Merged with WordPress 2.5, unstable, only for testing

git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@1218 7be80a69-a1ef-0310-a953-fb0f7c49ff36

1 files changed, 99 insertions, 16 deletions

diff --git a/wp-includes/user.php b/wp-includes/user.php
index 7d5ff6e..a8de4f8 100644
--- a/wp-includes/user.php
+++ b/wp-includes/user.php
@@ -1,5 +1,58 @@
 <?php
 
+function wp_signon( $credentials = '' ) {
+	if ( empty($credentials) ) {
+		if ( ! empty($_POST['log']) )
+			$credentials['user_login'] = $_POST['log'];
+		if ( ! empty($_POST['pwd']) )
+			$credentials['user_password'] = $_POST['pwd'];
+		if ( ! empty($_POST['rememberme']) )
+			$credentials['remember'] = $_POST['rememberme'];
+	}
+
+	if ( !empty($credentials['user_login']) )
+		$credentials['user_login'] = sanitize_user($credentials['user_login']);
+	if ( !empty($credentials['user_password']) )
+		$credentials['user_password'] = trim($credentials['user_password']);
+	if ( !empty($credentials['remember']) )
+		$credentials['remember'] = true;
+	else
+		$credentials['remember'] = false;
+
+	// If no credential info provided, check cookie.
+	if ( empty($credentials['user_login']) && empty($credentials['user_password']) ) {
+			$user = wp_validate_auth_cookie();
+			if ( $user )
+				return new WP_User($user);
+
+			if ( !empty($_COOKIE[AUTH_COOKIE]) )
+				return new WP_Error('expired_session', __('Please log in again.'));
+
+			// If the cookie is not set, be silent.
+			return new WP_Error();
+	}
+
+	if ( empty($credentials['user_login']) || empty($credentials['user_password']) ) {
+		$error = new WP_Error();
+
+		if ( empty($credentials['user_login']) )
+			$error->add('empty_username', __('<strong>ERROR</strong>: The username field is empty.'));
+		if ( empty($credentials['user_password']) )
+			$error->add('empty_password', __('<strong>ERROR</strong>: The password field is empty.'));
+		return $error;
+	}
+
+	do_action_ref_array('wp_authenticate', array(&$credentials['user_login'], &$credentials['user_password']));
+
+	$user = wp_authenticate($credentials['user_login'], $credentials['user_password']);
+	if ( is_wp_error($user) )
+		return $user;
+
+	wp_set_auth_cookie($user->ID, $credentials['remember']);
+	do_action('wp_login', $credentials['user_login']);
+	return $user;
+}
+
 function get_profile($field, $user = false) {
 	global $wpdb;
 	if ( !$user )
@@ -15,13 +68,11 @@ function get_usernumposts($userid) {
 
 // TODO: xmlrpc only.  Maybe move to xmlrpc.php.
 function user_pass_ok($user_login,$user_pass) {
-	global $cache_userdata;
-	if ( empty($cache_userdata[$user_login]) ) {
-		$userdata = get_userdatabylogin($user_login);
-	} else {
-		$userdata = $cache_userdata[$user_login];
-	}
-	return (md5($user_pass) == $userdata->user_pass);
+	$user = wp_authenticate($user_login, $user_pass);
+	if ( is_wp_error($user) )
+		return false;
+
+	return true;
 }
 
 //
@@ -31,17 +82,20 @@ function user_pass_ok($user_login,$user_pass) {
 function get_user_option( $option, $user = 0 ) {
 	global $wpdb;
 
+	$option = preg_replace('|[^a-z0-9_]|i', '', $option);
 	if ( empty($user) )
 		$user = wp_get_current_user();
 	else
 		$user = get_userdata($user);
 
 	if ( isset( $user->{$wpdb->prefix . $option} ) ) // Blog specific
-		return $user->{$wpdb->prefix . $option};
+		$result = $user->{$wpdb->prefix . $option};
 	elseif ( isset( $user->{$option} ) ) // User specific and cross-blog
-		return $user->{$option};
+		$result = $user->{$option};
 	else // Blog global
-		return get_option( $option );
+		$result = get_option( $option );
+	
+	return apply_filters("get_user_option_{$option}", $result, $option, $user);
 }
 
 function update_user_option( $user_id, $option_name, $newvalue, $global = false ) {
@@ -80,9 +134,7 @@ function delete_usermeta( $user_id, $meta_key, $meta_value = '' ) {
 	else
 		$wpdb->query("DELETE FROM $wpdb->usermeta WHERE user_id = '$user_id' AND meta_key = '$meta_key'");
 
-	$user = get_userdata($user_id);
 	wp_cache_delete($user_id, 'users');
-	wp_cache_delete($user->user_login, 'userlogins');
 
 	return true;
 }
@@ -108,7 +160,7 @@ function get_usermeta( $user_id, $meta_key = '') {
 			return '';
 	}
 
-	foreach ($metas as $meta) 
+	foreach ($metas as $meta)
 		$values[] = maybe_unserialize($meta->meta_value);
 
 	if ( count($values) == 1 )
@@ -144,9 +196,7 @@ function update_usermeta( $user_id, $meta_key, $meta_value ) {
 		return false;
 	}
 
-	$user = get_userdata($user_id);
 	wp_cache_delete($user_id, 'users');
-	wp_cache_delete($user->user_login, 'userlogins');
 
 	return true;
 }
@@ -169,7 +219,7 @@ function setup_userdata($user_id = '') {
 
 	$userdata = $user->data;
 	$user_login	= $user->user_login;
-	$user_level	= (int) $user->user_level;
+	$user_level	= (int) isset($user->user_level) ? $user->user_level : 0;
 	$user_ID	= (int) $user->ID;
 	$user_email	= $user->user_email;
 	$user_url	= $user->user_url;
@@ -242,4 +292,37 @@ function wp_dropdown_users( $args = '' ) {
 	return $output;
 }
 
+function _fill_user( &$user ) {
+	global $wpdb;
+
+	$show = $wpdb->hide_errors();
+	$metavalues = $wpdb->get_results($wpdb->prepare("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = %d", $user->ID));
+	$wpdb->show_errors($show);
+
+	if ( $metavalues ) {
+		foreach ( $metavalues as $meta ) {
+			$value = maybe_unserialize($meta->meta_value);
+			$user->{$meta->meta_key} = $value;
+		}
+	}
+
+	$level = $wpdb->prefix . 'user_level';
+	if ( isset( $user->{$level} ) )
+		$user->user_level = $user->{$level};
+
+	// For backwards compat.
+	if ( isset($user->first_name) )
+		$user->user_firstname = $user->first_name;
+	if ( isset($user->last_name) )
+		$user->user_lastname = $user->last_name;
+	if ( isset($user->description) )
+		$user->user_description = $user->description;
+
+	promote_if_site_admin($user);
+
+	wp_cache_add($user->ID, $user, 'users');
+	wp_cache_add($user->user_login, $user->ID, 'userlogins');
+	wp_cache_add($user->user_email, $user->ID, 'useremail');
+}
+
 ?>