function ajax_register()
{
// First check the nonce, if it fails the function will break
check_ajax_referer('ajax-register-nonce', 'security');
// Nonce is checked, get the POST data and sign user on
$info = array();
$info['user_nicename'] = $info['nickname'] = $info['display_name'] = $info['first_name'] = $info['user_login'] = sanitize_user($_POST['username']);
$info['user_pass'] = sanitize_text_field($_POST['password']);
$info['user_email'] = sanitize_email($_POST['email']);
// Register the user
$user_register = wp_insert_user($info);
if (is_wp_error($user_register)) {
$error = $user_register->get_error_codes();
if (in_array('empty_user_login', $error)) {
echo json_encode(array('loggedin' => false, 'message' => __($user_register->get_error_message('empty_user_login'))));
} elseif (in_array('existing_user_login', $error)) {
echo json_encode(array('loggedin' => false, 'message' => __('This username is already registered.')));
} elseif (in_array('existing_user_email', $error)) {
echo json_encode(array('loggedin' => false, 'message' => __('This email address is already registered.')));
}
} else {
auth_user_login($info['nickname'], $info['user_pass'], 'Registration');
}
die;
}
function ajax_login()
{
// First check the nonce, if it fails the function will break
check_ajax_referer('ajax-login-nonce', 'security');
// Nonce is checked, get the POST data and sign user on
// Call auth_user_login
auth_user_login($_POST['username'], $_POST['password'], $_POST['remember'], 'Đăng nhập');
die;
}
case 9: // Twitter
case 12: // Yahoo
case 13: // LinkedIn
$settings = array('key' => $hybridauth_id_key,
'secret' => $hybridauth_secret);
$auth_instructions = $hybridauth_instructions;
break;
default:
break;
}
if ($test_username !== '' and $test_password !== '') {
$test_username = canonicalize_whitespace($test_username);
if (isset($cas_valid) and $cas_valid) {
$is_valid = true;
} else {
$is_valid = auth_user_login($auth, $test_username, $test_password, $settings);
}
if ($is_valid) {
$auth_allow = 1;
$tool_content .= "<div class='alert alert-success'>$langConnYes</div>";
// Debugging CAS
if ($debugCAS) {
if (!empty($cas_ret['message']))
$tool_content .= "<p>{$cas_ret['message']}</p>";
if (!empty($cas_ret['attrs']) && is_array($cas_ret['attrs'])) {
$tmp_attrs = "<p>$langCASRetAttr:<br />" . array2html($cas_ret['attrs']);
$tool_content .= "$tmp_attrs</p>";
}
}
} else {
$tool_content .= "<div class='alert alert-danger'>$langConnNo";
$auth_user_info['email'] = $_SESSION['shib_email'];
$uname = $_SESSION['shib_uname'];
$is_valid = true;
} elseif ($is_submit or $auth == 7 and !$submit) {
unset($_SESSION['was_validated']);
if ($auth != 7 and $auth != 6 and ($uname === '' or $passwd === '')) {
$tool_content .= "<div class='alert alert-danger'>{$ldapempty} {$errormessage}</div>";
draw($tool_content, 0);
exit;
} else {
// try to authenticate user
$auth_method_settings = get_auth_settings($auth);
if ($auth == 6) {
redirect_to_home_page('secure/index_reg.php' . ($prof ? '?p=1' : ''));
}
$is_valid = auth_user_login($auth, $uname, $passwd, $auth_method_settings);
}
if ($auth == 7) {
if (phpCAS::checkAuthentication()) {
$uname = phpCAS::getUser();
$cas = get_auth_settings($auth);
// store CAS released attributes in $GLOBALS['auth_user_info']
get_cas_attrs(phpCAS::getAttributes(), $cas);
if (!empty($uname)) {
$is_valid = true;
}
}
}
}
if ($is_valid) {
// connection successful
function ajax_register()
{
global $options;
$options = get_option('ciusan_register_login');
// First check the nonce, if it fails the function will break
check_ajax_referer('ajax-register-nonce', 'security');
/*
$recaptcha = $_POST['recaptcha'];
if (!empty($recaptcha )) {
$google_url = "https://www.google.com/recaptcha/api/siteverify";
$secret = $options['Google_Secret_Key'];
$ip = $_SERVER['REMOTE_ADDR'];
$url = $google_url . "?secret=" . $secret . "&response=" . $recaptcha . "&remoteip=" . $ip;
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 10);
curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.16) Gecko/20110319 Firefox/3.6.16");
$results = curl_exec($curl);
curl_close($curl);
$res = json_decode($results, true);
if (!$res['success']) {
echo json_encode(array('loggedin' => false, 'message' => __('reCAPTCHA invalid')));
die();
}
} else {
echo json_encode(array('loggedin' => false, 'message' => __('Please enter reCAPTCHA')));
die();
}
*/
// Nonce is checked, get the POST data and sign user on
$info = array();
$info['user_nicename'] = $info['nickname'] = $info['display_name'] = $info['first_name'] = $info['user_login'] = sanitize_user($_POST['username']);
$info['user_pass'] = sanitize_text_field($_POST['password']);
$info['user_email'] = sanitize_email($_POST['email']);
$info['role'] = 'customer';
// Register the user
$user_register = wp_insert_user($info);
if (is_wp_error($user_register)) {
$error = $user_register->get_error_codes();
if (in_array('empty_user_login', $error)) {
echo json_encode(array('loggedin' => false, 'message' => __($user_register->get_error_message('empty_user_login'))));
} elseif (in_array('existing_user_login', $error)) {
echo json_encode(array('loggedin' => false, 'message' => __('This username is already registered.')));
} elseif (in_array('existing_user_email', $error)) {
echo json_encode(array('loggedin' => false, 'message' => __('This email address is already registered.')));
}
} else {
auth_user_login($info['nickname'], $info['user_pass'], 'Registration');
}
die;
}
function ajax_register()
{
// First check the nonce, if it fails the function will break
check_ajax_referer('ajax-register-nonce', 'security');
// Nonce is checked, get the POST data and sign user on
$info = array();
$info['user_nicename'] = $info['nickname'] = $info['display_name'] = $info['first_name'] = $info['user_login'] = sanitize_user($_POST['username']);
$info['user_pass'] = sanitize_text_field($_POST['password']);
$info['user_email'] = sanitize_email($_POST['email']);
$info['blog_id'] = $_POST['blog_id'];
$pieces = explode("-", $info['blog_id']);
$info['blog_id'] = $pieces[1];
// piece2
// Register the user
global $switched;
switch_to_blog($info['blog_id']);
$user_register = wp_insert_user($info);
if (is_wp_error($user_register)) {
$error = $user_register->get_error_codes();
if (in_array('empty_user_login', $error)) {
echo json_encode(array('loggedin' => false, 'message' => __($user_register->get_error_message('empty_user_login'))));
} elseif (in_array('existing_user_login', $error)) {
echo json_encode(array('loggedin' => false, 'message' => __('This username is already registered.')));
} elseif (in_array('existing_user_email', $error)) {
echo json_encode(array('loggedin' => false, 'message' => __('This email address is already registered.')));
}
} else {
$role = 'ccmember';
//please update it to role name need to assign to new user
add_user_to_blog($info['blog_id'], $user_register, $role);
auth_user_login($info['nickname'], $info['user_pass'], 'Registration');
}
die;
}
function alt_login($user_info_object, $uname, $pass)
{
global $warning, $auth_ids;
$auth = array_search($user_info_object->password, $auth_ids);
$auth_method_settings = get_auth_settings($auth);
$auth_allow = 1;
// a CAS user might enter a username/password in the form, instead of doing CAS login
// check auth according to the defined alternative authentication method of CAS
if ($auth == 7) {
$cas = explode('|', $auth_method_settings['auth_settings']);
$cas_altauth = intval(str_replace('cas_altauth=', '', $cas[7]));
// check if alt auth is valid and active
if ($cas_altauth > 0 && check_auth_active($cas_altauth)) {
$auth = $cas_altauth;
// fetch settings of alt auth
$auth_method_settings = get_auth_settings($auth);
} else {
return 7;
// Redirect to CAS login
}
}
if ($auth == 6) {
return 6;
// Redirect to Shibboleth login
}
if ($user_info_object->password == $auth_method_settings['auth_name'] || !empty($cas_altauth)) {
$is_valid = auth_user_login($auth, $uname, $pass, $auth_method_settings);
if ($is_valid) {
$is_active = check_activity($user_info_object->id);
// check for admin privileges
$admin_rights = get_admin_rights($user_info_object->id);
if ($admin_rights == ADMIN_USER) {
$is_active = 1;
// admin user is always active
$_SESSION['is_admin'] = 1;
} elseif ($admin_rights == POWER_USER) {
$_SESSION['is_power_user'] = 1;
} elseif ($admin_rights == USERMANAGE_USER) {
$_SESSION['is_usermanage_user'] = 1;
} elseif ($admin_rights == DEPARTMENTMANAGE_USER) {
$_SESSION['is_departmentmanage_user'] = 1;
}
if (!empty($is_active)) {
$auth_allow = 1;
} else {
$auth_allow = 3;
$user = $user_info_object->id;
}
} else {
$auth_allow = 2;
// log invalid logins
Log::record(0, 0, LOG_LOGIN_FAILURE, array('uname' => $uname, 'pass' => $pass));
}
if ($auth_allow == 1) {
$_SESSION['uid'] = $user_info_object->id;
$_SESSION['uname'] = $user_info_object->username;
// if ldap entries have changed update database
if (!empty($auth_user_info['firstname']) and !empty($auth_user_info['lastname']) and ($user_info_object->givenname != $auth_user_info['firstname'] or $user_info_object->surname != $auth_user_info['lastname'])) {
Database::get()->query("UPDATE user SET givenname = '" . $auth_user_info['firstname'] . "',\n surname = '" . $auth_user_info['lastname'] . "'\n WHERE id = " . $user_info_object->id . "");
$_SESSION['surname'] = $auth_user_info['firstname'];
$_SESSION['givenname'] = $auth_user_info['lastname'];
} else {
$_SESSION['surname'] = $user_info_object->surname;
$_SESSION['givenname'] = $user_info_object->givenname;
}
$_SESSION['status'] = $user_info_object->status;
$_SESSION['email'] = $user_info_object->email;
$GLOBALS['language'] = $_SESSION['langswitch'] = $user_info_object->lang;
}
} else {
$warning .= "<br>{$langInvalidAuth}<br>";
}
return $auth_allow;
}
