th.guenther/kompass
1
0
Fork 0
Code Issues 96 Pull Requests Packages Projects Releases Wiki Activity

multi language support

Browse Source 
support for small devices
This commit is contained in:
Thomas Günther 2024-03-02 15:09:07 +01:00
parent 4d479cedaf
commit b3b58ce103
14 changed files with 613 additions and 339 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
assets/searchtable.js Normal file
View File

@ -0,0 +1,21 @@
function searchTable(tableId, searchField) {
var input, filter, table, tr, td, i, j, txtValue;
input = searchField;
filter = input.value.toUpperCase();
table = document.getElementById(tableId);
tr = table.getElementsByTagName("tr");
for (i = 0; i < tr.length; i++) {
td = tr[i].getElementsByTagName("td");
for (j = 0; j < td.length; j++) {
if (td[j]) {
txtValue = td[j].textContent || td[j].innerText;
if (txtValue.toUpperCase().indexOf(filter) > -1) {
tr[i].style.display = "";
break;
} else {
tr[i].style.display = "none";
}
}
}
}
}

2
assets/security.css
View File

@ -52,7 +52,7 @@
width: 80%; width: 80%;
} }
.protect-login-no-blocked-ips .bdp-kompass-no-blocked-ips
{ {
padding: 5px 10px; padding: 5px 10px;
width: 90%; width: 90%;

50
assets/wordpress-bdp.css
View File

@ -8,7 +8,7 @@ body {
#adminmenu { #adminmenu {
margin-top: 12px; margin-top: 12px;
background: #f0f0f0; background: #f0f0f0;
width: 300px; width: 300px !important;
} }
#adminmenu { #adminmenu {
@ -24,12 +24,10 @@ body {
border-color: #f0f0f0; border-color: #f0f0f0;
} }
#wpbody { #wpbody {
background-color: #f0f0f0; background-color: #f0f0f0;
position: relative; position: relative;
padding-left: 150px; padding-left: 150px;
padding-top: 25px; padding-top: 25px;
} }
@ -38,6 +36,18 @@ body {
background-color: #f0f0f0; background-color: #f0f0f0;
} }
.wp-list-table thead {
background-color: rgba(117, 151, 234, 0.6) !important;
}
.wp-list-table tbody tr:nth-child(odd) {
background-color: rgba(255, 239, 190, 0.45) !important;
}
.wp-list-table tbody tr:nth-child(even) {
background-color: #ffffff !important;
}
#wpfooter { #wpfooter {
padding-left: 150px; padding-left: 150px;
} }
@ -64,7 +74,6 @@ body {
#adminmenu li > a.menu-top:focus { #adminmenu li > a.menu-top:focus {
color: #1d4899; color: #1d4899;
border-color: #f0f0f0; border-color: #f0f0f0;
font-weight: bold; font-weight: bold;
background: linear-gradient(to right, #efefef, rgba(255, 203, 4, 0.45)); background: linear-gradient(to right, #efefef, rgba(255, 203, 4, 0.45));
border-radius: 10px; border-radius: 10px;
@ -82,13 +91,20 @@ body {
} }
.nav-tab {
border-color: rgb(128, 159, 245);
background-color: rgba(185, 203, 255, 0.84);
border-radius: 5px 5px 0 0;
}
/* Active tabs use a bottom border color that matches the page background color. */ /* Active tabs use a bottom border color that matches the page background color. */
.about-wrap .nav-tab-active, .about-wrap .nav-tab-active,
.nav-tab-active, .nav-tab-active,
.nav-tab-active:hover { .nav-tab-active:hover {
border-style: none; border-style: none;
background-color: #fff; background: linear-gradient(to right, #efefef, rgba(255, 203, 4, 0.45));
border-bottom-color: #fff; border-bottom-color: #fff;
box-shadow: 2px 2px 5px #c0c0c0;
} }
/* Admin Menu: submenu */ /* Admin Menu: submenu */
@ -101,6 +117,10 @@ body {
width: 300px; width: 300px;
} }
#adminmenu li.wp-has-submenu.wp-not-current-submenu.opensub:hover:after { #adminmenu li.wp-has-submenu.wp-not-current-submenu.opensub:hover:after {
display: none; display: none;
} }
@ -350,4 +370,24 @@ ul#adminmenu > li.current > a.current:after {
cursor: pointer; cursor: pointer;
width: 10pt; width: 10pt;
color: #a0a0a0; color: #a0a0a0;
}
@media (max-width: 720px) {
#wpbody {
padding-right: 0px;
padding-left: 0px;
}
#adminmenuback,
#adminmenuwrap,
#adminmenu {
margin-top: 12px;
background: #f0f0f0;
width: 400px !important;
}
#adminmenuback {
box-shadow: 5px 5px 10px #c0c0c0;
}
} }

3
bdp-kompass.php
View File

@ -2,7 +2,7 @@
/** /**
* Plugin Name: BdP Kompass * Plugin Name: BdP Kompass
* Description: Wordpress-Plugin zur Unterstützung von Stämmen im Bund der Pfadfinderinnen und Pfadfinder e.V. zur optimalen Verwaltung eurer Webseite * Description: Wordpress-Plugin zur Unterstützung von Stämmen im Bund der Pfadfinderinnen und Pfadfinder e.V. zur optimalen Verwaltung eurer Webseite
* Version: 4.2.1 * Version: 4.3.1
* Tags: bdp, utility, helper * Tags: bdp, utility, helper
* Requires at least: 6.0 * Requires at least: 6.0
* Requires PHP: 8.2 * Requires PHP: 8.2
@ -52,6 +52,7 @@ function register_custom_theme_directory() {
} }
function enqueue_custom_password_js() { function enqueue_custom_password_js() {
wp_enqueue_script( 'searchable-table', BDP_LV_PLUGIN_URL . '/assets/searchtable.js');
wp_enqueue_script( 'custom-password-js', BDP_LV_PLUGIN_URL . 'assets/password.js'); wp_enqueue_script( 'custom-password-js', BDP_LV_PLUGIN_URL . 'assets/password.js');
wp_localize_script( 'custom-password-js', 'php_vars', [ wp_localize_script( 'custom-password-js', 'php_vars', [
'allowed_strengths' => kompass_get_minimal_password_strength(), 'allowed_strengths' => kompass_get_minimal_password_strength(),

11
includes/WpConfigEditor.class.php
View File

@ -25,7 +25,14 @@ class WpConfigEditor extends \WP_Filesystem_Direct
public function writeConfig($value): bool public function writeConfig($value): bool
{ {
$this->put_contents(ABSPATH . self::WP_CONFIG_FILE, $value); $value = str_replace('<?php', '', $value);
$value = str_replace('<?', '', $value);
$value = str_replace('?>', '', $value);
$value = str_replace(PHP_EOL . PHP_EOL, PHP_EOL, $value);
$value = '<?php' . PHP_EOL . $value;
$this->put_contents(ABSPATH . self::WP_CONFIG_FILE, $value);
return true; return true;
} }
@ -35,7 +42,7 @@ class WpConfigEditor extends \WP_Filesystem_Direct
$configContent = $wfs->readConfig(); $configContent = $wfs->readConfig();
if (null === self::getConfigValue($key)) { if (null === self::getConfigValue($key)) {
$configContent .= "define( '$key', $value );"; $configContent .= "define( '$key', $value );" . PHP_EOL;
} }
preg_match("/define\([ ]?'($key)'\,[ ]?(.*)[ ]?\);/",$configContent, $matches); preg_match("/define\([ ]?'($key)'\,[ ]?(.*)[ ]?\);/",$configContent, $matches);

149
lang/bdp-kompass_de_DE.po
View File

@ -108,4 +108,151 @@ msgid "Change Login URL"
msgstr "Login-URL ändern" msgstr "Login-URL ändern"
msgid "Changing the default login URL of WordPress is advisable to enhance the security of your website. By default, WordPress login URLs is /wp-admin or /wp-login.php, which are easily guessed by hackers and facilitate attacks such as brute-force attacks. Changing the login URL to something unique and difficult to guess increases security since potential attackers will struggle to find the correct URL. This can help protect your website from unauthorized access and other malicious activities." msgid "Changing the default login URL of WordPress is advisable to enhance the security of your website. By default, WordPress login URLs is /wp-admin or /wp-login.php, which are easily guessed by hackers and facilitate attacks such as brute-force attacks. Changing the login URL to something unique and difficult to guess increases security since potential attackers will struggle to find the correct URL. This can help protect your website from unauthorized access and other malicious activities."
msgstr "Es ist ratsam, die Standard-Login-URL von WordPress zu ändern, um die Sicherheit deiner Website zu erhöhen. Standardmäßig lautet die Login-URL von WordPress /wp-admin oder /wp-login.php, was für Hacker leicht zu erraten ist und Angriffe wie Brute-Force-Attacken erleichtern kann. Durch Ändern der Login-URL auf etwas Einzigartiges und schwer zu erraten, erhöhst du die Sicherheit, da potenzielle Angreifer Schwierigkeiten haben werden, die richtige URL zu finden. Dies kann helfen, deine Website vor unautorisiertem Zugriff und anderen böswilligen Aktivitäten zu schützen." msgstr "Es ist ratsam, die Standard-Login-URL von WordPress zu ändern, um die Sicherheit deiner Website zu erhöhen. Standardmäßig lautet die Login-URL von WordPress /wp-admin oder /wp-login.php, was für Hacker leicht zu erraten ist und Angriffe wie Brute-Force-Attacken erleichtern kann. Durch Ändern der Login-URL auf etwas Einzigartiges und schwer zu erraten, erhöhst du die Sicherheit, da potenzielle Angreifer Schwierigkeiten haben werden, die richtige URL zu finden. Dies kann helfen, deine Website vor unautorisiertem Zugriff und anderen böswilligen Aktivitäten zu schützen."
msgid "Login-Protection"
msgstr "Login-Sicherheit"
msgid "Settings"
msgstr "Einstellungen"
msgid "There are no ip addresses blocked."
msgstr "Derzeit sind keine Adressen gesperrt."
msgid "IP address"
msgstr "IP-Adresse"
msgid "Blocked until"
msgstr "Gesperrt bis"
msgid "Actions"
msgstr "Aktionen"
msgid "The settings were saved."
msgstr "Die Einstellungen wurden gespeichert."
msgid "The ip address was released."
msgstr "Die IP-Adresse wurde freigegeben."
msgid "The list was saved."
msgstr "Die Liste wurde gespeichert."
msgid "An error occured."
msgstr "Es ist ein Fehler aufgetreten"
msgid "Options"
msgstr "Optionen"
msgid "Blocklist"
msgstr "Blocklist"
msgid "Allowlist"
msgstr "Allowlist"
msgid "Blocked IP addresses"
msgstr "Gesperrte IP-Adressen"
msgid "Too many failed login attempts."
msgstr "Zu vile fehlerhafte Login-Versuche."
msgid "Please try again later."
msgstr "Bitte versuche es später erneut."
msgid "%d hour"
msgid_plural "%d hours"
msgstr[0] "%d Stunde"
msgstr[1] "%d Stunden"
msgid "Please try again in %d hour."
msgid_plural "Please try again in %d hours."
msgstr[0] "Bitte versuche es in %d Stunde noch einmal."
msgstr[1] "Bitte versuche es in %d Stunden noch einmal."
msgid "Please try again in %d minute."
msgid_plural "Please try again in %d minutes."
msgstr[0] "Bitte versuche es in %d Minute noch einmal."
msgstr[1] "Bitte versuche es in %d Minuten noch einmal."
msgid "%d minute"
msgid_plural "%d minutes"
msgstr[0] "%d Minute"
msgstr[1] "%d Minuten"
msgid "Leave blank for delete"
msgstr "Zum Löschen frei lassen"
msgid "Add ip address"
msgstr "IP-Adresse hinzufügen"
msgid "Please use line breaks to enter multiple ip addresses"
msgstr "Bitte Zeilenumbruch verwenden, um mehrere IP-Adressen einzutragen"
msgid "Maximum reps until lockout"
msgstr "Maximale Wiederholungen bis zur Sperrung"
msgid "Duration of lockout (in minutes)"
msgstr "Dauer der Sperre (in Minuten)"
msgid "Maximum number of lockouts"
msgstr "Maximale Anzahl an Sperrungen"
msgid "Long-term duration (in hours)"
msgstr "Langzeitsperre (in Stunden)"
msgid "Minimum password strength"
msgstr "Minimale Passwort-Stärke"
msgid "Page accessible via"
msgstr "Seite erreichbar über"
msgid "Handle cookies"
msgstr "Cookies verarbeiten"
msgid "Notify if blocked"
msgstr "Bei Sperrung benachrichtigen"
msgid "Failed attempts until notification"
msgstr "Fehlversuche bis zur Benachrichtigung"
msgid "E-Mail to site admin"
msgstr "E-Mail an den Webseiten-Administrator"
msgid "Direct connection"
msgstr "Direkte Verbindung"
msgid "Behind a proxy"
msgstr "Hinter einem Proxy"
msgid "Yes"
msgstr "Ja"
msgid "No"
msgstr "Nein"
msgid "Allow all password strengths"
msgstr "Alle Passwort-Stärken erlauben"
msgid "At least passwords with medium strength"
msgstr "Mindestens Passwortstärke normal"
msgid "Only allow strong passwords"
msgstr "Nur starke Passwörter erlauben"
msgid "The password does not correspond to the requirements."
msgstr "Dass Passwort entspricht nicht den Anforderungen."
msgid "Release ip address"
msgstr "IP-Adresse freigeben"
msgid "Add ip address to blocklist"
msgstr "IP-Adresse auf Blocklist setzen"
msgid "Add ip address to allowlist and release"
msgstr "IP-Adresse auf Allowlist setzen und freigeben"
msgid "Search for ip address"
msgstr "Nach IP-Adresse suchen"
msgid "Delete"
msgstr "Löschen"

393
modules/LimitLoginAttempts/Controllers/LoginHandler.php
View File

@ -5,278 +5,277 @@ namespace Bdp\Modules\LimitLoginAttempts\Controllers;
use ProtectLogin\Modules\LimitLoginAttempts\Requests\IpAddress; use ProtectLogin\Modules\LimitLoginAttempts\Requests\IpAddress;
class LoginHandler { class LoginHandler {
public const DIRECT_ADDR = 'REMOTE_ADDR'; public const DIRECT_ADDR = 'REMOTE_ADDR';
public const PROXY_ADDR = 'HTTP_X_FORWARDED_FOR'; public const PROXY_ADDR = 'HTTP_X_FORWARDED_FOR';
public function onSuccessFullLogin($user, $password) { public function onSuccessFullLogin($user, $password) {
if (!is_wp_error($user) && $this->isLoginAllowedFromIp() ) { if (!is_wp_error($user) && $this->isLoginAllowedFromIp() ) {
return $user; return $user;
} }
global $limit_login_my_error_shown; global $limit_login_my_error_shown;
$limit_login_my_error_shown = true; $limit_login_my_error_shown = true;
$error = new \WP_Error(); $error = new \WP_Error();
// This error should be the same as in "shake it" filter below // This error should be the same as in "shake it" filter below
$error->add('too_many_retries', $this->composeErrorMessage()); $error->add('too_many_retries', $this->composeErrorMessage());
return $error; return $error;
} }
public function onFailedLogin(string $username) { public function onFailedLogin(string $username) {
$ip = $this->getAddress(); $ip = $this->getAddress();
/* if currently locked-out, do not add to retries */ /* if currently locked-out, do not add to retries */
$lockouts = get_option('protect_login_limit_login_lockouts', []); $lockouts = get_option('protect_login_limit_login_lockouts', []);
if(isset($lockouts[$ip]) && time() < $lockouts[$ip]) { if(isset($lockouts[$ip]) && time() < $lockouts[$ip]) {
return; return;
} }
/* Get the arrays with retries and retries-valid information */ /* Get the arrays with retries and retries-valid information */
$retries = get_option('kompass_limit_login_retries', []); $retries = get_option('kompass_limit_login_retries', []);
$valid = get_option('kompass_limit_login_retries_valid', []); $valid = get_option('kompass_limit_login_retries_valid', []);
/* Check validity and add one to retries */ /* Check validity and add one to retries */
if (isset($retries[$ip])) { //} && isset($valid[$ip]) && time() < $valid[$ip]) { if (isset($retries[$ip])) { //} && isset($valid[$ip]) && time() < $valid[$ip]) {
$retries[$ip] ++; $retries[$ip] ++;
} else { } else {
$retries[$ip] = 1; $retries[$ip] = 1;
} }
update_option('kompass_limit_login_retries', $retries); update_option('kompass_limit_login_retries', $retries);
/* lockout? */ /* lockout? */
if($retries[$ip] % get_option('kompass_limit_login_allowed_retries', 0) != 0) { if($retries[$ip] % get_option('kompass_limit_login_allowed_retries', 0) != 0) {
return; return;
} }
$retries_long = get_option('kompass_limit_login_allowed_retries', 1) $retries_long = get_option('kompass_limit_login_allowed_retries', 1)
* get_option('kompass_limit_login_allowed_lockouts', 1); * get_option('kompass_limit_login_allowed_lockouts', 1);
if ($retries[$ip] >= $retries_long) { if ($retries[$ip] >= $retries_long) {
$lockouts[$ip] = time() + get_option('kompass_limit_login_long_duration', 86400); $lockouts[$ip] = time() + get_option('kompass_limit_login_long_duration', 86400);
} else { } else {
$lockouts[$ip] = time() + get_option('kompass_limit_login_lockout_duration', 900); $lockouts[$ip] = time() + get_option('kompass_limit_login_lockout_duration', 900);
} }
update_option('kompass_limit_login_lockouts', $lockouts); update_option('kompass_limit_login_lockouts', $lockouts);
/* do any notification */ /* do any notification */
$this->notify($username); $this->notify($username);
} }
private function notifyByEmail($user) private function notifyByEmail($user)
{ {
$ip = $this->getAddress(); $ip = $this->getAddress();
$lockouts = get_option('kompass_limit_login_lockouts', []); $lockouts = get_option('kompass_limit_login_lockouts', []);
if (!isset($lockouts[$ip])) { if (!isset($lockouts[$ip])) {
return; return;
} }
$blocked_until = $lockouts[$ip]; $blocked_until = $lockouts[$ip];
$retries = get_option('kompass_limit_login_retries', []); $retries = get_option('kompass_limit_login_retries', []);
$currentRetries = $retries[$ip]; $currentRetries = $retries[$ip];
$notify_after = get_option('kompass_limit_login_notify_email_after', 1); $notify_after = get_option('kompass_limit_login_notify_email_after', 1);
if ($currentRetries % $notify_after !== 0) { if ($currentRetries % $notify_after !== 0) {
return; return;
} }
$blogname = get_option('blogname', 'none'); $blogname = get_option('blogname', 'none');
$subject = sprintf(__("[%s] Too many failed login attempts" $subject = sprintf(__("[%s] Too many failed login attempts"
, 'limit-login-attempts') , 'limit-login-attempts')
, $blogname); , $blogname);
$message = 'Neue Sperrung auf deiner Webseite: ' . PHP_EOL . $message = 'Neue Sperrung auf deiner Webseite: ' . PHP_EOL .
'IP-Adresse: ' . $ip . PHP_EOL . 'IP-Adresse: ' . $ip . PHP_EOL .
'Gesperrt bis: ' . date('d.m.Y H:i', $blocked_until); 'Gesperrt bis: ' . date('d.m.Y H:i', $blocked_until);
$admin_email = get_option('admin_email'); $admin_email = get_option('admin_email');
wp_mail($admin_email, $subject, $message); wp_mail($admin_email, $subject, $message);
} }
/* Handle notification in event of lockout */ /* Handle notification in event of lockout */
private function notify($user) { private function notify($user) {
$args = get_option('kompass_limit_login_lockout_notify', []); $args = get_option('kompass_limit_login_lockout_notify', []);
if (!is_array($args)) { if (!is_array($args)) {
$args = [$args]; $args = [$args];
} }
foreach ($args as $mode) { foreach ($args as $mode) {
switch (trim($mode)) { switch (trim($mode)) {
case 'email': case 'email':
$this->notifyByEmail($user); $this->notifyByEmail($user);
break; break;
} }
} }
} }
private function composeErrorMessage() { private function composeErrorMessage() {
$ip = $this->getAddress(); $ip = $this->getAddress();
$lockouts = get_option('kompass_limit_login_lockouts'); $lockouts = get_option('protect_login_limit_login_lockouts');
$msg = __('<strong>ERROR</strong>: Too many failed login attempts.', 'limit-login-attempts') . ' '; $msg = __('Too many failed login attempts.', BDP_LV_PLUGIN_SLUG) . ' ';
if (!is_array($lockouts) || !isset($lockouts[$ip]) || time() >= $lockouts[$ip]) { if (!is_array($lockouts) || !isset($lockouts[$ip]) || time() >= $lockouts[$ip]) {
/* Huh? No timeout active? */ /* Huh? No timeout active? */
$msg .= __('Please try again later.', 'limit-login-attempts'); $msg .= __('Please try again later.', BDP_LV_PLUGIN_SLUG);
return $msg; return $msg;
} }
$when = ceil(($lockouts[$ip] - time()) / 60); $when = ceil(($lockouts[$ip] - time()) / 60);
if ($when > 60) { if ($when > 60) {
$when = ceil($when / 60); $when = ceil($when / 60);
$msg .= sprintf(_n('Please try again in %d hour.', 'Please try again in %d hours.', $when, 'limit-login-attempts'), $when); $msg .= sprintf(_n('Please try again in %d hour.', 'Please try again in %d hours.', $when, BDP_LV_PLUGIN_SLUG), $when);
} else { } else {
$msg .= sprintf(_n('Please try again in %d minute.', 'Please try again in %d minutes.', $when, 'limit-login-attempts'), $when); $msg .= sprintf(_n('Please try again in %d minute.', 'Please try again in %d minutes.', $when, BDP_LV_PLUGIN_SLUG), $when);
} }
return $msg; return $msg;
} }
private static function getAddress($typeName = '') { private static function getAddress($typeName = '') {
global $limitLoginAttemptsSettings; global $limitLoginAttemptsSettings;
$typeOriginal = $typeName; $typeOriginal = $typeName;
if (empty($typeName)) { if (empty($typeName)) {
$typeName = get_option('kompass_limit_loginclient_type', self::DIRECT_ADDR); $typeName = get_option('kompass_limit_loginclient_type', self::DIRECT_ADDR);
} }
if (isset($_SERVER[$typeName]) && filter_var($_SERVER[$typeName], FILTER_VALIDATE_IP)) { if (isset($_SERVER[$typeName]) && filter_var($_SERVER[$typeName], FILTER_VALIDATE_IP)) {
return $_SERVER[$typeName]; return $_SERVER[$typeName];
} }
/* /*
* Not found. Did we get proxy type from option? * Not found. Did we get proxy type from option?
* If so, try to fall back to direct address. * If so, try to fall back to direct address.
*/ */
if ( empty($typeName) && $typeOriginal == self::PROXY_ADDR if ( empty($typeName) && $typeOriginal == self::PROXY_ADDR
&& isset($_SERVER[self::DIRECT_ADDR]) && isset($_SERVER[self::DIRECT_ADDR])
&& filter_var($_SERVER[self::DIRECT_ADDR], FILTER_VALIDATE_IP)) { && filter_var($_SERVER[self::DIRECT_ADDR], FILTER_VALIDATE_IP)) {
/* /*
* NOTE: Even though we fall back to direct address -- meaning you * NOTE: Even though we fall back to direct address -- meaning you
* can get a mostly working plugin when set to PROXY mode while in * can get a mostly working plugin when set to PROXY mode while in
* fact directly connected to Internet it is not safe! * fact directly connected to Internet it is not safe!
* *
* Client can itself send HTTP_X_FORWARDED_FOR header fooling us * Client can itself send HTTP_X_FORWARDED_FOR header fooling us
* regarding which IP should be banned. * regarding which IP should be banned.
*/ */
return $_SERVER[self::DIRECT_ADDR]; return $_SERVER[self::DIRECT_ADDR];
} }
return ''; return '';
} }
public function isLoginAllowedFromIp() { public function isLoginAllowedFromIp() {
$ip = $this->getAddress(); $ip = $this->getAddress();
if (in_array($ip, get_option('kompass_limit_login_blocklist', []))) { if (in_array($ip, get_option('kompass_limit_login_blocklist', []))) {
return false; return false;
} }
if (in_array($ip, get_option('kompass_limit_login_allowlist', []))) { if (in_array($ip, get_option('kompass_limit_login_allowlist', []))) {
return true; return true;
} }
/* lockout active? */ /* lockout active? */
$lockouts = get_option('kompass_limit_login_lockouts', []); $lockouts = get_option('kompass_limit_login_lockouts', []);
return (!is_array($lockouts) || !isset($lockouts[$ip]) || time() >= $lockouts[$ip]); return (!is_array($lockouts) || !isset($lockouts[$ip]) || time() >= $lockouts[$ip]);
} }
public function checkFailedCookies($cookie_elements) { public function checkFailedCookies($cookie_elements) {
$this->clearAuthCookie(); $this->clearAuthCookie();
/* /*
* Invalid username gets counted every time. * Invalid username gets counted every time.
*/ */
$this->onFailedLogin($cookie_elements['username']); $this->onFailedLogin($cookie_elements['username']);
} }
private function clearAuthCookie() { private function clearAuthCookie() {
wp_clear_auth_cookie(); wp_clear_auth_cookie();
if (!empty($_COOKIE[AUTH_COOKIE])) { if (!empty($_COOKIE[AUTH_COOKIE])) {
$_COOKIE[AUTH_COOKIE] = ''; $_COOKIE[AUTH_COOKIE] = '';
} }
if (!empty($_COOKIE[SECURE_AUTH_COOKIE])) { if (!empty($_COOKIE[SECURE_AUTH_COOKIE])) {
$_COOKIE[SECURE_AUTH_COOKIE] = ''; $_COOKIE[SECURE_AUTH_COOKIE] = '';
} }
if (!empty($_COOKIE[LOGGED_IN_COOKIE])) { if (!empty($_COOKIE[LOGGED_IN_COOKIE])) {
$_COOKIE[LOGGED_IN_COOKIE] = ''; $_COOKIE[LOGGED_IN_COOKIE] = '';
} }
} }
public function onValidCookie($cookie_elements, $user) { public function onValidCookie($cookie_elements, $user) {
/* /*
* As all meta values get cached on user load this should not require * As all meta values get cached on user load this should not require
* any extra work for the common case of no stored value. * any extra work for the common case of no stored value.
*/ */
if (get_user_meta($user->ID, 'kompass_limit_login_previous_cookie')) { if (get_user_meta($user->ID, 'kompass_limit_login_previous_cookie')) {
delete_user_meta($user->ID, 'kompass_limit_login_previous_cookie'); delete_user_meta($user->ID, 'kompass_limit_login_previous_cookie');
} }
} }
function clearLoginCookie($cookie_elements) { function clearLoginCookie($cookie_elements) {
$this->clearAuthCookie(); $this->clearAuthCookie();
/* /*
* Under some conditions an invalid auth cookie will be used multiple * Under some conditions an invalid auth cookie will be used multiple
* times, which results in multiple failed attempts from that one * times, which results in multiple failed attempts from that one
* cookie. * cookie.
* *
* Unfortunately I've not been able to replicate this consistently and * Unfortunately I've not been able to replicate this consistently and
* thus have not been able to make sure what the exact cause is. * thus have not been able to make sure what the exact cause is.
* *
* Probably it is because a reload of for example the admin dashboard * Probably it is because a reload of for example the admin dashboard
* might result in multiple requests from the browser before the invalid * might result in multiple requests from the browser before the invalid
* cookie can be cleard. * cookie can be cleard.
* *
* Handle this by only counting the first attempt when the exact same * Handle this by only counting the first attempt when the exact same
* cookie is attempted for a user. * cookie is attempted for a user.
*/ */
extract($cookie_elements, EXTR_OVERWRITE); extract($cookie_elements, EXTR_OVERWRITE);
// Check if cookie is for a valid user // Check if cookie is for a valid user
$user = get_user_by('login', $username); $user = get_user_by('login', $username);
if (!$user) { if (!$user) {
// "shouldn't happen" for this action // "shouldn't happen" for this action
$this->onFailedLogin($username); $this->onFailedLogin($username);
return; return;
} }
$previous_cookie = get_user_meta($user->ID, 'kompass_limit_login_previous_cookie', true); $previous_cookie = get_user_meta($user->ID, 'kompass_limit_login_previous_cookie', true);
if ($previous_cookie && $previous_cookie == $cookie_elements) { if ($previous_cookie && $previous_cookie == $cookie_elements) {
// Identical cookies, ignore this attempt // Identical cookies, ignore this attempt
return; return;
} }
// Store cookie // Store cookie
if ($previous_cookie) if ($previous_cookie)
update_user_meta($user->ID, 'kompass_limit_login_previous_cookie', $cookie_elements); update_user_meta($user->ID, 'kompass_limit_login_previous_cookie', $cookie_elements);
else else
add_user_meta($user->ID, 'kompass_limit_login_previous_cookie', $cookie_elements, true); add_user_meta($user->ID, 'kompass_limit_login_previous_cookie', $cookie_elements, true);
$this->onFailedLogin($username); $this->onFailedLogin($username);
} }
public function handleCookies() { public function handleCookies() {
if ($this->isLoginAllowedFromIp()) { if ($this->isLoginAllowedFromIp()) {
return; return;
} }
$this->clearAuthCookie(); $this->clearAuthCookie();
} }
} }

115
modules/LimitLoginAttempts/Controllers/OptionsPage.php
View File

@ -8,7 +8,7 @@ class OptionsPage
public function __construct() public function __construct()
{ {
add_options_page(BDP_LV_PLUGIN_SLUG . '-limit-login-attempts', add_options_page(BDP_LV_PLUGIN_SLUG . '-limit-login-attempts',
'Protect Login', __('Login-Protection', BDP_LV_PLUGIN_SLUG),
'site-health.php', 'site-health.php',
BDP_LV_PLUGIN_SLUG . '-limit-login-attempts', BDP_LV_PLUGIN_SLUG . '-limit-login-attempts',
[$this, 'limit_login_option_page'],2048); [$this, 'limit_login_option_page'],2048);
@ -21,19 +21,52 @@ class OptionsPage
update_option('kompass_limit_login_lockouts', $allIps); update_option('kompass_limit_login_lockouts', $allIps);
} }
public static function addToBlocklist(string $ip)
{
$blockedIps = get_option('kompass_limit_login_blocklist', []);
$blockedIps[] = $ip;
update_option('kompass_limit_login_blocklist', $blockedIps);
}
public static function addToAllowlist(string $ip)
{
$allowedIps = get_option('kompass_limit_login_allowlist', []);
$allowedIps[] = $ip;
update_option('kompass_limit_login_allowlist', $allowedIps);
self::releaseIp($ip);
}
public function removeFromList(string $listType, string $ip){
update_option(
'kompass_limit_login_' . $listType,
array_diff(get_option('kompass_limit_login_' . $listType, []), [$ip])
);
}
public function getBlockedIps() public function getBlockedIps()
{ {
$ips = ''; $ips = '';
foreach (get_option('kompass_limit_login_lockouts', []) as $ip => $blockedUntil) { foreach (get_option('kompass_limit_login_lockouts', []) as $ip => $blockedUntil) {
$ips .= '<tr>' . $ips .= '<tr style="vertical-align: top;">' .
'<td style="padding-right: 10px;">' . $ip . '</td>' . '<td style="padding-right: 50px;">' . $ip . '</td>';
'<td style="padding-right: 10px;">' . date('d.m.Y H:i', $blockedUntil) . ' Uhr</td>' . if (in_array($ip, get_option('protect_login_limit_login_blocklist', []))) {
'<td> $ips .= '<td style="padding-right: 50px;">Dauerhaft blockiert</td>' .
<a href="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab4&action=release&ip=' . '<td>' .
base64_encode($ip) . '">Freigeben</a></td>' . 'Keine Aktion möglich' .
'</tr>'; '</td></tr>';
}; } else {
$ips .= '<td style="padding-right: 50px;">' . date('d.m.Y', $blockedUntil) . '<br />' . date('H:i', $blockedUntil) . ' Uhr</td>' .
'<td>
<a href="admin.php?page=kompass-limit-login-attempts&tab=tab4&action=release&ip=' .
base64_encode($ip) . '">' . __('Release ip address', BDP_LV_PLUGIN_SLUG) . '</a><br />
<a href="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab4&action=toBlock&ip=' .
base64_encode($ip) . '">' . __('Add ip address to blocklist', BDP_LV_PLUGIN_SLUG) . '</a><br />
<a href="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab4&action=toAllow&ip=' .
base64_encode($ip) . '">' . __('Add ip address to allowlist and release', BDP_LV_PLUGIN_SLUG) . '</a><br /> ' .
'</td></tr>';
};
}
return $ips; return $ips;
} }
@ -44,14 +77,14 @@ class OptionsPage
if (isset($_POST['update_options'])) { if (isset($_POST['update_options'])) {
update_settings($_POST); update_settings($_POST);
$showMessage = 'Die Einstellungen wurden gespeichert'; $showMessage = __('The settings were saved.', BDP_LV_PLUGIN_SLUG);
} }
if (isset($_GET['action']) && $_GET['action'] == 'release') { if (isset($_GET['action']) && $_GET['action'] == 'release') {
$showMessage = 'Die IP-Adresse wurde freigegeben.'; $showMessage = __('The ip address was released.', BDP_LV_PLUGIN_SLUG);
} }
if(isset($_POST['save_kompass_balist_list_type'])) { if(isset($_POST['save_kompass_balist_list_type'])) {
$showMessage = 'Die Liste wurde gespeichert.'; $showMessage = __('The list was saved.', BDP_LV_PLUGIN_SLUG);
} }
if (null !== $showMessage && $errors === false) { if (null !== $showMessage && $errors === false) {
@ -62,15 +95,26 @@ class OptionsPage
if ($errors) { if ($errors) {
echo '<div class="notice notice-error" style="padding: 5px 10px;">'; echo '<div class="notice notice-error" style="padding: 5px 10px;">';
echo 'Beim Durchführen der Aktion ist ein Fehler aufgetreten.'; echo __('An error occured.', BDP_LV_PLUGIN_SLUG);
echo '</div>'; echo '</div>';
} }
$tab = isset($_GET['tab']) ? $_GET['tab'] : 'tab1'; $tab = isset($_GET['tab']) ? $_GET['tab'] : 'tab1';
if (isset($_GET['action']) && $_GET['action'] == 'removeFromList') {
$this->removeFromList($_GET['list'], base64_decode($_GET['ip']));
if ($_GET['list'] == 'blocklist') {
$tab = 'tab2';
} else {
$tab = 'tab3';
}
}
?> ?>
<div class="wrap"> <div class="wrap">
<h1 class="wp-heading-inline">Protect Login - Einstellungen</h1> <h1 class="wp-heading-inline">
<?= __('Login-Protection', BDP_LV_PLUGIN_SLUG); ?> - <?= __('Settings', BDP_LV_PLUGIN_SLUG); ?></h1>
<hr class="wp-header-end"> <hr class="wp-header-end">
<?= kompass_print_tab_header($tab); ?> <?= kompass_print_tab_header($tab); ?>
@ -101,22 +145,39 @@ class OptionsPage
if (isset($_GET['action']) && $_GET['action'] == 'release') { if (isset($_GET['action']) && $_GET['action'] == 'release') {
$this->releaseIp(base64_decode($_GET['ip'])); $this->releaseIp(base64_decode($_GET['ip']));
} }
if (isset($_GET['action']) && $_GET['action'] == 'toBlock') {
$this->addToBlocklist(base64_decode($_GET['ip']));
}
if (isset($_GET['action']) && $_GET['action'] == 'toAllow') {
$this->addToAllowlist(base64_decode($_GET['ip']));
}
$blockedIps = $this->getBlockedIps(); $blockedIps = $this->getBlockedIps();
?> echo '<h2>'. __('Blocked IP addresses', BDP_LV_PLUGIN_SLUG) .'</h2>';
<h3>Gesperrte IPs</h3>
<?php
if (strlen($blockedIps) == 0) { if (strlen($blockedIps) == 0) {
echo '<div class="protect-login-no-blocked-ips">'; echo '<div class="bdp-kompass-no-blocked-ips">';
echo 'Derzeit sind keine Adressen gesperrt.'; echo __('There are no ip addresses blocked.', BDP_LV_PLUGIN_SLUG);
echo '</div>'; echo '</div>';
} else { ?> } else { ?>
<table> <p style="width: 100%; text-align: right">
<tr> <input type="text" id="searchInput"
<th>IP</th> onkeyup="searchTable('myTable', this)"
<th>Gesperrt bis</th> placeholder="<?=__('Search for ip address', BDP_LV_PLUGIN_SLUG); ?>">
<th>Aktion</th> </p>
</tr>
<?= $blockedIps ?> <table class="wp-list-table widefat fixed striped table-view-list" id="myTable">
<thead>
<tr>
<th scope="col" class="manage-column column-name"><?= __('IP address', BDP_LV_PLUGIN_SLUG); ?></th>
<th class="manage-column column-name"><?= __('Blocked until', BDP_LV_PLUGIN_SLUG); ?></th>
<th class="manage-column column-name"><?= __('Actions', BDP_LV_PLUGIN_SLUG); ?></th>
</tr>
</thead>
<tbody>
<?= $blockedIps ?>
</tbody>
</table> </table>
<?php <?php
} }

13
modules/LimitLoginAttempts/Views/checkbox-option.php
View File

@ -1,12 +1,11 @@
<?php <?php
function kompass_print_checkbox($settingName) { function kompass_print_checkbox(string $settingName) {
$currentSetting = get_option($settingName, []); $currentSetting = get_option($settingName, []);
if (!is_array($currentSetting)) { if (!is_array($currentSetting)) {
$currentSetting = [$currentSetting]; $currentSetting = [$currentSetting];
} }
$options = ['kompass_limit_login_lockout_notify' => [ $options = ['kompass_limit_login_lockout_notify' => [
'email' => 'E-Mail an Administrator' 'email' => __('E-Mail to site admin', BDP_LV_PLUGIN_SLUG)
], ],
]; ];
@ -16,7 +15,7 @@ function kompass_print_checkbox($settingName) {
$setting = $options[$settingName]; $setting = $options[$settingName];
foreach ($setting as $radioOption => $optionText) { foreach ($setting as $radioOption => $optionText) {
$isChecked = in_array($radioOption, $currentSetting) ? 'checked ' : '' ; $isChecked = in_array($radioOption, $currentSetting) ? 'checked ' : '' ;
echo '<input ' . echo '<input ' .
$isChecked . $isChecked .

20
modules/LimitLoginAttempts/Views/radio-option.php
View File

@ -1,19 +1,19 @@
<?php <?php
function kompass_print_radio($settingName) { function kompass_print_radio(string $settingName) {
$currentSetting = get_option($settingName); $currentSetting = get_option($settingName, '');
$options = [ $options = [
'kompass_limit_login_client_type' => [ 'kompass_limit_login_client_type' => [
'REMOTE_ADDR' => 'Direkte Verbrindung', 'REMOTE_ADDR' => __('Direct connection', BDP_LV_PLUGIN_SLUG),
'HTTP_X_FORWARDED_FOR' => 'Hinter einem Proxy' 'HTTP_X_FORWARDED_FOR' => __('Behind a proxy', BDP_LV_PLUGIN_SLUG)
], ],
'kompass_limit_login_cookies' => [ 'kompass_limit_login_cookies' => [
true => 'Ja', true => __('Yes', BDP_LV_PLUGIN_SLUG),
false => 'Nein' false => __('No', BDP_LV_PLUGIN_SLUG)
], ],
'kompass_password_minimal_strength' => [ 'kompass_password_minimal_strength' => [
'1' => 'Alle Passwörter erlauben', '1' => __('Allow all password strengths', BDP_LV_PLUGIN_SLUG),
'2' => 'Mittelstarke Passwörter', '2' => __('At least passwords with medium strength', BDP_LV_PLUGIN_SLUG),
'3' => 'Nur Starke Passwörter' '3' => __('Only allow strong passwords', BDP_LV_PLUGIN_SLUG)
] ]
]; ];
@ -30,6 +30,6 @@ function kompass_print_radio($settingName) {
name="' . $settingName . '" name="' . $settingName . '"
value="' . $radioOption . '" value="' . $radioOption . '"
id="setting_' . $settingName . '_' . $radioOption . '" />' . id="setting_' . $settingName . '_' . $radioOption . '" />' .
'<label for="setting_' . $settingName . '_' . $radioOption . '">' . $optionText . '</label> &nbsp; '; '<label for="setting_' . $settingName . '_' . $radioOption . '">' . $optionText . '</label><br />';
} }
} }

26
modules/LimitLoginAttempts/Views/tab-control.php
View File

@ -1,18 +1,18 @@
<?php <?php
function kompass_print_tab_header($activeTab = 'tab1') function kompass_print_tab_header(string $activeTab = 'tab1')
{ {
$baseUrl = 'admin.php?page=bdp-kompass-limit-login-attempts&tab='; $baseUrl = 'admin.php?page=bdp-kompass-limit-login-attempts&tab=';
return '<h2 class="nav-tab-wrapper">'. return '<h2 class="nav-tab-wrapper">'.
'<a href="' . $baseUrl . 'tab1" class="nav-tab ' . ($activeTab == 'tab1' ? 'nav-tab-active' : '') . '"> '<a href="' . $baseUrl . 'tab1" class="nav-tab ' . ($activeTab == 'tab1' ? 'nav-tab-active' : '') . '">' .
Optionen __('Options', BDP_LV_PLUGIN_SLUG) .
</a>'. '</a>'.
'<a href="' . $baseUrl . 'tab2" class="nav-tab ' . ($activeTab == 'tab2' ? 'nav-tab-active' : '') .'"> '<a href="' . $baseUrl . 'tab2" class="nav-tab ' . ($activeTab == 'tab2' ? 'nav-tab-active' : '') .'">' .
Blocklist __('Blocklist', BDP_LV_PLUGIN_SLUG) .
</a>'. '</a>'.
'<a href="' . $baseUrl . 'tab3" class="nav-tab ' . ($activeTab == 'tab3' ? 'nav-tab-active' : '') .'"> '<a href="' . $baseUrl . 'tab3" class="nav-tab ' . ($activeTab == 'tab3' ? 'nav-tab-active' : '') .'">' .
Allowlist __('Allowlist', BDP_LV_PLUGIN_SLUG) .
</a>'. '</a>'.
'<a href="' . $baseUrl . 'tab4" class="nav-tab ' . ($activeTab == 'tab4' ? 'nav-tab-active' : '') .'"> '<a href="' . $baseUrl . 'tab4" class="nav-tab ' . ($activeTab == 'tab4' ? 'nav-tab-active' : '') .'">' .
Gesperrte IPs __('Blocked IP addresses', BDP_LV_PLUGIN_SLUG) .
</a></h2>'; '</a></h2>';
} }

65
modules/LimitLoginAttempts/includes/block-and-allow-list-form.php
View File

@ -1,47 +1,56 @@
<?php <?php
function updateBlockOrAllowList($postVars)
use Bdp\Modules\LimitLoginAttempts\Controllers\OptionsPage as LimitLoginAttemptsOptions;
function updateBlockOrAllowList(array $postVars)
{ {
$listType = $postVars['save_kompass_balist_list_type']; $listType = $postVars['save_kompass_balist_list_type'];
if (count($postVars['new_ips']) == 1) {
$saveIPList = [];
if (isset($postVars['listElements'])) {
foreach ($postVars['listElements'] as $curIp) {
$curIp = trim($curIp);
if ($curIp !== '') {
$saveIPList[] = $curIp;
}
}
}
if (count($postVars['new_ips']) == 1) {
foreach (explode(PHP_EOL, $postVars['new_ips'][0]) as $newIp) { foreach (explode(PHP_EOL, $postVars['new_ips'][0]) as $newIp) {
$newIp = trim($newIp); $newIp = trim($newIp);
if ('' !== $newIp) { if ('' !== $newIp) {
$saveIPList[] = $newIp; if ($listType == 'blocklist') {
LimitLoginAttemptsOptions::addToBlocklist($newIp);
} else {
LimitLoginAttemptsOptions::addToAllowlist($newIp);
}
} }
} }
} }
update_option('kompass_limit_login_' . $listType, $saveIPList);
} }
function kompass_print_block_allow_form($listType) { function kompass_print_block_allow_form(string $listType) {
$elements = get_option('kompass_limit_login_' . $listType, []); $elements = get_option('kompass_limit_login_' . $listType, []);
?> ?>
<input type="hidden" name="save_kompass_balist_list_type" value="<?= $listType; ?>" /> <input type="hidden" name="save_kompass_balist_list_type" value="<?= $listType; ?>" />
<p style="width: 100%; text-align: right">
<?php <input type="text" id="searchInput"
foreach ($elements as $currentIp) { onkeyup="searchTable('myTable', this)"
?> placeholder="<?=__('Search for ip address', BDP_LV_PLUGIN_SLUG); ?>">
<p> </p>
<input type="text" name="listElements[]" value="<?= $currentIp ?>" style="width: 350px;" /><br /> <table class="wp-list-table widefat fixed striped table-view-list" id="myTable">
<label style="cursor: default; color: #a0a0a0; fot-size: 9pt; font-style: italic"><?= __('Zum Löschen frei lassen', BDP_LV_PLUGIN_SLUG); ?></label> <thead>
</p> <tr>
<th scope="col" class="manage-column column-name"><?= __('IP address', BDP_LV_PLUGIN_SLUG); ?></th>
<th style="width: 100px;" class="manage-column column-name"><?= __('Actions', BDP_LV_PLUGIN_SLUG); ?></th>
</tr>
</thead>
<tbody>
<?php <?php
} foreach ($elements as $currentIp) {
?> echo '<tr>';
echo '<td>' . $currentIp .'</td>';
echo '<td><a href="admin.php?page=bdp-kompass-limit-login-attempts&action=removeFromList' .
'&list=' . $listType . '&ip=' . base64_encode($currentIp) . '">'
. __('Delete', BDP_LV_PLUGIN_SLUG) . '</a></td>';
echo '</tr>';
}
?>
</tbody>
</table>
</div> </div>
<div class="kompass_setting_box"> <div class="kompass_setting_box">
<h3><?= __('IP-Adresse hinzufügen', BDP_LV_PLUGIN_SLUG); ?></h3> <h3><?= __('IP-Adresse hinzufügen', BDP_LV_PLUGIN_SLUG); ?></h3>

62
modules/LimitLoginAttempts/includes/gui_elements.php
View File

@ -1,14 +1,13 @@
<?php <?php
// Callback-Funktion für die Einstellungsseite
function custom_settings_section_callback() { function custom_settings_section_callback() {
echo '<input type="hidden" name="update_options" value="true" />'; echo '<input type="hidden" name="update_options" value="true" />';
} }
function _kompass_limit_logins_settings_callback($args) { function _kompass_limit_logins_settings_callback(array $args) {
$setting = get_option($args['setting'], null); $setting = get_option($args['setting'], null);
if (null === $setting) { if (null === $setting) {
$setting = ''; return;
} }
$value = esc_attr($setting); $value = esc_attr($setting);
@ -19,22 +18,17 @@ function _kompass_limit_logins_settings_callback($args) {
kompass_print_textbox($args['setting'], $value); kompass_print_textbox($args['setting'], $value);
} }
function _kompass_limit_logins_settings_radio_callback($args) function _kompass_limit_logins_settings_radio_callback(array $args)
{ {
kompass_print_radio($args['setting']); kompass_print_radio($args['setting']);
} }
function _kompass_limit_logins_settings_checkbox_callback($args) { function _kompass_limit_logins_settings_checkbox_callback(array $args) {
kompass_print_checkbox($args['setting']); kompass_print_checkbox($args['setting']);
} }
add_settings_section( add_settings_section(
'custom_settings_section', 'custom_settings_section',
'Optionen', __('Options', BDP_LV_PLUGIN_SLUG),
'custom_settings_section_callback', 'custom_settings_section_callback',
BDP_LV_PLUGIN_SLUG . '-limit-login-attempts' BDP_LV_PLUGIN_SLUG . '-limit-login-attempts'
); );
@ -44,73 +38,73 @@ $settings_page = BDP_LV_PLUGIN_SLUG . '-limit-login-attempts';
add_settings_field( add_settings_field(
'kompass_lla_1', 'kompass_lla_1',
'Maximale Wiederholungen', __('Maximum reps until lockout', BDP_LV_PLUGIN_SLUG),
'_kompass_limit_logins_settings_callback', '_kompass_limit_logins_settings_callback',
$settings_page, $settings_page,
'custom_settings_section', 'custom_settings_section',
['setting' => 'kompass_limit_login_allowed_retries']); ['setting' => 'kompass_limit_login_allowed_retries']);
add_settings_field( add_settings_field(
'kompass_lla_2', 'kompass_lla_2',
'Dauer der Sperre (in Minuten)', __('Duration of lockout (in minutes)', BDP_LV_PLUGIN_SLUG),
'_kompass_limit_logins_settings_callback', '_kompass_limit_logins_settings_callback',
$settings_page, $settings_page,
'custom_settings_section', 'custom_settings_section',
['setting' => 'kompass_limit_login_lockout_duration', 'unit_division' => 60 ]); ['setting' => 'kompass_limit_login_lockout_duration', 'unit_division' => 60 ]);
add_settings_field( add_settings_field(
'kompass_lla_3', 'kompass_lla_3',
'Maximale Anzahl an Sperrungen', __('Maximum number of lockouts', BDP_LV_PLUGIN_SLUG),
'_kompass_limit_logins_settings_callback', '_kompass_limit_logins_settings_callback',
$settings_page, $settings_page,
'custom_settings_section', 'custom_settings_section',
['setting' => 'kompass_limit_login_allowed_lockouts']); ['setting' => 'kompass_limit_login_allowed_lockouts']);
add_settings_field( add_settings_field(
'kompass_lla_4', 'kompass_lla_4',
'Langzeitsperre in Stunden', __('Long-term duration (in hours)', BDP_LV_PLUGIN_SLUG),
'_kompass_limit_logins_settings_callback', '_kompass_limit_logins_settings_callback',
$settings_page, $settings_page,
'custom_settings_section', 'custom_settings_section',
['setting' => 'kompass_limit_login_long_duration', 'unit_division' => 3600]); ['setting' => 'kompass_limit_login_long_duration', 'unit_division' => 3600]);
add_settings_field( add_settings_field(
'kompass_lla_5', 'kompass_lla_5',
'Mininmale Passwort-Stärke:', __('Minimum password strength', BDP_LV_PLUGIN_SLUG),
'_kompass_limit_logins_settings_radio_callback', '_kompass_limit_logins_settings_radio_callback',
$settings_page, $settings_page,
'custom_settings_section', 'custom_settings_section',
['setting' => 'kompass_password_minimal_strength']); ['setting' => 'kompass_password_minimal_strength']);
add_settings_field( add_settings_field(
'kompass_lla_6', 'kompass_lla_6',
'Seite erreichbar über:', __('Page accessible via', BDP_LV_PLUGIN_SLUG),
'_kompass_limit_logins_settings_radio_callback', '_kompass_limit_logins_settings_radio_callback',
$settings_page, $settings_page,
'custom_settings_section', 'custom_settings_section',
['setting' => 'kompass_limit_login_client_type']); ['setting' => 'kompass_limit_login_client_type']);
add_settings_field( add_settings_field(
'kompass_lla_7', 'kompass_lla_7',
'Cookies verarbeiten', __('Handle cookies', BDP_LV_PLUGIN_SLUG),
'_kompass_limit_logins_settings_radio_callback', '_kompass_limit_logins_settings_radio_callback',
$settings_page, $settings_page,
'custom_settings_section', 'custom_settings_section',
['setting' => 'kompass_limit_login_cookies']); ['setting' => 'kompass_limit_login_cookies']);
add_settings_field( add_settings_field(
'kompass_lla_8', 'kompass_lla_8',
'Bei Sperrung benachrichtigen', __('Notify if blocked', BDP_LV_PLUGIN_SLUG),
'_kompass_limit_logins_settings_checkbox_callback', '_kompass_limit_logins_settings_checkbox_callback',
$settings_page, $settings_page,
'custom_settings_section', 'custom_settings_section',
['setting' => 'kompass_limit_login_lockout_notify']); ['setting' => 'kompass_limit_login_lockout_notify']);
add_settings_field( add_settings_field(
'kompass_lla_9', 'kompass_lla_9',
'Fehlversuche bis zur Benachrichtigung', __('Failed attempts until notification', BDP_LV_PLUGIN_SLUG),
'_kompass_limit_logins_settings_callback', '_kompass_limit_logins_settings_callback',
$settings_page, $settings_page,
'custom_settings_section', 'custom_settings_section',
['setting' => 'kompass_limit_login_notify_email_after']); ['setting' => 'kompass_limit_login_notify_email_after']);

22
modules/LimitLoginAttempts/includes/validators.php
View File

@ -1,20 +1,16 @@
<?php <?php
function check_for_integer($input) { function check_for_integer(int $input) {
if (!is_numeric($input)) {
wp_die('Bitte nur Zahlen, Danke!');
}
return $input; return $input;
} }
function hours_to_seconds_converter($input) { function hours_to_seconds_converter(int $input) {
// Hier kannst du die Eingabe validieren, z.B. sicherstellen, dass es sich um eine gültige E-Mail-Adresse handelt. // Hier kannst du die Eingabe validieren, z.B. sicherstellen, dass es sich um eine gültige E-Mail-Adresse handelt.
return minutes_to_seconds_converter($input) * 60; return minutes_to_seconds_converter($input) * 60;
} }
function minutes_to_seconds_converter($input) { function minutes_to_seconds_converter(int $input) {
// Hier kannst du die Eingabe validieren, z.B. sicherstellen, dass es sich um eine gültige E-Mail-Adresse handelt.
return check_for_integer($input) * 60; return check_for_integer($input) * 60;
} }
@ -43,7 +39,7 @@ function kompass_settings_validators()
'check_for_integer'); 'check_for_integer');
} }
function update_settings($postParams) { function update_settings(array $postParams) {
$settings = ['kompass_limit_login_lockout_duration', $settings = ['kompass_limit_login_lockout_duration',
'kompass_limit_login_allowed_retries', 'kompass_limit_login_allowed_retries',
'kompass_limit_login_allowed_lockouts', 'kompass_limit_login_allowed_lockouts',
@ -55,10 +51,10 @@ function update_settings($postParams) {
'kompass_limit_login_cookies']; 'kompass_limit_login_cookies'];
foreach ($settings as $curSetting) { foreach ($settings as $curSetting) {
if (isset($postParams[$curSetting])) { if (isset($postParams[$curSetting])) {
update_option( $curSetting, $postParams[ $curSetting ] ); update_option($curSetting, $postParams[$curSetting]);
} else { } else {
update_option( $curSetting, ''); update_option($curSetting, '');
} }
} }
} }