At this point I’m not sure if I want to add the following to the main plugin, but here’s an additional plugin that would force the user to log in with JavaScript enabled (which would also force encryption). It’s been tested with WP 2.9 and 3.0 RC.

<?php
/*
Plugin Name: Forced Semisecure Login
Plugin URI: http://moggy.laceous.com/2010/06/12/forced-semisecure-login/
Description: By default, <a href="http://wordpress.org/extend/plugins/semisecure-login-reimagined/">Semisecure Login Reimainged</a> allows the user to disable JavaScript to log in without encryption.  This plugin forces the user to have JavaScript enabled so that they log in with encryption. (Only applies to the log in page)
Author: moggy
Version: 1.0
Author URI: http://moggy.laceous.com/
*/

add_action('login_head', 'forced_semisecure_login_login_head');
function forced_semisecure_login_login_head() {
  // Hack! The logged out page clears the $errors variable, but it still allows the $error variable
  if ( !empty($_GET['loggedout']) || $GLOBALS['reauth'] ) {
    $GLOBALS['error'] = '<strong>Semisecure Login</strong>: Please enable JavaScript in order to log in!';
  }
?>
  <style type="text/css">
  #loginform {
    display:none;
  }
  </style>
<?php
}

add_action('login_form', 'forced_semisecure_login_login_form');
function forced_semisecure_login_login_form() {
?>
  <script type="text/javascript">
  document.getElementById('loginform').style.display = 'block';
  if (document.getElementById('login_error')) {
    if (document.getElementById('login_error').innerHTML.indexOf('<strong>Semisecure Login</strong>: Please enable JavaScript in order to log in!') != -1) {
      document.getElementById('login_error').style.display = 'none';
    }
  }
  </script>
<?php
}

// This needs to happen after the built-in WordPress authenticate hook(s)
add_filter('authenticate', 'forced_semisecure_login_authenticate', 9999, 3);
function forced_semisecure_login_authenticate($user, $username, $password) {
  if ( is_a($user, 'WP_User') ) { return $user; }

  if (is_wp_error($user)) {
    if ( $user->get_error_codes() == array('empty_username', 'empty_password') ) {
      return new WP_Error('semisecure_error', '<strong>Semisecure Login</strong>: Please enable JavaScript in order to log in!');
    }
    else {
      return $user;
    }
  }
}

Semisecure Login Reimagined v3.1 is an update mainly dealing with multi-site integration. My thinking was that if you have a multisite install and want to use a plugin like this one (meaning that you don’t have an SSL certificate but want a little extra security), you probably want the plugin to be enabled globally throughout your network. If you’re a super admin in your network, you can do this by network activating this plugin. Once activated, you’ll see a new “Semisecure Login” menu item attached to the “Super Admin” menu. All of the settings can be controlled thoughought your network from this new menu item. (Note: if you choose to activate the plugin individually for each site in your network then it will still add a new menu item to the “Super Admin” menu, and it will still be controlled globally, but the plugin will only work on the sites it has been activated on)

If you want, you can also choose to override some of the global options on individual sites. You can restrict these override options to super admins or, additionally, give individual site admins access. Most options outside of the RSA key are available to be overridden. Override settings are attached as a menu item to each site’s “Settings” menu.

If you’re using multisite and decide that you don’t want any global options, there’s a new advanced option that will make the plugin think it’s in a single site install. (New in v3.1: advanced options have been changed to a set of defines) Simply add the following to your wp-config.php file:

define('SEMISECURELOGIN_REIMAGINED__OVERRIDE_IS_MULTISITE', TRUE);

Other updates include:

• JavaScript keypair generation has been removed
• Public exponent option on the keypair generation form has been removed
• The uninstall tab on the settings page has been removed (although the uninstall.php file is still available)
• Password encryption on the user administration pages is now turned on by default
• The default RSA keypair size is now 2048 bits (previously it was 1024 bits)
• For multisite installs, there’s a new option to force UTF-8 for all the sites in your network (changing the character encoding is normally something you have to do on a site by site basis)
• If you want to display the custom integration instructions publicly, you can use the following shortcode: [semisecurelogin_reimagined_integration]
• The jsbn (RSA JavaScript) library uses some fairly generic names and puts most of them in the global scope. This can lead to JavaScript conflicts. For now, all of the names in the global scope have been prefixed with “jsbn_”

Finally, the required WP version has been bumped to 2.8.

Download
The download is still available over at wordpress.org

That previous post also marked the release of one of my first WordPress plugins. The plugin (originally created for WordPress 2.2) provided its own administrative page that queried the database directly. When WordPress 2.5 was released, it brought along a new media library. Rather than continuing to rely on a plugin that did everything from scratch, I decided to piggy-back on the media library.

Fast forward a few years… and now you can download Attachment Page Comment Control from its official WordPress page. (Screenshots, changelog, etc are all located over there)

(This should only be considered a reference; I’m not supporting the following plugin)

<?php
/*
Plugin Name: SemisecureLoginReimagined-RegisterPlus-Bridge
Plugin URI: http://moggy.laceous.com
Description: Integrate SemisecureLoginReimagined with RegisterPlus (reference implementation; tested with: PHP 5.2.9, WP 2.8.6, SLR 3.0.8.3, RP 3.5.1)
Author: moggy
Author URI: http://moggy.laceous.com
Version: 1.0
*/

// hook into the registration form (wp-login.php?action=register)
// make sure this function runs before RegisterPlus
add_action('register_form', 'slr_rp_b_register_form', -1000);
function slr_rp_b_register_form() {
  // if both plugins are activated (and configured)
  if (slr_rp_b_plugins_activated()) {
    // if there are any errors, RegisterPlus will pass the unencrypted password from the server to the browser
    // this stops the password from being sent in the clear
    if (isset($_POST['pass1']))
      unset($_POST['pass1']);
    if (isset($_POST['pass2']))
      unset($_POST['pass2']);
  }
}

// hook into the head section of the registration page (wp-login.php?action=register)
add_action('login_head', 'slr_rp_b_login_head');
function slr_rp_b_login_head() {
  // if this is the registration page and both plugins are activated (and configured)
  if ($_GET['action'] == 'register' && slr_rp_b_plugins_activated()) {
    // Make sure that all the external JavaScript is available (including jQuery)
    SemisecureLoginReimagined::enqueue_js(true);
    // insert our custom JavaScript
    ?>
    <script type="text/javascript">
    //<![CDATA[
      jQuery(document).ready(function($) {
        // display a default message
        $('#pass2').after('<span id="semisecure-message">Semisecure Login is enabled.</span>');

        // Bind to the form's submit event
        $('form#registerform').submit(function() {
          // update the message when the form is submitted
          $('#semisecure-message').text('Encrypting password & submitting...');

          // Collect the password(s)...
          var pass1 = $('#pass1').val();
          var pass2 = $('#pass2').val();
          var passwords = [];
          passwords[0] = pass1;
          passwords[1] = pass2;

          // ...and form name(s)
          var names = [];
          names[0] = $('#pass1').attr('name');
          names[1] = $('#pass2').attr('name');

          // Pass the needed PHP values over to the JavaScript side
          var public_n = '<?php echo SemisecureLoginReimagined::public_n(); ?>';
          var public_e = '<?php echo SemisecureLoginReimagined::public_e(); ?>';
          var uuid = '<?php echo SemisecureLoginReimagined::uuid(); ?>';
          var nonce_js = '<?php echo SemisecureLoginReimagined::nonce_js(); ?>';
          var max_rand_chars = '<?php echo SemisecureLoginReimagined::max_rand_chars(); ?>';
          var rand_chars = '<?php echo addslashes(SemisecureLoginReimagined::rand_chars()); ?>';
          var secret_key_algo = '<?php echo SemisecureLoginReimagined::secret_key_algo(); ?>';

          // Encrypt the password(s)
          var arr = SemisecureLoginReimagined.encrypt(passwords, names, nonce_js, public_n, public_e, uuid, secret_key_algo, rand_chars, max_rand_chars);

          if (arr) {
            // Loop through the array and append the controls to the form
            for (var i = 0; i < arr.length; i++) {
              $('form#registerform').append(arr[i]);
            }

            // Finally, don't submit the plain-text password(s)
            // One option is to submit asterisks in place of the actual password
            var temp1 = '';
            var temp2 = '';
            for (var i = 0; i < pass1.length; i++) { temp1 += '*'; }
            for (var i = 0; i < pass2.length; i++) { temp2 += '*'; }
            $('#pass1').val(temp1);
            $('#pass2').val(temp2);
            // Another option is to disable the control(s) with the plain-text password(s) altogether
            $('#pass1').attr('disabled', 'true');
            $('#pass2').attr('disabled', 'true');
            return true;
          }
          else {
            $('#semisecure-message').text('Problem encrypting password! Please disable JavaScript to submit without encryption.');
            return false;
          }
        });
      })
    //]]>
    </script>
    <?php
  }
}

function slr_rp_b_plugins_activated() {
  // if SemisecureLoginReimagined v3 is activated (tested w/ v3.0.8.3)
  // Note: v3.0.5 fixed a bug with the version method in this context
  if (method_exists('SemisecureLoginReimagined', 'version') && version_compare(SemisecureLoginReimagined::version(), '3.0', '>=')) {
    // if the RSA keypair has been generated and openssl is available
    if (SemisecureLoginReimagined::is_rsa_key_ok() && SemisecureLoginReimagined::is_openssl_avail()) {
      // if RegisterPlus is activated (tested w/ v3.5.1)
      if (class_exists('RegisterPlusPlugin')) {
        // if registrants can enter their own password
        $regplus = get_option( 'register_plus' );
        if (is_array($regplus) && $regplus['password']) {
          return true;
        }
      }
    }
  }
  return false;
}

?>

For starters, past versions relied on RSA public-key encryption alone. Version 3 now uses a combination of public and secret-key encryption. This means that there is no longer a limit on the length of passwords that can be encrypted. The limit in earlier versions was large enough that I doubt it affected anyone, however.

Initially, two secret-key algorithms are provided: RC4 (a stream cipher) and AES (a block cipher). On the JavaScript side I chose to go with the crypto-js library. Unfortunately, there wasn’t a complimentary PHP library so I ended up converting the majority of crypto-js to PHP.

Past versions of this plugin didn’t behave themselves very well when stepping outside of the ASCII character bounds. (Western ISO-8859-1 might be more technically correct.) Version 3 now has support for UTF-8 passwords. Only UTF-8 is supported. If your blog is using another character encoding then your mileage may vary.

The settings page was starting to get long and unwieldy. This has been corrected by splitting each section into sub-pages.

If you’re having trouble generating an RSA keypair then you can now (optionally) display some debugging information to get you pointed in the right direction.

The main reason that the version has been bumped up to version 3 (rather than… say… 2.5) is because the integration API has changed. This change was necessary because of the secret-key addition. Hopefully now, the integration has also been simplified a bit.

Finally, support for older versions of WordPress has been dropped. Semisecure Login Reimagined v3 requires WP 2.7 (or higher) and PHP 4.3 (or higher). Seriously, if you’re running an older version of WordPress you’re just asking to be hacked! OpenSSL is still required, but no other PHP extensions are required (including mcrypt, etc).

Download
The download location hasn’t changed :) You can still download Semisecure Login Reimagined at its official WordPress page.

Programming note: while v1 of this plugin supported WP 2.1, it also required PHP 4.3. Techincally, WP 2.1.x, 2.2.x, and 2.3.x only required PHP 4.2. Semisecure Login Reimagined v2 should now work properly with PHP 4.2. (Hopefully most people have upgraded to a recent version of PHP 5)

This new version is now using a new internal API to decrypt passwords on the server side. Previously, it had been using the wp_authenticate hook, but this post indicates that it might be removed at some point in the near future. The new API is much more generic and isn’t limited to just logging in.

What’s New

• jQuery is now being used on the client side
• If you’re not able to generate a keypair with the standard or alternative methods, then you can now generate a keypair via JavaScript (you’ll have to manually insert the data in your DB though)
• If you’re using WP 2.7 or higher then you can now encrypt the password on the user administration pages (editing or adding a new user)
• 3rd-party integration support for other plugin authors (see the included help link on the plugin’s settings page)
• You can decide which parts of this plugin to enable: activating the plugin enables the API, while the settings page lets you decide if you want to encrypt the password on the login page (enabled by default so there’s no surprises for anyone upgrading from v1) and if you want to encrypt the password on the user administration pages (disabled by default)

Download
You can still download Semisecure Login Reimagined at its official WordPress page.

The best hook to use is still the query_string filter. Unfortunately, this specific filter is technically deprecated (and may be removed at some point). You’re supposed to use the request filter now. However, the request filter doesn’t seem to provide quite as much functionality as the query_string filter. Namely, there doesn’t appear to be a good way to check for is_home (which is important for our purposes).

<?php

/*
 * Plugin Name: Custom Hemingway Home Query
 * Plugin URI: http://moggy.laceous.com/2008/08/15/paging-hemingway-part-deux/
 * Description: Gives you the ability to use the paging links on your homepage (works with Hemingway and HemingwayEx)
 * Version: 0.2a
 * Author: moggy
 * Author URI: http://moggy.laceous.com
 */

add_filter('query_string', 'custom_hem_home_query');
function custom_hem_home_query($query_string) {
	global $wp_query;
	$wp_query->parse_query($query_string); //required in order to check is_home
	if ($wp_query->is_home) {
		if (strlen($query_string) > 0) {
			$query_string .= '&';
		}
		$query_string .= 'posts_per_page=2';
		global $hemingwayEx;
		if (isset($hemingwayEx)) {
			if (method_exists($hemingwayEx, 'get_asides_category_id')) {
				$category_id = $hemingwayEx->get_asides_category_id();
				if (!is_null($category_id) && !empty($category_id) && is_numeric($category_id)) {
					$query_string .= '&cat=-' . $category_id;
				}
			}
		}
	}
	return $query_string;
}

?>

An alternate way to do this would be to hook into the pre_get_posts action. Unfortunately, there’s a down-side here as well. Namely, if you create a new WP_Query object then this method might interfere with your new WP_Query instance (rather than just affecting the main loop). I ran into this very problem with my asides widget, and had to throw in a category check in the code below.

<?php

/*
 * Plugin Name: Custom Hemingway Home Query
 * Plugin URI: http://moggy.laceous.com/2008/08/15/paging-hemingway-part-deux/
 * Description: Gives you the ability to use the paging links on your homepage (works with Hemingway and HemingwayEx)
 * Version: 0.2b
 * Author: moggy
 * Author URI: http://moggy.laceous.com
 */

add_action('pre_get_posts', 'custom_hem_home_query', 1, 1);
function custom_hem_home_query($wp_query) {
	if (is_home()) { //at this point is_home is already set
		$wp_query->query_vars['posts_per_page'] = 2;
		//$wp_query->query['posts_per_page'] = 2; //only setting query_vars seems to matter
		if (isset($GLOBALS['hemingwayEx'])) {
			if (method_exists($GLOBALS['hemingwayEx'], 'get_asides_category_id')) {
				$category_id = $GLOBALS['hemingwayEx']->get_asides_category_id();
				if (!is_null($category_id) && !empty($category_id) && is_numeric($category_id)) {
					//check if the category has already been set
					//if I don't check this then it breaks my asides widget
					if (strlen($wp_query->query_vars['cat']) <= 0) {
						$wp_query->query_vars['cat'] = '-' . $category_id;
					}
				}
			}
		}
	}
}

?>

To get this to work you’ll still need to follow the 3 steps from my original post. Namely (that’s número tres for those of you counting along at home *wink wink*), copying the PHP code into a file (i.e. custom_hem_home_query.php) and uploading to your plugins folder (don’t forget to activate the plugin when you’re ready), commenting out the custom query in your theme’s index.php file (the query_posts line towards the top), and adding the paging links to your home page (also in your theme’s index.php file).

With the release of WordPress 2.5, passwords are now hashed up by phpass before entering the database. Further complicating the matter, phpass salts each password before hashing. This change effectively “breaks” Semisecure Login. Using a plugin, it’s possible to revert back to the md5 hashes, and Semisecure Login for WordPress 2.5 takes advantage of this.

On the other hand, I wanted to keep using the new phpass hashes and still provide a semisecure login environment. This thread details the difficulty in making this happen. There didn’t seem to be any way to use one-way hashing, and using standard secret-key encryption was out (for obvious reasons). The only thing that left me with was to try and use public-key encryption.

RSA is a popular public-key algorithm, and I was able to find a few implementations in both JavaScript and PHP. My main criteria in picking which implementation(s) to use were (1) interoperability between JavaScript and PHP, (2) efficiency, speed, and performance and (3) a solution that would work for most shared hosts. I ended up settling on the jsbn library for JavaScript and OpenSSL on the PHP side. Unfortunately, PHP’s built-in openssl functions are rather limited when it comes to generating RSA keypairs, so I had to rely on making calls directly against openssl when generating a keypair. This works great on a Linux server but is currently untested on Windows (although I have a feeling it would work as long as the folder where OpenSSL lives was added to the system path).

Download
You can download Semisecure Login Reimagined at its official WordPress page. Additional information, such as installation instructions and changelog, are located there as well.

Requirements

• WordPress: 2.1 to 2.5.1 (2.5.1 is the latest version at the time of this post)
• PHP: 4 or 5 (tested as far back as 4.4.6 and up to 5.2.6)
• OpenSSL (initial keypair generation is handled by direct calls, while decryption is handled by built-in PHP functions)

All tests were performed on various Linux servers. PHP’s program execution functions need to be enabled for the initial keypair generation (safe mode should also be disabled for this). After the keypair is generated, it’s safe to go ahead and re-disable these functions and/or re-enable safe mode. Everyday use of this plugin relies on PHP’s built-in openssl functions.

Update (6/13/08)
As of v1.1.0, keypair generation will work even if safe mode is enabled or the PHP execution fuctions have been disabled. This alternative keypair generation mode will only work if you’re running PHP 5.2.0 or greater, however.

For the most part it went very smoothly (including importing my UTW tags), but there were a few issues.

The biggest change is that there’s no more Ultimate Tag Warrior. The new built-in tagging functions do most of what I wanted. However, the one thing that seemed to be missing was an option to get related posts based on the tags used. I found this great post on the tagging plugins available for v2.3. Apparently there’s supposed to be a plugin for UTW template tag compatibility, but it hasn’t been released yet. Ultimately, I decided to go with the Simple Tags plugin.

The main thing that actually broke was HemingwayEx’s get_asides_category_id function. Since the database structure has changed, I had to edit this function. It was pretty simple though. Simply change: cat_ID –> term_ID, categories –> terms, & cat_name –> name.

If you want to get the paging links working, then here’s 3 steps to achieve that goal.

Step #1:

Create a new PHP file (you can do this easily with a simple text editor like Notepad). Name it custom_hem_home_query.php. Now copy & paste the following code into it.

<?php

/*
 * Plugin Name: Custom HemingwayEx Home Query
 * Plugin URI: http://moggy.laceous.com/2007/07/29/paging-the-hemingwayex-home-page/
 * Description: Gives you the ability to use the paging links on your homepage
 * Version: 0.1
 * Author: Moggy
 * Author URI: http://moggy.laceous.com
 */

add_filter('query_string', 'custom_hem_home_query');

function custom_hem_home_query($query_string) {
	global $wp_query;
	$wp_query->parse_query($query_string);
	if ($wp_query->is_home) {
		global $hemingwayEx;
		$category_id = $hemingwayEx->get_asides_category_id();
		if (is_null($category_id)) {
			$query_string .= '&posts_per_page=2';
		}
		else {
			$query_string .= '&posts_per_page=2&cat=-' . $category_id;
		}
	}
	return $query_string;
}

?>

Save the file & upload it to your wp-content/plugins folder. When you’re ready… activate the plugin.

Step #2:

Now we have to remove the custom query from the wp-content/themes/hemingwayEx index.php file. Find the following code in the index.php file:

// Here is the call to only make two posts show up on the homepage REGARDLESS of your options in the control panel
$category_id = $hemingwayEx->get_asides_category_id();
is_null($category_id) ? query_posts('showposts=2') : query_posts('showposts=2&cat=-' . $category_id);

Simply comment out those lines so it looks like this:

// Here is the call to only make two posts show up on the homepage REGARDLESS of your options in the control panel
//$category_id = $hemingwayEx->get_asides_category_id();
//is_null($category_id) ? query_posts('showposts=2') : query_posts('showposts=2&cat=-' . $category_id);

Step #3:

Now you just need to add the paging links to your index.php file. Something like this should work:

<div class="navigation">
  <?php next_posts_link('&laquo; Previous Entries') ?>
  <?php previous_posts_link('Next Entries &raquo;') ?>
</div>

One final note:

You could also wrap the code from steps 2 & 3 with an if statement like the following if you want to be able to dynamically enable & disable the plugin.

if (function_exists('custom_hem_home_query')) {
  // put code here
}