function pc_user_auth()
{
global $wpdb, $pc_users;
if (isset($_POST['type']) && $_POST['type'] == 'js_ajax_auth') {
include_once PC_DIR . '/classes/pc_form_framework.php';
include_once PC_DIR . '/classes/simple_form_validator.php';
include_once PC_DIR . '/functions.php';
$f_fw = new pc_form();
$validator = new simple_fv();
$indexes = array();
$indexes[] = array('index' => 'pc_auth_username', 'label' => 'username', 'required' => true);
$indexes[] = array('index' => 'pc_auth_psw', 'label' => 'psw', 'required' => true);
$indexes[] = array('index' => 'pc_remember_me', 'label' => 'remember me');
$validator->formHandle($indexes);
$error = $validator->getErrors();
$fdata = $validator->form_val;
// honeypot check
if (!$f_fw->honeypot_validaton()) {
echo json_encode(array('resp' => 'error', 'mess' => "Antispam - we've got a bot here!"));
die;
}
// error message
if ($error) {
die(json_encode(array('resp' => 'error', 'mess' => __('Incorrect username or password', 'pc_ml'))));
} else {
//// try to login
$response = pc_login($fdata['pc_auth_username'], $fdata['pc_auth_psw'], $fdata['pc_remember_me']);
// user not found
if (!$response) {
echo json_encode(array('resp' => 'error', 'mess' => __('Username or password incorrect', 'pc_ml')));
die;
} elseif ($response === 2 || $response === 3) {
echo json_encode(array('resp' => 'error', 'mess' => pc_get_message('pc_default_pu_mex')));
die;
}
// custom error
if ($response !== true) {
echo json_encode(array('resp' => 'error', 'mess' => $response));
die;
} else {
// redirect logged user to pvt page
if (get_option('pg_redirect_back_after_login') && isset($_SESSION['pc_last_restricted']) && filter_var($_SESSION['pc_last_restricted'], FILTER_VALIDATE_URL)) {
$redirect_url = $_SESSION['pc_last_restricted'];
} else {
// check for custom categories redirects
$custom_cat_redirect = pc_user_cats_login_redirect(pc_user_logged('categories'));
$redirect_url = $custom_cat_redirect ? $custom_cat_redirect : pc_man_redirects('pg_logged_user_redirect');
}
echo json_encode(array('resp' => 'success', 'mess' => pc_get_message('pc_login_ok_mex'), 'redirect' => $redirect_url));
die;
}
}
die;
// security block
}
}
function pc_wp_user_login($user_login, $user)
{
global $wpdb;
global $pc_wp_user;
// do not execute if is a pvtcontent login
if (!isset($GLOBALS['pc_wps_standard_login'])) {
$user_data = $pc_wp_user->wp_user_is_linked($user->ID);
if ($user_data) {
// PC-FILTER - custom login control for custom checks - passes false and user id - return message to abort login otherwise false
$custom_check = apply_filters('pc_login_custom_check', false, $user_data->id);
// check status
if ((int) $user_data->status !== 1 || $custom_check !== false) {
// Clear cookies -> log user out
wp_clear_auth_cookie();
$error_param = $custom_check !== false ? $custom_check : $user_data->status;
// redirect adding disabling parameter - for pc_wp_user_login_message() function
$login_url = site_url('wp-login.php', 'login');
$login_url = add_query_arg('pc_disabled', $error_param, $login_url);
wp_redirect($login_url);
exit;
} else {
include_once PC_DIR . '/functions.php';
//// login in pvtContent
// setup user session, cookie and global
$_SESSION['pc_user_id'] = $user_data->id;
$GLOBALS['pc_user_id'] = $user_data->id;
// set cookie
$cookie_time = isset($_POST['rememberme']) ? 3600 * 24 * 30 * 6 : 3600 * 6;
// 6 month or 6 hours
setcookie('pc_user', $user_data->id . '|||' . $user_data->psw, time() + $cookie_time, '/');
// update last login date
$wpdb->update(PC_USERS_TABLE, array('last_access' => current_time('mysql')), array('id' => $user_data->id));
//// redirect after login
// check for custom categories redirects
$custom_cat_redirect = pc_user_cats_login_redirect($user_data->categories);
if ($custom_cat_redirect) {
$redirect_url = $custom_cat_redirect;
} else {
if (get_option('pg_logged_user_redirect')) {
$redirect_url = pc_man_redirects('pg_logged_user_redirect');
} else {
$redirect_url = site_url();
}
}
wp_redirect($redirect_url);
exit;
}
}
}
}
