admin
5 years ago
api
5 years ago
database
6 years ago
deprecated
5 years ago
donors
5 years ago
emails
6 years ago
forms
5 years ago
frontend
6 years ago
gateways
5 years ago
libraries
6 years ago
payments
5 years ago
actions.php
6 years ago
ajax-functions.php
5 years ago
class-give-async-process.php
6 years ago
class-give-background-updater.php
6 years ago
class-give-cache-setting.php
5 years ago
class-give-cache.php
6 years ago
class-give-cli-commands.php
6 years ago
class-give-comment.php
6 years ago
class-give-cron.php
6 years ago
class-give-donate-form.php
6 years ago
class-give-donor.php
6 years ago
class-give-email-access.php
6 years ago
class-give-license-handler.php
5 years ago
class-give-logging.php
6 years ago
class-give-readme-parser.php
6 years ago
class-give-roles.php
6 years ago
class-give-scripts.php
5 years ago
class-give-session.php
5 years ago
class-give-stats.php
6 years ago
class-give-template-loader.php
6 years ago
class-give-tooltips.php
6 years ago
class-give-translation.php
6 years ago
class-notices.php
5 years ago
country-functions.php
5 years ago
currencies-list.php
6 years ago
currency-functions.php
6 years ago
error-tracking.php
6 years ago
filters.php
6 years ago
formatting.php
6 years ago
install.php
5 years ago
login-register.php
6 years ago
misc-functions.php
5 years ago
plugin-compatibility.php
6 years ago
post-types.php
5 years ago
price-functions.php
6 years ago
process-donation.php
5 years ago
setting-functions.php
6 years ago
shortcodes.php
6 years ago
template-functions.php
6 years ago
user-functions.php
6 years ago
login-register.php
414 lines
| 1 | <?php |
| 2 | /** |
| 3 | * Login / Register Functions |
| 4 | * |
| 5 | * @package Give |
| 6 | * @subpackage Functions/Login |
| 7 | * @copyright Copyright (c) 2016, GiveWP |
| 8 | * @license https://opensource.org/licenses/gpl-license GNU Public License |
| 9 | * @since 1.0 |
| 10 | */ |
| 11 | |
| 12 | // Exit if accessed directly. |
| 13 | if ( ! defined( 'ABSPATH' ) ) { |
| 14 | exit; |
| 15 | } |
| 16 | |
| 17 | /** |
| 18 | * Login Form |
| 19 | * |
| 20 | * @since 1.0 |
| 21 | * @global $give_login_redirect |
| 22 | * @global $give_logout_redirect |
| 23 | * |
| 24 | * @param string $login_redirect Login redirect page URL |
| 25 | * @param string $logout_redirect Logout redirect page URL |
| 26 | * |
| 27 | * @return string Login form |
| 28 | */ |
| 29 | function give_login_form( $login_redirect = '', $logout_redirect = '' ) { |
| 30 | |
| 31 | if ( empty( $login_redirect ) ) { |
| 32 | $login_redirect = add_query_arg( 'give-login-success', 'true', give_get_history_page_uri() ); |
| 33 | } |
| 34 | |
| 35 | if ( empty( $logout_redirect ) ) { |
| 36 | $logout_redirect = add_query_arg( 'give-logout-success', 'true', give_get_current_page_url() ); |
| 37 | } |
| 38 | |
| 39 | // Add user_logout action to logout url. |
| 40 | $logout_redirect = add_query_arg( |
| 41 | array( |
| 42 | 'give_action' => 'user_logout', |
| 43 | 'give_logout_nonce' => wp_create_nonce( 'give-logout-nonce' ), |
| 44 | 'give_logout_redirect' => urlencode( $logout_redirect ), |
| 45 | ), |
| 46 | home_url( '/' ) |
| 47 | ); |
| 48 | |
| 49 | ob_start(); |
| 50 | |
| 51 | give_get_template( |
| 52 | 'shortcode-login', |
| 53 | array( |
| 54 | 'give_login_redirect' => $login_redirect, |
| 55 | 'give_logout_redirect' => $logout_redirect, |
| 56 | ) |
| 57 | ); |
| 58 | |
| 59 | return apply_filters( 'give_login_form', ob_get_clean() ); |
| 60 | } |
| 61 | |
| 62 | /** |
| 63 | * Registration Form |
| 64 | * |
| 65 | * @since 2.0 |
| 66 | * @global $give_register_redirect |
| 67 | * |
| 68 | * @param string $redirect Redirect page URL |
| 69 | * |
| 70 | * @return string Register form |
| 71 | */ |
| 72 | function give_register_form( $redirect = '' ) { |
| 73 | if ( empty( $redirect ) ) { |
| 74 | $redirect = give_get_current_page_url(); |
| 75 | } |
| 76 | |
| 77 | ob_start(); |
| 78 | |
| 79 | if ( ! is_user_logged_in() ) { |
| 80 | give_get_template( |
| 81 | 'shortcode-register', |
| 82 | array( |
| 83 | 'give_register_redirect' => $redirect, |
| 84 | ) |
| 85 | ); |
| 86 | } |
| 87 | |
| 88 | return apply_filters( 'give_register_form', ob_get_clean() ); |
| 89 | } |
| 90 | |
| 91 | /** |
| 92 | * Process Login Form |
| 93 | * |
| 94 | * @since 1.0 |
| 95 | * |
| 96 | * @param array $data Data sent from the login form |
| 97 | * |
| 98 | * @return void |
| 99 | */ |
| 100 | function give_process_login_form( $data ) { |
| 101 | |
| 102 | if ( wp_verify_nonce( $data['give_login_nonce'], 'give-login-nonce' ) ) { |
| 103 | |
| 104 | // Set Receipt Access Session. |
| 105 | if ( ! empty( $_GET['donation_id'] ) ) { |
| 106 | Give()->session->set( 'receipt_access', true ); |
| 107 | } |
| 108 | |
| 109 | $user_data = get_user_by( 'login', $data['give_user_login'] ); |
| 110 | |
| 111 | if ( ! $user_data ) { |
| 112 | $user_data = get_user_by( 'email', $data['give_user_login'] ); |
| 113 | } |
| 114 | |
| 115 | if ( $user_data ) { |
| 116 | |
| 117 | $user_id = $user_data->ID; |
| 118 | |
| 119 | if ( wp_check_password( $data['give_user_pass'], $user_data->user_pass, $user_id ) ) { |
| 120 | give_log_user_in( $user_data->ID, $data['give_user_login'], $data['give_user_pass'] ); |
| 121 | } else { |
| 122 | give_set_error( 'password_incorrect', __( 'The password you entered is incorrect.', 'give' ) ); |
| 123 | } |
| 124 | } else { |
| 125 | give_set_error( 'username_incorrect', __( 'The username you entered does not exist.', 'give' ) ); |
| 126 | } |
| 127 | |
| 128 | // Check for errors and redirect if none present. |
| 129 | $errors = give_get_errors(); |
| 130 | |
| 131 | if ( ! $errors ) { |
| 132 | $redirect = apply_filters( 'give_login_redirect', $data['give_login_redirect'], $user_id ); |
| 133 | wp_redirect( $redirect ); |
| 134 | give_die(); |
| 135 | } |
| 136 | } |
| 137 | } |
| 138 | |
| 139 | add_action( 'give_user_login', 'give_process_login_form' ); |
| 140 | |
| 141 | |
| 142 | /** |
| 143 | * Process User Logout |
| 144 | * |
| 145 | * @since 1.0 |
| 146 | * |
| 147 | * @param array $data Data sent from the give login form page |
| 148 | * |
| 149 | * @return void |
| 150 | */ |
| 151 | function give_process_user_logout( $data ) { |
| 152 | if ( wp_verify_nonce( $data['give_logout_nonce'], 'give-logout-nonce' ) && is_user_logged_in() ) { |
| 153 | |
| 154 | // Prevent occurring of any custom action on wp_logout. |
| 155 | remove_all_actions( 'wp_logout' ); |
| 156 | |
| 157 | /** |
| 158 | * Fires before processing user logout. |
| 159 | * |
| 160 | * @since 1.0 |
| 161 | */ |
| 162 | do_action( 'give_before_user_logout' ); |
| 163 | |
| 164 | // Logout user. |
| 165 | wp_logout(); |
| 166 | |
| 167 | /** |
| 168 | * Fires after processing user logout. |
| 169 | * |
| 170 | * @since 1.0 |
| 171 | */ |
| 172 | do_action( 'give_after_user_logout' ); |
| 173 | |
| 174 | wp_redirect( $data['give_logout_redirect'] ); |
| 175 | give_die(); |
| 176 | } |
| 177 | } |
| 178 | |
| 179 | add_action( 'give_user_logout', 'give_process_user_logout' ); |
| 180 | |
| 181 | /** |
| 182 | * Log User In |
| 183 | * |
| 184 | * @since 1.0 |
| 185 | * |
| 186 | * @param int $user_id User ID |
| 187 | * @param string $user_login Username |
| 188 | * @param string $user_pass Password |
| 189 | * |
| 190 | * @return bool |
| 191 | */ |
| 192 | function give_log_user_in( $user_id, $user_login, $user_pass ) { |
| 193 | |
| 194 | if ( $user_id < 1 ) { |
| 195 | return false; |
| 196 | } |
| 197 | |
| 198 | wp_set_auth_cookie( $user_id ); |
| 199 | wp_set_current_user( $user_id, $user_login ); |
| 200 | |
| 201 | /** |
| 202 | * Fires after the user has successfully logged in. |
| 203 | * |
| 204 | * @since 1.0 |
| 205 | * |
| 206 | * @param string $user_login Username. |
| 207 | * @param WP_User $$user WP_User object of the logged-in user. |
| 208 | */ |
| 209 | do_action( 'wp_login', $user_login, get_userdata( $user_id ) ); |
| 210 | |
| 211 | /** |
| 212 | * Fires after give user has successfully logged in. |
| 213 | * |
| 214 | * @since 1.0 |
| 215 | * |
| 216 | * @param int $$user_id User id. |
| 217 | * @param string $user_login Username. |
| 218 | * @param string $user_pass User password. |
| 219 | */ |
| 220 | do_action( 'give_log_user_in', $user_id, $user_login, $user_pass ); |
| 221 | } |
| 222 | |
| 223 | |
| 224 | /** |
| 225 | * Process Register Form |
| 226 | * |
| 227 | * @since 2.0 |
| 228 | * |
| 229 | * @param array $data Data sent from the register form |
| 230 | * |
| 231 | * @return bool |
| 232 | */ |
| 233 | function give_process_register_form( $data ) { |
| 234 | |
| 235 | if ( is_user_logged_in() ) { |
| 236 | return false; |
| 237 | } |
| 238 | |
| 239 | if ( empty( $_POST['give_register_submit'] ) ) { |
| 240 | return false; |
| 241 | } |
| 242 | |
| 243 | /** |
| 244 | * Fires before processing user registration. |
| 245 | * |
| 246 | * @since 1.0 |
| 247 | */ |
| 248 | do_action( 'give_pre_process_register_form' ); |
| 249 | |
| 250 | if ( empty( $data['give_user_login'] ) ) { |
| 251 | give_set_error( 'empty_username', esc_html__( 'Invalid username.', 'give' ) ); |
| 252 | } |
| 253 | |
| 254 | if ( username_exists( $data['give_user_login'] ) ) { |
| 255 | give_set_error( 'username_unavailable', esc_html__( 'Username already taken.', 'give' ) ); |
| 256 | } |
| 257 | |
| 258 | if ( ! validate_username( $data['give_user_login'] ) ) { |
| 259 | give_set_error( 'username_invalid', esc_html__( 'Invalid username.', 'give' ) ); |
| 260 | } |
| 261 | |
| 262 | if ( email_exists( $data['give_user_email'] ) ) { |
| 263 | give_set_error( 'email_unavailable', esc_html__( 'Email address already taken.', 'give' ) ); |
| 264 | } |
| 265 | |
| 266 | if ( empty( $data['give_user_email'] ) || ! is_email( $data['give_user_email'] ) ) { |
| 267 | give_set_error( 'email_invalid', esc_html__( 'Invalid email.', 'give' ) ); |
| 268 | } |
| 269 | |
| 270 | if ( ! empty( $data['give_payment_email'] ) && $data['give_payment_email'] != $data['give_user_email'] && ! is_email( $data['give_payment_email'] ) ) { |
| 271 | give_set_error( 'payment_email_invalid', esc_html__( 'Invalid payment email.', 'give' ) ); |
| 272 | } |
| 273 | |
| 274 | if ( empty( $_POST['give_user_pass'] ) ) { |
| 275 | give_set_error( 'empty_password', esc_html__( 'Please enter a password.', 'give' ) ); |
| 276 | } |
| 277 | |
| 278 | if ( ( ! empty( $_POST['give_user_pass'] ) && empty( $_POST['give_user_pass2'] ) ) || ( $_POST['give_user_pass'] !== $_POST['give_user_pass2'] ) ) { |
| 279 | give_set_error( 'password_mismatch', esc_html__( 'Passwords don\'t match.', 'give' ) ); |
| 280 | } |
| 281 | |
| 282 | /** |
| 283 | * Fires while processing user registration. |
| 284 | * |
| 285 | * @since 1.0 |
| 286 | */ |
| 287 | do_action( 'give_process_register_form' ); |
| 288 | |
| 289 | // Check for errors and redirect if none present |
| 290 | $errors = give_get_errors(); |
| 291 | |
| 292 | if ( empty( $errors ) ) { |
| 293 | |
| 294 | $redirect = apply_filters( 'give_register_redirect', $data['give_redirect'] ); |
| 295 | |
| 296 | give_register_and_login_new_user( |
| 297 | array( |
| 298 | 'user_login' => $data['give_user_login'], |
| 299 | 'user_pass' => $data['give_user_pass'], |
| 300 | 'user_email' => $data['give_user_email'], |
| 301 | 'user_registered' => date( 'Y-m-d H:i:s' ), |
| 302 | 'role' => get_option( 'default_role' ), |
| 303 | ) |
| 304 | ); |
| 305 | |
| 306 | wp_redirect( $redirect ); |
| 307 | give_die(); |
| 308 | } |
| 309 | } |
| 310 | |
| 311 | add_action( 'give_user_register', 'give_process_register_form' ); |
| 312 | |
| 313 | |
| 314 | /** |
| 315 | * Email access login form. |
| 316 | * |
| 317 | * @since 1.8.17 |
| 318 | * |
| 319 | * @return bool |
| 320 | */ |
| 321 | function give_email_access_login() { |
| 322 | |
| 323 | // Verify nonce. |
| 324 | if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'give' ) ) { |
| 325 | return false; |
| 326 | } |
| 327 | |
| 328 | // Need email to proceed. |
| 329 | $email = isset( $_POST['give_email'] ) ? give_clean( $_POST['give_email'] ) : ''; |
| 330 | if ( empty( $email ) ) { |
| 331 | give_set_error( 'give_empty_email', __( 'Please enter the email address you used for your donation.', 'give' ) ); |
| 332 | } |
| 333 | |
| 334 | $recaptcha_key = give_get_option( 'recaptcha_key' ); |
| 335 | $recaptcha_secret = give_get_option( 'recaptcha_secret' ); |
| 336 | $enable_recaptcha = ( give_is_setting_enabled( give_get_option( 'enable_recaptcha' ) ) ) && ! empty( $recaptcha_key ) && ! empty( $recaptcha_secret ) ? true : false; |
| 337 | |
| 338 | // Use reCAPTCHA. |
| 339 | if ( $enable_recaptcha ) { |
| 340 | |
| 341 | $args = array( |
| 342 | 'secret' => $recaptcha_secret, |
| 343 | 'response' => $_POST['g-recaptcha-response'], |
| 344 | 'remoteip' => $_POST['give_ip'], |
| 345 | ); |
| 346 | |
| 347 | if ( ! empty( $args['response'] ) ) { |
| 348 | $request = wp_remote_post( |
| 349 | 'https://www.google.com/recaptcha/api/siteverify', |
| 350 | array( |
| 351 | 'body' => $args, |
| 352 | ) |
| 353 | ); |
| 354 | if ( ! is_wp_error( $request ) || 200 == wp_remote_retrieve_response_code( $request ) ) { |
| 355 | |
| 356 | $response = json_decode( $request['body'], true ); |
| 357 | |
| 358 | // reCAPTCHA fail. |
| 359 | if ( ! $response['success'] ) { |
| 360 | give_set_error( 'give_recaptcha_test_failed', apply_filters( 'give_recaptcha_test_failed_message', __( 'reCAPTCHA test failed.', 'give' ) ) ); |
| 361 | } |
| 362 | } else { |
| 363 | |
| 364 | // Connection issue. |
| 365 | give_set_error( 'give_recaptcha_connection_issue', apply_filters( 'give_recaptcha_connection_issue_message', __( 'Unable to connect to reCAPTCHA server.', 'give' ) ) ); |
| 366 | |
| 367 | } // End if(). |
| 368 | } else { |
| 369 | |
| 370 | give_set_error( 'give_recaptcha_failed', apply_filters( 'give_recaptcha_failed_message', __( 'It looks like the reCAPTCHA test has failed.', 'give' ) ) ); |
| 371 | |
| 372 | } // End if(). |
| 373 | } // End if(). |
| 374 | |
| 375 | // If no errors or only expired token key error - then send email. |
| 376 | if ( ! give_get_errors() ) { |
| 377 | |
| 378 | $donor = Give()->donors->get_donor_by( 'email', $email ); |
| 379 | Give()->email_access->init(); |
| 380 | |
| 381 | // Verify that donor object is present and donor is connected with its user profile or not. |
| 382 | if ( is_object( $donor ) ) { |
| 383 | |
| 384 | // Verify that email can be sent. |
| 385 | if ( ! Give()->email_access->can_send_email( $donor->id ) ) { |
| 386 | |
| 387 | $_POST['email-access-exhausted'] = true; |
| 388 | |
| 389 | return false; |
| 390 | |
| 391 | } else { |
| 392 | // Send the email. Requests not |
| 393 | $email_sent = Give()->email_access->send_email( $donor->id, $donor->email ); |
| 394 | |
| 395 | if ( ! $email_sent ) { |
| 396 | give_set_error( 'give_email_access_send_issue', __( 'Unable to send email. Please try again.', 'give' ) ); |
| 397 | return false; |
| 398 | } |
| 399 | |
| 400 | $_POST['email-access-sent'] = true; |
| 401 | |
| 402 | return true; |
| 403 | } |
| 404 | } else { |
| 405 | |
| 406 | give_set_error( 'give-no-donations', __( 'We were unable to find any donations associated with the email address provided. Please try again using another email.', 'give' ) ); |
| 407 | |
| 408 | } |
| 409 | } // End if(). |
| 410 | |
| 411 | } |
| 412 | |
| 413 | add_action( 'give_email_access_form_login', 'give_email_access_login' ); |
| 414 |