PluginProbe ʕ •ᴥ•ʔ
CloudSecure WP Security / 1.2.1
CloudSecure WP Security v1.2.1
1.4.10 1.4.9 trunk 0.9.0 1.0.2 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3.1 1.3.10 1.3.11 1.3.12 1.3.13 1.3.14 1.3.15 1.3.16 1.3.17 1.3.18 1.3.19 1.3.2 1.3.20 1.3.21 1.3.22 1.3.23 1.3.24 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8
cloudsecure-wp-security / modules / rename-login-page.php
cloudsecure-wp-security / modules Last commit date
admin 2 years ago lib 2 years ago captcha.php 2 years ago cloudsecure-wp.php 2 years ago common.php 2 years ago config.php 2 years ago disable-author-query.php 2 years ago disable-login.php 2 years ago disable-restapi.php 2 years ago disable-xmlrpc.php 2 years ago htaccess.php 2 years ago login-log.php 2 years ago login-notification.php 2 years ago rename-login-page.php 2 years ago restrict-admin-page.php 2 years ago server-error-notification.php 2 years ago two-factor-authentication.php 2 years ago unify-messages.php 2 years ago update-notice.php 2 years ago
rename-login-page.php
301 lines
1 <?php
2 class CloudSecureWP_Rename_Login_Page extends CloudSecureWP_Common {
3 private const KEY_FEATURE = 'rename_login_page';
4 private const KEY_NAME = self::KEY_FEATURE . '_name';
5 private const KEY_DISABLE_REDIRECT = self::KEY_FEATURE . '_disable_redirect';
6 private $config;
7 private $htaccess;
8
9 function __construct( array $info, CloudSecureWP_Config $config, CloudSecureWP_Htaccess $htaccess ) {
10 parent::__construct( $info );
11 $this->config = $config;
12 $this->htaccess = $htaccess;
13 }
14
15 /**
16 * 機能毎のKEY取得
17 *
18 * @return string
19 */
20 public function get_feature_key(): string {
21 return self::KEY_FEATURE;
22 }
23
24 /**
25 * 有効無効判定
26 *
27 * @return bool
28 */
29 public function is_enabled(): bool {
30 return $this->config->get( $this->get_feature_key() ) === 't' ? true : false;
31 }
32
33 /**
34 * 初期設定値取得
35 *
36 * @return array
37 */
38 public function get_default(): array {
39 $ret = array(
40 self::KEY_FEATURE => 'f',
41 self::KEY_NAME => $this->get_new_name(),
42 self::KEY_DISABLE_REDIRECT => 'f',
43 );
44 return $ret;
45 }
46
47 /**
48 * 設定値key取得
49 */
50 public function get_keys(): array {
51 $ret = array(
52 self::KEY_FEATURE,
53 self::KEY_NAME,
54 self::KEY_DISABLE_REDIRECT,
55 );
56 return $ret;
57 }
58
59 /**
60 * 設定値取得
61 */
62 public function get_settings(): array {
63 $settings = array();
64 $keys = $this->get_keys();
65
66 foreach ( $keys as $key ) {
67 $settings[ $key ] = $this->config->get( $key );
68 }
69
70 return $settings;
71 }
72
73 /**
74 * 設定値保存
75 *
76 * @param array $settings
77 * @return void
78 */
79 public function save_settings( $settings ): void {
80 $keys = $this->get_keys();
81
82 foreach ( $keys as $key ) {
83 $this->config->set( $key, $settings[ $key ] ?? '' );
84 }
85
86 $this->config->save();
87 }
88
89 /**
90 * ランダム値を含んだ新しいログインページ名を取得
91 *
92 * @return string $name
93 */
94 public function get_new_name(): string {
95 $name = '';
96 $chars = '0123456789abcdefghijklmnopqrstuvwxyz-_';
97
98 for ( $ii = 0; $ii < 8; $ii ++ ) {
99 $name .= $chars[ rand( 0, strlen( $chars ) - 1 ) ];
100 }
101
102 return $name;
103 }
104
105 /**
106 * ファイル名重複判定
107 *
108 * @param string $name
109 */
110 public function is_duplicat_file( string $name ): bool {
111 $files = array_diff( scandir( ABSPATH ), array( '.', '..' ) );
112
113 if ( in_array( $name, $files ) ) {
114 return true;
115 }
116
117 return false;
118 }
119
120 /**
121 * htaccessに書き出す設定を取得
122 *
123 * @return string
124 */
125 private function get_htaccess_settings(): string {
126 $parse = parse_url( site_url() );
127 $base = ( $parse['path'] ?? '' ) . '/';
128 $name = $this->config->get( self::KEY_NAME );
129 $page404 = self::PAGE_404;
130
131 $setting = "<IfModule mod_rewrite.c>" . "\n";
132 $setting .= " RewriteEngine on" . "\n";
133 $setting .= " RewriteBase {$base}" . "\n";
134 $setting .= " RewriteRule ^wp-activate\.php {$page404} [L]" . "\n";
135 $setting .= " RewriteRule ^wp-signup\.php {$page404} [L]" . "\n";
136 $setting .= " RewriteRule ^{$name}(.*)$ wp-login.php$1 [L]" . "\n";
137 $setting .= "</IfModule>" . "\n";
138
139 return $setting;
140 }
141
142 /**
143 * htaccessに書き出す設定を更新
144 *
145 * @return bool
146 */
147 public function update_htaccess(): bool {
148 $plugin_tag = $this->htaccess->get_plugin_settings_tag();
149 $tag = $this->get_feature_key();
150
151 if ( $this->htaccess->setting_tag_exists( $plugin_tag ) ) {
152 if ( $this->htaccess->setting_tag_exists( $tag ) ) {
153 if ( ! $this->remove_htaccess() ) {
154 return false;
155 }
156 }
157 } else {
158 $this->htaccess->add_plugin_settings_tag();
159 }
160
161 $setting = $this->get_htaccess_settings();
162 $ret = $this->htaccess->add_feature_setting( $tag, $setting );
163
164 return $ret;
165 }
166
167 /**
168 * htaccessから設定を削除
169 *
170 * @return bool
171 */
172 public function remove_htaccess(): bool {
173 return $this->htaccess->remove_settings( array( $this->get_feature_key() ) );
174 }
175
176 /**
177 * login_init
178 */
179 public function login_init() {
180 $request_uri = sanitize_url( $_SERVER['REQUEST_URI'] ?? '' );
181 if ( false !== strpos( $request_uri, 'wp-login.php' ) ) {
182 if ( false !== strpos( wp_get_referer(), $this->config->get( self::KEY_NAME ) ) ) {
183 wp_redirect( $this->replace_wp_login( $request_uri ) );
184 exit;
185 } else {
186 $this->page404();
187 exit;
188 }
189 }
190 }
191
192 /**
193 * site_url
194 */
195 public function site_url( $url, $path, $scheme, $blog_id ) {
196 return $this->replace_wp_login( $url );
197 }
198
199 /**
200 * network_site_url
201 */
202 public function network_site_url( $url, $path, $scheme ) {
203 return $this->replace_wp_login( $url );
204 }
205
206 /**
207 * wp_redirect
208 */
209 public function wp_redirect( $location, $status ) {
210 return $this->replace_wp_login( $location );
211 }
212
213 /**
214 * register
215 */
216 public function register( $link ) {
217 return $this->replace_wp_login( $link );
218 }
219
220 /**
221 * auth_redirect_scheme
222 */
223 public function auth_redirect_scheme( $scheme ) {
224 if ( 't' === $this->config->get( self::KEY_DISABLE_REDIRECT ) ) {
225 if ( ! wp_validate_auth_cookie( '', $scheme ) ) {
226 wp_safe_redirect( home_url( self::PAGE_404 ) );
227 exit;
228 }
229 }
230 return $scheme;
231 }
232
233 /**
234 * ログインページ名を書き換え
235 *
236 * @param string $uri
237 * @return string $new_uri
238 */
239 private function replace_wp_login( $uri ) {
240 $uri = str_replace( 'wp-login.php', $this->config->get( self::KEY_NAME ), $uri );
241 return $uri;
242 }
243
244 /**
245 * メール通知
246 *
247 * @return void
248 */
249 public function notification( $name ) {
250 $login_url = site_url() . '/' . $name;
251 $subject = 'ログインURL変更';
252
253 $body = "新しいログインURLは、以下のとおりです。" . "\n";
254 $body .= "�
255 要に応じてブックマークをお願いいたします。" . "\n";
256 $body .= "" . "\n";
257 $body .= "{$login_url}" . "\n";
258 $body .= "" . "\n";
259 $body .= "--" . "\n";
260 $body .= "CloudSecure WP Security" . "\n";
261
262 $admins = $this->get_admin_users();
263
264 foreach ( $admins as $admin ) {
265 $this->wp_send_mail( $admin->user_email, esc_html( $subject ), esc_html( $body ) );
266 }
267 }
268
269 /**
270 * 有効化
271 *
272 * @return void
273 */
274 public function activate(): void {
275 $settings = $this->get_default();
276 $this->save_settings( $settings );
277
278 if ( $this->is_enabled() ) {
279 if ( ! $this->update_htaccess() ) {
280 $settings[ $this->get_feature_key() ] = 'f';
281 }
282 }
283 $this->save_settings( $settings );
284
285 if ( 't' === $this->config->get( $this->get_feature_key() ) ) {
286 $this->notification( $settings[ self::KEY_NAME ] );
287 }
288 }
289
290 /**
291 * 無効化
292 *
293 * @return void
294 */
295 public function deactivate(): void {
296 $this->remove_htaccess();
297 $this->config->set( self::KEY_FEATURE, 'f' );
298 $this->config->save();
299 }
300 }
301