/** * Populate network settings. * * @since 0.0.1 * * @global hqdb $hqdb * @global object $current_site * @global int $hq_db_version * @global HQ_Rewrite $hq_rewrite * * @param int $network_id ID of network to populate. * @return bool|HQ_Error True on success, or HQ_Error on warning (with the install otherwise successful, * so the error code must be checked) or failure. */ function populate_network($network_id = 1, $domain = '', $email = '', $site_name = '', $path = '/', $subdomain_install = false) { global $hqdb, $current_site, $hq_db_version, $hq_rewrite; $errors = new HQ_Error(); if ('' == $domain) { $errors->add('empty_domain', __('You must provide a domain name.')); } if ('' == $site_name) { $errors->add('empty_sitename', __('You must provide a name for your network of sites.')); } // Check for network collision. if ($network_id == $hqdb->get_var($hqdb->prepare("SELECT id FROM {$hqdb->site} WHERE id = %d", $network_id))) { $errors->add('siteid_exists', __('The network already exists.')); } $site_user = get_user_by('email', $email); if (!is_email($email)) { $errors->add('invalid_email', __('You must provide a valid e-mail address.')); } if ($errors->get_error_code()) { return $errors; } // Set up site tables. $template = get_option('template'); $stylesheet = get_option('stylesheet'); $allowed_themes = array($stylesheet => true); if ($template != $stylesheet) { $allowed_themes[$template] = true; } if (HQ_DEFAULT_THEME != $stylesheet && HQ_DEFAULT_THEME != $template) { $allowed_themes[HQ_DEFAULT_THEME] = true; } if (1 == $network_id) { $hqdb->insert($hqdb->site, array('domain' => $domain, 'path' => $path)); $network_id = $hqdb->insert_id; } else { $hqdb->insert($hqdb->site, array('domain' => $domain, 'path' => $path, 'id' => $network_id)); } hq_cache_delete('networks_have_paths', 'site-options'); //TODO: no multisite //if ( !is_multisite() ) { $site_admins = array($site_user->user_login); $users = get_users(array('fields' => array('ID', 'user_login'))); if ($users) { foreach ($users as $user) { if (is_super_admin($user->ID) && !in_array($user->user_login, $site_admins)) { $site_admins[] = $user->user_login; } } } //} else { // $site_admins = get_site_option( 'site_admins' ); //} /* translators: Do not translate USERNAME, SITE_NAME, BLOG_URL, PASSWORD: those are placeholders. */ $welcome_email = __('Howdy USERNAME, Your new SITE_NAME site has been successfully set up at: BLOG_URL You can log in to the administrator account with the following information: Username: USERNAME Password: PASSWORD Log in here: BLOG_URLhq-login.php We hope you enjoy your new site. Thanks! --The Team @ SITE_NAME'); $misc_exts = array('jpg', 'jpeg', 'png', 'gif', 'mov', 'avi', 'mpg', '3gp', '3g2', 'midi', 'mid', 'pdf', 'doc', 'ppt', 'odt', 'pptx', 'docx', 'pps', 'ppsx', 'xls', 'xlsx', 'key'); $audio_exts = hq_get_audio_extensions(); $video_exts = hq_get_video_extensions(); $upload_filetypes = array_unique(array_merge($misc_exts, $audio_exts, $video_exts)); $sitemeta = array('site_name' => $site_name, 'admin_email' => $site_user->user_email, 'admin_user_id' => $site_user->ID, 'registration' => 'none', 'upload_filetypes' => implode(' ', $upload_filetypes), 'blog_upload_space' => 100, 'fileupload_maxk' => 1500, 'site_admins' => $site_admins, 'allowedthemes' => $allowed_themes, 'illegal_names' => array('www', 'web', 'root', 'admin', 'main', 'invite', 'administrator', 'files'), 'hqmu_upgrade_site' => $hq_db_version, 'welcome_email' => $welcome_email, 'first_post' => __('Welcome to <a href="SITE_URL">SITE_NAME</a>. This is your first post. Edit or delete it, then start blogging!'), 'siteurl' => get_option('siteurl') . '/', 'add_new_users' => '0', 'upload_space_check_disabled' => '1', 'subdomain_install' => intval($subdomain_install), 'global_terms_enabled' => global_terms_enabled() ? '1' : '0', 'ms_files_rewriting' => '0', 'initial_db_version' => get_option('initial_db_version'), 'active_sitewide_plugins' => array(), 'HQLANG' => get_locale()); if (!$subdomain_install) { $sitemeta['illegal_names'][] = 'blog'; } /** * Filter meta for a network on creation. * * @since 0.0.1 * * @param array $sitemeta Associative array of network meta keys and values to be inserted. * @param int $network_id ID of network to populate. */ $sitemeta = apply_filters('populate_network_meta', $sitemeta, $network_id); $insert = ''; foreach ($sitemeta as $meta_key => $meta_value) { if (is_array($meta_value)) { $meta_value = serialize($meta_value); } if (!empty($insert)) { $insert .= ', '; } $insert .= $hqdb->prepare("( %d, %s, %s)", $network_id, $meta_key, $meta_value); } $hqdb->query("INSERT INTO {$hqdb->sitemeta} ( site_id, meta_key, meta_value ) VALUES " . $insert); /* * When upgrading from single to multisite, assume the current site will * become the main site of the network. When using populate_network() * to create another network in an existing multisite environment, skip * these steps since the main site of the new network has not yet been * created. */ //TODO: no multisite //if ( ! is_multisite() ) { $current_site = new stdClass(); $current_site->domain = $domain; $current_site->path = $path; $current_site->site_name = ucfirst($domain); $hqdb->insert($hqdb->blogs, array('site_id' => $network_id, 'blog_id' => 1, 'domain' => $domain, 'path' => $path, 'registered' => current_time('mysql'))); $current_site->blog_id = $blog_id = $hqdb->insert_id; update_user_meta($site_user->ID, 'source_domain', $domain); update_user_meta($site_user->ID, 'primary_blog', $blog_id); if ($subdomain_install) { $hq_rewrite->set_permalink_structure('/%year%/%monthnum%/%day%/%postname%/'); } else { $hq_rewrite->set_permalink_structure('/blog/%year%/%monthnum%/%day%/%postname%/'); } flush_rewrite_rules(); if (!$subdomain_install) { return true; } $vhost_ok = false; $errstr = ''; $hostname = substr(md5(time()), 0, 6) . '.' . $domain; // Very random hostname! $page = hq_remote_get('http://' . $hostname, array('timeout' => 5, 'httpversion' => '1.1')); if (is_hq_error($page)) { $errstr = $page->get_error_message(); } elseif (200 == hq_remote_retrieve_response_code($page)) { $vhost_ok = true; } if (!$vhost_ok) { $msg = '<p><strong>' . __('Warning! Wildcard DNS may not be configured correctly!') . '</strong></p>'; $msg .= '<p>' . sprintf(__('The installer attempted to contact a random hostname (<code>%1$s</code>) on your domain.'), $hostname); if (!empty($errstr)) { $msg .= ' ' . sprintf(__('This resulted in an error message: %s'), '<code>' . $errstr . '</code>'); } $msg .= '</p>'; $msg .= '<p>' . __('To use a subdomain configuration, you must have a wildcard entry in your DNS. This usually means adding a <code>*</code> hostname record pointing at your web server in your DNS configuration tool.') . '</p>'; $msg .= '<p>' . __('You can still use your site but any subdomain you create may not be accessible. If you know your DNS is correct, ignore this message.') . '</p>'; return new HQ_Error('no_wildcard_dns', $msg); } //} return true; }
/** * Handles sending password retrieval email to user. * * @global hqdb $hqdb HiveQueen database abstraction object. * @global PasswordHash $hq_hasher Portable PHP password hashing framework. * * @return bool|HQ_Error True: when finish. HQ_Error on error */ function retrieve_password() { global $hqdb, $hq_hasher; $errors = new HQ_Error(); if (empty($_POST['user_login'])) { $errors->add('empty_username', __('<strong>ERROR</strong>: Enter a username or e-mail address.')); } elseif (strpos($_POST['user_login'], '@')) { $user_data = get_user_by('email', trim($_POST['user_login'])); if (empty($user_data)) { $errors->add('invalid_email', __('<strong>ERROR</strong>: There is no user registered with that email address.')); } } else { $login = trim($_POST['user_login']); $user_data = get_user_by('login', $login); } /** * Fires before errors are returned from a password reset request. * * @since 0.0.1 */ do_action('lostpassword_post'); if ($errors->get_error_code()) { return $errors; } if (!$user_data) { $errors->add('invalidcombo', __('<strong>ERROR</strong>: Invalid username or e-mail.')); return $errors; } // Redefining user_login ensures we return the right case in the email. $user_login = $user_data->user_login; $user_email = $user_data->user_email; /** * Fires before a new password is retrieved. * * @since 0.0.1 * * @param string $user_login The user login name. */ do_action('retreive_password', $user_login); /** * Fires before a new password is retrieved. * * @since 0.0.1 * * @param string $user_login The user login name. */ do_action('retrieve_password', $user_login); /** * Filter whether to allow a password to be reset. * * @since 0.0.1 * * @param bool true Whether to allow the password to be reset. Default true. * @param int $user_data->ID The ID of the user attempting to reset a password. */ $allow = apply_filters('allow_password_reset', true, $user_data->ID); if (!$allow) { return new HQ_Error('no_password_reset', __('Password reset is not allowed for this user')); } elseif (is_hq_error($allow)) { return $allow; } // Generate something random for a password reset key. $key = hq_generate_password(20, false); /** * Fires when a password reset key is generated. * * @since 0.0.1 * * @param string $user_login The username for the user. * @param string $key The generated password reset key. */ do_action('retrieve_password_key', $user_login, $key); // Now insert the key, hashed, into the DB. if (empty($hq_hasher)) { require_once ABSPATH . HQINC . '/class-phpass.php'; $hq_hasher = new PasswordHash(8, true); } $hashed = time() . ':' . $hq_hasher->HashPassword($key); $hqdb->update($hqdb->users, array('user_activation_key' => $hashed), array('user_login' => $user_login)); $message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n"; $message .= network_home_url('/') . "\r\n\r\n"; $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n"; $message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n"; $message .= __('To reset your password, visit the following address:') . "\r\n\r\n"; $message .= '<' . network_site_url("hq-login.php?action=rp&key={$key}&login="******">\r\n"; //TODO: Goyo no multisite //if ( is_multisite() ) if (false) { $blogname = $GLOBALS['current_site']->site_name; } else { /* * The blogname option is escaped with esc_html on the way into the database * in sanitize_option we want to reverse this for the plain text arena of emails. */ $blogname = hq_specialchars_decode(get_option('blogname'), ENT_QUOTES); } $title = sprintf(__('[%s] Password Reset'), $blogname); /** * Filter the subject of the password reset email. * * @since 0.0.1 * * @param string $title Default email title. */ $title = apply_filters('retrieve_password_title', $title); /** * Filter the message body of the password reset mail. * * @since 0.0.1 * * @param string $message Default mail message. * @param string $key The activation key. * @param string $user_login The username for the user. * @param HQ_User $user_data HQ_User object. */ $message = apply_filters('retrieve_password_message', $message, $key, $user_login, $user_data); if ($message && !hq_mail($user_email, hq_specialchars_decode($title), $message)) { hq_die(__('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function.')); } return true; }