Limit Login Attempts Reloaded - Version 2.15.1

Version Description

  • Refactoring.
Download this release

Release Info

Developer wpchefgadget
Plugin Icon 128x128 Limit Login Attempts Reloaded
Version 2.15.1
Comparing to
See all releases

Code changes from version 2.15.0 to 2.15.1

Files changed (4) hide show
  1. core/LimitLoginAttempts.php +51 -39
  2. limit-login-attempts-reloaded.php +1 -1
  3. readme.txt +4 -1
  4. views/tab-debug.php +5 -1
core/LimitLoginAttempts.php CHANGED
@@ -401,7 +401,8 @@ class Limit_Login_Attempts
401
  $uri = menu_page_url( $this->_options_page_slug, false );
402
 
403
  if(!empty($_GET['tab'])) {
404
- $uri .= '&tab='.$_GET['tab'];
 
405
  }
406
 
407
  return $uri;
@@ -614,10 +615,11 @@ class Limit_Login_Attempts
614
  }
615
 
616
  /**
617
- * Handle notification in event of lockout
618
- *
619
- * @param $user
620
- */
 
621
  public function notify( $user ) {
622
  $args = explode( ',', $this->get_option( 'lockout_notify' ) );
623
 
@@ -635,14 +637,16 @@ class Limit_Login_Attempts
635
  }
636
 
637
  foreach ( $args as $mode ) {
638
- switch ( trim( $mode ) ) {
639
- case 'email':
640
- $this->notify_email( $user );
641
- break;
642
- case 'log':
643
- $this->notify_log( $user );
644
- break;
645
  }
 
 
 
 
646
  }
647
  }
648
 
@@ -1143,8 +1147,29 @@ class Limit_Login_Attempts
1143
 
1144
  if( isset( $_SERVER[$origin] ) && !empty( $_SERVER[$origin] ) ) {
1145
 
1146
- $ip = $_SERVER[$origin];
1147
- break;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1148
  }
1149
  }
1150
 
@@ -1153,6 +1178,17 @@ class Limit_Login_Attempts
1153
  return $ip;
1154
  }
1155
 
 
 
 
 
 
 
 
 
 
 
 
1156
  /**
1157
  * Clean up old lockouts and retries, and save supplied arrays
1158
  *
@@ -1416,12 +1452,6 @@ class Limit_Login_Attempts
1416
 
1417
  $screen = get_current_screen();
1418
 
1419
- if(isset($_COOKIE['llar_review_notice_shown'])) {
1420
-
1421
- $this->update_option('review_notice_shown', true);
1422
- @setcookie('llar_review_notice_shown', '', time() - 3600, '/');
1423
- }
1424
-
1425
  if ( !current_user_can('manage_options') || $this->get_option('review_notice_shown') || $screen->parent_base === 'edit' ) return;
1426
 
1427
  $activation_timestamp = $this->get_option('activation_timestamp');
@@ -1458,7 +1488,7 @@ class Limit_Login_Attempts
1458
 
1459
  if ( $activation_timestamp && $activation_timestamp < strtotime("-1 month") ) { ?>
1460
 
1461
- <div id="message" class="updated fade notice is-dismissible llar-notice-review">
1462
  <div class="llar-review-image">
1463
  <img width="80px" src="<?php echo LLA_PLUGIN_URL?>assets/img/icon-256x256.png" alt="review-logo">
1464
  </div>
@@ -1491,24 +1521,6 @@ class Limit_Login_Attempts
1491
 
1492
  $(this).closest('.llar-notice-review').remove();
1493
  });
1494
-
1495
- $(".llar-notice-review").on("click", ".notice-dismiss", function (event) {
1496
- createCookie('llar_review_notice_shown', '1', 30);
1497
- });
1498
-
1499
- function createCookie(name, value, days) {
1500
- var expires;
1501
-
1502
- if (days) {
1503
- var date = new Date();
1504
- date.setTime(date.getTime() + (days * 24 * 60 * 60 * 1000));
1505
- expires = "; expires=" + date.toGMTString();
1506
- } else {
1507
- expires = "";
1508
- }
1509
- document.cookie = encodeURIComponent(name) + "=" + encodeURIComponent(value) + expires + "; path=/";
1510
- }
1511
-
1512
  });
1513
 
1514
  })(jQuery);
401
  $uri = menu_page_url( $this->_options_page_slug, false );
402
 
403
  if(!empty($_GET['tab'])) {
404
+
405
+ $uri .= '&tab=' . sanitize_text_field( $_GET['tab'] );
406
  }
407
 
408
  return $uri;
615
  }
616
 
617
  /**
618
+ * Handle notification in event of lockout
619
+ *
620
+ * @param $user
621
+ * @return bool|void
622
+ */
623
  public function notify( $user ) {
624
  $args = explode( ',', $this->get_option( 'lockout_notify' ) );
625
 
637
  }
638
 
639
  foreach ( $args as $mode ) {
640
+
641
+ $mode = trim( $mode );
642
+
643
+ if( $mode === 'log' ) {
644
+ $this->notify_log( $user );
 
 
645
  }
646
+
647
+ if( $mode === 'email' ) {
648
+ $this->notify_email( $user );
649
+ }
650
  }
651
  }
652
 
1147
 
1148
  if( isset( $_SERVER[$origin] ) && !empty( $_SERVER[$origin] ) ) {
1149
 
1150
+ if( strpos( $_SERVER[$origin], ',' ) !== false ) {
1151
+
1152
+ $origin_ips = explode( ',', $_SERVER[$origin] );
1153
+ $origin_ips = array_map( 'trim', $origin_ips );
1154
+
1155
+ if( $origin_ips ) {
1156
+
1157
+ foreach ($origin_ips as $check_ip) {
1158
+
1159
+ if( $this->is_ip_valid( $check_ip ) ) {
1160
+
1161
+ $ip = $check_ip;
1162
+ break 2;
1163
+ }
1164
+ }
1165
+ }
1166
+ }
1167
+
1168
+ if( $this->is_ip_valid( $_SERVER[$origin] ) ) {
1169
+
1170
+ $ip = $_SERVER[$origin];
1171
+ break;
1172
+ }
1173
  }
1174
  }
1175
 
1178
  return $ip;
1179
  }
1180
 
1181
+ /**
1182
+ * @param $ip
1183
+ * @return bool|mixed
1184
+ */
1185
+ public function is_ip_valid( $ip ) {
1186
+
1187
+ if( empty( $ip ) ) return false;
1188
+
1189
+ return filter_var($ip, FILTER_VALIDATE_IP);
1190
+ }
1191
+
1192
  /**
1193
  * Clean up old lockouts and retries, and save supplied arrays
1194
  *
1452
 
1453
  $screen = get_current_screen();
1454
 
 
 
 
 
 
 
1455
  if ( !current_user_can('manage_options') || $this->get_option('review_notice_shown') || $screen->parent_base === 'edit' ) return;
1456
 
1457
  $activation_timestamp = $this->get_option('activation_timestamp');
1488
 
1489
  if ( $activation_timestamp && $activation_timestamp < strtotime("-1 month") ) { ?>
1490
 
1491
+ <div id="message" class="updated fade notice llar-notice-review">
1492
  <div class="llar-review-image">
1493
  <img width="80px" src="<?php echo LLA_PLUGIN_URL?>assets/img/icon-256x256.png" alt="review-logo">
1494
  </div>
1521
 
1522
  $(this).closest('.llar-notice-review').remove();
1523
  });
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1524
  });
1525
 
1526
  })(jQuery);
limit-login-attempts-reloaded.php CHANGED
@@ -5,7 +5,7 @@ Description: Limit the rate of login attempts for each IP address.
5
  Author: WPChef
6
  Author URI: https://wpchef.org
7
  Text Domain: limit-login-attempts-reloaded
8
- Version: 2.15.0
9
 
10
  Copyright 2008 - 2012 Johan Eenfeldt, 2016 - 2020 WPChef
11
  */
5
  Author: WPChef
6
  Author URI: https://wpchef.org
7
  Text Domain: limit-login-attempts-reloaded
8
+ Version: 2.15.1
9
 
10
  Copyright 2008 - 2012 Johan Eenfeldt, 2016 - 2020 WPChef
11
  */
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: wpchefgadget
3
  Tags: brute force, login, security, GDPR, protection
4
  Requires at least: 3.0
5
  Tested up to: 5.4
6
- Stable tag: 2.15.0
7
 
8
  Reloaded version of the original Limit Login Attempts plugin for Login Protection by a team of WordPress developers. GDPR compliant.
9
 
@@ -51,6 +51,9 @@ Based on the original code from Limit Login Attemps plugin by Johan Eenfeldt.
51
 
52
  == Changelog ==
53
 
 
 
 
54
  = 2.15.0 =
55
  * Reset password feature has been removed as unwanted.
56
  * Small refactoring.
3
  Tags: brute force, login, security, GDPR, protection
4
  Requires at least: 3.0
5
  Tested up to: 5.4
6
+ Stable tag: 2.15.1
7
 
8
  Reloaded version of the original Limit Login Attempts plugin for Login Protection by a team of WordPress developers. GDPR compliant.
9
 
51
 
52
  == Changelog ==
53
 
54
+ = 2.15.1 =
55
+ * Refactoring.
56
+
57
  = 2.15.0 =
58
  * Reset password feature has been removed as unwanted.
59
  * Small refactoring.
views/tab-debug.php CHANGED
@@ -2,6 +2,10 @@
2
 
3
  if( !defined( 'ABSPATH' ) ) exit();
4
 
 
 
 
 
5
  $debug_info = '';
6
 
7
  $ips = $server = array();
@@ -9,7 +13,7 @@ foreach ($_SERVER as $key => $value) {
9
 
10
  if(in_array($key, ['SERVER_ADDR'])) continue;
11
 
12
- if(filter_var($value, FILTER_VALIDATE_IP)) {
13
 
14
  if(!in_array($value, $ips)) {
15
 
2
 
3
  if( !defined( 'ABSPATH' ) ) exit();
4
 
5
+ /**
6
+ * @var $this Limit_Login_Attempts
7
+ */
8
+
9
  $debug_info = '';
10
 
11
  $ips = $server = array();
13
 
14
  if(in_array($key, ['SERVER_ADDR'])) continue;
15
 
16
+ if( $this->is_ip_valid( $value ) ) {
17
 
18
  if(!in_array($value, $ips)) {
19