admin
8 years ago
api
8 years ago
deprecated
8 years ago
donors
8 years ago
emails
8 years ago
forms
8 years ago
gateways
8 years ago
libraries
8 years ago
payments
8 years ago
actions.php
8 years ago
ajax-functions.php
8 years ago
class-give-async-process.php
8 years ago
class-give-background-updater.php
8 years ago
class-give-cache.php
8 years ago
class-give-cli-commands.php
8 years ago
class-give-cron.php
8 years ago
class-give-db-donor-meta.php
8 years ago
class-give-db-donors.php
8 years ago
class-give-db-form-meta.php
8 years ago
class-give-db-logs-meta.php
8 years ago
class-give-db-logs.php
8 years ago
class-give-db-meta.php
8 years ago
class-give-db-payment-meta.php
8 years ago
class-give-db-sequential-ordering.php
8 years ago
class-give-db.php
8 years ago
class-give-donate-form.php
8 years ago
class-give-donor.php
8 years ago
class-give-email-access.php
8 years ago
class-give-gravatars.php
8 years ago
class-give-html-elements.php
8 years ago
class-give-license-handler.php
8 years ago
class-give-logging.php
8 years ago
class-give-roles.php
8 years ago
class-give-scripts.php
8 years ago
class-give-session.php
8 years ago
class-give-stats.php
8 years ago
class-give-template-loader.php
8 years ago
class-give-tooltips.php
8 years ago
class-give-translation.php
8 years ago
class-notices.php
8 years ago
country-functions.php
8 years ago
currency-functions.php
8 years ago
error-tracking.php
8 years ago
filters.php
8 years ago
formatting.php
8 years ago
import-functions.php
8 years ago
install.php
8 years ago
login-register.php
8 years ago
misc-functions.php
8 years ago
plugin-compatibility.php
8 years ago
post-types.php
8 years ago
price-functions.php
8 years ago
process-donation.php
8 years ago
shortcodes.php
8 years ago
template-functions.php
8 years ago
user-functions.php
8 years ago
login-register.php
406 lines
| 1 | <?php |
| 2 | /** |
| 3 | * Login / Register Functions |
| 4 | * |
| 5 | * @package Give |
| 6 | * @subpackage Functions/Login |
| 7 | * @copyright Copyright (c) 2016, WordImpress |
| 8 | * @license https://opensource.org/licenses/gpl-license GNU Public License |
| 9 | * @since 1.0 |
| 10 | */ |
| 11 | |
| 12 | // Exit if accessed directly. |
| 13 | if ( ! defined( 'ABSPATH' ) ) { |
| 14 | exit; |
| 15 | } |
| 16 | |
| 17 | /** |
| 18 | * Login Form |
| 19 | * |
| 20 | * @since 1.0 |
| 21 | * @global $give_login_redirect |
| 22 | * @global $give_logout_redirect |
| 23 | * |
| 24 | * @param string $login_redirect Login redirect page URL |
| 25 | * @param string $logout_redirect Logout redirect page URL |
| 26 | * |
| 27 | * @return string Login form |
| 28 | */ |
| 29 | function give_login_form( $login_redirect = '', $logout_redirect = '' ) { |
| 30 | |
| 31 | if ( empty( $login_redirect ) ) { |
| 32 | $login_redirect = add_query_arg( 'give-login-success', 'true', give_get_history_page_uri() ); |
| 33 | } |
| 34 | |
| 35 | if ( empty( $logout_redirect ) ) { |
| 36 | $logout_redirect = add_query_arg( 'give-logout-success', 'true', give_get_current_page_url() ); |
| 37 | } |
| 38 | |
| 39 | // Add user_logout action to logout url. |
| 40 | $logout_redirect = add_query_arg( |
| 41 | array( |
| 42 | 'give_action' => 'user_logout', |
| 43 | 'give_logout_nonce' => wp_create_nonce( 'give-logout-nonce' ), |
| 44 | 'give_logout_redirect' => urlencode( $logout_redirect ), |
| 45 | ), |
| 46 | home_url( '/' ) |
| 47 | ); |
| 48 | |
| 49 | ob_start(); |
| 50 | |
| 51 | give_get_template( |
| 52 | 'shortcode-login', |
| 53 | array( |
| 54 | 'give_login_redirect' => $login_redirect, |
| 55 | 'give_logout_redirect' => $logout_redirect, |
| 56 | ) |
| 57 | ); |
| 58 | |
| 59 | return apply_filters( 'give_login_form', ob_get_clean() ); |
| 60 | } |
| 61 | |
| 62 | /** |
| 63 | * Registration Form |
| 64 | * |
| 65 | * @since 2.0 |
| 66 | * @global $give_register_redirect |
| 67 | * |
| 68 | * @param string $redirect Redirect page URL |
| 69 | * |
| 70 | * @return string Register form |
| 71 | */ |
| 72 | function give_register_form( $redirect = '' ) { |
| 73 | if ( empty( $redirect ) ) { |
| 74 | $redirect = give_get_current_page_url(); |
| 75 | } |
| 76 | |
| 77 | ob_start(); |
| 78 | |
| 79 | if ( ! is_user_logged_in() ) { |
| 80 | give_get_template( |
| 81 | 'shortcode-register', |
| 82 | array( |
| 83 | 'give_register_redirect' => $redirect, |
| 84 | ) |
| 85 | ); |
| 86 | } |
| 87 | |
| 88 | return apply_filters( 'give_register_form', ob_get_clean() ); |
| 89 | } |
| 90 | |
| 91 | /** |
| 92 | * Process Login Form |
| 93 | * |
| 94 | * @since 1.0 |
| 95 | * |
| 96 | * @param array $data Data sent from the login form |
| 97 | * |
| 98 | * @return void |
| 99 | */ |
| 100 | function give_process_login_form( $data ) { |
| 101 | if ( wp_verify_nonce( $data['give_login_nonce'], 'give-login-nonce' ) ) { |
| 102 | |
| 103 | // Set Receipt Access Session. |
| 104 | if ( ! empty( $_GET['payment_key'] ) ) { |
| 105 | Give()->session->set( 'receipt_access', true ); |
| 106 | } |
| 107 | |
| 108 | $user_data = get_user_by( 'login', $data['give_user_login'] ); |
| 109 | if ( ! $user_data ) { |
| 110 | $user_data = get_user_by( 'email', $data['give_user_login'] ); |
| 111 | } |
| 112 | if ( $user_data ) { |
| 113 | $user_ID = $user_data->ID; |
| 114 | $user_email = $user_data->user_email; |
| 115 | if ( wp_check_password( $data['give_user_pass'], $user_data->user_pass, $user_ID ) ) { |
| 116 | give_log_user_in( $user_data->ID, $data['give_user_login'], $data['give_user_pass'] ); |
| 117 | } else { |
| 118 | give_set_error( 'password_incorrect', __( 'The password you entered is incorrect.', 'give' ) ); |
| 119 | } |
| 120 | } else { |
| 121 | give_set_error( 'username_incorrect', __( 'The username you entered does not exist.', 'give' ) ); |
| 122 | } |
| 123 | // Check for errors and redirect if none present |
| 124 | $errors = give_get_errors(); |
| 125 | if ( ! $errors ) { |
| 126 | $redirect = apply_filters( 'give_login_redirect', $data['give_login_redirect'], $user_ID ); |
| 127 | wp_redirect( $redirect ); |
| 128 | give_die(); |
| 129 | } |
| 130 | } |
| 131 | } |
| 132 | |
| 133 | add_action( 'give_user_login', 'give_process_login_form' ); |
| 134 | |
| 135 | |
| 136 | /** |
| 137 | * Process User Logout |
| 138 | * |
| 139 | * @since 1.0 |
| 140 | * |
| 141 | * @param array $data Data sent from the give login form page |
| 142 | * |
| 143 | * @return void |
| 144 | */ |
| 145 | function give_process_user_logout( $data ) { |
| 146 | if ( wp_verify_nonce( $data['give_logout_nonce'], 'give-logout-nonce' ) && is_user_logged_in() ) { |
| 147 | |
| 148 | // Prevent occurring of any custom action on wp_logout. |
| 149 | remove_all_actions( 'wp_logout' ); |
| 150 | |
| 151 | /** |
| 152 | * Fires before processing user logout. |
| 153 | * |
| 154 | * @since 1.0 |
| 155 | */ |
| 156 | do_action( 'give_before_user_logout' ); |
| 157 | |
| 158 | // Logout user. |
| 159 | wp_logout(); |
| 160 | |
| 161 | /** |
| 162 | * Fires after processing user logout. |
| 163 | * |
| 164 | * @since 1.0 |
| 165 | */ |
| 166 | do_action( 'give_after_user_logout' ); |
| 167 | |
| 168 | wp_redirect( $data['give_logout_redirect'] ); |
| 169 | give_die(); |
| 170 | } |
| 171 | } |
| 172 | |
| 173 | add_action( 'give_user_logout', 'give_process_user_logout' ); |
| 174 | |
| 175 | /** |
| 176 | * Log User In |
| 177 | * |
| 178 | * @since 1.0 |
| 179 | * |
| 180 | * @param int $user_id User ID |
| 181 | * @param string $user_login Username |
| 182 | * @param string $user_pass Password |
| 183 | * |
| 184 | * @return bool |
| 185 | */ |
| 186 | function give_log_user_in( $user_id, $user_login, $user_pass ) { |
| 187 | |
| 188 | if ( $user_id < 1 ) { |
| 189 | return false; |
| 190 | } |
| 191 | |
| 192 | wp_set_auth_cookie( $user_id ); |
| 193 | wp_set_current_user( $user_id, $user_login ); |
| 194 | |
| 195 | /** |
| 196 | * Fires after the user has successfully logged in. |
| 197 | * |
| 198 | * @since 1.0 |
| 199 | * |
| 200 | * @param string $user_login Username. |
| 201 | * @param WP_User $$user WP_User object of the logged-in user. |
| 202 | */ |
| 203 | do_action( 'wp_login', $user_login, get_userdata( $user_id ) ); |
| 204 | |
| 205 | /** |
| 206 | * Fires after give user has successfully logged in. |
| 207 | * |
| 208 | * @since 1.0 |
| 209 | * |
| 210 | * @param int $$user_id User id. |
| 211 | * @param string $user_login Username. |
| 212 | * @param string $user_pass User password. |
| 213 | */ |
| 214 | do_action( 'give_log_user_in', $user_id, $user_login, $user_pass ); |
| 215 | } |
| 216 | |
| 217 | |
| 218 | /** |
| 219 | * Process Register Form |
| 220 | * |
| 221 | * @since 2.0 |
| 222 | * |
| 223 | * @param array $data Data sent from the register form |
| 224 | * |
| 225 | * @return bool |
| 226 | */ |
| 227 | function give_process_register_form( $data ) { |
| 228 | |
| 229 | if ( is_user_logged_in() ) { |
| 230 | return false; |
| 231 | } |
| 232 | |
| 233 | if ( empty( $_POST['give_register_submit'] ) ) { |
| 234 | return false; |
| 235 | } |
| 236 | |
| 237 | /** |
| 238 | * Fires before processing user registration. |
| 239 | * |
| 240 | * @since 1.0 |
| 241 | */ |
| 242 | do_action( 'give_pre_process_register_form' ); |
| 243 | |
| 244 | if ( empty( $data['give_user_login'] ) ) { |
| 245 | give_set_error( 'empty_username', esc_html__( 'Invalid username.', 'give' ) ); |
| 246 | } |
| 247 | |
| 248 | if ( username_exists( $data['give_user_login'] ) ) { |
| 249 | give_set_error( 'username_unavailable', esc_html__( 'Username already taken.', 'give' ) ); |
| 250 | } |
| 251 | |
| 252 | if ( ! validate_username( $data['give_user_login'] ) ) { |
| 253 | give_set_error( 'username_invalid', esc_html__( 'Invalid username.', 'give' ) ); |
| 254 | } |
| 255 | |
| 256 | if ( email_exists( $data['give_user_email'] ) ) { |
| 257 | give_set_error( 'email_unavailable', esc_html__( 'Email address already taken.', 'give' ) ); |
| 258 | } |
| 259 | |
| 260 | if ( empty( $data['give_user_email'] ) || ! is_email( $data['give_user_email'] ) ) { |
| 261 | give_set_error( 'email_invalid', esc_html__( 'Invalid email.', 'give' ) ); |
| 262 | } |
| 263 | |
| 264 | if ( ! empty( $data['give_payment_email'] ) && $data['give_payment_email'] != $data['give_user_email'] && ! is_email( $data['give_payment_email'] ) ) { |
| 265 | give_set_error( 'payment_email_invalid', esc_html__( 'Invalid payment email.', 'give' ) ); |
| 266 | } |
| 267 | |
| 268 | if ( empty( $_POST['give_user_pass'] ) ) { |
| 269 | give_set_error( 'empty_password', esc_html__( 'Please enter a password.', 'give' ) ); |
| 270 | } |
| 271 | |
| 272 | if ( ( ! empty( $_POST['give_user_pass'] ) && empty( $_POST['give_user_pass2'] ) ) || ( $_POST['give_user_pass'] !== $_POST['give_user_pass2'] ) ) { |
| 273 | give_set_error( 'password_mismatch', esc_html__( 'Passwords don\'t match.', 'give' ) ); |
| 274 | } |
| 275 | |
| 276 | /** |
| 277 | * Fires while processing user registration. |
| 278 | * |
| 279 | * @since 1.0 |
| 280 | */ |
| 281 | do_action( 'give_process_register_form' ); |
| 282 | |
| 283 | // Check for errors and redirect if none present |
| 284 | $errors = give_get_errors(); |
| 285 | |
| 286 | if ( empty( $errors ) ) { |
| 287 | |
| 288 | $redirect = apply_filters( 'give_register_redirect', $data['give_redirect'] ); |
| 289 | |
| 290 | give_register_and_login_new_user( array( |
| 291 | 'user_login' => $data['give_user_login'], |
| 292 | 'user_pass' => $data['give_user_pass'], |
| 293 | 'user_email' => $data['give_user_email'], |
| 294 | 'user_registered' => date( 'Y-m-d H:i:s' ), |
| 295 | 'role' => get_option( 'default_role' ), |
| 296 | ) ); |
| 297 | |
| 298 | wp_redirect( $redirect ); |
| 299 | give_die(); |
| 300 | } |
| 301 | } |
| 302 | |
| 303 | add_action( 'give_user_register', 'give_process_register_form' ); |
| 304 | |
| 305 | |
| 306 | /** |
| 307 | * Email access login form. |
| 308 | * |
| 309 | * @since 1.8.17 |
| 310 | * |
| 311 | * @return bool |
| 312 | */ |
| 313 | function give_email_access_login() { |
| 314 | |
| 315 | // Verify nonce. |
| 316 | if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'give' ) ) { |
| 317 | return false; |
| 318 | } |
| 319 | |
| 320 | // Need email to proceed. |
| 321 | $email = isset( $_POST['give_email'] ) ? give_clean( $_POST['give_email'] ) : ''; |
| 322 | if ( empty( $email ) ) { |
| 323 | give_set_error( 'give_empty_email', __( 'Please enter the email address you used for your donation.', 'give' ) ); |
| 324 | } |
| 325 | |
| 326 | $recaptcha_key = give_get_option( 'recaptcha_key' ); |
| 327 | $recaptcha_secret = give_get_option( 'recaptcha_secret' ); |
| 328 | |
| 329 | $enable_recaptcha = ( give_is_setting_enabled( give_get_option( 'enable_recaptcha' ) ) ) && ! empty( $recaptcha_key ) && ! empty( $recaptcha_secret ) ? true : false; |
| 330 | $access_token = ! empty( $_GET['payment_key'] ) ? $_GET['payment_key'] : ''; |
| 331 | |
| 332 | // Use reCAPTCHA. |
| 333 | if ( $enable_recaptcha ) { |
| 334 | |
| 335 | $args = array( |
| 336 | 'secret' => $recaptcha_secret, |
| 337 | 'response' => $_POST['g-recaptcha-response'], |
| 338 | 'remoteip' => $_POST['give_ip'], |
| 339 | ); |
| 340 | |
| 341 | if ( ! empty( $args['response'] ) ) { |
| 342 | $request = wp_remote_post( 'https://www.google.com/recaptcha/api/siteverify', array( |
| 343 | 'body' => $args, |
| 344 | ) ); |
| 345 | if ( ! is_wp_error( $request ) || 200 == wp_remote_retrieve_response_code( $request ) ) { |
| 346 | |
| 347 | $response = json_decode( $request['body'], true ); |
| 348 | |
| 349 | // reCAPTCHA fail. |
| 350 | if ( ! $response['success'] ) { |
| 351 | give_set_error( 'give_recaptcha_test_failed', apply_filters( 'give_recaptcha_test_failed_message', __( 'reCAPTCHA test failed.', 'give' ) ) ); |
| 352 | } |
| 353 | } else { |
| 354 | |
| 355 | // Connection issue. |
| 356 | give_set_error( 'give_recaptcha_connection_issue', apply_filters( 'give_recaptcha_connection_issue_message', __( 'Unable to connect to reCAPTCHA server.', 'give' ) ) ); |
| 357 | |
| 358 | } // End if(). |
| 359 | } else { |
| 360 | |
| 361 | give_set_error( 'give_recaptcha_failed', apply_filters( 'give_recaptcha_failed_message', __( 'It looks like the reCAPTCHA test has failed.', 'give' ) ) ); |
| 362 | |
| 363 | } // End if(). |
| 364 | } // End if(). |
| 365 | |
| 366 | // If no errors or only expired token key error - then send email. |
| 367 | if ( ! give_get_errors() ) { |
| 368 | |
| 369 | $donor = Give()->donors->get_donor_by( 'email', $email ); |
| 370 | |
| 371 | Give()->email_access->init(); |
| 372 | |
| 373 | // Verify that donor object is present and donor is connected with its user profile or not. |
| 374 | if ( is_object( $donor ) ) { |
| 375 | |
| 376 | // Verify that email can be sent. |
| 377 | if ( ! Give()->email_access->can_send_email( $donor->id ) ) { |
| 378 | |
| 379 | $_POST['email-access-exhausted'] = true; |
| 380 | |
| 381 | return false; |
| 382 | |
| 383 | } else { |
| 384 | // Send the email. Requests not |
| 385 | $email_sent = Give()->email_access->send_email( $donor->id, $donor->email ); |
| 386 | |
| 387 | if ( ! $email_sent ) { |
| 388 | give_set_error( 'give_email_access_send_issue', __( 'Unable to send email. Please try again.', 'give' ) ); |
| 389 | return false; |
| 390 | } |
| 391 | |
| 392 | $_POST['email-access-sent'] = true; |
| 393 | |
| 394 | return true; |
| 395 | } |
| 396 | } else { |
| 397 | |
| 398 | give_set_error( 'give-no-donations', __( 'We were unable to find any donations associated with the email address provided. Please try again using another email.', 'give' ) ); |
| 399 | |
| 400 | } |
| 401 | } // End if(). |
| 402 | |
| 403 | } |
| 404 | |
| 405 | add_action( 'give_email_access_form_login', 'give_email_access_login' ); |
| 406 |