Version Description
- Efficiencies improved.
- Edited global variables for efficiency.
- Eliminated potential conditional statment oversights in later updates.
Download this release
Release Info
Developer | peterdog |
Plugin | Stealth Login Page |
Version | 2.1.2 |
Comparing to | |
See all releases |
Code changes from version 2.1.1 to 2.1.2
- includes/display-functions.php +6 -22
- plugin.php +2 -2
- readme.txt +11 -1
includes/display-functions.php
CHANGED
@@ -3,39 +3,23 @@
|
|
3 |
/*
|
4 |
* Check the URL of the WordPress login page for a specific query string.
|
5 |
*
|
6 |
-
* assumes login string is
|
7 |
-
* http://yoursite/wp-login.php?question=answer
|
8 |
*/
|
9 |
|
10 |
add_action( 'login_init', 'slp_login_stringcheck' );
|
11 |
function slp_login_stringcheck() {
|
12 |
|
13 |
-
global $slp_options, $custom_url
|
14 |
|
15 |
// set the location a failed attempt goes to
|
16 |
$redirect = $slp_options['redirect_url'];
|
17 |
$question = $slp_options['question'];
|
18 |
$answer = $slp_options['answer'];
|
19 |
|
20 |
-
//
|
21 |
-
$form_request =
|
22 |
-
|
23 |
-
if ( ! isset( $_GET[$question] ) )
|
24 |
-
wp_redirect( esc_url_raw ($redirect), 302 );
|
25 |
-
|
26 |
-
// check for correct answer
|
27 |
-
if ( isset( $_GET[$question ] ) ) {
|
28 |
|
29 |
-
|
30 |
-
|
|
|
31 |
|
32 |
-
// if ( $form_request <= $custom_logged_out ) {
|
33 |
-
// wp_redirect( esc_url_raw ($redirect), 302 );
|
34 |
-
|
35 |
-
if ( $form_request != $custom_url ) {
|
36 |
-
wp_redirect( esc_url_raw ($redirect), 302 );
|
37 |
-
}
|
38 |
-
// }
|
39 |
-
}
|
40 |
-
}
|
41 |
}
|
3 |
/*
|
4 |
* Check the URL of the WordPress login page for a specific query string.
|
5 |
*
|
|
|
|
|
6 |
*/
|
7 |
|
8 |
add_action( 'login_init', 'slp_login_stringcheck' );
|
9 |
function slp_login_stringcheck() {
|
10 |
|
11 |
+
global $slp_options, $custom_url;
|
12 |
|
13 |
// set the location a failed attempt goes to
|
14 |
$redirect = $slp_options['redirect_url'];
|
15 |
$question = $slp_options['question'];
|
16 |
$answer = $slp_options['answer'];
|
17 |
|
18 |
+
// get the requested URL
|
19 |
+
$form_request = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
|
|
|
|
|
|
|
|
|
|
|
|
|
20 |
|
21 |
+
if ( $form_request !== $custom_url ) {
|
22 |
+
wp_redirect( esc_url_raw ($redirect), 302 );
|
23 |
+
}
|
24 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
25 |
}
|
plugin.php
CHANGED
@@ -2,7 +2,7 @@
|
|
2 |
/*
|
3 |
Plugin Name: Stealth Login Page
|
4 |
Plugin URI: http://wordpress.org/extend/plugins/stealth-login-page/
|
5 |
-
Version: 2.1.
|
6 |
Author: Jesse Petersen
|
7 |
Author URI: http://www.petersenmediagroup.com
|
8 |
Description: Protect your /wp-admin and wp-login.php pages from being accessed without editing .htaccess
|
@@ -98,7 +98,7 @@ $slp_prefix = 'slp_';
|
|
98 |
$slp_plugin_name = 'Stealth Login Page';
|
99 |
// retrieve plugin settings from options table
|
100 |
$slp_options = get_option('slp_settings');
|
101 |
-
$custom_url =
|
102 |
$custom_url_ending = "wp-login.php?" . $slp_options['question'] . '=' . $slp_options['answer'];
|
103 |
$custom_logged_out = $custom_url . '?loggedout=true';
|
104 |
$custom_lost_password = $custom_url . '&action=lostpassword';
|
2 |
/*
|
3 |
Plugin Name: Stealth Login Page
|
4 |
Plugin URI: http://wordpress.org/extend/plugins/stealth-login-page/
|
5 |
+
Version: 2.1.2
|
6 |
Author: Jesse Petersen
|
7 |
Author URI: http://www.petersenmediagroup.com
|
8 |
Description: Protect your /wp-admin and wp-login.php pages from being accessed without editing .htaccess
|
98 |
$slp_plugin_name = 'Stealth Login Page';
|
99 |
// retrieve plugin settings from options table
|
100 |
$slp_options = get_option('slp_settings');
|
101 |
+
$custom_url = site_url() . '/wp-login.php?' . $slp_options['question'] . '=' . $slp_options['answer'];
|
102 |
$custom_url_ending = "wp-login.php?" . $slp_options['question'] . '=' . $slp_options['answer'];
|
103 |
$custom_logged_out = $custom_url . '?loggedout=true';
|
104 |
$custom_lost_password = $custom_url . '&action=lostpassword';
|
readme.txt
CHANGED
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_i
|
|
4 |
Tags: login, wp-admin, redirect, security, 302
|
5 |
Requires at least: 3.4.2
|
6 |
Tested up to: 3.5.1
|
7 |
-
Stable tag: 2.1.
|
8 |
License: GPLv2 or later
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
@@ -65,6 +65,11 @@ See more [examples](http://www.petersenmediagroup.com/plugins/stealth-login-page
|
|
65 |
|
66 |
== Changelog ==
|
67 |
|
|
|
|
|
|
|
|
|
|
|
68 |
= 2.1.1 =
|
69 |
* Bugfix - stealth re-enabled AND fixed the lost password link on the login page.
|
70 |
* Pending a fix to correct the redirect upon logout. It involves a WP redirect of a one-time URL that the plugin needs to allow. I can't allow it without allowing all remote attacks again.
|
@@ -104,6 +109,11 @@ See more [examples](http://www.petersenmediagroup.com/plugins/stealth-login-page
|
|
104 |
|
105 |
== Upgrade Notice ==
|
106 |
|
|
|
|
|
|
|
|
|
|
|
107 |
= 2.1.1 =
|
108 |
* CRITICAL Bugfix - stealth re-enabled AND fixed the lost password link on the login page.
|
109 |
* Pending a fix to correct the redirect upon logout. It involves a WP redirect of a one-time URL that the plugin needs to allow. I can't allow it without allowing all remote attacks again.
|
4 |
Tags: login, wp-admin, redirect, security, 302
|
5 |
Requires at least: 3.4.2
|
6 |
Tested up to: 3.5.1
|
7 |
+
Stable tag: 2.1.2
|
8 |
License: GPLv2 or later
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
65 |
|
66 |
== Changelog ==
|
67 |
|
68 |
+
= 2.1.2 =
|
69 |
+
* Efficiencies improved.
|
70 |
+
* Edited global variables for efficiency.
|
71 |
+
* Eliminated potential conditional statment oversights in later updates.
|
72 |
+
|
73 |
= 2.1.1 =
|
74 |
* Bugfix - stealth re-enabled AND fixed the lost password link on the login page.
|
75 |
* Pending a fix to correct the redirect upon logout. It involves a WP redirect of a one-time URL that the plugin needs to allow. I can't allow it without allowing all remote attacks again.
|
109 |
|
110 |
== Upgrade Notice ==
|
111 |
|
112 |
+
= 2.1.2 =
|
113 |
+
* Efficiencies improved.
|
114 |
+
* Edited global variables for efficiency.
|
115 |
+
* Eliminated potential conditional statment oversights in later updates.
|
116 |
+
|
117 |
= 2.1.1 =
|
118 |
* CRITICAL Bugfix - stealth re-enabled AND fixed the lost password link on the login page.
|
119 |
* Pending a fix to correct the redirect upon logout. It involves a WP redirect of a one-time URL that the plugin needs to allow. I can't allow it without allowing all remote attacks again.
|