Changeset 2322
- Timestamp:
- 01/19/2016 04:14:08 PM (8 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/common/includes/wporg-sso/wp-plugin.php
r2318 r2322 12 12 if ( class_exists( 'WPOrg_SSO' ) && ! class_exists( 'WP_WPOrg_SSO' ) ) { 13 13 class WP_WPOrg_SSO extends WPOrg_SSO { 14 /** 15 * List of valid paths on login.wordpress.org 16 * @var array 17 */ 18 public $valid_sso_paths = array( 19 '/', 20 '/checkemail', 21 '/loggedout', 22 '/lostpassword', 23 '/oauth', 24 ); 25 14 26 /** 15 27 * Constructor: add our action(s)/filter(s) … … 73 85 if ( ! preg_match( '!/wp-login\.php$!', $this->script ) ) { 74 86 // ... but not on its login screen. 75 if ( preg_match( '!^/(\?.*)?$!', $_SERVER['REQUEST_URI'] ) ) { 76 // If at host root (/) 77 if ( ! empty( $_GET['action'] ) ) { 78 // If there's an action, it's really meant for wp-login.php, redirect 79 $get = $_GET; 80 if ( in_array( $get['action'], array( 'logout', 'loggedout' ) ) ) { 81 // But make sure to show our custom screen when needed 82 $get['redirect_to'] = '/?screen=loggedout'; 87 if ( preg_match( '!^(' . implode( '|', $this->valid_sso_paths ) . ')([/?]{1,2}.*)?$!', $_SERVER['REQUEST_URI'] ) ) { 88 // If we're on the path of interest 89 90 // Add a custom filter others can apply (theme, etc). 91 add_filter( 'is_valid_wporg_sso_path' , '__return_true' ); 92 93 if ( preg_match( '!^/(\?.*)?$!', $_SERVER['REQUEST_URI'] ) ) { 94 // If at host root (/) 95 if ( ! empty( $_GET['action'] ) ) { 96 // If there's an action, it's really meant for wp-login.php, redirect 97 $get = $_GET; 98 if ( in_array( $get['action'], array( 'logout', 'loggedout' ) ) ) { 99 // But make sure to show our custom screen when needed 100 $get['redirect_to'] = '/loggedout/'; 101 } 102 $this->_safe_redirect( add_query_arg( $get, $this->sso_login_url . '/wp-login.php' ) ); 103 return; 104 } else { 105 // Else let the theme render, or redirect if logged in 106 if ( is_user_logged_in() ) { 107 $this->_redirect_to_profile(); 108 } else { 109 if ( empty( $_GET['screen'] ) ) { 110 add_filter( 'login_form_defaults', array( &$this, 'login_form_defaults' ) ); 111 } 112 } 113 return; 83 114 } 84 $this->_safe_redirect( add_query_arg( $get, $this->sso_login_url . '/wp-login.php' ) ); 85 return; 86 } else { 87 // Else let the theme render, or redirect if logged in 88 if ( is_user_logged_in() ) { 89 $this->_redirect_to_profile(); 90 } else { 91 if ( empty( $_GET['screen'] ) ) { 92 add_filter( 'login_form_defaults', array( &$this, 'login_form_defaults' ) ); 93 } 94 } 95 return; 96 } 97 } elseif ( preg_match( '!^/oauth([/?]{1}.*)?$!', $_SERVER['REQUEST_URI'] ) ) { 98 // Let the theme render for oauth paths (/oauth, /oauth/, /oauth/*, but 99 // not /notoauth or /oauthnot), or redirect if logged in 100 if ( is_user_logged_in() ) { 115 } else if ( is_user_logged_in() ) { 116 // Otherwise, redirect to the login screen. 101 117 $this->_redirect_to_profile(); 102 118 } 103 return;104 119 } elseif ( is_user_logged_in() ) { 105 120 // Logged in catch all, before last fallback … … 109 124 $this->_safe_redirect( $this->sso_login_url ); 110 125 } 111 112 126 } else { 113 127 // if on login screen, filter network_site_url to make sure our forms go to the SSO host, not wordpress.org … … 160 174 } 161 175 162 if ( ! empty( $_GET['redirect_to'] ) ) {176 if ( ! empty( $_GET['redirect_to'] ) ) { 163 177 $this->_safe_redirect( wp_unslash( $_GET['redirect_to'] ) ); 164 178 } else {
Note: See TracChangeset
for help on using the changeset viewer.