Theme My Login - Version 4.3.2

Version Description

  • Added the option to redirect unapproved and/or denied users to a custom URL upon login attempt
  • Fixed a bug where custom user password is lost if user moderation is enabled
  • Fixed a PHP notice in the admin (Wish more plugin authors would do this; WP_DEBUG is your friend!)
Download this release

Release Info

Developer jfarthing84
Plugin Icon 128x128 Theme My Login
Version 4.3.2
Comparing to
See all releases

Code changes from version 4.3.1 to 4.3.2

Files changed (4) hide show
  1. classes/class.plugin-shell.php +0 -327
  2. classes/class.wp-login.php +33 -27
  3. readme.txt +5 -0
  4. theme-my-login.php +20 -9
classes/class.plugin-shell.php DELETED
@@ -1,327 +0,0 @@
1
- <?php
2
-
3
- global $wp_version;
4
-
5
- if ($wp_version < '2.6') {
6
- if ( !defined('WP_CONTENT_DIR') )
7
- define( 'WP_CONTENT_DIR', ABSPATH . 'wp-content' );
8
- if ( !defined('WP_CONTENT_URL') )
9
- define( 'WP_CONTENT_URL', get_option('siteurl') . '/wp-content');
10
- if ( !defined('WP_PLUGIN_DIR') )
11
- define( 'WP_PLUGIN_DIR', WP_CONTENT_DIR . '/plugins' );
12
- if ( !defined('WP_PLUGIN_URL') )
13
- define( 'WP_PLUGIN_URL', WP_CONTENT_URL . '/plugins' );
14
- }
15
-
16
- if ( !class_exists('WPPluginShell')) {
17
-
18
- class WPPluginShell {
19
-
20
- var $plugin_title = 'My Plugin';
21
- var $plugin_textdomain = 'my-plugin';
22
- var $plugin_options_name = 'my_plugin';
23
-
24
- var $actions;
25
- var $filters;
26
- var $shortcodes;
27
-
28
- var $styles;
29
- var $scripts;
30
- var $admin_styles;
31
- var $admin_scripts;
32
- var $admin_pages;
33
-
34
- var $header_code = '';
35
- var $footer_code = '';
36
-
37
- var $options;
38
-
39
- var $mail_from;
40
- var $mail_content_type;
41
-
42
- var $wp_version;
43
-
44
- function WPPluginShell() {
45
- $this->__construct();
46
- }
47
-
48
- function __construct() {
49
- global $wp_version;
50
-
51
- $this->wp_version = $wp_version;
52
-
53
- $this->AddAction('wp_head', '_WPHead_');
54
- $this->AddAction('wp_footer', '_WPFooter_');
55
- $this->AddAction('wp_print_styles', '_WPPrintStyles_');
56
- $this->AddAction('wp_print_scripts', '_WPPrintScripts_');
57
- $this->AddAction('admin_print_styles', '_AdminPrintStyles_');
58
- $this->AddAction('admin_print_scripts', '_AdminPrintScripts_');
59
- $this->AddAction('admin_head', '_AdminHead_');
60
- $this->AddAction('admin_menu', '_AdminMenu_');
61
-
62
- $this->AddFilter('wp_mail_from', '_WPMailFrom_');
63
- $this->AddFilter('wp_mail_from_name', '_WPMailFromName_');
64
- $this->AddFilter('wp_mail_content_type', '_WPMailContentType_');
65
-
66
- $this->ActivateHooks('actions');
67
- $this->ActivateHooks('filters');
68
- $this->ActivateHooks('shortcodes');
69
-
70
- }
71
-
72
- /*
73
- function __call($method, $args) {
74
- print '';
75
- }
76
- */
77
- function SetPluginTitle($name) {
78
- $this->plugin_textdomain = sanitize_title($name);
79
- $this->plugin_title = __($name, $this->plugin_textdomain);
80
- $this->plugin_options_name = str_replace(' ', '_', strtolower($name));
81
- }
82
-
83
- function ActivateHooks($type = 'actions') {
84
- if (is_array($this->$type) && !empty($this->$type)) {
85
- foreach ( $this->$type as $key => $args ) {
86
- $func = (is_array($args['func'])) ? $args['func'] : array(&$this, $args['func']);
87
- if ( 'actions' == $type ) {
88
- if ( version_compare($this->wp_version, $args['wp_version'], '>=') )
89
- add_action($args['tag'], $func, $args['priority'], $args['args']);
90
- } elseif ( 'filters' == $type ) {
91
- if ( version_compare($this->wp_version, $args['wp_version'], '>=') )
92
- add_filter($args['tag'], $func, $args['priority'], $args['args']);
93
- } elseif ( 'shortcodes' == $type ) {
94
- add_shortcode($args['tag'], $func);
95
- }
96
- }
97
- }
98
- }
99
-
100
- function AddAction($tag, $func = false, $priority = 10, $args = 1, $wp_version = '2.5') {
101
- if (empty($func)) {
102
- $tmp = explode('_', $tag);
103
- foreach ($tmp as $k => $v)
104
- $tmp[$k] = (in_array($v, array('wp', 'url'))) ? strtoupper($v) : ucwords($v);
105
- $func = implode($tmp);
106
- }
107
- $this->actions[] = array('tag' => $tag, 'func' => $func, 'priority' => $priority, 'args' => $args, 'wp_version' => $wp_version);
108
- }
109
-
110
- function AddFilter($tag, $func = false, $priority = 10, $args = 1, $wp_version = '2.5') {
111
- if (empty($func)) {
112
- $tmp = explode('_', $tag);
113
- foreach ($tmp as $k => $v)
114
- $tmp[$k] = (in_array($v, array('wp', 'url'))) ? strtoupper($v) : ucwords($v);
115
- $func = implode($tmp);
116
- }
117
- $this->filters[] = array('tag' => $tag, 'func' => $func, 'priority' => $priority, 'args' => $args, 'wp_version' => $wp_version);
118
- }
119
-
120
- function AddShortcode($tag, $func = '') {
121
- if (empty($func)) {
122
- $tmp = explode('_', str_replace('-', '_', $tag));
123
- foreach ($tmp as $k => $v)
124
- $tmp[$k] = (in_array($v, array('wp', 'url'))) ? strtoupper($v) : ucwords($v);
125
- $func = implode($tmp) . 'Shortcode';
126
- }
127
- $this->shortcodes[] = array('tag' => $tag, 'func' => $func);
128
- }
129
-
130
- function AddStyle($handle, $src = false, $deps = array(), $ver = false, $media = false) {
131
- $this->styles[] = array('handle' => $handle, 'src' => $src, 'deps' => $deps, 'ver' => $ver, 'media' => $media);
132
- }
133
-
134
- function AddScript($handle, $src = false, $deps = array(), $ver = false, $in_footer = false) {
135
- $this->scripts[] = array('handle' => $handle, 'src' => $src, 'deps' => $deps, 'ver' => $ver, 'in_footer' => $in_footer);
136
- }
137
-
138
- function AddAdminStyle($handle, $src = false, $deps = array(), $ver = false, $media = false) {
139
- $this->admin_styles[] = array('handle' => $handle, 'src' => $src, 'deps' => $deps, 'ver' => $ver, 'media' => $media);
140
- }
141
-
142
- function AddAdminScript($handle, $src = false, $deps = array(), $ver = false, $in_footer = false) {
143
- $this->admin_scripts[] = array('handle' => $handle, 'src' => $src, 'deps' => $deps, 'ver' => $ver, 'in_footer' => $in_footer);
144
- }
145
-
146
- function AddAdminPage($page, $page_title = '', $menu_title = '', $access_level = 8, $file = '', $function = '', $icon_url = '') {
147
- $page_title = (empty($page_title)) ? $this->plugin_title : __($page_title, $this->plugin_textdomain);
148
- $menu_title = (empty($menu_title)) ? (empty($page_title)) ? $this->plugin_title : __($page_title, $this->plugin_textdomain) : __($menu_title, $this->plugin_textdomain);
149
- $access_level = (empty($access_level)) ? 8 : $access_level;
150
- if ( empty($file) && empty($function) )
151
- $function = str_replace(' ', '', ucwords(str_replace('-', ' ', sanitize_title($page_title))));
152
- $file = (empty($file)) ? (empty($function)) ? __FILE__ : sanitize_title($page_title) : $file;
153
- $function = (empty($function)) ? '' : $function;
154
-
155
- $this->admin_pages[] = array('page' => $page, 'page_title' => $page_title, 'menu_title' => $menu_title, 'access_level' => $access_level, 'file' => $file, 'function' => $function, 'icon_url' => $icon_url);
156
- }
157
-
158
- function AddToHeader($code) {
159
- $this->header_code .= $code;
160
- }
161
-
162
- function AddToFooter($code) {
163
- $this->footer_code .= $code;
164
- }
165
-
166
- function SetMailFrom($email = '', $name = '') {
167
- if (!empty($email))
168
- $this->mail_from['email'] = $email;
169
- if (!empty($name))
170
- $this->mail_from['name'] = $name;
171
- }
172
-
173
- function SetMailContentType($format) {
174
- if (!empty($format))
175
- $this->mail_content_type = $format;
176
- }
177
-
178
- function _WPHead_() {
179
- if ( version_compare($this->wp_version, '2.6', '<') ) {
180
- if ( is_array($this->styles) && !empty($this->styles) ) {
181
- foreach ( $this->styles as $key => $args )
182
- if (empty($args['ver']))
183
- $args['ver'] = $this->wp_version;
184
- echo '<link rel="stylesheet" id="'.$args['handle'].'-css" href="'.$args['src'].'?ver='.$args['ver'].'" type="text/css" media="'.$args['media'].'" />'."\n";
185
- }
186
- }
187
- echo $this->header_code;
188
- }
189
-
190
- function _WPFooter_() {
191
- echo $this->footer_code;
192
- }
193
-
194
- function _WPPrintStyles_() {
195
- if ( !is_admin() )
196
- $this->_handle_enqueues('style', $this->styles);
197
- }
198
-
199
- function _WPPrintScripts_() {
200
- if ( !is_admin() )
201
- $this->_handle_enqueues('script', $this->scripts);
202
- }
203
-
204
- function _AdminPrintStyles_() {
205
- $this->_handle_enqueues('style', $this->admin_styles);
206
- }
207
-
208
- function _AdminPrintScripts_() {
209
- $this->_handle_enqueues('script', $this->admin_scripts);
210
- }
211
-
212
- function _AdminHead_() {
213
- if ( version_compare($this->wp_version, '2.6', '<') ) {
214
- if ( is_array($this->admin_styles) && !empty($this->admin_styles) ) {
215
- foreach ( $this->admin_styles as $key => $args ) {
216
- if (empty($args['ver']))
217
- $args['ver'] = $this->wp_version;
218
- echo '<link rel="stylesheet" id="'.$args['handle'].'-css" href="'.$args['src'].'?ver='.$args['ver'].'" type="text/css" media="'.$args['media'].'" />'."\n";
219
- }
220
- }
221
- }
222
- }
223
-
224
- function _AdminMenu_() {
225
- if ( is_array($this->admin_pages) && !empty($this->admin_pages) ) {
226
- foreach ( $this->admin_pages as $key => $args ) {
227
- extract($args);
228
-
229
- $function = (empty($function)) ? '' : array(&$this, $function);
230
-
231
- if ( version_compare($this->wp_version, '2.7', '>=') ) {
232
- if ('menu' == $page)
233
- add_menu_page($page_title, $menu_title, $access_level, $file, $function, $icon_url = '');
234
- elseif ('object' == $page)
235
- add_object_page($page_title, $menu_title, $access_level, $file, $function, $icon_url = '');
236
- elseif ('utility' == $page)
237
- add_utility_page($page_title, $menu_title, $access_level, $file, $function, $icon_url = '');
238
- elseif ('dashboard' == $page)
239
- add_dashboard_page($page_title, $menu_title, $access_level, $file, $function);
240
- elseif ('posts' == $page)
241
- add_posts_page($page_title, $menu_title, $access_level, $file, $function);
242
- elseif ('media' == $page)
243
- add_media_page($page_title, $menu_title, $access_level, $file, $function);
244
- elseif ('links' == $page)
245
- add_links_page($page_title, $menu_title, $access_level, $file, $function);
246
- elseif ('pages' == $page)
247
- add_pages_page($page_title, $menu_title, $access_level, $file, $function);
248
- elseif ('comments' == $page)
249
- add_comments_page($page_title, $menu_title, $access_level, $file, $function);
250
- } else {
251
- if (in_array($page, array('menu', 'object', 'utility', 'dashboard', 'posts', 'media', 'links', 'pages', 'comments')))
252
- add_menu_page($page_title, $menu_title, $access_level, $file, $function);
253
- }
254
- if ('management' == $page)
255
- add_management_page($page_title, $menu_title, $access_level, $file, $function);
256
- elseif ('options' == $page)
257
- add_options_page($page_title, $menu_title, $access_level, $file, $function);
258
- elseif ('theme' == $page)
259
- add_theme_page($page_title, $menu_title, $access_level, $file, $function);
260
- elseif ('users' == $page)
261
- add_users_page($page_title, $menu_title, $access_level, $file, $function);
262
- else
263
- add_submenu_page($page, $page_title, $menu_title, $access_level, $file, $function);
264
- }
265
- }
266
- }
267
-
268
- function _WPMailFrom_($from_email) {
269
- return (empty($this->mail_from['email'])) ? $from_email : $this->mail_from['email'];
270
- }
271
-
272
- function _WPMailFromName_($from_name) {
273
- return (empty($this->mail_from['name'])) ? $from_name : $this->mail_from['name'];
274
- }
275
-
276
- function _WPMailContentType_($format) {
277
- return (empty($this->mail_content_type)) ? $format : $this->mail_content_type;
278
- }
279
-
280
- function _handle_enqueues($type, $to_enqueue) {
281
- if ( is_array($to_enqueue) && !empty($to_enqueue) ) {
282
- foreach ( $to_enqueue as $key => $args ) {
283
- if ('style' == $type)
284
- wp_enqueue_style($args['handle'], $args['src'], $args['deps'], $args['ver'], $args['media']);
285
- elseif ('script' == $type)
286
- wp_enqueue_script($args['handle'], $args['src'], $args['deps'], $args['ver'], $args['in_footer']);
287
- }
288
- }
289
- }
290
-
291
- function LoadOptions($options = '') {
292
-
293
- if (is_array($options) && !empty($options))
294
- $this->options = $options;
295
- elseif (is_callable(array(&$this, 'InitOptions')))
296
- $this->InitOptions();
297
-
298
- $storedoptions = get_option( $this->plugin_options_name );
299
- if ( $storedoptions && is_array( $storedoptions ) ) {
300
- foreach ( $storedoptions as $key => $value ) {
301
- $this->options[$key] = $value;
302
- }
303
- } else update_option( $this->plugin_options_name, $this->options );
304
- }
305
-
306
- function GetOption( $key ) {
307
- if ( array_key_exists( $key, $this->options ) ) {
308
- return $this->options[$key];
309
- } else return null;
310
- }
311
-
312
- function SetOption( $key, $value ) {
313
- $this->options[$key] = $value;
314
- }
315
-
316
- function SaveOptions() {
317
- $oldvalue = get_option( $this->plugin_options_name );
318
- if( $oldvalue == $this->options ) {
319
- return true;
320
- } else return update_option( $this->plugin_options_name, $this->options );
321
- }
322
-
323
- }
324
-
325
- }
326
-
327
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
classes/class.wp-login.php CHANGED
@@ -257,19 +257,19 @@ if ( !class_exists('WPLogin') ) {
257
 
258
  if ( !isset($_GET['checkemail']) || (isset($_GET['checkemail']) && $instance != $this->instance) || (!in_array( $_GET['checkemail'], array('confirm', 'newpass') ) && $instance == $this->instance) || (in_array( $_GET['checkemail'], array('confirm', 'newpass') ) && $instance != $this->instance) ) {
259
  ?>
260
- <form name="loginform" id="loginform-<?php echo $instance; ?>" action="<?php echo $this->GuessURL(array('instance' => $instance, 'action' => 'login')); ?>" method="post">
261
  <p>
262
- <label for="log"><?php _e('Username') ?></label>
263
- <input type="text" name="log" id="user_login-<?php echo $instance; ?>" class="input" value="<?php echo isset($user_login) ? $user_login : ''; ?>" size="20" />
264
  </p>
265
  <p>
266
- <label for="pwd"><?php _e('Password') ?></label>
267
- <input type="password" name="pwd" id="user_pass-<?php echo $instance; ?>" class="input" value="" size="20" />
268
  </p>
269
  <?php do_action('login_form', $instance); ?>
270
- <p class="forgetmenot"><input name="rememberme" type="checkbox" id="rememberme-<?php echo $instance; ?>" value="forever" /> <label for="rememberme"><?php _e('Remember Me'); ?></label></p>
271
  <p class="submit">
272
- <input type="submit" name="login-submit" id="login-submit-<?php echo $instance; ?>" value="<?php _e('Log In'); ?>" />
273
  <input type="hidden" name="redirect_to" value="<?php echo attribute_escape($this->redirect_to); ?>" />
274
  <input type="hidden" name="testcookie" value="1" />
275
  </p>
@@ -294,23 +294,23 @@ if ( !class_exists('WPLogin') ) {
294
  }
295
 
296
  function RegisterForm($instance) {
297
- $user_login = isset($_POST['user_login']) ? $_POST['user_login'] : '';
298
- $user_email = isset($_POST['user_email']) ? $_POST['user_email'] : '';
299
  $this->PageHeader($instance);
300
  ?>
301
- <form name="registerform" id="registerform-<?php echo $instance; ?>" action="<?php echo $this->GuessURL(array('instance' => $instance, 'action' => 'register')); ?>" method="post">
302
  <p>
303
- <label for="user_login"><?php _e('Username') ?></label>
304
- <input type="text" name="user_login" id="user_login-<?php echo $instance; ?>" class="input" value="<?php echo attribute_escape(stripslashes($user_login)); ?>" size="20" />
305
  </p>
306
  <p>
307
- <label for="user_email"><?php _e('E-mail') ?></label>
308
- <input type="text" name="user_email" id="user_email-<?php echo $instance; ?>" class="input" value="<?php echo attribute_escape(stripslashes($user_email)); ?>" size="20" />
309
  </p>
310
  <?php do_action('register_form', $instance); ?>
311
  <p id="reg_passmail-<?php echo $instance; ?>"><?php echo $this->options['register_message']; ?></p>
312
  <p class="submit">
313
- <input type="submit" name="register-submit" id="register-submit-<?php echo $instance; ?>" value="<?php _e('Register'); ?>" />
314
  </p>
315
  </form>
316
  <?php
@@ -325,16 +325,16 @@ if ( !class_exists('WPLogin') ) {
325
  function RetrievePasswordForm($instance) {
326
  do_action('lost_password', $instance);
327
  $this->PageHeader($instance, $this->options['lost_pass_message']);
328
- $user_login = isset($_POST['user_login']) ? stripslashes($_POST['user_login']) : '';
329
  ?>
330
- <form name="lostpasswordform" id="lostpasswordform-<?php echo $instance; ?>" action="<?php echo $this->GuessURL(array('instance' => $instance, 'action' => 'lostpassword')); ?>" method="post">
331
  <p>
332
- <label for="user_login"><?php _e('Username or E-mail:') ?></label>
333
- <input type="text" name="user_login" id="user_login-<?php echo $instance; ?>" class="input" value="<?php echo attribute_escape($user_login); ?>" size="20" />
334
  </p>
335
  <?php do_action('lostpassword_form', $instance); ?>
336
  <p class="submit">
337
- <input type="submit" name="lostpassword-submit" id="lostpassword-submit-<?php echo $instance; ?>" value="<?php _e('Get New Password'); ?>" />
338
  </p>
339
  </form>
340
  <?php
@@ -362,7 +362,7 @@ if ( !class_exists('WPLogin') ) {
362
  }
363
 
364
  function RetrievePasswordAction() {
365
- if ( isset($_POST['lostpassword-submit']) ) {
366
  $this->errors = $this->RetrievePassword();
367
  if ( !is_wp_error($this->errors) ) {
368
  $this->redirect_to = ( isset($this->instance) ) ? $this->GuessURL(array('instance' => $this->instance, 'checkemail' => 'confirm')) : site_url('wp-login.php?instance='.$this->instance.'&checkemail=confirm', 'login');
@@ -396,11 +396,11 @@ if ( !class_exists('WPLogin') ) {
396
  exit();
397
  }
398
 
399
- if ( isset($_POST['register-submit']) ) {
400
  require_once (ABSPATH . WPINC . '/registration.php');
401
 
402
- $user_login = $_POST['user_login'];
403
- $user_email = $_POST['user_email'];
404
  $this->errors = $this->RegisterNewUser($user_login, $user_email);
405
 
406
  if ( !is_wp_error($this->errors) ) {
@@ -415,8 +415,8 @@ if ( !class_exists('WPLogin') ) {
415
  $this->secure_cookie = '';
416
 
417
  // If the user wants ssl but the session is not ssl, force a secure cookie.
418
- if ( !empty($_POST['log']) && !force_ssl_admin() ) {
419
- $user_name = sanitize_user($_POST['log']);
420
  if ( $user = get_userdatabylogin($user_name) ) {
421
  if ( get_user_option('use_ssl', $user->ID) ) {
422
  $this->secure_cookie = true;
@@ -428,7 +428,11 @@ if ( !class_exists('WPLogin') ) {
428
  if ( !$this->secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() )
429
  $this->secure_cookie = false;
430
 
431
- if ( isset($_POST['login-submit']) ) {
 
 
 
 
432
  $user = wp_signon('', $this->secure_cookie);
433
 
434
  $this->redirect_to = apply_filters('login_redirect', $this->redirect_to, isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '', $user);
@@ -491,6 +495,8 @@ if ( !class_exists('WPLogin') ) {
491
  global $wpdb;
492
 
493
  $errors = new WP_Error();
 
 
494
 
495
  if ( empty( $_POST['user_login'] ) && empty( $_POST['user_email'] ) )
496
  $errors->add('empty_username', __('<strong>ERROR</strong>: Enter a username or e-mail address.'));
257
 
258
  if ( !isset($_GET['checkemail']) || (isset($_GET['checkemail']) && $instance != $this->instance) || (!in_array( $_GET['checkemail'], array('confirm', 'newpass') ) && $instance == $this->instance) || (in_array( $_GET['checkemail'], array('confirm', 'newpass') ) && $instance != $this->instance) ) {
259
  ?>
260
+ <form name="loginform-<?php echo $instance; ?>" id="loginform-<?php echo $instance; ?>" action="<?php echo $this->GuessURL(array('instance' => $instance, 'action' => 'login')); ?>" method="post">
261
  <p>
262
+ <label for="log-<?php echo $instance; ?>"><?php _e('Username') ?></label>
263
+ <input type="text" name="log-<?php echo $instance; ?>" id="log-<?php echo $instance; ?>" class="input" value="<?php echo isset($user_login) ? $user_login : ''; ?>" size="20" />
264
  </p>
265
  <p>
266
+ <label for="pwd-<?php echo $instance; ?>"><?php _e('Password') ?></label>
267
+ <input type="password" name="pwd-<?php echo $instance; ?>" id="pwd-<?php echo $instance; ?>" class="input" value="" size="20" />
268
  </p>
269
  <?php do_action('login_form', $instance); ?>
270
+ <p class="forgetmenot"><input name="rememberme-<?php echo $instance; ?>" type="checkbox" id="rememberme-<?php echo $instance; ?>" value="forever" /> <label for="rememberme-<?php echo $instance; ?>"><?php _e('Remember Me'); ?></label></p>
271
  <p class="submit">
272
+ <input type="submit" name="login-submit-<?php echo $instance; ?>" id="login-submit-<?php echo $instance; ?>" value="<?php _e('Log In'); ?>" />
273
  <input type="hidden" name="redirect_to" value="<?php echo attribute_escape($this->redirect_to); ?>" />
274
  <input type="hidden" name="testcookie" value="1" />
275
  </p>
294
  }
295
 
296
  function RegisterForm($instance) {
297
+ $user_login = isset($_POST['user_login-'.$instance]) ? $_POST['user_login-'.$instance] : '';
298
+ $user_email = isset($_POST['user_email-'.$instance]) ? $_POST['user_email-'.$instance] : '';
299
  $this->PageHeader($instance);
300
  ?>
301
+ <form name="registerform-<?php echo $instance; ?>" id="registerform-<?php echo $instance; ?>" action="<?php echo $this->GuessURL(array('instance' => $instance, 'action' => 'register')); ?>" method="post">
302
  <p>
303
+ <label for="user_login-<?php echo $instance; ?>"><?php _e('Username') ?></label>
304
+ <input type="text" name="user_login-<?php echo $instance; ?>" id="user_login-<?php echo $instance; ?>" class="input" value="<?php echo attribute_escape(stripslashes($user_login)); ?>" size="20" />
305
  </p>
306
  <p>
307
+ <label for="user_email-<?php echo $instance; ?>"><?php _e('E-mail') ?></label>
308
+ <input type="text" name="user_email-<?php echo $instance; ?>" id="user_email-<?php echo $instance; ?>" class="input" value="<?php echo attribute_escape(stripslashes($user_email)); ?>" size="20" />
309
  </p>
310
  <?php do_action('register_form', $instance); ?>
311
  <p id="reg_passmail-<?php echo $instance; ?>"><?php echo $this->options['register_message']; ?></p>
312
  <p class="submit">
313
+ <input type="submit" name="register-submit-<?php echo $instance; ?>" id="register-submit-<?php echo $instance; ?>" value="<?php _e('Register'); ?>" />
314
  </p>
315
  </form>
316
  <?php
325
  function RetrievePasswordForm($instance) {
326
  do_action('lost_password', $instance);
327
  $this->PageHeader($instance, $this->options['lost_pass_message']);
328
+ $user_login = isset($_POST['user_login-'.$this->instance]) ? stripslashes($_POST['user_login-'.$this->instance]) : '';
329
  ?>
330
+ <form name="lostpasswordform-<?php echo $instance; ?>" id="lostpasswordform-<?php echo $instance; ?>" action="<?php echo $this->GuessURL(array('instance' => $instance, 'action' => 'lostpassword')); ?>" method="post">
331
  <p>
332
+ <label for="user_login-<?php echo $instance; ?>"><?php _e('Username or E-mail:') ?></label>
333
+ <input type="text" name="user_login-<?php echo $instance; ?>" id="user_login-<?php echo $instance; ?>" class="input" value="<?php echo attribute_escape($user_login); ?>" size="20" />
334
  </p>
335
  <?php do_action('lostpassword_form', $instance); ?>
336
  <p class="submit">
337
+ <input type="submit" name="lostpassword-submit-<?php echo $instance; ?>" id="lostpassword-submit-<?php echo $instance; ?>" value="<?php _e('Get New Password'); ?>" />
338
  </p>
339
  </form>
340
  <?php
362
  }
363
 
364
  function RetrievePasswordAction() {
365
+ if ( isset($_POST['lostpassword-submit-'.$this->instance]) ) {
366
  $this->errors = $this->RetrievePassword();
367
  if ( !is_wp_error($this->errors) ) {
368
  $this->redirect_to = ( isset($this->instance) ) ? $this->GuessURL(array('instance' => $this->instance, 'checkemail' => 'confirm')) : site_url('wp-login.php?instance='.$this->instance.'&checkemail=confirm', 'login');
396
  exit();
397
  }
398
 
399
+ if ( isset($_POST['register-submit-'.$this->instance]) ) {
400
  require_once (ABSPATH . WPINC . '/registration.php');
401
 
402
+ $user_login = $_POST['user_login-'.$this->instance];
403
+ $user_email = $_POST['user_email-'.$this->instance];
404
  $this->errors = $this->RegisterNewUser($user_login, $user_email);
405
 
406
  if ( !is_wp_error($this->errors) ) {
415
  $this->secure_cookie = '';
416
 
417
  // If the user wants ssl but the session is not ssl, force a secure cookie.
418
+ if ( !empty($_POST['log-'.$this->instance]) && !force_ssl_admin() ) {
419
+ $user_name = sanitize_user($_POST['log-'.$this->instance]);
420
  if ( $user = get_userdatabylogin($user_name) ) {
421
  if ( get_user_option('use_ssl', $user->ID) ) {
422
  $this->secure_cookie = true;
428
  if ( !$this->secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() )
429
  $this->secure_cookie = false;
430
 
431
+ if ( isset($_POST['login-submit-'.$this->instance]) ) {
432
+ $_POST['log'] = $_POST['log-'.$this->instance];
433
+ $_POST['pwd'] = $_POST['pwd-'.$this->instance];
434
+ $_POST['rememberme'] = $_POST['rememberme-'.$this->instance];
435
+
436
  $user = wp_signon('', $this->secure_cookie);
437
 
438
  $this->redirect_to = apply_filters('login_redirect', $this->redirect_to, isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '', $user);
495
  global $wpdb;
496
 
497
  $errors = new WP_Error();
498
+
499
+ $_POST['user_login'] = $_POST['user_login-'.$this->instance];
500
 
501
  if ( empty( $_POST['user_login'] ) && empty( $_POST['user_email'] ) )
502
  $errors->add('empty_username', __('<strong>ERROR</strong>: Enter a username or e-mail address.'));
readme.txt CHANGED
@@ -39,6 +39,11 @@ None yet. Please visit http://www.jfarthing.com/forum for any support!
39
 
40
  == Changelog ==
41
 
 
 
 
 
 
42
  = 4.3.1 =
43
  * Fixed a MAJOR security hole that allowed anyone to login without a password!!
44
 
39
 
40
  == Changelog ==
41
 
42
+ = 4.3.2 =
43
+ * Added the option to redirect unapproved and/or denied users to a custom URL upon login attempt
44
+ * Fixed a bug where custom user password is lost if user moderation is enabled
45
+ * Fixed a PHP notice in the admin (Wish more plugin authors would do this; WP_DEBUG is your friend!)
46
+
47
  = 4.3.1 =
48
  * Fixed a MAJOR security hole that allowed anyone to login without a password!!
49
 
theme-my-login.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: Theme My Login
4
  Plugin URI: http://www.jfarthing.com/wordpress-plugins/theme-my-login-plugin
5
  Description: Themes the WordPress login, registration and forgot password pages according to your theme.
6
- Version: 4.3.1
7
  Author: Jeff Farthing
8
  Author URI: http://www.jfarthing.com
9
  Text Domain: theme-my-login
@@ -16,7 +16,7 @@ require_once ('classes/class.wp-login.php');
16
  if (!class_exists('ThemeMyLogin')) {
17
  class ThemeMyLogin {
18
 
19
- var $version = '4.3';
20
  var $options = array();
21
  var $permalink = '';
22
  var $instances = 0;
@@ -93,7 +93,9 @@ if (!class_exists('ThemeMyLogin')) {
93
 
94
  if ( 'options-general.php' == $pagenow ) {
95
 
96
- switch ( $_GET['page'] ) {
 
 
97
 
98
  case 'theme-my-login/admin/admin.php' :
99
 
@@ -148,8 +150,10 @@ if (!class_exists('ThemeMyLogin')) {
148
  $subject = $this->options['user_approval_email']['subject'];
149
  $message = $this->options['user_approval_email']['message'];
150
 
151
- $plaintext_pass = wp_generate_password();
152
- wp_set_password($plaintext_pass, $user->ID);
 
 
153
 
154
  $replace_this = array('/%blogname%/', '/%siteurl%/', '/%user_login%/', '/%user_email%/', '/%user_pass%/');
155
  $replace_with = array(get_option('blogname'), get_option('siteurl'), $user->user_login, $user->user_email, $plaintext_pass);
@@ -163,7 +167,9 @@ if (!class_exists('ThemeMyLogin')) {
163
  else {
164
  $message = sprintf(__('You have been approved to access %s '."\r\n\r\n"), get_option('blogname'));
165
  $message .= sprintf(__('Username: %s'), $user->user_login) . "\r\n";
166
- $message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n\r\n";
 
 
167
  $message .= site_url('wp-login.php', 'login') . "\r\n";
168
  }
169
  tml_apply_mail_filters();
@@ -255,9 +261,9 @@ if (!class_exists('ThemeMyLogin')) {
255
  function RegisterForm($instance) {
256
  if ( $this->options['custom_pass'] ) {
257
  ?>
258
- <p><label for="pass1"><?php _e('Password:');?></label>
259
  <input autocomplete="off" name="pass1" id="pass1-<?php echo $instance; ?>" class="input" size="20" value="" type="password" /><br />
260
- <label for="pass2"><?php _e('Confirm Password:');?></label>
261
  <input autocomplete="off" name="pass2" id="pass2-<?php echo $instance; ?>" class="input" size="20" value="" type="password" /></p>
262
  <?php
263
  }
@@ -285,7 +291,12 @@ if (!class_exists('ThemeMyLogin')) {
285
  if ( is_a($user, 'WP_User') ) {
286
  $user_role = reset($user->roles);
287
  if ( in_array($user_role, array('pending', 'denied')) ) {
288
- return new WP_Error('pending', '<strong>ERROR</strong>: Your registration has not yet been approved.');
 
 
 
 
 
289
  }
290
  }
291
  return $user;
3
  Plugin Name: Theme My Login
4
  Plugin URI: http://www.jfarthing.com/wordpress-plugins/theme-my-login-plugin
5
  Description: Themes the WordPress login, registration and forgot password pages according to your theme.
6
+ Version: 4.3.2
7
  Author: Jeff Farthing
8
  Author URI: http://www.jfarthing.com
9
  Text Domain: theme-my-login
16
  if (!class_exists('ThemeMyLogin')) {
17
  class ThemeMyLogin {
18
 
19
+ var $version = '4.3.2';
20
  var $options = array();
21
  var $permalink = '';
22
  var $instances = 0;
93
 
94
  if ( 'options-general.php' == $pagenow ) {
95
 
96
+ $page = isset($_GET['page']) ? $_GET['page'] : '';
97
+
98
+ switch ( $page ) {
99
 
100
  case 'theme-my-login/admin/admin.php' :
101
 
150
  $subject = $this->options['user_approval_email']['subject'];
151
  $message = $this->options['user_approval_email']['message'];
152
 
153
+ if ( !$this->options['custom_pass'] ) {
154
+ $plaintext_pass = wp_generate_password();
155
+ wp_set_password($plaintext_pass, $user->ID);
156
+ }
157
 
158
  $replace_this = array('/%blogname%/', '/%siteurl%/', '/%user_login%/', '/%user_email%/', '/%user_pass%/');
159
  $replace_with = array(get_option('blogname'), get_option('siteurl'), $user->user_login, $user->user_email, $plaintext_pass);
167
  else {
168
  $message = sprintf(__('You have been approved to access %s '."\r\n\r\n"), get_option('blogname'));
169
  $message .= sprintf(__('Username: %s'), $user->user_login) . "\r\n";
170
+ if ( !$this->options['custom_pass'] )
171
+ $message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";
172
+ $message .= "\r\n";
173
  $message .= site_url('wp-login.php', 'login') . "\r\n";
174
  }
175
  tml_apply_mail_filters();
261
  function RegisterForm($instance) {
262
  if ( $this->options['custom_pass'] ) {
263
  ?>
264
+ <p><label for="pass1-<?php echo $instance; ?>"><?php _e('Password:');?></label>
265
  <input autocomplete="off" name="pass1" id="pass1-<?php echo $instance; ?>" class="input" size="20" value="" type="password" /><br />
266
+ <label for="pass2-<?php echo $instance; ?>"><?php _e('Confirm Password:');?></label>
267
  <input autocomplete="off" name="pass2" id="pass2-<?php echo $instance; ?>" class="input" size="20" value="" type="password" /></p>
268
  <?php
269
  }
291
  if ( is_a($user, 'WP_User') ) {
292
  $user_role = reset($user->roles);
293
  if ( in_array($user_role, array('pending', 'denied')) ) {
294
+ if ( $this->options['redirects'][$user_role]['login_url'] ) {
295
+ wp_safe_redirect($this->options['redirects'][$user_role]['login_url']);
296
+ exit();
297
+ } else {
298
+ return new WP_Error('pending', '<strong>ERROR</strong>: Your registration has not yet been approved.');
299
+ }
300
  }
301
  }
302
  return $user;