Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class Custom_Members
- {
- public function __construct()
- {
- function app_output_buffer()
- {
- ob_start();
- } // soi_output_buffer
- add_action('init', 'app_output_buffer');
- // LOGIN & LOGOUT
- add_shortcode('custom-login-form', array($this, 'render_login_form'));
- add_action('login_form_login', array($this, 'redirect_to_custom_login'));
- add_filter('authenticate', array($this, 'maybe_redirect_at_authenticate'), 101, 3);
- add_action('wp_logout', array($this, 'redirect_after_logout'));
- add_filter('login_redirect', array($this, 'redirect_after_login'), 10, 3);
- // REGISTER
- add_shortcode('custom-register-form', array($this, 'render_register_form'));
- add_action('login_form_register', array($this, 'redirect_to_custom_register'));
- add_action('login_form_register', array($this, 'do_register_user'));
- // LOST
- add_action('login_form_lostpassword', array($this, 'redirect_to_custom_lostpassword'));
- add_shortcode('custom-password-lost-form', array($this, 'render_password_lost_form'));
- add_action('login_form_lostpassword', array($this, 'do_password_lost'));
- add_filter('retrieve_password_message', array($this, 'replace_retrieve_password_message'), 10, 4);
- add_filter('retrieve_password_title', function( $title )
- {
- return 'Password Reset';
- }, 10, 4);
- add_filter( 'wp_mail_content_type', function( $content_type ) {
- return 'text/html';
- });
- // RESET
- add_action('login_form_rp', array($this, 'redirect_to_custom_password_reset'));
- add_action('login_form_resetpass', array($this, 'redirect_to_custom_password_reset'));
- add_shortcode('custom-password-reset-form', array($this, 'render_password_reset_form'));
- add_action('login_form_rp', array($this, 'do_password_reset'));
- add_action('login_form_resetpass', array($this, 'do_password_reset'));
- // CHANGE PASSWORD
- add_shortcode('custom-password-change-form', array($this, 'render_change_password_form'));
- add_action('custom_change_password_post', array($this, 'custom_change_password_post'));
- add_action('init', array($this, 'init'));
- }
- public function init()
- {
- add_filter('password_hint', array($this, 'password_hint'));
- add_filter('wp_mail_from_name', array($this, 'custom_wp_mail_from_name'));
- add_filter('auth_cookie_expiration', array($this, 'keep_me_logged_in_for_30_days'));
- }
- public function custom_wp_mail_from_name($original_email_from)
- {
- return get_option('blogname');
- }
- function keep_me_logged_in_for_30_days($expirein)
- {
- return 2592000;
- }
- /**
- * A shortcode for rendering the login form.
- *
- * @param array $attributes Shortcode attributes.
- * @param string $content The text content for shortcode. Not used.
- *
- * @return string The shortcode output
- */
- public function render_login_form($attributes, $content = null)
- {
- // Parse shortcode attributes
- $default_attributes = array('show_title' => true);
- $attributes = shortcode_atts($default_attributes, $attributes);
- $show_title = $attributes['show_title'];
- if (is_user_logged_in()) {
- //return __('You are already signed in.', 'personalize-login');
- wp_redirect(home_url('community'));
- }
- // Pass the redirect parameter to the WordPress login functionality: by default,
- // don't specify a redirect, but if a valid redirect URL has been passed as
- // request parameter, use it.
- $attributes['redirect'] = '';
- if (isset($_REQUEST['redirect_to'])) {
- $attributes['redirect'] = wp_validate_redirect($_REQUEST['redirect_to'], $attributes['redirect']);
- }
- // Error messages
- $errors = array();
- if (isset($_REQUEST['login'])) {
- $error_codes = explode(',', $_REQUEST['login']);
- foreach ($error_codes as $code) {
- $errors [] = $this->get_error_message($code);
- }
- }
- $attributes['errors'] = $errors;
- // Check if the user just registered
- $attributes['registered'] = isset($_REQUEST['registered']);
- // Check if the user just requested a new password
- $attributes['lost_password_sent'] = isset($_REQUEST['checkemail']) && $_REQUEST['checkemail'] == 'confirm';
- $attributes['logged_out'] = isset($_REQUEST['logged_out']) && $_REQUEST['logged_out'] == true;
- // Check if user just updated password
- $attributes['password_updated'] = isset($_REQUEST['password']) && $_REQUEST['password'] == 'changed';
- // Render the login form using an external template
- return $this->get_template_html('login_form', $attributes);
- }
- /**
- * Renders the contents of the given template to a string and returns it.
- *
- * @param string $template_name The name of the template to render (without .php)
- * @param array $attributes The PHP variables for the template
- *
- * @return string The contents of the template.
- */
- private function get_template_html($template_name, $attributes = null)
- {
- if (!$attributes) {
- $attributes = array();
- }
- ob_start();
- do_action('personalize_login_before_' . $template_name);
- require('custom_members_tpl/' . $template_name . '.php');
- do_action('personalize_login_after_' . $template_name);
- $html = ob_get_contents();
- ob_end_clean();
- return $html;
- }
- /**
- * Redirect the user to the custom login page instead of wp-login.php.
- */
- function redirect_to_custom_login()
- {
- if ($_SERVER['REQUEST_METHOD'] == 'GET') {
- $redirect_to = isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : null;
- if (is_user_logged_in()) {
- $this->redirect_logged_in_user($redirect_to);
- exit;
- }
- // The rest are redirected to the login page
- $login_url = home_url('login');
- if (!empty($redirect_to)) {
- $login_url = add_query_arg('redirect_to', $redirect_to, $login_url);
- }
- wp_redirect($login_url);
- exit;
- }
- }
- /**
- * Redirects the user to the correct page depending on whether he / she
- * is an admin or not.
- *
- * @param string $redirect_to An optional redirect_to URL for admin users
- */
- private function redirect_logged_in_user($redirect_to = null)
- {
- $user = wp_get_current_user();
- if (user_can($user, 'manage_options')) {
- if ($redirect_to) {
- wp_safe_redirect($redirect_to);
- } else {
- wp_redirect(admin_url());
- }
- } else {
- wp_redirect(home_url('community'));
- }
- }
- /**
- * Redirect the user after authentication if there were any errors.
- *
- * @param Wp_User|Wp_Error $user The signed in user, or the errors that have occurred during login.
- * @param string $username The user name used to log in.
- * @param string $password The password used to log in.
- *
- * @return Wp_User|Wp_Error The logged in user, or error information if there were errors.
- */
- function maybe_redirect_at_authenticate($user, $username, $password)
- {
- // Check if the earlier authenticate filter (most likely,
- // the default WordPress authentication) functions have found errors
- if ($_SERVER['REQUEST_METHOD'] === 'POST') {
- if (is_wp_error($user)) {
- $error_codes = join(',', $user->get_error_codes());
- $login_url = home_url('login');
- $login_url = add_query_arg('login', $error_codes, $login_url);
- wp_redirect($login_url);
- exit;
- }
- }
- return $user;
- }
- /**
- * Finds and returns a matching error message for the given error code.
- *
- * @param string $error_code The error code to look up.
- *
- * @return string An error message.
- */
- private function get_error_message($error_code)
- {
- switch ($error_code) {
- case 'empty_username':
- case 'empty_password':
- return __('Please enter your email and a password', 'personalize-login');
- case 'invalid_username':
- return __(
- "Sorry, we didn't find any user with this email address",
- 'personalize-login'
- );
- case 'incorrect_password':
- $err = __(
- "The password you entered is incorrect. <a href='%s'>Forgot your password</a>?",
- 'personalize-login'
- );
- return sprintf($err, wp_lostpassword_url());
- case 'user_login':
- return __('Invalid username', 'personalize-login');
- case 'email':
- return __('Invalid email address', 'personalize-login');
- case 'email_exists':
- return __('An account exists with this email address.', 'personalize-login');
- case 'user_login_exists':
- return __('An account exists with this Username.', 'personalize-login');
- case 'closed':
- return __('Registering new users is currently not allowed.', 'personalize-login');
- case 'empty_username':
- return __('Please enter your email address to continue.', 'personalize-login');
- case 'invalid_email':
- case 'invalidcombo':
- return __('There are no users registered with this email address.', 'personalize-login');
- case 'expiredkey':
- case 'invalidkey':
- return __('The password reset link you used is not valid anymore.', 'personalize-login');
- case 'password_reset_mismatch':
- return __("The two passwords entered don't match.", 'personalize-login');
- case 'password_change_mismatch':
- return __("The new password and the confirmation link you entered don't match.", 'personalize-login');
- case 'password_reset_empty':
- return __("Sorry, we don't accept empty passwords.", 'personalize-login');
- case 'short_password':
- return __("Sorry, Your password must be at least 6 characters.", 'personalize-login');
- case 'all_fields_required':
- return __("Please fill all fields.", 'personalize-login');
- case 'wrong_old_password':
- return __("Wrong current password, please enter the current password correctly!", 'personalize-login');
- default:
- break;
- }
- return __('An unknown error occurred. Please try again later.', 'personalize-login');
- }
- /**
- * Redirect to custom login page after the user has been logged out.
- */
- public function redirect_after_logout()
- {
- if (!isset($_SESSION['local_logout'])) {
- $redirect_url = home_url('login?logged_out=true');
- wp_safe_redirect($redirect_url);
- exit;
- } else {
- unset($_SESSION['local_logout']);
- }
- }
- /**
- * Returns the URL to which the user should be redirected after the (successful) login.
- *
- * @param string $redirect_to The redirect destination URL.
- * @param string $requested_redirect_to The requested redirect destination URL passed as a parameter.
- * @param WP_User|WP_Error $user WP_User object if login was successful, WP_Error object otherwise.
- *
- * @return string Redirect URL
- */
- public function redirect_after_login($redirect_to, $requested_redirect_to, $user)
- {
- $redirect_url = home_url();
- if (!isset($user->ID)) {
- return $redirect_url;
- }
- if (user_can($user, 'manage_options')) {
- // Use the redirect_to parameter if one is set, otherwise redirect to admin dashboard.
- if ($requested_redirect_to == '') {
- $redirect_url = admin_url();
- } else {
- $redirect_url = $requested_redirect_to;
- }
- } else {
- // Non-admin users always go to their account page after login
- $redirect_url = home_url('community');
- }
- return wp_validate_redirect($redirect_url, home_url());
- }
- /**
- * A shortcode for rendering the new user registration form.
- *
- * @param array $attributes Shortcode attributes.
- * @param string $content The text content for shortcode. Not used.
- *
- * @return string The shortcode output
- */
- public function render_register_form($attributes, $content = null)
- {
- // Parse shortcode attributes
- $default_attributes = array('show_title' => true);
- $attributes = shortcode_atts($default_attributes, $attributes);
- // Retrieve possible errors from request parameters
- $attributes['errors'] = array();
- if (isset($_REQUEST['register-errors'])) {
- $error_codes = explode(',', $_REQUEST['register-errors']);
- foreach ($error_codes as $error_code) {
- $attributes['errors'] [] = $this->get_error_message($error_code);
- }
- }
- if (is_user_logged_in()) {
- //return __('You are already signed in.', 'personalize-login');
- wp_redirect(home_url('community'));
- } elseif (!get_option('users_can_register')) {
- return __('Registering new users is currently not allowed.', 'personalize-login');
- } else {
- return $this->get_template_html('register_form', $attributes);
- }
- }
- /**
- * Redirects the user to the custom registration page instead
- * of wp-login.php?action=register.
- */
- public function redirect_to_custom_register()
- {
- if ('GET' == $_SERVER['REQUEST_METHOD']) {
- if (is_user_logged_in()) {
- $this->redirect_logged_in_user();
- } else {
- wp_redirect(home_url('register'));
- }
- exit;
- }
- }
- /**
- * Validates and then completes the new user signup process if all went well.
- *
- * @param string $user_login The new user's user_login address
- * @param string $email The new user's email address
- * @param string $first_name The new user's first name
- * @param string $last_name The new user's last name
- * @param string $user_pass The new user's password
- *
- * @return int|WP_Error The id of the user that was created, or error if failed.
- */
- private function register_user($user_login, $email, $first_name, $last_name)
- {
- $errors = new WP_Error();
- // Email address is used as both username and email. It is also the only
- // parameter we need to validate
- $_SESSION['custom_email'] = $_POST['email'];
- $_SESSION['custom_first_name'] = $_POST['first_name'];
- $_SESSION['custom_last_name'] = $_POST['last_name'];
- if (!isset($user_login) || !isset($email) || !isset($first_name) || !isset($_POST['last_name']) ||
- empty($user_login) || empty($email) || empty($first_name) || empty($last_name)
- ) {
- $errors->add('all_fields_required', $this->get_error_message('all_fields_required'));
- return $errors;
- }
- if (!isset($user_login) || strlen($user_login) < 3 || !validate_username($user_login)) {
- $errors->add('user_login', $this->get_error_message('user_login'));
- return $errors;
- }
- if (!is_email($email)) {
- $errors->add('email', $this->get_error_message('email'));
- return $errors;
- }
- if (username_exists($user_login)) {
- $errors->add('user_login_exists', $this->get_error_message('email_exists'));
- return $errors;
- }
- if (email_exists($email)) {
- $errors->add('email_exists', $this->get_error_message('email_exists'));
- return $errors;
- }
- unset($_SESSION['custom_user_login']);
- unset($_SESSION['custom_email']);
- unset($_SESSION['custom_first_name']);
- unset($_SESSION['custom_last_name']);
- // Generate the password so that the subscriber will have to check email...
- $password = wp_generate_password(12, false);
- $user_data = array(
- 'user_login' => $user_login,
- 'user_email' => $email,
- 'user_pass' => $password,
- 'first_name' => $first_name,
- 'last_name' => $last_name,
- 'nickname' => $first_name,
- );
- $user_id = wp_insert_user($user_data);
- wp_new_user_notification($user_id, null, true);
- return $user_id;
- }
- /**
- * Handles the registration of a new user.
- *
- * Used through the action hook "login_form_register" activated on wp-login.php
- * when accessed through the registration action.
- */
- public function do_register_user()
- {
- if ('POST' == $_SERVER['REQUEST_METHOD']) {
- $redirect_url = home_url('register');
- if (!get_option('users_can_register')) {
- // Registration closed, display error
- $redirect_url = add_query_arg('register-errors', 'closed', $redirect_url);
- } else {
- $user_login = sanitize_user($_POST['user_login']);
- $email = sanitize_email($_POST['email']);
- $first_name = sanitize_text_field($_POST['first_name']);
- $last_name = sanitize_text_field($_POST['last_name']);
- $result = $this->register_user($user_login, $email, $first_name, $last_name);
- if (is_wp_error($result)) {
- // Parse errors into a string and append as parameter to redirect
- $errors = join(',', $result->get_error_codes());
- $redirect_url = add_query_arg('register-errors', $errors, $redirect_url);
- } else {
- // Success, redirect to login page.
- $redirect_url = home_url('login');
- $redirect_url = add_query_arg('registered', $email, $redirect_url);
- }
- }
- wp_redirect($redirect_url);
- exit;
- }
- }
- /**
- * Redirects the user to the custom "Forgot your password?" page instead of
- * wp-login.php?action=lostpassword.
- */
- public function redirect_to_custom_lostpassword()
- {
- if ('GET' == $_SERVER['REQUEST_METHOD']) {
- if (is_user_logged_in()) {
- $this->redirect_logged_in_user();
- exit;
- }
- wp_redirect(home_url('lost-password'));
- exit;
- }
- }
- /**
- * A shortcode for rendering the form used to initiate the password reset.
- *
- * @param array $attributes Shortcode attributes.
- * @param string $content The text content for shortcode. Not used.
- *
- * @return string The shortcode output
- */
- public function render_password_lost_form($attributes, $content = null)
- {
- // Parse shortcode attributes
- $default_attributes = array('show_title' => true);
- $attributes = shortcode_atts($default_attributes, $attributes);
- // Retrieve possible errors from request parameters
- $attributes['errors'] = array();
- if (isset($_REQUEST['errors'])) {
- $error_codes = explode(',', $_REQUEST['errors']);
- foreach ($error_codes as $error_code) {
- $attributes['errors'] [] = $this->get_error_message($error_code);
- }
- }
- if (is_user_logged_in()) {
- return __('You are already signed in.', 'personalize-login');
- } else {
- return $this->get_template_html('password_lost_form', $attributes);
- }
- }
- /**
- * Initiates password reset.
- */
- public function do_password_lost()
- {
- if ('POST' == $_SERVER['REQUEST_METHOD']) {
- $errors = retrieve_password();
- if (is_wp_error($errors)) {
- // Errors found
- $redirect_url = home_url('lost-password');
- $redirect_url = add_query_arg('errors', join(',', $errors->get_error_codes()), $redirect_url);
- } else {
- // Email sent
- $redirect_url = home_url('login');
- $redirect_url = add_query_arg('checkemail', 'confirm', $redirect_url);
- }
- wp_redirect($redirect_url);
- exit;
- }
- }
- /**
- * Returns the message body for the password reset mail.
- * Called through the retrieve_password_message filter.
- *
- * @param string $message Default mail message.
- * @param string $key The activation key.
- * @param string $user_login The username for the user.
- * @param WP_User $user_data WP_User object.
- *
- * @return string The mail message to send.
- */
- public function replace_retrieve_password_message($message, $key, $user_login, $user_data)
- {
- global $wlg_notify;
- $link = site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login');
- return $wlg_notify->retrieve_password($user_data->user_email,$user_login,$link);
- }
- /**
- * Redirects to the custom password reset page, or the login page
- * if there are errors.
- */
- public function redirect_to_custom_password_reset()
- {
- if ('GET' == $_SERVER['REQUEST_METHOD']) {
- // Verify key / login combo
- $user = check_password_reset_key($_REQUEST['key'], $_REQUEST['login']);
- if (!$user || is_wp_error($user)) {
- if ($user && $user->get_error_code() === 'expired_key') {
- wp_redirect(home_url('login?login=expiredkey'));
- } else {
- wp_redirect(home_url('login?login=invalidkey'));
- }
- exit;
- }
- $redirect_url = home_url('password-reset');
- $redirect_url = add_query_arg('login', esc_attr($_REQUEST['login']), $redirect_url);
- $redirect_url = add_query_arg('key', esc_attr($_REQUEST['key']), $redirect_url);
- wp_redirect($redirect_url);
- exit;
- }
- }
- /**
- * A shortcode for rendering the form used to reset a user's password.
- *
- * @param array $attributes Shortcode attributes.
- * @param string $content The text content for shortcode. Not used.
- *
- * @return string The shortcode output
- */
- public function render_password_reset_form($attributes, $content = null)
- {
- // Parse shortcode attributes
- $default_attributes = array('show_title' => true);
- $attributes = shortcode_atts($default_attributes, $attributes);
- if (is_user_logged_in()) {
- wp_redirect(home_url('community'));
- exit;
- } else {
- if (isset($_REQUEST['login']) && isset($_REQUEST['key'])) {
- $attributes['login'] = $_REQUEST['login'];
- $attributes['key'] = $_REQUEST['key'];
- if (isset($_REQUEST['wlgrp_type']) && $_REQUEST['wlgrp_type'] == "new") {
- if (!isset($_SESSION['wlg_new_member'])) {
- $_SESSION['wlg_new_member'] = true;
- }
- }
- // Error messages
- $errors = array();
- if (isset($_REQUEST['error'])) {
- $error_codes = explode(',', $_REQUEST['error']);
- foreach ($error_codes as $code) {
- $errors [] = $this->get_error_message($code);
- }
- }
- $attributes['errors'] = $errors;
- return $this->get_template_html('password_reset_form', $attributes);
- } else {
- return __('Invalid password reset link.', 'personalize-login');
- }
- }
- }
- /**
- * Resets the user's password if the password reset form was submitted.
- */
- public function do_password_reset()
- {
- if ('POST' == $_SERVER['REQUEST_METHOD']) {
- $rp_key = $_REQUEST['rp_key'];
- $rp_login = $_REQUEST['rp_login'];
- $user = check_password_reset_key($rp_key, $rp_login);
- if (!$user || is_wp_error($user)) {
- if ($user && $user->get_error_code() === 'expired_key') {
- wp_redirect(home_url('login?login=expiredkey'));
- } else {
- wp_redirect(home_url('login?login=invalidkey'));
- }
- exit;
- }
- if (isset($_POST['pass1'])) {
- if ($_POST['pass1'] != $_POST['pass2']) {
- // Passwords don't match
- $redirect_url = home_url('password-reset');
- $redirect_url = add_query_arg('key', $rp_key, $redirect_url);
- $redirect_url = add_query_arg('login', $rp_login, $redirect_url);
- $redirect_url = add_query_arg('error', 'password_reset_mismatch', $redirect_url);
- wp_redirect($redirect_url);
- exit;
- }
- if (empty($_POST['pass1'])) {
- // Password is empty
- $redirect_url = home_url('password-reset');
- $redirect_url = add_query_arg('key', $rp_key, $redirect_url);
- $redirect_url = add_query_arg('login', $rp_login, $redirect_url);
- $redirect_url = add_query_arg('error', 'password_reset_empty', $redirect_url);
- wp_redirect($redirect_url);
- exit;
- }
- if (5 >= strlen($_POST['pass1'])) {
- // Password is empty
- $redirect_url = home_url('password-reset');
- $redirect_url = add_query_arg('key', $rp_key, $redirect_url);
- $redirect_url = add_query_arg('login', $rp_login, $redirect_url);
- $redirect_url = add_query_arg('error', 'short_password', $redirect_url);
- wp_redirect($redirect_url);
- exit;
- }
- // Parameter checks OK, reset password
- reset_password($user, $_POST['pass1']);
- if(isset($_SESSION['wlg_new_member'])) {
- global $wlg_notify;
- $wlg_notify->welcome($user->user_email,$user->user_login);
- unset($_SESSION['wlg_new_member']);
- $_SESSION['show_tour'] = 1;
- }
- $user_id = $user->ID;
- wp_set_current_user($user_id, $user->user_login);
- wp_set_auth_cookie($user_id);
- do_action('wp_login', $user->user_login);
- wp_safe_redirect(home_url(''));
- exit();
- } else {
- echo "Invalid request.";
- }
- exit;
- }
- }
- /**
- * A shortcode for rendering the form used to reset a user's password.
- *
- * @param array $attributes Shortcode attributes.
- * @param string $content The text content for shortcode. Not used.
- *
- * @return string The shortcode output
- */
- public function render_change_password_form($attributes, $content = null)
- {
- // Parse shortcode attributes
- $default_attributes = array('show_title' => true);
- $attributes = shortcode_atts($default_attributes, $attributes);
- if (!is_user_logged_in()) {
- wp_redirect(home_url('login'));
- exit;
- } else {
- // Error messages
- $errors = array();
- if (isset($_REQUEST['error'])) {
- $error_codes = explode(',', $_REQUEST['error']);
- foreach ($error_codes as $code) {
- $errors [] = $this->get_error_message($code);
- }
- }
- if (isset($_REQUEST['password_change_status'])) {
- $attributes['status'] = $_REQUEST['password_change_status'] == 'success' ? "Password Changes Successfully!" : "Something wrong!";
- }
- $attributes['errors'] = $errors;
- $attributes['action_url'] = home_url('change-password');
- return $this->get_template_html('change_password_form', $attributes);
- }
- }
- public function custom_change_password_post()
- {
- if ('POST' == $_SERVER['REQUEST_METHOD'] && isset($_POST['change-password-button'])) {
- global $wpdb, $wp_hasher;
- $user_id = get_current_user_id();
- $user = get_userdata($user_id);
- $redirect_url = home_url('change-password');
- if (!$user || is_wp_error($user)) {
- wp_redirect(home_url('login'));
- exit;
- }
- if (!isset($_POST['pass_old']) || !isset($_POST['pass1']) || !isset($_POST['pass2']) ||
- empty($_POST['pass_old']) || empty($_POST['pass1']) || empty($_POST['pass2'])
- ) {
- $redirect_url = add_query_arg('error', 'all_fields_required', $redirect_url);
- wp_redirect($redirect_url);
- exit;
- }
- $old = $_POST['pass_old'];
- $new1 = $_POST['pass1'];
- $new2 = $_POST['pass2'];
- /*
- var_dump(array(
- 'a' => $user->user_pass,
- 'b' => wp_hash_password($old)
- ));
- */
- $wp_hasher = new PasswordHash(8, TRUE);
- if (!$wp_hasher->CheckPassword($old, $user->user_pass)) {
- $redirect_url = add_query_arg('error', 'wrong_old_password', $redirect_url);
- wp_redirect($redirect_url);
- exit;
- }
- if ($new1 != $new2) {
- $redirect_url = add_query_arg('error', 'password_change_mismatch', $redirect_url);
- wp_redirect($redirect_url);
- exit;
- }
- if (strlen($new1) < 6) {
- $redirect_url = add_query_arg('error', 'short_password', $redirect_url);
- wp_redirect($redirect_url);
- exit;
- }
- // Parameter checks OK, reset password
- $redirect_url = add_query_arg('password_change_status', 'success', $redirect_url);
- $this->change_password($user, $_POST['pass1'], $redirect_url);
- /*
- if (isset($_POST['pass1'])) {
- if ($_POST['pass1'] != $_POST['pass2']) {
- // Passwords don't match
- $redirect_url = home_url('password-reset');
- $redirect_url = add_query_arg('key', $rp_key, $redirect_url);
- $redirect_url = add_query_arg('login', $rp_login, $redirect_url);
- $redirect_url = add_query_arg('error', 'password_reset_mismatch', $redirect_url);
- wp_redirect($redirect_url);
- exit;
- }
- if (empty($_POST['pass1'])) {
- // Password is empty
- $redirect_url = home_url('password-reset');
- $redirect_url = add_query_arg('key', $rp_key, $redirect_url);
- $redirect_url = add_query_arg('login', $rp_login, $redirect_url);
- $redirect_url = add_query_arg('error', 'password_reset_empty', $redirect_url);
- wp_redirect($redirect_url);
- exit;
- }
- // Parameter checks OK, reset password
- reset_password($user, $_POST['pass1']);
- wp_redirect(home_url('login?password=changed'));
- } else {
- echo "Invalid request.";
- }*/
- //exit;
- }
- }
- private function change_password($user, $new_password, $redirect_url)
- {
- global $wpdb;
- $update = $wpdb->query($wpdb->prepare("UPDATE {$wpdb->users} SET `user_pass` = %s WHERE `ID` = %d", array(wp_hash_password($new_password), $user->ID)));
- if (!is_wp_error($update)) {
- wp_cache_delete($user->ID, 'users');
- wp_cache_delete($user->user_login, 'userlogins');
- $_SESSION['local_logout'] = true;
- wp_logout();
- if (wp_signon(array('user_login' => $user->user_login, 'user_password' => $new_password), false)):
- wp_redirect($redirect_url);
- endif;
- }
- }
- public function password_hint($hint)
- {
- return __("Hint: The password should be at least six characters long.
- To make it stronger, use upper and lower case letters, numbers, and symbols like ! \" ? $ % ^ & ).", 'personalize-login');
- }
- }
- if (!function_exists('wp_new_user_notification')) :
- function wp_new_user_notification($user_id, $deprecated = null, $notify = '')
- {
- if ($deprecated !== null) {
- _deprecated_argument(__FUNCTION__, '4.3.1');
- }
- global $wpdb, $wp_hasher;
- $user = get_userdata($user_id);
- // The blogname option is escaped with esc_html on the way into the database in sanitize_option
- // we want to reverse this for the plain text arena of emails.
- $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
- $message = sprintf(__('New user registration on your site %s:'), $blogname) . "\r\n\r\n";
- $message .= sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n";
- $message .= sprintf(__('E-mail: %s'), $user->user_email) . "\r\n";
- @wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);
- if ('admin' === $notify || empty($notify)) {
- return;
- }
- // Generate something random for a password reset key.
- $key = wp_generate_password(20, false);
- /** This action is documented in wp-login.php */
- do_action('retrieve_password_key', $user->user_login, $key);
- // Now insert the key, hashed, into the DB.
- if (empty($wp_hasher)) {
- require_once ABSPATH . WPINC . '/class-phpass.php';
- $wp_hasher = new PasswordHash(8, true);
- }
- $hashed = time() . ':' . $wp_hasher->HashPassword($key);
- $wpdb->update($wpdb->users, array('user_activation_key' => $hashed), array('user_login' => $user->user_login));
- $link = home_url("password-reset/?action=rp&wlgrp_type=new&key=$key&login=" . rawurlencode($user->user_login));
- global $wlg_notify;
- $wlg_notify->confirm($user->user_email, $user->user_login, $link);
- }
- endif;
- $custom_members = new Custom_Members();
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement