function jwplayer_login_page()
{
if (!current_user_can('manage_options')) {
jwplayer_login_print_error('You do not have sufficient privileges to access this page.');
return;
}
if (!isset($_POST['apikey'], $_POST['apisecret'])) {
// Input var okay
jwplayer_login_form();
return;
}
// Check the nonce (counter XSRF)
if (isset($_POST['_wpnonce'])) {
// Input var okay
if (!wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['_wpnonce'])), 'jwplayer-login-nonce')) {
// Input var okay
jwplayer_login_print_error('Could not verify the form data.');
jwplayer_login_form();
return;
}
}
$api_key = isset($_POST['apikey']) ? sanitize_text_field(wp_unslash($_POST['apikey'])) : false;
// Input var okay
$api_secret = isset($_POST['apisecret']) ? sanitize_text_field(wp_unslash($_POST['apisecret'])) : false;
// Input var okay
$api_verified = jwplayer_login_verify_api_key_secret($api_key, $api_secret);
if (null === $api_verified) {
jwplayer_login_print_error('Communications with the JW Player API failed. Please try again later.');
jwplayer_login_form();
} elseif (false === $api_verified) {
jwplayer_login_print_error('Your API credentials were not accepted. Please try again.');
jwplayer_login_form();
} else {
// Perform the login.
update_option('jwplayer_api_key', $api_key);
update_option('jwplayer_api_secret', $api_secret);
$settings_page = get_admin_url(null, 'options-general.php?page=jwplayer_settings');
?>
<h2>Authorization succesful</h2>
<p>
You have successfully authorized the plugin to access your JW Player account.
</p>
<p>
You can now update <a href="<?php
echo esc_url($settings_page);
?>
">the settings of the JW Player plugin</a>.
</p>
<?php
}
}
function jwplayer_login_page()
{
if (!current_user_can('manage_options')) {
jwplayer_login_print_error('You do not have sufficient privileges to access this page.');
return;
}
if (!isset($_POST['apikey'], $_POST['apisecret'])) {
//input var okay
jwplayer_login_form();
return;
}
// Check the nonce (counter XSRF)
if (isset($_POST['_wpnonce'])) {
$nonce = sanitize_text_field($_POST['_wpnonce']);
//input var okay
if (!wp_verify_nonce($nonce, 'jwplayer-login-nonce')) {
jwplayer_login_print_error('Could not verify the form data.');
jwplayer_login_form();
return;
}
}
if (isset($_POST['apikey'])) {
$api_key = sanitize_text_field($_POST['apikey']);
//input var okay
}
if (isset($_POST['apisecret'])) {
$api_secret = sanitize_text_field($_POST['apisecret']);
//input var okay
}
$api_verified = jwplayer_login_verify_api_key_secret($api_key, $api_secret);
if (null === $api_verified) {
jwplayer_login_print_error('Communications with the JW Player API failed. Please try again later.');
jwplayer_login_form();
} elseif (false === $api_verified) {
jwplayer_login_print_error('Your API credentials were not accepted. Please try again.');
jwplayer_login_form();
} else {
// Perform the login.
update_option('jwplayer_api_key', $api_key);
update_option('jwplayer_api_secret', $api_secret);
echo '<h2>Authorization succesful</h2><p>You have successfully authorized the plugin to access your JW Player account. Returning you to the <a href="options-media.php">media settings</a> page...</p>';
// Perform a manual JavaScript redirect
echo '<script type="application/x-javascript">document.location.href = "options-general.php?page=jwplayer_settings"</script>';
}
}
function jwplayer_login()
{
if (!current_user_can('manage_options')) {
jwplayer_print_error('You do not have sufficient privileges to access this page.');
return;
}
if (!isset($_POST['username'], $_POST['password'])) {
//input var okay
jwplayer_login_form();
return;
}
// Check the nonce (counter XSRF)
$nonce = sanitize_text_field($_POST['_wpnonce']);
//input var okay
if (!wp_verify_nonce($nonce, 'jwplayer-login-nonce')) {
jwplayer_print_error('Could not verify the form data.');
jwplayer_login_form();
return;
}
if (isset($_POST['username'])) {
$login = sanitize_text_field($_POST['username']);
//input var okay
}
if (isset($_POST['password'])) {
$password = sanitize_text_field($_POST['password']);
//input var okay
}
$keysecret = jwplayer_get_api_key_secret($login, $password);
if (null === $keysecret) {
jwplayer_print_error('Communications with the JW Platform API failed. Please try again later.');
jwplayer_login_form();
} elseif (!isset($keysecret['key'], $keysecret['secret'])) {
jwplayer_print_error('Your login credentials were not accepted. Please try again.');
jwplayer_login_form();
} else {
// Perform the login.
update_option('jwplayer_login', $login);
update_option('jwplayer_api_key', $keysecret['key']);
update_option('jwplayer_api_secret', $keysecret['secret']);
echo '<h2>Logged in</h2><p>Logged in successfully. Returning you to the <a href="options-media.php">media settings</a> page...</p>';
// Perform a manual JavaScript redirect
echo '<script type="application/x-javascript">document.location.href = "options-media.php"</script>';
}
}
