see https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/ajax-login-and-registration-modal-popup/ajax-login-and-registration-modal-popup-inline-form-224-reflected-cross-site-scripting Is this fixed or not?

• This topic was modified 2 days, 4 hours ago by keesjan.

Hi… I’m seeing a lot of deprecation notices in SWAL as shown below. I’m currently running PHP 7.4 but I think this will be a fatal error with PHP 8.

[26-Sep-2024 14:35:18 UTC] PHP Deprecated:  Creation of dynamic property Layers_SwAjaxLogin::$swal_add_native_facebook_login is deprecated in /home/jomsntug/public_html/staging.amapa.club/wp-content/plugins/sw-ajax-login/includes/class-sw-ajax-login.php on line 369
[26-Sep-2024 14:35:18 UTC] PHP Deprecated:  Creation of dynamic property Layers_SwAjaxLogin::$swal_add_native_twitter_login is deprecated in /home/jomsntug/public_html/staging.amapa.club/wp-content/plugins/sw-ajax-login/includes/class-sw-ajax-login.php on line 370
[26-Sep-2024 14:35:18 UTC] PHP Deprecated:  Creation of dynamic property Layers_SwAjaxLogin::$swal_add_native_google_login is deprecated in /home/jomsntug/public_html/staging.amapa.club/wp-content/plugins/sw-ajax-login/includes/class-sw-ajax-login.php on line 371
[26-Sep-2024 14:35:18 UTC] PHP Deprecated:  Creation of dynamic property Layers_SwAjaxLogin::$swal_add_native_linkedin_login is deprecated in /home/jomsntug/public_html/staging.amapa.club/wp-content/plugins/sw-ajax-login/includes/class-sw-ajax-login.php on line 372
[26-Sep-2024 14:35:18 UTC] PHP Deprecated:  Creation of dynamic property Layers_SwAjaxLogin::$swal_add_native_amazon_login is deprecated in /home/jomsntug/public_html/staging.amapa.club/wp-content/plugins/sw-ajax-login/includes/class-sw-ajax-login.php on line 373
[26-Sep-2024 14:35:18 UTC] PHP Deprecated:  Optional parameter $args declared before required parameter $inputicons is implicitly treated as a required parameter in /home/jomsntug/public_html/staging.amapa.club/wp-content/plugins/sw-ajax-login/includes/functions/register-custom-fields/functions-frontend-fields.php on line 12

This is also entered into github here: Deprecation notices for SWAL · Issue #44 · stranoweb/stranoweb-ajax-login (github.com)

Hello i have an error when i reset password and submit on reset form page

php 8.1

error log

[14-Aug-2024 14:21:30 UTC] PHP Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /home/wp-content/plugins/stranoweb-ajax-login/includes/functions/functions-forms.php on line 655
[14-Aug-2024 14:21:30 UTC] PHP Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /home/wp-content/plugins/stranoweb-ajax-login/includes/functions/functions-forms.php on line 1069
[14-Aug-2024 14:21:30 UTC] PHP Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /home/wp-content/plugins/stranoweb-ajax-login/includes/functions/functions-forms.php on line 1541
[14-Aug-2024 14:21:31 UTC] PHP Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /home/wp-content/plugins/stranoweb-ajax-login/includes/functions/functions-forms.php on line 655
[14-Aug-2024 14:21:31 UTC] PHP Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /home/wp-content/plugins/stranoweb-ajax-login/includes/functions/functions-forms.php on line 1069
[14-Aug-2024 14:21:31 UTC] PHP Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /home/wp-content/plugins/stranoweb-ajax-login/includes/functions/functions-forms.php on line 1541
[14-Aug-2024 14:21:32 UTC] PHP Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /home/wp-content/plugins/stranoweb-ajax-login/includes/functions/functions-forms.php on line 655
[14-Aug-2024 14:21:32 UTC] PHP Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /home/wp-content/plugins/stranoweb-ajax-login/includes/functions/functions-forms.php on line 1069
[14-Aug-2024 14:21:32 UTC] PHP Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /home/wp-content/plugins/stranoweb-ajax-login/includes/functions/functions-forms.php on line 1541
[14-Aug-2024 14:21:32 UTC] PHP Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /home/wp-content/plugins/stranoweb-ajax-login/includes/functions/functions-forms.php on line 655
[14-Aug-2024 14:21:32 UTC] PHP Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /home/wp-content/plugins/stranoweb-ajax-login/includes/functions/functions-forms.php on line 1069
[14-Aug-2024 14:21:32 UTC] PHP Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /home/wp-content/plugins/stranoweb-ajax-login/includes/functions/functions-forms.php on line 1541
[14-Aug-2024 14:24:48 UTC] PHP Warning: Undefined variable $output in /home /wp-content/plugins/stranoweb-ajax-login/includes/functions/functions.php on line 781

Hi, any recommendations of Google spam/email blacklist wp plugins that work with your great Ajax moduile login plugin?

Especially the warming when blacklisted should be in your modale popup.

Hey beeky2,

I’m trying to update to the just released version 2.0.6. It fails with a message Update failed: Download failed. Forbidden.

Hi… I’ve noticed that when there is a session timeout on a site (like leaving the site overnight and having the session timeout), then there is a modal that shows up with the login page showing in the modal. And then when you login via that page, after login the modal stays open and the content shown is whatever is set to be shown after user login.

It’s possible that this modal is a WP modal, but I’m not sure…

How can I get the SWAL login modal to show on session timeout instead rather than showing the WP login page in a modal?

See https://share.zight.com/5zuvzWOP

This is a heads-up on an issue posted on github in case it was missed…

Non-SWAL plugin details blocked by ‘swal_plugin_info’ · Issue #42 · stranoweb/stranoweb-ajax-login (github.com)

I’ve been having issues with some Pro plugins not displaying their update information when clicking on their details link in the WP plugins list. I tracked it down to SWAL being active. One of the developers, Jack from WP Fusion, looked into it and has responded that SWAL is hijacking the plugin details information. Here is his response:

_
It’s the hook added in class-sw-ajax-login.php:

add_filter(‘plugins_api’, array( $this, ‘swal_plugin_info’), 20, 3);

Any plugin that uses the plugins_api filter to add custom plugin updates passes through their filter. If the plugin name in question isn’t their plugin, they block the response.

Any plugin that uses EDD for updates (which is most) would be affected. You’ll need to contact them and ask them to fix it so that it doesn’t block other plugins from displaying update info.
_

Can you get this fixed?

Thanks,
-Norm

Hi, this is a great plugin and works 80% of the time. Sometimes for no reason this gets stuck at ‘Sending user info, please wait…’. How to troubleshoot this as this is so random and occurs 20% of the time?

Is there a script or error code that help diagnose what’s going on. Much appreciated.

• This topic was modified 10 months, 1 week ago by nknov12.

Hi! Thanks for this great plugin!

I translated to pt_BR and created a new file with this translation? How I can use the pt_BR language on this plugin?

Thanks

Hi Team,
We are using your plug-in “StranoWeb Ajax Login” with latest version WordPress. But the forgot password feature is not working. For your reference i have attached the image: https://tinyurl.com/yo7lqs9e

Hello, when I activate the pro version of the plugin, my site’s backend becomes extremely slow. It takes several minutes to load the administration panel. When I try to activate the pro version with the license, I get a server error on your side.

P.S.: I have successfully deactivated the free version. I am using WordPress version 6.3.1.

I dont want the plugin to change any other login forms. Posible with any filter ? my theme have nice login form & i dont want the plugin to change it.

When new user tries to register, he gets an error “You entered a not valid email address”. But the email address is correct, and the registration actually happens, just the user thinks it didn’t.

Hi,

I’m duplicating this error report here in hopes that I can get some attention paid to it.

I’m noticing a number of cannot modify headers warnings in the event logs (see below.) I think these are all happening as a result of wp-cron running and Ajax Login getting called. Maybe do a check to see if doing wp-cron, and if so, you probably don’t even need Ajax Login.

[25-Nov-2022 16:20:32 UTC] PHP Warning: Cannot modify header information - headers already sent in /content/plugins/stranoweb-ajax-login/includes/class-sw-ajax-login.php on line 882

Original issue report on github here:

https://github.com/stranoweb/stranoweb-ajax-login/issues/33

Thanks,
-Norm

the page can’t be found

https://mydomain.com/account/resetpassword/?key=cV7sfasdfsadfkasdfjaskdf

I read in your settings your plugin replaces default pages..

So I changed it to custom because I don’t see the resetpassword page I tried creating it but then I get an error

With your custom it did create pages but the key is invalid, so I had to request reset password 2 more times to get a link with the key that works

When saving any kind of content in a language (wpml) the .htaccess is being rewritten by sw-ajax-login’s function: “flush_rewrite_rules” with the language dir, causing a 500 error on whole site.

More info on this topic: https://wpml.org/errata/htaccess-is-rewritten-with-language-folder/

Hi @beeky2,

Is there a way to trigger the login modal via url param?

What I’m trying to accomplish is sending a contact to a specific url and prompt for login if they are not already logged in (and then not redirect them away from that page on login).

For example, sending someone to //mydomain.com/specific/page/#login would bring up the login modal if they aren’t already logged in, and then leave them on that page rather than redirect them to the standard login redirect page.

Thanks,
-Norm

I’m a premium user. How can I have a user go to the home page or the page they originally registered from when clicking the verification link that got sent to their email?

Hi,

I’m using Beaver Builder site builder with SWAL. I’ve been noticing that when in BB (or one of its addons like Power Pack) the text editor buttons get messed up (or completely disappear) when SWAL is active. Disabling SWAL reverts the text editor buttons to normal.

Here is a screenshot. On the left is a BB text editor without SWAL loaded, and the right shows the BB text editor with SWAL loaded. Notice between the two how different the text editor buttons are, and which buttons are available. It gets worse when some add-ons such as Power Pack are installed – I’ve seen the text editor buttons completely disappear when SWAL is activated.

https://share.getcloudapp.com/ApuXKkzy

If you need a test site set up to troubleshoot this, please let me know.

Thanks,
-Norm

Hello,

I would like to allow special characters for username.
Is it possible to do that?

Thanks

is this possible I found register, but I have a membership plugin that takes care of it.

Hi,

Recently the “Forgot password” link that is displayed on the popup modal isn’t working. Hovering over the link the url looks to be correct. But clicking on the link produces no action… it’s like the click goes into the bit bucket.

This was configured and worked not too long ago, but I just checked three of my sites and all of them are showing the same behavior (non-functional ‘Forgot password’ link).

Also, I tried it on a test site with Stranoweb being the only plugin active and the issue was there too.

Thanks,
-Norm

Hi, FYI…

I noticed that the following warning is entered into the host error log:

[02-Dec-2021 16:58:28 UTC] PHP Warning: Use of undefined constant SWAL_EMAIL_HEADER_IMAGE_ALIGN – assumed ‘SWAL_EMAIL_HEADER_IMAGE_ALIGN’ (this will throw an Error in a future version of PHP) in /wp-content/plugins/stranoweb-ajax-login/includes/functions/functions-email-templates.php on line 50

-Norm

Is there a way to remove the “Username” field from registration?

It was never asked when I used WP and WooCommerce registration.

I try to make my registration forms as simple as possible.

Thanks for such a great plugin. I purchases the premium version today.

-Chris

Hi,

I am really enjoying your plugin, but what I’m wondering is if you have a different shortcode for someone who wants to change their password when they are already logged in.

For example, on a user profile page, both the Reset form and Forgot PW shortcodes don’t work if you’re already logged in, as they want you to log out first and if you’re logged out, you can’t very well change your password that you already know.

So what i’m looking for is a shortcode to reset your password (change) once you’re logged in.

thanks,

Please check the login link in menu..

In other website the popup stays there intact..

However in this website, the popup comes out but it redirects to the login page..

How to stop that redirection and let the user logins via the popup on the same page?

Thanks

Where do I edit the text generated by shortcode [swal_show_reset_password_form] ?

If I visit Forgot Password page and am logged in, it gives a message that I must first log out to reset password. After I log out, I see text “Sorry, you need a valid key and login.” What is this and how can I get rid of it? This text does not appear if I visit the page without being logged in first.

Also, the text above the reset password form says “Back in Mind? Login”. I would also like to change this text, as I have no idea what “back in mind” means and I doubt customers will either. Is this a translation error? How can I change this text?

Hi,

It seems that the “logging in” message is set to display for a certain period of time. On slower websites, what happens is that the “logging in” message disappears but the overlay remains on the page until the page refreshes. Thus, there is a percieved difference because the message goes away but the user really isn’t logged in yet.

Can it be changed so that the logging in message stays on the screen until the page is redirected / refreshed?

Thanks,
-Norm

Hi,

When a user uses the forgot passoword link and submits their email, the message that is displayed is the login message, such as the custom message “Preparing your dashboard, please wait…”

I would like to request that a separate message be defined for the forgot password submission.

Thanks,
-Norm

Hi, I translated almost all the options using Loco Translate, except the text “Lost Password” on login box, how can i translate it?

Thank you