Version Description
Download this release
Release Info
Developer | jakemgold |
Plugin | Restricted Site Access |
Version | 1.0 |
Comparing to | |
See all releases |
Version 1.0
- readme.txt +52 -0
- restricted_site_access.php +215 -0
- screenshot-1.png +0 -0
readme.txt
ADDED
@@ -0,0 +1,52 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
=== Restricted Site Access ===
|
2 |
+
Contributors: Jacob M Goldman (C. Murray Consulting)
|
3 |
+
Donate link: http://www.cmurrayconsulting.com/software/wordpress-restricted-site-access/
|
4 |
+
Tags: restricted, limited, permissions, security
|
5 |
+
Requires at least: 2.8
|
6 |
+
Tested up to: 2.8.4
|
7 |
+
Stable tag: 1.0
|
8 |
+
|
9 |
+
Limit access to your site to visitors who are logged in or accessing the site from a set of specific IP addresses.
|
10 |
+
Send restricted visitors to the log in page, redirect them, or display a message. Powerful control over
|
11 |
+
redirection, with option to send to same path and send SEO friendly redirect headers. Great solution for
|
12 |
+
Extranets, publicly hosted Intranets, or parallel development sites.
|
13 |
+
|
14 |
+
|
15 |
+
== Description ==
|
16 |
+
|
17 |
+
Limit access your site to visitors who are logged in or accessing the site from a set of specific IP addresses.
|
18 |
+
Send restricted visitors to the log in page, redirect them, or display a message. A great solution for
|
19 |
+
Extranets, publicly hosted Intranets, or parallel development sites.
|
20 |
+
|
21 |
+
It includes an easy to use configuration panel inside the WordPress settings menu. From this panel you can:
|
22 |
+
|
23 |
+
1. Enable and disable access restriction at will
|
24 |
+
2. Change the restriction behavior: send to login, redirect, or display a message.
|
25 |
+
3. Add IP addresses not subject to restriction.
|
26 |
+
4. Quickly add your current IP to the restriction list.
|
27 |
+
5. Control the redirect location.
|
28 |
+
6. Choose to redirect visitors to the same path that they entered the current site on
|
29 |
+
7. Choose the HTTP redirect message for SEO friendliness
|
30 |
+
|
31 |
+
|
32 |
+
== Installation ==
|
33 |
+
|
34 |
+
1. Install easily with the WordPress plugin control panel or manually download the plugin and upload the extracted
|
35 |
+
folder to the `/wp-content/plugins/` directory
|
36 |
+
2. Activate the plugin through the 'Plugins' menu in WordPress
|
37 |
+
3. Configure the plugin by going to the "Restricted Access" menu item under "Settings"
|
38 |
+
|
39 |
+
|
40 |
+
== Screenshots ==
|
41 |
+
|
42 |
+
1. Sceenshot of configuration page.
|
43 |
+
|
44 |
+
|
45 |
+
== Coming soon ==
|
46 |
+
|
47 |
+
Planned enhancements:
|
48 |
+
|
49 |
+
1. Customize restricted access message
|
50 |
+
2. Restriction based on user level (vs is logged in)
|
51 |
+
3. Exclude pages or posts from restrictions
|
52 |
+
4. Enter IP ranges
|
restricted_site_access.php
ADDED
@@ -0,0 +1,215 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
Plugin Name: Restricted Site Access
|
4 |
+
Plugin URI: http://www.cmurrayconsulting.com/software/wordpress-restricted-site-access/
|
5 |
+
Description: <strong>Limit access your site</strong> to visitors who are logged in or accessing the site from a set of specific IP addresses. Send restricted visitors to the log in page, redirect them, or display a message. <strong>Powerful control over redirection</strong>, with option to send to same path and send <strong>SEO friendly redirect headers</strong>. Great solution for Extranets, publicly hosted Intranets, or parallel development sites.
|
6 |
+
Version: 1.0
|
7 |
+
Author: Jacob M Goldman (C. Murray Consulting)
|
8 |
+
Author URI: http://www.cmurrayconsulting.com
|
9 |
+
|
10 |
+
Plugin: Copyright 2009 C. Murray Consulting (email : jake@cmurrayconsulting.com)
|
11 |
+
|
12 |
+
This program is free software; you can redistribute it and/or modify
|
13 |
+
it under the terms of the GNU General Public License as published by
|
14 |
+
the Free Software Foundation; either version 2 of the License, or
|
15 |
+
(at your option) any later version.
|
16 |
+
|
17 |
+
This program is distributed in the hope that it will be useful,
|
18 |
+
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
19 |
+
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
20 |
+
GNU General Public License for more details.
|
21 |
+
|
22 |
+
You should have received a copy of the GNU General Public License
|
23 |
+
along with this program; if not, write to the Free Software
|
24 |
+
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
25 |
+
*/
|
26 |
+
|
27 |
+
|
28 |
+
//*********//
|
29 |
+
//PLUG INIT//
|
30 |
+
//*********//
|
31 |
+
function rsa_admin_init() {
|
32 |
+
register_setting('rsa-options', 'rsa_is_active');
|
33 |
+
register_setting('rsa-options', 'rsa_allowed_ips');
|
34 |
+
register_setting('rsa-options', 'rsa_restrict_approach');
|
35 |
+
/*
|
36 |
+
1: send to login page
|
37 |
+
2: redirect to URL
|
38 |
+
3: show restricted access message and exit
|
39 |
+
*/
|
40 |
+
register_setting('rsa-options', 'rsa_redirect_path');
|
41 |
+
register_setting('rsa-options', 'rsa_redirect_url');
|
42 |
+
register_setting('rsa-options', 'rsa_redirect_head');
|
43 |
+
}
|
44 |
+
add_action( 'admin_init', 'rsa_admin_init' );
|
45 |
+
|
46 |
+
function rsa_plugin_actlinks( $links ) {
|
47 |
+
// Add a link to this plugin's settings page
|
48 |
+
$plugin = plugin_basename(__FILE__);
|
49 |
+
$settings_link = sprintf( '<a href="options-general.php?page=%s">%s</a>', $plugin, __('Settings') );
|
50 |
+
array_unshift( $links, $settings_link );
|
51 |
+
return $links;
|
52 |
+
}
|
53 |
+
if(is_admin()) add_filter("plugin_action_links_".$plugin, 'rsa_plugin_actlinks' );
|
54 |
+
|
55 |
+
//*******************//
|
56 |
+
//***CORE FUNCTION***//
|
57 |
+
//*******************//
|
58 |
+
|
59 |
+
function restricted_site_access() {
|
60 |
+
//logged in users can stay, can stay if plug-in not active
|
61 |
+
if (is_user_logged_in() || get_option('rsa_is_active') != 1 || strstr($_SERVER['REQUEST_URI'],"wp-login.php")) return false;
|
62 |
+
//check if the IP is allowed
|
63 |
+
if (strstr(get_option('rsa_allowed_ips'),$_SERVER['REMOTE_ADDR'])) return false;
|
64 |
+
|
65 |
+
$rsa_restrict_approach = intval(get_option('rsa_restrict_approach'));
|
66 |
+
switch ($rsa_restrict_approach) {
|
67 |
+
case 1:
|
68 |
+
header('Location: '.wp_login_url(get_permalink()));
|
69 |
+
exit;
|
70 |
+
case 2:
|
71 |
+
// get base url
|
72 |
+
$rsa_redirect_url = get_option('rsa_redirect_url');
|
73 |
+
if (!$rsa_redirect_url) return false;
|
74 |
+
|
75 |
+
// if redirecting to same path get info
|
76 |
+
if(get_option('rsa_redirect_path') == 1) {
|
77 |
+
$url_path = $_SERVER["REQUEST_URI"];
|
78 |
+
$rsa_redirect_url = $rsa_redirect_url.$url_path;
|
79 |
+
}
|
80 |
+
|
81 |
+
$rsa_redirect_head = get_option('rsa_redirect_head');
|
82 |
+
if($rsa_redirect_head) header($rsa_redirect_head);
|
83 |
+
|
84 |
+
header ('Location: '.$rsa_redirect_url);
|
85 |
+
exit;
|
86 |
+
case 3:
|
87 |
+
exit("Access to this site is restricted.");
|
88 |
+
}
|
89 |
+
}
|
90 |
+
if(!is_admin()) add_action('init','restricted_site_access');
|
91 |
+
|
92 |
+
//************************//
|
93 |
+
//** ADMIN CONTROL PANEL *//
|
94 |
+
//************************//
|
95 |
+
|
96 |
+
function rsa_options() {
|
97 |
+
?>
|
98 |
+
<script type="text/javascript" language="javascript">
|
99 |
+
function add_my_ip() {
|
100 |
+
var rsa_allowed_ips = jQuery('#rsa_allowed_ips').val() + ' <?php echo $_SERVER['REMOTE_ADDR']; ?>';
|
101 |
+
jQuery('#rsa_allowed_ips').val(jQuery.trim(rsa_allowed_ips));
|
102 |
+
return false;
|
103 |
+
}
|
104 |
+
|
105 |
+
function change_approach(approach_choice) {
|
106 |
+
if (approach_choice == 2) jQuery("tr.redirect_field").fadeIn(500);
|
107 |
+
else jQuery("tr.redirect_field").fadeOut(500);
|
108 |
+
}
|
109 |
+
|
110 |
+
function check_redirect() {
|
111 |
+
if (jQuery("#rsa_is_active:checked").val() == 1 && jQuery("#rsa_restrict_approach").val() == 0) {
|
112 |
+
alert('When restricted access is turned on, restriction handling must be selected.');
|
113 |
+
jQuery("#rsa_restrict_approach").focus();
|
114 |
+
return false;
|
115 |
+
}
|
116 |
+
if (jQuery("#rsa_restrict_approach").val() != 2) return true;
|
117 |
+
var redirect_url = jQuery("#rsa_redirect_url").val();
|
118 |
+
if (redirect_url.substring(0,7) != "http://" && redirect_url.substring(0,8) != "https://") {
|
119 |
+
alert('The redirect location must be a valid URL starting with http:// or https://.');
|
120 |
+
jQuery("#rsa_redirect_url").focus();
|
121 |
+
return false;
|
122 |
+
}
|
123 |
+
return true;
|
124 |
+
}
|
125 |
+
</script>
|
126 |
+
<div class="wrap">
|
127 |
+
<h2>Restricted Site Access Configuration</h2>
|
128 |
+
|
129 |
+
<div id="poststuff" style="margin-top: 20px;">
|
130 |
+
|
131 |
+
<div class="postbox" style="width: 215px; min-width: 215px; float: right;">
|
132 |
+
<h3 class="hndle">Support us</h3>
|
133 |
+
<div class="inside">
|
134 |
+
<p>Help support continued development of Restricted Site Access and our other plugins.</p>
|
135 |
+
<p>The best thing you can do is <strong>refer someone looking for web development or strategy work <a href="http://www.cmurrayconsulting.com" target="_blank">to our company</a></strong>. Learn more about our <a href="http://www.cmurrayconsulting.com/services/partners/wordpress-developer/" target="_blank">Wordpress experience and services</a>.</p>
|
136 |
+
<p>Short of that, please consider a donation. If you cannot afford even a small donation, please consider providing a link to our website, maybe in a blog post acknowledging this plugin.</p>
|
137 |
+
<form method="post" action="https://www.paypal.com/cgi-bin/webscr" style="text-align: left;">
|
138 |
+
<input type="hidden" value="_s-xclick" name="cmd"/>
|
139 |
+
<input type="hidden" value="3377715" name="hosted_button_id"/>
|
140 |
+
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" name="submit" alt="PayPal - The safer, easier way to pay online!"/> <img height="1" border="0" width="1" alt="" src="https://www.paypal.com/en_US/i/scr/pixel.gif"/><br/>
|
141 |
+
</form>
|
142 |
+
<p><strong><a href="http://www.cmurrayconsulting.com/software/wordpress-restricted-site-access/">Support page</a></strong></p>
|
143 |
+
</div>
|
144 |
+
</div>
|
145 |
+
|
146 |
+
<form method="post" action="options.php" onsubmit="return check_redirect();">
|
147 |
+
<?php settings_fields('rsa-options'); ?>
|
148 |
+
<div class="postbox" style="width: 350px;">
|
149 |
+
<h3 class="hndle">Options</h3>
|
150 |
+
<div class="inside">
|
151 |
+
<table class="form-table" style="clear: none;">
|
152 |
+
<tr valign="top">
|
153 |
+
<th scope="row" valign="top">Restrict access [<a href="#" onclick="alert('Activates the plug-in and restriction rules.'); return false;" style="cursor: help;">?</a>]</th>
|
154 |
+
<td style="padding: 10px;"><input type="checkbox" name="rsa_is_active" value="1" id="rsa_is_active"<?php if (get_option('rsa_is_active')) { echo ' checked="true"'; } ?> /></td>
|
155 |
+
</tr>
|
156 |
+
<tr valign="top">
|
157 |
+
<th scope="row" style="vertical-align: middle;">Restriction Handling [<a href="#" onclick="alert('Choose the method for handling visitors who do not have access. You may send them to the login page for the current site, redirect them, or simply output a message indicating that the site is restricted.'); return false;" style="cursor: help;">?</a>]</th>
|
158 |
+
<td style="padding: 10px;">
|
159 |
+
<select name="rsa_restrict_approach" id="rsa_restrict_approach" onchange="change_approach(selectedIndex);">
|
160 |
+
<?php $rsa_restrict_approach = intval(get_option('rsa_restrict_approach')); ?>
|
161 |
+
<option value="0"<?php if (!$rsa_restrict_approach) echo ' selected="selected"'; ?>>Select handling</option>
|
162 |
+
<option value="1"<?php if ($rsa_restrict_approach == 1) echo ' selected="selected"'; ?>>Send to login page</option>
|
163 |
+
<option value="2"<?php if ($rsa_restrict_approach == 2) echo ' selected="selected"'; ?>>Redirect visitor</option>
|
164 |
+
<option value="3"<?php if ($rsa_restrict_approach == 3) echo ' selected="selected"'; ?>>Display message</option>
|
165 |
+
</select>
|
166 |
+
</td>
|
167 |
+
</tr>
|
168 |
+
<tr valign="top">
|
169 |
+
<th scope="row" style="padding-top: 15px;">Allowed IPs [<a href="#" onclick="alert('Enter WAN IP addresses that are allowed access without logging in into this field. Best practice is to seperate IPs with a space, line break, comma, or semicolon. You may leave this field blank to restrict all IPs.'); return false;" style="cursor: help;">?</a>]</th>
|
170 |
+
<td style="padding: 10px;">
|
171 |
+
<textarea name="rsa_allowed_ips" id="rsa_allowed_ips" rows="5" style="width: 100%;"><?php echo get_option('rsa_allowed_ips'); ?></textarea>
|
172 |
+
<small> <a href="#" onclick="return add_my_ip();">add my current IP</a></small>
|
173 |
+
</td>
|
174 |
+
</tr>
|
175 |
+
|
176 |
+
<tr valign="top" class="redirect_field"<?php if ($rsa_restrict_approach != 2) echo ' style="display: none;"'; ?>>
|
177 |
+
<th scope="row" style="vertical-align: middle;">Redirect to [<a href="#" onclick="alert('Enter the URL that the visitor should be redirected to.'); return false;" style="cursor: help;">?</a>]</th>
|
178 |
+
<td style="padding: 10px;"><input type="text" name="rsa_redirect_url" id="rsa_redirect_url" value="<?php echo get_option('rsa_redirect_url'); ?>" style="width: 100%;" /></td>
|
179 |
+
</tr>
|
180 |
+
<tr valign="top" class="redirect_field"<?php if ($rsa_restrict_approach != 2) echo ' style="display: none;"'; ?>>
|
181 |
+
<th scope="row" valign="top" style="padding-top: 0;"><em>...with same path</em> [<a href="#" onclick="alert('If you would like to redirect the visitor to the same path (URI) he or she entered this site at (the rest of the URL after the base URL), check this option. This is typically used when there are two, very similar sites at different public web addresses; for instance, a development server open to the Internet but not intended for the public.'); return false;" style="cursor: help;">?</a>]</th>
|
182 |
+
<td style="padding-top: 0;"><input type="checkbox" name="rsa_redirect_path" value="1" id="rsa_redirect_path"<?php if (get_option('rsa_redirect_path')) { echo ' checked="true"'; } ?> /></td>
|
183 |
+
</tr>
|
184 |
+
<tr valign="top" class="redirect_field"<?php if ($rsa_restrict_approach != 2) echo ' style="display: none;"'; ?>>
|
185 |
+
<th scope="row" style="vertical-align: middle; padding-top: 0;">Redirect type header [<a href="#" onclick="alert('Redirect type headers can provide certain visitors, particularly search engines, more information about the nature of the redirect. A 301 redirect tells search engines that the page has moved permanently to the new location. 307 indicates a temporary redirect. 302 is an undefined redirect.'); return false;" style="cursor: help;">?</a>]</th>
|
186 |
+
<td style="padding-top: 0;">
|
187 |
+
<select name="rsa_redirect_head" id="rsa_redirect_head">
|
188 |
+
<?php $rsa_redirect_head = substr(get_option('rsa_redirect_head'),0,3); ?>
|
189 |
+
<option value="0"<?php if (!$rsa_redirect_head) echo ' selected="selected"'; ?>>none</option>
|
190 |
+
<option value="301 Moved Permanently HTTP/1.1"<?php if ($rsa_redirect_head == "301") echo ' selected="selected"'; ?>>301 Permanent</option>
|
191 |
+
<option value="302 Found HTTP/1.1"<?php if ($rsa_redirect_head == "302") echo ' selected="selected"'; ?>>302 Undefined</option>
|
192 |
+
<option value="307 Temporary Redirect HTTP/1.1"<?php if ($rsa_redirect_head == "307") echo ' selected="selected"'; ?>>307 Temporary</option>
|
193 |
+
</select>
|
194 |
+
</td>
|
195 |
+
</tr>
|
196 |
+
</table>
|
197 |
+
</div>
|
198 |
+
</div>
|
199 |
+
|
200 |
+
<input type="hidden" name="action" value="update" />
|
201 |
+
<input type="hidden" name="page_options" value="rsa_is_active,rsa_restrict_approach,rsa_allowed_ips,rsa_redirect_path,rsa_redirect_head" />
|
202 |
+
|
203 |
+
<p><input type="submit" class="button-primary" value="<?php _e('Save Changes') ?>" /></p>
|
204 |
+
|
205 |
+
</form>
|
206 |
+
</div>
|
207 |
+
</div>
|
208 |
+
<?php
|
209 |
+
}
|
210 |
+
|
211 |
+
function rsa_admin_menu() {
|
212 |
+
add_options_page('Restricted Site Access Configuration', 'Restricted Access', 8, __FILE__, 'rsa_options');
|
213 |
+
}
|
214 |
+
add_action('admin_menu', 'rsa_admin_menu');
|
215 |
+
?>
|
screenshot-1.png
ADDED
Binary file
|