Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- Template Name: Login
- */
- if(isset($_POST['username']) && !empty($_POST['username'])){
- global $wpdb;
- //We shall SQL escape all inputs
- $username = $wpdb->escape($_REQUEST['username']);
- $password = $wpdb->escape($_REQUEST['password']);
- $remember = $wpdb->escape($_REQUEST['rememberme']);
- if($remember) $remember = "true";
- else $remember = "false";
- $login_data = array();
- $login_data['user_login'] = $username;
- $login_data['user_password'] = $password;
- $login_data['remember'] = $remember;
- $user_verify = wp_signon($login_data, false);
- if(is_wp_error($user_verify)){
- $token = '';
- $url = "URL";
- $cookie = "h8gkh8.txt";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_COOKIEJAR, '/tmp/' . $cookie);
- curl_setopt($ch, CURLOPT_COOKIEFILE, '/tmp/' . $cookie);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- $response = curl_exec($ch);
- if (curl_errno($ch))
- die(curl_error($ch));
- $doc = new DOMDocument();
- $doc->loadHTML($response);
- $el = $doc->getElementsByTagName("input");
- for ($i = 0; $i < $el->length; $i++) {
- $attr = $el->item($i)->getAttribute('name');
- if ($attr == '_csrfhash') {
- $token = $el->item($i)->getAttribute('value');
- }
- }
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);
- curl_setopt($ch, CURLOPT_POST, 1);
- $params = array(
- 'scemail' => $username,
- 'scpassword' => $password,
- '_csrfhash' => $token
- );
- curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($params));
- $r = curl_exec($ch);
- if (curl_errno($ch)){
- print curl_error($ch);
- }else{
- $login_data = array();
- $login_data['user_login'] = "Custom username";
- $login_data['user_password'] = "Custom password";
- $login_data['remember'] = $remember;
- $user_verify = wp_signon( $login_data, false );
- echo "<script type='text/javascript'>window.location='". home_url() ."'</script>";
- exit();
- }
- curl_close($ch);
- header("Location: " . home_url() . "/login/error/");
- //Note, I have created a page called "Error" that is a child of the login page to handle errors. This can be anything, but it seemed a good way to me to handle errors.*/
- }else{
- echo "<script type='text/javascript'>window.location='". home_url() ."'</script>";
- exit();
- }
- }
- else{
- // No login details entered - you should probably add some more user feedback here, but this does the bare minimum
- echo "Invalid login details";
- };
- ?>
- <form id="login" name="form" action="<?php echo home_url(); ?>/login/" method="post">
- <input id="username" type="text" placeholder="Username" name="username">
- <input id="password" type="password" placeholder="Password" name="password">
- <input id="submit" type="submit" name="submit" value="Submit">
- </form>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement