Changeset 10928 for sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/pending-create.php
- Timestamp:
- 04/27/2021 04:24:21 AM (4 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/pending-create.php
r10901 r10928 6 6 */ 7 7 8 // Clear the pending cookies, they're no longer needed. 9 if ( isset( $_COOKIE['wporg_profile_user'] ) ) { 10 setcookie( 'wporg_profile_user', false, time()-DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true ); 11 setcookie( 'wporg_profile_key', false, time()-DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true ); 12 } 8 $sso = WPOrg_SSO::get_instance(); 13 9 14 10 // Migrate to cookies. 15 if ( !empty( WP_WPOrg_SSO::$matched_route_params['confirm_user'] ) ) {16 setcookie( 'wporg_confirm_user', WP_WPOrg_SSO::$matched_route_params['confirm_user'], time()+DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true );17 setcookie( 'wporg_confirm_key', WP_WPOrg_SSO::$matched_route_params['confirm_key'], time()+DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true );11 if ( !empty( $sso::$matched_route_params['confirm_user'] ) ) { 12 setcookie( 'wporg_confirm_user', $sso::$matched_route_params['confirm_user'], time()+DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true ); 13 setcookie( 'wporg_confirm_key', $sso::$matched_route_params['confirm_key'], time()+DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true ); 18 14 19 15 wp_safe_redirect( '/register/create' ); … … 60 56 } 61 57 62 63 $error_recapcha_status = $error_akismet = false; 64 if ( isset( $_POST['user_pass'] ) ) { 58 $error_recapcha_status = false; 59 if ( isset( $_POST['user_pass'] ) && 2 !== $pending_user['cleared'] ) { 65 60 66 61 // Check reCaptcha status 67 if ( ! wporg_login_check_recapcha_status( 'pending_create' ) ) {68 // No no. "Please try again."62 if ( ! wporg_login_check_recapcha_status( 'pending_create', false ) ) { 63 unset( $_POST['user_pass'] ); 69 64 $error_recapcha_status = true; 70 unset( $_POST['user_pass'] ); 71 } 72 73 // Check Akismet 74 $akismet = wporg_login_check_akismet( 65 66 // Allow a recaptcha fail to try again, but if they're blocked due to low score, mark them as needing approval. 67 if ( ! wporg_login_check_recapcha_status( 'pending_create', true ) ) { 68 $pending_user['cleared'] = 0; 69 } 70 71 // Store for reference. 72 if ( isset( $_POST['_reCaptcha_v3_token'] ) ) { 73 $recaptcha_api = wporg_login_recaptcha_api( 74 $_POST['_reCaptcha_v3_token'], 75 RECAPTCHA_V3_PRIVKEY 76 ); 77 $pending_user['scores']['create_attempt'] = -1; 78 if ( $recaptcha_api && $recaptcha_api['success'] && 'pending_create' == $recaptcha_api['action'] ) { 79 $pending_user['scores']['create_attempt'] = $recaptcha_api['score']; 80 } 81 } 82 } 83 84 // Check Akismet with new profile information 85 $pending_user['meta']['akismet_result'] = wporg_login_check_akismet( 75 86 $pending_user['user_login'], 76 87 $pending_user['user_email'], … … 83 94 ); 84 95 85 // Store for reference. 86 $pending_user['meta']['akismet_result'] = $akismet; 96 if ( 'spam' === $pending_user['meta']['akismet_result'] ) { 97 $pending_user['cleared'] = 0; 98 unset( $_POST['user_pass'] ); 99 } 100 87 101 wporg_update_pending_user( $pending_user ); 88 89 if ( 'spam' == $akismet ) { 90 // No no. "Please try again." 91 $error_akismet = true; 92 unset( $_POST['user_pass'] ); 93 } 94 102 } 103 104 if ( ! $pending_user['cleared'] ) { 105 if ( ! empty( $_COOKIE['wporg_profile_user'] ) ) { 106 // Throw the user back to the pending screen after being detected as spam at this point. 107 wp_safe_redirect( '/register/create-profile/' ); 108 die(); 109 } 110 111 unset( $_POST['user_pass'] ); 95 112 } 96 113 … … 101 118 $user = wporg_login_create_user_from_pending( $pending_user, $user_pass ); 102 119 if ( $user ) { 120 121 // Clear the cookies, they're no longer needed. 122 setcookie( 'wporg_profile_user', false, time()-DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true ); 123 setcookie( 'wporg_profile_key', false, time()-DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true ); 103 124 setcookie( 'wporg_confirm_user', false, time()-DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true ); 104 125 setcookie( 'wporg_confirm_key', false, time()-DAY_IN_SECONDS, '/register/', 'login.wordpress.org', true, true ); … … 121 142 ?> 122 143 123 <p class="intro">124 <?php _e( 'Set your password and complete your WordPress.org Profile information.', 'wporg' ); ?>125 </p>126 127 144 <form name="registerform" id="registerform" action="" method="post"> 128 145 129 <p class="login-login"> 130 <label for="user_login"><?php _e( 'Username', 'wporg' ); ?></label> 131 <input type="text" disabled="disabled" class=" disabled" value="<?php echo esc_attr( $activation_user ); ?>" size="20" /> 132 </p> 133 134 <div class="user-pass1-wrap"> 146 <?php if ( ! $pending_user['cleared'] ) { ?> 147 <div class="message info"> 148 <p><?php 149 printf( 150 /* translators: %s Email address */ 151 __( 'Your account is pending approval. You will receive an email at %s to set your password when approved.', 'wporg' ) . '<br>' . 152 __( 'Please contact %s for more details.', 'wporg' ), 153 '<code>' . esc_html( $pending_user['user_email'] ) . '</code>', 154 '<a href="mailto:' . $sso::SUPPORT_EMAIL . '">' . $sso::SUPPORT_EMAIL . '</a>' 155 ); 156 ?></p> 157 </div> 158 <?php } ?> 159 160 <p class="intro"> 161 <?php _e( 'Set your password and complete your WordPress.org Profile information.', 'wporg' ); ?> 162 </p> 163 164 <p class="login-login"> 165 <label for="user_login"><?php _e( 'Username', 'wporg' ); ?></label> 166 <input type="text" disabled="disabled" class=" disabled" value="<?php echo esc_attr( $activation_user ); ?>" size="20" /> 167 </p> 168 169 <div class="user-pass1-wrap"> 135 170 <p> 136 171 <label for="pass1"><?php _e( 'Password', 'wporg' ); ?></label> … … 145 180 </div> 146 181 147 <!-- <p class="description indicator-hint"><?php _e( 'Hint: The password should be at least twelve characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).', 'wporg' ); ?></p> -->148 149 182 <?php 150 183 $fields = &$pending_user['meta']; 151 184 include __DIR__ . '/partials/register-profilefields.php'; 152 185 ?> 186 153 187 <?php 154 if ( $error_recapcha_status || $error_akismet) {188 if ( $error_recapcha_status ) { 155 189 echo '<div class="message error"><p>' . __( 'Please try again.', 'wporg' ) . '</p></div>'; 156 190 }
Note: See TracChangeset
for help on using the changeset viewer.