Changeset 3012663

Timestamp:

12/21/2023 03:14:22 AM (2 years ago)

Author:

rsdotscot

Message:

Bug fixing.

Location:

unauthorised-login-redirect

Files:

• tags/0.3.9.1 (added)
• tags/0.3.9.1/LICENSE.txt (added)
• tags/0.3.9.1/README.txt (added)
• tags/0.3.9.1/index.php (added)
• tags/0.3.9.1/ulr (added)
• tags/0.3.9.1/ulr/css (added)
• tags/0.3.9.1/ulr/css/style.css (added)
• tags/0.3.9.1/ulr/ulr-activate.php (added)
• tags/0.3.9.1/ulr/ulr-admin-menu.php (added)
• tags/0.3.9.1/ulr/ulr-admin-settings.php (added)
• tags/0.3.9.1/ulr/ulr-deactivate.php (added)
• tags/0.3.9.1/ulr/ulr-miscellaneous.php (added)
• tags/0.3.9.1/ulr/ulr-option.php (added)
• tags/0.3.9.1/ulr/ulr-redirect.php (added)
• tags/0.3.9.1/unauthorised-login-redirect.php (added)
• trunk/README.txt (modified) (3 diffs)
• trunk/ulr/ulr-admin-settings.php (modified) (1 diff)
• trunk/ulr/ulr-option.php (modified) (1 diff)
• trunk/ulr/ulr-redirect.php (modified) (2 diffs)
• trunk/unauthorised-login-redirect.php (modified) (2 diffs)

unauthorised-login-redirect/trunk/README.txt

@@ -4 +4 @@
 Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=VXYAWTLPZYE7E
 Requires at least: 4.3
-Tested up to: 6.0
+Tested up to: 6.4.2
 Stable tag: trunk
 License: GPLv3 or later
@@ -31 +31 @@
 
 == Changelog ==
+= 0.3.9.1 =
+* Bug fixing.
+
 = 0.3.9 =
 * Testing with WordPress 6.0.
@@ -71 +74 @@
 
 == Upgrade Notice ==
+= 0.3.9.1 =
+* Bug fixing.
+
 = 0.3.9 =
 * Testing with WordPress 6.0.

unauthorised-login-redirect/trunk/ulr/ulr-admin-settings.php

@@ -27 +27 @@
 function rs_ulr_admin_init() {
     $update = rs_ulr_update_settings();
-    $option = rs_ulr_get_option(); ?>
-    <div class="wrap">
-        <h1><?php echo RS_ULR__PLUGIN_NAME; ?></h1>
-        <?php if( $update == TRUE ) { ?><div id="message" class="updated notice is-dismissible"><p>Settings updated.</p></div><?php } ?>
-        <form method="post" action="<?php echo RS_ULR__PLUGIN_ADMIN_URL; ?>">
-            <table class="form-table">
-                <tr>
-                    <th scope="row"><label for="redirect_status">Redirect status</label></th>
-                    <td><p><label><input name="redirect_status" type="radio" value="on" class="tog"<?php if( $option['redirect_status'] == 'on' ) { ?> checked="checked"<?php } ?> /> On</label></p>
-                    <p><label><input name="redirect_status" type="radio" value="off" class="tog"<?php if( $option['redirect_status'] == 'off' ) { ?> checked="checked"<?php } ?> /> Off</label></p></td>
-                </tr>
-                <tr>
-                    <th scope="row"><label for="login_path">Secret login path</label></th>
-                    <td><p>This defines the URL you'll be visiting to log in to your site.</p>
-                    <p><strong>NOTE:</strong> This should not be a path for a page which already exists.</p>
-                    <input name="login_path" type="text" id="login_path" value="<?php echo esc_html( stripslashes( $option['login_path'] ) ); ?>" class="regular-text" />
-                    <p>Current redirect login URL: <strong><?php echo home_url().esc_html( stripslashes( $option['login_path'] ) ); ?></strong> (you should bookmark this)</p></td>
-                </tr>
-                <tr>
-                    <th scope="row"><label for="secret_get_key">Secret GET key</label></th>
-                    <td><p>This is the parameter part of your new login URL. Without this parameter and the corresponding value below, anyone trying to access your login page will be redirected to the site you select below.</p>
-                    <input name="secret_get_key" type="text" id="secret_get_key" value="<?php echo esc_html( stripslashes( $option['secret_get_key'] ) ); ?>" class="regular-text" />
-                    <p>Current login URL: <?php echo wp_login_url().'?<strong>'.esc_html( stripslashes( $option['secret_get_key'] ) ).'</strong>='.esc_html( stripslashes( $option['secret_get_value'] ) ); ?></p></td>
-                </tr>
-                <tr>
-                    <th scope="row"><label for="secret_get_value">Secret GET value</label></th>
-                    <td><p>This is the value required for the parameter set above.</p>
-                    <input name="secret_get_value" type="text" id="secret_get_value" value="<?php echo esc_html( stripslashes( $option['secret_get_value'] ) ); ?>" class="regular-text" />
-                    <p>Current login URL: <?php echo wp_login_url().'?'.esc_html( stripslashes( $option['secret_get_key'] ) ).'=<strong>'.esc_html( stripslashes( $option['secret_get_value'] ) ).'</strong>'; ?></td>
-                </tr>
-                <tr>
-                    <th scope="row"><label for="redirect_url">Redirect destination</label></th>
-                    <td><select name="redirect_url" id="redirect_url"><?php rs_ulr_destination_options( $option['redirect_url'] ); ?></select></td>
-                </tr>
-                <tr>
-                    <th scope="row">Delete settings on deactivation?</th>
-                    <td><label for="delete_option_on_deactivate"><input name="delete_option_on_deactivate" type="checkbox" id="delete_option_on_deactivate" value="1"<?php if( $option['delete_option_on_deactivate'] == '1' ) { ?> checked="checked"<?php } ?> /> Check this box to delete your settings above when you deactivate the plugin.</label></td>
-                </tr>
-            </table>
-            <p class="beer">Do you find this plugin useful? If you do and you'd like to buy me a beer to say thanks, <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=VXYAWTLPZYE7E" onclick="window.open( this ); return false;">click here</a>. Thanks!</p>
-            <?php wp_nonce_field( 'rs_ulr_update_settings' ); ?>
-            <?php submit_button(); ?>
-        </form>
-    </div><?php
+    $option = rs_ulr_get_option();
+    echo '<div class="wrap">';
+        echo '<h1>'.RS_ULR__PLUGIN_NAME.'</h1>';
+        if( $update == TRUE ) { echo '<div id="message" class="updated notice is-dismissible"><p>Settings updated.</p></div>'; }
+        echo '<form method="post" action="'.RS_ULR__PLUGIN_ADMIN_URL.'">';
+            echo '<table class="form-table">';
+                echo '<tr>';
+                    echo '<th scope="row"><label for="redirect_status">Redirect status</label></th>';
+                    echo '<td><p><label><input name="redirect_status" type="radio" value="on" class="tog"'; if( $option['redirect_status'] == 'on' ) { echo ' checked="checked"'; } echo ' /> On</label></p>';
+                    echo '<p><label><input name="redirect_status" type="radio" value="off" class="tog"'; if( $option['redirect_status'] == 'off' ) { echo ' checked="checked"'; } echo ' /> Off</label></p></td>';
+                echo '</tr>';
+                echo '<tr>';
+                    echo '<th scope="row"><label for="login_path">Secret login path</label></th>';
+                    echo '<td><p>This defines the URL you\'ll be visiting to log in to your site.</p>';
+                    echo '<p><strong>NOTE:</strong> This should not be a path for a page which already exists.</p>';
+                    echo '<input name="login_path" type="text" id="login_path" value="'.esc_html( stripslashes( $option['login_path'] ) ).'" class="regular-text" />';
+                    echo '<p>Current redirect login URL: <strong>'.home_url().esc_html( stripslashes( $option['login_path'] ) ).'</strong> (you should bookmark this)</p></td>';
+                echo '</tr>';
+                echo '<tr>';
+                    echo '<th scope="row"><label for="secret_get_key">Secret GET key</label></th>';
+                    echo '<td><p>This is the parameter part of your new login URL. Without this parameter and the corresponding value below, anyone trying to access your login page will be redirected to the site you select below.</p>';
+                    echo '<input name="secret_get_key" type="text" id="secret_get_key" value="'.esc_html( stripslashes( $option['secret_get_key'] ) ).'" class="regular-text" />';
+                    echo '<p>Current login URL: '.wp_login_url().'?<strong>'.esc_html( stripslashes( $option['secret_get_key'] ) ).'</strong>='.esc_html( stripslashes( $option['secret_get_value'] ) ).'</p></td>';
+                echo '</tr>';
+                echo '<tr>';
+                    echo '<th scope="row"><label for="secret_get_value">Secret GET value</label></th>';
+                    echo '<td><p>This is the value required for the parameter set above.</p>';
+                    echo '<input name="secret_get_value" type="text" id="secret_get_value" value="'.esc_html( stripslashes( $option['secret_get_value'] ) ).'" class="regular-text" />';
+                    echo '<p>Current login URL: '.wp_login_url().'?'.esc_html( stripslashes( $option['secret_get_key'] ) ).'=<strong>'.esc_html( stripslashes( $option['secret_get_value'] ) ).'</strong></td>';
+                echo '</tr>';
+                echo '<tr>';
+                    echo '<th scope="row"><label for="redirect_url">Redirect destination</label></th>';
+                    echo '<td><select name="redirect_url" id="redirect_url">'; rs_ulr_destination_options( $option['redirect_url'] ); echo '</select></td>';
+                echo '</tr>';
+                echo '<tr>';
+                    echo '<th scope="row">Delete settings on deactivation?</th>';
+                    echo '<td><label for="delete_option_on_deactivate"><input name="delete_option_on_deactivate" type="checkbox" id="delete_option_on_deactivate" value="1"'; if( $option['delete_option_on_deactivate'] == '1' ) { echo ' checked="checked"'; } echo ' /> Check this box to delete your settings above when you deactivate the plugin.</label></td>';
+                echo '</tr>';
+            echo '</table>';
+            echo '<p class="beer">Do you find this plugin useful? If you do and you\'d like to buy me a beer to say thanks, <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=VXYAWTLPZYE7E" onclick="window.open( this ); return false;">click here</a>. Thanks!</p>';
+            wp_nonce_field( 'rs_ulr_update_settings' );
+            submit_button();
+        echo '</form>';
+    echo '</div>';
 }

unauthorised-login-redirect/trunk/ulr/ulr-option.php

@@ -25 +25 @@
 
 function rs_ulr_option_exists() {
-    if( !rs_ulr_get_option() ) { return FALSE; }
-    else { return TRUE; }
+    $return = TRUE;
+    if( !rs_ulr_get_option() ) { $return = FALSE; }
+    return $return;
 }
 

unauthorised-login-redirect/trunk/ulr/ulr-redirect.php

@@ -7 +7 @@
     if( ( strpos( $path['full_uri'], 'wp-login.php' ) ) || ( ( !is_user_logged_in() ) && ( strpos( $path['full_uri'], 'wp-admin' ) ) ) && ( !strpos( $path['full_uri'], 'wp-admin/admin-ajax.php' ) ) ) {
         $option = rs_ulr_get_option();
-        if( $option['redirect_status'] == 'on' ) {
+        if( $option['redirect_status'] === 'on' ) {
             $get_key = $option['secret_get_key'];
             $get_value = $option['secret_get_value'];
             $redirect_url = $option['redirect_url'];
-            $home_url = str_replace( 'http:', '', str_replace( 'https:', '', home_url() ) );
-            if( $_GET[$get_key] == $get_value ) { $continue = 1; }
-            if( ( isset( $_POST ) && ( $_GET['action'] == 'confirm_admin_email' ) ) ) { $continue = 1; }
-            if( ( strpos( wp_get_referer(), $home_url ) ) && ( $_GET['action'] == 'confirm_admin_email' ) && ( isset( $_GET['remind_me_later'] ) ) ) { $continue = 1; }
-            if( ( strpos( wp_get_referer(), $home_url ) ) && ( $_GET['action'] == 'logout' ) ) { $continue = 1; }
-            if( ( strpos( wp_get_referer(), $home_url ) ) && ( $_GET['action'] == 'lostpassword' ) ) { $continue = 1; }
-            if( ( strpos( wp_get_referer(), $home_url ) ) && ( $_GET['checkemail'] == 'confirm' ) ) { $continue = 1; }
-            if( ( strpos( wp_get_referer(), $home_url ) ) && ( $_GET['loggedout'] == 'true' ) ) { $continue = 1; }
-            if( ( strpos( wp_get_referer(), $home_url ) ) && ( strpos( wp_get_referer(), '/wp-login.php' ) ) ) { $continue = 1; }
-            if( $continue !== 1 ) {
+            $home_url = str_replace( array( 'http:', 'https:' ), '', home_url() );
+            if( isset( $_GET[$get_key] ) ) {
+                if( sanitize_text_field( $_GET[$get_key] ) === $get_value ) { $continue = 1; }
+            }
+            if( isset( $_GET['action'] ) ) {
+                if( ( isset( $_POST ) && ( $_GET['action'] === 'confirm_admin_email' ) ) ) { $continue = 1; }
+                if( ( strpos( wp_get_referer(), $home_url ) !== FALSE ) && ( $_GET['action'] === 'confirm_admin_email' ) && ( isset( $_GET['remind_me_later'] ) ) ) { $continue = 1; }
+                if( ( strpos( wp_get_referer(), $home_url ) !== FALSE ) && ( $_GET['action'] === 'logout' ) ) { $continue = 1; }
+                if( ( strpos( wp_get_referer(), $home_url ) !== FALSE ) && ( $_GET['action'] === 'lostpassword' ) ) { $continue = 1; }
+            }
+            if( isset( $_GET['checkemail'] ) ) {
+                if( ( strpos( wp_get_referer(), $home_url ) !== FALSE ) && ( $_GET['checkemail'] === 'confirm' ) ) { $continue = 1; }
+            }
+            if( isset( $_GET['loggedout'] ) ) {
+                if( ( strpos( wp_get_referer(), $home_url ) !== FALSE ) && ( $_GET['loggedout'] === 'true' ) ) { $continue = 1; }
+            }
+            if( ( strpos( wp_get_referer(), $home_url ) !== FALSE ) && ( strpos( wp_get_referer(), '/wp-login.php' ) !== FALSE ) ) { $continue = 1; }
+            if( !isset( $continue ) ) {
                 wp_redirect( $redirect_url, 302 );
                 exit;
@@ -31 +39 @@
     $path = rs_ulr_get_current_path();
     $option = rs_ulr_get_option();
-    if( $path['full_uri'] == home_url( $option['login_path'] ) ) {
+    if( $path['full_uri'] === home_url( $option['login_path'] ) ) {
         $get_key = $option['secret_get_key'];
         $get_value = $option['secret_get_value'];

unauthorised-login-redirect/trunk/unauthorised-login-redirect.php

@@ -3 +3 @@
 Plugin Name: Unauthorised Login Redirect
 Description: This plugin allows you to effectively hide your wp-login.php and wp-admin by requiring that you access it via a custom URL of your specification, with every other request being redirected to a different URL of your specification.
-Version: 0.3.9
+Version: 0.3.9.1
 Author: RS
 Author URI: https://rs.scot
@@ -43 +43 @@
 define( 'RS_ULR__PLUGIN_SHORT_NAME', 'Login Redirect' );
 define( 'RS_ULR__PLUGIN_URL', plugin_dir_url( __FILE__ ) );
-define( 'RS_ULR__PLUGIN_VERSION', '0.3.9' );
+define( 'RS_ULR__PLUGIN_VERSION', '0.3.9.1' );
 
 foreach( glob( RS_ULR__PLUGIN_DIR.'*.php' ) as $file ) { require_once( $file ); }