WP-Members Membership Plugin - Version 3.4.3.1

Version Description

  • Moves export class to main user object (previously loaded from admin files). @todo Export class file also remains in admin for backward compatibility if file is called directly.
  • Moves admin object load (back) to "init" action (from "admin_init") as later load can cause problems with extensions loading on the "wpmem_after_admin_init" action.
  • Fixes potential issue with [wpmem_field] shortcode if field does not have a defined type.
Download this release

Release Info

Developer cbutlerjr
Plugin Icon 128x128 WP-Members Membership Plugin
Version 3.4.3.1
Comparing to
See all releases

Code changes from version 3.4.3 to 3.4.3.1

includes/class-wp-members-forms.php CHANGED
@@ -750,7 +750,7 @@ class WP_Members_Forms {
750
  }
751
 
752
  // Build hidden fields, filter, and add to the form.
753
- if ( 'set_password_from_key' == wpmem_get( 'a', false, 'request' ) && 'login' != $action ) {
754
  $hidden['action'] = wpmem_form_field( array( 'name' => 'a', 'type' => 'hidden', 'value' => 'set_password_from_key' ) );
755
  $hidden['key'] = wpmem_form_field( array( 'name' => 'key', 'type' => 'hidden', 'value' => sanitize_text_field( wpmem_get( 'key', null, 'request' ) ) ) );
756
  $hidden['login'] = wpmem_form_field( array( 'name' => 'login', 'type' => 'hidden', 'value' => sanitize_user( wpmem_get( 'login', null, 'request' ) ) ) );
750
  }
751
 
752
  // Build hidden fields, filter, and add to the form.
753
+ if ( 'set_password_from_key' == wpmem_get( 'a', false, 'request' ) && false == wpmem_get( 'formsubmit', false ) ) {
754
  $hidden['action'] = wpmem_form_field( array( 'name' => 'a', 'type' => 'hidden', 'value' => 'set_password_from_key' ) );
755
  $hidden['key'] = wpmem_form_field( array( 'name' => 'key', 'type' => 'hidden', 'value' => sanitize_text_field( wpmem_get( 'key', null, 'request' ) ) ) );
756
  $hidden['login'] = wpmem_form_field( array( 'name' => 'login', 'type' => 'hidden', 'value' => sanitize_user( wpmem_get( 'login', null, 'request' ) ) ) );
includes/class-wp-members-products.php CHANGED
@@ -97,7 +97,6 @@ class WP_Members_Products {
97
  add_filter( 'wpmem_securify', array( $this, 'product_access' ) );
98
  add_filter( 'wpmem_product_restricted_msg', array( $this, 'apply_custom_access_message' ), 10, 2 );
99
  add_filter( 'wpmem_restricted_msg', array( $this, 'apply_custom_access_message' ), 10, 4 );
100
- add_filter( 'wpmem_email_shortcodes', array( $this, 'email_shortcodes' ), 10, 3 );
101
  }
102
 
103
  /**
@@ -545,30 +544,4 @@ class WP_Members_Products {
545
 
546
  return $new_value;
547
  }
548
-
549
- /**
550
- * Adds [user_memberships] shortcode for use in the admin email
551
- *
552
- * @since 3.4.4
553
- *
554
- * @param array $shortcodes
555
- * @param string $tag
556
- * @param int $user_id
557
- * @return array $shortcodes
558
- */
559
- function email_shortcodes( $shortcodes, $tag, $user_id ) {
560
- global $wpmem;
561
- if ( 'notify' == $tag ) {
562
- $user_memberships = wpmem_get_user_memberships( $user_id );
563
- $site_memberships = wpmem_get_memberships();
564
- $email_memberships = ( $wpmem->email->html ) ? '<p><ul>' : "";
565
- foreach ( $user_memberships as $meta_key => $membership ) {
566
- $email_memberships .= ( $wpmem->email->html ) ? "<li>" . $site_memberships[ $meta_key ]['title'] . '</li>' : $site_memberships[ $meta_key ]['title'] . "\r\n";
567
- }
568
- $email_memberships .= ( $wpmem->email->html ) ? '</ul>' : "";
569
-
570
- $shortcodes['memberships'] = $email_memberships;
571
- }
572
- return $shortcodes;
573
- }
574
  }
97
  add_filter( 'wpmem_securify', array( $this, 'product_access' ) );
98
  add_filter( 'wpmem_product_restricted_msg', array( $this, 'apply_custom_access_message' ), 10, 2 );
99
  add_filter( 'wpmem_restricted_msg', array( $this, 'apply_custom_access_message' ), 10, 4 );
 
100
  }
101
 
102
  /**
544
 
545
  return $new_value;
546
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
547
  }
includes/class-wp-members-pwd-reset.php CHANGED
@@ -12,11 +12,10 @@ class WP_Members_Pwd_Reset {
12
  *
13
  * @since 3.3.5
14
  */
15
- public $invalid_key;
16
- public $invalid_user;
17
  public $key_is_expired;
18
  private $reset_key;
19
- private $content = false;
20
 
21
  /**
22
  * Meta containers
@@ -34,10 +33,10 @@ class WP_Members_Pwd_Reset {
34
  function __construct() {
35
 
36
  $defaults = array(
37
- 'invalid_key' => __( "Invalid key." ),
38
- 'invalid_user' => __( "Invalid user.", 'wp-members' ),
39
- 'key_is_expired' => __( "Sorry, the password reset key is expired.", 'wp-members' ),
40
- 'request_new_key' => __( "Request a new reset key.", 'wp-members' ),
41
  );
42
 
43
  /**
@@ -46,7 +45,7 @@ class WP_Members_Pwd_Reset {
46
  * @since 3.3.8
47
  *
48
  * @param array $defaults {
49
- *
50
  * }
51
  */
52
  $defaults = apply_filters( 'wpmem_pwd_reset_default_dialogs', $defaults );
@@ -56,35 +55,79 @@ class WP_Members_Pwd_Reset {
56
  }
57
 
58
  add_filter( 'wpmem_email_filter', array( $this, 'add_reset_key_to_email' ), 10, 3 );
59
- add_action( 'template_redirect', array( $this, 'handle_reset' ), 20 );
60
  add_filter( 'the_content', array( $this, 'display_content' ), 100 );
61
  }
62
 
63
- function handle_reset() {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
64
  global $wpmem;
65
 
66
  if ( ! is_user_logged_in() && $this->form_action == wpmem_get( 'a', false, 'request' ) && ! is_admin() ) {
67
  // Define variables
68
- $result = false;
69
  $user_id = false;
70
  $msg = '';
71
  $form = '';
72
 
73
  // Check for key.
74
- $key = sanitize_text_field( wpmem_get( 'key', false, 'request' ) );
75
- $login = sanitize_text_field( wpmem_get( 'login', false, 'request' ) );
76
- $pass1 = wpmem_get( 'pass1', false );
77
- $pass2 = wpmem_get( 'pass2', false );
78
-
79
- // Check the user. get_user_by() will return false if user_login does not exist.
80
- $is_user = get_user_by( 'login', $login );
81
- if ( false == $is_user ) {
82
- $this->content = $this->error_msg( 'invalid_user', $this->invalid_user );
83
- }
84
-
85
  // Set an error container.
86
  $errors = new WP_Error();
87
-
88
  /**
89
  * Validate the key.
90
  *
@@ -101,12 +144,12 @@ class WP_Members_Pwd_Reset {
101
  * @param string The user login.
102
  * @return WP_User|WP_Error WP_User object on success, WP_Error object for invalid or expired keys (invalid_key|expired_key).
103
  */
104
- $user = check_password_reset_key( $key, $login );
105
-
106
  if ( $user->has_errors() ) {
107
- $this->content = $this->error_msg( 'invalid_key', $this->invalid_key );
108
  }
109
-
110
  // Validate
111
  if ( 1 == wpmem_get( 'formsubmit' ) && false !== wpmem_get( 'a', false, $this->form_action ) ) {
112
 
@@ -138,83 +181,18 @@ class WP_Members_Pwd_Reset {
138
 
139
  if ( 'invalid_key' == $user->get_error_code() ) {
140
  // If somehow the form was submitted but the key not found.
141
- $this->content = $this->error_msg( 'invalid_key', $this->invalid_key );
 
 
142
  } else {
143
  $form = wpmem_change_password_form();
144
  }
145
 
146
  }
147
 
148
- $this->content = $msg . $form;
149
- }
150
- }
151
-
152
- /**
153
- * Add reset key to the email.
154
- *
155
- * @since 3.3.5
156
- *
157
- * @param array $arr
158
- * @param array $wpmem_fields
159
- * @param array $field_data
160
- * @return array $arr
161
- */
162
- function add_reset_key_to_email( $arr, $wpmem_fields, $field_data ) {
163
-
164
- if ( $arr['toggle'] == 'repass' ) {
165
-
166
- $user = get_user_by( 'ID', $arr['user_id'] );
167
-
168
- // Get the stored key.
169
- $key = get_password_reset_key( $user );
170
- $query_args = array(
171
- 'a' => $this->form_action,
172
- 'key' => $key,
173
- 'login' => $user->user_login,
174
- );
175
-
176
- // urlencode, primarily for user_login with a space.
177
- $query_args = array_map( 'rawurlencode', $query_args );
178
-
179
- // Generate reset link.
180
- $link = add_query_arg( $query_args, trailingslashit( wpmem_profile_url() ) );
181
-
182
- // Does email body have the [reset_link] shortcode?
183
- if ( strpos( $arr['body'], '[reset_link]' ) ) {
184
- $arr['body'] = str_replace( '[reset_link]', $link, $arr['body'] );
185
- } else {
186
- // Add text and link to the email body.
187
- $arr['body'] = $arr['body'] . "\r\n"
188
- . $link;
189
- }
190
  }
191
- return $arr;
192
- }
193
-
194
- /**
195
- * Display page content to user.
196
- *
197
- * @since 3.3.5
198
- *
199
- * @param string $content
200
- * @return string $content
201
- */
202
- function display_content( $content ) {
203
- return ( false != $this->content ) ? $this->content : $content;
204
- }
205
-
206
-
207
- function error_msg( $code, $message ) {
208
- $error = wpmem_get_display_message( $code, $message . '<br /><a href="' . wpmem_profile_url( 'pwdreset' ) . '">' . $this->request_new_key . '</a>' );
209
- /**
210
- * Filters the password reset error message.
211
- *
212
- * @since 3.4.4
213
- *
214
- * @param string $error The generated HTML error message.
215
- * @param string $code The error code generated.
216
- * @param string $message The plain text error message.
217
- */
218
- return apply_filters( 'wpmem_pwd_reset_error_msg', $error, $code, $message );
219
  }
220
  }
12
  *
13
  * @since 3.3.5
14
  */
15
+ public $form_submitted_key_not_found;
16
+ public $form_load_key_not_found;
17
  public $key_is_expired;
18
  private $reset_key;
 
19
 
20
  /**
21
  * Meta containers
33
  function __construct() {
34
 
35
  $defaults = array(
36
+ 'form_submitted_key_not_found' => __( "Sorry, no password reset key was found. Please check your email and try again.", 'wp-members' ),
37
+ 'form_load_key_not_found' => __( "Sorry, no password reset key was found. Please check your email and try again.", 'wp-members' ),
38
+ 'key_is_expired' => __( "Sorry, the password reset key is expired.", 'wp-members' ),
39
+ 'request_new_key' => __( "Request a new reset key.", 'wp-members' ),
40
  );
41
 
42
  /**
45
  * @since 3.3.8
46
  *
47
  * @param array $defaults {
48
+ *
49
  * }
50
  */
51
  $defaults = apply_filters( 'wpmem_pwd_reset_default_dialogs', $defaults );
55
  }
56
 
57
  add_filter( 'wpmem_email_filter', array( $this, 'add_reset_key_to_email' ), 10, 3 );
 
58
  add_filter( 'the_content', array( $this, 'display_content' ), 100 );
59
  }
60
 
61
+ /**
62
+ * Add reset key to the email.
63
+ *
64
+ * @since 3.3.5
65
+ *
66
+ * @param array $arr
67
+ * @param array $wpmem_fields
68
+ * @param array $field_data
69
+ * @return array $arr
70
+ */
71
+ function add_reset_key_to_email( $arr, $wpmem_fields, $field_data ) {
72
+
73
+ if ( $arr['toggle'] == 'repass' ) {
74
+
75
+ $user = get_user_by( 'ID', $arr['user_id'] );
76
+
77
+ // Get the stored key.
78
+ $key = get_password_reset_key( $user );
79
+ $query_args = array(
80
+ 'a' => $this->form_action,
81
+ 'key' => $key,
82
+ 'login' => $user->user_login,
83
+ );
84
+
85
+ // urlencode, primarily for user_login with a space.
86
+ $query_args = array_map( 'rawurlencode', $query_args );
87
+
88
+ // Generate reset link.
89
+ $link = add_query_arg( $query_args, trailingslashit( wpmem_profile_url() ) );
90
+
91
+ // Does email body have the [reset_link] shortcode?
92
+ if ( strpos( $arr['body'], '[reset_link]' ) ) {
93
+ $arr['body'] = str_replace( '[reset_link]', $link, $arr['body'] );
94
+ } else {
95
+ // Add text and link to the email body.
96
+ $arr['body'] = $arr['body'] . "\r\n"
97
+ . $link;
98
+ }
99
+ }
100
+ return $arr;
101
+ }
102
+
103
+ /**
104
+ * Display page content to user.
105
+ *
106
+ * @since 3.3.5
107
+ *
108
+ * @param string $content
109
+ * @return string $content
110
+ */
111
+ function display_content( $content ) {
112
+
113
  global $wpmem;
114
 
115
  if ( ! is_user_logged_in() && $this->form_action == wpmem_get( 'a', false, 'request' ) && ! is_admin() ) {
116
  // Define variables
117
+ $result = '';
118
  $user_id = false;
119
  $msg = '';
120
  $form = '';
121
 
122
  // Check for key.
123
+ $key = sanitize_text_field( wpmem_get( 'key', false, 'request' ) );
124
+ $user_login = sanitize_text_field( wpmem_get( 'login', false, 'request' ) );
125
+ $pass1 = wpmem_get( 'pass1', false );
126
+ $pass2 = wpmem_get( 'pass2', false );
127
+
 
 
 
 
 
 
128
  // Set an error container.
129
  $errors = new WP_Error();
130
+
131
  /**
132
  * Validate the key.
133
  *
144
  * @param string The user login.
145
  * @return WP_User|WP_Error WP_User object on success, WP_Error object for invalid or expired keys (invalid_key|expired_key).
146
  */
147
+ $user = check_password_reset_key( $key, $user_login );
148
+
149
  if ( $user->has_errors() ) {
150
+ $errors->add( 'user_not_found', $this->form_load_key_not_found );
151
  }
152
+
153
  // Validate
154
  if ( 1 == wpmem_get( 'formsubmit' ) && false !== wpmem_get( 'a', false, $this->form_action ) ) {
155
 
181
 
182
  if ( 'invalid_key' == $user->get_error_code() ) {
183
  // If somehow the form was submitted but the key not found.
184
+ $pwd_reset_link = wpmem_profile_url( 'pwdreset' );
185
+ $msg = wpmem_get_display_message( 'invalid_key', $this->form_submitted_key_not_found . '<br /><a href="' . $pwd_reset_link . '">' . $this->request_new_key . '</a>' );
186
+ $form = '';
187
  } else {
188
  $form = wpmem_change_password_form();
189
  }
190
 
191
  }
192
 
193
+ $content = $msg . $form;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
194
  }
195
+
196
+ return $content;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
197
  }
198
  }
includes/class-wp-members.php CHANGED
@@ -72,6 +72,7 @@ class WP_Members {
72
  */
73
  public $url;
74
 
 
75
  /**
76
  * Content block settings.
77
  *
@@ -525,9 +526,9 @@ class WP_Members {
525
  add_filter( 'get_previous_post_where', array( $this, 'filter_get_adjacent_post_where' ) );
526
  add_filter( 'get_next_post_where', array( $this, 'filter_get_adjacent_post_where' ) );
527
  add_filter( 'allow_password_reset', array( $this->user, 'no_reset' ) ); // no password reset for non-activated users
528
-
529
  // If registration is moderated, check for activation (blocks backend login by non-activated users).
530
- if ( 1 == $this->mod_reg ) {
531
  add_filter( 'authenticate', array( $this->user, 'check_activated' ), 99, 3 );
532
  }
533
 
72
  */
73
  public $url;
74
 
75
+
76
  /**
77
  * Content block settings.
78
  *
526
  add_filter( 'get_previous_post_where', array( $this, 'filter_get_adjacent_post_where' ) );
527
  add_filter( 'get_next_post_where', array( $this, 'filter_get_adjacent_post_where' ) );
528
  add_filter( 'allow_password_reset', array( $this->user, 'no_reset' ) ); // no password reset for non-activated users
529
+
530
  // If registration is moderated, check for activation (blocks backend login by non-activated users).
531
+ if ( $this->mod_reg == 1 ) {
532
  add_filter( 'authenticate', array( $this->user, 'check_activated' ), 99, 3 );
533
  }
534
 
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: cbutlerjr
3
  Tags: access, authentication, content, login, member, membership, password, protect, register, registration, restriction, subscriber
4
  Requires at least: 4.0
5
  Tested up to: 6.0
6
- Stable tag: 3.4.3.2
7
 
8
  License: GPLv3
9
 
@@ -136,11 +136,6 @@ WP-Members 3.4.3 is a minor update. WP-Members 3.4.2.1 is a bug fix release. Bac
136
 
137
  * @todo WP-Members pluggable deprecated for use in theme functions.php (wpmem will be initialized when plugins are loaded). If you have any WP-Members pluggable functions that load in the theme functions.php, you'll need to move these to another location, such as a custom plugin file. Keep in mind, pluggable functions are no longer the preferred way of customizing (and have not been for many years) as most customizations, if not all, can be handled by using the plugin's filter and action hooks.
138
 
139
- = 3.4.3.2 =
140
-
141
- * Add [memberships] shortcode for admin notification email; this will include a list of memberships for the user in admin notification.
142
- * Move password reset link actions to template_redirect action. This should resolve issues that occur when multiple instances of the_content are run (i.e. the appearance of an invalid key message upon completing the password reset).
143
-
144
  = 3.4.3.1 =
145
 
146
  * Moves export class to main user object (previously loaded from admin files). @todo Export class file also remains in admin for backward compatibility if file is called directly.
3
  Tags: access, authentication, content, login, member, membership, password, protect, register, registration, restriction, subscriber
4
  Requires at least: 4.0
5
  Tested up to: 6.0
6
+ Stable tag: 3.4.3
7
 
8
  License: GPLv3
9
 
136
 
137
  * @todo WP-Members pluggable deprecated for use in theme functions.php (wpmem will be initialized when plugins are loaded). If you have any WP-Members pluggable functions that load in the theme functions.php, you'll need to move these to another location, such as a custom plugin file. Keep in mind, pluggable functions are no longer the preferred way of customizing (and have not been for many years) as most customizations, if not all, can be handled by using the plugin's filter and action hooks.
138
 
 
 
 
 
 
139
  = 3.4.3.1 =
140
 
141
  * Moves export class to main user object (previously loaded from admin files). @todo Export class file also remains in admin for backward compatibility if file is called directly.
wp-members.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: WP-Members
4
  Plugin URI: https://rocketgeek.com
5
  Description: WP access restriction and user registration. For more information on plugin features, refer to <a href="https://rocketgeek.com/plugins/wp-members/docs/">the online Users Guide</a>. A <a href="https://rocketgeek.com/plugins/wp-members/quick-start-guide/">Quick Start Guide</a> is also available. WP-Members(tm) is a trademark of butlerblog.com.
6
- Version: 3.4.3.2
7
  Author: Chad Butler
8
  Author URI: https://butlerblog.com/
9
  Text Domain: wp-members
@@ -58,7 +58,7 @@ if ( ! defined( 'ABSPATH' ) ) {
58
  }
59
 
60
  // Initialize constants.
61
- define( 'WPMEM_VERSION', '3.4.3.2' );
62
  define( 'WPMEM_DB_VERSION', '2.3.0' );
63
  define( 'WPMEM_PATH', plugin_dir_path( __FILE__ ) );
64
 
3
  Plugin Name: WP-Members
4
  Plugin URI: https://rocketgeek.com
5
  Description: WP access restriction and user registration. For more information on plugin features, refer to <a href="https://rocketgeek.com/plugins/wp-members/docs/">the online Users Guide</a>. A <a href="https://rocketgeek.com/plugins/wp-members/quick-start-guide/">Quick Start Guide</a> is also available. WP-Members(tm) is a trademark of butlerblog.com.
6
+ Version: 3.4.3.1
7
  Author: Chad Butler
8
  Author URI: https://butlerblog.com/
9
  Text Domain: wp-members
58
  }
59
 
60
  // Initialize constants.
61
+ define( 'WPMEM_VERSION', '3.4.3.1' );
62
  define( 'WPMEM_DB_VERSION', '2.3.0' );
63
  define( 'WPMEM_PATH', plugin_dir_path( __FILE__ ) );
64