Is there a way to verify that there is an email entered in a registration form (ultimate member) and when registering or writing the email, a function that makes a request to an API with the email and verifies that it exists, if it exists it lets you register but if it does not exist you can not register?
Thank you very much for your support.
use this filter to get a user email after auth:
add_filter('wp_authenticate_user','func_auth_signon',10,2);
function func_auth_signon($user, $password) {
if ( is_a( $user, 'WP_User' ) {
$email = $user->user_email;
//check if email exist in API
if(!is_email_exist($email))
//else logout user
wp_logout();
}
return $user;
}
Check if email of user exist in api
function is_email_exist($email){
$url = 'YOUR API URL'
$ch = curl_init($url);
// Set the result output to be a string.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$data = curl_exec($ch);
if(curl_error($ch)) {
return false;
}
curl_close($ch);
if($data) return true;
return false;
}
Related
I made my own custom login page then trying to login to that WP user's dashboard using wp_signon() function.
function custom_login()
{
if (isset($_POST['submitlogin'])) {
$login_data = array();
$login_data['user_login'] = sanitize_user($_POST['txtEmail']);
$login_data['user_password'] = $_POST['txtPass'];
$user = wp_signon($login_data, false);
if (is_wp_error($user)) {
echo $user->get_error_message();
} else {
wp_clear_auth_cookie();
do_action('wp_login', $user->ID);
wp_set_current_user($user->ID);
wp_set_auth_cookie($user->ID, true);
$redirect_to = 'https://www.google.com/';
wp_redirect($redirect_to);
exit;
}
}
}
custom_login();
After dumping wp_set_current_user($user->ID); I can see the user's data.
Hook custom_login with init action or template_redirect action. You can redirect the page when content is already loaded.
I'm using Google Calendar API to display events on fullcalendar (so using a json object in my view). I'm using codeigniter php framework, and I have a few functions in my controller to create a new client then I use that in the oauth2callback() function to exchange my code for an access_token then I start calling the service in gcalendar() and gcalendar_events. I have set the accessType to offline but that doesn't seem to make me access the events offline. It works great except that I'm redirected to log in again every time the session ends. I don't want that, I want them to display all the time after the session ends. I am trying to use a refresh token in case the access_token expires to see if that would fix the problem.
this is the code in my controller
function getClient() {
$client = new Google_Client();
$client->setApplicationName("DL Calendar");
$client->setAuthConfig('application/client_secrets.json');
$client->addScope('profile');
$client->setIncludeGrantedScopes(true);
$client->setAccessType('offline');
return $client;
}
function gcalendar() {
$this->load->add_package_path(APPPATH . 'vendor/autoload');
$client = $this->getClient();
//$client->setRedirectUri(site_url('calendar/index'));
$client->addScope(Google_Service_Calendar::CALENDAR);
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
$access_token = $_SESSION['access_token'];
$service = new ]Google_Service_Calendar($client);
$calendar = new Google_Service_Calendar_Calendar();
//$calendarList = $service->calendarList->listCalendarList();
$calendar = $service->calendars->get('primary');
$params = array(
'owner_id' => get_current_user_id(),
'title' => get_current_user(). ' ' .'Google Calendar',
'type' => 'gcal',
'url' => $calendar->id,
);
$calendar_id = $this->Calendar_model->add_calendar($params);
redirect('calendar/index');
} else {
$redirect_uri = site_url('calendar/oauth2callback');
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
$this->session->set_flashdata('success', 'Event Successfully Added');
}
function oauth2callback() {
//Build the client object
$client = $this->getClient();
$client->addScope(Google_Service_Calendar::CALENDAR);
$service = new Google_Service_Calendar($client);
$url = parse_url($_SERVER['REQUEST_URI']); parse_str($url['query'], $params);
$code = $params['code'];
//To exchange an authorization code for an access token, use the authenticate method:
if (! isset($code)) {
$auth_url = $client->createAuthUrl();
header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));
} else {
$token = $client->fetchAccessTokenWithAuthCode($code);
$client->setAccessToken($token);
$client->authenticate($code);
$_SESSION['access_token'] = $client->getAccessToken();
$redirect_uri = site_url('calendar/gcalendar');
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
}
function gcalendar_events() {
$client = $this->getClient();
$client->addScope(Google_Service_Calendar::CALENDAR);
// $client->setRedirectUri(site_url('calendar/gcalendar'));
$client->setAccessType('offline'); //need calendar events to appear even if not logged in to google
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
$access_token = $_SESSION['access_token'];
$service = new Google_Service_Calendar($client);
$id = 'primary';
$calendar = new Google_Service_Calendar_Calendar();
$calendar = $service->calendars->get('primary');
$event = new Google_Service_Calendar_Event();
$events = $service->events->listEvents($id);
foreach ($events->getItems() as $event) {
$startTime = strtotime($event->getStart()->dateTime) ;
$endTime = strtotime($event->getEnd()->dateTime);
$start = date('Y-m-d H:i:s', $startTime);
$end = date('Y-m-d H:i:s', $endTime);
$eventsArr[] = array(
'title' => $event->getSummary(),
'start'=> $start,
'end' => $end,
);
}
// Return a single `events` with all the `$eventsArr`
echo json_encode($eventsArr);
}
}
Is the problem in my session ending? or does the access token expire and I need a refresh token? where do I set the refresh token cause I tried putting it in more that one place and I get an error message that refresh token has to be set as part off setAccessToken. I put it all over and still got error messages.
Here is the code I used
if ($client->isAccessTokenExpired()) {
$refresh_token = $client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
$client->setAccessToken($refresh_token);
$_SESSION['access_token'] = $refresh_token;
$this->load->helper('file');
write_file('application/client_secrets.json', json_encode($client->getAccessToken()));
} else {
$access_token = $_SESSION['access_token'];
}
I just noticed that it once used to say 'grant offline access' in my authorization but now it no longer mentions that while google documentation says
"After a user grants offline access to the requested scopes, you can continue to use the API client to access Google APIs on the user's behalf when the user is offline. The client object will refresh the access token as needed."
During your first authorization with Google, you will receive a token that will expire in 3600 seconds or one hour. So you need to use refresh token to get a new working token.
It is something like this SO question.
$token = $client->getAccessToken();
$authObj = json_decode($token);
if(isset($authObj->refresh_token)) {
save_refresh_token($authObj->refresh_token);
}
Make sure you save this refresh_token.
You can update it with:
$client->refreshToken($your_saved_refresh_token);
And then set your new access token to the session:
$_SESSION['access_token'] = $client->getAccessToken();
I also suggest you to visit this quickstart of Google Calendar for PHP.
For more information, check this related SO question.
How to refresh token with Google API client?
I am the new in Facebook SDK.
my Websites login with facebook account but there's trouble
<?php
session_start();
require_once '../FacebookAPI/autoload.php';
$fb = new Facebook\Facebook([
'app_id' => '{app-id}', // Replace {app-id} with your app id
'app_secret' => '{app-secret}',
'default_graph_version' => 'v2.2',
]);
$helper = $fb->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (! isset($accessToken)) {
echo 'No OAuth data could be obtained from the signed request. User has not authorized your app yet.';
exit;
}
// Logged in
echo '<h3>Signed Request</h3>';
var_dump($helper->getSignedRequest());
echo '<h3>Access Token</h3>';
var_dump($accessToken->getValue());
?>
Why it shows out "No OAuth data could be obtained from the signed request. User has not authorized your app yet."
Did I miss something ? I think $accessToken is NULL But why?
i want to make WordPress plugin or if already exists please tell me
i want if user post 15 post on my WordPress site publish post to his Facebook wall with images and level and more than posts with another level
login to WordPress throw Facebook
save the access token to use it to publish offline
on save posts if equal certain number publish the post to user
time line
i do first step and this images the result
but no thing published to timeline and the code is
<?php
session_start();
require_once 'facebook/autoload.php';
$fb = new Facebook\Facebook([
'app_id' => 'xxxxxx',
'app_secret' => 'xxxxxxxxx',
'default_graph_version' => 'v2.5',
]);
$helper = $fb->getCanvasHelper();
$permissions = ['email', 'publish_actions']; // optional
try {
if (isset($_SESSION['facebook_access_token'])) {
$accessToken = $_SESSION['facebook_access_token'];
} else {
$accessToken = $helper->getAccessToken();
}
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (isset($accessToken)) {
if (isset($_SESSION['facebook_access_token'])) {
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
} else {
$_SESSION['facebook_access_token'] = (string) $accessToken;
// OAuth 2.0 client handler
$oAuth2Client = $fb->getOAuth2Client();
// Exchanges a short-lived access token for a long-lived one
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
$_SESSION['facebook_access_token'] = (string) $longLivedAccessToken;
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
}
// validating the access token
try {
$request = $fb->get('/me');
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
if ($e->getCode() == 190) {
unset($_SESSION['facebook_access_token']);
$helper = $fb->getRedirectLoginHelper();
$loginUrl = $helper->getLoginUrl('https://apps.facebook.com/xxxxxxx/', $permissions);
echo "<script>window.top.location.href='".$loginUrl."'</script>";
exit;
}
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
// posting on user timeline using publish_actins permission
try {
// message must come from the user-end
$data = ['message' => 'testing...'];
$request = $fb->post('/me/feed', $data);
$response = $request->getGraphEdge()->asArray;
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
echo $response['id'];
// Now you can redirect to another page and use the
// access token from $_SESSION['facebook_access_token']
} else {
$helper = $fb->getRedirectLoginHelper();
//$loginUrl = $helper->getLoginUrl('https://apps.facebook.com/xxxxxxxx/', $permissions);
$loginUrl = $helper->getLoginUrl("http://www.xxxxxx.com/facebook/index.php",$permissions);
echo "<script>window.top.location.href='".$loginUrl."'</script>";
}
help :)
i used this tutorial to solve some steps
https://www.youtube.com/watch?v=XYawdJh_mNQ
So I define all parameters on the top of my page:
<?php
session_start();
$client = new Google_Client();
$client->setAuthConfigFile('client_secrets.json');
$client->addScope(Google_Service_Analytics::ANALYTICS_READONLY);
$client->setAccessType('offline');
$client->setApprovalPrompt('force');
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
$client->getAccessToken();
} else {
$redirect_uri = 'http://' . $_SERVER['HTTP_HOST'] . '/oauth2callback.php';
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
//get the access token
$myToken = json_decode($client->getAccessToken());
if ($client->getAuth()->isAccessTokenExpired()) {
$token = $myToken->refresh_token;
echo 'token expired';
} else {
$token = $myToken->access_token;
echo 'token not yet expired';
}
?>
Down at the bottom I got java script:
<script>
gapi.analytics.ready(function() {
var CLIENT_ID = 'my-client-id-goes-here';
gapi.analytics.auth.authorize({
'serverAuth': {
'access_token': '<?php echo $token; ?>'
}
});
This works however until access token expires, which is in 60 minutes. After that reports are not showing anymore. What did I do wrong and why it doesn't use a refresh token?
This is actually the expected behavior (unfortunately). The Embed API does not take a refresh token because generally you never want to expose those tokens publicly (which you would be doing if they were in your HTML source).
If you wanted to work around this limitation, you could set a timer on the page that updated the access token every 50 minutes or so (they expire after 60, as you pointed out).
If you had an endpoint on your server that returned a new access token, you could do something like this:
setInterval(function() {
makeRequestToGetNewAccessToken().then(function(access_token) {
gapi.auth.setToken({
access_token: access_token
});
});
}, 1000 * 60 * 50);
Note, the key above is calling setToken with the new access token. That will allow the Embed API to continue to work as normal.