PluginProbe ʕ •ᴥ•ʔ
Wp Social Login and Register Social Counter / 2.2.4
Wp Social Login and Register Social Counter v2.2.4
trunk 1.2.5 1.2.6 1.2.7 1.2.8 1.2.9 1.3.0 1.3.1 1.3.10 1.3.11 1.3.2 1.3.3 1.3.4 1.3.6 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.4 1.4.5 1.4.6 1.4.8 1.4.9 1.5.0 1.6.0 1.6.1 1.7.0 1.7.1 1.7.2 1.7.3 1.7.4 1.8.0 1.8.1 1.8.2 1.8.3 1.8.5 1.8.6 1.9.0 2.0.0 2.1.0 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.8 2.2.9 3.0.0 3.0.2 3.0.3 3.0.4 3.0.5 3.0.6 3.0.7 3.0.8 3.0.9 3.1.0 3.1.1 3.1.2 3.1.3 3.1.4 3.1.5 3.1.6 3.1.7 3.1.8 3.1.9 3.2.0
wp-social / inc / admin-create-user.php
wp-social / inc Last commit date
elementor 3 years ago admin-create-shortcode.php 7 years ago admin-create-user.php 3 years ago admin-custom-function.php 3 years ago admin-rest-api.php 4 years ago admin-settings.php 3 years ago admin-social-button.php 3 years ago admin-social-enque-script.php 5 years ago counter-widget.php 3 years ago counter.php 3 years ago custom-function.php 4 years ago login-widget.php 3 years ago login.php 5 years ago share-widget.php 3 years ago share.php 3 years ago
admin-create-user.php
818 lines
1 <?php
2
3 use WP_Social\App\Settings;
4 use WP_Social\Lib\Login\Line_App;
5
6 defined('ABSPATH') || exit;
7
8 /**
9 * session stat for current redirect URL after login from social.
10 *
11 * @since : 1.0
12 */
13 session_start();
14
15
16 if(isset($_GET['XScurrentPage']) and strlen(sanitize_url($_GET['XScurrentPage'])) > 2) {
17
18 $_SESSION['xs_social_login_ref_url'] = sanitize_url($_GET['XScurrentPage']);
19 $_SESSION['xs_social']['login_ref_url'] = sanitize_url($_GET['XScurrentPage']);
20 }
21
22 //wordpress default redirect_to param
23 if(!empty($_GET['redirect_to'])) {
24
25 $_SESSION['xs_social']['redirect_to'] = urldecode(sanitize_url($_GET['redirect_to']));
26 }
27
28
29 /**
30 * Variable Name: $currentURL
31 * Variable Details: get Current URL from session data after login by social
32 *
33 * @since : 1.0
34 */
35 $currentURL = isset($_SESSION['xs_social_login_ref_url']) ? sanitize_url($_SESSION['xs_social_login_ref_url']) : get_site_url();
36
37 /**
38 * Wp Function: is_user_logged_in();
39 * Function Details: check user login. If user is login after redirect current URL by $currentURL
40 *
41 * @since : 1.0
42 */
43
44 if(is_user_logged_in()) {
45 if(wp_redirect($currentURL)) {
46 exit;
47 }
48 }
49
50 /**
51 * Variable Name : $xs_config
52 * Variable Type : Array
53 *
54 * @since : 1.0
55 */
56 $xs_config = [];
57
58 if(!empty($typeSocial)) {
59 if($typeSocial == 'lineapp' && !empty($code)){
60 create_line_app_user($code, $typeSocial);
61 }
62
63 /**
64 * Variable Name : $provider_data
65 * Variable Type : Array
66 * @return : array() $provider_data . Get array from socail provider data ""
67 *
68 * @since : 1.0
69 */
70 $provider_data = Settings::get_login_settings_data();
71
72 /**
73 * Variable Name : $callBackUrl
74 * Variable Type : String
75 * Variable Details : Create dynamic callback URL for all social services.
76 *
77 * @since : 1.0
78 */
79 $callBackUrl = get_site_url() . '/wp-json/wslu-social-login/type/' . $typeSocial;
80
81 /**
82 * Variable Name : $serviceType
83 * Variable Type : Array
84 * @return : array(). Get array from custom function page "admin-custom-function.php"
85 *
86 * @since : 1.0
87 */
88 $serviceType = \WP_Social\App\Providers::get_core_providers_login();
89
90 /**
91 * check array key from $serviceType by social type . For Example: facebook
92 *
93 * @since : 1.0
94 */
95 if(array_key_exists($typeSocial, $serviceType)) {
96 $socialType = $serviceType[$typeSocial];
97 }
98
99 /**
100 * API configration for Facebook, Twitter, Linkedin, Dribble, Pinterest, Wordpress, Instagram, GitHub, Vkontakte and Reddit
101 *
102 * @since : 1.0
103 */
104
105 /**
106 * Set callback URL in array "$xs_config" for configration API
107 *
108 * @since : 1.0
109 */
110 $xs_config['callback'] = $callBackUrl;
111
112 /**
113 * Create array for API Providers for all service using foreach by variable "$serviceType"
114 *
115 * @since : 1.0
116 */
117 foreach($serviceType as $serviceKey => $serviceValue) :
118 $idData = 'id';
119 if($serviceKey == 'twitter') {
120 $idData = 'key';
121 }
122
123 $config_para = [
124 'enabled' => true,
125 'keys' => [
126 $idData => isset($provider_data[$serviceKey]['id']) ? $provider_data[$serviceKey]['id'] : '',
127 'secret' => isset($provider_data[$serviceKey]['secret']) ? $provider_data[$serviceKey]['secret'] : '',
128 ],
129 ];
130
131 if( $serviceKey == 'linkedin' ) {
132 $config_para['scope'] = 'r_liteprofile r_emailaddress'; // optional
133 }
134
135 $xs_config['providers'][$serviceValue] = $config_para;
136
137 endforeach;
138 }
139
140
141 /**
142 * Config API
143 *
144 * @since : 1.0
145 */
146 $code = isset($_GET['code']) ? sanitize_text_field($_GET['code']) : '';
147
148 if(strlen($socialType) > 0) {
149
150 try {
151 $hybridauth = new Hybridauth\Hybridauth($xs_config);
152
153 $adapter = $hybridauth->authenticate($socialType);
154
155 $isConnected = $adapter->isConnected();
156
157 if($isConnected) :
158 $getProfile = $adapter->getUserProfile();
159
160 if(is_object($getProfile) && !empty($getProfile)) {
161
162 /**
163 * Variable Name : $setting_data
164 * Variable Type : Array
165 * @return : array() $setting_data . Get array from social global setting data "xs_global_setting_data"
166 *
167 * @since : 1.0
168 */
169 $setting_data = get_option(\WP_Social\Keys::OK_GLOBAL_SETTINGS);
170
171 /**
172 * Resolve it before resetting the session
173 */
174 $final_redirect = resolve_redirect_url($_SESSION, $setting_data);
175
176
177 /**
178 * Now cleaning the session
179 *
180 */
181 xs_login_session_handaler();
182
183 $avatar_obj = \WP_Social\App\Avatar::instance();
184
185 $first_name = $avatar_obj->get_nice_name($getProfile, $socialType);
186 $last_name = $avatar_obj->get_last_name($getProfile, $socialType);
187 $s_user_key = $avatar_obj->get_username($getProfile, $socialType);
188 $display_nm = $avatar_obj->get_display_name($getProfile, $socialType);
189 $user_email = $getProfile->email;
190 $description = $getProfile->description;
191
192 $user_info = $avatar_obj->get_linked_user($s_user_key, $socialType);
193
194 $user = false;
195 if (isset($user_info['username'])) {
196 $user = get_user_by('login', $user_info['username']);
197 }
198
199 if ( !$user) {
200
201 /**
202 * This is a registration process
203 * this user never? had registered with us
204 *
205 * Lets check if user's social profile email is existed in our system
206 * If it does we just let him log in
207 */
208 $user_id = email_exists($user_email);
209
210 if($user_id) {
211
212 $user_nameD = xs_login_get_user_data_email($user_email, 'user_login');
213
214 $avatar_obj->update_linked_user($s_user_key, $socialType, ['id' => $user_id, 'usr' => $user_nameD]);
215
216 xs_user_login($user_nameD, $final_redirect);
217
218 die('Most unlikely error occurred in your case.');
219 }
220
221 /**
222 * It turns out this user does not used his email in our system
223 * So lets make him a new username for login
224 *
225 */
226 $user_nm = $avatar_obj->get_available_username($getProfile, $socialType);
227
228 /**
229 * Grabbing the default role settings for new user
230 * Though it is working with wp_insert_user still adding this as per Ataur bhai
231 *
232 */
233 $default_role = get_option('default_role', '');
234
235 $insertData = [];
236 $insertData['first_name'] = $first_name;
237 $insertData['last_name'] = $last_name;
238 $insertData['user_nicename'] = $user_nm;
239 $insertData['user_email'] = $user_email;
240 $insertData['display_name'] = $display_nm;
241 $insertData['description'] = $description;
242
243 /**
244 * User does not exists with prepared username or
245 * email from social site in our system
246 *
247 * Save the image from social site a attachment
248 * lets make a random password
249 * now create a new user
250 *
251 */
252 $password = wp_generate_password();
253 $insertData['user_login'] = $user_nm;
254 $insertData['user_pass'] = $password;
255 $insertData['role'] = $default_role;
256
257 /**
258 * Make the avatar url
259 * and save the image as attachment
260 */
261 $avatar_url = $avatar_obj->get_avatar_url($getProfile, $socialType);
262 if(get_option('wp_social_login_sync_image_too') == 'yes') {
263 $attach = save_image_from_url_as_attachment($avatar_url);
264 }else{
265 $attach['error'] = true;
266 }
267
268 //$checkUser = xs_login_create_user($insertData);
269 $checkUser = xs_social_create_user($insertData);
270
271 if($checkUser > 0) {
272 /**
273 * User created successful
274 * Update user meta
275 * Notify admin a new user has been created
276 * Notify user? [AR: a customer asked!]
277 *
278 */
279
280 if(empty($attach['error'])) {
281
282 update_user_meta($checkUser, 'xs_social_register_by', $socialType);
283 update_user_meta($checkUser, 'xs_social_profile_image', $attach['url']);
284 update_user_meta($checkUser, 'xs_social_profile_image_id', $attach['attachment_id']);
285 } else {
286 update_user_meta($checkUser, 'xs_social_profile_image', '');
287 update_user_meta($checkUser, 'xs_social_profile_image_error_log', $socialType . '::' . $attach['error']);
288 }
289
290 $avatar_obj->update_linked_user($s_user_key, $socialType, ['id' => $checkUser, 'usr' => $user_nm]);
291
292 /**
293 * As we have created the user with a random password and they are registering with social credential
294 * so there is no use of change of password
295 */
296 update_user_meta($checkUser, 'xs_password_changed', 'yes');
297
298 notify_new_user_to_user($insertData);
299
300 $wp_social_login_settings = get_option('xs_global_setting_data');
301
302 if (isset($wp_social_login_settings['email_new_registered_user']['enable']) && $wp_social_login_settings['email_new_registered_user']['enable'] == 1) {
303 notify_new_user_to_admin($checkUser, $socialType);
304 }
305
306 xs_user_login($user_nm, $final_redirect);
307
308 die('Most most unlikely error occurred in your case. user registration done but login failed!!');
309 }
310
311 die('New user creation failed!');
312
313 } else {
314
315 $id = $user->data->ID;
316
317 update_user_meta($id, 'xs_social_register_by', $socialType);
318
319 if(get_option('wp_social_login_sync') == 'yes') {
320
321
322 update_user_meta($id, 'first_name', $first_name);
323 update_user_meta($id, 'last_name', $last_name);
324 update_user_meta($id, 'display_name', $display_nm);
325 update_user_meta($id, 'description', $description);
326
327
328 if(get_option('wp_social_login_sync_image_too') == 'yes') {
329 $avatar_url = $avatar_obj->get_avatar_url($getProfile, $socialType);
330 $attach = save_image_from_url_as_attachment($avatar_url);
331
332 if(empty($attach['error'])) {
333 wp_delete_attachment(get_user_meta($id, 'xs_social_profile_image_id'));
334 update_user_meta($id, 'xs_social_profile_image', $attach['url']);
335 update_user_meta($id, 'xs_social_profile_image_id', $attach['attachment_id']);
336 }
337 }
338 }
339
340 /**
341 * Proceeding to login
342 *
343 */
344
345 $user_name = $user_info['username'];
346
347 xs_user_login($user_name, $final_redirect);
348
349 die('Most unlikely error occurred in your case.');
350 }
351
352 } else {
353 die('System Error for Callback!');
354 }
355
356 endif;
357
358 $adapter->disconnect();
359
360 } catch(\Exception $e) {
361 echo esc_html('Oops, we ran into an issue!' . $e->getMessage());
362 }
363 }
364
365
366 /**
367 * Function Name : xs_login_create_user();
368 * Function Details : create new user from socail login and check enable wp new create new users.
369 *
370 * @params : array() $userdata. For user information
371 *
372 * @return : int() if success then user id else 0
373 *
374 * @since : 1.0
375 */
376
377 function xs_login_create_user($userdata) {
378
379 // todo - permission checking removed for registering user : consult with CTO
380
381 $user_id = wp_insert_user($userdata);
382
383 if(!is_wp_error($user_id)) {
384
385 update_user_meta($user_id, 'xs_password_changed', 'no');
386
387 return $user_id;
388 }
389
390 return 0;
391 }
392
393
394 add_action('init', 'xs_login_create_user');
395
396 /**
397 * Function Name : xs_login_get_user_data();
398 * Function Details : Get user information when user already exists into database
399 *
400 * @params : String() $loginName. User login name
401 *
402 * @return : String() User information by set filed from database table.
403 *
404 * @since : 1.0
405 */
406 function xs_login_get_user_data($loginName, $getFiled = 'user_login') {
407 $users = get_user_by('login', $loginName);
408 if(empty($users)) {
409 return '';
410 }
411
412 return $users->data->$getFiled;
413 }
414
415
416 /**
417 *
418 * @since 1.3.8
419 *
420 * @param $loginName
421 * @param string $field
422 *
423 * @return string
424 */
425 function xs_login_get_user_field($loginName, $field = 'user_login') {
426
427 $users = get_user_by('login', $loginName);
428
429 if(empty($users)) {
430 return '';
431 }
432
433 return $users->data->$field;
434 }
435
436
437 add_action('init', 'xs_login_get_user_data');
438
439 /**
440 * Function Name : xs_login_get_user_data_email();
441 * Function Details : Get user information when email already exists into database
442 *
443 * @params : String() $email. User login name
444 *
445 * @return : String() User information by set filed from database table.
446 *
447 * @since : 1.0
448 */
449 function xs_login_get_user_data_email($email, $getFiled = 'user_login') {
450 $users = get_user_by('email', $email);
451 if(empty($users)) {
452 return '';
453 }
454
455 return $users->data->$getFiled;
456 }
457
458
459 add_action('init', 'xs_login_get_user_data');
460 /**
461 * Function Name : xs_user_login();
462 * Function Details : User login function by wp_signon();
463 *
464 * @params : String() $user_name. User login name
465 * @params : String() $password. User password
466 *
467 * @return : True | False
468 *
469 * @since : 1.0
470 */
471 function xs_user_login($user_name, $redirect_to = '') {
472 if(strlen($user_name) == 0) {
473 die('User name is empty!');
474 }
475
476 $username = $user_name;
477 $user = get_user_by('login', $username);
478
479
480 if(!is_wp_error($user)) {
481 wp_clear_auth_cookie();
482 wp_set_current_user($user->ID);
483 wp_set_auth_cookie($user->ID);
484
485 $redirect_to = empty($redirect_to) ? user_admin_url() : $redirect_to;
486 wp_safe_redirect($redirect_to);
487 exit();
488 }
489 }
490
491
492 add_action('init', 'xs_user_login');
493
494
495 /**
496 * Get file extension fro a image that is rendering from a php url
497 *
498 * @since 1.0.0
499 *
500 * @param $url
501 *
502 * @return array|string
503 */
504 function get_file_ext_from_url($url) {
505
506 $extension = '';
507 $headers = wp_get_http_headers($url);
508 $mime_type = $headers['content-type'];
509
510 foreach(wp_get_mime_types() as $ext => $mime) {
511 if($mime == $mime_type) {
512
513 $extension = explode('|', $ext);
514
515 return $extension[0];
516 }
517 }
518
519 return $extension;
520 }
521
522
523 /**
524 * Save a image php url as a attachment of post
525 *
526 * @since 1.0.0
527 *
528 * @param $url
529 * @param string $unique_name - name with extension
530 * @param int $post_id - default 0
531 *
532 * @return array
533 */
534 function save_image_from_url_as_attachment($url, $unique_name = '', $post_id = 0) {
535
536 require_once(ABSPATH . "wp-admin" . '/includes/image.php');
537 require_once(ABSPATH . "wp-admin" . '/includes/file.php');
538 require_once(ABSPATH . "wp-admin" . '/includes/media.php');
539
540 $ext = get_file_ext_from_url($url);
541 $tmp = download_url($url);
542
543 $name = empty($unique_name) ? '__tmp_' . time() . '.' . $ext : $unique_name;
544
545 $file_array = array(
546 'name' => $name,
547 'tmp_name' => $tmp,
548 );
549
550
551 /**
552 * Check for download errors
553 * if there are error unlink the temp file name
554 */
555 if(is_wp_error($tmp)) {
556 @unlink($file_array['tmp_name']);
557
558 return [
559 'error' => $tmp->get_error_message(),
560 ];
561 }
562
563 /**
564 * now we can actually use media_handle_sideload
565 * we pass it the file array of the file to handle
566 * and the post id of the post to attach it to
567 * $post_id can be set to '0' to not attach it to any particular post
568 */
569 $id = media_handle_sideload($file_array, $post_id);
570
571 /**
572 * We don't want to pass something to $id
573 * if there were upload errors.
574 * So this checks for errors
575 */
576 if(is_wp_error($id)) {
577 @unlink($file_array['tmp_name']);
578
579 return [
580 'error' => $id->get_error_message(),
581 ];
582 }
583
584 /**
585 * No we can get the url of the sideloaded file
586 * $value now contains the file url in WordPress
587 * $id is the attachment id
588 */
589 $value = wp_get_attachment_url($id);
590
591
592 return [
593 'url' => $value,
594 'attachment_id' => $id,
595 ];
596 }
597
598
599 function xs_login_session_handaler() {
600
601 session_unset();
602
603 // do we ever need the below?
604 if(isset($_SESSION['xs_social_login_ref_url'])) {
605 unset($_SESSION['xs_social_login_ref_url']);
606 }
607 }
608
609
610 /**
611 *
612 * @since 1.3.7
613 *
614 * @param $user_info
615 *
616 * @return int
617 */
618 function xs_social_create_user($user_info) {
619
620 /*
621 * todo - ask Ataur bhai - do we allow insert user without permission with social? it make sense to do so
622 *
623 */
624 $getPermissionRegisterWP = get_option('users_can_register', 0);
625
626 if($getPermissionRegisterWP == 0) {
627
628 // return 0;
629 }
630
631 $user_id = wp_insert_user($user_info);
632
633 if(is_wp_error($user_id)) {
634
635 return 0;
636 }
637
638
639 return $user_id;
640 }
641
642
643 /**
644 * Checking the parameter and settings to find the correct redirect url
645 *
646 * @since 1.3.8
647 *
648 * @param $session
649 * @param $setting
650 *
651 * @return string
652 */
653 function resolve_redirect_url($session, $setting) {
654
655 /**
656 * First priority to wordpress default redirect_to param
657 * Second priority to custom login settings url
658 * Third priority to XScurrentPage param [AR : not sure where it is used though!]
659 * And lastly site home page
660 *
661 */
662
663 if(!empty($session['xs_social']['redirect_to'])) {
664
665 $final_redirect = $session['xs_social']['redirect_to'];
666
667 } elseif(!empty($setting['custom_login_url']['enable']) && !empty($setting['custom_login_url']['data'])) {
668
669 $final_redirect = $setting['custom_login_url']['data'];
670
671 } elseif(!empty($session['xs_social']['login_ref_url'])) {
672
673 $final_redirect = $session['xs_social']['login_ref_url'];
674
675 } else {
676
677 $final_redirect = user_admin_url();
678 }
679
680 return $final_redirect;
681 }
682
683
684 /**
685 *
686 * @since 1.3.8
687 *
688 */
689 function clear_social_session_data() {
690
691 if(!empty($_SESSION['xs_social'])) {
692
693 unset($_SESSION['xs_social']);
694 }
695 }
696
697
698 /**
699 *
700 * @since 1.3.7
701 *
702 * @param $user_id
703 *
704 * @return mixed
705 */
706 function notify_new_user_to_admin($user_id, $social_type) {
707
708 wp_new_user_notification($user_id, null, 'both');
709
710 return true;
711 }
712
713
714 /**
715 *
716 * @since 1.3.7
717 *
718 *
719 * @param array $info_array
720 *
721 * @return bool
722 */
723 function notify_new_user_to_user($info_array = []) {
724
725 /*
726 * todo - complete it after discussion
727 */
728
729 return true;
730 }
731
732
733 function create_line_app_user($code, $socialType) {
734
735 $lineapp = new Line_App();
736 $user = $lineapp->get_user_info($code);
737
738 if (empty($user->email)) {
739 die('Please allow line app email permission');
740 }
741
742 $final_redirect = get_site_url() . '/wp-admin';
743
744 $old_user = get_user_by('email', $user->email);
745
746 if ($old_user == false) {
747 $default_role = get_option('default_role', '');
748 $nicename = $user->name . time();
749 $password = wp_generate_password();
750
751 $insertData = [
752 'first_name' => $user->name,
753 'user_nicename' => $nicename,
754 'user_email' => $user->email,
755 'display_name' => $user->name,
756 'user_login' => $user->email,
757 'user_pass' => $password,
758 'role' => $default_role
759 ];
760
761 $attach = save_image_from_url_as_attachment($user->picture);
762
763 $user_id = xs_social_create_user($insertData);
764
765 if ($user_id > 0) {
766 if (empty($attach['error'])) {
767
768 update_user_meta($user_id, 'xs_social_register_by', $socialType);
769 update_user_meta($user_id, 'xs_social_profile_image', $attach['url']);
770 update_user_meta($user_id, 'xs_social_profile_image_id', $attach['attachment_id']);
771 } else {
772 update_user_meta($user_id, 'xs_social_profile_image', '');
773 update_user_meta($user_id, 'xs_social_profile_image_error_log', $socialType . '::' . $attach['error']);
774 }
775 $wp_social_login_settings = get_option('xs_global_setting_data');
776
777 if (isset($wp_social_login_settings['email_new_registered_user']['enable']) && $wp_social_login_settings['email_new_registered_user']['enable'] == 1) {
778 notify_new_user_to_admin($user_id, $socialType);
779 }
780
781 xs_user_login($user->email, $final_redirect);
782
783 die('Most most unlikely error occurred in your case. user registration done but login failed!!');
784 }
785 } else {
786
787 $id = $old_user->data->ID;
788
789 update_user_meta($id, 'xs_social_register_by', $socialType);
790
791 if (get_option('wp_social_login_sync') == 'yes') {
792
793
794 update_user_meta($id, 'first_name', $user->name);
795 update_user_meta($id, 'display_name', $user->name);
796
797
798 if(get_option('wp_social_login_sync_image_too') == 'yes') {
799 $attach = save_image_from_url_as_attachment($user->picture);
800
801 if (empty($attach['error'])) {
802 wp_delete_attachment(get_user_meta($id, 'xs_social_profile_image_id'));
803 update_user_meta($id, 'xs_social_profile_image', $attach['url']);
804 update_user_meta($id, 'xs_social_profile_image_id', $attach['attachment_id']);
805 }
806 }
807 }
808
809 /**
810 * Proceeding to login
811 *
812 */
813
814 xs_user_login($old_user->data->user_login, $final_redirect);
815
816 die('Most unlikely error occurred in your case.');
817 }
818 }