From 0910d5755e060b6b6e02c52d839c53db102b26bf Mon Sep 17 00:00:00 2001 From: Andrew Ozz Date: Thu, 28 Feb 2013 08:57:17 +0000 Subject: [PATCH] Improved logged out warnings, first run, props mintindeed, see #23295 git-svn-id: http://core.svn.wordpress.org/trunk@23504 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/css/wp-admin.css | 17 +++ wp-includes/class-wp-auth-check.php | 192 ++++++++++++++++++++++++++++ wp-includes/default-filters.php | 3 + wp-includes/functions.php | 16 ++- wp-login.php | 21 ++- 5 files changed, 236 insertions(+), 13 deletions(-) create mode 100644 wp-includes/class-wp-auth-check.php diff --git a/wp-admin/css/wp-admin.css b/wp-admin/css/wp-admin.css index 49c0d7eaf2..7299d3f627 100644 --- a/wp-admin/css/wp-admin.css +++ b/wp-admin/css/wp-admin.css @@ -6785,6 +6785,23 @@ a.rsswidget { width: auto; } +.interim-login #login { + padding: 0; + width: 300px; +} + +.interim-login.login h1 a { + width: auto; +} + +.interim-login #login_error, +.interim-login.login .message { + margin: 0 0 16px; +} + +.interim-login.login form { + margin: 0; +} /* ms */ /* Dashboard: MS Specific Data */ diff --git a/wp-includes/class-wp-auth-check.php b/wp-includes/class-wp-auth-check.php new file mode 100644 index 0000000000..b0338dc4bf --- /dev/null +++ b/wp-includes/class-wp-auth-check.php @@ -0,0 +1,192 @@ +_init(); + } + + return self::$_instance; + } + + /** + * Object init, sets up hooks. Not done in the constructor so that the + * _init() method may be extended without breaking the singleton. + */ + protected function _init() { + if ( is_admin() ) { + add_action( 'admin_footer', array( $this, 'enqueue_scripts' ) ); + add_action( 'admin_print_footer_scripts', array( $this, 'footer_js' ) ); + } elseif ( is_user_logged_in() ) { + add_action( 'wp_footer', array( $this, 'enqueue_scripts' ) ); + add_action( 'wp_print_footer_scripts', array( $this, 'footer_js' ) ); + } + + add_filter( 'heartbeat_received', array( $this, 'login' ), 10, 2 ); + add_filter( 'heartbeat_nopriv_received', array( $this, 'nopriv_login' ), 10, 2 ); + } + + /** + * Checks if the user is still logged in + */ + public function login( $response, $data ) { + if ( array_key_exists('wp-auth-check', $data) && ( ! isset( $_COOKIE[LOGGED_IN_COOKIE] ) || ! wp_validate_auth_cookie() || ! empty( $GLOBALS['login_grace_period'] ) ) ) + $response['wp-auth-check-html'] = $this->notice(); + + + $response['LOGGED_IN_COOKIE'] = isset( $_COOKIE[LOGGED_IN_COOKIE] ); + + $response['wp_validate_auth_cookie'] = wp_validate_auth_cookie(); + + return $response; + } + + /** + * Runs when a user is expected to be logged in + * but has logged out or cannot be validated + */ + public function nopriv_login( $response, $data ) { + if ( array_key_exists('wp-auth-check', $data) ) + $response['wp-auth-check-html'] = $this->notice(); + + + $response['nopriv_login'] = 1; + + + return $response; + } + + public function footer_js() { + ?> + + + +
+

' . __('Session expired') . '

+' . __('close') . ' +
+ +
+
+ +'; + + } +} + diff --git a/wp-includes/default-filters.php b/wp-includes/default-filters.php index d6d877ded0..cdc4e9cbdf 100644 --- a/wp-includes/default-filters.php +++ b/wp-includes/default-filters.php @@ -294,4 +294,7 @@ add_filter( 'default_option_embed_autourls', '__return_true' ); // Default settings for heartbeat add_filter( 'heartbeat_settings', 'wp_heartbeat_settings' ); +// Check if the user is logged out +add_action( 'admin_init', 'wp_auth_check_load' ); + unset($filter, $action); diff --git a/wp-includes/functions.php b/wp-includes/functions.php index cbd7925a77..829ca7104b 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -3883,4 +3883,18 @@ function wp_is_stream( $path ) { */ function wp_checkdate( $month, $day, $year, $source_date ) { return apply_filters( 'wp_checkdate', checkdate( $month, $day, $year ), $source_date ); -} \ No newline at end of file +} + +/** + * Load the auth check, for monitoring whether the user is still logged in + * + * @since 3.6.0 + * + * @return void + */ +function wp_auth_check_load() { + if ( ! class_exists('WP_Auth_Check') ) { + require( ABSPATH . WPINC . '/class-wp-auth-check.php' ); + WP_Auth_Check::get_instance(); + } +} diff --git a/wp-login.php b/wp-login.php index 92d3911815..e35e359e1d 100644 --- a/wp-login.php +++ b/wp-login.php @@ -51,7 +51,7 @@ function login_header($title = 'Log In', $message = '', $wp_error = '') { $shake_error_codes = array( 'empty_password', 'empty_email', 'invalid_email', 'invalidcombo', 'empty_username', 'invalid_username', 'incorrect_password' ); $shake_error_codes = apply_filters( 'shake_error_codes', $shake_error_codes ); - if ( $shake_error_codes && $wp_error->get_error_code() && in_array( $wp_error->get_error_code(), $shake_error_codes ) ) + if ( ! $interim_login && $shake_error_codes && $wp_error->get_error_code() && in_array( $wp_error->get_error_code(), $shake_error_codes ) ) add_action( 'login_head', 'wp_shake_js', 12 ); ?> @@ -82,16 +82,19 @@ function login_header($title = 'Log In', $message = '', $wp_error = '') { $login_header_url = apply_filters( 'login_headerurl', $login_header_url ); $login_header_title = apply_filters( 'login_headertitle', $login_header_title ); - // Don't allow interim logins to navigate away from the page. - if ( $interim_login ) - $login_header_url = '#'; - $classes = array( 'login-action-' . $action, 'wp-core-ui' ); if ( wp_is_mobile() ) $classes[] = 'mobile'; if ( is_rtl() ) $classes[] = 'rtl'; + if ( $interim_login ) { + // Don't allow interim logins to navigate away from the page. + $login_header_url = '#'; + $classes[] = 'interim-login'; + } + $classes = apply_filters( 'login_body_class', $classes, $action ); + ?> @@ -613,12 +616,6 @@ default: if ( $interim_login ) { $message = '

' . __('You have logged in successfully.') . '

'; login_header( '', $message ); ?> - - - -

-

- @@ -662,7 +659,7 @@ default: elseif ( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] ) $errors->add('registered', __('Registration complete. Please check your e-mail.'), 'message'); elseif ( $interim_login ) - $errors->add('expired', __('Your session has expired. Please log-in again.'), 'message'); + $errors->add('expired', __('Please log-in again. You will not move away from this page.'), 'message'); elseif ( strpos( $redirect_to, 'about.php?updated' ) ) $errors->add('updated', __( 'You have successfully updated WordPress! Please log back in to experience the awesomeness.' ), 'message' );