コード例 #1
0
ファイル: upgrade.php プロジェクト: gcorral/hivequeen
 /**
  * Notifies the site admin that the setup is complete.
  *
  * Sends an email with hq_mail to the new administrator that the site setup is complete,
  * and provides them with a record of their login credentials.
  *
  * @since 0.0.1
  *
  * @param string $blog_title Blog title.
  * @param string $blog_url   Blog url.
  * @param int    $user_id    User ID.
  * @param string $password   User's Password.
  */
 function hq_new_blog_notification($blog_title, $blog_url, $user_id, $password)
 {
     $user = new HQ_User($user_id);
     $email = $user->user_email;
     $name = $user->user_login;
     $login_url = hq_login_url();
     $message = sprintf(__("Your new HiveQueen site has been successfully set up at:\n\n%1\$s\n\nYou can log in to the administrator account with the following information:\n\nUsername: %2\$s\nPassword: %3\$s\nLog in here: %4\$s\n\nWe hope you enjoy your new site. Thanks!\n\n--The HiveQueen Team\nhttps://github.com/gcorral/hivequeen\n"), $blog_url, $name, $password, $login_url);
     @hq_mail($email, __('New HiveQueen Site'), $message);
 }
コード例 #2
0
ファイル: pluggable.php プロジェクト: gcorral/hivequeen
 /**
  * Email login credentials to a newly-registered user.
  *
  * A new user registration notification is also sent to admin email.
  *
  * @since 0.0.1
  * @since 0.0.1
  * @since 0.0.1
  *
  * @global hqdb         $hqdb      HiveQueen database object for queries.
  * @global PasswordHash $hq_hasher Portable PHP password hashing framework instance.
  *
  * @param int    $user_id    User ID.
  * @param null   $deprecated Not used (argument deprecated).
  * @param string $notify     Optional. Type of notification that should happen. Accepts 'admin' or an empty
  *                           string (admin only), or 'both' (admin and user). The empty string value was kept
  *                           for backward-compatibility purposes with the renamed parameter. Default empty.
  */
 function hq_new_user_notification($user_id, $deprecated = null, $notify = '')
 {
     if ($deprecated !== null) {
         _deprecated_argument(__FUNCTION__, '4.3.1');
     }
     global $hqdb, $hq_hasher;
     $user = get_userdata($user_id);
     // The blogname option is escaped with esc_html on the way into the database in sanitize_option
     // we want to reverse this for the plain text arena of emails.
     $blogname = hq_specialchars_decode(get_option('blogname'), ENT_QUOTES);
     $message = sprintf(__('New user registration on your site %s:'), $blogname) . "\r\n\r\n";
     $message .= sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n";
     $message .= sprintf(__('E-mail: %s'), $user->user_email) . "\r\n";
     @hq_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);
     if ('admin' === $notify || empty($notify)) {
         return;
     }
     // Generate something random for a password reset key.
     $key = hq_generate_password(20, false);
     /** This action is documented in hq-login.php */
     do_action('retrieve_password_key', $user->user_login, $key);
     // Now insert the key, hashed, into the DB.
     if (empty($hq_hasher)) {
         require_once ABSPATH . HQINC . '/class-phpass.php';
         $hq_hasher = new PasswordHash(8, true);
     }
     $hashed = time() . ':' . $hq_hasher->HashPassword($key);
     $hqdb->update($hqdb->users, array('user_activation_key' => $hashed), array('user_login' => $user->user_login));
     $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n";
     $message .= __('To set your password, visit the following address:') . "\r\n\r\n";
     $message .= '<' . network_site_url("hq-login.php?action=rp&key={$key}&login="******">\r\n\r\n";
     $message .= hq_login_url() . "\r\n";
     hq_mail($user->user_email, sprintf(__('[%s] Your username and password info'), $blogname), $message);
 }
コード例 #3
0
ファイル: hq-login.php プロジェクト: gcorral/hivequeen
/**
 * Handles sending password retrieval email to user.
 *
 * @global hqdb         $hqdb      HiveQueen database abstraction object.
 * @global PasswordHash $hq_hasher Portable PHP password hashing framework.
 *
 * @return bool|HQ_Error True: when finish. HQ_Error on error
 */
function retrieve_password()
{
    global $hqdb, $hq_hasher;
    $errors = new HQ_Error();
    if (empty($_POST['user_login'])) {
        $errors->add('empty_username', __('<strong>ERROR</strong>: Enter a username or e-mail address.'));
    } elseif (strpos($_POST['user_login'], '@')) {
        $user_data = get_user_by('email', trim($_POST['user_login']));
        if (empty($user_data)) {
            $errors->add('invalid_email', __('<strong>ERROR</strong>: There is no user registered with that email address.'));
        }
    } else {
        $login = trim($_POST['user_login']);
        $user_data = get_user_by('login', $login);
    }
    /**
     * Fires before errors are returned from a password reset request.
     *
     * @since 0.0.1
     */
    do_action('lostpassword_post');
    if ($errors->get_error_code()) {
        return $errors;
    }
    if (!$user_data) {
        $errors->add('invalidcombo', __('<strong>ERROR</strong>: Invalid username or e-mail.'));
        return $errors;
    }
    // Redefining user_login ensures we return the right case in the email.
    $user_login = $user_data->user_login;
    $user_email = $user_data->user_email;
    /**
     * Fires before a new password is retrieved.
     *
     * @since 0.0.1
     *
     * @param string $user_login The user login name.
     */
    do_action('retreive_password', $user_login);
    /**
     * Fires before a new password is retrieved.
     *
     * @since 0.0.1
     *
     * @param string $user_login The user login name.
     */
    do_action('retrieve_password', $user_login);
    /**
     * Filter whether to allow a password to be reset.
     *
     * @since 0.0.1
     *
     * @param bool true           Whether to allow the password to be reset. Default true.
     * @param int  $user_data->ID The ID of the user attempting to reset a password.
     */
    $allow = apply_filters('allow_password_reset', true, $user_data->ID);
    if (!$allow) {
        return new HQ_Error('no_password_reset', __('Password reset is not allowed for this user'));
    } elseif (is_hq_error($allow)) {
        return $allow;
    }
    // Generate something random for a password reset key.
    $key = hq_generate_password(20, false);
    /**
     * Fires when a password reset key is generated.
     *
     * @since 0.0.1
     *
     * @param string $user_login The username for the user.
     * @param string $key        The generated password reset key.
     */
    do_action('retrieve_password_key', $user_login, $key);
    // Now insert the key, hashed, into the DB.
    if (empty($hq_hasher)) {
        require_once ABSPATH . HQINC . '/class-phpass.php';
        $hq_hasher = new PasswordHash(8, true);
    }
    $hashed = time() . ':' . $hq_hasher->HashPassword($key);
    $hqdb->update($hqdb->users, array('user_activation_key' => $hashed), array('user_login' => $user_login));
    $message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n";
    $message .= network_home_url('/') . "\r\n\r\n";
    $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
    $message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
    $message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
    $message .= '<' . network_site_url("hq-login.php?action=rp&key={$key}&login="******">\r\n";
    //TODO: Goyo no multisite
    //if ( is_multisite() )
    if (false) {
        $blogname = $GLOBALS['current_site']->site_name;
    } else {
        /*
         * The blogname option is escaped with esc_html on the way into the database
         * in sanitize_option we want to reverse this for the plain text arena of emails.
         */
        $blogname = hq_specialchars_decode(get_option('blogname'), ENT_QUOTES);
    }
    $title = sprintf(__('[%s] Password Reset'), $blogname);
    /**
     * Filter the subject of the password reset email.
     *
     * @since 0.0.1
     *
     * @param string $title Default email title.
     */
    $title = apply_filters('retrieve_password_title', $title);
    /**
     * Filter the message body of the password reset mail.
     *
     * @since 0.0.1
     *
     * @param string  $message    Default mail message.
     * @param string  $key        The activation key.
     * @param string  $user_login The username for the user.
     * @param HQ_User $user_data  HQ_User object.
     */
    $message = apply_filters('retrieve_password_message', $message, $key, $user_login, $user_data);
    if ($message && !hq_mail($user_email, hq_specialchars_decode($title), $message)) {
        hq_die(__('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function.'));
    }
    return true;
}