WordPress.org

Ready to get started?Download WordPress

Forums

Login Lock
Login Lock - Not working on on 3.3.1 w/ Password Aging/Password Reset (21 posts)

  1. Joseph G
    Member
    Posted 2 years ago #

    Hello,

    I'm running WordPress 3.3.1 with Login Lock 2.2.3 and it has a pretty serious bug. I've got password aging on and when it a password needs to be reset it presents a blank html page instead of an option to reset. Here is an example:

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml" lang="en-US">
    <head>
    <title> › Reset Password</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <link rel='stylesheet' href='http://www.domainex.com/wp-admin/login.css?version=3.3.1' type='text/css' />

    I've had the same problem in other installs with 3.3. Anyone else seeing this?

    TIA

    http://wordpress.org/extend/plugins/login-lock/

  2. Toni Viemerö
    Member
    Posted 2 years ago #

    Removing row 630 from loginlock.php fixes the problem.

    Here's a diff with backwards compatibility:
    https://gist.github.com/1605009

  3. Joseph G
    Member
    Posted 2 years ago #

    Toni,

    Great thanks! Do you know if there is any plan to release a fix in the form of an update?

  4. gustim
    Member
    Posted 2 years ago #

    My password on my WP installation has expired, and when i log in w/ my user/pass i receive this message

    Fatal error: Call to undefined function is_rtl() in /home/ffda/public_html/wp-includes/general-template.php on line 2102

    If i disable the "require password changes" field, setting to 0, my user work fine.

    Any ideas? :)

    Versions: Login Lock == v2.2.3
    and WP == 3.3.1

  5. Joseph G
    Member
    Posted 2 years ago #

    Looks like we have to disable this feature until a plugin update happens addressing these bugs...

  6. jenifer2012
    Member
    Posted 2 years ago #

    I'm having this problem too.

    I researched it and found this post, which is what helped me realize it was being caused by a plugin. Then I noticed that others in the comment thread were saying Login Lock was the problem. Mine worked fine with the upgrade until it was time to change the password today, then I got the error everyone here is talking about.

    http://www.famousbloggers.net/getting-ready-for-wordprss-3-3-solve-fatal-error-call-to-undefined-function-is_rtl.html

    I'm just now in class for HTML/CSS, so I'm afraid Toni's post and link, though helpful, doesn't make much sense to me.

    Does this mean I have to remove this plugin? It was really helping me. It's already shown me over 20 hacker attempts on my site that I'm then able to go into my admin panel and block those IP addresses.

    Mostly, though, now that I see all those hacker attempts, I don't want to leave my site vulnerable.

    Does anyone know of any similar plugins I can use when I disable this one?

    THanks.

  7. Joseph G
    Member
    Posted 2 years ago #

    There is a bug in the current version of this plugin. You can disable the Password Policy Settings in Login Lock as below until there is a fix for the plugin:

    Set => Enable the password policies shown below to NO

    OR

    Here are a few others that might do what you need:

    http://wordpress.org/extend/plugins/lockdown-wp-admin/
    http://wordpress.org/extend/plugins/simple-login-lockdown/
    http://wordpress.org/extend/plugins/limit-login-attempts/

    I've not used or tested these so I can't comment on them.

  8. jenifer2012
    Member
    Posted 2 years ago #

    Thank you so much Evolutinarit but if I have to disable the plugin through FTP access via my web host (they'll have to do this for me until I learn how to code) how will I be able to do what you're suggesting? Right? I won't be able to get back in to the plugin, will I?? (I'm still new to all this.)

    I think I may try this all-inclusive plugin. Do you know anything about it?

    http://wordpress.org/extend/plugins/better-wp-security/

  9. Mark
    Member
    Plugin Author

    Posted 2 years ago #

    If you guys bother to check the FAQ section in README you'd find really really really clear info on how to report bugs - which incidentally doesn't includes using this forum. Just sayin'...

    Fortunately a forum reader went to my site and sent me a note via the contact form - the preferred way to deal with issues with my software.

    It's probably good practice to check the README for all plugins.

    That said, I'll look into fixing this issue.

  10. Joseph G
    Member
    Posted 2 years ago #

    Hello Mark,

    Thanks so much for your contributions to the WP community! You & your plug-ins rule! =)

  11. Mark
    Member
    Plugin Author

    Posted 2 years ago #

    As a follow up, it was evolutionaryit who contacted me. Thanks.

    Fix is forthcoming.

  12. jenifer2012
    Member
    Posted 2 years ago #

    I've appreciated this plugin. It's helped me ward off many hacker attempts. So thanks. I'm glad you'll fix the bug so that I can re-install it later.

    However, this message board is where I was taken after I clicked on the box "Compatibility" with newest WP version button to indicate the plugin wasn't working properly.

    So, while I appreciate you're pointing out the "README" just want to let you know that was not where I was directed when I came to the page to try to research the issue.

  13. jenifer2012
    Member
    Posted 2 years ago #

    Mark,

    What is your ETA for the fix on this? I'm debating whether to wait, or go in and install something else for security until this is fixed so I can do my admin work.

  14. eminentstyle
    Member
    Posted 2 years ago #

    Eagerly awaiting this fix too!

  15. aphroditekk
    Member
    Posted 2 years ago #

    yes please, a fix!!!

  16. NFWRo
    Member
    Posted 2 years ago #

    Same problem here. I've tried to remove line 630 from loginlock.php as suggested, but although that gives me the reset password page, it won't accept any password as new ones saying that they've been used before (they haven't).

    Am I right in saying that I can just remove the loginlock plugin by FTP to uninstall it? That won't affect anything else?

    Thanks

  17. NFWRo
    Member
    Posted 2 years ago #

    I've answered my own question and have renamed the folder in the plugins until a fix can be done.

  18. Daniel Convissor
    Member
    Posted 2 years ago #

    I made a bunch of fixes to get login-lock working under WP 3.3.1. They are available at https://github.com/convissor/login-lock. I told the author about the fixes too. We'll see if they get incorporated into the existing package.

  19. Mark
    Member
    Plugin Author

    Posted 2 years ago #

    Some will some won't. For example, your idea of removing what you term "self promotion" from the login form will stay in the plugin. Reason being, a lot of people actually contact me via that link when they have problems that they think is related to the plugin. In most cases it's not related, and in all cases they get free consulting from me as to what the problem actually is and how to remedy.

    That's one instance. I haven't reviewed the other changes yet. I'll try to do that today if time permits - me being a family man will bills to pay.

  20. Mark
    Member
    Plugin Author

    Posted 2 years ago #

    I just pushed v2.2.4 into the plugins repository. Hopefully I got the fix for the " is_rtl() is not a function " problem resolved. I'm not sure though since I don't have such a system to test with.

    Other fixes and changes were implemented, some courtesy of Daniel Convissor.

  21. NFWRo
    Member
    Posted 2 years ago #

    Hi there
    Thank you for updating the plugin, however, when I installed it and ran it, I was immediately told to reset my password. I did so and then when I tried to log in, it said it was the wrong password. I tried the old password and that still worked, but I was asked to reset my password straight away again.

    After that, I received a message saying that I was trying to use a password that had already been used - which I wasn't for three different attempts. So I renamed the folder again to deactivate the plugin and when I logged in, the last password I had tried to change it to had taken, despite the error message.

    Sorry, it looks like there is still a problem.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags