File "module.php"
Full Path: /home/fmpomerode/public_html/wp-content/plugins/bdthemes-element-pack/modules/user-login/module.php
File size: 13.03 KB
MIME-type: text/x-c++; charset=us-ascii
Charset: utf-8
<?php
namespace ElementPack\Modules\UserLogin;
use ElementPack\Base\Element_Pack_Module_Base;
if ( ! defined( 'ABSPATH' ) )
exit; // Exit if accessed directly
class Module extends Element_Pack_Module_Base {
protected $fb_app_id;
protected $fb_app_secret;
protected $go_client_id;
public function get_name() {
return 'user-login';
}
public function get_widgets() {
$widgets = [
'User_Login',
];
return $widgets;
}
/**
* Constructor.
*/
public function __construct() {
parent::__construct();
$options = get_option( 'element_pack_api_settings' );
$this->fb_app_id = ( isset( $options['facebook_app_id'] ) && ! empty( $options['facebook_app_id'] ) ) ? sanitize_text_field( $options['facebook_app_id'] ) : '';
$this->fb_app_secret = ( isset( $options['facebook_app_secret'] ) && ! empty( $options['facebook_app_secret'] ) ) ? sanitize_text_field( $options['facebook_app_secret'] ) : '';
$this->go_client_id = ( isset( $options['google_client_id'] ) && ! empty( $options['google_client_id'] ) ) ? sanitize_text_field( $options['google_client_id'] ) : '';
add_action( 'wp_ajax_element_pack_social_facebook_login', array( $this, 'get_facebook_data' ) );
add_action( 'wp_ajax_nopriv_element_pack_social_facebook_login', array( $this, 'get_facebook_data' ) );
add_action( 'wp_ajax_element_pack_social_google_login', array( $this, 'get_google_data' ) );
add_action( 'wp_ajax_nopriv_element_pack_social_google_login', array( $this, 'get_google_data' ) );
add_action( 'elementor/frontend/before_register_scripts', [ $this, 'register_site_scripts' ] );
add_action( 'wp_head', array( $this, 'init_facebook' ) );
add_action( 'wp_ajax_nopriv_element_pack_ajax_login', [ $this, "element_pack_ajax_login" ] );
}
public function element_pack_ajax_login() {
// First check the nonce, if it fails the function will break
check_ajax_referer( 'ajax-login-nonce', 'bdt-user-login-sc' );
/** Recaptcha*/
$post_id = (int) $_REQUEST['page_id'];
$widget_id = (int) $_REQUEST['widget_id'];
$result = $this->get_widget_settings( $post_id, $widget_id );
if ( isset( $result['show_recaptcha_checker'] ) && $result['show_recaptcha_checker'] == 'yes' ) {
$gRecaptcha = esc_textarea( $_REQUEST['g-recaptcha-response'] );
if ( ! apply_filters( 'element_pack_google_recaptcha_validation', $gRecaptcha ) ) {
echo wp_json_encode( [ 'loggedin' => false, 'message' => esc_html__( 'reCAPTCHA is invalid!', 'bdthemes-element-pack' ) ] );
exit;
}
}
// Nonce is checked, get the POST data and sign user on
$access_info = [];
$access_info['user_login'] = ! empty( $_POST['user_login'] ) ? sanitize_text_field( $_POST['user_login'] ) : "";
/**
* Do not sanitize password field
*/
$access_info['user_password'] = ! empty( $_POST['user_password'] ) ? $_POST['user_password'] : "";
$access_info['remember'] = ! empty( $_POST['rememberme'] ) ? true : false;
$user_signon = wp_signon( $access_info, false );
if ( ! is_wp_error( $user_signon ) ) {
echo wp_json_encode( [ 'loggedin' => true, 'message' => esc_html__( 'Login successful, Redirecting...', 'bdthemes-element-pack' ) ] );
} else {
echo wp_json_encode( [ 'loggedin' => false, 'message' => esc_html__( 'Oops! Wrong username or password!', 'bdthemes-element-pack' ) ] );
}
die();
}
public function register_site_scripts() {
wp_register_script( 'ep-google-login', 'https://apis.google.com/js/api:client.js', [ 'jquery' ], null, true );
}
public function init_facebook() {
if ( strlen( $this->fb_app_id ) > 10 && ! is_user_logged_in() ) :
?>
<script>
window.fbAsyncInit = function () {
FB.init({
appId: '<?php echo esc_html( $this->fb_app_id ) ?>',
autoLogAppEvents: true,
xfbml: true,
version: 'v5.0'
});
};
(function (d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) { return; }
js = d.createElement(s); js.id = id;
js.src = "https://connect.facebook.net/en_US/sdk.js";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));
</script>
<?php endif;
}
/**
* Get Google Form Data via AJAX call.
* return void
*/
public function get_google_data() {
$data = array();
$response = array();
$user_data = array();
$result = '';
if ( isset( $_POST['id_token'] ) ) {
$id_token = filter_input( INPUT_POST, 'id_token', FILTER_SANITIZE_STRING );
$google_client_id = $this->go_client_id;
$googleUserdata = $this->verify_google_data( $id_token, $google_client_id );
$name = isset( $googleUserdata['name'] ) ? sanitize_text_field( $googleUserdata['name'] ) : '';
$email = isset( $googleUserdata['email'] ) ? sanitize_email( $googleUserdata['email'] ) : '';
$should_send_email = apply_filters( 'elementor_pack_send_mail_create_user', 0 );
// Check if email is verified with Google.
if ( empty( $googleUserdata ) || ( $googleUserdata['aud'] !== $google_client_id ) || ( isset( $googleUserdata['email'] ) && $googleUserdata['email'] !== $email ) ) {
wp_send_json_error(
array(
'error' => esc_attr_x( 'Unauthorized access', 'User Login and Register', 'bdthemes-element-pack' ),
)
);
}
$user_data = get_user_by( 'email', $email );
$response['username'] = $name;
if ( ! empty( $user_data ) && false !== $user_data ) {
$user_ID = $user_data->ID;
$user_email = $user_data->user_email;
wp_set_auth_cookie( $user_ID );
wp_set_current_user( $user_ID, $name );
do_action( 'wp_login', $user_data->user_login, $user_data );
$response['success'] = true;
} else {
$password = wp_generate_password( 12, true, false );
if ( username_exists( $name ) ) {
// Generate something unique to append to the username in case of a conflict with another user.
$suffix = '-' . zeroise( wp_rand( 0, 9999 ), 4 );
$name .= $suffix;
$user_array = array(
'user_login' => strtolower( preg_replace( '/\s+/', '', $name ) ),
'user_pass' => $password,
'user_email' => $email,
'first_name' => $googleUserdata['name'],
);
$user_array = apply_filters( 'elementor_pack_user_login_insert_user', $user_array );
$result = wp_insert_user( $user_array );
} else {
$user_array = array(
'user_login' => strtolower( $name ),
'user_pass' => $password,
'user_email' => $email,
'first_name' => $googleUserdata['name'],
);
$user_array = apply_filters( 'elementor_pack_user_login_insert_user', $user_array );
$result = wp_insert_user( $user_array );
}
if ( 1 == $should_send_email ) {
$this->send_created_user_email( $result, $should_send_email );
}
$user_data = get_user_by( 'email', $email );
if ( $user_data ) {
$user_ID = $user_data->ID;
$user_email = $user_data->user_email;
$user_meta = array(
'provider' => 'google',
);
update_user_meta( $user_ID, 'ep_login_form', $user_meta );
if ( wp_check_password( $password, $user_data->user_pass, $user_data->ID ) ) {
wp_set_auth_cookie( $user_ID );
wp_set_current_user( $user_ID, $name );
do_action( 'wp_login', $user_data->user_login, $user_data );
$response['success'] = true;
}
}
}
echo wp_json_encode( $response, true );
} else {
die;
}
}
/**
* Get access token info.
*/
public function verify_google_data( $id_token, $uae_google_client_id ) {
require_once BDTEP_MODULES_PATH . 'user-login/vendor/autoload.php';
// Get $id_token via HTTPS POST.
$client = new \Google_Client( array( 'client_id' => $uae_google_client_id ) ); //PHPCS:ignore:PHPCompatibility.PHP.ShortArray.Found
$verified_data = $client->verifyIdToken( $id_token );
if ( $verified_data ) {
return $verified_data;
} else {
wp_send_json_error(
array(
'error' => esc_attr_x( 'Unauthorized access', 'User Login and Register', 'bdthemes-element-pack' ),
)
);
}
}
public function get_facebook_data() {
$data = array();
$response = array();
$user_data = array();
$result = '';
if ( isset( $_POST['data'] ) ) {
$data = $_POST['data'];
$fb_user_id = filter_input( INPUT_POST, 'userID', FILTER_SANITIZE_STRING );
$access_token = filter_input( INPUT_POST, 'security_string', FILTER_SANITIZE_STRING );
$fb_app_id = $this->fb_app_id;
$fb_app_secret = $this->fb_app_secret;
$fbUserData = $this->get_fb_user_info( $access_token, $fb_app_id, $fb_app_secret );
if ( empty( $fb_app_id ) || empty( $fb_app_secret ) || empty( $fb_user_id ) || empty( $fbUserData )
|| ( $fb_user_id !== $fbUserData['data']['user_id'] ) || ( $fb_app_id !== $fbUserData['data']['app_id'] )
|| ( ! $fbUserData['data']['is_valid'] ) ) {
wp_send_json_error( esc_html_x( 'Invalid Authorized Information', 'User Login and Register', 'bdthemes-element-pack' ) );
}
$name = sanitize_user( $data['name'] );
$first_name = sanitize_user( $data['first_name'] );
$last_name = sanitize_user( $data['last_name'] );
$should_send_email = apply_filters( 'elementor_pack_send_mail_create_user', 0 );
$verified_email = $this->get_fb_user_email( $fbUserData['data']['user_id'], $access_token );
if ( isset( $data['email'] ) && is_email( $data['email'] ) ) {
if ( $data['email'] === $verified_email['email'] ) {
$email = sanitize_email( $verified_email['email'] );
} else {
wp_send_json_error( esc_html_x( 'Invalid Authorization', 'User Login and Register', 'bdthemes-element-pack' ) );
}
} else {
$email = $fbUserData['data']['user_id'] . '@facebook.com';
}
$user_data = get_user_by( 'email', $email );
if ( ! empty( $user_data ) && false !== $user_data ) {
$user_ID = $user_data->ID;
$user_email = $user_data->user_email;
wp_set_auth_cookie( $user_ID );
wp_set_current_user( $user_ID, $name );
do_action( 'wp_login', $user_data->user_login, $user_data );
$response['success'] = true;
} else {
$password = wp_generate_password( 12, true, false );
$facebook_array = array(
'user_login' => $name,
'user_pass' => $password,
'user_email' => $email,
'first_name' => isset( $first_name ) ? $first_name : $name,
'last_name' => $last_name,
);
if ( username_exists( $name ) ) {
// Generate something unique to append to the username in case of a conflict with another user.
$suffix = '-' . zeroise( wp_rand( 0, 9999 ), 4 );
$name .= $suffix;
$facebook_array['user_login'] = strtolower( preg_replace( '/\s+/', '', $name ) );
}
$facebook_array = apply_filters( 'elementor_pack_user_login_insert_user', $facebook_array );
$result = wp_insert_user( $facebook_array );
if ( 1 == $should_send_email ) {
$this->send_created_user_email( $result, $should_send_email );
}
$user_data = get_user_by( 'email', $email );
if ( $user_data ) {
$user_ID = $user_data->ID;
$user_email = $user_data->user_email;
$user_meta = array(
'provider' => 'facebook',
);
update_user_meta( $user_ID, 'ep_login_form', $user_meta );
if ( wp_check_password( $password, $user_data->user_pass, $user_data->ID ) ) {
wp_set_auth_cookie( $user_ID );
wp_set_current_user( $user_ID, $name );
do_action( 'wp_login', $user_data->user_login, $user_data );
$response['success'] = true;
}
}
}
echo wp_json_encode( $response, true );
} else {
die;
}
}
public function get_fb_user_info( $access_token, $uae_facebook_app_id, $uae_facebook_app_secret ) {
$fb_url = 'https://graph.facebook.com/oauth/access_token';
$fb_url = add_query_arg(
array(
'client_id' => $uae_facebook_app_id,
'client_secret' => $uae_facebook_app_secret,
'grant_type' => 'client_credentials',
),
$fb_url
);
$fb_response = wp_remote_get( $fb_url );
if ( is_wp_error( $fb_response ) ) {
wp_send_json_error();
}
$fb_app_response = json_decode( wp_remote_retrieve_body( $fb_response ), true );
$app_token = $fb_app_response['access_token'];
$url = 'https://graph.facebook.com/debug_token';
$url = add_query_arg(
array(
'input_token' => $access_token,
'access_token' => $app_token,
),
$url
);
$response = wp_remote_get( $url );
if ( is_wp_error( $response ) ) {
wp_send_json_error();
}
return json_decode( wp_remote_retrieve_body( $response ), true );
}
/**
* Function that retrieves authenticatated Facebook email.
*/
public function get_fb_user_email( $user_id, $access_token ) {
$fb_email_url = 'https://graph.facebook.com/' . $user_id;
$fb_email_url = add_query_arg(
array(
'fields' => 'email',
'access_token' => $access_token,
),
$fb_email_url
);
$email_response = wp_remote_get( $fb_email_url );
if ( is_wp_error( $email_response ) ) {
wp_send_json_error();
}
return json_decode( wp_remote_retrieve_body( $email_response ), true );
}
public function send_created_user_email( $result, $notify ) {
do_action( 'edit_user_created_user', $result, $notify );
}
}