Example #1
0
 /**
  * Our wp_authenticate pluggable check the captcha.
  * 
  * It also removed the strange default behaviour or not showing
  * an error message when only the username is provided
  */
 function wp_authenticate($username, $password)
 {
     global $palo_options, $palo_textdomain;
     $username = sanitize_user($username);
     $password = trim($password);
     $captcha_challenge;
     $captcha_answer;
     $user = apply_filters('authenticate', null, $username, $password);
     /**
      * Do nothing if no post data have been provided
      */
     if (empty($_POST)) {
         return $user;
     }
     /**
      * Force errors on missing username or password
      */
     if ($username == null || $password == null) {
         $user = new WP_Error('authentication_failed', __('<strong>ERROR</strong>: Invalid username or incorrect password.', $palo_textdomain));
     }
     if (!palo_captcha_test()) {
         if (!empty($user) && is_wp_error($user)) {
             $user->add('palo_captcha', '<strong>' . __('ERROR', $palo_textdomain) . '</strong>: ' . __($palo_options['palo_captcha_error_msg'], $palo_textdomain));
         } else {
             $user = new WP_Error('palo_captcha', '<strong>' . __('ERROR', $palo_textdomain) . '</strong>: ' . __($palo_options['palo_captcha_error_msg'], $palo_textdomain));
         }
     }
     if (!empty($user) && is_wp_error($user)) {
         do_action('wp_login_failed', $username);
     }
     return $user;
 }
Example #2
0
function rcl_get_login_user()
{
    global $wp_errors;
    $pass = sanitize_text_field($_POST['user_pass']);
    $login = sanitize_user($_POST['user_login']);
    $member = isset($_POST['rememberme']) ? intval($_POST['rememberme']) : 0;
    $url = esc_url($_POST['redirect_to']);
    $wp_errors = new WP_Error();
    if (!$pass || !$login) {
        $wp_errors->add('rcl_login_empty', __('Fill in the required fields!', 'wp-recall'));
        return $wp_errors;
    }
    if ($user = get_user_by('login', $login)) {
        $user_data = get_userdata($user->ID);
        $roles = $user_data->roles;
        $role = array_shift($roles);
        if ($role == 'need-confirm') {
            $wp_errors->add('rcl_login_confirm', __('Your email is not confirmed!', 'wp-recall'));
            return $wp_errors;
        }
    }
    $creds = array();
    $creds['user_login'] = $login;
    $creds['user_password'] = $pass;
    $creds['remember'] = $member;
    $user = wp_signon($creds, false);
    if (is_wp_error($user)) {
        $wp_errors = $user;
        return $wp_errors;
    } else {
        rcl_update_timeaction_user();
        wp_redirect(rcl_get_authorize_url($user->ID));
        exit;
    }
}
Example #3
0
 function non_strict_login($username, $raw_username, $strict)
 {
     if (!$strict) {
         return $username;
     }
     return sanitize_user(stripslashes($raw_username), false);
 }
Example #4
0
function ajax_register()
{
    // First check the nonce, if it fails the function will break
    check_ajax_referer('ajax-register-nonce', 'security');
    // Nonce is checked, get the POST data and sign user on
    $info = array();
    $info['user_nicename'] = $info['nickname'] = $info['display_name'] = $info['first_name'] = $info['user_login'] = sanitize_user($_POST['username']);
    $info['user_pass'] = sanitize_text_field($_POST['password']);
    $info['user_email'] = sanitize_email($_POST['email']);
    // Register the user
    $user_register = wp_insert_user($info);
    if (is_wp_error($user_register)) {
        $error = $user_register->get_error_codes();
        if (in_array('empty_user_login', $error)) {
            echo json_encode(array('loggedin' => false, 'message' => __('Xin lỗi, thông tin đăng nhập không hợp lệ.')));
        } else {
            if (in_array('existing_user_login', $error)) {
                echo json_encode(array('loggedin' => false, 'message' => __('Xin lỗi, tên đăng nhập này đã tồn tại.')));
            } else {
                if (in_array('existing_user_email', $error)) {
                    echo json_encode(array('loggedin' => false, 'message' => __('Xin lỗi, thư điện tử này đã tồn tại.')));
                }
            }
        }
        //        else echo json_encode(array('loggedin'=>false, 'message'=>__($user_register->get_error_messages($error))));
    } else {
        wp_insert_user($info);
        echo json_encode(array('loggedin' => true, 'message' => __('Đăng ký thành công.')));
    }
    die;
}
Example #5
0
 function get_userdatabylogin($user_login)
 {
     global $wpdb;
     $user_login = sanitize_user($user_login);
     if (empty($user_login)) {
         return false;
     }
     $userdata = wp_cache_get($user_login, 'userlogins');
     if ($userdata) {
         return $userdata;
     }
     if (!($user = $wpdb->get_row("SELECT * FROM {$wpdb->users} WHERE user_login = '******'"))) {
         return false;
     }
     $wpdb->hide_errors();
     $metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM {$wpdb->usermeta} WHERE user_id = '{$user->ID}'");
     $wpdb->show_errors();
     if ($metavalues) {
         foreach ($metavalues as $meta) {
             @($value = unserialize($meta->meta_value));
             if ($value === FALSE) {
                 $value = $meta->meta_value;
             }
             $user->{$meta->meta_key} = $value;
             // We need to set user_level from meta, not row
             if ($wpdb->prefix . 'user_level' == $meta->meta_key) {
                 $user->user_level = $meta->meta_value;
             }
         }
     }
     wp_cache_add($user->ID, $user, 'users');
     wp_cache_add($user->user_login, $user, 'userlogins');
     return $user;
 }
Example #6
0
 function wp_login($username, $password, $already_md5 = false)
 {
     global $wpdb, $error;
     $username = sanitize_user($username);
     if ('' == $username) {
         return false;
     }
     if ('' == $password) {
         $error = __('<strong>ERROR</strong>: The password field is empty.');
         return false;
     }
     $login = get_userdatabylogin($username);
     //$login = $wpdb->get_row("SELECT ID, user_login, user_pass FROM $wpdb->users WHERE user_login = '******'");
     if (!$login) {
         $error = __('<strong>ERROR</strong>: Invalid username.');
         return false;
     } else {
         // If the password is already_md5, it has been double hashed.
         // Otherwise, it is plain text.
         if ($already_md5 && md5($login->user_pass) == $password || $login->user_login == $username && $login->user_pass == md5($password)) {
             return true;
         } else {
             $error = __('<strong>ERROR</strong>: Incorrect password.');
             $pwd = '';
             return false;
         }
     }
 }
Example #7
0
 /**
  * Logs in the user
  *
  * Logs in the the user using wp_signon (since 2.5.2). If login 
  * is successful, it redirects and exits; otherwise "loginfailed"
  * is returned.
  *
  * @since 0.1
  *
  * @uses apply_filters Calls 'wpmem_login_redirect' hook to get $redirect_to
  *
  * @uses wp_signon
  * @uses wp_redirect Redirects to $redirect_to if login is successful
  * @return string Returns "loginfailed" if the login fails
  */
 function wpmem_login()
 {
     if (isset($_POST['redirect_to'])) {
         $redirect_to = $_POST['redirect_to'];
     } else {
         $redirect_to = $_SERVER['PHP_SELF'];
     }
     $redirect_to = apply_filters('wpmem_login_redirect', $redirect_to);
     if (isset($_POST['rememberme']) == 'forever') {
         $rememberme = true;
     } else {
         $rememberme = false;
     }
     if ($_POST['log'] && $_POST['pwd']) {
         $user_login = sanitize_user($_POST['log']);
         $user_login = wpmem_login_check_for_email($user_login);
         $creds = array();
         $creds['user_login'] = $user_login;
         $creds['user_password'] = $_POST['pwd'];
         $creds['remember'] = $rememberme;
         $user = wp_signon($creds, false);
         if (!is_wp_error($user)) {
             if (!$using_cookie) {
                 wp_setcookie($user_login, $user_pass, false, '', '', $rememberme);
             }
             wp_redirect($redirect_to);
             exit;
         } else {
             return "loginfailed";
         }
     } else {
         //login failed
         return "loginfailed";
     }
 }
Example #8
0
 /**
  * Checks post data and registers user
  * @return string
  */
 function register()
 {
     if (!empty($_REQUEST['register_ajax_widget'])) {
         $return = array();
         if ('POST' == $_SERVER['REQUEST_METHOD'] && !empty($_REQUEST['user_login']) && !empty($_REQUEST['user_email'])) {
             //require_once( ABSPATH . WPINC . '/registration.php');
             // todo - recaptcha
             $errors = register_new_user($_POST['user_login'], $_POST['user_email']);
             if (!is_wp_error($errors)) {
                 //Success
                 // do they have an envato id?
                 if (isset($_REQUEST['envato_purchase_code']) && !empty($_REQUEST['envato_purchase_code'])) {
                     // add this based on tc plugin.
                 }
                 $user_data = get_userdata($errors);
                 $return['result'] = true;
                 $return['message'] = __(sprintf('Thank you %s. Registration is complete. Please check your e-mail.', $user_data->user_login));
             } else {
                 //Something's wrong
                 $return['result'] = false;
                 $return['error'] = $errors->get_error_message() . "<br>Username: "******"/^jQuery[_a-zA-Z0-9]+\$/", $_REQUEST['callback'])) {
             $return = $_GET['callback'] . "({$return})";
         }
         echo $return;
         exit;
     }
 }
Example #9
0
 private function get_tweets_from_api($username, $args)
 {
     if (!class_exists('TwitterOAuth')) {
         //you need to reference the TwitterOAuth class for this to work
         $this->error = 'The TwitterOAuth class cannot be found. Please include twitteroauth.php!';
         return false;
     }
     $twitter_oauth = new TwitterOAuth($this->consumer_key, $this->consumer_secret, $this->access_key, $this->access_secret);
     //setup params
     $params = array();
     $params['screen_name'] = strip_tags(sanitize_user($username));
     if (array_key_exists('limit', $args)) {
         $params['count'] = intval($args['limit']);
     }
     if (array_key_exists('include_rts', $args)) {
         $params['include_rts'] = $args['include_rts'];
     }
     if (array_key_exists('exclude_replies', $args)) {
         $params['exclude_replies'] = $args['exclude_replies'];
     }
     $response = $twitter_oauth->get('statuses/user_timeline', $params);
     if (is_wp_error($response)) {
         $this->error = $response->get_error_message();
         return false;
     } else {
         if (isset($response->errors)) {
             $this->error = $response->errors;
             return false;
         } else {
             return $response;
         }
     }
 }
Example #10
0
 /**
  * Replace WordPress built-in authentication function
  * 
  * Replaces WP authentication function to allow for logging
  * login errors and removing messages if needed
  *
  * @param string $username user name
  * @param string $password user submitted password
  *
  * @return object 	WordPress user object
  *
  */
 function wp_authenticate($username, $password)
 {
     global $bwps, $bwpsoptions;
     //if away mode is currently restricting login return to homepage
     if ($bwps->checkaway()) {
         wp_redirect(get_option('siteurl'));
     }
     $username = sanitize_user($username);
     $password = trim($password);
     $user = apply_filters('authenticate', null, $username, $password);
     //if they're locked out due to too many bad logins display an error
     if ($bwpsoptions['ll_enabled'] == 1 && $bwps->checklock($username)) {
         do_action('wp_login_failed', $username);
         return new WP_Error('incorrect_password', __('<strong>ERROR</strong>: We are sorry , your ability to login has been suspended due to too many recent failed login attempts. Please try again later.', $bwps->hook));
     }
     //if there is no valud user object
     if ($user == null) {
         if ($bwpsoptions['ll_enabled'] == 1) {
             $bwps->logevent('1');
         }
         $user = new WP_Error('authentication_failed', __('<strong>ERROR</strong>: Invalid username or incorrect password.'));
     }
     $ignore_codes = array('empty_username', 'empty_password');
     //log if bad logins
     if (isset($_POST['wp-submit']) && $bwpsoptions['ll_enabled'] == 1 && is_wp_error($user)) {
         $bwps->logevent('1', $username);
     } elseif (is_wp_error($user) && !in_array($user->get_error_code(), $ignore_codes)) {
         if ($bwpsoptions['ll_enabled'] == 1) {
             $bwps->logevent('1', $username);
         }
         do_action('wp_login_failed', $username);
     }
     return $user;
     //returns user object or error message
 }
Example #11
0
 public static function get_username_or_die($user_id)
 {
     $user_data = Resource_Booking_Ajax_Common::get_user_data_or_die($user_id);
     $username = $user_data->display_name != "" ? $user_data->display_name . " (" . $user_data->user_email . ")" : $user_data->user_email;
     $username = sanitize_user($username, true);
     return $username;
 }
Example #12
0
function wppb_userdata_add_username($userdata, $global_request)
{
    if (isset($global_request['username'])) {
        $userdata['user_login'] = sanitize_user(trim($global_request['username']));
    }
    return $userdata;
}
Example #13
0
/**
 * WPSC add new user function, validates and adds a new user, for the
 *
 * @since 3.7
 *
 * @param string $user_login The user's username.
 * @param string $password The user's password.
 * @param string $user_email The user's email (optional).
 * @return int The new user's ID.
 */
function wpsc_add_new_user($user_login, $user_pass, $user_email)
{
    $errors = new WP_Error();
    $user_login = sanitize_user($user_login);
    $user_email = apply_filters('user_registration_email', $user_email);
    // Check the username
    if ($user_login == '') {
        $errors->add('empty_username', __('<strong>ERROR</strong>: Please enter a username.', 'wpsc'));
    } elseif (!validate_username($user_login)) {
        $errors->add('invalid_username', __('<strong>ERROR</strong>: This username is invalid.  Please enter a valid username.', 'wpsc'));
        $user_login = '';
    } elseif (username_exists($user_login)) {
        $errors->add('username_exists', __('<strong>ERROR</strong>: This username is already registered, please choose another one.', 'wpsc'));
    }
    // Check the e-mail address
    if ($user_email == '') {
        $errors->add('empty_email', __('<strong>ERROR</strong>: Please type your e-mail address.', 'wpsc'));
    } elseif (!is_email($user_email)) {
        $errors->add('invalid_email', __('<strong>ERROR</strong>: The email address isn&#8217;t correct.', 'wpsc'));
        $user_email = '';
    } elseif (email_exists($user_email)) {
        $errors->add('email_exists', __('<strong>ERROR</strong>: This email is already registered, please choose another one.', 'wpsc'));
    }
    if ($errors->get_error_code()) {
        return $errors;
    }
    $user_id = wp_create_user($user_login, $user_pass, $user_email);
    if (!$user_id) {
        $errors->add('registerfail', sprintf(__('<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !', 'wpsc'), get_option('admin_email')));
        return $errors;
    }
    $user = wp_signon(array('user_login' => $user_login, 'user_password' => $user_pass, 'remember' => true));
    wp_set_current_user($user->ID);
    return $user;
}
Example #14
0
 /**
  * AJAX Register.
  *
  * @since 1.0.0
  */
 public function ajax_register()
 {
     // First check the nonce, if it fails the function will break
     check_ajax_referer('vr-ajax-register-nonce', 'vr-secure-register');
     // Nonce is checked, Get to work
     $info = array();
     $info['user_nicename'] = $info['nickname'] = $info['display_name'] = $info['first_name'] = $info['user_login'] = sanitize_user($_POST['register_username']);
     $info['user_pass'] = sanitize_text_field($_POST['register_pwd']);
     $info['user_email'] = sanitize_email($_POST['register_email']);
     // Register the user
     $user_register = wp_insert_user($info);
     if (is_wp_error($user_register)) {
         $error = $user_register->get_error_codes();
         if (in_array('empty_user_login', $error)) {
             echo json_encode(array('success' => false, 'message' => __($user_register->get_error_message('empty_user_login'))));
         } elseif (in_array('existing_user_login', $error)) {
             echo json_encode(array('success' => false, 'message' => __('This username already exists.', 'VRC')));
         } elseif (in_array('existing_user_email', $error)) {
             echo json_encode(array('success' => false, 'message' => __('This email is already registered.', 'VRC')));
         }
     } else {
         /**
          * Object: VR_Member class.
          *
          * @since 1.0.0
          */
         $vr_member_object = new VR_Member();
         $vr_member_object->ajax_user_authenticate($info['user_login'], $info['user_pass'], __('Registration', 'VRC'));
     }
     die;
 }
Example #15
0
 function confirm_email($user, $key)
 {
     require_once WPPR_PLUGIN_DIR . '/models/signup-model.php';
     $model = new Signup_Model();
     if (isset($_GET['key']) && !empty($_GET['key']) && isset($_GET['user']) && !empty($_GET['user'])) {
         //Sanitize keys
         $model->key = sanitize_key($_GET['key']);
         $model->user = sanitize_user($_GET['user']);
         $result = $model->validate_key();
         if ($result !== false && !username_exists($model->user)) {
             $userdata = array($model->user, $model->user, $result['signup_password'], $result['signup_email'], $result['signup_date'], $model->user);
             //Transfer record from wp_signup table to wp_users
             $confirmed = $model->register_user($userdata);
             if ($confirmed) {
                 // Notify admin of new registration
                 //wp_new_user_notification( $result );
                 echo $this->redirect_on_success();
             } else {
                 echo $this->redirect_on_error();
             }
         } else {
             echo $this->redirect_on_error();
         }
     }
 }
Example #16
0
function ap_find_mentioned_users($content)
{
    global $wpdb;
    // Find all mentions in content.
    preg_match_all('/(?:[\\s.]|^)@(\\w+)/', $content, $matches);
    if (is_array($matches) && count($matches) > 0 && !empty($matches[0])) {
        $user_logins = array();
        // Remove duplicates.
        $unique_logins = array_unique($matches[0]);
        foreach ($unique_logins as $user_login) {
            $user_logins[] = sanitize_title_for_query(sanitize_user(wp_unslash($user_login), true));
        }
        if (count($user_logins) == 0) {
            return false;
        }
        $user_logins_s = "'" . implode("','", $user_logins) . "'";
        $key = md5($user_logins_s);
        $cache = wp_cache_get($key, 'ap_user_ids');
        if (false !== $cache) {
            return $cache;
        }
        $query = $wpdb->prepare("SELECT id, user_login FROM {$wpdb->users} WHERE user_login IN ({$user_logins_s})");
        $result = $wpdb->get_results($query);
        wp_cache_set($key, $result, 'ap_user_ids');
        return $result;
    }
    return false;
}
Example #17
0
function ajax_register()
{
    // First check the nonce, if it fails the function will break
    check_ajax_referer('ajax-register-nonce', 'security');
    // Nonce is checked, get the POST data and sign user on
    $info = array();
    $info['user_nicename'] = $info['nickname'] = $info['display_name'] = $info['first_name'] = $info['user_login'] = sanitize_user($_POST['username']);
    $info['user_pass'] = sanitize_text_field($_POST['password']);
    $info['user_email'] = sanitize_email($_POST['email']);
    // Register the user
    $user_register = wp_insert_user($info);
    if (is_wp_error($user_register)) {
        $error = $user_register->get_error_codes();
        if (in_array('empty_user_login', $error)) {
            echo json_encode(array('loggedin' => false, 'message' => __($user_register->get_error_message('empty_user_login'))));
        } elseif (in_array('existing_user_login', $error)) {
            echo json_encode(array('loggedin' => false, 'message' => __('This username is already registered.')));
        } elseif (in_array('existing_user_email', $error)) {
            echo json_encode(array('loggedin' => false, 'message' => __('This email address is already registered.')));
        }
    } else {
        auth_user_login($info['nickname'], $info['user_pass'], 'Registration');
    }
    die;
}
Example #18
0
 public function registration($userdata)
 {
     $reg_errors = new WP_Error();
     if (!isset($userdata) && empty($userdata) && !is_array($userdata)) {
         $reg_errors->add('data_invalid', 'Chybí vstupní data');
         return $reg_errors;
     }
     $userLogin = array_key_exists('user_login', $userdata) ? sanitize_user($userdata['user_login']) : '';
     $userPass = array_key_exists('user_pass', $userdata) ? esc_attr($userdata['user_pass']) : '';
     $userEmail = array_key_exists('user_email', $userdata) ? sanitize_email($userdata['user_email']) : '';
     $userUrl = array_key_exists('user_url', $userdata) ? esc_url($userdata['user_url']) : '';
     $firstName = array_key_exists('first_name', $userdata) ? sanitize_text_field($userdata['first_name']) : '';
     $lastName = array_key_exists('last_name', $userdata) ? sanitize_text_field($userdata['last_name']) : '';
     $nickname = array_key_exists('nickname', $userdata) ? sanitize_text_field($userdata['nickname']) : '';
     $description = array_key_exists('description', $userdata) ? sanitize_text_field($userdata['description']) : '';
     if (empty($userLogin) || empty($userPass) || empty($userEmail)) {
         $reg_errors->add('field', 'Nejsou vyplnněny povinné pole formuláře.');
     }
     if (4 > strlen($userLogin)) {
         $reg_errors->add('username_length', 'Příliš krátké uživatelské jméno. Zadejte minimálně 5 znaků.');
     }
     if (username_exists($userLogin)) {
         $reg_errors->add('user_name', 'Je nám líto ale uživatelské jméno již existuje.');
     }
     if (!validate_username($userLogin)) {
         $reg_errors->add('username_invalid', 'Neplatné uživatelské jméno.');
     }
     if (5 > strlen($userPass)) {
         $reg_errors->add('password', 'Heslo musí obsahovat minimálně 6 znaků.');
     }
     if (!is_email($userEmail)) {
         $reg_errors->add('email_invalid', 'Zadaný e-mail je ve špatném formátu.');
     }
     if (email_exists($userEmail)) {
         $reg_errors->add('email', 'Zadaný e-mail již existuje.');
     }
     if (!empty($userUrl)) {
         if (!filter_var($userUrl, FILTER_VALIDATE_URL)) {
             $reg_errors->add('website', 'Url adresa Vašich stránek není validní.');
         }
     }
     if (is_wp_error($reg_errors) && count($reg_errors->errors) > 0) {
         return $reg_errors;
     }
     $_userdata = array('user_login' => $userLogin, 'user_email' => $userEmail, 'user_pass' => $userPass, 'user_url' => $userUrl, 'first_name' => $firstName, 'last_name' => $lastName, 'nickname' => $nickname, 'description' => $description, 'role' => 'customer');
     $user_id = wp_insert_user($_userdata);
     if (is_wp_error($user_id)) {
         $reg_errors->add('insert_user', 'Registraci nelze dokončit. Kontaktujte prosím správce webu.');
         return $reg_errors;
     }
     // Woocomerce data
     if (array_key_exists('billing_first_name', $userdata)) {
         add_user_meta($user_id, $meta_key, $meta_value, $unique);
     }
     $description = array_key_exists('description', $userdata) ? sanitize_text_field($userdata['description']) : '';
     return $user_id;
 }
Example #19
0
 /**
  * Log an activity item.
  * @access public
  * @since  1.0.0
  * @param  array $args (default: array())
  * @return bool | int
  */
 public static function sensei_log_activity($args = array())
 {
     global $wpdb;
     // Args, minimum data required for WP
     $data = array('comment_post_ID' => intval($args['post_id']), 'comment_author' => '', 'comment_author_email' => '', 'comment_author_url' => '', 'comment_content' => !empty($args['data']) ? esc_html($args['data']) : '', 'comment_type' => esc_attr($args['type']), 'user_id' => intval($args['user_id']), 'comment_approved' => !empty($args['status']) ? esc_html($args['status']) : 'log');
     // Allow extra data
     if (!empty($args['username'])) {
         $data['comment_author'] = sanitize_user($args['username']);
     }
     if (!empty($args['user_email'])) {
         $data['comment_author_email'] = sanitize_email($args['user_email']);
     }
     if (!empty($args['user_url'])) {
         $data['comment_author_url'] = esc_url($args['user_url']);
     }
     if (!empty($args['parent'])) {
         $data['comment_parent'] = $args['parent'];
     }
     // Sanity check
     if (empty($args['user_id'])) {
         _deprecated_argument(__FUNCTION__, '1.0', __('At no point should user_id be equal to 0.', 'woothemes-sensei'));
         return false;
     }
     do_action('sensei_log_activity_before', $args, $data);
     $flush_cache = false;
     // Custom Logic
     // Check if comment exists first
     $comment_id = $wpdb->get_var($wpdb->prepare("SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = %d AND user_id = %d AND comment_type = %s ", $args['post_id'], $args['user_id'], $args['type']));
     if (!$comment_id) {
         // Add the comment
         $comment_id = wp_insert_comment($data);
         $flush_cache = true;
     } elseif (isset($args['action']) && 'update' == $args['action']) {
         // Update the comment if an update was requested
         $data['comment_ID'] = $comment_id;
         // By default update the timestamp of the comment
         if (empty($args['keep_time'])) {
             $data['comment_date'] = current_time('mysql');
         }
         wp_update_comment($data);
         $flush_cache = true;
     }
     // End If Statement
     // Manually Flush the Cache
     if ($flush_cache) {
         wp_cache_flush();
     }
     do_action('sensei_log_activity_after', $args, $data, $comment_id);
     if (0 < $comment_id) {
         // Return the ID so that it can be used for meta data storage
         return $comment_id;
     } else {
         return false;
     }
     // End If Statement
 }
Example #20
0
function username_exists($username)
{
    global $wpdb;
    $username = sanitize_user($username);
    $user = get_userdatabylogin($username);
    if ($user) {
        return $user->ID;
    }
    return null;
}
Example #21
0
function wp_signon($credentials = '')
{
    if (empty($credentials)) {
        if (!empty($_POST['log'])) {
            $credentials['user_login'] = $_POST['log'];
        }
        if (!empty($_POST['pwd'])) {
            $credentials['user_password'] = $_POST['pwd'];
        }
        if (!empty($_POST['rememberme'])) {
            $credentials['remember'] = $_POST['rememberme'];
        }
    }
    if (!empty($credentials['user_login'])) {
        $credentials['user_login'] = sanitize_user($credentials['user_login']);
    }
    if (!empty($credentials['user_password'])) {
        $credentials['user_password'] = trim($credentials['user_password']);
    }
    if (!empty($credentials['remember'])) {
        $credentials['remember'] = true;
    } else {
        $credentials['remember'] = false;
    }
    do_action_ref_array('wp_authenticate', array(&$credentials['user_login'], &$credentials['user_password']));
    // If no credential info provided, check cookie.
    if (empty($credentials['user_login']) && empty($credentials['user_password'])) {
        $user = wp_validate_auth_cookie();
        if ($user) {
            return new WP_User($user);
        }
        if (!empty($_COOKIE[AUTH_COOKIE])) {
            return new WP_Error('expired_session', __('Please log in again.'));
        }
        // If the cookie is not set, be silent.
        return new WP_Error();
    }
    if (empty($credentials['user_login']) || empty($credentials['user_password'])) {
        $error = new WP_Error();
        if (empty($credentials['user_login'])) {
            $error->add('empty_username', __('<strong>ERROR</strong>: The username field is empty.'));
        }
        if (empty($credentials['user_password'])) {
            $error->add('empty_password', __('<strong>ERROR</strong>: The password field is empty.'));
        }
        return $error;
    }
    $user = wp_authenticate($credentials['user_login'], $credentials['user_password']);
    if (is_wp_error($user)) {
        return $user;
    }
    wp_set_auth_cookie($user->ID, $credentials['remember']);
    do_action('wp_login', $credentials['user_login']);
    return $user;
}
Example #22
0
 function reales_user_signup_form()
 {
     $signup_user = isset($_POST['signup_user']) ? sanitize_text_field($_POST['signup_user']) : '';
     $signup_firstname = isset($_POST['signup_firstname']) ? sanitize_text_field($_POST['signup_firstname']) : '';
     $signup_lastname = isset($_POST['signup_lastname']) ? sanitize_text_field($_POST['signup_lastname']) : '';
     $signup_email = isset($_POST['signup_email']) ? sanitize_email($_POST['signup_email']) : '';
     $signup_pass_1 = isset($_POST['signup_pass_1']) ? $_POST['signup_pass_1'] : '';
     $signup_pass_2 = isset($_POST['signup_pass_2']) ? $_POST['signup_pass_2'] : '';
     $register_as_agent = isset($_POST['register_as_agent']) ? sanitize_text_field($_POST['register_as_agent']) : '';
     if (empty($signup_user) || empty($signup_firstname) || empty($signup_lastname) || empty($signup_email) || empty($signup_pass_1) || empty($signup_pass_2)) {
         echo json_encode(array('signedup' => false, 'message' => __('Required form fields are empty!', 'reales')));
         exit;
     }
     if (4 > strlen($signup_user)) {
         echo json_encode(array('signedup' => false, 'message' => __('Username too short. Please enter at least 4 characters!', 'reales')));
         exit;
     }
     if (username_exists($signup_user)) {
         echo json_encode(array('signedup' => false, 'message' => __('Username already exists!', 'reales')));
         exit;
     }
     if (!validate_username($signup_user)) {
         echo json_encode(array('signedup' => false, 'message' => __('Invalid Username!', 'reales')));
         exit;
     }
     if (!is_email($signup_email)) {
         echo json_encode(array('signedup' => false, 'message' => __('Invalid Email!', 'reales')));
         exit;
     }
     if (email_exists($signup_email)) {
         echo json_encode(array('signedup' => false, 'message' => __('Email already exists!', 'reales')));
         exit;
     }
     if (6 > strlen($signup_pass_1)) {
         echo json_encode(array('signedup' => false, 'message' => __('Password too short. Please enter at least 6 characters!', 'reales')));
         exit;
     }
     if ($signup_pass_1 != $signup_pass_2) {
         echo json_encode(array('reset' => false, 'message' => __('The passwords do not match!', 'reales')));
         exit;
     }
     $user_data = array('user_login' => sanitize_user($signup_user), 'user_email' => sanitize_email($signup_email), 'user_pass' => esc_attr($signup_pass_1), 'first_name' => sanitize_text_field($signup_firstname), 'last_name' => sanitize_text_field($signup_lastname));
     $new_user = wp_insert_user($user_data);
     if (is_wp_error($new_user)) {
         echo json_encode(array('signedup' => false, 'message' => __('Something went wrong!', 'reales')));
         exit;
     } else {
         echo json_encode(array('signedup' => true, 'message' => __('Congratulations! You have successfully signed up.', 'reales')));
         reales_signup_notifications($new_user, $signup_pass_1);
         if ($register_as_agent != '' && $register_as_agent == 'true') {
             reales_register_agent($new_user);
         }
     }
     die;
 }
Example #23
0
 public static function createUserFromPatreon($user_response, $tokens)
 {
     global $wpdb;
     $email = $user_response['data']['attributes']['email'];
     $name = strtolower(str_replace(' ', '', $user_response['data']['attributes']['first_name'] . '_' . $user_response['data']['attributes']['last_name']));
     if (validate_username($name) && username_exists($name) == false) {
         $username = sanitize_user($name, true);
     } else {
         $username = explode('@', $user_response['data']['attributes']['email']);
         $username = strtolower(sanitize_user($username[0]));
     }
     if (username_exists($username)) {
         $suffix = $wpdb->get_var($wpdb->prepare("SELECT 1 + SUBSTR(user_login, %d) FROM {$wpdb->users} WHERE user_login REGEXP %s ORDER BY 1 DESC LIMIT 1", strlen($username) + 2, '^' . $username . '(\\.[0-9]+)?$'));
         if (!empty($suffix)) {
             $username .= ".{$suffix}";
         }
     }
     $user = get_user_by('email', $email);
     if ($user == false) {
         /* create wordpress user if no account exists with provided email address */
         $random_password = wp_generate_password(12, false);
         $user_id = wp_create_user($username, $random_password, $email);
         if ($user_id) {
             $user = get_user_by('id', $user_id);
             wp_set_current_user($user->ID, $user->user_login);
             wp_set_auth_cookie($user->ID);
             do_action('wp_login', $user->user_login);
             /* update user meta data with patreon data */
             update_user_meta($user_id, 'patreon_refresh_token', $tokens['refresh_token']);
             update_user_meta($user_id, 'patreon_access_token', $tokens['access_token']);
             update_user_meta($user_id, 'patreon_user', $user_response['data']['attributes']['vanity']);
             update_user_meta($user_id, 'patreon_created', $user_response['data']['attributes']['created']);
             update_user_meta($user_id, 'user_firstname', $user_response['data']['attributes']['first_name']);
             update_user_meta($user_id, 'user_lastname', $user_response['data']['attributes']['last_name']);
             update_user_meta($user_id, 'patreon_token_minted', microtime());
         } else {
             /* wordpress account creation failed #HANDLE_ERROR */
         }
     } else {
         /* log user into existing wordpress account with matching email address -- disabled */
         // wp_set_current_user( $user->ID, $user->user_login );
         // wp_set_auth_cookie( $user->ID );
         // do_action( 'wp_login', $user->user_login );
         /* update user meta data with patreon data */
         update_user_meta($user->ID, 'patreon_refresh_token', $tokens['refresh_token']);
         update_user_meta($user->ID, 'patreon_access_token', $tokens['access_token']);
         update_user_meta($user->ID, 'patreon_user', $user_response['data']['attributes']['vanity']);
         update_user_meta($user->ID, 'patreon_created', $user_response['data']['attributes']['created']);
         update_user_meta($user->ID, 'user_firstname', $user_response['data']['attributes']['first_name']);
         update_user_meta($user->ID, 'user_lastname', $user_response['data']['attributes']['last_name']);
         wp_redirect(wp_login_url() . '?patreon-msg=login_with_patreon', '301');
         exit;
     }
 }
Example #24
0
function cr_sanitize(&$fields)
{
    $fields['user_login'] = isset($fields['user_login']) ? sanitize_user($fields['user_login']) : '';
    $fields['user_pass'] = isset($fields['user_pass']) ? esc_attr($fields['user_pass']) : '';
    $fields['user_email'] = isset($fields['user_email']) ? sanitize_email($fields['user_email']) : '';
    $fields['user_url'] = isset($fields['user_url']) ? esc_url($fields['user_url']) : '';
    $fields['first_name'] = isset($fields['first_name']) ? sanitize_text_field($fields['first_name']) : '';
    $fields['last_name'] = isset($fields['last_name']) ? sanitize_text_field($fields['last_name']) : '';
    $fields['nickname'] = isset($fields['nickname']) ? sanitize_text_field($fields['nickname']) : '';
    $fields['description'] = isset($fields['description']) ? esc_textarea($fields['description']) : '';
}
Example #25
0
function wpcom_vip_login_limit_dont_show_login_form()
{
    if ('post' != strtolower($_SERVER['REQUEST_METHOD']) || !isset($_POST['log'])) {
        return;
    }
    $username = sanitize_user($_POST['log']);
    if ($error = wpcom_vip_login_is_limited($username)) {
        login_header(__('Error'), '', $error);
        login_footer();
        exit;
    }
}
Example #26
0
/**
 * Create a new customer
 *
 * @param  string $email
 * @param  string $username
 * @param  string $password
 * @return WP_Error on failure, Int (user ID) on success
 */
function wc_create_new_customer($email, $username = '', $password = '')
{
    // Check the e-mail address
    if (empty($email) || !is_email($email)) {
        return new WP_Error("registration-error", __("Please provide a valid email address.", "woocommerce"));
    }
    if (email_exists($email)) {
        return new WP_Error("registration-error", __("An account is already registered with your email address. Please login.", "woocommerce"));
    }
    wp_verify_nonce($_POST['register'], 'woocommerce-register');
    // Handle username creation
    if (get_option('woocommerce_registration_generate_username') == 'no' || !empty($username)) {
        $username = sanitize_user($username);
        if (empty($username) || !validate_username($username)) {
            return new WP_Error("registration-error", __("Please enter a valid account username.", "woocommerce"));
        }
        if (username_exists($username)) {
            return new WP_Error("registration-error", __("An account is already registered with that username. Please choose another.", "woocommerce"));
        }
    } else {
        $username = sanitize_user(current(explode('@', $email)));
        // Ensure username is unique
        $append = 1;
        $o_username = $username;
        while (username_exists($username)) {
            $username = $o_username . $append;
            $append++;
        }
    }
    // Handle password creation
    if (get_option('woocommerce_registration_generate_password') == 'yes' && empty($password)) {
        $password = wp_generate_password();
        $password_generated = true;
    } elseif (empty($password)) {
        return new WP_Error("registration-error", __("Please enter an account password.", "woocommerce"));
    } else {
        $password_generated = false;
    }
    // WP Validation
    $validation_errors = new WP_Error();
    do_action('woocommerce_register_post', $username, $email, $validation_errors);
    $validation_errors = apply_filters('woocommerce_registration_errors', $validation_errors, $username, $email);
    if ($validation_errors->get_error_code()) {
        return $validation_errors;
    }
    $new_customer_data = apply_filters('woocommerce_new_customer_data', array('user_login' => $username, 'user_pass' => $password, 'user_email' => $email, 'role' => 'customer'));
    $customer_id = wp_insert_user($new_customer_data);
    if (is_wp_error($customer_id)) {
        return new WP_Error("registration-error", '<strong>' . __('ERROR', 'woocommerce') . '</strong>: ' . __('Couldn&#8217;t register you&hellip; please contact us if you continue to have problems.', 'woocommerce'));
    }
    do_action('woocommerce_created_customer', $customer_id, $new_customer_data, $password_generated);
    return $customer_id;
}
Example #27
0
 public static function generateUsername($email)
 {
     $username = sanitize_user(current(explode('@', $email)), true);
     // Ensure username is unique
     $append = 1;
     $o_username = $username;
     while (username_exists($username)) {
         $username = $o_username . $append;
         $append++;
     }
     return $username;
 }
Example #28
0
/**
 * Process ajax login
 *
 * @access public
 * @return void
 */
function woocommerce_sidebar_login_ajax_process()
{
    check_ajax_referer('woocommerce-sidebar-login-action', 'security');
    // Get post data
    $creds = array();
    $creds['user_login'] = esc_attr($_REQUEST['user_login']);
    $creds['user_password'] = esc_attr($_REQUEST['user_password']);
    $creds['remember'] = 'forever';
    $redirect_to = esc_attr($_REQUEST['redirect_to']);
    // Check for Secure Cookie
    $secure_cookie = '';
    // If the user wants ssl but the session is not ssl, force a secure cookie.
    if (!force_ssl_admin()) {
        $user_name = sanitize_user($creds['user_login']);
        if ($user = get_user_by('login', $user_name)) {
            if (get_user_option('use_ssl', $user->ID)) {
                $secure_cookie = true;
                force_ssl_admin(true);
            }
        }
    }
    if (force_ssl_admin()) {
        $secure_cookie = true;
    }
    if ($secure_cookie == '' && force_ssl_login()) {
        $secure_cookie = false;
    }
    // Login
    $user = wp_signon($creds, $secure_cookie);
    // Redirect filter
    if ($secure_cookie && strstr($redirect_to, 'wp-admin')) {
        $redirect_to = str_replace('http:', 'https:', $redirect_to);
    }
    // Result
    $result = array();
    if (!is_wp_error($user)) {
        $result['success'] = 1;
        $result['redirect'] = $redirect_to;
    } else {
        $result['success'] = 0;
        if ($user->errors) {
            foreach ($user->errors as $error) {
                $result['error'] = $error[0];
                break;
            }
        } else {
            $result['error'] = __('Please enter your username and password to login.', 'woocommerce');
        }
    }
    header('content-type: application/json; charset=utf-8');
    echo $_GET['callback'] . '(' . json_encode($result) . ')';
    die;
}
Example #29
0
function jigoshop_save_attributes()
{
    /** @var $wpdb wpdb */
    global $wpdb;
    $options = Jigoshop_Base::get_options();
    if (isset($_POST['add_new_attribute']) && $_POST['add_new_attribute']) {
        check_admin_referer('jigoshop-add-attribute', '_jigoshop_csrf');
        $attribute_label = (string) strip_tags(stripslashes($_POST['attribute_label']));
        $attribute_name = !$_POST['attribute_name'] ? sanitize_title(sanitize_user($attribute_label, $strict = true)) : sanitize_title(sanitize_user($_POST['attribute_name'], $strict = true));
        $attribute_type = (string) $_POST['attribute_type'];
        if (empty($attribute_name) && empty($attribute_label) || empty($attribute_label)) {
            print_r('<div id="message" class="error"><p>' . __('Please enter an attribute label.', 'jigoshop') . '</p></div>');
        } elseif ($attribute_name && strlen($attribute_name) < 30 && $attribute_type && !taxonomy_exists('pa_' . sanitize_title($attribute_name))) {
            $wpdb->insert($wpdb->prefix . "jigoshop_attribute_taxonomies", array('attribute_name' => $attribute_name, 'attribute_label' => $attribute_label, 'attribute_type' => $attribute_type), array('%s', '%s'));
            do_action('jigoshop_attribute_admin_add_after_save', $attribute_name, $attribute_label, $attribute_type);
            $options->set('jigowatt_update_rewrite_rules', '1');
            wp_safe_redirect(get_admin_url() . 'edit.php?post_type=product&page=jigoshop_attributes');
            exit;
        } else {
            print_r('<div id="message" class="error"><p>' . __('That attribute already exists, no additions were made.', 'jigoshop') . '</p></div>');
        }
    } elseif (isset($_POST['save_attribute']) && $_POST['save_attribute'] && isset($_GET['edit'])) {
        $edit = absint($_GET['edit']);
        check_admin_referer('jigoshop-edit-attribute_' . $edit, '_jigoshop_csrf');
        if ($edit > 0) {
            $attribute_type = $_POST['attribute_type'];
            $attribute_label = (string) strip_tags(stripslashes($_POST['attribute_label']));
            $wpdb->update($wpdb->prefix . "jigoshop_attribute_taxonomies", array('attribute_type' => $attribute_type, 'attribute_label' => $attribute_label), array('attribute_id' => $_GET['edit']), array('%s', '%s'));
            do_action('jigoshop_attribute_admin_edit_after_update', $edit, $attribute_label, $attribute_type);
        }
        wp_safe_redirect(get_admin_url() . 'edit.php?post_type=product&page=jigoshop_attributes');
        exit;
    } elseif (isset($_GET['delete'])) {
        $delete = absint($_GET['delete']);
        check_admin_referer('jigoshop-delete-attribute_' . $delete);
        if ($delete > 0) {
            $att_name = $wpdb->get_var($wpdb->prepare("SELECT attribute_name FROM " . $wpdb->prefix . "jigoshop_attribute_taxonomies WHERE attribute_id = %d", $delete));
            if ($att_name && $wpdb->query($wpdb->prepare("DELETE FROM " . $wpdb->prefix . "jigoshop_attribute_taxonomies WHERE attribute_id = %d", $delete))) {
                $taxonomy = 'pa_' . sanitize_title($att_name);
                // Old taxonomy prefix left in for backwards compatibility
                if (taxonomy_exists($taxonomy)) {
                    $terms = get_terms($taxonomy, 'orderby=name&hide_empty=0');
                    foreach ($terms as $term) {
                        wp_delete_term($term->term_id, $taxonomy);
                    }
                }
                do_action('jigoshop_attribute_admin_delete_after', $delete, $att_name);
                wp_safe_redirect(get_admin_url() . 'edit.php?post_type=product&page=jigoshop_attributes');
                exit;
            }
        }
    }
}
Example #30
0
 /**
  * Create a new customer.
  *
  * @param  string $email Customer email.
  * @param  string $username Customer username.
  * @param  string $password Customer password.
  * @return int|WP_Error Returns WP_Error on failure, Int (user ID) on success.
  */
 function wc_create_new_customer($email, $username = '', $password = '')
 {
     // Check the email address.
     if (empty($email) || !is_email($email)) {
         return new WP_Error('registration-error-invalid-email', __('Please provide a valid email address.', 'woocommerce'));
     }
     if (email_exists($email)) {
         return new WP_Error('registration-error-email-exists', __('An account is already registered with your email address. Please login.', 'woocommerce'));
     }
     // Handle username creation.
     if ('no' === get_option('woocommerce_registration_generate_username') || !empty($username)) {
         $username = sanitize_user($username);
         if (empty($username) || !validate_username($username)) {
             return new WP_Error('registration-error-invalid-username', __('Please enter a valid account username.', 'woocommerce'));
         }
         if (username_exists($username)) {
             return new WP_Error('registration-error-username-exists', __('An account is already registered with that username. Please choose another.', 'woocommerce'));
         }
     } else {
         $username = sanitize_user(current(explode('@', $email)), true);
         // Ensure username is unique.
         $append = 1;
         $o_username = $username;
         while (username_exists($username)) {
             $username = $o_username . $append;
             $append++;
         }
     }
     // Handle password creation.
     if ('yes' === get_option('woocommerce_registration_generate_password') && empty($password)) {
         $password = wp_generate_password();
         $password_generated = true;
     } elseif (empty($password)) {
         return new WP_Error('registration-error-missing-password', __('Please enter an account password.', 'woocommerce'));
     } else {
         $password_generated = false;
     }
     // Use WP_Error to handle registration errors.
     $errors = new WP_Error();
     do_action('woocommerce_register_post', $username, $email, $errors);
     $errors = apply_filters('woocommerce_registration_errors', $errors, $username, $email);
     if ($errors->get_error_code()) {
         return $errors;
     }
     $new_customer_data = apply_filters('woocommerce_new_customer_data', array('user_login' => $username, 'user_pass' => $password, 'user_email' => $email, 'role' => 'customer'));
     $customer_id = wp_insert_user($new_customer_data);
     if (is_wp_error($customer_id)) {
         return new WP_Error('registration-error', '<strong>' . __('Error:', 'woocommerce') . '</strong> ' . __('Couldn&#8217;t register you&hellip; please contact us if you continue to have problems.', 'woocommerce'));
     }
     do_action('woocommerce_created_customer', $customer_id, $new_customer_data, $password_generated);
     return $customer_id;
 }