LLMS_Person_Handler::validate_fields( array $data, string $screen = 'registration' )

Validate submitted user data for registration or profile updates


Description Description


Parameters Parameters

$data

(array) (Required) user data array array( 'user_login' => '', 'email_address' => '', 'email_address_confirm' => '', 'password' => '', 'password_confirm' => '', 'first_name' => '', 'last_name' => '', 'llms_billing_address_1' => '', 'llms_billing_address_2' => '', 'llms_billing_city' => '', 'llms_billing_state' => '', 'llms_billing_zip' => '', 'llms_billing_country' => '', 'llms_phone' => '', )

$screen

(string) (Optional) screen to validate fields against, accepts "account", "checkout", "registration", or "update"

Default value: 'registration'


Top ↑

Return Return

(true|WP_Error)


Top ↑

Source Source

File: includes/class.llms.person.handler.php

	public static function validate_fields( $data, $screen = 'registration' ) {

		if ( 'login' === $screen ) {

			$fields = self::get_login_fields();

		} elseif ( 'reset_password' === $screen ) {

			$fields = self::get_password_reset_fields();

		} else {

			$fields = self::get_available_fields( $screen );

			// if no current password submitted with an account update
			// we can remove password fields so we don't get false validations
			if ( 'account' === $screen && empty( $data['current_password'] ) ) {
				unset( $data['current_password'], $data['password'], $data['password_confirm'] );
				foreach ( $fields as $key => $field ) {
					if ( in_array( $field['id'], array( 'current_password', 'password', 'password_confirm' ) ) ) {
						unset( $fields[ $key ] );
					}
				}
			}
		}

		$e = new WP_Error();

		$matched_values = array();

		foreach ( $fields as $field ) {

			$name = isset( $field['name'] ) ? $field['name'] : $field['id'];
			$label = isset( $field['label'] ) ? $field['label'] : $name;

			$field_type = isset( $field['type'] ) ? $field['type'] : '';
			$val = isset( $data[ $name ] ) ? self::sanitize_field( $data[ $name ], $field_type ) : '';

			// ensure required fields are submitted
			if ( isset( $field['required'] ) && $field['required'] && empty( $val ) ) {

				$e->add( $field['id'], sprintf( __( '%s is a required field', 'lifterlms' ), $label ), 'required' );
				continue;

			}

			// check email field for uniqueness
			if ( 'email_address' === $name ) {

				$skip_email = false;

				// only run this check when we're trying to change the email address for an account update
				if ( 'account' === $screen ) {
					$user = wp_get_current_user();
					if ( self::sanitize_field( $data['email_address'], 'email' ) === $user->user_email ) {
						$skip_email = true;
					}
				}

				if ( ! $skip_email && email_exists( $val ) ) {
					$e->add( $field['id'], sprintf( __( 'An account with the email address "%s" already exists.', 'lifterlms' ), $val ), 'email-exists' );
				}
			} // End if().
			elseif ( 'user_login' === $name ) {

				// blacklist usernames for security purposes
				$banned_usernames = apply_filters( 'llms_usernames_blacklist', array( 'admin', 'test', 'administrator', 'password', 'testing' ) );

				if ( in_array( $val, $banned_usernames ) || ! validate_username( $val ) ) {

					$e->add( $field['id'], sprintf( __( 'The username "%s" is invalid, please try a different username.', 'lifterlms' ), $val ), 'invalid-username' );

				} elseif ( username_exists( $val ) ) {

					$e->add( $field['id'], sprintf( __( 'An account with the username "%s" already exists.', 'lifterlms' ), $val ), 'username-exists' );

				}
			} elseif ( 'llms_voucher' === $name && ! empty( $val ) ) {

				$v = new LLMS_Voucher();
				$check = $v->check_voucher( $val );
				if ( is_wp_error( $check ) ) {
					$e->add( $field['id'], $check->get_error_message(), 'voucher-' . $check->get_error_code() );
				}
			} elseif ( 'current_password' === $name ) {
				$user = wp_get_current_user();
				if ( ! wp_check_password( $val, $user->data->user_pass, $user->ID ) ) {
					$e->add( $field['id'], sprintf( __( 'The submitted %s was incorrect.', 'lifterlms' ), $field['label'] ), 'incorrect-password' );
				}
			}

			// scrub and check field data types
			if ( isset( $field['type'] ) ) {

				switch ( $field['type'] ) {

					// ensure it's a selectable option
					case 'select':
					case 'radio':
						if ( ! in_array( $val, array_keys( $field['options'] ) ) ) {
							$e->add( $field['id'], sprintf( __( '"%1$s" is an invalid option for %2$s', 'lifterlms' ), $val, $label ), 'invalid' );
						}
					break;

					// case 'password':
					// case 'text':
					// case 'textarea':
					// break;

					// make sure the value is numeric
					case 'number':
						if ( ! is_numeric( $val ) ) {
							$e->add( $field['id'], sprintf( __( '%s must be numeric', 'lifterlms' ), $label ), 'invalid' );
							continue 2;
						}
					break;

					// validate the email address
					case 'email':
						if ( ! is_email( $val ) ) {
							$e->add( $field['id'], sprintf( __( '%s must be a valid email address', 'lifterlms' ), $label ), 'invalid' );
						}
					break;

				}
			}// End if().

			// store this fields label so it can be used in a match error later if necessary
			if ( ! empty( $field['matched'] ) ) {

				$matched_values[ $field['matched'] ] = $label;

			}

			// match matchy fields
			if ( ! empty( $field['match'] ) ) {

				$match = isset( $data[ $field['match'] ] ) ? self::sanitize_field( $data[ $field['match'] ], $field_type ) : false;
				if ( ! $match || $val !== $match ) {

					$e->add( $field['id'], sprintf( __( '%1$s must match %2$s', 'lifterlms' ), $matched_values[ $field['id'] ], $label ), 'match' );

				}
			}
		}// End foreach().

		// return errors if we have errors
		if ( $e->get_error_messages() ) {
			return $e;
		}

		return true;

	}

Top ↑

Changelog Changelog

Changelog
Version Description
3.0.0 Introduced.


Top ↑

User Contributed Notes User Contributed Notes

You must log in before being able to contribute a note or feedback.





Permalink: