 'Terms of Service', 'tos', 'checkbox', 'n', 'n', 'n', 'agree', 'n' ),
569
+ );
570
+ update_option( 'wpmembers_fields', $fields, '', 'yes' ); // using update_option to allow for forced update
571
+ return $fields;
572
+ }
573
+
574
+ /**
575
+ * Installs default dialogs.
576
+ *
577
+ * @since 3.1.5
578
+ */
579
+ function wpmem_install_dialogs() {
580
+ $wpmem_dialogs_arr = array(
581
+ 'restricted_msg' => "This content is restricted to site members. If you are an existing user, please log in. New users may register below.",
582
+ 'user' => "Sorry, that username is taken, please try another.",
583
+ 'email' => "Sorry, that email address already has an account.<br />Please try another.",
584
+ 'success' => "Congratulations! Your registration was successful.<br /><br />You may now log in using the password that was emailed to you.",
585
+ 'editsuccess' => "Your information was updated!",
586
+ 'pwdchangerr' => "Passwords did not match.<br /><br />Please try again.",
587
+ 'pwdchangesuccess' => "Password successfully changed!",
588
+ 'pwdreseterr' => "Either the username or email address do not exist in our records.",
589
+ 'pwdresetsuccess' => "Password successfully reset!<br /><br />An email containing a new password has been sent to the email address on file for your account.",
590
+ );
591
+ // Insert TOS dialog placeholder.
592
+ $dummy_tos = "Put your TOS (Terms of Service) text here. You can use HTML markup.";
593
+ update_option( 'wpmembers_tos', $dummy_tos );
594
+ update_option( 'wpmembers_dialogs', $wpmem_dialogs_arr, '', 'yes' ); // using update_option to allow for forced update
595
+ }
596
+
597
+ /**
598
+ * Upgrades fields settings.
599
+ *
600
+ * @since 3.2.0
601
+ */
602
+ function wpmem_upgrade_fields() {
603
+ $fields = get_option( 'wpmembers_fields' );
604
+ $old_style = false;
605
+ foreach ( $fields as $key => $val ) {
606
+ if ( is_numeric( $key ) ) {
607
+ $old_style = true;
608
+ $check_array[] = $val[2];
609
+ }
610
+ }
611
+ if ( $old_style && ! in_array( 'username', $check_array ) ) {
612
+ $username_array = array( 0, 'Choose a Username', 'username', 'text', 'y', 'y', 'y' );
613
+ array_unshift( $fields, $username_array );
614
+ update_option( 'wpmembers_fields', $fields, '', 'yes' );
615
+ }
616
+ }
617
+
618
+ /**
619
+ * Upgrades the stylesheet setting from pre-3.0.
620
+ *
621
+ * This is a basic fix for users who have a WP-Members packaged stylesheet saved
622
+ * with the full URL. I believe 90% or more users simply use the default stylesheet
623
+ * so this should handle most updates.
624
+ *
625
+ * @since 3.2.7
626
+ *
627
+ * @param array $settings
628
+ */
629
+ function wpmem_upgrade_style_setting( $settings ) {
630
+
631
+ /*
632
+ * IF $settings['style'] is "use_custom", then it's a custom value. Otherwise
633
+ * it's the value in $settings['style'].
634
+ *
635
+ * We need to first check the simple - if it's use_custom - set the new value
636
+ * to the custom value ($settings['cssurl']).
637
+ *
638
+ * Next, logically determine if it's a self-loaded custom value (unlikely),
639
+ * or a WP-Members default.
640
+ *
641
+ * Lastly, as a fallback, set it to the default no-float sheet.
642
+ */
643
+
644
+ $wpmem_dir = plugin_dir_url ( __DIR__ );
645
+
646
+ if ( isset( $settings['style'] ) ) {
647
+ if ( 'use_custom' == $settings['style'] ) {
648
+
649
+ // Check to see if the custom value is a default stylesheet.
650
+ $chk_path_for = '/wp-content/plugins/wp-members/css/';
651
+ if ( strpos( $settings['cssurl'], $chk_path_for ) ) {
652
+ $strpos = strpos( $settings['cssurl'], $chk_path_for );
653
+ $substr = substr( $settings['cssurl'], $strpos );
654
+ $style = str_replace( array( $chk_path_for, '.css' ), array( '','' ), $substr );
655
+ return $style;
656
+ }
657
+
658
+ return $settings['style'];
659
+ } else {
660
+
661
+ // we don't care here if it's http:// or https://
662
+ $string = str_replace( array( 'http://', 'https://' ), array( '','' ), $settings['style'] );
663
+
664
+ if ( ! strpos( $wpmem_dir, $string ) ) {
665
+
666
+ $pieces = explode( '/', $string );
667
+ $slug = str_replace( '.css', '', end( $pieces ) );
668
+
669
+ // Is $css_slug one of the "official" slugs?
670
+ $haystack = array( 'generic-no-float', 'generic-rigid', 'wp-members-2016-no-float', 'wp-members-2015', 'wp-members-2015-no-float', 'wp-members-2014', 'wp-members-2014-no-float' );
671
+ if ( in_array( $slug, $haystack ) ) {
672
+ return $slug;
673
+ }
674
+ } else {
675
+ // Fallback to purposely load custom value for updating.
676
+ return 'use_custom';
677
+ }
678
+ }
679
+ } else {
680
+ $maybe_style = get_option( 'wpmembers_style' );
681
+ if ( $maybe_style ) {
682
+ // Does stylesheet setting point to the WP-Members /css/ directory?
683
+ if ( strpos( $maybe_style, $wpmem_dir ) ) {
684
+ return str_replace( array( $wpmem_dir . 'css/', '.css' ), array( '', '' ), $settings['style'] );
685
+ }
686
+ }
687
+ }
688
+ // Fallback default.
689
+ return 'generic-no-float';
690
+ }
691
+
692
+ /**
693
+ * Upgrades product expiration meta from a single meta array
694
+ * to individual meta for each product. Single meta array is
695
+ * still maintained for legacy reasons and rollback possiblity.
696
+ *
697
+ * @since 3.3.0
698
+ */
699
+ function wpmem_upgrade_product_expiration() {
700
+ $users = get_users( array( 'fields'=>'ID' ) );
701
+ foreach ( $users as $user_id ) {
702
+ $products = get_user_meta( $user_id, '_wpmem_products', true );
703
+
704
+ // If the user has legacy products, update to new single meta.
705
+ if ( $products ) {
706
+ // Update each product meta.
707
+ foreach ( $products as $key => $product ) {
708
+ // If it's an expiration product,
709
+ if ( ! is_bool( $product ) ) {
710
+ if ( DateTime::createFromFormat( 'Y-m-d H:i:s', $product ) !== FALSE ) {
711
+ $value = strtotime( $product );
712
+ }
713
+ } else {
714
+ $value = $product;
715
+ }
716
+
717
+ // Save new meta
718
+ if ( $key ) {
719
+ update_user_meta( $user_id, '_wpmem_products_' . $key, $value );
720
+ }
721
+ }
722
+ }
723
+ }
724
+ }
725
+
726
+ /**
727
+ * Adds the user email validation success email.<br>8
728
+ *
729
+ * @since 3.3.8
730
+ */
731
+ function wpmem_upgrade_validation_email() {
732
+ $subj = 'Thank you for confirming your email for your [blogname] account';
733
+ $body = 'Thank you for confirming your email address for access to [blogname]!';
734
+
735
+ $arr = array(
736
+ "subj" => $subj,
737
+ "body" => $body,
738
+ );
739
+
740
+ if ( ! get_option( 'wpmembers_email_validated' ) ) {
741
+ update_option( 'wpmembers_email_validated', $arr, false );
742
+ }
743
+
744
+ $arr = $subj = $body = '';
745
+ }
746
+
747
+ /**
748
+ * Adds woo_reg settings.
749
+ *
750
+ * @since 3.3.8
751
+ */
752
+ function wpmem_upgrade_woo_reg() {
753
+ $wpmem_settings = get_option( 'wpmembers_settings' );
754
+
755
+ if ( ! isset( $wpmem_settings['woo'] ) ) {
756
+ $wpmem_settings['woo'] = array(
757
+ 'add_my_account_fields' => 1,
758
+ 'add_checkout_fields' => 1,
759
+ );
760
+ update_option( 'wpmembers_settings', $wpmem_settings );
761
+ }
762
+ }
763
  // End of file.
readme.txt CHANGED
@@ -2,8 +2,8 @@
2
  Contributors: cbutlerjr
3
  Tags: access, authentication, content, login, member, membership, password, protect, register, registration, restriction, subscriber
4
  Requires at least: 4.0
5
- Tested up to: 5.5
6
- Stable tag: 3.3.7
7
  License: GPLv2
8
 
9
  == Description ==
@@ -107,7 +107,7 @@ The FAQs are maintained at https://rocketgeek.com/plugins/wp-members/docs/faqs/
107
 
108
  == Upgrade Notice ==
109
 
110
- WP-Members 3.3.0 is a major update. WP-Members 3.3.7 is an improvement release. See changelog for important details. Minimum WP version is 4.0.
111
 
112
 
113
  == Screenshots ==
@@ -131,6 +131,22 @@ WP-Members 3.3.0 is a major update. WP-Members 3.3.7 is an improvement release.
131
 
132
  == Changelog ==
133
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
134
  = 3.3.7 =
135
 
136
  * Added "Export All" button to top bulk menu (as previously only in lower)
2
  Contributors: cbutlerjr
3
  Tags: access, authentication, content, login, member, membership, password, protect, register, registration, restriction, subscriber
4
  Requires at least: 4.0
5
+ Tested up to: 5.7
6
+ Stable tag: 3.3.8
7
  License: GPLv2
8
 
9
  == Description ==
107
 
108
  == Upgrade Notice ==
109
 
110
+ WP-Members 3.3.0 is a major update. WP-Members 3.3.8 is an improvement release. See changelog for important details. Minimum WP version is 4.0.
111
 
112
 
113
  == Screenshots ==
131
 
132
  == Changelog ==
133
 
134
+ = 3.3.8 =
135
+
136
+ * This update does upgrade the plugin's db version. It adds a new email for user email validation during registration.
137
+ * Revised password reset, now uses WP's user_activation_key instead of custom meta.
138
+ * Revised email validation on registration, now users WP's user_activation_key instead of custom meta.
139
+ * Revised email validation for cleaner use when moderated registration is active. Now, if registration is moderated, user must validate their email before notification is sent to admin. User cannot log in until admin approves the user. (Must enable WP Login Erroe setting in WP-Members options for complete messaging.)
140
+ * Revised email validation now has custom email.
141
+ * Added User Screen column for user email validation/confirmation, updated column for activation (uses dashicons instead of text).
142
+ * Improved handling of User Screen column labels so that if a label is changed in the WP-Members Fields manager, the column is automatically reflected without refreshing the wpmembers_utfields setting.
143
+ * When registration runs wp_insert_user(), the resulting $user object is captured and passed to the wpmem_register_redirect action.
144
+ * The default function in the WP-Members user object runs register_redirect() hooked to the wpmem_register_redirect action. Previously, this was run at the default priority (10). This update moves it to priority 20 (so a custom redirect set at the default priority will run first).
145
+ * Can now customize the plugin's upload directory.
146
+ * Fixes issue with attachment URLs in user profile view when used in multisite.
147
+ * Added new feature settings for turning on/off WP-Members fields in WooCommerce My Account page registration and checkout registration.
148
+ * Added captcha support to native WP registration form.
149
+
150
  = 3.3.7 =
151
 
152
  * Added "Export All" button to top bulk menu (as previously only in lower)
uninstall.php CHANGED
@@ -1,91 +1,92 @@
1
- <?php
2
- /**
3
- * WP-Members Uninstall
4
- *
5
- * Removes all settings WP-Members added to the WP options table
6
- *
7
- * This file is part of the WP-Members plugin by Chad Butler
8
- * You can find out more about this plugin at https://rocketgeek.com
9
- * Copyright (c) 2006-2020 Chad Butler
10
- * WP-Members(tm) is a trademark of butlerblog.com
11
- *
12
- * @package WP-Members
13
- * @author Chad Butler
14
- * @copyright 2006-2020
15
- */
16
-
17
- // Exit if accessed directly.
18
- if ( ! defined( 'ABSPATH' ) ) {
19
- exit();
20
- }
21
-
22
- // If uninstall is not called from WordPress, kill the uninstall.
23
- if( ! defined( 'WP_UNINSTALL_PLUGIN' ) ) {
24
- die( 'invalid uninstall' );
25
- }
26
-
27
- // Uninstall process removes WP-Members settings from the WordPress database (_options table).
28
- if ( WP_UNINSTALL_PLUGIN ) {
29
-
30
- if ( is_multisite() ) {
31
-
32
- global $wpdb;
33
- $blog_ids = $wpdb->get_col( "SELECT blog_id FROM $wpdb->blogs" );
34
- $original_blog_id = get_current_blog_id();
35
-
36
- foreach ( $blog_ids as $blog_id ) {
37
- switch_to_blog( $blog_id );
38
- wpmem_uninstall_options();
39
- }
40
- switch_to_blog( $original_blog_id );
41
-
42
- } else {
43
- wpmem_uninstall_options();
44
- }
45
- }
46
-
47
-
48
- /**
49
- * Compartmentalizes uninstall
50
- *
51
- * @since 2.9.3
52
- */
53
- function wpmem_uninstall_options() {
54
-
55
- delete_option( 'wpmembers_settings' );
56
- delete_option( 'wpmembers_fields' );
57
- delete_option( 'wpmembers_dialogs' );
58
- delete_option( 'wpmembers_captcha' );
59
- delete_option( 'wpmembers_tos' );
60
- delete_option( 'wpmembers_export' );
61
- delete_option( 'wpmembers_utfields' );
62
- delete_option( 'wpmembers_usfields' );
63
- delete_option( 'wpmembers_dropins' );
64
-
65
- delete_option( 'wpmembers_email_newreg' );
66
- delete_option( 'wpmembers_email_newmod' );
67
- delete_option( 'wpmembers_email_appmod' );
68
- delete_option( 'wpmembers_email_repass' );
69
- delete_option( 'wpmembers_email_footer' );
70
- delete_option( 'wpmembers_email_notify' );
71
- delete_option( 'wpmembers_email_wpfrom' );
72
- delete_option( 'wpmembers_email_wpname' );
73
- delete_option( 'wpmembers_email_getuser' );
74
-
75
- delete_option( 'widget_wpmemwidget' );
76
-
77
- // For pre-3.x settings that may remain.
78
- delete_option( 'wpmembers_msurl' );
79
- delete_option( 'wpmembers_regurl' );
80
- delete_option( 'wpmembers_logurl' );
81
- delete_option( 'wpmembers_cssurl' );
82
- delete_option( 'wpmembers_style' );
83
- delete_option( 'wpmembers_autoex' );
84
- delete_option( 'wpmembers_attrib' );
85
-
86
- // Drop user meta key search table.
87
- global $wpdb;
88
- $wpdb->query( "DROP TABLE IF EXISTS {$wpdb->prefix}wpmembers_user_search_keys" );
89
- }
90
-
 
91
  // End of file.
1
+ <?php
2
+ /**
3
+ * WP-Members Uninstall
4
+ *
5
+ * Removes all settings WP-Members added to the WP options table
6
+ *
7
+ * This file is part of the WP-Members plugin by Chad Butler
8
+ * You can find out more about this plugin at https://rocketgeek.com
9
+ * Copyright (c) 2006-2020 Chad Butler
10
+ * WP-Members(tm) is a trademark of butlerblog.com
11
+ *
12
+ * @package WP-Members
13
+ * @author Chad Butler
14
+ * @copyright 2006-2020
15
+ */
16
+
17
+ // Exit if accessed directly.
18
+ if ( ! defined( 'ABSPATH' ) ) {
19
+ exit();
20
+ }
21
+
22
+ // If uninstall is not called from WordPress, kill the uninstall.
23
+ if( ! defined( 'WP_UNINSTALL_PLUGIN' ) ) {
24
+ die( 'invalid uninstall' );
25
+ }
26
+
27
+ // Uninstall process removes WP-Members settings from the WordPress database (_options table).
28
+ if ( WP_UNINSTALL_PLUGIN ) {
29
+
30
+ if ( is_multisite() ) {
31
+
32
+ global $wpdb;
33
+ $blog_ids = $wpdb->get_col( "SELECT blog_id FROM $wpdb->blogs" );
34
+ $original_blog_id = get_current_blog_id();
35
+
36
+ foreach ( $blog_ids as $blog_id ) {
37
+ switch_to_blog( $blog_id );
38
+ wpmem_uninstall_options();
39
+ }
40
+ switch_to_blog( $original_blog_id );
41
+
42
+ } else {
43
+ wpmem_uninstall_options();
44
+ }
45
+ }
46
+
47
+
48
+ /**
49
+ * Compartmentalizes uninstall
50
+ *
51
+ * @since 2.9.3
52
+ */
53
+ function wpmem_uninstall_options() {
54
+
55
+ delete_option( 'wpmembers_settings' );
56
+ delete_option( 'wpmembers_fields' );
57
+ delete_option( 'wpmembers_dialogs' );
58
+ delete_option( 'wpmembers_captcha' );
59
+ delete_option( 'wpmembers_tos' );
60
+ delete_option( 'wpmembers_export' );
61
+ delete_option( 'wpmembers_utfields' );
62
+ delete_option( 'wpmembers_usfields' );
63
+ delete_option( 'wpmembers_dropins' );
64
+
65
+ delete_option( 'wpmembers_email_newreg' );
66
+ delete_option( 'wpmembers_email_newmod' );
67
+ delete_option( 'wpmembers_email_appmod' );
68
+ delete_option( 'wpmembers_email_repass' );
69
+ delete_option( 'wpmembers_email_footer' );
70
+ delete_option( 'wpmembers_email_notify' );
71
+ delete_option( 'wpmembers_email_wpfrom' );
72
+ delete_option( 'wpmembers_email_wpname' );
73
+ delete_option( 'wpmembers_email_getuser' );
74
+ delete_option( 'wpmembers_email_validated' );
75
+
76
+ delete_option( 'widget_wpmemwidget' );
77
+
78
+ // For pre-3.x settings that may remain.
79
+ delete_option( 'wpmembers_msurl' );
80
+ delete_option( 'wpmembers_regurl' );
81
+ delete_option( 'wpmembers_logurl' );
82
+ delete_option( 'wpmembers_cssurl' );
83
+ delete_option( 'wpmembers_style' );
84
+ delete_option( 'wpmembers_autoex' );
85
+ delete_option( 'wpmembers_attrib' );
86
+
87
+ // Drop user meta key search table.
88
+ global $wpdb;
89
+ $wpdb->query( "DROP TABLE IF EXISTS {$wpdb->prefix}wpmembers_user_search_keys" );
90
+ }
91
+
92
  // End of file.
wp-members.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: WP-Members
4
  Plugin URI: https://rocketgeek.com
5
  Description: WP access restriction and user registration. For more information on plugin features, refer to <a href="https://rocketgeek.com/plugins/wp-members/users-guide/">the online Users Guide</a>. A <a href="https://rocketgeek.com/plugins/wp-members/quick-start-guide/">Quick Start Guide</a> is also available. WP-Members(tm) is a trademark of butlerblog.com.
6
- Version: 3.3.7
7
  Author: Chad Butler
8
  Author URI: http://butlerblog.com/
9
  Text Domain: wp-members
@@ -64,8 +64,8 @@ if ( ! defined( 'ABSPATH' ) ) {
64
  }
65
 
66
  // Initialize constants.
67
- define( 'WPMEM_VERSION', '3.3.7' );
68
- define( 'WPMEM_DB_VERSION', '2.2.0' );
69
  define( 'WPMEM_PATH', plugin_dir_path( __FILE__ ) );
70
 
71
  // Initialize the plugin.
@@ -126,6 +126,7 @@ function wpmem_init() {
126
  * @since 2.5.2
127
  */
128
  function wpmem_admin_options() {
 
129
  if ( ! is_multisite() || ( is_multisite() && current_user_can( 'edit_theme_options' ) ) ) {
130
  $plugin_page = add_options_page ( 'WP-Members', 'WP-Members', 'manage_options', 'wpmem-settings', 'wpmem_admin' );
131
  }
3
  Plugin Name: WP-Members
4
  Plugin URI: https://rocketgeek.com
5
  Description: WP access restriction and user registration. For more information on plugin features, refer to <a href="https://rocketgeek.com/plugins/wp-members/users-guide/">the online Users Guide</a>. A <a href="https://rocketgeek.com/plugins/wp-members/quick-start-guide/">Quick Start Guide</a> is also available. WP-Members(tm) is a trademark of butlerblog.com.
6
+ Version: 3.3.8
7
  Author: Chad Butler
8
  Author URI: http://butlerblog.com/
9
  Text Domain: wp-members
64
  }
65
 
66
  // Initialize constants.
67
+ define( 'WPMEM_VERSION', '3.3.8' );
68
+ define( 'WPMEM_DB_VERSION', '2.2.1' );
69
  define( 'WPMEM_PATH', plugin_dir_path( __FILE__ ) );
70
 
71
  // Initialize the plugin.
126
  * @since 2.5.2
127
  */
128
  function wpmem_admin_options() {
129
+ global $wpmem;
130
  if ( ! is_multisite() || ( is_multisite() && current_user_can( 'edit_theme_options' ) ) ) {
131
  $plugin_page = add_options_page ( 'WP-Members', 'WP-Members', 'manage_options', 'wpmem-settings', 'wpmem_admin' );
132
  }