Jetpack_Protect_Module::check_login_ability PHP Method

Jetpack_Protect_Module Class Documentation Usage Examples Of Jetpack_Protect_Module::check_login_ability Mostra file Open project: automattic/jetpack

check_login_ability() public method

Checks the status for a given IP. API results are cached as transients

public check_login_ability ( boolean $preauth = false ) : boolean
$preauth	boolean	Whether or not we are checking prior to authorization
return	boolean	Either returns true, fires $this->kill_login, or includes a math fallback and returns false

    function check_login_ability($preauth = false)
    {
        $ip = jetpack_protect_get_ip();
        /**
         * Short-circuit check_login_ability. 
         *
         * If there is an alternate way to validate the current IP such as
         * a hard-coded list of IP addresses, we can short-circuit the rest
         * of the login ability checks and return true here.
         *
         * @module protect
         *
         * @since 4.4.0
         *
         * @param bool false Should we allow all logins for the current ip? Default: false
         */
        if (apply_filters('jpp_allow_login', false, $ip)) {
            return true;
        }
        $headers = $this->get_headers();
        $header_hash = md5(json_encode($headers));
        $transient_name = 'jpp_li_' . $header_hash;
        $transient_value = $this->get_transient($transient_name);
        if (jetpack_protect_ip_is_private($ip)) {
            return true;
        }
        if ($this->ip_is_whitelisted($ip)) {
            return true;
        }
        // Check out our transients
        if (isset($transient_value) && 'ok' == $transient_value['status']) {
            return true;
        }
        if (isset($transient_value) && 'blocked' == $transient_value['status']) {
            $this->block_with_math();
        }
        if (isset($transient_value) && 'blocked-hard' == $transient_value['status']) {
            $this->kill_login();
        }
        // If we've reached this point, this means that the IP isn't cached.
        // Now we check with the Protect API to see if we should allow login
        $response = $this->protect_call($action = 'check_ip');
        if (isset($response['math']) && !function_exists('brute_math_authenticate')) {
            include_once dirname(__FILE__) . '/protect/math-fallback.php';
            new Jetpack_Protect_Math_Authenticate();
            return false;
        }
        if ('blocked' == $response['status']) {
            $this->block_with_math();
        }
        if ('blocked-hard' == $response['status']) {
            $this->kill_login();
        }
        return true;
    }

Usage Example

Esempio n. 1

Mostra file

File: protect.php Progetto: dtekcth/datateknologer.se

            return $this->api_endpoint;
        }
        //Check to see if we can use SSL
        $this->api_endpoint = Jetpack::fix_url_for_bad_hosts(JETPACK_PROTECT__API_HOST);
        return $this->api_endpoint;
    }
    function get_local_host()
    {
        if (isset($this->local_host)) {
            return $this->local_host;
        }
        $uri = 'http://' . strtolower($_SERVER['HTTP_HOST']);
        if (is_multisite()) {
            $uri = network_home_url();
        }
        $uridata = parse_url($uri);
        $domain = $uridata['host'];
        // If we still don't have the site_url, get it
        if (!$domain) {
            $uri = get_site_url(1);
            $uridata = parse_url($uri);
            $domain = $uridata['host'];
        }
        $this->local_host = $domain;
        return $this->local_host;
    }
}
Jetpack_Protect_Module::instance();
if (isset($pagenow) && 'wp-login.php' == $pagenow) {
    Jetpack_Protect_Module::check_login_ability();
}

Jetpack_Protect_Module

__construct

admin_banner_styles

admin_jetpack_manage_notice

block_with_math

check_api_key

check_login_ability

check_preauth

check_use_math

configuration_head

configuration_load

configuration_screen