Home Esplora Aiuto
Accedi
tum
/
whitesports
Segui 1
Vota 0
Forka 0
Codice Problemi 0 Pull Requests 0 Commit 9 Rilasci 0 Wiki

Nessuna descrizione

Ramo (Branch): master
Rami (Branch) Tag
whitesports
/
app
/
wp-content
/
plugins
/
nextend-face...
/
includes
/
user.php

user.php 27KB
Permalink Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747 
  1. <?php
    2. 

  2. 

  3. use NSL\Notices;
    4. 

  4. use NSL\Persistent\Persistent;
    5. 

  5. 

  6. require_once(NSL_PATH . '/includes/userData.php');
    7. 

  7. 

  8. class NextendSocialUser {
    9. 

  9. 

  10.     /** @var NextendSocialProvider */
    11. 

  11.     protected $provider;
    12. 

  12. 

  13.     protected $access_token;
    14. 

  14. 

  15.     private $userExtraData;
    16. 

  16. 

  17.     protected $user_id;
    18. 

  18. 

  19.     protected $shouldAutoLogin = false;
    20. 

  20. 

  21.     /**
    22. 

  22.      * NextendSocialUser constructor.
    23. 

  23.      *
    24. 

  24.      * @param NextendSocialProvider $provider
    25. 

  25.      * @param                       $access_token
    26. 

  26.      */
    27. 

  27.     public function __construct($provider, $access_token) {
    28. 

  28.         $this->provider     = $provider;
    29. 

  29.         $this->access_token = $access_token;
    30. 

  30.     }
    31. 

  31. 

  32.     /**
    33. 

  33.      * @param $key
    34. 

  34.      * $key is like id, email, name, first_name, last_name
    35. 

  35.      * Returns a single userdata of the current provider or empty sting if $key is invalid.
    36. 

  36.      *
    37. 

  37.      * @return string
    38. 

  38.      */
    39. 

  39.     public function getAuthUserData($key) {
    40. 

  40.         return $this->provider->getAuthUserData($key);
    41. 

  41.     }
    42. 

  42. 

  43.     /**
    44. 

  44.      * Connect with a Provider
    45. 

  45.      * If user is not logged in
    46. 

  46.      * - and has no linked social data (in wp_social_users table), prepare them for register.
    47. 

  47.      * - but if has linked social data, log them in.
    48. 

  48.      * If the user is logged in, retrieve the user data,
    49. 

  49.      * - if the user has no linked social data with the selected provider and there is no other user who linked that id
    50. 

  50.      * , link them and sync the access_token.
    51. 

  51.      */
    52. 

  52.     public function liveConnectGetUserProfile() {
    53. 

  53. 

  54.         $user_id = $this->provider->getUserIDByProviderIdentifier($this->getAuthUserData('id'));
    55. 

  55.         if ($user_id !== null && !get_user_by('id', $user_id)) {
    56. 

  56.             $this->provider->removeConnectionByUserID($user_id);
    57. 

  57.             $user_id = null;
    58. 

  58.         }
    59. 

  59. 

  60.         if (!is_user_logged_in()) {
    61. 

  61. 

  62.             if ($user_id == null) {
    63. 

  63.                 $this->prepareRegister();
    64. 

  64.             } else {
    65. 

  65.                 $this->login($user_id);
    66. 

  66.             }
    67. 

  67.         } else {
    68. 

  68.             $current_user = wp_get_current_user();
    69. 

  69.             if ($user_id === null) {
    70. 

  70.                 // Let's connect the account to the current user!
    71. 

  71. 

  72.                 if ($this->provider->linkUserToProviderIdentifier($current_user->ID, $this->getAuthUserData('id'))) {
    73. 

  73. 

  74.                     $this->provider->syncProfile($current_user->ID, $this->provider, $this->access_token);
    75. 

  75. 

  76.                     Notices::addSuccess(sprintf(__('Your %1$s account is successfully linked with your account. Now you can sign in with %2$s easily.', 'nextend-facebook-connect'), $this->provider->getLabel(), $this->provider->getLabel()));
    77. 

  77.                 } else {
    78. 

  78. 

  79.                     Notices::addError(sprintf(__('You have already linked a(n) %s account. Please unlink the current and then you can link another %s account.', 'nextend-facebook-connect'), $this->provider->getLabel(), $this->provider->getLabel()));
    80. 

  80.                 }
    81. 

  81. 

  82.             } else if ($current_user->ID != $user_id) {
    83. 

  83. 

  84.                 Notices::addError(sprintf(__('This %s account is already linked to another user.', 'nextend-facebook-connect'), $this->provider->getLabel()));
    85. 

  85.             }
    86. 

  86.         }
    87. 

  87.     }
    88. 

  88. 

  89.     /**
    90. 

  90.      * Prepares the registration and registers the user.
    91. 

  91.      * If the email is not registered yet, checks if register is enabled call register() function.
    92. 

  92.      * If the email is already registered, checks if autolink is enabled, if it is, log the user in.
    93. 

  93.      * Autolink enabled: links the current provider account with the existing social account and attempts to login.
    94. 

  94.      * Autolink disabled: Add error with already registered email message.
    95. 

  95.      */
    96. 

  96.     protected function prepareRegister() {
    97. 

  97. 

  98.         $user_id = false;
    99. 

  99. 

  100.         $providerUserID = $this->getAuthUserData('id');
    101. 

  101. 

  102.         $email = '';
    103. 

  103.         if (NextendSocialLogin::$settings->get('store_email') == 1) {
    104. 

  104.             $email = $this->getAuthUserData('email');
    105. 

  105.         }
    106. 

  106. 

  107.         if (empty($email)) {
    108. 

  108.             $email = '';
    109. 

  109.         } else {
    110. 

  110.             $user_id = email_exists($email);
    111. 

  111.         }
    112. 

  112. 

  113.         /**
    114. 

  114.          * Can be used for overriding the account where the social account should be automatically linked to.
    115. 

  115.          */
    116. 

  116.         $user_id = apply_filters('nsl_match_social_account_to_user_id', $user_id, $this, $this->provider);
    117. 

  117. 

  118.         if ($user_id === false) { // Real register
    119. 

  119.             if (apply_filters('nsl_is_register_allowed', true, $this->provider)) {
    120. 

  120.                 $this->register($providerUserID, $email);
    121. 

  121.             } else {
    122. 

  122.                 //unset the persistent data, so if an error happened, the user can re-authenticate with providers (Google) that offer account selector screen
    123. 

  123.                 Persistent::delete($this->provider->getId() . '_at');
    124. 

  124.                 Persistent::delete($this->provider->getId() . '_state');
    125. 

  125. 

  126.                 $registerDisabledMessage     = apply_filters('nsl_disabled_register_error_message', '');
    127. 

  127.                 $registerDisabledRedirectURL = apply_filters('nsl_disabled_register_redirect_url', '');
    128. 

  128. 

  129.                 $nslLoginUrl            = NextendSocialLogin::getLoginUrl();
    130. 

  130.                 $defaultDisabledMessage = __('User registration is currently not allowed.');
    131. 

  131. 

  132.                 $proxyPage = NextendSocialLogin::getProxyPage();
    133. 

  133.                 if ($proxyPage) {
    134. 

  134.                     if (empty($registerDisabledMessage) && $registerDisabledMessage !== false) {
    135. 

  135.                         /**
    136. 

  136.                          * There is no custom message and proxy page is used, so we need to inform the user with our own message.
    137. 

  137.                          */
    138. 

  138.                         $registerDisabledMessage = $defaultDisabledMessage;
    139. 

  139.                     }
    140. 

  140.                 } else {
    141. 

  141.                     if (empty($registerDisabledMessage) && $registerDisabledMessage !== false) {
    142. 

  142.                         if (!empty($registerDisabledRedirectURL)) {
    143. 

  143.                             /**
    144. 

  144.                              * There is no custom message and it is a custom redirect url, so we need to inform the user with our own message.
    145. 

  145.                              */
    146. 

  146.                             $registerDisabledMessage = $defaultDisabledMessage;
    147. 

  147.                         }
    148. 

  148.                     } else {
    149. 

  149.                         if (empty($registerDisabledRedirectURL)) {
    150. 

  150.                             /**
    151. 

  151.                              * By default WordPress displays an error message if the $_GET['registration'] is set to "disabled"
    152. 

  152.                              * To avoid displaying the default and the custom error message, the url should not contain it.
    153. 

  153.                              */
    154. 

  154.                             $registerDisabledRedirectURL = $nslLoginUrl;
    155. 

  155.                         }
    156. 

  156.                     }
    157. 

  157.                 }
    158. 

  158. 

  159.                 if (!empty($registerDisabledMessage)) {
    160. 

  160.                     $errors = new WP_Error();
    161. 

  161.                     $errors->add('registerdisabled', $registerDisabledMessage);
    162. 

  162.                     Notices::addError($errors->get_error_message());
    163. 

  163.                 }
    164. 

  164. 

  165.                 if (empty($registerDisabledRedirectURL)) {
    166. 

  166.                     $registerDisabledRedirectURL = add_query_arg('registration', 'disabled', $nslLoginUrl);
    167. 

  167.                 }
    168. 

  168. 

  169. 

  170.                 NextendSocialProvider::redirect(__('Authentication error', 'nextend-facebook-connect'), NextendSocialLogin::enableNoticeForUrl($registerDisabledRedirectURL));
    171. 

  171.                 exit;
    172. 

  172.             }
    173. 

  173. 

  174.         } else if ($this->autoLink($user_id, $providerUserID)) {
    175. 

  175.             $this->login($user_id);
    176. 

  176.         }
    177. 

  177. 

  178.         $this->provider->redirectToLoginForm();
    179. 

  179.     }
    180. 

  180. 

  181.     /**
    182. 

  182.      * @param $username
    183. 

  183.      * Makes the username in an appropriate format. Removes white space and some special characters.
    184. 

  184.      * Also turns it into lowercase. And put a prefix before the username if user_prefix is set.
    185. 

  185.      * If this formated username is valid returns it, else return false.
    186. 

  186.      *
    187. 

  187.      * @return bool|string
    188. 

  188.      */
    189. 

  189.     protected function sanitizeUserName($username) {
    190. 

  190.         if (empty($username)) {
    191. 

  191.             return false;
    192. 

  192.         }
    193. 

  193. 

  194.         $username = strtolower($username);
    195. 

  195. 

  196.         $username = preg_replace('/\s+/', '', $username);
    197. 

  197. 

  198.         $sanitized_user_login = sanitize_user($this->provider->settings->get('user_prefix') . $username, true);
    199. 

  199. 

  200.         if (empty($sanitized_user_login)) {
    201. 

  201.             return false;
    202. 

  202.         }
    203. 

  203. 

  204.         if (!validate_username($sanitized_user_login)) {
    205. 

  205.             return false;
    206. 

  206.         }
    207. 

  207. 

  208.         return $sanitized_user_login;
    209. 

  209.     }
    210. 

  210. 

  211.     /**
    212. 

  212.      * @param $providerID
    213. 

  213.      * @param $email
    214. 

  214.      * Registers the user.
    215. 

  215.      *
    216. 

  216.      * @return bool
    217. 

  217.      */
    218. 

  218.     protected function register($providerID, $email) {
    219. 

  219. 

  220.         NextendSocialLogin::$WPLoginCurrentFlow = 'register';
    221. 

  221. 

  222.         $sanitized_user_login = false;
    223. 

  223. 

  224.         if (NextendSocialLogin::$settings->get('store_name') == 1) {
    225. 

  225.             /**
    226. 

  226.              * First checks provided first_name & last_name if it is not available checks name if it is neither available checks secondary_name.
    227. 

  227.              */
    228. 

  228.             $sanitized_user_login = $this->sanitizeUserName($this->getAuthUserData('first_name') . $this->getAuthUserData('last_name'));
    229. 

  229.             if ($sanitized_user_login === false) {
    230. 

  230.                 $sanitized_user_login = $this->sanitizeUserName($this->getAuthUserData('username'));
    231. 

  231.                 if ($sanitized_user_login === false) {
    232. 

  232.                     $sanitized_user_login = $this->sanitizeUserName($this->getAuthUserData('name'));
    233. 

  233.                 }
    234. 

  234.             }
    235. 

  235.         }
    236. 

  236. 

  237.         $email = '';
    238. 

  238.         if (NextendSocialLogin::$settings->get('store_email') == 1) {
    239. 

  239.             $email = $this->getAuthUserData('email');
    240. 

  240.         }
    241. 

  241.         $userData = array(
    242. 

  242.             'email'    => $email,
    243. 

  243.             'username' => $sanitized_user_login
    244. 

  244.         );
    245. 

  245. 

  246.         do_action('nsl_before_register', $this->provider);
    247. 

  247. 

  248.         do_action('nsl_' . $this->provider->getId() . '_before_register');
    249. 

  249. 

  250.         if (NextendSocialLogin::$settings->get('terms_show') == '1') {
    251. 

  251. 

  252.             add_filter('nsl_registration_require_extra_input', array(
    253. 

  253.                 $this,
    254. 

  254.                 'require_extra_input_terms'
    255. 

  255.             ));
    256. 

  256.         }
    257. 

  257. 

  258. 

  259.         /** @var array $userData Validated user data */
    260. 

  260.         $userData = $this->finalizeUserData($userData);
    261. 

  261. 

  262.         /**
    263. 

  263.          * -If neither of the usernames ( first_name & last_name, secondary_name) are appropriate, the fallback username will be combined with and id that was sent by the provider.
    264. 

  264.          * -In this way we can generate an appropriate username.
    265. 

  265.          */
    266. 

  266.         if (empty($userData['username'])) {
    267. 

  267.             $userData['username'] = sanitize_user($this->provider->settings->get('user_fallback') . md5(uniqid(rand())), true);
    268. 

  268.         }
    269. 

  269. 

  270.         /**
    271. 

  271.          * If the username is already in use, it will get a number suffix, that is not registered yet.
    272. 

  272.          */
    273. 

  273.         $default_user_name = $userData['username'];
    274. 

  274.         $i                 = 1;
    275. 

  275.         while (username_exists($userData['username'])) {
    276. 

  276.             $userData['username'] = $default_user_name . $i;
    277. 

  277.             $i++;
    278. 

  278.         }
    279. 

  279. 

  280.         /**
    281. 

  281.          * Generates a random password. And set the default_password_nag to true. So the user get notify about randomly generated password.
    282. 

  282.          */
    283. 

  283.         if (empty($userData['password'])) {
    284. 

  284.             $userData['password'] = wp_generate_password(12, false);
    285. 

  285. 

  286.             add_action('user_register', array(
    287. 

  287.                 $this,
    288. 

  288.                 'registerCompleteDefaultPasswordNag'
    289. 

  289.             ));
    290. 

  290.         }
    291. 

  291.         /**
    292. 

  292.          * Preregister, checks what roles shall be informed about the registration and sends a notification to them.
    293. 

  293.          */
    294. 

  294.         do_action('nsl_pre_register_new_user', $this);
    295. 

  295. 

  296.         $loginRestriction = NextendSocialLogin::$settings->get('login_restriction');
    297. 

  297.         if ($loginRestriction) {
    298. 

  298.             $errors = new WP_Error();
    299. 

  299. 

  300.             //Prevent New User Approve registration before NSL registration
    301. 

  301.             if (class_exists('pw_new_user_approve', false)) {
    302. 

  302.                 remove_action('register_post', array(
    303. 

  303.                     pw_new_user_approve::instance(),
    304. 

  304.                     'create_new_user'
    305. 

  305.                 ), 10);
    306. 

  306.             }
    307. 

  307. 

  308.             //Ultimate Member redirects before we update the Avatar, we need to sync before the redirect
    309. 

  309.             if (class_exists('UM', false)) {
    310. 

  310.                 add_action('um_registration_after_auto_login', array(
    311. 

  311.                     $this,
    312. 

  312.                     'syncProfileUser'
    313. 

  313.                 ), 10);
    314. 

  314.             }
    315. 

  315. 

  316.             /*For TML 6.4.17 Register notification integration*/
    317. 

  317.             do_action('register_post', $userData['username'], $userData['email'], $errors);
    318. 

  318. 

  319.             if ($errors->get_error_code()) {
    320. 

  320.                 //unset the persistent data, so if an error happened, the user can re-authenticate with providers (Google) that offer account selector screen
    321. 

  321.                 Persistent::delete($this->provider->getId() . '_at');
    322. 

  322.                 Persistent::delete($this->provider->getId() . '_state');
    323. 

  323. 

  324.                 Notices::addError($errors);
    325. 

  325.                 $this->redirectToLastLocationLogin(true);
    326. 

  326.             }
    327. 

  327.         }
    328. 

  328. 

  329.         /**
    330. 

  330.          * Eduma theme user priority 1000 to auto log in users. We need to stay under that priority @see https://themeforest.net/item/education-wordpress-theme-education-wp/14058034
    331. 

  331.          * WooCommerce Follow-Up Emails use priority 10, so we need higher @see https://woocommerce.com/products/follow-up-emails/
    332. 

  332.          *
    333. 

  333.          * If there was no error during the registration process,
    334. 

  334.          * -links the user to the providerIdentifier ( wp_social_users table in database store this link ).
    335. 

  335.          * -set the roles for the user.
    336. 

  336.          * -login the user.
    337. 

  337.          */
    338. 

  338.         add_action('user_register', array(
    339. 

  339.             $this,
    340. 

  340.             'registerComplete'
    341. 

  341.         ), 31);
    342. 

  342. 

  343.         $autoLoginPriority = apply_filters('nsl_autologin_priority', 40);
    344. 

  344.         add_action('user_register', array(
    345. 

  345.             $this,
    346. 

  346.             'doAutoLogin'
    347. 

  347.         ), $autoLoginPriority);
    348. 

  348. 

  349. 

  350.         $this->userExtraData = $userData;
    351. 

  351. 

  352.         $user_data = array(
    353. 

  353.             'user_login' => wp_slash($userData['username']),
    354. 

  354.             'user_email' => wp_slash($userData['email']),
    355. 

  355.             'user_pass'  => $userData['password']
    356. 

  356.         );
    357. 

  357. 

  358.         if (NextendSocialLogin::$settings->get('store_name') == 1) {
    359. 

  359.             $name = $this->getAuthUserData('name');
    360. 

  360.             if (!empty($name)) {
    361. 

  361.                 $user_data['display_name'] = $name;
    362. 

  362.             }
    363. 

  363. 

  364.             $first_name = $this->getAuthUserData('first_name');
    365. 

  365.             if (!empty($first_name)) {
    366. 

  366.                 $user_data['first_name'] = $first_name;
    367. 

  367.             }
    368. 

  368. 

  369.             $last_name = $this->getAuthUserData('last_name');
    370. 

  370.             if (!empty($last_name)) {
    371. 

  371.                 $user_data['last_name'] = $last_name;
    372. 

  372.             }
    373. 

  373.         }
    374. 

  374. 

  375.         //Prevent sending the Woocommerce User Email Verification notification if Login restriction is turned off.
    376. 

  376.         if (class_exists('XLWUEV_Core', false) && !$loginRestriction) {
    377. 

  377.             remove_action('user_register', array(
    378. 

  378.                 XLWUEV_Woocommerce_Confirmation_Email_Public::instance(),
    379. 

  379.                 'custom_form_user_register'
    380. 

  380.             ), 10);
    381. 

  381.             remove_action('woocommerce_created_customer_notification', array(
    382. 

  382.                 XLWUEV_Woocommerce_Confirmation_Email_Public::instance(),
    383. 

  383.                 'new_user_registration_from_registration_form'
    384. 

  384.             ), 10);
    385. 

  385.         }
    386. 

  386. 

  387. 

  388.         $error = wp_insert_user($user_data);
    389. 

  389. 

  390.         if (is_wp_error($error)) {
    391. 

  391. 

  392.             Notices::addError($error);
    393. 

  393.             $this->redirectToLastLocationLogin(true);
    394. 

  394. 

  395.         } else if ($error === 0) {
    396. 

  396.             $this->registerError();
    397. 

  397.             exit;
    398. 

  398.         }
    399. 

  399. 

  400.         //registerComplete will log in user and redirects. If we reach here, the user creation failed.
    401. 

  401.         return false;
    402. 

  402.     }
    403. 

  403. 

  404.     /**
    405. 

  405.      * By setting the default_password_nag to true, will inform the user about random password usage.
    406. 

  406.      */
    407. 

  407.     public function registerCompleteDefaultPasswordNag($user_id) {
    408. 

  408.         update_user_option($user_id, 'default_password_nag', true, true);
    409. 

  409.     }
    410. 

  410. 

  411. 

  412.     /**
    413. 

  413.      * @param $user_id
    414. 

  414.      * Retrieves the name, first_name, last_name and update the user data.
    415. 

  415.      * Also set a reminder to change the generated password.
    416. 

  416.      * Links the user with the provider. Set their roles. Send notification about the registration to the selected
    417. 

  417.      * roles. Logs the user in.
    418. 

  418.      *
    419. 

  419.      * @return bool
    420. 

  420.      */
    421. 

  421.     public function registerComplete($user_id) {
    422. 

  422.         if (is_wp_error($user_id) || $user_id === 0) {
    423. 

  423.             /** Registration failed */
    424. 

  424.             $this->registerError();
    425. 

  425. 

  426.             return false;
    427. 

  427.         }
    428. 

  428. 

  429.         if (class_exists('WooCommerce', false)) {
    430. 

  430.             if (NextendSocialLogin::$settings->get('store_name') == 1) {
    431. 

  431.                 $first_name = $this->getAuthUserData('first_name');
    432. 

  432.                 if (!empty($first_name)) {
    433. 

  433.                     update_user_meta($user_id, 'billing_first_name', $first_name);
    434. 

  434.                 }
    435. 

  435. 

  436.                 $last_name = $this->getAuthUserData('last_name');
    437. 

  437.                 if (!empty($last_name)) {
    438. 

  438.                     update_user_meta($user_id, 'billing_last_name', $last_name);
    439. 

  439.                 }
    440. 

  440.             }
    441. 

  441.         }
    442. 

  442. 

  443.         update_user_option($user_id, 'default_password_nag', true, true);
    444. 

  444. 

  445.         $this->provider->linkUserToProviderIdentifier($user_id, $this->getAuthUserData('id'), true);
    446. 

  446. 

  447.         do_action('nsl_registration_store_extra_input', $user_id, $this->userExtraData);
    448. 

  448. 

  449.         do_action('nsl_register_new_user', $user_id, $this->provider);
    450. 

  450.         do_action('nsl_' . $this->provider->getId() . '_register_new_user', $user_id, $this->provider);
    451. 

  451. 

  452.         $this->provider->deleteLoginPersistentData();
    453. 

  453. 

  454.         do_action('register_new_user', $user_id);
    455. 

  455. 

  456.         //BuddyPress - add register activity to accounts registered with social login
    457. 

  457.         if (class_exists('BuddyPress', false)) {
    458. 

  458.             if (bp_is_active('activity')) {
    459. 

  459.                 if (!function_exists('bp_core_new_user_activity')) {
    460. 

  460.                     require_once(buddypress()->plugin_dir . '/bp-members/bp-members-activity.php');
    461. 

  461.                 }
    462. 

  462.                 bp_core_new_user_activity($user_id);
    463. 

  463.             }
    464. 

  464.         }
    465. 

  465. 

  466.         /*Ultimate Member Registration integration -> Registration notificationhoz*/
    467. 

  467.         $loginRestriction = NextendSocialLogin::$settings->get('login_restriction');
    468. 

  468.         if (class_exists('UM', false) && $loginRestriction) {
    469. 

  469.             //Necessary to clear the UM user cache that was generated by: um\core\User:set_gravatar
    470. 

  470.             UM()
    471. 

  471.                 ->user()
    472. 

  472.                 ->remove_cache($user_id);
    473. 

  473.             add_filter('um_get_current_page_url', array(
    474. 

  474.                 $this,
    475. 

  475.                 'um_get_loginpage'
    476. 

  476.             ));
    477. 

  477.             do_action('um_user_register', $user_id, array(
    478. 

  478.                 'submitted' => array(
    479. 

  479.                     'timestamp' => current_time('timestamp')
    480. 

  480.                 )
    481. 

  481.             ));
    482. 

  482.         }
    483. 

  483. 

  484. 

  485.         //Woocommerce User Email Verification integration - By default it blocks login with NSL
    486. 

  486.         if (class_exists('XLWUEV_Core', false) && !$loginRestriction) {
    487. 

  487.             update_user_meta($user_id, 'wcemailverified', 'true');
    488. 

  488.         }
    489. 

  489. 

  490.         $this->shouldAutoLogin = true;
    491. 

  491. 

  492.         return true;
    493. 

  493.     }
    494. 

  494. 

  495. 

  496.     private function registerError() {
    497. 

  497.         /** @var $wpdb WPDB */ global $wpdb;
    498. 

  498. 

  499.         $isDebug = NextendSocialLogin::$settings->get('debug') == 1;
    500. 

  500.         if ($isDebug) {
    501. 

  501.             if ($wpdb->last_error !== '') {
    502. 

  502.                 echo "<div id='error'><p class='wpdberror'><strong>WordPress database error:</strong> [" . esc_html($wpdb->last_error) . "]<br /><code>" . esc_html($wpdb->last_query) . "</code></p></div>";
    503. 

  503.             }
    504. 

  504.         }
    505. 

  505. 

  506.         $this->provider->deleteLoginPersistentData();
    507. 

  507. 

  508.         if ($isDebug) {
    509. 

  509.             exit;
    510. 

  510.         }
    511. 

  511.     }
    512. 

  512. 

  513.     protected function login($user_id) {
    514. 

  514.         /** @var $wpdb WPDB */ global $wpdb;
    515. 

  515. 

  516.         $loginRestriction = NextendSocialLogin::$settings->get('login_restriction');
    517. 

  517.         if ($loginRestriction) {
    518. 

  518.             $user = new WP_User($user_id);
    519. 

  519.             $user = apply_filters('authenticate', $user, $user->get('user_login'), null);
    520. 

  520.             if (is_wp_error($user)) {
    521. 

  521.                 Notices::addError($user);
    522. 

  522.                 $this->provider->redirectToLoginForm();
    523. 

  523. 

  524.                 return $user;
    525. 

  525.             }
    526. 

  526. 

  527.             /**
    528. 

  528.              * Other plugins use this hook to prevent log in
    529. 

  529.              */
    530. 

  530.             $user = apply_filters('wp_authenticate_user', $user, null);
    531. 

  531.             if (is_wp_error($user)) {
    532. 

  532.                 Notices::addError($user);
    533. 

  533.                 $this->provider->redirectToLoginForm();
    534. 

  534. 

  535.                 return $user;
    536. 

  536.             }
    537. 

  537.         }
    538. 

  538. 

  539. 

  540.         $this->user_id = $user_id;
    541. 

  541. 

  542.         add_action('nsl_' . $this->provider->getId() . '_login', array(
    543. 

  543.             $this->provider,
    544. 

  544.             'syncProfile'
    545. 

  545.         ), 10, 3);
    546. 

  546. 

  547.         $isLoginAllowed = apply_filters('nsl_' . $this->provider->getId() . '_is_login_allowed', true, $this->provider, $user_id);
    548. 

  548. 

  549.         if ($isLoginAllowed) {
    550. 

  550. 

  551.             wp_set_current_user($user_id);
    552. 

  552. 

  553.             $secure_cookie = is_ssl();
    554. 

  554.             $secure_cookie = apply_filters('secure_signon_cookie', $secure_cookie, array());
    555. 

  555.             global $auth_secure_cookie; // XXX ugly hack to pass this to wp_authenticate_cookie
    556. 

  556. 

  557.             $auth_secure_cookie = $secure_cookie;
    558. 

  558.             wp_set_auth_cookie($user_id, true, $secure_cookie);
    559. 

  559.             $user_info = get_userdata($user_id);
    560. 

  560. 

  561.             $this->provider->logLoginDate($user_id);
    562. 

  562. 

  563.             $addStrongerRedirect = NextendSocialLogin::$settings->get('redirect_prevent_external') == 1 || $this->provider->hasFixedRedirect();
    564. 

  564.             if ($addStrongerRedirect) {
    565. 

  565.                 /**
    566. 

  566.                  * If another plugin tries to redirect in wp_login action, we will intercept and use our redirects
    567. 

  567.                  */
    568. 

  568.                 add_filter('wp_redirect', array(
    569. 

  569.                     $this,
    570. 

  570.                     'wp_redirect_filter'
    571. 

  571.                 ), 10000000);
    572. 

  572. 

  573.                 /**
    574. 

  574.                  * Fix: WishList Member exits before our redirects.
    575. 

  575.                  */
    576. 

  576.                 if (class_exists('WishListMember', false)) {
    577. 

  577.                     add_filter('wishlistmember_login_redirect_override', '__return_true');
    578. 

  578.                 }
    579. 

  579.             }
    580. 

  580. 

  581.             do_action('wp_login', $user_info->user_login, $user_info);
    582. 

  582. 

  583.             if ($addStrongerRedirect) {
    584. 

  584.                 /**
    585. 

  585.                  * Remove redirect interception when not needed anymore
    586. 

  586.                  */
    587. 

  587.                 remove_filter('wp_redirect', array(
    588. 

  588.                     $this,
    589. 

  589.                     'wp_redirect_filter'
    590. 

  590.                 ), 10000000);
    591. 

  591.             }
    592. 

  592. 

  593.             $this->finishLogin();
    594. 

  594.         } else {
    595. 

  595.             $this->provider->deleteLoginPersistentData();
    596. 

  596.             $loginDisabledMessage     = apply_filters('nsl_disabled_login_error_message', '');
    597. 

  597.             $loginDisabledRedirectURL = apply_filters('nsl_disabled_login_redirect_url', '');
    598. 

  598.             if (!empty($loginDisabledMessage)) {
    599. 

  599.                 Notices::clear();
    600. 

  600.                 $errors = new WP_Error();
    601. 

  601.                 $errors->add('logindisabled', $loginDisabledMessage);
    602. 

  602.                 Notices::addError($errors->get_error_message());
    603. 

  603.             }
    604. 

  604. 

  605.             if (!empty($loginDisabledRedirectURL)) {
    606. 

  606.                 NextendSocialProvider::redirect(__('Authentication error', 'nextend-facebook-connect'), NextendSocialLogin::enableNoticeForUrl($loginDisabledRedirectURL));
    607. 

  607.             }
    608. 

  608. 

  609.         }
    610. 

  610. 

  611.         $this->provider->redirectToLoginForm();
    612. 

  612.     }
    613. 

  613. 

  614.     public function doAutoLogin($user_id) {
    615. 

  615.         if ($this->shouldAutoLogin) {
    616. 

  616.             $this->login($user_id);
    617. 

  617.         }
    618. 

  618.     }
    619. 

  619. 

  620.     public function wp_redirect_filter($redirect) {
    621. 

  621.         $this->finishLogin();
    622. 

  622.         exit;
    623. 

  623.     }
    624. 

  624. 

  625.     protected function finishLogin() {
    626. 

  626. 

  627.         do_action('nsl_login', $this->user_id, $this->provider);
    628. 

  628.         do_action('nsl_' . $this->provider->getId() . '_login', $this->user_id, $this->provider, $this->access_token);
    629. 

  629. 

  630.         $this->redirectToLastLocationLogin();
    631. 

  631.     }
    632. 

  632. 

  633.     /**
    634. 

  634.      * Redirect the user to
    635. 

  635.      * -the Fixed redirect url if it is set
    636. 

  636.      * -where the login happened if redirect is specified in the url
    637. 

  637.      * -the Default redirect url if it is set, and if redirect was not specified in the url
    638. 

  638.      *
    639. 

  639.      * @param bool $notice
    640. 

  640.      */
    641. 

  641.     public function redirectToLastLocationLogin($notice = false) {
    642. 

  642. 

  643.         if (NextendSocialLogin::$settings->get('redirect_prevent_external') == 0) {
    644. 

  644.             add_filter('nsl_' . $this->provider->getId() . 'default_last_location_redirect', array(
    645. 

  645.                 $this,
    646. 

  646.                 'loginLastLocationRedirect'
    647. 

  647.             ), 9, 2);
    648. 

  648.         }
    649. 

  649. 

  650.         $this->provider->redirectToLastLocation($notice);
    651. 

  651.     }
    652. 

  652. 

  653.     /**
    654. 

  654.      * @param $redirect_to
    655. 

  655.      * @param $requested_redirect_to
    656. 

  656.      * Modifies where the user shall be redirected, after successful login.
    657. 

  657.      *
    658. 

  658.      * @return mixed|void
    659. 

  659.      */
    660. 

  660.     public function loginLastLocationRedirect($redirect_to, $requested_redirect_to) {
    661. 

  661.         return apply_filters('login_redirect', $redirect_to, $requested_redirect_to, wp_get_current_user());
    662. 

  662.     }
    663. 

  663. 

  664.     /**
    665. 

  665.      * @param $user_id
    666. 

  666.      * @param $providerUserID
    667. 

  667.      * If autoLink is enabled, it links the current account with the provider.
    668. 

  668.      *
    669. 

  669.      * @return bool
    670. 

  670.      */
    671. 

  671.     public function autoLink($user_id, $providerUserID) {
    672. 

  672. 

  673.         $isAutoLinkAllowed = true;
    674. 

  674.         $isAutoLinkAllowed = apply_filters('nsl_' . $this->provider->getId() . '_auto_link_allowed', $isAutoLinkAllowed, $this->provider, $user_id);
    675. 

  675.         if ($isAutoLinkAllowed) {
    676. 

  676.             $isLinkSuccessful = $this->provider->linkUserToProviderIdentifier($user_id, $providerUserID);
    677. 

  677.             if ($isLinkSuccessful) {
    678. 

  678.                 return $isLinkSuccessful;
    679. 

  679.             } else {
    680. 

  680.                 $this->provider->deleteLoginPersistentData();
    681. 

  681.                 $alreadyLinkedMessage = apply_filters('nsl_already_linked_error_message', sprintf(__('We found a user with your %1$s email address. Unfortunately it belongs to a different %1$s account, so we are unable to log you in. Please use the linked %1$s account or log in with your password!', 'nextend-facebook-connect'), $this->provider->getLabel()));
    682. 

  682.                 Notices::addError($alreadyLinkedMessage);
    683. 

  683.             }
    684. 

  684.         }
    685. 

  685. 

  686.         return false;
    687. 

  687.     }
    688. 

  688. 

  689.     /**
    690. 

  690.      * @return NextendSocialProvider
    691. 

  691.      */
    692. 

  692.     public function getProvider() {
    693. 

  693.         return $this->provider;
    694. 

  694.     }
    695. 

  695. 

  696.     /**
    697. 

  697.      * @param $userData
    698. 

  698.      *
    699. 

  699.      * @return array
    700. 

  700.      * @throws NSLContinuePageRenderException
    701. 

  701.      */
    702. 

  702.     public function finalizeUserData($userData) {
    703. 

  703. 

  704.         $data = new NextendSocialUserData($userData, $this, $this->provider);
    705. 

  705. 

  706.         return $data->toArray();
    707. 

  707.     }
    708. 

  708. 

  709.     public function require_extra_input_terms($askExtraData) {
    710. 

  710. 

  711.         add_action('nsl_registration_form_end', array(
    712. 

  712.             $this,
    713. 

  713.             'registration_form_terms'
    714. 

  714.         ), 10000);
    715. 

  715. 

  716.         return true;
    717. 

  717.     }
    718. 

  718. 

  719.     public function registration_form_terms($userData) {
    720. 

  720.         ?>
    721. 

  721.         <p>
    722. 

  722.             <?php
    723. 

  723.             $terms = $this->provider->settings->get('terms');
    724. 

  724. 

  725.             if (empty($terms)) {
    726. 

  726.                 $terms = NextendSocialLogin::$settings->get('terms');
    727. 

  727.             }
    728. 

  728. 

  729.             if (function_exists('get_privacy_policy_url')) {
    730. 

  730.                 $terms = str_replace('#privacy_policy_url', get_privacy_policy_url(), $terms);
    731. 

  731.             }
    732. 

  732. 

  733.             echo __($terms, 'nextend-facebook-connect');
    734. 

  734. 

  735.             ?>
    736. 

  736.         </p>
    737. 

  737.         <?php
    738. 

  738.     }
    739. 

  739. 

  740.     public function syncProfileUser($user_id) {
    741. 

  741.         $this->provider->syncProfile($user_id, $this->provider, $this->access_token);
    742. 

  742.     }
    743. 

  743. 

  744.     public function um_get_loginpage($page_url) {
    745. 

  745.         return um_get_core_page('login');
    746. 

  746.     }
    747. 

  747. }
    748.