Created
March 12, 2013 12:12
-
-
Save vicchi/5142423 to your computer and use it in GitHub Desktop.
Workaround for the WP Login Security 2 plugin issuing "session_start(): Cannot send session cache limiter" warnings where the PHP display_errors ini setting can't be changed.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| function wpls2_new_ip_check() { | |
| $error_status = ini_get('display_errors'); | |
| if ($error_status === '1') { | |
| ini_set('display_errors', '0'); | |
| } | |
| global $wpls2_options, $current_user; | |
| session_start(); | |
| $known = get_option( $wpls2_options['whitelist'] ); | |
| $user = $current_user->user_login; | |
| $ip = $_SERVER['REMOTE_ADDR']; | |
| // First check for known and activated IP | |
| if ( is_array($known) && $known[ $user ][ $ip ]['activated'] == true ) { | |
| if ($error_status === '1') { | |
| ini_set('display_errors', $error_status); | |
| } | |
| return false; // This is a known IP | |
| } | |
| // Then check for IPKEY indicating registration | |
| elseif (isset($_SESSION['wpls2_ipkey']) ) { | |
| $ipkey = $_SESSION['wpls2_ipkey']; | |
| if ( $known[ $user ][ $ip ][ 'ipkey' ] == $ipkey ) { | |
| // Key valid. Login. | |
| // TODO Add check to verify key expired keys | |
| $known[ $user ][ $ip ]['date_activated'] = date(WPLS2_DATE_FORMAT); | |
| $known[ $user ][ $ip ]['activated'] = true; | |
| unset( $_SESSION['wpls2_ipkey'] ); | |
| update_option( $wpls2_options['whitelist'] , $known ); | |
| if ( $_options['notify_both'] ) { | |
| wpls2_notify_blog_admin(); | |
| } | |
| if ($error_status === '1') { | |
| ini_set('display_errors', $error_status); | |
| } | |
| return false; | |
| } else { | |
| wp_logout(); | |
| //wp_redirect( site_url('wp-login.php?action=invalidkey') ); | |
| // Redirect using javascript to avoid problem with output buffering. | |
| echo "<script> document.location.href='".site_url('wp-login.php?action=invalidkey')."'</script>"; | |
| exit; | |
| } | |
| } | |
| // If not known or registering, notify of new IP | |
| else { | |
| wpls2_send_activation(); | |
| wp_logout(); | |
| //wp_redirect(site_url('wp-login.php?action=unknownip')); | |
| // Redirect using javascript to avoid problem with output buffering. | |
| echo "<script>document.location.href='".site_url('wp-login.php?action=unknownip')."'</script>"; | |
| exit; | |
| } | |
| } | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment