[71] | 1 | <?php
|
---|
| 2 | /**
|
---|
| 3 | * XPress - WordPress for XOOPS
|
---|
| 4 | *
|
---|
| 5 | * Adding multi-author features to XPressME
|
---|
| 6 | *
|
---|
| 7 | * @copyright The XPressME project
|
---|
| 8 | * @license http://www.fsf.org/copyleft/gpl.html GNU public license
|
---|
| 9 | * @author toemon
|
---|
| 10 | * @since 2.05
|
---|
| 11 | * @version $Id$
|
---|
| 12 | * @package module::xpress
|
---|
| 13 | */
|
---|
| 14 |
|
---|
| 15 | // *********************************** Start Pluggable Function Edit (wp-include/pluggable.php) ************************************
|
---|
| 16 |
|
---|
| 17 | if ( !function_exists('get_currentuserinfo') ) :
|
---|
| 18 | function get_currentuserinfo() {
|
---|
| 19 | global $current_user;
|
---|
| 20 | global $xoopsModule,$xoopsUser,$xoopsUserIsAdmin;
|
---|
| 21 |
|
---|
| 22 |
|
---|
[87] | 23 | if ($xoopsModule){
|
---|
| 24 | if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
|
---|
| 25 | return false;
|
---|
[71] | 26 |
|
---|
[294] | 27 | if (is_object($xoopsUser)){ // When the user is logging in xoops
|
---|
| 28 | if ( ! empty($current_user) ){
|
---|
| 29 | $xoops_user = $xoopsUser->getVar("uname");
|
---|
| 30 | if ($current_user->user_login == $xoops_user){ // If xoops login user and wordpress current user are the same
|
---|
| 31 | return;
|
---|
[175] | 32 | }
|
---|
[71] | 33 | }
|
---|
[294] | 34 | if (check_xpress_auth_cookie()){ //The cookie is login user's or it checks it
|
---|
| 35 | if (function_exists('wp_validate_auth_cookie')){
|
---|
| 36 | if ( $user = wp_validate_auth_cookie() ) {
|
---|
| 37 | // When the user meta prefix is different according to the change in the xoops data base prefix, it restores it.
|
---|
| 38 | if (!check_user_meta_prefix($user)){
|
---|
| 39 | repair_user_meta_prefix();
|
---|
| 40 | }
|
---|
| 41 | wp_set_current_user($user);
|
---|
| 42 | return ;
|
---|
| 43 | }
|
---|
| 44 | } else { // for WP2.0
|
---|
| 45 | if ( !empty($_COOKIE[USER_COOKIE]) && !empty($_COOKIE[PASS_COOKIE])){
|
---|
| 46 | if(wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true) ) {
|
---|
| 47 | $user_login = $_COOKIE[USER_COOKIE];
|
---|
| 48 | wp_set_current_user(0, $user_login);
|
---|
| 49 | return;
|
---|
| 50 | }
|
---|
| 51 | }
|
---|
| 52 | }
|
---|
| 53 | }
|
---|
| 54 | return xpress_login();
|
---|
| 55 | } else { // For the xoops guest
|
---|
| 56 | if ( ! empty($current_user) ){ // When a current user of wordpress is set, a current user is cleared.
|
---|
| 57 | wp_set_current_user(0);
|
---|
| 58 | wp_logout();
|
---|
| 59 | wp_clear_auth_cookie();
|
---|
| 60 | }
|
---|
| 61 | return false;
|
---|
| 62 | }
|
---|
[71] | 63 | } else {
|
---|
[252] | 64 | // WP original
|
---|
[71] | 65 | if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
|
---|
| 66 | return false;
|
---|
| 67 |
|
---|
| 68 | if ( ! empty($current_user) )
|
---|
| 69 | return;
|
---|
| 70 |
|
---|
[252] | 71 | if (function_exists('wp_validate_auth_cookie')){
|
---|
| 72 | if ( ! $user = wp_validate_auth_cookie() ) {
|
---|
| 73 | if ( empty($_COOKIE[LOGGED_IN_COOKIE]) || !$user = wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in') ) {
|
---|
| 74 | wp_set_current_user(0);
|
---|
| 75 | return false;
|
---|
| 76 | }
|
---|
| 77 | }
|
---|
| 78 | wp_set_current_user($user);
|
---|
| 79 | } else { // for WP2.0
|
---|
| 80 | if ( empty($_COOKIE[USER_COOKIE]) || empty($_COOKIE[PASS_COOKIE]) ||
|
---|
| 81 | !wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true) ) {
|
---|
| 82 | wp_set_current_user(0);
|
---|
| 83 | return false;
|
---|
| 84 | }
|
---|
| 85 | $user_login = $_COOKIE[USER_COOKIE];
|
---|
| 86 | wp_set_current_user(0, $user_login);
|
---|
[71] | 87 | }
|
---|
| 88 | }
|
---|
| 89 | }
|
---|
| 90 | endif;
|
---|
| 91 |
|
---|
[96] | 92 | if ( !function_exists('xpress_login') ) :
|
---|
[71] | 93 | function xpress_login(){
|
---|
| 94 | global $current_user;
|
---|
[130] | 95 | global $xoopsModule,$xoopsUser,$xoopsUserIsAdmin;
|
---|
[71] | 96 |
|
---|
[130] | 97 | if(is_object($xoopsUser)){
|
---|
| 98 | $u_name = $xoopsUser->getVar("uname");
|
---|
[252] | 99 | $u_pass_md5 = $xoopsUser->getVar("pass");
|
---|
[87] | 100 | if ( ! empty($u_name) && ! empty($u_pass_md5) ) {
|
---|
| 101 | include_once dirname( __FILE__ ).'/user_sync_xoops.php';
|
---|
| 102 | repair_user_meta_prefix(); //Repair when data base prefix is changed on XOOPS side
|
---|
| 103 | $messege = '';
|
---|
[130] | 104 | $ret = user_sync_to_wordpress($xoopsUser->getVar("uid"),$messege);
|
---|
[87] | 105 | if ($ret){
|
---|
| 106 | $user = new WP_User(0, $u_name);
|
---|
| 107 | if ( wp_login($u_name, $u_pass_md5) ) {
|
---|
| 108 | wp_setcookie($u_name, $u_pass_md5, true, '', '', false);
|
---|
| 109 | do_action('wp_login', $u_name);
|
---|
| 110 | wp_set_current_user($user->ID);
|
---|
| 111 | return true;
|
---|
[71] | 112 | }
|
---|
[230] | 113 | }
|
---|
[87] | 114 | }
|
---|
| 115 | }
|
---|
[294] | 116 | if ( ! empty($current_user) ){
|
---|
| 117 | wp_set_current_user(0);
|
---|
| 118 | wp_logout();
|
---|
| 119 | wp_clear_auth_cookie();
|
---|
| 120 | }
|
---|
| 121 | return false;
|
---|
[71] | 122 | }
|
---|
[96] | 123 | endif;
|
---|
[71] | 124 |
|
---|
[96] | 125 | if ( !function_exists('check_xpress_auth_cookie') ) :
|
---|
[71] | 126 | function check_xpress_auth_cookie() { // for wp2.5
|
---|
| 127 | if ( empty($_COOKIE[AUTH_COOKIE]) ){
|
---|
| 128 | return false;
|
---|
| 129 | }
|
---|
| 130 | $cookie = $_COOKIE[AUTH_COOKIE];
|
---|
| 131 |
|
---|
| 132 | $cookie_elements = explode('|', $cookie);
|
---|
| 133 | if ( count($cookie_elements) != 3 ){
|
---|
| 134 | return false;
|
---|
| 135 | }
|
---|
| 136 |
|
---|
| 137 | if(is_object($GLOBALS["xoopsModule"])){
|
---|
| 138 | // && WP_BLOG_DIRNAME == $GLOBALS["xoopsModule"]->getVar("dirname")){
|
---|
| 139 | if(is_object($GLOBALS["xoopsUser"])){
|
---|
| 140 | $u_name = $GLOBALS["xoopsUser"]->getVar("uname");
|
---|
| 141 | list($username, $expiration, $hmac) = $cookie_elements;
|
---|
| 142 | if ($u_name == $username) {
|
---|
| 143 | return true;
|
---|
| 144 | }
|
---|
| 145 | }
|
---|
| 146 | } else {
|
---|
| 147 | $mydirname = basename( dirname( dirname( __FILE__ ) ) ) ;
|
---|
| 148 | $org_url = $_SERVER['REQUEST_URI'];
|
---|
| 149 | $needle = '/modules/' . $mydirname . '/wp-admin/';
|
---|
| 150 | if (strstr($org_url , $needle)){
|
---|
| 151 | return true;
|
---|
| 152 | }
|
---|
| 153 | }
|
---|
| 154 | return false;
|
---|
| 155 | }
|
---|
[96] | 156 | endif;
|
---|
[71] | 157 |
|
---|
[83] | 158 | if ( !function_exists('wp_check_password') ) :
|
---|
[71] | 159 | // for wordpress2.5
|
---|
| 160 | function wp_check_password($password, $hash, $user_id = '') {
|
---|
| 161 | global $wp_hasher;
|
---|
[131] | 162 | global $xoops_config,$xoops_db;
|
---|
[71] | 163 |
|
---|
[131] | 164 | // For attestation when password has been sent as hash value. (When having logged it in from Xoops and ImpressCMS)
|
---|
| 165 | if ($hash == $password){
|
---|
[130] | 166 | return apply_filters('check_password', true, $password, $hash, $user_id);
|
---|
| 167 | }
|
---|
[131] | 168 |
|
---|
| 169 | // Password authentication for Xoops
|
---|
| 170 | if ( strlen($hash) <= 32 ) {
|
---|
| 171 | $check = ( $hash == md5($password) );
|
---|
| 172 | return apply_filters('check_password', $check, $password, $hash, $user_id);
|
---|
| 173 | }
|
---|
| 174 |
|
---|
| 175 | // Password authentication for ImpressCMS
|
---|
| 176 | if($xoops_config->is_impress && function_exists('hash')){
|
---|
| 177 | $mainSalt = $xoops_config->xoops_db_salt;
|
---|
| 178 | // get user salt
|
---|
| 179 | $xpress_user_db = $xoops_config->module_db_prefix . 'users';
|
---|
| 180 | $xoops_user_db = $xoops_config->xoops_db_prefix . '_users';
|
---|
| 181 | $login_name = $xoops_db->get_var("SELECT user_login FROM $xpress_user_db WHERE ID = $user_id");
|
---|
| 182 | $user_salt = $xoops_db->get_var("SELECT salt FROM $xoops_user_db WHERE uname = '$login_name'");
|
---|
| 183 | // Make Impress hash
|
---|
| 184 | $impress_hash = hash('sha256', $user_salt.md5($password).$mainSalt);
|
---|
| 185 | if ($hash == $impress_hash){
|
---|
| 186 | return apply_filters('check_password', true, $password, $hash, $user_id);
|
---|
| 187 | }
|
---|
| 188 | }
|
---|
| 189 |
|
---|
[71] | 190 | // If the hash is still md5...
|
---|
| 191 | if ( strlen($hash) <= 32 ) {
|
---|
[130] | 192 | $check = ( $hash == md5($password) );
|
---|
[71] | 193 | /* A new hash is not used because it differs from the hash on the XOOPS password.
|
---|
| 194 | * if ( $check && $user_id ) {
|
---|
| 195 | * // Rehash using new hash.
|
---|
| 196 | * wp_set_password($password, $user_id);
|
---|
| 197 | * $hash = wp_hash_password($password);
|
---|
| 198 | * }
|
---|
| 199 | */
|
---|
| 200 | return apply_filters('check_password', $check, $password, $hash, $user_id);
|
---|
| 201 | }
|
---|
| 202 |
|
---|
| 203 | // If the stored hash is longer than an MD5, presume the
|
---|
| 204 | // new style phpass portable hash.
|
---|
| 205 | if ( empty($wp_hasher) ) {
|
---|
| 206 | require_once( ABSPATH . 'wp-includes/class-phpass.php');
|
---|
| 207 | // By default, use the portable hash from phpass
|
---|
| 208 | $wp_hasher = new PasswordHash(8, TRUE);
|
---|
| 209 | }
|
---|
| 210 |
|
---|
| 211 | $check = $wp_hasher->CheckPassword($password, $hash);
|
---|
| 212 |
|
---|
| 213 | return apply_filters('check_password', $check, $password, $hash, $user_id);
|
---|
| 214 | }
|
---|
[83] | 215 | endif;
|
---|
[71] | 216 |
|
---|
[83] | 217 | if ( !function_exists('wp_redirect') ) :
|
---|
[71] | 218 | function wp_redirect($location, $status = 302) {
|
---|
[123] | 219 | global $is_IIS,$xoops_config,$action;
|
---|
[71] | 220 |
|
---|
[114] | 221 | if ($location == 'wp-login.php?loggedout=true') $location = $xoops_config->xoops_url.'/user.php?op=logout'; //xoops logout at wp logout
|
---|
| 222 | if ($location == 'wp-login.php?action=register') $location = $xoops_config->xoops_url."/register.php"; //wp-register to xoops register
|
---|
[123] | 223 | if ($action == 'logout') $location = $xoops_config->xoops_url.'/user.php?op=logout'; //xoops logout at comment logout
|
---|
[71] | 224 |
|
---|
| 225 | $location = apply_filters('wp_redirect', $location, $status);
|
---|
| 226 | $status = apply_filters('wp_redirect_status', $status, $location);
|
---|
| 227 |
|
---|
| 228 | if ( !$location ) // allows the wp_redirect filter to cancel a redirect
|
---|
| 229 | return false;
|
---|
| 230 |
|
---|
| 231 | $location = wp_sanitize_redirect($location);
|
---|
| 232 |
|
---|
| 233 | if ( $is_IIS ) {
|
---|
| 234 | header("Refresh: 0;url=$location");
|
---|
| 235 | } else {
|
---|
| 236 | if ( php_sapi_name() != 'cgi-fcgi' )
|
---|
| 237 | status_header($status); // This causes problems on IIS and some FastCGI setups
|
---|
| 238 | header("Location: $location");
|
---|
| 239 | }
|
---|
| 240 | }
|
---|
[83] | 241 | endif;
|
---|
[71] | 242 |
|
---|
[83] | 243 | if ( !function_exists('wp_hash_password') ) :
|
---|
[71] | 244 | function wp_hash_password($password) {
|
---|
| 245 | global $wp_hasher;
|
---|
| 246 | return md5($password); // A new hash is not used because it differs from the hash on the XOOPS password.
|
---|
| 247 | /*
|
---|
| 248 | if ( empty($wp_hasher) ) {
|
---|
| 249 | require_once( ABSPATH . 'wp-includes/class-phpass.php');
|
---|
| 250 | // By default, use the portable hash from phpass
|
---|
| 251 | $wp_hasher = new PasswordHash(8, TRUE);
|
---|
| 252 | }
|
---|
| 253 |
|
---|
| 254 | return $wp_hasher->HashPassword($password);
|
---|
| 255 | */
|
---|
| 256 | }
|
---|
[83] | 257 | endif;
|
---|
[153] | 258 |
|
---|
| 259 | if ( !function_exists('wp_clear_auth_cookie') ) :
|
---|
| 260 | /**
|
---|
| 261 | * Removes all of the cookies associated with authentication.
|
---|
| 262 | *
|
---|
| 263 | * @since 2.5
|
---|
| 264 | */
|
---|
| 265 | function wp_clear_auth_cookie() {
|
---|
| 266 | do_action('clear_auth_cookie');
|
---|
| 267 |
|
---|
| 268 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, ADMIN_COOKIE_PATH, COOKIE_DOMAIN);
|
---|
| 269 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, ADMIN_COOKIE_PATH, COOKIE_DOMAIN);
|
---|
| 270 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN);
|
---|
| 271 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN);
|
---|
| 272 | @setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
| 273 | @setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
| 274 |
|
---|
| 275 | // Old cookies
|
---|
| 276 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
| 277 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
| 278 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
| 279 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
| 280 |
|
---|
| 281 | // Even older cookies
|
---|
| 282 | @setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
| 283 | @setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
| 284 | @setcookie(USER_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
| 285 | @setcookie(PASS_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
[294] | 286 |
|
---|
[153] | 287 | }
|
---|
| 288 | endif;
|
---|
| 289 |
|
---|
| 290 |
|
---|
| 291 |
|
---|
| 292 |
|
---|
| 293 |
|
---|
| 294 |
|
---|
[71] | 295 | // *********************************** End Of Pluggable Function Edit (wp-include/pluggable.php) ************************************
|
---|
| 296 |
|
---|
| 297 | ?> |
---|