Changeset 1225947
- Timestamp:
- 08/20/2015 07:59:18 AM (11 years ago)
- Location:
- hide-login/trunk
- Files:
-
- 2 added
- 3 edited
-
admin.php (added)
-
hide-login.php (modified) (1 diff)
-
index.php (added)
-
readme.txt (modified) (4 diffs)
-
screenshot-1.png (modified) (previous)
Legend:
- Unmodified
- Added
- Removed
-
hide-login/trunk/hide-login.php
r766179 r1225947 2 2 /* 3 3 Plugin Name: Hide Login+ 4 Description: This plugin allows you to create custom URLs for user's login, logout and admin's login page.5 Author: mohammad hossein aghanabi6 Version: 3.17 Author URI: http:// developr.ir4 Description: This plugin allows you to create custom URLs for user's Log in, Log out, Sign up and Admin page. 5 Author: Mohammad Hossein Aghanabi 6 Version: 4.0 7 Author URI: http://koder.io 8 8 */ 9 9 /* 10 10 This is a new version of Stealth Login plguin by skullbit 11 11 */ 12 /* CHANGELOG 13 03-09-2013 14 * Changed some default options at activation to avoid 500 Servre internal error 15 * Restrictions on using default slugs like `wp-admin` for admin slug that made confliction 16 * Optimized code readablity and stability 17 * Solved fatal error caused by `check_admin_referer()` 18 * Tested over wordpress 3.6 19 03-02-2013 - v3.0 20 * Completely rewrote. 21 * All rewrite rules will apply with wordpress buil-in functions 22 * Remove plugin rewrite rules automatically on deactivation to wordpres default rules 23 * Works with all permalink structures 24 * Droped some useless options and codes and improved functionality 25 * Now Setting page menue is at root 26 * Tested Over the latest Wordpress (v3.5.1) 27 28-07-2012 - v2.1 28 * Fix an issue with hide mode capability 29 29-01-2012 - v2.0 30 * Fix .htaccess query commands 31 * Automatic removing and adding htaccess output to .htaccess file 32 * Strong security key function 33 * Added compatibility fix with WordPress installations in a directory like www.blog.com/wordpress/ 34 * Added ability to disable plugin from its setting page 35 * Added ability to attempt to change .htaccess permissions to make writeable 36 * Added wp-admin slug option (can't login with it yet though) 37 * htaccess Output rules will always show even if htaccess is not writeable 38 * added ability to create custom htaccess rules 39 * Added Register slug option so you can still allow registrations with the hide-login. (If registration is not allowed, this option will not be available.) 40 * Security Key now seperate for each slug so that those registering cannot reuse the key for use on login or logout 41 * Added better rewrite rules for a hidden login system. 42 * Removed wp-login.php refresh redirect in favor of using rewrite rules for prevention of direct access to the file. 43 */ 44 /** 45 * [hide_options adds plugin default options at activation] 46 * @return [void] 47 */ 48 function hide_options() 49 { 50 add_option("hide_login_slug","login"); 51 add_option("hide_logout_slug", "?logout=me"); 52 add_option("hide_admin_slug","admin"); 53 add_option("hide_register_slug","register"); 54 add_option("hide_forgot_slug","forgot"); 55 add_option("hide_login_redirect", get_option('siteurl')."/".get_option("hide_admin_slug")); 56 add_option("hide_mode", 0); 57 add_option("hide_wp_admin", 0); 58 add_option("htaccess_rules", ""); 59 } 60 register_activation_hook( __FILE__ , 'hide_options' ); 61 add_action('init', '_setup'); 62 /** 63 * [_setup handle access to URLs] 64 * @return [void] 65 */ 66 function _setup() { 67 if(get_option("hide_mode") == 1 && (strpos(strtolower($_SERVER['REQUEST_URI']),'wp-login.php') !== false) && $_SERVER['REQUEST_METHOD'] != "POST") 68 { 69 wp_redirect(get_option('siteurl'),302); 70 exit; 71 } 72 else if(get_option("hide_logout_slug") != "" && (strpos(strtolower($_SERVER['REQUEST_URI']),get_option("hide_logout_slug")) !== false)) 73 { 74 wp_logout(); 12 /** 13 * [hideOptions Sets plugin default options on activation] 14 * @return [void] 15 */ 16 17 function hideOptions() 18 { 19 add_option("hide_login_slug", "login"); 20 add_option("hide_admin_slug", ""); 21 add_option("hide_logout_slug", "logout"); 22 add_option("hide_register_slug", "register"); 23 add_option("hide_forgot_slug", "forgot"); 24 add_option("hide_wplogin", 0); 25 add_option("hide_wpadmin", 0); 26 add_option("hide_rules", ""); 27 } 28 register_activation_hook( __FILE__ , 'hideOptions' ); 29 30 define("LOGIN_SLUG", get_option("hide_login_slug", "login")); 31 define("ADMIN_SLUG", get_option("hide_admin_slug")); 32 define("LOGOUT_SLUG", get_option("hide_logout_slug", "logout")); 33 define("REGISTER_SLUG", get_option("hide_register_slug", "register")); 34 define("FORGOT_SLUG", get_option("hide_forgot_slug", "forgot")); 35 36 /** 37 * [_setup controls access over wp-login.php, logout and wp-admin URLs] 38 * @return [void] 39 */ 40 function _setup() { 41 42 global $current_user; 43 44 if(get_option("hide_wplogin") == 1) { 45 if(requestURI() == 'wp-login.php') { 46 wp_redirect(get_option('siteurl'), 302); 47 exit; 48 } 49 } 50 if(requestURI() == LOGOUT_SLUG) { 51 if(ADMIN_SLUG != "") 52 setcookie( is_ssl() ? SECURE_AUTH_COOKIE : AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH . ADMIN_SLUG, COOKIE_DOMAIN ); 53 wp_logout(); 54 wp_redirect(get_option('siteurl')); 55 exit; 56 } 57 if(get_option("hide_wpadmin") == 1 && !user_can( $current_user, "edit_posts" )) { 58 if(requestURI() == 'wp-admin') { 75 59 wp_redirect(get_option('siteurl')); 76 60 exit; 77 61 } 78 else if(get_option("hide_wp_admin") == 1 && (strpos(strtolower($_SERVER['REQUEST_URI']),'wp-admin') !== false) && !is_user_logged_in()) 62 } 63 } 64 add_action('init', '_setup'); 65 66 // Hooked to Wordpress for changing cookie on new admin page 67 function setAdminCookie($auth_cookie, $expire) { 68 setcookie(is_ssl() ? SECURE_AUTH_COOKIE : AUTH_COOKIE, $auth_cookie, $expire, SITECOOKIEPATH . ADMIN_SLUG, COOKIE_DOMAIN, is_ssl(), true); 69 } 70 71 // Changes wp-admin slug everywhere 72 function changeAdminURL( $url ) { 73 return str_replace("wp-admin", ADMIN_SLUG, $url); 74 } 75 76 if(ADMIN_SLUG != "") { 77 add_action("set_auth_cookie", "setAdminCookie", 10, 2); 78 add_filter('site_url', 'changeAdminURL', 10, 1); 79 } 80 /** 81 * [requestURI Returns URL path] 82 * @return string $part 83 */ 84 function requestURI() 85 { 86 $part = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH); 87 $part = trim($part, "/"); 88 $part = strtolower($part); 89 $part = explode("/", $part); 90 return $part[0]; 91 } 92 93 /** 94 * [addPanel Adds Hide Login+ menu] 95 */ 96 function addPanel() 97 { 98 add_menu_page('Hide Login+', 'Hide Login+', 'manage_options', 'hide_settings', 'hideSettings'); 99 } 100 add_action('admin_menu','addPanel'); 101 102 /** 103 * [updateSettings Saves changes on submitting form] 104 */ 105 function updateSettings() 106 { 107 if( isset($_POST['action']) && $_POST['action'] == 'hide_login_update' ) { 108 109 $_GET['type'] = "updated"; 110 $_GET['id'] = 0; 111 112 $error = false; 113 114 array_walk($_POST, function(&$item, $key) use (&$error) 79 115 { 80 wp_redirect(get_option('siteurl')); 116 if(substr($key, 0, 5) == 'hide_' && !$error) { 117 $item = preg_replace("/[^A-Za-z0-9_\-]/", "", $item); 118 if(strlen($item) < 1 && $key != 'hide_admin_slug') 119 { 120 $error = true; 121 } 122 $item = substr($item, 0, 24); 123 } 124 }); 125 126 if(weHaveError($error)) { 127 $type = 'error'; 128 $id = 0; 129 wp_safe_redirect("/".(ADMIN_SLUG != "") ? ADMIN_SLUG : "wp-admin"."/admin.php?page=hide_settings&type=$type&id=$id"); 81 130 exit; 82 131 } 83 } 84 add_action('admin_menu','AddPanel'); 85 /** 86 * [AddPanel add hide login menu] 87 */ 88 function AddPanel() 132 133 update_option("hide_login_slug", $_POST['hide_login_slug']); 134 update_option("hide_logout_slug", $_POST['hide_logout_slug']); 135 update_option("hide_forgot_slug", $_POST['hide_forgot_slug']); 136 update_option("hide_admin_slug", $_POST['hide_admin_slug']); 137 update_option("hide_wplogin", in_array($_POST['hide_wplogin'], range(0,1)) ? $_POST['hide_wplogin'] : 0 ); 138 139 if(get_option('hide_admin_slug') != "") 140 update_option("hide_wpadmin", in_array($_POST['hide_wpadmin'], range(0,1)) ? $_POST['hide_wpadmin'] : 0 ); 141 142 if(get_option('users_can_register')) 143 update_option("hide_register_slug", $_POST['hide_register_slug']); 144 145 hideLogin(); 146 } 147 } 148 add_action("admin_init", "updateSettings"); 149 150 // Changes logout URL slug everywhere 151 add_filter('logout_url', function ($url, $redirect) { 152 return home_url("/".LOGOUT_SLUG); 153 }, 10, 2); 154 155 // Changes login URL slug everywhere 156 add_filter('login_url', function ($url, $redirect) { 157 return home_url("/".LOGOUT_SLUG); 158 }, 10, 2 ); 159 160 // Changes registration URL slug everywhere 161 add_filter('register',function ($url) { 162 return str_replace(site_url('wp-login.php?action=register', 'login'), site_url(REGISTER_SLUG, 'login'), $url); 163 }); 164 165 // Changes lostpassword URL slug everywhere 166 add_filter('lostpassword_url', function ($url) { 167 return str_replace('?action=lostpassword','',str_replace(network_site_url('wp-login.php', 'login'), site_url(FORGOT_SLUG, 'login'), $url)); 168 }); 169 170 /** 171 * [changeURLs Modifies all related forms on initialization accroding to their new set URL] 172 * @return void $form 173 */ 174 function changeURLs() 175 { 176 $array = array('register_form' => REGISTER_SLUG, 177 'lostpassword_form' => FORGOT_SLUG, 178 'resetpass_form' => FORGOT_SLUG, 179 'login_form' => LOGIN_SLUG 180 ); 181 182 $slug = $array[current_filter()]; 183 $form = ob_get_contents(); 184 $form = preg_replace( "/wp-login\.php([^\"]*)/", $slug.'$1', $form); 185 ob_get_clean(); 186 echo $form; 187 } 188 add_action( 'login_form', 'changeURLs'); 189 add_action( 'register_form', 'changeURLs'); 190 add_action( 'lostpassword_form', 'changeURLs'); 191 add_action( 'resetpass_form', 'changeURLs'); 192 193 // Where to redirect after a successful login, default redirection is `wp-admin` 194 add_action('login_redirect', function () { 195 global $redirect_to; 196 if (!isset($_GET['redirect_to'])) { 197 return get_option('siteurl')."/".(ADMIN_SLUG != "" ? ADMIN_SLUG : "wp-admin"); 198 } 199 else 200 return $redirect_to; 201 }); 202 203 // Redirection URL after submitting lostpassword form 204 add_filter('lostpassword_redirect', function() { 205 return site_url(LOGIN_SLUG."?checkemail=confirm" ); 206 }); 207 208 // Redirection URL after submitting registration form 209 add_filter('registration_redirect', function() { 210 return site_url(LOGIN_SLUG."?checkemail=registered" ); 211 }); 212 213 /** 214 * [hideLogin Handles new RewriteRules as well as custom ones] 215 */ 216 function hideLogin() 217 { 218 global $wp_rewrite; 219 220 // Backup original .htaccess file 221 if (!file_exists(ABSPATH."/.htaccess.backup")) { 222 copy(ABSPATH."/.htaccess", ABSPATH."/.htaccess.backup"); 223 } 224 225 add_rewrite_rule( get_option("hide_login_slug", "login").'/?$', 'wp-login.php', 'top' ); 226 227 if(get_option("hide_admin_slug") != "") 228 add_rewrite_rule(get_option("hide_admin_slug").'/(.*)', "wp-admin/$1?%{QUERY_STRING}", 'top'); 229 230 if(get_option('users_can_register')) 231 add_rewrite_rule( get_option("hide_register_slug", "register").'/?$', 'wp-login.php?action=register', 'top' ); 232 233 add_rewrite_rule( get_option("hide_forgot_slug", "forgot").'/?$', 'wp-login.php?action=lostpassword', 'top' ); 234 235 $str = ''; 236 if(get_option('hide_admin_slug') != '') 89 237 { 90 add_menu_page('Hide Login', 'Hide Login', 'manage_options', 'HideSettings', 'HideSettings'); 91 } 92 add_action("admin_init", "UpdateSettings"); 93 /** 94 * [UpdateSettings update all settings after submitting form] 95 */ 96 function UpdateSettings() 97 { 98 if( $_POST['action'] == 'hide_login_update' ) 99 { 100 $redirect = $_POST['hide_login_redirect']; 101 $custom = $_POST['login_custom']; 102 unset($_POST['hide_login_redirect'],$_POST['login_custom']); 103 $_POST = str_replace(array("/","\\"," "),array("","",""),$_POST); 104 $_POST['hide_login_redirect'] = $redirect; 105 $_POST['login_custom'] = $custom; 106 $_POST['type'] = "success"; 107 $_POST['notice'] = __('Settings Updated','hidelogin'); 108 if($_POST['hide_login_redirect'] == "Custom") 109 { 110 update_option("hide_login_redirect", $_POST['login_custom']); 238 $forerules = array("RewriteRule" => '^'.get_option('hide_admin_slug').'$ '.get_option('hide_admin_slug').'/ [R,L]'); 239 240 foreach ($forerules as $cmd => $rules) { 241 if(is_array($rules)) { 242 foreach ($rules as $rule) { 243 $str .= "$cmd $rule\r\n"; 244 } 111 245 } 112 246 else 113 { 114 update_option("hide_login_redirect", $_POST['hide_login_redirect']); 115 } 116 update_option("hide_login_slug", $_POST['hide_login_slug']); 117 118 update_option("hide_logout_slug", $_POST['hide_logout_slug']); 119 if($_POST['hide_admin_slug'] == "wp-admin") 120 { 121 $_POST['notice'] = __('You can\'t use wp-admin as admin slug. but you can put the field empty','hidelogin'); 122 $_POST['type'] = "error"; 123 } 124 else 125 { 126 update_option("hide_admin_slug", $_POST['hide_admin_slug']); 127 } 128 update_option("hide_register_slug", $_POST['hide_register_slug']); 129 update_option("hide_forgot_slug", $_POST['hide_forgot_slug']); 130 if(get_option("hide_login_slug") != "") 131 { 132 update_option("hide_mode", $_POST['hide_mode']); 133 } 134 else 135 { 136 update_option("hide_mode", 0); 137 } 138 if(get_option("hide_admin_slug") != "") 139 { 140 update_option("hide_wp_admin", $_POST['hide_wp_admin']); 141 } 142 else 143 { 144 update_option("hide_wp_admin", 0); 145 } 146 hide_login(); 247 $str .= "$cmd $rules\r\n"; 147 248 } 148 249 } 149 if(get_option("hide_login_redirect") != "") 250 251 add_filter('mod_rewrite_rules', function ($rules) use ($str){ 252 $pattern = "@(^\QRewriteRule ^index\.php$ - [L]\E\s)@m"; 253 $rules = preg_replace($pattern, "$1".$str, $rules); 254 update_option("hide_rules", $rules); 255 return $rules; 256 }); 257 258 $wp_rewrite->flush_rules(true); 259 } 260 /** 261 * [showMsg Displays message on form submit] 262 * @param [integer] $id [Text ID] 263 * @param [string] $type [Type of message] 264 * @return [string] $display [HTML output] 265 */ 266 function showMsg($id, $type) 267 { 268 $messages = array('error' => array(0 => __('Don\'t leave some fields empty.', 'hidelogin')), 269 'updated' => array(0 => __('Settings Updated','hidelogin'))); 270 $display = '<div id="message" class="'.$type.' fade"><p><strong>' . $messages[$type][$id] . '</strong></p></div>'; 271 return $display; 272 } 273 /** 274 * [hideSettings Shows settings page] 275 */ 276 function hideSettings() 277 { 278 if(isset($_GET['type']) && isset($_GET['id'])) 279 echo showMsg($_GET['id'], $_GET['type']); 280 require_once(dirname(__file__).'/admin.php'); 281 } 282 /** 283 * [weHaveError Checks if there is any error out there :|] 284 * @param [bool] $var [Boolean value] 285 * @return [bool] 286 */ 287 function weHaveError($var) 288 { 289 return $var; 290 } 291 /** 292 * [_deactivate Will rollback all affected changes to their defaults] 293 */ 294 function _deactivate() 295 { 296 remove_action( 'generate_rewrite_rules', 'hideLogin' ); 297 delete_option('hide_rules'); 298 delete_option("hide_login_slug"); 299 delete_option("hide_admin_slug"); 300 delete_option("hide_logout_slug"); 301 delete_option("hide_register_slug"); 302 delete_option("hide_forgot_slug"); 303 delete_option("hide_wplogin"); 304 delete_option("hide_wpadmin"); 305 delete_option("hide_rules"); 306 $GLOBALS['wp_rewrite']->flush_rules(true); 307 } 308 register_deactivation_hook(__FILE__ , '_deactivate'); 309 /** 310 * [redirectOnDeactivation Redirects after deactivation to prevent intrruption of old admin slug] 311 * @return [void] 312 */ 313 function redirectOnDeactivation($plugin) { 314 if($plugin == 'hide-login/hide-login.php') 150 315 { 151 add_action('login_form', 'redirect_after_login'); 152 function redirect_after_login() { 153 global $redirect_to; 154 if (!isset($_GET['redirect_to'])) { 155 $redirect_to = get_option('hide_login_redirect'); 156 } 157 } 158 } 159 if(get_option("hide_logout_slug") != "") 160 { 161 add_filter('logout_url', 'new_logout_url', 10, 2); 162 function new_logout_url($logout_url, $redirect) 163 { 164 return "/".get_option("hide_logout_slug"); 165 } 166 } 167 if(get_option("hide_login_slug") != "") 168 { 169 add_filter( 'login_url', 'new_login_url', 10, 2 ); 170 function new_login_url( $login_url, $redirect ) { 171 return "/".get_option("hide_login_slug"); 172 } 173 } 174 if(get_option("hide_register_slug") != "") 175 { 176 add_filter('register','new_signup_url'); 177 function new_signup_url($url){ 178 return str_replace(site_url('wp-login.php?action=register', 'login'),site_url(get_option("hide_register_slug"), 'login'),$url); 179 } 180 } 181 if(get_option("hide_forgot_slug") != "") 182 { 183 add_filter('lostpassword_url','new_forgetpass_url'); 184 function new_forgetpass_url($url){ 185 return str_replace('?action=lostpassword','',str_replace(network_site_url('wp-login.php', 'login'),site_url(get_option("hide_forgot_slug"), 'login'),$url)); 186 } 187 } 188 /** 189 * [hide_login write rewrite rules in .htaccess file] 190 */ 191 function hide_login() 192 { 193 global $wp_rewrite; 194 $other_rules = array(); 195 if(get_option("hide_admin_slug") != "") 196 { 197 add_rewrite_rule( get_option("hide_admin_slug").'/(.*?)$', 'wp-admin/$1?%{QUERY_STRING}', 'top' ); 198 $other_rules[get_option("hide_admin_slug").'$'] = 'WITH_SLASH'; 199 } 200 if(get_option("hide_login_slug") != "") 201 { 202 add_rewrite_rule( get_option("hide_login_slug").'/?$', 'wp-login.php', 'top' ); 203 } 204 if(get_option("hide_register_slug") != "") 205 { 206 add_rewrite_rule( get_option("hide_register_slug").'/?$', 'wp-login.php?action=register', 'top' ); 207 } 208 if(get_option("hide_forgot_slug") != "") 209 { 210 add_rewrite_rule( get_option("hide_forgot_slug").'/?$', 'wp-login.php?action=lostpassword', 'top' ); 211 } 212 $wp_rewrite->non_wp_rules = $other_rules + $wp_rewrite->non_wp_rules; 213 function ht_rules($rules) 214 { 215 $rules = str_replace("/WITH_SLASH [QSA,L]", "%{REQUEST_URI}/ [R=301,L]", $rules); 216 update_option("htaccess_rules", $rules); 217 return $rules; 218 219 } 220 add_filter('mod_rewrite_rules', 'ht_rules'); 221 $wp_rewrite->flush_rules(true); 222 } 223 /** 224 * [dis_msg description] 225 * @param [type] $msg [shown message] 226 * @param string $type [if "success"ful or an "error"] 227 * @return [string] [html and message] 228 */ 229 function dis_msg($msg, $type = "success") 230 { 231 if($type == "success") 232 { 233 $display = '<div id="message" class="updated fade"><p><strong>' . $msg . '</strong></p></div>'; 234 } 235 else if($type == "error") 236 { 237 $display = '<div id="message" class="error fade"><p><strong>' . $msg . '</strong></p></div>'; 238 } 239 return $display; 240 } 241 /** 242 * [hideSettings form on the settings page] 243 */ 244 function hideSettings() 245 { 246 echo dis_msg($_POST['notice'], $_POST['type']); 247 ?> 248 <div class="wrap" style="font-family: tahoma !important;"> 249 <h2><?php _e('Hide Login Settings', 'hidelogin')?></h2> 250 <form method="post" action=""> 251 <table class="form-table"> 252 <tbody> 253 <tr valign="top"> 254 <th scope="row"><label for="login_slug"><?php _e('Login Slug', 'hidelogin');?></label></th> 255 <td><input name="hide_login_slug" id="login_slug" value="<?php echo get_option('hide_login_slug');?>" type="text"><br /> 256 <strong style="color:#777;font-size:12px;">Login URL:</strong> <span style="font-size:0.9em;color:#999999;"><?php echo trailingslashit( get_option('siteurl') ); ?><span style="background-color: #fffbcc;"><?php echo get_option('hide_login_slug');?></span></span></td> 257 </tr> 258 <tr valign="top"> 259 <th scope="row"><label for="login_redirect"><?php _e('Login Redirect', 'hidelogin');?></label></th> 260 <td><select name="hide_login_redirect" id="login_redirect"> 261 <?php $cus = true; ?> 262 <option value="<?php echo get_option('siteurl')."/".get_option("hide_admin_slug");?>" <?php if(get_option('hide_login_redirect') == get_option('siteurl')."/".get_option("hide_admin_slug")){$cus = false; echo 'selected="selected"';} ?>>WordPress Admin</option> 263 <option value="<?php echo get_option('siteurl');?>" <?php if(get_option('hide_login_redirect') == get_option('siteurl')){$cus = false; echo 'selected="selected"';} ?>>WordPress Address</option> 264 <option value="Custom" <?php if($cus){echo 'selected="selected"';} ?>>Custom URL (Enter Below)</option> 265 </select><br /> 266 <input type="text" name="login_custom" size="40" value="<?php if($cus){ echo get_option('hide_login_redirect'); }?>" /><br /> 267 <strong style="color:#777;font-size:12px;">Redirect URL:</strong> <span style="font-size:0.9em;color:#999999;"><?php if( get_option('hide_login_redirect') != 'Custom' ) { echo get_option('hide_login_redirect'); } else { echo get_option('hide_login_custom'); } ?></span></td> 268 </tr> 269 <tr valign="top"> 270 <th scope="row"><label for="logout_slug"><?php _e('Logout Slug', 'hidelogin');?></label></th> 271 <td><input type="text" name="hide_logout_slug" id="logout_slug" value="<?php echo get_option('hide_logout_slug');?>" /><br /> 272 <strong style="color:#777;font-size:12px;">Logout URL:</strong> <span style="font-size:0.9em;color:#999999;"><?php echo trailingslashit( get_option('siteurl') ); ?><span style="background-color: #fffbcc;"><?php echo get_option('hide_logout_slug');?></span></span></td> 273 </tr> 274 <?php if( get_option('users_can_register') ){ ?> 275 <tr valign="top"> 276 <th scope="row"><label for="register_slug"><?php _e('Register Slug', 'hidelogin');?></label></th> 277 <td><input type="text" name="hide_register_slug" id="register_slug" value="<?php echo get_option('hide_register_slug');?>" /><br /> 278 <strong style="color:#777;font-size:12px;">Register URL:</strong> <span style="font-size:0.9em;color:#999999;"><?php echo trailingslashit( get_option('siteurl') ); ?><span style="background-color: #fffbcc;"><?php echo get_option('hide_register_slug');?></span></span></td> 279 </tr> 280 <?php } ?> 281 <tr valign="top"> 282 <th scope="row"><label for="admin_slug"><?php _e('Admin Slug', 'hidelogin');?></label></th> 283 <td><input name="hide_admin_slug" id="admin_slug" value="<?php echo get_option('hide_admin_slug');?>" type="text"><br /> 284 <strong style="color:#777;font-size:12px;">Admin URL:</strong> <span style="font-size:0.9em;color:#999999;"><?php echo trailingslashit( get_option('siteurl') ); ?><span style="background-color: #fffbcc;"><?php echo get_option('hide_admin_slug');?></span></span></td> 285 </tr> 286 <tr valign="top"> 287 <th scope="row"><label for="forgot_slug"><?php _e('Forgot Password Slug', 'hidelogin');?></label></th> 288 <td><input name="hide_forgot_slug" id="forgot_slug" value="<?php echo get_option('hide_forgot_slug');?>" type="text"><br /> 289 <strong style="color:#777;font-size:12px;">Forgot Password URL:</strong> <span style="font-size:0.9em;color:#999999;"><?php echo trailingslashit( get_option('siteurl') ); ?><span style="background-color: #fffbcc;"><?php echo get_option('hide_forgot_slug');?></span></span></td> 290 </tr> 291 <tr valign="top"> 292 <th scope="row"><?php _e('hide Mode', 'hidelogin'); ?></th> 293 <td><label><input type="radio" name="hide_mode" value="1" <?php if(get_option('hide_mode') ) echo 'checked="checked" ';?> /> Enable</label><br /> 294 <label><input type="radio" name="hide_mode" value="0" <?php if(!get_option('hide_mode') ) echo 'checked="checked" ';?>/> Disable</label><br /> 295 <small><?php _e('Prevent users from being able to access wp-login.php directly ( enable this when you use custom login slug )','hidelogin');?></small></td> 296 </tr> 297 <tr valign="top"> 298 <th scope="row"><?php _e('hide wp-admin', 'hidelogin'); ?></th> 299 <td><label><input type="radio" name="hide_wp_admin" value="1" <?php if(get_option('hide_wp_admin') ) echo 'checked="checked" ';?> /> Enable</label><br /> 300 <label><input type="radio" name="hide_wp_admin" value="0" <?php if(!get_option('hide_wp_admin') ) echo 'checked="checked" ';?>/> Disable</label><br /> 301 <small><?php _e('Prevent users from being able to access wp-admin directly ( enable this when you use custom admin slug )','hidelogin');?></small></td> 302 </tr> 303 <tr valign="top"> 304 <th scope="row"><?php _e('.htaccess Output', 'hidelogin');?></th> 305 <td style="color: navy;"><pre><?php echo ((get_option('htaccess_rules') != "")?get_option('htaccess_rules'):"<span style=\"color: red !important;\">No Output.</span>");?></pre></td> 306 </tr> 307 <tr valign="top"> 308 <th scope="row"><?php _e('Did the Tricks ?', 'hidelogin');?></th> 309 <td> 310 <input name="Submit" style="font-family: tahoma !important; font-weight: bold;" value="<?php _e('Save Changes','hidelogin');?>" type="submit" /> 311 <input name="action" value="hide_login_update" type="hidden" /> 312 </td> 313 </tr> 314 </tbody> 315 </table> 316 </form> 317 318 </div> 319 <?php 320 } 321 /** 322 * [_deactivate remove all changes and leave wordpres rules as default on deactivation] 323 */ 324 function _deactivate() 325 { 326 remove_action( 'generate_rewrite_rules', 'hide_login' ); 327 $GLOBALS['wp_rewrite']->flush_rules(true); 328 } 329 register_deactivation_hook( __FILE__ , '_deactivate' ); 316 $current = get_option( 'active_plugins', array() ); 317 $key = array_search( $plugin, $current ); 318 unset( $current[ $key ] ); 319 update_option('active_plugins', $current); 320 exit(wp_safe_redirect('/wp-admin/plugins.php?deactivate=true&plugin_status=all&paged=1&s=')); 321 } 322 } 323 add_action('deactivated_plugin', 'redirectOnDeactivation', 10, 1); 330 324 ?> -
hide-login/trunk/readme.txt
r766203 r1225947 1 1 === Hide Login+ === 2 Contributors: mohammad hossein aghanabi 3 Tags: login, logout, htaccess, custom, url, wp-admin, admin, change, hide, stealth, security 2 Contributors: Mohammad Hossein Aghanabi 3 Author URI: https://koder.io/ 4 Tags: login, logout, htaccess, custom, url, wp-admin, admin, change, hide, stealth, security, hide, register, sign in, sign up 4 5 Requires at least: 2.3 5 Tested up to: 3.66 Stable tag: 3. 16 Tested up to: 4.3 7 Stable tag: 3.5 7 8 8 Have a secure login and admin page. Allows you to create custom URLs for user's login, logout and admin's login page as simple as possible.9 Have a secure login and admin page. Allows you to create custom URLs for user's Log in, Log out, Sign up and Admin page. 9 10 10 11 == Description == 12 11 13 = A must have plugin for wordpress blogs = 12 14 13 With it you can **simply** change most important URLs that are for daily use and then you may ask why **Hide Login+** plugin? 15 By using Hide Login+ you can **simply** change most important URLs that are being accessed every day, keeping them safe and secret. 14 16 15 *So is this plugin for you? let's know* 17 New features: 16 18 17 `$requires = array( 18 "you need secured and hidden login page that no one except you can access them?" => true, 19 "you want custom and nice URLs for login and admin pages?" => true, 20 "you need to have control over URLs that you never had an easy access before?" => true, 21 "wanna prevent your website from being under attack & session hijacking?" => true 22 ) 23 ` 19 * **No need to modify `wp-config.php` any more** (see installation steps) 20 * **`.htaccess` backup file is created before changes take effect (named `.htaccess.backup`)** 21 * **Recoded to be latest Wordpress version compatible** 24 22 25 Then... 23 Benefits: 26 24 27 `if(in_array($what_you_want, $requires)) 28 { 29 echo "Then this plugin is for you"; 30 }` 25 * Have secured and hidden login page 26 * Customized URLs for the most important parts of your Wordpress installation 27 * Control access over `wp-login.php` and `wp-admin` pages 28 * Easy back-to-defaults ability without frustration 31 29 32 30 Features: 33 31 34 * Define custom slugs for wordpess login, logout, registration, forgot password & admin URLs 35 * Able to prevent access to `wp-login.php` and `wp-admin` directly 36 * Custom redirection after login with pre-defined options 37 * See your `.htaccess` content after changes successfuly has been done 38 * Simple back-to-defaults ability on plugin deactivation 32 * Define custom URL slug for login, logout, registration, lost password & admin pages 33 * Able to prevent access to `wp-login.php` and `wp-admin` directly 34 * See your `.htaccess` content after changes have been successfully updated. 35 * Revert to default configurations on plugin deactivation (or easily via a second method) 39 36 40 37 … … 44 41 45 42 1. Upload the `hide-login` directory to the `/wp-content/plugins/` directory 46 47 2. Add these two lines in wp-config.php file after `/* That's all, stop editing! Happy blogging. */` 48 `define('WP_ADMIN_DIR', 'YOUR_ADMIN_SLUG');` 49 `define('ADMIN_COOKIE_PATH', SITECOOKIEPATH . WP_ADMIN_DIR);` 50 Where `YOUR_ADMIN_SLUG` is the slug you use in plugin setting page for Admin. 51 52 3. Activate the plugin through the 'Plugins' menu in WordPress 53 54 4. Set the options in the Settings Panel 43 2. Activate the plugin through the 'Plugins' menu in WordPress 44 3. Set the options in the Hide Login+ settings page 55 45 56 46 == Changelog == 47 = 3.5 = 48 * No more to modify `wp-config.php` for changing admin URL slug 49 * Reduced and optimized `.htaccess` rules 50 * `.htaccess` backup file is created in the same directory 51 * All plugin options are cleared completely on deactivation 52 * Many more bug fixed and compatibilty issues done 57 53 = 3.1 = 58 54 * Changed some default options at activation to avoid 500 Server internal error … … 63 59 = 3.0 = 64 60 * Completely rewrote. 65 * All rewrite rules will apply with wordpress buil-in functions 61 * All rewrite rules will apply with wordpress buil-in functions 66 62 * Remove plugin rewrite rules automatically on deactivation to wordpres default rules 67 63 * Works with all permalink structures 68 * Droped some useless options and codes and improved functionality 64 * Droped some useless options and codes and improved functionality 69 65 * Now Setting page menu is at root 70 66 * Tested Over the latest Wordpress version(3.5.1) … … 88 84 == Frequently Asked Questions == 89 85 90 = Something gone horribly wrong and my site is down = 91 92 Just deactivate it ;) 86 = Is something gone horribly wrong and your site went down? = 87 * There are 2 methods and you **only** need to go with one: 88 1- Deactivate plugin. 89 2- There is a backup file of `.htaccess` in the root directory of your Wordpress installation named `.htaccess.backup`. You only need to remove your `.htaccess` file and rename backup file from `.htaccess.backup` to `.htaccess` 93 90 94 91 == Screenshots ==
Note: See TracChangeset
for help on using the changeset viewer.