Login Security Solution - Version 0.12.0

Version Description

Display a notice on top of admin pages when our maintenance mode is enabled.

Release Info

Developer	convissor
Plugin	Login Security Solution
Version	0.12.0
Comparing to
See all releases

Code changes from version 0.11.0 to 0.12.0

Files changed (4) hide show

admin.inc +29 -6
languages/login-security-solution.pot +40 -40
login-security-solution.php +6 -2
readme.txt +6 -2

admin.inc CHANGED Viewed

	@@ -366,7 +366,7 @@ class login_security_solution_admin extends login_security_solution {
366	/**
367	* Declares a menu item and callback for this plugin's settings page
368	*
369	- * NOTE: This method is automatically called by WordPress when ~~the~~
370	* any admin page is rendered
371	*/
372	public function admin_menu() {
	@@ -384,7 +384,7 @@ class login_security_solution_admin extends login_security_solution {
384	* Declares the callbacks for rendering and validating this plugin's
385	* settings sections and fields
386	*
387	- * NOTE: This method is automatically called by WordPress when ~~the~~
388	* any admin page is rendered
389	*/
390	public function admin_init() {
	@@ -637,7 +637,7 @@ class login_security_solution_admin extends login_security_solution {
637	/**
638	* Declares a menu item and callback for the force password change page
639	*
640	- * NOTE: This method is automatically called by WordPress when ~~the~~
641	* any admin page is rendered
642	*/
643	public function admin_menu_pw_force_change() {
	@@ -655,7 +655,7 @@ class login_security_solution_admin extends login_security_solution {
655	* Declares the callbacks for rendering and validating the
656	* force password change page
657	*
658	- * NOTE: This method is automatically called by WordPress when ~~the~~
659	* any admin page is rendered
660	*/
661	public function admin_init_pw_force_change() {
	@@ -811,17 +811,40 @@ class login_security_solution_admin extends login_security_solution {
811	return $out;
812	}
813























814	/**
815	* Produces a notice at the top of each admin page, telling admins to
816	* run the Change All Passwords process
817	*
818	- * NOTE: This method is automatically called by WordPress when ~~the~~
819	* any admin page is rendered AND our Change All Passwords function
820	* has not been called.
821	*
822	* @return void
823	*/
824	- public function ~~admin_notices~~() {
825	if (!current_user_can($this->capability_required)) {
826	return;
827	}


366	/**
367	* Declares a menu item and callback for this plugin's settings page
368	*
369	+ * NOTE: This method is automatically called by WordPress when
370	* any admin page is rendered
371	*/
372	public function admin_menu() {

384	* Declares the callbacks for rendering and validating this plugin's
385	* settings sections and fields
386	*
387	+ * NOTE: This method is automatically called by WordPress when
388	* any admin page is rendered
389	*/
390	public function admin_init() {

637	/**
638	* Declares a menu item and callback for the force password change page
639	*
640	+ * NOTE: This method is automatically called by WordPress when
641	* any admin page is rendered
642	*/
643	public function admin_menu_pw_force_change() {

655	* Declares the callbacks for rendering and validating the
656	* force password change page
657	*
658	+ * NOTE: This method is automatically called by WordPress when
659	* any admin page is rendered
660	*/
661	public function admin_init_pw_force_change() {

811	return $out;
812	}
813
814	+ /**
815	+ * Produces a notice at the top of each admin page, telling admins
816	+ * that the system is in maintenance mode
817	+ *
818	+ * NOTE: This method is automatically called by WordPress when
819	+ * any admin page is rendered AND our Maintenance Mode feature is on.
820	+ *
821	+ * @return void
822	+ */
823	+ public function admin_notices_disable_logins() {
824	+ if (!current_user_can('manage_options')) {
825	+ return;
826	+ }
827	+
828	+ echo '<div class="error">';
829	+
830	+ echo '<p><strong>';
831	+ echo $this->hsc_utf8(__("WARNING: The site is in maintenance mode. DO NOT TOUCH ANYTHING! Your changes may get overwritten!", self::ID));
832	+ echo '</strong></p>';
833	+
834	+ echo "</div>\n";
835	+ }
836	+
837	/**
838	* Produces a notice at the top of each admin page, telling admins to
839	* run the Change All Passwords process
840	*
841	+ * NOTE: This method is automatically called by WordPress when
842	* any admin page is rendered AND our Change All Passwords function
843	* has not been called.
844	*
845	* @return void
846	*/
847	+ public function admin_notices_pw_force_change() {
848	if (!current_user_can($this->capability_required)) {
849	return;
850	}

languages/login-security-solution.pot CHANGED Viewed

	@@ -2,9 +2,9 @@
2	# This file is distributed under the same license as the Login Security Solution package.
3	msgid ""
4	msgstr ""
5	- "Project-Id-Version: Login Security Solution 0.9.0\n"
6	"Report-Msgid-Bugs-To: http://wordpress.org/tag/login-security-solution\n"
7	- "POT-Creation-Date: 2012-06-16 19:52:08+00:00\n"
8	"MIME-Version: 1.0\n"
9	"Content-Type: text/plain; charset=UTF-8\n"
10	"Content-Transfer-Encoding: 8bit\n"
	@@ -12,171 +12,171 @@ msgstr ""
12	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
13	"Language-Team: LANGUAGE <LL@li.org>\n"
14
15	- #: login-security-solution.php:~~462~~
16	msgid "Invalid username or password."
17	msgstr ""
18
19	- #: login-security-solution.php:~~468~~ tests/LoginErrorsTest.php:117
20	#: tests/LoginErrorsTest.php:129
21	msgid "Password reset is not allowed for this user"
22	msgstr ""
23
24	- #: login-security-solution.php:~~493~~ tests/LoginMessageTest.php:66
25	msgid "It has been over %d minutes since your last action."
26	msgstr ""
27
28	- #: login-security-solution.php:~~494~~ tests/LoginMessageTest.php:67
29	msgid "Please log back in."
30	msgstr ""
31
32	- #: login-security-solution.php:~~497~~ tests/LoginMessageTest.php:77
33	msgid "The grace period for changing your password has expired."
34	msgstr ""
35
36	- #: login-security-solution.php:~~498~~ tests/LoginMessageTest.php:78
37	msgid "Please submit this form to reset your password."
38	msgstr ""
39
40	- #: login-security-solution.php:~~501~~ tests/LoginMessageTest.php:88
41	msgid "Your password must be reset."
42	msgstr ""
43
44	- #: login-security-solution.php:~~502~~ tests/LoginMessageTest.php:89
45	msgid "Please submit this form to reset it."
46	msgstr ""
47
48	- #: login-security-solution.php:~~505~~ tests/LoginMessageTest.php:104
49	msgid "Your password has expired. Please log and change it."
50	msgstr ""
51
52	- #: login-security-solution.php:~~506~~ tests/LoginMessageTest.php:105
53	msgid "We provide a %d minute grace period to do so."
54	msgstr ""
55
56	- #: login-security-solution.php:~~509~~ tests/LoginMessageTest.php:115
57	msgid "The password you tried to create is not secure. Please try again."
58	msgstr ""
59
60	- #: login-security-solution.php:~~515~~ tests/LoginMessageTest.php:129
61	#: tests/LoginMessageTest.php:144
62	msgid "The site is undergoing maintenance."
63	msgstr ""
64
65	- #: login-security-solution.php:~~516~~ tests/LoginMessageTest.php:130
66	#: tests/LoginMessageTest.php:145
67	msgid "Please try again later."
68	msgstr ""
69
70	- #: login-security-solution.php:~~585~~
71	msgid "Passwords can not be reused."
72	msgstr ""
73
74	- #: login-security-solution.php:~~732~~
75	msgid "ERROR"
76	msgstr ""
77
78	- #: login-security-solution.php:~~852~~
79	msgid "Component Count Value from Current Attempt"
80	msgstr ""
81
82	- #: login-security-solution.php:~~854~~
83	msgid "Network IP %5d %s"
84	msgstr ""
85
86	- #: login-security-solution.php:~~856~~
87	msgid "Username %5d %s"
88	msgstr ""
89
90	- #: login-security-solution.php:~~858~~
91	msgid "Password MD5 %5d %s"
92	msgstr ""
93
94	- #: login-security-solution.php:~~1639~~
95	msgid "Your website, %s, may have been broken in to."
96	msgstr ""
97
98	- #: login-security-solution.php:~~1642~~
99	msgid ""
100	"Someone just logged in using the following components. Prior to that, some "
101	"combination of those components were a part of %d failed attempts to log in "
102	"during the past %d minutes:"
103	msgstr ""
104
105	- #: login-security-solution.php:~~1647~~
106	msgid ""
107	"The user has been logged out and will be required to confirm their identity "
108	"via the password reset functionality."
109	msgstr ""
110
111	- #: login-security-solution.php:~~1676~~
112	msgid "Your website, %s, is undergoing a brute force attack."
113	msgstr ""
114
115	- #: login-security-solution.php:~~1679~~
116	msgid ""
117	"There have been at least %d failed attempts to log in during the past %d "
118	"minutes that used one or more of the following components:"
119	msgstr ""
120
121	- #: login-security-solution.php:~~1684~~
122	msgid ""
123	"The %s plugin for WordPress is repelling the attack by making their login "
124	"failures take a very long time."
125	msgstr ""
126
127	- #: login-security-solution.php:~~2006~~
128	msgid "Password not set."
129	msgstr ""
130
131	- #: login-security-solution.php:~~2021~~
132	msgid "Passwords must be strings."
133	msgstr ""
134
135	- #: login-security-solution.php:~~2039~~
136	msgid "Passwords must use ASCII characters."
137	msgstr ""
138
139	- #: login-security-solution.php:~~2058~~
140	msgid "Password is too short."
141	msgstr ""
142
143	- #: login-security-solution.php:~~2067~~
144	msgid "Passwords must either contain numbers or be %d characters long."
145	msgstr ""
146
147	- #: login-security-solution.php:~~2076~~
148	msgid ""
149	"Passwords must either contain punctuation marks / symbols or be %d "
150	"characters long."
151	msgstr ""
152
153	- #: login-security-solution.php:~~2085~~
154	msgid ""
155	"Passwords must either contain upper-case and lower-case letters or be %d "
156	"characters long."
157	msgstr ""
158
159	- #: login-security-solution.php:~~2095~~
160	msgid "Passwords can't be sequential keys."
161	msgstr ""
162
163	- #: login-security-solution.php:~~2104~~
164	msgid "Passwords can't have that many sequential characters."
165	msgstr ""
166
167	- #: login-security-solution.php:~~2120~~
168	msgid "Passwords can't contain user data."
169	msgstr ""
170
171	- #: login-security-solution.php:~~2131~~
172	msgid "Passwords can't contain site info."
173	msgstr ""
174
175	- #: login-security-solution.php:~~2140~~
176	msgid "Password is too common."
177	msgstr ""
178
179	- #: login-security-solution.php:~~2149~~
180	msgid "Passwords can't be variations of dictionary words."
181	msgstr ""
182


2	# This file is distributed under the same license as the Login Security Solution package.
3	msgid ""
4	msgstr ""
5	+ "Project-Id-Version: Login Security Solution 0.11.0\n"
6	"Report-Msgid-Bugs-To: http://wordpress.org/tag/login-security-solution\n"
7	+ "POT-Creation-Date: 2012-06-30 01:24:19+00:00\n"
8	"MIME-Version: 1.0\n"
9	"Content-Type: text/plain; charset=UTF-8\n"
10	"Content-Transfer-Encoding: 8bit\n"

12	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
13	"Language-Team: LANGUAGE <LL@li.org>\n"
14
15	+ #: login-security-solution.php:470
16	msgid "Invalid username or password."
17	msgstr ""
18
19	+ #: login-security-solution.php:476 tests/LoginErrorsTest.php:117
20	#: tests/LoginErrorsTest.php:129
21	msgid "Password reset is not allowed for this user"
22	msgstr ""
23
24	+ #: login-security-solution.php:501 tests/LoginMessageTest.php:66
25	msgid "It has been over %d minutes since your last action."
26	msgstr ""
27
28	+ #: login-security-solution.php:502 tests/LoginMessageTest.php:67
29	msgid "Please log back in."
30	msgstr ""
31
32	+ #: login-security-solution.php:505 tests/LoginMessageTest.php:77
33	msgid "The grace period for changing your password has expired."
34	msgstr ""
35
36	+ #: login-security-solution.php:506 tests/LoginMessageTest.php:78
37	msgid "Please submit this form to reset your password."
38	msgstr ""
39
40	+ #: login-security-solution.php:509 tests/LoginMessageTest.php:88
41	msgid "Your password must be reset."
42	msgstr ""
43
44	+ #: login-security-solution.php:510 tests/LoginMessageTest.php:89
45	msgid "Please submit this form to reset it."
46	msgstr ""
47
48	+ #: login-security-solution.php:513 tests/LoginMessageTest.php:104
49	msgid "Your password has expired. Please log and change it."
50	msgstr ""
51
52	+ #: login-security-solution.php:514 tests/LoginMessageTest.php:105
53	msgid "We provide a %d minute grace period to do so."
54	msgstr ""
55
56	+ #: login-security-solution.php:517 tests/LoginMessageTest.php:115
57	msgid "The password you tried to create is not secure. Please try again."
58	msgstr ""
59
60	+ #: login-security-solution.php:523 tests/LoginMessageTest.php:129
61	#: tests/LoginMessageTest.php:144
62	msgid "The site is undergoing maintenance."
63	msgstr ""
64
65	+ #: login-security-solution.php:524 tests/LoginMessageTest.php:130
66	#: tests/LoginMessageTest.php:145
67	msgid "Please try again later."
68	msgstr ""
69
70	+ #: login-security-solution.php:593
71	msgid "Passwords can not be reused."
72	msgstr ""
73
74	+ #: login-security-solution.php:740
75	msgid "ERROR"
76	msgstr ""
77
78	+ #: login-security-solution.php:860
79	msgid "Component Count Value from Current Attempt"
80	msgstr ""
81
82	+ #: login-security-solution.php:862
83	msgid "Network IP %5d %s"
84	msgstr ""
85
86	+ #: login-security-solution.php:864
87	msgid "Username %5d %s"
88	msgstr ""
89
90	+ #: login-security-solution.php:866
91	msgid "Password MD5 %5d %s"
92	msgstr ""
93
94	+ #: login-security-solution.php:1647
95	msgid "Your website, %s, may have been broken in to."
96	msgstr ""
97
98	+ #: login-security-solution.php:1650
99	msgid ""
100	"Someone just logged in using the following components. Prior to that, some "
101	"combination of those components were a part of %d failed attempts to log in "
102	"during the past %d minutes:"
103	msgstr ""
104
105	+ #: login-security-solution.php:1655
106	msgid ""
107	"The user has been logged out and will be required to confirm their identity "
108	"via the password reset functionality."
109	msgstr ""
110
111	+ #: login-security-solution.php:1684
112	msgid "Your website, %s, is undergoing a brute force attack."
113	msgstr ""
114
115	+ #: login-security-solution.php:1687
116	msgid ""
117	"There have been at least %d failed attempts to log in during the past %d "
118	"minutes that used one or more of the following components:"
119	msgstr ""
120
121	+ #: login-security-solution.php:1692
122	msgid ""
123	"The %s plugin for WordPress is repelling the attack by making their login "
124	"failures take a very long time."
125	msgstr ""
126
127	+ #: login-security-solution.php:2014
128	msgid "Password not set."
129	msgstr ""
130
131	+ #: login-security-solution.php:2029
132	msgid "Passwords must be strings."
133	msgstr ""
134
135	+ #: login-security-solution.php:2047
136	msgid "Passwords must use ASCII characters."
137	msgstr ""
138
139	+ #: login-security-solution.php:2066
140	msgid "Password is too short."
141	msgstr ""
142
143	+ #: login-security-solution.php:2075
144	msgid "Passwords must either contain numbers or be %d characters long."
145	msgstr ""
146
147	+ #: login-security-solution.php:2084
148	msgid ""
149	"Passwords must either contain punctuation marks / symbols or be %d "
150	"characters long."
151	msgstr ""
152
153	+ #: login-security-solution.php:2093
154	msgid ""
155	"Passwords must either contain upper-case and lower-case letters or be %d "
156	"characters long."
157	msgstr ""
158
159	+ #: login-security-solution.php:2103
160	msgid "Passwords can't be sequential keys."
161	msgstr ""
162
163	+ #: login-security-solution.php:2112
164	msgid "Passwords can't have that many sequential characters."
165	msgstr ""
166
167	+ #: login-security-solution.php:2128
168	msgid "Passwords can't contain user data."
169	msgstr ""
170
171	+ #: login-security-solution.php:2139
172	msgid "Passwords can't contain site info."
173	msgstr ""
174
175	+ #: login-security-solution.php:2148
176	msgid "Password is too common."
177	msgstr ""
178
179	+ #: login-security-solution.php:2157
180	msgid "Passwords can't be variations of dictionary words."
181	msgstr ""
182

	@@ -6,7 +6,7 @@
6	* Description: Requires very strong passwords, repels brute force login attacks, prevents login information disclosures, expires idle sessions, notifies admins of attacks and breaches, permits administrators to disable logins for maintenance or emergency reasons and reset all passwords.
7	*
8	* Plugin URI: http://wordpress.org/extend/plugins/login-security-solution/
9	- * Version: 0.11.0
10	* Author: Daniel Convissor
11	* Author URI: http://www.analysisandsolutions.com/
12	* License: GPLv2
	@@ -219,6 +219,10 @@ class login_security_solution {
219	add_action('admin_init', array(&$admin, 'admin_init'));
220	add_filter($plugin_action_links, array(&$admin, 'plugin_action_links'));
221




222	register_activation_hook(__FILE__, array(&$admin, 'activate'));
223	if ($this->options['deactivate_deletes_data']) {
224	register_deactivation_hook(__FILE__, array(&$admin, 'deactivate'));
	@@ -227,7 +231,7 @@ class login_security_solution {
227	// NON-STANDARD: This is for the password change page.
228	add_action($admin_menu, array(&$admin, 'admin_menu_pw_force_change'));
229	if (!$admin->was_pw_force_change_done()) {
230	- add_action($admin_notices, array(&$admin, '~~admin_notices~~'));
231	}
232	add_action('admin_init', array(&$admin, 'admin_init_pw_force_change'));
233	}


6	* Description: Requires very strong passwords, repels brute force login attacks, prevents login information disclosures, expires idle sessions, notifies admins of attacks and breaches, permits administrators to disable logins for maintenance or emergency reasons and reset all passwords.
7	*
8	* Plugin URI: http://wordpress.org/extend/plugins/login-security-solution/
9	+ * Version: 0.12.0
10	* Author: Daniel Convissor
11	* Author URI: http://www.analysisandsolutions.com/
12	* License: GPLv2

219	add_action('admin_init', array(&$admin, 'admin_init'));
220	add_filter($plugin_action_links, array(&$admin, 'plugin_action_links'));
221
222	+ if ($this->options['disable_logins']) {
223	+ add_action('admin_notices', array(&$admin, 'admin_notices_disable_logins'));
224	+ }
225	+
226	register_activation_hook(__FILE__, array(&$admin, 'activate'));
227	if ($this->options['deactivate_deletes_data']) {
228	register_deactivation_hook(__FILE__, array(&$admin, 'deactivate'));

231	// NON-STANDARD: This is for the password change page.
232	add_action($admin_menu, array(&$admin, 'admin_menu_pw_force_change'));
233	if (!$admin->was_pw_force_change_done()) {
234	+ add_action($admin_notices, array(&$admin, 'admin_notices_pw_force_change'));
235	}
236	add_action('admin_init', array(&$admin, 'admin_init_pw_force_change'));
237	}

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=danie
4	Tags: login, password, idle, timeout, maintenance, security, attack, hack, lock, ban
5	Requires at least: 3.3
6	Tested up to: 3.4.1
7	- Stable tag: 0.11.0
8
9	Security against brute force attacks by tracking IP, name, password; requiring very strong passwords. Idle timeout. Maintenance mode. Multisite ready!
10
	@@ -265,12 +265,16 @@ plugin's login failure process.
265	Get the translation tools from `http://i18n.svn.wordpress.org/tools/trunk/`
266	then `cd` into that directory and run:
267
268	- php makepot.php wp-plugin ~~../login~~-~~security-solution~~ \

269	../login-security-solution/languages/login-security-solution.pot
270
271
272	== Changelog ==
273



274	= 0.11.0 =
275	* Use POST value for `$user_name` in `login_errors()` because global value
276	isn't always set.


4	Tags: login, password, idle, timeout, maintenance, security, attack, hack, lock, ban
5	Requires at least: 3.3
6	Tested up to: 3.4.1
7	+ Stable tag: 0.12.0
8
9	Security against brute force attacks by tracking IP, name, password; requiring very strong passwords. Idle timeout. Maintenance mode. Multisite ready!
10

265	Get the translation tools from `http://i18n.svn.wordpress.org/tools/trunk/`
266	then `cd` into that directory and run:
267
268	+ php makepot.php wp-plugin -d 'error_reporting=E_ALL^E_STRICT' \
269	+ ../login-security-solution \
270	../login-security-solution/languages/login-security-solution.pot
271
272
273	== Changelog ==
274
275	+ = 0.12.0 =
276	+ * Display a notice on top of admin pages when our maintenance mode is enabled.
277	+
278	= 0.11.0 =
279	* Use POST value for `$user_name` in `login_errors()` because global value
280	isn't always set.