/** * Render the Social Link form for the given user */ function oa_social_login_render_link_form($source, $user) { //Data returned $output = ''; if (is_object($user) and property_exists($user, 'data') and !empty($user->data->ID)) { //Only show if the user is viewing his own profile if ($user->data->ID == get_current_user_id()) { //Identifier of the current user $userid = $user->data->ID; //Read settings $settings = get_option('oa_social_login_settings'); //Is Social Link enabled? if (!isset($settings['plugin_profile_show']) or !empty($settings['plugin_profile_show'])) { //Import providers global $oa_social_login_providers; //Parse API Settings $api_connection_handler = (!empty($settings['api_connection_handler']) and $settings['api_connection_handler'] == 'fsockopen') ? 'fsockopen' : 'curl'; $api_connection_use_https = (!isset($settings['api_connection_use_https']) or $settings['api_connection_use_https'] == '1') ? true : false; $api_subdomain = !empty($settings['api_subdomain']) ? $settings['api_subdomain'] : ''; $api_key = !empty($settings['api_key']) ? $settings['api_key'] : ''; $api_secret = !empty($settings['api_secret']) ? $settings['api_secret'] : ''; //Setup API Providers $api_providers = array(); if (is_array($settings['providers'])) { foreach ($settings['providers'] as $settings_provider_key => $settings_provider_name) { if (isset($oa_social_login_providers[$settings_provider_key])) { $api_providers[] = $settings_provider_key; } } } //The Subdomain is required if (!empty($api_subdomain)) { //No providers selected if (count($api_providers) == 0) { $output = '<div style="color:white;background-color:red;">[Social Login] ' . __('Please enable at least one social network!', 'oa_social_login') . '</div>'; } else { //Error Message $error_message = ''; $success_message = ''; //Callback Handler if (isset($_POST) and !empty($_POST['oa_action']) and $_POST['oa_action'] == 'social_link' and !empty($_POST['connection_token'])) { //More info here: https://docs.oneall.com/api/resources/connections/read-connection-details/ $api_resource_url = ($api_connection_use_https ? 'https' : 'http') . '://' . $api_subdomain . '.api.oneall.com/connections/' . $_POST['connection_token'] . '.json'; //Get connection details $result = oa_social_login_do_api_request($api_connection_handler, $api_resource_url, array('api_key' => $api_key, 'api_secret' => $api_secret), 15); //Parse result if (is_object($result) and property_exists($result, 'http_code') and property_exists($result, 'http_data') and $result->http_code == 200) { //Decode $json_decoded = json_decode($result->http_data); //User Data if (is_object($json_decoded) and property_exists($json_decoded, 'response')) { //Extract data $data = $json_decoded->response->result->data; //Check for plugin status if (is_object($data) and property_exists($data, 'plugin') and $data->plugin->key == 'social_link' and $data->plugin->data->status == 'success') { //Get the id of the linked user - Can be empty $userid_by_token = oa_social_login_get_userid_by_token($data->user->user_token); //Link identity if ($data->plugin->data->action == 'link_identity') { // The user already has a user_token if (is_numeric($userid_by_token)) { //Already connected to this user if ($userid_by_token == $userid) { $success_message = sprintf(__('You have successfully linked your %s account.', 'oa_social_login'), $data->user->identity->source->name); //Read provider list $meta_identity_providers = trim(strval(get_user_meta($userid, 'oa_social_login_identity_provider', true))); $meta_identity_providers = explode("|", $meta_identity_providers); //Update new provider list $identity_providers = array(trim($data->user->identity->source->name)); foreach ($meta_identity_providers as $meta_identity_provider) { if (strlen(trim($meta_identity_provider)) > 0) { $identity_providers[] = trim($meta_identity_provider); } } //First Provider if (count($identity_providers) == 1) { update_user_meta($userid, 'oa_social_login_identity_provider', array_shift($identity_providers)); } else { update_user_meta($userid, 'oa_social_login_identity_provider', implode("|", $identity_providers)); } } else { $error_message = sprintf(__('This %s account is already used by another user of this website.', 'oa_social_login'), $data->user->identity->source->name); } } else { $success_message = sprintf(__('You have successfully linked your %s account.', 'oa_social_login'), $data->user->identity->source->name); //Clean Cache wp_cache_delete($userid, 'users'); //User Meta Data update_user_meta($userid, 'oa_social_login_user_token', $data->user->user_token); update_user_meta($userid, 'oa_social_login_identity_provider', $data->user->identity->source->name); //Thumbnail if (!empty($data->user->identity->thumbnailUrl)) { update_user_meta($userid, 'oa_social_login_user_thumbnail', $data->user->identity->thumbnailUrl); } } } elseif ($data->plugin->data->action == 'unlink_identity') { // The user already has a user_token if (is_numeric($userid_by_token)) { //Was connected to this user if ($userid_by_token == $userid) { $success_message = sprintf(__('You have successfully unlinked your %s account.', 'oa_social_login'), $data->user->identity->source->name); //Read provider list $meta_identity_providers = trim(strval(get_user_meta($userid, 'oa_social_login_identity_provider', true))); $meta_identity_providers = explode("|", $meta_identity_providers); //Update new provider list $identity_providers = array(); $discard_existing_identity_provider = true; foreach ($meta_identity_providers as $meta_identity_provider) { if (strlen(trim($meta_identity_provider)) > 0) { $meta_identity_provider = trim($meta_identity_provider); //Different from the one that has been unlinked if ($meta_identity_provider != $data->user->identity->source->name) { $identity_providers[] = $meta_identity_provider; } else { //Only discard the first if ($discard_existing_identity_provider) { $discard_existing_identity_provider = false; } else { $identity_providers[] = $meta_identity_provider; } } } } //One provider linked if (count($identity_providers) == 1) { update_user_meta($userid, 'oa_social_login_identity_provider', array_shift($identity_providers)); } else { //No providers linked if (count($identity_providers) == 0) { $error_message = __("You might no longer be able to login to this website if you don't link at least one social network.", 'oa_social_login'); update_user_meta($userid, 'oa_social_login_identity_provider', ''); } else { update_user_meta($userid, 'oa_social_login_identity_provider', implode("|", $identity_providers)); } } } else { $error_message = sprintf(__('This %s account is already used by another user of this website.', 'oa_social_login'), $data->user->identity->source->name); } } else { //Nothing to do } } } } } } //OneAll user_token $token = strval(oa_social_login_get_token_by_userid($userid)); //Random integer $rand = mt_rand(99999, 9999999); //Callback URI $callback_uri = oa_social_login_get_current_url() . '?oa_social_login_source=' . $source . '#oa_social_link'; //Setup Social Link $social_link = array(); $social_link[] = '<div class="oneall_social_link">'; $social_link[] = ' <div class="oneall_social_login_providers" id="oneall_social_login_providers_' . $rand . '"></div>'; $social_link[] = ' <script type="text/javascript">'; $social_link[] = ' oneall.api.plugins.social_link.build("oneall_social_login_providers_' . $rand . '", {'; $social_link[] = ' "providers": ["' . implode('","', $api_providers) . '"], '; $social_link[] = ' "user_token": "' . $token . '", '; $social_link[] = ' "callback_uri": "' . $callback_uri . '", '; $social_link[] = ' });'; $social_link[] = ' </script>'; $social_link[] = '</div>'; $social_link = implode("\n", $social_link); //Setup Output $output .= '<h3 id="oa_social_link"> ' . __('Connect your account to one or more social networks', 'oa_social_login') . '</h3>'; $output .= '<table class="form-table">'; $output .= empty($success_message) ? '' : '<tr><td><span style="color:green;font-weight:bold"> ' . $success_message . '</span></td></tr>'; $output .= empty($error_message) ? '' : '<tr><td><span style="color:red;font-weight:bold">' . $error_message . '</span></td></tr>'; $output .= '<tr><td>' . $social_link . '</td></tr>'; $output .= '</table>'; } } } } } return $output; }
/** * Handle the callback */ function oa_social_login_callback() { //Callback Handler if (isset($_POST) and !empty($_POST['oa_action']) and $_POST['oa_action'] == 'social_login' and !empty($_POST['connection_token'])) { //OneAll Connection token $connection_token = trim($_POST['connection_token']); //Read settings $settings = get_option('oa_social_login_settings'); //API Settings $api_connection_handler = (!empty($settings['api_connection_handler']) and $settings['api_connection_handler'] == 'fsockopen') ? 'fsockopen' : 'curl'; $api_connection_use_https = (!isset($settings['api_connection_use_https']) or $settings['api_connection_use_https'] == '1') ? true : false; $api_subdomain = !empty($settings['api_subdomain']) ? trim($settings['api_subdomain']) : ''; //We cannot make a connection without a subdomain if (!empty($api_subdomain)) { //See: http://docs.oneall.com/api/resources/connections/read-connection-details/ $api_resource_url = ($api_connection_use_https ? 'https' : 'http') . '://' . $api_subdomain . '.api.oneall.com/connections/' . $connection_token . '.json'; //API Credentials $api_credentials = array(); $api_credentials['api_key'] = !empty($settings['api_key']) ? $settings['api_key'] : ''; $api_credentials['api_secret'] = !empty($settings['api_secret']) ? $settings['api_secret'] : ''; //Retrieve connection details $result = oa_social_login_do_api_request($api_connection_handler, $api_resource_url, $api_credentials); //Check result if (is_object($result) and property_exists($result, 'http_code') and $result->http_code == 200 and property_exists($result, 'http_data')) { //Decode result $decoded_result = @json_decode($result->http_data); if (is_object($decoded_result) and isset($decoded_result->response->result->data->user)) { //User data $user_data = $decoded_result->response->result->data->user; //Social network profile data $identity = $user_data->identity; //Unique user token provided by OneAll $user_token = $user_data->user_token; //Identity Provider $user_identity_provider = $identity->source->name; //Thumbnail $user_thumbnail = !empty($identity->thumbnailUrl) ? trim($identity->thumbnailUrl) : ''; //Picture $user_picture = !empty($identity->pictureUrl) ? trim($identity->pictureUrl) : ''; //About Me $user_about_me = !empty($identity->aboutMe) ? trim($identity->aboutMe) : ''; //Note $user_note = !empty($identity->note) ? trim($identity->note) : ''; //Firstname $user_first_name = !empty($identity->name->givenName) ? $identity->name->givenName : ''; //Lastname $user_last_name = !empty($identity->name->familyName) ? $identity->name->familyName : ''; //Fullname if (!empty($identity->name->formatted)) { $user_full_name = $identity->name->formatted; } elseif (!empty($identity->name->displayName)) { $user_full_name = $identity->name->displayName; } else { $user_full_name = trim($user_first_name . ' ' . $user_last_name); } // Email Address. $user_email = ''; if (property_exists($identity, 'emails') and is_array($identity->emails)) { $user_email_is_verified = false; while ($user_email_is_verified !== true and list(, $email) = each($identity->emails)) { $user_email = $email->value; $user_email_is_verified = $email->is_verified == '1'; } } //User Website if (!empty($identity->profileUrl)) { $user_website = $identity->profileUrl; } elseif (!empty($identity->urls[0]->value)) { $user_website = $identity->urls[0]->value; } else { $user_website = ''; } //Preferred Username if (!empty($identity->preferredUsername)) { $user_login = $identity->preferredUsername; } elseif (!empty($identity->displayName)) { $user_login = $identity->displayName; } else { $user_login = $user_full_name; } //New user created? $new_registration = false; //Sanitize Login $user_login = str_replace('.', '-', $user_login); $user_login = sanitize_user($user_login, true); // Get user by token $user_id = oa_social_login_get_userid_by_token($user_token); //Try to link to existing account if (!is_numeric($user_id)) { //This is a new user $new_registration = true; //Linking enabled? if (!isset($settings['plugin_link_verified_accounts']) or $settings['plugin_link_verified_accounts'] == '1') { //Only if email is verified if (!empty($user_email) and $user_email_is_verified === true) { //Read existing user if (($user_id_tmp = email_exists($user_email)) !== false) { $user_data = get_userdata($user_id_tmp); if ($user_data !== false) { $user_id = $user_data->ID; $user_login = $user_data->user_login; //Refresh the meta data delete_metadata('user', null, 'oa_social_login_user_token', $user_token, true); update_user_meta($user_id, 'oa_social_login_user_token', $user_token); update_user_meta($user_id, 'oa_social_login_identity_provider', $user_identity_provider); //Refresh the cache wp_cache_delete($user_id, 'users'); wp_cache_delete($user_login, 'userlogins'); } } } } } //New User if (!is_numeric($user_id)) { //Username is mandatory if (!isset($user_login) or strlen(trim($user_login)) == 0) { $user_login = $user_identity_provider . 'User'; } // BuddyPress : See bp_core_strip_username_spaces() if (function_exists('bp_core_strip_username_spaces')) { $user_login = str_replace(' ', '-', $user_login); } //Username must be unique if (username_exists($user_login)) { $i = 1; $user_login_tmp = $user_login; do { $user_login_tmp = $user_login . $i++; } while (username_exists($user_login_tmp)); $user_login = $user_login_tmp; } //Email Filter $user_email = apply_filters('oa_social_login_filter_new_user_email', $user_email); //Email must be unique $placeholder_email_used = false; if (!isset($user_email) or !is_email($user_email) or email_exists($user_email)) { $user_email = oa_social_login_create_rand_email(); $placeholder_email_used = true; } //Setup the user's password $user_password = wp_generate_password(); $user_password = apply_filters('oa_social_login_filter_new_user_password', $user_password); //Setup the user's role $user_role = get_option('default_role'); $user_role = apply_filters('oa_social_login_filter_new_user_role', $user_role); //Build user data $user_fields = array('user_login' => $user_login, 'display_name' => !empty($user_full_name) ? $user_full_name : $user_login, 'user_email' => $user_email, 'first_name' => $user_first_name, 'last_name' => $user_last_name, 'user_url' => $user_website, 'user_pass' => $user_password, 'role' => $user_role); //Filter for user_data $user_fields = apply_filters('oa_social_login_filter_new_user_fields', $user_fields); //Hook before adding the user do_action('oa_social_login_action_before_user_insert', $user_fields, $identity); // Create a new user $user_id = wp_insert_user($user_fields); if (is_numeric($user_id) and ($user_data = get_userdata($user_id)) !== false) { //Refresh the meta data delete_metadata('user', null, 'oa_social_login_user_token', $user_token, true); //Save OneAll user meta-data update_user_meta($user_id, 'oa_social_login_user_token', $user_token); update_user_meta($user_id, 'oa_social_login_identity_provider', $user_identity_provider); //Save WordPress user meta-data if (!empty($user_about_me) or !empty($user_note)) { $user_description = !empty($user_about_me) ? $user_about_me : $user_note; update_user_meta($user_id, 'description', $user_description); } //Email is required if (!empty($settings['plugin_require_email'])) { //We don't have the real email if ($placeholder_email_used) { update_user_meta($user_id, 'oa_social_login_request_email', 1); } } //Notify Administrator if (!empty($settings['plugin_notify_admin'])) { oa_social_login_user_notification($user_id, $user_identity_provider); } //Refresh the cache wp_cache_delete($user_id, 'users'); wp_cache_delete($user_login, 'userlogins'); //WordPress hook do_action('user_register', $user_id); //Social Login Hook do_action('oa_social_login_action_after_user_insert', $user_data, $identity); } } //Sucess $user_data = get_userdata($user_id); if ($user_data !== false) { //Hooks to be used by third parties do_action('oa_social_login_action_before_user_login', $user_data, $identity, $new_registration); //Update user thumbnail if (!empty($user_thumbnail)) { update_user_meta($user_id, 'oa_social_login_user_thumbnail', $user_thumbnail); } //Update user picture if (!empty($user_picture)) { update_user_meta($user_id, 'oa_social_login_user_picture', $user_picture); } //Set the cookie and login wp_clear_auth_cookie(); wp_set_auth_cookie($user_data->ID, true); do_action('wp_login', $user_data->user_login, $user_data); //Where did the user come from? $oa_social_login_source = !empty($_REQUEST['oa_social_login_source']) ? strtolower(trim($_REQUEST['oa_social_login_source'])) : ''; //Use safe redirection? $redirect_to_safe = false; //Build the url to redirect the user to switch ($oa_social_login_source) { //*************** Registration *************** case 'registration': //Default redirection $redirect_to = admin_url(); //Redirection in URL if (!empty($_GET['redirect_to'])) { $redirect_to = $_GET['redirect_to']; $redirect_to_safe = true; } else { //Redirection customized if (isset($settings['plugin_registration_form_redirect'])) { switch (strtolower($settings['plugin_registration_form_redirect'])) { //Current case 'current': $redirect_to = oa_social_login_get_current_url(); break; //Homepage //Homepage case 'homepage': $redirect_to = home_url(); break; //Custom //Custom case 'custom': if (isset($settings['plugin_registration_form_redirect_custom_url']) and strlen(trim($settings['plugin_registration_form_redirect_custom_url'])) > 0) { $redirect_to = trim($settings['plugin_registration_form_redirect_custom_url']); } break; //Default/Dashboard //Default/Dashboard default: case 'dashboard': $redirect_to = admin_url(); break; } } } break; //*************** Login *************** //*************** Login *************** case 'login': //Default redirection $redirect_to = home_url(); //Redirection in URL if (!empty($_GET['redirect_to'])) { $redirect_to = $_GET['redirect_to']; $redirect_to_safe = true; } else { //Redirection customized if (isset($settings['plugin_login_form_redirect'])) { switch (strtolower($settings['plugin_login_form_redirect'])) { //Current case 'current': global $pagenow; //Do not redirect to the login page as this would logout the user. if (empty($pagenow) or $pagenow != 'wp-login.php') { $redirect_to = oa_social_login_get_current_url(); } else { $redirect_to = home_url(); } break; //Dashboard //Dashboard case 'dashboard': $redirect_to = admin_url(); break; //Custom //Custom case 'custom': if (isset($settings['plugin_login_form_redirect_custom_url']) and strlen(trim($settings['plugin_login_form_redirect_custom_url'])) > 0) { $redirect_to = trim($settings['plugin_login_form_redirect_custom_url']); } break; //Default/Homepage //Default/Homepage default: case 'homepage': $redirect_to = home_url(); break; } } } break; // *************** Comments *************** // *************** Comments *************** case 'comments': $redirect_to = oa_social_login_get_current_url() . '#comments'; break; //*************** Widget/Shortcode *************** //*************** Widget/Shortcode *************** default: case 'widget': case 'shortcode': // This is a new user $opt_key = $new_registration === true ? 'register' : 'login'; //Default value $redirect_to = oa_social_login_get_current_url(); //Redirection customized if (isset($settings['plugin_shortcode_' . $opt_key . '_redirect'])) { switch (strtolower($settings['plugin_shortcode_' . $opt_key . '_redirect'])) { //Current case 'current': $redirect_to = oa_social_login_get_current_url(); break; //Homepage //Homepage case 'homepage': $redirect_to = home_url(); break; //Dashboard //Dashboard case 'dashboard': $redirect_to = admin_url(); break; //Custom //Custom case 'custom': if (isset($settings['plugin_shortcode_' . $opt_key . '_redirect_url']) and strlen(trim($settings['plugin_shortcode_' . $opt_key . '_redirect_url'])) > 0) { $redirect_to = trim($settings['plugin_shortcode_' . $opt_key . '_redirect_url']); } break; } } break; } //Check if url set if (!isset($redirect_to) or strlen(trim($redirect_to)) == 0) { $redirect_to = home_url(); } //Filter for redirection urls if ($new_registration === true) { $redirect_to = apply_filters('oa_social_login_filter_registration_redirect_url', $redirect_to, $user_data); } else { $redirect_to = apply_filters('oa_social_login_filter_login_redirect_url', $redirect_to, $user_data); } //Hooks for other plugins do_action('oa_social_login_action_before_user_redirect', $user_data, $identity, $redirect_to); //Use safe redirection if ($redirect_to_safe === true) { wp_safe_redirect($redirect_to); } else { wp_redirect($redirect_to); } exit; } } } } } }