-
-
Save imath/792699d96f60d3b10557 to your computer and use it in GitHub Desktop.
Suggestion to fix the possible access to BuddyPress pages when the Restricted Site Access option is set to "display a WordPress page" - Sorry for the extra formatting diffs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git restricted_site_access.php restricted_site_access.php | |
index 979646a..f86113c 100755 | |
--- restricted_site_access.php | |
+++ restricted_site_access.php | |
@@ -10,7 +10,7 @@ | |
*/ | |
class Restricted_Site_Access { | |
- | |
+ | |
private static $rsa_options, $basename; | |
private static $settings_page = 'reading'; | |
private static $fields = array( | |
@@ -78,7 +78,7 @@ class Restricted_Site_Access { | |
*/ | |
public static function _add_actions() { | |
self::$basename = plugin_basename( __FILE__ ); | |
- | |
+ | |
add_action( 'parse_request', array( __CLASS__, 'restrict_access' ), 1 ); | |
add_action( 'admin_init', array( __CLASS__, 'admin_init' ), 1 ); | |
add_action( 'plugins_loaded', array( __CLASS__, 'load_textdomain' ) ); | |
@@ -119,14 +119,14 @@ class Restricted_Site_Access { | |
*/ | |
public static function restrict_access( $wp ) { | |
remove_action( 'parse_request', array( __CLASS__, 'restrict_access' ), 1 ); // only need it the first time | |
- | |
+ | |
$is_restricted = !( is_admin() || is_user_logged_in() || 2 != get_option( 'blog_public' ) || ( defined( 'WP_INSTALLING' ) && isset( $_GET['key'] ) ) ); | |
if ( apply_filters( 'restricted_site_access_is_restricted', $is_restricted, $wp ) === false ) { | |
return; | |
} | |
self::set_option_defaults(); | |
- | |
+ | |
// check for the allow list, if its empty block everything | |
if ( !empty( self::$rsa_options['allowed'] ) && is_array( self::$rsa_options['allowed'] ) ) { | |
$remote_ip = $_SERVER['REMOTE_ADDR']; //save the remote ip | |
@@ -134,13 +134,13 @@ class Restricted_Site_Access { | |
$remote_ip = str_replace( '::ffff:', '', $remote_ip ); //handle dual-stack addresses | |
} | |
$remote_ip = inet_pton( $remote_ip ); //parse the remote ip | |
- | |
+ | |
// iterate through the allow list | |
foreach( self::$rsa_options['allowed'] as $line ) { | |
list( $ip, $mask ) = explode( '/', $line . '/128' ); // get the ip and mask from the list | |
- | |
+ | |
$mask = str_repeat( 'f', $mask >> 2 ); //render the mask as bits, similar to info on the php.net man page discussion for inet_pton | |
- | |
+ | |
switch( $mask % 4 ) { | |
case 1: | |
$mask .= '8'; | |
@@ -152,33 +152,41 @@ class Restricted_Site_Access { | |
$mask .= 'e'; | |
break; | |
} | |
- | |
+ | |
$mask = pack( 'H*', $mask ); | |
- | |
+ | |
// check if the masked versions match | |
if ( ( inet_pton( $ip ) & $mask ) == ( $remote_ip & $mask ) ) { | |
return; | |
} | |
} | |
} | |
- | |
+ | |
$rsa_restrict_approach = apply_filters( 'restricted_site_access_approach', self::$rsa_options['approach'] ); | |
do_action( 'restrict_site_access_handling', $rsa_restrict_approach, $wp ); // allow users to hook handling | |
- | |
+ | |
+ // Prevents infinite redirects | |
+ if ( ! empty( self::$rsa_options['page'] ) && 4 === $rsa_restrict_approach ) { | |
+ $page_id = get_post_field( 'ID', self::$rsa_options['page'] ); | |
+ | |
+ if ( $wp->query_vars['pagename'] === get_post_field( 'post_name', $page_id ) ) { | |
+ return; | |
+ } | |
+ } | |
+ | |
switch( $rsa_restrict_approach ) { | |
case 4: | |
- if ( !empty( self::$rsa_options['page'] ) && ( $page_id = get_post_field( 'ID', self::$rsa_options['page'] ) ) ) { | |
- unset( $wp->query_vars ); | |
- $wp->query_vars['page_id'] = $page_id; | |
- return; | |
+ if ( ! empty( $page_id ) ) { | |
+ self::$rsa_options['redirect_url'] = get_permalink( $page_id ); | |
+ break; | |
} | |
- | |
+ | |
case 3: | |
$message = __( self::$rsa_options['message'], 'restricted-site-access' ); | |
$message .= "\n<!-- protected by Restricted Site Access http://10up.com/plugins/restricted-site-access-wordpress/ -->"; | |
$message = apply_filters( 'restricted_site_access_message', $message, $wp ); | |
wp_die( $message, get_bloginfo( 'name' ) . ' - Site Access Restricted' ); | |
- | |
+ | |
case 2: | |
if ( ! empty( self::$rsa_options['redirect_url'] ) ) { | |
if( ! empty( self::$rsa_options['redirect_path'] ) ) { | |
@@ -186,7 +194,7 @@ class Restricted_Site_Access { | |
} | |
break; | |
} | |
- | |
+ | |
default: | |
self::$rsa_options['redirect_path'] = 302; | |
$current_path = empty( $_SERVER['REQUEST_URI'] ) ? home_url() : $_SERVER['REQUEST_URI']; | |
@@ -206,20 +214,20 @@ class Restricted_Site_Access { | |
// customize privacy message | |
add_filter( 'privacy_on_link_text', array( __CLASS__, 'privacy_on_link_text' ) ); | |
add_filter( 'privacy_on_link_title', array( __CLASS__, 'privacy_on_link_title' ) ); | |
- | |
+ | |
// customize privacy page | |
add_action( 'load-options-' . self::$settings_page . '.php', array( __CLASS__, 'load_options_page' ) ); | |
- | |
+ | |
// add new choice for blog privacy | |
add_action( 'blog_privacy_selector', array( __CLASS__, 'blog_privacy_selector' ) ); | |
- | |
+ | |
// settings for restricted site access | |
register_setting( self::$settings_page, 'rsa_options', array( __CLASS__, 'sanitize_options' ) ); // array of fundamental options including ID and caching info | |
add_settings_section( 'restricted-site-access', '', '__return_empty_string', self::$settings_page ); | |
foreach ( self::$fields as $field_name => $field_data ) { | |
add_settings_field( $field_name, __( $field_data['label'], 'restricted-site-access' ), array( __CLASS__, $field_data['field'] ), self::$settings_page, 'restricted-site-access' ); | |
} | |
- | |
+ | |
add_filter( 'plugin_action_links_' . self::$basename, array( __CLASS__, 'plugin_action_links' ) ); | |
} | |
@@ -271,13 +279,13 @@ class Restricted_Site_Access { | |
if ( empty( self::$rsa_options['approach'] ) ) { | |
return; | |
} | |
- | |
+ | |
if ( 4 == self::$rsa_options['approach'] && empty( self::$rsa_options['page'] ) ) { | |
$message = __( 'Please select the page you want to show restricted visitors. If no page is selected, WordPress will simply show a general restriction message.', 'restricted-site-access' ); | |
} elseif ( 2 == self::$rsa_options['approach'] && empty( self::$rsa_options['redirect_url'] ) ) { | |
$message = __( 'Please enter the web address you would like to redirect restricted visitors to. If no address is entered, visitors will be redirected to the login screen.', 'restricted-site-access' ); | |
} | |
- | |
+ | |
if ( isset( $message ) ) { | |
echo '<div class="error"><p><strong>' . $message . '</strong></p></div>'; | |
} | |
@@ -343,7 +351,7 @@ class Restricted_Site_Access { | |
} | |
} | |
} | |
- | |
+ | |
return $new_input; | |
} | |
@@ -480,7 +488,7 @@ class Restricted_Site_Access { | |
self::$rsa_options['page'] = 0; | |
} | |
- wp_dropdown_pages(array( | |
+ wp_dropdown_pages(array( | |
'selected' => self::$rsa_options['page'], | |
'show_option_none' => 'Select a page', | |
'name' => 'rsa_options[page]', | |
@@ -532,16 +540,16 @@ class Restricted_Site_Access { | |
*/ | |
public static function plugin_action_links( $links ) { | |
$links[] = '<a href="options-' . self::$settings_page . '.php">' . __('Settings') . '</a>'; | |
- return $links; | |
+ return $links; | |
} | |
- | |
+ | |
/** | |
* activation of plugin: upgrades old versions, immediately sets privacy | |
*/ | |
public static function activation() { | |
update_option( 'blog_public', 2 ); | |
} | |
- | |
+ | |
/** | |
* restore privacy option to default value upon deactivating | |
*/ | |
@@ -591,4 +599,4 @@ function inet_pton($ip) { | |
return $ip; | |
} | |
-endif; | |
\ No newline at end of file | |
+endif; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment