function login_with_email_address($user, $username, $password)
{
    $user = get_user_by('email', $username);
    if (!empty($user->user_login)) {
        $username = $user->user_login;
    }
    return wp_authenticate_username_password(null, $username, $password);
}
示例#2
0
function bcs_el_login_with_email($user, $username, $password)
{
    if (is_email($username)) {
        $user = get_user_by_email($username);
        if ($user) {
            $username = $user->user_login;
        }
    }
    return wp_authenticate_username_password(null, $username, $password);
}
示例#3
0
function bainternet_allow_email_login($user, $username, $password)
{
    if (is_email($username)) {
        $user = get_user_by('email', $username);
        if ($user) {
            $username = $user->user_login;
        }
    }
    return wp_authenticate_username_password(null, $username, $password);
}
 public static function authenticate($user, $username, $password)
 {
     if (is_email($username)) {
         $user = get_user_by('email', $username);
         if ($user) {
             $username = $user->user_login;
         }
     }
     return wp_authenticate_username_password(null, $username, $password);
 }
 /**
  * Enable login with e-mail address
  *
  * @param  obj    $user     WP User.
  * @param  string $username WP User username.
  * @param  string $password Passeword.
  * @return boolean True/false after authentification
  */
 function moove_email_login_filter($user, $username, $password)
 {
     if (is_email($username)) {
         $user = get_user_by('email', $username);
         if ($user) {
             $username = $user->user_login;
         }
     }
     return wp_authenticate_username_password(null, $username, $password);
 }
示例#6
0
/**
 * If an email address is entered in the username box, then look up the matching username and authenticate as per normal, using that.
 *
 * @param string $user
 * @param string $username
 * @param string $password
 * @return Results of autheticating via wp_authenticate_username_password(), using the username found when looking up via email.
 */
function dr_email_login_authenticate($user, $username, $password)
{
    if (is_a($user, 'WP_User')) {
        return $user;
    }
    if (!empty($username)) {
        $username = str_replace('&', '&', stripslashes($username));
        $user = get_user_by('email', $username);
        if (isset($user, $user->user_login, $user->user_status) && 0 == (int) $user->user_status) {
            $username = $user->user_login;
        }
    }
    return wp_authenticate_username_password(null, $username, $password);
}
function my_authenticate_username_password($user, $username, $password)
{
    // If an email address is entered in the username box,
    // then look up the matching username and authenticate as per normal, using that.
    if (!empty($username)) {
        //if the username is not email set username to blank string
        //causes authenticate to fail
        if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
            $username = time();
        }
        $user = get_user_by('email', $username);
    }
    if (isset($user->user_login, $user)) {
        $username = $user->user_login;
    }
    // using the username found when looking up via email
    return wp_authenticate_username_password(NULL, $username, $password);
}
 public function authenticate($user, $username, $password)
 {
     if (is_a($user, 'WP_User')) {
         return $user;
     }
     if (!empty($username) && is_email($username)) {
         $user = get_user_by('email', $username);
         if (isset($user, $user->user_login, $user->user_status)) {
             if (0 === intval($user->user_status)) {
                 $username = $user->user_login;
                 return wp_authenticate_username_password(null, $username, $password);
             }
         }
     }
     if (!empty($username) || !empty($password)) {
         return false;
     } else {
         return wp_authenticate_username_password(null, "", "");
     }
 }
示例#9
0
 function crowdx_fallBackLogin()
 {
     if ($this->options['all_users'] == 0) {
         //check metadata on this user
         $user = get_user_by('login', sanitize_user($_POST['log']));
         $crowd = get_user_meta($user->ID, 'crowdx', true);
         if ($crowd == false) {
             remove_action('authenticate', 'wp_authenticate_username_password', 20);
             return false;
         }
         //allow to login below
     }
     $rem = $_POST['rememberme'] == 'forever' ? true : false;
     $secure = $_SERVER["SERVER_PORT"] == "443" ? true : false;
     $userArray = array('user_login' => $_POST['log'], 'user_password' => $_POST['pwd'], 'remember' => $rem);
     $user = wp_authenticate_username_password('', $_POST['log'], $_POST['pwd']);
     if (is_wp_error($user)) {
         remove_action('authenticate', 'wp_authenticate_username_password', 20);
         return false;
     }
     return true;
 }
示例#10
0
function tfaVerifyCodeAndUser($user, $username, $password)
{
    $installed_version = get_option('tfa_version');
    if ($installed_version < 4) {
        return $user;
    }
    $tfa = getTFAClass();
    if (is_wp_error($user)) {
        return $user;
    }
    $params = $_POST;
    $params['log'] = $username;
    $params['caller'] = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['REQUEST_URI'];
    $code_ok = $tfa->authUserFromLogin($params);
    if (!$code_ok) {
        return new WP_Error('authentication_failed', __('<strong>ERROR</strong>: The Two Factor Code you entered was incorrect.', TFA_TEXT_DOMAIN));
    }
    if ($user) {
        return $user;
    }
    return wp_authenticate_username_password(null, $username, $password);
}
示例#11
0
function rublon2factor_authenticate($user, $username, $password)
{
    $user = wp_authenticate_username_password($user, $username, $password);
    if (is_wp_error($user)) {
        return $user;
    } else {
        do_action('rublon_pre_authenticate', $user);
        $user_id = RublonHelper::getUserId($user);
        if (is_user_member_of_blog($user_id) && RublonHelper::isSiteRegistered()) {
            wp_logout();
            $remember = !empty($_POST['rememberme']);
            $authURL = RublonHelper::authenticateWithRublon($user, $remember);
            if (empty($authURL)) {
                if (RublonHelper::canShowBusinessEditionUpgradeBoxAfterLogin($user)) {
                    RublonHelper::setMessage('BUSINESS_EDITION_UPGRADE_BOX', 'updated', 'RC');
                }
                $levels = RublonRolesProtection::getProtectionTypesLevels();
                if ($levels[RublonHelper::getUserProtectionType()] >= $levels[RublonHelper::PROTECTION_TYPE_MOBILE]) {
                    $user_email = RublonHelper::getUserEmail($user);
                    $obfuscated_email = RublonHelper::obfuscateEmail($user_email);
                    RublonHelper::setMessage('ROLE_BLOCKED|' . base64_encode($obfuscated_email), 'error', 'LM');
                    $return_page = RublonHelper::getReturnPage();
                    wp_safe_redirect(wp_login_url($return_page));
                    exit;
                } else {
                    RublonHelper::setMobileUserStatus($user, RublonHelper::NO);
                    return $user;
                }
            } else {
                RublonHelper::setLoginToken($user);
                wp_redirect($authURL);
                exit;
            }
        } else {
            return $user;
        }
    }
}
示例#12
0
function um_wp_form_errors_hook_logincheck($user, $username, $password)
{
    remove_filter('authenticate', 'wp_authenticate_username_password', 20, 3);
    if (isset($user->ID)) {
        um_fetch_user($user->ID);
        $status = um_user('account_status');
        switch ($status) {
            case 'inactive':
                return new WP_Error($status, __('Your account has been disabled.', 'ultimatemember'));
                break;
            case 'awaiting_admin_review':
                return new WP_Error($status, __('Your account has not been approved yet.', 'ultimatemember'));
                break;
            case 'awaiting_email_confirmation':
                return new WP_Error($status, __('Your account is awaiting e-mail verification.', 'ultimatemember'));
                break;
            case 'rejected':
                return new WP_Error($status, __('Your membership request has been rejected.', 'ultimatemember'));
                break;
        }
    }
    return wp_authenticate_username_password($user, $username, $password);
}
示例#13
0
function um_wp_form_errors_hook_logincheck($user, $username, $password)
{
    remove_filter('authenticate', 'wp_authenticate_username_password', 20, 3);
    if (isset($user->ID)) {
        um_fetch_user($user->ID);
        $status = um_user('account_status');
        switch ($status) {
            case 'inactive':
                return new WP_Error($status, __('Ваш аккаунт был отключен.', 'ultimatemember'));
                break;
            case 'awaiting_admin_review':
                return new WP_Error($status, __('Ваш аккаунт не был одобрен еще.', 'ultimatemember'));
                break;
            case 'awaiting_email_confirmation':
                return new WP_Error($status, __('Ваша учетная запись ожидает проверки электронной почты.', 'ultimatemember'));
                break;
            case 'rejected':
                return new WP_Error($status, __('Ваш запрос на вступление была отклонена.', 'ultimatemember'));
                break;
        }
    }
    return wp_authenticate_username_password(null, $username, $password);
}
示例#14
0
 function check_custom_authentication($user, $username, $password)
 {
     global $wpdb;
     $error = new WP_Error();
     if (is_a($user, 'WP_User')) {
         return $user;
     }
     // 		$rolename ='subscriber';
     // 		var_dump($rolename);
     // 		$role = get_role($rolename);
     // 		var_dump($role);exit();
     if (empty($username) || empty($password)) {
         //create new error object and add errors to it.
         if (empty($username)) {
             //No email
             $error->add('empty_username', __('<strong>ERROR</strong>: Email field is empty.'));
         }
         if (empty($password)) {
             //No password
             $error->add('empty_password', __('<strong>ERROR</strong>: Password field is empty.'));
         }
         return $error;
     }
     $role_allow = false;
     $user_obj = get_user_by('login', $username);
     if (is_object($user_obj)) {
         //$error->add('empty_username', __("<strong>ERROR</strong>: The user doesn't exist."));
         //return $error;
         $role = implode(', ', $user_obj->roles);
         if ($role != self::DOLIBARR_ROLE) {
             $role_allow = true;
         }
     }
     //var_dump($user_obj->ID);exit;
     //$resp = $this->createTransaction($user_obj->ID, 8);
     //var_dump($resp,'response');exit;
     // Si c'est pas le profile de lecteur de dolibarr
     // authentication normale de wp
     if ($role_allow) {
         return wp_authenticate_username_password($user, $username, $password);
     } else {
         // verifier dans dolibarr
         $rep = $this->dolibarr->dolibarr_check_authentication($username, $password);
         if (isset($rep["result"]["result_code"]) && $rep["result"]["result_code"] == 'OK') {
             if (username_exists($username)) {
                 $user = get_userdatabylogin($username);
                 return $user;
             } else {
                 $userdata = array('user_login' => $username, 'user_pass' => $password, 'user_email' => is_email($username) ? $username : null, 'role' => self::DOLIBARR_ROLE);
                 $user_id = wp_insert_user($userdata);
                 //On success
                 if (!is_wp_error($user_id)) {
                     #var_dump(is_plugin_active('memberpress/memberpress.php'));
                     if (is_plugin_active('memberpress/memberpress.php')) {
                         $resp = $this->createTransaction($user_id, 3048);
                         #var_dump($user_id, $resp);
                     }
                     //var_dump($resp,'response');exit;
                     $user = get_userdatabylogin($username);
                     #var_dump($user);
                     return $user;
                 } else {
                     $error = new WP_Error();
                     $error->add('registration_error', __('<strong>ERROR</strong>: There was an error registering your account. Please try again.'));
                     return $error;
                 }
             }
         } else {
             $error = new WP_Error();
             $error->add('incorrect_credentials', __('<strong>ERROR</strong>:' . $rep["result"]["result_label"]));
             return $error;
         }
     }
 }
 function override_authentication($user, $username, $password)
 {
     // Mirror standard WP authentication
     if (is_a($user, 'WP_User')) {
         return $user;
     }
     if (!empty($username)) {
         // We have a login attempt so we are going to take over the authentication here
         // 1. Check the user exists
         if ($user = get_user_by('login', $username)) {
             // 2. We have a user so check if they have an expired password.
             if (!shrkey_has_usermeta_oncer($user->ID, '_shrkey_password_expired')) {
                 // No expired password setting for this user so fall through to original authentication
                 return;
             }
             // 3. We now need to authentication this user ourselves before we can continue
             $authenticated = wp_authenticate_username_password('', $username, $password);
             if (is_wp_error($authenticated)) {
                 // The credentials are not valid, so we'll return and fall through to the original function
                 return;
             }
             // We are still here so remove the original authentication method as we no longer need it
             remove_action('authenticate', 'wp_authenticate_username_password', 20, 3);
             // 4. Show the change password form as we want to force a password change at this point
             $this->show_reset_password_form($authenticated, wp_generate_password(35, false), isset($_POST['redirect_to']) ? $_POST['redirect_to'] : false);
             // Exit because we don't want to continue processing or pass anything along the chain at this point
             exit;
         } else {
             // Invalid username - return and fall through to the original authentication function handle it
             return;
         }
     }
     return;
 }
示例#16
0
 /**
  * Validate a user's credentials.
  *
  * @param  array $credentials
  * @return bool
  */
 public function validate(array $credentials = array())
 {
     $username = $this->getLoginCredential($credentials);
     $password = $this->getPasswordCredential($credentials);
     $user = wp_authenticate_username_password(null, $username, $password);
     if (is_wp_error($user)) {
         return false;
     }
     return true;
 }
示例#17
0
function duo_authenticate_user($user = "", $username = "", $password = "")
{
    // play nicely with other plugins if they have higher priority than us
    if (is_a($user, 'WP_User')) {
        return $user;
    }
    if (!duo_auth_enabled()) {
        duo_debug_log('Duo not enabled, skipping 2FA.');
        return;
    }
    if (isset($_POST['sig_response'])) {
        // secondary auth
        remove_action('authenticate', 'wp_authenticate_username_password', 20);
        $akey = duo_get_akey();
        $duo_time = duo_get_time();
        $username = Duo::verifyResponse(duo_get_option('duo_ikey'), duo_get_option('duo_skey'), $akey, $_POST['sig_response'], $duo_time);
        if ($username) {
            // Don't use get_user_by(). It doesn't return a WP_User object if wordpress version < 3.3
            $user = new WP_User(0, $username);
            duo_set_cookie($user);
            duo_debug_log("Second factor successful for user: {$username}");
            return $user;
        } else {
            $user = new WP_Error('Duo authentication_failed', __('<strong>ERROR</strong>: Failed or expired two factor authentication'));
            return $user;
        }
    }
    if (strlen($username) > 0) {
        // primary auth
        // Don't use get_user_by(). It doesn't return a WP_User object if wordpress version < 3.3
        $user = new WP_User(0, $username);
        if (!$user) {
            error_log("Failed to retrieve WP user {$username}");
            return;
        }
        if (!duo_role_require_mfa($user)) {
            duo_debug_log("Skipping 2FA for user: {$username} with roles: " . print_r($user->roles, true));
            return;
        }
        remove_action('authenticate', 'wp_authenticate_username_password', 20);
        $user = wp_authenticate_username_password(NULL, $username, $password);
        if (!is_a($user, 'WP_User')) {
            // on error, return said error (and skip the remaining plugin chain)
            return $user;
        } else {
            duo_debug_log("Primary auth succeeded, starting second factor for {$username}");
            duo_start_second_factor($user);
        }
    }
    duo_debug_log('Starting primary authentication');
}
示例#18
0
文件: actions.php 项目: devd123/wpaam
/**
 * Authenticate the user and decide which login method to use.
 *
 * @since 1.0.3
 * @param  string $user     user object
 * @param  string $username typed username
 * @param  string $password typed password
 * @return void Results of autheticating via wp_authenticate_username_password(), using the username found when looking up via email.
 */
function wpaam_authenticate_login_method($user, $username, $password)
{
    // Get default login method
    $login_method = wpaam_get_option('login_method', 'username');
    // Authenticate via email only
    if ($login_method == 'email') {
        if (is_a($user, 'WP_User')) {
            return $user;
        }
        if (!empty($username) && is_email($username)) {
            $user = get_user_by('email', $username);
            if (isset($user, $user->user_login, $user->user_status) && 0 == (int) $user->user_status) {
                $username = $user->user_login;
            }
            return wp_authenticate_username_password(null, $username, $password);
        }
    } else {
        if ($login_method == 'username_email') {
            if (is_a($user, 'WP_User')) {
                return $user;
            }
            $username = sanitize_user($username);
            if (!empty($username) && is_email($username)) {
                $user = get_user_by('email', $username);
                if (isset($user, $user->user_login, $user->user_status) && 0 == (int) $user->user_status) {
                    $username = $user->user_login;
                }
                return wp_authenticate_username_password(null, $username, $password);
            } else {
                return wp_authenticate_username_password(null, $username, $password);
            }
        }
    }
}
示例#19
0
        if ($app->request->isGet()) {
            $data['school'] = $school->toArray();
        } else {
            if ($app->request->isPost()) {
                $school->name = $app->request->post('name');
                $school->save();
                $data['new_school'] = $school->toArray();
            }
        }
        $app->render('schools/edit.html', $data);
    })->via('GET', 'POST')->name('schools_edit');
});
$app->map('/login', function () use($app) {
    $data = array();
    if ($app->request->isPost()) {
        $auth = wp_authenticate_username_password(NULL, $app->request->post('username'), $app->request->post('password'));
        if (is_wp_error($auth)) {
            $data['error'] = 'Gebruikersnaam of wachtwoord is fout';
        } else {
            $_SESSION['loggedin'] = true;
            $app->redirect($app->urlFor('dashboard'));
        }
    }
    $app->render('login.html', $data);
})->via('GET', 'POST')->name('login');
$app->get('/logout', function () use($app) {
    session_destroy();
    $app->redirect($app->urlFor('login'));
})->name('logout');
if (!isset($_SESSION['loggedin']) || $_SESSION['loggedin'] == false) {
    if ($app->request->getResourceUri() != '/login') {
示例#20
0
function bbconnect_email_authenticate($user, $username, $password)
{
    $user = get_user_by('email', $username);
    if ($user) {
        $username = $user->user_login;
    }
    return wp_authenticate_username_password(null, $username, $password);
}
        function course_signup($atts)
        {
            ob_start();
            $allowed = array('signup', 'login');
            extract(shortcode_atts(array('page' => isset($_REQUEST['page']) ? $_REQUEST['page'] : '', 'failed_login_text' => __('Invalid login.', 'cp'), 'failed_login_class' => 'red', 'logout_url' => '', 'signup_tag' => 'h3', 'signup_title' => __('Signup', 'cp'), 'login_tag' => 'h3', 'login_title' => __('Login', 'cp'), 'signup_url' => '', 'login_url' => '', 'redirect_url' => ''), $atts, 'course_signup'));
            $failed_login_text = sanitize_text_field($failed_login_text);
            $failed_login_class = sanitize_html_class($failed_login_class);
            $logout_url = esc_url_raw($logout_url);
            $signup_tag = sanitize_html_class($signup_tag);
            $signup_title = sanitize_text_field($signup_title);
            $login_tag = sanitize_html_class($login_tag);
            $login_title = sanitize_text_field($login_title);
            $signup_url = esc_url_raw($signup_url);
            $redirect_url = esc_url_raw($redirect_url);
            $page = in_array($page, $allowed) ? $page : 'signup';
            $signup_prefix = empty($signup_url) ? '&' : '?';
            $login_prefix = empty($login_url) ? '&' : '?';
            $signup_url = empty($signup_url) ? CoursePress::instance()->get_signup_slug(true) : $signup_url;
            $login_url = empty($login_url) ? CoursePress::instance()->get_login_slug(true) : $login_url;
            if (!empty($redirect_url)) {
                $signup_url = $signup_url . $signup_prefix . 'redirect_url=' . urlencode($redirect_url);
                $login_url = $login_url . $login_prefix . 'redirect_url=' . urlencode($redirect_url);
            }
            if (!empty($_POST['redirect_url'])) {
                $signup_url = CoursePress::instance()->get_signup_slug(true) . '?redirect_url=' . $_POST['redirect_url'];
                $login_url = CoursePress::instance()->get_login_slug(true) . '?redirect_url=' . $_POST['redirect_url'];
            }
            //Set a cookie now to see if they are supported by the browser.
            setcookie(TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN);
            if (SITECOOKIEPATH != COOKIEPATH) {
                setcookie(TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN);
            }
            //Set a redirect for the logout form
            if (!empty($logout_url)) {
                update_option('cp_custom_login_url', $logout_url);
            }
            $form_message = '';
            $form_message_class = '';
            // Attempt a login if submitted
            if (isset($_POST['log']) && isset($_POST['pwd'])) {
                $auth = wp_authenticate_username_password(null, $_POST['log'], $_POST['pwd']);
                if (!is_wp_error($auth)) {
                    // if( defined('DOING_AJAX') && DOING_AJAX ) { cp_write_log('doing ajax'); }
                    $user = get_user_by('login', $_POST['log']);
                    $user_id = $user->ID;
                    wp_set_current_user($user_id);
                    wp_set_auth_cookie($user_id);
                    if (!empty($redirect_url)) {
                        wp_redirect(urldecode($redirect_url));
                    } else {
                        wp_redirect(CoursePress::instance()->get_student_dashboard_slug(true));
                    }
                    exit;
                } else {
                    $form_message = $failed_login_text;
                    $form_message_class = $failed_login_class;
                }
            }
            switch ($page) {
                case 'signup':
                    if (!is_user_logged_in()) {
                        if (cp_user_can_register()) {
                            ?>

							<?php 
                            $form_message_class = '';
                            $form_message = '';
                            $student = new Student(0);
                            if (isset($_POST['student-settings-submit'])) {
                                check_admin_referer('student_signup');
                                $min_password_length = apply_filters('coursepress_min_password_length', 6);
                                $student_data = array();
                                $form_errors = 0;
                                do_action('coursepress_before_signup_validation');
                                if ($_POST['username'] != '' && $_POST['first_name'] != '' && $_POST['last_name'] != '' && $_POST['email'] != '' && $_POST['password'] != '' && $_POST['password_confirmation'] != '') {
                                    if (!username_exists($_POST['username'])) {
                                        if (!email_exists($_POST['email'])) {
                                            if ($_POST['password'] == $_POST['password_confirmation']) {
                                                if (!preg_match("#[0-9]+#", $_POST['password']) || !preg_match("#[a-zA-Z]+#", $_POST['password']) || strlen($_POST['password']) < $min_password_length) {
                                                    $form_message = sprintf(__('Your password must be at least %d characters long and have at least one letter and one number in it.', 'cp'), $min_password_length);
                                                    $form_message_class = 'red';
                                                    $form_errors++;
                                                } else {
                                                    if ($_POST['password_confirmation']) {
                                                        $student_data['user_pass'] = $_POST['password'];
                                                    } else {
                                                        $form_message = __("Passwords don't match", 'cp');
                                                        $form_message_class = 'red';
                                                        $form_errors++;
                                                    }
                                                }
                                            } else {
                                                $form_message = __('Passwords don\'t match', 'cp');
                                                $form_message_class = 'red';
                                                $form_errors++;
                                            }
                                            $student_data['role'] = 'student';
                                            $student_data['user_login'] = $_POST['username'];
                                            $student_data['user_email'] = $_POST['email'];
                                            $student_data['first_name'] = $_POST['first_name'];
                                            $student_data['last_name'] = $_POST['last_name'];
                                            if (!is_email($_POST['email'])) {
                                                $form_message = __('E-mail address is not valid.', 'cp');
                                                $form_message_class = 'red';
                                                $form_errors++;
                                            }
                                            if (isset($_POST['tos_agree'])) {
                                                if ($_POST['tos_agree'] == '0') {
                                                    $form_message = __('You must agree to the Terms of Service in order to signup.', 'cp');
                                                    $form_message_class = 'red';
                                                    $form_errors++;
                                                }
                                            }
                                            if ($form_errors == 0) {
                                                if ($student_id = $student->add_student($student_data) !== 0) {
                                                    //$form_message = __( 'Account created successfully! You may now <a href="' . ( get_option( 'use_custom_login_form', 1 ) ? trailingslashit( site_url() . '/' . $this->get_login_slug() ) : wp_login_url() ) . '">log into your account</a>.', 'cp' );
                                                    //$form_message_class = 'regular';
                                                    $email_args['email_type'] = 'student_registration';
                                                    $email_args['student_id'] = $student_id;
                                                    $email_args['student_email'] = $student_data['user_email'];
                                                    $email_args['student_first_name'] = $student_data['first_name'];
                                                    $email_args['student_last_name'] = $student_data['last_name'];
                                                    $email_args['student_username'] = $student_data['user_login'];
                                                    $email_args['student_password'] = $student_data['user_pass'];
                                                    coursepress_send_email($email_args);
                                                    $creds = array();
                                                    $creds['user_login'] = $student_data['user_login'];
                                                    $creds['user_password'] = $student_data['user_pass'];
                                                    $creds['remember'] = true;
                                                    $user = wp_signon($creds, false);
                                                    if (is_wp_error($user)) {
                                                        $form_message = $user->get_error_message();
                                                        $form_message_class = 'red';
                                                    }
                                                    // if( defined('DOING_AJAX') && DOING_AJAX ) { cp_write_log('doing ajax'); }
                                                    if (isset($_POST['course_id']) && is_numeric($_POST['course_id'])) {
                                                        $course = new Course($_POST['course_id']);
                                                        wp_redirect($course->get_permalink());
                                                    } else {
                                                        if (!empty($redirect_url)) {
                                                            wp_redirect(apply_filters('coursepress_redirect_after_signup_redirect_url', $redirect_url));
                                                        } else {
                                                            wp_redirect(apply_filters('coursepress_redirect_after_signup_url', CoursePress::instance()->get_student_dashboard_slug(true)));
                                                        }
                                                    }
                                                    exit;
                                                } else {
                                                    $form_message = __('An error occurred while creating the account. Please check the form and try again.', 'cp');
                                                    $form_message_class = 'red';
                                                }
                                            }
                                        } else {
                                            $form_message = __('Sorry, that email address is already used!', 'cp');
                                            $form_message_class = 'error';
                                        }
                                    } else {
                                        $form_message = __('Username already exists. Please choose another one.', 'cp');
                                        $form_message_class = 'red';
                                    }
                                } else {
                                    $form_message = __('All fields are required.', 'cp');
                                    $form_message_class = 'red';
                                }
                            } else {
                                $form_message = __('All fields are required.', 'cp');
                            }
                            ?>
							<?php 
                            //ob_start();
                            if (!empty($signup_title)) {
                                echo '<' . $signup_tag . '>' . $signup_title . '</' . $signup_tag . '>';
                            }
                            ?>

							<p class="form-info-<?php 
                            echo apply_filters('signup_form_message_class', sanitize_text_field($form_message_class));
                            ?>
"><?php 
                            echo apply_filters('signup_form_message', sanitize_text_field($form_message));
                            ?>
</p>

							<?php 
                            do_action('coursepress_before_signup_form');
                            ?>

							<form id="student-settings" name="student-settings" method="post" class="student-settings">

								<?php 
                            do_action('coursepress_before_all_signup_fields');
                            ?>

								<input type="hidden" name="course_id" value="<?php 
                            esc_attr_e(isset($_GET['course_id']) ? $_GET['course_id'] : ' ');
                            ?>
"/>
								<input type="hidden" name="redirect_url" value="<?php 
                            echo $redirect_url;
                            ?>
"/>

								<label>
									<?php 
                            _e('First Name', 'cp');
                            ?>
:
									<input type="text" name="first_name" value="<?php 
                            echo isset($_POST['first_name']) ? $_POST['first_name'] : '';
                            ?>
"/>
								</label>

								<?php 
                            do_action('coursepress_after_signup_first_name');
                            ?>

								<label>
									<?php 
                            _e('Last Name', 'cp');
                            ?>
:
									<input type="text" name="last_name" value="<?php 
                            echo isset($_POST['last_name']) ? $_POST['last_name'] : '';
                            ?>
"/>
								</label>

								<?php 
                            do_action('coursepress_after_signup_last_name');
                            ?>

								<label>
									<?php 
                            _e('Username', 'cp');
                            ?>
:
									<input type="text" name="username" value="<?php 
                            echo isset($_POST['username']) ? $_POST['username'] : '';
                            ?>
"/>
								</label>

								<?php 
                            do_action('coursepress_after_signup_username');
                            ?>

								<label>
									<?php 
                            _e('E-mail', 'cp');
                            ?>
:
									<input type="text" name="email" value="<?php 
                            echo isset($_POST['email']) ? $_POST['email'] : '';
                            ?>
"/>
								</label>

								<?php 
                            do_action('coursepress_after_signup_email');
                            ?>

								<label>
									<?php 
                            _e('Password', 'cp');
                            ?>
:
									<input type="password" name="password" value=""/>
								</label>

								<?php 
                            do_action('coursepress_after_signup_password');
                            ?>

								<label class="right">
									<?php 
                            _e('Confirm Password', 'cp');
                            ?>
:
									<input type="password" name="password_confirmation" value=""/>
								</label>
								<br clear="both"/><br/>

								<?php 
                            if (shortcode_exists('signup-tos')) {
                                if (get_option('show_tos', 0) == '1') {
                                    ?>
										<label class="full"><?php 
                                    echo do_shortcode('[signup-tos]');
                                    ?>
</label>
									<?php 
                                }
                            }
                            ?>

								<?php 
                            do_action('coursepress_after_all_signup_fields');
                            ?>

								<label class="full">
									<?php 
                            printf(__('Already have an account? %s%s%s!', 'cp'), '<a href="' . $login_url . '">', __('Login to your account', 'cp'), '</a>');
                            ?>
								</label>

								<label class="full-right">
									<input type="submit" name="student-settings-submit" class="apply-button-enrolled" value="<?php 
                            _e('Create an Account', 'cp');
                            ?>
"/>
								</label>

								<?php 
                            do_action('coursepress_after_submit');
                            ?>

								<?php 
                            wp_nonce_field('student_signup');
                            ?>
							</form>
							<div class="clearfix" style="clear: both;"></div>

							<?php 
                            do_action('coursepress_after_signup_form');
                            ?>
							<?php 
                            //$content = ob_get_clean();
                            // Return the html in the buffer.
                            //return $content;
                        } else {
                            _e('Registrations are not allowed.', 'cp');
                        }
                    } else {
                        if (!empty($redirect_url)) {
                            wp_redirect(urldecode($redirect_url));
                        } else {
                            wp_redirect(CoursePress::instance()->get_student_dashboard_slug(true));
                        }
                        exit;
                    }
                    break;
                case 'login':
                    ?>
					<?php 
                    if (!empty($login_title)) {
                        echo '<' . $login_tag . '>' . $login_title . '</' . $login_tag . '>';
                    }
                    ?>
					<p class="form-info-<?php 
                    echo apply_filters('signup_form_message_class', sanitize_text_field($form_message_class));
                    ?>
"><?php 
                    echo apply_filters('signup_form_message', sanitize_text_field($form_message));
                    ?>
</p>
					<?php 
                    do_action('coursepress_before_login_form');
                    ?>
					<form name="loginform" id="student-settings" class="student-settings" method="post">
						<?php 
                    do_action('coursepress_after_start_form_fields');
                    ?>

						<label>
							<?php 
                    _e('Username', 'cp');
                    ?>
:
							<input type="text" name="log" value="<?php 
                    echo isset($_POST['log']) ? $_POST['log'] : '';
                    ?>
"/>
						</label>

						<label>
							<?php 
                    _e('Password', 'cp');
                    ?>
:
							<input type="password" name="pwd" value="<?php 
                    echo isset($_POST['pwd']) ? $_POST['pwd'] : '';
                    ?>
"/>
						</label>

						<?php 
                    do_action('coursepress_form_fields');
                    ?>

						<label class="full">
							<?php 
                    if (cp_user_can_register()) {
                        printf(__('Don\'t have an account? %s%s%s now!', 'cp'), '<a href="' . $signup_url . '">', __('Create an Account', 'cp'), '</a>');
                    }
                    ?>
						</label>

						<label class="half-left">
							<a href="<?php 
                    echo wp_lostpassword_url();
                    ?>
"><?php 
                    _e('Forgot Password?', 'cp');
                    ?>
</a>
						</label>
						<label class="half-right">
							<input type="submit" name="wp-submit" id="wp-submit" class="apply-button-enrolled" value="<?php 
                    _e('Log In', 'cp');
                    ?>
"><br>
						</label>
						<br clear="all"/>

						<input name="redirect_to" value="<?php 
                    echo CoursePress::instance()->get_student_dashboard_slug(true);
                    ?>
" type="hidden">
						<input name="testcookie" value="1" type="hidden">
						<input name="course_signup_login" value="1" type="hidden">
						<?php 
                    do_action('coursepress_before_end_form_fields');
                    ?>
					</form>

					<?php 
                    do_action('coursepress_after_login_form');
                    ?>
					<?php 
                    break;
            }
            $content = ob_get_clean();
            // Return the html in the buffer.
            return $content;
        }
 public function isValidAPIUser($params)
 {
     if ($this->the_user) {
         return true;
     }
     if (!isset($params['arguments'])) {
         $this->result->addError(__('Missing `arguments` key', 'woocommerce_json_api'), JSONAPI_EXPECTED_ARGUMENT);
         return false;
     }
     $by_token = true;
     if (!isset($params['arguments']['token'])) {
         if (isset($params['arguments']['username']) && isset($params['arguments']['password'])) {
             $by_token = false;
         } else {
             $this->result->addError(__('Missing `token` in `arguments`', 'woocommerce_json_api'), JSONAPI_EXPECTED_ARGUMENT);
             return false;
         }
     }
     API\Base::setBlogId($GLOBALS['blog_id']);
     $key = $this->getPluginPrefix() . '_settings';
     if (!$by_token) {
         JSONAPIHelpers::debug("Authentication by username {$params['arguments']['username']}");
         $user = wp_authenticate_username_password(null, $params['arguments']['username'], $params['arguments']['password']);
         if (is_a($user, 'WP_Error')) {
             foreach ($user->get_error_messages() as $msg) {
                 $this->result->addError($msg, JSONAPI_INTERNAL_ERROR);
             }
             return false;
         }
         $meta = maybe_unserialize(get_user_meta($user->ID, $key, true));
         $this->result->setToken($meta['token']);
         $this->logUserIn($user);
         return true;
     }
     JSONAPIHelpers::debug("Authentication by Token");
     $args = array('blog_id' => $GLOBALS['blog_id'], 'meta_key' => $key);
     $users = get_users($args);
     foreach ($users as $user) {
         $meta = maybe_unserialize(get_user_meta($user->ID, $key, true));
         if (isset($meta['token']) && $params['arguments']['token'] == $meta['token']) {
             if (!isset($meta['can_' . $params['proc']]) || !isset($meta['can_access_the_api'])) {
                 $this->result->addError(__('Permissions for this user have not been set', 'woocommerce_json_api'), JSONAPI_PERMSNOTSET);
                 return false;
             }
             if ($meta['can_access_the_api'] == 'no') {
                 $this->result->addError(__('You have been banned.', 'woocommerce_json_api'), JSONAPI_PERMSINSUFF);
                 return false;
             }
             if ($meta['can_' . $params['proc']] == 'no') {
                 $this->result->addError(__('You do not have sufficient permissions.', 'woocommerce_json_api'), JSONAPI_PERMSINSUFF);
                 return false;
             }
             $this->logUserIn($user);
             $this->result->setToken($meta['token']);
             return true;
         }
     }
     return false;
 }
/**
 * Insert or update a crossword.
 *
 * Hooked to wp_ajax_save_crossword and wp_ajax_nopriv_save_crossword.
 * Sends JSON data:
 *
 *     object {
 *         array namesList [
 *             string Crossword name.
 *         ]
 *         string _crwnonce
 *     }
 *
 * @global wpdb $wpdb
 * @global string $project_table_name
 * @global string $data_table_name
 *
 * @return void
 */
function crw_save_crossword()
{
    global $wpdb, $project_table_name, $data_table_name;
    $error = __('You are not allowed to save the crossword.', 'crw-text');
    $debug = NULL;
    // sanitize fields
    $project = sanitize_text_field(wp_unslash($_POST['project']));
    $unsafe_name = wp_unslash($_POST['name']);
    $name = sanitize_text_field($unsafe_name);
    $restricted_page = (bool) wp_unslash($_POST['restricted']);
    $method = sanitize_text_field(wp_unslash($_POST['method']));
    if ('update' == $method) {
        $unsafe_old_name = wp_unslash($_POST['old_name']);
        $old_name = sanitize_text_field($unsafe_old_name);
    }
    // if a username is sent, use it for authentication
    if ($_POST['username']) {
        $user = wp_authenticate_username_password(NULL, $_POST['username'], $_POST['password']);
    } else {
        $user = wp_get_current_user();
    }
    $for = $restricted_page ? 'push' : 'edit';
    $restricted_permission = crw_test_permission($for, $user, $project);
    // verify crossword data
    $crossword = wp_unslash($_POST['crossword']);
    $verification = crw_verify_json($crossword, $debug);
    // as a drive-by, finds if a project exists
    $maximum_level = $wpdb->get_var($wpdb->prepare("\n        SELECT maximum_level\n        FROM {$project_table_name}\n        WHERE project = %s\n    ", $project));
    $crossword_found = $wpdb->get_var($wpdb->prepare("\n        SELECT count(*)\n        FROM {$data_table_name}\n        WHERE project = %s AND name = %s\n    ", $project, 'update' == $method ? $old_name : $name));
    // set errors on inconsistencies
    if (!in_array($method, array('insert', 'update'))) {
        $debug = 'No valid method: ' . $method;
    } elseif (!$verification) {
        array_unshift($debug, 'The crossword data sent are invalid.');
    } elseif (is_null($maximum_level)) {
        $debug = 'The project does not exist: ' . $project;
    } else {
        if ($name !== $unsafe_name) {
            $debug = 'The name has forbidden content: ' . $name;
        } else {
            if ('update' == $method && $old_name !== $unsafe_old_name) {
                $debug = 'The old name has forbidden content: ' . $old_name;
            } else {
                if ($name !== $verification['name']) {
                    $debug = array('The name sent is inconsistent with crossword data.', $name . ' / data: ' . $verification['name']);
                } else {
                    if ($verification['level'] > $maximum_level) {
                        $debug = array('The difficulty level surpasses the maximum.', $verification['level'] . ' / maximum: ' . $maximum_level);
                        // errors on asynchronous effects or "blind" writing from restricted page
                    } elseif ('insert' == $method && $crossword_found) {
                        $error = __('There is already another riddle with that name!', 'crw-text');
                        $debug = $name;
                    } elseif ('update' == $method && !$crossword_found) {
                        $error = __('The riddle you tried to update can not be found!', 'crw-text');
                        if ($restricted_page) {
                            $error .= ' ' . __('A moderator might have deleted it already. You must start a new one.', 'crw-text');
                        } else {
                            $error .= ' ' . __('Someone else might have renamed or deleted it in the meantime. Look into the list of existing riddles.', 'crw-text');
                        }
                        $debug = $old_name;
                    } else {
                        // if all data are ok, call database depending on method
                        if ('update' == $method) {
                            $success = $wpdb->update($data_table_name, array('name' => $name, 'crossword' => $crossword, 'last_user' => $user->ID, 'pending' => $restricted_permission), array('name' => $old_name, 'project' => $project));
                        } else {
                            if ('insert' == $method) {
                                $success = $wpdb->insert($data_table_name, array('name' => $name, 'project' => $project, 'crossword' => $crossword, 'first_user' => $user->ID, 'last_user' => $user->ID, 'pending' => $restricted_permission));
                            }
                        }
                        // check for database errors
                        if ($success !== false) {
                            $wpdb->query($wpdb->prepare("\n                UPDATE {$project_table_name}\n                SET used_level = %d\n                WHERE project = %s\n                AND used_level < %d\n            ", $verification['level'], $project, $verification['level']));
                            if ($restricted_page) {
                                wp_send_json(array(CRW_NONCE_NAME => wp_create_nonce(NONCE_PUSH . $project)));
                            } else {
                                // send updated list of (non-pending) names in project
                                $names_list = crw_get_names_list($project);
                                wp_send_json(array('namesList' => $names_list, CRW_NONCE_NAME => wp_create_nonce(NONCE_EDIT . $project)));
                            }
                        } else {
                            $error = __('The crossword could not be saved to the database.', 'crw-text');
                            $debug = array($wpdb->last_error, $wpdb->last_query);
                        }
                    }
                }
            }
        }
    }
    //send error message
    crw_send_error($error, $debug);
}
function um_submit_form_errors_hook_login($args)
{
    global $ultimatemember;
    $is_email = false;
    $form_id = $args['form_id'];
    $mode = $args['mode'];
    if (isset($args['username']) && $args['username'] == '') {
        $ultimatemember->form->add_error('username', __('Please enter your username or email', 'ultimatemember'));
    }
    if (isset($args['user_login']) && $args['user_login'] == '') {
        $ultimatemember->form->add_error('user_login', __('Please enter your username', 'ultimatemember'));
    }
    if (isset($args['user_email']) && $args['user_email'] == '') {
        $ultimatemember->form->add_error('user_email', __('Please enter your email', 'ultimatemember'));
    }
    if (isset($args['username'])) {
        $field = 'username';
        if (is_email($args['username'])) {
            $is_email = true;
            $data = get_user_by('email', $args['username']);
            $user_name = isset($data->user_login) ? $data->user_login : null;
        } else {
            $user_name = $args['username'];
        }
    } else {
        if (isset($args['user_email'])) {
            $field = 'user_email';
            $is_email = true;
            $data = get_user_by('email', $args['user_email']);
            $user_name = isset($data->user_login) ? $data->user_login : null;
        } else {
            $field = 'user_login';
            $user_name = $args['user_login'];
        }
    }
    if (!username_exists($user_name)) {
        if ($is_email) {
            $ultimatemember->form->add_error($field, __(' Sorry, we can\'t find an account with that email address', 'ultimatemember'));
        } else {
            $ultimatemember->form->add_error($field, __(' Sorry, we can\'t find an account with that username', 'ultimatemember'));
        }
    } else {
        if ($args['user_password'] == '') {
            $ultimatemember->form->add_error('user_password', __('Please enter your password', 'ultimatemember'));
        }
    }
    $check = wp_authenticate_username_password(null, $user_name, $args['user_password']);
    if (is_wp_error($check)) {
        $err = $check->get_error_code();
        switch ($err) {
            default:
                break;
            case 'incorrect_password':
                if (username_exists($user_name)) {
                    $ultimatemember->form->add_error('user_password', __('Password is incorrect. Please try again.', 'ultimatemember'));
                }
                break;
        }
    } else {
        $ultimatemember->login->auth_id = username_exists($user_name);
    }
}
示例#25
0
 function check_avai_role_area($user, $username, $password)
 {
     if (is_null($user) || is_wp_error($user)) {
         return wp_authenticate_username_password($user, $username, $password);
     }
     if (false === strpos($_SERVER['REQUEST_URI'], 'wp-admin') && !(in_array('administrator', $user->roles) || in_array('site_admin', $user->roles))) {
         global $wp, $_js_helper;
         $role = $wp->query_vars['snap_option'];
         if (!in_array($role, $user->roles)) {
             do_action('wp_login_failed', $username);
         }
     }
     return wp_authenticate_username_password($user, $username, $password);
 }
    $current_user = wp_get_current_user();
    $favourite_data = get_user_meta($current_user->ID, 'user_favourite_store', false);
    //print_r($validation_data);
    if (!in_array($a_favourite_check_post, $favourite_data)) {
        add_user_meta($current_user->ID, 'user_favourite_store', $a_favourite_check_post);
        echo 'success';
    } else {
        delete_user_meta($current_user->ID, 'user_favourite_store', $a_favourite_check_post);
    }
}
if ($_REQUEST['action'] == 'user_login_post_values') {
    //for login action
    $user_name = $_REQUEST['a_username'];
    $password_login = $_REQUEST['a_password_login'];
    $user_ID = username_exists($user_name);
    $check = wp_authenticate_username_password(NULL, $user_name, $password_login);
    if (is_wp_error($check)) {
        echo 'Please Check Your Login Details';
    } else {
        wp_set_current_user($user_ID, $user_name);
        wp_set_auth_cookie($user_ID);
        do_action('wp_login', $user_name);
        echo 'success';
    }
}
if ($_REQUEST['action'] == 'user_update_post_values') {
    $a_fname_updatee = $_REQUEST['a_fname_updatee'];
    $a_lname_update = $_REQUEST['a_lname_update'];
    $address_update = $_REQUEST['a_address_update'];
    $apartment_update = $_REQUEST['a_apartment_update'];
    $city_update = $_REQUEST['a_city_update'];
 /**
  * Allow e-mail to be used as the login.
  *
  * @since  3.0.2
  *
  * @param  WP_User|WP_Error|null $user     User to authenticate.
  * @param  string                $username User login
  * @param  string                $password User password
  *
  * @return object                          WP_User if authentication succeed, WP_Error on failure
  */
 public function email_signon($user, $username, $password)
 {
     /* Authentication was successful, we don't touch it */
     if (is_object($user) && is_a($user, 'WP_User')) {
         return $user;
     }
     /**
      * If the $user isn't a WP_User object nor a WP_Error
      * we don' touch it and let WordPress handle it.
      */
     if (!is_wp_error($user)) {
         return $user;
     }
     /**
      * We only wanna alter the authentication process if the username was rejected.
      * If the error is different, we let WordPress handle it.
      */
     if ('invalid_username' !== $user->get_error_code()) {
         return $user;
     }
     /**
      * If the username is not an e-mail there is nothing else we can do,
      * the error is probably legitimate.
      */
     if (!is_email($username)) {
         return $user;
     }
     /* Try to get the user with this e-mail address */
     $user_data = get_user_by('email', $username);
     /**
      * If there is no user with this e-mail the error is legitimate
      * so let's just return it.
      */
     if (false === $user_data || !is_a($user_data, 'WP_User')) {
         return $user;
     }
     return wp_authenticate_username_password(null, $user_data->data->user_login, $password);
 }
function sunshine_allow_email_login($user, $username, $password)
{
    if (!empty($username)) {
        $user = get_user_by('email', $username);
        if (isset($user, $user->user_login, $user->user_status) && 0 == (int) $user->user_status) {
            $username = $user->user_login;
        }
    }
    return wp_authenticate_username_password(null, $username, $password);
}
示例#29
0
function ipin_authenticate($user, $username, $password)
{
    //Allow login using email
    if (is_email($username)) {
        $user = get_user_by_email($username);
        if ($user) {
            $username = $user->user_login;
        }
        return wp_authenticate_username_password(null, $username, $password);
    }
    return $user;
}
示例#30
0
function mysiteapp_login($user, $username, $password)
{
    $user = wp_authenticate_username_password($user, $username, $password);
    if (is_wp_error($user)) {
        mysiteapp_print_error($user);
    } else {
        set_query_var('mysiteapp_user', $user);
        get_template_part('user');
    }
    exit;
}