public function initialize()
{
$this->user = new stdClass();
if (is_user_logged_in()) {
/* Populate settings we need for the menu based on the current user. */
$this->user->blogs = get_blogs_of_user(get_current_user_id());
if (is_multisite()) {
$this->user->active_blog = get_active_blog_for_user(get_current_user_id());
$this->user->domain = empty($this->user->active_blog) ? user_admin_url() : trailingslashit(get_home_url($this->user->active_blog->blog_id));
$this->user->account_domain = $this->user->domain;
} else {
$this->user->active_blog = $this->user->blogs[get_current_blog_id()];
$this->user->domain = trailingslashit(home_url());
$this->user->account_domain = $this->user->domain;
}
}
add_action('wp_head', 'wp_admin_bar_header');
add_action('admin_head', 'wp_admin_bar_header');
if (current_theme_supports('admin-bar')) {
$admin_bar_args = get_theme_support('admin-bar');
// add_theme_support( 'admin-bar', array( 'callback' => '__return_false') );
$header_callback = $admin_bar_args[0]['callback'];
}
if (empty($header_callback)) {
$header_callback = '_admin_bar_bump_cb';
}
add_action('wp_head', $header_callback);
wp_enqueue_script('admin-bar');
wp_enqueue_style('admin-bar');
do_action('admin_bar_init');
}
/**
* Process one time login
*
* @since 1.0.0
*
* @return void
*/
function otl_authenticate_one_time_login()
{
// No need to run if not a singular query for the one time login
if (!is_single()) {
return;
}
// No need to run if not a onetimelogin post
global $post;
if ('onetimelogin' !== $post->post_type) {
return;
}
$user_id = get_post_meta(get_the_ID(), 'otl_user', true);
$valid_user = get_userdata($user_id) ? true : false;
$login_uses = get_post_meta(get_the_ID(), 'otl_times_used', true);
// If the one time login is unused and the user is valid, log in
if ('0' === $login_uses && $valid_user) {
// Log in
wp_clear_auth_cookie();
wp_set_current_user($user_id);
wp_set_auth_cookie($user_id);
// Update some meta for logging and to prevent multiple uses
update_post_meta(get_the_ID(), 'otl_times_used', '1');
update_post_meta(get_the_ID(), 'otl_datetime_used', current_time('mysql'));
// Redirect to wp-admin
wp_safe_redirect(user_admin_url());
exit;
} else {
wp_redirect(home_url());
exit;
}
return;
}
/**
* Generate the parameters for the raas plugin.
* @return array
*/
public function getParams()
{
// Parameters to be sent to the DOM.
$params = array('actionRaas' => 'gigya_raas', 'redirect' => user_admin_url(), 'canEditUsers' => current_user_can('edit_users'), 'raasWebScreen' => _gigParam($this->login_options, 'raasWebScreen', 'Default-RegistrationLogin'), 'raasMobileScreen' => _gigParam($this->login_options, 'raasMobileScreen', 'DefaultMobile-RegistrationLogin'), 'raasLoginScreen' => _gigParam($this->login_options, 'raasLoginScreen', 'gigya-login-screen'), 'raasRegisterScreen' => _gigParam($this->login_options, 'raasRegisterScreen', 'gigya-register-screen'), 'raasProfileWebScreen' => _gigParam($this->login_options, 'raasProfileWebScreen', 'Default-ProfileUpdate'), 'raasProfileMobileScreen' => _gigParam($this->login_options, 'raasProfileMobileScreen', 'DefaultMobile-ProfileUpdate'), 'raasOverrideLinks' => _gigParamDefaultOn($this->login_options, 'raasOverrideLinks'), 'raasLoginDiv' => _gigParam($this->login_options, 'raasLoginDiv', 'loginform'), 'raasRegisterDiv' => _gigParam($this->login_options, 'raasRegisterDiv', 'registerform'), 'raasProfileDiv' => _gigParam($this->login_options, 'raasProfileDiv', 'profile-page'));
// Let others plugins to modify the raas parameters.
$params = apply_filters('gigya_raas_params', $params);
return $params;
}
function self_admin_url($path = '', $scheme = 'admin')
{
if (defined('WP_NETWORK_ADMIN') && WP_NETWORK_ADMIN) {
return network_admin_url($path, $scheme);
} elseif (defined('WP_USER_ADMIN') && WP_USER_ADMIN) {
return user_admin_url($path, $scheme);
} else {
return admin_url($path, $scheme);
}
}
function thatcamp_edit_profile_url($url)
{
$path = 'profile.php';
$scheme = 'admin';
$active = get_active_blog_for_user(get_current_user_id());
if ($active) {
$url = get_admin_url($active->blog_id, $path, $scheme);
} else {
$url = user_admin_url($path, $scheme);
}
return $url;
}
/**
* @access public
*/
public function initialize() {
$this->user = new stdClass;
if ( is_user_logged_in() ) {
/* Populate settings we need for the menu based on the current user. */
$this->user->blogs = get_blogs_of_user( get_current_user_id() );
if ( is_multisite() ) {
$this->user->active_blog = get_active_blog_for_user( get_current_user_id() );
$this->user->domain = empty( $this->user->active_blog ) ? user_admin_url() : trailingslashit( get_home_url( $this->user->active_blog->blog_id ) );
$this->user->account_domain = $this->user->domain;
} else {
$this->user->active_blog = $this->user->blogs[get_current_blog_id()];
$this->user->domain = trailingslashit( home_url() );
$this->user->account_domain = $this->user->domain;
}
}
add_action( 'wp_head', 'wp_admin_bar_header' );
add_action( 'admin_head', 'wp_admin_bar_header' );
if ( current_theme_supports( 'admin-bar' ) ) {
/**
* To remove the default padding styles from WordPress for the Toolbar, use the following code:
* add_theme_support( 'admin-bar', array( 'callback' => '__return_false' ) );
*/
$admin_bar_args = get_theme_support( 'admin-bar' );
$header_callback = $admin_bar_args[0]['callback'];
}
if ( empty($header_callback) )
$header_callback = '_admin_bar_bump_cb';
add_action('wp_head', $header_callback);
wp_enqueue_script( 'admin-bar' );
wp_enqueue_style( 'admin-bar' );
/**
* Fires after WP_Admin_Bar is initialized.
*
* @since 3.1.0
*/
do_action( 'admin_bar_init' );
}
/**
* Generate the parameters for the login plugin.
* @return array
*/
public function getParams()
{
// Parameters to be sent to the DOM.
$params = array('actionLogin' => 'gigya_login', 'actionCustomLogin' => 'custom_login', 'redirect' => _gigParam($this->login_options, 'redirect', user_admin_url()));
$params['ui'] = array();
$params['ui']['showTermsLink'] = false;
$params['ui']['version'] = 2;
if (!empty($this->login_options['width'])) {
$params['ui']['width'] = $this->login_options['width'];
}
if (!empty($this->login_options['height'])) {
$params['ui']['height'] = $this->login_options['height'];
}
if (!empty($this->login_options['showTermsLink'])) {
$params['ui']['showTermsLink'] = $this->login_options['showTermsLink'];
}
if (!empty($this->login_options['enabledProviders'])) {
$params['ui']['enabledProviders'] = $this->login_options['enabledProviders'];
}
if (!empty($this->login_options['buttonsStyle'])) {
$params['ui']['buttonsStyle'] = $this->login_options['buttonsStyle'];
}
if (!empty($this->login_options['advancedLoginUI'])) {
$arr = gigyaCMS::parseJSON($this->login_options['advancedLoginUI']);
if (!empty($arr)) {
foreach ($arr as $key => $val) {
$params['ui'][$key] = $val;
}
}
}
if (!empty($this->login_options['advancedAddConnectionsUI'])) {
$arr = gigyaCMS::parseJSON($this->login_options['advancedAddConnectionsUI']);
if (!empty($arr)) {
foreach ($arr as $key => $val) {
$params['addConnection'][$key] = $val;
}
}
}
// Let others plugins to modify the login parameters.
$params = apply_filters('gigya_login_params', $params);
return $params;
}
/**
* @param $args
* @param $instance
*
* @return string
*/
public function getContent($args, $instance)
{
$output = '';
$title = apply_filters('widget_title', $instance['title']);
// Get the data from the argument.
// require_once GIGYA__PLUGIN_DIR . 'features/login/GigyaRaasSet.php';
// $raas = new GigyaLoginSet();
// $data = $raas->getParams();
//
// // Override params or take the defaults.
// if ( ! empty( $instance['override'] ) ) {
// foreach ( $instance as $key => $value ) {
// if ( ! empty( $value ) ) {
// $data['ui'][$key] = esc_attr( $value );
// }
// }
// }
// Set the output.
$output .= $args['before_widget'];
if (!empty($title)) {
$output .= $args['before_title'] . $title . $args['after_title'];
}
if (!is_user_logged_in()) {
$output .= '<div class="gigya-raas-widget">';
$output .= '<a href="wp-login.php">' . __('Login') . '</a> | ';
$output .= '<a href="wp-login.php?action=register">' . __('Register') . '</a>';
$output .= '</div>';
} else {
$current_user = wp_get_current_user();
$output .= '<div class="gigya-wp-account-widget">';
$output .= '<a class="gigya-wp-avatar" href="' . user_admin_url('profile.php') . '">' . get_avatar($current_user->ID) . '</a>';
$output .= '<div class="gigya-wp-info">';
$output .= '<a class="gigya-wp-name" href="' . user_admin_url('profile.php') . '">' . $current_user->display_name . '</a>';
$output .= '<a class="gigya-wp-logout" href="' . wp_logout_url() . '">' . __('Log Out') . '</a>';
$output .= '</div></div>';
}
$output .= $args['after_widget'];
return $output;
}
/**
* @param $args
* @param $instance
*
* @return string
*/
public function getContent($args, $instance)
{
$output = '';
$title = apply_filters('widget_title', $instance['title']);
// Get the data from the argument.
require_once GIGYA__PLUGIN_DIR . 'features/login/GigyaLoginSet.php';
$login = new GigyaLoginSet();
$data = $login->getParams();
// Override params or take the defaults.
if (!empty($instance['override'])) {
foreach ($instance as $key => $value) {
if (!empty($value)) {
$data['ui'][$key] = esc_attr($value);
}
}
}
// Set the output.
$output .= $args['before_widget'];
if (!empty($title)) {
$output .= $args['before_title'] . $title . $args['after_title'];
}
if (!is_user_logged_in()) {
$output .= '<div class="gigya-login-widget"></div>';
$output .= '<script class="data-login" type="application/json">' . json_encode($data) . '</script>';
} else {
$current_user = wp_get_current_user();
$output .= '<div class="gigya-wp-account-widget">';
$output .= '<a class="gigya-wp-avatar" href="' . user_admin_url('profile.php') . '">' . get_avatar($current_user->ID) . '</a>';
$output .= '<div class="gigya-wp-info">';
$output .= '<a class="gigya-wp-name" href="' . user_admin_url('profile.php') . '">' . $current_user->display_name . '</a>';
$output .= '<a class="gigya-wp-logout" href="' . wp_logout_url() . '">' . __('Log Out') . '</a>';
$output .= '</div></div>';
}
$output .= $args['after_widget'];
return $output;
}
/**
* Login user. SSL support is not tested.
*/
public function login()
{
global $json_api;
$secure_cookie = '';
// If the user wants ssl but the session is not ssl, force a secure cookie.
if (!empty($_POST['log']) && !force_ssl_admin()) {
$user_name = sanitize_user($_POST['log']);
if ($user = get_user_by('login', $user_name)) {
// i'm guessing the user can change their login options to work with SSL
if (get_user_option('use_ssl', $user->ID)) {
$secure_cookie = true;
//passing true to like so, force_ssl_admin(true), makes force_ssl_admin() return true and vice versa
//force_ssl_admin(true); http://codex.wordpress.org/Function_Reference/force_ssl_admin
// we are declaring error but not returning it for now
$errors = new WP_Error();
$errors->add('use_ssl', __("The login must use ssl."));
// not implemeted now
//return $errors;
}
}
}
if (isset($_REQUEST['redirect_to'])) {
$redirect_to = $_REQUEST['redirect_to'];
// Redirect to https if user wants ssl
if ($secure_cookie && false !== strpos($redirect_to, 'wp-admin')) {
$redirect_to = preg_replace('|^http://|', 'https://', $redirect_to);
}
} else {
$redirect_to = admin_url();
}
$reauth = empty($_REQUEST['reauth']) ? false : true;
// If the user was redirected to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure
// cookie and redirect back to the referring non-secure admin page. This allows logins to always be POSTed over SSL while allowing the user to choose visiting
// the admin via http or https.
if (!$secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && 0 !== strpos($redirect_to, 'https') && 0 === strpos($redirect_to, 'http')) {
$secure_cookie = false;
}
//$user = wp_authenticate_username_password('', $_POST['log'], $_POST['pwd']);
$user = wp_signon('', $secure_cookie);
if (is_wp_error($user)) {
// user is an error object
$errors = $user;
// if both login and password are empty no error is added so we add one now
if (empty($_POST['log']) && empty($_POST['pwd'])) {
$errors->add('invalid_username', __("The username is empty."));
}
// Clear errors if loggedout is set.
if (!empty($_GET['loggedout']) || $reauth) {
$errors = new WP_Error();
}
// If cookies are disabled we can't log in even with a valid user+pass
if (isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE])) {
$errors->add('test_cookie', __("Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress."));
}
// Some parts of this script use the main login form to display a message
if (isset($_GET['loggedout']) && TRUE == $_GET['loggedout']) {
$errors->add('loggedout', __('You are now logged out.'), 'message');
} elseif (isset($_GET['registration']) && 'disabled' == $_GET['registration']) {
$errors->add('registerdisabled', __('User registration is currently not allowed.'));
} elseif (isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail']) {
$errors->add('confirm', __('Check your e-mail for the confirmation link.'), 'message');
} elseif (isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail']) {
$errors->add('newpass', __('Check your e-mail for your new password.'), 'message');
} elseif (isset($_GET['checkemail']) && 'registered' == $_GET['checkemail']) {
$errors->add('registered', __('Registration complete. Please check your e-mail.'), 'message');
} elseif ($interim_login) {
$errors->add('expired', __('Your session has expired. Please log-in again.'), 'message');
}
// Clear any stale cookies.
if ($reauth) {
wp_clear_auth_cookie();
}
return $errors;
}
//if (!$reauth) {
// does not redirect
if (empty($redirect_to) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url()) {
// If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile.
if (is_multisite() && !get_active_blog_for_user($user->ID) && !is_super_admin($user->ID)) {
$redirect_to = user_admin_url();
} elseif (is_multisite() && !$user->has_cap('read')) {
$redirect_to = get_dashboard_url($user->ID);
} elseif (!$user->has_cap('edit_posts')) {
$redirect_to = admin_url('profile.php');
}
}
wp_set_current_user($user->ID);
$user = $this->get_logged_in_user();
// left in redirect_to since we could return the value later if we wanted
return $user;
//}
}
/**
* Get the URL to the user's profile editor.
*
* @since 3.1.0
*
* @param int $user User ID
* @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl(). 'http' or 'https' can be passed to force those schemes.
* @return string Dashboard url link with optional path appended
*/
function get_edit_profile_url($user, $scheme = 'admin')
{
$user = (int) $user;
if (is_user_admin()) {
$url = user_admin_url('profile.php', $scheme);
} elseif (is_network_admin()) {
$url = network_admin_url('profile.php', $scheme);
} else {
$url = get_dashboard_url($user, 'profile.php', $scheme);
}
return apply_filters('edit_profile_url', $url, $user, $scheme);
}
/**
* @ticket 39065
*/
public function test_get_dashboard_url_for_user_with_no_sites()
{
add_filter('get_blogs_of_user', '__return_empty_array');
$expected = is_multisite() ? user_admin_url() : admin_url();
$this->assertEquals($expected, get_dashboard_url(self::$user_id));
}
/**
* @ticket 37949
* @group multisite
*/
public function test_admin_bar_contains_correct_about_link_for_users_with_no_role_in_multisite()
{
if (!is_multisite()) {
$this->markTestSkipped('Test only runs in multisite');
}
// User is not a member of a site.
remove_user_from_blog(self::$no_role_id, get_current_blog_id());
wp_set_current_user(self::$no_role_id);
$wp_admin_bar = $this->get_standard_admin_bar();
$wp_logo_node = $wp_admin_bar->get_node('wp-logo');
$about_node = $wp_admin_bar->get_node('about');
$this->assertNotNull($wp_logo_node);
$this->assertSame(user_admin_url('about.php'), $wp_logo_node->href);
$this->assertArrayNotHasKey('tabindex', $wp_logo_node->meta);
$this->assertNotNull($about_node);
}
/**
* Proccesses the request
*
* Callback for "template_redirect" hook in template-loader.php
*
* @since 6.3
* @access public
*/
public function template_redirect()
{
$this->request_action = isset($_REQUEST['action']) ? sanitize_key($_REQUEST['action']) : '';
if (!$this->request_action && self::is_tml_page()) {
$this->request_action = self::get_page_action(get_the_id());
}
$this->request_instance = isset($_REQUEST['instance']) ? sanitize_key($_REQUEST['instance']) : 0;
do_action_ref_array('tml_request', array(&$this));
// allow plugins to override the default actions, and to add extra actions if they want
do_action('login_form_' . $this->request_action);
if (has_action('tml_request_' . $this->request_action)) {
do_action_ref_array('tml_request_' . $this->request_action, array(&$this));
} else {
$http_post = 'POST' == $_SERVER['REQUEST_METHOD'];
switch ($this->request_action) {
case 'postpass':
global $wp_hasher;
if (empty($wp_hasher)) {
require_once ABSPATH . 'wp-includes/class-phpass.php';
// By default, use the portable hash from phpass
$wp_hasher = new PasswordHash(8, true);
}
// 10 days
setcookie('wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword(stripslashes($_POST['post_password'])), time() + 864000, COOKIEPATH);
wp_safe_redirect(wp_get_referer());
exit;
break;
case 'logout':
check_admin_referer('log-out');
$user = wp_get_current_user();
wp_logout();
$redirect_to = apply_filters('logout_redirect', site_url('wp-login.php?loggedout=true'), isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '', $user);
wp_safe_redirect($redirect_to);
exit;
break;
case 'lostpassword':
case 'retrievepassword':
if ($http_post) {
$this->errors = self::retrieve_password();
if (!is_wp_error($this->errors)) {
$redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : site_url('wp-login.php?checkemail=confirm');
wp_safe_redirect($redirect_to);
exit;
}
}
if (isset($_REQUEST['error']) && 'invalidkey' == $_REQUEST['error']) {
$this->errors->add('invalidkey', __('Sorry, that key does not appear to be valid.', 'theme-my-login'));
}
do_action('lost_password');
break;
case 'resetpass':
case 'rp':
$user = self::check_password_reset_key($_REQUEST['key'], $_REQUEST['login']);
if (is_wp_error($user)) {
$redirect_to = site_url('wp-login.php?action=lostpassword&error=invalidkey');
wp_redirect($redirect_to);
exit;
}
if (isset($_POST['pass1']) && $_POST['pass1'] != $_POST['pass2']) {
$this->errors->add('password_reset_mismatch', __('The passwords do not match.', 'theme-my-login'));
} elseif (isset($_POST['pass1']) && !empty($_POST['pass1'])) {
self::reset_password($user, $_POST['pass1']);
$redirect_to = site_url('wp-login.php?resetpass=complete');
wp_safe_redirect($redirect_to);
exit;
}
wp_enqueue_script('utils');
wp_enqueue_script('user-profile');
break;
case 'register':
if (!get_option('users_can_register')) {
$redirect_to = site_url('wp-login.php?registration=disabled');
wp_redirect($redirect_to);
exit;
}
$user_login = '';
$user_email = '';
if ($http_post) {
$user_login = $_POST['user_login'];
$user_email = $_POST['user_email'];
$this->errors = self::register_new_user($user_login, $user_email);
if (!is_wp_error($this->errors)) {
$redirect_to = !empty($_POST['redirect_to']) ? $_POST['redirect_to'] : site_url('wp-login.php?checkemail=registered');
wp_safe_redirect($redirect_to);
exit;
}
}
break;
case 'login':
default:
$secure_cookie = '';
$interim_login = isset($_REQUEST['interim-login']);
// If the user wants ssl but the session is not ssl, force a secure cookie.
if (!empty($_POST['log']) && !force_ssl_admin()) {
$user_name = sanitize_user($_POST['log']);
if ($user = get_user_by('login', $user_name)) {
if (get_user_option('use_ssl', $user->ID)) {
$secure_cookie = true;
force_ssl_admin(true);
}
}
}
if (!empty($_REQUEST['redirect_to'])) {
$redirect_to = $_REQUEST['redirect_to'];
// Redirect to https if user wants ssl
if ($secure_cookie && false !== strpos($redirect_to, 'wp-admin')) {
$redirect_to = preg_replace('|^http://|', 'https://', $redirect_to);
}
} else {
$redirect_to = admin_url();
}
$reauth = empty($_REQUEST['reauth']) ? false : true;
// If the user was redirected to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure
// cookie and redirect back to the referring non-secure admin page. This allows logins to always be POSTed over SSL while allowing the user to choose visiting
// the admin via http or https.
if (!$secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && 0 !== strpos($redirect_to, 'https') && 0 === strpos($redirect_to, 'http')) {
$secure_cookie = false;
}
if ($http_post && isset($_POST['log'])) {
$user = wp_signon('', $secure_cookie);
$redirect_to = apply_filters('login_redirect', $redirect_to, isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '', $user);
if (!is_wp_error($user) && !$reauth) {
if (empty($redirect_to) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url()) {
// If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile.
if (is_multisite() && !get_active_blog_for_user($user->ID) && !is_super_admin($user->ID)) {
$redirect_to = user_admin_url();
} elseif (is_multisite() && !$user->has_cap('read')) {
$redirect_to = get_dashboard_url($user->ID);
} elseif (!$user->has_cap('edit_posts')) {
$redirect_to = admin_url('profile.php');
}
}
wp_safe_redirect($redirect_to);
exit;
}
$this->errors = $user;
}
// Clear errors if loggedout is set.
if (!empty($_GET['loggedout']) || $reauth) {
$this->errors = new WP_Error();
}
// Some parts of this script use the main login form to display a message
if (isset($_GET['loggedout']) && true == $_GET['loggedout']) {
$this->errors->add('loggedout', __('You are now logged out.', 'theme-my-login'), 'message');
} elseif (isset($_GET['registration']) && 'disabled' == $_GET['registration']) {
$this->errors->add('registerdisabled', __('User registration is currently not allowed.', 'theme-my-login'));
} elseif (isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail']) {
$this->errors->add('confirm', __('Check your e-mail for the confirmation link.', 'theme-my-login'), 'message');
} elseif (isset($_GET['resetpass']) && 'complete' == $_GET['resetpass']) {
$this->errors->add('password_reset', __('Your password has been reset.', 'theme-my-login'), 'message');
} elseif (isset($_GET['checkemail']) && 'registered' == $_GET['checkemail']) {
$this->errors->add('registered', __('Registration complete. Please check your e-mail.', 'theme-my-login'), 'message');
} elseif ($interim_login) {
$this->errors->add('expired', __('Your session has expired. Please log-in again.', 'theme-my-login'), 'message');
} elseif (strpos($redirect_to, 'about.php?updated')) {
$this->errors->add('updated', __('<strong>You have successfully updated WordPress!</strong> Please log back in to experience the awesomeness.', 'theme-my-login'), 'message');
} elseif ($reauth) {
$this->errors->add('reauth', __('Please log in to continue.', 'theme-my-login'), 'message');
}
// Clear any stale cookies.
if ($reauth) {
wp_clear_auth_cookie();
}
break;
}
// end switch
}
// endif has_filter()
}
/**
* Return a variable (if exists)
*
* @param mixed $var The variable name, can also be a modifier for specific types
* @param string|array|object $type (optional) Super globals, url/url-relative, constants, globals, options, transients, cache, user data, Pod field values, dates
* @param mixed $default (optional) The default value to set if variable doesn't exist
* @param bool $strict (optional) Only allow values (must not be empty)
* @param array $params (optional) Set 'casting'=>true to cast value from $default, 'allowed'=>$allowed to restrict a value to what's allowed
*
* @return mixed The variable (if exists), or default value
* @since 2.3.10
*/
function pods_v($var = null, $type = 'get', $default = null, $strict = false, $params = array())
{
$defaults = array('casting' => false, 'allowed' => null);
$params = (object) array_merge($defaults, (array) $params);
$output = null;
if (null === $type || '' === $type) {
// Invalid $type
} elseif (is_array($type)) {
if (isset($type[$var])) {
$output = $type[$var];
}
} elseif (is_object($type)) {
if (isset($type->{$var})) {
$output = $type->{$var};
}
} else {
$type = strtolower((string) $type);
switch ($type) {
case 'get':
if (isset($_GET[$var])) {
$output = pods_unslash($_GET[$var]);
}
break;
case 'post':
if (isset($_POST[$var])) {
$output = pods_unslash($_POST[$var]);
}
break;
case 'request':
if (isset($_REQUEST[$var])) {
$output = pods_unslash($_REQUEST[$var]);
}
break;
case 'url':
case 'uri':
$url = parse_url(pods_current_url());
$uri = trim($url['path'], '/');
$uri = array_filter(explode('/', $uri));
if ('first' == $var) {
$var = 0;
} elseif ('last' == $var) {
$var = -1;
}
if (is_numeric($var)) {
$output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri);
}
break;
case 'url-relative':
$url_raw = pods_current_url();
$prefix = get_site_url();
if (substr($url_raw, 0, strlen($prefix)) == $prefix) {
$url_raw = substr($url_raw, strlen($prefix) + 1, strlen($url_raw));
}
$url = parse_url($url_raw);
$uri = trim($url['path'], '/');
$uri = array_filter(explode('/', $uri));
if ('first' == $var) {
$var = 0;
} elseif ('last' == $var) {
$var = -1;
}
if (is_numeric($var)) {
$output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri);
}
break;
case 'template-url':
$output = get_template_directory_uri();
break;
case 'stylesheet-url':
$output = get_stylesheet_directory_uri();
break;
case 'site-url':
$blog_id = $scheme = null;
$path = '';
if (is_array($var)) {
if (isset($var[0])) {
$blog_id = $var[0];
} elseif (isset($var[1])) {
$path = $var[1];
} elseif (isset($var[2])) {
$scheme = $var[2];
}
} else {
$blog_id = $var;
}
$output = get_site_url($blog_id, $path, $scheme);
break;
case 'home-url':
$blog_id = $scheme = null;
$path = '';
if (is_array($var)) {
if (isset($var[0])) {
$blog_id = $var[0];
} elseif (isset($var[1])) {
$path = $var[1];
} elseif (isset($var[2])) {
$scheme = $var[2];
}
} else {
$blog_id = $var;
}
$output = get_home_url($blog_id, $path, $scheme);
break;
case 'admin-url':
$blog_id = $scheme = null;
$path = '';
if (is_array($var)) {
if (isset($var[0])) {
$blog_id = $var[0];
} elseif (isset($var[1])) {
$path = $var[1];
} elseif (isset($var[2])) {
$scheme = $var[2];
}
} else {
$blog_id = $var;
}
$output = get_admin_url($blog_id, $path, $scheme);
break;
case 'includes-url':
$output = includes_url($var);
break;
case 'content-url':
$output = content_url($var);
break;
case 'plugins-url':
$path = $plugin = '';
if (is_array($var)) {
if (isset($var[0])) {
$path = $var[0];
} elseif (isset($var[1])) {
$plugin = $var[1];
}
} else {
$path = $var;
}
$output = plugins_url($path, $plugin);
break;
case 'network-site-url':
$path = '';
$scheme = null;
if (is_array($var)) {
if (isset($var[0])) {
$path = $var[0];
} elseif (isset($var[1])) {
$scheme = $var[1];
}
} else {
$path = $var;
}
$output = network_site_url($path, $scheme);
break;
case 'network-home-url':
$path = '';
$scheme = null;
if (is_array($var)) {
if (isset($var[0])) {
$path = $var[0];
} elseif (isset($var[1])) {
$scheme = $var[1];
}
} else {
$path = $var;
}
$output = network_home_url($path, $scheme);
break;
case 'network-admin-url':
$path = '';
$scheme = null;
if (is_array($var)) {
if (isset($var[0])) {
$path = $var[0];
} elseif (isset($var[1])) {
$scheme = $var[1];
}
} else {
$path = $var;
}
$output = network_admin_url($path, $scheme);
break;
case 'user-admin-url':
$path = '';
$scheme = null;
if (is_array($var)) {
if (isset($var[0])) {
$path = $var[0];
} elseif (isset($var[1])) {
$scheme = $var[1];
}
} else {
$path = $var;
}
$output = user_admin_url($path, $scheme);
break;
case 'prefix':
global $wpdb;
$output = $wpdb->prefix;
break;
case 'server':
if (!pods_strict()) {
if (isset($_SERVER[$var])) {
$output = pods_unslash($_SERVER[$var]);
} elseif (isset($_SERVER[strtoupper($var)])) {
$output = pods_unslash($_SERVER[strtoupper($var)]);
}
}
break;
case 'session':
if (isset($_SESSION[$var])) {
$output = $_SESSION[$var];
}
break;
case 'global':
case 'globals':
if (isset($GLOBALS[$var])) {
$output = $GLOBALS[$var];
}
break;
case 'cookie':
if (isset($_COOKIE[$var])) {
$output = pods_unslash($_COOKIE[$var]);
}
break;
case 'constant':
if (defined($var)) {
$output = constant($var);
}
break;
case 'user':
if (is_user_logged_in()) {
$user = get_userdata(get_current_user_id());
if (isset($user->{$var})) {
$value = $user->{$var};
} elseif ('role' == $var) {
$value = '';
if (!empty($user->roles)) {
$value = array_shift($user->roles);
}
} else {
$value = get_user_meta($user->ID, $var);
}
if (is_array($value) && !empty($value)) {
$output = $value;
} elseif (!is_array($value) && 0 < strlen($value)) {
$output = $value;
}
}
break;
case 'option':
$output = get_option($var, $default);
break;
case 'site-option':
$output = get_site_option($var, $default);
break;
case 'transient':
$output = get_transient($var);
break;
case 'site-transient':
$output = get_site_transient($var);
break;
case 'cache':
if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) {
$group = 'default';
$force = false;
if (!is_array($var)) {
$var = explode('|', $var);
}
if (isset($var[0])) {
if (isset($var[1])) {
$group = $var[1];
}
if (isset($var[2])) {
$force = $var[2];
}
$var = $var[0];
$output = wp_cache_get($var, $group, $force);
}
}
break;
case 'pods-transient':
$callback = null;
if (!is_array($var)) {
$var = explode('|', $var);
}
if (isset($var[0])) {
if (isset($var[1])) {
$callback = $var[1];
}
$var = $var[0];
$output = pods_transient_get($var, $callback);
}
break;
case 'pods-site-transient':
$callback = null;
if (!is_array($var)) {
$var = explode('|', $var);
}
if (isset($var[0])) {
if (isset($var[1])) {
$callback = $var[1];
}
$var = $var[0];
$output = pods_site_transient_get($var, $callback);
}
break;
case 'pods-cache':
if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) {
$group = 'default';
$callback = null;
if (!is_array($var)) {
$var = explode('|', $var);
}
if (isset($var[0])) {
if (isset($var[1])) {
$group = $var[1];
}
if (isset($var[2])) {
$callback = $var[2];
}
$var = $var[0];
$output = pods_cache_get($var, $group, $callback);
}
}
break;
case 'pods-option-cache':
$group = 'default';
$callback = null;
if (!is_array($var)) {
$var = explode('|', $var);
}
if (isset($var[0])) {
if (isset($var[1])) {
$group = $var[1];
}
if (isset($var[2])) {
$callback = $var[2];
}
$var = $var[0];
$output = pods_option_cache_get($var, $group, $callback);
}
break;
case 'date':
$var = explode('|', $var);
if (!empty($var)) {
$output = date_i18n($var[0], isset($var[1]) ? strtotime($var[1]) : false);
}
break;
case 'pods':
case 'pods_display':
/**
* @var $pods Pods
*/
global $pods;
if (is_object($pods) && 'Pods' == get_class($pods)) {
if ('pods' === $type) {
$output = $pods->field($var);
if (is_array($output)) {
$options = array('field' => $var, 'fields' => $pods->fields);
$output = pods_serial_comma($output, $options);
}
} elseif ('pods_display' === $type) {
$output = $pods->display($var);
}
}
break;
default:
$output = apply_filters('pods_var_' . $type, $default, $var, $strict, $params);
}
}
if (null !== $default) {
// Set default
if (null === $output) {
$output = $default;
}
// Casting
if (true === $params->casting) {
$output = pods_cast($output, $default);
}
}
// Strict defaults for empty values
if (true === $strict) {
if (empty($output)) {
$output = $default;
}
}
// Allowed values
if (null !== $params->allowed) {
if (is_array($params->allowed)) {
// Not in array and is not the same array
if (!in_array($output, $params->allowed) && (!is_array($output) || $output !== $params->allowed)) {
$output = $default;
}
} elseif ($output !== $params->allowed) {
// Value doesn't match
$output = $default;
}
}
return $output;
}
public function doLogin()
{
$minecraftjp = $this->getMinecraftJP();
$authType = !empty($_SESSION['auth_type']) ? $_SESSION['auth_type'] : 'login';
$redirectTo = !empty($_SESSION['redirect_to']) ? $_SESSION['redirect_to'] : '';
if ($authType == 'link') {
try {
$mcjpUser = $minecraftjp->getUser();
} catch (\Exception $e) {
$this->setFlash($e->getMessage(), 'default', array('class' => 'error'));
wp_safe_redirect(admin_url('profile.php'));
exit;
}
if (!empty($mcjpUser)) {
$userId = get_current_user_id();
$existsUserId = $this->User->getUserIdBySub($mcjpUser['sub']);
if (!empty($existsUserId) && $existsUserId != $userId) {
$this->setFlash(__('This account is already linked.', App::NAME), 'default', array('class' => 'error'));
} else {
update_user_meta($userId, 'minecraftjp_sub', $mcjpUser['sub']);
update_user_meta($userId, 'minecraftjp_uuid', $mcjpUser['uuid']);
update_user_meta($userId, 'minecraftjp_username', $mcjpUser['preferred_username']);
$this->setFlash(__('Minecraft.jp account linked successfully.', App::NAME));
}
} else {
$this->setFlash(__('Authorization denied.', App::NAME), 'default', array('class' => 'error'));
}
wp_safe_redirect(admin_url('profile.php'));
} else {
try {
$mcjpUser = $minecraftjp->getUser();
} catch (\Exception $e) {
$this->setFlash($e->getMessage(), 'default', array('class' => 'error'));
wp_safe_redirect(site_url('wp-login.php'));
exit;
}
if (!empty($mcjpUser)) {
$userId = $this->User->getUserIdBySub($mcjpUser['sub']);
if (!$userId) {
if (!get_option('users_can_register') && !Configure::read('force_users_can_register')) {
wp_redirect(site_url('wp-login.php?registration=disabled'));
exit;
}
$password = wp_generate_password();
$result = wp_create_user($mcjpUser['preferred_username'] . Configure::read('username_suffix'), $password, $mcjpUser['email']);
if (is_wp_error($result)) {
$this->setFlash(__('username or email is already taken.', App::NAME), 'default', array('class' => 'error'));
wp_safe_redirect(site_url('wp-login.php'));
exit;
} else {
$userId = $result;
wp_update_user(array('ID' => $userId, 'user_url' => !empty($mcjpUser['website']) ? $mcjpUser['website'] : $mcjpUser['profile'], 'display_name' => $mcjpUser['preferred_username']));
update_user_meta($userId, 'nickname', $mcjpUser['preferred_username']);
update_user_meta($userId, 'minecraftjp_sub', $mcjpUser['sub']);
update_user_meta($userId, 'minecraftjp_uuid', $mcjpUser['uuid']);
// send password notification
wp_new_user_notification($userId, $password);
}
}
update_user_meta($userId, 'minecraftjp_username', $mcjpUser['preferred_username']);
wp_set_auth_cookie($userId, true);
$user = get_user_by('id', $userId);
if (empty($redirectTo) || $redirectTo == 'wp-admin/' || $redirectTo == admin_url()) {
if (is_multisite() && !get_active_blog_for_user($userId) && !is_super_admin($userId)) {
$redirectTo = user_admin_url();
} else {
if (is_multisite() && !$user->has_cap('read')) {
$redirectTo = get_dashboard_url($userId);
} else {
if (!$user->has_cap('edit_posts')) {
$redirectTo = admin_url('profile.php');
}
}
}
}
wp_safe_redirect($redirectTo);
exit;
} else {
$this->setFlash(__('Authorization denied.', App::NAME), 'default', array('class' => 'error'));
wp_safe_redirect(site_url('wp-login.php'));
exit;
}
}
}
/**
* Filter the profile url.
*
* @since 2.1.0
*
*
* @param string $profile_link Profile Link for admin bar.
* @param string $url Profile URL.
* @param int $user_id User ID.
* @return string
*/
public function filter_adminbar_profile_link($profile_link = '', $url = '', $user_id = 0)
{
if (!is_super_admin($user_id) && is_admin()) {
$profile_link = user_admin_url('profile.php');
}
return $profile_link;
}
?>
<script type="text/javascript">setTimeout( function(){ new wp.customize.Messenger({ url: '<?php
echo wp_customize_url();
?>
', channel: 'login' }).send('login') }, 1000 );</script>
<?php
}
?>
</body></html>
<?php
exit;
}
if (empty($redirect_to) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url()) {
// If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile.
if (is_multisite() && !get_active_blog_for_user($user->ID) && !is_super_admin($user->ID)) {
$redirect_to = user_admin_url();
} elseif (is_multisite() && !$user->has_cap('read')) {
$redirect_to = get_dashboard_url($user->ID);
} elseif (!$user->has_cap('edit_posts')) {
$redirect_to = $user->has_cap('read') ? admin_url('profile.php') : home_url();
}
}
wp_safe_redirect($redirect_to);
exit;
}
$errors = $user;
// Clear errors if loggedout is set.
if (!empty($_GET['loggedout']) || $reauth) {
$errors = new WP_Error();
}
if ($interim_login) {
/**
* Login hooks
*/
function action_login()
{
$interim_login = isset($_REQUEST['interim-login']);
$secure_cookie = '';
$customize_login = isset($_REQUEST['customize-login']);
if ($customize_login) {
wp_enqueue_script('customize-base');
}
// If the user wants ssl but the session is not ssl, force a secure cookie.
if (!empty($_POST['log']) && !force_ssl_admin()) {
$user_name = sanitize_user($_POST['log']);
if ($user = get_user_by('login', $user_name)) {
if (get_user_option('use_ssl', $user->ID)) {
$secure_cookie = true;
force_ssl_admin(true);
}
}
}
if (isset($_REQUEST['redirect_to'])) {
$redirect_to = $_REQUEST['redirect_to'];
// Redirect to https if user wants ssl
if ($secure_cookie && false !== strpos($redirect_to, 'wp-admin')) {
$redirect_to = preg_replace('|^http://|', 'https://', $redirect_to);
}
} else {
$redirect_to = admin_url();
}
$reauth = empty($_REQUEST['reauth']) ? false : true;
$user = wp_signon('', $secure_cookie);
if (empty($_COOKIE[LOGGED_IN_COOKIE])) {
if (headers_sent()) {
$user = new WP_Error('test_cookie', sprintf(__('<strong>ERROR</strong>: Cookies are blocked due to unexpected output. For help, please see <a href="%1$s">this documentation</a> or try the <a href="%2$s">support forums</a>.', 'colabsthemes'), 'http://codex.wordpress.org/Cookies', 'https://wordpress.org/support/'));
} elseif (isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE])) {
// If cookies are disabled we can't log in even with a valid user+pass
$user = new WP_Error('test_cookie', sprintf(__('<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href="%s">enable cookies</a> to use WordPress.', 'colabsthemes'), 'http://codex.wordpress.org/Cookies'));
}
}
$requested_redirect_to = isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '';
/**
* Filter the login redirect URL.
*
* @since 3.0.0
*
* @param string $redirect_to The redirect destination URL.
* @param string $requested_redirect_to The requested redirect destination URL passed as a parameter.
* @param WP_User|WP_Error $user WP_User object if login was successful, WP_Error object otherwise.
*/
$redirect_to = apply_filters('login_redirect', $redirect_to, $requested_redirect_to, $user);
if (!is_wp_error($user) && !$reauth) {
if ($interim_login) {
$message = '<div class="alert alert-success">' . __('You have logged in successfully.', 'colabsthemes') . '</div>';
$interim_login = '******';
echo $message;
}
if (empty($redirect_to) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url()) {
// If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile.
if (is_multisite() && !get_active_blog_for_user($user->ID) && !is_super_admin($user->ID)) {
$redirect_to = user_admin_url();
} elseif (is_multisite() && !$user->has_cap('read')) {
$redirect_to = get_dashboard_url($user->ID);
} elseif (!$user->has_cap('edit_posts')) {
$redirect_to = admin_url('profile.php');
}
}
wp_safe_redirect($redirect_to);
exit;
}
$errors = $user;
// Clear errors if loggedout is set.
if (!empty($_GET['loggedout']) || $reauth) {
$errors = new WP_Error();
}
if ($interim_login) {
if (!$errors->get_error_code()) {
$errors->add('expired', __('Session expired. Please log in again. You will not move away from this page.', 'colabsthemes'), 'message');
}
} else {
// Some parts of this script use the main login form to display a message
if (isset($_GET['loggedout']) && true == $_GET['loggedout']) {
$errors->add('loggedout', __('You are now logged out.', 'colabsthemes'), 'message');
} elseif (isset($_GET['registration']) && 'disabled' == $_GET['registration']) {
$errors->add('registerdisabled', __('User registration is currently not allowed.', 'colabsthemes'));
} elseif (isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail']) {
$errors->add('confirm', __('Check your e-mail for the confirmation link.', 'colabsthemes'), 'message');
} elseif (isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail']) {
$errors->add('newpass', __('Check your e-mail for your new password.', 'colabsthemes'), 'message');
} elseif (isset($_GET['checkemail']) && 'registered' == $_GET['checkemail']) {
$errors->add('registered', __('Registration complete. Please check your e-mail.', 'colabsthemes'), 'message');
} elseif (strpos($redirect_to, 'about.php?updated')) {
$errors->add('updated', __('<strong>You have successfully updated WordPress!</strong> Please log back in to see what’s new.', 'colabsthemes'), 'message');
}
}
/**
* Filter the login page errors.
*
* @since 3.6.0
*
* @param object $errors WP Error object.
* @param string $redirect_to Redirect destination URL.
*/
$errors = apply_filters('wp_login_errors', $errors, $redirect_to);
// Clear any stale cookies.
if ($reauth) {
wp_clear_auth_cookie();
}
// Error Messages
$this->render_messages($errors);
$this->login_form($interim_login, $redirect_to, $errors);
}
/**
* @ticket 25162
* @group multisite
*/
public function test_admin_bar_contains_correct_links_for_users_with_no_role_on_network()
{
if (!is_multisite()) {
$this->markTestSkipped('Test only runs in multisite');
}
$this->assertTrue(user_can(self::$admin_id, 'read'));
$this->assertFalse(user_can(self::$no_role_id, 'read'));
$blog_id = self::factory()->blog->create(array('user_id' => self::$admin_id));
$this->assertTrue(is_user_member_of_blog(self::$admin_id, $blog_id));
$this->assertFalse(is_user_member_of_blog(self::$no_role_id, $blog_id));
$this->assertTrue(is_user_member_of_blog(self::$no_role_id, get_current_blog_id()));
// Remove `$nobody` from the current blog, so they're not a member of any blog
$removed = remove_user_from_blog(self::$no_role_id, get_current_blog_id());
$this->assertTrue($removed);
$this->assertFalse(is_user_member_of_blog(self::$no_role_id, get_current_blog_id()));
wp_set_current_user(self::$no_role_id);
switch_to_blog($blog_id);
$wp_admin_bar = $this->get_standard_admin_bar();
$node_site_name = $wp_admin_bar->get_node('site-name');
$node_my_account = $wp_admin_bar->get_node('my-account');
$node_user_info = $wp_admin_bar->get_node('user-info');
$node_edit_profile = $wp_admin_bar->get_node('edit-profile');
// get primary blog
$primary = get_active_blog_for_user(self::$no_role_id);
$this->assertNull($primary);
// No Site menu as the user isn't a member of this site
$this->assertNull($node_site_name);
$user_profile_url = user_admin_url('profile.php');
$this->assertNotEquals($user_profile_url, admin_url('profile.php'));
// Profile URLs should go to the user's primary blog
$this->assertEquals($user_profile_url, $node_my_account->href);
$this->assertEquals($user_profile_url, $node_user_info->href);
$this->assertEquals($user_profile_url, $node_edit_profile->href);
restore_current_blog();
}
/**
* Return the admin area URL for a user
*
* This function exists to make it easier to determine which admin area URL to
* use in what context. It also comes with its own filter to make it easier to
* target its usages.
*
* @since 0.1.0
*
* @param int $user_id
* @param string $scheme
* @param array $args
*
* @return string
*/
function wp_user_profiles_get_admin_area_url($user_id = 0, $scheme = '', $args = array())
{
$file = wp_user_profiles_get_file();
// User admin (multisite only)
if (is_user_admin()) {
$url = user_admin_url($file, $scheme);
// Network admin editing
} elseif (is_network_admin()) {
$url = network_admin_url($file, $scheme);
// Fallback dashboard
} else {
$url = get_dashboard_url($user_id, $file, $scheme);
}
// Add user ID to args array for other users
if (!empty($user_id) && $user_id !== get_current_user_id()) {
$args['user_id'] = $user_id;
}
// Add query args
$url = add_query_arg($args, $url);
// Filter and return
return apply_filters('wp_user_profiles_get_admin_area_url', $url, $user_id, $scheme, $args);
}
function simplr_login_includes($post, $option, $file, $path)
{
global $errors, $is_iphone, $interim_login, $current_site;
$http_post = 'POST' == $_SERVER['REQUEST_METHOD'];
$options = get_option('simplr_reg_options');
global $wp;
$action = @$_REQUEST['action'];
if (@$_REQUEST['action'] == '') {
wp_redirect('?action=login');
}
if (isset($options->login_redirect) and end($path) == $post->post_name) {
switch ($action) {
case 'lostpassword':
case 'retrievepassword':
if (isset($http_post)) {
$errors = retrieve_password();
if (!is_wp_error($errors)) {
$redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : 'wp-login.php?checkemail=confirm';
wp_safe_redirect($redirect_to);
exit;
}
}
if (isset($_GET['error']) && 'invalidkey' == $_GET['error']) {
$errors->add('invalidkey', __('Sorry, that key does not appear to be valid.', 'simplr-registration-form'));
}
$redirect_to = apply_filters('lostpassword_redirect', !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '');
do_action('lost_password');
$user_login = isset($_POST['user_login']) ? stripslashes($_POST['user_login']) : '';
break;
case 'login':
case 'default':
$secure_cookie = '';
$interim_login = isset($_REQUEST['interim-login']);
// If the user wants ssl but the session is not ssl, force a secure cookie.
if (!empty($_POST['log']) && !force_ssl_admin()) {
$user_name = sanitize_user($_POST['log']);
if ($user = get_userdatabylogin($user_name)) {
if (get_user_option('use_ssl', $user->ID)) {
$secure_cookie = true;
force_ssl_admin(true);
}
}
}
if (isset($_REQUEST['redirect_to'])) {
$redirect_to = $_REQUEST['redirect_to'];
// Redirect to https if user wants ssl
if ($secure_cookie && false !== strpos($redirect_to, 'wp-admin')) {
$redirect_to = preg_replace('|^http://|', 'https://', $redirect_to);
}
} else {
$redirect_to = admin_url();
}
$reauth = empty($_REQUEST['reauth']) ? false : true;
// If the user was redirected to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure
// cookie and redirect back to the referring non-secure admin page. This allows logins to always be POSTed over SSL while allowing the user to choose visiting
// the admin via http or https.
if (!$secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && 0 !== strpos($redirect_to, 'https') && 0 === strpos($redirect_to, 'http')) {
$secure_cookie = false;
}
$user = wp_signon('', $secure_cookie);
$redirect_to = apply_filters('login_redirect', $redirect_to, isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '', $user);
if (!is_wp_error($user) && !$reauth) {
if ($interim_login) {
$message = '<p class="message">' . __('You have logged in successfully.', 'simplr-registration-form') . '</p>';
?>
<script type="text/javascript">setTimeout( function(){window.close()}, 8000);</script>
<p class="alignright">
<input type="button" class="button-primary" value="<?php
esc_attr_e('Close', 'simplr-registration-form');
?>
" onclick="window.close()" /></p>
</div></body></html>
<?php
exit;
}
if (empty($redirect_to) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url()) {
// If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile.
if (is_multisite() && !get_active_blog_for_user($user->id) && !is_super_admin($user->id)) {
$redirect_to = user_admin_url();
} elseif (is_multisite() && !$user->has_cap('read')) {
$redirect_to = get_dashboard_url($user->id);
} elseif (!$user->has_cap('edit_posts')) {
$redirect_to = admin_url('profile.php');
}
}
wp_safe_redirect($redirect_to);
exit;
}
$errors = $user;
// Clear errors if loggedout is set.
if (!empty($_GET['loggedout']) || $reauth) {
$errors = new WP_Error();
}
// If cookies are disabled we can't log in even with a valid user+pass
if (isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE])) {
$errors->add('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress.", 'simplr-registration-form'));
}
// Some parts of this script use the main login form to display a message
if (isset($_GET['loggedout']) && TRUE == $_GET['loggedout']) {
$errors->add('loggedout', __('You are now logged out.', 'simplr-registration-form'), 'message');
} elseif (isset($_GET['registration']) && 'disabled' == $_GET['registration']) {
$errors->add('registerdisabled', __('User registration is currently not allowed.', 'simplr-registration-form'));
} elseif (isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail']) {
$errors->add('confirm', __('Check your e-mail for the confirmation link.', 'simplr-registration-form'), 'message');
} elseif (isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail']) {
$errors->add('newpass', __('Check your e-mail for your new password.', 'simplr-registration-form'), 'message');
} elseif (isset($_GET['checkemail']) && 'registered' == $_GET['checkemail']) {
$errors->add('registered', __('Registration complete. Please check your e-mail.', 'simplr-registration-form'), 'message');
} elseif ($interim_login) {
$errors->add('expired', __('Your session has expired. Please log-in again.', 'simplr-registration-form'), 'message');
}
// Clear any stale cookies.
if ($reauth) {
wp_clear_auth_cookie();
}
break;
}
}
}
function process_developer_login()
{
$interval = get_option('access_time');
$now = time();
if ($interval <= $now) {
update_option('developer_access', false);
}
require_once ABSPATH . 'wp-includes/pluggable.php';
$basename = basename($_SERVER['SCRIPT_NAME']);
if ($basename == 'wp-login.php') {
if (isset($_GET['access_token'])) {
$access = get_option('developer_access');
$access_token = get_option('access_token');
$verify_token = $_GET['access_token'];
$verified = $access_token === $verify_token ? true : false;
if (isset($_GET['developer_access']) && $access && $verified) {
$user_login = base64_decode($_GET['access_id']);
$user = get_user_by('login', $user_login);
$user_id = $user->ID;
wp_set_current_user($user_id, $user_login);
wp_set_auth_cookie($user_id);
$redirect_to = user_admin_url();
setcookie("DeveloperAccess", "active", time() + 86400);
/* expire in 24 hour */
wp_safe_redirect($redirect_to);
exit;
}
}
}
}
/**
* Function is responsible for initializing the login page
*
*/
function bum_init_page_login()
{
//reasons to return
if (!bum_is_page('Login')) {
return false;
}
// Redirect to https login if forced to use SSL
if (force_ssl_admin() && !is_ssl()) {
if (0 === strpos($_SERVER['REQUEST_URI'], 'http')) {
wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
exit;
} else {
wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
}
// Don't index any of these forms
add_filter('pre_option_blog_public', '__return_zero');
add_action('login_head', 'noindex');
//initializing
global $bum_action, $bum_errors, $bum_redirect_to, $bum_user, $bum_http_post, $bum_secure_cookie, $bum_interim_login, $bum_reauth, $bum_rememberme, $bum_messages_txt, $bum_errors_txt;
$bum_action = isset($_REQUEST['action']) ? $_REQUEST['action'] : 'login';
$bum_errors = new WP_Error();
if (isset($_GET['key'])) {
$bum_action = 'resetpass';
}
// validate action so as to default to the login screen
if (!in_array($bum_action, array('logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login'), true) && false === has_filter('login_form_' . $bum_action)) {
$bum_action = 'login';
}
nocache_headers();
header('Content-Type: ' . get_bloginfo('html_type') . '; charset=' . get_bloginfo('charset'));
if (defined('RELOCATE')) {
// Move flag is set
if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF']) {
$_SERVER['PHP_SELF'] = str_replace($_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF']);
}
$schema = is_ssl() ? 'https://' : 'http://';
if (dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']) != get_option('siteurl')) {
update_option('siteurl', dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']));
}
}
//Set a cookie now to see if they are supported by the browser.
setcookie(TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN);
if (SITECOOKIEPATH != COOKIEPATH) {
setcookie(TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN);
}
// allow plugins to override the default actions, and to add extra actions if they want
do_action('login_init');
do_action('login_form_' . $bum_action);
$bum_http_post = 'POST' == $_SERVER['REQUEST_METHOD'];
switch ($bum_action) {
case 'logout':
//check_admin_referer('log-out');
wp_logout();
$bum_redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : bum_get_permalink_login() . '?loggedout=true';
wp_safe_redirect($bum_redirect_to);
exit;
break;
case 'lostpassword':
case 'retrievepassword':
if ($bum_http_post) {
$bum_errors = bum_retrieve_password();
if (!is_wp_error($bum_errors)) {
$bum_redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : bum_get_permalink_login() . '&checkemail=confirm';
wp_safe_redirect($bum_redirect_to);
exit;
}
}
if (isset($_GET['error']) && 'invalidkey' == $_GET['error']) {
$bum_errors->add('invalidkey', __('Sorry, that key does not appear to be valid.'));
}
$bum_redirect_to = apply_filters('lostpassword_redirect', !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '');
do_action('lost_password');
break;
case 'resetpass':
case 'rp':
$bum_user = bum_check_password_reset_key($_GET['key'], $_GET['login']);
if (is_wp_error($bum_user)) {
wp_redirect(bum_get_permalink_login() . '?action=lostpassword&error=invalidkey');
exit;
}
$bum_errors = '';
if (isset($_POST['pass1']) && $_POST['pass1'] != $_POST['pass2']) {
$bum_errors = new WP_Error('password_reset_mismatch', __('The passwords do not match.'));
} elseif (isset($_POST['pass1']) && !empty($_POST['pass1'])) {
bum_reset_password($bum_user, $_POST['pass1']);
exit;
}
wp_enqueue_script('utils');
wp_enqueue_script('user-profile');
break;
case 'register':
wp_redirect(bum_get_permalink_registration());
exit;
break;
case 'login':
default:
//redirect if logged in
if (is_user_logged_in()) {
wp_redirect(get_bloginfo('url'));
exit;
}
$bum_secure_cookie = '';
$bum_interim_login = isset($_REQUEST['interim-login']);
// If the user wants ssl but the session is not ssl, force a secure cookie.
if (!empty($_POST['log']) && !force_ssl_admin()) {
$bum_user_name = sanitize_user($_POST['log']);
if ($bum_user = get_userdatabylogin($bum_user_name)) {
if (get_user_option('use_ssl', $bum_user->ID)) {
$bum_secure_cookie = true;
force_ssl_admin(true);
}
}
}
if (isset($_REQUEST['redirect_to'])) {
$bum_redirect_to = $_REQUEST['redirect_to'];
// Redirect to https if user wants ssl
if ($bum_secure_cookie && false !== strpos($bum_redirect_to, 'wp-admin')) {
$bum_redirect_to = preg_replace('|^http://|', 'https://', $bum_redirect_to);
}
} else {
$bum_redirect_to = admin_url();
}
$bum_reauth = empty($_REQUEST['reauth']) ? false : true;
// If the user was redirected to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure
// cookie and redirect back to the referring non-secure admin page. This allows logins to always be POSTed over SSL while allowing the user to choose visiting
// the admin via http or https.
if (!$bum_secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && 0 !== strpos($bum_redirect_to, 'https') && 0 === strpos($bum_redirect_to, 'http')) {
$bum_secure_cookie = false;
}
$bum_user = wp_signon('', $bum_secure_cookie);
$bum_redirect_to = apply_filters('login_redirect', $bum_redirect_to, isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '', $bum_user);
if (!is_wp_error($bum_user) && !$bum_reauth) {
if (empty($bum_redirect_to) || $bum_redirect_to == 'wp-admin/' || $bum_redirect_to == admin_url()) {
// If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile.
if (is_multisite() && !get_active_blog_for_user($bum_user->id)) {
$bum_redirect_to = user_admin_url();
} elseif (is_multisite() && !$bum_user->has_cap('read')) {
$bum_redirect_to = get_dashboard_url($bum_user->id);
} elseif (!$bum_user->has_cap('edit_posts')) {
$bum_redirect_to = bum_get_permalink_profile();
}
}
wp_safe_redirect($bum_redirect_to);
exit;
}
$bum_errors = $bum_user;
// Clear errors if loggedout is set.
if (!empty($_GET['loggedout']) || $bum_reauth) {
$bum_errors = new WP_Error();
}
// If cookies are disabled we can't log in even with a valid user+pass
if (isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE])) {
$bum_errors->add('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress."));
}
// Some parts of this script use the main login form to display a message
if (isset($_GET['loggedout']) && TRUE == $_GET['loggedout']) {
$bum_errors->add('loggedout', __('You are now logged out.'), 'message');
} elseif (isset($_GET['registration']) && 'disabled' == $_GET['registration']) {
$bum_errors->add('registerdisabled', __('User registration is currently not allowed.'));
} elseif (isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail']) {
$bum_errors->add('confirm', __('Check your e-mail for the confirmation link.'), 'message');
} elseif (isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail']) {
$bum_errors->add('newpass', __('Check your e-mail for your new password.'), 'message');
} elseif (isset($_GET['checkemail']) && 'registered' == $_GET['checkemail']) {
$bum_errors->add('registered', __('Registration complete. Please check your e-mail.'), 'message');
} elseif ($bum_interim_login) {
$bum_errors->add('expired', __('Your session has expired. Please log-in again.'), 'message');
}
// Clear any stale cookies.
if ($bum_reauth) {
wp_clear_auth_cookie();
}
if (isset($_POST['log'])) {
$bum_user_login = '******' == $bum_errors->get_error_code() || 'empty_password' == $bum_errors->get_error_code() ? esc_attr(stripslashes($_POST['log'])) : '';
}
$bum_rememberme = !empty($_POST['rememberme']);
break;
}
if ($bum_errors->get_error_code()) {
$bum_errors_txt = '';
$bum_messages_txt = '';
foreach ($bum_errors->get_error_codes() as $code) {
$bum_severity = $bum_errors->get_error_data($code);
foreach ($bum_errors->get_error_messages($code) as $error) {
if ('message' == $bum_severity) {
$bum_messages_txt .= ' ' . $error . "<br />\n";
} else {
$bum_errors_txt .= ' ' . $error . "<br />\n";
}
}
}
}
}
/**
* WordPress User Administration Bootstrap
*
* @package WordPress
* @subpackage Administration
* @since 3.1.0
*/
define('WP_USER_ADMIN', true);
require_once dirname(dirname(__FILE__)) . '/admin.php';
if (!is_multisite()) {
wp_redirect(admin_url());
exit;
}
$redirect_user_admin_request = $current_blog->domain != $current_site->domain || $current_blog->path != $current_site->path;
/**
* Filter whether a user should be redirected to the Global Dashboard in Multisite.
*
* Users not assigned to any sites in the network will be redirected to the Global
* Dashboard after logging in.
*
* @since 3.2.0
*
* @param bool $redirect_user_admin_request Whether the request should be redirected.
*/
$redirect_user_admin_request = apply_filters('redirect_user_admin_request', $redirect_user_admin_request);
if ($redirect_user_admin_request) {
wp_redirect(user_admin_url());
exit;
}
unset($redirect_user_admin_request);
/**
* Returns the full URL.
*
* @since 3.0.0
*
* @return string URL.
*/
public function url()
{
if (!isset($this->url)) {
$url = add_query_arg('page', $this->slug, $this->parent ?: 'admin.php');
switch ($this->admin) {
case self::ADMIN_NETWORK:
$this->url = network_admin_url($url);
break;
case self::ADMIN_SITE:
$this->url = admin_url($url);
break;
case self::ADMIN_USER:
$this->url = user_admin_url($url);
break;
}
}
return $this->url;
}
/**
* Proccesses the request
*
* Callback for "template_redirect" hook in template-loader.php
*
* @since 6.3
* @access public
*/
public function template_redirect()
{
$this->request_action = isset($_REQUEST['action']) ? sanitize_key($_REQUEST['action']) : '';
if (!$this->request_action && self::is_tml_page()) {
$this->request_action = self::get_page_action(get_the_id());
}
$this->request_instance = isset($_REQUEST['instance']) ? sanitize_key($_REQUEST['instance']) : 0;
do_action_ref_array('tml_request', array(&$this));
// allow plugins to override the default actions, and to add extra actions if they want
do_action('login_form_' . $this->request_action);
if (has_action('tml_request_' . $this->request_action)) {
do_action_ref_array('tml_request_' . $this->request_action, array(&$this));
} else {
$http_post = 'POST' == $_SERVER['REQUEST_METHOD'];
switch ($this->request_action) {
case 'postpass':
if (!array_key_exists('post_password', $_POST)) {
wp_safe_redirect(wp_get_referer());
exit;
}
require_once ABSPATH . 'wp-includes/class-phpass.php';
$hasher = new PasswordHash(8, true);
$expire = apply_filters('post_password_expires', time() + 10 * DAY_IN_SECONDS);
if ($referer) {
$secure = 'https' === parse_url($referer, PHP_URL_SCHEME);
} else {
$secure = false;
}
setcookie('wp-postpass_' . COOKIEHASH, $hasher->HashPassword(wp_unslash($_POST['post_password'])), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure);
wp_safe_redirect(wp_get_referer());
exit;
break;
case 'logout':
check_admin_referer('log-out');
$user = wp_get_current_user();
wp_logout();
if (!empty($_REQUEST['redirect_to'])) {
$redirect_to = $requested_redirect_to = $_REQUEST['redirect_to'];
} else {
$redirect_to = site_url('wp-login.php?loggedout=true');
$requested_redirect_to = '';
}
$redirect_to = apply_filters('logout_redirect', $redirect_to, $requested_redirect_to, $user);
wp_safe_redirect($redirect_to);
exit;
break;
case 'lostpassword':
case 'retrievepassword':
if ($http_post) {
$this->errors = self::retrieve_password();
if (!is_wp_error($this->errors)) {
$redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : site_url('wp-login.php?checkemail=confirm');
wp_safe_redirect($redirect_to);
exit;
}
}
if (isset($_REQUEST['error'])) {
if ('invalidkey' == $_REQUEST['error']) {
$this->errors->add('invalidkey', __('Your password reset link appears to be invalid. Please request a new link below.', 'theme-my-login'));
} elseif ('expiredkey' == $_REQUEST['error']) {
$this->errors->add('expiredkey', __('Your password reset link has expired. Please request a new link below.', 'theme-my-login'));
}
}
do_action('lost_password');
break;
case 'resetpass':
case 'rp':
// Dirty hack for now
global $rp_login, $rp_key;
list($rp_path) = explode('?', wp_unslash($_SERVER['REQUEST_URI']));
$rp_cookie = 'wp-resetpass-' . COOKIEHASH;
if (isset($_GET['key'])) {
$value = sprintf('%s:%s', wp_unslash($_GET['login']), wp_unslash($_GET['key']));
setcookie($rp_cookie, $value, 0, $rp_path, COOKIE_DOMAIN, is_ssl(), true);
wp_safe_redirect(remove_query_arg(array('key', 'login')));
exit;
}
if (isset($_COOKIE[$rp_cookie]) && 0 < strpos($_COOKIE[$rp_cookie], ':')) {
list($rp_login, $rp_key) = explode(':', wp_unslash($_COOKIE[$rp_cookie]), 2);
$user = check_password_reset_key($rp_key, $rp_login);
if (isset($_POST['pass1']) && !hash_equals($rp_key, $_POST['rp_key'])) {
$user = false;
}
} else {
$user = false;
}
if (!$user || is_wp_error($user)) {
setcookie($rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true);
if ($user && $user->get_error_code() === 'expired_key') {
wp_redirect(site_url('wp-login.php?action=lostpassword&error=expiredkey'));
} else {
wp_redirect(site_url('wp-login.php?action=lostpassword&error=invalidkey'));
}
exit;
}
if (isset($_POST['pass1']) && $_POST['pass1'] != $_POST['pass2']) {
$this->errors->add('password_reset_mismatch', __('The passwords do not match.', 'theme-my-login'));
}
do_action('validate_password_reset', $this->errors, $user);
if (!$this->errors->get_error_code() && isset($_POST['pass1']) && !empty($_POST['pass1'])) {
reset_password($user, $_POST['pass1']);
setcookie($rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true);
$redirect_to = site_url('wp-login.php?resetpass=complete');
wp_safe_redirect($redirect_to);
exit;
}
wp_enqueue_script('utils');
wp_enqueue_script('user-profile');
break;
case 'register':
if (!get_option('users_can_register')) {
$redirect_to = site_url('wp-login.php?registration=disabled');
wp_redirect($redirect_to);
exit;
}
$user_login = '';
$user_email = '';
if ($http_post) {
if ('email' == $this->get_option('login_type')) {
$user_login = isset($_POST['user_email']) ? $_POST['user_email'] : '';
} else {
$user_login = isset($_POST['user_login']) ? $_POST['user_login'] : '';
}
$user_email = isset($_POST['user_email']) ? $_POST['user_email'] : '';
$this->errors = register_new_user($user_login, $user_email);
if (!is_wp_error($this->errors)) {
$redirect_to = !empty($_POST['redirect_to']) ? $_POST['redirect_to'] : site_url('wp-login.php?checkemail=registered');
wp_safe_redirect($redirect_to);
exit;
}
}
break;
case 'login':
default:
$secure_cookie = '';
$interim_login = isset($_REQUEST['interim-login']);
// If the user wants ssl but the session is not ssl, force a secure cookie.
if (!empty($_POST['log']) && !force_ssl_admin()) {
$user_name = sanitize_user($_POST['log']);
if ($user = get_user_by('login', $user_name)) {
if (get_user_option('use_ssl', $user->ID)) {
$secure_cookie = true;
force_ssl_admin(true);
}
}
}
if (!empty($_REQUEST['redirect_to'])) {
$redirect_to = $_REQUEST['redirect_to'];
// Redirect to https if user wants ssl
if ($secure_cookie && false !== strpos($redirect_to, 'wp-admin')) {
$redirect_to = preg_replace('|^http://|', 'https://', $redirect_to);
}
} else {
$redirect_to = admin_url();
}
$reauth = empty($_REQUEST['reauth']) ? false : true;
if ($http_post && isset($_POST['log'])) {
$user = wp_signon('', $secure_cookie);
$redirect_to = apply_filters('login_redirect', $redirect_to, isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '', $user);
if (!is_wp_error($user) && !$reauth) {
if (empty($redirect_to) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url()) {
// If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile.
if (is_multisite() && !get_active_blog_for_user($user->ID) && !is_super_admin($user->ID)) {
$redirect_to = user_admin_url();
} elseif (is_multisite() && !$user->has_cap('read')) {
$redirect_to = get_dashboard_url($user->ID);
} elseif (!$user->has_cap('edit_posts')) {
$redirect_to = $user->has_cap('read') ? admin_url('profile.php') : home_url();
}
}
wp_safe_redirect($redirect_to);
exit;
}
$this->errors = $user;
}
// Clear errors if loggedout is set.
if (!empty($_GET['loggedout']) || $reauth) {
$this->errors = new WP_Error();
}
// Some parts of this script use the main login form to display a message
if (isset($_GET['loggedout']) && true == $_GET['loggedout']) {
$this->errors->add('loggedout', __('You are now logged out.', 'theme-my-login'), 'message');
} elseif (isset($_GET['registration']) && 'disabled' == $_GET['registration']) {
$this->errors->add('registerdisabled', __('User registration is currently not allowed.', 'theme-my-login'));
} elseif (isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail']) {
$this->errors->add('confirm', __('Check your e-mail for the confirmation link.', 'theme-my-login'), 'message');
} elseif (isset($_GET['resetpass']) && 'complete' == $_GET['resetpass']) {
$this->errors->add('password_reset', __('Your password has been reset.', 'theme-my-login'), 'message');
} elseif (isset($_GET['checkemail']) && 'registered' == $_GET['checkemail']) {
$this->errors->add('registered', __('Registration complete. Please check your e-mail.', 'theme-my-login'), 'message');
} elseif ($interim_login) {
$this->errors->add('expired', __('Your session has expired. Please log-in again.', 'theme-my-login'), 'message');
} elseif (strpos($redirect_to, 'about.php?updated')) {
$this->errors->add('updated', __('<strong>You have successfully updated WordPress!</strong> Please log back in to experience the awesomeness.', 'theme-my-login'), 'message');
} elseif ($reauth) {
$this->errors->add('reauth', __('Please log in to continue.', 'theme-my-login'), 'message');
}
// Clear any stale cookies.
if ($reauth) {
wp_clear_auth_cookie();
}
break;
}
// end switch
}
// endif has_filter()
}
function redirect_user_to_blog()
{
$c = 0;
if (isset($_GET['c'])) {
$c = (int) $_GET['c'];
}
if ($c >= 5) {
wp_die(__("You don’t have permission to view this site. Please contact the system administrator."));
}
$c++;
$blog = get_active_blog_for_user(get_current_user_id());
if (is_object($blog)) {
wp_redirect(get_admin_url($blog->blog_id, '?c=' . $c));
// redirect and count to 5, "just in case"
} else {
wp_redirect(user_admin_url('?c=' . $c));
// redirect and count to 5, "just in case"
}
exit;
}
/**
* Get the URL to the user's profile editor.
*
* @since 3.1.0
*
* @param int $user_id Optional. User ID. Defaults to current user.
* @param string $scheme The scheme to use. Default is 'admin', which obeys force_ssl_admin() and is_ssl().
* 'http' or 'https' can be passed to force those schemes.
* @return string Dashboard url link with optional path appended.
*/
function get_edit_profile_url($user_id = 0, $scheme = 'admin')
{
$user_id = $user_id ? (int) $user_id : get_current_user_id();
if (is_user_admin()) {
$url = user_admin_url('profile.php', $scheme);
} elseif (is_network_admin()) {
$url = network_admin_url('profile.php', $scheme);
} else {
$url = get_dashboard_url($user_id, 'profile.php', $scheme);
}
/**
* Filter the URL for a user's profile editor.
*
* @since 3.1.0
*
* @param string $url The complete URL including scheme and path.
* @param int $user_id The user ID.
* @param string $scheme Scheme to give the URL context. Accepts 'http', 'https', 'login',
* 'login_post', 'admin', 'relative' or null.
*/
return apply_filters('edit_profile_url', $url, $user_id, $scheme);
}
/**
* Return a variable (if exists)
*
* @param mixed $var The variable name, can also be a modifier for specific types
* @param string|array|object $type (optional) Super globals, url/url-relative, constants, globals, options, transients, cache, user data, Pod field values, dates
* @param mixed $default (optional) The default value to set if variable doesn't exist
* @param bool $strict (optional) Only allow values (must not be empty)
* @param array $params (optional) Set 'casting'=>true to cast value from $default, 'allowed'=>$allowed to restrict a value to what's allowed
*
* @return mixed The variable (if exists), or default value
* @since 2.3.10
*/
function pods_v($var = null, $type = 'get', $default = null, $strict = false, $params = array())
{
$defaults = array('casting' => false, 'allowed' => null);
$params = (object) array_merge($defaults, (array) $params);
$output = null;
if (null === $type || '' === $type) {
// Invalid $type
} elseif (is_array($type)) {
if (isset($type[$var])) {
$output = $type[$var];
}
} elseif (is_object($type)) {
if (isset($type->{$var})) {
$output = $type->{$var};
}
} else {
$type = strtolower((string) $type);
switch ($type) {
case 'get':
if (isset($_GET[$var])) {
$output = pods_unslash($_GET[$var]);
}
break;
case 'post':
if (isset($_POST[$var])) {
$output = pods_unslash($_POST[$var]);
}
break;
case 'request':
if (isset($_REQUEST[$var])) {
$output = pods_unslash($_REQUEST[$var]);
}
break;
case 'url':
case 'uri':
$url = parse_url(pods_current_url());
$uri = trim($url['path'], '/');
$uri = array_filter(explode('/', $uri));
if ('first' == $var) {
$var = 0;
} elseif ('last' == $var) {
$var = -1;
}
if (is_numeric($var)) {
$output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri);
}
break;
case 'url-relative':
$url_raw = pods_current_url();
$prefix = get_site_url();
if (substr($url_raw, 0, strlen($prefix)) == $prefix) {
$url_raw = substr($url_raw, strlen($prefix) + 1, strlen($url_raw));
}
$url = parse_url($url_raw);
$uri = trim($url['path'], '/');
$uri = array_filter(explode('/', $uri));
if ('first' == $var) {
$var = 0;
} elseif ('last' == $var) {
$var = -1;
}
if (is_numeric($var)) {
$output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri);
}
break;
case 'template-url':
$output = get_template_directory_uri();
break;
case 'stylesheet-url':
$output = get_stylesheet_directory_uri();
break;
case 'site-url':
$blog_id = $scheme = null;
$path = '';
if (is_array($var)) {
if (isset($var[0])) {
$blog_id = $var[0];
} elseif (isset($var[1])) {
$path = $var[1];
} elseif (isset($var[2])) {
$scheme = $var[2];
}
} else {
$blog_id = $var;
}
$output = get_site_url($blog_id, $path, $scheme);
break;
case 'home-url':
$blog_id = $scheme = null;
$path = '';
if (is_array($var)) {
if (isset($var[0])) {
$blog_id = $var[0];
} elseif (isset($var[1])) {
$path = $var[1];
} elseif (isset($var[2])) {
$scheme = $var[2];
}
} else {
$blog_id = $var;
}
$output = get_home_url($blog_id, $path, $scheme);
break;
case 'admin-url':
$blog_id = $scheme = null;
$path = '';
if (is_array($var)) {
if (isset($var[0])) {
$blog_id = $var[0];
} elseif (isset($var[1])) {
$path = $var[1];
} elseif (isset($var[2])) {
$scheme = $var[2];
}
} else {
$blog_id = $var;
}
$output = get_admin_url($blog_id, $path, $scheme);
break;
case 'includes-url':
$output = includes_url($var);
break;
case 'content-url':
$output = content_url($var);
break;
case 'plugins-url':
$path = $plugin = '';
if (is_array($var)) {
if (isset($var[0])) {
$path = $var[0];
} elseif (isset($var[1])) {
$plugin = $var[1];
}
} else {
$path = $var;
}
$output = plugins_url($path, $plugin);
break;
case 'network-site-url':
$path = '';
$scheme = null;
if (is_array($var)) {
if (isset($var[0])) {
$path = $var[0];
} elseif (isset($var[1])) {
$scheme = $var[1];
}
} else {
$path = $var;
}
$output = network_site_url($path, $scheme);
break;
case 'network-home-url':
$path = '';
$scheme = null;
if (is_array($var)) {
if (isset($var[0])) {
$path = $var[0];
} elseif (isset($var[1])) {
$scheme = $var[1];
}
} else {
$path = $var;
}
$output = network_home_url($path, $scheme);
break;
case 'network-admin-url':
$path = '';
$scheme = null;
if (is_array($var)) {
if (isset($var[0])) {
$path = $var[0];
} elseif (isset($var[1])) {
$scheme = $var[1];
}
} else {
$path = $var;
}
$output = network_admin_url($path, $scheme);
break;
case 'user-admin-url':
$path = '';
$scheme = null;
if (is_array($var)) {
if (isset($var[0])) {
$path = $var[0];
} elseif (isset($var[1])) {
$scheme = $var[1];
}
} else {
$path = $var;
}
$output = user_admin_url($path, $scheme);
break;
case 'prefix':
global $wpdb;
$output = $wpdb->prefix;
break;
case 'server':
if (!pods_strict()) {
if (isset($_SERVER[$var])) {
$output = pods_unslash($_SERVER[$var]);
} elseif (isset($_SERVER[strtoupper($var)])) {
$output = pods_unslash($_SERVER[strtoupper($var)]);
}
}
break;
case 'session':
if (isset($_SESSION[$var])) {
$output = $_SESSION[$var];
}
break;
case 'global':
case 'globals':
if (isset($GLOBALS[$var])) {
$output = $GLOBALS[$var];
}
break;
case 'cookie':
if (isset($_COOKIE[$var])) {
$output = pods_unslash($_COOKIE[$var]);
}
break;
case 'constant':
if (defined($var)) {
$output = constant($var);
}
break;
case 'user':
if (is_user_logged_in()) {
$user = get_userdata(get_current_user_id());
if (isset($user->{$var})) {
$value = $user->{$var};
} elseif ('role' == $var) {
$value = '';
if (!empty($user->roles)) {
$value = array_shift($user->roles);
}
} else {
$value = get_user_meta($user->ID, $var);
}
if (is_array($value) && !empty($value)) {
$output = $value;
} elseif (!is_array($value) && 0 < strlen($value)) {
$output = $value;
}
}
break;
case 'option':
$output = get_option($var, $default);
break;
case 'site-option':
$output = get_site_option($var, $default);
break;
case 'transient':
$output = get_transient($var);
break;
case 'site-transient':
$output = get_site_transient($var);
break;
case 'cache':
if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) {
$group = 'default';
$force = false;
if (!is_array($var)) {
$var = explode('|', $var);
}
if (isset($var[0])) {
if (isset($var[1])) {
$group = $var[1];
}
if (isset($var[2])) {
$force = $var[2];
}
$var = $var[0];
$output = wp_cache_get($var, $group, $force);
}
}
break;
case 'pods-transient':
$callback = null;
if (!is_array($var)) {
$var = explode('|', $var);
}
if (isset($var[0])) {
if (isset($var[1])) {
$callback = $var[1];
}
$var = $var[0];
$output = pods_transient_get($var, $callback);
}
break;
case 'pods-site-transient':
$callback = null;
if (!is_array($var)) {
$var = explode('|', $var);
}
if (isset($var[0])) {
if (isset($var[1])) {
$callback = $var[1];
}
$var = $var[0];
$output = pods_site_transient_get($var, $callback);
}
break;
case 'pods-cache':
if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) {
$group = 'default';
$callback = null;
if (!is_array($var)) {
$var = explode('|', $var);
}
if (isset($var[0])) {
if (isset($var[1])) {
$group = $var[1];
}
if (isset($var[2])) {
$callback = $var[2];
}
$var = $var[0];
$output = pods_cache_get($var, $group, $callback);
}
}
break;
case 'pods-option-cache':
$group = 'default';
$callback = null;
if (!is_array($var)) {
$var = explode('|', $var);
}
if (isset($var[0])) {
if (isset($var[1])) {
$group = $var[1];
}
if (isset($var[2])) {
$callback = $var[2];
}
$var = $var[0];
$output = pods_option_cache_get($var, $group, $callback);
}
break;
case 'date':
$var = explode('|', $var);
if (!empty($var)) {
$output = date_i18n($var[0], isset($var[1]) ? strtotime($var[1]) : false);
}
break;
case 'pods':
case 'pods_display':
/**
* @var $pods Pods
*/
global $pods;
if (is_object($pods) && 'Pods' == get_class($pods)) {
if ('pods' === $type) {
$output = $pods->field($var);
if (is_array($output)) {
$options = array('field' => $var, 'fields' => $pods->fields);
$output = pods_serial_comma($output, $options);
}
} elseif ('pods_display' === $type) {
$output = $pods->display($var);
}
}
break;
case 'post_id':
if (empty($var)) {
if (!empty($default)) {
$post_id = $default;
} else {
// If no $var and no $default then use current post ID
$post_id = get_the_ID();
}
} else {
$post_id = $var;
}
if (did_action('wpml_loaded')) {
/* Only call filter if WPML is installed */
$post_type = get_post_type($post_id);
$post_id = apply_filters('wpml_object_id', $post_id, $post_type, true);
} elseif (function_exists('pll_get_post')) {
$polylang_id = pll_get_post($post_id);
if (!empty($polylang_id)) {
$post_id = $polylang_id;
}
}
// Add other translation plugin specific code here
/**
* Filter to override post_id
*
* Generally used with language translation plugins in order to return the post id of a
* translated post
*
* @param int $post_id The post ID of current post
* @param mixed $default The default value to set if variable doesn't exist
* @param mixed $var The variable name, can also be a modifier for specific types
* @param bool $strict Only allow values (must not be empty)
* @param array $params Set 'casting'=>true to cast value from $default, 'allowed'=>$allowed to restrict a value to what's allowed
*
* @since 2.6.6
*/
$output = apply_filters('pods_var_post_id', $post_id, $default, $var, $strict, $params);
break;
default:
$output = apply_filters('pods_var_' . $type, $default, $var, $strict, $params);
}
}
if (null !== $default) {
// Set default
if (null === $output) {
$output = $default;
}
// Casting
if (true === $params->casting) {
$output = pods_cast($output, $default);
}
}
// Strict defaults for empty values
if (true === $strict) {
if (empty($output)) {
$output = $default;
}
}
// Allowed values
if (null !== $params->allowed) {
if (is_array($params->allowed)) {
// Not in array and is not the same array
if (!in_array($output, $params->allowed) && (!is_array($output) || $output !== $params->allowed)) {
$output = $default;
}
} elseif ($output !== $params->allowed) {
// Value doesn't match
$output = $default;
}
}
return $output;
}
