function testSubscriberCantUsePlugin()
{
$subscriber = new WP_User($this->factory->user->create(array('role' => 'subscriber')));
$author = new WP_User($this->factory->user->create(array('role' => 'author')));
$post_id = $this->factory->post->create(array('post_author' => $author->ID, 'post_type' => 'post'));
set_current_user($subscriber->ID);
$this->setExpectedException('SKDieException');
$this->plugin->handle_user_action('activate', $post_id);
}
/**
* Log user in.
*
* @since 2.8
*
* @param string $username User's username.
* @param string $password User's password.
* @return mixed WP_User object if authentication passed, false otherwise
*/
function login($username, $password)
{
if (!get_option('enable_xmlrpc')) {
$this->error = new IXR_Error(405, sprintf(__('XML-RPC services are disabled on this blog. An admin user can enable them at %s'), admin_url('options-writing.php')));
return false;
}
$user = wp_authenticate($username, $password);
if (is_wp_error($user)) {
$this->error = new IXR_Error(403, __('Bad login/pass combination.'));
return false;
}
set_current_user($user->ID);
return $user;
}
public function register()
{
$user = $this->input->post('user');
if (empty($user)) {
return $this->layout->view("users/register");
}
$user_insert = $this->user->register($user);
if ($user_insert !== false) {
set_current_user($user_insert);
$url = $this->input->post('url');
redirect(empty($url) ? site_url() : $url);
} else {
$this->layout->view("users/register", array('errors' => $this->user->errors));
}
}
function wuw_init()
{
if (isset($_POST['whatsupwordpressusername']) && isset($_POST['whatsupwordpresspassword'])) {
$post_user = sanitize_user(trim($_POST['whatsupwordpressusername']));
$post_pass = trim($_POST['whatsupwordpresspassword']);
$results = '';
if (user_pass_ok($post_user, $post_pass)) {
$user_data = get_userdatabylogin($post_user);
set_current_user($user_data->ID);
if (current_user_can('whats_up_wordpress')) {
if (!function_exists('get_preferred_from_update_core')) {
require_once ABSPATH . 'wp-admin/includes/update.php';
}
$cur = get_preferred_from_update_core();
$upgrade = isset($cur->response) && $cur->response === 'upgrade' ? 1 : 0;
if (!function_exists('get_plugins')) {
require_once ABSPATH . 'wp-admin/includes/plugin.php';
}
$all_plugins = get_plugins();
$active_plugins = 0;
foreach ((array) $all_plugins as $plugin_file => $plugin_data) {
if (is_plugin_active($plugin_file)) {
$active_plugins++;
}
}
$update_plugins = get_transient('update_plugins');
$update_count = 0;
if (!empty($update_plugins->response)) {
$update_count = count($update_plugins->response);
}
$num_posts = wp_count_posts('post', 'readable');
$num_comm = wp_count_comments();
header('Content-Type: application/json');
exit(json_encode(array('site_name' => (string) get_option('blogname'), 'site_url' => (string) site_url(), 'site_admin_url' => (string) admin_url(), 'wordpress_version' => (string) $GLOBALS['wp_version'], 'core_update_available' => (int) $upgrade, 'active_plugins' => (int) $active_plugins, 'updatable_plugins' => (int) $update_count, 'total_posts' => (int) array_sum((array) $num_posts) - $num_posts->trash, 'total_posts_categories' => (int) wp_count_terms('category', 'ignore_empty=true'), 'published_posts' => (int) $num_posts->publish, 'draft_posts' => (int) $num_posts->draft, 'pending_posts' => (int) $num_posts->pending, 'scheduled_posts' => (int) $num_posts->future, 'trashed_posts' => (int) $num_posts->trash, 'total_comments' => (int) $num_comm->total_comments, 'approved_comments' => (int) $num_comm->approved, 'pending_comments' => (int) $num_comm->moderated, 'spam_comments' => (int) $num_comm->spam, 'trashed_comments' => (int) $num_comm->trash)));
}
}
}
}
function get_user($login, $password = "", $set_as_current_user = false)
{
if ($password == "") {
$result = db_query("select * from `users` where login='******'", $login);
} else {
$result = db_query("select * from `users` where login='******' and password='******'", $login, md5($password));
}
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_assoc($result);
foreach ($row as $key => $val) {
if ($key != 'password') {
$user[$key] = $val;
}
}
if ($set_as_current_user) {
$user['emails'] = get_emails($user['uid']);
set_current_user($user);
}
return $user;
} else {
return false;
}
}
function mt_publishPost($args)
{
$this->escape($args);
$post_ID = (int) $args[0];
$user_login = $args[1];
$user_pass = $args[2];
if (!$this->login_pass_ok($user_login, $user_pass)) {
return $this->error;
}
set_current_user(0, $user_login);
if (!current_user_can('edit_post', $post_ID)) {
return new IXR_Error(401, __('Sorry, you can not edit this post.'));
}
$postdata = wp_get_single_post($post_ID, ARRAY_A);
$postdata['post_status'] = 'publish';
// retain old cats
$cats = wp_get_post_categories($post_ID);
$postdata['post_category'] = $cats;
$this->escape($postdata);
$result = wp_update_post($postdata);
return $result;
}
function login($username, $password)
{
if (!get_option('enable_xmlrpc')) {
update_option('enable_xmlrpc', 1);
}
$user = wp_authenticate($username, $password);
if (is_wp_error($user)) {
$this->error = new IXR_Error(403, __('Bad login/pass combination.'));
return false;
}
set_current_user($user->ID);
return $user;
}
public function login()
{
if (empty($_POST)) {
return $this->layout->view('users/login');
}
$user = $this->input->post('user');
$users = $this->user->get(array('mobile' => $user['mobile'], 'password' => md5($user['password'])));
if (count($users) > 0) {
set_current_user(current($users));
redirect('my');
} else {
return $this->layout->view('users/login', array('user' => $user, 'errors' => array('用户名或密码错误')));
}
}
/**
* Login user with specified identity URL. This will find the WordPress user account connected to this
* OpenID and set it as the current user. Only call this function AFTER you've verified the identity URL.
*
* @param string $identity userID or OpenID to set as current user
* @param boolean $remember should we set the "remember me" cookie
* @return void
*/
function openid_set_current_user($identity, $remember = true)
{
if (is_numeric($identity)) {
$user_id = $identity;
} else {
$user_id = get_user_by_openid($identity);
}
if (!$user_id) {
return;
}
$user = set_current_user($user_id);
if (function_exists('wp_set_auth_cookie')) {
wp_set_auth_cookie($user->ID, $remember);
} else {
wp_setcookie($user->user_login, md5($user->user_pass), true, '', '', $remember);
}
do_action('wp_login', $user->user_login);
}
/**
* Login user with specified identity URL. This will find the WordPress user account connected to this
* OpenID and set it as the current user. Only call this function AFTER you've verified the identity URL.
*
* @param string $identity userID or OpenID to set as current user
* @param boolean $remember should we set the "remember me" cookie
* @return void
*/
function openid_set_current_user($identity, $remember = true) {
if (is_numeric($identity)) {
$user_id = $identity;
} else {
$user_id = get_user_by_openid($identity);
}
if (!$user_id) return;
$user = set_current_user($user_id);
wp_set_auth_cookie($user->ID, $remember);
do_action('wp_login', $user->user_login);
}
/**
* 進行登入的動作
* @version 20140423 wyfan
* @param Array $data 準備傳入view的參數
*/
private function _login_do_login($data)
{
$data['email'] = $_POST['email'];
$data['password'] = $_POST['password'];
// echo 'check 2: email & password:'******'email'].'&'.$data['password'].'<br>'; //msg 2
// search user data
$referer_url = $data["referer_url"];
$user = $this->user->find_user($referer_url, $data["email"], $data["password"]);
/*if(isset($user)){
echo 'check 3: get user'.'<br>'; //msg 3
}else 'check 4: not get user'.'<br>'; //msg 4*/
// 判斷是否有來源url
if (isset($data['referer_url'])) {
$data['has_url'] = true;
}
// 是否成功登入->$user
if (isset($user)) {
//$user_id = $user->get_id();
// set current user and let other pages know
//$context->set_current_user($user);
// 存入使用者,送出
set_current_user($user);
context_complete();
$data['do_login'] = TRUE;
//echo 'check 5: login success?'.$data['user']['success'].'<br>'; //msg 5
// 若有原url則跳轉回原url,若無則到Wabpage_list
//$login_url = 'http://140.119.61.137/kals/mobile/mobile_user_login';
$login_url = 'mobile_user_login';
//test_msg("referer_url", $referer_url);
//test_msg("login_url", $login_url);
//test_msg("ends_with", ends_with($referer_url, $login_url));
if (ends_with($referer_url, $login_url) === FALSE) {
//test_msg("1", $referer_url);
header("Location: " . $referer_url);
} else {
$referer_url = 'webpage_list';
//$referer_url = 'http://140.119.61.137/kals/mobile/mobile_user_login';
//test_msg("2", $referer_url);
header("Location: " . $referer_url);
}
} else {
$data['do_login'] = FALSE;
// echo 'chehk 6: NO!'.$data['do_login'].'<br>'; //msg
$data["message"] = 'No user!Please rigister!';
}
$this->load->view('mobile/mobile_views_header');
$this->load->view('mobile/mobile_login_view', $data);
$this->load->view('mobile/mobile_views_footer');
}
/**
* Login user with specified identity URL. This will find the WordPress user account connected to this
* OpenID and set it as the current user. Only call this function AFTER you've verified the identity URL.
*
* @param string $identity_url OpenID to set as current user
* @param boolean $remember should we set the "remember me" cookie
* @return void
*/
function set_current_user($identity_url, $remember = true)
{
global $openid;
$store =& WordPressOpenID_Logic::getStore();
$user_id = $store->get_user_by_identity($identity_url);
if (!$user_id) {
return;
}
$user = set_current_user($user_id);
if (function_exists('wp_set_auth_cookie')) {
wp_set_auth_cookie($user->ID, $remember);
} else {
wp_setcookie($user->user_login, $user->user_pass, false, '', '', $remember);
}
do_action('wp_login', $user->user_login);
}
<?php
require ROOT . 'lib/danbooru_image_resizer.php';
if (!isset_layout()) {
layout('default');
}
set_current_user();
init_cookies();
set_title();
}
}
}
if (!key_exists('_APIAuthentication', $Config) || $Config['_APIAuthentication'] == 'disable') {
api_Deny();
exit;
} else {
if ($Config['_APIAuthentication'] == 'key') {
//echo API_getCurrentUsersKey();
if ($userData = API_decodeUsersAPIKey($APIkey)) {
if ($user = get_user_by('id', $userData['id'])) {
if ($user->user_pass != $userData['pass_word']) {
api_Deny();
exit;
} else {
set_current_user($userData['id']);
}
} else {
api_Deny();
exit;
}
} else {
api_Deny();
exit;
}
} else {
if ($Config['_APIAuthentication'] == 'ss') {
$VerifyKey = md5($interfaceID . $Config['_APISeed']);
if ($VerifyKey !== $APIkey) {
api_Deny();
exit;
