API tools faq
paste
Advertisement
Guest User

login.php

a guest
May 17th, 2010
2,261
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 14.18 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /**
  4.  *
  5.  * This controls how the login, logout,
  6.  * registration, and forgot your password pages look.
  7.  * It overrides the default WP pages by intercepting the request.
  8.  *
  9.  */
  10.  
  11.  
  12. global $pagenow;
  13.  
  14. // check to prevent php "notice: undefined index" msg
  15. if(isset($_GET['action'])) $theaction = $_GET['action']; else $theaction ='';
  16.  
  17. // if the user is on the login page, then let the games begin
  18. if ($pagenow == 'wp-login.php' && $theaction != 'logout' && !isset($_GET['key'])) {
  19.     add_action('init', 'cp_login_init', 98);
  20.     add_filter('wp_title','cp_title');
  21. }
  22.  
  23. // if the current user has no edit rights, redirect them to their dashboard page
  24. add_filter('login_redirect', 'cp_redirect', 10, 3);
  25.  
  26.  
  27. // main function that routes the request
  28. function cp_login_init() {
  29.     require_once(ABSPATH . '/wp-load.php');
  30.    
  31.     if (isset($_REQUEST["action"])) {
  32.         $action = $_REQUEST["action"];
  33.  
  34.     } else {
  35.         $action = 'login';
  36.     }
  37.    
  38.     switch($action) {
  39.  
  40.         case 'lostpassword' :
  41.         case 'retrievepassword' :
  42.             cp_password();
  43.             break;
  44.        
  45.         case 'register':
  46.             cp_show_register();
  47.             break;
  48.        
  49.         case 'login':
  50.         default:
  51.             cp_show_login();
  52.             break;
  53.    
  54.     }
  55.  
  56.     die();
  57. }
  58.  
  59. // redirect the user
  60. function cp_redirect($redirect_to, $request_redirect_to, $user) {
  61.     if (is_a($user, 'WP_User') && $user->has_cap('level_3') === false) {
  62.         return get_bloginfo('wpurl');
  63.     }
  64.     return $redirect_to;
  65. }
  66.  
  67.  
  68.  
  69. // assemble the header
  70. function cp_head($cp_msg) {
  71.     global $cp_options;
  72.     include(TEMPLATEPATH . '/header.php');
  73. ?>
  74.  
  75.     <!-- CONTENT -->
  76.         <div class="content">
  77.  
  78.             <div class="content_botbg">
  79.  
  80.                 <div class="content_res">
  81.  
  82.                     <!-- full block -->
  83.                     <div class="shadowblock_out">
  84.  
  85.                         <div class="shadowblock">
  86.  
  87.                         <h2 class="dotted"><span class="colour"><?php _e($cp_msg) ?></span></h2>
  88.  
  89. <?php
  90. }
  91.  
  92.  
  93. // display the meta page title based on the current page
  94. function cp_title($title) {
  95.     global $pagenow;
  96.     if ($pagenow == "wp-login.php") {
  97.  
  98.         switch($_GET['action'])
  99.         {
  100.             case 'register':
  101.                 $title = __('Register at ','cp');
  102.                 break;
  103.  
  104.             case 'lostpassword':
  105.                 $title = __('Retrieve your lost password for ','cp');
  106.                 break;
  107.  
  108.             case 'login':
  109.             default:
  110.                 $title = __('Login at ','cp');
  111.                 break;
  112.  
  113.         }
  114.  
  115.     } else if ($pagenow == "profile.php") {
  116.  
  117.         $title = __('Your Profile at ','cp');
  118.  
  119.     }
  120.  
  121.     return $title;
  122. }
  123.  
  124.  
  125.  
  126. // show the custom login page if on wp-login.php
  127. function cp_show_login() {
  128.  
  129.     if ( isset( $_REQUEST['redirect_to'] ) )
  130.             $redirect_to = $_REQUEST['redirect_to'];
  131.     else
  132.             $redirect_to = admin_url();
  133.  
  134.     if ( is_ssl() && force_ssl_login() && !force_ssl_admin() && ( 0 !== strpos($redirect_to, 'https') ) && ( 0 === strpos($redirect_to, 'http') ) )
  135.             $secure_cookie = false;
  136.     else
  137.             $secure_cookie = '';
  138.  
  139.     $user = wp_signon('', $secure_cookie);
  140.  
  141.     $redirect_to = apply_filters('login_redirect', $redirect_to, isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '', $user);
  142.  
  143.     if ( !is_wp_error($user) ) {
  144.             // If the user can't edit posts, send them to their profile.
  145.             if ( !$user->has_cap('edit_posts') && ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' ) )
  146.                     $redirect_to = admin_url('profile.php');
  147.             wp_safe_redirect($redirect_to);
  148.             exit();
  149.     }
  150.  
  151.     $errors = $user;
  152.  
  153.     // Clear errors if loggedout is set.
  154.     if ( !empty($_GET['loggedout']) )
  155.             $errors = new WP_Error();
  156.  
  157.     cp_head(__('Login','cp'));
  158.  
  159.     // If cookies are disabled we can't log in even with a valid user+pass
  160.     if ( isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE]) )
  161.             $errors->add('test_cookie', __('Cookies are blocked or not supported by your browser. You must enable cookies to continue.','cp'));
  162.    
  163.         if ( isset($_GET['loggedout']) && TRUE == $_GET['loggedout'] )
  164.             $errors->add('loggedout', __('You are now logged out.','cp'), 'message');
  165.  
  166.     elseif  ( isset($_GET['registration']) && 'disabled' == $_GET['registration'] )
  167.             $errors->add('registerdisabled', __('User registration is currently not allowed.','cp'));
  168.  
  169.     elseif  ( isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail'] ) 
  170.             $errors->add('confirm', __('Check your email for the confirmation link.','cp'), 'message');
  171.  
  172.     elseif  ( isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail'] ) 
  173.             $errors->add('newpass', __('Check your email for your new password.','cp'), 'message');
  174.  
  175.     elseif  ( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] )
  176.             $errors->add('registered', __('Registration complete. Please check your e-mail.','cp'), 'message');
  177.  
  178. ?>
  179.  
  180.         <div class="left-box">
  181.  
  182.             <?php echo cp_show_errors($errors); ?>
  183.  
  184.             <div id="message"><?php _e('Please complete the fields below to login.', 'cp') ?></div>
  185.  
  186.             <form class="loginform" action="<?php bloginfo('wpurl'); ?>/wp-login.php" method="post" >
  187.                 <p>
  188.                     <label for="user_login"><?php _e('Username:','cp') ?></label>
  189.                     <input name="log" value="<?php echo attribute_escape(stripslashes($_POST['log'])); ?>" class="mid" id="user_login" type="text" />
  190.                     <br/>
  191.                     <label for="user_pass"><?php _e('Password:','cp') ?></label>
  192.                     <input name="pwd" class="mid" id="user_pass" type="password" />
  193.                     <br/>
  194.                 </p>
  195.  
  196.                 <div class="clr"></div>
  197.  
  198.                 <div id="checksave">
  199.                     <input name="rememberme" class="checkbox" id="rememberme" value="forever" type="checkbox" checked="checked"/>
  200.                     <label for="rememberme"><?php _e('Remember me','cp'); ?></label>
  201.                     <br/><br/>
  202.                     <p class="submit">
  203.                         <input type="submit" class="btn_orange" name="wp-submit" id="wp-submit" value="<?php _e('Login','cp'); ?> &raquo;" />
  204.                         <input type="hidden" name="testcookie" value="1" />
  205.                     </p>
  206.                 </div>
  207.             </form>
  208.  
  209.         </div><!--/left-box -->
  210.  
  211.  
  212.         <div class="right-box">
  213.  
  214.  
  215.  
  216.  
  217.  
  218.         </div><!-- /right-box -->
  219.  
  220.  
  221.         <?php cp_footer(); ?>
  222.  
  223. <?php
  224. }
  225.  
  226.  
  227.  
  228. // show the forgot your password page
  229. function cp_password() {
  230.     $errors = new WP_Error();
  231.  
  232.     if ( $_POST['user_login'] ) {
  233.         $errors = retrieve_password();
  234.  
  235.         if ( !is_wp_error($errors) ) {
  236.             wp_redirect('wp-login.php?checkemail=confirm');
  237.             exit();
  238.         }
  239.  
  240.     }
  241.  
  242.     if ( 'invalidkey' == $_GET['error'] )
  243.         $errors->add('invalidkey', __('Sorry, that key does not appear to be valid.','cp'));
  244.  
  245.     do_action('lost_password');
  246.     do_action('lostpassword_post');
  247.  
  248.     cp_head("Lost Password");
  249.  
  250.  
  251. ?>
  252.  
  253.         <div class="left-box">
  254.  
  255.             <?php echo cp_show_errors($errors); ?>
  256.  
  257.             <div id="message"><?php _e('Please enter your username or email address. A new password will be emailed to you.', 'cp') ?></div>
  258.  
  259.             <form class="loginform" name="lostpasswordform" id="lostpasswordform" action="<?php echo site_url('wp-login.php?action=lostpassword', 'login_post') ?>" method="post">
  260.                 <p>
  261.                     <label><?php _e('Username or Email:','cp') ?></label>
  262.                     <input type="text" name="user_login" id="user_login" class="mid" value="<?php echo attribute_escape(stripslashes($_POST['user_login'])); ?>" size="20" tabindex="10" />
  263.                 </p>
  264.  
  265.                 <div id="checksave">
  266.                     <?php do_action('lostpassword_form'); ?>
  267.                     <p class="submit"><input type="submit" class="btn_orange" name="wp-submit" id="wp-submit" value="<?php _e('Get New Password','cp'); ?>" tabindex="100" /></p>
  268.                 </div>
  269.             </form>
  270.  
  271.         </div><!--/left-box -->
  272.  
  273.  
  274.         <div class="right-box">
  275.  
  276.  
  277.  
  278.  
  279.  
  280.         </div><!-- /right-box -->
  281.  
  282.         <?php cp_footer(); ?>
  283.  
  284. <?php
  285. }
  286.  
  287.  
  288.  
  289. // show the new user registration page
  290. function cp_show_register() {
  291.     global $cp_pluginpath, $cp_options;
  292.  
  293.     if ( !get_option('users_can_register') ) {
  294.         wp_redirect(get_bloginfo('wpurl').'/wp-login.php?registration=disabled');
  295.         exit();
  296.     }
  297.  
  298.     $user_login = '';
  299.     $user_email = '';
  300.  
  301.  
  302.     if ( isset($_POST['user_login']) ) {
  303.         if( !$cp_options['captcha'] || ( $cp_options['captcha'] && ($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code']) ) )) {
  304.             unset($_SESSION['security_code']);
  305.             require_once( ABSPATH . WPINC . '/registration.php');
  306.  
  307.             $user_login = $_POST['user_login'];
  308.             $user_email = $_POST['user_email'];
  309.             $errors = register_new_user($user_login, $user_email);
  310.  
  311.             if ( !is_wp_error($errors) ) {
  312.                 wp_redirect('wp-login.php?checkemail=registered');
  313.                 exit();
  314.             }
  315.  
  316.         } else {
  317.             $user_login = $_POST['user_login'];
  318.             $user_email = $_POST['user_email'];
  319.  
  320.             $errors = new WP_error();
  321.             $errors->add('captcha', __("<strong>ERROR</strong>: You didn't correctly enter the captcha, please try again.",'cp'));
  322.         }
  323.     }
  324.  
  325.  
  326.     cp_head(__('Register','cp'));
  327.     ?>
  328.  
  329.         <div class="left-box">
  330.  
  331.         <?php cp_show_errors($errors); ?>
  332.  
  333.         <div id="message"><?php _e('Complete the fields below to become a member. Your password will be emailed to you so make sure to use a valid email address. Once registration is complete, you will be able to submit your ads.', 'cp') ?></div>
  334.  
  335.         <form class="loginform" name="registerform" id="registerform" action="<?php echo site_url('wp-login.php?action=register', 'login_post') ?>" method="post">
  336.  
  337.             <p>
  338.                 <label><?php _e('Username','cp') ?>:</label>
  339.                 <input tabindex="1" type="text" name="user_login" id="user_login" class="mid" value="<?php echo attribute_escape(stripslashes($user_login)); ?>" size="20" /><br/>
  340.  
  341.                 <label><?php _e('Email','cp') ?>:</label>
  342.                 <input tabindex="2" type="text" name="user_email" id="user_email" class="mid" value="<?php echo attribute_escape(stripslashes($user_email)); ?>" size="25" />
  343.                 <?php if ($cp_options['captcha']) { ?>
  344.                     <label>&nbsp;</label>
  345.                     <img alt="captcha" width="155" height="30" src="<?php echo $cp_pluginpath; ?>captcha.php?width=155&amp;height=30&amp;characters=5" /><br/>
  346.                     <label for="security_code"><?php _e('Type the code above:','cp');?></label>
  347.                     <input tabindex="3" id="security_code" name="security_code" class="input" type="text" />
  348.                 <?php } ?>
  349.             </p>
  350.  
  351.             <div id="checksave">
  352.  
  353.                 <?php do_action('register_form'); ?>
  354.  
  355.                 <p class="submit"><input tabindex="4" class="btn_orange" type="submit" name="wp-submit" id="wp-submit" value="<?php _e('Register','cp'); ?>" /></p>
  356.  
  357.             </div>
  358.  
  359.         </form>
  360.         </div><!-- /left-box -->
  361.  
  362.  
  363.         <div class="right-box">
  364.  
  365.  
  366.  
  367.            
  368.  
  369.         </div><!-- /right-box -->
  370.  
  371.  
  372.         <?php cp_footer(); ?>
  373.  
  374.  
  375.  
  376. <?php
  377. }
  378.  
  379.  
  380.  
  381. // assemble the footer
  382. function cp_footer() {
  383.     global $pagenow, $user_ID, $cp_options;
  384.  
  385.     if ($pagenow == 'wp-login.php') {
  386.  
  387.         // check to prevent php "notice: undefined index" msg
  388.         if(isset($_GET['action'])) $theaction = $_GET['action']; else $theaction ='';
  389.  
  390.     // Show the appropriate options
  391.         echo '<div class="cpnav">'."\n";
  392.         if (isset($_GET['action']) && $theaction != 'login')
  393.             echo '<a href="'.site_url('wp-login.php', 'login').'">'.__('Log in','cp').'</a><br />'."\n";
  394.  
  395.         if (get_option('users_can_register') && $theaction != 'register')
  396.             echo '<a href="'.site_url('wp-login.php?action=register', 'login').'">'.__('Register','cp').'</a><br />'."\n";
  397.  
  398.         if ($theaction != 'lostpassword')
  399.             echo '<a href="'.site_url('wp-login.php?action=lostpassword', 'login').'" title="'.__('Password Lost and Found','cp').'">'.__('Lost your password?','cp').'</a>'."\n";
  400.         echo '</div>'."\n";
  401.  
  402. ?>
  403.        
  404. <!-- autofocus the field -->
  405. <script type="text/javascript">try{document.getElementById('user_login').focus();}catch(e){}</script>
  406.  
  407. <?php
  408.     } else if (isset($user_ID)) {
  409.         // do nothing
  410.     }
  411. ?>
  412.  
  413.                 </div><!-- /shadowblock -->
  414.  
  415.             </div><!-- /shadowblock_out -->
  416.  
  417.         <div class="clr"></div>
  418.  
  419.       </div><!-- /content_res -->
  420.  
  421.     </div><!-- /content_botbg -->
  422.  
  423.   </div><!-- /content -->
  424.  
  425. <?php include(TEMPLATEPATH . '/footer.php'); ?>
  426.  
  427.  
  428. <?php
  429. }
  430.  
  431.  
  432.  
  433. // process the errors if there are any
  434. function cp_show_errors($wp_error) {
  435.     global $error;
  436.  
  437.     if ( !empty( $error ) ) {
  438.         $wp_error->add('error', $error);
  439.         unset($error);
  440.     }
  441.  
  442.     if ( !empty($wp_error) ) {
  443.         if ( $wp_error->get_error_code() ) {
  444.             $errors = '';
  445.             $messages = '';
  446.  
  447.             foreach ( $wp_error->get_error_codes() as $code ) {
  448.                 $severity = $wp_error->get_error_data($code);
  449.  
  450.                 foreach ( $wp_error->get_error_messages($code) as $error ) {
  451.                     if ( 'message' == $severity )
  452.                         $messages .= '  ' . $error . "<br />\n";
  453.                     else
  454.                         $errors .= '    ' . $error . "<br />\n";
  455.                 }
  456.  
  457.             }
  458.             if ( !empty($errors) )
  459.                 echo '<div id="login_error">' . apply_filters('login_errors', $errors) . "</div>\n";
  460.            
  461.             if ( !empty($messages) )
  462.                 echo '<div id="message">' . apply_filters('login_messages', $messages) . "</div>\n";
  463.         }
  464.     }
  465. }
  466.  
  467. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!