Untitled

<?php

class Custom_Members
{

    public function __construct()
    {
        function app_output_buffer()
        {
            ob_start();
        } // soi_output_buffer
        add_action('init', 'app_output_buffer');

        // LOGIN & LOGOUT
        add_shortcode('custom-login-form', array($this, 'render_login_form'));
        add_action('login_form_login', array($this, 'redirect_to_custom_login'));
        add_filter('authenticate', array($this, 'maybe_redirect_at_authenticate'), 101, 3);
        add_action('wp_logout', array($this, 'redirect_after_logout'));
        add_filter('login_redirect', array($this, 'redirect_after_login'), 10, 3);

        // REGISTER
        add_shortcode('custom-register-form', array($this, 'render_register_form'));
        add_action('login_form_register', array($this, 'redirect_to_custom_register'));
        add_action('login_form_register', array($this, 'do_register_user'));

        // LOST
        add_action('login_form_lostpassword', array($this, 'redirect_to_custom_lostpassword'));
        add_shortcode('custom-password-lost-form', array($this, 'render_password_lost_form'));
        add_action('login_form_lostpassword', array($this, 'do_password_lost'));
        add_filter('retrieve_password_message', array($this, 'replace_retrieve_password_message'), 10, 4);
        add_filter('retrieve_password_title', function( $title )
        {
            return 'Password Reset';
        }, 10, 4);

        add_filter( 'wp_mail_content_type', function( $content_type ) {
            return 'text/html';
        });

        // RESET
        add_action('login_form_rp', array($this, 'redirect_to_custom_password_reset'));
        add_action('login_form_resetpass', array($this, 'redirect_to_custom_password_reset'));
        add_shortcode('custom-password-reset-form', array($this, 'render_password_reset_form'));
        add_action('login_form_rp', array($this, 'do_password_reset'));
        add_action('login_form_resetpass', array($this, 'do_password_reset'));

        // CHANGE PASSWORD
        add_shortcode('custom-password-change-form', array($this, 'render_change_password_form'));
        add_action('custom_change_password_post', array($this, 'custom_change_password_post'));

        add_action('init', array($this, 'init'));

    }

    public function init()
    {
        add_filter('password_hint', array($this, 'password_hint'));
        add_filter('wp_mail_from_name', array($this, 'custom_wp_mail_from_name'));
        add_filter('auth_cookie_expiration', array($this, 'keep_me_logged_in_for_30_days'));
    }


    public function custom_wp_mail_from_name($original_email_from)
    {
        return get_option('blogname');
    }

    function keep_me_logged_in_for_30_days($expirein)
    {
        return 2592000;
    }

    /**
     * A shortcode for rendering the login form.
     *
     * @param  array $attributes Shortcode attributes.
     * @param  string $content The text content for shortcode. Not used.
     *
     * @return string  The shortcode output
     */
    public function render_login_form($attributes, $content = null)
    {
        // Parse shortcode attributes
        $default_attributes = array('show_title' => true);
        $attributes = shortcode_atts($default_attributes, $attributes);
        $show_title = $attributes['show_title'];

        if (is_user_logged_in()) {
            //return __('You are already signed in.', 'personalize-login');
            wp_redirect(home_url('community'));
        }

        // Pass the redirect parameter to the WordPress login functionality: by default,
        // don't specify a redirect, but if a valid redirect URL has been passed as
        // request parameter, use it.
        $attributes['redirect'] = '';
        if (isset($_REQUEST['redirect_to'])) {
            $attributes['redirect'] = wp_validate_redirect($_REQUEST['redirect_to'], $attributes['redirect']);
        }

        // Error messages
        $errors = array();
        if (isset($_REQUEST['login'])) {
            $error_codes = explode(',', $_REQUEST['login']);

            foreach ($error_codes as $code) {
                $errors [] = $this->get_error_message($code);
            }
        }
        $attributes['errors'] = $errors;

        // Check if the user just registered
        $attributes['registered'] = isset($_REQUEST['registered']);

        // Check if the user just requested a new password
        $attributes['lost_password_sent'] = isset($_REQUEST['checkemail']) && $_REQUEST['checkemail'] == 'confirm';

        $attributes['logged_out'] = isset($_REQUEST['logged_out']) && $_REQUEST['logged_out'] == true;

        // Check if user just updated password
        $attributes['password_updated'] = isset($_REQUEST['password']) && $_REQUEST['password'] == 'changed';

        // Render the login form using an external template
        return $this->get_template_html('login_form', $attributes);
    }

    /**
     * Renders the contents of the given template to a string and returns it.
     *
     * @param string $template_name The name of the template to render (without .php)
     * @param array $attributes The PHP variables for the template
     *
     * @return string               The contents of the template.
     */
    private function get_template_html($template_name, $attributes = null)
    {
        if (!$attributes) {
            $attributes = array();
        }

        ob_start();

        do_action('personalize_login_before_' . $template_name);

        require('custom_members_tpl/' . $template_name . '.php');

        do_action('personalize_login_after_' . $template_name);

        $html = ob_get_contents();
        ob_end_clean();

        return $html;
    }

    /**
     * Redirect the user to the custom login page instead of wp-login.php.
     */
    function redirect_to_custom_login()
    {
        if ($_SERVER['REQUEST_METHOD'] == 'GET') {
            $redirect_to = isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : null;

            if (is_user_logged_in()) {
                $this->redirect_logged_in_user($redirect_to);
                exit;
            }

            // The rest are redirected to the login page
            $login_url = home_url('login');
            if (!empty($redirect_to)) {
                $login_url = add_query_arg('redirect_to', $redirect_to, $login_url);
            }

            wp_redirect($login_url);
            exit;
        }
    }

    /**
     * Redirects the user to the correct page depending on whether he / she
     * is an admin or not.
     *
     * @param string $redirect_to An optional redirect_to URL for admin users
     */
    private function redirect_logged_in_user($redirect_to = null)
    {
        $user = wp_get_current_user();
        if (user_can($user, 'manage_options')) {
            if ($redirect_to) {
                wp_safe_redirect($redirect_to);
            } else {
                wp_redirect(admin_url());
            }
        } else {
            wp_redirect(home_url('community'));
        }
    }

    /**
     * Redirect the user after authentication if there were any errors.
     *
     * @param Wp_User|Wp_Error $user The signed in user, or the errors that have occurred during login.
     * @param string $username The user name used to log in.
     * @param string $password The password used to log in.
     *
     * @return Wp_User|Wp_Error The logged in user, or error information if there were errors.
     */
    function maybe_redirect_at_authenticate($user, $username, $password)
    {
        // Check if the earlier authenticate filter (most likely,
        // the default WordPress authentication) functions have found errors
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            if (is_wp_error($user)) {
                $error_codes = join(',', $user->get_error_codes());

                $login_url = home_url('login');
                $login_url = add_query_arg('login', $error_codes, $login_url);

                wp_redirect($login_url);
                exit;
            }
        }

        return $user;
    }

    /**
     * Finds and returns a matching error message for the given error code.
     *
     * @param string $error_code The error code to look up.
     *
     * @return string               An error message.
     */
    private function get_error_message($error_code)
    {
        switch ($error_code) {
            case 'empty_username':
            case 'empty_password':
                return __('Please enter your email and a password', 'personalize-login');

            case 'invalid_username':
                return __(
                    "Sorry, we didn't find any user with this email address",
                    'personalize-login'
                );

            case 'incorrect_password':
                $err = __(
                    "The password you entered is incorrect. <a href='%s'>Forgot your password</a>?",
                    'personalize-login'
                );
                return sprintf($err, wp_lostpassword_url());

            case 'user_login':
                return __('Invalid username', 'personalize-login');

            case 'email':
                return __('Invalid email address', 'personalize-login');

            case 'email_exists':
                return __('An account exists with this email address.', 'personalize-login');

            case 'user_login_exists':
                return __('An account exists with this Username.', 'personalize-login');

            case 'closed':
                return __('Registering new users is currently not allowed.', 'personalize-login');

            case 'empty_username':
                return __('Please enter your email address to continue.', 'personalize-login');

            case 'invalid_email':
            case 'invalidcombo':
                return __('There are no users registered with this email address.', 'personalize-login');

            case 'expiredkey':
            case 'invalidkey':
                return __('The password reset link you used is not valid anymore.', 'personalize-login');

            case 'password_reset_mismatch':
                return __("The two passwords entered don't match.", 'personalize-login');

            case 'password_change_mismatch':
                return __("The new password and the confirmation link you entered don't match.", 'personalize-login');

            case 'password_reset_empty':
                return __("Sorry, we don't accept empty passwords.", 'personalize-login');

            case 'short_password':
                return __("Sorry, Your password must be at least 6 characters.", 'personalize-login');

            case 'all_fields_required':
                return __("Please fill all fields.", 'personalize-login');

            case 'wrong_old_password':
                return __("Wrong current password, please enter the current password correctly!", 'personalize-login');

            default:
                break;
        }

        return __('An unknown error occurred. Please try again later.', 'personalize-login');
    }

    /**
     * Redirect to custom login page after the user has been logged out.
     */
    public function redirect_after_logout()
    {
        if (!isset($_SESSION['local_logout'])) {
            $redirect_url = home_url('login?logged_out=true');
            wp_safe_redirect($redirect_url);
            exit;
        } else {
            unset($_SESSION['local_logout']);
        }
    }

    /**
     * Returns the URL to which the user should be redirected after the (successful) login.
     *
     * @param string $redirect_to The redirect destination URL.
     * @param string $requested_redirect_to The requested redirect destination URL passed as a parameter.
     * @param WP_User|WP_Error $user WP_User object if login was successful, WP_Error object otherwise.
     *
     * @return string Redirect URL
     */
    public function redirect_after_login($redirect_to, $requested_redirect_to, $user)
    {
        $redirect_url = home_url();

        if (!isset($user->ID)) {
            return $redirect_url;
        }

        if (user_can($user, 'manage_options')) {
            // Use the redirect_to parameter if one is set, otherwise redirect to admin dashboard.
            if ($requested_redirect_to == '') {
                $redirect_url = admin_url();
            } else {
                $redirect_url = $requested_redirect_to;
            }
        } else {
            // Non-admin users always go to their account page after login
            $redirect_url = home_url('community');
        }

        return wp_validate_redirect($redirect_url, home_url());
    }


    /**
     * A shortcode for rendering the new user registration form.
     *
     * @param  array $attributes Shortcode attributes.
     * @param  string $content The text content for shortcode. Not used.
     *
     * @return string  The shortcode output
     */
    public function render_register_form($attributes, $content = null)
    {
        // Parse shortcode attributes
        $default_attributes = array('show_title' => true);
        $attributes = shortcode_atts($default_attributes, $attributes);

        // Retrieve possible errors from request parameters
        $attributes['errors'] = array();
        if (isset($_REQUEST['register-errors'])) {
            $error_codes = explode(',', $_REQUEST['register-errors']);

            foreach ($error_codes as $error_code) {
                $attributes['errors'] [] = $this->get_error_message($error_code);
            }
        }

        if (is_user_logged_in()) {
            //return __('You are already signed in.', 'personalize-login');
            wp_redirect(home_url('community'));
        } elseif (!get_option('users_can_register')) {
            return __('Registering new users is currently not allowed.', 'personalize-login');
        } else {
            return $this->get_template_html('register_form', $attributes);
        }
    }

    /**
     * Redirects the user to the custom registration page instead
     * of wp-login.php?action=register.
     */
    public function redirect_to_custom_register()
    {
        if ('GET' == $_SERVER['REQUEST_METHOD']) {
            if (is_user_logged_in()) {
                $this->redirect_logged_in_user();
            } else {
                wp_redirect(home_url('register'));
            }
            exit;
        }
    }

    /**
     * Validates and then completes the new user signup process if all went well.
     *
     * @param string $user_login The new user's user_login address
     * @param string $email The new user's email address
     * @param string $first_name The new user's first name
     * @param string $last_name The new user's last name
     * @param string $user_pass The new user's password
     *
     * @return int|WP_Error         The id of the user that was created, or error if failed.
     */
    private function register_user($user_login, $email, $first_name, $last_name)
    {
        $errors = new WP_Error();

        // Email address is used as both username and email. It is also the only
        // parameter we need to validate

        $_SESSION['custom_email'] = $_POST['email'];
        $_SESSION['custom_first_name'] = $_POST['first_name'];
        $_SESSION['custom_last_name'] = $_POST['last_name'];

        if (!isset($user_login) || !isset($email) || !isset($first_name) || !isset($_POST['last_name']) ||
            empty($user_login) || empty($email) || empty($first_name) || empty($last_name)
        ) {
            $errors->add('all_fields_required', $this->get_error_message('all_fields_required'));
            return $errors;
        }

        if (!isset($user_login) || strlen($user_login) < 3 || !validate_username($user_login)) {
            $errors->add('user_login', $this->get_error_message('user_login'));
            return $errors;
        }

        if (!is_email($email)) {
            $errors->add('email', $this->get_error_message('email'));
            return $errors;
        }

        if (username_exists($user_login)) {
            $errors->add('user_login_exists', $this->get_error_message('email_exists'));
            return $errors;
        }

        if (email_exists($email)) {
            $errors->add('email_exists', $this->get_error_message('email_exists'));
            return $errors;
        }

        unset($_SESSION['custom_user_login']);
        unset($_SESSION['custom_email']);
        unset($_SESSION['custom_first_name']);
        unset($_SESSION['custom_last_name']);


        // Generate the password so that the subscriber will have to check email...
        $password = wp_generate_password(12, false);

        $user_data = array(
            'user_login' => $user_login,
            'user_email' => $email,
            'user_pass' => $password,
            'first_name' => $first_name,
            'last_name' => $last_name,
            'nickname' => $first_name,
        );

        $user_id = wp_insert_user($user_data);


        wp_new_user_notification($user_id, null, true);
        return $user_id;
    }

    /**
     * Handles the registration of a new user.
     *
     * Used through the action hook "login_form_register" activated on wp-login.php
     * when accessed through the registration action.
     */
    public function do_register_user()
    {
        if ('POST' == $_SERVER['REQUEST_METHOD']) {
            $redirect_url = home_url('register');

            if (!get_option('users_can_register')) {
                // Registration closed, display error
                $redirect_url = add_query_arg('register-errors', 'closed', $redirect_url);
            } else {
                $user_login = sanitize_user($_POST['user_login']);
                $email = sanitize_email($_POST['email']);
                $first_name = sanitize_text_field($_POST['first_name']);
                $last_name = sanitize_text_field($_POST['last_name']);


                $result = $this->register_user($user_login, $email, $first_name, $last_name);

                if (is_wp_error($result)) {
                    // Parse errors into a string and append as parameter to redirect
                    $errors = join(',', $result->get_error_codes());
                    $redirect_url = add_query_arg('register-errors', $errors, $redirect_url);
                } else {
                    // Success, redirect to login page.
                    $redirect_url = home_url('login');
                    $redirect_url = add_query_arg('registered', $email, $redirect_url);
                }
            }

            wp_redirect($redirect_url);
            exit;
        }
    }


    /**
     * Redirects the user to the custom "Forgot your password?" page instead of
     * wp-login.php?action=lostpassword.
     */
    public function redirect_to_custom_lostpassword()
    {
        if ('GET' == $_SERVER['REQUEST_METHOD']) {
            if (is_user_logged_in()) {
                $this->redirect_logged_in_user();
                exit;
            }

            wp_redirect(home_url('lost-password'));
            exit;
        }
    }

    /**
     * A shortcode for rendering the form used to initiate the password reset.
     *
     * @param  array $attributes Shortcode attributes.
     * @param  string $content The text content for shortcode. Not used.
     *
     * @return string  The shortcode output
     */
    public function render_password_lost_form($attributes, $content = null)
    {
        // Parse shortcode attributes
        $default_attributes = array('show_title' => true);
        $attributes = shortcode_atts($default_attributes, $attributes);

        // Retrieve possible errors from request parameters
        $attributes['errors'] = array();
        if (isset($_REQUEST['errors'])) {
            $error_codes = explode(',', $_REQUEST['errors']);

            foreach ($error_codes as $error_code) {
                $attributes['errors'] [] = $this->get_error_message($error_code);
            }
        }

        if (is_user_logged_in()) {
            return __('You are already signed in.', 'personalize-login');
        } else {
            return $this->get_template_html('password_lost_form', $attributes);
        }
    }

    /**
     * Initiates password reset.
     */
    public function do_password_lost()
    {
        if ('POST' == $_SERVER['REQUEST_METHOD']) {
            $errors = retrieve_password();
            if (is_wp_error($errors)) {
                // Errors found
                $redirect_url = home_url('lost-password');
                $redirect_url = add_query_arg('errors', join(',', $errors->get_error_codes()), $redirect_url);
            } else {
                // Email sent
                $redirect_url = home_url('login');
                $redirect_url = add_query_arg('checkemail', 'confirm', $redirect_url);
            }

            wp_redirect($redirect_url);
            exit;
        }
    }

    /**
     * Returns the message body for the password reset mail.
     * Called through the retrieve_password_message filter.
     *
     * @param string $message Default mail message.
     * @param string $key The activation key.
     * @param string $user_login The username for the user.
     * @param WP_User $user_data WP_User object.
     *
     * @return string   The mail message to send.
     */
    public function replace_retrieve_password_message($message, $key, $user_login, $user_data)
    {
        global $wlg_notify;
        $link = site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login');
        return $wlg_notify->retrieve_password($user_data->user_email,$user_login,$link);
    }

    /**
     * Redirects to the custom password reset page, or the login page
     * if there are errors.
     */
    public function redirect_to_custom_password_reset()
    {
        if ('GET' == $_SERVER['REQUEST_METHOD']) {
            // Verify key / login combo
            $user = check_password_reset_key($_REQUEST['key'], $_REQUEST['login']);
            if (!$user || is_wp_error($user)) {
                if ($user && $user->get_error_code() === 'expired_key') {
                    wp_redirect(home_url('login?login=expiredkey'));
                } else {
                    wp_redirect(home_url('login?login=invalidkey'));
                }
                exit;
            }

            $redirect_url = home_url('password-reset');
            $redirect_url = add_query_arg('login', esc_attr($_REQUEST['login']), $redirect_url);
            $redirect_url = add_query_arg('key', esc_attr($_REQUEST['key']), $redirect_url);

            wp_redirect($redirect_url);
            exit;
        }
    }

    /**
     * A shortcode for rendering the form used to reset a user's password.
     *
     * @param  array $attributes Shortcode attributes.
     * @param  string $content The text content for shortcode. Not used.
     *
     * @return string  The shortcode output
     */
    public function render_password_reset_form($attributes, $content = null)
    {
        // Parse shortcode attributes
        $default_attributes = array('show_title' => true);
        $attributes = shortcode_atts($default_attributes, $attributes);

        if (is_user_logged_in()) {
            wp_redirect(home_url('community'));
            exit;
        } else {
            if (isset($_REQUEST['login']) && isset($_REQUEST['key'])) {
                $attributes['login'] = $_REQUEST['login'];
                $attributes['key'] = $_REQUEST['key'];

                if (isset($_REQUEST['wlgrp_type']) && $_REQUEST['wlgrp_type'] == "new") {
                    if (!isset($_SESSION['wlg_new_member'])) {
                        $_SESSION['wlg_new_member'] = true;
                    }
                }

                // Error messages
                $errors = array();
                if (isset($_REQUEST['error'])) {
                    $error_codes = explode(',', $_REQUEST['error']);

                    foreach ($error_codes as $code) {
                        $errors [] = $this->get_error_message($code);
                    }
                }
                $attributes['errors'] = $errors;

                return $this->get_template_html('password_reset_form', $attributes);
            } else {
                return __('Invalid password reset link.', 'personalize-login');
            }
        }
    }

    /**
     * Resets the user's password if the password reset form was submitted.
     */
    public function do_password_reset()
    {
        if ('POST' == $_SERVER['REQUEST_METHOD']) {
            $rp_key = $_REQUEST['rp_key'];
            $rp_login = $_REQUEST['rp_login'];

            $user = check_password_reset_key($rp_key, $rp_login);

            if (!$user || is_wp_error($user)) {
                if ($user && $user->get_error_code() === 'expired_key') {
                    wp_redirect(home_url('login?login=expiredkey'));
                } else {
                    wp_redirect(home_url('login?login=invalidkey'));
                }
                exit;
            }

            if (isset($_POST['pass1'])) {
                if ($_POST['pass1'] != $_POST['pass2']) {
                    // Passwords don't match
                    $redirect_url = home_url('password-reset');

                    $redirect_url = add_query_arg('key', $rp_key, $redirect_url);
                    $redirect_url = add_query_arg('login', $rp_login, $redirect_url);
                    $redirect_url = add_query_arg('error', 'password_reset_mismatch', $redirect_url);

                    wp_redirect($redirect_url);
                    exit;
                }

                if (empty($_POST['pass1'])) {
                    // Password is empty
                    $redirect_url = home_url('password-reset');

                    $redirect_url = add_query_arg('key', $rp_key, $redirect_url);
                    $redirect_url = add_query_arg('login', $rp_login, $redirect_url);
                    $redirect_url = add_query_arg('error', 'password_reset_empty', $redirect_url);

                    wp_redirect($redirect_url);
                    exit;
                }

                if (5 >= strlen($_POST['pass1'])) {
                    // Password is empty
                    $redirect_url = home_url('password-reset');

                    $redirect_url = add_query_arg('key', $rp_key, $redirect_url);
                    $redirect_url = add_query_arg('login', $rp_login, $redirect_url);
                    $redirect_url = add_query_arg('error', 'short_password', $redirect_url);

                    wp_redirect($redirect_url);
                    exit;
                }

                // Parameter checks OK, reset password
                reset_password($user, $_POST['pass1']);

                if(isset($_SESSION['wlg_new_member'])) {
                    global $wlg_notify;
                    $wlg_notify->welcome($user->user_email,$user->user_login);
                    unset($_SESSION['wlg_new_member']);
                    $_SESSION['show_tour'] = 1;
                }

                $user_id = $user->ID;
                wp_set_current_user($user_id, $user->user_login);
                wp_set_auth_cookie($user_id);
                do_action('wp_login', $user->user_login);
                wp_safe_redirect(home_url(''));
                exit();

            } else {
                echo "Invalid request.";
            }

            exit;
        }
    }


    /**
     * A shortcode for rendering the form used to reset a user's password.
     *
     * @param  array $attributes Shortcode attributes.
     * @param  string $content The text content for shortcode. Not used.
     *
     * @return string  The shortcode output
     */
    public function render_change_password_form($attributes, $content = null)
    {
        // Parse shortcode attributes
        $default_attributes = array('show_title' => true);
        $attributes = shortcode_atts($default_attributes, $attributes);

        if (!is_user_logged_in()) {
            wp_redirect(home_url('login'));
            exit;
        } else {

            // Error messages
            $errors = array();
            if (isset($_REQUEST['error'])) {
                $error_codes = explode(',', $_REQUEST['error']);

                foreach ($error_codes as $code) {
                    $errors [] = $this->get_error_message($code);
                }
            }
            if (isset($_REQUEST['password_change_status'])) {
                $attributes['status'] = $_REQUEST['password_change_status'] == 'success' ? "Password Changes Successfully!" : "Something wrong!";
            }
            $attributes['errors'] = $errors;
            $attributes['action_url'] = home_url('change-password');

            return $this->get_template_html('change_password_form', $attributes);

        }
    }

    public function custom_change_password_post()
    {
        if ('POST' == $_SERVER['REQUEST_METHOD'] && isset($_POST['change-password-button'])) {
            global $wpdb, $wp_hasher;
            $user_id = get_current_user_id();
            $user = get_userdata($user_id);
            $redirect_url = home_url('change-password');

            if (!$user || is_wp_error($user)) {
                wp_redirect(home_url('login'));
                exit;
            }

            if (!isset($_POST['pass_old']) || !isset($_POST['pass1']) || !isset($_POST['pass2']) ||
                empty($_POST['pass_old']) || empty($_POST['pass1']) || empty($_POST['pass2'])
            ) {
                $redirect_url = add_query_arg('error', 'all_fields_required', $redirect_url);
                wp_redirect($redirect_url);
                exit;
            }
            $old = $_POST['pass_old'];
            $new1 = $_POST['pass1'];
            $new2 = $_POST['pass2'];
            /*
            var_dump(array(
                'a' => $user->user_pass,
                'b' => wp_hash_password($old)
            ));
            */
            $wp_hasher = new PasswordHash(8, TRUE);

            if (!$wp_hasher->CheckPassword($old, $user->user_pass)) {
                $redirect_url = add_query_arg('error', 'wrong_old_password', $redirect_url);
                wp_redirect($redirect_url);
                exit;
            }

            if ($new1 != $new2) {
                $redirect_url = add_query_arg('error', 'password_change_mismatch', $redirect_url);
                wp_redirect($redirect_url);
                exit;
            }

            if (strlen($new1) < 6) {
                $redirect_url = add_query_arg('error', 'short_password', $redirect_url);
                wp_redirect($redirect_url);
                exit;
            }

            // Parameter checks OK, reset password

            $redirect_url = add_query_arg('password_change_status', 'success', $redirect_url);

            $this->change_password($user, $_POST['pass1'], $redirect_url);

            /*
            if (isset($_POST['pass1'])) {
                if ($_POST['pass1'] != $_POST['pass2']) {
                    // Passwords don't match
                    $redirect_url = home_url('password-reset');

                    $redirect_url = add_query_arg('key', $rp_key, $redirect_url);
                    $redirect_url = add_query_arg('login', $rp_login, $redirect_url);
                    $redirect_url = add_query_arg('error', 'password_reset_mismatch', $redirect_url);

                    wp_redirect($redirect_url);
                    exit;
                }

                if (empty($_POST['pass1'])) {
                    // Password is empty
                    $redirect_url = home_url('password-reset');

                    $redirect_url = add_query_arg('key', $rp_key, $redirect_url);
                    $redirect_url = add_query_arg('login', $rp_login, $redirect_url);
                    $redirect_url = add_query_arg('error', 'password_reset_empty', $redirect_url);

                    wp_redirect($redirect_url);
                    exit;
                }

                // Parameter checks OK, reset password
                reset_password($user, $_POST['pass1']);
                wp_redirect(home_url('login?password=changed'));
            } else {
                echo "Invalid request.";
            }*/

            //exit;
        }

    }

    private function change_password($user, $new_password, $redirect_url)
    {
        global $wpdb;
        $update = $wpdb->query($wpdb->prepare("UPDATE {$wpdb->users} SET `user_pass` = %s WHERE `ID` = %d", array(wp_hash_password($new_password), $user->ID)));

        if (!is_wp_error($update)) {
            wp_cache_delete($user->ID, 'users');
            wp_cache_delete($user->user_login, 'userlogins');
            $_SESSION['local_logout'] = true;
            wp_logout();
            if (wp_signon(array('user_login' => $user->user_login, 'user_password' => $new_password), false)):
                wp_redirect($redirect_url);
            endif;
        }
    }

    public function password_hint($hint)
    {
        return __("Hint: The password should be at least six characters long.
        To make it stronger, use upper and lower case letters, numbers, and symbols like ! \" ? $ % ^ & ).", 'personalize-login');
    }
}


if (!function_exists('wp_new_user_notification')) :
    function wp_new_user_notification($user_id, $deprecated = null, $notify = '')
    {
        if ($deprecated !== null) {
            _deprecated_argument(__FUNCTION__, '4.3.1');
        }

        global $wpdb, $wp_hasher;
        $user = get_userdata($user_id);

        // The blogname option is escaped with esc_html on the way into the database in sanitize_option
        // we want to reverse this for the plain text arena of emails.
        $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);

        $message = sprintf(__('New user registration on your site %s:'), $blogname) . "\r\n\r\n";
        $message .= sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n";
        $message .= sprintf(__('E-mail: %s'), $user->user_email) . "\r\n";

        @wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);

        if ('admin' === $notify || empty($notify)) {
            return;
        }

        // Generate something random for a password reset key.
        $key = wp_generate_password(20, false);

        /** This action is documented in wp-login.php */
        do_action('retrieve_password_key', $user->user_login, $key);

        // Now insert the key, hashed, into the DB.
        if (empty($wp_hasher)) {
            require_once ABSPATH . WPINC . '/class-phpass.php';
            $wp_hasher = new PasswordHash(8, true);
        }
        $hashed = time() . ':' . $wp_hasher->HashPassword($key);
        $wpdb->update($wpdb->users, array('user_activation_key' => $hashed), array('user_login' => $user->user_login));

        $link = home_url("password-reset/?action=rp&wlgrp_type=new&key=$key&login=" . rawurlencode($user->user_login));

        global $wlg_notify;
        $wlg_notify->confirm($user->user_email, $user->user_login, $link);
    }
endif;

$custom_members = new Custom_Members();