API tools faq
paste
Guest User

Untitled

a guest
Aug 26th, 2016
103
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.33 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /************************************************************
  3. * InfiniteWP Admin panel *
  4. * Copyright (c) 2012 Revmakx *
  5. * www.revmakx.com *
  6. * *
  7. ************************************************************/
  8.  
  9. $isLoginPage = true;
  10. define('USER_SESSION_NOT_REQUIRED', true);
  11. include("includes/app.php");
  12. //This function is used to identify the error msg to display the user
  13. function getLoginPageMsg($key) {
  14. $errorMsg = array();
  15. $errorMsg['invalid'] = 'Invalid credentials.';
  16. $errorMsg['access'] = 'Access restricted.';
  17. $errorMsg['reactive'] = 'You are deactivated by admin.';
  18. $errorMsg['onlyAdmin'] = 'Only admin can log in.';
  19. $errorMsg['passcodeValidity'] = 'Your Passcode has been expired.';
  20. $errorMsg['passcodeInvalid'] = 'Invalid passcode.';
  21. $errorMsg['passcodeMailError'] = 'Mail send error on two factor authentication.';
  22. $errorMsg['accountLock'] = 'You account has been locked. Please wait %s to regain access to your panel. ';
  23. $errorMsg['resetPasswordLinkExpired'] = 'Reset link expired. Reinitiate the password reset.';
  24. $errorMsg['resetPasswordLinkInvalid'] = 'Reset link expire or invalid. Reinitiate the password reset.';
  25. $errorMsg['resetPasswordMailError'] = 'Unable to send email. Check email settings.';
  26. $errorMsg['resetPasswordEmailNotFound'] = 'Oops. We weren\'t able to find that email.<br>Please make sure this is email that you used before.';
  27. $errorMsg['resetPasswordFailed'] = 'Error while resetting the password.Try again!';
  28. $errorMsg['resetPasswordInvalidPassword'] = 'Please enter valid password.';//NEED BETTER CONTENT
  29. setHook('errorMsgTemplate', $errorMsg);
  30.  
  31. $successMsg = array();
  32. $successMsg['logout'] = 'You have successfully logged out.';
  33. $successMsg['passcodeMailSent'] = 'We have sent you an email.<br>Check your email now.';
  34. $successMsg['resetPasswordChanged'] = 'Password reset successfully.<br> You can login now with your new password.';
  35. $successMsg['resetPasswordMailSent']= 'We have sent you a password reset link.<br>Check your email now.';
  36.  
  37.  
  38. setHook('successMsgTemplate', $successMsg);
  39.  
  40. if(isset($errorMsg[$key])){
  41. return $errorMsg[$key];
  42. }
  43. elseif(isset($successMsg[$key])){
  44. return $successMsg[$key];
  45. }
  46. return '';
  47. }
  48.  
  49. function printLoginPageMsg(){
  50. $successMsg = $errorMsg = '';
  51. if(!empty($_GET['errorMsg'])) {
  52. $errorMsg = getLoginPageMsg($_GET['errorMsg']);
  53. $errorMsg = formateMsg($errorMsg);
  54. echo '<div class="errorMsg">'.$errorMsg.'</div>';
  55. } elseif(!empty($_GET['successMsg'])) {
  56. $successMsg = getLoginPageMsg($_GET['successMsg']);
  57. $successMsg = formateMsg($successMsg);
  58. echo '<div class="successMsg">'.$successMsg.'</div>';
  59. }
  60. }
  61.  
  62. function formateMsg($msgStr) {
  63. if(!empty($_GET['lockOut'])) {
  64. $lockOutString = base64_decode($_GET['lockOut']) - time();
  65. if($lockOutString<0) {
  66. header('Location: '.APP_URL.'login.php');
  67. exit;
  68. }
  69. return sprintf($msgStr, convertToMinSec($lockOutString));
  70. }
  71. return $msgStr;
  72. }
  73.  
  74. //controllers start here
  75. if(isset($_POST['sig_response'])){
  76. if(function_exists('verifyDuoSign')){
  77. if(!verifyDuoSign($_POST)) {
  78. $_GET['errorMsg'] = "duoFailed";
  79. }
  80. }
  81. }elseif(!empty($_GET['passlink'])){
  82. verifyPasscode($_GET['passlink'], 'link');
  83. }elseif(!empty($_POST['passcode'])){
  84. verifyPasscode($_POST);
  85. }elseif(!empty($_POST['email']) && !empty($_POST['password'])){
  86. userLogin($_POST);
  87. }
  88. elseif(!empty($_GET['logout'])){
  89. userLogout(true);
  90. }
  91. elseif(!empty($_POST['action']) && ($_POST['action'] == 'resetPasswordSendMail' || $_POST['action'] == 'resetPasswordChange')){
  92. userLoginResetPassword($_POST);
  93. }
  94. elseif(!empty($_GET['view']) && $_GET['view'] == 'resetPasswordChange'){
  95. userLoginResetPassword($_GET);
  96. }
  97. //controllers ends here
  98.  
  99. ?>
  100. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  101. <html xmlns="http://www.w3.org/1999/xhtml">
  102. <head>
  103. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  104. <meta name="robots" content="noindex">
  105. <title>InfiniteWP</title>
  106. <link href='https://fonts.googleapis.com/css?family=Droid+Sans:400,700' rel='stylesheet' type='text/css'>
  107. <link rel="stylesheet" type="text/css" href="css/core.css?<?php echo APP_VERSION; ?>" />
  108. <script src="js/jquery.min.js?<?php echo APP_VERSION; ?>" type="text/javascript" charset="utf-8"></script>
  109. <script>
  110. $(document).ready(function(){
  111. $(".showPass").live('mousedown',function(){
  112. var btn=document.getElementById('newPasswordOrg');
  113. btn.setAttribute('type', 'text');
  114. $(this).text("Hide");
  115. }).live('mouseup',function(){
  116. var btn=document.getElementById('newPasswordOrg');
  117. btn.setAttribute('type', 'password');
  118. $(this).text("Show");
  119. });
  120.  
  121. $('.first-element').focus();
  122. });
  123.  
  124. </script>
  125. </head>
  126. <body>
  127. <div class="signin_cont">
  128. <form action="login.php" method="post" name="loginForm">
  129. <div id="logo_signin"></div>
  130.  
  131. <?php
  132.  
  133. if($_GET['view'] == 'resetPassword'){//show email form for resetting password
  134. showResetPasswordForm();
  135. } elseif($_GET['view'] == 'resetPasswordChange'){//show new password form for resetting via email link
  136. showResetPasswordChangeForm();
  137. }elseif($_GET['view'] == 'getPasscode'){//Get the passcode from user from mail
  138. showGetPasscodeForm();
  139. }elseif($_GET['view'] == 'duoFrame'){
  140. showDuoFrame();
  141. } else{//show login form
  142. showLoginForm();
  143. }
  144.  
  145. function showResetPasswordForm(){
  146. ?>
  147. <div class="copy simple">Enter your email address and <br>we&#39ll send you a link to reset your password.</div>
  148. <?php printLoginPageMsg(); ?>
  149. <input type="text" name="email" placeholder="Email" class="first-element" />
  150. <input type="hidden" name="action" value="resetPasswordSendMail" />
  151. <input type="submit" id="loginSubmitBtn" name="loginSubmit" value="Send Reset Link" class="btn rep_sprite" />
  152. <div class="copy simple" style="margin-top: 50px;">If you don't receive an email within a few minutes, check your spam filter as sometimes they end up in there.</div>
  153. <?php
  154. }
  155.  
  156.  
  157. function showResetPasswordChangeForm(){
  158. ?>
  159. <div class="copy simple">Create a new password below</div>
  160. <?php printLoginPageMsg(); ?>
  161. <div style="position:relative;">
  162. <input type="password" class="reset newPasswordOrg first-element" id="newPasswordOrg" item="pass" placeholder="New password" name="newPassword" />
  163. <a style="position: absolute; right: 10px; top: 10px; font-size: 12px;" class="showPass" >Show</a>
  164. </div>
  165. <input type="hidden" name="transID" value="<?php echo $_GET['transID']; ?>" />
  166. <input type="hidden" name="resetHash" value="<?php echo $_GET['resetHash']; ?>" />
  167. <input type="hidden" name="action" value="resetPasswordChange" />
  168. <input type="submit" id="loginSubmitBtn" name="loginSubmit" value="Reset Password" class="btn rep_sprite" />
  169. <?php
  170. }
  171.  
  172. function showLoginForm(){
  173. ?>
  174. <div class="copy">Sign In to manage your WordPress sites</div>
  175. <?php printLoginPageMsg(); ?>
  176. <input type="text" name="email" placeholder="Email" id="email" class="first-element"/>
  177. <div style="position:relative;">
  178. <input type="password" name="password" placeholder="Password" id="password"/>
  179. <a href="login.php?view=resetPassword" style="position:absolute; right:10px; top:10px; font-size:12px;">Forgot?</a>
  180. </div>
  181. <input type="submit" id="loginSubmitBtn" name="loginSubmit" value="Log in" class="btn rep_sprite" />
  182. <?php
  183. }
  184.  
  185. function showGetPasscodeForm() {
  186. ?>
  187. <div class="copy">Sign In to manage your WordPress sites</div>
  188. <?php printLoginPageMsg(); ?>
  189. <input type="text" name="passcode" class="loginOnEnter" placeholder="Passcode" class="first-element">
  190. <input type="hidden" name="auth" value="passcode" />
  191. <input type="submit" id="loginSubmitBtn" name="loginSubmit" value="Log in" class="btn rep_sprite" />
  192. <div class="copy simple" style="margin-top: 50px;">If you don't receive an email within a few minutes, check your spam filter as sometimes they end up in there.</div>
  193. <?php
  194. }
  195.  
  196. function showDuoFrame(){
  197. ?>
  198. <div class="copy simple">Select the authentication mode &amp; hit the Log in button</div>
  199. <?php
  200. echo $GLOBALS['duoFrameStr'];
  201. }
  202. ?>
  203. </form>
  204. </div>
  205. </body>
  206. </html>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!