public function initialize() { $this->user = new stdClass(); if (is_user_logged_in()) { /* Populate settings we need for the menu based on the current user. */ $this->user->blogs = get_blogs_of_user(get_current_user_id()); if (is_multisite()) { $this->user->active_blog = get_active_blog_for_user(get_current_user_id()); $this->user->domain = empty($this->user->active_blog) ? user_admin_url() : trailingslashit(get_home_url($this->user->active_blog->blog_id)); $this->user->account_domain = $this->user->domain; } else { $this->user->active_blog = $this->user->blogs[get_current_blog_id()]; $this->user->domain = trailingslashit(home_url()); $this->user->account_domain = $this->user->domain; } } add_action('wp_head', 'wp_admin_bar_header'); add_action('admin_head', 'wp_admin_bar_header'); if (current_theme_supports('admin-bar')) { $admin_bar_args = get_theme_support('admin-bar'); // add_theme_support( 'admin-bar', array( 'callback' => '__return_false') ); $header_callback = $admin_bar_args[0]['callback']; } if (empty($header_callback)) { $header_callback = '_admin_bar_bump_cb'; } add_action('wp_head', $header_callback); wp_enqueue_script('admin-bar'); wp_enqueue_style('admin-bar'); do_action('admin_bar_init'); }
/** * Process one time login * * @since 1.0.0 * * @return void */ function otl_authenticate_one_time_login() { // No need to run if not a singular query for the one time login if (!is_single()) { return; } // No need to run if not a onetimelogin post global $post; if ('onetimelogin' !== $post->post_type) { return; } $user_id = get_post_meta(get_the_ID(), 'otl_user', true); $valid_user = get_userdata($user_id) ? true : false; $login_uses = get_post_meta(get_the_ID(), 'otl_times_used', true); // If the one time login is unused and the user is valid, log in if ('0' === $login_uses && $valid_user) { // Log in wp_clear_auth_cookie(); wp_set_current_user($user_id); wp_set_auth_cookie($user_id); // Update some meta for logging and to prevent multiple uses update_post_meta(get_the_ID(), 'otl_times_used', '1'); update_post_meta(get_the_ID(), 'otl_datetime_used', current_time('mysql')); // Redirect to wp-admin wp_safe_redirect(user_admin_url()); exit; } else { wp_redirect(home_url()); exit; } return; }
/** * Generate the parameters for the raas plugin. * @return array */ public function getParams() { // Parameters to be sent to the DOM. $params = array('actionRaas' => 'gigya_raas', 'redirect' => user_admin_url(), 'canEditUsers' => current_user_can('edit_users'), 'raasWebScreen' => _gigParam($this->login_options, 'raasWebScreen', 'Default-RegistrationLogin'), 'raasMobileScreen' => _gigParam($this->login_options, 'raasMobileScreen', 'DefaultMobile-RegistrationLogin'), 'raasLoginScreen' => _gigParam($this->login_options, 'raasLoginScreen', 'gigya-login-screen'), 'raasRegisterScreen' => _gigParam($this->login_options, 'raasRegisterScreen', 'gigya-register-screen'), 'raasProfileWebScreen' => _gigParam($this->login_options, 'raasProfileWebScreen', 'Default-ProfileUpdate'), 'raasProfileMobileScreen' => _gigParam($this->login_options, 'raasProfileMobileScreen', 'DefaultMobile-ProfileUpdate'), 'raasOverrideLinks' => _gigParamDefaultOn($this->login_options, 'raasOverrideLinks'), 'raasLoginDiv' => _gigParam($this->login_options, 'raasLoginDiv', 'loginform'), 'raasRegisterDiv' => _gigParam($this->login_options, 'raasRegisterDiv', 'registerform'), 'raasProfileDiv' => _gigParam($this->login_options, 'raasProfileDiv', 'profile-page')); // Let others plugins to modify the raas parameters. $params = apply_filters('gigya_raas_params', $params); return $params; }
function self_admin_url($path = '', $scheme = 'admin') { if (defined('WP_NETWORK_ADMIN') && WP_NETWORK_ADMIN) { return network_admin_url($path, $scheme); } elseif (defined('WP_USER_ADMIN') && WP_USER_ADMIN) { return user_admin_url($path, $scheme); } else { return admin_url($path, $scheme); } }
function thatcamp_edit_profile_url($url) { $path = 'profile.php'; $scheme = 'admin'; $active = get_active_blog_for_user(get_current_user_id()); if ($active) { $url = get_admin_url($active->blog_id, $path, $scheme); } else { $url = user_admin_url($path, $scheme); } return $url; }
/** * @access public */ public function initialize() { $this->user = new stdClass; if ( is_user_logged_in() ) { /* Populate settings we need for the menu based on the current user. */ $this->user->blogs = get_blogs_of_user( get_current_user_id() ); if ( is_multisite() ) { $this->user->active_blog = get_active_blog_for_user( get_current_user_id() ); $this->user->domain = empty( $this->user->active_blog ) ? user_admin_url() : trailingslashit( get_home_url( $this->user->active_blog->blog_id ) ); $this->user->account_domain = $this->user->domain; } else { $this->user->active_blog = $this->user->blogs[get_current_blog_id()]; $this->user->domain = trailingslashit( home_url() ); $this->user->account_domain = $this->user->domain; } } add_action( 'wp_head', 'wp_admin_bar_header' ); add_action( 'admin_head', 'wp_admin_bar_header' ); if ( current_theme_supports( 'admin-bar' ) ) { /** * To remove the default padding styles from WordPress for the Toolbar, use the following code: * add_theme_support( 'admin-bar', array( 'callback' => '__return_false' ) ); */ $admin_bar_args = get_theme_support( 'admin-bar' ); $header_callback = $admin_bar_args[0]['callback']; } if ( empty($header_callback) ) $header_callback = '_admin_bar_bump_cb'; add_action('wp_head', $header_callback); wp_enqueue_script( 'admin-bar' ); wp_enqueue_style( 'admin-bar' ); /** * Fires after WP_Admin_Bar is initialized. * * @since 3.1.0 */ do_action( 'admin_bar_init' ); }
/** * Generate the parameters for the login plugin. * @return array */ public function getParams() { // Parameters to be sent to the DOM. $params = array('actionLogin' => 'gigya_login', 'actionCustomLogin' => 'custom_login', 'redirect' => _gigParam($this->login_options, 'redirect', user_admin_url())); $params['ui'] = array(); $params['ui']['showTermsLink'] = false; $params['ui']['version'] = 2; if (!empty($this->login_options['width'])) { $params['ui']['width'] = $this->login_options['width']; } if (!empty($this->login_options['height'])) { $params['ui']['height'] = $this->login_options['height']; } if (!empty($this->login_options['showTermsLink'])) { $params['ui']['showTermsLink'] = $this->login_options['showTermsLink']; } if (!empty($this->login_options['enabledProviders'])) { $params['ui']['enabledProviders'] = $this->login_options['enabledProviders']; } if (!empty($this->login_options['buttonsStyle'])) { $params['ui']['buttonsStyle'] = $this->login_options['buttonsStyle']; } if (!empty($this->login_options['advancedLoginUI'])) { $arr = gigyaCMS::parseJSON($this->login_options['advancedLoginUI']); if (!empty($arr)) { foreach ($arr as $key => $val) { $params['ui'][$key] = $val; } } } if (!empty($this->login_options['advancedAddConnectionsUI'])) { $arr = gigyaCMS::parseJSON($this->login_options['advancedAddConnectionsUI']); if (!empty($arr)) { foreach ($arr as $key => $val) { $params['addConnection'][$key] = $val; } } } // Let others plugins to modify the login parameters. $params = apply_filters('gigya_login_params', $params); return $params; }
/** * @param $args * @param $instance * * @return string */ public function getContent($args, $instance) { $output = ''; $title = apply_filters('widget_title', $instance['title']); // Get the data from the argument. // require_once GIGYA__PLUGIN_DIR . 'features/login/GigyaRaasSet.php'; // $raas = new GigyaLoginSet(); // $data = $raas->getParams(); // // // Override params or take the defaults. // if ( ! empty( $instance['override'] ) ) { // foreach ( $instance as $key => $value ) { // if ( ! empty( $value ) ) { // $data['ui'][$key] = esc_attr( $value ); // } // } // } // Set the output. $output .= $args['before_widget']; if (!empty($title)) { $output .= $args['before_title'] . $title . $args['after_title']; } if (!is_user_logged_in()) { $output .= '<div class="gigya-raas-widget">'; $output .= '<a href="wp-login.php">' . __('Login') . '</a> | '; $output .= '<a href="wp-login.php?action=register">' . __('Register') . '</a>'; $output .= '</div>'; } else { $current_user = wp_get_current_user(); $output .= '<div class="gigya-wp-account-widget">'; $output .= '<a class="gigya-wp-avatar" href="' . user_admin_url('profile.php') . '">' . get_avatar($current_user->ID) . '</a>'; $output .= '<div class="gigya-wp-info">'; $output .= '<a class="gigya-wp-name" href="' . user_admin_url('profile.php') . '">' . $current_user->display_name . '</a>'; $output .= '<a class="gigya-wp-logout" href="' . wp_logout_url() . '">' . __('Log Out') . '</a>'; $output .= '</div></div>'; } $output .= $args['after_widget']; return $output; }
/** * @param $args * @param $instance * * @return string */ public function getContent($args, $instance) { $output = ''; $title = apply_filters('widget_title', $instance['title']); // Get the data from the argument. require_once GIGYA__PLUGIN_DIR . 'features/login/GigyaLoginSet.php'; $login = new GigyaLoginSet(); $data = $login->getParams(); // Override params or take the defaults. if (!empty($instance['override'])) { foreach ($instance as $key => $value) { if (!empty($value)) { $data['ui'][$key] = esc_attr($value); } } } // Set the output. $output .= $args['before_widget']; if (!empty($title)) { $output .= $args['before_title'] . $title . $args['after_title']; } if (!is_user_logged_in()) { $output .= '<div class="gigya-login-widget"></div>'; $output .= '<script class="data-login" type="application/json">' . json_encode($data) . '</script>'; } else { $current_user = wp_get_current_user(); $output .= '<div class="gigya-wp-account-widget">'; $output .= '<a class="gigya-wp-avatar" href="' . user_admin_url('profile.php') . '">' . get_avatar($current_user->ID) . '</a>'; $output .= '<div class="gigya-wp-info">'; $output .= '<a class="gigya-wp-name" href="' . user_admin_url('profile.php') . '">' . $current_user->display_name . '</a>'; $output .= '<a class="gigya-wp-logout" href="' . wp_logout_url() . '">' . __('Log Out') . '</a>'; $output .= '</div></div>'; } $output .= $args['after_widget']; return $output; }
/** * Login user. SSL support is not tested. */ public function login() { global $json_api; $secure_cookie = ''; // If the user wants ssl but the session is not ssl, force a secure cookie. if (!empty($_POST['log']) && !force_ssl_admin()) { $user_name = sanitize_user($_POST['log']); if ($user = get_user_by('login', $user_name)) { // i'm guessing the user can change their login options to work with SSL if (get_user_option('use_ssl', $user->ID)) { $secure_cookie = true; //passing true to like so, force_ssl_admin(true), makes force_ssl_admin() return true and vice versa //force_ssl_admin(true); http://codex.wordpress.org/Function_Reference/force_ssl_admin // we are declaring error but not returning it for now $errors = new WP_Error(); $errors->add('use_ssl', __("The login must use ssl.")); // not implemeted now //return $errors; } } } if (isset($_REQUEST['redirect_to'])) { $redirect_to = $_REQUEST['redirect_to']; // Redirect to https if user wants ssl if ($secure_cookie && false !== strpos($redirect_to, 'wp-admin')) { $redirect_to = preg_replace('|^http://|', 'https://', $redirect_to); } } else { $redirect_to = admin_url(); } $reauth = empty($_REQUEST['reauth']) ? false : true; // If the user was redirected to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure // cookie and redirect back to the referring non-secure admin page. This allows logins to always be POSTed over SSL while allowing the user to choose visiting // the admin via http or https. if (!$secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && 0 !== strpos($redirect_to, 'https') && 0 === strpos($redirect_to, 'http')) { $secure_cookie = false; } //$user = wp_authenticate_username_password('', $_POST['log'], $_POST['pwd']); $user = wp_signon('', $secure_cookie); if (is_wp_error($user)) { // user is an error object $errors = $user; // if both login and password are empty no error is added so we add one now if (empty($_POST['log']) && empty($_POST['pwd'])) { $errors->add('invalid_username', __("The username is empty.")); } // Clear errors if loggedout is set. if (!empty($_GET['loggedout']) || $reauth) { $errors = new WP_Error(); } // If cookies are disabled we can't log in even with a valid user+pass if (isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE])) { $errors->add('test_cookie', __("Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress.")); } // Some parts of this script use the main login form to display a message if (isset($_GET['loggedout']) && TRUE == $_GET['loggedout']) { $errors->add('loggedout', __('You are now logged out.'), 'message'); } elseif (isset($_GET['registration']) && 'disabled' == $_GET['registration']) { $errors->add('registerdisabled', __('User registration is currently not allowed.')); } elseif (isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail']) { $errors->add('confirm', __('Check your e-mail for the confirmation link.'), 'message'); } elseif (isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail']) { $errors->add('newpass', __('Check your e-mail for your new password.'), 'message'); } elseif (isset($_GET['checkemail']) && 'registered' == $_GET['checkemail']) { $errors->add('registered', __('Registration complete. Please check your e-mail.'), 'message'); } elseif ($interim_login) { $errors->add('expired', __('Your session has expired. Please log-in again.'), 'message'); } // Clear any stale cookies. if ($reauth) { wp_clear_auth_cookie(); } return $errors; } //if (!$reauth) { // does not redirect if (empty($redirect_to) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url()) { // If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile. if (is_multisite() && !get_active_blog_for_user($user->ID) && !is_super_admin($user->ID)) { $redirect_to = user_admin_url(); } elseif (is_multisite() && !$user->has_cap('read')) { $redirect_to = get_dashboard_url($user->ID); } elseif (!$user->has_cap('edit_posts')) { $redirect_to = admin_url('profile.php'); } } wp_set_current_user($user->ID); $user = $this->get_logged_in_user(); // left in redirect_to since we could return the value later if we wanted return $user; //} }
/** * Get the URL to the user's profile editor. * * @since 3.1.0 * * @param int $user User ID * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl(). 'http' or 'https' can be passed to force those schemes. * @return string Dashboard url link with optional path appended */ function get_edit_profile_url($user, $scheme = 'admin') { $user = (int) $user; if (is_user_admin()) { $url = user_admin_url('profile.php', $scheme); } elseif (is_network_admin()) { $url = network_admin_url('profile.php', $scheme); } else { $url = get_dashboard_url($user, 'profile.php', $scheme); } return apply_filters('edit_profile_url', $url, $user, $scheme); }
/** * @ticket 39065 */ public function test_get_dashboard_url_for_user_with_no_sites() { add_filter('get_blogs_of_user', '__return_empty_array'); $expected = is_multisite() ? user_admin_url() : admin_url(); $this->assertEquals($expected, get_dashboard_url(self::$user_id)); }
/** * @ticket 37949 * @group multisite */ public function test_admin_bar_contains_correct_about_link_for_users_with_no_role_in_multisite() { if (!is_multisite()) { $this->markTestSkipped('Test only runs in multisite'); } // User is not a member of a site. remove_user_from_blog(self::$no_role_id, get_current_blog_id()); wp_set_current_user(self::$no_role_id); $wp_admin_bar = $this->get_standard_admin_bar(); $wp_logo_node = $wp_admin_bar->get_node('wp-logo'); $about_node = $wp_admin_bar->get_node('about'); $this->assertNotNull($wp_logo_node); $this->assertSame(user_admin_url('about.php'), $wp_logo_node->href); $this->assertArrayNotHasKey('tabindex', $wp_logo_node->meta); $this->assertNotNull($about_node); }
/** * Proccesses the request * * Callback for "template_redirect" hook in template-loader.php * * @since 6.3 * @access public */ public function template_redirect() { $this->request_action = isset($_REQUEST['action']) ? sanitize_key($_REQUEST['action']) : ''; if (!$this->request_action && self::is_tml_page()) { $this->request_action = self::get_page_action(get_the_id()); } $this->request_instance = isset($_REQUEST['instance']) ? sanitize_key($_REQUEST['instance']) : 0; do_action_ref_array('tml_request', array(&$this)); // allow plugins to override the default actions, and to add extra actions if they want do_action('login_form_' . $this->request_action); if (has_action('tml_request_' . $this->request_action)) { do_action_ref_array('tml_request_' . $this->request_action, array(&$this)); } else { $http_post = 'POST' == $_SERVER['REQUEST_METHOD']; switch ($this->request_action) { case 'postpass': global $wp_hasher; if (empty($wp_hasher)) { require_once ABSPATH . 'wp-includes/class-phpass.php'; // By default, use the portable hash from phpass $wp_hasher = new PasswordHash(8, true); } // 10 days setcookie('wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword(stripslashes($_POST['post_password'])), time() + 864000, COOKIEPATH); wp_safe_redirect(wp_get_referer()); exit; break; case 'logout': check_admin_referer('log-out'); $user = wp_get_current_user(); wp_logout(); $redirect_to = apply_filters('logout_redirect', site_url('wp-login.php?loggedout=true'), isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '', $user); wp_safe_redirect($redirect_to); exit; break; case 'lostpassword': case 'retrievepassword': if ($http_post) { $this->errors = self::retrieve_password(); if (!is_wp_error($this->errors)) { $redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : site_url('wp-login.php?checkemail=confirm'); wp_safe_redirect($redirect_to); exit; } } if (isset($_REQUEST['error']) && 'invalidkey' == $_REQUEST['error']) { $this->errors->add('invalidkey', __('Sorry, that key does not appear to be valid.', 'theme-my-login')); } do_action('lost_password'); break; case 'resetpass': case 'rp': $user = self::check_password_reset_key($_REQUEST['key'], $_REQUEST['login']); if (is_wp_error($user)) { $redirect_to = site_url('wp-login.php?action=lostpassword&error=invalidkey'); wp_redirect($redirect_to); exit; } if (isset($_POST['pass1']) && $_POST['pass1'] != $_POST['pass2']) { $this->errors->add('password_reset_mismatch', __('The passwords do not match.', 'theme-my-login')); } elseif (isset($_POST['pass1']) && !empty($_POST['pass1'])) { self::reset_password($user, $_POST['pass1']); $redirect_to = site_url('wp-login.php?resetpass=complete'); wp_safe_redirect($redirect_to); exit; } wp_enqueue_script('utils'); wp_enqueue_script('user-profile'); break; case 'register': if (!get_option('users_can_register')) { $redirect_to = site_url('wp-login.php?registration=disabled'); wp_redirect($redirect_to); exit; } $user_login = ''; $user_email = ''; if ($http_post) { $user_login = $_POST['user_login']; $user_email = $_POST['user_email']; $this->errors = self::register_new_user($user_login, $user_email); if (!is_wp_error($this->errors)) { $redirect_to = !empty($_POST['redirect_to']) ? $_POST['redirect_to'] : site_url('wp-login.php?checkemail=registered'); wp_safe_redirect($redirect_to); exit; } } break; case 'login': default: $secure_cookie = ''; $interim_login = isset($_REQUEST['interim-login']); // If the user wants ssl but the session is not ssl, force a secure cookie. if (!empty($_POST['log']) && !force_ssl_admin()) { $user_name = sanitize_user($_POST['log']); if ($user = get_user_by('login', $user_name)) { if (get_user_option('use_ssl', $user->ID)) { $secure_cookie = true; force_ssl_admin(true); } } } if (!empty($_REQUEST['redirect_to'])) { $redirect_to = $_REQUEST['redirect_to']; // Redirect to https if user wants ssl if ($secure_cookie && false !== strpos($redirect_to, 'wp-admin')) { $redirect_to = preg_replace('|^http://|', 'https://', $redirect_to); } } else { $redirect_to = admin_url(); } $reauth = empty($_REQUEST['reauth']) ? false : true; // If the user was redirected to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure // cookie and redirect back to the referring non-secure admin page. This allows logins to always be POSTed over SSL while allowing the user to choose visiting // the admin via http or https. if (!$secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && 0 !== strpos($redirect_to, 'https') && 0 === strpos($redirect_to, 'http')) { $secure_cookie = false; } if ($http_post && isset($_POST['log'])) { $user = wp_signon('', $secure_cookie); $redirect_to = apply_filters('login_redirect', $redirect_to, isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '', $user); if (!is_wp_error($user) && !$reauth) { if (empty($redirect_to) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url()) { // If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile. if (is_multisite() && !get_active_blog_for_user($user->ID) && !is_super_admin($user->ID)) { $redirect_to = user_admin_url(); } elseif (is_multisite() && !$user->has_cap('read')) { $redirect_to = get_dashboard_url($user->ID); } elseif (!$user->has_cap('edit_posts')) { $redirect_to = admin_url('profile.php'); } } wp_safe_redirect($redirect_to); exit; } $this->errors = $user; } // Clear errors if loggedout is set. if (!empty($_GET['loggedout']) || $reauth) { $this->errors = new WP_Error(); } // Some parts of this script use the main login form to display a message if (isset($_GET['loggedout']) && true == $_GET['loggedout']) { $this->errors->add('loggedout', __('You are now logged out.', 'theme-my-login'), 'message'); } elseif (isset($_GET['registration']) && 'disabled' == $_GET['registration']) { $this->errors->add('registerdisabled', __('User registration is currently not allowed.', 'theme-my-login')); } elseif (isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail']) { $this->errors->add('confirm', __('Check your e-mail for the confirmation link.', 'theme-my-login'), 'message'); } elseif (isset($_GET['resetpass']) && 'complete' == $_GET['resetpass']) { $this->errors->add('password_reset', __('Your password has been reset.', 'theme-my-login'), 'message'); } elseif (isset($_GET['checkemail']) && 'registered' == $_GET['checkemail']) { $this->errors->add('registered', __('Registration complete. Please check your e-mail.', 'theme-my-login'), 'message'); } elseif ($interim_login) { $this->errors->add('expired', __('Your session has expired. Please log-in again.', 'theme-my-login'), 'message'); } elseif (strpos($redirect_to, 'about.php?updated')) { $this->errors->add('updated', __('<strong>You have successfully updated WordPress!</strong> Please log back in to experience the awesomeness.', 'theme-my-login'), 'message'); } elseif ($reauth) { $this->errors->add('reauth', __('Please log in to continue.', 'theme-my-login'), 'message'); } // Clear any stale cookies. if ($reauth) { wp_clear_auth_cookie(); } break; } // end switch } // endif has_filter() }
/** * Return a variable (if exists) * * @param mixed $var The variable name, can also be a modifier for specific types * @param string|array|object $type (optional) Super globals, url/url-relative, constants, globals, options, transients, cache, user data, Pod field values, dates * @param mixed $default (optional) The default value to set if variable doesn't exist * @param bool $strict (optional) Only allow values (must not be empty) * @param array $params (optional) Set 'casting'=>true to cast value from $default, 'allowed'=>$allowed to restrict a value to what's allowed * * @return mixed The variable (if exists), or default value * @since 2.3.10 */ function pods_v($var = null, $type = 'get', $default = null, $strict = false, $params = array()) { $defaults = array('casting' => false, 'allowed' => null); $params = (object) array_merge($defaults, (array) $params); $output = null; if (null === $type || '' === $type) { // Invalid $type } elseif (is_array($type)) { if (isset($type[$var])) { $output = $type[$var]; } } elseif (is_object($type)) { if (isset($type->{$var})) { $output = $type->{$var}; } } else { $type = strtolower((string) $type); switch ($type) { case 'get': if (isset($_GET[$var])) { $output = pods_unslash($_GET[$var]); } break; case 'post': if (isset($_POST[$var])) { $output = pods_unslash($_POST[$var]); } break; case 'request': if (isset($_REQUEST[$var])) { $output = pods_unslash($_REQUEST[$var]); } break; case 'url': case 'uri': $url = parse_url(pods_current_url()); $uri = trim($url['path'], '/'); $uri = array_filter(explode('/', $uri)); if ('first' == $var) { $var = 0; } elseif ('last' == $var) { $var = -1; } if (is_numeric($var)) { $output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri); } break; case 'url-relative': $url_raw = pods_current_url(); $prefix = get_site_url(); if (substr($url_raw, 0, strlen($prefix)) == $prefix) { $url_raw = substr($url_raw, strlen($prefix) + 1, strlen($url_raw)); } $url = parse_url($url_raw); $uri = trim($url['path'], '/'); $uri = array_filter(explode('/', $uri)); if ('first' == $var) { $var = 0; } elseif ('last' == $var) { $var = -1; } if (is_numeric($var)) { $output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri); } break; case 'template-url': $output = get_template_directory_uri(); break; case 'stylesheet-url': $output = get_stylesheet_directory_uri(); break; case 'site-url': $blog_id = $scheme = null; $path = ''; if (is_array($var)) { if (isset($var[0])) { $blog_id = $var[0]; } elseif (isset($var[1])) { $path = $var[1]; } elseif (isset($var[2])) { $scheme = $var[2]; } } else { $blog_id = $var; } $output = get_site_url($blog_id, $path, $scheme); break; case 'home-url': $blog_id = $scheme = null; $path = ''; if (is_array($var)) { if (isset($var[0])) { $blog_id = $var[0]; } elseif (isset($var[1])) { $path = $var[1]; } elseif (isset($var[2])) { $scheme = $var[2]; } } else { $blog_id = $var; } $output = get_home_url($blog_id, $path, $scheme); break; case 'admin-url': $blog_id = $scheme = null; $path = ''; if (is_array($var)) { if (isset($var[0])) { $blog_id = $var[0]; } elseif (isset($var[1])) { $path = $var[1]; } elseif (isset($var[2])) { $scheme = $var[2]; } } else { $blog_id = $var; } $output = get_admin_url($blog_id, $path, $scheme); break; case 'includes-url': $output = includes_url($var); break; case 'content-url': $output = content_url($var); break; case 'plugins-url': $path = $plugin = ''; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $plugin = $var[1]; } } else { $path = $var; } $output = plugins_url($path, $plugin); break; case 'network-site-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = network_site_url($path, $scheme); break; case 'network-home-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = network_home_url($path, $scheme); break; case 'network-admin-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = network_admin_url($path, $scheme); break; case 'user-admin-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = user_admin_url($path, $scheme); break; case 'prefix': global $wpdb; $output = $wpdb->prefix; break; case 'server': if (!pods_strict()) { if (isset($_SERVER[$var])) { $output = pods_unslash($_SERVER[$var]); } elseif (isset($_SERVER[strtoupper($var)])) { $output = pods_unslash($_SERVER[strtoupper($var)]); } } break; case 'session': if (isset($_SESSION[$var])) { $output = $_SESSION[$var]; } break; case 'global': case 'globals': if (isset($GLOBALS[$var])) { $output = $GLOBALS[$var]; } break; case 'cookie': if (isset($_COOKIE[$var])) { $output = pods_unslash($_COOKIE[$var]); } break; case 'constant': if (defined($var)) { $output = constant($var); } break; case 'user': if (is_user_logged_in()) { $user = get_userdata(get_current_user_id()); if (isset($user->{$var})) { $value = $user->{$var}; } elseif ('role' == $var) { $value = ''; if (!empty($user->roles)) { $value = array_shift($user->roles); } } else { $value = get_user_meta($user->ID, $var); } if (is_array($value) && !empty($value)) { $output = $value; } elseif (!is_array($value) && 0 < strlen($value)) { $output = $value; } } break; case 'option': $output = get_option($var, $default); break; case 'site-option': $output = get_site_option($var, $default); break; case 'transient': $output = get_transient($var); break; case 'site-transient': $output = get_site_transient($var); break; case 'cache': if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) { $group = 'default'; $force = false; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $group = $var[1]; } if (isset($var[2])) { $force = $var[2]; } $var = $var[0]; $output = wp_cache_get($var, $group, $force); } } break; case 'pods-transient': $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $callback = $var[1]; } $var = $var[0]; $output = pods_transient_get($var, $callback); } break; case 'pods-site-transient': $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $callback = $var[1]; } $var = $var[0]; $output = pods_site_transient_get($var, $callback); } break; case 'pods-cache': if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) { $group = 'default'; $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $group = $var[1]; } if (isset($var[2])) { $callback = $var[2]; } $var = $var[0]; $output = pods_cache_get($var, $group, $callback); } } break; case 'pods-option-cache': $group = 'default'; $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $group = $var[1]; } if (isset($var[2])) { $callback = $var[2]; } $var = $var[0]; $output = pods_option_cache_get($var, $group, $callback); } break; case 'date': $var = explode('|', $var); if (!empty($var)) { $output = date_i18n($var[0], isset($var[1]) ? strtotime($var[1]) : false); } break; case 'pods': case 'pods_display': /** * @var $pods Pods */ global $pods; if (is_object($pods) && 'Pods' == get_class($pods)) { if ('pods' === $type) { $output = $pods->field($var); if (is_array($output)) { $options = array('field' => $var, 'fields' => $pods->fields); $output = pods_serial_comma($output, $options); } } elseif ('pods_display' === $type) { $output = $pods->display($var); } } break; default: $output = apply_filters('pods_var_' . $type, $default, $var, $strict, $params); } } if (null !== $default) { // Set default if (null === $output) { $output = $default; } // Casting if (true === $params->casting) { $output = pods_cast($output, $default); } } // Strict defaults for empty values if (true === $strict) { if (empty($output)) { $output = $default; } } // Allowed values if (null !== $params->allowed) { if (is_array($params->allowed)) { // Not in array and is not the same array if (!in_array($output, $params->allowed) && (!is_array($output) || $output !== $params->allowed)) { $output = $default; } } elseif ($output !== $params->allowed) { // Value doesn't match $output = $default; } } return $output; }
public function doLogin() { $minecraftjp = $this->getMinecraftJP(); $authType = !empty($_SESSION['auth_type']) ? $_SESSION['auth_type'] : 'login'; $redirectTo = !empty($_SESSION['redirect_to']) ? $_SESSION['redirect_to'] : ''; if ($authType == 'link') { try { $mcjpUser = $minecraftjp->getUser(); } catch (\Exception $e) { $this->setFlash($e->getMessage(), 'default', array('class' => 'error')); wp_safe_redirect(admin_url('profile.php')); exit; } if (!empty($mcjpUser)) { $userId = get_current_user_id(); $existsUserId = $this->User->getUserIdBySub($mcjpUser['sub']); if (!empty($existsUserId) && $existsUserId != $userId) { $this->setFlash(__('This account is already linked.', App::NAME), 'default', array('class' => 'error')); } else { update_user_meta($userId, 'minecraftjp_sub', $mcjpUser['sub']); update_user_meta($userId, 'minecraftjp_uuid', $mcjpUser['uuid']); update_user_meta($userId, 'minecraftjp_username', $mcjpUser['preferred_username']); $this->setFlash(__('Minecraft.jp account linked successfully.', App::NAME)); } } else { $this->setFlash(__('Authorization denied.', App::NAME), 'default', array('class' => 'error')); } wp_safe_redirect(admin_url('profile.php')); } else { try { $mcjpUser = $minecraftjp->getUser(); } catch (\Exception $e) { $this->setFlash($e->getMessage(), 'default', array('class' => 'error')); wp_safe_redirect(site_url('wp-login.php')); exit; } if (!empty($mcjpUser)) { $userId = $this->User->getUserIdBySub($mcjpUser['sub']); if (!$userId) { if (!get_option('users_can_register') && !Configure::read('force_users_can_register')) { wp_redirect(site_url('wp-login.php?registration=disabled')); exit; } $password = wp_generate_password(); $result = wp_create_user($mcjpUser['preferred_username'] . Configure::read('username_suffix'), $password, $mcjpUser['email']); if (is_wp_error($result)) { $this->setFlash(__('username or email is already taken.', App::NAME), 'default', array('class' => 'error')); wp_safe_redirect(site_url('wp-login.php')); exit; } else { $userId = $result; wp_update_user(array('ID' => $userId, 'user_url' => !empty($mcjpUser['website']) ? $mcjpUser['website'] : $mcjpUser['profile'], 'display_name' => $mcjpUser['preferred_username'])); update_user_meta($userId, 'nickname', $mcjpUser['preferred_username']); update_user_meta($userId, 'minecraftjp_sub', $mcjpUser['sub']); update_user_meta($userId, 'minecraftjp_uuid', $mcjpUser['uuid']); // send password notification wp_new_user_notification($userId, $password); } } update_user_meta($userId, 'minecraftjp_username', $mcjpUser['preferred_username']); wp_set_auth_cookie($userId, true); $user = get_user_by('id', $userId); if (empty($redirectTo) || $redirectTo == 'wp-admin/' || $redirectTo == admin_url()) { if (is_multisite() && !get_active_blog_for_user($userId) && !is_super_admin($userId)) { $redirectTo = user_admin_url(); } else { if (is_multisite() && !$user->has_cap('read')) { $redirectTo = get_dashboard_url($userId); } else { if (!$user->has_cap('edit_posts')) { $redirectTo = admin_url('profile.php'); } } } } wp_safe_redirect($redirectTo); exit; } else { $this->setFlash(__('Authorization denied.', App::NAME), 'default', array('class' => 'error')); wp_safe_redirect(site_url('wp-login.php')); exit; } } }
/** * Filter the profile url. * * @since 2.1.0 * * * @param string $profile_link Profile Link for admin bar. * @param string $url Profile URL. * @param int $user_id User ID. * @return string */ public function filter_adminbar_profile_link($profile_link = '', $url = '', $user_id = 0) { if (!is_super_admin($user_id) && is_admin()) { $profile_link = user_admin_url('profile.php'); } return $profile_link; }
?> <script type="text/javascript">setTimeout( function(){ new wp.customize.Messenger({ url: '<?php echo wp_customize_url(); ?> ', channel: 'login' }).send('login') }, 1000 );</script> <?php } ?> </body></html> <?php exit; } if (empty($redirect_to) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url()) { // If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile. if (is_multisite() && !get_active_blog_for_user($user->ID) && !is_super_admin($user->ID)) { $redirect_to = user_admin_url(); } elseif (is_multisite() && !$user->has_cap('read')) { $redirect_to = get_dashboard_url($user->ID); } elseif (!$user->has_cap('edit_posts')) { $redirect_to = $user->has_cap('read') ? admin_url('profile.php') : home_url(); } } wp_safe_redirect($redirect_to); exit; } $errors = $user; // Clear errors if loggedout is set. if (!empty($_GET['loggedout']) || $reauth) { $errors = new WP_Error(); } if ($interim_login) {
/** * Login hooks */ function action_login() { $interim_login = isset($_REQUEST['interim-login']); $secure_cookie = ''; $customize_login = isset($_REQUEST['customize-login']); if ($customize_login) { wp_enqueue_script('customize-base'); } // If the user wants ssl but the session is not ssl, force a secure cookie. if (!empty($_POST['log']) && !force_ssl_admin()) { $user_name = sanitize_user($_POST['log']); if ($user = get_user_by('login', $user_name)) { if (get_user_option('use_ssl', $user->ID)) { $secure_cookie = true; force_ssl_admin(true); } } } if (isset($_REQUEST['redirect_to'])) { $redirect_to = $_REQUEST['redirect_to']; // Redirect to https if user wants ssl if ($secure_cookie && false !== strpos($redirect_to, 'wp-admin')) { $redirect_to = preg_replace('|^http://|', 'https://', $redirect_to); } } else { $redirect_to = admin_url(); } $reauth = empty($_REQUEST['reauth']) ? false : true; $user = wp_signon('', $secure_cookie); if (empty($_COOKIE[LOGGED_IN_COOKIE])) { if (headers_sent()) { $user = new WP_Error('test_cookie', sprintf(__('<strong>ERROR</strong>: Cookies are blocked due to unexpected output. For help, please see <a href="%1$s">this documentation</a> or try the <a href="%2$s">support forums</a>.', 'colabsthemes'), 'http://codex.wordpress.org/Cookies', 'https://wordpress.org/support/')); } elseif (isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE])) { // If cookies are disabled we can't log in even with a valid user+pass $user = new WP_Error('test_cookie', sprintf(__('<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href="%s">enable cookies</a> to use WordPress.', 'colabsthemes'), 'http://codex.wordpress.org/Cookies')); } } $requested_redirect_to = isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : ''; /** * Filter the login redirect URL. * * @since 3.0.0 * * @param string $redirect_to The redirect destination URL. * @param string $requested_redirect_to The requested redirect destination URL passed as a parameter. * @param WP_User|WP_Error $user WP_User object if login was successful, WP_Error object otherwise. */ $redirect_to = apply_filters('login_redirect', $redirect_to, $requested_redirect_to, $user); if (!is_wp_error($user) && !$reauth) { if ($interim_login) { $message = '<div class="alert alert-success">' . __('You have logged in successfully.', 'colabsthemes') . '</div>'; $interim_login = '******'; echo $message; } if (empty($redirect_to) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url()) { // If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile. if (is_multisite() && !get_active_blog_for_user($user->ID) && !is_super_admin($user->ID)) { $redirect_to = user_admin_url(); } elseif (is_multisite() && !$user->has_cap('read')) { $redirect_to = get_dashboard_url($user->ID); } elseif (!$user->has_cap('edit_posts')) { $redirect_to = admin_url('profile.php'); } } wp_safe_redirect($redirect_to); exit; } $errors = $user; // Clear errors if loggedout is set. if (!empty($_GET['loggedout']) || $reauth) { $errors = new WP_Error(); } if ($interim_login) { if (!$errors->get_error_code()) { $errors->add('expired', __('Session expired. Please log in again. You will not move away from this page.', 'colabsthemes'), 'message'); } } else { // Some parts of this script use the main login form to display a message if (isset($_GET['loggedout']) && true == $_GET['loggedout']) { $errors->add('loggedout', __('You are now logged out.', 'colabsthemes'), 'message'); } elseif (isset($_GET['registration']) && 'disabled' == $_GET['registration']) { $errors->add('registerdisabled', __('User registration is currently not allowed.', 'colabsthemes')); } elseif (isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail']) { $errors->add('confirm', __('Check your e-mail for the confirmation link.', 'colabsthemes'), 'message'); } elseif (isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail']) { $errors->add('newpass', __('Check your e-mail for your new password.', 'colabsthemes'), 'message'); } elseif (isset($_GET['checkemail']) && 'registered' == $_GET['checkemail']) { $errors->add('registered', __('Registration complete. Please check your e-mail.', 'colabsthemes'), 'message'); } elseif (strpos($redirect_to, 'about.php?updated')) { $errors->add('updated', __('<strong>You have successfully updated WordPress!</strong> Please log back in to see what’s new.', 'colabsthemes'), 'message'); } } /** * Filter the login page errors. * * @since 3.6.0 * * @param object $errors WP Error object. * @param string $redirect_to Redirect destination URL. */ $errors = apply_filters('wp_login_errors', $errors, $redirect_to); // Clear any stale cookies. if ($reauth) { wp_clear_auth_cookie(); } // Error Messages $this->render_messages($errors); $this->login_form($interim_login, $redirect_to, $errors); }
/** * @ticket 25162 * @group multisite */ public function test_admin_bar_contains_correct_links_for_users_with_no_role_on_network() { if (!is_multisite()) { $this->markTestSkipped('Test only runs in multisite'); } $this->assertTrue(user_can(self::$admin_id, 'read')); $this->assertFalse(user_can(self::$no_role_id, 'read')); $blog_id = self::factory()->blog->create(array('user_id' => self::$admin_id)); $this->assertTrue(is_user_member_of_blog(self::$admin_id, $blog_id)); $this->assertFalse(is_user_member_of_blog(self::$no_role_id, $blog_id)); $this->assertTrue(is_user_member_of_blog(self::$no_role_id, get_current_blog_id())); // Remove `$nobody` from the current blog, so they're not a member of any blog $removed = remove_user_from_blog(self::$no_role_id, get_current_blog_id()); $this->assertTrue($removed); $this->assertFalse(is_user_member_of_blog(self::$no_role_id, get_current_blog_id())); wp_set_current_user(self::$no_role_id); switch_to_blog($blog_id); $wp_admin_bar = $this->get_standard_admin_bar(); $node_site_name = $wp_admin_bar->get_node('site-name'); $node_my_account = $wp_admin_bar->get_node('my-account'); $node_user_info = $wp_admin_bar->get_node('user-info'); $node_edit_profile = $wp_admin_bar->get_node('edit-profile'); // get primary blog $primary = get_active_blog_for_user(self::$no_role_id); $this->assertNull($primary); // No Site menu as the user isn't a member of this site $this->assertNull($node_site_name); $user_profile_url = user_admin_url('profile.php'); $this->assertNotEquals($user_profile_url, admin_url('profile.php')); // Profile URLs should go to the user's primary blog $this->assertEquals($user_profile_url, $node_my_account->href); $this->assertEquals($user_profile_url, $node_user_info->href); $this->assertEquals($user_profile_url, $node_edit_profile->href); restore_current_blog(); }
/** * Return the admin area URL for a user * * This function exists to make it easier to determine which admin area URL to * use in what context. It also comes with its own filter to make it easier to * target its usages. * * @since 0.1.0 * * @param int $user_id * @param string $scheme * @param array $args * * @return string */ function wp_user_profiles_get_admin_area_url($user_id = 0, $scheme = '', $args = array()) { $file = wp_user_profiles_get_file(); // User admin (multisite only) if (is_user_admin()) { $url = user_admin_url($file, $scheme); // Network admin editing } elseif (is_network_admin()) { $url = network_admin_url($file, $scheme); // Fallback dashboard } else { $url = get_dashboard_url($user_id, $file, $scheme); } // Add user ID to args array for other users if (!empty($user_id) && $user_id !== get_current_user_id()) { $args['user_id'] = $user_id; } // Add query args $url = add_query_arg($args, $url); // Filter and return return apply_filters('wp_user_profiles_get_admin_area_url', $url, $user_id, $scheme, $args); }
function simplr_login_includes($post, $option, $file, $path) { global $errors, $is_iphone, $interim_login, $current_site; $http_post = 'POST' == $_SERVER['REQUEST_METHOD']; $options = get_option('simplr_reg_options'); global $wp; $action = @$_REQUEST['action']; if (@$_REQUEST['action'] == '') { wp_redirect('?action=login'); } if (isset($options->login_redirect) and end($path) == $post->post_name) { switch ($action) { case 'lostpassword': case 'retrievepassword': if (isset($http_post)) { $errors = retrieve_password(); if (!is_wp_error($errors)) { $redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : 'wp-login.php?checkemail=confirm'; wp_safe_redirect($redirect_to); exit; } } if (isset($_GET['error']) && 'invalidkey' == $_GET['error']) { $errors->add('invalidkey', __('Sorry, that key does not appear to be valid.', 'simplr-registration-form')); } $redirect_to = apply_filters('lostpassword_redirect', !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : ''); do_action('lost_password'); $user_login = isset($_POST['user_login']) ? stripslashes($_POST['user_login']) : ''; break; case 'login': case 'default': $secure_cookie = ''; $interim_login = isset($_REQUEST['interim-login']); // If the user wants ssl but the session is not ssl, force a secure cookie. if (!empty($_POST['log']) && !force_ssl_admin()) { $user_name = sanitize_user($_POST['log']); if ($user = get_userdatabylogin($user_name)) { if (get_user_option('use_ssl', $user->ID)) { $secure_cookie = true; force_ssl_admin(true); } } } if (isset($_REQUEST['redirect_to'])) { $redirect_to = $_REQUEST['redirect_to']; // Redirect to https if user wants ssl if ($secure_cookie && false !== strpos($redirect_to, 'wp-admin')) { $redirect_to = preg_replace('|^http://|', 'https://', $redirect_to); } } else { $redirect_to = admin_url(); } $reauth = empty($_REQUEST['reauth']) ? false : true; // If the user was redirected to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure // cookie and redirect back to the referring non-secure admin page. This allows logins to always be POSTed over SSL while allowing the user to choose visiting // the admin via http or https. if (!$secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && 0 !== strpos($redirect_to, 'https') && 0 === strpos($redirect_to, 'http')) { $secure_cookie = false; } $user = wp_signon('', $secure_cookie); $redirect_to = apply_filters('login_redirect', $redirect_to, isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '', $user); if (!is_wp_error($user) && !$reauth) { if ($interim_login) { $message = '<p class="message">' . __('You have logged in successfully.', 'simplr-registration-form') . '</p>'; ?> <script type="text/javascript">setTimeout( function(){window.close()}, 8000);</script> <p class="alignright"> <input type="button" class="button-primary" value="<?php esc_attr_e('Close', 'simplr-registration-form'); ?> " onclick="window.close()" /></p> </div></body></html> <?php exit; } if (empty($redirect_to) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url()) { // If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile. if (is_multisite() && !get_active_blog_for_user($user->id) && !is_super_admin($user->id)) { $redirect_to = user_admin_url(); } elseif (is_multisite() && !$user->has_cap('read')) { $redirect_to = get_dashboard_url($user->id); } elseif (!$user->has_cap('edit_posts')) { $redirect_to = admin_url('profile.php'); } } wp_safe_redirect($redirect_to); exit; } $errors = $user; // Clear errors if loggedout is set. if (!empty($_GET['loggedout']) || $reauth) { $errors = new WP_Error(); } // If cookies are disabled we can't log in even with a valid user+pass if (isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE])) { $errors->add('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress.", 'simplr-registration-form')); } // Some parts of this script use the main login form to display a message if (isset($_GET['loggedout']) && TRUE == $_GET['loggedout']) { $errors->add('loggedout', __('You are now logged out.', 'simplr-registration-form'), 'message'); } elseif (isset($_GET['registration']) && 'disabled' == $_GET['registration']) { $errors->add('registerdisabled', __('User registration is currently not allowed.', 'simplr-registration-form')); } elseif (isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail']) { $errors->add('confirm', __('Check your e-mail for the confirmation link.', 'simplr-registration-form'), 'message'); } elseif (isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail']) { $errors->add('newpass', __('Check your e-mail for your new password.', 'simplr-registration-form'), 'message'); } elseif (isset($_GET['checkemail']) && 'registered' == $_GET['checkemail']) { $errors->add('registered', __('Registration complete. Please check your e-mail.', 'simplr-registration-form'), 'message'); } elseif ($interim_login) { $errors->add('expired', __('Your session has expired. Please log-in again.', 'simplr-registration-form'), 'message'); } // Clear any stale cookies. if ($reauth) { wp_clear_auth_cookie(); } break; } } }
function process_developer_login() { $interval = get_option('access_time'); $now = time(); if ($interval <= $now) { update_option('developer_access', false); } require_once ABSPATH . 'wp-includes/pluggable.php'; $basename = basename($_SERVER['SCRIPT_NAME']); if ($basename == 'wp-login.php') { if (isset($_GET['access_token'])) { $access = get_option('developer_access'); $access_token = get_option('access_token'); $verify_token = $_GET['access_token']; $verified = $access_token === $verify_token ? true : false; if (isset($_GET['developer_access']) && $access && $verified) { $user_login = base64_decode($_GET['access_id']); $user = get_user_by('login', $user_login); $user_id = $user->ID; wp_set_current_user($user_id, $user_login); wp_set_auth_cookie($user_id); $redirect_to = user_admin_url(); setcookie("DeveloperAccess", "active", time() + 86400); /* expire in 24 hour */ wp_safe_redirect($redirect_to); exit; } } } }
/** * Function is responsible for initializing the login page * */ function bum_init_page_login() { //reasons to return if (!bum_is_page('Login')) { return false; } // Redirect to https login if forced to use SSL if (force_ssl_admin() && !is_ssl()) { if (0 === strpos($_SERVER['REQUEST_URI'], 'http')) { wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI'])); exit; } else { wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); exit; } } // Don't index any of these forms add_filter('pre_option_blog_public', '__return_zero'); add_action('login_head', 'noindex'); //initializing global $bum_action, $bum_errors, $bum_redirect_to, $bum_user, $bum_http_post, $bum_secure_cookie, $bum_interim_login, $bum_reauth, $bum_rememberme, $bum_messages_txt, $bum_errors_txt; $bum_action = isset($_REQUEST['action']) ? $_REQUEST['action'] : 'login'; $bum_errors = new WP_Error(); if (isset($_GET['key'])) { $bum_action = 'resetpass'; } // validate action so as to default to the login screen if (!in_array($bum_action, array('logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login'), true) && false === has_filter('login_form_' . $bum_action)) { $bum_action = 'login'; } nocache_headers(); header('Content-Type: ' . get_bloginfo('html_type') . '; charset=' . get_bloginfo('charset')); if (defined('RELOCATE')) { // Move flag is set if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF']) { $_SERVER['PHP_SELF'] = str_replace($_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF']); } $schema = is_ssl() ? 'https://' : 'http://'; if (dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']) != get_option('siteurl')) { update_option('siteurl', dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'])); } } //Set a cookie now to see if they are supported by the browser. setcookie(TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN); if (SITECOOKIEPATH != COOKIEPATH) { setcookie(TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN); } // allow plugins to override the default actions, and to add extra actions if they want do_action('login_init'); do_action('login_form_' . $bum_action); $bum_http_post = 'POST' == $_SERVER['REQUEST_METHOD']; switch ($bum_action) { case 'logout': //check_admin_referer('log-out'); wp_logout(); $bum_redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : bum_get_permalink_login() . '?loggedout=true'; wp_safe_redirect($bum_redirect_to); exit; break; case 'lostpassword': case 'retrievepassword': if ($bum_http_post) { $bum_errors = bum_retrieve_password(); if (!is_wp_error($bum_errors)) { $bum_redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : bum_get_permalink_login() . '&checkemail=confirm'; wp_safe_redirect($bum_redirect_to); exit; } } if (isset($_GET['error']) && 'invalidkey' == $_GET['error']) { $bum_errors->add('invalidkey', __('Sorry, that key does not appear to be valid.')); } $bum_redirect_to = apply_filters('lostpassword_redirect', !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : ''); do_action('lost_password'); break; case 'resetpass': case 'rp': $bum_user = bum_check_password_reset_key($_GET['key'], $_GET['login']); if (is_wp_error($bum_user)) { wp_redirect(bum_get_permalink_login() . '?action=lostpassword&error=invalidkey'); exit; } $bum_errors = ''; if (isset($_POST['pass1']) && $_POST['pass1'] != $_POST['pass2']) { $bum_errors = new WP_Error('password_reset_mismatch', __('The passwords do not match.')); } elseif (isset($_POST['pass1']) && !empty($_POST['pass1'])) { bum_reset_password($bum_user, $_POST['pass1']); exit; } wp_enqueue_script('utils'); wp_enqueue_script('user-profile'); break; case 'register': wp_redirect(bum_get_permalink_registration()); exit; break; case 'login': default: //redirect if logged in if (is_user_logged_in()) { wp_redirect(get_bloginfo('url')); exit; } $bum_secure_cookie = ''; $bum_interim_login = isset($_REQUEST['interim-login']); // If the user wants ssl but the session is not ssl, force a secure cookie. if (!empty($_POST['log']) && !force_ssl_admin()) { $bum_user_name = sanitize_user($_POST['log']); if ($bum_user = get_userdatabylogin($bum_user_name)) { if (get_user_option('use_ssl', $bum_user->ID)) { $bum_secure_cookie = true; force_ssl_admin(true); } } } if (isset($_REQUEST['redirect_to'])) { $bum_redirect_to = $_REQUEST['redirect_to']; // Redirect to https if user wants ssl if ($bum_secure_cookie && false !== strpos($bum_redirect_to, 'wp-admin')) { $bum_redirect_to = preg_replace('|^http://|', 'https://', $bum_redirect_to); } } else { $bum_redirect_to = admin_url(); } $bum_reauth = empty($_REQUEST['reauth']) ? false : true; // If the user was redirected to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure // cookie and redirect back to the referring non-secure admin page. This allows logins to always be POSTed over SSL while allowing the user to choose visiting // the admin via http or https. if (!$bum_secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && 0 !== strpos($bum_redirect_to, 'https') && 0 === strpos($bum_redirect_to, 'http')) { $bum_secure_cookie = false; } $bum_user = wp_signon('', $bum_secure_cookie); $bum_redirect_to = apply_filters('login_redirect', $bum_redirect_to, isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '', $bum_user); if (!is_wp_error($bum_user) && !$bum_reauth) { if (empty($bum_redirect_to) || $bum_redirect_to == 'wp-admin/' || $bum_redirect_to == admin_url()) { // If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile. if (is_multisite() && !get_active_blog_for_user($bum_user->id)) { $bum_redirect_to = user_admin_url(); } elseif (is_multisite() && !$bum_user->has_cap('read')) { $bum_redirect_to = get_dashboard_url($bum_user->id); } elseif (!$bum_user->has_cap('edit_posts')) { $bum_redirect_to = bum_get_permalink_profile(); } } wp_safe_redirect($bum_redirect_to); exit; } $bum_errors = $bum_user; // Clear errors if loggedout is set. if (!empty($_GET['loggedout']) || $bum_reauth) { $bum_errors = new WP_Error(); } // If cookies are disabled we can't log in even with a valid user+pass if (isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE])) { $bum_errors->add('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress.")); } // Some parts of this script use the main login form to display a message if (isset($_GET['loggedout']) && TRUE == $_GET['loggedout']) { $bum_errors->add('loggedout', __('You are now logged out.'), 'message'); } elseif (isset($_GET['registration']) && 'disabled' == $_GET['registration']) { $bum_errors->add('registerdisabled', __('User registration is currently not allowed.')); } elseif (isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail']) { $bum_errors->add('confirm', __('Check your e-mail for the confirmation link.'), 'message'); } elseif (isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail']) { $bum_errors->add('newpass', __('Check your e-mail for your new password.'), 'message'); } elseif (isset($_GET['checkemail']) && 'registered' == $_GET['checkemail']) { $bum_errors->add('registered', __('Registration complete. Please check your e-mail.'), 'message'); } elseif ($bum_interim_login) { $bum_errors->add('expired', __('Your session has expired. Please log-in again.'), 'message'); } // Clear any stale cookies. if ($bum_reauth) { wp_clear_auth_cookie(); } if (isset($_POST['log'])) { $bum_user_login = '******' == $bum_errors->get_error_code() || 'empty_password' == $bum_errors->get_error_code() ? esc_attr(stripslashes($_POST['log'])) : ''; } $bum_rememberme = !empty($_POST['rememberme']); break; } if ($bum_errors->get_error_code()) { $bum_errors_txt = ''; $bum_messages_txt = ''; foreach ($bum_errors->get_error_codes() as $code) { $bum_severity = $bum_errors->get_error_data($code); foreach ($bum_errors->get_error_messages($code) as $error) { if ('message' == $bum_severity) { $bum_messages_txt .= ' ' . $error . "<br />\n"; } else { $bum_errors_txt .= ' ' . $error . "<br />\n"; } } } } }
/** * WordPress User Administration Bootstrap * * @package WordPress * @subpackage Administration * @since 3.1.0 */ define('WP_USER_ADMIN', true); require_once dirname(dirname(__FILE__)) . '/admin.php'; if (!is_multisite()) { wp_redirect(admin_url()); exit; } $redirect_user_admin_request = $current_blog->domain != $current_site->domain || $current_blog->path != $current_site->path; /** * Filter whether a user should be redirected to the Global Dashboard in Multisite. * * Users not assigned to any sites in the network will be redirected to the Global * Dashboard after logging in. * * @since 3.2.0 * * @param bool $redirect_user_admin_request Whether the request should be redirected. */ $redirect_user_admin_request = apply_filters('redirect_user_admin_request', $redirect_user_admin_request); if ($redirect_user_admin_request) { wp_redirect(user_admin_url()); exit; } unset($redirect_user_admin_request);
/** * Returns the full URL. * * @since 3.0.0 * * @return string URL. */ public function url() { if (!isset($this->url)) { $url = add_query_arg('page', $this->slug, $this->parent ?: 'admin.php'); switch ($this->admin) { case self::ADMIN_NETWORK: $this->url = network_admin_url($url); break; case self::ADMIN_SITE: $this->url = admin_url($url); break; case self::ADMIN_USER: $this->url = user_admin_url($url); break; } } return $this->url; }
/** * Proccesses the request * * Callback for "template_redirect" hook in template-loader.php * * @since 6.3 * @access public */ public function template_redirect() { $this->request_action = isset($_REQUEST['action']) ? sanitize_key($_REQUEST['action']) : ''; if (!$this->request_action && self::is_tml_page()) { $this->request_action = self::get_page_action(get_the_id()); } $this->request_instance = isset($_REQUEST['instance']) ? sanitize_key($_REQUEST['instance']) : 0; do_action_ref_array('tml_request', array(&$this)); // allow plugins to override the default actions, and to add extra actions if they want do_action('login_form_' . $this->request_action); if (has_action('tml_request_' . $this->request_action)) { do_action_ref_array('tml_request_' . $this->request_action, array(&$this)); } else { $http_post = 'POST' == $_SERVER['REQUEST_METHOD']; switch ($this->request_action) { case 'postpass': if (!array_key_exists('post_password', $_POST)) { wp_safe_redirect(wp_get_referer()); exit; } require_once ABSPATH . 'wp-includes/class-phpass.php'; $hasher = new PasswordHash(8, true); $expire = apply_filters('post_password_expires', time() + 10 * DAY_IN_SECONDS); if ($referer) { $secure = 'https' === parse_url($referer, PHP_URL_SCHEME); } else { $secure = false; } setcookie('wp-postpass_' . COOKIEHASH, $hasher->HashPassword(wp_unslash($_POST['post_password'])), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure); wp_safe_redirect(wp_get_referer()); exit; break; case 'logout': check_admin_referer('log-out'); $user = wp_get_current_user(); wp_logout(); if (!empty($_REQUEST['redirect_to'])) { $redirect_to = $requested_redirect_to = $_REQUEST['redirect_to']; } else { $redirect_to = site_url('wp-login.php?loggedout=true'); $requested_redirect_to = ''; } $redirect_to = apply_filters('logout_redirect', $redirect_to, $requested_redirect_to, $user); wp_safe_redirect($redirect_to); exit; break; case 'lostpassword': case 'retrievepassword': if ($http_post) { $this->errors = self::retrieve_password(); if (!is_wp_error($this->errors)) { $redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : site_url('wp-login.php?checkemail=confirm'); wp_safe_redirect($redirect_to); exit; } } if (isset($_REQUEST['error'])) { if ('invalidkey' == $_REQUEST['error']) { $this->errors->add('invalidkey', __('Your password reset link appears to be invalid. Please request a new link below.', 'theme-my-login')); } elseif ('expiredkey' == $_REQUEST['error']) { $this->errors->add('expiredkey', __('Your password reset link has expired. Please request a new link below.', 'theme-my-login')); } } do_action('lost_password'); break; case 'resetpass': case 'rp': // Dirty hack for now global $rp_login, $rp_key; list($rp_path) = explode('?', wp_unslash($_SERVER['REQUEST_URI'])); $rp_cookie = 'wp-resetpass-' . COOKIEHASH; if (isset($_GET['key'])) { $value = sprintf('%s:%s', wp_unslash($_GET['login']), wp_unslash($_GET['key'])); setcookie($rp_cookie, $value, 0, $rp_path, COOKIE_DOMAIN, is_ssl(), true); wp_safe_redirect(remove_query_arg(array('key', 'login'))); exit; } if (isset($_COOKIE[$rp_cookie]) && 0 < strpos($_COOKIE[$rp_cookie], ':')) { list($rp_login, $rp_key) = explode(':', wp_unslash($_COOKIE[$rp_cookie]), 2); $user = check_password_reset_key($rp_key, $rp_login); if (isset($_POST['pass1']) && !hash_equals($rp_key, $_POST['rp_key'])) { $user = false; } } else { $user = false; } if (!$user || is_wp_error($user)) { setcookie($rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true); if ($user && $user->get_error_code() === 'expired_key') { wp_redirect(site_url('wp-login.php?action=lostpassword&error=expiredkey')); } else { wp_redirect(site_url('wp-login.php?action=lostpassword&error=invalidkey')); } exit; } if (isset($_POST['pass1']) && $_POST['pass1'] != $_POST['pass2']) { $this->errors->add('password_reset_mismatch', __('The passwords do not match.', 'theme-my-login')); } do_action('validate_password_reset', $this->errors, $user); if (!$this->errors->get_error_code() && isset($_POST['pass1']) && !empty($_POST['pass1'])) { reset_password($user, $_POST['pass1']); setcookie($rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true); $redirect_to = site_url('wp-login.php?resetpass=complete'); wp_safe_redirect($redirect_to); exit; } wp_enqueue_script('utils'); wp_enqueue_script('user-profile'); break; case 'register': if (!get_option('users_can_register')) { $redirect_to = site_url('wp-login.php?registration=disabled'); wp_redirect($redirect_to); exit; } $user_login = ''; $user_email = ''; if ($http_post) { if ('email' == $this->get_option('login_type')) { $user_login = isset($_POST['user_email']) ? $_POST['user_email'] : ''; } else { $user_login = isset($_POST['user_login']) ? $_POST['user_login'] : ''; } $user_email = isset($_POST['user_email']) ? $_POST['user_email'] : ''; $this->errors = register_new_user($user_login, $user_email); if (!is_wp_error($this->errors)) { $redirect_to = !empty($_POST['redirect_to']) ? $_POST['redirect_to'] : site_url('wp-login.php?checkemail=registered'); wp_safe_redirect($redirect_to); exit; } } break; case 'login': default: $secure_cookie = ''; $interim_login = isset($_REQUEST['interim-login']); // If the user wants ssl but the session is not ssl, force a secure cookie. if (!empty($_POST['log']) && !force_ssl_admin()) { $user_name = sanitize_user($_POST['log']); if ($user = get_user_by('login', $user_name)) { if (get_user_option('use_ssl', $user->ID)) { $secure_cookie = true; force_ssl_admin(true); } } } if (!empty($_REQUEST['redirect_to'])) { $redirect_to = $_REQUEST['redirect_to']; // Redirect to https if user wants ssl if ($secure_cookie && false !== strpos($redirect_to, 'wp-admin')) { $redirect_to = preg_replace('|^http://|', 'https://', $redirect_to); } } else { $redirect_to = admin_url(); } $reauth = empty($_REQUEST['reauth']) ? false : true; if ($http_post && isset($_POST['log'])) { $user = wp_signon('', $secure_cookie); $redirect_to = apply_filters('login_redirect', $redirect_to, isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '', $user); if (!is_wp_error($user) && !$reauth) { if (empty($redirect_to) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url()) { // If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile. if (is_multisite() && !get_active_blog_for_user($user->ID) && !is_super_admin($user->ID)) { $redirect_to = user_admin_url(); } elseif (is_multisite() && !$user->has_cap('read')) { $redirect_to = get_dashboard_url($user->ID); } elseif (!$user->has_cap('edit_posts')) { $redirect_to = $user->has_cap('read') ? admin_url('profile.php') : home_url(); } } wp_safe_redirect($redirect_to); exit; } $this->errors = $user; } // Clear errors if loggedout is set. if (!empty($_GET['loggedout']) || $reauth) { $this->errors = new WP_Error(); } // Some parts of this script use the main login form to display a message if (isset($_GET['loggedout']) && true == $_GET['loggedout']) { $this->errors->add('loggedout', __('You are now logged out.', 'theme-my-login'), 'message'); } elseif (isset($_GET['registration']) && 'disabled' == $_GET['registration']) { $this->errors->add('registerdisabled', __('User registration is currently not allowed.', 'theme-my-login')); } elseif (isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail']) { $this->errors->add('confirm', __('Check your e-mail for the confirmation link.', 'theme-my-login'), 'message'); } elseif (isset($_GET['resetpass']) && 'complete' == $_GET['resetpass']) { $this->errors->add('password_reset', __('Your password has been reset.', 'theme-my-login'), 'message'); } elseif (isset($_GET['checkemail']) && 'registered' == $_GET['checkemail']) { $this->errors->add('registered', __('Registration complete. Please check your e-mail.', 'theme-my-login'), 'message'); } elseif ($interim_login) { $this->errors->add('expired', __('Your session has expired. Please log-in again.', 'theme-my-login'), 'message'); } elseif (strpos($redirect_to, 'about.php?updated')) { $this->errors->add('updated', __('<strong>You have successfully updated WordPress!</strong> Please log back in to experience the awesomeness.', 'theme-my-login'), 'message'); } elseif ($reauth) { $this->errors->add('reauth', __('Please log in to continue.', 'theme-my-login'), 'message'); } // Clear any stale cookies. if ($reauth) { wp_clear_auth_cookie(); } break; } // end switch } // endif has_filter() }
function redirect_user_to_blog() { $c = 0; if (isset($_GET['c'])) { $c = (int) $_GET['c']; } if ($c >= 5) { wp_die(__("You don’t have permission to view this site. Please contact the system administrator.")); } $c++; $blog = get_active_blog_for_user(get_current_user_id()); if (is_object($blog)) { wp_redirect(get_admin_url($blog->blog_id, '?c=' . $c)); // redirect and count to 5, "just in case" } else { wp_redirect(user_admin_url('?c=' . $c)); // redirect and count to 5, "just in case" } exit; }
/** * Get the URL to the user's profile editor. * * @since 3.1.0 * * @param int $user_id Optional. User ID. Defaults to current user. * @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl(). * 'http' or 'https' can be passed to force those schemes. * @return string Dashboard url link with optional path appended. */ function get_edit_profile_url($user_id = 0, $scheme = 'admin') { $user_id = $user_id ? (int) $user_id : get_current_user_id(); if (is_user_admin()) { $url = user_admin_url('profile.php', $scheme); } elseif (is_network_admin()) { $url = network_admin_url('profile.php', $scheme); } else { $url = get_dashboard_url($user_id, 'profile.php', $scheme); } /** * Filter the URL for a user's profile editor. * * @since 3.1.0 * * @param string $url The complete URL including scheme and path. * @param int $user_id The user ID. * @param string $scheme Scheme to give the URL context. Accepts 'http', 'https', 'login', * 'login_post', 'admin', 'relative' or null. */ return apply_filters('edit_profile_url', $url, $user_id, $scheme); }
/** * Return a variable (if exists) * * @param mixed $var The variable name, can also be a modifier for specific types * @param string|array|object $type (optional) Super globals, url/url-relative, constants, globals, options, transients, cache, user data, Pod field values, dates * @param mixed $default (optional) The default value to set if variable doesn't exist * @param bool $strict (optional) Only allow values (must not be empty) * @param array $params (optional) Set 'casting'=>true to cast value from $default, 'allowed'=>$allowed to restrict a value to what's allowed * * @return mixed The variable (if exists), or default value * @since 2.3.10 */ function pods_v($var = null, $type = 'get', $default = null, $strict = false, $params = array()) { $defaults = array('casting' => false, 'allowed' => null); $params = (object) array_merge($defaults, (array) $params); $output = null; if (null === $type || '' === $type) { // Invalid $type } elseif (is_array($type)) { if (isset($type[$var])) { $output = $type[$var]; } } elseif (is_object($type)) { if (isset($type->{$var})) { $output = $type->{$var}; } } else { $type = strtolower((string) $type); switch ($type) { case 'get': if (isset($_GET[$var])) { $output = pods_unslash($_GET[$var]); } break; case 'post': if (isset($_POST[$var])) { $output = pods_unslash($_POST[$var]); } break; case 'request': if (isset($_REQUEST[$var])) { $output = pods_unslash($_REQUEST[$var]); } break; case 'url': case 'uri': $url = parse_url(pods_current_url()); $uri = trim($url['path'], '/'); $uri = array_filter(explode('/', $uri)); if ('first' == $var) { $var = 0; } elseif ('last' == $var) { $var = -1; } if (is_numeric($var)) { $output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri); } break; case 'url-relative': $url_raw = pods_current_url(); $prefix = get_site_url(); if (substr($url_raw, 0, strlen($prefix)) == $prefix) { $url_raw = substr($url_raw, strlen($prefix) + 1, strlen($url_raw)); } $url = parse_url($url_raw); $uri = trim($url['path'], '/'); $uri = array_filter(explode('/', $uri)); if ('first' == $var) { $var = 0; } elseif ('last' == $var) { $var = -1; } if (is_numeric($var)) { $output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri); } break; case 'template-url': $output = get_template_directory_uri(); break; case 'stylesheet-url': $output = get_stylesheet_directory_uri(); break; case 'site-url': $blog_id = $scheme = null; $path = ''; if (is_array($var)) { if (isset($var[0])) { $blog_id = $var[0]; } elseif (isset($var[1])) { $path = $var[1]; } elseif (isset($var[2])) { $scheme = $var[2]; } } else { $blog_id = $var; } $output = get_site_url($blog_id, $path, $scheme); break; case 'home-url': $blog_id = $scheme = null; $path = ''; if (is_array($var)) { if (isset($var[0])) { $blog_id = $var[0]; } elseif (isset($var[1])) { $path = $var[1]; } elseif (isset($var[2])) { $scheme = $var[2]; } } else { $blog_id = $var; } $output = get_home_url($blog_id, $path, $scheme); break; case 'admin-url': $blog_id = $scheme = null; $path = ''; if (is_array($var)) { if (isset($var[0])) { $blog_id = $var[0]; } elseif (isset($var[1])) { $path = $var[1]; } elseif (isset($var[2])) { $scheme = $var[2]; } } else { $blog_id = $var; } $output = get_admin_url($blog_id, $path, $scheme); break; case 'includes-url': $output = includes_url($var); break; case 'content-url': $output = content_url($var); break; case 'plugins-url': $path = $plugin = ''; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $plugin = $var[1]; } } else { $path = $var; } $output = plugins_url($path, $plugin); break; case 'network-site-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = network_site_url($path, $scheme); break; case 'network-home-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = network_home_url($path, $scheme); break; case 'network-admin-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = network_admin_url($path, $scheme); break; case 'user-admin-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = user_admin_url($path, $scheme); break; case 'prefix': global $wpdb; $output = $wpdb->prefix; break; case 'server': if (!pods_strict()) { if (isset($_SERVER[$var])) { $output = pods_unslash($_SERVER[$var]); } elseif (isset($_SERVER[strtoupper($var)])) { $output = pods_unslash($_SERVER[strtoupper($var)]); } } break; case 'session': if (isset($_SESSION[$var])) { $output = $_SESSION[$var]; } break; case 'global': case 'globals': if (isset($GLOBALS[$var])) { $output = $GLOBALS[$var]; } break; case 'cookie': if (isset($_COOKIE[$var])) { $output = pods_unslash($_COOKIE[$var]); } break; case 'constant': if (defined($var)) { $output = constant($var); } break; case 'user': if (is_user_logged_in()) { $user = get_userdata(get_current_user_id()); if (isset($user->{$var})) { $value = $user->{$var}; } elseif ('role' == $var) { $value = ''; if (!empty($user->roles)) { $value = array_shift($user->roles); } } else { $value = get_user_meta($user->ID, $var); } if (is_array($value) && !empty($value)) { $output = $value; } elseif (!is_array($value) && 0 < strlen($value)) { $output = $value; } } break; case 'option': $output = get_option($var, $default); break; case 'site-option': $output = get_site_option($var, $default); break; case 'transient': $output = get_transient($var); break; case 'site-transient': $output = get_site_transient($var); break; case 'cache': if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) { $group = 'default'; $force = false; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $group = $var[1]; } if (isset($var[2])) { $force = $var[2]; } $var = $var[0]; $output = wp_cache_get($var, $group, $force); } } break; case 'pods-transient': $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $callback = $var[1]; } $var = $var[0]; $output = pods_transient_get($var, $callback); } break; case 'pods-site-transient': $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $callback = $var[1]; } $var = $var[0]; $output = pods_site_transient_get($var, $callback); } break; case 'pods-cache': if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) { $group = 'default'; $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $group = $var[1]; } if (isset($var[2])) { $callback = $var[2]; } $var = $var[0]; $output = pods_cache_get($var, $group, $callback); } } break; case 'pods-option-cache': $group = 'default'; $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $group = $var[1]; } if (isset($var[2])) { $callback = $var[2]; } $var = $var[0]; $output = pods_option_cache_get($var, $group, $callback); } break; case 'date': $var = explode('|', $var); if (!empty($var)) { $output = date_i18n($var[0], isset($var[1]) ? strtotime($var[1]) : false); } break; case 'pods': case 'pods_display': /** * @var $pods Pods */ global $pods; if (is_object($pods) && 'Pods' == get_class($pods)) { if ('pods' === $type) { $output = $pods->field($var); if (is_array($output)) { $options = array('field' => $var, 'fields' => $pods->fields); $output = pods_serial_comma($output, $options); } } elseif ('pods_display' === $type) { $output = $pods->display($var); } } break; case 'post_id': if (empty($var)) { if (!empty($default)) { $post_id = $default; } else { // If no $var and no $default then use current post ID $post_id = get_the_ID(); } } else { $post_id = $var; } if (did_action('wpml_loaded')) { /* Only call filter if WPML is installed */ $post_type = get_post_type($post_id); $post_id = apply_filters('wpml_object_id', $post_id, $post_type, true); } elseif (function_exists('pll_get_post')) { $polylang_id = pll_get_post($post_id); if (!empty($polylang_id)) { $post_id = $polylang_id; } } // Add other translation plugin specific code here /** * Filter to override post_id * * Generally used with language translation plugins in order to return the post id of a * translated post * * @param int $post_id The post ID of current post * @param mixed $default The default value to set if variable doesn't exist * @param mixed $var The variable name, can also be a modifier for specific types * @param bool $strict Only allow values (must not be empty) * @param array $params Set 'casting'=>true to cast value from $default, 'allowed'=>$allowed to restrict a value to what's allowed * * @since 2.6.6 */ $output = apply_filters('pods_var_post_id', $post_id, $default, $var, $strict, $params); break; default: $output = apply_filters('pods_var_' . $type, $default, $var, $strict, $params); } } if (null !== $default) { // Set default if (null === $output) { $output = $default; } // Casting if (true === $params->casting) { $output = pods_cast($output, $default); } } // Strict defaults for empty values if (true === $strict) { if (empty($output)) { $output = $default; } } // Allowed values if (null !== $params->allowed) { if (is_array($params->allowed)) { // Not in array and is not the same array if (!in_array($output, $params->allowed) && (!is_array($output) || $output !== $params->allowed)) { $output = $default; } } elseif ($output !== $params->allowed) { // Value doesn't match $output = $default; } } return $output; }