[71] | 1 | <?php
|
---|
| 2 | /**
|
---|
| 3 | * XPress - WordPress for XOOPS
|
---|
| 4 | *
|
---|
| 5 | * Adding multi-author features to XPressME
|
---|
| 6 | *
|
---|
| 7 | * @copyright The XPressME project
|
---|
| 8 | * @license http://www.fsf.org/copyleft/gpl.html GNU public license
|
---|
| 9 | * @author toemon
|
---|
| 10 | * @since 2.05
|
---|
| 11 | * @version $Id$
|
---|
| 12 | * @package module::xpress
|
---|
| 13 | */
|
---|
| 14 |
|
---|
| 15 | // *********************************** Start Pluggable Function Edit (wp-include/pluggable.php) ************************************
|
---|
| 16 |
|
---|
| 17 | if ( !function_exists('get_currentuserinfo') ) :
|
---|
| 18 | function get_currentuserinfo() {
|
---|
| 19 | global $current_user;
|
---|
| 20 | global $xoopsModule,$xoopsUser,$xoopsUserIsAdmin;
|
---|
| 21 |
|
---|
| 22 |
|
---|
[87] | 23 | if ($xoopsModule){
|
---|
[114] | 24 | if (!is_object($xoopsUser)){
|
---|
| 25 | wp_set_current_user(0);
|
---|
[216] | 26 | wp_clearcookie();
|
---|
| 27 |
|
---|
[173] | 28 | // wp_logout(); // When IE is used, it becomes page error by the guest if the wp_logout() is executed here.
|
---|
[114] | 29 | return false;
|
---|
| 30 | }
|
---|
[87] | 31 | if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
|
---|
| 32 | return false;
|
---|
[71] | 33 |
|
---|
[114] | 34 | if ( ! empty($current_user) ){
|
---|
| 35 | $xoops_user = $xoopsUser->getVar("uname");
|
---|
| 36 | if ($current_user->user_login == $xoops_user)
|
---|
| 37 | return;
|
---|
| 38 | }
|
---|
[71] | 39 |
|
---|
| 40 | if (check_xpress_auth_cookie()){ //The cookie is login user's or it checks it
|
---|
| 41 | if ( $user = wp_validate_auth_cookie() ) {
|
---|
[175] | 42 | if (!check_user_meta_prefix($user)){
|
---|
| 43 | repair_user_meta_prefix();
|
---|
| 44 | }
|
---|
| 45 |
|
---|
[71] | 46 | wp_set_current_user($user);
|
---|
| 47 | return ;
|
---|
| 48 | }
|
---|
| 49 | }
|
---|
[87] | 50 | xpress_login();
|
---|
[71] | 51 |
|
---|
| 52 | } else {
|
---|
| 53 | // WP2.7 original
|
---|
| 54 | if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
|
---|
| 55 | return false;
|
---|
| 56 |
|
---|
| 57 | if ( ! empty($current_user) )
|
---|
| 58 | return;
|
---|
| 59 |
|
---|
| 60 | if ( ! $user = wp_validate_auth_cookie() ) {
|
---|
| 61 | if ( empty($_COOKIE[LOGGED_IN_COOKIE]) || !$user = wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in') ) {
|
---|
| 62 | wp_set_current_user(0);
|
---|
| 63 | return false;
|
---|
| 64 | }
|
---|
| 65 | }
|
---|
| 66 |
|
---|
| 67 | wp_set_current_user($user);
|
---|
| 68 | }
|
---|
| 69 | }
|
---|
| 70 | endif;
|
---|
| 71 |
|
---|
[96] | 72 | if ( !function_exists('xpress_login') ) :
|
---|
[71] | 73 | function xpress_login(){
|
---|
| 74 | global $current_user;
|
---|
[130] | 75 | global $xoopsModule,$xoopsUser,$xoopsUserIsAdmin;
|
---|
[71] | 76 |
|
---|
[130] | 77 | if(is_object($xoopsUser)){
|
---|
| 78 | $u_name = $xoopsUser->getVar("uname");
|
---|
| 79 | $u_pass_md5 = $xoopsUser->getVar("pass");
|
---|
[87] | 80 | if ( ! empty($u_name) && ! empty($u_pass_md5) ) {
|
---|
| 81 | include_once dirname( __FILE__ ).'/user_sync_xoops.php';
|
---|
| 82 | repair_user_meta_prefix(); //Repair when data base prefix is changed on XOOPS side
|
---|
| 83 | $messege = '';
|
---|
[130] | 84 | $ret = user_sync_to_wordpress($xoopsUser->getVar("uid"),$messege);
|
---|
[87] | 85 | if ($ret){
|
---|
| 86 | $user = new WP_User(0, $u_name);
|
---|
| 87 | if ( wp_login($u_name, $u_pass_md5) ) {
|
---|
| 88 | wp_setcookie($u_name, $u_pass_md5, true, '', '', false);
|
---|
| 89 | do_action('wp_login', $u_name);
|
---|
| 90 | wp_set_current_user($user->ID);
|
---|
| 91 | return true;
|
---|
[71] | 92 | }
|
---|
[230] | 93 | }
|
---|
[87] | 94 | }
|
---|
| 95 | }
|
---|
| 96 | wp_set_current_user(0);
|
---|
[230] | 97 | wp_clearcookie();
|
---|
[87] | 98 | return 0;
|
---|
[71] | 99 | }
|
---|
[96] | 100 | endif;
|
---|
[71] | 101 |
|
---|
[96] | 102 | if ( !function_exists('check_xpress_auth_cookie') ) :
|
---|
[71] | 103 | function check_xpress_auth_cookie() { // for wp2.5
|
---|
| 104 | if ( empty($_COOKIE[AUTH_COOKIE]) ){
|
---|
| 105 | return false;
|
---|
| 106 | }
|
---|
| 107 | $cookie = $_COOKIE[AUTH_COOKIE];
|
---|
| 108 |
|
---|
| 109 | $cookie_elements = explode('|', $cookie);
|
---|
| 110 | if ( count($cookie_elements) != 3 ){
|
---|
| 111 | return false;
|
---|
| 112 | }
|
---|
| 113 |
|
---|
| 114 | if(is_object($GLOBALS["xoopsModule"])){
|
---|
| 115 | // && WP_BLOG_DIRNAME == $GLOBALS["xoopsModule"]->getVar("dirname")){
|
---|
| 116 | if(is_object($GLOBALS["xoopsUser"])){
|
---|
| 117 | $u_name = $GLOBALS["xoopsUser"]->getVar("uname");
|
---|
| 118 | list($username, $expiration, $hmac) = $cookie_elements;
|
---|
| 119 | if ($u_name == $username) {
|
---|
| 120 | return true;
|
---|
| 121 | }
|
---|
| 122 | }
|
---|
| 123 | } else {
|
---|
| 124 | $mydirname = basename( dirname( dirname( __FILE__ ) ) ) ;
|
---|
| 125 | $org_url = $_SERVER['REQUEST_URI'];
|
---|
| 126 | $needle = '/modules/' . $mydirname . '/wp-admin/';
|
---|
| 127 | if (strstr($org_url , $needle)){
|
---|
| 128 | return true;
|
---|
| 129 | }
|
---|
| 130 | }
|
---|
| 131 | return false;
|
---|
| 132 | }
|
---|
[96] | 133 | endif;
|
---|
[71] | 134 |
|
---|
[83] | 135 | if ( !function_exists('wp_check_password') ) :
|
---|
[71] | 136 | // for wordpress2.5
|
---|
| 137 | function wp_check_password($password, $hash, $user_id = '') {
|
---|
| 138 | global $wp_hasher;
|
---|
[131] | 139 | global $xoops_config,$xoops_db;
|
---|
[71] | 140 |
|
---|
[131] | 141 | // For attestation when password has been sent as hash value. (When having logged it in from Xoops and ImpressCMS)
|
---|
| 142 | if ($hash == $password){
|
---|
[130] | 143 | return apply_filters('check_password', true, $password, $hash, $user_id);
|
---|
| 144 | }
|
---|
[131] | 145 |
|
---|
| 146 | // Password authentication for Xoops
|
---|
| 147 | if ( strlen($hash) <= 32 ) {
|
---|
| 148 | $check = ( $hash == md5($password) );
|
---|
| 149 | return apply_filters('check_password', $check, $password, $hash, $user_id);
|
---|
| 150 | }
|
---|
| 151 |
|
---|
| 152 | // Password authentication for ImpressCMS
|
---|
| 153 | if($xoops_config->is_impress && function_exists('hash')){
|
---|
| 154 | $mainSalt = $xoops_config->xoops_db_salt;
|
---|
| 155 | // get user salt
|
---|
| 156 | $xpress_user_db = $xoops_config->module_db_prefix . 'users';
|
---|
| 157 | $xoops_user_db = $xoops_config->xoops_db_prefix . '_users';
|
---|
| 158 | $login_name = $xoops_db->get_var("SELECT user_login FROM $xpress_user_db WHERE ID = $user_id");
|
---|
| 159 | $user_salt = $xoops_db->get_var("SELECT salt FROM $xoops_user_db WHERE uname = '$login_name'");
|
---|
| 160 | // Make Impress hash
|
---|
| 161 | $impress_hash = hash('sha256', $user_salt.md5($password).$mainSalt);
|
---|
| 162 | if ($hash == $impress_hash){
|
---|
| 163 | return apply_filters('check_password', true, $password, $hash, $user_id);
|
---|
| 164 | }
|
---|
| 165 | }
|
---|
| 166 |
|
---|
[71] | 167 | // If the hash is still md5...
|
---|
| 168 | if ( strlen($hash) <= 32 ) {
|
---|
[130] | 169 | $check = ( $hash == md5($password) );
|
---|
[71] | 170 | /* A new hash is not used because it differs from the hash on the XOOPS password.
|
---|
| 171 | * if ( $check && $user_id ) {
|
---|
| 172 | * // Rehash using new hash.
|
---|
| 173 | * wp_set_password($password, $user_id);
|
---|
| 174 | * $hash = wp_hash_password($password);
|
---|
| 175 | * }
|
---|
| 176 | */
|
---|
| 177 | return apply_filters('check_password', $check, $password, $hash, $user_id);
|
---|
| 178 | }
|
---|
| 179 |
|
---|
| 180 | // If the stored hash is longer than an MD5, presume the
|
---|
| 181 | // new style phpass portable hash.
|
---|
| 182 | if ( empty($wp_hasher) ) {
|
---|
| 183 | require_once( ABSPATH . 'wp-includes/class-phpass.php');
|
---|
| 184 | // By default, use the portable hash from phpass
|
---|
| 185 | $wp_hasher = new PasswordHash(8, TRUE);
|
---|
| 186 | }
|
---|
| 187 |
|
---|
| 188 | $check = $wp_hasher->CheckPassword($password, $hash);
|
---|
| 189 |
|
---|
| 190 | return apply_filters('check_password', $check, $password, $hash, $user_id);
|
---|
| 191 | }
|
---|
[83] | 192 | endif;
|
---|
[71] | 193 |
|
---|
[83] | 194 | if ( !function_exists('wp_redirect') ) :
|
---|
[71] | 195 | function wp_redirect($location, $status = 302) {
|
---|
[123] | 196 | global $is_IIS,$xoops_config,$action;
|
---|
[71] | 197 |
|
---|
[114] | 198 | if ($location == 'wp-login.php?loggedout=true') $location = $xoops_config->xoops_url.'/user.php?op=logout'; //xoops logout at wp logout
|
---|
| 199 | if ($location == 'wp-login.php?action=register') $location = $xoops_config->xoops_url."/register.php"; //wp-register to xoops register
|
---|
[123] | 200 | if ($action == 'logout') $location = $xoops_config->xoops_url.'/user.php?op=logout'; //xoops logout at comment logout
|
---|
[71] | 201 |
|
---|
| 202 | $location = apply_filters('wp_redirect', $location, $status);
|
---|
| 203 | $status = apply_filters('wp_redirect_status', $status, $location);
|
---|
| 204 |
|
---|
| 205 | if ( !$location ) // allows the wp_redirect filter to cancel a redirect
|
---|
| 206 | return false;
|
---|
| 207 |
|
---|
| 208 | $location = wp_sanitize_redirect($location);
|
---|
| 209 |
|
---|
| 210 | if ( $is_IIS ) {
|
---|
| 211 | header("Refresh: 0;url=$location");
|
---|
| 212 | } else {
|
---|
| 213 | if ( php_sapi_name() != 'cgi-fcgi' )
|
---|
| 214 | status_header($status); // This causes problems on IIS and some FastCGI setups
|
---|
| 215 | header("Location: $location");
|
---|
| 216 | }
|
---|
| 217 | }
|
---|
[83] | 218 | endif;
|
---|
[71] | 219 |
|
---|
[83] | 220 | if ( !function_exists('wp_hash_password') ) :
|
---|
[71] | 221 | function wp_hash_password($password) {
|
---|
| 222 | global $wp_hasher;
|
---|
| 223 | return md5($password); // A new hash is not used because it differs from the hash on the XOOPS password.
|
---|
| 224 | /*
|
---|
| 225 | if ( empty($wp_hasher) ) {
|
---|
| 226 | require_once( ABSPATH . 'wp-includes/class-phpass.php');
|
---|
| 227 | // By default, use the portable hash from phpass
|
---|
| 228 | $wp_hasher = new PasswordHash(8, TRUE);
|
---|
| 229 | }
|
---|
| 230 |
|
---|
| 231 | return $wp_hasher->HashPassword($password);
|
---|
| 232 | */
|
---|
| 233 | }
|
---|
[83] | 234 | endif;
|
---|
[153] | 235 |
|
---|
| 236 | if ( !function_exists('wp_clear_auth_cookie') ) :
|
---|
| 237 | /**
|
---|
| 238 | * Removes all of the cookies associated with authentication.
|
---|
| 239 | *
|
---|
| 240 | * @since 2.5
|
---|
| 241 | */
|
---|
| 242 | function wp_clear_auth_cookie() {
|
---|
| 243 | do_action('clear_auth_cookie');
|
---|
| 244 |
|
---|
| 245 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, ADMIN_COOKIE_PATH, COOKIE_DOMAIN);
|
---|
| 246 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, ADMIN_COOKIE_PATH, COOKIE_DOMAIN);
|
---|
| 247 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN);
|
---|
| 248 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN);
|
---|
| 249 | @setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
| 250 | @setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
| 251 |
|
---|
| 252 | // Old cookies
|
---|
| 253 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
| 254 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
| 255 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
| 256 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
| 257 |
|
---|
| 258 | // Even older cookies
|
---|
| 259 | @setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
| 260 | @setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
| 261 | @setcookie(USER_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
| 262 | @setcookie(PASS_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
| 263 | }
|
---|
| 264 | endif;
|
---|
| 265 |
|
---|
| 266 |
|
---|
| 267 |
|
---|
| 268 |
|
---|
| 269 |
|
---|
| 270 |
|
---|
[71] | 271 | // *********************************** End Of Pluggable Function Edit (wp-include/pluggable.php) ************************************
|
---|
| 272 |
|
---|
| 273 | ?> |
---|