Exemple #1
0
 function wp_authenticate($username, $password)
 {
     global $wpdb, $error;
     global $loginlockdownOptions;
     $username = sanitize_user($username);
     $password = trim($password);
     if ("" != isLockedDown()) {
         return new WP_Error('incorrect_password', "<strong>ERROR</strong>: We're sorry, but this IP range has been blocked due to too many recent " . "failed login attempts.<br /><br />Please try again later.");
     }
     $user = apply_filters('authenticate', null, $username, $password);
     if ($user == null) {
         // TODO what should the error message be? (Or would these even happen?)
         // Only needed if all authentication handlers fail to return anything.
         $user = new WP_Error('authentication_failed', __('<strong>ERROR</strong>: Invalid username or incorrect password.'));
     }
     $ignore_codes = array('empty_username', 'empty_password');
     if (is_wp_error($user) && !in_array($user->get_error_code(), $ignore_codes)) {
         incrementFails($username);
         if ($loginlockdownOptions['max_login_retries'] <= countFails($username)) {
             lockDown($username);
             return new WP_Error('incorrect_password', __("<strong>ERROR</strong>: We're sorry, but this IP range has been blocked due to too many recent " . "failed login attempts.<br /><br />Please try again later."));
         }
         if ('yes' == $loginlockdownOptions['mask_login_errors']) {
             return new WP_Error('authentication_failed', sprintf(__('<strong>ERROR</strong>: Invalid username or incorrect password. <a href="%s" title="Password Lost and Found">Lost your password</a>?'), site_url('wp-login.php?action=lostpassword', 'login')));
         } else {
             do_action('wp_login_failed', $username);
         }
     }
     return $user;
 }
 function wp_authenticate($username, $password)
 {
     global $wpdb, $error;
     global $loginlockdownOptions;
     if (0 < isLockedDown()) {
         return new WP_Error('incorrect_password', "<strong>ERROR</strong>: We're sorry, but this IP range has been blocked due to too many recent " . "failed login attempts.<br /><br />Please try again later.");
     }
     if ('' == $username) {
         return new WP_Error('empty_username', __('<strong>ERROR</strong>: The username field is empty.'));
     }
     if ('' == $password) {
         return new WP_Error('empty_password', __('<strong>ERROR</strong>: The password field is empty.'));
     }
     $user = get_userdatabylogin($username);
     if (!$user || $user->user_login != $username) {
         do_action('wp_login_failed', $username);
         return new WP_Error('invalid_username', __('<strong>ERROR</strong>: Invalid username.'));
     }
     $user = apply_filters('wp_authenticate_user', $user, $password);
     if (is_wp_error($user)) {
         incrementFails($username);
         if ($loginlockdownOptions['max_login_retries'] <= countFails($username)) {
             lockDown($username);
             return new WP_Error('incorrect_password', __("<strong>ERROR</strong>: We're sorry, but this IP range has been blocked due to too many recent " . "failed login attempts.<br /><br />Please try again later."));
         }
         do_action('wp_login_failed', $username);
         return $user;
     }
     if (!wp_check_password($password, $user->user_pass, $user->ID)) {
         incrementFails($username);
         if ($loginlockdownOptions['max_login_retries'] <= countFails($username)) {
             lockDown($username);
             return new WP_Error('incorrect_password', __("<strong>ERROR</strong>: We're sorry, but this IP range has been blocked due to too many recent " . "failed login attempts.<br /><br />Please try again later."));
         }
         do_action('wp_login_failed', $username);
         return new WP_Error('incorrect_password', __('<strong>ERROR</strong>: Incorrect password.'));
     }
     return new WP_User($user->ID);
 }