Restricted Site Access - Version 1.0

Version Description

Download this release

Release Info

Developer jakemgold
Plugin Icon 128x128 Restricted Site Access
Version 1.0
Comparing to
See all releases

Version 1.0

Files changed (3) hide show
  1. readme.txt +52 -0
  2. restricted_site_access.php +215 -0
  3. screenshot-1.png +0 -0
readme.txt ADDED
@@ -0,0 +1,52 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ === Restricted Site Access ===
2
+ Contributors: Jacob M Goldman (C. Murray Consulting)
3
+ Donate link: http://www.cmurrayconsulting.com/software/wordpress-restricted-site-access/
4
+ Tags: restricted, limited, permissions, security
5
+ Requires at least: 2.8
6
+ Tested up to: 2.8.4
7
+ Stable tag: 1.0
8
+
9
+ Limit access to your site to visitors who are logged in or accessing the site from a set of specific IP addresses.
10
+ Send restricted visitors to the log in page, redirect them, or display a message. Powerful control over
11
+ redirection, with option to send to same path and send SEO friendly redirect headers. Great solution for
12
+ Extranets, publicly hosted Intranets, or parallel development sites.
13
+
14
+
15
+ == Description ==
16
+
17
+ Limit access your site to visitors who are logged in or accessing the site from a set of specific IP addresses.
18
+ Send restricted visitors to the log in page, redirect them, or display a message. A great solution for
19
+ Extranets, publicly hosted Intranets, or parallel development sites.
20
+
21
+ It includes an easy to use configuration panel inside the WordPress settings menu. From this panel you can:
22
+
23
+ 1. Enable and disable access restriction at will
24
+ 2. Change the restriction behavior: send to login, redirect, or display a message.
25
+ 3. Add IP addresses not subject to restriction.
26
+ 4. Quickly add your current IP to the restriction list.
27
+ 5. Control the redirect location.
28
+ 6. Choose to redirect visitors to the same path that they entered the current site on
29
+ 7. Choose the HTTP redirect message for SEO friendliness
30
+
31
+
32
+ == Installation ==
33
+
34
+ 1. Install easily with the WordPress plugin control panel or manually download the plugin and upload the extracted
35
+ folder to the `/wp-content/plugins/` directory
36
+ 2. Activate the plugin through the 'Plugins' menu in WordPress
37
+ 3. Configure the plugin by going to the "Restricted Access" menu item under "Settings"
38
+
39
+
40
+ == Screenshots ==
41
+
42
+ 1. Sceenshot of configuration page.
43
+
44
+
45
+ == Coming soon ==
46
+
47
+ Planned enhancements:
48
+
49
+ 1. Customize restricted access message
50
+ 2. Restriction based on user level (vs is logged in)
51
+ 3. Exclude pages or posts from restrictions
52
+ 4. Enter IP ranges
restricted_site_access.php ADDED
@@ -0,0 +1,215 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ Plugin Name: Restricted Site Access
4
+ Plugin URI: http://www.cmurrayconsulting.com/software/wordpress-restricted-site-access/
5
+ Description: <strong>Limit access your site</strong> to visitors who are logged in or accessing the site from a set of specific IP addresses. Send restricted visitors to the log in page, redirect them, or display a message. <strong>Powerful control over redirection</strong>, with option to send to same path and send <strong>SEO friendly redirect headers</strong>. Great solution for Extranets, publicly hosted Intranets, or parallel development sites.
6
+ Version: 1.0
7
+ Author: Jacob M Goldman (C. Murray Consulting)
8
+ Author URI: http://www.cmurrayconsulting.com
9
+
10
+ Plugin: Copyright 2009 C. Murray Consulting (email : jake@cmurrayconsulting.com)
11
+
12
+ This program is free software; you can redistribute it and/or modify
13
+ it under the terms of the GNU General Public License as published by
14
+ the Free Software Foundation; either version 2 of the License, or
15
+ (at your option) any later version.
16
+
17
+ This program is distributed in the hope that it will be useful,
18
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
19
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20
+ GNU General Public License for more details.
21
+
22
+ You should have received a copy of the GNU General Public License
23
+ along with this program; if not, write to the Free Software
24
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
25
+ */
26
+
27
+
28
+ //*********//
29
+ //PLUG INIT//
30
+ //*********//
31
+ function rsa_admin_init() {
32
+ register_setting('rsa-options', 'rsa_is_active');
33
+ register_setting('rsa-options', 'rsa_allowed_ips');
34
+ register_setting('rsa-options', 'rsa_restrict_approach');
35
+ /*
36
+ 1: send to login page
37
+ 2: redirect to URL
38
+ 3: show restricted access message and exit
39
+ */
40
+ register_setting('rsa-options', 'rsa_redirect_path');
41
+ register_setting('rsa-options', 'rsa_redirect_url');
42
+ register_setting('rsa-options', 'rsa_redirect_head');
43
+ }
44
+ add_action( 'admin_init', 'rsa_admin_init' );
45
+
46
+ function rsa_plugin_actlinks( $links ) {
47
+ // Add a link to this plugin's settings page
48
+ $plugin = plugin_basename(__FILE__);
49
+ $settings_link = sprintf( '<a href="options-general.php?page=%s">%s</a>', $plugin, __('Settings') );
50
+ array_unshift( $links, $settings_link );
51
+ return $links;
52
+ }
53
+ if(is_admin()) add_filter("plugin_action_links_".$plugin, 'rsa_plugin_actlinks' );
54
+
55
+ //*******************//
56
+ //***CORE FUNCTION***//
57
+ //*******************//
58
+
59
+ function restricted_site_access() {
60
+ //logged in users can stay, can stay if plug-in not active
61
+ if (is_user_logged_in() || get_option('rsa_is_active') != 1 || strstr($_SERVER['REQUEST_URI'],"wp-login.php")) return false;
62
+ //check if the IP is allowed
63
+ if (strstr(get_option('rsa_allowed_ips'),$_SERVER['REMOTE_ADDR'])) return false;
64
+
65
+ $rsa_restrict_approach = intval(get_option('rsa_restrict_approach'));
66
+ switch ($rsa_restrict_approach) {
67
+ case 1:
68
+ header('Location: '.wp_login_url(get_permalink()));
69
+ exit;
70
+ case 2:
71
+ // get base url
72
+ $rsa_redirect_url = get_option('rsa_redirect_url');
73
+ if (!$rsa_redirect_url) return false;
74
+
75
+ // if redirecting to same path get info
76
+ if(get_option('rsa_redirect_path') == 1) {
77
+ $url_path = $_SERVER["REQUEST_URI"];
78
+ $rsa_redirect_url = $rsa_redirect_url.$url_path;
79
+ }
80
+
81
+ $rsa_redirect_head = get_option('rsa_redirect_head');
82
+ if($rsa_redirect_head) header($rsa_redirect_head);
83
+
84
+ header ('Location: '.$rsa_redirect_url);
85
+ exit;
86
+ case 3:
87
+ exit("Access to this site is restricted.");
88
+ }
89
+ }
90
+ if(!is_admin()) add_action('init','restricted_site_access');
91
+
92
+ //************************//
93
+ //** ADMIN CONTROL PANEL *//
94
+ //************************//
95
+
96
+ function rsa_options() {
97
+ ?>
98
+ <script type="text/javascript" language="javascript">
99
+ function add_my_ip() {
100
+ var rsa_allowed_ips = jQuery('#rsa_allowed_ips').val() + ' <?php echo $_SERVER['REMOTE_ADDR']; ?>';
101
+ jQuery('#rsa_allowed_ips').val(jQuery.trim(rsa_allowed_ips));
102
+ return false;
103
+ }
104
+
105
+ function change_approach(approach_choice) {
106
+ if (approach_choice == 2) jQuery("tr.redirect_field").fadeIn(500);
107
+ else jQuery("tr.redirect_field").fadeOut(500);
108
+ }
109
+
110
+ function check_redirect() {
111
+ if (jQuery("#rsa_is_active:checked").val() == 1 && jQuery("#rsa_restrict_approach").val() == 0) {
112
+ alert('When restricted access is turned on, restriction handling must be selected.');
113
+ jQuery("#rsa_restrict_approach").focus();
114
+ return false;
115
+ }
116
+ if (jQuery("#rsa_restrict_approach").val() != 2) return true;
117
+ var redirect_url = jQuery("#rsa_redirect_url").val();
118
+ if (redirect_url.substring(0,7) != "http://" && redirect_url.substring(0,8) != "https://") {
119
+ alert('The redirect location must be a valid URL starting with http:// or https://.');
120
+ jQuery("#rsa_redirect_url").focus();
121
+ return false;
122
+ }
123
+ return true;
124
+ }
125
+ </script>
126
+ <div class="wrap">
127
+ <h2>Restricted Site Access Configuration</h2>
128
+
129
+ <div id="poststuff" style="margin-top: 20px;">
130
+
131
+ <div class="postbox" style="width: 215px; min-width: 215px; float: right;">
132
+ <h3 class="hndle">Support us</h3>
133
+ <div class="inside">
134
+ <p>Help support continued development of Restricted Site Access and our other plugins.</p>
135
+ <p>The best thing you can do is <strong>refer someone looking for web development or strategy work <a href="http://www.cmurrayconsulting.com" target="_blank">to our company</a></strong>. Learn more about our <a href="http://www.cmurrayconsulting.com/services/partners/wordpress-developer/" target="_blank">Wordpress experience and services</a>.</p>
136
+ <p>Short of that, please consider a donation. If you cannot afford even a small donation, please consider providing a link to our website, maybe in a blog post acknowledging this plugin.</p>
137
+ <form method="post" action="https://www.paypal.com/cgi-bin/webscr" style="text-align: left;">
138
+ <input type="hidden" value="_s-xclick" name="cmd"/>
139
+ <input type="hidden" value="3377715" name="hosted_button_id"/>
140
+ <input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" name="submit" alt="PayPal - The safer, easier way to pay online!"/> <img height="1" border="0" width="1" alt="" src="https://www.paypal.com/en_US/i/scr/pixel.gif"/><br/>
141
+ </form>
142
+ <p><strong><a href="http://www.cmurrayconsulting.com/software/wordpress-restricted-site-access/">Support page</a></strong></p>
143
+ </div>
144
+ </div>
145
+
146
+ <form method="post" action="options.php" onsubmit="return check_redirect();">
147
+ <?php settings_fields('rsa-options'); ?>
148
+ <div class="postbox" style="width: 350px;">
149
+ <h3 class="hndle">Options</h3>
150
+ <div class="inside">
151
+ <table class="form-table" style="clear: none;">
152
+ <tr valign="top">
153
+ <th scope="row" valign="top">Restrict access [<a href="#" onclick="alert('Activates the plug-in and restriction rules.'); return false;" style="cursor: help;">?</a>]</th>
154
+ <td style="padding: 10px;"><input type="checkbox" name="rsa_is_active" value="1" id="rsa_is_active"<?php if (get_option('rsa_is_active')) { echo ' checked="true"'; } ?> /></td>
155
+ </tr>
156
+ <tr valign="top">
157
+ <th scope="row" style="vertical-align: middle;">Restriction Handling [<a href="#" onclick="alert('Choose the method for handling visitors who do not have access. You may send them to the login page for the current site, redirect them, or simply output a message indicating that the site is restricted.'); return false;" style="cursor: help;">?</a>]</th>
158
+ <td style="padding: 10px;">
159
+ <select name="rsa_restrict_approach" id="rsa_restrict_approach" onchange="change_approach(selectedIndex);">
160
+ <?php $rsa_restrict_approach = intval(get_option('rsa_restrict_approach')); ?>
161
+ <option value="0"<?php if (!$rsa_restrict_approach) echo ' selected="selected"'; ?>>Select handling</option>
162
+ <option value="1"<?php if ($rsa_restrict_approach == 1) echo ' selected="selected"'; ?>>Send to login page</option>
163
+ <option value="2"<?php if ($rsa_restrict_approach == 2) echo ' selected="selected"'; ?>>Redirect visitor</option>
164
+ <option value="3"<?php if ($rsa_restrict_approach == 3) echo ' selected="selected"'; ?>>Display message</option>
165
+ </select>
166
+ </td>
167
+ </tr>
168
+ <tr valign="top">
169
+ <th scope="row" style="padding-top: 15px;">Allowed IPs [<a href="#" onclick="alert('Enter WAN IP addresses that are allowed access without logging in into this field. Best practice is to seperate IPs with a space, line break, comma, or semicolon. You may leave this field blank to restrict all IPs.'); return false;" style="cursor: help;">?</a>]</th>
170
+ <td style="padding: 10px;">
171
+ <textarea name="rsa_allowed_ips" id="rsa_allowed_ips" rows="5" style="width: 100%;"><?php echo get_option('rsa_allowed_ips'); ?></textarea>
172
+ <small>&nbsp; <a href="#" onclick="return add_my_ip();">add my current IP</a></small>
173
+ </td>
174
+ </tr>
175
+
176
+ <tr valign="top" class="redirect_field"<?php if ($rsa_restrict_approach != 2) echo ' style="display: none;"'; ?>>
177
+ <th scope="row" style="vertical-align: middle;">Redirect to [<a href="#" onclick="alert('Enter the URL that the visitor should be redirected to.'); return false;" style="cursor: help;">?</a>]</th>
178
+ <td style="padding: 10px;"><input type="text" name="rsa_redirect_url" id="rsa_redirect_url" value="<?php echo get_option('rsa_redirect_url'); ?>" style="width: 100%;" /></td>
179
+ </tr>
180
+ <tr valign="top" class="redirect_field"<?php if ($rsa_restrict_approach != 2) echo ' style="display: none;"'; ?>>
181
+ <th scope="row" valign="top" style="padding-top: 0;"><em>...with same path</em> [<a href="#" onclick="alert('If you would like to redirect the visitor to the same path (URI) he or she entered this site at (the rest of the URL after the base URL), check this option. This is typically used when there are two, very similar sites at different public web addresses; for instance, a development server open to the Internet but not intended for the public.'); return false;" style="cursor: help;">?</a>]</th>
182
+ <td style="padding-top: 0;"><input type="checkbox" name="rsa_redirect_path" value="1" id="rsa_redirect_path"<?php if (get_option('rsa_redirect_path')) { echo ' checked="true"'; } ?> /></td>
183
+ </tr>
184
+ <tr valign="top" class="redirect_field"<?php if ($rsa_restrict_approach != 2) echo ' style="display: none;"'; ?>>
185
+ <th scope="row" style="vertical-align: middle; padding-top: 0;">Redirect type header [<a href="#" onclick="alert('Redirect type headers can provide certain visitors, particularly search engines, more information about the nature of the redirect. A 301 redirect tells search engines that the page has moved permanently to the new location. 307 indicates a temporary redirect. 302 is an undefined redirect.'); return false;" style="cursor: help;">?</a>]</th>
186
+ <td style="padding-top: 0;">
187
+ <select name="rsa_redirect_head" id="rsa_redirect_head">
188
+ <?php $rsa_redirect_head = substr(get_option('rsa_redirect_head'),0,3); ?>
189
+ <option value="0"<?php if (!$rsa_redirect_head) echo ' selected="selected"'; ?>>none</option>
190
+ <option value="301 Moved Permanently HTTP/1.1"<?php if ($rsa_redirect_head == "301") echo ' selected="selected"'; ?>>301 Permanent</option>
191
+ <option value="302 Found HTTP/1.1"<?php if ($rsa_redirect_head == "302") echo ' selected="selected"'; ?>>302 Undefined</option>
192
+ <option value="307 Temporary Redirect HTTP/1.1"<?php if ($rsa_redirect_head == "307") echo ' selected="selected"'; ?>>307 Temporary</option>
193
+ </select>
194
+ </td>
195
+ </tr>
196
+ </table>
197
+ </div>
198
+ </div>
199
+
200
+ <input type="hidden" name="action" value="update" />
201
+ <input type="hidden" name="page_options" value="rsa_is_active,rsa_restrict_approach,rsa_allowed_ips,rsa_redirect_path,rsa_redirect_head" />
202
+
203
+ <p><input type="submit" class="button-primary" value="<?php _e('Save Changes') ?>" /></p>
204
+
205
+ </form>
206
+ </div>
207
+ </div>
208
+ <?php
209
+ }
210
+
211
+ function rsa_admin_menu() {
212
+ add_options_page('Restricted Site Access Configuration', 'Restricted Access', 8, __FILE__, 'rsa_options');
213
+ }
214
+ add_action('admin_menu', 'rsa_admin_menu');
215
+ ?>
screenshot-1.png ADDED
Binary file