Skip to content

Commit

Permalink
fix: conflict with WC Stripe Gateway plugin
Browse files Browse the repository at this point in the history
  • Loading branch information
@sapayth
sapayth committed Mar 20, 2024
1 parent 7b1718e commit b3247ce
Showing 1 changed file with 86 additions and 66 deletions.
152 changes: 86 additions & 66 deletions includes/Free/Simple_Login.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -410,105 +410,125 @@ public function login_form() {
return ob_get_clean();
}

/**
* Remove selected cookie to have consistency with the login nonce.
* fixes WooCommerce Stripe Gateway plugin conflict
*
* @since WPUF_SINCE
*
* @return void
*/
public function unset_logged_in_cookie() {
if ( isset( $_COOKIE[ LOGGED_IN_COOKIE ] ) ) {
unset( $_COOKIE[ LOGGED_IN_COOKIE ] );
}
}

/**
* Process login form
*
* @return void
*/
public function process_login() {
if ( ! empty( $_POST['wpuf_login'] ) && ! empty( $_POST['wpuf-login-nonce'] ) ) {
$creds = [];
if ( empty( $_POST['wpuf_login'] ) || empty( $_POST['wpuf-login-nonce'] ) ) {
return;
}

$nonce = sanitize_key( wp_unslash( $_POST['wpuf-login-nonce'] ) );
// unset the specific cookie to fix WooCommerce Stripe Gateway plugin conflict
add_action( 'set_logged_in_cookie', [ $this, 'unset_logged_in_cookie' ], 11 );

if ( isset( $nonce ) && ! wp_verify_nonce( $nonce, 'wpuf_login_action' ) ) {
$this->login_errors[] = __( 'Nonce is invalid', 'wp-user-frontend' );
$creds = [];

return;
}
$nonce = sanitize_key( wp_unslash( $_POST['wpuf-login-nonce'] ) );

$log = isset( $_POST['log'] ) ? esc_attr( wp_unslash( $_POST['log'] ) ) : '';
$pwd = isset( $_POST['pwd'] ) ? trim( $_POST['pwd'] ) : '';
// $g_recaptcha_response = isset( $_POST['g-recaptcha-response'] ) ? sanitize_text_field( wp_unslash( $_POST['g-recaptcha-response'] ) ) : '';

$validation_error = new WP_Error();
$validation_error = apply_filters( 'wpuf_process_login_errors', $validation_error, $log, $pwd );
if ( isset( $nonce ) && ! wp_verify_nonce( $nonce, 'wpuf_login_action' ) ) {
$this->login_errors[] = __( 'Nonce is invalid', 'wp-user-frontend' );

if ( $validation_error->get_error_code() ) {
$this->login_errors[] = $validation_error->get_error_message();
return;
}

return;
}
$log = isset( $_POST['log'] ) ? sanitize_text_field( wp_unslash( $_POST['log'] ) ) : '';
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput
$pwd = isset( $_POST['pwd'] ) ? sanitize_text_field( wp_unslash( trim( $_POST['pwd'] ) ) ) : '';
// $g_recaptcha_response = isset( $_POST['g-recaptcha-response'] ) ? sanitize_text_field( wp_unslash( $_POST['g-recaptcha-response'] ) ) : '';

if ( empty( $log ) ) {
$this->login_errors[] = __( 'Username is required.', 'wp-user-frontend' );
$validation_error = new WP_Error();
$validation_error = apply_filters( 'wpuf_process_login_errors', $validation_error, $log, $pwd );

return;
}
if ( $validation_error->get_error_code() ) {
$this->login_errors[] = $validation_error->get_error_message();

if ( empty( $pwd ) ) {
$this->login_errors[] = __( 'Password is required.', 'wp-user-frontend' );
return;
}

return;
}
if ( empty( $log ) ) {
$this->login_errors[] = __( 'Username is required.', 'wp-user-frontend' );

if ( isset( $_POST['g-recaptcha-response'] ) ) {
if ( empty( $_POST['g-recaptcha-response'] ) ) {
$this->login_errors[] = __( 'Empty reCaptcha Field', 'wp-user-frontend' );
return;
} else {
$no_captcha = 1;
$invisible_captcha = 0;
Render_Form::init()->validate_re_captcha( $no_captcha, $invisible_captcha );
}
}
return;
}

if ( is_email( $log ) && apply_filters( 'wpuf_get_username_from_email', true ) ) {
$user = get_user_by( 'email', $log );
if ( empty( $pwd ) ) {
$this->login_errors[] = __( 'Password is required.', 'wp-user-frontend' );

if ( isset( $user->user_login ) ) {
$creds['user_login'] = $user->user_login;
} else {
$this->login_errors[] = '<strong>' . __( 'Error', 'wp-user-frontend' ) . ':</strong> ' . __( 'A user could not be found with this email address.', 'wp-user-frontend' );
return;
}

return;
}
if ( isset( $_POST['g-recaptcha-response'] ) ) {
if ( empty( $_POST['g-recaptcha-response'] ) ) {
$this->login_errors[] = __( 'Empty reCaptcha Field', 'wp-user-frontend' );
return;
} else {
$creds['user_login'] = $log;
$no_captcha = 1;
$invisible_captcha = 0;
Render_Form::init()->validate_re_captcha( $no_captcha, $invisible_captcha );
}
}

$creds['user_password'] = $pwd;
$creds['remember'] = isset( $_POST['rememberme'] ) ? sanitize_text_field( wp_unslash( $_POST['rememberme'] ) ) : '';
if ( is_email( $log ) && apply_filters( 'wpuf_get_username_from_email', true ) ) {
$user = get_user_by( 'email', $log );

if ( isset( $user->user_login ) ) {
$validate = wp_authenticate_email_password( null, trim( $log ), $creds['user_password'] );
$creds['user_login'] = $user->user_login;
} else {
$this->login_errors[] = '<strong>' . __( 'Error', 'wp-user-frontend' ) . ':</strong> ' . __( 'A user could not be found with this email address.', 'wp-user-frontend' );

if ( is_wp_error( $validate ) ) {
$this->login_errors[] = $validate->get_error_message();
return;
}
return;
}
} else {
$creds['user_login'] = $log;
}

$secure_cookie = is_ssl() ? true : false;
$user = wp_signon( apply_filters( 'wpuf_login_credentials', $creds ), $secure_cookie );
$creds['user_password'] = $pwd;
$creds['remember'] = isset( $_POST['rememberme'] ) ? sanitize_text_field( wp_unslash( $_POST['rememberme'] ) ) : '';

//try with old implementation, which is wrong but we must support that
if ( is_wp_error( $user ) ) {
$creds['user_login'] = sanitize_text_field( wp_unslash( $_POST['log'] ) );
$creds['user_password'] = sanitize_text_field( wp_unslash( $_POST['pwd'] ) );
if ( isset( $user->user_login ) ) {
$validate = wp_authenticate_email_password( null, trim( $log ), $creds['user_password'] );

$user = wp_signon( apply_filters( 'wpuf_login_credentials', $creds ), $secure_cookie );
if ( is_wp_error( $validate ) ) {
$this->login_errors[] = $validate->get_error_message();
return;
}
}

if ( is_wp_error( $user ) ) {
$this->login_errors[] = $user->get_error_message();
$secure_cookie = is_ssl() ? true : false;
$user = wp_signon( apply_filters( 'wpuf_login_credentials', $creds ), $secure_cookie );

return;
} else {
$redirect = $this->login_redirect();
wp_redirect( apply_filters( 'wpuf_login_redirect', $redirect, $user ) );
exit;
}
//try with old implementation, which is wrong but we must support that
if ( is_wp_error( $user ) ) {
$creds['user_login'] = sanitize_text_field( wp_unslash( $_POST['log'] ) );
$creds['user_password'] = sanitize_text_field( wp_unslash( $_POST['pwd'] ) );

$user = wp_signon( apply_filters( 'wpuf_login_credentials', $creds ), $secure_cookie );
}

if ( is_wp_error( $user ) ) {
$this->login_errors[] = $user->get_error_message();

return;
} else {
$redirect = $this->login_redirect();
wp_safe_redirect( apply_filters( 'wpuf_login_redirect', $redirect, $user ) );
exit;
}
}

Expand Down

0 comments on commit b3247ce

Please sign in to comment.