function podPress_validateLogin() { global $wp_version, $user_login, $userdata, $user_level, $user_ID, $user_email, $user_url, $user_pass_md5, $user_identity, $current_user, $podPress; if (defined('XMLRPC_REQUEST') && XMLRPC_REQUEST) { return false; } podPress_var_dump('############### podPress_validateLogin ###############'); $http_headers = getallheaders(); podPress_var_dump('$http_headers'); podPress_var_dump($http_headers); if (empty($http_headers['Authorization'])) { if (empty($http_headers['AUTHORIZATION'])) { if (empty($http_headers['REDIRECT_HTTP_AUTHORIZATION'])) { podPress_requestLogin(); return false; } else { $http_headers['Authorization'] = stripslashes(stripslashes($http_headers['REDIRECT_HTTP_AUTHORIZATION'])); } } else { $http_headers['Authorization'] = stripslashes(stripslashes($http_headers['AUTHORIZATION'])); } } switch ($podPress->settings['premiumMethod']) { case 'Digest': $data = podPress_http_digest_parse($http_headers['Authorization']); if (!$data) { die('Wrong Credentials!'); } if (version_compare($wp_version, '3.3', '>=')) { $x = get_user_by('login', $data['username']); } else { $x = get_userdatabylogin($data['username']); } if (version_compare($wp_version, '3.0', '>=')) { $A1 = get_user_meta($x->ID, 'premiumcast_creds', TRUE); } else { $A1 = get_usermeta($x->ID, 'premiumcast_creds'); } podPress_var_dump('$A1'); podPress_var_dump($A1); $A2 = md5($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']); podPress_var_dump('$A2'); podPress_var_dump($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']); podPress_var_dump($A2); $valid_response = md5($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2); podPress_var_dump($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2); podPress_var_dump('$valid_response'); podPress_var_dump($valid_response); podPress_var_dump($data['response']); if ($data['response'] == $valid_response) { $user_login = $data['username']; $authresult = TRUE; } else { $authresult = FALSE; } break; case 'Basic': default: $authparts = podPress_http_basic_parse($http_headers['Authorization']); $user_login = $authparts['username']; if (version_compare($wp_version, '2.5', '<')) { $authresult = wp_login($user_login, $authparts['passwd']); } else { $creds = array(); $creds['user_login'] = $user_login; $creds['user_password'] = $authparts['passwd']; $creds['remember'] = true; $authresult = wp_signon($creds, false); } break; } podPress_var_dump('$authresult'); podPress_var_dump($authresult); if (isset($GLOBALS['wp_object_cache']->cache['userlogins'][$user_login])) { $podPress_x = $GLOBALS['wp_object_cache']->cache['userlogins'][$user_login]; } else { $podPress_x = 0; } if (is_object($podPress_x)) { if (isset($podPress_x->wp_capabilities['premium_subscriber']) and $podPress_x->wp_capabilities['premium_subscriber'] != 1 and isset($podPress_x->wp20_capabilities['premium_subscriber']) and $podPress_x->wp20_capabilities['premium_subscriber'] != 1) { $authresult = false; } } elseif (isset($GLOBALS['wp_object_cache']->cache['user_meta'][$podPress_x]) and is_array($GLOBALS['wp_object_cache']->cache['user_meta'][$podPress_x]) and is_array($GLOBALS['wp_object_cache']->cache['user_meta'][$podPress_x]['wp_capabilities'])) { podPress_var_dump('user_meta is object'); $user_has_cap = FALSE; foreach ($GLOBALS['wp_object_cache']->cache['user_meta'][$podPress_x]['wp_capabilities'] as $capability_str) { if (FALSE != stristr($capability_str, 'premium_subscriber')) { $user_has_cap = TRUE; break; } } if (FALSE === $user_has_cap) { $authresult = false; } } else { if (isset($GLOBALS['wp_object_cache']->cache['users'][$podPress_x]->wp_capabilities['premium_subscriber']) and $GLOBALS['wp_object_cache']->cache['users'][$podPress_x]->wp_capabilities['premium_subscriber'] != 1 and isset($GLOBALS['wp_object_cache']->cache['users'][$podPress_x]->wp20_capabilities['premium_subscriber']) and $GLOBALS['wp_object_cache']->cache['users'][$podPress_x]->wp20_capabilities['premium_subscriber'] != 1) { $authresult = false; } } unset($podPress_x); podPress_var_dump('$authresult'); podPress_var_dump($authresult); podPress_var_dump(isset($authresult->errors)); if (FALSE === $authresult or TRUE === isset($authresult->errors)) { podPress_requestLogin(); die('401 Unauthorized'); //~ return false; //~ $current_user = new WP_User(0); //~ return false; } if (version_compare($wp_version, '3.3', '>=')) { $userdata = get_user_by('login', $user_login); } else { $userdata = get_userdatabylogin($user_login); } $user_level = $userdata->user_level; $user_ID = $userdata->ID; $user_email = $userdata->user_email; $user_url = $userdata->user_url; $user_pass_md5 = md5($userdata->user_pass); $user_identity = $userdata->display_name; define('PODPRESS_PREMIUMLOGIN', $user_login); define('PODPRESS_PREMIUMID', $userdata->ID); if (empty($current_user)) { $current_user = new WP_User($user_ID); } }
function podPress_validateLogin() { global $user_login, $userdata, $user_level, $user_ID, $user_email, $user_url, $user_pass_md5, $user_identity, $current_user; if (defined('XMLRPC_REQUEST') && XMLRPC_REQUEST) { return false; } $http_headers = getallheaders(); if (empty($http_headers['Authorization'])) { if (empty($http_headers['AUTHORIZATION'])) { podPress_requestLogin(); return false; } else { $http_headers['Authorization'] = stripslashes(stripslashes($http_headers['AUTHORIZATION'])); } } switch (PODPRESS_PREMIUM_METHOD) { case 'Digest': $data = podPress_http_digest_parse($http_headers['Authorization']); if (!$data) { die('Wrong Credentials!'); } $x = get_userdatabylogin($data['username']); $A1 = get_usermeta($x->ID, 'premiumcast_creds'); $A2 = md5($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']); $valid_response = md5($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2); if ($data['response'] == $valid_response) { $user_login = $data['username']; $authresult = wp_login($user_login, md5($x->user_pass), true); } break; case 'Basic': default: $authparts = podPress_http_basic_parse($http_headers['Authorization']); $user_login = $authparts['username']; $authresult = wp_login($user_login, $authparts['passwd']); break; } $podPress_x = $GLOBALS['wp_object_cache']->cache['userlogins'][$user_login]; if (is_object($GLOBALS['wp_object_cache']->cache['userlogins'][$user_login])) { if ($podPress_x->wp_capabilities['premium_subscriber'] != 1 && $podPress_x->wp20_capabilities['premium_subscriber'] != 1) { $authresult = false; } } else { if ($GLOBALS['wp_object_cache']->cache['users'][$podPress_x]->wp_capabilities['premium_subscriber'] != 1 && $GLOBALS['wp_object_cache']->cache['users'][$podPress_x]->wp20_capabilities['premium_subscriber'] != 1) { $authresult = false; } } unset($podPress_x); if (!$authresult) { podPress_requestLogin(); return false; $current_user = new WP_User(0); return false; } $userdata = get_userdatabylogin($user_login); $user_level = $userdata->user_level; $user_ID = $userdata->ID; $user_email = $userdata->user_email; $user_url = $userdata->user_url; $user_pass_md5 = md5($userdata->user_pass); $user_identity = $userdata->display_name; define('PODPRESS_PREMIUMLOGIN', $user_login); define('PODPRESS_PREMIUMID', $userdata->ID); if (empty($current_user)) { $current_user = new WP_User($user_ID); } }