function jwplayer_login_page() { if (!current_user_can('manage_options')) { jwplayer_login_print_error('You do not have sufficient privileges to access this page.'); return; } if (!isset($_POST['apikey'], $_POST['apisecret'])) { // Input var okay jwplayer_login_form(); return; } // Check the nonce (counter XSRF) if (isset($_POST['_wpnonce'])) { // Input var okay if (!wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['_wpnonce'])), 'jwplayer-login-nonce')) { // Input var okay jwplayer_login_print_error('Could not verify the form data.'); jwplayer_login_form(); return; } } $api_key = isset($_POST['apikey']) ? sanitize_text_field(wp_unslash($_POST['apikey'])) : false; // Input var okay $api_secret = isset($_POST['apisecret']) ? sanitize_text_field(wp_unslash($_POST['apisecret'])) : false; // Input var okay $api_verified = jwplayer_login_verify_api_key_secret($api_key, $api_secret); if (null === $api_verified) { jwplayer_login_print_error('Communications with the JW Player API failed. Please try again later.'); jwplayer_login_form(); } elseif (false === $api_verified) { jwplayer_login_print_error('Your API credentials were not accepted. Please try again.'); jwplayer_login_form(); } else { // Perform the login. update_option('jwplayer_api_key', $api_key); update_option('jwplayer_api_secret', $api_secret); $settings_page = get_admin_url(null, 'options-general.php?page=jwplayer_settings'); ?> <h2>Authorization succesful</h2> <p> You have successfully authorized the plugin to access your JW Player account. </p> <p> You can now update <a href="<?php echo esc_url($settings_page); ?> ">the settings of the JW Player plugin</a>. </p> <?php } }
function jwplayer_login_page() { if (!current_user_can('manage_options')) { jwplayer_login_print_error('You do not have sufficient privileges to access this page.'); return; } if (!isset($_POST['apikey'], $_POST['apisecret'])) { //input var okay jwplayer_login_form(); return; } // Check the nonce (counter XSRF) if (isset($_POST['_wpnonce'])) { $nonce = sanitize_text_field($_POST['_wpnonce']); //input var okay if (!wp_verify_nonce($nonce, 'jwplayer-login-nonce')) { jwplayer_login_print_error('Could not verify the form data.'); jwplayer_login_form(); return; } } if (isset($_POST['apikey'])) { $api_key = sanitize_text_field($_POST['apikey']); //input var okay } if (isset($_POST['apisecret'])) { $api_secret = sanitize_text_field($_POST['apisecret']); //input var okay } $api_verified = jwplayer_login_verify_api_key_secret($api_key, $api_secret); if (null === $api_verified) { jwplayer_login_print_error('Communications with the JW Player API failed. Please try again later.'); jwplayer_login_form(); } elseif (false === $api_verified) { jwplayer_login_print_error('Your API credentials were not accepted. Please try again.'); jwplayer_login_form(); } else { // Perform the login. update_option('jwplayer_api_key', $api_key); update_option('jwplayer_api_secret', $api_secret); echo '<h2>Authorization succesful</h2><p>You have successfully authorized the plugin to access your JW Player account. Returning you to the <a href="options-media.php">media settings</a> page...</p>'; // Perform a manual JavaScript redirect echo '<script type="application/x-javascript">document.location.href = "options-general.php?page=jwplayer_settings"</script>'; } }
function jwplayer_login() { if (!current_user_can('manage_options')) { jwplayer_print_error('You do not have sufficient privileges to access this page.'); return; } if (!isset($_POST['username'], $_POST['password'])) { //input var okay jwplayer_login_form(); return; } // Check the nonce (counter XSRF) $nonce = sanitize_text_field($_POST['_wpnonce']); //input var okay if (!wp_verify_nonce($nonce, 'jwplayer-login-nonce')) { jwplayer_print_error('Could not verify the form data.'); jwplayer_login_form(); return; } if (isset($_POST['username'])) { $login = sanitize_text_field($_POST['username']); //input var okay } if (isset($_POST['password'])) { $password = sanitize_text_field($_POST['password']); //input var okay } $keysecret = jwplayer_get_api_key_secret($login, $password); if (null === $keysecret) { jwplayer_print_error('Communications with the JW Platform API failed. Please try again later.'); jwplayer_login_form(); } elseif (!isset($keysecret['key'], $keysecret['secret'])) { jwplayer_print_error('Your login credentials were not accepted. Please try again.'); jwplayer_login_form(); } else { // Perform the login. update_option('jwplayer_login', $login); update_option('jwplayer_api_key', $keysecret['key']); update_option('jwplayer_api_secret', $keysecret['secret']); echo '<h2>Logged in</h2><p>Logged in successfully. Returning you to the <a href="options-media.php">media settings</a> page...</p>'; // Perform a manual JavaScript redirect echo '<script type="application/x-javascript">document.location.href = "options-media.php"</script>'; } }