Embed wordpress registration into homepage - ajax

I am trying to embed the wordpress registration into the homepage. I already created a custom register page, the problem is that it is calling to the header information and I get this error, when I include it with php include.
Warning: Cannot modify header information - headers already sent
Is there a way I can use my code but alter it somehow/work with it somehow, so that the registration form is fully embedded/works in the page using ajax, but that it works. I am not brilliant with Php so please excuse if this is a silly question:
Current register code(works in its own page but not when included in the homepage template)
<?php
require_once(ABSPATH . WPINC . '/registration.php');
global $wpdb, $user_ID;
//Check whether the user is already logged in
if (!$user_ID) {
if($_POST){
//We shall SQL escape all inputs
$username = $wpdb->escape($_POST['username']);
if(empty($username)) {
echo "User name should not be empty.";
exit();
}
$email = $wpdb->escape($_POST['email']);
if(!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/", $email)) {
echo "Please enter a valid email.";
exit();
}
$random_password = wp_generate_password( 12, false );
$status = wp_create_user( $username, $random_password, $email );
if ( is_wp_error($status) )
echo "Username already exists. Please try another one.";
else {
$from = get_option('admin_email');
$headers = 'From: '.$from . "\r\n";
$subject = "Registration successful";
$msg = "Registration successful.\nYour login details\nUsername: $username\nPassword: $random_password";
wp_mail( $email, $subject, $msg, $headers );
echo "Please check your email for login details.";
}
exit();
} else {
echo "";
?>
<!-- <script src="http://code.jquery.com/jquery-1.4.4.js"></script> --> <!-- Remove the comments if you are not using jQuery already in your theme -->
<?php
if(get_option('users_can_register')) { //Check whether user registration is enabled by the administrator
?>
<h1><?php the_title(); ?></h1>
<br /><br />
<div id="result"></div> <!-- To hold validation results -->
<form id="wp_signup_form" action="" method="post">
<label><p>Username:</p></label>
<input type="text" name="username" class="text" value="" />
<br /><br />
<label><p>Email address:</p></label>
<input type="text" name="email" class="text" value="" /> <br />
<br />
<input type="submit" id="submitbtn" class="Buttons" name="submit" value="Register" />
<br />
<br />
</form>
<script type="text/javascript">
$("#submitbtn").click(function() {
$('#result').html('<img src="<?php bloginfo('template_url'); ?>/images/loader.gif" class="loader" />').fadeIn();
var input_data = $('#wp_signup_form').serialize();
$.ajax({
type: "POST",
url: "<?php echo "http://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; ?>",
data: input_data,
success: function(msg){
$('.loader').remove();
$('<div>').html(msg).appendTo('div#result').hide().fadeIn('slow');
}
});
return false;
});
</script>
<?php
}
else echo "Registration is currently disabled. Please try again later.";
?>
</div>
</div>
<?php
echo "";
} //end of if($_post)
}
else {
wp_redirect( home_url() ); exit;
}
?>

is not safe to use a custom method for registration and mailing.
so i suggest to look at this http://digwp.com/2010/12/login-register-password-code/
i hope that's what you want.
best regard.

As webfan suggests, it isn't a good idea to reproduce the registration functionality on the homepage. Much better would be to simply cut and paste the login form from the registration page and keep the form action pointed to the registration page:
<form method="post" action="<?php echo site_url('wp-login.php?action=register', 'login_post') ?>">
<!-- registration form HTML goes here -->
</form>

Related

cookies and session in login form

I need to create a login form with session and cookies . I tried a code in login as well as logout but the cookie is not working for me. I am a beginer kindly help and below is my code for login and log out. Thanx in advance
Login.php:
<?php
session_start();
$message="";
if(count($_POST)>0) {
$conn = mysqli_connect('localhost','root','Spiegel#123','sachin') or
die('Unable To connect');
$result = mysqli_query($conn,"SELECT * FROM login WHERE name='" .
$_POST["name"] . "' and password = '". $_POST["password"]."'");
$row = mysqli_fetch_array($result);
if(is_array($row)) {
$_SESSION["id"] = $row[id];
$_SESSION["name"] = $row[name];
} else {
$message = "Invalid Username or Password!";
}
}
if(isset($_SESSION["id"])) {
setcookie("name", $_SESSION["name"], time()+60*60*24*100, "/");
header("Location:one.php");
}
?>
<html>
<head>
<title>User Login</title>
</head>
<body>
<form name="frmUser" id="frmUser" method="post" action="" align="center">
<div class="message"><?php if($message!="") { echo $message; } ?></div>
<h3 align="center">Enter Login Details</h3>
Username:<br>
<input type="text" name="name">
<br>
Password:<br>
<input type="password" name="password">
<br><br>
<input type="submit" name="submit" value="Submit">
<input type="reset">
</form>
</body>
</html>
Logout.php:
<?php
session_start();
if(session_destroy()) // Destroying All Sessions
{
unset($_COOKIE['name']);
header("Location: login.php"); // Redirecting To Home Page
}
?>
you need to set cookie for time before now like below:
setcookie('name', null, -1, '/');

How to create an unsubscribe page in magento

I would like to create a direct unsubscribe page in magento, I found this instruction to follow but the steps 1 and 2 are not clear As I'm not a professional.
Can someone please help me clarify these two steps. Where to create the "unsubscribe.phtml" page? How to add the just created block in it?
Thank you in advance.
1. Create a phtml page say “unsubscribe.phtml” containing the code to create the unsubscribe form.
<?php $newsletterObj = new Mage_Newsletter_Block_Subscribe(); ?>
<div class="newsletter-unsubscribe">
<div class="newsletter-unsubscribe-title"><?php echo $this->__('Submit your email id to unsubscribe newsletter') ?></div>
<form action="<?php echo $newsletterObj->getUnsubscribeFormActionUrl() ?>” method="post" id="newsletter-validate-detail">
<div class="block-content">
<div class="input-box">
<input type="text" name="email" id="newsletter" title="<?php echo $this->__('Sign up for our newsletter') ?>” class="input-text required-entry validate-email” value="<?php echo $this->__('Enter Your Email Here') ?>” onfocus="if(this.value==’<?php echo $this->__('Enter Your Email Here') ?>’)this.value=’’;” onblur="if(this.value==’’)this.value=’<?php echo $this->__('Enter Your Email Here') ?>’;”
/>
</div>
<div class="actions">
<button type="submit" title="<?php echo $this->__('Submit') ?>” class="button"><span><span><?php echo $this->__('Submit') ?></span></span></button>
</div>
</div>
</form>
<script type="text/javascript\">
//<![CDATA[
var newsletterSubscriberFormDetail = new VarienForm(’newsletter-validate-detail’);
//]]>
</script>
</div>
2) Create a CMS page. Add the just created block in it. So that your CMS page will contain that form.
3) Now in page \app\design\frontend\base\default\template\newsletter\subscribe.phtml add the code to add a link of the cms page.
<div class="unsubscribe">
<?php echo $this->__('Unsubscribe') ?>
</div>
4) In page \app\code\core\Mage\Newsletter\Block\Subscribe.php add a function to create the form action url which is called in the “unsubscribe.phtml”.
public function getUnsubscribeFormActionUrl()
{
return $this->getUrl(’newsletter/subscriber/unsubscribecus’, array(’_secure’ => true));
}
5) Now in \app\code\core\Mage\Newsletter\controllers\SubscriberController.php page add new action for unsubscribe process.
/**
* Unsubscribe newsletter from frontend
*/
public function unsubscribecusAction()
{
$email = $this->getRequest()->getParam(’email’);
$subsModel = Mage::getModel(’newsletter/subscriber’);
$subscriber = $subsModel->loadByEmail($email);
$id = (int) $subsModel->getId();
$code = (string) $subsModel->getCode();
if ($id && $code) {
$session = Mage::getSingleton(’core/session’);
try {
Mage::getModel(’newsletter/subscriber’)->load($id)
->setCheckCode($code)
->unsubscribe();
$session->addSuccess($this->__(’You have been unsubscribed.’));
}
catch (Mage_Core_Exception $e) {
$session->addException($e, $e->getMessage());
}
catch (Exception $e) {
$session->addException($e, $this->__(’There was a problem with the un-subscription.’));
}
}
$this->_redirectReferer();
}
Since a can't leave a comment and this question isn't marked as solved yet, i'll assume you still need an answer.
I would suggest placing the unsubscribe.phtml file in /template/newsletter/
For step 2 you can use this code
{{block type="core/template" template="newsletter/unsubscribe.phtml"}}
so the page will contain your form.
If you already figured out how to do this, please post an answer to your own question further on.
Would it be an idea to add an unsubscribe button next to the subscribe button (or allow for a variable in the block call that sets it to yes/no display) - this way you capture both

(Codeigniter) Ion Auth CSRF Error:This form post did not pass our security checks (when loading views)

I'm using Ion Auth authentication library in Codeigniter. When I load my footer view, I get an CSRF Error(This form post did not pass our security checks). When I remove the footer view, it works fine though! Is there anything I'm doing wrong here? Thanks!
function edit_user($id) {
//I'm only posting the last part of the code of edit_user function in the auth controller
$this->load->view('layout/header');
$this->_render_page('auth/edit_user', $this->data);
$this->load->view('layout/footer'); // I'm getting an error when I load this footer view.
}
This is the code in my views.
<h1><?php echo lang('edit_user_heading');?></h1>
<p><?php echo lang('edit_user_subheading');?></p>
<div id="infoMessage"><?php echo $message;?></div>
<?php echo form_open(uri_string());?>
<p>
<?php echo lang('edit_user_fname_label', 'first_name');?> <br />
<?php echo form_input($first_name);?>
</p>
<p>
<?php echo lang('edit_user_lname_label', 'last_name');?> <br />
<?php echo form_input($last_name);?>
</p>
<p>
<?php echo lang('edit_user_company_label', 'company');?> <br />
<?php echo form_input($company);?>
</p>
<p>
<?php echo lang('edit_user_phone_label', 'phone');?> <br />
<?php echo form_input($phone);?>
</p>
<p>
<?php echo lang('edit_user_password_label', 'password');?> <br />
<?php echo form_input($password);?>
</p>
<p>
<?php echo lang('edit_user_password_confirm_label', 'password_confirm');?><br />
<?php echo form_input($password_confirm);?>
</p>
<h3><?php echo lang('edit_user_groups_heading');?></h3>
<?php foreach ($groups as $group):?>
<label class="checkbox">
<?php
$gID=$group['id'];
$checked = null;
$item = null;
foreach($currentGroups as $grp) {
if ($gID == $grp->id) {
$checked= ' checked="checked"';
break;
}
}
?>
<input type="checkbox" name="groups[]" value="<?php echo $group['id'];?>"<?php echo $checked;?>>
<?php echo $group['name'];?>
</label>
<?php endforeach?>
<?php echo form_hidden('id', $user->id);?>
<?php echo form_hidden($csrf); ?>
<p><?php echo form_submit('submit', lang('edit_user_submit_btn'));?></p>
<?php echo form_close();?>
Ion auth csrf protection is older. CI-2 already have
This is provide to security when posting form, ex: POST is from local or server?
ion auth controller file, you see like codes below:
// do we have a valid request?
if ($this->_valid_csrf_nonce() === FALSE)
{
show_error($this->lang->line('error_csrf'));
}
If you remove these validation, you will not get csrf error
You can enable security with CI core lib
http://ellislab.com/codeigniter/user-guide/libraries/security.html
$config['csrf_protection'] = TRUE;
You have to use form_open() tag to triggger csrf protection.
Same problem happened to me when i was trying to add common/header and common/footer to the auth/reset_password page.
Issue was that I was using relative paths for the JS included in the footer part. After a lot of experiment using the base_url() fixed the issue.
I have the sale pb but a replace flashdata by userdata, it's just a little less secure but it's a good solution.

PHP Session issues, perhaps lost data?

I'm having some issues using sessions on my test website (Running it on WAMP server locally, using PHP php5.3.13) I have checked my php.ini to make sure that sessions are actually being saved, which they are:
C:\wamp\tmp
Basically, when the user logs in it shows, Welcome back, .$username so when I log in with the user "John", it shows this accordingly. Now, when I leave the login page and go back to it this sessions is somehow being lost. (And yes, I am using session_start at the top of every page).
Here is my code;
index.php
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title>Codecall Tutorials - Secured Login with php5</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<?php include "header.php" ?>
<div id="wrapper">
<form method="post" action="">
<h2>Log In</h2>
<div id="underline"></div>
<ul>
<li>
<label for="usn">Username : </label>
<input type="text" maxlength="30" required autofocus name="username" />
</li>
<li>
<label for="passwd">Password : </label>
<input type="password" maxlength="30" required name="password" />
</li>
<li class="buttons">
<input type="submit" name="login" value="Log me in" class="xbutton" />
<input type="button" name="register" value="Forgot Password?" onclick="location.href='passrecover.php'" class="xbutton" />
</li>
</ul>
</form>
</div>
</body>
</html>
<?php include "login.php" ?>
And my login.php page:
<?php
if($_POST){
if(empty($_POST['username']) && empty($_POST['password'])) {
echo 'Please enter all fields';
}else {
$username = $_POST['username'];
$password = $_POST['password'];
if($password !== $password){
echo 'Your password is wrong';
}else {
$db_name =
$db_user =
$db_pass =
$conn = new PDO('mysql:host=localhost;dbname=XXXXX', 'XXXXX', 'XXXXX', // My bd details have been removed for this post, for security issues obviously
array( PDO::ATTR_PERSISTENT => true )
);
$stmt = $conn->prepare("SELECT username,password from members WHERE username = ? AND password = ?");
$stmt = $conn->prepare("SELECT username,password FROM users WHERE username = ? AND password = ?");
$stmt->execute(array($username, $password));
if($stmt->rowCount() === 1 )
{
$_SESSION['name']= $username;
echo 'Welcome back '. $_SESSION['name'];
//echo '<META HTTP-EQUIV="Refresh" Content="0; URL=usercp.php">';
}else {
echo 'Username or Password incorrect.';
}
}
}
}
?>
So, when I originally log in it shows the $_SESSION['name'];
just fine, but when I move page and go back to it, it no longer shows it. (My other pages also have session_start(); ) My original assumption was that my code was wrong, or that my php.ini file wasn't saving any data. What is going wrong here?
You need to add session_start() on your login.php too
The reason it no longer shows is because when you go to another page, you aren't processing that block of code anymore. Because $_POST is empty on a regular page load, so you aren't echoing anything out. Try adding, var_dump($_SESSION); at the top of your page and then load something.
Try this right after your session_start();,
if(!empty($_SESSION['name'])) {
echo "Hello {$_SESSION['name']}";
}
Perhaps you're destroying the session somewhere in the script.

Adding friendRequest in codeigniter

As i am sending friend request to other user which is in the user list i simply using this code for comparing login user and other non login user. but this code does not work.
<?php $userid=$this->session->userdata('userID'); ?>
<?php
if($this->session->userdata('userID')==$userid)
{
}
else
{
echo '<a href="<?php echo base_url();?>index.php/myinfocontroller/friendrequest" > <input type="submit" name="Friendbutton" value"Friendrequest" /> </a>';
}
?>
Your link is wrong in the else clause use this:
<?php echo '<input type="submit" name="Friendbutton" value"Friendrequest" />'; ?>
Now the link will work!

Resources