Server IP : 104.21.14.48 / Your IP : 3.147.7.24 [ Web Server : Apache System : Linux b70eb322-3aee-0c53-7c82-0db91281f2c6.secureserver.net 6.1.90-1.el9.elrepo.x86_64 #1 SMP PREEMPT_DYNAMIC Thu May 2 12:09:22 EDT 2024 x86_64 User : root ( 0) PHP Version : 8.0.30.2 Disable Function : NONE Domains : 0 Domains MySQL : ON | cURL : ON | WGET : ON | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /var/chroot/var/www/wp-content/plugins/profile-builder/front-end/ |
Upload File : |
<?php if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly /** * Function that changes the auto generated password with the one selected by the user. */ function wppb_signup_password_random_password_filter( $password ) { global $wpdb; $key = ( !empty( $_GET['key'] ) ? sanitize_text_field( $_GET['key'] ) : null ); $key = ( !empty( $_POST['key'] ) ? sanitize_text_field( $_POST['key'] ) : $key ); if ( !empty( $_POST['user_pass'] ) )// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized, WordPress.Security.ValidatedSanitizedInput.MissingUnslash $password = $_POST['user_pass'];// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized, WordPress.Security.ValidatedSanitizedInput.MissingUnslash elseif ( !is_null( $key ) ) { $signup = ( is_multisite() ? $wpdb->get_row( $wpdb->prepare( "SELECT * FROM " . $wpdb->signups . " WHERE activation_key = %s", $key ) ) : $wpdb->get_row( $wpdb->prepare( "SELECT * FROM " . $wpdb->base_prefix . "signups WHERE activation_key = %s", $key ) ) ); if ( empty( $signup ) || $signup->active ) { //bad key or already active } else { //check for password in signup meta $meta = unserialize( $signup->meta ); if ( !empty($meta['user_pass']) ) $password = $meta['user_pass']; } } return apply_filters( 'wppb_generated_random_password', $password, $key ); } add_filter( 'random_password', 'wppb_signup_password_random_password_filter' ); /** * Activate a signup. * * * @param string $key The activation key provided to the user. * @return array An array containing information about the activated user and/or blog */ function wppb_activate_signup( $key ) { global $wpdb; $bloginfo = get_bloginfo( 'name' ); $wppb_general_settings = get_option( 'wppb_general_settings' ); $login_after_register = ( isset( $wppb_general_settings['automaticallyLogIn'] ) ? $wppb_general_settings['automaticallyLogIn'] : apply_filters( 'wppb_automatically_login_after_register', 'No' ) ); $signup = ( is_multisite() ? $wpdb->get_row( $wpdb->prepare("SELECT * FROM $wpdb->signups WHERE activation_key = %s", $key) ) : $wpdb->get_row( $wpdb->prepare( "SELECT * FROM ".$wpdb->base_prefix."signups WHERE activation_key = %s", $key ) ) ); if( empty( $signup ) ) return apply_filters( 'wppb_register_activate_user_error_message6', '<p class="error">'.__( 'Could not find registration. Contact administrator.', 'profile-builder' ).'</p>'); $user_login = ( ( isset( $wppb_general_settings['loginWith'] ) && ( $wppb_general_settings['loginWith'] == 'email' ) ) ? trim( $signup->user_email ) : trim( $signup->user_login ) ); $user_email = esc_sql( $signup->user_email ); /* the password is in hashed form in the signup table so we will add it later */ $password = ''; $user_id = username_exists( $user_login ); if ( empty( $signup ) ) return apply_filters( 'wppb_register_activate_user_error_message1', '<p class="error">'.__( 'Invalid activation key!', 'profile-builder' ).'</p>'); if ( $signup->active ) if ( empty( $signup->domain ) ) return apply_filters( 'wppb_register_activate_user_error_message2', '<p class="wppb-success">'.__( 'This username is now active!', 'profile-builder' ).'</p>', $user_id ); $meta = unserialize( $signup->meta ); if( strcasecmp($login_after_register, 'Yes') === 0 ) { $login_after_register = true; } elseif( isset( $meta [ 'wppb_login_after_register_'.$meta['user_login'] ] ) ) { $login_after_register = $meta [ 'wppb_login_after_register_'.$meta['user_login'] ]; unset( $meta [ 'wppb_login_after_register_'.$meta['user_login'] ] ); } else { $login_after_register = false; } if ( !$user_id ) $user_id = wppb_create_user( $user_login, $password, $user_email ); else $user_already_exists = true; if ( ! $user_id ) return apply_filters( 'wppb_register_activate_user_error_message4', '<p class="error">'.__('Could not create user!', 'profile-builder').'</p>' ); elseif ( isset( $user_already_exists ) && ( $user_already_exists == true ) ) return apply_filters( 'wppb_register_activate_user_error_message5', '<p class="error">'.__( 'This username is already activated!', 'profile-builder' ).'</p>' ); else{ $inserted_user = ( is_multisite() ? $wpdb->update( $wpdb->signups, array( 'active' => 1, 'activated' => current_time( 'mysql', true ) ), array( 'activation_key' => $key ) ) : $wpdb->update( $wpdb->base_prefix.'signups', array( 'active' => 1, 'activated' => current_time( 'mysql', true ) ), array( 'activation_key' => $key ) ) ); wppb_add_meta_to_user_on_activation( $user_id, '', $meta ); // if admin approval is activated, then block the user until he gets approved $wppb_generalSettings = get_option('wppb_general_settings'); if( wppb_get_admin_approval_option_value() === 'yes' ){ wppb_update_user_status_to_pending( $user_id, $wppb_generalSettings ); } if ( !isset( $wppb_generalSettings['adminApproval'] ) ) $wppb_generalSettings['adminApproval'] = 'no'; /* copy the hashed password from signup meta to wp user table */ if( !empty( $meta['user_pass'] ) ){ /* we might still have the base64 encoded password in signups and not the hash */ if( base64_encode(base64_decode($meta['user_pass'], true)) === $meta['user_pass'] ) $meta['user_pass'] = wp_hash_password( $meta['user_pass'] ); $wpdb->update( $wpdb->users, array('user_pass' => $meta['user_pass'] ), array('ID' => $user_id) ); wp_cache_delete( $user_id, 'users' ); } wppb_notify_user_registration_email($bloginfo, $user_login, $user_email, 'sending', $password, wppb_get_admin_approval_option_value() ); do_action( 'wppb_activate_user', $user_id, $password, $meta ); if( $inserted_user ) { // CHECK FOR REDIRECT $redirect_url = wppb_get_redirect_url( 'normal', 'after_success_email_confirmation', '', $user_login ); $redirect_delay = apply_filters( 'wppb_success_email_confirmation_redirect_delay', 3, $user_id ); $redirect_message = wppb_build_redirect( $redirect_url, $redirect_delay, 'after_success_email_confirmation' ); $redirect_message = apply_filters( 'wppb_ec_sucess_message_redirect', $redirect_message, $meta ); $success_message = apply_filters( 'wppb_success_email_confirmation', '<p class="wppb-success">' . __( 'Your email was successfully confirmed.', 'profile-builder' ) . '</p><!-- .success -->', $user_id ); $admin_approval_message = apply_filters( 'wppb_email_confirmation_with_admin_approval', '<p class="alert">' . __( 'Before you can access your account, an administrator needs to approve it. You will be notified via email.', 'profile-builder' ) . '</p>', $user_id ); $wppb_general_settings = get_option( 'wppb_general_settings', 'false' ); if ( wppb_get_admin_approval_option_value() === 'yes' ){ $user_data = get_userdata( $user_id ); if( $wppb_general_settings != 'not_found' && ! empty( $wppb_general_settings['adminApprovalOnUserRole'] ) ) { foreach( $user_data->roles as $role ) { if( in_array( $role, $wppb_general_settings['adminApprovalOnUserRole'] ) ) { return $success_message . $admin_approval_message . ( ! empty ( $redirect_message ) ? $redirect_message : '' ); } else { wp_set_object_terms( $user_id, NULL, 'user_status' ); clean_object_term_cache( $user_id, 'user_status' ); if( $login_after_register ) { if( empty( $redirect_url ) ) { $redirect_url = wppb_curpageurl(); } $redirect_message = wppb_activate_signup_autologin_redirect_url($user_id, $redirect_url, $redirect_delay); } return $success_message . ( ! empty ( $redirect_message ) ? $redirect_message : '' ); } } } else { return $success_message . $admin_approval_message . ( ! empty ( $redirect_message ) ? $redirect_message : '' ); } } else { wp_set_object_terms( $user_id, NULL, 'user_status' ); clean_object_term_cache( $user_id, 'user_status' ); if( $login_after_register ) { if( empty( $redirect_url ) ) { $redirect_url = wppb_curpageurl(); } $redirect_message = wppb_activate_signup_autologin_redirect_url($user_id, $redirect_url, $redirect_delay); } return $success_message . ( ! empty ( $redirect_message ) ? $redirect_message : '' ); } } else { return apply_filters('wppb_register_failed_user_activation', '<p class="error">'. __('There was an error while trying to activate the user.', 'profile-builder') .'</p><!-- .error -->'); } } } //function that generates the redirect message when the user should be automatically logged in function wppb_activate_signup_autologin_redirect_url( $user_id, $redirect_url, $redirect_delay ){ $nonce = wp_create_nonce( 'autologin-'. $user_id .'-'. (int)( time() / 60 ) ); $redirect_url = remove_query_arg( 'activation_key' ,$redirect_url ); $redirect_url = apply_filters( 'wppb_login_after_reg_redirect_url', $redirect_url ); $redirect_url = add_query_arg( array( 'autologin' => 'true', 'uid' => $user_id, '_wpnonce' => $nonce ), $redirect_url ); return wppb_build_redirect( $redirect_url, $redirect_delay, 'after_success_email_confirmation' ); } //function to display the registration page function wppb_front_end_register( $atts ){ $atts = shortcode_atts( array( 'role' => get_option( 'default_role' ), 'form_name' => 'unspecified', 'redirect_url' => '', 'logout_redirect_url' => '', 'automatic_login' => '', 'redirect_priority' => 'normal', 'ajax' => false ), $atts, 'wppb-register' ); $form = new Profile_Builder_Form_Creator( array( 'form_type' => 'register', 'form_name' => $atts['form_name'], 'role' => ( is_object( get_role( $atts['role'] ) ) ? $atts['role'] : get_option( 'default_role' ) ) , 'redirect_url' => $atts['redirect_url'], 'logout_redirect_url' => $atts['logout_redirect_url'], 'automatic_login' => $atts['automatic_login'], 'redirect_priority' => $atts['redirect_priority'], 'ajax' => $atts['ajax'] ) ); return $form; } // function to choose whether to display the registration page or the validation message function wppb_front_end_register_handler( $atts ){ return ( isset( $_GET['activation_key'] ) ? wppb_activate_signup ( sanitize_text_field( $_GET['activation_key'] ) ) : wppb_front_end_register( $atts ) ); } add_action( 'user_register', 'wppbc_disable_admin_approval_for_user_role', 99, 1 ); function wppbc_disable_admin_approval_for_user_role( $user_id ) { if ( current_user_can( 'delete_users' ) ) { wp_set_object_terms( $user_id, NULL, 'user_status' ); clean_object_term_cache( $user_id, 'user_status' ); } } /* authors and contributors shouldn't be allowed to create pages with the register shortcode in them */ add_filter( 'the_content', 'wppb_maybe_remove_register_shortcode' ); function wppb_maybe_remove_register_shortcode( $content ){ if ( has_shortcode( $content, 'wppb-register' ) ){ $author_id = get_the_author_meta( 'ID' ); if( !empty( $author_id ) ){ if( !user_can( $author_id, 'edit_others_posts' ) ) { remove_shortcode('wppb-register'); } } } return $content; } /* custom redirect after registration on wp default register form */ function wppb_default_registration_redirect( $user_id ) { $user_data = get_userdata( $user_id ); // CHECK FOR REDIRECT if( isset( $_POST['redirect_to'] ) ) $_POST['redirect_to'] = apply_filters( 'wppb_after_registration_redirect_url', wppb_get_redirect_url( 'normal', 'after_registration', esc_url_raw( $_POST['redirect_to'] ), $user_data ) ); } add_action( 'register_new_user', 'wppb_default_registration_redirect' );