/app/view/shortcode/class-ms-view-shortcode-login.php

  1. <?php 
  2.  
  3. class MS_View_Shortcode_Login extends MS_View { 
  4.  
  5. public function to_html() { 
  6. $res_html = ''; 
  7. $res_form = ''; 
  8. $html = ''; 
  9.  
  10. $valid_forms = array( 
  11. 'login',  
  12. 'logout',  
  13. 'reset',  
  14. 'lost',  
  15. ); 
  16.  
  17. extract( $this->data ); 
  18.  
  19. if ( ! isset( $form ) || ! in_array( $form, $valid_forms ) ) { 
  20. if ( MS_Model_Member::is_logged_in() ) { 
  21. $form = 'logout'; 
  22. } elseif ( isset( $action ) && 'resetpass' === $action ) { 
  23. $form = 'reset'; 
  24. } else { 
  25. $form = 'login'; 
  26.  
  27. $this->data['form'] = $form; 
  28.  
  29. /** 
  30. * Provide a customized login form. 
  31. * 
  32. * Possible filters to provide a customized login form: 
  33. * - 'ms_shortcode_custom_form-login' 
  34. * - 'ms_shortcode_custom_form-logout' 
  35. * - 'ms_shortcode_custom_form-reset' 
  36. * - 'ms_shortcode_custom_form-lost' 
  37. * 
  38. * @since 1.1.0 
  39. */ 
  40. $html = apply_filters( 
  41. 'ms_shortcode_custom_form-' . $form,  
  42. '',  
  43. $this->data 
  44. ); 
  45.  
  46. if ( ! empty( $html ) ) { 
  47. return $html; 
  48. } else { 
  49. $html = ''; 
  50.  
  51. if ( 'logout' === $form ) { 
  52. return $this->logout_form(); 
  53. } elseif ( 'reset' === $form ) { 
  54. return $this->reset_form(); 
  55. } else { 
  56. if ( empty( $redirect_login ) ) { 
  57. $redirect_login = MS_Helper_Utility::get_current_url(); 
  58.  
  59. // Build the Login Form. 
  60. $res_form .= $prefix; 
  61. $res_form .= $this->login_form( $redirect_login ); 
  62. $res_form .= $this->lostpass_form(); 
  63.  
  64. // Wrap form in optional wrappers. 
  65. if ( ! empty( $wrapwith ) ) { 
  66. $res_form .= sprintf( '<%s class="%s">', esc_attr( $wrapwith ), esc_attr( $wrapwithclass ) ); 
  67. $res_form = sprintf( 
  68. '<%1$s class="%2$s">%3$s</%1$s>',  
  69. esc_attr( $wrapwith ),  
  70. esc_attr( $wrapwithclass ),  
  71. $res_form 
  72. ); 
  73. if ( ! empty( $item ) ) { 
  74. $res_form = sprintf( 
  75. '<%1$s class="%2$s">%3$s</%1$s>',  
  76. esc_attr( $item ),  
  77. esc_attr( $itemclass ),  
  78. $res_form 
  79. ); 
  80. if ( ! empty( $holder ) ) { 
  81. $res_form = sprintf( 
  82. '<%1$s class="%2$s">%3$s</%1$s>',  
  83. esc_attr( $holder ),  
  84. esc_attr( $holderclass ),  
  85. $res_form 
  86. ); 
  87.  
  88. // Complete the HTML output. 
  89. if ( $header ) { 
  90. $html .= $this->login_header_html(); 
  91. $html .= $res_form; 
  92.  
  93. if ( $register && ! MS_Model_Member::is_logged_in() ) { 
  94. if ( MS_Model_Member::can_register() ) { 
  95. $link = sprintf( 
  96. '<a href="%1$s">%2$s</a>',  
  97. MS_Controller_Frontend::get_registration_url( 'register' ),  
  98. __( 'Register', MS_TEXT_DOMAIN ) 
  99. ); 
  100.  
  101. /** 
  102. * Filter documented in wp-includes/general-template.php 
  103. */ 
  104. $html .= apply_filters( 'register', $link ); 
  105.  
  106. // Load the ajax script that handles the Ajax login functions. 
  107. wp_enqueue_script( 'ms-ajax-login' ); 
  108.  
  109. lib2()->ui->data( 
  110. 'ms_ajax_login',  
  111. array( 
  112. 'ajaxurl' => admin_url( 'admin-ajax.php' ),  
  113. 'loadingmessage' => __( 'Please wait...', MS_TEXT_DOMAIN ),  
  114. 'errormessage' => __( 'Request failed, please try again.', MS_TEXT_DOMAIN ),  
  115. ); 
  116. // Remove linebreaks to bypass the "wpautop" filter. 
  117. $html = str_replace( array( "\r\n", "\r", "\n" ), '', $html ); 
  118.  
  119. $html = '<div class="ms-membership-form-wrapper">' . $html . '</div>'; 
  120.  
  121. /** 
  122. * Possible filters to provide a customized login form: 
  123. * - 'ms_shortcode_form-login' 
  124. * - 'ms_shortcode_form-logout' 
  125. * - 'ms_shortcode_form-reset' 
  126. * - 'ms_shortcode_form-lost' 
  127. */ 
  128. return apply_filters( 
  129. 'ms_shortcode_form-' . $form,  
  130. $html,  
  131. $this->data 
  132. ); 
  133.  
  134. /** 
  135. * Returns HTML partial with the header of the login form. 
  136. * 
  137. * @since 1.0.0 
  138. * 
  139. * @return string 
  140. */ 
  141. private function login_header_html() { 
  142. extract( $this->data ); 
  143.  
  144. ob_start(); 
  145. ?> 
  146. <legend><?php echo esc_html( $title ); ?></legend> 
  147. <?php if ( $show_note ) : ?> 
  148. <div class="ms-alert-box ms-alert-error"> 
  149. <?php _e( 'Please log in to access this page.', MS_TEXT_DOMAIN ); ?> 
  150. </div> 
  151. <?php endif; 
  152.  
  153. return ob_get_clean(); 
  154.  
  155. /** 
  156. * Returns HTML partial with the actual login form. 
  157. * 
  158. * @since 1.0.0 
  159. * 
  160. * @param string $redirect_to URL to redirect to right after login. 
  161. * @return string 
  162. */ 
  163. private function login_form( $redirect_to = null ) { 
  164. if ( empty( $redirect_to ) ) { 
  165. // Default redirect is back to the current page 
  166. $redirect_to = lib2()->net->current_url(); 
  167.  
  168. $defaults = array( 
  169. 'redirect_login' => $redirect_to,  
  170. 'label_username' => __( 'Username', MS_TEXT_DOMAIN ),  
  171. 'label_password' => __( 'Password', MS_TEXT_DOMAIN ),  
  172. 'label_remember' => __( 'Remember Me', MS_TEXT_DOMAIN ),  
  173. 'label_log_in' => __( 'Log In', MS_TEXT_DOMAIN ),  
  174. 'id_login_form' => 'loginform',  
  175. 'id_username' => 'user_login',  
  176. 'id_password' => 'user_pass',  
  177. 'id_remember' => 'rememberme',  
  178. 'id_login' => 'wp-submit',  
  179. 'show_remember' => true,  
  180. 'value_username' => '',  
  181. 'value_remember' => false, // Set this to true to default the "Remember me" checkbox to checked 
  182. ); 
  183.  
  184. /** 
  185. * Filter the default login form output arguments. 
  186. * 
  187. * @since 3.0.0 
  188. * 
  189. * @see wp_login_form() 
  190. * 
  191. * @param array $defaults An array of default login form arguments. 
  192. */ 
  193. $args = wp_parse_args( 
  194. $this->data,  
  195. apply_filters( 'login_form_defaults', $defaults ) 
  196. ); 
  197.  
  198. extract( $args ); 
  199.  
  200. $show_form = 'login' === $form ? '' : 'display:none'; 
  201. $form_class = 'ms-form ms-form-login'; 
  202. if ( $show_labels ) { 
  203. $form_class .= ' ms-has-labels'; 
  204. } else { 
  205. $form_class .= ' ms-no-labels'; 
  206. if ( $autofocus ) { 
  207. $form_class .= ' autofocus'; 
  208.  
  209. ob_start(); 
  210. ?> 
  211. <form 
  212. name="<?php echo esc_attr( $id_login_form ); ?>" 
  213. id="<?php echo esc_attr( $id_login_form ); ?>" 
  214. action="login" method="post" 
  215. class="<?php echo esc_attr( $form_class ); ?>" 
  216. style="<?php echo esc_attr( $show_form ); ?>"> 
  217.  
  218. <div class="form"> 
  219. <?php wp_nonce_field( 'ms-ajax-login' ); ?> 
  220. <?php echo apply_filters( 'login_form_top', '', $args ); ?> 
  221. <?php if ( 'top' === $nav_pos ) : ?> 
  222. <div class="status" style="display:none"></div> 
  223. <?php endif; ?> 
  224. <p class="login-username ms-field"> 
  225. <?php if ( $show_labels ) : ?> 
  226. <label for="<?php echo esc_attr( $id_username ); ?>"> 
  227. <?php echo esc_html( $label_username ); ?> 
  228. </label> 
  229. <?php endif; ?> 
  230. <input 
  231. type="text" 
  232. name="log" 
  233. id="<?php echo esc_attr( $id_username ); ?>" 
  234. class="input focus" 
  235. value="<?php echo esc_attr( $value_username ); ?>" 
  236. size="20" 
  237. placeholder="<?php echo esc_html( $label_username ); ?>"> 
  238. </p> 
  239. <p class="login-password ms-field"> 
  240. <?php if ( $show_labels ) : ?> 
  241. <label for="<?php echo esc_attr( $id_password ); ?>"> 
  242. <?php echo esc_html( $label_password ); ?> 
  243. </label> 
  244. <?php endif; ?> 
  245. <input 
  246. type="password" 
  247. name="pwd" 
  248. id="<?php echo esc_attr( $id_password ); ?>" 
  249. class="input" 
  250. value="" 
  251. size="20" 
  252. placeholder="<?php echo esc_html( $label_password ); ?>"> 
  253. </p> 
  254. <?php echo apply_filters( 'login_form_middle', '', $args ); ?> 
  255. <?php if ( 'top' === $nav_pos ) : ?> 
  256. <div class="nav"> 
  257. <p><a class="lost" href="#lostpassword"> 
  258. <?php _e( 'Lost your password?', MS_TEXT_DOMAIN ); ?> 
  259. </a></p> 
  260. </div> 
  261. <?php endif; ?> 
  262. <?php if ( $show_remember ) : ?> 
  263. <p class="login-remember ms-field"> 
  264. <input 
  265. name="rememberme" 
  266. type="checkbox" 
  267. id="<?php echo esc_attr( $id_remember ); ?>" 
  268. value="forever" 
  269. <?php checked( $value_remember ); ?> /> 
  270. <label for="<?php echo esc_attr( $id_remember ); ?>"> 
  271. <?php echo esc_html( $label_remember ); ?> 
  272. </label> 
  273. </p> 
  274. <?php endif; ?> 
  275. <p class="login-submit"> 
  276. <input 
  277. type="submit" 
  278. name="wp-submit" 
  279. id="<?php echo esc_attr( $id_login ); ?>" 
  280. class="button-primary" 
  281. value="<?php echo esc_attr( $label_log_in ); ?>" /> 
  282. <input type="hidden" name="redirect_to" value="<?php echo esc_url( $redirect_login ); ?>" /> 
  283. </p> 
  284. <?php echo apply_filters( 'login_form_bottom', '', $args ); ?> 
  285. <?php if ( 'bottom' === $nav_pos ) : ?> 
  286. <div class="status" style="display:none"></div> 
  287. </div> 
  288. <div class="nav"> 
  289. <p><a class="lost" href="#lostpassword"><?php _e( 'Lost your password?', MS_TEXT_DOMAIN ); ?></a></p> 
  290. <?php endif; ?> 
  291. </div> 
  292. </form> 
  293. <?php 
  294. return ob_get_clean(); 
  295.  
  296. /** 
  297. * Returns the HTML partial of the lost-password form 
  298. * 
  299. * @since 1.0.0 
  300. * 
  301. * @return string 
  302. */ 
  303. private function lostpass_form() { 
  304. $defaults = array( 
  305. 'label_lost_username' => __( 'Username or E-mail', MS_TEXT_DOMAIN ),  
  306. 'label_lostpass' => __( 'Reset Password', MS_TEXT_DOMAIN ),  
  307. 'id_lost_form' => 'lostpasswordform',  
  308. 'id_lost_username' => 'user_login',  
  309. 'id_lostpass' => 'wp-submit',  
  310. 'value_username' => '',  
  311. ); 
  312.  
  313. /** 
  314. * Filter the default login form output arguments. 
  315. * 
  316. * @since 3.0.0 
  317. * 
  318. * @see wp_login_form() 
  319. * 
  320. * @param array $defaults An array of default login form arguments. 
  321. */ 
  322. $args = wp_parse_args( $this->data, apply_filters( 'login_form_defaults', $defaults ) ); 
  323.  
  324. extract( $args ); 
  325.  
  326. $show_form = 'lost' === $form ? '' : 'display:none'; 
  327. $form_class = 'ms-form ms-form-lost'; 
  328. if ( $show_labels ) { 
  329. $form_class .= ' ms-has-labels'; 
  330. } else { 
  331. $form_class .= ' ms-no-labels'; 
  332.  
  333. ob_start(); 
  334. do_action( 'lost_password' ); 
  335. ?> 
  336. <form 
  337. name="<?php echo esc_attr( $id_lost_form ); ?>" 
  338. id="<?php echo esc_attr( $id_lost_form ); ?>" 
  339. action="lostpassword" 
  340. method="post" 
  341. class="<?php echo esc_attr( $form_class ); ?>" 
  342. style="<?php echo esc_attr( $show_form ); ?>"> 
  343. <div class="form"> 
  344. <?php wp_nonce_field( 'ms-ajax-lostpass' ); ?> 
  345. <?php echo apply_filters( 'lostpass_form_top', '', $args ); ?> 
  346. <?php if ( 'top' === $nav_pos ) : ?> 
  347. <div class="status" style="display:none"></div> 
  348. <?php endif; ?> 
  349. <p class="lostpassword-username ms-field"> 
  350. <?php if ( $show_labels ) : ?> 
  351. <label for="<?php echo esc_attr( $id_lost_username ); ?>" > 
  352. <?php echo esc_html( $label_lost_username ); ?> 
  353. </label> 
  354. <?php endif; ?> 
  355. <input 
  356. type="text" 
  357. name="user_login" 
  358. id="<?php echo esc_attr( $id_lost_username ); ?>" 
  359. class="input focus" 
  360. value="<?php echo esc_attr( $value_username ); ?>" 
  361. size="20" 
  362. placeholder="<?php echo esc_html( $label_lost_username ); ?>" /> 
  363. </p> 
  364. <?php echo apply_filters( 'lostpass_form_middle', '', $args ); ?> 
  365. <?php if ( 'top' === $nav_pos ) : ?> 
  366. <div class="nav"> 
  367. <p><a class="login" href="#login"><?php _e( 'Log in', MS_TEXT_DOMAIN ); ?></a></p> 
  368. </div> 
  369. <?php endif; ?> 
  370. <?php 
  371. /** 
  372. * Fires inside the lostpassword <form> tags, before the hidden fields. 
  373. * 
  374. * @since 2.1.0 
  375. */ 
  376. do_action( 'lostpassword_form' ); ?> 
  377. <p class="submit"> 
  378. <input 
  379. type="submit" 
  380. name="wp-submit" 
  381. id="<?php echo esc_attr( $id_lostpass ); ?>" 
  382. class="button-primary" 
  383. value="<?php echo esc_attr( $label_lostpass ); ?>" /> 
  384. </p> 
  385. <?php echo apply_filters( 'lostpass_form_bottom', '', $args ); ?> 
  386. <?php if ( 'bottom' === $nav_pos ) : ?> 
  387. <div class="status" style="display:none"></div> 
  388. </div> 
  389. <div class="nav"> 
  390. <p><a class="login" href="#login"><?php _e( 'Log in', MS_TEXT_DOMAIN ); ?></a></p> 
  391. <?php endif; ?> 
  392. </div> 
  393. </form> 
  394. <?php 
  395. return ob_get_clean(); 
  396.  
  397. /** 
  398. * Returns HTML partial that contains the logout form 
  399. * 
  400. * @since 1.0.0 
  401. * 
  402. * @return string 
  403. */ 
  404. private function logout_form() { 
  405. if ( ! MS_Model_Member::is_logged_in() ) { return ''; } 
  406. $member = MS_Model_Member::get_current_member(); 
  407.  
  408. extract( $this->data ); 
  409.  
  410. if ( empty( $redirect_logout ) ) { 
  411. $redirect_logout = home_url(); 
  412.  
  413. $yourname = sprintf( 
  414. __( 'You are logged in as %s.', MS_TEXT_DOMAIN ),  
  415. ucfirst( $member->name ) 
  416. ); 
  417.  
  418. $html = sprintf( 
  419. '%1$s <a class="login_button" href="%2$s">%3$s</a>',  
  420. $yourname,  
  421. wp_logout_url( $redirect_logout ),  
  422. __( 'Logout', MS_TEXT_DOMAIN ) 
  423. ); 
  424.  
  425. if ( ! empty( $holder ) ) { 
  426. $html = sprintf( 
  427. '<%1$s class="%2$s">%3$s</%1$s>',  
  428. esc_attr( $holder ),  
  429. esc_attr( $holderclass ),  
  430. $html 
  431. ); 
  432.  
  433. return $html; 
  434.  
  435. /** 
  436. * Returns HTML partial that contains password-reset form. 
  437. * Based on WordPress core code from wp-login.php 
  438. * 
  439. * @since 1.0.0 
  440. * 
  441. * @return string 
  442. */ 
  443. private function reset_form() { 
  444. ob_start(); 
  445.  
  446. lib2()->array->equip_get( 'login', 'key' ); 
  447. $rp_login = wp_unslash( $_GET['login'] ); 
  448. $rp_key = wp_unslash( $_GET['key'] ); 
  449. $err_msg = new WP_Error(); 
  450.  
  451. // Get the user object and validate the key. 
  452. if ( $rp_login && $rp_key ) { 
  453. $user = check_password_reset_key( $rp_key, $rp_login ); 
  454. } else { 
  455. $user = false; 
  456.  
  457. lib2()->array->strip_slashes( $_POST, 'pass1', 'pass2' ); 
  458.  
  459. // If the user was not found then redirect to an error page. 
  460. if ( ! $user || is_wp_error( $user ) ) { 
  461. if ( $user && 'expired_key' == $user->get_error_code() ) { 
  462. $err_msg->add( 'password_expired_key', __( 'The password-reset key is already expired.', MS_TEXT_DOMAIN ) ); 
  463. } else { 
  464. $err_msg->add( 'password_invalid_key', __( 'The password-reset key is invalid or missing.', MS_TEXT_DOMAIN ) ); 
  465. $url = esc_url_raw( 
  466. remove_query_arg( array( 'action', 'key', 'login' ) ) 
  467. ); 
  468.  
  469. return sprintf( 
  470. '<p>%s</p><p><a href="%s">%s</a>',  
  471. $err_msg,  
  472. $url,  
  473. __( 'Request a new password-reset key', MS_TEXT_DOMAIN ) 
  474. ); 
  475. } else { 
  476. // If the user provided a new password, then check it now. 
  477. if ( isset( $_POST['pass1'] ) && $_POST['pass1'] != $_POST['pass2'] ) { 
  478. $err_msg->add( 'password_reset_mismatch', __( 'The passwords do not match.', MS_TEXT_DOMAIN ) ); 
  479.  
  480. // This action is documented in wp-login.php 
  481. do_action( 'validate_password_reset', $err_msg, $user ); 
  482.  
  483. if ( ! count( $err_msg->errors ) 
  484. && isset( $_POST['pass1'] ) && ! empty( $_POST['pass1'] ) 
  485. ) { 
  486. reset_password( $user, $_POST['pass1'] ); 
  487.  
  488. // All done! 
  489. return __( 'Your Password has been reset.', MS_TEXT_DOMAIN ); 
  490.  
  491. wp_enqueue_script( 'utils' ); 
  492. wp_enqueue_script( 'user-profile' ); 
  493.  
  494. if ( count( $err_msg->errors ) ) { 
  495. echo '<p class="error">' . implode( '<br/>', $err_msg->get_error_messages() ) . '</p>'; 
  496. ?> 
  497. <form name="resetpassform" id="resetpassform" action="" method="post" autocomplete="off"> 
  498. <input type="hidden" id="user_login" value="<?php echo esc_attr( $rp_login ); ?>" autocomplete="off"/> 
  499.  
  500. <p> 
  501. <label for="pass1"><?php _e( 'New password', MS_TEXT_DOMAIN ) ?><br/> 
  502. <input type="password" name="pass1" id="pass1" class="input" size="20" value="" autocomplete="off"/></label> 
  503. </p> 
  504.  
  505. <p> 
  506. <label for="pass2"><?php _e( 'Confirm new password', MS_TEXT_DOMAIN ) ?><br/> 
  507. <input type="password" name="pass2" id="pass2" class="input" size="20" value="" autocomplete="off"/></label> 
  508. </p> 
  509.  
  510. <div id="pass-strength-result" 
  511. class="hide-if-no-js"><?php _e( 'Strength indicator', MS_TEXT_DOMAIN ); ?></div> 
  512. <p class="description indicator-hint"><?php _e( 'Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).', MS_TEXT_DOMAIN ); ?></p> 
  513.  
  514. <br class="clear"/> 
  515.  
  516. <?php 
  517. // This action is documented in wp-login.php 
  518. do_action( 'resetpass_form', $user ); 
  519. ?> 
  520. <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" 
  521. class="button button-primary button-large" 
  522. value="<?php esc_attr_e( 'Reset Password' ); ?>"/></p> 
  523. </form> 
  524. <?php 
  525. return ob_get_clean(); 
.