<?php
bum_show_view("bum-page-login");
?>
<?php
} else {
?>
<?php
$pages = get_registration_pages();
?>
<?php
foreach ((array) $pages as $page) {
?>
<a class="registration-link-candidate" href="<?php
echo bum_get_permalink_registration("user_type=" . $page['role']);
?>
">
<?php
echo sprintf(__("Register as a %s", 'bum'), $page['name']);
?>
</a>
<?php
}
?>
<p class="registration-subnav">
<a href="<?php
echo bum_get_permalink_login();
?>
"><?php
<?php
/**
* @Author Jonathon byrd
* @link http://www.5twentystudios.com
* @Package Wordpress
* @SubPackage Better User Management
* @Since 1.0.0
* @copyright Copyright (C) 2011 5Twenty Studios
*
*/
defined('ABSPATH') or die("Cannot access pages directly.");
if (!get_option('users_can_register')) {
wp_redirect(bum_get_permalink_registration());
exit;
}
//initializing
$type = bum_get_registration_type();
if ($type) {
//get extra fields
$fields = get_term_by('slug', $type, BUM_HIDDEN_FIELDS);
require $view;
} else {
echo '<h2>Registration of this user role is not allowed.</h2>';
}
/**
* Function is responsible for initializing the login page
*
*/
function bum_init_page_login()
{
//reasons to return
if (!bum_is_page('Login')) {
return false;
}
// Redirect to https login if forced to use SSL
if (force_ssl_admin() && !is_ssl()) {
if (0 === strpos($_SERVER['REQUEST_URI'], 'http')) {
wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
exit;
} else {
wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
}
// Don't index any of these forms
add_filter('pre_option_blog_public', '__return_zero');
add_action('login_head', 'noindex');
//initializing
global $bum_action, $bum_errors, $bum_redirect_to, $bum_user, $bum_http_post, $bum_secure_cookie, $bum_interim_login, $bum_reauth, $bum_rememberme, $bum_messages_txt, $bum_errors_txt;
$bum_action = isset($_REQUEST['action']) ? $_REQUEST['action'] : 'login';
$bum_errors = new WP_Error();
if (isset($_GET['key'])) {
$bum_action = 'resetpass';
}
// validate action so as to default to the login screen
if (!in_array($bum_action, array('logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login'), true) && false === has_filter('login_form_' . $bum_action)) {
$bum_action = 'login';
}
nocache_headers();
header('Content-Type: ' . get_bloginfo('html_type') . '; charset=' . get_bloginfo('charset'));
if (defined('RELOCATE')) {
// Move flag is set
if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF']) {
$_SERVER['PHP_SELF'] = str_replace($_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF']);
}
$schema = is_ssl() ? 'https://' : 'http://';
if (dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']) != get_option('siteurl')) {
update_option('siteurl', dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']));
}
}
//Set a cookie now to see if they are supported by the browser.
setcookie(TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN);
if (SITECOOKIEPATH != COOKIEPATH) {
setcookie(TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN);
}
// allow plugins to override the default actions, and to add extra actions if they want
do_action('login_init');
do_action('login_form_' . $bum_action);
$bum_http_post = 'POST' == $_SERVER['REQUEST_METHOD'];
switch ($bum_action) {
case 'logout':
//check_admin_referer('log-out');
wp_logout();
$bum_redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : bum_get_permalink_login() . '?loggedout=true';
wp_safe_redirect($bum_redirect_to);
exit;
break;
case 'lostpassword':
case 'retrievepassword':
if ($bum_http_post) {
$bum_errors = bum_retrieve_password();
if (!is_wp_error($bum_errors)) {
$bum_redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : bum_get_permalink_login() . '&checkemail=confirm';
wp_safe_redirect($bum_redirect_to);
exit;
}
}
if (isset($_GET['error']) && 'invalidkey' == $_GET['error']) {
$bum_errors->add('invalidkey', __('Sorry, that key does not appear to be valid.'));
}
$bum_redirect_to = apply_filters('lostpassword_redirect', !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '');
do_action('lost_password');
break;
case 'resetpass':
case 'rp':
$bum_user = bum_check_password_reset_key($_GET['key'], $_GET['login']);
if (is_wp_error($bum_user)) {
wp_redirect(bum_get_permalink_login() . '?action=lostpassword&error=invalidkey');
exit;
}
$bum_errors = '';
if (isset($_POST['pass1']) && $_POST['pass1'] != $_POST['pass2']) {
$bum_errors = new WP_Error('password_reset_mismatch', __('The passwords do not match.'));
} elseif (isset($_POST['pass1']) && !empty($_POST['pass1'])) {
bum_reset_password($bum_user, $_POST['pass1']);
exit;
}
wp_enqueue_script('utils');
wp_enqueue_script('user-profile');
break;
case 'register':
wp_redirect(bum_get_permalink_registration());
exit;
break;
case 'login':
default:
//redirect if logged in
if (is_user_logged_in()) {
wp_redirect(get_bloginfo('url'));
exit;
}
$bum_secure_cookie = '';
$bum_interim_login = isset($_REQUEST['interim-login']);
// If the user wants ssl but the session is not ssl, force a secure cookie.
if (!empty($_POST['log']) && !force_ssl_admin()) {
$bum_user_name = sanitize_user($_POST['log']);
if ($bum_user = get_userdatabylogin($bum_user_name)) {
if (get_user_option('use_ssl', $bum_user->ID)) {
$bum_secure_cookie = true;
force_ssl_admin(true);
}
}
}
if (isset($_REQUEST['redirect_to'])) {
$bum_redirect_to = $_REQUEST['redirect_to'];
// Redirect to https if user wants ssl
if ($bum_secure_cookie && false !== strpos($bum_redirect_to, 'wp-admin')) {
$bum_redirect_to = preg_replace('|^http://|', 'https://', $bum_redirect_to);
}
} else {
$bum_redirect_to = admin_url();
}
$bum_reauth = empty($_REQUEST['reauth']) ? false : true;
// If the user was redirected to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure
// cookie and redirect back to the referring non-secure admin page. This allows logins to always be POSTed over SSL while allowing the user to choose visiting
// the admin via http or https.
if (!$bum_secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && 0 !== strpos($bum_redirect_to, 'https') && 0 === strpos($bum_redirect_to, 'http')) {
$bum_secure_cookie = false;
}
$bum_user = wp_signon('', $bum_secure_cookie);
$bum_redirect_to = apply_filters('login_redirect', $bum_redirect_to, isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '', $bum_user);
if (!is_wp_error($bum_user) && !$bum_reauth) {
if (empty($bum_redirect_to) || $bum_redirect_to == 'wp-admin/' || $bum_redirect_to == admin_url()) {
// If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile.
if (is_multisite() && !get_active_blog_for_user($bum_user->id)) {
$bum_redirect_to = user_admin_url();
} elseif (is_multisite() && !$bum_user->has_cap('read')) {
$bum_redirect_to = get_dashboard_url($bum_user->id);
} elseif (!$bum_user->has_cap('edit_posts')) {
$bum_redirect_to = bum_get_permalink_profile();
}
}
wp_safe_redirect($bum_redirect_to);
exit;
}
$bum_errors = $bum_user;
// Clear errors if loggedout is set.
if (!empty($_GET['loggedout']) || $bum_reauth) {
$bum_errors = new WP_Error();
}
// If cookies are disabled we can't log in even with a valid user+pass
if (isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE])) {
$bum_errors->add('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress."));
}
// Some parts of this script use the main login form to display a message
if (isset($_GET['loggedout']) && TRUE == $_GET['loggedout']) {
$bum_errors->add('loggedout', __('You are now logged out.'), 'message');
} elseif (isset($_GET['registration']) && 'disabled' == $_GET['registration']) {
$bum_errors->add('registerdisabled', __('User registration is currently not allowed.'));
} elseif (isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail']) {
$bum_errors->add('confirm', __('Check your e-mail for the confirmation link.'), 'message');
} elseif (isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail']) {
$bum_errors->add('newpass', __('Check your e-mail for your new password.'), 'message');
} elseif (isset($_GET['checkemail']) && 'registered' == $_GET['checkemail']) {
$bum_errors->add('registered', __('Registration complete. Please check your e-mail.'), 'message');
} elseif ($bum_interim_login) {
$bum_errors->add('expired', __('Your session has expired. Please log-in again.'), 'message');
}
// Clear any stale cookies.
if ($bum_reauth) {
wp_clear_auth_cookie();
}
if (isset($_POST['log'])) {
$bum_user_login = '******' == $bum_errors->get_error_code() || 'empty_password' == $bum_errors->get_error_code() ? esc_attr(stripslashes($_POST['log'])) : '';
}
$bum_rememberme = !empty($_POST['rememberme']);
break;
}
if ($bum_errors->get_error_code()) {
$bum_errors_txt = '';
$bum_messages_txt = '';
foreach ($bum_errors->get_error_codes() as $code) {
$bum_severity = $bum_errors->get_error_data($code);
foreach ($bum_errors->get_error_messages($code) as $error) {
if ('message' == $bum_severity) {
$bum_messages_txt .= ' ' . $error . "<br />\n";
} else {
$bum_errors_txt .= ' ' . $error . "<br />\n";
}
}
}
}
}
} else {
$form->addField('redirect_to', '', VFORM_HIDDEN, array(), array(), array('default' => esc_attr($bum_redirect_to)));
}
$form->addField('testcookie', '', VFORM_HIDDEN, array(), array(), array('default' => '1'));
echo $form->toHtml();
if (!$bum_interim_login) {
?>
<p id="nav">
<?php
if (isset($_GET['checkemail']) && in_array($_GET['checkemail'], array('confirm', 'newpass'))) {
?>
<?php
} elseif (get_option('users_can_register')) {
?>
<a href="<?php
echo bum_get_permalink_registration();
?>
"><?php
_e('Register');
?>
</a> |
<a href="<?php
echo bum_get_permalink_login('action=lostpassword');
?>
" title="<?php
_e('Password Lost and Found');
?>
"><?php
_e('Lost your password?');
?>
</a>
<H2 class="registration-title"><?php
echo ucwords($type);
?>
</H2>
<?php
$form = new ValidForm('registerform', '', bum_get_permalink_registration());
$form->addField('user_login', 'Username', VFORM_STRING, array('required' => true), array('required' => 'You need a username.'), array('tip' => 'Usernames cannot be changed.'));
$form->addField('user_email', 'Email', VFORM_EMAIL, array('required' => true), array('required' => 'You need an email.', 'type' => 'Email not valid.'));
$form->addField('user_email1', 'Confirm Email', VFORM_EMAIL, array('required' => true), array('required' => 'You need an email.', 'type' => 'Email not valid.'));
$form->addField('user_type', '', VFORM_HIDDEN, array(), array(), array('default' => $type));
/*
* This handles extra fields ( basically reading the field info and putting it into ValidForm )
* Currently handles `radio`, `checkbox`, `select`, `input_text` ( text field ), and `textarea`
*/
if ($fields->description) {
$fields = json_decode($fields->description);
foreach ($fields as $field) {
//get info
$info = bum_get_field_info($field);
$fid = 'bum_' . sanitize_title($info['title']);
//this is handling `radio`, `checkbox`, `select`
if (in_array($info['cssClass'], array('radio', 'checkbox', 'select'))) {
if ($info['cssClass'] == 'radio') {
$type = VFORM_RADIO_LIST;
} elseif ($info['cssClass'] == 'checkbox') {
$type = VFORM_CHECK_LIST;
} else {
$type = VFORM_SELECT_LIST;
}
//Multiple values are seperated by | ( pipe )
if (strpos($info['meta_value'], '|') !== false) {
