git-svn-id: http://svn.automattic.com/wordpress/trunk@2425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
matt 2005-03-09 22:49:42 +00:00
parent 0ee45ebf10
commit 53eef6d943
4 changed files with 52 additions and 31 deletions

View File

@ -51,16 +51,20 @@ case 'update':
return false; return false;
} }
if ($_POST["pass1"] == "") { $pass1 = $_POST["pass1"];
if ($_POST["pass2"] != "") $pass2 = $_POST["pass2"];
do_action('check_passwords', array($user_login, &$pass1, &$pass2));
if ( '' == $pass1 ) {
if ( '' == $pass2 )
die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice.")); die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
$updatepassword = ""; $updatepassword = "";
} else { } else {
if ($_POST["pass2"] == "") if ('' == $pass2)
die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice.")); die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
if ($_POST["pass1"] != $_POST["pass2"]) if ( $pass1 != $pass2 )
die (__("<strong>ERROR</strong>: you typed two different passwords. Go back to correct that.")); die (__("<strong>ERROR</strong>: you typed two different passwords. Go back to correct that."));
$newuser_pass = $_POST["pass1"]; $newuser_pass = $pass1;
$updatepassword = "user_pass=MD5('$newuser_pass'), "; $updatepassword = "user_pass=MD5('$newuser_pass'), ";
wp_clearcookie(); wp_clearcookie();
wp_setcookie($user_login, $newuser_pass); wp_setcookie($user_login, $newuser_pass);
@ -69,7 +73,7 @@ case 'update':
$newuser_firstname = wp_specialchars($_POST['newuser_firstname']); $newuser_firstname = wp_specialchars($_POST['newuser_firstname']);
$newuser_lastname = wp_specialchars($_POST['newuser_lastname']); $newuser_lastname = wp_specialchars($_POST['newuser_lastname']);
$newuser_nickname = $_POST['newuser_nickname']; $newuser_nickname = $_POST['newuser_nickname'];
$newuser_nicename = sanitize_title($newuser_nickname); $newuser_nicename = sanitize_title($newuser_nickname);
$newuser_icq = wp_specialchars($_POST['newuser_icq']); $newuser_icq = wp_specialchars($_POST['newuser_icq']);
$newuser_aim = wp_specialchars($_POST['newuser_aim']); $newuser_aim = wp_specialchars($_POST['newuser_aim']);
$newuser_msn = wp_specialchars($_POST['newuser_msn']); $newuser_msn = wp_specialchars($_POST['newuser_msn']);
@ -225,12 +229,17 @@ if (isset($updated)) { ?>
<th scope="row"><?php _e('Profile:') ?></th> <th scope="row"><?php _e('Profile:') ?></th>
<td><textarea name="user_description" rows="5" id="textarea2" style="width: 99%; "><?php echo $profiledata->user_description ?></textarea></td> <td><textarea name="user_description" rows="5" id="textarea2" style="width: 99%; "><?php echo $profiledata->user_description ?></textarea></td>
</tr> </tr>
<?php
$show_password_fields = apply_filters('show_password_fields', true);
if ( $show_password_fields ) :
?>
<tr> <tr>
<th scope="row"><?php _e('New <strong>Password</strong> (Leave blank to stay the same.)') ?></th> <th scope="row"><?php _e('New <strong>Password</strong> (Leave blank to stay the same.)') ?></th>
<td><input type="password" name="pass1" size="16" value="" /> <td><input type="password" name="pass1" size="16" value="" />
<br /> <br />
<input type="password" name="pass2" size="16" value="" /></td> <input type="password" name="pass2" size="16" value="" /></td>
</tr> </tr>
<?php endif; ?>
</table> </table>
<p class="submit"> <p class="submit">
<input type="submit" value="<?php _e('Update Profile &raquo;') ?>" name="submit" /> <input type="submit" value="<?php _e('Update Profile &raquo;') ?>" name="submit" />

View File

@ -34,20 +34,24 @@ if (empty($_POST["new_nickname"])) {
return false; return false;
} }
if ($_POST['pass1'] == '') { $new_user_login = wp_specialchars($_POST['new_user_login']);
if ($_POST['pass2'] != '') $pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
do_action('check_passwords', array($new_user_login, &$pass1, &$pass2));
if ( '' == $pass1 ) {
if ( '' == $pass2 )
die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice.")); die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
$updatepassword = ''; $updatepassword = '';
} else { } else {
if ($_POST['pass2'] == "") if ( '' == $pass2)
die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice.")); die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
if ($_POST['pass1'] != $_POST['pass2']) if ( $pass1 != $pass2 )
die (__("<strong>ERROR</strong>: you typed two different passwords. Go back to correct that.")); die (__("<strong>ERROR</strong>: you typed two different passwords. Go back to correct that."));
$new_pass = $_POST["pass1"]; $new_pass = $pass1;
$updatepassword = "user_pass=MD5('$new_pass'), "; $updatepassword = "user_pass=MD5('$new_pass'), ";
} }
$new_user_login = wp_specialchars($_POST['new_user_login']);
$new_firstname = wp_specialchars($_POST['new_firstname']); $new_firstname = wp_specialchars($_POST['new_firstname']);
$new_lastname = wp_specialchars($_POST['new_lastname']); $new_lastname = wp_specialchars($_POST['new_lastname']);
$new_nickname = $_POST['new_nickname']; $new_nickname = $_POST['new_nickname'];
@ -180,12 +184,17 @@ if ($edituser->user_level >= $user_level) die( __('You do not have permission to
</select> </select>
</td> </td>
</tr> </tr>
<?php
$show_password_fields = apply_filters('show_password_fields', true);
if ( $show_password_fields ) :
?>
<tr> <tr>
<th scope="row"><?php _e('New <strong>Password</strong> (Leave blank to stay the same.)') ?></th> <th scope="row"><?php _e('New <strong>Password</strong> (Leave blank to stay the same.)') ?></th>
<td><input type="password" name="pass1" size="16" value="" /> <td><input type="password" name="pass1" size="16" value="" />
<br /> <br />
<input type="password" name="pass2" size="16" value="" /></td> <input type="password" name="pass2" size="16" value="" /></td>
</tr> </tr>
<?php endif; ?>
</table> </table>
<p class="submit"> <p class="submit">
<input type="hidden" name="action" value="update" /> <input type="hidden" name="action" value="update" />

View File

@ -33,26 +33,24 @@ case 'adduser':
$user_uri = wp_specialchars($_POST['uri']); $user_uri = wp_specialchars($_POST['uri']);
/* checking login has been typed */ /* checking login has been typed */
if ($user_login == '') { if ($user_login == '')
die (__('<strong>ERROR</strong>: Please enter a login.')); die (__('<strong>ERROR</strong>: Please enter a login.'));
}
/* checking the password has been typed twice */ /* checking the password has been typed twice */
if ($pass1 == '' || $pass2 == '') { do_action('check_passwords', array($user_login, &$pass1, &$pass2));
if ($pass1 == '' || $pass2 == '')
die (__('<strong>ERROR</strong>: Please enter your password twice.')); die (__('<strong>ERROR</strong>: Please enter your password twice.'));
}
/* checking the password has been typed twice the same */ /* checking the password has been typed twice the same */
if ($pass1 != $pass2) { if ($pass1 != $pass2)
die (__('<strong>ERROR</strong>: Please type the same password in the two password fields.')); die (__('<strong>ERROR</strong>: Please type the same password in the two password fields.'));
}
$user_nickname = $user_login; $user_nickname = $user_login;
/* checking the login isn't already used by another user */ /* checking the login isn't already used by another user */
$loginthere = $wpdb->get_var("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'"); $loginthere = $wpdb->get_var("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'");
if ($loginthere) { if ($loginthere)
die (__('<strong>ERROR</strong>: This login is already registered, please choose another one.')); die (__('<strong>ERROR</strong>: This login is already registered, please choose another one.'));
}
/* checking e-mail address */ /* checking e-mail address */
if (empty($_POST["email"])) { if (empty($_POST["email"])) {
@ -75,16 +73,14 @@ case 'adduser':
VALUES VALUES
('$user_login', MD5('$pass1'), '$user_nickname', '$user_email', '$user_ip', '$user_domain', '$user_browser', '$now', '$new_users_can_blog', 'nickname', '$user_firstname', '$user_lastname', '$user_nicename', '$user_uri')"); ('$user_login', MD5('$pass1'), '$user_nickname', '$user_email', '$user_ip', '$user_domain', '$user_browser', '$now', '$new_users_can_blog', 'nickname', '$user_firstname', '$user_lastname', '$user_nicename', '$user_uri')");
if ($result == false) { if ($result == false)
die (__('<strong>ERROR</strong>: Couldn&#8217;t register you!')); die (__('<strong>ERROR</strong>: Couldn&#8217;t register you!'));
}
$stars = ''; $stars = '';
for ($i = 0; $i < strlen($pass1); $i = $i + 1) { for ($i = 0; $i < strlen($pass1); $i = $i + 1)
$stars .= '*'; $stars .= '*';
}
$user_login = stripslashes($user_login); $user_login = stripslashes($user_login);
$message = 'New user registration on your blog ' . get_settings('blogname') . ":\r\n\r\n"; $message = 'New user registration on your blog ' . get_settings('blogname') . ":\r\n\r\n";
$message .= "Login: $user_login\r\n\r\nE-mail: $user_email"; $message .= "Login: $user_login\r\n\r\nE-mail: $user_email";
@ -308,12 +304,17 @@ echo "\n<tr $style>
<th scope="row"><?php _e('Website') ?></th> <th scope="row"><?php _e('Website') ?></th>
<td><input name="uri" type="text" id="uri" /></td> <td><input name="uri" type="text" id="uri" /></td>
</tr> </tr>
<?php
$show_password_fields = apply_filters('show_password_fields', true);
if ( $show_password_fields ) :
?>
<tr> <tr>
<th scope="row"><?php _e('Password (twice)') ?> </th> <th scope="row"><?php _e('Password (twice)') ?> </th>
<td><input name="pass1" type="password" id="pass1" /> <td><input name="pass1" type="password" id="pass1" />
<br /> <br />
<input name="pass2" type="password" id="pass2" /></td> <input name="pass2" type="password" id="pass2" /></td>
</tr> </tr>
<?php endif; ?>
</table> </table>
<p class="submit"> <p class="submit">
<input name="adduser" type="submit" id="adduser" value="<?php _e('Add User') ?> &raquo;" /> <input name="adduser" type="submit" id="adduser" value="<?php _e('Add User') ?> &raquo;" />

View File

@ -33,8 +33,8 @@ case 'logout':
break; break;
case 'lostpassword': case 'lostpassword':
do_action('lost_password');
?> ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <html xmlns="http://www.w3.org/1999/xhtml">
<head> <head>
@ -95,6 +95,8 @@ case 'retrievepassword':
if (!$user_email || $user_email != $_POST['email']) if (!$user_email || $user_email != $_POST['email'])
die(sprintf(__('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong username or e-mail address? <a href="%s">Try again</a>.'), 'wp-login.php?action=lostpassword')); die(sprintf(__('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong username or e-mail address? <a href="%s">Try again</a>.'), 'wp-login.php?action=lostpassword'));
do_action('retreive_password', $user_login);
// Generate something random for a password... md5'ing current time with a rand salt // Generate something random for a password... md5'ing current time with a rand salt
$key = substr( md5( uniqid( microtime() ) ), 0, 50); $key = substr( md5( uniqid( microtime() ) ), 0, 50);
// now insert the new pass md5'd into the db // now insert the new pass md5'd into the db
@ -106,8 +108,6 @@ case 'retrievepassword':
$m = wp_mail($user_email, sprintf(__("[%s] Password Reset"), get_settings('blogname')), $message); $m = wp_mail($user_email, sprintf(__("[%s] Password Reset"), get_settings('blogname')), $message);
do_action('retreive_password', $user_login);
if ($m == false) { if ($m == false) {
echo '<p>' . __('The e-mail could not be sent.') . "<br />\n"; echo '<p>' . __('The e-mail could not be sent.') . "<br />\n";
echo __('Possible reason: your host may have disabled the mail() function...') . "</p>"; echo __('Possible reason: your host may have disabled the mail() function...') . "</p>";
@ -128,6 +128,8 @@ case 'resetpass' :
if ( !$user ) if ( !$user )
die( __('Sorry, that key does not appear to be valid.') ); die( __('Sorry, that key does not appear to be valid.') );
do_action('password_reset');
$new_pass = substr( md5( uniqid( microtime() ) ), 0, 7); $new_pass = substr( md5( uniqid( microtime() ) ), 0, 7);
$wpdb->query("UPDATE $wpdb->users SET user_pass = MD5('$new_pass'), user_activation_key = '' WHERE user_login = '$user->user_login'"); $wpdb->query("UPDATE $wpdb->users SET user_pass = MD5('$new_pass'), user_activation_key = '' WHERE user_login = '$user->user_login'");
$message = __('Login') . ": $user->user_login\r\n"; $message = __('Login') . ": $user->user_login\r\n";
@ -136,8 +138,6 @@ case 'resetpass' :
$m = wp_mail($user->user_email, sprintf(__("[%s] Your new password"), get_settings('blogname')), $message); $m = wp_mail($user->user_email, sprintf(__("[%s] Your new password"), get_settings('blogname')), $message);
do_action('password_reset');
if ($m == false) { if ($m == false) {
echo '<p>' . __('The e-mail could not be sent.') . "<br />\n"; echo '<p>' . __('The e-mail could not be sent.') . "<br />\n";
echo __('Possible reason: your host may have disabled the mail() function...') . "</p>"; echo __('Possible reason: your host may have disabled the mail() function...') . "</p>";
@ -172,6 +172,8 @@ default:
} }
} }
do_action('wp_authenticate', array(&$user_login, &$user_pass));
if ($user_login && $user_pass) { if ($user_login && $user_pass) {
$user = get_userdatabylogin($user_login); $user = get_userdatabylogin($user_login);
if ( 0 == $user->user_level ) if ( 0 == $user->user_level )