My Private Site - Version 2.11.4

Version Description

Use Custom Login setting, if present, to redirect failed login attempts with blank username and/or password

Release Info

Developer	dgewirtz
Plugin	My Private Site
Version	2.11.4
Comparing to
See all releases

Version 2.11.4

Files changed (12) hide show

includes/admin-settings.php +816 -0
includes/all-admin.php +29 -0
includes/common-functions.php +363 -0
includes/functions-admin.php +49 -0
includes/index.html +0 -0
includes/installed-plugins.php +91 -0
includes/net-settings.php +61 -0
includes/public.php +299 -0
index.html +0 -0
jonradio-private-site.php +191 -0
readme.txt +214 -0
uninstall.php +19 -0

includes/admin-settings.php ADDED Viewed

	@@ -0,0 +1,816 @@


1	+ <?php
2	+ /*
3	+ Initiated when in the Admin panels.
4	+ Used to create the Settings page for the plugin.
5	+ */
6	+
7	+ // Exit if .php file accessed directly
8	+ if ( !defined( 'ABSPATH' ) ) exit;
9	+
10	+ DEFINE( 'JR_PS_BELOW_FIELDS', '<br />   ' );
11	+
12	+ require_once( jr_ps_path() . 'includes/functions-admin.php' );
13	+
14	+ add_action( 'admin_menu', 'jr_ps_admin_hook' );
15	+ // Runs just before admin_init (below)
16	+
17	+ /**
18	+ * Add Admin Menu item for plugin
19	+ *
20	+ * Plugin needs its own Page in the Settings section of the Admin menu.
21	+ *
22	+ */
23	+ function jr_ps_admin_hook() {
24	+ // Add Settings Page for this Plugin
25	+ global $jr_ps_plugin_data;
26	+ $settings = get_option( 'jr_ps_settings' );
27	+ if ( $settings['user_submenu'] ) {
28	+ add_users_page( $jr_ps_plugin_data['Name'], 'Private Site', 'add_users', 'jr_ps_settings', 'jr_ps_users_settings_page' );
29	+ }
30	+ add_options_page( $jr_ps_plugin_data['Name'], 'Private Site', 'manage_options', 'jr_ps_settings', 'jr_ps_settings_page' );
31	+ }
32	+
33	+ function jr_ps_users_settings_page() {
34	+ global $jr_ps_users_submenu;
35	+ $jr_ps_users_submenu = TRUE;
36	+ jr_ps_settings_page();
37	+ }
38	+
39	+ /**
40	+ * Settings page for plugin
41	+ *
42	+ * Display and Process Settings page for this plugin.
43	+ *
44	+ */
45	+ function jr_ps_settings_page() {
46	+ global $jr_ps_plugin_data;
47	+ add_thickbox();
48	+ echo '<div class="wrap">';
49	+ echo '<h2>' . $jr_ps_plugin_data['Name'] . '</h2>';
50	+
51	+ // Required because it is only called automatically for Admin Pages in the Settings section
52	+ settings_errors( 'jr_ps_settings' );
53	+
54	+ echo '<h3>Overview</h3><p>';
55	+ $settings = get_option( 'jr_ps_settings' );
56	+ if ( $settings['private_site'] ) {
57	+ echo 'This';
58	+ } else {
59	+ echo 'If you click the <b>Private Site</b> checkbox below, this';
60	+ }
61	+ ?>
62	+ Plugin creates a Private Site,
63	+ by ensuring that site visitors login
64	+ before viewing your web site.
65	+ The only things visible to anyone not logged in, including Search Engines, are:
66	+ <ul>
67	+ <li>
68	+ » Your site's WordPress Login page;
69	+ </li>
70	+ <li>
71	+ » Any selections in the
72	+ <b>
73	+ Visible Exclusions
74	+ </b>
75	+ section (below);
76	+ </li>
77	+ <li>
78	+ » Any non-WordPress components of your web site, such as HTML, PHP, ASP or other non-WordPress web page files;
79	+ </li>
80	+ <li>
81	+ » Images and other media and text files, but only when accessed directly by their URL,
82	+ or from a browser's directory view, if available.
83	+ </li>
84	+ </ul>
85	+ Other means are available to hide most of the files mentioned above.
86	+ </p>
87	+ <p>
88	+ To see your site, each visitor will need to be registered as a User on your WordPress site.
89	+ They will also have to enter their Username and Password on the WordPress login screen.
90	+ </p>
91	+ <p>
92	+ You can choose what they see after they login by selecting a <b>Landing Location</b> in the section below.
93	+ </p>
94	+ <form action="options.php" method="POST">
95	+ <?php
96	+ // Plugin Settings are displayed and entered here:
97	+ settings_fields( 'jr_ps_settings' );
98	+ do_settings_sections( 'jr_ps_settings_page' );
99	+ echo '<p><input name="save" type="submit" value="Save Changes" class="button-primary" /></p></form>';
100	+
101	+ /* Turn off Warning about Private Site defaulting to OFF
102	+ once Admin has seen Settings page.
103	+ */
104	+ $internal_settings = get_option( 'jr_ps_internal_settings' );
105	+ if ( isset( $internal_settings['warning_privacy'] ) ) {
106	+ unset( $internal_settings['warning_privacy'] );
107	+ update_option( 'jr_ps_internal_settings', $internal_settings );
108	+ }
109	+ }
110	+
111	+ add_action( 'admin_init', 'jr_ps_admin_init' );
112	+
113	+ /**
114	+ * Register and define the settings
115	+ *
116	+ * Everything to be stored and/or can be set by the user
117	+ *
118	+ */
119	+ function jr_ps_admin_init() {
120	+ register_setting( 'jr_ps_settings', 'jr_ps_settings', 'jr_ps_validate_settings' );
121	+ add_settings_section( 'jr_ps_private_settings_section',
122	+ 'Make Site Private',
123	+ 'jr_ps_private_settings_expl',
124	+ 'jr_ps_settings_page'
125	+ );
126	+ add_settings_field( 'private_site',
127	+ 'Private Site',
128	+ 'jr_ps_echo_private_site',
129	+ 'jr_ps_settings_page',
130	+ 'jr_ps_private_settings_section'
131	+ );
132	+ add_settings_section( 'jr_ps_self_registration_section',
133	+ '<input name="save" type="submit" value="Save Changes" class="button-primary" /><hr />'
134	+ . 'Allow Self-Registration',
135	+ 'jr_ps_self_registration_expl',
136	+ 'jr_ps_settings_page'
137	+ );
138	+ if ( is_multisite() ) {
139	+ /* Clone Network Admin panels: Settings-Network Settings-Registration Settings-Allow new registrations.
140	+ It will be Read-Only except for Super Administrators.
141	+ */
142	+ add_settings_field( 'registrations',
143	+ 'Allow new registrations',
144	+ 'jr_ps_echo_registrations',
145	+ 'jr_ps_settings_page',
146	+ 'jr_ps_self_registration_section'
147	+ );
148	+ } else {
149	+ /* Clone Site Admin panels: Settings-General Settings-Membership
150	+ */
151	+ add_settings_field( 'membership',
152	+ 'Membership',
153	+ 'jr_ps_echo_membership',
154	+ 'jr_ps_settings_page',
155	+ 'jr_ps_self_registration_section'
156	+ );
157	+ }
158	+ add_settings_field( 'reveal_registration',
159	+ 'Reveal Registration Page',
160	+ 'jr_ps_echo_reveal_registration',
161	+ 'jr_ps_settings_page',
162	+ 'jr_ps_self_registration_section'
163	+ );
164	+ add_settings_section( 'jr_ps_landing_settings_section',
165	+ 'Landing Location',
166	+ 'jr_ps_landing_settings_expl',
167	+ 'jr_ps_settings_page'
168	+ );
169	+ add_settings_field( 'landing',
170	+ 'Where to after Login?',
171	+ 'jr_ps_echo_landing',
172	+ 'jr_ps_settings_page',
173	+ 'jr_ps_landing_settings_section'
174	+ );
175	+ add_settings_field( 'specific_url',
176	+ 'Specific URL',
177	+ 'jr_ps_echo_specific_url',
178	+ 'jr_ps_settings_page',
179	+ 'jr_ps_landing_settings_section'
180	+ );
181	+ add_settings_field( 'wplogin_php',
182	+ 'Apply to wp-login.php?',
183	+ 'jr_ps_echo_wplogin_php',
184	+ 'jr_ps_settings_page',
185	+ 'jr_ps_landing_settings_section'
186	+ );
187	+ add_settings_section( 'jr_ps_custom_login_section',
188	+ 'Custom Login',
189	+ 'jr_ps_custom_login_expl',
190	+ 'jr_ps_settings_page'
191	+ );
192	+ add_settings_field( 'custom_login',
193	+ 'Custom Login page?',
194	+ 'jr_ps_echo_custom_login',
195	+ 'jr_ps_settings_page',
196	+ 'jr_ps_custom_login_section'
197	+ );
198	+ add_settings_field( 'login_url',
199	+ 'Custom Login URL',
200	+ 'jr_ps_echo_login_url',
201	+ 'jr_ps_settings_page',
202	+ 'jr_ps_custom_login_section'
203	+ );
204	+ add_settings_section( 'jr_ps_exclusions_section',
205	+ 'Visible Exclusions',
206	+ 'jr_ps_exclusions_expl',
207	+ 'jr_ps_settings_page'
208	+ );
209	+ add_settings_field( 'excl_home',
210	+ 'Site Home Always Visible?<br /><code>' . get_home_url() . '</code>',
211	+ 'jr_ps_echo_excl_home',
212	+ 'jr_ps_settings_page',
213	+ 'jr_ps_exclusions_section'
214	+ );
215	+ add_settings_field( 'excl_url_add',
216	+ 'Add URL to be Always Visible',
217	+ 'jr_ps_echo_excl_url_add',
218	+ 'jr_ps_settings_page',
219	+ 'jr_ps_exclusions_section'
220	+ );
221	+ add_settings_field( 'excl_url_is_prefix',
222	+ 'Select here if URL is a Prefix',
223	+ 'jr_ps_echo_excl_url_is_prefix',
224	+ 'jr_ps_settings_page',
225	+ 'jr_ps_exclusions_section'
226	+ );
227	+ add_settings_field( 'excl_url_del',
228	+ 'Current Visible URL Entries',
229	+ 'jr_ps_echo_excl_url_del',
230	+ 'jr_ps_settings_page',
231	+ 'jr_ps_exclusions_section'
232	+ );
233	+ add_settings_section( 'jr_ps_advanced_settings_section',
234	+ 'Advanced Settings',
235	+ 'jr_ps_advanced_settings_expl',
236	+ 'jr_ps_settings_page'
237	+ );
238	+ add_settings_field( 'user_submenu',
239	+ 'User Submenu?',
240	+ 'jr_ps_echo_user_submenu',
241	+ 'jr_ps_settings_page',
242	+ 'jr_ps_advanced_settings_section'
243	+ );
244	+ if ( is_multisite() ) {
245	+ add_settings_field( 'check_role',
246	+ 'Check User Role on Site?',
247	+ 'jr_ps_echo_check_role',
248	+ 'jr_ps_settings_page',
249	+ 'jr_ps_advanced_settings_section'
250	+ );
251	+ }
252	+ }
253	+
254	+ /**
255	+ * Section text for Section1
256	+ *
257	+ * Display an explanation of this Section
258	+ *
259	+ */
260	+ function jr_ps_private_settings_expl() {
261	+ ?>
262	+ <p>
263	+ You will only have a Private Site if the checkbox just below is checked.
264	+ This allows you to disable the Private Site functionality
265	+ without deactivating the Plugin.
266	+ </p>
267	+ <?php
268	+ }
269	+
270	+ function jr_ps_echo_private_site() {
271	+ $settings = get_option( 'jr_ps_settings' );
272	+ echo '<input type="checkbox" id="private_site" name="jr_ps_settings[private_site]" value="true"'
273	+ . checked( TRUE, $settings['private_site'], FALSE ) . ' />';
274	+ echo ' (This plugin is currently ';
275	+ if ( $settings['private_site'] ) {
276	+ echo 'enabled; click checkbox to disable)';
277	+ } else {
278	+ echo 'disabled; click checkbox to enable)';
279	+ }
280	+ }
281	+
282	+ /**
283	+ * Section text for Section2
284	+ *
285	+ * Display an explanation of this Section
286	+ *
287	+ */
288	+ function jr_ps_self_registration_expl() {
289	+ echo '
290	+ <p>
291	+ If you want Users to be able to Register themselves on a Private Site,
292	+ there are two Settings involved.
293	+ First
294	+ is the WordPress Setting that actually allows new Users to self-register.
295	+ It is shown here as a convenience,
296	+ but:
297	+ <ol>
298	+ <li>This is the same
299	+ ';
300	+ if ( is_multisite() ) {
301	+ echo '<b>Allow New Registrations</b> field displayed on the <b>Network Settings</b> Admin panel;</li>';
302	+ } else {
303	+ echo '<b>Membership</b> field displayed on the <b>General Settings</b> Admin panel;</li>';
304	+ }
305	+ if ( is_multisite() && !is_super_admin() ) {
306	+ echo '<li>The field is greyed out below because only Super Administrators can change this field.';
307	+ } else {
308	+ echo '<li>Clicking the Save Changes button will update its value.';
309	+ }
310	+ echo '
311	+ </li>
312	+ </ol>
313	+ </p>
314	+ <p>
315	+ Second, is a Setting
316	+ (Reveal Registration Page)
317	+ for this plugin,
318	+ to make the WordPress User Registration page visible to Visitors who are not logged on.
319	+ Since Users cannot log on until they are Registered,
320	+ this Setting must be selected (check mark) for Self-Registration.
321	+ </p>
322	+ ';
323	+ }
324	+
325	+ function jr_ps_echo_registrations() {
326	+ $setting = get_site_option( 'registration' );
327	+ foreach ( array(
328	+ 'none' => 'Registration is disabled.',
329	+ 'user' => 'User accounts may be registered.',
330	+ 'blog' => 'Logged in users may register new sites.',
331	+ 'all' => 'Both sites and user accounts can be registered.'
332	+ ) as $value => $description ) {
333	+ echo '<input type="radio" id="registrations" name="jr_ps_settings[registrations]" '
334	+ . checked( $value, $setting, FALSE )
335	+ . ' value="' . $value . '" '
336	+ . disabled( is_super_admin(), FALSE, FALSE )
337	+ . ' /> ' . $description . '<br />';
338	+ }
339	+ }
340	+
341	+ function jr_ps_echo_membership() {
342	+ echo '<input type="checkbox" id="membership" name="jr_ps_settings[membership]" value="1" '
343	+ . checked( '1', get_option( 'users_can_register' ), FALSE ) . ' /> Anyone can register';
344	+ }
345	+
346	+ function jr_ps_echo_reveal_registration() {
347	+ $settings = get_option( 'jr_ps_settings' );
348	+ echo '<input type="checkbox" id="reveal_registration" name="jr_ps_settings[reveal_registration]" value="true"'
349	+ . checked( TRUE, $settings['reveal_registration'], FALSE ) . ' />';
350	+ echo ' Do not block WordPress standard User Registration page (Advanced Setting: a check mark in this checkbox is recommended)';
351	+ }
352	+
353	+ /**
354	+ * Section text for Section3
355	+ *
356	+ * Display an explanation of this Section
357	+ *
358	+ */
359	+ function jr_ps_landing_settings_expl() {
360	+ ?>
361	+ <p>
362	+ What do you want your visitors to see immediately after they login?
363	+ For most Private Sites, the default
364	+ <b>Return to same URL</b>
365	+ setting works best,
366	+ as it takes visitors to where they would have been had they already been logged on when they clicked a link or entered a URL,
367	+ just as if they hit the browser's Back button twice and then the Refresh button after logging in.
368	+ </p>
369	+ <p>
370	+ <b>Specific URL</b> only applies when <b>Go to specific URL</b> is selected.
371	+ </p>
372	+ </p>
373	+ Landing Location also is applied to Logins via the Meta Widget.
374	+ <p>
375	+ <?php
376	+ }
377	+
378	+ function jr_ps_echo_landing() {
379	+ $settings = get_option( 'jr_ps_settings' );
380	+ $first = TRUE;
381	+ foreach ( array(
382	+ 'return' => 'Return to same URL',
383	+ 'home' => 'Go to Site Home',
384	+ 'admin' => 'Go to WordPress Admin Dashboard',
385	+ 'omit' => 'Omit <code>?redirect_to=</code> from URL (a check mark in this checkbox is recommended for Custom Login pages)',
386	+ 'url' => 'Go to Specific URL'
387	+ ) as $val => $desc ) {
388	+ if ( $first ) {
389	+ $first = FALSE;
390	+ } else {
391	+ echo '<br />';
392	+ }
393	+ echo '<input type="radio" id="landing" name="jr_ps_settings[landing]" '
394	+ . checked( $val, $settings['landing'], FALSE )
395	+ . ' value="' . $val . '" /> ' . $desc;
396	+ }
397	+ }
398	+
399	+ function jr_ps_echo_specific_url() {
400	+ $settings = get_option( 'jr_ps_settings' );
401	+ echo '<input type="text" id="specific_url" name="jr_ps_settings[specific_url]" size="100" maxlength="256" value="';
402	+ echo esc_url( $settings['specific_url'] )
403	+ . '" />'
404	+ . JR_PS_BELOW_FIELDS
405	+ . '(cut and paste URL here of Page, Post or other)'
406	+ . JR_PS_BELOW_FIELDS
407	+ . 'URL must begin with <code>'
408	+ . trim( get_home_url(), '\ /' )
409	+ . '/</code>';
410	+ }
411	+
412	+ function jr_ps_echo_wplogin_php() {
413	+ $settings = get_option( 'jr_ps_settings' );
414	+ echo '<input type="checkbox" id="wplogin_php" name="jr_ps_settings[wplogin_php]" value="true"'
415	+ . checked( TRUE, $settings['wplogin_php'], FALSE )
416	+ . ' /> Should Landing Location apply when a <code>wp-login.php</code> URL is clicked or typed without <code>&redirect_to=</code> after it?';
417	+ }
418	+
419	+ /**
420	+ * Section text for Section4
421	+ *
422	+ * Display an explanation of this Section
423	+ *
424	+ */
425	+ function jr_ps_custom_login_expl() {
426	+ echo '<p>If you have a Custom Login page at a different URL than the standard WordPress Login <code>'
427	+ . wp_login_url()
428	+ . '</code>, then you will need to specify it here. Otherwise, visitors will be redirected to the standard WordPress Login.</p>';
429	+ echo '<p>If the Custom Login page is not based on the standard WordPress Login page, it may not accept the <code>?redirect_to=http://landingurl</code> Query that is automatically added to the URL of the Custom Login page. Select Omit for "Where to after Login?" in the Landing Location section to remove the <code>redirect_to</code> Query.</p>';
430	+ echo '<p>Even with the Custom Login page selected, the standard WordPress login page will still appear in certain circumstances, such as logging into the Admin panels.<p>';
431	+ }
432	+
433	+ function jr_ps_echo_custom_login() {
434	+ $settings = get_option( 'jr_ps_settings' );
435	+ echo '<input type="checkbox" id="custom_login" name="jr_ps_settings[custom_login]" value="true" '
436	+ . checked( TRUE, $settings['custom_login'], FALSE )
437	+ . ' />';
438	+ }
439	+
440	+ function jr_ps_echo_login_url() {
441	+ $settings = get_option( 'jr_ps_settings' );
442	+ echo '<input type="text" id="login_url" name="jr_ps_settings[login_url]" size="100" maxlength="256" value="'
443	+ . esc_url( $settings['login_url'] )
444	+ . '" />'
445	+ . JR_PS_BELOW_FIELDS
446	+ . '(cut and paste Custom Login URL here; leave blank otherwise)'
447	+ . JR_PS_BELOW_FIELDS
448	+ . 'URL must begin with <code>'
449	+ . trim( get_home_url(), '\ /' )
450	+ . '/</code>';
451	+ }
452	+
453	+ /**
454	+ * Section text for Section5
455	+ *
456	+ * Display an explanation of this Section
457	+ *
458	+ */
459	+ function jr_ps_exclusions_expl() {
460	+ ?>
461	+ <p>
462	+ If you want to use your Site Home to interest visitors in registering for your site so they can see the rest of your site,
463	+ you obviously need Site Home visible to everyone.
464	+ </p><p>
465	+ You can add additional Visible site URLs,
466	+ one entry at a time,
467	+ in the
468	+ <b>
469	+ Add URL to be Always Visible
470	+ </b>
471	+ field.
472	+ </p><p>
473	+ The
474	+ <b>
475	+ Select here if URL is a Prefix
476	+ </b>
477	+ option allows you to specify a portion of a URL,
478	+ which will match, and make visible, all URLs that begin with that specified portion ("URL Prefix").
479	+ </p>
480	+ <?php
481	+ }
482	+
483	+ function jr_ps_echo_excl_home() {
484	+ $settings = get_option( 'jr_ps_settings' );
485	+ echo '<input type="checkbox" id="excl_home" name="jr_ps_settings[excl_home]" value="true"'
486	+ . checked( TRUE, $settings['excl_home'], FALSE ) . ' /> Site Home is visible to everyone?';
487	+ }
488	+
489	+ function jr_ps_echo_excl_url_add() {
490	+ echo '<input id="excl_url_add" name="jr_ps_settings[excl_url_add]" type="text" size="100" maxlength="256" value="" />'
491	+ . JR_PS_BELOW_FIELDS
492	+ . '(cut and paste URL here of Page, Post or other)'
493	+ . JR_PS_BELOW_FIELDS
494	+ . 'URL must begin with <code>'
495	+ . trim( get_home_url(), '\ /' )
496	+ . '/</code>';
497	+ }
498	+
499	+ function jr_ps_echo_excl_url_is_prefix() {
500	+ ?>
501	+ <input type="checkbox" id="excl_url_is_prefix" name="jr_ps_settings[excl_url_is_prefix]" value="true" /> Anything that begins with this URL Prefix will be Always Visible
502	+ <?php
503	+ }
504	+
505	+ function jr_ps_echo_excl_url_del() {
506	+ $settings = get_option( 'jr_ps_settings' );
507	+ if ( empty( $settings['excl_url'] ) && empty( $settings['excl_url_prefix'] ) ) {
508	+ echo 'None. To add a Visible URL Entry, fill in the fields above.<br />The Custom Login URL, if specified, is always Visible.';
509	+ } else {
510	+ $first = TRUE;
511	+ foreach ( array( 'url' => 'URL', 'url_prefix' => 'Prefix' ) as $key => $description ) {
512	+ foreach ( $settings["excl_$key"] as $index => $arr ) {
513	+ if ( $first ) {
514	+ $first = FALSE;
515	+ } else {
516	+ echo '<br />';
517	+ }
518	+ $display_url = $arr[0];
519	+ echo 'Delete <input type="checkbox" id="excl_' . $key . '_del" name="jr_ps_settings[excl_' . $key . '_del][]"'
520	+ . " value='$index' /> $description=<a href='$display_url' target='_blank'>$display_url</a>";
521	+ }
522	+ }
523	+ echo '<br />In addition, the Custom Login URL, if specified, is always Visible.';
524	+ }
525	+ }
526	+
527	+ function jr_ps_advanced_settings_expl() {
528	+ }
529	+
530	+ function jr_ps_echo_user_submenu() {
531	+ global $jr_ps_users_submenu;
532	+ if ( isset( $jr_ps_users_submenu ) ) {
533	+ jr_ps_input_user_submenu( 'hidden' );
534	+ jr_ps_input_user_submenu( 'disabled' );
535	+ echo ' (this setting can not be altered from the User submenu)';
536	+ } else {
537	+ jr_ps_input_user_submenu( 'normal' );
538	+ echo ' Should this Settings page be listed in the Users submenu of the Admin panels? (It is always listed in the Settings submenu)';
539	+ }
540	+ }
541	+
542	+ /**
543	+ * Creates <input> for user_submenu
544	+ *
545	+ * Build an <input type=checkbox> form field, or not, of the specified type,
546	+ * based on the current value of the user_submenu setting.
547	+ *
548	+ * @param string $type hidden, disabled, normal
549	+ * @return Null Nothing is returned
550	+ */
551	+ function jr_ps_input_user_submenu( $type ) {
552	+ $settings = get_option( 'jr_ps_settings' );
553	+ $common = ' id="user_submenu" name="jr_ps_settings[user_submenu]" value="true" ';
554	+ if ( 'hidden' === $type ) {
555	+ if ( $settings['user_submenu'] ) {
556	+ echo '<input type="hidden"' . $common . '/>';
557	+ }
558	+ } else {
559	+ echo '<input type="checkbox"' . $common;
560	+ if ( 'disabled' === $type ) {
561	+ echo 'disabled="disabled" ';
562	+ }
563	+ echo checked( TRUE, $settings['user_submenu'], FALSE )
564	+ . ' />';
565	+ }
566	+ }
567	+
568	+ function jr_ps_echo_check_role() {
569	+ $settings = get_option( 'jr_ps_settings' );
570	+ echo '<input type="checkbox" id="check_role" name="jr_ps_settings[check_role]" value="true" '
571	+ . checked( TRUE, $settings['check_role'], FALSE )
572	+ . ' />'
573	+ . ' Only allow Users listed <a href="'
574	+ . admin_url( 'users.php' )
575	+ . '">here</a> to view this site (Security: a check mark in this checkbox is recommended)';
576	+ }
577	+
578	+ function jr_ps_validate_settings( $input ) {
579	+ $valid = array();
580	+ $settings = get_option( 'jr_ps_settings' );
581	+
582	+ if ( isset( $input['private_site'] ) && ( $input['private_site'] === 'true' ) ) {
583	+ $valid['private_site'] = TRUE;
584	+ } else {
585	+ $valid['private_site'] = FALSE;
586	+ }
587	+
588	+ if ( isset( $input['reveal_registration'] ) && ( $input['reveal_registration'] === 'true' ) ) {
589	+ $valid['reveal_registration'] = TRUE;
590	+ } else {
591	+ $valid['reveal_registration'] = FALSE;
592	+ }
593	+
594	+ if ( isset( $input['wplogin_php'] ) && ( $input['wplogin_php'] === 'true' ) ) {
595	+ $valid['wplogin_php'] = TRUE;
596	+ } else {
597	+ $valid['wplogin_php'] = FALSE;
598	+ }
599	+
600	+ $url = jr_v1_sanitize_url( $input['specific_url'] );
601	+ if ( '' !== $url ) {
602	+ if ( FALSE === $url ) {
603	+ /* Reset to previous URL value and generate an error message.
604	+ */
605	+ $url = $settings['specific_url'];
606	+ add_settings_error(
607	+ 'jr_ps_settings',
608	+ 'jr_ps_urlerror',
609	+ 'Landing Location URL is not a valid URL<br /><code>'
610	+ . sanitize_text_field( $input['specific_url'] ) . '</code>',
611	+ 'error'
612	+ );
613	+ } else {
614	+ if ( !jr_ps_site_url( $url ) ) {
615	+ /* Reset to previous URL value and generate an error message.
616	+ */
617	+ $url = $settings['specific_url'];
618	+ add_settings_error(
619	+ 'jr_ps_settings',
620	+ 'jr_ps_urlerror',
621	+ 'Error in Landing Location URL. It must point to someplace on this WordPress web site<br /><code>'
622	+ . sanitize_text_field( $input['specific_url'] ) . '</code>',
623	+ 'error'
624	+ );
625	+ }
626	+ }
627	+ }
628	+ $valid['specific_url'] = $url;
629	+
630	+ if ( 'url' === $input['landing'] ) {
631	+ if ( '' === $valid['specific_url'] ) {
632	+ add_settings_error(
633	+ 'jr_ps_settings',
634	+ 'jr_ps_nourlerror',
635	+ 'Error in Landing Location: <i>Go to Specific URL</i> selected but no URL specified. Set to default <i>Return to same URL</i>.',
636	+ 'error'
637	+ );
638	+ $valid['landing'] = 'return';
639	+ } else {
640	+ $valid['landing'] = 'url';
641	+ }
642	+ } else {
643	+ if ( '' !== $valid['specific_url'] ) {
644	+ add_settings_error(
645	+ 'jr_ps_settings',
646	+ 'jr_ps_nourlerror',
647	+ 'Error in Landing Location: URL specified when not valid. URL deleted.',
648	+ 'error'
649	+ );
650	+ $valid['specific_url'] = '';
651	+ }
652	+ $valid['landing'] = $input['landing'];
653	+ }
654	+
655	+ $url = jr_v1_sanitize_url( $input['login_url'] );
656	+ if ( '' !== $url ) {
657	+ if ( FALSE === $url ) {
658	+ /* Reset to previous URL value and generate an error message.
659	+ */
660	+ $url = $settings['login_url'];
661	+ add_settings_error(
662	+ 'jr_ps_settings',
663	+ 'jr_ps_urlerror',
664	+ 'Custom Login URL is not a valid URL<br /><code>'
665	+ . sanitize_text_field( $input['login_url'] ) . '</code>',
666	+ 'error'
667	+ );
668	+ } else {
669	+ if ( !jr_ps_site_url( $url ) ) {
670	+ /* Reset to previous URL value and generate an error message.
671	+ */
672	+ $url = $settings['login_url'];
673	+ add_settings_error(
674	+ 'jr_ps_settings',
675	+ 'jr_ps_urlerror',
676	+ 'Error in Custom Login URL. It must point to someplace on this WordPress web site<br /><code>'
677	+ . sanitize_text_field( $input['login_url'] ) . '</code>',
678	+ 'error'
679	+ );
680	+ }
681	+ }
682	+ }
683	+ $valid['login_url'] = $url;
684	+
685	+ if ( isset( $input['custom_login'] ) && ( $input['custom_login'] === 'true' ) ) {
686	+ if ( '' === $valid['login_url'] ) {
687	+ add_settings_error(
688	+ 'jr_ps_settings',
689	+ 'jr_ps_nourlerror',
690	+ 'Error in Custom Login: <i>Custom Login page?</i> checkbox selected but no URL specified. Checkbox deselected.',
691	+ 'error'
692	+ );
693	+ $valid['custom_login'] = FALSE;
694	+ } else {
695	+ $valid['custom_login'] = TRUE;
696	+ /* Was Custom Login just turned on?
697	+ If so, be sure Landing Location is set to Omit.
698	+ */
699	+ if ( !$setting['custom_login'] && ( 'omit' !== $valid['landing'] ) ) {
700	+ $valid['landing'] = 'omit';
701	+ add_settings_error(
702	+ 'jr_ps_settings',
703	+ 'jr_ps_setomit',
704	+ 'Landing Location changed to "Omit", recommended for Custom Login pages.',
705	+ 'updated'
706	+ );
707	+ }
708	+ }
709	+ } else {
710	+ $valid['custom_login'] = FALSE;
711	+ }
712	+
713	+ if ( isset( $input['excl_home'] ) && ( $input['excl_home'] === 'true' ) ) {
714	+ $valid['excl_home'] = TRUE;
715	+ } else {
716	+ $valid['excl_home'] = FALSE;
717	+ }
718	+
719	+ if ( is_multisite() ) {
720	+ if ( is_super_admin() ) {
721	+ if ( isset( $input['registrations'] ) ) {
722	+ update_site_option( 'registration', $input['registrations'] );
723	+ }
724	+ }
725	+ /* Only in Form in WordPress Network
726	+ */
727	+ if ( isset( $input['check_role'] ) && ( $input['check_role'] === 'true' ) ) {
728	+ $valid['check_role'] = TRUE;
729	+ } else {
730	+ $valid['check_role'] = FALSE;
731	+ }
732	+ } else {
733	+ if ( isset( $input['membership'] ) ) {
734	+ $mem = $input['membership'];
735	+ } else {
736	+ $mem = '0';
737	+ }
738	+ update_option( 'users_can_register', $mem );
739	+ /* Not in Form except in WordPress Network
740	+ */
741	+ $valid['check_role'] = $settings['check_role'];
742	+ }
743	+
744	+ foreach ( array( 'excl_url', 'excl_url_prefix' ) as $key ) {
745	+ if ( isset( $settings[$key] ) ) {
746	+ $valid[$key] = $settings[$key];
747	+ } else {
748	+ $valid[$key] = array();
749	+ }
750	+
751	+ /* Delete URLs to Exclude from Privacy.
752	+ */
753	+ if ( isset ( $input[$key . '_del'] ) ) {
754	+ foreach ( $input[$key . '_del'] as $excl_url_del ) {
755	+ unset( $valid[$key][$excl_url_del] );
756	+ }
757	+ }
758	+ }
759	+
760	+ /* Add a URL to Exclude from Privacy.
761	+ */
762	+ $url = jr_v1_sanitize_url( $input['excl_url_add'] );
763	+ if ( '' !== $url ) {
764	+ if ( FALSE === $url ) {
765	+ add_settings_error(
766	+ 'jr_ps_settings',
767	+ 'jr_ps_urlerror',
768	+ 'Always Visible URL is not a valid URL<br /><code>'
769	+ . sanitize_text_field( $input['excl_url_add'] ) . '</code>',
770	+ 'error'
771	+ );
772	+ } else {
773	+ if ( jr_ps_site_url( $url ) ) {
774	+ if ( isset ( $input['excl_url_is_prefix'] ) && ( 'true' === $input['excl_url_is_prefix'] ) ) {
775	+ $key = 'excl_url_prefix';
776	+ } else {
777	+ $key = 'excl_url';
778	+ }
779	+ $valid[$key][] = array( $url, jr_v1_prep_url( $url ) );
780	+ } else {
781	+ add_settings_error(
782	+ 'jr_ps_settings',
783	+ 'jr_ps_urlerror',
784	+ 'Error in Always Visible URL. It must point to someplace on this WordPress web site<br /><code>'
785	+ . sanitize_text_field( $input['excl_url_add'] ) . '</code>',
786	+ 'error'
787	+ );
788	+ }
789	+ }
790	+ }
791	+
792	+ if ( isset( $input['user_submenu'] ) && ( $input['user_submenu'] === 'true' ) ) {
793	+ $valid['user_submenu'] = TRUE;
794	+ } else {
795	+ $valid['user_submenu'] = FALSE;
796	+ }
797	+
798	+ global $jr_ps_users_submenu;
799	+ /* This conditional is really a poor solution, but it is the only thing I could find that worked.
800	+ Anything else gave me zero or two Settings Saved messages, with the main problem being on the
801	+ Settings submenu page when checkbox was filled for 'user_submenu' and Save Settings button hit.
802	+ */
803	+ $errors = get_settings_errors();
804	+ if ( $valid['user_submenu'] = TRUE \|\| ( ( isset( $jr_ps_users_submenu ) ) && ( empty( $errors ) ) ) ) {
805	+ add_settings_error(
806	+ 'jr_ps_settings',
807	+ 'jr_ps_saved',
808	+ 'Settings Saved',
809	+ 'updated'
810	+ );
811	+ }
812	+
813	+ return $valid;
814	+ }
815	+
816	+ ?>

includes/all-admin.php ADDED Viewed

	@@ -0,0 +1,29 @@


1	+ <?php
2	+ /*
3	+ Loaded for all Admin panels.
4	+ */
5	+
6	+ // Exit if .php file accessed directly
7	+ if ( !defined( 'ABSPATH' ) ) exit;
8	+
9	+ $internal_settings = get_option( 'jr_ps_internal_settings' );
10	+ if ( isset( $internal_settings['warning_privacy'] ) ) {
11	+ add_action( 'all_admin_notices', 'jr_ps_warning_privacy' );
12	+ /**
13	+ * Warn that Private Site is turned OFF by default
14	+ *
15	+ * Put Warning on top of every Admin page (visible to Admins only)
16	+ * until Admin visits plugin's Settings page.
17	+ *
18	+ */
19	+ function jr_ps_warning_privacy() {
20	+ global $jr_ps_plugin_data;
21	+ if ( current_user_can( 'manage_options' ) ) {
22	+ echo '<div class="updated"><p><b>Private Site is currently turned off on ' . $jr_ps_plugin_data['Name'] . ' plugin <a href="'
23	+ . admin_url( 'options-general.php?page=jr_ps_settings' )
24	+ . '">Settings page</a>.</b></p></div>';
25	+ }
26	+ }
27	+ }
28	+
29	+ ?>

includes/common-functions.php ADDED Viewed

	@@ -0,0 +1,363 @@


1	+ <?php
2	+ /* jonradio Common Functions,
3	+ intended for use in more than one jonradio plugin,
4	+ and others are encouraged to use for their own purposes.
5	+ See details below license.
6	+ */
7	+
8	+ /* Copyright 2014 jonradio (email : info@zatz.com)
9	+
10	+ This program is free software; you can redistribute it and/or modify
11	+ it under the terms of the GNU General Public License as published by
12	+ the Free Software Foundation; either version 2 of the License, or
13	+ (at your option) any later version.
14	+
15	+ This program is distributed in the hope that it will be useful,
16	+ but WITHOUT ANY WARRANTY; without even the implied warranty of
17	+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18	+ GNU General Public License for more details.
19	+
20	+ You should have received a copy of the GNU General Public License
21	+ along with this program; if not, write to the Free Software
22	+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
23	+ */
24	+
25	+ /* Concept and Usage
26	+ Each function name is prefixed with jr_v followed by a Version Number (integer) then another underscore
27	+ then the function name.
28	+ Each function is preceded by a check for previous existence,
29	+ so that multiple plugins can use the same function without generating duplicate function definition errors.
30	+ By incorporating the Version Number into the function name, there is no danger of a plugin using the wrong version.
31	+ Standard usage is to have all these functions stored in each plugin's folder as /includes/common-functions.php
32	+ Each function has its own Version Number, which only increases when the function actually changes;
33	+ which means that common-functions.php will normally include many different version numbers in its functions;
34	+ i.e. - the version number applies independently to each function, not to the common-functions.php file as a whole.
35	+ */
36	+
37	+ // Exit if .php file accessed directly
38	+ if ( !defined( 'ABSPATH' ) ) exit;
39	+
40	+ /**
41	+ * Check for missing Settings and set them to defaults
42	+ *
43	+ * Ensures that the Named Setting exists, and populates it with defaults for any missing values.
44	+ * Safe to use on every execution of a plugin because it only does an expensive Database Write
45	+ * when it finds missing Settings.
46	+ *
47	+ * @param string $name Name of Settings as looked up with get_option()
48	+ * @param array $defaults Each default Settings value in [key] => value format
49	+ * @return bool/Null Return value from update_option(), or NULL if update_option() not called
50	+ */
51	+ if ( !function_exists( 'jr_v1_validate_settings' ) ) {
52	+ function jr_v1_validate_settings( $name, $defaults ) {
53	+ $updated = FALSE;
54	+ if ( FALSE === ( $settings = get_option( $name ) ) ) {
55	+ $settings = $defaults;
56	+ $updated = TRUE;
57	+ } else {
58	+ foreach ( $defaults as $key => $value ) {
59	+ if ( !isset( $settings[$key] ) ) {
60	+ $settings[$key] = $value;
61	+ $updated = TRUE;
62	+ }
63	+ }
64	+ }
65	+ if ( $updated ) {
66	+ $return = update_option( $name, $settings );
67	+ } else {
68	+ $return = NULL;
69	+ }
70	+ return $return;
71	+ }
72	+ }
73	+
74	+ /* As well as dealing with the low probability that a single mb_ function has been disabled in a php.ini,
75	+ this also supports older versions of PHP as mb_ functions were introduced one by one over a number of php versions.
76	+ */
77	+ if ( function_exists( 'mb_substr' ) ) {
78	+ function jr_v1_substr() {
79	+ $args = func_get_args();
80	+ if ( isset( $args[2] ) ) {
81	+ return mb_substr( $args[0], $args[1], $args[2] );
82	+ } else {
83	+ return mb_substr( $args[0], $args[1] );
84	+ }
85	+ }
86	+ } else {
87	+ function jr_v1_substr() {
88	+ $args = func_get_args();
89	+ if ( isset( $args[2] ) ) {
90	+ return substr( $args[0], $args[1], $args[2] );
91	+ } else {
92	+ return substr( $args[0], $args[1] );
93	+ }
94	+ }
95	+ }
96	+ if ( function_exists( 'mb_strlen' ) ) {
97	+ function jr_v1_strlen( $string ) {
98	+ return mb_strlen( $string );
99	+ }
100	+ } else {
101	+ function jr_v1_strlen( $string ) {
102	+ return strlen( $string );
103	+ }
104	+ }
105	+ if ( function_exists( 'mb_strtolower' ) ) {
106	+ function jr_v1_strtolower( $string ) {
107	+ return mb_strtolower( $string );
108	+ }
109	+ } else {
110	+ function jr_v1_strtolower( $string ) {
111	+ return strtolower( $string );
112	+ }
113	+ }
114	+ if ( function_exists( 'mb_stripos' ) ) {
115	+ function jr_v1_stripos( $string, $find, $offset = 0 ) {
116	+ return mb_stripos( $string, $find, $offset );
117	+ }
118	+ } else {
119	+ function jr_v1_stripos( $string, $find, $offset = 0 ) {
120	+ return stripos( $string, $find, $offset );
121	+ }
122	+ }
123	+ if ( function_exists( 'mb_strpos' ) ) {
124	+ function jr_v1_strpos( $string, $find, $offset = 0 ) {
125	+ return mb_strpos( $string, $find, $offset );
126	+ }
127	+ } else {
128	+ function jr_v1_strpos( $string, $find, $offset = 0 ) {
129	+ return strpos( $string, $find, $offset );
130	+ }
131	+ }
132	+
133	+ /**
134	+ * Do two URLs point at the same location on a web site?
135	+ *
136	+ * Preps URL, if string
137	+ *
138	+ * @param string/array $url1 URL to compare, a string, or an array in special format created by companion function
139	+ * @param string/array $url2 URL to compare, a string, or an array in special format created by companion function
140	+ * @return bool bool TRUE if URL matches prefix; FALSE otherwise
141	+ */
142	+ if ( !function_exists( 'jr_v1_same_url' ) ) {
143	+ function jr_v1_same_url( $url1, $url2 ) {
144	+ if ( is_string( $url1 ) ) {
145	+ $url1 = jr_v1_prep_url( $url1 );
146	+ }
147	+ if ( is_string( $url2 ) ) {
148	+ $url2 = jr_v1_prep_url( $url2 );
149	+ }
150	+ return ( $url1 == $url2 );
151	+ }
152	+ }
153	+
154	+ /**
155	+ * Does a specified Prefix URL match the given URL?
156	+ *
157	+ * Preps URL, if string
158	+ *
159	+ * @param string/array $prefix front part of a URL to compare, a string, or an array in special format created by companion function
160	+ * @param string/array $url full URL to compare, a string, or an array in special format created by companion function
161	+ * @return bool bool TRUE if Prefix matches first part of URL; FALSE otherwise
162	+ */
163	+ if ( !function_exists( 'jr_v1_same_prefix_url' ) ) {
164	+ function jr_v1_same_prefix_url( $prefix, $url ) {
165	+ if ( is_string( $prefix ) ) {
166	+ $prefix = jr_v1_prep_url( $prefix );
167	+ }
168	+ if ( is_string( $url ) ) {
169	+ $url = jr_v1_prep_url( $url );
170	+ }
171	+ if ( $url['host'] === $prefix['host'] ) {
172	+ if ( $url['path'] === $prefix['path'] ) {
173	+ /* Host and Path both exactly match for URL and Prefix specified.
174	+ */
175	+ if ( array() === $prefix['query'] ) {
176	+ $match = TRUE;
177	+ } else {
178	+ /* Now the hard part: determining a legitimate prefix match for Query
179	+ */
180	+ foreach ( $prefix['query'] as $prefix_keyword => $prefix_value ) {
181	+ $one_match = FALSE;
182	+ foreach ( $url['query'] as $url_keyword => $url_value ) {
183	+ if ( $prefix_keyword === jr_v1_substr( $url_keyword, 0, jr_v1_strlen( $prefix_keyword ) ) ) {
184	+ if ( $prefix_value === jr_v1_substr( $url_value, 0, jr_v1_strlen( $prefix_value ) ) ) {
185	+ $one_match = TRUE;
186	+ }
187	+ }
188	+ }
189	+ /* All Prefix Queries must match.
190	+ */
191	+ if ( FALSE === $one_match ) {
192	+ return FALSE;
193	+ }
194	+ }
195	+ $match = TRUE;
196	+ }
197	+ } else {
198	+ /* Paths must exactly match if Prefix specifies Query
199	+ */
200	+ if ( array() === $prefix['query'] ) {
201	+ /* No Query in Prefix, so check Path for Prefix match
202	+ */
203	+ $match = ( $prefix['path'] === jr_v1_substr( $url['path'], 0, jr_v1_strlen( $prefix['path'] ) ) );
204	+ } else {
205	+ $match = FALSE;
206	+ }
207	+ }
208	+ } else {
209	+ if ( ( '' === $prefix['path'] ) && ( array() === $prefix['query'] ) ) {
210	+ /* No Path or Query in Prefix, so check Host for Prefix match
211	+ */
212	+ $match = ( $prefix['host'] === jr_v1_substr( $url['host'], 0, jr_v1_strlen( $prefix['host'] ) ) );
213	+ } else {
214	+ /* Hosts must exactly match if Prefix specifies Path or Query
215	+ */
216	+ $match = FALSE;
217	+ }
218	+ }
219	+ return $match;
220	+ }
221	+ }
222	+
223	+ /**
224	+ * Standardize a URL into an array of values that can be accurately compared with another
225	+ *
226	+ * Preps URL, by removing any UTF Left-to-right Mark (LRM), usually found as a suffix,
227	+ * translating the URL to lower-case, removing prefix http[s]//:[www.],
228	+ * any embedded index.php and any trailing slash or #bookmark,
229	+ * and breaks up ?keyword=value queries into array elements.
230	+ *
231	+ * Structure/Elements of Array returned:
232	+ * [host] - domain.com - www. is removed, but all other subdomains are included
233	+ * [path] - /dir/file.ext
234	+ * [query] - any Queries (e.g. - "?kw=val&kw2=val2") broken up as follows:
235	+ * [$keyword] => $value with preceding equals sign, only if equals sign was present
236	+ * To simplify processing of this Array, zero length strings and empty arrays are used,
237	+ * rather than NULL entries or missing array elements.
238	+ *
239	+ * @param string $url URL to create an array from, in special format for accurate comparison
240	+ * @return array array of standardized attributes of the URL (see structure above)
241	+ */
242	+ if ( !function_exists( 'jr_v1_prep_url' ) ) {
243	+ function jr_v1_prep_url( $url ) {
244	+ /* Handle troublesome %E2%80%8E UTF Left-to-right Mark (LRM) suffix first.
245	+ */
246	+ if ( FALSE === jr_v1_stripos( $url, '%E2%80%8E' ) ) {
247	+ if ( FALSE === jr_v1_stripos( rawurlencode( $url ), '%E2%80%8E' ) ) {
248	+ $url_clean = $url;
249	+ } else {
250	+ $url_clean = rawurldecode( str_ireplace( '%E2%80%8E', '', rawurlencode( $url ) ) );
251	+ /* mb_str_ireplace() does not exist because str_ireplace() is binary-safe.
252	+ */
253	+ }
254	+ } else {
255	+ $url_clean = str_ireplace( '%E2%80%8E', '', $url );
256	+ }
257	+ $url_clean = trim( $url_clean );
258	+
259	+ /* parse_url(), especially before php Version 5.4.7,
260	+ has a history of problems when Scheme is not present,
261	+ especially for LocalHost as a Host,
262	+ so add a prefix of http:// if :// is not found
263	+ */
264	+ if ( FALSE === jr_v1_strpos( $url_clean, '://' ) ) {
265	+ $url_clean = "http://$url_clean";
266	+ }
267	+
268	+ $parse_array = parse_url( jr_v1_strtolower( $url_clean ) );
269	+ /* Get rid of URL components that do not matter to us in our comparison of URLs
270	+ */
271	+ foreach ( array( 'scheme', 'port', 'user', 'pass', 'fragment' ) as $component ) {
272	+ unset ( $parse_array[$component] );
273	+ }
274	+ /* Remove www. from host
275	+ */
276	+ if ( 'www.' === jr_v1_substr( $parse_array['host'], 0, 4 ) ) {
277	+ $parse_array['host'] = jr_v1_substr( $parse_array['host'], 4 );
278	+ }
279	+ if ( isset( $parse_array['path'] ) ) {
280	+ /* Remove any index.php occurences in path, since these can be spurious in IIS
281	+ and perhaps other environments.
282	+ */
283	+ $parse_array['path'] = str_replace( 'index.php', '', $parse_array['path'] );
284	+ /* Remove leading and trailing slashes from path
285	+ */
286	+ $parse_array['path'] = trim( $parse_array['path'], "/\\" );
287	+ } else {
288	+ $parse_array['path'] = '';
289	+ }
290	+ /* Take /?keyword=value&keyword=value URL query parameters
291	+ and break them up into array( keyword => value, keyword => value )
292	+ */
293	+ if ( isset( $parse_array['query'] ) ) {
294	+ $parms = explode( '&', $parse_array['query'] );
295	+ $parse_array['query'] = array();
296	+ foreach( $parms as $parm ) {
297	+ if ( FALSE === ( $cursor = jr_v1_strpos( $parm, '=', 1 ) ) ) {
298	+ $parse_array['query'][$parm] = '';
299	+ } else {
300	+ /* Include the Equals Sign ("=") as the first character of the Query Value
301	+ to differentiate between a URL Prefix with a Query Keyword followed by
302	+ an Equals Sign, and one without. For example, "address" would match
303	+ address2=abc, while "address=" would not.
304	+ */
305	+ $parse_array['query'][jr_v1_substr( $parm, 0, $cursor + 1 )] = jr_v1_substr( $parm, $cursor + 1 );
306	+ }
307	+ }
308	+ } else {
309	+ $parse_array['query'] = array();
310	+ }
311	+ return $parse_array;
312	+ }
313	+ }
314	+
315	+ /**
316	+ * Sanitize a URL
317	+ *
318	+ * Preps URL, by removing any UTF Left-to-right Mark (LRM), usually found as a suffix,
319	+ * and then checks if URL is blank.
320	+ *
321	+ * @param string $url URL
322	+ * @return string/bool Sanitized URL; bool FALSE if invalid URL;
323	+ * zero length string if URL not specified
324	+ */
325	+ if ( !function_exists( 'jr_v1_sanitize_url' ) ) {
326	+ function jr_v1_sanitize_url( $url ) {
327	+ /* Handle troublesome %E2%80%8E UTF Left-to-right Mark (LRM) suffix first.
328	+ */
329	+ if ( FALSE === stripos( $url, '%E2%80%8E' ) ) {
330	+ if ( FALSE === stripos( rawurlencode( $url ), '%E2%80%8E' ) ) {
331	+ $url_clean = $url;
332	+ } else {
333	+ $url_clean = rawurldecode( str_ireplace( '%E2%80%8E', '', rawurlencode( $url ) ) );
334	+ }
335	+ } else {
336	+ $url_clean = str_ireplace( '%E2%80%8E', '', $url );
337	+ }
338	+ $url_clean = trim( $url_clean );
339	+ if ( empty( $url_clean ) ) {
340	+ return '';
341	+ }
342	+ /* Add a prefix of http:// if :// is not found
343	+ and be sure scheme is http: or https:
344	+ */
345	+ if ( FALSE === strpos( $url_clean, '://' ) ) {
346	+ if ( is_ssl()
347	+ \|\| ( isset( $_SERVER['HTTP_X_FORWARDED_PROTO'] )
348	+ && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' ) ) {
349	+ $s = 's';
350	+ } else {
351	+ $s = '';
352	+ }
353	+ $url_clean = "http$s://$url_clean";
354	+ } else {
355	+ if ( !in_array( strtolower( parse_url( $url_clean, PHP_URL_SCHEME ) ), array( 'http', 'https' ) ) ) {
356	+ return FALSE;
357	+ }
358	+ }
359	+ return $url_clean;
360	+ }
361	+ }
362	+
363	+ ?>

includes/functions-admin.php ADDED Viewed

	@@ -0,0 +1,49 @@


1	+ <?php
2	+
3	+ /**
4	+ * Is the URL on the current WordPress web site?
5	+ *
6	+ * Checks if URL begins with Site Home URL.
7	+ * Strip http[s]://[www.] and leading and trailing blanks and convert to lower-case before comparing,
8	+ * to allow http, etc. to be omitted on entry
9	+ *
10	+ * @param string $url URL to be checked to be sure it is "on" the current WordPress web site
11	+ * @return bool bool TRUE if URL is on current WordPress web site; FALSE otherwise
12	+ */
13	+ function jr_ps_site_url( $url ) {
14	+ $site_home = jr_ps_urlcompare_prep( get_home_url() );
15	+ return ( substr( jr_ps_urlcompare_prep( $url ), 0, strlen( $site_home ) ) === $site_home );
16	+ }
17	+
18	+ /**
19	+ * Prepare a URL for comparison with another URL
20	+ *
21	+ * Strip [http[s]://][www.] and leading and trailing blanks, and convert to lower-case,
22	+ * to:
23	+ * (1) permit comparison of "synonym" URLs; and
24	+ * (2) allow http to be omitted when inputting a URL
25	+ *
26	+ * @param string $url URL to be prepped for comparison
27	+ * @return string URL prepped for comparison
28	+ */
29	+ function jr_ps_urlcompare_prep( $url ) {
30	+ $prep_url = strtolower( trim( $url ) );
31	+ if ( 'http' === substr( $prep_url, 0, 4 ) ) {
32	+ if ( 's' === substr( $prep_url, 4, 1 ) ) {
33	+ $cursor = 5; // Next character to look at in URL
34	+ } else {
35	+ $cursor = 4;
36	+ }
37	+ if ( '://' === substr( $prep_url, $cursor, 3 ) ) {
38	+ $cursor = $cursor + 3;
39	+ }
40	+ } else {
41	+ $cursor = 0;
42	+ }
43	+ if ( 'www.' === substr( $prep_url, $cursor, 4 ) ) {
44	+ $cursor = $cursor + 4;
45	+ }
46	+ return substr( $prep_url, $cursor );
47	+ }
48	+
49	+ ?>

includes/index.html ADDED Viewed

File without changes

includes/installed-plugins.php ADDED Viewed

	@@ -0,0 +1,91 @@


1	+ <?php
2	+ /*
3	+ Initiated when in the Admin panels.
4	+ Used to handle the plugin's entry on the Install Plugins page.
5	+ */
6	+
7	+ /* Support WordPress Version 3.0.x before is_network_admin() existed
8	+ */
9	+ if ( function_exists( 'is_network_admin' ) && is_network_admin() ) {
10	+ // Add Link to the plugin's entry on the Network Admin "Plugins" Page, for easy access
11	+ add_filter( 'network_admin_plugin_action_links_' . jr_ps_plugin_basename(), 'jr_ps_plugin_network_action_links', 10, 1 );
12	+
13	+ /**
14	+ * Creates Settings link right on the Network Plugins Page entry.
15	+ *
16	+ * Helps the user understand where to go immediately upon Activation of the Plugin
17	+ * by creating entries on the Plugins page, right beside Deactivate and Edit.
18	+ *
19	+ * @param array $links Existing links for our Plugin, supplied by WordPress
20	+ * @param string $file Name of Plugin currently being processed
21	+ * @return string $links Updated set of links for our Plugin
22	+ */
23	+ function jr_ps_plugin_network_action_links( $links ) {
24	+ // The "page=" query string value must be equal to the slug
25	+ // of the Settings admin page.
26	+ array_push( $links, '<a href="' . get_bloginfo('wpurl') . '/wp-admin/network/settings.php?page=jr_ps_network_settings' . '">Settings</a>' );
27	+ return $links;
28	+ }
29	+ } else {
30	+ // Add Link to the plugin's entry on the Admin "Plugins" Page, for easy access
31	+ add_filter( 'plugin_action_links_' . jr_ps_plugin_basename(), 'jr_ps_plugin_action_links', 10, 1 );
32	+
33	+ if ( function_exists( 'is_plugin_active_for_network' ) && is_plugin_active_for_network( jr_ps_plugin_basename() ) ) {
34	+ // Add entry for the plugin on the each site's Admin "Plugins" Page, when Network Activated and not normally shown
35	+ add_action( 'pre_current_active_plugins', 'jr_ps_show_plugin' );
36	+
37	+ function jr_ps_show_plugin() {
38	+ global $wp_list_table;
39	+ global $jr_ps_path;
40	+ $wp_list_table->items[jr_ps_plugin_basename()] = get_plugin_data( $jr_ps_path . basename( jr_ps_plugin_basename() ) );
41	+ uasort( $wp_list_table->items, 'jr_ps_sort_plugins' );
42	+ return;
43	+ }
44	+
45	+ function jr_ps_sort_plugins( $a, $b ) {
46	+ return strcasecmp( $a['Name'], $b['Name'] );
47	+ }
48	+
49	+ /**
50	+ * Creates Settings entry right on the Plugins Page entry.
51	+ *
52	+ * Helps the user understand where to go immediately upon Activation of the Plugin
53	+ * by creating entries on the Plugins page, right beside Deactivate and Edit.
54	+ *
55	+ * @param array $links Existing links for our Plugin, supplied by WordPress
56	+ * @param string $file Name of Plugin currently being processed
57	+ * @return string $links Updated set of links for our Plugin
58	+ */
59	+ function jr_ps_plugin_action_links( $links ) {
60	+ /* Delete existing Links and replace with "Network Activated" (not a link)
61	+ and "Settings" as a link to Plugin Settings page.
62	+ The "page=" query string value must be equal to the slug
63	+ of the Settings admin page.
64	+ */
65	+ return array( 'Network Activated',
66	+ '<a href="' . get_bloginfo('wpurl') . '/wp-admin/options-general.php?page=jr_ps_settings' . '">Settings</a>'
67	+ );
68	+ }
69	+ } else {
70	+ /**
71	+ * Creates Settings entry right on the Plugins Page entry.
72	+ *
73	+ * Helps the user understand where to go immediately upon Activation of the Plugin
74	+ * by creating entries on the Plugins page, right beside Deactivate and Edit.
75	+ *
76	+ * @param array $links Existing links for our Plugin, supplied by WordPress
77	+ * @param string $file Name of Plugin currently being processed
78	+ * @return string $links Updated set of links for our Plugin
79	+ */
80	+ function jr_ps_plugin_action_links( $links ) {
81	+ /* Add "Settings" to the end of existing Links
82	+ The "page=" query string value must be equal to the slug
83	+ of the Settings admin page.
84	+ */
85	+ array_push( $links, '<a href="' . get_bloginfo('wpurl') . '/wp-admin/options-general.php?page=jr_ps_settings' . '">Settings</a>' );
86	+ return $links;
87	+ }
88	+ }
89	+ }
90	+
91	+ ?>

includes/net-settings.php ADDED Viewed

	@@ -0,0 +1,61 @@


1	+ <?php
2	+ /*
3	+ Initiated when in the Network Admin panels.
4	+ Used to create the Settings page for the plugin.
5	+ */
6	+
7	+ add_action( 'network_admin_menu', 'jr_ps_network_admin_hook' );
8	+ // Runs just after admin_init
9	+
10	+ /**
11	+ * Add Network Admin Menu item for plugin
12	+ *
13	+ * Plugin needs its own Page in the Settings section of the Network Admin menu.
14	+ *
15	+ */
16	+ function jr_ps_network_admin_hook() {
17	+ // Add Network Settings Page for this Plugin
18	+ global $jr_ps_plugin_data;
19	+ add_submenu_page( 'settings.php', $jr_ps_plugin_data['Name'], 'Private Sites', 'manage_network_options', 'jr_ps_network_settings', 'jr_ps_network_settings_page' );
20	+ }
21	+
22	+ /**
23	+ * Network Settings page for plugin
24	+ *
25	+ * Display and Process Settings page for this plugin.
26	+ *
27	+ */
28	+ function jr_ps_network_settings_page() {
29	+ global $jr_ps_plugin_data;
30	+ add_thickbox();
31	+ echo '<div class="wrap">';
32	+ screen_icon( 'plugins' );
33	+ echo '<h2>' . $jr_ps_plugin_data['Name'] . '</h2>';
34	+ ?>
35	+ <p>
36	+ This Plugin has been <b>Network Activated</b> in a WordPress Multisite ("Network") installation.
37	+ Since all of this plugin's Settings can be specified separately for each individual WordPress site,
38	+ you will need to go to the Admin pages for each Site,
39	+ and review the plugin's Settings page,
40	+ making changes appropriate for that Site.
41	+ The plugin's Settings page can be found by opening the <b>Settings</b> submenu on the left sidebar of each Admin page for the Site
42	+ and selecting <b>Private Site</b>.
43	+ Or from the <b>Settings</b> link in the plugin's entry on the <b>Installed Plugins</b> page for the Site
44	+ <i>(WordPress does not list Network Activated plugins on each Site's Installed Plugins page,
45	+ but this plugin has added its own entry for your convenience)</i>.
46	+ </p>
47	+ <p>
48	+ Alternatively, you can <b>Network Deactivate</b> this plugin
49	+ and <b>Activate</b> it individually on each Site where you wish to use it.
50	+ </p>
51	+ <p>
52	+ If you would prefer, when this plugin is Network Activated,
53	+ to have a single set of Settings that would apply to all Sites in a WordPress network,
54	+ and/or be able to view and change all of the Settings for all Sites from this one Network Settings page that you are now viewing,
55	+ <a href="http://zatzlabs.com/contact-us/">please contact the Plugin author</a>
56	+ and this will be added to a future version of this plugin if there is enough interest expressed by webmasters such as you.
57	+ </p>
58	+ <?php
59	+ }
60	+
61	+ ?>

includes/public.php ADDED Viewed

	@@ -0,0 +1,299 @@


1	+ <?php
2	+ /*
3	+ Initiated when on the "public" web site,
4	+ i.e. - not an Admin panel.
5	+ */
6	+
7	+ // Exit if .php file accessed directly
8	+ if ( !defined( 'ABSPATH' ) ) exit;
9	+
10	+ add_action( 'login_init', 'jr_ps_login' );
11	+ add_action( 'wp', 'jr_ps_force_login' );
12	+ add_filter( 'login_url', 'jr_ps_login_url' );
13	+ add_action( 'wp_login_failed', 'jr_ps_login_failed' );
14	+ add_action( 'wp_authenticate', 'jr_ps_wp_authenticate', 10, 2 );
15	+
16	+ $settings = get_option( 'jr_ps_settings' );
17	+ if ( $settings['wplogin_php'] ) {
18	+ /* Run this Filter "last" (Priority=100) to be sure that Paid Memberships Pro
19	+ has already runs its Filter.
20	+ */
21	+ add_filter( 'login_redirect', 'jr_ps_login_redirect_filter', 100, 3 );
22	+ /* Since it is defined when the plugin is loaded,
23	+ wait to check for the Paid Memberships Pro function.
24	+ */
25	+ add_action( 'plugins_loaded', 'jr_ps_plugins_loaded' );
26	+ function jr_ps_plugins_loaded() {
27	+ if ( function_exists( 'pmpro_login_redirect' ) ) {
28	+ add_filter( 'pmpro_login_redirect_url', 'jr_ps_pmpro_login_redirect_url_filter', 10, 3 );
29	+ function jr_ps_pmpro_login_redirect_url_filter( $redirect_to, $requested_redirect_to, $user ) {
30	+ $redirect = jr_ps_login_redirect_filter( $redirect_to, $requested_redirect_to, $user );
31	+ DEFINE( 'JR_PS_PMPRO_RUN', TRUE );
32	+ return $redirect;
33	+ }
34	+ }
35	+ }
36	+ function jr_ps_login_redirect_filter( $redirect_to, $requested_redirect_to, $user ) {
37	+ if ( !defined( 'JR_PS_PMPRO_RUN' ) ) {
38	+ if ( '' === $requested_redirect_to ) {
39	+ $redirect_to = jr_ps_after_login_url();
40	+ }
41	+ }
42	+ return $redirect_to;
43	+ }
44	+ }
45	+
46	+ /**
47	+ * Login Detection
48	+ *
49	+ * Set a global variable, $jr_ps_is_login, whenever a login occurs
50	+ *
51	+ * @return NULL Nothing is returned
52	+ */
53	+ function jr_ps_login() {
54	+ global $jr_ps_is_login;
55	+ $jr_ps_is_login = TRUE;
56	+ }
57	+
58	+ /**
59	+ * Present a login screen to anyone not logged in
60	+ *
61	+ * Check for already logged in or just logged in.
62	+ * Only called when is_admin() is FALSE
63	+ *
64	+ * @return NULL Nothing is returned
65	+ */
66	+ function jr_ps_force_login() {
67	+ /* return statements are performed only if User does not need to login.
68	+
69	+ First, check if User is on a Login panel.
70	+ */
71	+ global $jr_ps_is_login, $jr_ps_plugin_data;
72	+ if ( isset( $jr_ps_is_login ) ) {
73	+ return;
74	+ }
75	+
76	+ $settings = get_option( 'jr_ps_settings' );
77	+
78	+ /* Next, check if User is already logged in, and has a Role on this Site.
79	+ */
80	+ $role = TRUE;
81	+ if ( is_user_logged_in() ) {
82	+ if ( is_multisite() ) {
83	+ if ( is_user_member_of_blog() ) {
84	+ return;
85	+ } else {
86	+ /* User is logged on to a Site where he/she has no Role.
87	+ */
88	+ if ( $settings['check_role'] ) {
89	+ $role = FALSE;
90	+ } else {
91	+ /* User can see all of public site.
92	+ */
93	+ return;
94	+ }
95	+ }
96	+ } else {
97	+ return;
98	+ }
99	+ }
100	+
101	+ /* URL of current page without http://, i.e. - starting with domain
102	+ */
103	+ $current_url = $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
104	+ if ( $settings['excl_home'] && jr_v1_same_url( get_home_url(), $current_url ) ) {
105	+ return;
106	+ }
107	+ if ( $settings['custom_login'] && !empty( $settings['login_url'] ) && jr_v1_same_url( $settings['login_url'], $current_url ) ) {
108	+ return;
109	+ }
110	+ if ( isset( $settings['excl_url'] ) ) {
111	+ foreach ( $settings['excl_url'] as $arr ) {
112	+ /* Test the pre-parsed URL in the URL Exclusion list
113	+ */
114	+ if ( jr_v1_same_url( $arr[1], $current_url ) ) {
115	+ return;
116	+ }
117	+ }
118	+ }
119	+ if ( isset( $settings['excl_url_prefix'] ) ) {
120	+ foreach ( $settings['excl_url_prefix'] as $arr ) {
121	+ /* Test the pre-parsed URL in the Prefix URL Exclusion list
122	+ */
123	+ if ( jr_v1_same_prefix_url( $arr[1], $current_url ) ) {
124	+ return;
125	+ }
126	+ }
127	+ }
128	+
129	+ if ( $settings['reveal_registration'] ) {
130	+ $buddypress_path = 'buddypress/bp-loader.php';
131	+ $buddypress_active = is_plugin_active( $buddypress_path );
132	+ /* URL of Registration Page varies between Multisite (Network)
133	+ and Single Site WordPress.
134	+ Plus, wp_registration_url function was introduced in
135	+ WordPress Version 3.6.
136	+ */
137	+ if ( is_multisite() ) {
138	+ $reg_url = get_site_url( 0, 'wp-signup.php' );
139	+ $buddypress_active = $buddypress_active \|\| is_plugin_active_for_network( $buddypress_path );
140	+ } else {
141	+ if ( function_exists( 'wp_registration_url' ) ) {
142	+ $reg_url = wp_registration_url();
143	+ } else {
144	+ $reg_url = get_site_url( 0, 'wp-login.php?action=register' );
145	+ }
146	+ }
147	+ if ( jr_v1_same_url( $reg_url, $current_url )
148	+ \|\| ( $buddypress_active
149	+ && ( jr_v1_same_url( get_site_url( 0, 'register' ), $current_url )
150	+ \|\| jr_v1_same_url( get_site_url( 0, 'activate' ),
151	+ parse_url( $current_url, PHP_URL_HOST )
152	+ . parse_url( $current_url, PHP_URL_PATH ) ) ) ) ) {
153	+ /* BuddyPress plugin redirects Registration URL to
154	+ either {current site}/register/ or {main site}/register/
155	+ and has its own Activation at /activate/?key=...
156	+ */
157	+ return;
158	+ }
159	+ }
160	+
161	+ /* Must exclude all of the pages generated by the Theme My Login plugin
162	+ */
163	+ $theme_my_login_path = 'theme-my-login/theme-my-login.php';
164	+ $theme_my_login_active = is_plugin_active( $theme_my_login_path );
165	+ if ( is_multisite() ) {
166	+ $theme_my_login_active = $theme_my_login_active \|\| is_plugin_active_for_network( $theme_my_login_path );
167	+ }
168	+ if ( $theme_my_login_active ) {
169	+ if ( NULL !== ( $page = get_post( $null = NULL ) ) ) {
170	+ /* Some Versions of WordPress required that get_post() have a parameter
171	+ */
172	+ if ( ( 'page' === $page->post_type )
173	+ && in_array( $page->post_name, array( 'login', 'logout', 'lostpassword', 'register', 'resetpass' ) )
174	+ && stripos( $page->post_content, 'theme-my-login' ) ) {
175	+ return;
176	+ }
177	+ }
178	+ }
179	+
180	+ /* Point of No Return:
181	+ We now know that the Visitor must be forced to login
182	+ if the Visitor wants to see the current URL.
183	+ */
184	+ if ( !$role ) {
185	+ /* User is logged on to a Site where he/she has no Role.
186	+ */
187	+ $message = 'You (User "'
188	+ . wp_get_current_user()->user_login
189	+ . '") cannot view this Site ("'
190	+ . get_bloginfo( 'name', 'display' )
191	+ . '").<hr />'
192	+ . 'Your User ID has not been defined to this Site. '
193	+ . 'If you believe that you should be able to access this Site, '
194	+ . 'please contact your network administrator or this site\'s webmaster, '
195	+ . 'and mention that your access was blocked by the <em>'
196	+ . $jr_ps_plugin_data['Name']
197	+ . '</em> plugin.';
198	+ wp_die( $message );
199	+ }
200	+
201	+ if ( $settings['custom_login'] && !empty( $settings['login_url'] ) ) {
202	+ $url = jr_ps_login_url( $settings['login_url'] );
203	+ } else {
204	+ /* wp_login_url() returns the standard WordPress login URL,
205	+ but the login_url Filter adds the ?redirect_to= query in the URL.
206	+ */
207	+ $url = wp_login_url();
208	+ }
209	+
210	+ /* wp_redirect( $url ) goes to $url right after exit on the line that follows.
211	+ */
212	+ wp_redirect( $url );
213	+ exit;
214	+ }
215	+
216	+ /**
217	+ * Add Landing Location to Login URL
218	+ *
219	+ * Although written to modify the Login URL in the Meta Widget,
220	+ * to implement Landing Location, wp_login_url() is also called
221	+ * near the end of jr_ps_force_login() above.
222	+ *
223	+ * @param string $login_url Login URL
224	+ * @param string $redirect Path to redirect to on login.
225	+ * @return string Login URL
226	+ */
227	+ function jr_ps_login_url( $login_url ) {
228	+ /* remove_query_arg() simply returns $login_url if a ?redirect_to= query is not present in the URL.
229	+ */
230	+ $url = remove_query_arg( 'redirect_to', $login_url );
231	+ /* $redirect_to is the URL passed to the standard WordPress login URL,
232	+ via the ?redirect_to= URL query parameter, to go to after login is complete.
233	+ */
234	+ $redirect_to = jr_ps_after_login_url();
235	+ /* Also avoids situations where specific URL is requested,
236	+ but URL is blank.
237	+ */
238	+ if ( !empty( $redirect_to ) ) {
239	+ $url = add_query_arg( 'redirect_to', urlencode( $redirect_to ), $url );
240	+ }
241	+ return $url;
242	+ }
243	+
244	+ function jr_ps_after_login_url() {
245	+ $settings = get_option( 'jr_ps_settings' );
246	+ switch ( $settings['landing'] ) {
247	+ case 'return':
248	+ // $_SERVER['HTTPS'] can be off in IIS
249	+ if ( empty( $_SERVER['HTTPS'] ) \|\| ( $_SERVER['HTTPS'] == 'off' ) ) {
250	+ $http = 'http://';
251	+ } else {
252	+ $http = 'https://';
253	+ }
254	+ $after_login_url = $http . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
255	+ break;
256	+ case 'home':
257	+ $after_login_url = get_home_url();
258	+ break;
259	+ case 'admin':
260	+ $after_login_url = get_admin_url();
261	+ break;
262	+ case 'url':
263	+ $after_login_url = trim( $settings['specific_url'] );
264	+ break;
265	+ case 'omit':
266	+ $after_login_url = '';
267	+ break;
268	+ }
269	+ return $after_login_url;
270	+ }
271	+
272	+ function jr_ps_login_failed() {
273	+ $settings = get_option( 'jr_ps_settings' );
274	+ if ( $settings['custom_login'] && !empty( $settings['login_url'] ) ) {
275	+ /* wp_redirect( $url ) goes to $url right after exit on the line that follows.
276	+ */
277	+ wp_redirect( jr_ps_login_url( $settings['login_url'] ) );
278	+ exit;
279	+ } else {
280	+ return;
281	+ }
282	+ }
283	+
284	+ function jr_ps_wp_authenticate( $username, $password ) {
285	+ foreach ( array( $username, $password ) as $auth ) {
286	+ if ( empty( $auth ) ) {
287	+ jr_ps_login_failed();
288	+ } else {
289	+ /* Also catch blanks.
290	+ */
291	+ $trim_auth = rtrim( $auth );
292	+ if ( empty( $auth ) ) {
293	+ jr_ps_login_failed();
294	+ }
295	+ }
296	+ }
297	+ }
298	+
299	+ ?>

index.html ADDED Viewed

File without changes

jonradio-private-site.php ADDED Viewed

	@@ -0,0 +1,191 @@


1	+ <?php
2	+ /*
3	+ Plugin Name: jonradio Private Site
4	+ Plugin URI: http://zatzlabs.com/plugins/
5	+ Description: Creates a Private Site by allowing only those logged on to view the WordPress web site. Settings select the initial destination after login.
6	+ Version: 2.11.4
7	+ Author: David Gewirtz
8	+ Author URI: http://zatzlabs.com/plugins/
9	+ License: GPLv2
10	+ */
11	+
12	+ /* Copyright 2014 jonradio (email : info@zatz.com)
13	+
14	+ This program is free software; you can redistribute it and/or modify
15	+ it under the terms of the GNU General Public License as published by
16	+ the Free Software Foundation; either version 2 of the License, or
17	+ (at your option) any later version.
18	+
19	+ This program is distributed in the hope that it will be useful,
20	+ but WITHOUT ANY WARRANTY; without even the implied warranty of
21	+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22	+ GNU General Public License for more details.
23	+
24	+ You should have received a copy of the GNU General Public License
25	+ along with this program; if not, write to the Free Software
26	+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
27	+ */
28	+
29	+ /* Exit if .php file accessed directly
30	+ */
31	+ if ( !defined( 'ABSPATH' ) ) exit;
32	+
33	+ global $jr_ps_path;
34	+ $jr_ps_path = plugin_dir_path( __FILE__ );
35	+ /**
36	+ * Return Plugin's full directory path with trailing slash
37	+ *
38	+ * Local XAMPP install might return:
39	+ * C:\xampp\htdocs\wpbeta\wp-content\plugins\jonradio-private-site/
40	+ *
41	+ */
42	+ function jr_ps_path() {
43	+ global $jr_ps_path;
44	+ return $jr_ps_path;
45	+ }
46	+
47	+ global $jr_ps_plugin_basename;
48	+ $jr_ps_plugin_basename = plugin_basename( __FILE__ );
49	+ /**
50	+ * Return Plugin's Basename
51	+ *
52	+ * For this plugin, it would be:
53	+ * jonradio-multiple-themes/jonradio-multiple-themes.php
54	+ *
55	+ */
56	+ function jr_ps_plugin_basename() {
57	+ global $jr_ps_plugin_basename;
58	+ return $jr_ps_plugin_basename;
59	+ }
60	+
61	+ if ( !function_exists( 'get_plugin_data' ) ) {
62	+ require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
63	+ }
64	+
65	+ global $jr_ps_plugin_data;
66	+ $jr_ps_plugin_data = get_plugin_data( __FILE__ );
67	+ $jr_ps_plugin_data['slug'] = basename( dirname( __FILE__ ) );
68	+
69	+ /* Detect initial activation or a change in plugin's Version number
70	+
71	+ Sometimes special processing is required when the plugin is updated to a new version of the plugin.
72	+ Also used in place of standard activation and new site creation exits provided by WordPress.
73	+ Once that is complete, update the Version number in the plugin's Network-wide settings.
74	+ */
75	+
76	+ if ( ( FALSE === ( $internal_settings = get_option( 'jr_ps_internal_settings' ) ) )
77	+ \|\| empty( $internal_settings['version'] ) )
78	+ {
79	+ /* Plugin is either:
80	+ - updated from a version so old that Version was not yet stored in the plugin's settings, or
81	+ - first use after install:
82	+ - first time ever installed, or
83	+ - installed previously and properly uninstalled (data deleted)
84	+ */
85	+
86	+ $old_version = '0.1';
87	+ } else {
88	+ $old_version = $internal_settings['version'];
89	+ }
90	+
91	+ if ( version_compare( $old_version, $jr_ps_plugin_data['Version'], '!=' ) ) {
92	+ /* Create, if internal settings do not exist; update if they do exist
93	+ */
94	+ $internal_settings['version'] = $jr_ps_plugin_data['Version'];
95	+ if ( version_compare( $old_version, '2', '<' ) ) {
96	+ /* Previous versions turned Privacy on at Activation;
97	+ Now it is a Setting on the Settings page,
98	+ so warn Admin.
99	+ */
100	+ $internal_settings['warning_privacy'] = TRUE;
101	+ }
102	+ update_option( 'jr_ps_internal_settings', $internal_settings );
103	+ }
104	+
105	+ require_once( jr_ps_path() . 'includes/common-functions.php' );
106	+ jr_v1_validate_settings( 'jr_ps_settings',
107	+ array(
108	+ 'private_site' => FALSE,
109	+ 'reveal_registration' => TRUE,
110	+ 'landing' => 'return',
111	+ 'specific_url' => '',
112	+ 'wplogin_php' => FALSE,
113	+ 'custom_login' => FALSE,
114	+ 'login_url' => '',
115	+ 'excl_url' => array(),
116	+ 'excl_url_prefix' => array(),
117	+ 'excl_home' => FALSE,
118	+ 'user_submenu' => TRUE,
119	+ 'check_role' => TRUE
120	+ )
121	+ );
122	+ $settings = get_option( 'jr_ps_settings' );
123	+ if ( is_admin() ) {
124	+ require_once( jr_ps_path() . 'includes/all-admin.php' );
125	+ /* Support WordPress Version 3.0.x before is_network_admin() existed
126	+ */
127	+ if ( function_exists( 'is_network_admin' ) && is_network_admin() ) {
128	+ // Network Admin pages in Network/Multisite install
129	+ if ( function_exists( 'is_plugin_active_for_network' ) && is_plugin_active_for_network( jr_ps_plugin_basename() ) ) {
130	+ // Network Admin Settings page for Plugin
131	+ require_once( jr_ps_path() . 'includes/net-settings.php' );
132	+ }
133	+ } else {
134	+ // Regular (non-Network) Admin pages
135	+ // Settings page for Plugin
136	+ require_once( jr_ps_path() . 'includes/admin-settings.php' );
137	+ }
138	+ // All changes to all Admin-Installed Plugins pages
139	+ require_once( jr_ps_path() . 'includes/installed-plugins.php' );
140	+ } else {
141	+ /* Public WordPress content, i.e. - not Admin pages
142	+ Do nothing if Private Site setting not set by Administrator
143	+ */
144	+ if ( $settings['private_site'] ) {
145	+ // Private Site code
146	+ require_once( jr_ps_path() . 'includes/public.php' );
147	+ }
148	+ }
149	+
150	+ /* Documentation of Research Done for this Plugin:
151	+ Registration URL (based on a root install in http://localhost):
152	+ WordPress 3.6.1 without jonradio Private Site installed
153	+ Single Site - not a network
154	+ http://localhost/wp-login.php?action=register
155	+ Primary Site of a Network
156	+ http://localhost/wp-signup.php
157	+ Secondary Site of a Network
158	+ http://localhost/wp-signup.php
159	+ This last URL needs a lot of thought because it means that what begins on one site ends up on another.
160	+
161	+ WordPress 3.7-beta without jonradio Private Site installed
162	+ Single Site - not a network
163	+ http://localhost/wp-login.php?action=register
164	+ Primary Site of a Network
165	+ http://localhost/wp-signup.php
166	+ Secondary Site of a Network
167	+ http://localhost/wp-signup.php
168	+
169	+ WordPress 3.0.0 without jonradio Private Site installed
170	+ Single Site - not a network
171	+ http://localhost/wp-login.php?action=register
172	+ Primary Site of a Network
173	+ http://localhost/wp-signup.php
174	+ Secondary Site of a Network
175	+ http://localhost/wp-signup.php
176	+
177	+ wp_registration_url() was not available prior to WordPress Version 3.6.0
178	+
179	+ Self-Registration allows potential Users to Register their own ID and Password without Administrator intervention or knowledge.
180	+ It is controlled by:
181	+ get_option( 'users_can_register' ) - non-Network
182	+ '1' - allows Self-Registration
183	+ '0' - no Self-Registration
184	+ get_site_option( 'registration' ) - Network (Multisite)
185	+ 'user' - allows Self-Registration
186	+ 'none' - no Self-Registration
187	+ 'blog' - Users can create new Sites in a Network
188	+ 'all' - allows Self-Registration and the creation of new Sites in a Network
189	+ */
190	+
191	+ ?>

readme.txt ADDED Viewed

	@@ -0,0 +1,214 @@


1	+ === jonradio Private Site ===
2	+ Contributors: dgewirtz
3	+ Donate link: http://zatzlabs.com/plugins/
4	+ Tags: login, visibility, private, security, plugin, pages, page, posts, post
5	+ Requires at least: 3.0
6	+ Tested up to: 4.0
7	+ Stable tag: 2.11.4
8	+ License: GPLv2 or later
9	+ License URI: http://www.gnu.org/licenses/gpl-2.0.html
10	+
11	+ Create a Private Site visible only to your registered users.
12	+
13	+ == Description ==
14	+
15	+ Allows the Administrator to restrict a WordPress-based web site to viewing only by registered users who are logged on. Any attempt, by anyone not logged, to view any Page, Post or other part of the site will display a WordPress login screen.
16	+
17	+ Login prompts are provided whenever a non-logged in user ("site visitor") attempts to access any URL controlled by WordPress on the web site. This plugin does not control non-WordPress web pages, such as .html and .php files created by hand or by other software products. Or images and other media and text files directly accessed by their URL, or from a browser's directory view, if available.
18	+
19	+ Features and Settings:
20	+
21	+ * Supports WordPress Networks ("Multisite"), with Network-wide Settings planned for a future version
22	+ * Visible Exclusions settings allow the entry of a list of URLs that will always be visible, and never be hidden by the plugin; a separate Setting is provided for hiding or revealing Site Home without the need to enter its URL
23	+ * A URL Prefix option in Visible Exclusions, matches, and makes visible, all URLs that begin with the one or more partial URLs entered
24	+ * Supports Custom Login and Registration pages at URLs different than the standard WordPress Login and Registration URLs
25	+ * Landing Location settings determine what the User sees after successfully logging in
26	+ * Landing Location is set for both automatic Login prompts and the Meta Widget's Login link
27	+ * User Self-Registration settings (varies between Network and Non-Network WordPress) are presented on the plugin's Settings page for easy access
28	+ * No known Theme incompatibilities, and only known Plugin incompatibility is with the A5 Custom Login plugin
29	+ * Special functionality is included to not hide Login- and Registration-related URLs used by BuddyPress and Theme My Login plugins
30	+ * Remember Me improvements at Login via free companion plugin, jonradio Remember Me, which can be downloaded separately from the WordPress Plugin Repository
31	+ * Overrides WordPress hiding of Network Activated plugins, just for itself; tp provide this feature for all plugins, use the free companion plugin, jonradio Reveal Network Activated Plugins, which can be downloaded separately from the WordPress Plugin Repository
32	+ * Setting to disable the plugin so that other plugin Settings can be changed when the Site is not set to Private
33	+
34	+ If you allow Self-Registration, where new Users can Register themselves, you will need to select the "Reveal User Registration Page" setting or new Users will be blocked from seeing the WordPress Registration screen (on WordPress Networks, turning off the Reveal User Registration Page setting on the "Main Site" will prevent Registration from all Sites). For convenience, the WordPress Setting that controls Self-Registration of Users has been added to the Plugin's Settings page.
35	+
36	+ Another Setting allows the Private Site feature to be turned off. When the plugin is installed and activated, the Private Site feature is set off by default, to allow the Administrator an opportunity to become familiarized with the plugin's features and to set the desired settings. A warning that the site is not private appears after first activation of the plugin until the Administrator visits the plugin's Settings page.
37	+
38	+ If a WordPress Network is defined, the plugin can be activated individually for select sites. Or Network Activated. In either case, each site will have its own Settings page where the Private Site feature can be turned off (default) or on for just the one site, and a Landing Location defined for each site.
39	+
40	+ Yes, there are other plugins that hide some or all WordPress content for any site visitor who is not logged on. But when I was searching for a solution for one of the web sites I support, I decided to "write my own" because I knew how it worked and felt comfortable that there would be no way for anyone not logged in to view the site, including Search Engines.
41	+
42	+ == Installation ==
43	+
44	+ This section describes how to install the jonradio Private Site plugin and get it working.
45	+
46	+ 1. Use Add Plugin within the WordPress Admin panel to download and install this jonradio Private Site plugin from the WordPress.org plugin repository (preferred method). Or download and unzip this plugin, then upload the `/jonradio-private-site/` directory to your WordPress web site's `/wp-content/plugins/` directory
47	+ 1. Activate the jonradio Private Site plugin through the Installed Plugins Admin panel in WordPress. If you have a WordPress Network ("Multisite"), you can either Network Activate this plugin, or Activate it individually on the sites where you wish to use it.
48	+ 1. Go to the plugin's Settings page to make the Site Private, and set where the user ends up after logging in: the Landing Location.
49	+ 1. If you allow Self-Registration, where new Users can set up their own User Name on your WordPress site or Network, you will want to select Reveal User Registration Page on the plugin's Settings page.
50	+
51	+ == Frequently Asked Questions ==
52	+
53	+ = How do I fix Redirect Loops (browser cycles for a long time then gives up)? =
54	+
55	+ By far, the most common way to create a Redirect Loop on your browser with this jonradio Private Site plugin is to specify both Custom Login page and Landing Location on the plugin's Settings page. Simply setting "Where to after Login?" in the Landing Location section to "Omit ?redirect_to= from URL" should correct the problem.
56	+
57	+ This problem has been observed when the URL of the Custom Login page is a WordPress Page. It occurs because, for Page URLs, WordPress uses the ?redirect_to= Query keyword for purposes other than a Landing Location.
58	+
59	+ = What happened? I changed my Permalinks and now some things don't work. =
60	+
61	+ Whenever you change your WordPress Permalinks (Settings-Permalinks in Admin panels), this jonradio Private Site plugin does not automatically change any URLs you have entered in the plugin's Settings. You will therefore want to make changes to URLs in the plugin's Settings whenever you change Permalinks.
62	+
63	+ = Why is User Submenu? setting greyed out? =
64	+
65	+ This setting controls whether the plugin's settings are accessible from the Users submenu of the WordPress Admin panels. For security reasons, it can only be used when the plugin's settings are accessed from the Settings submenu.
66	+
67	+ A Capability of manage_options is required to access the plugin's settings from the Settings submenu. A Capability of manage_users is required to access the plugin's settings from the Users submenu.
68	+
69	+ == Changelog ==
70	+
71	+ = 2.11.4 =
72	+ * Use Custom Login setting, if present, to redirect failed login attempts with blank username and/or password
73	+
74	+ = 2.11.3 =
75	+ * Use Custom Login setting, if present, to redirect failed login attempts
76	+
77	+ = 2.11.2 =
78	+ * Provide a Setting to disable User with No Role behaviour introduced in 2.11
79	+
80	+ = 2.11.1 =
81	+ * Remove forced logout when User with No Role attempts to access a Site (Network/Multisite install), to fix repeated messages when wp_logout is hooked by other plugins
82	+
83	+ = 2.11 =
84	+ * In a WordPress Network ("Multisite"), block Users with No Role on the current Site
85	+ * Make Landing Location work when free Paid Membership Pro plugin is activated
86	+
87	+ = 2.10.1 =
88	+ * Add setting to obey Landing Location for users who login via a URL of wp-login.php without a &redirect_to= following
89	+
90	+ = 2.10 =
91	+ * Add setting to not display a Users submenu option for the plugin's settings
92	+ * Conditional logic for Settings Saved update message in Validate function
93	+
94	+ = 2.9 =
95	+ * Set Landing Location for logins via Meta Widget link, as well as automatic Login prompts
96	+
97	+ = 2.8 =
98	+ * Add Prefix option to Always Visible URLs
99	+ * Automatically use mb_ Multi-Byte string functions, if available
100	+
101	+ = 2.7 =
102	+ * Add Custom Login URL setting
103	+
104	+ = 2.6.1 =
105	+ * Older versions of WordPress require a parameter be passed to get_post()
106	+
107	+ = 2.6 =
108	+ * Detect and make visible Login-associated Pages created by the Theme My Login plugin
109	+
110	+ = 2.5 =
111	+ * Allow other URLs to be Always Visible with new Setting
112	+
113	+ = 2.4.2 =
114	+ * Reveal BuddyPress /activate/ Activation page when Reveal Registration selected
115	+
116	+ = 2.4.1 =
117	+ * Fix bug in URL matching for Root, where one URL has a trailing slash and the other does not
118	+
119	+ = 2.4 =
120	+ * Handle BuddyPress' redirection of Register URL in Reveal Registration
121	+
122	+ = 2.3 =
123	+ * Add Setting to Reveal Home Page on a Private Site
124	+ * Fixed Problems with wp_registration_url function in WordPress prior to Version 3.6
125	+
126	+ = 2.2 =
127	+ * Add the WordPress User Self-Registration field to the plugin's Settings page
128	+ * Add the Settings page to the User submenu of Admin panel, too
129	+
130	+ = 2.1 =
131	+ * Add a settings checkbox to reveal the Register page for User Self-Registration
132	+
133	+ = 2.0 =
134	+ * Add Settings page, specifying Landing Location and turning Private Site off and on
135	+ * Warning for new default of OFF for Private Site until Settings are first viewed
136	+ * Add Networking Settings information page
137	+ * Track plugin version number in internal settings
138	+ * Replace WordPress Activation/Deactivation hooks with Version checking code from jonradio Multiple Themes
139	+ * Add Plugin entry on individual sites when plugin is Network Activated, and Settings link on all Plugin entries
140	+
141	+ = 1.1 =
142	+ * Change Action Hook to 'wp' from 'wp_head' to avoid Modify Header errors when certain other plugins are present
143	+
144	+ = 1.0 =
145	+ * Add readme.txt and screenshots
146	+ * Add in-line documentation for php functions
147	+
148	+ == Upgrade Notice ==
149	+
150	+ = 2.11.3 =
151	+ Correct Blank Username/Password when Custom Login selected
152	+
153	+ = 2.11.3 =
154	+ Correct Failed Logins when Custom Login selected
155	+
156	+ = 2.11.2 =
157	+ Add Setting to control User with No Role
158	+
159	+ = 2.11.1 =
160	+ Fix User with No Role errors on Network/Multisite
161	+
162	+ = 2.11 =
163	+ Improves Multisite security and supports Paid Membership Pro
164	+
165	+ = 2.10.1 =
166	+ Landing Location obeyed for direct access with wp-login.php URL
167	+
168	+ = 2.10 =
169	+ Allow deletion of Users submenu entry for plugin settings
170	+
171	+ = 2.9 =
172	+ Meta Widget logins now go to Landing Location
173	+
174	+ = 2.8 =
175	+ Support Prefix URL for Always Visible pages
176	+
177	+ = 2.7 =
178	+ Support Custom Login page
179	+
180	+ = 2.6.1 =
181	+ Support Theme My Login plugin with older versions of WordPress
182	+
183	+ = 2.6 =
184	+ Support Theme My Login plugin
185	+
186	+ = 2.5 =
187	+ Allow many Always Visible pages
188	+
189	+ = 2.4.2 =
190	+ Reveal BuddyPress Activation page
191	+
192	+ = 2.4.1 =
193	+ Home Page better URL matching for Root Home Pages
194	+
195	+ = 2.4 =
196	+ Support BuddyPress
197	+
198	+ = 2.3 =
199	+ New Setting to display Home Page on a Private Site.
200	+
201	+ = 2.2 =
202	+ Display WordPress Self-Registration field on plugin Settings page.
203	+
204	+ = 2.1 =
205	+ Allow User Self-Registration by "revealing" the Register page to those not logged in.
206	+
207	+ = 2.0 =
208	+ Create a Settings page that defines where the user ends up after logging in
209	+
210	+ = 1.1 =
211	+ Should eliminate Modify Header errors due to conflict with other plugins
212	+
213	+ = 1.0 =
214	+ Production version, updated to meet WordPress Repository standards

uninstall.php ADDED Viewed

	@@ -0,0 +1,19 @@


1	+ <?php
2	+ // Ensure call comes from WordPress, not a hacker or anyone else trying direct access.
3	+ if ( !defined( 'WP_UNINSTALL_PLUGIN' ) )
4	+ exit ();
5	+
6	+
7	+ /* Remove any tables, options, and such created by this Plugin */
8	+ if ( function_exists('is_multisite') && is_multisite() ) {
9	+ global $wpdb, $site_id;
10	+ $blogs = $wpdb->get_results( "SELECT blog_id FROM {$wpdb->blogs} WHERE site_id = $site_id" );
11	+ foreach ($blogs as $blog_obj) {
12	+ delete_blog_option( $blog_obj->blog_id, 'jr_ps_settings' );
13	+ delete_blog_option( $blog_obj->blog_id, 'jr_ps_internal_settings' );
14	+ }
15	+ } else {
16	+ delete_option( 'jr_ps_settings' );
17	+ delete_option( 'jr_ps_internal_settings' );
18	+ }
19	+ ?>