admin
2 years ago
captcha.php
2 years ago
cloudsecure-wp.php
2 years ago
common.php
2 years ago
config.php
2 years ago
disable-author-query.php
2 years ago
disable-login.php
2 years ago
disable-restapi.php
2 years ago
disable-xmlrpc.php
2 years ago
htaccess.php
2 years ago
login-log.php
2 years ago
login-notification.php
2 years ago
rename-login-page.php
2 years ago
restrict-admin-page.php
2 years ago
unify-messages.php
2 years ago
update-notice.php
2 years ago
rename-login-page.php
301 lines
| 1 | <?php |
| 2 | class CloudSecureWP_Rename_Login_Page extends CloudSecureWP_Common { |
| 3 | private const KEY_FEATURE = 'rename_login_page'; |
| 4 | private const KEY_NAME = self::KEY_FEATURE . '_name'; |
| 5 | private const KEY_DISABLE_REDIRECT = self::KEY_FEATURE . '_disable_redirect'; |
| 6 | private $config; |
| 7 | private $htaccess; |
| 8 | |
| 9 | function __construct( array $info, CloudSecureWP_Config $config, CloudSecureWP_Htaccess $htaccess ) { |
| 10 | parent::__construct( $info ); |
| 11 | $this->config = $config; |
| 12 | $this->htaccess = $htaccess; |
| 13 | } |
| 14 | |
| 15 | /** |
| 16 | * 機能毎のKEY取得 |
| 17 | * |
| 18 | * @return string |
| 19 | */ |
| 20 | public function get_feature_key(): string { |
| 21 | return self::KEY_FEATURE; |
| 22 | } |
| 23 | |
| 24 | /** |
| 25 | * 有効無効判定 |
| 26 | * |
| 27 | * @return bool |
| 28 | */ |
| 29 | public function is_enabled(): bool { |
| 30 | return $this->config->get( $this->get_feature_key() ) === 't' ? true : false; |
| 31 | } |
| 32 | |
| 33 | /** |
| 34 | * 初期設定値取得 |
| 35 | * |
| 36 | * @return array |
| 37 | */ |
| 38 | public function get_default(): array { |
| 39 | $ret = array( |
| 40 | self::KEY_FEATURE => 'f', |
| 41 | self::KEY_NAME => $this->get_new_name(), |
| 42 | self::KEY_DISABLE_REDIRECT => 'f', |
| 43 | ); |
| 44 | return $ret; |
| 45 | } |
| 46 | |
| 47 | /** |
| 48 | * 設定値key取得 |
| 49 | */ |
| 50 | public function get_keys(): array { |
| 51 | $ret = array( |
| 52 | self::KEY_FEATURE, |
| 53 | self::KEY_NAME, |
| 54 | self::KEY_DISABLE_REDIRECT, |
| 55 | ); |
| 56 | return $ret; |
| 57 | } |
| 58 | |
| 59 | /** |
| 60 | * 設定値取得 |
| 61 | */ |
| 62 | public function get_settings(): array { |
| 63 | $settings = array(); |
| 64 | $keys = $this->get_keys(); |
| 65 | |
| 66 | foreach ( $keys as $key ) { |
| 67 | $settings[ $key ] = $this->config->get( $key ); |
| 68 | } |
| 69 | |
| 70 | return $settings; |
| 71 | } |
| 72 | |
| 73 | /** |
| 74 | * 設定値保存 |
| 75 | * |
| 76 | * @param array $settings |
| 77 | * @return void |
| 78 | */ |
| 79 | public function save_settings( $settings ): void { |
| 80 | $keys = $this->get_keys(); |
| 81 | |
| 82 | foreach ( $keys as $key ) { |
| 83 | $this->config->set( $key, $settings[ $key ] ?? '' ); |
| 84 | } |
| 85 | |
| 86 | $this->config->save(); |
| 87 | } |
| 88 | |
| 89 | /** |
| 90 | * ランダム値を含んだ新しいログインページ名を取得 |
| 91 | * |
| 92 | * @return string $name |
| 93 | */ |
| 94 | public function get_new_name(): string { |
| 95 | $name = ''; |
| 96 | $chars = '0123456789abcdefghijklmnopqrstuvwxyz-_'; |
| 97 | |
| 98 | for ( $ii = 0; $ii < 8; $ii ++ ) { |
| 99 | $name .= $chars[ rand( 0, strlen( $chars ) - 1 ) ]; |
| 100 | } |
| 101 | |
| 102 | return $name; |
| 103 | } |
| 104 | |
| 105 | /** |
| 106 | * ファイル名重複判定 |
| 107 | * |
| 108 | * @param string $name |
| 109 | */ |
| 110 | public function is_duplicat_file( string $name ): bool { |
| 111 | $files = array_diff( scandir( ABSPATH ), array( '.', '..' ) ); |
| 112 | |
| 113 | if ( in_array( $name, $files ) ) { |
| 114 | return true; |
| 115 | } |
| 116 | |
| 117 | return false; |
| 118 | } |
| 119 | |
| 120 | /** |
| 121 | * htaccessに書き出す設定を取得 |
| 122 | * |
| 123 | * @return string |
| 124 | */ |
| 125 | private function get_htaccess_settings(): string { |
| 126 | $parse = parse_url( site_url() ); |
| 127 | $base = ( $parse['path'] ?? '' ) . '/'; |
| 128 | $name = $this->config->get( self::KEY_NAME ); |
| 129 | $page404 = self::PAGE_404; |
| 130 | |
| 131 | $setting = "<IfModule mod_rewrite.c>" . "\n"; |
| 132 | $setting .= " RewriteEngine on" . "\n"; |
| 133 | $setting .= " RewriteBase {$base}" . "\n"; |
| 134 | $setting .= " RewriteRule ^wp-activate\.php {$page404} [L]" . "\n"; |
| 135 | $setting .= " RewriteRule ^wp-signup\.php {$page404} [L]" . "\n"; |
| 136 | $setting .= " RewriteRule ^{$name}(.*)$ wp-login.php$1 [L]" . "\n"; |
| 137 | $setting .= "</IfModule>" . "\n"; |
| 138 | |
| 139 | return $setting; |
| 140 | } |
| 141 | |
| 142 | /** |
| 143 | * htaccessに書き出す設定を更新 |
| 144 | * |
| 145 | * @return bool |
| 146 | */ |
| 147 | public function update_htaccess(): bool { |
| 148 | $plugin_tag = $this->htaccess->get_plugin_settings_tag(); |
| 149 | $tag = $this->get_feature_key(); |
| 150 | |
| 151 | if ( $this->htaccess->setting_tag_exists( $plugin_tag ) ) { |
| 152 | if ( $this->htaccess->setting_tag_exists( $tag ) ) { |
| 153 | if ( ! $this->remove_htaccess() ) { |
| 154 | return false; |
| 155 | } |
| 156 | } |
| 157 | } else { |
| 158 | $this->htaccess->add_plugin_settings_tag(); |
| 159 | } |
| 160 | |
| 161 | $setting = $this->get_htaccess_settings(); |
| 162 | $ret = $this->htaccess->add_feature_setting( $tag, $setting ); |
| 163 | |
| 164 | return $ret; |
| 165 | } |
| 166 | |
| 167 | /** |
| 168 | * htaccessから設定を削除 |
| 169 | * |
| 170 | * @return bool |
| 171 | */ |
| 172 | public function remove_htaccess(): bool { |
| 173 | return $this->htaccess->remove_settings( array( $this->get_feature_key() ) ); |
| 174 | } |
| 175 | |
| 176 | /** |
| 177 | * login_init |
| 178 | */ |
| 179 | public function login_init() { |
| 180 | $request_uri = sanitize_url( $_SERVER['REQUEST_URI'] ?? '' ); |
| 181 | if ( false !== strpos( $request_uri, 'wp-login.php' ) ) { |
| 182 | if ( false !== strpos( wp_get_referer(), $this->config->get( self::KEY_NAME ) ) ) { |
| 183 | wp_redirect( $this->replace_wp_login( $request_uri ) ); |
| 184 | exit; |
| 185 | } else { |
| 186 | $this->page404(); |
| 187 | exit; |
| 188 | } |
| 189 | } |
| 190 | } |
| 191 | |
| 192 | /** |
| 193 | * site_url |
| 194 | */ |
| 195 | public function site_url( $url, $path, $scheme, $blog_id ) { |
| 196 | return $this->replace_wp_login( $url ); |
| 197 | } |
| 198 | |
| 199 | /** |
| 200 | * network_site_url |
| 201 | */ |
| 202 | public function network_site_url( $url, $path, $scheme ) { |
| 203 | return $this->replace_wp_login( $url ); |
| 204 | } |
| 205 | |
| 206 | /** |
| 207 | * wp_redirect |
| 208 | */ |
| 209 | public function wp_redirect( $location, $status ) { |
| 210 | return $this->replace_wp_login( $location ); |
| 211 | } |
| 212 | |
| 213 | /** |
| 214 | * register |
| 215 | */ |
| 216 | public function register( $link ) { |
| 217 | return $this->replace_wp_login( $link ); |
| 218 | } |
| 219 | |
| 220 | /** |
| 221 | * auth_redirect_scheme |
| 222 | */ |
| 223 | public function auth_redirect_scheme( $scheme ) { |
| 224 | if ( 't' === $this->config->get( self::KEY_DISABLE_REDIRECT ) ) { |
| 225 | if ( ! wp_validate_auth_cookie( '', $scheme ) ) { |
| 226 | wp_safe_redirect( home_url( self::PAGE_404 ) ); |
| 227 | exit; |
| 228 | } |
| 229 | } |
| 230 | return $scheme; |
| 231 | } |
| 232 | |
| 233 | /** |
| 234 | * ログインページ名を書き換え |
| 235 | * |
| 236 | * @param string $uri |
| 237 | * @return string $new_uri |
| 238 | */ |
| 239 | private function replace_wp_login( $uri ) { |
| 240 | $uri = str_replace( 'wp-login.php', $this->config->get( self::KEY_NAME ), $uri ); |
| 241 | return $uri; |
| 242 | } |
| 243 | |
| 244 | /** |
| 245 | * メール通知 |
| 246 | * |
| 247 | * @return void |
| 248 | */ |
| 249 | public function notification( $name ) { |
| 250 | $login_url = site_url() . '/' . $name; |
| 251 | $subject = 'ログインURL変更'; |
| 252 | |
| 253 | $body = "新しいログインURLは、以下のとおりです。" . "\n"; |
| 254 | $body .= "� |
| 255 | 要に応じてブックマークをお願いいたします。" . "\n"; |
| 256 | $body .= "" . "\n"; |
| 257 | $body .= "{$login_url}" . "\n"; |
| 258 | $body .= "" . "\n"; |
| 259 | $body .= "--" . "\n"; |
| 260 | $body .= "CloudSecure WP Security" . "\n"; |
| 261 | |
| 262 | $admins = $this->get_admin_users(); |
| 263 | |
| 264 | foreach ( $admins as $admin ) { |
| 265 | $this->wp_send_mail( $admin->user_email, esc_html( $subject ), esc_html( $body ) ); |
| 266 | } |
| 267 | } |
| 268 | |
| 269 | /** |
| 270 | * 有効化 |
| 271 | * |
| 272 | * @return void |
| 273 | */ |
| 274 | public function activate(): void { |
| 275 | $settings = $this->get_default(); |
| 276 | $this->save_settings( $settings ); |
| 277 | |
| 278 | if ( $this->is_enabled() ) { |
| 279 | if ( ! $this->update_htaccess() ) { |
| 280 | $settings[ $this->get_feature_key() ] = 'f'; |
| 281 | } |
| 282 | } |
| 283 | $this->save_settings( $settings ); |
| 284 | |
| 285 | if ( 't' === $this->config->get( $this->get_feature_key() ) ) { |
| 286 | $this->notification( $settings[ self::KEY_NAME ] ); |
| 287 | } |
| 288 | } |
| 289 | |
| 290 | /** |
| 291 | * 無効化 |
| 292 | * |
| 293 | * @return void |
| 294 | */ |
| 295 | public function deactivate(): void { |
| 296 | $this->remove_htaccess(); |
| 297 | $this->config->set( self::KEY_FEATURE, 'f' ); |
| 298 | $this->config->save(); |
| 299 | } |
| 300 | } |
| 301 |