Changeset 1001349
- Timestamp:
- 10/03/2014 04:03:38 PM (11 years ago)
- Location:
- login-security-solution/trunk
- Files:
-
- 3 edited
-
login-security-solution.php (modified) (3 diffs)
-
readme.txt (modified) (2 diffs)
-
tests/AuthCookieBadTest.php (modified) (6 diffs)
Legend:
- Unmodified
- Added
- Removed
-
login-security-solution/trunk/login-security-solution.php
r967194 r1001349 7 7 * 8 8 * Plugin URI: http://wordpress.org/extend/plugins/login-security-solution/ 9 * Version: 0.4 5.09 * Version: 0.46.0 10 10 * (Remember to change the VERSION constant, below, as well!) 11 11 * Author: Daniel Convissor … … 43 43 * This plugin's version 44 44 */ 45 const VERSION = '0.4 5.0';45 const VERSION = '0.46.0'; 46 46 47 47 /** … … 778 778 */ 779 779 public function pw_policy_rewrite($translated, $original) { 780 $policy = 'Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers and symbols like ! " ? $ % ^ & ).'; 781 782 if ($original == $policy) { 780 $policy = array( 781 'Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).', 782 'Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers and symbols like ! " ? $ % ^ & ).', 783 ); 784 785 if (in_array($original,$policy)) { 783 786 $this->load_plugin_textdomain(); 784 787 $translated = $this->hsc_utf8(sprintf(__("The password should either be: A) at least %d characters long and contain upper and lower case letters (except languages that only have one case) plus numbers and punctuation, or B) at least %d characters long. The password can not contain words related to you or this website.", self::ID), $this->options['pw_length'], $this->options['pw_complexity_exemption_length'])); -
login-security-solution/trunk/readme.txt
r967194 r1001349 4 4 Tags: login, password, passwords, strength, strong, strong passwords, password strength, idle, timeout, maintenance, security, attack, hack, lock, lockdown, ban, brute force, brute, force, authentication, xml-rpc, auth, cookie, users 5 5 Requires at least: 3.3 6 Tested up to: 3.9.26 Tested up to: 4.0 7 7 Stable tag: trunk 8 8 … … 481 481 == Changelog == 482 482 483 = 0.45.0 (2014-08-17) 483 = 0.46.0 (2014-10-03) = 484 * Fix password policy hint broken by changes in WP 3.9 485 * Adjust unit tests for new auth cookie format in WP 4.0 486 487 = 0.45.0 (2014-08-17) = 484 488 * Adjust for password reset process for security changes in WP 3.9.2 485 489 -
login-security-solution/trunk/tests/AuthCookieBadTest.php
r923776 r1001349 28 28 protected $user_name; 29 29 protected $pass_md5; 30 protected $cookie_key_pass; 30 31 31 32 … … 36 37 37 38 public function setUp() { 39 global $wp_version; 40 38 41 parent::setUp(); 39 42 … … 48 51 $this->user_name = 'test'; 49 52 $this->pass_md5 = 'ababab'; 53 54 if (version_compare($wp_version, '4.0', '>=')) { 55 $this->cookie_key_pass = 3; 56 } else { 57 $this->cookie_key_pass = 2; 58 } 50 59 51 60 // wp_validate_auth_cookie() operates on the original object. … … 97 106 $this->assertFalse($result); 98 107 99 $pass = self::$lss->md5($parts[ 2]);108 $pass = self::$lss->md5($parts[$this->cookie_key_pass]); 100 109 $this->check_fail_record($this->ip, $parts[0], $pass); 101 110 … … 111 120 $_COOKIE[AUTH_COOKIE] = wp_generate_auth_cookie(1, time() + 10); 112 121 $parts = explode('|', $_COOKIE[AUTH_COOKIE]); 113 $parts[ 2] = 'badpassword';122 $parts[$this->cookie_key_pass] = 'badpassword'; 114 123 $_COOKIE[AUTH_COOKIE] = implode('|', $parts); 115 124 … … 120 129 $this->assertFalse($result); 121 130 122 $pass = self::$lss->md5($parts[ 2]);131 $pass = self::$lss->md5($parts[$this->cookie_key_pass]); 123 132 $this->check_fail_record($this->ip, $parts[0], $pass); 124 133
Note: See TracChangeset
for help on using the changeset viewer.