/**
* Outputs widget content. Overrides WP_Widget::widget(). Must be overidden by child class.
*
* @param array $args array of form elements
* @param object $instance widget instance
*/
public function widget($args, $instance)
{
$username = null;
extract($args);
// output custom WP widget wrapper
echo $before_widget;
// output title based on option input
$title = apply_filters('widget_title', $instance['title']);
$customLink = empty($instance['customLink']) ? $this->defaults['customLink'] : $instance['customLink'];
$customLinkTitle = empty($instance['customLinkTitle']) ? $this->defaults['customLinkTitle'] : $instance['customLinkTitle'];
$default_tab = empty($instance['defaultTab']) ? $this->defaults['defaultTab'] : $instance['defaultTab'];
$displayAvatar = empty($instance['displayAvatar']) ? $this->defaults['displayAvatar'] : $instance['displayAvatar'];
$loginButtonLabel = empty($instance['loginButtonLabel']) ? $this->defaults['loginButtonLabel'] : $instance['loginButtonLabel'];
$loginTabLabel = empty($instance['loginTabLabel']) ? $this->defaults['loginTabLabel'] : $instance['loginTabLabel'];
$registerButtonLabel = empty($instance['registerButtonLabel']) ? $this->defaults['registerButtonLabel'] : $instance['registerButtonLabel'];
$registerTabLabel = empty($instance['registerTabLabel']) ? $this->defaults['registerTabLabel'] : $instance['registerTabLabel'];
$resetButtonLabel = empty($instance['resetButtonLabel']) ? $this->defaults['resetButtonLabel'] : $instance['resetButtonLabel'];
$resetTabLabel = empty($instance['resetTabLabel']) ? $this->defaults['resetTabLabel'] : $instance['resetTabLabel'];
// set default active tab
$active_tab = $default_tab;
// output widget title with WP wrapper
if (!empty($title)) {
echo $before_title . $title . $after_title;
}
// output html
try {
?>
<div id="wp-user-control-login-register-password">
<?php
global $user_ID, $blog_id;
get_currentuserinfo();
global $user_login, $user_email;
// if user is not already logged in...
if (!$user_ID) {
// grab POST variables
$login = array_key_exists('login', $_GET) ? trim($_GET['login']) : false;
$register = array_key_exists('register', $_GET) ? trim($_GET['register']) : false;
$reset = array_key_exists('reset', $_GET) ? trim($_GET['reset']) : false;
?>
<?php
// Output tabs
?>
<ul class="tabs_login">
<li id="login_tab"><a href="#login_div"><?php
echo $loginTabLabel;
?>
</a></li>
<li id="register_tab"><a href="#register_div"><?php
echo $registerTabLabel;
?>
</a></li>
<li id="reset_tab"><a href="#reset_div"><?php
echo $resetTabLabel;
?>
</a></li>
</ul>
<div class="tab_container_login">
<?php
// LOGIN FORM BEGIN
?>
<div id="login_div" class="tab_content_login" style="display:none;">
<?php
// handle user signon failure
if ($login == 'failed') {
$user_login = array_key_exists('user_login', $_REQUEST) ? trim($_REQUEST['user_login']) : false;
$active_tab = 'login';
?>
<p><span class="loginfail">
<?php
_e('Please check your username and password.', 'wp-user-control');
?>
</span></p>
<?php
} else {
?>
<p>
<?php
_e('Enter your username and password below to login.', 'wp-user-control');
?>
</p><?php
}
?>
<form method="post" action="<?php
echo wp_user_control_cleanURI($_SERVER['REQUEST_URI']) . '?wp_uc_login_request=true';
?>
" class="wp-user-form">
<div class="username">
<label for="user_login"><?php
_e('Username', 'wp-user-control');
?>
: </label>
<input type="text" name="user_login" value="<?php
if (!isset($username)) {
echo trim(stripslashes($user_login));
} else {
echo trim(stripslashes($username));
}
?>
" id="user_login" tabindex="11" />
</div>
<div class="password">
<label for="user_pass"><?php
_e('Password', 'wp-user-control');
?>
: </label>
<input type="password" name="user_pass" value="" id="user_pass" tabindex="12" />
</div>
<div class="login_fields">
<div class="remember">
<label for="remember">
<input type="checkbox" name="remember" value="forever" checked="checked" id="remember" tabindex="13" /> <?php
_e('Remember me', 'wp-user-control');
?>
</label>
</div>
<?php
do_action('login_form');
?>
<input type="submit" name="user-submit" value="<?php
echo $loginButtonLabel;
?>
" tabindex="14" class="user-submit" />
<input type="hidden" name="redirect_to" value="<?php
echo wp_user_control_cleanURI($_SERVER['REQUEST_URI']);
?>
" />
<input type="hidden" name="user-cookie" value="1" />
</div>
</form>
</div>
<?php
// LOGIN FORM END
?>
<?php
// REGISTRATION FORM BEGIN
?>
<div id="register_div" class="tab_content_login" style="display:none;">
<?php
// if register == true then set register as the active tab
if ($register == 'true') {
$active_tab = 'register';
}
// set default for register error to none
$register_error = 'none';
// first, determine user registration setting for site
if (is_multisite()) {
// make sure user registration is enabled
$active_signup = get_site_option('registration');
// if signup option doesn't exist assume everything is enabled (blog and user signup)
if (!$active_signup) {
$active_signup = 'all';
}
// determine specifics of what is enabled
$active_signup = apply_filters('wpmu_active_signup', $active_signup);
// return "all", "none", "blog" or "user"
// if registration is enabled, proceed --- "all" or "user"
if ($active_signup == 'all' || $active_signup == 'user') {
$registrations_disabled = false;
} else {
$registrations_disabled = true;
}
// if not multisite, check user registration option for standard install
} else {
$registrations_disabled = get_option('users_can_register') ? false : true;
}
// check registration honey pot
$reg_pot = array_key_exists('reg_pot', $_REQUEST) ? trim($_REQUEST['reg_pot']) : false;
// grab desired user name and email
$user_login = array_key_exists('user_login', $_REQUEST) ? trim($_REQUEST['user_login']) : false;
$user_email = array_key_exists('user_email', $_REQUEST) ? trim($_REQUEST['user_email']) : false;
/**
* TODO: implement email validation function to check for valid email address format
*/
if (!empty($reg_pot)) {
$register_error = 'honeypot';
// reset register flag
$register = 'false';
} elseif (empty($user_login) && !empty($register) || empty($user_email) && !empty($register)) {
$register_error = 'empty_fields';
// reset register flag
$register = 'false';
// make sure user is not already signed in
} elseif (is_user_logged_in() && !empty($register)) {
// if they are then return an error message and we're done
$register_error = 'logged_in';
// reset register flag
$register = 'false';
// if registration has actually been submitted, proceed
} elseif ($register) {
if (username_exists($user_login)) {
$register_error = 'username_exists';
// reset register flag
$register = 'false';
// make sure user email is not already registered
} elseif (email_exists($user_email)) {
$register_error = 'email_exists';
// reset register flag
$register = 'false';
// check for uppercase
} elseif (preg_match("/[A-Z]/", $user_login)) {
$register_error = 'uppercase';
// reset register flag
$register = 'false';
// check for spaces
} elseif (strpos($user_login, " ") !== false) {
$register_error = 'spaces';
// reset register flag
$register = 'false';
// otherwise proceed with registration checks
} else {
// make sure user registration is enabled
if (!$registrations_disabled) {
// set flag for successful registration
$register = 'true';
// generate temp password
$temp_password = wp_PluginUtilities::generatePassword();
// check for WPMS
if (is_multisite()) {
// register user for WPMS
wpmu_create_user($user_login, $temp_password, $user_email);
// get user info after it has been created
if ($user = get_user_by('login', $user_login)) {
// add user to current blog as subscriber
add_user_to_blog($blog_id, $user->id, 'subscriber');
}
// otherwise this is a standard WP install
} else {
// register user for WP standard
wp_create_user($user_login, $temp_password, $user_email);
}
// send user notification email
$message = wp_user_control_user_email_msg('new', $temp_password, home_url(), $user_login);
// send new user registration email meassage
wp_user_control_mail($message, 'New User Registration', $user_email);
// otherwise, we're done - return message to WP User Control widget
} else {
$register_error = 'registration_disabled';
// reset register flag
$register = 'false';
}
}
}
// if registration attempt returned success
if ($register == 'true') {
?>
<p><?php
_e('Check your email for the password and then return to log in.', 'wp-user-control');
?>
</p> <?php
// if registration request has not been sent, output initial message
} elseif ($register_error == 'none') {
?>
<p><?php
_e('Complete the form below to register.', 'wp-user-control');
?>
</p><?php
// if registration request failed, process error
} elseif ($register == 'false') {
$registerError = $register_error;
// output friendly registration error
wp_user_control_output_registration_error($registerError);
// other possibility is that user registrations are currently disabled
} elseif ($registrations_disabled) {
?>
<p><?php
_e('New registrations currently disabled.', 'wp-user-control');
?>
</p><?php
}
?>
<form method="post" action="<?php
echo wp_user_control_cleanURI($_SERVER['REQUEST_URI']) . '?register=true';
?>
" class="wp-user-form">
<div class="username">
<label for="user_login"><?php
_e('Username', 'wp-user-control');
?>
: </label>
<input type="text" <?php
if ($registrations_disabled) {
?>
disabled="disabled" <?php
}
?>
name="user_login" value="<?php
echo stripslashes($user_login);
?>
" id="user_login" tabindex="101" />
</div>
<div class="password">
<label for="user_email"><?php
_e('Email', 'wp-user-control');
?>
: </label>
<input type="text" <?php
if ($registrations_disabled) {
?>
disabled="disabled" <?php
}
?>
name="user_email" value="<?php
echo stripslashes($user_email);
?>
" id="user_email" tabindex="102" />
</div>
<div class="reg_pot">
<input type="text" name="reg_pot" value="" alt="if this field is not empty your registration will not be processed" />
</div>
<div class="login_fields">
<?php
do_action('register_form');
?>
<input type="submit" name="user-submit" value="<?php
echo $registerButtonLabel;
?>
" <?php
if ($registrations_disabled) {
?>
disabled="disabled" <?php
}
?>
class="user-submit" tabindex="103" />
<input type="hidden" name="redirect_to" value="<?php
echo wp_user_control_cleanURI($_SERVER['REQUEST_URI']);
?>
?register=true" />
<input type="hidden" name="user-cookie" value="1" />
</div>
</form>
</div>
<?php
// REGISTRATION FORM END
?>
<?php
// RESET FORM BEGIN
?>
<div id="reset_div" class="tab_content_login" style="display:none;"><?php
if ($reset == 'true') {
$active_tab = 'reset';
global $wpdb;
$user_email = array_key_exists('user_email', $_POST) ? trim($_POST['user_email']) : null;
$user_exists = false;
if (!empty($user_email)) {
// check for email
if (email_exists($user_email)) {
$user_exists = true;
$reset_user = get_user_by('email', $user_email);
// otherwise, user does not exist
} else {
$error[] = '<p><span class="registerfail">' . __('Email does not exist.', 'wp-user-control') . '</span></p>';
$reset = false;
}
} else {
$error[] = '<p><span class="registerfail">' . __('Invalid email. Please try again.', 'wp-user-control') . '</span></p>';
}
// if user exists, then proceed
if ($user_exists) {
$user_login = $reset_user->user_login;
$user_email = $reset_user->user_email;
// generate password
$temp_password = wp_PluginUtilities::generatePassword();
// insert new password into WP DB
wp_update_user(array('ID' => $reset_user->ID, 'user_pass' => $temp_password));
// create password reset email message
$message = wp_user_control_user_email_msg('reset', $temp_password, home_url(), $user_login);
wp_user_control_mail($message, 'Password Reset', $user_email);
}
// output errors, if appropriate
if (isset($error) && count($error) > 0) {
foreach ($error as $e) {
echo $e;
}
$reset = false;
// otherwise password reset was successful, so output message
} else {
?>
<p><?php
_e('Check your email for your new password.', 'wp-user-control');
?>
</p><?php
}
} else {
?>
<p><?php
_e('Enter your email address to reset your password.', 'wp-user-control');
?>
</p><?php
}
?>
<form method="post" action="<?php
echo wp_user_control_cleanURI($_SERVER['REQUEST_URI']);
?>
?reset=true" class="wp-user-form">
<div class="username">
<label for="user_email" class="hide"><?php
_e('Email', 'wp-user-control');
?>
: </label>
<input type="text" name="user_email" value="<?php
if (!empty($user_email)) {
echo $user_email;
}
?>
" id="user_email" tabindex="1001" />
</div>
<div class="login_fields">
<?php
do_action('login_form', 'resetpass');
?>
<input type="submit" name="user-submit" value="<?php
echo $resetButtonLabel;
?>
" class="user-submit" tabindex="1002" />
<input type="hidden" name="user-cookie" value="1" />
</div>
</form>
</div>
</div>
<?php
// RESET FORM END
?>
<?php
// LOGGED IN USER BEGIN
?>
<?php
} else {
// is logged in
// output logged in user control box
wp_user_control_logged_in_user($customLink, $customLinkTitle, $displayAvatar);
}
?>
<!-- WP User Control Widget JS -->
<script type="text/javascript">
wp_user_control_widget_js( '<?php
echo $active_tab;
?>
' );
</script>
<!-- WP User Control Widget JS -->
</div>
<?php
} catch (wp_PluginException $e) {
echo $e->getError();
}
// output custom WP widget wrapper
echo $after_widget;
}
/**
* Helper function for outputting form fields.
*
* @args array array of field attributes (name, id, class, type, value, onchange,
* onclick, onload, readonly, size, my_selection)
*/
protected function outputFormField($args)
{
// explode args array into directly addressable variables
extract($args);
// check class, onchange, onclick, onload, and readonly properties
$class = isset($class) ? 'class="' . $class . '" ' : '';
$cols = isset($cols) ? 'cols="' . $cols . '" ' : '';
$multiple = isset($multiple) ? $multiple : '';
$onchange = isset($onchange) ? 'onchange="' . $onchange . '()" ' : '';
$onclick = isset($onclick) ? 'onclick="' . $onclick . '()" ' : '';
$onload = isset($onload) ? 'onload="' . $onload . '()" ' : '';
$readonly = isset($readonly) ? 'readonly="' . $readonly . '" ' : '';
$rows = isset($rows) ? 'rows="' . $rows . '" ' : '';
$size = isset($size) ? 'size="' . $size . '" ' : '';
$style = isset($style) ? 'style="' . $style . '" ' : '';
if (isset($value)) {
if ($type === 'checkbox') {
// detect check box and set value
$checked = $value === 'enabled' ? 'checked="checked" ' : '';
$value = 'value="enabled" ';
} else {
$value = 'value="' . $value . '" ';
$checked = '';
}
} else {
$value = '';
$checked = '';
}
// determine open and close tags based on type
if ($type === 'dropdown' || $type === 'multi-select') {
$open_tag = '<p><label for="' . $this->get_field_id($field) . '">' . $label . '</label><select id="';
$close_tag = '>';
} else {
$open_tag = '<p><label for="' . $this->get_field_id($field) . '">' . $label . '</label><input id="';
$close_tag = ' />';
}
// alter name if it is a multi-select for array
if ($type != 'multi-select') {
$name = 'name="' . $this->get_field_name($field) . '" ';
} else {
$name = 'name="' . $this->get_field_name($field) . '[]" ';
}
// output field
$field = $open_tag . $this->get_field_id($field) . '" ' . $name . $checked . $class . $cols . $multiple . $onchange . $onclick . $onload . $readonly . $rows . $size . $style;
if ($type != 'multi-select') {
$field .= ' type="' . $type . '" ';
}
$field .= $value . $close_tag;
echo $field;
// continue to populate dropdown
if ($type === 'dropdown' || $type === 'multi-select') {
// check to make sure selections is an array
if (is_array($selections)) {
if (!wp_PluginUtilities::isAssociative($selections)) {
foreach ($selections as $key => $item) {
if ($type === 'dropdown') {
$selected = $my_selection == $item ? 'selected="selected"' : '';
echo "<option value='{$item}' {$selected}>{$item}</option>";
} else {
$selected = '';
if (is_array($my_selections)) {
foreach ($my_selections as $selection) {
if ($selection === $item) {
$selected = 'selected="selected"';
break;
}
}
}
echo "<option value='{$item}' {$selected}>{$item}</option>";
}
}
} else {
foreach ($selections as $key => $item) {
if ($type === 'dropdown') {
$selected = $my_selection == $key ? 'selected="selected"' : '';
echo "<option value='{$key}' {$selected}>{$item}</option>";
} else {
$selected = '';
if (is_array($my_selections)) {
foreach ($my_selections as $selection) {
if ($selection == $key) {
$selected = 'selected="selected"';
break;
}
}
}
echo "<option value='{$key}' {$selected}>{$item}</option>";
}
}
}
}
echo "</select>";
}
echo "</p>";
}
