function rcl_confirm_user_registration()
{
global $wpdb, $rcl_options;
$reglogin = $_GET['rglogin'];
$regpass = $_GET['rgpass'];
$regcode = md5($reglogin);
if ($regcode == $_GET['rgcode']) {
if ($user = get_user_by('login', $reglogin)) {
wp_update_user(array('ID' => $user->ID, 'role' => get_option('default_role')));
$time_action = current_time('mysql');
$action = $wpdb->get_var($wpdb->prepare("SELECT time_action FROM " . RCL_PREF . "user_action WHERE user = '******'", $user->ID));
if (!$action) {
$wpdb->insert(RCL_PREF . 'user_action', array('user' => $user->ID, 'time_action' => $time_action));
}
$creds = array();
$creds['user_login'] = $reglogin;
$creds['user_password'] = $regpass;
$creds['remember'] = true;
$sign = wp_signon($creds, false);
if (!is_wp_error($sign)) {
rcl_update_timeaction_user();
do_action('rcl_confirm_registration', $user->ID);
wp_redirect(rcl_get_authorize_url($user->ID));
exit;
}
}
}
if ($rcl_options['login_form_recall'] == 2) {
wp_safe_redirect('wp-login.php?checkemail=confirm');
} else {
wp_redirect(get_bloginfo('wpurl') . '?action-rcl=login&error=confirm');
}
exit;
}
function rcl_get_login_user()
{
global $wp_errors;
$pass = sanitize_text_field($_POST['user_pass']);
$login = sanitize_user($_POST['user_login']);
$member = isset($_POST['rememberme']) ? intval($_POST['rememberme']) : 0;
$url = esc_url($_POST['redirect_to']);
$wp_errors = new WP_Error();
if (!$pass || !$login) {
$wp_errors->add('rcl_login_empty', __('Fill in the required fields!', 'wp-recall'));
return $wp_errors;
}
if ($user = get_user_by('login', $login)) {
$user_data = get_userdata($user->ID);
$roles = $user_data->roles;
$role = array_shift($roles);
if ($role == 'need-confirm') {
$wp_errors->add('rcl_login_confirm', __('Your email is not confirmed!', 'wp-recall'));
return $wp_errors;
}
}
$creds = array();
$creds['user_login'] = $login;
$creds['user_password'] = $pass;
$creds['remember'] = $member;
$user = wp_signon($creds, false);
if (is_wp_error($user)) {
$wp_errors = $user;
return $wp_errors;
} else {
rcl_update_timeaction_user();
wp_redirect(rcl_get_authorize_url($user->ID));
exit;
}
}
function add_private_message_recall()
{
global $user_ID, $wpdb, $rcl_options;
if (!$user_ID) {
exit;
}
$_POST = stripslashes_deep($_POST);
$this->user_lk = intval($_POST['adressat_mess']);
$content_mess = esc_textarea($_POST['content_mess']);
$online = 0;
$status_mess = 0;
$time = current_time('mysql');
$rcl_action_users = $wpdb->get_row($wpdb->prepare("SELECT * FROM " . RCL_PREF . "user_action WHERE user = '******'", $this->user_lk));
$last_action = rcl_get_useraction($rcl_action_users->time_action);
if (!$last_action) {
$online = 1;
}
$result = rcl_add_message(array('addressat' => $this->user_lk, 'content' => $content_mess));
if ($result) {
rcl_update_timeaction_user();
if ($_POST['widget'] != 'undefined') {
$wpdb->update(RCL_PREF . 'private_message', array('status_mess' => 1), array('ID' => intval($_POST['widget'])));
$message_block = '<p class="success-mess">' . __('Your message has been sent!', 'wp-recall') . '</p>';
$log['recall'] = 200;
} else {
$id_mess = $wpdb->get_var("SELECT ID FROM " . RCL_PREF . "private_message WHERE author_mess = '{$user_ID}' AND time_mess = '{$time}'");
$message_block = '';
$message = array('ID' => $id_mess, 'content_mess' => $content_mess, 'status_mess' => 0, 'author_mess' => $user_ID, 'time_mess' => $time);
$this->ava_user_lk = '';
$this->ava_user_ID = get_avatar($user_ID, 40);
$message_block = $this->get_private_message_block_rcl($message_block, (object) $message);
$newmess = '<div class="new_mess"></div>';
if (!$rcl_options['sort_mess']) {
$message_block .= $newmess;
} else {
$message_block = $newmess . $message_block;
}
$log['recall'] = 100;
}
$log['message_block'] = $message_block;
} else {
$log['recall'] = 120;
}
echo json_encode($log);
exit;
}
function rcl_message_upload()
{
global $user_ID, $wpdb, $rcl_options;
$adressat_mess = intval($_POST['talker']);
$online = intval($_POST['online']);
//print_r($_POST);
//print_r($_FILES); exit;
if (!$user_ID) {
exit;
}
if ($rcl_options['file_limit']) {
$file_num = $wpdb->get_var($wpdb->prepare("SELECT COUNT(ID) FROM " . RCL_PREF . "private_message WHERE author_mess = '%d' AND status_mess = '4'", $user_ID));
if ($file_num > $rcl_options['file_limit']) {
$log['recall'] = 150;
echo json_encode($log);
exit;
}
}
rcl_update_timeaction_user();
$time = current_time('mysql');
$mime = explode('/', $_FILES['filedata']['type']);
$name = explode('/', str_replace('\\', '/', untrailingslashit($_FILES['filedata']['tmp_name'])));
$cnt = count($name);
$t_name = $name[--$cnt];
$file_name = $_FILES['filedata']['name'];
$type = substr($file_name, -4);
if (false !== strpos($type, '.')) {
$type = substr($file_name, -3);
}
$upload_dir = wp_upload_dir();
$path_temp = $upload_dir['basedir'] . '/temp-files/';
if (!is_dir($path_temp)) {
mkdir($path_temp);
chmod($path_temp, 0755);
}
$file_path = $path_temp . $t_name . '.' . $type;
//echo $file_path;exit;
if ($mime[0] != 'video' && $mime[0] != 'image' && $mime[0] != 'audio') {
$archive_name = $t_name . '.zip';
$arhive_path = $path_temp . $archive_name;
$file_url = rcl_path_to_url($arhive_path);
$zip = new ZipArchive();
if ($zip->open($arhive_path, ZipArchive::CREATE) === TRUE) {
$zip->addFile($_FILES['filedata']['tmp_name'], $file_name);
$zip->close();
} else {
print_r($_FILES);
exit;
}
} else {
if ($type == 'php' || $type == 'html') {
exit;
}
move_uploaded_file($_FILES['filedata']['tmp_name'], $file_path);
$file_url = rcl_path_to_url($file_path);
}
$wpdb->insert(RCL_PREF . 'private_message', array('author_mess' => $user_ID, 'content_mess' => $file_url, 'adressat_mess' => $adressat_mess, 'time_mess' => $time, 'status_mess' => 4));
$result = $wpdb->get_var($wpdb->prepare("SELECT ID FROM " . RCL_PREF . "private_message WHERE author_mess = '%d' AND content_mess = '%s'", $user_ID, $file_url));
if ($result) {
$file_url = wp_nonce_url(get_bloginfo('wpurl') . '/?rcl-download-id=' . base64_encode($result), 'user-' . $user_ID);
$log['recall'] = 100;
$log['time'] = $time;
} else {
$log['recall'] = 120;
}
echo json_encode($log);
exit;
}
