Commit Graph

121 Commits

Author SHA1 Message Date
Rua Haszard 95f4b5b81e restore original comment (related changes are gone) 2020-10-14 12:35:32 +13:00
Rua Haszard 5e3713da75 check password-set user token before redirecting to set password form:
- this prevents the password reset process earlier (before the redirect)
- also now shows a notice informing the user that they need to log out
  of (other) account
2020-10-14 12:26:51 +13:00
Rua Haszard 1f5601f0fe ensure lost-password form only resets password for correct user:
- if a user is logged in, check their ID matches the ID in the reset
  key / token
2020-10-14 12:12:01 +13:00
Rua Haszard 5e5d06cfab show lost-password form when logged-in user:
- in the checkout signup use case, the user may be setting their
password in a logged-in browser session; they need to be able to set an
initial account password
2020-10-14 09:50:36 +13:00
Claudio Sanches d48f1d4e2e Fixed package tag usage 2020-08-05 13:36:24 -03:00
Rodrigo Primo e7c0c894b2
Merge pull request #24154 from ryangjchandler/master
Fix #24153 - Added filter to disable password change notification
2019-09-24 18:08:04 -03:00
Rodrigo Primo 9c9715ac8d
Merge pull request #24435 from strayobject/fix-show-error-in-myaccount-when-order-missing
fix: show error message in myaccount if order does not exist.
2019-08-21 16:29:10 -03:00
Claudio Sanches 4b45905f18 Prevent load order twice 2019-08-19 18:19:36 -03:00
Michal Zdrojewski b2e9584a53 fix: show error message in myaccount if order does not exist. 2019-08-19 16:47:17 +01:00
rgjchandler 687197f234 Fix #24153 - Added filter to disable password change notification 2019-07-15 16:00:13 +01:00
Mike Jolley 4672a47d67 Update from master 2019-02-18 11:41:05 +00:00
Mike Jolley 6367d19615 phpcs 2019-01-21 08:11:40 -08:00
Mike Jolley ce2473e09f Whenn loading address fields, enforce valid address 2019-01-07 16:03:23 +00:00
Claudio Sanches 575575d280 Fixed reset password cookie when REQUEST_URI includes cyrillic alphabet
WordPress core doesn't try to satinize this either.
See: ae2b929294/wp-login.php (L646)

Closes #20895
2018-07-25 20:33:11 -03:00
Mike Jolley efe06cb147 Remove direct calls to wc_print_notices 2018-04-19 18:26:21 +01:00
Claudio Sanches af8c59de94 Fixed class-wc-shortcode-my-account.php PHPCS violations 2018-03-09 13:11:52 -03:00
Mike Jolley fb5e5209e3 Prevent cookie header sent error, and improve error message wording
Closes #17379

To test, reset your password via email.

Then click the reset link in the email again.
2017-10-26 15:22:25 +01:00
Jack 24efd36126 set query_vars (#17105)
* query_vars is set

* add changes
2017-10-10 12:14:35 +01:00
Mike Jolley 636ad8b652 Add a nonce and confirmation for logging out via the customer my account page 2017-06-12 14:02:29 +01:00
Mike Jolley d3666738d8 Merge branch 'pr/15069' 2017-05-23 18:56:58 +01:00
Mike Jolley db012b3a12 Merge pull request #15011 from woocommerce/fix/14999
Add abspath checks
2017-05-23 15:57:35 +01:00
Mike Jolley d31a58b117 More abspath 2017-05-23 15:40:19 +01:00
Rasmus Bengtsson 185934fad9 Fix phpdoc to include params and correct types 2017-05-15 13:50:52 +02:00
Rasmus Bengtsson 6a7fc8650f Remove unused local variables 2017-05-15 12:06:52 +02:00
Mike Jolley 9757d2a0ce Correct variable name
Fixes #14263
2017-04-11 18:29:55 +01:00
Mike Jolley 49b782d20e Correct formatting 2017-03-14 12:34:20 +00:00
fuzzguard 1a99235dc8 Adding in proper error handling from 'lostpassword_post'
Since WP version 4.4.0 the 'lostpassword_post' hook has had the ability to handle error messages from the WP_Error class.  This allows errors to to occur BEFORE the username or email address are validated against the WP.

wp-login.php
        /**
         * Fires before errors are returned from a password reset request.
         *
         * @since 2.1.0
         * @since 4.4.0 Added the `$errors` parameter.
         *
         * @param WP_Error $errors A WP_Error object containing any errors generated
         *                         by using invalid credentials.
         */
        do_action( 'lostpassword_post', $errors );

        if ( $errors->get_error_code() )
                return $errors;

Proposal is to have this same process be respected by WooCommerce Lost Password process.
2017-03-11 11:43:21 +11:00
Justin Sternberg d036123ebf Add the shortcode name param to the woocommerce_my_account shortcode. 2017-01-03 13:12:12 -05:00
Mike Jolley d7dfdd3d10 Wrap all deprecation calls. 2016-11-23 16:15:00 +00:00
Krzysztof Grabania cb059f5af0 Added address type to filter
It will allow to modify address fields only for selected address type
2016-10-21 15:12:45 +02:00
Claudio Sanches 657c312cae Fix strings case (#12069)
* Fixed case for all _e, esc_attr_e and esc_html_e strings

* Fixed case for all _n_noop strings

* Fixed case for all _x strings

* Fixed case for all __, esc_html__ and esc_attr__ strings

* Fixed a few more strings

* Fixed strings in unit tests

* Fix PayPal Standard case.

* Save Order text
2016-10-12 11:16:30 +01:00
Claudio Sanches e6a956f795 Improve password reset using WP functions 2016-10-05 19:01:59 -03:00
Aristeides Stathopoulos fde1037757 fix failing tests. 2016-09-01 23:50:14 +03:00
Aristeides Stathopoulos f2730eea02 WordPress.WhiteSpace.ControlStructureSpacing.BlankLineAfterEnd 2016-08-27 08:57:05 +03:00
Aristeides Stathopoulos 82f3cc221e WordPress.WhiteSpace.ControlStructureSpacing.NoSpaceBeforeOpenParenthesis 2016-08-27 07:23:02 +03:00
Aristeides Stathopoulos b063bcfe4c last item in a multiline-array should end in a comma 2016-08-27 04:46:45 +03:00
Mike Jolley d2adabaf89 Redirect to login after password reset.
Closes #11376
2016-07-27 12:47:41 +01:00
Mike Jolley c8cce05c4d Use a cookie and redirect instead of query string 2016-06-24 15:06:01 +01:00
Mike Jolley a0d14d0baf [fix] Handle notices without outputting outside of template files
Fixes #11112
2016-06-14 11:33:28 +01:00
Mike Jolley 3fd15ad50f Unused vars and code docs 2016-06-06 18:57:24 +01:00
Mike Jolley 828fdcc193 Deprecated notice 2016-06-06 13:54:17 +01:00
Mike Jolley 02d5991b2a bw compat handling 2016-06-06 12:55:07 +01:00
Mike Jolley eb73855066 Don't handle content switch in account shortcode 2016-06-06 12:04:42 +01:00
Antonino Scarfì f5603bb762 Avoid leave query string on URL after delete and set default actions for token, from Payment Methods endpoint. Also, change hook position on set default action for token. 2016-05-26 15:50:22 +02:00
Mike Jolley d6a085b5ae Improve lost password flow
@claudiosmweb Fixes #10785

Add confirmation and explanation after initial reset.

Also splits template files into lost password, reset password, and
confirmation for clarity.
2016-04-27 16:00:30 +01:00
Justin Shreve 31bae0c19e Hook up the tokenization API to the "add payment method" button in my account settings. 2016-03-01 11:49:41 -08:00
Justin Shreve 9db1f65196 Hook up the payment token API to the my account > payment methods tab 2016-03-01 11:49:41 -08:00
Justin Shreve 5d8967c7d7 Prepare a list of payment methods for output on the payment methods "my account" page. 2016-03-01 11:49:40 -08:00
Mike Jolley fdddbff229 Fix my account endpoint with plain permalinks
@claudiosmweb Fixes #10390
2016-02-19 17:14:26 +00:00
Claudio Sanches 36c0b6047a Less "my" and more "ours" 2016-02-16 13:50:06 -02:00