[348] | 1 | <?php |
---|
| 2 | /** |
---|
| 3 | * XPress - WordPress for XOOPS |
---|
| 4 | * |
---|
| 5 | * Adding multi-author features to XPressME |
---|
| 6 | * |
---|
| 7 | * @copyright The XPressME project |
---|
| 8 | * @license http://www.fsf.org/copyleft/gpl.html GNU public license |
---|
| 9 | * @author toemon |
---|
| 10 | * @since 2.05 |
---|
| 11 | * @version $Id$ |
---|
| 12 | * @package module::xpress |
---|
| 13 | */ |
---|
| 14 | |
---|
| 15 | // *********************************** Start Pluggable Function Edit (wp-include/pluggable.php) ************************************ |
---|
| 16 | |
---|
| 17 | if ( !function_exists('get_currentuserinfo') ) : |
---|
| 18 | function get_currentuserinfo() { |
---|
| 19 | global $current_user; |
---|
| 20 | global $xoopsModule,$xoopsUser,$xoopsUserIsAdmin; |
---|
| 21 | |
---|
| 22 | |
---|
| 23 | if ($xoopsModule){ |
---|
| 24 | if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST ) |
---|
| 25 | return false; |
---|
| 26 | |
---|
| 27 | if (is_object($xoopsUser)){ // When the user is logging in xoops |
---|
| 28 | if ( ! empty($current_user) ){ |
---|
| 29 | $xoops_user = $xoopsUser->getVar("uname"); |
---|
| 30 | if ($current_user->user_login == $xoops_user){ // If xoops login user and wordpress current user are the same |
---|
| 31 | return; |
---|
| 32 | } |
---|
| 33 | } |
---|
| 34 | if (check_xpress_auth_cookie()){ //The cookie is login user's or it checks it |
---|
| 35 | if (function_exists('wp_validate_auth_cookie')){ |
---|
| 36 | if ( $user = wp_validate_auth_cookie() ) { |
---|
| 37 | // When the user meta prefix is different according to the change in the xoops data base prefix, it restores it. |
---|
| 38 | if (!check_user_meta_prefix($user)){ |
---|
| 39 | repair_user_meta_prefix(); |
---|
| 40 | } |
---|
| 41 | wp_set_current_user($user); |
---|
| 42 | return ; |
---|
| 43 | } |
---|
| 44 | } else { // for WP2.0 |
---|
| 45 | if ( !empty($_COOKIE[USER_COOKIE]) && !empty($_COOKIE[PASS_COOKIE])){ |
---|
| 46 | if(wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true) ) { |
---|
| 47 | $user_login = $_COOKIE[USER_COOKIE]; |
---|
| 48 | wp_set_current_user(0, $user_login); |
---|
| 49 | return; |
---|
| 50 | } |
---|
| 51 | } |
---|
| 52 | } |
---|
| 53 | } |
---|
| 54 | return xpress_login(); |
---|
| 55 | } else { // For the xoops guest |
---|
[813] | 56 | wp_set_current_user(0); |
---|
[823] | 57 | if ( !preg_match("/MSIE/", $_SERVER['HTTP_USER_AGENT']) && |
---|
| 58 | !preg_match("/msie/", $_SERVER['HTTP_USER_AGENT'])) |
---|
| 59 | { |
---|
| 60 | wp_logout(); // When IE is used, it becomes page error by the guest if the wp_logout() is executed here. |
---|
[348] | 61 | } |
---|
| 62 | return false; |
---|
| 63 | } |
---|
| 64 | } else { |
---|
| 65 | // WP original |
---|
| 66 | if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST ) |
---|
| 67 | return false; |
---|
| 68 | |
---|
| 69 | if ( ! empty($current_user) ) |
---|
| 70 | return; |
---|
| 71 | |
---|
| 72 | if (function_exists('wp_validate_auth_cookie')){ |
---|
| 73 | if ( ! $user = wp_validate_auth_cookie() ) { |
---|
| 74 | if ( empty($_COOKIE[LOGGED_IN_COOKIE]) || !$user = wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in') ) { |
---|
| 75 | wp_set_current_user(0); |
---|
| 76 | return false; |
---|
| 77 | } |
---|
| 78 | } |
---|
| 79 | wp_set_current_user($user); |
---|
| 80 | } else { // for WP2.0 |
---|
| 81 | if ( empty($_COOKIE[USER_COOKIE]) || empty($_COOKIE[PASS_COOKIE]) || |
---|
| 82 | !wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true) ) { |
---|
| 83 | wp_set_current_user(0); |
---|
| 84 | return false; |
---|
| 85 | } |
---|
| 86 | $user_login = $_COOKIE[USER_COOKIE]; |
---|
| 87 | wp_set_current_user(0, $user_login); |
---|
| 88 | } |
---|
| 89 | } |
---|
| 90 | } |
---|
| 91 | endif; |
---|
| 92 | |
---|
| 93 | if ( !function_exists('xpress_login') ) : |
---|
| 94 | function xpress_login(){ |
---|
| 95 | global $current_user; |
---|
| 96 | global $xoopsModule,$xoopsUser,$xoopsUserIsAdmin; |
---|
| 97 | |
---|
| 98 | if(is_object($xoopsUser)){ |
---|
| 99 | $u_name = $xoopsUser->getVar("uname"); |
---|
| 100 | $u_pass_md5 = $xoopsUser->getVar("pass"); |
---|
| 101 | if ( ! empty($u_name) && ! empty($u_pass_md5) ) { |
---|
| 102 | include_once dirname( __FILE__ ).'/user_sync_xoops.php'; |
---|
| 103 | repair_user_meta_prefix(); //Repair when data base prefix is changed on XOOPS side |
---|
| 104 | $messege = ''; |
---|
| 105 | $ret = user_sync_to_wordpress($xoopsUser->getVar("uid"),$messege); |
---|
| 106 | if ($ret){ |
---|
| 107 | $user = new WP_User(0, $u_name); |
---|
| 108 | if ( wp_login($u_name, $u_pass_md5) ) { |
---|
| 109 | wp_setcookie($u_name, $u_pass_md5, true, '', '', false); |
---|
| 110 | do_action('wp_login', $u_name); |
---|
| 111 | wp_set_current_user($user->ID); |
---|
| 112 | return true; |
---|
| 113 | } |
---|
| 114 | } |
---|
| 115 | } |
---|
| 116 | } |
---|
| 117 | if ( ! empty($current_user) ){ |
---|
| 118 | wp_set_current_user(0); |
---|
| 119 | wp_logout(); |
---|
| 120 | wp_clear_auth_cookie(); |
---|
| 121 | } |
---|
| 122 | return false; |
---|
| 123 | } |
---|
| 124 | endif; |
---|
| 125 | |
---|
| 126 | if ( !function_exists('check_xpress_auth_cookie') ) : |
---|
| 127 | function check_xpress_auth_cookie() { // for wp2.5 |
---|
| 128 | if ( empty($_COOKIE[AUTH_COOKIE]) ){ |
---|
| 129 | return false; |
---|
| 130 | } |
---|
| 131 | $cookie = $_COOKIE[AUTH_COOKIE]; |
---|
| 132 | |
---|
| 133 | $cookie_elements = explode('|', $cookie); |
---|
| 134 | if ( count($cookie_elements) != 3 ){ |
---|
| 135 | return false; |
---|
| 136 | } |
---|
| 137 | |
---|
| 138 | if(is_object($GLOBALS["xoopsModule"])){ |
---|
| 139 | // && WP_BLOG_DIRNAME == $GLOBALS["xoopsModule"]->getVar("dirname")){ |
---|
| 140 | if(is_object($GLOBALS["xoopsUser"])){ |
---|
| 141 | $u_name = $GLOBALS["xoopsUser"]->getVar("uname"); |
---|
| 142 | list($username, $expiration, $hmac) = $cookie_elements; |
---|
| 143 | if ($u_name == $username) { |
---|
| 144 | return true; |
---|
| 145 | } |
---|
| 146 | } |
---|
| 147 | } else { |
---|
| 148 | $mydirname = basename( dirname( dirname( __FILE__ ) ) ) ; |
---|
| 149 | $org_url = $_SERVER['REQUEST_URI']; |
---|
| 150 | $needle = '/modules/' . $mydirname . '/wp-admin/'; |
---|
| 151 | if (strstr($org_url , $needle)){ |
---|
| 152 | return true; |
---|
| 153 | } |
---|
| 154 | } |
---|
| 155 | return false; |
---|
| 156 | } |
---|
| 157 | endif; |
---|
| 158 | |
---|
| 159 | if ( !function_exists('wp_check_password') ) : |
---|
| 160 | // for wordpress2.5 |
---|
| 161 | function wp_check_password($password, $hash, $user_id = '') { |
---|
| 162 | global $wp_hasher; |
---|
| 163 | global $xoops_config,$xoops_db; |
---|
| 164 | |
---|
| 165 | // For attestation when password has been sent as hash value. (When having logged it in from Xoops and ImpressCMS) |
---|
| 166 | if ($hash == $password){ |
---|
| 167 | return apply_filters('check_password', true, $password, $hash, $user_id); |
---|
| 168 | } |
---|
| 169 | |
---|
| 170 | // Password authentication for Xoops |
---|
| 171 | if ( strlen($hash) <= 32 ) { |
---|
| 172 | $check = ( $hash == md5($password) ); |
---|
| 173 | return apply_filters('check_password', $check, $password, $hash, $user_id); |
---|
| 174 | } |
---|
| 175 | |
---|
| 176 | // Password authentication for ImpressCMS |
---|
| 177 | if($xoops_config->is_impress && function_exists('hash')){ |
---|
| 178 | $mainSalt = $xoops_config->xoops_db_salt; |
---|
| 179 | // get user salt |
---|
| 180 | $xpress_user_db = $xoops_config->module_db_prefix . 'users'; |
---|
| 181 | $xoops_user_db = $xoops_config->xoops_db_prefix . '_users'; |
---|
| 182 | $login_name = $xoops_db->get_var("SELECT user_login FROM $xpress_user_db WHERE ID = $user_id"); |
---|
| 183 | $user_salt = $xoops_db->get_var("SELECT salt FROM $xoops_user_db WHERE uname = '$login_name'"); |
---|
| 184 | $enc_type = intval( $xoops_db->get_var("SELECT enc_type FROM $xoops_user_db WHERE uname = '$login_name'") ); |
---|
| 185 | |
---|
| 186 | // Make Impress hash |
---|
| 187 | if($enc_type == 0) {$impress_hash = md5($password);} // no salt used for compatibility with external scripts such as ipb/phpbb etc. |
---|
| 188 | elseif($enc_type == 1) {$impress_hash = hash('sha256', $user_salt.md5($password).$mainSalt);} |
---|
| 189 | elseif($enc_type == 2) {$impress_hash = hash('sha384', $user_salt.md5($password).$mainSalt);} |
---|
| 190 | elseif($enc_type == 3) {$impress_hash = hash('sha512', $user_salt.md5($password).$mainSalt);} |
---|
| 191 | elseif($enc_type == 4) {$impress_hash = hash('ripemd128', $user_salt.md5($password).$mainSalt);} |
---|
| 192 | elseif($enc_type == 5) {$impress_hash = hash('ripemd160', $user_salt.md5($password).$mainSalt);} |
---|
| 193 | elseif($enc_type == 6) {$impress_hash = hash('whirlpool', $user_salt.md5($password).$mainSalt);} |
---|
| 194 | elseif($enc_type == 7) {$impress_hash = hash('haval128,4', $user_salt.md5($password).$mainSalt);} |
---|
| 195 | elseif($enc_type == 8) {$impress_hash = hash('haval160,4', $user_salt.md5($password).$mainSalt);} |
---|
| 196 | elseif($enc_type == 9) {$impress_hash = hash('haval192,4', $user_salt.md5($password).$mainSalt);} |
---|
| 197 | elseif($enc_type == 10) {$impress_hash = hash('haval224,4', $user_salt.md5($password).$mainSalt);} |
---|
| 198 | elseif($enc_type == 11) {$impress_hash = hash('haval256,4', $user_salt.md5($password).$mainSalt);} |
---|
| 199 | elseif($enc_type == 12) {$impress_hash = hash('haval128,5', $user_salt.md5($password).$mainSalt);} |
---|
| 200 | elseif($enc_type == 13) {$impress_hash = hash('haval160,5', $user_salt.md5($password).$mainSalt);} |
---|
| 201 | elseif($enc_type == 14) {$impress_hash = hash('haval192,5', $user_salt.md5($password).$mainSalt);} |
---|
| 202 | elseif($enc_type == 15) {$impress_hash = hash('haval224,5', $user_salt.md5($password).$mainSalt);} |
---|
| 203 | elseif($enc_type == 16) {$impress_hash = hash('haval256,5', $user_salt.md5($password).$mainSalt);} |
---|
| 204 | |
---|
| 205 | if ($hash == $impress_hash){ |
---|
| 206 | return apply_filters('check_password', true, $password, $hash, $user_id); |
---|
| 207 | } |
---|
| 208 | } |
---|
| 209 | |
---|
| 210 | // If the hash is still md5... |
---|
| 211 | if ( strlen($hash) <= 32 ) { |
---|
| 212 | $check = ( $hash == md5($password) ); |
---|
| 213 | /* A new hash is not used because it differs from the hash on the XOOPS password. |
---|
| 214 | * if ( $check && $user_id ) { |
---|
| 215 | * // Rehash using new hash. |
---|
| 216 | * wp_set_password($password, $user_id); |
---|
| 217 | * $hash = wp_hash_password($password); |
---|
| 218 | * } |
---|
| 219 | */ |
---|
| 220 | return apply_filters('check_password', $check, $password, $hash, $user_id); |
---|
| 221 | } |
---|
| 222 | |
---|
| 223 | // If the stored hash is longer than an MD5, presume the |
---|
| 224 | // new style phpass portable hash. |
---|
| 225 | if ( empty($wp_hasher) ) { |
---|
| 226 | require_once( ABSPATH . 'wp-includes/class-phpass.php'); |
---|
| 227 | // By default, use the portable hash from phpass |
---|
| 228 | $wp_hasher = new PasswordHash(8, TRUE); |
---|
| 229 | } |
---|
| 230 | |
---|
| 231 | $check = $wp_hasher->CheckPassword($password, $hash); |
---|
| 232 | |
---|
| 233 | return apply_filters('check_password', $check, $password, $hash, $user_id); |
---|
| 234 | } |
---|
| 235 | endif; |
---|
| 236 | |
---|
| 237 | if ( !function_exists('wp_redirect') ) : |
---|
| 238 | function wp_redirect($location, $status = 302) { |
---|
| 239 | global $is_IIS,$xoops_config,$action; |
---|
| 240 | |
---|
| 241 | if ($location == 'wp-login.php?loggedout=true') $location = $xoops_config->xoops_url.'/user.php?op=logout'; //xoops logout at wp logout |
---|
| 242 | if ($location == 'wp-login.php?action=register') $location = $xoops_config->xoops_url."/register.php"; //wp-register to xoops register |
---|
| 243 | if ($action == 'logout') $location = $xoops_config->xoops_url.'/user.php?op=logout'; //xoops logout at comment logout |
---|
| 244 | |
---|
| 245 | $location = apply_filters('wp_redirect', $location, $status); |
---|
| 246 | $status = apply_filters('wp_redirect_status', $status, $location); |
---|
| 247 | |
---|
| 248 | if ( !$location ) // allows the wp_redirect filter to cancel a redirect |
---|
| 249 | return false; |
---|
| 250 | |
---|
| 251 | $location = wp_sanitize_redirect($location); |
---|
| 252 | |
---|
| 253 | if (!headers_sent()) { |
---|
| 254 | ob_end_clean(); |
---|
| 255 | if ( $is_IIS ) { |
---|
| 256 | header("Refresh: 0;url=$location"); |
---|
| 257 | } else { |
---|
| 258 | if ( php_sapi_name() != 'cgi-fcgi' ) |
---|
| 259 | status_header($status); // This causes problems on IIS and some FastCGI setups |
---|
| 260 | header("Location: $location"); |
---|
| 261 | } |
---|
| 262 | } else { // force redirect |
---|
| 263 | echo ("<HTML>"); |
---|
| 264 | echo("<META http-equiv=\"Refresh\" content=\"0;url=$location\">"); |
---|
| 265 | echo ("<BODY onload=\"try {self.location.href='$location' } catch(e) {}\">"); |
---|
| 266 | printf(__("If the page does not automatically reload, please click <a href='%s'>here</a>","xpressme"),$location); |
---|
| 267 | echo ("</BODY>"); |
---|
| 268 | echo ("</HTML>"); |
---|
| 269 | } |
---|
| 270 | } |
---|
| 271 | endif; |
---|
| 272 | |
---|
| 273 | if ( !function_exists('wp_hash_password') ) : |
---|
| 274 | function wp_hash_password($password) { |
---|
| 275 | global $wp_hasher; |
---|
| 276 | return md5($password); // A new hash is not used because it differs from the hash on the XOOPS password. |
---|
| 277 | /* |
---|
| 278 | if ( empty($wp_hasher) ) { |
---|
| 279 | require_once( ABSPATH . 'wp-includes/class-phpass.php'); |
---|
| 280 | // By default, use the portable hash from phpass |
---|
| 281 | $wp_hasher = new PasswordHash(8, TRUE); |
---|
| 282 | } |
---|
| 283 | |
---|
| 284 | return $wp_hasher->HashPassword($password); |
---|
| 285 | */ |
---|
| 286 | } |
---|
| 287 | endif; |
---|
| 288 | |
---|
| 289 | if ( !function_exists('wp_clear_auth_cookie') ) : |
---|
| 290 | /** |
---|
| 291 | * Removes all of the cookies associated with authentication. |
---|
| 292 | * |
---|
| 293 | * @since 2.5 |
---|
| 294 | */ |
---|
| 295 | function wp_clear_auth_cookie() { |
---|
| 296 | do_action('clear_auth_cookie'); |
---|
| 297 | |
---|
| 298 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, ADMIN_COOKIE_PATH, COOKIE_DOMAIN); |
---|
| 299 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, ADMIN_COOKIE_PATH, COOKIE_DOMAIN); |
---|
| 300 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN); |
---|
| 301 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN); |
---|
| 302 | @setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN); |
---|
| 303 | @setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN); |
---|
| 304 | |
---|
| 305 | // Old cookies |
---|
| 306 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN); |
---|
| 307 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN); |
---|
| 308 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN); |
---|
| 309 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN); |
---|
| 310 | |
---|
| 311 | // Even older cookies |
---|
| 312 | @setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN); |
---|
| 313 | @setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN); |
---|
| 314 | @setcookie(USER_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN); |
---|
| 315 | @setcookie(PASS_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN); |
---|
| 316 | |
---|
| 317 | } |
---|
| 318 | endif; |
---|
| 319 | |
---|
[830] | 320 | if ( !function_exists('is_user_logged_in') ) : |
---|
| 321 | /** |
---|
| 322 | * Checks if the current visitor is a logged in user. |
---|
| 323 | * |
---|
| 324 | * @since 2.0.0 |
---|
| 325 | * |
---|
| 326 | * @return bool True if user is logged in, false if not logged in. |
---|
| 327 | */ |
---|
| 328 | function is_user_logged_in() { |
---|
| 329 | $user = wp_get_current_user(); |
---|
| 330 | if (method_exists($user, 'exists')) { |
---|
| 331 | if ( ! $user->exists() ) return false; |
---|
| 332 | } else { |
---|
| 333 | if ( empty( $user->ID ) ) return false; |
---|
| 334 | } |
---|
| 335 | return true; |
---|
| 336 | } |
---|
| 337 | endif; |
---|
| 338 | |
---|
| 339 | |
---|
[348] | 340 | // *********************************** End Of Pluggable Function Edit (wp-include/pluggable.php) ************************************ |
---|
| 341 | |
---|
[71] | 342 | ?> |
---|