function widget($args, $instance)
{
global $wpdb;
extract($args, EXTR_SKIP);
echo $before_widget;
$title = empty($instance['title']) ? ' ' : apply_filters('widget_title', $instance['title']);
if (!empty($title)) {
echo $before_title . $title . $after_title;
// switch if is logged or not
$logged_user = pc_user_logged(array('username', 'name', 'surname'));
if ($logged_user) {
?>
<p><?php
_e('Welcome', 'pc_ml');
?>
<?php
echo empty($logged_user['name']) && empty($logged_user['surname']) ? $logged_user['userame'] : ucfirst($logged_user['name']) . ' ' . ucfirst($logged_user['surname']);
?>
</p>
<form class="pc_logout_widget PrivateContentLogin">
<input type="button" name="pc_widget_logout" class="pc_logout_btn pc_trigger" value="<?php
_e('Logout', 'pc_ml');
?>
" />
<span class="pc_loginform_loader"></span>
</form>
<?php
} else {
echo pc_login_form();
}
}
echo $after_widget;
}
function pcud_get_user_data($field = false)
{
include_once PC_DIR . '/public_api.php';
if ($field === false) {
$field = true;
}
// invert bool to be compatible with v5
return pc_user_logged($field);
}
function pc_user_auth()
{
global $wpdb, $pc_users;
if (isset($_POST['type']) && $_POST['type'] == 'js_ajax_auth') {
include_once PC_DIR . '/classes/pc_form_framework.php';
include_once PC_DIR . '/classes/simple_form_validator.php';
include_once PC_DIR . '/functions.php';
$f_fw = new pc_form();
$validator = new simple_fv();
$indexes = array();
$indexes[] = array('index' => 'pc_auth_username', 'label' => 'username', 'required' => true);
$indexes[] = array('index' => 'pc_auth_psw', 'label' => 'psw', 'required' => true);
$indexes[] = array('index' => 'pc_remember_me', 'label' => 'remember me');
$validator->formHandle($indexes);
$error = $validator->getErrors();
$fdata = $validator->form_val;
// honeypot check
if (!$f_fw->honeypot_validaton()) {
echo json_encode(array('resp' => 'error', 'mess' => "Antispam - we've got a bot here!"));
die;
}
// error message
if ($error) {
die(json_encode(array('resp' => 'error', 'mess' => __('Incorrect username or password', 'pc_ml'))));
} else {
//// try to login
$response = pc_login($fdata['pc_auth_username'], $fdata['pc_auth_psw'], $fdata['pc_remember_me']);
// user not found
if (!$response) {
echo json_encode(array('resp' => 'error', 'mess' => __('Username or password incorrect', 'pc_ml')));
die;
} elseif ($response === 2 || $response === 3) {
echo json_encode(array('resp' => 'error', 'mess' => pc_get_message('pc_default_pu_mex')));
die;
}
// custom error
if ($response !== true) {
echo json_encode(array('resp' => 'error', 'mess' => $response));
die;
} else {
// redirect logged user to pvt page
if (get_option('pg_redirect_back_after_login') && isset($_SESSION['pc_last_restricted']) && filter_var($_SESSION['pc_last_restricted'], FILTER_VALIDATE_URL)) {
$redirect_url = $_SESSION['pc_last_restricted'];
} else {
// check for custom categories redirects
$custom_cat_redirect = pc_user_cats_login_redirect(pc_user_logged('categories'));
$redirect_url = $custom_cat_redirect ? $custom_cat_redirect : pc_man_redirects('pg_logged_user_redirect');
}
echo json_encode(array('resp' => 'success', 'mess' => pc_get_message('pc_login_ok_mex'), 'redirect' => $redirect_url));
die;
}
}
die;
// security block
}
}
function pcud_cond_block_sc($atts, $content = null)
{
extract(shortcode_atts(array('f' => '', 'cond' => '=', 'val' => ''), $atts));
// logged user data
$ud = pc_user_logged(sanitize_title($f));
if (!$ud) {
return '';
} else {
// turn field to array to use a cycle
$arr = is_array($ud) ? $ud : array($ud);
foreach ($arr as $ud_val) {
switch ($cond) {
case '=':
$to_return = $ud_val == $val ? do_shortcode($content) : false;
break;
case '!=':
$to_return = $ud_val != $val ? do_shortcode($content) : false;
break;
case 'big':
$to_return = (double) $ud_val > (double) $val ? do_shortcode($content) : false;
break;
case 'small':
$to_return = (double) $ud_val < (double) $val ? do_shortcode($content) : false;
break;
case 'like':
// value contains string
$to_return = strpos((string) $ud_val, (string) $val) !== false ? do_shortcode($content) : false;
break;
default:
return '';
break;
// if wrong condition - return nothing
}
if ($to_return !== false) {
return $to_return;
break;
}
}
}
}
function pc_pvt_page_management($content)
{
include_once PC_DIR . '/functions.php';
global $wpdb, $post, $pc_users;
$orig_content = $content;
$target_page = (int) get_option('pg_target_page');
$curr_page_id = (int) get_the_ID();
// must be the chosen container page
if (pc_wpml_translated_pag_id($target_page) != pc_wpml_translated_pag_id(get_the_ID())) {
return $content;
}
// preview check
if (is_user_logged_in() && isset($_REQUEST['pc_pvtpag']) && isset($_REQUEST['pc_utok'])) {
if (!wp_verify_nonce($_REQUEST['pc_utok'], 'lcwp_nonce')) {
return 'Cheating?';
}
$GLOBALS['pc_user_id'] = (int) $_REQUEST['pc_pvtpag'];
}
// check logged user
$user_data = pc_user_logged(array('page_id', 'disable_pvt_page', 'wp_user_id'));
if (!$user_data) {
// return page content and eventually attach form
$login_form = pc_login_form();
$pvt_nl_content = get_option('pg_target_page_content');
//only original contents
if ($pvt_nl_content == 'original_content') {
$content = $content;
} elseif ($pvt_nl_content == 'original_plus_form') {
$content = $content . $login_form;
} elseif ($pvt_nl_content == 'form_plus_original') {
$content = $login_form . $content;
} else {
$content = $login_form;
}
return $content;
}
// if not have a reserved area
if (!empty($user_data['disable_pvt_page'])) {
return '<p>' . pc_get_message('pc_default_nhpa_mex') . '</p>';
}
// flag for pvt page usage
$GLOBALS['pc_pvt_page_is_displaying'] = true;
// private page contents
$page_data = get_post($user_data['page_id']);
$content = $page_data->post_content;
// if there's WP [embed] shortcode, execute it
if (strpos($content, '[/embed]') !== -1) {
global $wp_embed;
$content = $wp_embed->run_shortcode($content);
}
// PC-FILTER - private page contents - useful to customize what is returned
$content = apply_filters('pc_pvt_page_contents', $content);
$content = do_shortcode(wpautop($content));
// PC-ACTION - private page is being displayed - triggered in the_content hook
do_action('pc_pvt_page_display');
//// COMMENTS
// disable comments if not synced
if (!$pc_users->wp_user_sync || !get_option('pg_pvtpage_wps_comments') || !$user_data['wp_user_id'] || $page_data->comment_status != 'open') {
add_filter('comments_template', 'pc_comments_template', 500);
} else {
// override query
$GLOBALS['pc_custom_comments_template'] = 'original';
$GLOBALS['pc_pvt_page_id'] = $user_data['page_id'];
$GLOBALS['pc_pvt_page_obj'] = $page_data;
$GLOBALS['pc_pvt_page_container_id'] = $curr_page_id;
// override $post
global $post;
$post = get_post($user_data['page_id']);
// PC-ACTION - give the opportunity to override comments template
$custom_template = do_action('pc_pvt_page_comments_template');
if (!empty($custom_template)) {
$GLOBALS['pc_custom_comments_template'] = $custom_template;
}
add_filter('comments_template', 'pc_comments_template', 500);
}
return $content;
}
function pc_logout()
{
global $pc_users;
if (isset($_SESSION['pc_user_id'])) {
unset($_SESSION['pc_user_id']);
}
if (isset($GLOBALS['pc_user_id'])) {
unset($GLOBALS['pc_user_id']);
}
setcookie('pc_user', '', time() - 3600 * 25, '/');
$wp_user_id = pc_user_logged('wp_user_id');
if ($wp_user_id !== false) {
// wp user sync - unlog if WP logged is the one synced
if ($pc_users->wp_user_sync) {
$current_user = wp_get_current_user();
if ($current_user && $wp_user_id == $current_user->ID) {
wp_destroy_current_session();
setcookie(AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN);
setcookie(SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN);
setcookie(AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN);
setcookie(SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN);
setcookie(LOGGED_IN_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN);
setcookie(LOGGED_IN_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN);
// Old cookies
setcookie(AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN);
setcookie(AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN);
setcookie(SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN);
setcookie(SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN);
// Even older cookies
setcookie(USER_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN);
setcookie(PASS_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN);
setcookie(USER_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN);
setcookie(PASS_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN);
//wp_clear_auth_cookie(); // don't use the function to avoid interferences with do_action( 'clear_auth_cookie' );
}
}
// PC-ACTION - user is logged out - passes user id
do_action('pc_user_logout', $GLOBALS['PC_VER_LOGGED_USER']);
unset($GLOBALS['PC_VER_LOGGED_USER']);
}
return true;
}
function pcud_handle_custom_form()
{
if (isset($_POST['type']) && $_POST['type'] == 'pcud_cf_submit') {
require_once PC_DIR . '/classes/pc_form_framework.php';
require_once PCUD_DIR . '/functions.php';
global $wpdb, $pc_users;
$f_fw = new pc_form();
$form_id = (int) $_POST['pcud_fid'];
// check for logged users
$pc_logged = pc_user_logged(false);
if (!$pc_logged && !current_user_can(get_option('pg_min_role', 'upload_files'))) {
die(json_encode(array('resp' => 'error', 'mess' => __('You must be logged to use this form', 'pcud_ml'))));
}
////////// VALIDATION ////////////////////////////////////
// get form structure
$term = get_term_by('id', $form_id, 'pcud_forms');
if (empty($term)) {
die(json_encode(array('resp' => 'error', 'mess' => __('Form not found', 'pcud_ml'))));
}
if (empty($term->description)) {
// retrocompatibility
$form_fields = (array) get_option('pcud_form_' . $form_id, array());
} else {
$form_fields = unserialize(base64_decode($term->description));
}
$indexes = $f_fw->generate_validator(pcud_v2_field_names_sanitize($form_fields));
$is_valid = $f_fw->validate_form($indexes, $cust_errors = array(), false, false);
$fdata = $f_fw->form_data;
if (!$is_valid) {
$error = $f_fw->errors;
} else {
// check for redirects
if (isset($form_fields['redirect']) && !empty($form_fields['redirect'])) {
$redirect = $form_fields['redirect'] == 'custom' ? $form_fields['cust_redir'] : get_permalink($form_fields['redirect']);
} else {
$redirect = '';
}
// if not PC user - stop here
if (!$pc_logged) {
die(json_encode(array('resp' => 'success', 'mess' => __('Form submitted successfully.<br/> Not logged as PrivateContent user, nothing has been saved', 'pcud_ml'), 'redirect' => $redirect)));
}
// update user
$result = $pc_users->update_user($GLOBALS['pc_user_id'], $fdata);
if (!$result) {
$error = $pc_users->validation_errors;
}
}
// results
if (isset($error) && !empty($error)) {
die(json_encode(array('resp' => 'error', 'mess' => $error)));
} else {
// if is updating password - sync also cookie
if (isset($fdata['psw'])) {
$encrypted = $pc_users->get_user_field($user_id, $field);
setcookie('pc_user', $GLOBALS['pc_user_id'] . '|||' . $encrypted, time() + 3600 * 6, '/');
}
// PCUD-ACTION - user updated its data - passes form data
do_action('pcud_user_updated_data', $fdata);
// success message
$mess = json_encode(array('resp' => 'success', 'mess' => __('Data saved succesfully', 'pc_ml'), 'redirect' => $redirect));
die($mess);
}
die;
// security block
}
}
