Version Description
- This plugin can now be activated for a network and a networkwide default can be set.
- The plugin now hooks in after init to make sure any customisations to the login form are hooked in before it.
- Links should now be fixed when SSL is enabled.
Download this release
Release Info
| Developer | avryl |
| Plugin |  Rename wp-login.php |
| Version | 2.0 |
| Comparing to | |
| See all releases | |
Code changes from version 1.9 to 2.0
- index.php +1 -1
- readme.md +18 -10
- readme.txt +18 -10
- rename-wp-login.php +392 -230
- rwl-login.php +14 -17
index.php
CHANGED
|
@@ -1,3 +1,3 @@
|
|
| 1 |
<?php
|
| 2 |
|
| 3 |
-
// Silence is golden.
|
| 1 |
<?php
|
| 2 |
|
| 3 |
+
// Silence is golden.
|
readme.md
CHANGED
|
@@ -4,41 +4,43 @@
|
|
| 4 |
**Tags:** rename, login, wp-login, wp-login.php, brute force attacks, custom login url
|
| 5 |
**Requires at least:** 3.8
|
| 6 |
**Tested up to:** 3.8
|
| 7 |
-
**Stable tag:**
|
| 8 |
**License:** GPLv2 or later
|
| 9 |
**License URI:** http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 11 |
-
Change wp-login.php to
|
| 12 |
|
| 13 |
## Description
|
| 14 |
|
| 15 |
-
With this plugin you can change wp-login.php to anything you want. The default is example.com/login/,
|
| 16 |
-
Please bookmark or remember your login url, accessing wp-login.php or wp-admin will
|
| 17 |
|
| 18 |
### Compatibility
|
| 19 |
|
| 20 |
Requires WordPress 3.8 or higher. The registration form, lost password form, login widget and expired sessions will keep working.
|
| 21 |
|
|
|
|
|
|
|
| 22 |
Compatible with plugins like:
|
| 23 |
|
| 24 |
* BuddyPress,
|
|
|
|
| 25 |
* Limit Login Attempts,
|
| 26 |
* User Switching,
|
| 27 |
* and any other plugin that hooks into the standard login form.
|
| 28 |
|
| 29 |
It does’t work with plugins that hardcoded wp-login.php, obviously.
|
| 30 |
-
|
|
|
|
| 31 |
|
| 32 |
If you’re using a **page caching plugin** like **W3 Total Cache** or **WP Super Cache**, add the word you renamed wp-login.php to (e.g. login) to the list of pages not to cache.
|
| 33 |
|
| 34 |
* For W3 Total Cache go to Performance › Page Cache › Advanced › Never cache the following pages, add your new login page on a new line and save all settings.
|
| 35 |
* For WP Super Cache go to Settings › WP Super Cache › Advanced › Accepted Filenames & Rejected URIs, add your new login page on a new line and save.
|
| 36 |
|
| 37 |
-
This plugin is **not** yet tested on installs that force **SSL** or use the **multisite** feature. I would appreciate any help with testing this.
|
| 38 |
-
|
| 39 |
### Benefits
|
| 40 |
|
| 41 |
-
Not only does it allow you to further customise your login page, it also prevents brute force attacks that are targeted specifically to wp-login.php. wp-login.php, and wp-admin if not logged in,
|
| 42 |
|
| 43 |
While you could use this plugin to prevent a lot of brute force attacks, it does not mean you don’t need a strong password. Read [this codex article](http://codex.wordpress.org/Brute_Force_Attacks) for more information on how to protect your website.
|
| 44 |
|
|
@@ -50,7 +52,7 @@ If you want to keep your login url secret, you should make sure there aren’t a
|
|
| 50 |
2. Search for *Rename wp-login.php*.
|
| 51 |
3. Look for this plugin, download and activate it.
|
| 52 |
4. The page will redirect you to the settings. Rename wp-login.php in the section Login.
|
| 53 |
-
5. You can change this option any time you want, just go back to Settings › Permalinks ›
|
| 54 |
|
| 55 |
## Frequently Asked Questions
|
| 56 |
|
|
@@ -60,6 +62,12 @@ Either go to your MySQL database and look for the value of `rwl_page` in the opt
|
|
| 60 |
|
| 61 |
## Changelog
|
| 62 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 63 |
### 1.9
|
| 64 |
|
| 65 |
* wp-admin will now have a `wp_die()` message instead of a 404 template because this caused problems.
|
|
@@ -105,4 +113,4 @@ Either go to your MySQL database and look for the value of `rwl_page` in the opt
|
|
| 105 |
|
| 106 |
### 1.0
|
| 107 |
|
| 108 |
-
* Initial version.
|
| 4 |
**Tags:** rename, login, wp-login, wp-login.php, brute force attacks, custom login url
|
| 5 |
**Requires at least:** 3.8
|
| 6 |
**Tested up to:** 3.8
|
| 7 |
+
**Stable tag:** 2.0
|
| 8 |
**License:** GPLv2 or later
|
| 9 |
**License URI:** http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 11 |
+
Change wp-login.php to anything you want. It can also prevent a lot of brute force attacks.
|
| 12 |
|
| 13 |
## Description
|
| 14 |
|
| 15 |
+
With this plugin you can change wp-login.php to anything you want. The default is example.com/login/, but you can change this under Settings › Permalinks › Rename wp-login.php.
|
| 16 |
+
Please bookmark or remember your login url, accessing wp-login.php or wp-admin will not work.
|
| 17 |
|
| 18 |
### Compatibility
|
| 19 |
|
| 20 |
Requires WordPress 3.8 or higher. The registration form, lost password form, login widget and expired sessions will keep working.
|
| 21 |
|
| 22 |
+
You also must have pretty, or almost pretty, permalinks enabled.
|
| 23 |
+
|
| 24 |
Compatible with plugins like:
|
| 25 |
|
| 26 |
* BuddyPress,
|
| 27 |
+
* bbPress,
|
| 28 |
* Limit Login Attempts,
|
| 29 |
* User Switching,
|
| 30 |
* and any other plugin that hooks into the standard login form.
|
| 31 |
|
| 32 |
It does’t work with plugins that hardcoded wp-login.php, obviously.
|
| 33 |
+
|
| 34 |
+
Works with multisite. Activating it for a network allows you to set a networkwide default. Individual sites can still rename their login page to something else.
|
| 35 |
|
| 36 |
If you’re using a **page caching plugin** like **W3 Total Cache** or **WP Super Cache**, add the word you renamed wp-login.php to (e.g. login) to the list of pages not to cache.
|
| 37 |
|
| 38 |
* For W3 Total Cache go to Performance › Page Cache › Advanced › Never cache the following pages, add your new login page on a new line and save all settings.
|
| 39 |
* For WP Super Cache go to Settings › WP Super Cache › Advanced › Accepted Filenames & Rejected URIs, add your new login page on a new line and save.
|
| 40 |
|
|
|
|
|
|
|
| 41 |
### Benefits
|
| 42 |
|
| 43 |
+
Not only does it allow you to further customise your login page, it also prevents brute force attacks that are targeted specifically to wp-login.php. wp-login.php, and wp-admin if not logged in, won't be accessible.
|
| 44 |
|
| 45 |
While you could use this plugin to prevent a lot of brute force attacks, it does not mean you don’t need a strong password. Read [this codex article](http://codex.wordpress.org/Brute_Force_Attacks) for more information on how to protect your website.
|
| 46 |
|
| 52 |
2. Search for *Rename wp-login.php*.
|
| 53 |
3. Look for this plugin, download and activate it.
|
| 54 |
4. The page will redirect you to the settings. Rename wp-login.php in the section Login.
|
| 55 |
+
5. You can change this option any time you want, just go back to Settings › Permalinks › Rename wp-login.php.
|
| 56 |
|
| 57 |
## Frequently Asked Questions
|
| 58 |
|
| 62 |
|
| 63 |
## Changelog
|
| 64 |
|
| 65 |
+
### 2.0
|
| 66 |
+
|
| 67 |
+
* This plugin can now be activated for a network and a networkwide default can be set.
|
| 68 |
+
* The plugin now hooks in after init to make sure any customisations to the login form are hooked in before it.
|
| 69 |
+
* Links should now be fixed when SSL is enabled.
|
| 70 |
+
|
| 71 |
### 1.9
|
| 72 |
|
| 73 |
* wp-admin will now have a `wp_die()` message instead of a 404 template because this caused problems.
|
| 113 |
|
| 114 |
### 1.0
|
| 115 |
|
| 116 |
+
* Initial version.
|
readme.txt
CHANGED
|
@@ -4,41 +4,43 @@ Contributors: avryl
|
|
| 4 |
Tags: rename, login, wp-login, wp-login.php, brute force attacks, custom login url
|
| 5 |
Requires at least: 3.8
|
| 6 |
Tested up to: 3.8
|
| 7 |
-
Stable tag:
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 11 |
-
Change wp-login.php to
|
| 12 |
|
| 13 |
== Description ==
|
| 14 |
|
| 15 |
-
With this plugin you can change wp-login.php to anything you want. The default is example.com/login/,
|
| 16 |
-
Please bookmark or remember your login url, accessing wp-login.php or wp-admin will
|
| 17 |
|
| 18 |
= Compatibility =
|
| 19 |
|
| 20 |
Requires WordPress 3.8 or higher. The registration form, lost password form, login widget and expired sessions will keep working.
|
| 21 |
|
|
|
|
|
|
|
| 22 |
Compatible with plugins like:
|
| 23 |
|
| 24 |
* BuddyPress,
|
|
|
|
| 25 |
* Limit Login Attempts,
|
| 26 |
* User Switching,
|
| 27 |
* and any other plugin that hooks into the standard login form.
|
| 28 |
|
| 29 |
It does’t work with plugins that hardcoded wp-login.php, obviously.
|
| 30 |
-
|
|
|
|
| 31 |
|
| 32 |
If you’re using a **page caching plugin** like **W3 Total Cache** or **WP Super Cache**, add the word you renamed wp-login.php to (e.g. login) to the list of pages not to cache.
|
| 33 |
|
| 34 |
* For W3 Total Cache go to Performance › Page Cache › Advanced › Never cache the following pages, add your new login page on a new line and save all settings.
|
| 35 |
* For WP Super Cache go to Settings › WP Super Cache › Advanced › Accepted Filenames & Rejected URIs, add your new login page on a new line and save.
|
| 36 |
|
| 37 |
-
This plugin is **not** yet tested on installs that force **SSL** or use the **multisite** feature. I would appreciate any help with testing this.
|
| 38 |
-
|
| 39 |
= Benefits =
|
| 40 |
|
| 41 |
-
Not only does it allow you to further customise your login page, it also prevents brute force attacks that are targeted specifically to wp-login.php. wp-login.php, and wp-admin if not logged in,
|
| 42 |
|
| 43 |
While you could use this plugin to prevent a lot of brute force attacks, it does not mean you don’t need a strong password. Read [this codex article](http://codex.wordpress.org/Brute_Force_Attacks) for more information on how to protect your website.
|
| 44 |
|
|
@@ -54,7 +56,7 @@ This plugin has a [mirror](https://github.com/avryl/rename-wp-login) on GitHub.
|
|
| 54 |
2. Search for *Rename wp-login.php*.
|
| 55 |
3. Look for this plugin, download and activate it.
|
| 56 |
4. The page will redirect you to the settings. Rename wp-login.php in the section Login.
|
| 57 |
-
5. You can change this option any time you want, just go back to Settings › Permalinks ›
|
| 58 |
|
| 59 |
== Frequently Asked Questions ==
|
| 60 |
|
|
@@ -64,6 +66,12 @@ Either go to your MySQL database and look for the value of `rwl_page` in the opt
|
|
| 64 |
|
| 65 |
== Changelog ==
|
| 66 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 67 |
= 1.9 =
|
| 68 |
|
| 69 |
* wp-admin will now have a `wp_die()` message instead of a 404 template because this caused problems.
|
|
@@ -109,4 +117,4 @@ Either go to your MySQL database and look for the value of `rwl_page` in the opt
|
|
| 109 |
|
| 110 |
= 1.0 =
|
| 111 |
|
| 112 |
-
* Initial version.
|
| 4 |
Tags: rename, login, wp-login, wp-login.php, brute force attacks, custom login url
|
| 5 |
Requires at least: 3.8
|
| 6 |
Tested up to: 3.8
|
| 7 |
+
Stable tag: 2.0
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 11 |
+
Change wp-login.php to anything you want. It can also prevent a lot of brute force attacks.
|
| 12 |
|
| 13 |
== Description ==
|
| 14 |
|
| 15 |
+
With this plugin you can change wp-login.php to anything you want. The default is example.com/login/, but you can change this under Settings › Permalinks › Rename wp-login.php.
|
| 16 |
+
Please bookmark or remember your login url, accessing wp-login.php or wp-admin will not work.
|
| 17 |
|
| 18 |
= Compatibility =
|
| 19 |
|
| 20 |
Requires WordPress 3.8 or higher. The registration form, lost password form, login widget and expired sessions will keep working.
|
| 21 |
|
| 22 |
+
You also must have pretty, or almost pretty, permalinks enabled.
|
| 23 |
+
|
| 24 |
Compatible with plugins like:
|
| 25 |
|
| 26 |
* BuddyPress,
|
| 27 |
+
* bbPress,
|
| 28 |
* Limit Login Attempts,
|
| 29 |
* User Switching,
|
| 30 |
* and any other plugin that hooks into the standard login form.
|
| 31 |
|
| 32 |
It does’t work with plugins that hardcoded wp-login.php, obviously.
|
| 33 |
+
|
| 34 |
+
Works with multisite. Activating it for a network allows you to set a networkwide default. Individual sites can still rename their login page to something else.
|
| 35 |
|
| 36 |
If you’re using a **page caching plugin** like **W3 Total Cache** or **WP Super Cache**, add the word you renamed wp-login.php to (e.g. login) to the list of pages not to cache.
|
| 37 |
|
| 38 |
* For W3 Total Cache go to Performance › Page Cache › Advanced › Never cache the following pages, add your new login page on a new line and save all settings.
|
| 39 |
* For WP Super Cache go to Settings › WP Super Cache › Advanced › Accepted Filenames & Rejected URIs, add your new login page on a new line and save.
|
| 40 |
|
|
|
|
|
|
|
| 41 |
= Benefits =
|
| 42 |
|
| 43 |
+
Not only does it allow you to further customise your login page, it also prevents brute force attacks that are targeted specifically to wp-login.php. wp-login.php, and wp-admin if not logged in, won't be accessible.
|
| 44 |
|
| 45 |
While you could use this plugin to prevent a lot of brute force attacks, it does not mean you don’t need a strong password. Read [this codex article](http://codex.wordpress.org/Brute_Force_Attacks) for more information on how to protect your website.
|
| 46 |
|
| 56 |
2. Search for *Rename wp-login.php*.
|
| 57 |
3. Look for this plugin, download and activate it.
|
| 58 |
4. The page will redirect you to the settings. Rename wp-login.php in the section Login.
|
| 59 |
+
5. You can change this option any time you want, just go back to Settings › Permalinks › Rename wp-login.php.
|
| 60 |
|
| 61 |
== Frequently Asked Questions ==
|
| 62 |
|
| 66 |
|
| 67 |
== Changelog ==
|
| 68 |
|
| 69 |
+
= 2.0 =
|
| 70 |
+
|
| 71 |
+
* This plugin can now be activated for a network and a networkwide default can be set.
|
| 72 |
+
* The plugin now hooks in after init to make sure any customisations to the login form are hooked in before it.
|
| 73 |
+
* Links should now be fixed when SSL is enabled.
|
| 74 |
+
|
| 75 |
= 1.9 =
|
| 76 |
|
| 77 |
* wp-admin will now have a `wp_die()` message instead of a 404 template because this caused problems.
|
| 117 |
|
| 118 |
= 1.0 =
|
| 119 |
|
| 120 |
+
* Initial version.
|
rename-wp-login.php
CHANGED
|
@@ -6,320 +6,482 @@ Plugin URI: http://wordpress.org/plugins/rename-wp-login/
|
|
| 6 |
Description: Change wp-login.php to whatever you want. It can also prevent a lot of brute force attacks.
|
| 7 |
Author: avryl
|
| 8 |
Author URI: http://profiles.wordpress.org/avryl/
|
| 9 |
-
Version:
|
| 10 |
Text Domain: rename-wp-login
|
| 11 |
License: GPLv2 or later
|
| 12 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 13 |
*/
|
| 14 |
|
| 15 |
if ( ! class_exists( 'Rename_WP_Login' ) ) {
|
| 16 |
-
|
| 17 |
class Rename_WP_Login {
|
| 18 |
-
|
| 19 |
-
private static $instance;
|
| 20 |
-
|
| 21 |
private function basename() {
|
| 22 |
-
|
| 23 |
return plugin_basename( __FILE__ );
|
| 24 |
-
|
| 25 |
-
}
|
| 26 |
-
|
| 27 |
-
private function url() {
|
| 28 |
-
|
| 29 |
-
return plugin_dir_url( __FILE__ );
|
| 30 |
-
|
| 31 |
}
|
| 32 |
-
|
| 33 |
private function path() {
|
| 34 |
-
|
| 35 |
return trailingslashit( dirname( __FILE__ ) );
|
| 36 |
-
|
| 37 |
}
|
| 38 |
-
|
| 39 |
private function set_404() {
|
| 40 |
-
|
| 41 |
global $wp_query;
|
| 42 |
-
|
| 43 |
status_header( 404 );
|
| 44 |
-
|
| 45 |
$wp_query->set_404();
|
| 46 |
-
|
| 47 |
-
$template = get_404_template()
|
| 48 |
-
|
| 49 |
-
|
| 50 |
-
|
| 51 |
-
|
| 52 |
-
if ( $template = apply_filters( 'template_include', $template ) )
|
| 53 |
include( $template );
|
| 54 |
-
|
| 55 |
-
|
| 56 |
-
|
|
|
|
|
|
|
| 57 |
}
|
| 58 |
-
|
| 59 |
-
private function
|
| 60 |
-
|
| 61 |
-
|
| 62 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 63 |
}
|
| 64 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 65 |
public static function instance() {
|
| 66 |
-
|
| 67 |
-
|
| 68 |
-
|
| 69 |
-
|
| 70 |
-
|
| 71 |
-
|
|
|
|
|
|
|
|
|
|
| 72 |
}
|
| 73 |
-
|
| 74 |
private function __construct() {
|
| 75 |
-
|
| 76 |
global $wp_version;
|
| 77 |
-
|
| 78 |
if ( version_compare( $wp_version, '3.8', '<' ) ) {
|
| 79 |
-
|
| 80 |
-
add_action( 'admin_init', array( $this, 'admin_init_incompatible' ) );
|
| 81 |
add_action( 'admin_notices', array( $this, 'admin_notices_incompatible' ) );
|
| 82 |
-
|
|
|
|
| 83 |
return;
|
| 84 |
-
|
| 85 |
}
|
| 86 |
-
|
| 87 |
register_activation_hook( $this->basename(), array( $this, 'activate' ) );
|
|
|
|
| 88 |
register_uninstall_hook( $this->basename(), array( 'Rename_WP_Login', 'uninstall' ) );
|
| 89 |
-
|
| 90 |
add_action( 'admin_init', array( $this, 'admin_init' ) );
|
| 91 |
add_action( 'admin_notices', array( $this, 'admin_notices' ) );
|
| 92 |
-
|
| 93 |
-
|
| 94 |
-
|
| 95 |
-
|
| 96 |
return;
|
| 97 |
-
|
| 98 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 99 |
add_action( 'login_init', array( $this, 'login_init' ) );
|
| 100 |
-
|
| 101 |
-
add_filter( 'site_url', array( $this, 'site_url' ), 10,
|
| 102 |
-
add_filter( '
|
| 103 |
-
add_filter( '
|
| 104 |
-
|
| 105 |
-
add_filter( 'lostpassword_url', array( $this, 'lostpassword_url' ), 10, 2 );
|
| 106 |
-
|
| 107 |
-
}
|
| 108 |
-
|
| 109 |
-
public function admin_init_incompatible() {
|
| 110 |
-
|
| 111 |
-
deactivate_plugins( $this->basename() );
|
| 112 |
-
|
| 113 |
}
|
| 114 |
-
|
| 115 |
public function admin_notices_incompatible() {
|
| 116 |
-
|
| 117 |
-
echo '<div class="error"><p>Please upgrade to the latest version of WordPress
|
| 118 |
-
|
| 119 |
-
if ( isset( $_GET['activate'] ) )
|
| 120 |
-
unset( $_GET['activate'] );
|
| 121 |
-
|
| 122 |
}
|
| 123 |
-
|
| 124 |
public function activate() {
|
| 125 |
-
|
| 126 |
add_option( 'rwl_redirect', '1' );
|
| 127 |
-
|
| 128 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 129 |
}
|
| 130 |
-
|
| 131 |
public static function uninstall() {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 132 |
|
| 133 |
-
|
| 134 |
-
|
| 135 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 136 |
}
|
| 137 |
-
|
| 138 |
public function admin_init() {
|
| 139 |
-
|
| 140 |
-
|
| 141 |
-
|
| 142 |
-
|
| 143 |
-
|
| 144 |
-
|
| 145 |
-
|
| 146 |
-
|
| 147 |
-
|
| 148 |
-
|
| 149 |
-
|
| 150 |
-
|
| 151 |
-
|
| 152 |
-
|
| 153 |
-
|
| 154 |
-
|
| 155 |
-
|
| 156 |
-
|
| 157 |
-
|
| 158 |
-
|
| 159 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 160 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 161 |
}
|
| 162 |
-
|
| 163 |
-
|
| 164 |
-
|
| 165 |
}
|
| 166 |
-
|
| 167 |
if ( get_option( 'rwl_redirect' ) ) {
|
| 168 |
-
|
| 169 |
delete_option( 'rwl_redirect' );
|
| 170 |
-
|
| 171 |
-
|
| 172 |
-
|
| 173 |
-
|
| 174 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 175 |
}
|
| 176 |
-
|
| 177 |
}
|
| 178 |
-
|
| 179 |
-
public function
|
| 180 |
-
|
| 181 |
-
|
| 182 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 183 |
}
|
| 184 |
-
|
| 185 |
-
public function
|
| 186 |
-
|
| 187 |
-
echo '<input id="rwl-
|
| 188 |
-
|
| 189 |
}
|
| 190 |
-
|
| 191 |
public function admin_notices() {
|
| 192 |
-
|
| 193 |
global $pagenow;
|
| 194 |
-
|
| 195 |
-
|
| 196 |
-
|
| 197 |
-
|
| 198 |
-
|
| 199 |
-
|
| 200 |
-
|
| 201 |
-
|
| 202 |
-
|
| 203 |
}
|
| 204 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 205 |
}
|
| 206 |
-
|
| 207 |
public function plugin_action_links( $links ) {
|
| 208 |
-
|
| 209 |
-
|
| 210 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 211 |
return $links;
|
| 212 |
-
|
| 213 |
}
|
| 214 |
-
|
| 215 |
public function init() {
|
| 216 |
-
|
| 217 |
-
if ( is_admin()
|
| 218 |
-
|
|
|
|
|
|
|
| 219 |
wp_die( __( 'You must log in to access the admin area.' ) );
|
| 220 |
-
|
| 221 |
}
|
| 222 |
-
|
| 223 |
-
if ( !
|
| 224 |
-
|
| 225 |
-
|
| 226 |
-
|
|
|
|
|
|
|
| 227 |
}
|
| 228 |
-
|
| 229 |
-
if ( strpos( $_SERVER['REQUEST_URI'],
|
| 230 |
-
|
| 231 |
$home_url = parse_url( home_url() );
|
| 232 |
-
|
| 233 |
$home_path = '';
|
| 234 |
if ( isset( $home_url['path'] ) )
|
| 235 |
$home_path = $home_url['path'];
|
| 236 |
$home_path = trim( $home_path, '/' );
|
| 237 |
-
|
| 238 |
$req_uri = $_SERVER['REQUEST_URI'];
|
| 239 |
$req_uri_array = explode( '?', $req_uri );
|
| 240 |
$req_uri = $req_uri_array[0];
|
| 241 |
$req_uri = trim( $req_uri, '/' );
|
| 242 |
$req_uri = preg_replace( "|^$home_path|i", '', $req_uri );
|
| 243 |
$req_uri = trim( $req_uri, '/' );
|
| 244 |
-
|
| 245 |
-
if ( $req_uri
|
| 246 |
-
|
| 247 |
status_header( 200 );
|
| 248 |
-
|
| 249 |
-
require_once(
|
| 250 |
-
|
| 251 |
-
|
| 252 |
-
|
| 253 |
}
|
| 254 |
-
|
| 255 |
}
|
| 256 |
-
|
| 257 |
}
|
| 258 |
-
|
| 259 |
public function login_init() {
|
| 260 |
-
|
| 261 |
-
if ( strpos( $_SERVER['REQUEST_URI'], 'wp-login' ) ) {
|
| 262 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 263 |
$this->set_404();
|
| 264 |
-
|
| 265 |
}
|
| 266 |
-
|
| 267 |
-
}
|
| 268 |
-
|
| 269 |
-
public function site_url( $url, $path, $scheme, $blog_id ) {
|
| 270 |
-
|
| 271 |
-
return ( strpos( $path, 'wp-login.php' ) !== false && $scheme == 'login_post' ) ? $this->new_login_url() . str_replace( 'wp-login.php', '', $path ) : $url;
|
| 272 |
-
|
| 273 |
-
}
|
| 274 |
-
|
| 275 |
-
public function login_url( $login_url, $redirect = '' ) {
|
| 276 |
-
|
| 277 |
-
$login_url = $this->new_login_url();
|
| 278 |
-
|
| 279 |
-
if ( ! empty( $redirect ) )
|
| 280 |
-
$login_url = add_query_arg( 'redirect_to', urlencode( $redirect ), $login_url );
|
| 281 |
-
|
| 282 |
-
return $login_url;
|
| 283 |
-
|
| 284 |
-
}
|
| 285 |
-
|
| 286 |
-
public function logout_url( $login_url, $redirect = '' ) {
|
| 287 |
-
|
| 288 |
-
$args = array();
|
| 289 |
-
$args['action'] = 'logout';
|
| 290 |
-
if ( ! empty( $redirect ) )
|
| 291 |
-
$args['redirect_to'] = urlencode( $redirect );
|
| 292 |
-
|
| 293 |
-
$logout_url = add_query_arg( $args, $this->new_login_url() );
|
| 294 |
-
$logout_url = wp_nonce_url( $logout_url, 'log-out' );
|
| 295 |
-
|
| 296 |
-
return $logout_url;
|
| 297 |
-
|
| 298 |
}
|
| 299 |
-
|
| 300 |
-
public function
|
| 301 |
-
|
| 302 |
-
|
| 303 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 304 |
}
|
| 305 |
-
|
| 306 |
-
public function
|
| 307 |
-
|
| 308 |
-
$
|
| 309 |
-
|
| 310 |
-
|
| 311 |
-
|
| 312 |
-
|
| 313 |
-
|
| 314 |
-
|
| 315 |
-
|
| 316 |
-
|
|
|
|
| 317 |
}
|
| 318 |
-
|
| 319 |
-
|
| 320 |
-
|
| 321 |
}
|
| 322 |
-
|
| 323 |
Rename_WP_Login::instance();
|
| 324 |
-
|
| 325 |
-
}
|
| 6 |
Description: Change wp-login.php to whatever you want. It can also prevent a lot of brute force attacks.
|
| 7 |
Author: avryl
|
| 8 |
Author URI: http://profiles.wordpress.org/avryl/
|
| 9 |
+
Version: 2.0
|
| 10 |
Text Domain: rename-wp-login
|
| 11 |
License: GPLv2 or later
|
| 12 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 13 |
*/
|
| 14 |
|
| 15 |
if ( ! class_exists( 'Rename_WP_Login' ) ) {
|
| 16 |
+
|
| 17 |
class Rename_WP_Login {
|
| 18 |
+
|
|
|
|
|
|
|
| 19 |
private function basename() {
|
| 20 |
+
|
| 21 |
return plugin_basename( __FILE__ );
|
| 22 |
+
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 23 |
}
|
| 24 |
+
|
| 25 |
private function path() {
|
| 26 |
+
|
| 27 |
return trailingslashit( dirname( __FILE__ ) );
|
| 28 |
+
|
| 29 |
}
|
| 30 |
+
|
| 31 |
private function set_404() {
|
| 32 |
+
|
| 33 |
global $wp_query;
|
| 34 |
+
|
| 35 |
status_header( 404 );
|
| 36 |
+
|
| 37 |
$wp_query->set_404();
|
| 38 |
+
|
| 39 |
+
if ( ( ( $template = get_404_template() )
|
| 40 |
+
|| ( $template = get_index_template() ) )
|
| 41 |
+
&& ( $template = apply_filters( 'template_include', $template ) ) ) {
|
| 42 |
+
|
|
|
|
|
|
|
| 43 |
include( $template );
|
| 44 |
+
|
| 45 |
+
}
|
| 46 |
+
|
| 47 |
+
die;
|
| 48 |
+
|
| 49 |
}
|
| 50 |
+
|
| 51 |
+
private function new_login_slug() {
|
| 52 |
+
|
| 53 |
+
if ( ( $slug = get_option( 'rwl_page' ) )
|
| 54 |
+
|| ( is_multisite()
|
| 55 |
+
&& is_plugin_active_for_network( $this->basename() )
|
| 56 |
+
&& ( $slug = get_site_option( 'rwl_page', 'login' ) ) )
|
| 57 |
+
|| ( $slug = 'login' ) ) {
|
| 58 |
+
|
| 59 |
+
return $slug;
|
| 60 |
+
|
| 61 |
+
}
|
| 62 |
+
|
| 63 |
}
|
| 64 |
+
|
| 65 |
+
public function new_login_url() {
|
| 66 |
+
|
| 67 |
+
return trailingslashit( trailingslashit( home_url() ) . $this->new_login_slug() );
|
| 68 |
+
|
| 69 |
+
}
|
| 70 |
+
|
| 71 |
public static function instance() {
|
| 72 |
+
|
| 73 |
+
global $rwl;
|
| 74 |
+
|
| 75 |
+
if ( ! $rwl ) {
|
| 76 |
+
|
| 77 |
+
$rwl = new self;
|
| 78 |
+
|
| 79 |
+
}
|
| 80 |
+
|
| 81 |
}
|
| 82 |
+
|
| 83 |
private function __construct() {
|
| 84 |
+
|
| 85 |
global $wp_version;
|
| 86 |
+
|
| 87 |
if ( version_compare( $wp_version, '3.8', '<' ) ) {
|
| 88 |
+
|
|
|
|
| 89 |
add_action( 'admin_notices', array( $this, 'admin_notices_incompatible' ) );
|
| 90 |
+
add_action( 'network_admin_notices', array( $this, 'admin_notices_incompatible' ) );
|
| 91 |
+
|
| 92 |
return;
|
| 93 |
+
|
| 94 |
}
|
| 95 |
+
|
| 96 |
register_activation_hook( $this->basename(), array( $this, 'activate' ) );
|
| 97 |
+
register_deactivation_hook( $this->basename(), array( $this, 'deactivate' ) );
|
| 98 |
register_uninstall_hook( $this->basename(), array( 'Rename_WP_Login', 'uninstall' ) );
|
| 99 |
+
|
| 100 |
add_action( 'admin_init', array( $this, 'admin_init' ) );
|
| 101 |
add_action( 'admin_notices', array( $this, 'admin_notices' ) );
|
| 102 |
+
add_action( 'network_admin_notices', array( $this, 'admin_notices' ) );
|
| 103 |
+
|
| 104 |
+
if ( ! get_option( 'permalink_structure' ) ) {
|
| 105 |
+
|
| 106 |
return;
|
| 107 |
+
|
| 108 |
+
}
|
| 109 |
+
|
| 110 |
+
if ( is_multisite() && ! function_exists( 'is_plugin_active_for_network' ) ) {
|
| 111 |
+
|
| 112 |
+
require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
|
| 113 |
+
|
| 114 |
+
}
|
| 115 |
+
|
| 116 |
+
add_filter( 'plugin_action_links_' . $this->basename(), array( $this, 'plugin_action_links' ) );
|
| 117 |
+
|
| 118 |
+
if ( is_multisite() && is_plugin_active_for_network( $this->basename() ) ) {
|
| 119 |
+
|
| 120 |
+
add_filter( 'network_admin_plugin_action_links_' . $this->basename(), array( $this, 'plugin_action_links' ) );
|
| 121 |
+
|
| 122 |
+
add_action( 'wpmu_options', array( $this, 'wpmu_options' ) );
|
| 123 |
+
add_action( 'update_wpmu_options', array( $this, 'update_wpmu_options' ) );
|
| 124 |
+
|
| 125 |
+
}
|
| 126 |
+
|
| 127 |
+
add_action( 'wp_loaded', array( $this, 'init' ) );
|
| 128 |
add_action( 'login_init', array( $this, 'login_init' ) );
|
| 129 |
+
|
| 130 |
+
add_filter( 'site_url', array( $this, 'site_url' ), 10, 2 );
|
| 131 |
+
add_filter( 'network_site_url', array( $this, 'site_url' ), 10, 2 );
|
| 132 |
+
add_filter( 'wp_redirect', array( $this, 'wp_redirect' ), 10, 2 );
|
| 133 |
+
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 134 |
}
|
| 135 |
+
|
| 136 |
public function admin_notices_incompatible() {
|
| 137 |
+
|
| 138 |
+
echo '<div class="error"><p>Please upgrade to the latest version of WordPress to activate <strong>Rename wp-login.php</strong>.</p></div>';
|
| 139 |
+
|
|
|
|
|
|
|
|
|
|
| 140 |
}
|
| 141 |
+
|
| 142 |
public function activate() {
|
| 143 |
+
|
| 144 |
add_option( 'rwl_redirect', '1' );
|
| 145 |
+
|
| 146 |
+
delete_option( 'rwl_admin' );
|
| 147 |
+
|
| 148 |
+
if ( is_network_admin() ) {
|
| 149 |
+
|
| 150 |
+
$rwl_page = get_site_option( 'rwl_page', 'login' );
|
| 151 |
+
|
| 152 |
+
$welcome_email = get_site_option( 'welcome_email' );
|
| 153 |
+
$welcome_email = preg_replace( "/(BLOG_URL)([\w\-]+)(\/|\.php)/", "$1$rwl_page/", $welcome_email );
|
| 154 |
+
|
| 155 |
+
update_site_option( 'welcome_email', $welcome_email );
|
| 156 |
+
|
| 157 |
+
}
|
| 158 |
+
|
| 159 |
+
}
|
| 160 |
+
|
| 161 |
+
public function deactivate() {
|
| 162 |
+
|
| 163 |
+
$welcome_email = get_site_option( 'welcome_email' );
|
| 164 |
+
$welcome_email = preg_replace( "/(BLOG_URL)([\w\-]+)(\/|\.php)/", "$1wp-login.php", $welcome_email );
|
| 165 |
+
|
| 166 |
+
update_site_option( 'welcome_email', $welcome_email );
|
| 167 |
+
|
| 168 |
}
|
| 169 |
+
|
| 170 |
public static function uninstall() {
|
| 171 |
+
|
| 172 |
+
global $wpdb;
|
| 173 |
+
|
| 174 |
+
if ( is_multisite() ) {
|
| 175 |
+
|
| 176 |
+
$blogs = $wpdb->get_col( "SELECT blog_id FROM {$wpdb->blogs}" );
|
| 177 |
+
|
| 178 |
+
if ( $blogs ) {
|
| 179 |
+
|
| 180 |
+
foreach( $blogs as $blog ) {
|
| 181 |
+
|
| 182 |
+
switch_to_blog( $blog );
|
| 183 |
+
|
| 184 |
+
delete_option( 'rwl_page' );
|
| 185 |
+
|
| 186 |
+
}
|
| 187 |
+
|
| 188 |
+
restore_current_blog();
|
| 189 |
+
|
| 190 |
+
}
|
| 191 |
+
|
| 192 |
+
delete_site_option( 'rwl_page' );
|
| 193 |
+
|
| 194 |
+
}
|
| 195 |
|
| 196 |
+
else {
|
| 197 |
+
|
| 198 |
+
delete_option( 'rwl_page' );
|
| 199 |
+
|
| 200 |
+
}
|
| 201 |
+
|
| 202 |
+
}
|
| 203 |
+
|
| 204 |
+
public function wpmu_options() {
|
| 205 |
+
|
| 206 |
+
$out = '<h3>Rename wp-login.php</h3>';
|
| 207 |
+
$out .= '<p>This option allows you to set a networkwide default, which can be overridden by individual sites. Simply go to to the site’s permalink settings to change the url.</p>';
|
| 208 |
+
$out .= '<p>Need help? Try the <a href="http://wordpress.org/support/plugin/rename-wp-login#postform" target="_blank">support forum</a>.</p>';
|
| 209 |
+
$out .= '<table class="form-table">';
|
| 210 |
+
$out .= '<tr valign="top">';
|
| 211 |
+
$out .= '<th scope="row">Networkwide default</th>';
|
| 212 |
+
$out .= '<td><input id="rwl-page-input" type="text" name="rwl_page" value="' . get_site_option( 'rwl_page', 'login' ) . '"></td>';
|
| 213 |
+
$out .= '</tr>';
|
| 214 |
+
$out .= '</table>';
|
| 215 |
+
|
| 216 |
+
echo $out;
|
| 217 |
+
|
| 218 |
+
}
|
| 219 |
+
|
| 220 |
+
public function update_wpmu_options() {
|
| 221 |
+
|
| 222 |
+
if ( ( $rwl_page = sanitize_title_with_dashes( $_POST['rwl_page'] ) )
|
| 223 |
+
&& strpos( $rwl_page, 'wp-login' ) === false ) {
|
| 224 |
+
|
| 225 |
+
update_site_option( 'rwl_page', $rwl_page );
|
| 226 |
+
|
| 227 |
+
$welcome_email = get_site_option( 'welcome_email' );
|
| 228 |
+
$welcome_email = preg_replace( "/(BLOG_URL)([\w\-]+)(\/|\.php)/", "$1$rwl_page/", $welcome_email );
|
| 229 |
+
|
| 230 |
+
update_site_option( 'welcome_email', $welcome_email );
|
| 231 |
+
|
| 232 |
+
}
|
| 233 |
+
|
| 234 |
}
|
| 235 |
+
|
| 236 |
public function admin_init() {
|
| 237 |
+
|
| 238 |
+
global $pagenow;
|
| 239 |
+
|
| 240 |
+
add_settings_section(
|
| 241 |
+
'rename-wp-login-section',
|
| 242 |
+
'Rename wp-login.php',
|
| 243 |
+
array( $this, 'rwl_section_desc' ),
|
| 244 |
+
'permalink'
|
| 245 |
+
);
|
| 246 |
+
|
| 247 |
+
add_settings_field(
|
| 248 |
+
'rwl-page',
|
| 249 |
+
'<label for="rwl-page">Login url</label>',
|
| 250 |
+
array( $this, 'rwl_page_input' ),
|
| 251 |
+
'permalink',
|
| 252 |
+
'rename-wp-login-section'
|
| 253 |
+
);
|
| 254 |
+
|
| 255 |
+
if ( isset( $_POST['rwl_page'] )
|
| 256 |
+
&& $pagenow === 'options-permalink.php' ) {
|
| 257 |
+
|
| 258 |
+
if ( ( $rwl_page = sanitize_title_with_dashes( $_POST['rwl_page'] ) )
|
| 259 |
+
&& strpos( $rwl_page, 'wp-login' ) === false ) {
|
| 260 |
+
|
| 261 |
+
if ( $rwl_page === get_site_option( 'rwl_page', 'login' ) ) {
|
| 262 |
+
|
| 263 |
+
delete_option( 'rwl_page' );
|
| 264 |
+
|
| 265 |
+
}
|
| 266 |
|
| 267 |
+
else {
|
| 268 |
+
|
| 269 |
+
update_option( 'rwl_page', $rwl_page );
|
| 270 |
+
|
| 271 |
+
}
|
| 272 |
+
|
| 273 |
}
|
| 274 |
+
|
|
|
|
|
|
|
| 275 |
}
|
| 276 |
+
|
| 277 |
if ( get_option( 'rwl_redirect' ) ) {
|
| 278 |
+
|
| 279 |
delete_option( 'rwl_redirect' );
|
| 280 |
+
|
| 281 |
+
if ( is_multisite()
|
| 282 |
+
&& is_super_admin()
|
| 283 |
+
&& is_plugin_active_for_network( $this->basename() ) ) {
|
| 284 |
+
|
| 285 |
+
$redirect = network_admin_url( 'settings.php#rwl-page-input' );
|
| 286 |
+
|
| 287 |
+
}
|
| 288 |
+
|
| 289 |
+
else {
|
| 290 |
+
|
| 291 |
+
$redirect = admin_url( 'options-permalink.php#rwl-page-input' );
|
| 292 |
+
|
| 293 |
+
}
|
| 294 |
+
|
| 295 |
+
wp_redirect( $redirect );
|
| 296 |
+
|
| 297 |
+
die;
|
| 298 |
+
|
| 299 |
}
|
| 300 |
+
|
| 301 |
}
|
| 302 |
+
|
| 303 |
+
public function rwl_section_desc() {
|
| 304 |
+
|
| 305 |
+
$out = '';
|
| 306 |
+
|
| 307 |
+
if ( ! is_multisite()
|
| 308 |
+
|| is_super_admin() ) {
|
| 309 |
+
|
| 310 |
+
$out .= '<p>Need help? Try the <a href="http://wordpress.org/support/plugin/rename-wp-login#postform" target="_blank">support forum</a>.</p>';
|
| 311 |
+
|
| 312 |
+
}
|
| 313 |
+
|
| 314 |
+
if ( is_multisite()
|
| 315 |
+
&& is_super_admin()
|
| 316 |
+
&& is_plugin_active_for_network( $this->basename() ) ) {
|
| 317 |
+
|
| 318 |
+
$out .= '<p>To set a networkwide default, go to <a href="' . network_admin_url( 'settings.php#rwl-page-input' ) . '">Network Settings</a>.</p>';
|
| 319 |
+
|
| 320 |
+
}
|
| 321 |
+
|
| 322 |
+
echo $out;
|
| 323 |
+
|
| 324 |
}
|
| 325 |
+
|
| 326 |
+
public function rwl_page_input() {
|
| 327 |
+
|
| 328 |
+
echo '<code>' . home_url() . '/</code> <input id="rwl-page-input" type="text" name="rwl_page" value="' . $this->new_login_slug() . '"> <code>/</code>';
|
| 329 |
+
|
| 330 |
}
|
| 331 |
+
|
| 332 |
public function admin_notices() {
|
| 333 |
+
|
| 334 |
global $pagenow;
|
| 335 |
+
|
| 336 |
+
$out = '';
|
| 337 |
+
|
| 338 |
+
if ( ! is_network_admin()
|
| 339 |
+
&& ! get_option( 'permalink_structure' ) ) {
|
| 340 |
+
|
| 341 |
+
$out .= '<div class="error"><p><strong>Rename wp-login.php</strong> doesn’t work if you’re using the default permalink structure.<br>You must <a href="' . admin_url( 'options-permalink.php' ) . '">choose</a> another permalink structure for it to work.</p></div>';
|
| 342 |
+
|
|
|
|
| 343 |
}
|
| 344 |
+
|
| 345 |
+
if ( ! is_network_admin()
|
| 346 |
+
&& $pagenow === 'options-permalink.php'
|
| 347 |
+
&& isset( $_GET['settings-updated'] ) ) {
|
| 348 |
+
|
| 349 |
+
$out .= '<div class="updated"><p>Your login page is now here: <a href="' . $this->new_login_url() . '">' . home_url() . '/<strong>' . $this->new_login_slug() . '</strong>/</a>. Bookmark this page!</p></div>';
|
| 350 |
+
|
| 351 |
+
}
|
| 352 |
+
|
| 353 |
+
echo $out;
|
| 354 |
+
|
| 355 |
}
|
| 356 |
+
|
| 357 |
public function plugin_action_links( $links ) {
|
| 358 |
+
|
| 359 |
+
if ( is_network_admin()
|
| 360 |
+
&& is_plugin_active_for_network( $this->basename() ) ) {
|
| 361 |
+
|
| 362 |
+
array_unshift( $links, '<a href="' . network_admin_url( 'settings.php#rwl-page-input' ) . '">Settings</a>' );
|
| 363 |
+
|
| 364 |
+
}
|
| 365 |
+
|
| 366 |
+
elseif ( ! is_network_admin() ) {
|
| 367 |
+
|
| 368 |
+
array_unshift( $links, '<a href="' . admin_url( 'options-permalink.php#rwl-page-input' ) . '">Settings</a>' );
|
| 369 |
+
|
| 370 |
+
}
|
| 371 |
+
|
| 372 |
return $links;
|
| 373 |
+
|
| 374 |
}
|
| 375 |
+
|
| 376 |
public function init() {
|
| 377 |
+
|
| 378 |
+
if ( is_admin()
|
| 379 |
+
&& ! is_user_logged_in()
|
| 380 |
+
&& ! defined( 'DOING_AJAX' ) ) {
|
| 381 |
+
|
| 382 |
wp_die( __( 'You must log in to access the admin area.' ) );
|
| 383 |
+
|
| 384 |
}
|
| 385 |
+
|
| 386 |
+
if ( ! is_multisite() &&
|
| 387 |
+
( strpos( $_SERVER['REQUEST_URI'], 'wp-signup' ) !== false
|
| 388 |
+
|| strpos( $_SERVER['REQUEST_URI'], 'wp-activate' ) ) !== false ) {
|
| 389 |
+
|
| 390 |
+
wp_die( __( 'This feature is not enabled.' ) );
|
| 391 |
+
|
| 392 |
}
|
| 393 |
+
|
| 394 |
+
if ( strpos( $_SERVER['REQUEST_URI'], $this->new_login_slug() ) !== false ) {
|
| 395 |
+
|
| 396 |
$home_url = parse_url( home_url() );
|
| 397 |
+
|
| 398 |
$home_path = '';
|
| 399 |
if ( isset( $home_url['path'] ) )
|
| 400 |
$home_path = $home_url['path'];
|
| 401 |
$home_path = trim( $home_path, '/' );
|
| 402 |
+
|
| 403 |
$req_uri = $_SERVER['REQUEST_URI'];
|
| 404 |
$req_uri_array = explode( '?', $req_uri );
|
| 405 |
$req_uri = $req_uri_array[0];
|
| 406 |
$req_uri = trim( $req_uri, '/' );
|
| 407 |
$req_uri = preg_replace( "|^$home_path|i", '', $req_uri );
|
| 408 |
$req_uri = trim( $req_uri, '/' );
|
| 409 |
+
|
| 410 |
+
if ( $req_uri === $this->new_login_slug() ) {
|
| 411 |
+
|
| 412 |
status_header( 200 );
|
| 413 |
+
|
| 414 |
+
require_once( $this->path() . 'rwl-login.php' );
|
| 415 |
+
|
| 416 |
+
die;
|
| 417 |
+
|
| 418 |
}
|
| 419 |
+
|
| 420 |
}
|
| 421 |
+
|
| 422 |
}
|
| 423 |
+
|
| 424 |
public function login_init() {
|
| 425 |
+
|
| 426 |
+
if ( strpos( $_SERVER['REQUEST_URI'], 'wp-login' ) !== false ) {
|
| 427 |
+
|
| 428 |
+
if ( ( $referer = wp_get_referer() )
|
| 429 |
+
&& strpos( $referer, 'wp-activate.php' ) !== false
|
| 430 |
+
&& ( $referer = parse_url( $referer ) )
|
| 431 |
+
&& ! empty( $referer['query'] ) ) {
|
| 432 |
+
|
| 433 |
+
parse_str( $referer['query'], $referer );
|
| 434 |
+
|
| 435 |
+
if ( ! empty( $referer['key'] )
|
| 436 |
+
&& ( $result = wpmu_activate_signup( $referer['key'] ) )
|
| 437 |
+
&& is_wp_error( $result )
|
| 438 |
+
&& ( $result->get_error_code() === 'already_active'
|
| 439 |
+
|| $result->get_error_code() === 'blog_taken' ) ) {
|
| 440 |
+
|
| 441 |
+
wp_safe_redirect( $this->new_login_url() . ( ! empty( $_SERVER['QUERY_STRING'] ) ? '?' . $_SERVER['QUERY_STRING'] : '' ) );
|
| 442 |
+
|
| 443 |
+
die;
|
| 444 |
+
|
| 445 |
+
}
|
| 446 |
+
|
| 447 |
+
}
|
| 448 |
+
|
| 449 |
$this->set_404();
|
| 450 |
+
|
| 451 |
}
|
| 452 |
+
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 453 |
}
|
| 454 |
+
|
| 455 |
+
public function site_url( $url, $path ) {
|
| 456 |
+
|
| 457 |
+
if ( strpos( $path, 'wp-login.php' ) !== false ) {
|
| 458 |
+
|
| 459 |
+
$args = explode( '?', $path );
|
| 460 |
+
|
| 461 |
+
$url = ! empty( $args[1] ) ? $this->new_login_url() . '?' . $args[1] : $this->new_login_url();
|
| 462 |
+
|
| 463 |
+
}
|
| 464 |
+
|
| 465 |
+
return $url;
|
| 466 |
+
|
| 467 |
}
|
| 468 |
+
|
| 469 |
+
public function wp_redirect( $location, $status ) {
|
| 470 |
+
|
| 471 |
+
if ( strpos( $location, 'wp-login.php' ) !== false ) {
|
| 472 |
+
|
| 473 |
+
$args = explode( '?', $location );
|
| 474 |
+
|
| 475 |
+
$location = ! empty( $args[1] ) ? $this->new_login_url() . '?' . $args[1] : $this->new_login_url();
|
| 476 |
+
|
| 477 |
+
}
|
| 478 |
+
|
| 479 |
+
return $location;
|
| 480 |
+
|
| 481 |
}
|
| 482 |
+
|
|
|
|
|
|
|
| 483 |
}
|
| 484 |
+
|
| 485 |
Rename_WP_Login::instance();
|
| 486 |
+
|
| 487 |
+
}
|
rwl-login.php
CHANGED
|
@@ -11,7 +11,7 @@
|
|
| 11 |
/** Make sure that the WordPress bootstrap has run before continuing. */
|
| 12 |
//require( dirname(__FILE__) . '/wp-load.php' );
|
| 13 |
|
| 14 |
-
global $error, $interim_login, $action;
|
| 15 |
|
| 16 |
// Redirect to https login if forced to use SSL
|
| 17 |
if ( force_ssl_admin() && ! is_ssl() ) {
|
|
@@ -32,7 +32,7 @@ if ( force_ssl_admin() && ! is_ssl() ) {
|
|
| 32 |
* @param string $wp_error Optional. The error to pass. Default empty.
|
| 33 |
* @param WP_Error $wp_error Optional. WordPress Error Object
|
| 34 |
*/
|
| 35 |
-
function login_header($title = 'Log In', $message = '', $wp_error = '') {
|
| 36 |
global $error, $interim_login, $action;
|
| 37 |
|
| 38 |
// Don't index any of these forms
|
|
@@ -363,7 +363,7 @@ function retrieve_password() {
|
|
| 363 |
$message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
|
| 364 |
$message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
|
| 365 |
$message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
|
| 366 |
-
$message .= '<' .
|
| 367 |
|
| 368 |
if ( is_multisite() )
|
| 369 |
$blogname = $GLOBALS['current_site']->site_name;
|
|
@@ -478,7 +478,7 @@ case 'logout' :
|
|
| 478 |
check_admin_referer('log-out');
|
| 479 |
wp_logout();
|
| 480 |
|
| 481 |
-
$redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] :
|
| 482 |
wp_safe_redirect( $redirect_to );
|
| 483 |
exit();
|
| 484 |
|
|
@@ -490,7 +490,7 @@ case 'retrievepassword' :
|
|
| 490 |
if ( $http_post ) {
|
| 491 |
$errors = retrieve_password();
|
| 492 |
if ( !is_wp_error($errors) ) {
|
| 493 |
-
$redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] :
|
| 494 |
wp_safe_redirect( $redirect_to );
|
| 495 |
exit();
|
| 496 |
}
|
|
@@ -526,7 +526,7 @@ case 'retrievepassword' :
|
|
| 526 |
|
| 527 |
?>
|
| 528 |
|
| 529 |
-
<form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url(
|
| 530 |
<p>
|
| 531 |
<label for="user_login" ><?php _e('Username or E-mail:') ?><br />
|
| 532 |
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label>
|
|
@@ -569,9 +569,9 @@ case 'rp' :
|
|
| 569 |
|
| 570 |
if ( is_wp_error($user) ) {
|
| 571 |
if ( $user->get_error_code() === 'expired_key' )
|
| 572 |
-
wp_redirect(
|
| 573 |
else
|
| 574 |
-
wp_redirect(
|
| 575 |
exit;
|
| 576 |
}
|
| 577 |
|
|
@@ -603,8 +603,7 @@ case 'rp' :
|
|
| 603 |
login_header(__('Reset Password'), '<p class="message reset-pass">' . __('Enter your new password below.') . '</p>', $errors );
|
| 604 |
|
| 605 |
?>
|
| 606 |
-
<form name="resetpassform" id="resetpassform" action="<?php echo esc_url(
|
| 607 |
-
|
| 608 |
<input type="hidden" id="user_login" value="<?php echo esc_attr( $_GET['login'] ); ?>" autocomplete="off" />
|
| 609 |
|
| 610 |
<p>
|
|
@@ -653,7 +652,7 @@ case 'register' :
|
|
| 653 |
}
|
| 654 |
|
| 655 |
if ( !get_option('users_can_register') ) {
|
| 656 |
-
wp_redirect(
|
| 657 |
exit();
|
| 658 |
}
|
| 659 |
|
|
@@ -664,7 +663,7 @@ case 'register' :
|
|
| 664 |
$user_email = $_POST['user_email'];
|
| 665 |
$errors = register_new_user($user_login, $user_email);
|
| 666 |
if ( !is_wp_error($errors) ) {
|
| 667 |
-
$redirect_to = !empty( $_POST['redirect_to'] ) ? $_POST['redirect_to'] :
|
| 668 |
wp_safe_redirect( $redirect_to );
|
| 669 |
exit();
|
| 670 |
}
|
|
@@ -682,7 +681,7 @@ case 'register' :
|
|
| 682 |
login_header(__('Registration Form'), '<p class="message register">' . __('Register For This Site') . '</p>', $errors);
|
| 683 |
?>
|
| 684 |
|
| 685 |
-
<form name="registerform" id="registerform" action="<?php echo esc_url(
|
| 686 |
<p>
|
| 687 |
<label for="user_login"><?php _e('Username') ?><br />
|
| 688 |
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr(wp_unslash($user_login)); ?>" size="20" /></label>
|
|
@@ -835,15 +834,13 @@ default:
|
|
| 835 |
wp_clear_auth_cookie();
|
| 836 |
|
| 837 |
login_header(__('Log In'), '', $errors);
|
| 838 |
-
|
| 839 |
-
$user_login = '';
|
| 840 |
-
|
| 841 |
if ( isset($_POST['log']) )
|
| 842 |
$user_login = ( 'incorrect_password' == $errors->get_error_code() || 'empty_password' == $errors->get_error_code() ) ? esc_attr(wp_unslash($_POST['log'])) : '';
|
| 843 |
$rememberme = ! empty( $_POST['rememberme'] );
|
| 844 |
?>
|
| 845 |
|
| 846 |
-
<form name="loginform" id="loginform" action="<?php echo esc_url(
|
| 847 |
<p>
|
| 848 |
<label for="user_login"><?php _e('Username') ?><br />
|
| 849 |
<input type="text" name="log" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label>
|
| 11 |
/** Make sure that the WordPress bootstrap has run before continuing. */
|
| 12 |
//require( dirname(__FILE__) . '/wp-load.php' );
|
| 13 |
|
| 14 |
+
global $error, $interim_login, $action, $user_login;
|
| 15 |
|
| 16 |
// Redirect to https login if forced to use SSL
|
| 17 |
if ( force_ssl_admin() && ! is_ssl() ) {
|
| 32 |
* @param string $wp_error Optional. The error to pass. Default empty.
|
| 33 |
* @param WP_Error $wp_error Optional. WordPress Error Object
|
| 34 |
*/
|
| 35 |
+
function login_header( $title = 'Log In', $message = '', $wp_error = '' ) {
|
| 36 |
global $error, $interim_login, $action;
|
| 37 |
|
| 38 |
// Don't index any of these forms
|
| 363 |
$message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
|
| 364 |
$message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
|
| 365 |
$message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
|
| 366 |
+
$message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . ">\r\n";
|
| 367 |
|
| 368 |
if ( is_multisite() )
|
| 369 |
$blogname = $GLOBALS['current_site']->site_name;
|
| 478 |
check_admin_referer('log-out');
|
| 479 |
wp_logout();
|
| 480 |
|
| 481 |
+
$redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : 'wp-login.php?loggedout=true';
|
| 482 |
wp_safe_redirect( $redirect_to );
|
| 483 |
exit();
|
| 484 |
|
| 490 |
if ( $http_post ) {
|
| 491 |
$errors = retrieve_password();
|
| 492 |
if ( !is_wp_error($errors) ) {
|
| 493 |
+
$redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : 'wp-login.php?checkemail=confirm';
|
| 494 |
wp_safe_redirect( $redirect_to );
|
| 495 |
exit();
|
| 496 |
}
|
| 526 |
|
| 527 |
?>
|
| 528 |
|
| 529 |
+
<form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url( site_url( 'wp-login.php?action=lostpassword', 'login_post' ) ); ?>" method="post">
|
| 530 |
<p>
|
| 531 |
<label for="user_login" ><?php _e('Username or E-mail:') ?><br />
|
| 532 |
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label>
|
| 569 |
|
| 570 |
if ( is_wp_error($user) ) {
|
| 571 |
if ( $user->get_error_code() === 'expired_key' )
|
| 572 |
+
wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=expiredkey' ) );
|
| 573 |
else
|
| 574 |
+
wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=invalidkey' ) );
|
| 575 |
exit;
|
| 576 |
}
|
| 577 |
|
| 603 |
login_header(__('Reset Password'), '<p class="message reset-pass">' . __('Enter your new password below.') . '</p>', $errors );
|
| 604 |
|
| 605 |
?>
|
| 606 |
+
<form name="resetpassform" id="resetpassform" action="<?php echo esc_url( site_url( 'wp-login.php?action=resetpass&key=' . urlencode( $_GET['key'] ) . '&login=' . urlencode( $_GET['login'] ), 'login_post' ) ); ?>" method="post" autocomplete="off">
|
|
|
|
| 607 |
<input type="hidden" id="user_login" value="<?php echo esc_attr( $_GET['login'] ); ?>" autocomplete="off" />
|
| 608 |
|
| 609 |
<p>
|
| 652 |
}
|
| 653 |
|
| 654 |
if ( !get_option('users_can_register') ) {
|
| 655 |
+
wp_redirect( site_url('wp-login.php?registration=disabled') );
|
| 656 |
exit();
|
| 657 |
}
|
| 658 |
|
| 663 |
$user_email = $_POST['user_email'];
|
| 664 |
$errors = register_new_user($user_login, $user_email);
|
| 665 |
if ( !is_wp_error($errors) ) {
|
| 666 |
+
$redirect_to = !empty( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : 'wp-login.php?checkemail=registered';
|
| 667 |
wp_safe_redirect( $redirect_to );
|
| 668 |
exit();
|
| 669 |
}
|
| 681 |
login_header(__('Registration Form'), '<p class="message register">' . __('Register For This Site') . '</p>', $errors);
|
| 682 |
?>
|
| 683 |
|
| 684 |
+
<form name="registerform" id="registerform" action="<?php echo esc_url( site_url('wp-login.php?action=register', 'login_post') ); ?>" method="post">
|
| 685 |
<p>
|
| 686 |
<label for="user_login"><?php _e('Username') ?><br />
|
| 687 |
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr(wp_unslash($user_login)); ?>" size="20" /></label>
|
| 834 |
wp_clear_auth_cookie();
|
| 835 |
|
| 836 |
login_header(__('Log In'), '', $errors);
|
| 837 |
+
|
|
|
|
|
|
|
| 838 |
if ( isset($_POST['log']) )
|
| 839 |
$user_login = ( 'incorrect_password' == $errors->get_error_code() || 'empty_password' == $errors->get_error_code() ) ? esc_attr(wp_unslash($_POST['log'])) : '';
|
| 840 |
$rememberme = ! empty( $_POST['rememberme'] );
|
| 841 |
?>
|
| 842 |
|
| 843 |
+
<form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post">
|
| 844 |
<p>
|
| 845 |
<label for="user_login"><?php _e('Username') ?><br />
|
| 846 |
<input type="text" name="log" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label>
|
