public function load()
{
require_once HM_LIMIT_LOGIN_DIR . 'inc/class-options.php';
require_once HM_LIMIT_LOGIN_DIR . 'inc/class-errors.php';
require_once HM_LIMIT_LOGIN_DIR . 'inc/class-cookies.php';
require_once HM_LIMIT_LOGIN_DIR . 'inc/class-validation.php';
require_once HM_LIMIT_LOGIN_DIR . 'inc/class-notifications.php';
if (HM_LIMIT_LOGIN_VERSION !== get_option('hm_limit_login_version')) {
$this->set_default_variables();
}
load_plugin_textdomain('limit-login-attempts', false, dirname(plugin_basename(__FILE__)));
Options::get_instance();
Errors::get_instance();
Cookies::get_instance();
Validation::get_instance();
Notifications::get_instance();
}
/**
* Tidy up retries on a successful login
*/
protected function cleanup_on_login()
{
$cookies = Cookies::get_instance();
list(, $valid, ) = $cookies->get_retries_data();
foreach (array($this->get_address(), $this->get_username()) as $lockout_item) {
if (isset($valid[$lockout_item])) {
$valid[$lockout_item] = -1;
}
}
// Removes the lockout and retries after a successful login
$cookies->cleanup(null, null, $valid);
}
public function option_page()
{
$validation_object = Validation::get_instance();
$cookies_object = Cookies::get_instance();
$cookies_object->cleanup();
if (!current_user_can('manage_options')) {
wp_die('Sorry, but you do not have permissions to change settings.');
}
/* Make sure post was from this page */
if (count($_POST) > 0) {
check_admin_referer('hm-limit-login-attempts-options');
}
/* Should we clear log? */
if (isset($_POST['clear_log'])) {
delete_option('hm_limit_login_logged');
echo '<div id="message" class="updated fade"><p>' . __('Cleared IP log', 'limit-login-attempts') . '</p></div>';
}
/* Should we reset counter? */
if (isset($_POST['reset_total'])) {
update_option('hm_limit_login_lockouts_total', 0);
echo '<div id="message" class="updated fade"><p>' . __('Reset lockout count', 'limit-login-attempts') . '</p></div>';
}
/* Should we restore current lockouts? */
if (isset($_POST['reset_current'])) {
update_option('hm_limit_login_lockouts', array());
echo '<div id="message" class="updated fade"><p>' . __('Cleared current lockouts', 'limit-login-attempts') . '</p></div>';
}
/* Should we update options? */
if (isset($_POST['update_options'])) {
$new_options = array();
$new_options['client_type'] = $_POST['client_type'];
$new_options['allowed_retries'] = absint($_POST['allowed_retries']);
$new_options['lockout_duration'] = absint($_POST['lockout_duration'] * 60);
// into seconds
$new_options['valid_duration'] = absint($_POST['valid_duration'] * 3600);
// into seconds
$new_options['allowed_lockouts'] = absint($_POST['allowed_lockouts']);
$new_options['long_duration'] = absint($_POST['long_duration'] * 3600);
// into seconds
$new_options['notify_email_after'] = absint($_POST['email_after']);
$new_options['cookies'] = absint(isset($_POST['cookies']) && $_POST['cookies'] == '1');
$v = array();
if (isset($_POST['lockout_notify_log'])) {
$v[] = 'log';
}
if (isset($_POST['lockout_notify_email'])) {
$v[] = 'email';
}
$new_options['lockout_notify'] = implode(',', $v);
$selected_lockout_method = array();
if (isset($_POST['lockout_method_ip'])) {
$selected_lockout_method[] = 'ip';
}
if (isset($_POST['lockout_method_username'])) {
$selected_lockout_method[] = 'username';
}
// This should never be empty. Defaulting to IP.
if (empty($selected_lockout_method)) {
$selected_lockout_method[] = 'ip';
}
$new_options['lockout_method'] = implode(',', $selected_lockout_method);
foreach ($new_options as $option_key => $option_value) {
$meta_key = 'hm_limit_login_' . $option_key;
$meta_value = $option_value;
update_option($meta_key, $meta_value);
}
echo '<div id="message" class="updated fade"><p>' . esc_html__('Options changed', 'limit-login-attempts') . '</p></div>';
}
/* Get current options to populate the form with */
$client_type = get_option('hm_limit_login_client_type');
$allowed_retries = absint(get_option('hm_limit_login_allowed_retries'));
$lockout_duration = absint(get_option('hm_limit_login_lockout_duration')) / 60;
// in minutes
$valid_duration = absint(get_option('hm_limit_login_valid_duration')) / 3600;
// in hours
$allowed_lockouts = absint(get_option('hm_limit_login_allowed_lockouts'));
$long_duration = absint(get_option('hm_limit_login_long_duration')) / 3600;
// in hours
$notify_email_after = absint(get_option('hm_limit_login_email_after'));
$cookies = absint(isset($_POST['cookies']) && $_POST['cookies'] == '1');
$lockouts_total = absint(get_option('hm_limit_login_lockouts_total', 0));
$lockouts = $validation_object->get_lockouts();
$lockouts_now = is_array($lockouts) ? count($lockouts) : 0;
$cookies_yes = get_option('hm_limit_login_cookies') ? ' checked ' : '';
$cookies_no = get_option('hm_limit_login_cookies') ? '' : ' checked ';
$client_type_direct = $client_type == HM_LIMIT_LOGIN_DIRECT_ADDR ? ' checked ' : '';
$client_type_proxy = $client_type == HM_LIMIT_LOGIN_PROXY_ADDR ? ' checked ' : '';
$client_type_guess = $this->guess_proxy();
$client_type_message = '';
$client_type_warning = '';
if ($client_type_guess == HM_LIMIT_LOGIN_DIRECT_ADDR) {
$client_type_message = sprintf(__('It appears the site is reached directly (from your IP: %s)', 'limit-login-attempts'), $validation_object->get_address(HM_LIMIT_LOGIN_DIRECT_ADDR));
} else {
$client_type_message = sprintf(__('It appears the site is reached through a proxy server (proxy IP: %s, your IP: %s)', 'limit-login-attempts'), $validation_object->get_address(HM_LIMIT_LOGIN_DIRECT_ADDR), $validation_object->get_address(HM_LIMIT_LOGIN_PROXY_ADDR));
}
$client_type_message .= '<br />';
if ($client_type != $client_type_guess) {
$faq = 'http://wordpress.org/extend/plugins/limit-login-attempts/faq/';
$client_type_warning = '<p>' . sprintf(__('<strong>Current setting appears to be invalid</strong>. Please make sure it is correct. Further information can be found <a href="%s" title="FAQ">here</a>', 'limit-login-attempts'), $faq) . '</p>';
}
$v = explode(',', get_option('hm_limit_login_lockout_notify'));
$log_checked = in_array('log', $v) ? ' checked ' : '';
$email_checked = in_array('email', $v) ? ' checked ' : '';
$saved_lockout_methods = $validation_object->get_lockout_methods();
$lockout_method_ip = checked(1, $saved_lockout_methods['ip'], false);
$lockout_method_username = checked(1, $saved_lockout_methods['username'], false);
include HM_LIMIT_LOGIN_DIR . 'inc/options-page.php';
}
