Daltontastic · February 20, 2017 20:39
diff --git a/gistfile1.txt b/gistfile1.txt
 <?php
 require_once("wp-load.php");
 header("Content-type:application/json;charset=utf-8");
 $token  = $_POST["token"];
 $action = strtolower($_POST["action"]);
 if ($token === "SUPER_SECRET_TOKEN") {
    if ($action === "login") {
        $username = sanitize_user($_POST["username"]);
        $password = trim($_POST["password"]);
        if (empty($username)) {
            echo "empty username";
        } else if (empty($username)) {
            echo "empty username";
        } else {
            $error = wp_authenticate($username, $password);
            if (is_wp_error($error)) {
                echo "error";
            } else {
                echo "ok";
            }
        }
    } else if ($action === "register") {
        $username          = sanitize_user($_POST["username"]);
        $reservedUsernames = array(
            "administrator",
            "admin",
            "moderator",
            "mod",
            "epicmc",
            "dalton",
            "daltonedwards"
        );
        $password          = trim($_POST["password"]);
        $email             = sanitize_email($_POST["email"]);
        if (empty($username)) {
            echo "empty username";
        } else if (strlen($username) > 15) {
            echo "long username";
        } else if (in_array(strtolower($username), $reservedUsernames)) {
            echo "reserved username";
        } else if (username_exists($username)) {
            echo "username exists";
        } else if (empty($password)) {
            echo "empty password";
        } else if (empty($email)) {
            echo "empty email";
        } else if (!is_email($email)) {
            echo "invalid email";
        } else if (email_exists($email)) {
            echo "email exists";
        } else {
            $error = wp_create_user($username, $password, $email);
            if (is_wp_error($error)) {
                echo "error";
            } else {
                echo "ok";
            }
        }
    } else {
        echo "invalid action";
    }
 } else {
    echo "invalid token";
 }
 ?>
	<?php
	require_once("wp-load.php");
	header("Content-type:application/json;charset=utf-8");
	$token = $_POST["token"];
	$action = strtolower($_POST["action"]);
	if ($token === "SUPER_SECRET_TOKEN") {
	if ($action === "login") {
	$username = sanitize_user($_POST["username"]);
	$password = trim($_POST["password"]);
	if (empty($username)) {
	echo "empty username";
	} else if (empty($username)) {
	echo "empty username";
	} else {
	$error = wp_authenticate($username, $password);
	if (is_wp_error($error)) {
	echo "error";
	} else {
	echo "ok";
	}
	}
	} else if ($action === "register") {
	$username = sanitize_user($_POST["username"]);
	$reservedUsernames = array(
	"administrator",
	"admin",
	"moderator",
	"mod",
	"epicmc",
	"dalton",
	"daltonedwards"
	);
	$password = trim($_POST["password"]);
	$email = sanitize_email($_POST["email"]);
	if (empty($username)) {
	echo "empty username";
	} else if (strlen($username) > 15) {
	echo "long username";
	} else if (in_array(strtolower($username), $reservedUsernames)) {
	echo "reserved username";
	} else if (username_exists($username)) {
	echo "username exists";
	} else if (empty($password)) {
	echo "empty password";
	} else if (empty($email)) {
	echo "empty email";
	} else if (!is_email($email)) {
	echo "invalid email";
	} else if (email_exists($email)) {
	echo "email exists";
	} else {
	$error = wp_create_user($username, $password, $email);
	if (is_wp_error($error)) {
	echo "error";
	} else {
	echo "ok";
	}
	}
	} else {
	echo "invalid action";
	}
	} else {
	echo "invalid token";
	}
	?>