IBA Verklaart

From A-Eskwiki
Jump to: navigation, search
Dialog-warning.png Doe niet zomaar een update van WordPress, er gaan dan dingen stuk!



IBA Verklaart is de weblog die te vinden is op https://iba.a-eskwadraat.nl. De blog draait op WordPress en maakt gebruik van een aantal plugins: onder andere HTTP Authentication en WP QuickLaTeX. Er is een aantal hacks toegepast om alles naar behoren te laten werken. In het bijzonder zijn alle 'ik ben mijn wachtwoord vergeten'-links weggehaald omdat WordPress geen idee heeft van wachtwoorden, authenticatie verloopt namelijk via een combinatie van intercept_form_submit (IPA) en de HTTP Authentication-plugin. Configuratie van intercept_form_submit is te vinden in /etc/httpd/conf.d/sites-available/ibaweblog op www-dmz.

Diff

Hieronder de wijzigingen t.o.v. een vanilla WordPress + plugins. Let op dat de regelnummers niet meer kloppen, deze diff is vrij oud. Zorg dat je eerst alle onderstaande wijzigingen doorvoert voordat je de nieuwe code in /srv/http/ibaweblog plempt.

--- ./wordpress/wp-content/plugins/http-authentication/http-authentication.php	2012-06-25 02:19:07.000000000 +0200
+++ /srv/http/ibaweblog/wp-content/plugins/http-authentication/http-authentication.php	2015-03-10 21:19:17.932667913 +0100
@@ -24,8 +24,8 @@ class HTTPAuthenticationPlugin {
 		}
 
 		add_action('login_head', array($this, 'add_login_css'));
-		add_action('login_footer', array($this, 'add_login_link'));
-		add_action('check_passwords', array($this, 'generate_password'), 10, 3);
+		// add_action('login_footer', array($this, 'add_login_link'));
+		// add_action('check_passwords', array($this, 'generate_password'), 10, 3);
 		add_action('wp_logout', array($this, 'logout'));
 		add_filter('login_url', array($this, 'bypass_reauth'));
 		add_filter('show_password_fields', array($this, 'allow_wp_auth'));
@@ -182,7 +182,8 @@ p#http-authentication-link a {
 		}
 
 		if (! $username) {
-			return new WP_Error('empty_username', '<strong>ERROR</strong>: No user found in server variables.');
+			//return new WP_Error('empty_username', '<strong>ERROR</strong>: No user found in server variables.');
+			return new WP_Error();
 		}
 
 		// Create new users automatically, if configured
 
--- ./wordpress/wp-includes/pluggable.php	2014-12-01 04:21:22.000000000 +0100
+++ /srv/http/ibaweblog/wp-includes/pluggable.php	2015-03-09 14:39:17.000000000 +0100
@@ -593,7 +593,7 @@ function wp_logout() {
 	 *
 	 * @since 1.5.0
 	 */
-	do_action( 'wp_logout' );
+	// do_action( 'wp_logout' );
 }
 endif;
 
--- ./wordpress/wp-includes/user.php	2014-12-16 23:19:22.000000000 +0100
+++ /srv/http/ibaweblog/wp-includes/user.php	2015-03-09 15:23:31.000000000 +0100
@@ -112,6 +112,9 @@ function wp_signon( $credentials = array
  * @return WP_User|WP_Error WP_User on success, WP_Error on failure.
  */
 function wp_authenticate_username_password($user, $username, $password) {
+	$lostpassword_url = 'mailto:sysop@a-eskwadraat.nl?subject=Wachtwoord%20vergeten&body=Lieve%20sysop,%0D%0Aik%20ben%20een%20domme%20koe';
+	$lostpassword_url = $lostpassword_url . '%20en%20ik%20ben%20mijn%20wachtwoord%20vergeten.%20Kunnen%20jullie%20mij%20helpen%3F';
+
 	if ( is_a( $user, 'WP_User' ) ) {
 		return $user;
 	}
@@ -134,7 +137,7 @@ function wp_authenticate_username_passwo
 	$user = get_user_by('login', $username);
 
 	if ( !$user )
-		return new WP_Error( 'invalid_username', sprintf( __( '<strong>ERROR</strong>: Invalid username. <a href="%s">Lost your password</a>?' ), wp_lostpassword_url() ) );
+		return new WP_Error( 'invalid_username', sprintf( __( '<strong>ERROR</strong>: Invalid username. <a href="%s">Lost your password</a>?' ), $lostpassword_url ) );
 
 	/**
 	 * Filter whether the given user can be authenticated with the provided $password.
@@ -150,8 +153,9 @@ function wp_authenticate_username_passwo
 		return $user;
 
 	if ( !wp_check_password($password, $user->user_pass, $user->ID) )
+		$lostpassword_url = $lostpassword_url . '%0D%0A%0D%0ALiefs,%20' . $username;
 		return new WP_Error( 'incorrect_password', sprintf( __( '<strong>ERROR</strong>: The password you entered for the username <strong>%1$s</strong> is incorrect. <a href="%2$s">Lost your password</a>?' ),
-		$username, wp_lostpassword_url() ) );
+		$username, $lostpassword_url ) );
 
 	return $user;
 }
 
--- ./wordpress/wp-login.php	2014-12-16 23:19:22.000000000 +0100
+++ /srv/http/ibaweblog/wp-login.php	2015-03-09 14:48:07.000000000 +0100
@@ -416,7 +416,7 @@ if ( isset($_GET['key']) )
 	$action = 'resetpass';
 
 // validate action so as to default to the login screen
-if ( !in_array( $action, array( 'postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login' ), true ) && false === has_filter( 'login_form_' . $action ) )
+if ( !in_array( $action, array( 'postpass', 'logout', 'register', 'login' ), true ) && false === has_filter( 'login_form_' . $action ) )
 	$action = 'login';
 
 nocache_headers();
@@ -736,7 +736,6 @@ case 'register' :
 
 <p id="nav">
 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a> |
-<a href="<?php echo esc_url( wp_lostpassword_url() ); ?>" title="<?php esc_attr_e( 'Password Lost and Found' ) ?>"><?php _e( 'Lost your password?' ); ?></a>
 </p>
 
 <?php
@@ -913,7 +912,6 @@ default:
 		echo apply_filters( 'register', $registration_url ) . ' | ';
 	endif;
 	?>
-	<a href="<?php echo esc_url( wp_lostpassword_url() ); ?>" title="<?php esc_attr_e( 'Password Lost and Found' ); ?>"><?php _e( 'Lost your password?' ); ?></a>
 <?php endif; ?>
 </p>
 <?php } ?>