Move Login - Version 1.0.1

Version Description

2013/09/30
Very minor bug fix: messed author link -_-'

Release Info

Developer	GregLone
Plugin	Move Login
Version	1.0.1
Comparing to
See all releases

Version 1.0.1

Files changed (5) hide show

inc/admin.inc.php +417 -0
languages/sfml-fr_FR.mo +0 -0
languages/sfml-fr_FR.po +47 -0
readme.txt +122 -0
sf-move-login.php +261 -0

inc/admin.inc.php ADDED Viewed

	@@ -0,0 +1,417 @@


1	+ <?php
2	+ if( !defined( 'ABSPATH' ) )
3	+ die( 'Cheatin\' uh?' );
4	+
5	+ /* ----------------------------------------------------------------------------- */
6	+ /* */
7	+ /* Activation / Deactivation */
8	+ /* */
9	+ /* ----------------------------------------------------------------------------- */
10	+
11	+ register_activation_hook( SFML_FILE, 'sfml_activate' );
12	+ function sfml_activate() {
13	+ $dies = array();
14	+ $notices = array();
15	+ $is_IIS = iis7_supports_permalinks();
16	+ $home_path = get_home_path();
17	+ load_plugin_textdomain( 'sfml', false, basename( dirname( SFML_FILE ) ) . '/languages/' ); // wp_die() will need i18n
18	+ $die_msg = __('<strong>SF Move Login</strong> has not been activated.', 'sfml').'<br/>';
19	+
20	+ if ( empty($GLOBALS['HTTP_SERVER_VARS']['REQUEST_URI']) && empty($_SERVER['REQUEST_URI']) )
21	+ $dies[] = __('It seems your server configuration prevent the plugin to work properly. <i>SF Move Login</i> will not be activated.', 'sfml');
22	+
23	+ if ( $is_IIS ) {
24	+ if ( !( ( !file_exists($home_path . 'web.config') && win_is_writable($home_path) ) \|\| win_is_writable($home_path . 'web.config') ) )
25	+ $notices[] = 'htaccess_not_writable';
26	+ } else {
27	+ if ( !( ( !file_exists($home_path . '.htaccess') && is_writable($home_path) ) \|\| is_writable($home_path . '.htaccess') ) )
28	+ $notices[] = 'htaccess_not_writable';
29	+ }
30	+
31	+ if ( !is_multisite() ) {
32	+ if ( !get_option('permalink_structure') )
33	+ $dies[] = sprintf(__('Please make sure to enable %s.', 'sfml'), '<a href="options-permalink.php">'.__('Permalinks').'</a>');
34	+ }
35	+
36	+ if ( count($dies) ) {
37	+ wp_die( $die_msg.implode('<br/>', $dies), __('Error'), array('back_link' => true) );
38	+ } else {
39	+ if ( !is_multisite() ) {
40	+ sfml_rewrite();
41	+ flush_rewrite_rules();
42	+ }
43	+ else {
44	+ // IIS
45	+ if ( $is_IIS ) {
46	+ sfml_insert_multisite_iis7_rewrite_rules( sfml_multisite_iis7_rewrite_rules() );
47	+ }
48	+ // Apache
49	+ else {
50	+ if ( got_mod_rewrite() )
51	+ sfml_insert_multisite_rewrite_rules( sfml_multisite_rewrite_rules() );
52	+ else
53	+ wp_die( $die_msg . __('It seems the url rewrite module is not activated on your server. <i>SF Move Login</i> will not be activated.', 'sfml'), __('Error'), array('back_link' => true) );
54	+ }
55	+ }
56	+
57	+ if ( count($notices) )
58	+ set_transient('sfml_notices-'.get_current_user_id(), $notices);
59	+ }
60	+ }
61	+
62	+
63	+ register_deactivation_hook( SFML_FILE, 'sfml_deactivate' );
64	+ function sfml_deactivate() {
65	+ if ( is_multisite() ) {
66	+ // IIS
67	+ if ( iis7_supports_permalinks() )
68	+ sfml_insert_multisite_iis7_rewrite_rules(); // Empty content
69	+ // Apache
70	+ else
71	+ sfml_insert_multisite_rewrite_rules(); // Empty content
72	+ }
73	+ else {
74	+ // Remove the plugin rules
75	+ $rules = sfml_rules();
76	+ foreach ( $rules as $action => $rule ) {
77	+ remove_rewrite_rule( $action.'/?$', $rule, 'top' );
78	+ }
79	+ // Flush .htaccess
80	+ flush_rewrite_rules();
81	+ }
82	+ }
83	+
84	+
85	+ // !On deactivation, the plugin rules must be removed before flushing them (they're still in $wp_rewrite).
86	+ if ( !function_exists('remove_rewrite_rule') ):
87	+ function remove_rewrite_rule( $regex, $redirect, $after = 'bottom' ) {
88	+ global $wp_rewrite;
89	+ $index = (strpos($redirect, '?') == false ? strlen($redirect) : strpos($redirect, '?'));
90	+ $front = substr($redirect, 0, $index);
91	+ if ( $front != $wp_rewrite->index ) { //it doesn't redirect to WP's index.php
92	+ unset($wp_rewrite->non_wp_rules[$regex]);
93	+ } else {
94	+ if ( 'bottom' == $after)
95	+ unset($wp_rewrite->extra_rules[$regex]);
96	+ else
97	+ unset($wp_rewrite->extra_rules_top[$regex]);
98	+ }
99	+ }
100	+ endif;
101	+
102	+
103	+ /* ----------------------------------------------------------------------------- */
104	+ /* */
105	+ /* Admin notices */
106	+ /* */
107	+ /* ----------------------------------------------------------------------------- */
108	+
109	+ add_action('admin_init', 'sfml_notices');
110	+ function sfml_notices() {
111	+ $user_id = get_current_user_id();
112	+ $notices = get_transient('sfml_notices-'.$user_id);
113	+
114	+ if ( $notices && is_array($notices) && count($notices) ) {
115	+ $action = is_network_admin() ? 'network_admin_notices' : 'admin_notices';
116	+ foreach ( $notices as $notice ) {
117	+ add_action( $action, 'sfml_'.$notice.'_notice' );
118	+ }
119	+ delete_transient('sfml_notices-'.$user_id);
120	+ }
121	+ }
122	+
123	+
124	+ function sfml_htaccess_not_writable_notice() {
125	+ $file = iis7_supports_permalinks() ? '<code>web.config</code>' : '<code>.htaccess</code>';
126	+ $link = is_network_admin() ? '<a href="settings.php?page=move-login">SF Move Login</a>' : '<a href="options-permalink.php">'.__('Permalinks').'</a>';
127	+ echo '<div class="error"><p>'
128	+ .sprintf(
129	+ __('<i>SF Move Login</i> needs access to the %1$s file. Please visit the %2$s settings page and copy/paste the given code into the %1$s file.', 'sfml'),
130	+ $file,
131	+ $link
132	+ )
133	+ .'</p></div>';
134	+ }
135	+
136	+
137	+ /* ----------------------------------------------------------------------------- */
138	+ /* */
139	+ /* Rewrite rules: APACHE */
140	+ /* */
141	+ /* ----------------------------------------------------------------------------- */
142	+
143	+ // !Return the multisite rewrite rules (as an array)
144	+
145	+ function sfml_multisite_rewrite_rules() {
146	+ global $wpdb;
147	+ $base = parse_url( trailingslashit( get_option( 'home' ) ), PHP_URL_PATH );
148	+ $subdomain_install = is_multisite() ? is_subdomain_install() : (bool) $wpdb->get_var( "SELECT meta_value FROM $wpdb->sitemeta WHERE site_id = 1 AND meta_key = 'subdomain_install'" );
149	+ $subdir_match = $subdomain_install ? '' : '([_0-9a-zA-Z-]+/)?';
150	+ $rules = sfml_rules();
151	+
152	+ $out = array(
153	+ '<IfModule mod_rewrite.c>',
154	+ 'RewriteEngine On',
155	+ 'RewriteBase '.$base,
156	+ '',
157	+ );
158	+ foreach ( $rules as $action => $rule ) {
159	+ $out[] = "RewriteRule ^".$subdir_match.$action.'/?$ $1'.$rule.' [QSA,L]';
160	+ }
161	+ $out[] = '</IfModule>';
162	+
163	+ return $out;
164	+ }
165	+
166	+
167	+ // !Insert content in htaccess file, before the WP block
168	+ // @var $rules array\|string
169	+
170	+ function sfml_insert_multisite_rewrite_rules( $rules = '' ) {
171	+ $home_path = get_home_path();
172	+ $htaccess_file = $home_path.'.htaccess';
173	+
174	+ global $wp_rewrite;
175	+ $has_htaccess = file_exists( $htaccess_file );
176	+
177	+ // IF no htaccess and parent directory is writeable and we have rules to write and permalinks are being used and rewrite module is enabled
178	+ // OR htaccess is writeable.
179	+ if ( ( !$has_htaccess && is_writeable( $home_path ) && $rules && $wp_rewrite->using_mod_rewrite_permalinks() ) \|\| is_writeable( $htaccess_file ) ) {
180	+ // Current htaccess content
181	+ $htaccess_content = $has_htaccess ? file_get_contents( $htaccess_file ) : '';
182	+
183	+ // No WordPress rules? There's a problem somewhere.
184	+ if ( false === strpos($htaccess_content, '# BEGIN WordPress') && $rules )
185	+ return insert_with_markers( $htaccess_file, 'SF Move Login', $rules );
186	+
187	+ // Remove the SF Move Login marker
188	+ $htaccess_content = preg_replace( "/# BEGIN SF Move Login.# END SF Move Login\n/is", '', $htaccess_content );
189	+
190	+ // New content
191	+ $rules = is_array($rules) ? implode("\n", $rules) : $rules;
192	+ $rules = trim($rules, "\r\n ");
193	+ if ( $rules ) {
194	+ // The new content need to be inserted before the WordPress rules
195	+ $rules = "# BEGIN SF Move Login\n".$rules."\n# END SF Move Login\n\n\n# BEGIN WordPress";
196	+ $htaccess_content = str_replace('# BEGIN WordPress', $rules, $htaccess_content);
197	+ }
198	+
199	+ // Update the .htacces file
200	+ return (bool) file_put_contents( $htaccess_file , $htaccess_content );
201	+ }
202	+ return false;
203	+ }
204	+
205	+
206	+ /* ----------------------------------------------------------------------------- */
207	+ /* */
208	+ /* Rewrite rules: IIS */
209	+ /* */
210	+ /* ----------------------------------------------------------------------------- */
211	+
212	+ // !Return the multisite rewrite rules for IIS systems (as a part of a xml system)
213	+
214	+ function sfml_multisite_iis7_rewrite_rules() {
215	+ global $wpdb;
216	+ $base = parse_url( trailingslashit( get_option( 'home' ) ), PHP_URL_PATH );
217	+ $subdomain_install = is_multisite() ? is_subdomain_install() : (bool) $wpdb->get_var( "SELECT meta_value FROM $wpdb->sitemeta WHERE site_id = 1 AND meta_key = 'subdomain_install'" );
218	+ $subdir_match = $subdomain_install ? '' : '([_0-9a-zA-Z-]+/)?';
219	+ $iis_subdir_match = ltrim( $base, '/' ) . $subdir_match;
220	+ $iis_subdir_replacement = $subdomain_install ? '' : '{R:1}';
221	+ $rules = sfml_rules();
222	+
223	+ $rule_i = 1;
224	+ $space = str_repeat(' ', 16);
225	+ $out = array();
226	+ foreach ( $rules as $action => $rule ) {
227	+ $out[] = $space . '<rule name="SF Move Login Rule ' . $rule_i . '" stopProcessing="true">'."\n"
228	+ . $space . ' <match url="^' . $iis_subdir_match . $action . '/?$" ignoreCase="false" />'."\n"
229	+ . $space . ' <action type="Redirect" url="' . $iis_subdir_replacement . $rule . '" redirectType="Permanent" />'."\n"
230	+ . $space . '</rule>'."\n";
231	+ $rule_i++;
232	+ }
233	+
234	+ return $out;
235	+ }
236	+
237	+
238	+ // !Insert content in web.config file, before the WP block
239	+ // @var $rules array\|string
240	+
241	+ function sfml_insert_multisite_iis7_rewrite_rules( $rules = '' ) {
242	+ $home_path = get_home_path();
243	+ $web_config_file = $home_path.'web.config';
244	+
245	+ global $wp_rewrite;
246	+ $has_web_config = file_exists( $web_config_file );
247	+
248	+ if ( !class_exists('DOMDocument') )
249	+ return false;
250	+
251	+ // New content
252	+ $rules = is_array($rules) ? implode("\n", $rules) : $rules;
253	+ $rules = trim($rules, "\r\n");
254	+
255	+ // IF no web.config and parent directory is writeable and we have rules to write and permalinks are being used and rewrite module is enabled
256	+ // OR web.config is writeable.
257	+ if ( ( !$has_web_config && win_is_writeable( $home_path ) && $rules && $wp_rewrite->using_mod_rewrite_permalinks() ) \|\| win_is_writeable( $web_config_file ) ) {
258	+
259	+ // If configuration file does not exist then we create one.
260	+ if ( !$has_web_config ) {
261	+ $fp = fopen( $web_config_file, 'w');
262	+ fwrite($fp, '<configuration/>');
263	+ fclose($fp);
264	+ }
265	+
266	+ $doc = new DOMDocument();
267	+ $doc->preserveWhiteSpace = false;
268	+
269	+ if ( $doc->load($web_config_file) === false )
270	+ return false;
271	+
272	+ $xpath = new DOMXPath($doc);
273	+
274	+ // Remove old rules
275	+ $old_rules = $xpath->query('/configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'SF Move Login\')]');
276	+ if ( $old_rules->length > 0 ) {
277	+ $child = $old_rules->item(0);
278	+ $parent = $child->parentNode;
279	+ $parent->removeChild($child);
280	+ }
281	+
282	+ // No new rules?
283	+ if ( !$rules ) {
284	+ $doc->formatOutput = true;
285	+ saveDomDocument($doc, $web_config_file);
286	+ return true;
287	+ }
288	+
289	+ // Check the XPath to the rewrite rule and create XML nodes if they do not exist
290	+ $xmlnodes = $xpath->query('/configuration/system.webServer/rewrite/rules');
291	+ if ( $xmlnodes->length > 0 ) {
292	+ $rules_node = $xmlnodes->item(0);
293	+ } else {
294	+ $rules_node = $doc->createElement('rules');
295	+
296	+ $xmlnodes = $xpath->query('/configuration/system.webServer/rewrite');
297	+ if ( $xmlnodes->length > 0 ) {
298	+ $rewrite_node = $xmlnodes->item(0);
299	+ $rewrite_node->appendChild($rules_node);
300	+ } else {
301	+ $rewrite_node = $doc->createElement('rewrite');
302	+ $rewrite_node->appendChild($rules_node);
303	+
304	+ $xmlnodes = $xpath->query('/configuration/system.webServer');
305	+ if ( $xmlnodes->length > 0 ) {
306	+ $system_webServer_node = $xmlnodes->item(0);
307	+ $system_webServer_node->appendChild($rewrite_node);
308	+ } else {
309	+ $system_webServer_node = $doc->createElement('system.webServer');
310	+ $system_webServer_node->appendChild($rewrite_node);
311	+
312	+ $xmlnodes = $xpath->query('/configuration');
313	+ if ( $xmlnodes->length > 0 ) {
314	+ $config_node = $xmlnodes->item(0);
315	+ $config_node->appendChild($system_webServer_node);
316	+ } else {
317	+ $config_node = $doc->createElement('configuration');
318	+ $doc->appendChild($config_node);
319	+ $config_node->appendChild($system_webServer_node);
320	+ }
321	+ }
322	+ }
323	+ }
324	+
325	+ $rule_fragment = $doc->createDocumentFragment();
326	+ $rule_fragment->appendXML($rules);
327	+
328	+ // Insert before the WP rules
329	+ $wordpress_rules = $xpath->query('/configuration/system.webServer/rewrite/rules/rule[starts-with(@name,\'wordpress\')]');
330	+ if ( $wordpress_rules->length > 0 ) {
331	+ $child = $wordpress_rules->item(0);
332	+ $parent = $child->parentNode;
333	+ $parent->insertBefore($element, $child);
334	+ }
335	+ else {
336	+ $rules_node->appendChild($rule_fragment);
337	+ }
338	+
339	+ $doc->encoding = "UTF-8";
340	+ $doc->formatOutput = true;
341	+ saveDomDocument($doc, $web_config_file);
342	+
343	+ return true;
344	+ }
345	+ return false;
346	+ }
347	+
348	+
349	+ /* ----------------------------------------------------------------------------- */
350	+ /* */
351	+ /* Link to the plugin network "settings" page */
352	+ /* */
353	+ /* ----------------------------------------------------------------------------- */
354	+
355	+
356	+ add_filter( 'network_admin_plugin_action_links_'.plugin_basename( SFML_FILE ), 'sfml_settings_action_links', 10, 2 );
357	+ function sfml_settings_action_links( $links, $file ) {
358	+ $links['settings'] = '<a href="' . network_admin_url( 'settings.php?page=move-login' ) . '">' . __("Settings") . '</a>';
359	+ return $links;
360	+ }
361	+
362	+
363	+ /* ----------------------------------------------------------------------------- */
364	+ /* */
365	+ /* Plugin network "settings" page */
366	+ /* */
367	+ /* ----------------------------------------------------------------------------- */
368	+
369	+ add_action('network_admin_menu', 'sfml_network_admin_menu');
370	+ function sfml_network_admin_menu() {
371	+ add_submenu_page( 'settings.php', 'SF Move Login', 'SF Move Login', 'manage_network_options', 'move-login', 'sfml_settings_page' );
372	+ }
373	+
374	+
375	+ function sfml_settings_page() {
376	+ global $title, $wpdb; ?>
377	+ <div class="wrap">
378	+ <?php screen_icon('tools'); ?>
379	+ <h2><?php echo esc_html( $title ); ?></h2>
380	+
381	+ <?php
382	+ // IIS
383	+ if ( iis7_supports_permalinks() ) {
384	+ $htaccess_file = implode( "\n", sfml_multisite_iis7_rewrite_rules() );
385	+ $height = 20;
386	+ $file = '<code>web.config</code>';
387	+ $above = '<code><rule name="WordPress Rule 1" stopProcessing="true"></code>';
388	+ }
389	+ // Apache
390	+ else {
391	+ $htaccess_file = "\n# BEGIN SF Move Login\n";
392	+ $htaccess_file .= implode( "\n", sfml_multisite_rewrite_rules() );
393	+ $htaccess_file .= "\n# END SF Move Login\n";
394	+ $height = substr_count( $htaccess_file, "\n" );
395	+ $file = '<code>.htaccess</code>';
396	+ $above = '<code># BEGIN WordPress</code>';
397	+ }
398	+
399	+ // Message
400	+ $base = parse_url( trailingslashit( get_option( 'home' ) ), PHP_URL_PATH );
401	+ $document_root_fix = str_replace( '\\', '/', realpath( $_SERVER['DOCUMENT_ROOT'] ) );
402	+ $abspath_fix = str_replace( '\\', '/', ABSPATH );
403	+ $home_path = 0 === strpos( $abspath_fix, $document_root_fix ) ? $document_root_fix . $base : get_home_path();
404	+ ?>
405	+ <ol>
406	+ <li><p><?php _e( 'Make sure to enable permalinks for ALL your blogs.', 'sfml' ); ?></p></li>
407	+ <li>
408	+ <p><?php printf( __( 'If the plugin fails to add the new rewrite rules to your %1$s file on activation, add the following to your %1$s file in %2$s, replacing other %3$s rules if they exist, <strong>above</strong> the line reading %4$s:', 'sfml' ), $file, '<code>'.$home_path.'</code>', 'SF Move Login', $above ); ?></p>
409	+ <textarea class="code readonly" readonly="readonly" cols="120" rows="<?php echo $height; ?>"><?php echo esc_textarea( $htaccess_file ); ?></textarea>
410	+ </li>
411	+ </ol>
412	+
413	+
414	+ </div>
415	+ <?php
416	+ }
417	+ /**/

languages/sfml-fr_FR.mo ADDED Viewed

Binary file

languages/sfml-fr_FR.po ADDED Viewed

	@@ -0,0 +1,47 @@


1	+ # LANGUAGE French translation for SF Move Login plugin for WordPress.
2	+ # Copyright (C) 2013 Grégory Viguier
3	+ # Grégory Viguier.
4	+ #
5	+ msgid ""
6	+ msgstr ""
7	+ "Project-Id-Version: sfml 0.2\n"
8	+ "Report-msgid -Bugs-To: http://scri.in/contact/\n"
9	+ "POT-Creation-Date: 2013-06-01 00:04+0100\n"
10	+ "PO-Revision-Date: 2013-09-08 21:49+0100\n"
11	+ "Last-Translator: Grégory Viguier <gregory@screenfeed.fr>\n"
12	+ "Language-Team: fr_FR\n"
13	+ "MIME-Version: 1.0\n"
14	+ "Content-Type: text/plain; charset=utf-8\n"
15	+ "Content-Transfer-Encoding: 8bit\n"
16	+ "Plural-Forms: nplurals=2; plural=n>1;\n"
17	+ "X-Poedit-SourceCharset: utf-8\n"
18	+ "X-Poedit-KeywordsList: __;_e\n"
19	+ "Language: fr_FR\n"
20	+ "X-Generator: Poedit 1.5.7\n"
21	+
22	+ msgid "Change your login url to http://example.com/login"
23	+ msgstr "Changez l'url de votre page de connexion pour http://example.com/login"
24	+
25	+ msgid "No no no, the login form is not here."
26	+ msgstr "Non non non, le formulaire de connexion ne se trouve pas ici."
27	+
28	+ msgid "<strong>SF Move Login</strong> has not been activated."
29	+ msgstr "<strong>SF Move Login</strong> n'a pas été activé."
30	+
31	+ msgid "It seems your server configuration prevent the plugin to work properly. <i>SF Move Login</i> will not be activated."
32	+ msgstr "Il semble que votre configuration serveur empêche l'extension de fonctionner correctement. <i>SF Move Login</i> ne sera pas activé."
33	+
34	+ msgid "It seems the url rewrite module is not activated on your server. <i>SF Move Login</i> will not be activated."
35	+ msgstr "Il semble que le module de réécriture d'url n'est pas activé sur votre serveur. <i>SF Move Login</i> ne sera pas activé."
36	+
37	+ msgid "<i>SF Move Login</i> needs access to the %1$s file. Please visit the %2$s settings page and copy/paste the given code into the %1$s file."
38	+ msgstr "<i>SF Move Login</i> a besoin d'accéder au fichier %1$s. Merci de vous rendre sur la page de réglages des %2$s et de copier/coller le code fourni dans le fichier %1$s."
39	+
40	+ msgid "Make sure to enable permalinks for ALL your blogs."
41	+ msgstr "Assurez-vous d'activer les permaliens sur TOUS vos blogs."
42	+
43	+ msgid "If the plugin fails to add the new rewrite rules to your %1$s file on activation, add the following to your %1$s file in %2$s, replacing other %3$s rules if they exist, <strong>above</strong> the line reading %4$s:"
44	+ msgstr "Si l'extension ne peut ajouter les nouvelles règles de réécriture à votre fichier %1$s à son activation, ajoutez les lignes suivantes à votre fichier %1$s dans %2$s, en remplacement des autres règles liées à %3$s si elles existent, <strong>au-dessus</strong> de la ligne %4$s :"
45	+
46	+ msgid "Please make sure to enable %s."
47	+ msgstr "Assurez-vous d'activer les %s."

readme.txt ADDED Viewed

	@@ -0,0 +1,122 @@


1	+ === Move Login ===
2	+
3	+ Contributors: GregLone, SecuPress, juliobox
4	+ Tags: login, logout, url, security
5	+ Requires at least: 3.0
6	+ Tested up to: 3.7
7	+ Stable tag: trunk
8	+ License: GPLv3
9	+ License URI: http://www.screenfeed.fr/gpl-v3.txt
10	+
11	+ Change your login url for http://example.com/login and stop login brute force attempts.
12	+
13	+
14	+ == Description ==
15	+
16	+ This plugin forbids access to http://example.com/wp-login.php and creates new urls, like http://example.com/login or http://example.com/logout.
17	+
18	+ This is a great way to limit bots trying to brute force your login (trying to guess your login and password). Of course, the new urls are easier to remember too.
19	+ The plugin is small, fast, and does not create new security vulnerabilities like some other plugins I've seen.
20	+
21	+ No settings: activate, it works.
22	+
23	+ Also remember: the use of this plugin does NOT exempt you to use a strong password. Moreover, never use "admin" as login, this is the first attempt for bots.
24	+
25	+ = Translations =
26	+
27	+ * English
28	+ * French
29	+
30	+ = Multisite =
31	+
32	+ Yep!
33	+ The plugin must be activated from your network.
34	+
35	+ = Requirements =
36	+
37	+ * See some important informations in the "Installation" tab.
38	+ * Should work on IIS servers but not tested.
39	+
40	+
41	+ == Installation ==
42	+
43	+ 1. Extract the plugin folder from the downloaded ZIP file.
44	+ 1. Upload the `sf-move-login` folder to your `/wp-content/plugins/` directory.
45	+ 1. Enable url rewriting in the permalinks settings page.
46	+ 1. If you have another plugin that redirects http://example.com/login to http://example.com/wp-login.php (a short-links plugin for example), disable it or remove the redirection, otherwise they will conflict and you'll be locked out. See the faq in case you're not able to reach the login page (make sure to have a ftp access to your site).
47	+ 1. Activate the plugin from the "Plugins" page.
48	+ 1. If the plugin can't write your `.htaccess` file or `web.config` file, you'll need to edit it yourself with a ftp access.
49	+
50	+
51	+ == Frequently Asked Questions ==
52	+
53	+ = Can I set my own urls? =
54	+
55	+ Nop, sorry. I prefer keep the plugin as simple as possible. May be I'll consider it for a future version.
56	+
57	+ = I'm locked out! I can't access the login page! =
58	+
59	+ You're screwed! No, I'm kidding, but you need a ftp access to your site. When logged in with your ftp software, open the file wp-config.php located at the root of your installation. Simply add this in the file: `define('SFML_ALLOW_LOGIN_ACCESS', true);` and save the file. This will bypass the plugin and you'll be able to access http://example.com/wp-login.php. Another plugin may conflict, you'll need to find which one before removing this new line of code.
60	+
61	+ = Does it really work for Multisite? =
62	+
63	+ Yes. Each blog has its own login page. The plugin must be network activated. Make sure permalinks are activated for ALL your blogs. In case the plugin fails to add the rewrite rules, there's a new "settings" page in your network admin area: "Settings" -> "SF Move Login". You'll be able to copy/paste the needed lines to your `.htaccess` file or `web.config` file, you'll need to edit it yourself with a ftp access.
64	+
65	+ = I've enabled the Multisite feature on my site, but the plugin does not work anymore :( =
66	+
67	+ Multisite and monosite installations does not have the same rewrite rules. Simply deactivate the plugin, and "network" activate it again. The new rules will be created.
68	+
69	+ Eventually, check out [my blog](http://www.screenfeed.fr/caravan-1-0/ "SF Move Login version 1.0 Announcement") for more infos, help, or bug reports (sorry guys, it's in french, but feel free to leave a comment in english).
70	+
71	+
72	+ == Screenshots ==
73	+
74	+ 1. "Settings" -> "Permalinks": the rewrite rules in case the .htaccess file is not writable.
75	+ 2. "Network" -> "Settings" -> "SF Move Login": the rewrite rules for multisite installations.
76	+
77	+
78	+ == Changelog ==
79	+
80	+ = 1.0.1 =
81	+
82	+ * 2013/09/30
83	+ * Very minor bug fix: messed author link -_-'
84	+
85	+ = 1.0 =
86	+
87	+ * 2013/09/20
88	+ * First stable version.
89	+ * New: 1 new action called `sfml_wp_login_error` is now available for the `wp-login.php` error message, you can use your own `wp_die()` or redirect to another error page for example.
90	+
91	+ = 1.0-RC2 =
92	+
93	+ * 2013/09/12
94	+ * Bugfix: activation for multisite with not writable .htaccess file, a wrong message was shown, preventing activation (was I drunk?).
95	+ * tested on multisite with subdomain.
96	+ * SecuPress is joining the project :)
97	+
98	+ = 1.0-RC1 =
99	+
100	+ * 2013/09/11
101	+ * New: Multisite support (must be "network" activated).
102	+ * Enhancement: updated the set_url_scheme() function to the one in WP 3.6.1 (used for WP < 3.4).
103	+ * Enhancement: better rewrite rules.
104	+ * Bugfix: The plugin rewrite rules are now really removed from the .htaccess file on deactivation.
105	+
106	+ = 0.1.1 =
107	+
108	+ * 2013/06/04
109	+ * Bugfix: php notice due to a missing parameter.
110	+ * Bugfix: incorrect network_site_url filter.
111	+
112	+ = 0.1 =
113	+
114	+ * 2013/06/03
115	+ * First public beta release
116	+ * Thanks to juliobox, who's joining the project :)
117	+
118	+
119	+ == Upgrade Notice ==
120	+
121	+ = 1.0 =
122	+ This is the first stable version of the plugin.

sf-move-login.php ADDED Viewed

	@@ -0,0 +1,261 @@


1	+ <?php
2	+ /*
3	+ * Plugin Name: SF Move Login
4	+ * Plugin URI: http://www.screenfeed.fr
5	+ * Description: Change your login url to http://example.com/login
6	+ * Version: 1.0.1
7	+ * Author: Grégory Viguier
8	+ * Author URI: http://www.screenfeed.fr/greg/
9	+ * License: GPLv3
10	+ * License URI: http://www.screenfeed.fr/gpl-v3.txt
11	+ * Network: true
12	+ * Text Domain: sfml
13	+ * Domain Path: /languages/
14	+ */
15	+
16	+ if( !defined( 'ABSPATH' ) )
17	+ die( 'Cheatin\' uh?' );
18	+
19	+ define( 'SFML_VERSION', '1.0.1' );
20	+ define( 'SFML_FILE', __FILE__ );
21	+
22	+
23	+ if ( is_admin() && !(defined('DOING_AJAX') && DOING_AJAX) )
24	+ include( plugin_dir_path( SFML_FILE ) . 'inc/admin.inc.php' );
25	+
26	+
27	+ /* ----------------------------------------------------------------------------- */
28	+ /* */
29	+ /* i18n support */
30	+ /* */
31	+ /* ----------------------------------------------------------------------------- */
32	+
33	+ add_action( 'init', 'sfml_lang_init' );
34	+ function sfml_lang_init() {
35	+ load_plugin_textdomain( 'sfml', false, basename( dirname( SFML_FILE ) ) . '/languages/' );
36	+ }
37	+
38	+
39	+ /* ----------------------------------------------------------------------------- */
40	+ /* */
41	+ /* Rewrite rules */
42	+ /* */
43	+ /* ----------------------------------------------------------------------------- */
44	+
45	+ // !Add rewrite rules
46	+
47	+ add_action( 'setup_theme', 'sfml_rewrite' );
48	+ function sfml_rewrite() {
49	+ if ( is_multisite() )
50	+ return;
51	+
52	+ $rules = sfml_rules();
53	+
54	+ foreach ( $rules as $action => $rule ) {
55	+ add_rewrite_rule( $action.'/?$', $rule, 'top' );
56	+ }
57	+ }
58	+
59	+
60	+ // !Return an array of action => url
61	+
62	+ function sfml_rules() {
63	+ $actions = array( 'postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register' );
64	+ $rules = array(
65	+ 'login' => 'wp-login.php',
66	+ );
67	+
68	+ foreach ( $actions as $action ) {
69	+ $rules[$action] = 'wp-login.php?action='.$action;
70	+ }
71	+ return $rules;
72	+ }
73	+
74	+
75	+ /* ----------------------------------------------------------------------------- */
76	+ /* */
77	+ /* Bypass */
78	+ /* */
79	+ /* ----------------------------------------------------------------------------- */
80	+
81	+ if ( defined('SFML_ALLOW_LOGIN_ACCESS') && SFML_ALLOW_LOGIN_ACCESS )
82	+ return;
83	+
84	+
85	+ /* ----------------------------------------------------------------------------- */
86	+ /* */
87	+ /* Filter urls */
88	+ /* */
89	+ /* ----------------------------------------------------------------------------- */
90	+
91	+ // !Site URL
92	+
93	+ add_filter( 'site_url', 'sfml_site_url', 10, 4);
94	+ function sfml_site_url( $url, $path, $scheme, $blog_id = null ) {
95	+ if ( ($scheme === 'login' \|\| $scheme === 'login_post') && !empty($path) && is_string($path) && strpos($path, '..') === false && strpos($path, 'wp-login.php') !== false ) {
96	+ // Base url
97	+ if ( empty( $blog_id ) \|\| !is_multisite() ) {
98	+ $url = get_option( 'siteurl' );
99	+ } else {
100	+ switch_to_blog( $blog_id );
101	+ $url = get_option( 'siteurl' );
102	+ restore_current_blog();
103	+ }
104	+
105	+ $url = set_url_scheme( $url, $scheme );
106	+ return $url . sfml_set_path( $path );
107	+ }
108	+ return $url;
109	+ }
110	+
111	+
112	+ // !Network site URL
113	+
114	+ add_filter( 'network_site_url', 'sfml_network_site_url', 10, 3);
115	+ function sfml_network_site_url( $url, $path, $scheme ) {
116	+ if ( ($scheme === 'login' \|\| $scheme === 'login_post') && !empty($path) && is_string($path) && strpos($path, '..') === false && strpos($path, 'wp-login.php') !== false ) {
117	+ global $current_site;
118	+
119	+ $url = set_url_scheme( 'http://' . $current_site->domain . $current_site->path, $scheme );
120	+ return $url . sfml_set_path( $path );
121	+ }
122	+ return $url;
123	+ }
124	+
125	+
126	+ // !Logout url: wp_logout_url() add the action param after using site_url()
127	+
128	+ add_filter( 'logout_url', 'sfml_logout_url' );
129	+ function sfml_logout_url( $link ) {
130	+ return sfml_login_to_action( $link, 'logout' );
131	+ }
132	+
133	+
134	+ // !Forgot password url: lostpassword_url() add the action param after using site_url()
135	+
136	+ add_filter( 'lostpassword_url', 'sfml_lostpass_url' );
137	+ function sfml_lostpass_url( $link ) {
138	+ return sfml_login_to_action( $link, 'lostpassword' );
139	+ }
140	+
141	+
142	+ /* ----------------------------------------------------------------------------- */
143	+ /* */
144	+ /* Redirections */
145	+ /* */
146	+ /* ----------------------------------------------------------------------------- */
147	+
148	+ // !Redirections are hard-coded
149	+
150	+ add_filter('wp_redirect', 'sfml_redirect', 10, 2);
151	+ function sfml_redirect( $location, $status ) {
152	+ if ( site_url( reset( explode( '?', $location ) ) ) == site_url( 'wp-login.php' ) )
153	+ return sfml_site_url( $location, $location, 'login', get_current_blog_id() );
154	+
155	+ return $location;
156	+ }
157	+
158	+
159	+ /* ----------------------------------------------------------------------------- */
160	+ /* */
161	+ /* Forbid access to wp-login.php */
162	+ /* */
163	+ /* ----------------------------------------------------------------------------- */
164	+
165	+ // !No, you won't use wp-login.php
166	+
167	+ add_action( 'login_init', 'sfml_login_init', 0 );
168	+ function sfml_login_init() {
169	+ $uri = !empty($GLOBALS['HTTP_SERVER_VARS']['REQUEST_URI']) ? $GLOBALS['HTTP_SERVER_VARS']['REQUEST_URI'] : (!empty($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '');
170	+ $uri = parse_url( $uri );
171	+ $uri = !empty($uri['path']) ? str_replace( '/', '', basename($uri['path']) ) : '';
172	+
173	+ if ( $uri === 'wp-login.php' ) {
174	+ do_action( 'sfml_wp_login_error' );
175	+
176	+ if ( !did_action('sfml_wp_login_error') )
177	+ sfml_wp_login_error();
178	+ }
179	+ }
180	+
181	+
182	+ add_action( 'sfml_wp_login_error', 'sfml_wp_login_error' );
183	+ function sfml_wp_login_error() {
184	+ wp_die( __('No no no, the login form is not here.', 'sfml') );
185	+ }
186	+
187	+
188	+ /* ----------------------------------------------------------------------------- */
189	+ /* */
190	+ /* Utilities */
191	+ /* */
192	+ /* ----------------------------------------------------------------------------- */
193	+
194	+ function sfml_set_path( $path ) {
195	+ // Action
196	+ $parsed_path = parse_url( $path );
197	+ if ( !empty( $parsed_path['query'] ) ) {
198	+ wp_parse_str( $parsed_path['query'], $params );
199	+ $action = !empty( $params['action'] ) ? $params['action'] : 'login';
200	+
201	+ if ( isset( $params['key'] ) )
202	+ $action = 'resetpass';
203	+
204	+ if ( !in_array( $action, array( 'postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login' ), true ) && false === has_filter( 'login_form_' . $action ) )
205	+ $action = 'login';
206	+ } else
207	+ $action = 'login';
208	+
209	+ // Path
210	+ $path = str_replace('wp-login.php', $action, $path);
211	+ $path = remove_query_arg('action', $path);
212	+
213	+ return '/' . ltrim( $path, '/' );
214	+ }
215	+
216	+
217	+ // !login?action=logout -> /logout
218	+
219	+ function sfml_login_to_action( $link, $action ) {
220	+ if ( $link && strpos($link, '/'.$action) === false )
221	+ return str_replace(array('/login', '&', '?amp;', '&'), array('/'.$action, '&', '?', '&'), remove_query_arg('action', $link));
222	+ return $link;
223	+ }
224	+
225	+
226	+ /* ----------------------------------------------------------------------------- */
227	+ /* */
228	+ /* For WP < 3.4 */
229	+ /* */
230	+ /* ----------------------------------------------------------------------------- */
231	+
232	+ if ( !function_exists('set_url_scheme') ):
233	+ function set_url_scheme( $url, $scheme = null ) {
234	+ $orig_scheme = $scheme;
235	+ if ( ! in_array( $scheme, array( 'http', 'https', 'relative' ) ) ) {
236	+ if ( ( 'login_post' == $scheme \|\| 'rpc' == $scheme ) && ( force_ssl_login() \|\| force_ssl_admin() ) )
237	+ $scheme = 'https';
238	+ elseif ( ( 'login' == $scheme ) && force_ssl_admin() )
239	+ $scheme = 'https';
240	+ elseif ( ( 'admin' == $scheme ) && force_ssl_admin() )
241	+ $scheme = 'https';
242	+ else
243	+ $scheme = ( is_ssl() ? 'https' : 'http' );
244	+ }
245	+
246	+ $url = trim( $url );
247	+ if ( substr( $url, 0, 2 ) === '//' )
248	+ $url = 'http:' . $url;
249	+
250	+ if ( 'relative' == $scheme ) {
251	+ $url = ltrim( preg_replace( '#^\w+://[^/]*#', '', $url ) );
252	+ if ( $url !== '' && $url[0] === '/' )
253	+ $url = '/' . ltrim($url , "/ \t\n\r\0\x0B" );
254	+ } else {
255	+ $url = preg_replace( '#^\w+://#', $scheme . '://', $url );
256	+ }
257	+
258	+ return apply_filters( 'set_url_scheme', $url, $scheme, $orig_scheme );
259	+ }
260	+ endif;
261	+ /**/