//Tag the user with our meta so we can recognize them next time, without resorting to email hashes
update_user_meta($user_login_id, $jfb_uid_meta_name, $fb_uid);
$jfb_log .= "nxt: Updated usermeta ({$jfb_uid_meta_name})\n";
//Also store the user's facebook avatar(s), in case the user wants to use them later
if ($fbuser['pic_square']) {
    update_user_meta($user_login_id, 'facebook_avatar_thumb', $fbuser['pic_square']);
    update_user_meta($user_login_id, 'facebook_avatar_full', $fbuser['pic_big']);
    $jfb_log .= "nxt: Updated avatars (" . $fbuser['pic_square'] . ")\n";
} else {
    update_user_meta($user_login_id, 'facebook_avatar_thumb', '');
    update_user_meta($user_login_id, 'facebook_avatar_full', '');
    $jfb_log .= "FB: User does not have a profile picture; clearing cached avatar (if present).\n";
}
//Log them in
$rememberme = apply_filters('nxtfb_rememberme', isset($_POST['rememberme']) && $_POST['rememberme']);
nxt_set_auth_cookie($user_login_id, $rememberme);
//Run a custom action.  You can use this to modify a logging-in user however you like,
//i.e. add them to a "Recent FB Visitors" log, assign a role if they're friends with you on Facebook, etc.
do_action('nxtfb_login', array('nxt_ID' => $user_login_id, 'FB_ID' => $fb_uid, 'facebook' => $facebook));
do_action('nxt_login', $user_login_name);
//Email logs if requested
$jfb_log .= "Login complete (rememberme=" . ($rememberme ? "yes" : "no") . ")\n";
$jfb_log .= "   nxt User : {$user_login_name} (" . admin_url("user-edit.php?user_id={$user_login_id}") . ")\n";
$jfb_log .= "   FB User : "******" (" . $fbuser["profile_url"] . ")\n";
$jfb_log .= "   Redirect: " . $redirectTo . "\n";
j_mail("FB Login: "******" -> " . get_bloginfo('name'));
//Redirect the user back to where they were
$delay_redirect = get_option($opt_jfb_delay_redir);
if (!isset($delay_redirect) || !$delay_redirect) {
    header("Location: " . $redirectTo);
    exit;
示例#2
0
function remote_login_js()
{
    global $current_blog, $current_user, $nxtdb;
    if (0 == get_site_option('dm_remote_login')) {
        return false;
    }
    $nxtdb->dmtablelogins = $nxtdb->base_prefix . 'domain_mapping_logins';
    $hash = get_dm_hash();
    if (false == isset($_SERVER['HTTPS'])) {
        $_SERVER['HTTPS'] = 'Off';
    }
    $protocol = 'on' == strtolower($_SERVER['HTTPS']) ? 'https://' : 'http://';
    if ($_GET['dm'] == $hash) {
        if ($_GET['action'] == 'load') {
            if (!is_user_logged_in()) {
                exit;
            }
            $key = md5(time() . mt_rand());
            $nxtdb->query($nxtdb->prepare("INSERT INTO {$nxtdb->dmtablelogins} ( `id`, `user_id`, `blog_id`, `t` ) VALUES( %s, %d, %d, NOW() )", $key, $current_user->ID, $_GET['blogid']));
            $url = add_query_arg(array('action' => 'login', 'dm' => $hash, 'k' => $key, 't' => mt_rand()), $_GET['back']);
            echo "window.location = '{$url}'";
            exit;
        } elseif ($_GET['action'] == 'login') {
            if ($details = $nxtdb->get_row($nxtdb->prepare("SELECT * FROM {$nxtdb->dmtablelogins} WHERE id = %s AND blog_id = %d", $_GET['k'], $nxtdb->blogid))) {
                if ($details->blog_id == $nxtdb->blogid) {
                    $nxtdb->query($nxtdb->prepare("DELETE FROM {$nxtdb->dmtablelogins} WHERE id = %s", $_GET['k']));
                    $nxtdb->query($nxtdb->prepare("DELETE FROM {$nxtdb->dmtablelogins} WHERE t < %d", time() - 120));
                    // remote logins survive for only 2 minutes if not used.
                    nxt_set_auth_cookie($details->user_id);
                    nxt_redirect(remove_query_arg(array('dm', 'action', 'k', 't', $protocol . $current_blog->domain . $_SERVER['REQUEST_URI'])));
                    exit;
                } else {
                    nxt_die(__("Incorrect or out of date login key", 'nxtclass-mu-domain-mapping'));
                }
            } else {
                nxt_die(__("Unknown login key", 'nxtclass-mu-domain-mapping'));
            }
        } elseif ($_GET['action'] == 'logout') {
            if ($details = $nxtdb->get_row($nxtdb->prepare("SELECT * FROM {$nxtdb->dmtablelogins} WHERE id = %d AND blog_id = %d", $_GET['k'], $_GET['blogid']))) {
                $nxtdb->query($nxtdb->prepare("DELETE FROM {$nxtdb->dmtablelogins} WHERE id = %s", $_GET['k']));
                $blog = get_blog_details($_GET['blogid']);
                nxt_clear_auth_cookie();
                nxt_redirect(trailingslashit($blog->siteurl) . "nxt-login.php?loggedout=true");
                exit;
            } else {
                nxt_die(__("Unknown logout key", 'nxtclass-mu-domain-mapping'));
            }
        }
    }
}
示例#3
0
/**
 * Login user with specified identity URL.  This will find the NXTClass user account connected to this
 * OpenID and set it as the current user.  Only call this function AFTER you've verified the identity URL.
 *
 * @param string $identity userID or OpenID to set as current user
 * @param boolean $remember should we set the "remember me" cookie
 * @return void
 */
function openid_set_current_user($identity, $remember = true)
{
    if (is_numeric($identity)) {
        $user_id = $identity;
    } else {
        $user_id = get_user_by_openid($identity);
    }
    if (!$user_id) {
        return;
    }
    $user = set_current_user($user_id);
    nxt_set_auth_cookie($user->ID, $remember);
    do_action('nxt_login', $user->user_login);
}
 /**
  * Sets a cookie for a user who just logged in. This function is deprecated.
  *
  * @since 1.5
  * @deprecated 2.5
  * @deprecated Use nxt_set_auth_cookie()
  * @see nxt_set_auth_cookie()
  *
  * @param string $username The user's username
  * @param string $password Optional. The user's password
  * @param bool $already_md5 Optional. Whether the password has already been through MD5
  * @param string $home Optional. Will be used instead of COOKIEPATH if set
  * @param string $siteurl Optional. Will be used instead of SITECOOKIEPATH if set
  * @param bool $remember Optional. Remember that the user is logged in
  */
 function nxt_setcookie($username, $password = '', $already_md5 = false, $home = '', $siteurl = '', $remember = false)
 {
     _deprecated_function(__FUNCTION__, '2.5', 'nxt_set_auth_cookie()');
     $user = get_user_by('login', $username);
     nxt_set_auth_cookie($user->ID, $remember);
 }
示例#5
0
/**
 * Update an user in the database.
 *
 * It is possible to update a user's password by specifying the 'user_pass'
 * value in the $userdata parameter array.
 *
 * If $userdata does not contain an 'ID' key, then a new user will be created
 * and the new user's ID will be returned.
 *
 * If current user's password is being updated, then the cookies will be
 * cleared.
 *
 * @since 2.0.0
 * @see nxt_insert_user() For what fields can be set in $userdata
 * @uses nxt_insert_user() Used to update existing user or add new one if user doesn't exist already
 *
 * @param array $userdata An array of user data.
 * @return int The updated user's ID.
 */
function nxt_update_user($userdata)
{
    $ID = (int) $userdata['ID'];
    // First, get all of the original fields
    $user_obj = get_userdata($ID);
    $user = get_object_vars($user_obj->data);
    // Add additional custom fields
    foreach (_get_additional_user_keys($user_obj) as $key) {
        $user[$key] = get_user_meta($ID, $key, true);
    }
    // Escape data pulled from DB.
    $user = add_magic_quotes($user);
    // If password is changing, hash it now.
    if (!empty($userdata['user_pass'])) {
        $plaintext_pass = $userdata['user_pass'];
        $userdata['user_pass'] = nxt_hash_password($userdata['user_pass']);
    }
    nxt_cache_delete($user['user_email'], 'useremail');
    // Merge old and new fields with new fields overwriting old ones.
    $userdata = array_merge($user, $userdata);
    $user_id = nxt_insert_user($userdata);
    // Update the cookies if the password changed.
    $current_user = nxt_get_current_user();
    if ($current_user->ID == $ID) {
        if (isset($plaintext_pass)) {
            nxt_clear_auth_cookie();
            nxt_set_auth_cookie($ID);
        }
    }
    return $user_id;
}