[wp-hackers] Login System Patch

Robert Deaton false.hopes at gmail.com
Sun Jan 23 15:15:11 GMT 2005 

After countless problems with logging in and the silly redirects in
wp-login.php, I sat down and wrote a new method of logging in. This
patch allows you to login from any page that you call its function
(authorize();) on, whether it be inside or outside the admin section,
and doesn't ever redirect you away from the page you are trying to
visit. (The one header to redirect is to refresh the page, that way
you are sure the bits of code that execute before you're logged in
reexecute to update the fact that you're logged in, but it only does
this once on the initial login).

The patch is against the latest CVS, created using cvs diff.

? wp-content/themes/classic
? wp-content/themes/default/images
? wp-includes/feed-functions.php
? wp-includes/login.php
Index: wp-admin/admin.php
===================================================================
RCS file: /cvsroot/cafelog/wordpress/wp-admin/admin.php,v
retrieving revision 1.6
diff -r1.6 admin.php
5c5
< auth_redirect();
---
> authorize();
Index: wp-admin/install.php
===================================================================
RCS file: /cvsroot/cafelog/wordpress/wp-admin/install.php,v
retrieving revision 1.53
diff -r1.53 install.php
181c181
< <p>Now you can <a href="../wp-login.php">log in</a> with the
<strong>login</strong>
---
> <p>Now you can <a href="/">log in</a> with the <strong>login</strong>
193c193
< <dd><a href="../wp-login.php">wp-login.php</a></dd>
---
> <dd><a href="/">wp-admin</a></dd>
Index: wp-admin/profile.php
===================================================================
RCS file: /cvsroot/cafelog/wordpress/wp-admin/profile.php,v
retrieving revision 1.39
diff -r1.39 profile.php
24c24
< auth_redirect();
---
> authorize();
Index: wp-includes/functions.php
===================================================================
RCS file: /cvsroot/cafelog/wordpress/wp-includes/functions.php,v
retrieving revision 1.237
diff -r1.237 functions.php
1520,1536d1519
< if ( !function_exists('auth_redirect') ) :
< function auth_redirect() {
< 	// Checks if a user is logged in, if not redirects them to the login page
< 	if ( (!empty($_COOKIE['wordpressuser_' . COOKIEHASH]) && 
< 	!wp_login($_COOKIE['wordpressuser_' . COOKIEHASH],
$_COOKIE['wordpresspass_' . COOKIEHASH], true)) ||
< 	(empty($_COOKIE['wordpressuser_' . COOKIEHASH])) ) {
< 		header('Expires: Mon, 11 Jan 1984 05:00:00 GMT');
< 		header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
< 		header('Cache-Control: no-cache, must-revalidate, max-age=0');
< 		header('Pragma: no-cache');
< 	
< 		header('Location: ' . get_settings('siteurl') .
'/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']));
< 		exit();
< 	}
< }
< endif;
< 
1664c1647,1710
< ?>
---
> function login_form()
> {
> 	include(ABSPATH . WPINC . '/login.php');
> 	die();
> }
> 
> function authorize()
> {
> 	// This patch will probably break any detection code for moving the site to a new location that exists
> 	// It odes not use the SITECOOKIEPATH constant at all, so I don't know what will happen, I haven't tested it
> 	global $error, $wpdb;
> 	$usercookie =  $_COOKIE['wordpressuser_' . COOKIEHASH];
> 	$passcookie = $_COOKIE['wordpresspass_' . COOKIEHASH];
> 	if(isset($_POST['loginformsubmit']) && empty($usercookie) && empty($passcookie))
> 	{
> 		$wpuser = $_POST['log'];
> 		$wppass = md5($_POST['pwd']);
> 		$passfromdb = $wpdb->get_row("SELECT user_pass FROM $wpdb->users WHERE user_login = '$wpuser'", 'ARRAY_A');
> 		if(empty($passfromdb))
> 		{
> 			$error = __('Wrong login.');
> 			login_form();
> 		}
> 		elseif($sppass == $passfromdb['user_pass'])
> 		{
> 			setcookie('steampressuser_' . COOKIEHASH, $spuser, time() + 31536000, COOKIEPATH);
> 			setcookie('steampresspass_' . COOKIEHASH, md5($sppass), time() + 31536000, COOKIEPATH);
> 			header('Location: ' . $_SERVER['PHP_SELF']);
> 			die();
> 		}
> 		else
> 		{
> 			$error = __('Incorrect Password.');
> 			login_form();
> 		}
> 	}
> 	else
> 	{
> 		if(empty($usercookie) || empty($passcookie))
> 		{
> 			login_form();
> 		}
> 		else
> 		{
> 			$passfromdb = $wpdb->get_row("SELECT user_pass FROM $wpdb->users WHERE user_login = '$usercookie'", 'ARRAY_A');
> 			if(!$passfromdb)
> 			{
> 				$error = __('Wrong login.');
> 				login_form();
> 			}
> 			else
> 			{
> 				if($passcookie != md5($passfromdb['user_pass']))
> 				{
> 				wp_clear_cookie();
> 				login_form();
> 				}
> 			}
> 		}
> 	}
> }
> 
> 
> ?>
\ No newline at end of file
Index: wp-includes/template-functions-general.php
===================================================================
RCS file: /cvsroot/cafelog/wordpress/wp-includes/template-functions-general.php,v
retrieving revision 1.64
diff -r1.64 template-functions-general.php
32c32
< 		$link = '<a href="' . get_settings('siteurl') . '/wp-login.php">'
. __('Login') . '</a>';
---
> 		$link = '<a href="' . get_settings('siteurl') . '/wp-admin/">' . __('Login') . '</a>';

More information about the hackers mailing list