<?php /** * * MemberMouse(TM) (http://www.membermouse.com) * (c) MemberMouse, LLC. All rights reserved. */ require_once "../../../../../../../wp-config.php"; global $current_user; $userHooks = new MM_UserHooks(); if ($userHooks->checkEmployeeAccess() === false) { $url = MM_CorePageEngine::getUrl(MM_CorePageType::$ERROR, MM_Error::$ACCESS_DENIED); wp_redirect($url); exit; } $export_type = isset($_GET['export_type']) ? $_GET['export_type'] : "standard"; $includeBundleInfo = false; if ($export_type == 'standard' || $export_type == 'canceled_bundles') { if ((!isset($_GET['membership_id']) || !is_numeric($_GET['membership_id'])) && (!isset($_GET['bundle_id']) || !is_numeric($_GET['bundle_id']))) { exit; //must have membership ID or bundle ID } if (isset($_GET['membership_id'])) { $includeBundleInfo = true; $membership = new MM_MembershipLevel(); $membership->setId($_GET['membership_id']); $membership->getData(); if (!$membership->isValid()) { exit; } $filename = preg_replace("/([^A-za-z0-9\\s])/", "", strtolower($membership->getName()));
function loginRedirect($redirectTo, $request, $user) { // clear login form session parameters MM_Session::clear(MM_Session::$KEY_LOGIN_FORM_USER_ID); MM_Session::clear(MM_Session::$KEY_LOGIN_FORM_USERNAME); $newRedirectTo = ""; $allowUserOverride = true; if (class_exists("MM_CorePageEngine")) { if ($user instanceof WP_User && isset($user->data->ID) && intval($user->data->ID) > 0) { // check if this is an employee $employee = MM_Employee::findByUserId($user->data->ID); if ($employee->isValid()) { MM_Preview::clearPreviewMode(); MM_Preview::getData(); $newRedirectTo = $employee->getHomepage(); } if (empty($newRedirectTo)) { $mmUser = new MM_User($user->data->ID); if ($mmUser->getStatus() == MM_Status::$EXPIRED) { $allowUserOverride = false; $newRedirectTo = MM_CorePageEngine::getUrl(MM_CorePageType::$ERROR, MM_Error::$ACCOUNT_EXPIRED, $mmUser); wp_logout(); } else { if ($mmUser->getStatus() == MM_Status::$CANCELED) { $allowUserOverride = false; $newRedirectTo = MM_CorePageEngine::getUrl(MM_CorePageType::$ERROR, MM_Error::$ACCOUNT_CANCELED, $mmUser); wp_logout(); } else { if ($mmUser->getStatus() == MM_Status::$LOCKED) { $allowUserOverride = false; $newRedirectTo = MM_CorePageEngine::getUrl(MM_CorePageType::$ERROR, MM_Error::$ACCOUNT_LOCKED, $mmUser); wp_logout(); } else { if ($mmUser->getStatus() == MM_Status::$OVERDUE) { $newRedirectTo = MM_CorePageEngine::getUrl(MM_CorePageType::$MY_ACCOUNT, "", $mmUser); } else { MM_Preview::clearPreviewMode(); $setting = MM_OptionUtils::getOption(MM_OptionUtils::$OPTION_KEY_ON_LOGIN_USE_WP_FRONTPAGE); if ($setting == "1") { $newRedirectTo = MM_OptionUtils::getOption("siteurl"); } else { $newRedirectTo = MM_CorePageEngine::getUrl(MM_CorePageType::$MEMBER_HOME_PAGE, "", $mmUser); } $lastAccessDeniedPageID = MM_Session::value(MM_OptionUtils::$OPTION_KEY_LAST_PAGE_DENIED); // check if current member has access to the last access denied page $pce = new MM_ProtectedContentEngine(); if (intval($lastAccessDeniedPageID) > 0 && $pce->canAccessPost($lastAccessDeniedPageID, $mmUser->getId())) { $corePageEngine = new MM_CorePageEngine(); if (!$corePageEngine->arePermalinksUsed()) { $newRedirectTo = get_page_link($lastAccessDeniedPageID); } else { $newRedirectTo = get_permalink($lastAccessDeniedPageID); } } MM_Session::clear(MM_OptionUtils::$OPTION_KEY_LAST_PAGE_DENIED); MM_ActivityLog::log($mmUser, MM_ActivityLog::$EVENT_TYPE_LOGIN); if ($mmUser->hasReachedMaxIPCount()) { global $current_user, $user; $mmUser->setStatus(MM_Status::$LOCKED); $mmUser->commitData(); $newRedirectTo = MM_CorePageEngine::getUrl(MM_CorePageType::$ERROR, MM_Error::$ACCOUNT_LOCKED, $mmUser); wp_logout(); } } } } } if (empty($newRedirectTo)) { $newRedirectTo = MM_OptionUtils::getOption("siteurl"); } } } // give customer an opportunity to redirect the user if ($allowUserOverride) { $currentUrl = !empty($newRedirectTo) ? $newRedirectTo : $redirectTo; $infoObj = new stdClass(); $infoObj->currentUrl = $currentUrl; $infoObj->user = $user; $redirectOverride = apply_filters(MM_Filters::$LOGIN_REDIRECT, $infoObj); if (is_string($redirectOverride) && !empty($redirectOverride) && $redirectOverride != $currentUrl) { if (!defined("DOING_AJAX") || !DOING_AJAX) { wp_redirect($redirectOverride); exit; } else { return $redirectOverride; } } } if (!empty($newRedirectTo)) { return $newRedirectTo; } return $redirectTo; } }
function redirectToErrorPage() { $url = MM_CorePageEngine::getUrl(MM_CorePageType::$ERROR, MM_Error::$ACCESS_DENIED); wp_redirect($url); exit; }
/wp-login.php" method="post"> <table> <tr> <td>Username</td> <td><input type="text" id="log" name="log" /></td> </tr> <tr> <td>Password</td> <td><input type="password" id="pwd" name="pwd" /></td> </tr> <tr> <td></td> <td> <input type="submit" name="submit" value="Login" /> <input name="rememberme" type="checkbox" checked="checked" value="forever" /> Remember me </td> </tr> <tr> <td></td> <td> <a href="<?php echo MM_CorePageEngine::getUrl(MM_CorePageType::$FORGOT_PASSWORD); ?> ">Forgot Password</a> </td> </tr> </table> </form></textarea> </div> </div>
function processSignup($request, $provider) { //don't attempt to signup already logged in users if (MM_Utils::isLoggedIn()) { $loggedInUser = MM_Utils::getCurrentUser(); $redirectUrl = isset($request['redirect_url']) ? $request['redirect_url'] : MM_CorePageEngine::getUrl(MM_CorePageType::$MEMBER_HOME_PAGE, null, $loggedInUser); wp_redirect($redirectUrl); exit; } if (!$provider->allowsSignups()) { //configuration does not allow signups throw new Exception("Signups not allowed", "1001007"); } if (isset($request['membership_level'])) { $membershipLevel = trim($request['membership_level']); $membershipLevel = htmlentities($membershipLevel); if (!is_numeric($membershipLevel)) { //membership level was not passed as a valid id throw new Exception("Invalid Membership Level", "1001008"); } } else { $membershipLevel = $provider->getSignupMembershipLevel(); if (!is_numeric($membershipLevel) || $membershipLevel == 0) { //should never happen - default signup membership level is invalid throw new Exception("Invalid Default Membership Level", "1001009"); } } //ensure that if the chosen provider doesnt allow access to the email, and the provider is configured not to generate one, that one was supplied if ($provider->getEmailHandlingStrategy() == MM_AbstractSocialLoginExtension::$EMAIL_RETRIEVED_BY_POPUP && empty($request['email'])) { //email required but not supplied throw new Exception("No email supplied", "1001010"); } //Authenticate with the provider, and retrieve the remote user profile $authResponse = $provider->authenticate(); if (!MM_Response::isSuccess($authResponse)) { //error authenticating throw new Exception("Error authenticating with social network", "1001016"); } $profileResponse = $provider->getUserProfile(); if (!MM_Response::isSuccess($profileResponse)) { //retrievng profile failed throw new Exception("Unable to retrieve profile from social network", "1001011"); } $profile = $profileResponse->message; if (!isset($profile->identifier) || empty($profile->identifier)) { //invalid social network identifier returned throw new Exception("Invalid social network identifier", "1001012"); } //Populate memberinfo with the necessary member information, in the expected format $memberInfo = array(); $memberInfo["membership_level"] = $membershipLevel; if (isset($profile->firstName) && !empty($profile->firstName)) { $memberInfo['first_name'] = $profile->firstName; } if (isset($profile->lastName) && !empty($profile->lastName)) { $memberInfo['last_name'] = $profile->lastName; } $emailHandlingStrategy = $provider->getEmailHandlingStrategy(); if ($emailHandlingStrategy == MM_AbstractSocialLoginExtension::$EMAIL_RETRIEVED_BY_POPUP) { //TODO: sanitize email $memberInfo['email'] = $request['email']; } else { if ($emailHandlingStrategy == MM_AbstractSocialLoginExtension::$EMAIL_PROVIDED) { if (isset($profile->emailVerified) && !empty($profile->emailVerified)) { $memberInfo['email'] = $profile->emailVerified; } else { if (isset($profile->email) && !empty($profile->email)) { $memberInfo['email'] = $profile->email; } else { throw new Exception("Social Network provider was supposed to supply user email, but did not", "1001013"); } } } else { if ($emailHandlingStrategy == MM_AbstractSocialLoginExtension::$EMAIL_GENERATE_BOGUS_EMAIL) { $bogusUser = MM_Utils::createRandomString(8, true) . MM_Utils::createRandomString(24); //TODO: tag user portion of email with social network identifier $bogusDomain = "example.com"; $memberInfo['email'] = "{$bogusUser}@{$bogusDomain}"; } } } $socialSignupRequest = new MM_SocialLoginRequest($memberInfo); $response = $socialSignupRequest->submitRequest(); if (MM_Response::isSuccess($response)) { $newUser = $socialSignupRequest->getNewUser(); $provider->linkUserToSocialMediaAccount($newUser, $profile->identifier); $socialSignupRequest->completeSignup(); exit; } else { if (strpos($response->message, "already exists") !== false) { //the member signing up already exists, send them to login instead processLogin($request, $provider); exit; } throw new Exception($response->message, "1001014"); } //end signup block exit; }
</td> <td> <span style="font-family: courier; font-size: 11px;"> <textarea id='mm_checkout_free_message' name='mm_checkout_free_message' style="width: 380px; height: 50px;" onkeydown="updatePreviewButton()"><?php echo $checkoutFreeMessage; ?> </textarea> </span> </td> </tr> <tr> <td>CSS Class</td> <td> <span style="font-family: courier; font-size: 11px;"> <input type='text' id='mm_checkout_message_css' name='mm_checkout_message_css' value='<?php echo $checkoutMessageCSS; ?> ' size="45" onkeydown="updatePreviewButton()" /> </span> </td> </tr> </table> <div> <a id="mm-preview-button" target="_blank" href="<?php echo MM_CorePageEngine::getUrl(MM_CorePageType::$CHECKOUT, '') . "?mm-checkout-preview=true"; ?> " class="mm-ui-button green">Preview</a> <span id="mm-save-changes" style="display:none; font-size:11px;"><em>*save settings before previewing changes</em></span> </div> </div>