bundesit/wordpress-preseed
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add upstream

Browse Source
This commit is contained in:
root
2019-10-24 00:12:05 +02:00
parent 85d41e4216
commit ac980f592c
3504 changed files with 1049983 additions and 29971 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
wp-content/plugins/updraftplus/includes/updraftclone/temporary-clone-auto-login.php Normal file
View File

@@ -0,0 +1,109 @@
<?php
if (!defined('ABSPATH')) die('No direct access allowed');
class UpdraftPlus_Temporary_Clone_Auto_Login {
/**
* Constructor for the class.
*/
public function __construct() {
if (!empty($_REQUEST['uc_auto_login'])) add_action('wp_loaded', array($this, 'handle_url_actions'));
}
/**
* Log in the indicated user, if no user is currently logged in. Do verification before calling this function.
*
* @param WP_User $user - WP user object
*/
public function autologin_user($user) {
if (is_user_logged_in()) return;
if (!is_object($user) || !is_a($user, 'WP_User')) return;
delete_user_meta($user->ID, 'uc_allow_auto_login');
wp_set_current_user($user->ID, $user->user_login);
wp_set_auth_cookie($user->ID);
try {
// WooCommerce (3.4.4) dies here. We catch and carry on to avoid confusing the user about something that nothing can be done about / is a one-time issue.
do_action('wp_login', $user->user_login);
if (wp_redirect(admin_url())) exit;
} catch (Exception $e) {
$log_message = 'Exception ('.get_class($e).') occurred during the wp_login action call: '.$e->getMessage().' (Code: '.$e->getCode().', line '.$e->getLine().' in '.$e->getFile().')';
error_log($log_message);
// @codingStandardsIgnoreLine
} catch (Error $e) {
$log_message = 'PHP Fatal error ('.get_class($e).') occurred during the wp_login action call. Error Message: '.$e->getMessage().' (Code: '.$e->getCode().', line '.$e->getLine().' in '.$e->getFile().')';
error_log($log_message);
}
}
/**
* Pass in a WP_User object to get a login hash. The caller should/must first check that this user is aloud to autologin
*
* @param WP_User $user - WordPress user object
* @param boolean|integer $use_time - false or a timestamp
*
* @return string - a hash to log the user in
*/
public static function get_autologin_key($user, $use_time = false) {
if (false === $use_time) $use_time = time();
// Start of day
$use_time = $use_time - ($use_time % 86400);
if (!defined('UPDRAFTPLUS_UNIQUE_TOKEN')) return;
$hash_it = $user->ID.'_'.$use_time.'_'.UPDRAFTPLUS_UNIQUE_TOKEN;
$hash = hash('sha256', $hash_it);
return $hash;
}
/**
* Called upon the WP action wp_loaded
*
* @return void
*/
public function handle_url_actions() {
if (!isset($_SERVER['REQUEST_METHOD']) || 'GET' != $_SERVER['REQUEST_METHOD'] || !isset($_REQUEST['uc_auto_login'])) return;
if (0 == ($user_id = get_current_user_id())) {
if (isset($_REQUEST['uc_login']) && '' !== $_REQUEST['uc_login'] && !empty($_REQUEST['uc_lkey'])) {
if ($this->auto_login_key_matches($_REQUEST['uc_lkey'], $_REQUEST['uc_login'])) {
$login_user = get_user_by('login', $_REQUEST['uc_login']);
$allow_autolink = get_user_meta($login_user->ID, 'uc_allow_auto_login');
if ($allow_autolink) {
$this->autologin_user($login_user);
}
}
}
}
}
/**
* Check an auto-login key. This does not perform any checks on the user - the caller should do these (e.g. do not allow for privileged users)
*
* @param String $check_key - the key to check for validity
* @param String $user_login - login for the user renewing his licences
*
* @return boolean - indicates if the check was successful or not
*/
private function auto_login_key_matches($check_key, $user_login) {
$login_user = get_user_by('login', $user_login);
if (is_a($login_user, 'WP_User')) {
$time_now = time();
for ($i=0; $i <= apply_filters('uc_autologinexpirydays', 3); $i++) {
$key = $this->get_autologin_key($login_user, $time_now - 86400*$i);
if ($key && $key == $check_key) {
return true;
}
}
}
return false;
}
}
if (defined('UPDRAFTPLUS_THIS_IS_CLONE')) {
$updraftplus_temporary_clone_auto_login = new UpdraftPlus_Temporary_Clone_Auto_Login();
}