Daniel Convissor

Hi Again Mark:

Have you had a chance to do the testing/debugging? I look forward to getting detailed information from you.

Thanks,

–Dan

Hi Mark:

While there _could_ be a bug in the plugin, it sounds like something that only shows up if the plugin was installed improperly. Or you have a non-standard configuration that the plugin is not prepared for.

What other plugins are you using? How are you accomplishing the multisite capability? You only installed the plugin in one plugins directory, right?

Anyway, please go to the plugin’s settings page, tell it to “delete the damn data,” deactivate the plugin and remove the files. Then check that our table and settings and user metadata have been removed. Put the plugin back and use the Network Plugins user interface to activate the plugin.

Please let me know what happens and when doing so, please provide complete steps used for the install and the exact steps and resonses on the screen that caused the problem. For example, just saying “I cannot log in” does not provide the context needed for me to debug the situation.

Thanks,

–Dan

Hi Mark:

The closest thing is the “Development Log” RSS feed provided for each plugin which anyone can subscribe to. While this feature has existed for a while, the link for it has recently been moved from each plugin’s home page to the new “For Developers” tab.

–Dan

Hi Mark:

Here are queries to manually remove stuff from the database:

DROP TABLE wp_login_security_solution_fail;
DELETE FROM wp_options WHERE option_name LIKE 'login-security-solution%';
DELETE FROM wp_usermeta WHERE meta_key LIKE 'login-security-solution%';


Another option is to put the plugin files back, activate, go to the settings screen, turn on the “Yes, delete the damn data” option, then deactivate the plugin the remove the plugin files.

Sorry to hear about your problem logging in. I really want to know what’s going on. Can you please reactivate the plugin, adjust your php.ini settings so errors can be logged (log_errors = On and error_log = /path/to/php_errors.log) or seen (display_errors = On) and put define('WP_DEBUG', true); in your wp-config.php then try logging in?

Thanks!

–Dan

Hi Shawn:

Thanks for the great feedback. Yeah, the settings page is not snazzy looking, and why should it be? ?? By the way, it uses WP’s plugin settings API to for the layout and functionality.

–Dan

Hi Shawn:

I noticed you replied to another thread[1] saying you’re glad to have taken the plunge and began using the Login Security Solution plugin. Thanks for the positive feedback. I hope you’ll rate it, give it an “it works” vote, and give a donation, please.

For others who may be concerned with how young this plugin is, I and some other folks have done extensive testing. The core functionality is solid and we’ve covered a bunch of edge cases. If any holes are left, which I don’t think there are, they’re edge cases.
Plus this plugin has over 150 unit tests so you can rest assured that the plugin won’t have regressions in future versions.

[1] https://www.ads-software.com/support/topic/plugin-login-security-solution-how-this-plugin-compares-to-login-lockdown

Hi Jan:

The plugin doesn’t have that feature. That feature is a bit outside of the plugin’s scope, so I don’t think I’ll be adding it.

Thanks,

–Dan

Hi Herbie:

That second argument is required for the plugin to work properly. The error can’t be ignored, sorry to say. I suggest either disabling this plugin or upgrade WP to 3.3.

–Dan

Hi Again Herbie:

Ah, the forum system shows your WP version as 3.2.1 in the right column. I took a look at the source code of wp-includes/user.php in that branch. It turns out the second argument to the wp_login action was added in 3.3. So I need to change my plugin’s minimum version. to 3.3.

Thanks for bringing this to my attention,

–Dan

Hi Herbie:

I am not seeing that. My guess is an unexpected interaction with another plugin or something. To figure out what’s happening on your system, can you please place the following line of code on the first line inside the wp_login() method in my class? It logs a backtrace to a file. Adjust the path to the file as needed. Then post the resulting file.

file_put_contents('/var/tmp/lss-wp_login', var_export(debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS), true));

Which versions of WordPress and Login Security Solution are you using?

Thanks,

–Dan

Good catch! Fixed in release 0.7.0.

If you find more bugs, please enter them in WP’s plugins bug tracker. See this plugin’s readme file / FAQ for details.

Thanks!

I added a ticket for this in the plugins bug tracker: https://plugins.trac.www.ads-software.com/ticket/1473

For the record of those following this thread, the is_rtl() fatal error still exists in 2.2.6.

I’m sorry for stepping on your toes, Mark. You’ve made an excellent plugin. I found some problems, so came up with fixes and workarounds for my own WP site. Rather than keep them to myself, I put them in a location where they could help everyone.

I then contacted you directly via the website in the readme file. I didn’t know how quickly you’d be able to address the matter, so mentioned the availability of fixes in the various support threads. I then contacted you again via the website, hoping to open direct communication so I can help you test things, etc. Your reply has not arrived.

I haven’t really forked the project. All of the credits in the files are still yours. Though now the version number and description have been tweaked so people would not confuse it with the official version.

Now down to buisiness… The 2.2.6 release does not fix the is_rtl() problem for logins after the administrator has locked everyone out. I moved your wp_locale strategy to where it was really needed. Please note, that the strategy still produces notices, so needs improvement. Please read my comments in the source code for more information.

The code in the convissor226 branch on GitHub has three additional fixes. One of them is important for insuring against SQL injection.

Alas, the 2.2.4 release does not fix the is_rtl() for people trying to log in after the administrator has locked everyone out. A _workaround_ for it is on GitHub (commit 127ff125f2).