WPS Hide Login - Version 1.1

Version Description

  • Fix : CSRF security issue when saving option value in single site and multisite mode. Thanks to @Secupress
  • Improvement : changed option location from permalinks to general, because register_setting doesn't work on permalinks page.
  • Improvement : notice after saving is now dismissible (compatibility with WP 4.2)
  • Uninstall function is now in it's separate file uninstall.php
  • Some cleaning and reordering of code
Download this release

Release Info

Developer tabrisrp
Plugin Icon 128x128 WPS Hide Login
Version 1.1
Comparing to
See all releases

Version 1.1

Files changed (6) hide show
  1. index.php +1 -0
  2. languages/wps-hide-login-fr_FR.mo +0 -0
  3. languages/wps-hide-login-fr_FR.po +82 -0
  4. readme.txt +81 -0
  5. uninstall.php +41 -0
  6. wps-hide-login.php +491 -0
index.php ADDED
@@ -0,0 +1 @@
 
1
+ <?php // Silence is golden
languages/wps-hide-login-fr_FR.mo ADDED
Binary file
languages/wps-hide-login-fr_FR.po ADDED
@@ -0,0 +1,82 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ msgid ""
2
+ msgstr ""
3
+ "Project-Id-Version: WPS Hide Login 1.0\n"
4
+ "POT-Creation-Date: 2015-04-26 15:05+0100\n"
5
+ "PO-Revision-Date: 2015-04-26 15:05+0100\n"
6
+ "Last-Translator: Rémy Perona <remperona@gmail.com>\n"
7
+ "Language-Team: Rémy Perona <remperona@gmail.com>\n"
8
+ "Language: fr\n"
9
+ "MIME-Version: 1.0\n"
10
+ "Content-Type: text/plain; charset=UTF-8\n"
11
+ "Content-Transfer-Encoding: 8bit\n"
12
+ "X-Generator: Poedit 1.7.1\n"
13
+ "X-Poedit-Basepath: .\n"
14
+ "Plural-Forms: nplurals=2; plural=(n > 1);\n"
15
+ "X-Poedit-SourceCharset: UTF-8\n"
16
+ "X-Poedit-KeywordsList: __\n"
17
+ "X-Poedit-SearchPath-0: /Users/Yui/Sites/wordpress/wp-content/plugins/wps-hide-"
18
+ "login\n"
19
+
20
+ #: /Users/Yui/Sites/wordpress/wp-content/plugins/wps-hide-login/wps-hide-login.php:167
21
+ msgid "Please upgrade to the latest version of WordPress to activate"
22
+ msgstr "Veuillez mettre à jour WordPress dans sa dernière version pour activer"
23
+
24
+ #: /Users/Yui/Sites/wordpress/wp-content/plugins/wps-hide-login/wps-hide-login.php:167
25
+ #: /Users/Yui/Sites/wordpress/wp-content/plugins/wps-hide-login/wps-hide-login.php:183
26
+ msgid "WPS Hide Login"
27
+ msgstr "WPS Hide Login"
28
+
29
+ #: /Users/Yui/Sites/wordpress/wp-content/plugins/wps-hide-login/wps-hide-login.php:184
30
+ msgid ""
31
+ "This option allows you to set a networkwide default, which can be overridden by "
32
+ "individual sites. Simply go to to the site’s permalink settings to change the url."
33
+ msgstr ""
34
+ "Cette option vous permet de définir un réglage par défaut pour le réseau, qui peut "
35
+ "ensuite être remplacé pour chaque site individuellement. Allez simplement dans les "
36
+ "réglages des permaliens du site pour changer l'url."
37
+
38
+ #: /Users/Yui/Sites/wordpress/wp-content/plugins/wps-hide-login/wps-hide-login.php:185
39
+ #: /Users/Yui/Sites/wordpress/wp-content/plugins/wps-hide-login/wps-hide-login.php:261
40
+ #, php-format
41
+ msgid "Need help? Try the <a href=\"%s\" target=\"_blank\">support forum</a>."
42
+ msgstr ""
43
+ "Besoin d'aide ? Essayez le <a href=\"%s\" target=\"_blank\">forum d'assistance</a>."
44
+
45
+ #: /Users/Yui/Sites/wordpress/wp-content/plugins/wps-hide-login/wps-hide-login.php:188
46
+ msgid "Networkwide default"
47
+ msgstr "Réglage par défaut du réseau"
48
+
49
+ #: /Users/Yui/Sites/wordpress/wp-content/plugins/wps-hide-login/wps-hide-login.php:222
50
+ msgid "Login url"
51
+ msgstr "URL de connexion"
52
+
53
+ #: /Users/Yui/Sites/wordpress/wp-content/plugins/wps-hide-login/wps-hide-login.php:269
54
+ #, php-format
55
+ msgid "To set a networkwide default, go to <a href=\"%s\">Network Settings</a>."
56
+ msgstr ""
57
+ "Pour définir un réglage par défaut pour le réseau, allez aux <a href=\"%s"
58
+ "\">réglages du réseaux</a>."
59
+
60
+ #: /Users/Yui/Sites/wordpress/wp-content/plugins/wps-hide-login/wps-hide-login.php:301
61
+ #, php-format
62
+ msgid ""
63
+ "Your login page is now here: <strong><a href=\"%1$s\">%2$s</a></strong>. Bookmark "
64
+ "this page!"
65
+ msgstr ""
66
+ "Votre page de connexion est maintenant ici : <strong><a href=\"%1$s\">%2$s</a></"
67
+ "strong>. Mettez-la en favori !"
68
+
69
+ #: /Users/Yui/Sites/wordpress/wp-content/plugins/wps-hide-login/wps-hide-login.php:312
70
+ #: /Users/Yui/Sites/wordpress/wp-content/plugins/wps-hide-login/wps-hide-login.php:316
71
+ msgid "Settings"
72
+ msgstr "Réglages"
73
+
74
+ #: /Users/Yui/Sites/wordpress/wp-content/plugins/wps-hide-login/wps-hide-login.php:332
75
+ msgid "This feature is not enabled."
76
+ msgstr "Cette fonctionnalité n'est pas activée."
77
+
78
+ #~ msgid "Rename wp-login.php"
79
+ #~ msgstr "Rename wp-login.php"
80
+
81
+ #~ msgid "You must log in to access the admin area."
82
+ #~ msgstr "Vous devez être connecté pour accéder la zone d'administration."
readme.txt ADDED
@@ -0,0 +1,81 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ === WPS Hide Login ===
2
+
3
+ Contributors: tabrisrp, WPServeur
4
+ Tags: rename, login, wp-login, wp-login.php, custom login url
5
+ Requires at least: 4.1
6
+ Tested up to: 4.2
7
+ Stable tag: 1.1
8
+ License: GPLv2 or later
9
+ License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
+
11
+ Change wp-login.php to anything you want.
12
+
13
+ == Description ==
14
+
15
+ *WPS Hide Login* is a very light plugin that lets you easily and safely change the url of the login form to anything you want. It doesn’t literally rename or change files in core, nor does it add rewrite rules. It simply intercepts page requests and works on any WordPress website. The wp-admin directory and wp-login.php page become inaccessible, so you should bookmark or remember the url. Deactivating this plugin brings your site back exactly to the state it was before.
16
+
17
+ = Compatibility =
18
+
19
+ Requires WordPress 4.1 or higher. All login related things such as the registration form, lost password form, login widget and expired sessions just keep working.
20
+
21
+ It’s also compatible with any plugin that hooks in the login form, including
22
+
23
+ * BuddyPress,
24
+ * bbPress,
25
+ * Limit Login Attempts,
26
+ * and User Switching.
27
+
28
+ Obviously it doesn’t work with plugins that *hardcoded* wp-login.php.
29
+
30
+ Works with multisite, but not tested with subdomains. Activating it for a network allows you to set a networkwide default. Individual sites can still rename their login page to something else.
31
+
32
+ If you’re using a **page caching plugin** you should add the slug of the new login url to the list of pages not to cache. For W3 Total Cache and WP Super Cache this plugin will give you a message with a link to the field you should update.
33
+
34
+ = GitHub =
35
+
36
+ https://github.com/tabrisrp/wps-hide-login
37
+
38
+ = Description Française =
39
+ WPS Hide Login est un plugin très léger qui vous permet facilement et en toute sécurité de modifier l'URL de connexion en ce que vous voulez.
40
+
41
+ Il ne renomme pas ou ne modifie pas de fichiers dans le noyau, et n'ajoute pas de règles de réécriture. Il intercepte tout simplement les demandes de page et fonctionne sur n'importe quel site WordPress.
42
+
43
+ La page wp-login.php et le répertoire wp-admin deviennent donc inaccessibles, vous devrez donc bookmarker ou vous rappeler l'url. Désactiver ce plugin ramène tout simplement votre site à son état initial.
44
+
45
+ Compatibilité
46
+ Nécessite WordPress 4.1 ou supérieur.
47
+
48
+ Si vous utilisez un plugin de cache, vous devrez ajouter la nouvelle URL de connexion à la liste des pages à ne pas mettre en cache.
49
+
50
+ == Installation ==
51
+
52
+ 1. Go to Plugins › Add New.
53
+ 2. Search for *WPS Hide Login*.
54
+ 3. Look for this plugin, download and activate it.
55
+ 4. The page will redirect you to the settings. Change your login url there.
56
+ 5. You can change this option any time you want, just go back to Settings › General › WPS Hide Login.
57
+
58
+ == Screenshots ==
59
+ 1. Setting on single site installation
60
+ 2. Setting for network wide
61
+
62
+ == Frequently Asked Questions ==
63
+
64
+ = I forgot my login url! =
65
+
66
+ Either go to your MySQL database and look for the value of `whl_page` in the options table, or remove the `wps-hide-login` folder from your `plugins` folder, log in through wp-login.php and reinstall the plugin.
67
+
68
+ On a multisite install the `whl_page` option will be in the sitemeta table, if there is no such option in the options table.
69
+
70
+ == Changelog ==
71
+
72
+ = 1.1 =
73
+ * Fix : CSRF security issue when saving option value in single site and multisite mode. Thanks to @Secupress
74
+ * Improvement : changed option location from permalinks to general, because register_setting doesn't work on permalinks page.
75
+ * Improvement : notice after saving is now dismissible (compatibility with WP 4.2)
76
+ * Uninstall function is now in it's separate file uninstall.php
77
+ * Some cleaning and reordering of code
78
+
79
+ = 1.0 =
80
+
81
+ * Initial version. This is a fork of the Rename wp-login.php plugin, which is unmaintained https://wordpress.org/plugins/rename-wp-login/. All previous changelogs can be found there.
uninstall.php ADDED
@@ -0,0 +1,41 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * Fired when the plugin is uninstalled.
4
+ *
5
+ * @package WPS Hide Login
6
+ * @author Remy Perona <remperona@gmail.com>
7
+ * @license GPL-2.0+
8
+ * @link http://remyperona.fr
9
+ * @copyright 2015 Remy Perona
10
+ */
11
+
12
+ // If uninstall not called from WordPress, then exit
13
+ if ( ! defined( 'WP_UNINSTALL_PLUGIN' ) ) {
14
+ exit;
15
+ }
16
+
17
+ global $wpdb;
18
+
19
+ if ( is_multisite() ) {
20
+
21
+ $blogs = $wpdb->get_results( "SELECT blog_id FROM {$wpdb->blogs}", ARRAY_A );
22
+ delete_site_option('whl_page');
23
+
24
+ if ( $blogs ) {
25
+
26
+ foreach ( $blogs as $blog ) {
27
+ switch_to_blog( $blog['blog_id'] );
28
+ delete_option('whl_page');
29
+
30
+ //info: optimize table
31
+ $GLOBALS['wpdb']->query("OPTIMIZE TABLE `" .$GLOBALS['wpdb']->prefix."options`");
32
+ restore_current_blog();
33
+ }
34
+ }
35
+
36
+ } else {
37
+ delete_option('whl_page');
38
+
39
+ //info: optimize table
40
+ $GLOBALS['wpdb']->query("OPTIMIZE TABLE `" .$GLOBALS['wpdb']->prefix."options`");
41
+ }
wps-hide-login.php ADDED
@@ -0,0 +1,491 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /*
3
+ Plugin Name: WPS Hide Login
4
+ Plugin URI: https://github.com/Tabrisrp/wps-hide-login
5
+ Description: Change your login url and remove access to wp-login.php page | Change votre url de connexion et supprime l'accès à la page wp-login.php (sécurité augmentée)
6
+ Author: WPServeur
7
+ Author URI: http://profiles.wordpress.org/tabrisrp/
8
+ Version: 1.1
9
+ Text Domain: wps-hide-login
10
+ License: GPLv2 or later
11
+ License URI: http://www.gnu.org/licenses/gpl-2.0.html
12
+ */
13
+
14
+ if ( defined( 'ABSPATH' )
15
+ && ! class_exists( 'WPS_Hide_Login' ) ) {
16
+
17
+ class WPS_Hide_Login {
18
+
19
+ private $wp_login_php;
20
+
21
+ /**
22
+ * Instance of this class.
23
+ *
24
+ * @since 1.0.0
25
+ *
26
+ * @var object
27
+ */
28
+ protected static $instance = null;
29
+
30
+ private function basename() {
31
+
32
+ return plugin_basename( __FILE__ );
33
+
34
+ }
35
+
36
+ private function path() {
37
+
38
+ return trailingslashit( dirname( __FILE__ ) );
39
+
40
+ }
41
+
42
+ private function use_trailing_slashes() {
43
+
44
+ return ( '/' === substr( get_option( 'permalink_structure' ), -1, 1 ) );
45
+
46
+ }
47
+
48
+ private function user_trailingslashit( $string ) {
49
+
50
+ return $this->use_trailing_slashes()
51
+ ? trailingslashit( $string )
52
+ : untrailingslashit( $string );
53
+
54
+ }
55
+
56
+ private function wp_template_loader() {
57
+
58
+ global $pagenow;
59
+
60
+ $pagenow = 'index.php';
61
+
62
+ if ( ! defined( 'WP_USE_THEMES' ) ) {
63
+
64
+ define( 'WP_USE_THEMES', true );
65
+
66
+ }
67
+
68
+ wp();
69
+
70
+ if ( $_SERVER['REQUEST_URI'] === $this->user_trailingslashit( str_repeat( '-/', 10 ) ) ) {
71
+
72
+ $_SERVER['REQUEST_URI'] = $this->user_trailingslashit( '/wp-login-php/' );
73
+
74
+ }
75
+
76
+ require_once( ABSPATH . WPINC . '/template-loader.php' );
77
+
78
+ die;
79
+
80
+ }
81
+
82
+ private function new_login_slug() {
83
+
84
+ if ( $slug = get_option( 'whl_page' ) ) {
85
+ return $slug;
86
+ } else if ( ( is_multisite() && is_plugin_active_for_network( $this->basename() ) && ( $slug = get_site_option( 'whl_page', 'login' ) ) ) ) {
87
+ return $slug;
88
+ } else if ( $slug = 'login' ) {
89
+ return $slug;
90
+ }
91
+
92
+ }
93
+
94
+ public function new_login_url( $scheme = null ) {
95
+
96
+ if ( get_option( 'permalink_structure' ) ) {
97
+
98
+ return $this->user_trailingslashit( home_url( '/', $scheme ) . $this->new_login_slug() );
99
+
100
+ } else {
101
+
102
+ return home_url( '/', $scheme ) . '?' . $this->new_login_slug();
103
+
104
+ }
105
+
106
+ }
107
+
108
+ public function __construct() {
109
+
110
+ global $wp_version;
111
+
112
+ if ( version_compare( $wp_version, '4.0-RC1-src', '<' ) ) {
113
+ add_action( 'admin_notices', array( $this, 'admin_notices_incompatible' ) );
114
+ add_action( 'network_admin_notices', array( $this, 'admin_notices_incompatible' ) );
115
+ return;
116
+ }
117
+
118
+ register_activation_hook( $this->basename(), array( $this, 'activate' ) );
119
+
120
+ if ( is_multisite() && ! function_exists( 'is_plugin_active_for_network' ) ) {
121
+ require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
122
+ }
123
+
124
+ if ( is_multisite() && is_plugin_active_for_network( $this->basename() ) ) {
125
+ add_action( 'wpmu_options', array( $this, 'wpmu_options' ) );
126
+ add_action( 'update_wpmu_options', array( $this, 'update_wpmu_options' ) );
127
+
128
+ add_filter( 'network_admin_plugin_action_links_' . $this->basename(), array( $this, 'plugin_action_links' ) );
129
+ }
130
+
131
+ add_action( 'admin_init', array( $this, 'admin_init' ) );
132
+ add_action( 'plugins_loaded', array( $this, 'plugins_loaded' ), 1 );
133
+ add_action( 'plugins_loaded', array( $this, 'whl_load_textdomain' ), 9 );
134
+ add_action( 'admin_notices', array( $this, 'admin_notices' ) );
135
+ add_action( 'network_admin_notices', array( $this, 'admin_notices' ) );
136
+ add_action( 'wp_loaded', array( $this, 'wp_loaded' ) );
137
+
138
+ add_filter( 'plugin_action_links_' . $this->basename(), array( $this, 'plugin_action_links' ) );
139
+ add_filter( 'site_url', array( $this, 'site_url' ), 10, 4 );
140
+ add_filter( 'network_site_url', array( $this, 'network_site_url' ), 10, 3 );
141
+ add_filter( 'wp_redirect', array( $this, 'wp_redirect' ), 10, 2 );
142
+ add_filter( 'site_option_welcome_email', array( $this, 'welcome_email' ) );
143
+
144
+ remove_action( 'template_redirect', 'wp_redirect_admin_locations', 1000 );
145
+
146
+ }
147
+
148
+ /**
149
+ * Return an instance of this class.
150
+ *
151
+ * @since 1.0.0
152
+ *
153
+ * @return object A single instance of this class.
154
+ */
155
+ public static function get_instance() {
156
+
157
+ // If the single instance hasn't been set, set it now.
158
+ if ( null == self::$instance ) {
159
+ self::$instance = new self;
160
+ }
161
+
162
+ return self::$instance;
163
+ }
164
+
165
+ public function admin_notices_incompatible() {
166
+
167
+ echo '<div class="error"><p>' . __( 'Please upgrade to the latest version of WordPress to activate', 'wps-hide-login') . ' <strong>' . __( 'WPS Hide Login', 'wps-hide-login') . '</strong>.</p></div>';
168
+
169
+ }
170
+
171
+ public function activate() {
172
+
173
+ add_option( 'whl_redirect', '1' );
174
+
175
+ delete_option( 'whl_admin' );
176
+
177
+ }
178
+
179
+ public function wpmu_options() {
180
+
181
+ $out = '';
182
+
183
+ $out .= '<h3>' . __( 'WPS Hide Login', 'wps-hide-login') . '</h3>';
184
+ $out .= '<p>' . __( 'This option allows you to set a networkwide default, which can be overridden by individual sites. Simply go to to the site’s permalink settings to change the url.', 'wps-hide-login' ) . '</p>';
185
+ $out .= '<p>' . sprintf( __( 'Need help? Try the <a href="%s" target="_blank">support forum</a>.', 'wps-hide-login' ), 'http://wordpress.org/support/plugin/wps-hide-login/' ) . '</p>';
186
+ $out .= '<table class="form-table">';
187
+ $out .= '<tr valign="top">';
188
+ $out .= '<th scope="row"><label for="whl_page">' . __( 'Networkwide default', 'wps-hide-login' ) . '</label></th>';
189
+ $out .= '<td><input id="whl_page" type="text" name="whl_page" value="' . esc_attr( get_site_option( 'whl_page', 'login' ) ) . '"></td>';
190
+ $out .= '</tr>';
191
+ $out .= '</table>';
192
+
193
+ echo $out;
194
+
195
+ }
196
+
197
+ public function update_wpmu_options() {
198
+ if ( check_admin_referer( 'siteoptions' ) ) {
199
+ if ( ( $whl_page = sanitize_title_with_dashes( $_POST['whl_page'] ) )
200
+ && strpos( $whl_page, 'wp-login' ) === false
201
+ && ! in_array( $whl_page, $this->forbidden_slugs() ) ) {
202
+
203
+ update_site_option( 'whl_page', $whl_page );
204
+
205
+ }
206
+ }
207
+ }
208
+
209
+ public function admin_init() {
210
+
211
+ global $pagenow;
212
+
213
+ add_settings_section(
214
+ 'wps-hide-login-section',
215
+ 'WPS Hide Login',
216
+ array( $this, 'whl_section_desc' ),
217
+ 'general'
218
+ );
219
+
220
+ add_settings_field(
221
+ 'whl_page',
222
+ '<label for="whl_page">' . __( 'Login url', 'wps-hide-login' ) . '</label>',
223
+ array( $this, 'whl_page_input' ),
224
+ 'general',
225
+ 'wps-hide-login-section'
226
+ );
227
+
228
+ register_setting( 'general', 'whl_page', 'sanitize_title_with_dashes' );
229
+
230
+ if ( get_option( 'whl_redirect' ) ) {
231
+
232
+ delete_option( 'whl_redirect' );
233
+
234
+ if ( is_multisite()
235
+ && is_super_admin()
236
+ && is_plugin_active_for_network( $this->basename() ) ) {
237
+
238
+ $redirect = network_admin_url( 'settings.php#whl-page-input' );
239
+
240
+ } else {
241
+
242
+ $redirect = admin_url( 'options-general.php#whl-page-input' );
243
+
244
+ }
245
+
246
+ wp_safe_redirect( $redirect );
247
+
248
+ die;
249
+
250
+ }
251
+
252
+ }
253
+
254
+ public function whl_section_desc() {
255
+
256
+ $out = '';
257
+
258
+ if ( ! is_multisite()
259
+ || is_super_admin() ) {
260
+
261
+ $out .= '<p>' . sprintf( __( 'Need help? Try the <a href="%s" target="_blank">support forum</a>.', 'wps-hide-login' ), 'http://wordpress.org/support/plugin/wps-hide-login/' ) . '</p>';
262
+
263
+ }
264
+
265
+ if ( is_multisite()
266
+ && is_super_admin()
267
+ && is_plugin_active_for_network( $this->basename() ) ) {
268
+
269
+ $out .= '<p>' . sprintf( __( 'To set a networkwide default, go to <a href="%s">Network Settings</a>.', 'wps-hide-login' ), network_admin_url( 'settings.php#whl-page-input' ) ) . '</p>';
270
+
271
+ }
272
+
273
+ echo $out;
274
+
275
+ }
276
+
277
+ public function whl_page_input() {
278
+
279
+ if ( get_option( 'permalink_structure' ) ) {
280
+
281
+ echo '<code>' . trailingslashit( home_url() ) . '</code> <input id="whl_page" type="text" name="whl_page" value="' . $this->new_login_slug() . '">' . ( $this->use_trailing_slashes() ? ' <code>/</code>' : '' );
282
+
283
+ } else {
284
+
285
+ echo '<code>' . trailingslashit( home_url() ) . '?</code> <input id="whl_page" type="text" name="whl_page" value="' . $this->new_login_slug() . '">';
286
+
287
+ }
288
+
289
+ }
290
+
291
+ public function admin_notices() {
292
+
293
+ global $pagenow;
294
+
295
+ $out = '';
296
+
297
+ if ( ! is_network_admin()
298
+ && $pagenow === 'options-general.php'
299
+ && isset( $_GET['settings-updated'] ) ) {
300
+
301
+ echo '<div class="updated notice is-dismissible"><p>' . sprintf( __( 'Your login page is now here: <strong><a href="%1$s">%2$s</a></strong>. Bookmark this page!', 'wps-hide-login' ), $this->new_login_url(), $this->new_login_url() ) . '</p></div>';
302
+
303
+ }
304
+
305
+ }
306
+
307
+ public function plugin_action_links( $links ) {
308
+
309
+ if ( is_network_admin()
310
+ && is_plugin_active_for_network( $this->basename() ) ) {
311
+
312
+ array_unshift( $links, '<a href="' . network_admin_url( 'settings.php#whl-page-input' ) . '">' . __( 'Settings', 'wps-hide-login' ) . '</a>' );
313
+
314
+ } elseif ( ! is_network_admin() ) {
315
+
316
+ array_unshift( $links, '<a href="' . admin_url( 'options-general.php#whl-page-input' ) . '">' . __( 'Settings', 'wps-hide-login' ) . '</a>' );
317
+
318
+ }
319
+
320
+ return $links;
321
+
322
+ }
323
+
324
+ public function plugins_loaded() {
325
+
326
+ global $pagenow;
327
+
328
+ if ( ! is_multisite()
329
+ && ( strpos( $_SERVER['REQUEST_URI'], 'wp-signup' ) !== false
330
+ || strpos( $_SERVER['REQUEST_URI'], 'wp-activate' ) ) !== false ) {
331
+
332
+ wp_die( __( 'This feature is not enabled.', 'wps-hide-login' ) );
333
+
334
+ }
335
+
336
+ $request = parse_url( $_SERVER['REQUEST_URI'] );
337
+
338
+ if ( ( strpos( $_SERVER['REQUEST_URI'], 'wp-login.php' ) !== false
339
+ || untrailingslashit( $request['path'] ) === site_url( 'wp-login', 'relative' ) )
340
+ && ! is_admin() ) {
341
+
342
+ $this->wp_login_php = true;
343
+
344
+ $_SERVER['REQUEST_URI'] = $this->user_trailingslashit( '/' . str_repeat( '-/', 10 ) );
345
+
346
+ $pagenow = 'index.php';
347
+
348
+ } elseif ( untrailingslashit( $request['path'] ) === home_url( $this->new_login_slug(), 'relative' )
349
+ || ( ! get_option( 'permalink_structure' )
350
+ && isset( $_GET[$this->new_login_slug()] )
351
+ && empty( $_GET[$this->new_login_slug()] ) ) ) {
352
+
353
+ $pagenow = 'wp-login.php';
354
+
355
+ }
356
+
357
+ }
358
+
359
+ public function wp_loaded() {
360
+
361
+ global $pagenow;
362
+
363
+ if ( is_admin()
364
+ && ! is_user_logged_in()
365
+ && ! defined( 'DOING_AJAX' ) ) {
366
+
367
+ status_header(404);
368
+ nocache_headers();
369
+ include( get_404_template() );
370
+ exit;
371
+ }
372
+
373
+ $request = parse_url( $_SERVER['REQUEST_URI'] );
374
+
375
+ if ( $pagenow === 'wp-login.php'
376
+ && $request['path'] !== $this->user_trailingslashit( $request['path'] )
377
+ && get_option( 'permalink_structure' ) ) {
378
+
379
+ wp_safe_redirect( $this->user_trailingslashit( $this->new_login_url() )
380
+ . ( ! empty( $_SERVER['QUERY_STRING'] ) ? '?' . $_SERVER['QUERY_STRING'] : '' ) );
381
+
382
+ die;
383
+
384
+ } elseif ( $this->wp_login_php ) {
385
+
386
+ if ( ( $referer = wp_get_referer() )
387
+ && strpos( $referer, 'wp-activate.php' ) !== false
388
+ && ( $referer = parse_url( $referer ) )
389
+ && ! empty( $referer['query'] ) ) {
390
+
391
+ parse_str( $referer['query'], $referer );
392
+
393
+ if ( ! empty( $referer['key'] )
394
+ && ( $result = wpmu_activate_signup( $referer['key'] ) )
395
+ && is_wp_error( $result )
396
+ && ( $result->get_error_code() === 'already_active'
397
+ || $result->get_error_code() === 'blog_taken' ) ) {
398
+
399
+ wp_safe_redirect( $this->new_login_url()
400
+ . ( ! empty( $_SERVER['QUERY_STRING'] ) ? '?' . $_SERVER['QUERY_STRING'] : '' ) );
401
+
402
+ die;
403
+
404
+ }
405
+
406
+ }
407
+
408
+ $this->wp_template_loader();
409
+
410
+ } elseif ( $pagenow === 'wp-login.php' ) {
411
+
412
+ global $error, $interim_login, $action, $user_login;
413
+
414
+ @require_once ABSPATH . 'wp-login.php';
415
+
416
+ die;
417
+
418
+ }
419
+
420
+ }
421
+
422
+ public function site_url( $url, $path, $scheme, $blog_id ) {
423
+
424
+ return $this->filter_wp_login_php( $url, $scheme );
425
+
426
+ }
427
+
428
+ public function network_site_url( $url, $path, $scheme ) {
429
+
430
+ return $this->filter_wp_login_php( $url, $scheme );
431
+
432
+ }
433
+
434
+ public function wp_redirect( $location, $status ) {
435
+
436
+ return $this->filter_wp_login_php( $location );
437
+
438
+ }
439
+
440
+ public function filter_wp_login_php( $url, $scheme = null ) {
441
+
442
+ if ( strpos( $url, 'wp-login.php' ) !== false ) {
443
+
444
+ if ( is_ssl() ) {
445
+
446
+ $scheme = 'https';
447
+
448
+ }
449
+
450
+ $args = explode( '?', $url );
451
+
452
+ if ( isset( $args[1] ) ) {
453
+
454
+ parse_str( $args[1], $args );
455
+
456
+ $url = add_query_arg( $args, $this->new_login_url( $scheme ) );
457
+
458
+ } else {
459
+
460
+ $url = $this->new_login_url( $scheme );
461
+
462
+ }
463
+
464
+ }
465
+
466
+ return $url;
467
+
468
+ }
469
+
470
+ public function welcome_email( $value ) {
471
+
472
+ return $value = str_replace( 'wp-login.php', trailingslashit( get_site_option( 'whl_page', 'login' ) ), $value );
473
+
474
+ }
475
+
476
+ public function forbidden_slugs() {
477
+
478
+ $wp = new WP;
479
+
480
+ return array_merge( $wp->public_query_vars, $wp->private_query_vars );
481
+
482
+ }
483
+
484
+ public function whl_load_textdomain() {
485
+ load_plugin_textdomain( 'wps-hide-login', false, dirname( plugin_basename( __FILE__ ) ) . '/languages' );
486
+ }
487
+
488
+ }
489
+
490
+ add_action( 'plugins_loaded', array( 'WPS_Hide_Login', 'get_instance' ) );
491
+ }