WP Login

Rating: No reviews yet
Downloads: 0
Updated: Dec 12, 2015 by hieudaubep
Dev status: Planning Help Icon

Available Downloads

There are no downloads associated with this release.

Release Notes

<?php
/**
* WordPress User Page
*
* Handles authentication, registering, resetting passwords, forgot password,
* and other user handling.
*
* @package WordPress
*/

/** Make sure that the WordPress bootstrap has run before continuing. */
require( dirname(FILE) . '/wp-load.php' );

// Redirect to https login if forced to use SSL
if ( forcessladmin() && ! is_ssl() ) {
if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
wp_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
exit();
} else {
wp_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
exit();
}
}

/**
* Output the login page header.
*
* @param string $title Optional. WordPress login Page title to display in the `<title>` element.
* Default 'Log In'.
* @param string $message Optional. Message to display in header. Default empty.
* @param WPError $wperror Optional. The error to pass. Default empty.
*/
function loginheader( $title = 'Log In', $message = '', $wperror = '' ) {
global $error, $interim_login, $action;

// Don't index any of these forms
add_action( 'login_head', 'wp_no_robots' );

if ( wp_is_mobile() )
add_action( 'login_head', 'wp_login_viewport_meta' );

if ( empty($wp_error) )
$wp_error = new WP_Error();

// Shake it!
$shake_error_codes = array( 'empty_password', 'empty_email', 'invalid_email', 'invalidcombo', 'empty_username', 'invalid_username', 'incorrect_password' );
/**
* Filter the error codes array for shaking the login form.
*
* @since 3.0.0
*
* @param array $shake_error_codes Error codes that shake the login form.
*/
$shake_error_codes = apply_filters( 'shake_error_codes', $shake_error_codes );

if ( $shake_error_codes && $wp_error->get_error_code() && in_array( $wp_error->get_error_code(), $shake_error_codes ) )
add_action( 'login_head', 'wp_shake_js', 12 );

?><!DOCTYPE html>
<!--[if IE 8]>
<html xmlns="http://www.w3.org/1999/xhtml" class="ie8" <?php language_attributes(); ?>>
<![endif]-->
<!--[if !(IE 8) ]><!-->
<html xmlns="http://www.w3.org/1999/xhtml" <?php language_attributes(); ?>>
<!--<![endif]-->
<head>
<meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php bloginfo('charset'); ?>" />
<title><?php bloginfo('name'); ?> &rsaquo; <?php echo $title; ?></title>
<?php

wp_admin_css( 'login', true );

/*
* Remove all stored post data on logging out.
* This could be added by add_action('login_head'...) like wp_shake_js(),
* but maybe better if it's not removable by plugins
*/
if ( 'loggedout' == $wp_error->get_error_code() ) {
?>
<script>if("sessionStorage" in window){try{for(var key in sessionStorage){if(key.indexOf("wp-autosave-")!=-1){sessionStorage.removeItem(key)}}}catch(e){}};</script>
<?php
}

/**
* Enqueue scripts and styles for the login page.
*
* @since 3.1.0
*/
doaction( 'loginenqueue_scripts' );
/**
* Fires in the login page header after scripts are enqueued.
*
* @since 2.1.0
*/
doaction( 'loginhead' );

if ( is_multisite() ) {
$login_header_url = network_home_url();
$login_header_title = get_current_site()->site_name;
} else {
$login_header_url = __( 'https://wordpress.org/' );
$login_header_title = __( 'Powered by WordPress' );
}

/**
* Filter link URL of the header logo above login form.
*
* @since 2.1.0
*
* @param string $loginheaderurl Login header logo URL.
*/
$loginheaderurl = applyfilters( 'loginheaderurl', $loginheaderurl );
/**
* Filter the title attribute of the header logo above login form.
*
* @since 2.1.0
*
* @param string $loginheadertitle Login header logo title attribute.
*/
$loginheadertitle = applyfilters( 'loginheadertitle', $loginheadertitle );

$classes = array( 'login-action-' . $action, 'wp-core-ui' );
if ( wpismobile() )
$classes[] = 'mobile';
if ( is_rtl() )
$classes[] = 'rtl';
if ( $interim_login ) {
$classes[] = 'interim-login';
?>
<style type="text/css">html{background-color: transparent;}</style>
<?php

if ( 'success' === $interim_login )
$classes[] = 'interim-login-success';
}
$classes[] =' locale-' . sanitizehtmlclass( strtolower( strreplace( '', '-', get_locale() ) ) );

/**
* Filter the login page body classes.
*
* @since 3.5.0
*
* @param array $classes An array of body classes.
* @param string $action The action that brought the visitor to the login page.
*/
$classes = applyfilters( 'loginbody_class', $classes, $action );

?>
</head>
<body class="login <?php echo esc_attr( implode( ' ', $classes ) ); ?>">
<div id="login">
<h1><a href="<?php echo escurl( $loginheaderurl ); ?>" title="<?php echo escattr( $loginheadertitle ); ?>" tabindex="-1"><?php bloginfo( 'name' ); ?></a></h1>
<?php

unset( $loginheaderurl, $loginheadertitle );

/**
* Filter the message to display above the login form.
*
* @since 2.1.0
*
* @param string $message Login message text.
*/
$message = applyfilters( 'loginmessage', $message );
if ( !empty( $message ) )
echo $message . "\n";

// In case a plugin uses $error rather than the $wp_errors object
if ( !empty( $error ) ) {
$wp_error->add('error', $error);
unset($error);
}

if ( $wperror->geterror_code() ) {
$errors = '';
$messages = '';
foreach ( $wp_error->get_error_codes() as $code ) {
$severity = $wp_error->get_error_data( $code );
foreach ( $wp_error->get_error_messages( $code ) as $error_message ) {
if ( 'message' == $severity )
$messages .= ' ' . $error_message . "<br />\n";
else
$errors .= ' ' . $error_message . "<br />\n";
}
}
if ( ! empty( $errors ) ) {
/**
* Filter the error messages displayed above the login form.
*
* @since 2.1.0
*
* @param string $errors Login error message.
*/
echo '<div id="login_error">' . apply_filters( 'login_errors', $errors ) . "</div>\n";
}
if ( ! empty( $messages ) ) {
/**
* Filter instructional messages displayed above the login form.
*
* @since 2.5.0
*
* @param string $messages Login messages.
*/
echo '<p class="message">' . apply_filters( 'login_messages', $messages ) . "</p>\n";
}
}
} // End of login_header()

/**
* Outputs the footer for the login page.
*
* @param string $input_id Which input to auto-focus
*/
function loginfooter($inputid = '') {
global $interim_login;

// Don't allow interim logins to navigate away from the page.
if ( ! $interim_login ): ?>
<p id="backtoblog"><a href="<?php echo esc_url( home_url( '/' ) ); ?>" title="<?php esc_attr_e( 'Are you lost?' ); ?>"><?php printf( __( '&larr; Back to %s' ), get_bloginfo( 'title', 'display' ) ); ?></a></p>
<?php endif; ?>

</div>

<?php if ( !empty($input_id) ) : ?>
<script type="text/javascript">
try{document.getElementById('<?php echo $input_id; ?>').focus();}catch(e){}
if(typeof wpOnload=='function')wpOnload();
</script>
<?php endif; ?>

<?php
/**
* Fires in the login page footer.
*
* @since 3.1.0
*/
doaction( 'loginfooter' ); ?>
<div class="clear"></div>
</body>
</html>
<?php
}

/**
* @since 3.0.0
*/
function wpshakejs() {
if ( wp_is_mobile() )
return;
?>
<script type="text/javascript">
addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}};
function s(id,pos){g(id).left=pos+'px';}
function g(id){return document.getElementById(id).style;}
function shake(id,a,d){c=a.shift();s(id,c);if(a.length>0){setTimeout(function(){shake(id,a,d);},d);}else{try{g(id).position='static';wp_attempt_focus();}catch(e){}}}
addLoadEvent(function(){ var p=new Array(15,30,15,0,-15,-30,-15,0);p=p.concat(p.concat(p));var i=document.forms[0].id;g(i).position='relative';shake(i,p,20);});
</script>
<?php
}

/**
* @since 3.7.0
*/
function wploginviewport_meta() {
?>
<meta name="viewport" content="width=device-width" />
<?php
}

/**
* Handles sending password retrieval email to user.
*
* @global wpdb $wpdb WordPress database abstraction object.
* @global PasswordHash $wp_hasher Portable PHP password hashing framework.
*
* @return bool|WPError True: when finish. WPError on error
*/
function retrieve_password() {
global $wpdb, $wp_hasher;

$errors = new WP_Error();

if ( empty( $_POST['user_login'] ) ) {
$errors->add('empty_username', __('<strong>ERROR</strong>: Enter a username or e-mail address.'));
} elseif ( strpos( $_POST'user_login', '@' ) ) {
$user_data = get_user_by( 'email', trim( $_POST['user_login'] ) );
if ( empty( $user_data ) )
$errors->add('invalid_email', __('<strong>ERROR</strong>: There is no user registered with that email address.'));
} else {
$login = trim($_POST['user_login']);
$user_data = get_user_by('login', $login);
}

/**
* Fires before errors are returned from a password reset request.
*
* @since 2.1.0
*/
doaction( 'lostpasswordpost' );

if ( $errors->geterrorcode() )
return $errors;

if ( !$user_data ) {
$errors->add('invalidcombo', __('<strong>ERROR</strong>: Invalid username or e-mail.'));
return $errors;
}

// Redefining user_login ensures we return the right case in the email.
$userlogin = $userdata->user_login;
$useremail = $userdata->user_email;

/**
* Fires before a new password is retrieved.
*
* @since 1.5.0
* @deprecated 1.5.1 Misspelled. Use 'retrieve_password' hook instead.
*
* @param string $user_login The user login name.
*/
doaction( 'retreivepassword', $user_login );

/**
* Fires before a new password is retrieved.
*
* @since 1.5.1
*
* @param string $user_login The user login name.
*/
doaction( 'retrievepassword', $user_login );

/**
* Filter whether to allow a password to be reset.
*
* @since 2.7.0
*
* @param bool true Whether to allow the password