mp-wp_genesis 1 <?php
mp-wp_genesis 2 /**
mp-wp_genesis 3 * These functions can be replaced via plugins. If plugins do not redefine these
mp-wp_genesis 4 * functions, then these will be used instead.
mp-wp_genesis 5 *
mp-wp_genesis 6 * @package WordPress
mp-wp_genesis 7 */
mp-wp_genesis 8
mp-wp_genesis 9 if ( !function_exists('set_current_user') ) :
mp-wp_genesis 10 /**
mp-wp_genesis 11 * Changes the current user by ID or name.
mp-wp_genesis 12 *
mp-wp_genesis 13 * Set $id to null and specify a name if you do not know a user's ID.
mp-wp_genesis 14 *
mp-wp_genesis 15 * @since 2.0.1
mp-wp_genesis 16 * @see wp_set_current_user() An alias of wp_set_current_user()
mp-wp_genesis 17 *
mp-wp_genesis 18 * @param int|null $id User ID.
mp-wp_genesis 19 * @param string $name Optional. The user's username
mp-wp_genesis 20 * @return object returns wp_set_current_user()
mp-wp_genesis 21 */
mp-wp_genesis 22 function set_current_user($id, $name = '') {
mp-wp_genesis 23 return wp_set_current_user($id, $name);
mp-wp_genesis 24 }
mp-wp_genesis 25 endif;
mp-wp_genesis 26
mp-wp_genesis 27 if ( !function_exists('wp_set_current_user') ) :
mp-wp_genesis 28 /**
mp-wp_genesis 29 * Changes the current user by ID or name.
mp-wp_genesis 30 *
mp-wp_genesis 31 * Set $id to null and specify a name if you do not know a user's ID.
mp-wp_genesis 32 *
mp-wp_genesis 33 * Some WordPress functionality is based on the current user and not based on
mp-wp_genesis 34 * the signed in user. Therefore, it opens the ability to edit and perform
mp-wp_genesis 35 * actions on users who aren't signed in.
mp-wp_genesis 36 *
mp-wp_genesis 37 * @since 2.0.4
mp-wp_genesis 38 * @global object $current_user The current user object which holds the user data.
mp-wp_genesis 39 * @uses do_action() Calls 'set_current_user' hook after setting the current user.
mp-wp_genesis 40 *
mp-wp_genesis 41 * @param int $id User ID
mp-wp_genesis 42 * @param string $name User's username
mp-wp_genesis 43 * @return WP_User Current user User object
mp-wp_genesis 44 */
mp-wp_genesis 45 function wp_set_current_user($id, $name = '') {
mp-wp_genesis 46 global $current_user;
mp-wp_genesis 47
mp-wp_genesis 48 if ( isset($current_user) && ($id == $current_user->ID) )
mp-wp_genesis 49 return $current_user;
mp-wp_genesis 50
mp-wp_genesis 51 $current_user = new WP_User($id, $name);
mp-wp_genesis 52
mp-wp_genesis 53 setup_userdata($current_user->ID);
mp-wp_genesis 54
mp-wp_genesis 55 do_action('set_current_user');
mp-wp_genesis 56
mp-wp_genesis 57 return $current_user;
mp-wp_genesis 58 }
mp-wp_genesis 59 endif;
mp-wp_genesis 60
mp-wp_genesis 61 if ( !function_exists('wp_get_current_user') ) :
mp-wp_genesis 62 /**
mp-wp_genesis 63 * Retrieve the current user object.
mp-wp_genesis 64 *
mp-wp_genesis 65 * @since 2.0.4
mp-wp_genesis 66 *
mp-wp_genesis 67 * @return WP_User Current user WP_User object
mp-wp_genesis 68 */
mp-wp_genesis 69 function wp_get_current_user() {
mp-wp_genesis 70 global $current_user;
mp-wp_genesis 71
mp-wp_genesis 72 get_currentuserinfo();
mp-wp_genesis 73
mp-wp_genesis 74 return $current_user;
mp-wp_genesis 75 }
mp-wp_genesis 76 endif;
mp-wp_genesis 77
mp-wp_genesis 78 if ( !function_exists('get_currentuserinfo') ) :
mp-wp_genesis 79 /**
mp-wp_genesis 80 * Populate global variables with information about the currently logged in user.
mp-wp_genesis 81 *
mp-wp_genesis 82 * Will set the current user, if the current user is not set. The current user
mp-wp_genesis 83 * will be set to the logged in person. If no user is logged in, then it will
mp-wp_genesis 84 * set the current user to 0, which is invalid and won't have any permissions.
mp-wp_genesis 85 *
mp-wp_genesis 86 * @since 0.71
mp-wp_genesis 87 * @uses $current_user Checks if the current user is set
mp-wp_genesis 88 * @uses wp_validate_auth_cookie() Retrieves current logged in user.
mp-wp_genesis 89 *
mp-wp_genesis 90 * @return bool|null False on XMLRPC Request and invalid auth cookie. Null when current user set
mp-wp_genesis 91 */
mp-wp_genesis 92 function get_currentuserinfo() {
mp-wp_genesis 93 global $current_user;
mp-wp_genesis 94
mp-wp_genesis 95 if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
mp-wp_genesis 96 return false;
mp-wp_genesis 97
mp-wp_genesis 98 if ( ! empty($current_user) )
mp-wp_genesis 99 return;
mp-wp_genesis 100
mp-wp_genesis 101 if ( ! $user = wp_validate_auth_cookie() ) {
mp-wp_genesis 102 if ( empty($_COOKIE[LOGGED_IN_COOKIE]) || !$user = wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in') ) {
mp-wp_genesis 103 wp_set_current_user(0);
mp-wp_genesis 104 return false;
mp-wp_genesis 105 }
mp-wp_genesis 106 }
mp-wp_genesis 107
mp-wp_genesis 108 wp_set_current_user($user);
mp-wp_genesis 109 }
mp-wp_genesis 110 endif;
mp-wp_genesis 111
mp-wp_genesis 112 if ( !function_exists('get_userdata') ) :
mp-wp_genesis 113 /**
mp-wp_genesis 114 * Retrieve user info by user ID.
mp-wp_genesis 115 *
mp-wp_genesis 116 * @since 0.71
mp-wp_genesis 117 *
mp-wp_genesis 118 * @param int $user_id User ID
mp-wp_genesis 119 * @return bool|object False on failure, User DB row object
mp-wp_genesis 120 */
mp-wp_genesis 121 function get_userdata( $user_id ) {
mp-wp_genesis 122 global $wpdb;
mp-wp_genesis 123
mp-wp_genesis 124 $user_id = absint($user_id);
mp-wp_genesis 125 if ( $user_id == 0 )
mp-wp_genesis 126 return false;
mp-wp_genesis 127
mp-wp_genesis 128 $user = wp_cache_get($user_id, 'users');
mp-wp_genesis 129
mp-wp_genesis 130 if ( $user )
mp-wp_genesis 131 return $user;
mp-wp_genesis 132
mp-wp_genesis 133 if ( !$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE ID = %d LIMIT 1", $user_id)) )
mp-wp_genesis 134 return false;
mp-wp_genesis 135
mp-wp_genesis 136 _fill_user($user);
mp-wp_genesis 137
mp-wp_genesis 138 return $user;
mp-wp_genesis 139 }
mp-wp_genesis 140 endif;
mp-wp_genesis 141
mp-wp_genesis 142 if ( !function_exists('update_user_cache') ) :
mp-wp_genesis 143 /**
mp-wp_genesis 144 * Updates a users cache when overridden by a plugin.
mp-wp_genesis 145 *
mp-wp_genesis 146 * Core function does nothing.
mp-wp_genesis 147 *
mp-wp_genesis 148 * @since 1.5
mp-wp_genesis 149 *
mp-wp_genesis 150 * @return bool Only returns true
mp-wp_genesis 151 */
mp-wp_genesis 152 function update_user_cache() {
mp-wp_genesis 153 return true;
mp-wp_genesis 154 }
mp-wp_genesis 155 endif;
mp-wp_genesis 156
mp-wp_genesis 157 if ( !function_exists('get_userdatabylogin') ) :
mp-wp_genesis 158 /**
mp-wp_genesis 159 * Retrieve user info by login name.
mp-wp_genesis 160 *
mp-wp_genesis 161 * @since 0.71
mp-wp_genesis 162 *
mp-wp_genesis 163 * @param string $user_login User's username
mp-wp_genesis 164 * @return bool|object False on failure, User DB row object
mp-wp_genesis 165 */
mp-wp_genesis 166 function get_userdatabylogin($user_login) {
mp-wp_genesis 167 global $wpdb;
mp-wp_genesis 168 $user_login = sanitize_user( $user_login );
mp-wp_genesis 169
mp-wp_genesis 170 if ( empty( $user_login ) )
mp-wp_genesis 171 return false;
mp-wp_genesis 172
mp-wp_genesis 173 $user_id = wp_cache_get($user_login, 'userlogins');
mp-wp_genesis 174
mp-wp_genesis 175 $user = false;
mp-wp_genesis 176 if ( false !== $user_id )
mp-wp_genesis 177 $user = wp_cache_get($user_id, 'users');
mp-wp_genesis 178
mp-wp_genesis 179 if ( false !== $user )
mp-wp_genesis 180 return $user;
mp-wp_genesis 181
mp-wp_genesis 182 if ( !$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_login = %s", $user_login)) )
mp-wp_genesis 183 return false;
mp-wp_genesis 184
mp-wp_genesis 185 _fill_user($user);
mp-wp_genesis 186
mp-wp_genesis 187 return $user;
mp-wp_genesis 188 }
mp-wp_genesis 189 endif;
mp-wp_genesis 190
mp-wp_genesis 191 if ( !function_exists('get_user_by_email') ) :
mp-wp_genesis 192 /**
mp-wp_genesis 193 * Retrieve user info by email.
mp-wp_genesis 194 *
mp-wp_genesis 195 * @since 2.5
mp-wp_genesis 196 *
mp-wp_genesis 197 * @param string $email User's email address
mp-wp_genesis 198 * @return bool|object False on failure, User DB row object
mp-wp_genesis 199 */
mp-wp_genesis 200 function get_user_by_email($email) {
mp-wp_genesis 201 global $wpdb;
mp-wp_genesis 202
mp-wp_genesis 203 $user_id = wp_cache_get($email, 'useremail');
mp-wp_genesis 204
mp-wp_genesis 205 $user = false;
mp-wp_genesis 206 if ( false !== $user_id )
mp-wp_genesis 207 $user = wp_cache_get($user_id, 'users');
mp-wp_genesis 208
mp-wp_genesis 209 if ( false !== $user )
mp-wp_genesis 210 return $user;
mp-wp_genesis 211
mp-wp_genesis 212 if ( !$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE user_email = %s", $email)) )
mp-wp_genesis 213 return false;
mp-wp_genesis 214
mp-wp_genesis 215 _fill_user($user);
mp-wp_genesis 216
mp-wp_genesis 217 return $user;
mp-wp_genesis 218 }
mp-wp_genesis 219 endif;
mp-wp_genesis 220
mp-wp_genesis 221 if ( !function_exists( 'wp_mail' ) ) :
mp-wp_genesis 222 /**
mp-wp_genesis 223 * Send mail, similar to PHP's mail
mp-wp_genesis 224 *
mp-wp_genesis 225 * A true return value does not automatically mean that the user received the
mp-wp_genesis 226 * email successfully. It just only means that the method used was able to
mp-wp_genesis 227 * process the request without any errors.
mp-wp_genesis 228 *
mp-wp_genesis 229 * Using the two 'wp_mail_from' and 'wp_mail_from_name' hooks allow from
mp-wp_genesis 230 * creating a from address like 'Name <email@address.com>' when both are set. If
mp-wp_genesis 231 * just 'wp_mail_from' is set, then just the email address will be used with no
mp-wp_genesis 232 * name.
mp-wp_genesis 233 *
mp-wp_genesis 234 * The default content type is 'text/plain' which does not allow using HTML.
mp-wp_genesis 235 * However, you can set the content type of the email by using the
mp-wp_genesis 236 * 'wp_mail_content_type' filter.
mp-wp_genesis 237 *
mp-wp_genesis 238 * The default charset is based on the charset used on the blog. The charset can
mp-wp_genesis 239 * be set using the 'wp_mail_charset' filter.
mp-wp_genesis 240 *
mp-wp_genesis 241 * @since 1.2.1
mp-wp_genesis 242 * @uses apply_filters() Calls 'wp_mail' hook on an array of all of the parameters.
mp-wp_genesis 243 * @uses apply_filters() Calls 'wp_mail_from' hook to get the from email address.
mp-wp_genesis 244 * @uses apply_filters() Calls 'wp_mail_from_name' hook to get the from address name.
mp-wp_genesis 245 * @uses apply_filters() Calls 'wp_mail_content_type' hook to get the email content type.
mp-wp_genesis 246 * @uses apply_filters() Calls 'wp_mail_charset' hook to get the email charset
mp-wp_genesis 247 * @uses do_action_ref_array() Calls 'phpmailer_init' hook on the reference to
mp-wp_genesis 248 * phpmailer object.
mp-wp_genesis 249 * @uses PHPMailer
mp-wp_genesis 250 * @
mp-wp_genesis 251 *
mp-wp_genesis 252 * @param string $to Email address to send message
mp-wp_genesis 253 * @param string $subject Email subject
mp-wp_genesis 254 * @param string $message Message contents
mp-wp_genesis 255 * @param string|array $headers Optional. Additional headers.
mp-wp_genesis 256 * @param string|array $attachments Optional. Files to attach.
mp-wp_genesis 257 * @return bool Whether the email contents were sent successfully.
mp-wp_genesis 258 */
mp-wp_genesis 259 function wp_mail( $to, $subject, $message, $headers = '', $attachments = array() ) {
mp-wp_genesis 260 // Compact the input, apply the filters, and extract them back out
mp-wp_genesis 261 extract( apply_filters( 'wp_mail', compact( 'to', 'subject', 'message', 'headers', 'attachments' ) ) );
mp-wp_genesis 262
mp-wp_genesis 263 if ( !is_array($attachments) )
mp-wp_genesis 264 $attachments = explode( "\n", $attachments );
mp-wp_genesis 265
mp-wp_genesis 266 global $phpmailer;
mp-wp_genesis 267
mp-wp_genesis 268 // (Re)create it, if it's gone missing
mp-wp_genesis 269 if ( !is_object( $phpmailer ) || !is_a( $phpmailer, 'PHPMailer' ) ) {
mp-wp_genesis 270 require_once ABSPATH . WPINC . '/class-phpmailer.php';
mp-wp_genesis 271 require_once ABSPATH . WPINC . '/class-smtp.php';
mp-wp_genesis 272 $phpmailer = new PHPMailer();
mp-wp_genesis 273 }
mp-wp_genesis 274
mp-wp_genesis 275 // Headers
mp-wp_genesis 276 if ( empty( $headers ) ) {
mp-wp_genesis 277 $headers = array();
mp-wp_genesis 278 } elseif ( !is_array( $headers ) ) {
mp-wp_genesis 279 // Explode the headers out, so this function can take both
mp-wp_genesis 280 // string headers and an array of headers.
mp-wp_genesis 281 $tempheaders = (array) explode( "\n", $headers );
mp-wp_genesis 282 $headers = array();
mp-wp_genesis 283
mp-wp_genesis 284 // If it's actually got contents
mp-wp_genesis 285 if ( !empty( $tempheaders ) ) {
mp-wp_genesis 286 // Iterate through the raw headers
mp-wp_genesis 287 foreach ( (array) $tempheaders as $header ) {
mp-wp_genesis 288 if ( strpos($header, ':') === false )
mp-wp_genesis 289 continue;
mp-wp_genesis 290 // Explode them out
mp-wp_genesis 291 list( $name, $content ) = explode( ':', trim( $header ), 2 );
mp-wp_genesis 292
mp-wp_genesis 293 // Cleanup crew
mp-wp_genesis 294 $name = trim( $name );
mp-wp_genesis 295 $content = trim( $content );
mp-wp_genesis 296
mp-wp_genesis 297 // Mainly for legacy -- process a From: header if it's there
mp-wp_genesis 298 if ( 'from' == strtolower($name) ) {
mp-wp_genesis 299 if ( strpos($content, '<' ) !== false ) {
mp-wp_genesis 300 // So... making my life hard again?
mp-wp_genesis 301 $from_name = substr( $content, 0, strpos( $content, '<' ) - 1 );
mp-wp_genesis 302 $from_name = str_replace( '"', '', $from_name );
mp-wp_genesis 303 $from_name = trim( $from_name );
mp-wp_genesis 304
mp-wp_genesis 305 $from_email = substr( $content, strpos( $content, '<' ) + 1 );
mp-wp_genesis 306 $from_email = str_replace( '>', '', $from_email );
mp-wp_genesis 307 $from_email = trim( $from_email );
mp-wp_genesis 308 } else {
mp-wp_genesis 309 $from_name = trim( $content );
mp-wp_genesis 310 }
mp-wp_genesis 311 } elseif ( 'content-type' == strtolower($name) ) {
mp-wp_genesis 312 if ( strpos( $content,';' ) !== false ) {
mp-wp_genesis 313 list( $type, $charset ) = explode( ';', $content );
mp-wp_genesis 314 $content_type = trim( $type );
mp-wp_genesis 315 $charset = trim( str_replace( array( 'charset=', '"' ), '', $charset ) );
mp-wp_genesis 316 } else {
mp-wp_genesis 317 $content_type = trim( $content );
mp-wp_genesis 318 }
mp-wp_genesis 319 } elseif ( 'cc' == strtolower($name) ) {
mp-wp_genesis 320 $cc = explode(",", $content);
mp-wp_genesis 321 } elseif ( 'bcc' == strtolower($name) ) {
mp-wp_genesis 322 $bcc = explode(",", $content);
mp-wp_genesis 323 } else {
mp-wp_genesis 324 // Add it to our grand headers array
mp-wp_genesis 325 $headers[trim( $name )] = trim( $content );
mp-wp_genesis 326 }
mp-wp_genesis 327 }
mp-wp_genesis 328 }
mp-wp_genesis 329 }
mp-wp_genesis 330
mp-wp_genesis 331 // Empty out the values that may be set
mp-wp_genesis 332 $phpmailer->ClearAddresses();
mp-wp_genesis 333 $phpmailer->ClearAllRecipients();
mp-wp_genesis 334 $phpmailer->ClearAttachments();
mp-wp_genesis 335 $phpmailer->ClearBCCs();
mp-wp_genesis 336 $phpmailer->ClearCCs();
mp-wp_genesis 337 $phpmailer->ClearCustomHeaders();
mp-wp_genesis 338 $phpmailer->ClearReplyTos();
mp-wp_genesis 339
mp-wp_genesis 340 // From email and name
mp-wp_genesis 341 // If we don't have a name from the input headers
mp-wp_genesis 342 if ( !isset( $from_name ) ) {
mp-wp_genesis 343 $from_name = 'WordPress';
mp-wp_genesis 344 }
mp-wp_genesis 345
mp-wp_genesis 346 // If we don't have an email from the input headers
mp-wp_genesis 347 if ( !isset( $from_email ) ) {
mp-wp_genesis 348 // Get the site domain and get rid of www.
mp-wp_genesis 349 $sitename = strtolower( $_SERVER['SERVER_NAME'] );
mp-wp_genesis 350 if ( substr( $sitename, 0, 4 ) == 'www.' ) {
mp-wp_genesis 351 $sitename = substr( $sitename, 4 );
mp-wp_genesis 352 }
mp-wp_genesis 353
mp-wp_genesis 354 $from_email = 'wordpress@' . $sitename;
mp-wp_genesis 355 }
mp-wp_genesis 356
mp-wp_genesis 357 // Set the from name and email
mp-wp_genesis 358 $phpmailer->From = apply_filters( 'wp_mail_from', $from_email );
mp-wp_genesis 359 $phpmailer->FromName = apply_filters( 'wp_mail_from_name', $from_name );
mp-wp_genesis 360
mp-wp_genesis 361 // Set destination address
mp-wp_genesis 362 $phpmailer->AddAddress( $to );
mp-wp_genesis 363
mp-wp_genesis 364 // Set mail's subject and body
mp-wp_genesis 365 $phpmailer->Subject = $subject;
mp-wp_genesis 366 $phpmailer->Body = $message;
mp-wp_genesis 367
mp-wp_genesis 368 // Add any CC and BCC recipients
mp-wp_genesis 369 if ( !empty($cc) ) {
mp-wp_genesis 370 foreach ( (array) $cc as $recipient ) {
mp-wp_genesis 371 $phpmailer->AddCc( trim($recipient) );
mp-wp_genesis 372 }
mp-wp_genesis 373 }
mp-wp_genesis 374 if ( !empty($bcc) ) {
mp-wp_genesis 375 foreach ( (array) $bcc as $recipient) {
mp-wp_genesis 376 $phpmailer->AddBcc( trim($recipient) );
mp-wp_genesis 377 }
mp-wp_genesis 378 }
mp-wp_genesis 379
mp-wp_genesis 380 // Set to use PHP's mail()
mp-wp_genesis 381 $phpmailer->IsMail();
mp-wp_genesis 382
mp-wp_genesis 383 // Set Content-Type and charset
mp-wp_genesis 384 // If we don't have a content-type from the input headers
mp-wp_genesis 385 if ( !isset( $content_type ) ) {
mp-wp_genesis 386 $content_type = 'text/plain';
mp-wp_genesis 387 }
mp-wp_genesis 388
mp-wp_genesis 389 $content_type = apply_filters( 'wp_mail_content_type', $content_type );
mp-wp_genesis 390
mp-wp_genesis 391 // Set whether it's plaintext or not, depending on $content_type
mp-wp_genesis 392 if ( $content_type == 'text/html' ) {
mp-wp_genesis 393 $phpmailer->IsHTML( true );
mp-wp_genesis 394 } else {
mp-wp_genesis 395 $phpmailer->IsHTML( false );
mp-wp_genesis 396 }
mp-wp_genesis 397
mp-wp_genesis 398 // If we don't have a charset from the input headers
mp-wp_genesis 399 if ( !isset( $charset ) ) {
mp-wp_genesis 400 $charset = get_bloginfo( 'charset' );
mp-wp_genesis 401 }
mp-wp_genesis 402
mp-wp_genesis 403 // Set the content-type and charset
mp-wp_genesis 404 $phpmailer->CharSet = apply_filters( 'wp_mail_charset', $charset );
mp-wp_genesis 405
mp-wp_genesis 406 // Set custom headers
mp-wp_genesis 407 if ( !empty( $headers ) ) {
mp-wp_genesis 408 foreach( (array) $headers as $name => $content ) {
mp-wp_genesis 409 $phpmailer->AddCustomHeader( sprintf( '%1$s: %2$s', $name, $content ) );
mp-wp_genesis 410 }
mp-wp_genesis 411 }
mp-wp_genesis 412
mp-wp_genesis 413 if ( !empty( $attachments ) ) {
mp-wp_genesis 414 foreach ( $attachments as $attachment ) {
mp-wp_genesis 415 $phpmailer->AddAttachment($attachment);
mp-wp_genesis 416 }
mp-wp_genesis 417 }
mp-wp_genesis 418
mp-wp_genesis 419 do_action_ref_array( 'phpmailer_init', array( &$phpmailer ) );
mp-wp_genesis 420
mp-wp_genesis 421 // Send!
mp-wp_genesis 422 $result = @$phpmailer->Send();
mp-wp_genesis 423
mp-wp_genesis 424 return $result;
mp-wp_genesis 425 }
mp-wp_genesis 426 endif;
mp-wp_genesis 427
mp-wp_genesis 428 if ( !function_exists('wp_authenticate') ) :
mp-wp_genesis 429 /**
mp-wp_genesis 430 * Checks a user's login information and logs them in if it checks out.
mp-wp_genesis 431 *
mp-wp_genesis 432 * @since 2.5.0
mp-wp_genesis 433 *
mp-wp_genesis 434 * @param string $username User's username
mp-wp_genesis 435 * @param string $password User's password
mp-wp_genesis 436 * @return WP_Error|WP_User WP_User object if login successful, otherwise WP_Error object.
mp-wp_genesis 437 */
mp-wp_genesis 438 function wp_authenticate($username, $password) {
mp-wp_genesis 439 $username = sanitize_user($username);
mp-wp_genesis 440
mp-wp_genesis 441 if ( '' == $username )
mp-wp_genesis 442 return new WP_Error('empty_username', __('<strong>ERROR</strong>: The username field is empty.'));
mp-wp_genesis 443
mp-wp_genesis 444 if ( '' == $password )
mp-wp_genesis 445 return new WP_Error('empty_password', __('<strong>ERROR</strong>: The password field is empty.'));
mp-wp_genesis 446
mp-wp_genesis 447 $user = get_userdatabylogin($username);
mp-wp_genesis 448
mp-wp_genesis 449 if ( !$user || ($user->user_login != $username) ) {
mp-wp_genesis 450 do_action( 'wp_login_failed', $username );
mp-wp_genesis 451 return new WP_Error('invalid_username', __('<strong>ERROR</strong>: Invalid username.'));
mp-wp_genesis 452 }
mp-wp_genesis 453
mp-wp_genesis 454 $user = apply_filters('wp_authenticate_user', $user, $password);
mp-wp_genesis 455 if ( is_wp_error($user) ) {
mp-wp_genesis 456 do_action( 'wp_login_failed', $username );
mp-wp_genesis 457 return $user;
mp-wp_genesis 458 }
mp-wp_genesis 459
mp-wp_genesis 460 if ( !wp_check_password($password, $user->user_pass, $user->ID) ) {
mp-wp_genesis 461 do_action( 'wp_login_failed', $username );
mp-wp_genesis 462 return new WP_Error('incorrect_password', __('<strong>ERROR</strong>: Incorrect password.'));
mp-wp_genesis 463 }
mp-wp_genesis 464
mp-wp_genesis 465 return new WP_User($user->ID);
mp-wp_genesis 466 }
mp-wp_genesis 467 endif;
mp-wp_genesis 468
mp-wp_genesis 469 if ( !function_exists('wp_logout') ) :
mp-wp_genesis 470 /**
mp-wp_genesis 471 * Log the current user out.
mp-wp_genesis 472 *
mp-wp_genesis 473 * @since 2.5.0
mp-wp_genesis 474 */
mp-wp_genesis 475 function wp_logout() {
mp-wp_genesis 476 wp_clear_auth_cookie();
mp-wp_genesis 477 do_action('wp_logout');
mp-wp_genesis 478 }
mp-wp_genesis 479 endif;
mp-wp_genesis 480
mp-wp_genesis 481 if ( !function_exists('wp_validate_auth_cookie') ) :
mp-wp_genesis 482 /**
mp-wp_genesis 483 * Validates authentication cookie.
mp-wp_genesis 484 *
mp-wp_genesis 485 * The checks include making sure that the authentication cookie is set and
mp-wp_genesis 486 * pulling in the contents (if $cookie is not used).
mp-wp_genesis 487 *
mp-wp_genesis 488 * Makes sure the cookie is not expired. Verifies the hash in cookie is what is
mp-wp_genesis 489 * should be and compares the two.
mp-wp_genesis 490 *
mp-wp_genesis 491 * @since 2.5
mp-wp_genesis 492 *
mp-wp_genesis 493 * @param string $cookie Optional. If used, will validate contents instead of cookie's
mp-wp_genesis 494 * @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
mp-wp_genesis 495 * @return bool|int False if invalid cookie, User ID if valid.
mp-wp_genesis 496 */
mp-wp_genesis 497 function wp_validate_auth_cookie($cookie = '', $scheme = '') {
mp-wp_genesis 498 if ( ! $cookie_elements = wp_parse_auth_cookie($cookie, $scheme) ) {
mp-wp_genesis 499 do_action('auth_cookie_malformed', $cookie, $scheme);
mp-wp_genesis 500 return false;
mp-wp_genesis 501 }
mp-wp_genesis 502
mp-wp_genesis 503 extract($cookie_elements, EXTR_OVERWRITE);
mp-wp_genesis 504
mp-wp_genesis 505 $expired = $expiration;
mp-wp_genesis 506
mp-wp_genesis 507 // Allow a grace period for POST and AJAX requests
mp-wp_genesis 508 if ( defined('DOING_AJAX') || 'POST' == $_SERVER['REQUEST_METHOD'] )
mp-wp_genesis 509 $expired += 3600;
mp-wp_genesis 510
mp-wp_genesis 511 // Quick check to see if an honest cookie has expired
mp-wp_genesis 512 if ( $expired < time() ) {
mp-wp_genesis 513 do_action('auth_cookie_expired', $cookie_elements);
mp-wp_genesis 514 return false;
mp-wp_genesis 515 }
mp-wp_genesis 516
mp-wp_genesis 517 $key = wp_hash($username . '|' . $expiration, $scheme);
mp-wp_genesis 518 $hash = hash_hmac('md5', $username . '|' . $expiration, $key);
mp-wp_genesis 519
mp-wp_genesis 520 if ( $hmac != $hash ) {
mp-wp_genesis 521 do_action('auth_cookie_bad_hash', $cookie_elements);
mp-wp_genesis 522 return false;
mp-wp_genesis 523 }
mp-wp_genesis 524
mp-wp_genesis 525 $user = get_userdatabylogin($username);
mp-wp_genesis 526 if ( ! $user ) {
mp-wp_genesis 527 do_action('auth_cookie_bad_username', $cookie_elements);
mp-wp_genesis 528 return false;
mp-wp_genesis 529 }
mp-wp_genesis 530
mp-wp_genesis 531 do_action('auth_cookie_valid', $cookie_elements, $user);
mp-wp_genesis 532
mp-wp_genesis 533 return $user->ID;
mp-wp_genesis 534 }
mp-wp_genesis 535 endif;
mp-wp_genesis 536
mp-wp_genesis 537 if ( !function_exists('wp_generate_auth_cookie') ) :
mp-wp_genesis 538 /**
mp-wp_genesis 539 * Generate authentication cookie contents.
mp-wp_genesis 540 *
mp-wp_genesis 541 * @since 2.5
mp-wp_genesis 542 * @uses apply_filters() Calls 'auth_cookie' hook on $cookie contents, User ID
mp-wp_genesis 543 * and expiration of cookie.
mp-wp_genesis 544 *
mp-wp_genesis 545 * @param int $user_id User ID
mp-wp_genesis 546 * @param int $expiration Cookie expiration in seconds
mp-wp_genesis 547 * @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
mp-wp_genesis 548 * @return string Authentication cookie contents
mp-wp_genesis 549 */
mp-wp_genesis 550 function wp_generate_auth_cookie($user_id, $expiration, $scheme = 'auth') {
mp-wp_genesis 551 $user = get_userdata($user_id);
mp-wp_genesis 552
mp-wp_genesis 553 $key = wp_hash($user->user_login . '|' . $expiration, $scheme);
mp-wp_genesis 554 $hash = hash_hmac('md5', $user->user_login . '|' . $expiration, $key);
mp-wp_genesis 555
mp-wp_genesis 556 $cookie = $user->user_login . '|' . $expiration . '|' . $hash;
mp-wp_genesis 557
mp-wp_genesis 558 return apply_filters('auth_cookie', $cookie, $user_id, $expiration, $scheme);
mp-wp_genesis 559 }
mp-wp_genesis 560 endif;
mp-wp_genesis 561
mp-wp_genesis 562 if ( !function_exists('wp_parse_auth_cookie') ) :
mp-wp_genesis 563 /**
mp-wp_genesis 564 * Parse a cookie into its components
mp-wp_genesis 565 *
mp-wp_genesis 566 * @since 2.7
mp-wp_genesis 567 *
mp-wp_genesis 568 * @param string $cookie
mp-wp_genesis 569 * @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
mp-wp_genesis 570 * @return array Authentication cookie components
mp-wp_genesis 571 */
mp-wp_genesis 572 function wp_parse_auth_cookie($cookie = '', $scheme = '') {
mp-wp_genesis 573 if ( empty($cookie) ) {
mp-wp_genesis 574 switch ($scheme){
mp-wp_genesis 575 case 'auth':
mp-wp_genesis 576 $cookie_name = AUTH_COOKIE;
mp-wp_genesis 577 break;
mp-wp_genesis 578 case 'secure_auth':
mp-wp_genesis 579 $cookie_name = SECURE_AUTH_COOKIE;
mp-wp_genesis 580 break;
mp-wp_genesis 581 case "logged_in":
mp-wp_genesis 582 $cookie_name = LOGGED_IN_COOKIE;
mp-wp_genesis 583 break;
mp-wp_genesis 584 default:
mp-wp_genesis 585 if ( is_ssl() ) {
mp-wp_genesis 586 $cookie_name = SECURE_AUTH_COOKIE;
mp-wp_genesis 587 $scheme = 'secure_auth';
mp-wp_genesis 588 } else {
mp-wp_genesis 589 $cookie_name = AUTH_COOKIE;
mp-wp_genesis 590 $scheme = 'auth';
mp-wp_genesis 591 }
mp-wp_genesis 592 }
mp-wp_genesis 593
mp-wp_genesis 594 if ( empty($_COOKIE[$cookie_name]) )
mp-wp_genesis 595 return false;
mp-wp_genesis 596 $cookie = $_COOKIE[$cookie_name];
mp-wp_genesis 597 }
mp-wp_genesis 598
mp-wp_genesis 599 $cookie_elements = explode('|', $cookie);
mp-wp_genesis 600 if ( count($cookie_elements) != 3 )
mp-wp_genesis 601 return false;
mp-wp_genesis 602
mp-wp_genesis 603 list($username, $expiration, $hmac) = $cookie_elements;
mp-wp_genesis 604
mp-wp_genesis 605 return compact('username', 'expiration', 'hmac', 'scheme');
mp-wp_genesis 606 }
mp-wp_genesis 607 endif;
mp-wp_genesis 608
mp-wp_genesis 609 if ( !function_exists('wp_set_auth_cookie') ) :
mp-wp_genesis 610 /**
mp-wp_genesis 611 * Sets the authentication cookies based User ID.
mp-wp_genesis 612 *
mp-wp_genesis 613 * The $remember parameter increases the time that the cookie will be kept. The
mp-wp_genesis 614 * default the cookie is kept without remembering is two days. When $remember is
mp-wp_genesis 615 * set, the cookies will be kept for 14 days or two weeks.
mp-wp_genesis 616 *
mp-wp_genesis 617 * @since 2.5
mp-wp_genesis 618 *
mp-wp_genesis 619 * @param int $user_id User ID
mp-wp_genesis 620 * @param bool $remember Whether to remember the user or not
mp-wp_genesis 621 */
mp-wp_genesis 622 function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
mp-wp_genesis 623 if ( $remember ) {
mp-wp_genesis 624 $expiration = $expire = time() + 1209600;
mp-wp_genesis 625 } else {
mp-wp_genesis 626 $expiration = time() + 172800;
mp-wp_genesis 627 $expire = 0;
mp-wp_genesis 628 }
mp-wp_genesis 629
mp-wp_genesis 630 if ( '' === $secure )
mp-wp_genesis 631 $secure = is_ssl() ? true : false;
mp-wp_genesis 632
mp-wp_genesis 633 if ( $secure ) {
mp-wp_genesis 634 $auth_cookie_name = SECURE_AUTH_COOKIE;
mp-wp_genesis 635 $scheme = 'secure_auth';
mp-wp_genesis 636 } else {
mp-wp_genesis 637 $auth_cookie_name = AUTH_COOKIE;
mp-wp_genesis 638 $scheme = 'auth';
mp-wp_genesis 639 }
mp-wp_genesis 640
mp-wp_genesis 641 $auth_cookie = wp_generate_auth_cookie($user_id, $expiration, $scheme);
mp-wp_genesis 642 $logged_in_cookie = wp_generate_auth_cookie($user_id, $expiration, 'logged_in');
mp-wp_genesis 643
mp-wp_genesis 644 do_action('set_auth_cookie', $auth_cookie, $expire, $expiration, $user_id, $scheme);
mp-wp_genesis 645 do_action('set_logged_in_cookie', $logged_in_cookie, $expire, $expiration, $user_id, 'logged_in');
mp-wp_genesis 646
mp-wp_genesis 647 // Set httponly if the php version is >= 5.2.0
mp-wp_genesis 648 if ( version_compare(phpversion(), '5.2.0', 'ge') ) {
mp-wp_genesis 649 setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN, $secure, true);
mp-wp_genesis 650 setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, $secure, true);
mp-wp_genesis 651 setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN, false, true);
mp-wp_genesis 652 if ( COOKIEPATH != SITECOOKIEPATH )
mp-wp_genesis 653 setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, false, true);
mp-wp_genesis 654 } else {
mp-wp_genesis 655 $cookie_domain = COOKIE_DOMAIN;
mp-wp_genesis 656 if ( !empty($cookie_domain) )
mp-wp_genesis 657 $cookie_domain .= '; HttpOnly';
mp-wp_genesis 658 setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, $cookie_domain, $secure);
mp-wp_genesis 659 setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, $cookie_domain, $secure);
mp-wp_genesis 660 setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, $cookie_domain);
mp-wp_genesis 661 if ( COOKIEPATH != SITECOOKIEPATH )
mp-wp_genesis 662 setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, $cookie_domain);
mp-wp_genesis 663 }
mp-wp_genesis 664 }
mp-wp_genesis 665 endif;
mp-wp_genesis 666
mp-wp_genesis 667 if ( !function_exists('wp_clear_auth_cookie') ) :
mp-wp_genesis 668 /**
mp-wp_genesis 669 * Removes all of the cookies associated with authentication.
mp-wp_genesis 670 *
mp-wp_genesis 671 * @since 2.5
mp-wp_genesis 672 */
mp-wp_genesis 673 function wp_clear_auth_cookie() {
mp-wp_genesis 674 do_action('clear_auth_cookie');
mp-wp_genesis 675
mp-wp_genesis 676 setcookie(AUTH_COOKIE, ' ', time() - 31536000, ADMIN_COOKIE_PATH, COOKIE_DOMAIN);
mp-wp_genesis 677 setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, ADMIN_COOKIE_PATH, COOKIE_DOMAIN);
mp-wp_genesis 678 setcookie(AUTH_COOKIE, ' ', time() - 31536000, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN);
mp-wp_genesis 679 setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN);
mp-wp_genesis 680 setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
mp-wp_genesis 681 setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
mp-wp_genesis 682
mp-wp_genesis 683 // Old cookies
mp-wp_genesis 684 setcookie(AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
mp-wp_genesis 685 setcookie(AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
mp-wp_genesis 686 setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
mp-wp_genesis 687 setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
mp-wp_genesis 688
mp-wp_genesis 689 // Even older cookies
mp-wp_genesis 690 setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
mp-wp_genesis 691 setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
mp-wp_genesis 692 setcookie(USER_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
mp-wp_genesis 693 setcookie(PASS_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
mp-wp_genesis 694 }
mp-wp_genesis 695 endif;
mp-wp_genesis 696
mp-wp_genesis 697 if ( !function_exists('is_user_logged_in') ) :
mp-wp_genesis 698 /**
mp-wp_genesis 699 * Checks if the current visitor is a logged in user.
mp-wp_genesis 700 *
mp-wp_genesis 701 * @since 2.0.0
mp-wp_genesis 702 *
mp-wp_genesis 703 * @return bool True if user is logged in, false if not logged in.
mp-wp_genesis 704 */
mp-wp_genesis 705 function is_user_logged_in() {
mp-wp_genesis 706 $user = wp_get_current_user();
mp-wp_genesis 707
mp-wp_genesis 708 if ( $user->id == 0 )
mp-wp_genesis 709 return false;
mp-wp_genesis 710
mp-wp_genesis 711 return true;
mp-wp_genesis 712 }
mp-wp_genesis 713 endif;
mp-wp_genesis 714
mp-wp_genesis 715 if ( !function_exists('auth_redirect') ) :
mp-wp_genesis 716 /**
mp-wp_genesis 717 * Checks if a user is logged in, if not it redirects them to the login page.
mp-wp_genesis 718 *
mp-wp_genesis 719 * @since 1.5
mp-wp_genesis 720 */
mp-wp_genesis 721 function auth_redirect() {
mp-wp_genesis 722 // Checks if a user is logged in, if not redirects them to the login page
mp-wp_genesis 723
mp-wp_genesis 724 if ( is_ssl() || force_ssl_admin() )
mp-wp_genesis 725 $secure = true;
mp-wp_genesis 726 else
mp-wp_genesis 727 $secure = false;
mp-wp_genesis 728
mp-wp_genesis 729 // If https is required and request is http, redirect
mp-wp_genesis 730 if ( $secure && !is_ssl() && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) {
mp-wp_genesis 731 if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
mp-wp_genesis 732 wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
mp-wp_genesis 733 exit();
mp-wp_genesis 734 } else {
mp-wp_genesis 735 wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
mp-wp_genesis 736 exit();
mp-wp_genesis 737 }
mp-wp_genesis 738 }
mp-wp_genesis 739
mp-wp_genesis 740 if ( $user_id = wp_validate_auth_cookie() ) {
mp-wp_genesis 741 // If the user wants ssl but the session is not ssl, redirect.
mp-wp_genesis 742 if ( !$secure && get_user_option('use_ssl', $user_id) && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) {
mp-wp_genesis 743 if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
mp-wp_genesis 744 wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
mp-wp_genesis 745 exit();
mp-wp_genesis 746 } else {
mp-wp_genesis 747 wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
mp-wp_genesis 748 exit();
mp-wp_genesis 749 }
mp-wp_genesis 750 }
mp-wp_genesis 751
mp-wp_genesis 752 return; // The cookie is good so we're done
mp-wp_genesis 753 }
mp-wp_genesis 754
mp-wp_genesis 755 // The cookie is no good so force login
mp-wp_genesis 756 nocache_headers();
mp-wp_genesis 757
mp-wp_genesis 758 if ( is_ssl() )
mp-wp_genesis 759 $proto = 'https://';
mp-wp_genesis 760 else
mp-wp_genesis 761 $proto = 'http://';
mp-wp_genesis 762
mp-wp_genesis 763 $redirect = ( strpos($_SERVER['REQUEST_URI'], '/options.php') && wp_get_referer() ) ? wp_get_referer() : $proto . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
mp-wp_genesis 764
mp-wp_genesis 765 $login_url = site_url( 'wp-login.php?redirect_to=' . urlencode( $redirect ), 'login' );
mp-wp_genesis 766
mp-wp_genesis 767 wp_redirect($login_url);
mp-wp_genesis 768 exit();
mp-wp_genesis 769 }
mp-wp_genesis 770 endif;
mp-wp_genesis 771
mp-wp_genesis 772 if ( !function_exists('check_admin_referer') ) :
mp-wp_genesis 773 /**
mp-wp_genesis 774 * Makes sure that a user was referred from another admin page.
mp-wp_genesis 775 *
mp-wp_genesis 776 * To avoid security exploits.
mp-wp_genesis 777 *
mp-wp_genesis 778 * @since 1.2.0
mp-wp_genesis 779 * @uses do_action() Calls 'check_admin_referer' on $action.
mp-wp_genesis 780 *
mp-wp_genesis 781 * @param string $action Action nonce
mp-wp_genesis 782 * @param string $query_arg where to look for nonce in $_REQUEST (since 2.5)
mp-wp_genesis 783 */
mp-wp_genesis 784 function check_admin_referer($action = -1, $query_arg = '_wpnonce') {
mp-wp_genesis 785 $adminurl = strtolower(admin_url());
mp-wp_genesis 786 $referer = strtolower(wp_get_referer());
mp-wp_genesis 787 $result = isset($_REQUEST[$query_arg]) ? wp_verify_nonce($_REQUEST[$query_arg], $action) : false;
mp-wp_genesis 788 if ( !$result && !(-1 == $action && strpos($referer, $adminurl) !== false) ) {
mp-wp_genesis 789 wp_nonce_ays($action);
mp-wp_genesis 790 die();
mp-wp_genesis 791 }
mp-wp_genesis 792 do_action('check_admin_referer', $action, $result);
mp-wp_genesis 793 return $result;
mp-wp_genesis 794 }endif;
mp-wp_genesis 795
mp-wp_genesis 796 if ( !function_exists('check_ajax_referer') ) :
mp-wp_genesis 797 /**
mp-wp_genesis 798 * Verifies the AJAX request to prevent processing requests external of the blog.
mp-wp_genesis 799 *
mp-wp_genesis 800 * @since 2.0.4
mp-wp_genesis 801 *
mp-wp_genesis 802 * @param string $action Action nonce
mp-wp_genesis 803 * @param string $query_arg where to look for nonce in $_REQUEST (since 2.5)
mp-wp_genesis 804 */
mp-wp_genesis 805 function check_ajax_referer( $action = -1, $query_arg = false, $die = true ) {
mp-wp_genesis 806 if ( $query_arg )
mp-wp_genesis 807 $nonce = $_REQUEST[$query_arg];
mp-wp_genesis 808 else
mp-wp_genesis 809 $nonce = $_REQUEST['_ajax_nonce'] ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce'];
mp-wp_genesis 810
mp-wp_genesis 811 $result = wp_verify_nonce( $nonce, $action );
mp-wp_genesis 812
mp-wp_genesis 813 if ( $die && false == $result )
mp-wp_genesis 814 die('-1');
mp-wp_genesis 815
mp-wp_genesis 816 do_action('check_ajax_referer', $action, $result);
mp-wp_genesis 817
mp-wp_genesis 818 return $result;
mp-wp_genesis 819 }
mp-wp_genesis 820 endif;
mp-wp_genesis 821
mp-wp_genesis 822 if ( !function_exists('wp_redirect') ) :
mp-wp_genesis 823 /**
mp-wp_genesis 824 * Redirects to another page, with a workaround for the IIS Set-Cookie bug.
mp-wp_genesis 825 *
mp-wp_genesis 826 * @link http://support.microsoft.com/kb/q176113/
mp-wp_genesis 827 * @since 1.5.1
mp-wp_genesis 828 * @uses apply_filters() Calls 'wp_redirect' hook on $location and $status.
mp-wp_genesis 829 *
mp-wp_genesis 830 * @param string $location The path to redirect to
mp-wp_genesis 831 * @param int $status Status code to use
mp-wp_genesis 832 * @return bool False if $location is not set
mp-wp_genesis 833 */
mp-wp_genesis 834 function wp_redirect($location, $status = 301) {
mp-wp_genesis 835 global $is_IIS;
mp-wp_genesis 836
mp-wp_genesis 837 $location = apply_filters('wp_redirect', $location, $status);
mp-wp_genesis 838 $status = apply_filters('wp_redirect_status', $status, $location);
mp-wp_genesis 839
mp-wp_genesis 840 if ( !$location ) // allows the wp_redirect filter to cancel a redirect
mp-wp_genesis 841 return false;
mp-wp_genesis 842
mp-wp_genesis 843 $location = wp_sanitize_redirect($location);
mp-wp_genesis 844
mp-wp_genesis 845 if ( $is_IIS ) {
mp-wp_genesis 846 header("Refresh: 0;url=$location");
mp-wp_genesis 847 } else {
mp-wp_genesis 848 if ( php_sapi_name() != 'cgi-fcgi' )
mp-wp_genesis 849 status_header($status); // This causes problems on IIS and some FastCGI setups
mp-wp_genesis 850 header("Location: $location");
mp-wp_genesis 851 }
mp-wp_genesis 852 }
mp-wp_genesis 853 endif;
mp-wp_genesis 854
mp-wp_genesis 855 if ( !function_exists('wp_sanitize_redirect') ) :
mp-wp_genesis 856 /**
mp-wp_genesis 857 * Sanitizes a URL for use in a redirect.
mp-wp_genesis 858 *
mp-wp_genesis 859 * @since 2.3
mp-wp_genesis 860 *
mp-wp_genesis 861 * @return string redirect-sanitized URL
mp-wp_genesis 862 **/
mp-wp_genesis 863 function wp_sanitize_redirect($location) {
mp-wp_genesis 864 $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%]|i', '', $location);
mp-wp_genesis 865 $location = wp_kses_no_null($location);
mp-wp_genesis 866
mp-wp_genesis 867 // remove %0d and %0a from location
mp-wp_genesis 868 $strip = array('%0d', '%0a');
mp-wp_genesis 869 $found = true;
mp-wp_genesis 870 while($found) {
mp-wp_genesis 871 $found = false;
mp-wp_genesis 872 foreach( (array) $strip as $val ) {
mp-wp_genesis 873 while(strpos($location, $val) !== false) {
mp-wp_genesis 874 $found = true;
mp-wp_genesis 875 $location = str_replace($val, '', $location);
mp-wp_genesis 876 }
mp-wp_genesis 877 }
mp-wp_genesis 878 }
mp-wp_genesis 879 return $location;
mp-wp_genesis 880 }
mp-wp_genesis 881 endif;
mp-wp_genesis 882
mp-wp_genesis 883 if ( !function_exists('wp_safe_redirect') ) :
mp-wp_genesis 884 /**
mp-wp_genesis 885 * Performs a safe (local) redirect, using wp_redirect().
mp-wp_genesis 886 *
mp-wp_genesis 887 * Checks whether the $location is using an allowed host, if it has an absolute
mp-wp_genesis 888 * path. A plugin can therefore set or remove allowed host(s) to or from the
mp-wp_genesis 889 * list.
mp-wp_genesis 890 *
mp-wp_genesis 891 * If the host is not allowed, then the redirect is to wp-admin on the siteurl
mp-wp_genesis 892 * instead. This prevents malicious redirects which redirect to another host,
mp-wp_genesis 893 * but only used in a few places.
mp-wp_genesis 894 *
mp-wp_genesis 895 * @since 2.3
mp-wp_genesis 896 * @uses apply_filters() Calls 'allowed_redirect_hosts' on an array containing
mp-wp_genesis 897 * WordPress host string and $location host string.
mp-wp_genesis 898 *
mp-wp_genesis 899 * @return void Does not return anything
mp-wp_genesis 900 **/
mp-wp_genesis 901 function wp_safe_redirect($location, $status = 301) {
mp-wp_genesis 902
mp-wp_genesis 903 // Need to look at the URL the way it will end up in wp_redirect()
mp-wp_genesis 904 $location = wp_sanitize_redirect($location);
mp-wp_genesis 905
mp-wp_genesis 906 // browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//'
mp-wp_genesis 907 if ( substr($location, 0, 2) == '//' )
mp-wp_genesis 908 $location = 'http:' . $location;
mp-wp_genesis 909
mp-wp_genesis 910 // In php 5 parse_url may fail if the URL query part contains http://, bug #38143
mp-wp_genesis 911 $test = ( $cut = strpos($location, '?') ) ? substr( $location, 0, $cut ) : $location;
mp-wp_genesis 912
mp-wp_genesis 913 $lp = parse_url($test);
mp-wp_genesis 914 $wpp = parse_url(get_option('home'));
mp-wp_genesis 915
mp-wp_genesis 916 $allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host']), isset($lp['host']) ? $lp['host'] : '');
mp-wp_genesis 917
mp-wp_genesis 918 if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) )
mp-wp_genesis 919 $location = admin_url();
mp-wp_genesis 920
mp-wp_genesis 921 wp_redirect($location, $status);
mp-wp_genesis 922 }
mp-wp_genesis 923 endif;
mp-wp_genesis 924
mp-wp_genesis 925 if ( ! function_exists('wp_notify_postauthor') ) :
mp-wp_genesis 926 /**
mp-wp_genesis 927 * Notify an author of a comment/trackback/pingback to one of their posts.
mp-wp_genesis 928 *
mp-wp_genesis 929 * @since 1.0.0
mp-wp_genesis 930 *
mp-wp_genesis 931 * @param int $comment_id Comment ID
mp-wp_genesis 932 * @param string $comment_type Optional. The comment type either 'comment' (default), 'trackback', or 'pingback'
mp-wp_genesis 933 * @return bool False if user email does not exist. True on completion.
mp-wp_genesis 934 */
mp-wp_genesis 935 function wp_notify_postauthor($comment_id, $comment_type='') {
mp-wp_genesis 936 $comment = get_comment($comment_id);
mp-wp_genesis 937 $post = get_post($comment->comment_post_ID);
mp-wp_genesis 938 $user = get_userdata( $post->post_author );
mp-wp_genesis 939
mp-wp_genesis 940 if ('' == $user->user_email) return false; // If there's no email to send the comment to
mp-wp_genesis 941
mp-wp_genesis 942 $comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
mp-wp_genesis 943
mp-wp_genesis 944 $blogname = get_option('blogname');
mp-wp_genesis 945
mp-wp_genesis 946 if ( empty( $comment_type ) ) $comment_type = 'comment';
mp-wp_genesis 947
mp-wp_genesis 948 if ('comment' == $comment_type) {
mp-wp_genesis 949 $notify_message = sprintf( __('New comment on your post #%1$s "%2$s"'), $comment->comment_post_ID, $post->post_title ) . "\r\n";
mp-wp_genesis 950 $notify_message .= sprintf( __('Author : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
mp-wp_genesis 951 $notify_message .= sprintf( __('E-mail : %s'), $comment->comment_author_email ) . "\r\n";
mp-wp_genesis 952 $notify_message .= sprintf( __('URL : %s'), $comment->comment_author_url ) . "\r\n";
mp-wp_genesis 953 $notify_message .= sprintf( __('Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=%s'), $comment->comment_author_IP ) . "\r\n";
mp-wp_genesis 954 $notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
mp-wp_genesis 955 $notify_message .= __('You can see all comments on this post here: ') . "\r\n";
mp-wp_genesis 956 $subject = sprintf( __('[%1$s] Comment: "%2$s"'), $blogname, $post->post_title );
mp-wp_genesis 957 } elseif ('trackback' == $comment_type) {
mp-wp_genesis 958 $notify_message = sprintf( __('New trackback on your post #%1$s "%2$s"'), $comment->comment_post_ID, $post->post_title ) . "\r\n";
mp-wp_genesis 959 $notify_message .= sprintf( __('Website: %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
mp-wp_genesis 960 $notify_message .= sprintf( __('URL : %s'), $comment->comment_author_url ) . "\r\n";
mp-wp_genesis 961 $notify_message .= __('Excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
mp-wp_genesis 962 $notify_message .= __('You can see all trackbacks on this post here: ') . "\r\n";
mp-wp_genesis 963 $subject = sprintf( __('[%1$s] Trackback: "%2$s"'), $blogname, $post->post_title );
mp-wp_genesis 964 } elseif ('pingback' == $comment_type) {
mp-wp_genesis 965 $notify_message = sprintf( __('New pingback on your post #%1$s "%2$s"'), $comment->comment_post_ID, $post->post_title ) . "\r\n";
mp-wp_genesis 966 $notify_message .= sprintf( __('Website: %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
mp-wp_genesis 967 $notify_message .= sprintf( __('URL : %s'), $comment->comment_author_url ) . "\r\n";
mp-wp_genesis 968 $notify_message .= __('Excerpt: ') . "\r\n" . sprintf('[...] %s [...]', $comment->comment_content ) . "\r\n\r\n";
mp-wp_genesis 969 $notify_message .= __('You can see all pingbacks on this post here: ') . "\r\n";
mp-wp_genesis 970 $subject = sprintf( __('[%1$s] Pingback: "%2$s"'), $blogname, $post->post_title );
mp-wp_genesis 971 }
mp-wp_genesis 972 $notify_message .= get_permalink($comment->comment_post_ID) . "#comments\r\n\r\n";
mp-wp_genesis 973 $notify_message .= sprintf( __('Delete it: %s'), admin_url("comment.php?action=cdc&c=$comment_id") ) . "\r\n";
mp-wp_genesis 974 $notify_message .= sprintf( __('Spam it: %s'), admin_url("comment.php?action=cdc&dt=spam&c=$comment_id") ) . "\r\n";
mp-wp_genesis 975
mp-wp_genesis 976 $wp_email = 'wordpress@' . preg_replace('#^www\.#', '', strtolower($_SERVER['SERVER_NAME']));
mp-wp_genesis 977
mp-wp_genesis 978 if ( '' == $comment->comment_author ) {
mp-wp_genesis 979 $from = "From: \"$blogname\" <$wp_email>";
mp-wp_genesis 980 if ( '' != $comment->comment_author_email )
mp-wp_genesis 981 $reply_to = "Reply-To: $comment->comment_author_email";
mp-wp_genesis 982 } else {
mp-wp_genesis 983 $from = "From: \"$comment->comment_author\" <$wp_email>";
mp-wp_genesis 984 if ( '' != $comment->comment_author_email )
mp-wp_genesis 985 $reply_to = "Reply-To: \"$comment->comment_author_email\" <$comment->comment_author_email>";
mp-wp_genesis 986 }
mp-wp_genesis 987
mp-wp_genesis 988 $message_headers = "$from\n"
mp-wp_genesis 989 . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n";
mp-wp_genesis 990
mp-wp_genesis 991 if ( isset($reply_to) )
mp-wp_genesis 992 $message_headers .= $reply_to . "\n";
mp-wp_genesis 993
mp-wp_genesis 994 $notify_message = apply_filters('comment_notification_text', $notify_message, $comment_id);
mp-wp_genesis 995 $subject = apply_filters('comment_notification_subject', $subject, $comment_id);
mp-wp_genesis 996 $message_headers = apply_filters('comment_notification_headers', $message_headers, $comment_id);
mp-wp_genesis 997
mp-wp_genesis 998 @wp_mail($user->user_email, $subject, $notify_message, $message_headers);
mp-wp_genesis 999
mp-wp_genesis 1000 return true;
mp-wp_genesis 1001 }
mp-wp_genesis 1002 endif;
mp-wp_genesis 1003
mp-wp_genesis 1004 if ( !function_exists('wp_notify_moderator') ) :
mp-wp_genesis 1005 /**
mp-wp_genesis 1006 * Notifies the moderator of the blog about a new comment that is awaiting approval.
mp-wp_genesis 1007 *
mp-wp_genesis 1008 * @since 1.0
mp-wp_genesis 1009 * @uses $wpdb
mp-wp_genesis 1010 *
mp-wp_genesis 1011 * @param int $comment_id Comment ID
mp-wp_genesis 1012 * @return bool Always returns true
mp-wp_genesis 1013 */
mp-wp_genesis 1014 function wp_notify_moderator($comment_id) {
mp-wp_genesis 1015 global $wpdb;
mp-wp_genesis 1016
mp-wp_genesis 1017 if( get_option( "moderation_notify" ) == 0 )
mp-wp_genesis 1018 return true;
mp-wp_genesis 1019
mp-wp_genesis 1020 $comment = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_ID=%d LIMIT 1", $comment_id));
mp-wp_genesis 1021 $post = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->posts WHERE ID=%d LIMIT 1", $comment->comment_post_ID));
mp-wp_genesis 1022
mp-wp_genesis 1023 $comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
mp-wp_genesis 1024 $comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = '0'");
mp-wp_genesis 1025
mp-wp_genesis 1026 switch ($comment->comment_type)
mp-wp_genesis 1027 {
mp-wp_genesis 1028 case 'trackback':
mp-wp_genesis 1029 $notify_message = sprintf( __('A new trackback on the post #%1$s "%2$s" is waiting for your approval'), $post->ID, $post->post_title ) . "\r\n";
mp-wp_genesis 1030 $notify_message .= get_permalink($comment->comment_post_ID) . "\r\n\r\n";
mp-wp_genesis 1031 $notify_message .= sprintf( __('Website : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
mp-wp_genesis 1032 $notify_message .= sprintf( __('URL : %s'), $comment->comment_author_url ) . "\r\n";
mp-wp_genesis 1033 $notify_message .= __('Trackback excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
mp-wp_genesis 1034 break;
mp-wp_genesis 1035 case 'pingback':
mp-wp_genesis 1036 $notify_message = sprintf( __('A new pingback on the post #%1$s "%2$s" is waiting for your approval'), $post->ID, $post->post_title ) . "\r\n";
mp-wp_genesis 1037 $notify_message .= get_permalink($comment->comment_post_ID) . "\r\n\r\n";
mp-wp_genesis 1038 $notify_message .= sprintf( __('Website : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
mp-wp_genesis 1039 $notify_message .= sprintf( __('URL : %s'), $comment->comment_author_url ) . "\r\n";
mp-wp_genesis 1040 $notify_message .= __('Pingback excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
mp-wp_genesis 1041 break;
mp-wp_genesis 1042 default: //Comments
mp-wp_genesis 1043 $notify_message = sprintf( __('A new comment on the post #%1$s "%2$s" is waiting for your approval'), $post->ID, $post->post_title ) . "\r\n";
mp-wp_genesis 1044 $notify_message .= get_permalink($comment->comment_post_ID) . "\r\n\r\n";
mp-wp_genesis 1045 $notify_message .= sprintf( __('Author : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
mp-wp_genesis 1046 $notify_message .= sprintf( __('E-mail : %s'), $comment->comment_author_email ) . "\r\n";
mp-wp_genesis 1047 $notify_message .= sprintf( __('URL : %s'), $comment->comment_author_url ) . "\r\n";
mp-wp_genesis 1048 $notify_message .= sprintf( __('Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=%s'), $comment->comment_author_IP ) . "\r\n";
mp-wp_genesis 1049 $notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
mp-wp_genesis 1050 break;
mp-wp_genesis 1051 }
mp-wp_genesis 1052
mp-wp_genesis 1053 $notify_message .= sprintf( __('Approve it: %s'), admin_url("comment.php?action=mac&c=$comment_id") ) . "\r\n";
mp-wp_genesis 1054 $notify_message .= sprintf( __('Delete it: %s'), admin_url("comment.php?action=cdc&c=$comment_id") ) . "\r\n";
mp-wp_genesis 1055 $notify_message .= sprintf( __('Spam it: %s'), admin_url("comment.php?action=cdc&dt=spam&c=$comment_id") ) . "\r\n";
mp-wp_genesis 1056
mp-wp_genesis 1057 $notify_message .= sprintf( __ngettext('Currently %s comment is waiting for approval. Please visit the moderation panel:',
mp-wp_genesis 1058 'Currently %s comments are waiting for approval. Please visit the moderation panel:', $comments_waiting), number_format_i18n($comments_waiting) ) . "\r\n";
mp-wp_genesis 1059 $notify_message .= admin_url("edit-comments.php?comment_status=moderated") . "\r\n";
mp-wp_genesis 1060
mp-wp_genesis 1061 $subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), get_option('blogname'), $post->post_title );
mp-wp_genesis 1062 $admin_email = get_option('admin_email');
mp-wp_genesis 1063
mp-wp_genesis 1064 $notify_message = apply_filters('comment_moderation_text', $notify_message, $comment_id);
mp-wp_genesis 1065 $subject = apply_filters('comment_moderation_subject', $subject, $comment_id);
mp-wp_genesis 1066
mp-wp_genesis 1067 @wp_mail($admin_email, $subject, $notify_message);
mp-wp_genesis 1068
mp-wp_genesis 1069 return true;
mp-wp_genesis 1070 }
mp-wp_genesis 1071 endif;
mp-wp_genesis 1072
mp-wp_genesis 1073 if ( !function_exists('wp_password_change_notification') ) :
mp-wp_genesis 1074 /**
mp-wp_genesis 1075 * Notify the blog admin of a user changing password, normally via email.
mp-wp_genesis 1076 *
mp-wp_genesis 1077 * @since 2.7
mp-wp_genesis 1078 *
mp-wp_genesis 1079 * @param object $user User Object
mp-wp_genesis 1080 */
mp-wp_genesis 1081 function wp_password_change_notification(&$user) {
mp-wp_genesis 1082 // send a copy of password change notification to the admin
mp-wp_genesis 1083 // but check to see if it's the admin whose password we're changing, and skip this
mp-wp_genesis 1084 if ( $user->user_email != get_option('admin_email') ) {
mp-wp_genesis 1085 $message = sprintf(__('Password Lost and Changed for user: %s'), $user->user_login) . "\r\n";
mp-wp_genesis 1086 wp_mail(get_option('admin_email'), sprintf(__('[%s] Password Lost/Changed'), get_option('blogname')), $message);
mp-wp_genesis 1087 }
mp-wp_genesis 1088 }
mp-wp_genesis 1089 endif;
mp-wp_genesis 1090
mp-wp_genesis 1091 if ( !function_exists('wp_new_user_notification') ) :
mp-wp_genesis 1092 /**
mp-wp_genesis 1093 * Notify the blog admin of a new user, normally via email.
mp-wp_genesis 1094 *
mp-wp_genesis 1095 * @since 2.0
mp-wp_genesis 1096 *
mp-wp_genesis 1097 * @param int $user_id User ID
mp-wp_genesis 1098 * @param string $plaintext_pass Optional. The user's plaintext password
mp-wp_genesis 1099 */
mp-wp_genesis 1100 function wp_new_user_notification($user_id, $plaintext_pass = '') {
mp-wp_genesis 1101 $user = new WP_User($user_id);
mp-wp_genesis 1102
mp-wp_genesis 1103 $user_login = stripslashes($user->user_login);
mp-wp_genesis 1104 $user_email = stripslashes($user->user_email);
mp-wp_genesis 1105
mp-wp_genesis 1106 $message = sprintf(__('New user registration on your blog %s:'), get_option('blogname')) . "\r\n\r\n";
mp-wp_genesis 1107 $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
mp-wp_genesis 1108 $message .= sprintf(__('E-mail: %s'), $user_email) . "\r\n";
mp-wp_genesis 1109
mp-wp_genesis 1110 @wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), get_option('blogname')), $message);
mp-wp_genesis 1111
mp-wp_genesis 1112 if ( empty($plaintext_pass) )
mp-wp_genesis 1113 return;
mp-wp_genesis 1114
mp-wp_genesis 1115 $message = sprintf(__('Username: %s'), $user_login) . "\r\n";
mp-wp_genesis 1116 $message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";
mp-wp_genesis 1117 $message .= site_url("wp-login.php", 'login') . "\r\n";
mp-wp_genesis 1118
mp-wp_genesis 1119 wp_mail($user_email, sprintf(__('[%s] Your username and password'), get_option('blogname')), $message);
mp-wp_genesis 1120
mp-wp_genesis 1121 }
mp-wp_genesis 1122 endif;
mp-wp_genesis 1123
mp-wp_genesis 1124 if ( !function_exists('wp_nonce_tick') ) :
mp-wp_genesis 1125 /**
mp-wp_genesis 1126 * Get the time-dependent variable for nonce creation.
mp-wp_genesis 1127 *
mp-wp_genesis 1128 * A nonce has a lifespan of two ticks. Nonces in their second tick may be
mp-wp_genesis 1129 * updated, e.g. by autosave.
mp-wp_genesis 1130 *
mp-wp_genesis 1131 * @since 2.5
mp-wp_genesis 1132 *
mp-wp_genesis 1133 * @return int
mp-wp_genesis 1134 */
mp-wp_genesis 1135 function wp_nonce_tick() {
mp-wp_genesis 1136 $nonce_life = apply_filters('nonce_life', 86400);
mp-wp_genesis 1137
mp-wp_genesis 1138 return ceil(time() / ( $nonce_life / 2 ));
mp-wp_genesis 1139 }
mp-wp_genesis 1140 endif;
mp-wp_genesis 1141
mp-wp_genesis 1142 if ( !function_exists('wp_verify_nonce') ) :
mp-wp_genesis 1143 /**
mp-wp_genesis 1144 * Verify that correct nonce was used with time limit.
mp-wp_genesis 1145 *
mp-wp_genesis 1146 * The user is given an amount of time to use the token, so therefore, since the
mp-wp_genesis 1147 * UID and $action remain the same, the independent variable is the time.
mp-wp_genesis 1148 *
mp-wp_genesis 1149 * @since 2.0.4
mp-wp_genesis 1150 *
mp-wp_genesis 1151 * @param string $nonce Nonce that was used in the form to verify
mp-wp_genesis 1152 * @param string|int $action Should give context to what is taking place and be the same when nonce was created.
mp-wp_genesis 1153 * @return bool Whether the nonce check passed or failed.
mp-wp_genesis 1154 */
mp-wp_genesis 1155 function wp_verify_nonce($nonce, $action = -1) {
mp-wp_genesis 1156 $user = wp_get_current_user();
mp-wp_genesis 1157 $uid = (int) $user->id;
mp-wp_genesis 1158
mp-wp_genesis 1159 $i = wp_nonce_tick();
mp-wp_genesis 1160
mp-wp_genesis 1161 // Nonce generated 0-12 hours ago
mp-wp_genesis 1162 if ( substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10) == $nonce )
mp-wp_genesis 1163 return 1;
mp-wp_genesis 1164 // Nonce generated 12-24 hours ago
mp-wp_genesis 1165 if ( substr(wp_hash(($i - 1) . $action . $uid, 'nonce'), -12, 10) == $nonce )
mp-wp_genesis 1166 return 2;
mp-wp_genesis 1167 // Invalid nonce
mp-wp_genesis 1168 return false;
mp-wp_genesis 1169 }
mp-wp_genesis 1170 endif;
mp-wp_genesis 1171
mp-wp_genesis 1172 if ( !function_exists('wp_create_nonce') ) :
mp-wp_genesis 1173 /**
mp-wp_genesis 1174 * Creates a random, one time use token.
mp-wp_genesis 1175 *
mp-wp_genesis 1176 * @since 2.0.4
mp-wp_genesis 1177 *
mp-wp_genesis 1178 * @param string|int $action Scalar value to add context to the nonce.
mp-wp_genesis 1179 * @return string The one use form token
mp-wp_genesis 1180 */
mp-wp_genesis 1181 function wp_create_nonce($action = -1) {
mp-wp_genesis 1182 $user = wp_get_current_user();
mp-wp_genesis 1183 $uid = (int) $user->id;
mp-wp_genesis 1184
mp-wp_genesis 1185 $i = wp_nonce_tick();
mp-wp_genesis 1186
mp-wp_genesis 1187 return substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10);
mp-wp_genesis 1188 }
mp-wp_genesis 1189 endif;
mp-wp_genesis 1190
mp-wp_genesis 1191 if ( !function_exists('wp_salt') ) :
mp-wp_genesis 1192 /**
mp-wp_genesis 1193 * Get salt to add to hashes to help prevent attacks.
mp-wp_genesis 1194 *
mp-wp_genesis 1195 * The secret key is located in two places: the database in case the secret key
mp-wp_genesis 1196 * isn't defined in the second place, which is in the wp-config.php file. If you
mp-wp_genesis 1197 * are going to set the secret key, then you must do so in the wp-config.php
mp-wp_genesis 1198 * file.
mp-wp_genesis 1199 *
mp-wp_genesis 1200 * The secret key in the database is randomly generated and will be appended to
mp-wp_genesis 1201 * the secret key that is in wp-config.php file in some instances. It is
mp-wp_genesis 1202 * important to have the secret key defined or changed in wp-config.php.
mp-wp_genesis 1203 *
mp-wp_genesis 1204 * If you have installed WordPress 2.5 or later, then you will have the
mp-wp_genesis 1205 * SECRET_KEY defined in the wp-config.php already. You will want to change the
mp-wp_genesis 1206 * value in it because hackers will know what it is. If you have upgraded to
mp-wp_genesis 1207 * WordPress 2.5 or later version from a version before WordPress 2.5, then you
mp-wp_genesis 1208 * should add the constant to your wp-config.php file.
mp-wp_genesis 1209 *
mp-wp_genesis 1210 * Below is an example of how the SECRET_KEY constant is defined with a value.
mp-wp_genesis 1211 * You must not copy the below example and paste into your wp-config.php. If you
mp-wp_genesis 1212 * need an example, then you can have a
mp-wp_genesis 1213 * {@link http://api.wordpress.org/secret-key/1.0/ secret key created} for you.
mp-wp_genesis 1214 *
mp-wp_genesis 1215 * <code>
mp-wp_genesis 1216 * define('SECRET_KEY', 'mAry1HadA15|\/|b17w55w1t3asSn09w');
mp-wp_genesis 1217 * </code>
mp-wp_genesis 1218 *
mp-wp_genesis 1219 * Salting passwords helps against tools which has stored hashed values of
mp-wp_genesis 1220 * common dictionary strings. The added values makes it harder to crack if given
mp-wp_genesis 1221 * salt string is not weak.
mp-wp_genesis 1222 *
mp-wp_genesis 1223 * @since 2.5
mp-wp_genesis 1224 * @link http://api.wordpress.org/secret-key/1.0/ Create a Secret Key for wp-config.php
mp-wp_genesis 1225 *
mp-wp_genesis 1226 * @return string Salt value from either 'SECRET_KEY' or 'secret' option
mp-wp_genesis 1227 */
mp-wp_genesis 1228 function wp_salt($scheme = 'auth') {
mp-wp_genesis 1229 global $wp_default_secret_key;
mp-wp_genesis 1230 $secret_key = '';
mp-wp_genesis 1231 if ( defined('SECRET_KEY') && ('' != SECRET_KEY) && ( $wp_default_secret_key != SECRET_KEY) )
mp-wp_genesis 1232 $secret_key = SECRET_KEY;
mp-wp_genesis 1233
mp-wp_genesis 1234 if ( 'auth' == $scheme ) {
mp-wp_genesis 1235 if ( defined('AUTH_KEY') && ('' != AUTH_KEY) && ( $wp_default_secret_key != AUTH_KEY) )
mp-wp_genesis 1236 $secret_key = AUTH_KEY;
mp-wp_genesis 1237
mp-wp_genesis 1238 if ( defined('AUTH_SALT') ) {
mp-wp_genesis 1239 $salt = AUTH_SALT;
mp-wp_genesis 1240 } elseif ( defined('SECRET_SALT') ) {
mp-wp_genesis 1241 $salt = SECRET_SALT;
mp-wp_genesis 1242 } else {
mp-wp_genesis 1243 $salt = get_option('auth_salt');
mp-wp_genesis 1244 if ( empty($salt) ) {
mp-wp_genesis 1245 $salt = wp_generate_password();
mp-wp_genesis 1246 update_option('auth_salt', $salt);
mp-wp_genesis 1247 }
mp-wp_genesis 1248 }
mp-wp_genesis 1249 } elseif ( 'secure_auth' == $scheme ) {
mp-wp_genesis 1250 if ( defined('SECURE_AUTH_KEY') && ('' != SECURE_AUTH_KEY) && ( $wp_default_secret_key != SECURE_AUTH_KEY) )
mp-wp_genesis 1251 $secret_key = SECURE_AUTH_KEY;
mp-wp_genesis 1252
mp-wp_genesis 1253 if ( defined('SECURE_AUTH_SALT') ) {
mp-wp_genesis 1254 $salt = SECRET_AUTH_SALT;
mp-wp_genesis 1255 } else {
mp-wp_genesis 1256 $salt = get_option('secure_auth_salt');
mp-wp_genesis 1257 if ( empty($salt) ) {
mp-wp_genesis 1258 $salt = wp_generate_password();
mp-wp_genesis 1259 update_option('secure_auth_salt', $salt);
mp-wp_genesis 1260 }
mp-wp_genesis 1261 }
mp-wp_genesis 1262 } elseif ( 'logged_in' == $scheme ) {
mp-wp_genesis 1263 if ( defined('LOGGED_IN_KEY') && ('' != LOGGED_IN_KEY) && ( $wp_default_secret_key != LOGGED_IN_KEY) )
mp-wp_genesis 1264 $secret_key = LOGGED_IN_KEY;
mp-wp_genesis 1265
mp-wp_genesis 1266 if ( defined('LOGGED_IN_SALT') ) {
mp-wp_genesis 1267 $salt = LOGGED_IN_SALT;
mp-wp_genesis 1268 } else {
mp-wp_genesis 1269 $salt = get_option('logged_in_salt');
mp-wp_genesis 1270 if ( empty($salt) ) {
mp-wp_genesis 1271 $salt = wp_generate_password();
mp-wp_genesis 1272 update_option('logged_in_salt', $salt);
mp-wp_genesis 1273 }
mp-wp_genesis 1274 }
mp-wp_genesis 1275 } elseif ( 'nonce' == $scheme ) {
mp-wp_genesis 1276 if ( defined('NONCE_KEY') && ('' != NONCE_KEY) && ( $wp_default_secret_key != NONCE_KEY) )
mp-wp_genesis 1277 $secret_key = NONCE_KEY;
mp-wp_genesis 1278
mp-wp_genesis 1279 if ( defined('NONCE_SALT') ) {
mp-wp_genesis 1280 $salt = NONCE_SALT;
mp-wp_genesis 1281 } else {
mp-wp_genesis 1282 $salt = get_option('nonce_salt');
mp-wp_genesis 1283 if ( empty($salt) ) {
mp-wp_genesis 1284 $salt = wp_generate_password();
mp-wp_genesis 1285 update_option('nonce_salt', $salt);
mp-wp_genesis 1286 }
mp-wp_genesis 1287 }
mp-wp_genesis 1288 } else {
mp-wp_genesis 1289 // ensure each auth scheme has its own unique salt
mp-wp_genesis 1290 $salt = hash_hmac('md5', $scheme, $secret_key);
mp-wp_genesis 1291 }
mp-wp_genesis 1292
mp-wp_genesis 1293 return apply_filters('salt', $secret_key . $salt, $scheme);
mp-wp_genesis 1294 }
mp-wp_genesis 1295 endif;
mp-wp_genesis 1296
mp-wp_genesis 1297 if ( !function_exists('wp_hash') ) :
mp-wp_genesis 1298 /**
mp-wp_genesis 1299 * Get hash of given string.
mp-wp_genesis 1300 *
mp-wp_genesis 1301 * @since 2.0.4
mp-wp_genesis 1302 * @uses wp_salt() Get WordPress salt
mp-wp_genesis 1303 *
mp-wp_genesis 1304 * @param string $data Plain text to hash
mp-wp_genesis 1305 * @return string Hash of $data
mp-wp_genesis 1306 */
mp-wp_genesis 1307 function wp_hash($data, $scheme = 'auth') {
mp-wp_genesis 1308 $salt = wp_salt($scheme);
mp-wp_genesis 1309
mp-wp_genesis 1310 return hash_hmac('md5', $data, $salt);
mp-wp_genesis 1311 }
mp-wp_genesis 1312 endif;
mp-wp_genesis 1313
mp-wp_genesis 1314 if ( !function_exists('wp_hash_password') ) :
mp-wp_genesis 1315 /**
mp-wp_genesis 1316 * Create a hash (encrypt) of a plain text password.
mp-wp_genesis 1317 *
mp-wp_genesis 1318 * For integration with other applications, this function can be overwritten to
mp-wp_genesis 1319 * instead use the other package password checking algorithm.
mp-wp_genesis 1320 *
mp-wp_genesis 1321 * @since 2.5
mp-wp_genesis 1322 * @global object $wp_hasher PHPass object
mp-wp_genesis 1323 * @uses PasswordHash::HashPassword
mp-wp_genesis 1324 *
mp-wp_genesis 1325 * @param string $password Plain text user password to hash
mp-wp_genesis 1326 * @return string The hash string of the password
mp-wp_genesis 1327 */
mp-wp_genesis 1328 function wp_hash_password($password) {
mp-wp_genesis 1329 global $wp_hasher;
mp-wp_genesis 1330
mp-wp_genesis 1331 if ( empty($wp_hasher) ) {
mp-wp_genesis 1332 require_once( ABSPATH . 'wp-includes/class-phpass.php');
mp-wp_genesis 1333 // By default, use the portable hash from phpass
mp-wp_genesis 1334 $wp_hasher = new PasswordHash(8, TRUE);
mp-wp_genesis 1335 }
mp-wp_genesis 1336
mp-wp_genesis 1337 return $wp_hasher->HashPassword($password);
mp-wp_genesis 1338 }
mp-wp_genesis 1339 endif;
mp-wp_genesis 1340
mp-wp_genesis 1341 if ( !function_exists('wp_check_password') ) :
mp-wp_genesis 1342 /**
mp-wp_genesis 1343 * Checks the plaintext password against the encrypted Password.
mp-wp_genesis 1344 *
mp-wp_genesis 1345 * Maintains compatibility between old version and the new cookie authentication
mp-wp_genesis 1346 * protocol using PHPass library. The $hash parameter is the encrypted password
mp-wp_genesis 1347 * and the function compares the plain text password when encypted similarly
mp-wp_genesis 1348 * against the already encrypted password to see if they match.
mp-wp_genesis 1349 *
mp-wp_genesis 1350 * For integration with other applications, this function can be overwritten to
mp-wp_genesis 1351 * instead use the other package password checking algorithm.
mp-wp_genesis 1352 *
mp-wp_genesis 1353 * @since 2.5
mp-wp_genesis 1354 * @global object $wp_hasher PHPass object used for checking the password
mp-wp_genesis 1355 * against the $hash + $password
mp-wp_genesis 1356 * @uses PasswordHash::CheckPassword
mp-wp_genesis 1357 *
mp-wp_genesis 1358 * @param string $password Plaintext user's password
mp-wp_genesis 1359 * @param string $hash Hash of the user's password to check against.
mp-wp_genesis 1360 * @return bool False, if the $password does not match the hashed password
mp-wp_genesis 1361 */
mp-wp_genesis 1362 function wp_check_password($password, $hash, $user_id = '') {
mp-wp_genesis 1363 global $wp_hasher;
mp-wp_genesis 1364
mp-wp_genesis 1365 // If the hash is still md5...
mp-wp_genesis 1366 if ( strlen($hash) <= 32 ) {
mp-wp_genesis 1367 $check = ( $hash == md5($password) );
mp-wp_genesis 1368 if ( $check && $user_id ) {
mp-wp_genesis 1369 // Rehash using new hash.
mp-wp_genesis 1370 wp_set_password($password, $user_id);
mp-wp_genesis 1371 $hash = wp_hash_password($password);
mp-wp_genesis 1372 }
mp-wp_genesis 1373
mp-wp_genesis 1374 return apply_filters('check_password', $check, $password, $hash, $user_id);
mp-wp_genesis 1375 }
mp-wp_genesis 1376
mp-wp_genesis 1377 // If the stored hash is longer than an MD5, presume the
mp-wp_genesis 1378 // new style phpass portable hash.
mp-wp_genesis 1379 if ( empty($wp_hasher) ) {
mp-wp_genesis 1380 require_once( ABSPATH . 'wp-includes/class-phpass.php');
mp-wp_genesis 1381 // By default, use the portable hash from phpass
mp-wp_genesis 1382 $wp_hasher = new PasswordHash(8, TRUE);
mp-wp_genesis 1383 }
mp-wp_genesis 1384
mp-wp_genesis 1385 $check = $wp_hasher->CheckPassword($password, $hash);
mp-wp_genesis 1386
mp-wp_genesis 1387 return apply_filters('check_password', $check, $password, $hash, $user_id);
mp-wp_genesis 1388 }
mp-wp_genesis 1389 endif;
mp-wp_genesis 1390
mp-wp_genesis 1391 if ( !function_exists('wp_generate_password') ) :
mp-wp_genesis 1392 /**
mp-wp_genesis 1393 * Generates a random password drawn from the defined set of characters.
mp-wp_genesis 1394 *
mp-wp_genesis 1395 * @since 2.5
mp-wp_genesis 1396 *
mp-wp_genesis 1397 * @return string The random password
mp-wp_genesis 1398 **/
mp-wp_genesis 1399 function wp_generate_password($length = 12, $special_chars = true) {
mp-wp_genesis 1400 $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
mp-wp_genesis 1401 if ( $special_chars )
mp-wp_genesis 1402 $chars .= '!@#$%^&*()';
mp-wp_genesis 1403
mp-wp_genesis 1404 $password = '';
mp-wp_genesis 1405 for ( $i = 0; $i < $length; $i++ )
mp-wp_genesis 1406 $password .= substr($chars, wp_rand(0, strlen($chars) - 1), 1);
mp-wp_genesis 1407 return $password;
mp-wp_genesis 1408 }
mp-wp_genesis 1409 endif;
mp-wp_genesis 1410
mp-wp_genesis 1411 if ( !function_exists('wp_rand') ) :
mp-wp_genesis 1412 /**
mp-wp_genesis 1413 * Generates a random number
mp-wp_genesis 1414 *
mp-wp_genesis 1415 * @since 2.6.2
mp-wp_genesis 1416 *
mp-wp_genesis 1417 * @param int $min Lower limit for the generated number (optional, default is 0)
mp-wp_genesis 1418 * @param int $max Upper limit for the generated number (optional, default is 4294967295)
mp-wp_genesis 1419 * @return int A random number between min and max
mp-wp_genesis 1420 */
mp-wp_genesis 1421 function wp_rand( $min = 0, $max = 0 ) {
mp-wp_genesis 1422 global $rnd_value;
mp-wp_genesis 1423
mp-wp_genesis 1424 $seed = get_option('random_seed');
mp-wp_genesis 1425
mp-wp_genesis 1426 // Reset $rnd_value after 14 uses
mp-wp_genesis 1427 // 32(md5) + 40(sha1) + 40(sha1) / 8 = 14 random numbers from $rnd_value
mp-wp_genesis 1428 if ( strlen($rnd_value) < 8 ) {
mp-wp_genesis 1429 $rnd_value = md5( uniqid(microtime() . mt_rand(), true ) . $seed );
mp-wp_genesis 1430 $rnd_value .= sha1($rnd_value);
mp-wp_genesis 1431 $rnd_value .= sha1($rnd_value . $seed);
mp-wp_genesis 1432 $seed = md5($seed . $rnd_value);
mp-wp_genesis 1433 update_option('random_seed', $seed);
mp-wp_genesis 1434 }
mp-wp_genesis 1435
mp-wp_genesis 1436 // Take the first 8 digits for our value
mp-wp_genesis 1437 $value = substr($rnd_value, 0, 8);
mp-wp_genesis 1438
mp-wp_genesis 1439 // Strip the first eight, leaving the remainder for the next call to wp_rand().
mp-wp_genesis 1440 $rnd_value = substr($rnd_value, 8);
mp-wp_genesis 1441
mp-wp_genesis 1442 $value = abs(hexdec($value));
mp-wp_genesis 1443
mp-wp_genesis 1444 // Reduce the value to be within the min - max range
mp-wp_genesis 1445 // 4294967295 = 0xffffffff = max random number
mp-wp_genesis 1446 if ( $max != 0 )
mp-wp_genesis 1447 $value = $min + (($max - $min + 1) * ($value / (4294967295 + 1)));
mp-wp_genesis 1448
mp-wp_genesis 1449 return abs(intval($value));
mp-wp_genesis 1450 }
mp-wp_genesis 1451 endif;
mp-wp_genesis 1452
mp-wp_genesis 1453 if ( !function_exists('wp_set_password') ) :
mp-wp_genesis 1454 /**
mp-wp_genesis 1455 * Updates the user's password with a new encrypted one.
mp-wp_genesis 1456 *
mp-wp_genesis 1457 * For integration with other applications, this function can be overwritten to
mp-wp_genesis 1458 * instead use the other package password checking algorithm.
mp-wp_genesis 1459 *
mp-wp_genesis 1460 * @since 2.5
mp-wp_genesis 1461 * @uses $wpdb WordPress database object for queries
mp-wp_genesis 1462 * @uses wp_hash_password() Used to encrypt the user's password before passing to the database
mp-wp_genesis 1463 *
mp-wp_genesis 1464 * @param string $password The plaintext new user password
mp-wp_genesis 1465 * @param int $user_id User ID
mp-wp_genesis 1466 */
mp-wp_genesis 1467 function wp_set_password( $password, $user_id ) {
mp-wp_genesis 1468 global $wpdb;
mp-wp_genesis 1469
mp-wp_genesis 1470 $hash = wp_hash_password($password);
mp-wp_genesis 1471 $query = $wpdb->prepare("UPDATE $wpdb->users SET user_pass = %s, user_activation_key = '' WHERE ID = %d", $hash, $user_id);
mp-wp_genesis 1472 $wpdb->query($query);
mp-wp_genesis 1473 wp_cache_delete($user_id, 'users');
mp-wp_genesis 1474 }
mp-wp_genesis 1475 endif;
mp-wp_genesis 1476
mp-wp_genesis 1477 if ( !function_exists( 'get_avatar' ) ) :
mp-wp_genesis 1478 /**
mp-wp_genesis 1479 * Retrieve the avatar for a user who provided a user ID or email address.
mp-wp_genesis 1480 *
mp-wp_genesis 1481 * @since 2.5
mp-wp_genesis 1482 * @param int|string|object $id_or_email A user ID, email address, or comment object
mp-wp_genesis 1483 * @param int $size Size of the avatar image
mp-wp_genesis 1484 * @param string $default URL to a default image to use if no avatar is available
mp-wp_genesis 1485 * @param string $alt Alternate text to use in image tag. Defaults to blank
mp-wp_genesis 1486 * @return string <img> tag for the user's avatar
mp-wp_genesis 1487 */
mp-wp_genesis 1488 function get_avatar( $id_or_email, $size = '96', $default = '', $alt = false ) {
mp-wp_genesis 1489 if ( ! get_option('show_avatars') )
mp-wp_genesis 1490 return false;
mp-wp_genesis 1491
mp-wp_genesis 1492 if ( false === $alt)
mp-wp_genesis 1493 $safe_alt = '';
mp-wp_genesis 1494 else
mp-wp_genesis 1495 $safe_alt = attribute_escape( $alt );
mp-wp_genesis 1496
mp-wp_genesis 1497 if ( !is_numeric($size) )
mp-wp_genesis 1498 $size = '96';
mp-wp_genesis 1499
mp-wp_genesis 1500 $email = '';
mp-wp_genesis 1501 $url = '';
mp-wp_genesis 1502 if ( is_numeric($id_or_email) ) {
mp-wp_genesis 1503 $id = (int) $id_or_email;
mp-wp_genesis 1504 $user = get_userdata($id);
mp-wp_genesis 1505 if ( $user ) {
mp-wp_genesis 1506 $email = $user->user_email;
mp-wp_genesis 1507 $url = $user->user_url;
mp-wp_genesis 1508 }
mp-wp_genesis 1509 } elseif ( is_object($id_or_email) ) {
mp-wp_genesis 1510 if ( isset($id_or_email->comment_type) && '' != $id_or_email->comment_type && 'comment' != $id_or_email->comment_type )
mp-wp_genesis 1511 return false; // No avatar for pingbacks or trackbacks
mp-wp_genesis 1512
mp-wp_genesis 1513 if ( !empty($id_or_email->user_id) ) {
mp-wp_genesis 1514 $id = (int) $id_or_email->user_id;
mp-wp_genesis 1515 $user = get_userdata($id);
mp-wp_genesis 1516 if ( $user) {
mp-wp_genesis 1517 $email = $user->user_email;
mp-wp_genesis 1518 $url = $user->user_url;
mp-wp_genesis 1519 }
mp-wp_genesis 1520 } else {
mp-wp_genesis 1521 if (!empty($id_or_email->comment_author_email)) {
mp-wp_genesis 1522 $email = $id_or_email->comment_author_email;
mp-wp_genesis 1523 }
mp-wp_genesis 1524 if (!empty($id_or_email->comment_author_url)) {
mp-wp_genesis 1525 $url = $id_or_email->comment_author_url;
mp-wp_genesis 1526 }
mp-wp_genesis 1527 }
mp-wp_genesis 1528 } else {
mp-wp_genesis 1529 $email = $id_or_email;
mp-wp_genesis 1530 }
mp-wp_genesis 1531
mp-wp_genesis 1532 if ( empty($default) ) {
mp-wp_genesis 1533 $avatar_default = get_option('avatar_default');
mp-wp_genesis 1534 if ( empty($avatar_default) )
mp-wp_genesis 1535 $default = 'mystery';
mp-wp_genesis 1536 else
mp-wp_genesis 1537 $default = $avatar_default;
mp-wp_genesis 1538 }
mp-wp_genesis 1539
mp-wp_genesis 1540 if ( 'mystery' == $default )
mp-wp_genesis 1541 $default = "http://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s={$size}"; // ad516503a11cd5ca435acc9bb6523536 == md5('unknown@gravatar.com')
mp-wp_genesis 1542 elseif ( 'blank' == $default )
mp-wp_update-imag... 1543 $default = includes_url('images/blank.svg');
mp-wp_genesis 1544 elseif ( !empty($email) && 'gravatar_default' == $default )
mp-wp_genesis 1545 $default = '';
mp-wp_genesis 1546 elseif ( 'gravatar_default' == $default )
mp-wp_genesis 1547 $default = "http://www.gravatar.com/avatar/s={$size}";
mp-wp_genesis 1548 elseif ('fromurl' == $default)
mp-wp_update-imag... 1549 $default = get_bloginfo('wpurl') . '/default_avatar.svg';
mp-wp_genesis 1550 elseif ( empty($email) )
mp-wp_genesis 1551 $default = "http://www.gravatar.com/avatar/?d=$default&s={$size}";
mp-wp_genesis 1552 elseif ( strpos($default, 'http://') === 0 )
mp-wp_genesis 1553 $default = add_query_arg( 's', $size, $default );
mp-wp_genesis 1554
mp-wp_genesis 1555 if ( !empty($email) && empty($url)) {
mp-wp_genesis 1556 $out = 'http://www.gravatar.com/avatar/';
mp-wp_genesis 1557 $out .= md5( strtolower( $email ) );
mp-wp_genesis 1558 $out .= '?s='.$size;
mp-wp_genesis 1559 $out .= '&d=' . urlencode( $default );
mp-wp_genesis 1560
mp-wp_genesis 1561 $rating = get_option('avatar_rating');
mp-wp_genesis 1562 if ( !empty( $rating ) )
mp-wp_genesis 1563 $out .= "&r={$rating}";
mp-wp_genesis 1564
mp-wp_genesis 1565 $avatar = "<img alt='{$safe_alt}' src='{$out}' class='avatar avatar-{$size} photo' height='{$size}' width='{$size}' />";
mp-wp_genesis 1566 } elseif (!empty($url)) {
mp-wp_genesis 1567 $url_parsed = parse_url($url);
mp-wp_genesis 1568 if ($url_parsed["host"] . $url_parsed["path"] > "") {
mp-wp_genesis 1569 $out = "http://" . $url_parsed["host"] . $url_parsed["path"] . "/avatar.png";
mp-wp_genesis 1570 } else {
mp-wp_genesis 1571 $out = $default;
mp-wp_genesis 1572 }
mp-wp_genesis 1573 $avatar = "<img alt='{$safe_alt}' src='{$out}' class='avatar avatar-{$size} photo' height='{$size}' width='{$size}' />";
mp-wp_genesis 1574 } else {
mp-wp_genesis 1575 $avatar = "<img alt='{$safe_alt}' src='{$default}' class='avatar avatar-{$size} photo avatar-default' height='{$size}' width='{$size}' />";
mp-wp_genesis 1576 }
mp-wp_genesis 1577
mp-wp_genesis 1578 return apply_filters('get_avatar', $avatar, $id_or_email, $size, $default, $alt);
mp-wp_genesis 1579 }
mp-wp_genesis 1580 endif;
mp-wp_genesis 1581
mp-wp_genesis 1582 if ( !function_exists('wp_setcookie') ) :
mp-wp_genesis 1583 /**
mp-wp_genesis 1584 * Sets a cookie for a user who just logged in.
mp-wp_genesis 1585 *
mp-wp_genesis 1586 * @since 1.5
mp-wp_genesis 1587 * @deprecated Use wp_set_auth_cookie()
mp-wp_genesis 1588 * @see wp_set_auth_cookie()
mp-wp_genesis 1589 *
mp-wp_genesis 1590 * @param string $username The user's username
mp-wp_genesis 1591 * @param string $password Optional. The user's password
mp-wp_genesis 1592 * @param bool $already_md5 Optional. Whether the password has already been through MD5
mp-wp_genesis 1593 * @param string $home Optional. Will be used instead of COOKIEPATH if set
mp-wp_genesis 1594 * @param string $siteurl Optional. Will be used instead of SITECOOKIEPATH if set
mp-wp_genesis 1595 * @param bool $remember Optional. Remember that the user is logged in
mp-wp_genesis 1596 */
mp-wp_genesis 1597 function wp_setcookie($username, $password = '', $already_md5 = false, $home = '', $siteurl = '', $remember = false) {
mp-wp_genesis 1598 _deprecated_function( __FUNCTION__, '2.5', 'wp_set_auth_cookie()' );
mp-wp_genesis 1599 $user = get_userdatabylogin($username);
mp-wp_genesis 1600 wp_set_auth_cookie($user->ID, $remember);
mp-wp_genesis 1601 }
mp-wp_genesis 1602 endif;
mp-wp_genesis 1603
mp-wp_genesis 1604 if ( !function_exists('wp_clearcookie') ) :
mp-wp_genesis 1605 /**
mp-wp_genesis 1606 * Clears the authentication cookie, logging the user out.
mp-wp_genesis 1607 *
mp-wp_genesis 1608 * @since 1.5
mp-wp_genesis 1609 * @deprecated Use wp_clear_auth_cookie()
mp-wp_genesis 1610 * @see wp_clear_auth_cookie()
mp-wp_genesis 1611 */
mp-wp_genesis 1612 function wp_clearcookie() {
mp-wp_genesis 1613 _deprecated_function( __FUNCTION__, '2.5', 'wp_clear_auth_cookie()' );
mp-wp_genesis 1614 wp_clear_auth_cookie();
mp-wp_genesis 1615 }
mp-wp_genesis 1616 endif;
mp-wp_genesis 1617
mp-wp_genesis 1618 if ( !function_exists('wp_get_cookie_login') ):
mp-wp_genesis 1619 /**
mp-wp_genesis 1620 * Gets the user cookie login.
mp-wp_genesis 1621 *
mp-wp_genesis 1622 * This function is deprecated and should no longer be extended as it won't be
mp-wp_genesis 1623 * used anywhere in WordPress. Also, plugins shouldn't use it either.
mp-wp_genesis 1624 *
mp-wp_genesis 1625 * @since 2.0.4
mp-wp_genesis 1626 * @deprecated No alternative
mp-wp_genesis 1627 *
mp-wp_genesis 1628 * @return bool Always returns false
mp-wp_genesis 1629 */
mp-wp_genesis 1630 function wp_get_cookie_login() {
mp-wp_genesis 1631 _deprecated_function( __FUNCTION__, '2.5', '' );
mp-wp_genesis 1632 return false;
mp-wp_genesis 1633 }
mp-wp_genesis 1634 endif;
mp-wp_genesis 1635
mp-wp_genesis 1636 if ( !function_exists('wp_login') ) :
mp-wp_genesis 1637 /**
mp-wp_genesis 1638 * Checks a users login information and logs them in if it checks out.
mp-wp_genesis 1639 *
mp-wp_genesis 1640 * Use the global $error to get the reason why the login failed. If the username
mp-wp_genesis 1641 * is blank, no error will be set, so assume blank username on that case.
mp-wp_genesis 1642 *
mp-wp_genesis 1643 * Plugins extending this function should also provide the global $error and set
mp-wp_genesis 1644 * what the error is, so that those checking the global for why there was a
mp-wp_genesis 1645 * failure can utilize it later.
mp-wp_genesis 1646 *
mp-wp_genesis 1647 * @since 1.2.2
mp-wp_genesis 1648 * @deprecated Use wp_signon()
mp-wp_genesis 1649 * @global string $error Error when false is returned
mp-wp_genesis 1650 *
mp-wp_genesis 1651 * @param string $username User's username
mp-wp_genesis 1652 * @param string $password User's password
mp-wp_genesis 1653 * @param bool $deprecated Not used
mp-wp_genesis 1654 * @return bool False on login failure, true on successful check
mp-wp_genesis 1655 */
mp-wp_genesis 1656 function wp_login($username, $password, $deprecated = '') {
mp-wp_genesis 1657 global $error;
mp-wp_genesis 1658
mp-wp_genesis 1659 $user = wp_authenticate($username, $password);
mp-wp_genesis 1660
mp-wp_genesis 1661 if ( ! is_wp_error($user) )
mp-wp_genesis 1662 return true;
mp-wp_genesis 1663
mp-wp_genesis 1664 $error = $user->get_error_message();
mp-wp_genesis 1665 return false;
mp-wp_genesis 1666 }
mp-wp_genesis 1667 endif;
mp-wp_genesis 1668
mp-wp_genesis 1669 if ( !function_exists( 'wp_text_diff' ) ) :
mp-wp_genesis 1670 /**
mp-wp_genesis 1671 * Displays a human readable HTML representation of the difference between two strings.
mp-wp_genesis 1672 *
mp-wp_genesis 1673 * The Diff is available for getting the changes between versions. The output is
mp-wp_genesis 1674 * HTML, so the primary use is for displaying the changes. If the two strings
mp-wp_genesis 1675 * are equivalent, then an empty string will be returned.
mp-wp_genesis 1676 *
mp-wp_genesis 1677 * The arguments supported and can be changed are listed below.
mp-wp_genesis 1678 *
mp-wp_genesis 1679 * 'title' : Default is an empty string. Titles the diff in a manner compatible
mp-wp_genesis 1680 * with the output.
mp-wp_genesis 1681 * 'title_left' : Default is an empty string. Change the HTML to the left of the
mp-wp_genesis 1682 * title.
mp-wp_genesis 1683 * 'title_right' : Default is an empty string. Change the HTML to the right of
mp-wp_genesis 1684 * the title.
mp-wp_genesis 1685 *
mp-wp_genesis 1686 * @since 2.6
mp-wp_genesis 1687 * @see wp_parse_args() Used to change defaults to user defined settings.
mp-wp_genesis 1688 * @uses Text_Diff
mp-wp_genesis 1689 * @uses WP_Text_Diff_Renderer_Table
mp-wp_genesis 1690 *
mp-wp_genesis 1691 * @param string $left_string "old" (left) version of string
mp-wp_genesis 1692 * @param string $right_string "new" (right) version of string
mp-wp_genesis 1693 * @param string|array $args Optional. Change 'title', 'title_left', and 'title_right' defaults.
mp-wp_genesis 1694 * @return string Empty string if strings are equivalent or HTML with differences.
mp-wp_genesis 1695 */
mp-wp_genesis 1696 function wp_text_diff( $left_string, $right_string, $args = null ) {
mp-wp_genesis 1697 $defaults = array( 'title' => '', 'title_left' => '', 'title_right' => '' );
mp-wp_genesis 1698 $args = wp_parse_args( $args, $defaults );
mp-wp_genesis 1699
mp-wp_genesis 1700 if ( !class_exists( 'WP_Text_Diff_Renderer_Table' ) )
mp-wp_genesis 1701 require( ABSPATH . WPINC . '/wp-diff.php' );
mp-wp_genesis 1702
mp-wp_genesis 1703 $left_string = normalize_whitespace($left_string);
mp-wp_genesis 1704 $right_string = normalize_whitespace($right_string);
mp-wp_genesis 1705
mp-wp_genesis 1706 $left_lines = split("\n", $left_string);
mp-wp_genesis 1707 $right_lines = split("\n", $right_string);
mp-wp_genesis 1708
mp-wp_genesis 1709 $text_diff = new Text_Diff($left_lines, $right_lines);
mp-wp_genesis 1710 $renderer = new WP_Text_Diff_Renderer_Table();
mp-wp_genesis 1711 $diff = $renderer->render($text_diff);
mp-wp_genesis 1712
mp-wp_genesis 1713 if ( !$diff )
mp-wp_genesis 1714 return '';
mp-wp_genesis 1715
mp-wp_genesis 1716 $r = "<table class='diff'>\n";
mp-wp_genesis 1717 $r .= "<col class='ltype' /><col class='content' /><col class='ltype' /><col class='content' />";
mp-wp_genesis 1718
mp-wp_genesis 1719 if ( $args['title'] || $args['title_left'] || $args['title_right'] )
mp-wp_genesis 1720 $r .= "<thead>";
mp-wp_genesis 1721 if ( $args['title'] )
mp-wp_genesis 1722 $r .= "<tr class='diff-title'><th colspan='4'>$args[title]</th></tr>\n";
mp-wp_genesis 1723 if ( $args['title_left'] || $args['title_right'] ) {
mp-wp_genesis 1724 $r .= "<tr class='diff-sub-title'>\n";
mp-wp_genesis 1725 $r .= "\t<td></td><th>$args[title_left]</th>\n";
mp-wp_genesis 1726 $r .= "\t<td></td><th>$args[title_right]</th>\n";
mp-wp_genesis 1727 $r .= "</tr>\n";
mp-wp_genesis 1728 }
mp-wp_genesis 1729 if ( $args['title'] || $args['title_left'] || $args['title_right'] )
mp-wp_genesis 1730 $r .= "</thead>\n";
mp-wp_genesis 1731
mp-wp_genesis 1732 $r .= "<tbody>\n$diff\n</tbody>\n";
mp-wp_genesis 1733 $r .= "</table>";
mp-wp_genesis 1734
mp-wp_genesis 1735 return $r;
mp-wp_genesis 1736 }
mp-wp_genesis 1737 endif;
mp-wp_genesis 1738
mp-wp_genesis 1739 ?>