in web/wp-content/plugins/acf-extended/includes/modules/form/module-form-action-user.php [330:536]
function validate_action($form, $action){
// check built-in validation
if(empty($action['validation'])){
return false;
}
// errors
$errors = array(
'empty_user_pass' => __('An error has occured. Please try again', 'acfe'),
'invalid_email' => __('Invalid e-mail', 'acfe'),
'invalid_email_password' => __('Invalid e-mail or password', 'acfe'),
'invalid_username' => __('Invalid username', 'acfe'),
'invalid_username_password' => __('Invalid username or password', 'acfe'),
'used_email' => __('E-mail address is already used', 'acfe'),
'used_username' => __('Username is already used', 'acfe'),
'long_username' => __('Username may not be longer than 60 characters.'),
);
// filters
$errors = apply_filters("acfe/form/validate_user_errors", $errors, $form, $action);
$errors = apply_filters("acfe/form/validate_user_errors/form={$form['name']}", $errors, $form, $action);
$errors = apply_filters("acfe/form/validate_user_errors/action={$action['name']}", $errors, $form, $action);
// apply tags
$action = $this->setup_action($action, $form);
// switch type
switch($action['type']){
// insert user
case 'insert_user':{
// check user login input is filled
if(!empty($action['save']['user_login'])){
// login too long
if(mb_strlen($action['save']['user_login']) > 60){
return acfe_add_validation_error('', $errors['long_username']);
// login already exists
// note: username_exists() returns user ID if exists
}elseif(username_exists($action['save']['user_login'])){
return acfe_add_validation_error('', $errors['used_username']);
}
// illegal login
$illegal_logins = (array) apply_filters('illegal_user_logins', array());
if(in_array(strtolower($action['save']['user_login']), array_map('strtolower', $illegal_logins), true)){
return acfe_add_validation_error('', $errors['invalid_username']);
}
}
// empty email
if(empty($action['save']['user_email']) || !is_email($action['save']['user_email'])){
return acfe_add_validation_error('', $errors['invalid_email']);
// email exists
}elseif(email_exists($action['save']['user_email'])){
return acfe_add_validation_error('', $errors['used_email']);
}
break;
}
// update user
case 'update_user':{
// check user login input is filled
if(!empty($action['save']['user_login'])){
// login too long
if(mb_strlen($action['save']['user_login']) > 60){
return acfe_add_validation_error('', $errors['long_username']);
// login already exists
// note: username_exists() returns user ID if exists
}elseif(username_exists($action['save']['user_login']) && username_exists($action['save']['user_login']) !== (int) $action['save']['target']){
return acfe_add_validation_error('', $errors['used_username']);
}
// illegal login
$illegal_logins = (array) apply_filters('illegal_user_logins', array());
if(in_array(strtolower($action['save']['user_login']), array_map('strtolower', $illegal_logins), true)){
return acfe_add_validation_error('', $errors['invalid_username']);
}
}
// check user email input is filled
if(!empty($action['save']['user_email'])){
// invalid email
if(!is_email($action['save']['user_email'])){
return acfe_add_validation_error('', $errors['invalid_email']);
// email already exists
// note: email_exists() returns user ID if exists
}elseif(email_exists($action['save']['user_email']) && email_exists($action['save']['user_email']) !== (int) $action['save']['target']){
return acfe_add_validation_error('', $errors['used_email']);
}
}
break;
}
// log user
case 'log_user':{
// vars
$login = $action['login']['user'];
$pass = $action['login']['pass'];
// empty login or pass
if(empty($login) || empty($pass)){
return acfe_add_validation_error('', $errors['empty_user_pass']);
}
// switch login type
switch($action['login']['type']){
// email
case 'email':{
// already sanitized
if(empty($login) || !is_email($login)){
return acfe_add_validation_error('', $errors['invalid_email']);
}
// get user
$user = get_user_by('email', $login);
if(!$user || !wp_check_password($pass, $user->data->user_pass, $user->ID)){
return acfe_add_validation_error('', $errors['invalid_email_password']);
}
break;
}
// username
case 'username':{
// already sanitized
if(empty($login)){
return acfe_add_validation_error('', $errors['invalid_username']);
}
// get user
$user = get_user_by('login', $login);
if(!$user || !wp_check_password($pass, $user->data->user_pass, $user->ID)){
return acfe_add_validation_error('', $errors['invalid_username_password']);
}
break;
}
// email username
case 'email_username':{
// email
if(is_email($login)){
// already sanitized
if(empty($login)){
return acfe_add_validation_error('', $errors['invalid_email']);
}
// get user
$user = get_user_by('email', $login);
if(!$user || !wp_check_password($pass, $user->data->user_pass, $user->ID)){
return acfe_add_validation_error('', $errors['invalid_email_password']);
}
// username
}else{
// already sanitized
if(empty($login)){
return acfe_add_validation_error('', $errors['invalid_username']);
}
// get user
$user = get_user_by('login', $login);
if(!$user || !wp_check_password($pass, $user->data->user_pass, $user->ID)){
return acfe_add_validation_error('', $errors['invalid_username_password']);
}
}
break;
}
}
break;
}
}
}