Version Description
- This plugin can now be activated for a network and a networkwide default can be set.
- The plugin now hooks in after init to make sure any customisations to the login form are hooked in before it.
- Links should now be fixed when SSL is enabled.
Download this release
Release Info
Developer | avryl |
Plugin | Rename wp-login.php |
Version | 2.0 |
Comparing to | |
See all releases |
Code changes from version 1.9 to 2.0
- index.php +1 -1
- readme.md +18 -10
- readme.txt +18 -10
- rename-wp-login.php +392 -230
- rwl-login.php +14 -17
index.php
CHANGED
@@ -1,3 +1,3 @@
|
|
1 |
<?php
|
2 |
|
3 |
-
// Silence is golden.
|
1 |
<?php
|
2 |
|
3 |
+
// Silence is golden.
|
readme.md
CHANGED
@@ -4,41 +4,43 @@
|
|
4 |
**Tags:** rename, login, wp-login, wp-login.php, brute force attacks, custom login url
|
5 |
**Requires at least:** 3.8
|
6 |
**Tested up to:** 3.8
|
7 |
-
**Stable tag:**
|
8 |
**License:** GPLv2 or later
|
9 |
**License URI:** http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
11 |
-
Change wp-login.php to
|
12 |
|
13 |
## Description
|
14 |
|
15 |
-
With this plugin you can change wp-login.php to anything you want. The default is example.com/login/,
|
16 |
-
Please bookmark or remember your login url, accessing wp-login.php or wp-admin will
|
17 |
|
18 |
### Compatibility
|
19 |
|
20 |
Requires WordPress 3.8 or higher. The registration form, lost password form, login widget and expired sessions will keep working.
|
21 |
|
|
|
|
|
22 |
Compatible with plugins like:
|
23 |
|
24 |
* BuddyPress,
|
|
|
25 |
* Limit Login Attempts,
|
26 |
* User Switching,
|
27 |
* and any other plugin that hooks into the standard login form.
|
28 |
|
29 |
It does’t work with plugins that hardcoded wp-login.php, obviously.
|
30 |
-
|
|
|
31 |
|
32 |
If you’re using a **page caching plugin** like **W3 Total Cache** or **WP Super Cache**, add the word you renamed wp-login.php to (e.g. login) to the list of pages not to cache.
|
33 |
|
34 |
* For W3 Total Cache go to Performance › Page Cache › Advanced › Never cache the following pages, add your new login page on a new line and save all settings.
|
35 |
* For WP Super Cache go to Settings › WP Super Cache › Advanced › Accepted Filenames & Rejected URIs, add your new login page on a new line and save.
|
36 |
|
37 |
-
This plugin is **not** yet tested on installs that force **SSL** or use the **multisite** feature. I would appreciate any help with testing this.
|
38 |
-
|
39 |
### Benefits
|
40 |
|
41 |
-
Not only does it allow you to further customise your login page, it also prevents brute force attacks that are targeted specifically to wp-login.php. wp-login.php, and wp-admin if not logged in,
|
42 |
|
43 |
While you could use this plugin to prevent a lot of brute force attacks, it does not mean you don’t need a strong password. Read [this codex article](http://codex.wordpress.org/Brute_Force_Attacks) for more information on how to protect your website.
|
44 |
|
@@ -50,7 +52,7 @@ If you want to keep your login url secret, you should make sure there aren’t a
|
|
50 |
2. Search for *Rename wp-login.php*.
|
51 |
3. Look for this plugin, download and activate it.
|
52 |
4. The page will redirect you to the settings. Rename wp-login.php in the section Login.
|
53 |
-
5. You can change this option any time you want, just go back to Settings › Permalinks ›
|
54 |
|
55 |
## Frequently Asked Questions
|
56 |
|
@@ -60,6 +62,12 @@ Either go to your MySQL database and look for the value of `rwl_page` in the opt
|
|
60 |
|
61 |
## Changelog
|
62 |
|
|
|
|
|
|
|
|
|
|
|
|
|
63 |
### 1.9
|
64 |
|
65 |
* wp-admin will now have a `wp_die()` message instead of a 404 template because this caused problems.
|
@@ -105,4 +113,4 @@ Either go to your MySQL database and look for the value of `rwl_page` in the opt
|
|
105 |
|
106 |
### 1.0
|
107 |
|
108 |
-
* Initial version.
|
4 |
**Tags:** rename, login, wp-login, wp-login.php, brute force attacks, custom login url
|
5 |
**Requires at least:** 3.8
|
6 |
**Tested up to:** 3.8
|
7 |
+
**Stable tag:** 2.0
|
8 |
**License:** GPLv2 or later
|
9 |
**License URI:** http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
11 |
+
Change wp-login.php to anything you want. It can also prevent a lot of brute force attacks.
|
12 |
|
13 |
## Description
|
14 |
|
15 |
+
With this plugin you can change wp-login.php to anything you want. The default is example.com/login/, but you can change this under Settings › Permalinks › Rename wp-login.php.
|
16 |
+
Please bookmark or remember your login url, accessing wp-login.php or wp-admin will not work.
|
17 |
|
18 |
### Compatibility
|
19 |
|
20 |
Requires WordPress 3.8 or higher. The registration form, lost password form, login widget and expired sessions will keep working.
|
21 |
|
22 |
+
You also must have pretty, or almost pretty, permalinks enabled.
|
23 |
+
|
24 |
Compatible with plugins like:
|
25 |
|
26 |
* BuddyPress,
|
27 |
+
* bbPress,
|
28 |
* Limit Login Attempts,
|
29 |
* User Switching,
|
30 |
* and any other plugin that hooks into the standard login form.
|
31 |
|
32 |
It does’t work with plugins that hardcoded wp-login.php, obviously.
|
33 |
+
|
34 |
+
Works with multisite. Activating it for a network allows you to set a networkwide default. Individual sites can still rename their login page to something else.
|
35 |
|
36 |
If you’re using a **page caching plugin** like **W3 Total Cache** or **WP Super Cache**, add the word you renamed wp-login.php to (e.g. login) to the list of pages not to cache.
|
37 |
|
38 |
* For W3 Total Cache go to Performance › Page Cache › Advanced › Never cache the following pages, add your new login page on a new line and save all settings.
|
39 |
* For WP Super Cache go to Settings › WP Super Cache › Advanced › Accepted Filenames & Rejected URIs, add your new login page on a new line and save.
|
40 |
|
|
|
|
|
41 |
### Benefits
|
42 |
|
43 |
+
Not only does it allow you to further customise your login page, it also prevents brute force attacks that are targeted specifically to wp-login.php. wp-login.php, and wp-admin if not logged in, won't be accessible.
|
44 |
|
45 |
While you could use this plugin to prevent a lot of brute force attacks, it does not mean you don’t need a strong password. Read [this codex article](http://codex.wordpress.org/Brute_Force_Attacks) for more information on how to protect your website.
|
46 |
|
52 |
2. Search for *Rename wp-login.php*.
|
53 |
3. Look for this plugin, download and activate it.
|
54 |
4. The page will redirect you to the settings. Rename wp-login.php in the section Login.
|
55 |
+
5. You can change this option any time you want, just go back to Settings › Permalinks › Rename wp-login.php.
|
56 |
|
57 |
## Frequently Asked Questions
|
58 |
|
62 |
|
63 |
## Changelog
|
64 |
|
65 |
+
### 2.0
|
66 |
+
|
67 |
+
* This plugin can now be activated for a network and a networkwide default can be set.
|
68 |
+
* The plugin now hooks in after init to make sure any customisations to the login form are hooked in before it.
|
69 |
+
* Links should now be fixed when SSL is enabled.
|
70 |
+
|
71 |
### 1.9
|
72 |
|
73 |
* wp-admin will now have a `wp_die()` message instead of a 404 template because this caused problems.
|
113 |
|
114 |
### 1.0
|
115 |
|
116 |
+
* Initial version.
|
readme.txt
CHANGED
@@ -4,41 +4,43 @@ Contributors: avryl
|
|
4 |
Tags: rename, login, wp-login, wp-login.php, brute force attacks, custom login url
|
5 |
Requires at least: 3.8
|
6 |
Tested up to: 3.8
|
7 |
-
Stable tag:
|
8 |
License: GPLv2 or later
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
11 |
-
Change wp-login.php to
|
12 |
|
13 |
== Description ==
|
14 |
|
15 |
-
With this plugin you can change wp-login.php to anything you want. The default is example.com/login/,
|
16 |
-
Please bookmark or remember your login url, accessing wp-login.php or wp-admin will
|
17 |
|
18 |
= Compatibility =
|
19 |
|
20 |
Requires WordPress 3.8 or higher. The registration form, lost password form, login widget and expired sessions will keep working.
|
21 |
|
|
|
|
|
22 |
Compatible with plugins like:
|
23 |
|
24 |
* BuddyPress,
|
|
|
25 |
* Limit Login Attempts,
|
26 |
* User Switching,
|
27 |
* and any other plugin that hooks into the standard login form.
|
28 |
|
29 |
It does’t work with plugins that hardcoded wp-login.php, obviously.
|
30 |
-
|
|
|
31 |
|
32 |
If you’re using a **page caching plugin** like **W3 Total Cache** or **WP Super Cache**, add the word you renamed wp-login.php to (e.g. login) to the list of pages not to cache.
|
33 |
|
34 |
* For W3 Total Cache go to Performance › Page Cache › Advanced › Never cache the following pages, add your new login page on a new line and save all settings.
|
35 |
* For WP Super Cache go to Settings › WP Super Cache › Advanced › Accepted Filenames & Rejected URIs, add your new login page on a new line and save.
|
36 |
|
37 |
-
This plugin is **not** yet tested on installs that force **SSL** or use the **multisite** feature. I would appreciate any help with testing this.
|
38 |
-
|
39 |
= Benefits =
|
40 |
|
41 |
-
Not only does it allow you to further customise your login page, it also prevents brute force attacks that are targeted specifically to wp-login.php. wp-login.php, and wp-admin if not logged in,
|
42 |
|
43 |
While you could use this plugin to prevent a lot of brute force attacks, it does not mean you don’t need a strong password. Read [this codex article](http://codex.wordpress.org/Brute_Force_Attacks) for more information on how to protect your website.
|
44 |
|
@@ -54,7 +56,7 @@ This plugin has a [mirror](https://github.com/avryl/rename-wp-login) on GitHub.
|
|
54 |
2. Search for *Rename wp-login.php*.
|
55 |
3. Look for this plugin, download and activate it.
|
56 |
4. The page will redirect you to the settings. Rename wp-login.php in the section Login.
|
57 |
-
5. You can change this option any time you want, just go back to Settings › Permalinks ›
|
58 |
|
59 |
== Frequently Asked Questions ==
|
60 |
|
@@ -64,6 +66,12 @@ Either go to your MySQL database and look for the value of `rwl_page` in the opt
|
|
64 |
|
65 |
== Changelog ==
|
66 |
|
|
|
|
|
|
|
|
|
|
|
|
|
67 |
= 1.9 =
|
68 |
|
69 |
* wp-admin will now have a `wp_die()` message instead of a 404 template because this caused problems.
|
@@ -109,4 +117,4 @@ Either go to your MySQL database and look for the value of `rwl_page` in the opt
|
|
109 |
|
110 |
= 1.0 =
|
111 |
|
112 |
-
* Initial version.
|
4 |
Tags: rename, login, wp-login, wp-login.php, brute force attacks, custom login url
|
5 |
Requires at least: 3.8
|
6 |
Tested up to: 3.8
|
7 |
+
Stable tag: 2.0
|
8 |
License: GPLv2 or later
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
11 |
+
Change wp-login.php to anything you want. It can also prevent a lot of brute force attacks.
|
12 |
|
13 |
== Description ==
|
14 |
|
15 |
+
With this plugin you can change wp-login.php to anything you want. The default is example.com/login/, but you can change this under Settings › Permalinks › Rename wp-login.php.
|
16 |
+
Please bookmark or remember your login url, accessing wp-login.php or wp-admin will not work.
|
17 |
|
18 |
= Compatibility =
|
19 |
|
20 |
Requires WordPress 3.8 or higher. The registration form, lost password form, login widget and expired sessions will keep working.
|
21 |
|
22 |
+
You also must have pretty, or almost pretty, permalinks enabled.
|
23 |
+
|
24 |
Compatible with plugins like:
|
25 |
|
26 |
* BuddyPress,
|
27 |
+
* bbPress,
|
28 |
* Limit Login Attempts,
|
29 |
* User Switching,
|
30 |
* and any other plugin that hooks into the standard login form.
|
31 |
|
32 |
It does’t work with plugins that hardcoded wp-login.php, obviously.
|
33 |
+
|
34 |
+
Works with multisite. Activating it for a network allows you to set a networkwide default. Individual sites can still rename their login page to something else.
|
35 |
|
36 |
If you’re using a **page caching plugin** like **W3 Total Cache** or **WP Super Cache**, add the word you renamed wp-login.php to (e.g. login) to the list of pages not to cache.
|
37 |
|
38 |
* For W3 Total Cache go to Performance › Page Cache › Advanced › Never cache the following pages, add your new login page on a new line and save all settings.
|
39 |
* For WP Super Cache go to Settings › WP Super Cache › Advanced › Accepted Filenames & Rejected URIs, add your new login page on a new line and save.
|
40 |
|
|
|
|
|
41 |
= Benefits =
|
42 |
|
43 |
+
Not only does it allow you to further customise your login page, it also prevents brute force attacks that are targeted specifically to wp-login.php. wp-login.php, and wp-admin if not logged in, won't be accessible.
|
44 |
|
45 |
While you could use this plugin to prevent a lot of brute force attacks, it does not mean you don’t need a strong password. Read [this codex article](http://codex.wordpress.org/Brute_Force_Attacks) for more information on how to protect your website.
|
46 |
|
56 |
2. Search for *Rename wp-login.php*.
|
57 |
3. Look for this plugin, download and activate it.
|
58 |
4. The page will redirect you to the settings. Rename wp-login.php in the section Login.
|
59 |
+
5. You can change this option any time you want, just go back to Settings › Permalinks › Rename wp-login.php.
|
60 |
|
61 |
== Frequently Asked Questions ==
|
62 |
|
66 |
|
67 |
== Changelog ==
|
68 |
|
69 |
+
= 2.0 =
|
70 |
+
|
71 |
+
* This plugin can now be activated for a network and a networkwide default can be set.
|
72 |
+
* The plugin now hooks in after init to make sure any customisations to the login form are hooked in before it.
|
73 |
+
* Links should now be fixed when SSL is enabled.
|
74 |
+
|
75 |
= 1.9 =
|
76 |
|
77 |
* wp-admin will now have a `wp_die()` message instead of a 404 template because this caused problems.
|
117 |
|
118 |
= 1.0 =
|
119 |
|
120 |
+
* Initial version.
|
rename-wp-login.php
CHANGED
@@ -6,320 +6,482 @@ Plugin URI: http://wordpress.org/plugins/rename-wp-login/
|
|
6 |
Description: Change wp-login.php to whatever you want. It can also prevent a lot of brute force attacks.
|
7 |
Author: avryl
|
8 |
Author URI: http://profiles.wordpress.org/avryl/
|
9 |
-
Version:
|
10 |
Text Domain: rename-wp-login
|
11 |
License: GPLv2 or later
|
12 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
13 |
*/
|
14 |
|
15 |
if ( ! class_exists( 'Rename_WP_Login' ) ) {
|
16 |
-
|
17 |
class Rename_WP_Login {
|
18 |
-
|
19 |
-
private static $instance;
|
20 |
-
|
21 |
private function basename() {
|
22 |
-
|
23 |
return plugin_basename( __FILE__ );
|
24 |
-
|
25 |
-
}
|
26 |
-
|
27 |
-
private function url() {
|
28 |
-
|
29 |
-
return plugin_dir_url( __FILE__ );
|
30 |
-
|
31 |
}
|
32 |
-
|
33 |
private function path() {
|
34 |
-
|
35 |
return trailingslashit( dirname( __FILE__ ) );
|
36 |
-
|
37 |
}
|
38 |
-
|
39 |
private function set_404() {
|
40 |
-
|
41 |
global $wp_query;
|
42 |
-
|
43 |
status_header( 404 );
|
44 |
-
|
45 |
$wp_query->set_404();
|
46 |
-
|
47 |
-
$template = get_404_template()
|
48 |
-
|
49 |
-
|
50 |
-
|
51 |
-
|
52 |
-
if ( $template = apply_filters( 'template_include', $template ) )
|
53 |
include( $template );
|
54 |
-
|
55 |
-
|
56 |
-
|
|
|
|
|
57 |
}
|
58 |
-
|
59 |
-
private function
|
60 |
-
|
61 |
-
|
62 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
63 |
}
|
64 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
65 |
public static function instance() {
|
66 |
-
|
67 |
-
|
68 |
-
|
69 |
-
|
70 |
-
|
71 |
-
|
|
|
|
|
|
|
72 |
}
|
73 |
-
|
74 |
private function __construct() {
|
75 |
-
|
76 |
global $wp_version;
|
77 |
-
|
78 |
if ( version_compare( $wp_version, '3.8', '<' ) ) {
|
79 |
-
|
80 |
-
add_action( 'admin_init', array( $this, 'admin_init_incompatible' ) );
|
81 |
add_action( 'admin_notices', array( $this, 'admin_notices_incompatible' ) );
|
82 |
-
|
|
|
83 |
return;
|
84 |
-
|
85 |
}
|
86 |
-
|
87 |
register_activation_hook( $this->basename(), array( $this, 'activate' ) );
|
|
|
88 |
register_uninstall_hook( $this->basename(), array( 'Rename_WP_Login', 'uninstall' ) );
|
89 |
-
|
90 |
add_action( 'admin_init', array( $this, 'admin_init' ) );
|
91 |
add_action( 'admin_notices', array( $this, 'admin_notices' ) );
|
92 |
-
|
93 |
-
|
94 |
-
|
95 |
-
|
96 |
return;
|
97 |
-
|
98 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
99 |
add_action( 'login_init', array( $this, 'login_init' ) );
|
100 |
-
|
101 |
-
add_filter( 'site_url', array( $this, 'site_url' ), 10,
|
102 |
-
add_filter( '
|
103 |
-
add_filter( '
|
104 |
-
|
105 |
-
add_filter( 'lostpassword_url', array( $this, 'lostpassword_url' ), 10, 2 );
|
106 |
-
|
107 |
-
}
|
108 |
-
|
109 |
-
public function admin_init_incompatible() {
|
110 |
-
|
111 |
-
deactivate_plugins( $this->basename() );
|
112 |
-
|
113 |
}
|
114 |
-
|
115 |
public function admin_notices_incompatible() {
|
116 |
-
|
117 |
-
echo '<div class="error"><p>Please upgrade to the latest version of WordPress
|
118 |
-
|
119 |
-
if ( isset( $_GET['activate'] ) )
|
120 |
-
unset( $_GET['activate'] );
|
121 |
-
|
122 |
}
|
123 |
-
|
124 |
public function activate() {
|
125 |
-
|
126 |
add_option( 'rwl_redirect', '1' );
|
127 |
-
|
128 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
129 |
}
|
130 |
-
|
131 |
public static function uninstall() {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
132 |
|
133 |
-
|
134 |
-
|
135 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
136 |
}
|
137 |
-
|
138 |
public function admin_init() {
|
139 |
-
|
140 |
-
|
141 |
-
|
142 |
-
|
143 |
-
|
144 |
-
|
145 |
-
|
146 |
-
|
147 |
-
|
148 |
-
|
149 |
-
|
150 |
-
|
151 |
-
|
152 |
-
|
153 |
-
|
154 |
-
|
155 |
-
|
156 |
-
|
157 |
-
|
158 |
-
|
159 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
160 |
|
|
|
|
|
|
|
|
|
|
|
|
|
161 |
}
|
162 |
-
|
163 |
-
|
164 |
-
|
165 |
}
|
166 |
-
|
167 |
if ( get_option( 'rwl_redirect' ) ) {
|
168 |
-
|
169 |
delete_option( 'rwl_redirect' );
|
170 |
-
|
171 |
-
|
172 |
-
|
173 |
-
|
174 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
175 |
}
|
176 |
-
|
177 |
}
|
178 |
-
|
179 |
-
public function
|
180 |
-
|
181 |
-
|
182 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
183 |
}
|
184 |
-
|
185 |
-
public function
|
186 |
-
|
187 |
-
echo '<input id="rwl-
|
188 |
-
|
189 |
}
|
190 |
-
|
191 |
public function admin_notices() {
|
192 |
-
|
193 |
global $pagenow;
|
194 |
-
|
195 |
-
|
196 |
-
|
197 |
-
|
198 |
-
|
199 |
-
|
200 |
-
|
201 |
-
|
202 |
-
|
203 |
}
|
204 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
205 |
}
|
206 |
-
|
207 |
public function plugin_action_links( $links ) {
|
208 |
-
|
209 |
-
|
210 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
211 |
return $links;
|
212 |
-
|
213 |
}
|
214 |
-
|
215 |
public function init() {
|
216 |
-
|
217 |
-
if ( is_admin()
|
218 |
-
|
|
|
|
|
219 |
wp_die( __( 'You must log in to access the admin area.' ) );
|
220 |
-
|
221 |
}
|
222 |
-
|
223 |
-
if ( !
|
224 |
-
|
225 |
-
|
226 |
-
|
|
|
|
|
227 |
}
|
228 |
-
|
229 |
-
if ( strpos( $_SERVER['REQUEST_URI'],
|
230 |
-
|
231 |
$home_url = parse_url( home_url() );
|
232 |
-
|
233 |
$home_path = '';
|
234 |
if ( isset( $home_url['path'] ) )
|
235 |
$home_path = $home_url['path'];
|
236 |
$home_path = trim( $home_path, '/' );
|
237 |
-
|
238 |
$req_uri = $_SERVER['REQUEST_URI'];
|
239 |
$req_uri_array = explode( '?', $req_uri );
|
240 |
$req_uri = $req_uri_array[0];
|
241 |
$req_uri = trim( $req_uri, '/' );
|
242 |
$req_uri = preg_replace( "|^$home_path|i", '', $req_uri );
|
243 |
$req_uri = trim( $req_uri, '/' );
|
244 |
-
|
245 |
-
if ( $req_uri
|
246 |
-
|
247 |
status_header( 200 );
|
248 |
-
|
249 |
-
require_once(
|
250 |
-
|
251 |
-
|
252 |
-
|
253 |
}
|
254 |
-
|
255 |
}
|
256 |
-
|
257 |
}
|
258 |
-
|
259 |
public function login_init() {
|
260 |
-
|
261 |
-
if ( strpos( $_SERVER['REQUEST_URI'], 'wp-login' ) ) {
|
262 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
263 |
$this->set_404();
|
264 |
-
|
265 |
}
|
266 |
-
|
267 |
-
}
|
268 |
-
|
269 |
-
public function site_url( $url, $path, $scheme, $blog_id ) {
|
270 |
-
|
271 |
-
return ( strpos( $path, 'wp-login.php' ) !== false && $scheme == 'login_post' ) ? $this->new_login_url() . str_replace( 'wp-login.php', '', $path ) : $url;
|
272 |
-
|
273 |
-
}
|
274 |
-
|
275 |
-
public function login_url( $login_url, $redirect = '' ) {
|
276 |
-
|
277 |
-
$login_url = $this->new_login_url();
|
278 |
-
|
279 |
-
if ( ! empty( $redirect ) )
|
280 |
-
$login_url = add_query_arg( 'redirect_to', urlencode( $redirect ), $login_url );
|
281 |
-
|
282 |
-
return $login_url;
|
283 |
-
|
284 |
-
}
|
285 |
-
|
286 |
-
public function logout_url( $login_url, $redirect = '' ) {
|
287 |
-
|
288 |
-
$args = array();
|
289 |
-
$args['action'] = 'logout';
|
290 |
-
if ( ! empty( $redirect ) )
|
291 |
-
$args['redirect_to'] = urlencode( $redirect );
|
292 |
-
|
293 |
-
$logout_url = add_query_arg( $args, $this->new_login_url() );
|
294 |
-
$logout_url = wp_nonce_url( $logout_url, 'log-out' );
|
295 |
-
|
296 |
-
return $logout_url;
|
297 |
-
|
298 |
}
|
299 |
-
|
300 |
-
public function
|
301 |
-
|
302 |
-
|
303 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
304 |
}
|
305 |
-
|
306 |
-
public function
|
307 |
-
|
308 |
-
$
|
309 |
-
|
310 |
-
|
311 |
-
|
312 |
-
|
313 |
-
|
314 |
-
|
315 |
-
|
316 |
-
|
|
|
317 |
}
|
318 |
-
|
319 |
-
|
320 |
-
|
321 |
}
|
322 |
-
|
323 |
Rename_WP_Login::instance();
|
324 |
-
|
325 |
-
}
|
6 |
Description: Change wp-login.php to whatever you want. It can also prevent a lot of brute force attacks.
|
7 |
Author: avryl
|
8 |
Author URI: http://profiles.wordpress.org/avryl/
|
9 |
+
Version: 2.0
|
10 |
Text Domain: rename-wp-login
|
11 |
License: GPLv2 or later
|
12 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
13 |
*/
|
14 |
|
15 |
if ( ! class_exists( 'Rename_WP_Login' ) ) {
|
16 |
+
|
17 |
class Rename_WP_Login {
|
18 |
+
|
|
|
|
|
19 |
private function basename() {
|
20 |
+
|
21 |
return plugin_basename( __FILE__ );
|
22 |
+
|
|
|
|
|
|
|
|
|
|
|
|
|
23 |
}
|
24 |
+
|
25 |
private function path() {
|
26 |
+
|
27 |
return trailingslashit( dirname( __FILE__ ) );
|
28 |
+
|
29 |
}
|
30 |
+
|
31 |
private function set_404() {
|
32 |
+
|
33 |
global $wp_query;
|
34 |
+
|
35 |
status_header( 404 );
|
36 |
+
|
37 |
$wp_query->set_404();
|
38 |
+
|
39 |
+
if ( ( ( $template = get_404_template() )
|
40 |
+
|| ( $template = get_index_template() ) )
|
41 |
+
&& ( $template = apply_filters( 'template_include', $template ) ) ) {
|
42 |
+
|
|
|
|
|
43 |
include( $template );
|
44 |
+
|
45 |
+
}
|
46 |
+
|
47 |
+
die;
|
48 |
+
|
49 |
}
|
50 |
+
|
51 |
+
private function new_login_slug() {
|
52 |
+
|
53 |
+
if ( ( $slug = get_option( 'rwl_page' ) )
|
54 |
+
|| ( is_multisite()
|
55 |
+
&& is_plugin_active_for_network( $this->basename() )
|
56 |
+
&& ( $slug = get_site_option( 'rwl_page', 'login' ) ) )
|
57 |
+
|| ( $slug = 'login' ) ) {
|
58 |
+
|
59 |
+
return $slug;
|
60 |
+
|
61 |
+
}
|
62 |
+
|
63 |
}
|
64 |
+
|
65 |
+
public function new_login_url() {
|
66 |
+
|
67 |
+
return trailingslashit( trailingslashit( home_url() ) . $this->new_login_slug() );
|
68 |
+
|
69 |
+
}
|
70 |
+
|
71 |
public static function instance() {
|
72 |
+
|
73 |
+
global $rwl;
|
74 |
+
|
75 |
+
if ( ! $rwl ) {
|
76 |
+
|
77 |
+
$rwl = new self;
|
78 |
+
|
79 |
+
}
|
80 |
+
|
81 |
}
|
82 |
+
|
83 |
private function __construct() {
|
84 |
+
|
85 |
global $wp_version;
|
86 |
+
|
87 |
if ( version_compare( $wp_version, '3.8', '<' ) ) {
|
88 |
+
|
|
|
89 |
add_action( 'admin_notices', array( $this, 'admin_notices_incompatible' ) );
|
90 |
+
add_action( 'network_admin_notices', array( $this, 'admin_notices_incompatible' ) );
|
91 |
+
|
92 |
return;
|
93 |
+
|
94 |
}
|
95 |
+
|
96 |
register_activation_hook( $this->basename(), array( $this, 'activate' ) );
|
97 |
+
register_deactivation_hook( $this->basename(), array( $this, 'deactivate' ) );
|
98 |
register_uninstall_hook( $this->basename(), array( 'Rename_WP_Login', 'uninstall' ) );
|
99 |
+
|
100 |
add_action( 'admin_init', array( $this, 'admin_init' ) );
|
101 |
add_action( 'admin_notices', array( $this, 'admin_notices' ) );
|
102 |
+
add_action( 'network_admin_notices', array( $this, 'admin_notices' ) );
|
103 |
+
|
104 |
+
if ( ! get_option( 'permalink_structure' ) ) {
|
105 |
+
|
106 |
return;
|
107 |
+
|
108 |
+
}
|
109 |
+
|
110 |
+
if ( is_multisite() && ! function_exists( 'is_plugin_active_for_network' ) ) {
|
111 |
+
|
112 |
+
require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
|
113 |
+
|
114 |
+
}
|
115 |
+
|
116 |
+
add_filter( 'plugin_action_links_' . $this->basename(), array( $this, 'plugin_action_links' ) );
|
117 |
+
|
118 |
+
if ( is_multisite() && is_plugin_active_for_network( $this->basename() ) ) {
|
119 |
+
|
120 |
+
add_filter( 'network_admin_plugin_action_links_' . $this->basename(), array( $this, 'plugin_action_links' ) );
|
121 |
+
|
122 |
+
add_action( 'wpmu_options', array( $this, 'wpmu_options' ) );
|
123 |
+
add_action( 'update_wpmu_options', array( $this, 'update_wpmu_options' ) );
|
124 |
+
|
125 |
+
}
|
126 |
+
|
127 |
+
add_action( 'wp_loaded', array( $this, 'init' ) );
|
128 |
add_action( 'login_init', array( $this, 'login_init' ) );
|
129 |
+
|
130 |
+
add_filter( 'site_url', array( $this, 'site_url' ), 10, 2 );
|
131 |
+
add_filter( 'network_site_url', array( $this, 'site_url' ), 10, 2 );
|
132 |
+
add_filter( 'wp_redirect', array( $this, 'wp_redirect' ), 10, 2 );
|
133 |
+
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
134 |
}
|
135 |
+
|
136 |
public function admin_notices_incompatible() {
|
137 |
+
|
138 |
+
echo '<div class="error"><p>Please upgrade to the latest version of WordPress to activate <strong>Rename wp-login.php</strong>.</p></div>';
|
139 |
+
|
|
|
|
|
|
|
140 |
}
|
141 |
+
|
142 |
public function activate() {
|
143 |
+
|
144 |
add_option( 'rwl_redirect', '1' );
|
145 |
+
|
146 |
+
delete_option( 'rwl_admin' );
|
147 |
+
|
148 |
+
if ( is_network_admin() ) {
|
149 |
+
|
150 |
+
$rwl_page = get_site_option( 'rwl_page', 'login' );
|
151 |
+
|
152 |
+
$welcome_email = get_site_option( 'welcome_email' );
|
153 |
+
$welcome_email = preg_replace( "/(BLOG_URL)([\w\-]+)(\/|\.php)/", "$1$rwl_page/", $welcome_email );
|
154 |
+
|
155 |
+
update_site_option( 'welcome_email', $welcome_email );
|
156 |
+
|
157 |
+
}
|
158 |
+
|
159 |
+
}
|
160 |
+
|
161 |
+
public function deactivate() {
|
162 |
+
|
163 |
+
$welcome_email = get_site_option( 'welcome_email' );
|
164 |
+
$welcome_email = preg_replace( "/(BLOG_URL)([\w\-]+)(\/|\.php)/", "$1wp-login.php", $welcome_email );
|
165 |
+
|
166 |
+
update_site_option( 'welcome_email', $welcome_email );
|
167 |
+
|
168 |
}
|
169 |
+
|
170 |
public static function uninstall() {
|
171 |
+
|
172 |
+
global $wpdb;
|
173 |
+
|
174 |
+
if ( is_multisite() ) {
|
175 |
+
|
176 |
+
$blogs = $wpdb->get_col( "SELECT blog_id FROM {$wpdb->blogs}" );
|
177 |
+
|
178 |
+
if ( $blogs ) {
|
179 |
+
|
180 |
+
foreach( $blogs as $blog ) {
|
181 |
+
|
182 |
+
switch_to_blog( $blog );
|
183 |
+
|
184 |
+
delete_option( 'rwl_page' );
|
185 |
+
|
186 |
+
}
|
187 |
+
|
188 |
+
restore_current_blog();
|
189 |
+
|
190 |
+
}
|
191 |
+
|
192 |
+
delete_site_option( 'rwl_page' );
|
193 |
+
|
194 |
+
}
|
195 |
|
196 |
+
else {
|
197 |
+
|
198 |
+
delete_option( 'rwl_page' );
|
199 |
+
|
200 |
+
}
|
201 |
+
|
202 |
+
}
|
203 |
+
|
204 |
+
public function wpmu_options() {
|
205 |
+
|
206 |
+
$out = '<h3>Rename wp-login.php</h3>';
|
207 |
+
$out .= '<p>This option allows you to set a networkwide default, which can be overridden by individual sites. Simply go to to the site’s permalink settings to change the url.</p>';
|
208 |
+
$out .= '<p>Need help? Try the <a href="http://wordpress.org/support/plugin/rename-wp-login#postform" target="_blank">support forum</a>.</p>';
|
209 |
+
$out .= '<table class="form-table">';
|
210 |
+
$out .= '<tr valign="top">';
|
211 |
+
$out .= '<th scope="row">Networkwide default</th>';
|
212 |
+
$out .= '<td><input id="rwl-page-input" type="text" name="rwl_page" value="' . get_site_option( 'rwl_page', 'login' ) . '"></td>';
|
213 |
+
$out .= '</tr>';
|
214 |
+
$out .= '</table>';
|
215 |
+
|
216 |
+
echo $out;
|
217 |
+
|
218 |
+
}
|
219 |
+
|
220 |
+
public function update_wpmu_options() {
|
221 |
+
|
222 |
+
if ( ( $rwl_page = sanitize_title_with_dashes( $_POST['rwl_page'] ) )
|
223 |
+
&& strpos( $rwl_page, 'wp-login' ) === false ) {
|
224 |
+
|
225 |
+
update_site_option( 'rwl_page', $rwl_page );
|
226 |
+
|
227 |
+
$welcome_email = get_site_option( 'welcome_email' );
|
228 |
+
$welcome_email = preg_replace( "/(BLOG_URL)([\w\-]+)(\/|\.php)/", "$1$rwl_page/", $welcome_email );
|
229 |
+
|
230 |
+
update_site_option( 'welcome_email', $welcome_email );
|
231 |
+
|
232 |
+
}
|
233 |
+
|
234 |
}
|
235 |
+
|
236 |
public function admin_init() {
|
237 |
+
|
238 |
+
global $pagenow;
|
239 |
+
|
240 |
+
add_settings_section(
|
241 |
+
'rename-wp-login-section',
|
242 |
+
'Rename wp-login.php',
|
243 |
+
array( $this, 'rwl_section_desc' ),
|
244 |
+
'permalink'
|
245 |
+
);
|
246 |
+
|
247 |
+
add_settings_field(
|
248 |
+
'rwl-page',
|
249 |
+
'<label for="rwl-page">Login url</label>',
|
250 |
+
array( $this, 'rwl_page_input' ),
|
251 |
+
'permalink',
|
252 |
+
'rename-wp-login-section'
|
253 |
+
);
|
254 |
+
|
255 |
+
if ( isset( $_POST['rwl_page'] )
|
256 |
+
&& $pagenow === 'options-permalink.php' ) {
|
257 |
+
|
258 |
+
if ( ( $rwl_page = sanitize_title_with_dashes( $_POST['rwl_page'] ) )
|
259 |
+
&& strpos( $rwl_page, 'wp-login' ) === false ) {
|
260 |
+
|
261 |
+
if ( $rwl_page === get_site_option( 'rwl_page', 'login' ) ) {
|
262 |
+
|
263 |
+
delete_option( 'rwl_page' );
|
264 |
+
|
265 |
+
}
|
266 |
|
267 |
+
else {
|
268 |
+
|
269 |
+
update_option( 'rwl_page', $rwl_page );
|
270 |
+
|
271 |
+
}
|
272 |
+
|
273 |
}
|
274 |
+
|
|
|
|
|
275 |
}
|
276 |
+
|
277 |
if ( get_option( 'rwl_redirect' ) ) {
|
278 |
+
|
279 |
delete_option( 'rwl_redirect' );
|
280 |
+
|
281 |
+
if ( is_multisite()
|
282 |
+
&& is_super_admin()
|
283 |
+
&& is_plugin_active_for_network( $this->basename() ) ) {
|
284 |
+
|
285 |
+
$redirect = network_admin_url( 'settings.php#rwl-page-input' );
|
286 |
+
|
287 |
+
}
|
288 |
+
|
289 |
+
else {
|
290 |
+
|
291 |
+
$redirect = admin_url( 'options-permalink.php#rwl-page-input' );
|
292 |
+
|
293 |
+
}
|
294 |
+
|
295 |
+
wp_redirect( $redirect );
|
296 |
+
|
297 |
+
die;
|
298 |
+
|
299 |
}
|
300 |
+
|
301 |
}
|
302 |
+
|
303 |
+
public function rwl_section_desc() {
|
304 |
+
|
305 |
+
$out = '';
|
306 |
+
|
307 |
+
if ( ! is_multisite()
|
308 |
+
|| is_super_admin() ) {
|
309 |
+
|
310 |
+
$out .= '<p>Need help? Try the <a href="http://wordpress.org/support/plugin/rename-wp-login#postform" target="_blank">support forum</a>.</p>';
|
311 |
+
|
312 |
+
}
|
313 |
+
|
314 |
+
if ( is_multisite()
|
315 |
+
&& is_super_admin()
|
316 |
+
&& is_plugin_active_for_network( $this->basename() ) ) {
|
317 |
+
|
318 |
+
$out .= '<p>To set a networkwide default, go to <a href="' . network_admin_url( 'settings.php#rwl-page-input' ) . '">Network Settings</a>.</p>';
|
319 |
+
|
320 |
+
}
|
321 |
+
|
322 |
+
echo $out;
|
323 |
+
|
324 |
}
|
325 |
+
|
326 |
+
public function rwl_page_input() {
|
327 |
+
|
328 |
+
echo '<code>' . home_url() . '/</code> <input id="rwl-page-input" type="text" name="rwl_page" value="' . $this->new_login_slug() . '"> <code>/</code>';
|
329 |
+
|
330 |
}
|
331 |
+
|
332 |
public function admin_notices() {
|
333 |
+
|
334 |
global $pagenow;
|
335 |
+
|
336 |
+
$out = '';
|
337 |
+
|
338 |
+
if ( ! is_network_admin()
|
339 |
+
&& ! get_option( 'permalink_structure' ) ) {
|
340 |
+
|
341 |
+
$out .= '<div class="error"><p><strong>Rename wp-login.php</strong> doesn’t work if you’re using the default permalink structure.<br>You must <a href="' . admin_url( 'options-permalink.php' ) . '">choose</a> another permalink structure for it to work.</p></div>';
|
342 |
+
|
|
|
343 |
}
|
344 |
+
|
345 |
+
if ( ! is_network_admin()
|
346 |
+
&& $pagenow === 'options-permalink.php'
|
347 |
+
&& isset( $_GET['settings-updated'] ) ) {
|
348 |
+
|
349 |
+
$out .= '<div class="updated"><p>Your login page is now here: <a href="' . $this->new_login_url() . '">' . home_url() . '/<strong>' . $this->new_login_slug() . '</strong>/</a>. Bookmark this page!</p></div>';
|
350 |
+
|
351 |
+
}
|
352 |
+
|
353 |
+
echo $out;
|
354 |
+
|
355 |
}
|
356 |
+
|
357 |
public function plugin_action_links( $links ) {
|
358 |
+
|
359 |
+
if ( is_network_admin()
|
360 |
+
&& is_plugin_active_for_network( $this->basename() ) ) {
|
361 |
+
|
362 |
+
array_unshift( $links, '<a href="' . network_admin_url( 'settings.php#rwl-page-input' ) . '">Settings</a>' );
|
363 |
+
|
364 |
+
}
|
365 |
+
|
366 |
+
elseif ( ! is_network_admin() ) {
|
367 |
+
|
368 |
+
array_unshift( $links, '<a href="' . admin_url( 'options-permalink.php#rwl-page-input' ) . '">Settings</a>' );
|
369 |
+
|
370 |
+
}
|
371 |
+
|
372 |
return $links;
|
373 |
+
|
374 |
}
|
375 |
+
|
376 |
public function init() {
|
377 |
+
|
378 |
+
if ( is_admin()
|
379 |
+
&& ! is_user_logged_in()
|
380 |
+
&& ! defined( 'DOING_AJAX' ) ) {
|
381 |
+
|
382 |
wp_die( __( 'You must log in to access the admin area.' ) );
|
383 |
+
|
384 |
}
|
385 |
+
|
386 |
+
if ( ! is_multisite() &&
|
387 |
+
( strpos( $_SERVER['REQUEST_URI'], 'wp-signup' ) !== false
|
388 |
+
|| strpos( $_SERVER['REQUEST_URI'], 'wp-activate' ) ) !== false ) {
|
389 |
+
|
390 |
+
wp_die( __( 'This feature is not enabled.' ) );
|
391 |
+
|
392 |
}
|
393 |
+
|
394 |
+
if ( strpos( $_SERVER['REQUEST_URI'], $this->new_login_slug() ) !== false ) {
|
395 |
+
|
396 |
$home_url = parse_url( home_url() );
|
397 |
+
|
398 |
$home_path = '';
|
399 |
if ( isset( $home_url['path'] ) )
|
400 |
$home_path = $home_url['path'];
|
401 |
$home_path = trim( $home_path, '/' );
|
402 |
+
|
403 |
$req_uri = $_SERVER['REQUEST_URI'];
|
404 |
$req_uri_array = explode( '?', $req_uri );
|
405 |
$req_uri = $req_uri_array[0];
|
406 |
$req_uri = trim( $req_uri, '/' );
|
407 |
$req_uri = preg_replace( "|^$home_path|i", '', $req_uri );
|
408 |
$req_uri = trim( $req_uri, '/' );
|
409 |
+
|
410 |
+
if ( $req_uri === $this->new_login_slug() ) {
|
411 |
+
|
412 |
status_header( 200 );
|
413 |
+
|
414 |
+
require_once( $this->path() . 'rwl-login.php' );
|
415 |
+
|
416 |
+
die;
|
417 |
+
|
418 |
}
|
419 |
+
|
420 |
}
|
421 |
+
|
422 |
}
|
423 |
+
|
424 |
public function login_init() {
|
425 |
+
|
426 |
+
if ( strpos( $_SERVER['REQUEST_URI'], 'wp-login' ) !== false ) {
|
427 |
+
|
428 |
+
if ( ( $referer = wp_get_referer() )
|
429 |
+
&& strpos( $referer, 'wp-activate.php' ) !== false
|
430 |
+
&& ( $referer = parse_url( $referer ) )
|
431 |
+
&& ! empty( $referer['query'] ) ) {
|
432 |
+
|
433 |
+
parse_str( $referer['query'], $referer );
|
434 |
+
|
435 |
+
if ( ! empty( $referer['key'] )
|
436 |
+
&& ( $result = wpmu_activate_signup( $referer['key'] ) )
|
437 |
+
&& is_wp_error( $result )
|
438 |
+
&& ( $result->get_error_code() === 'already_active'
|
439 |
+
|| $result->get_error_code() === 'blog_taken' ) ) {
|
440 |
+
|
441 |
+
wp_safe_redirect( $this->new_login_url() . ( ! empty( $_SERVER['QUERY_STRING'] ) ? '?' . $_SERVER['QUERY_STRING'] : '' ) );
|
442 |
+
|
443 |
+
die;
|
444 |
+
|
445 |
+
}
|
446 |
+
|
447 |
+
}
|
448 |
+
|
449 |
$this->set_404();
|
450 |
+
|
451 |
}
|
452 |
+
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
453 |
}
|
454 |
+
|
455 |
+
public function site_url( $url, $path ) {
|
456 |
+
|
457 |
+
if ( strpos( $path, 'wp-login.php' ) !== false ) {
|
458 |
+
|
459 |
+
$args = explode( '?', $path );
|
460 |
+
|
461 |
+
$url = ! empty( $args[1] ) ? $this->new_login_url() . '?' . $args[1] : $this->new_login_url();
|
462 |
+
|
463 |
+
}
|
464 |
+
|
465 |
+
return $url;
|
466 |
+
|
467 |
}
|
468 |
+
|
469 |
+
public function wp_redirect( $location, $status ) {
|
470 |
+
|
471 |
+
if ( strpos( $location, 'wp-login.php' ) !== false ) {
|
472 |
+
|
473 |
+
$args = explode( '?', $location );
|
474 |
+
|
475 |
+
$location = ! empty( $args[1] ) ? $this->new_login_url() . '?' . $args[1] : $this->new_login_url();
|
476 |
+
|
477 |
+
}
|
478 |
+
|
479 |
+
return $location;
|
480 |
+
|
481 |
}
|
482 |
+
|
|
|
|
|
483 |
}
|
484 |
+
|
485 |
Rename_WP_Login::instance();
|
486 |
+
|
487 |
+
}
|
rwl-login.php
CHANGED
@@ -11,7 +11,7 @@
|
|
11 |
/** Make sure that the WordPress bootstrap has run before continuing. */
|
12 |
//require( dirname(__FILE__) . '/wp-load.php' );
|
13 |
|
14 |
-
global $error, $interim_login, $action;
|
15 |
|
16 |
// Redirect to https login if forced to use SSL
|
17 |
if ( force_ssl_admin() && ! is_ssl() ) {
|
@@ -32,7 +32,7 @@ if ( force_ssl_admin() && ! is_ssl() ) {
|
|
32 |
* @param string $wp_error Optional. The error to pass. Default empty.
|
33 |
* @param WP_Error $wp_error Optional. WordPress Error Object
|
34 |
*/
|
35 |
-
function login_header($title = 'Log In', $message = '', $wp_error = '') {
|
36 |
global $error, $interim_login, $action;
|
37 |
|
38 |
// Don't index any of these forms
|
@@ -363,7 +363,7 @@ function retrieve_password() {
|
|
363 |
$message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
|
364 |
$message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
|
365 |
$message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
|
366 |
-
$message .= '<' .
|
367 |
|
368 |
if ( is_multisite() )
|
369 |
$blogname = $GLOBALS['current_site']->site_name;
|
@@ -478,7 +478,7 @@ case 'logout' :
|
|
478 |
check_admin_referer('log-out');
|
479 |
wp_logout();
|
480 |
|
481 |
-
$redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] :
|
482 |
wp_safe_redirect( $redirect_to );
|
483 |
exit();
|
484 |
|
@@ -490,7 +490,7 @@ case 'retrievepassword' :
|
|
490 |
if ( $http_post ) {
|
491 |
$errors = retrieve_password();
|
492 |
if ( !is_wp_error($errors) ) {
|
493 |
-
$redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] :
|
494 |
wp_safe_redirect( $redirect_to );
|
495 |
exit();
|
496 |
}
|
@@ -526,7 +526,7 @@ case 'retrievepassword' :
|
|
526 |
|
527 |
?>
|
528 |
|
529 |
-
<form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url(
|
530 |
<p>
|
531 |
<label for="user_login" ><?php _e('Username or E-mail:') ?><br />
|
532 |
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label>
|
@@ -569,9 +569,9 @@ case 'rp' :
|
|
569 |
|
570 |
if ( is_wp_error($user) ) {
|
571 |
if ( $user->get_error_code() === 'expired_key' )
|
572 |
-
wp_redirect(
|
573 |
else
|
574 |
-
wp_redirect(
|
575 |
exit;
|
576 |
}
|
577 |
|
@@ -603,8 +603,7 @@ case 'rp' :
|
|
603 |
login_header(__('Reset Password'), '<p class="message reset-pass">' . __('Enter your new password below.') . '</p>', $errors );
|
604 |
|
605 |
?>
|
606 |
-
<form name="resetpassform" id="resetpassform" action="<?php echo esc_url(
|
607 |
-
|
608 |
<input type="hidden" id="user_login" value="<?php echo esc_attr( $_GET['login'] ); ?>" autocomplete="off" />
|
609 |
|
610 |
<p>
|
@@ -653,7 +652,7 @@ case 'register' :
|
|
653 |
}
|
654 |
|
655 |
if ( !get_option('users_can_register') ) {
|
656 |
-
wp_redirect(
|
657 |
exit();
|
658 |
}
|
659 |
|
@@ -664,7 +663,7 @@ case 'register' :
|
|
664 |
$user_email = $_POST['user_email'];
|
665 |
$errors = register_new_user($user_login, $user_email);
|
666 |
if ( !is_wp_error($errors) ) {
|
667 |
-
$redirect_to = !empty( $_POST['redirect_to'] ) ? $_POST['redirect_to'] :
|
668 |
wp_safe_redirect( $redirect_to );
|
669 |
exit();
|
670 |
}
|
@@ -682,7 +681,7 @@ case 'register' :
|
|
682 |
login_header(__('Registration Form'), '<p class="message register">' . __('Register For This Site') . '</p>', $errors);
|
683 |
?>
|
684 |
|
685 |
-
<form name="registerform" id="registerform" action="<?php echo esc_url(
|
686 |
<p>
|
687 |
<label for="user_login"><?php _e('Username') ?><br />
|
688 |
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr(wp_unslash($user_login)); ?>" size="20" /></label>
|
@@ -835,15 +834,13 @@ default:
|
|
835 |
wp_clear_auth_cookie();
|
836 |
|
837 |
login_header(__('Log In'), '', $errors);
|
838 |
-
|
839 |
-
$user_login = '';
|
840 |
-
|
841 |
if ( isset($_POST['log']) )
|
842 |
$user_login = ( 'incorrect_password' == $errors->get_error_code() || 'empty_password' == $errors->get_error_code() ) ? esc_attr(wp_unslash($_POST['log'])) : '';
|
843 |
$rememberme = ! empty( $_POST['rememberme'] );
|
844 |
?>
|
845 |
|
846 |
-
<form name="loginform" id="loginform" action="<?php echo esc_url(
|
847 |
<p>
|
848 |
<label for="user_login"><?php _e('Username') ?><br />
|
849 |
<input type="text" name="log" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label>
|
11 |
/** Make sure that the WordPress bootstrap has run before continuing. */
|
12 |
//require( dirname(__FILE__) . '/wp-load.php' );
|
13 |
|
14 |
+
global $error, $interim_login, $action, $user_login;
|
15 |
|
16 |
// Redirect to https login if forced to use SSL
|
17 |
if ( force_ssl_admin() && ! is_ssl() ) {
|
32 |
* @param string $wp_error Optional. The error to pass. Default empty.
|
33 |
* @param WP_Error $wp_error Optional. WordPress Error Object
|
34 |
*/
|
35 |
+
function login_header( $title = 'Log In', $message = '', $wp_error = '' ) {
|
36 |
global $error, $interim_login, $action;
|
37 |
|
38 |
// Don't index any of these forms
|
363 |
$message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
|
364 |
$message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
|
365 |
$message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
|
366 |
+
$message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . ">\r\n";
|
367 |
|
368 |
if ( is_multisite() )
|
369 |
$blogname = $GLOBALS['current_site']->site_name;
|
478 |
check_admin_referer('log-out');
|
479 |
wp_logout();
|
480 |
|
481 |
+
$redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : 'wp-login.php?loggedout=true';
|
482 |
wp_safe_redirect( $redirect_to );
|
483 |
exit();
|
484 |
|
490 |
if ( $http_post ) {
|
491 |
$errors = retrieve_password();
|
492 |
if ( !is_wp_error($errors) ) {
|
493 |
+
$redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : 'wp-login.php?checkemail=confirm';
|
494 |
wp_safe_redirect( $redirect_to );
|
495 |
exit();
|
496 |
}
|
526 |
|
527 |
?>
|
528 |
|
529 |
+
<form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url( site_url( 'wp-login.php?action=lostpassword', 'login_post' ) ); ?>" method="post">
|
530 |
<p>
|
531 |
<label for="user_login" ><?php _e('Username or E-mail:') ?><br />
|
532 |
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label>
|
569 |
|
570 |
if ( is_wp_error($user) ) {
|
571 |
if ( $user->get_error_code() === 'expired_key' )
|
572 |
+
wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=expiredkey' ) );
|
573 |
else
|
574 |
+
wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=invalidkey' ) );
|
575 |
exit;
|
576 |
}
|
577 |
|
603 |
login_header(__('Reset Password'), '<p class="message reset-pass">' . __('Enter your new password below.') . '</p>', $errors );
|
604 |
|
605 |
?>
|
606 |
+
<form name="resetpassform" id="resetpassform" action="<?php echo esc_url( site_url( 'wp-login.php?action=resetpass&key=' . urlencode( $_GET['key'] ) . '&login=' . urlencode( $_GET['login'] ), 'login_post' ) ); ?>" method="post" autocomplete="off">
|
|
|
607 |
<input type="hidden" id="user_login" value="<?php echo esc_attr( $_GET['login'] ); ?>" autocomplete="off" />
|
608 |
|
609 |
<p>
|
652 |
}
|
653 |
|
654 |
if ( !get_option('users_can_register') ) {
|
655 |
+
wp_redirect( site_url('wp-login.php?registration=disabled') );
|
656 |
exit();
|
657 |
}
|
658 |
|
663 |
$user_email = $_POST['user_email'];
|
664 |
$errors = register_new_user($user_login, $user_email);
|
665 |
if ( !is_wp_error($errors) ) {
|
666 |
+
$redirect_to = !empty( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : 'wp-login.php?checkemail=registered';
|
667 |
wp_safe_redirect( $redirect_to );
|
668 |
exit();
|
669 |
}
|
681 |
login_header(__('Registration Form'), '<p class="message register">' . __('Register For This Site') . '</p>', $errors);
|
682 |
?>
|
683 |
|
684 |
+
<form name="registerform" id="registerform" action="<?php echo esc_url( site_url('wp-login.php?action=register', 'login_post') ); ?>" method="post">
|
685 |
<p>
|
686 |
<label for="user_login"><?php _e('Username') ?><br />
|
687 |
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr(wp_unslash($user_login)); ?>" size="20" /></label>
|
834 |
wp_clear_auth_cookie();
|
835 |
|
836 |
login_header(__('Log In'), '', $errors);
|
837 |
+
|
|
|
|
|
838 |
if ( isset($_POST['log']) )
|
839 |
$user_login = ( 'incorrect_password' == $errors->get_error_code() || 'empty_password' == $errors->get_error_code() ) ? esc_attr(wp_unslash($_POST['log'])) : '';
|
840 |
$rememberme = ! empty( $_POST['rememberme'] );
|
841 |
?>
|
842 |
|
843 |
+
<form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post">
|
844 |
<p>
|
845 |
<label for="user_login"><?php _e('Username') ?><br />
|
846 |
<input type="text" name="log" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label>
|