是否有人尝试将WordPress插件 - “限制登录尝试” - 实施到自定义登录页面模板中?
在我的自定义模板中,我插入了:
<div class="msg-error"">
<p>
<!--The credentials entered are incorrect. Please try again.-->
<?php
echo limit_login_get_message();
?>
</p>
产生错误:剩余2999次尝试。但是,当您尝试再次重新输入无效的密码或用户名时,错误将保持不变并且不会更改。
如果有人这样做了,你能帮助我吗?
感谢。
------------------------------------ UPDATE ---------- -------------------------------
我试过了:
$user = wp_signon($credentials, false);
if (is_wp_error($user)) { // True, check for errors and display them
echo '<div class="msg-error">' . $user->get_error_message() . '</div>';
echo '<div class="msg-error">' . limit_login_get_message() . '</div>'; // Display Limit Login Login Attempt message
} else {
wp_redirect(site_url()); // Redirect them to home page
}
当用户输入错误的凭据时,WP会生成错误,但不会生成限制登录尝试错误,但如果我添加 echo limit_login_get_message(); ,它显示剩余的尝试次数(静态,#不会因多个不正确的凭据而改变....)
仍然在考虑这个......
------------------------------ UPDATE ---------------- ----------------------- 这是我所拥有的片段:
if ($user_ID) {
// Send logged in user back to home page if they are trying to access this page
header('Location:' . home_url());
} else { // If user aren't logged in, Continue log in process
if (isset($_POST["submit-log"])) { // Check for submit button
global $wpdb, $user; // WP Global variables
$username = $wpdb -> escape($_POST['username']); // SQL escape & Fetch username input text
$password = $wpdb -> escape($_POST['password']); // SQL escape & Fetch password input text
$remember = $wpdb -> escape($_POST['rememberme']); // SQL escape & Fetch remember checkbox
if ($remember) // True, checkbox has been checked
$remember = "true";
else // False
$remember = "false";
$credentials = array(); // Create an array to hold the user input data
$credentials['user_login'] = $username;
$credentials['user_password'] = $password;
$credentials['remember'] = $remember;
$user = wp_signon($credentials, false);
if (is_wp_error($user)) { // True, check for errors and display them
echo '<div class="msg-error">' . $user->get_error_message() . '</div>';
echo '<div class="msg-error">' . limit_login_get_message() . '</div>'; // Display Limit Login Login Attempt message
} else {
wp_redirect(site_url()); // Redirect them to home page
}
} else {
// Do nothing
}
}
?>
<div id="login-container">
<h3>Membership Login</h3>
<div class="ws-plugin--s2member-pro-login-widget">
<form id="login" name="form" action="<?php echo esc_html(home_url()); ?>/login/" method="post">
<div class="login-username">
<label for="login-username">Username:</label>
<input id="username" type="text" placeholder="Username" name="username">
</div>
<div class="login-pw">
<label for="login-password">Password:</label>
<input id="password" type="password" placeholder="Password" name="password">
</div>
<div class="lost-pw">
<a href="<?php echo esc_html(site_url('/register')); ?>">signup now</a> | <a href="<?php echo esc_html(site_url('/resetpass')); ?>">forgot password?</a>
</div>
<div class="cust-remember-me">
<label for "remember-me">Remember me</label><input id="remember-me" type="checkbox" name="rememberme">
</div>
<div class="cust-login-submit">
<input id="cust-submit-log" type="hidden" name="hidden-submit-log">
<input id="submit" type="submit" name="submit-log" value="Submit">
</div>
</form>
</div>
答案 0 :(得分:1)
你试过这个吗?
<?php
global $error;
$referrer = $_GET['login'];
if ($referrer == 'false'){
echo '<div id="message" class="error"><p>';
echo $error;
echo '</p></div>';
} else {
}
?>
如果您不想使用该插件,可以将其放在functions.php中使用以下内容。这是来自source。
<?php
/**
* CLASS LIMIT LOGIN ATTEMPTS
* Prevent Mass WordPress Login Attacks by setting locking the system when login fail.
* To be added in functions.php or as an external file.
*/
if ( ! class_exists( 'Limit_Login_Attempts' ) ) {
class Limit_Login_Attempts {
var $failed_login_limit = 3; //Number of authentification accepted
var $lockout_duration = 1800; //Stop authentification process for 30 minutes: 60*30 = 1800
var $transient_name = 'attempted_login'; //Transient used
public function __construct() {
add_filter( 'authenticate', array( $this, 'check_attempted_login' ), 30, 3 );
add_action( 'wp_login_failed', array( $this, 'login_failed' ), 10, 1 );
}
/**
* Lock login attempts of failed login limit is reached
*/
public function check_attempted_login( $user, $username, $password ) {
if ( get_transient( $this->transient_name ) ) {
$datas = get_transient( $this->transient_name );
if ( $datas['tried'] >= $this->failed_login_limit ) {
$until = get_option( '_transient_timeout_' . $this->transient_name );
$time = $this->when( $until );
//Display error message to the user when limit is reached
return new WP_Error( 'too_many_tried', sprintf( __( '<strong>ERROR</strong>: You have reached authentification limit, you will be able to try again in %1$s.' ) , $time ) );
}
}
return $user;
}
/**
* Add transient
*/
public function login_failed( $username ) {
if ( get_transient( $this->transient_name ) ) {
$datas = get_transient( $this->transient_name );
$datas['tried']++;
if ( $datas['tried'] <= $this->failed_login_limit )
set_transient( $this->transient_name, $datas , $this->lockout_duration );
} else {
$datas = array(
'tried' => 1
);
set_transient( $this->transient_name, $datas , $this->lockout_duration );
}
}
/**
* Return difference between 2 given dates
* <a href="/param">@param</a> int $time Date as Unix timestamp
* @return string Return string
*/
private function when( $time ) {
if ( ! $time )
return;
$right_now = time();
$diff = abs( $right_now - $time );
$second = 1;
$minute = $second * 60;
$hour = $minute * 60;
$day = $hour * 24;
if ( $diff < $minute )
return floor( $diff / $second ) . ' secondes';
if ( $diff < $minute * 2 )
return "about 1 minute ago";
if ( $diff < $hour )
return floor( $diff / $minute ) . ' minutes';
if ( $diff < $hour * 2 )
return 'about 1 hour';
return floor( $diff / $hour ) . ' hours';
}
}
}
//Enable it:
new Limit_Login_Attempts();
?>
答案 1 :(得分:0)
我已经找到了解决方案。这是插件设置中的一个问题。现在一切正常。