Changeset 9224
- Timestamp:
- 10/23/2019 06:09:31 AM (5 years ago)
- Location:
- sites/trunk
- Files:
-
- 9 edited
- 1 copied
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/common/includes/wporg-sso/wp-plugin.php
r9182 r9224 20 20 'checkemail' => '/checkemail', 21 21 'loggedout' => '/loggedout', 22 'lostpassword' => '/lostpassword', 22 'lostpassword' => '/lostpassword(/(?P<user>[^/]+))?', 23 'linkexpired' => '/linkexpired(/(?P<reason>register|lostpassword)/(?P<user>[^/]+))?', 23 24 'oauth' => '/oauth', 24 25 ); … … 154 155 155 156 // Primary registration route. 156 $this->valid_sso_paths['register'] = '/register ';157 $this->valid_sso_paths['register'] = '/register(/(?P<user>[^/]+))?'; 157 158 } 158 159 -
sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/js/registration.js
r4952 r9224 36 36 } ); 37 37 } ); 38 39 // If the form has data in it upon load, immediately trigger the validation. 40 if ( $loginForm.find('#user_login').val() ) { 41 $loginForm.find('#user_login').blur(); 42 } 38 43 } ); 39 44 } )( jQuery ); -
sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/linkexpired.php
r9223 r9224 1 1 <?php 2 2 /** 3 * The logged outTemplate3 * The expired link Template 4 4 * 5 5 * @package wporg-login 6 6 */ 7 7 8 $reason = WP_WPOrg_SSO::$matched_route_params['reason'] ?? false; 9 $user = WP_WPOrg_SSO::$matched_route_params['user'] ?? false; 10 8 11 get_header(); 9 12 ?> 10 13 11 <p class="center"><?php _e( 'You are now logged out.', 'wporg' ); ?></p> 14 <h2 class="center"><?php _e( 'Link Expired', 'wporg' ); ?></h2> 15 16 <p class="center"><?php _e( "The link you've followed has expired.", 'wporg' ); ?></p> 17 18 <?php 19 if ( 'register' == $reason && $user ) { 20 echo '<p class="center"><a href="' . esc_url( home_url( '/register/' . urlencode( $user ) ) ) . '">' . 21 sprintf( 22 /* translators: %s: An account name. */ 23 __( 'Start over, and register %s.', 'wporg' ), 24 '<code>' . esc_html( $register_user ) . '</code>' 25 ) . 26 '</a></p>'; 27 } elseif ( 'lostpassword' == $reason && $user ) { 28 echo '<p class="center"><a href="' . esc_url( home_url( '/lostpassword/' . urlencode( $user ) ) ) . '">' . 29 __( 'Reset your password.', 'wporg' ) . 30 '</a></p>'; 31 } 32 ?> 12 33 13 34 <p id="nav"> -
sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/lostpassword.php
r6660 r9224 5 5 * @package wporg-login 6 6 */ 7 8 $user = WP_WPOrg_SSO::$matched_route_params['user'] ?? false; 7 9 8 10 get_header(); … … 13 15 <p> 14 16 <label for="user_login"><?php _e( 'Username or Email', 'wporg' ); ?> 15 <input type="text" name="user_login" id="user_login" value=" " size="20"></label>17 <input type="text" name="user_login" id="user_login" value="<?php echo esc_attr( $user ); ?>" size="20"></label> 16 18 </p> 17 19 <input type="hidden" name="redirect_to" value="/checkemail/"> -
sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/pending-create.php
r9167 r9224 11 11 $pending_user = wporg_get_pending_user( $activation_user ); 12 12 if ( ! $pending_user ) { 13 // TODO: add a handler for "Link is expired". The pending user record has been purged.14 // See Line 33 below for the second case where this is needed.13 wp_safe_redirect( home_url( '/linkexpired/register/' . urlencode( $activation_user ) ) ); 14 exit; 15 15 } 16 16 17 17 $can_access = false; 18 18 if ( $pending_user && $pending_user['user_activation_key'] && ! $pending_user['created'] ) { 19 $expiration_duration = WEEK_IN_SECONDS; // Time that the user has to confirm the account.19 $expiration_duration = 2 * WEEK_IN_SECONDS; // Time that the user has to confirm the account. 20 20 21 21 list( $user_request_time, $hashed_activation_key ) = explode( ':', $pending_user['user_activation_key'], 2 ); … … 27 27 $can_access = true; 28 28 } elseif ( $hash_is_correct ) { 29 // TODO: Add a handler for "Link is expired". 30 // For now, ignore the expiry date on the email links. 31 // This URL is invalidated once the user is created anyway. 32 $can_access = true; 29 wp_safe_redirect( home_url( '/linkexpired/register/' . urlencode( $activation_user ) ) ); 30 exit; 33 31 } 34 32 } elseif ( $pending_user && $pending_user['created'] ) { -
sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/pending-profile.php
r9146 r9224 29 29 die(); 30 30 } elseif ( ! $can_access ) { 31 wp_safe_redirect( '/');31 wp_safe_redirect( home_url( '/linkexpired/' ) ); 32 32 die(); 33 33 } -
sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/register-confirm.php
r9082 r9224 1 1 <?php 2 2 /** 3 * The post-register profile-fields Template3 * An old registration flow template, just redirects to a expired link template now. 4 4 * 5 5 * @package wporg-login 6 6 */ 7 7 8 // 'register-confirm' => '/register/confirm/(?P<confirm_user>[^/]+)/(?P<confirm_key>[^/]+)', 8 $confirm_user = isset( WP_WPOrg_SSO::$matched_route_params['confirm_user'] ) ? WP_WPOrg_SSO::$matched_route_params['confirm_user'] : false; 9 9 10 $confirm_user = isset( WP_WPOrg_SSO::$matched_route_params['confirm_user'] ) ? WP_WPOrg_SSO::$matched_route_params['confirm_user'] : false; 11 $confirm_key = isset( WP_WPOrg_SSO::$matched_route_params['confirm_key'] ) ? WP_WPOrg_SSO::$matched_route_params['confirm_key'] : false; 12 13 $can_access = true; 14 if ( 15 $confirm_user && $confirm_key && 16 ( $user = get_user_by( 'login', $confirm_user ) ) && 17 $user->exists() 18 ) { 19 wp_set_current_user( $user->ID ); 20 21 $user_activation_key = $user->user_activation_key; 22 if ( ! $user_activation_key ) { 23 // The activation key may not be in the cached user object, so we'll fetch it manually. 24 $user_activation_key = $wpdb->get_var( $wpdb->prepare( "SELECT user_activation_key FROM {$wpdb->users} WHERE ID = %d", $user->ID ) ); 25 } 26 27 list( $reset_time, $hashed_activation_key ) = explode( ':', $user_activation_key, 2 ); 28 29 if ( empty( $wp_hasher ) ) { 30 require_once ABSPATH . WPINC . '/class-phpass.php'; 31 $wp_hasher = new PasswordHash( 8, true ); 32 } 33 $can_access = $wp_hasher->CheckPassword( $confirm_key, $hashed_activation_key ); 34 35 // Keys are only valid for 7 days (or until used) 36 $can_access = $can_access && ( $reset_time + ( 7*DAY_IN_SECONDS ) > time() ); 37 } 38 39 if ( ! $can_access ) { 40 wp_set_current_user( 0 ); 41 wp_safe_redirect( "/" ); 42 die(); 43 } elseif ( !empty( $_POST['user_pass'] ) ) { 44 $user_pass = wp_unslash( $_POST['user_pass'] ); 45 46 wporg_login_save_profile_fields(); 47 48 add_filter( 'send_password_change_email', '__return_false' ); 49 if ( wp_update_user( wp_slash( array( 50 'ID' => $user->ID, 51 'user_pass' => $user_pass, 52 ) ) ) ) { 53 $wpdb->update( $wpdb->users, array( 'user_activation_key' => '' ), array( 'ID' => $user->ID ) ); 54 wp_set_auth_cookie( $user->ID, true ); 55 wp_safe_redirect( 'https://wordpress.org/support/' ); 56 die(); 57 } 58 } 59 60 wp_enqueue_script( 'zxcvbn' ); 61 wp_enqueue_script( 'user-profile' ); 62 wp_enqueue_script( 'wporg-registration' ); 63 64 get_header(); 65 ?> 66 67 <p class="intro"> 68 <?php _e( 'Set your password and complete your WordPress.org Profile information.', 'wporg' ); ?> 69 </p> 70 71 <form name="registerform" id="registerform" action="" method="post"> 72 73 <div class="user-pass1-wrap"> 74 <p> 75 <label for="pass1"><?php _e( 'Password', 'wporg' ); ?></label> 76 </p> 77 78 <div class="wp-pwd"> 79 <span class="password-input-wrapper"> 80 <input type="password" data-reveal="1" data-pw="<?php echo esc_attr( wp_generate_password( 16 ) ); ?>" name="user_pass" id="pass1" class="input" size="20" value="" autocomplete="off" aria-describedby="pass-strength-result" /> 81 </span> 82 <div id="pass-strength-result" class="hide-if-no-js" aria-live="polite"><?php _e( 'Strength indicator', 'wporg' ); ?></div> 83 </div> 84 </div> 85 86 <!-- <p class="description indicator-hint"><?php _e( 'Hint: The password should be at least twelve characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).', 'wporg' ); ?></p> --> 87 88 <?php include __DIR__ . '/partials/register-profilefields.php'; ?> 89 90 <p class="login-submit"> 91 <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary" value="<?php esc_attr_e( 'Create Account', 'wporg' ); ?>" /> 92 </p> 93 94 </form> 95 96 <p id="nav"> 97 <a href="https://wordpress.org/"><?php _e( 'WordPress.org', 'wporg' ); ?></a> 98 </p> 99 100 <?php get_footer(); 10 wp_safe_redirect( home_url( '/linkexpired/lostpassword/' . urlencode( $confirm_user ) ) ); 11 exit; -
sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/register-profile.php
r6493 r9224 1 1 <?php 2 2 /** 3 * The post-register profile-fields Template3 * An old registration flow template, just redirects to a expired link template now. 4 4 * 5 5 * @package wporg-login … … 7 7 8 8 $profile_user = isset( WP_WPOrg_SSO::$matched_route_params['profile_user'] ) ? WP_WPOrg_SSO::$matched_route_params['profile_user'] : false; 9 $profile_nonce = isset( WP_WPOrg_SSO::$matched_route_params['profile_nonce'] ) ? WP_WPOrg_SSO::$matched_route_params['profile_nonce'] : false;10 9 11 $can_access = false; 12 if ( 13 $profile_user && $profile_nonce && 14 ( $user = get_user_by( 'login', $profile_user ) ) && 15 $user->exists() 16 ) { 17 wp_set_current_user( $user->ID ); 18 $can_access = wp_verify_nonce( $profile_nonce, 'login-register-profile-edit' ); 19 } 20 21 if ( ! $can_access ) { 22 wp_set_current_user( 0 ); 23 wp_safe_redirect( '/' ); 24 die(); 25 } 26 27 wporg_login_save_profile_fields(); 28 29 wp_enqueue_script( 'wporg-registration' ); 30 31 get_header(); 32 ?> 33 <div class="message info"> 34 <p><?php 35 printf( 36 /* translators: %s Email address */ 37 __( 'Please check your email %s for a confirmation link to set your password.', 'wporg' ), 38 '<code>' . esc_html( wp_get_current_user()->user_email ) . '</code>' 39 ); 40 ?></p> 41 </div> 42 43 <p class="intro"> 44 <?php _e( 'Complete your WordPress.org Profile information.', 'wporg' ); ?> 45 </p> 46 47 <form name="registerform" id="registerform" action="" method="post"> 48 49 <?php include __DIR__ . '/partials/register-profilefields.php'; ?> 50 51 <p class="login-submit"> 52 <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary" value="<?php esc_attr_e( 'Save Profile Information', 'wporg' ); ?>" /> 53 </p> 54 55 </form> 56 57 <p id="nav"> 58 <a href="https://wordpress.org/"><?php _e( 'WordPress.org', 'wporg' ); ?></a> 59 </p> 60 61 <?php get_footer(); ?> 10 wp_safe_redirect( home_url( '/linkexpired/lostpassword/' . urlencode( $profile_user ) ) ); 11 exit; -
sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/register.php
r9167 r9224 7 7 8 8 $user_login = isset( $_POST['user_login'] ) ? wp_unslash( $_POST['user_login'] ) : ''; 9 if ( ! $user_login && !empty( WP_WPOrg_SSO::$matched_route_params['user'] ) ) { 10 $user_login = WP_WPOrg_SSO::$matched_route_params['user']; 11 } 9 12 $user_email = isset( $_POST['user_email'] ) ? wp_unslash( $_POST['user_email'] ) : ''; 10 13 $user_mailinglist = isset( $_POST['user_mailinglist'] ) && 'true' == $_POST['user_mailinglist']; -
sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/stylesheets/login.css
r9153 r9224 346 346 body.route-register-confirm #login form p, 347 347 body.route-pending-profile #login form p, 348 body.route-pending-create #login form p { 348 body.route-pending-create #login form p, 349 body.route-linkexpired h2, 350 body.route-linkexpired p { 349 351 margin-bottom: 16px; 350 352 } … … 379 381 body.route-register-confirm #login .message, 380 382 body.route-pending-profile #login .message, 381 body.route-pending-create #login .message { 383 body.route-pending-create #login .message, 384 body.route-linkexpired #login .message { 382 385 margin-left: -24px; 383 386 padding-left: 24px; … … 390 393 body.route-register-confirm #login .message p, 391 394 body.route-pending-profile #login .message p, 392 body.route-pending-create #login .message p { 395 body.route-pending-create #login .message p, 396 body.route-linkexpired #login .message p { 393 397 margin: 0; 394 398 } … … 411 415 body.route-register-confirm #login .message.error, 412 416 body.route-pending-profile #login .message.error, 413 body.route-pending-create #login .message.error { 417 body.route-pending-create #login .message.error, 418 body.route-linkexpired #login .message.error { 414 419 margin-bottom: 30px !important; 415 420 color: #23282d; … … 428 433 body.rtl.route-register-confirm #login .message.error, 429 434 body.rtl.route-pending-profile #login .message.error, 430 body.rtl.route-pending-create #login .message.error { 435 body.rtl.route-pending-create #login .message.error, 436 body.rtl.route-linkexpired #login .message.error { 431 437 border-right-color: #dc3232; 432 438 }
Note: See TracChangeset
for help on using the changeset viewer.