Changeset 161950
- Timestamp:
- 10/09/2009 07:03:42 PM (16 years ago)
- Location:
- limit-login-attempts
- Files:
-
- 4 added
- 4 edited
- 1 copied
-
tags/1.4 (copied) (copied from limit-login-attempts/tags/1.3.2)
-
tags/1.4/limit-login-attempts-cs_CZ.mo (added)
-
tags/1.4/limit-login-attempts-cs_CZ.po (added)
-
tags/1.4/limit-login-attempts.php (modified) (5 diffs)
-
tags/1.4/readme.txt (modified) (3 diffs)
-
trunk/limit-login-attempts-cs_CZ.mo (added)
-
trunk/limit-login-attempts-cs_CZ.po (added)
-
trunk/limit-login-attempts.php (modified) (42 diffs)
-
trunk/readme.txt (modified) (6 diffs)
Legend:
- Unmodified
- Added
- Removed
-
limit-login-attempts/tags/1.4/limit-login-attempts.php
r160010 r161950 6 6 Author: Johan Eenfeldt 7 7 Author URI: http://devel.kostdoktorn.se 8 Version: 1. 3.28 Version: 1.4 9 9 10 10 Copyright 2008, 2009 Johan Eenfeldt … … 738 738 wp_die('Sorry, but you do not have permissions to change settings.'); 739 739 } 740 741 /* Make sure post was from this page */ 742 if (count($_POST) > 0) { 743 check_admin_referer('limit-login-attempts-options'); 744 } 740 745 741 746 /* Should we clear log? */ … … 836 841 <h3><?php echo __('Statistics','limit-login-attempts'); ?></h3> 837 842 <form action="options-general.php?page=limit-login-attempts" method="post"> 843 <?php wp_nonce_field('limit-login-attempts-options'); ?> 838 844 <table class="form-table"> 839 845 <tr> … … 859 865 <h3><?php echo __('Options','limit-login-attempts'); ?></h3> 860 866 <form action="options-general.php?page=limit-login-attempts" method="post"> 867 <?php wp_nonce_field('limit-login-attempts-options'); ?> 861 868 <table class="form-table"> 862 869 <tr> … … 912 919 <h3><?php echo __('Lockout log','limit-login-attempts'); ?></h3> 913 920 <form action="options-general.php?page=limit-login-attempts" method="post"> 921 <?php wp_nonce_field('limit-login-attempts-options'); ?> 914 922 <input type="hidden" value="true" name="clear_log" /> 915 923 <p class="submit"> -
limit-login-attempts/tags/1.4/readme.txt
r160010 r161950 4 4 Requires at least: 2.5 5 5 Tested up to: 2.8.4 6 Stable tag: 1. 3.26 Stable tag: 1.4 7 7 8 8 Limit rate of login attempts, including by way of cookies, for each IP. … … 24 24 * Handles server behind reverse proxy 25 25 26 Translations: Bulgarian, Catalan, German, Norwegian, Persian, Romanian, Russian, Spanish, Swedish26 Translations: Bulgarian, Catalan, Czech, German, Norwegian, Persian, Romanian, Russian, Spanish, Swedish 27 27 28 28 Plugin uses standard actions and filters only. … … 65 65 == Version History == 66 66 67 * Version 1.4 68 * Protect admin page update using wp_nonce 69 * Added Czech translation, thanks to Jakub Jedelsky 67 70 * Version 1.3.2 68 71 * Added Bulgarian translation, thanks to Hristo Chakarov -
limit-login-attempts/trunk/limit-login-attempts.php
r160010 r161950 6 6 Author: Johan Eenfeldt 7 7 Author URI: http://devel.kostdoktorn.se 8 Version: 2.0beta 18 Version: 2.0beta3 9 9 10 10 Copyright 2008, 2009 Johan Eenfeldt … … 37 37 define('LIMIT_LOGIN_PROXY_ADDR', 'HTTP_X_FORWARDED_FOR'); 38 38 39 /* Notify value checked against these in limit_login_sanitize_ variables() */39 /* Notify value checked against these in limit_login_sanitize_options() */ 40 40 define('LIMIT_LOGIN_LOCKOUT_NOTIFY_ALLOWED', 'log,email'); 41 41 … … 87 87 , 'register_duration' => 86400 // 24 hours 88 88 89 /* Allow password reset using login name? */ 89 /* Allow password reset using login name? 90 * 91 * NOTE: Only works in WP 2.6.5+, as necessary filter was added then. 92 */ 90 93 , 'disable_pwd_reset_username' => true 91 94 … … 93 96 , 'pwd_reset_username_limit' => 1 94 97 95 /* Allow password resets at all? */ 96 , 'disable_pwd_reset' => true 98 /* Allow password resets at all? 99 * 100 * NOTE: Only works in WP 2.6.5+, as necessary filter was added then. 101 */ 102 , 'disable_pwd_reset' => false 97 103 98 104 /* ... for capability level_xx or higher */ … … 106 112 /* Level of the different roles. Used for descriptive purposes only */ 107 113 $limit_login_level_role = 108 array(0 => 'Subscriber', 1 => 'Contributor', 2 => 'Author', 7 => 'Editor' 109 , 10 => 'Administrator'); 110 114 array(0 => __('Subscriber','limit-login-attempts') 115 , 1 => __('Contributor','limit-login-attempts') 116 , 2 => __('Author','limit-login-attempts') 117 , 7 => __('Editor','limit-login-attempts') 118 , 10 => __('Administrator','limit-login-attempts')); 111 119 112 120 /* … … 184 192 185 193 186 /* Check if it is ok to login */ 194 /* Helpfunction to check ip in time array (lockout/valid) 195 * 196 * Returns true if array exists, ip is key in array, and value (time) is not 197 * past. 198 */ 199 function limit_login_check_time($check_array, $ip = null) { 200 if (!$ip) 201 $ip = limit_login_get_address(); 202 203 return (is_array($check_array) && isset($check_array[$ip]) 204 && time() <= $check_array[$ip]); 205 } 206 207 208 /* Helpfunction to check ip in time (lockout/valid) array 209 * 210 * Returns true if array exists, ip is key in array, and value (time) is not 211 * past. 212 */ 213 function limit_login_check_count($check_array, $count, $ip = null) { 214 if (!$ip) 215 $ip = limit_login_get_address(); 216 217 return (is_array($check_array) && isset($check_array[$ip]) 218 && $count > $check_array[$ip]); 219 } 220 221 222 /* Is it ok to login? */ 187 223 function is_limit_login_ok() { 188 $ip = limit_login_get_address(); 189 190 /* lockout active? */ 191 $lockouts = get_option('limit_login_lockouts'); 192 return (!is_array($lockouts) || !isset($lockouts[$ip]) || time() >= $lockouts[$ip]); 224 /* Test that there is not a (still valid) lockout on ip in lockouts array */ 225 return !limit_login_check_time(limit_login_get_array('lockouts')); 193 226 } 194 227 … … 202 235 $ip = limit_login_get_address(); 203 236 204 /* too many registrations? */ 205 $regs = get_option('limit_login_registrations'); 206 $valid = get_option('limit_login_registrations_valid'); 207 return (!is_array($regs) || !isset($regs[$ip]) 208 || !is_array($valid) || !isset($valid[$ip]) 209 || time() >= $valid[$ip] 210 || $regs[$ip] < limit_login_option('register_allowed')); 237 /* not too many (valid) registrations? */ 238 $valid = limit_login_get_array('registrations_valid'); 239 $regs = limit_login_get_array('registrations'); 240 $allowed = limit_login_option('register_allowed'); 241 return (!limit_login_check_time($valid, $ip) 242 || !limit_login_check_count($regs, $allowed, $ip)); 211 243 } 212 244 … … 270 302 $ip = limit_login_get_address(); 271 303 272 /* if currently locked-out, do not add to retries */273 $lockouts = get_option('limit_login_lockouts');274 if(is_array($lockouts) && isset($lockouts[$ip]) && time() < $lockouts[$ip]) {304 $lockouts = limit_login_get_array('lockouts'); 305 if (limit_login_check_time($lockouts)) { 306 /* if currently locked-out, do not add to retries */ 275 307 return; 276 } elseif (!is_array($lockouts)) {277 $lockouts = array();278 308 } 279 309 280 310 /* Get the arrays with retries and retries-valid information */ 281 $retries = get_option('limit_login_retries'); 282 $valid = get_option('limit_login_retries_valid'); 283 if ($retries === false) { 284 $retries = array(); 285 add_option('limit_login_retries', $retries, '', 'no'); 286 } 287 if ($valid === false) { 288 $valid = array(); 289 add_option('limit_login_retries_valid', $valid, '', 'no'); 290 } 311 $retries = limit_login_get_array('retries'); 312 $valid = limit_login_get_array('retries_valid'); 291 313 292 314 /* Check validity and add one to retries */ … … 347 369 348 370 349 /* Clean up any old lockouts and old retries */371 /* Clean up any old lockouts and old retries and save arrays */ 350 372 function limit_login_cleanup($retries = null, $lockouts = null, $valid = null) { 351 373 $now = time(); 352 $lockouts = !is_null($lockouts) ? $lockouts : get_option('limit_login_lockouts');374 $lockouts = !is_null($lockouts) ? $lockouts : limit_login_get_array('lockouts'); 353 375 354 376 /* remove old lockouts */ 355 if (is_array($lockouts)) { 356 foreach ($lockouts as $ip => $lockout) { 357 if ($lockout < $now) { 358 unset($lockouts[$ip]); 359 } 360 } 361 update_option('limit_login_lockouts', $lockouts); 362 } 377 foreach ($lockouts as $ip => $lockout) { 378 if ($lockout < $now) { 379 unset($lockouts[$ip]); 380 } 381 } 382 limit_login_save_array('lockouts', $lockouts); 363 383 364 384 /* remove retries that are no longer valid */ 365 $valid = !is_null($valid) ? $valid : get_option('limit_login_retries_valid');366 $retries = !is_null($retries) ? $retries : get_option('limit_login_retries');367 if ( is_array($valid) && !empty($valid) && is_array($retries) && !empty($retries)) {385 $valid = !is_null($valid) ? $valid : limit_login_get_array('retries_valid'); 386 $retries = !is_null($retries) ? $retries : limit_login_get_array('retries'); 387 if (!empty($valid) && !empty($retries)) { 368 388 foreach ($valid as $ip => $lockout) { 369 389 if ($lockout < $now) { … … 380 400 } 381 401 382 update_option('limit_login_retries', $retries);383 update_option('limit_login_retries_valid', $valid);402 limit_login_save_array('retries', $retries); 403 limit_login_save_array('retries_valid', $valid); 384 404 } 385 405 386 406 /* do the same for the registration arrays, if necessary */ 387 $valid = get_option('limit_login_registrations_valid');388 $regs = get_option('limit_login_registrations');389 if ( is_array($valid) && !empty($valid) && is_array($regs) && !empty($regs)) {407 $valid = limit_login_get_array('registrations_valid'); 408 $regs = limit_login_get_array('registrations'); 409 if (!empty($valid) && !empty($regs)) { 390 410 foreach ($valid as $ip => $until) { 391 411 if ($until < $now) { … … 402 422 } 403 423 404 update_option('limit_login_registrations', $regs);405 update_option('limit_login_registrations_valid', $valid);424 limit_login_save_array('registrations', $regs); 425 limit_login_save_array('registrations_valid', $valid); 406 426 } 407 427 } … … 420 440 421 441 /* Get the arrays with registrations and valid information */ 422 $regs = get_option('limit_login_registrations'); 423 $valid = get_option('limit_login_registrations_valid'); 424 if ($regs === false) { 425 $regs = array(); 426 add_option('limit_login_registrations', $regs, '', 'no'); 427 } 428 if ($valid === false) { 429 $valid = array(); 430 add_option('limit_login_registrations_valid', $valid, '', 'no'); 431 } 442 $regs = limit_login_get_array('registrations'); 443 $valid = limit_login_get_array('registrations_valid'); 432 444 433 445 /* Check validity and add one registration */ … … 439 451 $valid[$ip] = time() + limit_login_option('register_duration'); 440 452 441 update_option('limit_login_registrations', $regs);442 update_option('limit_login_registrations_valid', $valid);453 limit_login_save_array('registrations', $regs); 454 limit_login_save_array('registrations_valid', $valid); 443 455 444 456 /* increase statistics? */ … … 520 532 $level = intval($level); 521 533 522 if ($userid == 0) {534 if ($userid <= 0) { 523 535 return false; 524 536 } … … 537 549 if (limit_login_option('disable_pwd_reset')) { 538 550 /* limit on all pwd resets */ 539 $limit = intval(limit_login_option('pwd_reset_limit'));551 $limit = limit_login_option('pwd_reset_limit'); 540 552 } 541 553 542 554 if (limit_login_option('disable_pwd_reset_username') && !strpos($_POST['user_login'], '@')) { 543 555 /* limit on pwd reset using user name */ 544 $limit_username = intval(limit_login_option('pwd_reset_username_limit')); 545 556 $limit_username = limit_login_option('pwd_reset_username_limit'); 557 558 /* use lowest limit */ 546 559 if (is_null($limit) || $limit > $limit_username) { 547 560 $limit = $limit_username; … … 573 586 function limit_login_notify_email($user) { 574 587 $ip = limit_login_get_address(); 575 $retries = get_option('limit_login_retries'); 576 577 if (!is_array($retries)) { 578 $retries = array(); 579 } 588 $retries = limit_login_get_array('retries'); 580 589 581 590 /* Check if we are at the right nr to do notification … … 623 632 /* Logging of lockout (if configured) */ 624 633 function limit_login_notify_log($user) { 625 $log = get_option('limit_login_logged');634 $log = limit_login_get_array('logged'); 626 635 $ip = limit_login_get_address(); 627 if ($log === false) { 628 $log = array($ip => array($user => 1)); 629 add_option('limit_login_logged', $log, '', 'no'); /* no autoload */ 636 637 /* can be written much simpler, if you do not mind php warnings */ 638 if (isset($log[$ip])) { 639 if (isset($log[$ip][$user])) { 640 $log[$ip][$user]++; 641 } else { 642 $log[$ip][$user] = 1; 643 } 630 644 } else { 631 /* can be written much simpler, if you do not mind php warnings */ 632 if (isset($log[$ip])) { 633 if (isset($log[$ip][$user])) { 634 $log[$ip][$user]++; 635 } else { 636 $log[$ip][$user] = 1; 637 } 638 } else { 639 $log[$ip] = array($user => 1); 640 } 641 update_option('limit_login_logged', $log); 642 } 645 $log[$ip] = array($user => 1); 646 } 647 limit_login_save_array('logged', $log); 643 648 } 644 649 … … 672 677 function limit_login_reg_error_msg() { 673 678 $msg = __('<strong>ERROR</strong>: Too many new user registrations.', 'limit-login-attempts') . ' '; 674 return limit_login_error_msg(' limit_login_registrations_valid', $msg);679 return limit_login_error_msg('registrations_valid', $msg); 675 680 } 676 681 … … 687 692 688 693 /* Construct informative error message */ 689 function limit_login_error_msg($lockout_option = 'l imit_login_lockouts', $msg = '') {694 function limit_login_error_msg($lockout_option = 'lockouts', $msg = '') { 690 695 $ip = limit_login_get_address(); 691 $lockouts = get_option($lockout_option);696 $lockouts = limit_login_get_array($lockout_option); 692 697 693 698 if ($msg == '') { … … 695 700 } 696 701 697 if (!is _array($lockouts) || !isset($lockouts[$ip]) || time() >= $lockouts[$ip]) {702 if (!isset($lockouts[$ip]) || time() >= $lockouts[$ip]) { 698 703 /* Huh? No lockout? */ 699 704 $msg .= __('Please try again later.', 'limit-login-attempts'); … … 716 721 function limit_login_retries_remaining_msg() { 717 722 $ip = limit_login_get_address(); 718 $retries = get_option('limit_login_retries');719 $valid = get_option('limit_login_retries_valid');723 $retries = limit_login_get_array('retries'); 724 $valid = limit_login_get_array('retries_valid'); 720 725 721 726 /* Should we show retries remaining? */ 722 723 if (!is_array($retries) || !is_array($valid)) {724 /* no retries at all */725 return '';726 }727 727 if (!isset($retries[$ip]) || !isset($valid[$ip]) || time() > $valid[$ip]) { 728 728 /* no: no valid retries */ … … 787 787 /* 788 788 * During lockout we do not want to show any other error messages (like 789 * unknown user or empty password). 789 * unknown user or empty password) -- unless this was the attempt that 790 * locked us out. 790 791 */ 791 792 if (!is_limit_login_ok() && !$limit_login_just_lockedout) { … … 797 798 * as that is an information leak regarding user account names. 798 799 * 799 * Also, if more than one error message, put an extra <br /> tag between800 * them.800 * Also, if there are more than one error message, put an extra <br /> tag 801 * between them. 801 802 */ 802 803 $msgs = explode("<br />\n", $content); … … 873 874 874 875 876 /* Does wordpress version support password reset options? */ 877 function limit_login_support_pwd_reset_options() { 878 global $wp_version; 879 return (version_compare($wp_version, '2.6.5', '>=')); 880 } 881 882 875 883 /* 876 884 * Handle plugin options … … 896 904 global $limit_login_options; 897 905 906 /* Make sure type is correct */ 898 907 if (is_bool($limit_login_options[$var_name])) { 899 908 $a = !!$a; … … 917 926 } 918 927 919 limit_login_sanitize_ variables();928 limit_login_sanitize_options(); 920 929 } 921 930 … … 935 944 936 945 /* Make sure the variables make sense */ 937 function limit_login_sanitize_ variables() {946 function limit_login_sanitize_options() { 938 947 global $limit_login_options; 939 948 … … 960 969 $limit_login_options['client_type'] = LIMIT_LOGIN_DIRECT_ADDR; 961 970 } 971 972 $pwd_reset_func_supported = limit_login_support_pwd_reset_options(); 973 $pwd_reset_username = limit_login_option('disable_pwd_reset_username') 974 && $pwd_reset_func_supported; 975 $pwd_reset = limit_login_option('disable_pwd_reset') 976 && $pwd_reset_func_supported; 977 978 $limit_login_options['disable_pwd_reset_username'] = $pwd_reset_username; 979 $limit_login_options['disable_pwd_reset'] = $pwd_reset; 980 } 981 982 983 /* Get stored array -- add if necessary */ 984 function limit_login_get_array($array_name) { 985 $real_array_name = 'limit_login_' . $array_name; 986 987 $a = get_option($real_array_name); 988 989 if ($a === false) { 990 $a = array(); 991 add_option($real_array_name, $a, '', 'no'); /* no autoload */ 992 } 993 994 return $a; 995 } 996 997 998 /* Store array */ 999 function limit_login_save_array($array_name, $a) { 1000 $real_array_name = 'limit_login_' . $array_name; 1001 update_option($real_array_name, $a); 962 1002 } 963 1003 … … 1023 1063 . " LEFT JOIN $wpdb->usermeta um2 ON u.ID = um2.user_id" 1024 1064 . " WHERE um.meta_key = '{$wpdb->prefix}capabilities'" 1025 . " AND NOT um.meta_value LIKE '%subscriber%'" 1065 . " AND NOT (um.meta_value LIKE '%subscriber%'" 1066 . " OR um.meta_value LIKE '%unapproved%')" 1026 1067 . " AND um2.meta_key = 'nickname'"; 1027 1068 … … 1052 1093 $nickname = limit_login_show_maybe_warning(!$nickname_ok, $user->nickname 1053 1094 , __("Make nickname different from login name", 'limit-login-attempts')); 1095 1096 /* http://192.168.1.9/webb/www.kostdoktorn.se/wordpress-2.8.4/wp-admin/user-edit.php?user_id=2&wp_http_referer=%2Fwebb%2Fwww.kostdoktorn.se%2Fwordpress-2.8.4%2Fwp-admin%2Fusers.php *******/ 1054 1097 1055 1098 $r .= '<tr><td>' . $login . '</td>' … … 1120 1163 1121 1164 1122 /* Get most options from $_POST[] (not lockout_notify)*/1165 /* Get options from $_POST[] and update global options variable */ 1123 1166 function limit_login_get_options_from_post() { 1124 1167 global $limit_login_options; … … 1147 1190 $limit_login_options[$name] = $value; 1148 1191 } 1192 1193 /* Special handling for lockout_notify */ 1194 $v = array(); 1195 if (isset($_POST['lockout_notify_log'])) { 1196 $v[] = 'log'; 1197 } 1198 if (isset($_POST['lockout_notify_email'])) { 1199 $v[] = 'email'; 1200 } 1201 $limit_login_options['lockout_notify'] = implode(',', $v); 1149 1202 } 1150 1203 … … 1156 1209 if (!current_user_can('manage_options')) { 1157 1210 wp_die('Sorry, but you do not have permissions to change settings.'); 1211 } 1212 1213 /* Make sure post was from this page */ 1214 if (count($_POST) > 0) { 1215 check_admin_referer('limit-login-attempts-options'); 1158 1216 } 1159 1217 … … 1184 1242 /* Should we update options? */ 1185 1243 if (isset($_POST['update_options'])) { 1186 global $limit_login_options;1187 1188 1244 limit_login_get_options_from_post(); 1189 1190 $v = array(); 1191 if (isset($_POST['lockout_notify_log'])) { 1192 $v[] = 'log'; 1193 } 1194 if (isset($_POST['lockout_notify_email'])) { 1195 $v[] = 'email'; 1196 } 1197 $limit_login_options['lockout_notify'] = implode(',', $v); 1198 1199 limit_login_sanitize_variables(); 1245 limit_login_sanitize_options(); 1200 1246 limit_login_update_options(); 1201 1247 echo '<div id="message" class="updated fade"><p>' … … 1211 1257 $cookies_disabled = ' DISABLED '; 1212 1258 $cookies_note = ' <br /> ' 1213 . __('<strong>NOTE:</strong> Only works in Wordpress 2.7or later'1214 , 'limit-login-attempts');1259 . sprintf(__('<strong>NOTE:</strong> Only works in Wordpress %s or later' 1260 , 'limit-login-attempts'), '2.7'); 1215 1261 } else { 1216 1262 $cookies_disabled = ''; … … 1242 1288 $log_checked = in_array('log', $v) ? ' checked ' : ''; 1243 1289 $email_checked = in_array('email', $v) ? ' checked ' : ''; 1290 1291 1292 if (!limit_login_support_pwd_reset_options()) { 1293 $pwd_reset_options_disabled = ' DISABLED '; 1294 $pwd_reset_options_note = ' <br /> ' 1295 . sprintf(__('<strong>NOTE:</strong> Only works in Wordpress %s or later' 1296 , 'limit-login-attempts'), '2.6.5'); 1297 } else { 1298 $pwd_reset_options_disabled = ''; 1299 $pwd_reset_options_note = ''; 1300 } 1244 1301 1245 1302 $disable_pwd_reset_username_yes = limit_login_option('disable_pwd_reset_username') ? ' checked ' : ''; … … 1277 1334 <h3><?php echo __('Statistics','limit-login-attempts'); ?></h3> 1278 1335 <form action="options-general.php?page=limit-login-attempts" method="post"> 1336 <?php wp_nonce_field('limit-login-attempts-options'); ?> 1279 1337 <table class="form-table"> 1280 1338 <tr> … … 1300 1358 <h3><?php echo __('Options','limit-login-attempts'); ?></h3> 1301 1359 <form action="options-general.php?page=limit-login-attempts" method="post"> 1360 <?php wp_nonce_field('limit-login-attempts-options'); ?> 1302 1361 <table class="form-table"> 1303 1362 <tr> … … 1343 1402 <tr> 1344 1403 <th scope="row" valign="top"><?php echo __('Password reset','limit-login-attempts'); ?></th> 1345 <td> 1346 <label><input type="checkbox" name="disable_pwd_reset_username" <?php echo $ disable_pwd_reset_username_yes; ?> value="1" /> <?php echo __('Disable password reset using login name for user this level or higher','limit-login-attempts'); ?></label> <select name="pwd_reset_username_limit"><?php limit_login_select_level(limit_login_option('pwd_reset_username_limit')); ?></select>1404 <td> 1405 <label><input type="checkbox" name="disable_pwd_reset_username" <?php echo $pwd_reset_options_disabled . $disable_pwd_reset_username_yes; ?> value="1" /> <?php echo __('Disable password reset using login name for user this level or higher','limit-login-attempts'); ?></label> <select name="pwd_reset_username_limit" <?php echo $pwd_reset_options_disabled; ?> ><?php limit_login_select_level(limit_login_option('pwd_reset_username_limit')); ?></select> 1347 1406 <br /> 1348 <label><input type="checkbox" name="disable_pwd_reset" <?php echo $disable_pwd_reset_yes; ?> value="1" /> <?php echo __('Disable password reset for users this level or higher','limit-login-attempts'); ?></label> <select name="pwd_reset_limit"><?php limit_login_select_level(limit_login_option('pwd_reset_limit')); ?></select> 1407 <label><input type="checkbox" name="disable_pwd_reset" <?php echo $pwd_reset_options_disabled . $disable_pwd_reset_yes; ?> value="1" /> <?php echo __('Disable password reset for users this level or higher','limit-login-attempts'); ?></label> <select name="pwd_reset_limit" <?php echo $pwd_reset_options_disabled; ?> ><?php limit_login_select_level(limit_login_option('pwd_reset_limit')); ?></select> 1408 <?php echo $pwd_reset_options_note; ?> 1349 1409 </td> 1350 1410 </tr> … … 1365 1425 </table> 1366 1426 <?php 1367 $log = get_option('limit_login_logged');1427 $log = limit_login_get_array('logged'); 1368 1428 1369 1429 if (is_array($log) && count($log) > 0) { … … 1376 1436 </div> 1377 1437 <form action="options-general.php?page=limit-login-attempts" method="post"> 1438 <?php wp_nonce_field('limit-login-attempts-options'); ?> 1378 1439 <input type="hidden" value="true" name="clear_log" /> 1379 1440 <p class="submit"> … … 1386 1447 </div> 1387 1448 <?php 1388 } 1449 } 1389 1450 ?> -
limit-login-attempts/trunk/readme.txt
r160010 r161950 4 4 Requires at least: 2.5 5 5 Tested up to: 2.8.4 6 Stable tag: 1. 3.26 Stable tag: 1.4 7 7 8 8 Limit rate of login attempts, including by way of cookies, for each IP. (BETA VERSION) … … 28 28 * Optional restriction on password reset attempts for privileged users, and rate limit new user registration 29 29 30 Translations: Bulgarian, Catalan, German, Norwegian, Persian, Romanian, Russian, Spanish, Swedish30 Translations: Bulgarian, Catalan, Czech, German, Norwegian, Persian, Romanian, Russian, Spanish, Swedish 31 31 32 32 Plugin uses standard actions and filters only. … … 45 45 * Translations 46 46 * Test vs. 2.5 47 * Keep two versions (1.x and 2.x)?47 * Look through readme.txt 48 48 49 49 == Frequently Asked Questions == … … 69 69 = Why the privileged users list? Why are some names marked? = 70 70 71 These are the various names WordPress has for each user. To increase security the login name should not be the same as any of the se.71 These are the various names WordPress has for each user. To increase security the login name should not be the same as any of the others. 72 72 73 73 = What is URL Name / "nicename"? = … … 90 90 == Version History == 91 91 92 * Version 2.0beta3 93 * Checkpoint release for translations 94 * Added basic functionality to edit user names 95 * Added Wordpress version dependency for password reset functionality 96 * Code clean-ups 97 * Version 2.0beta2 98 * Various fixes 92 99 * Version 2.0beta1 93 100 * Added a number of options that when activated make it harder to find login names of users … … 97 104 * filter registration error messages to avoid possible way to brute force find user login name 98 105 * list of privileged users show which login names can be discovered from user displayname, nickname or "url name"/nicename 106 * Version 1.4 107 * Protect admin page update using wp_nonce 108 * Added Czech translation, thanks to Jakub Jedelsky 109 * Version 1.3.2 110 * Added Bulgarian translation, thanks to Hristo Chakarov 111 * Added Norwegian translation, thanks to Rune Gulbrandsøy 112 * Added Spanish translation, thanks to Marcelo Pedra 113 * Added Persian translation, thanks to Mostafa Soufi 114 * Added Russian translation, thanks to Jack Leonid (http://studio-xl.com) 99 115 * Version 1.3.1 100 116 * Added Catalan translation, thanks to Robert Buj
Note: See TracChangeset
for help on using the changeset viewer.