Auth.php
3.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<?php
namespace Tz\WordPress\Tools\Auth;
use \Exception, \LogicException, \InvalidArgumentException, \BadMethodCallException;
const REG_METH_AUTO_REG = 1;
const REG_METH_VALID_EMAIL = 2;
const FORGOT_METH_VALID_EMAIL = 1;
const FORGOT_METH_RAND_PASS = 2;
const ACTION_ACTIVATE = 'activate_account';
/**
* Attempts to login the user
* @param {String} $username
* @param {String} $password
* @param {Boolean} $remember
* @returns WP_User instance
* @throws LogicException If headers have already been passed
* @throws InvalidArgumentException If the authentication is invalid
*/
function login($username, $password, $remember = true) {
if (headers_sent()) {
throw new LogicException('Unable to login because headers have been sent');
}
$auth = _signon(Array(
'user_login' => esc_sql($username)
, 'user_password' => esc_sql($password)
, 'remember' => $remember
));
if (get_class($auth) == 'WP_User') {
return $auth;
}
throw new InvalidArgumentException('Invalid username/password');
//$auth->get_error_message()); this would be nice except it links to a wp-page
}
/**
* Attempts to log the user out
* @returns Boolean
* @throws LogicException If HTTP headers have already been sent
*/
function logout() {
if (headers_sent()) {
throw new LogicException('Unable to logout because headers have been sent');
}
_logout();
return true;
}
function register($user_data = Array(), $registration_method) {
require_once(ABSPATH . WPINC . DIRECTORY_SEPARATOR . 'registration.php');
$valid = new Validation($user_data);
if (count($valid->errors) > 0) {
throw new BadMethodCallException(implode("\n", $valid->errors));
}
array_filter($user_data, 'esc_sql');
$id = (int)_insert_user($user_data);
global $wpdb;
$wpdb->query("UPDATE `{$wpdb->users}` SET `user_status` = 1 WHERE `ID` = {$id}");
return $id;
}
function activate($username, $activation_key) {
do_action(ACTION_ACTIVATE, $user_id);
}
function forgot_password($username, $forgot_method) {
}
class Validation extends \Tz\Validation {
/**
* @rule Not blank
* @rule Valid WordPress username
* @returns Boolean
*/
protected function username($val) {
if (empty($val)) {
throw new Exception('Username is blank');
}
require_once(ABSPATH . WPINC . DIRECTORY_SEPARATOR . 'registration.php');
if (!validate_username($val)) {
throw new Exception('Username must be at least 4 characters, letters and numbers only');
}
if (username_exists($_POST['reg_username'])) {
throw new Exception('Username already exists');
}
}
/**
* @rule Not blank
* @returns Boolean
*/
protected function password($val) {
if (empty($val)) {
throw new Exception('Password can not be blank');
}
}
/**
* @rule Valid email address (*@*.*)
* @returns Boolean
*/
protected function email($val) {
if (!(boolean)filter_var($val, FILTER_VALIDATE_EMAIL)) {
throw new Exception('Invalid email address');
}
if (false !== email_exists($val)) {
throw new Exception('Email address already registered');
}
}
}
?>