mirror of
https://github.com/WordPress/WordPress.git
synced 2024-11-13 22:26:06 +01:00
Allowing more hooks into authentication - Hat tip: http://dev.webadmin.ufl.edu/~dwc/2005/03/02/authentication-plugins/
git-svn-id: http://svn.automattic.com/wordpress/trunk@2425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
0ee45ebf10
commit
53eef6d943
@ -51,16 +51,20 @@ case 'update':
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($_POST["pass1"] == "") {
|
$pass1 = $_POST["pass1"];
|
||||||
if ($_POST["pass2"] != "")
|
$pass2 = $_POST["pass2"];
|
||||||
|
do_action('check_passwords', array($user_login, &$pass1, &$pass2));
|
||||||
|
|
||||||
|
if ( '' == $pass1 ) {
|
||||||
|
if ( '' == $pass2 )
|
||||||
die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
|
die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
|
||||||
$updatepassword = "";
|
$updatepassword = "";
|
||||||
} else {
|
} else {
|
||||||
if ($_POST["pass2"] == "")
|
if ('' == $pass2)
|
||||||
die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
|
die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
|
||||||
if ($_POST["pass1"] != $_POST["pass2"])
|
if ( $pass1 != $pass2 )
|
||||||
die (__("<strong>ERROR</strong>: you typed two different passwords. Go back to correct that."));
|
die (__("<strong>ERROR</strong>: you typed two different passwords. Go back to correct that."));
|
||||||
$newuser_pass = $_POST["pass1"];
|
$newuser_pass = $pass1;
|
||||||
$updatepassword = "user_pass=MD5('$newuser_pass'), ";
|
$updatepassword = "user_pass=MD5('$newuser_pass'), ";
|
||||||
wp_clearcookie();
|
wp_clearcookie();
|
||||||
wp_setcookie($user_login, $newuser_pass);
|
wp_setcookie($user_login, $newuser_pass);
|
||||||
@ -225,12 +229,17 @@ if (isset($updated)) { ?>
|
|||||||
<th scope="row"><?php _e('Profile:') ?></th>
|
<th scope="row"><?php _e('Profile:') ?></th>
|
||||||
<td><textarea name="user_description" rows="5" id="textarea2" style="width: 99%; "><?php echo $profiledata->user_description ?></textarea></td>
|
<td><textarea name="user_description" rows="5" id="textarea2" style="width: 99%; "><?php echo $profiledata->user_description ?></textarea></td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<?php
|
||||||
|
$show_password_fields = apply_filters('show_password_fields', true);
|
||||||
|
if ( $show_password_fields ) :
|
||||||
|
?>
|
||||||
<tr>
|
<tr>
|
||||||
<th scope="row"><?php _e('New <strong>Password</strong> (Leave blank to stay the same.)') ?></th>
|
<th scope="row"><?php _e('New <strong>Password</strong> (Leave blank to stay the same.)') ?></th>
|
||||||
<td><input type="password" name="pass1" size="16" value="" />
|
<td><input type="password" name="pass1" size="16" value="" />
|
||||||
<br />
|
<br />
|
||||||
<input type="password" name="pass2" size="16" value="" /></td>
|
<input type="password" name="pass2" size="16" value="" /></td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<?php endif; ?>
|
||||||
</table>
|
</table>
|
||||||
<p class="submit">
|
<p class="submit">
|
||||||
<input type="submit" value="<?php _e('Update Profile »') ?>" name="submit" />
|
<input type="submit" value="<?php _e('Update Profile »') ?>" name="submit" />
|
||||||
|
@ -34,20 +34,24 @@ if (empty($_POST["new_nickname"])) {
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($_POST['pass1'] == '') {
|
$new_user_login = wp_specialchars($_POST['new_user_login']);
|
||||||
if ($_POST['pass2'] != '')
|
$pass1 = $_POST['pass1'];
|
||||||
|
$pass2 = $_POST['pass2'];
|
||||||
|
do_action('check_passwords', array($new_user_login, &$pass1, &$pass2));
|
||||||
|
|
||||||
|
if ( '' == $pass1 ) {
|
||||||
|
if ( '' == $pass2 )
|
||||||
die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
|
die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
|
||||||
$updatepassword = '';
|
$updatepassword = '';
|
||||||
} else {
|
} else {
|
||||||
if ($_POST['pass2'] == "")
|
if ( '' == $pass2)
|
||||||
die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
|
die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
|
||||||
if ($_POST['pass1'] != $_POST['pass2'])
|
if ( $pass1 != $pass2 )
|
||||||
die (__("<strong>ERROR</strong>: you typed two different passwords. Go back to correct that."));
|
die (__("<strong>ERROR</strong>: you typed two different passwords. Go back to correct that."));
|
||||||
$new_pass = $_POST["pass1"];
|
$new_pass = $pass1;
|
||||||
$updatepassword = "user_pass=MD5('$new_pass'), ";
|
$updatepassword = "user_pass=MD5('$new_pass'), ";
|
||||||
}
|
}
|
||||||
|
|
||||||
$new_user_login = wp_specialchars($_POST['new_user_login']);
|
|
||||||
$new_firstname = wp_specialchars($_POST['new_firstname']);
|
$new_firstname = wp_specialchars($_POST['new_firstname']);
|
||||||
$new_lastname = wp_specialchars($_POST['new_lastname']);
|
$new_lastname = wp_specialchars($_POST['new_lastname']);
|
||||||
$new_nickname = $_POST['new_nickname'];
|
$new_nickname = $_POST['new_nickname'];
|
||||||
@ -180,12 +184,17 @@ if ($edituser->user_level >= $user_level) die( __('You do not have permission to
|
|||||||
</select>
|
</select>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<?php
|
||||||
|
$show_password_fields = apply_filters('show_password_fields', true);
|
||||||
|
if ( $show_password_fields ) :
|
||||||
|
?>
|
||||||
<tr>
|
<tr>
|
||||||
<th scope="row"><?php _e('New <strong>Password</strong> (Leave blank to stay the same.)') ?></th>
|
<th scope="row"><?php _e('New <strong>Password</strong> (Leave blank to stay the same.)') ?></th>
|
||||||
<td><input type="password" name="pass1" size="16" value="" />
|
<td><input type="password" name="pass1" size="16" value="" />
|
||||||
<br />
|
<br />
|
||||||
<input type="password" name="pass2" size="16" value="" /></td>
|
<input type="password" name="pass2" size="16" value="" /></td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<?php endif; ?>
|
||||||
</table>
|
</table>
|
||||||
<p class="submit">
|
<p class="submit">
|
||||||
<input type="hidden" name="action" value="update" />
|
<input type="hidden" name="action" value="update" />
|
||||||
|
@ -33,26 +33,24 @@ case 'adduser':
|
|||||||
$user_uri = wp_specialchars($_POST['uri']);
|
$user_uri = wp_specialchars($_POST['uri']);
|
||||||
|
|
||||||
/* checking login has been typed */
|
/* checking login has been typed */
|
||||||
if ($user_login == '') {
|
if ($user_login == '')
|
||||||
die (__('<strong>ERROR</strong>: Please enter a login.'));
|
die (__('<strong>ERROR</strong>: Please enter a login.'));
|
||||||
}
|
|
||||||
|
|
||||||
/* checking the password has been typed twice */
|
/* checking the password has been typed twice */
|
||||||
if ($pass1 == '' || $pass2 == '') {
|
do_action('check_passwords', array($user_login, &$pass1, &$pass2));
|
||||||
|
if ($pass1 == '' || $pass2 == '')
|
||||||
die (__('<strong>ERROR</strong>: Please enter your password twice.'));
|
die (__('<strong>ERROR</strong>: Please enter your password twice.'));
|
||||||
}
|
|
||||||
|
|
||||||
/* checking the password has been typed twice the same */
|
/* checking the password has been typed twice the same */
|
||||||
if ($pass1 != $pass2) {
|
if ($pass1 != $pass2)
|
||||||
die (__('<strong>ERROR</strong>: Please type the same password in the two password fields.'));
|
die (__('<strong>ERROR</strong>: Please type the same password in the two password fields.'));
|
||||||
}
|
|
||||||
$user_nickname = $user_login;
|
$user_nickname = $user_login;
|
||||||
|
|
||||||
/* checking the login isn't already used by another user */
|
/* checking the login isn't already used by another user */
|
||||||
$loginthere = $wpdb->get_var("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'");
|
$loginthere = $wpdb->get_var("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'");
|
||||||
if ($loginthere) {
|
if ($loginthere)
|
||||||
die (__('<strong>ERROR</strong>: This login is already registered, please choose another one.'));
|
die (__('<strong>ERROR</strong>: This login is already registered, please choose another one.'));
|
||||||
}
|
|
||||||
|
|
||||||
/* checking e-mail address */
|
/* checking e-mail address */
|
||||||
if (empty($_POST["email"])) {
|
if (empty($_POST["email"])) {
|
||||||
@ -75,14 +73,12 @@ case 'adduser':
|
|||||||
VALUES
|
VALUES
|
||||||
('$user_login', MD5('$pass1'), '$user_nickname', '$user_email', '$user_ip', '$user_domain', '$user_browser', '$now', '$new_users_can_blog', 'nickname', '$user_firstname', '$user_lastname', '$user_nicename', '$user_uri')");
|
('$user_login', MD5('$pass1'), '$user_nickname', '$user_email', '$user_ip', '$user_domain', '$user_browser', '$now', '$new_users_can_blog', 'nickname', '$user_firstname', '$user_lastname', '$user_nicename', '$user_uri')");
|
||||||
|
|
||||||
if ($result == false) {
|
if ($result == false)
|
||||||
die (__('<strong>ERROR</strong>: Couldn’t register you!'));
|
die (__('<strong>ERROR</strong>: Couldn’t register you!'));
|
||||||
}
|
|
||||||
|
|
||||||
$stars = '';
|
$stars = '';
|
||||||
for ($i = 0; $i < strlen($pass1); $i = $i + 1) {
|
for ($i = 0; $i < strlen($pass1); $i = $i + 1)
|
||||||
$stars .= '*';
|
$stars .= '*';
|
||||||
}
|
|
||||||
|
|
||||||
$user_login = stripslashes($user_login);
|
$user_login = stripslashes($user_login);
|
||||||
$message = 'New user registration on your blog ' . get_settings('blogname') . ":\r\n\r\n";
|
$message = 'New user registration on your blog ' . get_settings('blogname') . ":\r\n\r\n";
|
||||||
@ -308,12 +304,17 @@ echo "\n<tr $style>
|
|||||||
<th scope="row"><?php _e('Website') ?></th>
|
<th scope="row"><?php _e('Website') ?></th>
|
||||||
<td><input name="uri" type="text" id="uri" /></td>
|
<td><input name="uri" type="text" id="uri" /></td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<?php
|
||||||
|
$show_password_fields = apply_filters('show_password_fields', true);
|
||||||
|
if ( $show_password_fields ) :
|
||||||
|
?>
|
||||||
<tr>
|
<tr>
|
||||||
<th scope="row"><?php _e('Password (twice)') ?> </th>
|
<th scope="row"><?php _e('Password (twice)') ?> </th>
|
||||||
<td><input name="pass1" type="password" id="pass1" />
|
<td><input name="pass1" type="password" id="pass1" />
|
||||||
<br />
|
<br />
|
||||||
<input name="pass2" type="password" id="pass2" /></td>
|
<input name="pass2" type="password" id="pass2" /></td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<?php endif; ?>
|
||||||
</table>
|
</table>
|
||||||
<p class="submit">
|
<p class="submit">
|
||||||
<input name="adduser" type="submit" id="adduser" value="<?php _e('Add User') ?> »" />
|
<input name="adduser" type="submit" id="adduser" value="<?php _e('Add User') ?> »" />
|
||||||
|
12
wp-login.php
12
wp-login.php
@ -33,7 +33,7 @@ case 'logout':
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case 'lostpassword':
|
case 'lostpassword':
|
||||||
|
do_action('lost_password');
|
||||||
?>
|
?>
|
||||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||||
<html xmlns="http://www.w3.org/1999/xhtml">
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
||||||
@ -95,6 +95,8 @@ case 'retrievepassword':
|
|||||||
if (!$user_email || $user_email != $_POST['email'])
|
if (!$user_email || $user_email != $_POST['email'])
|
||||||
die(sprintf(__('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong username or e-mail address? <a href="%s">Try again</a>.'), 'wp-login.php?action=lostpassword'));
|
die(sprintf(__('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong username or e-mail address? <a href="%s">Try again</a>.'), 'wp-login.php?action=lostpassword'));
|
||||||
|
|
||||||
|
do_action('retreive_password', $user_login);
|
||||||
|
|
||||||
// Generate something random for a password... md5'ing current time with a rand salt
|
// Generate something random for a password... md5'ing current time with a rand salt
|
||||||
$key = substr( md5( uniqid( microtime() ) ), 0, 50);
|
$key = substr( md5( uniqid( microtime() ) ), 0, 50);
|
||||||
// now insert the new pass md5'd into the db
|
// now insert the new pass md5'd into the db
|
||||||
@ -106,8 +108,6 @@ case 'retrievepassword':
|
|||||||
|
|
||||||
$m = wp_mail($user_email, sprintf(__("[%s] Password Reset"), get_settings('blogname')), $message);
|
$m = wp_mail($user_email, sprintf(__("[%s] Password Reset"), get_settings('blogname')), $message);
|
||||||
|
|
||||||
do_action('retreive_password', $user_login);
|
|
||||||
|
|
||||||
if ($m == false) {
|
if ($m == false) {
|
||||||
echo '<p>' . __('The e-mail could not be sent.') . "<br />\n";
|
echo '<p>' . __('The e-mail could not be sent.') . "<br />\n";
|
||||||
echo __('Possible reason: your host may have disabled the mail() function...') . "</p>";
|
echo __('Possible reason: your host may have disabled the mail() function...') . "</p>";
|
||||||
@ -128,6 +128,8 @@ case 'resetpass' :
|
|||||||
if ( !$user )
|
if ( !$user )
|
||||||
die( __('Sorry, that key does not appear to be valid.') );
|
die( __('Sorry, that key does not appear to be valid.') );
|
||||||
|
|
||||||
|
do_action('password_reset');
|
||||||
|
|
||||||
$new_pass = substr( md5( uniqid( microtime() ) ), 0, 7);
|
$new_pass = substr( md5( uniqid( microtime() ) ), 0, 7);
|
||||||
$wpdb->query("UPDATE $wpdb->users SET user_pass = MD5('$new_pass'), user_activation_key = '' WHERE user_login = '$user->user_login'");
|
$wpdb->query("UPDATE $wpdb->users SET user_pass = MD5('$new_pass'), user_activation_key = '' WHERE user_login = '$user->user_login'");
|
||||||
$message = __('Login') . ": $user->user_login\r\n";
|
$message = __('Login') . ": $user->user_login\r\n";
|
||||||
@ -136,8 +138,6 @@ case 'resetpass' :
|
|||||||
|
|
||||||
$m = wp_mail($user->user_email, sprintf(__("[%s] Your new password"), get_settings('blogname')), $message);
|
$m = wp_mail($user->user_email, sprintf(__("[%s] Your new password"), get_settings('blogname')), $message);
|
||||||
|
|
||||||
do_action('password_reset');
|
|
||||||
|
|
||||||
if ($m == false) {
|
if ($m == false) {
|
||||||
echo '<p>' . __('The e-mail could not be sent.') . "<br />\n";
|
echo '<p>' . __('The e-mail could not be sent.') . "<br />\n";
|
||||||
echo __('Possible reason: your host may have disabled the mail() function...') . "</p>";
|
echo __('Possible reason: your host may have disabled the mail() function...') . "</p>";
|
||||||
@ -172,6 +172,8 @@ default:
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
do_action('wp_authenticate', array(&$user_login, &$user_pass));
|
||||||
|
|
||||||
if ($user_login && $user_pass) {
|
if ($user_login && $user_pass) {
|
||||||
$user = get_userdatabylogin($user_login);
|
$user = get_userdatabylogin($user_login);
|
||||||
if ( 0 == $user->user_level )
|
if ( 0 == $user->user_level )
|
||||||
|
Loading…
Reference in New Issue
Block a user