/** * Connceting to Twitter network for retreiving profile informaion * * @access public * @since 1.0 * @return void */ public function login() { $callback_url = upme_add_query_string($this->callback_url(), 'upme_social_login=Twitter&upme_social_action=verify'); $upme_social_action = isset($_GET['upme_social_action']) ? $_GET['upme_social_action'] : ''; $response = new stdClass(); /* Configuring settings for Twitter application */ $app_config = array('appKey' => $this->upme_settings['social_login_twitter_app_key'], 'appSecret' => $this->upme_settings['social_login_twitter_app_secret']); @session_start(); if ($upme_social_action == 'login') { $twitter_api = new upme_TwitterOAuth($app_config['appKey'], $app_config['appSecret']); /* Retrive access token from Twitter */ $response_twitter = $twitter_api->getRequestToken($callback_url); $_SESSION['oauth_token'] = $response_twitter['oauth_token']; $_SESSION['oauth_token_secret'] = $response_twitter['oauth_token_secret']; if ($twitter_api->http_code == 200) { /* Generate the URL and redirect to Twitter for authentication */ $url = $twitter_api->getAuthorizeURL($response_twitter['oauth_token']); $this->redirect($url); } else { $response->error_code = $twitter_api->http_code; $response->error_message = upme_language_entry('Request token retrieval failed'); $this->handle_social_error('Twitter', $response->error_code); } } elseif (isset($_REQUEST['oauth_token']) && isset($_REQUEST['oauth_verifier'])) { $twitter_api = new upme_TwitterOAuth($app_config['appKey'], $app_config['appSecret'], $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']); $access_token = $twitter_api->getAccessToken($_GET['oauth_verifier']); $_SESSION['access_token'] = $access_token; $user_info = $twitter_api->get('account/verify_credentials'); if ($user_info) { $response->status = TRUE; $response->upme_network_type = 'twitter'; $response->first_name = str_replace(' ', '', $user_info->name); $response->last_name = ''; $response->email = $user_info->screen_name . '@twitter.com'; $response->username = $user_info->screen_name; $response->error_message = ''; } else { /* Handling Twitter specific errors */ $response->status = FALSE; $response->error_code = 'user_profile_failed'; $response->error_message = upme_language_entry('Error retrieving profile information'); $this->handle_social_error('Twitter', $response->error_code); } } return $response; }
/** * Connceting to Facebook network for retreiving profile informaion * * @access public * @since 1.0 * @return void */ public function login() { $callback_url = upme_add_query_string($this->callback_url(), 'upme_social_login=Facebook&upme_social_action=verify'); $upme_social_action = isset($_GET['upme_social_action']) ? $_GET['upme_social_action'] : ''; $response = new stdClass(); /* Configuring settings for LinkedIn application */ $app_config = array('appId' => $this->upme_settings['social_login_facebook_app_id'], 'secret' => $this->upme_settings['social_login_facebook_app_secret']); $facebook = new upme_Facebook($app_config); if ($upme_social_action == 'login') { /* Get the login URL and redirect the user to Facebook for authentication */ $loginUrl = $facebook->getLoginUrl(array('redirect_uri' => $callback_url, 'scope' => 'email')); $this->redirect($loginUrl); exit; } else { /* Retreive the user information from Facebook */ $user = $facebook->getUser(); if ($user) { try { $user_profile = $facebook->api('/me'); } catch (FacebookApiException $e) { /* Handling Facebook specific errors */ $user = null; $response->error_code = $e->getCode(); $response->error_message = $e->getMessage(); $this->handle_social_error('Facebook', $response->error_code); } } if ($user) { /* Create the user profile object from response */ $response->status = TRUE; $response->upme_network_type = 'facebook'; $response->first_name = $user_profile['first_name']; $response->last_name = $user_profile['last_name']; $response->email = $user_profile['email']; $response->username = $user_profile['email']; $response->error_message = ''; } else { /* Handling Facebook specific errors */ $response->error_code = 'auth_invalid'; $response->error_message = upme_language_entry('Invalid Authorization'); $this->handle_social_error('Facebook', $response->error_code); } } return $response; }
public function profile_delete_request() { global $upme_email_templates; $user_id = isset($_POST['user_id']) ? $_POST['user_id'] : 0; $profile_delete_hash = wp_generate_password(12, false); if ($user_id != 0) { $user = new WP_User($user_id); $username = $user->user_login; // Create profile delete confirmation link $link = get_permalink($this->upme_settings['login_page_id']); $query_str = "upme_action=upme_delete_profile&upme_id=" . $user_id . "&upme_profile_delete_code=" . $profile_delete_hash; $profile_delete_confirm_link = upme_add_query_string($link, $query_str); // Send email with profile remove confirmation link $send_params = array('profile_delete_confirm_link' => $profile_delete_confirm_link, 'username' => $username, 'email' => $user->user_email); $admin_email_status = $upme_email_templates->upme_send_emails('delete_profile_confirm', $user->user_email, '', '', $send_params, $user_id); // Add random key to verify the delete profile confirmation link update_user_meta($user_id, '_upme_delete_profile_hash', $profile_delete_hash); echo json_encode(array('status' => 'success', 'msg' => __('Profile removal request success. We sent you an email with confirmation link. Please click the link to confirm the request.', 'upme'))); } else { echo json_encode(array('status' => 'error', 'msg' => __('Profile removal request failed.', 'upme'))); } exit; }
function get_errors() { global $upme; $display = null; // Get global login redirect settings $upme_settings = get_option('upme_options'); $login_redirect_page_id = (int) isset($upme_settings['login_redirect_page_id']) ? $upme_settings['login_redirect_page_id'] : 0; $reset_password_page_id = (int) isset($upme_settings['reset_password_page_id']) ? $upme_settings['reset_password_page_id'] : 0; $action = isset($_GET['action']) ? $_GET['action'] : ''; $key = isset($_GET['key']) ? $_GET['key'] : ''; $login = isset($_GET['login']) ? $_GET['login'] : ''; $upme_reset_status = isset($_GET['upme_reset_status']) ? $_GET['upme_reset_status'] : ''; $info_message = ''; $user_data = get_user_by('login', $login); $user_id = ''; if ($user_data instanceof WP_User) { $user_id = $user_data->ID; } if ('upme_reset_pass' == $action && '' != $key) { $reset_pass_key = get_user_meta($user_id, 'upme_reset_pass_key', true); if ('expired' == $reset_pass_key) { $this->errors[] = __('This password key has expired or has already been used. Please initiate a new password reset.', 'upme'); if ($reset_password_page_id) { $url = get_permalink($reset_password_page_id); $url = upme_add_query_string($url, 'upme_reset_status=expired'); } wp_redirect($url); } else { if ($reset_pass_key != $key) { $this->errors[] = __('Invalid Reset Password Key', 'upme'); } else { $this->success[] = __('Please enter the new password.', 'upme'); } } } elseif ('expired' == $upme_reset_status) { $this->errors[] = __('This password key has expired or has already been used. Please initiate a new password reset.', 'upme'); } if (isset($this->errors) && is_array($this->errors)) { $display .= '<div class="upme-errors">'; foreach ($this->errors as $newError) { $display .= '<span class="upme-error upme-error-block"><i class="upme-icon upme-icon-remove"></i>' . $newError . '</span>'; } $display .= '</div>'; } else { if (isset($this->success) && is_array($this->success)) { $display .= '<div class="upme-success">'; foreach ($this->success as $newMsg) { $display .= '<span class="upme-success upme-success-block"><i class="upme-icon upme-icon-ok"></i>' . $newMsg . '</span>'; } $display .= '</div>'; } else { if ($login_redirect_page_id) { $url = get_permalink($login_redirect_page_id); } else { $url = $_SERVER['REQUEST_URI']; } wp_redirect($url); } } return $display; }
/** * Redirect users to login screen to login redirect URL based on the error codes * and settings defined in UPME * * @access public * @since 1.0 * @uses handle_social_error,upme_new_user_notification,validate_email_confirmation * automatic_user_login, redirect_registered_users * @param object $result Result object created from the response generated from social network * This object will contain all the user profile data requested by the application * @return void */ public function redirect_registered_users($user_id, $activation_status, $approval_status, $type) { /* Get login page from UPME settings */ $login_page_id = (int) isset($this->upme_settings['login_page_id']) ? $this->upme_settings['login_page_id'] : 0; if ('ACTIVE' == $activation_status && 'ACTIVE' == $approval_status) { /* Automatically log the user when Activation and Approval status is set to TRUE */ wp_set_auth_cookie($user_id, false, is_ssl()); $login_redirect_page_id = (int) isset($this->upme_settings['login_redirect_page_id']) ? $this->upme_settings['login_redirect_page_id'] : 0; if ($login_redirect_page_id) { $url = get_permalink($login_redirect_page_id); wp_redirect($url); exit; } else { $url = get_permalink($login_page_id); wp_redirect($url); exit; } } else { if ('INACTIVE' == $activation_status && 'INACTIVE' == $approval_status) { /* Redirect Activation + confirmation pending users to the login screen with respoective error message */ if ($login_page_id) { if ($type == 'reg') { $url = upme_add_query_string(get_permalink($login_page_id), 'upme_login_error=reg_activation_approval'); } else { $url = upme_add_query_string(get_permalink($login_page_id), 'upme_login_error=activation_approval'); } wp_redirect($url); exit; } } else { if ('INACTIVE' == $activation_status) { /* Redirect Activation pending users to the login screen with respoective error message */ if ($login_page_id) { if ($type == 'reg') { $url = upme_add_query_string(get_permalink($login_page_id), 'upme_login_error=reg_activation'); } else { $url = upme_add_query_string(get_permalink($login_page_id), 'upme_login_error=activation'); } wp_redirect($url); exit; } } else { if ('INACTIVE' == $approval_status) { /* Redirect Approval pending users to the login screen with respoective error message */ if ($login_page_id) { if ($type == 'reg') { $url = upme_add_query_string(get_permalink($login_page_id), 'upme_login_error=reg_approval'); } else { $url = upme_add_query_string(get_permalink($login_page_id), 'upme_login_error=approval'); } wp_redirect($url); exit; } } else { } } } } }
/** * Connceting to Google network for retreiving profile informaion * * @access public * @since 1.0 * @return void */ public function login() { $callback_url = upme_add_query_string($this->callback_url(), 'upme_social_login=Google&upme_social_action=verify'); $redirect_url = upme_add_query_string($this->callback_url(), 'upme_social_login=Google&upme_social_action=verify'); $upme_social_action = isset($_GET['upme_social_action']) ? $_GET['upme_social_action'] : ''; $response = new stdClass(); /* Configuring settings for Google application */ $client_id = $this->upme_settings['social_login_google_client_id']; $client_secret = $this->upme_settings['social_login_google_client_secret']; @session_start(); $client = new Google_Client(); $client->setClientId($client_id); $client->setClientSecret($client_secret); $client->setRedirectUri($callback_url); $client->addScope("https://www.googleapis.com/auth/plus.profile.emails.read"); $service = new Google_Service_Plus($client); if ($upme_social_action == 'login') { if (!(isset($_SESSION['googleplus_access_token']) && $_SESSION['googleplus_access_token'])) { $authUrl = $client->createAuthUrl(); $this->redirect($authUrl); die; } else { $this->redirect($callback_url); die; } } elseif (isset($_GET['code'])) { // Perform HTTP Request to OpenID server to validate key $client->authenticate($_GET['code']); $_SESSION['googleplus_access_token'] = $client->getAccessToken(); $this->redirect($callback_url); die; } elseif (isset($_SESSION['googleplus_access_token']) && $_SESSION['googleplus_access_token']) { $client->setAccessToken($_SESSION['googleplus_access_token']); try { $user = $service->people->get("me", array()); } catch (Exception $fault) { unset($_SESSION['googleplus_access_token']); $this->redirect($callback_url); die; } if (!empty($user)) { // OK HERE KEY IS VALID if (!empty($user->emails)) { $response->email = $user->emails[0]->value; $response->username = $user->emails[0]->value; $response->first_name = $user->name->givenName; $response->upme_network_type = 'google'; $response->status = TRUE; $response->error_message = ''; } else { $response->status = FALSE; $response->error_code = 'auth_invalid'; $response->error_message = upme_language_entry('Invalid Authorization.'); $this->handle_social_error('Google', $response->error_code); } } else { $response->status = FALSE; $response->error_code = "signature_verify_failed"; $response->error_message = upme_language_entry('Invalid Authorization.'); $this->handle_social_error('Google', $response->error_code); } } elseif ($get['openid_mode'] == 'cancel') { $response->status = FALSE; $response->error_code = 'cancel_request'; $response->error_message = upme_language_entry('User Canceled Request.'); $this->handle_social_error('Google', $response->error_code); } else { $response->status = FALSE; $response->error_code = 'auth_invalid'; $response->error_message = upme_language_entry('User Login Failed.'); $this->handle_social_error('Google', $response->error_code); } return $response; }
function view_profile($id = null, $width = null, $view = null, $group = null, $show_stats = null, $show_social_bar = null, $use_in_sidebar = null, $users_per_page = null, $hide_until_search = null, $role = null, $recent_posts = null, $logout_redirect = null, $new_window = null, $modal = null, $modal_view = null, $show_result_count = null, $limit_results = null) { global $upme_save, $upme_options; $display = null; unset($this->searched_users); /* Search running? */ if (isset($_REQUEST['upme-search-fired'])) { $current_option = $upme_options->upme_settings; if ($hide_until_search == 'true' && $current_option['require_search_input'] == '1') { if ($this->check_search_input()) { $hide_until_search = false; } else { $this->no_search_input = true; $hide_until_search = true; } } else { $hide_until_search = false; } } $sidebar_class = null; if ($use_in_sidebar) { $sidebar_class = 'upme-sidebar'; } // Manage restricted viewing of user profiles in list pages $restricted_message = $this->get_option('html_other_profiles_restricted'); $restricted_profile_status = false; if (is_user_logged_in()) { $restricted_profile_status = $this->restricted_user_profile($this->logged_in_user, $this->get_option('users_can_view')); } $users = array(); /* Ignore id if group is used */ if ($group && !$restricted_profile_status) { /* allow search */ $this->allow_search = true; /* pagination */ $pagination_bar = ''; if (!$hide_until_search && $group == 'all') { if ($users_per_page) { $pagination_bar .= $this->pagination($users_per_page, $group, $role); /* Show limited number of users from given list */ if ('true' == $limit_results || 'yes' == $limit_results) { $pagination_bar = ''; } } } /* Loop of users */ $args = array('orderby' => $this->profile_order_field, 'order' => $this->profile_order); if ($group != 'all') { $users = explode(',', $group); } /* Setup offset/page and array of users */ if ($users_per_page) { $args = $this->setup_page($args, $users_per_page); } /* Modify args */ if (!$hide_until_search) { if (isset($_REQUEST['upme-search-fired']) || $group == 'all') { if (!isset($this->searched_users)) { $args['show_random'] = $this->show_random; $args['result_range_start'] = $this->result_range_start; $args['result_range_count'] = $this->result_range_count; $args['search_fired'] = TRUE; $this->search_result($args); } foreach ($this->searched_users as $user) { $users[] = $user->ID; } } } if ('true' == strtolower($show_result_count) || 'yes' == strtolower($show_result_count)) { $display .= '<div class="upme-search-result-count">'; $search_result_msg = __('Your search has returned <span>' . $this->total_matching_user . '</span> results', 'upme'); $display .= apply_filters('upme_search_result_count_message', $search_result_msg, $this->total_matching_user); $display .= '</div>'; } $display .= $pagination_bar; } else { if ($group && $restricted_profile_status) { return $restricted_message; } else { if (!$group && $restricted_profile_status) { if ($this->logged_in_user == $id || $this->author_filtering_status) { $users[] = $id; } else { return $restricted_message; } } else { $users[] = $id; } } } $pic_class = 'upme-pic'; if (upme_is_safari()) { $pic_class = 'upme-pic safari'; } /* Loop and display users */ if (!$hide_until_search) { if ($users) { $display .= '<div class="upme-column-wrap">'; foreach ($users as $id) { // Show custom field as profile title $current_options = $this->upme_options; $profile_title_field = $this->upme_options['profile_title_field']; $profile_title_display = $this->upme_profile_title_value($profile_title_field, $id); /* Block profile based on custom status and display information to user */ $validate_profile_visibility_params = array('user_id' => $id, 'status' => 'true', 'info' => '', 'context' => 'full_profile'); $profile_visibility = apply_filters('upme_validate_profile_visibility', $validate_profile_visibility_params); if (isset($profile_visibility['status']) && !$profile_visibility['status']) { $display .= upme_profile_visibility_info($profile_visibility, $profile_title_display); continue; } /* <-- Block profile --> */ $display .= '<div class="upme-wrap upme-' . $id . ' upme-width-' . $width . ' ' . $sidebar_class . '"> <div class="upme-inner upme-clearfix upme-view-panel">'; if (isset($this->upme_options['profile_cover_image_status']) && $this->upme_options['profile_cover_image_status'] && is_null($view)) { $cover_image = get_user_meta($id, 'user_cover_pic', true); $cover_image_display = ''; if ($cover_image != '') { $cover_image_display = '<img src="' . $cover_image . '" />'; } $display .= '<div class="upme-cover-image">' . $cover_image_display . '</div>'; } /* UPME Filters for after profile head section */ $display .= apply_filters('upme_profile_before_head', '', $id); if ('compact' == $view) { $display .= apply_filters('upme_compact_profile_before_head', '', $id); } else { $display .= apply_filters('upme_full_profile_before_head', '', $id); } // End Filters $display .= '<div class="upme-head"> <div class="upme-left">'; // Enable profile loading on new window $new_window_display = 'yes' == $new_window || 'true' == $new_window ? ' target="_blank" ' : ''; $new_window_display_pic = $new_window_display; $params = array('id' => $id, 'view' => $view, 'modal' => $modal, 'group' => $group, 'use_in_sidebar' => $use_in_sidebar, 'context' => 'normal'); /* UPME Filter for customizing profile URL */ $profile_url = apply_filters('upme_custom_profile_url', $this->profile_link($id), $params); // End Filter // Override new window setting when modal is set if ('yes' == $modal || 'true' == $modal) { $new_window_display = ' class="profile-fancybox " data-url="' . $profile_url . '"'; $profile_url = '#upme_inner_modal'; } $profile_pic_display = ''; if ($this->get_option('clickable_profile')) { if ($this->get_option('clickable_profile') == 1) { if ('compact' == $view) { $profile_pic_display .= '<a href="' . $profile_url . '" upme-data-user-id="' . $id . '" ' . $new_window_display . '>' . $this->pic($id, 50) . '</a>'; } else { $profile_pic_display .= '<a href="' . $profile_url . '">' . $this->pic($id, 50) . '</a>'; } } else { $profile_pic_display .= '<a href="' . get_author_posts_url($id) . '" ' . $new_window_display_pic . '>' . $this->pic($id, 50) . '</a>'; } } else { $profile_pic_display .= $this->pic($id, 50); } $display .= '<div class="' . $pic_class . '">'; /* UPME Filter for customizing profile picture */ $params = array('id' => $id, 'view' => $view, 'modal' => $modal, 'use_in_sidebar' => $use_in_sidebar, 'context' => 'normal'); $profile_pic_display = apply_filters('upme_custom_profile_pic', $profile_pic_display, $params); $display .= $profile_pic_display; // End Filter $display .= '</div>'; if ($this->can_edit_profile($this->logged_in_user, $id)) { $display .= '<div class="upme-name"> <div class="upme-field-name">'; if ($this->get_option('clickable_profile')) { if ($this->get_option('clickable_profile') == 1) { if ('compact' == $view) { $display .= '<a href="' . $profile_url . '" upme-data-user-id="' . $id . '" ' . $new_window_display . ' >'; } else { if ('yes' != $modal_view && 'true' != $modal_view) { $display .= '<a href="' . $profile_url . '" >'; } } } else { if ('yes' != $modal_view && 'true' != $modal_view) { $display .= '<a href="' . get_author_posts_url($id) . '" ' . $new_window_display_pic . '>'; } } $display .= $profile_title_display; $display .= '</a>'; } else { $display .= $profile_title_display; } $display .= '</div>'; /* UPME filter for adding contents into header section between profile title and buttons */ $profile_header_fields_params = array('id' => $id, 'view' => $view, 'modal' => $modal, 'use_in_sidebar' => $use_in_sidebar, 'context' => 'normal'); $display .= apply_filters('upme_profile_header_fields', '', $profile_header_fields_params); if ($use_in_sidebar == 'yes' || $use_in_sidebar) { $link = get_permalink($this->get_option('profile_page_id')); $class = "upme-button-alt"; $link_text = __('View Profile', 'upme'); } else { $link = '#edit'; $class = "upme-button-alt upme-fire-editor upme-fire-editor-view"; $link_text = __('Edit Profile', 'upme'); } //Enable customlogout url $logout_url = ''; if ($logout_redirect) { $logout_url = ' redirect_to=' . $logout_redirect; } //Change link for modal edit button $target_window = ''; // Enable profile view/edit modes based on loading window $params = array('logout_url' => $logout_url, 'group' => $group, 'use_in_sidebar' => $use_in_sidebar, 'view' => $view); if (isset($_POST['upme_modal_profile']) && 'yes' == $_POST['upme_modal_profile']) { $link = $this->profile_link($id); $link = upme_add_query_string($profile_url, 'upme_modal_target_link=yes'); $target_window = ' target="_blank" '; $edit_buttons = '<a ' . $target_window . ' href="' . $link . '" class="' . $class . '">' . $link_text . '</a> ' . do_shortcode('[upme_logout wrap_div="false" user_id="' . $id . '" ' . $logout_url . ']'); $params['type'] = 'modal'; $display .= '<div class="upme-field-edit-modal">'; /* UPME Filters for profile edit buttons panel */ $display .= apply_filters('upme_profile_edit_bar', $edit_buttons, $id, $params); // End Filter $display .= '</div> </div>'; } else { $edit_buttons = '<a href="' . $link . '" class="' . $class . '">' . $link_text . '</a> ' . do_shortcode('[upme_logout wrap_div="false" user_id="' . $id . '" ' . $logout_url . ']'); $params['type'] = $view; $display .= '<div class="upme-field-edit">'; /* UPME Filters for profile edit buttons panel */ $display .= apply_filters('upme_profile_edit_bar', $edit_buttons, $id, $params); // End Filter $display .= '</div> </div>'; } } else { $display .= '<div class="upme-name"> <div class="upme-field-name ">'; if ($this->get_option('clickable_profile')) { if ($this->get_option('clickable_profile') == 1) { if ('compact' == $view) { $display .= '<a href="' . $profile_url . '" upme-data-user-id="' . $id . '" ' . $new_window_display . '>'; } else { if ('yes' != $modal_view && 'true' != $modal_view) { $display .= '<a href="' . $profile_url . '" >'; } } } else { if ('yes' != $modal_view && 'true' != $modal_view) { $display .= '<a href="' . get_author_posts_url($id) . '" ' . $new_window_display_pic . '>'; } } $display .= $profile_title_display; $display .= '</a>'; } else { $display .= $profile_title_display; } $display .= '</div>'; $profile_header_fields_params = array('id' => $id, 'view' => $view, 'modal' => $modal, 'use_in_sidebar' => $use_in_sidebar, 'context' => 'normal'); $display .= apply_filters('upme_profile_header_fields', '', $profile_header_fields_params); $display .= '</div>'; } $display .= '</div>'; if (($width == '2' || $width == '3') && $view != 'compact') { $display .= '<div class="upme-clear"></div>'; } $display .= '<div class="upme-right">'; if ($show_social_bar != 'no' && $show_social_bar != 'false') { $display .= $this->show_user_social_profiles($id); } if ($show_stats != 'no' && $show_stats != 'false') { $display .= $this->show_user_stats($id); } $display .= '</div><div class="upme-clear"></div>'; $user_profile_form_name = get_user_meta($id, 'upme-register-form-name', true); if ($user_profile_form_name == '') { $user_profile_form_name = $this->profile_form_name; } /* UPME Filters for customizing profile form name */ $profile_form_name_params = array('user_id' => $id, 'view' => $view, 'page_form_name' => $this->profile_form_name, 'profile_form_name' => $user_profile_form_name, 'width' => $width); $user_profile_form_name = apply_filters('upme_profile_form_name', $user_profile_form_name, $profile_form_name_params); // End Filter /* UPME Filters for profile header buttons panel */ $header_bar_params = array('view' => $view, 'form_name' => $user_profile_form_name, 'width' => $width); $display .= apply_filters('upme_profile_header_bar', '', $id, $header_bar_params); // End Filter $display .= '</div>'; /* UPME Filters for after profile head section */ $display .= apply_filters('upme_profile_after_head', '', $id); /* UPME Filters for tabs */ $profile_tabbed_sections_params = array('id' => $id, 'view' => $view, 'group' => $group); $display .= apply_filters('upme_profile_tabbed_sections', '', $profile_tabbed_sections_params); if ('compact' == $view) { $display .= apply_filters('upme_compact_profile_after_head', '', $id); } else { $display .= apply_filters('upme_full_profile_after_head', '', $id); } // End Filters $display .= '<div id="upme-profile-panel" class="upme-profile-tab-panel upme-main upme-main-' . $view . '">'; $display .= '<div id="upme-profile-view-msg-holder" class="" style="display:none;" ></div>'; /* Display errors */ if (isset($_POST['upme-submit-' . $id])) { $display .= $upme_save->get_errors($id); } $display .= $this->show_profile_fields($id, $view); $display .= $this->edit_profile_fields($id, $width, $sidebar_class); $display .= '</div>'; // Add dynamic AJAX based forms into View Profile section $form_params = array('id' => $id, 'view' => $view); $display .= apply_filters('upme_profile_view_forms', '', $form_params); ///////////////////////// /* UPME Filters for after profile head section */ $display .= apply_filters('upme_profile_after_fields', '', $id); if ('compact' == $view) { $display .= apply_filters('upme_compact_profile_after_fields', '', $id); } else { $display .= apply_filters('upme_full_profile_after_fields', '', $id); } // End Filters if ('1' == $current_options['show_recent_user_posts'] && 'no' != $recent_posts && !$view) { $post_limit = $current_options['maximum_allowed_posts']; $feature_image_status = $current_options['show_feature_image_posts']; $display .= $this->show_profile_posts($id, $post_limit, $feature_image_status, $view); } $display .= '</div> </div>'; } // Display inline fancybox container and loading image, when modal window is not enables if ('yes' != $modal_view && 'true' != $modal_view) { $display .= '<div id="upme_inner_modal" style="display:none"></div>'; $display .= '<div id="upme_inner_modal_loader" style="display:none"><img src="' . upme_url . 'css/images/fancybox/fancybox_loading.gif" /></div>'; } $display .= '</div>'; } else { $display .= '<p>' . sprintf(__('Nothing found matching the selected criteria.', 'upme')) . '</p>'; } } else { if (isset($this->no_search_input) && $this->no_search_input == true) { $display .= '<p>' . sprintf(__('Please enter search criteria.', 'upme')) . '</p>'; } } /* pagination */ $pagination_bar_bottom = ''; if (!$hide_until_search) { if ($group == 'all') { if ($users_per_page) { $display .= '<div class="upme-clear"></div>'; $pagination_bar_bottom .= $this->pagination($users_per_page, $group, $role); /* Show limited number of users from given list */ if ('true' == $limit_results || 'yes' == $limit_results) { $pagination_bar_bottom = ''; } $display .= $pagination_bar_bottom; if (!isset($this->upme_search) || isset($this->upme_search) && $this->upme_search == false) { // Show Hidden Form in case there is no search form $display .= '<form action="" method="post" id="upme-pagination-form">'; $display .= '<input type="hidden" name="userspage" id="upme-pagination-form-per-page" />'; $display .= '</form>'; } } } } return $display; }
function request_new_pass() { global $wpdb, $current_site, $wp_hasher, $upme_email_templates; if (strpos($_POST['user_details'], '@')) { $user_data = get_user_by('email', trim($_POST['user_details'])); if (empty($user_data)) { echo "invalid_email"; die; } } else { $login = trim($_POST['user_details']); $user_data = get_user_by('login', $login); } if (!$user_data) { echo "invalid"; die; } // redefining user_login ensures we return the right case in the email $user_login = $user_data->user_login; $user_email = $user_data->user_email; do_action('retreive_password', $user_login); // Misspelled and deprecated do_action('retrieve_password', $user_login); $allow = apply_filters('allow_password_reset', true, $user_data->ID); if (!$allow) { echo "not_allowed"; die; } // Generate something random for a key... $key = wp_generate_password(20, false); do_action('retrieve_password_key', $user_login, $key); // Set upme reset password key for validation in reset password form $reset_pass_key = $key; update_user_meta($user_data->ID, 'upme_reset_pass_key', $key); $current_option = get_option('upme_options'); $reset_page_url = get_permalink($current_option['reset_password_page_id']); $query_str = 'action=upme_reset_pass&key=' . $reset_pass_key . '&login='******'Someone requested that the password be reset for the following account:', 'upme') . "\r\n\r\n"; $message .= network_home_url('/') . "\r\n\r\n"; $message .= sprintf(__('Username: %s', 'upme'), $user_login) . "\r\n\r\n"; $message .= __('If this was a mistake, just ignore this email and nothing will happen.', 'upme') . "\r\n\r\n"; $message .= __('To reset your password, visit the following address:', 'upme') . "\r\n\r\n"; $message .= '<' . $reset_page_url . '>'; if (is_multisite()) { $blogname = $GLOBALS['current_site']->site_name; } else { // The blogname option is escaped with esc_html on the way into the database in sanitize_option // we want to reverse this for the plain text arena of emails. $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); } $title = sprintf(__('[%s] Password Reset', 'upme'), $blogname); $title = apply_filters('retrieve_password_title', $title); $message = apply_filters('retrieve_password_message', $message, $key); /* UPME Filter for customizing new user activation email content for admins */ $message = apply_filters('upme_reset_pass_content', $message, $user_login, $user_email, $reset_page_url); // End Filter /* UPME Filter for customizing new user activation email subject for admins */ $title = apply_filters('upme_reset_pass_subject', $title); // End Filter $send_params = array('reset_page_url' => $reset_page_url, 'username' => $user_login); $email_status = $upme_email_templates->upme_send_emails('forgot_password', $user_email, $title, $message, $send_params, $user_data->ID); if ($message && !$email_status) { echo "mail_error"; die; } echo "success"; die; }
function create() { global $upme_roles, $upme_email_templates, $upme_save; require_once ABSPATH . 'wp-includes/pluggable.php'; // Verify whether registration form name is modified if (isset($_POST['upme-register-form-name'])) { $upme_secret_key = get_option('upme_secret_key'); $register_form_name = $_POST['upme-register-form-name']; $register_form_name_hash = $_POST['upme-hidden-register-form-name-hash']; if ($register_form_name_hash != hash('sha256', $register_form_name . $upme_secret_key)) { // Invailid form name was defined by manually editing $this->errors[] = __('Invalid registration form.', 'upme'); return; } $this->registration_form_name = $register_form_name; } /* UPME action for adding restrictions before registration */ $before_registration_validation_params = array(); do_action('upme_before_registration_restrictions', $this->usermeta, $before_registration_validation_params); /* END action */ /* Create profile when there is no error */ if (!isset($this->errors)) { // Set date format from admin settings $upme_settings = get_option('upme_options'); $upme_date_format = (string) isset($upme_settings['date_format']) ? $upme_settings['date_format'] : 'mm/dd/yy'; /* Create account, update user meta */ $sanitized_user_login = sanitize_user($_POST['user_login']); /* Get password */ if (isset($_POST['user_pass']) && $_POST['user_pass'] != '') { $user_pass = $_POST['user_pass']; } else { $user_pass = wp_generate_password(12, false); /* UPME Filters for before registration head section */ $registration_generated_password_params = array('meta' => $this->usermeta); $user_pass = apply_filters('upme_registration_generated_password', $user_pass, $registration_generated_password_params); // End Filters } /* New user */ $user_id = wp_create_user($sanitized_user_login, $user_pass, $_POST['user_email']); if (!$user_id) { /* UPME action for handling failure in new user creation */ $new_user_registration_fail_params = array(); do_action('upme_new_user_registration_fail', $user_id, $new_user_registration_fail_params); /* END action */ } else { global $upme; /* Force custom user role on registration using shortcode attributes */ if (isset($_POST['upme-hidden-register-form-user-role'])) { $upme_secret_key = get_option('upme_secret_key'); $register_user_role = $_POST['upme-hidden-register-form-user-role']; $register_user_role_hash = $_POST['upme-hidden-register-form-user-role-hash']; if ($register_user_role_hash == hash('sha256', $register_user_role . $upme_secret_key) && get_role($register_user_role)) { $user = new WP_User($user_id); $user->set_role($register_user_role); } else { // Invailid user role was defined by manually editing return; } } else { /* Allow users to select the role without forcing */ $allow_user_role_registration = $upme_settings['select_user_role_in_registration']; // Set new users role specified in the registration page // This will only used when Select User Role in Registration setting is enabled $allowed_user_roles = $upme_roles->upme_allowed_user_roles_registration(); $user_role = isset($this->usermeta['user_role']) ? $this->usermeta['user_role'] : ''; if (!empty($user_role) && isset($allowed_user_roles[$user_role]) && $allow_user_role_registration) { $user = new WP_User($user_id); $user->set_role($user_role); } } // Get profile fields $profile_fields = get_option('upme_profile_fields'); // Get list of dattime fields $date_time_fields = array(); foreach ($profile_fields as $key => $field) { extract($field); // Filter date/time custom fields if (isset($profile_fields[$key]['field']) && $profile_fields[$key]['field'] == 'datetime') { array_push($date_time_fields, $profile_fields[$key]['meta']); } } /* Now update all user meta */ foreach ($this->usermeta as $key => $value) { // save checkboxes if (is_array($value)) { // checkboxes $value = implode(', ', $value); } if (in_array($key, $date_time_fields)) { if ('' != $value) { $formatted_date = upme_date_format_to_standerd($value, $upme_date_format); $value = $formatted_date; } } /* UPME action for adding custom filtering for each field save registration */ $before_registration_field_update_params = array('user_id' => $user_id, 'meta' => $key, 'value' => $value); do_action('upme_before_registration_field_update', $before_registration_field_update_params); /* END action */ // Prevent passwords from saving in user meta table if ('user_pass' != $key && 'user_pass_confirm' != $key) { update_user_meta($user_id, $key, esc_attr($value)); } /* UPME action for adding custom filtering for each field save registration */ $after_registration_field_update_params = array('user_id' => $user_id, 'meta' => $key, 'value' => $value); do_action('upme_after_registration_field_update', $after_registration_field_update_params); /* END action */ /* update core fields - email, url, pass */ if (in_array($key, array('user_email', 'user_url', 'display_name'))) { wp_update_user(array('ID' => $user_id, $key => esc_attr($value))); } } // Save file upload fields on registration $upme_save->userid = $user_id; $upload_params = array(); $upme_save->process_registration_upload($_FILES, '2', $upload_params); // Check user selected passwrod setting for saving the activation details } // Set approval status when user profile approvals are enabled $approval_setting_status = $this->validate_user_approval(); if ($approval_setting_status) { $approval_status = 'INACTIVE'; update_user_meta($user_id, 'upme_approval_status', $approval_status); } else { $approval_status = 'ACTIVE'; update_user_meta($user_id, 'upme_approval_status', $approval_status); } // Set Profile Status to active by default update_user_meta($user_id, 'upme_user_profile_status', 'ACTIVE'); // Set the password nag when user selected password setting is disabled // Set activation status and codes when selected password setting is enabled $upme_settings = get_option('upme_options'); $set_pass = (bool) $upme_settings['set_password']; $activation_setting_status = $this->validate_email_confirmation(); $activation_status = ''; if (!$set_pass) { update_user_option($user_id, 'default_password_nag', true, true); //Set up the Password change nag. } if ($activation_setting_status) { $activation_status = 'INACTIVE'; update_user_meta($user_id, 'upme_activation_status', $activation_status); } else { $activation_status = 'ACTIVE'; update_user_meta($user_id, 'upme_activation_status', $activation_status); } $activation_code = wp_generate_password(12, false); update_user_meta($user_id, 'upme_activation_code', $activation_code); // Set automatic login based on the setting value in admin if ($this->validate_automatic_login()) { wp_set_auth_cookie($user_id, false, is_ssl()); } /* action after Account Creation */ do_action('upme_user_register', $user_id); if (!empty($activation_status) && 'INACTIVE' == $activation_status || !empty($approval_status) && 'INACTIVE' == $approval_status) { $user = new WP_User($user_id); $username = $user->user_login; $current_option = get_option('upme_options'); $link = get_permalink($current_option['profile_page_id']); $query_str = "upme_action=upme_activate&upme_id=" . $user_id . "&upme_activation_code=" . $activation_code; $activation_link = upme_add_query_string($link, $query_str); if ('INACTIVE' == $activation_status && 'INACTIVE' == $approval_status) { // Activation and approval enabled $send_params = array('activation_link' => $activation_link, 'username' => $username, 'email' => $user->user_email, 'password' => $user_pass); if ($current_option['notifications_all_admins']) { $admin_emails_list = implode(',', $upme_roles->get_admin_emails()); $admin_email_status = $upme_email_templates->upme_send_emails('reg_activation_approval_admin', $admin_emails_list, '', '', $send_params, $user_id); } else { $admin_email_status = $upme_email_templates->upme_send_emails('reg_activation_approval_admin', get_option('admin_email'), '', '', $send_params, $user_id); } $email_status = $upme_email_templates->upme_send_emails('reg_activation_approval_user', $user->user_email, '', '', $send_params, $user_id); } else { if ('INACTIVE' == $activation_status) { // Activation enabled $send_params = array('activation_link' => $activation_link, 'username' => $username, 'email' => $user->user_email, 'password' => $user_pass); if ($current_option['notifications_all_admins']) { $admin_emails_list = implode(',', $upme_roles->get_admin_emails()); $admin_email_status = $upme_email_templates->upme_send_emails('reg_activation_admin', $admin_emails_list, '', '', $send_params, $user_id); } else { $admin_email_status = $upme_email_templates->upme_send_emails('reg_activation_admin', get_option('admin_email'), '', '', $send_params, $user_id); } $email_status = $upme_email_templates->upme_send_emails('reg_activation_user', $user->user_email, '', '', $send_params, $user_id); } else { if ('INACTIVE' == $approval_status) { // Approval enabled $send_params = array('username' => $username, 'email' => $user->user_email, 'password' => $user_pass); if ($current_option['notifications_all_admins']) { $admin_emails_list = implode(',', $upme_roles->get_admin_emails()); $admin_email_status = $upme_email_templates->upme_send_emails('reg_approval_admin', $admin_emails_list, '', '', $send_params, $user_id); } else { $admin_email_status = $upme_email_templates->upme_send_emails('reg_approval_admin', get_option('admin_email'), '', '', $send_params, $user_id); } $email_status = $upme_email_templates->upme_send_emails('reg_approval_user', $user->user_email, '', '', $send_params, $user_id); } } } //upme_new_user_notification($user_id, $user_pass,$activation_status,$activation_code); } else { $user = new WP_User($user_id); $username = $user->user_login; $current_option = get_option('upme_options'); $link = get_permalink($current_option['login_page_id']); $send_params = array('username' => $username, 'password' => $user_pass, 'login_link' => $link); $email_status = $upme_email_templates->upme_send_emails('reg_default_user', '', '', '', $send_params, $user_id); $send_params = array('username' => $username, 'email' => $user->user_email); $admin_email_status = $upme_email_templates->upme_send_emails('reg_default_admin', '', '', '', $send_params, $user_id); if (!$email_status && !$admin_email_status) { wp_new_user_notification($user_id, $user_pass); } } } }
/** * Connceting to LinkedIn network for retreiving profile informaion * * @access public * @since 1.0 * @return void */ public function login() { $callback_url = upme_add_query_string($this->callback_url(), 'upme_social_login=Linkedin&upme_social_action=verify'); $upme_social_action = isset($_GET['upme_social_action']) ? $_GET['upme_social_action'] : ''; $response = new stdClass(); /* Configuring settings for LinkedIn application */ $app_config = array('appKey' => $this->upme_settings['social_login_linkedin_app_key'], 'appSecret' => $this->upme_settings['social_login_linkedin_app_secret'], 'callbackUrl' => $callback_url); @session_start(); $linkedin_api = new upme_LinkedIn($app_config); if ($upme_social_action == 'login') { /* Retrive access token from LinkedIn */ $response_linkedin = $linkedin_api->retrieveTokenRequest(array('scope' => 'r_emailaddress')); if ($response_linkedin['success'] === TRUE) { /* Redirect the user to LinkedIn for login and authorizing the application */ $_SESSION['oauth']['linkedin']['request'] = $response_linkedin['linkedin']; $this->redirect(upme_LinkedIn::_URL_AUTH . $response_linkedin['linkedin']['oauth_token']); } else { $response->error_code = 'req_token_fail'; $response->error_message = upme_language_entry('Request token retrieval failed'); $this->handle_error('Linkedin', $response->error_code); } } elseif (isset($_GET['oauth_verifier'])) { /* LinkedIn has sent a response, user has granted permission, take the temp access token, the user's secret and the verifier to request the user's real secret key */ $response_linkedin = $linkedin_api->retrieveTokenAccess($_SESSION['oauth']['linkedin']['request']['oauth_token'], $_SESSION['oauth']['linkedin']['request']['oauth_token_secret'], $_GET['oauth_verifier']); if ($response_linkedin['success'] === TRUE) { $linkedin_api->setTokenAccess($response_linkedin['linkedin']); $linkedin_api->setResponseFormat(upme_LinkedIn::_RESPONSE_JSON); /* Get user profile information using the retrived access token */ $user_result = $linkedin_api->profile('~:(email-address,id,first-name,last-name,picture-url)'); if ($user_result['success'] === TRUE) { /* setting the user data object from the response */ $data = json_decode($user_result['linkedin']); $response->status = TRUE; $response->upme_network_type = 'linkedin'; $response->first_name = $data->firstName; $response->last_name = $data->lastName; $response->email = $data->emailAddress; $response->username = $data->emailAddress; $response->error_message = ''; } else { /* Handling LinkedIn specific errors */ $response->status = FALSE; $response->error_code = 'req_profile_fail'; $response->error_message = upme_language_entry('Error retrieving profile information'); $this->handle_social_error('Linkedin', $response->error_code); } } else { /* Handling LinkedIn specific errors */ $response->status = FALSE; $response->error_code = 'access_token_fail'; $response->error_message = upme_language_entry('Access token retrieval failed'); $this->handle_social_error('Linkedin', $response->error_code); } } else { /* Handling LinkedIn specific errors */ if (isset($_GET['oauth_problem']) && $_GET['oauth_problem'] == 'user_refused') { $response->status = FALSE; $response->error_code = 'user_refused'; $response->error_message = upme_language_entry('User refused by application.'); $this->handle_social_error('Linkedin', $response->error_code); } else { $response->status = FALSE; $response->error_code = 'req_cancel'; $response->error_message = upme_language_entry('Request cancelled by user!'); $this->handle_social_error('Linkedin', $response->error_code); } } return $response; }
function upme_new_user_notification($user_id, $plaintext_pass = '', $activation_status = '', $activation_code = '') { global $upme_email_templates; $user = new WP_User($user_id); $user_login = stripslashes($user->user_login); $user_email = stripslashes($user->user_email); $message = sprintf(__('New user registration on %s:', 'upme'), get_option('blogname')) . "\r\n\r\n"; $message .= sprintf(__('Username: %s', 'upme'), $user_login) . "\r\n\r\n"; $message .= sprintf(__('E-mail: %s', 'upme'), $user_email) . "\r\n"; /* UPME Filter for customizing new user activation email content for admins */ $message = apply_filters('upme_new_user_act_admin_content', $message, $user_login, $user_email); // End Filter $subject = sprintf(__('[%s] New User Registration', 'upme'), get_option('blogname')); /* UPME Filter for customizing new user activation email subject for admins */ $subject = apply_filters('upme_new_user_act_admin_subject', $subject); // End Filter $send_params = array('username' => $user_login, 'email' => $user_email); $admin_email = get_option('admin_email'); $admin_user = get_user_by('email', $admin_email); $email_status = $upme_email_templates->upme_send_emails('reg_email_confirm_admin', get_option('admin_email'), $subject, $message, $send_params, $user_id); // @wp_mail( // get_option('admin_email'), // $subject, // $message // ); if (empty($plaintext_pass)) { return; } if (!empty($activation_status) && 'INACTIVE' == $activation_status) { $current_option = get_option('upme_options'); $link = get_permalink($current_option['profile_page_id']); $query_str = "upme_action=upme_activate&upme_id=" . $user_id . "&upme_activation_code=" . $activation_code; $activation_link = upme_add_query_string($link, $query_str); $message = sprintf(__("Someone (hopefully you) has used this email to register at %s :", 'upme'), get_option('blogname')) . "\r\n\r\n"; $message .= __('Please click the link below to verify your ownership of this email:', 'upme') . "\r\n\r\n"; $message .= __('You will not be able to log in to use your account until you do so:', 'upme') . "\r\n\r\n"; $message .= sprintf(__('%s'), $activation_link, $activation_link) . "\r\n\r\n"; $message .= __('Thanks', 'upme') . "\r\n"; $message .= sprintf(__('%s'), get_option('blogname'), 'upme') . "\r\n"; /* UPME Filter for customizing new user activation email content for users */ $message = apply_filters('upme_new_user_act_content', $message, $user_login, $user_email, $activation_link); // End Filter $subject = sprintf(__('[%s] Action Required: Email Verification', 'upme'), get_option('blogname')); /* UPME Filter for customizing new user activation email content for users */ $subject = apply_filters('upme_new_user_act_subject', $subject); // End Filter $send_params = array('username' => $user_login, 'password' => $plaintext_pass, 'activation_link' => $activation_link); $email_status = $upme_email_templates->upme_send_emails('reg_email_confirm_user', $user_email, $subject, $message, $send_params, $user_id); // wp_mail( // $user_email, // $subject, // $message // ); } }