PageRenderTime 26ms CodeModel.GetById 15ms app.highlight 9ms RepoModel.GetById 1ms app.codeStats 0ms

/wp-content/plugins/openid/login.php

https://github.com/alx/alexgirard.com-blog
PHP | 225 lines | 152 code | 38 blank | 35 comment | 28 complexity | aabc997e62bde4b8e05982d08057b431 MD5 | raw file
  1<?php
  2/**
  3 * All the code required for handling logins via wp-login.php.  These functions should not be considered public, 
  4 * and may change without notice.
  5 */
  6
  7
  8// add OpenID input field to wp-login.php
  9add_action( 'login_head', 'openid_wp_login_head');
 10add_action( 'login_form', 'openid_wp_login_form');
 11add_action( 'register_form', 'openid_wp_register_form');
 12add_action( 'register_post', 'openid_register_post');
 13add_action( 'wp_authenticate', 'openid_wp_authenticate' );
 14add_action( 'openid_finish_auth', 'openid_finish_login' );
 15add_filter( 'registration_errors', 'openid_registration_errors');
 16add_action( 'init', 'openid_login_errors' );
 17add_filter( 'openid_consumer_return_urls', 'openid_wp_login_return_url' );
 18
 19// WordPress 2.5 has wp_authenticate in the wrong place
 20if (strpos($wp_version, '2.5') === 0) {
 21	add_action( 'init', 'wp25_login_openid' );
 22}
 23
 24
 25/**
 26 * If we're doing openid authentication ($_POST['openid_identifier'] is set), start the consumer & redirect
 27 * Otherwise, return and let WordPress handle the login and/or draw the form.
 28 *
 29 * @param string $credentials username and password provided in login form
 30 */
 31function openid_wp_authenticate(&$credentials) {
 32	if (array_key_exists('openid_consumer', $_REQUEST)) {
 33		finish_openid('login');
 34	} else if (!empty($_POST['openid_identifier'])) {
 35		openid_start_login( $_POST['openid_identifier'], 'login', array('redirect_to' => $_REQUEST['redirect_to']), site_url('/wp-login.php', 'login_post'));
 36	}
 37}
 38
 39function openid_login_errors() {
 40	$self = basename( $GLOBALS['pagenow'] );
 41		
 42	if ($self != 'wp-login.php') return;
 43
 44	if ($_REQUEST['openid_error']) {
 45		global $error;
 46		$error = $_REQUEST['openid_error'];
 47	}
 48
 49	if ($_REQUEST['registration_closed']) {
 50		global $error;
 51		$error = __('OpenID authentication valid, but unable to find a WordPress account associated with this OpenID.', 'openid')
 52			. '<br /><br />'
 53			. __('Enable "Anyone can register" to allow creation of new accounts via OpenID.', 'openid');
 54	}
 55}
 56
 57function openid_wp_login_head() {
 58	openid_style();
 59	wp_enqueue_script('jquery.xpath', openid_plugin_url() . '/f/jquery.xpath.min.js', 
 60		array('jquery'), OPENID_PLUGIN_REVISION);
 61	wp_print_scripts(array('jquery.xpath'));
 62}
 63
 64/**
 65 * Add OpenID input field to wp-login.php
 66 *
 67 * @action: login_form
 68 **/
 69function openid_wp_login_form() {
 70	global $wp_version;
 71
 72	echo '<hr id="openid_split" style="clear: both; margin-bottom: 1.5em; border: 0; border-top: 1px solid #999; height: 1px;" />';
 73
 74	echo '
 75	<p>
 76		<label style="display: block; margin-bottom: 5px;">' . __('Or login using an OpenID:', 'openid') . '</label>
 77		<input type="text" name="openid_identifier" id="openid_identifier" class="input openid_identifier" value="" size="20" tabindex="25" /></label>
 78	</p>
 79
 80	<p style="font-size: 0.8em;" id="what_is_openid">
 81		<a href="http://openid.net/what/" target="_blank">'.__('What is OpenID?', 'openid').'</a>
 82	</p>';
 83}
 84
 85
 86/**
 87 * Add information about registration to wp-login.php?action=register 
 88 *
 89 * @action: register_form
 90 **/
 91function openid_wp_register_form() {
 92	global $wp_version;
 93
 94	if (get_option('openid_required_for_registration')) {
 95		$label = __('Register using an OpenID:', 'openid');
 96		echo '
 97		<script type="text/javascript">
 98			jQuery(function() {
 99				jQuery("#user_login/..").hide();
100				jQuery("#user_email/..").hide();
101				jQuery("#reg_passmail").hide();
102				var link = jQuery("#nav a:first");
103				jQuery("#nav").text("").append(link);
104			});
105		</script>';
106	} else {
107		$label = __('Or register using an OpenID:', 'openid');
108
109		echo '<hr id="openid_split" style="clear: both; margin-bottom: 1.5em; border: 0; border-top: 1px solid #999; height: 1px;" />';
110
111		echo '
112		<script type="text/javascript">
113			jQuery(function() {
114				jQuery("#reg_passmail").insertBefore("#openid_split");
115				jQuery("p.submit").clone().insertBefore("#openid_split");
116			});
117		</script>';
118	}
119
120	echo '
121	<p>
122		<label style="display: block; margin-bottom: 5px;">' . $label . '</label>
123		<input type="text" name="openid_identifier" id="openid_identifier" class="input openid_identifier" value="" size="20" tabindex="25" /></label>
124	</p>
125
126	<p style="float: left; font-size: 0.8em;" id="what_is_openid">
127		<a href="http://openid.net/what/" target="_blank">'.__('What is OpenID?', 'openid').'</a>
128	</p>';
129
130}
131
132
133/**
134 * Action method for completing the 'login' action.  This action is used when a user is logging in from
135 * wp-login.php.
136 *
137 * @param string $identity_url verified OpenID URL
138 */
139function openid_finish_login($identity_url) {
140	if ($_REQUEST['action'] != 'login') return;
141
142	$redirect_to = urldecode($_REQUEST['redirect_to']);
143		
144	if (empty($identity_url)) {
145		$url = get_option('siteurl') . '/wp-login.php?openid_error=' . urlencode(openid_message());
146		wp_safe_redirect($url);
147		exit;
148	}
149		
150	openid_set_current_user($identity_url);
151
152	if (!is_user_logged_in()) {
153		if ( get_option('users_can_register') ) {
154			$user_data =& openid_get_user_data($identity_url);
155			$user = openid_create_new_user($identity_url, $user_data);
156			openid_set_current_user($user->ID);
157		} else {
158			// TODO - Start a registration loop in WPMU.
159			$url = get_option('siteurl') . '/wp-login.php?registration_closed=1';
160			wp_safe_redirect($url);
161			exit;
162		}
163
164	}
165		
166	if (empty($redirect_to)) {
167		$redirect_to = 'wp-admin/';
168	}
169	if ($redirect_to == 'wp-admin/') {
170		if (!current_user_can('edit_posts')) {
171			$redirect_to .= 'profile.php';
172		}
173	}
174	if (!preg_match('#^(http|\/)#', $redirect_to)) {
175		$wpp = parse_url(get_option('siteurl'));
176		$redirect_to = $wpp['path'] . '/' . $redirect_to;
177	}
178
179	wp_safe_redirect( $redirect_to );
180	exit;
181}
182
183
184/**
185 * Intercept login requests on wp-login.php if they include an 'openid_identifier' 
186 * value and start OpenID authentication.  This hook is only necessary in 
187 * WordPress 2.5.x because it has the 'wp_authenticate' action call in the 
188 * wrong place.
189 */
190function wp25_login_openid() {
191	$self = basename( $GLOBALS['pagenow'] );
192		
193	if ($self == 'wp-login.php' && !empty($_POST['openid_identifier'])) {
194		wp_signon(array('user_login'=>'openid', 'user_password'=>'openid'));
195	}
196}
197
198function openid_registration_errors($errors) {
199	if (get_option('openid_required_for_registration')) {
200		$errors = new WP_Error();
201
202		if (empty($_POST['openid_identifier'])) {
203			$errors->add('openid_only', __('<strong>ERROR</strong>: ', 'openid') . __('New users must register using OpenID.', 'openid'));
204		}
205	}
206
207	if (!empty($_POST['openid_identifier'])) {
208		$errors->add('invalid_openid', __('<strong>ERROR</strong>: ', 'openid') . openid_message());
209	}
210
211	return $errors;
212}
213
214function openid_register_post($errors) {
215	if (!empty($_POST['openid_identifier'])) {
216		wp_signon(array('user_login'=>'openid', 'user_password'=>'openid'));
217	}
218}
219
220function openid_wp_login_return_url($urls) {
221	$url = site_url('/wp-login.php', 'login_post');
222	$urls[] = $url;
223	return $urls;
224}
225?>