Theme My Login - Version 2.0.2

Version Description

Download this release

Release Info

Developer jfarthing84
Plugin Icon 128x128 Theme My Login
Version 2.0.2
Comparing to
See all releases

Code changes from version 2.0 to 2.0.2

Files changed (12) hide show
  1. includes/compat.php +7 -143
  2. includes/login.php +0 -63
  3. includes/lost-password.php +0 -28
  4. includes/profile-actions.php +38 -0
  5. includes/profile-form.php +166 -0
  6. includes/profile.php +0 -165
  7. includes/register.php +0 -30
  8. includes/wp-login-actions.php +143 -0
  9. includes/wp-login-forms.php +139 -0
  10. includes/wp-login-functions.php +190 -0
  11. readme.txt +4 -2
  12. theme-my-login.php +46 -15
includes/compat.php CHANGED
@@ -76,150 +76,14 @@ function force_ssl_admin($force = '') {
76
  }
77
  endif;
78
 
79
- if (!function_exists('retrieve_password')) :
80
- function retrieve_password() {
81
- global $wpdb;
82
-
83
- $errors = new WP_Error();
84
-
85
- if ( empty( $_POST['user_login'] ) && empty( $_POST['user_email'] ) )
86
- $errors->add('empty_username', __('<strong>ERROR</strong>: Enter a username or e-mail address.'));
87
-
88
- if ( strpos($_POST['user_login'], '@') ) {
89
- $user_data = get_user_by_email(trim($_POST['user_login']));
90
- if ( empty($user_data) )
91
- $errors->add('invalid_email', __('<strong>ERROR</strong>: There is no user registered with that email address.'));
92
- } else {
93
- $login = trim($_POST['user_login']);
94
- $user_data = get_userdatabylogin($login);
95
- }
96
-
97
- do_action('lostpassword_post');
98
-
99
- if ( $errors->get_error_code() )
100
- return $errors;
101
-
102
- if ( !$user_data ) {
103
- $errors->add('invalidcombo', __('<strong>ERROR</strong>: Invalid username or e-mail.'));
104
- return $errors;
105
  }
106
-
107
- // redefining user_login ensures we return the right case in the email
108
- $user_login = $user_data->user_login;
109
- $user_email = $user_data->user_email;
110
-
111
- do_action('retreive_password', $user_login); // Misspelled and deprecated
112
- do_action('retrieve_password', $user_login);
113
-
114
- $allow = apply_filters('allow_password_reset', true, $user_data->ID);
115
-
116
- if ( ! $allow )
117
- return new WP_Error('no_password_reset', __('Password reset is not allowed for this user'));
118
- else if ( is_wp_error($allow) )
119
- return $allow;
120
-
121
- $key = $wpdb->get_var($wpdb->prepare("SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login));
122
- if ( empty($key) ) {
123
- // Generate something random for a key...
124
- $key = wp_generate_password(20, false);
125
- do_action('retrieve_password_key', $user_login, $key);
126
- // Now insert the new md5 key into the db
127
- $wpdb->query($wpdb->prepare("UPDATE $wpdb->users SET user_activation_key = %s WHERE user_login = %s", $key, $user_login));
128
- }
129
- $message = __('Someone has asked to reset the password for the following site and username.') . "\r\n\r\n";
130
- $message .= get_option('siteurl') . "\r\n\r\n";
131
- $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
132
- $message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.') . "\r\n\r\n";
133
- $message .= site_url("wp-login.php?action=rp&key=$key", 'login') . "\r\n";
134
-
135
- if ( !wp_mail($user_email, sprintf(__('[%s] Password Reset'), get_option('blogname')), $message) )
136
- die('<p>' . __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') . '</p>');
137
-
138
- return true;
139
- }
140
- endif;
141
-
142
- if (!function_exists('register_new_user')) :
143
- function register_new_user($user_login, $user_email) {
144
- $errors = new WP_Error();
145
-
146
- $user_login = sanitize_user( $user_login );
147
- $user_email = apply_filters( 'user_registration_email', $user_email );
148
-
149
- // Check the username
150
- if ( $user_login == '' )
151
- $errors->add('empty_username', __('<strong>ERROR</strong>: Please enter a username.'));
152
- elseif ( !validate_username( $user_login ) ) {
153
- $errors->add('invalid_username', __('<strong>ERROR</strong>: This username is invalid. Please enter a valid username.'));
154
- $user_login = '';
155
- } elseif ( username_exists( $user_login ) )
156
- $errors->add('username_exists', __('<strong>ERROR</strong>: This username is already registered, please choose another one.'));
157
-
158
- // Check the e-mail address
159
- if ($user_email == '') {
160
- $errors->add('empty_email', __('<strong>ERROR</strong>: Please type your e-mail address.'));
161
- } elseif ( !is_email( $user_email ) ) {
162
- $errors->add('invalid_email', __('<strong>ERROR</strong>: The email address isn&#8217;t correct.'));
163
- $user_email = '';
164
- } elseif ( email_exists( $user_email ) )
165
- $errors->add('email_exists', __('<strong>ERROR</strong>: This email is already registered, please choose another one.'));
166
-
167
- do_action('register_post', $user_login, $user_email, $errors);
168
-
169
- $errors = apply_filters( 'registration_errors', $errors );
170
-
171
- if ( $errors->get_error_code() )
172
- return $errors;
173
-
174
- $user_pass = wp_generate_password();
175
- $user_id = wp_create_user( $user_login, $user_pass, $user_email );
176
- if ( !$user_id ) {
177
- $errors->add('registerfail', sprintf(__('<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_option('admin_email')));
178
- return $errors;
179
- }
180
-
181
- wp_new_user_notification($user_id, $user_pass);
182
-
183
- return $user_id;
184
- }
185
- endif;
186
-
187
- if (!function_exists('wp_reset_vars')) :
188
- function wp_reset_vars( $vars ) {
189
- for ( $i=0; $i<count( $vars ); $i += 1 ) {
190
- $var = $vars[$i];
191
- global $$var;
192
-
193
- if (!isset( $$var ) ) {
194
- if ( empty( $_POST["$var"] ) ) {
195
- if ( empty( $_GET["$var"] ) )
196
- $$var = '';
197
- else
198
- $$var = $_GET["$var"];
199
- } else {
200
- $$var = $_POST["$var"];
201
- }
202
- }
203
- }
204
- }
205
- endif;
206
-
207
- if (!function_exists('get_user_to_edit')) :
208
- function get_user_to_edit( $user_id ) {
209
- $user = new WP_User( $user_id );
210
- $user->user_login = attribute_escape($user->user_login);
211
- $user->user_email = attribute_escape($user->user_email);
212
- $user->user_url = clean_url($user->user_url);
213
- $user->first_name = attribute_escape($user->first_name);
214
- $user->last_name = attribute_escape($user->last_name);
215
- $user->display_name = attribute_escape($user->display_name);
216
- $user->nickname = attribute_escape($user->nickname);
217
- $user->aim = isset( $user->aim ) && !empty( $user->aim ) ? attribute_escape($user->aim) : '';
218
- $user->yim = isset( $user->yim ) && !empty( $user->yim ) ? attribute_escape($user->yim) : '';
219
- $user->jabber = isset( $user->jabber ) && !empty( $user->jabber ) ? attribute_escape($user->jabber) : '';
220
- $user->description = isset( $user->description ) && !empty( $user->description ) ? wp_specialchars($user->description) : '';
221
-
222
- return $user;
223
  }
224
  endif;
225
  ?>
76
  }
77
  endif;
78
 
79
+ if ( !function_exists('wp_password_change_notification') ) :
80
+ function wp_password_change_notification(&$user) {
81
+ // send a copy of password change notification to the admin
82
+ // but check to see if it's the admin whose password we're changing, and skip this
83
+ if ( $user->user_email != get_option('admin_email') ) {
84
+ $message = sprintf(__('Password Lost and Changed for user: %s'), $user->user_login) . "\r\n";
85
+ wp_mail(get_option('admin_email'), sprintf(__('[%s] Password Lost/Changed'), get_option('blogname')), $message);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
86
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
87
  }
88
  endif;
89
  ?>
includes/login.php DELETED
@@ -1,63 +0,0 @@
1
- <?php
2
-
3
- if ( isset( $_REQUEST['redirect_to'] ) ) {
4
- $redirect_to = $_REQUEST['redirect_to'];
5
- // Redirect to https if user wants ssl
6
- if ( $secure_cookie && false !== strpos($redirect_to, 'wp-admin') )
7
- $redirect_to = preg_replace('|^http://|', 'https://', $redirect_to);
8
- } else {
9
- $redirect_to = $this->GetOption('login_redirect');
10
- }
11
-
12
- $redirect_to = apply_filters('login_redirect', $redirect_to, isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '', $user);
13
-
14
- // Clear errors if loggedout is set.
15
- if ( !empty($_GET['loggedout']) )
16
- $errors = new WP_Error();
17
-
18
- // If cookies are disabled we can't log in even with a valid user+pass
19
- if ( isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE]) )
20
- $this->errors->add('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress."));
21
-
22
- // Some parts of this script use the main login form to display a message
23
- if ( isset($_GET['loggedout']) && TRUE == $_GET['loggedout'] ) $this->errors->add('loggedout', __('You are now logged out.'), 'message');
24
- elseif ( isset($_GET['registration']) && 'disabled' == $_GET['registration'] ) $this->errors->add('registerdisabled', __('User registration is currently not allowed.'));
25
- elseif ( isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail'] ) $this->errors->add('confirm', __('Check your e-mail for the confirmation link.'), 'message');
26
- elseif ( isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail'] ) $this->errors->add('newpass', __('Check your e-mail for your new password.'), 'message');
27
- elseif ( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] ) $this->errors->add('registered', __('Registration complete. Please check your e-mail.'), 'message');
28
-
29
- $this->DoHeader('', $this->errors);
30
-
31
- if ( isset($_POST['log']) )
32
- $user_login = ( 'incorrect_password' == $this->errors->get_error_code() || 'empty_password' == $this->errors->get_error_code() ) ? attribute_escape(stripslashes($_POST['log'])) : '';
33
- ?>
34
-
35
- <?php if ( !isset($_GET['checkemail']) || !in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
36
- <form name="loginform" id="loginform" action="<?php echo $this->QueryURL(); ?>action=login" method="post">
37
- <p>
38
- <label><?php _e('Username') ?><br />
39
- <input type="text" name="log" id="user_login" class="input" value="<?php echo $user_login; ?>" size="20" tabindex="10" /></label>
40
- </p>
41
- <p>
42
- <label><?php _e('Password') ?><br />
43
- <input type="password" name="pwd" id="user_pass" class="input" value="" size="20" tabindex="20" /></label>
44
- </p>
45
- <?php do_action('login_form'); ?>
46
- <p class="forgetmenot"><label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="90" /> <?php _e('Remember Me'); ?></label></p>
47
- <p class="submit">
48
- <input type="submit" name="wp-submit" id="wp-submit" value="<?php _e('Log In'); ?>" tabindex="100" />
49
- <input type="hidden" name="redirect_to" value="<?php echo attribute_escape($redirect_to); ?>" />
50
- <input type="hidden" name="testcookie" value="1" />
51
- </p>
52
- </form>
53
- <?php endif; ?>
54
-
55
- <ul class="nav">
56
- <?php if ( isset($_GET['checkemail']) && in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
57
- <?php elseif (get_option('users_can_register')) : ?>
58
- <li><a href="<?php echo site_url('wp-login.php?action=register', 'login') ?>"><?php _e('Register') ?></a></li>
59
- <?php endif; ?>
60
- <li><a href="<?php echo site_url('wp-login.php?action=lostpassword', 'login') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
61
- </ul>
62
-
63
- </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
includes/lost-password.php DELETED
@@ -1,28 +0,0 @@
1
- <?php
2
-
3
- if ( isset($_GET['error']) && 'invalidkey' == $_GET['error'] ) $this->errors->add('invalidkey', __('Sorry, that key does not appear to be valid.'));
4
-
5
- do_action('lost_password');
6
- $this->DoHeader('<p class="message">' . __('Please enter your username or e-mail address. You will receive a new password via e-mail.') . '</p>', $this->errors);
7
-
8
- $user_login = isset($_POST['user_login']) ? stripslashes($_POST['user_login']) : '';
9
-
10
- ?>
11
-
12
- <form name="lostpasswordform" id="lostpasswordform" action="" method="post">
13
- <p>
14
- <label><?php _e('Username or E-mail:') ?><br />
15
- <input type="text" name="user_login" id="user_login" class="input" value="<?php echo attribute_escape($user_login); ?>" size="20" tabindex="10" /></label>
16
- </p>
17
- <?php do_action('lostpassword_form'); ?>
18
- <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" value="<?php _e('Get New Password'); ?>" tabindex="100" /></p>
19
- </form>
20
-
21
- <ul class="nav">
22
- <li><a href="<?php echo site_url('wp-login.php', 'login') ?>"><?php _e('Log in') ?></a></li>
23
- <?php if (get_option('users_can_register')) : ?>
24
- <li><a href="<?php echo site_url('wp-login.php?action=register', 'login') ?>"><?php _e('Register') ?></li>
25
- <?php endif; ?>
26
- </ul>
27
-
28
- </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
includes/profile-actions.php ADDED
@@ -0,0 +1,38 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ global $wp_version;
4
+
5
+ if ($wp_version < '2.6')
6
+ include 'compat.php';
7
+
8
+ require('wp-login-functions.php');
9
+ require_once ABSPATH . '/wp-admin/includes/misc.php';
10
+ require_once ABSPATH . '/wp-admin/includes/user.php';
11
+ require_once ABSPATH . WPINC . '/registration.php';
12
+
13
+ if ( !$user_id ) {
14
+ $current_user = wp_get_current_user();
15
+ $user_id = $current_user->ID;
16
+ }
17
+
18
+ $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
19
+
20
+ switch ($action) {
21
+ case 'update':
22
+ check_admin_referer('update-user_' . $user_id);
23
+
24
+ if ( !current_user_can('edit_user', $user_id) )
25
+ wp_die(__('You do not have permission to edit this user.'));
26
+
27
+ do_action('personal_options_update');
28
+
29
+ $this->errors = edit_user($user_id);
30
+
31
+ if ( !is_wp_error( $this->errors ) ) {
32
+ $redirect = ('wp-admin/profile.php?updated=true');
33
+ wp_redirect($redirect);
34
+ exit;
35
+ }
36
+ break;
37
+ } // end action switch
38
+ ?>
includes/profile-form.php ADDED
@@ -0,0 +1,166 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ global $wp_version;
4
+
5
+ if ($wp_version < '2.6')
6
+ include 'compat.php';
7
+
8
+ require('wp-login-functions.php');
9
+ require_once ABSPATH . '/wp-admin/includes/misc.php';
10
+ require_once ABSPATH . '/wp-admin/includes/user.php';
11
+
12
+ if ( !$user_id ) {
13
+ $current_user = wp_get_current_user();
14
+ $user_id = $current_user->ID;
15
+ }
16
+
17
+ wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer'));
18
+ $wp_http_referer = remove_query_arg(array('update', 'delete_count'), stripslashes($wp_http_referer));
19
+ $user_id = (int) $user_id;
20
+
21
+ $profileuser = get_user_to_edit($user_id);
22
+ if ( !current_user_can('edit_user', $user_id) )
23
+ wp_die(__('You do not have permission to edit this user.'));
24
+
25
+ login_header('', $this->errors);
26
+
27
+ if ($_GET['updated'] == true) {
28
+ echo '<p class="message">Your profile has been updated.</p>';
29
+ }
30
+ ?>
31
+
32
+ <form name="profile" id="your-profile" action="<?php echo ssl_or_not($this->QueryURL().'profile=1') ?>" method="post">
33
+ <?php wp_nonce_field('update-user_' . $user_id) ?>
34
+ <?php if ( $wp_http_referer ) : ?>
35
+ <input type="hidden" name="wp_http_referer" value="<?php echo clean_url($wp_http_referer); ?>" />
36
+ <?php endif; ?>
37
+ <p>
38
+ <input type="hidden" name="from" value="profile" />
39
+ <input type="hidden" name="checkuser_id" value="<?php echo $user_ID ?>" />
40
+ </p>
41
+
42
+ <h3><?php _e('Name') ?></h3>
43
+
44
+ <table class="form-table">
45
+ <tr>
46
+ <th><label for="user_login"><?php _e('Username'); ?></label></th>
47
+ <td><input type="text" name="user_login" id="user_login" value="<?php echo $profileuser->user_login; ?>" disabled="disabled" /> <?php _e('Your username cannot be changed'); ?></td>
48
+ </tr>
49
+ <tr>
50
+ <th><label for="first_name"><?php _e('First name') ?></label></th>
51
+ <td><input type="text" name="first_name" id="first_name" value="<?php echo $profileuser->first_name ?>" /></td>
52
+ </tr>
53
+ <tr>
54
+ <th><label for="last_name"><?php _e('Last name') ?></label></th>
55
+ <td><input type="text" name="last_name" id="last_name" value="<?php echo $profileuser->last_name ?>" /></td>
56
+ </tr>
57
+ <tr>
58
+ <th><label for="nickname"><?php _e('Nickname') ?></label></th>
59
+ <td><input type="text" name="nickname" id="nickname" value="<?php echo $profileuser->nickname ?>" /></td>
60
+ </tr>
61
+ <tr>
62
+ <th><label for="display_name"><?php _e('Display name publicly&nbsp;as') ?></label></th>
63
+ <td>
64
+ <select name="display_name" id="display_name">
65
+ <?php
66
+ $public_display = array();
67
+ $public_display['display_displayname'] = $profileuser->display_name;
68
+ $public_display['display_nickname'] = $profileuser->nickname;
69
+ $public_display['display_username'] = $profileuser->user_login;
70
+ $public_display['display_firstname'] = $profileuser->first_name;
71
+ $public_display['display_firstlast'] = $profileuser->first_name.' '.$profileuser->last_name;
72
+ $public_display['display_lastfirst'] = $profileuser->last_name.' '.$profileuser->first_name;
73
+ $public_display = array_unique(array_filter(array_map('trim', $public_display)));
74
+ foreach($public_display as $id => $item) {
75
+ ?>
76
+ <option id="<?php echo $id; ?>" value="<?php echo $item; ?>"><?php echo $item; ?></option>
77
+ <?php
78
+ }
79
+ ?>
80
+ </select>
81
+ </td>
82
+ </tr>
83
+ </table>
84
+
85
+ <h3><?php _e('Contact Info') ?></h3>
86
+
87
+ <table class="form-table">
88
+ <tr>
89
+ <th><label for="email"><?php _e('E-mail') ?></label></th>
90
+ <td><input type="text" name="email" id="email" value="<?php echo $profileuser->user_email ?>" /> <?php _e('Required'); ?></td>
91
+ </tr>
92
+
93
+ <tr>
94
+ <th><label for="url"><?php _e('Website') ?></label></th>
95
+ <td><input type="text" name="url" id="url" value="<?php echo $profileuser->user_url ?>" /></td>
96
+ </tr>
97
+
98
+ <tr>
99
+ <th><label for="aim"><?php _e('AIM') ?></label></th>
100
+ <td><input type="text" name="aim" id="aim" value="<?php echo $profileuser->aim ?>" /></td>
101
+ </tr>
102
+
103
+ <tr>
104
+ <th><label for="yim"><?php _e('Yahoo IM') ?></label></th>
105
+ <td><input type="text" name="yim" id="yim" value="<?php echo $profileuser->yim ?>" /></td>
106
+ </tr>
107
+
108
+ <tr>
109
+ <th><label for="jabber"><?php _e('Jabber / Google Talk') ?></label></th>
110
+ <td><input type="text" name="jabber" id="jabber" value="<?php echo $profileuser->jabber ?>" /></td>
111
+ </tr>
112
+ </table>
113
+
114
+ <h3><?php _e('About Yourself'); ?></h3>
115
+
116
+ <table class="form-table">
117
+ <tr>
118
+ <th><label for="description"><?php _e('Biographical Info'); ?></label></th>
119
+ <td><textarea name="description" id="description" rows="5" cols="30"><?php echo $profileuser->description ?></textarea><br /><?php _e('Share a little biographical information to fill out your profile. This may be shown publicly.'); ?><br/><br/></td>
120
+ </tr>
121
+
122
+ <?php
123
+ $show_password_fields = apply_filters('show_password_fields', true);
124
+ if ( $show_password_fields ) :
125
+ ?>
126
+ <tr>
127
+ <th><label for="pass1"><?php _e('New Password'); ?></label></th>
128
+ <td>
129
+ <input type="password" name="pass1" id="pass1" size="16" value="" /><br/><?php _e("If you would like to change the password type a new one. Otherwise leave this blank."); ?><br />
130
+ <input type="password" name="pass2" id="pass2" size="16" value="" /><br/><?php _e("Type your new password again."); ?><br />
131
+ </td>
132
+ </tr>
133
+ <?php endif; ?>
134
+ </table>
135
+
136
+ <?php
137
+ do_action('profile_personal_options');
138
+ do_action('show_user_profile');
139
+ ?>
140
+
141
+ <?php if (count($profileuser->caps) > count($profileuser->roles)): ?>
142
+ <br class="clear" />
143
+ <table width="99%" style="border: none;" cellspacing="2" cellpadding="3" class="editform">
144
+ <tr>
145
+ <th scope="row"><?php _e('Additional Capabilities') ?></th>
146
+ <td><?php
147
+ $output = '';
148
+ foreach($profileuser->caps as $cap => $value) {
149
+ if(!$wp_roles->is_role($cap)) {
150
+ if($output != '') $output .= ', ';
151
+ $output .= $value ? $cap : "Denied: {$cap}";
152
+ }
153
+ }
154
+ echo $output;
155
+ ?></td>
156
+ </tr>
157
+ </table>
158
+ <?php endif; ?>
159
+
160
+ <p class="submit">
161
+ <input type="hidden" name="action" value="update" />
162
+ <input type="hidden" name="user_id" id="user_id" value="<?php echo $user_id; ?>" />
163
+ <input type="submit" id="submit" value="<?php _e('Update Profile') ?>" name="submit" />
164
+ </p>
165
+ </form>
166
+ </div>
includes/profile.php DELETED
@@ -1,165 +0,0 @@
1
- <?php
2
-
3
- require 'compat.php';
4
-
5
- if ( !$user_id ) {
6
- $current_user = wp_get_current_user();
7
- $user_id = $current_user->ID;
8
- }
9
-
10
- if ($current_user->has_cap('edit_posts') === false) {
11
- $is_profile_page = true;
12
-
13
- wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer'));
14
- $wp_http_referer = remove_query_arg(array('update', 'delete_count'), stripslashes($wp_http_referer));
15
- $user_id = (int) $user_id;
16
-
17
- $profileuser = get_user_to_edit($user_id);
18
- if ( !current_user_can('edit_user', $user_id) )
19
- wp_die(__('You do not have permission to edit this user.'));
20
-
21
- $this->DoHeader('', $this->errors);
22
- if ($_GET['updated'] == true) {
23
- echo '<p class="message">Your profile has been updated.</p>';
24
- }
25
- ?>
26
-
27
- <form name="profile" id="your-profile" action="<?php echo $this->QueryURL(); ?>show=profile" method="post">
28
- <?php wp_nonce_field('update-user_' . $user_id) ?>
29
- <?php if ( $wp_http_referer ) : ?>
30
- <input type="hidden" name="wp_http_referer" value="<?php echo clean_url($wp_http_referer); ?>" />
31
- <?php endif; ?>
32
- <p>
33
- <input type="hidden" name="from" value="profile" />
34
- <input type="hidden" name="checkuser_id" value="<?php echo $user_ID ?>" />
35
- </p>
36
-
37
- <h3><?php _e('Name') ?></h3>
38
-
39
- <table class="form-table">
40
- <tr>
41
- <th><label for="user_login"><?php _e('Username'); ?></label></th>
42
- <td><input type="text" name="user_login" id="user_login" value="<?php echo $profileuser->user_login; ?>" disabled="disabled" /> <?php _e('Your username cannot be changed'); ?></td>
43
- </tr>
44
- <tr>
45
- <th><label for="first_name"><?php _e('First name') ?></label></th>
46
- <td><input type="text" name="first_name" id="first_name" value="<?php echo $profileuser->first_name ?>" /></td>
47
- </tr>
48
- <tr>
49
- <th><label for="last_name"><?php _e('Last name') ?></label></th>
50
- <td><input type="text" name="last_name" id="last_name" value="<?php echo $profileuser->last_name ?>" /></td>
51
- </tr>
52
- <tr>
53
- <th><label for="nickname"><?php _e('Nickname') ?></label></th>
54
- <td><input type="text" name="nickname" id="nickname" value="<?php echo $profileuser->nickname ?>" /></td>
55
- </tr>
56
- <tr>
57
- <th><label for="display_name"><?php _e('Display name publicly&nbsp;as') ?></label></th>
58
- <td>
59
- <select name="display_name" id="display_name">
60
- <?php
61
- $public_display = array();
62
- $public_display['display_displayname'] = $profileuser->display_name;
63
- $public_display['display_nickname'] = $profileuser->nickname;
64
- $public_display['display_username'] = $profileuser->user_login;
65
- $public_display['display_firstname'] = $profileuser->first_name;
66
- $public_display['display_firstlast'] = $profileuser->first_name.' '.$profileuser->last_name;
67
- $public_display['display_lastfirst'] = $profileuser->last_name.' '.$profileuser->first_name;
68
- $public_display = array_unique(array_filter(array_map('trim', $public_display)));
69
- foreach($public_display as $id => $item) {
70
- ?>
71
- <option id="<?php echo $id; ?>" value="<?php echo $item; ?>"><?php echo $item; ?></option>
72
- <?php
73
- }
74
- ?>
75
- </select>
76
- </td>
77
- </tr>
78
- </table>
79
-
80
- <h3><?php _e('Contact Info') ?></h3>
81
-
82
- <table class="form-table">
83
- <tr>
84
- <th><label for="email"><?php _e('E-mail') ?></label></th>
85
- <td><input type="text" name="email" id="email" value="<?php echo $profileuser->user_email ?>" /> <?php _e('Required'); ?></td>
86
- </tr>
87
-
88
- <tr>
89
- <th><label for="url"><?php _e('Website') ?></label></th>
90
- <td><input type="text" name="url" id="url" value="<?php echo $profileuser->user_url ?>" /></td>
91
- </tr>
92
-
93
- <tr>
94
- <th><label for="aim"><?php _e('AIM') ?></label></th>
95
- <td><input type="text" name="aim" id="aim" value="<?php echo $profileuser->aim ?>" /></td>
96
- </tr>
97
-
98
- <tr>
99
- <th><label for="yim"><?php _e('Yahoo IM') ?></label></th>
100
- <td><input type="text" name="yim" id="yim" value="<?php echo $profileuser->yim ?>" /></td>
101
- </tr>
102
-
103
- <tr>
104
- <th><label for="jabber"><?php _e('Jabber / Google Talk') ?></label></th>
105
- <td><input type="text" name="jabber" id="jabber" value="<?php echo $profileuser->jabber ?>" /></td>
106
- </tr>
107
- </table>
108
-
109
- <h3><?php _e('About Yourself'); ?></h3>
110
-
111
- <table class="form-table">
112
- <tr>
113
- <th><label for="description"><?php _e('Biographical Info'); ?></label></th>
114
- <td><textarea name="description" id="description" rows="5" cols="30"><?php echo $profileuser->description ?></textarea><br /><?php _e('Share a little biographical information to fill out your profile. This may be shown publicly.'); ?><br/><br/></td>
115
- </tr>
116
-
117
- <?php
118
- $show_password_fields = apply_filters('show_password_fields', true);
119
- if ( $show_password_fields ) :
120
- ?>
121
- <tr>
122
- <th><label for="pass1"><?php _e('New Password'); ?></label></th>
123
- <td>
124
- <input type="password" name="pass1" id="pass1" size="16" value="" /><br/><?php _e("If you would like to change the password type a new one. Otherwise leave this blank."); ?><br />
125
- <input type="password" name="pass2" id="pass2" size="16" value="" /><br/><?php _e("Type your new password again."); ?><br />
126
- </td>
127
- </tr>
128
- <?php endif; ?>
129
- </table>
130
-
131
- <?php
132
- do_action('profile_personal_options');
133
- do_action('show_user_profile');
134
- ?>
135
-
136
- <?php if (count($profileuser->caps) > count($profileuser->roles)): ?>
137
- <br class="clear" />
138
- <table width="99%" style="border: none;" cellspacing="2" cellpadding="3" class="editform">
139
- <tr>
140
- <th scope="row"><?php _e('Additional Capabilities') ?></th>
141
- <td><?php
142
- $output = '';
143
- foreach($profileuser->caps as $cap => $value) {
144
- if(!$wp_roles->is_role($cap)) {
145
- if($output != '') $output .= ', ';
146
- $output .= $value ? $cap : "Denied: {$cap}";
147
- }
148
- }
149
- echo $output;
150
- ?></td>
151
- </tr>
152
- </table>
153
- <?php endif; ?>
154
-
155
- <p class="submit">
156
- <input type="hidden" name="action" value="update" />
157
- <input type="hidden" name="user_id" id="user_id" value="<?php echo $user_id; ?>" />
158
- <input type="submit" id="submit" value="<?php _e('Update Profile') ?>" name="submit" />
159
- </p>
160
- </form>
161
- </div>
162
- <?php
163
- }
164
-
165
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
includes/register.php DELETED
@@ -1,30 +0,0 @@
1
- <?php
2
-
3
- if ($http_post) {
4
- $user_login = $_POST['user_login'];
5
- $user_email = $_POST['user_email'];
6
- }
7
-
8
- $this->DoHeader('', $this->errors);
9
- ?>
10
-
11
- <form name="registerform" id="registerform" action="<?php echo get_permalink($this->GetOption('page_id')); ?>?action=register" method="post">
12
- <p>
13
- <label><?php _e('Username') ?><br />
14
- <input type="text" name="user_login" id="user_login" class="input" value="<?php echo attribute_escape(stripslashes($user_login)); ?>" size="20" tabindex="10" /></label>
15
- </p>
16
- <p>
17
- <label><?php _e('E-mail') ?><br />
18
- <input type="text" name="user_email" id="user_email" class="input" value="<?php echo attribute_escape(stripslashes($user_email)); ?>" size="25" tabindex="20" /></label>
19
- </p>
20
- <?php do_action('register_form'); ?>
21
- <p id="reg_passmail"><?php _e($this->GetOption('register_msg')) ?></p>
22
- <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" value="<?php _e('Register'); ?>" tabindex="100" /></p>
23
- </form>
24
-
25
- <ul class="nav">
26
- <li><a href="<?php echo site_url('wp-login.php', 'login') ?>"><?php _e('Log in') ?></a></li>
27
- <li><a href="<?php echo site_url('wp-login.php?action=lostpassword', 'login') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
28
- </ul>
29
-
30
- </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
includes/wp-login-actions.php ADDED
@@ -0,0 +1,143 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ global $wp_version;
4
+
5
+ if ($wp_version < '2.6')
6
+ include 'compat.php';
7
+
8
+ require('wp-login-functions.php');
9
+
10
+ if ( force_ssl_admin() && !is_ssl() ) {
11
+ if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
12
+ wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
13
+ exit();
14
+ } else {
15
+ wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
16
+ exit();
17
+ }
18
+ }
19
+
20
+ $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
21
+ $this->errors = new WP_Error();
22
+
23
+ if ( isset($_GET['key']) )
24
+ $action = 'resetpass';
25
+
26
+ nocache_headers();
27
+
28
+ header('Content-Type: '.get_bloginfo('html_type').'; charset='.get_bloginfo('charset'));
29
+
30
+ if ( defined('RELOCATE') ) { // Move flag is set
31
+ if ( isset( $_SERVER['PATH_INFO'] ) && ($_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF']) )
32
+ $_SERVER['PHP_SELF'] = str_replace( $_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF'] );
33
+
34
+ $schema = ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) ? 'https://' : 'http://';
35
+ if ( dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']) != get_option('siteurl') )
36
+ update_option('siteurl', dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']) );
37
+ }
38
+
39
+ //Set a cookie now to see if they are supported by the browser.
40
+ setcookie(TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN);
41
+ if ( SITECOOKIEPATH != COOKIEPATH )
42
+ setcookie(TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN);
43
+
44
+ $http_post = ('POST' == $_SERVER['REQUEST_METHOD']);
45
+ switch ($action) {
46
+ case 'logout' :
47
+ if ($wp_version >= '2.6')
48
+ check_admin_referer('log-out');
49
+ wp_logout();
50
+
51
+ $redirect_to = 'wp-login.php?loggedout=true';
52
+ if ( isset( $_REQUEST['redirect_to'] ) )
53
+ $redirect_to = $_REQUEST['redirect_to'];
54
+
55
+ wp_safe_redirect($redirect_to);
56
+ exit();
57
+ break;
58
+ case 'lostpassword' :
59
+ case 'retrievepassword' :
60
+ if ( $http_post ) {
61
+ $this->errors = retrieve_password();
62
+ if ( !is_wp_error($this->errors) ) {
63
+ wp_redirect('wp-login.php?checkemail=confirm');
64
+ exit();
65
+ }
66
+ }
67
+
68
+ if ( isset($_GET['error']) && 'invalidkey' == $_GET['error'] )
69
+ $this->errors->add('invalidkey', __('Sorry, that key does not appear to be valid.'));
70
+ break;
71
+ case 'resetpass' :
72
+ case 'rp' :
73
+ $this->errors = reset_password($_GET['key']);
74
+
75
+ if ( ! is_wp_error($this->errors) ) {
76
+ wp_redirect('wp-login.php?checkemail=newpass');
77
+ exit();
78
+ }
79
+
80
+ wp_redirect('wp-login.php?action=lostpassword&error=invalidkey');
81
+ exit();
82
+ break;
83
+ case 'register' :
84
+ if ( !get_option('users_can_register') ) {
85
+ wp_redirect('wp-login.php?registration=disabled');
86
+ exit();
87
+ }
88
+
89
+ if ( $http_post ) {
90
+ require_once( ABSPATH . WPINC . '/registration.php');
91
+
92
+ $user_login = $_POST['user_login'];
93
+ $user_email = $_POST['user_email'];
94
+ $this->errors = register_new_user($user_login, $user_email);
95
+
96
+ if ( !is_wp_error($this->errors) ) {
97
+ wp_redirect('wp-login.php?checkemail=registered');
98
+ exit();
99
+ }
100
+ }
101
+ break;
102
+ case 'login' :
103
+ $secure_cookie = '';
104
+
105
+ // If the user wants ssl but the session is not ssl, force a secure cookie.
106
+ if ( !empty($_POST['log']) && !force_ssl_admin() ) {
107
+ $user_name = sanitize_user($_POST['log']);
108
+ if ( $user = get_userdatabylogin($user_name) ) {
109
+ if ( get_user_option('use_ssl', $user->ID) ) {
110
+ $secure_cookie = true;
111
+ force_ssl_admin(true);
112
+ }
113
+ }
114
+ }
115
+
116
+ if ( isset( $_REQUEST['redirect_to'] ) ) {
117
+ $redirect_to = $_REQUEST['redirect_to'];
118
+ // Redirect to https if user wants ssl
119
+ if ( $secure_cookie && false !== strpos($redirect_to, 'wp-admin') )
120
+ $redirect_to = preg_replace('|^http://|', 'https://', $redirect_to);
121
+ } else {
122
+ $redirect_to = $this->GetOption('login_redirect');
123
+ }
124
+
125
+ if ( !$secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && ( 0 !== strpos($redirect_to, 'https') ) && ( 0 === strpos($redirect_to, 'http') ) )
126
+ $secure_cookie = false;
127
+
128
+ $user = wp_signon('', $secure_cookie);
129
+
130
+ $redirect_to = apply_filters('login_redirect', $redirect_to, isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '', $user);
131
+
132
+ if ( !is_wp_error($user) ) {
133
+ // If the user can't edit posts, send them to their profile.
134
+ if ( !$user->has_cap('edit_posts') && ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' ) )
135
+ $redirect_to = admin_url('profile.php');
136
+ wp_safe_redirect($redirect_to);
137
+ exit();
138
+ }
139
+
140
+ $this->errors = $user;
141
+ break;
142
+ } // end action switch
143
+ ?>
includes/wp-login-forms.php ADDED
@@ -0,0 +1,139 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ global $wp_version;
4
+
5
+ if ($wp_version < '2.6')
6
+ include 'compat.php';
7
+
8
+ require('wp-login-functions.php');
9
+
10
+ $http_post = ('POST' == $_SERVER['REQUEST_METHOD']);
11
+ $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
12
+
13
+ switch ($action) :
14
+
15
+ case 'lostpassword' :
16
+ case 'retrievepassword' :
17
+ do_action('lost_password');
18
+ login_header('<p class="message">' . __('Please enter your username or e-mail address. You will receive a new password via e-mail.') . '</p>', $this->errors);
19
+
20
+ $user_login = isset($_POST['user_login']) ? stripslashes($_POST['user_login']) : '';
21
+ ?>
22
+
23
+ <form name="lostpasswordform" id="lostpasswordform" action="<?php echo ssl_or_not($this->QueryURL().'action=lostpassword') ?>" method="post">
24
+ <p>
25
+ <label><?php _e('Username or E-mail:') ?><br />
26
+ <input type="text" name="user_login" id="user_login" class="input" value="<?php echo attribute_escape($user_login); ?>" size="20" tabindex="10" /></label>
27
+ </p>
28
+ <?php do_action('lostpassword_form'); ?>
29
+ <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" value="<?php _e('Get New Password'); ?>" tabindex="100" /></p>
30
+ </form>
31
+
32
+ <ul class="nav">
33
+ <li><a href="<?php echo site_url('wp-login.php', 'login') ?>"><?php _e('Log in') ?></a></li>
34
+ <?php if (get_option('users_can_register')) : ?>
35
+ <li><a href="<?php echo site_url('wp-login.php?action=register', 'login') ?>"><?php _e('Register') ?></a></li>
36
+ <?php endif; ?>
37
+ </ul>
38
+
39
+ </div>
40
+
41
+ <?php
42
+ break;
43
+
44
+ case 'register' :
45
+ $user_login = isset($_POST['user_login']) ? $_POST['user_login'] : '';
46
+ $user_email = isset($_POST['user_email']) ? $_POST['user_email'] : '';
47
+ login_header('', $this->errors);
48
+ ?>
49
+
50
+ <form name="registerform" id="registerform" action="<?php echo ssl_or_not($this->QueryURL().'action=register') ?>" method="post">
51
+ <p>
52
+ <label><?php _e('Username') ?><br />
53
+ <input type="text" name="user_login" id="user_login" class="input" value="<?php echo attribute_escape(stripslashes($user_login)); ?>" size="20" tabindex="10" /></label>
54
+ </p>
55
+ <p>
56
+ <label><?php _e('E-mail') ?><br />
57
+ <input type="text" name="user_email" id="user_email" class="input" value="<?php echo attribute_escape(stripslashes($user_email)); ?>" size="25" tabindex="20" /></label>
58
+ </p>
59
+ <?php do_action('register_form'); ?>
60
+ <p id="reg_passmail"><?php _e($this->GetOption('register_msg')) ?></p>
61
+ <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" value="<?php _e('Register'); ?>" tabindex="100" /></p>
62
+ </form>
63
+
64
+ <ul id="nav">
65
+ <li><a href="<?php echo site_url('wp-login.php', 'login') ?>"><?php _e('Log in') ?></a></li>
66
+ <li><a href="<?php echo site_url('wp-login.php?action=lostpassword', 'login') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
67
+ </ul>
68
+
69
+ </div>
70
+ <?php
71
+ break;
72
+
73
+ case 'login' :
74
+ default :
75
+ if ( isset( $_REQUEST['redirect_to'] ) ) {
76
+ $redirect_to = $_REQUEST['redirect_to'];
77
+ // Redirect to https if user wants ssl
78
+ if ( $secure_cookie && false !== strpos($redirect_to, 'wp-admin') )
79
+ $redirect_to = preg_replace('|^http://|', 'https://', $redirect_to);
80
+ } else {
81
+ $redirect_to = $this->GetOption('login_redirect');
82
+ }
83
+
84
+ $redirect_to = apply_filters('login_redirect', $redirect_to, isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '', $user);
85
+
86
+ // Clear errors if loggedout is set.
87
+ if ( !empty($_GET['loggedout']) )
88
+ $errors = new WP_Error();
89
+
90
+ // If cookies are disabled we can't log in even with a valid user+pass
91
+ if ( isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE]) )
92
+ $this->errors->add('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress."));
93
+
94
+ // Some parts of this script use the main login form to display a message
95
+ if ( isset($_GET['loggedout']) && TRUE == $_GET['loggedout'] ) $this->errors->add('loggedout', __('You are now logged out.'), 'message');
96
+ elseif ( isset($_GET['registration']) && 'disabled' == $_GET['registration'] ) $this->errors->add('registerdisabled', __('User registration is currently not allowed.'));
97
+ elseif ( isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail'] ) $this->errors->add('confirm', __('Check your e-mail for the confirmation link.'), 'message');
98
+ elseif ( isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail'] ) $this->errors->add('newpass', __('Check your e-mail for your new password.'), 'message');
99
+ elseif ( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] ) $this->errors->add('registered', __('Registration complete. Please check your e-mail.'), 'message');
100
+
101
+ login_header('', $this->errors);
102
+
103
+ if ( isset($_POST['log']) )
104
+ $user_login = ( 'incorrect_password' == $this->errors->get_error_code() || 'empty_password' == $this->errors->get_error_code() ) ? attribute_escape(stripslashes($_POST['log'])) : '';
105
+ ?>
106
+ <?php if ( !isset($_GET['checkemail']) || !in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
107
+ <form name="loginform" id="loginform" action="<?php echo ssl_or_not($this->QueryURL().'action=login') ?>" method="post">
108
+ <p>
109
+ <label><?php _e('Username') ?><br />
110
+ <input type="text" name="log" id="user_login" class="input" value="<?php echo $user_login; ?>" size="20" tabindex="10" /></label>
111
+ </p>
112
+ <p>
113
+ <label><?php _e('Password') ?><br />
114
+ <input type="password" name="pwd" id="user_pass" class="input" value="" size="20" tabindex="20" /></label>
115
+ </p>
116
+ <?php do_action('login_form'); ?>
117
+ <p class="forgetmenot"><label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="90" /> <?php _e('Remember Me'); ?></label></p>
118
+ <p class="submit">
119
+ <input type="submit" name="wp-submit" id="wp-submit" value="<?php _e('Log In'); ?>" tabindex="100" />
120
+ <input type="hidden" name="redirect_to" value="<?php echo attribute_escape($redirect_to); ?>" />
121
+ <input type="hidden" name="testcookie" value="1" />
122
+ </p>
123
+ </form>
124
+ <?php endif; ?>
125
+
126
+ <ul class="nav">
127
+ <?php if ( isset($_GET['checkemail']) && in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
128
+ <?php elseif (get_option('users_can_register')) : ?>
129
+ <li><a href="<?php echo site_url('wp-login.php?action=register', 'login') ?>"><?php _e('Register') ?></a></li>
130
+ <?php endif; ?>
131
+ <li><a href="<?php echo site_url('wp-login.php?action=lostpassword', 'login') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
132
+ </ul>
133
+
134
+ </div>
135
+ <?php
136
+ break;
137
+
138
+ endswitch;
139
+ ?>
includes/wp-login-functions.php ADDED
@@ -0,0 +1,190 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ if (!function_exists('login_header')) :
4
+ function login_header($message = '', $wp_error = '') {
5
+ global $error;
6
+
7
+ if ( empty($wp_error) )
8
+ $wp_error = new WP_Error();
9
+
10
+ echo '<div id="login">';
11
+
12
+ if ( !empty( $message ) ) echo apply_filters('login_message', $message) . "\n";
13
+
14
+ // Incase a plugin uses $error rather than the $errors object
15
+ if ( !empty( $error ) ) {
16
+ $wp_error->add('error', $error);
17
+ unset($error);
18
+ }
19
+
20
+ if ( $wp_error->get_error_code() ) {
21
+ $errors = '';
22
+ $messages = '';
23
+ foreach ( $wp_error->get_error_codes() as $code ) {
24
+ $severity = $wp_error->get_error_data($code);
25
+ foreach ( $wp_error->get_error_messages($code) as $error ) {
26
+ if ( 'message' == $severity )
27
+ $messages .= ' ' . $error . "<br />\n";
28
+ else
29
+ $errors .= ' ' . $error . "<br />\n";
30
+ }
31
+ }
32
+ if ( !empty($errors) )
33
+ echo '<div id="login_error">' . apply_filters('login_errors', $errors) . "</div>\n";
34
+ if ( !empty($messages) )
35
+ echo '<p class="message">' . apply_filters('login_messages', $messages) . "</p>\n";
36
+ }
37
+ }
38
+ endif;
39
+
40
+ if (!function_exists('retrieve_password')) :
41
+ function retrieve_password() {
42
+ global $wpdb;
43
+
44
+ $errors = new WP_Error();
45
+
46
+ if ( empty( $_POST['user_login'] ) && empty( $_POST['user_email'] ) )
47
+ $errors->add('empty_username', __('<strong>ERROR</strong>: Enter a username or e-mail address.'));
48
+
49
+ if ( strpos($_POST['user_login'], '@') ) {
50
+ $user_data = get_user_by_email(trim($_POST['user_login']));
51
+ if ( empty($user_data) )
52
+ $errors->add('invalid_email', __('<strong>ERROR</strong>: There is no user registered with that email address.'));
53
+ } else {
54
+ $login = trim($_POST['user_login']);
55
+ $user_data = get_userdatabylogin($login);
56
+ }
57
+
58
+ do_action('lostpassword_post');
59
+
60
+ if ( $errors->get_error_code() )
61
+ return $errors;
62
+
63
+ if ( !$user_data ) {
64
+ $errors->add('invalidcombo', __('<strong>ERROR</strong>: Invalid username or e-mail.'));
65
+ return $errors;
66
+ }
67
+
68
+ // redefining user_login ensures we return the right case in the email
69
+ $user_login = $user_data->user_login;
70
+ $user_email = $user_data->user_email;
71
+
72
+ do_action('retreive_password', $user_login); // Misspelled and deprecated
73
+ do_action('retrieve_password', $user_login);
74
+
75
+ $allow = apply_filters('allow_password_reset', true, $user_data->ID);
76
+
77
+ if ( ! $allow )
78
+ return new WP_Error('no_password_reset', __('Password reset is not allowed for this user'));
79
+ else if ( is_wp_error($allow) )
80
+ return $allow;
81
+
82
+ $key = $wpdb->get_var($wpdb->prepare("SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login));
83
+ if ( empty($key) ) {
84
+ // Generate something random for a key...
85
+ $key = wp_generate_password(20, false);
86
+ do_action('retrieve_password_key', $user_login, $key);
87
+ // Now insert the new md5 key into the db
88
+ $wpdb->query($wpdb->prepare("UPDATE $wpdb->users SET user_activation_key = %s WHERE user_login = %s", $key, $user_login));
89
+ }
90
+ $message = __('Someone has asked to reset the password for the following site and username.') . "\r\n\r\n";
91
+ $message .= get_option('siteurl') . "\r\n\r\n";
92
+ $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
93
+ $message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.') . "\r\n\r\n";
94
+ $message .= site_url("wp-login.php?action=rp&key=$key", 'login') . "\r\n";
95
+
96
+ if ( !wp_mail($user_email, sprintf(__('[%s] Password Reset'), get_option('blogname')), $message) )
97
+ die('<p>' . __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') . '</p>');
98
+
99
+ return true;
100
+ }
101
+ endif;
102
+
103
+ if (!function_exists('reset_password')) :
104
+ function reset_password($key) {
105
+ global $wpdb;
106
+
107
+ $key = preg_replace('/[^a-z0-9]/i', '', $key);
108
+
109
+ if ( empty( $key ) )
110
+ return new WP_Error('invalid_key', __('Invalid key'));
111
+
112
+ $user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_activation_key = %s", $key));
113
+ if ( empty( $user ) )
114
+ return new WP_Error('invalid_key', __('Invalid key'));
115
+
116
+ do_action('password_reset', $user);
117
+
118
+ // Generate something random for a password...
119
+ $new_pass = wp_generate_password();
120
+ wp_set_password($new_pass, $user->ID);
121
+ $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n";
122
+ $message .= sprintf(__('Password: %s'), $new_pass) . "\r\n";
123
+ $message .= site_url('wp-login.php', 'login') . "\r\n";
124
+
125
+ if ( !wp_mail($user->user_email, sprintf(__('[%s] Your new password'), get_option('blogname')), $message) )
126
+ die('<p>' . __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') . '</p>');
127
+
128
+ wp_password_change_notification($user);
129
+
130
+ return true;
131
+ }
132
+ endif;
133
+
134
+ if (!function_exists('register_new_user')) :
135
+ function register_new_user($user_login, $user_email) {
136
+ $errors = new WP_Error();
137
+
138
+ $user_login = sanitize_user( $user_login );
139
+ $user_email = apply_filters( 'user_registration_email', $user_email );
140
+
141
+ // Check the username
142
+ if ( $user_login == '' )
143
+ $errors->add('empty_username', __('<strong>ERROR</strong>: Please enter a username.'));
144
+ elseif ( !validate_username( $user_login ) ) {
145
+ $errors->add('invalid_username', __('<strong>ERROR</strong>: This username is invalid. Please enter a valid username.'));
146
+ $user_login = '';
147
+ } elseif ( username_exists( $user_login ) )
148
+ $errors->add('username_exists', __('<strong>ERROR</strong>: This username is already registered, please choose another one.'));
149
+
150
+ // Check the e-mail address
151
+ if ($user_email == '') {
152
+ $errors->add('empty_email', __('<strong>ERROR</strong>: Please type your e-mail address.'));
153
+ } elseif ( !is_email( $user_email ) ) {
154
+ $errors->add('invalid_email', __('<strong>ERROR</strong>: The email address isn&#8217;t correct.'));
155
+ $user_email = '';
156
+ } elseif ( email_exists( $user_email ) )
157
+ $errors->add('email_exists', __('<strong>ERROR</strong>: This email is already registered, please choose another one.'));
158
+
159
+ do_action('register_post', $user_login, $user_email, $errors);
160
+
161
+ $errors = apply_filters( 'registration_errors', $errors );
162
+
163
+ if ( $errors->get_error_code() )
164
+ return $errors;
165
+
166
+ $user_pass = wp_generate_password();
167
+ $user_id = wp_create_user( $user_login, $user_pass, $user_email );
168
+ if ( !$user_id ) {
169
+ $errors->add('registerfail', sprintf(__('<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_option('admin_email')));
170
+ return $errors;
171
+ }
172
+
173
+ wp_new_user_notification($user_id, $user_pass);
174
+
175
+ return $user_id;
176
+ }
177
+ endif;
178
+
179
+ if ( !function_exists('ssl_or_not') ) :
180
+ function ssl_or_not($url = '') {
181
+ if ( force_ssl_login() || force_ssl_admin() )
182
+ $scheme = 'https';
183
+ else
184
+ $scheme = ( is_ssl() ? 'https' : 'http' );
185
+
186
+ return str_replace( 'http://', "{$scheme}://", $url );
187
+ }
188
+ endif;
189
+
190
+ ?>
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: http://webdesign.jaedub.com
4
  Tags: wordpress, login, register, theme, form, james kelly
5
  Requires at least: 2.5
6
  Tested up to: 2.7.1
7
- Stable tag: 2.0
8
 
9
  This plugin themes the WordPress login, register, forgot password and profile pages to look like the rest of your website.
10
 
@@ -51,4 +51,6 @@ Now you can save your changes and go test out your new themed login and registra
51
  * 1.1.1 - 2009-03-16 - Prepared plugin for internationalization and fixed a PHP version bug
52
  * 1.1.2 - 2009-03-20 - Updated to allow customization of text below registration form
53
  * 1.2.0 - 2009-03-26 - Added capability to customize page titles for all pages affected by plugin
54
- * 2.0.0 - 2009-03-27 - Completely rewrote plugin to use page template, no more specifying template files & HTML
 
 
4
  Tags: wordpress, login, register, theme, form, james kelly
5
  Requires at least: 2.5
6
  Tested up to: 2.7.1
7
+ Stable tag: 2.0.2
8
 
9
  This plugin themes the WordPress login, register, forgot password and profile pages to look like the rest of your website.
10
 
51
  * 1.1.1 - 2009-03-16 - Prepared plugin for internationalization and fixed a PHP version bug
52
  * 1.1.2 - 2009-03-20 - Updated to allow customization of text below registration form
53
  * 1.2.0 - 2009-03-26 - Added capability to customize page titles for all pages affected by plugin
54
+ * 2.0.0 - 2009-03-27 - Completely rewrote plugin to use page template, no more specifying template files & HTML
55
+ * 2.0.1 - 2009-03-30 - Fixed a bug that redirected users who were not yet logged in to profile page
56
+ * 2.0.2 - 2009-03-31 - Fixed a bug that broke new user registration and a bug that broke other plugins that use 'the_content' filter
theme-my-login.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: Theme My Login
4
  Plugin URI: http://webdesign.jaedub.com/wordpress-plugins/theme-my-login-plugin
5
  Description: Themes the WordPress login, register, forgot password and profile pages to look like the rest of your website.
6
- Version: 2.0
7
  Author: Jae Dub
8
  Author URI: http://webdesign.jaedub.com
9
 
@@ -23,6 +23,10 @@ Version History
23
  Added capability to customize page titles for all pages affected by plugin
24
  2.0.0 - 2009-03-27
25
  Completely rewrote plugin to use page template, no more specifying template files & HTML
 
 
 
 
26
  */
27
 
28
  if (!class_exists('ThemeMyLogin')) {
@@ -68,13 +72,23 @@ if (!class_exists('ThemeMyLogin')) {
68
  'post_status' => 'publish',
69
  'post_type' => 'page',
70
  'post_author' => 1,
71
- 'post_content' => 'Please do not edit or remove me!',
72
- 'commen_status' => 'closed',
73
  'ping_status' => 'closed'
74
  );
75
 
76
  $theme_my_login = wp_insert_post($insert);
77
- } else $theme_my_login = $theme_my_login->ID;
 
 
 
 
 
 
 
 
 
 
78
 
79
  $this->SetOption( 'page_id', $theme_my_login );
80
  $this->SaveOptions();
@@ -163,7 +177,7 @@ if (!class_exists('ThemeMyLogin')) {
163
  $this->LoadOptions();
164
  $url = $this->QueryURL();
165
 
166
- if ( is_admin() && current_user_can('edit_posts') === false && !isset($_POST['from']) && $_POST['from'] != 'profile' ) {
167
  $url = $url . 'show=profile';
168
  if ($_GET['updated'] == true)
169
  $url = $url . '&updated=true';
@@ -246,7 +260,7 @@ if (!class_exists('ThemeMyLogin')) {
246
  }
247
  break;
248
  case 'register':
249
- require('includes/compat.php');
250
  if ( !get_option('users_can_register') ) {
251
  wp_redirect('wp-login.php?registration=disabled');
252
  exit();
@@ -356,7 +370,12 @@ if (!class_exists('ThemeMyLogin')) {
356
  $action = 'resetpass';
357
 
358
  if ($_GET['show'] == 'profile') {
359
- add_filter('the_content', array(&$this, 'Profile'));
 
 
 
 
 
360
  } else {
361
 
362
  switch ($action) {
@@ -487,8 +506,11 @@ if (!class_exists('ThemeMyLogin')) {
487
  exit();
488
  }
489
 
490
- function LostPassword() {
491
- include 'includes/lost-password.php';
 
 
 
492
  }
493
 
494
  function ResetPass() {
@@ -545,16 +567,25 @@ if (!class_exists('ThemeMyLogin')) {
545
  exit();
546
  }
547
 
548
- function Register() {
549
- include 'includes/register.php';
 
 
 
550
  }
551
 
552
- function Login() {
553
- include 'includes/login.php';
 
 
 
554
  }
555
 
556
- function Profile() {
557
- include 'includes/profile.php';
 
 
 
558
  }
559
 
560
  function ProfileJS ( ) {
3
  Plugin Name: Theme My Login
4
  Plugin URI: http://webdesign.jaedub.com/wordpress-plugins/theme-my-login-plugin
5
  Description: Themes the WordPress login, register, forgot password and profile pages to look like the rest of your website.
6
+ Version: 2.0.2
7
  Author: Jae Dub
8
  Author URI: http://webdesign.jaedub.com
9
 
23
  Added capability to customize page titles for all pages affected by plugin
24
  2.0.0 - 2009-03-27
25
  Completely rewrote plugin to use page template, no more specifying template files & HTML
26
+ 2.0.1 - 2009-03-30
27
+ Fixed a bug that redirected users who were not yet logged in to profile page
28
+ 2.0.2 - 2009-03-31
29
+ Fixed a bug that broke new user registration and a bug that broke other plugins that use 'the_content' filter
30
  */
31
 
32
  if (!class_exists('ThemeMyLogin')) {
72
  'post_status' => 'publish',
73
  'post_type' => 'page',
74
  'post_author' => 1,
75
+ 'post_content' => '[theme-my-login]',
76
+ 'comment_status' => 'closed',
77
  'ping_status' => 'closed'
78
  );
79
 
80
  $theme_my_login = wp_insert_post($insert);
81
+ } else {
82
+ $theme_my_login = $theme_my_login->ID;
83
+ $update = array(
84
+ 'ID' => $theme_my_login,
85
+ 'post_content' => '[theme-my-login]',
86
+ 'comment_status' => 'closed',
87
+ 'ping_status' => 'closed'
88
+ );
89
+
90
+ wp_update_post($update);
91
+ }
92
 
93
  $this->SetOption( 'page_id', $theme_my_login );
94
  $this->SaveOptions();
177
  $this->LoadOptions();
178
  $url = $this->QueryURL();
179
 
180
+ if ( is_user_logged_in() && is_admin() && current_user_can('edit_posts') === false && !isset($_POST['from']) && $_POST['from'] != 'profile' ) {
181
  $url = $url . 'show=profile';
182
  if ($_GET['updated'] == true)
183
  $url = $url . '&updated=true';
260
  }
261
  break;
262
  case 'register':
263
+ require_once('includes/compat.php');
264
  if ( !get_option('users_can_register') ) {
265
  wp_redirect('wp-login.php?registration=disabled');
266
  exit();
370
  $action = 'resetpass';
371
 
372
  if ($_GET['show'] == 'profile') {
373
+ if (is_user_logged_in()) {
374
+ add_filter('the_content', array(&$this, 'Profile'));
375
+ } else {
376
+ wp_redirect('wp-login.php');
377
+ exit;
378
+ }
379
  } else {
380
 
381
  switch ($action) {
506
  exit();
507
  }
508
 
509
+ function LostPassword($content) {
510
+ if (strpos($content, '[theme-my-login]') !== false)
511
+ include 'includes/lost-password.php';
512
+ else
513
+ return $content;
514
  }
515
 
516
  function ResetPass() {
567
  exit();
568
  }
569
 
570
+ function Register($content) {
571
+ if (strpos($content, '[theme-my-login]') !== false)
572
+ include 'includes/register.php';
573
+ else
574
+ return $content;
575
  }
576
 
577
+ function Login($content) {
578
+ if (strpos($content, '[theme-my-login]') !== false)
579
+ include 'includes/login.php';
580
+ else
581
+ return $content;
582
  }
583
 
584
+ function Profile($content) {
585
+ if (strpos($content, '[theme-my-login]') !== false)
586
+ include 'includes/profile.php';
587
+ else
588
+ return $content;
589
  }
590
 
591
  function ProfileJS ( ) {