You know how all these websites send out links to their new users for them to verify their Email address? I'm setup user verification process through email address , I will send email verification link to user email onclick on link user will be verified.
but the problem is that i am setting up usermeta field when user login the function will check user if it verified or not if verified it will be login otherwise show error when i was login to admin it will not access me to admin dashboard.
add_filter('wp_authenticate_user', 'check_user_activation_status', 10, 2);
function check_user_activation_status($user) {
if( ! $user->has_cap('administrator') ) {
if ( get_user_meta($user->ID ,'wp_user_level',true) != 10 ) {
if( get_user_meta($user->ID, 'activated', true) == 'true' ) {
return $user;
}
} else {
return $user;
}
}
return new WP_Error('Account Not Active...');
}
and also it will not showing error text
login page look like after login failed
sorry for bad english...
This hook passes two parameters, $user and $password (plaintext). In order to generate an error on login, you will need to return a new WP_Error() object.
https://codex.wordpress.org/Plugin_API/Filter_Reference/wp_authenticate_user
/**
* Check User Status.
*
* #param $user WP_User Object
*/
function check_status( WP_User $user ) {
$status = get_user_meta( $user->ID, 'user_status' );
if ( 1 !== (int) $status ) {
$message = esc_html__( 'User not verified.', 'text-domain');
return new WP_Error( 'user_not_verified', $message );
}
return $user;
}
add_filter( 'wp_authenticate_user', 'check_status' );
Related
I am making a website with the function of linking to facebook and creating posts on fanpage. I have created facebook app and the permissions have been approved enter image description here. All works fine when I login with the admin account of the app but when I login with another user account there is no dialog asking for permission. This resulted in the app not getting the token with the permissions I needed to post.
Hope you can help me.
This is connect function
public function connect($user)
{
$urlAuth = Socialite::driver('facebook')
->scopes([
'pages_manage_metadata',
'instagram_basic', 'instagram_content_publish',
'pages_manage_posts', 'pages_read_engagement',
'pages_show_list'
])
->with(['state' => $user->id])
->stateless()->redirect()
->getTargetUrl();
return $urlAuth;
}
This is callback function
public function callback()
{
$user = Socialite::driver('facebook')->stateless()->user();
$token = $user->token;
if($token){
$facebook = new FacebookPublisher($token);
$account = $facebook->getAccount()->data ?? [];
$userID = request()->state;
if(count($account) == 1){
$account = $account[0];
$userInit = User::findOrFail($userID);
$this->savePageInfo($token, $userInit, $account);
$url = config("api.client.connect_account_url");
}else{
$this->saveAccessToken($token, $pageToken = "", $userID);
$url = config("api.client.connect_page_url");
}
return redirect($url);
}
return $this->error(trans('Connect fail!'), [], 404);
}
Thank you,
I want my website and my mybb board to be connected. I Googled and made the integration, and I'm able to get a username id, as long as I specify their ID, but nothing happens when I'm using the function as explained.
What I'm trying to do is verify a connection of one to the forums, via my website, and then show their name.
Here's my code, as well as my attempts to get a username:
PHP Code:
define('IN_MYBB', NULL);
require_once 'forums/global.php';
require_once 'forums/class.MyBBIntegrator.php';
$MyBBI = new MyBBIntegrator($mybb, $db, $cache, $plugins, $lang, $config);
$user = get_user($uid);
while ($forum_user = mysqli_fetch_array($user))
{
echo $forum_user['username'];
}
You could use:
define('IN_MYBB', NULL);
require_once 'forums/global.php';
if(isset($mybb->user['uid'])){
echo "User Found: ".$mybb->user['usernmae']."($mybb->user['uid'].")";
} else {
echo "No user found";
}
MyBBIntegrator isn't even required. But the above code will check if the user is logged in, and display the username and userid. If not it will display No User Found. Hopefully this helps.
I'm creating an intranet, therefore all users have account automatically created for them. They then go to a url to create their password. All that works great. I'm now trying to allow them to "attach" their Facebook account to their user account. This is where my troubles have started...
I've successfully gotten the user to authenticate properly after a facebook login with this
method in SecurityController
public function loginCheckFacebookAction()
{
$request = $this->getRequest();
$session = $request->getSession();
$response = new Response();
$sessionUser = $this->getUser();
$facebook = $this->get('facebook');
$fbUser = $facebook->getUser(); // facebook id
if ($fbUser) {
try {
$em = $this->getDoctrine()->getManager();
$repo = $em->getRepository("IntranetBundle:User");
$user = $repo->findUserByFBID($fbUser);
if($user){
$targetPath = $session->get("_target_path");
$firewall = "secured_area";
$roles = $user->getRoles();
$rolesArray = array();
foreach($roles as $role):
$rolesArray[] = $role->getRole();
endforeach;
$token = new UsernamePasswordToken($user, $user->getPassword(), $firewall, $rolesArray);
$event = new InteractiveLoginEvent($this->getRequest(), $token);
$this->get("event_dispatcher")->dispatch("security.interactive_login", $event);
$this->get('security.context')->setToken($token);
/*
If I uncomment out either of the following redirects
the redirect happens but the user is not authenticated properly
If I comment them out I'm just rendering my error template. The user
however, is authenticated properly.
*/
if(isset($targetPath)){
//return $this->redirect($targetPath);
} else {
//return $this->redirect($this->generateUrl("ssla_intranet_homepage"));
}
}
} catch (FacebookApiException $e) {
$user = null;
}
// I just render this template to be able to view debug bar.
//User is authenticated properly.
$pageParameters = $this->getPageParameters();
$pageParameters["page"] = "error";
$pageParameters["error"] = array();
$pageParameters["error"]["message"] = "Something went wrong with authentication";
return $this->render('IntranetBundle:Error:index.html.twig', $pageParameters);
}
Do I need to register a listener for all interactive_login events that then handles all post-login redirection rather than trying to redirect within the same method?
First project using Symfony, and this is killing me. Any thoughts?
By the way, I've looked into the FOSFacebookBundle, but wanted to be able to authenticate with a number of different methods, including doctrine, gmail, facebook, and twitter.
I want to check the user table for status=1 as extra validation. My getAuthAdapter() method looks like this:
private function getAuthAdapter (){
$authAdapter = new Zend_Auth_Adapter_DbTable(Zend_Db_Table::getDefaultAdapter());
$authAdapter->setTableName('vi_users')
->setIdentityColumn('email')
->setCredentialColumn('password');
return $authAdapter;
}
How would I alter this to include the extra validation?
I ran across this problem myself, and I'm not sure it is possible to check another column at the sametime. So I do it straight aftwerwards, with something like this:
$auth = Zend_Auth::getInstance();
....
if (process($form->getValues())) {
// login credentials are correct, so we now need to check if their account is activated
if ($auth->getIdentity()->active != 1) {
// if not, log them out and tell them to activate
Zend_Auth::getInstance()->clearIdentity();
$output .= "Your account has not yet been activated, please check your email (including spam bin) for the activation link.";
} else {
// if they're active then login is successful
$output .= "You are now logged in";
}
} else {
// username/password wrong
$output .= "Credentials invalid";
}
Update: Given Orlando's answer, it looks like what you've asked for originally is possible. You could use my solution though if you would like to distinguish between status value being 'wrong' and user/pass being wrong.
You could do something like:
$adapter = new Zend_Auth_Adapter_DbTable(
$db,
'users',
'username',
'password',
'MD5(?) AND status = 1'
);
where $db would be Zend_Db_Table::getDefaultAdapter()
Taken from http://framework.zend.com/manual/en/zend.auth.adapter.dbtable.html
So I am using Zend_Auth to authenticate users of my website. Currently they are only able to log in with their email as login but I would like to enable them to log in also with their username.
Here is some code:
// prepare adapter for Zend_Auth
$adapter = new Zend_Auth_Adapter_DbTable($this->_getDb());
$adapter->setTableName('users');
$adapter->setIdentityColumn('email');
$adapter->setCredentialColumn('password_hash');
$adapter->setCredentialTreatment('CONCAT(SUBSTRING(password_hash, 1, 40), SHA1(CONCAT(SUBSTRING(password_hash, 1, 40), ?)))');
$adapter->setIdentity($request->getParam('email'));
$adapter->setCredential($request->getParam('password'));
Notice the line:
$adapter->setIdentityColumn('email');
How can I add also username there (column in the database called username, too)?
UPDATE:
This is how I solved this:
$login = $request->getParam('email');
$validator = new Zend_Validate_EmailAddress();
if (false === $validator->isValid($login)) {
$u = $this->_getTable('Users')->getSingleWithUsername($login);
if (null === $u) {
throw new Exception ('Invalid login and/or password');
}
$login = $u->email;
}
// prepare adapter for Zend_Auth
$adapter = new Zend_Auth_Adapter_DbTable($this->_getDb());
$adapter->setTableName('users');
$adapter->setIdentityColumn('email');
$adapter->setCredentialColumn('password_hash');
$adapter->setCredentialTreatment('CONCAT(SUBSTRING(password_hash, 1, 40), SHA1(CONCAT(SUBSTRING(password_hash, 1, 40), ?)))');
$adapter->setIdentity($login);
$adapter->setCredential($request->getParam('password'));
I deal with the same thing, and I handle it before Zend_Auth. I use a single user sign-in field and first check whether it's an email address -- if so, it's converted to the appropriate username. Then, let Zend_Auth do its thing.
This works well for me, although you'll need to kinda switch it around, since you're going the other way.
i. Add a filter to your user sign-in field, like this:
$user_field->addFilter('EmailToUsername');
ii. The filter:
<?php
/**
* Converts an email address to the username.
*/
class Prontiso_Filter_EmailToUsername implements Zend_Filter_Interface
{
public function filter( $value )
{
if ( Zend_Validate::is($value, 'EmailAddress') ) {
$user_table = new Users();
$user = $user_table->findByEmail($value);
if ( $user ) {
return $user->username;
}
}
/**
* Nothing happened, so don't filter.
*/
return $value;
}
}
As for just changing a Zend_Auth setting instead, Zend_Auth doesn't like either/or identity columns, so you'd have to write your own auth adapter.
My own solution:
$adapter->setIdentityColumn(stripos($indentity, '#') ? 'email' : 'username');
Fast and simple!