LLMS_Person_Handler::validate_fields( array $data, string $screen = 'registration' )
Validate submitted user data for registration or profile updates
Description Description
Parameters Parameters
- $data
-
(array) (Required) user data array array( 'user_login' => '', 'email_address' => '', 'email_address_confirm' => '', 'password' => '', 'password_confirm' => '', 'first_name' => '', 'last_name' => '', 'llms_billing_address_1' => '', 'llms_billing_address_2' => '', 'llms_billing_city' => '', 'llms_billing_state' => '', 'llms_billing_zip' => '', 'llms_billing_country' => '', 'llms_phone' => '', )
- $screen
-
(string) (Optional) screen to validate fields against, accepts "account", "checkout", "registration", or "update"
Default value: 'registration'
Return Return
(true|WP_Error)
Source Source
File: includes/class.llms.person.handler.php
public static function validate_fields( $data, $screen = 'registration' ) { if ( 'login' === $screen ) { $fields = self::get_login_fields(); } elseif ( 'reset_password' === $screen ) { $fields = self::get_password_reset_fields(); } else { $fields = self::get_available_fields( $screen ); // if no current password submitted with an account update // we can remove password fields so we don't get false validations if ( 'account' === $screen && empty( $data['current_password'] ) ) { unset( $data['current_password'], $data['password'], $data['password_confirm'] ); foreach ( $fields as $key => $field ) { if ( in_array( $field['id'], array( 'current_password', 'password', 'password_confirm' ) ) ) { unset( $fields[ $key ] ); } } } } $e = new WP_Error(); $matched_values = array(); foreach ( $fields as $field ) { $name = isset( $field['name'] ) ? $field['name'] : $field['id']; $label = isset( $field['label'] ) ? $field['label'] : $name; $field_type = isset( $field['type'] ) ? $field['type'] : ''; $val = isset( $data[ $name ] ) ? self::sanitize_field( $data[ $name ], $field_type ) : ''; // ensure required fields are submitted if ( isset( $field['required'] ) && $field['required'] && empty( $val ) ) { $e->add( $field['id'], sprintf( __( '%s is a required field', 'lifterlms' ), $label ), 'required' ); continue; } // check email field for uniqueness if ( 'email_address' === $name ) { $skip_email = false; // only run this check when we're trying to change the email address for an account update if ( 'account' === $screen ) { $user = wp_get_current_user(); if ( self::sanitize_field( $data['email_address'], 'email' ) === $user->user_email ) { $skip_email = true; } } if ( ! $skip_email && email_exists( $val ) ) { $e->add( $field['id'], sprintf( __( 'An account with the email address "%s" already exists.', 'lifterlms' ), $val ), 'email-exists' ); } } // End if(). elseif ( 'user_login' === $name ) { // blacklist usernames for security purposes $banned_usernames = apply_filters( 'llms_usernames_blacklist', array( 'admin', 'test', 'administrator', 'password', 'testing' ) ); if ( in_array( $val, $banned_usernames ) || ! validate_username( $val ) ) { $e->add( $field['id'], sprintf( __( 'The username "%s" is invalid, please try a different username.', 'lifterlms' ), $val ), 'invalid-username' ); } elseif ( username_exists( $val ) ) { $e->add( $field['id'], sprintf( __( 'An account with the username "%s" already exists.', 'lifterlms' ), $val ), 'username-exists' ); } } elseif ( 'llms_voucher' === $name && ! empty( $val ) ) { $v = new LLMS_Voucher(); $check = $v->check_voucher( $val ); if ( is_wp_error( $check ) ) { $e->add( $field['id'], $check->get_error_message(), 'voucher-' . $check->get_error_code() ); } } elseif ( 'current_password' === $name ) { $user = wp_get_current_user(); if ( ! wp_check_password( $val, $user->data->user_pass, $user->ID ) ) { $e->add( $field['id'], sprintf( __( 'The submitted %s was incorrect.', 'lifterlms' ), $field['label'] ), 'incorrect-password' ); } } // scrub and check field data types if ( isset( $field['type'] ) ) { switch ( $field['type'] ) { // ensure it's a selectable option case 'select': case 'radio': if ( ! in_array( $val, array_keys( $field['options'] ) ) ) { $e->add( $field['id'], sprintf( __( '"%1$s" is an invalid option for %2$s', 'lifterlms' ), $val, $label ), 'invalid' ); } break; // case 'password': // case 'text': // case 'textarea': // break; // make sure the value is numeric case 'number': if ( ! is_numeric( $val ) ) { $e->add( $field['id'], sprintf( __( '%s must be numeric', 'lifterlms' ), $label ), 'invalid' ); continue 2; } break; // validate the email address case 'email': if ( ! is_email( $val ) ) { $e->add( $field['id'], sprintf( __( '%s must be a valid email address', 'lifterlms' ), $label ), 'invalid' ); } break; } }// End if(). // store this fields label so it can be used in a match error later if necessary if ( ! empty( $field['matched'] ) ) { $matched_values[ $field['matched'] ] = $label; } // match matchy fields if ( ! empty( $field['match'] ) ) { $match = isset( $data[ $field['match'] ] ) ? self::sanitize_field( $data[ $field['match'] ], $field_type ) : false; if ( ! $match || $val !== $match ) { $e->add( $field['id'], sprintf( __( '%1$s must match %2$s', 'lifterlms' ), $matched_values[ $field['id'] ], $label ), 'match' ); } } }// End foreach(). // return errors if we have errors if ( $e->get_error_messages() ) { return $e; } return true; }
Expand full source code Collapse full source code View on GitHub
Changelog Changelog
Version | Description |
---|---|
3.0.0 | Introduced. |
User Contributed Notes User Contributed Notes
Permalink: