imath/suggestion.patch Secret

## suggestion.patch
diff --git restricted_site_access.php restricted_site_access.php
index 979646a..f86113c 100755
--- restricted_site_access.php
+++ restricted_site_access.php
@@ -10,7 +10,7 @@
 */

 class Restricted_Site_Access {
-
+
 	private static $rsa_options, $basename;
 	private static $settings_page = 'reading';
 	private static $fields = array(
@@ -78,7 +78,7 @@ class Restricted_Site_Access {
 	 */
 	public static function _add_actions() {
 		self::$basename = plugin_basename( __FILE__ );
-
+
 		add_action( 'parse_request', array( __CLASS__, 'restrict_access' ), 1 );
 		add_action( 'admin_init', array( __CLASS__, 'admin_init' ), 1 );
 		add_action( 'plugins_loaded', array( __CLASS__, 'load_textdomain' ) );
@@ -119,14 +119,14 @@ class Restricted_Site_Access {
 	 */
 	public static function restrict_access( $wp ) {
 		remove_action( 'parse_request', array( __CLASS__, 'restrict_access' ), 1 );	// only need it the first time
-
+
 		$is_restricted = !( is_admin() || is_user_logged_in() || 2 != get_option( 'blog_public' ) || ( defined( 'WP_INSTALLING' ) && isset( $_GET['key'] ) ) );
 		if ( apply_filters( 'restricted_site_access_is_restricted', $is_restricted, $wp ) === false ) {
 			return;
 		}

 		self::set_option_defaults();
-
+
 		// check for the allow list, if its empty block everything
 		if ( !empty( self::$rsa_options['allowed'] ) && is_array( self::$rsa_options['allowed'] ) ) {
 			$remote_ip = $_SERVER['REMOTE_ADDR'];  //save the remote ip
@@ -134,13 +134,13 @@ class Restricted_Site_Access {
 				$remote_ip = str_replace( '::ffff:', '', $remote_ip ); //handle dual-stack addresses
 			}
 			$remote_ip = inet_pton( $remote_ip ); //parse the remote ip
-
+
 			// iterate through the allow list
 			foreach( self::$rsa_options['allowed'] as $line ) {
 				list( $ip, $mask ) = explode( '/', $line . '/128' ); // get the ip and mask from the list
-
+
 				$mask = str_repeat( 'f', $mask >> 2 ); //render the mask as bits, similar to info on the php.net man page discussion for inet_pton
-
+
 				switch( $mask % 4 ) {
 					case 1:
 						$mask .= '8';
@@ -152,33 +152,41 @@ class Restricted_Site_Access {
 						$mask .= 'e';
 						break;
 				}
-
+
 				$mask = pack( 'H*', $mask );
-
+
 				// check if the masked versions match
 				if ( ( inet_pton( $ip ) & $mask ) == ( $remote_ip & $mask ) ) {
 					return;
 				}
 			}
 		}
-
+
 		$rsa_restrict_approach = apply_filters( 'restricted_site_access_approach', self::$rsa_options['approach'] );
 		do_action( 'restrict_site_access_handling', $rsa_restrict_approach, $wp ); // allow users to hook handling
-
+
+		// Prevents infinite redirects
+		if ( ! empty( self::$rsa_options['page'] ) && 4 === $rsa_restrict_approach ) {
+			$page_id = get_post_field( 'ID', self::$rsa_options['page'] );
+
+			if ( $wp->query_vars['pagename'] === get_post_field( 'post_name', $page_id ) ) {
+				return;
+			}
+		}
+
 		switch( $rsa_restrict_approach ) {
 			case 4:
-				if ( !empty( self::$rsa_options['page'] ) && ( $page_id = get_post_field( 'ID', self::$rsa_options['page'] ) ) ) {
-					unset( $wp->query_vars );
-					$wp->query_vars['page_id'] = $page_id;
-					return;
+				if ( ! empty( $page_id ) ) {
+					self::$rsa_options['redirect_url'] = get_permalink( $page_id );
+					break;
 				}
-
+
 			case 3:
 				$message = __( self::$rsa_options['message'], 'restricted-site-access' );
 				$message .= "\n<!-- protected by Restricted Site Access http://10up.com/plugins/restricted-site-access-wordpress/ -->";
 				$message = apply_filters( 'restricted_site_access_message', $message, $wp );
 				wp_die( $message, get_bloginfo( 'name' ) . ' - Site Access Restricted' );
-
+
 			case 2:
 				if ( ! empty( self::$rsa_options['redirect_url'] ) ) {
 					if( ! empty( self::$rsa_options['redirect_path'] ) ) {
@@ -186,7 +194,7 @@ class Restricted_Site_Access {
 					}
 					break;
 				}
-
+
 			default:
 				self::$rsa_options['redirect_path'] = 302;
 				$current_path = empty( $_SERVER['REQUEST_URI'] ) ? home_url() : $_SERVER['REQUEST_URI'];
@@ -206,20 +214,20 @@ class Restricted_Site_Access {
 		// customize privacy message
 		add_filter( 'privacy_on_link_text', array( __CLASS__, 'privacy_on_link_text' ) );
 		add_filter( 'privacy_on_link_title', array( __CLASS__, 'privacy_on_link_title' ) );
-
+
 		// customize privacy page
 		add_action( 'load-options-' . self::$settings_page . '.php', array( __CLASS__, 'load_options_page' ) );
-
+
 		// add new choice for blog privacy
 		add_action( 'blog_privacy_selector', array( __CLASS__, 'blog_privacy_selector' ) );
-
+
 		// settings for restricted site access
 		register_setting( self::$settings_page, 'rsa_options', array( __CLASS__, 'sanitize_options' ) ); // array of fundamental options including ID and caching info
 		add_settings_section( 'restricted-site-access', '', '__return_empty_string', self::$settings_page );
 		foreach ( self::$fields as $field_name => $field_data ) {
 			add_settings_field( $field_name, __( $field_data['label'], 'restricted-site-access' ), array( __CLASS__, $field_data['field'] ), self::$settings_page, 'restricted-site-access' );
 		}
-
+
 		add_filter( 'plugin_action_links_' . self::$basename, array( __CLASS__, 'plugin_action_links' ) );
 	}

@@ -271,13 +279,13 @@ class Restricted_Site_Access {
 		if ( empty( self::$rsa_options['approach'] ) ) {
 			return;
 		}
-
+
 		if ( 4 == self::$rsa_options['approach'] && empty( self::$rsa_options['page'] ) ) {
 			$message = __( 'Please select the page you want to show restricted visitors. If no page is selected, WordPress will simply show a general restriction message.', 'restricted-site-access' );
 		} elseif ( 2 == self::$rsa_options['approach'] && empty( self::$rsa_options['redirect_url'] ) ) {
 			$message = __( 'Please enter the web address you would like to redirect restricted visitors to. If no address is entered, visitors will be redirected to the login screen.', 'restricted-site-access' );
 		}
-
+
 		if ( isset( $message ) ) {
 			echo '<div class="error"><p><strong>' . $message . '</strong></p></div>';
 		}
@@ -343,7 +351,7 @@ class Restricted_Site_Access {
 				}
 			}
 		}
-
+
 		return $new_input;
 	}

@@ -480,7 +488,7 @@ class Restricted_Site_Access {
 			self::$rsa_options['page'] = 0;
 		}

-		wp_dropdown_pages(array(
+		wp_dropdown_pages(array(
 			'selected'          => self::$rsa_options['page'],
 			'show_option_none'  => 'Select a page',
 			'name'              => 'rsa_options[page]',
@@ -532,16 +540,16 @@ class Restricted_Site_Access {
 	 */
 	public static function plugin_action_links( $links ) {
 		$links[] = '<a href="options-' . self::$settings_page . '.php">' . __('Settings') . '</a>';
-		return $links;
+		return $links;
 	}
-
+
 	/**
 	 * activation of plugin: upgrades old versions, immediately sets privacy
 	 */
 	public static function activation() {
 		update_option( 'blog_public', 2 );
 	}
-
+
 	/**
 	 * restore privacy option to default value upon deactivating
 	 */
@@ -591,4 +599,4 @@ function inet_pton($ip) {
 	return $ip;
 }

-endif;
\ No newline at end of file
+endif;
	diff --git restricted_site_access.php restricted_site_access.php
	index 979646a..f86113c 100755
	--- restricted_site_access.php
	+++ restricted_site_access.php
	@@ -10,7 +10,7 @@
	*/

	class Restricted_Site_Access {
	-
	+
	private static $rsa_options, $basename;
	private static $settings_page = 'reading';
	private static $fields = array(
	@@ -78,7 +78,7 @@ class Restricted_Site_Access {
	*/
	public static function _add_actions() {
	self::$basename = plugin_basename( __FILE__ );
	-
	+
	add_action( 'parse_request', array( __CLASS__, 'restrict_access' ), 1 );
	add_action( 'admin_init', array( __CLASS__, 'admin_init' ), 1 );
	add_action( 'plugins_loaded', array( __CLASS__, 'load_textdomain' ) );
	@@ -119,14 +119,14 @@ class Restricted_Site_Access {
	*/
	public static function restrict_access( $wp ) {
	remove_action( 'parse_request', array( __CLASS__, 'restrict_access' ), 1 ); // only need it the first time
	-
	+
	$is_restricted = !( is_admin() \|\| is_user_logged_in() \|\| 2 != get_option( 'blog_public' ) \|\| ( defined( 'WP_INSTALLING' ) && isset( $_GET['key'] ) ) );
	if ( apply_filters( 'restricted_site_access_is_restricted', $is_restricted, $wp ) === false ) {
	return;
	}

	self::set_option_defaults();
	-
	+
	// check for the allow list, if its empty block everything
	if ( !empty( self::$rsa_options['allowed'] ) && is_array( self::$rsa_options['allowed'] ) ) {
	$remote_ip = $_SERVER['REMOTE_ADDR']; //save the remote ip
	@@ -134,13 +134,13 @@ class Restricted_Site_Access {
	$remote_ip = str_replace( '::ffff:', '', $remote_ip ); //handle dual-stack addresses
	}
	$remote_ip = inet_pton( $remote_ip ); //parse the remote ip
	-
	+
	// iterate through the allow list
	foreach( self::$rsa_options['allowed'] as $line ) {
	list( $ip, $mask ) = explode( '/', $line . '/128' ); // get the ip and mask from the list
	-
	+
	$mask = str_repeat( 'f', $mask >> 2 ); //render the mask as bits, similar to info on the php.net man page discussion for inet_pton
	-
	+
	switch( $mask % 4 ) {
	case 1:
	$mask .= '8';
	@@ -152,33 +152,41 @@ class Restricted_Site_Access {
	$mask .= 'e';
	break;
	}
	-
	+
	$mask = pack( 'H*', $mask );
	-
	+
	// check if the masked versions match
	if ( ( inet_pton( $ip ) & $mask ) == ( $remote_ip & $mask ) ) {
	return;
	}
	}
	}
	-
	+
	$rsa_restrict_approach = apply_filters( 'restricted_site_access_approach', self::$rsa_options['approach'] );
	do_action( 'restrict_site_access_handling', $rsa_restrict_approach, $wp ); // allow users to hook handling
	-
	+
	+ // Prevents infinite redirects
	+ if ( ! empty( self::$rsa_options['page'] ) && 4 === $rsa_restrict_approach ) {
	+ $page_id = get_post_field( 'ID', self::$rsa_options['page'] );
	+
	+ if ( $wp->query_vars['pagename'] === get_post_field( 'post_name', $page_id ) ) {
	+ return;
	+ }
	+ }
	+
	switch( $rsa_restrict_approach ) {
	case 4:
	- if ( !empty( self::$rsa_options['page'] ) && ( $page_id = get_post_field( 'ID', self::$rsa_options['page'] ) ) ) {
	- unset( $wp->query_vars );
	- $wp->query_vars['page_id'] = $page_id;
	- return;
	+ if ( ! empty( $page_id ) ) {
	+ self::$rsa_options['redirect_url'] = get_permalink( $page_id );
	+ break;
	}
	-
	+
	case 3:
	$message = __( self::$rsa_options['message'], 'restricted-site-access' );
	$message .= "\n<!-- protected by Restricted Site Access http://10up.com/plugins/restricted-site-access-wordpress/ -->";
	$message = apply_filters( 'restricted_site_access_message', $message, $wp );
	wp_die( $message, get_bloginfo( 'name' ) . ' - Site Access Restricted' );
	-
	+
	case 2:
	if ( ! empty( self::$rsa_options['redirect_url'] ) ) {
	if( ! empty( self::$rsa_options['redirect_path'] ) ) {
	@@ -186,7 +194,7 @@ class Restricted_Site_Access {
	}
	break;
	}
	-
	+
	default:
	self::$rsa_options['redirect_path'] = 302;
	$current_path = empty( $_SERVER['REQUEST_URI'] ) ? home_url() : $_SERVER['REQUEST_URI'];
	@@ -206,20 +214,20 @@ class Restricted_Site_Access {
	// customize privacy message
	add_filter( 'privacy_on_link_text', array( __CLASS__, 'privacy_on_link_text' ) );
	add_filter( 'privacy_on_link_title', array( __CLASS__, 'privacy_on_link_title' ) );
	-
	+
	// customize privacy page
	add_action( 'load-options-' . self::$settings_page . '.php', array( __CLASS__, 'load_options_page' ) );
	-
	+
	// add new choice for blog privacy
	add_action( 'blog_privacy_selector', array( __CLASS__, 'blog_privacy_selector' ) );
	-
	+
	// settings for restricted site access
	register_setting( self::$settings_page, 'rsa_options', array( __CLASS__, 'sanitize_options' ) ); // array of fundamental options including ID and caching info
	add_settings_section( 'restricted-site-access', '', '__return_empty_string', self::$settings_page );
	foreach ( self::$fields as $field_name => $field_data ) {
	add_settings_field( $field_name, __( $field_data['label'], 'restricted-site-access' ), array( __CLASS__, $field_data['field'] ), self::$settings_page, 'restricted-site-access' );
	}
	-
	+
	add_filter( 'plugin_action_links_' . self::$basename, array( __CLASS__, 'plugin_action_links' ) );
	}

	@@ -271,13 +279,13 @@ class Restricted_Site_Access {
	if ( empty( self::$rsa_options['approach'] ) ) {
	return;
	}
	-
	+
	if ( 4 == self::$rsa_options['approach'] && empty( self::$rsa_options['page'] ) ) {
	$message = __( 'Please select the page you want to show restricted visitors. If no page is selected, WordPress will simply show a general restriction message.', 'restricted-site-access' );
	} elseif ( 2 == self::$rsa_options['approach'] && empty( self::$rsa_options['redirect_url'] ) ) {
	$message = __( 'Please enter the web address you would like to redirect restricted visitors to. If no address is entered, visitors will be redirected to the login screen.', 'restricted-site-access' );
	}
	-
	+
	if ( isset( $message ) ) {
	echo '<div class="error"><p><strong>' . $message . '</strong></p></div>';
	}
	@@ -343,7 +351,7 @@ class Restricted_Site_Access {
	}
	}
	}
	-
	+
	return $new_input;
	}

	@@ -480,7 +488,7 @@ class Restricted_Site_Access {
	self::$rsa_options['page'] = 0;
	}

	- wp_dropdown_pages(array(
	+ wp_dropdown_pages(array(
	'selected' => self::$rsa_options['page'],
	'show_option_none' => 'Select a page',
	'name' => 'rsa_options[page]',
	@@ -532,16 +540,16 @@ class Restricted_Site_Access {
	*/
	public static function plugin_action_links( $links ) {
	$links[] = '<a href="options-' . self::$settings_page . '.php">' . __('Settings') . '</a>';
	- return $links;
	+ return $links;
	}
	-
	+
	/**
	* activation of plugin: upgrades old versions, immediately sets privacy
	*/
	public static function activation() {
	update_option( 'blog_public', 2 );
	}
	-
	+
	/**
	* restore privacy option to default value upon deactivating
	*/
	@@ -591,4 +599,4 @@ function inet_pton($ip) {
	return $ip;
	}

	-endif;
	\ No newline at end of file
	+endif;