示例#1
1
文件: pad.php 项目: aagusti/padl-tng
 public function index()
 {
     $model = $this->load->model('pad_model');
     if ($row = $model->get_pemda()) {
         $ta = date('Y');
         $sess_data = array('pad_tahun_anggaran' => $ta, 'pad_pemda_daerah' => $row->daerah, 'pad_pemda_alamat' => $row->alamat, 'pad_pemda_alamat_lengkap' => $row->alamat_lengkap, 'pad_pemda_telp' => $row->telp, 'pad_pemda_fax' => $row->fax, 'pad_pemda_website' => $row->website, 'pad_pemda_email' => $row->email, 'pad_pemda_nama' => $row->pemda_nama, 'pad_pemda_singkatan' => $row->pemda_nama_singkat, 'pad_pemda_type' => $row->type, 'pad_pemda_kepala' => $row->kepala_nama, 'pad_pemda_jabatan' => $row->jabatan, 'pad_pemda_ibukota' => $row->ibukota, 'pad_pemda_unitid' => $row->ppkd_id, 'pad_reklame_id' => $row->reklame_id, 'pad_air_tanah_id' => $row->airtanah_id, 'pad_dok_self_id' => $row->self_dok_id, 'pad_dok_office_id' => $row->office_dok_id, 'pad_hiburan_id' => $row->hiburan_id, 'pad_ppj_id' => $row->ppj_id, 'pad_hotel_id' => $row->hotel_id, 'pad_walet_id' => $row->walet_id, 'pad_restauran_id' => $row->restauran_id, 'pad_parkir_id' => $row->parkir_id, 'pad_surat_no' => $row->surat_no, 'pad_ijin_kd' => $row->ijin_kd, 'pad_reklame_kd' => $row->reklame_kd, 'pad_air_tanah_kd' => $row->airtanah_kd, 'pad_parkir_kd' => $row->parkir_kd, 'pad_ppj_kd' => $row->ppj_kd, 'pad_hiburan_kd' => $row->hiburan_kd, 'pad_hotel_kd' => $row->hotel_kd, 'pad_restauran_kd' => $row->restauran_kd, 'pad_spt_date' => $row->tgl_spt, 'pad_spt_due_date' => $row->tgl_jatuhtempo_self, 'pad_spt_denda' => $row->spt_denda, 'pad_bunga' => $row->pad_bunga, 'pad_ppkd_id' => $row->ppkd_id);
         $this->session->set_userdata($sess_data);
     }
     $data['current'] = 'beranda';
     $data['apps'] = $this->apps_model->get_active_only();
     if (!wp_login()) {
         $this->load->view('vmain', $data);
     } else {
         $this->load->view('wp/vmenu', $data);
     }
 }
 function get_currentuserinfo()
 {
     // Use HTTP auth instead of cookies
     global $current_user;
     if (!empty($current_user)) {
         return;
     }
     // Some apache versions prepend "REDIRECT_" to server variable name, according to http://www.besthostratings.com/articles/http-auth-php-cgi.html
     if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
         $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['REDIRECT_HTTP_AUTHORIZATION'];
     }
     // Workaround for HTTP Authentication with PHP running as CGI (htaccess rule copies authentication data into HTTP_AUTHORIZATION)
     if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
         $ha = base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6));
         list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', $ha);
         unset($ha);
     }
     if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']) || !wp_login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
         header('WWW-Authenticate: Basic realm="' . get_bloginfo('name') . '"');
         header('HTTP/1.0 401 Unauthorized');
         scoper_load_textdomain();
         // otherwise this is only loaded for wp-admin
         die(__('Access denied: Incorrect credentials supplied.', 'scoper'));
     }
     $user_login = $_SERVER['PHP_AUTH_USER'];
     wp_set_current_user(0, $user_login);
 }
示例#3
0
 public function mylogin($login, $pass)
 {
     $result = wp_login($login, $pass, 'test');
     if (!$result) {
         return false;
     }
     var_dump($result);
     $this->login = $login;
     $this->logining();
     return true;
 }
示例#4
0
 function sptpd_get_cu($customer_id, $usaha_id = '')
 {
     // terlanjur sayang
     $qry = "select cu.id customer_usaha_id, cu.customer_id, cu.usaha_id, get_npwpd(c.id, true) as npwpd, get_npwpd(c.id, false) as npwpd2, c.nama as customernm,\r\n\t\t\tcu.konterid, cu.air_zona_id, cu.air_manfaat_id , u.so, cu.def_pajak_id,\r\n\t\t\tcast(u.nama||' ('||cu.konterid||' | '||coalesce(cu.opnm,u.nama)||')' as character varying) as usahanm,\r\n            \r\n            c.wpnama, c.wpalamat\r\n\r\n\t\t\tfrom pad_customer_usaha cu\r\n\t\t\tinner join pad_customer c on cu.customer_id=c.id\r\n\t\t\tinner join pad_usaha u on cu.usaha_id=u.id\r\n\t\t\twhere cu.customer_id = ?";
     if (wp_login() && empty($usaha_id)) {
         $qry .= "and u.id not in (" . pad_reklame_id() . ", " . pad_air_tanah_id() . ") ";
     }
     if (wp_login() && !empty($usaha_id)) {
         $qry .= "and u.id in ({$usaha_id}) ";
     }
     $qry .= "order by c.rp,c.pb,c.formno, cu.usaha_id, cu.konterid";
     $query = $this->db_pad->query($qry, array($customer_id));
     if ($query->num_rows() !== 0) {
         return $query->result();
     } else {
         return FALSE;
     }
 }
示例#5
0
    function ProjectTheme_do_login_scr()
    {
        /*do_action( 'login_enqueue_scripts' );
        		do_action( 'login_head' );
        	  	do_action('login_footer');
        	  */
        global $wpdb, $error, $wp_query, $current_theme_locale_name;
        if (!is_array($wp_query->query_vars)) {
            $wp_query->query_vars = array();
        }
        $action = $_REQUEST['action'];
        $error = '';
        nocache_headers();
        header('Content-Type: ' . get_bloginfo('html_type') . '; charset=' . get_bloginfo('charset'));
        if (defined('RELOCATE')) {
            // Move flag is set
            if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF']) {
                $_SERVER['PHP_SELF'] = str_replace($_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF']);
            }
            $schema = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? 'https://' : 'http://';
            if (dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']) != get_settings('siteurl')) {
                update_option('siteurl', dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']));
            }
        }
        do_action('login_init');
        do_action('login_form_' . $action);
        switch ($_REQUEST["action"]) {
            //logout
            case "logout":
                wp_clearcookie();
                session_start();
                $sessions->destroy_all();
                /*session_start();
                	 if(isset($vstrsnln_blog_id))
                	 {
                		 unset( $vstrsnln_blog_id);
                		 session_destroy();
                	 } */
                if (get_option("jk_logout_redirect_to")) {
                    $redirect_to = get_option("jk_logout_redirect_to");
                } else {
                    $redirect_to = "wp-login.php";
                }
                do_action('wp_logout');
                nocache_headers();
                if (isset($_REQUEST['redirect_to'])) {
                    $redirect_to = $_REQUEST['redirect_to'];
                }
                wp_redirect(get_bloginfo('siteurl'));
                exit;
                break;
                //lost lost password
            //lost lost password
            case 'lostpassword':
            case 'retrievepassword':
                $http_post = 'POST' == $_SERVER['REQUEST_METHOD'];
                if ($http_post) {
                    $errors = my_retrieve_password();
                    if (!is_wp_error($errors)) {
                        $redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : 'wp-login.php?checkemail=confirm';
                        wp_safe_redirect($redirect_to);
                        exit;
                    }
                }
                if (isset($_GET['error']) && 'invalidkey' == $_GET['error']) {
                    $errors->add('invalidkey', __('Sorry, that key does not appear to be valid.'));
                }
                $redirect_to = apply_filters('lostpassword_redirect', !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '');
                do_action('lost_password');
                $user_login = isset($_POST['user_login']) ? stripslashes($_POST['user_login']) : '';
                get_header();
                ?>
                  
                <div class="page_heading_me">
                        <div class="page_heading_me_inner">
                            <div class="mm_inn"><?php 
                printf(__("Retrieve Password - %s", $current_theme_locale_name), get_bloginfo('name'));
                ?>
     </div>                  	            
                                        
                        </div>                    
                    </div>
         

<!-- ########## -->

<div id="main_wrapper">
		<div id="main" class="wrapper"><div class="padd10">
        
        
        
        
				<div class="my_box3">
            	<div class="padd10">
            
            	 
                <div class="box_content">
                

                
                <div class="login-submit-form"> 
				<form name="lostpass" action="<?php 
                echo esc_url(site_url('wp-login.php?action=lostpassword', 'login_post'));
                ?>
" method="post" id="loginform">
					
               
					<p><?php 
                _e('Please enter your information here. We will send you a new password.', $current_theme_locale_name);
                ?>
</p>
					<?php 
                if ($errors) {
                    echo "<div class='errrs'>" . $errors->get_error_message() . "</div>";
                }
                ?>
					<input type="hidden" name="action" value="retrievepassword" />
					  
					  
					<p>
					<label><?php 
                _e('Username or Email:', $current_theme_locale_name);
                ?>
</label>
                    <input type="text" class="do_input" name="user_login" id="user_login" value="" size="30" tabindex="1" />
                    </p>
                 
                  
                  	<?php 
                do_action('lostpassword_form');
                ?>
                  
					<p><label>&nbsp;</label>
					<input type="submit" name="submit" id="submit" value="<?php 
                _e('Retrieve Password', $current_theme_locale_name);
                ?>
"  class="submit_bottom" tabindex="3" />
                    </p>
                   
				</form>
                    <script type="text/javascript">
                    	$(function() {
                    	    // gather all inputs of selected types
                    	    var inputs = $('#user_tp, #user_email, #user_login, #log, #login_password, #rememberme, #submits, .green_btn'), inputTo;

                    	    // bind on keydown
                    	    inputs.on('keydown', function(e) {
                    	        
                    	        // if we pressed the tab
                    	        if (e.keyCode == 9 || e.which == 9) {
                    	        	alert('tab');
                    	            // prevent default tab action
                    	            e.preventDefault();

                    	            if (e.shiftKey) {
                    	                // get previous input based on the current input
                    	                inputTo = inputs.get(inputs.index(this) - 1);
                    	            } else {
                    	                // get next input based on the current input
                    	                inputTo = inputs.get(inputs.index(this) + 1);
                    	            }
                    	            
                    	            // move focus to inputTo, otherwise focus first input
                    	            if (inputTo) {
                    	                inputTo.focus();
                    	            } else {
                    	                inputs[0].focus();
                    	            }
                    	        }
                    	    });
                    	});
                    </script>
                </div>
                    
                    
					<ul id="logins">
					<li><a href="<?php 
                bloginfo('home');
                ?>
/" title="<?php 
                _e('Are you lost?', $current_theme_locale_name);
                ?>
">&laquo; <?php 
                _e('Home', $current_theme_locale_name);
                ?>
</a></li>
					<?php 
                if (get_settings('users_can_register')) {
                    ?>
					<li><a href="<?php 
                    bloginfo('wpurl');
                    ?>
/wp-login.php?action=register"><?php 
                    _e('Register', $current_theme_locale_name);
                    ?>
</a></li>
					<?php 
                }
                ?>
					<li><a href="<?php 
                bloginfo('wpurl');
                ?>
/wp-login.php"><?php 
                _e('Login', $current_theme_locale_name);
                ?>
</a></li>
					</ul>
				
                
               
                </div>
                </div>
                </div>
                
                
                </div></div></div>
                
		<?php 
                get_footer();
                die;
                break;
            case 'retrievepassword2':
                get_header();
                $user_data = get_userdatabylogin($_POST['user_login']);
                // redefining user_login ensures we return the right case in the email
                $user_login = $user_data->user_login;
                $user_email = $user_data->user_email;
                if (!$user_email || $user_email != $_POST['email']) {
                    ?>
                    
                <div class="my_box3">
            	<div class="padd10">
            
            	<div class="box_title"><?php 
                    _e("Retrieve Error", $current_theme_locale_name);
                    ?>
 - <?php 
                    echo get_bloginfo('name');
                    ?>
</div>
                <div class="box_content">
                    
                    <br/><br/>
                    <?php 
                    echo sprintf(__('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong username or e-mail address? <a href="%s">Try again</a>.', $current_theme_locale_name), 'wp-login.php?action=lostpassword');
                    ?>
					
					<br/><br/>
					&nbsp;
					
					</div></div></div>
					<?php 
                    get_footer();
                    die;
                }
                do_action('retreive_password', $user_login);
                // Misspelled and deprecated.
                do_action('retrieve_password', $user_login);
                // Generate something random for a password... md5'ing current time with a rand salt
                $key = substr(md5(uniqid(current_time('timestamp', 0))), 0, 50);
                // now insert the new pass md5'd into the db
                $wpdb->query("UPDATE {$wpdb->users} SET user_activation_key = '{$key}' WHERE user_login = '******'");
                $message = __('Someone has asked to reset the password for the following site and username.', $current_theme_locale_name) . "\r\n\r\n";
                $message .= get_option('siteurl') . "\r\n\r\n";
                $message .= sprintf(__('Username: %s', $current_theme_locale_name), $user_login) . "\r\n\r\n";
                $message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.', $current_theme_locale_name) . "\r\n\r\n";
                $message .= get_settings('siteurl') . "/wp-login.php?action=resetpass&key={$key}\r\n";
                $m = ProjectTheme_send_email($user_email, sprintf(__('[%s] Password Reset', $current_theme_locale_name), get_settings('blogname')), $message);
                echo get_option("jk_login_after_head_html");
                echo "          <div id=\"login\">\n";
                if ($m == false) {
                    echo "<h1>" . __("There Was a Problem", $current_theme_locale_name) . "</h1>";
                    echo '<p>' . __('The e-mail could not be sent.', $current_theme_locale_name) . "<br />\n";
                    echo __('Possible reason: your host may have disabled the mail() function...', $current_theme_locale_name) . "</p>";
                } else {
                    echo "<h1>Success!</h1>";
                    echo '<p>' . sprintf(__("The e-mail was sent successfully to %s's e-mail address.", $current_theme_locale_name), $user_login) . '<br />';
                    echo "<a href='wp-login.php' title='" . __('Check your e-mail first, of course', $current_theme_locale_name) . "'>" . __('Click here to login!', $current_theme_locale_name) . '</a></p>';
                }
                echo "          </div>\n";
                echo '</div></div></div>';
                get_footer();
                die;
                break;
                //reset password
            //reset password
            case 'rp':
                get_header();
                //_get_whole_menu();
                echo '<div class="my_box3">
            	<div class="padd10">';
                echo "          <div id=\"login\">\n";
                // Generate something random for a password... md5'ing current time with a rand salt
                $key = preg_replace('/a-z0-9/i', '', $_GET['key']);
                if (empty($key)) {
                    _e('<h1>Problem</h1>', $current_theme_locale_name);
                    _e('Sorry, that key does not appear to be valid.', $current_theme_locale_name);
                    echo "          </div>\n";
                    echo '</div></td></tr></table></div></div>';
                    get_footer();
                    die;
                }
                $user = $wpdb->get_row("SELECT * FROM {$wpdb->users} WHERE user_activation_key = '{$key}'");
                if (!$user) {
                    _e('<h1>Problem</h1>', $current_theme_locale_name);
                    _e('Sorry, that key does not appear to be valid.', $current_theme_locale_name);
                    echo "          </div>\n";
                    echo '</div></div>';
                    get_footer();
                    die;
                }
                do_action('password_reset');
                $new_pass = substr(md5(uniqid(current_time('timestamp', 0))), 0, 7);
                $wpdb->query("UPDATE {$wpdb->users} SET user_pass = MD5('{$new_pass}'), user_activation_key = '' WHERE user_login = '******'");
                wp_cache_delete($user->ID, 'users');
                wp_cache_delete($user->user_login, 'userlogins');
                $message = '<img id="logo" alt="BidQA" src="bidqa.com/wp-content/themes/ProjectTheme/images/logo/imgo.jpeg"><br>We have reset the password for the following account. Please find the new temporary password below (we recommend that you change it once you log in).<br>';
                $message .= sprintf(__('Username: %s', $current_theme_locale_name), $user->user_login) . "\r\n<br>";
                $message .= sprintf(__('Password: %s', $current_theme_locale_name), $new_pass) . "\r\n<br>";
                $message .= get_bloginfo('siteurl') . "/wp-login.php\r\n<br>";
                $m = wp_mail($user->user_email, sprintf(__('Your new password', $current_theme_locale_name)), $message);
                //ProjectTheme_send_email($user->user_email, sprintf(__('Your new password',$current_theme_locale_name) ), $message);
                if ($m == false) {
                    echo __('<h1>Problem</h1>', $current_theme_locale_name);
                    echo '<p>' . __('The e-mail could not be sent.', $current_theme_locale_name) . "<br />\n";
                    echo __('Possible reason: your host may have disabled the mail() function...', $current_theme_locale_name) . '</p>';
                } else {
                    echo __('<h1>Success!</h1>', $current_theme_locale_name);
                    echo '<p>' . sprintf(__('Your new password is in the mail.', $current_theme_locale_name), $user_login) . '<br />';
                    echo "<a href='wp-login.php' title='" . __('Check your e-mail first, of course', $current_theme_locale_name) . "'>" . __('Click here to login!', $current_theme_locale_name) . '</a></p>';
                    // send a copy of password change notification to the admin
                    $message = sprintf(__('Password Lost and Changed for user: %s', $current_theme_locale_name), $user->user_login) . "\r\n";
                    ProjectTheme_send_email(get_settings('admin_email'), sprintf(__('[%s] Password Lost/Change', $current_theme_locale_name), get_settings('blogname')), $message);
                }
                echo "          </div>\n";
                echo '</div></div></div>';
                get_footer();
                die;
                break;
                //login and default action
            //login and default action
            case 'login':
            default:
                //check credentials - 99% of this is identical to the normal wordpress login sequence as of 2.0.4
                //Any differences will be noted with end of line comments.
                $user_login = '';
                $user_pass = '';
                $using_cookie = false;
                /**
                 * this is what the code was
                 * if ( !isset( $_REQUEST['redirect_to'] ) )
                 * 	$redirect_to = 'wp-admin/';
                 * else
                 * 	$redirect_to = $_REQUEST['redirect_to'];
                 */
                if (!isset($_REQUEST['redirect_to'])) {
                    $redirect_to = get_permalink(get_option('ProjectTheme_my_account_page_id'));
                } else {
                    $redirect_to = $_REQUEST['redirect_to'];
                }
                if (isset($_SESSION['redirect_me_back'])) {
                    $redirect_to = $_SESSION['redirect_me_back'];
                }
                if ($_POST) {
                    $user_login = $_POST['log'];
                    $user_login = sanitize_user($user_login);
                    $user_pass = $_POST['pwd'];
                    $rememberme = $_POST['rememberme'];
                } else {
                    if (function_exists('wp_get_cookie_login')) {
                        $cookie_login = wp_get_cookie_login();
                        if (!empty($cookie_login)) {
                            $using_cookie = true;
                            $user_login = $cookie_login['login'];
                            $user_pass = $cookie_login['password'];
                        }
                    } elseif (!empty($_COOKIE)) {
                        if (!empty($_COOKIE[USER_COOKIE])) {
                            $user_login = $_COOKIE[USER_COOKIE];
                        }
                        if (!empty($_COOKIE[PASS_COOKIE])) {
                            $user_pass = $_COOKIE[PASS_COOKIE];
                            $using_cookie = true;
                        }
                    }
                }
                do_action('wp_authenticate', $user_login, $user_pass);
                if ($user_login && $user_pass) {
                    $user = new WP_User(0, $user_login);
                    // If the user can't edit posts, send them to their profile.
                    //if ( !$user->has_cap('edit_posts') && ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' ) )
                    //	$redirect_to = get_settings('siteurl') . '/' . 'my-account';
                    if (wp_login($user_login, $user_pass, $using_cookie)) {
                        if (!$using_cookie) {
                            wp_setcookie($user_login, $user_pass, false, '', '', $rememberme);
                        }
                        do_action('wp_login', $user_login);
                        wp_redirect($redirect_to);
                        exit;
                    } else {
                        if ($using_cookie) {
                            $error = __('Your session has expired.', $current_theme_locale_name);
                        }
                    }
                } else {
                    if ($_POST && !$user_login) {
                        $error = __('<strong>Error</strong>: The Username field is empty.', $current_theme_locale_name);
                    } else {
                        if ($_POST && !$user_pass) {
                            $error = __('<strong>Error</strong>: The password field is empty.', $current_theme_locale_name);
                        }
                    }
                }
                get_header();
                ?>
        
          
                <div class="page_heading_me">
                        <div class="page_heading_me_inner">
                            <div class="mm_inn"><?php 
                printf(__("Login - %s", $current_theme_locale_name), get_bloginfo('name'));
                ?>
     </div>                  	            
                                        
                        </div>                    
                    </div>
         

<!-- ########## -->

<div id="main_wrapper">
		<div id="main" class="wrapper"><div class="padd10">
        
					
            <div class="my_box3">
            <div class="padd10">
            
            	 
                <div class="box_content">
                
           		<?php 
                if (isset($_GET['checkemail']) && $_GET['checkemail'] == "confirm") {
                    ?>
					
                    <div class="check-email-div"><div class="padd10">
                    <?php 
                    _e('We have sent a confirmation message to your email address.<br/>
					Please follow the instructions in the email and get back to this page.', $current_theme_locale_name);
                    ?>
                    
                    </div></div>
                
				
				<?php 
                }
                ?>
						  
						  <?php 
                if (!empty($error)) {
                    ?>
						  <div class="error"><ul>
							<?php 
                    echo "<li>{$error}</li>";
                    ?>
							</ul>
						  </div>
						  <?php 
                }
                ?>
                 
                <div class="login-submit-form"> 
                          
				<form name="loginform" id="loginform" action="<?php 
                echo esc_url(site_url('wp-login.php', 'login_post'));
                ?>
" method="post">
				<p><label><?php 
                _e('Username:'******'Password:'******'Keep me logged in', $current_theme_locale_name);
                ?>
                </p>
							
							 
                <?php 
                do_action('login_form');
                ?>
                             
                             
				<p><label>&nbsp;</label>
				<input type="submit" class="submit_bottom" name="submits" id="submits" value="<?php 
                _e('Sign in', $current_theme_locale_name);
                ?>
" tabindex="4" />
				<input type="hidden" name="redirect_to" value="<?php 
                echo wp_specialchars($redirect_to);
                ?>
" />
				</p>
							
                </form>
                <script type="text/javascript">
                	$(function() {
                	    // gather all inputs of selected types
                	    var inputs = $('#user_tp, #user_email, #user_login, #log, #login_password, #rememberme, #submits, .green_btn'), inputTo;
console.log(inputs);
                	    // bind on keydown
                	    inputs.on('keydown', function(e) {
                	        
                	        // if we pressed the tab
                	        if (e.keyCode == 9 || e.which == 9) {
                	            // prevent default tab action
                	            e.preventDefault();


                	            if (e.shiftKey) {
                	                // get previous input based on the current input
                	                inputTo = inputs.get(inputs.index(this) - 1);
                	            } else {
                	                // get next input based on the current input
                	                inputTo = inputs.get(inputs.index(this) + 1);
                	            }
                	            
                	            // move focus to inputTo, otherwise focus first input
                	            if (inputTo) {
                	                inputTo.focus();
                	            } else {
                	                inputs[0].focus();
                	            }
                	        }
                	    });
                	});
                </script>
				
                <ul id="logins">
							<li><a class="green_btn" href="<?php 
                bloginfo('home');
                ?>
/" 
                            title="<?php 
                _e('Are you lost?', $current_theme_locale_name);
                ?>
">&laquo; <?php 
                _e('Home', $current_theme_locale_name);
                ?>
</a></li>
						  <?php 
                if (get_settings('users_can_register')) {
                    ?>
							<li><a class="green_btn" href="<?php 
                    bloginfo('wpurl');
                    ?>
/wp-login.php?action=register"><?php 
                    _e('Register', $current_theme_locale_name);
                    ?>
</a></li>
						  <?php 
                }
                ?>
							<li><a class="green_btn" href="<?php 
                bloginfo('wpurl');
                ?>
/wp-login.php?action=lostpassword" 
                            title="<?php 
                _e('Password Lost and Found', $current_theme_locale_name);
                ?>
"><?php 
                _e('Lost your password?', $current_theme_locale_name);
                ?>
</a></li>
              	</ul>
						
		
				</div>
		                
            
            </div>
            </div>
            </div>
            
            
             </div> </div> </div>
		
		
		<?php 
                get_footer();
                die;
                break;
        }
    }
function check_ajax_referer() {
	$current_name = '';
	if ( ( $current = wp_get_current_user() ) && $current->ID )
		$current_name = $current->data->user_login;
	if ( !$current_name )
		die('-1');

	$cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie
	foreach ( $cookie as $tasty ) {
		if ( false !== strpos($tasty, USER_COOKIE) )
			$user = substr(strstr($tasty, '='), 1);
		if ( false !== strpos($tasty, PASS_COOKIE) )
			$pass = substr(strstr($tasty, '='), 1);
	}

	if ( $current_name != $user || !wp_login( $user, $pass, true ) )
		die('-1');
	do_action('check_ajax_referer');
}
 function authenticate()
 {
     $login_data = array();
     $already_md5 = false;
     log_app("authenticate()", print_r($_ENV, true));
     // if using mod_rewrite/ENV hack
     // http://www.besthostratings.com/articles/http-auth-php-cgi.html
     if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
         list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
     }
     // If Basic Auth is working...
     if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
         $login_data = array('login' => $_SERVER['PHP_AUTH_USER'], 'password' => $_SERVER['PHP_AUTH_PW']);
         log_app("Basic Auth", $login_data['login']);
     } else {
         // else, do cookie-based authentication
         if (function_exists('wp_get_cookie_login')) {
             $login_data = wp_get_cookie_login();
             $already_md5 = true;
         }
     }
     // call wp_login and set current user
     if (!empty($login_data) && wp_login($login_data['login'], $login_data['password'], $already_md5)) {
         $current_user = new WP_User(0, $login_data['login']);
         wp_set_current_user($current_user->ID);
         log_app("authenticate()", $login_data['login']);
     }
 }
示例#8
0
 function wpSignIn($wpUsr, $pass)
 {
     // This overrides authentication in wp_check_password() [wp-functions.php]
     // This is OK to set here, as phpBB has already dealt with integration.
     // DO NOT define this anywhere else, ever!
     define('PASSWORD_ALREADY_HASHED', TRUE);
     global $error;
     if (function_exists('wp_signon')) {
         $result = wp_signon(array('user_login' => $wpUsr, 'user_password' => $pass, 'remember' => false));
         if (!is_wp_error($result)) {
             return true;
         }
         $error = $result->get_error_message();
     } else {
         if (wp_login($wpUsr, md5($pass), true)) {
             wp_setcookie($wpUsr, md5($pass), true, '', '', false);
             do_action('wp_login', $wpUsr);
             return true;
         }
     }
     return false;
 }
function check_ajax_referer() {
	$cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie
	foreach ( $cookie as $tasty ) {
		if ( false !== strpos($tasty, USER_COOKIE) )
			$user = substr(strstr($tasty, '='), 1);
		if ( false !== strpos($tasty, PASS_COOKIE) )
			$pass = substr(strstr($tasty, '='), 1);
	}
	if ( !wp_login( $user, $pass, true ) )
		die('-1');
	do_action('check_ajax_referer');
}
			}
				
			if ($password1 != '') {
				if ($password1 == $password2) {
					$pwd = wp_hash_password($password1);
					$sql = "UPDATE ".$wpdb->base_prefix."users SET user_pass = '******' WHERE ID = %d";
				    if ($wpdb->query( $wpdb->prepare($sql, $pwd, $uid) ) ) {
	
	
						$sql = "SELECT user_login FROM ".$wpdb->base_prefix."users WHERE ID = %d";
						$username = $wpdb->get_var($wpdb->prepare($sql, $uid));

						$id = $uid;
						$url = __wps__get_url('profile')."?view=settings&msg=".$pwmsg;
	
				    	wp_login($username, $pwd, true);
				        wp_setcookie($username, $pwd, true);
				        wp_set_current_user($id, $username);
			    	
						$pwmsg = "PASSWORD CHANGED";										
					
				    } else {
				    	$pwmsg = __("Failed to update password, sorry.", WPS_TEXT_DOMAIN);
				    }
				} else {
			    	$pwmsg = __("Passwords different, please try again.", WPS_TEXT_DOMAIN);
				}
			}
			
			echo $pwmsg;
			
示例#11
0
function set_post_content_13($entry, $form)
{
    //login, set cookies, and set current user
    $user_pass = md5($entry['2']);
    wp_login($entry['3'], $user_pass, true);
    wp_setcookie($entry['3'], $entry['2'], true);
    wp_set_current_user($user->ID, $user_login);
    if (isset($_SESSION['returnURL']) && !empty($_SESSION['returnURL'])) {
        $url = $_SESSION['returnURL'];
        $_SESSION['returnURL'] == '';
        header('Location: ' . $url);
    }
}
示例#12
0
 function get_cu()
 {
     $c_id = $this->uri->segment(4);
     $cu_id = $this->uri->segment(5);
     $u_id = $this->uri->segment(6);
     // param untuk wp_login (opsional di menu default)
     $model = $this->load->model('pad_model');
     if (!wp_login()) {
         $rows = $model->sptpd_get_cu($c_id);
     } else {
         $rows = $model->sptpd_get_cu($c_id);
     }
     $usaha = '';
     $cu_data = new stdClass();
     if ($rows) {
         $cu_data->customer_id = $rows[0]->customer_id;
         $cu_data->customernm = $rows[0]->customernm;
         $cu_data->npwpd = $rows[0]->npwpd;
         $cu_data->so = $rows[0]->so;
         $cu_data->konterid = $rows[0]->konterid;
         $cu_data->air_zona_id = $rows[0]->air_zona_id;
         $cu_data->air_manfaat_id = $rows[0]->air_manfaat_id;
         $cu_data->usaha_id = $rows[0]->usaha_id;
         $selected = "selected";
         foreach ($rows as $row) {
             if ($cu_id == $row->customer_usaha_id) {
                 $cu_data->usaha_id = $row->usaha_id;
                 $usaha .= "<option value={$row->customer_usaha_id} selected>{$row->usahanm}</option>";
             } else {
                 $usaha .= "<option value={$row->customer_usaha_id}>{$row->usahanm}</option>";
             }
         }
         $cu_data->usaha = $usaha;
         //Get Bulan SPT Pajak yg Terakhir
         //$cu_id = 10;
         //$u_id = 49;
         $month_ini = new DateTime("first day of last month");
         $query = $this->db->query("select max(masadari) as max_masa from pad_spt \r\n                                       where customer_id={$c_id} and customer_usaha_id={$cu_id} and pajak_id={$u_id}");
         foreach ($query->result() as $row) {
             $max_masa = $row->max_masa;
         }
         $max_masa_f = date('d-m-Y', strtotime($max_masa));
         $month_ini_f = $month_ini->format('d-m-Y');
         if ($max_masa_f == $month_ini_f) {
             $cu_data->masadari = $month_ini_f;
             $cu_data->masapajak_bulan = $month_ini->format('M-Y');
         } else {
             if ($max_masa != '') {
                 $cu_data->masadari = date('d-m-Y', strtotime("{$max_masa} + 1 month"));
                 $cu_data->masapajak_bulan = date('M-Y', strtotime($cu_data->masadari));
             } else {
                 $cu_data->masadari = $month_ini_f;
                 $cu_data->masapajak_bulan = $month_ini->format('M-Y');
             }
         }
         echo json_encode($cu_data);
     }
 }
示例#13
0
        $have_error = true;
    }
    if ($_POST['profile_agree'] != "yes") {
        $error .= __("You must agree to the terms and conditions to register.<br />", rb_login_TEXTDOMAIN);
        $have_error = true;
    }
    // Bug Free!
    if ($have_error == false) {
        $new_user = wp_insert_user($userdata);
        $new_user_type = $_POST['profile_type'];
        // Model or Client
        update_user_meta($new_user, 'rb_login_interact_profiletype', $new_user_type);
        // Log them in if no confirmation required.
        if ($rb_login_option_registerconfirm == 1) {
            global $error;
            $login = wp_login($user_login, $user_pass);
            $login = wp_signon(array('user_login' => $user_login, 'user_password' => $user_pass, 'remember' => 1), false);
        }
        // Notify admin and user
        wp_new_user_notification($new_user, $user_pass);
    }
    // Log them in if no confirmation required.
    if ($rb_login_option_registerconfirm == 1) {
        if ($login) {
            header("Location: " . get_bloginfo("wpurl") . "/dashboard/");
        }
    }
}
// *************************************************************************************************** //
// Prepare Page
get_header();
示例#14
0
 function get_cu()
 {
     $c_id = $this->uri->segment(4);
     $cu_id = $this->uri->segment(5);
     $u_id = $this->uri->segment(6);
     // param untuk wp_login (opsional di menu default)
     $model = $this->load->model('pad_model');
     if (!wp_login()) {
         $rows = $model->sptpd_get_cu($c_id);
     } else {
         $rows = $model->sptpd_get_cu($c_id, $u_id);
     }
     $usaha = '';
     $cu_data = new stdClass();
     if ($rows) {
         $cu_data->customer_id = $rows[0]->customer_id;
         $cu_data->nama = $rows[0]->nama;
         $cu_data->npwpd = $rows[0]->npwpd;
         $cu_data->so = $rows[0]->so;
         $cu_data->konterid = $rows[0]->konterid;
         $cu_data->air_zona_id = $rows[0]->air_zona_id;
         $cu_data->air_manfaat_id = $rows[0]->air_manfaat_id;
         $cu_data->wpnama = $rows[0]->wpnama;
         $cu_data->wpalamat = $rows[0]->wpalamat;
         $selected = "selected";
         foreach ($rows as $row) {
             if ($cu_id == $row->customer_usaha_id) {
                 $usaha .= "<option value={$row->customer_usaha_id} selected>{$row->nama}</option>";
             } else {
                 $usaha .= "<option value={$row->customer_usaha_id}>{$row->nama}</option>";
             }
         }
         $cu_data->usaha = $usaha;
         echo json_encode($cu_data);
     }
 }
示例#15
0
    function shipme_do_login_scr()
    {
        /*do_action( 'login_enqueue_scripts' );
        		do_action( 'login_head' );
        	  	do_action('login_footer');
        	  */
        global $wpdb, $error, $wp_query;
        if (!is_array($wp_query->query_vars)) {
            $wp_query->query_vars = array();
        }
        $action = $_REQUEST['action'];
        $error = '';
        nocache_headers();
        header('Content-Type: ' . get_bloginfo('html_type') . '; charset=' . get_bloginfo('charset'));
        if (defined('RELOCATE')) {
            // Move flag is set
            if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF']) {
                $_SERVER['PHP_SELF'] = str_replace($_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF']);
            }
            $schema = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? 'https://' : 'http://';
            if (dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']) != get_settings('siteurl')) {
                update_option('siteurl', dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']));
            }
        }
        do_action('login_init');
        do_action('login_form_' . $action);
        switch ($_REQUEST["action"]) {
            //logout
            case "logout":
                wp_clearcookie();
                if (get_option("jk_logout_redirect_to")) {
                    $redirect_to = get_option("jk_logout_redirect_to");
                } else {
                    $redirect_to = "wp-login.php";
                }
                do_action('wp_logout');
                nocache_headers();
                if (isset($_REQUEST['redirect_to'])) {
                    $redirect_to = $_REQUEST['redirect_to'];
                }
                wp_redirect(get_bloginfo('siteurl'));
                exit;
                break;
                //lost lost password
            //lost lost password
            case 'lostpassword':
            case 'retrievepassword':
                $http_post = 'POST' == $_SERVER['REQUEST_METHOD'];
                if ($http_post) {
                    $errors = my_retrieve_password();
                    if (!is_wp_error($errors)) {
                        $redirect_to = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : 'wp-login.php?checkemail=confirm';
                        wp_safe_redirect($redirect_to);
                        exit;
                    }
                }
                if (isset($_GET['error']) && 'invalidkey' == $_GET['error']) {
                    $errors->add('invalidkey', __('Sorry, that key does not appear to be valid.', 'shipme'));
                }
                $redirect_to = apply_filters('lostpassword_redirect', !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '');
                do_action('lost_password');
                $user_login = isset($_POST['user_login']) ? stripslashes($_POST['user_login']) : '';
                global $real_ttl;
                $real_ttl = __("Retrieve Password", 'shipme');
                add_filter('wp_title', 'shipme_sitemile_filter_ttl', 10, 3);
                get_header();
                ?>
        
          <div class="container_ship_no_bk margin_top_40">
        
        	<ul class="virtual_sidebar">
			
			<li class="widget-container widget_text"><h3 class="widget-title"><?php 
                _e("Retrieve Password", 'shipme');
                ?>
 - <?php 
                echo get_bloginfo('name');
                ?>
</h3>
			<div class="my-only-widget-content ">
            
            
        
 
                
						<?php 
                if (isset($errors) && isset($_POST['action'])) {
                    ?>
						  <div class="bam_bam"> <div class="error">
							<ul>
							<?php 
                    $me = $errors->get_error_messages();
                    foreach ($me as $mm) {
                        echo "<li>" . $mm . "</li>";
                    }
                    ?>
							</ul>
						  </div> </div>
						  <?php 
                }
                ?>
                          
                          
                <div class="login-submit-form"> 
				<form name="lostpass" action="<?php 
                echo esc_url(site_url('wp-login.php?action=lostpassword', 'login_post'));
                ?>
" method="post" id="lostpass">
					
               
					<p><?php 
                _e('Please enter your information here. We will send you a new password.', 'shipme');
                ?>
</p>
					<?php 
                if ($error) {
                    echo "<div id='login_error'>{$error}</div>";
                }
                ?>
					<input type="hidden" name="action" value="retrievepassword" />
					  
					  
					<p>
					<label><?php 
                _e('Mobile Number or Email:', 'shipme');
                ?>
</label>
                    <input type="text" class="do_input" name="user_login" id="user_login" value="" size="30" tabindex="1" />
                    </p>
                 
                  
                  	<?php 
                do_action('lostpassword_form');
                ?>
                  
					<p><label>&nbsp;</label>
					<a href="" class="submit_bottom2"  onClick="document.getElementById('lostpass').submit(); return false;"><i class="fa fa-check-circle"></i> <?php 
                _e('Retrieve Password', 'shipme');
                ?>
</a>
                    </p>
                   
				</form>
                    
                </div>
                    
                    
					<ul id="logins">
					<li><a class="green_btn" href="<?php 
                echo esc_url(home_url());
                ?>
/" title="<?php 
                _e('Are you lost?', 'shipme');
                ?>
">&laquo; <?php 
                _e('Home', 'shipme');
                ?>
</a></li>
					<?php 
                if (get_settings('users_can_register')) {
                    ?>
					<li><a class="green_btn" href="<?php 
                    echo esc_url(site_url());
                    ?>
/wp-login.php?action=register"><?php 
                    _e('Register', 'shipme');
                    ?>
</a></li>
					<?php 
                }
                ?>
					<li><a class="green_btn" href="<?php 
                echo esc_url(site_url());
                ?>
/wp-login.php"><?php 
                _e('Login', 'shipme');
                ?>
</a></li>
					</ul>
				
                
         
              
            </div>
            </li>
            </ul>
            
            </div>
                
		<?php 
                get_footer();
                die;
                break;
            case 'retrievepassword2':
                global $real_ttl;
                $real_ttl = __("Retrieve Error", 'shipme');
                add_filter('wp_title', 'shipme_sitemile_filter_ttl', 10, 3);
                get_header();
                $user_data = get_userdatabylogin($_POST['user_login']);
                // redefining user_login ensures we return the right case in the email
                $user_login = $user_data->user_login;
                $user_email = $user_data->user_email;
                if (!$user_email || $user_email != $_POST['email']) {
                    ?>
                    
                <div class="my_box3 breadcrumb-wrap">
            
            	<div class="box_title"><?php 
                    _e("Retrieve Error", 'shipme');
                    ?>
 - <?php 
                    echo get_bloginfo('name');
                    ?>
</div>
                <div class="box_content">
                    
                    <br/><br/>
                    <?php 
                    echo sprintf(__('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong Mobile Number or e-mail address? <a href="%s">Try again</a>.', 'shipme'), 'wp-login.php?action=lostpassword');
                    ?>
					
					<br/><br/>
					&nbsp;
					
					</div></div>
					<?php 
                    get_footer();
                    die;
                }
                do_action('retreive_password', $user_login);
                // Misspelled and deprecated.
                do_action('retrieve_password', $user_login);
                // Generate something random for a password... md5'ing current time with a rand salt
                $key = substr(md5(uniqid(current_time('timestamp', 0))), 0, 50);
                // now insert the new pass md5'd into the db
                $wpdb->query("UPDATE {$wpdb->users} SET user_activation_key = '{$key}' WHERE user_login = '******'");
                $message = __('Someone has asked to reset the password for the following site and username.', 'shipme') . "\r\n\r\n";
                $message .= get_option('siteurl') . "\r\n\r\n";
                $message .= sprintf(__('Mobile Number: %s', 'shipme'), $user_login) . "\r\n\r\n";
                $message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.', 'shipme') . "\r\n\r\n";
                $message .= get_settings('siteurl') . "/wp-login.php?action=resetpass&key={$key}\r\n";
                $m = wp_mail($user_email, sprintf(__('[%s] Password Reset', 'shipme'), get_settings('blogname')), $message);
                echo get_option("jk_login_after_head_html");
                echo "          <div id=\"login\">\n";
                if ($m == false) {
                    echo "<h1>" . __("There Was a Problem", 'shipme') . "</h1>";
                    echo '<p>' . __('The e-mail could not be sent.', 'shipme') . "<br />\n";
                    echo __('Possible reason: your host may have disabled the mail() function...', 'shipme') . "</p>";
                } else {
                    echo "<h1>Success!</h1>";
                    echo '<p>' . sprintf(__("The e-mail was sent successfully to %s's e-mail address.", 'shipme'), $user_login) . '<br />';
                    echo "<a href='wp-login.php' title='" . __('Check your e-mail first, of course', 'shipme') . "'>" . __('Click here to login!', 'shipme') . '</a></p>';
                }
                echo "          </div>\n";
                echo '</div></div></div>';
                get_footer();
                die;
                break;
                //reset password
            //reset password
            case 'rp':
                global $real_ttl;
                $real_ttl = __("Key Not Valid", 'shipme');
                add_filter('wp_title', 'shipme_sitemile_filter_ttl', 10, 3);
                get_header();
                //_get_whole_menu();
                echo '<div class="my_box3 breadcrumb-wrap">
            	<div class="padd10">';
                echo "          <div id=\"login\">\n";
                // Generate something random for a password... md5'ing current time with a rand salt
                $key = preg_replace('/a-z0-9/i', '', $_GET['key']);
                if (empty($key)) {
                    _e('<h1>Problem</h1>', 'shipme');
                    _e('Sorry, that key does not appear to be valid.', 'shipme');
                    echo "          </div>\n";
                    echo '</div></td></tr></table></div></div>';
                    get_footer();
                    die;
                }
                $user = $wpdb->get_row("SELECT * FROM {$wpdb->users} WHERE user_activation_key = '{$key}'");
                if (!$user) {
                    _e('<h1>Problem</h1>', 'shipme');
                    _e('Sorry, that key does not appear to be valid.', 'shipme');
                    echo "          </div>\n";
                    echo '</div></div>';
                    get_footer();
                    die;
                }
                do_action('password_reset');
                $new_pass = substr(md5(uniqid(current_time('timestamp', 0))), 0, 7);
                $wpdb->query("UPDATE {$wpdb->users} SET user_pass = MD5('{$new_pass}'), user_activation_key = '' WHERE user_login = '******'");
                wp_cache_delete($user->ID, 'users');
                wp_cache_delete($user->user_login, 'userlogins');
                $message = sprintf(__('Mobile Number: %s', 'shipme'), $user->user_login) . "\r\n";
                $message .= sprintf(__('Password: %s', 'shipme'), $new_pass) . "\r\n";
                $message .= get_settings('siteurl') . "/wp-login.php\r\n";
                $m = wp_mail($user->user_email, sprintf(__('[%s] Your new password', 'shipme'), get_settings('blogname')), $message);
                if ($m == false) {
                    echo __('<h1>Problem</h1>', 'shipme');
                    echo '<p>' . __('The e-mail could not be sent.', 'shipme') . "<br />\n";
                    echo __('Possible reason: your host may have disabled the mail() function...', 'shipme') . '</p>';
                } else {
                    echo __('<h1>Success!</h1>', 'shipme');
                    echo '<p>' . sprintf(__('Your new password is in the mail.', 'shipme'), $user_login) . '<br />';
                    echo "<a href='wp-login.php' title='" . __('Check your e-mail first, of course', 'shipme') . "'>" . __('Click here to login!', 'shipme') . '</a></p>';
                    // send a copy of password change notification to the admin
                    $message = sprintf(__('Password Lost and Changed for user: %s', 'shipme'), $user->user_login) . "\r\n";
                    wp_mail(get_settings('admin_email'), sprintf(__('[%s] Password Lost/Change', 'shipme'), get_settings('blogname')), $message);
                }
                echo "          </div>\n";
                echo '</div></div></div>';
                get_footer();
                die;
                break;
                //login and default action
            //login and default action
            case 'login':
            default:
                //check credentials - 99% of this is identical to the normal wordpress login sequence as of 2.0.4
                //Any differences will be noted with end of line comments.
                $user_login = '';
                $user_pass = '';
                $using_cookie = false;
                /**
                 * this is what the code was
                 * if ( !isset( $_REQUEST['redirect_to'] ) )
                 * 	$redirect_to = 'wp-admin/';
                 * else
                 * 	$redirect_to = $_REQUEST['redirect_to'];
                 */
                if (empty($_REQUEST['redirect_to'])) {
                    $redirect_to = get_permalink(get_option('shipme_account_page_id'));
                } else {
                    $redirect_to = $_REQUEST['redirect_to'];
                }
                if (empty($redirect_to)) {
                    $redirect_to = get_permalink(get_option('shipme_account_page_id'));
                }
                //print_r($_REQUEST); // $redirect_to;
                //exit;
                if (isset($_SESSION['redirect_me_back'])) {
                    $redirect_to = $_SESSION['redirect_me_back'];
                }
                if ($_POST) {
                    $user_login = $_POST['log'];
                    $user_login = sanitize_user($user_login);
                    $user_pass = $_POST['pwd'];
                    $rememberme = $_POST['rememberme'];
                } else {
                    if (function_exists('wp_get_cookie_login')) {
                        $cookie_login = wp_get_cookie_login();
                        if (!empty($cookie_login)) {
                            $using_cookie = true;
                            $user_login = $cookie_login['login'];
                            $user_pass = $cookie_login['password'];
                        }
                    } elseif (!empty($_COOKIE)) {
                        if (!empty($_COOKIE[USER_COOKIE])) {
                            $user_login = $_COOKIE[USER_COOKIE];
                        }
                        if (!empty($_COOKIE[PASS_COOKIE])) {
                            $user_pass = $_COOKIE[PASS_COOKIE];
                            $using_cookie = true;
                        }
                    }
                }
                do_action('wp_authenticate', $user_login, $user_pass);
                if ($user_login && $user_pass) {
                    $user = new WP_User(0, $user_login);
                    // If the user can't edit posts, send them to their profile.
                    //if ( !$user->has_cap('edit_posts') && ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' ) )
                    //	$redirect_to = get_settings('siteurl') . '/' . 'my-account';
                    if (wp_login($user_login, $user_pass, $using_cookie)) {
                        if (!$using_cookie) {
                            wp_setcookie($user_login, $user_pass, false, '', '', $rememberme);
                        }
                        do_action('wp_login', $user_login);
                        wp_redirect($redirect_to);
                        exit;
                    } else {
                        if ($using_cookie) {
                            $error = __('Your session has expired.', 'shipme');
                        }
                    }
                } else {
                    if ($user_login || $user_pass) {
                        $error = __('<strong>Error</strong>: The password field is empty.', 'shipme');
                    }
                }
                global $real_ttl;
                $real_ttl = __("Login", 'shipme');
                add_filter('wp_title', 'shipme_sitemile_filter_ttl', 10, 3);
                get_header();
                ?>
        
        <div class="container_ship_no_bk margin_top_40">
        
        	<ul class="virtual_sidebar">
			
			<li class="widget-container widget_text"><h3 class="widget-title"><?php 
                _e("Login", 'shipme');
                ?>
 - <?php 
                echo get_bloginfo('name');
                ?>
</h3>
			<div class="my-only-widget-content ">
        
					
         
                
           		<?php 
                if (isset($_GET['checkemail']) && $_GET['checkemail'] == "confirm") {
                    ?>
					
                    <div class="check-email-div"><div class="padd10">
                    <?php 
                    _e('We have sent a confirmation message to your email address.<br/>
					Please follow the instructions in the email and get back to this page.', 'shipme');
                    ?>
                    
                    </div></div>
                
				
				<?php 
                }
                ?>
						  
				  <?php 
                if (!empty($error)) {
                    ?>
						  <div class="bam_bam"><div class="error"><ul>
							<?php 
                    echo "<li>{$error}</li>";
                    ?>
							</ul>
						  </div></div>
						  <?php 
                }
                ?>
                 
                <div class="login-submit-form"> 
                          
				<form name="loginform" id="loginform" action="<?php 
                echo esc_url(site_url('wp-login.php', 'login_post'));
                ?>
" method="post">
				<p><label><?php 
                _e('Mobile Number:', 'shipme');
                ?>
</label>
				<input class="do_input" type="text" name="log" id="log" value="<?php 
                echo esc_html(stripslashes($user_login), 1);
                ?>
" size="30"  />
                </p>
							
                            
				<p><label><?php 
                _e('Password:'******'shipme');
                ?>
</label>
				<input class="do_input" type="password" name="pwd" id="login_password" value="" size="30"  />
				</p>
							
				<p><label>&nbsp;</label>
				<input class="do_input" name="rememberme" type="checkbox" id="rememberme" value="true" tabindex="3" /> 
				<?php 
                _e('Keep me logged in', 'shipme');
                ?>
                </p>
							
							 
                <?php 
                do_action('login_form');
                ?>
                             
                <input type="hidden" name="testcookie" value="1" />             
				<p><label>&nbsp;</label>
				<a href="#" class="submit_bottom2" onClick="document.getElementById('loginform').submit();"  ><i class="fa fa-check-circle"></i> <?php 
                _e('Sign in', 'shipme');
                ?>
</a>
				<input type="hidden" name="redirect_to" value="<?php 
                echo $_GET['redirect_to'];
                ?>
" />
				</p>
							
                </form>
				
                <ul id="logins">
							<li><a class="green_btn" href="<?php 
                echo esc_url(home_url());
                ?>
/" 
                            title="<?php 
                _e('Are you lost?', 'shipme');
                ?>
">&laquo; <?php 
                _e('Home', 'shipme');
                ?>
</a></li>
						  <?php 
                if (get_settings('users_can_register')) {
                    ?>
							<li><a class="green_btn" href="<?php 
                    echo esc_url(site_url());
                    ?>
/wp-login.php?action=register"><?php 
                    _e('Register', 'shipme');
                    ?>
</a></li>
						  <?php 
                }
                ?>
<!--							<li><a class="green_btn" href="<?php 
                //echo esc_url( site_url() );
                ?>
/wp-login.php?action=lostpassword" 
                            title="<?php 
                //_e('Password Lost and Found','shipme')
                ?>
"><?php 
                _e('Lost your password?', 'shipme');
                ?>
</a></li>-->
              	</ul>
						
		
				</div>

            </div>
            </li>
            </ul>
            
            </div>
		
		
		<?php 
                get_footer();
                die;
                break;
        }
    }
示例#16
0
function xpress_login(){
	global $current_user;
	global $xoopsModule,$xoopsUser,$xoopsUserIsAdmin;
	
	if(is_object($xoopsUser)){
		$u_name = $xoopsUser->getVar("uname");
		$u_pass_md5 = $xoopsUser->getVar("pass");
		if ( ! empty($u_name) && ! empty($u_pass_md5) ) {
			include_once dirname( __FILE__ ).'/user_sync_xoops.php';
			repair_user_meta_prefix();  //Repair when data base prefix is changed on XOOPS side
			$messege = '';
			$ret = user_sync_to_wordpress($xoopsUser->getVar("uid"),$messege);
			if ($ret){
				$user = new WP_User(0, $u_name);
				if ( wp_login($u_name, $u_pass_md5) ) {
					wp_setcookie($u_name, $u_pass_md5, true, '', '', false);
					do_action('wp_login', $u_name);
					wp_set_current_user($user->ID);
					return  true;
				}
			}			
		}
	}
	if ( ! empty($current_user) ){
		wp_set_current_user(0);
		wp_logout();
		wp_clear_auth_cookie();
	}
	return false;
}
示例#17
0
/**
 * Create a new WordPress user with the specified identity URL and user data.
 *
 * @param string $identity_url OpenID to associate with the newly
 * created account
 * @param array $user_data array of user data
 */
function openid_create_new_user($identity_url, &$user_data) {
	global $wpdb;

	// Identity URL is new, so create a user
	@include_once( ABSPATH . 'wp-admin/upgrade-functions.php');	// 2.1
	@include_once( ABSPATH . WPINC . '/registration-functions.php'); // 2.0.4

	// otherwise, try to use preferred username
	if ( empty($username) && array_key_exists('nickname', $user_data) ) {
		$username = openid_generate_new_username($user_data['nickname'], false);
	}

	// finally, build username from OpenID URL
	if (empty($username)) {
		$username = openid_generate_new_username($identity_url);
	}

	$user_data['user_login'] = $username;
	$user_data['user_pass'] = substr( md5( uniqid( microtime() ) ), 0, 7);
	$user_id = wp_insert_user( $user_data );

	if( $user_id ) { // created ok

		$user_data['ID'] = $user_id;
		// XXX this all looks redundant, see openid_set_current_user

		$user = new WP_User( $user_id );

		if( ! wp_login( $user->user_login, $user_data['user_pass'] ) ) {
			openid_message(__('User was created fine, but wp_login() for the new user failed. This is probably a bug.', 'openid'));
			openid_status('error');
			openid_error(openid_message());
			return;
		}

		// notify of user creation
		wp_new_user_notification( $user->user_login );

		wp_clearcookie();
		wp_setcookie( $user->user_login, md5($user->user_pass), true, '', '', true );

		// Bind the provided identity to the just-created user
		openid_add_user_identity($user_id, $identity_url);

		openid_status('redirect');

		if ( !$user->has_cap('edit_posts') ) $redirect_to = '/wp-admin/profile.php';

	} else {
		// failed to create user for some reason.
		openid_message(__('OpenID authentication successful, but failed to create WordPress user. This is probably a bug.', 'openid'));
		openid_status('error');
		openid_error(openid_message());
	}

}
function podPress_validateLogin()
{
    global $user_login, $userdata, $user_level, $user_ID, $user_email, $user_url, $user_pass_md5, $user_identity, $current_user;
    if (defined('XMLRPC_REQUEST') && XMLRPC_REQUEST) {
        return false;
    }
    $http_headers = getallheaders();
    if (empty($http_headers['Authorization'])) {
        if (empty($http_headers['AUTHORIZATION'])) {
            podPress_requestLogin();
            return false;
        } else {
            $http_headers['Authorization'] = stripslashes(stripslashes($http_headers['AUTHORIZATION']));
        }
    }
    switch (PODPRESS_PREMIUM_METHOD) {
        case 'Digest':
            $data = podPress_http_digest_parse($http_headers['Authorization']);
            if (!$data) {
                die('Wrong Credentials!');
            }
            $x = get_userdatabylogin($data['username']);
            $A1 = get_usermeta($x->ID, 'premiumcast_creds');
            $A2 = md5($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']);
            $valid_response = md5($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2);
            if ($data['response'] == $valid_response) {
                $user_login = $data['username'];
                $authresult = wp_login($user_login, md5($x->user_pass), true);
            }
            break;
        case 'Basic':
        default:
            $authparts = podPress_http_basic_parse($http_headers['Authorization']);
            $user_login = $authparts['username'];
            $authresult = wp_login($user_login, $authparts['passwd']);
            break;
    }
    $podPress_x = $GLOBALS['wp_object_cache']->cache['userlogins'][$user_login];
    if (is_object($GLOBALS['wp_object_cache']->cache['userlogins'][$user_login])) {
        if ($podPress_x->wp_capabilities['premium_subscriber'] != 1 && $podPress_x->wp20_capabilities['premium_subscriber'] != 1) {
            $authresult = false;
        }
    } else {
        if ($GLOBALS['wp_object_cache']->cache['users'][$podPress_x]->wp_capabilities['premium_subscriber'] != 1 && $GLOBALS['wp_object_cache']->cache['users'][$podPress_x]->wp20_capabilities['premium_subscriber'] != 1) {
            $authresult = false;
        }
    }
    unset($podPress_x);
    if (!$authresult) {
        podPress_requestLogin();
        return false;
        $current_user = new WP_User(0);
        return false;
    }
    $userdata = get_userdatabylogin($user_login);
    $user_level = $userdata->user_level;
    $user_ID = $userdata->ID;
    $user_email = $userdata->user_email;
    $user_url = $userdata->user_url;
    $user_pass_md5 = md5($userdata->user_pass);
    $user_identity = $userdata->display_name;
    define('PODPRESS_PREMIUMLOGIN', $user_login);
    define('PODPRESS_PREMIUMID', $userdata->ID);
    if (empty($current_user)) {
        $current_user = new WP_User($user_ID);
    }
}
示例#19
0
 /**
  * WPMRegisterExisting
  * Registers existing user to a membership level
  * @param array $data User data array
  * @param string $wpm_errmsg Passed by reference, we save the error message here
  * @param boolean $send_welcome_email True to send registration email or not
  * @param boolean $notifyadmin True to notify admin via email of this registration
  * @return integer|boolean User ID on success or false on error
  */
 function WPMRegisterExisting($data, &$wpm_errmsg, $send_welcome_email = true, $notifyadmin = true, $special_bypass = false)
 {
     /* include the required WordPress functions */
     require_once ABSPATH . 'wp-admin/includes/user.php';
     /* load the membership levels */
     $wpm_levels = $this->GetOption('wpm_levels');
     /* set blacklist to zero */
     $blacklist = 0;
     /* Check if for approval registration */
     $is_forapproval = $this->IsForApprovalRegistration($data['wpm_id']);
     if ($is_forapproval) {
         $wpm_newid = time();
         sleep(1);
         $pendingstatus = "Registered For Approval";
         if ($is_forapproval['name'] == "PinPayments") {
             $data['sctxnid'] = "SP-" . $data['wpm_id'] . "-" . $wpm_newid;
             $pendingstatus = "Pin Payments Confirmation";
         }
         $data['wpm_id'] = $is_forapproval["level"];
         $registered_by_admin = false;
     }
     /* check if the user is valid */
     if (true === wlm_admin_in_admin() || true === $special_bypass) {
         $validuser = username_exists($data['username']);
         if (!$validuser) {
             $validuser = email_exists($data['email']);
             $user_info = get_userdata($validuser);
             $data['username'] = $user_info->user_login;
         }
         $data['password'] = __('Already assigned', 'wishlist-member');
     } else {
         $validuser = wp_login($data['username'], $data['password']);
     }
     if ($validuser) {
         $user = $this->Get_UserData(0, $data['username']);
         /* check for blacklist status */
         $blacklist = $this->CheckBlackList($user->user_email);
         /* load user's Membership Levels */
         $levels = $this->GetMembershipLevels($user->ID);
         /* check if the member is already registered to the level */
         $inlevel = in_array($data['wpm_id'], $levels);
         /*
          * if member is already in level, check if he's expired and if so,
          * check if level is configured to reset registration for expired
          * level re-registration
          */
         if ($inlevel) {
             $expired = $this->LevelExpired($data['wpm_id'], $user->ID);
             $resetexpired = $wpm_levels[$data['wpm_id']]['registrationdatereset'] == 1;
             /* if expired and level allows re-registration then set inlevel to false */
             if ($expired && $resetexpired) {
                 $inlevel = false;
             }
             $cancelled = $this->LevelCancelled($data['wpm_id'], $user->ID);
             $resetcancelled = $wpm_levels[$data['wpm_id']]['uncancelonregistration'] == 1;
             /* if expired and level allows re-registration then set inlevel to false */
             if ($cancelled && $resetcancelled) {
                 $inlevel = false;
             }
             $repeat_registration = false;
             if (defined('WLM_ALLOW_REPEAT_REGISTRATION')) {
                 $inlevel = false;
                 $repeat_registration = true;
             }
         }
     }
     /* validate if not blacklisted */
     if ($blacklist) {
         switch ($blacklist) {
             case 1:
                 $wpm_errmsg = $this->GetOption('blacklist_email_message');
                 break;
             case 2:
                 $wpm_errmsg = $this->GetOption('blacklist_ip_message');
                 break;
             case 3:
                 $wpm_errmsg = $this->GetOption('blacklist_email_ip_message');
                 break;
         }
         return false;
     }
     /* validate if a valid user */
     if (!$validuser) {
         $wpm_errmsg = __('Invalid username and/or password.', 'wishlist-member');
         return false;
     }
     /* validate if not in level */
     if ($inlevel) {
         $wpm_errmsg = __('You are already registered to this level.', 'wishlist-member');
         return false;
     }
     /* validate if reCaptcha is OK */
     if (!$this->reCaptchaResponse()) {
         $wpm_errmsg = __('The reCAPTCHA wasn\'t entered correctly. Go back and try it again', 'wishlist-member');
         return false;
     }
     /*
      *  we check if there's a "need for admin approval" or "email confirmation"
      *  in the level settings, if yes, then add a flag that will delay member from being added to AR
      *  until all these flags are cleared
      */
     $pendingautoresponder = array();
     if ($wpm_levels[$data['wpm_id']]['requireadminapproval'] && !$registered_by_admin) {
         $pendingautoresponder[] = 'autoresponder_add_pending_admin_approval';
     }
     if ($wpm_levels[$data['wpm_id']]['requireemailconfirmation'] && !$registered_by_admin) {
         $pendingautoresponder[] = 'autoresponder_add_pending_email_confirmation';
     }
     /* set membership levels */
     $levels[] = $data['wpm_id'];
     $this->SetMembershipLevels($user->ID, $levels, $null, $null, $null, $null, $null, $pendingautoresponder);
     /* attach transaction_id to user and delete mergewith temporary user */
     if ($data['mergewith']) {
         $mw = $this->Get_UserData($data['mergewith']);
         if ($mw->data->additional_levels) {
             $this->Update_UserMeta($user->ID, 'additional_levels', $mw->data->additional_levels);
         }
         if ($this->IsPPPLevel($data['wpm_id'])) {
             $clcntnt = substr($data['wpm_id'], 11);
             $clmeta = $this->Get_AllContentLevelMeta('U-' . $mw->ID, substr($data['wpm_id'], 11));
             if ($clmeta) {
                 foreach ($clmeta as $k => $v) {
                     if (!$this->Add_ContentLevelMeta('U-' . $user->ID, $content_id, $k, $v)) {
                         $this->Update_ContentLevelMeta('U-' . $user->ID, $content_id, $k, $v);
                     }
                 }
             }
         } else {
             foreach ((array) $this->GetMembershipLevelsTxnIDs($mw->ID) as $key => $val) {
                 $this->SetMembershipLevelTxnID($user->ID, $key, $val);
             }
             $this->LevelCancelled($data['wpm_id'], $user->ID, false);
         }
         //unset($mw);
         wp_delete_user($data['mergewith']);
     } else {
         if ($this->IsPPPLevel($data['wpm_id'])) {
             $this->AddUserPostTransactionID($user->ID, substr($data['wpm_id'], 11), $data['sctxnid']);
         } else {
             if (!$repeat_registration) {
                 $this->SetMembershipLevelTxnID($user->ID, $data['wpm_id'], $data['sctxnid']);
             }
         }
     }
     /* if expired and level allows re-registration, then reset timestamp */
     if ($expired && $resetexpired) {
         $this->UserLevelTimestamp($user->ID, $data['wpm_id'], time());
     }
     /* if cancelled and level is set to uncancel on re-registration, then uncancel */
     if ($cancelled && $resetcancelled) {
         $txnid = $this->GetMembershipLevelsTxnID($user->ID, $data['wpm_id']);
         foreach ((array) $this->GetMembershipLevelsTxnIDs($user->ID, $txnid) as $level => $txnid) {
             $this->LevelCancelled($level, $user->ID, false);
         }
     }
     /* prepare email mergecodes */
     $macros = array('[memberlevel]' => trim($wpm_levels[$data['wpm_id']]['name']), '[password]' => $data['password'], '[confirmurl]' => get_bloginfo('url') . '/index.php?wlmconfirm=' . $user->ID . '/' . md5($user->user_email . '__' . $user->user_login . '__' . $data['wpm_id'] . '__' . $this->GetAPIKey()));
     /*
      * doing a manual registration so we also
      * set the level's For Approval status if
      * the level is configured as such
      */
     $level_for_approval = array((bool) ($wpm_levels[$data['wpm_id']]['requireadminapproval'] and !$registered_by_admin and !$data['mergewith']), (bool) ($wpm_levels[$data['wpm_id']]['requireadminapproval_integrations'] and $data['mergewith']));
     if (in_array(true, $level_for_approval)) {
         $this->LevelForApproval($data['wpm_id'], $user->ID, true);
         //Send require admin approval email
         $this->send_email_template('require_admin_approval', $user->ID, $macros);
         $send_welcome_email = false;
     }
     if ($_COOKIE['wishlist_reg_cookie_manual']) {
         // send confirmation email (if so configured)
         if ($wpm_levels[$data['wpm_id']]['requireemailconfirmation']) {
             $this->LevelUnConfirmed($data['wpm_id'], $user->ID, true);
             $this->send_email_template('email_confirmation', $user->ID, $macros);
             $send_welcome_email = false;
         }
     }
     if (!is_null($pendingstatus) && !$registered_by_admin) {
         $this->LevelForApproval($data['wpm_id'], $user->ID, $pendingstatus);
     }
     /* add password */
     $macros['[password]'] = $data['password'];
     /* and send the mail */
     if ($send_welcome_email) {
         $this->send_email_template('registration', $user->ID, $macros);
     }
     if ($notifyadmin) {
         if ($this->GetOption('notify_admin_of_newuser')) {
             $admin_macros = $macros;
             if ($this->GetOption('mask_passwords_in_emails')) {
                 $admin_macros['[password]'] = '********';
             }
             $this->send_email_template('admin_new_member_notice', $user->ID, $admin_macros, $this->GetOption('newmembernotice_email_recipient'));
         }
     }
     // make sure sequential upgrade is enabled
     $this->IsSequential($user->ID, true);
     // delete the registration page security cookie
     $this->RegistrationCookie('x', $dummy);
     // wp multisite stuff
     if (function_exists('add_user_to_blog')) {
         if (!is_user_member_of_blog($user->ID)) {
             add_user_to_blog($GLOBALS['blog_id'], $user->ID, $wpm_levels[$data['wpm_id']]['role']);
         }
     }
     if (false === wlm_admin_in_admin()) {
         /*
          * we no longer save the password since WLM 2.8
          */
         // $this->SaveOption('xxxssapxxx-' . $user->ID, $data['password'], true);
         $this->WPMAutoLogin($user->ID);
     }
     /* we're done */
     do_action('wishlistmember_user_registered', $user->ID, $data, $mw);
     return $user->ID;
 }
function auth_redirect() {
	// Checks if a user is logged in, if not redirects them to the login page
	if ( (!empty($_COOKIE['wordpressuser_' . COOKIEHASH]) && 
				!wp_login($_COOKIE['wordpressuser_' . COOKIEHASH], $_COOKIE['wordpresspass_' . COOKIEHASH], true)) ||
			 (empty($_COOKIE['wordpressuser_' . COOKIEHASH])) ) {
		header('Expires: Wed, 11 Jan 1984 05:00:00 GMT');
		header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
		header('Cache-Control: no-cache, must-revalidate, max-age=0');
		header('Pragma: no-cache');
	
		header('Location: ' . get_settings('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']));
		exit();
	}
}
function podPress_validateLogin()
{
    global $wp_version, $user_login, $userdata, $user_level, $user_ID, $user_email, $user_url, $user_pass_md5, $user_identity, $current_user, $podPress;
    if (defined('XMLRPC_REQUEST') && XMLRPC_REQUEST) {
        return false;
    }
    podPress_var_dump('############### podPress_validateLogin ###############');
    $http_headers = getallheaders();
    podPress_var_dump('$http_headers');
    podPress_var_dump($http_headers);
    if (empty($http_headers['Authorization'])) {
        if (empty($http_headers['AUTHORIZATION'])) {
            if (empty($http_headers['REDIRECT_HTTP_AUTHORIZATION'])) {
                podPress_requestLogin();
                return false;
            } else {
                $http_headers['Authorization'] = stripslashes(stripslashes($http_headers['REDIRECT_HTTP_AUTHORIZATION']));
            }
        } else {
            $http_headers['Authorization'] = stripslashes(stripslashes($http_headers['AUTHORIZATION']));
        }
    }
    switch ($podPress->settings['premiumMethod']) {
        case 'Digest':
            $data = podPress_http_digest_parse($http_headers['Authorization']);
            if (!$data) {
                die('Wrong Credentials!');
            }
            if (version_compare($wp_version, '3.3', '>=')) {
                $x = get_user_by('login', $data['username']);
            } else {
                $x = get_userdatabylogin($data['username']);
            }
            if (version_compare($wp_version, '3.0', '>=')) {
                $A1 = get_user_meta($x->ID, 'premiumcast_creds', TRUE);
            } else {
                $A1 = get_usermeta($x->ID, 'premiumcast_creds');
            }
            podPress_var_dump('$A1');
            podPress_var_dump($A1);
            $A2 = md5($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']);
            podPress_var_dump('$A2');
            podPress_var_dump($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']);
            podPress_var_dump($A2);
            $valid_response = md5($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2);
            podPress_var_dump($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2);
            podPress_var_dump('$valid_response');
            podPress_var_dump($valid_response);
            podPress_var_dump($data['response']);
            if ($data['response'] == $valid_response) {
                $user_login = $data['username'];
                $authresult = TRUE;
            } else {
                $authresult = FALSE;
            }
            break;
        case 'Basic':
        default:
            $authparts = podPress_http_basic_parse($http_headers['Authorization']);
            $user_login = $authparts['username'];
            if (version_compare($wp_version, '2.5', '<')) {
                $authresult = wp_login($user_login, $authparts['passwd']);
            } else {
                $creds = array();
                $creds['user_login'] = $user_login;
                $creds['user_password'] = $authparts['passwd'];
                $creds['remember'] = true;
                $authresult = wp_signon($creds, false);
            }
            break;
    }
    podPress_var_dump('$authresult');
    podPress_var_dump($authresult);
    if (isset($GLOBALS['wp_object_cache']->cache['userlogins'][$user_login])) {
        $podPress_x = $GLOBALS['wp_object_cache']->cache['userlogins'][$user_login];
    } else {
        $podPress_x = 0;
    }
    if (is_object($podPress_x)) {
        if (isset($podPress_x->wp_capabilities['premium_subscriber']) and $podPress_x->wp_capabilities['premium_subscriber'] != 1 and isset($podPress_x->wp20_capabilities['premium_subscriber']) and $podPress_x->wp20_capabilities['premium_subscriber'] != 1) {
            $authresult = false;
        }
    } elseif (isset($GLOBALS['wp_object_cache']->cache['user_meta'][$podPress_x]) and is_array($GLOBALS['wp_object_cache']->cache['user_meta'][$podPress_x]) and is_array($GLOBALS['wp_object_cache']->cache['user_meta'][$podPress_x]['wp_capabilities'])) {
        podPress_var_dump('user_meta is object');
        $user_has_cap = FALSE;
        foreach ($GLOBALS['wp_object_cache']->cache['user_meta'][$podPress_x]['wp_capabilities'] as $capability_str) {
            if (FALSE != stristr($capability_str, 'premium_subscriber')) {
                $user_has_cap = TRUE;
                break;
            }
        }
        if (FALSE === $user_has_cap) {
            $authresult = false;
        }
    } else {
        if (isset($GLOBALS['wp_object_cache']->cache['users'][$podPress_x]->wp_capabilities['premium_subscriber']) and $GLOBALS['wp_object_cache']->cache['users'][$podPress_x]->wp_capabilities['premium_subscriber'] != 1 and isset($GLOBALS['wp_object_cache']->cache['users'][$podPress_x]->wp20_capabilities['premium_subscriber']) and $GLOBALS['wp_object_cache']->cache['users'][$podPress_x]->wp20_capabilities['premium_subscriber'] != 1) {
            $authresult = false;
        }
    }
    unset($podPress_x);
    podPress_var_dump('$authresult');
    podPress_var_dump($authresult);
    podPress_var_dump(isset($authresult->errors));
    if (FALSE === $authresult or TRUE === isset($authresult->errors)) {
        podPress_requestLogin();
        die('401 Unauthorized');
        //~ return false;
        //~ $current_user = new WP_User(0);
        //~ return false;
    }
    if (version_compare($wp_version, '3.3', '>=')) {
        $userdata = get_user_by('login', $user_login);
    } else {
        $userdata = get_userdatabylogin($user_login);
    }
    $user_level = $userdata->user_level;
    $user_ID = $userdata->ID;
    $user_email = $userdata->user_email;
    $user_url = $userdata->user_url;
    $user_pass_md5 = md5($userdata->user_pass);
    $user_identity = $userdata->display_name;
    define('PODPRESS_PREMIUMLOGIN', $user_login);
    define('PODPRESS_PREMIUMID', $userdata->ID);
    if (empty($current_user)) {
        $current_user = new WP_User($user_ID);
    }
}
/**
 * TT New User
 * Creates a new user with args passed through an array or string of arguments. Passing arguments works the same
 * as functions such as query_posts(). Params are show as variable names which you must use when passing args
 * NOTE: wp_nonce_field( 'register' ) must be used on the register form
 *
 * @Param: username [string] - The desired username for the new user
 * @Param: email [string] - The desired email address for the new user
 * @Param: use_password [bool] [default: false] - Whether to specify a password on registration
 * @Param: password [string] - If use_password is true, the desired password for the new user
 * @Param: use_tos [bool] [default: true] - Whether the user needs to accept Terms of Service
 * @Param: tos [string] - If use_tos is true, the value to the accept Terms of Service checkbox
 * @Param: unique_email [bool] [default: false] - Set to true if only one username is allowed per email address
 * @Param: do_redirect [bool] [default: true] Whether to redirect the user after registration is complete
 * @Param: redirect [string] [default: User Profile Page] - The url to redirect the user to after successful login
 * @Param: send_email [bool] [default: true] Whether to send an email containing the username and password of the newly registered user
 * @Param: profile_info [array] [dafault: false] An array containing values to be used in wp_update_user() such as first_name, last_name
 * @Param: validate [bool] [default: true]
 * @param: require_verify_email [bool] [default: false] Sends the user an email with a Activate Account link to activate their account
 * @param: override_nonce [bool] [default: false] Bypasses the nonce check, not recommended in most situations
 * @return: The ID of the newly registered user [on error returns error string]
 * @author: Joe Hoyle
 * @version 1.0
 **/
function tja_new_user($args)
{
    //Check the nonce field
    if ($args['override_nonce'] !== true) {
        check_admin_referer('register');
    }
    if (is_user_logged_in()) {
        tj_error_message('You are already logged in', 'register');
        return new WP_Error('already-logged-in');
    }
    include_once ABSPATH . '/wp-includes/registration.php';
    $checks = array('use_password' => false, 'tos' => '', 'use_tos' => true, 'unique_email' => false, 'do_redirect' => true, 'redirect' => '', 'send_email' => false);
    $defaults = array('user_login' => '', 'user_email' => '', 'user_pass' => false, 'role' => 'subscriber', 'validate' => true);
    $original_args = $args;
    $default_args = array_merge($defaults, $checks);
    //Strip any tags then may have been put into the array
    strip_tags((string) $args);
    $args = wp_parse_args($args, $default_args);
    extract($args, EXTR_SKIP);
    $validation = apply_filters('tja_registration_info', $args);
    unset($args['user_pass2']);
    unset($user_pass2);
    if ($validation['status'] === 'error' && $validate == true) {
        return $validation;
    }
    // Merge arrays overwritting defaults, remove any non-standard keys keys with empty values.
    $user_vars = array_filter(array_intersect_key(array_merge($defaults, $args), $defaults));
    //Check for require_verify_email, send email and store temp data
    if ($require_verify_email) {
        $original_args['require_verify_email'] = false;
        $unverified_users = (array) get_option('unverified_users');
        $unverified_users[time()] = $original_args;
        update_option('unverified_users', $unverified_users);
        $message = "Please click the link below to activate your account for " . get_bloginfo() . "\n \n";
        $message .= '<a href="' . get_bloginfo('url') . '/login/?verify_email=' . $user_vars['user_email'] . '&key=' . time() . '">' . get_bloginfo('url') . '/login/?verify_email=' . $user_vars['user_email'] . '&key=' . time() . '</a>';
        $headers = 'From: ' . get_bloginfo() . ' <noreply@' . get_bloginfo('url') . '>' . "\r\n";
        $headers .= "Content-type: text/html; charset=iso-8859-1 \r\n\r\n";
        wp_mail($user_vars['user_email'], 'Please activate your account for ' . get_bloginfo(), $message, $headers);
        return tj_return_success('sent-email-activation', '<p class="message success">You have been sent an activation email, please follow the link in the email sent to ' . $user_vars['user_email'] . '</p>');
    }
    $user_id = wp_insert_user($user_vars);
    if ($role) {
        $user = new WP_User($user_id);
        $user->set_role($role);
    }
    // Get any remaining variable that were passed
    $meta_vars = array_diff_key($original_args, $defaults, $checks);
    foreach ((array) $meta_vars as $key => $value) {
        update_usermeta($user_id, $key, $value);
    }
    $user = get_userdata($user_id);
    //Send Notifcation email if specified
    if ($send_email == true) {
        $email = tja_email_registration_success($user, $user_pass);
    }
    //If they chose a password, login them in
    if ($use_password == 'true' && $user->ID > 0) {
        wp_login($user->user_login, $user_pass);
        wp_clearcookie();
        wp_setcookie($user->user_login, $user_pass, false);
    }
    //Redirect the user if is set
    if ($redirect !== '' && $user->ID && $do_redirect == true) {
        wp_redirect($redirect);
    }
    return $user_id;
}
示例#23
0
文件: common.php 项目: alx/pressid
/**
 * Create a new WordPress user with the specified identity URL and user data.
 *
 * @param string $identity_url OpenID to associate with the newly
 * created account
 * @param array $user_data array of user data
 */
function openid_create_new_user($identity_url, &$user_data)
{
    global $wpdb;
    // Identity URL is new, so create a user
    @(include_once ABSPATH . 'wp-admin/upgrade-functions.php');
    // 2.1
    @(include_once ABSPATH . WPINC . '/registration-functions.php');
    // 2.0.4
    // use email address for username if URL is from emailtoid.net
    $username = $identity_url;
    if (null != $_SESSION['openid_login_email'] and strpos($username, 'http://emailtoid.net/') == 0) {
        if ($user_data['user_email'] == NULL) {
            $user_data['user_email'] = $_SESSION['openid_login_email'];
        }
        $username = $_SESSION['openid_login_email'];
        unset($_SESSION['openid_login_email']);
    }
    $user_data['user_login'] = $wpdb->escape(openid_generate_new_username($username));
    $user_data['user_pass'] = substr(md5(uniqid(microtime())), 0, 7);
    $user_id = wp_insert_user($user_data);
    if ($user_id) {
        // created ok
        $user_data['ID'] = $user_id;
        // XXX this all looks redundant, see openid_set_current_user
        $user = new WP_User($user_id);
        if (!wp_login($user->user_login, $user_data['user_pass'])) {
            openid_message(__('User was created fine, but wp_login() for the new user failed. This is probably a bug.', 'openid'));
            openid_action('error');
            openid_error(openid_message());
            return;
        }
        // notify of user creation
        wp_new_user_notification($user->user_login);
        wp_clearcookie();
        wp_setcookie($user->user_login, md5($user->user_pass), true, '', '', true);
        // Bind the provided identity to the just-created user
        openid_add_user_identity($user_id, $identity_url);
        openid_status('redirect');
        if (!$user->has_cap('edit_posts')) {
            $redirect_to = '/wp-admin/profile.php';
        }
    } else {
        // failed to create user for some reason.
        openid_message(__('OpenID authentication successful, but failed to create WordPress user. This is probably a bug.', 'openid'));
        openid_status('error');
        openid_error(openid_message());
    }
}
 function auth_redirect()
 {
     // Checks if a user is logged in, if not redirects them to the login page
     if (!empty($_COOKIE[USER_COOKIE]) && !wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true) || empty($_COOKIE[USER_COOKIE])) {
         nocache_headers();
         header('Location: ' . get_settings('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']));
         exit;
     }
 }
 } else {
     $cookie_login = wp_get_cookie_login();
     if (!empty($cookie_login)) {
         $using_cookie = true;
         $user_login = $cookie_login['login'];
         $user_pass = $cookie_login['password'];
     }
 }
 do_action('wp_authenticate', array(&$user_login, &$user_pass));
 if ($user_login && $user_pass) {
     $user = new WP_User(0, $user_login);
     // If the user can't edit posts, send them to their profile.
     if (!$user->has_cap('edit_posts') && (empty($redirect_to) || $redirect_to == 'wp-admin/')) {
         $redirect_to = get_settings('siteurl') . '/wp-admin/profile.php';
     }
     if (wp_login($user_login, $user_pass, $using_cookie)) {
         if (!$using_cookie) {
             wp_setcookie($user_login, $user_pass, false, '', '', $rememberme);
         }
         do_action('wp_login', $user_login);
         wp_safe_redirect($redirect_to);
         exit;
     } else {
         if ($using_cookie) {
             $error = __('Your session has expired.');
         }
     }
 } else {
     if ($user_login || $user_pass) {
         $error = __('<strong>Error</strong>: The password field is empty.');
     }
示例#26
0
/**
 * Creates a new user with args passed through an array or string of arguments.
 *
 * wp_nonce_field( 'register' ) must be used on the register form
 *
 * @param: username [string] - The desired username for the new user
 * @param: email [string] - The desired email address for the new user
 * @param: use_password [bool] [default: false] - Whether to specify a password on registration
 * @param: password [string] - If use_password is true, the desired password for the new user
 * @param: use_tos [bool] [default: true] - Whether the user needs to accept Terms of Service
 * @param: tos [string] - If use_tos is true, the value to the accept Terms of Service checkbox
 * @param: unique_email [bool] [default: false] - Set to true if only one username is allowed per email address
 * @param: do_redirect [bool] [default: true] Whether to redirect the user after registration is complete
 * @param: redirect [string] [default: User Profile Page] - The url to redirect the user to after successful login
 * @param: send_email [bool] [default: true] Whether to send an email containing the username and password of the newly registered user
 * @param: profile_info [array] [dafault: false] An array containing values to be used in wp_update_user() such as first_name, last_name
 * @param: validate [bool] [default: true]
 * @param: require_verify_email [bool] [default: false] Sends the user an email with a Activate Account link to activate their account
 * @param: override_nonce [bool] [default: false] Bypasses the nonce check, not recommended in most situations
 *
 * @return: Int ID, the ID of the newly registered user [on error returns error string] or WP_Error
 */
function hma_new_user($args)
{
    if (is_user_logged_in()) {
        hm_error_message('You are already logged in', 'register');
        return new WP_Error('already-logged-in');
    }
    $checks = array('use_password' => false, 'tos' => '', 'use_tos' => true, 'unique_email' => false, 'do_redirect' => true, 'do_login' => false, 'redirect' => '', 'send_email' => false, 'override_nonce' => false);
    $defaults = array('user_login' => '', 'user_email' => '', 'user_pass' => false, 'role' => 'subscriber', 'validate' => true);
    $original_args = $args;
    $default_args = array_merge($defaults, $checks);
    $args = wp_parse_args($args, $default_args);
    extract($args, EXTR_SKIP);
    $validation = apply_filters('hma_registration_info', $args);
    unset($args['user_pass2']);
    unset($original_args['user_pass2']);
    unset($user_pass2);
    if (is_wp_error($validation) && $validate == true) {
        return $validation;
    }
    // Merge arrays overwritting defaults, remove any non-standard keys keys with empty values.
    $user_vars = array_filter(array('user_login' => $user_login, 'user_pass' => $user_pass, 'user_email' => $user_email, 'display_name' => $display_name));
    // Check for require_verify_email, send email and store temp data
    if ($require_verify_email) {
        $original_args['require_verify_email'] = false;
        $unverified_users = (array) get_option('unverified_users');
        $unverified_users[time()] = $original_args;
        update_option('unverified_users', $unverified_users);
        $message = "Please click the link below to activate your account for " . get_bloginfo() . "\n \n";
        $message .= '<a href="' . get_bloginfo('url') . '/login/?verify_email=' . $user_vars['user_email'] . '&key=' . time() . '">' . get_bloginfo('url') . '/login/?verify_email=' . $user_vars['user_email'] . '&key=' . time() . '</a>';
        $headers = 'From: ' . get_bloginfo() . ' <noreply@' . get_bloginfo('url') . '>' . "\r\n";
        $headers .= "Content-type: text/html; charset=iso-8859-1 \r\n\r\n";
        wp_mail($user_vars['user_email'], 'Please activate your account for ' . get_bloginfo(), $message, $headers);
        return hm_return_success('sent-email-activation', '<p class="message success">You have been sent an activation email, please follow the link in the email sent to ' . $user_vars['user_email'] . '</p>');
    }
    $user_id = wp_insert_user($user_vars);
    if (!$user_id || is_wp_error($user_id)) {
        return $user_id;
    }
    // Setup the users role
    if ($role) {
        $user = new WP_User($user_id);
        $user->set_role($role);
    }
    // Get any remaining variable that were passed
    $meta_vars = array_diff_key($original_args, $defaults, $checks, $user_vars);
    foreach ((array) $meta_vars as $key => $value) {
        if (hma_is_profile_field($key) || !hma_custom_profile_fields()) {
            update_user_meta($user_id, $key, $value);
        }
    }
    $user = get_userdata($user_id);
    // Send Notifcation email if specified
    if ($send_email) {
        $email = hma_email_registration_success($user, $user_pass);
    }
    // If they chose a password, login them in
    if (($use_password == 'true' || $do_login == true) && !empty($user->ID)) {
        wp_login($user->user_login, $user_pass);
        wp_clearcookie();
        wp_setcookie($user->user_login, $user_pass, false);
        do_action('wp_login', $user->user_login);
        wp_set_current_user($user->ID);
    }
    // Redirect the user if is set
    if ($redirect !== '' && !empty($user->ID) && $do_redirect == true) {
        wp_redirect($redirect);
        exit;
    }
    do_action('hma_registered_user', $user);
    return $user_id;
}
示例#27
0
 function create_new_user($identity_url, &$oid_user_data)
 {
     global $wpdb;
     // Identity URL is new, so create a user with md5()'d password
     @(include_once ABSPATH . 'wp-admin/upgrade-functions.php');
     // 2.1
     @(include_once ABSPATH . WPINC . '/registration-functions.php');
     // 2.0.4
     $oid_user_data['user_login'] = $wpdb->escape($this->generate_new_username($identity_url));
     $oid_user_data['user_pass'] = substr(md5(uniqid(microtime())), 0, 7);
     $user_id = wp_insert_user($oid_user_data);
     $this->core->log->debug("wp_create_user( {$oid_user_data} )  returned {$user_id} ");
     if ($user_id) {
         // created ok
         $oid_user_data['ID'] = $user_id;
         $this->core->log->debug("OpenIDConsumer: Created new user {$user_id} : {$username} and metadata: " . var_export($oid_user_data, true));
         $user = new WP_User($user_id);
         if (!wp_login($user->user_login, $oid_user_data['user_pass'])) {
             $this->error = 'User was created fine, but wp_login() for the new user failed. ' . 'This is probably a bug.';
             $this->action = 'error';
             $this->core->log->err($this->error);
             return;
         }
         // notify of user creation
         wp_new_user_notification($user->user_login);
         wp_clearcookie();
         wp_setcookie($user->user_login, md5($user->user_pass), true, '', '', true);
         // Bind the provided identity to the just-created user
         global $userdata;
         $userdata = get_userdata($user_id);
         $this->store->insert_identity($identity_url);
         $this->action = 'redirect';
         if (!$user->has_cap('edit_posts')) {
             $redirect_to = '/wp-admin/profile.php';
         }
     } else {
         // failed to create user for some reason.
         $this->error = 'OpenID authentication successful, but failed to create WordPress user. ' . 'This is probably a bug.';
         $this->action = 'error';
         $this->core->log->error($this->error);
     }
 }
示例#28
0
<?php

require_once '../../../../../../wp-config.php';
//	prevent direct access from users not logged in
if (!empty($_COOKIE[USER_COOKIE]) && !wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true) || empty($_COOKIE[USER_COOKIE])) {
    nocache_headers();
    header('Location: ' . get_settings('siteurl') . '/wp-login.php');
    die;
}
nocache_headers();
$KMConfig = get_settings('king-filemanager');
$MY_DOCUMENT_ROOT = $KMConfig['document_root'] . '/';
//'/www/htdocs/../wp-content/upload';
$MY_BASE_URL = $KMConfig['download_url'];
//'http://www.url.de/wp-content/upload';
$MY_URL_TO_OPEN_FILE = $KMConfig['download_url'];
//'http://www.url.de/wp-content/upload';
$MY_ALLOW_EXTENSIONS = explode(',', $KMConfig['allowed_ext']);
$MY_DENY_EXTENSIONS = explode(',', $KMConfig['deny_ext']);
$MY_LIST_EXTENSIONS = explode(',', $KMConfig['allowed_ext']);
$MY_MAX_FILE_SIZE = $KMConfig['max_file_size'];
$MY_DATETIME_FORMAT = $KMConfig['dateformat'];
$MY_LANG = $KMConfig['language'];
$MY_CHARSET = get_settings('blog_charset');
//get blog charset
$MY_ALLOW_CREATE = true;
$MY_ALLOW_DELETE = true;
$MY_ALLOW_RENAME = true;
$MY_ALLOW_MOVE = true;
$MY_ALLOW_UPLOAD = true;
$MY_NAME = 'insertfiledialog';
 function check_ajax_referer()
 {
     $cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie']));
     // AJAX scripts must pass cookie=document.cookie
     foreach ($cookie as $tasty) {
         if (false !== strpos($tasty, USER_COOKIE)) {
             $user = urldecode(substr(strstr($tasty, '='), 1));
         }
         // Nasty double encoding
         if (false !== strpos($tasty, PASS_COOKIE)) {
             $pass = urldecode(substr(strstr($tasty, '='), 1));
         }
     }
     if (wp_login($user, $pass, true)) {
         return true;
     }
     return false;
 }
示例#30
0
function widget_sidebarLogin_check()
{
    // Are we doing a sidebar login action?
    if ($_POST['sidebarLogin_posted']) {
        $user_login = '';
        $user_pass = '';
        $using_cookie = FALSE;
        if ($_POST) {
            $user_login = $_POST['log'];
            $user_login = sanitize_user($user_login);
            $user_pass = $_POST['pwd'];
            $rememberme = $_POST['rememberme'];
        } else {
            $cookie_login = wp_get_cookie_login();
            if (!empty($cookie_login)) {
                $using_cookie = true;
                $user_login = $cookie_login['login'];
                $user_pass = $cookie_login['password'];
            }
        }
        do_action_ref_array('wp_authenticate', array(&$user_login, &$user_pass));
        // If cookies are disabled we can't log in even with a valid user+pass
        if ($_POST && empty($_COOKIE[TEST_COOKIE])) {
            $errors['test_cookie'] = __('<strong>ERROR</strong>: WordPress requires Cookies but your browser does not support them or they are blocked.');
        }
        if ($user_login && $user_pass && empty($errors)) {
            $user = new WP_User(0, $user_login);
            if (wp_login($user_login, $user_pass, $using_cookie)) {
                if (!$using_cookie) {
                    wp_setcookie($user_login, $user_pass, false, '', '', $rememberme);
                }
                do_action('wp_login', $user_login);
                wp_safe_redirect("http://" . $_SERVER["SERVER_NAME"] . $_SERVER['REQUEST_URI']);
                exit;
            } else {
                if ($using_cookie) {
                    $errors['expiredsession'] = __('Your session has expired.');
                }
                $errors['expiredsession'] = __('<strong>ERROR</strong>: Invalid user or password.');
            }
        }
        if ($_POST && empty($user_login)) {
            $errors['user_login'] = __('<strong>ERROR</strong>: The username field is empty.');
        }
        if ($_POST && empty($user_pass)) {
            $errors['user_pass'] = __('<strong>ERROR</strong>: The password field is empty.');
        }
        $_POST['sbl_errors'] = $errors;
        $_POST['user_login'] = $user_login;
    }
}