WordPress.org

Make WordPress Core

Ticket #9682: move-login-funcs-to-pluggable.diff

File move-login-funcs-to-pluggable.diff, 17.9 KB (added by misterbisson, 12 years ago)

Makes the switch( $action ) part of wp-login.php hookable, moves functions defined in wp-login.php to wp-includes/pluggable.php so they can be overridden

  • wp-login.php

     
    2222        }
    2323}
    2424
    25 /**
    26  * Outputs the header for the login page.
    27  *
    28  * @uses do_action() Calls the 'login_head' for outputting HTML in the Log In
    29  *              header.
    30  * @uses apply_filters() Calls 'login_headerurl' for the top login link.
    31  * @uses apply_filters() Calls 'login_headertitle' for the top login title.
    32  * @uses apply_filters() Calls 'login_message' on the message to display in the
    33  *              header.
    34  * @uses $error The error global, which is checked for displaying errors.
    35  *
    36  * @param string $title Optional. WordPress Log In Page title to display in
    37  *              <title/> element.
    38  * @param string $message Optional. Message to display in header.
    39  * @param WP_Error $wp_error Optional. WordPress Error Object
    40  */
    41 function login_header($title = 'Log In', $message = '', $wp_error = '') {
    42         global $error;
    43 
    44         if ( empty($wp_error) )
    45                 $wp_error = new WP_Error();
    46         ?>
    47 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    48 <html xmlns="http://www.w3.org/1999/xhtml" <?php language_attributes(); ?>>
    49 <head>
    50         <title><?php bloginfo('name'); ?> &rsaquo; <?php echo $title; ?></title>
    51         <meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php bloginfo('charset'); ?>" />
    52         <?php
    53         wp_admin_css( 'login', true );
    54         wp_admin_css( 'colors-fresh', true );
    55         do_action('login_head'); ?>
    56 </head>
    57 <body class="login">
    58 
    59 <div id="login"><h1><a href="<?php echo apply_filters('login_headerurl', 'http://wordpress.org/'); ?>" title="<?php echo apply_filters('login_headertitle', __('Powered by WordPress')); ?>"><?php bloginfo('name'); ?></a></h1>
    60 <?php
    61         $message = apply_filters('login_message', $message);
    62         if ( !empty( $message ) ) echo $message . "\n";
    63 
    64         // Incase a plugin uses $error rather than the $errors object
    65         if ( !empty( $error ) ) {
    66                 $wp_error->add('error', $error);
    67                 unset($error);
    68         }
    69 
    70         if ( $wp_error->get_error_code() ) {
    71                 $errors = '';
    72                 $messages = '';
    73                 foreach ( $wp_error->get_error_codes() as $code ) {
    74                         $severity = $wp_error->get_error_data($code);
    75                         foreach ( $wp_error->get_error_messages($code) as $error ) {
    76                                 if ( 'message' == $severity )
    77                                         $messages .= '  ' . $error . "<br />\n";
    78                                 else
    79                                         $errors .= '    ' . $error . "<br />\n";
    80                         }
    81                 }
    82                 if ( !empty($errors) )
    83                         echo '<div id="login_error">' . apply_filters('login_errors', $errors) . "</div>\n";
    84                 if ( !empty($messages) )
    85                         echo '<p class="message">' . apply_filters('login_messages', $messages) . "</p>\n";
    86         }
    87 } // End of login_header()
    88 
    89 /**
    90  * Handles sending password retrieval email to user.
    91  *
    92  * @uses $wpdb WordPress Database object
    93  *
    94  * @return bool|WP_Error True: when finish. WP_Error on error
    95  */
    96 function retrieve_password() {
    97         global $wpdb;
    98 
    99         $errors = new WP_Error();
    100 
    101         if ( empty( $_POST['user_login'] ) && empty( $_POST['user_email'] ) )
    102                 $errors->add('empty_username', __('<strong>ERROR</strong>: Enter a username or e-mail address.'));
    103 
    104         if ( strpos($_POST['user_login'], '@') ) {
    105                 $user_data = get_user_by_email(trim($_POST['user_login']));
    106                 if ( empty($user_data) )
    107                         $errors->add('invalid_email', __('<strong>ERROR</strong>: There is no user registered with that email address.'));
    108         } else {
    109                 $login = trim($_POST['user_login']);
    110                 $user_data = get_userdatabylogin($login);
    111         }
    112 
    113         do_action('lostpassword_post');
    114 
    115         if ( $errors->get_error_code() )
    116                 return $errors;
    117 
    118         if ( !$user_data ) {
    119                 $errors->add('invalidcombo', __('<strong>ERROR</strong>: Invalid username or e-mail.'));
    120                 return $errors;
    121         }
    122 
    123         // redefining user_login ensures we return the right case in the email
    124         $user_login = $user_data->user_login;
    125         $user_email = $user_data->user_email;
    126 
    127         do_action('retreive_password', $user_login);  // Misspelled and deprecated
    128         do_action('retrieve_password', $user_login);
    129 
    130         $allow = apply_filters('allow_password_reset', true, $user_data->ID);
    131 
    132         if ( ! $allow )
    133                 return new WP_Error('no_password_reset', __('Password reset is not allowed for this user'));
    134         else if ( is_wp_error($allow) )
    135                 return $allow;
    136 
    137         $key = $wpdb->get_var($wpdb->prepare("SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login));
    138         if ( empty($key) ) {
    139                 // Generate something random for a key...
    140                 $key = wp_generate_password(20, false);
    141                 do_action('retrieve_password_key', $user_login, $key);
    142                 // Now insert the new md5 key into the db
    143                 $wpdb->update($wpdb->users, array('user_activation_key' => $key), array('user_login' => $user_login));
    144         }
    145         $message = __('Someone has asked to reset the password for the following site and username.') . "\r\n\r\n";
    146         $message .= get_option('siteurl') . "\r\n\r\n";
    147         $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
    148         $message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.') . "\r\n\r\n";
    149         $message .= site_url("wp-login.php?action=rp&key=$key", 'login') . "\r\n";
    150 
    151         if ( !wp_mail($user_email, sprintf(__('[%s] Password Reset'), get_option('blogname')), $message) )
    152                 die('<p>' . __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') . '</p>');
    153 
    154         return true;
    155 }
    156 
    157 /**
    158  * Handles resetting the user's password.
    159  *
    160  * @uses $wpdb WordPress Database object
    161  *
    162  * @param string $key Hash to validate sending user's password
    163  * @return bool|WP_Error
    164  */
    165 function reset_password($key) {
    166         global $wpdb;
    167 
    168         $key = preg_replace('/[^a-z0-9]/i', '', $key);
    169 
    170         if ( empty( $key ) )
    171                 return new WP_Error('invalid_key', __('Invalid key'));
    172 
    173         $user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_activation_key = %s", $key));
    174         if ( empty( $user ) )
    175                 return new WP_Error('invalid_key', __('Invalid key'));
    176 
    177         do_action('password_reset', $user);
    178 
    179         // Generate something random for a password...
    180         $new_pass = wp_generate_password();
    181         wp_set_password($new_pass, $user->ID);
    182         $message  = sprintf(__('Username: %s'), $user->user_login) . "\r\n";
    183         $message .= sprintf(__('Password: %s'), $new_pass) . "\r\n";
    184         $message .= site_url('wp-login.php', 'login') . "\r\n";
    185 
    186         if (  !wp_mail($user->user_email, sprintf(__('[%s] Your new password'), get_option('blogname')), $message) )
    187                 die('<p>' . __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') . '</p>');
    188 
    189         wp_password_change_notification($user);
    190 
    191         return true;
    192 }
    193 
    194 /**
    195  * Handles registering a new user.
    196  *
    197  * @param string $user_login User's username for logging in
    198  * @param string $user_email User's email address to send password and add
    199  * @return int|WP_Error Either user's ID or error on failure.
    200  */
    201 function register_new_user($user_login, $user_email) {
    202         $errors = new WP_Error();
    203 
    204         $user_login = sanitize_user( $user_login );
    205         $user_email = apply_filters( 'user_registration_email', $user_email );
    206 
    207         // Check the username
    208         if ( $user_login == '' )
    209                 $errors->add('empty_username', __('<strong>ERROR</strong>: Please enter a username.'));
    210         elseif ( !validate_username( $user_login ) ) {
    211                 $errors->add('invalid_username', __('<strong>ERROR</strong>: This username is invalid.  Please enter a valid username.'));
    212                 $user_login = '';
    213         } elseif ( username_exists( $user_login ) )
    214                 $errors->add('username_exists', __('<strong>ERROR</strong>: This username is already registered, please choose another one.'));
    215 
    216         // Check the e-mail address
    217         if ($user_email == '') {
    218                 $errors->add('empty_email', __('<strong>ERROR</strong>: Please type your e-mail address.'));
    219         } elseif ( !is_email( $user_email ) ) {
    220                 $errors->add('invalid_email', __('<strong>ERROR</strong>: The email address isn&#8217;t correct.'));
    221                 $user_email = '';
    222         } elseif ( email_exists( $user_email ) )
    223                 $errors->add('email_exists', __('<strong>ERROR</strong>: This email is already registered, please choose another one.'));
    224 
    225         do_action('register_post', $user_login, $user_email, $errors);
    226 
    227         $errors = apply_filters( 'registration_errors', $errors );
    228 
    229         if ( $errors->get_error_code() )
    230                 return $errors;
    231 
    232         $user_pass = wp_generate_password();
    233         $user_id = wp_create_user( $user_login, $user_pass, $user_email );
    234         if ( !$user_id ) {
    235                 $errors->add('registerfail', sprintf(__('<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_option('admin_email')));
    236                 return $errors;
    237         }
    238 
    239         wp_new_user_notification($user_id, $user_pass);
    240 
    241         return $user_id;
    242 }
    243 
    24425//
    24526// Main
    24627//
     
    27051        setcookie(TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN);
    27152
    27253$http_post = ('POST' == $_SERVER['REQUEST_METHOD']);
    273 switch ($action) {
    27454
     55global $wp_filter;
     56if( isset( $wp_filter[ 'wp_login_'. $action ] )):
     57        do_action( 'wp_login_'. $action );
     58else:
     59switch( $action ) {
     60
    27561case 'logout' :
    27662        check_admin_referer('log-out');
    27763        wp_logout();
     
    515301
    516302break;
    517303} // end action switch
     304endif;
    518305?>
  • wp-includes/pluggable.php

     
    17281728}
    17291729endif;
    17301730
    1731 ?>
     1731
     1732if ( !function_exists( 'login_header' ) ) :
     1733/**
     1734 * Outputs the header for the login page.
     1735 *
     1736 * @uses do_action() Calls the 'login_head' for outputting HTML in the Log In
     1737 *              header.
     1738 * @uses apply_filters() Calls 'login_headerurl' for the top login link.
     1739 * @uses apply_filters() Calls 'login_headertitle' for the top login title.
     1740 * @uses apply_filters() Calls 'login_message' on the message to display in the
     1741 *              header.
     1742 * @uses $error The error global, which is checked for displaying errors.
     1743 *
     1744 * @param string $title Optional. WordPress Log In Page title to display in
     1745 *              <title/> element.
     1746 * @param string $message Optional. Message to display in header.
     1747 * @param WP_Error $wp_error Optional. WordPress Error Object
     1748 */
     1749function login_header($title = 'Log In', $message = '', $wp_error = '') {
     1750        global $error;
     1751
     1752        if ( empty($wp_error) )
     1753                $wp_error = new WP_Error();
     1754        ?>
     1755<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
     1756<html xmlns="http://www.w3.org/1999/xhtml" <?php language_attributes(); ?>>
     1757<head>
     1758        <title><?php bloginfo('name'); ?> &rsaquo; <?php echo $title; ?></title>
     1759        <meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php bloginfo('charset'); ?>" />
     1760        <?php
     1761        wp_admin_css( 'login', true );
     1762        wp_admin_css( 'colors-fresh', true );
     1763        do_action('login_head'); ?>
     1764</head>
     1765<body class="login">
     1766
     1767<div id="login"><h1><a href="<?php echo apply_filters('login_headerurl', 'http://wordpress.org/'); ?>" title="<?php echo apply_filters('login_headertitle', __('Powered by WordPress')); ?>"><?php bloginfo('name'); ?></a></h1>
     1768<?php
     1769        $message = apply_filters('login_message', $message);
     1770        if ( !empty( $message ) ) echo $message . "\n";
     1771
     1772        // Incase a plugin uses $error rather than the $errors object
     1773        if ( !empty( $error ) ) {
     1774                $wp_error->add('error', $error);
     1775                unset($error);
     1776        }
     1777
     1778        if ( $wp_error->get_error_code() ) {
     1779                $errors = '';
     1780                $messages = '';
     1781                foreach ( $wp_error->get_error_codes() as $code ) {
     1782                        $severity = $wp_error->get_error_data($code);
     1783                        foreach ( $wp_error->get_error_messages($code) as $error ) {
     1784                                if ( 'message' == $severity )
     1785                                        $messages .= '  ' . $error . "<br />\n";
     1786                                else
     1787                                        $errors .= '    ' . $error . "<br />\n";
     1788                        }
     1789                }
     1790                if ( !empty($errors) )
     1791                        echo '<div id="login_error">' . apply_filters('login_errors', $errors) . "</div>\n";
     1792                if ( !empty($messages) )
     1793                        echo '<p class="message">' . apply_filters('login_messages', $messages) . "</p>\n";
     1794        }
     1795} // End of login_header()
     1796endif;
     1797
     1798
     1799if ( !function_exists( 'retrieve_password' ) ) :
     1800/**
     1801 * Handles sending password retrieval email to user.
     1802 *
     1803 * @uses $wpdb WordPress Database object
     1804 *
     1805 * @return bool|WP_Error True: when finish. WP_Error on error
     1806 */
     1807function retrieve_password() {
     1808        global $wpdb;
     1809
     1810        $errors = new WP_Error();
     1811
     1812        if ( empty( $_POST['user_login'] ) && empty( $_POST['user_email'] ) )
     1813                $errors->add('empty_username', __('<strong>ERROR</strong>: Enter a username or e-mail address.'));
     1814
     1815        if ( strpos($_POST['user_login'], '@') ) {
     1816                $user_data = get_user_by_email(trim($_POST['user_login']));
     1817                if ( empty($user_data) )
     1818                        $errors->add('invalid_email', __('<strong>ERROR</strong>: There is no user registered with that email address.'));
     1819        } else {
     1820                $login = trim($_POST['user_login']);
     1821                $user_data = get_userdatabylogin($login);
     1822        }
     1823
     1824        do_action('lostpassword_post');
     1825
     1826        if ( $errors->get_error_code() )
     1827                return $errors;
     1828
     1829        if ( !$user_data ) {
     1830                $errors->add('invalidcombo', __('<strong>ERROR</strong>: Invalid username or e-mail.'));
     1831                return $errors;
     1832        }
     1833
     1834        // redefining user_login ensures we return the right case in the email
     1835        $user_login = $user_data->user_login;
     1836        $user_email = $user_data->user_email;
     1837
     1838        do_action('retreive_password', $user_login);  // Misspelled and deprecated
     1839        do_action('retrieve_password', $user_login);
     1840
     1841        $allow = apply_filters('allow_password_reset', true, $user_data->ID);
     1842
     1843        if ( ! $allow )
     1844                return new WP_Error('no_password_reset', __('Password reset is not allowed for this user'));
     1845        else if ( is_wp_error($allow) )
     1846                return $allow;
     1847
     1848        $key = $wpdb->get_var($wpdb->prepare("SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login));
     1849        if ( empty($key) ) {
     1850                // Generate something random for a key...
     1851                $key = wp_generate_password(20, false);
     1852                do_action('retrieve_password_key', $user_login, $key);
     1853                // Now insert the new md5 key into the db
     1854                $wpdb->update($wpdb->users, array('user_activation_key' => $key), array('user_login' => $user_login));
     1855        }
     1856        $message = __('Someone has asked to reset the password for the following site and username.') . "\r\n\r\n";
     1857        $message .= get_option('siteurl') . "\r\n\r\n";
     1858        $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
     1859        $message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.') . "\r\n\r\n";
     1860        $message .= site_url("wp-login.php?action=rp&key=$key", 'login') . "\r\n";
     1861
     1862        if ( !wp_mail($user_email, sprintf(__('[%s] Password Reset'), get_option('blogname')), $message) )
     1863                die('<p>' . __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') . '</p>');
     1864
     1865        return true;
     1866}
     1867endif;
     1868
     1869
     1870if ( !function_exists( 'reset_password' ) ) :
     1871/**
     1872 * Handles resetting the user's password.
     1873 *
     1874 * @uses $wpdb WordPress Database object
     1875 *
     1876 * @param string $key Hash to validate sending user's password
     1877 * @return bool|WP_Error
     1878 */
     1879function reset_password($key) {
     1880        global $wpdb;
     1881
     1882        $key = preg_replace('/[^a-z0-9]/i', '', $key);
     1883
     1884        if ( empty( $key ) )
     1885                return new WP_Error('invalid_key', __('Invalid key'));
     1886
     1887        $user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_activation_key = %s", $key));
     1888        if ( empty( $user ) )
     1889                return new WP_Error('invalid_key', __('Invalid key'));
     1890
     1891        do_action('password_reset', $user);
     1892
     1893        // Generate something random for a password...
     1894        $new_pass = wp_generate_password();
     1895        wp_set_password($new_pass, $user->ID);
     1896        $message  = sprintf(__('Username: %s'), $user->user_login) . "\r\n";
     1897        $message .= sprintf(__('Password: %s'), $new_pass) . "\r\n";
     1898        $message .= site_url('wp-login.php', 'login') . "\r\n";
     1899
     1900        if (  !wp_mail($user->user_email, sprintf(__('[%s] Your new password'), get_option('blogname')), $message) )
     1901                die('<p>' . __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') . '</p>');
     1902
     1903        wp_password_change_notification($user);
     1904
     1905        return true;
     1906}
     1907endif;
     1908
     1909
     1910if ( !function_exists( 'register_new_user' ) ) :
     1911/**
     1912 * Handles registering a new user.
     1913 *
     1914 * @param string $user_login User's username for logging in
     1915 * @param string $user_email User's email address to send password and add
     1916 * @return int|WP_Error Either user's ID or error on failure.
     1917 */
     1918function register_new_user($user_login, $user_email) {
     1919        $errors = new WP_Error();
     1920
     1921        $user_login = sanitize_user( $user_login );
     1922        $user_email = apply_filters( 'user_registration_email', $user_email );
     1923
     1924        // Check the username
     1925        if ( $user_login == '' )
     1926                $errors->add('empty_username', __('<strong>ERROR</strong>: Please enter a username.'));
     1927        elseif ( !validate_username( $user_login ) ) {
     1928                $errors->add('invalid_username', __('<strong>ERROR</strong>: This username is invalid.  Please enter a valid username.'));
     1929                $user_login = '';
     1930        } elseif ( username_exists( $user_login ) )
     1931                $errors->add('username_exists', __('<strong>ERROR</strong>: This username is already registered, please choose another one.'));
     1932
     1933        // Check the e-mail address
     1934        if ($user_email == '') {
     1935                $errors->add('empty_email', __('<strong>ERROR</strong>: Please type your e-mail address.'));
     1936        } elseif ( !is_email( $user_email ) ) {
     1937                $errors->add('invalid_email', __('<strong>ERROR</strong>: The email address isn&#8217;t correct.'));
     1938                $user_email = '';
     1939        } elseif ( email_exists( $user_email ) )
     1940                $errors->add('email_exists', __('<strong>ERROR</strong>: This email is already registered, please choose another one.'));
     1941
     1942        do_action('register_post', $user_login, $user_email, $errors);
     1943
     1944        $errors = apply_filters( 'registration_errors', $errors );
     1945
     1946        if ( $errors->get_error_code() )
     1947                return $errors;
     1948
     1949        $user_pass = wp_generate_password();
     1950        $user_id = wp_create_user( $user_login, $user_pass, $user_email );
     1951        if ( !$user_id ) {
     1952                $errors->add('registerfail', sprintf(__('<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_option('admin_email')));
     1953                return $errors;
     1954        }
     1955
     1956        wp_new_user_notification($user_id, $user_pass);
     1957
     1958        return $user_id;
     1959}
     1960endif;
     1961 No newline at end of file