Server IP : 162.213.251.208 / Your IP : 3.15.147.65 Web Server : LiteSpeed System : Linux business55.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64 User : jmoroovq ( 1890) PHP Version : 7.4.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /home/jmoroovq/expressmedicalbillingservices.com/wp-content/plugins/bdthemes-element-pack/modules/user-login/ |
Upload File : |
<?php namespace ElementPack\Modules\UserLogin; use ElementPack\Base\Element_Pack_Module_Base; if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly class Module extends Element_Pack_Module_Base { protected $fb_app_id; protected $fb_app_secret; protected $go_client_id; public function get_name() { return 'user-login'; } public function get_widgets() { $widgets = [ 'User_Login', ]; return $widgets; } /** * Constructor. */ public function __construct() { parent::__construct(); $options = get_option( 'element_pack_api_settings' ); $this->fb_app_id = (isset($options['facebook_app_id']) && !empty($options['facebook_app_id']))? sanitize_text_field($options['facebook_app_id']): ''; $this->fb_app_secret = (isset($options['facebook_app_secret']) && !empty($options['facebook_app_secret']))? sanitize_text_field($options['facebook_app_secret']): ''; $this->go_client_id = (isset($options['google_client_id']) && !empty($options['google_client_id']))? sanitize_text_field($options['google_client_id']): ''; add_action( 'wp_ajax_element_pack_social_facebook_login', array( $this, 'get_facebook_data' ) ); add_action( 'wp_ajax_nopriv_element_pack_social_facebook_login', array( $this, 'get_facebook_data' ) ); add_action( 'wp_ajax_element_pack_social_google_login', array( $this, 'get_google_data' ) ); add_action( 'wp_ajax_nopriv_element_pack_social_google_login', array( $this, 'get_google_data' ) ); add_action( 'elementor/frontend/before_register_scripts', [ $this, 'register_site_scripts' ] ); add_action( 'wp_head', array( $this, 'init_facebook' ) ); add_action( 'wp_ajax_nopriv_element_pack_ajax_login', [ $this, "element_pack_ajax_login"] ); } public function element_pack_ajax_login(){ // First check the nonce, if it fails the function will break check_ajax_referer( 'ajax-login-nonce', 'bdt-user-login-sc' ); /** Recaptcha*/ $post_id = (int) $_REQUEST['page_id']; $widget_id = (int) $_REQUEST['widget_id']; $result = $this->get_widget_settings($post_id, $widget_id); if(isset($result['show_recaptcha_checker']) && $result['show_recaptcha_checker'] == 'yes'){ $gRecaptcha = esc_textarea($_REQUEST['g-recaptcha-response']); if ( !apply_filters('element_pack_google_recaptcha_validation', $gRecaptcha ) ) { echo wp_json_encode( ['loggedin' => false, 'message'=> esc_html__('reCAPTCHA is invalid!', 'bdthemes-element-pack') ] ); exit; } } // Nonce is checked, get the POST data and sign user on $access_info = []; $access_info['user_login'] = !empty($_POST['user_login'])? sanitize_text_field($_POST['user_login']) : ""; $access_info['user_password'] = !empty($_POST['user_password'])? sanitize_text_field($_POST['user_password']) : ""; $access_info['remember'] = !empty($_POST['rememberme'])? true : false; $user_signon = wp_signon( $access_info, false ); if ( !is_wp_error($user_signon) ){ echo wp_json_encode( ['loggedin' => true, 'message'=> esc_html__('Login successful, Redirecting...', 'bdthemes-element-pack')] ); } else { echo wp_json_encode( ['loggedin' => false, 'message'=> esc_html__('Oops! Wrong username or password!', 'bdthemes-element-pack')] ); } die(); } public function register_site_scripts(){ wp_register_script( 'ep-google-login', 'https://apis.google.com/js/api:client.js', ['jquery'], null, true ); } public function init_facebook(){ if(strlen($this->fb_app_id) > 10 && !is_user_logged_in()): ?> <script> window.fbAsyncInit = function() { FB.init({ appId : '<?php echo $this->fb_app_id ?>', autoLogAppEvents : true, xfbml : true, version : 'v5.0' }); }; (function(d, s, id){ var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) {return;} js = d.createElement(s); js.id = id; js.src = "https://connect.facebook.net/en_US/sdk.js"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk')); </script> <?php endif; } /** * Get Google Form Data via AJAX call. * return void */ public function get_google_data() { $data = array(); $response = array(); $user_data = array(); $result = ''; if ( isset($_POST['id_token']) ) { $id_token = filter_input( INPUT_POST, 'id_token', FILTER_SANITIZE_STRING ); $google_client_id = $this->go_client_id; $googleUserdata = $this->verify_google_data( $id_token, $google_client_id ); $name = isset( $googleUserdata['name'] ) ? sanitize_text_field($googleUserdata['name']) : ''; $email = isset( $googleUserdata['email'] ) ? sanitize_email($googleUserdata['email']) : ''; $should_send_email = apply_filters('elementor_pack_send_mail_create_user',0); // Check if email is verified with Google. if ( empty( $googleUserdata ) || ( $googleUserdata['aud'] !== $google_client_id ) || ( isset( $googleUserdata['email'] ) && $googleUserdata['email'] !== $email ) ) { wp_send_json_error( array( 'error' => esc_attr_x( 'Unauthorized access', 'User Login and Register', 'bdthemes-element-pack' ), ) ); } $user_data = get_user_by( 'email', $email ); $response['username'] = $name; if ( ! empty( $user_data ) && false !== $user_data ) { $user_ID = $user_data->ID; $user_email = $user_data->user_email; wp_set_auth_cookie( $user_ID ); wp_set_current_user( $user_ID, $name ); do_action( 'wp_login', $user_data->user_login, $user_data ); $response['success'] = true; } else { $password = wp_generate_password( 12, true, false ); if ( username_exists( $name ) ) { // Generate something unique to append to the username in case of a conflict with another user. $suffix = '-' . zeroise( wp_rand( 0, 9999 ), 4 ); $name .= $suffix; $user_array = array( 'user_login' => strtolower( preg_replace( '/\s+/', '', $name ) ), 'user_pass' => $password, 'user_email' => $email, 'first_name' => $googleUserdata['name'], ); $user_array = apply_filters('elementor_pack_user_login_insert_user',$user_array); $result = wp_insert_user( $user_array ); } else { $user_array = array( 'user_login' => strtolower( $name ), 'user_pass' => $password, 'user_email' => $email, 'first_name' => $googleUserdata['name'], ); $user_array = apply_filters('elementor_pack_user_login_insert_user',$user_array); $result = wp_insert_user( $user_array ); } if ( 1 == $should_send_email ) { $this->send_created_user_email( $result, $should_send_email ); } $user_data = get_user_by( 'email', $email ); if ( $user_data ) { $user_ID = $user_data->ID; $user_email = $user_data->user_email; $user_meta = array( 'provider' => 'google', ); update_user_meta( $user_ID, 'ep_login_form', $user_meta ); if ( wp_check_password( $password, $user_data->user_pass, $user_data->ID ) ) { wp_set_auth_cookie( $user_ID ); wp_set_current_user( $user_ID, $name ); do_action( 'wp_login', $user_data->user_login, $user_data ); $response['success'] = true; } } } echo wp_send_json( $response ); } else { die; } } /** * Get access token info. */ public function verify_google_data( $id_token, $uae_google_client_id ) { require_once BDTEP_MODULES_PATH . 'user-login/vendor/autoload.php'; // Get $id_token via HTTPS POST. $client = new \Google_Client( array( 'client_id' => $uae_google_client_id ) ); //PHPCS:ignore:PHPCompatibility.PHP.ShortArray.Found $verified_data = $client->verifyIdToken($id_token); if ( $verified_data ) { return $verified_data; } else { wp_send_json_error( array( 'error' => esc_attr_x( 'Unauthorized access', 'User Login and Register', 'bdthemes-element-pack' ), ) ); } } public function get_facebook_data() { $data = array(); $response = array(); $user_data = array(); $result = ''; if ( isset( $_POST['data'] ) ) { $data = $_POST['data']; $fb_user_id = filter_input( INPUT_POST, 'userID', FILTER_SANITIZE_STRING ); $access_token = filter_input( INPUT_POST, 'security_string', FILTER_SANITIZE_STRING ); $fb_app_id = $this->fb_app_id; $fb_app_secret = $this->fb_app_secret; $fbUserData = $this->get_fb_user_info( $access_token, $fb_app_id, $fb_app_secret ); if ( empty( $fb_app_id ) || empty( $fb_app_secret ) || empty( $fb_user_id ) || empty( $fbUserData ) || ( $fb_user_id !== $fbUserData['data']['user_id'] ) || ( $fb_app_id !== $fbUserData['data']['app_id'] ) || ( ! $fbUserData['data']['is_valid'] ) ) { wp_send_json_error( esc_html_x('Invalid Authorized Information', 'User Login and Register', 'bdthemes-element-pack') ); } $name = sanitize_user( $data['name'] ); $first_name = sanitize_user( $data['first_name'] ); $last_name = sanitize_user( $data['last_name'] ); $should_send_email = apply_filters('elementor_pack_send_mail_create_user',0); $verified_email = $this->get_fb_user_email( $fbUserData['data']['user_id'], $access_token ); if ( isset( $data['email'] ) && is_email($data['email']) ) { if ( $data['email'] === $verified_email['email'] ) { $email = sanitize_email( $verified_email['email'] ); } else { wp_send_json_error( esc_html_x('Invalid Authorization', 'User Login and Register', 'bdthemes-element-pack') ); } } else { $email = $fbUserData['data']['user_id'] . '@facebook.com'; } $user_data = get_user_by( 'email', $email ); if ( ! empty( $user_data ) && false !== $user_data ) { $user_ID = $user_data->ID; $user_email = $user_data->user_email; wp_set_auth_cookie( $user_ID ); wp_set_current_user( $user_ID, $name ); do_action( 'wp_login', $user_data->user_login, $user_data ); $response['success'] = true; } else { $password = wp_generate_password( 12, true, false ); $facebook_array = array( 'user_login' => $name, 'user_pass' => $password, 'user_email' => $email, 'first_name' => isset( $first_name ) ? $first_name : $name, 'last_name' => $last_name, ); if ( username_exists( $name ) ) { // Generate something unique to append to the username in case of a conflict with another user. $suffix = '-' . zeroise( wp_rand( 0, 9999 ), 4 ); $name .= $suffix; $facebook_array['user_login'] = strtolower( preg_replace( '/\s+/', '', $name ) ); } $facebook_array = apply_filters('elementor_pack_user_login_insert_user',$facebook_array); $result = wp_insert_user( $facebook_array ); if ( 1 == $should_send_email ) { $this->send_created_user_email( $result, $should_send_email ); } $user_data = get_user_by( 'email', $email ); if ( $user_data ) { $user_ID = $user_data->ID; $user_email = $user_data->user_email; $user_meta = array( 'provider' => 'facebook', ); update_user_meta( $user_ID, 'ep_login_form', $user_meta ); if ( wp_check_password( $password, $user_data->user_pass, $user_data->ID ) ) { wp_set_auth_cookie( $user_ID ); wp_set_current_user( $user_ID, $name ); do_action( 'wp_login', $user_data->user_login, $user_data ); $response['success'] = true; } } } echo wp_send_json( $response ); } else { die; } } public function get_fb_user_info( $access_token, $uae_facebook_app_id, $uae_facebook_app_secret ) { $fb_url = 'https://graph.facebook.com/oauth/access_token'; $fb_url = add_query_arg( array( 'client_id' => $uae_facebook_app_id, 'client_secret' => $uae_facebook_app_secret, 'grant_type' => 'client_credentials', ), $fb_url ); $fb_response = wp_remote_get( $fb_url ); if ( is_wp_error( $fb_response ) ) { wp_send_json_error(); } $fb_app_response = json_decode( wp_remote_retrieve_body( $fb_response ), true ); $app_token = $fb_app_response['access_token']; $url = 'https://graph.facebook.com/debug_token'; $url = add_query_arg( array( 'input_token' => $access_token, 'access_token' => $app_token, ), $url ); $response = wp_remote_get( $url ); if ( is_wp_error( $response ) ) { wp_send_json_error(); } return json_decode( wp_remote_retrieve_body( $response ), true ); } /** * Function that retrieves authenticatated Facebook email. */ public function get_fb_user_email( $user_id, $access_token ) { $fb_email_url = 'https://graph.facebook.com/' . $user_id; $fb_email_url = add_query_arg( array( 'fields' => 'email', 'access_token' => $access_token, ), $fb_email_url ); $email_response = wp_remote_get( $fb_email_url ); if ( is_wp_error( $email_response ) ) { wp_send_json_error(); } return json_decode( wp_remote_retrieve_body( $email_response ), true ); } public function send_created_user_email( $result, $notify ) { do_action( 'edit_user_created_user', $result, $notify ); } }