function new_fb_redirect() { $redirect = get_site_transient(nextend_uniqid() . '_fb_r'); if (!$redirect || $redirect == '' || $redirect == new_fb_login_url()) { if (isset($_GET['redirect'])) { $redirect = $_GET['redirect']; } else { $redirect = site_url(); } } $redirect = wp_sanitize_redirect($redirect); $redirect = wp_validate_redirect($redirect, site_url()); header('LOCATION: ' . $redirect); delete_site_transient(nextend_uniqid() . '_fb_r'); exit; }
function new_fb_login_action() { global $wp, $wpdb, $new_fb_settings; if (isset($_GET['action']) && $_GET['action'] == 'unlink') { $user_info = wp_get_current_user(); if ($user_info->ID) { $wpdb->query($wpdb->prepare('DELETE FROM ' . $wpdb->prefix . 'social_users WHERE ID = %d AND type = \'fb\'', $user_info->ID)); set_site_transient($user_info->ID . '_new_fb_admin_notice', __('Your Facebook profile is successfully unlinked from your account.', 'nextend-facebook-connect'), 3600); } new_fb_redirect(); } require_once dirname(__FILE__) . '/sdk/init.php'; $user = $facebook->getUser(); if ($user && is_user_logged_in() && new_fb_is_user_connected()) { new_fb_redirect(); } elseif ($user) { // Register or Login try { // Proceed knowing you have a logged in user who's authenticated. $user_profile = $facebook->api('/me'); $ID = $wpdb->get_var($wpdb->prepare(' SELECT ID FROM ' . $wpdb->prefix . 'social_users WHERE type = "fb" AND identifier = "%d" ', $user_profile['id'])); if (!get_user_by('id', $ID)) { $wpdb->query($wpdb->prepare(' DELETE FROM ' . $wpdb->prefix . 'social_users WHERE ID = "%d" ', $ID)); $ID = null; } if (!is_user_logged_in()) { if ($ID == NULL) { // Register if (!isset($user_profile['email'])) { $user_profile['email'] = $user_profile['username'] . '@facebook.com'; } $ID = email_exists($user_profile['email']); if ($ID == false) { // Real register require_once ABSPATH . WPINC . '/registration.php'; $random_password = wp_generate_password($length = 12, $include_standard_special_chars = false); if (!isset($new_fb_settings['fb_user_prefix'])) { $new_fb_settings['fb_user_prefix'] = 'facebook-'; } $sanitized_user_login = sanitize_user($new_fb_settings['fb_user_prefix'] . $user_profile['username']); if (!validate_username($sanitized_user_login)) { $sanitized_user_login = sanitize_user('facebook' . $user_profile['id']); } $defaul_user_name = $sanitized_user_login; $i = 1; while (username_exists($sanitized_user_login)) { $sanitized_user_login = $defaul_user_name . $i; $i++; } $ID = wp_create_user($sanitized_user_login, $random_password, $user_profile['email']); if (!is_wp_error($ID)) { // wp_new_user_notification($ID, $random_password); $user_info = get_userdata($ID); wp_update_user(array('ID' => $ID, 'display_name' => $user_profile['name'], 'first_name' => $user_profile['first_name'], 'last_name' => $user_profile['last_name'])); $wpdb->insert('wp_vote_data', array('email' => $user_profile['email'], 'profile_picture' => 'https://graph.facebook.com/' . $user_profile['id'] . '/picture?type=large', 'gender' => $user_profile['gender'], 'source' => 'facebook'), array('%s', '%s', '%s', '%s')); //update_user_meta( $ID, 'new_fb_default_password', $user_info->user_pass); do_action('nextend_fb_user_registered', $ID, $user_profile, $facebook); } else { return; } } if ($ID) { $wpdb->insert($wpdb->prefix . 'social_users', array('ID' => $ID, 'type' => 'fb', 'identifier' => $user_profile['id']), array('%d', '%s', '%s')); } if (isset($new_fb_settings['fb_redirect_reg']) && $new_fb_settings['fb_redirect_reg'] != '' && $new_fb_settings['fb_redirect_reg'] != 'auto') { set_site_transient(nextend_uniqid() . '_fb_r', $new_twitter_settings['twitter_redirect_reg'], 3600); } } if ($ID) { // Login $secure_cookie = is_ssl(); $secure_cookie = apply_filters('secure_signon_cookie', $secure_cookie, array()); global $auth_secure_cookie; // XXX ugly hack to pass this to wp_authenticate_cookie $auth_secure_cookie = $secure_cookie; wp_set_auth_cookie($ID, true, $secure_cookie); $user_info = get_userdata($ID); update_user_meta($ID, 'fb_profile_picture', 'https://graph.facebook.com/' . $user_profile['id'] . '/picture?type=large'); do_action('wp_login', $user_info->user_login, $user_info); update_user_meta($ID, 'fb_user_access_token', $facebook->getAccessToken()); do_action('nextend_fb_user_logged_in', $ID, $user_profile, $facebook); } } else { $current_user = wp_get_current_user(); if ($current_user->ID == $ID) { // It was a simple login } elseif ($ID === NULL) { // Let's connect the accout to the current user! $wpdb->insert($wpdb->prefix . 'social_users', array('ID' => $current_user->ID, 'type' => 'fb', 'identifier' => $user_profile['id']), array('%d', '%s', '%s')); update_user_meta($current_user->ID, 'fb_user_access_token', $facebook->getAccessToken()); do_action('nextend_fb_user_account_linked', $ID, $user_profile, $facebook); $user_info = wp_get_current_user(); set_site_transient($user_info->ID . '_new_fb_admin_notice', __('Your Facebook profile is successfully linked with your account. Now you can sign in with Facebook easily.', 'nextend-facebook-connect'), 3600); } else { $user_info = wp_get_current_user(); set_site_transient($user_info->ID . '_new_fb_admin_notice', __('This Facebook profile is already linked with other account. Linking process failed!', 'nextend-facebook-connect'), 3600); } } new_fb_redirect(); } catch (FacebookApiException $e) { echo 'Caught exception: ', $e->getMessage(), "\n"; //echo '<pre>'.htmlspecialchars(print_r($e, true)).'</pre>'; $user = null; } exit; } else { if (!isset($_GET['code'])) { $scope = apply_filters('nextend_fb_scope', 'email'); $loginUrl = $facebook->getLoginUrl(array('scope' => $scope)); if (isset($new_fb_settings['fb_redirect']) && $new_fb_settings['fb_redirect'] != '' && $new_fb_settings['fb_redirect'] != 'auto') { $_GET['redirect'] = $new_fb_settings['fb_redirect']; } if (isset($_GET['redirect'])) { set_site_transient(nextend_uniqid() . '_fb_r', $_GET['redirect'], 3600); } $redirect = get_site_transient(nextend_uniqid() . '_fb_r'); if ($redirect == '' || $redirect == new_fb_login_url()) { set_site_transient(nextend_uniqid() . '_fb_r', site_url(), 3600); } header('Location: ' . $loginUrl); exit; } else { echo "Login error!"; exit; } } }
protected function clearPersistentData($key) { if (!in_array($key, self::$kSupportedKeys)) { self::errorLog('Unsupported key passed to clearPersistentData.'); return; } delete_site_transient(nextend_uniqid() . '_fb_' . $key); }
function new_twitter_login_action() { global $wp, $wpdb, $new_twitter_settings; if (isset($_GET['action']) && $_GET['action'] == 'unlink') { $user_info = wp_get_current_user(); if ($user_info->ID) { $wpdb->query($wpdb->prepare('DELETE FROM ' . $wpdb->prefix . 'social_users WHERE ID = %d AND type = \'twitter\'', $user_info->ID)); set_site_transient($user_info->ID . '_new_twitter_admin_notice', __('Your Twitter profile is successfully unlinked from your account.', 'nextend-twitter-connect'), 3600); } new_twitter_redirect(); } require dirname(__FILE__) . '/sdk/init.php'; $here = new_twitter_login_url(); $access_token = get_site_transient(nextend_uniqid() . '_twitter_at'); $oauth = get_site_transient(nextend_uniqid() . '_twitter_o'); if ($access_token !== false) { $tmhOAuth->config['user_token'] = $access_token['oauth_token']; $tmhOAuth->config['user_secret'] = $access_token['oauth_token_secret']; $code = $tmhOAuth->request('GET', $tmhOAuth->url('1.1/account/verify_credentials')); if ($code == 401) { $code = tmhUtilities::auto_fix_time_request($tmhOAuth, 'GET', $tmhOAuth->url('1.1/account/verify_credentials')); } if ($code == 200) { $resp = json_decode($tmhOAuth->response['response']); $ID = $wpdb->get_var($wpdb->prepare(' SELECT ID FROM ' . $wpdb->prefix . 'social_users WHERE type = "twitter" AND identifier = "%d" ', $resp->id)); if (!get_user_by('id', $ID)) { $wpdb->query($wpdb->prepare(' DELETE FROM ' . $wpdb->prefix . 'social_users WHERE ID = "%d" ', $ID)); $ID = null; } if (!is_user_logged_in()) { if ($ID == NULL) { // Register $email = new_twitter_request_email(); if ($ID == false) { // Real register require_once ABSPATH . WPINC . '/registration.php'; $random_password = wp_generate_password($length = 12, $include_standard_special_chars = false); if (!isset($new_twitter_settings['twitter_user_prefix'])) { $new_twitter_settings['twitter_user_prefix'] = 'Twitter - '; } $sanitized_user_login = sanitize_user($new_twitter_settings['twitter_user_prefix'] . $resp->screen_name); if (!validate_username($sanitized_user_login)) { $sanitized_user_login = sanitize_user('twitter' . $user_profile['id']); } $defaul_user_name = $sanitized_user_login; $i = 1; while (username_exists($sanitized_user_login)) { $sanitized_user_login = $defaul_user_name . $i; $i++; } $ID = wp_create_user($sanitized_user_login, $random_password, $email); if (!is_wp_error($ID)) { wp_new_user_notification($ID, $random_password); $user_info = get_userdata($ID); wp_update_user(array('ID' => $ID, 'display_name' => $resp->name, 'twitter' => $resp->screen_name)); $wpdb->insert('wp_vote_data', array('email' => $email, 'profile_picture' => $resp->profile_image_url, 'gender' => 'N/A', 'source' => 'twitter'), array('%s', '%s', '%s', '%s')); do_action('nextend_twitter_user_registered', $ID, $resp, $tmhOAuth); } else { return; } } if ($ID) { $wpdb->insert($wpdb->prefix . 'social_users', array('ID' => $ID, 'type' => 'twitter', 'identifier' => $resp->id), array('%d', '%s', '%s')); } if (isset($new_twitter_settings['twitter_redirect_reg']) && $new_twitter_settings['twitter_redirect_reg'] != '' && $new_twitter_settings['twitter_redirect_reg'] != 'auto') { set_site_transient(nextend_uniqid() . '_twitter_r', $new_twitter_settings['twitter_redirect_reg'], 3600); } } if ($ID) { // Login $secure_cookie = is_ssl(); $secure_cookie = apply_filters('secure_signon_cookie', $secure_cookie, array()); global $auth_secure_cookie; // XXX ugly hack to pass this to wp_authenticate_cookie $auth_secure_cookie = $secure_cookie; wp_set_auth_cookie($ID, true, $secure_cookie); $user_info = get_userdata($ID); do_action('wp_login', $user_info->user_login, $user_info); update_user_meta($ID, 'twitter_profile_picture', $resp->profile_image_url); do_action('nextend_twitter_user_logged_in', $ID, $resp, $tmhOAuth); } } else { if (new_twitter_is_user_connected()) { // It was a simple login } elseif ($ID === NULL) { // Let's connect the account to the current user! $current_user = wp_get_current_user(); $wpdb->insert($wpdb->prefix . 'social_users', array('ID' => $current_user->ID, 'type' => 'twitter', 'identifier' => $resp->id), array('%d', '%s', '%s')); $wpdb->insert('wp_vote_data', array('email' => $current_user->user_email, 'profile_picture' => $resp->profile_image_url, 'gender' => 'N/A', 'source' => 'twitter'), array('%s', '%s', '%s', '%s')); do_action('nextend_twitter_user_account_linked', $ID, $resp, $tmhOAuth); $user_info = wp_get_current_user(); set_site_transient($user_info->ID . '_new_twitter_admin_notice', __('Your Twitter profile is successfully linked with your account. Now you can sign in with Twitter easily.', 'nextend-twitter-connect'), 3600); } else { $user_info = wp_get_current_user(); set_site_transient($user_info->ID . '_new_twitter_admin_notice', __('This Twitter profile is already linked with other account. Linking process failed!', 'nextend-twitter-connect'), 3600); } } new_twitter_redirect(); } else { echo "Twitter Error 3"; exit; } // we're being called back by Twitter } elseif ($oauth !== false && isset($_REQUEST['oauth_verifier'])) { $tmhOAuth->config['user_token'] = $oauth['oauth_token']; $tmhOAuth->config['user_secret'] = $oauth['oauth_token_secret']; $params = array('oauth_verifier' => $_REQUEST['oauth_verifier']); $code = $tmhOAuth->request('POST', $tmhOAuth->url('oauth/access_token', ''), $params); if ($code == 401) { $code = tmhUtilities::auto_fix_time_request($tmhOAuth, 'POST', $tmhOAuth->url('oauth/access_token', ''), $params); } if ($code == 200) { $access_token = $tmhOAuth->extract_params($tmhOAuth->response['response']); set_site_transient(nextend_uniqid() . '_twitter_at', $access_token, 3600); delete_site_transient(nextend_uniqid() . '_twitter_o'); header("Location: " . $here); exit; } else { echo "Twitter Error 2"; exit; } // start the OAuth dance } else { if (isset($new_twitter_settings['twitter_redirect']) && $new_twitter_settings['twitter_redirect'] != '' && $new_twitter_settings['twitter_redirect'] != 'auto') { $_GET['redirect'] = $new_twitter_settings['twitter_redirect']; } if (isset($_GET['redirect'])) { set_site_transient(nextend_uniqid() . '_twitter_r', $_GET['redirect'], 3600); } $redirect = get_site_transient(nextend_uniqid() . '_twitter_r'); if ($redirect == '' || $redirect == new_twitter_login_url()) { $redirect = site_url(); set_site_transient(nextend_uniqid() . '_twitter_r', $redirect, 3600); } $callback = $here; $params = array('oauth_callback' => $callback); if (isset($_REQUEST['force_read'])) { $params['x_auth_access_type'] = 'read'; } $code = $tmhOAuth->request('POST', $tmhOAuth->url('oauth/request_token', ''), $params); if ($code == 401) { $code = tmhUtilities::auto_fix_time_request($tmhOAuth, 'POST', $tmhOAuth->url('oauth/request_token', ''), $params); } if ($code == 200) { $oauth = $tmhOAuth->extract_params($tmhOAuth->response['response']); set_site_transient(nextend_uniqid() . '_twitter_o', $oauth, 3600); $method = 'authenticate'; $force = isset($_REQUEST['force']) ? '&force_login=1' : ''; $authurl = $tmhOAuth->url("oauth/{$method}", '') . "?oauth_token={$oauth['oauth_token']}{$force}"; header('Location: ' . $authurl); exit; } else { //print_r($tmhOAuth); echo "Twitter Error 1"; exit; } } }