Compare commits
No commits in common. "development-4.8.4" and "main" have entirely different histories.
developmen
...
main
@ -2,7 +2,7 @@
|
|||||||
/**
|
/**
|
||||||
* Plugin Name: BdP Kompass
|
* Plugin Name: BdP Kompass
|
||||||
* Description: Wordpress-Plugin zur Unterstützung von Stämmen im Bund der Pfadfinderinnen und Pfadfinder e.V. zur optimalen Verwaltung eurer Webseite
|
* Description: Wordpress-Plugin zur Unterstützung von Stämmen im Bund der Pfadfinderinnen und Pfadfinder e.V. zur optimalen Verwaltung eurer Webseite
|
||||||
* Version: 4.10.1
|
* Version: 4.8.3
|
||||||
* Tags: bdp, utility, helper
|
* Tags: bdp, utility, helper
|
||||||
* Requires at least: 6.0
|
* Requires at least: 6.0
|
||||||
* Requires PHP: 8.2
|
* Requires PHP: 8.2
|
||||||
@ -12,13 +12,14 @@
|
|||||||
* Text Domain: bdp-kompass
|
* Text Domain: bdp-kompass
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
use Bdp\Libs\WpConfigEditor;
|
||||||
use Bdp\Modules\EventParticipants\Controllers\MainController as EventsMain;
|
use Bdp\Modules\EventParticipants\Controllers\MainController as EventsMain;
|
||||||
use Bdp\Modules\KompassSettings\Controllers\SettingsPage as KomnpassSettings;
|
use Bdp\Modules\KompassSettings\Controllers\SettingsPage as KomnpassSettings;
|
||||||
|
use Bdp\Modules\LimitLoginAttempts\Controllers\OptionsPage as OptionsPageAlias;
|
||||||
use Bdp\Modules\Mail\Controllers\MailController;
|
use Bdp\Modules\Mail\Controllers\MailController;
|
||||||
use Bdp\Modules\Mail\Controllers\MailSettingsController;
|
use Bdp\Modules\Mail\Controllers\MailSettingsController;
|
||||||
use Bdp\Modules\Security\Security;
|
use Bdp\Modules\Security\Security;
|
||||||
use Bdp\Modules\Seo\Seo;
|
use Bdp\Modules\Seo\Seo;
|
||||||
use ProtectLogin\Modules\LimitLoginAttempts\Controllers\LoginHandler;
|
|
||||||
|
|
||||||
require_once dirname(__FILE__) . '/includes/setup.php';
|
require_once dirname(__FILE__) . '/includes/setup.php';
|
||||||
|
|
||||||
@ -32,19 +33,7 @@ function bdp_plugin_init() {
|
|||||||
Security::ProhibitBots();
|
Security::ProhibitBots();
|
||||||
Security::SetPageFilters();
|
Security::SetPageFilters();
|
||||||
|
|
||||||
if ( !file_exists( dirname( BDP_LV_STARTUP_FILE ) . '/../protect-login/protect-login.php' ) ) {
|
# WpConfigEditor::updateConfig('DISABLE_WP_CRON', true);
|
||||||
$allowed_ips = get_option('kompass_limit_login_allowlist', []);
|
|
||||||
$blocked_ips = get_option('kompass_limit_login_blocklist', []);
|
|
||||||
$lockouts = get_option('protect_login_limit_login_lockouts', []);
|
|
||||||
|
|
||||||
kompass_install_plugin('https://downloads.wordpress.org/plugin/protect-login.latest-stable.zip', 'protect-login');
|
|
||||||
|
|
||||||
update_option('protect_login_limit_login_blocklist', $blocked_ips);
|
|
||||||
update_option('protect_login_limit_login_allowlist', $allowed_ips);
|
|
||||||
foreach ($lockouts as $address => $duration) {
|
|
||||||
LoginHandler::lockout($address);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (null == get_option('kompass_already_installed', null)) {
|
if (null == get_option('kompass_already_installed', null)) {
|
||||||
Seo::setup();
|
Seo::setup();
|
||||||
@ -58,12 +47,16 @@ function bdp_plugin_init() {
|
|||||||
|
|
||||||
add_action('admin_menu', function () {
|
add_action('admin_menu', function () {
|
||||||
bdp_kompass_load_plugin_textdomain();
|
bdp_kompass_load_plugin_textdomain();
|
||||||
|
new OptionsPageAlias();
|
||||||
new KomnpassSettings();
|
new KomnpassSettings();
|
||||||
new EventsMain();
|
new EventsMain();
|
||||||
new MailController();
|
new MailController();
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
});
|
});
|
||||||
add_action('wp_ajax_bdp_kompass_show_ajax', 'bdp_kompass_load_ajax_content');
|
add_action('wp_ajax_kompass_show_ajax', 'kompass_load_ajax_content');
|
||||||
add_action('wp_ajax_nopriv_bdp_kompass_show_ajax', 'bdp_kompass_load_ajax_content');
|
add_action('wp_ajax_nopriv_kompass_show_ajax', 'kompass_load_ajax_content');
|
||||||
|
|
||||||
function register_custom_theme_directory() {
|
function register_custom_theme_directory() {
|
||||||
if (is_dir(ABSPATH . '/wp-content/themes/mareike-theme/')) {
|
if (is_dir(ABSPATH . '/wp-content/themes/mareike-theme/')) {
|
||||||
@ -79,6 +72,11 @@ function register_custom_theme_directory() {
|
|||||||
function enqueue_custom_password_js() {
|
function enqueue_custom_password_js() {
|
||||||
wp_enqueue_script( 'kompass-ajax', BDP_LV_PLUGIN_URL . '/assets/ajax.js');
|
wp_enqueue_script( 'kompass-ajax', BDP_LV_PLUGIN_URL . '/assets/ajax.js');
|
||||||
wp_enqueue_script( 'searchable-table', BDP_LV_PLUGIN_URL . '/assets/searchtable.js');
|
wp_enqueue_script( 'searchable-table', BDP_LV_PLUGIN_URL . '/assets/searchtable.js');
|
||||||
|
wp_enqueue_script( 'custom-password-js', BDP_LV_PLUGIN_URL . 'assets/password.js');
|
||||||
|
wp_localize_script( 'custom-password-js', 'php_vars', [
|
||||||
|
'allowed_strengths' => kompass_get_minimal_password_strength(),
|
||||||
|
'password_too_short_text' => 'Dass Passwort entspricht nicht den Anforderungen.'
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1,10 +1,3 @@
|
|||||||
<h4>Version 4.10.1</h4>
|
|
||||||
<ul>
|
|
||||||
<li>Replaced IP blocking by "Protect Login"</li>
|
|
||||||
<li>Replaced login redirecting by "WPS Hide login"</li>
|
|
||||||
<li>Prepared to update new kompass Version</li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
<h4>Version 4.8.3</h4>
|
<h4>Version 4.8.3</h4>
|
||||||
<ul>
|
<ul>
|
||||||
<li>Bugfix</li>
|
<li>Bugfix</li>
|
||||||
|
@ -1,11 +1,26 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
if (!isset($loginHandler)) {
|
||||||
|
$loginHandler = new \Bdp\Modules\LimitLoginAttempts\Controllers\LoginHandler();
|
||||||
|
}
|
||||||
|
|
||||||
|
add_action('wp_login_failed', [$loginHandler, 'onFailedLogin']);
|
||||||
|
add_filter('wp_authenticate_user', [$loginHandler, 'onSuccessFullLogin'], 99999, 2);
|
||||||
add_filter( 'admin_enqueue_scripts', 'enqueue_custom_password_js',10 );
|
add_filter( 'admin_enqueue_scripts', 'enqueue_custom_password_js',10 );
|
||||||
|
|
||||||
add_action('admin_init', 'kompass_admin_init');
|
add_action('admin_init', 'kompass_admin_init');
|
||||||
|
|
||||||
|
if (get_option('kompass_cookies', false)) {
|
||||||
|
$loginHandler->handleCookies();
|
||||||
|
add_action('auth_cookie_bad_username', [$loginHandler, 'checkFailedCookies']);
|
||||||
|
add_action('auth_cookie_valid', [$loginHandler, 'onValidCookie'], 10, 2);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset($_POST['save_kompass_balist_list_type'])) {
|
||||||
|
updateBlockOrAllowList($_POST);
|
||||||
|
}
|
||||||
|
|
||||||
function add_custom_admin_bar_item() {
|
function add_custom_admin_bar_item() {
|
||||||
return;
|
|
||||||
global $wp_admin_bar;
|
global $wp_admin_bar;
|
||||||
|
|
||||||
// Überprüfen, ob der Benutzer die erforderliche Berechtigung hat
|
// Überprüfen, ob der Benutzer die erforderliche Berechtigung hat
|
||||||
|
@ -1,4 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use Bdp\Modules\EventParticipants\Controllers\MemberSummaryController;
|
||||||
|
use Bdp\Modules\EventParticipants\Controllers\PrintParticipantListPdfController;
|
||||||
|
use Bdp\Modules\EventParticipants\Controllers\RegisterMemberController;
|
||||||
|
use Bdp\Modules\LimitLoginAttempts\Controllers\LoginHandler;
|
||||||
use Bdp\Libs\DatabaseHandler;
|
use Bdp\Libs\DatabaseHandler;
|
||||||
|
|
||||||
|
|
||||||
@ -36,6 +41,7 @@ require_once (BDP_LV_PLUGIN_DIR . '/modules/security/security.php');
|
|||||||
$dbHandler = new DatabaseHandler();
|
$dbHandler = new DatabaseHandler();
|
||||||
function kompass_admin_init()
|
function kompass_admin_init()
|
||||||
{
|
{
|
||||||
|
kompass_settings_validators();
|
||||||
}
|
}
|
||||||
|
|
||||||
function bdp_kompass_load_plugin_textdomain() {
|
function bdp_kompass_load_plugin_textdomain() {
|
||||||
@ -64,7 +70,7 @@ function kompass_get_age(string $birthday) : int {
|
|||||||
return $compare->y;
|
return $compare->y;
|
||||||
}
|
}
|
||||||
|
|
||||||
function bdp_kompass_load_ajax_content() {
|
function kompass_load_ajax_content() {
|
||||||
$class = 'Bdp\\Modules\\' . $_REQUEST['module'] . '\\Controllers\\AjaxRouterController';
|
$class = 'Bdp\\Modules\\' . $_REQUEST['module'] . '\\Controllers\\AjaxRouterController';
|
||||||
if (!class_exists($class)) {
|
if (!class_exists($class)) {
|
||||||
wp_die('Invalid module call: Module=' . $_REQUEST['module']);
|
wp_die('Invalid module call: Module=' . $_REQUEST['module']);
|
||||||
@ -74,7 +80,7 @@ function bdp_kompass_load_ajax_content() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
$loginHandler = new LoginHandler();
|
||||||
new BdpVersionChecker();
|
new BdpVersionChecker();
|
||||||
|
|
||||||
#add_filter( 'plugins_api', array( $class, 'info' ), 20, 3 );
|
#add_filter( 'plugins_api', array( $class, 'info' ), 20, 3 );
|
||||||
require_once dirname(__FILE__) . '/action_caller.php';
|
require_once dirname(__FILE__) . '/action_caller.php';
|
||||||
|
@ -11,7 +11,7 @@ class BdpVersionChecker
|
|||||||
|
|
||||||
public function __construct()
|
public function __construct()
|
||||||
{
|
{
|
||||||
$plugin_data = get_plugin_data( BDP_LV_STARTUP_FILE, true, false );
|
$plugin_data = get_plugin_data( BDP_LV_STARTUP_FILE );
|
||||||
$this->plugin_slug = BDP_LV_PLUGIN_SLUG;
|
$this->plugin_slug = BDP_LV_PLUGIN_SLUG;
|
||||||
$this->updateUrl = $plugin_data['UpdateURI'] . '/info.json';
|
$this->updateUrl = $plugin_data['UpdateURI'] . '/info.json';
|
||||||
$this->version = $plugin_data['Version'];
|
$this->version = $plugin_data['Version'];
|
||||||
|
281
modules/LimitLoginAttempts/Controllers/LoginHandler.php
Normal file
281
modules/LimitLoginAttempts/Controllers/LoginHandler.php
Normal file
@ -0,0 +1,281 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Bdp\Modules\LimitLoginAttempts\Controllers;
|
||||||
|
|
||||||
|
use ProtectLogin\Modules\LimitLoginAttempts\Requests\IpAddress;
|
||||||
|
|
||||||
|
class LoginHandler {
|
||||||
|
public const DIRECT_ADDR = 'REMOTE_ADDR';
|
||||||
|
public const PROXY_ADDR = 'HTTP_X_FORWARDED_FOR';
|
||||||
|
|
||||||
|
public function onSuccessFullLogin($user, $password) {
|
||||||
|
if (!is_wp_error($user) && $this->isLoginAllowedFromIp() ) {
|
||||||
|
return $user;
|
||||||
|
}
|
||||||
|
|
||||||
|
global $limit_login_my_error_shown;
|
||||||
|
$limit_login_my_error_shown = true;
|
||||||
|
|
||||||
|
$error = new \WP_Error();
|
||||||
|
// This error should be the same as in "shake it" filter below
|
||||||
|
$error->add('too_many_retries', $this->composeErrorMessage());
|
||||||
|
return $error;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function onFailedLogin(string $username) {
|
||||||
|
$ip = $this->getAddress();
|
||||||
|
|
||||||
|
/* if currently locked-out, do not add to retries */
|
||||||
|
$lockouts = get_option('protect_login_limit_login_lockouts', []);
|
||||||
|
|
||||||
|
if(isset($lockouts[$ip]) && time() < $lockouts[$ip]) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Get the arrays with retries and retries-valid information */
|
||||||
|
$retries = get_option('kompass_limit_login_retries', []);
|
||||||
|
$valid = get_option('kompass_limit_login_retries_valid', []);
|
||||||
|
|
||||||
|
/* Check validity and add one to retries */
|
||||||
|
if (isset($retries[$ip])) { //} && isset($valid[$ip]) && time() < $valid[$ip]) {
|
||||||
|
$retries[$ip] ++;
|
||||||
|
} else {
|
||||||
|
$retries[$ip] = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
update_option('kompass_limit_login_retries', $retries);
|
||||||
|
|
||||||
|
/* lockout? */
|
||||||
|
if($retries[$ip] % get_option('kompass_limit_login_allowed_retries', 0) != 0) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
$retries_long = get_option('kompass_limit_login_allowed_retries', 1)
|
||||||
|
* get_option('kompass_limit_login_allowed_lockouts', 1);
|
||||||
|
|
||||||
|
if ($retries[$ip] >= $retries_long) {
|
||||||
|
$lockouts[$ip] = time() + get_option('kompass_limit_login_long_duration', 86400);
|
||||||
|
|
||||||
|
} else {
|
||||||
|
$lockouts[$ip] = time() + get_option('kompass_limit_login_lockout_duration', 900);
|
||||||
|
}
|
||||||
|
|
||||||
|
update_option('kompass_limit_login_lockouts', $lockouts);
|
||||||
|
|
||||||
|
|
||||||
|
/* do any notification */
|
||||||
|
$this->notify($username);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
private function notifyByEmail($user)
|
||||||
|
{
|
||||||
|
$ip = $this->getAddress();
|
||||||
|
|
||||||
|
$lockouts = get_option('kompass_limit_login_lockouts', []);
|
||||||
|
if (!isset($lockouts[$ip])) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$blocked_until = $lockouts[$ip];
|
||||||
|
|
||||||
|
$retries = get_option('kompass_limit_login_retries', []);
|
||||||
|
$currentRetries = $retries[$ip];
|
||||||
|
|
||||||
|
$notify_after = get_option('kompass_limit_login_notify_email_after', 1);
|
||||||
|
if ($currentRetries % $notify_after !== 0) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$blogname = get_option('blogname', 'none');
|
||||||
|
|
||||||
|
$subject = sprintf(__("[%s] Too many failed login attempts"
|
||||||
|
, 'limit-login-attempts')
|
||||||
|
, $blogname);
|
||||||
|
|
||||||
|
$message = 'Neue Sperrung auf deiner Webseite: ' . PHP_EOL .
|
||||||
|
'IP-Adresse: ' . $ip . PHP_EOL .
|
||||||
|
'Gesperrt bis: ' . date('d.m.Y H:i', $blocked_until);
|
||||||
|
|
||||||
|
$admin_email = get_option('admin_email');
|
||||||
|
wp_mail($admin_email, $subject, $message);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Handle notification in event of lockout */
|
||||||
|
private function notify($user) {
|
||||||
|
$args = get_option('kompass_limit_login_lockout_notify', []);
|
||||||
|
if (!is_array($args)) {
|
||||||
|
$args = [$args];
|
||||||
|
}
|
||||||
|
foreach ($args as $mode) {
|
||||||
|
switch (trim($mode)) {
|
||||||
|
case 'email':
|
||||||
|
$this->notifyByEmail($user);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
private function composeErrorMessage() {
|
||||||
|
$ip = $this->getAddress();
|
||||||
|
$lockouts = get_option('protect_login_limit_login_lockouts');
|
||||||
|
|
||||||
|
$msg = __('Too many failed login attempts.', BDP_LV_PLUGIN_SLUG) . ' ';
|
||||||
|
|
||||||
|
if (!is_array($lockouts) || !isset($lockouts[$ip]) || time() >= $lockouts[$ip]) {
|
||||||
|
/* Huh? No timeout active? */
|
||||||
|
$msg .= __('Please try again later.', BDP_LV_PLUGIN_SLUG);
|
||||||
|
return $msg;
|
||||||
|
}
|
||||||
|
|
||||||
|
$when = ceil(($lockouts[$ip] - time()) / 60);
|
||||||
|
if ($when > 60) {
|
||||||
|
$when = ceil($when / 60);
|
||||||
|
$msg .= sprintf(_n('Please try again in %d hour.', 'Please try again in %d hours.', $when, BDP_LV_PLUGIN_SLUG), $when);
|
||||||
|
} else {
|
||||||
|
$msg .= sprintf(_n('Please try again in %d minute.', 'Please try again in %d minutes.', $when, BDP_LV_PLUGIN_SLUG), $when);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $msg;
|
||||||
|
}
|
||||||
|
|
||||||
|
private static function getAddress($typeName = '') {
|
||||||
|
global $limitLoginAttemptsSettings;
|
||||||
|
|
||||||
|
$typeOriginal = $typeName;
|
||||||
|
if (empty($typeName)) {
|
||||||
|
$typeName = get_option('kompass_limit_loginclient_type', self::DIRECT_ADDR);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset($_SERVER[$typeName]) && filter_var($_SERVER[$typeName], FILTER_VALIDATE_IP)) {
|
||||||
|
return $_SERVER[$typeName];
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Not found. Did we get proxy type from option?
|
||||||
|
* If so, try to fall back to direct address.
|
||||||
|
*/
|
||||||
|
if ( empty($typeName) && $typeOriginal == self::PROXY_ADDR
|
||||||
|
&& isset($_SERVER[self::DIRECT_ADDR])
|
||||||
|
&& filter_var($_SERVER[self::DIRECT_ADDR], FILTER_VALIDATE_IP)) {
|
||||||
|
|
||||||
|
/*
|
||||||
|
* NOTE: Even though we fall back to direct address -- meaning you
|
||||||
|
* can get a mostly working plugin when set to PROXY mode while in
|
||||||
|
* fact directly connected to Internet it is not safe!
|
||||||
|
*
|
||||||
|
* Client can itself send HTTP_X_FORWARDED_FOR header fooling us
|
||||||
|
* regarding which IP should be banned.
|
||||||
|
*/
|
||||||
|
|
||||||
|
return $_SERVER[self::DIRECT_ADDR];
|
||||||
|
}
|
||||||
|
|
||||||
|
return '';
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
public function isLoginAllowedFromIp() {
|
||||||
|
$ip = $this->getAddress();
|
||||||
|
|
||||||
|
if (in_array($ip, get_option('kompass_limit_login_blocklist', []))) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (in_array($ip, get_option('kompass_limit_login_allowlist', []))) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* lockout active? */
|
||||||
|
$lockouts = get_option('kompass_limit_login_lockouts', []);
|
||||||
|
return (!is_array($lockouts) || !isset($lockouts[$ip]) || time() >= $lockouts[$ip]);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function checkFailedCookies($cookie_elements) {
|
||||||
|
$this->clearAuthCookie();
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Invalid username gets counted every time.
|
||||||
|
*/
|
||||||
|
|
||||||
|
$this->onFailedLogin($cookie_elements['username']);
|
||||||
|
}
|
||||||
|
|
||||||
|
private function clearAuthCookie() {
|
||||||
|
wp_clear_auth_cookie();
|
||||||
|
|
||||||
|
if (!empty($_COOKIE[AUTH_COOKIE])) {
|
||||||
|
$_COOKIE[AUTH_COOKIE] = '';
|
||||||
|
}
|
||||||
|
if (!empty($_COOKIE[SECURE_AUTH_COOKIE])) {
|
||||||
|
$_COOKIE[SECURE_AUTH_COOKIE] = '';
|
||||||
|
}
|
||||||
|
if (!empty($_COOKIE[LOGGED_IN_COOKIE])) {
|
||||||
|
$_COOKIE[LOGGED_IN_COOKIE] = '';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public function onValidCookie($cookie_elements, $user) {
|
||||||
|
/*
|
||||||
|
* As all meta values get cached on user load this should not require
|
||||||
|
* any extra work for the common case of no stored value.
|
||||||
|
*/
|
||||||
|
|
||||||
|
if (get_user_meta($user->ID, 'kompass_limit_login_previous_cookie')) {
|
||||||
|
delete_user_meta($user->ID, 'kompass_limit_login_previous_cookie');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function clearLoginCookie($cookie_elements) {
|
||||||
|
$this->clearAuthCookie();
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Under some conditions an invalid auth cookie will be used multiple
|
||||||
|
* times, which results in multiple failed attempts from that one
|
||||||
|
* cookie.
|
||||||
|
*
|
||||||
|
* Unfortunately I've not been able to replicate this consistently and
|
||||||
|
* thus have not been able to make sure what the exact cause is.
|
||||||
|
*
|
||||||
|
* Probably it is because a reload of for example the admin dashboard
|
||||||
|
* might result in multiple requests from the browser before the invalid
|
||||||
|
* cookie can be cleard.
|
||||||
|
*
|
||||||
|
* Handle this by only counting the first attempt when the exact same
|
||||||
|
* cookie is attempted for a user.
|
||||||
|
*/
|
||||||
|
|
||||||
|
extract($cookie_elements, EXTR_OVERWRITE);
|
||||||
|
|
||||||
|
// Check if cookie is for a valid user
|
||||||
|
$user = get_user_by('login', $username);
|
||||||
|
if (!$user) {
|
||||||
|
// "shouldn't happen" for this action
|
||||||
|
$this->onFailedLogin($username);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$previous_cookie = get_user_meta($user->ID, 'kompass_limit_login_previous_cookie', true);
|
||||||
|
if ($previous_cookie && $previous_cookie == $cookie_elements) {
|
||||||
|
// Identical cookies, ignore this attempt
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Store cookie
|
||||||
|
if ($previous_cookie)
|
||||||
|
update_user_meta($user->ID, 'kompass_limit_login_previous_cookie', $cookie_elements);
|
||||||
|
else
|
||||||
|
add_user_meta($user->ID, 'kompass_limit_login_previous_cookie', $cookie_elements, true);
|
||||||
|
|
||||||
|
$this->onFailedLogin($username);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function handleCookies() {
|
||||||
|
if ($this->isLoginAllowedFromIp()) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->clearAuthCookie();
|
||||||
|
}
|
||||||
|
}
|
193
modules/LimitLoginAttempts/Controllers/OptionsPage.php
Normal file
193
modules/LimitLoginAttempts/Controllers/OptionsPage.php
Normal file
@ -0,0 +1,193 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Bdp\Modules\LimitLoginAttempts\Controllers;
|
||||||
|
|
||||||
|
class OptionsPage
|
||||||
|
{
|
||||||
|
public function __construct()
|
||||||
|
{
|
||||||
|
add_options_page(
|
||||||
|
__('Login-Protection', BDP_LV_PLUGIN_SLUG),
|
||||||
|
__('Login-Protection', BDP_LV_PLUGIN_SLUG),
|
||||||
|
'manage_options',
|
||||||
|
BDP_LV_PLUGIN_SLUG . '-limit-login-attempts',
|
||||||
|
[$this, 'limit_login_option_page'],2048);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function releaseIp($ip)
|
||||||
|
{
|
||||||
|
$allIps = get_option('kompass_limit_login_lockouts', []);
|
||||||
|
unset($allIps[$ip]);
|
||||||
|
update_option('kompass_limit_login_lockouts', $allIps);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function addToBlocklist(string $ip)
|
||||||
|
{
|
||||||
|
$blockedIps = get_option('kompass_limit_login_blocklist', []);
|
||||||
|
$blockedIps[] = $ip;
|
||||||
|
update_option('kompass_limit_login_blocklist', $blockedIps);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function addToAllowlist(string $ip)
|
||||||
|
{
|
||||||
|
$allowedIps = get_option('kompass_limit_login_allowlist', []);
|
||||||
|
$allowedIps[] = $ip;
|
||||||
|
update_option('kompass_limit_login_allowlist', $allowedIps);
|
||||||
|
self::releaseIp($ip);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function removeFromList(string $listType, string $ip){
|
||||||
|
update_option(
|
||||||
|
'kompass_limit_login_' . $listType,
|
||||||
|
array_diff(get_option('kompass_limit_login_' . $listType, []), [$ip])
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public function getBlockedIps()
|
||||||
|
{
|
||||||
|
bdp_kompass_load_plugin_textdomain();
|
||||||
|
$ips = '';
|
||||||
|
foreach (get_option('kompass_limit_login_lockouts', []) as $ip => $blockedUntil) {
|
||||||
|
$ips .= '<tr style="vertical-align: top;">' .
|
||||||
|
'<td style="padding-right: 50px;">' . $ip . '</td>';
|
||||||
|
if (in_array($ip, get_option('protect_login_limit_login_blocklist', []))) {
|
||||||
|
$ips .= '<td style="padding-right: 50px;">Dauerhaft blockiert</td>' .
|
||||||
|
'<td>' .
|
||||||
|
'Keine Aktion möglich' .
|
||||||
|
'</td></tr>';
|
||||||
|
} else {
|
||||||
|
$ips .= '<td style="padding-right: 50px;">' . date('d.m.Y', $blockedUntil) . '<br />' . date('H:i', $blockedUntil) . ' Uhr</td>' .
|
||||||
|
'<td>
|
||||||
|
<a href="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab4&action=release&ip=' .
|
||||||
|
base64_encode($ip) . '">' . __('Release ip address', BDP_LV_PLUGIN_SLUG) . '</a><br />
|
||||||
|
<a href="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab4&action=toBlock&ip=' .
|
||||||
|
base64_encode($ip) . '">' . __('Add ip address to blocklist', BDP_LV_PLUGIN_SLUG) . '</a><br />
|
||||||
|
<a href="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab4&action=toAllow&ip=' .
|
||||||
|
base64_encode($ip) . '">' . __('Add ip address to allowlist and release', BDP_LV_PLUGIN_SLUG) . '</a><br /> ' .
|
||||||
|
'</td></tr>';
|
||||||
|
};
|
||||||
|
}
|
||||||
|
return $ips;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function limit_login_option_page() {
|
||||||
|
global $errors;
|
||||||
|
bdp_kompass_load_plugin_textdomain();
|
||||||
|
$showMessage = null;
|
||||||
|
|
||||||
|
if (isset($_POST['update_options'])) {
|
||||||
|
update_settings($_POST);
|
||||||
|
$showMessage = __('The settings were saved.', BDP_LV_PLUGIN_SLUG);
|
||||||
|
}
|
||||||
|
if (isset($_GET['action']) && $_GET['action'] == 'release') {
|
||||||
|
$showMessage = __('The ip address was released.', BDP_LV_PLUGIN_SLUG);
|
||||||
|
}
|
||||||
|
|
||||||
|
if(isset($_POST['save_kompass_balist_list_type'])) {
|
||||||
|
$showMessage = __('The list was saved.', BDP_LV_PLUGIN_SLUG);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (null !== $showMessage && $errors === false) {
|
||||||
|
echo '<div class="notice notice-success" style="padding: 5px 10px;">';
|
||||||
|
echo $showMessage;
|
||||||
|
echo '</div>';
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($errors) {
|
||||||
|
echo '<div class="notice notice-error" style="padding: 5px 10px;">';
|
||||||
|
echo __('An error occured.', BDP_LV_PLUGIN_SLUG);
|
||||||
|
echo '</div>';
|
||||||
|
}
|
||||||
|
|
||||||
|
$tab = isset($_GET['tab']) ? $_GET['tab'] : 'tab1';
|
||||||
|
|
||||||
|
if (isset($_GET['action']) && $_GET['action'] == 'removeFromList') {
|
||||||
|
$this->removeFromList($_GET['list'], base64_decode($_GET['ip']));
|
||||||
|
if ($_GET['list'] == 'blocklist') {
|
||||||
|
$tab = 'tab2';
|
||||||
|
} else {
|
||||||
|
$tab = 'tab3';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
bdp_kompass_load_plugin_textdomain();
|
||||||
|
|
||||||
|
?>
|
||||||
|
|
||||||
|
<div class="wrap">
|
||||||
|
<h1 class="wp-heading-inline">
|
||||||
|
<?= __('Login-Protection', BDP_LV_PLUGIN_SLUG); ?> - <?= __('Settings', BDP_LV_PLUGIN_SLUG); ?></h1>
|
||||||
|
<hr class="wp-header-end">
|
||||||
|
<?= kompass_print_tab_header($tab); ?>
|
||||||
|
|
||||||
|
<div class="tab-content">
|
||||||
|
<?php
|
||||||
|
switch ($tab) {
|
||||||
|
case 'tab1':
|
||||||
|
echo '<form action="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab1" method="post">';
|
||||||
|
do_settings_sections(BDP_LV_PLUGIN_SLUG . '-limit-login-attempts');
|
||||||
|
submit_button();
|
||||||
|
echo '</form>';
|
||||||
|
break;
|
||||||
|
case 'tab2':
|
||||||
|
echo '<h2>Blocklist</h2>';
|
||||||
|
echo '<form action="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab2" method="post">';
|
||||||
|
kompass_print_block_allow_form('blocklist');
|
||||||
|
submit_button();
|
||||||
|
echo '</form>';
|
||||||
|
break;
|
||||||
|
case 'tab3':
|
||||||
|
echo '<h2>Allowlist</h2>';
|
||||||
|
echo '<form action="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab3" method="post">';
|
||||||
|
kompass_print_block_allow_form('allowlist');
|
||||||
|
submit_button();
|
||||||
|
echo '</form>';
|
||||||
|
break;
|
||||||
|
case 'tab4':
|
||||||
|
if (isset($_GET['action']) && $_GET['action'] == 'release') {
|
||||||
|
$this->releaseIp(base64_decode($_GET['ip']));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset($_GET['action']) && $_GET['action'] == 'toBlock') {
|
||||||
|
$this->addToBlocklist(base64_decode($_GET['ip']));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset($_GET['action']) && $_GET['action'] == 'toAllow') {
|
||||||
|
$this->addToAllowlist(base64_decode($_GET['ip']));
|
||||||
|
}
|
||||||
|
$blockedIps = $this->getBlockedIps();
|
||||||
|
echo '<h2>'. __('Blocked IP addresses', BDP_LV_PLUGIN_SLUG) .'</h2>';
|
||||||
|
|
||||||
|
if (strlen($blockedIps) == 0) {
|
||||||
|
echo '<div class="bdp-kompass-no-blocked-ips">';
|
||||||
|
echo __('There are no ip addresses blocked.', BDP_LV_PLUGIN_SLUG);
|
||||||
|
echo '</div>';
|
||||||
|
} else { ?>
|
||||||
|
<p style="width: 100%; text-align: right">
|
||||||
|
<input type="text" id="searchInput"
|
||||||
|
onkeyup="searchTable('myTable', this)"
|
||||||
|
placeholder="<?=__('Search for ip address', BDP_LV_PLUGIN_SLUG); ?>">
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<table class="wp-list-table widefat fixed striped table-view-list" id="myTable">
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th scope="col" class="manage-column column-name"><?= __('IP address', BDP_LV_PLUGIN_SLUG); ?></th>
|
||||||
|
<th class="manage-column column-name"><?= __('Blocked until', BDP_LV_PLUGIN_SLUG); ?></th>
|
||||||
|
<th class="manage-column column-name"><?= __('Actions', BDP_LV_PLUGIN_SLUG); ?></th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
<?= $blockedIps ?>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
<?php
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
?>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<?php
|
||||||
|
}
|
||||||
|
}
|
18
modules/LimitLoginAttempts/Views/tab-control.php
Normal file
18
modules/LimitLoginAttempts/Views/tab-control.php
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
<?php
|
||||||
|
function kompass_print_tab_header(string $activeTab = 'tab1')
|
||||||
|
{
|
||||||
|
$baseUrl = 'admin.php?page=bdp-kompass-limit-login-attempts&tab=';
|
||||||
|
return '<h2 class="nav-tab-wrapper">'.
|
||||||
|
'<a href="' . $baseUrl . 'tab1" class="nav-tab ' . ($activeTab == 'tab1' ? 'nav-tab-active' : '') . '">' .
|
||||||
|
__('Options', BDP_LV_PLUGIN_SLUG) .
|
||||||
|
'</a>'.
|
||||||
|
'<a href="' . $baseUrl . 'tab2" class="nav-tab ' . ($activeTab == 'tab2' ? 'nav-tab-active' : '') .'">' .
|
||||||
|
__('Blocklist', BDP_LV_PLUGIN_SLUG) .
|
||||||
|
'</a>'.
|
||||||
|
'<a href="' . $baseUrl . 'tab3" class="nav-tab ' . ($activeTab == 'tab3' ? 'nav-tab-active' : '') .'">' .
|
||||||
|
__('Allowlist', BDP_LV_PLUGIN_SLUG) .
|
||||||
|
'</a>'.
|
||||||
|
'<a href="' . $baseUrl . 'tab4" class="nav-tab ' . ($activeTab == 'tab4' ? 'nav-tab-active' : '') .'">' .
|
||||||
|
__('Blocked IP addresses', BDP_LV_PLUGIN_SLUG) .
|
||||||
|
'</a></h2>';
|
||||||
|
}
|
@ -0,0 +1,65 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
use Bdp\Modules\LimitLoginAttempts\Controllers\OptionsPage as LimitLoginAttemptsOptions;
|
||||||
|
|
||||||
|
function updateBlockOrAllowList(array $postVars)
|
||||||
|
{
|
||||||
|
$listType = $postVars['save_kompass_balist_list_type'];
|
||||||
|
if (count($postVars['new_ips']) == 1) {
|
||||||
|
foreach (explode(PHP_EOL, $postVars['new_ips'][0]) as $newIp) {
|
||||||
|
$newIp = trim($newIp);
|
||||||
|
if ('' !== $newIp) {
|
||||||
|
if ($listType == 'blocklist') {
|
||||||
|
LimitLoginAttemptsOptions::addToBlocklist($newIp);
|
||||||
|
} else {
|
||||||
|
LimitLoginAttemptsOptions::addToAllowlist($newIp);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function kompass_print_block_allow_form(string $listType) {
|
||||||
|
$elements = get_option('kompass_limit_login_' . $listType, []);
|
||||||
|
?>
|
||||||
|
|
||||||
|
<input type="hidden" name="save_kompass_balist_list_type" value="<?= $listType; ?>" />
|
||||||
|
<p style="width: 100%; text-align: right">
|
||||||
|
<input type="text" id="searchInput"
|
||||||
|
onkeyup="searchTable('myTable', this)"
|
||||||
|
placeholder="<?=__('Search for ip address', BDP_LV_PLUGIN_SLUG); ?>">
|
||||||
|
</p>
|
||||||
|
<table class="wp-list-table widefat fixed striped table-view-list" id="myTable">
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th scope="col" class="manage-column column-name"><?= __('IP address', BDP_LV_PLUGIN_SLUG); ?></th>
|
||||||
|
<th style="width: 100px;" class="manage-column column-name"><?= __('Actions', BDP_LV_PLUGIN_SLUG); ?></th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
<?php
|
||||||
|
foreach ($elements as $currentIp) {
|
||||||
|
echo '<tr>';
|
||||||
|
echo '<td>' . $currentIp .'</td>';
|
||||||
|
echo '<td><a href="admin.php?page=bdp-kompass-limit-login-attempts&action=removeFromList' .
|
||||||
|
'&list=' . $listType . '&ip=' . base64_encode($currentIp) . '">'
|
||||||
|
. __('Delete', BDP_LV_PLUGIN_SLUG) . '</a></td>';
|
||||||
|
echo '</tr>';
|
||||||
|
}
|
||||||
|
?>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
|
||||||
|
</div>
|
||||||
|
<div class="kompass_setting_box">
|
||||||
|
<h3><?= __('IP-Adresse hinzufügen', BDP_LV_PLUGIN_SLUG); ?></h3>
|
||||||
|
<p>
|
||||||
|
<textarea
|
||||||
|
placeholder="<?= __('Please use line breaks to enter multiple ips', BDP_LV_PLUGIN_SLUG); ?>"
|
||||||
|
name="new_ips[]"
|
||||||
|
style="width: 350px;" rows="5"></textarea>
|
||||||
|
</p>
|
||||||
|
</div>
|
||||||
|
<?php
|
||||||
|
}
|
102
modules/LimitLoginAttempts/includes/gui_elements.php
Normal file
102
modules/LimitLoginAttempts/includes/gui_elements.php
Normal file
@ -0,0 +1,102 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
function _kompass_limit_logins_settings_radio_callback(array $args)
|
||||||
|
{
|
||||||
|
kompass_print_radio($args['setting']);
|
||||||
|
}
|
||||||
|
function _kompass_limit_logins_settings_checkbox_callback(array $args) {
|
||||||
|
kompass_print_checkbox($args['setting']);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
bdp_kompass_load_plugin_textdomain();
|
||||||
|
add_settings_section(
|
||||||
|
'custom_settings_section',
|
||||||
|
__('Options', BDP_LV_PLUGIN_SLUG),
|
||||||
|
'kompass_prepare_form',
|
||||||
|
BDP_LV_PLUGIN_SLUG . '-limit-login-attempts'
|
||||||
|
);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
$settings_page = BDP_LV_PLUGIN_SLUG . '-limit-login-attempts';
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
add_settings_field(
|
||||||
|
'kompass_lla_1',
|
||||||
|
__('Maximum reps until lockout', BDP_LV_PLUGIN_SLUG),
|
||||||
|
'kompass_print_textbox',
|
||||||
|
$settings_page,
|
||||||
|
'custom_settings_section',
|
||||||
|
['setting' => 'kompass_limit_login_allowed_retries']);
|
||||||
|
|
||||||
|
add_settings_field(
|
||||||
|
'kompass_lla_2',
|
||||||
|
__('Duration of lockout (in minutes)', BDP_LV_PLUGIN_SLUG),
|
||||||
|
'kompass_print_textbox',
|
||||||
|
$settings_page,
|
||||||
|
'custom_settings_section',
|
||||||
|
['setting' => 'kompass_limit_login_lockout_duration', 'unit_division' => 60 ]);
|
||||||
|
|
||||||
|
add_settings_field(
|
||||||
|
'kompass_lla_3',
|
||||||
|
__('Maximum number of lockouts', BDP_LV_PLUGIN_SLUG),
|
||||||
|
'kompass_print_textbox',
|
||||||
|
$settings_page,
|
||||||
|
'custom_settings_section',
|
||||||
|
['setting' => 'kompass_limit_login_allowed_lockouts']);
|
||||||
|
|
||||||
|
add_settings_field(
|
||||||
|
'kompass_lla_4',
|
||||||
|
__('Long-term duration (in hours)', BDP_LV_PLUGIN_SLUG),
|
||||||
|
'kompass_print_textbox',
|
||||||
|
$settings_page,
|
||||||
|
'custom_settings_section',
|
||||||
|
['setting' => 'kompass_limit_login_long_duration', 'unit_division' => 3600]);
|
||||||
|
|
||||||
|
add_settings_field(
|
||||||
|
'kompass_lla_5',
|
||||||
|
__('Minimum password strength', BDP_LV_PLUGIN_SLUG),
|
||||||
|
'_kompass_limit_logins_settings_radio_callback',
|
||||||
|
$settings_page,
|
||||||
|
'custom_settings_section',
|
||||||
|
['setting' => 'kompass_password_minimal_strength']);
|
||||||
|
|
||||||
|
add_settings_field(
|
||||||
|
'kompass_lla_6',
|
||||||
|
__('Page accessible via', BDP_LV_PLUGIN_SLUG),
|
||||||
|
'_kompass_limit_logins_settings_radio_callback',
|
||||||
|
$settings_page,
|
||||||
|
'custom_settings_section',
|
||||||
|
['setting' => 'kompass_limit_login_client_type']);
|
||||||
|
|
||||||
|
add_settings_field(
|
||||||
|
'kompass_lla_7',
|
||||||
|
__('Handle cookies', BDP_LV_PLUGIN_SLUG),
|
||||||
|
'_kompass_limit_logins_settings_radio_callback',
|
||||||
|
$settings_page,
|
||||||
|
'custom_settings_section',
|
||||||
|
['setting' => 'kompass_limit_login_cookies']);
|
||||||
|
|
||||||
|
add_settings_field(
|
||||||
|
'kompass_lla_8',
|
||||||
|
__('Notify if blocked', BDP_LV_PLUGIN_SLUG),
|
||||||
|
'_kompass_limit_logins_settings_checkbox_callback',
|
||||||
|
$settings_page,
|
||||||
|
'custom_settings_section',
|
||||||
|
['setting' => 'kompass_limit_login_lockout_notify']);
|
||||||
|
|
||||||
|
add_settings_field(
|
||||||
|
'kompass_lla_9',
|
||||||
|
__('Failed attempts until notification', BDP_LV_PLUGIN_SLUG),
|
||||||
|
'kompass_print_textbox',
|
||||||
|
$settings_page,
|
||||||
|
'custom_settings_section',
|
||||||
|
['setting' => 'kompass_limit_login_notify_email_after']);
|
||||||
|
|
60
modules/LimitLoginAttempts/includes/validators.php
Normal file
60
modules/LimitLoginAttempts/includes/validators.php
Normal file
@ -0,0 +1,60 @@
|
|||||||
|
<?php
|
||||||
|
function check_for_integer(int $input) {
|
||||||
|
return $input;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
function hours_to_seconds_converter(int $input) {
|
||||||
|
// Hier kannst du die Eingabe validieren, z.B. sicherstellen, dass es sich um eine gültige E-Mail-Adresse handelt.
|
||||||
|
return minutes_to_seconds_converter($input) * 60;
|
||||||
|
}
|
||||||
|
|
||||||
|
function minutes_to_seconds_converter(int $input) {
|
||||||
|
|
||||||
|
return check_for_integer($input) * 60;
|
||||||
|
}
|
||||||
|
|
||||||
|
function kompass_settings_validators()
|
||||||
|
{
|
||||||
|
$slug = BDP_LV_PLUGIN_SLUG . '-limit-login-attempts';
|
||||||
|
|
||||||
|
register_setting($slug,
|
||||||
|
'kompass_limit_login_allowed_retries',
|
||||||
|
'check_for_integer');
|
||||||
|
|
||||||
|
register_setting($slug,
|
||||||
|
'kompass_limit_login_allowed_lockouts',
|
||||||
|
'check_for_integer');
|
||||||
|
|
||||||
|
register_setting($slug,
|
||||||
|
'kompass_limit_login_lockout_duration',
|
||||||
|
'minutes_to_seconds_converter');
|
||||||
|
|
||||||
|
register_setting($slug,
|
||||||
|
'kompass_limit_login_long_duration',
|
||||||
|
'hours_to_seconds_converter');
|
||||||
|
|
||||||
|
register_setting($slug,
|
||||||
|
'kompass_limit_login_notify_email_after',
|
||||||
|
'check_for_integer');
|
||||||
|
}
|
||||||
|
|
||||||
|
function update_settings(array $postParams) {
|
||||||
|
$settings = ['kompass_limit_login_lockout_duration',
|
||||||
|
'kompass_limit_login_allowed_retries',
|
||||||
|
'kompass_limit_login_allowed_lockouts',
|
||||||
|
'kompass_password_minimal_strength',
|
||||||
|
'kompass_limit_login_client_type',
|
||||||
|
'kompass_limit_login_long_duration',
|
||||||
|
'kompass_limit_login_lockout_notify',
|
||||||
|
'kompass_limit_login_notify_email_after',
|
||||||
|
'kompass_limit_login_cookies'];
|
||||||
|
|
||||||
|
foreach ($settings as $curSetting) {
|
||||||
|
if (isset($postParams[$curSetting])) {
|
||||||
|
update_option($curSetting, $postParams[$curSetting]);
|
||||||
|
} else {
|
||||||
|
update_option($curSetting, '');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,10 @@
|
|||||||
|
<?php
|
||||||
|
function kompass_get_minimal_password_strength() {
|
||||||
|
$minPasswordStrength = get_option('kompass_password_minimal_strength', 1);
|
||||||
|
|
||||||
|
$possibleStrengths = ['1' => 'short, bad, good, strong',
|
||||||
|
'2' => 'good, strong',
|
||||||
|
'3' => 'strong'];
|
||||||
|
|
||||||
|
return ' ' . $possibleStrengths[$minPasswordStrength];
|
||||||
|
}
|
@ -1,7 +1,5 @@
|
|||||||
<?php
|
<?php
|
||||||
if (!defined('SECURE_AUTH_COOKIE') && !defined('AUTH_COOKIE')) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
add_settings_section(
|
add_settings_section(
|
||||||
'custom_settings_section',
|
'custom_settings_section',
|
||||||
__('Calendar settings', BDP_LV_PLUGIN_SLUG),
|
__('Calendar settings', BDP_LV_PLUGIN_SLUG),
|
||||||
|
@ -55,11 +55,10 @@ class MainController
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if ( !$no_events ) {
|
if ( !$no_events ) {
|
||||||
wp_admin_notice(
|
|
||||||
'Mit dem kommenden Update von BdP Kompass ist der Zugriff auf Legacy-Veranstaltungen nicht mehr möglich. <br />' .
|
|
||||||
'Das Update wird voraussichtlich am <strong>06.01.2025</strong> bereitgestellt werden.<br /><br />' .
|
|
||||||
'Insofern du weiterhin Zugriff auf diese Veranstaltungen benötigst, kontaktiere den LB IT.', ['type' => 'warning']);
|
|
||||||
|
|
||||||
add_menu_page(
|
add_menu_page(
|
||||||
__( 'Events (legacy)', BDP_LV_PLUGIN_SLUG ),
|
__( 'Events (legacy)', BDP_LV_PLUGIN_SLUG ),
|
||||||
|
@ -11,6 +11,7 @@ class Security
|
|||||||
public const delete_plugins = [
|
public const delete_plugins = [
|
||||||
'akismet/akismet.php',
|
'akismet/akismet.php',
|
||||||
'hello.php',
|
'hello.php',
|
||||||
|
'wps-hide-login/wps-hide-login.php',
|
||||||
'limit-login-attempts-reloaded'
|
'limit-login-attempts-reloaded'
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -22,6 +23,10 @@ class Security
|
|||||||
self::installSecurityPlugin($pluginSlug, $pluginData['downloadUrl']);
|
self::installSecurityPlugin($pluginSlug, $pluginData['downloadUrl']);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
$loginUrl = get_option('kompass_sec_rewrite_login', null);
|
||||||
|
if (null == $loginUrl) {
|
||||||
|
$loginUrl = get_option('whl_page', null) ?? 'bdp-login';
|
||||||
|
}
|
||||||
|
|
||||||
enable_option_disable_xmlrpc();
|
enable_option_disable_xmlrpc();
|
||||||
enable_option_block_authorscan();
|
enable_option_block_authorscan();
|
||||||
@ -33,7 +38,7 @@ class Security
|
|||||||
enable_option_prohibit_bot_access();
|
enable_option_prohibit_bot_access();
|
||||||
enable_option_block_directory_listing();
|
enable_option_block_directory_listing();
|
||||||
self::resetLimitLoginAttempts();
|
self::resetLimitLoginAttempts();
|
||||||
|
delete_option('whl_page');
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -78,18 +83,24 @@ class Security
|
|||||||
global $wp;
|
global $wp;
|
||||||
|
|
||||||
add_action('template_redirect', [Security::class, 'protectAuthorScan']);
|
add_action('template_redirect', [Security::class, 'protectAuthorScan']);
|
||||||
|
|
||||||
|
if (null !== is_login_rewritten()) {
|
||||||
|
if (str_contains($_SERVER['REQUEST_URI'], 'wp-login.php?action=logout')) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
Security::protectLoginSecurity();
|
Security::protectLoginSecurity();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
public static function protectLoginSecurity() {
|
public static function protectLoginSecurity() {
|
||||||
$hideLogin = is_login_rewritten();
|
$hideLogin = is_login_rewritten();
|
||||||
|
|
||||||
if (null === $hideLogin) {
|
if (null === $hideLogin) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
update_option('whl_page', get_option(get_option('kompass_sec_rewrite_login', null)));
|
|
||||||
delete_option('kompass_sec_rewrite_login');
|
|
||||||
kompass_install_plugin( 'https://downloads.wordpress.org/plugin/wps-hide-login.1.9.17.1.zip', 'wps-hide-login' );
|
|
||||||
|
|
||||||
|
|
||||||
if ( str_contains( $_SERVER['REQUEST_URI'], 'wp-login.php' ) && ! isset( $_POST['redirect_to'] ) && $_POST['redirect_to'] !== 'interner-bereich' ) {
|
if ( str_contains( $_SERVER['REQUEST_URI'], 'wp-login.php' ) && ! isset( $_POST['redirect_to'] ) && $_POST['redirect_to'] !== 'interner-bereich' ) {
|
||||||
wp_redirect( home_url() );
|
wp_redirect( home_url() );
|
||||||
|
@ -86,6 +86,12 @@ function disable_option_disable_wp_debug() {
|
|||||||
WpConfigEditor::updateConfig('WP_DEBUG', 'true');
|
WpConfigEditor::updateConfig('WP_DEBUG', 'true');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function disable_option_rewrite_url() {
|
||||||
|
update_option('kompass_sec_rewrite_login', null);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
function kompass_sec_save_settings($settings) {
|
function kompass_sec_save_settings($settings) {
|
||||||
$allPossibleSettings = [
|
$allPossibleSettings = [
|
||||||
'option_disable_xmlrpc',
|
'option_disable_xmlrpc',
|
||||||
|
@ -1,7 +1,5 @@
|
|||||||
<?php
|
<?php
|
||||||
if (!defined('SECURE_AUTH_COOKIE') && !defined('AUTH_COOKIE')) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
add_settings_section(
|
add_settings_section(
|
||||||
'custom_settings_section',
|
'custom_settings_section',
|
||||||
|
Loading…
Reference in New Issue
Block a user