Changeset 1647027
- Timestamp:
- 04/28/2017 02:29:13 AM (9 years ago)
- Location:
- sudo-oauth/trunk
- Files:
-
- 4 edited
-
SudoOauth.php (modified) (2 diffs)
-
icon.png (modified) (previous)
-
index.php (modified) (1 diff)
-
readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
sudo-oauth/trunk/SudoOauth.php
r1124222 r1647027 1 1 <?php 2 $dir_file = dirname(__FILE__);3 $service_path = substr($dir_file,0,strlen($dir_file) - 30);4 require( $service_path . '/wp-load.php' );5 $plugin_url = plugins_url();6 $host_name = substr($plugin_url,0,strlen($plugin_url) - 19);7 2 $client_id = get_option('sudooauth_option_name'); 8 3 $client_key = get_option('sudooauth_option_pwd'); 9 4 $host_id = get_option('sudooauth_option_host'); 10 5 if(!$client_id || !$client_key || $client_id == '' || $client_key == '') 11 die('Bạn chưa nhập thông tin Client mà ID đã cấp !');6 die('Bạn chưa nhập thông tin Client mà ID đã cấp !'); 12 7 ?> 13 8 <meta http-equiv="content-type" content="text/html; charset=UTF-8"> … … 15 10 $access_code = $_REQUEST['access_code']; 16 11 if(isset($access_code) && $access_code != '') { 17 $token_url = $host_id.'/oauth/accessCode/'.$access_code.''; 18 $context = stream_context_create(array( 19 'http' => array( 20 'header' => "Authorization: Basic " . base64_encode("$client_id:$client_key") 21 ) 22 )); 23 $data = file_get_contents($token_url, false, $context); 24 $info = json_decode(base64_decode($data),true); 25 if($info['status'] == 1) { 26 global $wpdb; 27 $user = array(); 28 $user['email'] = $info['user']['email']; 29 $user['name'] = substr($user['email'],0,strpos($user['email'],'@')); 30 $user['email'] = $user['name'].'@sudo.vn'; 31 32 $check_user = $wpdb->get_results('SELECT ID FROM '.$wpdb->prefix.'users WHERE user_email = "'.$user['email'].'"',ARRAY_A); 33 if($check_user) { 34 $check_sudo_user = $wpdb->query('SELECT use_id FROM '.$wpdb->prefix.'sudo_users WHERE use_email = "'.$user['email'].'"'); 35 if($check_sudo_user) { 36 //Update _sudo_access 37 $user_sudo_access = get_user_meta($check_user[0]['ID'],'_sudo_access'); 38 if(is_array($user_sudo_access)) $user_sudo_access = $user_sudo_access[0]; 39 if($user_sudo_access != get_option('sudooauth_option_cat')) { 40 if( update_user_meta( $check_user[0]['ID'], '_sudo_access', get_option('sudooauth_option_cat') ) != false) { 41 $sudo_user = $wpdb->get_row('SELECT use_id,use_pass FROM '.$wpdb->prefix.'sudo_users WHERE use_email = "'.$user['email'].'" ORDER BY use_id DESC LIMIT 1',ARRAY_A); 42 $user['password'] = md5($sudo_user['use_pass'].$info['user']['id']); 43 $str = "<form action='".$host_name."/wp-login.php' method='post' name='frm'>"; 44 $str .= "<input type='hidden' name='log' value='".$user['name']."'>"; 45 $str .= "<input type='hidden' name='pwd' value='".$user['password']."'>"; 46 $str .= "<input type='hidden' name='wp-submit' value='Log In'>"; 47 $str .= "<input type='hidden' name='redirect_to' value='".admin_url()."post-new.php'>"; 48 $str .= "</form>"; 49 $str .= '<script language="JavaScript">document.frm.submit();</script>'; 50 echo $str; 51 }else { 52 die('Không thể hạn chế được danh mục đăng bài cho thành viên này'); 53 } 12 $token_url = $host_id.'/oauth/accessCode/'.$access_code.''; 13 //try curl 14 if(function_exists('curl_version')) { 15 $ch = curl_init($token_url); 16 curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY); 17 curl_setopt($ch, CURLOPT_USERPWD, "{$client_id}:{$client_key}"); 18 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 19 $respone_data = curl_exec($ch); 20 if($respone_data) { 21 $info = json_decode(base64_decode($respone_data),true); 22 }else { 23 $context = stream_context_create(array( 24 'http' => array( 25 'header' => "Authorization: Basic " . base64_encode("$client_id:$client_key") 26 ) 27 )); 28 $respone_data = file_get_contents($token_url, false, $context); 29 $info = json_decode(base64_decode($respone_data),true); 30 } 31 }else { 32 $context = stream_context_create(array( 33 'http' => array( 34 'header' => "Authorization: Basic " . base64_encode("$client_id:$client_key") 35 ) 36 )); 37 $respone_data = file_get_contents($token_url, false, $context); 38 $info = json_decode(base64_decode($respone_data),true); 39 } 40 41 if($info['status'] == 1) { 42 global $wpdb; 43 $user = array(); 44 $user['email'] = $info['user']['email']; 45 $user['name'] = substr($user['email'],0,strpos($user['email'],'@')); 46 $user['email'] = $user['name'].'@sudo.vn'; 47 48 $check_user = $wpdb->get_results('SELECT ID FROM '.$wpdb->prefix.'users WHERE user_email = "'.$user['email'].'"',ARRAY_A); 49 if($check_user) { 50 $check_sudo_user = $wpdb->query('SELECT use_id FROM '.$wpdb->prefix.'sudo_users WHERE use_email = "'.$user['email'].'"'); 51 if($check_sudo_user) { 52 //Update _sudo_access 53 $user_sudo_access = get_user_meta($check_user[0]['ID'],'_sudo_access'); 54 if(is_array($user_sudo_access)) $user_sudo_access = $user_sudo_access[0]; 55 if($user_sudo_access != get_option('sudooauth_option_cat')) { 56 if( update_user_meta( $check_user[0]['ID'], '_sudo_access', get_option('sudooauth_option_cat') ) != false) { 57 $sudo_user = $wpdb->get_row('SELECT use_id,use_pass FROM '.$wpdb->prefix.'sudo_users WHERE use_email = "'.$user['email'].'" ORDER BY use_id DESC LIMIT 1',ARRAY_A); 58 $user['password'] = md5($sudo_user['use_pass'].$info['user']['id']); 59 60 $user_signon = wp_signon( array('user_login'=>$user['name'],'user_password'=>$user['password'],'remember'=>false), false ); 61 if ( is_wp_error($user_signon) ) { 62 echo $user_signon->get_error_message(); 63 die('Không thể đăng nhập'); 64 }else { 65 $u_id = wp_update_user( array( 'ID' => $user_signon->ID, 'role' => 'sudooauth_author' ) ); 66 wp_redirect( ''.admin_url().'post-new.php' ); 67 exit; 68 } 69 }else { 70 die('Không thể hạn chế được danh mục đăng bài cho thành viên này'); 71 } 72 }else { 73 $sudo_user = $wpdb->get_row('SELECT use_id,use_pass FROM '.$wpdb->prefix.'sudo_users WHERE use_email = "'.$user['email'].'" ORDER BY use_id DESC LIMIT 1',ARRAY_A); 74 $user['password'] = md5($sudo_user['use_pass'].$info['user']['id']); 75 76 $user_signon = wp_signon( array('user_login'=>$user['name'],'user_password'=>$user['password'],'remember'=>false), false ); 77 if ( is_wp_error($user_signon) ) { 78 echo $user_signon->get_error_message(); 79 die('Không thể đăng nhập'); 80 }else { 81 $u_id = wp_update_user( array( 'ID' => $user_signon->ID, 'role' => 'sudooauth_author' ) ); 82 wp_redirect( ''.admin_url().'post-new.php' ); 83 exit; 84 } 85 } 54 86 }else { 55 $sudo_user = $wpdb->get_row('SELECT use_id,use_pass FROM '.$wpdb->prefix.'sudo_users WHERE use_email = "'.$user['email'].'" ORDER BY use_id DESC LIMIT 1',ARRAY_A); 56 $user['password'] = md5($sudo_user['use_pass'].$info['user']['id']); 57 $str = "<form action='".$host_name."/wp-login.php' method='post' name='frm'>"; 58 $str .= "<input type='hidden' name='log' value='".$user['name']."'>"; 59 $str .= "<input type='hidden' name='pwd' value='".$user['password']."'>"; 60 $str .= "<input type='hidden' name='wp-submit' value='Log In'>"; 61 $str .= "<input type='hidden' name='redirect_to' value='".admin_url()."post-new.php'>"; 62 $str .= "</form>"; 63 $str .= '<script language="JavaScript">document.frm.submit();</script>'; 64 echo $str; 65 } 66 }else { 67 die('Tài khoản này đã có trước khi kết nối với Sudo ID !'); 68 } 69 }else { 70 $sudo_pass = rand(111111,999999); 71 $user['password'] = md5($sudo_pass.$info['user']['id']); 72 $u_id = wp_create_user($user['name'],$user['password'],$user['email']); 73 if(is_object($u_id)) { 74 $err = $u_id->errors; 75 $existing_user_email = $err['existing_user_email'][0]; 76 $existing_user_login = $err['existing_user_login'][0]; 77 echo $existing_user_email.'-'.$existing_user_login;die; 78 }else { 79 //Update _sudo_access 80 if( update_user_meta( $u_id, '_sudo_access', get_option('sudooauth_option_cat') ) != false) { 81 $wpdb->update( 82 ''.$table_prefix.'usermeta', 83 array( 84 'meta_value' => 'a:1:{s:6:"author";b:1;}', // string 85 ), 86 array( 'user_id' => $u_id, 'meta_key' => ''.$table_prefix.'capabilities' ), 87 array( 88 '%s' 89 ), 90 array( '%d', '%s' ) 91 ); 92 $wpdb->update( 93 ''.$table_prefix.'usermeta', 94 array( 95 'meta_value' => '2' // integer (number) 96 ), 97 array( 'user_id' => $u_id, 'meta_key' => ''.$table_prefix.'user_level' ), 98 array( 99 '%d' 100 ), 101 array( '%d', '%s' ) 102 ); 103 104 $wpdb->insert( 105 ''.$table_prefix.'sudo_users', 106 array( 107 'use_email' => $user['email'], 108 'use_pass' => $sudo_pass, 109 'use_time' => time() 110 ), 111 array( 112 '%s', 113 '%s', 114 '%d' 115 ) 116 ); 117 118 //Post đến đăng nhập 119 $str = "<form action='".$host_name."/wp-login.php' method='post' name='frm'>"; 120 $str .= "<input type='hidden' name='log' value='".$user['name']."'>"; 121 $str .= "<input type='hidden' name='pwd' value='".$user['password']."'>"; 122 $str .= "<input type='hidden' name='wp-submit' value='Log In'>"; 123 $str .= "<input type='hidden' name='redirect_to' value='".admin_url()."post-new.php'>"; 124 $str .= "</form>"; 125 $str .= '<script language="JavaScript">document.frm.submit();</script>'; 126 echo $str; 87 die('Tài khoản này đã có trước khi kết nối với Sudo ID !'); 88 } 89 }else { 90 $sudo_pass = rand(111111,999999); 91 $user['password'] = md5($sudo_pass.$info['user']['id']); 92 $u_id = wp_create_user($user['name'],$user['password'],$user['email']); 93 if(is_object($u_id)) { 94 $err = $u_id->errors; 95 $existing_user_email = $err['existing_user_email'][0]; 96 $existing_user_login = $err['existing_user_login'][0]; 97 echo $existing_user_email.'-'.$existing_user_login;die; 127 98 }else { 128 die('Không thể hạn chế được danh mục đăng bài cho thành viên này'); 129 } 130 } 131 } 132 }else { 133 echo $info['message']; 134 echo '<br />'; 135 die('Lỗi kết nối !'); 136 } 99 //Update _sudo_access 100 if( update_user_meta( $u_id, '_sudo_access', get_option('sudooauth_option_cat') ) != false) { 101 //update role 102 $u_id = wp_update_user( array( 'ID' => $u_id, 'role' => 'sudooauth_author' ) ); 103 if(is_object($u_id)) { 104 die('Không thể set quyền cho user'); 105 } 106 107 $wpdb->insert( 108 ''.$wpdb->prefix.'sudo_users', 109 array( 110 'use_email' => $user['email'], 111 'use_pass' => $sudo_pass, 112 'use_time' => time() 113 ), 114 array( 115 '%s','%s','%d' 116 ) 117 ); 118 119 $user_signon = wp_signon( array('user_login'=>$user['name'],'user_password'=>$user['password'],'remember'=>false), false ); 120 if ( is_wp_error($user_signon) ) { 121 echo $user_signon->get_error_message(); 122 die('Không thể đăng nhập'); 123 }else { 124 wp_redirect( ''.admin_url().'post-new.php' ); 125 exit; 126 } 127 }else { 128 die('Không thể hạn chế được danh mục đăng bài cho thành viên này'); 129 } 130 } 131 } 132 }else { 133 echo $info['message']; 134 echo '<br />'; 135 die('Lỗi kết nối !'); 136 } 137 137 }else { 138 138 die('Không tìm thấy Access Code !'); -
sudo-oauth/trunk/index.php
r1138770 r1647027 8 8 Author URI: http://sudo.vn 9 9 */ 10 $dir_file = dirname(__FILE__);11 $service_path = substr($dir_file,0,strlen($dir_file) - 30);12 require( $service_path . '/wp-load.php' );13 14 function sudo_create_table () {15 global $wpdb;16 $table_name = $wpdb->prefix.'sudo_users';17 if($wpdb->get_var("SHOW TABLEs LIKE $table_name") != $table_name) {18 $sql = "CREATE TABLE ".$table_name."(19 use_id INTEGER(11) UNSIGNED AUTO_INCREMENT,20 use_email VARCHAR(255) NOT NULL,21 use_pass VARCHAR(255) NOT NULL,22 use_time INTEGER(11) NOT NULL,23 PRIMARY KEY (use_id)24 )";25 require_once(ABSPATH.'wp-admin/includes/upgrade.php');26 dbDelta($sql);27 }28 }29 30 register_activation_hook(__FILE__,'sudo_create_table');31 10 ?> 32 <?php33 function register_mysettings() {34 register_setting( 'sudooauth-settings-group', 'sudooauth_option_name' );35 register_setting( 'sudooauth-settings-group', 'sudooauth_option_pwd' );36 register_setting( 'sudooauth-settings-group', 'sudooauth_option_host' );37 register_setting( 'sudooauth-settings-group', 'sudooauth_option_multicat' );38 register_setting( 'sudooauth-settings-group', 'sudooauth_option_limitpost' );39 }40 41 function sudooauth_create_menu() {42 add_menu_page('Sudo Oauth Plugin Settings', 'Sudo Oauth Settings', 'administrator', __FILE__, 'sudooauth_settings_page',plugins_url('icon.png', __FILE__), 100);43 add_action( 'admin_init', 'register_mysettings' );44 }45 add_action('admin_menu', 'sudooauth_create_menu');46 /* Tu Cao Update: Disable change Passwords & Email for Website */47 if ( is_admin() )48 add_action( 'init', 'disable_password_fields', 10 );49 50 function disable_password_fields() {51 if ( ! current_user_can( 'administrator' ) )52 $show_password_fields = add_filter( 'show_password_fields', '__return_false' );53 }54 add_action( 'user_profile_update_errors', 'prevent_email_change', 10, 3 );55 function prevent_email_change( $errors, $update, $user ) {56 $old = get_user_by('id', $user->ID);57 if( $user->user_email != $old->user_email )58 $user->user_email = $old->user_email;59 }60 /* Tu Cao: End */61 62 /* Restrict cat */63 add_filter( 'list_terms_exclusions', 'sudo_exclusions_terms' );64 function sudo_exclusions_terms() {65 $excluded = '';66 $current_user = wp_get_current_user();67 if(strpos($current_user->user_email,'@sudo.vn')) {68 $multicat_settings = get_option('sudooauth_option_multicat');69 if ( $multicat_settings != false ) {70 $str_cat_list = '';71 foreach($multicat_settings as $value) {72 $str_cat_list .= $value.',';73 }74 $str_cat_list = rtrim($str_cat_list,',');75 $excluded = " AND ( t.term_id IN ( $str_cat_list ) OR tt.taxonomy NOT IN ( 'category' ) )";76 }77 }78 return $excluded;79 }80 /* End Restrict cat */81 82 /* One post per day */83 add_action( 'admin_init', 'sudo_post_per_day_limit' );84 function sudo_post_per_day_limit() {85 $current_user = wp_get_current_user();86 if(strpos($current_user->user_email,'@sudo.vn')) {87 global $wpdb;88 $tz = new DateTimeZone('Asia/Bangkok');89 $time_current_sv = new SudoDateTime();90 $time_current_sv_str = $time_current_sv->format('Y-m-d H:i:s');91 $time_current_sv_int = $time_current_sv->getTimestamp();92 93 $time_current_sv->setTimeZone($tz);94 $time_current_tz_str = $time_current_sv->format('Y-m-d H:i:s');95 $time_current_tz = new SudoDateTime($time_current_tz_str);96 $time_current_tz_int = $time_current_tz->getTimestamp();97 98 $time_start_tz_str = $time_current_sv->format('Y-m-d 00:00:01');99 $time_start_tz = new SudoDateTime($time_start_tz_str);100 $time_start_tz_int = $time_start_tz->getTimestamp();101 102 $time_start_sv_int = $time_current_sv_int - $time_current_tz_int + $time_start_tz_int;103 $time_start_sv_str = date('Y-m-d H:i:s',$time_start_sv_int);104 $time_start_sv = new SudoDateTime($time_start_sv_str);105 106 $count_post_today = $wpdb->get_var("SELECT COUNT(ID)107 FROM $wpdb->posts108 WHERE post_status = 'publish'109 AND post_author = $current_user->ID110 AND post_type NOT IN('attachment','revision')111 AND post_date_gmt >= '$time_start_sv_str'");112 113 if($count_post_today >= get_option('sudooauth_option_limitpost',1)) {114 global $pagenow;115 /* Check current admin page. */116 if($pagenow == 'post-new.php'){117 echo '<meta http-equiv="Content-Type" content="text/html"; charset="utf-8">';118 echo "<center>";119 echo '<br /><br />Giới hạn '.get_option('sudooauth_option_limitpost',1).' bài 1 ngày.<br /><br /> Hôm nay bạn đã đăng đủ bài trên trang này rồi.<br /><br /> Vui lòng quay lại vào ngày mai, xin cám ơn!';120 echo "</center>";121 exit();122 }123 }124 }125 }126 /* End One post per day */127 128 function sudooauth_settings_page() {129 ?>130 <div class="wrap">131 <h2>Thông tin client kết nối với ID</h2>132 <p>Nhập thông tin được thống nhất và cấp bởi ID</p>133 <?php if( isset($_GET['settings-updated']) ) { ?>134 <div id="message" class="updated">135 <p><strong><?php _e('Settings saved.') ?></strong></p>136 </div>137 <?php } ?>138 <form method="post" action="options.php">139 <?php settings_fields( 'sudooauth-settings-group' ); ?>140 <table class="form-table">141 <tr valign="top">142 <th scope="row">Client name</th>143 <td><input type="text" name="sudooauth_option_name" value="<?php echo get_option('sudooauth_option_name'); ?>" /></td>144 </tr>145 <tr valign="top">146 <th scope="row">Client key</th>147 <td><input type="text" name="sudooauth_option_pwd" value="<?php echo get_option('sudooauth_option_pwd'); ?>" /></td>148 </tr>149 <tr valign="top">150 <th scope="row">Host</th>151 <td><input type="text" name="sudooauth_option_host" value="<?php echo get_option('sudooauth_option_host') != '' ? get_option('sudooauth_option_host') : 'http://id.sudo.vn'; ?>" /></td>152 </tr>153 <tr valign="top">154 <th scope="row">Tài khoản kết nối được đăng bao nhiêu bài một ngày</th>155 <td><input type="text" name="sudooauth_option_limitpost" value="<?php echo get_option('sudooauth_option_limitpost') != '' ? get_option('sudooauth_option_limitpost') : '1'; ?>" /></td>156 </tr>157 <tr valign="top">158 <th scope="row">Chọn danh mục tài khoản kết nối được phép post bài</th>159 <td>160 <?php161 $walker = new Sudo_Walker_Category_Checklist();162 $settings = get_option('sudooauth_option_multicat');163 if ( isset( $settings) && is_array( $settings) )164 $selected = $settings;165 else166 $selected = array();167 ?>168 <div id="side-sortables" class="metabox-holder" style="float:left; padding:5px;">169 <div class="postbox">170 <h3 class="hndle"><span>Giới hạn đa danh mục</span></h3>171 172 <div class="inside" style="padding:0 10px;">173 <div class="taxonomydiv">174 <div id="id-all" class="tabs-panel tabs-panel-active">175 <ul class="categorychecklist form-no-clear">176 <?php177 wp_list_categories(178 array(179 'selected_cats' => $selected,180 'options_name' => 'sudooauth_option_multicat',181 'hide_empty' => 0,182 'title_li' => '',183 'walker' => $walker184 )185 );186 ?>187 </ul>188 </div>189 </div>190 </div>191 </div>192 </div>193 </td>194 </tr>195 </table>196 <?php submit_button(); ?>197 </form>198 </div>199 <?php200 }201 202 203 class Sudo_Walker_Category_Checklist extends Walker {204 var $tree_type = 'category';205 var $db_fields = array ('parent' => 'parent', 'id' => 'term_id'); //TODO: decouple this206 207 function start_lvl( &$output, $depth = 0, $args = array() ) {208 $indent = str_repeat("\t", $depth);209 $output .= "$indent<ul class='children'>\n";210 }211 212 function end_lvl( &$output, $depth = 0, $args = array() ) {213 $indent = str_repeat("\t", $depth);214 $output .= "$indent</ul>\n";215 }216 217 function start_el( &$output, $category, $depth = 0, $args = array(), $current_object_id = 0 ) {218 extract($args);219 220 if ( empty( $taxonomy ) )221 $taxonomy = 'category';222 223 $output .= sprintf(224 '<li id="category-%1$d"><label class="selectit"><input value="%1$s" type="checkbox" name="sudooauth_option_multicat[]" %2$s /> %3$s</label>',225 $category->term_id,226 checked( in_array( $category->term_id, $selected_cats ), true, false ),227 esc_html( apply_filters( 'the_category', $category->name ) )228 );229 }230 231 function end_el( &$output, $category, $depth = 0, $args= array() ) {232 $output .= "</li>\n";233 }234 }235 236 //Sudo replace datetime for php version lower 5.3237 class SudoDateTime extends DateTime238 {239 public function setTimestamp( $timestamp )240 {241 $date = getdate( ( int ) $timestamp );242 $this->setDate( $date['year'] , $date['mon'] , $date['mday'] );243 $this->setTime( $date['hours'] , $date['minutes'] , $date['seconds'] );244 }245 246 public function getTimestamp()247 {248 return $this->format( 'U' );249 }250 }251 ?> -
sudo-oauth/trunk/readme.txt
r1138770 r1647027 3 3 Tags: sudo,oauth 4 4 Donate link: http://nguyencaotu.com/donate 5 Requires at least: 3.96 Tested up to: 4. 15 Requires at least: 4.5 6 Tested up to: 4.7.4 7 7 Stable tag: trunk 8 8 9 Free Plugin supported connect to system id.sudo.vn. This plugin only user in VietNam. 9 Sudo Oauth Plugin support to connect to id.sudo.vn system. This plugin only user in VietNam. 10 10 11 11 == Description == 12 Free Plugin supported connect to system id.sudo.vn - a system manager account. If you want build a system manager accountfor SEO, Manager staff please contact me.12 Plugin support to connect to ID Sudo system - a management account system. If you want to build a management account system for SEO, Manager staff please contact me. 13 13 14 14 == Installation == … … 48 48 = 1.0.1 = 49 49 Fixed account only systeam login can not change passworrd 50 51 = 2.0.1 = 52 Big update: 53 - Random link follow - nofollow (30%) 54 - Restrict backlink per post 55 - Accept upload media option 56 - Show user info in bottom of post
Note: See TracChangeset
for help on using the changeset viewer.