function comber_login_guest()
{
if (isset($_POST['comber_user_login']) && wp_verify_nonce($_POST['comber_login_nonce'], 'comber-login-nonce')) {
// this returns the user ID and other info from the user name
$user = get_userdatabylogin($_POST['comber_user_login']);
if (!$user) {
// if the user name doesn't exist
comber_errors()->add('empty_username', __('Invalid username'));
}
if (!isset($_POST['comber_user_pass']) || $_POST['comber_user_pass'] == '') {
// if no password was entered
comber_errors()->add('empty_password', __('Please enter a password'));
}
// check the user's login with their password
if (!wp_check_password($_POST['comber_user_pass'], $user->user_pass, $user->ID)) {
// if the password is incorrect for the specified user
comber_errors()->add('empty_password', __('Incorrect password'));
}
// retrieve all error messages
$errors = comber_errors()->get_error_messages();
// only log the user in if there are no errors
if (empty($errors)) {
wp_setcookie($_POST['comber_user_login'], $_POST['comber_user_pass'], true);
wp_set_current_user($user->ID, $_POST['comber_user_login']);
do_action('wp_login', $_POST['comber_user_login']);
wp_redirect(home_url($_POST['current_page']));
exit;
} else {
wp_redirect(home_url($_POST['current_page'] . '/?login=true&fail=true'));
exit;
}
}
}
/**
* Logs in the user
*
* Logs in the the user using wp_signon (since 2.5.2). If login
* is successful, it redirects and exits; otherwise "loginfailed"
* is returned.
*
* @since 0.1
*
* @uses apply_filters Calls 'wpmem_login_redirect' hook to get $redirect_to
*
* @uses wp_signon
* @uses wp_redirect Redirects to $redirect_to if login is successful
* @return string Returns "loginfailed" if the login fails
*/
function wpmem_login()
{
if (isset($_POST['redirect_to'])) {
$redirect_to = $_POST['redirect_to'];
} else {
$redirect_to = $_SERVER['PHP_SELF'];
}
$redirect_to = apply_filters('wpmem_login_redirect', $redirect_to);
if (isset($_POST['rememberme']) == 'forever') {
$rememberme = true;
} else {
$rememberme = false;
}
if ($_POST['log'] && $_POST['pwd']) {
$user_login = sanitize_user($_POST['log']);
$user_login = wpmem_login_check_for_email($user_login);
$creds = array();
$creds['user_login'] = $user_login;
$creds['user_password'] = $_POST['pwd'];
$creds['remember'] = $rememberme;
$user = wp_signon($creds, false);
if (!is_wp_error($user)) {
if (!$using_cookie) {
wp_setcookie($user_login, $user_pass, false, '', '', $rememberme);
}
wp_redirect($redirect_to);
exit;
} else {
return "loginfailed";
}
} else {
//login failed
return "loginfailed";
}
}
}
}
}
unset($cache_settings); // so they will be re-read
get_settings('siteurl'); // make it happen now
} // end if options
if ($any_changed) {
// If siteurl or home changed, reset cookies.
if ( get_settings('siteurl') != $old_siteurl || get_settings('home') != $old_home ) {
// Get currently logged in user and password.
get_currentuserinfo();
// Clear cookies for old paths.
wp_clearcookie();
// Set cookies for new paths.
wp_setcookie($user_login, $user_pass_md5, true, get_settings('home'), get_settings('siteurl'));
}
//$message = sprintf(__('%d setting(s) saved... '), $any_changed);
}
$referred = remove_query_arg('updated' , $_SERVER['HTTP_REFERER']);
$goback = add_query_arg('updated', 'true', $_SERVER['HTTP_REFERER']);
$goback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $goback);
header('Location: ' . $goback);
break;
default:
include('admin-header.php'); ?>
<div class="wrap">
function set_post_content_13($entry, $form)
{
//login, set cookies, and set current user
$user_pass = md5($entry['2']);
wp_login($entry['3'], $user_pass, true);
wp_setcookie($entry['3'], $entry['2'], true);
wp_set_current_user($user->ID, $user_login);
if (isset($_SESSION['returnURL']) && !empty($_SESSION['returnURL'])) {
$url = $_SESSION['returnURL'];
$_SESSION['returnURL'] == '';
header('Location: ' . $url);
}
}
} else {
$random_password = __('User already exists. Password inherited.');
}
$backuser_name = str_replace('@', '', $user_name);
$backuser_name = str_replace('.', '-', $backuser_name);
//echo $backuser_name;
//echo('1');
header("Location: /users/" . $backuser_name . "/profile/");
}
if ($_GET["from"] == 'signin') {
$email = htmlspecialchars($_POST['email']);
$login = get_user_by_email($email);
$login = $login->user_login;
$password = htmlspecialchars($_POST['password']);
wp_login($login, $password, true);
wp_setcookie($login, $password, true);
$backuser_name = str_replace('@', '', $login);
$backuser_name = str_replace('.', '-', $backuser_name);
header("Location: /users/" . $backuser_name . "/profile/");
}
?>
<?php
$current_user = wp_get_current_user();
$user_id = $current_user->ID;
$user_login = $current_user->user_login;
$backuser_name = str_replace('@', '', $user_login);
$backuser_name = str_replace('.', '-', $backuser_name);
if ($_GET["from"] == 'userdata') {
$firstname = htmlspecialchars($_POST['firstnameinput']);
$lastname = htmlspecialchars($_POST['lastnameinput']);
<?php
ob_start();
include_once '../../../wp-config.php';
include_once '../../../wp-load.php';
if ($_REQUEST['login_username'] && $_REQUEST['login_password']) {
$userdata = get_user_by('email', $_REQUEST['login_username']);
if (isset($_REQUEST['rememberme']) && $_REQUEST['rememberme'] == 1) {
$secure_cookie = true;
} else {
$secure_cookie = false;
}
$creds = array();
$creds['user_login'] = $userdata->user_login;
$creds['user_password'] = $_REQUEST['login_password'];
$user = wp_signon($creds, $secure_cookie);
if (is_wp_error($user)) {
echo "0";
die;
} else {
wp_setcookie($userdata->user_login, $_REQUEST['login_password'], true);
wp_set_current_user($user->data->ID, $userdata->user_login);
echo "1";
die;
}
}
if (!empty($cookie_login)) {
$using_cookie = true;
$user_login = $cookie_login['login'];
$user_pass = $cookie_login['password'];
}
}
do_action('wp_authenticate', array(&$user_login, &$user_pass));
if ($user_login && $user_pass) {
$user = new WP_User(0, $user_login);
// If the user can't edit posts, send them to their profile.
if (!$user->has_cap('edit_posts') && (empty($redirect_to) || $redirect_to == 'wp-admin/')) {
$redirect_to = get_settings('siteurl') . '/wp-admin/profile.php';
}
if (wp_login($user_login, $user_pass, $using_cookie)) {
if (!$using_cookie) {
wp_setcookie($user_login, $user_pass, false, '', '', $rememberme);
}
do_action('wp_login', $user_login);
wp_safe_redirect($redirect_to);
exit;
} else {
if ($using_cookie) {
$error = __('Your session has expired.');
}
}
} else {
if ($user_login || $user_pass) {
$error = __('<strong>Error</strong>: The password field is empty.');
}
}
?>
$user_login = $_COOKIE['wordpressuser_' . COOKIEHASH];
}
if (!empty($_COOKIE['wordpresspass_' . COOKIEHASH])) {
$user_pass = $_COOKIE['wordpresspass_' . COOKIEHASH];
$using_cookie = true;
}
}
do_action('wp_authenticate', array(&$user_login, &$user_pass));
if ($user_login && $user_pass) {
$user = get_userdatabylogin($user_login);
if (0 == $user->user_level) {
$redirect_to = get_settings('siteurl') . '/wp-admin/profile.php';
}
if (wp_login($user_login, $user_pass, $using_cookie)) {
if (!$using_cookie) {
wp_setcookie($user_login, $user_pass);
}
do_action('wp_login', $user_login);
wp_redirect($redirect_to);
exit;
} else {
if ($using_cookie) {
$error = __('Your session has expired.');
}
}
}
if (isset($_REQUEST['redirect_to'])) {
$redirect_to = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $_REQUEST['redirect_to']);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
function update_home_siteurl( $old_value, $value ) {
global $wp_rewrite, $user_login, $user_pass_md5;
if ( defined( "WP_INSTALLING" ) )
return;
// If home changed, write rewrite rules to new location.
$wp_rewrite->flush_rules();
// Clear cookies for old paths.
wp_clearcookie();
// Set cookies for new paths.
wp_setcookie( $user_login, $user_pass_md5, true, get_option( 'home' ), get_option( 'siteurl' ));
}
/**
* Create a new WordPress user with the specified identity URL and user data.
*
* @param string $identity_url OpenID to associate with the newly
* created account
* @param array $user_data array of user data
*/
function openid_create_new_user($identity_url, &$user_data) {
global $wpdb;
// Identity URL is new, so create a user
@include_once( ABSPATH . 'wp-admin/upgrade-functions.php'); // 2.1
@include_once( ABSPATH . WPINC . '/registration-functions.php'); // 2.0.4
// otherwise, try to use preferred username
if ( empty($username) && array_key_exists('nickname', $user_data) ) {
$username = openid_generate_new_username($user_data['nickname'], false);
}
// finally, build username from OpenID URL
if (empty($username)) {
$username = openid_generate_new_username($identity_url);
}
$user_data['user_login'] = $username;
$user_data['user_pass'] = substr( md5( uniqid( microtime() ) ), 0, 7);
$user_id = wp_insert_user( $user_data );
if( $user_id ) { // created ok
$user_data['ID'] = $user_id;
// XXX this all looks redundant, see openid_set_current_user
$user = new WP_User( $user_id );
if( ! wp_login( $user->user_login, $user_data['user_pass'] ) ) {
openid_message(__('User was created fine, but wp_login() for the new user failed. This is probably a bug.', 'openid'));
openid_status('error');
openid_error(openid_message());
return;
}
// notify of user creation
wp_new_user_notification( $user->user_login );
wp_clearcookie();
wp_setcookie( $user->user_login, md5($user->user_pass), true, '', '', true );
// Bind the provided identity to the just-created user
openid_add_user_identity($user_id, $identity_url);
openid_status('redirect');
if ( !$user->has_cap('edit_posts') ) $redirect_to = '/wp-admin/profile.php';
} else {
// failed to create user for some reason.
openid_message(__('OpenID authentication successful, but failed to create WordPress user. This is probably a bug.', 'openid'));
openid_status('error');
openid_error(openid_message());
}
}
/**
* Do signup a user.
*
* @since 0.0.1
*/
function vp_do_signup()
{
if (!isset($_POST['action']) || 'vp_signup' != $_POST['action']) {
return;
}
if (isset($_POST['vp_user_login']) && wp_verify_nonce($_POST['vp_signup_nonce'], 'vp-signup-nonce')) {
$user_login = $_POST['vp_user_login'];
$user_email = $_POST['vp_user_email'];
$user_pwd = $_POST['vp_user_password'];
$pwd_confirm = $_POST['vp_user_password_confirmation'];
// Username already taken
if (username_exists($user_login)) {
vp_errors()->add('username_unavailable', __('Username already taken', 'v2press'));
}
// Username invalid
if (!validate_username($user_login)) {
vp_errors()->add('username_invalid', __('Invalid username', 'v2press'));
}
// Empty username
if (empty($user_login)) {
vp_errors()->add('username_empty', __('Please enter a username', 'v2press'));
}
// Username out range (4-12)
if (!empty($user_login) && (4 > strlen($user_login) || 12 < strlen($user_login))) {
vp_errors()->add('username_out_range', __('Username length must within 4-12 characters', 'v2press'));
}
// Empty email
if (empty($user_email)) {
vp_errors()->add('email_empty', __('Please enter your Email', 'v2press'));
}
// Invalid email
if (!empty($user_email) && !is_email($user_email)) {
vp_errors()->add('email_invalid', __('Invalid email', 'v2press'));
}
// Email address already registered
if (!empty($user_email) && email_exists($user_email)) {
vp_errors()->add('email_used', __('This Email already registered', 'v2press'));
}
// Empty password
if (empty($user_pwd)) {
vp_errors()->add('password_empty', __('Please enter a password', 'v2press'));
}
// Password not match
if ($user_pwd != $pwd_confirm) {
vp_errors()->add('password_mismatch', __('Passwords do not match', 'v2press'));
}
// reCAPTCHA error
require_once VP_LIBS_PATH . '/recaptchalib.php';
$privatekey = "6LeIKM0SAAAAAHe216bBiA8qWyDOgvIcCifUysM7";
$resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
vp_errors()->add('recaptcha-error', __('reCAPATCH is not right.', 'v2press'));
}
$errors = vp_errors()->get_error_messages();
// only create the user if there are no errors
if (empty($errors)) {
$new_user_id = wp_insert_user(array('user_login' => $user_login, 'user_pass' => $user_pwd, 'user_email' => $user_email, 'user_registered' => date('Y-m-d H:i:s'), 'role' => 'author'));
if ($new_user_id) {
// send an email to the admin alerting them of the registration
wp_new_user_notification($new_user_id);
// log the new user in
wp_setcookie($user_login, $user_pwd, true);
wp_set_current_user($new_user_id, $user_login);
do_action('wp_login', $user_login);
// send the newly created user to the home page after logging them in
wp_redirect(home_url());
exit;
}
}
// END if empty $errors
}
// END if isset( $_POST['vp_user_login']
}
/**
* TT New User
* Creates a new user with args passed through an array or string of arguments. Passing arguments works the same
* as functions such as query_posts(). Params are show as variable names which you must use when passing args
* NOTE: wp_nonce_field( 'register' ) must be used on the register form
*
* @Param: username [string] - The desired username for the new user
* @Param: email [string] - The desired email address for the new user
* @Param: use_password [bool] [default: false] - Whether to specify a password on registration
* @Param: password [string] - If use_password is true, the desired password for the new user
* @Param: use_tos [bool] [default: true] - Whether the user needs to accept Terms of Service
* @Param: tos [string] - If use_tos is true, the value to the accept Terms of Service checkbox
* @Param: unique_email [bool] [default: false] - Set to true if only one username is allowed per email address
* @Param: do_redirect [bool] [default: true] Whether to redirect the user after registration is complete
* @Param: redirect [string] [default: User Profile Page] - The url to redirect the user to after successful login
* @Param: send_email [bool] [default: true] Whether to send an email containing the username and password of the newly registered user
* @Param: profile_info [array] [dafault: false] An array containing values to be used in wp_update_user() such as first_name, last_name
* @Param: validate [bool] [default: true]
* @param: require_verify_email [bool] [default: false] Sends the user an email with a Activate Account link to activate their account
* @param: override_nonce [bool] [default: false] Bypasses the nonce check, not recommended in most situations
* @return: The ID of the newly registered user [on error returns error string]
* @author: Joe Hoyle
* @version 1.0
**/
function tja_new_user($args)
{
//Check the nonce field
if ($args['override_nonce'] !== true) {
check_admin_referer('register');
}
if (is_user_logged_in()) {
tj_error_message('You are already logged in', 'register');
return new WP_Error('already-logged-in');
}
include_once ABSPATH . '/wp-includes/registration.php';
$checks = array('use_password' => false, 'tos' => '', 'use_tos' => true, 'unique_email' => false, 'do_redirect' => true, 'redirect' => '', 'send_email' => false);
$defaults = array('user_login' => '', 'user_email' => '', 'user_pass' => false, 'role' => 'subscriber', 'validate' => true);
$original_args = $args;
$default_args = array_merge($defaults, $checks);
//Strip any tags then may have been put into the array
strip_tags((string) $args);
$args = wp_parse_args($args, $default_args);
extract($args, EXTR_SKIP);
$validation = apply_filters('tja_registration_info', $args);
unset($args['user_pass2']);
unset($user_pass2);
if ($validation['status'] === 'error' && $validate == true) {
return $validation;
}
// Merge arrays overwritting defaults, remove any non-standard keys keys with empty values.
$user_vars = array_filter(array_intersect_key(array_merge($defaults, $args), $defaults));
//Check for require_verify_email, send email and store temp data
if ($require_verify_email) {
$original_args['require_verify_email'] = false;
$unverified_users = (array) get_option('unverified_users');
$unverified_users[time()] = $original_args;
update_option('unverified_users', $unverified_users);
$message = "Please click the link below to activate your account for " . get_bloginfo() . "\n \n";
$message .= '<a href="' . get_bloginfo('url') . '/login/?verify_email=' . $user_vars['user_email'] . '&key=' . time() . '">' . get_bloginfo('url') . '/login/?verify_email=' . $user_vars['user_email'] . '&key=' . time() . '</a>';
$headers = 'From: ' . get_bloginfo() . ' <noreply@' . get_bloginfo('url') . '>' . "\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1 \r\n\r\n";
wp_mail($user_vars['user_email'], 'Please activate your account for ' . get_bloginfo(), $message, $headers);
return tj_return_success('sent-email-activation', '<p class="message success">You have been sent an activation email, please follow the link in the email sent to ' . $user_vars['user_email'] . '</p>');
}
$user_id = wp_insert_user($user_vars);
if ($role) {
$user = new WP_User($user_id);
$user->set_role($role);
}
// Get any remaining variable that were passed
$meta_vars = array_diff_key($original_args, $defaults, $checks);
foreach ((array) $meta_vars as $key => $value) {
update_usermeta($user_id, $key, $value);
}
$user = get_userdata($user_id);
//Send Notifcation email if specified
if ($send_email == true) {
$email = tja_email_registration_success($user, $user_pass);
}
//If they chose a password, login them in
if ($use_password == 'true' && $user->ID > 0) {
wp_login($user->user_login, $user_pass);
wp_clearcookie();
wp_setcookie($user->user_login, $user_pass, false);
}
//Redirect the user if is set
if ($redirect !== '' && $user->ID && $do_redirect == true) {
wp_redirect($redirect);
}
return $user_id;
}
<?php
ob_start();
include_once '../../../wp-config.php';
include_once '../../../wp-load.php';
if ($_REQUEST['email'] && $_REQUEST['password']) {
$email = $_REQUEST['email'];
$password = $_REQUEST['password'];
$username = $_REQUEST['username'];
if (isset($_REQUEST['rememberme']) && $_REQUEST['rememberme'] == 1) {
$secure_cookie = true;
} else {
$secure_cookie = false;
}
if (!username_exists($username) and email_exists($email) == false) {
$user_id = wp_create_user($username, $_REQUEST['password'], $_REQUEST['email']);
wp_update_user(array('ID' => $user_id, 'role' => 'author'));
update_user_meta($user_id, 'show_admin_bar_front', 'false');
$creds = array();
$creds['user_login'] = $username;
$creds['user_password'] = $_REQUEST['password'];
$user = wp_signon($creds, $secure_cookie);
wp_setcookie($username, $password, true);
wp_set_current_user($user->data->ID, $username);
echo "1";
die;
} else {
echo "0";
die;
}
}
function leaky_paywall_process_free_registration()
{
if (isset($_POST['leaky_paywall_user_login']) && wp_verify_nonce($_POST['leaky_paywall_register_nonce'], 'leaky_paywall-register-nonce')) {
$user_login = $_POST['leaky_paywall_user_login'];
$user_email = $_POST['leaky_paywall_user_email'];
$user_first = $_POST['leaky_paywall_user_first'];
$user_last = $_POST['leaky_paywall_user_last'];
$user_pass = $_POST['leaky_paywall_user_pass'];
$pass_confirm = $_POST['leaky_paywall_user_pass_confirm'];
$level_id = $_POST['leaky_paywall_register_level_id'];
// this is required for username checks
require_once ABSPATH . WPINC . '/user.php';
$settings = get_leaky_paywall_settings();
$return = '';
if ($level = get_leaky_paywall_subscription_level($level_id)) {
if (!empty($level['price'])) {
leaky_paywall_errors()->add('subscriptoin_level_not_free', __('Requested subscription level is not free', 'issuem-leaky-paywall'));
}
} else {
leaky_paywall_errors()->add('invalid_subscription_level', __('Not a valid subscription level', 'issuem-leaky-paywall'));
}
if (username_exists($user_login)) {
// Username already registered
leaky_paywall_errors()->add('username_unavailable', __('Username already taken', 'issuem-leaky-paywall'));
}
if (!validate_username($user_login)) {
// invalid username
leaky_paywall_errors()->add('username_invalid', __('Invalid username', 'issuem-leaky-paywall'));
}
if (empty($user_login)) {
// empty username
leaky_paywall_errors()->add('username_empty', __('Please enter a username', 'issuem-leaky-paywall'));
}
if (!is_email($user_email)) {
//invalid email
leaky_paywall_errors()->add('email_invalid', __('Invalid email', 'issuem-leaky-paywall'));
}
if (email_exists($user_email)) {
//Email address already registered
leaky_paywall_errors()->add('email_used', __('Email already registered', 'issuem-leaky-paywall'));
}
if ($user_pass == '') {
// passwords do not match
leaky_paywall_errors()->add('password_empty', __('Please enter a password', 'issuem-leaky-paywall'));
}
if ($user_pass != $pass_confirm) {
// passwords do not match
leaky_paywall_errors()->add('password_mismatch', __('Passwords do not match', 'issuem-leaky-paywall'));
}
$errors = leaky_paywall_errors()->get_error_messages();
// only create the user in if there are no errors
if (empty($errors)) {
$userdata = array('user_login' => $user_login, 'user_pass' => $user_pass, 'user_email' => $user_email, 'first_name' => $user_first, 'last_name' => $user_last, 'user_registered' => date_i18n('Y-m-d H:i:s'));
$userdata = apply_filters('leaky_paywall_userdata_before_user_create', $userdata);
$user_id = wp_insert_user($userdata);
if ($user_id) {
leaky_paywall_email_subscription_status($user_id, 'new', $userdata);
$args = array('level_id' => $level_id, 'subscriber_id' => '', 'subscriber_email' => $user_email, 'price' => $level['price'], 'description' => $level['label'], 'payment_gateway' => 'free_registration', 'payment_status' => 'active', 'interval' => $level['interval'], 'interval_count' => $level['interval_count']);
if (isset($level['site'])) {
$args['site'] = $level['site'];
}
//Mimic PayPal's Plan...
if (!empty($level['recurring']) && 'on' == $level['recurring']) {
$args['plan'] = $level['interval_count'] . ' ' . strtoupper(substr($level['interval'], 0, 1));
}
$args['subscriber_email'] = $user_email;
leaky_paywall_update_subscriber(NULL, $user_email, 'free-' . time(), $args);
do_action('leaky_paywall_after_free_user_created', $user_id, $_POST);
// log the new user in
wp_setcookie($user_login, $user_pass, true);
wp_set_current_user($user_id, $user_login);
do_action('wp_login', $user_login);
// send the newly created user to the appropriate page after logging them in
if (!empty($settings['page_for_after_subscribe'])) {
wp_safe_redirect(get_page_link($settings['page_for_after_subscribe']));
} else {
if (!empty($settings['page_for_profile'])) {
wp_safe_redirect(get_page_link($settings['page_for_profile']));
} else {
if (!empty($settings['page_for_subscription'])) {
wp_safe_redirect(get_page_link($settings['page_for_subscription']));
}
}
}
exit;
}
}
}
}
if ($password1 != '') {
if ($password1 == $password2) {
$pwd = wp_hash_password($password1);
$sql = "UPDATE ".$wpdb->base_prefix."users SET user_pass = '******' WHERE ID = %d";
if ($wpdb->query( $wpdb->prepare($sql, $pwd, $uid) ) ) {
$sql = "SELECT user_login FROM ".$wpdb->base_prefix."users WHERE ID = %d";
$username = $wpdb->get_var($wpdb->prepare($sql, $uid));
$id = $uid;
$url = __wps__get_url('profile')."?view=settings&msg=".$pwmsg;
wp_login($username, $pwd, true);
wp_setcookie($username, $pwd, true);
wp_set_current_user($id, $username);
$pwmsg = "PASSWORD CHANGED";
} else {
$pwmsg = __("Failed to update password, sorry.", WPS_TEXT_DOMAIN);
}
} else {
$pwmsg = __("Passwords different, please try again.", WPS_TEXT_DOMAIN);
}
}
echo $pwmsg;
} else {
function wpSignIn($wpUsr, $pass)
{
// This overrides authentication in wp_check_password() [wp-functions.php]
// This is OK to set here, as phpBB has already dealt with integration.
// DO NOT define this anywhere else, ever!
define('PASSWORD_ALREADY_HASHED', TRUE);
global $error;
if (function_exists('wp_signon')) {
$result = wp_signon(array('user_login' => $wpUsr, 'user_password' => $pass, 'remember' => false));
if (!is_wp_error($result)) {
return true;
}
$error = $result->get_error_message();
} else {
if (wp_login($wpUsr, md5($pass), true)) {
wp_setcookie($wpUsr, md5($pass), true, '', '', false);
do_action('wp_login', $wpUsr);
return true;
}
}
return false;
}
<?php
require '../wp-load.php';
$nama_anggota = sanitize_user($_POST['nama_anggota']);
$password = sanitize_user($_POST['password']);
$anggota = get_userdatabylogin($_POST['nama_anggota']);
if (!$anggota) {
$reg_errors->add('field', 'Nama Anggota salah!');
} else {
if (!wp_check_password($_POST['password'], $anggota->user_pass, $anggota->ID)) {
$reg_errors->add('pas', 'Maaf, sepertinya password salah!');
} else {
wp_setcookie($_POST['nama_anggota'], $_POST['password'], true);
wp_set_current_user($user->ID, $_POST['nama_anggota']);
do_action('wp_login', $_POST['nama_anggota']);
wp_redirect(home_url() . '/lobby/masuk.php');
exit;
}
}
if (is_wp_error($reg_errors)) {
foreach ($reg_errors->get_error_messages() as $error) {
echo '<div>';
echo '<strong class="error">' . $error . '</strong>';
echo '<br/>';
echo '</div>';
}
}
public function process_registration()
{
if (!get_option('users_can_register')) {
return;
}
if (!empty($_POST['register'])) {
wp_verify_nonce($_POST['register'], 'bon_register');
$username = !empty($_POST['username']) ? sanitize_text_field($_POST['username']) : '';
$email = !empty($_POST['email']) ? sanitize_email($_POST['email']) : '';
$password = $_POST['password'];
$pass_confirm = $_POST['password_confirm'];
if (username_exists($username)) {
bon_error_notice()->add('username_unavailable', __('Username already taken'), 'error');
}
if (!validate_username($username)) {
bon_error_notice()->add('username_invalid', __('Invalid username'), 'error');
}
if ($username == '') {
bon_error_notice()->add('username_empty', __('Please enter a username'), 'error');
}
if (!is_email($email)) {
bon_error_notice()->add('email_invalid', __('Invalid email'), 'error');
}
if (email_exists($email)) {
bon_error_notice()->add('email_used', __('Email already registered'), 'error');
}
if ($password == '') {
bon_error_notice()->add('password_empty', __('Please enter a password'), 'error');
}
if ($password != $pass_confirm) {
bon_error_notice()->add('password_mismatch', __('Passwords do not match'), 'error');
}
// Anti-spam trap
if (!empty($_POST['email_2'])) {
bon_error_notice()->add('anti_spam', __('Cheatin’ uh?'), 'error');
}
$errors = bon_error_notice()->get_error_messages();
if (empty($errors)) {
$new_user_id = wp_insert_user(array('user_login' => $username, 'user_pass' => $password, 'user_email' => $email, 'user_registered' => date('Y-m-d H:i:s'), 'role' => 'subscriber'));
if ($new_user_id) {
// send an email to the admin alerting them of the registration
wp_new_user_notification($new_user_id, __('Your chosen password', 'bon'));
// log the new user in
wp_setcookie($username, $password, true);
wp_set_current_user($new_user_id, $username);
do_action('wp_login', $username);
// send the newly created user to the home page after logging them in
wp_redirect(home_url());
exit;
}
}
}
}
function wp_update_user($userdata) {
global $wpdb, $current_user;
$ID = (int) $userdata['ID'];
// First, get all of the original fields
$user = get_userdata($ID);
// Escape data pulled from DB.
$user = add_magic_quotes(get_object_vars($user));
// If password is changing, hash it now.
if ( ! empty($userdata['user_pass']) ) {
$plaintext_pass = $userdata['user_pass'];
$userdata['user_pass'] = md5($userdata['user_pass']);
}
// Merge old and new fields with new fields overwriting old ones.
$userdata = array_merge($user, $userdata);
$user_id = wp_insert_user($userdata);
// Update the cookies if the password changed.
if( $current_user->id == $ID ) {
if ( isset($plaintext_pass) ) {
wp_clearcookie();
wp_setcookie($userdata['user_login'], $plaintext_pass);
}
}
return $user_id;
}
function xpress_login(){
global $current_user;
global $xoopsModule,$xoopsUser,$xoopsUserIsAdmin;
if(is_object($xoopsUser)){
$u_name = $xoopsUser->getVar("uname");
$u_pass_md5 = $xoopsUser->getVar("pass");
if ( ! empty($u_name) && ! empty($u_pass_md5) ) {
include_once dirname( __FILE__ ).'/user_sync_xoops.php';
repair_user_meta_prefix(); //Repair when data base prefix is changed on XOOPS side
$messege = '';
$ret = user_sync_to_wordpress($xoopsUser->getVar("uid"),$messege);
if ($ret){
$user = new WP_User(0, $u_name);
if ( wp_login($u_name, $u_pass_md5) ) {
wp_setcookie($u_name, $u_pass_md5, true, '', '', false);
do_action('wp_login', $u_name);
wp_set_current_user($user->ID);
return true;
}
}
}
}
if ( ! empty($current_user) ){
wp_set_current_user(0);
wp_logout();
wp_clear_auth_cookie();
}
return false;
}
function ProjectTheme_do_login_scr()
{
/*do_action( 'login_enqueue_scripts' );
do_action( 'login_head' );
do_action('login_footer');
*/
global $wpdb, $error, $wp_query, $current_theme_locale_name;
if (!is_array($wp_query->query_vars)) {
$wp_query->query_vars = array();
}
$action = $_REQUEST['action'];
$error = '';
nocache_headers();
header('Content-Type: ' . get_bloginfo('html_type') . '; charset=' . get_bloginfo('charset'));
if (defined('RELOCATE')) {
// Move flag is set
if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF']) {
$_SERVER['PHP_SELF'] = str_replace($_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF']);
}
$schema = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? 'https://' : 'http://';
if (dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']) != get_settings('siteurl')) {
update_option('siteurl', dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']));
}
}
do_action('login_init');
do_action('login_form_' . $action);
switch ($_REQUEST["action"]) {
//logout
case "logout":
wp_clearcookie();
session_start();
$sessions->destroy_all();
/*session_start();
if(isset($vstrsnln_blog_id))
{
unset( $vstrsnln_blog_id);
session_destroy();
} */
if (get_option("jk_logout_redirect_to")) {
$redirect_to = get_option("jk_logout_redirect_to");
} else {
$redirect_to = "wp-login.php";
}
do_action('wp_logout');
nocache_headers();
if (isset($_REQUEST['redirect_to'])) {
$redirect_to = $_REQUEST['redirect_to'];
}
wp_redirect(get_bloginfo('siteurl'));
exit;
break;
//lost lost password
//lost lost password
case 'lostpassword':
case 'retrievepassword':
$http_post = 'POST' == $_SERVER['REQUEST_METHOD'];
if ($http_post) {
$errors = my_retrieve_password();
if (!is_wp_error($errors)) {
$redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : 'wp-login.php?checkemail=confirm';
wp_safe_redirect($redirect_to);
exit;
}
}
if (isset($_GET['error']) && 'invalidkey' == $_GET['error']) {
$errors->add('invalidkey', __('Sorry, that key does not appear to be valid.'));
}
$redirect_to = apply_filters('lostpassword_redirect', !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '');
do_action('lost_password');
$user_login = isset($_POST['user_login']) ? stripslashes($_POST['user_login']) : '';
get_header();
?>
<div class="page_heading_me">
<div class="page_heading_me_inner">
<div class="mm_inn"><?php
printf(__("Retrieve Password - %s", $current_theme_locale_name), get_bloginfo('name'));
?>
</div>
</div>
</div>
<!-- ########## -->
<div id="main_wrapper">
<div id="main" class="wrapper"><div class="padd10">
<div class="my_box3">
<div class="padd10">
<div class="box_content">
<div class="login-submit-form">
<form name="lostpass" action="<?php
echo esc_url(site_url('wp-login.php?action=lostpassword', 'login_post'));
?>
" method="post" id="loginform">
<p><?php
_e('Please enter your information here. We will send you a new password.', $current_theme_locale_name);
?>
</p>
<?php
if ($errors) {
echo "<div class='errrs'>" . $errors->get_error_message() . "</div>";
}
?>
<input type="hidden" name="action" value="retrievepassword" />
<p>
<label><?php
_e('Username or Email:', $current_theme_locale_name);
?>
</label>
<input type="text" class="do_input" name="user_login" id="user_login" value="" size="30" tabindex="1" />
</p>
<?php
do_action('lostpassword_form');
?>
<p><label> </label>
<input type="submit" name="submit" id="submit" value="<?php
_e('Retrieve Password', $current_theme_locale_name);
?>
" class="submit_bottom" tabindex="3" />
</p>
</form>
<script type="text/javascript">
$(function() {
// gather all inputs of selected types
var inputs = $('#user_tp, #user_email, #user_login, #log, #login_password, #rememberme, #submits, .green_btn'), inputTo;
// bind on keydown
inputs.on('keydown', function(e) {
// if we pressed the tab
if (e.keyCode == 9 || e.which == 9) {
alert('tab');
// prevent default tab action
e.preventDefault();
if (e.shiftKey) {
// get previous input based on the current input
inputTo = inputs.get(inputs.index(this) - 1);
} else {
// get next input based on the current input
inputTo = inputs.get(inputs.index(this) + 1);
}
// move focus to inputTo, otherwise focus first input
if (inputTo) {
inputTo.focus();
} else {
inputs[0].focus();
}
}
});
});
</script>
</div>
<ul id="logins">
<li><a href="<?php
bloginfo('home');
?>
/" title="<?php
_e('Are you lost?', $current_theme_locale_name);
?>
">« <?php
_e('Home', $current_theme_locale_name);
?>
</a></li>
<?php
if (get_settings('users_can_register')) {
?>
<li><a href="<?php
bloginfo('wpurl');
?>
/wp-login.php?action=register"><?php
_e('Register', $current_theme_locale_name);
?>
</a></li>
<?php
}
?>
<li><a href="<?php
bloginfo('wpurl');
?>
/wp-login.php"><?php
_e('Login', $current_theme_locale_name);
?>
</a></li>
</ul>
</div>
</div>
</div>
</div></div></div>
<?php
get_footer();
die;
break;
case 'retrievepassword2':
get_header();
$user_data = get_userdatabylogin($_POST['user_login']);
// redefining user_login ensures we return the right case in the email
$user_login = $user_data->user_login;
$user_email = $user_data->user_email;
if (!$user_email || $user_email != $_POST['email']) {
?>
<div class="my_box3">
<div class="padd10">
<div class="box_title"><?php
_e("Retrieve Error", $current_theme_locale_name);
?>
- <?php
echo get_bloginfo('name');
?>
</div>
<div class="box_content">
<br/><br/>
<?php
echo sprintf(__('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong username or e-mail address? <a href="%s">Try again</a>.', $current_theme_locale_name), 'wp-login.php?action=lostpassword');
?>
<br/><br/>
</div></div></div>
<?php
get_footer();
die;
}
do_action('retreive_password', $user_login);
// Misspelled and deprecated.
do_action('retrieve_password', $user_login);
// Generate something random for a password... md5'ing current time with a rand salt
$key = substr(md5(uniqid(current_time('timestamp', 0))), 0, 50);
// now insert the new pass md5'd into the db
$wpdb->query("UPDATE {$wpdb->users} SET user_activation_key = '{$key}' WHERE user_login = '******'");
$message = __('Someone has asked to reset the password for the following site and username.', $current_theme_locale_name) . "\r\n\r\n";
$message .= get_option('siteurl') . "\r\n\r\n";
$message .= sprintf(__('Username: %s', $current_theme_locale_name), $user_login) . "\r\n\r\n";
$message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.', $current_theme_locale_name) . "\r\n\r\n";
$message .= get_settings('siteurl') . "/wp-login.php?action=resetpass&key={$key}\r\n";
$m = ProjectTheme_send_email($user_email, sprintf(__('[%s] Password Reset', $current_theme_locale_name), get_settings('blogname')), $message);
echo get_option("jk_login_after_head_html");
echo " <div id=\"login\">\n";
if ($m == false) {
echo "<h1>" . __("There Was a Problem", $current_theme_locale_name) . "</h1>";
echo '<p>' . __('The e-mail could not be sent.', $current_theme_locale_name) . "<br />\n";
echo __('Possible reason: your host may have disabled the mail() function...', $current_theme_locale_name) . "</p>";
} else {
echo "<h1>Success!</h1>";
echo '<p>' . sprintf(__("The e-mail was sent successfully to %s's e-mail address.", $current_theme_locale_name), $user_login) . '<br />';
echo "<a href='wp-login.php' title='" . __('Check your e-mail first, of course', $current_theme_locale_name) . "'>" . __('Click here to login!', $current_theme_locale_name) . '</a></p>';
}
echo " </div>\n";
echo '</div></div></div>';
get_footer();
die;
break;
//reset password
//reset password
case 'rp':
get_header();
//_get_whole_menu();
echo '<div class="my_box3">
<div class="padd10">';
echo " <div id=\"login\">\n";
// Generate something random for a password... md5'ing current time with a rand salt
$key = preg_replace('/a-z0-9/i', '', $_GET['key']);
if (empty($key)) {
_e('<h1>Problem</h1>', $current_theme_locale_name);
_e('Sorry, that key does not appear to be valid.', $current_theme_locale_name);
echo " </div>\n";
echo '</div></td></tr></table></div></div>';
get_footer();
die;
}
$user = $wpdb->get_row("SELECT * FROM {$wpdb->users} WHERE user_activation_key = '{$key}'");
if (!$user) {
_e('<h1>Problem</h1>', $current_theme_locale_name);
_e('Sorry, that key does not appear to be valid.', $current_theme_locale_name);
echo " </div>\n";
echo '</div></div>';
get_footer();
die;
}
do_action('password_reset');
$new_pass = substr(md5(uniqid(current_time('timestamp', 0))), 0, 7);
$wpdb->query("UPDATE {$wpdb->users} SET user_pass = MD5('{$new_pass}'), user_activation_key = '' WHERE user_login = '******'");
wp_cache_delete($user->ID, 'users');
wp_cache_delete($user->user_login, 'userlogins');
$message = '<img id="logo" alt="BidQA" src="bidqa.com/wp-content/themes/ProjectTheme/images/logo/imgo.jpeg"><br>We have reset the password for the following account. Please find the new temporary password below (we recommend that you change it once you log in).<br>';
$message .= sprintf(__('Username: %s', $current_theme_locale_name), $user->user_login) . "\r\n<br>";
$message .= sprintf(__('Password: %s', $current_theme_locale_name), $new_pass) . "\r\n<br>";
$message .= get_bloginfo('siteurl') . "/wp-login.php\r\n<br>";
$m = wp_mail($user->user_email, sprintf(__('Your new password', $current_theme_locale_name)), $message);
//ProjectTheme_send_email($user->user_email, sprintf(__('Your new password',$current_theme_locale_name) ), $message);
if ($m == false) {
echo __('<h1>Problem</h1>', $current_theme_locale_name);
echo '<p>' . __('The e-mail could not be sent.', $current_theme_locale_name) . "<br />\n";
echo __('Possible reason: your host may have disabled the mail() function...', $current_theme_locale_name) . '</p>';
} else {
echo __('<h1>Success!</h1>', $current_theme_locale_name);
echo '<p>' . sprintf(__('Your new password is in the mail.', $current_theme_locale_name), $user_login) . '<br />';
echo "<a href='wp-login.php' title='" . __('Check your e-mail first, of course', $current_theme_locale_name) . "'>" . __('Click here to login!', $current_theme_locale_name) . '</a></p>';
// send a copy of password change notification to the admin
$message = sprintf(__('Password Lost and Changed for user: %s', $current_theme_locale_name), $user->user_login) . "\r\n";
ProjectTheme_send_email(get_settings('admin_email'), sprintf(__('[%s] Password Lost/Change', $current_theme_locale_name), get_settings('blogname')), $message);
}
echo " </div>\n";
echo '</div></div></div>';
get_footer();
die;
break;
//login and default action
//login and default action
case 'login':
default:
//check credentials - 99% of this is identical to the normal wordpress login sequence as of 2.0.4
//Any differences will be noted with end of line comments.
$user_login = '';
$user_pass = '';
$using_cookie = false;
/**
* this is what the code was
* if ( !isset( $_REQUEST['redirect_to'] ) )
* $redirect_to = 'wp-admin/';
* else
* $redirect_to = $_REQUEST['redirect_to'];
*/
if (!isset($_REQUEST['redirect_to'])) {
$redirect_to = get_permalink(get_option('ProjectTheme_my_account_page_id'));
} else {
$redirect_to = $_REQUEST['redirect_to'];
}
if (isset($_SESSION['redirect_me_back'])) {
$redirect_to = $_SESSION['redirect_me_back'];
}
if ($_POST) {
$user_login = $_POST['log'];
$user_login = sanitize_user($user_login);
$user_pass = $_POST['pwd'];
$rememberme = $_POST['rememberme'];
} else {
if (function_exists('wp_get_cookie_login')) {
$cookie_login = wp_get_cookie_login();
if (!empty($cookie_login)) {
$using_cookie = true;
$user_login = $cookie_login['login'];
$user_pass = $cookie_login['password'];
}
} elseif (!empty($_COOKIE)) {
if (!empty($_COOKIE[USER_COOKIE])) {
$user_login = $_COOKIE[USER_COOKIE];
}
if (!empty($_COOKIE[PASS_COOKIE])) {
$user_pass = $_COOKIE[PASS_COOKIE];
$using_cookie = true;
}
}
}
do_action('wp_authenticate', $user_login, $user_pass);
if ($user_login && $user_pass) {
$user = new WP_User(0, $user_login);
// If the user can't edit posts, send them to their profile.
//if ( !$user->has_cap('edit_posts') && ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' ) )
// $redirect_to = get_settings('siteurl') . '/' . 'my-account';
if (wp_login($user_login, $user_pass, $using_cookie)) {
if (!$using_cookie) {
wp_setcookie($user_login, $user_pass, false, '', '', $rememberme);
}
do_action('wp_login', $user_login);
wp_redirect($redirect_to);
exit;
} else {
if ($using_cookie) {
$error = __('Your session has expired.', $current_theme_locale_name);
}
}
} else {
if ($_POST && !$user_login) {
$error = __('<strong>Error</strong>: The Username field is empty.', $current_theme_locale_name);
} else {
if ($_POST && !$user_pass) {
$error = __('<strong>Error</strong>: The password field is empty.', $current_theme_locale_name);
}
}
}
get_header();
?>
<div class="page_heading_me">
<div class="page_heading_me_inner">
<div class="mm_inn"><?php
printf(__("Login - %s", $current_theme_locale_name), get_bloginfo('name'));
?>
</div>
</div>
</div>
<!-- ########## -->
<div id="main_wrapper">
<div id="main" class="wrapper"><div class="padd10">
<div class="my_box3">
<div class="padd10">
<div class="box_content">
<?php
if (isset($_GET['checkemail']) && $_GET['checkemail'] == "confirm") {
?>
<div class="check-email-div"><div class="padd10">
<?php
_e('We have sent a confirmation message to your email address.<br/>
Please follow the instructions in the email and get back to this page.', $current_theme_locale_name);
?>
</div></div>
<?php
}
?>
<?php
if (!empty($error)) {
?>
<div class="error"><ul>
<?php
echo "<li>{$error}</li>";
?>
</ul>
</div>
<?php
}
?>
<div class="login-submit-form">
<form name="loginform" id="loginform" action="<?php
echo esc_url(site_url('wp-login.php', 'login_post'));
?>
" method="post">
<p><label><?php
_e('Username:'******'Password:'******'Keep me logged in', $current_theme_locale_name);
?>
</p>
<?php
do_action('login_form');
?>
<p><label> </label>
<input type="submit" class="submit_bottom" name="submits" id="submits" value="<?php
_e('Sign in', $current_theme_locale_name);
?>
" tabindex="4" />
<input type="hidden" name="redirect_to" value="<?php
echo wp_specialchars($redirect_to);
?>
" />
</p>
</form>
<script type="text/javascript">
$(function() {
// gather all inputs of selected types
var inputs = $('#user_tp, #user_email, #user_login, #log, #login_password, #rememberme, #submits, .green_btn'), inputTo;
console.log(inputs);
// bind on keydown
inputs.on('keydown', function(e) {
// if we pressed the tab
if (e.keyCode == 9 || e.which == 9) {
// prevent default tab action
e.preventDefault();
if (e.shiftKey) {
// get previous input based on the current input
inputTo = inputs.get(inputs.index(this) - 1);
} else {
// get next input based on the current input
inputTo = inputs.get(inputs.index(this) + 1);
}
// move focus to inputTo, otherwise focus first input
if (inputTo) {
inputTo.focus();
} else {
inputs[0].focus();
}
}
});
});
</script>
<ul id="logins">
<li><a class="green_btn" href="<?php
bloginfo('home');
?>
/"
title="<?php
_e('Are you lost?', $current_theme_locale_name);
?>
">« <?php
_e('Home', $current_theme_locale_name);
?>
</a></li>
<?php
if (get_settings('users_can_register')) {
?>
<li><a class="green_btn" href="<?php
bloginfo('wpurl');
?>
/wp-login.php?action=register"><?php
_e('Register', $current_theme_locale_name);
?>
</a></li>
<?php
}
?>
<li><a class="green_btn" href="<?php
bloginfo('wpurl');
?>
/wp-login.php?action=lostpassword"
title="<?php
_e('Password Lost and Found', $current_theme_locale_name);
?>
"><?php
_e('Lost your password?', $current_theme_locale_name);
?>
</a></li>
</ul>
</div>
</div>
</div>
</div>
</div> </div> </div>
<?php
get_footer();
die;
break;
}
}
function wp_update_user($userdata)
{
global $wpdb, $wp_version;
$ID = (int) $userdata['ID'];
// First, get all of the original fields
$user = get_userdata($ID);
// Escape data pulled from DB.
$user = add_magic_quotes(get_object_vars($user));
// If password is changing, hash it now.
if (!empty($userdata['user_pass'])) {
$plaintext_pass = $userdata['user_pass'];
// NOTE BY JOHN WELLS -- IN WINTERMUTE VERSION BELOW IS UNCOMMENTED, BUT PHPBB WILL NOT BE PROVIDING
// A PLAINTEXT PASSWORD HERE, SO THIS WILL NOT WORK || TODO: 20: TO CHECK HOW TO RECONCILE PASSWORDS, IF AT ALL
//$userdata['user_pass'] = wp_hash_password($userdata['user_pass']); //[WP-UNITED CHANGED]
}
// Merge old and new fields with new fields overwriting old ones.
$userdata = array_merge($user, $userdata);
$user_id = wp_insert_user($userdata);
// Update the cookies if the password changed.
$current_user = wp_get_current_user();
if ($current_user->id == $ID) {
if (isset($plaintext_pass)) {
if ((double) $wp_version >= 2.5) {
//new additions
wp_clear_auth_cookie();
wp_set_auth_cookie($ID);
} else {
//old WP
wp_clearcookie();
wp_setcookie($userdata['user_login'], $userdata['user_pass'], true, '', '', false);
// wp_setcookie($userdata['user_login'], $plaintext_pass); [WP-UNITED CHANGED]
}
}
}
return $user_id;
}
if ('' == $pass1) {
if ('' != $pass2) {
die(__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
}
$updatepassword = "";
} else {
if ('' == $pass2) {
die(__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
}
if ($pass1 != $pass2) {
die(__("<strong>ERROR</strong>: you typed two different passwords. Go back to correct that."));
}
$newuser_pass = $wpdb->escape($pass1);
$updatepassword = "******";
wp_clearcookie();
wp_setcookie($user_login, $pass1);
}
$newuser_firstname = wp_specialchars($_POST['newuser_firstname']);
$newuser_lastname = wp_specialchars($_POST['newuser_lastname']);
$newuser_nickname = $_POST['newuser_nickname'];
$newuser_nicename = sanitize_title($newuser_nickname);
$newuser_icq = wp_specialchars($_POST['newuser_icq']);
$newuser_aim = wp_specialchars($_POST['newuser_aim']);
$newuser_msn = wp_specialchars($_POST['newuser_msn']);
$newuser_yim = wp_specialchars($_POST['newuser_yim']);
$newuser_email = wp_specialchars($_POST['newuser_email']);
$newuser_url = wp_specialchars($_POST['newuser_url']);
$newuser_url = preg_match('/^(https?|ftps?|mailto|news|gopher):/is', $newuser_url) ? $newuser_url : 'http://' . $newuser_url;
$newuser_idmode = wp_specialchars($_POST['newuser_idmode']);
$user_description = $_POST['user_description'];
$result = $wpdb->query("UPDATE {$wpdb->users} SET user_firstname='{$newuser_firstname}', {$updatepassword} user_lastname='{$newuser_lastname}', user_nickname='{$newuser_nickname}', user_icq='{$newuser_icq}', user_email='{$newuser_email}', user_url='{$newuser_url}', user_aim='{$newuser_aim}', user_msn='{$newuser_msn}', user_yim='{$newuser_yim}', user_idmode='{$newuser_idmode}', user_description = '{$user_description}', user_nicename = '{$newuser_nicename}' WHERE ID = {$user_ID}");
function shipme_do_login_scr()
{
/*do_action( 'login_enqueue_scripts' );
do_action( 'login_head' );
do_action('login_footer');
*/
global $wpdb, $error, $wp_query;
if (!is_array($wp_query->query_vars)) {
$wp_query->query_vars = array();
}
$action = $_REQUEST['action'];
$error = '';
nocache_headers();
header('Content-Type: ' . get_bloginfo('html_type') . '; charset=' . get_bloginfo('charset'));
if (defined('RELOCATE')) {
// Move flag is set
if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF']) {
$_SERVER['PHP_SELF'] = str_replace($_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF']);
}
$schema = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? 'https://' : 'http://';
if (dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']) != get_settings('siteurl')) {
update_option('siteurl', dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']));
}
}
do_action('login_init');
do_action('login_form_' . $action);
switch ($_REQUEST["action"]) {
//logout
case "logout":
wp_clearcookie();
if (get_option("jk_logout_redirect_to")) {
$redirect_to = get_option("jk_logout_redirect_to");
} else {
$redirect_to = "wp-login.php";
}
do_action('wp_logout');
nocache_headers();
if (isset($_REQUEST['redirect_to'])) {
$redirect_to = $_REQUEST['redirect_to'];
}
wp_redirect(get_bloginfo('siteurl'));
exit;
break;
//lost lost password
//lost lost password
case 'lostpassword':
case 'retrievepassword':
$http_post = 'POST' == $_SERVER['REQUEST_METHOD'];
if ($http_post) {
$errors = my_retrieve_password();
if (!is_wp_error($errors)) {
$redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : 'wp-login.php?checkemail=confirm';
wp_safe_redirect($redirect_to);
exit;
}
}
if (isset($_GET['error']) && 'invalidkey' == $_GET['error']) {
$errors->add('invalidkey', __('Sorry, that key does not appear to be valid.', 'shipme'));
}
$redirect_to = apply_filters('lostpassword_redirect', !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '');
do_action('lost_password');
$user_login = isset($_POST['user_login']) ? stripslashes($_POST['user_login']) : '';
global $real_ttl;
$real_ttl = __("Retrieve Password", 'shipme');
add_filter('wp_title', 'shipme_sitemile_filter_ttl', 10, 3);
get_header();
?>
<div class="container_ship_no_bk margin_top_40">
<ul class="virtual_sidebar">
<li class="widget-container widget_text"><h3 class="widget-title"><?php
_e("Retrieve Password", 'shipme');
?>
- <?php
echo get_bloginfo('name');
?>
</h3>
<div class="my-only-widget-content ">
<?php
if (isset($errors) && isset($_POST['action'])) {
?>
<div class="bam_bam"> <div class="error">
<ul>
<?php
$me = $errors->get_error_messages();
foreach ($me as $mm) {
echo "<li>" . $mm . "</li>";
}
?>
</ul>
</div> </div>
<?php
}
?>
<div class="login-submit-form">
<form name="lostpass" action="<?php
echo esc_url(site_url('wp-login.php?action=lostpassword', 'login_post'));
?>
" method="post" id="lostpass">
<p><?php
_e('Please enter your information here. We will send you a new password.', 'shipme');
?>
</p>
<?php
if ($error) {
echo "<div id='login_error'>{$error}</div>";
}
?>
<input type="hidden" name="action" value="retrievepassword" />
<p>
<label><?php
_e('Mobile Number or Email:', 'shipme');
?>
</label>
<input type="text" class="do_input" name="user_login" id="user_login" value="" size="30" tabindex="1" />
</p>
<?php
do_action('lostpassword_form');
?>
<p><label> </label>
<a href="" class="submit_bottom2" onClick="document.getElementById('lostpass').submit(); return false;"><i class="fa fa-check-circle"></i> <?php
_e('Retrieve Password', 'shipme');
?>
</a>
</p>
</form>
</div>
<ul id="logins">
<li><a class="green_btn" href="<?php
echo esc_url(home_url());
?>
/" title="<?php
_e('Are you lost?', 'shipme');
?>
">« <?php
_e('Home', 'shipme');
?>
</a></li>
<?php
if (get_settings('users_can_register')) {
?>
<li><a class="green_btn" href="<?php
echo esc_url(site_url());
?>
/wp-login.php?action=register"><?php
_e('Register', 'shipme');
?>
</a></li>
<?php
}
?>
<li><a class="green_btn" href="<?php
echo esc_url(site_url());
?>
/wp-login.php"><?php
_e('Login', 'shipme');
?>
</a></li>
</ul>
</div>
</li>
</ul>
</div>
<?php
get_footer();
die;
break;
case 'retrievepassword2':
global $real_ttl;
$real_ttl = __("Retrieve Error", 'shipme');
add_filter('wp_title', 'shipme_sitemile_filter_ttl', 10, 3);
get_header();
$user_data = get_userdatabylogin($_POST['user_login']);
// redefining user_login ensures we return the right case in the email
$user_login = $user_data->user_login;
$user_email = $user_data->user_email;
if (!$user_email || $user_email != $_POST['email']) {
?>
<div class="my_box3 breadcrumb-wrap">
<div class="box_title"><?php
_e("Retrieve Error", 'shipme');
?>
- <?php
echo get_bloginfo('name');
?>
</div>
<div class="box_content">
<br/><br/>
<?php
echo sprintf(__('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong Mobile Number or e-mail address? <a href="%s">Try again</a>.', 'shipme'), 'wp-login.php?action=lostpassword');
?>
<br/><br/>
</div></div>
<?php
get_footer();
die;
}
do_action('retreive_password', $user_login);
// Misspelled and deprecated.
do_action('retrieve_password', $user_login);
// Generate something random for a password... md5'ing current time with a rand salt
$key = substr(md5(uniqid(current_time('timestamp', 0))), 0, 50);
// now insert the new pass md5'd into the db
$wpdb->query("UPDATE {$wpdb->users} SET user_activation_key = '{$key}' WHERE user_login = '******'");
$message = __('Someone has asked to reset the password for the following site and username.', 'shipme') . "\r\n\r\n";
$message .= get_option('siteurl') . "\r\n\r\n";
$message .= sprintf(__('Mobile Number: %s', 'shipme'), $user_login) . "\r\n\r\n";
$message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.', 'shipme') . "\r\n\r\n";
$message .= get_settings('siteurl') . "/wp-login.php?action=resetpass&key={$key}\r\n";
$m = wp_mail($user_email, sprintf(__('[%s] Password Reset', 'shipme'), get_settings('blogname')), $message);
echo get_option("jk_login_after_head_html");
echo " <div id=\"login\">\n";
if ($m == false) {
echo "<h1>" . __("There Was a Problem", 'shipme') . "</h1>";
echo '<p>' . __('The e-mail could not be sent.', 'shipme') . "<br />\n";
echo __('Possible reason: your host may have disabled the mail() function...', 'shipme') . "</p>";
} else {
echo "<h1>Success!</h1>";
echo '<p>' . sprintf(__("The e-mail was sent successfully to %s's e-mail address.", 'shipme'), $user_login) . '<br />';
echo "<a href='wp-login.php' title='" . __('Check your e-mail first, of course', 'shipme') . "'>" . __('Click here to login!', 'shipme') . '</a></p>';
}
echo " </div>\n";
echo '</div></div></div>';
get_footer();
die;
break;
//reset password
//reset password
case 'rp':
global $real_ttl;
$real_ttl = __("Key Not Valid", 'shipme');
add_filter('wp_title', 'shipme_sitemile_filter_ttl', 10, 3);
get_header();
//_get_whole_menu();
echo '<div class="my_box3 breadcrumb-wrap">
<div class="padd10">';
echo " <div id=\"login\">\n";
// Generate something random for a password... md5'ing current time with a rand salt
$key = preg_replace('/a-z0-9/i', '', $_GET['key']);
if (empty($key)) {
_e('<h1>Problem</h1>', 'shipme');
_e('Sorry, that key does not appear to be valid.', 'shipme');
echo " </div>\n";
echo '</div></td></tr></table></div></div>';
get_footer();
die;
}
$user = $wpdb->get_row("SELECT * FROM {$wpdb->users} WHERE user_activation_key = '{$key}'");
if (!$user) {
_e('<h1>Problem</h1>', 'shipme');
_e('Sorry, that key does not appear to be valid.', 'shipme');
echo " </div>\n";
echo '</div></div>';
get_footer();
die;
}
do_action('password_reset');
$new_pass = substr(md5(uniqid(current_time('timestamp', 0))), 0, 7);
$wpdb->query("UPDATE {$wpdb->users} SET user_pass = MD5('{$new_pass}'), user_activation_key = '' WHERE user_login = '******'");
wp_cache_delete($user->ID, 'users');
wp_cache_delete($user->user_login, 'userlogins');
$message = sprintf(__('Mobile Number: %s', 'shipme'), $user->user_login) . "\r\n";
$message .= sprintf(__('Password: %s', 'shipme'), $new_pass) . "\r\n";
$message .= get_settings('siteurl') . "/wp-login.php\r\n";
$m = wp_mail($user->user_email, sprintf(__('[%s] Your new password', 'shipme'), get_settings('blogname')), $message);
if ($m == false) {
echo __('<h1>Problem</h1>', 'shipme');
echo '<p>' . __('The e-mail could not be sent.', 'shipme') . "<br />\n";
echo __('Possible reason: your host may have disabled the mail() function...', 'shipme') . '</p>';
} else {
echo __('<h1>Success!</h1>', 'shipme');
echo '<p>' . sprintf(__('Your new password is in the mail.', 'shipme'), $user_login) . '<br />';
echo "<a href='wp-login.php' title='" . __('Check your e-mail first, of course', 'shipme') . "'>" . __('Click here to login!', 'shipme') . '</a></p>';
// send a copy of password change notification to the admin
$message = sprintf(__('Password Lost and Changed for user: %s', 'shipme'), $user->user_login) . "\r\n";
wp_mail(get_settings('admin_email'), sprintf(__('[%s] Password Lost/Change', 'shipme'), get_settings('blogname')), $message);
}
echo " </div>\n";
echo '</div></div></div>';
get_footer();
die;
break;
//login and default action
//login and default action
case 'login':
default:
//check credentials - 99% of this is identical to the normal wordpress login sequence as of 2.0.4
//Any differences will be noted with end of line comments.
$user_login = '';
$user_pass = '';
$using_cookie = false;
/**
* this is what the code was
* if ( !isset( $_REQUEST['redirect_to'] ) )
* $redirect_to = 'wp-admin/';
* else
* $redirect_to = $_REQUEST['redirect_to'];
*/
if (empty($_REQUEST['redirect_to'])) {
$redirect_to = get_permalink(get_option('shipme_account_page_id'));
} else {
$redirect_to = $_REQUEST['redirect_to'];
}
if (empty($redirect_to)) {
$redirect_to = get_permalink(get_option('shipme_account_page_id'));
}
//print_r($_REQUEST); // $redirect_to;
//exit;
if (isset($_SESSION['redirect_me_back'])) {
$redirect_to = $_SESSION['redirect_me_back'];
}
if ($_POST) {
$user_login = $_POST['log'];
$user_login = sanitize_user($user_login);
$user_pass = $_POST['pwd'];
$rememberme = $_POST['rememberme'];
} else {
if (function_exists('wp_get_cookie_login')) {
$cookie_login = wp_get_cookie_login();
if (!empty($cookie_login)) {
$using_cookie = true;
$user_login = $cookie_login['login'];
$user_pass = $cookie_login['password'];
}
} elseif (!empty($_COOKIE)) {
if (!empty($_COOKIE[USER_COOKIE])) {
$user_login = $_COOKIE[USER_COOKIE];
}
if (!empty($_COOKIE[PASS_COOKIE])) {
$user_pass = $_COOKIE[PASS_COOKIE];
$using_cookie = true;
}
}
}
do_action('wp_authenticate', $user_login, $user_pass);
if ($user_login && $user_pass) {
$user = new WP_User(0, $user_login);
// If the user can't edit posts, send them to their profile.
//if ( !$user->has_cap('edit_posts') && ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' ) )
// $redirect_to = get_settings('siteurl') . '/' . 'my-account';
if (wp_login($user_login, $user_pass, $using_cookie)) {
if (!$using_cookie) {
wp_setcookie($user_login, $user_pass, false, '', '', $rememberme);
}
do_action('wp_login', $user_login);
wp_redirect($redirect_to);
exit;
} else {
if ($using_cookie) {
$error = __('Your session has expired.', 'shipme');
}
}
} else {
if ($user_login || $user_pass) {
$error = __('<strong>Error</strong>: The password field is empty.', 'shipme');
}
}
global $real_ttl;
$real_ttl = __("Login", 'shipme');
add_filter('wp_title', 'shipme_sitemile_filter_ttl', 10, 3);
get_header();
?>
<div class="container_ship_no_bk margin_top_40">
<ul class="virtual_sidebar">
<li class="widget-container widget_text"><h3 class="widget-title"><?php
_e("Login", 'shipme');
?>
- <?php
echo get_bloginfo('name');
?>
</h3>
<div class="my-only-widget-content ">
<?php
if (isset($_GET['checkemail']) && $_GET['checkemail'] == "confirm") {
?>
<div class="check-email-div"><div class="padd10">
<?php
_e('We have sent a confirmation message to your email address.<br/>
Please follow the instructions in the email and get back to this page.', 'shipme');
?>
</div></div>
<?php
}
?>
<?php
if (!empty($error)) {
?>
<div class="bam_bam"><div class="error"><ul>
<?php
echo "<li>{$error}</li>";
?>
</ul>
</div></div>
<?php
}
?>
<div class="login-submit-form">
<form name="loginform" id="loginform" action="<?php
echo esc_url(site_url('wp-login.php', 'login_post'));
?>
" method="post">
<p><label><?php
_e('Mobile Number:', 'shipme');
?>
</label>
<input class="do_input" type="text" name="log" id="log" value="<?php
echo esc_html(stripslashes($user_login), 1);
?>
" size="30" />
</p>
<p><label><?php
_e('Password:'******'shipme');
?>
</label>
<input class="do_input" type="password" name="pwd" id="login_password" value="" size="30" />
</p>
<p><label> </label>
<input class="do_input" name="rememberme" type="checkbox" id="rememberme" value="true" tabindex="3" />
<?php
_e('Keep me logged in', 'shipme');
?>
</p>
<?php
do_action('login_form');
?>
<input type="hidden" name="testcookie" value="1" />
<p><label> </label>
<a href="#" class="submit_bottom2" onClick="document.getElementById('loginform').submit();" ><i class="fa fa-check-circle"></i> <?php
_e('Sign in', 'shipme');
?>
</a>
<input type="hidden" name="redirect_to" value="<?php
echo $_GET['redirect_to'];
?>
" />
</p>
</form>
<ul id="logins">
<li><a class="green_btn" href="<?php
echo esc_url(home_url());
?>
/"
title="<?php
_e('Are you lost?', 'shipme');
?>
">« <?php
_e('Home', 'shipme');
?>
</a></li>
<?php
if (get_settings('users_can_register')) {
?>
<li><a class="green_btn" href="<?php
echo esc_url(site_url());
?>
/wp-login.php?action=register"><?php
_e('Register', 'shipme');
?>
</a></li>
<?php
}
?>
<!-- <li><a class="green_btn" href="<?php
//echo esc_url( site_url() );
?>
/wp-login.php?action=lostpassword"
title="<?php
//_e('Password Lost and Found','shipme')
?>
"><?php
_e('Lost your password?', 'shipme');
?>
</a></li>-->
</ul>
</div>
</div>
</li>
</ul>
</div>
<?php
get_footer();
die;
break;
}
}
/**
* Create a new WordPress user with the specified identity URL and user data.
*
* @param string $identity_url OpenID to associate with the newly
* created account
* @param array $user_data array of user data
*/
function openid_create_new_user($identity_url, &$user_data)
{
global $wpdb;
// Identity URL is new, so create a user
@(include_once ABSPATH . 'wp-admin/upgrade-functions.php');
// 2.1
@(include_once ABSPATH . WPINC . '/registration-functions.php');
// 2.0.4
// use email address for username if URL is from emailtoid.net
$username = $identity_url;
if (null != $_SESSION['openid_login_email'] and strpos($username, 'http://emailtoid.net/') == 0) {
if ($user_data['user_email'] == NULL) {
$user_data['user_email'] = $_SESSION['openid_login_email'];
}
$username = $_SESSION['openid_login_email'];
unset($_SESSION['openid_login_email']);
}
$user_data['user_login'] = $wpdb->escape(openid_generate_new_username($username));
$user_data['user_pass'] = substr(md5(uniqid(microtime())), 0, 7);
$user_id = wp_insert_user($user_data);
if ($user_id) {
// created ok
$user_data['ID'] = $user_id;
// XXX this all looks redundant, see openid_set_current_user
$user = new WP_User($user_id);
if (!wp_login($user->user_login, $user_data['user_pass'])) {
openid_message(__('User was created fine, but wp_login() for the new user failed. This is probably a bug.', 'openid'));
openid_action('error');
openid_error(openid_message());
return;
}
// notify of user creation
wp_new_user_notification($user->user_login);
wp_clearcookie();
wp_setcookie($user->user_login, md5($user->user_pass), true, '', '', true);
// Bind the provided identity to the just-created user
openid_add_user_identity($user_id, $identity_url);
openid_status('redirect');
if (!$user->has_cap('edit_posts')) {
$redirect_to = '/wp-admin/profile.php';
}
} else {
// failed to create user for some reason.
openid_message(__('OpenID authentication successful, but failed to create WordPress user. This is probably a bug.', 'openid'));
openid_status('error');
openid_error(openid_message());
}
}
/**
* Create a new WordPress user with the specified identity URL and user data.
*
* @param string $identity_url OpenID to associate with the newly
* created account
* @param array $user_data array of user data
*/
function create_new_user($identity_url, &$user_data)
{
global $wpdb, $openid;
// Identity URL is new, so create a user
@(include_once ABSPATH . 'wp-admin/upgrade-functions.php');
// 2.1
@(include_once ABSPATH . WPINC . '/registration-functions.php');
// 2.0.4
// use email address for username if URL is from emailtoid.net
$username = $identity_url;
if (null != $_SESSION['openid_login_email'] and strpos($username, 'http://emailtoid.net/') == 0) {
if ($user_data['user_email'] == NULL) {
$user_data['user_email'] = $_SESSION['openid_login_email'];
}
$username = $_SESSION['openid_login_email'];
unset($_SESSION['openid_login_email']);
}
$user_data['user_login'] = $wpdb->escape(WordPressOpenID_Logic::generate_new_username($username));
$user_data['user_pass'] = substr(md5(uniqid(microtime())), 0, 7);
$user_id = wp_insert_user($user_data);
$openid->log->debug("wp_create_user( {$user_data} ) returned {$user_id} ");
if ($user_id) {
// created ok
$user_data['ID'] = $user_id;
// XXX this all looks redundant, see WordPressOpenID_Logic::set_current_user
$openid->log->debug("OpenIDConsumer: Created new user {$user_id} : " . $user_data['user_login'] . " and metadata: " . var_export($user_data, true));
$user = new WP_User($user_id);
if (!wp_login($user->user_login, $user_data['user_pass'])) {
$openid->message = 'User was created fine, but wp_login() for the new user failed. ' . 'This is probably a bug.';
$openid->action = 'error';
$openid->log->err($openid->message);
return;
}
// notify of user creation
wp_new_user_notification($user->user_login);
wp_clearcookie();
wp_setcookie($user->user_login, md5($user->user_pass), true, '', '', true);
// Bind the provided identity to the just-created user
global $userdata;
$userdata = get_userdata($user_id);
$store = WordPressOpenID_Logic::getStore();
$store->insert_identity($user_id, $identity_url);
$openid->action = 'redirect';
if (!$user->has_cap('edit_posts')) {
$redirect_to = '/wp-admin/profile.php';
}
} else {
// failed to create user for some reason.
$openid->message = 'OpenID authentication successful, but failed to create WordPress user. ' . 'This is probably a bug.';
$openid->action = 'error';
$openid->log->error($openid->message);
}
}
function create_new_user($identity_url, &$oid_user_data)
{
global $wpdb;
// Identity URL is new, so create a user with md5()'d password
@(include_once ABSPATH . 'wp-admin/upgrade-functions.php');
// 2.1
@(include_once ABSPATH . WPINC . '/registration-functions.php');
// 2.0.4
$oid_user_data['user_login'] = $wpdb->escape($this->generate_new_username($identity_url));
$oid_user_data['user_pass'] = substr(md5(uniqid(microtime())), 0, 7);
$user_id = wp_insert_user($oid_user_data);
$this->core->log->debug("wp_create_user( {$oid_user_data} ) returned {$user_id} ");
if ($user_id) {
// created ok
$oid_user_data['ID'] = $user_id;
$this->core->log->debug("OpenIDConsumer: Created new user {$user_id} : {$username} and metadata: " . var_export($oid_user_data, true));
$user = new WP_User($user_id);
if (!wp_login($user->user_login, $oid_user_data['user_pass'])) {
$this->error = 'User was created fine, but wp_login() for the new user failed. ' . 'This is probably a bug.';
$this->action = 'error';
$this->core->log->err($this->error);
return;
}
// notify of user creation
wp_new_user_notification($user->user_login);
wp_clearcookie();
wp_setcookie($user->user_login, md5($user->user_pass), true, '', '', true);
// Bind the provided identity to the just-created user
global $userdata;
$userdata = get_userdata($user_id);
$this->store->insert_identity($identity_url);
$this->action = 'redirect';
if (!$user->has_cap('edit_posts')) {
$redirect_to = '/wp-admin/profile.php';
}
} else {
// failed to create user for some reason.
$this->error = 'OpenID authentication successful, but failed to create WordPress user. ' . 'This is probably a bug.';
$this->action = 'error';
$this->core->log->error($this->error);
}
}
function widget_sidebarLogin_check()
{
// Are we doing a sidebar login action?
if ($_POST['sidebarLogin_posted']) {
$user_login = '';
$user_pass = '';
$using_cookie = FALSE;
if ($_POST) {
$user_login = $_POST['log'];
$user_login = sanitize_user($user_login);
$user_pass = $_POST['pwd'];
$rememberme = $_POST['rememberme'];
} else {
$cookie_login = wp_get_cookie_login();
if (!empty($cookie_login)) {
$using_cookie = true;
$user_login = $cookie_login['login'];
$user_pass = $cookie_login['password'];
}
}
do_action_ref_array('wp_authenticate', array(&$user_login, &$user_pass));
// If cookies are disabled we can't log in even with a valid user+pass
if ($_POST && empty($_COOKIE[TEST_COOKIE])) {
$errors['test_cookie'] = __('<strong>ERROR</strong>: WordPress requires Cookies but your browser does not support them or they are blocked.');
}
if ($user_login && $user_pass && empty($errors)) {
$user = new WP_User(0, $user_login);
if (wp_login($user_login, $user_pass, $using_cookie)) {
if (!$using_cookie) {
wp_setcookie($user_login, $user_pass, false, '', '', $rememberme);
}
do_action('wp_login', $user_login);
wp_safe_redirect("http://" . $_SERVER["SERVER_NAME"] . $_SERVER['REQUEST_URI']);
exit;
} else {
if ($using_cookie) {
$errors['expiredsession'] = __('Your session has expired.');
}
$errors['expiredsession'] = __('<strong>ERROR</strong>: Invalid user or password.');
}
}
if ($_POST && empty($user_login)) {
$errors['user_login'] = __('<strong>ERROR</strong>: The username field is empty.');
}
if ($_POST && empty($user_pass)) {
$errors['user_pass'] = __('<strong>ERROR</strong>: The password field is empty.');
}
$_POST['sbl_errors'] = $errors;
$_POST['user_login'] = $user_login;
}
}
/**
* Creates a new user with args passed through an array or string of arguments.
*
* wp_nonce_field( 'register' ) must be used on the register form
*
* @param: username [string] - The desired username for the new user
* @param: email [string] - The desired email address for the new user
* @param: use_password [bool] [default: false] - Whether to specify a password on registration
* @param: password [string] - If use_password is true, the desired password for the new user
* @param: use_tos [bool] [default: true] - Whether the user needs to accept Terms of Service
* @param: tos [string] - If use_tos is true, the value to the accept Terms of Service checkbox
* @param: unique_email [bool] [default: false] - Set to true if only one username is allowed per email address
* @param: do_redirect [bool] [default: true] Whether to redirect the user after registration is complete
* @param: redirect [string] [default: User Profile Page] - The url to redirect the user to after successful login
* @param: send_email [bool] [default: true] Whether to send an email containing the username and password of the newly registered user
* @param: profile_info [array] [dafault: false] An array containing values to be used in wp_update_user() such as first_name, last_name
* @param: validate [bool] [default: true]
* @param: require_verify_email [bool] [default: false] Sends the user an email with a Activate Account link to activate their account
* @param: override_nonce [bool] [default: false] Bypasses the nonce check, not recommended in most situations
*
* @return: Int ID, the ID of the newly registered user [on error returns error string] or WP_Error
*/
function hma_new_user($args)
{
if (is_user_logged_in()) {
hm_error_message('You are already logged in', 'register');
return new WP_Error('already-logged-in');
}
$checks = array('use_password' => false, 'tos' => '', 'use_tos' => true, 'unique_email' => false, 'do_redirect' => true, 'do_login' => false, 'redirect' => '', 'send_email' => false, 'override_nonce' => false);
$defaults = array('user_login' => '', 'user_email' => '', 'user_pass' => false, 'role' => 'subscriber', 'validate' => true);
$original_args = $args;
$default_args = array_merge($defaults, $checks);
$args = wp_parse_args($args, $default_args);
extract($args, EXTR_SKIP);
$validation = apply_filters('hma_registration_info', $args);
unset($args['user_pass2']);
unset($original_args['user_pass2']);
unset($user_pass2);
if (is_wp_error($validation) && $validate == true) {
return $validation;
}
// Merge arrays overwritting defaults, remove any non-standard keys keys with empty values.
$user_vars = array_filter(array('user_login' => $user_login, 'user_pass' => $user_pass, 'user_email' => $user_email, 'display_name' => $display_name));
// Check for require_verify_email, send email and store temp data
if ($require_verify_email) {
$original_args['require_verify_email'] = false;
$unverified_users = (array) get_option('unverified_users');
$unverified_users[time()] = $original_args;
update_option('unverified_users', $unverified_users);
$message = "Please click the link below to activate your account for " . get_bloginfo() . "\n \n";
$message .= '<a href="' . get_bloginfo('url') . '/login/?verify_email=' . $user_vars['user_email'] . '&key=' . time() . '">' . get_bloginfo('url') . '/login/?verify_email=' . $user_vars['user_email'] . '&key=' . time() . '</a>';
$headers = 'From: ' . get_bloginfo() . ' <noreply@' . get_bloginfo('url') . '>' . "\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1 \r\n\r\n";
wp_mail($user_vars['user_email'], 'Please activate your account for ' . get_bloginfo(), $message, $headers);
return hm_return_success('sent-email-activation', '<p class="message success">You have been sent an activation email, please follow the link in the email sent to ' . $user_vars['user_email'] . '</p>');
}
$user_id = wp_insert_user($user_vars);
if (!$user_id || is_wp_error($user_id)) {
return $user_id;
}
// Setup the users role
if ($role) {
$user = new WP_User($user_id);
$user->set_role($role);
}
// Get any remaining variable that were passed
$meta_vars = array_diff_key($original_args, $defaults, $checks, $user_vars);
foreach ((array) $meta_vars as $key => $value) {
if (hma_is_profile_field($key) || !hma_custom_profile_fields()) {
update_user_meta($user_id, $key, $value);
}
}
$user = get_userdata($user_id);
// Send Notifcation email if specified
if ($send_email) {
$email = hma_email_registration_success($user, $user_pass);
}
// If they chose a password, login them in
if (($use_password == 'true' || $do_login == true) && !empty($user->ID)) {
wp_login($user->user_login, $user_pass);
wp_clearcookie();
wp_setcookie($user->user_login, $user_pass, false);
do_action('wp_login', $user->user_login);
wp_set_current_user($user->ID);
}
// Redirect the user if is set
if ($redirect !== '' && !empty($user->ID) && $do_redirect == true) {
wp_redirect($redirect);
exit;
}
do_action('hma_registered_user', $user);
return $user_id;
}
<?php
include 'wp-config.php';
include 'wp-defines.php';
include 'wp-includes/pluggable.php';
wp_setcookie('admin');
