escape(wp_strip_all_tags(esc_attr($_GET['redirect_to'])));
if(empty($redirectto) or $redirectto == '') { $redirectto = site_url();}
if (!$user_ID) {
if(isset($_POST['task'])){
if($_POST['task'] == 'login'){
//We shall SQL escape all inputs
$username = wp_strip_all_tags($wpdb->escape($_REQUEST['username']));
$password = wp_strip_all_tags($wpdb->escape($_REQUEST['password']));
$remember = wp_strip_all_tags($wpdb->escape($_REQUEST['rememberme']));
if($remember) $remember = "true";
else $remember = "false";
$login_data = array();
$login_data['user_login'] = $username;
$login_data['user_password'] = $password;
$login_data['remember'] = $remember;
if( $login_data['user_login'] == "" || empty($login_data['user_login'])) {
$err = __('ERROR: Please enter a username.');
} elseif( $login_data['user_password'] == "" || empty($login_data['user_password'])) {
$err = __('ERROR: The password field is empty.');
} else {
$user_verify = wp_signon( $login_data, false );
if ( is_wp_error($user_verify) ) {
$err = __("ERROR: Invalid username or incorrect password.");
} else {
wp_safe_redirect($redirectto);
exit();
}
}
}elseif($_POST['task'] == 'register'){
$pwd1 = $wpdb->escape(trim($_POST['pwd1']));
$pwd2 = $wpdb->escape(trim($_POST['pwd2']));
$email = $wpdb->escape(trim($_POST['email']));
$username = $wpdb->escape(trim($_POST['reg_username']));
$Phone = preg_replace('%[^0-9]%i', '', $_POST['phone']);
if( $username == "" || empty($username)) { $err = __('ERROR: Please enter a username.');
} elseif( $email == "" || empty($email)) { $err = __('ERROR: Please type your e-mail address.');
} elseif( $pwd1 == "" || empty($pwd1)) { $err = __('ERROR: The password field is empty.');
} elseif( !is_email($email)) { $err = __('ERROR: please enter a valid email address.');
} elseif( email_exists($email) ) { $err = __('ERROR: This email is already registered, please choose another one.');
} elseif( !validate_username($username)) {
$err = __( 'ERROR: This username is invalid because it uses illegal characters. Please enter a valid username.' );
} elseif( username_exists($username)) { $err = __('ERROR: This username is already registered. Please choose another one.');
} elseif( $pwd1 <> $pwd2 ){ $err = __('The passwords do not match.');
} else {
$user_id = wp_insert_user( array (
'user_pass' => apply_filters('pre_user_user_pass', $pwd1),
'user_login' => apply_filters('pre_user_user_login', $username),
'user_email' => apply_filters('pre_user_user_email', $email),
) );
if( is_wp_error($user_id) ) {
$err = __('ERROR: Couldn’t register you... please contact the webmaster !', get_option('admin_email'));
$err = str_replace('webmaster', __('Site Admin'), $err);
} else {
update_user_meta($user_id, 'phone', wp_strip_all_tags($Phone));
do_action('user_register', $user_id);
// Welcome mail to new user
$from = get_option('admin_email');
$blog_name = get_option('blogname');
$headers = 'From: '.$from . "\r\n";
$subject = sprintf(__('Welcome to %s', 'bizway'), $blog_name);
$msg .= "شكرا لإشتراكك في ".$blog_name." إليك تفاصيل الدخول:\r\n\r\n";
$msg .= sprintf(__('Username: %s'), $username) . "\r\n";
$msg .= sprintf(__('E-mail: %s'), $email) . "\r\n";
$msg .= sprintf(__('Password: %s'), '(كلمة المرور التي قمت بتسجيل بها)') . "\r\n\r\n";
$msg .= "يمكنك تسجيل الدخول إلى النظام عبر هذا الرابط:\r\n";
$msg .= home_url('login')."\r\n\r\n";
$msg .= "شكراً لك..\r\n";
$msg .= "فريق ".$blog_name.".\r\n\r\n";
wp_mail( $email, $subject, $msg, $headers );
$success = __('Registration complete. Please check your e-mail.') . "
";
$success .= sprintf( __('Your account is now activated. Log in or go back to the homepage.' ), home_url('login'), home_url() );
}
}
}
}
get_header(); ?>