PluginProbe ʕ •ᴥ•ʔ
CloudSecure WP Security / 1.2.5
CloudSecure WP Security v1.2.5
1.4.10 1.4.9 trunk 0.9.0 1.0.2 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3.1 1.3.10 1.3.11 1.3.12 1.3.13 1.3.14 1.3.15 1.3.16 1.3.17 1.3.18 1.3.19 1.3.2 1.3.20 1.3.21 1.3.22 1.3.23 1.3.24 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8
cloudsecure-wp-security / modules / rename-login-page.php
cloudsecure-wp-security / modules Last commit date
admin 2 years ago lib 2 years ago captcha.php 2 years ago cloudsecure-wp.php 2 years ago common.php 2 years ago config.php 2 years ago disable-author-query.php 2 years ago disable-login.php 2 years ago disable-restapi.php 2 years ago disable-xmlrpc.php 2 years ago htaccess.php 2 years ago login-log.php 2 years ago login-notification.php 2 years ago rename-login-page.php 2 years ago restrict-admin-page.php 2 years ago server-error-notification.php 2 years ago two-factor-authentication.php 2 years ago unify-messages.php 2 years ago update-notice.php 2 years ago
rename-login-page.php
306 lines
1 <?php
2
3 if ( ! defined( 'ABSPATH' ) ) {
4 exit;
5 }
6
7 class CloudSecureWP_Rename_Login_Page extends CloudSecureWP_Common {
8 private const KEY_FEATURE = 'rename_login_page';
9 private const KEY_NAME = self::KEY_FEATURE . '_name';
10 private const KEY_DISABLE_REDIRECT = self::KEY_FEATURE . '_disable_redirect';
11 private $config;
12 private $htaccess;
13
14 function __construct( array $info, CloudSecureWP_Config $config, CloudSecureWP_Htaccess $htaccess ) {
15 parent::__construct( $info );
16 $this->config = $config;
17 $this->htaccess = $htaccess;
18 }
19
20 /**
21 * 機能毎のKEY取得
22 *
23 * @return string
24 */
25 public function get_feature_key(): string {
26 return self::KEY_FEATURE;
27 }
28
29 /**
30 * 有効無効判定
31 *
32 * @return bool
33 */
34 public function is_enabled(): bool {
35 return $this->config->get( $this->get_feature_key() ) === 't' ? true : false;
36 }
37
38 /**
39 * 初期設定値取得
40 *
41 * @return array
42 */
43 public function get_default(): array {
44 $ret = array(
45 self::KEY_FEATURE => 'f',
46 self::KEY_NAME => $this->get_new_name(),
47 self::KEY_DISABLE_REDIRECT => 'f',
48 );
49 return $ret;
50 }
51
52 /**
53 * 設定値key取得
54 */
55 public function get_keys(): array {
56 $ret = array(
57 self::KEY_FEATURE,
58 self::KEY_NAME,
59 self::KEY_DISABLE_REDIRECT,
60 );
61 return $ret;
62 }
63
64 /**
65 * 設定値取得
66 */
67 public function get_settings(): array {
68 $settings = array();
69 $keys = $this->get_keys();
70
71 foreach ( $keys as $key ) {
72 $settings[ $key ] = $this->config->get( $key );
73 }
74
75 return $settings;
76 }
77
78 /**
79 * 設定値保存
80 *
81 * @param array $settings
82 * @return void
83 */
84 public function save_settings( $settings ): void {
85 $keys = $this->get_keys();
86
87 foreach ( $keys as $key ) {
88 $this->config->set( $key, $settings[ $key ] ?? '' );
89 }
90
91 $this->config->save();
92 }
93
94 /**
95 * ランダム値を含んだ新しいログインページ名を取得
96 *
97 * @return string $name
98 */
99 public function get_new_name(): string {
100 $name = '';
101 $chars = '0123456789abcdefghijklmnopqrstuvwxyz-_';
102
103 for ( $ii = 0; $ii < 8; $ii ++ ) {
104 $name .= $chars[ rand( 0, strlen( $chars ) - 1 ) ];
105 }
106
107 return $name;
108 }
109
110 /**
111 * ファイル名重複判定
112 *
113 * @param string $name
114 */
115 public function is_duplicat_file( string $name ): bool {
116 $files = array_diff( scandir( ABSPATH ), array( '.', '..' ) );
117
118 if ( in_array( $name, $files ) ) {
119 return true;
120 }
121
122 return false;
123 }
124
125 /**
126 * htaccessに書き出す設定を取得
127 *
128 * @return string
129 */
130 private function get_htaccess_settings(): string {
131 $parse = parse_url( site_url() );
132 $base = ( $parse['path'] ?? '' ) . '/';
133 $name = $this->config->get( self::KEY_NAME );
134 $page404 = self::PAGE_404;
135
136 $setting = "<IfModule mod_rewrite.c>" . "\n";
137 $setting .= " RewriteEngine on" . "\n";
138 $setting .= " RewriteBase {$base}" . "\n";
139 $setting .= " RewriteRule ^wp-activate\.php {$page404} [L]" . "\n";
140 $setting .= " RewriteRule ^wp-signup\.php {$page404} [L]" . "\n";
141 $setting .= " RewriteRule ^{$name}(.*)$ wp-login.php$1 [L]" . "\n";
142 $setting .= "</IfModule>" . "\n";
143
144 return $setting;
145 }
146
147 /**
148 * htaccessに書き出す設定を更新
149 *
150 * @return bool
151 */
152 public function update_htaccess(): bool {
153 $plugin_tag = $this->htaccess->get_plugin_settings_tag();
154 $tag = $this->get_feature_key();
155
156 if ( $this->htaccess->setting_tag_exists( $plugin_tag ) ) {
157 if ( $this->htaccess->setting_tag_exists( $tag ) ) {
158 if ( ! $this->remove_htaccess() ) {
159 return false;
160 }
161 }
162 } else {
163 $this->htaccess->add_plugin_settings_tag();
164 }
165
166 $setting = $this->get_htaccess_settings();
167 $ret = $this->htaccess->add_feature_setting( $tag, $setting );
168
169 return $ret;
170 }
171
172 /**
173 * htaccessから設定を削除
174 *
175 * @return bool
176 */
177 public function remove_htaccess(): bool {
178 return $this->htaccess->remove_settings( array( $this->get_feature_key() ) );
179 }
180
181 /**
182 * login_init
183 */
184 public function login_init() {
185 $request_uri = sanitize_url( $_SERVER['REQUEST_URI'] ?? '' );
186 if ( false !== strpos( $request_uri, 'wp-login.php' ) ) {
187 if ( false !== strpos( wp_get_referer(), $this->config->get( self::KEY_NAME ) ) ) {
188 wp_redirect( $this->replace_wp_login( $request_uri ) );
189 exit;
190 } else {
191 $this->page404();
192 exit;
193 }
194 }
195 }
196
197 /**
198 * site_url
199 */
200 public function site_url( $url, $path, $scheme, $blog_id ) {
201 return $this->replace_wp_login( $url );
202 }
203
204 /**
205 * network_site_url
206 */
207 public function network_site_url( $url, $path, $scheme ) {
208 return $this->replace_wp_login( $url );
209 }
210
211 /**
212 * wp_redirect
213 */
214 public function wp_redirect( $location, $status ) {
215 return $this->replace_wp_login( $location );
216 }
217
218 /**
219 * register
220 */
221 public function register( $link ) {
222 return $this->replace_wp_login( $link );
223 }
224
225 /**
226 * auth_redirect_scheme
227 */
228 public function auth_redirect_scheme( $scheme ) {
229 if ( 't' === $this->config->get( self::KEY_DISABLE_REDIRECT ) ) {
230 if ( ! wp_validate_auth_cookie( '', $scheme ) ) {
231 wp_safe_redirect( home_url( self::PAGE_404 ) );
232 exit;
233 }
234 }
235 return $scheme;
236 }
237
238 /**
239 * ログインページ名を書き換え
240 *
241 * @param string $uri
242 * @return string $new_uri
243 */
244 private function replace_wp_login( $uri ) {
245 $uri = str_replace( 'wp-login.php', $this->config->get( self::KEY_NAME ), $uri );
246 return $uri;
247 }
248
249 /**
250 * メール通知
251 *
252 * @return void
253 */
254 public function notification( $name ) {
255 $login_url = site_url() . '/' . $name;
256 $subject = 'ログインURL変更';
257
258 $body = "新しいログインURLは、以下のとおりです。" . "\n";
259 $body .= "�
260 要に応じてブックマークをお願いいたします。" . "\n";
261 $body .= "" . "\n";
262 $body .= "{$login_url}" . "\n";
263 $body .= "" . "\n";
264 $body .= "--" . "\n";
265 $body .= "CloudSecure WP Security" . "\n";
266
267 $admins = $this->get_admin_users();
268
269 foreach ( $admins as $admin ) {
270 $this->wp_send_mail( $admin->user_email, esc_html( $subject ), esc_html( $body ) );
271 }
272 }
273
274 /**
275 * 有効化
276 *
277 * @return void
278 */
279 public function activate(): void {
280 $settings = $this->get_default();
281 $this->save_settings( $settings );
282
283 if ( $this->is_enabled() ) {
284 if ( ! $this->update_htaccess() ) {
285 $settings[ $this->get_feature_key() ] = 'f';
286 }
287 }
288 $this->save_settings( $settings );
289
290 if ( 't' === $this->config->get( $this->get_feature_key() ) ) {
291 $this->notification( $settings[ self::KEY_NAME ] );
292 }
293 }
294
295 /**
296 * 無効化
297 *
298 * @return void
299 */
300 public function deactivate(): void {
301 $this->remove_htaccess();
302 $this->config->set( self::KEY_FEATURE, 'f' );
303 $this->config->save();
304 }
305 }
306