Changeset 4470 for sites/trunk/common/includes/wporg-sso/wp-plugin.php
- Timestamp:
- 12/04/2016 05:54:55 PM (8 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/common/includes/wporg-sso/wp-plugin.php
r4413 r4470 22 22 'lostpassword' => '/lostpassword', 23 23 'oauth' => '/oauth', 24 'register-profile' => '/register/profile/(?P<profile_user>[^/]+)/(?P<profile_nonce>[^/]+)', 25 'register-confirm' => '/register/confirm/(?P<confirm_user>[^/]+)/(?P<confirm_key>[^/]+)', 26 'register' => '/register', 24 27 ); 28 29 /** 30 * Holds the route hit in `valid_sso_paths` 31 * @var bool|string 32 */ 33 static $matched_route = false; 34 35 /** 36 * Holds any matched route params. 37 * @var array 38 */ 39 static $matched_route_params = array(); 25 40 26 41 /** … … 70 85 */ 71 86 public function disable_password_reset_for_blocked_users( $allow, $user_id ) { 72 if ( ! defined( 'WPORG_SUPPORT_FORUMS_BLOGID' ) ) {87 if ( ! $allow || ! defined( 'WPORG_SUPPORT_FORUMS_BLOGID' ) ) { 73 88 return $allow; 74 89 } … … 76 91 $user = new WP_User( $user_id, '', WPORG_SUPPORT_FORUMS_BLOGID ); 77 92 $is_blocked = ! empty( $user->allcaps['bbp_blocked'] ); 93 78 94 return ! $is_blocked; 79 95 } … … 150 166 if ( ! preg_match( '!/wp-login\.php$!', $this->script ) ) { 151 167 // ... but not on its login screen. 152 if ( preg_match( '!^(' . implode( '|', $this->valid_sso_paths ) . ')([/?]{1,2}.*)?$!', $_SERVER['REQUEST_URI'] ) ) { 153 // If we're on the path of interest 154 168 self::$matched_route = false; 169 self::$matched_route_params = array(); 170 foreach ( $this->valid_sso_paths as $route => $regex ) { 171 if ( preg_match( '!^' . $regex . '(?:[/?]{1,2}.*)?$!', $_SERVER['REQUEST_URI'], $matches ) ) { 172 self::$matched_route = $route; 173 self::$matched_route_params = $matches; 174 break; 175 } 176 } 177 178 // If we're on the path of interest 179 if ( self::$matched_route ) { 155 180 // Add a custom filter others can apply (theme, etc). 156 181 add_filter( 'is_valid_wporg_sso_path' , '__return_true' ); … … 187 212 } 188 213 } 214 } elseif ( ( is_admin() && is_super_admin() ) || preg_match( '!^/wp-json(/?$|/.+)!i', $_SERVER['REQUEST_URI'] ) ) { 215 // Do nothing, allow access to wp-admin and wp-json on login.wordpress.org 189 216 } elseif ( is_user_logged_in() ) { 190 217 // Logged in catch all, before last fallback
Note: See TracChangeset
for help on using the changeset viewer.