Changeset 662761
- Timestamp:
- 02/03/2013 11:27:17 AM (13 years ago)
- Location:
- hide-login/trunk
- Files:
-
- 3 edited
-
hide-login.php (modified) (5 diffs)
-
readme.txt (modified) (4 diffs)
-
screenshot-1.png (modified) (previous)
Legend:
- Unmodified
- Added
- Removed
-
hide-login/trunk/hide-login.php
r578337 r662761 5 5 Description: This plugin allows you to create custom URLs for user's login, logout and admin's login page. 6 6 Author: mohammad hossein aghanabi 7 Version: 2.17 Version: 3.0 8 8 Author URI: http://www.websoftdownload.com 9 9 */ … … 12 12 */ 13 13 /* CHANGELOG 14 03-02-2013 - v3.0 15 * Completely rewrote. 16 * All rewrite rules will apply with wordpress buil-in functions 17 * Remove plugin rewrite rules automatically on deactivation 18 * Works with all permalink structures 19 * Droped some useless options and codes and improved functionality 20 * Now Setting page menu is at root 21 * Tested Over the latest Wordpress (v3.5.1) 14 22 28-07-2012 - v2.1 15 23 * Fix an issue with hide mode capability 16 24 29-01-2012 - v2.0 17 * Fix .htaccess query co omands25 * Fix .htaccess query commands 18 26 * Automatic removing and adding htaccess output to .htaccess file 19 27 * Strong security key function … … 29 37 * Removed wp-login.php refresh redirect in favor of using rewrite rules for prevention of direct access to the file. 30 38 */ 31 // include_once(ABSPATH.'wp-admin/admin-functions.php'); 32 if( !class_exists( 'HideLoginPlugin' ) ){ 33 class HideLoginPlugin{ 34 function HideLoginPlugin(){ //Constructor 35 add_action( 'admin_menu', array($this,'AddPanel') ); 36 if( $_POST['action'] == 'hide_login_update' ) 37 add_action( 'init', array($this,'SaveSettings') ); 38 add_filter( 'mod_rewrite_rules', array($this, 'AddRewriteRules'), 999 ); 39 register_activation_hook( __FILE__, array($this, "DefaultSettings") ); 40 register_deactivation_hook( __FILE__, array($this, "UnsetSettings") ); 41 39 if( $_POST['action'] == 'hide_login_update' ) 40 UpdateSettings(); 41 function hide_options() 42 { 43 add_option("hide_login_slug","login"); 44 add_option("hide_logout_slug", "?logout=me"); 45 add_option("hide_admin_slug","wp-admin"); 46 add_option("hide_register_slug","register"); 47 add_option("hide_forgot_slug","forgot"); 48 add_option("hide_login_redirect", get_option('siteurl')."/".get_option("hide_admin_slug")); 49 add_option("hide_mode", 0); 50 add_option("hide_wp_admin", 0); 51 add_option("htaccess_rules", ""); 52 hide_login(); 53 } 54 register_activation_hook( __FILE__ , 'hide_options' ); 55 add_action('init', '_setup'); 56 function _setup() { 57 if(get_option("hide_mode") == 1 && (strpos(strtolower($_SERVER['REQUEST_URI']),'wp-login.php') !== false) && $_SERVER['REQUEST_METHOD'] != "POST") 58 { 59 wp_redirect(get_option('siteurl'),302); 60 exit; 61 } 62 else if(get_option("hide_logout_slug") !="" && (strpos(strtolower($_SERVER['REQUEST_URI']),get_option("hide_logout_slug")) !== false)) 63 { 64 wp_logout(); 65 wp_redirect(get_option('siteurl')); 66 exit; 67 } 68 else if(get_option("hide_wp_admin") == 1 && (strpos(strtolower($_SERVER['REQUEST_URI']),'wp-admin') !== false) && !is_user_logged_in()) 69 { 70 wp_redirect(get_option('siteurl')); 71 exit; 72 } 73 } 74 add_action('admin_menu','AddPanel'); 75 function AddPanel() 76 { 77 add_menu_page('Hide Login', 'Hide Login', 'manage_options', 'HideSettings', 'HideSettings'); 78 } 79 function UpdateSettings() 80 { 81 check_admin_referer('Hide-login-update-options'); 82 $redirect = $_POST['hide_login_redirect']; 83 $custom = $_POST['login_custom']; 84 unset($_POST['hide_login_redirect'],$_POST['login_custom']); 85 $_POST = str_replace(array("/","\\"," "),array("","",""),$_POST); 86 $_POST['hide_login_redirect'] = $redirect; 87 $_POST['login_custom'] = $custom; 88 if($_POST['hide_login_redirect'] == "Custom") 89 { 90 update_option("hide_login_redirect", $_POST['login_custom']); 91 } 92 else 93 { 94 update_option("hide_login_redirect", $_POST['hide_login_redirect']); 95 } 96 update_option("hide_login_slug", $_POST['hide_login_slug']); 97 98 update_option("hide_logout_slug", $_POST['hide_logout_slug']); 99 update_option("hide_admin_slug", $_POST['hide_admin_slug']); 100 // update_option("hide_login_custom", $_POST['hide_login_custom']); 101 update_option("hide_register_slug", $_POST['hide_register_slug']); 102 update_option("hide_forgot_slug", $_POST['hide_forgot_slug']); 103 // update_option("hide_custom_rules", $_POST['hide_custom_rules']); 104 if(get_option("hide_login_slug") != "") 105 update_option("hide_mode", $_POST['hide_mode']); 106 else 107 update_option("hide_mode", 0); 108 if(get_option("hide_admin_slug") != "") 109 update_option("hide_wp_admin", $_POST['hide_wp_admin']); 110 else 111 update_option("hide_wp_admin", 0); 112 add_action('admin_init', 'hide_login'); 113 $_POST['notice'] = __('Settings Updated','hidelogin'); 114 } 115 if(get_option("hide_login_redirect") != "") 116 { 117 add_action('login_form', 'redirect_after_login'); 118 function redirect_after_login() { 119 global $redirect_to; 120 if (!isset($_GET['redirect_to'])) { 121 $redirect_to = get_option('hide_login_redirect'); 42 122 } 43 function AddPanel(){ 44 add_options_page( 'hide Login', 'Hide Login', 10, __FILE__, array($this, 'HideSettings') ); 45 } 46 function DefaultSettings () { 47 if( !get_option("hide_enable") ) 48 add_option("hide_enable","0"); 49 50 if( !get_option("hide_login_slug") ) 51 add_option("hide_login_slug","login"); 52 53 if( !get_option("hide_admin_slug") ) 54 add_option("hide_admin_slug","admin"); 55 56 if( !get_option("hide_login_redirect") ) 57 add_option("hide_login_redirect", get_option('siteurl').'/wp-admin/'); 58 59 if( !get_option("hide_logout_slug") ) 60 add_option("hide_logout_slug", "logout"); 61 62 if( !get_option("hide_login_custom") ) 63 add_option("hide_login_custom", ""); 64 65 if( !get_option("hide_register_slug") ) 66 add_option("hide_register_slug","register"); 67 68 if( !get_option("hide_mode") ) 69 add_option("hide_mode", "0"); 70 71 if( get_option("hide_key") ) 72 delete_option("hide_key"); 73 } 74 function UnsetSettings () { 75 delete_option("hide_enable"); 76 delete_option("hide_login_slug"); 77 delete_option("hide_login_redirect"); 78 delete_option("hide_logout_slug"); 79 delete_option("hide_admin_slug"); 80 delete_option("hide_login_custom"); 81 delete_option("hide_register_slug"); 82 delete_option("hide_mode"); 83 delete_option("hide_htaccess"); 84 delete_option("hide_custom_rules"); 85 delete_option("hide_htaccess"); 86 } 87 function SaveSettings(){ 88 check_admin_referer('Hide-login-update-options'); 89 update_option("hide_enable", $_POST['hide_enable']); 90 update_option("hide_login_slug", $_POST['hide_login_slug']); 91 update_option("hide_login_redirect", $_POST['hide_login_redirect']); 92 update_option("hide_logout_slug", $_POST['hide_logout_slug']); 93 update_option("hide_admin_slug", $_POST['hide_admin_slug']); 94 update_option("hide_login_custom", $_POST['hide_login_custom']); 95 update_option("hide_register_slug", $_POST['hide_register_slug']); 96 update_option("hide_custom_rules", $_POST['hide_custom_rules']); 97 update_option("hide_mode", $_POST['hide_mode']); 98 $htaccess = trailingslashit(ABSPATH).'.htaccess'; 99 $new_rules = $this->CreateRewriteRules(); 100 if( $_POST['hide_enable'] == 0 ): 101 if(file_exists($htaccess) && preg_match("/(.*?)# HIDE-LOGIN(.*?)# END HIDE-LOGIN(.*?)/s",@file_get_contents($htaccess),$part)): 102 $file = fopen($htaccess,'w'); 103 $content = $part[1].$part[3]; 104 fwrite($file,$content); 105 fclose($file); 106 endif; 107 $_POST['notice'] = __('Settings saved. Plugin is disabled.','hidelogin'); 108 elseif( get_option('hide_enable') && isset($_POST['Submit']) ): 109 if(preg_match("/(.*?)# HIDE-LOGIN(.*?)# END HIDE-LOGIN(.*?)/s",@file_get_contents($htaccess),$part)): 110 $file = fopen($htaccess,'w'); 111 $content = $part[1].$new_rules.$part[3]; 112 $content = preg_replace("/(^[\r\n]*|[\r\n]+)[\s\t]*[\r\n]+/", "\n", $content); 113 fwrite($file,$content); 114 fclose($file); 115 else: 116 $file = fopen($htaccess,'a'); 117 fwrite($file,$new_rules); 118 fclose($file); 119 endif; 120 $_POST['notice'] = __('Settings saved and .htaccess file updated.','hidelogin'); 121 else : 122 $_POST['notice'] = __('Settings saved but .htaccess file is not writeable.'.$htaccess,'hidelogin'); 123 endif; 124 } 123 } 124 } 125 if(get_option("hide_logout_slug") != "") 126 { 127 add_filter('logout_url', 'new_logout_url', 10, 2); 128 function new_logout_url($logout_url, $redirect) 129 { 130 return "/".get_option("hide_logout_slug"); 131 } 132 } 133 if(get_option("hide_login_slug") != "") 134 { 135 add_filter( 'login_url', 'new_login_url', 10, 2 ); 136 function new_login_url( $login_url, $redirect ) { 137 return "/".get_option("hide_login_slug"); 138 } 139 } 140 if(get_option("hide_register_slug") != "") 141 { 142 add_filter('register','new_signup_url'); 143 function new_signup_url($url){ 144 return str_replace(site_url('wp-login.php?action=register', 'login'),site_url(get_option("hide_register_slug"), 'login'),$url); 145 } 146 } 147 if(get_option("hide_forgot_slug") != "") 148 { 149 add_filter('lostpassword_url','new_forgetpass_url'); 150 function new_forgetpass_url($url){ 151 return str_replace('?action=lostpassword','',str_replace(network_site_url('wp-login.php', 'login'),site_url(get_option("hide_forgot_slug"), 'login'),$url)); 152 } 153 } 154 function hide_login() 155 { 156 global $wp_rewrite; 157 $other_rules = array(); 158 if(get_option("hide_admin_slug") != "") 159 { 160 add_rewrite_rule( get_option("hide_admin_slug").'/(.*?)$', 'wp-admin/$1?%{QUERY_STRING}', 'top' ); 161 $other_rules[get_option("hide_admin_slug").'$'] = 'WITH_SLASH'; 162 } 163 if(get_option("hide_login_slug") != "") 164 add_rewrite_rule( get_option("hide_login_slug").'/?$', 'wp-login.php', 'top' ); 165 if(get_option("hide_register_slug") != "") 166 add_rewrite_rule( get_option("hide_register_slug").'/?$', 'wp-login.php?action=register', 'top' ); 167 if(get_option("hide_forgot_slug") != "") 168 add_rewrite_rule( get_option("hide_forgot_slug").'/?$', 'wp-login.php?action=lostpassword', 'top' ); 169 170 $wp_rewrite->non_wp_rules = $other_rules + $wp_rewrite->non_wp_rules; 171 function ht_rules($rules) 172 { 173 $rules = str_replace("/WITH_SLASH [QSA,L]", "%{REQUEST_URI}/ [R=301,L]", $rules); 174 update_option("htaccess_rules", $rules); 175 return $rules; 125 176 126 function hideSettings(){ 127 128 if( $_POST['notice'] ) 129 echo '<div id="message" class="updated fade"><p><strong>' . $_POST['notice'] . '</strong></p></div>'; 130 ?> 177 } 178 add_filter('mod_rewrite_rules', 'ht_rules'); 179 $wp_rewrite->flush_rules(true); 180 } 181 function hideSettings(){ 182 if( $_POST['notice'] ) 183 echo '<div id="message" class="updated fade"><p><strong>' . $_POST['notice'] . '</strong></p></div>'; 184 ?> 131 185 <div class="wrap" style="font-family: tahoma !important;"> 132 186 <h2><?php _e('Hide Login Settings', 'hidelogin')?></h2> 133 187 <form method="post" action=""> 134 188 <?php if( function_exists( 'wp_nonce_field' )) wp_nonce_field( 'Hide-login-update-options'); ?> 135 189 <table class="form-table"> 136 190 <tbody> 137 <tr valign="top">138 <th scope="row"><label for="enable"><?php _e('Enable Plugin', 'hidelogin');?></label></th>139 <td><label><input name="hide_enable" id="enable" value="1" <?php if(get_option('hide_enable') == 1) echo 'checked="checked"';?> type="radio" /> On</label> <label><input name="hide_enable" value="0" <?php if(get_option('hide_enable') == 0) echo 'checked="checked"';?> type="radio" /> Off</label></td>140 </tr>141 191 <tr valign="top"> 142 192 <th scope="row"><label for="login_slug"><?php _e('Login Slug', 'hidelogin');?></label></th> … … 147 197 <th scope="row"><label for="login_redirect"><?php _e('Login Redirect', 'hidelogin');?></label></th> 148 198 <td><select name="hide_login_redirect" id="login_redirect"> 149 <option value="<?php echo get_option('siteurl');?>/wp-admin/" <?php if(get_option('hide_login_redirect') == get_option('siteurl').'/wp-admin/'){echo 'selected="selected"';} ?>">WordPress Admin</option>150 <option value="<?php echo get_option('siteurl') ;?>/wp-login.php?redirect_to=<?php echo get_option('siteurl');?>" <?php if(get_option('hide_login_redirect') == get_option('siteurl').'/wp-login.php?redirect_to='.get_option('siteurl')){echo 'selected="selected"';} ?>">WordPress Address</option>151 <option value="<?php echo get_option('siteurl');?>/wp-login.php?redirect_to=<?php echo get_option('home');?>" <?php if(get_option('hide_login_redirect') == get_option('siteurl').'/wp-login.php?redirect_to='.get_option('home')){echo 'selected="selected"';} ?>">Blog Address</option>152 <option value="Custom" <?php if( get_option('hide_login_redirect') == "Custom"){echo 'selected="selected"';} ?>">Custom URL (Enter Below)</option>199 <?php $cus = true; ?> 200 <option value="<?php echo get_option('siteurl')."/".get_option("hide_admin_slug");?>" <?php if(get_option('hide_login_redirect') == get_option('siteurl')."/".get_option("hide_admin_slug")){$cus = false; echo 'selected="selected"';} ?>">WordPress Admin</option> 201 <option value="<?php echo get_option('siteurl');?>" <?php if(get_option('hide_login_redirect') == get_option('siteurl')){$cus = false; echo 'selected="selected"';} ?>">WordPress Address</option> 202 <option value="Custom" <?php if($cus){echo 'selected="selected"';} ?>">Custom URL (Enter Below)</option> 153 203 </select><br /> 154 <input type="text" name="login_custom" size="40" value="<?php echo get_option('hide_login_custom');?>" /><br />204 <input type="text" name="login_custom" size="40" value="<?php if($cus){ echo get_option('hide_login_redirect'); }?>" /><br /> 155 205 <strong style="color:#777;font-size:12px;">Redirect URL:</strong> <span style="font-size:0.9em;color:#999999;"><?php if( get_option('hide_login_redirect') != 'Custom' ) { echo get_option('hide_login_redirect'); } else { echo get_option('hide_login_custom'); } ?></span></td> 156 206 </tr> … … 172 222 <strong style="color:#777;font-size:12px;">Admin URL:</strong> <span style="font-size:0.9em;color:#999999;"><?php echo trailingslashit( get_option('siteurl') ); ?><span style="background-color: #fffbcc;"><?php echo get_option('hide_admin_slug');?></span></span></td> 173 223 </tr> 174 <tr valign="top"> 175 <th scope="row"><label for="custom_rules"><?php _e('Custom Rules', 'hidelogin');?></label></th> 176 <td><textarea name="hide_custom_rules" id="custom_rules" rows="5" cols="50"><?php echo get_option('hide_custom_rules');?></textarea><br /><span style="font-size:0.9em;color:#999999;">Add at your own risk, will added to the rules.</span></td> 177 </tr> 224 <tr valign="top"> 225 <th scope="row"><label for="forgot_slug"><?php _e('Forgot Password Slug', 'hidelogin');?></label></th> 226 <td><input name="hide_forgot_slug" id="forgot_slug" value="<?php echo get_option('hide_forgot_slug');?>" type="text"><br /> 227 <strong style="color:#777;font-size:12px;">Forgot Password URL:</strong> <span style="font-size:0.9em;color:#999999;"><?php echo trailingslashit( get_option('siteurl') ); ?><span style="background-color: #fffbcc;"><?php echo get_option('hide_forgot_slug');?></span></span></td> 228 </tr> 178 229 <tr valign="top"> 179 230 <th scope="row"><?php _e('hide Mode', 'hidelogin'); ?></th> 180 231 <td><label><input type="radio" name="hide_mode" value="1" <?php if(get_option('hide_mode') ) echo 'checked="checked" ';?> /> Enable</label><br /> 181 232 <label><input type="radio" name="hide_mode" value="0" <?php if(!get_option('hide_mode') ) echo 'checked="checked" ';?>/> Disable</label><br /> 182 <small><?php _e('Prevent users from being able to access wp-login.php directly','hidelogin');?></small></td> 233 <small><?php _e('Prevent users from being able to access wp-login.php directly ( enable this when you use custom login slug )','hidelogin');?></small></td> 234 </tr> 235 <tr valign="top"> 236 <th scope="row"><?php _e('hide wp-admin', 'hidelogin'); ?></th> 237 <td><label><input type="radio" name="hide_wp_admin" value="1" <?php if(get_option('hide_wp_admin') ) echo 'checked="checked" ';?> /> Enable</label><br /> 238 <label><input type="radio" name="hide_wp_admin" value="0" <?php if(!get_option('hide_wp_admin') ) echo 'checked="checked" ';?>/> Disable</label><br /> 239 <small><?php _e('Prevent users from being able to access wp-admin directly ( enable this when you use custom admin slug )','hidelogin');?></small></td> 183 240 </tr> 184 241 <tr valign="top"> 185 242 <th scope="row"><?php _e('.htaccess Output', 'hidelogin');?></th> 186 <td style="color: navy;"><pre><?php echo ((get_option('hide_enable'))?get_option('hide_htaccess'):"<span style=\"color: red !important;\">No Output. [Plugin is disable]</span>");?></pre></td> 187 </tr> 243 <td style="color: navy;"><pre><?php echo ((get_option('htaccess_rules') != "")?get_option('htaccess_rules'):"<span style=\"color: red !important;\">No Output.</span>");?></pre></td> 244 </tr> 245 <tr valign="top"> 246 <th scope="row"><?php _e('Did the Tricks ?', 'hidelogin');?></th> 247 <td> 248 <input name="Submit" style="font-family: tahoma !important; font-weight: bold;" value="<?php _e('Save Changes','hidelogin');?>" type="submit" /> 249 <input name="action" value="hide_login_update" type="hidden" /> 250 </td> 251 </tr> 188 252 </tbody> 189 253 </table> 190 <p class="submit"><input name="Submit" value="<?php _e('Save Changes','hidelogin');?>" type="submit" />191 <input name="action" value="hide_login_update" type="hidden" />192 254 </form> 193 255 194 256 </div> 195 <?php 196 } 197 198 function CreateRewriteRules(){ 199 $logout_uri = str_replace(trailingslashit(get_option('siteurl')), '', wp_logout_url()); 200 $siteurl = explode('/',trailingslashit(get_option('siteurl'))); 201 unset($siteurl[0]); unset($siteurl[1]); unset($siteurl[2]); 202 $dir = implode('/',$siteurl); 203 204 if(get_option('hide_login_slug')){ 205 206 if(get_option('hide_login_redirect') != "Custom"){ 207 $login_url = get_option('hide_login_redirect'); 208 }else{ 209 $login_url = get_option('hide_login_custom'); 210 } 211 $login_slug = get_option('hide_login_slug'); 212 $logout_slug = get_option('hide_logout_slug'); 213 $admin_slug = get_option('hide_admin_slug'); 214 $login_key = $this->Key(); 215 $logout_key = $this->Key(); 216 $register_key = $this->Key(); 217 $admin_key = $this->Key(); 218 if( get_option('users_can_register') ){ 219 $register_slug = get_option( 'hide_register_slug' ); 220 $reg_rule_hide = "RewriteRule ^" . $register_slug . " ".$dir."wp-login.php?hide_reg_key=" . $register_key . "&action=register [R,L]\n" ;//Redirect Register slug to registration page with hide_key 221 $reg_rule = "RewriteRule ^" . $register_slug . " ".$dir."wp-login.php?action=register [L]\n" ;//Redirect Register slug to registration page 222 } 223 if( get_option( 'hide_mode' ) ){ 224 $insert = "\n# HIDE-LOGIN\n" . 225 "RewriteEngine On\n". 226 "RewriteBase /\n". 227 "RewriteRule ^" . $logout_slug . " ".$dir.$logout_uri."&hide_out_key=" . $logout_key . " [L]\n" . //Redirect Logout slug to logout with hide_key 228 "RewriteRule ^" . $login_slug . " ".$dir."wp-login.php?hide_in_key=" . $login_key . "&redirect_to=" . $login_url . " [R,L]\n" . //Redirect Login slug to show wp-login.php with hide_key 229 "RewriteRule ^" . $admin_slug . " ".$dir."wp-admin/?hide_admin_key=" . $admin_key . " [R,L]\n" . //Redirect Admin slug to show Dashboard with hide_key 230 $reg_rule_hide . 231 "RewriteCond %{HTTP_REFERER} !^" . get_option('siteurl') . "/wp-admin\n" . //if did not come from WP Admin 232 "RewriteCond %{HTTP_REFERER} !^" . get_option('siteurl') . "/wp-login\.php\n" . //if did not come from wp-login.php 233 "RewriteCond %{HTTP_REFERER} !^" . get_option('siteurl') . "/" . $login_slug . "\n" . //if did not come from Login slug 234 "RewriteCond %{HTTP_REFERER} !^" . get_option('siteurl') . "/" . $admin_slug . "\n" . //if did not come from Admin slug 235 "RewriteCond %{QUERY_STRING} !^hide_in_key=" . $login_key . "\n" . //if no hide_key query 236 "RewriteCond %{QUERY_STRING} !^hide_out_key=" . $logout_key . "\n" . //if no hide_key query 237 "RewriteCond %{QUERY_STRING} !^hide_reg_key=" . $register_key . "\n" . //if no hide_key query 238 "RewriteCond %{QUERY_STRING} !^hide_admin_key=" . $admin_key . " \n" . //if no hide_key query 239 "RewriteRule ^wp-login\.php " . get_option('siteurl') . " [L]\n" . //Send to home page 240 "RewriteCond %{QUERY_STRING} ^loggedout=true \n" . // if logout confirm query is true 241 "RewriteRule ^wp-login\.php " . get_option('siteurl') . " [L]\n" . //Send to home page 242 ((get_option('hide_custom_rules'))?get_option('hide_custom_rules')."\n":""). 243 "RewriteCond %{REQUEST_FILENAME} !-f\n". 244 "RewriteCond %{REQUEST_FILENAME} !-d\n". 245 "RewriteRule . /index.php [L]\n". 246 "# END HIDE-LOGIN\n"; 247 }else{ 248 $insert = "\n# HIDE-LOGIN\n" . 249 "RewriteEngine On\n". 250 "RewriteBase /\n". 251 "RewriteRule ^" . $logout_slug . " ".$dir.$logout_uri." [L]\n" . //Redirect Logout slug to logout 252 "RewriteRule ^" . $admin_slug . " ".$dir."wp-admin/ [R,L]\n" . //Redirect Admin slug to show Dashboard with hide_key 253 "RewriteRule ^" . $login_slug . " ".$dir."wp-login.php?&redirect_to=" . $login_url . " [R,L]\n" . //Redirect Login slug to show wp-login.php 254 $reg_rule . 255 ((get_option('hide_custom_rules'))?get_option('hide_custom_rules')."\n":""). 256 "RewriteCond %{REQUEST_FILENAME} !-f\n". 257 "RewriteCond %{REQUEST_FILENAME} !-d\n". 258 "RewriteRule . /index.php [L]\n". 259 "# END HIDE-LOGIN\n" ; 260 } 261 } 262 $sample = str_replace(array('<','>'),array('<','>'), $insert); 263 update_option('hide_htaccess', $sample); 264 265 return $insert; 266 } 267 268 function AddRewriteRules($rewrite){ 269 global $wp_version; 270 271 if( get_option('hide_enable') == 1 ): 272 $insert = $this->CreateRewriteRules(); 273 $lines = explode('RewriteCond %{REQUEST_FILENAME} !-f', $rewrite); 274 $fn = "RewriteCond %{REQUEST_FILENAME} !-f"; 275 $rewrite = $lines[0] . $insert . $fn . $lines[1]; 276 endif; 277 278 return $rewrite; 279 } 280 281 function Key() { 282 $chars = array('0'=>"abcdefghijklmnopqrstuvwxyz",'1'=>"0123456789",'2'=>"ABCDEFGHIJKLMNOPQRSTUVWXYZ"); 283 for($i=0;$i<10;$i++): srand((double)microtime()*1000000); @$key.= $chars[rand(0,3)][rand(0, strlen($chars[rand(0,3)]))]; endfor; 284 return $key; 285 } 286 287 } 288 } // END Class HideLoginPlugin 289 if( class_exists( 'HideLoginPlugin' ) ){ 290 $hidelogin = new HideLoginPlugin(); 291 }?> 257 <?php 258 } 259 function _deactivate() 260 { 261 remove_action( 'generate_rewrite_rules', 'hide_login' ); 262 $GLOBALS['wp_rewrite']->flush_rules(true); 263 } 264 register_deactivation_hook( __FILE__ , '_deactivate' ); 265 ?> -
hide-login/trunk/readme.txt
r578337 r662761 3 3 Tags: login, logout, htaccess, custom, url, wp-admin, admin, change, hide, stealth, security 4 4 Requires at least: 2.3 5 Tested up to: 3. 4.16 Stable tag: 2.15 Tested up to: 3.5.1 6 Stable tag: 3.0 7 7 8 8 Have a Secure Login Page! Allows you to create custom URLs for user's login, logout and admin's login page. … … 11 11 = # Must Have Plugin For Your Personal Wordpress Blog = 12 12 13 This plugin allows you to create custom URLs for logging in, logging out, administration and registeringfor your WordPress blog. Instead of advertising your login url on your homepage, you can create a url of your choice that can be easier to remember than wp-login.php, for example you could set your login url to http://www.myblog.com/login for an easy way to login to your website.13 This plugin allows you to create custom URLs of Log in, Log out, Lost Password, Administration and Signup page for your WordPress blog. Instead of advertising your login url on your homepage, you can create a url of your choice that can be easier to remember than wp-login.php, for example you could set your login url to http://www.myblog.com/login for an easy way to login to your website. 14 14 15 You could also enable "Hide Mode" which will prevent users from being able to access 'wp-login.php' directly. You can then set your login url to something more cryptic. This won't secure your website perfectly, but if someone does manage to crack your password, it can make it difficult for them to find where to actually login. This also prevents any bots that are used for malicious intents from accessing your wp-login.php file and attempting to break in.15 You could also enable "Hide Mode" which will prevent users from being able to access 'wp-login.php' or 'Hide wp-admin' which prevents the same for wp-admin directly. You can then set your login url to something more cryptic. This won't secure your website perfectly, but if someone does manage to crack your password, it can make it difficult for them to find where to actually login. This also prevents any bots that are used for malicious intents from accessing your wp-login.php file and attempting to break in. 16 16 17 17 ****Securing login page will prevent session hijacking and website hacking.**** … … 20 20 21 21 1. Upload the `hide-login` directory to the `/wp-content/plugins/` directory 22 1. Activate the plugin through the 'Plugins' menu in WordPress 23 1. Set the options in the Settings Panel 22 2. Add these two lines in wp-config.php file after `/* That's all, stop editing! Happy blogging. */` 23 `define('WP_ADMIN_DIR', 'YOUR_ADMIN_SLUG');` 24 `define('ADMIN_COOKIE_PATH', SITECOOKIEPATH . WP_ADMIN_DIR);` 25 Where `YOUR_ADMIN_SLUG` is the slug you use in plugin setting page for Admin. 26 3. Activate the plugin through the 'Plugins' menu in WordPress 27 4. Set the options in the Settings Panel 24 28 25 29 == Changelog == 26 30 = 3.0 = 31 * Completely rewrote. 32 * All rewrite rules will apply with wordpress buil-in functions 33 * Remove plugin rewrite rules automatically on deactivation 34 * Works with all permalink structures 35 * Droped some useless options and codes and improved functionality 36 * Now Setting page menu is at root 37 * Tested Over the latest Wordpress version(3.5.1) 27 38 = 2.1 = 28 39 * Fix an issue with hide mode capability 29 40 = 2.0 = 30 * Fix .htaccess query co omands41 * Fix .htaccess query commands 31 42 * Automatic removing and adding htaccess output to .htaccess file 32 43 * Strong security key function … … 46 57 = Somethings gone horribly wrong and my site is down = 47 58 48 Just d isable the plugin from its setting page :)59 Just deactivate it ;) 49 60 50 61 == Screenshots ==
Note: See TracChangeset
for help on using the changeset viewer.