WP Limit Login Attempts - Version 2.4.9

Version Description

Release Info

Developer	arshidkv12
Plugin	WP Limit Login Attempts
Version	2.4.9
Comparing to
See all releases

Version 2.4.9

Files changed (10) hide show

captcha.php +33 -0
images/banner.png +0 -0
images/coolvetica.ttf +0 -0
images/warn.png +0 -0
images/white-wave.png +0 -0
js/main.js +25 -0
readme.txt +93 -0
style.css +146 -0
uninstall.php +20 -0
wp-limit-login-attempts.php +448 -0

captcha.php ADDED Viewed

	@@ -0,0 +1,33 @@


1	+ <?php
2	+
3	+ // Start the session
4	+ session_start();
5	+
6	+
7	+ // Set the content-type
8	+ header('Content-Type: image/png');
9	+
10	+ // Create the image
11	+ $im = @imagecreatefrompng("./images/white-wave.png");
12	+
13	+ // Create some colors
14	+ $white = imagecolorallocate($im, 255, 255, 255);
15	+ $grey = imagecolorallocate($im, 128, 128, 128);
16	+ $black = imagecolorallocate($im, 0, 0, 0);
17	+ //imagefilledrectangle($im, 0, 0, 399, 29, $white);
18	+
19	+ // The text to draw
20	+ $text = substr(md5(microtime()),rand(0,26),5);
21	+ $_SESSION["wp_limit_captcha"] = $text;
22	+
23	+ // Replace path by your own font path
24	+ $font = './images/coolvetica.ttf';
25	+
26	+
27	+
28	+ // Add the text
29	+ imagettftext($im, 20, 0, 35, 35, $black, $font, $text);
30	+
31	+ imagepng($im);
32	+ imagedestroy($im);
33	+ ?>

images/banner.png ADDED Viewed

Binary file

images/coolvetica.ttf ADDED Viewed

Binary file

images/warn.png ADDED Viewed

Binary file

images/white-wave.png ADDED Viewed

Binary file

js/main.js ADDED Viewed

	@@ -0,0 +1,25 @@


1	+ jQuery(document).ready(function($) {
2	+ if(popup_flag!="true_0152"){
3	+ var overlay = $('<div id="overlay"></div>');
4	+ overlay.show();
5	+ $('.popup').show();
6	+ overlay.appendTo(document.body);
7	+ $('.close').click(function(){
8	+ $('.popup').hide();
9	+ overlay.appendTo(document.body).remove();
10	+ return false;
11	+ });
12	+
13	+ $('.x').click(function(){
14	+ $('.popup').hide();
15	+ overlay.appendTo(document.body).remove();
16	+ return false;
17	+ });
18	+ $('.submit').click(function(){
19	+ $('.popup').hide();
20	+ overlay.appendTo(document.body).remove();
21	+ return true;
22	+ });
23	+ }
24	+ });
25	+

readme.txt ADDED Viewed

	@@ -0,0 +1,93 @@


1	+ === WP Limit Login Attempts ===
2	+ Contributors: arshidkv12
3	+ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=H5F3Z6S3MNTXA&lc=IN&item_name=wp%2dlogin%2dlimit&amount=5%2e00&currency_code=USD&button_subtype=services&bn=PP%2dBuyNowBF%3abtn_buynowCC_LG%2egif%3aNonHosted
4	+ Tags: login, security, authentication, hack, Loginizer, admin, protection,Proxy detection, Brute Force,block,attempts,captcha,verification,bots,attack,login alerts,lock, log, logging, personal security,wordpress security,secure,wordpress,blocked,secure website, admin, atempts, attemps, Auth, authentication, ban, best security, best security pligin, best wordpress security plugin, best wp security plugin, blacklist, block address, block automatically, block user, blocked, blocked ip, botnet, error log, etempts, failed attempts, limit attempts plugin,limit of locks, limit login attempts, limited attempts, lock, lockdown,login attempt, login alerts, Login Attempts, login security, maintenance, permissions, personal security, plugin, prevent, prevention, limit login attempts, private, security plugin, protection, ettempts, maximum login security
5	+ Requires at least: 3.0
6	+ Tested up to: 4.7
7	+ Stable tag: 2.4.9
8	+ License: GPLv2 or later
9	+ License URI: http://www.gnu.org/licenses/gpl-2.0.html
10	+
11	+ Limit Login Attempts for login protection. Limit rate of login attempts and block IP temporarily. It is protecting from brute force attacks.
12	+
13	+
14	+ == Description ==
15	+
16	+ Limit Login Attempts for login protection, protect site from brute force attacks.Brute Force Attack aims at being the simplest kind of method to gain access to a site: it tries usernames and passwords, over and over again, until it gets in. WP Limit Login Attempts plugin limit rate of login attempts and block IP temporarily. It is detecting bots by captcha verification.
17	+
18	+ Go to `Settings > WP Limit Login`.
19	+
20	+
21	+ = Features =
22	+
23	+ * Login Security - Limit Login Attempts and track user login attempts
24	+ * Captcha Verification
25	+ * Light weight plugin
26	+ * Mechanism for slow down brute force attack
27	+ * Redirect to home page, when abnormal request (It will stop hacking tools)
28	+
29	+ = Limit Login Attempts =
30	+
31	+ A brute force attack is a trial-and-error mеthоd uѕеd tо оbtаin infоrmаtiоn such аѕ a user раѕѕwоrd оr реrѕоnаl idеntifiсаtiоn number (PIN). In a brute force attack, аutоmаtеd software iѕ uѕеd tо gеnеrаtе a lаrgе numbеr оf соnѕесutivе guesses аѕ to thе value of thе desired data. Brute force attack may bе uѕеd by сriminаlѕ tо crack еnсrурtеd dаtа, оr bу security аnаlуѕtѕ to tеѕt an оrgаnizаtiоn’ѕ nеtwоrk security.
32	+
33	+ If уоu аdорt thе use оf this plugin, it will limit thе number оf timеѕ a uѕеr can аttеmрt tо log intо уоur ассоunt. Aftеr a сарtсhа verification would have bееn rеԛuеѕtеd, thе mесhаniѕm will ѕlоw dоwn brutе fоrсе аttасk hаving thе роwеr tо redirect tо home page аnd соmрlеtеlу аvоid intruder intо уоur рrесiоuѕ ассоunt.
34	+
35	+ = Captcha Verification =
36	+
37	+ WP Limit Login Attempts plugin provides an extra protection by Captcha.
38	+ Captcha Verification in seven attempts. It will be highly helpful for removing bots.
39	+
40	+ For more service ,<a href="http://www.ciphercoin.com" target="_blank">Please visit</a>
41	+
42	+ = Donations =
43	+
44	+ WP Limit Login Attempts plugin protecting your admin. Please make donation, I really appreciate it .
45	+
46	+ = Support =
47	+
48	+ http://www.ciphercoin.com/contact/
49	+
50	+ [youtube https://www.youtube.com/watch?v=_T8SWmMcawo]
51	+
52	+ == Installation ==
53	+
54	+ 1. Download and extract plugin files to a wp-content/plugin directory.
55	+ 2. Activate the plugin through the WordPress admin interface.
56	+ 3. Done !
57	+
58	+ == Frequently Asked Questions ==
59	+ = Why I am seeing an, "Please wait 10 minutes" error message when I try to login? =
60	+ You are tried to login with wrong password or username more than five times.
61	+ So please wait 10 minutes, then reset password by clicking "lost your password" link.
62	+
63	+ = Is it working in localhost ? =
64	+
65	+ Yes.. It will work in your local machine also.
66	+
67	+ = Captcha image is not working, How to solve it ? =
68	+
69	+ Just make captcha.php file accessible in .htaccess file located in root or wp-contet or plugin folder then try.
70	+
71	+ Enable GD extention in php.ini
72	+
73	+ Uncomment this line in php.ini file: extension=php_gd2.dll (remove the leading ;)
74	+
75	+ Or just contact hosting provider (They will enable GD extension)
76	+
77	+ == Screenshots ==
78	+ 1. Captcha Verification
79	+ 2. Limit login attempts
80	+
81	+ == Changelog ==
82	+
83	+ = 1.0 =
84	+
85	+ First version of plugin.
86	+
87	+ = 2.0 =
88	+
89	+ Add admin settings page
90	+
91	+ = 2.4
92	+
93	+ Corrected some bugs

style.css ADDED Viewed

	@@ -0,0 +1,146 @@


1	+ input.submit {
2	+ cursor: pointer;
3	+ width: 100%;
4	+ position: relative;
5	+ height: 25px;
6	+ background-color: #2E68C5;
7	+ border-radius: 4px;
8	+ color: #fff;
9	+ }
10	+ .submit:hover {
11	+ background-color: #9B9D9E;
12	+ color: #fff;
13	+ }
14	+ #overlay {
15	+ position: fixed;
16	+ top: 0;
17	+ left: 0;
18	+ width: 100%;
19	+ height: 100%;
20	+ background-color: #000;
21	+ filter:alpha(opacity=70);
22	+ -moz-opacity:0.7;
23	+ -khtml-opacity: 0.7;
24	+ opacity: 0.7;
25	+ z-index: 100;
26	+ display: none;
27	+ }
28	+ .popup_box a{
29	+ text-decoration: none;
30	+ }
31	+ .popup{
32	+ width: 100%;
33	+ margin: 0 auto;
34	+ display: none;
35	+ position: fixed;
36	+ z-index: 101;
37	+ }
38	+ .captcha_form{
39	+ width: 250px;
40	+ margin: auto;
41	+ }
42	+ .popup_box{
43	+ min-width: 300px;
44	+ width: 300px;
45	+ min-height: 150px;
46	+ margin: 100px auto;
47	+ background: #f3f3f3;
48	+ position: relative;
49	+ z-index: 103;
50	+ padding: 10px;
51	+ border-radius: 5px;
52	+ box-shadow: 0 2px 5px #000;
53	+ }
54	+ .popup_box p{
55	+ font-size: 17px;
56	+ clear: both;
57	+ color: #555555;
58	+ text-align: center;
59	+ }
60	+ .popup_box p a{
61	+ color: #d91900;
62	+ font-weight: bold;
63	+ }
64	+ .popup_box .x{
65	+ float: right;
66	+ position: relative;
67	+ top: -7px;
68	+ right: -3px;
69	+ width: 9px;
70	+ }
71	+ .popup_box .x:hover{
72	+ cursor: pointer;
73	+ }
74	+ .captcha{
75	+ width:150px;
76	+ margin:0px 0px -6% 25%;
77	+ }
78	+ .admin_menu{
79	+ border-radius: 4px;
80	+ -moz-border-radius: 4px;
81	+ -webkit-border-radius: 4px;
82	+ background: #E1E4DE;
83	+ color: #444;
84	+ font-size: 14px;
85	+ height: auto;
86	+ margin: 30px 15px 15px 0px;
87	+ overflow: hidden;
88	+ padding: 4px 10px 6px;
89	+ line-height: 30px;
90	+ }
91	+ .row1 {
92	+ height: 51px;
93	+ width: 430px;
94	+ }
95	+ .row2 {
96	+ height: 51px;
97	+ width: 430px;
98	+ }
99	+ .row3 {
100	+ height: 51px;
101	+ width: 430px;
102	+ }
103	+ .row4 {
104	+ width: 430px;
105	+ }
106	+ .row5 {
107	+ width: 430px;
108	+ }
109	+ input.attempts {
110	+ float: right;
111	+ }
112	+
113	+
114	+ input.delay {
115	+ float: right;
116	+ }
117	+
118	+ input.submit_admin{
119	+ cursor: pointer;
120	+ width: 100%;
121	+ position: relative;
122	+ height: 25px;
123	+ background-color: #2E68C5;
124	+ border-radius: 4px;
125	+ color: #fff;
126	+ margin: 5px 0;
127	+ -webkit-border-bottom-left-radius: 3px;
128	+ border-bottom-left-radius: 3px;
129	+ -webkit-border-bottom-right-radius: 3px;
130	+ border-bottom-right-radius: 3px;
131	+ border: none;
132	+ }
133	+ .submit_admin:hover{
134	+ background-color: #444;
135	+ }
136	+ .warn_msg{
137	+ background: #FFFFE0;
138	+ border: 1px solid #E6DB55;
139	+ padding: 5px 5px 5px 10px;
140	+ text-align: left;
141	+ border-radius: 5px;
142	+ -moz-border-radius: 5px;
143	+ -webkit-border-radius: 5px;
144	+ margin: 5px 15px 5px 0;
145	+ width: auto;
146	+ }

uninstall.php ADDED Viewed

	@@ -0,0 +1,20 @@


1	+ <?php
2	+
3	+ //if uninstall not called from WordPress exit
4	+ if ( !defined( 'WP_UNINSTALL_PLUGIN' ) ) {
5	+ exit();
6	+ }
7	+
8	+ global $wpdb;
9	+ $tablename = $wpdb->prefix."limit_login";
10	+
11	+ if($wpdb->get_var("SHOW TABLES LIKE '$tablename'") == $tablename ){
12	+ $sql = "DROP TABLE `$tablename`;";
13	+ $wpdb->query($sql);
14	+ }
15	+
16	+ //Delete options
17	+ delete_option('no_of_wp_limit_login_attepts');
18	+ delete_option( 'limit_login_attepts_delay_time');
19	+ delete_option( 'limit_login_attepts_captcha');
20	+ ?>

wp-limit-login-attempts.php ADDED Viewed

	@@ -0,0 +1,448 @@


1	+ <?php
2	+ /*
3	+ Plugin Name: WP Limit Login Attempts
4	+ Plugin URI: http://ciphercoin.com/
5	+ Description: Limit rate of login attempts and block ip temporarily . It is protecting from brute force attack.
6	+ Author: Arshid
7	+ Author URI: http://ciphercoin.com/
8	+ Text Domain: wp-limit-login-attempts
9	+ Version: 2.4.9
10	+ */
11	+
12	+ /* create or update table */
13	+ register_activation_hook(__FILE__,'wp_limit_login_update_tables');
14	+ function wp_limit_login_update_tables(){
15	+ global $wpdb;
16	+ $tablename = $wpdb->prefix."limit_login";
17	+ if($wpdb->get_var("SHOW TABLES LIKE '$tablename'") != $tablename ){
18	+
19	+ $sql = "CREATE TABLE `$tablename` (
20	+ `login_id` INT(11) NOT NULL AUTO_INCREMENT,
21	+ `login_ip` VARCHAR(100) NOT NULL,
22	+ `login_attempts` INT(11) NOT NULL,
23	+ `attempt_time` DATETIME,
24	+ `locked_time` VARCHAR(100) NOT NULL,
25	+ PRIMARY KEY (login_id)
26	+ );";
27	+
28	+ require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
29	+ dbDelta($sql);
30	+ }
31	+ //Add options
32	+ add_option( 'no_of_wp_limit_login_attepts', '5', '', 'yes' );
33	+ add_option( 'limit_login_attepts_delay_time', '10', '', 'yes' );
34	+ add_option( 'limit_login_attepts_captcha', '3', '', 'yes' );
35	+ add_option( 'limit_login_captcha', 'checked', '', 'yes');
36	+ }
37	+
38	+ /* plugin deactivation */
39	+ register_deactivation_hook(__FILE__,'wp_limit_login_deactivation');
40	+ function wp_limit_login_deactivation(){
41	+ error_log("Plugin deactivated..!");
42	+ }
43	+ /* Plugin Style */
44	+ function wp_limit_login_stylesheet() {
45	+
46	+ wp_enqueue_script( 'login_captcha_script', '//code.jquery.com/jquery-1.8.2.js',1);
47	+ wp_enqueue_style( 'login_captcha_style', plugin_dir_url( __FILE__ ) . 'style.css');
48	+ wp_enqueue_script( 'login_captcha_main_script', plugin_dir_url( __FILE__ ). 'js/main.js',2);
49	+ }
50	+ /* Plugin main functions */
51	+ add_action( 'login_enqueue_scripts', 'wp_limit_login_stylesheet');
52	+ add_action('plugins_loaded', 'wp_limit_login_init', 99999);
53	+ function wp_limit_login_init(){
54	+
55	+ function is_session_started(){
56	+ if ( php_sapi_name() !== 'cli' ) {
57	+ if ( version_compare(phpversion(), '5.4.0', '>=') ) {
58	+ return session_status() === PHP_SESSION_ACTIVE ? TRUE : FALSE;
59	+ } else {
60	+ return session_id() === '' ? FALSE : TRUE;
61	+ }
62	+ }
63	+ return FALSE;
64	+ }
65	+
66	+ if (is_session_started() === FALSE ) session_start();
67	+
68	+
69	+ add_action('login_head', 'wp_limit_login_head');
70	+ add_action('wp_login_failed', 'wp_limit_login_failed');
71	+ add_action('login_errors','wp_limit_login_errors');
72	+ add_filter( 'authenticate', 'wp_limit_login_auth_signon', 30, 3 );
73	+ add_action( 'admin_init', 'wp_limit_login_admin_init' );
74	+
75	+ function wp_limit_login_head(){
76	+
77	+ /* check captcha input */
78	+ if(!isset($_SESSION["popup_flag"])){
79	+
80	+ $_SESSION["popup_flag"] = "first" ;
81	+ }
82	+ if(isset($_GET['captcha'])){
83	+
84	+ if($_GET['captcha']== $_SESSION["wp_limit_captcha"]){
85	+
86	+ $_SESSION["popup_flag"] = "true_0152" ;
87	+
88	+ }else{
89	+
90	+ $_SESSION["popup_flag"] = "false_0152";
91	+ }
92	+ }
93	+
94	+
95	+
96	+ //pass parameters
97	+ if(get_option('limit_login_captcha','checked') != 'checked'){
98	+
99	+ $_SESSION["popup_flag"] = 'true_0152';
100	+ }
101	+
102	+
103	+
104	+ ?>
105	+ <script>var popup_flag = "<?php echo $_SESSION["popup_flag"] ?>";
106	+ </script>
107	+ <div class='popup' style="display: none;">
108	+ <div class='popup_box'>
109	+ <p class='x' id='x'> &times </p>
110	+ <p>Please enter captcha text</p>
111	+ <img class="captcha" src="<?php echo plugin_dir_url( __FILE__ ).'/captcha.php';?>" />
112	+ <form class="captcha_form" action="" method="GET">
113	+ <input type="text" placeholder="Enter here.." name="captcha">
114	+ <input class="submit" type="submit" value="Submit">
115	+ </form>
116	+
117	+ </div>
118	+ </div>
119	+ <?php }
120	+
121	+ function wp_limit_login_failed($username){
122	+
123	+ global $msg,$ip,$wpdb;
124	+ if ($_SESSION["popup_flag"] == "true_0152"){
125	+ $ip = getip();
126	+ $tablename = $wpdb->prefix."limit_login";
127	+ $tablerows = $wpdb->get_results( "SELECT `login_id`, `login_ip`,`login_attempts`,`attempt_time`,`locked_time` FROM `$tablename` WHERE `login_ip` = '$ip' ORDER BY `login_id` DESC LIMIT 1 " );
128	+
129	+ if(count($tablerows)==1){
130	+ $attempt =$tablerows[0]->login_attempts ;
131	+ $noofattmpt = get_option( 'no_of_wp_limit_login_attepts',5);
132	+ if( $attempt<=$noofattmpt){
133	+ $attempt = $attempt +1;
134	+ $update_table = array(
135	+ 'login_id' => $tablerows[0]->login_id ,
136	+ 'login_attempts' => $attempt
137	+ //'attempt_time' => date('Y-m-d G:i:s')
138	+ );
139	+ $wpdb->update($tablename,$update_table,array('login_id'=>$tablerows[0]->login_id ) );
140	+ $no_ofattmpt = $noofattmpt+1;
141	+ $remain_attempt = $no_ofattmpt - $attempt;
142	+ $msg = $remain_attempt.' attempts remaining..!';
143	+ return $msg;
144	+ }else{
145	+ if(is_numeric($tablerows[0]->locked_time)){
146	+ $attempt = $attempt +1;
147	+ $update_table = array(
148	+ 'login_id' => $tablerows[0]->login_id ,
149	+ 'login_attempts' => $attempt ,
150	+ // 'attempt_time' => date('Y-m-d G:i:s'),
151	+ 'locked_time' => date('Y-m-d G:i:s')
152	+ );
153	+ $wpdb->update($tablename,$update_table,array('login_id'=>$tablerows[0]->login_id ) );
154	+ }else{
155	+ $attempt = $attempt +1;
156	+ $update_table = array(
157	+ 'login_id' => $tablerows[0]->login_id ,
158	+ 'login_attempts' => $attempt
159	+ //'attempt_time' => date('Y-m-d G:i:s')
160	+ );
161	+ $wpdb->update($tablename,$update_table,array('login_id'=>$tablerows[0]->login_id ) );
162	+ }
163	+ $delay_time = get_option('limit_login_attepts_delay_time');
164	+ $msg = "The maximum number of login attempts has been reached. Please try again in ".$delay_time." minutes";
165	+ return $msg;
166	+ }
167	+
168	+ $time_now = date_create(date('Y-m-d G:i:s'));
169	+ $attempt_time = date_create($tablerows[0]->attempt_time);
170	+ $interval = date_diff($attempt_time, $time_now);
171	+
172	+ //if(($interval->format("%s")) <= 2){
173	+ //wp_redirect(home_url());
174	+ //exit;
175	+ //}
176	+
177	+ }else{
178	+ global $wpdb;
179	+ $tablename = $wpdb->prefix."limit_login";
180	+ $newdata = array(
181	+ 'login_ip' => $ip,
182	+ 'login_attempts' => 1 ,
183	+ 'attempt_time' => date('Y-m-d G:i:s'),
184	+ 'locked_time' =>0
185	+ );
186	+ $wpdb->insert($tablename,$newdata);
187	+ $remain_attempt = get_option('no_of_wp_limit_login_attepts',5);
188	+ $msg = $remain_attempt.' attempts remaining..!';
189	+ return $msg;
190	+ }
191	+ }else{
192	+ $_SESSION["popup_flag"] = "first";
193	+ $error = new WP_Error();
194	+ $error->remove('wp_captcha', "Sorry..! captcha");
195	+ return $error;
196	+ }
197	+
198	+ }
199	+
200	+
201	+ function wp_limit_login_admin_init(){
202	+ if(is_user_logged_in()){
203	+ global $wpdb;
204	+ $tablename = $wpdb->prefix."limit_login";
205	+ $ip = getip();
206	+ wp_limit_login_nag_ignore();
207	+ $tablerows = $wpdb->get_results( "SELECT `login_id`, `login_ip`,`login_attempts`,`locked_time` FROM `$tablename` WHERE `login_ip` = '$ip' ORDER BY `login_id` DESC LIMIT 1 " );
208	+ if(count($tablerows)==1){
209	+ $update_table = array(
210	+ 'login_id' => $tablerows[0]->login_id ,
211	+ 'login_attempts' => 0 ,
212	+ // 'attempt_time' => date('Y-m-d G:i:s'),
213	+ 'locked_time' => 0
214	+ );
215	+ $wpdb->update($tablename,$update_table,array('login_id'=>$tablerows[0]->login_id ) );
216	+ //update table
217	+ }
218	+ }
219	+ }
220	+
221	+
222	+
223	+ function wp_limit_login_errors($error){
224	+ global $msg;
225	+ $pos_first = strpos($error, 'Proxy');
226	+ $pos_second = strpos($error, 'wait');
227	+ $pos_third = strpos($error, 'captcha');
228	+ if (is_int($pos_first)) {
229	+ $error = "Sorry..! Proxy detected..!";
230	+ }else if($pos_second){
231	+ $delay_time = get_option('limit_login_attepts_delay_time',10);
232	+ $error = "Sorry..! Please wait ".$delay_time." minutes..!";
233	+ }else if($pos_third){
234	+ $error = "Sorry..! Please enter correct captcha..!";
235	+ }else{
236	+ $error = "<strong>Login Failed</strong>: Sorry..! Wrong information..! </br>".$msg;
237	+ }
238	+ return $error;
239	+
240	+ }
241	+
242	+
243	+
244	+
245	+
246	+ function wp_limit_login_auth_signon( $user, $username, $password ) {
247	+
248	+ global $ip , $msg,$wpdb;
249	+ $ip = getip();
250	+
251	+
252	+
253	+ if ( empty( $username ) \|\| empty( $password ) ) {
254	+ //do_action( 'wp_login_failed' );
255	+ }
256	+ if (isset($_SESSION["popup_flag"]) && $_SESSION["popup_flag"] == "true_0152"){
257	+
258	+ $tablename = $wpdb->prefix."limit_login";
259	+ $tablerows = $wpdb->get_results( "SELECT `login_id`, `login_ip`,`login_attempts`,`attempt_time`,`locked_time` FROM `$tablename` WHERE `login_ip` = '$ip' ORDER BY `login_id` DESC LIMIT 1 " );
260	+ if(count($tablerows)==1){
261	+ $time_now = date_create(date('Y-m-d G:i:s'));
262	+ $attempt_time = date_create($tablerows[0]->attempt_time);
263	+ $interval = date_diff($attempt_time, $time_now);
264	+
265	+ if(($interval->format("%s")) <= 1){
266	+ if(($tablerows[0]->login_attempts)!=0){
267	+ wp_redirect(home_url());
268	+ exit;
269	+ }else{
270	+ return $user;
271	+ }
272	+ }else{
273	+
274	+
275	+
276	+ $captcha_popup_attempt = get_option( 'limit_login_attepts_captcha',3);
277	+ if((($tablerows[0]->login_attempts) % $captcha_popup_attempt) == 0){
278	+ if (($tablerows[0]->login_attempts) != 0){
279	+
280	+ $attempts = $tablerows[0]->login_attempts;
281	+ $attempts = $attempts + 1;
282	+ $_SESSION["popup_flag"] = "first";
283	+ $update_table = array(
284	+ 'login_id' => $tablerows[0]->login_id ,
285	+ 'login_attempts' => $attempts ,
286	+ );
287	+ $wpdb->update($tablename,$update_table,array('login_id'=>$tablerows[0]->login_id ) );
288	+ }
289	+ }
290	+
291	+
292	+
293	+ if(!is_numeric($tablerows[0]->locked_time)){
294	+ $locked_time = date_create($tablerows[0]->locked_time);
295	+ $time_now = date_create(date('Y-m-d G:i:s'));
296	+ $interval = date_diff($locked_time, $time_now);
297	+
298	+ $delay_time = get_option('limit_login_attepts_delay_time',10);
299	+ if(($interval->format("%i")) <= $delay_time){
300	+ $msg = "Sorry..! Please wait". $delay_time." minutes..!";
301	+ $error = new WP_Error();
302	+ $error->add('wp_to_many_try', $msg);
303	+ return $error;
304	+ }else{
305	+
306	+ $update_table = array(
307	+ 'login_id' => $tablerows[0]->login_id ,
308	+ 'login_attempts' => 0 ,
309	+ 'attempt_time' => date('Y-m-d G:i:s'),
310	+ 'locked_time' => 0
311	+ );
312	+ $wpdb->update($tablename,$update_table,array('login_id'=>$tablerows[0]->login_id ) );
313	+ return $user;
314	+ }
315	+ }else{
316	+
317	+ return $user;
318	+ }
319	+
320	+ }
321	+ }else{
322	+
323	+ return $user;
324	+ }
325	+ } else{
326	+
327	+ $_SESSION["popup_flag"] = "first";
328	+ $error = new WP_Error();
329	+ $error->remove('wp_captcha', "Sorry..! captcha");
330	+ return $error;
331	+ }
332	+ }
333	+
334	+
335	+
336	+
337	+ function getip(){
338	+ if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
339	+ $ip =esc_sql($_SERVER['HTTP_CLIENT_IP']);
340	+ } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
341	+ $ip = esc_sql($_SERVER['HTTP_X_FORWARDED_FOR']);
342	+ } else {
343	+ $ip = esc_sql($_SERVER['REMOTE_ADDR']);
344	+ if($ip=='::1'){
345	+ $ip = '127.0.0.1';
346	+ }
347	+ }
348	+ return $ip;
349	+ }
350	+
351	+
352	+
353	+ function wp_limit_login_nag_ignore() {
354	+ global $current_user;
355	+ $user_id = $current_user->ID;
356	+ /* If user clicks to ignore the notice, add that to their user meta */
357	+ if ( isset($_GET['wp_limit_login_nag_ignore']) && '0' == $_GET['wp_limit_login_nag_ignore'] ) {
358	+ add_user_meta($user_id, 'wp_limit_login_nag_ignore', 'true', true);
359	+ }
360	+ }
361	+
362	+
363	+ }
364	+
365	+ //auto fill login
366	+ add_action("login_form", "wp_login_attempt_focus_start");
367	+ function wp_login_attempt_focus_start() {
368	+ ob_start("wp_login_attempt_focus_replace");
369	+ }
370	+
371	+ function wp_login_attempt_focus_replace($html) {
372	+ return preg_replace("/d.value = '';/", "", $html);
373	+ }
374	+
375	+ add_action("login_footer", "wp_login_attempt_focus_end");
376	+ function wp_login_attempt_focus_end() {
377	+ ob_end_flush();
378	+ }
379	+
380	+ /* Display a notice that can be dismissed */
381	+
382	+ add_action('admin_notices', 'wp_limit_login_admin_notice');
383	+
384	+ function wp_limit_login_admin_notice() {
385	+ global $current_user ;
386	+ $user_id = $current_user->ID;
387	+ /* Check that the user hasn't already clicked to ignore the message */
388	+ if ( ! get_user_meta($user_id, 'wp_limit_login_nag_ignore') ) {
389	+ echo '<div style="border-radius: 4px; -moz-border-radius: 4px; -webkit-border-radius: 4px; background: #EBF8A4; border: 1px solid #a2d246; color: #066711; font-size: 14px; font-weight: bold; height: auto; margin: 30px 15px 15px 0px; overflow: hidden; padding: 4px 10px 6px; line-height: 30px;"><p>';
390	+ printf(__('Your admin is protected. Light wordpress plugin - <a href="http://www.ciphercoin.com" target="_blank">CipherCoin</a> \|<a href="options-general.php?page=wp-limit-login-attempts">Settings</a> \| <a href="%1$s">Hide Notice</a>'), '?wp_limit_login_nag_ignore=0');
391	+ echo "</p></div>";
392	+ }
393	+ }
394	+
395	+ /* add menue in admin */
396	+ add_action( 'admin_menu', 'wp_limit_login_plugin_menu' );
397	+
398	+ /** Step 1. */
399	+ function wp_limit_login_plugin_menu() {
400	+ wp_enqueue_style( 'login_captcha_style', plugin_dir_url( __FILE__ ) . 'style.css');
401	+ add_options_page( 'My Plugin Options', 'WP Limit Login', 'manage_options', 'wp-limit-login-attempts', 'wp_limit_login_plugin_options' );
402	+ }
403	+
404	+ /** Step 3. */
405	+ function wp_limit_login_plugin_options() {
406	+ if ( !current_user_can( 'manage_options' ) ) {
407	+ wp_die( __( 'You do not have sufficient permissions to access this page.' ) );
408	+ }
409	+ echo '<div class="warn_msg">
410	+ <img src="'.plugin_dir_url( __FILE__ ) .'/images/warn.png""> <b>WP Limit Login attempts Lite</b>
411	+ is a fully functional but limited version of <b><a href="http://www.ciphercoin.com" target="_blank">WP Limit Login attempts Pro</a></b>. Consider upgrading to get access to all premium features and premium support.
412	+ </div>';
413	+
414	+
415	+ echo '<div class="admin_menu">';
416	+ echo '<h2>WP Limit Login Attempts</h2>';
417	+ //echo '<form method="POST" action="" >';
418	+ echo '<div class="row1"><label>Number of login attempts :</label><input disabled type="number" value="5" name="attempts" class="attempts" ></div>';
419	+
420	+ echo '<div class="row2"><label>Lockdown time in minutes:</label><input type="number" value="10" name="delay" disabled class="delay" ></div>';
421	+
422	+ echo '<div class="row3"><label>Number of attempts for captcha:</label><input disabled type="number" value="3" name="no_captcha" class="delay" ></div>';
423	+
424	+ echo '<div class="row4"><label>Enable captcha:</label>
425	+ <input class="captcha" type="checkbox" disabled name="enable_captcha" checked></div>';
426	+ echo '<div class="row5"><input type="submit" class="submit_admin" value="Submit"></div>';
427	+ //echo '</form>';
428	+ echo '</div>';
429	+
430	+ //<form method="post" action="">
431	+ //<input type="text" name
432	+ echo '<div class="warn_msg">
433	+ <img src="'.plugin_dir_url( __FILE__ ) .'/images/warn.png""> Please consider upgrading to <b><a href="http://www.ciphercoin.com" target="_blank">WP Limit Login attempts Pro</a></b> if you want to use this feature.
434	+ </div>';
435	+ }
436	+
437	+
438	+ // Add settings link on plugin page
439	+ function wp_limit_login_settings_link($links) {
440	+ $settings_link = '<a href="options-general.php?page=wp-limit-login-attempts">Settings</a>';
441	+ array_unshift($links, $settings_link);
442	+ return $links;
443	+ }
444	+
445	+ $plugin = plugin_basename(__FILE__);
446	+ add_filter("plugin_action_links_$plugin", 'wp_limit_login_settings_link' );
447	+
448	+ ?>