PluginProbe ʕ •ᴥ•ʔ
WP 2FA – Two-factor authentication for WordPress / 2.9.0
WP 2FA – Two-factor authentication for WordPress v2.9.0
1.7.1 2.0.0 2.0.1 2.1.0 2.2.0 2.2.1 2.3.0 2.4.0 2.4.1 2.4.2 2.5.0 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.7.0 2.8.0 2.9.0 2.9.1 2.9.2 2.9.3 3.0.0 3.0.1 3.1.0 3.1.1 3.1.1.2 trunk 1.2.0 1.3.0 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.6.2 1.7.0
wp-2fa / includes / functions / login-header.php
wp-2fa / includes / functions Last commit date
core.php 11 months ago index.php 11 months ago login-header.php 11 months ago
login-header.php
211 lines
1 <?php
2
3 /**
4 * Output the login page header.
5 *
6 * @param string $title Optional. WordPress login Page title to display in the `<title>` element.
7 * Default 'Log In'.
8 * @param string $message Optional. Message to display in header. Default empty.
9 * @param WP_Error $wp_error Optional. The error to pass. Default is a WP_Error instance.
10 */
11 function login_header( $title = 'Log In', $message = '', $wp_error = null ) {
12
13 global $error, $interim_login, $action;
14
15 // Don't index any of these forms.
16 add_filter( 'wp_robots', 'wp_robots_sensitive_page' );
17 add_action( 'login_head', 'wp_strict_cross_origin_referrer' );
18
19 add_action( 'login_head', 'wp_login_viewport_meta' );
20
21 if ( ! is_wp_error( $wp_error ) ) {
22 $wp_error = new WP_Error();
23 }
24 // Shake it!
25 $shake_error_codes = array( 'empty_password', 'empty_email', 'invalid_email', 'invalidcombo', 'empty_username', 'invalid_username', 'incorrect_password' );
26 /**
27 * Filters the error codes array for shaking the login form.
28 *
29 * @since 3.0.0
30 *
31 * @param array $shake_error_codes Error codes that shake the login form.
32 */
33 $shake_error_codes = apply_filters( 'shake_error_codes', $shake_error_codes );
34 if ( $shake_error_codes && $wp_error->get_error_code() && in_array( $wp_error->get_error_code(), $shake_error_codes ) ) {
35 add_action( 'login_head', 'wp_shake_js', 12 );
36 }
37 $login_title = get_bloginfo( 'name', 'display' );
38 /* translators: Login screen title. 1: Login screen name, 2: Network or site name */
39 $login_title = sprintf( __( '%1$s &lsaquo; %2$s &#8212; WordPress' ), $title, $login_title );
40 /**
41 * Filters the title tag content for login page.
42 *
43 * @since 4.9.0
44 *
45 * @param string $login_title The page title, with extra context added.
46 * @param string $title The original page title.
47 */
48 $login_title = apply_filters( 'login_title', $login_title, $title );
49 ?><!DOCTYPE html>
50 <!--[if IE 8]>
51 <html xmlns="http://www.w3.org/1999/xhtml" class="ie8" <?php language_attributes(); ?>>
52 <![endif]-->
53 <!--[if !(IE 8) ]><!-->
54 <html xmlns="http://www.w3.org/1999/xhtml" <?php language_attributes(); ?>>
55 <!--<![endif]-->
56 <head>
57 <meta http-equiv="Content-Type" content="<?php bloginfo( 'html_type' ); ?>; charset=<?php bloginfo( 'charset' ); ?>" />
58 <title><?php echo $login_title; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?></title>
59 <?php
60 wp_enqueue_style( 'login' );
61
62 /*
63 * Remove all stored post data on logging out.
64 * This could be added by add_action('login_head'...) like wp_shake_js(),
65 * but maybe better if it's not removable by plugins
66 */
67 if ( 'loggedout' == $wp_error->get_error_code() ) {
68 ?>
69 <script>if("sessionStorage" in window){try{for(var key in sessionStorage){if(key.indexOf("wp-autosave-")!=-1){sessionStorage.removeItem(key)}}}catch(e){}};</script>
70 <?php
71 }
72 /**
73 * Enqueue scripts and styles for the login page.
74 *
75 * @since 3.1.0
76 */
77 do_action( 'login_enqueue_scripts' );
78 /**
79 * Fires in the login page header after scripts are enqueued.
80 *
81 * @since 2.1.0
82 */
83 do_action( 'login_head' );
84 if ( \WP2FA\Admin\Helpers\WP_Helper::is_multisite() ) {
85 $login_header_url = network_home_url();
86 $login_header_title = get_network()->site_name;
87 } else {
88 $login_header_url = __( 'https://wordpress.org/' );
89 $login_header_title = __( 'Powered by WordPress' );
90 }
91 /**
92 * Filters link URL of the header logo above login form.
93 *
94 * @since 2.1.0
95 *
96 * @param string $login_header_url Login header logo URL.
97 */
98 $login_header_url = apply_filters( 'login_headerurl', $login_header_url );
99 /**
100 * Filters the title attribute of the header logo above login form.
101 *
102 * @since 2.1.0
103 *
104 * @param string $login_header_title Login header logo title attribute.
105 */
106 $login_header_title = apply_filters( 'login_headertitle', $login_header_title );
107 /*
108 * To match the URL/title set above, Multisite sites have the blog name,
109 * while single sites get the header title.
110 */
111 if ( \WP2FA\Admin\Helpers\WP_Helper::is_multisite() ) {
112 $login_header_text = get_bloginfo( 'name', 'display' );
113 } else {
114 $login_header_text = $login_header_title;
115 }
116 $classes = array( 'login-action-' . $action, 'wp-core-ui' );
117 if ( is_rtl() ) {
118 $classes[] = 'rtl';
119 }
120 if ( $interim_login ) {
121 $classes[] = 'interim-login';
122 ?>
123 <style type="text/css">html{background-color: transparent;}</style>
124 <?php
125 if ( 'success' === $interim_login ) {
126 $classes[] = 'interim-login-success';
127 }
128 }
129 $classes[] = ' locale-' . sanitize_html_class( strtolower( str_replace( '_', '-', get_locale() ) ) );
130 /**
131 * Filters the login page body classes.
132 *
133 * @since 3.5.0
134 *
135 * @param array $classes An array of body classes.
136 * @param string $action The action that brought the visitor to the login page.
137 */
138 $classes = apply_filters( 'login_body_class', $classes, $action );
139 ?>
140 </head>
141 <body class="login <?php echo esc_attr( implode( ' ', $classes ) ); ?>">
142 <?php
143 /**
144 * Fires in the login page header after the body tag is opened.
145 *
146 * @since 4.6.0
147 */
148 do_action( 'login_header' );
149 ?>
150 <div id="login">
151 <h1><a href="<?php echo esc_url( $login_header_url ); ?>" title="<?php echo esc_attr( $login_header_title ); ?>" tabindex="-1"><?php echo $login_header_text; ?></a></h1>
152 <?php
153 unset( $login_header_url, $login_header_title );
154 /**
155 * Filters the message to display above the login form.
156 *
157 * @since 2.1.0
158 *
159 * @param string $message Login message text.
160 */
161 $message = apply_filters( 'login_message', $message );
162 if ( ! empty( $message ) ) {
163 echo $message . "\n";
164 }
165 // In case a plugin uses $error rather than the $wp_errors object.
166 if ( ! empty( $error ) ) {
167 $wp_error->add( 'error', $error );
168 unset( $error );
169 }
170 if ( $wp_error->get_error_code() ) {
171 $errors = '';
172 $messages = '';
173 foreach ( $wp_error->get_error_codes() as $code ) {
174 $severity = $wp_error->get_error_data( $code );
175 foreach ( $wp_error->get_error_messages( $code ) as $error_message ) {
176 if ( 'message' == $severity ) {
177 $messages .= ' ' . $error_message . "<br />\n";
178 } else {
179 $errors .= ' ' . $error_message . "<br />\n";
180 }
181 }
182 }
183 if ( ! empty( $errors ) ) {
184 /**
185 * Filters the error messages displayed above the login form.
186 *
187 * @since 2.1.0
188 *
189 * @param string $errors Login error message.
190 */
191 echo '<div id="login_error">' . apply_filters( 'login_errors', $errors ) . "</div>\n";
192 }
193 if ( ! empty( $messages ) ) {
194 /**
195 * Filters instructional messages displayed above the login form.
196 *
197 * @since 2.5.0
198 *
199 * @param string $messages Login messages.
200 */
201 echo '<p class="message">' . apply_filters( 'login_messages', $messages ) . "</p>\n";
202 }
203 }
204 } // End of login_header().
205
206 function wp_login_viewport_meta() {
207 ?>
208 <meta name="viewport" content="width=device-width" />
209 <?php
210 }
211