function pc_user_auth() { global $wpdb, $pc_users; if (isset($_POST['type']) && $_POST['type'] == 'js_ajax_auth') { include_once PC_DIR . '/classes/pc_form_framework.php'; include_once PC_DIR . '/classes/simple_form_validator.php'; include_once PC_DIR . '/functions.php'; $f_fw = new pc_form(); $validator = new simple_fv(); $indexes = array(); $indexes[] = array('index' => 'pc_auth_username', 'label' => 'username', 'required' => true); $indexes[] = array('index' => 'pc_auth_psw', 'label' => 'psw', 'required' => true); $indexes[] = array('index' => 'pc_remember_me', 'label' => 'remember me'); $validator->formHandle($indexes); $error = $validator->getErrors(); $fdata = $validator->form_val; // honeypot check if (!$f_fw->honeypot_validaton()) { echo json_encode(array('resp' => 'error', 'mess' => "Antispam - we've got a bot here!")); die; } // error message if ($error) { die(json_encode(array('resp' => 'error', 'mess' => __('Incorrect username or password', 'pc_ml')))); } else { //// try to login $response = pc_login($fdata['pc_auth_username'], $fdata['pc_auth_psw'], $fdata['pc_remember_me']); // user not found if (!$response) { echo json_encode(array('resp' => 'error', 'mess' => __('Username or password incorrect', 'pc_ml'))); die; } elseif ($response === 2 || $response === 3) { echo json_encode(array('resp' => 'error', 'mess' => pc_get_message('pc_default_pu_mex'))); die; } // custom error if ($response !== true) { echo json_encode(array('resp' => 'error', 'mess' => $response)); die; } else { // redirect logged user to pvt page if (get_option('pg_redirect_back_after_login') && isset($_SESSION['pc_last_restricted']) && filter_var($_SESSION['pc_last_restricted'], FILTER_VALIDATE_URL)) { $redirect_url = $_SESSION['pc_last_restricted']; } else { // check for custom categories redirects $custom_cat_redirect = pc_user_cats_login_redirect(pc_user_logged('categories')); $redirect_url = $custom_cat_redirect ? $custom_cat_redirect : pc_man_redirects('pg_logged_user_redirect'); } echo json_encode(array('resp' => 'success', 'mess' => pc_get_message('pc_login_ok_mex'), 'redirect' => $redirect_url)); die; } } die; // security block } }
function pc_wp_user_login($user_login, $user) { global $wpdb; global $pc_wp_user; // do not execute if is a pvtcontent login if (!isset($GLOBALS['pc_wps_standard_login'])) { $user_data = $pc_wp_user->wp_user_is_linked($user->ID); if ($user_data) { // PC-FILTER - custom login control for custom checks - passes false and user id - return message to abort login otherwise false $custom_check = apply_filters('pc_login_custom_check', false, $user_data->id); // check status if ((int) $user_data->status !== 1 || $custom_check !== false) { // Clear cookies -> log user out wp_clear_auth_cookie(); $error_param = $custom_check !== false ? $custom_check : $user_data->status; // redirect adding disabling parameter - for pc_wp_user_login_message() function $login_url = site_url('wp-login.php', 'login'); $login_url = add_query_arg('pc_disabled', $error_param, $login_url); wp_redirect($login_url); exit; } else { include_once PC_DIR . '/functions.php'; //// login in pvtContent // setup user session, cookie and global $_SESSION['pc_user_id'] = $user_data->id; $GLOBALS['pc_user_id'] = $user_data->id; // set cookie $cookie_time = isset($_POST['rememberme']) ? 3600 * 24 * 30 * 6 : 3600 * 6; // 6 month or 6 hours setcookie('pc_user', $user_data->id . '|||' . $user_data->psw, time() + $cookie_time, '/'); // update last login date $wpdb->update(PC_USERS_TABLE, array('last_access' => current_time('mysql')), array('id' => $user_data->id)); //// redirect after login // check for custom categories redirects $custom_cat_redirect = pc_user_cats_login_redirect($user_data->categories); if ($custom_cat_redirect) { $redirect_url = $custom_cat_redirect; } else { if (get_option('pg_logged_user_redirect')) { $redirect_url = pc_man_redirects('pg_logged_user_redirect'); } else { $redirect_url = site_url(); } } wp_redirect($redirect_url); exit; } } } }