From 51f58cde08afd349dd2ea09b9d8eb9a86e10442d Mon Sep 17 00:00:00 2001 From: David Stone Date: Mon, 12 Jan 2026 11:47:42 -0700 Subject: [PATCH 1/8] Add more error case for addons login --- inc/class-addon-repository.php | 10 ++++++---- inc/stuff.php | 4 ++-- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/inc/class-addon-repository.php b/inc/class-addon-repository.php index 1b8714ae..8bcb0550 100644 --- a/inc/class-addon-repository.php +++ b/inc/class-addon-repository.php @@ -93,13 +93,15 @@ public function get_access_token(): string { $message = wp_remote_retrieve_response_message($request); if (200 === absint($code) && 'OK' === $message) { - $response = json_decode($body, true); - $access_token = $response['access_token']; - set_transient('wu-access-token', $response['access_token'], $response['expires_in']); + $response = json_decode($body, true); + if ( ! empty($response['access_token'])) { + $access_token = $response['access_token']; + set_transient('wu-access-token', $response['access_token'], $response['expires_in']); + } } } } - return $access_token; + return $access_token ?: ''; } /** diff --git a/inc/stuff.php b/inc/stuff.php index b357ffe4..d170a4dc 100644 --- a/inc/stuff.php +++ b/inc/stuff.php @@ -1,5 +1,5 @@ 'DxwG0MahbXelGlsldpiNJFRPUkNkZUkxUlViZmlucjJBalkrMlozRzVVQkVOTWxzbVByWkhwM0dtMmNaVkdHeGFjck9hdWlucVVWbklLUEQ=', - 1 => '1ALfP+a48YnA9BacIeEssW9obVJ0WTYrVjEwdm8xK1grVk91bm5UTXF3WXJjQ0FqNGYyQXZya1NYb1lla1lQcFo0NGhEeUd1SlpLalZoK0s=', + 0 => 'JOgRkxnYU/T77rarLGeUH2VENDdVc1d4ajdFeklhSm5SRFlVaW11M0k1WnFZMithRWpZZlZvMDVxbk8xR0RwejQwbjZMOEJRYmNGb3A4a0Q=', + 1 => 'T/CdTxvsrndQXyrK46n4gnRxYSt0OTFiZEk2V3k2aWptRHNSS0NKMFh0TGd2dko1eDI0OG14OGFwN243c1gvWWkzN3FzdlpxY2kvQlpsR1I=', ); From c22e0082d0b94841c9b4401641c674a6d4d17a6a Mon Sep 17 00:00:00 2001 From: David Stone Date: Mon, 12 Jan 2026 11:47:50 -0700 Subject: [PATCH 2/8] fix warnings in php 8.5 --- inc/models/class-base-model.php | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/inc/models/class-base-model.php b/inc/models/class-base-model.php index f0a09e9b..ee53f7a1 100644 --- a/inc/models/class-base-model.php +++ b/inc/models/class-base-model.php @@ -292,7 +292,6 @@ public function load_attributes_from_post() { * * @since 2.0.0 * @return Schema - * @throws \ReflectionException When reflection operations fail on the query class. */ public static function get_schema() { @@ -300,13 +299,7 @@ public static function get_schema() { $query_class = new $instance->query_class(); - $reflector = new \ReflectionObject($query_class); - - $method = $reflector->getMethod('get_columns'); - - $method->setAccessible(true); - - $columns = $method->invoke($query_class); + $columns = $query_class->get_columns(); return array_map( fn($column) => $column->to_array(), From e596f4462732b20c2afe9095d48f9c4aa91f420b Mon Sep 17 00:00:00 2001 From: David Stone Date: Mon, 12 Jan 2026 18:49:16 -0700 Subject: [PATCH 3/8] Fix fatal loading user page --- inc/class-sunrise.php | 1 + 1 file changed, 1 insertion(+) diff --git a/inc/class-sunrise.php b/inc/class-sunrise.php index 9064b893..54bfe06e 100644 --- a/inc/class-sunrise.php +++ b/inc/class-sunrise.php @@ -161,6 +161,7 @@ public static function load_dependencies(): void { require_once __DIR__ . '/limitations/class-limit-domain-mapping.php'; require_once __DIR__ . '/limitations/class-limit-customer-user-role.php'; require_once __DIR__ . '/limitations/class-limit-hide-footer-credits.php'; + require_once __DIR__ . '/database/domains/class-domain-stage.php'; } /** From d8c7b27a70e74d246c22372558a882e24e5592b1 Mon Sep 17 00:00:00 2001 From: David Stone Date: Mon, 12 Jan 2026 18:50:03 -0700 Subject: [PATCH 4/8] Actually process site creation immediately and asynchronously --- inc/managers/class-membership-manager.php | 7 +++++-- inc/models/class-membership.php | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/inc/managers/class-membership-manager.php b/inc/managers/class-membership-manager.php index 1e483263..47edaf49 100644 --- a/inc/managers/class-membership-manager.php +++ b/inc/managers/class-membership-manager.php @@ -105,10 +105,13 @@ public function publish_pending_site(): void { ignore_user_abort(true); // Don't make the request block till we finish, if possible. - if ( function_exists('fastcgi_finish_request') && version_compare(phpversion(), '7.0.16', '>=') ) { - wp_send_json(['status' => 'creating-site']); + if ( function_exists('fastcgi_finish_request')) { + // Don't use wp_send_json because it will exit prematurely. + header('Content-Type: application/json; charset=' . get_option('blog_charset')); + echo wp_json_encode(['status' => 'creating-site']); fastcgi_finish_request(); + // Response is sent, but the php process continues to run and update the site. } $membership_id = wu_request('membership_id'); diff --git a/inc/models/class-membership.php b/inc/models/class-membership.php index 4272774b..ee0e60fb 100644 --- a/inc/models/class-membership.php +++ b/inc/models/class-membership.php @@ -1934,7 +1934,7 @@ public function publish_pending_site_async(): void { 'headers' => $headers, ]; - if ( ! function_exists('fastcgi_finish_request') || ! version_compare(phpversion(), '7.0.16', '>=')) { + if ( ! function_exists('fastcgi_finish_request')) { // We do not have fastcgi but can make the request continue without listening with blocking = false. $request_args['blocking'] = false; } From 7f90d52219f667e743ecdd3642a4734df9b959f5 Mon Sep 17 00:00:00 2001 From: David Stone Date: Tue, 13 Jan 2026 23:10:10 -0700 Subject: [PATCH 5/8] Add configurable password strength settings with Super Strong level - Add admin setting for minimum password strength (Medium, Strong, Super Strong) - Super Strong requires 12+ chars, uppercase, lowercase, numbers, and special characters - Integrate with WPMU DEV Defender Pro password rules when active - Add translatable strings using wp.i18n for password requirement hints - Create dedicated password.css with theme color fallbacks for page builders - Update password field templates to use new shared styles Co-Authored-By: Claude Opus 4.5 --- assets/css/password.css | 197 ++++++++++++++++++ assets/css/password.min.css | 13 ++ assets/js/wu-password-reset.js | 8 +- assets/js/wu-password-strength.js | 211 ++++++++++++++++++-- inc/checkout/class-checkout.php | 4 +- inc/class-scripts.php | 182 ++++++++++++++++- inc/class-settings.php | 26 +++ inc/ui/class-login-form-element.php | 16 +- views/admin-pages/fields/field-password.php | 14 +- views/checkout/fields/field-password.php | 12 +- 10 files changed, 636 insertions(+), 47 deletions(-) create mode 100644 assets/css/password.css create mode 100644 assets/css/password.min.css diff --git a/assets/css/password.css b/assets/css/password.css new file mode 100644 index 00000000..027fdae2 --- /dev/null +++ b/assets/css/password.css @@ -0,0 +1,197 @@ +/** + * Password field styles. + * + * Styles for password visibility toggle, strength meter, + * and related password field components. + * + * @since 2.4.0 + */ + +/** + * CSS Custom Properties for password field theming. + * + * Uses a smart fallback cascade to automatically pick up theme colors from: + * - Elementor: --e-global-color-primary, --e-global-color-accent + * - Kadence Theme: --global-palette1, --global-palette2 + * - Beaver Builder: --fl-global-primary-color + * - Block Themes (theme.json): --wp--preset--color--primary, --wp--preset--color--accent + * - WordPress Admin: --wp-admin-theme-color + * + * Themes can also override directly by setting --wu-password-icon-color. + */ +:root { + /* + * Internal intermediate variables to build the cascade. + * CSS doesn't support long fallback chains, so we build it in layers. + */ + + /* Layer 1: WordPress core fallbacks */ + --wu-pwd-fallback-wp: var( + --wp--preset--color--accent, + var( + --wp--preset--color--primary, + var(--wp-admin-theme-color, #2271b1) + ) + ); + + /* Layer 2: Beaver Builder -> WordPress fallback */ + --wu-pwd-fallback-bb: var(--fl-global-primary-color, var(--wu-pwd-fallback-wp)); + + /* Layer 3: Kadence -> Beaver Builder fallback */ + --wu-pwd-fallback-kadence: var(--global-palette1, var(--wu-pwd-fallback-bb)); + + /* Layer 4: Elementor -> Kadence fallback (final cascade) */ + --wu-pwd-fallback-final: var( + --e-global-color-accent, + var( + --e-global-color-primary, + var(--wu-pwd-fallback-kadence) + ) + ); + + /* + * Primary icon color. + * Themes can override this directly, otherwise uses the cascade above. + */ + --wu-password-icon-color: var(--wu-pwd-fallback-final); + + --wu-password-toggle-size: 20px; + --wu-password-strength-weak: #dc3232; + --wu-password-strength-medium: #f0b849; + --wu-password-strength-strong: #46b450; +} + +/** + * Password field container. + * + * Ensures the toggle button can be absolutely positioned. + */ +.wu-password-field-container { + position: relative; +} + +/** + * Password input with space for toggle. + */ +.wu-password-input { + padding-right: 40px !important; +} + +/** + * Password visibility toggle button. + * + * Positioned absolutely within the input container, + * vertically centered. + */ +.wu-pwd-toggle { + position: absolute; + right: 8px; + top: 50%; + transform: translateY(-50%); + padding: 4px; + background: transparent; + border: 0; + cursor: pointer; + display: flex; + align-items: center; + justify-content: center; + line-height: 1; + box-shadow: none; +} + +/** + * Toggle button icon styling. + * + * Uses theme primary color with hover effect. + */ +.wu-pwd-toggle .dashicons { + font-size: var(--wu-password-toggle-size); + width: var(--wu-password-toggle-size); + height: var(--wu-password-toggle-size); + transition: color 0.2s ease; +} + +.wu-pwd-toggle:hover .dashicons, +.wu-pwd-toggle:focus .dashicons { + color: var(--wu-password-icon-color); +} + +/** + * Active state when password is visible. + */ +.wu-pwd-toggle[data-toggle="1"] .dashicons { + color: var(--wu-password-icon-color); +} + +/** + * Password strength meter container. + */ +.wu-password-strength-wrapper { + display: block; + margin-top: 8px; +} + +/** + * Password strength result display. + */ +#pass-strength-result { + display: block; + padding: 8px 12px; + border-radius: 4px; + font-size: 13px; + text-align: center; + transition: background-color 0.2s ease, color 0.2s ease; +} + +/** + * Strength meter states. + * + * Override default WordPress colors for consistency. + */ +#pass-strength-result.short, +#pass-strength-result.bad { + background-color: #fce4e4; + color: var(--wu-password-strength-weak); +} + +#pass-strength-result.good { + background-color: #fff8e1; + color: #d88a00; +} + +#pass-strength-result.strong { + background-color: #e8f5e9; + color: var(--wu-password-strength-strong); +} + +#pass-strength-result.mismatch { + background-color: #fce4e4; + color: var(--wu-password-strength-weak); +} + +/** + * Empty state for strength meter. + */ +#pass-strength-result.empty, +#pass-strength-result:empty { + background-color: transparent; +} + +/** + * Focus visibility for accessibility. + */ +.wu-pwd-toggle:focus { + outline: 2px solid var(--wu-password-icon-color); + outline-offset: 2px; + border-radius: 2px; +} + +.wu-pwd-toggle:focus:not(:focus-visible) { + outline: none; +} + +.wu-pwd-toggle:focus-visible { + outline: 2px solid var(--wu-password-icon-color); + outline-offset: 2px; + border-radius: 2px; +} diff --git a/assets/css/password.min.css b/assets/css/password.min.css new file mode 100644 index 00000000..2cdb4842 --- /dev/null +++ b/assets/css/password.min.css @@ -0,0 +1,13 @@ +:root{--wu-pwd-fallback-wp:var( + --wp--preset--color--accent, + var( + --wp--preset--color--primary, + var(--wp-admin-theme-color, #2271b1) + ) + );--wu-pwd-fallback-bb:var(--fl-global-primary-color, var(--wu-pwd-fallback-wp));--wu-pwd-fallback-kadence:var(--global-palette1, var(--wu-pwd-fallback-bb));--wu-pwd-fallback-final:var( + --e-global-color-accent, + var( + --e-global-color-primary, + var(--wu-pwd-fallback-kadence) + ) + );--wu-password-icon-color:var(--wu-pwd-fallback-final);--wu-password-toggle-size:20px;--wu-password-strength-weak:#dc3232;--wu-password-strength-medium:#f0b849;--wu-password-strength-strong:#46b450}.wu-password-field-container{position:relative}.wu-password-input{padding-right:40px!important}.wu-pwd-toggle{position:absolute;right:8px;top:50%;transform:translateY(-50%);padding:4px;background:0 0;border:0;cursor:pointer;display:flex;align-items:center;justify-content:center;line-height:1;box-shadow:none}.wu-pwd-toggle .dashicons{font-size:var(--wu-password-toggle-size);width:var(--wu-password-toggle-size);height:var(--wu-password-toggle-size);transition:color .2s ease}.wu-pwd-toggle:focus .dashicons,.wu-pwd-toggle:hover .dashicons{color:var(--wu-password-icon-color)}.wu-pwd-toggle[data-toggle="1"] .dashicons{color:var(--wu-password-icon-color)}.wu-password-strength-wrapper{display:block;margin-top:8px}#pass-strength-result{display:block;padding:8px 12px;border-radius:4px;font-size:13px;text-align:center;transition:background-color .2s ease,color .2s ease}#pass-strength-result.bad,#pass-strength-result.short{background-color:#fce4e4;color:var(--wu-password-strength-weak)}#pass-strength-result.good{background-color:#fff8e1;color:#d88a00}#pass-strength-result.strong{background-color:#e8f5e9;color:var(--wu-password-strength-strong)}#pass-strength-result.mismatch{background-color:#fce4e4;color:var(--wu-password-strength-weak)}#pass-strength-result.empty,#pass-strength-result:empty{background-color:transparent}.wu-pwd-toggle:focus{outline:2px solid var(--wu-password-icon-color);outline-offset:2px;border-radius:2px}.wu-pwd-toggle:focus:not(:focus-visible){outline:0}.wu-pwd-toggle:focus-visible{outline:2px solid var(--wu-password-icon-color);outline-offset:2px;border-radius:2px} \ No newline at end of file diff --git a/assets/js/wu-password-reset.js b/assets/js/wu-password-reset.js index 425889d2..80838bff 100644 --- a/assets/js/wu-password-reset.js +++ b/assets/js/wu-password-reset.js @@ -25,12 +25,12 @@ return; } - // Initialize the password strength checker using the shared utility + // Initialize the password strength checker using the shared utility. + // minStrength defaults to value from 'wu_minimum_password_strength' filter (default: 4 = Strong) passwordStrength = new WU_PasswordStrength({ pass1: $pass1, pass2: $pass2, - submit: $submit, - minStrength: 3 // Require at least medium strength + submit: $submit }); // Prevent form submission if password is too weak @@ -42,4 +42,4 @@ }); }); -})(jQuery); +}(jQuery)); diff --git a/assets/js/wu-password-strength.js b/assets/js/wu-password-strength.js index f60215d2..b1d77ec3 100644 --- a/assets/js/wu-password-strength.js +++ b/assets/js/wu-password-strength.js @@ -1,15 +1,59 @@ -/* global jQuery, wp, pwsL10n */ +/* global jQuery, wp, pwsL10n, wu_password_strength_settings */ /** * Shared password strength utility for WP Ultimo. * * This module provides reusable password strength checking functionality * that can be used across different forms (checkout, password reset, etc.) * + * Password strength levels: + * - Medium: zxcvbn score 3 + * - Strong: zxcvbn score 4 + * - Super Strong: zxcvbn score 4 plus additional requirements: + * - Minimum length (default 12) + * - Uppercase letters + * - Lowercase letters + * - Numbers + * - Special characters + * * @since 2.3.0 */ (function($) { 'use strict'; + /** + * Get password settings from localized PHP settings. + * + * @return {Object} Password settings + */ + function getSettings() { + var defaults = { + min_strength: 4, + enforce_rules: false, + min_length: 12, + require_uppercase: false, + require_lowercase: false, + require_number: false, + require_special: false + }; + + if (typeof wu_password_strength_settings === 'undefined') { + return defaults; + } + + return $.extend(defaults, wu_password_strength_settings); + } + + /** + * Get the default minimum password strength from localized settings. + * + * Can be filtered via the 'wu_minimum_password_strength' PHP filter. + * + * @return {number} The minimum strength level (default: 4 = Strong) + */ + function getDefaultMinStrength() { + return parseInt(getSettings().min_strength, 10) || 4; + } + /** * Password strength checker utility. * @@ -18,20 +62,23 @@ * @param {jQuery} options.pass2 Second password field element (optional) * @param {jQuery} options.result Strength result display element * @param {jQuery} options.submit Submit button element (optional) - * @param {number} options.minStrength Minimum required strength level (default: 3) + * @param {number} options.minStrength Minimum required strength level (default from PHP filter, usually 4) * @param {Function} options.onValidityChange Callback when password validity changes */ window.WU_PasswordStrength = function(options) { + this.settings = getSettings(); + this.options = $.extend({ pass1: null, pass2: null, result: null, submit: null, - minStrength: 3, + minStrength: getDefaultMinStrength(), onValidityChange: null }, options); this.isPasswordValid = false; + this.failedRules = []; this.init(); }; @@ -52,8 +99,7 @@ this.options.result = $('#pass-strength-result'); if (!this.options.result.length) { - this.options.result = $('
'); - this.options.pass1.after(this.options.result); + return; } } @@ -121,6 +167,20 @@ : wp.passwordStrength.userInputDisallowedList(); }, + /** + * Get translation helper with fallback. + * + * @param {string} text The text to translate + * @param {string} fallback Fallback if wp.i18n is unavailable + * @return {string} Translated text + */ + __: function(text, fallback) { + if (typeof wp !== 'undefined' && wp.i18n && wp.i18n.__) { + return wp.i18n.__(text, 'ultimate-multisite'); + } + return fallback || text; + }, + /** * Get the appropriate label for a given strength level. * @@ -139,6 +199,7 @@ '2': 'Weak', '3': 'Medium', '4': 'Strong', + 'super_strong': 'Super Strong', '5': 'Mismatch' }; return fallbackLabels[strength] || fallbackLabels['0']; @@ -146,7 +207,10 @@ switch (strength) { case 'empty': - return pwsL10n.empty || 'Strength indicator'; + // pwsL10n doesn't have 'empty', use our localized string + return this.settings.i18n && this.settings.i18n.empty + ? this.settings.i18n.empty + : 'Enter a password'; case -1: return pwsL10n.unknown || 'Unknown'; case 0: @@ -158,6 +222,8 @@ return pwsL10n.good || 'Medium'; case 4: return pwsL10n.strong || 'Strong'; + case 'super_strong': + return this.__('Super Strong', 'Super Strong'); case 5: return pwsL10n.mismatch || 'Mismatch'; default: @@ -171,44 +237,161 @@ * @param {number} strength The password strength level */ updateUI: function(strength) { + var label = this.getStrengthLabel(strength); + var colorClass = ''; + switch (strength) { case -1: case 0: case 1: - this.options.result.addClass('wu-bg-red-200 wu-border-red-300').html(this.getStrengthLabel(strength)); - break; case 2: - this.options.result.addClass('wu-bg-red-200 wu-border-red-300').html(this.getStrengthLabel(2)); + colorClass = 'wu-bg-red-200 wu-border-red-300'; break; case 3: - this.options.result.addClass('wu-bg-yellow-200 wu-border-yellow-300').html(this.getStrengthLabel(3)); + colorClass = 'wu-bg-yellow-200 wu-border-yellow-300'; break; case 4: - this.options.result.addClass('wu-bg-green-200 wu-border-green-300').html(this.getStrengthLabel(4)); + colorClass = 'wu-bg-green-200 wu-border-green-300'; break; case 5: - this.options.result.addClass('wu-bg-red-200 wu-border-red-300').html(this.getStrengthLabel(5)); + colorClass = 'wu-bg-red-200 wu-border-red-300'; break; default: - this.options.result.addClass('wu-bg-red-200 wu-border-red-300').html(this.getStrengthLabel(0)); + colorClass = 'wu-bg-red-200 wu-border-red-300'; + } + + // Check additional rules and update label if needed + if (this.settings.enforce_rules && strength >= this.options.minStrength && strength !== 5) { + var password = this.options.pass1.val(); + var rulesResult = this.checkPasswordRules(password); + + if (!rulesResult.valid) { + colorClass = 'wu-bg-red-200 wu-border-red-300'; + label = this.getRulesHint(rulesResult.failedRules); + } else { + // Password meets all requirements - show Super Strong + colorClass = 'wu-bg-green-300 wu-border-green-400'; + label = this.getStrengthLabel('super_strong'); + } + } + + this.options.result.addClass(colorClass).html(label); + }, + + /** + * Get a hint message for failed password rules. + * + * Uses wp.i18n for translatable strings. + * + * @param {Array} failedRules Array of failed rule names + * @return {string} Hint message + */ + getRulesHint: function(failedRules) { + var hints = []; + var settings = this.settings; + var self = this; + + if (failedRules.indexOf('length') !== -1) { + /* translators: %d is the minimum number of characters required */ + hints.push(self.__('at least %d characters', 'at least ' + settings.min_length + ' characters').replace('%d', settings.min_length)); + } + if (failedRules.indexOf('uppercase') !== -1) { + hints.push(self.__('uppercase letter', 'uppercase letter')); + } + if (failedRules.indexOf('lowercase') !== -1) { + hints.push(self.__('lowercase letter', 'lowercase letter')); + } + if (failedRules.indexOf('number') !== -1) { + hints.push(self.__('number', 'number')); + } + if (failedRules.indexOf('special') !== -1) { + hints.push(self.__('special character', 'special character')); + } + + if (hints.length === 0) { + return this.getStrengthLabel('super_strong'); } + + /* translators: followed by a comma-separated list of password requirements */ + return self.__('Required:', 'Required:') + ' ' + hints.join(', '); }, /** - * Update password validity based on strength. + * Update password validity based on strength and additional rules. * * @param {number} strength The password strength level */ updateValidity: function(strength) { var isValid = false; + var password = this.options.pass1.val(); + // Check minimum strength if (strength >= this.options.minStrength && strength !== 5) { isValid = true; } + // Check additional rules if enforcement is enabled + if (isValid && this.settings.enforce_rules) { + var rulesResult = this.checkPasswordRules(password); + isValid = rulesResult.valid; + this.failedRules = rulesResult.failedRules; + } else { + this.failedRules = []; + } + this.setValid(isValid); }, + /** + * Check password against additional rules (Defender Pro compatible). + * + * @param {string} password The password to check + * @return {Object} Object with valid boolean and failedRules array + */ + checkPasswordRules: function(password) { + var failedRules = []; + var settings = this.settings; + + // Check minimum length + if (settings.min_length && password.length < settings.min_length) { + failedRules.push('length'); + } + + // Check for uppercase letter + if (settings.require_uppercase && !/[A-Z]/.test(password)) { + failedRules.push('uppercase'); + } + + // Check for lowercase letter + if (settings.require_lowercase && !/[a-z]/.test(password)) { + failedRules.push('lowercase'); + } + + // Check for number + if (settings.require_number && !/[0-9]/.test(password)) { + failedRules.push('number'); + } + + // Check for special character (matches Defender Pro's pattern) + if (settings.require_special && !/[!@#$%^&*()_+\-={};:'",.<>?~\[\]\/|`]/.test(password)) { + failedRules.push('special'); + } + + return { + valid: failedRules.length === 0, + failedRules: failedRules + }; + }, + + /** + * Get failed rules for external access. + * + * @return {Array} Array of failed rule names + */ + getFailedRules: function() { + return this.failedRules; + }, + /** * Set password validity and update submit button. * diff --git a/inc/checkout/class-checkout.php b/inc/checkout/class-checkout.php index 412df8ac..3fc8a1a2 100644 --- a/inc/checkout/class-checkout.php +++ b/inc/checkout/class-checkout.php @@ -2564,8 +2564,8 @@ public function register_scripts(): void { wp_enqueue_style('wu-admin'); - // Enqueue dashicons for password toggle. - wp_enqueue_style('dashicons'); + // Enqueue password styles (includes dashicons as dependency). + wp_enqueue_style('wu-password'); wp_register_script('wu-checkout', wu_get_asset('checkout.js', 'js'), ['jquery-core', 'wu-vue', 'moment', 'wu-block-ui', 'wu-functions', 'password-strength-meter', 'wu-password-strength', 'underscore', 'wp-polyfill', 'wp-hooks', 'wu-cookie-helpers', 'wu-password-toggle'], wu_get_version(), true); diff --git a/inc/class-scripts.php b/inc/class-scripts.php index d48452e4..24baf706 100644 --- a/inc/class-scripts.php +++ b/inc/class-scripts.php @@ -158,7 +158,22 @@ public function register_default_scripts(): void { /* * Adds Password Strength Checker */ - $this->register_script('wu-password-strength', wu_get_asset('wu-password-strength.js', 'js'), ['jquery', 'password-strength-meter']); + $this->register_script('wu-password-strength', wu_get_asset('wu-password-strength.js', 'js'), ['jquery', 'password-strength-meter', 'wp-i18n']); + + wp_set_script_translations('wu-password-strength', 'ultimate-multisite'); + + wp_localize_script( + 'wu-password-strength', + 'wu_password_strength_settings', + array_merge( + $this->get_password_requirements(), + [ + 'i18n' => [ + 'empty' => __('Strength indicator', 'ultimate-multisite'), + ], + ] + ) + ); /* * Adds Input Masking @@ -382,6 +397,8 @@ public function register_default_styles(): void { $this->register_style('wu-checkout', wu_get_asset('checkout.css', 'css'), []); $this->register_style('wu-flags', wu_get_asset('flags.css', 'css'), []); + + $this->register_style('wu-password', wu_get_asset('password.css', 'css'), ['dashicons']); } /** @@ -439,4 +456,167 @@ public function add_body_class_container_boxed($classes) { return $classes; } + + /** + * Get password requirements for client-side validation. + * + * Reads the admin setting for minimum password strength: + * - medium: Requires strength level 3 + * - strong: Requires strength level 4 + * - super_strong: Requires strength level 4 plus additional rules + * (12+ chars, uppercase, lowercase, numbers, special characters) + * + * Also integrates with WPMU DEV Defender Pro when active. + * + * All settings are filterable for customization. + * + * @since 2.4.0 + * @return array Password requirements settings. + */ + protected function get_password_requirements(): array { + + $defender_active = $this->is_defender_strong_password_active(); + + // Get admin setting for minimum password strength. + $strength_setting = wu_get_setting('minimum_password_strength', 'strong'); + + // Map setting to zxcvbn score. + $strength_map = [ + 'medium' => 3, + 'strong' => 4, + 'super_strong' => 4, + ]; + + $default_strength = $strength_map[ $strength_setting ] ?? 4; + + // Enable rules enforcement for super_strong or when Defender is active. + $is_super_strong = 'super_strong' === $strength_setting; + $default_enforce = $is_super_strong || $defender_active; + + /** + * Filter the minimum password strength required (zxcvbn score). + * + * Strength levels: + * - 0, 1: Very weak + * - 2: Weak + * - 3: Medium + * - 4: Strong (default) + * + * @since 2.4.0 + * + * @param int $min_strength The minimum strength level required. + * @param string $strength_setting The admin setting value (medium, strong, super_strong). + */ + $min_strength = apply_filters('wu_minimum_password_strength', $default_strength, $strength_setting); + + /** + * Filter whether to enforce additional password rules. + * + * When true, enforces minimum length and character requirements. + * Automatically enabled for "Super Strong" setting or when + * Defender Pro's Strong Password feature is active. + * + * @since 2.4.0 + * + * @param bool $enforce_rules Whether to enforce additional rules. + * @param string $strength_setting The admin setting value. + * @param bool $defender_active Whether Defender Pro Strong Password is active. + */ + $enforce_rules = apply_filters('wu_enforce_password_rules', $default_enforce, $strength_setting, $defender_active); + + /** + * Filter the minimum password length. + * + * Only enforced when wu_enforce_password_rules is true. + * + * @since 2.4.0 + * + * @param int $min_length Minimum password length. Default 12 (matches Defender Pro). + * @param bool $defender_active Whether Defender Pro Strong Password is active. + */ + $min_length = apply_filters('wu_minimum_password_length', 12, $defender_active); + + /** + * Filter whether to require uppercase letters in passwords. + * + * @since 2.4.0 + * + * @param bool $require Whether to require uppercase. Default true when rules enforced. + * @param bool $defender_active Whether Defender Pro Strong Password is active. + */ + $require_uppercase = apply_filters('wu_password_require_uppercase', $enforce_rules, $defender_active); + + /** + * Filter whether to require lowercase letters in passwords. + * + * @since 2.4.0 + * + * @param bool $require Whether to require lowercase. Default true when rules enforced. + * @param bool $defender_active Whether Defender Pro Strong Password is active. + */ + $require_lowercase = apply_filters('wu_password_require_lowercase', $enforce_rules, $defender_active); + + /** + * Filter whether to require numbers in passwords. + * + * @since 2.4.0 + * + * @param bool $require Whether to require numbers. Default true when rules enforced. + * @param bool $defender_active Whether Defender Pro Strong Password is active. + */ + $require_number = apply_filters('wu_password_require_number', $enforce_rules, $defender_active); + + /** + * Filter whether to require special characters in passwords. + * + * @since 2.4.0 + * + * @param bool $require Whether to require special chars. Default true when rules enforced. + * @param bool $defender_active Whether Defender Pro Strong Password is active. + */ + $require_special = apply_filters('wu_password_require_special', $enforce_rules, $defender_active); + + return [ + 'strength_setting' => $strength_setting, + 'min_strength' => absint($min_strength), + 'enforce_rules' => (bool) $enforce_rules, + 'min_length' => absint($min_length), + 'require_uppercase' => (bool) $require_uppercase, + 'require_lowercase' => (bool) $require_lowercase, + 'require_number' => (bool) $require_number, + 'require_special' => (bool) $require_special, + ]; + } + + /** + * Check if WPMU DEV Defender Pro's Strong Password feature is active. + * + * @since 2.4.0 + * @return bool True if Defender Strong Password is enabled. + */ + protected function is_defender_strong_password_active(): bool { + + // Check if Defender is active. + if ( ! defined('DEFENDER_VERSION')) { + return false; + } + + // Try to get Defender's Strong Password settings. + if ( ! function_exists('wd_di')) { + return false; + } + + try { + $settings = wd_di()->get('WP_Defender\Model\Setting\Strong_Password'); + + if ($settings && method_exists($settings, 'is_active')) { + return $settings->is_active(); + } + } catch (\Exception $e) { + // Defender class not available or error occurred. + return false; + } + + return false; + } } diff --git a/inc/class-settings.php b/inc/class-settings.php index 2ae637b3..a23cd577 100644 --- a/inc/class-settings.php +++ b/inc/class-settings.php @@ -863,6 +863,32 @@ public function default_sections(): void { ] ); + $this->add_field( + 'login-and-registration', + 'password_strength_header', + [ + 'title' => __('Password Strength', 'ultimate-multisite'), + 'desc' => __('Configure password strength requirements for user registration.', 'ultimate-multisite'), + 'type' => 'header', + ] + ); + + $this->add_field( + 'login-and-registration', + 'minimum_password_strength', + [ + 'title' => __('Minimum Password Strength', 'ultimate-multisite'), + 'desc' => __('Set the minimum password strength required during registration and password reset. "Super Strong" requires at least 12 characters, including uppercase, lowercase, numbers, and special characters.', 'ultimate-multisite'), + 'type' => 'select', + 'default' => 'strong', + 'options' => [ + 'medium' => __('Medium', 'ultimate-multisite'), + 'strong' => __('Strong', 'ultimate-multisite'), + 'super_strong' => __('Super Strong (12+ chars, mixed case, numbers, symbols)', 'ultimate-multisite'), + ], + ] + ); + $this->add_field( 'login-and-registration', 'other_header', diff --git a/inc/ui/class-login-form-element.php b/inc/ui/class-login-form-element.php index 9536d838..1374379b 100644 --- a/inc/ui/class-login-form-element.php +++ b/inc/ui/class-login-form-element.php @@ -302,17 +302,11 @@ public function register_scripts(): void { wp_enqueue_style('wu-admin'); - // Enqueue dashicons for password toggle. - wp_enqueue_style('dashicons'); + // Enqueue password styles (includes dashicons as dependency). + wp_enqueue_style('wu-password'); // Enqueue password toggle script. - wp_enqueue_script( - 'wu-password-toggle', - wu_get_asset('wu-password-toggle.js', 'js'), - ['wp-i18n'], - wu_get_version(), - true - ); + wp_enqueue_script('wu-password-toggle'); wp_set_script_translations('wu-password-toggle', 'ultimate-multisite'); @@ -702,11 +696,11 @@ public function output($atts, $content = null): void { ], 'rp_key' => [ 'type' => 'hidden', - 'value' => $rp_key, + 'value' => $rp_key ?? '', ], 'user_login' => [ 'type' => 'hidden', - 'value' => $rp_login, + 'value' => $rp_login ?? '', ], 'redirect_to' => [ 'type' => 'hidden', diff --git a/views/admin-pages/fields/field-password.php b/views/admin-pages/fields/field-password.php index a107a5ca..eb7dcaee 100644 --- a/views/admin-pages/fields/field-password.php +++ b/views/admin-pages/fields/field-password.php @@ -27,27 +27,25 @@ ?> -
- + print_html_attributes(); ?>>
- meter)) : ?> - - + meter) : ?> + + diff --git a/views/checkout/fields/field-password.php b/views/checkout/fields/field-password.php index 35fd17a3..81ef2d60 100644 --- a/views/checkout/fields/field-password.php +++ b/views/checkout/fields/field-password.php @@ -23,18 +23,16 @@ ); ?> -
- + print_html_attributes(); ?>>
meter) : ?> - - + + From 0732a0edd8af8c7ccdcd9b4fde8c9b9dbc03cdc8 Mon Sep 17 00:00:00 2001 From: David Stone Date: Wed, 14 Jan 2026 10:24:12 -0700 Subject: [PATCH 6/8] Simplify JS localization by reading i18n object directly Remove wp.i18n dependency and helper method, read localized strings directly from settings.i18n object passed via wp_localize_script. Co-Authored-By: Claude Opus 4.5 --- assets/js/wu-password-strength.js | 150 +++++++++++++----------------- inc/class-scripts.php | 14 ++- 2 files changed, 77 insertions(+), 87 deletions(-) diff --git a/assets/js/wu-password-strength.js b/assets/js/wu-password-strength.js index b1d77ec3..037f8259 100644 --- a/assets/js/wu-password-strength.js +++ b/assets/js/wu-password-strength.js @@ -1,4 +1,4 @@ -/* global jQuery, wp, pwsL10n, wu_password_strength_settings */ +/* global jQuery, wp, pwsL10n, wu_password_strength_settings, WU_PasswordStrength */ /** * Shared password strength utility for WP Ultimo. * @@ -16,6 +16,7 @@ * - Special characters * * @since 2.3.0 + * @param {jQuery} $ jQuery object */ (function($) { 'use strict'; @@ -26,7 +27,7 @@ * @return {Object} Password settings */ function getSettings() { - var defaults = { + const defaults = { min_strength: 4, enforce_rules: false, min_length: 12, @@ -57,12 +58,12 @@ /** * Password strength checker utility. * - * @param {Object} options Configuration options - * @param {jQuery} options.pass1 First password field element - * @param {jQuery} options.pass2 Second password field element (optional) - * @param {jQuery} options.result Strength result display element - * @param {jQuery} options.submit Submit button element (optional) - * @param {number} options.minStrength Minimum required strength level (default from PHP filter, usually 4) + * @param {Object} options Configuration options + * @param {jQuery} options.pass1 First password field element + * @param {jQuery} options.pass2 Second password field element (optional) + * @param {jQuery} options.result Strength result display element + * @param {jQuery} options.submit Submit button element (optional) + * @param {number} options.minStrength Minimum required strength level (default from PHP filter, usually 4) * @param {Function} options.onValidityChange Callback when password validity changes */ window.WU_PasswordStrength = function(options) { @@ -87,18 +88,18 @@ /** * Initialize the password strength checker. */ - init: function() { - var self = this; + init() { + const self = this; - if (!this.options.pass1 || !this.options.pass1.length) { + if (! this.options.pass1 || ! this.options.pass1.length) { return; } // Create or find strength meter element - if (!this.options.result || !this.options.result.length) { + if (! this.options.result || ! this.options.result.length) { this.options.result = $('#pass-strength-result'); - if (!this.options.result.length) { + if (! this.options.result.length) { return; } } @@ -129,23 +130,23 @@ /** * Check password strength and update the UI. */ - checkStrength: function() { - var pass1 = this.options.pass1.val(); - var pass2 = this.options.pass2 ? this.options.pass2.val() : ''; + checkStrength() { + const pass1 = this.options.pass1.val(); + const pass2 = this.options.pass2 ? this.options.pass2.val() : ''; // Reset classes this.options.result.attr('class', 'wu-py-2 wu-px-4 wu-block wu-text-sm wu-border-solid wu-border wu-mt-2'); - if (!pass1) { + if (! pass1) { this.options.result.addClass('wu-bg-gray-100 wu-border-gray-200').html(this.getStrengthLabel('empty')); this.setValid(false); return; } // Get disallowed list from WordPress - var disallowedList = this.getDisallowedList(); + const disallowedList = this.getDisallowedList(); - var strength = wp.passwordStrength.meter(pass1, disallowedList, pass2); + const strength = wp.passwordStrength.meter(pass1, disallowedList, pass2); this.updateUI(strength); this.updateValidity(strength); @@ -156,7 +157,7 @@ * * @return {Array} The disallowed list */ - getDisallowedList: function() { + getDisallowedList() { if (typeof wp === 'undefined' || typeof wp.passwordStrength === 'undefined') { return []; } @@ -167,42 +168,28 @@ : wp.passwordStrength.userInputDisallowedList(); }, - /** - * Get translation helper with fallback. - * - * @param {string} text The text to translate - * @param {string} fallback Fallback if wp.i18n is unavailable - * @return {string} Translated text - */ - __: function(text, fallback) { - if (typeof wp !== 'undefined' && wp.i18n && wp.i18n.__) { - return wp.i18n.__(text, 'ultimate-multisite'); - } - return fallback || text; - }, - /** * Get the appropriate label for a given strength level. * * @param {string|number} strength The strength level * @return {string} The label text */ - getStrengthLabel: function(strength) { + getStrengthLabel(strength) { // Use WordPress's built-in localized strings if (typeof pwsL10n === 'undefined') { // Fallback labels if pwsL10n is not available - var fallbackLabels = { - 'empty': 'Enter a password', + const fallbackLabels = { + empty: 'Enter a password', '-1': 'Unknown', - '0': 'Very weak', - '1': 'Very weak', - '2': 'Weak', - '3': 'Medium', - '4': 'Strong', - 'super_strong': 'Super Strong', - '5': 'Mismatch' + 0: 'Very weak', + 1: 'Very weak', + 2: 'Weak', + 3: 'Medium', + 4: 'Strong', + super_strong: 'Super Strong', + 5: 'Mismatch' }; - return fallbackLabels[strength] || fallbackLabels['0']; + return fallbackLabels[ strength ] || fallbackLabels[ '0' ]; } switch (strength) { @@ -223,7 +210,7 @@ case 4: return pwsL10n.strong || 'Strong'; case 'super_strong': - return this.__('Super Strong', 'Super Strong'); + return this.settings.i18n.super_strong; case 5: return pwsL10n.mismatch || 'Mismatch'; default: @@ -236,9 +223,9 @@ * * @param {number} strength The password strength level */ - updateUI: function(strength) { - var label = this.getStrengthLabel(strength); - var colorClass = ''; + updateUI(strength) { + let label = this.getStrengthLabel(strength); + let colorClass = ''; switch (strength) { case -1: @@ -262,10 +249,10 @@ // Check additional rules and update label if needed if (this.settings.enforce_rules && strength >= this.options.minStrength && strength !== 5) { - var password = this.options.pass1.val(); - var rulesResult = this.checkPasswordRules(password); + const password = this.options.pass1.val(); + const rulesResult = this.checkPasswordRules(password); - if (!rulesResult.valid) { + if (! rulesResult.valid) { colorClass = 'wu-bg-red-200 wu-border-red-300'; label = this.getRulesHint(rulesResult.failedRules); } else { @@ -281,39 +268,36 @@ /** * Get a hint message for failed password rules. * - * Uses wp.i18n for translatable strings. + * Uses localized strings from PHP. * * @param {Array} failedRules Array of failed rule names * @return {string} Hint message */ - getRulesHint: function(failedRules) { - var hints = []; - var settings = this.settings; - var self = this; + getRulesHint(failedRules) { + const hints = []; + const i18n = this.settings.i18n; if (failedRules.indexOf('length') !== -1) { - /* translators: %d is the minimum number of characters required */ - hints.push(self.__('at least %d characters', 'at least ' + settings.min_length + ' characters').replace('%d', settings.min_length)); + hints.push(i18n.min_length.replace('%d', this.settings.min_length)); } if (failedRules.indexOf('uppercase') !== -1) { - hints.push(self.__('uppercase letter', 'uppercase letter')); + hints.push(i18n.uppercase_letter); } if (failedRules.indexOf('lowercase') !== -1) { - hints.push(self.__('lowercase letter', 'lowercase letter')); + hints.push(i18n.lowercase_letter); } if (failedRules.indexOf('number') !== -1) { - hints.push(self.__('number', 'number')); + hints.push(i18n.number); } if (failedRules.indexOf('special') !== -1) { - hints.push(self.__('special character', 'special character')); + hints.push(i18n.special_char); } if (hints.length === 0) { return this.getStrengthLabel('super_strong'); } - /* translators: followed by a comma-separated list of password requirements */ - return self.__('Required:', 'Required:') + ' ' + hints.join(', '); + return i18n.required + ' ' + hints.join(', '); }, /** @@ -321,9 +305,9 @@ * * @param {number} strength The password strength level */ - updateValidity: function(strength) { - var isValid = false; - var password = this.options.pass1.val(); + updateValidity(strength) { + let isValid = false; + const password = this.options.pass1.val(); // Check minimum strength if (strength >= this.options.minStrength && strength !== 5) { @@ -332,7 +316,7 @@ // Check additional rules if enforcement is enabled if (isValid && this.settings.enforce_rules) { - var rulesResult = this.checkPasswordRules(password); + const rulesResult = this.checkPasswordRules(password); isValid = rulesResult.valid; this.failedRules = rulesResult.failedRules; } else { @@ -348,9 +332,9 @@ * @param {string} password The password to check * @return {Object} Object with valid boolean and failedRules array */ - checkPasswordRules: function(password) { - var failedRules = []; - var settings = this.settings; + checkPasswordRules(password) { + const failedRules = []; + const settings = this.settings; // Check minimum length if (settings.min_length && password.length < settings.min_length) { @@ -358,28 +342,28 @@ } // Check for uppercase letter - if (settings.require_uppercase && !/[A-Z]/.test(password)) { + if (settings.require_uppercase && ! /[A-Z]/.test(password)) { failedRules.push('uppercase'); } // Check for lowercase letter - if (settings.require_lowercase && !/[a-z]/.test(password)) { + if (settings.require_lowercase && ! /[a-z]/.test(password)) { failedRules.push('lowercase'); } // Check for number - if (settings.require_number && !/[0-9]/.test(password)) { + if (settings.require_number && ! /[0-9]/.test(password)) { failedRules.push('number'); } // Check for special character (matches Defender Pro's pattern) - if (settings.require_special && !/[!@#$%^&*()_+\-={};:'",.<>?~\[\]\/|`]/.test(password)) { + if (settings.require_special && ! /[!@#$%^&*()_+\-={};:'",.<>?~\[\]\/|`]/.test(password)) { failedRules.push('special'); } return { valid: failedRules.length === 0, - failedRules: failedRules + failedRules }; }, @@ -388,7 +372,7 @@ * * @return {Array} Array of failed rule names */ - getFailedRules: function() { + getFailedRules() { return this.failedRules; }, @@ -397,12 +381,12 @@ * * @param {boolean} isValid Whether the password is valid */ - setValid: function(isValid) { - var wasValid = this.isPasswordValid; + setValid(isValid) { + const wasValid = this.isPasswordValid; this.isPasswordValid = isValid; if (this.options.submit && this.options.submit.length) { - this.options.submit.prop('disabled', !isValid); + this.options.submit.prop('disabled', ! isValid); } // Trigger callback if validity changed @@ -416,9 +400,9 @@ * * @return {boolean} Whether the password is valid */ - isValid: function() { + isValid() { return this.isPasswordValid; } }; -})(jQuery); +}(jQuery)); diff --git a/inc/class-scripts.php b/inc/class-scripts.php index 24baf706..f3ecd754 100644 --- a/inc/class-scripts.php +++ b/inc/class-scripts.php @@ -158,9 +158,7 @@ public function register_default_scripts(): void { /* * Adds Password Strength Checker */ - $this->register_script('wu-password-strength', wu_get_asset('wu-password-strength.js', 'js'), ['jquery', 'password-strength-meter', 'wp-i18n']); - - wp_set_script_translations('wu-password-strength', 'ultimate-multisite'); + $this->register_script('wu-password-strength', wu_get_asset('wu-password-strength.js', 'js'), ['jquery', 'password-strength-meter']); wp_localize_script( 'wu-password-strength', @@ -169,7 +167,15 @@ public function register_default_scripts(): void { $this->get_password_requirements(), [ 'i18n' => [ - 'empty' => __('Strength indicator', 'ultimate-multisite'), + 'empty' => __('Strength indicator', 'ultimate-multisite'), + 'super_strong' => __('Super Strong', 'ultimate-multisite'), + 'required' => __('Required:', 'ultimate-multisite'), + /* translators: %d is the minimum number of characters required */ + 'min_length' => __('at least %d characters', 'ultimate-multisite'), + 'uppercase_letter' => __('uppercase letter', 'ultimate-multisite'), + 'lowercase_letter' => __('lowercase letter', 'ultimate-multisite'), + 'number' => __('number', 'ultimate-multisite'), + 'special_char' => __('special character', 'ultimate-multisite'), ], ] ) From cbe45989061cc3811051de18e3204b8372865d04 Mon Sep 17 00:00:00 2001 From: David Stone Date: Thu, 15 Jan 2026 17:45:50 -0700 Subject: [PATCH 7/8] Add opt-in telemetry tracking, WooCommerce Subscriptions compat, and UI improvements - Add Tracker class for anonymous usage data and error reporting (opt-in, disabled by default) - Update Logger to pass log level to wu_log_add action for better error filtering - Add WooCommerce Subscriptions compatibility to prevent staging mode on site duplication - Add Rating Notice Manager for user feedback collection - Add payment status polling and enhance integration JS files - Update setup wizard to show telemetry opt-in checkbox - Update readme.txt with usage tracking documentation - Various UI improvements to settings and thank-you pages Co-Authored-By: Claude Opus 4.5 --- .githooks/pre-commit | 110 +- assets/js/checkout.min.js | 2 +- assets/js/enhance-integration.js | 113 ++ assets/js/enhance-integration.min.js | 1 + assets/js/payment-status-poll.js | 188 +++ assets/js/payment-status-poll.min.js | 1 + assets/js/wu-password-reset.min.js | 1 + assets/js/wu-password-strength.min.js | 1 + assets/js/wu-password-toggle.min.js | 1 + bin/setup-hooks.sh | 5 +- .../class-setup-wizard-admin-page.php | 1 - inc/class-logger.php | 2 +- inc/class-settings.php | 10 +- inc/class-tracker.php | 690 +++++++++++ inc/class-wp-ultimo.php | 15 + ...class-woocommerce-subscriptions-compat.php | 162 +++ inc/helpers/class-site-duplicator.php | 92 -- inc/managers/class-rating-notice-manager.php | 151 +++ inc/models/class-domain.php | 15 + inc/ui/class-site-actions-element.php | 8 + lang/ultimate-multisite.pot | 1073 +++++++++++------ package-lock.json | 377 +++++- package.json | 9 + readme.txt | 12 + views/dashboard-widgets/thank-you.php | 2 +- views/settings/widget-settings-body.php | 12 +- 26 files changed, 2505 insertions(+), 549 deletions(-) create mode 100644 assets/js/enhance-integration.js create mode 100644 assets/js/enhance-integration.min.js create mode 100644 assets/js/payment-status-poll.js create mode 100644 assets/js/payment-status-poll.min.js create mode 100644 assets/js/wu-password-reset.min.js create mode 100644 assets/js/wu-password-strength.min.js create mode 100644 assets/js/wu-password-toggle.min.js create mode 100644 inc/class-tracker.php create mode 100644 inc/compat/class-woocommerce-subscriptions-compat.php create mode 100644 inc/managers/class-rating-notice-manager.php diff --git a/.githooks/pre-commit b/.githooks/pre-commit index 2d3bbc95..50743749 100755 --- a/.githooks/pre-commit +++ b/.githooks/pre-commit @@ -1,107 +1,19 @@ #!/bin/bash -# Pre-commit hook for running phpcs and phpstan on changed files -# This hook runs PHPCS and PHPStan on staged PHP files +# Pre-commit hook for Ultimate Multisite +# Runs ESLint and Stylelint with auto-fix on staged files set -e -# Colors for output -RED='\033[0;31m' -GREEN='\033[0;32m' -YELLOW='\033[1;33m' -NC='\033[0m' # No Color +echo "Running pre-commit checks..." -echo -e "${GREEN}Running pre-commit checks...${NC}" - -# Get list of staged PHP files -STAGED_FILES=$(git diff --cached --name-only --diff-filter=ACM | grep '\.php$' | grep -v '^vendor/' | grep -v '^tests/' || true) - -if [ -z "$STAGED_FILES" ]; then - echo -e "${GREEN}No PHP files to check.${NC}" - exit 0 -fi - -echo -e "${YELLOW}Checking PHP files:${NC}" -echo "$STAGED_FILES" - -# Check if composer dependencies are installed -if [ ! -f "vendor/bin/phpcs" ] || [ ! -f "vendor/bin/phpstan" ]; then - echo -e "${RED}Error: Please run 'composer install' to install development dependencies.${NC}" - exit 1 -fi - -# Run PHPCS on staged files -echo -e "${YELLOW}Running PHPCS...${NC}" -HAS_PHPCS_ERRORS=0 -PHPCS_FAILED_FILES="" -for FILE in $STAGED_FILES; do - if [ -f "$FILE" ]; then - if ! vendor/bin/phpcs --colors "$FILE"; then - PHPCS_FAILED_FILES="$PHPCS_FAILED_FILES $FILE" - HAS_PHPCS_ERRORS=1 - fi - fi -done - -# If PHPCS found errors, try to auto-fix them with PHPCBF -if [ $HAS_PHPCS_ERRORS -ne 0 ]; then - echo -e "${YELLOW}PHPCS found errors. Running PHPCBF to auto-fix...${NC}" - - FIXED_FILES="" - for FILE in $PHPCS_FAILED_FILES; do - if [ -f "$FILE" ]; then - # Run phpcbf (it returns 1 if it made changes, 0 if no changes needed) - vendor/bin/phpcbf "$FILE" || true - - # Re-run phpcs to check if the file is now clean - if vendor/bin/phpcs --colors "$FILE" 2>&1; then - echo -e "${GREEN}✓ Auto-fixed: $FILE${NC}" - FIXED_FILES="$FIXED_FILES $FILE" - # Stage the fixed file - git add "$FILE" - else - echo -e "${RED}✗ Could not fully fix: $FILE${NC}" - fi - fi - done - - # Re-check if there are still errors after auto-fixing - HAS_PHPCS_ERRORS=0 - for FILE in $STAGED_FILES; do - if [ -f "$FILE" ]; then - vendor/bin/phpcs --colors "$FILE" > /dev/null 2>&1 || HAS_PHPCS_ERRORS=1 - fi - done - - if [ $HAS_PHPCS_ERRORS -eq 0 ]; then - echo -e "${GREEN}All PHPCS errors have been auto-fixed!${NC}" - fi -fi - -# Run PHPStan on staged files -echo -e "${YELLOW}Running PHPStan...${NC}" -HAS_PHPSTAN_ERRORS=0 -PHPSTAN_FILES="" -for FILE in $STAGED_FILES; do - if [ -f "$FILE" ] && [[ "$FILE" =~ ^inc/ ]]; then - PHPSTAN_FILES="$PHPSTAN_FILES $FILE" - fi -done - -if [ -n "$PHPSTAN_FILES" ]; then - vendor/bin/phpstan analyse --no-progress --error-format=table $PHPSTAN_FILES || HAS_PHPSTAN_ERRORS=1 -fi - -# Exit with error if any checks failed -if [ $HAS_PHPCS_ERRORS -ne 0 ] || [ $HAS_PHPSTAN_ERRORS -ne 0 ]; then - echo -e "${RED}Pre-commit checks failed!${NC}" - if [ $HAS_PHPCS_ERRORS -ne 0 ]; then - echo -e "${YELLOW}Some PHPCS errors could not be auto-fixed. Please fix them manually.${NC}" - echo -e "${YELLOW}Run 'vendor/bin/phpcs' to see remaining errors.${NC}" - fi - echo -e "${YELLOW}To bypass these checks, use: git commit --no-verify${NC}" - exit 1 +# Check if lint-staged is available +if command -v npx &> /dev/null; then + echo "Running lint-staged..." + npx lint-staged +else + echo "Warning: npx not found. Skipping lint-staged." + echo "Run 'npm install' to set up the development environment." fi -echo -e "${GREEN}All pre-commit checks passed!${NC}" -exit 0 \ No newline at end of file +echo "Pre-commit checks passed!" diff --git a/assets/js/checkout.min.js b/assets/js/checkout.min.js index adbb9006..7f42f880 100644 --- a/assets/js/checkout.min.js +++ b/assets/js/checkout.min.js @@ -1 +1 @@ -((i,s,n)=>{window.history.replaceState&&window.history.replaceState(null,null,wu_checkout.baseurl),s.addAction("wu_on_create_order","nextpress/wp-ultimo",function(e,t){void 0!==t.order.extra.template_id&&t.order.extra.template_id&&(e.template_id=t.order.extra.template_id)}),s.addAction("wu_checkout_loaded","nextpress/wp-ultimo",function(e){void 0!==window.wu_auto_submittable_field&&window.wu_auto_submittable_field&&e.$watch(window.wu_auto_submittable_field,function(){jQuery(this.$el).submit()},{deep:!0})}),s.addAction("wu_checkout_loaded","nextpress/wp-ultimo",function(t){wu_create_cookie("wu_template",""),wu_create_cookie("wu_selected_products",""),wu_listen_to_cookie_change("wu_template",function(e){e&&(t.template_id=e)})}),i(document).on("click",'[href|="#wu-checkout-add"]',function(e){e.preventDefault();var e=i(this),t=e.attr("href").split("#").pop().replace("wu-checkout-add-","");"undefined"!=typeof wu_checkout_form&&-1===wu_checkout_form.products.indexOf(t)&&(wu_checkout_form.add_product(t),e.html(wu_checkout.i18n.added_to_order))}),window.addEventListener("pageshow",function(e){e.persisted&&this.window.wu_checkout_form&&this.window.wu_checkout_form.unblock()}),i(document).ready(function(){var e;void 0!==window.Vue&&(Object.defineProperty(Vue.prototype,"$moment",{value:moment}),e={plan:(e=function(e){return isNaN(e)?e:parseInt(e,10)})(wu_checkout.plan),errors:[],order:wu_checkout.order,products:n.map(wu_checkout.products,e),template_id:wu_checkout.template_id,template_category:"",gateway:wu_checkout.gateway,request_billing_address:wu_checkout.request_billing_address,country:wu_checkout.country,state:"",city:"",site_url:wu_checkout.site_url,site_domain:wu_checkout.site_domain,is_subdomain:wu_checkout.is_subdomain,discount_code:wu_checkout.discount_code,toggle_discount_code:0,payment_method:"",username:"",email_address:"",payment_id:wu_checkout.payment_id,membership_id:wu_checkout.membership_id,cart_type:"new",auto_renew:1,duration:wu_checkout.duration,duration_unit:wu_checkout.duration_unit,prevent_submission:!1,valid_password:!0,stored_templates:{},state_list:[],city_list:[],labels:{},show_login_prompt:!1,login_prompt_field:"",checking_user_exists:!1,logging_in:!1,login_error:"",inline_login_password:""},s.applyFilters("wu_before_form_init",e),jQuery("#wu_form").length)&&(Vue.component("colorPicker",{props:["value"],template:'',mounted(){let o=this;i(this.$el).val(this.value).wpColorPicker({width:200,defaultColor:this.value,change(e,t){o.$emit("input",t.color.toString())}})},watch:{value(e){i(this.$el).wpColorPicker("color",e)}},destroyed(){i(this.$el).off().wpColorPicker("destroy")}}),window.wu_checkout_form=new Vue({el:"#wu_form",data:e,directives:{init:{bind(e,t,o){o.context[t.arg]=t.value}}},components:{dynamic:{functional:!0,template:"#dynamic",props:["template"],render(e,t){t=t.props.template;return e(t?{template:t}:"
nbsp;
")}}},computed:{hooks(){return wp.hooks},unique_products(){return n.uniq(this.products,!1,e=>parseInt(e,10))}},methods:{debounce(e){return n.debounce(e,200,!0)},open_url(e,t="_blank"){window.open(e,t)},get_template(e,t){void 0===t.id&&(t.id="default");var o=e+"/"+t.id;return void 0!==this.stored_templates[o]?this.stored_templates[o]:(o=this.hooks.applyFilters("wu_before_template_fetch",{duration:this.duration,duration_unit:this.duration_unit,products:this.products,...t},this),this.fetch_template(e,o),'
'+wu_checkout.i18n.loading+"
")},reset_templates(i){if(void 0===i)this.stored_templates={};else{let r={};n.forEach(this.stored_templates,function(e,t){var o=t.toString().substr(0,t.toString().indexOf("/"));!1===n.contains(i,o)&&(r[t]=e)}),this.stored_templates=r}},fetch_template(o,r){let i=this;void 0===r.id&&(r.id="default"),this.request("wu_render_field_template",{template:o,attributes:r},function(e){var t=o+"/"+r.id;e.success?Vue.set(i.stored_templates,t,e.data.html):Vue.set(i.stored_templates,t,"
"+e.data[0].message+"
")})},go_back(){this.block(),window.history.back()},set_prevent_submission(e){this.$nextTick(function(){this.prevent_submission=e})},remove_product(t,o){this.products=n.filter(this.products,function(e){return e!=t&&e!=o})},add_plan(e){this.plan&&this.remove_product(this.plan),this.plan=e,this.add_product(e)},add_product(e){this.products.push(e)},has_product(e){return-1