diff --git a/login-google.php b/login-google.php index d4bb82f..c535f24 100644 --- a/login-google.php +++ b/login-google.php @@ -1,7 +1,15 @@ =') ) { + if (session_status() == PHP_SESSION_NONE) { + session_start(); + } +} else { + if(session_id() == '') { + session_start(); + } +} # DEFINE THE OAUTH PROVIDER AND SETTINGS TO USE # $_SESSION['WPOA']['PROVIDER'] = 'Google'; @@ -17,9 +25,9 @@ # END OF DEFINE THE OAUTH PROVIDER AND SETTINGS TO USE # // remember the user's last url so we can redirect them back to there after the login ends: -if (!$_SESSION['WPOA']['LAST_URL']) { +if (empty($_SESSION['WPOA']['LAST_URL']) || !$_SESSION['WPOA']['LAST_URL']) { // try to obtain the redirect_url from the default login page: - $redirect_url = esc_url($_GET['redirect_to']); + $redirect_url = empty($_GET['redirect_to']) ? '' : esc_url($_GET['redirect_to']); // if no redirect_url was found, set it to the user's last page: if (!$redirect_url) { $redirect_url = strtok($_SERVER['HTTP_REFERER'], "?"); @@ -180,6 +188,12 @@ function get_oauth_identity($wpoa) { $result_obj = json_decode($result, true); break; } + + if( !empty( $result_obj['error'] ) ){ + $error_msg = empty($result_obj['error']['errors'][0]['message']) ? "Sorry, we couldn't log you in." : $result_obj['error']['errors'][0]['message']; + $wpoa->wpoa_end_login( $error_msg ); + } + // parse and return the user's oauth identity: $oauth_identity = array(); $oauth_identity['provider'] = $_SESSION['WPOA']['PROVIDER']; diff --git a/wp-oauth.php b/wp-oauth.php index 6f22ee4..8fd5836 100644 --- a/wp-oauth.php +++ b/wp-oauth.php @@ -543,6 +543,9 @@ function wpoa_unlink_account() { // pushes login messages into the dom where they can be extracted by javascript: function wpoa_push_login_messages() { + if( empty( $_SESSION['WPOA']['RESULT'] ) ){ + return; + } $result = $_SESSION['WPOA']['RESULT']; $_SESSION['WPOA']['RESULT'] = ''; echo "
" . $result . "
"; @@ -687,7 +690,7 @@ function wpoa_login_form_content($design = '', $icon_set = 'icon_set', $layout = function wpoa_login_buttons($icon_set, $button_prefix) { // generate the atts once (cache them), so we can use it for all buttons without computing them each time: $site_url = get_bloginfo('url'); - $redirect_to = urlencode($_GET['redirect_to']); + $redirect_to = empty($_GET['redirect_to']) ? '' : urlencode($_GET['redirect_to']); if ($redirect_to) {$redirect_to = "&redirect_to=" . $redirect_to;} // get shortcode atts that determine how we should build these buttons: $icon_set_path = plugins_url('icons/' . $icon_set . '/', __FILE__); @@ -711,7 +714,7 @@ function wpoa_login_buttons($icon_set, $button_prefix) { $html .= $this->wpoa_login_button("instagram", "Instagram", $atts); $html .= $this->wpoa_login_button("battlenet", "Battlenet", $atts); if ($html == '') { - $html .= 'Sorry, no login providers have been enabled.'; + $html .= apply_filters('wpoa_login_no_providers','Sorry, no login providers have been enabled.'); } return $html; }