/app/controller/class-ms-controller-dialog.php

  1. <?php 
  2. /** 
  3. * Controller to manage Membership popup dialogs. 
  4. * 
  5. * @since 1.0.0 
  6. * 
  7. * @package Membership2 
  8. * @subpackage Controller 
  9. * 
  10. * @return object 
  11. */ 
  12. class MS_Controller_Dialog extends MS_Controller { 
  13.  
  14. /** 
  15. * Prepare the Dialog manager. 
  16. * 
  17. * @since 1.0.0 
  18. * @internal 
  19. */ 
  20. public function __construct() { 
  21. parent::__construct(); 
  22.  
  23. // Listen to Ajax requests that want to display a popup. 
  24. $this->add_ajax_action( 'ms_dialog', 'ajax_dialog' ); 
  25.  
  26. // Listen to Ajax requests that submit form data. 
  27. $this->add_ajax_action( 'ms_submit', 'ajax_submit' ); 
  28.  
  29. // Login. For IE this hook is listening to guests + logged in users. 
  30. $this->add_ajax_action( 'ms_login', 'ajax_login', true, true ); 
  31. $this->add_ajax_action( 'ms_lostpass', 'ajax_lostpass', true, true ); 
  32.  
  33. /** 
  34. * Ajax handler. Returns the HTML code of an popup dialog. 
  35. * The process is terminated after this handler. 
  36. * 
  37. * @since 1.0.0 
  38. * @internal 
  39. */ 
  40. public function ajax_dialog() { 
  41. $data = ''; 
  42.  
  43. if ( isset( $_REQUEST['dialog'] ) ) { 
  44. $dialog = $_REQUEST['dialog']; 
  45. $dlg = MS_Factory::create( 'MS_' . $dialog ); 
  46.  
  47. $dlg->prepare(); 
  48.  
  49. $data = array( 
  50. 'id' => $dialog,  
  51. 'title' => $dlg->title,  
  52. 'content' => $dlg->content,  
  53. 'height' => $dlg->height,  
  54. 'width' => $dlg->width,  
  55. 'modal' => $dlg->modal,  
  56. ); 
  57.  
  58. $this->respond( $data ); 
  59.  
  60. /** 
  61. * Ajax handler. Handles incoming form data that was submitted via ajax. 
  62. * Typically this form is displayed inside a popup. 
  63. * 
  64. * @since 1.0.0 
  65. * @internal 
  66. */ 
  67. public function ajax_submit() { 
  68. $data = ''; 
  69.  
  70. if ( isset( $_REQUEST['dialog'] ) ) { 
  71. $dialog = $_REQUEST['dialog']; 
  72. $dlg = MS_Factory::create( 'MS_' . $dialog ); 
  73. $data = $dlg->submit(); 
  74.  
  75. $this->respond( $data ); 
  76.  
  77. /** 
  78. * Ajax handler. Used by shortcode `ms-membership-login` to login via ajax. 
  79. * 
  80. * @since 1.0.0 
  81. * @internal 
  82. */ 
  83. public function ajax_login() { 
  84. $resp = array(); 
  85.  
  86. // First check the nonce, if it fails the function will break 
  87. check_ajax_referer( 'ms-ajax-login' ); 
  88.  
  89. /** 
  90. * The login fields have alternative names: 
  91. * - username or log 
  92. * - password or pwd 
  93. * - remember or rememberme 
  94. */ 
  95. lib3()->array->equip_post( 
  96. 'username',  
  97. 'password',  
  98. 'remember',  
  99. 'log',  
  100. 'pwd',  
  101. 'rememberme' 
  102. ); 
  103.  
  104. if ( empty( $_POST['username'] ) && ! empty( $_POST['log'] ) ) { 
  105. $_POST['username'] = $_POST['log']; 
  106. if ( empty( $_POST['password'] ) && ! empty( $_POST['pwd'] ) ) { 
  107. $_POST['password'] = $_POST['pwd']; 
  108. if ( empty( $_POST['remember'] ) && ! empty( $_POST['rememberme'] ) ) { 
  109. $_POST['remember'] = $_POST['rememberme']; 
  110.  
  111. lib3()->array->equip_post( 'username', 'password', 'remember' ); 
  112. lib3()->array->strip_slashes( $_POST, 'password' ); 
  113.  
  114. // Nonce is checked, get the POST data and sign user on 
  115. $info = array( 
  116. 'user_login' => $_POST['username'],  
  117. 'user_password' => $_POST['password'],  
  118. 'remember' => (bool) $_POST['remember'],  
  119. ); 
  120.  
  121. $user_signon = wp_signon( $info, false ); 
  122. if ( is_wp_error( $user_signon ) ) { 
  123. $resp['error'] = __( 'Wrong username or password', 'membership2' ); 
  124. } else { 
  125. $member = MS_Factory::load( 'MS_Model_Member', $user_signon->ID ); 
  126.  
  127. // Also used in class-ms-model-member.php (signon_user) 
  128. wp_set_current_user( $member->id ); 
  129. wp_set_auth_cookie( $member->id ); 
  130. do_action( 'wp_login', $member->username, $user_signon ); 
  131. do_action( 'ms_model_member_signon_user', $user_signon, $member ); 
  132.  
  133. $resp['loggedin'] = true; 
  134. $resp['success'] = __( 'Logging in...', 'membership2' ); 
  135.  
  136. /** 
  137. * Allows a custom redirection after login. 
  138. * Empty value will use the default redirect option of the login form. 
  139. * 
  140. * @since 1.0.0 
  141. */ 
  142. $resp['redirect'] = apply_filters( 'ms-ajax-login-redirect', '', $member ); 
  143.  
  144. $this->respond( $resp ); 
  145.  
  146. /** 
  147. * Ajax handler. Used by shortcode `ms-membership-login` to recover password 
  148. * 
  149. * @since 1.0.0 
  150. * @internal 
  151. */ 
  152. public function ajax_lostpass() { 
  153. $resp = array(); 
  154.  
  155. // First check the nonce, if it fails the function will break 
  156. check_ajax_referer( 'ms-ajax-lostpass' ); 
  157.  
  158. // Nonce is checked, get the POST data and sign user on 
  159. $errors = new WP_Error(); 
  160.  
  161. if ( empty( $_POST['user_login'] ) ) { 
  162. $resp['error'] = __( 'Enter a username or e-mail address.', 'membership2' ); 
  163. } else if ( strpos( $_POST['user_login'], '@' ) ) { 
  164. $user_data = get_user_by( 'email', trim( $_POST['user_login'] ) ); 
  165. if ( empty( $user_data ) ) { 
  166. $resp['error'] = __( 'There is no user registered with that email address.', 'membership2' ); 
  167. } else { 
  168. $login = trim( $_POST['user_login'] ); 
  169. $user_data = get_user_by( 'login', $login ); 
  170.  
  171. do_action( 'lostpassword_post' ); 
  172.  
  173. if ( ! empty( $resp['error'] ) ) { 
  174. $this->respond( $resp ); 
  175.  
  176. if ( ! $user_data ) { 
  177. $resp['error'] = __( 'Invalid username or e-mail.', 'membership2' ); 
  178. $this->respond( $resp ); 
  179.  
  180. // Redefining user_login ensures we return the right case in the email. 
  181. $user_login = $user_data->user_login; 
  182. $user_email = $user_data->user_email; 
  183.  
  184. do_action( 'retreive_password', $user_login ); // Legacy (misspelled) 
  185. do_action( 'retrieve_password', $user_login ); 
  186.  
  187. $allow = apply_filters( 'allow_password_reset', true, $user_data->ID ); 
  188.  
  189. if ( ! $allow ) { 
  190. $resp['error'] = __( 'Password reset is not allowed for this user', 'membership2' ); 
  191. $this->respond( $resp ); 
  192. } elseif ( is_wp_error( $allow ) ) { 
  193. return $allow; 
  194.  
  195. // Save an event about the password reset; also send the email template. 
  196. $member = MS_Factory::load( 'MS_Model_Member', $user_data->ID ); 
  197. MS_Model_Event::save_event( MS_Model_Event::TYPE_MS_RESETPASSWORD, $member ); 
  198.  
  199. // Send our default email if the user does not have a custom email template in place. 
  200. if ( ! apply_filters( 'ms_sent_reset_password_email', false ) ) { 
  201. // Get a new reset-key. 
  202. $reset = $member->new_password_reset_key(); 
  203.  
  204. $schema = is_ssl() ? 'https' : 'http'; 
  205.  
  206. $message = sprintf( 
  207. __( 'Someone requested that the password be reset for the following account: %sIf this was a mistake, just ignore this email and nothing will happen.%s', 'membership2' ),  
  208. "\r\n\r\n" . network_home_url( '/', $schema ) . "\r\n" . 
  209. sprintf( __( 'Your username: %s', 'membership2' ), $user_login ) . "\r\n\r\n",  
  210. "\r\n\r\n" . $reset->url . "\r\n" 
  211. ); 
  212.  
  213. if ( is_multisite() ) { 
  214. $blogname = $GLOBALS['current_site']->site_name; 
  215. } else { 
  216. $blogname = wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES ); 
  217.  
  218. $title = sprintf( __( '[%s] Password Reset' ), $blogname ); 
  219.  
  220. $title = apply_filters( 'retrieve_password_title', $title ); 
  221. $message = apply_filters( 'retrieve_password_message', $message, $reset->key, $reset->url ); 
  222.  
  223. if ( $message && ! wp_mail( $user_email, wp_specialchars_decode( $title ), $message ) ) { 
  224. $resp['error'] = __( 'The e-mail could not be sent.' ) . '<br />' . 
  225. __( 'Possible reason: your host may have disabled the mail() function.' ); 
  226. } else { 
  227. $resp['success'] = __( 'Check your e-mail for the confirmation link.', 'membership2' ); 
  228. } else { 
  229. $resp['success'] = __( 'Check your e-mail for the confirmation link.', 'membership2' ); 
  230.  
  231. $this->respond( $resp ); 
  232.  
  233. /** 
  234. * Output Ajax response (in JSON format) and terminate the process. 
  235. * 
  236. * @since 1.0.0 
  237. * 
  238. * @param array $resp The data to output. 
  239. */ 
  240. private function respond( $resp ) { 
  241. echo json_encode( $resp ); 
  242. exit(); 
  243.  
  244. }; 
.