'edit_profile', 'form_fields' => array(), 'form_name' => sanitize_text_field( $_POST['form_name'] ), 'role' => '', 'ID' => Profile_Builder_Form_Creator::wppb_get_form_id_from_form_name( sanitize_text_field( $_POST['form_name'] ), 'edit_profile' ), 'context' => 'edit_profile_auto_login_after_password_change' ) ); if( !empty( $form_fields ) ){ $edited_user_id = get_current_user_id(); if( ( !is_multisite() && current_user_can( 'edit_users' ) ) || ( is_multisite() && current_user_can( 'manage_network' ) ) ) { if( isset( $_GET['edit_user'] ) && ! empty( $_GET['edit_user'] ) ){ $edited_user_id = absint( $_GET['edit_user'] ); } } /* check for errors in the form through the filters */ $output_field_errors = array(); foreach( $form_fields as $field ){ //this is not perfect because we don't know the role attribute for the form here so we send it as '' in the filter, but as of v 2.9.0 it is not needed anywhere so we're good $error_for_field = apply_filters( 'wppb_check_form_field_'.Wordpress_Creation_Kit_PB::wck_generate_slug( $field['field'] ), '', $field, $_POST, 'edit_profile', '', $edited_user_id ); if( !empty( $error_for_field ) ) $output_field_errors[$field['id']] = '' . $error_for_field . ''; } /* if we have no errors change the password */ if( empty( $output_field_errors ) ) { $user_id = get_current_user_id(); if( ( !is_multisite() && current_user_can( 'edit_users' ) ) || ( is_multisite() && current_user_can( 'manage_network' ) ) ) { if( isset( $_GET['edit_user'] ) && ! empty( $_GET['edit_user'] ) ){ $user_id = absint( $_GET['edit_user'] ); } } if( !isset( $_GET['edit_user'] ) ) { wp_clear_auth_cookie(); /* set the new password for the user */ wp_set_password($_POST['passw1'], $user_id);//phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized // Here we calculate the expiration length of the current auth cookie and compare it to the default expiration. // If it's greater than this, then we know the user checked 'Remember Me' when they logged in. $logged_in_cookie = wp_parse_auth_cookie('', 'logged_in'); /** This filter is documented in wp-includes/pluggable.php */ $default_cookie_life = apply_filters('auth_cookie_expiration', (2 * DAY_IN_SECONDS), $user_id, false); $remember = (($logged_in_cookie['expiration'] - time()) > $default_cookie_life); wp_set_auth_cookie($user_id, $remember, '', wp_get_session_token() ); } else{ wp_set_password($_POST['passw1'], $user_id); //phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized } /* log out of other sessions or all sessions if the admin is editing the profile */ $sessions = WP_Session_Tokens::get_instance( $user_id ); if ( $user_id === get_current_user_id() ) { $sessions->destroy_others( wp_get_session_token() ); } else { $sessions->destroy_all(); } } } } } } function wppb_front_end_profile_info( $atts ){ // get value set in the shortcode as parameter, still need to default to something else than empty string extract( shortcode_atts( array( 'form_name' => 'unspecified', 'redirect_url' => '', 'redirect_priority' => 'normal' ), $atts, 'wppb-edit-profile' ) ); $form = new Profile_Builder_Form_Creator( array( 'form_type' => 'edit_profile', 'form_name' => $form_name, 'redirect_url' => $redirect_url, 'redirect_priority' => $redirect_priority ) ); return $form; }