WP-Members Membership Plugin

Version Description

Moves export class to main user object (previously loaded from admin files). @todo Export class file also remains in admin for backward compatibility if file is called directly.
Moves admin object load (back) to "init" action (from "admin_init") as later load can cause problems with extensions loading on the "wpmem_after_admin_init" action.
Fixes potential issue with [wpmem_field] shortcode if field does not have a defined type.

Release Info

Developer	cbutlerjr
Plugin	WP-Members Membership Plugin
Version	3.4.3.1
Comparing to
See all releases

Code changes from version 3.4.3 to 3.4.3.1

Files changed (6) hide show

includes/class-wp-members-forms.php +1 -1
includes/class-wp-members-products.php +0 -27
includes/class-wp-members-pwd-reset.php +76 -98
includes/class-wp-members.php +3 -2
readme.txt +1 -6
wp-members.php +2 -2

includes/class-wp-members-forms.php CHANGED Viewed

	@@ -750,7 +750,7 @@ class WP_Members_Forms {
750	}
751
752	// Build hidden fields, filter, and add to the form.
753	- if ( 'set_password_from_key' == wpmem_get( 'a', false, 'request' ) && '~~login~~' != ~~$action~~ ) {
754	$hidden['action'] = wpmem_form_field( array( 'name' => 'a', 'type' => 'hidden', 'value' => 'set_password_from_key' ) );
755	$hidden['key'] = wpmem_form_field( array( 'name' => 'key', 'type' => 'hidden', 'value' => sanitize_text_field( wpmem_get( 'key', null, 'request' ) ) ) );
756	$hidden['login'] = wpmem_form_field( array( 'name' => 'login', 'type' => 'hidden', 'value' => sanitize_user( wpmem_get( 'login', null, 'request' ) ) ) );


750	}
751
752	// Build hidden fields, filter, and add to the form.
753	+ if ( 'set_password_from_key' == wpmem_get( 'a', false, 'request' ) && false == wpmem_get( 'formsubmit', false ) ) {
754	$hidden['action'] = wpmem_form_field( array( 'name' => 'a', 'type' => 'hidden', 'value' => 'set_password_from_key' ) );
755	$hidden['key'] = wpmem_form_field( array( 'name' => 'key', 'type' => 'hidden', 'value' => sanitize_text_field( wpmem_get( 'key', null, 'request' ) ) ) );
756	$hidden['login'] = wpmem_form_field( array( 'name' => 'login', 'type' => 'hidden', 'value' => sanitize_user( wpmem_get( 'login', null, 'request' ) ) ) );

includes/class-wp-members-products.php CHANGED Viewed

@@ -97,7 +97,6 @@ class WP_Members_Products {
             		add_filter( 'wpmem_securify',               array( $this, 'product_access' ) );
             		add_filter( 'wpmem_product_restricted_msg', array( $this, 'apply_custom_access_message' ), 10, 2 );
             		add_filter( 'wpmem_restricted_msg',         array( $this, 'apply_custom_access_message' ), 10, 4 );
-            -
            		add_filter( 'wpmem_email_shortcodes',       array( $this, 'email_shortcodes' ), 10, 3 );
+            	}
             	/**
@@ -545,30 +544,4 @@ class WP_Members_Products {
             		return $new_value;
+            	}
-            -
-            -
            	/**
-            -
            	 * Adds [user_memberships] shortcode for use in the admin email
-            -
            	 *
-            -
            	 * @since 3.4.4
-            -
            	 *
-            -
            	 * @param  array  $shortcodes
-            -
            	 * @param  string $tag
-            -
            	 * @param  int    $user_id
-            -
            	 * @return array  $shortcodes
-            -
            	 */
-            -
            	function email_shortcodes( $shortcodes, $tag, $user_id ) {
-            -
            		global $wpmem;
-            -
            		if ( 'notify' == $tag ) {
-            -
            			$user_memberships  = wpmem_get_user_memberships( $user_id );
-            -
            			$site_memberships  = wpmem_get_memberships();
-            -
            			$email_memberships = ( $wpmem->email->html ) ? '<p><ul>' : "";
-            -
            			foreach ( $user_memberships as $meta_key => $membership ) {
-            -
            				$email_memberships .= ( $wpmem->email->html ) ? "<li>" . $site_memberships[ $meta_key ]['title'] . '</li>' : $site_memberships[ $meta_key ]['title'] . "\r\n";
-            -
            			}
-            -
            			$email_memberships .= ( $wpmem->email->html ) ? '</ul>' : "";
-            -
-            -
            			$shortcodes['memberships'] = $email_memberships;
-            -
            		}
-            -
            		return $shortcodes;
-            -
            	}
+            }

             		add_filter( 'wpmem_securify',               array( $this, 'product_access' ) );
             		add_filter( 'wpmem_product_restricted_msg', array( $this, 'apply_custom_access_message' ), 10, 2 );
             		add_filter( 'wpmem_restricted_msg',         array( $this, 'apply_custom_access_message' ), 10, 4 );
+            	}
             	/**
             		return $new_value;
+            	}
+            }

includes/class-wp-members-pwd-reset.php CHANGED Viewed

@@ -12,11 +12,10 @@ class WP_Members_Pwd_Reset {
+            	 *
             	 * @since 3.3.5
             	 */
-            -
            	public  $invalid_key;
-            -
            	public  $invalid_user;
             	public  $key_is_expired;
             	private $reset_key;
-            -
            	private $content = false;
             	/**
             	 * Meta containers
@@ -34,10 +33,10 @@ class WP_Members_Pwd_Reset {
             	function __construct() {
             		$defaults = array(
-            -
            			'invalid_key'     => __( "Invalid key." ),
-            -
            			'invalid_user'    => __( "Invalid user.", 'wp-members' ),
-            -
            			'key_is_expired'  => __( "Sorry, the password reset key is expired.", 'wp-members' ),
-            -
            			'request_new_key' => __( "Request a new reset key.", 'wp-members' ),
             		);
             		/**
@@ -46,7 +45,7 @@ class WP_Members_Pwd_Reset {
             		 * @since 3.3.8
+            		 *
             		 * @param array $defaults {
-            -
            		 *
             		 * }
             		 */
             		$defaults = apply_filters( 'wpmem_pwd_reset_default_dialogs', $defaults );
@@ -56,35 +55,79 @@ class WP_Members_Pwd_Reset {
+            		}
             		add_filter( 'wpmem_email_filter', array( $this, 'add_reset_key_to_email' ), 10, 3 );
-            -
            		add_action( 'template_redirect',  array( $this, 'handle_reset'           ), 20  );
             		add_filter( 'the_content',        array( $this, 'display_content'        ), 100 );
+            	}
-            -
            	function handle_reset() {
             		global $wpmem;
             		if ( ! is_user_logged_in() && $this->form_action == wpmem_get( 'a', false, 'request' ) && ! is_admin() ) {
             			// Define variables
-            -
            			$result  = false;
             			$user_id = false;
             			$msg     = '';
             			$form    = '';
             			// Check for key.
-            -
            			$key   = sanitize_text_field( wpmem_get( 'key',   false, 'request' ) );
-            -
            			$login = sanitize_text_field( wpmem_get( 'login', false, 'request' ) );
-            -
            			$pass1 = wpmem_get( 'pass1', false );
-            -
            			$pass2 = wpmem_get( 'pass2', false );
-            -
-            -
            			// Check the user. get_user_by() will return false if user_login does not exist.
-            -
            			$is_user = get_user_by( 'login', $login );
-            -
            			if ( false == $is_user ) {
-            -
            				$this->content = $this->error_msg( 'invalid_user', $this->invalid_user );
-            -
            			}
-            -
             			// Set an error container.
             			$errors = new WP_Error();
-            -
             			/**
             			 * Validate the key.
+            			 *
@@ -101,12 +144,12 @@ class WP_Members_Pwd_Reset {
             			 * @param string The user login.
             			 * @return WP_User|WP_Error WP_User object on success, WP_Error object for invalid or expired keys (invalid_key|expired_key).
             			 */
-            -
            			$user = check_password_reset_key( $key, $login );
-            -
             			if ( $user->has_errors() ) {
-            -
            				$this->content = $this->error_msg( 'invalid_key', $this->invalid_key );
+            			}
-            -
             			// Validate
             			if ( 1 == wpmem_get( 'formsubmit' ) && false !== wpmem_get( 'a', false, $this->form_action ) ) {
@@ -138,83 +181,18 @@ class WP_Members_Pwd_Reset {
             				if ( 'invalid_key' == $user->get_error_code() ) {
             					// If somehow the form was submitted but the key not found.
-            -
            					$this->content = $this->error_msg( 'invalid_key', $this->invalid_key );
             				} else {
             					$form = wpmem_change_password_form();
+            				}
+            			}
-            -
            			$this->content = $msg . $form;
-            -
            		}
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * Add reset key to the email.
-            -
            	 *
-            -
            	 * @since 3.3.5
-            -
            	 *
-            -
            	 * @param  array  $arr
-            -
            	 * @param  array  $wpmem_fields
-            -
            	 * @param  array  $field_data
-            -
            	 * @return array  $arr
-            -
            	 */
-            -
            	function add_reset_key_to_email( $arr, $wpmem_fields, $field_data ) {
-            -
-            -
            		if ( $arr['toggle'] == 'repass' ) {
-            -
-            -
            			$user = get_user_by( 'ID', $arr['user_id'] );
-            -
-            -
            			// Get the stored key.
-            -
            			$key = get_password_reset_key( $user );
-            -
            			$query_args = array(
-            -
            				'a'     => $this->form_action,
-            -
            				'key'   => $key,
-            -
            				'login' => $user->user_login,
-            -
            			);
-            -
-            -
            			// urlencode, primarily for user_login with a space.
-            -
            			$query_args = array_map( 'rawurlencode', $query_args );
-            -
-            -
            			// Generate reset link.
-            -
            			$link = add_query_arg( $query_args, trailingslashit( wpmem_profile_url() ) );
-            -
-            -
            			// Does email body have the [reset_link] shortcode?
-            -
            			if ( strpos( $arr['body'], '[reset_link]' ) ) {
-            -
            				$arr['body'] = str_replace( '[reset_link]', $link, $arr['body'] );
-            -
            			} else {
-            -
            				// Add text and link to the email body.
-            -
            				$arr['body'] = $arr['body'] . "\r\n"
-            -
            					. $link;
-            -
            			}
+            		}
-            -
            		return $arr;
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * Display page content to user.
-            -
            	 *
-            -
            	 * @since 3.3.5
-            -
            	 *
-            -
            	 * @param  string  $content
-            -
            	 * @return string  $content
-            -
            	 */
-            -
            	function display_content( $content ) {
-            -
            		return ( false != $this->content ) ? $this->content : $content;
-            -
            	}
-            -
-            -
-            -
            	function error_msg( $code, $message ) {
-            -
            		$error = wpmem_get_display_message( $code, $message . '<br /><a href="' . wpmem_profile_url( 'pwdreset' ) . '">' . $this->request_new_key . '</a>' );
-            -
            		/**
-            -
            		 * Filters the password reset error message.
-            -
            		 *
-            -
            		 * @since 3.4.4
-            -
            		 *
-            -
            		 * @param  string  $error    The generated HTML error message.
-            -
            		 * @param  string  $code     The error code generated.
-            -
            		 * @param  string  $message  The plain text error message.
-            -
            		 */
-            -
            		return apply_filters( 'wpmem_pwd_reset_error_msg', $error, $code, $message );
+            	}
+            }


12	*
13	* @since 3.3.5
14	*/
15	+ public $form_submitted_key_not_found;
16	+ public $form_load_key_not_found;
17	public $key_is_expired;
18	private $reset_key;

19
20	/**
21	* Meta containers

33	function __construct() {
34
35	$defaults = array(
36	+ 'form_submitted_key_not_found' => __( "Sorry, no password reset key was found. Please check your email and try again.", 'wp-members' ),
37	+ 'form_load_key_not_found' => __( "Sorry, no password reset key was found. Please check your email and try again.", 'wp-members' ),
38	+ 'key_is_expired' => __( "Sorry, the password reset key is expired.", 'wp-members' ),
39	+ 'request_new_key' => __( "Request a new reset key.", 'wp-members' ),
40	);
41
42	/**

45	* @since 3.3.8
46	*
47	* @param array $defaults {
48	+ *
49	* }
50	*/
51	$defaults = apply_filters( 'wpmem_pwd_reset_default_dialogs', $defaults );

55	}
56
57	add_filter( 'wpmem_email_filter', array( $this, 'add_reset_key_to_email' ), 10, 3 );

58	add_filter( 'the_content', array( $this, 'display_content' ), 100 );
59	}
60
61	+ /**
62	+ * Add reset key to the email.
63	+ *
64	+ * @since 3.3.5
65	+ *
66	+ * @param array $arr
67	+ * @param array $wpmem_fields
68	+ * @param array $field_data
69	+ * @return array $arr
70	+ */
71	+ function add_reset_key_to_email( $arr, $wpmem_fields, $field_data ) {
72	+
73	+ if ( $arr['toggle'] == 'repass' ) {
74	+
75	+ $user = get_user_by( 'ID', $arr['user_id'] );
76	+
77	+ // Get the stored key.
78	+ $key = get_password_reset_key( $user );
79	+ $query_args = array(
80	+ 'a' => $this->form_action,
81	+ 'key' => $key,
82	+ 'login' => $user->user_login,
83	+ );
84	+
85	+ // urlencode, primarily for user_login with a space.
86	+ $query_args = array_map( 'rawurlencode', $query_args );
87	+
88	+ // Generate reset link.
89	+ $link = add_query_arg( $query_args, trailingslashit( wpmem_profile_url() ) );
90	+
91	+ // Does email body have the [reset_link] shortcode?
92	+ if ( strpos( $arr['body'], '[reset_link]' ) ) {
93	+ $arr['body'] = str_replace( '[reset_link]', $link, $arr['body'] );
94	+ } else {
95	+ // Add text and link to the email body.
96	+ $arr['body'] = $arr['body'] . "\r\n"
97	+ . $link;
98	+ }
99	+ }
100	+ return $arr;
101	+ }
102	+
103	+ /**
104	+ * Display page content to user.
105	+ *
106	+ * @since 3.3.5
107	+ *
108	+ * @param string $content
109	+ * @return string $content
110	+ */
111	+ function display_content( $content ) {
112	+
113	global $wpmem;
114
115	if ( ! is_user_logged_in() && $this->form_action == wpmem_get( 'a', false, 'request' ) && ! is_admin() ) {
116	// Define variables
117	+ $result = '';
118	$user_id = false;
119	$msg = '';
120	$form = '';
121
122	// Check for key.
123	+ $key = sanitize_text_field( wpmem_get( 'key', false, 'request' ) );
124	+ $user_login = sanitize_text_field( wpmem_get( 'login', false, 'request' ) );
125	+ $pass1 = wpmem_get( 'pass1', false );
126	+ $pass2 = wpmem_get( 'pass2', false );
127	+






128	// Set an error container.
129	$errors = new WP_Error();
130	+
131	/**
132	* Validate the key.
133	*

144	* @param string The user login.
145	* @return WP_User\|WP_Error WP_User object on success, WP_Error object for invalid or expired keys (invalid_key\|expired_key).
146	*/
147	+ $user = check_password_reset_key( $key, $user_login );
148	+
149	if ( $user->has_errors() ) {
150	+ $errors->add( 'user_not_found', $this->form_load_key_not_found );
151	}
152	+
153	// Validate
154	if ( 1 == wpmem_get( 'formsubmit' ) && false !== wpmem_get( 'a', false, $this->form_action ) ) {
155

181
182	if ( 'invalid_key' == $user->get_error_code() ) {
183	// If somehow the form was submitted but the key not found.
184	+ $pwd_reset_link = wpmem_profile_url( 'pwdreset' );
185	+ $msg = wpmem_get_display_message( 'invalid_key', $this->form_submitted_key_not_found . '<br /><a href="' . $pwd_reset_link . '">' . $this->request_new_key . '</a>' );
186	+ $form = '';
187	} else {
188	$form = wpmem_change_password_form();
189	}
190
191	}
192
193	+ $content = $msg . $form;









































194	}
195	+
196	+ return $content;


























197	}
198	}

includes/class-wp-members.php CHANGED Viewed

	@@ -72,6 +72,7 @@ class WP_Members {
72	*/
73	public $url;
74

75	/**
76	* Content block settings.
77	*
	@@ -525,9 +526,9 @@ class WP_Members {
525	add_filter( 'get_previous_post_where', array( $this, 'filter_get_adjacent_post_where' ) );
526	add_filter( 'get_next_post_where', array( $this, 'filter_get_adjacent_post_where' ) );
527	add_filter( 'allow_password_reset', array( $this->user, 'no_reset' ) ); // no password reset for non-activated users
528	-
529	// If registration is moderated, check for activation (blocks backend login by non-activated users).
530	- if ( ~~1 ==~~ $this->mod_reg ) {
531	add_filter( 'authenticate', array( $this->user, 'check_activated' ), 99, 3 );
532	}
533


72	*/
73	public $url;
74
75	+
76	/**
77	* Content block settings.
78	*

526	add_filter( 'get_previous_post_where', array( $this, 'filter_get_adjacent_post_where' ) );
527	add_filter( 'get_next_post_where', array( $this, 'filter_get_adjacent_post_where' ) );
528	add_filter( 'allow_password_reset', array( $this->user, 'no_reset' ) ); // no password reset for non-activated users
529	+
530	// If registration is moderated, check for activation (blocks backend login by non-activated users).
531	+ if ( $this->mod_reg == 1 ) {
532	add_filter( 'authenticate', array( $this->user, 'check_activated' ), 99, 3 );
533	}
534

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@ Contributors: cbutlerjr
3	Tags: access, authentication, content, login, member, membership, password, protect, register, registration, restriction, subscriber
4	Requires at least: 4.0
5	Tested up to: 6.0
6	- Stable tag: 3.4.3.2
7
8	License: GPLv3
9
	@@ -136,11 +136,6 @@ WP-Members 3.4.3 is a minor update. WP-Members 3.4.2.1 is a bug fix release. Bac
136
137	* @todo WP-Members pluggable deprecated for use in theme functions.php (wpmem will be initialized when plugins are loaded). If you have any WP-Members pluggable functions that load in the theme functions.php, you'll need to move these to another location, such as a custom plugin file. Keep in mind, pluggable functions are no longer the preferred way of customizing (and have not been for many years) as most customizations, if not all, can be handled by using the plugin's filter and action hooks.
138
139	- = 3.4.3.2 =
140	-
141	- * Add [memberships] shortcode for admin notification email; this will include a list of memberships for the user in admin notification.
142	- * Move password reset link actions to template_redirect action. This should resolve issues that occur when multiple instances of the_content are run (i.e. the appearance of an invalid key message upon completing the password reset).
143	-
144	= 3.4.3.1 =
145
146	* Moves export class to main user object (previously loaded from admin files). @todo Export class file also remains in admin for backward compatibility if file is called directly.


3	Tags: access, authentication, content, login, member, membership, password, protect, register, registration, restriction, subscriber
4	Requires at least: 4.0
5	Tested up to: 6.0
6	+ Stable tag: 3.4.3
7
8	License: GPLv3
9

136
137	* @todo WP-Members pluggable deprecated for use in theme functions.php (wpmem will be initialized when plugins are loaded). If you have any WP-Members pluggable functions that load in the theme functions.php, you'll need to move these to another location, such as a custom plugin file. Keep in mind, pluggable functions are no longer the preferred way of customizing (and have not been for many years) as most customizations, if not all, can be handled by using the plugin's filter and action hooks.
138





139	= 3.4.3.1 =
140
141	* Moves export class to main user object (previously loaded from admin files). @todo Export class file also remains in admin for backward compatibility if file is called directly.

wp-members.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: WP-Members
4	Plugin URI: https://rocketgeek.com
5	Description: WP access restriction and user registration. For more information on plugin features, refer to <a href="https://rocketgeek.com/plugins/wp-members/docs/">the online Users Guide</a>. A <a href="https://rocketgeek.com/plugins/wp-members/quick-start-guide/">Quick Start Guide</a> is also available. WP-Members(tm) is a trademark of butlerblog.com.
6	- Version: 3.4.3.2
7	Author: Chad Butler
8	Author URI: https://butlerblog.com/
9	Text Domain: wp-members
	@@ -58,7 +58,7 @@ if ( ! defined( 'ABSPATH' ) ) {
58	}
59
60	// Initialize constants.
61	- define( 'WPMEM_VERSION', '3.4.3.2' );
62	define( 'WPMEM_DB_VERSION', '2.3.0' );
63	define( 'WPMEM_PATH', plugin_dir_path( __FILE__ ) );
64


3	Plugin Name: WP-Members
4	Plugin URI: https://rocketgeek.com
5	Description: WP access restriction and user registration. For more information on plugin features, refer to <a href="https://rocketgeek.com/plugins/wp-members/docs/">the online Users Guide</a>. A <a href="https://rocketgeek.com/plugins/wp-members/quick-start-guide/">Quick Start Guide</a> is also available. WP-Members(tm) is a trademark of butlerblog.com.
6	+ Version: 3.4.3.1
7	Author: Chad Butler
8	Author URI: https://butlerblog.com/
9	Text Domain: wp-members

58	}
59
60	// Initialize constants.
61	+ define( 'WPMEM_VERSION', '3.4.3.1' );
62	define( 'WPMEM_DB_VERSION', '2.3.0' );
63	define( 'WPMEM_PATH', plugin_dir_path( __FILE__ ) );
64

WP-Members Membership Plugin - Version 3.4.3.1

Version Description

Release Info

Code changes from version 3.4.3 to 3.4.3.1