Error: You do not meet minimum requirements to login.')); } // let's check wp db for user $user = get_userdatabylogin($username); // user not found, let's create db entry for it if ( !$user || ($user->user_login != $username) ) { $user_id = create_wp_user($username); if (!$user_id) { return new WP_Error('fasauth_create_wp_user', __('Error: Unable to create account. Please contact the webmaster.')); } error_log("FAS auth succeeded for $username", 0); return new WP_User($user_id); } // all good, let go on error_log("FAS auth succeeded for $username", 0); return new WP_User($user->ID); } else { if ($_POST == null) { //Just visited the page, this stops the weird login thing. Not the best way around it, would be nice to find out why it is doing it, but this works. return new WP_Error(); //wp_authenticate must return WP_User or WP_Error, so WP_Error is our option, with no values returns nothing. } elseif ($username == null || $password == null) { //they forgot about, you know, the forms, and stuff. return new WP_Error('fasauth_wrong_credentials', __('Error: Did you fill out the form?')); } else { error_log("FAS auth failed for $username: incorrect username or password", 0); return new WP_Error('fasauth_wrong_credentials', __('Error: FAS login unsuccessful.')); } } } /* * Creates user in wp db */ function create_wp_user($username) { $config = fasauth_config(); $password = ''; require_once(WPINC . DIRECTORY_SEPARATOR . 'registration.php'); return wp_create_user($username, $password, $username.'@'.$config['fas_email_domain']); } /* * Used to disable certain login functions, e.g. retrieving a * user's password. */ function disable_function() { die('Feature disabled.'); } /* * Used to redirect all lost password request to FAS. */ function fas_password_redirect() { $config = fasauth_config(); wp_redirect($config['fas_pass_reset_url'], 302); } /* * checks minimum login requirements */ function check_login_requirement($user) { $groups = $user["person"]["approved_memberships"]; //echo "Group: ". print_r($groups); // checking other group memberships $match = 0; $in_cla_done = false; for ($i = 0, $cnt = count($groups); $i < $cnt; $i++) { // user must be in cla if ($groups[$i]["name"] == "cla_done") { $in_cla_done = true; } // keep count of anything non-cla if (!preg_match('/^cla_/', $groups[$i]["name"])) { $match++; } } // yay! more than in 1 non-cla group if ($match > 0 && $in_cla_done) { return true; } // requirements not met return false; } } ?>