wpallstars/wp-multisite-waas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Prep Plugin for release on WordPress.org

Browse Source 
Escape everything that should be escaped.
Add nonce checks where needed.
Sanitize all inputs.
Apply Code style changes across the codebase.
Correct many deprecation notices.
Optimize load order of many filters.
This commit is contained in:
David Stone
2025-04-07 09:15:21 -06:00
parent f05ab77418
commit a815fdf179
290 changed files with 2999 additions and 3269 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
inc/managers/class-customer-manager.php
View File

@ -11,7 +11,7 @@
namespace WP_Ultimo\Managers;
use WP_Ultimo\Managers\Base_Manager;
use WP_Ultimo\Checkout\Checkout;
use WP_Ultimo\Models\Customer;
use WP_Ultimo\Database\Memberships\Membership_Status;
@ -129,7 +129,7 @@ class Customer_Manager extends Base_Manager {
*
* @since 2.0.0
*
* @param WP_User $user The WP User object of the user that logged in.
* @param \WP_User $user The WP User object of the user that logged in.
* @return void
*/
public function log_ip_and_last_login($user): void {
@ -200,13 +200,15 @@ class Customer_Manager extends Base_Manager {
wp_die(
sprintf(
/* translators: the placeholder is the login URL */
__('You must be authenticated in order to verify your email address. <a href=%s>Click here</a> to access your account.', 'wp-multisite-waas'),
wp_login_url(
add_query_arg(
[
'email-verification-key' => $email_verify_key,
'customer' => $customer_hash,
]
wp_kses_post(__('You must be authenticated in order to verify your email address. <a href=%s>Click here</a> to access your account.', 'wp-multisite-waas')),
esc_attr(
wp_login_url(
add_query_arg(
[
'email-verification-key' => $email_verify_key,
'customer' => $customer_hash,
]
)
)
)
)
@ -214,31 +216,31 @@ class Customer_Manager extends Base_Manager {
}
if ( ! $customer_to_verify) {
wp_die(__('Invalid verification key.', 'wp-multisite-waas'));
wp_die(wp_kses_post(__('<strong>ERROR:</strong> Invalid verification key.', 'wp-multisite-waas')));
}
$current_customer = wu_get_current_customer();
if ( ! $current_customer) {
wp_die(__('Invalid verification key.', 'wp-multisite-waas'));
wp_die(wp_kses_post(__('<strong>Error:</strong> Invalid verification key.', 'wp-multisite-waas')));
}
if ($current_customer->get_id() !== $customer_to_verify->get_id()) {
wp_die(__('Invalid verification key.', 'wp-multisite-waas'));
wp_die(esc_html__('Invalid verification key.', 'wp-multisite-waas'));
}
if ($customer_to_verify->get_email_verification() !== 'pending') {
wp_die(__('Invalid verification key.', 'wp-multisite-waas'));
wp_die(esc_html__('Invalid verification key.', 'wp-multisite-waas'));
}
$key = $customer_to_verify->get_verification_key();
if ( ! $key) {
wp_die(__('Invalid verification key.', 'wp-multisite-waas'));
wp_die(wp_kses_post(__('<strong>Error:</strong> Invalid verification key.', 'wp-multisite-waas')));
}
if ($key !== $email_verify_key) {
wp_die(__('Invalid verification key.', 'wp-multisite-waas'));
wp_die(esc_html__('Invalid verification key.', 'wp-multisite-waas'));
}
/*
@ -287,13 +289,13 @@ class Customer_Manager extends Base_Manager {
wu_get_registration_url()
);
wp_redirect($redirect_url);
wp_safe_redirect($redirect_url);
exit;
}
}
wp_redirect(get_admin_url($customer_to_verify->get_primary_site_id()));
wp_safe_redirect(get_admin_url($customer_to_verify->get_primary_site_id()));
exit;
}