Peter’s Login Redirect - Version 2.9.5

Version Description

  • Fixed: logout redirect not working.
  • Remove php file redirect option. No longer used by many or used at all.
  • Plugin redirection is only manageable by manage_categories capability. Removed option to change this.
Download this release

Release Info

Developer Collizo4sky
Plugin Icon 128x128 Peter’s Login Redirect
Version 2.9.5
Comparing to
See all releases

Code changes from version 2.9.4 to 2.9.5

Files changed (4) hide show
  1. readme.txt +307 -307
  2. screenshot-1.png +0 -0
  3. wplogin_redirect.php +588 -855
  4. wplogin_redirect_control.php +0 -17
readme.txt CHANGED
@@ -1,308 +1,308 @@
1
- === Plugin Name ===
2
- Contributors: Collizo4sky
3
- Donate link: https://profilepress.net/pricing
4
- Tags: login, logout, redirect, admin, administration, dashboard, users, authentication
5
- Requires at least: 3.2
6
- Requires PHP: 5.3
7
- Tested up to: 5.2
8
- Stable tag: 2.9.4
9
- License: GPL-2.0+
10
-
11
- Redirect users to different locations after logging in and logging out.
12
-
13
- == Description ==
14
-
15
- Define a set of redirect rules for specific users, users with specific roles, users with specific capabilities, and a blanket rule for all other users. Also, set a redirect URL for post-registration. This is all managed in Settings > Login/logout redirects.
16
-
17
- You can use the syntax **[variable]username[/variable]** in your URLs so that the system will build a dynamic URL upon each login, replacing that text with the user's username. In addition to username, there is "userslug", "homeurl", "siteurl", "postid-23", "http_referer" and you can also add your own custom URL "variables". See Other Notes / How to Extend for documentation.
18
-
19
- If you're using a plugin such as Gigya that bypasses the regular WordPress login redirect process (and only allows one fixed redirect URL), set that plugin to redirect to wp-content/plugins/peters-login-redirect/wplogin_redirect_control.php and set the relevant setting to "Yes" at the bottom of the Settings > Login/Logout redirects page in the WordPress admin panel.
20
-
21
- You can add your own code logic before and between any of the plugin's normal redirect checks if needed. See Other Notes / How to Extend for documentation. Some examples include: redirecting the user based on their IP address; and redirect users to a special page on first login.
22
-
23
- This plugin also includes a function `rul_register` that acts the same as the `wp_register` function you see in templates (typically producing the Register or Site Admin links in the sidebar), except that it will return the custom defined admin address. `rul_register` takes three parameters: the "before" code (by default "<li>"), the "after" code (by default "</li>"), and whether to echo or return the result (default is `true` and thus echo).
24
-
25
- == Installation ==
26
-
27
- Installing this plugin is just like any other WordPress plugin.
28
- Navigate to your WordPress “Plugins” page, inside of your WordPress dashboard, and follow these instructions:
29
-
30
- 1. In the search field enter **Peter’s Login Redirect**. Click "Search Plugins", or hit Enter.
31
- 1. Select **Peter’s Login Redirect** and click either "Details" or "Install Now".
32
- 1. Once installed, click "Activate".
33
-
34
- == Screenshots ==
35
-
36
- 1. Defining redirect rules per role.
37
-
38
- == Frequently Asked Questions ==
39
-
40
- Please visit the plugin page at http://www.theblog.ca/wplogin-redirect with any questions.
41
-
42
- Login redirects not working? This plugin uses WordPress's standard login_redirect hook. The usual cause of problems is that another plugin is using the hook first, or there is a custom login form that isn't even running through the standard WordPress login functions.
43
-
44
- These threads might be useful:
45
-
46
- * http://www.theblog.ca/peter-forum/peters-login-redirect/logout-works-great-but-log-in-keeps-going-to-my-account-pages
47
- * http://www.theblog.ca/peter-forum/peters-login-redirect/redirect-not-working
48
- * http://www.theblog.ca/peter-forum/peters-login-redirect/any-way-to-solve-re-direct-conflict-with-wp-affiliate-plugin
49
-
50
- Also see the instructions at the bottom of the settings on the "Settings > Login/logout redirects" page in the WordPress admin panel that says:
51
-
52
- "Use external redirect file. Set this to "Yes" if you are using a plugin such as Gigya that bypasses the regular WordPress redirect process (and allows only one fixed redirect URL). Then, set the redirect URL in the other plugin to
53
- http://www.yoursite.com/wp-content/plugins/peters-login-redirect/wplogin_redirect_control.php"
54
-
55
- == How to Extend ==
56
-
57
- = Custom redirect rules =
58
-
59
- You can write your own code logic before any of this plugin's checks for user-specific, role-specific, and capability-specific redirects, as well as before the fallback redirect URL.
60
-
61
- Available filters are:
62
-
63
- * rul_before_user
64
- * rul_before_role
65
- * rul_before_capability
66
- * rul_before_fallback
67
-
68
- Each takes the same 4 parameters:
69
-
70
- * $custom_redirect_to: This is set as false in case you don't have any redirect URL to set. Return this instead of false in case you have multiple filters running.
71
- * $redirect_to: Set by WordPress, usually the admin URL.
72
- * $requested_redirect_to: Set by WordPress, usually an override set in a GET parameter.
73
- * $user: A PHP object representing the current user.
74
-
75
- Your return value in your own code logic should be the URL to redirect to, or $custom_redirect_to to continue the plugin's normal checks.
76
-
77
- An example of plugin code to redirect users on first login. See http://www.theblog.ca/wordpress-redirect-first-login for standalone functionality:
78
-
79
- `// Send new users to a special page
80
- function redirectOnFirstLogin( $custom_redirect_to, $redirect_to, $requested_redirect_to, $user )
81
- {
82
- // URL to redirect to
83
- $redirect_url = 'http://yoursite.com/firstloginpage';
84
- // How many times to redirect the user
85
- $num_redirects = 1;
86
- // If implementing this on an existing site, this is here so that existing users don't suddenly get the "first login" treatment
87
- // On a new site, you might remove this setting and the associated check
88
- // Alternative approach: run a script to assign the "already redirected" property to all existing users
89
- // Alternative approach: use a date-based check so that all registered users before a certain date are ignored
90
- // 172800 seconds = 48 hours
91
- $message_period = 172800;
92
-
93
- /*
94
- Cookie-based solution: captures users who registered within the last n hours
95
- The reason to set it as "last n hours" is so that if a user clears their cookies or logs in with a different browser,
96
- they don't get this same redirect treatment long after they're already a registered user
97
- */
98
- /*
99
-
100
- $key_name = 'redirect_on_first_login_' . $user->ID;
101
-
102
- if( strtotime( $user->user_registered ) > ( time() - $message_period )
103
- && ( !isset( $_COOKIE[$key_name] ) || intval( $_COOKIE[$key_name] ) < $num_redirects )
104
- )
105
- {
106
- if( isset( $_COOKIE[$key_name] ) )
107
- {
108
- $num_redirects = intval( $_COOKIE[$key_name] ) + 1;
109
- }
110
- setcookie( $key_name, $num_redirects, time() + $message_period, COOKIEPATH, COOKIE_DOMAIN );
111
- return $redirect_url;
112
- }
113
- */
114
- /*
115
- User meta value-based solution, stored in the database
116
- */
117
- $key_name = 'redirect_on_first_login';
118
- // Third parameter ensures that the result is a string
119
- $current_redirect_value = get_user_meta( $user->ID, $key_name, true );
120
- if( strtotime( $user->user_registered ) > ( time() - $message_period )
121
- && ( '' == $current_redirect_value || intval( $current_redirect_value ) < $num_redirects )
122
- )
123
- {
124
- if( '' != $current_redirect_value )
125
- {
126
- $num_redirects = intval( $current_redirect_value ) + 1;
127
- }
128
- update_user_meta( $user->ID, $key_name, $num_redirects );
129
- return $redirect_url;
130
- }
131
- else
132
- {
133
- return $custom_redirect_to;
134
- }
135
- }
136
-
137
- add_filter( 'rul_before_user', 'redirectOnFirstLogin', 10, 4 );`
138
-
139
- An example of plugin code to redirect to a specific URL for only a specific IP range as the first redirect check:
140
-
141
- `function redirectByIP( $custom_redirect_to, $redirect_to, $requested_redirect_to, $user )
142
- {
143
- $ip_check = '192.168.0';
144
- if( 0 === strpos( $_SERVER['REMOTE_ADDR'], $ip_check ) )
145
- {
146
- return '/secret_area';
147
- }
148
- else
149
- {
150
- return $custom_redirect_to;
151
- }
152
- }
153
-
154
- add_filter( 'rul_before_user', 'redirectByIP', 10, 4 );`
155
-
156
- Note that the same extensibility is available for logout redirects with these filters:
157
-
158
- * rul_before_user_logout
159
- * rul_before_role_logout
160
- * rul_before_capability_logout
161
- * rul_before_fallback_logout
162
-
163
- It takes 3 parameters:
164
-
165
- * $custom_redirect_to: This is set as false in case you don't have any redirect URL to set. Return this instead of false in case you have multiple filters running.
166
- * $requested_redirect_to: A redirect parameter set via POST or GET.
167
- * $user: A PHP object representing the current user.
168
-
169
- = Custom variable parameters =
170
-
171
- There is an available filter "rul_replace_variable" for adding your own custom variable names. For example, to replace **[variable]month[/variable]** in the redirect URL with the numeric representation of the current month (with leading zeros):
172
-
173
- `function customRULVariableMonth( $custom_redirect_to, $variable, $user )
174
- {
175
- if( 'month' == $variable )
176
- {
177
- return date( 'm' );
178
- }
179
- else
180
- {
181
- return $custom_redirect_to;
182
- }
183
- }
184
-
185
- add_filter( 'rul_replace_variable', 'customRULVariableMonth', 10, 3 );`
186
-
187
- Be sure to rawurlencode the returned variable if necessary.
188
-
189
- = Custom "My Portal" link =
190
-
191
- A common need is to display the "redirect" link for a user in the site navigation or sidebar.
192
-
193
- Look at the function rul_register() in the plugin file for inspiration; it makes use of the redirect_to_front_page() function to determine the URL and then provides the relevant output code.
194
-
195
- For a deeper dive into this feature, please [see this video](https://www.dropbox.com/s/kxpycsd3bz5rpyf/custom_my_portal_link.mp4?dl=0)
196
-
197
- == Changelog ==
198
-
199
- = 2.9.4 =
200
- * Fixed: Warning: is_readable(): open_basedir restriction.
201
-
202
- = 2.9.3 =
203
- * Move languages po/mo files into languages folder.
204
-
205
- = 2.9.2 =
206
- * 2019-02-23: Add CSRF protection (thanks RIPS!). Fixed translations for "username" variable instruction (thanks Jaime!).
207
-
208
- = 2.9.1 =
209
- * 2016-08-10: Support utf8mb4 encoding and prevent cross-site scripting when editing redirect URLs.
210
-
211
- = 2.9.0 =
212
- * 2015-09-25: Update translation text domain in order to support translate.wordpress.org translation system
213
-
214
- = 2.8.3 =
215
- * 2015-08-03: Add new URL variable "userslug" to match author URLs.
216
-
217
- = 2.8.2 =
218
- * 2014-09-06: Translation string fix.
219
-
220
- = 2.8.1 =
221
- * 2014-08-03: Support the deletion of rules referencing deleted user, roles, or levels.
222
-
223
- = 2.8.0 =
224
- * 2014-07-06: Improved management interface to add specific Edit and Delete buttons per rule, and removed limit around number of rules.
225
-
226
- = 2.7.2 =
227
- * 2013-10-07: Support PHP 5 static function calls, bumping WordPress requirement to 3.2+.
228
-
229
- = 2.7.1 =
230
- * 2013-07-05: Bug fix: Role-based login URLs weren't saving correctly.
231
-
232
- = 2.7.0 =
233
- * 2013-07-04: Add logout redirect URL control per-user, per-role, and per-level
234
-
235
- = 2.6.1 =
236
- * 2012-12-22: Allow editors to manage redirects in WordPress 3.5+ (required capability is now "manage_categories" instead of "manage_links").
237
-
238
- = 2.6.0 =
239
- * 2012-09-22: Added support for URL variable "http_referer" (note the single "r") to redirect the user back to the page that hosted the login form, as long as the login page isn't the standard wp-login.php. There are several caveats to this, such as: If you want to redirect only on certain forms and/or specify a redirect on the standard wp-login.php page, you should modify the form itself to use a "redirect_to" form variable instead.
240
-
241
- = 2.5.3 =
242
- * 2012-06-15: Bug fix: Fallback redirect rule wouldn't update properly if logout URL was blank on MySQL installs with strict mode enabled (thanks kvandekrol!)
243
-
244
- = 2.5.2 =
245
- * 2012-02-06: Bug fix: Fallback redirect rule updates were broken for non-English installs.
246
-
247
- = 2.5.1 =
248
- * 2012-01-17: Bug fix: Redirect after registration back-end code was missed in 2.5.0, and thus that feature wasn't actually working.
249
-
250
- = 2.5.0 =
251
- * 2012-01-15: Added redirect after registration option. Also made plugin settings editable in the WordPress admin panel.
252
-
253
- = 2.4.0 =
254
- * 2012-01-05: Added support for URL variable "postid-23". Also added documentation on how to set up redirect on first login.
255
-
256
- = 2.3.0 =
257
- * 2011-11-06: Added support for URL variable "siteurl" and "homeurl". Also added filter to support custom replacement variables in the URL. See Other Notes / How to Extend for documentation.
258
-
259
- = 2.2.0 =
260
- * 2011-09-21: Support basic custom logout redirect URL for all users only. Future versions will have the same framework for logout redirects as for login redirects.
261
-
262
- = 2.1.1 =
263
- * 2011-08-13: Minor code cleanup. Note: users now need "manage_links" permissions to edit redirect settings by default.
264
-
265
- = 2.1.0 =
266
- * 2011-06-06: Added hooks to facilitate adding your own extensions to the plugin. See Other Notes / How to Extend for documentation.
267
-
268
- = 2.0.0 =
269
- * 2011-03-03: Added option to allow a redirect_to POST or GET variable to take precedence over this plugin's rules.
270
-
271
- = 1.9.3 =
272
- * 2010-12-15: Made plugin translatable. (Thanks Anja!)
273
-
274
- = 1.9.2 =
275
- * 2010-08-20: Bug fix in code syntax.
276
-
277
- = 1.9.1 =
278
- * 2010-08-03: Bug fix for putting the username in the redirect URL.
279
-
280
- = 1.9.0 =
281
- * 2010-08-02: Added support for a separate redirect controller URL for compatibility with Gigya and similar plugins that bypass the regular WordPress login redirect mechanism. See the $rul_use_redirect_controller setting within this plugin.
282
-
283
- = 1.8.1 =
284
- * 2010-05-13: Added proper encoding of username in the redirect URL if the username has spaces.
285
-
286
- = 1.8.0 =
287
- * 2010-03-18: Added the ability to specify a username in the redirect URL for more dynamic URL generation.
288
-
289
- = 1.7.3 =
290
- * 2010-03-04: Minor tweak on settings page for better compatibility with different WordPress URL setups.
291
-
292
- = 1.7.2 =
293
- * 2010-01-11: Plugin now removes its database tables when it is uninstalled, instead of when it is deactivated. This prevents the redirect rules from being deleted when upgrading WordPress automatically.
294
-
295
- = 1.7.1 =
296
- * 2009-10-07: Minor database compatibility tweak. (Thanks KCP!)
297
-
298
- = 1.7.0 =
299
- * 2009-05-31: Added option $rul_local_only (in the plugin file itself) to bypass the WordPress default limitation of only redirecting to local URLs.
300
-
301
- = 1.6.1 =
302
- * 2009-02-06: Minor database table tweak for better compatibility with different setups. (Thanks David!)
303
-
304
- = 1.6.0 =
305
- * 2008-11-26: Added a function rul_register that acts the same as the wp_register function you see in templates, except that it will return the custom defined admin address
306
-
307
- = 1.5.1 =
308
  * 2008-09-17: Fixed compatibility for sites with a different table prefix setting in wp-config.php. (Thanks Eric!)
1
+ === Peter's Login Redirect ===
2
+ Contributors: properfraction, Collizo4sky
3
+ Donate link: https://profilepress.net/pricing
4
+ Tags: login, logout, redirect, admin, administration, dashboard, users, authentication
5
+ Requires at least: 4.0
6
+ Requires PHP: 5.3
7
+ Tested up to: 5.3
8
+ Stable tag: 2.9.5
9
+ License: GPL-2.0+
10
+
11
+ Redirect users to different locations after logging in and logging out.
12
+
13
+ == Description ==
14
+
15
+ Define a set of redirect rules for specific users, users with specific roles, users with specific capabilities, and a blanket rule for all other users. Also, set a redirect URL for post-registration. This is all managed in Settings > Login/logout redirects.
16
+
17
+ You can use the syntax **[variable]username[/variable]** in your URLs so that the system will build a dynamic URL upon each login, replacing that text with the user's username. In addition to username, there is "userslug", "homeurl", "siteurl", "postid-23", "http_referer" and you can also add your own custom URL "variables". See Other Notes / How to Extend for documentation.
18
+
19
+ You can add your own code logic before and between any of the plugin's normal redirect checks if needed. See Other Notes / How to Extend for documentation. Some examples include: redirecting the user based on their IP address; and redirect users to a special page on first login.
20
+
21
+ This plugin also includes a function `rul_register` that acts the same as the `wp_register` function you see in templates (typically producing the Register or Site Admin links in the sidebar), except that it will return the custom defined admin address. `rul_register` takes three parameters: the "before" code (by default "&lt;li&gt;"), the "after" code (by default "&lt;/li&gt;"), and whether to echo or return the result (default is `true` and thus echo).
22
+
23
+ == Installation ==
24
+
25
+ Installing this plugin is just like any other WordPress plugin.
26
+ Navigate to your WordPress “Plugins” page, inside of your WordPress dashboard, and follow these instructions:
27
+
28
+ 1. In the search field enter **Peter’s Login Redirect**. Click "Search Plugins", or hit Enter.
29
+ 1. Select **Peter’s Login Redirect** and click either "Details" or "Install Now".
30
+ 1. Once installed, click "Activate".
31
+
32
+ == Screenshots ==
33
+
34
+ 1. Defining redirect rules per role.
35
+
36
+ == Frequently Asked Questions ==
37
+
38
+ Please visit the plugin page at http://www.theblog.ca/wplogin-redirect with any questions.
39
+
40
+ Login redirects not working? This plugin uses WordPress's standard login_redirect hook. The usual cause of problems is that another plugin is using the hook first, or there is a custom login form that isn't even running through the standard WordPress login functions.
41
+
42
+ These threads might be useful:
43
+
44
+ * http://www.theblog.ca/peter-forum/peters-login-redirect/logout-works-great-but-log-in-keeps-going-to-my-account-pages
45
+ * http://www.theblog.ca/peter-forum/peters-login-redirect/redirect-not-working
46
+ * http://www.theblog.ca/peter-forum/peters-login-redirect/any-way-to-solve-re-direct-conflict-with-wp-affiliate-plugin
47
+
48
+ Also see the instructions at the bottom of the settings on the "Settings &gt; Login/logout redirects" page in the WordPress admin panel that says:
49
+
50
+ == How to Extend ==
51
+
52
+ = Custom redirect rules =
53
+
54
+ You can write your own code logic before any of this plugin's checks for user-specific, role-specific, and capability-specific redirects, as well as before the fallback redirect URL.
55
+
56
+ Available filters are:
57
+
58
+ * rul_before_user
59
+ * rul_before_role
60
+ * rul_before_capability
61
+ * rul_before_fallback
62
+
63
+ Each takes the same 4 parameters:
64
+
65
+ * $custom_redirect_to: This is set as false in case you don't have any redirect URL to set. Return this instead of false in case you have multiple filters running.
66
+ * $redirect_to: Set by WordPress, usually the admin URL.
67
+ * $requested_redirect_to: Set by WordPress, usually an override set in a GET parameter.
68
+ * $user: A PHP object representing the current user.
69
+
70
+ Your return value in your own code logic should be the URL to redirect to, or $custom_redirect_to to continue the plugin's normal checks.
71
+
72
+ An example of plugin code to redirect users on first login. See http://www.theblog.ca/wordpress-redirect-first-login for standalone functionality:
73
+
74
+ `// Send new users to a special page
75
+ function redirectOnFirstLogin( $custom_redirect_to, $redirect_to, $requested_redirect_to, $user )
76
+ {
77
+ // URL to redirect to
78
+ $redirect_url = 'http://yoursite.com/firstloginpage';
79
+ // How many times to redirect the user
80
+ $num_redirects = 1;
81
+ // If implementing this on an existing site, this is here so that existing users don't suddenly get the "first login" treatment
82
+ // On a new site, you might remove this setting and the associated check
83
+ // Alternative approach: run a script to assign the "already redirected" property to all existing users
84
+ // Alternative approach: use a date-based check so that all registered users before a certain date are ignored
85
+ // 172800 seconds = 48 hours
86
+ $message_period = 172800;
87
+
88
+ /*
89
+ Cookie-based solution: captures users who registered within the last n hours
90
+ The reason to set it as "last n hours" is so that if a user clears their cookies or logs in with a different browser,
91
+ they don't get this same redirect treatment long after they're already a registered user
92
+ */
93
+ /*
94
+
95
+ $key_name = 'redirect_on_first_login_' . $user->ID;
96
+
97
+ if( strtotime( $user->user_registered ) > ( time() - $message_period )
98
+ && ( !isset( $_COOKIE[$key_name] ) || intval( $_COOKIE[$key_name] ) < $num_redirects )
99
+ )
100
+ {
101
+ if( isset( $_COOKIE[$key_name] ) )
102
+ {
103
+ $num_redirects = intval( $_COOKIE[$key_name] ) + 1;
104
+ }
105
+ setcookie( $key_name, $num_redirects, time() + $message_period, COOKIEPATH, COOKIE_DOMAIN );
106
+ return $redirect_url;
107
+ }
108
+ */
109
+ /*
110
+ User meta value-based solution, stored in the database
111
+ */
112
+ $key_name = 'redirect_on_first_login';
113
+ // Third parameter ensures that the result is a string
114
+ $current_redirect_value = get_user_meta( $user->ID, $key_name, true );
115
+ if( strtotime( $user->user_registered ) > ( time() - $message_period )
116
+ && ( '' == $current_redirect_value || intval( $current_redirect_value ) < $num_redirects )
117
+ )
118
+ {
119
+ if( '' != $current_redirect_value )
120
+ {
121
+ $num_redirects = intval( $current_redirect_value ) + 1;
122
+ }
123
+ update_user_meta( $user->ID, $key_name, $num_redirects );
124
+ return $redirect_url;
125
+ }
126
+ else
127
+ {
128
+ return $custom_redirect_to;
129
+ }
130
+ }
131
+
132
+ add_filter( 'rul_before_user', 'redirectOnFirstLogin', 10, 4 );`
133
+
134
+ An example of plugin code to redirect to a specific URL for only a specific IP range as the first redirect check:
135
+
136
+ `function redirectByIP( $custom_redirect_to, $redirect_to, $requested_redirect_to, $user )
137
+ {
138
+ $ip_check = '192.168.0';
139
+ if( 0 === strpos( $_SERVER['REMOTE_ADDR'], $ip_check ) )
140
+ {
141
+ return '/secret_area';
142
+ }
143
+ else
144
+ {
145
+ return $custom_redirect_to;
146
+ }
147
+ }
148
+
149
+ add_filter( 'rul_before_user', 'redirectByIP', 10, 4 );`
150
+
151
+ Note that the same extensibility is available for logout redirects with these filters:
152
+
153
+ * rul_before_user_logout
154
+ * rul_before_role_logout
155
+ * rul_before_capability_logout
156
+ * rul_before_fallback_logout
157
+
158
+ It takes 3 parameters:
159
+
160
+ * $custom_redirect_to: This is set as false in case you don't have any redirect URL to set. Return this instead of false in case you have multiple filters running.
161
+ * $requested_redirect_to: A redirect parameter set via POST or GET.
162
+ * $user: A PHP object representing the current user.
163
+
164
+ = Custom variable parameters =
165
+
166
+ There is an available filter "rul_replace_variable" for adding your own custom variable names. For example, to replace **[variable]month[/variable]** in the redirect URL with the numeric representation of the current month (with leading zeros):
167
+
168
+ `function customRULVariableMonth( $custom_redirect_to, $variable, $user )
169
+ {
170
+ if( 'month' == $variable )
171
+ {
172
+ return date( 'm' );
173
+ }
174
+ else
175
+ {
176
+ return $custom_redirect_to;
177
+ }
178
+ }
179
+
180
+ add_filter( 'rul_replace_variable', 'customRULVariableMonth', 10, 3 );`
181
+
182
+ Be sure to rawurlencode the returned variable if necessary.
183
+
184
+ = Custom "My Portal" link =
185
+
186
+ A common need is to display the "redirect" link for a user in the site navigation or sidebar.
187
+
188
+ Look at the function rul_register() in the plugin file for inspiration; it makes use of the redirect_to_front_page() function to determine the URL and then provides the relevant output code.
189
+
190
+ For a deeper dive into this feature, please [see this video](https://drive.google.com/file/d/1MWSYlzd3r_BtJan2DH8XiFv2PCanuL_J/view?usp=sharing)
191
+
192
+ == Changelog ==
193
+
194
+ = 2.9.5 =
195
+ * Fixed: logout redirect not working.
196
+ * Remove php file redirect option. No longer used by many or used at all.
197
+ * Plugin redirection is only manageable by manage_categories capability. Removed option to change this.
198
+
199
+ = 2.9.4 =
200
+ * Fixed: Warning: is_readable(): open_basedir restriction.
201
+
202
+ = 2.9.3 =
203
+ * Move languages po/mo files into languages folder.
204
+
205
+ = 2.9.2 =
206
+ * 2019-02-23: Add CSRF protection (thanks RIPS!). Fixed translations for "username" variable instruction (thanks Jaime!).
207
+
208
+ = 2.9.1 =
209
+ * 2016-08-10: Support utf8mb4 encoding and prevent cross-site scripting when editing redirect URLs.
210
+
211
+ = 2.9.0 =
212
+ * 2015-09-25: Update translation text domain in order to support translate.wordpress.org translation system
213
+
214
+ = 2.8.3 =
215
+ * 2015-08-03: Add new URL variable "userslug" to match author URLs.
216
+
217
+ = 2.8.2 =
218
+ * 2014-09-06: Translation string fix.
219
+
220
+ = 2.8.1 =
221
+ * 2014-08-03: Support the deletion of rules referencing deleted user, roles, or levels.
222
+
223
+ = 2.8.0 =
224
+ * 2014-07-06: Improved management interface to add specific Edit and Delete buttons per rule, and removed limit around number of rules.
225
+
226
+ = 2.7.2 =
227
+ * 2013-10-07: Support PHP 5 static function calls, bumping WordPress requirement to 3.2+.
228
+
229
+ = 2.7.1 =
230
+ * 2013-07-05: Bug fix: Role-based login URLs weren't saving correctly.
231
+
232
+ = 2.7.0 =
233
+ * 2013-07-04: Add logout redirect URL control per-user, per-role, and per-level
234
+
235
+ = 2.6.1 =
236
+ * 2012-12-22: Allow editors to manage redirects in WordPress 3.5+ (required capability is now "manage_categories" instead of "manage_links").
237
+
238
+ = 2.6.0 =
239
+ * 2012-09-22: Added support for URL variable "http_referer" (note the single "r") to redirect the user back to the page that hosted the login form, as long as the login page isn't the standard wp-login.php. There are several caveats to this, such as: If you want to redirect only on certain forms and/or specify a redirect on the standard wp-login.php page, you should modify the form itself to use a "redirect_to" form variable instead.
240
+
241
+ = 2.5.3 =
242
+ * 2012-06-15: Bug fix: Fallback redirect rule wouldn't update properly if logout URL was blank on MySQL installs with strict mode enabled (thanks kvandekrol!)
243
+
244
+ = 2.5.2 =
245
+ * 2012-02-06: Bug fix: Fallback redirect rule updates were broken for non-English installs.
246
+
247
+ = 2.5.1 =
248
+ * 2012-01-17: Bug fix: Redirect after registration back-end code was missed in 2.5.0, and thus that feature wasn't actually working.
249
+
250
+ = 2.5.0 =
251
+ * 2012-01-15: Added redirect after registration option. Also made plugin settings editable in the WordPress admin panel.
252
+
253
+ = 2.4.0 =
254
+ * 2012-01-05: Added support for URL variable "postid-23". Also added documentation on how to set up redirect on first login.
255
+
256
+ = 2.3.0 =
257
+ * 2011-11-06: Added support for URL variable "siteurl" and "homeurl". Also added filter to support custom replacement variables in the URL. See Other Notes / How to Extend for documentation.
258
+
259
+ = 2.2.0 =
260
+ * 2011-09-21: Support basic custom logout redirect URL for all users only. Future versions will have the same framework for logout redirects as for login redirects.
261
+
262
+ = 2.1.1 =
263
+ * 2011-08-13: Minor code cleanup. Note: users now need "manage_links" permissions to edit redirect settings by default.
264
+
265
+ = 2.1.0 =
266
+ * 2011-06-06: Added hooks to facilitate adding your own extensions to the plugin. See Other Notes / How to Extend for documentation.
267
+
268
+ = 2.0.0 =
269
+ * 2011-03-03: Added option to allow a redirect_to POST or GET variable to take precedence over this plugin's rules.
270
+
271
+ = 1.9.3 =
272
+ * 2010-12-15: Made plugin translatable. (Thanks Anja!)
273
+
274
+ = 1.9.2 =
275
+ * 2010-08-20: Bug fix in code syntax.
276
+
277
+ = 1.9.1 =
278
+ * 2010-08-03: Bug fix for putting the username in the redirect URL.
279
+
280
+ = 1.9.0 =
281
+ * 2010-08-02: Added support for a separate redirect controller URL for compatibility with Gigya and similar plugins that bypass the regular WordPress login redirect mechanism. See the $rul_use_redirect_controller setting within this plugin.
282
+
283
+ = 1.8.1 =
284
+ * 2010-05-13: Added proper encoding of username in the redirect URL if the username has spaces.
285
+
286
+ = 1.8.0 =
287
+ * 2010-03-18: Added the ability to specify a username in the redirect URL for more dynamic URL generation.
288
+
289
+ = 1.7.3 =
290
+ * 2010-03-04: Minor tweak on settings page for better compatibility with different WordPress URL setups.
291
+
292
+ = 1.7.2 =
293
+ * 2010-01-11: Plugin now removes its database tables when it is uninstalled, instead of when it is deactivated. This prevents the redirect rules from being deleted when upgrading WordPress automatically.
294
+
295
+ = 1.7.1 =
296
+ * 2009-10-07: Minor database compatibility tweak. (Thanks KCP!)
297
+
298
+ = 1.7.0 =
299
+ * 2009-05-31: Added option $rul_local_only (in the plugin file itself) to bypass the WordPress default limitation of only redirecting to local URLs.
300
+
301
+ = 1.6.1 =
302
+ * 2009-02-06: Minor database table tweak for better compatibility with different setups. (Thanks David!)
303
+
304
+ = 1.6.0 =
305
+ * 2008-11-26: Added a function rul_register that acts the same as the wp_register function you see in templates, except that it will return the custom defined admin address
306
+
307
+ = 1.5.1 =
308
  * 2008-09-17: Fixed compatibility for sites with a different table prefix setting in wp-config.php. (Thanks Eric!)
screenshot-1.png CHANGED
Binary file
wplogin_redirect.php CHANGED
@@ -5,14 +5,14 @@ Plugin URI: http://www.theblog.ca/wplogin-redirect
5
  Description: Redirect users to different locations after logging in. Define a set of rules for specific users, user with specific roles, users with specific capabilities, and a blanket rule for all other users. This is all managed in Settings > Login/logout redirects.
6
  Author: Peter Keung
7
  Author URI: http://www.theblog.ca
8
- Version: 2.9.4
9
  Text Domain: peters-login-redirect
10
  Domain Path: /languages/
11
  */
12
 
13
  require_once dirname(__FILE__) . '/mo-admin-notice-featured.php';
14
 
15
- add_action( 'init', 'rul_textdomain' );
16
  function rul_textdomain()
17
  {
18
  load_plugin_textdomain('peters-login-redirect', false, dirname(plugin_basename(__FILE__)) . '/languages');
@@ -23,10 +23,30 @@ global $rul_db_addresses;
23
  global $rul_version;
24
  // Name of the database table that will hold group information and moderator rules
25
  $rul_db_addresses = $wpdb->prefix . 'login_redirects';
26
- $rul_version = '2.9.4';
27
-
28
- // A global variable that we will add to on the fly when $rul_local_only is set to equal 1
29
- $rul_allowed_hosts = array();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
30
 
31
  // Some helper functions, all "public static" in PHP5 land
32
  class rulRedirectFunctionCollection
@@ -36,68 +56,49 @@ class rulRedirectFunctionCollection
36
  Defaults are defined here, but the settings values should be edited in the WordPress admin panel.
37
  If no setting is asked for, then it returns an array of all settings; otherwise it returns a specific setting
38
  */
39
- static function get_settings( $setting=false )
40
  {
41
  $rul_settings = array();
42
 
43
- // Setting this to 1 will make it so that you can redirect (login and logout) to any valid http or https URL, even outside of your current domain
44
- // Setting this to 2 will make it so that you can redirect (login and logout) to any URL you want (include crazy ones like data:), essentially bypassing the WordPress functions wp_sanitize_redirect() and wp_validate_redirect()
45
- // Setting this to 3 will make it so that you can only redirect (login and logout) to a local URL (one on the same domain). If you make use of the siteurl or homeurl custom variables, do not set this to 3
46
- $rul_settings['rul_local_only'] = 1;
47
-
48
  // Allow a POST or GET "redirect_to" variable to take precedence over settings within the plugin
49
  $rul_settings['rul_allow_post_redirect_override'] = false;
50
 
51
  // Allow a POST or GET logout "redirect_to" variable to take precedence over settings within the plugin
52
  $rul_settings['rul_allow_post_redirect_override_logout'] = false;
53
 
54
- // Set this to true if you're using a plugin such as Gigya that bypasses the regular WordPress redirect process (and only allow one fixed redirect URL)
55
- // Then, set that plugin to redirect to http://www.yoursite.com/wp-content/plugins/peters-login-redirect/wplogin_redirect_control.php
56
- // For more troubleshooting with this setting, make sure the paths are set correctly in wplogin_redirect_control.php
57
- $rul_settings['rul_use_redirect_controller'] = false;
58
-
59
- // To edit the redirect settings in the WordPress admin panel, users need this capability
60
- // Typically editors and up have "manage_categories" capabilities
61
- // See http://codex.wordpress.org/Roles_and_Capabilities for more information about out of the box capabilities
62
- $rul_settings['rul_required_capability'] = 'manage_categories';
63
-
64
  $rul_settings_from_options_table = rulRedirectFunctionCollection::get_settings_from_options_table();
65
 
66
  // Merge the default settings with the settings form the database
67
  // Limit the settings in case there are ones from the database that are old
68
- foreach( $rul_settings as $setting_name => $setting_value )
69
- {
70
- if( isset( $rul_settings_from_options_table[$setting_name] ) )
71
- {
72
  $rul_settings[$setting_name] = $rul_settings_from_options_table[$setting_name];
73
  }
74
  }
75
- if( !$setting )
76
- {
77
  return $rul_settings;
78
  }
79
- elseif( $setting && isset( $rul_settings[$setting] ) )
80
- {
81
  return $rul_settings[$setting];
82
  }
83
- else
84
- {
85
- return false;
86
- }
87
  }
 
88
  static function get_settings_from_options_table()
89
  {
90
- return get_option( 'rul_settings', array() );
91
  }
92
- static function set_setting( $setting = false, $value = false )
 
93
  {
94
- if( $setting )
95
- {
96
  $current_settings = rulRedirectFunctionCollection::get_settings();
97
- if( $current_settings )
98
- {
99
  $current_settings[$setting] = $value;
100
- update_option( 'rul_settings', $current_settings );
101
  }
102
  }
103
  }
@@ -110,44 +111,39 @@ class rulRedirectFunctionCollection
110
  {
111
  global $wpdb;
112
 
113
- $roles = get_option($wpdb->prefix . 'user_roles');
114
- $user_roles = $current_user->{$wpdb->prefix . 'capabilities'};
115
- $user_roles = array_keys($user_roles, true);
116
- $role = $user_roles[0];
117
  $capabilities = $roles[$role]['capabilities'];
118
 
119
- if ( in_array( $capability, array_keys( $capabilities, true) ) ) {
120
  // check array keys of capabilities for match against requested capability
121
  return true;
122
  }
 
123
  return false;
124
  }
125
 
126
  /*
127
  A generic function to return the value mapped to a particular variable
128
  */
129
- static function rul_get_variable( $variable, $user )
130
  {
131
- $variable_value = apply_filters( 'rul_replace_variable', false, $variable, $user );
132
- if( !$variable_value )
133
- {
134
  // Return the permalink of the post ID
135
- if( 0 === strpos( $variable, 'postid-' ) )
136
- {
137
- $post_id = str_replace( 'postid-', '', $variable );
138
- $permalink = get_permalink( $post_id );
139
- if( $permalink )
140
- {
141
  $variable_value = $permalink;
142
  }
143
- }
144
- else
145
- {
146
- switch( $variable )
147
- {
148
  // Returns the current user's username (only use this if you know they're logged in)
149
  case 'username':
150
- $variable_value = rawurlencode( $user->user_login );
151
  break;
152
  // Returns the current user's author slug aka nickname as used in URLs
153
  // sanitize_title should not be required here since it was already done on insert
@@ -165,13 +161,10 @@ class rulRedirectFunctionCollection
165
  // Returns the login referrer in order to redirect back to the same page
166
  // Note that this will not work if the referrer is the same as the login processor (otherwise in a standard setup you'd redirect to the login form)
167
  case 'http_referer':
168
- $http_referer_parts = parse_url( $_SERVER['HTTP_REFERER'] );
169
- if( $_SERVER['REQUEST_URI'] != $http_referer_parts['path'] )
170
- {
171
  $variable_value = $_SERVER['HTTP_REFERER'];
172
- }
173
- else
174
- {
175
  $variable_value = '';
176
  }
177
  break;
@@ -181,172 +174,137 @@ class rulRedirectFunctionCollection
181
  }
182
  }
183
  }
 
184
  return $variable_value;
185
  }
186
 
187
  /*
188
  Replaces the syntax [variable]variable_name[/variable] with whatever has been mapped to the variable_name in the rul_get_variable function
189
  */
190
- static function rul_replace_variable( $string, $user )
191
  {
192
- preg_match_all( "/\[variable\](.*?)\[\/variable\]/is", $string, $out );
193
 
194
- foreach( $out[0] as $instance => $full_match )
195
- {
196
- $replaced_variable = rulRedirectFunctionCollection::rul_get_variable( $out[1][ $instance ], $user );
197
- $string = str_replace( $full_match, $replaced_variable, $string );
 
198
  }
199
 
200
  return $string;
201
  }
202
- /*
203
- Allow users to be redirected to external URLs as specified by redirect rules
204
- */
205
- static function rul_trigger_allowed_host( $url )
206
- {
207
- global $rul_allowed_hosts;
208
- $url_parsed = parse_url( $url );
209
- if( isset( $url_parsed[ 'host' ] ) )
210
- {
211
- $rul_allowed_hosts[] = $url_parsed[ 'host' ];
212
- add_filter( 'allowed_redirect_hosts', array( 'rulRedirectFunctionCollection', 'rul_add_allowed_host' ), 10, 1 );
213
- }
214
- }
215
- static function rul_add_allowed_host( $hosts )
216
- {
217
- global $rul_allowed_hosts;
218
- return array_merge( $hosts, $rul_allowed_hosts );
219
- }
220
  }
221
 
222
  // Functions specific to logout redirecting
223
  class rulLogoutFunctionCollection
224
  {
225
- static function logout_redirect()
226
  {
227
- $rul_local_only = rulRedirectFunctionCollection::get_settings( 'rul_local_only' );
228
- $rul_allow_post_redirect_override_logout = rulRedirectFunctionCollection::get_settings( 'rul_allow_post_redirect_override_logout' );
229
-
230
- $requested_redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : false;
231
- if( is_user_logged_in() && ( !$requested_redirect_to || !$rul_allow_post_redirect_override_logout ) )
232
- {
233
- $current_user = wp_get_current_user();
234
- $rul_url = rulLogoutFunctionCollection::get_redirect_url( $current_user, $requested_redirect_to );
235
-
236
- if( $rul_url )
237
- {
238
- if( 1 == $rul_local_only )
239
- {
240
- rulRedirectFunctionCollection::rul_trigger_allowed_host( $rul_url );
241
- wp_safe_redirect( $rul_url );
242
- die();
243
- }
244
- elseif( 2 == $rul_local_only )
245
- {
246
- wp_redirect( $rul_url );
247
- die();
248
- }
249
- else
250
- {
251
- wp_safe_redirect( $rul_url );
252
- die();
253
- }
254
  }
255
  }
256
- return false;
257
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
258
  // Get the logout redirect URL according to defined rules
259
  // Functionality for user-, role-, and capability-specific redirect rules is available
260
  // Note that only the "all other users" redirect URL is currently implemented in the UI
261
- static function get_redirect_url( $user, $requested_redirect_to )
262
  {
263
  global $wpdb, $rul_db_addresses;
264
 
265
  $redirect_to = false;
266
 
267
  // Check for an extended custom redirect rule
268
- $rul_custom_redirect = apply_filters( 'rul_before_user_logout', false, $requested_redirect_to, $user );
269
 
270
- if( $rul_custom_redirect )
271
- {
272
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_custom_redirect, $requested_redirect_to, $user );
273
- return $redirect_to;
274
  }
275
 
276
  // Check for a redirect rule for this user
277
  $rul_user = $wpdb->get_var('SELECT rul_url_logout FROM ' . $rul_db_addresses .
278
- ' WHERE rul_type = \'user\' AND rul_value = \'' . $user->user_login . '\' LIMIT 1');
279
 
280
- if ( $rul_user )
281
- {
282
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_user, $user );
283
- return $redirect_to;
284
  }
285
 
286
  // Check for an extended custom redirect rule
287
- $rul_custom_redirect = apply_filters( 'rul_before_role_logout', false, $requested_redirect_to, $user );
288
- if( $rul_custom_redirect )
289
- {
290
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_custom_redirect, $user );
291
- return $redirect_to;
292
  }
293
 
294
  // Check for a redirect rule that matches this user's role
295
  $rul_roles = $wpdb->get_results('SELECT rul_value, rul_url_logout FROM ' . $rul_db_addresses .
296
- ' WHERE rul_type = \'role\'', OBJECT);
297
-
298
- if( $rul_roles )
299
- {
300
- foreach( $rul_roles as $rul_role )
301
- {
302
- if( '' != $rul_role->rul_url_logout && isset( $user->{$wpdb->prefix . 'capabilities'}[$rul_role->rul_value] ) )
303
- {
304
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_role->rul_url_logout, $user );
305
- return $redirect_to;
306
  }
307
  }
308
  }
309
 
310
  // Check for an extended custom redirect rule
311
- $rul_custom_redirect = apply_filters( 'rul_before_capability_logout', false, $requested_redirect_to, $user );
312
- if( $rul_custom_redirect )
313
- {
314
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_custom_redirect, $user );
315
- return $redirect_to;
316
  }
317
 
318
  // Check for a redirect rule that matches this user's capability
319
- $rul_levels = $wpdb->get_results( 'SELECT rul_value, rul_url_logout FROM ' . $rul_db_addresses .
320
- ' WHERE rul_type = \'level\' ORDER BY rul_order, rul_value', OBJECT );
321
-
322
- if( $rul_levels )
323
- {
324
- foreach( $rul_levels as $rul_level )
325
- {
326
- if( '' != $rul_level->rul_url_logout && rulRedirectFunctionCollection::redirect_current_user_can( $rul_level->rul_value, $user ) )
327
- {
328
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_level->rul_url_logout, $user );
329
- return $redirect_to;
330
  }
331
  }
332
  }
333
 
334
  // Check for an extended custom redirect rule
335
- $rul_custom_redirect = apply_filters( 'rul_before_fallback_logout', false, $requested_redirect_to, $user );
336
- if( $rul_custom_redirect )
337
- {
338
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_custom_redirect, $user );
339
- return $redirect_to;
340
  }
341
 
342
  // If none of the above matched, look for a rule to apply to all users
343
  $rul_all = $wpdb->get_var('SELECT rul_url_logout FROM ' . $rul_db_addresses .
344
- ' WHERE rul_type = \'all\' LIMIT 1');
345
 
346
- if( $rul_all )
347
- {
348
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_all, $user );
349
- return $redirect_to;
350
  }
351
 
352
  // No rules matched or existed, so just send them to the WordPress admin panel as usual
@@ -357,36 +315,35 @@ class rulLogoutFunctionCollection
357
  // Functions for redirecting post-registration
358
  class rulRedirectPostRegistration
359
  {
360
- static function post_registration_wrapper( $requested_redirect_to )
361
  {
362
  /*
363
  Some limitations:
364
  - Not yet implemented but possible: toggle whether to allow a GET or POST override of the redirect_to variable (currently it is "yes")
365
- - Not yet possible: Redirect to a non-local URL, due to the fact that the WordPress hook is implemented pre-registration, not post-registration
366
  - Not yet possible: Username-customized page, since the WordPress hook is implemented pre-registration, not post-registration
367
  */
368
 
369
- $rul_url = rulRedirectPostRegistration::get_redirect_url( $requested_redirect_to );
370
- if( $rul_url )
371
- {
372
  return $rul_url;
373
  }
 
374
  return $requested_redirect_to;
375
  }
376
 
377
  // Looks up the redirect URL, if any
378
- static function get_redirect_url( $requested_redirect_to )
379
  {
380
  global $wpdb, $rul_db_addresses;
381
 
382
  $redirect_to = false;
383
 
384
  $rul_all = $wpdb->get_var('SELECT rul_url FROM ' . $rul_db_addresses .
385
- ' WHERE rul_type = \'register\' LIMIT 1');
 
 
 
386
 
387
- if( $rul_all )
388
- {
389
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_all, false );
390
  return $redirect_to;
391
  }
392
 
@@ -396,128 +353,108 @@ class rulRedirectPostRegistration
396
  }
397
 
398
  // This function wraps around the main redirect function to determine whether or not to bypass the WordPress local URL limitation
399
- function redirect_wrapper( $redirect_to, $requested_redirect_to, $user )
400
  {
401
- $rul_local_only = rulRedirectFunctionCollection::get_settings( 'rul_local_only' );
402
- $rul_allow_post_redirect_override = rulRedirectFunctionCollection::get_settings( 'rul_allow_post_redirect_override' );
403
 
404
  // If they're on the login page, don't do anything
405
- if( !isset( $user->user_login ) )
406
- {
407
  return $redirect_to;
408
  }
409
 
410
- if( ( admin_url() == $redirect_to && $rul_allow_post_redirect_override ) || !$rul_allow_post_redirect_override )
411
- {
412
- $rul_url = redirect_to_front_page( $redirect_to, $requested_redirect_to, $user );
413
- if( $rul_url )
414
- {
415
- if( 1 == $rul_local_only )
416
- {
417
- rulRedirectFunctionCollection::rul_trigger_allowed_host( $rul_url );
418
- return $rul_url;
419
- }
420
- elseif( 2 == $rul_local_only )
421
- {
422
- wp_redirect( $rul_url );
423
- die();
424
- }
425
- else
426
- {
427
- return $rul_url;
428
- }
429
  }
430
  }
 
431
  return $redirect_to;
432
  }
433
 
434
  // This function sets the URL to redirect to
435
 
436
- function redirect_to_front_page( $redirect_to, $requested_redirect_to, $user )
437
  {
438
  global $wpdb, $rul_db_addresses;
439
 
440
  // Check for an extended custom redirect rule
441
- $rul_custom_redirect = apply_filters( 'rul_before_user', false, $redirect_to, $requested_redirect_to, $user );
442
- if( $rul_custom_redirect )
443
- {
444
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_custom_redirect, $user );
445
  return $redirect_to;
446
  }
447
 
448
  // Check for a redirect rule for this user
449
  $rul_user = $wpdb->get_var('SELECT rul_url FROM ' . $rul_db_addresses .
450
- ' WHERE rul_type = \'user\' AND rul_value = \'' . $user->user_login . '\' LIMIT 1');
 
 
 
451
 
452
- if ( $rul_user )
453
- {
454
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_user, $user );
455
  return $redirect_to;
456
  }
457
 
458
  // Check for an extended custom redirect rule
459
- $rul_custom_redirect = apply_filters( 'rul_before_role', false, $redirect_to, $requested_redirect_to, $user );
460
- if( $rul_custom_redirect )
461
- {
462
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_custom_redirect, $user );
463
  return $redirect_to;
464
  }
465
 
466
  // Check for a redirect rule that matches this user's role
467
  $rul_roles = $wpdb->get_results('SELECT rul_value, rul_url FROM ' . $rul_db_addresses .
468
- ' WHERE rul_type = \'role\'', OBJECT);
 
 
 
 
 
469
 
470
- if( $rul_roles )
471
- {
472
- foreach( $rul_roles as $rul_role )
473
- {
474
- if( '' != $rul_role->rul_url && isset( $user->{$wpdb->prefix . 'capabilities'}[$rul_role->rul_value] ) )
475
- {
476
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_role->rul_url, $user );
477
  return $redirect_to;
478
  }
479
  }
480
  }
481
 
482
  // Check for an extended custom redirect rule
483
- $rul_custom_redirect = apply_filters( 'rul_before_capability', false, $redirect_to, $requested_redirect_to, $user );
484
- if( $rul_custom_redirect )
485
- {
486
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_custom_redirect, $user );
487
  return $redirect_to;
488
  }
489
 
490
  // Check for a redirect rule that matches this user's capability
491
  $rul_levels = $wpdb->get_results('SELECT rul_value, rul_url FROM ' . $rul_db_addresses .
492
- ' WHERE rul_type = \'level\' ORDER BY rul_order, rul_value', OBJECT);
 
 
 
 
 
493
 
494
- if( $rul_levels )
495
- {
496
- foreach( $rul_levels as $rul_level )
497
- {
498
- if( '' != $rul_level->rul_url && rulRedirectFunctionCollection::redirect_current_user_can ( $rul_level->rul_value, $user ) )
499
- {
500
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_level->rul_url, $user );
501
  return $redirect_to;
502
  }
503
  }
504
  }
505
 
506
  // Check for an extended custom redirect rule
507
- $rul_custom_redirect = apply_filters( 'rul_before_fallback', false, $redirect_to, $requested_redirect_to, $user );
508
- if( $rul_custom_redirect )
509
- {
510
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_custom_redirect, $user );
511
  return $redirect_to;
512
  }
513
 
514
  // If none of the above matched, look for a rule to apply to all users
515
  $rul_all = $wpdb->get_var('SELECT rul_url FROM ' . $rul_db_addresses .
516
- ' WHERE rul_type = \'all\' LIMIT 1');
 
 
 
517
 
518
- if( $rul_all )
519
- {
520
- $redirect_to = rulRedirectFunctionCollection::rul_replace_variable( $rul_all, $user );
521
  return $redirect_to;
522
  }
523
 
@@ -532,11 +469,12 @@ function redirect_to_front_page( $redirect_to, $requested_redirect_to, $user )
532
  // You can specify tags to go around the returned link (or wrap it with no tags); by default this is a list item
533
  // You can also specify whether to print out the link or just return it
534
 
535
- function rul_register( $before = '<li>', $after = '</li>', $give_echo = true ) {
 
536
  global $current_user;
537
 
538
- if ( ! is_user_logged_in() ) {
539
- if ( get_option('users_can_register') )
540
  $link = $before . '<a href="' . site_url('wp-login.php?action=register', 'login') . '">' . __('Register', 'peters-login-redirect') . '</a>' . $after;
541
  else
542
  $link = '';
@@ -546,23 +484,22 @@ function rul_register( $before = '<li>', $after = '</li>', $give_echo = true ) {
546
 
547
  if ($give_echo) {
548
  echo $link;
549
- }
550
- else {
551
  return $link;
552
  }
553
  }
554
 
555
- if( is_admin() )
556
- {
557
 
558
  // Returns all option HTML for all usernames in the system except for those supplied to it
559
- function rul_returnusernames($exclude) {
 
560
  global $wpdb;
561
 
562
  $rul_returnusernames = '';
563
 
564
  // Build the "not in" part of the MySQL query
565
- $exclude_users = "'" . implode( "','", $exclude ) . "'";
566
 
567
  $rul_userresults = $wpdb->get_results('SELECT user_login FROM ' . $wpdb->users . ' WHERE user_login NOT IN (' . $exclude_users . ') ORDER BY user_login', ARRAY_N);
568
 
@@ -577,7 +514,8 @@ if( is_admin() )
577
  }
578
 
579
  // Returns all roles in the system
580
- function rul_returnrolenames() {
 
581
  global $wp_roles;
582
 
583
  $rul_returnrolenames = array();
@@ -589,7 +527,8 @@ if( is_admin() )
589
  }
590
 
591
  // Returns option HTML for all roles in the system, except for those supplied to it
592
- function rul_returnroleoptions($exclude) {
 
593
 
594
  // Relies on a function that just returns the role names
595
  $rul_rolenames = rul_returnrolenames($exclude);
@@ -599,7 +538,7 @@ if( is_admin() )
599
  // Build the option HTML
600
  if ($rul_rolenames) {
601
  foreach ($rul_rolenames as $rul_rolename) {
602
- if (!isset($exclude[$rul_rolename])) {
603
  $rul_returnroleoptions .= '<option value="' . $rul_rolename . '">' . $rul_rolename . '</option>';
604
  }
605
  }
@@ -610,7 +549,8 @@ if( is_admin() )
610
  }
611
 
612
  // Returns all level names in the system
613
- function rul_returnlevelnames() {
 
614
  global $wp_roles;
615
 
616
  $rul_returnlevelnames = array();
@@ -628,7 +568,8 @@ if( is_admin() )
628
  }
629
 
630
  // Returns option HTML for all levels in the system, except for those supplied to it
631
- function rul_returnleveloptions($exclude) {
 
632
 
633
  // Relies on a function that just returns the level names
634
  $rul_levelnames = rul_returnlevelnames();
@@ -637,7 +578,7 @@ if( is_admin() )
637
 
638
  // Build the option HTML
639
  foreach ($rul_levelnames as $rul_levelname) {
640
- if (!isset($exclude[$rul_levelname])) {
641
  $rul_returnleveloptions .= '<option value="' . $rul_levelname . '">' . $rul_levelname . '</option>';
642
  }
643
  }
@@ -647,246 +588,201 @@ if( is_admin() )
647
  }
648
 
649
  // Wraps the return message in an informational div
650
- function rul_format_return( $innerMessage )
651
  {
652
  return '<div id="message" class="updated fade">' . $innerMessage . '</div>';
653
  }
654
 
655
  // Validates adds and edits to make sure that the user / role / level
656
- function rul_validate_submission( $typeValue, $type )
657
  {
658
- $success = true;
659
  $error_message = '';
660
 
661
- if( $type == 'user' )
662
- {
663
- if( ! username_exists( $typeValue ) )
664
- {
665
- $success = false;
666
- $error_message = '<p><strong>****' .__('ERROR: Non-existent username submitted ','peters-login-redirect') .'****</strong></p>';
667
  }
668
- }
669
- elseif( $type == 'role' )
670
- {
671
  // Get a list of roles in the system so that we can verify that a valid role was submitted
672
  $rul_existing_rolenames = rul_returnrolenames();
673
- if( ! isset($rul_existing_rolenames[$typeValue]) )
674
- {
675
- $success = false;
676
- $error_message = '<p><strong>****' .__('ERROR: Non-existent role submitted ','peters-login-redirect') .'****</strong></p>';
677
  }
678
- }
679
- elseif( $type == 'level' )
680
- {
681
  // Get a list of levels in the system so that we can verify that a valid level was submitted
682
- $rul_existing_levelnames = array_flip( rul_returnlevelnames() );
683
 
684
- if( ! isset( $rul_existing_levelnames[$typeValue] ) )
685
- {
686
- $success = false;
687
- $error_message = '<p><strong>****' .__('ERROR: Non-existent level submitted ','peters-login-redirect') .'****</strong></p>';
688
  }
689
  }
690
 
691
- return array( 'success' => $success, 'error_message' => $error_message );
692
  }
693
 
694
  // Validates deletions by simply making sure that the entry isn't empty
695
  // Additional validation / escaping should be performed if WordPress ever removes its automatic addslashes calls (see http://www.theblog.ca/wordpress-addslashes-magic-quotes); at that point, use https://codex.wordpress.org/Class_Reference/wpdb#DELETE_Rows
696
- function rul_validate_deletion( $typeValue, $type )
697
  {
698
- $success = true;
699
  $error_message = '';
700
 
701
- if( trim( $typeValue ) == '' )
702
- {
703
- $success = false;
704
- $error_message = '<p><strong>****' . sprintf( __('ERROR: Empty %s submitted ','peters-login-redirect' ), $type ) . '****</strong></p>';
705
  }
706
- return array( 'success' => $success, 'error_message' => $error_message );
 
707
  }
708
 
709
  // Processes adding a new redirect rule
710
  // $type can be user, role, or level
711
- function rul_submit_rule( $typeValue, $address, $address_logout, $order = 0, $type )
712
  {
713
  global $wpdb, $rul_db_addresses;
714
 
715
  // Ensure that the request came from the back-end
716
- check_admin_referer( 'rul_' . $type . '_submit' );
717
 
718
  $rul_process_submit = '';
719
 
720
- if( $typeValue && ( $address || $address_logout ) )
721
- {
722
  // Validation depending on the type
723
- $validation = rul_validate_submission( $typeValue, $type );
724
  $rul_submit_success = $validation['success'];
725
  $rul_process_submit = $validation['error_message'];
726
 
727
- if( $rul_submit_success )
728
- {
729
- // Check to see whether it matches the "local URL" test
730
- $address = rul_safe_redirect( $address );
731
- $address_logout = rul_safe_redirect( $address_logout );
732
 
733
- if( !$address && !$address_logout )
734
- {
735
- $rul_submit_success = false;
736
- $rul_process_submit = '<p><strong>****' . sprintf( __( 'ERROR: Non-local or invalid URL submitted for %s %s','peters-login-redirect' ), $type, $typeValue ) . '****</strong></p>';
 
737
  }
738
- else
739
- {
740
- // Insert a new rule
741
-
742
- $order = abs( intval( $order ) );
743
- if( $order > 99 )
744
- {
745
- $order = 0;
746
- }
747
-
748
- $rul_update_rule = $wpdb->insert( $rul_db_addresses,
749
- array(
750
- 'rul_url' => $address
751
- ,'rul_url_logout' => $address_logout
752
- ,'rul_type' => $type
753
- ,'rul_value' => $typeValue
754
- ,'rul_order' => $order
755
- )
756
- ,array( '%s', '%s', '%s', '%s', '%d' )
757
- );
758
-
759
- if( !$rul_update_rule )
760
- {
761
- $rul_submit_success = false;
762
- $rul_process_submit = '<p><strong>****' . sprintf( __('ERROR: Unknown error adding %s-specific redirect for %s %s','peters-login-redirect' ), $type, $type, $typeValue ) . '****</strong></p>';
763
- }
764
  }
765
  }
766
 
767
- if( $rul_submit_success )
768
- {
769
- $rul_process_submit = '<p>' . sprintf( __( 'Successfully added %s-specific redirect rule for %s', 'peters-login-redirect' ), $type, $typeValue ) . '</p>';
770
  }
771
  }
772
 
773
- return rul_format_return( $rul_process_submit );
774
  }
775
 
776
  // Edits a redirect rule
777
  // $type can be user, role, or level
778
- function rul_edit_rule( $typeValue, $address, $address_logout, $order = 0, $type )
779
  {
780
  global $wpdb, $rul_db_addresses;
781
 
782
  // Ensure that the request came from the back-end
783
- check_admin_referer( 'rul_' . $type . '_edit' );
784
 
785
- if( $typeValue && ( $address || $address_logout ) )
786
- {
787
  // Validation depending on the type
788
- $validation = rul_validate_submission( $typeValue, $type );
789
  $rul_submit_success = $validation['success'];
790
  $rul_process_submit = $validation['error_message'];
791
 
792
- if( $rul_submit_success )
793
- {
794
- // Check to see whether it matches the "local URL" test
795
- $address = rul_safe_redirect( $address );
796
- $address_logout = rul_safe_redirect( $address_logout );
797
 
798
- if( !$address && !$address_logout )
799
- {
800
- $rul_submit_success = false;
801
- $rul_process_submit = '<p><strong>****' . sprintf( __( 'ERROR: Non-local or invalid URL submitted for %s %s','peters-login-redirect' ), $type, $typeValue ) . '****</strong></p>';
802
  }
803
- else
804
- {
805
- // Edit the rule
806
-
807
- $order = abs( intval( $order ) );
808
- if( $order > 99 )
809
- {
810
- $order = 0;
811
- }
812
-
813
- $rul_update_rule = $wpdb->update( $rul_db_addresses,
814
- array(
815
- 'rul_url' => $address
816
- ,'rul_url_logout' => $address_logout
817
- ,'rul_order' => $order
818
- )
819
- ,array(
820
- 'rul_value' => $typeValue
821
- ,'rul_type' => $type
822
- )
823
- ,array( '%s', '%s', '%d' )
824
- ,array( '%s', '%s' )
825
- );
826
-
827
- if( !$rul_update_rule )
828
- {
829
- $rul_submit_success = false;
830
- $rul_process_submit = '<p><strong>****' . sprintf( __('ERROR: Unknown error editing %s-specific redirect for %s %s','peters-login-redirect' ), $type, $type, $typeValue ) . '****</strong></p>';
831
- }
832
  }
833
  }
834
 
835
- if( $rul_submit_success )
836
- {
837
- $rul_process_submit = '<p>' . sprintf( __( 'Successfully edited %s-specific redirect rule for %s', 'peters-login-redirect' ), $type, $typeValue ) . '</p>';
838
  }
839
  }
840
 
841
- return rul_format_return( $rul_process_submit );
842
  }
843
 
844
  // Deletes a redirect rule
845
  // $type can be user, role, or level
846
- function rul_delete_rule( $typeValue, $type )
847
  {
848
  global $wpdb, $rul_db_addresses;
849
 
850
  // Ensure that the request came from the back-end
851
- check_admin_referer( 'rul_' . $type . '_edit' );
852
 
853
- if( $typeValue )
854
- {
855
  // Validation depending on the type
856
- $validation = rul_validate_deletion( $typeValue, $type );
857
  $rul_submit_success = $validation['success'];
858
  $rul_process_submit = $validation['error_message'];
859
 
860
- if( $rul_submit_success )
861
- {
862
  // Delete the rule
863
- $rul_update_rule = $wpdb->query( "DELETE FROM `$rul_db_addresses` WHERE `rul_value` = '$typeValue' AND `rul_type` = '$type' LIMIT 1" );
864
 
865
- if( !$rul_update_rule )
866
- {
867
  $rul_submit_success = false;
868
- $rul_process_submit = '<p><strong>****' . sprintf( __('ERROR: Unknown error deleting %s-specific redirect for %s %s','peters-login-redirect' ), $type, $type, $typeValue ) . '****</strong></p>';
869
  }
870
  }
871
 
872
- if( $rul_submit_success )
873
- {
874
- $rul_process_submit = '<p>' . sprintf( __( 'Successfully deleted %s-specific redirect rule for %s', 'peters-login-redirect' ), $type, $typeValue ) . '</p>';
875
  }
876
  }
877
 
878
- return rul_format_return( $rul_process_submit );
879
  }
880
 
881
- function rul_submit_all( $update_or_delete, $address, $address_logout )
882
  {
883
  global $wpdb, $rul_db_addresses;
884
 
885
  // Ensure that the request came from the back-end
886
- check_admin_referer( 'rul_allupdatesubmit' );
887
 
888
- $address = trim( $address );
889
- $address_logout = trim( $address_logout );
890
 
891
  // Open the informational div
892
  $rul_process_submit = '<div id="message" class="updated fade">';
@@ -899,50 +795,29 @@ if( is_admin() )
899
  // ----------------------------------
900
 
901
  // Since we never actually, remove the "all" entry, here we just make its value empty
902
- if( $update_or_delete == 'delete' )
903
- {
904
- $update = $wpdb->update (
905
  $rul_db_addresses,
906
- array( 'rul_url' => '', 'rul_url_logout' => '' ),
907
- array( 'rul_type' => 'all' )
908
  );
909
 
910
- if( $update === false )
911
- {
912
- $rul_process_submit .= '<p><strong>****' .__('ERROR: Unknown database problem removing URL for &#34;all other users&#34; ','peters-login-redirect') .'****</strong></p>';
913
- }
914
- else
915
- {
916
- $rul_process_submit .= '<p>'.__('Successfully removed URL for &#34;all other users&#34; ','peters-login-redirect') .'</p>';
917
  }
918
- }
919
-
920
- elseif( $update_or_delete == 'update' )
921
- {
922
- $address_safe = rul_safe_redirect( $address );
923
- $address_safe_logout = rul_safe_redirect( $address_logout );
924
-
925
- if( ( '' != $address && !$address_safe ) || ( '' != $address_logout && !$address_safe_logout ) )
926
- {
927
- $rul_process_submit .= '<p><strong>****' .__('ERROR: Non-local or invalid URL submitted ','peters-login-redirect') .'****</strong></p>';
928
- }
929
-
930
- else
931
- {
932
- $update = $wpdb->update(
933
- $rul_db_addresses,
934
- array( 'rul_url' => $address_safe, 'rul_url_logout' => $address_safe_logout ),
935
- array( 'rul_type' => 'all' )
936
- );
937
 
938
- if( $update === false )
939
- {
940
- $rul_process_submit .= '<p><strong>****' .__('ERROR: Unknown database problem updating URL for &#34;all other users&#34; ','peters-login-redirect') .'****</strong></p>';
941
- }
942
- else
943
- {
944
- $rul_process_submit .= '<p>'.__('Successfully updated URL for &#34;all other users&#34;','peters-login-redirect') .'</p>';
945
- }
946
  }
947
  }
948
 
@@ -953,14 +828,14 @@ if( is_admin() )
953
  return $rul_process_submit;
954
  }
955
 
956
- function rul_submit_register( $update_or_delete, $address )
957
  {
958
  global $wpdb, $rul_db_addresses;
959
 
960
  // Ensure that the request came from the back-end
961
- check_admin_referer( 'rul_registerupdatesubmit' );
962
 
963
- $address = trim( $address );
964
 
965
  // Open the informational div
966
  $rul_process_submit = '<div id="message" class="updated fade">';
@@ -973,48 +848,29 @@ if( is_admin() )
973
  // ----------------------------------
974
 
975
  // Since we never actually remove the "register" entry, here we just make its value empty
976
- if( $update_or_delete == 'delete' )
977
- {
978
- $update = $wpdb->update (
979
  $rul_db_addresses,
980
- array( 'rul_url' => '' ),
981
- array( 'rul_type' => 'register' )
982
  );
983
 
984
- if ( $update === false )
985
- {
986
- $rul_process_submit .= '<p><strong>****' . __( 'ERROR: Unknown database problem removing URL for &#34;post-registration&#34; ','peters-login-redirect') .'****</strong></p>';
987
- }
988
- else {
989
- $rul_process_submit .= '<p>' . __( 'Successfully removed URL for &#34;post-registration&#34; ', 'peters-login-redirect' ) .'</p>';
990
- }
991
- }
992
-
993
- elseif( $update_or_delete == 'update' )
994
- {
995
- $address_safe = rul_safe_redirect( $address );
996
-
997
- if( ( '' != $address && !$address_safe ) )
998
- {
999
- $rul_process_submit .= '<p><strong>****' . __( 'ERROR: Non-local or invalid URL submitted ', 'peters-login-redirect' ) . '****</strong></p>';
1000
  }
 
 
 
 
 
 
1001
 
1002
- else
1003
- {
1004
- $update = $wpdb->update(
1005
- $rul_db_addresses,
1006
- array( 'rul_url' => $address_safe ),
1007
- array( 'rul_type' => 'register' )
1008
- );
1009
-
1010
- if( $update === false )
1011
- {
1012
- $rul_process_submit .= '<p><strong>****' .__('ERROR: Unknown database problem updating URL for &#34;post-registration&#34; ','peters-login-redirect') .'****</strong></p>';
1013
- }
1014
- else
1015
- {
1016
- $rul_process_submit .= '<p>'.__('Successfully updated URL for &#34;post-registration&#34;','peters-login-redirect') .'</p>';
1017
- }
1018
  }
1019
  }
1020
 
@@ -1030,61 +886,20 @@ if( is_admin() )
1030
  function rul_submit_settings()
1031
  {
1032
  // Ensure that the request came from the back-end
1033
- check_admin_referer( 'settings' );
1034
 
1035
  $rul_settings = rulRedirectFunctionCollection::get_settings();
1036
- foreach( $rul_settings as $setting_name => $setting_value )
1037
- {
1038
- if( isset( $_POST[$setting_name] ) )
1039
- {
1040
  $rul_settings[$setting_name] = $_POST[$setting_name];
1041
  }
1042
  }
1043
- update_option( 'rul_settings', $rul_settings );
1044
  $rul_process_submit = '<div id="message" class="updated fade">';
1045
- $rul_process_submit .= '<p>' . __( 'Successfully updated plugin settings', 'peters-login-redirect' ) . '</p>';
1046
  $rul_process_submit .= '</div>';
1047
- return $rul_process_submit;
1048
- }
1049
-
1050
- /*
1051
- Stolen from wp_safe_redirect, which validates the URL
1052
- */
1053
-
1054
- function rul_safe_redirect( $location )
1055
- {
1056
- $rul_local_only = rulRedirectFunctionCollection::get_settings( 'rul_local_only' );
1057
-
1058
- if( 2 == $rul_local_only || 1 == $rul_local_only )
1059
- {
1060
- return $location;
1061
- }
1062
-
1063
- // Need to look at the URL the way it will end up in wp_redirect()
1064
- $location = wp_sanitize_redirect( $location );
1065
-
1066
- // browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//'
1067
- if( substr( $location, 0, 2 ) == '//' )
1068
- {
1069
- $location = 'http:' . $location;
1070
- }
1071
-
1072
- // In php 5 parse_url may fail if the URL query part contains http://, bug #38143
1073
- $test = ( $cut = strpos($location, '?') ) ? substr( $location, 0, $cut ) : $location;
1074
 
1075
- $lp = parse_url( $test );
1076
- $wpp = parse_url( get_option( 'home' ) );
1077
-
1078
- $allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host']), isset($lp['host']) ? $lp['host'] : '');
1079
-
1080
- if ( isset( $lp['host'] ) && ( !in_array( $lp['host'], $allowed_hosts ) && $lp['host'] != strtolower( $wpp['host'] ) ) )
1081
- {
1082
- return false;
1083
- }
1084
- else
1085
- {
1086
- return $location;
1087
- }
1088
  }
1089
 
1090
  // This is the Settings > Login/logout redirects menu
@@ -1098,60 +913,33 @@ if( is_admin() )
1098
  $rul_process_submit = '';
1099
 
1100
  // Process submitted information to update redirect rules
1101
- if( isset( $_POST['rul_username_submit'] ) )
1102
- {
1103
- $rul_process_submit = rul_submit_rule( $_POST['rul_username'], $_POST['rul_username_address'], $_POST['rul_username_logout'], 0, 'user' );
1104
- }
1105
- elseif( isset( $_POST['rul_username_edit'] ) )
1106
- {
1107
- $rul_process_submit = rul_edit_rule( $_POST['rul_username'], $_POST['rul_username_address'], $_POST['rul_username_logout'], 0, 'user' );
1108
- }
1109
- elseif( isset( $_POST['rul_username_delete'] ) )
1110
- {
1111
- $rul_process_submit = rul_delete_rule( $_POST['rul_username'], 'user' );
1112
- }
1113
- elseif( isset( $_POST['rul_role_submit'] ) )
1114
- {
1115
- $rul_process_submit = rul_submit_rule( $_POST['rul_role'], $_POST['rul_role_address'], $_POST['rul_role_logout'], 0, 'role' );
1116
- }
1117
- elseif( isset( $_POST['rul_role_edit'] ) )
1118
- {
1119
- $rul_process_submit = rul_edit_rule( $_POST['rul_role'], $_POST['rul_role_address'], $_POST['rul_role_logout'], 0, 'role' );
1120
- }
1121
- elseif( isset( $_POST['rul_role_delete'] ) )
1122
- {
1123
- $rul_process_submit = rul_delete_rule( $_POST['rul_role'], 'role' );
1124
- }
1125
- elseif( isset( $_POST['rul_level_submit'] ) )
1126
- {
1127
- $rul_process_submit = rul_submit_rule( $_POST['rul_level'], $_POST['rul_level_address'], $_POST['rul_level_logout'], $_POST['rul_level_order'], 'level' );
1128
- }
1129
- elseif( isset( $_POST['rul_level_edit'] ) )
1130
- {
1131
- $rul_process_submit = rul_edit_rule( $_POST['rul_level'], $_POST['rul_level_address'], $_POST['rul_level_logout'], $_POST['rul_level_order'], 'level' );
1132
- }
1133
- elseif( isset( $_POST['rul_level_delete'] ) )
1134
- {
1135
- $rul_process_submit = rul_delete_rule( $_POST['rul_level'], 'level' );
1136
- }
1137
- elseif( isset( $_POST['rul_allupdatesubmit'] ) )
1138
- {
1139
- $rul_process_submit = rul_submit_all( 'update', $_POST['rul_all'], $_POST['rul_all_logout'] );
1140
- }
1141
- elseif( isset( $_POST['rul_alldeletesubmit'] ) )
1142
- {
1143
- $rul_process_submit = rul_submit_all( 'delete', $_POST['rul_all'], $_POST['rul_all_logout'] );
1144
- }
1145
- elseif( isset( $_POST['rul_registerupdatesubmit'] ) )
1146
- {
1147
- $rul_process_submit = rul_submit_register( 'update', $_POST['rul_register'] );
1148
- }
1149
- elseif( isset( $_POST['rul_registerdeletesubmit'] ) )
1150
- {
1151
- $rul_process_submit = rul_submit_register( 'delete', $_POST['rul_register'] );
1152
- }
1153
- elseif( isset( $_POST['rul_settingssubmit'] ) )
1154
- {
1155
  $rul_process_submit = rul_submit_settings();
1156
  }
1157
 
@@ -1164,39 +952,36 @@ if( is_admin() )
1164
 
1165
  $rul_rules = $wpdb->get_results('SELECT rul_type, rul_value, rul_url, rul_url_logout, rul_order FROM ' . $rul_db_addresses . ' ORDER BY rul_type, rul_order, rul_value', ARRAY_N);
1166
 
1167
- $rul_usernamevalues = '';
1168
- $rul_rolevalues = '';
1169
- $rul_levelvalues = '';
1170
  $rul_usernames_existing = array();
1171
- $rul_roles_existing = array();
1172
- $rul_levels_existing = array();
1173
 
1174
- if( $rul_rules )
1175
- {
1176
 
1177
- $i = 0;
1178
- $i_user = 0;
1179
- $i_role = 0;
1180
  $i_level = 0;
1181
 
1182
- while( $i < count( $rul_rules ) )
1183
- {
1184
 
1185
- list( $rul_type, $rul_value, $rul_url, $rul_url_logout, $rul_order ) = $rul_rules[$i];
1186
 
1187
  // Specific users
1188
- if( $rul_type == 'user' )
1189
- {
1190
  $rul_usernamevalues .= '<form name="rul_username_edit_form[' . $i_user . ']" action="?page=' . basename(__FILE__) . '" method="post">';
1191
  $rul_usernamevalues .= '<tr>';
1192
- $rul_usernamevalues .= '<td><p><input type="hidden" name="rul_username" value="' . htmlspecialchars( $rul_value ) . '" /> ' . $rul_value . '</p></td>';
1193
  $rul_usernamevalues .= '<td>';
1194
- $rul_usernamevalues .= '<p>' . __('Login URL', 'peters-login-redirect' ) . '<br /><input type="text" size="90" maxlength="500" name="rul_username_address" value="' . htmlspecialchars( $rul_url ) . '" /></p>';
1195
- $rul_usernamevalues .= '<p>' . __('Logout URL', 'peters-login-redirect' ) . '<br /><input type="text" size="60" maxlength="500" name="rul_username_logout" value="' . htmlspecialchars( $rul_url_logout ) . '" /></p>';
1196
  $rul_usernamevalues .= '</td>';
1197
  $rul_usernamevalues .= '<td><p>';
1198
- $rul_usernamevalues .= '<input name="rul_username_edit" type="submit" value="' . __( 'Edit', 'peters-login-redirect' ) . '" /> <input type="submit" name="rul_username_delete" value="' . __( 'Delete', 'peters-login-redirect' ) . '" />';
1199
- $rul_usernamevalues .= wp_nonce_field( 'rul_user_edit', '_wpnonce', true, false );
1200
  $rul_usernamevalues .= '</p></td>';
1201
  $rul_usernamevalues .= '</tr>';
1202
  $rul_usernamevalues .= '</form>';
@@ -1204,20 +989,17 @@ if( is_admin() )
1204
  $rul_usernames_existing[] = $rul_value;
1205
 
1206
  ++$i_user;
1207
- }
1208
-
1209
- elseif( $rul_type == 'role' )
1210
- {
1211
  $rul_rolevalues .= '<form name="rul_role_edit_form[' . $i_role . ']" action="?page=' . basename(__FILE__) . '" method="post">';
1212
  $rul_rolevalues .= '<tr>';
1213
- $rul_rolevalues .= '<td><p><input type="hidden" name="rul_role" value="' . htmlspecialchars( $rul_value ) . '" /> ' . $rul_value . '</p></td>';
1214
  $rul_rolevalues .= '<td>';
1215
- $rul_rolevalues .= '<p>' . __('Login URL', 'peters-login-redirect' ) . '<br /><input type="text" size="90" maxlength="500" name="rul_role_address" value="' . htmlspecialchars( $rul_url ) . '" /></p>';
1216
- $rul_rolevalues .= '<p>' . __('Logout URL', 'peters-login-redirect' ) . '<br /><input type="text" size="60" maxlength="500" name="rul_role_logout" value="' . htmlspecialchars( $rul_url_logout ) . '" /></p>';
1217
  $rul_rolevalues .= '</td>';
1218
  $rul_rolevalues .= '<td><p>';
1219
- $rul_rolevalues .= '<input name="rul_role_edit" type="submit" value="' . __( 'Edit', 'peters-login-redirect' ) . '" /> <input type="submit" name="rul_role_delete" value="' . __( 'Delete', 'peters-login-redirect' ) . '" />';
1220
- $rul_rolevalues .= wp_nonce_field( 'rul_role_edit', '_wpnonce', true, false );
1221
  $rul_rolevalues .= '</p></td>';
1222
  $rul_rolevalues .= '</tr>';
1223
  $rul_rolevalues .= '</form>';
@@ -1225,20 +1007,18 @@ if( is_admin() )
1225
  $rul_roles_existing[$rul_value] = '';
1226
 
1227
  ++$i_role;
1228
- }
1229
- elseif( $rul_type == 'level' )
1230
- {
1231
  $rul_levelvalues .= '<form name="rul_level_edit_form[' . $i_level . ']" action="?page=' . basename(__FILE__) . '" method="post">';
1232
  $rul_levelvalues .= '<tr>';
1233
- $rul_levelvalues .= '<td><p><input type="hidden" name="rul_level" value="' . htmlspecialchars( $rul_value ) . '" /> ' . $rul_value . '</p></td>';
1234
  $rul_levelvalues .= '<td>';
1235
- $rul_levelvalues .= '<p>' . __('Login URL', 'peters-login-redirect' ) . '<br /><input type="text" size="90" maxlength="500" name="rul_level_address" value="' . htmlspecialchars( $rul_url ) . '" /></p>';
1236
- $rul_levelvalues .= '<p>' . __('Logout URL', 'peters-login-redirect' ) . '<br /><input type="text" size="60" maxlength="500" name="rul_level_logout" value="' . htmlspecialchars( $rul_url_logout ) . '" /></p>';
1237
  $rul_levelvalues .= '</td>';
1238
  $rul_levelvalues .= '<td><p><input name="rul_level_order" type="text" size="2" maxlength="2" value="' . $rul_order . '" /></td>';
1239
  $rul_levelvalues .= '<td><p>';
1240
- $rul_levelvalues .= '<input name="rul_level_edit" type="submit" value="' . __( 'Edit', 'peters-login-redirect' ) . '" /> <input type="submit" name="rul_level_delete" value="' . __( 'Delete', 'peters-login-redirect' ) . '" />';
1241
- $rul_levelvalues .= wp_nonce_field( 'rul_level_edit', '_wpnonce', true, false );
1242
  $rul_levelvalues .= '</p></td>';
1243
  $rul_levelvalues .= '</tr>';
1244
  $rul_levelvalues .= '</form>';
@@ -1246,214 +1026,180 @@ if( is_admin() )
1246
  $rul_levels_existing[$rul_value] = '';
1247
 
1248
  ++$i_level;
1249
- }
1250
- elseif( $rul_type == 'all' )
1251
- {
1252
- $rul_allvalue = $rul_url;
1253
  $rul_allvalue_logout = $rul_url_logout;
1254
- }
1255
- elseif( $rul_type == 'register' )
1256
- {
1257
  $rul_registervalue = $rul_url;
1258
  }
1259
  ++$i;
1260
  }
1261
 
1262
  }
1263
- ?>
1264
- <div class="wrap">
1265
- <h2><?php _e('Manage redirect rules', 'peters-login-redirect' ); ?></h2>
1266
- <?php print $rul_process_submit; ?>
1267
- <p><?php _e('Define custom URLs to which different users, users with specific roles, users with specific levels, and all other users will be redirected upon login.', 'peters-login-redirect' ); ?></p>
1268
- <p><?php _e('Define a custom URL to which all users will be redirected upon logout', 'peters-login-redirect' ); ?></p>
1269
- <p><?php _e('Note that you can use the syntax <strong>[variable]username[/variable]</strong> in your URLs so that the system will build a dynamic URL upon each login, replacing that text with the users username.', 'peters-login-redirect' ); ?></p>
1270
-
1271
- <h3><?php _e('Specific users', 'peters-login-redirect' ); ?></h3>
1272
- <?php
1273
- if( $rul_usernamevalues )
1274
- {
1275
  print '<table class="widefat">';
1276
  print $rul_usernamevalues;
1277
  print '</table>';
1278
  }
1279
- ?>
1280
-
1281
- <form name="rul_username_add_form" action="<?php print '?page=' . basename(__FILE__); ?>" method="post">
1282
- <p><?php _e('Add:', 'peters-login-redirect' ); ?>
1283
- <select name="rul_username" >
1284
- <option value="-1"><?php _e('Select a username', 'peters-login-redirect' ); ?></option>
1285
- <?php print rul_returnusernames($rul_usernames_existing); ?>
1286
- </select>
1287
- <br /><?php _e('URL:', 'peters-login-redirect' ); ?> <input type="text" size="90" maxlength="500" name="rul_username_address" />
1288
- <br /><?php _e('Logout URL:', 'peters-login-redirect' ); ?> <input type="text" size="90" maxlength="500" name="rul_username_logout" />
1289
- </p>
1290
- <p class="submit">
1291
- <input type="submit" name="rul_username_submit" value="<?php _e('Add username rule', 'peters-login-redirect' ); ?>" />
1292
- <?php wp_nonce_field( 'rul_user_submit' ); ?>
1293
- </p>
1294
- </form>
1295
-
1296
- <h3><?php _e('Specific roles', 'peters-login-redirect' ); ?></h3>
1297
- <?php
1298
- if( $rul_rolevalues )
1299
- {
 
1300
  print '<table class="widefat">';
1301
  print $rul_rolevalues;
1302
  print '</table>';
1303
  }
1304
- ?>
1305
-
1306
- <form name="rul_role_add_form" action="<?php print '?page=' . basename(__FILE__); ?>" method="post">
1307
- <p><?php _e('Add:', 'peters-login-redirect' ); ?>
1308
- <select name="rul_role" >
1309
- <option value="-1"><?php _e('Select a role', 'peters-login-redirect' ); ?></option>
1310
- <?php print rul_returnroleoptions($rul_roles_existing); ?>
1311
- </select>
1312
- <br /><?php _e('URL:', 'peters-login-redirect' ); ?> <input type="text" size="90" maxlength="500" name="rul_role_address" />
1313
- <br /><?php _e('Logout URL:', 'peters-login-redirect' ); ?> <input type="text" size="90" maxlength="500" name="rul_role_logout" />
1314
- </p>
1315
- <p class="submit">
1316
- <input type="submit" name="rul_role_submit" value="<?php _e( 'Add role rule', 'peters-login-redirect' ); ?>" />
1317
- <?php wp_nonce_field( 'rul_role_submit' ); ?>
1318
- </p>
1319
- </form>
1320
-
1321
- <h3><?php _e('Specific levels', 'peters-login-redirect' ); ?></h3>
1322
- <?php
1323
- if( $rul_levelvalues )
1324
- {
 
1325
  print '<table class="widefat">';
1326
- ?>
1327
  <tr>
1328
  <th></th>
1329
  <th></th>
1330
- <th><?php _e('Order', 'peters-login-redirect' ); ?></th>
1331
  <th></th>
1332
  </tr>
1333
- <?php
1334
  print $rul_levelvalues;
1335
  print '</table>';
1336
  }
1337
- ?>
1338
-
1339
- <form name="rul_level_add_form" action="<?php print '?page=' . basename(__FILE__); ?>" method="post">
1340
- <p><?php _e('Add:', 'peters-login-redirect' ); ?>
1341
- <select name="rul_level" >
1342
- <option value="-1"><?php _e('Select a level', 'peters-login-redirect' ); ?></option>
1343
- <?php print rul_returnleveloptions($rul_levels_existing); ?>
1344
- </select>
1345
- <br /><?php _e('Order:', 'peters-login-redirect' ); ?> <input type="text" size="2" maxlength="2" name="rul_level_order" />
1346
- <br /><?php _e('URL:', 'peters-login-redirect' ); ?> <input type="text" size="90" maxlength="500" name="rul_level_address" />
1347
- <br /><?php _e('Logout URL:', 'peters-login-redirect' ); ?> <input type="text" size="90" maxlength="500" name="rul_level_logout" />
1348
- </p>
1349
- <p class="submit">
1350
- <input type="submit" name="rul_level_submit" value="<?php _e('Add level rule', 'peters-login-redirect' ); ?>" />
1351
- <?php wp_nonce_field( 'rul_level_submit' ); ?>
1352
- </p>
1353
- </form>
1354
-
1355
- <h3><?php _e( 'All other users', 'peters-login-redirect' ); ?></h3>
1356
- <form name="rul_allform" action="<?php '?page=' . basename(__FILE__); ?>" method="post">
1357
- <p><?php _e('URL:', 'peters-login-redirect' ) ?> <input type="text" size="90" maxlength="500" name="rul_all" value="<?php print htmlspecialchars( $rul_allvalue ); ?>" /></p>
1358
- <p><?php _e('Logout URL:', 'peters-login-redirect' ) ?> <input type="text" size="90" maxlength="500" name="rul_all_logout" value="<?php print htmlspecialchars( $rul_allvalue_logout ); ?>" /></p>
1359
- <p class="submit">
1360
- <input type="submit" name="rul_allupdatesubmit" value="<?php _e('Update', 'peters-login-redirect' ); ?>" /> <input type="submit" name="rul_alldeletesubmit" value="<?php _e('Delete', 'peters-login-redirect' ); ?>" />
1361
- <?php wp_nonce_field( 'rul_allupdatesubmit' ); ?>
1362
- </p>
1363
- </form>
1364
-
1365
- <hr />
1366
-
1367
- <h3><?php _e( 'Post-registration', 'peters-login-redirect' ); ?></h3>
1368
- <form name="rul_registerform" action="<?php '?page=' . basename(__FILE__); ?>" method="post">
1369
- <p><?php _e( 'URL:', 'peters-login-redirect' ) ?> <input type="text" size="90" maxlength="500" name="rul_register" value="<?php print htmlspecialchars( $rul_registervalue ); ?>" /></p>
1370
- <p class="submit">
1371
- <input type="submit" name="rul_registerupdatesubmit" value="<?php _e( 'Update', 'peters-login-redirect' ); ?>" /> <input type="submit" name="rul_registerdeletesubmit" value="<?php _e( 'Delete', 'peters-login-redirect' ); ?>" />
1372
- <?php wp_nonce_field( 'rul_registerupdatesubmit' ); ?>
1373
- </p>
1374
- </form>
1375
-
1376
- <hr />
1377
-
1378
- <h3><?php _e( 'Customize plugin settings', 'peters-login-redirect' ); ?></h3>
1379
- <form name="rul_settingsform" action="<?php print '?page=' . basename(__FILE__); ?>" method="post">
1380
- <table class="widefat">
1381
- <tr>
1382
- <td>
1383
- <p><strong><?php _e( 'Redirect restrictions', 'peters-login-redirect' ); ?></strong></p>
1384
- </td>
1385
- <td>
1386
- <select name="rul_local_only">
1387
- <option value="1"<?php if( 1 == $rul_settings['rul_local_only'] ) print ' selected="selected"'; ?>><?php _e( 'Any http or https URL', 'peters-login-redirect' ); ?></option>
1388
- <option value="2"<?php if( 2 == $rul_settings['rul_local_only'] ) print ' selected="selected"'; ?>><?php _e( 'Any URL', 'peters-login-redirect' ); ?></option>
1389
- <option value="3"<?php if( 3 == $rul_settings['rul_local_only'] ) print ' selected="selected"'; ?>><?php _e( 'Any URL on the same domain', 'peters-login-redirect' ); ?></option>
1390
- </select>
1391
- </td>
1392
- </tr>
1393
- <tr>
1394
- <td>
1395
- <p><strong><?php _e( 'Allow a POST or GET &#34;redirect_to&#34; variable to take redirect precedence', 'peters-login-redirect' ); ?></strong></p>
1396
- </td>
1397
- <td>
1398
- <select name="rul_allow_post_redirect_override">
1399
- <option value="1"<?php if( $rul_settings['rul_allow_post_redirect_override'] ) print ' selected="selected"'; ?>><?php _e( 'Yes', 'peters-login-redirect' ); ?></option>
1400
- <option value="0"<?php if( !$rul_settings['rul_allow_post_redirect_override'] ) print ' selected="selected"'; ?>><?php _e( 'No', 'peters-login-redirect' ); ?></option>
1401
- </select>
1402
- </td>
1403
- </tr>
1404
- <tr>
1405
- <td>
1406
- <p><strong><?php _e( 'Allow a POST or GET &#34;redirect_to&#34; logout variable to take redirect precedence', 'peters-login-redirect' ); ?></strong></p>
1407
- </td>
1408
- <td>
1409
- <select name="rul_allow_post_redirect_override_logout">
1410
- <option value="1"<?php if( $rul_settings['rul_allow_post_redirect_override_logout'] ) print ' selected="selected"'; ?>><?php _e( 'Yes', 'peters-login-redirect' ); ?></option>
1411
- <option value="0"<?php if( !$rul_settings['rul_allow_post_redirect_override_logout'] ) print ' selected="selected"'; ?>><?php _e( 'No', 'peters-login-redirect' ); ?></option>
1412
- </select>
1413
- </td>
1414
- </tr>
1415
-
1416
- <tr>
1417
- <td>
1418
- <p><strong><?php print sprintf( __( 'Use external redirect file. Set this to &#34;Yes&#34; if you are using a plugin such as Gigya that bypasses the regular WordPress redirect process (and allows only one fixed redirect URL). Then, set the redirect URL in the other plugin to %s', 'peters-login-redirect' ), '<br />http://www.yoursite.com/wp-content/plugins/peters-login-redirect/wplogin_redirect_control.php' ); ?></strong></p>
1419
- </td>
1420
- <td>
1421
- <select name="rul_use_redirect_controller">
1422
- <option value="1"<?php if( $rul_settings['rul_use_redirect_controller'] ) print ' selected="selected"'; ?>><?php _e( 'Yes', 'peters-login-redirect' ); ?></option>
1423
- <option value="0"<?php if( !$rul_settings['rul_use_redirect_controller'] ) print ' selected="selected"'; ?>><?php _e( 'No', 'peters-login-redirect' ); ?></option>
1424
- </select>
1425
- </td>
1426
- </tr>
1427
- <tr>
1428
- <td>
1429
- <p><strong><?php _e( 'Permission level required to edit redirect URLs', 'peters-login-redirect' ); ?></strong></p>
1430
- </td>
1431
- <td>
1432
- <select name="rul_required_capability">
1433
- <?php
1434
- $rul_levelnames = rul_returnlevelnames();
1435
- // Build the option HTML
1436
- foreach( $rul_levelnames as $rul_levelname )
1437
- {
1438
- print '<option value="' . $rul_levelname . '"';
1439
- if( $rul_levelname == $rul_settings['rul_required_capability'] )
1440
- {
1441
- print ' selected="selected"';
1442
- }
1443
- print '>' . $rul_levelname . '</option>';
1444
- }
1445
- ?>
1446
- </select>
1447
- </td>
1448
- </tr>
1449
- </table>
1450
- <p class="submit">
1451
- <input name="rul_settingssubmit" type="submit" value="<?php _e( 'Update', 'peters-login-redirect' ); ?>" />
1452
- <?php wp_nonce_field( 'settings' ); ?>
1453
- </p>
1454
- </form>
1455
- </div>
1456
- <?php
1457
  } // close rul_optionsmenu()
1458
 
1459
  /*
@@ -1467,57 +1213,46 @@ if( is_admin() )
1467
  global $wpdb, $rul_version, $rul_db_addresses;
1468
 
1469
  // Turn version into an integer for comparisons
1470
- $current_version = intval( str_replace( '.', '', get_option( 'rul_version' ) ) );
1471
 
1472
- if( $current_version < 220 )
1473
- {
1474
- $wpdb->query( "ALTER TABLE `$rul_db_addresses` ADD `rul_url_logout` LONGTEXT NOT NULL default '' AFTER `rul_url`" );
1475
  }
1476
 
1477
- if( $current_version < 250 )
1478
- {
1479
  // Insert the "on-register" redirect entry
1480
 
1481
- $wpdb->query( "ALTER TABLE `$rul_db_addresses` CHANGE `rul_type` `rul_type` ENUM( 'user', 'role', 'level', 'all', 'register' ) NOT NULL" );
1482
- $wpdb->insert( $rul_db_addresses,
1483
- array( 'rul_type' => 'register' )
1484
  );
1485
  }
1486
 
1487
- if( $current_version < 253 )
1488
- {
1489
  // Allow NULL values for non-essential fields
1490
- $wpdb->query( "ALTER TABLE `$rul_db_addresses` CHANGE `rul_value` `rul_value` varchar(255) NULL default NULL" );
1491
- $wpdb->query( "ALTER TABLE `$rul_db_addresses` CHANGE `rul_url` `rul_url` LONGTEXT NULL default NULL" );
1492
- $wpdb->query( "ALTER TABLE `$rul_db_addresses` CHANGE `rul_url_logout` `rul_url_logout` LONGTEXT NULL default NULL" );
1493
  }
1494
 
1495
- if( $current_version < 261 )
1496
- {
1497
- // Change required capability to access settings page to manage_categories (since manage_links is deprecated)
1498
- rulRedirectFunctionCollection::set_setting( 'rul_required_capability', 'manage_categories' );
1499
- }
1500
-
1501
- if( $current_version < 291 )
1502
- {
1503
  // Reduce size of rul_value field to support utf8mb4 character encoding
1504
- $wpdb->query( "ALTER TABLE `$rul_db_addresses` CHANGE `rul_value` `rul_value` varchar(191) NULL default NULL" );
1505
  }
1506
 
1507
- if( $current_version != intval( str_replace( '.', '', $rul_version ) ) )
1508
- {
1509
  // Add the version number to the database
1510
- delete_option( 'rul_version' );
1511
- add_option( 'rul_version', $rul_version, '', 'no' );
1512
  }
1513
  }
 
1514
  function rul_install()
1515
  {
1516
  global $wpdb, $rul_db_addresses, $rul_version;
1517
 
1518
  // Add the table to hold group information and moderator rules
1519
- if( $rul_db_addresses != $wpdb->get_var("SHOW TABLES LIKE '$rul_db_addresses'") )
1520
- {
1521
  $sql = "CREATE TABLE $rul_db_addresses (
1522
  `rul_type` enum('user','role','level','all','register') NOT NULL,
1523
  `rul_value` varchar(191) NULL default NULL,
@@ -1530,17 +1265,17 @@ if( is_admin() )
1530
  $wpdb->query($sql);
1531
 
1532
  // Insert the "all" redirect entry
1533
- $wpdb->insert( $rul_db_addresses,
1534
- array( 'rul_type' => 'all' )
1535
  );
1536
 
1537
  // Insert the "on-register" redirect entry
1538
- $wpdb->insert( $rul_db_addresses,
1539
- array( 'rul_type' => 'register' )
1540
  );
1541
 
1542
  // Set the version number in the database
1543
- add_option( 'rul_version', $rul_version, '', 'no' );
1544
  }
1545
 
1546
  rul_upgrade();
@@ -1551,30 +1286,28 @@ if( is_admin() )
1551
  global $wpdb, $rul_db_addresses;
1552
 
1553
  // Remove the table we created
1554
- if( $rul_db_addresses == $wpdb->get_var('SHOW TABLES LIKE \'' . $rul_db_addresses . '\'') )
1555
- {
1556
  $sql = 'DROP TABLE ' . $rul_db_addresses;
1557
  $wpdb->query($sql);
1558
  }
1559
 
1560
- delete_option( 'rul_version' );
1561
- delete_option( 'rul_settings' );
1562
  }
1563
 
1564
  function rul_addoptionsmenu()
1565
  {
1566
- $rul_required_capability = rulRedirectFunctionCollection::get_settings( 'rul_required_capability' );
1567
- add_options_page( 'Login/logout redirects', 'Login/logout redirects', $rul_required_capability, 'wplogin_redirect.php', 'rul_optionsmenu' );
1568
  }
1569
 
1570
- add_action( 'admin_menu', 'rul_addoptionsmenu', 1 );
1571
  }
1572
 
1573
- register_activation_hook( __FILE__, 'rul_install' );
1574
- register_uninstall_hook( __FILE__, 'rul_uninstall' );
1575
- if( !rulRedirectFunctionCollection::get_settings( 'rul_use_redirect_controller' ) )
1576
- {
1577
- add_filter( 'login_redirect', 'redirect_wrapper', 10, 3 );
1578
- }
1579
- add_filter( 'registration_redirect', array( 'rulRedirectPostRegistration', 'post_registration_wrapper' ), 10, 2 );
1580
- add_action( 'wp_logout', array( 'rulLogoutFunctionCollection', 'logout_redirect' ), 10 );
5
  Description: Redirect users to different locations after logging in. Define a set of rules for specific users, user with specific roles, users with specific capabilities, and a blanket rule for all other users. This is all managed in Settings > Login/logout redirects.
6
  Author: Peter Keung
7
  Author URI: http://www.theblog.ca
8
+ Version: 2.9.5
9
  Text Domain: peters-login-redirect
10
  Domain Path: /languages/
11
  */
12
 
13
  require_once dirname(__FILE__) . '/mo-admin-notice-featured.php';
14
 
15
+ add_action('init', 'rul_textdomain');
16
  function rul_textdomain()
17
  {
18
  load_plugin_textdomain('peters-login-redirect', false, dirname(plugin_basename(__FILE__)) . '/languages');
23
  global $rul_version;
24
  // Name of the database table that will hold group information and moderator rules
25
  $rul_db_addresses = $wpdb->prefix . 'login_redirects';
26
+ $rul_version = '2.9.5';
27
+
28
+ // doing this so we can pass current user logging out since it is no longer active after logout
29
+ if ( ! function_exists('wp_logout')) :
30
+ /**
31
+ * Log the current user out.
32
+ *
33
+ * @since 2.5.0
34
+ */
35
+ function wp_logout()
36
+ {
37
+ $current_user = wp_get_current_user();
38
+ wp_destroy_current_session();
39
+ wp_clear_auth_cookie();
40
+ wp_set_current_user(0);
41
+
42
+ /**
43
+ * Fires after a user is logged-out.
44
+ *
45
+ * @since 1.5.0
46
+ */
47
+ do_action('wp_logout', $current_user);
48
+ }
49
+ endif;
50
 
51
  // Some helper functions, all "public static" in PHP5 land
52
  class rulRedirectFunctionCollection
56
  Defaults are defined here, but the settings values should be edited in the WordPress admin panel.
57
  If no setting is asked for, then it returns an array of all settings; otherwise it returns a specific setting
58
  */
59
+ static function get_settings($setting = false)
60
  {
61
  $rul_settings = array();
62
 
 
 
 
 
 
63
  // Allow a POST or GET "redirect_to" variable to take precedence over settings within the plugin
64
  $rul_settings['rul_allow_post_redirect_override'] = false;
65
 
66
  // Allow a POST or GET logout "redirect_to" variable to take precedence over settings within the plugin
67
  $rul_settings['rul_allow_post_redirect_override_logout'] = false;
68
 
 
 
 
 
 
 
 
 
 
 
69
  $rul_settings_from_options_table = rulRedirectFunctionCollection::get_settings_from_options_table();
70
 
71
  // Merge the default settings with the settings form the database
72
  // Limit the settings in case there are ones from the database that are old
73
+ foreach ($rul_settings as $setting_name => $setting_value) {
74
+ if (isset($rul_settings_from_options_table[$setting_name])) {
 
 
75
  $rul_settings[$setting_name] = $rul_settings_from_options_table[$setting_name];
76
  }
77
  }
78
+
79
+ if ( ! $setting) {
80
  return $rul_settings;
81
  }
82
+
83
+ if ($setting && isset($rul_settings[$setting])) {
84
  return $rul_settings[$setting];
85
  }
86
+
87
+ return false;
 
 
88
  }
89
+
90
  static function get_settings_from_options_table()
91
  {
92
+ return get_option('rul_settings', array());
93
  }
94
+
95
+ static function set_setting($setting = false, $value = false)
96
  {
97
+ if ($setting) {
 
98
  $current_settings = rulRedirectFunctionCollection::get_settings();
99
+ if ($current_settings) {
 
100
  $current_settings[$setting] = $value;
101
+ update_option('rul_settings', $current_settings);
102
  }
103
  }
104
  }
111
  {
112
  global $wpdb;
113
 
114
+ $roles = get_option($wpdb->prefix . 'user_roles');
115
+ $user_roles = $current_user->{$wpdb->prefix . 'capabilities'};
116
+ $user_roles = array_keys($user_roles, true);
117
+ $role = $user_roles[0];
118
  $capabilities = $roles[$role]['capabilities'];
119
 
120
+ if (in_array($capability, array_keys($capabilities, true))) {
121
  // check array keys of capabilities for match against requested capability
122
  return true;
123
  }
124
+
125
  return false;
126
  }
127
 
128
  /*
129
  A generic function to return the value mapped to a particular variable
130
  */
131
+ static function rul_get_variable($variable, $user)
132
  {
133
+ $variable_value = apply_filters('rul_replace_variable', false, $variable, $user);
134
+ if ( ! $variable_value) {
 
135
  // Return the permalink of the post ID
136
+ if (0 === strpos($variable, 'postid-')) {
137
+ $post_id = str_replace('postid-', '', $variable);
138
+ $permalink = get_permalink($post_id);
139
+ if ($permalink) {
 
 
140
  $variable_value = $permalink;
141
  }
142
+ } else {
143
+ switch ($variable) {
 
 
 
144
  // Returns the current user's username (only use this if you know they're logged in)
145
  case 'username':
146
+ $variable_value = rawurlencode($user->user_login);
147
  break;
148
  // Returns the current user's author slug aka nickname as used in URLs
149
  // sanitize_title should not be required here since it was already done on insert
161
  // Returns the login referrer in order to redirect back to the same page
162
  // Note that this will not work if the referrer is the same as the login processor (otherwise in a standard setup you'd redirect to the login form)
163
  case 'http_referer':
164
+ $http_referer_parts = parse_url($_SERVER['HTTP_REFERER']);
165
+ if ($_SERVER['REQUEST_URI'] != $http_referer_parts['path']) {
 
166
  $variable_value = $_SERVER['HTTP_REFERER'];
167
+ } else {
 
 
168
  $variable_value = '';
169
  }
170
  break;
174
  }
175
  }
176
  }
177
+
178
  return $variable_value;
179
  }
180
 
181
  /*
182
  Replaces the syntax [variable]variable_name[/variable] with whatever has been mapped to the variable_name in the rul_get_variable function
183
  */
184
+ static function rul_replace_variable($string, $user)
185
  {
186
+ preg_match_all("/\[variable\](.*?)\[\/variable\]/is", $string, $out);
187
 
188
+ if ( ! empty($out[0])) {
189
+ foreach ($out[0] as $instance => $full_match) {
190
+ $replaced_variable = rulRedirectFunctionCollection::rul_get_variable($out[1][$instance], $user);
191
+ $string = str_replace($full_match, $replaced_variable, $string);
192
+ }
193
  }
194
 
195
  return $string;
196
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
197
  }
198
 
199
  // Functions specific to logout redirecting
200
  class rulLogoutFunctionCollection
201
  {
202
+ static function logout_redirect($current_user)
203
  {
204
+ $rul_allow_post_redirect_override_logout = rulRedirectFunctionCollection::get_settings('rul_allow_post_redirect_override_logout');
205
+
206
+ $requested_redirect_to = ! empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : false;
207
+
208
+ if ( ! $requested_redirect_to || ! $rul_allow_post_redirect_override_logout) {
209
+ $rul_url = rulLogoutFunctionCollection::get_redirect_url($current_user, $requested_redirect_to);
210
+
211
+ if ($rul_url) {
212
+ wp_redirect($rul_url);
213
+ die();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
214
  }
215
  }
 
216
  }
217
+
218
+ static function logout_redirect_2($redirect_to, $requested_redirect_to, $current_user)
219
+ {
220
+ $rul_allow_post_redirect_override_logout = rulRedirectFunctionCollection::get_settings('rul_allow_post_redirect_override_logout');
221
+
222
+ $requested_redirect_to = ! empty($requested_redirect_to) ? $requested_redirect_to : false;
223
+
224
+ if ( ! $requested_redirect_to || ! $rul_allow_post_redirect_override_logout) {
225
+ $rul_url = rulLogoutFunctionCollection::get_redirect_url($current_user, $requested_redirect_to);
226
+
227
+ if ($rul_url) {
228
+ $redirect_to = $rul_url;
229
+ }
230
+ }
231
+
232
+ return $redirect_to;
233
+ }
234
+
235
  // Get the logout redirect URL according to defined rules
236
  // Functionality for user-, role-, and capability-specific redirect rules is available
237
  // Note that only the "all other users" redirect URL is currently implemented in the UI
238
+ static function get_redirect_url($user, $requested_redirect_to)
239
  {
240
  global $wpdb, $rul_db_addresses;
241
 
242
  $redirect_to = false;
243
 
244
  // Check for an extended custom redirect rule
245
+ $rul_custom_redirect = apply_filters('rul_before_user_logout', false, $requested_redirect_to, $user);
246
 
247
+ if ($rul_custom_redirect) {
248
+ return rulRedirectFunctionCollection::rul_replace_variable($rul_custom_redirect, $user);
 
 
249
  }
250
 
251
  // Check for a redirect rule for this user
252
  $rul_user = $wpdb->get_var('SELECT rul_url_logout FROM ' . $rul_db_addresses .
253
+ ' WHERE rul_type = \'user\' AND rul_value = \'' . $user->user_login . '\' LIMIT 1');
254
 
255
+ if ($rul_user) {
256
+ return rulRedirectFunctionCollection::rul_replace_variable($rul_user, $user);
 
 
257
  }
258
 
259
  // Check for an extended custom redirect rule
260
+ $rul_custom_redirect = apply_filters('rul_before_role_logout', false, $requested_redirect_to, $user);
261
+
262
+ if ($rul_custom_redirect) {
263
+ return rulRedirectFunctionCollection::rul_replace_variable($rul_custom_redirect, $user);
 
264
  }
265
 
266
  // Check for a redirect rule that matches this user's role
267
  $rul_roles = $wpdb->get_results('SELECT rul_value, rul_url_logout FROM ' . $rul_db_addresses .
268
+ ' WHERE rul_type = \'role\'', OBJECT);
269
+
270
+ if ($rul_roles) {
271
+ foreach ($rul_roles as $rul_role) {
272
+ if ('' != $rul_role->rul_url_logout && isset($user->{$wpdb->prefix . 'capabilities'}[$rul_role->rul_value])) {
273
+ return rulRedirectFunctionCollection::rul_replace_variable($rul_role->rul_url_logout, $user);
 
 
 
 
274
  }
275
  }
276
  }
277
 
278
  // Check for an extended custom redirect rule
279
+ $rul_custom_redirect = apply_filters('rul_before_capability_logout', false, $requested_redirect_to, $user);
280
+ if ($rul_custom_redirect) {
281
+ return rulRedirectFunctionCollection::rul_replace_variable($rul_custom_redirect, $user);
 
 
282
  }
283
 
284
  // Check for a redirect rule that matches this user's capability
285
+ $rul_levels = $wpdb->get_results('SELECT rul_value, rul_url_logout FROM ' . $rul_db_addresses .
286
+ ' WHERE rul_type = \'level\' ORDER BY rul_order, rul_value', OBJECT);
287
+
288
+ if ($rul_levels) {
289
+ foreach ($rul_levels as $rul_level) {
290
+ if ('' != $rul_level->rul_url_logout && rulRedirectFunctionCollection::redirect_current_user_can($rul_level->rul_value, $user)) {
291
+ return rulRedirectFunctionCollection::rul_replace_variable($rul_level->rul_url_logout, $user);
 
 
 
 
292
  }
293
  }
294
  }
295
 
296
  // Check for an extended custom redirect rule
297
+ $rul_custom_redirect = apply_filters('rul_before_fallback_logout', false, $requested_redirect_to, $user);
298
+ if ($rul_custom_redirect) {
299
+ return rulRedirectFunctionCollection::rul_replace_variable($rul_custom_redirect, $user);
 
 
300
  }
301
 
302
  // If none of the above matched, look for a rule to apply to all users
303
  $rul_all = $wpdb->get_var('SELECT rul_url_logout FROM ' . $rul_db_addresses .
304
+ ' WHERE rul_type = \'all\' LIMIT 1');
305
 
306
+ if ($rul_all) {
307
+ return rulRedirectFunctionCollection::rul_replace_variable($rul_all, $user);
 
 
308
  }
309
 
310
  // No rules matched or existed, so just send them to the WordPress admin panel as usual
315
  // Functions for redirecting post-registration
316
  class rulRedirectPostRegistration
317
  {
318
+ static function post_registration_wrapper($requested_redirect_to)
319
  {
320
  /*
321
  Some limitations:
322
  - Not yet implemented but possible: toggle whether to allow a GET or POST override of the redirect_to variable (currently it is "yes")
 
323
  - Not yet possible: Username-customized page, since the WordPress hook is implemented pre-registration, not post-registration
324
  */
325
 
326
+ $rul_url = rulRedirectPostRegistration::get_redirect_url($requested_redirect_to);
327
+ if ($rul_url) {
 
328
  return $rul_url;
329
  }
330
+
331
  return $requested_redirect_to;
332
  }
333
 
334
  // Looks up the redirect URL, if any
335
+ static function get_redirect_url($requested_redirect_to)
336
  {
337
  global $wpdb, $rul_db_addresses;
338
 
339
  $redirect_to = false;
340
 
341
  $rul_all = $wpdb->get_var('SELECT rul_url FROM ' . $rul_db_addresses .
342
+ ' WHERE rul_type = \'register\' LIMIT 1');
343
+
344
+ if ($rul_all) {
345
+ $redirect_to = rulRedirectFunctionCollection::rul_replace_variable($rul_all, false);
346
 
 
 
 
347
  return $redirect_to;
348
  }
349
 
353
  }
354
 
355
  // This function wraps around the main redirect function to determine whether or not to bypass the WordPress local URL limitation
356
+ function redirect_wrapper($redirect_to, $requested_redirect_to, $user)
357
  {
358
+ $rul_allow_post_redirect_override = rulRedirectFunctionCollection::get_settings('rul_allow_post_redirect_override');
 
359
 
360
  // If they're on the login page, don't do anything
361
+ if ( ! isset($user->user_login)) {
 
362
  return $redirect_to;
363
  }
364
 
365
+ if ((admin_url() == $redirect_to && $rul_allow_post_redirect_override) || ! $rul_allow_post_redirect_override) {
366
+ $rul_url = redirect_to_front_page($redirect_to, $requested_redirect_to, $user);
367
+ if ($rul_url) {
368
+ return $rul_url;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
369
  }
370
  }
371
+
372
  return $redirect_to;
373
  }
374
 
375
  // This function sets the URL to redirect to
376
 
377
+ function redirect_to_front_page($redirect_to, $requested_redirect_to, $user)
378
  {
379
  global $wpdb, $rul_db_addresses;
380
 
381
  // Check for an extended custom redirect rule
382
+ $rul_custom_redirect = apply_filters('rul_before_user', false, $redirect_to, $requested_redirect_to, $user);
383
+ if ($rul_custom_redirect) {
384
+ $redirect_to = rulRedirectFunctionCollection::rul_replace_variable($rul_custom_redirect, $user);
385
+
386
  return $redirect_to;
387
  }
388
 
389
  // Check for a redirect rule for this user
390
  $rul_user = $wpdb->get_var('SELECT rul_url FROM ' . $rul_db_addresses .
391
+ ' WHERE rul_type = \'user\' AND rul_value = \'' . $user->user_login . '\' LIMIT 1');
392
+
393
+ if ($rul_user) {
394
+ $redirect_to = rulRedirectFunctionCollection::rul_replace_variable($rul_user, $user);
395
 
 
 
 
396
  return $redirect_to;
397
  }
398
 
399
  // Check for an extended custom redirect rule
400
+ $rul_custom_redirect = apply_filters('rul_before_role', false, $redirect_to, $requested_redirect_to, $user);
401
+ if ($rul_custom_redirect) {
402
+ $redirect_to = rulRedirectFunctionCollection::rul_replace_variable($rul_custom_redirect, $user);
403
+
404
  return $redirect_to;
405
  }
406
 
407
  // Check for a redirect rule that matches this user's role
408
  $rul_roles = $wpdb->get_results('SELECT rul_value, rul_url FROM ' . $rul_db_addresses .
409
+ ' WHERE rul_type = \'role\'', OBJECT);
410
+
411
+ if ($rul_roles) {
412
+ foreach ($rul_roles as $rul_role) {
413
+ if ('' != $rul_role->rul_url && isset($user->{$wpdb->prefix . 'capabilities'}[$rul_role->rul_value])) {
414
+ $redirect_to = rulRedirectFunctionCollection::rul_replace_variable($rul_role->rul_url, $user);
415
 
 
 
 
 
 
 
 
416
  return $redirect_to;
417
  }
418
  }
419
  }
420
 
421
  // Check for an extended custom redirect rule
422
+ $rul_custom_redirect = apply_filters('rul_before_capability', false, $redirect_to, $requested_redirect_to, $user);
423
+ if ($rul_custom_redirect) {
424
+ $redirect_to = rulRedirectFunctionCollection::rul_replace_variable($rul_custom_redirect, $user);
425
+
426
  return $redirect_to;
427
  }
428
 
429
  // Check for a redirect rule that matches this user's capability
430
  $rul_levels = $wpdb->get_results('SELECT rul_value, rul_url FROM ' . $rul_db_addresses .
431
+ ' WHERE rul_type = \'level\' ORDER BY rul_order, rul_value', OBJECT);
432
+
433
+ if ($rul_levels) {
434
+ foreach ($rul_levels as $rul_level) {
435
+ if ('' != $rul_level->rul_url && rulRedirectFunctionCollection::redirect_current_user_can($rul_level->rul_value, $user)) {
436
+ $redirect_to = rulRedirectFunctionCollection::rul_replace_variable($rul_level->rul_url, $user);
437
 
 
 
 
 
 
 
 
438
  return $redirect_to;
439
  }
440
  }
441
  }
442
 
443
  // Check for an extended custom redirect rule
444
+ $rul_custom_redirect = apply_filters('rul_before_fallback', false, $redirect_to, $requested_redirect_to, $user);
445
+ if ($rul_custom_redirect) {
446
+ $redirect_to = rulRedirectFunctionCollection::rul_replace_variable($rul_custom_redirect, $user);
447
+
448
  return $redirect_to;
449
  }
450
 
451
  // If none of the above matched, look for a rule to apply to all users
452
  $rul_all = $wpdb->get_var('SELECT rul_url FROM ' . $rul_db_addresses .
453
+ ' WHERE rul_type = \'all\' LIMIT 1');
454
+
455
+ if ($rul_all) {
456
+ $redirect_to = rulRedirectFunctionCollection::rul_replace_variable($rul_all, $user);
457
 
 
 
 
458
  return $redirect_to;
459
  }
460
 
469
  // You can specify tags to go around the returned link (or wrap it with no tags); by default this is a list item
470
  // You can also specify whether to print out the link or just return it
471
 
472
+ function rul_register($before = '<li>', $after = '</li>', $give_echo = true)
473
+ {
474
  global $current_user;
475
 
476
+ if ( ! is_user_logged_in()) {
477
+ if (get_option('users_can_register'))
478
  $link = $before . '<a href="' . site_url('wp-login.php?action=register', 'login') . '">' . __('Register', 'peters-login-redirect') . '</a>' . $after;
479
  else
480
  $link = '';
484
 
485
  if ($give_echo) {
486
  echo $link;
487
+ } else {
 
488
  return $link;
489
  }
490
  }
491
 
492
+ if (is_admin()) {
 
493
 
494
  // Returns all option HTML for all usernames in the system except for those supplied to it
495
+ function rul_returnusernames($exclude)
496
+ {
497
  global $wpdb;
498
 
499
  $rul_returnusernames = '';
500
 
501
  // Build the "not in" part of the MySQL query
502
+ $exclude_users = "'" . implode("','", $exclude) . "'";
503
 
504
  $rul_userresults = $wpdb->get_results('SELECT user_login FROM ' . $wpdb->users . ' WHERE user_login NOT IN (' . $exclude_users . ') ORDER BY user_login', ARRAY_N);
505
 
514
  }
515
 
516
  // Returns all roles in the system
517
+ function rul_returnrolenames()
518
+ {
519
  global $wp_roles;
520
 
521
  $rul_returnrolenames = array();
527
  }
528
 
529
  // Returns option HTML for all roles in the system, except for those supplied to it
530
+ function rul_returnroleoptions($exclude)
531
+ {
532
 
533
  // Relies on a function that just returns the role names
534
  $rul_rolenames = rul_returnrolenames($exclude);
538
  // Build the option HTML
539
  if ($rul_rolenames) {
540
  foreach ($rul_rolenames as $rul_rolename) {
541
+ if ( ! isset($exclude[$rul_rolename])) {
542
  $rul_returnroleoptions .= '<option value="' . $rul_rolename . '">' . $rul_rolename . '</option>';
543
  }
544
  }
549
  }
550
 
551
  // Returns all level names in the system
552
+ function rul_returnlevelnames()
553
+ {
554
  global $wp_roles;
555
 
556
  $rul_returnlevelnames = array();
568
  }
569
 
570
  // Returns option HTML for all levels in the system, except for those supplied to it
571
+ function rul_returnleveloptions($exclude)
572
+ {
573
 
574
  // Relies on a function that just returns the level names
575
  $rul_levelnames = rul_returnlevelnames();
578
 
579
  // Build the option HTML
580
  foreach ($rul_levelnames as $rul_levelname) {
581
+ if ( ! isset($exclude[$rul_levelname])) {
582
  $rul_returnleveloptions .= '<option value="' . $rul_levelname . '">' . $rul_levelname . '</option>';
583
  }
584
  }
588
  }
589
 
590
  // Wraps the return message in an informational div
591
+ function rul_format_return($innerMessage)
592
  {
593
  return '<div id="message" class="updated fade">' . $innerMessage . '</div>';
594
  }
595
 
596
  // Validates adds and edits to make sure that the user / role / level
597
+ function rul_validate_submission($typeValue, $type)
598
  {
599
+ $success = true;
600
  $error_message = '';
601
 
602
+ if ($type == 'user') {
603
+ if ( ! username_exists($typeValue)) {
604
+ $success = false;
605
+ $error_message = '<p><strong>****' . __('ERROR: Non-existent username submitted ', 'peters-login-redirect') . '****</strong></p>';
 
 
606
  }
607
+ } elseif ($type == 'role') {
 
 
608
  // Get a list of roles in the system so that we can verify that a valid role was submitted
609
  $rul_existing_rolenames = rul_returnrolenames();
610
+ if ( ! isset($rul_existing_rolenames[$typeValue])) {
611
+ $success = false;
612
+ $error_message = '<p><strong>****' . __('ERROR: Non-existent role submitted ', 'peters-login-redirect') . '****</strong></p>';
 
613
  }
614
+ } elseif ($type == 'level') {
 
 
615
  // Get a list of levels in the system so that we can verify that a valid level was submitted
616
+ $rul_existing_levelnames = array_flip(rul_returnlevelnames());
617
 
618
+ if ( ! isset($rul_existing_levelnames[$typeValue])) {
619
+ $success = false;
620
+ $error_message = '<p><strong>****' . __('ERROR: Non-existent level submitted ', 'peters-login-redirect') . '****</strong></p>';
 
621
  }
622
  }
623
 
624
+ return array('success' => $success, 'error_message' => $error_message);
625
  }
626
 
627
  // Validates deletions by simply making sure that the entry isn't empty
628
  // Additional validation / escaping should be performed if WordPress ever removes its automatic addslashes calls (see http://www.theblog.ca/wordpress-addslashes-magic-quotes); at that point, use https://codex.wordpress.org/Class_Reference/wpdb#DELETE_Rows
629
+ function rul_validate_deletion($typeValue, $type)
630
  {
631
+ $success = true;
632
  $error_message = '';
633
 
634
+ if (trim($typeValue) == '') {
635
+ $success = false;
636
+ $error_message = '<p><strong>****' . sprintf(__('ERROR: Empty %s submitted ', 'peters-login-redirect'), $type) . '****</strong></p>';
 
637
  }
638
+
639
+ return array('success' => $success, 'error_message' => $error_message);
640
  }
641
 
642
  // Processes adding a new redirect rule
643
  // $type can be user, role, or level
644
+ function rul_submit_rule($typeValue, $address, $address_logout, $order = 0, $type)
645
  {
646
  global $wpdb, $rul_db_addresses;
647
 
648
  // Ensure that the request came from the back-end
649
+ check_admin_referer('rul_' . $type . '_submit');
650
 
651
  $rul_process_submit = '';
652
 
653
+ if ($typeValue && ($address || $address_logout)) {
 
654
  // Validation depending on the type
655
+ $validation = rul_validate_submission($typeValue, $type);
656
  $rul_submit_success = $validation['success'];
657
  $rul_process_submit = $validation['error_message'];
658
 
659
+ if ($rul_submit_success) {
 
 
 
 
660
 
661
+ // Insert a new rule
662
+
663
+ $order = abs(intval($order));
664
+ if ($order > 99) {
665
+ $order = 0;
666
  }
667
+
668
+ $rul_update_rule = $wpdb->insert($rul_db_addresses,
669
+ array(
670
+ 'rul_url' => $address
671
+ , 'rul_url_logout' => $address_logout
672
+ , 'rul_type' => $type
673
+ , 'rul_value' => $typeValue
674
+ , 'rul_order' => $order
675
+ )
676
+ , array('%s', '%s', '%s', '%s', '%d')
677
+ );
678
+
679
+ if ( ! $rul_update_rule) {
680
+ $rul_submit_success = false;
681
+ $rul_process_submit = '<p><strong>****' . sprintf(__('ERROR: Unknown error adding %s-specific redirect for %s %s', 'peters-login-redirect'), $type, $type, $typeValue) . '****</strong></p>';
 
 
 
 
 
 
 
 
 
 
 
682
  }
683
  }
684
 
685
+ if ($rul_submit_success) {
686
+ $rul_process_submit = '<p>' . sprintf(__('Successfully added %s-specific redirect rule for %s', 'peters-login-redirect'), $type, $typeValue) . '</p>';
 
687
  }
688
  }
689
 
690
+ return rul_format_return($rul_process_submit);
691
  }
692
 
693
  // Edits a redirect rule
694
  // $type can be user, role, or level
695
+ function rul_edit_rule($typeValue, $address, $address_logout, $order = 0, $type)
696
  {
697
  global $wpdb, $rul_db_addresses;
698
 
699
  // Ensure that the request came from the back-end
700
+ check_admin_referer('rul_' . $type . '_edit');
701
 
702
+ if ($typeValue && ($address || $address_logout)) {
 
703
  // Validation depending on the type
704
+ $validation = rul_validate_submission($typeValue, $type);
705
  $rul_submit_success = $validation['success'];
706
  $rul_process_submit = $validation['error_message'];
707
 
708
+ if ($rul_submit_success) {
709
+ // Edit the rule
 
 
 
710
 
711
+ $order = abs(intval($order));
712
+ if ($order > 99) {
713
+ $order = 0;
 
714
  }
715
+
716
+ $rul_update_rule = $wpdb->update($rul_db_addresses,
717
+ array(
718
+ 'rul_url' => $address,
719
+ 'rul_url_logout' => $address_logout,
720
+ 'rul_order' => $order
721
+ ),
722
+ array(
723
+ 'rul_value' => $typeValue,
724
+ 'rul_type' => $type
725
+ ),
726
+ array('%s', '%s', '%d'),
727
+ array('%s', '%s')
728
+ );
729
+
730
+ if ( ! $rul_update_rule) {
731
+ $rul_submit_success = false;
732
+ $rul_process_submit = '<p><strong>****' . sprintf(__('ERROR: Unknown error editing %s-specific redirect for %s %s', 'peters-login-redirect'), $type, $type, $typeValue) . '****</strong></p>';
 
 
 
 
 
 
 
 
 
 
 
733
  }
734
  }
735
 
736
+ if ($rul_submit_success) {
737
+ $rul_process_submit = '<p>' . sprintf(__('Successfully edited %s-specific redirect rule for %s', 'peters-login-redirect'), $type, $typeValue) . '</p>';
 
738
  }
739
  }
740
 
741
+ return rul_format_return($rul_process_submit);
742
  }
743
 
744
  // Deletes a redirect rule
745
  // $type can be user, role, or level
746
+ function rul_delete_rule($typeValue, $type)
747
  {
748
  global $wpdb, $rul_db_addresses;
749
 
750
  // Ensure that the request came from the back-end
751
+ check_admin_referer('rul_' . $type . '_edit');
752
 
753
+ if ($typeValue) {
 
754
  // Validation depending on the type
755
+ $validation = rul_validate_deletion($typeValue, $type);
756
  $rul_submit_success = $validation['success'];
757
  $rul_process_submit = $validation['error_message'];
758
 
759
+ if ($rul_submit_success) {
 
760
  // Delete the rule
761
+ $rul_update_rule = $wpdb->query("DELETE FROM `$rul_db_addresses` WHERE `rul_value` = '$typeValue' AND `rul_type` = '$type' LIMIT 1");
762
 
763
+ if ( ! $rul_update_rule) {
 
764
  $rul_submit_success = false;
765
+ $rul_process_submit = '<p><strong>****' . sprintf(__('ERROR: Unknown error deleting %s-specific redirect for %s %s', 'peters-login-redirect'), $type, $type, $typeValue) . '****</strong></p>';
766
  }
767
  }
768
 
769
+ if ($rul_submit_success) {
770
+ $rul_process_submit = '<p>' . sprintf(__('Successfully deleted %s-specific redirect rule for %s', 'peters-login-redirect'), $type, $typeValue) . '</p>';
 
771
  }
772
  }
773
 
774
+ return rul_format_return($rul_process_submit);
775
  }
776
 
777
+ function rul_submit_all($update_or_delete, $address, $address_logout)
778
  {
779
  global $wpdb, $rul_db_addresses;
780
 
781
  // Ensure that the request came from the back-end
782
+ check_admin_referer('rul_allupdatesubmit');
783
 
784
+ $address = trim($address);
785
+ $address_logout = trim($address_logout);
786
 
787
  // Open the informational div
788
  $rul_process_submit = '<div id="message" class="updated fade">';
795
  // ----------------------------------
796
 
797
  // Since we never actually, remove the "all" entry, here we just make its value empty
798
+ if ($update_or_delete == 'delete') {
799
+ $update = $wpdb->update(
 
800
  $rul_db_addresses,
801
+ array('rul_url' => '', 'rul_url_logout' => ''),
802
+ array('rul_type' => 'all')
803
  );
804
 
805
+ if ($update === false) {
806
+ $rul_process_submit .= '<p><strong>****' . __('ERROR: Unknown database problem removing URL for &#34;all other users&#34; ', 'peters-login-redirect') . '****</strong></p>';
807
+ } else {
808
+ $rul_process_submit .= '<p>' . __('Successfully removed URL for &#34;all other users&#34; ', 'peters-login-redirect') . '</p>';
 
 
 
809
  }
810
+ } elseif ($update_or_delete == 'update') {
811
+ $update = $wpdb->update(
812
+ $rul_db_addresses,
813
+ array('rul_url' => $address, 'rul_url_logout' => $address_logout),
814
+ array('rul_type' => 'all')
815
+ );
 
 
 
 
 
 
 
 
 
 
 
 
 
816
 
817
+ if ($update === false) {
818
+ $rul_process_submit .= '<p><strong>****' . __('ERROR: Unknown database problem updating URL for &#34;all other users&#34; ', 'peters-login-redirect') . '****</strong></p>';
819
+ } else {
820
+ $rul_process_submit .= '<p>' . __('Successfully updated URL for &#34;all other users&#34;', 'peters-login-redirect') . '</p>';
 
 
 
 
821
  }
822
  }
823
 
828
  return $rul_process_submit;
829
  }
830
 
831
+ function rul_submit_register($update_or_delete, $address)
832
  {
833
  global $wpdb, $rul_db_addresses;
834
 
835
  // Ensure that the request came from the back-end
836
+ check_admin_referer('rul_registerupdatesubmit');
837
 
838
+ $address = trim($address);
839
 
840
  // Open the informational div
841
  $rul_process_submit = '<div id="message" class="updated fade">';
848
  // ----------------------------------
849
 
850
  // Since we never actually remove the "register" entry, here we just make its value empty
851
+ if ($update_or_delete == 'delete') {
852
+ $update = $wpdb->update(
 
853
  $rul_db_addresses,
854
+ array('rul_url' => ''),
855
+ array('rul_type' => 'register')
856
  );
857
 
858
+ if ($update === false) {
859
+ $rul_process_submit .= '<p><strong>****' . __('ERROR: Unknown database problem removing URL for &#34;post-registration&#34; ', 'peters-login-redirect') . '****</strong></p>';
860
+ } else {
861
+ $rul_process_submit .= '<p>' . __('Successfully removed URL for &#34;post-registration&#34; ', 'peters-login-redirect') . '</p>';
 
 
 
 
 
 
 
 
 
 
 
 
862
  }
863
+ } elseif ($update_or_delete == 'update') {
864
+ $update = $wpdb->update(
865
+ $rul_db_addresses,
866
+ array('rul_url' => $address),
867
+ array('rul_type' => 'register')
868
+ );
869
 
870
+ if ($update === false) {
871
+ $rul_process_submit .= '<p><strong>****' . __('ERROR: Unknown database problem updating URL for &#34;post-registration&#34; ', 'peters-login-redirect') . '****</strong></p>';
872
+ } else {
873
+ $rul_process_submit .= '<p>' . __('Successfully updated URL for &#34;post-registration&#34;', 'peters-login-redirect') . '</p>';
 
 
 
 
 
 
 
 
 
 
 
 
874
  }
875
  }
876
 
886
  function rul_submit_settings()
887
  {
888
  // Ensure that the request came from the back-end
889
+ check_admin_referer('settings');
890
 
891
  $rul_settings = rulRedirectFunctionCollection::get_settings();
892
+ foreach ($rul_settings as $setting_name => $setting_value) {
893
+ if (isset($_POST[$setting_name])) {
 
 
894
  $rul_settings[$setting_name] = $_POST[$setting_name];
895
  }
896
  }
897
+ update_option('rul_settings', $rul_settings);
898
  $rul_process_submit = '<div id="message" class="updated fade">';
899
+ $rul_process_submit .= '<p>' . __('Successfully updated plugin settings', 'peters-login-redirect') . '</p>';
900
  $rul_process_submit .= '</div>';
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
901
 
902
+ return $rul_process_submit;
 
 
 
 
 
 
 
 
 
 
 
 
903
  }
904
 
905
  // This is the Settings > Login/logout redirects menu
913
  $rul_process_submit = '';
914
 
915
  // Process submitted information to update redirect rules
916
+ if (isset($_POST['rul_username_submit'])) {
917
+ $rul_process_submit = rul_submit_rule($_POST['rul_username'], $_POST['rul_username_address'], $_POST['rul_username_logout'], 0, 'user');
918
+ } elseif (isset($_POST['rul_username_edit'])) {
919
+ $rul_process_submit = rul_edit_rule($_POST['rul_username'], $_POST['rul_username_address'], $_POST['rul_username_logout'], 0, 'user');
920
+ } elseif (isset($_POST['rul_username_delete'])) {
921
+ $rul_process_submit = rul_delete_rule($_POST['rul_username'], 'user');
922
+ } elseif (isset($_POST['rul_role_submit'])) {
923
+ $rul_process_submit = rul_submit_rule($_POST['rul_role'], $_POST['rul_role_address'], $_POST['rul_role_logout'], 0, 'role');
924
+ } elseif (isset($_POST['rul_role_edit'])) {
925
+ $rul_process_submit = rul_edit_rule($_POST['rul_role'], $_POST['rul_role_address'], $_POST['rul_role_logout'], 0, 'role');
926
+ } elseif (isset($_POST['rul_role_delete'])) {
927
+ $rul_process_submit = rul_delete_rule($_POST['rul_role'], 'role');
928
+ } elseif (isset($_POST['rul_level_submit'])) {
929
+ $rul_process_submit = rul_submit_rule($_POST['rul_level'], $_POST['rul_level_address'], $_POST['rul_level_logout'], $_POST['rul_level_order'], 'level');
930
+ } elseif (isset($_POST['rul_level_edit'])) {
931
+ $rul_process_submit = rul_edit_rule($_POST['rul_level'], $_POST['rul_level_address'], $_POST['rul_level_logout'], $_POST['rul_level_order'], 'level');
932
+ } elseif (isset($_POST['rul_level_delete'])) {
933
+ $rul_process_submit = rul_delete_rule($_POST['rul_level'], 'level');
934
+ } elseif (isset($_POST['rul_allupdatesubmit'])) {
935
+ $rul_process_submit = rul_submit_all('update', $_POST['rul_all'], $_POST['rul_all_logout']);
936
+ } elseif (isset($_POST['rul_alldeletesubmit'])) {
937
+ $rul_process_submit = rul_submit_all('delete', $_POST['rul_all'], $_POST['rul_all_logout']);
938
+ } elseif (isset($_POST['rul_registerupdatesubmit'])) {
939
+ $rul_process_submit = rul_submit_register('update', $_POST['rul_register']);
940
+ } elseif (isset($_POST['rul_registerdeletesubmit'])) {
941
+ $rul_process_submit = rul_submit_register('delete', $_POST['rul_register']);
942
+ } elseif (isset($_POST['rul_settingssubmit'])) {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
943
  $rul_process_submit = rul_submit_settings();
944
  }
945
 
952
 
953
  $rul_rules = $wpdb->get_results('SELECT rul_type, rul_value, rul_url, rul_url_logout, rul_order FROM ' . $rul_db_addresses . ' ORDER BY rul_type, rul_order, rul_value', ARRAY_N);
954
 
955
+ $rul_usernamevalues = '';
956
+ $rul_rolevalues = '';
957
+ $rul_levelvalues = '';
958
  $rul_usernames_existing = array();
959
+ $rul_roles_existing = array();
960
+ $rul_levels_existing = array();
961
 
962
+ if ($rul_rules) {
 
963
 
964
+ $i = 0;
965
+ $i_user = 0;
966
+ $i_role = 0;
967
  $i_level = 0;
968
 
969
+ while ($i < count($rul_rules)) {
 
970
 
971
+ list($rul_type, $rul_value, $rul_url, $rul_url_logout, $rul_order) = $rul_rules[$i];
972
 
973
  // Specific users
974
+ if ($rul_type == 'user') {
 
975
  $rul_usernamevalues .= '<form name="rul_username_edit_form[' . $i_user . ']" action="?page=' . basename(__FILE__) . '" method="post">';
976
  $rul_usernamevalues .= '<tr>';
977
+ $rul_usernamevalues .= '<td><p><input type="hidden" name="rul_username" value="' . htmlspecialchars($rul_value) . '" /> ' . $rul_value . '</p></td>';
978
  $rul_usernamevalues .= '<td>';
979
+ $rul_usernamevalues .= '<p>' . __('Login URL', 'peters-login-redirect') . '<br /><input type="text" size="90" maxlength="500" name="rul_username_address" value="' . htmlspecialchars($rul_url) . '" /></p>';
980
+ $rul_usernamevalues .= '<p>' . __('Logout URL', 'peters-login-redirect') . '<br /><input type="text" size="60" maxlength="500" name="rul_username_logout" value="' . htmlspecialchars($rul_url_logout) . '" /></p>';
981
  $rul_usernamevalues .= '</td>';
982
  $rul_usernamevalues .= '<td><p>';
983
+ $rul_usernamevalues .= '<input class="button button-primary" name="rul_username_edit" type="submit" value="' . __('Edit', 'peters-login-redirect') . '" /> <input type="submit" class="button" name="rul_username_delete" value="' . __('Delete', 'peters-login-redirect') . '" />';
984
+ $rul_usernamevalues .= wp_nonce_field('rul_user_edit', '_wpnonce', true, false);
985
  $rul_usernamevalues .= '</p></td>';
986
  $rul_usernamevalues .= '</tr>';
987
  $rul_usernamevalues .= '</form>';
989
  $rul_usernames_existing[] = $rul_value;
990
 
991
  ++$i_user;
992
+ } elseif ($rul_type == 'role') {
 
 
 
993
  $rul_rolevalues .= '<form name="rul_role_edit_form[' . $i_role . ']" action="?page=' . basename(__FILE__) . '" method="post">';
994
  $rul_rolevalues .= '<tr>';
995
+ $rul_rolevalues .= '<td><p><input type="hidden" name="rul_role" value="' . htmlspecialchars($rul_value) . '" /> ' . $rul_value . '</p></td>';
996
  $rul_rolevalues .= '<td>';
997
+ $rul_rolevalues .= '<p>' . __('Login URL', 'peters-login-redirect') . '<br /><input type="text" size="90" maxlength="500" name="rul_role_address" value="' . htmlspecialchars($rul_url) . '" /></p>';
998
+ $rul_rolevalues .= '<p>' . __('Logout URL', 'peters-login-redirect') . '<br /><input type="text" size="60" maxlength="500" name="rul_role_logout" value="' . htmlspecialchars($rul_url_logout) . '" /></p>';
999
  $rul_rolevalues .= '</td>';
1000
  $rul_rolevalues .= '<td><p>';
1001
+ $rul_rolevalues .= '<input class="button button-primary" name="rul_role_edit" type="submit" value="' . __('Edit', 'peters-login-redirect') . '" /> <input type="submit" class="button" name="rul_role_delete" value="' . __('Delete', 'peters-login-redirect') . '" />';
1002
+ $rul_rolevalues .= wp_nonce_field('rul_role_edit', '_wpnonce', true, false);
1003
  $rul_rolevalues .= '</p></td>';
1004
  $rul_rolevalues .= '</tr>';
1005
  $rul_rolevalues .= '</form>';
1007
  $rul_roles_existing[$rul_value] = '';
1008
 
1009
  ++$i_role;
1010
+ } elseif ($rul_type == 'level') {
 
 
1011
  $rul_levelvalues .= '<form name="rul_level_edit_form[' . $i_level . ']" action="?page=' . basename(__FILE__) . '" method="post">';
1012
  $rul_levelvalues .= '<tr>';
1013
+ $rul_levelvalues .= '<td><p><input type="hidden" name="rul_level" value="' . htmlspecialchars($rul_value) . '" /> ' . $rul_value . '</p></td>';
1014
  $rul_levelvalues .= '<td>';
1015
+ $rul_levelvalues .= '<p>' . __('Login URL', 'peters-login-redirect') . '<br /><input type="text" size="90" maxlength="500" name="rul_level_address" value="' . htmlspecialchars($rul_url) . '" /></p>';
1016
+ $rul_levelvalues .= '<p>' . __('Logout URL', 'peters-login-redirect') . '<br /><input type="text" size="60" maxlength="500" name="rul_level_logout" value="' . htmlspecialchars($rul_url_logout) . '" /></p>';
1017
  $rul_levelvalues .= '</td>';
1018
  $rul_levelvalues .= '<td><p><input name="rul_level_order" type="text" size="2" maxlength="2" value="' . $rul_order . '" /></td>';
1019
  $rul_levelvalues .= '<td><p>';
1020
+ $rul_levelvalues .= '<input class="button button-primary" name="rul_level_edit" type="submit" value="' . __('Edit', 'peters-login-redirect') . '" /> <input type="submit" class="button" name="rul_level_delete" value="' . __('Delete', 'peters-login-redirect') . '" />';
1021
+ $rul_levelvalues .= wp_nonce_field('rul_level_edit', '_wpnonce', true, false);
1022
  $rul_levelvalues .= '</p></td>';
1023
  $rul_levelvalues .= '</tr>';
1024
  $rul_levelvalues .= '</form>';
1026
  $rul_levels_existing[$rul_value] = '';
1027
 
1028
  ++$i_level;
1029
+ } elseif ($rul_type == 'all') {
1030
+ $rul_allvalue = $rul_url;
 
 
1031
  $rul_allvalue_logout = $rul_url_logout;
1032
+ } elseif ($rul_type == 'register') {
 
 
1033
  $rul_registervalue = $rul_url;
1034
  }
1035
  ++$i;
1036
  }
1037
 
1038
  }
1039
+ ?>
1040
+ <div class="wrap">
1041
+ <h2><?php _e('Manage redirect rules', 'peters-login-redirect'); ?></h2>
1042
+ <?php print $rul_process_submit; ?>
1043
+ <p><?php _e('Define custom URLs to which different users, users with specific roles, users with specific levels, and all other users will be redirected upon login.', 'peters-login-redirect'); ?></p>
1044
+ <p><?php _e('Define a custom URL to which all users will be redirected upon logout', 'peters-login-redirect'); ?></p>
1045
+ <p><?php _e('Note that you can use the syntax <strong>[variable]username[/variable]</strong> in your URLs so that the system will build a dynamic URL upon each login, replacing that text with the users username.', 'peters-login-redirect'); ?></p>
1046
+
1047
+ <h3><?php _e('Specific users', 'peters-login-redirect'); ?></h3>
1048
+ <?php
1049
+ if ($rul_usernamevalues) {
 
1050
  print '<table class="widefat">';
1051
  print $rul_usernamevalues;
1052
  print '</table>';
1053
  }
1054
+ ?>
1055
+
1056
+ <form name="rul_username_add_form" action="<?php print '?page=' . basename(__FILE__); ?>" method="post">
1057
+ <p><?php _e('Add:', 'peters-login-redirect'); ?>
1058
+ <select name="rul_username">
1059
+ <option value="-1"><?php _e('Select a username', 'peters-login-redirect'); ?></option>
1060
+ <?php print rul_returnusernames($rul_usernames_existing); ?>
1061
+ </select>
1062
+ <br/><?php _e('URL:', 'peters-login-redirect'); ?>
1063
+ <input type="text" size="90" maxlength="500" name="rul_username_address"/>
1064
+ <br/><?php _e('Logout URL:', 'peters-login-redirect'); ?>
1065
+ <input type="text" size="90" maxlength="500" name="rul_username_logout"/>
1066
+ </p>
1067
+ <p class="submit">
1068
+ <input type="submit" class="button button-primary" name="rul_username_submit" value="<?php _e('Add username rule', 'peters-login-redirect'); ?>"/>
1069
+ <?php wp_nonce_field('rul_user_submit'); ?>
1070
+ </p>
1071
+ </form>
1072
+
1073
+ <h3><?php _e('Specific roles', 'peters-login-redirect'); ?></h3>
1074
+ <?php
1075
+ if ($rul_rolevalues) {
1076
  print '<table class="widefat">';
1077
  print $rul_rolevalues;
1078
  print '</table>';
1079
  }
1080
+ ?>
1081
+
1082
+ <form name="rul_role_add_form" action="<?php print '?page=' . basename(__FILE__); ?>" method="post">
1083
+ <p><?php _e('Add:', 'peters-login-redirect'); ?>
1084
+ <select name="rul_role">
1085
+ <option value="-1"><?php _e('Select a role', 'peters-login-redirect'); ?></option>
1086
+ <?php print rul_returnroleoptions($rul_roles_existing); ?>
1087
+ </select>
1088
+ <br/><?php _e('URL:', 'peters-login-redirect'); ?>
1089
+ <input type="text" size="90" maxlength="500" name="rul_role_address"/>
1090
+ <br/><?php _e('Logout URL:', 'peters-login-redirect'); ?>
1091
+ <input type="text" size="90" maxlength="500" name="rul_role_logout"/>
1092
+ </p>
1093
+ <p class="submit">
1094
+ <input type="submit" class="button button-primary" name="rul_role_submit" value="<?php _e('Add role rule', 'peters-login-redirect'); ?>"/>
1095
+ <?php wp_nonce_field('rul_role_submit'); ?>
1096
+ </p>
1097
+ </form>
1098
+
1099
+ <h3><?php _e('Specific levels', 'peters-login-redirect'); ?></h3>
1100
+ <?php
1101
+ if ($rul_levelvalues) {
1102
  print '<table class="widefat">';
1103
+ ?>
1104
  <tr>
1105
  <th></th>
1106
  <th></th>
1107
+ <th><?php _e('Order', 'peters-login-redirect'); ?></th>
1108
  <th></th>
1109
  </tr>
1110
+ <?php
1111
  print $rul_levelvalues;
1112
  print '</table>';
1113
  }
1114
+ ?>
1115
+
1116
+ <form name="rul_level_add_form" action="<?php print '?page=' . basename(__FILE__); ?>" method="post">
1117
+ <p><?php _e('Add:', 'peters-login-redirect'); ?>
1118
+ <select name="rul_level">
1119
+ <option value="-1"><?php _e('Select a level', 'peters-login-redirect'); ?></option>
1120
+ <?php print rul_returnleveloptions($rul_levels_existing); ?>
1121
+ </select>
1122
+ <br/><?php _e('Order:', 'peters-login-redirect'); ?>
1123
+ <input type="text" size="2" maxlength="2" name="rul_level_order"/>
1124
+ <br/><?php _e('URL:', 'peters-login-redirect'); ?>
1125
+ <input type="text" size="90" maxlength="500" name="rul_level_address"/>
1126
+ <br/><?php _e('Logout URL:', 'peters-login-redirect'); ?>
1127
+ <input type="text" size="90" maxlength="500" name="rul_level_logout"/>
1128
+ </p>
1129
+ <p class="submit">
1130
+ <input type="submit" class="button button-primary" name="rul_level_submit" value="<?php _e('Add level rule', 'peters-login-redirect'); ?>"/>
1131
+ <?php wp_nonce_field('rul_level_submit'); ?>
1132
+ </p>
1133
+ </form>
1134
+
1135
+ <h3><?php _e('All other users', 'peters-login-redirect'); ?></h3>
1136
+ <form name="rul_allform" method="post">
1137
+ <p><?php _e('URL:', 'peters-login-redirect') ?>
1138
+ <input type="text" size="90" maxlength="500" name="rul_all" value="<?php print htmlspecialchars($rul_allvalue); ?>"/>
1139
+ </p>
1140
+ <p><?php _e('Logout URL:', 'peters-login-redirect') ?>
1141
+ <input type="text" size="90" maxlength="500" name="rul_all_logout" value="<?php print htmlspecialchars($rul_allvalue_logout); ?>"/>
1142
+ </p>
1143
+ <p class="submit">
1144
+ <input type="submit" class="button button-primary" name="rul_allupdatesubmit" value="<?php _e('Update', 'peters-login-redirect'); ?>"/>
1145
+ <input type="submit" class="button" name="rul_alldeletesubmit" value="<?php _e('Delete', 'peters-login-redirect'); ?>"/>
1146
+ <?php wp_nonce_field('rul_allupdatesubmit'); ?>
1147
+ </p>
1148
+ </form>
1149
+
1150
+ <hr/>
1151
+
1152
+ <h3><?php _e('Post-registration', 'peters-login-redirect'); ?></h3>
1153
+ <form name="rul_registerform" method="post">
1154
+ <p><?php _e('URL:', 'peters-login-redirect') ?>
1155
+ <input type="text" size="90" maxlength="500" name="rul_register" value="<?php print htmlspecialchars($rul_registervalue); ?>"/>
1156
+ </p>
1157
+ <p class="submit">
1158
+ <input type="submit" class="button button-primary" name="rul_registerupdatesubmit" value="<?php _e('Update', 'peters-login-redirect'); ?>"/>
1159
+ <input type="submit" class="button" name="rul_registerdeletesubmit" value="<?php _e('Delete', 'peters-login-redirect'); ?>"/>
1160
+ <?php wp_nonce_field('rul_registerupdatesubmit'); ?>
1161
+ </p>
1162
+ </form>
1163
+
1164
+ <hr/>
1165
+
1166
+ <h3><?php _e('Customize plugin settings', 'peters-login-redirect'); ?></h3>
1167
+ <form name="rul_settingsform" method="post">
1168
+ <table class="widefat">
1169
+ <tr>
1170
+ <td>
1171
+ <p>
1172
+ <strong><?php _e('Allow a POST or GET &#34;redirect_to&#34; variable to take redirect precedence', 'peters-login-redirect'); ?></strong>
1173
+ </p>
1174
+ </td>
1175
+ <td>
1176
+ <select name="rul_allow_post_redirect_override">
1177
+ <option value="1"<?php if ($rul_settings['rul_allow_post_redirect_override']) print ' selected="selected"'; ?>><?php _e('Yes', 'peters-login-redirect'); ?></option>
1178
+ <option value="0"<?php if ( ! $rul_settings['rul_allow_post_redirect_override']) print ' selected="selected"'; ?>><?php _e('No', 'peters-login-redirect'); ?></option>
1179
+ </select>
1180
+ </td>
1181
+ </tr>
1182
+ <tr>
1183
+ <td>
1184
+ <p>
1185
+ <strong><?php _e('Allow a POST or GET &#34;redirect_to&#34; logout variable to take redirect precedence', 'peters-login-redirect'); ?></strong>
1186
+ </p>
1187
+ </td>
1188
+ <td>
1189
+ <select name="rul_allow_post_redirect_override_logout">
1190
+ <option value="1"<?php if ($rul_settings['rul_allow_post_redirect_override_logout']) print ' selected="selected"'; ?>><?php _e('Yes', 'peters-login-redirect'); ?></option>
1191
+ <option value="0"<?php if ( ! $rul_settings['rul_allow_post_redirect_override_logout']) print ' selected="selected"'; ?>><?php _e('No', 'peters-login-redirect'); ?></option>
1192
+ </select>
1193
+ </td>
1194
+ </tr>
1195
+ </table>
1196
+ <p class="submit">
1197
+ <input class="button button-primary" name="rul_settingssubmit" type="submit" value="<?php _e('Update', 'peters-login-redirect'); ?>"/>
1198
+ <?php wp_nonce_field('settings'); ?>
1199
+ </p>
1200
+ </form>
1201
+ </div>
1202
+ <?php
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1203
  } // close rul_optionsmenu()
1204
 
1205
  /*
1213
  global $wpdb, $rul_version, $rul_db_addresses;
1214
 
1215
  // Turn version into an integer for comparisons
1216
+ $current_version = intval(str_replace('.', '', get_option('rul_version')));
1217
 
1218
+ if ($current_version < 220) {
1219
+ $wpdb->query("ALTER TABLE `$rul_db_addresses` ADD `rul_url_logout` LONGTEXT NOT NULL default '' AFTER `rul_url`");
 
1220
  }
1221
 
1222
+ if ($current_version < 250) {
 
1223
  // Insert the "on-register" redirect entry
1224
 
1225
+ $wpdb->query("ALTER TABLE `$rul_db_addresses` CHANGE `rul_type` `rul_type` ENUM( 'user', 'role', 'level', 'all', 'register' ) NOT NULL");
1226
+ $wpdb->insert($rul_db_addresses,
1227
+ array('rul_type' => 'register')
1228
  );
1229
  }
1230
 
1231
+ if ($current_version < 253) {
 
1232
  // Allow NULL values for non-essential fields
1233
+ $wpdb->query("ALTER TABLE `$rul_db_addresses` CHANGE `rul_value` `rul_value` varchar(255) NULL default NULL");
1234
+ $wpdb->query("ALTER TABLE `$rul_db_addresses` CHANGE `rul_url` `rul_url` LONGTEXT NULL default NULL");
1235
+ $wpdb->query("ALTER TABLE `$rul_db_addresses` CHANGE `rul_url_logout` `rul_url_logout` LONGTEXT NULL default NULL");
1236
  }
1237
 
1238
+ if ($current_version < 291) {
 
 
 
 
 
 
 
1239
  // Reduce size of rul_value field to support utf8mb4 character encoding
1240
+ $wpdb->query("ALTER TABLE `$rul_db_addresses` CHANGE `rul_value` `rul_value` varchar(191) NULL default NULL");
1241
  }
1242
 
1243
+ if ($current_version != intval(str_replace('.', '', $rul_version))) {
 
1244
  // Add the version number to the database
1245
+ delete_option('rul_version');
1246
+ add_option('rul_version', $rul_version, '', 'no');
1247
  }
1248
  }
1249
+
1250
  function rul_install()
1251
  {
1252
  global $wpdb, $rul_db_addresses, $rul_version;
1253
 
1254
  // Add the table to hold group information and moderator rules
1255
+ if ($rul_db_addresses != $wpdb->get_var("SHOW TABLES LIKE '$rul_db_addresses'")) {
 
1256
  $sql = "CREATE TABLE $rul_db_addresses (
1257
  `rul_type` enum('user','role','level','all','register') NOT NULL,
1258
  `rul_value` varchar(191) NULL default NULL,
1265
  $wpdb->query($sql);
1266
 
1267
  // Insert the "all" redirect entry
1268
+ $wpdb->insert($rul_db_addresses,
1269
+ array('rul_type' => 'all')
1270
  );
1271
 
1272
  // Insert the "on-register" redirect entry
1273
+ $wpdb->insert($rul_db_addresses,
1274
+ array('rul_type' => 'register')
1275
  );
1276
 
1277
  // Set the version number in the database
1278
+ add_option('rul_version', $rul_version, '', 'no');
1279
  }
1280
 
1281
  rul_upgrade();
1286
  global $wpdb, $rul_db_addresses;
1287
 
1288
  // Remove the table we created
1289
+ if ($rul_db_addresses == $wpdb->get_var('SHOW TABLES LIKE \'' . $rul_db_addresses . '\'')) {
 
1290
  $sql = 'DROP TABLE ' . $rul_db_addresses;
1291
  $wpdb->query($sql);
1292
  }
1293
 
1294
+ delete_option('rul_version');
1295
+ delete_option('rul_settings');
1296
  }
1297
 
1298
  function rul_addoptionsmenu()
1299
  {
1300
+ add_options_page('Login/logout redirects', 'Login/logout redirects', 'manage_categories', 'wplogin_redirect.php', 'rul_optionsmenu');
 
1301
  }
1302
 
1303
+ add_action('admin_menu', 'rul_addoptionsmenu', 1);
1304
  }
1305
 
1306
+ register_activation_hook(__FILE__, 'rul_install');
1307
+ register_uninstall_hook(__FILE__, 'rul_uninstall');
1308
+
1309
+ add_filter('login_redirect', 'redirect_wrapper', 999999999, 3);
1310
+ add_filter('registration_redirect', array('rulRedirectPostRegistration', 'post_registration_wrapper'), 10, 2);
1311
+ // whichever one works. directly below might not work if wp_logout function is redefined before ours kicks in.
1312
+ add_action('wp_logout', array('rulLogoutFunctionCollection', 'logout_redirect'), 1);
1313
+ add_filter('logout_redirect', array('rulLogoutFunctionCollection', 'logout_redirect_2'), 999999999, 3);
wplogin_redirect_control.php DELETED
@@ -1,17 +0,0 @@
1
- <?php
2
- // This assumes that this files sits in "wp-content/plugins/peters-login-redirect/wplogin_redirect_control.php" and that you haven't moved your wp-content folder
3
- if( file_exists( '../../../wp-load.php' ) )
4
- {
5
- include '../../../wp-load.php';
6
- }
7
- else
8
- {
9
- print 'Plugin paths not configured correctly.';
10
- }
11
-
12
- $current_user = wp_get_current_user();
13
- $redirect_to = admin_url();
14
- $redirect_url = redirect_wrapper( $redirect_to, '', $current_user );
15
- wp_redirect( $redirect_url );
16
- die();
17
- ?>