Context Navigation

← Previous Changeset
Next Changeset →

Changeset 1769844

Timestamp:

11/17/2017 11:57:22 PM (8 years ago)

Author:

pkwooster

Message:

Updated readme

Location:

simple-access-control/trunk

Files:

: 2 edited

readme.txt (modified) (3 diffs)
simple-access-control.php (modified) (12 diffs)

Legend:

: Unmodified
: Added
: Removed

simple-access-control/trunk/readme.txt

-                      r1666626
+                      r1769844
 Tags: post, page, menu, security
 Requires at least: 3.0
 Tested up to: 4.7.5
 Stable tag: 1.5.1
+Tested up to: 4.9
+Stable tag: 1.6.0
 A very simple plugin that hides specific pages, posts and menu items from users based on their logged in staus.
 …
 * The locked status is shown in the admin page and post lists
 * a "Loggedin Text" widget is available that only displays text to logged in users
+* You can set a flag causing the menu to display even when filtered
+* You can set an option to display the menu even when filtered
+* You can set an option to force a 404 Not Found error on direct access to a restricted page
 *Changes seen by users*
+*Features seen by users*
 * Locked pages and posts are not displayed
 * Locked items are removed from standard and custom menus
 * A message asking you to log in is displayed if you access it directly using its address or using the next and previous links
+* A 404 Not Found error may be displayed on access to a restricted page
 * A login/logout link is displayed in the mesage
 * Loggedin Text widgets are not visible
 …
 == Changelog ==
+= 1.6.0 =
+* fix fatal error extending WP_Widget, now extends WP_Widget_Text
+* add option to give a 404 Not Found error on direct access to a restricted page or post
 = 1.5.1 =
 * set version number

simple-access-control/trunk/simple-access-control.php

-                      r1666626
+                      r1769844
 Plugin URI: http://devondev.com/blog/simple-access-control/
 Description: Allows authors to restrict access to pages and posts to logged in users.
 Version: 1.5.1
+Version: 1.6.0
 Author: Peter Wooster
 Author URI: http://www.devondev.com/
 …
 add_filter('get_pages', 'sac_filter_pages');
 add_filter('the_posts', 'sac_filter_pages');
+add_action('template_redirect', 'sac_redirect');
 …
+}
+/*
+ * check for direct access to page or post
+ * and produce 404 if requested
+ */
+function sac_redirect() {
+    global $post;
+    $pid = $post->ID;
+    $allowed = sac_allowed($post->ID);
+    error_log("allowed=$allowed");
+    if($allowed)return;
+    if (sac_force_404($post->ID)) {
+        error_log("forcing 404");
+        status_header( 404 );
+        nocache_headers();
+        include( get_query_template( '404' ) );
+        die();
+    }
+}
 /**
  * set the text for pages that should not be displayed, also turns off comments
 …
  * @param type $post_id of the content
  * @param type $menu true if this is for a menu
  * @return type true if restricted
+ * @return type true if not restricted
  */
 function sac_allowed($post_id, $menu=false, $value=null) {
-    global $current_user;
     if(is_admin())return true;
     $logged_in = 0 < $current_user->ID;
+    $logged_in = is_user_logged_in();
     if(!$value)$value = get_post_meta($post_id, 'sac_locked', true);
+error_log("sac_allowed, post_id=$post_id, value=$value, logged_in=$logged_in");
     if(!$value)return true;
+    $va = sac_clean_value($value,true);
+    $va = sac_clean_value($value);
     $value = $va[0];
     $showMenu = $va[1];
 …
     if($value == 'not logged in' && $logged_in)$restrict=true;
     if($value == 'logged in' && !$logged_in)$restrict= true;
+    error_log ("post_id=$post_id, restrict=$restrict");
     return !$restrict;
+}
+/*
+ * sac_force_404
+ * determine if a 404 error should be returned instead of the notice
+ */
+function sac_force_404($post_id) {
+    $value = get_post_meta($post_id, 'sac_locked', true);
+    $va = sac_clean_value($value);
+    return $va[2];
+}
 /* =========================================================================
 …
     global $post;
     if($name == $key) {
         $value =  sac_clean_value(get_post_meta($post->ID, $key, true));
+        $value =  sac_clean_value(get_post_meta($post->ID, $key));
         echo $value;
+    }
 …
     $type= ucwords($post->post_type);
     $value = get_post_meta($id, 'sac_locked', true);
     $va = sac_clean_value($value, true);
+    $va = sac_clean_value($value);
     $users = $va[0];
     $menu= $va[1];
+    echo "<p>locked=$value, users=$users, menu=$menu</p>";
+    $force = $va[2];
+    // echo "<p>locked=$value, users=$users, menu=$menu</p>";
     $sel_all = $sel_li = $sel_nli = '';
     if($users == 'logged in')$sel_li = 'selected';
 …
     else $sel_all = 'selected';
     if($menu == 'show menu')$checked='checked'; else $checked='';
+    if($force == 'yes')$forced='checked'; else $forced='';
     $html = <<<QEND
 …
     <input type="checkbox" $checked name="sac_showmenu"/>
     </p>
+    <p><strong>Force 404 on direct access</strong>
+    <input type="checkbox" $forced name="sac_force404"/>
+    </p>
 QEND;
     echo $html;
 …
 function sac_save_meta($post_id) {
     $field = 'sac_locked';
     $old = sac_clean_value(get_post_meta($post_id, $field, true));
+    $old = sac_clean_value(get_post_meta($post_id, $field));
     if (isset($_POST['sac_locked']))$newUsers = $_POST['sac_locked']; else $newUsers = '';
     if (isset($_POST['sac_showmenu']))$newMenu = 'show menu'; else $newMenu = '';
+    $new = sac_clean_value("$newUsers,$newMenu");
+    if ($old != $new) {
+        if ($new == 'all')delete_post_meta($post_id, $field);
+        else update_post_meta($post_id, $field, $new);
+    }
+}
+function sac_clean_value($value, $asArray = false) {
+    if (isset($_POST['sac_force404']))$force404= 'yes'; else $force404 = '';
+    $new = sac_clean_value("$newUsers,$newMenu,$force404");
+    $newV= implode(',', $new);
+    $oldV = implode(',', $old);
+    error_log("oldV=$old; newV=$new");
+    if ($oldV != $newV) {
+        if ($new[0] == 'all')delete_post_meta($post_id, $field);
+        else update_post_meta($post_id, $field, $newV);
+    }
+}
+function sac_clean_value($value) {
     if (!$value)$value = 'all,';
     if($value == 'yes')$value='logged in,';
+    $value = explode(',', $value);
+    if(1 == count($value))$value[1]= '';
+    $value = explode(',', $value . ',,,');
     $users = $value[0];
+    $menu = $value[1];
+    $menu = $value[1];
+    $force = $value[2];
     if($users != 'logged in' && $users != 'not logged in')$users = 'all';
     if($menu != 'show menu')$menu = '';
+    if($asArray)return array($users, $menu);
+    else {
+        if($menu) return "$users,$menu"; else return $users;
+    }
+    if($force != 'yes')$force = '';
+    return array($users, $menu, $force);
+}
 …
+    }
+}
 /* =========================================================================
 …
  * Logged In Text widget class
+ *
+ * @since 2.8.0
+ */
+class Logggedin_Widget_Text extends WP_Widget {
+ * @since 4.0
+ */
+/*
+ * this code now requires the Text Widget code
+ */
+require_once ABSPATH . '/wp-includes/widgets/class-wp-widget-text.php';
+/*
+ * construct the widget by extending the Text Widget
+ */
+class Logggedin_Widget_Text extends WP_Widget_Text {
     function __construct() {
+        $widget_ops = array('classname' => 'widget_text', 'description' => __('Arbitrary text or HTML when logged in'));
+        $control_ops = array('width' => 400, 'height' => 350);
+        parent::__construct('litext', __('Loggedin Text'), $widget_ops, $control_ops);
+        parent::__construct();
+        $this->id_base = 'litext';
+        $this->name = __( 'Loggedin Text!' );
+        $this->option_name = 'widget_' . $this->id_base;
+        $this->widget_options['description'] = __( 'Text or HTML that shows when the user is logged-in', 'simple-access-control' );
+        $this->control_options['id_base'] = $this->id_base;
+    }
+/*
+ * Only show the widget when logged in
+ */
     function widget( $args, $instance ) {
+        global $current_user;
+                if(0 == $current_user->ID ) return; // no widget if not logged in
+                WP_Widget_Text::widget($args, $instance);
+    }
+    function update( $new_instance, $old_instance ) {
+        return WP_Widget_Text::update( $new_instance, $old_instance );
+    }
+    function form( $instance ) {
+                WP_Widget_Text::form($instance);
+        if(is_user_logged_in() ) parent::widget($args, $instance);
+    }
+}

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory

Context Navigation

Changeset 1769844

Legend:

simple-access-control/trunk/readme.txt

simple-access-control/trunk/simple-access-control.php

Download in other formats: