fixed some undefined indexes and other errors setting up Google

login-google.php

@@ -1,7 +1,15 @@
 <?php
 
 // start the user session for maintaining individual user states during the multi-stage authentication flow:
-session_start();
+if ( version_compare(phpversion(), '5.4.0', '>=') ) {
+ if (session_status() == PHP_SESSION_NONE) {
+ session_start();
+ }
+} else {
+ if(session_id() == '') {
+ session_start();
+ }
+}
 
 # DEFINE THE OAUTH PROVIDER AND SETTINGS TO USE #
 $_SESSION['WPOA']['PROVIDER'] = 'Google';
@@ -17,9 +25,9 @@
 # END OF DEFINE THE OAUTH PROVIDER AND SETTINGS TO USE #
 
 // remember the user's last url so we can redirect them back to there after the login ends:
-if (!$_SESSION['WPOA']['LAST_URL']) {
+if (empty($_SESSION['WPOA']['LAST_URL']) || !$_SESSION['WPOA']['LAST_URL']) {
  // try to obtain the redirect_url from the default login page:
- $redirect_url = esc_url($_GET['redirect_to']);
+ $redirect_url = empty($_GET['redirect_to']) ? '' : esc_url($_GET['redirect_to']);
  // if no redirect_url was found, set it to the user's last page:
  if (!$redirect_url) {
  $redirect_url = strtok($_SERVER['HTTP_REFERER'], "?");
@@ -180,6 +188,12 @@ function get_oauth_identity($wpoa) {
  $result_obj = json_decode($result, true);
  break;
  }
+
+ if( !empty( $result_obj['error'] ) ){
+ $error_msg = empty($result_obj['error']['errors'][0]['message']) ? "Sorry, we couldn't log you in." : $result_obj['error']['errors'][0]['message'];
+ $wpoa->wpoa_end_login( $error_msg );
+ }
+
  // parse and return the user's oauth identity:
  $oauth_identity = array();
  $oauth_identity['provider'] = $_SESSION['WPOA']['PROVIDER'];

wp-oauth.php

@@ -543,6 +543,9 @@ function wpoa_unlink_account() {
 
  // pushes login messages into the dom where they can be extracted by javascript:
  function wpoa_push_login_messages() {
+ if( empty( $_SESSION['WPOA']['RESULT'] ) ){
+ return;
+ }
  $result = $_SESSION['WPOA']['RESULT'];
  $_SESSION['WPOA']['RESULT'] = '';
  echo "<div id='wpoa-result'>" . $result . "</div>";
@@ -687,7 +690,7 @@ function wpoa_login_form_content($design = '', $icon_set = 'icon_set', $layout =
  function wpoa_login_buttons($icon_set, $button_prefix) {
  // generate the atts once (cache them), so we can use it for all buttons without computing them each time:
  $site_url = get_bloginfo('url');
- $redirect_to = urlencode($_GET['redirect_to']);
+ $redirect_to = empty($_GET['redirect_to']) ? '' : urlencode($_GET['redirect_to']);
  if ($redirect_to) {$redirect_to = "&redirect_to=" . $redirect_to;}
  // get shortcode atts that determine how we should build these buttons:
  $icon_set_path = plugins_url('icons/' . $icon_set . '/', __FILE__);
@@ -711,7 +714,7 @@ function wpoa_login_buttons($icon_set, $button_prefix) {
  $html .= $this->wpoa_login_button("instagram", "Instagram", $atts);
  $html .= $this->wpoa_login_button("battlenet", "Battlenet", $atts);
  if ($html == '') {
- $html .= 'Sorry, no login providers have been enabled.';
+ $html .= apply_filters('wpoa_login_no_providers','Sorry, no login providers have been enabled.');
  }
  return $html;
  }