This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * Profile Editor |
||
4 | * |
||
5 | * This template is used to display the profile editor with [give_profile_editor] |
||
6 | * |
||
7 | * @copyright Copyright (c) 2016, GiveWP |
||
8 | * @license https://opensource.org/licenses/gpl-license GNU Public License |
||
9 | */ |
||
10 | |||
11 | $current_user = wp_get_current_user(); |
||
12 | |||
13 | if ( is_user_logged_in() ) : |
||
14 | $user_id = get_current_user_id(); |
||
15 | $first_name = get_user_meta( $user_id, 'first_name', true ); |
||
0 ignored issues
–
show
introduced
by
![]() |
|||
16 | $last_name = get_user_meta( $user_id, 'last_name', true ); |
||
0 ignored issues
–
show
|
|||
17 | $last_name = get_user_meta( $user_id, 'last_name', true ); |
||
0 ignored issues
–
show
|
|||
18 | $display_name = $current_user->display_name; |
||
19 | $donor = new Give_Donor( $user_id, true ); |
||
20 | $address = $donor->get_donor_address( array( 'address_type' => 'personal' ) ); |
||
21 | $company_name = $donor->get_meta( '_give_donor_company', true ); |
||
22 | |||
23 | if ( isset( $_GET['updated'] ) && 'true' === $_GET['updated'] && ! give_get_errors() ) { |
||
0 ignored issues
–
show
|
|||
24 | if ( isset( $_GET['update_code'] ) ) { |
||
0 ignored issues
–
show
|
|||
25 | if ( 1 === absint( $_GET['update_code'] ) ) { |
||
0 ignored issues
–
show
|
|||
26 | printf( '<p class="give_success"><strong>%1$s</strong> %2$s</p>', esc_html__( 'Success:', 'give' ), esc_html__( 'Your profile has been updated.', 'give' ) ); |
||
27 | } |
||
28 | } |
||
29 | } |
||
30 | |||
31 | Give()->notices->render_frontend_notices( 0 ); |
||
32 | |||
33 | /** |
||
34 | * Fires in the profile editor shortcode, before the form. |
||
35 | * |
||
36 | * Allows you to add new elements before the form. |
||
37 | * |
||
38 | * @since 1.0 |
||
39 | */ |
||
40 | do_action( 'give_profile_editor_before' ); |
||
41 | ?> |
||
42 | |||
43 | <form id="give_profile_editor_form" class="give-form" action="<?php echo give_get_current_page_url(); ?>" method="post"> |
||
0 ignored issues
–
show
|
|||
44 | <fieldset> |
||
45 | <legend id="give_profile_name_label"><?php _e( 'Profile', 'give' ); ?></legend> |
||
46 | |||
47 | <h3 id="give_personal_information_label" |
||
48 | class="give-section-break"><?php _e( 'Change your Name', 'give' ); ?></h3> |
||
49 | |||
50 | <p id="give_profile_first_name_wrap" class="form-row form-row-first form-row-responsive"> |
||
51 | <label for="give_first_name"> |
||
52 | <?php _e( 'First Name', 'give' ); ?> |
||
53 | <span class="give-required-indicator ">*</span> |
||
54 | </label> |
||
55 | <input name="give_first_name" id="give_first_name" class="text give-input" type="text" |
||
56 | value="<?php echo esc_attr( $first_name ); ?>"/> |
||
57 | </p> |
||
58 | |||
59 | <p id="give_profile_last_name_wrap" class="form-row form-row-last form-row-responsive"> |
||
60 | <label for="give_last_name"><?php _e( 'Last Name', 'give' ); ?></label> |
||
61 | <input name="give_last_name" id="give_last_name" class="text give-input" type="text" |
||
62 | value="<?php echo esc_attr( $last_name ); ?>"/> |
||
63 | </p> |
||
64 | |||
65 | <?php if ( ! empty( $company_name ) ) : ?> |
||
66 | <p id="give_profile_company_name_wrap" class="form-row form-row-wide"> |
||
67 | <label for="give_company_name"><?php _e( 'Company Name', 'give' ); ?></label> |
||
68 | <input name="give_company_name" id="give_company_name" class="text give-input" type="text" |
||
69 | value="<?php echo esc_attr( $company_name ); ?>"/> |
||
70 | </p> |
||
71 | <?php endif; ?> |
||
72 | |||
73 | <p id="give_profile_display_name_wrap" class="form-row form-row-first form-row-responsive"> |
||
74 | <label for="give_display_name"><?php _e( 'Display Name', 'give' ); ?></label> |
||
75 | <select name="give_display_name" id="give_display_name" class="select give-select"> |
||
76 | View Code Duplication | <?php if ( ! empty( $current_user->first_name ) ): ?> |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. ![]() |
|||
77 | <option <?php selected( $display_name, $current_user->first_name ); ?> |
||
78 | value="<?php echo esc_attr( $current_user->first_name ); ?>"><?php echo esc_html( $current_user->first_name ); ?></option> |
||
79 | <?php endif; ?> |
||
80 | <option <?php selected( $display_name, $current_user->user_nicename ); ?> |
||
81 | value="<?php echo esc_attr( $current_user->user_nicename ); ?>"><?php echo esc_html( $current_user->user_nicename ); ?></option> |
||
82 | View Code Duplication | <?php if ( ! empty( $current_user->last_name ) ): ?> |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. ![]() |
|||
83 | <option <?php selected( $display_name, $current_user->last_name ); ?> |
||
84 | value="<?php echo esc_attr( $current_user->last_name ); ?>"><?php echo esc_html( $current_user->last_name ); ?></option> |
||
85 | <?php endif; ?> |
||
86 | <?php if ( ! empty( $current_user->first_name ) && ! empty( $current_user->last_name ) ): ?> |
||
87 | <option <?php selected( $display_name, $current_user->first_name . ' ' . $current_user->last_name ); ?> |
||
88 | value="<?php echo esc_attr( $current_user->first_name . ' ' . $current_user->last_name ); ?>"><?php echo esc_html( $current_user->first_name . ' ' . $current_user->last_name ); ?></option> |
||
89 | <option <?php selected( $display_name, $current_user->last_name . ' ' . $current_user->first_name ); ?> |
||
90 | value="<?php echo esc_attr( $current_user->last_name . ' ' . $current_user->first_name ); ?>"><?php echo esc_html( $current_user->last_name . ' ' . $current_user->first_name ); ?></option> |
||
91 | <?php endif; ?> |
||
92 | </select> |
||
93 | <?php |
||
94 | /** |
||
95 | * Fires in the profile editor shortcode, to the name section. |
||
96 | * |
||
97 | * Allows you to add new elements to the name section. |
||
98 | * |
||
99 | * @since 1.0 |
||
100 | */ |
||
101 | do_action( 'give_profile_editor_name' ); |
||
102 | ?> |
||
103 | </p> |
||
104 | |||
105 | <?php |
||
106 | /** |
||
107 | * Fires in the profile editor shortcode, after the name field. |
||
108 | * |
||
109 | * Allows you to add new fields after the name field. |
||
110 | * |
||
111 | * @since 1.0 |
||
112 | */ |
||
113 | do_action( 'give_profile_editor_after_name' ); |
||
114 | ?> |
||
115 | |||
116 | <p class="form-row form-row-last form-row-responsive"> |
||
117 | <label for="give_email"> |
||
118 | <?php _e( 'Email Address', 'give' ); ?> |
||
119 | <span class="give-required-indicator ">*</span> |
||
120 | </label> |
||
121 | <input name="give_email" id="give_email" class="text give-input required" type="email" |
||
122 | value="<?php echo esc_attr( $current_user->user_email ); ?>" required aria-required="true"/> |
||
123 | <?php |
||
124 | /** |
||
125 | * Fires in the profile editor shortcode, to the email section. |
||
126 | * |
||
127 | * Allows you to add new elements to the email section. |
||
128 | * |
||
129 | * @since 1.0 |
||
130 | */ |
||
131 | do_action( 'give_profile_editor_email' ); |
||
132 | ?> |
||
133 | </p> |
||
134 | |||
135 | <?php |
||
136 | /** |
||
137 | * Fires in the profile editor shortcode, after the email field. |
||
138 | * |
||
139 | * Allows you to add new fields after the email field. |
||
140 | * |
||
141 | * @since 1.0 |
||
142 | */ |
||
143 | do_action( 'give_profile_editor_after_email' ); |
||
144 | ?> |
||
145 | |||
146 | <h3 id="give_profile_password_label" |
||
147 | class="give-section-break"><?php _e( 'Change your Password', 'give' ); ?></h3> |
||
148 | |||
149 | <div id="give_profile_password_wrap" class="give-clearfix"> |
||
150 | <p id="give_profile_password_wrap_1" class="form-row form-row-first form-row-responsive"> |
||
151 | <label for="give_new_user_pass1"><?php _e( 'New Password', 'give' ); ?></label> |
||
152 | <input name="give_new_user_pass1" id="give_new_user_pass1" class="password give-input" |
||
153 | type="password"/> |
||
154 | </p> |
||
155 | |||
156 | <p id="give_profile_password_wrap_2" class="form-row form-row-last form-row-responsive"> |
||
157 | <label for="give_new_user_pass2"><?php _e( 'Re-enter Password', 'give' ); ?></label> |
||
158 | <input name="give_new_user_pass2" id="give_new_user_pass2" class="password give-input" |
||
159 | type="password"/> |
||
160 | <?php |
||
161 | /** |
||
162 | * Fires in the profile editor shortcode, to the password section. |
||
163 | * |
||
164 | * Allows you to add new elements to the password section. |
||
165 | * |
||
166 | * @since 1.0 |
||
167 | */ |
||
168 | do_action( 'give_profile_editor_password' ); |
||
169 | ?> |
||
170 | </p> |
||
171 | </div> |
||
172 | |||
173 | <p class="give_password_change_notice"><?php _e( 'Please note after changing your password, you must log back in.', 'give' ); ?></p> |
||
174 | |||
175 | <?php |
||
176 | /** |
||
177 | * Fires in the profile editor shortcode, after the password field. |
||
178 | * |
||
179 | * Allows you to add new fields after the password field. |
||
180 | * |
||
181 | * @since 1.0 |
||
182 | */ |
||
183 | do_action( 'give_profile_editor_after_password' ); |
||
184 | ?> |
||
185 | |||
186 | <p id="give_profile_submit_wrap"> |
||
187 | <input type="hidden" name="give_profile_editor_nonce" |
||
188 | value="<?php echo wp_create_nonce( 'give-profile-editor-nonce' ); ?>"/> |
||
0 ignored issues
–
show
|
|||
189 | <input type="hidden" name="give_action" value="edit_user_profile"/> |
||
190 | <input type="hidden" name="give_redirect" |
||
191 | value="<?php echo esc_url( give_get_current_page_url() ); ?>"/> |
||
192 | <input name="give_profile_editor_submit" id="give_profile_editor_submit" type="submit" |
||
193 | class="give_submit" value="<?php _e( 'Save Changes', 'give' ); ?>"/> |
||
194 | </p> |
||
195 | |||
196 | </fieldset> |
||
197 | |||
198 | </form><!-- #give_profile_editor_form --> |
||
199 | |||
200 | <?php |
||
201 | /** |
||
202 | * Fires in the profile editor shortcode, after the form. |
||
203 | * |
||
204 | * Allows you to add new elements after the form. |
||
205 | * |
||
206 | * @since 1.0 |
||
207 | */ |
||
208 | do_action( 'give_profile_editor_after' ); |
||
209 | ?> |
||
210 | |||
211 | <?php |
||
212 | else : |
||
213 | if ( isset( $_GET['updated'] ) && 'true' === $_GET['updated'] && ! give_get_errors() ) { |
||
0 ignored issues
–
show
|
|||
214 | if ( isset( $_GET['update_code'] ) ) { |
||
0 ignored issues
–
show
|
|||
215 | switch ( $_GET['update_code'] ) { |
||
0 ignored issues
–
show
|
|||
216 | View Code Duplication | case '2': |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. ![]() |
|||
217 | printf( '<p class="give_success"><strong>%1$s</strong> %2$s</p>', esc_html__( 'Success:', 'give' ), esc_html__( 'Your profile and password has been updated.', 'give' ) ); |
||
218 | _e( 'Login with your new credentials.', 'give' ); |
||
219 | echo give_login_form(); |
||
0 ignored issues
–
show
|
|||
220 | break; |
||
221 | |||
222 | View Code Duplication | case '3': |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. ![]() |
|||
223 | printf( '<p class="give_success"><strong>%1$s</strong> %2$s</p>', esc_html__( 'Success:', 'give' ), esc_html__( 'Your password has been updated.', 'give' ) ); |
||
224 | _e( 'Login with your new credentials.', 'give' ); |
||
225 | echo give_login_form(); |
||
0 ignored issues
–
show
|
|||
226 | break; |
||
227 | |||
228 | default: |
||
229 | break; |
||
230 | } |
||
231 | } |
||
232 | } else { |
||
233 | _e( 'You need to login to edit your profile.', 'give' ); |
||
234 | echo give_login_form(); |
||
0 ignored issues
–
show
|
|||
235 | } |
||
236 | endif; |
||
237 |