File: /var/www/dinamo-shop/wp-content/plugins/dinamo-plugin/ajax/account.php
<?php
add_action('wp_ajax_nopriv_ajaxlogin', 'ajaxlogin');
add_action('wp_ajax_ajaxlogin', 'ajaxlogin');
add_action('wp_ajax_ajax_lostpassword', 'ajax_lostpassword');
add_action('wp_ajax_nopriv_ajax_lostpassword', 'ajax_lostpassword');
function ajaxlogin(){
try {
if(!check_ajax_referer('ajax-login-nonce', 'security')){
echo json_encode(array(
'loggedin' => false,
'message' => __('Unijeli ste pogrešnu email adresu ili lozinku. Molimo pokušajte ponovo.', 'dinamo_shop_plugin')
));
die();
}
$info = array();
$info['user_login'] = $_POST['email'];
$info['user_password'] = $_POST['password'];
$info['remember'] = true;
$authenticate = wp_authenticate($info['user_login'], $info['user_password']);
if (is_wp_error($authenticate)) {
echo json_encode(array(
'loggedin' => false,
'message' => __('Unijeli ste pogrešnu email adresu ili lozinku. Molimo pokušajte ponovo.', 'dinamo_shop_plugin')
));
die();
}
$user_signon = wp_signon($info, is_ssl() ? true : false);
if (is_wp_error($user_signon)) {
echo json_encode(array(
'loggedin' => false,
'email_verified' => true,
'message' => __('Unijeli ste pogrešnu email adresu ili lozinku. Molimo pokušajte ponovo.' , 'dinamo_shop_plugin')
));
} else {
wp_set_current_user($user_signon->ID);
echo json_encode(array(
'redirect_url' => "",
'loggedin' => true,
'message' => __('Prijava uspješna, preusmjeravam...', 'dinamo_shop_plugin')
));
}
die();
}catch(Exception $e){
echo json_encode('Caught exception: ', $e->getMessage(), "\n");
die();
}
}
add_action('wp_ajax_ajaxregister', 'ajaxregister', 0);
add_action('wp_ajax_nopriv_ajaxregister', 'ajaxregister');
function ajaxregister() {
check_ajax_referer('ajax-register-nonce', 'security');
$user_name = stripcslashes($_POST['email']);
$user_email = stripcslashes($_POST['email']);
$user_email_check = stripcslashes($_POST['email_check']);
$user_password = stripcslashes($_POST['password']);
$user_password_check = stripcslashes($_POST['password_check']);
$user_nice_name = stripcslashes($_POST['email']);
$user_terms_agreed = stripcslashes($_POST['terms_agreed']);
$user_privacy_agreed = stripcslashes($_POST['privacy_agreed']);
if ( strcmp( $user_password, $user_password_check ) !== 0 ) {
echo json_encode(array(
'success' => false,
'message' => __('Unesene lozinke se ne podudaraju.', 'dinamo_shop_plugin')
));
die();
return;
}
if( strcmp( $user_email, $user_email_check ) !== 0 ){
echo json_encode(array(
'success' => false,
'message' => __('Unesene e-mail adrese se ne podudaraju.', 'dinamo_shop_plugin')
));
die();
return;
}
$user_id = wc_create_new_customer( sanitize_email( $user_email ), wc_clean( $user_email ), $user_password );
if (!is_wp_error($user_id) && is_numeric($user_id)) {
echo json_encode(array(
'success' => true,
));
die();
return;
} else {
if (is_wp_error($user_id) ) {
$error = array(
'error' => __("Wordpress insert error", 'dinamo_shop_plugin'),
'details' => $user_id->errors
);
if (isset($user_id->errors['empty_user_login'])) {
echo json_encode(array(
'success' => false,
'message' => __('Email adresa je obvezno polje. Molimo ispunite email adresu i pokušaj ponovo.', 'dinamo_shop_plugin'),
));
} elseif (isset($user_id->errors['existing_user_login']) || isset($user_id->errors['existing_user_email']) || isset($user_id->errors['registration-error-email-exists'])) {
echo json_encode(array(
'success' => false,
'message' => __('Korisnik s tom email adresom već postoji. Ako već imate korisnički račun,molimo vas da kliknete na prijavu u glavnom izborniku.', 'dinamo_shop_plugin'),
));
} else {
echo json_encode(array(
'success' => false,
'message' => __('Došlo je do nepoznate pogreške. Molimo pokušajte kasnije.', 'dinamo_shop_plugin'),
));
}
}else if (!is_numeric($user_id)){
$error = array(
'error' => "Wordpress insert error",
'details' => $user_id
);
echo json_encode(array(
'success' => false,
'message' => __('Došlo je do nepoznate pogreške. Molimo pokušajte kasnije.', 'dinamo_shop_plugin'),
));
}
die();
return;
}
}
function ajax_passwordreset_script(){
add_action( 'wp_enqueue_scripts', function(){
wp_enqueue_script( 'vendor' );
wp_enqueue_script( 'core' );
wp_localize_script( 'core', 'ajax_passwordreset_object', array(
'successmessage' => __( 'Lozinka je uspješno ažurirana. Preusmjeravam...' )
));
});
}
add_action('wp_ajax_ajax_new_password', 'ajax_new_password');
add_action('wp_ajax_nopriv_ajax_new_password', 'ajax_new_password');
function ajax_new_password(){
check_ajax_referer( 'ajax-lost-password-reset-nonce', 'security' );
$user_id = $_POST['user_id'];
$new_password = $_POST['new_pass'];
$new_password_check = $_POST['new_pass_check'];
if( strcmp( $new_password, $new_password_check ) !== 0 ){
$data = array(
'message' => __('Nove lozinke se ne podudaraju', 'dinamo_shop'),
'success' => false
);
} else {
wp_set_password( $new_password, $user_id );
delete_user_meta( $user_id, 'password_reset_hash' );
delete_user_meta( $user_id, 'password_reset_time' );
$data = array(
'message' => ("Lozinka uspješno promijenjena. Povratak na naslovnicu za:"),
'success' => true,
'id' => $user_id
);
}
echo wp_send_json($data);
die();
}
function ajax_lostpassword(){
check_ajax_referer( 'ajax-lost-password-nonce', 'security' );
$user_email = $_POST['email'];
$user = get_user_by( 'email', $user_email );
if( empty($user) ){
$data = array(
'message' => 'Korisnik s unesenom e-mail adresom ne postoji'
);
} else {
$hash = bin2hex(random_bytes(10));
$user_id = $user->data->ID;
$page_id = get_field( 'password_reset_page', 'option', false, false );
$page = get_post_field( 'post_name', $page_id );
$url_data = array(
'id' => $user_id,
'hash' => $hash,
);
$to = $user_email;
$subject = 'Dinamo Webshop - zaboravljena lozinka';
$sender = get_option( 'name' );
$message = '<h2> Dinamo Webshop zaboravljena lozinka </h2>
<p>
Poslao si zahtjev za novu lozinka na Dinamo Webshop stranici, molimo te da klikneš na poveznicu: ' . home_url() . '/' . $page . '/?' . http_build_query($url_data) .
' za postavljanje nove lozinke. </p>';
$headers[] = 'MIME-Version: 1.0' . "\r\n";
$headers[] = 'Content-type: text/html; charset=utf-8' . "\r\n";
$headers[] = "X-Mailer: PHP \r\n";
$headers[] = 'From: '. "Dinamo Webshop stranica" . '<' . "no-reply@borealis.biz" . '>' . "\r\n";
$mail = wp_mail( $to, $subject, $message, $headers );
if( $mail ){
$db_data = array(
'password_reset_hash' => $hash,
'password_reset_time' => current_time('mysql')
);
foreach( $db_data as $meta_key => $meta_value ){
update_user_meta( $user_id, $meta_key, $meta_value );
}
$data = array(
'message' => 'Provjeri svoju email adresu za daljnje upute oko toga kako povratiti izgubljenu lozinku.'
);
} else {
$data = array(
'message' => 'Došlo je do pogreške. Pokušajte ponovo.'
);
}
}
echo wp_send_json($data);
die();
}
add_action('wp_ajax_ajax_passwordreset', 'ajax_passwordreset', 0);
add_action('wp_ajax_nopriv_ajax_passwordreset', 'ajax_passwordreset');
function ajax_passwordreset(){
check_ajax_referer( 'ajax-password-reset-nonce', 'security' );
$old_password = stripcslashes($_POST['old_pass']);
$new_password = stripcslashes($_POST['new_pass']);
$new_password_check = stripcslashes($_POST['new_pass_check']);
$user_email = wp_get_current_user()->user_email;
$user = get_user_by( 'email', $user_email );
$pass_check = wp_check_password( $old_password, $user->data->user_pass, $user->ID );
if( $user && $pass_check ){
if( strcmp( $new_password, $new_password_check ) !== 0 ){
$data = array(
'message' => 'Nove lozinke se ne podudaraju',
'success' => false
);
} elseif( strcmp( $old_password, $new_password ) == 0 ){
$data = array(
'message' => 'Nova lozinka jednaka je staroj lozinki',
'success' => false
);
} else {
wp_set_password( $new_password, $user->ID );
$data = array(
'message' => "Lozinka uspješno promijenjena. Morate se ponovo prijaviti. Povratak na naslovnicu za:",
'success' => true
);
}
} else {
$data = array(
'message' => 'Stara lozinka je netočna',
'success' => false
);
}
echo wp_send_json($data);
die();
}
?>