/** * Our wp_authenticate pluggable check the captcha. * * It also removed the strange default behaviour or not showing * an error message when only the username is provided */ function wp_authenticate($username, $password) { global $palo_options, $palo_textdomain; $username = sanitize_user($username); $password = trim($password); $captcha_challenge; $captcha_answer; $user = apply_filters('authenticate', null, $username, $password); /** * Do nothing if no post data have been provided */ if (empty($_POST)) { return $user; } /** * Force errors on missing username or password */ if ($username == null || $password == null) { $user = new WP_Error('authentication_failed', __('<strong>ERROR</strong>: Invalid username or incorrect password.', $palo_textdomain)); } if (!palo_captcha_test()) { if (!empty($user) && is_wp_error($user)) { $user->add('palo_captcha', '<strong>' . __('ERROR', $palo_textdomain) . '</strong>: ' . __($palo_options['palo_captcha_error_msg'], $palo_textdomain)); } else { $user = new WP_Error('palo_captcha', '<strong>' . __('ERROR', $palo_textdomain) . '</strong>: ' . __($palo_options['palo_captcha_error_msg'], $palo_textdomain)); } } if (!empty($user) && is_wp_error($user)) { do_action('wp_login_failed', $username); } return $user; }
function rcl_get_login_user() { global $wp_errors; $pass = sanitize_text_field($_POST['user_pass']); $login = sanitize_user($_POST['user_login']); $member = isset($_POST['rememberme']) ? intval($_POST['rememberme']) : 0; $url = esc_url($_POST['redirect_to']); $wp_errors = new WP_Error(); if (!$pass || !$login) { $wp_errors->add('rcl_login_empty', __('Fill in the required fields!', 'wp-recall')); return $wp_errors; } if ($user = get_user_by('login', $login)) { $user_data = get_userdata($user->ID); $roles = $user_data->roles; $role = array_shift($roles); if ($role == 'need-confirm') { $wp_errors->add('rcl_login_confirm', __('Your email is not confirmed!', 'wp-recall')); return $wp_errors; } } $creds = array(); $creds['user_login'] = $login; $creds['user_password'] = $pass; $creds['remember'] = $member; $user = wp_signon($creds, false); if (is_wp_error($user)) { $wp_errors = $user; return $wp_errors; } else { rcl_update_timeaction_user(); wp_redirect(rcl_get_authorize_url($user->ID)); exit; } }
function non_strict_login($username, $raw_username, $strict) { if (!$strict) { return $username; } return sanitize_user(stripslashes($raw_username), false); }
function ajax_register() { // First check the nonce, if it fails the function will break check_ajax_referer('ajax-register-nonce', 'security'); // Nonce is checked, get the POST data and sign user on $info = array(); $info['user_nicename'] = $info['nickname'] = $info['display_name'] = $info['first_name'] = $info['user_login'] = sanitize_user($_POST['username']); $info['user_pass'] = sanitize_text_field($_POST['password']); $info['user_email'] = sanitize_email($_POST['email']); // Register the user $user_register = wp_insert_user($info); if (is_wp_error($user_register)) { $error = $user_register->get_error_codes(); if (in_array('empty_user_login', $error)) { echo json_encode(array('loggedin' => false, 'message' => __('Xin lỗi, thông tin đăng nhập không hợp lệ.'))); } else { if (in_array('existing_user_login', $error)) { echo json_encode(array('loggedin' => false, 'message' => __('Xin lỗi, tên đăng nhập này đã tồn tại.'))); } else { if (in_array('existing_user_email', $error)) { echo json_encode(array('loggedin' => false, 'message' => __('Xin lỗi, thư điện tử này đã tồn tại.'))); } } } // else echo json_encode(array('loggedin'=>false, 'message'=>__($user_register->get_error_messages($error)))); } else { wp_insert_user($info); echo json_encode(array('loggedin' => true, 'message' => __('Đăng ký thành công.'))); } die; }
function get_userdatabylogin($user_login) { global $wpdb; $user_login = sanitize_user($user_login); if (empty($user_login)) { return false; } $userdata = wp_cache_get($user_login, 'userlogins'); if ($userdata) { return $userdata; } if (!($user = $wpdb->get_row("SELECT * FROM {$wpdb->users} WHERE user_login = '******'"))) { return false; } $wpdb->hide_errors(); $metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM {$wpdb->usermeta} WHERE user_id = '{$user->ID}'"); $wpdb->show_errors(); if ($metavalues) { foreach ($metavalues as $meta) { @($value = unserialize($meta->meta_value)); if ($value === FALSE) { $value = $meta->meta_value; } $user->{$meta->meta_key} = $value; // We need to set user_level from meta, not row if ($wpdb->prefix . 'user_level' == $meta->meta_key) { $user->user_level = $meta->meta_value; } } } wp_cache_add($user->ID, $user, 'users'); wp_cache_add($user->user_login, $user, 'userlogins'); return $user; }
function wp_login($username, $password, $already_md5 = false) { global $wpdb, $error; $username = sanitize_user($username); if ('' == $username) { return false; } if ('' == $password) { $error = __('<strong>ERROR</strong>: The password field is empty.'); return false; } $login = get_userdatabylogin($username); //$login = $wpdb->get_row("SELECT ID, user_login, user_pass FROM $wpdb->users WHERE user_login = '******'"); if (!$login) { $error = __('<strong>ERROR</strong>: Invalid username.'); return false; } else { // If the password is already_md5, it has been double hashed. // Otherwise, it is plain text. if ($already_md5 && md5($login->user_pass) == $password || $login->user_login == $username && $login->user_pass == md5($password)) { return true; } else { $error = __('<strong>ERROR</strong>: Incorrect password.'); $pwd = ''; return false; } } }
/** * Logs in the user * * Logs in the the user using wp_signon (since 2.5.2). If login * is successful, it redirects and exits; otherwise "loginfailed" * is returned. * * @since 0.1 * * @uses apply_filters Calls 'wpmem_login_redirect' hook to get $redirect_to * * @uses wp_signon * @uses wp_redirect Redirects to $redirect_to if login is successful * @return string Returns "loginfailed" if the login fails */ function wpmem_login() { if (isset($_POST['redirect_to'])) { $redirect_to = $_POST['redirect_to']; } else { $redirect_to = $_SERVER['PHP_SELF']; } $redirect_to = apply_filters('wpmem_login_redirect', $redirect_to); if (isset($_POST['rememberme']) == 'forever') { $rememberme = true; } else { $rememberme = false; } if ($_POST['log'] && $_POST['pwd']) { $user_login = sanitize_user($_POST['log']); $user_login = wpmem_login_check_for_email($user_login); $creds = array(); $creds['user_login'] = $user_login; $creds['user_password'] = $_POST['pwd']; $creds['remember'] = $rememberme; $user = wp_signon($creds, false); if (!is_wp_error($user)) { if (!$using_cookie) { wp_setcookie($user_login, $user_pass, false, '', '', $rememberme); } wp_redirect($redirect_to); exit; } else { return "loginfailed"; } } else { //login failed return "loginfailed"; } }
/** * Checks post data and registers user * @return string */ function register() { if (!empty($_REQUEST['register_ajax_widget'])) { $return = array(); if ('POST' == $_SERVER['REQUEST_METHOD'] && !empty($_REQUEST['user_login']) && !empty($_REQUEST['user_email'])) { //require_once( ABSPATH . WPINC . '/registration.php'); // todo - recaptcha $errors = register_new_user($_POST['user_login'], $_POST['user_email']); if (!is_wp_error($errors)) { //Success // do they have an envato id? if (isset($_REQUEST['envato_purchase_code']) && !empty($_REQUEST['envato_purchase_code'])) { // add this based on tc plugin. } $user_data = get_userdata($errors); $return['result'] = true; $return['message'] = __(sprintf('Thank you %s. Registration is complete. Please check your e-mail.', $user_data->user_login)); } else { //Something's wrong $return['result'] = false; $return['error'] = $errors->get_error_message() . "<br>Username: "******"/^jQuery[_a-zA-Z0-9]+\$/", $_REQUEST['callback'])) { $return = $_GET['callback'] . "({$return})"; } echo $return; exit; } }
private function get_tweets_from_api($username, $args) { if (!class_exists('TwitterOAuth')) { //you need to reference the TwitterOAuth class for this to work $this->error = 'The TwitterOAuth class cannot be found. Please include twitteroauth.php!'; return false; } $twitter_oauth = new TwitterOAuth($this->consumer_key, $this->consumer_secret, $this->access_key, $this->access_secret); //setup params $params = array(); $params['screen_name'] = strip_tags(sanitize_user($username)); if (array_key_exists('limit', $args)) { $params['count'] = intval($args['limit']); } if (array_key_exists('include_rts', $args)) { $params['include_rts'] = $args['include_rts']; } if (array_key_exists('exclude_replies', $args)) { $params['exclude_replies'] = $args['exclude_replies']; } $response = $twitter_oauth->get('statuses/user_timeline', $params); if (is_wp_error($response)) { $this->error = $response->get_error_message(); return false; } else { if (isset($response->errors)) { $this->error = $response->errors; return false; } else { return $response; } } }
/** * Replace WordPress built-in authentication function * * Replaces WP authentication function to allow for logging * login errors and removing messages if needed * * @param string $username user name * @param string $password user submitted password * * @return object WordPress user object * */ function wp_authenticate($username, $password) { global $bwps, $bwpsoptions; //if away mode is currently restricting login return to homepage if ($bwps->checkaway()) { wp_redirect(get_option('siteurl')); } $username = sanitize_user($username); $password = trim($password); $user = apply_filters('authenticate', null, $username, $password); //if they're locked out due to too many bad logins display an error if ($bwpsoptions['ll_enabled'] == 1 && $bwps->checklock($username)) { do_action('wp_login_failed', $username); return new WP_Error('incorrect_password', __('<strong>ERROR</strong>: We are sorry , your ability to login has been suspended due to too many recent failed login attempts. Please try again later.', $bwps->hook)); } //if there is no valud user object if ($user == null) { if ($bwpsoptions['ll_enabled'] == 1) { $bwps->logevent('1'); } $user = new WP_Error('authentication_failed', __('<strong>ERROR</strong>: Invalid username or incorrect password.')); } $ignore_codes = array('empty_username', 'empty_password'); //log if bad logins if (isset($_POST['wp-submit']) && $bwpsoptions['ll_enabled'] == 1 && is_wp_error($user)) { $bwps->logevent('1', $username); } elseif (is_wp_error($user) && !in_array($user->get_error_code(), $ignore_codes)) { if ($bwpsoptions['ll_enabled'] == 1) { $bwps->logevent('1', $username); } do_action('wp_login_failed', $username); } return $user; //returns user object or error message }
public static function get_username_or_die($user_id) { $user_data = Resource_Booking_Ajax_Common::get_user_data_or_die($user_id); $username = $user_data->display_name != "" ? $user_data->display_name . " (" . $user_data->user_email . ")" : $user_data->user_email; $username = sanitize_user($username, true); return $username; }
function wppb_userdata_add_username($userdata, $global_request) { if (isset($global_request['username'])) { $userdata['user_login'] = sanitize_user(trim($global_request['username'])); } return $userdata; }
/** * WPSC add new user function, validates and adds a new user, for the * * @since 3.7 * * @param string $user_login The user's username. * @param string $password The user's password. * @param string $user_email The user's email (optional). * @return int The new user's ID. */ function wpsc_add_new_user($user_login, $user_pass, $user_email) { $errors = new WP_Error(); $user_login = sanitize_user($user_login); $user_email = apply_filters('user_registration_email', $user_email); // Check the username if ($user_login == '') { $errors->add('empty_username', __('<strong>ERROR</strong>: Please enter a username.', 'wpsc')); } elseif (!validate_username($user_login)) { $errors->add('invalid_username', __('<strong>ERROR</strong>: This username is invalid. Please enter a valid username.', 'wpsc')); $user_login = ''; } elseif (username_exists($user_login)) { $errors->add('username_exists', __('<strong>ERROR</strong>: This username is already registered, please choose another one.', 'wpsc')); } // Check the e-mail address if ($user_email == '') { $errors->add('empty_email', __('<strong>ERROR</strong>: Please type your e-mail address.', 'wpsc')); } elseif (!is_email($user_email)) { $errors->add('invalid_email', __('<strong>ERROR</strong>: The email address isn’t correct.', 'wpsc')); $user_email = ''; } elseif (email_exists($user_email)) { $errors->add('email_exists', __('<strong>ERROR</strong>: This email is already registered, please choose another one.', 'wpsc')); } if ($errors->get_error_code()) { return $errors; } $user_id = wp_create_user($user_login, $user_pass, $user_email); if (!$user_id) { $errors->add('registerfail', sprintf(__('<strong>ERROR</strong>: Couldn’t register you... please contact the <a href="mailto:%s">webmaster</a> !', 'wpsc'), get_option('admin_email'))); return $errors; } $user = wp_signon(array('user_login' => $user_login, 'user_password' => $user_pass, 'remember' => true)); wp_set_current_user($user->ID); return $user; }
/** * AJAX Register. * * @since 1.0.0 */ public function ajax_register() { // First check the nonce, if it fails the function will break check_ajax_referer('vr-ajax-register-nonce', 'vr-secure-register'); // Nonce is checked, Get to work $info = array(); $info['user_nicename'] = $info['nickname'] = $info['display_name'] = $info['first_name'] = $info['user_login'] = sanitize_user($_POST['register_username']); $info['user_pass'] = sanitize_text_field($_POST['register_pwd']); $info['user_email'] = sanitize_email($_POST['register_email']); // Register the user $user_register = wp_insert_user($info); if (is_wp_error($user_register)) { $error = $user_register->get_error_codes(); if (in_array('empty_user_login', $error)) { echo json_encode(array('success' => false, 'message' => __($user_register->get_error_message('empty_user_login')))); } elseif (in_array('existing_user_login', $error)) { echo json_encode(array('success' => false, 'message' => __('This username already exists.', 'VRC'))); } elseif (in_array('existing_user_email', $error)) { echo json_encode(array('success' => false, 'message' => __('This email is already registered.', 'VRC'))); } } else { /** * Object: VR_Member class. * * @since 1.0.0 */ $vr_member_object = new VR_Member(); $vr_member_object->ajax_user_authenticate($info['user_login'], $info['user_pass'], __('Registration', 'VRC')); } die; }
function confirm_email($user, $key) { require_once WPPR_PLUGIN_DIR . '/models/signup-model.php'; $model = new Signup_Model(); if (isset($_GET['key']) && !empty($_GET['key']) && isset($_GET['user']) && !empty($_GET['user'])) { //Sanitize keys $model->key = sanitize_key($_GET['key']); $model->user = sanitize_user($_GET['user']); $result = $model->validate_key(); if ($result !== false && !username_exists($model->user)) { $userdata = array($model->user, $model->user, $result['signup_password'], $result['signup_email'], $result['signup_date'], $model->user); //Transfer record from wp_signup table to wp_users $confirmed = $model->register_user($userdata); if ($confirmed) { // Notify admin of new registration //wp_new_user_notification( $result ); echo $this->redirect_on_success(); } else { echo $this->redirect_on_error(); } } else { echo $this->redirect_on_error(); } } }
function ap_find_mentioned_users($content) { global $wpdb; // Find all mentions in content. preg_match_all('/(?:[\\s.]|^)@(\\w+)/', $content, $matches); if (is_array($matches) && count($matches) > 0 && !empty($matches[0])) { $user_logins = array(); // Remove duplicates. $unique_logins = array_unique($matches[0]); foreach ($unique_logins as $user_login) { $user_logins[] = sanitize_title_for_query(sanitize_user(wp_unslash($user_login), true)); } if (count($user_logins) == 0) { return false; } $user_logins_s = "'" . implode("','", $user_logins) . "'"; $key = md5($user_logins_s); $cache = wp_cache_get($key, 'ap_user_ids'); if (false !== $cache) { return $cache; } $query = $wpdb->prepare("SELECT id, user_login FROM {$wpdb->users} WHERE user_login IN ({$user_logins_s})"); $result = $wpdb->get_results($query); wp_cache_set($key, $result, 'ap_user_ids'); return $result; } return false; }
function ajax_register() { // First check the nonce, if it fails the function will break check_ajax_referer('ajax-register-nonce', 'security'); // Nonce is checked, get the POST data and sign user on $info = array(); $info['user_nicename'] = $info['nickname'] = $info['display_name'] = $info['first_name'] = $info['user_login'] = sanitize_user($_POST['username']); $info['user_pass'] = sanitize_text_field($_POST['password']); $info['user_email'] = sanitize_email($_POST['email']); // Register the user $user_register = wp_insert_user($info); if (is_wp_error($user_register)) { $error = $user_register->get_error_codes(); if (in_array('empty_user_login', $error)) { echo json_encode(array('loggedin' => false, 'message' => __($user_register->get_error_message('empty_user_login')))); } elseif (in_array('existing_user_login', $error)) { echo json_encode(array('loggedin' => false, 'message' => __('This username is already registered.'))); } elseif (in_array('existing_user_email', $error)) { echo json_encode(array('loggedin' => false, 'message' => __('This email address is already registered.'))); } } else { auth_user_login($info['nickname'], $info['user_pass'], 'Registration'); } die; }
public function registration($userdata) { $reg_errors = new WP_Error(); if (!isset($userdata) && empty($userdata) && !is_array($userdata)) { $reg_errors->add('data_invalid', 'Chybí vstupní data'); return $reg_errors; } $userLogin = array_key_exists('user_login', $userdata) ? sanitize_user($userdata['user_login']) : ''; $userPass = array_key_exists('user_pass', $userdata) ? esc_attr($userdata['user_pass']) : ''; $userEmail = array_key_exists('user_email', $userdata) ? sanitize_email($userdata['user_email']) : ''; $userUrl = array_key_exists('user_url', $userdata) ? esc_url($userdata['user_url']) : ''; $firstName = array_key_exists('first_name', $userdata) ? sanitize_text_field($userdata['first_name']) : ''; $lastName = array_key_exists('last_name', $userdata) ? sanitize_text_field($userdata['last_name']) : ''; $nickname = array_key_exists('nickname', $userdata) ? sanitize_text_field($userdata['nickname']) : ''; $description = array_key_exists('description', $userdata) ? sanitize_text_field($userdata['description']) : ''; if (empty($userLogin) || empty($userPass) || empty($userEmail)) { $reg_errors->add('field', 'Nejsou vyplnněny povinné pole formuláře.'); } if (4 > strlen($userLogin)) { $reg_errors->add('username_length', 'Příliš krátké uživatelské jméno. Zadejte minimálně 5 znaků.'); } if (username_exists($userLogin)) { $reg_errors->add('user_name', 'Je nám líto ale uživatelské jméno již existuje.'); } if (!validate_username($userLogin)) { $reg_errors->add('username_invalid', 'Neplatné uživatelské jméno.'); } if (5 > strlen($userPass)) { $reg_errors->add('password', 'Heslo musí obsahovat minimálně 6 znaků.'); } if (!is_email($userEmail)) { $reg_errors->add('email_invalid', 'Zadaný e-mail je ve špatném formátu.'); } if (email_exists($userEmail)) { $reg_errors->add('email', 'Zadaný e-mail již existuje.'); } if (!empty($userUrl)) { if (!filter_var($userUrl, FILTER_VALIDATE_URL)) { $reg_errors->add('website', 'Url adresa Vašich stránek není validní.'); } } if (is_wp_error($reg_errors) && count($reg_errors->errors) > 0) { return $reg_errors; } $_userdata = array('user_login' => $userLogin, 'user_email' => $userEmail, 'user_pass' => $userPass, 'user_url' => $userUrl, 'first_name' => $firstName, 'last_name' => $lastName, 'nickname' => $nickname, 'description' => $description, 'role' => 'customer'); $user_id = wp_insert_user($_userdata); if (is_wp_error($user_id)) { $reg_errors->add('insert_user', 'Registraci nelze dokončit. Kontaktujte prosím správce webu.'); return $reg_errors; } // Woocomerce data if (array_key_exists('billing_first_name', $userdata)) { add_user_meta($user_id, $meta_key, $meta_value, $unique); } $description = array_key_exists('description', $userdata) ? sanitize_text_field($userdata['description']) : ''; return $user_id; }
/** * Log an activity item. * @access public * @since 1.0.0 * @param array $args (default: array()) * @return bool | int */ public static function sensei_log_activity($args = array()) { global $wpdb; // Args, minimum data required for WP $data = array('comment_post_ID' => intval($args['post_id']), 'comment_author' => '', 'comment_author_email' => '', 'comment_author_url' => '', 'comment_content' => !empty($args['data']) ? esc_html($args['data']) : '', 'comment_type' => esc_attr($args['type']), 'user_id' => intval($args['user_id']), 'comment_approved' => !empty($args['status']) ? esc_html($args['status']) : 'log'); // Allow extra data if (!empty($args['username'])) { $data['comment_author'] = sanitize_user($args['username']); } if (!empty($args['user_email'])) { $data['comment_author_email'] = sanitize_email($args['user_email']); } if (!empty($args['user_url'])) { $data['comment_author_url'] = esc_url($args['user_url']); } if (!empty($args['parent'])) { $data['comment_parent'] = $args['parent']; } // Sanity check if (empty($args['user_id'])) { _deprecated_argument(__FUNCTION__, '1.0', __('At no point should user_id be equal to 0.', 'woothemes-sensei')); return false; } do_action('sensei_log_activity_before', $args, $data); $flush_cache = false; // Custom Logic // Check if comment exists first $comment_id = $wpdb->get_var($wpdb->prepare("SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = %d AND user_id = %d AND comment_type = %s ", $args['post_id'], $args['user_id'], $args['type'])); if (!$comment_id) { // Add the comment $comment_id = wp_insert_comment($data); $flush_cache = true; } elseif (isset($args['action']) && 'update' == $args['action']) { // Update the comment if an update was requested $data['comment_ID'] = $comment_id; // By default update the timestamp of the comment if (empty($args['keep_time'])) { $data['comment_date'] = current_time('mysql'); } wp_update_comment($data); $flush_cache = true; } // End If Statement // Manually Flush the Cache if ($flush_cache) { wp_cache_flush(); } do_action('sensei_log_activity_after', $args, $data, $comment_id); if (0 < $comment_id) { // Return the ID so that it can be used for meta data storage return $comment_id; } else { return false; } // End If Statement }
function username_exists($username) { global $wpdb; $username = sanitize_user($username); $user = get_userdatabylogin($username); if ($user) { return $user->ID; } return null; }
function wp_signon($credentials = '') { if (empty($credentials)) { if (!empty($_POST['log'])) { $credentials['user_login'] = $_POST['log']; } if (!empty($_POST['pwd'])) { $credentials['user_password'] = $_POST['pwd']; } if (!empty($_POST['rememberme'])) { $credentials['remember'] = $_POST['rememberme']; } } if (!empty($credentials['user_login'])) { $credentials['user_login'] = sanitize_user($credentials['user_login']); } if (!empty($credentials['user_password'])) { $credentials['user_password'] = trim($credentials['user_password']); } if (!empty($credentials['remember'])) { $credentials['remember'] = true; } else { $credentials['remember'] = false; } do_action_ref_array('wp_authenticate', array(&$credentials['user_login'], &$credentials['user_password'])); // If no credential info provided, check cookie. if (empty($credentials['user_login']) && empty($credentials['user_password'])) { $user = wp_validate_auth_cookie(); if ($user) { return new WP_User($user); } if (!empty($_COOKIE[AUTH_COOKIE])) { return new WP_Error('expired_session', __('Please log in again.')); } // If the cookie is not set, be silent. return new WP_Error(); } if (empty($credentials['user_login']) || empty($credentials['user_password'])) { $error = new WP_Error(); if (empty($credentials['user_login'])) { $error->add('empty_username', __('<strong>ERROR</strong>: The username field is empty.')); } if (empty($credentials['user_password'])) { $error->add('empty_password', __('<strong>ERROR</strong>: The password field is empty.')); } return $error; } $user = wp_authenticate($credentials['user_login'], $credentials['user_password']); if (is_wp_error($user)) { return $user; } wp_set_auth_cookie($user->ID, $credentials['remember']); do_action('wp_login', $credentials['user_login']); return $user; }
function reales_user_signup_form() { $signup_user = isset($_POST['signup_user']) ? sanitize_text_field($_POST['signup_user']) : ''; $signup_firstname = isset($_POST['signup_firstname']) ? sanitize_text_field($_POST['signup_firstname']) : ''; $signup_lastname = isset($_POST['signup_lastname']) ? sanitize_text_field($_POST['signup_lastname']) : ''; $signup_email = isset($_POST['signup_email']) ? sanitize_email($_POST['signup_email']) : ''; $signup_pass_1 = isset($_POST['signup_pass_1']) ? $_POST['signup_pass_1'] : ''; $signup_pass_2 = isset($_POST['signup_pass_2']) ? $_POST['signup_pass_2'] : ''; $register_as_agent = isset($_POST['register_as_agent']) ? sanitize_text_field($_POST['register_as_agent']) : ''; if (empty($signup_user) || empty($signup_firstname) || empty($signup_lastname) || empty($signup_email) || empty($signup_pass_1) || empty($signup_pass_2)) { echo json_encode(array('signedup' => false, 'message' => __('Required form fields are empty!', 'reales'))); exit; } if (4 > strlen($signup_user)) { echo json_encode(array('signedup' => false, 'message' => __('Username too short. Please enter at least 4 characters!', 'reales'))); exit; } if (username_exists($signup_user)) { echo json_encode(array('signedup' => false, 'message' => __('Username already exists!', 'reales'))); exit; } if (!validate_username($signup_user)) { echo json_encode(array('signedup' => false, 'message' => __('Invalid Username!', 'reales'))); exit; } if (!is_email($signup_email)) { echo json_encode(array('signedup' => false, 'message' => __('Invalid Email!', 'reales'))); exit; } if (email_exists($signup_email)) { echo json_encode(array('signedup' => false, 'message' => __('Email already exists!', 'reales'))); exit; } if (6 > strlen($signup_pass_1)) { echo json_encode(array('signedup' => false, 'message' => __('Password too short. Please enter at least 6 characters!', 'reales'))); exit; } if ($signup_pass_1 != $signup_pass_2) { echo json_encode(array('reset' => false, 'message' => __('The passwords do not match!', 'reales'))); exit; } $user_data = array('user_login' => sanitize_user($signup_user), 'user_email' => sanitize_email($signup_email), 'user_pass' => esc_attr($signup_pass_1), 'first_name' => sanitize_text_field($signup_firstname), 'last_name' => sanitize_text_field($signup_lastname)); $new_user = wp_insert_user($user_data); if (is_wp_error($new_user)) { echo json_encode(array('signedup' => false, 'message' => __('Something went wrong!', 'reales'))); exit; } else { echo json_encode(array('signedup' => true, 'message' => __('Congratulations! You have successfully signed up.', 'reales'))); reales_signup_notifications($new_user, $signup_pass_1); if ($register_as_agent != '' && $register_as_agent == 'true') { reales_register_agent($new_user); } } die; }
public static function createUserFromPatreon($user_response, $tokens) { global $wpdb; $email = $user_response['data']['attributes']['email']; $name = strtolower(str_replace(' ', '', $user_response['data']['attributes']['first_name'] . '_' . $user_response['data']['attributes']['last_name'])); if (validate_username($name) && username_exists($name) == false) { $username = sanitize_user($name, true); } else { $username = explode('@', $user_response['data']['attributes']['email']); $username = strtolower(sanitize_user($username[0])); } if (username_exists($username)) { $suffix = $wpdb->get_var($wpdb->prepare("SELECT 1 + SUBSTR(user_login, %d) FROM {$wpdb->users} WHERE user_login REGEXP %s ORDER BY 1 DESC LIMIT 1", strlen($username) + 2, '^' . $username . '(\\.[0-9]+)?$')); if (!empty($suffix)) { $username .= ".{$suffix}"; } } $user = get_user_by('email', $email); if ($user == false) { /* create wordpress user if no account exists with provided email address */ $random_password = wp_generate_password(12, false); $user_id = wp_create_user($username, $random_password, $email); if ($user_id) { $user = get_user_by('id', $user_id); wp_set_current_user($user->ID, $user->user_login); wp_set_auth_cookie($user->ID); do_action('wp_login', $user->user_login); /* update user meta data with patreon data */ update_user_meta($user_id, 'patreon_refresh_token', $tokens['refresh_token']); update_user_meta($user_id, 'patreon_access_token', $tokens['access_token']); update_user_meta($user_id, 'patreon_user', $user_response['data']['attributes']['vanity']); update_user_meta($user_id, 'patreon_created', $user_response['data']['attributes']['created']); update_user_meta($user_id, 'user_firstname', $user_response['data']['attributes']['first_name']); update_user_meta($user_id, 'user_lastname', $user_response['data']['attributes']['last_name']); update_user_meta($user_id, 'patreon_token_minted', microtime()); } else { /* wordpress account creation failed #HANDLE_ERROR */ } } else { /* log user into existing wordpress account with matching email address -- disabled */ // wp_set_current_user( $user->ID, $user->user_login ); // wp_set_auth_cookie( $user->ID ); // do_action( 'wp_login', $user->user_login ); /* update user meta data with patreon data */ update_user_meta($user->ID, 'patreon_refresh_token', $tokens['refresh_token']); update_user_meta($user->ID, 'patreon_access_token', $tokens['access_token']); update_user_meta($user->ID, 'patreon_user', $user_response['data']['attributes']['vanity']); update_user_meta($user->ID, 'patreon_created', $user_response['data']['attributes']['created']); update_user_meta($user->ID, 'user_firstname', $user_response['data']['attributes']['first_name']); update_user_meta($user->ID, 'user_lastname', $user_response['data']['attributes']['last_name']); wp_redirect(wp_login_url() . '?patreon-msg=login_with_patreon', '301'); exit; } }
function cr_sanitize(&$fields) { $fields['user_login'] = isset($fields['user_login']) ? sanitize_user($fields['user_login']) : ''; $fields['user_pass'] = isset($fields['user_pass']) ? esc_attr($fields['user_pass']) : ''; $fields['user_email'] = isset($fields['user_email']) ? sanitize_email($fields['user_email']) : ''; $fields['user_url'] = isset($fields['user_url']) ? esc_url($fields['user_url']) : ''; $fields['first_name'] = isset($fields['first_name']) ? sanitize_text_field($fields['first_name']) : ''; $fields['last_name'] = isset($fields['last_name']) ? sanitize_text_field($fields['last_name']) : ''; $fields['nickname'] = isset($fields['nickname']) ? sanitize_text_field($fields['nickname']) : ''; $fields['description'] = isset($fields['description']) ? esc_textarea($fields['description']) : ''; }
function wpcom_vip_login_limit_dont_show_login_form() { if ('post' != strtolower($_SERVER['REQUEST_METHOD']) || !isset($_POST['log'])) { return; } $username = sanitize_user($_POST['log']); if ($error = wpcom_vip_login_is_limited($username)) { login_header(__('Error'), '', $error); login_footer(); exit; } }
/** * Create a new customer * * @param string $email * @param string $username * @param string $password * @return WP_Error on failure, Int (user ID) on success */ function wc_create_new_customer($email, $username = '', $password = '') { // Check the e-mail address if (empty($email) || !is_email($email)) { return new WP_Error("registration-error", __("Please provide a valid email address.", "woocommerce")); } if (email_exists($email)) { return new WP_Error("registration-error", __("An account is already registered with your email address. Please login.", "woocommerce")); } wp_verify_nonce($_POST['register'], 'woocommerce-register'); // Handle username creation if (get_option('woocommerce_registration_generate_username') == 'no' || !empty($username)) { $username = sanitize_user($username); if (empty($username) || !validate_username($username)) { return new WP_Error("registration-error", __("Please enter a valid account username.", "woocommerce")); } if (username_exists($username)) { return new WP_Error("registration-error", __("An account is already registered with that username. Please choose another.", "woocommerce")); } } else { $username = sanitize_user(current(explode('@', $email))); // Ensure username is unique $append = 1; $o_username = $username; while (username_exists($username)) { $username = $o_username . $append; $append++; } } // Handle password creation if (get_option('woocommerce_registration_generate_password') == 'yes' && empty($password)) { $password = wp_generate_password(); $password_generated = true; } elseif (empty($password)) { return new WP_Error("registration-error", __("Please enter an account password.", "woocommerce")); } else { $password_generated = false; } // WP Validation $validation_errors = new WP_Error(); do_action('woocommerce_register_post', $username, $email, $validation_errors); $validation_errors = apply_filters('woocommerce_registration_errors', $validation_errors, $username, $email); if ($validation_errors->get_error_code()) { return $validation_errors; } $new_customer_data = apply_filters('woocommerce_new_customer_data', array('user_login' => $username, 'user_pass' => $password, 'user_email' => $email, 'role' => 'customer')); $customer_id = wp_insert_user($new_customer_data); if (is_wp_error($customer_id)) { return new WP_Error("registration-error", '<strong>' . __('ERROR', 'woocommerce') . '</strong>: ' . __('Couldn’t register you… please contact us if you continue to have problems.', 'woocommerce')); } do_action('woocommerce_created_customer', $customer_id, $new_customer_data, $password_generated); return $customer_id; }
public static function generateUsername($email) { $username = sanitize_user(current(explode('@', $email)), true); // Ensure username is unique $append = 1; $o_username = $username; while (username_exists($username)) { $username = $o_username . $append; $append++; } return $username; }
/** * Process ajax login * * @access public * @return void */ function woocommerce_sidebar_login_ajax_process() { check_ajax_referer('woocommerce-sidebar-login-action', 'security'); // Get post data $creds = array(); $creds['user_login'] = esc_attr($_REQUEST['user_login']); $creds['user_password'] = esc_attr($_REQUEST['user_password']); $creds['remember'] = 'forever'; $redirect_to = esc_attr($_REQUEST['redirect_to']); // Check for Secure Cookie $secure_cookie = ''; // If the user wants ssl but the session is not ssl, force a secure cookie. if (!force_ssl_admin()) { $user_name = sanitize_user($creds['user_login']); if ($user = get_user_by('login', $user_name)) { if (get_user_option('use_ssl', $user->ID)) { $secure_cookie = true; force_ssl_admin(true); } } } if (force_ssl_admin()) { $secure_cookie = true; } if ($secure_cookie == '' && force_ssl_login()) { $secure_cookie = false; } // Login $user = wp_signon($creds, $secure_cookie); // Redirect filter if ($secure_cookie && strstr($redirect_to, 'wp-admin')) { $redirect_to = str_replace('http:', 'https:', $redirect_to); } // Result $result = array(); if (!is_wp_error($user)) { $result['success'] = 1; $result['redirect'] = $redirect_to; } else { $result['success'] = 0; if ($user->errors) { foreach ($user->errors as $error) { $result['error'] = $error[0]; break; } } else { $result['error'] = __('Please enter your username and password to login.', 'woocommerce'); } } header('content-type: application/json; charset=utf-8'); echo $_GET['callback'] . '(' . json_encode($result) . ')'; die; }
function jigoshop_save_attributes() { /** @var $wpdb wpdb */ global $wpdb; $options = Jigoshop_Base::get_options(); if (isset($_POST['add_new_attribute']) && $_POST['add_new_attribute']) { check_admin_referer('jigoshop-add-attribute', '_jigoshop_csrf'); $attribute_label = (string) strip_tags(stripslashes($_POST['attribute_label'])); $attribute_name = !$_POST['attribute_name'] ? sanitize_title(sanitize_user($attribute_label, $strict = true)) : sanitize_title(sanitize_user($_POST['attribute_name'], $strict = true)); $attribute_type = (string) $_POST['attribute_type']; if (empty($attribute_name) && empty($attribute_label) || empty($attribute_label)) { print_r('<div id="message" class="error"><p>' . __('Please enter an attribute label.', 'jigoshop') . '</p></div>'); } elseif ($attribute_name && strlen($attribute_name) < 30 && $attribute_type && !taxonomy_exists('pa_' . sanitize_title($attribute_name))) { $wpdb->insert($wpdb->prefix . "jigoshop_attribute_taxonomies", array('attribute_name' => $attribute_name, 'attribute_label' => $attribute_label, 'attribute_type' => $attribute_type), array('%s', '%s')); do_action('jigoshop_attribute_admin_add_after_save', $attribute_name, $attribute_label, $attribute_type); $options->set('jigowatt_update_rewrite_rules', '1'); wp_safe_redirect(get_admin_url() . 'edit.php?post_type=product&page=jigoshop_attributes'); exit; } else { print_r('<div id="message" class="error"><p>' . __('That attribute already exists, no additions were made.', 'jigoshop') . '</p></div>'); } } elseif (isset($_POST['save_attribute']) && $_POST['save_attribute'] && isset($_GET['edit'])) { $edit = absint($_GET['edit']); check_admin_referer('jigoshop-edit-attribute_' . $edit, '_jigoshop_csrf'); if ($edit > 0) { $attribute_type = $_POST['attribute_type']; $attribute_label = (string) strip_tags(stripslashes($_POST['attribute_label'])); $wpdb->update($wpdb->prefix . "jigoshop_attribute_taxonomies", array('attribute_type' => $attribute_type, 'attribute_label' => $attribute_label), array('attribute_id' => $_GET['edit']), array('%s', '%s')); do_action('jigoshop_attribute_admin_edit_after_update', $edit, $attribute_label, $attribute_type); } wp_safe_redirect(get_admin_url() . 'edit.php?post_type=product&page=jigoshop_attributes'); exit; } elseif (isset($_GET['delete'])) { $delete = absint($_GET['delete']); check_admin_referer('jigoshop-delete-attribute_' . $delete); if ($delete > 0) { $att_name = $wpdb->get_var($wpdb->prepare("SELECT attribute_name FROM " . $wpdb->prefix . "jigoshop_attribute_taxonomies WHERE attribute_id = %d", $delete)); if ($att_name && $wpdb->query($wpdb->prepare("DELETE FROM " . $wpdb->prefix . "jigoshop_attribute_taxonomies WHERE attribute_id = %d", $delete))) { $taxonomy = 'pa_' . sanitize_title($att_name); // Old taxonomy prefix left in for backwards compatibility if (taxonomy_exists($taxonomy)) { $terms = get_terms($taxonomy, 'orderby=name&hide_empty=0'); foreach ($terms as $term) { wp_delete_term($term->term_id, $taxonomy); } } do_action('jigoshop_attribute_admin_delete_after', $delete, $att_name); wp_safe_redirect(get_admin_url() . 'edit.php?post_type=product&page=jigoshop_attributes'); exit; } } } }
/** * Create a new customer. * * @param string $email Customer email. * @param string $username Customer username. * @param string $password Customer password. * @return int|WP_Error Returns WP_Error on failure, Int (user ID) on success. */ function wc_create_new_customer($email, $username = '', $password = '') { // Check the email address. if (empty($email) || !is_email($email)) { return new WP_Error('registration-error-invalid-email', __('Please provide a valid email address.', 'woocommerce')); } if (email_exists($email)) { return new WP_Error('registration-error-email-exists', __('An account is already registered with your email address. Please login.', 'woocommerce')); } // Handle username creation. if ('no' === get_option('woocommerce_registration_generate_username') || !empty($username)) { $username = sanitize_user($username); if (empty($username) || !validate_username($username)) { return new WP_Error('registration-error-invalid-username', __('Please enter a valid account username.', 'woocommerce')); } if (username_exists($username)) { return new WP_Error('registration-error-username-exists', __('An account is already registered with that username. Please choose another.', 'woocommerce')); } } else { $username = sanitize_user(current(explode('@', $email)), true); // Ensure username is unique. $append = 1; $o_username = $username; while (username_exists($username)) { $username = $o_username . $append; $append++; } } // Handle password creation. if ('yes' === get_option('woocommerce_registration_generate_password') && empty($password)) { $password = wp_generate_password(); $password_generated = true; } elseif (empty($password)) { return new WP_Error('registration-error-missing-password', __('Please enter an account password.', 'woocommerce')); } else { $password_generated = false; } // Use WP_Error to handle registration errors. $errors = new WP_Error(); do_action('woocommerce_register_post', $username, $email, $errors); $errors = apply_filters('woocommerce_registration_errors', $errors, $username, $email); if ($errors->get_error_code()) { return $errors; } $new_customer_data = apply_filters('woocommerce_new_customer_data', array('user_login' => $username, 'user_pass' => $password, 'user_email' => $email, 'role' => 'customer')); $customer_id = wp_insert_user($new_customer_data); if (is_wp_error($customer_id)) { return new WP_Error('registration-error', '<strong>' . __('Error:', 'woocommerce') . '</strong> ' . __('Couldn’t register you… please contact us if you continue to have problems.', 'woocommerce')); } do_action('woocommerce_created_customer', $customer_id, $new_customer_data, $password_generated); return $customer_id; }