diff --git a/assets/js/add-listing.js b/assets/js/add-listing.js
index 891519f9a..bb5437011 100644
--- a/assets/js/add-listing.js
+++ b/assets/js/add-listing.js
@@ -95,19 +95,16 @@
"use strict";
__webpack_require__.r(__webpack_exports__);
-/* harmony import */ var _babel_runtime_helpers_defineProperty__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(/*! @babel/runtime/helpers/defineProperty */ "./node_modules/@babel/runtime/helpers/defineProperty.js");
-/* harmony import */ var _babel_runtime_helpers_defineProperty__WEBPACK_IMPORTED_MODULE_0___default = /*#__PURE__*/__webpack_require__.n(_babel_runtime_helpers_defineProperty__WEBPACK_IMPORTED_MODULE_0__);
-/* harmony import */ var _global_components_cache_category_custom_fields__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(/*! ../global/components/cache-category-custom-fields */ "./assets/src/js/global/components/cache-category-custom-fields.js");
-/* harmony import */ var _global_components_load_category_custom_fields__WEBPACK_IMPORTED_MODULE_2__ = __webpack_require__(/*! ../global/components/load-category-custom-fields */ "./assets/src/js/global/components/load-category-custom-fields.js");
-/* harmony import */ var _global_components_setup_select2__WEBPACK_IMPORTED_MODULE_3__ = __webpack_require__(/*! ../global/components/setup-select2 */ "./assets/src/js/global/components/setup-select2.js");
-/* harmony import */ var _public_components_colorPicker__WEBPACK_IMPORTED_MODULE_4__ = __webpack_require__(/*! ../public/components/colorPicker */ "./assets/src/js/public/components/colorPicker.js");
-/* harmony import */ var _public_components_colorPicker__WEBPACK_IMPORTED_MODULE_4___default = /*#__PURE__*/__webpack_require__.n(_public_components_colorPicker__WEBPACK_IMPORTED_MODULE_4__);
-/* harmony import */ var _public_components_directoristDropdown__WEBPACK_IMPORTED_MODULE_5__ = __webpack_require__(/*! ../public/components/directoristDropdown */ "./assets/src/js/public/components/directoristDropdown.js");
-/* harmony import */ var _public_components_directoristDropdown__WEBPACK_IMPORTED_MODULE_5___default = /*#__PURE__*/__webpack_require__.n(_public_components_directoristDropdown__WEBPACK_IMPORTED_MODULE_5__);
-/* harmony import */ var _public_components_directoristSelect__WEBPACK_IMPORTED_MODULE_6__ = __webpack_require__(/*! ../public/components/directoristSelect */ "./assets/src/js/public/components/directoristSelect.js");
-/* harmony import */ var _public_components_directoristSelect__WEBPACK_IMPORTED_MODULE_6___default = /*#__PURE__*/__webpack_require__.n(_public_components_directoristSelect__WEBPACK_IMPORTED_MODULE_6__);
-/* harmony import */ var _components_debounce__WEBPACK_IMPORTED_MODULE_7__ = __webpack_require__(/*! ./components/debounce */ "./assets/src/js/global/components/debounce.js");
-
+/* harmony import */ var _global_components_cache_category_custom_fields__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(/*! ../global/components/cache-category-custom-fields */ "./assets/src/js/global/components/cache-category-custom-fields.js");
+/* harmony import */ var _global_components_load_category_custom_fields__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(/*! ../global/components/load-category-custom-fields */ "./assets/src/js/global/components/load-category-custom-fields.js");
+/* harmony import */ var _global_components_setup_select2__WEBPACK_IMPORTED_MODULE_2__ = __webpack_require__(/*! ../global/components/setup-select2 */ "./assets/src/js/global/components/setup-select2.js");
+/* harmony import */ var _public_components_colorPicker__WEBPACK_IMPORTED_MODULE_3__ = __webpack_require__(/*! ../public/components/colorPicker */ "./assets/src/js/public/components/colorPicker.js");
+/* harmony import */ var _public_components_colorPicker__WEBPACK_IMPORTED_MODULE_3___default = /*#__PURE__*/__webpack_require__.n(_public_components_colorPicker__WEBPACK_IMPORTED_MODULE_3__);
+/* harmony import */ var _public_components_directoristDropdown__WEBPACK_IMPORTED_MODULE_4__ = __webpack_require__(/*! ../public/components/directoristDropdown */ "./assets/src/js/public/components/directoristDropdown.js");
+/* harmony import */ var _public_components_directoristDropdown__WEBPACK_IMPORTED_MODULE_4___default = /*#__PURE__*/__webpack_require__.n(_public_components_directoristDropdown__WEBPACK_IMPORTED_MODULE_4__);
+/* harmony import */ var _public_components_directoristSelect__WEBPACK_IMPORTED_MODULE_5__ = __webpack_require__(/*! ../public/components/directoristSelect */ "./assets/src/js/public/components/directoristSelect.js");
+/* harmony import */ var _public_components_directoristSelect__WEBPACK_IMPORTED_MODULE_5___default = /*#__PURE__*/__webpack_require__.n(_public_components_directoristSelect__WEBPACK_IMPORTED_MODULE_5__);
+/* harmony import */ var _components_debounce__WEBPACK_IMPORTED_MODULE_6__ = __webpack_require__(/*! ./components/debounce */ "./assets/src/js/global/components/debounce.js");
function _createForOfIteratorHelper(o, allowArrayLike) { var it = typeof Symbol !== "undefined" && o[Symbol.iterator] || o["@@iterator"]; if (!it) { if (Array.isArray(o) || (it = _unsupportedIterableToArray(o)) || allowArrayLike && o && typeof o.length === "number") { if (it) o = it; var i = 0; var F = function F() {}; return { s: F, n: function n() { if (i >= o.length) return { done: true }; return { done: false, value: o[i++] }; }, e: function e(_e) { throw _e; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var normalCompletion = true, didErr = false, err; return { s: function s() { it = it.call(o); }, n: function n() { var step = it.next(); normalCompletion = step.done; return step; }, e: function e(_e2) { didErr = true; err = _e2; }, f: function f() { try { if (!normalCompletion && it.return != null) it.return(); } finally { if (didErr) throw err; } } }; }
function _unsupportedIterableToArray(o, minLen) { if (!o) return; if (typeof o === "string") return _arrayLikeToArray(o, minLen); var n = Object.prototype.toString.call(o).slice(8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return Array.from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray(o, minLen); }
function _arrayLikeToArray(arr, len) { if (len == null || len > arr.length) len = arr.length; for (var i = 0, arr2 = new Array(len); i < len; i++) arr2[i] = arr[i]; return arr2; }
@@ -429,7 +426,7 @@ $(function () {
});
}
}
- Object(_global_components_load_category_custom_fields__WEBPACK_IMPORTED_MODULE_2__["default"])({
+ Object(_global_components_load_category_custom_fields__WEBPACK_IMPORTED_MODULE_1__["default"])({
categoryIds: categoryIds,
listingId: listingId,
directoryId: directoryId,
@@ -462,7 +459,7 @@ $(function () {
});
$('.atbdp_category_custom_fields-wrapper', getWrapper()).show();
customFieldSeeMore();
- var fieldsCache = Object(_global_components_cache_category_custom_fields__WEBPACK_IMPORTED_MODULE_1__["getCategoryCustomFieldsCache"])();
+ var fieldsCache = Object(_global_components_cache_category_custom_fields__WEBPACK_IMPORTED_MODULE_0__["getCategoryCustomFieldsCache"])();
Object.keys(fieldsCache).forEach(function (key) {
var el = document.querySelector("[data-id=\"".concat(key, "\"]"));
if (el === null) {
@@ -483,19 +480,19 @@ $(function () {
$('.directorist-form-categories-field').after('');
window.addEventListener('directorist-type-change', function () {
renderCategoryCustomFields();
- Object(_global_components_cache_category_custom_fields__WEBPACK_IMPORTED_MODULE_1__["cacheCategoryCustomFields"])();
+ Object(_global_components_cache_category_custom_fields__WEBPACK_IMPORTED_MODULE_0__["cacheCategoryCustomFields"])();
});
// Render category based fields on category change (frontend)
- $('#at_biz_dir-categories').on('change', Object(_components_debounce__WEBPACK_IMPORTED_MODULE_7__["default"])(function () {
+ $('#at_biz_dir-categories').on('change', Object(_components_debounce__WEBPACK_IMPORTED_MODULE_6__["default"])(function () {
renderCategoryCustomFields();
- Object(_global_components_cache_category_custom_fields__WEBPACK_IMPORTED_MODULE_1__["cacheCategoryCustomFields"])();
+ Object(_global_components_cache_category_custom_fields__WEBPACK_IMPORTED_MODULE_0__["cacheCategoryCustomFields"])();
}, 270));
// Render category based fields on category change (backend)
- $('#at_biz_dir-categorychecklist').on('change', Object(_components_debounce__WEBPACK_IMPORTED_MODULE_7__["default"])(function () {
+ $('#at_biz_dir-categorychecklist').on('change', Object(_components_debounce__WEBPACK_IMPORTED_MODULE_6__["default"])(function () {
renderCategoryCustomFields();
- Object(_global_components_cache_category_custom_fields__WEBPACK_IMPORTED_MODULE_1__["cacheCategoryCustomFields"])();
+ Object(_global_components_cache_category_custom_fields__WEBPACK_IMPORTED_MODULE_0__["cacheCategoryCustomFields"])();
}, 270));
// Make sure to place the following event trigger after the event bindings.
@@ -541,7 +538,7 @@ $(function () {
}
var on_processing = false;
var has_media = true;
- var quick_login_modal__success_callback = null;
+ var quickLoginModalSuccessCallback = null;
var $notification = $('#listing_notifier');
// -----------------------------
@@ -769,12 +766,11 @@ $(function () {
// Show the modal
modal.addClass('show');
- quick_login_modal__success_callback = function quick_login_modal__success_callback(args) {
+ quickLoginModalSuccessCallback = function quickLoginModalSuccessCallback($form, $submitButton) {
$('#guest_user_email').prop('disabled', true);
$notification.hide().html('');
- args.elements.submit_button.remove();
- var form_actions = args.elements.form.find('.directorist-form-actions');
- form_actions.find('.directorist-toggle-modal').removeClass('directorist-d-none');
+ $submitButton.remove();
+ $form.find('.directorist-form-actions').find('.directorist-toggle-modal').removeClass('directorist-d-none');
};
}
} else {
@@ -854,67 +850,58 @@ $(function () {
});
$('#quick-login-from-submit-btn').on('click', function (e) {
e.preventDefault();
- var form_id = $(this).data('form');
- var modal_id = $(this).data('form');
- var modal = $(modal_id);
- var form = $(form_id);
- var form_feedback = form.find('.directorist-form-feedback');
- var email = $(form).find('input[name="email"]');
- var password = $(form).find('input[name="password"]');
- var security = $(form).find('input[name="directorist-quick-login-security"]');
- var form_data = _babel_runtime_helpers_defineProperty__WEBPACK_IMPORTED_MODULE_0___default()({
+ var $form = $($(this).data('form'));
+ var $feedback = $form.find('.directorist-modal-alerts-area');
+ $feedback = $feedback.length ? $feedback : $form.find('.directorist-form-feedback');
+ var $email = $form.find('input[name="email"]');
+ var $password = $form.find('input[name="password"]');
+ var $token = $form.find('input[name="directorist-quick-login-security"]');
+ var $submit_button = $(this);
+ var submit_button_html = $submit_button.html();
+ var form_data = {
action: 'directorist_ajax_quick_login',
- username: email.val(),
- password: password.val(),
- rememberme: false
- }, 'directorist-quick-login-security', security.val());
- var submit_button = $(this);
- var submit_button_default_html = submit_button.html();
+ username: $email.val(),
+ password: $password.val(),
+ rememberme: false,
+ token: $token.val()
+ };
$.ajax({
method: 'POST',
url: directorist.ajaxurl,
data: form_data,
beforeSend: function beforeSend() {
- form_feedback.html('');
- submit_button.prop('disabled', true);
- submit_button.prepend(' ');
+ $feedback.html('');
+ $submit_button.prop('disabled', true);
+ $submit_button.prepend(' ');
},
success: function success(response) {
- submit_button.html(submit_button_default_html);
+ $submit_button.html(submit_button_html);
if (response.loggedin) {
- password.prop('disabled', true);
+ $password.prop('disabled', true);
var message = 'Successfully logged in, please continue to the listing submission';
var msg = '' + message + '
';
- form_feedback.html(msg);
- if (quick_login_modal__success_callback) {
- var args = {
- elements: {
- modal_id: modal_id,
- form: form,
- email: email,
- password: password,
- submit_button: submit_button
- }
- };
- quick_login_modal__success_callback(args);
+ $feedback.html(msg);
+ if (quickLoginModalSuccessCallback) {
+ quickLoginModalSuccessCallback($form, $submit_button);
}
+ regenerate_and_update_nonce();
} else {
var msg = '' + response.message + '
';
- form_feedback.html(msg);
- submit_button.prop('disabled', false);
+ $feedback.html(msg);
+ $submit_button.prop('disabled', false);
}
},
error: function error(_error2) {
console.log({
error: _error2
});
- submit_button.prop('disabled', false);
- submit_button.html(submit_button_default_html);
+ $submit_button.prop('disabled', false);
+ $submit_button.html(submit_button_html);
}
});
});
function addSticky() {
- $(window).scroll(Object(_components_debounce__WEBPACK_IMPORTED_MODULE_7__["default"])(function () {
+ $(window).scroll(Object(_components_debounce__WEBPACK_IMPORTED_MODULE_6__["default"])(function () {
var windowWidth = $(window).width();
var sidebarWidth = $(".multistep-wizard__nav").width();
var sidebarHeight = $(".multistep-wizard__nav").height();
@@ -1170,6 +1157,20 @@ $('body').on('click', function (e) {
multiStepWizard();
}
});
+function regenerate_and_update_nonce() {
+ $.ajax({
+ type: 'POST',
+ url: localized_data.ajaxurl,
+ data: {
+ action: 'directorist_generate_nonce'
+ },
+ success: function success(response) {
+ if (response.success) {
+ window.directorist.directorist_nonce = response.data.directorist_nonce;
+ }
+ }
+ });
+}
/***/ }),
diff --git a/assets/src/js/global/add-listing.js b/assets/src/js/global/add-listing.js
index 7fcee0524..f15c259e9 100644
--- a/assets/src/js/global/add-listing.js
+++ b/assets/src/js/global/add-listing.js
@@ -471,7 +471,7 @@ $(function() {
let on_processing = false;
let has_media = true;
- let quick_login_modal__success_callback = null;
+ let quickLoginModalSuccessCallback = null;
const $notification = $('#listing_notifier');
// -----------------------------
@@ -733,14 +733,16 @@ $(function() {
// Show the modal
modal.addClass('show');
- quick_login_modal__success_callback = function (args) {
+ quickLoginModalSuccessCallback = function($form, $submitButton) {
$('#guest_user_email').prop('disabled', true);
+
$notification.hide().html('');
- args.elements.submit_button.remove();
+ $submitButton.remove();
- var form_actions = args.elements.form.find('.directorist-form-actions');
- form_actions.find('.directorist-toggle-modal').removeClass('directorist-d-none');
+ $form.find('.directorist-form-actions')
+ .find('.directorist-toggle-modal')
+ .removeClass('directorist-d-none');
}
}
} else {
@@ -835,70 +837,62 @@ $(function() {
$('#quick-login-from-submit-btn').on('click', function (e) {
e.preventDefault();
- var form_id = $(this).data('form');
- var modal_id = $(this).data('form');
-
- var modal = $(modal_id);
- var form = $(form_id);
- var form_feedback = form.find('.directorist-form-feedback');
-
- var email = $(form).find('input[name="email"]');
- var password = $(form).find('input[name="password"]');
- var security = $(form).find('input[name="directorist-quick-login-security"]');
-
- var form_data = {
- action: 'directorist_ajax_quick_login',
- username: email.val(),
- password: password.val(),
+ const $form = $( $(this).data('form') );
+ let $feedback = $form.find('.directorist-modal-alerts-area');
+ $feedback = $feedback.length ? $feedback : $form.find('.directorist-form-feedback');
+ const $email = $form.find('input[name="email"]');
+ const $password = $form.find('input[name="password"]');
+ const $token = $form.find('input[name="directorist-quick-login-security"]');
+ const $submit_button = $(this);
+ const submit_button_html = $submit_button.html();
+
+ const form_data = {
+ action : 'directorist_ajax_quick_login',
+ username : $email.val(),
+ password : $password.val(),
rememberme: false,
- ['directorist-quick-login-security']: security.val(),
+ token : $token.val(),
};
- var submit_button = $(this);
- var submit_button_default_html = submit_button.html();
-
$.ajax({
method: 'POST',
url: directorist.ajaxurl,
data: form_data,
beforeSend: function () {
- form_feedback.html('');
- submit_button.prop('disabled', true);
- submit_button.prepend(' ');
+ $feedback.html('');
+ $submit_button.prop('disabled', true);
+ $submit_button.prepend(' ');
},
success: function (response) {
- submit_button.html(submit_button_default_html);
+ $submit_button.html(submit_button_html);
if (response.loggedin) {
- password.prop('disabled', true);
+ $password.prop('disabled', true);
+
var message = 'Successfully logged in, please continue to the listing submission';
var msg = '' + message + '
';
- form_feedback.html(msg);
-
- if (quick_login_modal__success_callback) {
- var args = {
- elements: {
- modal_id,
- form,
- email,
- password,
- submit_button
- }
- };
- quick_login_modal__success_callback(args);
+
+ $feedback.html(msg);
+
+ if (quickLoginModalSuccessCallback) {
+ quickLoginModalSuccessCallback($form, $submit_button);
}
+
+ regenerate_and_update_nonce();
} else {
var msg = '' + response.message + '
';
- form_feedback.html(msg);
- submit_button.prop('disabled', false);
+
+ $feedback.html(msg);
+ $submit_button.prop('disabled', false);
}
},
error: function (error) {
console.log({
error
});
- submit_button.prop('disabled', false);
- submit_button.html(submit_button_default_html);
+
+ $submit_button.prop('disabled', false);
+ $submit_button.html(submit_button_html);
},
});
});
@@ -1176,3 +1170,18 @@ $('body').on('click', function (e) {
multiStepWizard();
}
});
+
+function regenerate_and_update_nonce() {
+ $.ajax({
+ type: 'POST',
+ url: localized_data.ajaxurl,
+ data: {
+ action: 'directorist_generate_nonce'
+ },
+ success: function (response) {
+ if (response.success) {
+ window.directorist.directorist_nonce = response.data.directorist_nonce
+ }
+ }
+ });
+}
diff --git a/includes/classes/class-ajax-handler.php b/includes/classes/class-ajax-handler.php
index fe3823cdd..c8e6eaa98 100644
--- a/includes/classes/class-ajax-handler.php
+++ b/includes/classes/class-ajax-handler.php
@@ -123,6 +123,8 @@ public function __construct() {
// zipcode search
add_action( 'wp_ajax_directorist_zipcode_search', array( $this, 'zipcode_search' ) );
add_action( 'wp_ajax_nopriv_directorist_zipcode_search', array( $this, 'zipcode_search' ) );
+
+ add_action( 'wp_ajax_directorist_generate_nonce', [ $this, 'handle_generate_nonce' ] );
}
public function send_confirm_email() {
@@ -241,7 +243,15 @@ public function instant_search() {
// directorist_quick_ajax_login
public function directorist_quick_ajax_login() {
- if ( ! check_ajax_referer( 'directorist-quick-login-nonce', 'directorist-quick-login-security', false ) ) {
+ $nonce = '';
+
+ if ( isset( $_POST['token'] ) ) {
+ $nonce = sanitize_text_field( wp_unslash( $_POST['token'] ) );
+ } elseif ( isset( $_POST['directorist-quick-login-security'] ) ) {
+ $nonce = sanitize_text_field( wp_unslash( $_POST['directorist-quick-login-security'] ) );
+ }
+
+ if ( ! wp_verify_nonce( $nonce, 'directorist-quick-login-nonce' ) ) {
wp_send_json(
array(
'loggedin' => false,
@@ -263,13 +273,13 @@ public function directorist_quick_ajax_login() {
$password = ! empty( $_POST['password'] ) ? $_POST['password'] : ''; // @codingStandardsIgnoreLine.WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
$rememberme = ! empty( $_POST['rememberme'] ) ? boolval( $_POST['rememberme'] ) : false;
- $logged_in_user = wp_signon( array(
+ $user = wp_signon( array(
'user_login' => $username,
'user_password' => $password,
'remember' => $rememberme,
) );
- if ( is_wp_error( $logged_in_user ) ) {
+ if ( is_wp_error( $user ) ) {
wp_send_json(
array(
'loggedin' => false,
@@ -1690,6 +1700,17 @@ public function custom_field_search( $term_id = 0 ) {
wp_die();
}
}
+
+ public function handle_generate_nonce() {
+ // Ensure the user is logged in
+ if ( ! is_user_logged_in() ) {
+ wp_send_json_error( [ 'message' => __( 'User not logged in.', 'directorist' ) ] );
+ }
+
+ wp_send_json_success( [
+ 'directorist_nonce' => wp_create_nonce( directorist_get_nonce_key() )
+ ] );
+ }
}