function pc_user_auth()
{
global $wpdb, $pc_users;
if (isset($_POST['type']) && $_POST['type'] == 'js_ajax_auth') {
include_once PC_DIR . '/classes/pc_form_framework.php';
include_once PC_DIR . '/classes/simple_form_validator.php';
include_once PC_DIR . '/functions.php';
$f_fw = new pc_form();
$validator = new simple_fv();
$indexes = array();
$indexes[] = array('index' => 'pc_auth_username', 'label' => 'username', 'required' => true);
$indexes[] = array('index' => 'pc_auth_psw', 'label' => 'psw', 'required' => true);
$indexes[] = array('index' => 'pc_remember_me', 'label' => 'remember me');
$validator->formHandle($indexes);
$error = $validator->getErrors();
$fdata = $validator->form_val;
// honeypot check
if (!$f_fw->honeypot_validaton()) {
echo json_encode(array('resp' => 'error', 'mess' => "Antispam - we've got a bot here!"));
die;
}
// error message
if ($error) {
die(json_encode(array('resp' => 'error', 'mess' => __('Incorrect username or password', 'pc_ml'))));
} else {
//// try to login
$response = pc_login($fdata['pc_auth_username'], $fdata['pc_auth_psw'], $fdata['pc_remember_me']);
// user not found
if (!$response) {
echo json_encode(array('resp' => 'error', 'mess' => __('Username or password incorrect', 'pc_ml')));
die;
} elseif ($response === 2 || $response === 3) {
echo json_encode(array('resp' => 'error', 'mess' => pc_get_message('pc_default_pu_mex')));
die;
}
// custom error
if ($response !== true) {
echo json_encode(array('resp' => 'error', 'mess' => $response));
die;
} else {
// redirect logged user to pvt page
if (get_option('pg_redirect_back_after_login') && isset($_SESSION['pc_last_restricted']) && filter_var($_SESSION['pc_last_restricted'], FILTER_VALIDATE_URL)) {
$redirect_url = $_SESSION['pc_last_restricted'];
} else {
// check for custom categories redirects
$custom_cat_redirect = pc_user_cats_login_redirect(pc_user_logged('categories'));
$redirect_url = $custom_cat_redirect ? $custom_cat_redirect : pc_man_redirects('pg_logged_user_redirect');
}
echo json_encode(array('resp' => 'success', 'mess' => pc_get_message('pc_login_ok_mex'), 'redirect' => $redirect_url));
die;
}
}
die;
// security block
}
}
function pc_wp_user_login_message($message)
{
if (isset($_GET['pc_disabled'])) {
if ((int) $_GET['pc_disabled'] === 3 || (int) $_GET['pc_disabled'] == 2) {
// pending user message
$message = pc_get_message('pc_default_pu_mex');
}
$message = '<div id="login_error">' . $message . '</div>';
}
return $message;
}
function pc_pvt_content_shortcode($atts, $content = null)
{
extract(shortcode_atts(array('allow' => 'all', 'block' => '', 'warning' => '1', 'message' => ''), $atts));
$custom_message = $message;
// if nothing is specified, return the content
if (trim($allow) == '') {
return do_shortcode($content);
}
include_once PC_DIR . '/functions.php';
// MESSAGES
// print something only if warning is active
if ($warning == '1') {
// switch for js login system
$js_login = !get_option('pg_js_inline_login') ? '' : ' - <span class="pc_login_trig pc_trigger">' . __('login', 'pc_ml') . '</span>';
// prepare the message if user is not logged
$message = '<div class="pc_login_block"><p>' . pc_get_message('pc_default_nl_mex', $message) . $js_login . '</p></div>';
// prepare message if user has not the right category
$not_has_level_err = '<div class="pc_login_block"><p>' . pc_get_message('pc_default_uca_mex', $message) . '</p></div>';
} else {
$message = '';
$not_has_level_err = '';
}
$response = pc_user_check($allow, $block, $wp_user_pass = true);
if ($response === 1) {
return do_shortcode($content);
} elseif ($response === 2) {
return $not_has_level_err;
} else {
// if has to be show to unlogged users return only custom message
if ($allow == 'unlogged') {
return !empty($custom_message) ? '<div class="pc_login_block"><p>' . $custom_message . '</p></div>' : '';
}
$login_form = isset($js_login) && $js_login ? '<div class="pc_inl_login_wrap" style="display: none;">' . pc_login_form() . '</div>' : '';
return $message . $login_form;
}
}
function pc_pvt_page_management($content)
{
include_once PC_DIR . '/functions.php';
global $wpdb, $post, $pc_users;
$orig_content = $content;
$target_page = (int) get_option('pg_target_page');
$curr_page_id = (int) get_the_ID();
// must be the chosen container page
if (pc_wpml_translated_pag_id($target_page) != pc_wpml_translated_pag_id(get_the_ID())) {
return $content;
}
// preview check
if (is_user_logged_in() && isset($_REQUEST['pc_pvtpag']) && isset($_REQUEST['pc_utok'])) {
if (!wp_verify_nonce($_REQUEST['pc_utok'], 'lcwp_nonce')) {
return 'Cheating?';
}
$GLOBALS['pc_user_id'] = (int) $_REQUEST['pc_pvtpag'];
}
// check logged user
$user_data = pc_user_logged(array('page_id', 'disable_pvt_page', 'wp_user_id'));
if (!$user_data) {
// return page content and eventually attach form
$login_form = pc_login_form();
$pvt_nl_content = get_option('pg_target_page_content');
//only original contents
if ($pvt_nl_content == 'original_content') {
$content = $content;
} elseif ($pvt_nl_content == 'original_plus_form') {
$content = $content . $login_form;
} elseif ($pvt_nl_content == 'form_plus_original') {
$content = $login_form . $content;
} else {
$content = $login_form;
}
return $content;
}
// if not have a reserved area
if (!empty($user_data['disable_pvt_page'])) {
return '<p>' . pc_get_message('pc_default_nhpa_mex') . '</p>';
}
// flag for pvt page usage
$GLOBALS['pc_pvt_page_is_displaying'] = true;
// private page contents
$page_data = get_post($user_data['page_id']);
$content = $page_data->post_content;
// if there's WP [embed] shortcode, execute it
if (strpos($content, '[/embed]') !== -1) {
global $wp_embed;
$content = $wp_embed->run_shortcode($content);
}
// PC-FILTER - private page contents - useful to customize what is returned
$content = apply_filters('pc_pvt_page_contents', $content);
$content = do_shortcode(wpautop($content));
// PC-ACTION - private page is being displayed - triggered in the_content hook
do_action('pc_pvt_page_display');
//// COMMENTS
// disable comments if not synced
if (!$pc_users->wp_user_sync || !get_option('pg_pvtpage_wps_comments') || !$user_data['wp_user_id'] || $page_data->comment_status != 'open') {
add_filter('comments_template', 'pc_comments_template', 500);
} else {
// override query
$GLOBALS['pc_custom_comments_template'] = 'original';
$GLOBALS['pc_pvt_page_id'] = $user_data['page_id'];
$GLOBALS['pc_pvt_page_obj'] = $page_data;
$GLOBALS['pc_pvt_page_container_id'] = $curr_page_id;
// override $post
global $post;
$post = get_post($user_data['page_id']);
// PC-ACTION - give the opportunity to override comments template
$custom_template = do_action('pc_pvt_page_comments_template');
if (!empty($custom_template)) {
$GLOBALS['pc_custom_comments_template'] = $custom_template;
}
add_filter('comments_template', 'pc_comments_template', 500);
}
return $content;
}
function pc_register_user()
{
global $wpdb, $pc_users;
if (isset($_POST['type']) && $_POST['type'] == 'pc_registration') {
require_once PC_DIR . '/classes/pc_form_framework.php';
require_once PC_DIR . '/classes/recaptchalib.php';
include_once PC_DIR . '/functions.php';
////////// VALIDATION ////////////////////////////////////
$term = get_term((int) $_REQUEST['form_id'], 'pc_reg_form');
if (!$term) {
$mess = json_encode(array('resp' => 'error', 'mess' => __('Form not found', 'pc_ml')));
die($mess);
}
$GLOBALS['pc_custom_cat_name'] = true;
$f_fw = new pc_form(array('use_custom_cat_name' => true, 'strip_no_reg_cats' => true));
$form_structure = unserialize(base64_decode($term->description));
$antispam = get_option('pg_antispam_sys', 'honeypot');
// custom validation indexes
$custom_indexes = array();
$indexes = $f_fw->generate_validator($form_structure, $custom_indexes);
//// prior custom validation
$cust_errors = array();
if ($antispam == 'honeypot') {
if (!$f_fw->honeypot_validaton()) {
$cust_errors[] = "Antispam - we've got a bot here!";
}
} else {
$privatekey = "6LfQas0SAAAAAIzpthJ7UC89nV9THR9DxFXg3nVL";
$resp = pc_recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
//var_dump($resp->is_valid);
if (!$resp->is_valid) {
$cust_errors[] = "reCAPTCHA - " . __("wasn't entered correctly", 'pc_ml');
}
}
// check disclaimer
if (get_option('pg_use_disclaimer') && !isset($_POST['pc_disclaimer'])) {
$cust_errors[] = __("Disclaimer", 'pc_ml') . " - " . __("must be accepted to proceed with registration", 'pc_ml');
}
// validation wrap-up
$is_valid = $f_fw->validate_form($indexes, $cust_errors, false, false);
$fdata = $f_fw->form_data;
if (!$is_valid) {
$error = $f_fw->errors;
} else {
$status = get_option('pg_registered_pending') ? 3 : 1;
$allow_wp_sync_fail = !get_option('pg_require_wps_registration') ? true : false;
// if no categories field - use forced or default ones
if (!isset($fdata['categories'])) {
$fdata['categories'] = isset($_POST['pc_cc']) && !empty($_POST['pc_cc']) ? explode(',', $_POST['pc_cc']) : get_option('pg_registration_cat');
if (isset($_POST['pc_cc']) && !empty($_POST['pc_cc'])) {
$GLOBALS['pc_escape_no_reg_cats'] = true;
}
// flag to bypass reg cats restrictions
}
// private page switch - put in form data
$fdata['disable_pvt_page'] = get_option('pg_registered_pvtpage') ? 0 : 1;
// insert user
$result = $pc_users->insert_user($fdata, $status, $allow_wp_sync_fail);
if (!$result) {
$error = $pc_users->validation_errors;
}
}
// results
if (isset($error) && !empty($error)) {
$mess = json_encode(array('resp' => 'error', 'mess' => $error));
die($mess);
} else {
// PC-ACTION - registered user - passes new user ID and status
do_action('pc_registered_user', $result, $status);
// success message
$mess = json_encode(array('resp' => 'success', 'mess' => pc_get_message('pc_default_sr_mex'), 'redirect' => pc_man_redirects('pg_registered_user_redirect')));
die($mess);
}
die;
// security block
}
}
<?php
// empty page to override comments template - checks comments restriction parameter
if (isset($GLOBALS['pc_comment_restriction_warning']) && !empty($GLOBALS['pc_comment_restriction_warning'])) {
$cr = $GLOBALS['pc_comment_restriction_warning'];
$key = $cr['check_result'] === 2 ? 'pc_default_hcwp_mex' : 'pc_default_hc_mex';
// switch for js login system
$js_login = $cr['check_result'] === 2 || !get_option('pg_js_inline_login') ? '' : ' - <span class="pc_login_trig pc_trigger">' . __('login', 'pc_ml') . '</span>';
$login_form = $js_login ? '<div class="pc_inl_login_wrap" style="display: none;">' . pc_login_form() . '</div>' : '';
// prepare the message if user is not logged
echo '<div class="pc_login_block pc_comment_hide"><p>' . pc_get_message($key) . $js_login . '</p></div>' . $login_form;
}
function pg_get_uca_message($mess = '')
{
return pc_get_message('pc_default_uca_mex', $mess);
}
