Move Login - Version 0.1.1

Version Description

2013/06/04
Bugfix: php notice due to a missing parameter.
Bugfix: incorrect network_site_url filter.

Release Info

Developer	GregLone
Plugin	Move Login
Version	0.1.1
Comparing to
See all releases

Version 0.1.1

Files changed (4) hide show

languages/sfml-fr_FR.mo +0 -0
languages/sfml-fr_FR.po +38 -0
readme.txt +82 -0
sf-move-login.php +272 -0

languages/sfml-fr_FR.mo ADDED Viewed

Binary file

languages/sfml-fr_FR.po ADDED Viewed

	@@ -0,0 +1,38 @@


1	+ # LANGUAGE French translation for SF Move Login plugin for WordPress.
2	+ # Copyright (C) 2013 Grégory Viguier
3	+ # Grégory Viguier.
4	+ #
5	+ msgid ""
6	+ msgstr ""
7	+ "Project-Id-Version: w3p-acpt 0.3\n"
8	+ "Report-msgid -Bugs-To: http://scri.in/contact/\n"
9	+ "POT-Creation-Date: 2013-06-01 00:04+0100\n"
10	+ "PO-Revision-Date: 2013-06-03 01:57+0100\n"
11	+ "Last-Translator: Grégory Viguier <gregory@screenfeed.fr>\n"
12	+ "Language-Team: fr_FR\n"
13	+ "MIME-Version: 1.0\n"
14	+ "Content-Type: text/plain; charset=utf-8\n"
15	+ "Content-Transfer-Encoding: 8bit\n"
16	+ "Plural-Forms: nplurals=2; plural=n>1;\n"
17	+ "X-Poedit-SourceCharset: utf-8\n"
18	+ "X-Poedit-KeywordsList: __;_e\n"
19	+ "Language: fr_FR\n"
20	+ "X-Generator: Poedit 1.5.5\n"
21	+
22	+ msgid "Change your login url to http://example.com/login"
23	+ msgstr "Changez l'url de votre page de connexion pour http://example.com/login"
24	+
25	+ msgid "Please Make sure to enable %s."
26	+ msgstr "Assurez-vous d'activer les %s."
27	+
28	+ msgid "It seems your server configuration prevent the plugin to work properly. <i>SF Move Login</i> will not be activated."
29	+ msgstr "Il semble que votre configuration serveur empêche l'extension de fonctionner correctement. <i>SF Move Login</i> ne sera pas activé."
30	+
31	+ msgid "<strong>SF Move Login</strong> has not been activated."
32	+ msgstr "<strong>SF Move Login</strong> n'a pas été activé."
33	+
34	+ msgid "<i>SF Move Login</i> needs access to the %1$s file. Please visit the %2$s settings page and copy/paste the given code into the %1$s file."
35	+ msgstr "<i>SF Move Login</i> a besoin d'accéder au fichier %1$s. Merci de vous rendre sur la page de réglages des %2$s et de copier/coller le code fourni dans le fichier %1$s."
36	+
37	+ msgid "No no no, the login form is not here."
38	+ msgstr "Non non non, le formulaire de connexion ne se trouve pas ici."

readme.txt ADDED Viewed

	@@ -0,0 +1,82 @@


1	+ === Move Login ===
2	+
3	+ Contributors: GregLone, juliobox
4	+ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=UBY2MY2J4YB7J&item_number=SF-Move-Login
5	+ Tags: login, logout, url, security
6	+ Requires at least: 3.0
7	+ Tested up to: 3.6-beta3
8	+ Stable tag: trunk
9	+ License: GPLv3
10	+
11	+ Change your login url to http://example.com/login.
12	+
13	+
14	+ == Description ==
15	+
16	+ This plugin forbids access to http://example.com/wp-login.php and creates new urls, like http://example.com/login or http://example.com/logout.
17	+
18	+ This is a great way to limit bots trying to brute-forcing your login (trying to guess your login and password). Of course, the new urls are easier to remember too.
19	+ The plugin is small, fast, and does not create new security vulnerabilities like some other plugins I've seen.
20	+
21	+ No settings: activate, it works.
22	+
23	+ Also remember: using this plugin does NOT exempt you to use a strong password. Moreover, never use "admin" as login, this is the first attempt for bots.
24	+
25	+ Please note that even if the plugin works properly so far, it still is a beta.
26	+ Please use the forum to report bugs, the plugin will be available on my site when the version 1.0 is reached. Thanks!
27	+
28	+ = Translations =
29	+
30	+ * English
31	+ * French
32	+
33	+ = Multisite =
34	+
35	+ Not ready for Multisite, yet.
36	+
37	+ = Requirements =
38	+
39	+ See some important informations in the "Installation" tab.
40	+
41	+
42	+ == Installation ==
43	+
44	+ 1. Extract the plugin folder from the downloaded ZIP file.
45	+ 2. Upload sf-move-login folder to your `/wp-content/plugins/` directory.
46	+ 3. Enable url rewriting in the permalinks settings page.
47	+ 4. if you have another plugin that redirects http://example.com/login to http://example.com/wp-login.php (a short-links plugin for example), disable it or remove the redirection, otherwise they will conflict and you'll be locked out. See the faq in case you're not able to reach the login page (make sure to have a ftp access to your site).
48	+ 5. Activate the plugin from the "Plugins" page.
49	+ 6. If the plugin can't write your `.htaccess` file, you'll need to edit it yourself with a ftp access.
50	+
51	+
52	+ == Frequently Asked Questions ==
53	+
54	+ = Can I set my own urls? =
55	+
56	+ Nop, sorry. I prefer keep the plugin as simple as possible.
57	+
58	+ = I'm locked out! I can't access the login page! =
59	+
60	+ You're screwed! No, I'm kidding, but you need a ftp access to your site. When logged in with your ftp software, open the file wp-config.php located at the root of your installation. Simply add this in the file: `define('SFML_ALLOW_LOGIN_ACCESS', true);` and save the file. This will bypass the plugin and you'll be able to access http://example.com/wp-login.php. Another plugin may conflict, you'll need to find which one before removing this new line of code.
61	+
62	+ Eventually, check out [my blog](http://www.screenfeed.fr/sfml/) for more infos, help, or bug reports (sorry guys, it's in french, but feel free to leave a comment in english).
63	+
64	+
65	+ == Changelog ==
66	+
67	+ = 0.1.1 =
68	+
69	+ * 2013/06/04
70	+ * Bugfix: php notice due to a missing parameter.
71	+ * Bugfix: incorrect network_site_url filter.
72	+
73	+ = 0.1 =
74	+
75	+ * 2013/06/03
76	+ * First public beta release
77	+ * Thanks to juliobox, who's joining the project :)
78	+
79	+
80	+ == Upgrade Notice ==
81	+
82	+ Nothing special

sf-move-login.php ADDED Viewed

	@@ -0,0 +1,272 @@


1	+ <?php
2	+ /*
3	+ * Plugin Name: SF Move Login
4	+ * Plugin URI: http://www.screenfeed.fr
5	+ * Description: Change your login url to http://example.com/login
6	+ * Version: 0.1.1
7	+ * Author: Grégory Viguier
8	+ * Author URI: http:www.screenfeed.fr/greg/
9	+ * License: GPLv3
10	+ * Require: WordPress 3.0
11	+ * Text Domain: sfml
12	+ * Domain Path: /languages/
13	+ */
14	+
15	+ /* ----------------------------------------------------------------------------- */
16	+ /* */
17	+ /* Activation / Deactivation */
18	+ /* */
19	+ /* ----------------------------------------------------------------------------- */
20	+
21	+ register_activation_hook( __FILE__, 'sfml_activate' );
22	+ function sfml_activate() {
23	+ $dies = array();
24	+ $notices = array();
25	+ $home_path = get_home_path();
26	+ load_plugin_textdomain( 'sfml', false, basename( dirname( __FILE__ ) ) . '/languages/' ); // wp_die() will need i18n
27	+
28	+ if ( iis7_supports_permalinks() ) {
29	+ if ( !( ( !file_exists($home_path . 'web.config') && win_is_writable($home_path) ) \|\| win_is_writable($home_path . 'web.config') ) )
30	+ $notices[] = 'htaccess_not_writable';
31	+ } else {
32	+ if ( !( ( !file_exists($home_path . '.htaccess') && is_writable($home_path) ) \|\| is_writable($home_path . '.htaccess') ) )
33	+ $notices[] = 'htaccess_not_writable';
34	+ }
35	+ if ( !get_option('permalink_structure') )
36	+ $dies[] = sprintf(__('Please Make sure to enable %s.', 'sfml'), '<a href="options-permalink.php">'.__('Permalinks').'</a>');
37	+
38	+ if ( empty($GLOBALS['HTTP_SERVER_VARS']['REQUEST_URI']) && empty($_SERVER['REQUEST_URI']) )
39	+ $dies[] = __('It seems your server configuration prevent the plugin to work properly. <i>SF Move Login</i> will not be activated.', 'sfml');
40	+
41	+ if ( count($dies) ) {
42	+ wp_die( __('<strong>SF Move Login</strong> has not been activated.', 'sfml').'<br/>'.implode('<br/>', $dies), __('Error'), array('back_link' => true) );
43	+ } else {
44	+ if ( count($notices) )
45	+ set_transient('sfml_notices-'.get_current_user_id(), $notices);
46	+ sfml_rewrite();
47	+ flush_rewrite_rules();
48	+ }
49	+ }
50	+
51	+
52	+ register_deactivation_hook( __FILE__, 'flush_rewrite_rules' );
53	+
54	+
55	+ // !Admin notices
56	+
57	+ add_action('admin_init', 'sfml_notices');
58	+ function sfml_notices() {
59	+ $user_id = get_current_user_id();
60	+ $notices = get_transient('sfml_notices-'.$user_id);
61	+
62	+ if ( $notices && is_array($notices) && count($notices) ) {
63	+ foreach ( $notices as $notice ) {
64	+ add_action('admin_notices', 'sfml_'.$notice.'_notice');
65	+ }
66	+ delete_transient('sfml_notices-'.$user_id);
67	+ }
68	+ }
69	+
70	+
71	+ function sfml_htaccess_not_writable_notice() {
72	+ $file = iis7_supports_permalinks() ? '<code>web.config</code>' : '<code>.htaccess</code>';
73	+ echo '<div class="error"><p>'
74	+ .sprintf(
75	+ __('<i>SF Move Login</i> needs access to the %1$s file. Please visit the %2$s settings page and copy/paste the given code into the %1$s file.', 'sfml'),
76	+ $file,
77	+ '<a href="options-permalink.php">'.__('Permalinks').'</a>'
78	+ )
79	+ .'</p></div>';
80	+ }
81	+
82	+
83	+ /* ----------------------------------------------------------------------------- */
84	+ /* */
85	+ /* i18n support */
86	+ /* */
87	+ /* ----------------------------------------------------------------------------- */
88	+
89	+ add_action( 'init', 'sfml_lang_init' );
90	+ function sfml_lang_init() {
91	+ load_plugin_textdomain( 'sfml', false, basename( dirname( __FILE__ ) ) . '/languages/' );
92	+ }
93	+
94	+
95	+ /* ----------------------------------------------------------------------------- */
96	+ /* */
97	+ /* Rewrite rules */
98	+ /* */
99	+ /* ----------------------------------------------------------------------------- */
100	+
101	+ add_action( 'setup_theme', 'sfml_rewrite' );
102	+ function sfml_rewrite() {
103	+ add_rewrite_rule( 'login/?([\?&].*)?$', 'wp-login.php', 'top' );
104	+ $actions = array( 'postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register' );
105	+ foreach ( $actions as $action ) {
106	+ add_rewrite_rule( $action.'/?([\?&].*)?$', 'wp-login.php?action='.$action, 'top' );
107	+ }
108	+ }
109	+
110	+
111	+ /* ----------------------------------------------------------------------------- */
112	+ /* */
113	+ /* Bypass */
114	+ /* */
115	+ /* ----------------------------------------------------------------------------- */
116	+
117	+ if ( defined('SFML_ALLOW_LOGIN_ACCESS') && SFML_ALLOW_LOGIN_ACCESS )
118	+ return;
119	+
120	+
121	+ /* ----------------------------------------------------------------------------- */
122	+ /* */
123	+ /* Filter urls */
124	+ /* */
125	+ /* ----------------------------------------------------------------------------- */
126	+
127	+ // !Site URL
128	+ add_filter( 'site_url', 'sfml_site_url', 10, 4);
129	+ function sfml_site_url( $url, $path, $scheme, $blog_id = null ) {
130	+ if ( ($scheme === 'login' \|\| $scheme === 'login_post') && !empty($path) && is_string($path) && strpos($path, '..') === false && strpos($path, 'wp-login.php') !== false ) {
131	+ // Base url
132	+ if ( empty( $blog_id ) \|\| !is_multisite() ) {
133	+ $url = get_option( 'siteurl' );
134	+ } else {
135	+ switch_to_blog( $blog_id );
136	+ $url = get_option( 'siteurl' );
137	+ restore_current_blog();
138	+ }
139	+
140	+ $url = set_url_scheme( $url, $scheme );
141	+ return $url . sfml_set_path( $path );
142	+ }
143	+ return $url;
144	+ }
145	+
146	+
147	+ // !Network site URL
148	+ add_filter( 'network_site_url', 'sfml_network_site_url', 10, 3);
149	+ function sfml_network_site_url( $url, $path, $scheme ) {
150	+ if ( ($scheme === 'login' \|\| $scheme === 'login_post') && !empty($path) && is_string($path) && strpos($path, '..') === false && strpos($path, 'wp-login.php') !== false ) {
151	+ global $current_site;
152	+
153	+ $url = set_url_scheme( 'http://' . $current_site->domain . $current_site->path, $scheme );
154	+ return $url . sfml_set_path( $path );
155	+ }
156	+ return $url;
157	+ }
158	+
159	+
160	+ // !Logout url: wp_logout_url() add the action param after using site_url()
161	+ add_filter( 'logout_url', 'sfml_logout_url' );
162	+ function sfml_logout_url( $link ) {
163	+ return sfml_login_to_action( $link, 'logout' );
164	+ }
165	+
166	+
167	+ // !Forgot password url: lostpassword_url() add the action param after using site_url()
168	+ add_filter( 'lostpassword_url', 'sfml_lostpass_url' );
169	+ function sfml_lostpass_url( $link ) {
170	+ return sfml_login_to_action( $link, 'lostpassword' );
171	+ }
172	+
173	+
174	+ /* ----------------------------------------------------------------------------- */
175	+ /* */
176	+ /* Redirections */
177	+ /* */
178	+ /* ----------------------------------------------------------------------------- */
179	+
180	+ // !Redirections are hard-coded
181	+ add_filter('wp_redirect', 'sfml_redirect', 10, 2);
182	+ function sfml_redirect( $location, $status ) {
183	+ if ( site_url( reset( explode( '?', $location ) ) ) == site_url( 'wp-login.php' ) )
184	+ return sfml_site_url( $location, $location, 'login', get_current_blog_id() );
185	+
186	+ return $location;
187	+ }
188	+
189	+
190	+ /* ----------------------------------------------------------------------------- */
191	+ /* */
192	+ /* Block access to wp-login.php */
193	+ /* */
194	+ /* ----------------------------------------------------------------------------- */
195	+
196	+ // !No, you won't use wp-login.php
197	+ add_action( 'login_init', 'sfml_login_init', 0 );
198	+ function sfml_login_init() {
199	+ $uri = !empty($GLOBALS['HTTP_SERVER_VARS']['REQUEST_URI']) ? $GLOBALS['HTTP_SERVER_VARS']['REQUEST_URI'] : (!empty($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '');
200	+ $uri = parse_url( $uri );
201	+ $uri = !empty($uri['path']) ? str_replace( '/', '', basename($uri['path']) ) : '';
202	+
203	+ if ( $uri === 'wp-login.php' )
204	+ wp_die(__('No no no, the login form is not here.', 'sfml'));
205	+ }
206	+
207	+
208	+ /* ----------------------------------------------------------------------------- */
209	+ /* */
210	+ /* Utilities */
211	+ /* */
212	+ /* ----------------------------------------------------------------------------- */
213	+
214	+ function sfml_set_path( $path ) {
215	+ // Action
216	+ $parsed_path = parse_url( $path );
217	+ if ( !empty( $parsed_path['query'] ) ) {
218	+ wp_parse_str( $parsed_path['query'], $params );
219	+ $action = !empty( $params['action'] ) ? $params['action'] : 'login';
220	+
221	+ if ( isset( $params['key'] ) )
222	+ $action = 'resetpass';
223	+
224	+ if ( !in_array( $action, array( 'postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login' ), true ) && false === has_filter( 'login_form_' . $action ) )
225	+ $action = 'login';
226	+ } else
227	+ $action = 'login';
228	+
229	+ // Path
230	+ $path = str_replace('wp-login.php', $action, $path);
231	+ $path = remove_query_arg('action', $path);
232	+
233	+ return '/' . ltrim( $path, '/' );
234	+ }
235	+
236	+
237	+ // !login?action=logout -> /logout
238	+ function sfml_login_to_action( $link, $action ) {
239	+ if ( $link && strpos($link, '/'.$action) === false )
240	+ return str_replace(array('/login', '&', '?amp;', '&'), array('/'.$action, '&', '?', '&'), remove_query_arg('action', $link));
241	+ return $link;
242	+ }
243	+
244	+
245	+ /* ----------------------------------------------------------------------------- */
246	+ /* */
247	+ /* For WP < 3.4 */
248	+ /* */
249	+ /* ----------------------------------------------------------------------------- */
250	+
251	+ if ( !function_exists('set_url_scheme') ):
252	+ function set_url_scheme( $url, $scheme = null ) {
253	+ $orig_scheme = $scheme;
254	+ if ( ! in_array( $scheme, array( 'http', 'https', 'relative' ) ) ) {
255	+ if ( ( 'login_post' == $scheme \|\| 'rpc' == $scheme ) && ( force_ssl_login() \|\| force_ssl_admin() ) )
256	+ $scheme = 'https';
257	+ elseif ( ( 'login' == $scheme ) && force_ssl_admin() )
258	+ $scheme = 'https';
259	+ elseif ( ( 'admin' == $scheme ) && force_ssl_admin() )
260	+ $scheme = 'https';
261	+ else
262	+ $scheme = ( is_ssl() ? 'https' : 'http' );
263	+ }
264	+
265	+ if ( 'relative' == $scheme )
266	+ $url = preg_replace( '#^.+://[^/]*#', '', $url );
267	+ else
268	+ $url = preg_replace( '#^.+://#', $scheme . '://', $url );
269	+
270	+ return apply_filters( 'set_url_scheme', $url, $scheme, $orig_scheme );
271	+ }
272	+ endif;