weDevsOfficial · sapayth · May 6, 2024 · Mar 20, 2024 · Apr 3, 2024 · Apr 23, 2024
diff --git a/includes/Free/Simple_Login.php b/includes/Free/Simple_Login.php
@@ -410,115 +410,134 @@ public function login_form() {
         return ob_get_clean();
     }
 
+    /**
+     * Remove selected cookie to have consistency with the login nonce.
+     * fixes WooCommerce Stripe Gateway plugin conflict
+     *
+     * @since WPUF_SINCE
+     *
+     * @return void
+     */
+    public function unset_logged_in_cookie() {
+        if ( isset( $_COOKIE[ LOGGED_IN_COOKIE ] ) ) {
+            unset( $_COOKIE[ LOGGED_IN_COOKIE ] );
+        }
+    }
+
     /**
      * Process login form
      *
      * @return void
      */
     public function process_login() {
-        if ( ! empty( $_POST['wpuf_login'] ) && ! empty( $_POST['wpuf-login-nonce'] ) ) {
-            $creds = [];
+        if ( empty( $_POST['wpuf_login'] ) || empty( $_POST['wpuf-login-nonce'] ) ) {
+            return;
+        }
 
-            $nonce = sanitize_key( wp_unslash( $_POST['wpuf-login-nonce'] ) );
+        // unset the specific cookie to fix WooCommerce Stripe Gateway plugin conflict
+        add_action( 'set_logged_in_cookie', [ $this, 'unset_logged_in_cookie' ], 11 );
 
-            if ( isset( $nonce ) && ! wp_verify_nonce( $nonce, 'wpuf_login_action' ) ) {
-                $this->login_errors[] = __( 'Nonce is invalid', 'wp-user-frontend' );
+        $creds = [];
 
-                return;
-            }
+        $nonce = sanitize_key( wp_unslash( $_POST['wpuf-login-nonce'] ) );
 
-            $log = isset( $_POST['log'] ) ? esc_attr( wp_unslash( $_POST['log'] ) ) : '';
-            $pwd = isset( $_POST['pwd'] ) ? trim( $_POST['pwd'] ) : '';
-            // $g_recaptcha_response = isset( $_POST['g-recaptcha-response'] ) ? sanitize_text_field( wp_unslash( $_POST['g-recaptcha-response'] ) ) : '';
+        if ( isset( $nonce ) && ! wp_verify_nonce( $nonce, 'wpuf_login_action' ) ) {
+            $this->login_errors[] = __( 'Nonce is invalid', 'wp-user-frontend' );
 
-            $validation_error = new WP_Error();
-            $validation_error = apply_filters( 'wpuf_process_login_errors', $validation_error, $log, $pwd );
+            return;
+        }
 
-            if ( $validation_error->get_error_code() ) {
-                $this->login_errors[] = $validation_error->get_error_message();
+        $log = isset( $_POST['log'] ) ? esc_attr( wp_unslash( $_POST['log'] ) ) : '';
+        $pwd = isset( $_POST['pwd'] ) ? trim( $_POST['pwd'] ) : '';
+        // $g_recaptcha_response = isset( $_POST['g-recaptcha-response'] ) ? sanitize_text_field( wp_unslash( $_POST['g-recaptcha-response'] ) ) : '';
 
-                return;
-            }
+        $validation_error = new WP_Error();
+        $validation_error = apply_filters( 'wpuf_process_login_errors', $validation_error, $log, $pwd );
 
-            if ( empty( $log ) ) {
-                $this->login_errors[] = __( 'Username is required.', 'wp-user-frontend' );
+        if ( $validation_error->get_error_code() ) {
+            $this->login_errors[] = $validation_error->get_error_message();
 
-                return;
-            }
+            return;
+        }
 
-            if ( empty( $pwd ) ) {
-                $this->login_errors[] = __( 'Password is required.', 'wp-user-frontend' );
+        if ( empty( $log ) ) {
+            $this->login_errors[] = __( 'Username is required.', 'wp-user-frontend' );
 
-                return;
-            }
+            return;
+        }
 
-            if ( isset( $_POST['g-recaptcha-response'] ) ) {
-                if ( empty( $_POST['g-recaptcha-response'] ) ) {
-                    $this->login_errors[] = __( 'Empty reCaptcha Field', 'wp-user-frontend' );
-                    return;
-                } else {
-                    $no_captcha = 1;
-                    $invisible_captcha = 0;
-                    Render_Form::init()->validate_re_captcha( $no_captcha, $invisible_captcha );
-                }
+        if ( empty( $pwd ) ) {
+            $this->login_errors[] = __( 'Password is required.', 'wp-user-frontend' );
+
+            return;
+        }
+
+        if ( isset( $_POST['g-recaptcha-response'] ) ) {
+            if ( empty( $_POST['g-recaptcha-response'] ) ) {
+                $this->login_errors[] = __( 'Empty reCaptcha Field', 'wp-user-frontend' );
+                return;
+            } else {
+                $no_captcha = 1;
+                $invisible_captcha = 0;
+                Render_Form::init()->validate_re_captcha( $no_captcha, $invisible_captcha );
             }
+        }
 
-            if ( is_email( $log ) && apply_filters( 'wpuf_get_username_from_email', true ) ) {
-                $user = get_user_by( 'email', $log );
+        if ( is_email( $log ) && apply_filters( 'wpuf_get_username_from_email', true ) ) {
+            $user = get_user_by( 'email', $log );
 
-                if ( isset( $user->user_login ) ) {
-                    $creds['user_login'] = $user->user_login;
-                } else {
-                    $this->login_errors[] = '<strong>' . __( 'Error', 'wp-user-frontend' ) . ':</strong> ' . __( 'A user could not be found with this email address.', 'wp-user-frontend' );
+            if ( isset( $user->user_login ) ) {
+                $creds['user_login'] = $user->user_login;
+            } else {
+                $this->login_errors[] = '<strong>' . __( 'Error', 'wp-user-frontend' ) . ':</strong> ' . __( 'A user could not be found with this email address.', 'wp-user-frontend' );
 
-                    return;
-                }
+                return;
+            }
 
-                $wpuf_user_status = get_user_meta( $user->ID, 'wpuf_user_status', true );
+            $wpuf_user_status = get_user_meta( $user->ID, 'wpuf_user_status', true );
 
-                if ( 'approved' !== $wpuf_user_status ) {
-                    $message = __( 'You can\'t login until an administrator manually approve your account.', 'wp-user-frontend' );
+            if ( 'approved' !== $wpuf_user_status ) {
+                $message = __( 'You can\'t login until an administrator manually approve your account.', 'wp-user-frontend' );
 
-                    $this->login_errors[] = $message;
+                $this->login_errors[] = $message;
 
-                    return;
-                }
-            } else {
-                $creds['user_login'] = $log;
+                return;
             }
+        } else {
+            $creds['user_login'] = $log;
+        }
 
-            $creds['user_password'] = $pwd;
-            $creds['remember']      = isset( $_POST['rememberme'] ) ? sanitize_text_field( wp_unslash( $_POST['rememberme'] ) ) : '';
+        $creds['user_password'] = $pwd;
+        $creds['remember']      = isset( $_POST['rememberme'] ) ? sanitize_text_field( wp_unslash( $_POST['rememberme'] ) ) : '';
 
-            if ( isset( $user->user_login ) ) {
-                $validate = wp_authenticate_email_password( null, trim( $log ), $creds['user_password'] );
+        if ( isset( $user->user_login ) ) {
+            $validate = wp_authenticate_email_password( null, trim( $log ), $creds['user_password'] );
 
-                if ( is_wp_error( $validate ) ) {
-                    $this->login_errors[] = $validate->get_error_message();
-                    return;
-                }
+            if ( is_wp_error( $validate ) ) {
+                $this->login_errors[] = $validate->get_error_message();
+                return;
             }
+        }
 
-            $secure_cookie = is_ssl() ? true : false;
-            $user          = wp_signon( apply_filters( 'wpuf_login_credentials', $creds ), $secure_cookie );
+        $secure_cookie = is_ssl() ? true : false;
+        $user          = wp_signon( apply_filters( 'wpuf_login_credentials', $creds ), $secure_cookie );
 
-            //try with old implementation, which is wrong but we must support that
-            if ( is_wp_error( $user ) ) {
-                $creds['user_login']    = sanitize_text_field( wp_unslash( $_POST['log'] ) );
-                $creds['user_password'] = sanitize_text_field( wp_unslash( $_POST['pwd'] ) );
+        //try with old implementation, which is wrong but we must support that
+        if ( is_wp_error( $user ) ) {
+            $creds['user_login']    = sanitize_text_field( wp_unslash( $_POST['log'] ) );
+            $creds['user_password'] = sanitize_text_field( wp_unslash( $_POST['pwd'] ) );
 
-                $user = wp_signon( apply_filters( 'wpuf_login_credentials', $creds ), $secure_cookie );
-            }
+            $user = wp_signon( apply_filters( 'wpuf_login_credentials', $creds ), $secure_cookie );
+        }
 
-            if ( is_wp_error( $user ) ) {
-                $this->login_errors[] = $user->get_error_message();
+        if ( is_wp_error( $user ) ) {
+            $this->login_errors[] = $user->get_error_message();
 
-                return;
-            } else {
-                $redirect = $this->login_redirect();
-                wp_redirect( apply_filters( 'wpuf_login_redirect', $redirect, $user ) );
-                exit;
-            }
+            return;
+        } else {
+            $redirect = $this->login_redirect();
+            wp_safe_redirect( apply_filters( 'wpuf_login_redirect', $redirect, $user ) );
+            exit;
         }
     }
 
@@ -906,7 +925,7 @@ public function activation_user_registration() {
         $pack_id                      = ! empty( $_GET['pack_id'] ) ? sanitize_key( wp_unslash( $_GET['pack_id'] ) ) : '';
 
         if ( $autologin_after_registration === 'on'
-            && $pack_id !== null && is_integer( (int) $pack_id ) ) {
+             && $pack_id !== null && is_integer( (int) $pack_id ) ) {
             wp_set_current_user( $user_id );
             wp_set_auth_cookie( $user_id );
         }