Version Description
Download this release
Release Info
Developer | johanee |
Plugin | Limit Login Attempts |
Version | 1.4.1 |
Comparing to | |
See all releases |
Code changes from version 2.0beta3 to 1.4.1
- images/icon_bad.gif +0 -0
- limit-login-attempts-sv_SE.mo +0 -0
- limit-login-attempts-sv_SE.po +67 -224
- limit-login-attempts.php +184 -814
- limit-login-attempts.pot +65 -209
- readme.txt +5 -49
- screenshot-3.gif +0 -0
- screenshot-4.gif +0 -0
- screenshot-5.gif +0 -0
images/icon_bad.gif
DELETED
Binary file
|
limit-login-attempts-sv_SE.mo
CHANGED
Binary file
|
limit-login-attempts-sv_SE.po
CHANGED
@@ -5,403 +5,251 @@
|
|
5 |
#
|
6 |
msgid ""
|
7 |
msgstr ""
|
8 |
-
"Project-Id-Version: limit-login-attempts 2
|
9 |
"Report-Msgid-Bugs-To: http://wordpress.org/tag/limit-login-attempts\n"
|
10 |
-
"POT-Creation-Date: 2009-
|
11 |
-
"PO-Revision-Date: 2009-
|
12 |
"Last-Translator: Johan Eenfeldt <johan.eenfeldt@kostdoktorn.se>\n"
|
13 |
-
"Language-Team: Swedish
|
14 |
"MIME-Version: 1.0\n"
|
15 |
"Content-Type: text/plain; charset=UTF-8\n"
|
16 |
"Content-Transfer-Encoding: 8bit\n"
|
17 |
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
|
18 |
-
"X-Poedit-Language: Swedish\n"
|
19 |
-
"X-Poedit-Country: Sweden\n"
|
20 |
|
21 |
-
#: limit-login-attempts.php:
|
22 |
-
msgid "Subscriber"
|
23 |
-
msgstr "Prenumerant"
|
24 |
-
|
25 |
-
#: limit-login-attempts.php:115
|
26 |
-
msgid "Contributor"
|
27 |
-
msgstr "Medarbetare"
|
28 |
-
|
29 |
-
#: limit-login-attempts.php:116
|
30 |
-
msgid "Author"
|
31 |
-
msgstr "Författare"
|
32 |
-
|
33 |
-
#: limit-login-attempts.php:117
|
34 |
-
msgid "Editor"
|
35 |
-
msgstr "Redaktör"
|
36 |
-
|
37 |
-
#: limit-login-attempts.php:118
|
38 |
-
msgid "Administrator"
|
39 |
-
msgstr "Administratör"
|
40 |
-
|
41 |
-
#: limit-login-attempts.php:562
|
42 |
-
msgid "<strong>ERROR</strong>: Invalid username or e-mail."
|
43 |
-
msgstr "<strong>Fel</strong>: Felaktigt användarnamn eller lösenord."
|
44 |
-
|
45 |
-
#: limit-login-attempts.php:594
|
46 |
#, php-format
|
47 |
msgid "%d hour"
|
48 |
msgid_plural "%d hours"
|
49 |
msgstr[0] "%d timme"
|
50 |
msgstr[1] "%d timmar"
|
51 |
|
52 |
-
#: limit-login-attempts.php:
|
53 |
#, php-format
|
54 |
msgid "%d minute"
|
55 |
msgid_plural "%d minutes"
|
56 |
msgstr[0] "%d minut"
|
57 |
msgstr[1] "%d minuter"
|
58 |
|
59 |
-
#: limit-login-attempts.php:
|
60 |
#, php-format
|
61 |
msgid "[%s] Too many failed login attempts"
|
62 |
msgstr "[%s] För många misslyckade inloggningar"
|
63 |
|
64 |
-
#: limit-login-attempts.php:
|
65 |
#, php-format
|
66 |
msgid "%d failed login attempts (%d lockout(s)) from IP: %s"
|
67 |
msgstr "%d misslyckade inloggningar (blockad %d gång(er)) från IP: %s"
|
68 |
|
69 |
-
#: limit-login-attempts.php:
|
70 |
#, php-format
|
71 |
msgid "Last user attempted: %s"
|
72 |
msgstr "Misslyckades senast med användare : %s"
|
73 |
|
74 |
-
#: limit-login-attempts.php:
|
75 |
#, php-format
|
76 |
msgid "IP was blocked for %s"
|
77 |
msgstr "IP blockerades i %s"
|
78 |
|
79 |
-
#: limit-login-attempts.php:
|
80 |
-
msgid "<strong>ERROR</strong>: Too many new user registrations."
|
81 |
-
msgstr "<strong>Fel</strong>: För många nya användarregistreringar."
|
82 |
-
|
83 |
-
#: limit-login-attempts.php:685
|
84 |
msgid "<strong>ERROR</strong>: Too many failed login attempts."
|
85 |
msgstr "<strong>Fel</strong>: För många misslyckade försök."
|
86 |
|
87 |
-
#: limit-login-attempts.php:
|
88 |
msgid "Please try again later."
|
89 |
msgstr "Försök igen senare."
|
90 |
|
91 |
-
#: limit-login-attempts.php:
|
92 |
#, php-format
|
93 |
msgid "Please try again in %d hour."
|
94 |
msgid_plural "Please try again in %d hours."
|
95 |
msgstr[0] "Försök igen om %d timme."
|
96 |
msgstr[1] "Försök igen om %d timmar."
|
97 |
|
98 |
-
#: limit-login-attempts.php:
|
99 |
#, php-format
|
100 |
msgid "Please try again in %d minute."
|
101 |
msgid_plural "Please try again in %d minutes."
|
102 |
msgstr[0] "Försök igen om %d minut."
|
103 |
msgstr[1] "Försök igen om %d minuter."
|
104 |
|
105 |
-
#: limit-login-attempts.php:
|
106 |
#, php-format
|
107 |
msgid "<strong>%d</strong> attempt remaining."
|
108 |
msgid_plural "<strong>%d</strong> attempts remaining."
|
109 |
msgstr[0] "<strong>%d</strong> försök återstår."
|
110 |
msgstr[1] "<strong>%d</strong> försök återstår."
|
111 |
|
112 |
-
#: limit-login-attempts.php:
|
113 |
msgid "<strong>ERROR</strong>: Incorrect username or password."
|
114 |
msgstr "<strong>Fel</strong>: Felaktigt användarnamn eller lösenord."
|
115 |
|
116 |
-
#: limit-login-attempts.php:
|
117 |
msgid "IP|Internet address"
|
118 |
msgstr "IP"
|
119 |
|
120 |
-
#: limit-login-attempts.php:
|
121 |
msgid "Tried to log in as"
|
122 |
msgstr "Försökte logga in som"
|
123 |
|
124 |
-
#: limit-login-attempts.php:
|
125 |
#, php-format
|
126 |
msgid "%d lockout"
|
127 |
msgid_plural "%d lockouts"
|
128 |
msgstr[0] "%d blockering"
|
129 |
msgstr[1] "%d blockeringar"
|
130 |
|
131 |
-
#: limit-login-attempts.php:
|
132 |
-
msgid "Account named admin should not have privileges"
|
133 |
-
msgstr "Konto med användarnamn admin bör ej ha ökade rättigheter"
|
134 |
-
|
135 |
-
#: limit-login-attempts.php:1086
|
136 |
-
msgid "Make display name different from login name"
|
137 |
-
msgstr "Offentligt namn skall skilja sig från användarnamn"
|
138 |
-
|
139 |
-
#: limit-login-attempts.php:1088
|
140 |
-
msgid "Make url name different from login name"
|
141 |
-
msgstr "URL namn skall skilja sig från användarnamn"
|
142 |
-
|
143 |
-
#: limit-login-attempts.php:1090
|
144 |
-
msgid "Make nickname different from login name"
|
145 |
-
msgstr "Smeknamn skall skilja sig från användarnamn"
|
146 |
-
|
147 |
-
#: limit-login-attempts.php:1103
|
148 |
-
msgid "Privileged usernames, display names, url names and nicknames are ok"
|
149 |
-
msgstr "Priviligierade användares namn är bra"
|
150 |
-
|
151 |
-
#: limit-login-attempts.php:1108
|
152 |
-
msgid "User Login"
|
153 |
-
msgstr "Användarnamn"
|
154 |
-
|
155 |
-
#: limit-login-attempts.php:1110
|
156 |
-
msgid "Role"
|
157 |
-
msgstr "Roll"
|
158 |
-
|
159 |
-
#: limit-login-attempts.php:1112
|
160 |
-
msgid "Display Name"
|
161 |
-
msgstr "Offentligt namn"
|
162 |
-
|
163 |
-
#: limit-login-attempts.php:1114
|
164 |
-
msgid "URL Name <small>(\"nicename\")</small>"
|
165 |
-
msgstr "URL Namn <small>(\"nicename\")</small>"
|
166 |
-
|
167 |
-
#: limit-login-attempts.php:1116
|
168 |
-
msgid "What is this?"
|
169 |
-
msgstr "Vad är detta?"
|
170 |
-
|
171 |
-
#: limit-login-attempts.php:1118
|
172 |
-
msgid "Nickname"
|
173 |
-
msgstr "Smeknamn"
|
174 |
-
|
175 |
-
#: limit-login-attempts.php:1170
|
176 |
-
msgid "URL names changed"
|
177 |
-
msgstr "URL namn ändrade"
|
178 |
-
|
179 |
-
#: limit-login-attempts.php:1175
|
180 |
-
msgid "No names changed"
|
181 |
-
msgstr "Inga namn ändrades"
|
182 |
-
|
183 |
-
#: limit-login-attempts.php:1189
|
184 |
-
msgid "bad name"
|
185 |
-
msgstr "dåligt namn"
|
186 |
-
|
187 |
-
#: limit-login-attempts.php:1299
|
188 |
msgid "Cleared IP log"
|
189 |
msgstr "Rensade IP loggen"
|
190 |
|
191 |
-
#: limit-login-attempts.php:
|
192 |
msgid "Reset lockout count"
|
193 |
msgstr "Nollställde räknaren för blockeringar"
|
194 |
|
195 |
-
#: limit-login-attempts.php:
|
196 |
msgid "Cleared current lockouts"
|
197 |
msgstr "Tog bort aktuella blockeringar"
|
198 |
|
199 |
-
#: limit-login-attempts.php:
|
200 |
-
msgid "Reset registration lockout count"
|
201 |
-
msgstr "Nollställde räknaren för blockeringar av användarregistreringar"
|
202 |
-
|
203 |
-
#: limit-login-attempts.php:1332
|
204 |
-
msgid "Cleared current registration lockouts"
|
205 |
-
msgstr "Tog bort aktuella blockeringar av användarregistreringar"
|
206 |
-
|
207 |
-
#: limit-login-attempts.php:1342
|
208 |
msgid "Options changed"
|
209 |
msgstr "Inställningar ändrade"
|
210 |
|
211 |
-
#: limit-login-attempts.php:
|
212 |
-
|
213 |
-
|
214 |
-
msgid "<strong>NOTE:</strong> Only works in Wordpress %s or later"
|
215 |
-
msgstr "<strong>OBS:</strong> Fungerar endast i WordPress %s eller senare"
|
216 |
|
217 |
-
#: limit-login-attempts.php:
|
218 |
#, php-format
|
219 |
msgid "It appears the site is reached directly (from your IP: %s)"
|
220 |
msgstr "Sajten tycks vara direktansluten (från din IP: %s)"
|
221 |
|
222 |
-
#: limit-login-attempts.php:
|
223 |
#, php-format
|
224 |
msgid "It appears the site is reached through a proxy server (proxy IP: %s, your IP: %s)"
|
225 |
msgstr "Sajten tycks ansluta genom en proxy server (proxy IP: %s, din IP: %s)"
|
226 |
|
227 |
-
#: limit-login-attempts.php:
|
228 |
#, php-format
|
229 |
msgid "<strong>Current setting appears to be invalid</strong>. Please make sure it is correct. Further information can be found <a href=\"%s\" title=\"FAQ\">here</a>"
|
230 |
msgstr "<strong>Nuvarande inställningar kan vara fel</strong>. Säkerställ att de är korrekta. Mer information kan hittas <a href=\"%s\" title=\"FAQ\">här</a>"
|
231 |
|
232 |
-
#: limit-login-attempts.php:
|
233 |
msgid "Limit Login Attempts Settings"
|
234 |
msgstr "Limit Login Attempts Inställningar"
|
235 |
|
236 |
-
#: limit-login-attempts.php:
|
237 |
msgid "Statistics"
|
238 |
msgstr "Statistik"
|
239 |
|
240 |
-
#: limit-login-attempts.php:
|
241 |
msgid "Total lockouts"
|
242 |
msgstr "Antal blockeringar"
|
243 |
|
244 |
-
#: limit-login-attempts.php:
|
245 |
-
#: limit-login-attempts.php:1471
|
246 |
msgid "Reset Counter"
|
247 |
msgstr "Nollställ räknare"
|
248 |
|
249 |
-
#: limit-login-attempts.php:
|
250 |
#, php-format
|
251 |
msgid "%d lockout since last reset"
|
252 |
msgid_plural "%d lockouts since last reset"
|
253 |
msgstr[0] "%d blockering sedan räknaren nollställdes"
|
254 |
msgstr[1] "%d blockeringar sedan räknaren nollställdes"
|
255 |
|
256 |
-
#: limit-login-attempts.php:
|
257 |
msgid "No lockouts yet"
|
258 |
msgstr "Inga blockeringar har skett ännu"
|
259 |
|
260 |
-
#: limit-login-attempts.php:
|
261 |
msgid "Active lockouts"
|
262 |
msgstr "Aktiva blockeringar"
|
263 |
|
264 |
-
#: limit-login-attempts.php:
|
265 |
-
#: limit-login-attempts.php:1480
|
266 |
msgid "Restore Lockouts"
|
267 |
msgstr "Ta bort blockeringar"
|
268 |
|
269 |
-
#: limit-login-attempts.php:
|
270 |
#, php-format
|
271 |
msgid "%d IP is currently blocked from trying to log in"
|
272 |
msgstr "%d IP är för närvarande blockerade från att logga in"
|
273 |
|
274 |
-
#: limit-login-attempts.php:
|
275 |
-
msgid "Total registration lockouts"
|
276 |
-
msgstr "Antal blockeringar av användarregistrering"
|
277 |
-
|
278 |
-
#: limit-login-attempts.php:1472
|
279 |
-
#, php-format
|
280 |
-
msgid "%d registration lockout since last reset"
|
281 |
-
msgid_plural "%d registration lockouts since last reset"
|
282 |
-
msgstr[0] "%d blockering av användarregistrering sedan räknaren nollställdes"
|
283 |
-
msgstr[1] "%d blockeringar av användarregistrering sedan räknaren nollställdes"
|
284 |
-
|
285 |
-
#: limit-login-attempts.php:1478
|
286 |
-
msgid "Active registration lockouts"
|
287 |
-
msgstr "Aktiva blockeringar av användarregistrering"
|
288 |
-
|
289 |
-
#: limit-login-attempts.php:1481
|
290 |
-
#, php-format
|
291 |
-
msgid "%d IP is currently blocked from registering new users"
|
292 |
-
msgstr "%d IP är för närvarande blockerade från att registrera nya användare"
|
293 |
-
|
294 |
-
#: limit-login-attempts.php:1487
|
295 |
msgid "Options"
|
296 |
msgstr "Inställningar"
|
297 |
|
298 |
-
#: limit-login-attempts.php:
|
299 |
msgid "Lockout"
|
300 |
msgstr "Blockering"
|
301 |
|
302 |
-
#: limit-login-attempts.php:
|
303 |
msgid "allowed retries"
|
304 |
msgstr "tillåtna misslyckanden"
|
305 |
|
306 |
-
#: limit-login-attempts.php:
|
307 |
msgid "minutes lockout"
|
308 |
msgstr "minuters blockering"
|
309 |
|
310 |
-
#: limit-login-attempts.php:
|
311 |
msgid "lockouts increase lockout time to"
|
312 |
msgstr "blockeringar ökar tiden till"
|
313 |
|
314 |
-
#: limit-login-attempts.php:
|
315 |
-
#: limit-login-attempts.php:1543
|
316 |
msgid "hours"
|
317 |
msgstr "timmar"
|
318 |
|
319 |
-
#: limit-login-attempts.php:
|
320 |
msgid "hours until retries are reset"
|
321 |
msgstr "timmar tills misslyckanden nollställs"
|
322 |
|
323 |
-
#: limit-login-attempts.php:
|
324 |
-
msgid "User cookie login"
|
325 |
-
msgstr "Inloggning med kakor"
|
326 |
-
|
327 |
-
#: limit-login-attempts.php:1503
|
328 |
-
msgid "Handle cookie login"
|
329 |
-
msgstr "Hantera inloggning med kakor"
|
330 |
-
|
331 |
-
#: limit-login-attempts.php:1508
|
332 |
msgid "Site connection"
|
333 |
msgstr "Sajten ansluter"
|
334 |
|
335 |
-
#: limit-login-attempts.php:
|
336 |
msgid "Direct connection"
|
337 |
msgstr "Direktansluten"
|
338 |
|
339 |
-
#: limit-login-attempts.php:
|
340 |
msgid "From behind a reversy proxy"
|
341 |
msgstr "Bakom en reverse proxy"
|
342 |
|
343 |
-
#: limit-login-attempts.php:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
344 |
msgid "Notify on lockout"
|
345 |
msgstr "Notifiera om blockering"
|
346 |
|
347 |
-
#: limit-login-attempts.php:
|
348 |
msgid "Log IP"
|
349 |
msgstr "Logga IP"
|
350 |
|
351 |
-
#: limit-login-attempts.php:
|
352 |
msgid "Email to admin after"
|
353 |
msgstr "E-post till administratör efter"
|
354 |
|
355 |
-
#: limit-login-attempts.php:
|
356 |
msgid "lockouts"
|
357 |
msgstr "blockeringar"
|
358 |
|
359 |
-
#: limit-login-attempts.php:
|
360 |
-
msgid "Password reset"
|
361 |
-
msgstr "Lösenords reset"
|
362 |
-
|
363 |
-
#: limit-login-attempts.php:1534
|
364 |
-
msgid "Disable password reset using login name for user this level or higher"
|
365 |
-
msgstr "Tillåt inte lösenords reset med användarnamn för användare av denna grad eller högre"
|
366 |
-
|
367 |
-
#: limit-login-attempts.php:1536
|
368 |
-
msgid "Disable password reset for users this level or higher"
|
369 |
-
msgstr "Tillåt inte lösenords reset för användare av denna grad eller högre"
|
370 |
-
|
371 |
-
#: limit-login-attempts.php:1541
|
372 |
-
msgid "New user registration"
|
373 |
-
msgstr "Registrering av ny användare"
|
374 |
-
|
375 |
-
#: limit-login-attempts.php:1543
|
376 |
-
msgid "Only allow"
|
377 |
-
msgstr "Tillåt endast"
|
378 |
-
|
379 |
-
#: limit-login-attempts.php:1543
|
380 |
-
msgid "new user registrations every"
|
381 |
-
msgstr "nya användarregistreringar varje"
|
382 |
-
|
383 |
-
#: limit-login-attempts.php:1548
|
384 |
msgid "Change Options"
|
385 |
msgstr "Ändra Inställningar"
|
386 |
|
387 |
-
#: limit-login-attempts.php:
|
388 |
-
msgid "Privileged users"
|
389 |
-
msgstr "Användare med privilegier"
|
390 |
-
|
391 |
-
#: limit-login-attempts.php:1557
|
392 |
-
#, php-format
|
393 |
-
msgid "I <a href=\"%s\">understand</a> the problems involved"
|
394 |
-
msgstr "Jag <a href=\"%s\">förstår</a> riskerna med detta"
|
395 |
-
|
396 |
-
#: limit-login-attempts.php:1557
|
397 |
-
msgid "Change Names"
|
398 |
-
msgstr "Ändra Namn"
|
399 |
-
|
400 |
-
#: limit-login-attempts.php:1565
|
401 |
msgid "Lockout log"
|
402 |
msgstr "Log över blockeringar"
|
403 |
|
404 |
-
#: limit-login-attempts.php:
|
405 |
msgid "Clear Log"
|
406 |
msgstr "Rensa Log"
|
407 |
|
@@ -425,8 +273,3 @@ msgstr "Johan Eenfeldt"
|
|
425 |
msgid "http://devel.kostdoktorn.se"
|
426 |
msgstr "http://devel.kostdoktorn.se"
|
427 |
|
428 |
-
#~ msgid "Yes"
|
429 |
-
#~ msgstr "Ja"
|
430 |
-
#~ msgid "No"
|
431 |
-
#~ msgstr "Nej"
|
432 |
-
|
5 |
#
|
6 |
msgid ""
|
7 |
msgstr ""
|
8 |
+
"Project-Id-Version: limit-login-attempts 1.2\n"
|
9 |
"Report-Msgid-Bugs-To: http://wordpress.org/tag/limit-login-attempts\n"
|
10 |
+
"POT-Creation-Date: 2009-01-28 17:17+0000\n"
|
11 |
+
"PO-Revision-Date: 2009-01-28 18:25+0100\n"
|
12 |
"Last-Translator: Johan Eenfeldt <johan.eenfeldt@kostdoktorn.se>\n"
|
13 |
+
"Language-Team: Swedish\n"
|
14 |
"MIME-Version: 1.0\n"
|
15 |
"Content-Type: text/plain; charset=UTF-8\n"
|
16 |
"Content-Transfer-Encoding: 8bit\n"
|
17 |
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
|
|
|
|
|
18 |
|
19 |
+
#: limit-login-attempts.php:372
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
20 |
#, php-format
|
21 |
msgid "%d hour"
|
22 |
msgid_plural "%d hours"
|
23 |
msgstr[0] "%d timme"
|
24 |
msgstr[1] "%d timmar"
|
25 |
|
26 |
+
#: limit-login-attempts.php:378
|
27 |
#, php-format
|
28 |
msgid "%d minute"
|
29 |
msgid_plural "%d minutes"
|
30 |
msgstr[0] "%d minut"
|
31 |
msgstr[1] "%d minuter"
|
32 |
|
33 |
+
#: limit-login-attempts.php:381
|
34 |
#, php-format
|
35 |
msgid "[%s] Too many failed login attempts"
|
36 |
msgstr "[%s] För många misslyckade inloggningar"
|
37 |
|
38 |
+
#: limit-login-attempts.php:383
|
39 |
#, php-format
|
40 |
msgid "%d failed login attempts (%d lockout(s)) from IP: %s"
|
41 |
msgstr "%d misslyckade inloggningar (blockad %d gång(er)) från IP: %s"
|
42 |
|
43 |
+
#: limit-login-attempts.php:387
|
44 |
#, php-format
|
45 |
msgid "Last user attempted: %s"
|
46 |
msgstr "Misslyckades senast med användare : %s"
|
47 |
|
48 |
+
#: limit-login-attempts.php:390
|
49 |
#, php-format
|
50 |
msgid "IP was blocked for %s"
|
51 |
msgstr "IP blockerades i %s"
|
52 |
|
53 |
+
#: limit-login-attempts.php:445
|
|
|
|
|
|
|
|
|
54 |
msgid "<strong>ERROR</strong>: Too many failed login attempts."
|
55 |
msgstr "<strong>Fel</strong>: För många misslyckade försök."
|
56 |
|
57 |
+
#: limit-login-attempts.php:449
|
58 |
msgid "Please try again later."
|
59 |
msgstr "Försök igen senare."
|
60 |
|
61 |
+
#: limit-login-attempts.php:456
|
62 |
#, php-format
|
63 |
msgid "Please try again in %d hour."
|
64 |
msgid_plural "Please try again in %d hours."
|
65 |
msgstr[0] "Försök igen om %d timme."
|
66 |
msgstr[1] "Försök igen om %d timmar."
|
67 |
|
68 |
+
#: limit-login-attempts.php:458
|
69 |
#, php-format
|
70 |
msgid "Please try again in %d minute."
|
71 |
msgid_plural "Please try again in %d minutes."
|
72 |
msgstr[0] "Försök igen om %d minut."
|
73 |
msgstr[1] "Försök igen om %d minuter."
|
74 |
|
75 |
+
#: limit-login-attempts.php:487
|
76 |
#, php-format
|
77 |
msgid "<strong>%d</strong> attempt remaining."
|
78 |
msgid_plural "<strong>%d</strong> attempts remaining."
|
79 |
msgstr[0] "<strong>%d</strong> försök återstår."
|
80 |
msgstr[1] "<strong>%d</strong> försök återstår."
|
81 |
|
82 |
+
#: limit-login-attempts.php:551
|
83 |
msgid "<strong>ERROR</strong>: Incorrect username or password."
|
84 |
msgstr "<strong>Fel</strong>: Felaktigt användarnamn eller lösenord."
|
85 |
|
86 |
+
#: limit-login-attempts.php:714
|
87 |
msgid "IP|Internet address"
|
88 |
msgstr "IP"
|
89 |
|
90 |
+
#: limit-login-attempts.php:714
|
91 |
msgid "Tried to log in as"
|
92 |
msgstr "Försökte logga in som"
|
93 |
|
94 |
+
#: limit-login-attempts.php:719
|
95 |
#, php-format
|
96 |
msgid "%d lockout"
|
97 |
msgid_plural "%d lockouts"
|
98 |
msgstr[0] "%d blockering"
|
99 |
msgstr[1] "%d blockeringar"
|
100 |
|
101 |
+
#: limit-login-attempts.php:743
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
102 |
msgid "Cleared IP log"
|
103 |
msgstr "Rensade IP loggen"
|
104 |
|
105 |
+
#: limit-login-attempts.php:751
|
106 |
msgid "Reset lockout count"
|
107 |
msgstr "Nollställde räknaren för blockeringar"
|
108 |
|
109 |
+
#: limit-login-attempts.php:759
|
110 |
msgid "Cleared current lockouts"
|
111 |
msgstr "Tog bort aktuella blockeringar"
|
112 |
|
113 |
+
#: limit-login-attempts.php:788
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
114 |
msgid "Options changed"
|
115 |
msgstr "Inställningar ändrade"
|
116 |
|
117 |
+
#: limit-login-attempts.php:799
|
118 |
+
msgid "<strong>NOTE:</strong> Only works in Wordpress 2.7 or later"
|
119 |
+
msgstr "<strong>OBS:</strong> Fungerar endast i WordPress 2.7 eller senare"
|
|
|
|
|
120 |
|
121 |
+
#: limit-login-attempts.php:815
|
122 |
#, php-format
|
123 |
msgid "It appears the site is reached directly (from your IP: %s)"
|
124 |
msgstr "Sajten tycks vara direktansluten (från din IP: %s)"
|
125 |
|
126 |
+
#: limit-login-attempts.php:817
|
127 |
#, php-format
|
128 |
msgid "It appears the site is reached through a proxy server (proxy IP: %s, your IP: %s)"
|
129 |
msgstr "Sajten tycks ansluta genom en proxy server (proxy IP: %s, din IP: %s)"
|
130 |
|
131 |
+
#: limit-login-attempts.php:825
|
132 |
#, php-format
|
133 |
msgid "<strong>Current setting appears to be invalid</strong>. Please make sure it is correct. Further information can be found <a href=\"%s\" title=\"FAQ\">here</a>"
|
134 |
msgstr "<strong>Nuvarande inställningar kan vara fel</strong>. Säkerställ att de är korrekta. Mer information kan hittas <a href=\"%s\" title=\"FAQ\">här</a>"
|
135 |
|
136 |
+
#: limit-login-attempts.php:833
|
137 |
msgid "Limit Login Attempts Settings"
|
138 |
msgstr "Limit Login Attempts Inställningar"
|
139 |
|
140 |
+
#: limit-login-attempts.php:834
|
141 |
msgid "Statistics"
|
142 |
msgstr "Statistik"
|
143 |
|
144 |
+
#: limit-login-attempts.php:838
|
145 |
msgid "Total lockouts"
|
146 |
msgstr "Antal blockeringar"
|
147 |
|
148 |
+
#: limit-login-attempts.php:841
|
|
|
149 |
msgid "Reset Counter"
|
150 |
msgstr "Nollställ räknare"
|
151 |
|
152 |
+
#: limit-login-attempts.php:842
|
153 |
#, php-format
|
154 |
msgid "%d lockout since last reset"
|
155 |
msgid_plural "%d lockouts since last reset"
|
156 |
msgstr[0] "%d blockering sedan räknaren nollställdes"
|
157 |
msgstr[1] "%d blockeringar sedan räknaren nollställdes"
|
158 |
|
159 |
+
#: limit-login-attempts.php:843
|
160 |
msgid "No lockouts yet"
|
161 |
msgstr "Inga blockeringar har skett ännu"
|
162 |
|
163 |
+
#: limit-login-attempts.php:848
|
164 |
msgid "Active lockouts"
|
165 |
msgstr "Aktiva blockeringar"
|
166 |
|
167 |
+
#: limit-login-attempts.php:850
|
|
|
168 |
msgid "Restore Lockouts"
|
169 |
msgstr "Ta bort blockeringar"
|
170 |
|
171 |
+
#: limit-login-attempts.php:851
|
172 |
#, php-format
|
173 |
msgid "%d IP is currently blocked from trying to log in"
|
174 |
msgstr "%d IP är för närvarande blockerade från att logga in"
|
175 |
|
176 |
+
#: limit-login-attempts.php:857
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
177 |
msgid "Options"
|
178 |
msgstr "Inställningar"
|
179 |
|
180 |
+
#: limit-login-attempts.php:861
|
181 |
msgid "Lockout"
|
182 |
msgstr "Blockering"
|
183 |
|
184 |
+
#: limit-login-attempts.php:863
|
185 |
msgid "allowed retries"
|
186 |
msgstr "tillåtna misslyckanden"
|
187 |
|
188 |
+
#: limit-login-attempts.php:864
|
189 |
msgid "minutes lockout"
|
190 |
msgstr "minuters blockering"
|
191 |
|
192 |
+
#: limit-login-attempts.php:865
|
193 |
msgid "lockouts increase lockout time to"
|
194 |
msgstr "blockeringar ökar tiden till"
|
195 |
|
196 |
+
#: limit-login-attempts.php:865
|
|
|
197 |
msgid "hours"
|
198 |
msgstr "timmar"
|
199 |
|
200 |
+
#: limit-login-attempts.php:866
|
201 |
msgid "hours until retries are reset"
|
202 |
msgstr "timmar tills misslyckanden nollställs"
|
203 |
|
204 |
+
#: limit-login-attempts.php:870
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
205 |
msgid "Site connection"
|
206 |
msgstr "Sajten ansluter"
|
207 |
|
208 |
+
#: limit-login-attempts.php:876
|
209 |
msgid "Direct connection"
|
210 |
msgstr "Direktansluten"
|
211 |
|
212 |
+
#: limit-login-attempts.php:881
|
213 |
msgid "From behind a reversy proxy"
|
214 |
msgstr "Bakom en reverse proxy"
|
215 |
|
216 |
+
#: limit-login-attempts.php:887
|
217 |
+
msgid "Handle cookie login"
|
218 |
+
msgstr "Hantera inloggning med kakor"
|
219 |
+
|
220 |
+
#: limit-login-attempts.php:889
|
221 |
+
msgid "Yes"
|
222 |
+
msgstr "Ja"
|
223 |
+
|
224 |
+
#: limit-login-attempts.php:889
|
225 |
+
msgid "No"
|
226 |
+
msgstr "Nej"
|
227 |
+
|
228 |
+
#: limit-login-attempts.php:894
|
229 |
msgid "Notify on lockout"
|
230 |
msgstr "Notifiera om blockering"
|
231 |
|
232 |
+
#: limit-login-attempts.php:896
|
233 |
msgid "Log IP"
|
234 |
msgstr "Logga IP"
|
235 |
|
236 |
+
#: limit-login-attempts.php:897
|
237 |
msgid "Email to admin after"
|
238 |
msgstr "E-post till administratör efter"
|
239 |
|
240 |
+
#: limit-login-attempts.php:897
|
241 |
msgid "lockouts"
|
242 |
msgstr "blockeringar"
|
243 |
|
244 |
+
#: limit-login-attempts.php:902
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
245 |
msgid "Change Options"
|
246 |
msgstr "Ändra Inställningar"
|
247 |
|
248 |
+
#: limit-login-attempts.php:910
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
249 |
msgid "Lockout log"
|
250 |
msgstr "Log över blockeringar"
|
251 |
|
252 |
+
#: limit-login-attempts.php:914
|
253 |
msgid "Clear Log"
|
254 |
msgstr "Rensa Log"
|
255 |
|
273 |
msgid "http://devel.kostdoktorn.se"
|
274 |
msgstr "http://devel.kostdoktorn.se"
|
275 |
|
|
|
|
|
|
|
|
|
|
limit-login-attempts.php
CHANGED
@@ -5,7 +5,7 @@
|
|
5 |
Description: Limit rate of login attempts, including by way of cookies, for each IP.
|
6 |
Author: Johan Eenfeldt
|
7 |
Author URI: http://devel.kostdoktorn.se
|
8 |
-
Version:
|
9 |
|
10 |
Copyright 2008, 2009 Johan Eenfeldt
|
11 |
|
@@ -36,7 +36,7 @@
|
|
36 |
define('LIMIT_LOGIN_DIRECT_ADDR', 'REMOTE_ADDR');
|
37 |
define('LIMIT_LOGIN_PROXY_ADDR', 'HTTP_X_FORWARDED_FOR');
|
38 |
|
39 |
-
/* Notify value checked against these in
|
40 |
define('LIMIT_LOGIN_LOCKOUT_NOTIFY_ALLOWED', 'log,email');
|
41 |
|
42 |
/*
|
@@ -76,46 +76,12 @@ $limit_login_options =
|
|
76 |
|
77 |
/* If notify by email, do so after this number of lockouts */
|
78 |
, 'notify_email_after' => 4
|
79 |
-
|
80 |
-
/* Enforce limit on new user registrations for IP */
|
81 |
-
, 'register_enforce' => true
|
82 |
-
|
83 |
-
/* Allow this many new user registrations ... */
|
84 |
-
, 'register_allowed' => 3
|
85 |
-
|
86 |
-
/* ... during this time */
|
87 |
-
, 'register_duration' => 86400 // 24 hours
|
88 |
-
|
89 |
-
/* Allow password reset using login name?
|
90 |
-
*
|
91 |
-
* NOTE: Only works in WP 2.6.5+, as necessary filter was added then.
|
92 |
-
*/
|
93 |
-
, 'disable_pwd_reset_username' => true
|
94 |
-
|
95 |
-
/* ... for capability level_xx or higher */
|
96 |
-
, 'pwd_reset_username_limit' => 1
|
97 |
-
|
98 |
-
/* Allow password resets at all?
|
99 |
-
*
|
100 |
-
* NOTE: Only works in WP 2.6.5+, as necessary filter was added then.
|
101 |
-
*/
|
102 |
-
, 'disable_pwd_reset' => false
|
103 |
-
|
104 |
-
/* ... for capability level_xx or higher */
|
105 |
-
, 'pwd_reset_limit' => 1
|
106 |
);
|
107 |
|
108 |
$limit_login_my_error_shown = false; /* have we shown our stuff? */
|
109 |
$limit_login_just_lockedout = false; /* started this pageload??? */
|
110 |
$limit_login_nonempty_credentials = false; /* user and pwd nonempty */
|
111 |
|
112 |
-
/* Level of the different roles. Used for descriptive purposes only */
|
113 |
-
$limit_login_level_role =
|
114 |
-
array(0 => __('Subscriber','limit-login-attempts')
|
115 |
-
, 1 => __('Contributor','limit-login-attempts')
|
116 |
-
, 2 => __('Author','limit-login-attempts')
|
117 |
-
, 7 => __('Editor','limit-login-attempts')
|
118 |
-
, 10 => __('Administrator','limit-login-attempts'));
|
119 |
|
120 |
/*
|
121 |
* Startup
|
@@ -147,12 +113,17 @@ function limit_login_setup() {
|
|
147 |
add_action('login_head', 'limit_login_add_error_message');
|
148 |
add_action('login_errors', 'limit_login_fixup_error_messages');
|
149 |
add_action('admin_menu', 'limit_login_admin_menu');
|
150 |
-
|
151 |
-
|
152 |
-
|
153 |
-
|
154 |
-
|
155 |
-
|
|
|
|
|
|
|
|
|
|
|
156 |
}
|
157 |
}
|
158 |
|
@@ -191,41 +162,13 @@ function limit_login_get_address($type_name = '') {
|
|
191 |
}
|
192 |
|
193 |
|
194 |
-
/*
|
195 |
-
*
|
196 |
-
* Returns true if array exists, ip is key in array, and value (time) is not
|
197 |
-
* past.
|
198 |
-
*/
|
199 |
-
function limit_login_check_time($check_array, $ip = null) {
|
200 |
-
if (!$ip)
|
201 |
-
$ip = limit_login_get_address();
|
202 |
-
|
203 |
-
return (is_array($check_array) && isset($check_array[$ip])
|
204 |
-
&& time() <= $check_array[$ip]);
|
205 |
-
}
|
206 |
-
|
207 |
-
|
208 |
-
/* Is it ok to login? */
|
209 |
function is_limit_login_ok() {
|
210 |
-
/* Test that there is not a (still valid) lockout on ip in lockouts array */
|
211 |
-
return !limit_login_check_time(limit_login_get_array('lockouts'));
|
212 |
-
}
|
213 |
-
|
214 |
-
|
215 |
-
/* Check if it is ok to register new user */
|
216 |
-
function is_limit_login_reg_ok() {
|
217 |
-
if (!limit_login_option('register_enforce')) {
|
218 |
-
return true;
|
219 |
-
}
|
220 |
-
|
221 |
$ip = limit_login_get_address();
|
222 |
|
223 |
-
/*
|
224 |
-
$
|
225 |
-
$
|
226 |
-
$allowed = limit_login_option('register_allowed');
|
227 |
-
return (!limit_login_check_time($valid, $ip)
|
228 |
-
|| !isset($regs[$ip]) || $regs[$ip] < $allowed);
|
229 |
}
|
230 |
|
231 |
|
@@ -287,15 +230,25 @@ function limit_login_failed_cookie($arg) {
|
|
287 |
function limit_login_failed($arg) {
|
288 |
$ip = limit_login_get_address();
|
289 |
|
290 |
-
|
291 |
-
|
292 |
-
|
293 |
return;
|
|
|
|
|
294 |
}
|
295 |
|
296 |
/* Get the arrays with retries and retries-valid information */
|
297 |
-
$retries =
|
298 |
-
$valid =
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
299 |
|
300 |
/* Check validity and add one to retries */
|
301 |
if (isset($retries[$ip]) && isset($valid[$ip]) && time() < $valid[$ip]) {
|
@@ -354,230 +307,57 @@ function limit_login_failed($arg) {
|
|
354 |
}
|
355 |
|
356 |
|
357 |
-
/* Clean up any old lockouts and old retries
|
358 |
function limit_login_cleanup($retries = null, $lockouts = null, $valid = null) {
|
359 |
$now = time();
|
360 |
-
$lockouts = !is_null($lockouts) ? $lockouts :
|
361 |
|
362 |
/* remove old lockouts */
|
363 |
-
|
364 |
-
|
365 |
-
unset($lockouts[$ip]);
|
366 |
-
}
|
367 |
-
}
|
368 |
-
limit_login_save_array('lockouts', $lockouts);
|
369 |
-
|
370 |
-
/* remove retries that are no longer valid */
|
371 |
-
$valid = !is_null($valid) ? $valid : limit_login_get_array('retries_valid');
|
372 |
-
$retries = !is_null($retries) ? $retries : limit_login_get_array('retries');
|
373 |
-
if (!empty($valid) && !empty($retries)) {
|
374 |
-
foreach ($valid as $ip => $lockout) {
|
375 |
if ($lockout < $now) {
|
376 |
-
unset($
|
377 |
-
unset($retries[$ip]);
|
378 |
-
}
|
379 |
-
}
|
380 |
-
|
381 |
-
/* go through retries directly, if for some reason they've gone out of sync */
|
382 |
-
foreach ($retries as $ip => $retry) {
|
383 |
-
if (!isset($valid[$ip])) {
|
384 |
-
unset($retries[$ip]);
|
385 |
-
}
|
386 |
-
}
|
387 |
-
|
388 |
-
limit_login_save_array('retries', $retries);
|
389 |
-
limit_login_save_array('retries_valid', $valid);
|
390 |
-
}
|
391 |
-
|
392 |
-
/* do the same for the registration arrays, if necessary */
|
393 |
-
$valid = limit_login_get_array('registrations_valid');
|
394 |
-
$regs = limit_login_get_array('registrations');
|
395 |
-
if (!empty($valid) && !empty($regs)) {
|
396 |
-
foreach ($valid as $ip => $until) {
|
397 |
-
if ($until < $now) {
|
398 |
-
unset($valid[$ip]);
|
399 |
-
unset($regs[$ip]);
|
400 |
}
|
401 |
}
|
402 |
-
|
403 |
-
/* go through registrations directly, if for some reason they've gone out of sync */
|
404 |
-
foreach ($regs as $ip => $reg) {
|
405 |
-
if (!isset($valid[$ip])) {
|
406 |
-
unset($regs[$ip]);
|
407 |
-
}
|
408 |
-
}
|
409 |
-
|
410 |
-
limit_login_save_array('registrations', $regs);
|
411 |
-
limit_login_save_array('registrations_valid', $valid);
|
412 |
}
|
413 |
-
}
|
414 |
|
415 |
-
/*
|
416 |
-
|
417 |
-
|
418 |
-
|
419 |
-
*/
|
420 |
-
function limit_login_reg_add() {
|
421 |
-
if (!limit_login_option('register_enforce')) {
|
422 |
return;
|
423 |
}
|
424 |
|
425 |
-
$ip
|
426 |
-
|
427 |
-
|
428 |
-
|
429 |
-
$valid = limit_login_get_array('registrations_valid');
|
430 |
-
|
431 |
-
/* Check validity and add one registration */
|
432 |
-
if (isset($regs[$ip]) && isset($valid[$ip]) && time() < $valid[$ip]) {
|
433 |
-
$regs[$ip] ++;
|
434 |
-
} else {
|
435 |
-
$regs[$ip] = 1;
|
436 |
-
}
|
437 |
-
$valid[$ip] = time() + limit_login_option('register_duration');
|
438 |
-
|
439 |
-
limit_login_save_array('registrations', $regs);
|
440 |
-
limit_login_save_array('registrations_valid', $valid);
|
441 |
-
|
442 |
-
/* increase statistics? */
|
443 |
-
if ($regs[$ip] >= limit_login_option('register_allowed')) {
|
444 |
-
$total = get_option('limit_login_reg_lockouts_total');
|
445 |
-
if ($total === false) {
|
446 |
-
add_option('limit_login_reg_lockouts_total', 1, '', 'no');
|
447 |
-
} else {
|
448 |
-
update_option('limit_login_reg_lockouts_total', $total + 1);
|
449 |
-
}
|
450 |
-
}
|
451 |
-
|
452 |
-
/* do housecleaning */
|
453 |
-
limit_login_cleanup();
|
454 |
-
}
|
455 |
-
|
456 |
-
|
457 |
-
/*
|
458 |
-
* Filter: check if new registration is allowed, and filter error messages
|
459 |
-
* to remove possibility to brute force user login
|
460 |
-
*/
|
461 |
-
function limit_login_filter_registration($errors) {
|
462 |
-
global $limit_login_my_error_shown;
|
463 |
-
|
464 |
-
$limit_login_my_error_shown = true;
|
465 |
-
|
466 |
-
if (!is_limit_login_reg_ok()) {
|
467 |
-
$errors = new WP_Error();
|
468 |
-
$errors->add('lockout', limit_login_reg_error_msg());
|
469 |
-
return $errors;
|
470 |
-
}
|
471 |
-
|
472 |
-
/*
|
473 |
-
* Not locked out. Now enforce error msg filter and, count attempt if there
|
474 |
-
* are no errors.
|
475 |
-
*/
|
476 |
-
|
477 |
-
if (!is_wp_error($errors)) {
|
478 |
-
limit_login_reg_add();
|
479 |
-
return $errors;
|
480 |
-
}
|
481 |
-
|
482 |
-
$codes = $errors->get_error_codes();
|
483 |
-
|
484 |
-
if (count($codes) <= 1) {
|
485 |
-
if (count($codes) == 0) {
|
486 |
-
limit_login_reg_add();
|
487 |
-
}
|
488 |
-
return $errors;
|
489 |
-
}
|
490 |
-
|
491 |
-
/*
|
492 |
-
* If more than one error message (meaning both login and email was
|
493 |
-
* invalid) we strip any 'username_exists' message.
|
494 |
-
*
|
495 |
-
* This is to stop someone from trying different usernames with a known
|
496 |
-
* bad / empty email address.
|
497 |
-
*/
|
498 |
-
|
499 |
-
$key = array_search('username_exists', $codes);
|
500 |
-
|
501 |
-
if ($key !== false) {
|
502 |
-
unset($codes[$key]);
|
503 |
-
|
504 |
-
$old_errors = $errors;
|
505 |
-
$errors = new WP_Error();
|
506 |
-
foreach ($codes as $key => $code) {
|
507 |
-
$errors->add($code, $old_errors->get_error_message($code));
|
508 |
}
|
509 |
}
|
510 |
|
511 |
-
|
512 |
-
|
513 |
-
|
514 |
-
|
515 |
-
/* Check if user have level capability */
|
516 |
-
function limit_login_user_has_level($userid, $level) {
|
517 |
-
$userid = intval($userid);
|
518 |
-
$level = intval($level);
|
519 |
-
|
520 |
-
if ($userid <= 0) {
|
521 |
-
return false;
|
522 |
-
}
|
523 |
-
|
524 |
-
$user = new WP_User($userid);
|
525 |
-
|
526 |
-
return ($user && $user->has_cap($level));
|
527 |
-
}
|
528 |
-
|
529 |
-
|
530 |
-
/* Filter: enforce that password reset is allowed */
|
531 |
-
function limit_login_filter_pwd_reset($b, $userid) {
|
532 |
-
$limit = null;
|
533 |
-
|
534 |
-
/* What limit (max privilege level) to use, if any */
|
535 |
-
if (limit_login_option('disable_pwd_reset')) {
|
536 |
-
/* limit on all pwd resets */
|
537 |
-
$limit = limit_login_option('pwd_reset_limit');
|
538 |
-
}
|
539 |
-
|
540 |
-
if (limit_login_option('disable_pwd_reset_username') && !strpos($_POST['user_login'], '@')) {
|
541 |
-
/* limit on pwd reset using user name */
|
542 |
-
$limit_username = limit_login_option('pwd_reset_username_limit');
|
543 |
-
|
544 |
-
/* use lowest limit */
|
545 |
-
if (is_null($limit) || $limit > $limit_username) {
|
546 |
-
$limit = $limit_username;
|
547 |
}
|
548 |
}
|
549 |
|
550 |
-
|
551 |
-
|
552 |
-
return $b;
|
553 |
-
}
|
554 |
-
|
555 |
-
/* Test if user have this level */
|
556 |
-
if (!limit_login_user_has_level($userid, $limit)) {
|
557 |
-
return $b;
|
558 |
-
}
|
559 |
-
|
560 |
-
/* Not allowed -- use same error as retrieve_password() */
|
561 |
-
$error = new WP_Error();
|
562 |
-
$error->add('invalidcombo', __('<strong>ERROR</strong>: Invalid username or e-mail.', 'limit-login-attempts'));
|
563 |
-
return $error;
|
564 |
}
|
565 |
|
566 |
|
567 |
-
/*
|
568 |
-
* Notification functions
|
569 |
-
*/
|
570 |
-
|
571 |
/* Email notification of lockout to admin (if configured) */
|
572 |
function limit_login_notify_email($user) {
|
573 |
$ip = limit_login_get_address();
|
574 |
-
$retries =
|
575 |
|
576 |
-
|
577 |
-
|
578 |
-
|
579 |
-
|
580 |
-
|
581 |
if ( isset($retries[$ip])
|
582 |
&& ( ($retries[$ip] / limit_login_option('allowed_retries'))
|
583 |
% limit_login_option('notify_email_after') ) != 0 ) {
|
@@ -617,20 +397,24 @@ function limit_login_notify_email($user) {
|
|
617 |
|
618 |
/* Logging of lockout (if configured) */
|
619 |
function limit_login_notify_log($user) {
|
620 |
-
$log =
|
621 |
$ip = limit_login_get_address();
|
622 |
-
|
623 |
-
|
624 |
-
|
625 |
-
|
626 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
627 |
} else {
|
628 |
-
$log[$ip]
|
629 |
}
|
630 |
-
|
631 |
-
$log[$ip] = array($user => 1);
|
632 |
}
|
633 |
-
limit_login_save_array('logged', $log);
|
634 |
}
|
635 |
|
636 |
|
@@ -655,39 +439,16 @@ function limit_login_notify($user) {
|
|
655 |
}
|
656 |
|
657 |
|
658 |
-
/*
|
659 |
-
* Handle (och filter) messages and errors shown
|
660 |
-
*/
|
661 |
-
|
662 |
-
/* Construct message for registration lockout */
|
663 |
-
function limit_login_reg_error_msg() {
|
664 |
-
$msg = __('<strong>ERROR</strong>: Too many new user registrations.', 'limit-login-attempts') . ' ';
|
665 |
-
return limit_login_error_msg('registrations_valid', $msg);
|
666 |
-
}
|
667 |
-
|
668 |
-
|
669 |
-
/* Filter: remove other registration error messages */
|
670 |
-
function limit_login_filter_login_message($content) {
|
671 |
-
if (is_limit_login_reg_page() && !is_limit_login_reg_ok()) {
|
672 |
-
return '';
|
673 |
-
}
|
674 |
-
|
675 |
-
return $content;
|
676 |
-
}
|
677 |
-
|
678 |
-
|
679 |
/* Construct informative error message */
|
680 |
-
function limit_login_error_msg(
|
681 |
$ip = limit_login_get_address();
|
682 |
-
$lockouts =
|
683 |
|
684 |
-
|
685 |
-
$msg = __('<strong>ERROR</strong>: Too many failed login attempts.', 'limit-login-attempts') . ' ';
|
686 |
-
}
|
687 |
|
688 |
-
if (!isset($lockouts[$ip]) || time() >= $lockouts[$ip]) {
|
689 |
-
/* Huh? No
|
690 |
-
$msg .=
|
691 |
return $msg;
|
692 |
}
|
693 |
|
@@ -706,10 +467,15 @@ function limit_login_error_msg($lockout_option = 'lockouts', $msg = '') {
|
|
706 |
/* Construct retries remaining message */
|
707 |
function limit_login_retries_remaining_msg() {
|
708 |
$ip = limit_login_get_address();
|
709 |
-
$retries =
|
710 |
-
$valid =
|
711 |
|
712 |
/* Should we show retries remaining? */
|
|
|
|
|
|
|
|
|
|
|
713 |
if (!isset($retries[$ip]) || !isset($valid[$ip]) || time() > $valid[$ip]) {
|
714 |
/* no: no valid retries */
|
715 |
return '';
|
@@ -749,19 +515,6 @@ function should_limit_login_show_msg() {
|
|
749 |
}
|
750 |
|
751 |
|
752 |
-
/* Should we show errors and messages on this page? */
|
753 |
-
function is_limit_login_reg_page() {
|
754 |
-
if (isset($_GET['key'])) {
|
755 |
-
/* reset password */
|
756 |
-
return false;
|
757 |
-
}
|
758 |
-
|
759 |
-
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
|
760 |
-
|
761 |
-
return ( $action == 'register' );
|
762 |
-
}
|
763 |
-
|
764 |
-
|
765 |
/* Fix up the error message before showing it */
|
766 |
function limit_login_fixup_error_messages($content) {
|
767 |
global $limit_login_just_lockedout, $limit_login_nonempty_credentials, $limit_login_my_error_shown;
|
@@ -772,8 +525,7 @@ function limit_login_fixup_error_messages($content) {
|
|
772 |
|
773 |
/*
|
774 |
* During lockout we do not want to show any other error messages (like
|
775 |
-
* unknown user or empty password)
|
776 |
-
* locked us out.
|
777 |
*/
|
778 |
if (!is_limit_login_ok() && !$limit_login_just_lockedout) {
|
779 |
return limit_login_error_msg();
|
@@ -783,8 +535,8 @@ function limit_login_fixup_error_messages($content) {
|
|
783 |
* We want to filter the messages 'Invalid username' and 'Invalid password'
|
784 |
* as that is an information leak regarding user account names.
|
785 |
*
|
786 |
-
* Also, if
|
787 |
-
*
|
788 |
*/
|
789 |
$msgs = explode("<br />\n", $content);
|
790 |
|
@@ -823,12 +575,6 @@ function limit_login_fixup_error_messages($content) {
|
|
823 |
function limit_login_add_error_message() {
|
824 |
global $error, $limit_login_my_error_shown;
|
825 |
|
826 |
-
if (is_limit_login_reg_page() && !is_limit_login_reg_ok()
|
827 |
-
&& !$limit_login_my_error_shown) {
|
828 |
-
$error = limit_login_reg_error_msg();
|
829 |
-
return;
|
830 |
-
}
|
831 |
-
|
832 |
if (!should_limit_login_show_msg() || $limit_login_my_error_shown) {
|
833 |
return;
|
834 |
}
|
@@ -852,6 +598,10 @@ function limit_login_track_credentials($user, $password) {
|
|
852 |
}
|
853 |
|
854 |
|
|
|
|
|
|
|
|
|
855 |
/* Does wordpress version support cookie option? */
|
856 |
function limit_login_support_cookie_option() {
|
857 |
global $wp_version;
|
@@ -859,26 +609,10 @@ function limit_login_support_cookie_option() {
|
|
859 |
}
|
860 |
|
861 |
|
862 |
-
/*
|
863 |
-
function
|
864 |
-
|
865 |
-
|
866 |
-
}
|
867 |
-
|
868 |
-
|
869 |
-
/*
|
870 |
-
* Handle plugin options
|
871 |
-
*/
|
872 |
-
|
873 |
-
/* Get current option value */
|
874 |
-
function limit_login_option($option_name) {
|
875 |
-
global $limit_login_options;
|
876 |
-
|
877 |
-
if (isset($limit_login_options[$option_name])) {
|
878 |
-
return $limit_login_options[$option_name];
|
879 |
-
} else {
|
880 |
-
return null;
|
881 |
-
}
|
882 |
}
|
883 |
|
884 |
|
@@ -889,15 +623,6 @@ function limit_login_get_option($option, $var_name) {
|
|
889 |
if ($a !== false) {
|
890 |
global $limit_login_options;
|
891 |
|
892 |
-
/* Make sure type is correct */
|
893 |
-
if (is_bool($limit_login_options[$var_name])) {
|
894 |
-
$a = !!$a;
|
895 |
-
} elseif (is_numeric($limit_login_options[$var_name])) {
|
896 |
-
$a = intval($a);
|
897 |
-
} else {
|
898 |
-
$a = (string) $a;
|
899 |
-
}
|
900 |
-
|
901 |
$limit_login_options[$var_name] = $a;
|
902 |
}
|
903 |
}
|
@@ -905,33 +630,52 @@ function limit_login_get_option($option, $var_name) {
|
|
905 |
|
906 |
/* Setup global variables from options */
|
907 |
function limit_login_setup_options() {
|
908 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
909 |
|
910 |
-
|
911 |
-
limit_login_get_option('limit_login_' . $name, $name);
|
912 |
-
}
|
913 |
-
|
914 |
-
limit_login_sanitize_options();
|
915 |
}
|
916 |
|
917 |
|
918 |
/* Update options in db from global variables */
|
919 |
function limit_login_update_options() {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
920 |
global $limit_login_options;
|
921 |
|
922 |
-
|
923 |
-
if (is_bool($value)) {
|
924 |
-
$value = $value ? '1' : '0';
|
925 |
-
}
|
926 |
-
update_option('limit_login_' . $name, $value);
|
927 |
-
}
|
928 |
}
|
929 |
|
930 |
|
931 |
/* Make sure the variables make sense */
|
932 |
-
function
|
933 |
global $limit_login_options;
|
934 |
|
|
|
|
|
|
|
|
|
|
|
|
|
935 |
$notify_email_after = max(1, intval(limit_login_option('notify_email_after')));
|
936 |
$limit_login_options['notify_email_after'] = min(limit_login_option('allowed_lockouts'), $notify_email_after);
|
937 |
|
@@ -954,58 +698,12 @@ function limit_login_sanitize_options() {
|
|
954 |
&& limit_login_option('client_type') != LIMIT_LOGIN_PROXY_ADDR ) {
|
955 |
$limit_login_options['client_type'] = LIMIT_LOGIN_DIRECT_ADDR;
|
956 |
}
|
957 |
-
|
958 |
-
$pwd_reset_func_supported = limit_login_support_pwd_reset_options();
|
959 |
-
$pwd_reset_username = limit_login_option('disable_pwd_reset_username')
|
960 |
-
&& $pwd_reset_func_supported;
|
961 |
-
$pwd_reset = limit_login_option('disable_pwd_reset')
|
962 |
-
&& $pwd_reset_func_supported;
|
963 |
-
|
964 |
-
$limit_login_options['disable_pwd_reset_username'] = $pwd_reset_username;
|
965 |
-
$limit_login_options['disable_pwd_reset'] = $pwd_reset;
|
966 |
}
|
967 |
|
968 |
|
969 |
-
/* Get stored array -- add if necessary */
|
970 |
-
function limit_login_get_array($array_name) {
|
971 |
-
$real_array_name = 'limit_login_' . $array_name;
|
972 |
-
|
973 |
-
$a = get_option($real_array_name);
|
974 |
-
|
975 |
-
if ($a === false) {
|
976 |
-
$a = array();
|
977 |
-
add_option($real_array_name, $a, '', 'no'); /* no autoload */
|
978 |
-
}
|
979 |
-
|
980 |
-
return $a;
|
981 |
-
}
|
982 |
-
|
983 |
-
|
984 |
-
/* Store array */
|
985 |
-
function limit_login_save_array($array_name, $a) {
|
986 |
-
$real_array_name = 'limit_login_' . $array_name;
|
987 |
-
update_option($real_array_name, $a);
|
988 |
-
}
|
989 |
-
|
990 |
-
|
991 |
-
/*
|
992 |
-
* Admin page stuff
|
993 |
-
*/
|
994 |
-
|
995 |
/* Add admin options page */
|
996 |
function limit_login_admin_menu() {
|
997 |
add_options_page('Limit Login Attempts', 'Limit Login Attempts', 8, 'limit-login-attempts', 'limit_login_option_page');
|
998 |
-
|
999 |
-
if ( $_GET['page'] == "limit-login-attempts" ) {
|
1000 |
-
wp_enqueue_script('jquery');
|
1001 |
-
}
|
1002 |
-
}
|
1003 |
-
|
1004 |
-
|
1005 |
-
/* Make a guess if we are behind a proxy or not */
|
1006 |
-
function limit_login_guess_proxy() {
|
1007 |
-
return isset($_SERVER[LIMIT_LOGIN_PROXY_ADDR])
|
1008 |
-
? LIMIT_LOGIN_PROXY_ADDR : LIMIT_LOGIN_DIRECT_ADDR;
|
1009 |
}
|
1010 |
|
1011 |
|
@@ -1032,253 +730,6 @@ function limit_login_show_log($log) {
|
|
1032 |
}
|
1033 |
}
|
1034 |
|
1035 |
-
|
1036 |
-
/* Remove space and - characters before comparing (because of how user_nicename
|
1037 |
-
* is constructed from user_login) */
|
1038 |
-
function limit_login_fuzzy_cmp($s1, $s2) {
|
1039 |
-
$remove = array(' ', '-');
|
1040 |
-
|
1041 |
-
return strcasecmp(str_replace($remove, '', $s1), str_replace($remove, '', $s2));
|
1042 |
-
}
|
1043 |
-
|
1044 |
-
|
1045 |
-
/* Show privileged users various names, and warn if equal to login name */
|
1046 |
-
function limit_login_show_users() {
|
1047 |
-
global $wpdb;
|
1048 |
-
|
1049 |
-
$sql = "SELECT u.ID, u.user_login, u.user_nicename, u.display_name"
|
1050 |
-
. " , um.meta_value AS role, um2.meta_value AS nickname"
|
1051 |
-
. " FROM $wpdb->users u"
|
1052 |
-
. " INNER JOIN $wpdb->usermeta um ON u.ID = um.user_id"
|
1053 |
-
. " LEFT JOIN $wpdb->usermeta um2 ON u.ID = um2.user_id"
|
1054 |
-
. " WHERE um.meta_key = '{$wpdb->prefix}capabilities'"
|
1055 |
-
. " AND NOT (um.meta_value LIKE '%subscriber%'"
|
1056 |
-
. " OR um.meta_value LIKE '%unapproved%')"
|
1057 |
-
. " AND um2.meta_key = 'nickname'";
|
1058 |
-
|
1059 |
-
$users = $wpdb->get_results($sql);
|
1060 |
-
|
1061 |
-
if (!$users || count($users) == 0) {
|
1062 |
-
return;
|
1063 |
-
}
|
1064 |
-
|
1065 |
-
$r = '';
|
1066 |
-
$bad_count = 0;
|
1067 |
-
foreach ($users as $user) {
|
1068 |
-
$login_ok = limit_login_fuzzy_cmp($user->user_login, 'admin');
|
1069 |
-
$display_ok = limit_login_fuzzy_cmp($user->user_login, $user->display_name);
|
1070 |
-
$nicename_ok = limit_login_fuzzy_cmp($user->user_login, $user->user_nicename);
|
1071 |
-
$nickname_ok = limit_login_fuzzy_cmp($user->user_login, $user->nickname);
|
1072 |
-
|
1073 |
-
if (!($login_ok && $display_ok && $nicename_ok && $nickname_ok)) {
|
1074 |
-
$bad_count++;
|
1075 |
-
}
|
1076 |
-
|
1077 |
-
$edit = "user-edit.php?user_id={$user->ID}";
|
1078 |
-
$nicename_input = '<input type="text" size="20" maxlength="45"'
|
1079 |
-
. " value=\"{$user->user_nicename}\" name=\"nicename-{$user->ID}\""
|
1080 |
-
. ' class="warning-disabled" disabled="true" />';
|
1081 |
-
|
1082 |
-
$role = implode(',', array_keys(maybe_unserialize($user->role)));
|
1083 |
-
$login = limit_login_show_maybe_warning(!$login_ok, $user->user_login, $edit
|
1084 |
-
, __("Account named admin should not have privileges", 'limit-login-attempts'));
|
1085 |
-
$display = limit_login_show_maybe_warning(!$display_ok, $user->display_name, $edit
|
1086 |
-
, __("Make display name different from login name", 'limit-login-attempts'));
|
1087 |
-
$nicename = limit_login_show_maybe_warning(!$nicename_ok, $nicename_input, ''
|
1088 |
-
, __("Make url name different from login name", 'limit-login-attempts'));
|
1089 |
-
$nickname = limit_login_show_maybe_warning(!$nickname_ok, $user->nickname, $edit
|
1090 |
-
, __("Make nickname different from login name", 'limit-login-attempts'));
|
1091 |
-
|
1092 |
-
$r .= '<tr><td>' . $edit_link . $login . '</a></td>'
|
1093 |
-
. '<td>' . $role . '</td>'
|
1094 |
-
. '<td>' . $display . '</td>'
|
1095 |
-
. '<td>' . $nicename . '</td>'
|
1096 |
-
. '<td>' . $nickname . '</td>'
|
1097 |
-
. '</tr>';
|
1098 |
-
}
|
1099 |
-
|
1100 |
-
|
1101 |
-
if (!$bad_count) {
|
1102 |
-
echo(sprintf('<p><i>%s</i></p>'
|
1103 |
-
, __("Privileged usernames, display names, url names and nicknames are ok", 'limit-login-attempts')));
|
1104 |
-
}
|
1105 |
-
|
1106 |
-
echo('<table class="widefat"><thead><tr class="thead">'
|
1107 |
-
. '<th scope="col">'
|
1108 |
-
. __("User Login", 'limit-login-attempts')
|
1109 |
-
. '</th><th scope="col">'
|
1110 |
-
. __('Role', 'limit-login-attempts')
|
1111 |
-
. '</th><th scope="col">'
|
1112 |
-
. __('Display Name', 'limit-login-attempts')
|
1113 |
-
. '</th><th scope="col">'
|
1114 |
-
. __('URL Name <small>("nicename")</small>', 'limit-login-attempts')
|
1115 |
-
. ' <a href="http://wordpress.org/extend/plugins/limit-login-attempts/faq/"'
|
1116 |
-
. ' title="' . __('What is this?', 'limit-login-attempts') . '">?</a>'
|
1117 |
-
. '</th><th scope="col">'
|
1118 |
-
. __('Nickname', 'limit-login-attempts')
|
1119 |
-
. '</th></tr></thead>'
|
1120 |
-
. $r
|
1121 |
-
. '</table>');
|
1122 |
-
}
|
1123 |
-
|
1124 |
-
|
1125 |
-
function limit_login_nicenames_from_post() {
|
1126 |
-
$match = 'nicename-'; /* followed by user id */
|
1127 |
-
$changed = '';
|
1128 |
-
|
1129 |
-
foreach ($_POST as $name => $val) {
|
1130 |
-
if (strncmp($name, $match, strlen($match)))
|
1131 |
-
continue;
|
1132 |
-
|
1133 |
-
/* Get user ID */
|
1134 |
-
$a = explode('-', $name);
|
1135 |
-
$id = intval($a[1]);
|
1136 |
-
if (!$id)
|
1137 |
-
continue;
|
1138 |
-
|
1139 |
-
/*
|
1140 |
-
* To be safe we use the same functions as when an original nicename is
|
1141 |
-
* constructed from user login name.
|
1142 |
-
*/
|
1143 |
-
$nicename = sanitize_title(sanitize_user($val, true));
|
1144 |
-
|
1145 |
-
if (empty($nicename))
|
1146 |
-
continue;
|
1147 |
-
|
1148 |
-
/* Check against original user */
|
1149 |
-
$user = get_userdata($id);
|
1150 |
-
|
1151 |
-
if (!$user)
|
1152 |
-
continue;
|
1153 |
-
|
1154 |
-
/* nicename changed? */
|
1155 |
-
if (!strcmp($nicename, $user->user_nicename))
|
1156 |
-
continue;
|
1157 |
-
|
1158 |
-
$userdata = array('ID' => $id, 'user_nicename' => $nicename);
|
1159 |
-
wp_update_user($userdata);
|
1160 |
-
|
1161 |
-
wp_cache_delete($user->user_nicename, 'userlugs');
|
1162 |
-
|
1163 |
-
if (!empty($changed))
|
1164 |
-
$changed .= ', ';
|
1165 |
-
$changed .= "'{$user->user_login}' nicename {$user->user_nicename} => $nicename";
|
1166 |
-
}
|
1167 |
-
|
1168 |
-
if (!empty($changed)) {
|
1169 |
-
echo '<div id="message" class="updated fade"><p>'
|
1170 |
-
. __('URL names changed', 'limit-login-attempts')
|
1171 |
-
. '<br />' . $changed
|
1172 |
-
. '</p></div>';
|
1173 |
-
} else {
|
1174 |
-
echo '<div id="message" class="updated fade"><p>'
|
1175 |
-
. __('No names changed', 'limit-login-attempts')
|
1176 |
-
. '</p></div>';
|
1177 |
-
}
|
1178 |
-
}
|
1179 |
-
|
1180 |
-
|
1181 |
-
function limit_login_show_maybe_warning($is_warn, $name, $edit_url, $title) {
|
1182 |
-
static $alt, $bad_img_url;
|
1183 |
-
|
1184 |
-
if (!$is_warn) {
|
1185 |
-
return $name;
|
1186 |
-
}
|
1187 |
-
|
1188 |
-
if (empty($alt)) {
|
1189 |
-
$alt = __("bad name", 'limit-login-attempts');
|
1190 |
-
}
|
1191 |
-
|
1192 |
-
if (empty($bad_img_url)) {
|
1193 |
-
if ( !defined('WP_PLUGIN_URL') )
|
1194 |
-
$plugin_url = get_option('siteurl') . '/wp-content/plugins';
|
1195 |
-
else
|
1196 |
-
$plugin_url = WP_PLUGIN_URL;
|
1197 |
-
|
1198 |
-
$bad_img_url = $plugin_url . '/limit-login-attempts/images/icon_bad.gif';
|
1199 |
-
}
|
1200 |
-
|
1201 |
-
$s = "<img src=\"$bad_img_url\" alt=\"$alt\" title=\"$title\" />";
|
1202 |
-
if (!empty($edit_url))
|
1203 |
-
$s .= "<a href=\"$edit_url\" title=\"$title\">";
|
1204 |
-
$s .= $name;
|
1205 |
-
if (!empty($edit_url))
|
1206 |
-
$s .= '</a>';
|
1207 |
-
|
1208 |
-
return $s;
|
1209 |
-
}
|
1210 |
-
|
1211 |
-
|
1212 |
-
/* Count ip currently locked out from registering new users */
|
1213 |
-
function limit_login_count_reg_lockouts() {
|
1214 |
-
$valid = limit_login_get_array('registrations_valid');
|
1215 |
-
$regs = limit_login_get_array('registrations');
|
1216 |
-
$allowed = limit_login_option('register_allowed');
|
1217 |
-
|
1218 |
-
$now = time();
|
1219 |
-
$total = 0;
|
1220 |
-
|
1221 |
-
foreach ($valid as $ip => $until) {
|
1222 |
-
if ($until >= $now && isset($regs[$ip]) && $regs[$ip] >= $allowed)
|
1223 |
-
$total++;
|
1224 |
-
}
|
1225 |
-
|
1226 |
-
return $total;
|
1227 |
-
}
|
1228 |
-
|
1229 |
-
|
1230 |
-
/* Show all role levels <select> */
|
1231 |
-
function limit_login_select_level($current) {
|
1232 |
-
global $limit_login_level_role;
|
1233 |
-
|
1234 |
-
for ($i = 0; $i <= 10; $i++) {
|
1235 |
-
$selected = ($i == $current) ? ' SELECTED ' : '';
|
1236 |
-
$name = (array_key_exists($i, $limit_login_level_role)) ? ' - ' . $limit_login_level_role[$i] : '';
|
1237 |
-
echo("<option value=\"$i\" $selected>$i$name</option>");
|
1238 |
-
}
|
1239 |
-
}
|
1240 |
-
|
1241 |
-
|
1242 |
-
/* Get options from $_POST[] and update global options variable */
|
1243 |
-
function limit_login_get_options_from_post() {
|
1244 |
-
global $limit_login_options;
|
1245 |
-
|
1246 |
-
$option_multiple =
|
1247 |
-
array('lockout_duration' => 60, 'valid_duration' => 3600
|
1248 |
-
, 'long_duration' => 3600, 'register_duration' => 3600);
|
1249 |
-
|
1250 |
-
foreach ($limit_login_options as $name => $oldvalue) {
|
1251 |
-
if (is_bool($oldvalue)) {
|
1252 |
-
$value = isset($_POST[$name]) && $_POST[$name] == '1';
|
1253 |
-
} else {
|
1254 |
-
if (!isset($_POST[$name])) {
|
1255 |
-
continue;
|
1256 |
-
}
|
1257 |
-
|
1258 |
-
$value = $_POST[$name];
|
1259 |
-
if (is_numeric($oldvalue)) {
|
1260 |
-
$value = intval($value);
|
1261 |
-
}
|
1262 |
-
if (array_key_exists($name, $option_multiple)) {
|
1263 |
-
$value = $value * $option_multiple[$name];
|
1264 |
-
}
|
1265 |
-
}
|
1266 |
-
|
1267 |
-
$limit_login_options[$name] = $value;
|
1268 |
-
}
|
1269 |
-
|
1270 |
-
/* Special handling for lockout_notify */
|
1271 |
-
$v = array();
|
1272 |
-
if (isset($_POST['lockout_notify_log'])) {
|
1273 |
-
$v[] = 'log';
|
1274 |
-
}
|
1275 |
-
if (isset($_POST['lockout_notify_email'])) {
|
1276 |
-
$v[] = 'email';
|
1277 |
-
}
|
1278 |
-
$limit_login_options['lockout_notify'] = implode(',', $v);
|
1279 |
-
}
|
1280 |
-
|
1281 |
-
|
1282 |
/* Actual admin page */
|
1283 |
function limit_login_option_page() {
|
1284 |
limit_login_cleanup();
|
@@ -1307,7 +758,7 @@ function limit_login_option_page() {
|
|
1307 |
. __('Reset lockout count', 'limit-login-attempts')
|
1308 |
. '</p></div>';
|
1309 |
}
|
1310 |
-
|
1311 |
/* Should we restore current lockouts? */
|
1312 |
if (isset($_POST['reset_current'])) {
|
1313 |
update_option('limit_login_lockouts', array());
|
@@ -1315,54 +766,51 @@ function limit_login_option_page() {
|
|
1315 |
. __('Cleared current lockouts', 'limit-login-attempts')
|
1316 |
. '</p></div>';
|
1317 |
}
|
1318 |
-
|
1319 |
-
/* Should we reset registration counter? */
|
1320 |
-
if (isset($_POST['reset_reg_total'])) {
|
1321 |
-
update_option('limit_login_reg_lockouts_total', 0);
|
1322 |
-
echo '<div id="message" class="updated fade"><p>'
|
1323 |
-
. __('Reset registration lockout count', 'limit-login-attempts')
|
1324 |
-
. '</p></div>';
|
1325 |
-
}
|
1326 |
-
|
1327 |
-
/* Should we restore current registration lockouts? */
|
1328 |
-
if (isset($_POST['reset_reg_current'])) {
|
1329 |
-
update_option('limit_login_registrations', array());
|
1330 |
-
update_option('limit_login_registrations_valid', array());
|
1331 |
-
echo '<div id="message" class="updated fade"><p>'
|
1332 |
-
. __('Cleared current registration lockouts', 'limit-login-attempts')
|
1333 |
-
. '</p></div>';
|
1334 |
-
}
|
1335 |
|
1336 |
/* Should we update options? */
|
1337 |
if (isset($_POST['update_options'])) {
|
1338 |
-
|
1339 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1340 |
limit_login_update_options();
|
1341 |
echo '<div id="message" class="updated fade"><p>'
|
1342 |
. __('Options changed', 'limit-login-attempts')
|
1343 |
. '</p></div>';
|
1344 |
}
|
1345 |
|
1346 |
-
/* Should we change user nicenames?? */
|
1347 |
-
if (isset($_POST['users_submit'])) {
|
1348 |
-
limit_login_nicenames_from_post();
|
1349 |
-
}
|
1350 |
-
|
1351 |
$lockouts_total = get_option('limit_login_lockouts_total', 0);
|
1352 |
-
$
|
1353 |
-
$
|
1354 |
-
$reg_lockouts_now = limit_login_count_reg_lockouts();
|
1355 |
|
1356 |
if (!limit_login_support_cookie_option()) {
|
1357 |
$cookies_disabled = ' DISABLED ';
|
1358 |
$cookies_note = ' <br /> '
|
1359 |
-
.
|
1360 |
-
|
1361 |
} else {
|
1362 |
$cookies_disabled = '';
|
1363 |
$cookies_note = '';
|
1364 |
}
|
1365 |
$cookies_yes = limit_login_option('cookies') ? ' checked ' : '';
|
|
|
1366 |
|
1367 |
$client_type = limit_login_option('client_type');
|
1368 |
$client_type_direct = $client_type == LIMIT_LOGIN_DIRECT_ADDR ? ' checked ' : '';
|
@@ -1387,59 +835,7 @@ function limit_login_option_page() {
|
|
1387 |
$v = explode(',', limit_login_option('lockout_notify'));
|
1388 |
$log_checked = in_array('log', $v) ? ' checked ' : '';
|
1389 |
$email_checked = in_array('email', $v) ? ' checked ' : '';
|
1390 |
-
|
1391 |
-
|
1392 |
-
if (!limit_login_support_pwd_reset_options()) {
|
1393 |
-
$pwd_reset_options_disabled = ' DISABLED ';
|
1394 |
-
$pwd_reset_options_note = ' <br /> '
|
1395 |
-
. sprintf(__('<strong>NOTE:</strong> Only works in Wordpress %s or later'
|
1396 |
-
, 'limit-login-attempts'), '2.6.5');
|
1397 |
-
} else {
|
1398 |
-
$pwd_reset_options_disabled = '';
|
1399 |
-
$pwd_reset_options_note = '';
|
1400 |
-
}
|
1401 |
-
|
1402 |
-
$disable_pwd_reset_username_yes = limit_login_option('disable_pwd_reset_username') ? ' checked ' : '';
|
1403 |
-
$disable_pwd_reset_yes = limit_login_option('disable_pwd_reset') ? ' checked ' : '';
|
1404 |
-
|
1405 |
-
$register_enforce_yes = limit_login_option('register_enforce') ? ' checked ' : '';
|
1406 |
-
|
1407 |
?>
|
1408 |
-
<script type="text/javascript">
|
1409 |
-
jQuery(document).ready(function(){
|
1410 |
-
jQuery("#warning_checkbox").click(function(event){
|
1411 |
-
if (jQuery(this).attr("checked")) {
|
1412 |
-
jQuery("input.warning-disabled").removeAttr("disabled");
|
1413 |
-
} else {
|
1414 |
-
jQuery("input.warning-disabled").attr("disabled", "disabled");
|
1415 |
-
}
|
1416 |
-
});
|
1417 |
-
});
|
1418 |
-
</script>
|
1419 |
-
<style type="text/css" media="screen">
|
1420 |
-
table.limit-login {
|
1421 |
-
width: 100%;
|
1422 |
-
border-collapse: collapse;
|
1423 |
-
}
|
1424 |
-
.limit-login th {
|
1425 |
-
font-size: 12px;
|
1426 |
-
font-weight: bold;
|
1427 |
-
text-align: left;
|
1428 |
-
padding: 0;
|
1429 |
-
}
|
1430 |
-
.limit-login td {
|
1431 |
-
font-size: 11px;
|
1432 |
-
line-height: 12px;
|
1433 |
-
padding: 1px 5px 1px 0;
|
1434 |
-
}
|
1435 |
-
td.limit-login-ip {
|
1436 |
-
font-family: "Courier New", Courier, monospace;
|
1437 |
-
vertical-align: top;
|
1438 |
-
}
|
1439 |
-
td.limit-login-max {
|
1440 |
-
width: 100%;
|
1441 |
-
}
|
1442 |
-
</style>
|
1443 |
<div class="wrap">
|
1444 |
<h2><?php echo __('Limit Login Attempts Settings','limit-login-attempts'); ?></h2>
|
1445 |
<h3><?php echo __('Statistics','limit-login-attempts'); ?></h3>
|
@@ -1464,24 +860,6 @@ jQuery(document).ready(function(){
|
|
1464 |
</td>
|
1465 |
</tr>
|
1466 |
<?php } ?>
|
1467 |
-
<?php if ($reg_lockouts_total > 0) { ?>
|
1468 |
-
<tr>
|
1469 |
-
<th scope="row" valign="top"><?php echo __('Total registration lockouts','limit-login-attempts'); ?></th>
|
1470 |
-
<td>
|
1471 |
-
<input name="reset_reg_total" value="<?php echo __('Reset Counter','limit-login-attempts'); ?>" type="submit" />
|
1472 |
-
<?php echo sprintf(__ngettext('%d registration lockout since last reset', '%d registration lockouts since last reset', $reg_lockouts_total, 'limit-login-attempts'), $reg_lockouts_total); ?>
|
1473 |
-
</td>
|
1474 |
-
</tr>
|
1475 |
-
<?php } ?>
|
1476 |
-
<?php if ($reg_lockouts_now > 0) { ?>
|
1477 |
-
<tr>
|
1478 |
-
<th scope="row" valign="top"><?php echo __('Active registration lockouts','limit-login-attempts'); ?></th>
|
1479 |
-
<td>
|
1480 |
-
<input name="reset_reg_current" value="<?php echo __('Restore Lockouts','limit-login-attempts'); ?>" type="submit" />
|
1481 |
-
<?php echo sprintf(__('%d IP is currently blocked from registering new users','limit-login-attempts'), $reg_lockouts_now); ?>
|
1482 |
-
</td>
|
1483 |
-
</tr>
|
1484 |
-
<?php } ?>
|
1485 |
</table>
|
1486 |
</form>
|
1487 |
<h3><?php echo __('Options','limit-login-attempts'); ?></h3>
|
@@ -1497,13 +875,6 @@ jQuery(document).ready(function(){
|
|
1497 |
<input type="text" size="3" maxlength="4" value="<?php echo(limit_login_option('valid_duration')/3600); ?>" name="valid_duration" /> <?php echo __('hours until retries are reset','limit-login-attempts'); ?>
|
1498 |
</td>
|
1499 |
</tr>
|
1500 |
-
<tr>
|
1501 |
-
<th scope="row" valign="top"><?php echo __('User cookie login','limit-login-attempts'); ?></th>
|
1502 |
-
<td>
|
1503 |
-
<label><input type="checkbox" name="cookies" <?php echo $cookies_disabled . $cookies_yes; ?> value="1" /> <?php echo __('Handle cookie login','limit-login-attempts'); ?></label>
|
1504 |
-
<?php echo $cookies_note ?>
|
1505 |
-
</td>
|
1506 |
-
</tr>
|
1507 |
<tr>
|
1508 |
<th scope="row" valign="top"><?php echo __('Site connection','limit-login-attempts'); ?></th>
|
1509 |
<td>
|
@@ -1522,25 +893,17 @@ jQuery(document).ready(function(){
|
|
1522 |
</td>
|
1523 |
</tr>
|
1524 |
<tr>
|
1525 |
-
<th scope="row" valign="top"><?php echo __('
|
1526 |
<td>
|
1527 |
-
<input type="
|
1528 |
-
|
1529 |
-
</td>
|
1530 |
-
</tr>
|
1531 |
-
<tr>
|
1532 |
-
<th scope="row" valign="top"><?php echo __('Password reset','limit-login-attempts'); ?></th>
|
1533 |
-
<td>
|
1534 |
-
<label><input type="checkbox" name="disable_pwd_reset_username" <?php echo $pwd_reset_options_disabled . $disable_pwd_reset_username_yes; ?> value="1" /> <?php echo __('Disable password reset using login name for user this level or higher','limit-login-attempts'); ?></label> <select name="pwd_reset_username_limit" <?php echo $pwd_reset_options_disabled; ?> ><?php limit_login_select_level(limit_login_option('pwd_reset_username_limit')); ?></select>
|
1535 |
-
<br />
|
1536 |
-
<label><input type="checkbox" name="disable_pwd_reset" <?php echo $pwd_reset_options_disabled . $disable_pwd_reset_yes; ?> value="1" /> <?php echo __('Disable password reset for users this level or higher','limit-login-attempts'); ?></label> <select name="pwd_reset_limit" <?php echo $pwd_reset_options_disabled; ?> ><?php limit_login_select_level(limit_login_option('pwd_reset_limit')); ?></select>
|
1537 |
-
<?php echo $pwd_reset_options_note; ?>
|
1538 |
</td>
|
1539 |
</tr>
|
1540 |
<tr>
|
1541 |
-
<th scope="row" valign="top"><?php echo __('
|
1542 |
<td>
|
1543 |
-
<input type="checkbox" name="
|
|
|
1544 |
</td>
|
1545 |
</tr>
|
1546 |
</table>
|
@@ -1548,26 +911,12 @@ jQuery(document).ready(function(){
|
|
1548 |
<input name="update_options" value="<?php echo __('Change Options','limit-login-attempts'); ?>" type="submit" />
|
1549 |
</p>
|
1550 |
</form>
|
1551 |
-
<h3><?php echo __('Privileged users','limit-login-attempts'); ?></h3>
|
1552 |
-
<form action="options-general.php?page=limit-login-attempts" method="post" name="form_users">
|
1553 |
-
<?php wp_nonce_field('limit-login-attempts-options'); ?>
|
1554 |
-
|
1555 |
-
<?php limit_login_show_users(); ?>
|
1556 |
-
<div class="tablenav actions">
|
1557 |
-
<input type="checkbox" id="warning_checkbox" name="warning_danger" value="1" name="users_warning_check" /> <?php echo sprintf(__('I <a href="%s">understand</a> the problems involved', 'limit-login-attempts'), 'http://wordpress.org/extend/plugins/limit-login-attempts/faq/'); ?></a> <input type="submit" class="button-secondary action warning-disabled" value="<?php echo __('Change Names', 'limit-login-attempts'); ?>" name="users_submit" disabled="true" />
|
1558 |
-
</div>
|
1559 |
-
</form>
|
1560 |
<?php
|
1561 |
-
$log =
|
1562 |
|
1563 |
if (is_array($log) && count($log) > 0) {
|
1564 |
?>
|
1565 |
<h3><?php echo __('Lockout log','limit-login-attempts'); ?></h3>
|
1566 |
-
<div class="limit-login">
|
1567 |
-
<table>
|
1568 |
-
<?php limit_login_show_log($log); ?>
|
1569 |
-
</table>
|
1570 |
-
</div>
|
1571 |
<form action="options-general.php?page=limit-login-attempts" method="post">
|
1572 |
<?php wp_nonce_field('limit-login-attempts-options'); ?>
|
1573 |
<input type="hidden" value="true" name="clear_log" />
|
@@ -1575,10 +924,31 @@ jQuery(document).ready(function(){
|
|
1575 |
<input name="submit" value="<?php echo __('Clear Log','limit-login-attempts'); ?>" type="submit" />
|
1576 |
</p>
|
1577 |
</form>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1578 |
<?php
|
1579 |
} /* if showing $log */
|
1580 |
?>
|
|
|
1581 |
</div>
|
1582 |
<?php
|
1583 |
-
}
|
1584 |
?>
|
5 |
Description: Limit rate of login attempts, including by way of cookies, for each IP.
|
6 |
Author: Johan Eenfeldt
|
7 |
Author URI: http://devel.kostdoktorn.se
|
8 |
+
Version: 1.4.1
|
9 |
|
10 |
Copyright 2008, 2009 Johan Eenfeldt
|
11 |
|
36 |
define('LIMIT_LOGIN_DIRECT_ADDR', 'REMOTE_ADDR');
|
37 |
define('LIMIT_LOGIN_PROXY_ADDR', 'HTTP_X_FORWARDED_FOR');
|
38 |
|
39 |
+
/* Notify value checked against these in limit_login_sanitize_variables() */
|
40 |
define('LIMIT_LOGIN_LOCKOUT_NOTIFY_ALLOWED', 'log,email');
|
41 |
|
42 |
/*
|
76 |
|
77 |
/* If notify by email, do so after this number of lockouts */
|
78 |
, 'notify_email_after' => 4
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
79 |
);
|
80 |
|
81 |
$limit_login_my_error_shown = false; /* have we shown our stuff? */
|
82 |
$limit_login_just_lockedout = false; /* started this pageload??? */
|
83 |
$limit_login_nonempty_credentials = false; /* user and pwd nonempty */
|
84 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
85 |
|
86 |
/*
|
87 |
* Startup
|
113 |
add_action('login_head', 'limit_login_add_error_message');
|
114 |
add_action('login_errors', 'limit_login_fixup_error_messages');
|
115 |
add_action('admin_menu', 'limit_login_admin_menu');
|
116 |
+
}
|
117 |
+
|
118 |
+
|
119 |
+
/* Get current option value */
|
120 |
+
function limit_login_option($option_name) {
|
121 |
+
global $limit_login_options;
|
122 |
+
|
123 |
+
if (isset($limit_login_options[$option_name])) {
|
124 |
+
return $limit_login_options[$option_name];
|
125 |
+
} else {
|
126 |
+
return null;
|
127 |
}
|
128 |
}
|
129 |
|
162 |
}
|
163 |
|
164 |
|
165 |
+
/* Check if it is ok to login */
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
166 |
function is_limit_login_ok() {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
167 |
$ip = limit_login_get_address();
|
168 |
|
169 |
+
/* lockout active? */
|
170 |
+
$lockouts = get_option('limit_login_lockouts');
|
171 |
+
return (!is_array($lockouts) || !isset($lockouts[$ip]) || time() >= $lockouts[$ip]);
|
|
|
|
|
|
|
172 |
}
|
173 |
|
174 |
|
230 |
function limit_login_failed($arg) {
|
231 |
$ip = limit_login_get_address();
|
232 |
|
233 |
+
/* if currently locked-out, do not add to retries */
|
234 |
+
$lockouts = get_option('limit_login_lockouts');
|
235 |
+
if(is_array($lockouts) && isset($lockouts[$ip]) && time() < $lockouts[$ip]) {
|
236 |
return;
|
237 |
+
} elseif (!is_array($lockouts)) {
|
238 |
+
$lockouts = array();
|
239 |
}
|
240 |
|
241 |
/* Get the arrays with retries and retries-valid information */
|
242 |
+
$retries = get_option('limit_login_retries');
|
243 |
+
$valid = get_option('limit_login_retries_valid');
|
244 |
+
if ($retries === false) {
|
245 |
+
$retries = array();
|
246 |
+
add_option('limit_login_retries', $retries, '', 'no');
|
247 |
+
}
|
248 |
+
if ($valid === false) {
|
249 |
+
$valid = array();
|
250 |
+
add_option('limit_login_retries_valid', $valid, '', 'no');
|
251 |
+
}
|
252 |
|
253 |
/* Check validity and add one to retries */
|
254 |
if (isset($retries[$ip]) && isset($valid[$ip]) && time() < $valid[$ip]) {
|
307 |
}
|
308 |
|
309 |
|
310 |
+
/* Clean up any old lockouts and old retries */
|
311 |
function limit_login_cleanup($retries = null, $lockouts = null, $valid = null) {
|
312 |
$now = time();
|
313 |
+
$lockouts = !is_null($lockouts) ? $lockouts : get_option('limit_login_lockouts');
|
314 |
|
315 |
/* remove old lockouts */
|
316 |
+
if (is_array($lockouts)) {
|
317 |
+
foreach ($lockouts as $ip => $lockout) {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
318 |
if ($lockout < $now) {
|
319 |
+
unset($lockouts[$ip]);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
320 |
}
|
321 |
}
|
322 |
+
update_option('limit_login_lockouts', $lockouts);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
323 |
}
|
|
|
324 |
|
325 |
+
/* remove retries that are no longer valid */
|
326 |
+
$valid = !is_null($valid) ? $valid : get_option('limit_login_retries_valid');
|
327 |
+
$retries = !is_null($retries) ? $retries : get_option('limit_login_retries');
|
328 |
+
if (!is_array($valid) || !is_array($retries)) {
|
|
|
|
|
|
|
329 |
return;
|
330 |
}
|
331 |
|
332 |
+
foreach ($valid as $ip => $lockout) {
|
333 |
+
if ($lockout < $now) {
|
334 |
+
unset($valid[$ip]);
|
335 |
+
unset($retries[$ip]);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
336 |
}
|
337 |
}
|
338 |
|
339 |
+
/* go through retries directly, if for some reason they've gone out of sync */
|
340 |
+
foreach ($retries as $ip => $retry) {
|
341 |
+
if (!isset($valid[$ip])) {
|
342 |
+
unset($retries[$ip]);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
343 |
}
|
344 |
}
|
345 |
|
346 |
+
update_option('limit_login_retries', $retries);
|
347 |
+
update_option('limit_login_retries_valid', $valid);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
348 |
}
|
349 |
|
350 |
|
|
|
|
|
|
|
|
|
351 |
/* Email notification of lockout to admin (if configured) */
|
352 |
function limit_login_notify_email($user) {
|
353 |
$ip = limit_login_get_address();
|
354 |
+
$retries = get_option('limit_login_retries');
|
355 |
|
356 |
+
if (!is_array($retries)) {
|
357 |
+
$retries = array();
|
358 |
+
}
|
359 |
+
|
360 |
+
/* check if we are at the right nr to do notification */
|
361 |
if ( isset($retries[$ip])
|
362 |
&& ( ($retries[$ip] / limit_login_option('allowed_retries'))
|
363 |
% limit_login_option('notify_email_after') ) != 0 ) {
|
397 |
|
398 |
/* Logging of lockout (if configured) */
|
399 |
function limit_login_notify_log($user) {
|
400 |
+
$log = get_option('limit_login_logged');
|
401 |
$ip = limit_login_get_address();
|
402 |
+
if ($log === false) {
|
403 |
+
$log = array($ip => array($user => 1));
|
404 |
+
add_option('limit_login_logged', $log, '', 'no'); /* no autoload */
|
405 |
+
} else {
|
406 |
+
/* can be written much simpler, if you do not mind php warnings */
|
407 |
+
if (isset($log[$ip])) {
|
408 |
+
if (isset($log[$ip][$user])) {
|
409 |
+
$log[$ip][$user]++;
|
410 |
+
} else {
|
411 |
+
$log[$ip][$user] = 1;
|
412 |
+
}
|
413 |
} else {
|
414 |
+
$log[$ip] = array($user => 1);
|
415 |
}
|
416 |
+
update_option('limit_login_logged', $log);
|
|
|
417 |
}
|
|
|
418 |
}
|
419 |
|
420 |
|
439 |
}
|
440 |
|
441 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
442 |
/* Construct informative error message */
|
443 |
+
function limit_login_error_msg() {
|
444 |
$ip = limit_login_get_address();
|
445 |
+
$lockouts = get_option('limit_login_lockouts');
|
446 |
|
447 |
+
$msg = __('<strong>ERROR</strong>: Too many failed login attempts.', 'limit-login-attempts') . ' ';
|
|
|
|
|
448 |
|
449 |
+
if (!is_array($lockouts) || !isset($lockouts[$ip]) || time() >= $lockouts[$ip]) {
|
450 |
+
/* Huh? No timeout active? */
|
451 |
+
$msg .= __('Please try again later.', 'limit-login-attempts');
|
452 |
return $msg;
|
453 |
}
|
454 |
|
467 |
/* Construct retries remaining message */
|
468 |
function limit_login_retries_remaining_msg() {
|
469 |
$ip = limit_login_get_address();
|
470 |
+
$retries = get_option('limit_login_retries');
|
471 |
+
$valid = get_option('limit_login_retries_valid');
|
472 |
|
473 |
/* Should we show retries remaining? */
|
474 |
+
|
475 |
+
if (!is_array($retries) || !is_array($valid)) {
|
476 |
+
/* no retries at all */
|
477 |
+
return '';
|
478 |
+
}
|
479 |
if (!isset($retries[$ip]) || !isset($valid[$ip]) || time() > $valid[$ip]) {
|
480 |
/* no: no valid retries */
|
481 |
return '';
|
515 |
}
|
516 |
|
517 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
518 |
/* Fix up the error message before showing it */
|
519 |
function limit_login_fixup_error_messages($content) {
|
520 |
global $limit_login_just_lockedout, $limit_login_nonempty_credentials, $limit_login_my_error_shown;
|
525 |
|
526 |
/*
|
527 |
* During lockout we do not want to show any other error messages (like
|
528 |
+
* unknown user or empty password).
|
|
|
529 |
*/
|
530 |
if (!is_limit_login_ok() && !$limit_login_just_lockedout) {
|
531 |
return limit_login_error_msg();
|
535 |
* We want to filter the messages 'Invalid username' and 'Invalid password'
|
536 |
* as that is an information leak regarding user account names.
|
537 |
*
|
538 |
+
* Also, if more than one error message, put an extra <br /> tag between
|
539 |
+
* them.
|
540 |
*/
|
541 |
$msgs = explode("<br />\n", $content);
|
542 |
|
575 |
function limit_login_add_error_message() {
|
576 |
global $error, $limit_login_my_error_shown;
|
577 |
|
|
|
|
|
|
|
|
|
|
|
|
|
578 |
if (!should_limit_login_show_msg() || $limit_login_my_error_shown) {
|
579 |
return;
|
580 |
}
|
598 |
}
|
599 |
|
600 |
|
601 |
+
/*
|
602 |
+
* Admin stuff
|
603 |
+
*/
|
604 |
+
|
605 |
/* Does wordpress version support cookie option? */
|
606 |
function limit_login_support_cookie_option() {
|
607 |
global $wp_version;
|
609 |
}
|
610 |
|
611 |
|
612 |
+
/* Make a guess if we are behind a proxy or not */
|
613 |
+
function limit_login_guess_proxy() {
|
614 |
+
return isset($_SERVER[LIMIT_LOGIN_PROXY_ADDR])
|
615 |
+
? LIMIT_LOGIN_PROXY_ADDR : LIMIT_LOGIN_DIRECT_ADDR;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
616 |
}
|
617 |
|
618 |
|
623 |
if ($a !== false) {
|
624 |
global $limit_login_options;
|
625 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
626 |
$limit_login_options[$var_name] = $a;
|
627 |
}
|
628 |
}
|
630 |
|
631 |
/* Setup global variables from options */
|
632 |
function limit_login_setup_options() {
|
633 |
+
limit_login_get_option('limit_login_client_type', 'client_type');
|
634 |
+
limit_login_get_option('limit_login_allowed_retries', 'allowed_retries');
|
635 |
+
limit_login_get_option('limit_login_lockout_duration', 'lockout_duration');
|
636 |
+
limit_login_get_option('limit_login_valid_duration', 'valid_duration');
|
637 |
+
limit_login_get_option('limit_login_cookies', 'cookies');
|
638 |
+
limit_login_get_option('limit_login_lockout_notify', 'lockout_notify');
|
639 |
+
limit_login_get_option('limit_login_allowed_lockouts', 'allowed_lockouts');
|
640 |
+
limit_login_get_option('limit_login_long_duration', 'long_duration');
|
641 |
+
limit_login_get_option('limit_login_notify_email_after', 'notify_email_after');
|
642 |
|
643 |
+
limit_login_sanitize_variables();
|
|
|
|
|
|
|
|
|
644 |
}
|
645 |
|
646 |
|
647 |
/* Update options in db from global variables */
|
648 |
function limit_login_update_options() {
|
649 |
+
update_option('limit_login_client_type', limit_login_option('client_type'));
|
650 |
+
update_option('limit_login_allowed_retries', limit_login_option('allowed_retries'));
|
651 |
+
update_option('limit_login_lockout_duration', limit_login_option('lockout_duration'));
|
652 |
+
update_option('limit_login_allowed_lockouts', limit_login_option('allowed_lockouts'));
|
653 |
+
update_option('limit_login_long_duration', limit_login_option('long_duration'));
|
654 |
+
update_option('limit_login_valid_duration', limit_login_option('valid_duration'));
|
655 |
+
update_option('limit_login_lockout_notify', limit_login_option('lockout_notify'));
|
656 |
+
update_option('limit_login_notify_email_after', limit_login_option('notify_email_after'));
|
657 |
+
update_option('limit_login_cookies', limit_login_option('cookies') ? '1' : '0');
|
658 |
+
}
|
659 |
+
|
660 |
+
|
661 |
+
/* Make sure the variables make sense -- simple integer */
|
662 |
+
function limit_login_sanitize_simple_int($var_name) {
|
663 |
global $limit_login_options;
|
664 |
|
665 |
+
$limit_login_options[$var_name] = max(1, intval(limit_login_option($var_name)));
|
|
|
|
|
|
|
|
|
|
|
666 |
}
|
667 |
|
668 |
|
669 |
/* Make sure the variables make sense */
|
670 |
+
function limit_login_sanitize_variables() {
|
671 |
global $limit_login_options;
|
672 |
|
673 |
+
limit_login_sanitize_simple_int('allowed_retries');
|
674 |
+
limit_login_sanitize_simple_int('lockout_duration');
|
675 |
+
limit_login_sanitize_simple_int('valid_duration');
|
676 |
+
limit_login_sanitize_simple_int('allowed_lockouts');
|
677 |
+
limit_login_sanitize_simple_int('long_duration');
|
678 |
+
|
679 |
$notify_email_after = max(1, intval(limit_login_option('notify_email_after')));
|
680 |
$limit_login_options['notify_email_after'] = min(limit_login_option('allowed_lockouts'), $notify_email_after);
|
681 |
|
698 |
&& limit_login_option('client_type') != LIMIT_LOGIN_PROXY_ADDR ) {
|
699 |
$limit_login_options['client_type'] = LIMIT_LOGIN_DIRECT_ADDR;
|
700 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
701 |
}
|
702 |
|
703 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
704 |
/* Add admin options page */
|
705 |
function limit_login_admin_menu() {
|
706 |
add_options_page('Limit Login Attempts', 'Limit Login Attempts', 8, 'limit-login-attempts', 'limit_login_option_page');
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
707 |
}
|
708 |
|
709 |
|
730 |
}
|
731 |
}
|
732 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
733 |
/* Actual admin page */
|
734 |
function limit_login_option_page() {
|
735 |
limit_login_cleanup();
|
758 |
. __('Reset lockout count', 'limit-login-attempts')
|
759 |
. '</p></div>';
|
760 |
}
|
761 |
+
|
762 |
/* Should we restore current lockouts? */
|
763 |
if (isset($_POST['reset_current'])) {
|
764 |
update_option('limit_login_lockouts', array());
|
766 |
. __('Cleared current lockouts', 'limit-login-attempts')
|
767 |
. '</p></div>';
|
768 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
769 |
|
770 |
/* Should we update options? */
|
771 |
if (isset($_POST['update_options'])) {
|
772 |
+
global $limit_login_options;
|
773 |
+
|
774 |
+
$limit_login_options['client_type'] = $_POST['client_type'];
|
775 |
+
$limit_login_options['allowed_retries'] = $_POST['allowed_retries'];
|
776 |
+
$limit_login_options['lockout_duration'] = $_POST['lockout_duration'] * 60;
|
777 |
+
$limit_login_options['valid_duration'] = $_POST['valid_duration'] * 3600;
|
778 |
+
$limit_login_options['allowed_lockouts'] = $_POST['allowed_lockouts'];
|
779 |
+
$limit_login_options['long_duration'] = $_POST['long_duration'] * 3600;
|
780 |
+
$limit_login_options['notify_email_after'] = $_POST['email_after'];
|
781 |
+
$limit_login_options['cookies'] = (isset($_POST['cookies']) && $_POST['cookies'] == '1');
|
782 |
+
|
783 |
+
$v = array();
|
784 |
+
if (isset($_POST['lockout_notify_log'])) {
|
785 |
+
$v[] = 'log';
|
786 |
+
}
|
787 |
+
if (isset($_POST['lockout_notify_email'])) {
|
788 |
+
$v[] = 'email';
|
789 |
+
}
|
790 |
+
$limit_login_options['lockout_notify'] = implode(',', $v);
|
791 |
+
|
792 |
+
limit_login_sanitize_variables();
|
793 |
limit_login_update_options();
|
794 |
echo '<div id="message" class="updated fade"><p>'
|
795 |
. __('Options changed', 'limit-login-attempts')
|
796 |
. '</p></div>';
|
797 |
}
|
798 |
|
|
|
|
|
|
|
|
|
|
|
799 |
$lockouts_total = get_option('limit_login_lockouts_total', 0);
|
800 |
+
$lockouts = get_option('limit_login_lockouts');
|
801 |
+
$lockouts_now = is_array($lockouts) ? count($lockouts) : 0;
|
|
|
802 |
|
803 |
if (!limit_login_support_cookie_option()) {
|
804 |
$cookies_disabled = ' DISABLED ';
|
805 |
$cookies_note = ' <br /> '
|
806 |
+
. __('<strong>NOTE:</strong> Only works in Wordpress 2.7 or later'
|
807 |
+
, 'limit-login-attempts');
|
808 |
} else {
|
809 |
$cookies_disabled = '';
|
810 |
$cookies_note = '';
|
811 |
}
|
812 |
$cookies_yes = limit_login_option('cookies') ? ' checked ' : '';
|
813 |
+
$cookies_no = limit_login_option('cookies') ? '' : ' checked ';
|
814 |
|
815 |
$client_type = limit_login_option('client_type');
|
816 |
$client_type_direct = $client_type == LIMIT_LOGIN_DIRECT_ADDR ? ' checked ' : '';
|
835 |
$v = explode(',', limit_login_option('lockout_notify'));
|
836 |
$log_checked = in_array('log', $v) ? ' checked ' : '';
|
837 |
$email_checked = in_array('email', $v) ? ' checked ' : '';
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
838 |
?>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
839 |
<div class="wrap">
|
840 |
<h2><?php echo __('Limit Login Attempts Settings','limit-login-attempts'); ?></h2>
|
841 |
<h3><?php echo __('Statistics','limit-login-attempts'); ?></h3>
|
860 |
</td>
|
861 |
</tr>
|
862 |
<?php } ?>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
863 |
</table>
|
864 |
</form>
|
865 |
<h3><?php echo __('Options','limit-login-attempts'); ?></h3>
|
875 |
<input type="text" size="3" maxlength="4" value="<?php echo(limit_login_option('valid_duration')/3600); ?>" name="valid_duration" /> <?php echo __('hours until retries are reset','limit-login-attempts'); ?>
|
876 |
</td>
|
877 |
</tr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
878 |
<tr>
|
879 |
<th scope="row" valign="top"><?php echo __('Site connection','limit-login-attempts'); ?></th>
|
880 |
<td>
|
893 |
</td>
|
894 |
</tr>
|
895 |
<tr>
|
896 |
+
<th scope="row" valign="top"><?php echo __('Handle cookie login','limit-login-attempts'); ?></th>
|
897 |
<td>
|
898 |
+
<label><input type="radio" name="cookies" <?php echo $cookies_disabled . $cookies_yes; ?> value="1" /> <?php echo __('Yes','limit-login-attempts'); ?></label> <label><input type="radio" name="cookies" <?php echo $cookies_disabled . $cookies_no; ?> value="0" /> <?php echo __('No','limit-login-attempts'); ?></label>
|
899 |
+
<?php echo $cookies_note ?>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
900 |
</td>
|
901 |
</tr>
|
902 |
<tr>
|
903 |
+
<th scope="row" valign="top"><?php echo __('Notify on lockout','limit-login-attempts'); ?></th>
|
904 |
<td>
|
905 |
+
<input type="checkbox" name="lockout_notify_log" <?php echo $log_checked; ?> value="log" /> <?php echo __('Log IP','limit-login-attempts'); ?><br />
|
906 |
+
<input type="checkbox" name="lockout_notify_email" <?php echo $email_checked; ?> value="email" /> <?php echo __('Email to admin after','limit-login-attempts'); ?> <input type="text" size="3" maxlength="4" value="<?php echo(limit_login_option('notify_email_after')); ?>" name="email_after" /> <?php echo __('lockouts','limit-login-attempts'); ?>
|
907 |
</td>
|
908 |
</tr>
|
909 |
</table>
|
911 |
<input name="update_options" value="<?php echo __('Change Options','limit-login-attempts'); ?>" type="submit" />
|
912 |
</p>
|
913 |
</form>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
914 |
<?php
|
915 |
+
$log = get_option('limit_login_logged');
|
916 |
|
917 |
if (is_array($log) && count($log) > 0) {
|
918 |
?>
|
919 |
<h3><?php echo __('Lockout log','limit-login-attempts'); ?></h3>
|
|
|
|
|
|
|
|
|
|
|
920 |
<form action="options-general.php?page=limit-login-attempts" method="post">
|
921 |
<?php wp_nonce_field('limit-login-attempts-options'); ?>
|
922 |
<input type="hidden" value="true" name="clear_log" />
|
924 |
<input name="submit" value="<?php echo __('Clear Log','limit-login-attempts'); ?>" type="submit" />
|
925 |
</p>
|
926 |
</form>
|
927 |
+
<style type="text/css" media="screen">
|
928 |
+
.limit-login-log th {
|
929 |
+
font-weight: bold;
|
930 |
+
}
|
931 |
+
.limit-login-log td, .limit-login-log th {
|
932 |
+
padding: 1px 5px 1px 5px;
|
933 |
+
}
|
934 |
+
td.limit-login-ip {
|
935 |
+
font-family: "Courier New", Courier, monospace;
|
936 |
+
vertical-align: top;
|
937 |
+
}
|
938 |
+
td.limit-login-max {
|
939 |
+
width: 100%;
|
940 |
+
}
|
941 |
+
</style>
|
942 |
+
<div class="limit-login-log">
|
943 |
+
<table class="form-table">
|
944 |
+
<?php limit_login_show_log($log); ?>
|
945 |
+
</table>
|
946 |
+
</div>
|
947 |
<?php
|
948 |
} /* if showing $log */
|
949 |
?>
|
950 |
+
|
951 |
</div>
|
952 |
<?php
|
953 |
+
}
|
954 |
?>
|
limit-login-attempts.pot
CHANGED
@@ -8,7 +8,7 @@ msgid ""
|
|
8 |
msgstr ""
|
9 |
"Project-Id-Version: PACKAGE VERSION\n"
|
10 |
"Report-Msgid-Bugs-To: http://wordpress.org/tag/limit-login-attempts\n"
|
11 |
-
"POT-Creation-Date: 2009-
|
12 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
@@ -17,214 +17,123 @@ msgstr ""
|
|
17 |
"Content-Transfer-Encoding: 8bit\n"
|
18 |
"Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
|
19 |
|
20 |
-
#: limit-login-attempts.php:
|
21 |
-
msgid "Subscriber"
|
22 |
-
msgstr ""
|
23 |
-
|
24 |
-
#: limit-login-attempts.php:115
|
25 |
-
msgid "Contributor"
|
26 |
-
msgstr ""
|
27 |
-
|
28 |
-
#: limit-login-attempts.php:116
|
29 |
-
msgid "Author"
|
30 |
-
msgstr ""
|
31 |
-
|
32 |
-
#: limit-login-attempts.php:117
|
33 |
-
msgid "Editor"
|
34 |
-
msgstr ""
|
35 |
-
|
36 |
-
#: limit-login-attempts.php:118
|
37 |
-
msgid "Administrator"
|
38 |
-
msgstr ""
|
39 |
-
|
40 |
-
#: limit-login-attempts.php:562
|
41 |
-
msgid "<strong>ERROR</strong>: Invalid username or e-mail."
|
42 |
-
msgstr ""
|
43 |
-
|
44 |
-
#: limit-login-attempts.php:594
|
45 |
#, php-format
|
46 |
msgid "%d hour"
|
47 |
msgid_plural "%d hours"
|
48 |
msgstr[0] ""
|
49 |
msgstr[1] ""
|
50 |
|
51 |
-
#: limit-login-attempts.php:
|
52 |
#, php-format
|
53 |
msgid "%d minute"
|
54 |
msgid_plural "%d minutes"
|
55 |
msgstr[0] ""
|
56 |
msgstr[1] ""
|
57 |
|
58 |
-
#: limit-login-attempts.php:
|
59 |
#, php-format
|
60 |
msgid "[%s] Too many failed login attempts"
|
61 |
msgstr ""
|
62 |
|
63 |
-
#: limit-login-attempts.php:
|
64 |
#, php-format
|
65 |
-
msgid "
|
|
|
66 |
msgstr ""
|
67 |
|
68 |
-
#: limit-login-attempts.php:
|
69 |
#, php-format
|
70 |
-
msgid "
|
|
|
71 |
msgstr ""
|
72 |
|
73 |
-
#: limit-login-attempts.php:
|
74 |
#, php-format
|
75 |
msgid "IP was blocked for %s"
|
76 |
msgstr ""
|
77 |
|
78 |
-
#: limit-login-attempts.php:
|
79 |
-
msgid "<strong>ERROR</strong>: Too many new user registrations."
|
80 |
-
msgstr ""
|
81 |
-
|
82 |
-
#: limit-login-attempts.php:685
|
83 |
msgid "<strong>ERROR</strong>: Too many failed login attempts."
|
84 |
msgstr ""
|
85 |
|
86 |
-
#: limit-login-attempts.php:
|
87 |
msgid "Please try again later."
|
88 |
msgstr ""
|
89 |
|
90 |
-
#: limit-login-attempts.php:
|
91 |
#, php-format
|
92 |
msgid "Please try again in %d hour."
|
93 |
msgid_plural "Please try again in %d hours."
|
94 |
msgstr[0] ""
|
95 |
msgstr[1] ""
|
96 |
|
97 |
-
#: limit-login-attempts.php:
|
98 |
#, php-format
|
99 |
msgid "Please try again in %d minute."
|
100 |
msgid_plural "Please try again in %d minutes."
|
101 |
msgstr[0] ""
|
102 |
msgstr[1] ""
|
103 |
|
104 |
-
#: limit-login-attempts.php:
|
105 |
#, php-format
|
106 |
msgid "<strong>%d</strong> attempt remaining."
|
107 |
msgid_plural "<strong>%d</strong> attempts remaining."
|
108 |
msgstr[0] ""
|
109 |
msgstr[1] ""
|
110 |
|
111 |
-
#: limit-login-attempts.php:
|
112 |
msgid "<strong>ERROR</strong>: Incorrect username or password."
|
113 |
msgstr ""
|
114 |
|
115 |
-
#: limit-login-attempts.php:
|
116 |
msgid "IP|Internet address"
|
117 |
msgstr ""
|
118 |
|
119 |
-
#: limit-login-attempts.php:
|
120 |
msgid "Tried to log in as"
|
121 |
msgstr ""
|
122 |
|
123 |
-
#: limit-login-attempts.php:
|
124 |
#, php-format
|
125 |
msgid "%d lockout"
|
126 |
msgid_plural "%d lockouts"
|
127 |
msgstr[0] ""
|
128 |
msgstr[1] ""
|
129 |
|
130 |
-
#: limit-login-attempts.php:
|
131 |
-
msgid "Account named admin should not have privileges"
|
132 |
-
msgstr ""
|
133 |
-
|
134 |
-
#: limit-login-attempts.php:1086
|
135 |
-
msgid "Make display name different from login name"
|
136 |
-
msgstr ""
|
137 |
-
|
138 |
-
#: limit-login-attempts.php:1088
|
139 |
-
msgid "Make url name different from login name"
|
140 |
-
msgstr ""
|
141 |
-
|
142 |
-
#: limit-login-attempts.php:1090
|
143 |
-
msgid "Make nickname different from login name"
|
144 |
-
msgstr ""
|
145 |
-
|
146 |
-
#: limit-login-attempts.php:1103
|
147 |
-
msgid "Privileged usernames, display names, url names and nicknames are ok"
|
148 |
-
msgstr ""
|
149 |
-
|
150 |
-
#: limit-login-attempts.php:1108
|
151 |
-
msgid "User Login"
|
152 |
-
msgstr ""
|
153 |
-
|
154 |
-
#: limit-login-attempts.php:1110
|
155 |
-
msgid "Role"
|
156 |
-
msgstr ""
|
157 |
-
|
158 |
-
#: limit-login-attempts.php:1112
|
159 |
-
msgid "Display Name"
|
160 |
-
msgstr ""
|
161 |
-
|
162 |
-
#: limit-login-attempts.php:1114
|
163 |
-
msgid "URL Name <small>(\"nicename\")</small>"
|
164 |
-
msgstr ""
|
165 |
-
|
166 |
-
#: limit-login-attempts.php:1116
|
167 |
-
msgid "What is this?"
|
168 |
-
msgstr ""
|
169 |
-
|
170 |
-
#: limit-login-attempts.php:1118
|
171 |
-
msgid "Nickname"
|
172 |
-
msgstr ""
|
173 |
-
|
174 |
-
#: limit-login-attempts.php:1170
|
175 |
-
msgid "URL names changed"
|
176 |
-
msgstr ""
|
177 |
-
|
178 |
-
#: limit-login-attempts.php:1175
|
179 |
-
msgid "No names changed"
|
180 |
-
msgstr ""
|
181 |
-
|
182 |
-
#: limit-login-attempts.php:1189
|
183 |
-
msgid "bad name"
|
184 |
-
msgstr ""
|
185 |
-
|
186 |
-
#: limit-login-attempts.php:1299
|
187 |
msgid "Cleared IP log"
|
188 |
msgstr ""
|
189 |
|
190 |
-
#: limit-login-attempts.php:
|
191 |
msgid "Reset lockout count"
|
192 |
msgstr ""
|
193 |
|
194 |
-
#: limit-login-attempts.php:
|
195 |
msgid "Cleared current lockouts"
|
196 |
msgstr ""
|
197 |
|
198 |
-
#: limit-login-attempts.php:
|
199 |
-
msgid "Reset registration lockout count"
|
200 |
-
msgstr ""
|
201 |
-
|
202 |
-
#: limit-login-attempts.php:1332
|
203 |
-
msgid "Cleared current registration lockouts"
|
204 |
-
msgstr ""
|
205 |
-
|
206 |
-
#: limit-login-attempts.php:1342
|
207 |
msgid "Options changed"
|
208 |
msgstr ""
|
209 |
|
210 |
-
#: limit-login-attempts.php:
|
211 |
-
|
212 |
-
msgid "<strong>NOTE:</strong> Only works in Wordpress %s or later"
|
213 |
msgstr ""
|
214 |
|
215 |
-
#: limit-login-attempts.php:
|
216 |
#, php-format
|
217 |
msgid "It appears the site is reached directly (from your IP: %s)"
|
218 |
msgstr ""
|
219 |
|
220 |
-
#: limit-login-attempts.php:
|
221 |
#, php-format
|
222 |
msgid ""
|
223 |
"It appears the site is reached through a proxy server (proxy IP: %s, your "
|
224 |
"IP: %s)"
|
225 |
msgstr ""
|
226 |
|
227 |
-
#: limit-login-attempts.php:
|
228 |
#, php-format
|
229 |
msgid ""
|
230 |
"<strong>Current setting appears to be invalid</strong>. Please make sure it "
|
@@ -232,176 +141,123 @@ msgid ""
|
|
232 |
"\">here</a>"
|
233 |
msgstr ""
|
234 |
|
235 |
-
#: limit-login-attempts.php:
|
236 |
msgid "Limit Login Attempts Settings"
|
237 |
msgstr ""
|
238 |
|
239 |
-
#: limit-login-attempts.php:
|
240 |
msgid "Statistics"
|
241 |
msgstr ""
|
242 |
|
243 |
-
#: limit-login-attempts.php:
|
244 |
msgid "Total lockouts"
|
245 |
msgstr ""
|
246 |
|
247 |
-
#: limit-login-attempts.php:
|
248 |
msgid "Reset Counter"
|
249 |
msgstr ""
|
250 |
|
251 |
-
#: limit-login-attempts.php:
|
252 |
#, php-format
|
253 |
msgid "%d lockout since last reset"
|
254 |
msgid_plural "%d lockouts since last reset"
|
255 |
msgstr[0] ""
|
256 |
msgstr[1] ""
|
257 |
|
258 |
-
#: limit-login-attempts.php:
|
259 |
msgid "No lockouts yet"
|
260 |
msgstr ""
|
261 |
|
262 |
-
#: limit-login-attempts.php:
|
263 |
msgid "Active lockouts"
|
264 |
msgstr ""
|
265 |
|
266 |
-
#: limit-login-attempts.php:
|
267 |
msgid "Restore Lockouts"
|
268 |
msgstr ""
|
269 |
|
270 |
-
#: limit-login-attempts.php:
|
271 |
#, php-format
|
272 |
msgid "%d IP is currently blocked from trying to log in"
|
273 |
msgstr ""
|
274 |
|
275 |
-
#: limit-login-attempts.php:
|
276 |
-
msgid "Total registration lockouts"
|
277 |
-
msgstr ""
|
278 |
-
|
279 |
-
#: limit-login-attempts.php:1472
|
280 |
-
#, php-format
|
281 |
-
msgid "%d registration lockout since last reset"
|
282 |
-
msgid_plural "%d registration lockouts since last reset"
|
283 |
-
msgstr[0] ""
|
284 |
-
msgstr[1] ""
|
285 |
-
|
286 |
-
#: limit-login-attempts.php:1478
|
287 |
-
msgid "Active registration lockouts"
|
288 |
-
msgstr ""
|
289 |
-
|
290 |
-
#: limit-login-attempts.php:1481
|
291 |
-
#, php-format
|
292 |
-
msgid "%d IP is currently blocked from registering new users"
|
293 |
-
msgstr ""
|
294 |
-
|
295 |
-
#: limit-login-attempts.php:1487
|
296 |
msgid "Options"
|
297 |
msgstr ""
|
298 |
|
299 |
-
#: limit-login-attempts.php:
|
300 |
msgid "Lockout"
|
301 |
msgstr ""
|
302 |
|
303 |
-
#: limit-login-attempts.php:
|
304 |
msgid "allowed retries"
|
305 |
msgstr ""
|
306 |
|
307 |
-
#: limit-login-attempts.php:
|
308 |
msgid "minutes lockout"
|
309 |
msgstr ""
|
310 |
|
311 |
-
#: limit-login-attempts.php:
|
312 |
msgid "lockouts increase lockout time to"
|
313 |
msgstr ""
|
314 |
|
315 |
-
#: limit-login-attempts.php:
|
316 |
msgid "hours"
|
317 |
msgstr ""
|
318 |
|
319 |
-
#: limit-login-attempts.php:
|
320 |
msgid "hours until retries are reset"
|
321 |
msgstr ""
|
322 |
|
323 |
-
#: limit-login-attempts.php:
|
324 |
-
msgid "User cookie login"
|
325 |
-
msgstr ""
|
326 |
-
|
327 |
-
#: limit-login-attempts.php:1503
|
328 |
-
msgid "Handle cookie login"
|
329 |
-
msgstr ""
|
330 |
-
|
331 |
-
#: limit-login-attempts.php:1508
|
332 |
msgid "Site connection"
|
333 |
msgstr ""
|
334 |
|
335 |
-
#: limit-login-attempts.php:
|
336 |
msgid "Direct connection"
|
337 |
msgstr ""
|
338 |
|
339 |
-
#: limit-login-attempts.php:
|
340 |
msgid "From behind a reversy proxy"
|
341 |
msgstr ""
|
342 |
|
343 |
-
#: limit-login-attempts.php:
|
344 |
-
msgid "
|
345 |
-
msgstr ""
|
346 |
-
|
347 |
-
#: limit-login-attempts.php:1527
|
348 |
-
msgid "Log IP"
|
349 |
-
msgstr ""
|
350 |
-
|
351 |
-
#: limit-login-attempts.php:1528
|
352 |
-
msgid "Email to admin after"
|
353 |
-
msgstr ""
|
354 |
-
|
355 |
-
#: limit-login-attempts.php:1528
|
356 |
-
msgid "lockouts"
|
357 |
msgstr ""
|
358 |
|
359 |
-
#: limit-login-attempts.php:
|
360 |
-
msgid "
|
361 |
msgstr ""
|
362 |
|
363 |
-
#: limit-login-attempts.php:
|
364 |
-
msgid "
|
365 |
msgstr ""
|
366 |
|
367 |
-
#: limit-login-attempts.php:
|
368 |
-
msgid "
|
369 |
msgstr ""
|
370 |
|
371 |
-
#: limit-login-attempts.php:
|
372 |
-
msgid "
|
373 |
msgstr ""
|
374 |
|
375 |
-
#: limit-login-attempts.php:
|
376 |
-
msgid "
|
377 |
msgstr ""
|
378 |
|
379 |
-
#: limit-login-attempts.php:
|
380 |
-
msgid "
|
381 |
msgstr ""
|
382 |
|
383 |
-
#: limit-login-attempts.php:
|
384 |
msgid "Change Options"
|
385 |
msgstr ""
|
386 |
|
387 |
-
#: limit-login-attempts.php:
|
388 |
-
msgid "Privileged users"
|
389 |
-
msgstr ""
|
390 |
-
|
391 |
-
#: limit-login-attempts.php:1557
|
392 |
-
#, php-format
|
393 |
-
msgid "I <a href=\"%s\">understand</a> the problems involved"
|
394 |
-
msgstr ""
|
395 |
-
|
396 |
-
#: limit-login-attempts.php:1557
|
397 |
-
msgid "Change Names"
|
398 |
-
msgstr ""
|
399 |
-
|
400 |
-
#: limit-login-attempts.php:1565
|
401 |
msgid "Lockout log"
|
402 |
msgstr ""
|
403 |
|
404 |
-
#: limit-login-attempts.php:
|
405 |
msgid "Clear Log"
|
406 |
msgstr ""
|
407 |
|
8 |
msgstr ""
|
9 |
"Project-Id-Version: PACKAGE VERSION\n"
|
10 |
"Report-Msgid-Bugs-To: http://wordpress.org/tag/limit-login-attempts\n"
|
11 |
+
"POT-Creation-Date: 2009-01-28 17:17+0000\n"
|
12 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
17 |
"Content-Transfer-Encoding: 8bit\n"
|
18 |
"Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
|
19 |
|
20 |
+
#: limit-login-attempts.php:372
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
21 |
#, php-format
|
22 |
msgid "%d hour"
|
23 |
msgid_plural "%d hours"
|
24 |
msgstr[0] ""
|
25 |
msgstr[1] ""
|
26 |
|
27 |
+
#: limit-login-attempts.php:378
|
28 |
#, php-format
|
29 |
msgid "%d minute"
|
30 |
msgid_plural "%d minutes"
|
31 |
msgstr[0] ""
|
32 |
msgstr[1] ""
|
33 |
|
34 |
+
#: limit-login-attempts.php:381
|
35 |
#, php-format
|
36 |
msgid "[%s] Too many failed login attempts"
|
37 |
msgstr ""
|
38 |
|
39 |
+
#: limit-login-attempts.php:383
|
40 |
#, php-format
|
41 |
+
msgid ""
|
42 |
+
"%d failed login attempts (%d lockout(s)) from IP: %s"
|
43 |
msgstr ""
|
44 |
|
45 |
+
#: limit-login-attempts.php:387
|
46 |
#, php-format
|
47 |
+
msgid ""
|
48 |
+
"Last user attempted: %s"
|
49 |
msgstr ""
|
50 |
|
51 |
+
#: limit-login-attempts.php:390
|
52 |
#, php-format
|
53 |
msgid "IP was blocked for %s"
|
54 |
msgstr ""
|
55 |
|
56 |
+
#: limit-login-attempts.php:445
|
|
|
|
|
|
|
|
|
57 |
msgid "<strong>ERROR</strong>: Too many failed login attempts."
|
58 |
msgstr ""
|
59 |
|
60 |
+
#: limit-login-attempts.php:449
|
61 |
msgid "Please try again later."
|
62 |
msgstr ""
|
63 |
|
64 |
+
#: limit-login-attempts.php:456
|
65 |
#, php-format
|
66 |
msgid "Please try again in %d hour."
|
67 |
msgid_plural "Please try again in %d hours."
|
68 |
msgstr[0] ""
|
69 |
msgstr[1] ""
|
70 |
|
71 |
+
#: limit-login-attempts.php:458
|
72 |
#, php-format
|
73 |
msgid "Please try again in %d minute."
|
74 |
msgid_plural "Please try again in %d minutes."
|
75 |
msgstr[0] ""
|
76 |
msgstr[1] ""
|
77 |
|
78 |
+
#: limit-login-attempts.php:487
|
79 |
#, php-format
|
80 |
msgid "<strong>%d</strong> attempt remaining."
|
81 |
msgid_plural "<strong>%d</strong> attempts remaining."
|
82 |
msgstr[0] ""
|
83 |
msgstr[1] ""
|
84 |
|
85 |
+
#: limit-login-attempts.php:551
|
86 |
msgid "<strong>ERROR</strong>: Incorrect username or password."
|
87 |
msgstr ""
|
88 |
|
89 |
+
#: limit-login-attempts.php:714
|
90 |
msgid "IP|Internet address"
|
91 |
msgstr ""
|
92 |
|
93 |
+
#: limit-login-attempts.php:714
|
94 |
msgid "Tried to log in as"
|
95 |
msgstr ""
|
96 |
|
97 |
+
#: limit-login-attempts.php:719
|
98 |
#, php-format
|
99 |
msgid "%d lockout"
|
100 |
msgid_plural "%d lockouts"
|
101 |
msgstr[0] ""
|
102 |
msgstr[1] ""
|
103 |
|
104 |
+
#: limit-login-attempts.php:743
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
105 |
msgid "Cleared IP log"
|
106 |
msgstr ""
|
107 |
|
108 |
+
#: limit-login-attempts.php:751
|
109 |
msgid "Reset lockout count"
|
110 |
msgstr ""
|
111 |
|
112 |
+
#: limit-login-attempts.php:759
|
113 |
msgid "Cleared current lockouts"
|
114 |
msgstr ""
|
115 |
|
116 |
+
#: limit-login-attempts.php:788
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
117 |
msgid "Options changed"
|
118 |
msgstr ""
|
119 |
|
120 |
+
#: limit-login-attempts.php:799
|
121 |
+
msgid "<strong>NOTE:</strong> Only works in Wordpress 2.7 or later"
|
|
|
122 |
msgstr ""
|
123 |
|
124 |
+
#: limit-login-attempts.php:815
|
125 |
#, php-format
|
126 |
msgid "It appears the site is reached directly (from your IP: %s)"
|
127 |
msgstr ""
|
128 |
|
129 |
+
#: limit-login-attempts.php:817
|
130 |
#, php-format
|
131 |
msgid ""
|
132 |
"It appears the site is reached through a proxy server (proxy IP: %s, your "
|
133 |
"IP: %s)"
|
134 |
msgstr ""
|
135 |
|
136 |
+
#: limit-login-attempts.php:825
|
137 |
#, php-format
|
138 |
msgid ""
|
139 |
"<strong>Current setting appears to be invalid</strong>. Please make sure it "
|
141 |
"\">here</a>"
|
142 |
msgstr ""
|
143 |
|
144 |
+
#: limit-login-attempts.php:833
|
145 |
msgid "Limit Login Attempts Settings"
|
146 |
msgstr ""
|
147 |
|
148 |
+
#: limit-login-attempts.php:834
|
149 |
msgid "Statistics"
|
150 |
msgstr ""
|
151 |
|
152 |
+
#: limit-login-attempts.php:838
|
153 |
msgid "Total lockouts"
|
154 |
msgstr ""
|
155 |
|
156 |
+
#: limit-login-attempts.php:841
|
157 |
msgid "Reset Counter"
|
158 |
msgstr ""
|
159 |
|
160 |
+
#: limit-login-attempts.php:842
|
161 |
#, php-format
|
162 |
msgid "%d lockout since last reset"
|
163 |
msgid_plural "%d lockouts since last reset"
|
164 |
msgstr[0] ""
|
165 |
msgstr[1] ""
|
166 |
|
167 |
+
#: limit-login-attempts.php:843
|
168 |
msgid "No lockouts yet"
|
169 |
msgstr ""
|
170 |
|
171 |
+
#: limit-login-attempts.php:848
|
172 |
msgid "Active lockouts"
|
173 |
msgstr ""
|
174 |
|
175 |
+
#: limit-login-attempts.php:850
|
176 |
msgid "Restore Lockouts"
|
177 |
msgstr ""
|
178 |
|
179 |
+
#: limit-login-attempts.php:851
|
180 |
#, php-format
|
181 |
msgid "%d IP is currently blocked from trying to log in"
|
182 |
msgstr ""
|
183 |
|
184 |
+
#: limit-login-attempts.php:857
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
185 |
msgid "Options"
|
186 |
msgstr ""
|
187 |
|
188 |
+
#: limit-login-attempts.php:861
|
189 |
msgid "Lockout"
|
190 |
msgstr ""
|
191 |
|
192 |
+
#: limit-login-attempts.php:863
|
193 |
msgid "allowed retries"
|
194 |
msgstr ""
|
195 |
|
196 |
+
#: limit-login-attempts.php:864
|
197 |
msgid "minutes lockout"
|
198 |
msgstr ""
|
199 |
|
200 |
+
#: limit-login-attempts.php:865
|
201 |
msgid "lockouts increase lockout time to"
|
202 |
msgstr ""
|
203 |
|
204 |
+
#: limit-login-attempts.php:865
|
205 |
msgid "hours"
|
206 |
msgstr ""
|
207 |
|
208 |
+
#: limit-login-attempts.php:866
|
209 |
msgid "hours until retries are reset"
|
210 |
msgstr ""
|
211 |
|
212 |
+
#: limit-login-attempts.php:870
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
213 |
msgid "Site connection"
|
214 |
msgstr ""
|
215 |
|
216 |
+
#: limit-login-attempts.php:876
|
217 |
msgid "Direct connection"
|
218 |
msgstr ""
|
219 |
|
220 |
+
#: limit-login-attempts.php:881
|
221 |
msgid "From behind a reversy proxy"
|
222 |
msgstr ""
|
223 |
|
224 |
+
#: limit-login-attempts.php:887
|
225 |
+
msgid "Handle cookie login"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
226 |
msgstr ""
|
227 |
|
228 |
+
#: limit-login-attempts.php:889
|
229 |
+
msgid "Yes"
|
230 |
msgstr ""
|
231 |
|
232 |
+
#: limit-login-attempts.php:889
|
233 |
+
msgid "No"
|
234 |
msgstr ""
|
235 |
|
236 |
+
#: limit-login-attempts.php:894
|
237 |
+
msgid "Notify on lockout"
|
238 |
msgstr ""
|
239 |
|
240 |
+
#: limit-login-attempts.php:896
|
241 |
+
msgid "Log IP"
|
242 |
msgstr ""
|
243 |
|
244 |
+
#: limit-login-attempts.php:897
|
245 |
+
msgid "Email to admin after"
|
246 |
msgstr ""
|
247 |
|
248 |
+
#: limit-login-attempts.php:897
|
249 |
+
msgid "lockouts"
|
250 |
msgstr ""
|
251 |
|
252 |
+
#: limit-login-attempts.php:902
|
253 |
msgid "Change Options"
|
254 |
msgstr ""
|
255 |
|
256 |
+
#: limit-login-attempts.php:910
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
257 |
msgid "Lockout log"
|
258 |
msgstr ""
|
259 |
|
260 |
+
#: limit-login-attempts.php:914
|
261 |
msgid "Clear Log"
|
262 |
msgstr ""
|
263 |
|
readme.txt
CHANGED
@@ -2,33 +2,25 @@
|
|
2 |
Contributors: johanee
|
3 |
Tags: login, security, authentication
|
4 |
Requires at least: 2.5
|
5 |
-
Tested up to: 2.8.
|
6 |
Stable tag: 1.4.1
|
7 |
|
8 |
-
Limit rate of login attempts, including by way of cookies, for each IP.
|
9 |
|
10 |
== Description ==
|
11 |
|
12 |
-
THIS IS A BETA VERSION!
|
13 |
-
|
14 |
Limit the number of login attempts possible both through normal login as well as (WordPress 2.7+) using auth cookies.
|
15 |
|
16 |
By default WordPress allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be brute-force cracked with relative ease.
|
17 |
|
18 |
Limit Login Attempts blocks an Internet address from making further attempts after a specified limit on retries is reached, making a brute-force attack difficult or impossible.
|
19 |
|
20 |
-
Limit Login Attempts can also help you protect user login names from discovery. This includes (Wordpress 2.6.5+) optional restrictions on password reset attempts for privileged users and rate limit on new user registrations.
|
21 |
-
|
22 |
Features
|
23 |
|
24 |
* Limit the number of retry attempts when logging in (for each IP). Fully customizable
|
|
|
25 |
* Informs user about remaining retries or lockout time on login page
|
26 |
* Optional logging, optional email notification
|
27 |
-
* (WordPress 2.7+) Handles attempts to log in using auth cookies
|
28 |
-
* Helps protect user login names from discovery
|
29 |
-
* (Wordpress 2.6.5+) Optional restrictions on password reset attempts for privileged users
|
30 |
-
* Optional rate limit on new user registration
|
31 |
-
* Allows modification of privileged users Author URL name ("nicename")
|
32 |
* Handles server behind reverse proxy
|
33 |
|
34 |
Translations: Bulgarian, Catalan, Czech, German, Norwegian, Persian, Romanian, Russian, Spanish, Swedish, Turkish
|
@@ -63,51 +55,15 @@ If you have ftp / ssh access to the site rename the file "wp-content/plugins/lim
|
|
63 |
|
64 |
If you have access to the database (for example through phpMyAdmin) you can clear the limit_login_lockouts option in the wordpress options table. In a default setup this would work: "UPDATE wp_options SET option_value = '' WHERE option_name = 'limit_login_lockouts'"
|
65 |
|
66 |
-
= Why the privileged users list? Why are some names marked? =
|
67 |
-
|
68 |
-
These are the various names WordPress has for each user. To increase security the login name should not be the same as any of the others as they can be discovered in various ways.
|
69 |
-
|
70 |
-
= What is URL Name / "nicename"? =
|
71 |
-
|
72 |
-
"Nicename" is what WordPress calls it (internally). It is constructed directly from the login name and is used in the public author archive url, default comment template (as a comment class) and default post template (as a post class). This means that if you change it the old author archive url will no longer work.
|
73 |
-
|
74 |
-
= I disabled password reset for administrators and forgot my password, what do I do? =
|
75 |
-
|
76 |
-
If you have ftp / ssh access look at the answer regarding being locked out above.
|
77 |
-
|
78 |
-
If you have access to the database (for example through phpMyAdmin) you can clear the limit_login_reset_min_role option in the wordpress options table. In a default setup this would work: "UPDATE wp_options SET option_value = '' WHERE option_name = 'limit_login_reset_min_role'"
|
79 |
-
|
80 |
== Screenshots ==
|
81 |
|
82 |
1. Loginscreen after failed login with retries remaining
|
83 |
2. Loginscreen during lockout
|
84 |
-
3.
|
85 |
-
4. Administration interface in WordPress 2.
|
86 |
-
5. Administration interface in WordPress 2.5
|
87 |
-
|
88 |
-
== Todo ==
|
89 |
-
|
90 |
-
* Translations
|
91 |
-
* Test cookies
|
92 |
-
* Look through readme.txt again
|
93 |
-
* Links to faq/nicename
|
94 |
|
95 |
== Version History ==
|
96 |
|
97 |
-
* Version 2.0beta3
|
98 |
-
* Checkpoint release for translations
|
99 |
-
* Added basic functionality to edit user nicenames
|
100 |
-
* Added Wordpress version dependency for password reset functionality
|
101 |
-
* Code clean-ups
|
102 |
-
* Version 2.0beta2
|
103 |
-
* Various fixes
|
104 |
-
* Version 2.0beta1
|
105 |
-
* Added a number of options that when activated make it harder to find login names of users
|
106 |
-
* disable password reset using username (accept user email only) for users with a specified role or higher
|
107 |
-
* disable password reset for users with a specified role or higher
|
108 |
-
* restrict rate of new user registrations
|
109 |
-
* filter registration error messages to avoid possible way to brute force find user login name
|
110 |
-
* list of privileged users show which login names can be discovered from user displayname, nickname or "url name"/nicename
|
111 |
* Version 1.4.1
|
112 |
* Added Turkish translation, thanks to Yazan Canarkadas
|
113 |
* Version 1.4
|
2 |
Contributors: johanee
|
3 |
Tags: login, security, authentication
|
4 |
Requires at least: 2.5
|
5 |
+
Tested up to: 2.8.5
|
6 |
Stable tag: 1.4.1
|
7 |
|
8 |
+
Limit rate of login attempts, including by way of cookies, for each IP.
|
9 |
|
10 |
== Description ==
|
11 |
|
|
|
|
|
12 |
Limit the number of login attempts possible both through normal login as well as (WordPress 2.7+) using auth cookies.
|
13 |
|
14 |
By default WordPress allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be brute-force cracked with relative ease.
|
15 |
|
16 |
Limit Login Attempts blocks an Internet address from making further attempts after a specified limit on retries is reached, making a brute-force attack difficult or impossible.
|
17 |
|
|
|
|
|
18 |
Features
|
19 |
|
20 |
* Limit the number of retry attempts when logging in (for each IP). Fully customizable
|
21 |
+
* (WordPress 2.7+) Limit the number of attempts to log in using auth cookies in same way
|
22 |
* Informs user about remaining retries or lockout time on login page
|
23 |
* Optional logging, optional email notification
|
|
|
|
|
|
|
|
|
|
|
24 |
* Handles server behind reverse proxy
|
25 |
|
26 |
Translations: Bulgarian, Catalan, Czech, German, Norwegian, Persian, Romanian, Russian, Spanish, Swedish, Turkish
|
55 |
|
56 |
If you have access to the database (for example through phpMyAdmin) you can clear the limit_login_lockouts option in the wordpress options table. In a default setup this would work: "UPDATE wp_options SET option_value = '' WHERE option_name = 'limit_login_lockouts'"
|
57 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
58 |
== Screenshots ==
|
59 |
|
60 |
1. Loginscreen after failed login with retries remaining
|
61 |
2. Loginscreen during lockout
|
62 |
+
3. Administration interface in WordPress 2.7
|
63 |
+
4. Administration interface in WordPress 2.5
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
64 |
|
65 |
== Version History ==
|
66 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
67 |
* Version 1.4.1
|
68 |
* Added Turkish translation, thanks to Yazan Canarkadas
|
69 |
* Version 1.4
|
screenshot-3.gif
CHANGED
Binary file
|
screenshot-4.gif
CHANGED
Binary file
|
screenshot-5.gif
DELETED
Binary file
|