function render_tab2() { ?> <h2><?php _e('Display Name Security', 'aiowpsecurity'); ?> </h2> <div class="aio_blue_box"> <?php echo '<p>' . __('When you submit a post or answer a comment, WordPress will usually display your "nickname".', 'aiowpsecurity') . ' <br />' . __('By default the nickname is set to the login (or user) name of your account.', 'aiowpsecurity') . ' <br />' . __('From a security perspective, leaving your nickname the same as your user name is bad practice because it gives a hacker at least half of your account\'s login credentials.', 'aiowpsecurity') . ' <br /><br />' . __('Therefore to further tighten your site\'s security you are advised to change your <strong>nickname</strong> and <strong>Display name</strong> to be different from your <strong>Username</strong>.', 'aiowpsecurity') . ' </p>'; ?> </div> <div class="postbox"> <h3><label for="title"><?php _e('Modify Accounts With Identical Login Name & Display Name', 'aiowpsecurity'); ?> </label></h3> <div class="inside"> <?php global $aiowps_feature_mgr; $aiowps_feature_mgr->output_feature_details_badge("user-accounts-display-name"); //now let's find any accounts which have login name same as display name $login_nick_name_accounts = AIOWPSecurity_Utility::check_identical_login_and_nick_names(); if ($login_nick_name_accounts) { echo '<div class="aio_red_box"><p>' . __('Your site currently has the following accounts which have an identical login name and display name.', 'aiowpsecurity') . ' <span class="description">(' . __('Click on the link to edit the settings of that particular user account', 'aiowpsecurity') . '</span></p></div>'; ?> <table class="form-table"> <?php $edit_user_page = get_option('siteurl') . '/wp-admin/user-edit.php?user_id='; foreach ($login_nick_name_accounts as $usr) { echo '<tr valign="top">'; // echo '<th scope="row"><label for="UserID'.$usr['ID'].'"> Login Name: </label></th>'; echo '<td><a href="' . $edit_user_page . $usr['ID'] . '" target="_blank">' . $usr['user_login'] . '</a></td>'; echo '</tr>'; } ?> </table> <?php } else { echo '<div id="aios_message" class="aio_green_box"><p><strong>' . __('No action required.', 'aiowpsecurity') . '</strong> <br />' . __('Your site does not have a user account where the display name is identical to the username.', 'aiowpsecurity') . '</p></div>'; } ?> </div> </div> <?php }
function check_user_accounts_display_name_feature($item) { if (AIOWPSecurity_Utility::check_identical_login_and_nick_names()) { $item->set_feature_status($this->feature_inactive); } else { $item->set_feature_status($this->feature_active); } }