private function verify_and_delete_account() { include_once SIMPLE_WP_MEMBERSHIP_PATH . 'classes/class.swpm-members.php'; $delete_account = filter_input(INPUT_GET, 'delete_account'); if (empty($delete_account)) { return; } $password = filter_input(INPUT_POST, 'account_delete_confirm_pass', FILTER_UNSAFE_RAW); $auth = SwpmAuth::get_instance(); if (!$auth->is_logged_in()) { return; } if (empty($password)) { SwpmUtils::account_delete_confirmation_ui(); } $nonce_field = filter_input(INPUT_POST, 'account_delete_confirm_nonce'); if (empty($nonce_field) || !wp_verify_nonce($nonce_field, 'swpm_account_delete_confirm')) { SwpmUtils::account_delete_confirmation_ui(SwpmUtils::_("Sorry, Nonce verification failed.")); } if ($auth->match_password($password)) { $auth->delete(); wp_redirect(home_url()); exit(0); } else { SwpmUtils::account_delete_confirmation_ui(SwpmUtils::_("Sorry, Password didn't match.")); } }
public static function get_logged_in_members_level_name() { $auth = SwpmAuth::get_instance(); if ($auth->is_logged_in()) { return $auth->get('alias'); } return SwpmUtils::_("User is not logged in."); }
public function swpm_show_expiry_date_sc($args) { $output = '<div class="swpm-show-expiry-date">'; if (SwpmMemberUtils::is_member_logged_in()) { $auth = SwpmAuth::get_instance(); $expiry_date = $auth->get_expire_date(); $output .= SwpmUtils::_('Expiry: ') . $expiry_date; } else { $output .= SwpmUtils::_('You are not logged-in as a member'); } $output .= '</div>'; return $output; }
function swpm_after_login_url($url) { $auth = SwpmAuth::get_instance(); if ($auth->is_logged_in()) { $level = $auth->get('membership_level'); $level_id = $level; $key = 'swpm_alr_after_login_page_field'; $after_login_page_url = SwpmMembershipLevelCustom::get_value_by_key($level_id, $key); if (!empty($after_login_page_url)) { return $after_login_page_url; } } return $url; }
public static function check_and_restrict_comment_posting_to_members() { $allow_comments = SwpmSettings::get_instance()->get_value('members-login-to-comment'); if (empty($allow_comments)) { return; } if (is_admin()) { return; } if (SwpmAuth::get_instance()->is_logged_in()) { return; } $comment_id = filter_input(INPUT_POST, 'comment_post_ID'); if (empty($comment_id)) { return; } //Stop this request -> 1)we are on the front-side. 2) Comment posted by a not logged in member. 3) comment_post_ID missing. $_POST = array(); wp_die(SwpmUtils::_('Comments not allowed by a non-member.')); }
</td> </tr> </table> <p align="center"><input type="submit" value="<?php echo SwpmUtils::_('Update'); ?> " class="swpm-edit-profile-submit" name="swpm_editprofile_submit" /> </p> <?php echo SwpmUtils::delete_account_button(); ?> <input type="hidden" name="action" value="custom_posts" /> <?php wp_nonce_field('name_of_my_action', 'name_of_nonce_field'); ?> </form> </div> <script> jQuery(document).ready(function($){ $.validationEngineLanguage.allRules['ajaxEmailCall']['url']= '<?php echo admin_url('admin-ajax.php'); ?> '; $.validationEngineLanguage.allRules['ajaxEmailCall']['extraData'] = '&action=swpm_validate_email&member_id=<?php echo SwpmAuth::get_instance()->get('member_id'); ?> '; $("#swpm-editprofile-form").validationEngine('attach'); }); </script>
/** * Exclude menu items via wp_get_nav_menu_items filter * It use simple membership auth instance to manage session status */ function exclude_menu_items($items) { $hide_children_of = array(); // SWPM auth instance $auth = SwpmAuth::get_instance(); $is_logged = $auth->is_logged_in(); //// Getting if auth, user group $level = $is_logged ? $auth->get('membership_level') : self::NOT_LOGGED_IN_LEVEL_ID; // Iterate over the items to search and destroy foreach ($items as $key => $item) { $item_groups = get_post_meta($item->ID, self::META_KEY_NAME, true); // hide any item that is the child of a hidden item if (in_array($item->menu_item_parent, $hide_children_of)) { $visible = false; $hide_children_of[] = $item->ID; // for nested menus } //// Check rights $visible = count($item_groups) == 0 || in_array($level, $item_groups); // add filter to work with plugins that don't use traditional roles $visible = apply_filters('swpm_menu_item_visibility', $visible, $item); // unset non-visible item if (!$visible) { $hide_children_of[] = $item->ID; // store ID of item unset($items[$key]); } } return $items; }
<?php //wp_enqueue_script('jquery.data-tables', SIMPLE_WP_MEMBERSHIP_URL . '/js/data-tables.js'); //wp_enqueue_style('style.data-tables', SIMPLE_WP_MEMBERSHIP_URL . '/css/data-tables.css'); //wp_enqueue_script('downloaders', SIMPLE_WP_MEMBERSHIP_URL . '/downloaders/js/downloaders.js'); include_once SIMPLE_WP_MEMBERSHIP_PATH . 'materials/classes/Class_SWPM_Materials.php'; include get_template_directory() . '/page-templates/members-area/classes/Class_MembersArea.php'; $class_materials = new SWPMMaterials(); $class_members = new MembersArea(); $swpm = new SimpleWpMembership(); $auth = SwpmAuth::get_instance(); $get_membership_levels = SwpmUtils::get_all_membership_levels(); $course_array = $class_members->getCourseMaterialsFromDB(); $relative_plugin_url = str_replace($_SERVER['DOCUMENT_ROOT'], "", SIMPLE_WP_MEMBERSHIP_PATH); include_once SIMPLE_WP_MEMBERSHIP_PATH . 'materials/views/view.php';
public function edit() { global $wpdb; $auth = SwpmAuth::get_instance(); if (!$auth->is_logged_in()) { return; } $user_data = (array) $auth->userData; unset($user_data['permitted']); $form = new SwpmForm($user_data); if ($form->is_valid()) { global $wpdb; $message = array('succeeded' => true, 'message' => SwpmUtils::_('Profile updated successfully.')); $member_info = $form->get_sanitized(); SwpmUtils::update_wp_user($auth->get('user_name'), $member_info); //Update corresponding wp user record. if (isset($member_info['plain_password'])) { //Password was also changed so show the appropriate message $message = array('succeeded' => true, 'message' => SwpmUtils::_('Profile updated successfully. You will need to re-login since you changed your password.')); unset($member_info['plain_password']); } $wpdb->update($wpdb->prefix . "swpm_members_tbl", $member_info, array('member_id' => $auth->get('member_id'))); $auth->reload_user_data(); SwpmTransfer::get_instance()->set('status', $message); } else { $message = array('succeeded' => false, 'message' => SwpmUtils::_('Please correct the following'), 'extra' => $form->get_errors()); SwpmTransfer::get_instance()->set('status', $message); return; } }
public function filter_post($id, $content) { if (in_array($id, $this->moretags)) { return $content; } if ($this->can_i_read_post($id)) { return $content; } $moretag = SwpmSettings::get_instance()->get_value('enable-moretag'); if (empty($moretag)) { return $this->lastError; } $post = get_post($id); $post_segments = explode('<!--more-->', $post->post_content); if (count($post_segments) >= 2) { if (SwpmAuth::get_instance()->is_logged_in()) { $error_msg = '<div class="swpm-margin-top-10">' . SwpmUtils::_(" The rest of the content is not permitted for your membership level.") . '</div>'; $this->lastError = apply_filters('swpm_restricted_more_tag_msg', $error_msg); } else { $error_msg = '<div class="swpm-margin-top-10">' . SwpmUtils::_("You need to login to view the rest of the content. ") . SwpmSettings::get_instance()->get_login_link() . '</div>'; $this->lastError = apply_filters('swpm_not_logged_in_more_tag_msg', $error_msg); } return do_shortcode($post_segments[0]) . $this->lastError; } return $this->lastError; }
public function profile_form() { $auth = SwpmAuth::get_instance(); $this->notices(); if ($auth->is_logged_in()) { $out = apply_filters('swpm_profile_form_override', ''); if (!empty($out)) { return $out; } $user_data = (array) $auth->userData; $user_data['membership_level_alias'] = $auth->get('alias'); ob_start(); extract($user_data, EXTR_SKIP); include SIMPLE_WP_MEMBERSHIP_PATH . 'views/edit.php'; return ob_get_clean(); } return SwpmUtils::_('You are not logged in.'); }
private function validate() { $auth_cookie_name = is_ssl() ? SIMPLE_WP_MEMBERSHIP_SEC_AUTH : SIMPLE_WP_MEMBERSHIP_AUTH; if (!isset($_COOKIE[$auth_cookie_name]) || empty($_COOKIE[$auth_cookie_name])) { return false; } $cookie_elements = explode('|', $_COOKIE[$auth_cookie_name]); if (count($cookie_elements) != 3) { return false; } //SwpmLog::log_auth_debug("validate() - " . $_COOKIE[$auth_cookie_name], true); list($username, $expiration, $hmac) = $cookie_elements; $expired = $expiration; // Allow a grace period for POST and AJAX requests if (defined('DOING_AJAX') || 'POST' == $_SERVER['REQUEST_METHOD']) { $expired += HOUR_IN_SECONDS; } // Quick check to see if an honest cookie has expired if ($expired < time()) { $this->lastStatusMsg = SwpmUtils::_("Session Expired."); //do_action('auth_cookie_expired', $cookie_elements); SwpmLog::log_auth_debug("validate() - Session Expired", true); return false; } global $wpdb; $query = " SELECT * FROM " . $wpdb->prefix . "swpm_members_tbl WHERE user_name = %s"; $user = $wpdb->get_row($wpdb->prepare($query, $username)); if (empty($user)) { $this->lastStatusMsg = SwpmUtils::_("Invalid User Name"); return false; } $pass_frag = substr($user->password, 8, 4); $key = SwpmAuth::b_hash($username . $pass_frag . '|' . $expiration); $hash = hash_hmac('md5', $username . '|' . $expiration, $key); if ($hmac != $hash) { $this->lastStatusMsg = SwpmUtils::_("Please login again."); SwpmLog::log_auth_debug("validate() - Bad Hash", true); return false; } if ($expiration < time()) { $GLOBALS['login_grace_period'] = 1; } $this->userData = $user; return $this->check_constraints(); }
public function downloadCourseMaterial($material_id) { global $wpdb; $auth = SwpmAuth::get_instance(); $user_data = (array) $auth->userData; $member_id = $user_data['member_id']; $user_name = $user_data['user_name']; $first_name = $user_data['first_name']; $last_name = $user_data['last_name']; $user_email = $user_data['email']; $membership_level = $user_data['membership_level']; $ip_used = $_SERVER['REMOTE_ADDR']; //$download_folder = SECURE_MEMBERS_MATERIAL_DOWNLOAD_DIR.'/'.$folder_requested.'/'; $download_limit = WP_MEMBERS_DOWNLOAD_LIMIT; $query = "SELECT material_name, path\r\n FROM wp_swpm_members_materials\r\n WHERE id = %d\r\n "; $get_dets = $wpdb->get_results($wpdb->prepare($query, $material_id), ARRAY_A); $get_dets = $get_dets[0]; $path = $get_dets['path']; $material_name = $get_dets['material_name']; $ext = pathinfo($material_name, PATHINFO_EXTENSION); $full_path = $path . $material_id . '.' . $ext; if (!file_exists($full_path)) { return "Sorry this file doesn't exist. Please contact us."; exit; } $query = "SELECT number_downloads\r\n FROM wp_swpm_members_downloads\r\n WHERE member_id = %d\r\n AND material_id_downloaded = %d"; $get_download_count = $wpdb->get_results($wpdb->prepare($query, $member_id, $material_id), ARRAY_A); $download_count = $get_download_count[0]; $download_count = $download_count['number_downloads']; if (!is_numeric($download_count)) { $query = "INSERT INTO\r\n wp_swpm_members_downloads\r\n (member_id, user_name,\r\n first_name, last_name,\r\n membership_level,\r\n file_downloaded,\r\n material_id_downloaded,\r\n number_downloads,\r\n ip_used)\r\n VALUES\r\n (%d, %s, %s, %s, %d, %s, %d, %d, %s)\r\n "; $wpdb->query($wpdb->prepare($query, $member_id, $user_name, $first_name, $last_name, $membership_level, $material_name, $material_id, 1, $ip_used)); $this->getLocalDownload($full_path, $material_name); } elseif ($download_count < $download_limit) { $new_download_count = $download_count + 1; $query = "UPDATE\r\n wp_swpm_members_downloads\r\n SET number_downloads = %d\r\n WHERE member_id = %d\r\n AND material_id_downloaded = %d\r\n "; $wpdb->query($wpdb->prepare($query, $new_download_count, $member_id, $material_id)); $this->getLocalDownload($full_path, $material_name); } else { $download_limit_reached = "Sorry, looks like you've reached your download limit for this material. Please contact us if you think there's been a mistake."; return $download_limit_reached; } }
public static function expired_user_has_access_to_this_page() { $auth = SwpmAuth::get_instance(); //Check if the user is logged-into the site. if (!$auth->is_logged_in()) { //Anonymous user. No access. No need to check anything else. return false; } //Check if account is expired. if (!$auth->is_expired_account()) { //This users account is not expired. No need to check anything else. return false; } /*** We have a expired member. Lets check if he is viewing a page that is a core system used URL. ***/ if (self::is_current_url_a_system_page()) { //Allow this expired user to view this post/page content since this is a core system page. return true; } //Not a system used page. So the expired user has no access to this page. return false; }
public function profile_form() { $auth = SwpmAuth::get_instance(); $this->notices(); if ($auth->is_logged_in()) { $out = apply_filters('swpm_profile_form_override', ''); if (!empty($out)) { return $out; } ob_start(); //Load the edit profile template SwpmUtilsTemplate::swpm_load_template('edit.php', false); return ob_get_clean(); } return SwpmUtils::_('You are not logged in.'); }