add_menu( array( 'id' => 'password_protection', 'title' => '', 'href' => admin_url( 'tools.php?page=admin-site-enhancements#utilities' ), 'meta' => array( 'title' => __( 'Password protection is currently enabled for this site.', 'admin-site-enhancements' ), ), ) ); } } } /** * Add icon and CSS for admin bar item * * @since 4.1.0 */ public function add_password_protection_admin_bar_item_styles() { if ( is_user_logged_in() ) { if ( current_user_can( 'manage_options' ) ) { ?> 'view', 'source' => urlencode( $current_url ), ); $pwd_protect_login_url = add_query_arg( $args, home_url( '/' ) ); nocache_headers(); wp_safe_redirect( $pwd_protect_login_url ); exit; } } /** * Maybe process login to access protected page content * * @since 4.1.0 */ public function maybe_process_login() { global $password_protected_errors; $password_protected_errors = new WP_Error(); if ( isset( $_REQUEST['protected_page_pwd'] ) ) { $password_input = sanitize_text_field( $_REQUEST['protected_page_pwd'] ); $options = get_option( ASENHA_SLUG_U, array() ); $stored_password = $options['password_protection_password']; if ( !empty( $password_input ) ) { if ( $password_input == $stored_password ) { // Password is correct // Set auth cookie // $expiration = time() + DAY_IN_SECONDS; // in 24 hours $expiration = 0; // by the end of browsing session $hashed_cookie_value = wp_hash_password( $_SERVER['HTTP_HOST'] . '__' . $stored_password ); setcookie( 'asenha_password_protection', $hashed_cookie_value, $expiration, COOKIEPATH, COOKIE_DOMAIN, false, true ); // Redirect $redirect_to_url = ( isset( $_REQUEST['source'] ) ? sanitize_url( $_REQUEST['source'] ) : '' ); wp_safe_redirect( $redirect_to_url ); exit; } else { // Password is incorrect // Add error message $password_protected_errors->add( 'incorrect_password', __( 'Incorrect password.', 'admin-site-enhancements' ) ); } } else { // Password input is empty // Add error message $password_protected_errors->add( 'empty_password', __( 'Password can not be empty.', 'admin-site-enhancements' ) ); } } } /** * Add custom login error messages * * @since 4.1.0 */ public function add_login_error_messages() { global $password_protected_errors; if ( $password_protected_errors->get_error_code() ) { $messages = ''; $errors = ''; // Extract the error message foreach ( $password_protected_errors->get_error_codes() as $code ) { $severity = $password_protected_errors->get_error_data( $code ); foreach ( $password_protected_errors->get_error_messages( $code ) as $error ) { if ( 'message' == $severity ) { $messages .= $error . '
'; } else { $errors .= $error . '
'; } } } // Output the error message if ( !empty( $messages ) ) { echo '

' . wp_kses_post( $messages ) . '

'; } if ( !empty( $errors ) ) { echo '
' . wp_kses_post( $errors ) . '
'; } } } }