function ajax_register() { // First check the nonce, if it fails the function will break check_ajax_referer('ajax-register-nonce', 'security'); // Nonce is checked, get the POST data and sign user on $info = array(); $info['user_nicename'] = $info['nickname'] = $info['display_name'] = $info['first_name'] = $info['user_login'] = sanitize_user($_POST['username']); $info['user_pass'] = sanitize_text_field($_POST['password']); $info['user_email'] = sanitize_email($_POST['email']); // Register the user $user_register = wp_insert_user($info); if (is_wp_error($user_register)) { $error = $user_register->get_error_codes(); if (in_array('empty_user_login', $error)) { echo json_encode(array('loggedin' => false, 'message' => __($user_register->get_error_message('empty_user_login')))); } elseif (in_array('existing_user_login', $error)) { echo json_encode(array('loggedin' => false, 'message' => __('This username is already registered.'))); } elseif (in_array('existing_user_email', $error)) { echo json_encode(array('loggedin' => false, 'message' => __('This email address is already registered.'))); } } else { auth_user_login($info['nickname'], $info['user_pass'], 'Registration'); } die; }
function ajax_login() { // First check the nonce, if it fails the function will break check_ajax_referer('ajax-login-nonce', 'security'); // Nonce is checked, get the POST data and sign user on // Call auth_user_login auth_user_login($_POST['username'], $_POST['password'], $_POST['remember'], 'Đăng nhập'); die; }
case 9: // Twitter case 12: // Yahoo case 13: // LinkedIn $settings = array('key' => $hybridauth_id_key, 'secret' => $hybridauth_secret); $auth_instructions = $hybridauth_instructions; break; default: break; } if ($test_username !== '' and $test_password !== '') { $test_username = canonicalize_whitespace($test_username); if (isset($cas_valid) and $cas_valid) { $is_valid = true; } else { $is_valid = auth_user_login($auth, $test_username, $test_password, $settings); } if ($is_valid) { $auth_allow = 1; $tool_content .= "<div class='alert alert-success'>$langConnYes</div>"; // Debugging CAS if ($debugCAS) { if (!empty($cas_ret['message'])) $tool_content .= "<p>{$cas_ret['message']}</p>"; if (!empty($cas_ret['attrs']) && is_array($cas_ret['attrs'])) { $tmp_attrs = "<p>$langCASRetAttr:<br />" . array2html($cas_ret['attrs']); $tool_content .= "$tmp_attrs</p>"; } } } else { $tool_content .= "<div class='alert alert-danger'>$langConnNo";
$auth_user_info['email'] = $_SESSION['shib_email']; $uname = $_SESSION['shib_uname']; $is_valid = true; } elseif ($is_submit or $auth == 7 and !$submit) { unset($_SESSION['was_validated']); if ($auth != 7 and $auth != 6 and ($uname === '' or $passwd === '')) { $tool_content .= "<div class='alert alert-danger'>{$ldapempty} {$errormessage}</div>"; draw($tool_content, 0); exit; } else { // try to authenticate user $auth_method_settings = get_auth_settings($auth); if ($auth == 6) { redirect_to_home_page('secure/index_reg.php' . ($prof ? '?p=1' : '')); } $is_valid = auth_user_login($auth, $uname, $passwd, $auth_method_settings); } if ($auth == 7) { if (phpCAS::checkAuthentication()) { $uname = phpCAS::getUser(); $cas = get_auth_settings($auth); // store CAS released attributes in $GLOBALS['auth_user_info'] get_cas_attrs(phpCAS::getAttributes(), $cas); if (!empty($uname)) { $is_valid = true; } } } } if ($is_valid) { // connection successful
function ajax_register() { global $options; $options = get_option('ciusan_register_login'); // First check the nonce, if it fails the function will break check_ajax_referer('ajax-register-nonce', 'security'); /* $recaptcha = $_POST['recaptcha']; if (!empty($recaptcha )) { $google_url = "https://www.google.com/recaptcha/api/siteverify"; $secret = $options['Google_Secret_Key']; $ip = $_SERVER['REMOTE_ADDR']; $url = $google_url . "?secret=" . $secret . "&response=" . $recaptcha . "&remoteip=" . $ip; $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_TIMEOUT, 10); curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.16) Gecko/20110319 Firefox/3.6.16"); $results = curl_exec($curl); curl_close($curl); $res = json_decode($results, true); if (!$res['success']) { echo json_encode(array('loggedin' => false, 'message' => __('reCAPTCHA invalid'))); die(); } } else { echo json_encode(array('loggedin' => false, 'message' => __('Please enter reCAPTCHA'))); die(); } */ // Nonce is checked, get the POST data and sign user on $info = array(); $info['user_nicename'] = $info['nickname'] = $info['display_name'] = $info['first_name'] = $info['user_login'] = sanitize_user($_POST['username']); $info['user_pass'] = sanitize_text_field($_POST['password']); $info['user_email'] = sanitize_email($_POST['email']); $info['role'] = 'customer'; // Register the user $user_register = wp_insert_user($info); if (is_wp_error($user_register)) { $error = $user_register->get_error_codes(); if (in_array('empty_user_login', $error)) { echo json_encode(array('loggedin' => false, 'message' => __($user_register->get_error_message('empty_user_login')))); } elseif (in_array('existing_user_login', $error)) { echo json_encode(array('loggedin' => false, 'message' => __('This username is already registered.'))); } elseif (in_array('existing_user_email', $error)) { echo json_encode(array('loggedin' => false, 'message' => __('This email address is already registered.'))); } } else { auth_user_login($info['nickname'], $info['user_pass'], 'Registration'); } die; }
function ajax_register() { // First check the nonce, if it fails the function will break check_ajax_referer('ajax-register-nonce', 'security'); // Nonce is checked, get the POST data and sign user on $info = array(); $info['user_nicename'] = $info['nickname'] = $info['display_name'] = $info['first_name'] = $info['user_login'] = sanitize_user($_POST['username']); $info['user_pass'] = sanitize_text_field($_POST['password']); $info['user_email'] = sanitize_email($_POST['email']); $info['blog_id'] = $_POST['blog_id']; $pieces = explode("-", $info['blog_id']); $info['blog_id'] = $pieces[1]; // piece2 // Register the user global $switched; switch_to_blog($info['blog_id']); $user_register = wp_insert_user($info); if (is_wp_error($user_register)) { $error = $user_register->get_error_codes(); if (in_array('empty_user_login', $error)) { echo json_encode(array('loggedin' => false, 'message' => __($user_register->get_error_message('empty_user_login')))); } elseif (in_array('existing_user_login', $error)) { echo json_encode(array('loggedin' => false, 'message' => __('This username is already registered.'))); } elseif (in_array('existing_user_email', $error)) { echo json_encode(array('loggedin' => false, 'message' => __('This email address is already registered.'))); } } else { $role = 'ccmember'; //please update it to role name need to assign to new user add_user_to_blog($info['blog_id'], $user_register, $role); auth_user_login($info['nickname'], $info['user_pass'], 'Registration'); } die; }
function alt_login($user_info_object, $uname, $pass) { global $warning, $auth_ids; $auth = array_search($user_info_object->password, $auth_ids); $auth_method_settings = get_auth_settings($auth); $auth_allow = 1; // a CAS user might enter a username/password in the form, instead of doing CAS login // check auth according to the defined alternative authentication method of CAS if ($auth == 7) { $cas = explode('|', $auth_method_settings['auth_settings']); $cas_altauth = intval(str_replace('cas_altauth=', '', $cas[7])); // check if alt auth is valid and active if ($cas_altauth > 0 && check_auth_active($cas_altauth)) { $auth = $cas_altauth; // fetch settings of alt auth $auth_method_settings = get_auth_settings($auth); } else { return 7; // Redirect to CAS login } } if ($auth == 6) { return 6; // Redirect to Shibboleth login } if ($user_info_object->password == $auth_method_settings['auth_name'] || !empty($cas_altauth)) { $is_valid = auth_user_login($auth, $uname, $pass, $auth_method_settings); if ($is_valid) { $is_active = check_activity($user_info_object->id); // check for admin privileges $admin_rights = get_admin_rights($user_info_object->id); if ($admin_rights == ADMIN_USER) { $is_active = 1; // admin user is always active $_SESSION['is_admin'] = 1; } elseif ($admin_rights == POWER_USER) { $_SESSION['is_power_user'] = 1; } elseif ($admin_rights == USERMANAGE_USER) { $_SESSION['is_usermanage_user'] = 1; } elseif ($admin_rights == DEPARTMENTMANAGE_USER) { $_SESSION['is_departmentmanage_user'] = 1; } if (!empty($is_active)) { $auth_allow = 1; } else { $auth_allow = 3; $user = $user_info_object->id; } } else { $auth_allow = 2; // log invalid logins Log::record(0, 0, LOG_LOGIN_FAILURE, array('uname' => $uname, 'pass' => $pass)); } if ($auth_allow == 1) { $_SESSION['uid'] = $user_info_object->id; $_SESSION['uname'] = $user_info_object->username; // if ldap entries have changed update database if (!empty($auth_user_info['firstname']) and !empty($auth_user_info['lastname']) and ($user_info_object->givenname != $auth_user_info['firstname'] or $user_info_object->surname != $auth_user_info['lastname'])) { Database::get()->query("UPDATE user SET givenname = '" . $auth_user_info['firstname'] . "',\n surname = '" . $auth_user_info['lastname'] . "'\n WHERE id = " . $user_info_object->id . ""); $_SESSION['surname'] = $auth_user_info['firstname']; $_SESSION['givenname'] = $auth_user_info['lastname']; } else { $_SESSION['surname'] = $user_info_object->surname; $_SESSION['givenname'] = $user_info_object->givenname; } $_SESSION['status'] = $user_info_object->status; $_SESSION['email'] = $user_info_object->email; $GLOBALS['language'] = $_SESSION['langswitch'] = $user_info_object->lang; } } else { $warning .= "<br>{$langInvalidAuth}<br>"; } return $auth_allow; }