Version Description
- XSS Fix
- Added classes to tags in widget
- Improved/filtered register and lost password links
- Removed the outdated openid/fb code. Hook it in if you want it.
- Removed markup in favour of wp_login_form()
Download this release
Release Info
Developer | jolley_small |
Plugin | Sidebar Login |
Version | 2.4 |
Comparing to | |
See all releases |
Code changes from version 2.3.5 to 2.4
- js/sidebar-login.js +1 -1
- readme.txt +15 -3
- sidebar-login.php +35 -115
- style.css +3 -12
js/sidebar-login.js
CHANGED
@@ -22,7 +22,7 @@ jQuery(function(){
|
|
22 |
user_login: jQuery('input[name="log"]', thisform).val(),
|
23 |
user_password: jQuery('input[name="pwd"]', thisform).val(),
|
24 |
remember: remember,
|
25 |
-
redirect_to: jQuery('
|
26 |
};
|
27 |
|
28 |
// Ajax action
|
22 |
user_login: jQuery('input[name="log"]', thisform).val(),
|
23 |
user_password: jQuery('input[name="pwd"]', thisform).val(),
|
24 |
remember: remember,
|
25 |
+
redirect_to: jQuery('input[name="redirect_to"]', thisform).val()
|
26 |
};
|
27 |
|
28 |
// Ajax action
|
readme.txt
CHANGED
@@ -2,9 +2,11 @@
|
|
2 |
Contributors: mikejolley
|
3 |
Donate link: http://mikejolley.com/projects/sidebar-login-for-wordpress/
|
4 |
Tags: login, sidebar, widget, sidebar login, meta, form, register
|
5 |
-
Requires at least:
|
6 |
-
Tested up to: 3.
|
7 |
-
Stable tag: 2.
|
|
|
|
|
8 |
|
9 |
Easily add an ajax-enhanced login widget to your site's sidebar.
|
10 |
|
@@ -77,6 +79,16 @@ You will find a config page in tools/settings > Sidebar Login. Here you can set
|
|
77 |
|
78 |
== Changelog ==
|
79 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
80 |
= 2.3.5 =
|
81 |
* Use jsonp to enable login from http to https
|
82 |
* Fixed remember me logic (in js)
|
2 |
Contributors: mikejolley
|
3 |
Donate link: http://mikejolley.com/projects/sidebar-login-for-wordpress/
|
4 |
Tags: login, sidebar, widget, sidebar login, meta, form, register
|
5 |
+
Requires at least: 3.0
|
6 |
+
Tested up to: 3.4
|
7 |
+
Stable tag: 2.4
|
8 |
+
License: GPLv3
|
9 |
+
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
10 |
|
11 |
Easily add an ajax-enhanced login widget to your site's sidebar.
|
12 |
|
79 |
|
80 |
== Changelog ==
|
81 |
|
82 |
+
= 2.4 =
|
83 |
+
* XSS Fix
|
84 |
+
* Added classes to tags in widget
|
85 |
+
* Improved/filtered register and lost password links
|
86 |
+
* Removed the outdated openid/fb code. Hook it in if you want it.
|
87 |
+
* Removed markup in favour of wp_login_form()
|
88 |
+
|
89 |
+
= 2.3.6 =
|
90 |
+
* Sanitize REQUEST_URI/$pageURL
|
91 |
+
|
92 |
= 2.3.5 =
|
93 |
* Use jsonp to enable login from http to https
|
94 |
* Fixed remember me logic (in js)
|
sidebar-login.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
Plugin Name: Sidebar Login
|
4 |
Plugin URI: http://wordpress.org/extend/plugins/sidebar-login/
|
5 |
Description: Easily add an ajax-enhanced login widget to your site's sidebar.
|
6 |
-
Version: 2.
|
7 |
Author: Mike Jolley
|
8 |
Author URI: http://mikejolley.com
|
9 |
*/
|
@@ -95,7 +95,7 @@ function widget_wp_sidebarlogin($args) {
|
|
95 |
$redir = trim(stripslashes(get_option('sidebarlogin_logout_redirect')));
|
96 |
if (!$redir || empty($redir)) $redir = sidebar_login_current_url('nologout');
|
97 |
|
98 |
-
echo '<li class="page_item"><a href="'.wp_logout_url($redir).'">'
|
99 |
|
100 |
} else {
|
101 |
|
@@ -120,69 +120,51 @@ function widget_wp_sidebarlogin($args) {
|
|
120 |
// Get redirect URL
|
121 |
$redirect_to = trim(stripslashes(get_option('sidebarlogin_login_redirect')));
|
122 |
|
123 |
-
if (empty($redirect_to))
|
124 |
-
if (isset($_REQUEST['redirect_to']))
|
125 |
$redirect_to = esc_url( $_REQUEST['redirect_to'] );
|
126 |
else
|
127 |
$redirect_to = sidebar_login_current_url('nologout');
|
128 |
-
|
129 |
|
130 |
-
if ( force_ssl_admin() )
|
|
|
131 |
|
132 |
// login form
|
133 |
-
|
134 |
-
?>
|
135 |
-
<form method="post" action="<?php echo $sidebarlogin_post_url; ?>">
|
136 |
|
137 |
-
|
138 |
-
|
139 |
-
|
140 |
-
|
141 |
-
|
142 |
-
|
143 |
-
|
144 |
-
|
145 |
-
|
146 |
-
|
147 |
-
<input type="text" name="openid_identifier" id="openid_field" class="input mid" value="" /></label>
|
148 |
-
</p>
|
149 |
-
';
|
150 |
-
endif;
|
151 |
-
?>
|
152 |
-
|
153 |
-
<p class="rememberme"><input name="rememberme" class="checkbox" id="rememberme" value="forever" type="checkbox" /> <label for="rememberme"><?php echo $theremember; ?></label></p>
|
154 |
-
|
155 |
-
<p class="submit">
|
156 |
-
<input type="submit" name="wp-submit" id="wp-submit" value="<?php _e('Login »', 'sblogin'); ?>" />
|
157 |
-
<input type="hidden" name="redirect_to" class="redirect_to" value="<?php echo $redirect_to; ?>" />
|
158 |
-
<input type="hidden" name="sidebarlogin_posted" value="1" />
|
159 |
-
<input type="hidden" name="testcookie" value="1" />
|
160 |
-
</p>
|
161 |
-
|
162 |
-
<?php if (function_exists('fbc_init_auth')) do_action('fbc_display_login_button'); // Facebook Plugin ?>
|
163 |
|
164 |
-
|
165 |
-
|
166 |
// Output other links
|
167 |
$links = '';
|
168 |
-
if (get_option('users_can_register') && get_option('sidebarlogin_register_link')=='1') {
|
169 |
|
170 |
-
if (!is_multisite()) {
|
171 |
-
|
172 |
-
$links .= '<li><a href="'.
|
173 |
|
174 |
} else {
|
175 |
|
176 |
-
$links .= '<li><a href="'.
|
177 |
|
178 |
}
|
179 |
}
|
180 |
-
if (get_option('sidebarlogin_forgotton_link')=='1')
|
181 |
-
|
182 |
-
$links .= '<li><a href="'.wp_lostpassword_url().'" rel="nofollow">'. $thelostpass .'</a></li>';
|
183 |
|
184 |
-
|
185 |
-
|
186 |
}
|
187 |
|
188 |
// echo widget closing tag
|
@@ -231,69 +213,8 @@ function widget_wp_sidebarlogin_init() {
|
|
231 |
register_widget('SidebarLoginMultiWidget');
|
232 |
|
233 |
}
|
234 |
-
add_action('init', 'widget_wp_sidebarlogin_init', 1);
|
235 |
-
|
236 |
-
/* Login Action */
|
237 |
-
function widget_wp_sidebarlogin_check() {
|
238 |
-
|
239 |
-
if (isset($_POST['sidebarlogin_posted'])) {
|
240 |
-
|
241 |
-
global $login_errors;
|
242 |
-
|
243 |
-
// Get redirect URL
|
244 |
-
$redirect_to = trim(stripslashes(get_option('sidebarlogin_login_redirect')));
|
245 |
-
|
246 |
-
if (empty($redirect_to)) :
|
247 |
-
if (isset($_REQUEST['redirect_to']))
|
248 |
-
$redirect_to = esc_attr( $_REQUEST['redirect_to'] );
|
249 |
-
else
|
250 |
-
$redirect_to = sidebar_login_current_url('nologout');
|
251 |
-
endif;
|
252 |
-
|
253 |
-
// Check for Secure Cookie
|
254 |
-
$secure_cookie = '';
|
255 |
-
|
256 |
-
// If the user wants ssl but the session is not ssl, force a secure cookie.
|
257 |
-
if ( !empty($_POST['log']) && !force_ssl_admin() ) {
|
258 |
-
$user_name = sanitize_user($_POST['log']);
|
259 |
-
if ( $user = get_user_by('login', $user_name) ) {
|
260 |
-
if ( get_user_option('use_ssl', $user->ID) ) {
|
261 |
-
$secure_cookie = true;
|
262 |
-
force_ssl_admin(true);
|
263 |
-
}
|
264 |
-
}
|
265 |
-
}
|
266 |
-
|
267 |
-
if ( force_ssl_admin() ) $secure_cookie = true;
|
268 |
-
if ( $secure_cookie=='' && force_ssl_login() ) $secure_cookie = false;
|
269 |
-
|
270 |
-
// Login
|
271 |
-
$user = wp_signon('', $secure_cookie);
|
272 |
-
|
273 |
-
// Redirect filter
|
274 |
-
if ( $secure_cookie && strstr($redirect_to, 'wp-admin') ) $redirect_to = str_replace('http:', 'https:', $redirect_to);
|
275 |
-
|
276 |
-
// Check the username
|
277 |
-
if ( !$_POST['log'] ) :
|
278 |
-
$user = new WP_Error();
|
279 |
-
$user->add('empty_username', __('<strong>ERROR</strong>: Please enter a username.', 'sblogin'));
|
280 |
-
elseif ( !$_POST['pwd'] ) :
|
281 |
-
$user = new WP_Error();
|
282 |
-
$user->add('empty_username', __('<strong>ERROR</strong>: Please enter your password.', 'sblogin'));
|
283 |
-
endif;
|
284 |
-
|
285 |
-
// Redirect if successful
|
286 |
-
if ( !is_wp_error($user) ) :
|
287 |
-
wp_safe_redirect( apply_filters('login_redirect', $redirect_to, isset( $redirect_to ) ? $redirect_to : '', $user) );
|
288 |
-
exit;
|
289 |
-
endif;
|
290 |
-
|
291 |
-
$login_errors = $user;
|
292 |
-
|
293 |
-
}
|
294 |
-
}
|
295 |
-
add_action('init', 'widget_wp_sidebarlogin_check', 0);
|
296 |
|
|
|
297 |
|
298 |
/**
|
299 |
* Process ajax login
|
@@ -338,7 +259,7 @@ function sidebar_login_ajax_process() {
|
|
338 |
// Result
|
339 |
$result = array();
|
340 |
|
341 |
-
if ( !is_wp_error($user) ) :
|
342 |
$result['success'] = 1;
|
343 |
$result['redirect'] = $redirect_to;
|
344 |
else :
|
@@ -365,10 +286,9 @@ function sidebar_login_ajax_process() {
|
|
365 |
if ( !function_exists('sidebar_login_current_url') ) {
|
366 |
function sidebar_login_current_url( $url = '' ) {
|
367 |
|
368 |
-
$pageURL = 'http://';
|
369 |
-
$pageURL .= $_SERVER['HTTP_HOST'];
|
370 |
-
$pageURL .= $_SERVER['REQUEST_URI'];
|
371 |
-
if ( force_ssl_admin() ) $pageURL = str_replace( 'http:', 'https:', $pageURL );
|
372 |
|
373 |
if ($url != "nologout") {
|
374 |
if (!strpos($pageURL,'_login=')) {
|
@@ -378,6 +298,6 @@ if ( !function_exists('sidebar_login_current_url') ) {
|
|
378 |
}
|
379 |
}
|
380 |
|
381 |
-
return $pageURL;
|
382 |
}
|
383 |
}
|
3 |
Plugin Name: Sidebar Login
|
4 |
Plugin URI: http://wordpress.org/extend/plugins/sidebar-login/
|
5 |
Description: Easily add an ajax-enhanced login widget to your site's sidebar.
|
6 |
+
Version: 2.4
|
7 |
Author: Mike Jolley
|
8 |
Author URI: http://mikejolley.com
|
9 |
*/
|
95 |
$redir = trim(stripslashes(get_option('sidebarlogin_logout_redirect')));
|
96 |
if (!$redir || empty($redir)) $redir = sidebar_login_current_url('nologout');
|
97 |
|
98 |
+
echo '<li class="page_item"><a href=" ' . wp_logout_url( $redir ) . '">' . $thelogout . '</a></li></ul>';
|
99 |
|
100 |
} else {
|
101 |
|
120 |
// Get redirect URL
|
121 |
$redirect_to = trim(stripslashes(get_option('sidebarlogin_login_redirect')));
|
122 |
|
123 |
+
if ( empty( $redirect_to ) ) {
|
124 |
+
if ( isset( $_REQUEST['redirect_to'] ) )
|
125 |
$redirect_to = esc_url( $_REQUEST['redirect_to'] );
|
126 |
else
|
127 |
$redirect_to = sidebar_login_current_url('nologout');
|
128 |
+
}
|
129 |
|
130 |
+
if ( force_ssl_admin() )
|
131 |
+
$redirect_to = str_replace( 'http:', 'https:', $redirect_to );
|
132 |
|
133 |
// login form
|
134 |
+
$sidebarlogin_post_url = ( force_ssl_login() || force_ssl_admin() ) ? str_replace('http://', 'https://', sidebar_login_current_url() ) : sidebar_login_current_url();
|
|
|
|
|
135 |
|
136 |
+
$login_form_args = apply_filters( 'sidebar_login_form_args', array(
|
137 |
+
'echo' => true,
|
138 |
+
'redirect' => esc_attr( $redirect_to ),
|
139 |
+
'label_username' => $theusername,
|
140 |
+
'label_password' => $thepassword,
|
141 |
+
'label_remember' => $theremember,
|
142 |
+
'label_log_in' => __('Login »', 'sblogin'),
|
143 |
+
'remember' => true,
|
144 |
+
'value_remember' => true
|
145 |
+
) );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
146 |
|
147 |
+
wp_login_form( $login_form_args );
|
148 |
+
|
149 |
// Output other links
|
150 |
$links = '';
|
151 |
+
if ( get_option('users_can_register') && get_option('sidebarlogin_register_link') == '1' ) {
|
152 |
|
153 |
+
if ( ! is_multisite() ) {
|
154 |
+
|
155 |
+
$links .= '<li><a href="' . apply_filters( 'sidebar_login_register_url', site_url('wp-login.php?action=register', 'login') ) . '" rel="nofollow">' . $theregister . '</a></li>';
|
156 |
|
157 |
} else {
|
158 |
|
159 |
+
$links .= '<li><a href="' . apply_filters( 'sidebar_login_register_url', site_url('wp-signup.php', 'login') ) . '" rel="nofollow">' . $theregister . '</a></li>';
|
160 |
|
161 |
}
|
162 |
}
|
163 |
+
if ( get_option( 'sidebarlogin_forgotton_link' ) == '1' )
|
164 |
+
$links .= '<li><a href="' . apply_filters( 'sidebar_login_lostpassword_url', wp_lostpassword_url() ) . '" rel="nofollow">' . $thelostpass . '</a></li>';
|
|
|
165 |
|
166 |
+
if ($links)
|
167 |
+
echo '<ul class="sidebarlogin_otherlinks">' . $links . '</ul>';
|
168 |
}
|
169 |
|
170 |
// echo widget closing tag
|
213 |
register_widget('SidebarLoginMultiWidget');
|
214 |
|
215 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
216 |
|
217 |
+
add_action('init', 'widget_wp_sidebarlogin_init', 1);
|
218 |
|
219 |
/**
|
220 |
* Process ajax login
|
259 |
// Result
|
260 |
$result = array();
|
261 |
|
262 |
+
if ( ! is_wp_error($user) ) :
|
263 |
$result['success'] = 1;
|
264 |
$result['redirect'] = $redirect_to;
|
265 |
else :
|
286 |
if ( !function_exists('sidebar_login_current_url') ) {
|
287 |
function sidebar_login_current_url( $url = '' ) {
|
288 |
|
289 |
+
$pageURL = force_ssl_admin() ? 'https://' : 'http://';
|
290 |
+
$pageURL .= esc_attr( $_SERVER['HTTP_HOST'] );
|
291 |
+
$pageURL .= esc_attr( $_SERVER['REQUEST_URI'] );
|
|
|
292 |
|
293 |
if ($url != "nologout") {
|
294 |
if (!strpos($pageURL,'_login=')) {
|
298 |
}
|
299 |
}
|
300 |
|
301 |
+
return strip_tags( $pageURL );
|
302 |
}
|
303 |
}
|
style.css
CHANGED
@@ -1,7 +1,7 @@
|
|
1 |
/* Basic styling for login widget
|
2 |
This styling aligns the gravtar left, the links right.*/
|
3 |
.widget_wp_sidebarlogin, #sidebar-login {
|
4 |
-
|
5 |
}
|
6 |
.widget_wp_sidebarlogin .avatar_container, #sidebar-login .avatar_container {
|
7 |
float:left;
|
@@ -50,19 +50,10 @@
|
|
50 |
.widget_wp_sidebarlogin form p {
|
51 |
margin: .5em 0;
|
52 |
}
|
53 |
-
.widget_wp_sidebarlogin form input
|
54 |
width: 100%;
|
|
|
55 |
-webkit-box-sizing: border-box; /* Safari/Chrome, other WebKit */
|
56 |
-moz-box-sizing: border-box; /* Firefox, other Gecko */
|
57 |
box-sizing: border-box; /* Opera/IE 8+ */
|
58 |
-
}
|
59 |
-
/* ie7 */
|
60 |
-
*:first-child+html .widget_wp_sidebarlogin form input.text {
|
61 |
-
width: 90%;
|
62 |
-
}
|
63 |
-
.widget_wp_sidebarlogin label {
|
64 |
-
display: block;
|
65 |
-
}
|
66 |
-
.widget_wp_sidebarlogin .rememberme label {
|
67 |
-
display: inline;
|
68 |
}
|
1 |
/* Basic styling for login widget
|
2 |
This styling aligns the gravtar left, the links right.*/
|
3 |
.widget_wp_sidebarlogin, #sidebar-login {
|
4 |
+
|
5 |
}
|
6 |
.widget_wp_sidebarlogin .avatar_container, #sidebar-login .avatar_container {
|
7 |
float:left;
|
50 |
.widget_wp_sidebarlogin form p {
|
51 |
margin: .5em 0;
|
52 |
}
|
53 |
+
.widget_wp_sidebarlogin form .input {
|
54 |
width: 100%;
|
55 |
+
margin: 2px;
|
56 |
-webkit-box-sizing: border-box; /* Safari/Chrome, other WebKit */
|
57 |
-moz-box-sizing: border-box; /* Firefox, other Gecko */
|
58 |
box-sizing: border-box; /* Opera/IE 8+ */
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
59 |
}
|