Last active
December 18, 2015 01:09
-
-
Save thefuxia/5702077 to your computer and use it in GitHub Desktop.
T5 Unique Log-in Field
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php # -*- coding: utf-8 -*- | |
namespace Unique_Login; | |
/** | |
* Plugin Name: T5 Unique Log-in Field | |
* Description: Adds a checkbox with a unique name to the login form to prevent scripted log-in attempts. | |
* Plugin URI: | |
* Version: 2013.06.14 | |
* Author: Thomas Scholz | |
* Author URI: http://toscho.de | |
* Licence: MIT | |
* License URI: http://opensource.org/licenses/MIT | |
*/ | |
\add_action( | |
'login_init', | |
array ( 'Unique_Login\Unique_Login_Controller', 'init' ), | |
1 | |
); | |
/** | |
* Front class to create the needed instances. | |
*/ | |
class Unique_Login_Controller | |
{ | |
/** | |
* Callback for add_action(). Creates a new instance. | |
* | |
* @wp-hook login_init | |
*/ | |
public function init() | |
{ | |
return new self; | |
} | |
/** | |
* Set up objects, register footer action callback. | |
* | |
* @wp-hook login_init | |
*/ | |
protected function __construct() | |
{ | |
if ( ! empty ( $GLOBALS['interim_login'] ) ) | |
return; | |
$data = new Unique_Login_Data; | |
$form = new Unique_Login_Form( $data ); | |
\add_action( 'login_footer', array ( $form, 'run' ) ); | |
if ( 'POST' === $_SERVER[ 'REQUEST_METHOD' ] ) | |
{ | |
$check = new Unique_Login_Check( $data ); | |
$check->run(); | |
} | |
} | |
} | |
/** | |
* Create a unique string for validation. | |
* | |
* @wp-hook login_init | |
*/ | |
class Unique_Login_Data | |
{ | |
/** | |
* Unique string to check for. | |
* | |
* @type string | |
*/ | |
public $unique; | |
/** | |
* Create public unique string. | |
*/ | |
public function __construct() | |
{ | |
if ( defined( 'LOGGED_IN_SALT' ) ) | |
$salt = LOGGED_IN_SALT; | |
else | |
$salt = filemtime( __FILE__ ); | |
$this->unique = md5( $_SERVER[ 'HTTP_HOST' ] . $salt ); | |
} | |
} | |
/** | |
* Base structure for output. | |
*/ | |
abstract class Unique_Login_View | |
{ | |
/** | |
* Instance of Unique_Login_Data | |
* | |
* @type Unique_Login_Data | |
*/ | |
protected $data; | |
/** | |
* Set $data. | |
* | |
* @param Unique_Login_Data $data | |
*/ | |
public function __construct( Unique_Login_Data $data ) | |
{ | |
$this->data = $data; | |
} | |
/** | |
* Do the actual work. | |
* | |
* @return void | |
*/ | |
abstract public function run(); | |
} | |
/** | |
* Check the POST data for valid clicked checkbox. | |
* | |
*/ | |
class Unique_Login_Check extends Unique_Login_View | |
{ | |
/** | |
* Check POST request for clicked checkbox. | |
* | |
* @wp-hook login_init | |
* @see Unique_Login.Unique_Login_View::run() | |
*/ | |
public function run() | |
{ | |
if ( ! isset ( $_POST[ 'log' ] ) ) | |
return; | |
if ( empty ( $_POST[ 'name_' . $this->data->unique ] ) | |
or 'on' !== strtolower( $_POST[ 'name_' . $this->data->unique ] ) | |
) | |
{ | |
header( 'Location: http://localhost' ); | |
exit; | |
} | |
} | |
} | |
/** | |
* Adds a checkbox with a unique name to the login form. | |
*/ | |
class Unique_Login_Form extends Unique_Login_View | |
{ | |
/** | |
* Create the checkbox and add it to the form. | |
* | |
* @wp-hook login_footer | |
* @see Unique_Login.Unique_Login_View::run() | |
*/ | |
public function run() | |
{ | |
$u = $this->data->unique; | |
$html = "<p class='forgetmenot' style='clear:both;float:none'><label for='id_$u'>" | |
. "<input type='checkbox' name='name_$u' id='id_$u'> I am human</label></p>"; | |
?> | |
<script>var p = document.createElement( 'p' ); | |
p.innerHTML = "<?php echo $html; ?>"; | |
document.getElementById( 'loginform' ).appendChild( p );</script> | |
<?php | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment