Changeset 3002333
- Timestamp:
- 11/27/2023 08:21:33 PM (8 months ago)
- Location:
- personalize-login/trunk
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
personalize-login/trunk/personalize-login.php
r2982212 r3002333 1 1 <?php 2 3 2 /* 4 3 * Plugin Name: Personalize Login 5 4 * Description: A plugin that replaces the WordPress login flow with a custom page. 6 * Version: 1.1. 35 * Version: 1.1. 7 6 * Author: Jose Lazo 8 7 * License: GPL-2.0+ … … 10 9 * Domain Path: /languages/ 11 10 12 13 14 15 16 17 18 19 20 21 22 23 24 25 11 Copyright 2019 JoseLazo (jjlazo79@gmail.com) 12 13 This program is free software; you can redistribute it and/or modify 14 it under the terms of the GNU General Public License, version 2, as 15 published by the Free Software Foundation. 16 17 This program is distributed in the hope that it will be useful, 18 but WITHOUT ANY WARRANTY; without even the implied warranty of 19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 20 GNU General Public License for more details. 21 22 You should have received a copy of the GNU General Public License 23 along with this program; if not, write to the Free Software 24 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 26 25 */ 27 defined( 'ABSPATH') or die('Bad dog. No biscuit!');26 defined(); 28 27 // Define some constants plugin 29 define( 'PERLOGIN_PLUGIN_DIR_PATH', plugin_dir_path(__FILE__));30 define( 'PERLOGIN_PLUGIN_DIR_URL', plugin_dir_url(__FILE__));31 define( 'PERLOGIN_VERSION', '1.1.3');32 define( 'PERLOGIN_TEXT_DOMAIN', 'personalize-login');28 define(); 29 define(); 30 define(); 31 define(); 33 32 34 33 … … 36 35 $personalize_login_pages_plugin = new Personalize_Login_Plugin(); 37 36 38 class Personalize_Login_Plugin 39 { 40 37 class Personalize_Login_Plugin { 41 38 /** 42 39 * Initializes the plugin. … … 45 42 * hooks in the constructor. 46 43 */ 47 public function __construct() 48 { 49 //Shortcodes 50 add_shortcode('custom-login-form', array($this, 'pl_render_login_form')); 51 add_shortcode('account-info', array($this, 'pl_render_account_info')); 52 add_shortcode('custom-register-form', array($this, 'pl_render_register_form')); 53 add_shortcode('custom-password-reset-form', array($this, 'pl_render_password_reset_form')); 54 add_shortcode('custom-password-lost-form', array($this, 'pl_render_password_lost_form')); 55 56 //Actions 57 add_action('init', array($this, 'personalize_login_translate')); 58 add_action('login_form_login', array($this, 'pl_redirect_to_custom_login')); 59 add_action('wp_logout', array($this, 'pl_redirect_after_logout')); 60 add_action('login_form_register', array($this, 'pl_redirect_to_custom_register')); 61 add_action('login_form_register', array($this, 'pl_do_register_user')); 62 add_action('login_form_rp', array($this, 'pl_redirect_to_custom_password_reset')); 63 add_action('login_form_resetpass', array($this, 'pl_redirect_to_custom_password_reset')); 64 add_action('login_form_rp', array($this, 'pl_do_password_reset')); 65 add_action('login_form_resetpass', array($this, 'pl_do_password_reset')); 66 add_action('login_form_lostpassword', array($this, 'pl_redirect_to_custom_lostpassword')); 67 add_action('login_form_lostpassword', array($this, 'pl_do_password_lost')); 68 //Filters 69 add_filter('authenticate', array($this, 'pl_maybe_redirect_at_authenticate'), 101, 3); 70 add_filter('login_redirect', array($this, 'pl_redirect_after_login'), 10, 3); 71 add_filter('retrieve_password_message', array($this, 'pl_replace_retrieve_password_message'), 10, 4); 44 public function __construct() { 45 // Shortcodes. 46 add_shortcode( 'custom-login-form', array( $this, 'pl_render_login_form' ) ); 47 add_shortcode( 'account-info', array( $this, 'pl_render_account_info' ) ); 48 add_shortcode( 'custom-register-form', array( $this, 'pl_render_register_form' ) ); 49 add_shortcode( 'custom-password-reset-form', array( $this, 'pl_render_password_reset_form' ) ); 50 add_shortcode( 'custom-password-lost-form', array( $this, 'pl_render_password_lost_form' ) ); 51 52 // Actions. 53 add_action( 'init', array( $this, 'personalize_login_translate' ) ); 54 add_action( 'login_form_login', array( $this, 'pl_redirect_to_custom_login' ) ); 55 add_action( 'wp_logout', array( $this, 'pl_redirect_after_logout' ) ); 56 add_action( 'login_form_register', array( $this, 'pl_redirect_to_custom_register' ) ); 57 add_action( 'login_form_register', array( $this, 'pl_do_register_user' ) ); 58 add_action( 'login_form_rp', array( $this, 'pl_redirect_to_custom_password_reset' ) ); 59 add_action( 'login_form_resetpass', array( $this, 'pl_redirect_to_custom_password_reset' ) ); 60 add_action( 'login_form_rp', array( $this, 'pl_do_password_reset' ) ); 61 add_action( 'login_form_resetpass', array( $this, 'pl_do_password_reset' ) ); 62 add_action( 'login_form_lostpassword', array( $this, 'pl_redirect_to_custom_lostpassword' ) ); 63 add_action( 'login_form_lostpassword', array( $this, 'pl_do_password_lost' ) ); 64 // Filters. 65 add_filter( 'authenticate', array( $this, 'pl_maybe_redirect_at_authenticate' ), 101, 3 ); 66 add_filter( 'login_redirect', array( $this, 'pl_redirect_after_login' ), 10, 3 ); 67 add_filter( 'retrieve_password_message', array( $this, 'pl_replace_retrieve_password_message' ), 10, 4 ); 72 68 } 73 69 … … 77 73 * @return void 78 74 */ 79 function personalize_login_translate() 80 { 75 public function personalize_login_translate() { 81 76 $domain = PERLOGIN_TEXT_DOMAIN; 82 $locale = apply_filters( 'plugin_locale', get_locale(), $domain);83 load_textdomain( $domain, trailingslashit(WP_LANG_DIR) . $domain . '/' . $domain . '-' . $locale . '.mo');84 load_plugin_textdomain( $domain, '', basename(dirname(__FILE__)) . '/languages');77 $locale = apply_filters(); 78 load_textdomain(); 79 load_plugin_textdomain(); 85 80 } 86 81 … … 91 86 * Creates all WordPress pages needed by the plugin. 92 87 */ 93 public static function plugin_activated() 94 { 95 // Information needed for creating the plugin's pages 88 public static function plugin_activated() { 89 // Information needed for creating the plugin's pages. 96 90 $page_definitions = array( 97 'member-login' => array(98 'title' => esc_html('Sign In', PERLOGIN_TEXT_DOMAIN),99 'content' => '[custom-login-form]' 91 'member-login' => array( 92 'title' ), 93 'content' => '[custom-login-form]' 100 94 ), 101 'member-account' => array(102 'title' => esc_html('Your Account', PERLOGIN_TEXT_DOMAIN),103 'content' => '[account-info]' 95 'member-account' => array( 96 'title' ), 97 'content' => '[account-info]' 104 98 ), 105 'member-register' => array(106 'title' => esc_html('Register', PERLOGIN_TEXT_DOMAIN),107 'content' => '[custom-register-form]' 99 'member-register' => array( 100 'title' ), 101 'content' => '[custom-register-form]' 108 102 ), 109 'member-password-lost' => array(110 'title' => esc_html('Forgot Your Password?', PERLOGIN_TEXT_DOMAIN),111 'content' => '[custom-password-lost-form]' 103 'member-password-lost' => array( 104 'title' ), 105 'content' => '[custom-password-lost-form]' 112 106 ), 113 107 'member-password-reset' => array( 114 'title' => esc_html('Pick a New Password', PERLOGIN_TEXT_DOMAIN),115 'content' => '[custom-password-reset-form]' 116 ) 108 'title' ), 109 'content' => '[custom-password-reset-form]' 110 ) 117 111 ); 118 112 119 foreach ( $page_definitions as $slug => $page) {120 // Check that the page doesn't exist already 121 $query = new WP_Query( 'pagename=' . $slug);122 if ( !$query->have_posts()) {123 // Add the page using the data from the array above 113 foreach () { 114 // Check that the page doesn't exist already 115 $query = new WP_Query(); 116 if () { 117 // Add the page using the data from the array above 124 118 wp_insert_post( 125 119 array( 126 'post_content' => sanitize_text_field( $page['content']),127 'post_name' => sanitize_text_field( $slug),128 'post_title' => sanitize_text_field( $page['title']),120 'post_content' => sanitize_text_field(), 121 'post_name' => sanitize_text_field(), 122 'post_title' => sanitize_text_field(), 129 123 'post_status' => 'publish', 130 124 'post_type' => 'page', … … 141 135 * A shortcode for rendering the login form. 142 136 * 143 * @param array 144 * @param string 137 * @param array $attributes Shortcode attributes. 138 * @param string $content The text content for shortcode. Not used. 145 139 * 146 140 * @return string The shortcode output 147 141 */ 148 public function pl_render_login_form($attributes, $content = null) 149 { 150 // Parse shortcode attributes 151 $default_attributes = array('show_title' => false); 152 $attributes = shortcode_atts($default_attributes, $attributes); 142 public function pl_render_login_form( $attributes, $content = null ) { 143 // Parse shortcode attributes. 144 $default_attributes = array( 'show_title' => false ); 145 $attributes = shortcode_atts( $default_attributes, $attributes ); 153 146 $show_title = $attributes['show_title']; 154 147 155 if ( is_user_logged_in()) {156 return esc_html ('You are already signed in.', PERLOGIN_TEXT_DOMAIN);148 if () { 149 return esc_html); 157 150 } 158 151 … … 161 154 // request parameter, use it. 162 155 $attributes['redirect'] = ''; 163 if ( isset($_REQUEST['redirect_to'])) {164 $attributes['redirect'] = wp_validate_redirect( $_REQUEST['redirect_to'], $attributes['redirect']);156 if () { 157 $attributes['redirect'] = wp_validate_redirect(); 165 158 } 166 159 167 160 $errors = array(); 168 if ( isset($_REQUEST['login'])) {169 $error_codes = explode( ',', sanitize_text_field($_REQUEST['login']) );170 171 foreach ( $error_codes as $code) {172 $errors[] = $this->get_error_message( $code);161 if () { 162 $error_codes = explode() ); 163 164 foreach () { 165 $errors[] = $this->get_error_message(); 173 166 } 174 167 } 175 168 $attributes['errors'] = $errors; 176 169 177 // Check if user just logged out 178 $attributes['logged_out'] = isset( $_REQUEST['logged_out']) && $_REQUEST['logged_out'] == true;179 180 // Check if user just updated password 181 $attributes['password_updated'] = isset( $_REQUEST['password']) && $_REQUEST['password'] == 'changed';182 183 // Check if the user just requested a new password 184 $attributes['lost_password_sent'] = isset( $_REQUEST['checkemail']) && $_REQUEST['checkemail'] == 'confirm';185 186 // Render the login form using an external template 187 return $this->get_template_html( 'login_form', $attributes);170 // Check if user just logged out 171 $attributes['logged_out'] = isset(; 172 173 // Check if user just updated password 174 $attributes['password_updated'] = isset(; 175 176 // Check if the user just requested a new password 177 $attributes['lost_password_sent'] = isset(; 178 179 // Render the login form using an external template 180 return $this->get_template_html(); 188 181 } // end pl_render_login_form 189 182 … … 192 185 * A shortcode for rendering the account page. 193 186 * 194 * @param array 195 * @param string 187 * @param array $attributes Shortcode attributes. 188 * @param string $content The text content for shortcode. Not used. 196 189 * 197 190 * @return string The shortcode output 198 191 */ 199 public function pl_render_account_info($attributes, $content = null) 200 { 201 // Parse shortcode attributes 202 $default_attributes = array('show_title' => false); 203 $attributes = shortcode_atts($default_attributes, $attributes); 192 public function pl_render_account_info( $attributes, $content = null ) { 193 // Parse shortcode attributes. 194 $default_attributes = array( 'show_title' => false ); 195 $attributes = shortcode_atts( $default_attributes, $attributes ); 204 196 $show_title = $attributes['show_title']; 205 197 206 if ( !is_user_logged_in()) {207 return esc_html ('You are not signed in yet.', PERLOGIN_TEXT_DOMAIN);198 if () { 199 return esc_html); 208 200 } 209 201 210 202 $errors = array(); 211 if ( isset($_REQUEST['login'])) {212 $error_codes = explode(',', sanitize_text_field($_REQUEST['login']) );213 214 foreach ( $error_codes as $code) {215 $errors[] = $this->get_error_message( $code);203 if () { 204 $error_codes ) ); 205 206 foreach () { 207 $errors[] = $this->get_error_message(); 216 208 } 217 209 } 218 210 $attributes['errors'] = $errors; 219 211 220 // Render the login form using an external template 221 return $this->get_template_html( 'account_info', $attributes);212 // Render the login form using an external template 213 return $this->get_template_html(); 222 214 } // end render_account-info 223 215 … … 226 218 * Renders the contents of the given template to a string and returns it. 227 219 * 228 * @param string $template_name The name of the template to render (without .php) 229 * @param array $attributes The PHP variables for the template 220 * @param string $template_name The name of the template to render (without .php) 221 * @param array $attributes The PHP variables for the template 230 222 * 231 223 * @return string The contents of the template. 232 224 */ 233 private function get_template_html($template_name, $attributes = null) 234 { 235 if (!$attributes) { 225 private function get_template_html( $template_name, $attributes = null ) { 226 if ( ! $attributes ) { 236 227 $attributes = array(); 237 228 } … … 239 230 ob_start(); 240 231 241 do_action( 'personalize_login_before_' . $template_name);242 243 require ('templates/' . $template_name . '.php');244 245 do_action( 'personalize_login_after_' . $template_name);232 do_action(); 233 234 require; 235 236 do_action(); 246 237 247 238 $html = ob_get_contents(); … … 255 246 * Redirect the user to the custom login page instead of wp-login.php. 256 247 */ 257 function pl_redirect_to_custom_login() 258 { 259 if ($_SERVER['REQUEST_METHOD'] == 'GET') { 260 $redirect_to = isset($_REQUEST['redirect_to']) ? sanitize_url($_REQUEST['redirect_to']) : null; 261 262 if (is_user_logged_in()) { 263 $this->redirect_logged_in_user($redirect_to); 248 public function pl_redirect_to_custom_login() { 249 if ( isset( $_REQUEST['interim-login'] ) ) { 250 return; 251 } 252 if ( 'GET' === $_SERVER['REQUEST_METHOD'] ) { 253 $redirect_to = isset( $_REQUEST['redirect_to'] ) ? sanitize_url( $_REQUEST['redirect_to'] ) : null; 254 255 if ( is_user_logged_in() ) { 256 $this->redirect_logged_in_user( $redirect_to ); 264 257 exit; 265 258 } 266 259 267 // The rest are redirected to the login page 268 $login_url = home_url( 'member-login');269 if ( !empty($redirect_to)) {270 $login_url = add_query_arg( 'redirect_to', $redirect_to, $login_url);271 } 272 273 wp_ redirect($login_url);260 // The rest are redirected to the login page 261 $login_url = home_url(); 262 if () { 263 $login_url = add_query_arg(); 264 } 265 266 wp_); 274 267 exit; 275 268 } … … 281 274 * is an admin or not. 282 275 * 283 * @param string $redirect_to An optional redirect_to URL for admin users 284 */ 285 private function redirect_logged_in_user($redirect_to = null) 286 { 276 * @param string $redirect_to An optional redirect_to URL for admin users. 277 */ 278 private function redirect_logged_in_user( $redirect_to = null ) { 287 279 $user = wp_get_current_user(); 288 if ( user_can($user, 'manage_options')) {289 if ( $redirect_to) {290 wp_safe_redirect( $redirect_to);280 if () { 281 if () { 282 wp_safe_redirect(); 291 283 } else { 292 wp_ redirect(admin_url());284 wp_); 293 285 } 294 286 } else { 295 wp_ redirect(home_url('member-account'));287 wp_); 296 288 } 297 289 } … … 301 293 * Redirect the user after authentication if there were any errors. 302 294 * 303 * @param Wp_User|Wp_Error 304 * @param string 305 * @param string 295 * @param Wp_User|Wp_Error $user The signed in user, or the errors that have occurred during login. 296 * @param string $username The user name used to log in. 297 * @param string $password The password used to log in. 306 298 * 307 299 * @return Wp_User|Wp_Error The logged in user, or error information if there were errors. 308 300 */ 309 function pl_maybe_redirect_at_authenticate($user, $username, $password) 310 { 301 public function pl_maybe_redirect_at_authenticate( $user, $username, $password ) { 311 302 // Check if the earlier authenticate filter (most likely, 312 // the default WordPress authentication) functions have found errors 313 if ( $_SERVER['REQUEST_METHOD'] === 'POST') {314 if ( is_wp_error($user)) {315 $error_codes = join( ',', $user->get_error_codes());316 317 $login_url = home_url( 'member-login');318 $login_url = add_query_arg( 'login', $error_codes, $login_url);319 320 wp_ redirect($login_url);303 // the default WordPress authentication) functions have found errors 304 if () { 305 if () { 306 $error_codes = join(); 307 308 $login_url = home_url(); 309 $login_url = add_query_arg(); 310 311 wp_); 321 312 exit; 322 313 } … … 333 324 * @return string An error message. 334 325 */ 335 private function get_error_message($error_code) 336 { 337 switch ($error_code) { 326 private function get_error_message( $error_code ) { 327 switch ( $error_code ) { 338 328 case 'empty_username': 339 return esc_html ('You do have an email address, right?', PERLOGIN_TEXT_DOMAIN);329 return esc_html); 340 330 341 331 case 'empty_password': 342 return esc_html ('You need to enter a password to login.', PERLOGIN_TEXT_DOMAIN);332 return esc_html); 343 333 344 334 case 'invalid_username': … … 349 339 350 340 case 'incorrect_password': 351 $err = esc_html (341 $err = esc_html( 352 342 "The password you entered wasn't quite right. <a href='%s'>Did you forget your password</a>?", 353 343 PERLOGIN_TEXT_DOMAIN 354 344 ); 355 return sprintf( $err, wp_lostpassword_url());356 357 // Reset password 345 return sprintf(); 346 347 // Reset password 358 348 case 'expiredkey': 359 349 case 'invalidkey': 360 return esc_html ('The password reset link you used is not valid anymore.', PERLOGIN_TEXT_DOMAIN);350 return esc_html); 361 351 362 352 case 'password_reset_mismatch': 363 return esc_html ("The two passwords you entered don't match.", PERLOGIN_TEXT_DOMAIN);353 return esc_html); 364 354 365 355 case 'password_reset_empty': 366 return esc_html ("Sorry, we don't accept empty passwords.", PERLOGIN_TEXT_DOMAIN);356 return esc_html); 367 357 368 358 default: 369 359 break; 370 360 371 // Lost password 361 // Lost password 372 362 case 'empty_username': 373 return esc_html ('You need to enter your email address to continue.', PERLOGIN_TEXT_DOMAIN);363 return esc_html); 374 364 375 365 case 'invalid_email': 376 366 case 'invalidcombo': 377 return esc_html ('There are no users registered with this email address.', PERLOGIN_TEXT_DOMAIN);378 } 379 380 return esc_html ('An unknown error occurred. Please try again later.', PERLOGIN_TEXT_DOMAIN).'<span style="display:none">'.$error_code.'</span>';367 return esc_html); 368 } 369 370 return esc_html'</span>'; 381 371 } 382 372 … … 385 375 * Redirect to custom login page after the user has been logged out. 386 376 */ 387 public function pl_redirect_after_logout() 388 { 389 $redirect_url = home_url('member-login?logged_out=true'); 390 wp_safe_redirect($redirect_url); 377 public function pl_redirect_after_logout() { 378 $redirect_url = home_url( 'member-login?logged_out=true' ); 379 wp_safe_redirect( $redirect_url ); 391 380 exit; 392 381 } … … 402 391 * @return string Redirect URL 403 392 */ 404 public function pl_redirect_after_login($redirect_to, $requested_redirect_to, $user) 405 { 393 public function pl_redirect_after_login( $redirect_to, $requested_redirect_to, $user ) { 406 394 $redirect_url = home_url(); 407 395 408 if ( !isset($user->ID)) {396 if () { 409 397 return $redirect_url; 410 398 } 411 399 412 if ( user_can($user, 'manage_options')) {400 if () { 413 401 // Use the redirect_to parameter if one is set, otherwise redirect to admin dashboard. 414 if ( $requested_redirect_to == '') {402 if () { 415 403 $redirect_url = admin_url(); 416 404 } else { … … 418 406 } 419 407 } else { 420 // Non-admin users always go to their account page after login 421 $redirect_url = home_url( 'member-account');422 } 423 424 return wp_validate_redirect( $redirect_url, home_url());408 // Non-admin users always go to their account page after login 409 $redirect_url = home_url(); 410 } 411 412 return wp_validate_redirect(); 425 413 } 426 414 … … 429 417 * A shortcode for rendering the new user registration form. 430 418 * 431 * @param array 432 * @param string 419 * @param array $attributes Shortcode attributes. 420 * @param string $content The text content for shortcode. Not used. 433 421 * 434 422 * @return string The shortcode output 435 423 */ 436 public function pl_render_register_form($attributes, $content = null) 437 { 438 // Parse shortcode attributes 439 $default_attributes = array('show_title' => false); 440 $attributes = shortcode_atts($default_attributes, $attributes); 441 442 if (is_user_logged_in()) { 443 return esc_html('You are already signed in.', PERLOGIN_TEXT_DOMAIN); 444 } elseif (!get_option('users_can_register')) { 445 return esc_html('Registering new users is currently not allowed.', PERLOGIN_TEXT_DOMAIN); 424 public function pl_render_register_form( $attributes, $content = null ) { 425 // Parse shortcode attributes. 426 $default_attributes = array( 'show_title' => false ); 427 $attributes = shortcode_atts( $default_attributes, $attributes ); 428 429 if ( is_user_logged_in() ) { 430 return esc_html__( 'You are already signed in.', PERLOGIN_TEXT_DOMAIN ); 431 } elseif ( ! get_option( 'users_can_register' ) ) { 432 return esc_html__( 'Registering new users is currently not allowed.', PERLOGIN_TEXT_DOMAIN ); 446 433 } else { 447 return $this->get_template_html( 'register_form', $attributes);434 return $this->get_template_html(); 448 435 } 449 436 } … … 454 441 * of wp-login.php?action=register. 455 442 */ 456 public function pl_redirect_to_custom_register() 457 { 458 if ('GET' == $_SERVER['REQUEST_METHOD']) { 459 if (is_user_logged_in()) { 443 public function pl_redirect_to_custom_register() { 444 if ( 'GET' === $_SERVER['REQUEST_METHOD'] ) { 445 if ( is_user_logged_in() ) { 460 446 $this->redirect_logged_in_user(); 461 447 } else { 462 wp_ redirect(home_url('member-register'));448 wp_); 463 449 } 464 450 exit; … … 470 456 * Validates and then completes the new user signup process if all went well. 471 457 * 472 * @param string $email The new user's email address 473 * @param string $first_name The new user's first name 474 * @param string $last_name The new user's last name 458 * @param string $email The new user's email address 459 * @param string $first_name The new user's first name 460 * @param string $last_name The new user's last name 475 461 * 476 462 * @return int|WP_Error The id of the user that was created, or error if failed. 477 463 */ 478 private function register_user($email, $first_name, $last_name) 479 { 464 private function register_user( $email, $first_name, $last_name ) { 480 465 $errors = new WP_Error(); 481 466 482 467 // Email address is used as both username and email. It is also the only 483 // parameter we need to validate 484 if ( !is_email($email)) {485 $errors->add( 'email', $this->get_error_message('email'));468 // parameter we need to validate 469 if () { 470 $errors->add(); 486 471 return $errors; 487 472 } 488 473 489 if ( username_exists($email) || email_exists($email)) {490 $errors->add( 'email_exists', $this->get_error_message('email_exists'));474 if () { 475 $errors->add(); 491 476 return $errors; 492 477 } 493 478 494 479 // Generate the password so that the subscriber will have to check email... 495 $password = wp_generate_password( 12, false);480 $password = wp_generate_password(); 496 481 497 482 $user_data = array( 498 'user_login' 499 'user_email' 500 'user_pass' 501 'first_name' 502 'last_name' 503 'nickname' 483 'user_login' => $email, 484 'user_email' => $email, 485 'user_pass' => $password, 486 'first_name' => $first_name, 487 'last_name' => $last_name, 488 'nickname' => $first_name, 504 489 ); 505 490 506 $user_id = wp_insert_user( $user_data);507 wp_new_user_notification( $user_id, $password);491 $user_id = wp_insert_user(); 492 wp_new_user_notification(); 508 493 509 494 return $user_id; … … 517 502 * when accessed through the registration action. 518 503 */ 519 public function pl_do_register_user() 520 { 521 if ('POST' == $_SERVER['REQUEST_METHOD']) { 522 $redirect_url = home_url('member-register'); 523 524 if (!get_option('users_can_register')) { 525 // Registration closed, display error 526 $redirect_url = add_query_arg('register-errors', 'closed', $redirect_url); 504 public function pl_do_register_user() { 505 if ( 'POST' === $_SERVER['REQUEST_METHOD'] ) { 506 $redirect_url = home_url( 'member-register' ); 507 508 if ( ! get_option( 'users_can_register' ) ) { 509 // Registration closed, display error. 510 $redirect_url = add_query_arg( 'register-errors', 'closed', $redirect_url ); 527 511 } else { 528 $email = sanitize_email( $_POST['email']);529 $first_name = sanitize_text_field( $_POST['first_name']);530 $last_name = sanitize_text_field( $_POST['last_name']);531 532 $result = $this->register_user( $email, $first_name, $last_name);533 534 if ( is_wp_error($result)) {535 // Parse errors into a string and append as parameter to redirect 536 $errors = join( ',', $result->get_error_codes());537 $redirect_url = add_query_arg( 'register-errors', $errors, $redirect_url);512 $email = sanitize_email(); 513 $first_name = sanitize_text_field(); 514 $last_name = sanitize_text_field(); 515 516 $result = $this->register_user(); 517 518 if () { 519 // Parse errors into a string and append as parameter to redirect 520 $errors = join(); 521 $redirect_url = add_query_arg(); 538 522 } else { 539 523 // Success, redirect to login page. 540 $redirect_url = home_url( 'member-login');541 $redirect_url = add_query_arg( 'registered', $email, $redirect_url);524 $redirect_url = home_url(); 525 $redirect_url = add_query_arg(); 542 526 } 543 527 } 544 528 545 wp_ redirect($redirect_url);529 wp_); 546 530 exit; 547 531 } … … 553 537 * if there are errors. 554 538 */ 555 public function pl_redirect_to_custom_password_reset() 556 { 557 if ('GET' == $_SERVER['REQUEST_METHOD']) { 558 // Verify key / login combo 559 $user = check_password_reset_key($_REQUEST['key'], sanitize_text_field($_REQUEST['login'])); 560 if (!$user || is_wp_error($user)) { 561 if ($user && $user->get_error_code() === 'expired_key') { 562 wp_redirect(home_url('member-login?login=expiredkey')); 539 public function pl_redirect_to_custom_password_reset() { 540 if ( 'GET' === $_SERVER['REQUEST_METHOD'] ) { 541 // Verify key / login combo. 542 $user = check_password_reset_key( $_REQUEST['key'], sanitize_text_field( $_REQUEST['login'] ) ); 543 if ( ! $user || is_wp_error( $user ) ) { 544 if ( $user && $user->get_error_code() === 'expired_key' ) { 545 wp_safe_redirect( home_url( 'member-login?login=expiredkey' ) ); 563 546 } else { 564 wp_ redirect(home_url('member-login?login=invalidkey'));547 wp_); 565 548 } 566 549 exit; 567 550 } 568 551 569 $redirect_url = home_url( 'member-password-reset');570 $redirect_url = add_query_arg( 'login', esc_attr($_REQUEST['login']), $redirect_url);571 $redirect_url = add_query_arg( 'key', esc_attr($_REQUEST['key']), $redirect_url);572 573 wp_ redirect($redirect_url);552 $redirect_url = home_url(); 553 $redirect_url = add_query_arg(); 554 $redirect_url = add_query_arg(); 555 556 wp_); 574 557 exit; 575 558 } … … 580 563 * A shortcode for rendering the form used to reset a user's password. 581 564 * 582 * @param array 583 * @param string 565 * @param array $attributes Shortcode attributes. 566 * @param string $content The text content for shortcode. Not used. 584 567 * 585 568 * @return string The shortcode output 586 569 */ 587 public function pl_render_password_reset_form($attributes, $content = null) 588 { 589 // Parse shortcode attributes 590 $default_attributes = array('show_title' => false); 591 $attributes = shortcode_atts($default_attributes, $attributes); 592 593 if (is_user_logged_in()) { 594 return esc_html('You are already signed in.', PERLOGIN_TEXT_DOMAIN); 570 public function pl_render_password_reset_form( $attributes, $content = null ) { 571 // Parse shortcode attributes. 572 $default_attributes = array( 'show_title' => false ); 573 $attributes = shortcode_atts( $default_attributes, $attributes ); 574 575 if ( is_user_logged_in() ) { 576 return esc_html( 'You are already signed in.', PERLOGIN_TEXT_DOMAIN ); 577 } elseif ( isset( $_REQUEST['login'] ) && isset( $_REQUEST['key'] ) ) { 578 $attributes['login'] = sanitize_text_field( $_REQUEST['login'] ); 579 $attributes['key'] = sanitize_text_field( $_REQUEST['key'] ); 580 581 // Error messages. 582 $errors = array(); 583 if ( isset( $_REQUEST['error'] ) ) { 584 $error_codes = explode( ',', $_REQUEST['error'] ); 585 586 foreach ( $error_codes as $code ) { 587 $errors[] = $this->get_error_message( $code ); 588 } 589 } 590 $attributes['errors'] = $errors; 591 592 return $this->get_template_html( 'password_reset_form', $attributes ); 595 593 } else { 596 if (isset($_REQUEST['login']) && isset($_REQUEST['key'])) { 597 $attributes['login'] = sanitize_text_field($_REQUEST['login']); 598 $attributes['key'] = sanitize_text_field($_REQUEST['key']); 599 600 // Error messages 601 $errors = array(); 602 if (isset($_REQUEST['error'])) { 603 $error_codes = explode(',', $_REQUEST['error']); 604 605 foreach ($error_codes as $code) { 606 $errors[] = $this->get_error_message($code); 607 } 608 } 609 $attributes['errors'] = $errors; 610 611 return $this->get_template_html('password_reset_form', $attributes); 612 } else { 613 return esc_html('Invalid password reset link.', PERLOGIN_TEXT_DOMAIN); 614 } 594 return esc_html( 'Invalid password reset link.', PERLOGIN_TEXT_DOMAIN ); 615 595 } 616 596 } … … 620 600 * A shortcode for rendering the form used to initiate the password reset. 621 601 * 622 * @param array 623 * @param string 602 * @param array $attributes Shortcode attributes. 603 * @param string $content The text content for shortcode. Not used. 624 604 * 625 605 * @return string The shortcode output 626 606 */ 627 public function pl_render_password_lost_form($attributes, $content = null) 628 { 629 // Parse shortcode attributes 630 $default_attributes = array('show_title' => false); 631 $attributes = shortcode_atts($default_attributes, $attributes); 632 633 // Retrieve possible errors from request parameters 607 public function pl_render_password_lost_form( $attributes, $content = null ) { 608 // Parse shortcode attributes. 609 $default_attributes = array( 'show_title' => false ); 610 $attributes = shortcode_atts( $default_attributes, $attributes ); 611 612 // Retrieve possible errors from request parameters. 634 613 $attributes['errors'] = array(); 635 if ( isset($_REQUEST['errors'])) {636 $error_codes = explode( ',', $_REQUEST['errors']);637 638 foreach ( $error_codes as $error_code) {639 $attributes['errors'][] = $this->get_error_message( $error_code);640 } 641 } 642 643 if ( is_user_logged_in()) {644 return esc_html ('You are already signed in.', PERLOGIN_TEXT_DOMAIN);614 if () { 615 $error_codes = explode(); 616 617 foreach () { 618 $attributes['errors'][] = $this->get_error_message(); 619 } 620 } 621 622 if () { 623 return esc_html); 645 624 } else { 646 return $this->get_template_html( 'password_lost_form', $attributes);625 return $this->get_template_html(); 647 626 } 648 627 } … … 652 631 * Resets the user's password if the password reset form was submitted. 653 632 */ 654 public function pl_do_password_reset() 655 { 656 if ('POST' == $_SERVER['REQUEST_METHOD']) { 657 $rp_key = sanitize_text_field($_REQUEST['rp_key']); 658 $rp_login = sanitize_text_field($_REQUEST['rp_login']); 659 660 $user = check_password_reset_key($rp_key, $rp_login); 661 662 if (!$user || is_wp_error($user)) { 663 if ($user && $user->get_error_code() === 'expired_key') { 664 wp_redirect(home_url('member-login?login=expiredkey')); 633 public function pl_do_password_reset() { 634 if ( 'POST' === $_SERVER['REQUEST_METHOD'] ) { 635 $rp_key = sanitize_text_field( $_REQUEST['rp_key'] ); 636 $rp_login = sanitize_text_field( $_REQUEST['rp_login'] ); 637 638 $user = check_password_reset_key( $rp_key, $rp_login ); 639 640 if ( ! $user || is_wp_error( $user ) ) { 641 if ( $user && $user->get_error_code() === 'expired_key' ) { 642 wp_safe_redirect( home_url( 'member-login?login=expiredkey' ) ); 665 643 } else { 666 wp_ redirect(home_url('member-login?login=invalidkey'));644 wp_); 667 645 } 668 646 exit; 669 647 } 670 648 671 if ( isset($_POST['pass1'])) {672 if ( $_POST['pass1'] != $_POST['pass2']) {673 // Passwords don't match 674 $redirect_url = home_url( 'member-password-reset');675 676 $redirect_url = add_query_arg( 'key', $rp_key, $redirect_url);677 $redirect_url = add_query_arg( 'login', $rp_login, $redirect_url);678 $redirect_url = add_query_arg( 'error', 'password_reset_mismatch', $redirect_url);679 680 wp_ redirect($redirect_url);649 if () { 650 if () { 651 // Passwords don't match 652 $redirect_url = home_url(); 653 654 $redirect_url = add_query_arg(); 655 $redirect_url = add_query_arg(); 656 $redirect_url = add_query_arg(); 657 658 wp_); 681 659 exit; 682 660 } 683 661 684 if ( empty($_POST['pass1'])) {685 // Password is empty 686 $redirect_url = home_url( 'member-password-reset');687 688 $redirect_url = add_query_arg( 'key', $rp_key, $redirect_url);689 $redirect_url = add_query_arg( 'login', $rp_login, $redirect_url);690 $redirect_url = add_query_arg( 'error', 'password_reset_empty', $redirect_url);691 692 wp_ redirect($redirect_url);662 if () { 663 // Password is empty 664 $redirect_url = home_url(); 665 666 $redirect_url = add_query_arg(); 667 $redirect_url = add_query_arg(); 668 $redirect_url = add_query_arg(); 669 670 wp_); 693 671 exit; 694 672 } 695 673 696 // Parameter checks OK, reset password 697 reset_password( $user, sanitize_text_field($_POST['pass1']));698 wp_ redirect(home_url('member-login?password=changed'));674 // Parameter checks OK, reset password 675 reset_password(); 676 wp_); 699 677 } else { 700 echo "Invalid request.";678 echo ; 701 679 } 702 680 … … 710 688 * wp-login.php?action=lostpassword. 711 689 */ 712 public function pl_redirect_to_custom_lostpassword() 713 { 714 if ('GET' == $_SERVER['REQUEST_METHOD']) { 715 if (is_user_logged_in()) { 690 public function pl_redirect_to_custom_lostpassword() { 691 if ( 'GET' === $_SERVER['REQUEST_METHOD'] ) { 692 if ( is_user_logged_in() ) { 716 693 $this->redirect_logged_in_user(); 717 694 exit; 718 695 } 719 696 720 wp_ redirect(home_url('member-password-lost'));697 wp_); 721 698 exit; 722 699 } … … 727 704 * Initiates password reset. 728 705 */ 729 public function pl_do_password_lost() 730 { 731 if ('POST' == $_SERVER['REQUEST_METHOD']) { 706 public function pl_do_password_lost() { 707 if ( 'POST' === $_SERVER['REQUEST_METHOD'] ) { 732 708 $errors = retrieve_password(); 733 if ( is_wp_error($errors)) {734 // Errors found 735 $redirect_url = home_url( 'member-password-lost');736 $redirect_url = add_query_arg( 'errors', join(',', $errors->get_error_codes()), $redirect_url);709 if () { 710 // Errors found 711 $redirect_url = home_url(); 712 $redirect_url = add_query_arg(); 737 713 } else { 738 // Email sent 739 $redirect_url = home_url( 'member-login');740 $redirect_url = add_query_arg( 'checkemail', 'confirm', $redirect_url);741 } 742 743 wp_ redirect($redirect_url);714 // Email sent 715 $redirect_url = home_url(); 716 $redirect_url = add_query_arg(); 717 } 718 719 wp_); 744 720 exit; 745 721 } … … 758 734 * @return string The mail message to send. 759 735 */ 760 public function pl_replace_retrieve_password_message($message, $key, $user_login, $user_data) 761 { 762 // Create new message 763 $msg = esc_html('Hello!', PERLOGIN_TEXT_DOMAIN) . "\r\n\r\n"; 764 $msg .= sprintf(esc_html('You asked us to reset your password for your account using the email address %s.', PERLOGIN_TEXT_DOMAIN), $user_login) . "\r\n\r\n"; 765 $msg .= esc_html("If this was a mistake, or you didn't ask for a password reset, just ignore this email and nothing will happen.", PERLOGIN_TEXT_DOMAIN) . "\r\n\r\n"; 766 $msg .= esc_html('To reset your password, visit the following address:', PERLOGIN_TEXT_DOMAIN) . "\r\n\r\n"; 767 $msg .= site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "\r\n\r\n"; 768 $msg .= esc_html('Thanks!', PERLOGIN_TEXT_DOMAIN) . "\r\n"; 736 public function pl_replace_retrieve_password_message( $message, $key, $user_login, $user_data ) { 737 // Create new message. 738 $msg = esc_html( 'Hello!', PERLOGIN_TEXT_DOMAIN ) . "\r\n\r\n"; 739 $msg .= sprintf( esc_html( 'You asked us to reset your password for your account using the email address %s.', PERLOGIN_TEXT_DOMAIN ), $user_login ) . "\r\n\r\n"; 740 $msg .= esc_html( "If this was a mistake, or you didn't ask for a password reset, just ignore this email and nothing will happen.", PERLOGIN_TEXT_DOMAIN ) . "\r\n\r\n"; 741 $msg .= esc_html( 'To reset your password, visit the following address:', PERLOGIN_TEXT_DOMAIN ) . "\r\n\r\n"; 742 $msg .= site_url( "wp-login.php?action=rp&key=$key&login=" . rawurlencode( $user_login ), 'login' ) . "\r\n\r\n"; 743 $msg .= esc_html( 'Thanks!', PERLOGIN_TEXT_DOMAIN ) . "\r\n"; 769 744 770 745 return $msg; … … 772 747 } 773 748 774 // Create the custom pages at plugin activation 775 register_activation_hook(__FILE__, array('Personalize_Login_Plugin', 'plugin_activated')); 776 777 778 // Initialize the plugin menu 779 // add_action('admin_menu', array(new PLogin_Options_Page, "admin_menu")); 749 // Create the custom pages at plugin activation. 750 register_activation_hook( __FILE__, array( 'Personalize_Login_Plugin', 'plugin_activated' ) ); 780 751 781 752 /** 782 753 * Class for registering a new settings page under Settings. 783 754 */ 784 class PLogin_Options_Page 785 { 755 class PLogin_Options_Page 756 786 757 787 758 /** 788 759 * Constructor. 789 760 */ 790 function __construct() 791 { 792 //Actions 793 add_action('admin_menu', array($this, 'admin_menu')); 761 public function __construct() { 762 // Actions. 763 add_action( 'admin_menu', array( $this, 'admin_menu' ) ); 794 764 } 795 765 … … 797 767 * Registers a new settings page under Settings. 798 768 */ 799 function admin_menu() 800 { 769 public function admin_menu() { 801 770 add_options_page( 802 esc_html ('Personalize Login Settings', PERLOGIN_TEXT_DOMAIN),803 esc_html ('Personalize Login Settings Menu', PERLOGIN_TEXT_DOMAIN),771 esc_html), 772 esc_html), 804 773 'manage_options', 805 774 'options_page_plogin_menu', 806 775 array( 807 776 $this, 808 'settings_page' 777 'settings_page' 809 778 ) 810 779 ); … … 814 783 * Settings page display callback. 815 784 */ 816 function settings_page() 817 { 818 ?> 785 public function settings_page() { 786 ?> 819 787 <!-- <div class="wrap"> 820 <?php // screen_icon(); 788 <?php 789 // screen_icon(); 821 790 ?> 822 <h2><?php // esc_html_e('PLogin Plugin Options', PERLOGIN_TEXT_DOMAIN); 823 ?></h2> 824 <form method="post" action="options.php"> 825 <?php // settings_fields('plogin_options_group'); 791 <h2> 792 <?php 793 // esc_html_e('PLogin Plugin Options', PERLOGIN_TEXT_DOMAIN); 794 ?> 795 </h2> 796 <form method="post" action="options.php"> 797 798 <?php 799 // submit_button(); 826 800 ?> 827 <h3><?php // esc_html_e('Look options', PERLOGIN_TEXT_DOMAIN); 828 ?></h3> 829 <p><?php // esc_html_e('Login page', PERLOGIN_TEXT_DOMAIN); 830 ?></p> 831 <table> 832 <tr valign="top"> 833 <th scope="row"><label for="plogin_image_login"><?php // esc_html_e('Image login', PERLOGIN_TEXT_DOMAIN); 834 ?></label></th> 835 <td><input type="file" id="plogin_image_login" name="plogin_image_login" value="<?php // echo get_option('plogin_image_login'); 836 ?>" /></td> 837 </tr> 838 <tr valign="top"> 839 <th scope="row"><label for="plogin_text_before_login"><?php // esc_html_e('Text before login form', PERLOGIN_TEXT_DOMAIN); 840 ?></label></th> 841 <td><input type="text" id="plogin_text_before_login" name="plogin_text_before_login" value="<?php // echo get_option('plogin_text_before_login'); 842 ?>" /></td> 843 </tr> 844 <tr valign="top"> 845 <th scope="row"><label for="plogin_text_after_login"><?php // esc_html_e('Text after login form', PERLOGIN_TEXT_DOMAIN); 846 ?></label></th> 847 <td><input type="text" id="plogin_text_after_login" name="plogin_text_after_login" value="<?php // echo get_option('plogin_text_after_login'); 848 ?>" /></td> 849 </tr> 850 </table> 851 <p><?php // esc_html_e('Register page', PERLOGIN_TEXT_DOMAIN); 852 ?></p> 853 <table> 854 <tr valign="top"> 855 <th scope="row"><label for="plogin_image_register"><?php // esc_html_e('Image register', PERLOGIN_TEXT_DOMAIN); 856 ?></label></th> 857 <td><input type="file" id="plogin_image_register" name="plogin_image_register" value="<?php // echo get_option('plogin_image_register'); 858 ?>" /></td> 859 </tr> 860 <tr valign="top"> 861 <th scope="row"><label for="plogin_text_before_register"><?php // esc_html_e('Text before register form', PERLOGIN_TEXT_DOMAIN); 862 ?></label></th> 863 <td><input type="text" id="plogin_text_before_register" name="plogin_text_before_register" value="<?php // echo get_option('plogin_text_before_register'); 864 ?>" /></td> 865 </tr> 866 <tr valign="top"> 867 <th scope="row"><label for="plogin_text_after_register"><?php // esc_html_e('Text after register form', PERLOGIN_TEXT_DOMAIN); 868 ?></label></th> 869 <td><input type="text" id="plogin_text_after_register" name="plogin_text_after_register" value="<?php // echo get_option('plogin_text_after_register'); 870 ?>" /></td> 871 </tr> 872 </table> 873 <?php // submit_button(); 874 ?> 875 </form> 876 </div> --> 877 <?php 801 </form> 802 </div> --> 803 <?php 878 804 } 879 805 } -
personalize-login/trunk/readme.txt
r2982212 r3002333 3 3 Tags: login, log in, signin, sig in, register, password, reset password, custom login, personalize login 4 4 Requires at least: 4.2 5 Tested up to: 6. 36 Stable tag: 1.1. 35 Tested up to: 6. 6 Stable tag: 1.1. 7 7 Requires PHP: 5.6 8 8 License: GPLv2 or later … … 38 38 == Changelog == 39 39 40 41 42 43 40 44 = 1.1.3 = 41 45 Tested 6.3
Note: See TracChangeset
for help on using the changeset viewer.