Big buttons for login and registration, more robust registration and password recovery.

git-svn-id: http://svn.automattic.com/wordpress/trunk@2215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
saxmatt 2005-02-05 02:19:00 +00:00
parent 3e59b760c1
commit 639b7c93e1
3 changed files with 95 additions and 46 deletions

View File

@ -205,7 +205,7 @@ textarea, input, select {
border-top-color: #999; border-top-color: #999;
} }
.submit, #quicktags, .editform th, #postcustomsubmit, #login form { .submit, #quicktags, .editform th, #postcustomsubmit {
text-align: right; text-align: right;
} }

View File

@ -47,6 +47,11 @@ case 'lostpassword':
} }
window.onload = focusit; window.onload = focusit;
</script> </script>
<style type="text/css">
#user_login, #email, #submit {
font-size: 1.7em;
}
</style>
</head> </head>
<body> <body>
<div id="login"> <div id="login">
@ -60,11 +65,20 @@ if ($error)
<form name="lostpass" action="wp-login.php" method="post" id="lostpass"> <form name="lostpass" action="wp-login.php" method="post" id="lostpass">
<p> <p>
<input type="hidden" name="action" value="retrievepassword" /> <input type="hidden" name="action" value="retrievepassword" />
<label><?php _e('Login') ?>: <input type="text" name="user_login" id="user_login" value="" size="12" tabindex="1" /></label><br /> <label><?php _e('Login') ?>:<br />
<label><?php _e('E-mail') ?>: <input type="text" name="email" id="email" value="" size="12" tabindex="2" /></label><br /> <input type="text" name="user_login" id="user_login" value="" size="20" tabindex="1" /></label></p>
<p><label><?php _e('E-mail') ?>:<br />
<input type="text" name="email" id="email" value="" size="25" tabindex="2" /></label><br />
</p> </p>
<p class="submit"><input type="submit" name="submit" value="<?php _e('Retrieve Password'); ?> &raquo;" tabindex="3" /></p> <p class="submit"><input type="submit" name="submit" id="submit" value="<?php _e('Retrieve Password'); ?> &raquo;" tabindex="3" /></p>
</form> </form>
<ul>
<li><a href="<?php bloginfo('home'); ?>" title="<?php _e('Are you lost?') ?>">&laquo; <?php _e('Back to blog') ?></a></li>
<?php if (get_settings('users_can_register')) : ?>
<li><a href="<?php bloginfo('wpurl'); ?>/wp-register.php"><?php _e('Register') ?></a></li>
<?php endif; ?>
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>
</ul>
</div> </div>
</body> </body>
</html> </html>
@ -72,7 +86,6 @@ if ($error)
break; break;
case 'retrievepassword': case 'retrievepassword':
$user_data = get_userdatabylogin($_POST['user_login']); $user_data = get_userdatabylogin($_POST['user_login']);
// redefining user_login ensures we return the right case in the email // redefining user_login ensures we return the right case in the email
$user_login = $user_data->user_login; $user_login = $user_data->user_login;
@ -82,14 +95,15 @@ case 'retrievepassword':
die(sprintf(__('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong username or e-mail address? <a href="%s">Try again</a>.'), 'wp-login.php?action=lostpassword')); die(sprintf(__('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong username or e-mail address? <a href="%s">Try again</a>.'), 'wp-login.php?action=lostpassword'));
// Generate something random for a password... md5'ing current time with a rand salt // Generate something random for a password... md5'ing current time with a rand salt
$user_pass = substr(md5(uniqid(microtime())), 0, 6); $key = substr( md5( uniqid( microtime() ) ), 0, 50);
// now insert the new pass md5'd into the db // now insert the new pass md5'd into the db
$wpdb->query("UPDATE $wpdb->users SET user_pass = MD5('$user_pass') WHERE user_login = '$user_login'"); $wpdb->query("UPDATE $wpdb->users SET user_activation_key = '$key' WHERE user_login = '$user_login'");
$message = __('Login') . ": $user_login\r\n"; $message .= __("Someone has asked to reset a password for the login this site\n\n " . get_option('siteurl') ) . "\n\n";
$message .= __('Password') . ": $user_pass\r\n"; $message .= __('Login') . ": $user_login\r\n\r\n";
$message .= get_settings('siteurl') . '/wp-login.php'; $message .= __("To reset your password visit the following address, otherwise just ignore this email and nothing will happen.\n\n");
$message .= get_settings('siteurl') . "/wp-login.php?action=resetpass&key=$key";
$m = wp_mail($user_email, sprintf(__("[%s] Your login and password"), get_settings('blogname')), $message); mail($user_email, sprintf(__("[%s] Password Reset"), get_settings('blogname')), $message);
$m = wp_mail($user_email, sprintf(__("[%s] Password Reset"), get_settings('blogname')), $message);
if ($m == false) { if ($m == false) {
echo '<p>' . __('The e-mail could not be sent.') . "<br />\n"; echo '<p>' . __('The e-mail could not be sent.') . "<br />\n";
@ -98,13 +112,41 @@ case 'retrievepassword':
} else { } else {
echo '<p>' . sprintf(__("The e-mail was sent successfully to %s's e-mail address."), $user_login) . '<br />'; echo '<p>' . sprintf(__("The e-mail was sent successfully to %s's e-mail address."), $user_login) . '<br />';
echo "<a href='wp-login.php' title='" . __('Check your e-mail first, of course') . "'>" . __('Click here to login!') . '</a></p>'; echo "<a href='wp-login.php' title='" . __('Check your e-mail first, of course') . "'>" . __('Click here to login!') . '</a></p>';
// send a copy of password change notification to the admin
wp_mail(get_settings('admin_email'), sprintf(__('[%s] Password Lost/Change'), get_settings('blogname')), sprintf(__('Password Lost and Changed for user: %s'), $user_login));
die(); die();
} }
break; break;
case 'resetpass' :
// Generate something random for a password... md5'ing current time with a rand salt
$key = $_GET['key'];
$user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE user_activation_key = '$key'");
if ( !$user )
die( __('Sorry, that key does not appear to be valid.') );
$new_pass = md5( substr( md5( uniqid( microtime() ) ), 0, 7) );
$wpdb->query("UPDATE $wpdb->users SET user_pass = '$new_pass', user_activation_key = '' WHERE user_login = '$user->user_login'");
$message = __('Login') . ": $user_login\r\n";
$message .= __('Password') . ": $new_pass\r\n";
$message .= get_settings('siteurl') . '/wp-login.php';
$m = wp_mail($user->user_email, sprintf(__("[%s] Your new password"), get_settings('blogname')), $message);
if ($m == false) {
echo '<p>' . __('The e-mail could not be sent.') . "<br />\n";
echo __('Possible reason: your host may have disabled the mail() function...') . "</p>";
die();
} else {
echo '<p>' . sprintf(__("Your new password is in the mail."), $user_login) . '<br />';
echo "<a href='wp-login.php' title='" . __('Check your e-mail first, of course') . "'>" . __('Click here to login!') . '</a></p>';
die();
}
// send a copy of password change notification to the admin
wp_mail(get_settings('admin_email'), sprintf(__('[%s] Password Lost/Change'), get_settings('blogname')), sprintf(__('Password Lost and Changed for user: %s'), $user_login));
break;
case 'login' : case 'login' :
default: default:
@ -158,6 +200,11 @@ default:
} }
window.onload = focusit; window.onload = focusit;
</script> </script>
<style type="text/css">
#log, #pwd, #submit {
font-size: 1.7em;
}
</style>
</head> </head>
<body> <body>
@ -169,10 +216,10 @@ if ( $error )
?> ?>
<form name="loginform" id="loginform" action="wp-login.php" method="post"> <form name="loginform" id="loginform" action="wp-login.php" method="post">
<p><label><?php _e('Login') ?>: <input type="text" name="log" id="log" value="" size="20" tabindex="1" /></label></p> <p><label><?php _e('Login') ?>:<br /><input type="text" name="log" id="log" value="" size="20" tabindex="1" /></label></p>
<p><label><?php _e('Password') ?>: <input type="password" name="pwd" value="" size="20" tabindex="2" /></label></p> <p><label><?php _e('Password') ?>:<br /> <input type="password" name="pwd" id="pwd" value="" size="20" tabindex="2" /></label></p>
<p class="submit"> <p class="submit">
<input type="submit" name="submit" value="<?php _e('Login'); ?> &raquo;" tabindex="3" /> <input type="submit" name="submit" id="submit" value="<?php _e('Login'); ?> &raquo;" tabindex="3" />
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>" /> <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>" />
</p> </p>
</form> </form>

View File

@ -26,8 +26,6 @@ switch($action) {
case 'register': case 'register':
$user_login = $_POST['user_login']; $user_login = $_POST['user_login'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
$user_email = $_POST['user_email']; $user_email = $_POST['user_email'];
/* checking login has been typed */ /* checking login has been typed */
@ -35,17 +33,6 @@ case 'register':
die (__('<strong>ERROR</strong>: Please enter a login.')); die (__('<strong>ERROR</strong>: Please enter a login.'));
} }
/* checking the password has been typed twice */
if ($pass1 == '' || $pass2 == '') {
die (__('<strong>ERROR</strong>: Please enter your password twice.'));
}
/* checking the password has been typed twice the same */
if ($pass1 != $pass2) {
die (__('<strong>ERROR</strong>: Please type the same password in the two password fields.'));
}
$user_nickname = $user_login;
/* checking e-mail address */ /* checking e-mail address */
if ($user_email == '') { if ($user_email == '') {
die (__('<strong>ERROR</strong>: Please type your e-mail address.')); die (__('<strong>ERROR</strong>: Please type your e-mail address.'));
@ -63,17 +50,17 @@ case 'register':
$user_browser = $wpdb->escape($_SERVER['HTTP_USER_AGENT']); $user_browser = $wpdb->escape($_SERVER['HTTP_USER_AGENT']);
$user_login = $wpdb->escape($user_login); $user_login = $wpdb->escape( preg_replace('|a-z0-9 _.-|i', '', $user_login) );
$pass1 = $wpdb->escape($pass1); $user_nickname = $user_login;
$user_nickname = $wpdb->escape($user_nickname);
$user_nicename = sanitize_title($user_nickname); $user_nicename = sanitize_title($user_nickname);
$now = gmdate('Y-m-d H:i:s'); $now = gmdate('Y-m-d H:i:s');
if (get_settings('new_users_can_blog') >= 1) $user_level = 1; if (get_settings('new_users_can_blog') >= 1) $user_level = 1;
$password = substr( md5( uniqid( microtime() ) ), 0, 7);
$result = $wpdb->query("INSERT INTO $wpdb->users $result = $wpdb->query("INSERT INTO $wpdb->users
(user_login, user_pass, user_nickname, user_email, user_ip, user_browser, user_registered, user_level, user_idmode, user_nicename) (user_login, user_pass, user_nickname, user_email, user_ip, user_browser, user_registered, user_level, user_idmode, user_nicename)
VALUES VALUES
('$user_login', MD5('$pass1'), '$user_nickname', '$user_email', '$user_ip', '$user_browser', '$now', '$user_level', 'nickname', '$user_nicename')"); ('$user_login', MD5('$password'), '$user_nickname', '$user_email', '$user_ip', '$user_browser', '$now', '$user_level', 'nickname', '$user_nicename')");
if ($result == false) { if ($result == false) {
die (sprintf(__('<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_settings('admin_email'))); die (sprintf(__('<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_settings('admin_email')));
@ -84,6 +71,12 @@ case 'register':
$stars .= '*'; $stars .= '*';
} }
$message = __('Login') . ": $user_login\r\n";
$message .= __('Password') . ": $new_pass\r\n";
$message .= get_settings('siteurl') . '/wp-login.php';
wp_mail($user_email, sprintf(__("[%s] Your login information"), get_settings('blogname')), $message);
$message = sprintf(__("New user registration on your blog %1\$s:\n\nLogin: %2\$s \n\nE-mail: %3\$s"), get_settings('blogname'), $user_login, $user_email); $message = sprintf(__("New user registration on your blog %1\$s:\n\nLogin: %2\$s \n\nE-mail: %3\$s"), get_settings('blogname'), $user_login, $user_email);
@wp_mail(get_settings('admin_email'), sprintf(__('[%s] New User Registration'), get_settings('blogname')), $message); @wp_mail(get_settings('admin_email'), sprintf(__('[%s] New User Registration'), get_settings('blogname')), $message);
@ -101,7 +94,7 @@ case 'register':
<div id="login"> <div id="login">
<h2><?php _e('Registration Complete') ?></h2> <h2><?php _e('Registration Complete') ?></h2>
<p><?php _e('Login:') ?> <strong><?php echo $user_login; ?></strong><br /> <p><?php _e('Login:') ?> <strong><?php echo $user_login; ?></strong><br />
<?php _e('Password:') ?> <strong><?php echo $stars; ?></strong><br /> <?php _e('Password:') ?> <strong>emailed to you</strong><br />
<?php _e('E-mail:') ?> <strong><?php echo $user_email; ?></strong></p> <?php _e('E-mail:') ?> <strong><?php echo $user_email; ?></strong></p>
<form action="wp-login.php" method="post" name="login"> <form action="wp-login.php" method="post" name="login">
<input type="hidden" name="log" value="<?php echo $user_login; ?>" /> <input type="hidden" name="log" value="<?php echo $user_login; ?>" />
@ -149,21 +142,30 @@ default:
<title>WordPress &raquo; <?php _e('Registration Form') ?></title> <title>WordPress &raquo; <?php _e('Registration Form') ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo get_settings('blog_charset'); ?>" /> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo get_settings('blog_charset'); ?>" />
<link rel="stylesheet" href="wp-admin/wp-admin.css" type="text/css" /> <link rel="stylesheet" href="wp-admin/wp-admin.css" type="text/css" />
<style type="text/css">
#user_email, #user_login, #submit {
font-size: 1.7em;
}
</style>
</head> </head>
<body> <body>
<div id="login"> <div id="login">
<h2><?php _e('Registration') ?></h2> <h1><a href="http://wordpress.org/">WordPress</a></h1>
<h2><?php _e('Register for this blog') ?></h2>
<form method="post" action="wp-register.php"> <form method="post" action="wp-register.php" id="registerform">
<input type="hidden" name="action" value="register" /> <p><input type="hidden" name="action" value="register" />
<label for="user_login"><?php _e('Login:') ?></label> <input type="text" name="user_login" id="user_login" size="10" maxlength="20" /><br /> <label for="user_login"><?php _e('Login:') ?></label><br /> <input type="text" name="user_login" id="user_login" size="20" maxlength="20" /><br /></p>
<label for="pass1"><?php _e('Password:') ?></label> <input type="password" name="pass1" id="pass1" size="10" maxlength="100" /><br /> <p><label for="user_email"><?php _e('E-mail') ?></label>:<br /> <input type="text" name="user_email" id="user_email" size="25" maxlength="100" /></p>
<p>A password will be emailed to you.</p>
<input type="password" name="pass2" size="10" maxlength="100" /><br /> <p class="submit"><input type="submit" value="<?php _e('Register') ?> &raquo;" id="submit" name="submit" /></p>
<label for="user_email"><?php _e('E-mail') ?></label>: <input type="text" name="user_email" id="user_email" size="15" maxlength="100" /><br />
<input type="submit" value="<?php _e('OK') ?>" class="search" name="submit" />
</form> </form>
<ul>
<li><a href="<?php bloginfo('home'); ?>" title="<?php _e('Are you lost?') ?>">&laquo; <?php _e('Back to blog') ?></a></li>
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
</ul>
</div> </div>
</body> </body>