PageRenderTime 51ms CodeModel.GetById 26ms RepoModel.GetById 1ms app.codeStats 0ms

/theme/register.php

https://github.com/robertholf/RB-Login
PHP | 312 lines | 223 code | 56 blank | 33 comment | 49 complexity | dad0476b78f3d43ea2c505d3ff99a6d5 MD5 | raw file
  1. <?php
  2. // *************************************************************************************************** //
  3. // Prepare Page
  4. /* Load registration file. */
  5. //require_once( ABSPATH . WPINC . '/registration.php' );
  6. /* Get Options */
  7. $rb_login_options_arr = get_option('rb_login_options');
  8. //Sidebar
  9. $rb_login_option_profilemanage_sidebar = $rb_login_options_arr['rb_login_option_profilemanage_sidebar'];
  10. //Facebook Integration
  11. $rb_login_option_fb_app_id = $rb_login_options_arr['rb_login_option_fb_app_id'];
  12. $rb_login_option_fb_app_secret = $rb_login_options_arr['rb_login_option_fb_app_secret'];
  13. $rb_login_option_fb_app_register_uri = $rb_login_options_arr['rb_login_option_fb_app_register_uri'];
  14. $rb_login_option_fb_registerallow = $rb_login_options_arr['rb_login_option_fb_registerallow'];
  15. //+Registration
  16. // - show/hide registration for Agent/Producers
  17. $rb_login_option_registerallowAgentProducer = $registration['rb_login_option_registerallowAgentProducer'];
  18. // - show/hide self-generate password
  19. $rb_login_option_registerconfirm = (int)$rb_login_options_arr['rb_login_option_registerconfirm'];
  20. if($rb_login_option_fb_registerallow == 1){
  21. if(!class_exists("FacebookApiException")){
  22. require_once(ABSPATH."wp-content/plugins/".rb_login_TEXTDOMAIN."/tasks/facebook.php");
  23. }
  24. }
  25. /* Check if users can register. */
  26. $registration = get_option( 'users_can_register' );
  27. define('FACEBOOK_APP_ID', $rb_login_option_fb_app_id);
  28. define('FACEBOOK_SECRET', $rb_login_option_fb_app_secret);
  29. function parse_signed_request($signed_request, $secret) {
  30. list($encoded_sig, $payload) = explode('.', $signed_request, 2);
  31. // decode the data
  32. $sig = base64_url_decode($encoded_sig);
  33. $data = json_decode(base64_url_decode($payload), true);
  34. if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
  35. error_log('Unknown algorithm. Expected HMAC-SHA256');
  36. return null;
  37. }
  38. // check sig
  39. $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
  40. if ($sig !== $expected_sig) {
  41. error_log('Bad Signed JSON signature!');
  42. return null;
  43. }
  44. return $data;
  45. }
  46. function base64_url_decode($input) {
  47. return base64_decode(strtr($input, '-_', '+/'));
  48. }
  49. #DEBUG !
  50. if ($_REQUEST) {
  51. echo '<p>signed_request contents:</p>';
  52. $response = parse_signed_request($_REQUEST['signed_request'], FACEBOOK_SECRET);
  53. print_r($_REQUEST);
  54. echo '<pre>';
  55. print_r($response);
  56. echo '</pre>';
  57. }
  58. /*
  59. */
  60. /* If user registered, input info. */
  61. if ( 'POST' == $_SERVER['REQUEST_METHOD'] && !empty( $_POST['action'] ) && $_POST['action'] == 'adduser' ) {
  62. $user_login = $_POST['profile_user_name'];
  63. $first_name = $_POST['profile_first_name'];
  64. $last_name = $_POST['profile_last_name'];
  65. $user_email = $_POST['profile_email'];
  66. $user_pass = NULL;
  67. if ($rb_login_option_registerconfirm == 1) {
  68. $user_pass = $_POST['profile_password'];
  69. } else {
  70. $user_pass = wp_generate_password();
  71. }
  72. $userdata = array(
  73. 'user_pass' => esc_attr( $user_pass ),
  74. 'user_login' => esc_attr( $user_login ),
  75. 'first_name' => esc_attr( $first_name ),
  76. 'last_name' => esc_attr( $last_name ),
  77. 'user_email' => esc_attr( $user_email ),
  78. 'role' => get_option( 'default_role' )
  79. );
  80. // Error checking
  81. $error = "";
  82. $have_error = false;
  83. if (!$userdata['user_login']) {
  84. $error .= __("A username is required for registration.<br />", rb_login_TEXTDOMAIN);
  85. $have_error = true;
  86. }
  87. if ( username_exists($userdata['user_login'])) {
  88. $error .= __("Sorry, that username already exists!<br />", rb_login_TEXTDOMAIN);
  89. $have_error = true;
  90. }
  91. if ( !is_email($userdata['user_email'], true)) {
  92. $error .= __("You must enter a valid email address.<br />", rb_login_TEXTDOMAIN);
  93. $have_error = true;
  94. }
  95. if ( email_exists($userdata['user_email'])) {
  96. $error .= __("Sorry, that email address is already used!<br />", rb_login_TEXTDOMAIN);
  97. $have_error = true;
  98. }
  99. if ( $_POST['profile_agree'] <> "yes") {
  100. $error .= __("You must agree to the terms and conditions to register.<br />", rb_login_TEXTDOMAIN);
  101. $have_error = true;
  102. }
  103. // Bug Free!
  104. if($have_error == false){
  105. $new_user = wp_insert_user( $userdata );
  106. $new_user_type = $_POST['profile_type'];
  107. // Model or Client
  108. update_user_meta($new_user, 'rb_login_interact_profiletype', $new_user_type);
  109. // Log them in if no confirmation required.
  110. if ($rb_login_option_registerconfirm == 1) {
  111. global $error;
  112. $login = wp_login( $user_login, $user_pass );
  113. $login = wp_signon( array( 'user_login' => $user_login, 'user_password' => $user_pass, 'remember' => 1 ), false );
  114. }
  115. // Notify admin and user
  116. wp_new_user_notification($new_user, $user_pass);
  117. }
  118. // Log them in if no confirmation required.
  119. if ($rb_login_option_registerconfirm == 1) {
  120. if($login){
  121. header("Location: ". get_bloginfo("wpurl"). "/dashboard/");
  122. }
  123. }
  124. }
  125. // *************************************************************************************************** //
  126. // Prepare Page
  127. get_header();
  128. echo "<div id=\"container\" class=\"one-column rb-login rb-login-register\">\n";
  129. echo " <div id=\"content\">\n";
  130. // ****************************************************************************************** //
  131. // Already logged in
  132. if ( is_user_logged_in() && !current_user_can( 'create_users' ) ) {
  133. echo " <p class=\"log-in-out alert\">\n";
  134. echo " ". __("You are currently logged in as .", rb_login_TEXTDOMAIN) ." <a href=\"/dashboard/\" title=\"". $login->display_name ."\">". $login->display_name ."</a>\n";
  135. //printf( __("You are logged in as <a href="%1$s" title="%2$s">%2$s</a>. You don\'t need another account.', rb_login_TEXTDOMAIN), get_author_posts_url( $curauth->ID ), $user_identity );
  136. echo " <a href=\"". wp_logout_url( get_permalink() ) ."\" title=\"". __("Log out of this account", rb_login_TEXTDOMAIN) ."\">". __("Log out", rb_login_TEXTDOMAIN) ." &raquo;</a>\n";
  137. echo " </p><!-- .alert -->\n";
  138. } elseif ( $new_user ) {
  139. echo " <p class=\"alert\">\n";
  140. if ( current_user_can( 'create_users' ) )
  141. printf( __("A user account for %1$s has been created.", rb_login_TEXTDOMAIN), $_POST['user-name'] );
  142. else
  143. printf( __("Thank you for registering, %1$s.", rb_login_TEXTDOMAIN), $_POST['user-name'] );
  144. echo "<br/>";
  145. printf( __("Please check your email address. That's where you'll recieve your login password.<br/> (It might go into your spam folder)", rb_login_TEXTDOMAIN) );
  146. echo " </p><!-- .alert -->\n";
  147. } else {
  148. if ( $error ) {
  149. echo "<p class=\"error\">". $error ."</p>\n";
  150. }
  151. // Show some admin loving.... (Admins can create)
  152. if ( current_user_can("create_users") && $registration ) {
  153. echo " <p class=\"alert\">\n";
  154. echo " ". __("Users can register themselves or you can manually create users here.", rb_login_TEXTDOMAIN);
  155. echo " </p><!-- .alert -->\n";
  156. } elseif ( current_user_can("create_users")) {
  157. echo " <p class=\"alert\">\n";
  158. echo " ". __("Users cannot currently register themselves, but you can manually create users here.", rb_login_TEXTDOMAIN);
  159. echo " </p><!-- .alert -->\n";
  160. }
  161. echo " <form method=\"post\" id=\"adduser\" class=\"user-forms\" action=\"". $rb_login_WPURL ."/register/\">\n";
  162. echo " <p class=\"form-username\">\n";
  163. echo " <label for=\"profile_user_name\">". __("Username (required)", rb_login_TEXTDOMAIN) ."</label>\n";
  164. echo " <input class=\"text-input\" name=\"profile_user_name\" type=\"text\" id=\"profile_user_name\" value=\""; if ( $error ) echo wp_specialchars( $_POST['profile_user_name'], 1 ); echo "\" />\n";
  165. echo " </p><!-- .form-username -->\n";
  166. if ($rb_login_option_registerconfirm == 1) {
  167. echo " <p class=\"form-password\">\n";
  168. echo " <label for=\"profile_password\">". __("Password (required)", rb_login_TEXTDOMAIN) ."</label>\n";
  169. echo " <input class=\"text-input\" name=\"profile_password\" type=\"password\" id=\"profile_password\" value=\""; if ( $error ) echo wp_specialchars( $_POST['profile_password'], 1 ); echo "\" />\n";
  170. echo " </p><!-- .form-username -->\n";
  171. }
  172. echo " <p class=\"profile_first_name\">\n";
  173. echo " <label for=\"profile_first_name\">". __("First Name", rb_login_TEXTDOMAIN) ."</label>\n";
  174. echo " <input class=\"text-input\" name=\"profile_first_name\" type=\"text\" id=\"profile_first_name\" value=\""; if ( $error ) echo wp_specialchars( $_POST['profile_first_name'], 1 ); echo "\" />\n";
  175. echo " </p><!-- .profile_first_name -->\n";
  176. echo " <p class=\"profile_last_name\">\n";
  177. echo " <label for=\"profile_last_name\">". __("Last Name", rb_login_TEXTDOMAIN) ."</label>\n";
  178. echo " <input class=\"text-input\" name=\"profile_last_name\" type=\"text\" id=\"profile_last_name\" value=\""; if ( $error ) echo wp_specialchars( $_POST['profile_last_name'], 1 ); echo "\" />\n";
  179. echo " </p><!-- .profile_last_name -->\n";
  180. echo " <p class=\"form-email\">\n";
  181. echo " <label for=\"email\">". __("E-mail (required)", rb_login_TEXTDOMAIN) ."</label>\n";
  182. echo " <input class=\"text-input\" name=\"profile_email\" type=\"text\" id=\"profile_email\" value=\""; if ( $error ) echo wp_specialchars( $_POST['profile_email'], 1 ); echo "\" />\n";
  183. echo " </p><!-- .form-email -->\n";
  184. echo " <p class=\"form-profile_type\">\n";
  185. echo " <label for=\"profile_type\">". __("Type of User", rb_login_TEXTDOMAIN) ."</label>\n";
  186. echo " <select name=\"profile_type\">\n";
  187. $target = get_query_var("typeofprofile");
  188. if ($target == "User"){
  189. echo " <option value=\"0\">". __("User", rb_login_TEXTDOMAIN) ."</option>\n";
  190. } elseif($target == "Admin") {
  191. echo " <option value=\"1\">". __("Admin", rb_login_TEXTDOMAIN) ."</option>\n";
  192. } else {
  193. echo " <option value=\"0\">". __("User", rb_login_TEXTDOMAIN) ."</option>\n";
  194. echo " <option value=\"1\">". __("Admin", rb_login_TEXTDOMAIN) ."</option>\n";
  195. }
  196. echo " </select>\n";
  197. echo " </p><!-- .form-profile_type -->\n";
  198. echo " <p class=\"form-profile_agree\">\n";
  199. $profile_agree = get_the_author_meta("profile_agree", $current_user->ID );
  200. echo " <input type=\"checkbox\" name=\"profile_agree\" value=\"yes\" /> ". sprintf(__("I agree to the %s terms of service", rb_login_TEXTDOMAIN), "<a href=\"/terms-of-use/\" target=\"_blank\">") ."</a>\n";
  201. echo " </p><!-- .form-profile_agree -->\n";
  202. echo " <p class=\"form-submit\">\n";
  203. echo " <input name=\"adduser\" type=\"submit\" id=\"addusersub\" class=\"submit button\" value=\"";
  204. if ( current_user_can("create_users") ) { _e("Add User", rb_login_TEXTDOMAIN); } else { _e("Register", rb_login_TEXTDOMAIN); } echo "\" />\n";
  205. wp_nonce_field("add-user");
  206. $fb_app_register_uri = "";
  207. if($rb_login_option_fb_app_register_uri == 1){
  208. $fb_app_register_uri = $rb_login_option_fb_app_register_uri;
  209. }else{
  210. $fb_app_register_uri = network_site_url("/")."register/";
  211. }
  212. // Allow facebook login/registration
  213. if($rb_login_option_fb_registerallow ==1){
  214. echo "<div>\n";
  215. echo "<span>Or</span>\n";
  216. echo "<div id=\"fb_RegistrationForm\">\n";
  217. if ($rb_login_option_registerconfirm == 1) { // With custom password fields
  218. echo "<iframe src=\"https://www.facebook.com/plugins/registration?client_id=".$rb_login_option_fb_app_id."&redirect_uri=".$fb_app_register_uri."&fields=[ {'name':'name'}, {'name':'email'}, {'name':'location'}, {'name':'gender'}, {'name':'birthday'}, {'name':'username', 'description':'Username', 'type':'text'},{'name':'password'},{'name':'tos','description':'I agree to the terms of service','type':'checkbox'}]\"
  219. scrolling=\"auto\"
  220. frameborder=\"no\"
  221. style=\"border:none\"
  222. allowTransparency=\"true\"
  223. width=\"100%\"
  224. height=\"330\">
  225. </iframe>";
  226. }else{
  227. echo "<iframe src=\"https://www.facebook.com/plugins/registration?client_id=".$rb_login_option_fb_app_id."&redirect_uri=".$fb_app_register_uri."&fields=[ {'name':'name'}, {'name':'email'}, {'name':'location'}, {'name':'gender'}, {'name':'birthday'}, {'name':'username', 'description':'Username', 'type':'text'},{'name':'password'},{'name':'tos','description':'I agree to the terms of service','type':'checkbox'}]\"
  228. scrolling=\"auto\"
  229. frameborder=\"no\"
  230. style=\"border:none\"
  231. allowTransparency=\"true\"
  232. width=\"100%\"
  233. height=\"330\">
  234. </iframe>";
  235. }
  236. echo "</div>\n";
  237. }
  238. echo " <input name=\"action\" type=\"hidden\" id=\"action\" value=\"adduser\" />\n";
  239. echo " </p><!-- .form-submit -->\n";
  240. // Facebook connect
  241. echo " </form><!-- #adduser -->\n";
  242. } //
  243. echo " </div><!-- #content -->\n";
  244. echo "</div><!-- #container -->\n";
  245. // Get Sidebar
  246. $LayoutType = "";
  247. if ($rb_login_option_profilemanage_sidebar) {
  248. echo " <div id=\"sidebar\" class=\"manage\">\n";
  249. $LayoutType = "profile";
  250. get_sidebar();
  251. echo " </div>\n";
  252. }
  253. // Get Footer
  254. get_footer();
  255. ?>