Fix lost password page visibility when logged in (#49670)
* Split logged in/logged out views in my account rendering * Redirect to edit account when using lost password when logged in * changelog * logout before running test * esc_url_raw
This commit is contained in:
parent
fd5362218a
commit
79e89f6d44
|
@ -0,0 +1,4 @@
|
|||
Significance: minor
|
||||
Type: fix
|
||||
|
||||
Redirect the lost password page to edit account while logged in.
|
|
@ -39,7 +39,12 @@ class WC_Shortcode_My_Account {
|
|||
return;
|
||||
}
|
||||
|
||||
if ( ! is_user_logged_in() || isset( $wp->query_vars['lost-password'] ) ) {
|
||||
if ( ! is_user_logged_in() ) {
|
||||
/**
|
||||
* Filters the message shown on the 'my account' page when the user is not logged in.
|
||||
*
|
||||
* @since 2.6.0
|
||||
*/
|
||||
$message = apply_filters( 'woocommerce_my_account_message', '' );
|
||||
|
||||
if ( ! empty( $message ) ) {
|
||||
|
@ -56,50 +61,16 @@ class WC_Shortcode_My_Account {
|
|||
} else {
|
||||
wc_get_template( 'myaccount/form-login.php' );
|
||||
}
|
||||
} else {
|
||||
// Start output buffer since the html may need discarding for BW compatibility.
|
||||
ob_start();
|
||||
|
||||
if ( isset( $wp->query_vars['customer-logout'] ) ) {
|
||||
/* translators: %s: logout url */
|
||||
wc_add_notice( sprintf( __( 'Are you sure you want to log out? <a href="%s">Confirm and log out</a>', 'woocommerce' ), wc_logout_url() ) );
|
||||
}
|
||||
|
||||
// Collect notices before output.
|
||||
$notices = wc_get_notices();
|
||||
|
||||
// Output the new account page.
|
||||
self::my_account( $atts );
|
||||
|
||||
/**
|
||||
* Deprecated my-account.php template handling. This code should be
|
||||
* removed in a future release.
|
||||
*
|
||||
* If woocommerce_account_content did not run, this is an old template
|
||||
* so we need to render the endpoint content again.
|
||||
*/
|
||||
if ( ! did_action( 'woocommerce_account_content' ) ) {
|
||||
if ( ! empty( $wp->query_vars ) ) {
|
||||
foreach ( $wp->query_vars as $key => $value ) {
|
||||
if ( 'pagename' === $key ) {
|
||||
continue;
|
||||
}
|
||||
if ( has_action( 'woocommerce_account_' . $key . '_endpoint' ) ) {
|
||||
ob_clean(); // Clear previous buffer.
|
||||
wc_set_notices( $notices );
|
||||
wc_print_notices();
|
||||
do_action( 'woocommerce_account_' . $key . '_endpoint', $value );
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
wc_deprecated_function( 'Your theme version of my-account.php template', '2.6', 'the latest version, which supports multiple account pages and navigation, from WC 2.6.0' );
|
||||
}
|
||||
}
|
||||
|
||||
// Send output buffer.
|
||||
ob_end_flush();
|
||||
return;
|
||||
}
|
||||
|
||||
if ( isset( $wp->query_vars['customer-logout'] ) ) {
|
||||
/* translators: %s: logout url */
|
||||
wc_add_notice( sprintf( __( 'Are you sure you want to log out? <a href="%s">Confirm and log out</a>', 'woocommerce' ), wc_logout_url() ) );
|
||||
}
|
||||
|
||||
// Output the my account page.
|
||||
self::my_account( $atts );
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -46,6 +46,12 @@ function wc_template_redirect() {
|
|||
exit;
|
||||
}
|
||||
|
||||
// Redirect to edit account if trying to recover password whilst logged in.
|
||||
if ( isset( $wp->query_vars['lost-password'] ) && is_user_logged_in() ) {
|
||||
wp_safe_redirect( esc_url_raw( wc_get_endpoint_url( 'edit-account', '', wc_get_page_permalink( 'myaccount' ) ) ) );
|
||||
exit;
|
||||
}
|
||||
|
||||
// Trigger 404 if trying to access an endpoint on wrong page.
|
||||
if ( is_wc_endpoint_url() && ! is_account_page() && ! is_checkout() && apply_filters( 'woocommerce_account_endpoint_page_not_found', true ) ) {
|
||||
$wp_query->set_404();
|
||||
|
|
|
@ -226,6 +226,9 @@ test.describe(
|
|||
test( 'should receive an email when initiating a password reset', async ( {
|
||||
page,
|
||||
} ) => {
|
||||
// Effect a log out/simulate a new browsing session by dropping all cookies.
|
||||
await page.context().clearCookies();
|
||||
await page.reload();
|
||||
await page.goto( 'my-account/lost-password/' );
|
||||
|
||||
await test.step( 'initiate password reset from my account', async () => {
|
||||
|
|
Loading…
Reference in New Issue