*/ /** * Do not execute this file directly. */ if (!defined('ABSPATH')) { exit; } use \blobfolio\wp\meow\options; use \blobfolio\wp\meow\ajax; use \blobfolio\wp\meow\login; use \blobfolio\wp\meow\vendor\common\data; use \blobfolio\wp\meow\vendor\common\format as v_format; global $wpdb; $current_user = wp_get_current_user(); $data = array( 'forms'=>array( 'md5'=>array( 'action'=>'meow_ajax_tools_md5', 'n'=>ajax::get_nonce(), 'errors'=>array(), 'loading'=>false, 'hasMD5'=>!!intval($wpdb->get_var("SELECT COUNT(*) FROM `{$wpdb->users}` WHERE `user_pass` REGEXP '^[A-Fa-f0-9]{32}$'")) ), 'reset'=>array( 'action'=>'meow_ajax_tools_reset', 'n'=>ajax::get_nonce(), 'email'=>0, 'message'=>sprintf( __('The %s system administrator has reset all user passwords.', 'apocalypse-meow'), v_format::decode_entities(get_bloginfo('name')) ) . "\n\n" . __('To regain access to your account, visit the following link and choose a new password:', 'apocalypse-meow'), 'errors'=>array(), 'loading'=>false, 'last'=>0, ), 'admin'=>array( 'action'=>'meow_ajax_tools_admin', 'n'=>ajax::get_nonce(), 'admin'=>'', 'administrator'=>'', 'errors'=>array(), 'loading'=>false, 'hasAdmin'=>username_exists('admin'), 'hasAdministrator'=>username_exists('administrator'), ), 'sessions'=>array( 'action'=>'meow_ajax_tools_sessions', 'n'=>ajax::get_nonce(), 'errors'=>array(), 'loading'=>false, ), 'sessionDelete'=>array( 'action'=>'meow_ajax_tools_session_delete', 'n'=>ajax::get_nonce(), 'user_id'=>0, 'session_id'=>'', 'errors'=>array(), 'loading'=>false, ), ), 'msg'=>'', 'sessions'=>array(), 'activeSession'=>hash('sha256', wp_get_session_token()), 'section'=>'passwords', 'modal'=>false, // @codingStandardsIgnoreStart 'modals'=>array( 'passwords-md5'=>array( sprintf( esc_html__('For historical reasons, WordPress has retained backward compatibility with the outdated %s hashing algorithm. Should a hacker obtain a copy of your % table, any user with an MD5-hashed password could be in serious trouble.', 'apocalypse-meow'), 'MD5', "{$wpdb->users}" ), esc_html__('This tool will securely rehash any insecure MD5 password hashes in the database. This will lock affected users out of their account (until they reset their passwords), however these users have likely been absent from the site for many years.', 'apocalypse-meow'), 'MD5' ), 'passwords-reset'=>array( esc_html__('This will immediately reset all user passwords site-wide. To regain account access, each user will need to complete the "Forgot Password" process.', 'apocalypse-meow'), esc_html__('If your site or database has been breached, or you suspect it has, run this tool immediately.', 'apocalypse-meow'), ), 'passwords-reset-email'=>array( esc_html__("Check this box if you wish to start the \"Forgot Password\" process on behalf of users. They'll each be sent an email with the message you specify and a link to choose a new password. This is a user-friendly choice, but there are a few downsides to consider:", 'apocalypse-meow'), '   – ' . esc_html__('Sending lots and lots of emails can take a long time.', 'apocalypse-meow'), '   – ' . esc_html__('Sending lots and lots of emails might violate your hosting provider\'s ToS.', 'apocalypse-meow'), '   – ' . esc_html__('The reset links will be transmitted in plain text across an insecure channel (i.e. email); they could be intercepted by third parties and used to gain unauthorized account access.', 'apocalypse-meow'), sprintf( esc_html__('Note: this plugin implements its own version of the %s function to make it more performant at scale. As a consequence, it does not trigger all of the action/filter hooks the WP version does. If for some reason your site is relying on any of these obscure hooks, this option should probably be avoided.', 'apocalypse-meow'), 'get_password_reset_key' ) ), 'users-admin'=>array( esc_html__('The majority of WordPress sites have a user called "admin" or "administrator", and almost all brute-force attacks specifically target one or the other. You should rename these users immediately to moot such attacks.', 'apocalypse-meow') ), 'sessions'=>array( esc_html__("WordPress generates a unique Session ID each time a user logs into the site. Aside from providing some useful diagnostic information, such as browser and network information, it also provides a server-side mechanism for continually revalidating the session (i.e. regardless of whether or not the user's computer has the right cookie).", 'apocalypse-meow'), esc_html__("If something doesn't look right, you can revoke the session and that user will be immediately logged out. Just be sure to regenerate that account's password afterward or else they'll be able to hop right back in.", 'apocalypse-meow') ), ) // @codingStandardsIgnoreEnd ); ?>

Apocalypse Meow:

{{ msg }}

{{ error }}

{{ error }}

{{ error }}

 

user_login, array('admin','administrator'), true)) { ?>

{{ item.user_id }} {{ item.email }} {{ item.login }}
Created {{ session.date_created }}
Expires {{ session.date_expires }}
IP {{ session.ip }}
Browser {{ session.ua }}
:)

WP-CLI' ); ?>

wp meow --help
Kitten