Skip to content

Instantly share code, notes, and snippets.

@thefuxia

thefuxia/t5-unique-login-field.php

Last active December 18, 2015 01:09
Show Gist options
  • Save thefuxia/5702077 to your computer and use it in GitHub Desktop.
Save thefuxia/5702077 to your computer and use it in GitHub Desktop.
Download ZIP
T5 Unique Log-in Field
Raw
t5-unique-login-field.php
<?php # -*- coding: utf-8 -*-
namespace Unique_Login;
/**
* Plugin Name: T5 Unique Log-in Field
* Description: Adds a checkbox with a unique name to the login form to prevent scripted log-in attempts.
* Plugin URI:
* Version: 2013.06.14
* Author: Thomas Scholz
* Author URI: http://toscho.de
* Licence: MIT
* License URI: http://opensource.org/licenses/MIT
*/
\add_action(
'login_init',
array ( 'Unique_Login\Unique_Login_Controller', 'init' ),
1
);
/**
* Front class to create the needed instances.
*/
class Unique_Login_Controller
{
/**
* Callback for add_action(). Creates a new instance.
*
* @wp-hook login_init
*/
public function init()
{
return new self;
}
/**
* Set up objects, register footer action callback.
*
* @wp-hook login_init
*/
protected function __construct()
{
if ( ! empty ( $GLOBALS['interim_login'] ) )
return;
$data = new Unique_Login_Data;
$form = new Unique_Login_Form( $data );
\add_action( 'login_footer', array ( $form, 'run' ) );
if ( 'POST' === $_SERVER[ 'REQUEST_METHOD' ] )
{
$check = new Unique_Login_Check( $data );
$check->run();
}
}
}
/**
* Create a unique string for validation.
*
* @wp-hook login_init
*/
class Unique_Login_Data
{
/**
* Unique string to check for.
*
* @type string
*/
public $unique;
/**
* Create public unique string.
*/
public function __construct()
{
if ( defined( 'LOGGED_IN_SALT' ) )
$salt = LOGGED_IN_SALT;
else
$salt = filemtime( __FILE__ );
$this->unique = md5( $_SERVER[ 'HTTP_HOST' ] . $salt );
}
}
/**
* Base structure for output.
*/
abstract class Unique_Login_View
{
/**
* Instance of Unique_Login_Data
*
* @type Unique_Login_Data
*/
protected $data;
/**
* Set $data.
*
* @param Unique_Login_Data $data
*/
public function __construct( Unique_Login_Data $data )
{
$this->data = $data;
}
/**
* Do the actual work.
*
* @return void
*/
abstract public function run();
}
/**
* Check the POST data for valid clicked checkbox.
*
*/
class Unique_Login_Check extends Unique_Login_View
{
/**
* Check POST request for clicked checkbox.
*
* @wp-hook login_init
* @see Unique_Login.Unique_Login_View::run()
*/
public function run()
{
if ( ! isset ( $_POST[ 'log' ] ) )
return;
if ( empty ( $_POST[ 'name_' . $this->data->unique ] )
or 'on' !== strtolower( $_POST[ 'name_' . $this->data->unique ] )
)
{
header( 'Location: http://localhost' );
exit;
}
}
}
/**
* Adds a checkbox with a unique name to the login form.
*/
class Unique_Login_Form extends Unique_Login_View
{
/**
* Create the checkbox and add it to the form.
*
* @wp-hook login_footer
* @see Unique_Login.Unique_Login_View::run()
*/
public function run()
{
$u = $this->data->unique;
$html = "<p class='forgetmenot' style='clear:both;float:none'><label for='id_$u'>"
. "<input type='checkbox' name='name_$u' id='id_$u'> I am human</label></p>";
?>
<script>var p = document.createElement( 'p' );
p.innerHTML = "<?php echo $html; ?>";
document.getElementById( 'loginform' ).appendChild( p );</script>
<?php
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment