configs->get_value('aiowps_unlock_request_secret_key');
$submitted_encoded_string = base64_encode($_POST['aiowps-unlock-temp-string'].$unlock_secret_string);
if($submitted_encoded_string !== $unlock_encoded_info)
{
//Someone somehow landed on this page directly without clicking the unlock button on login form
echo '
ERROR: Unable to process your request because you tried to access this page directly.
';
}
else if($display_form)
{
echo display_unlock_form();
}
} //End if block
if (isset($_POST['aiowps_wp_submit_unlock_request']))
{
//This catches the $_POST when someone submits the form from our special unlock request page where visitor enters username and email address
$errors = '';
$username = trim($_POST['aiowps_unlock_request_username']);
if (empty($username))
{
$errors .= '
'.__('Please enter your username','aiowpsecurity').'
';
}
$email = trim($_POST['aiowps_unlock_request_email']);
if (empty($email) || !is_email($email))
{
$errors .= '
'.__('Please enter a valid email address','aiowpsecurity').'
';
}
if($errors){
$display_form = true;
echo '
'.$errors.'
';
echo display_unlock_form($username, $email);
}else{
$locked_user = get_user_by('email', $email);
if(!$locked_user){
//user with this email does not exist in the system
$errors .= '
'.__('User account not found!','aiowpsecurity').'
';
echo '
'.$errors.'
';
}else{
//Check that the user name and email address are a legitimate match
if($locked_user->data->user_login != $username){
//user with this email/login name combination does not exist in the system
$errors .= '
'.__('User account not found!','aiowpsecurity').'
';
echo '
'.$errors.'
';
}else{
//Process unlock request
//Generate a special code and unlock url
$unlock_url = AIOWPSecurity_User_Login::generate_unlock_request_link($username);
//Send an email to the user
AIOWPSecurity_User_Login::send_unlock_request_email($username, $email, $unlock_url);
echo '
An email has been sent to you with the unlock instructions.
';
}
}
$display_form = false;
}
}
?>