WordPress.org
Get WordPress

Plugin Directory

Changeset 160010


Ignore:
Timestamp:
10/02/2009 07:41:59 PM (17 years ago)
Author:
johanee
Message:

multiple new translations, tagging 1.3.2 & 2.0beta2

Location:
limit-login-attempts
Files:
30 added
4 edited
17 copied

Legend:

Unmodified
Added
Removed

  • limit-login-attempts/tags/1.3.2/limit-login-attempts.php

    r112192 r160010  
    66  Author: Johan Eenfeldt
    77  Author URI: http://devel.kostdoktorn.se
    8   Version: 1.3.1
     8  Version: 1.3.2
    99
    1010  Copyright 2008, 2009 Johan Eenfeldt

  • limit-login-attempts/tags/1.3.2/readme.txt

    r112192 r160010  
    33Tags: login, security, authentication
    44Requires at least: 2.5
    5 Tested up to: 2.7.1
    6 Stable tag: 1.3.1
     5Tested up to: 2.8.4
     6Stable tag: 1.3.2
    77
    88Limit rate of login attempts, including by way of cookies, for each IP.
     
    2323* Optional logging, optional email notification
    2424* Handles server behind reverse proxy
     25
     26Translations: Bulgarian, Catalan, German, Norwegian, Persian, Romanian, Russian, Spanish, Swedish
    2527
    2628Plugin uses standard actions and filters only.
     
    6365== Version History ==
    6466
     67* Version 1.3.2
     68    * Added Bulgarian translation, thanks to Hristo Chakarov
     69    * Added Norwegian translation, thanks to Rune Gulbrandsøy
     70    * Added Spanish translation, thanks to Marcelo Pedra
     71    * Added Persian translation, thanks to Mostafa Soufi
     72    * Added Russian translation, thanks to Jack Leonid (http://studio-xl.com)
    6573* Version 1.3.1
    6674    * Added Catalan translation, thanks to Robert Buj

  • limit-login-attempts/tags/2.0beta2/limit-login-attempts.php

    r112269 r160010  
    7979
    8080          /* Enforce limit on new user registrations for IP */
    81           , 'register_enforce' => false
     81          , 'register_enforce' => true
    8282
    8383          /* Allow this many new user registrations ... */
     
    8888
    8989          /* Allow password reset using login name? */
    90           , 'disable_pwd_reset_username' => false
     90          , 'disable_pwd_reset_username' => true
    9191
    9292          /* ... for capability level_xx or higher */
     
    386386    /* do the same for the registration arrays, if necessary */
    387387    $valid = get_option('limit_login_registrations_valid');
    388     $retries = get_option('limit_login_registrations');
    389     if (is_array($valid) && !empty($valid) && is_array($retries) && !empty($retries)) {
    390         foreach ($valid as $ip => $lockout) {
    391             if ($lockout < $now) {
     388    $regs = get_option('limit_login_registrations');
     389    if (is_array($valid) && !empty($valid) && is_array($regs) && !empty($regs)) {
     390        foreach ($valid as $ip => $until) {
     391            if ($until < $now) {
    392392                unset($valid[$ip]);
    393                 unset($retries[$ip]);
     393                unset($regs[$ip]);
    394394            }
    395395        }
    396396
    397         /* go through retries directly, if for some reason they've gone out of sync */
    398         foreach ($retries as $ip => $retry) {
     397        /* go through registrations directly, if for some reason they've gone out of sync */
     398        foreach ($regs as $ip => $reg) {
    399399            if (!isset($valid[$ip])) {
    400                 unset($retries[$ip]);
     400                unset($regs[$ip]);
    401401            }
    402402        }
    403403
    404         update_option('limit_login_registrations', $retries);
     404        update_option('limit_login_registrations', $regs);
    405405        update_option('limit_login_registrations_valid', $valid);
    406406    }
     
    534534    $limit = null;
    535535
    536     /* What limit to use, if any */
     536    /* What limit (max privilege level) to use, if any */
    537537    if (limit_login_option('disable_pwd_reset')) {
     538        /* limit on all pwd resets */
    538539        $limit = intval(limit_login_option('pwd_reset_limit'));
    539540    }
    540541
    541542    if (limit_login_option('disable_pwd_reset_username') && !strpos($_POST['user_login'], '@')) {
    542         $limit2 = intval(limit_login_option('pwd_reset_username_limit'));
    543 
    544         if (is_null($limit) || $limit > $limit2) {
    545             $limit = $limit2;
     543        /* limit on pwd reset using user name */
     544        $limit_username = intval(limit_login_option('pwd_reset_username_limit'));
     545
     546        if (is_null($limit) || $limit > $limit_username) {
     547            $limit = $limit_username;
    546548        }
    547549    }
     
    577579    }
    578580
    579     /* check if we are at the right nr to do notification */
     581    /* Check if we are at the right nr to do notification
     582     *
     583     * Todo: this always sends notification on long lockout (when $retries[$ip]
     584     * is reset).
     585     */
    580586    if ( isset($retries[$ip])
    581587         && ( ($retries[$ip] / limit_login_option('allowed_retries'))
     
    9981004
    9991005
     1006/* Remove space and - characters before comparing (because of how user_nicename
     1007 * is constructed from user_login) */
     1008function limit_login_fuzzy_cmp($s1, $s2) {
     1009    $remove = array(' ', '-');
     1010
     1011    return strcasecmp(str_replace($remove, '', $s1), str_replace($remove, '', $s2));
     1012}
     1013
     1014
    10001015/* Show privileged users various names, and warn if equal to login name */
    10011016function limit_login_show_users() {
     
    10191034    $r = '';
    10201035    foreach ($users as $user) {
    1021         $login_ok = strcasecmp($user->user_login, 'admin');
    1022         $display_ok = strcasecmp($user->user_login, $user->display_name);
    1023         $nicename_ok = strcasecmp($user->user_login, $user->user_nicename);
    1024         $nickname_ok = strcasecmp($user->user_login, $user->nickname);
     1036        $login_ok = limit_login_fuzzy_cmp($user->user_login, 'admin');
     1037        $display_ok = limit_login_fuzzy_cmp($user->user_login, $user->display_name);
     1038        $nicename_ok = limit_login_fuzzy_cmp($user->user_login, $user->user_nicename);
     1039        $nickname_ok = limit_login_fuzzy_cmp($user->user_login, $user->nickname);
    10251040
    10261041        if ($login_ok && $display_ok && $nicename_ok && $nickname_ok) {

  • limit-login-attempts/tags/2.0beta2/readme.txt

    r112213 r160010  
    33Tags: login, security, authentication
    44Requires at least: 2.5
    5 Tested up to: 2.7.1
    6 Stable tag: 1.3.1
     5Tested up to: 2.8.4
     6Stable tag: 1.3.2
    77
    88Limit rate of login attempts, including by way of cookies, for each IP. (BETA VERSION)
     
    2828* Optional restriction on password reset attempts for privileged users, and rate limit new user registration
    2929
     30Translations: Bulgarian, Catalan, German, Norwegian, Persian, Romanian, Russian, Spanish, Swedish
     31
    3032Plugin uses standard actions and filters only.
    3133
     
    4042== Todo ==
    4143
    42 * There is no built in way to change user login name or nicename.
    43 * Smarter matching vs login name
     44* There is no built in way to change user login name or nicename -- split to separate plugin?
    4445* Translations
     46* Test vs. 2.5
     47* Keep two versions (1.x and 2.x)?
    4548
    4649== Frequently Asked Questions ==

  • limit-login-attempts/trunk/limit-login-attempts.php

    r112269 r160010  
    7979
    8080          /* Enforce limit on new user registrations for IP */
    81           , 'register_enforce' => false
     81          , 'register_enforce' => true
    8282
    8383          /* Allow this many new user registrations ... */
     
    8888
    8989          /* Allow password reset using login name? */
    90           , 'disable_pwd_reset_username' => false
     90          , 'disable_pwd_reset_username' => true
    9191
    9292          /* ... for capability level_xx or higher */
     
    386386    /* do the same for the registration arrays, if necessary */
    387387    $valid = get_option('limit_login_registrations_valid');
    388     $retries = get_option('limit_login_registrations');
    389     if (is_array($valid) && !empty($valid) && is_array($retries) && !empty($retries)) {
    390         foreach ($valid as $ip => $lockout) {
    391             if ($lockout < $now) {
     388    $regs = get_option('limit_login_registrations');
     389    if (is_array($valid) && !empty($valid) && is_array($regs) && !empty($regs)) {
     390        foreach ($valid as $ip => $until) {
     391            if ($until < $now) {
    392392                unset($valid[$ip]);
    393                 unset($retries[$ip]);
     393                unset($regs[$ip]);
    394394            }
    395395        }
    396396
    397         /* go through retries directly, if for some reason they've gone out of sync */
    398         foreach ($retries as $ip => $retry) {
     397        /* go through registrations directly, if for some reason they've gone out of sync */
     398        foreach ($regs as $ip => $reg) {
    399399            if (!isset($valid[$ip])) {
    400                 unset($retries[$ip]);
     400                unset($regs[$ip]);
    401401            }
    402402        }
    403403
    404         update_option('limit_login_registrations', $retries);
     404        update_option('limit_login_registrations', $regs);
    405405        update_option('limit_login_registrations_valid', $valid);
    406406    }
     
    534534    $limit = null;
    535535
    536     /* What limit to use, if any */
     536    /* What limit (max privilege level) to use, if any */
    537537    if (limit_login_option('disable_pwd_reset')) {
     538        /* limit on all pwd resets */
    538539        $limit = intval(limit_login_option('pwd_reset_limit'));
    539540    }
    540541
    541542    if (limit_login_option('disable_pwd_reset_username') && !strpos($_POST['user_login'], '@')) {
    542         $limit2 = intval(limit_login_option('pwd_reset_username_limit'));
    543 
    544         if (is_null($limit) || $limit > $limit2) {
    545             $limit = $limit2;
     543        /* limit on pwd reset using user name */
     544        $limit_username = intval(limit_login_option('pwd_reset_username_limit'));
     545
     546        if (is_null($limit) || $limit > $limit_username) {
     547            $limit = $limit_username;
    546548        }
    547549    }
     
    577579    }
    578580
    579     /* check if we are at the right nr to do notification */
     581    /* Check if we are at the right nr to do notification
     582     *
     583     * Todo: this always sends notification on long lockout (when $retries[$ip]
     584     * is reset).
     585     */
    580586    if ( isset($retries[$ip])
    581587         && ( ($retries[$ip] / limit_login_option('allowed_retries'))
     
    9981004
    9991005
     1006/* Remove space and - characters before comparing (because of how user_nicename
     1007 * is constructed from user_login) */
     1008function limit_login_fuzzy_cmp($s1, $s2) {
     1009    $remove = array(' ', '-');
     1010
     1011    return strcasecmp(str_replace($remove, '', $s1), str_replace($remove, '', $s2));
     1012}
     1013
     1014
    10001015/* Show privileged users various names, and warn if equal to login name */
    10011016function limit_login_show_users() {
     
    10191034    $r = '';
    10201035    foreach ($users as $user) {
    1021         $login_ok = strcasecmp($user->user_login, 'admin');
    1022         $display_ok = strcasecmp($user->user_login, $user->display_name);
    1023         $nicename_ok = strcasecmp($user->user_login, $user->user_nicename);
    1024         $nickname_ok = strcasecmp($user->user_login, $user->nickname);
     1036        $login_ok = limit_login_fuzzy_cmp($user->user_login, 'admin');
     1037        $display_ok = limit_login_fuzzy_cmp($user->user_login, $user->display_name);
     1038        $nicename_ok = limit_login_fuzzy_cmp($user->user_login, $user->user_nicename);
     1039        $nickname_ok = limit_login_fuzzy_cmp($user->user_login, $user->nickname);
    10251040
    10261041        if ($login_ok && $display_ok && $nicename_ok && $nickname_ok) {

  • limit-login-attempts/trunk/readme.txt

    r112213 r160010  
    33Tags: login, security, authentication
    44Requires at least: 2.5
    5 Tested up to: 2.7.1
    6 Stable tag: 1.3.1
     5Tested up to: 2.8.4
     6Stable tag: 1.3.2
    77
    88Limit rate of login attempts, including by way of cookies, for each IP. (BETA VERSION)
     
    2828* Optional restriction on password reset attempts for privileged users, and rate limit new user registration
    2929
     30Translations: Bulgarian, Catalan, German, Norwegian, Persian, Romanian, Russian, Spanish, Swedish
     31
    3032Plugin uses standard actions and filters only.
    3133
     
    4042== Todo ==
    4143
    42 * There is no built in way to change user login name or nicename.
    43 * Smarter matching vs login name
     44* There is no built in way to change user login name or nicename -- split to separate plugin?
    4445* Translations
     46* Test vs. 2.5
     47* Keep two versions (1.x and 2.x)?
    4548
    4649== Frequently Asked Questions ==
Note: See TracChangeset for help on using the changeset viewer.