1 | <?php
|
---|
2 | /**
|
---|
3 | * XPress - WordPress for XOOPS
|
---|
4 | *
|
---|
5 | * Adding multi-author features to XPressME
|
---|
6 | *
|
---|
7 | * @copyright The XPressME project
|
---|
8 | * @license http://www.fsf.org/copyleft/gpl.html GNU public license
|
---|
9 | * @author toemon
|
---|
10 | * @since 2.05
|
---|
11 | * @version $Id$
|
---|
12 | * @package module::xpress
|
---|
13 | */
|
---|
14 |
|
---|
15 | // *********************************** Start Pluggable Function Edit (wp-include/pluggable.php) ************************************
|
---|
16 |
|
---|
17 | if ( !function_exists('get_currentuserinfo') ) :
|
---|
18 | function get_currentuserinfo() {
|
---|
19 | global $current_user;
|
---|
20 | global $xoopsModule,$xoopsUser,$xoopsUserIsAdmin;
|
---|
21 |
|
---|
22 |
|
---|
23 | if ($xoopsModule){
|
---|
24 | if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
|
---|
25 | return false;
|
---|
26 |
|
---|
27 | if (is_object($xoopsUser)){ // When the user is logging in xoops
|
---|
28 | if ( ! empty($current_user) ){
|
---|
29 | $xoops_user = $xoopsUser->getVar("uname");
|
---|
30 | if ($current_user->user_login == $xoops_user){ // If xoops login user and wordpress current user are the same
|
---|
31 | return;
|
---|
32 | }
|
---|
33 | }
|
---|
34 | if (check_xpress_auth_cookie()){ //The cookie is login user's or it checks it
|
---|
35 | if (function_exists('wp_validate_auth_cookie')){
|
---|
36 | if ( $user = wp_validate_auth_cookie() ) {
|
---|
37 | // When the user meta prefix is different according to the change in the xoops data base prefix, it restores it.
|
---|
38 | if (!check_user_meta_prefix($user)){
|
---|
39 | repair_user_meta_prefix();
|
---|
40 | }
|
---|
41 | wp_set_current_user($user);
|
---|
42 | return ;
|
---|
43 | }
|
---|
44 | } else { // for WP2.0
|
---|
45 | if ( !empty($_COOKIE[USER_COOKIE]) && !empty($_COOKIE[PASS_COOKIE])){
|
---|
46 | if(wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true) ) {
|
---|
47 | $user_login = $_COOKIE[USER_COOKIE];
|
---|
48 | wp_set_current_user(0, $user_login);
|
---|
49 | return;
|
---|
50 | }
|
---|
51 | }
|
---|
52 | }
|
---|
53 | }
|
---|
54 | return xpress_login();
|
---|
55 | } else { // For the xoops guest
|
---|
56 | if ( ! empty($current_user) ){ // When a current user of wordpress is set, a current user is cleared.
|
---|
57 | wp_set_current_user(0);
|
---|
58 | wp_logout();
|
---|
59 | wp_clear_auth_cookie();
|
---|
60 | }
|
---|
61 | return false;
|
---|
62 | }
|
---|
63 | } else {
|
---|
64 | // WP original
|
---|
65 | if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
|
---|
66 | return false;
|
---|
67 |
|
---|
68 | if ( ! empty($current_user) )
|
---|
69 | return;
|
---|
70 |
|
---|
71 | if (function_exists('wp_validate_auth_cookie')){
|
---|
72 | if ( ! $user = wp_validate_auth_cookie() ) {
|
---|
73 | if ( empty($_COOKIE[LOGGED_IN_COOKIE]) || !$user = wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in') ) {
|
---|
74 | wp_set_current_user(0);
|
---|
75 | return false;
|
---|
76 | }
|
---|
77 | }
|
---|
78 | wp_set_current_user($user);
|
---|
79 | } else { // for WP2.0
|
---|
80 | if ( empty($_COOKIE[USER_COOKIE]) || empty($_COOKIE[PASS_COOKIE]) ||
|
---|
81 | !wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true) ) {
|
---|
82 | wp_set_current_user(0);
|
---|
83 | return false;
|
---|
84 | }
|
---|
85 | $user_login = $_COOKIE[USER_COOKIE];
|
---|
86 | wp_set_current_user(0, $user_login);
|
---|
87 | }
|
---|
88 | }
|
---|
89 | }
|
---|
90 | endif;
|
---|
91 |
|
---|
92 | if ( !function_exists('xpress_login') ) :
|
---|
93 | function xpress_login(){
|
---|
94 | global $current_user;
|
---|
95 | global $xoopsModule,$xoopsUser,$xoopsUserIsAdmin;
|
---|
96 |
|
---|
97 | if(is_object($xoopsUser)){
|
---|
98 | $u_name = $xoopsUser->getVar("uname");
|
---|
99 | $u_pass_md5 = $xoopsUser->getVar("pass");
|
---|
100 | if ( ! empty($u_name) && ! empty($u_pass_md5) ) {
|
---|
101 | include_once dirname( __FILE__ ).'/user_sync_xoops.php';
|
---|
102 | repair_user_meta_prefix(); //Repair when data base prefix is changed on XOOPS side
|
---|
103 | $messege = '';
|
---|
104 | $ret = user_sync_to_wordpress($xoopsUser->getVar("uid"),$messege);
|
---|
105 | if ($ret){
|
---|
106 | $user = new WP_User(0, $u_name);
|
---|
107 | if ( wp_login($u_name, $u_pass_md5) ) {
|
---|
108 | wp_setcookie($u_name, $u_pass_md5, true, '', '', false);
|
---|
109 | do_action('wp_login', $u_name);
|
---|
110 | wp_set_current_user($user->ID);
|
---|
111 | return true;
|
---|
112 | }
|
---|
113 | }
|
---|
114 | }
|
---|
115 | }
|
---|
116 | if ( ! empty($current_user) ){
|
---|
117 | wp_set_current_user(0);
|
---|
118 | wp_logout();
|
---|
119 | wp_clear_auth_cookie();
|
---|
120 | }
|
---|
121 | return false;
|
---|
122 | }
|
---|
123 | endif;
|
---|
124 |
|
---|
125 | if ( !function_exists('check_xpress_auth_cookie') ) :
|
---|
126 | function check_xpress_auth_cookie() { // for wp2.5
|
---|
127 | if ( empty($_COOKIE[AUTH_COOKIE]) ){
|
---|
128 | return false;
|
---|
129 | }
|
---|
130 | $cookie = $_COOKIE[AUTH_COOKIE];
|
---|
131 |
|
---|
132 | $cookie_elements = explode('|', $cookie);
|
---|
133 | if ( count($cookie_elements) != 3 ){
|
---|
134 | return false;
|
---|
135 | }
|
---|
136 |
|
---|
137 | if(is_object($GLOBALS["xoopsModule"])){
|
---|
138 | // && WP_BLOG_DIRNAME == $GLOBALS["xoopsModule"]->getVar("dirname")){
|
---|
139 | if(is_object($GLOBALS["xoopsUser"])){
|
---|
140 | $u_name = $GLOBALS["xoopsUser"]->getVar("uname");
|
---|
141 | list($username, $expiration, $hmac) = $cookie_elements;
|
---|
142 | if ($u_name == $username) {
|
---|
143 | return true;
|
---|
144 | }
|
---|
145 | }
|
---|
146 | } else {
|
---|
147 | $mydirname = basename( dirname( dirname( __FILE__ ) ) ) ;
|
---|
148 | $org_url = $_SERVER['REQUEST_URI'];
|
---|
149 | $needle = '/modules/' . $mydirname . '/wp-admin/';
|
---|
150 | if (strstr($org_url , $needle)){
|
---|
151 | return true;
|
---|
152 | }
|
---|
153 | }
|
---|
154 | return false;
|
---|
155 | }
|
---|
156 | endif;
|
---|
157 |
|
---|
158 | if ( !function_exists('wp_check_password') ) :
|
---|
159 | // for wordpress2.5
|
---|
160 | function wp_check_password($password, $hash, $user_id = '') {
|
---|
161 | global $wp_hasher;
|
---|
162 | global $xoops_config,$xoops_db;
|
---|
163 |
|
---|
164 | // For attestation when password has been sent as hash value. (When having logged it in from Xoops and ImpressCMS)
|
---|
165 | if ($hash == $password){
|
---|
166 | return apply_filters('check_password', true, $password, $hash, $user_id);
|
---|
167 | }
|
---|
168 |
|
---|
169 | // Password authentication for Xoops
|
---|
170 | if ( strlen($hash) <= 32 ) {
|
---|
171 | $check = ( $hash == md5($password) );
|
---|
172 | return apply_filters('check_password', $check, $password, $hash, $user_id);
|
---|
173 | }
|
---|
174 |
|
---|
175 | // Password authentication for ImpressCMS
|
---|
176 | if($xoops_config->is_impress && function_exists('hash')){
|
---|
177 | $mainSalt = $xoops_config->xoops_db_salt;
|
---|
178 | // get user salt
|
---|
179 | $xpress_user_db = $xoops_config->module_db_prefix . 'users';
|
---|
180 | $xoops_user_db = $xoops_config->xoops_db_prefix . '_users';
|
---|
181 | $login_name = $xoops_db->get_var("SELECT user_login FROM $xpress_user_db WHERE ID = $user_id");
|
---|
182 | $user_salt = $xoops_db->get_var("SELECT salt FROM $xoops_user_db WHERE uname = '$login_name'");
|
---|
183 | // Make Impress hash
|
---|
184 | $impress_hash = hash('sha256', $user_salt.md5($password).$mainSalt);
|
---|
185 | if ($hash == $impress_hash){
|
---|
186 | return apply_filters('check_password', true, $password, $hash, $user_id);
|
---|
187 | }
|
---|
188 | }
|
---|
189 |
|
---|
190 | // If the hash is still md5...
|
---|
191 | if ( strlen($hash) <= 32 ) {
|
---|
192 | $check = ( $hash == md5($password) );
|
---|
193 | /* A new hash is not used because it differs from the hash on the XOOPS password.
|
---|
194 | * if ( $check && $user_id ) {
|
---|
195 | * // Rehash using new hash.
|
---|
196 | * wp_set_password($password, $user_id);
|
---|
197 | * $hash = wp_hash_password($password);
|
---|
198 | * }
|
---|
199 | */
|
---|
200 | return apply_filters('check_password', $check, $password, $hash, $user_id);
|
---|
201 | }
|
---|
202 |
|
---|
203 | // If the stored hash is longer than an MD5, presume the
|
---|
204 | // new style phpass portable hash.
|
---|
205 | if ( empty($wp_hasher) ) {
|
---|
206 | require_once( ABSPATH . 'wp-includes/class-phpass.php');
|
---|
207 | // By default, use the portable hash from phpass
|
---|
208 | $wp_hasher = new PasswordHash(8, TRUE);
|
---|
209 | }
|
---|
210 |
|
---|
211 | $check = $wp_hasher->CheckPassword($password, $hash);
|
---|
212 |
|
---|
213 | return apply_filters('check_password', $check, $password, $hash, $user_id);
|
---|
214 | }
|
---|
215 | endif;
|
---|
216 |
|
---|
217 | if ( !function_exists('wp_redirect') ) :
|
---|
218 | function wp_redirect($location, $status = 302) {
|
---|
219 | global $is_IIS,$xoops_config,$action;
|
---|
220 |
|
---|
221 | if ($location == 'wp-login.php?loggedout=true') $location = $xoops_config->xoops_url.'/user.php?op=logout'; //xoops logout at wp logout
|
---|
222 | if ($location == 'wp-login.php?action=register') $location = $xoops_config->xoops_url."/register.php"; //wp-register to xoops register
|
---|
223 | if ($action == 'logout') $location = $xoops_config->xoops_url.'/user.php?op=logout'; //xoops logout at comment logout
|
---|
224 |
|
---|
225 | $location = apply_filters('wp_redirect', $location, $status);
|
---|
226 | $status = apply_filters('wp_redirect_status', $status, $location);
|
---|
227 |
|
---|
228 | if ( !$location ) // allows the wp_redirect filter to cancel a redirect
|
---|
229 | return false;
|
---|
230 |
|
---|
231 | $location = wp_sanitize_redirect($location);
|
---|
232 |
|
---|
233 | if ( $is_IIS ) {
|
---|
234 | header("Refresh: 0;url=$location");
|
---|
235 | } else {
|
---|
236 | if ( php_sapi_name() != 'cgi-fcgi' )
|
---|
237 | status_header($status); // This causes problems on IIS and some FastCGI setups
|
---|
238 | header("Location: $location");
|
---|
239 | }
|
---|
240 | }
|
---|
241 | endif;
|
---|
242 |
|
---|
243 | if ( !function_exists('wp_hash_password') ) :
|
---|
244 | function wp_hash_password($password) {
|
---|
245 | global $wp_hasher;
|
---|
246 | return md5($password); // A new hash is not used because it differs from the hash on the XOOPS password.
|
---|
247 | /*
|
---|
248 | if ( empty($wp_hasher) ) {
|
---|
249 | require_once( ABSPATH . 'wp-includes/class-phpass.php');
|
---|
250 | // By default, use the portable hash from phpass
|
---|
251 | $wp_hasher = new PasswordHash(8, TRUE);
|
---|
252 | }
|
---|
253 |
|
---|
254 | return $wp_hasher->HashPassword($password);
|
---|
255 | */
|
---|
256 | }
|
---|
257 | endif;
|
---|
258 |
|
---|
259 | if ( !function_exists('wp_clear_auth_cookie') ) :
|
---|
260 | /**
|
---|
261 | * Removes all of the cookies associated with authentication.
|
---|
262 | *
|
---|
263 | * @since 2.5
|
---|
264 | */
|
---|
265 | function wp_clear_auth_cookie() {
|
---|
266 | do_action('clear_auth_cookie');
|
---|
267 |
|
---|
268 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, ADMIN_COOKIE_PATH, COOKIE_DOMAIN);
|
---|
269 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, ADMIN_COOKIE_PATH, COOKIE_DOMAIN);
|
---|
270 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN);
|
---|
271 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN);
|
---|
272 | @setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
273 | @setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
274 |
|
---|
275 | // Old cookies
|
---|
276 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
277 | @setcookie(AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
278 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
279 | @setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
280 |
|
---|
281 | // Even older cookies
|
---|
282 | @setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
283 | @setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
|
---|
284 | @setcookie(USER_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
285 | @setcookie(PASS_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
|
---|
286 |
|
---|
287 | }
|
---|
288 | endif;
|
---|
289 |
|
---|
290 |
|
---|
291 |
|
---|
292 |
|
---|
293 |
|
---|
294 |
|
---|
295 | // *********************************** End Of Pluggable Function Edit (wp-include/pluggable.php) ************************************
|
---|
296 |
|
---|
297 | ?> |
---|