Skip to content

Instantly share code, notes, and snippets.

@mauvilsa
Created November 21, 2016 09:41
Show Gist options
  • Save mauvilsa/0f59af4d75342c20c400f1575075b522 to your computer and use it in GitHub Desktop.
Save mauvilsa/0f59af4d75342c20c400f1575075b522 to your computer and use it in GitHub Desktop.
Modification of wordpress pagerestrict plugin to support lostpassword_url filter
<?php
/*
Plugin Name: Page Restrict
Plugin URI: http://theandystratton.com/pagerestrict
Description: Restrict certain pages to logged in users
Author: Matt Martz & Andy Stratton
Author URI: http://theandystratton.com
Version: 2.2.6
Copyright (c) 2008 Matt Martz (http://sivel.net)
Page Restrict is released under the GNU Lesser General Public License (LGPL)
http://www.gnu.org/licenses/lgpl-3.0.txt
*/
// ff we are in the admin load the admin functionality
if ( is_admin () )
require_once( dirname ( __FILE__ ) . '/inc/admin.php' );
// get specific option
function pr_get_opt ( $option ) {
$pr_options = get_option ( 'pr_options' );
// clean up PHP warning for in_array() later when they have not been saved
if ( $option == 'posts' || $option == 'pages' ) {
if ( !is_array($pr_options[$option]) ) {
$pr_options[$option] = array();
}
}
return $pr_options[$option];
}
// Add headers to keep browser from caching the pages when user not logged in
// Resolves a problem where users see the login form after logging in and need
// to refresh to see content
function pr_no_cache_headers () {
if ( !is_user_logged_in() )
nocache_headers();
}
// gets standard page content when page/post is restricted.
function pr_get_page_content() {
$pr_page_content = '
<p>' . pr_get_opt ( 'message' ) . '</p>';
if ( pr_get_opt ( 'loginform' ) == true ) :
$errors = '';
if ( isset( $_GET['wp-error'] ) )
{
$errors = strip_tags( $_GET['wp-error'] );
$errors = str_ireplace( 'Lost your password?', '<a href="' . wp_lostpassword_url() . '">Lost your password?</a>', $errors );
$errors = '<div class="pr-message pr-error"><p>' . $errors . '</p></div>';
}
$user_login = '';
if ( !isset( $user_login ) && isset( $_GET['pr-user-login'] ) )
{
$user_login = sanitize_user( $_GET['pr-user-login'] );
}
$pr_page_content .= '
<form style="text-align: left;" action="' . get_bloginfo ( 'wpurl' ) . '/wp-login.php" method="post">
' . $errors . '
<p>
<label for="log"><input type="text" name="log" id="log" value="' . esc_html ( stripslashes ( $user_login ) , 1 ) . '" size="22" /> '
. apply_filters( 'pr_username_label', 'Username' ) . '</label><br />
<label for="pwd"><input type="password" name="pwd" id="pwd" size="22" /> '
. apply_filters( 'pr_password_label' , 'Password' ) . '</label><br />
<input type="submit" name="submit" value="Log In" class="button" />
<label for="rememberme"><input name="rememberme" id="rememberme" type="checkbox" checked="checked" value="forever" /> Remember me</label><br />
</p>
<input type="hidden" name="redirect_to" value="' . esc_url( $_SERVER['REQUEST_URI'] ) . '" />
</form>
<p>
';
if ( get_option('users_can_register') )
$pr_page_content .= ' <a href="' . get_bloginfo ( 'wpurl' ) . '/wp-login.php?action=register">Register</a> | ';
$pr_page_content .= '<a href="' . wp_lostpassword_url() . '">Lost your password?</a>
</p>
';
global $post;
$post->comment_status = 'closed';
endif;
return apply_filters( 'pr_page_content', $pr_page_content );
}
// Perform the restriction and if restricted replace the page content with a login form
function pr_page_restrict ( $pr_page_content ) {
global $post;
$pr_check = pr_get_opt('method') == 'all';
$pr_check = $pr_check || (
( is_array(pr_get_opt('pages')) || is_array(pr_get_opt('posts')) )
&& ( count(pr_get_opt('pages')) + count(pr_get_opt('posts')) > 0 )
);
$pr_check = $pr_check || ( pr_get_opt('pr_restrict_home') && is_home() );
if ( !is_user_logged_in() && $pr_check ) :
// current post is in either page / post restriction array
$is_restricted = ( in_array($post->ID, pr_get_opt('pages')) || in_array($post->ID, pr_get_opt('posts')) ) && pr_get_opt ( 'method' ) != 'none';
// content is restricted OR everything is restricted
if ( (is_single() || is_page()) && ($is_restricted || pr_get_opt('method') == 'all') ):
$pr_page_content = pr_get_page_content();
$pr_page_content = '<div class="page-restrict-output">' . $pr_page_content . '</div>';
// home page, archives, search
elseif ( ( in_array($post->ID, pr_get_opt('pages')) || in_array($post->ID, pr_get_opt('posts')) || pr_get_opt('method') == 'all' )
&& ( is_archive() || is_search() || is_home() )
) :
$pr_page_content = '<p>' . pr_get_opt ( 'message' ) . '</p>';
$pr_page_content = str_replace('login', '<a href="' . get_bloginfo ( 'wpurl' ) . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']) . '">login</a>', $pr_page_content);
$pr_page_content = '<div class="page-restrict-output">' . apply_filters( 'pr_message_content', $pr_page_content ) . '</div>';
endif;
endif;
return $pr_page_content;
}
function pr_comment_restrict ( $pr_comment_array ) {
global $post;
if ( !is_user_logged_in() && is_array ( pr_get_opt ( 'pages' ) ) ) :
$is_restricted = ( in_array($post->ID, pr_get_opt('pages')) || in_array($post->ID, pr_get_opt('posts')) ) && pr_get_opt ( 'method' ) != 'none';
if ( $is_restricted || pr_get_opt('method') == 'all' ):
$pr_comment_array = array();
endif;
endif;
return $pr_comment_array;
}
// Add Actions
add_action( 'send_headers' , 'pr_no_cache_headers' );
// Add Filters
add_filter ( 'the_content' , 'pr_page_restrict' , 50 );
add_filter ( 'the_excerpt' , 'pr_page_restrict' , 50 );
add_filter ( 'comments_array' , 'pr_comment_restrict' , 50 );
add_action( 'wp_login_failed', 'pr_login_failed', 50, 1 );
function pr_login_failed( $username = null )
{
$referrer = $_SERVER['HTTP_REFERER'];
if ( !empty( $referrer ) && !strstr( $referrer, 'wp-login.php' ) && !strstr( $referrer, 'wp-admin' ) )
{
$params = parse_url( $referrer );
$redirect = $params['scheme'] . '://' . $params['host'] . $params['path'];
$query = false;
if ( isset( $params['query'] ) )
parse_str( $params['query'], $query );
$query['login'] = 'failed';
if ( is_wp_error( $username ) )
$query['wp-error'] = $username->get_error_message();
if ( isset( $username->user_login ) )
$query['pr-user-login'] = $username->user_login;
if ( count( $query ) > 0 )
{
$redirect .= '?' . http_build_query( $query );
}
wp_redirect( $redirect, 303 );
die;
}
}
if ( sizeof( $_POST ) )
add_filter( 'authenticate', 'pr_authenticate', 50, 3 );
function pr_authenticate( $error, $user, $pass )
{
if ( !empty( $user ) )
$error->user_login = $_POST['log'];
if ( is_wp_error( $error ) )
do_action( 'wp_login_failed', $error );
return $error;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment