PluginProbe ʕ •ᴥ•ʔ
GiveWP – Donation Plugin and Fundraising Platform / trunk
GiveWP – Donation Plugin and Fundraising Platform vtrunk
4.16.2 4.16.1 4.16.0 4.15.5 4.15.4 4.15.3 4.15.2 4.15.1 4.15.0 2.3.0 2.3.1 2.3.2 2.30.0 2.31.0 2.31.1 2.32.0 2.33.0 2.33.1 2.33.2 2.33.3 2.33.4 2.33.5 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.5.0 2.5.1 2.5.10 2.5.11 2.5.12 2.5.13 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.5.7 2.5.8 2.5.9 2.6.0 2.6.1 2.6.2 2.6.3 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.9.0 2.9.1 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.10.0 3.11.0 3.12.0 3.12.1 3.12.2 3.12.3 3.13.0 3.14.0 3.14.1 3.14.2 3.15.0 3.15.1 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.17.0 3.17.1 3.17.2 3.18.0 3.19.0 3.19.1 3.19.2 3.19.3 3.19.4 3.2.0 3.2.1 3.2.2 3.20.0 3.21.0 3.21.1 3.22.0 3.22.1 3.22.2 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.5.1 3.6.0 3.6.1 3.6.2 3.7.0 3.8.0 3.9.0 4.0.0 4.1.0 4.1.1 4.10.0 4.10.1 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.14.5 4.14.6 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.1 4.7.0 4.7.1 4.8.0 4.8.1 4.9.0 trunk 1.9.0 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.12.1 2.12.2 2.12.3 2.13.0 2.13.1 2.13.2 2.13.3 2.13.4 2.14.0 2.15.0 2.16.0 2.16.1 2.17.0 2.17.1 2.17.3 2.18.0 2.18.1 2.19.1 2.19.2 2.19.3 2.19.4 2.19.5 2.19.6 2.19.7 2.19.8 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.20.0 2.20.1 2.20.2 2.21.0 2.21.1 2.21.2 2.21.3 2.21.4 2.22.0 2.22.1 2.22.2 2.22.3 2.23.0 2.23.1 2.23.2 2.24.0 2.24.1 2.24.2 2.25.0 2.25.1 2.25.2 2.25.3 2.26.0 2.27.0 2.27.1 2.27.2 2.27.3 2.28.0 2.29.0 2.29.1 2.29.2
give / includes / login-register.php
give / includes Last commit date
admin 23 hours ago api 3 years ago database 5 months ago deprecated 1 month ago donors 5 months ago emails 9 months ago forms 23 hours ago frontend 6 years ago gateways 9 months ago libraries 9 months ago payments 2 months ago actions.php 9 months ago ajax-functions.php 3 days ago class-give-async-process.php 1 year ago class-give-background-updater.php 9 months ago class-give-cache-setting.php 1 year ago class-give-cache.php 9 months ago class-give-cli-commands.php 1 year ago class-give-comment.php 9 months ago class-give-cron.php 9 months ago class-give-donate-form.php 1 year ago class-give-donor.php 2 years ago class-give-email-access.php 5 years ago class-give-license-handler.php 1 month ago class-give-logging.php 9 months ago class-give-readme-parser.php 4 years ago class-give-roles.php 5 months ago class-give-scripts.php 2 weeks ago class-give-session.php 9 months ago class-give-stats.php 6 years ago class-give-template-loader.php 6 years ago class-give-tooltips.php 6 years ago class-give-translation.php 4 years ago class-notices.php 9 months ago country-functions.php 7 months ago currencies-list.php 7 months ago currency-functions.php 3 years ago error-tracking.php 6 years ago filters.php 9 months ago formatting.php 9 months ago install.php 9 months ago login-register.php 2 years ago misc-functions.php 1 month ago plugin-compatibility.php 6 years ago post-types.php 1 year ago price-functions.php 6 years ago process-donation.php 1 year ago setting-functions.php 6 years ago shortcodes.php 1 year ago template-functions.php 1 year ago user-functions.php 3 years ago
login-register.php
414 lines
1 <?php
2 /**
3 * Login / Register Functions
4 *
5 * @package Give
6 * @subpackage Functions/Login
7 * @copyright Copyright (c) 2016, GiveWP
8 * @license https://opensource.org/licenses/gpl-license GNU Public License
9 * @since 1.0
10 */
11
12 // Exit if accessed directly.
13 if ( ! defined( 'ABSPATH' ) ) {
14 exit;
15 }
16
17 /**
18 * Login Form
19 *
20 * @since 1.0
21 * @global $give_login_redirect
22 * @global $give_logout_redirect
23 *
24 * @param string $login_redirect Login redirect page URL
25 * @param string $logout_redirect Logout redirect page URL
26 *
27 * @return string Login form
28 */
29 function give_login_form( $login_redirect = '', $logout_redirect = '' ) {
30
31 if ( empty( $login_redirect ) ) {
32 $login_redirect = add_query_arg( 'give-login-success', 'true', give_get_history_page_uri() );
33 }
34
35 if ( empty( $logout_redirect ) ) {
36 $logout_redirect = add_query_arg( 'give-logout-success', 'true', give_get_current_page_url() );
37 }
38
39 // Add user_logout action to logout url.
40 $logout_redirect = add_query_arg(
41 array(
42 'give_action' => 'user_logout',
43 'give_logout_nonce' => wp_create_nonce( 'give-logout-nonce' ),
44 'give_logout_redirect' => urlencode( $logout_redirect ),
45 ),
46 home_url( '/' )
47 );
48
49 ob_start();
50
51 give_get_template(
52 'shortcode-login',
53 array(
54 'give_login_redirect' => $login_redirect,
55 'give_logout_redirect' => $logout_redirect,
56 )
57 );
58
59 return apply_filters( 'give_login_form', ob_get_clean() );
60 }
61
62 /**
63 * Registration Form
64 *
65 * @since 2.0
66 * @global $give_register_redirect
67 *
68 * @param string $redirect Redirect page URL
69 *
70 * @return string Register form
71 */
72 function give_register_form( $redirect = '' ) {
73 if ( empty( $redirect ) ) {
74 $redirect = give_get_current_page_url();
75 }
76
77 ob_start();
78
79 if ( ! is_user_logged_in() ) {
80 give_get_template(
81 'shortcode-register',
82 array(
83 'give_register_redirect' => $redirect,
84 )
85 );
86 }
87
88 return apply_filters( 'give_register_form', ob_get_clean() );
89 }
90
91 /**
92 * Process Login Form
93 *
94 * @since 1.0
95 *
96 * @param array $data Data sent from the login form
97 *
98 * @return void
99 */
100 function give_process_login_form( $data ) {
101
102 if ( wp_verify_nonce( $data['give_login_nonce'], 'give-login-nonce' ) ) {
103
104 // Set Receipt Access Session.
105 if ( ! empty( $_GET['donation_id'] ) ) {
106 Give()->session->set( 'receipt_access', true );
107 }
108
109 $user_data = get_user_by( 'login', $data['give_user_login'] );
110
111 if ( ! $user_data ) {
112 $user_data = get_user_by( 'email', $data['give_user_login'] );
113 }
114
115 if ( $user_data ) {
116
117 $user_id = $user_data->ID;
118
119 if ( wp_check_password( $data['give_user_pass'], $user_data->user_pass, $user_id ) ) {
120 give_log_user_in( $user_data->ID, $data['give_user_login'], $data['give_user_pass'] );
121 } else {
122 give_set_error( 'password_incorrect', __( 'The password you entered is incorrect.', 'give' ) );
123 }
124 } else {
125 give_set_error( 'username_incorrect', __( 'The username you entered does not exist.', 'give' ) );
126 }
127
128 // Check for errors and redirect if none present.
129 $errors = give_get_errors();
130
131 if ( ! $errors ) {
132 $redirect = apply_filters( 'give_login_redirect', $data['give_login_redirect'], $user_id );
133 wp_redirect( $redirect );
134 give_die();
135 }
136 }
137 }
138
139 add_action( 'give_user_login', 'give_process_login_form' );
140
141
142 /**
143 * Process User Logout
144 *
145 * @since 1.0
146 *
147 * @param array $data Data sent from the give login form page
148 *
149 * @return void
150 */
151 function give_process_user_logout( $data ) {
152 if ( wp_verify_nonce( $data['give_logout_nonce'], 'give-logout-nonce' ) && is_user_logged_in() ) {
153
154 // Prevent occurring of any custom action on wp_logout.
155 remove_all_actions( 'wp_logout' );
156
157 /**
158 * Fires before processing user logout.
159 *
160 * @since 1.0
161 */
162 do_action( 'give_before_user_logout' );
163
164 // Logout user.
165 wp_logout();
166
167 /**
168 * Fires after processing user logout.
169 *
170 * @since 1.0
171 */
172 do_action( 'give_after_user_logout' );
173
174 wp_redirect( $data['give_logout_redirect'] );
175 give_die();
176 }
177 }
178
179 add_action( 'give_user_logout', 'give_process_user_logout' );
180
181 /**
182 * Log User In
183 *
184 * @since 1.0
185 *
186 * @param int $user_id User ID
187 * @param string $user_login Username
188 * @param string $user_pass Password
189 *
190 * @return bool
191 */
192 function give_log_user_in( $user_id, $user_login, $user_pass ) {
193
194 if ( $user_id < 1 ) {
195 return false;
196 }
197
198 wp_set_auth_cookie( $user_id );
199 wp_set_current_user( $user_id, $user_login );
200
201 /**
202 * Fires after the user has successfully logged in.
203 *
204 * @since 1.0
205 *
206 * @param string $user_login Username.
207 * @param WP_User $$user WP_User object of the logged-in user.
208 */
209 do_action( 'wp_login', $user_login, get_userdata( $user_id ) );
210
211 /**
212 * Fires after give user has successfully logged in.
213 *
214 * @since 1.0
215 *
216 * @param int $$user_id User id.
217 * @param string $user_login Username.
218 * @param string $user_pass User password.
219 */
220 do_action( 'give_log_user_in', $user_id, $user_login, $user_pass );
221 }
222
223
224 /**
225 * Process Register Form
226 *
227 * @since 2.0
228 *
229 * @param array $data Data sent from the register form
230 *
231 * @return bool
232 */
233 function give_process_register_form( $data ) {
234
235 if ( is_user_logged_in() ) {
236 return false;
237 }
238
239 if ( empty( $_POST['give_register_submit'] ) ) {
240 return false;
241 }
242
243 /**
244 * Fires before processing user registration.
245 *
246 * @since 1.0
247 */
248 do_action( 'give_pre_process_register_form' );
249
250 if ( empty( $data['give_user_login'] ) ) {
251 give_set_error( 'empty_username', esc_html__( 'Invalid username.', 'give' ) );
252 }
253
254 if ( username_exists( $data['give_user_login'] ) ) {
255 give_set_error( 'username_unavailable', esc_html__( 'Username already taken.', 'give' ) );
256 }
257
258 if ( ! validate_username( $data['give_user_login'] ) ) {
259 give_set_error( 'username_invalid', esc_html__( 'Invalid username.', 'give' ) );
260 }
261
262 if ( email_exists( $data['give_user_email'] ) ) {
263 give_set_error( 'email_unavailable', esc_html__( 'Email address already taken.', 'give' ) );
264 }
265
266 if ( empty( $data['give_user_email'] ) || ! is_email( $data['give_user_email'] ) ) {
267 give_set_error( 'email_invalid', esc_html__( 'Invalid email.', 'give' ) );
268 }
269
270 if ( ! empty( $data['give_payment_email'] ) && $data['give_payment_email'] != $data['give_user_email'] && ! is_email( $data['give_payment_email'] ) ) {
271 give_set_error( 'payment_email_invalid', esc_html__( 'Invalid payment email.', 'give' ) );
272 }
273
274 if ( empty( $_POST['give_user_pass'] ) ) {
275 give_set_error( 'empty_password', esc_html__( 'Please enter a password.', 'give' ) );
276 }
277
278 if ( ( ! empty( $_POST['give_user_pass'] ) && empty( $_POST['give_user_pass2'] ) ) || ( $_POST['give_user_pass'] !== $_POST['give_user_pass2'] ) ) {
279 give_set_error( 'password_mismatch', esc_html__( 'Passwords don\'t match.', 'give' ) );
280 }
281
282 /**
283 * Fires while processing user registration.
284 *
285 * @since 1.0
286 */
287 do_action( 'give_process_register_form' );
288
289 // Check for errors and redirect if none present
290 $errors = give_get_errors();
291
292 if ( empty( $errors ) ) {
293
294 $redirect = apply_filters( 'give_register_redirect', $data['give_redirect'] );
295
296 give_register_and_login_new_user(
297 array(
298 'user_login' => $data['give_user_login'],
299 'user_pass' => $data['give_user_pass'],
300 'user_email' => $data['give_user_email'],
301 'user_registered' => date( 'Y-m-d H:i:s' ),
302 'role' => get_option( 'default_role' ),
303 )
304 );
305
306 wp_redirect( $redirect );
307 give_die();
308 }
309 }
310
311 add_action( 'give_user_register', 'give_process_register_form' );
312
313
314 /**
315 * Email access login form.
316 *
317 * @since 1.8.17
318 *
319 * @return bool
320 */
321 function give_email_access_login() {
322
323 // Verify nonce.
324 if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( $_POST['_wpnonce'], 'give' ) ) {
325 return false;
326 }
327
328 // Need email to proceed.
329 $email = isset( $_POST['give_email'] ) ? give_clean( $_POST['give_email'] ) : '';
330 if ( empty( $email ) ) {
331 give_set_error( 'give_empty_email', __( 'Please enter the email address you used for your donation.', 'give' ) );
332 }
333
334 $recaptcha_key = give_get_option( 'recaptcha_key' );
335 $recaptcha_secret = give_get_option( 'recaptcha_secret' );
336 $enable_recaptcha = ( give_is_setting_enabled( give_get_option( 'enable_recaptcha' ) ) ) && ! empty( $recaptcha_key ) && ! empty( $recaptcha_secret ) ? true : false;
337
338 // Use reCAPTCHA.
339 if ( $enable_recaptcha ) {
340
341 $args = array(
342 'secret' => $recaptcha_secret,
343 'response' => $_POST['g-recaptcha-response'],
344 'remoteip' => $_POST['give_ip'],
345 );
346
347 if ( ! empty( $args['response'] ) ) {
348 $request = wp_remote_post(
349 'https://www.google.com/recaptcha/api/siteverify',
350 array(
351 'body' => $args,
352 )
353 );
354 if ( ! is_wp_error( $request ) || 200 == wp_remote_retrieve_response_code( $request ) ) {
355
356 $response = json_decode( $request['body'], true );
357
358 // reCAPTCHA fail.
359 if ( ! $response['success'] ) {
360 give_set_error( 'give_recaptcha_test_failed', apply_filters( 'give_recaptcha_test_failed_message', __( 'reCAPTCHA test failed.', 'give' ) ) );
361 }
362 } else {
363
364 // Connection issue.
365 give_set_error( 'give_recaptcha_connection_issue', apply_filters( 'give_recaptcha_connection_issue_message', __( 'Unable to connect to reCAPTCHA server.', 'give' ) ) );
366
367 } // End if().
368 } else {
369
370 give_set_error( 'give_recaptcha_failed', apply_filters( 'give_recaptcha_failed_message', __( 'It looks like the reCAPTCHA test has failed.', 'give' ) ) );
371
372 } // End if().
373 } // End if().
374
375 // If no errors or only expired token key error - then send email.
376 if ( ! give_get_errors() ) {
377
378 $donor = Give()->donors->get_donor_by( 'email', $email );
379 Give()->email_access->init();
380
381 // Verify that donor object is present and donor is connected with its user profile or not.
382 if ( is_object( $donor ) ) {
383
384 // Verify that email can be sent.
385 if ( ! Give()->email_access->can_send_email( $donor->id ) ) {
386
387 $_POST['email-access-exhausted'] = true;
388
389 return false;
390
391 } else {
392 // Send the email. Requests not
393 $email_sent = Give()->email_access->send_email( $donor->id, $donor->email );
394
395 if ( ! $email_sent ) {
396 give_set_error( 'give_email_access_send_issue', __( 'Unable to send email. Please try again.', 'give' ) );
397 return false;
398 }
399
400 $_POST['email-access-sent'] = true;
401
402 return true;
403 }
404 } else {
405
406 give_set_error( 'give-no-donations', __( 'We were unable to find any donations associated with the email address provided. Please try again using another email.', 'give' ) );
407
408 }
409 } // End if().
410
411 }
412
413 add_action( 'give_email_access_form_login', 'give_email_access_login' );
414