Restricted Site Access

Version Description

New feature: backwards compatibility with PHP < 5.1 (limited testing with earlier versions)
Bug fiX: disappearing blocked access message text box on configuration page
Bug fix: login always redirects visitor back to correct page
Improved: built in help on configuration page updated, clearer
Improved: "IP already in list" indicator
Improved: optimizations to code that handles restriction behavior

Release Info

Developer	jakemgold
Plugin	Restricted Site Access
Version	3.1
Comparing to
See all releases

Code changes from version 3.0 to 3.1

Files changed (2) hide show

readme.txt +9 -4
restricted_site_access.php +110 -93

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: http://www.cmurrayconsulting.com/software/wordpress-restricted-site
4	Tags: restricted, restrict, limited, permissions, security, block
5	Requires at least: 2.8
6	Tested up to: 3.0
7	- Stable tag: 3.0
8
9	Limit access to visitors who are logged in or at specific IP addresses. Many options for handling blocked visitors.
10	Great for Intranets, dev sites.
	@@ -26,9 +26,6 @@ Adds a number of new configuration options to the Privacy settings panel. From t
26	1. Choose to redirect visitors to the same requested path
27	1. Choose the HTTP redirect message for SEO friendliness
28	1. Customize the blocked visitor message
29	-
30	- Requires PHP 5.1+ to support IPv6 ranges. Download version 1.0.2 if IP ranges are not needed and the host is not
31	- running PHP 5.1 or newer.
32
33
34	== Installation ==
	@@ -46,6 +43,14 @@ folder to the `/wp-content/plugins/` directory
46
47	== Changelog ==
48








49	= 3.0 =
50	* Integrates with Privacy settings page and site visibility option instead of adding a whole new page
51	* Simplified options: clearer instructions, removed unnecessary hiding / showing of some options, fewer lines


4	Tags: restricted, restrict, limited, permissions, security, block
5	Requires at least: 2.8
6	Tested up to: 3.0
7	+ Stable tag: 3.1
8
9	Limit access to visitors who are logged in or at specific IP addresses. Many options for handling blocked visitors.
10	Great for Intranets, dev sites.

26	1. Choose to redirect visitors to the same requested path
27	1. Choose the HTTP redirect message for SEO friendliness
28	1. Customize the blocked visitor message



29
30
31	== Installation ==

43
44	== Changelog ==
45
46	+ = 3.1 =
47	+ * New feature: backwards compatibility with PHP < 5.1 (limited testing with earlier versions)
48	+ * Bug fiX: disappearing blocked access message text box on configuration page
49	+ * Bug fix: login always redirects visitor back to correct page
50	+ * Improved: built in help on configuration page updated, clearer
51	+ * Improved: "IP already in list" indicator
52	+ * Improved: optimizations to code that handles restriction behavior
53	+
54	= 3.0 =
55	* Integrates with Privacy settings page and site visibility option instead of adding a whole new page
56	* Simplified options: clearer instructions, removed unnecessary hiding / showing of some options, fewer lines

restricted_site_access.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: Restricted Site Access
4	Plugin URI: http://www.cmurrayconsulting.com/software/wordpress-restricted-site-access/
5	Description: <strong>Limit access your site</strong> to visitors who are logged in or accessing the site from a set of specific IP addresses. Send restricted visitors to the log in page, redirect them, or display a message. <strong>Powerful control over redirection</strong>, with option to send to same path and send <strong>SEO friendly redirect headers</strong>. Great solution for Extranets, publicly hosted Intranets, or parallel development sites.
6	- Version: 3.0
7	Author: Jacob M Goldman (C. Murray Consulting)
8	Author URI: http://www.cmurrayconsulting.com
9
	@@ -25,52 +25,30 @@
25	*/
26
27	/**
28	- * ~~rsa_activation()~~ ~~handles~~ ~~plugin~~ ~~activation~~ ~~and~~ ~~conversion~~ of pre 1.1 ~~config~~ ~~options~~
29	*/
30
31	- ~~register_activation_hook~~(~~__FILE__,~~'~~rsa_activation~~');
32	-
33	- function ~~rsa_activation~~()
34	{
35	- ~~$blog_public~~ ~~= 2; //default new blog public option~~
36	-
37	- // if ~~upgrading from previous version~~, ~~update the blog_public option~~
38	- ~~if ( get_option('rsa_options') ) {~~
39	- if ~~( isset($rsa_options['active']) && !$rsa_options['active'] ) $blog_public = 1;~~
40	- }
41	-
42	- // ~~upgrading~~ ~~pre~~ ~~1.1~~
43	- if (~~get_option('rsa_restrict_approach'~~))
44	- {
45	- ~~//visibility~~
46	- if ( ~~!get_option~~('~~rsa_is_active~~') ) ~~$blog_public = 1~~;
47	-
48	- ~~//convert~~ ~~textarea ips to array~~
49	- ~~$allowed~~ ~~= get_option('rsa_allowed_ips');~~
50	- ~~if ($allowed) {~~
51	- ~~$arrAllowed = preg_split('/\s+/', $allowed)~~;
52	- if (empty($arrAllowed)) $arrAllowed = array($allowed);
53	- }
54	-
55	- $rsa_options = array(
56	- 'allowed' => $arrAllowed,
57	- 'approach' => (get_option('rsa_restrict_approach')),
58	- 'redirect_path' => (get_option('rsa_redirect_path')),
59	- 'redirect_url' => (get_option('rsa_redirect_url')),
60	- 'head_code' => (get_option('rsa_redirect_head'))
61	- );
62	- update_option('rsa_options',$rsa_options);
63	-
64	- delete_option('rsa_is_active');
65	- delete_option('rsa_allowed_ips');
66	- delete_option('rsa_restrict_approach');
67	- delete_option('rsa_redirect_path');
68	- delete_option('rsa_redirect_url');
69	- delete_option('rsa_redirect_head');
70	- }
71	-
72	- update_option( 'blog_public', $blog_public ); // set blog visibility
73	- }
74
75	/**
76	* Supercede search engines blocked info (WP3.0)
	@@ -99,16 +77,14 @@ function rsa_admin_init() {
99	register_setting( 'privacy', 'rsa_options', 'rsa_validate' ); //array of fundamental options including ID and caching info
100	add_settings_section( 'rsa-settings-section', __('Restricted Site Access'), 'rsa_options', 'privacy' );
101
102	- if ( ~~function_exists~~('~~inet_pton~~') ) {
103	- add_settings_field( '~~approach~~', __('~~Handling~~'), '~~rsa_handling_field~~', 'privacy', 'rsa-settings-section' );
104	- add_settings_field( '~~allowed~~', __('~~Allowed IPs~~'), '~~rsa_allowed_field~~', 'privacy', 'rsa-settings-section' );
105	- add_settings_field( '~~message~~', __('~~Message~~'), '~~rsa_message_field~~', 'privacy', 'rsa-settings-section' );
106	- add_settings_field( '~~redirect~~', __('Redirect ~~visitor~~ to'), '~~rsa_redirect_field~~', 'privacy', 'rsa-settings-section' );
107	- add_settings_field( '~~redirect_path~~', __('~~Redirect~~ ~~to same path~~'), '~~rsa_redirect_path_field~~', 'privacy', 'rsa-settings-section' );
108	- add_settings_field( 'redirect_code', __('Redirection type'), 'rsa_redirect_code_field', 'privacy', 'rsa-settings-section' );
109
110	- add_action( 'blog_privacy_selector', 'rsa_blog_privacy_selector' );
111	- }
112	}
113
114	add_action( 'admin_init', 'rsa_admin_init' );
	@@ -167,7 +143,7 @@ function rsa_allowed_field($value) {
167	<div id="ip_list">
168	<?php
169	$ips = $rsa_options['allowed'];
170	- if (!empty($ips)) {
171	foreach ($ips as $key => $ip) {
172	if (empty($ip)) continue;
173	echo '<span><input type="text" name="rsa_options[allowed][]" value="'.$ip.'" readonly="true" /><input type="button" class="button" onclick="remove_ip(this);" value="remove" /><br /></span>';
	@@ -176,7 +152,7 @@ function rsa_allowed_field($value) {
176	?>
177	</div>
178	<input type="text" name="newip" id="newip" value="" /><input class="button" type="button" onclick="add_ip(jQuery('#newip').val());" value="add" />
179	- <span class="description"><?php _e('Enter a single IP or a range using a subnet prefix. ~~See~~ help ~~tab~~ ~~for~~ ~~more.~~'); ?></span>
180	<br />
181	<input class="button" type="button" onclick="add_ip('<?php echo $_SERVER['REMOTE_ADDR']; ?>');" value="add my current IP" style="margin: 5px 0;" /><br />
182	<?php
	@@ -185,7 +161,7 @@ function rsa_allowed_field($value) {
185	function rsa_message_field($value) {
186	$rsa_options = get_option('rsa_options');
187	?>
188	- <input type="text" name="rsa_options[message]" id="~~message~~" value="<?php echo esc_attr( $rsa_options['message'] ); ?>" class="regular-text" />
189	<span class="description"><?php _e('Default (blank): "Access to this site is restricted."'); ?></span>
190	<?php
191	}
	@@ -201,7 +177,7 @@ function rsa_redirect_path_field($value) {
201	$rsa_options = get_option('rsa_options');
202	?>
203	<input type="checkbox" name="rsa_options[redirect_path]" value="1" id="redirect_path" <?php checked( $rsa_options['redirect_path'] ); ?> />
204	- <?php _e('Send visitor to same relative URL at redirection site (help ~~tab~~ ~~for~~ ~~more~~)'); ?>
205	<?php
206	}
207
	@@ -213,7 +189,7 @@ function rsa_redirect_code_field($value) {
213	<option value="302" <?php selected( $rsa_options['head_code'], '302' ); ?>><?php _e('302 Undefined'); ?></option>
214	<option value="307" <?php selected( $rsa_options['head_code'], '307' ); ?>><?php _e('307 Temporary'); ?></option>
215	</select>
216	- <span class="description"><?php _e('Redirect HTTP code (~~see~~ help ~~tab~~ ~~for~~ more ~~information~~)'); ?></span>
217	<?php
218	}
219
	@@ -221,12 +197,7 @@ function rsa_redirect_code_field($value) {
221	* settings section
222	*/
223
224	- function rsa_options()
225	- {
226	- if ( !function_exists('inet_pton') ) {
227	- echo '<p>Restricted Site Access plug-in 2.0 and newer require PHP 5.1 or newer to support IPv6 (as well as IPv4) ranges. If you are using an older version of PHP, your host cannot be upgraded, and you do not need IP range support, you can always manually <a href="http://downloads.wordpress.org/plugin/restricted-site-access.1.0.2.zip">download and install version 1.0.2</a>.</p>';
228	- return false;
229	- }
230	?>
231	<script type="text/javascript" language="javascript">
232	function add_ip(ip) {
	@@ -237,15 +208,14 @@ function add_ip(ip) {
237	var ip_used = false;
238	jQuery('#ip_list input').each(function(){
239	if (jQuery(this).val() == ip) {
240	- jQuery('h2').~~after~~(~~'<div~~ ~~id="message"~~ ~~class="error"><p><strong>IP~~ ~~address~~ '~~+ip+~~' ~~already~~ in ~~list.</strong></p></div>~~');
241	- scroll(0,0);
242	ip_used = true;
243	return false;
244	}
245	});
246	if (ip_used) return false;
247
248	- jQuery('<span style="display: none;"><input type="text" name="rsa_options[allowed][]" value="'+ip+'" readonly="true" /><input type="button" class="button" onclick="remove_ip(this);" value="remove" ~~/><~~br /></span>').appendTo('#ip_list').slideDown();
249	}
250
251	function remove_ip(btnObj) {
	@@ -269,18 +239,16 @@ function rsa_context_help($text)
269	{
270	return $text . '
271	<h5>Restricted Site Access</h5>
272	- <p>Restricted Site Access is a plug-in by Jake Goldman (<a href="http://www.cmurrayconsulting.com/software/wordpress-restricted-site-access/" target="_blank">C. Murray Consulting</a>) that allows you to restrict access to logged in users and a set of IP addresses ~~with flexible restricted access behavior~~.</p>
273
274	- <h5>~~Restriction Options~~</h5>
275	- <p><strong>~~Restrict~~ ~~access~~</strong> - ~~you~~ ~~can~~ ~~enable~~ ~~and~~ ~~disable~~ ~~restriction~~ at ~~will~~ ~~without~~ ~~deactivating~~ the ~~plug-in~~.</p>
276	- <p><strong>Handling</strong> - send the visitor the WordPress login screen, redirect the visitor (choosing this will offer some new options), or display a message indicating that the site is restricted.</p>
277	- <p><strong>Allowed IPs</strong> - enter a single IP address (such as 192.168.1.105) or an IP range using a network prefix (such as 10.0.0.1/24). In the current version, no validation is completed on these free form fields intended to hold IP addresses or IP ranges. A future version may check for valid entries. Here\'s a <a href="http://www.csgnetwork.com/ipinfocalc.html" target="_blank">handy calculator</a> to check your prefix.</p>
278
279	<h5>Redirection Options</h5>
280	- <p>~~This~~ ~~field~~ ~~set~~ ~~will~~ only ~~appear~~ if ~~you~~ ~~are~~ ~~using~~ ~~the~~ "~~redirect~~ visitor" ~~handler~~.</p>
281	- <p><strong>Redirect visitor to</strong> - the web ~~site~~ address of the site you want the visitor redirected to.</p>
282	- <p><strong~~>...with~~ same path</strong> - ~~if you would like to~~ redirect the visitor to the same path (URI) ~~he or she~~ entered ~~this site~~ at ~~(the rest of the URL after the base URL), check~~ this ~~option~~. ~~This~~ ~~is typically~~ used when there are two, very similar sites at different public web addresses; for instance, a parallel development server ~~open~~ to the Internet but not intended for the public.</p>
283	- <p><strong>~~Redirect~~ type</strong> - redirect ~~type~~ ~~headers~~ can provide certain visitors, particularly search engines, more information about the nature of the redirect. A 301 redirect tells search engines that ~~the~~ page has moved permanently to the new location. 307 indicates a temporary redirect. 302 is an undefined redirect.</p>
284
285	<h5><a href="http://www.cmurrayconsulting.com/software/wordpress-restricted-site-access/" target="_blank">Restricted Site Access support</a></h5>
286	';
	@@ -303,7 +271,7 @@ function rsa_plugin_actlinks( $links )
303	* THE CORE FUNCTION FOR BLOCKING ACCESSS
304	*/
305
306	- if( !is_admin() ) add_action( 'wp', 'restricted_site_access' );
307
308	function restricted_site_access()
309	{
	@@ -313,10 +281,10 @@ function restricted_site_access()
313	$rsa_options = get_option('rsa_options');
314
315	// check for the allow list, if its empty block everything
316	- if( ($list = $rsa_options['allowed']) ~~&& function_exists('inet_pton'~~))
317	{
318	$remote_ip = $_SERVER['REMOTE_ADDR']; //save the remote ip
319	- if(strpos($remote_ip, '.')) $remote_ip = str_replace('::ffff:', '', $remote_ip); //handle dual-stack addresses
320	$remote_ip = inet_pton($remote_ip); //parse the remote ip
321
322	// iterate through the allow list
	@@ -345,28 +313,77 @@ function restricted_site_access()
345	}
346	}
347
348	- $rsa_restrict_approach = ~~intval(~~$rsa_options['approach']);
349
350	do_action( 'restrict_site_access_handling', $rsa_restrict_approach ); // allow users to hook handling
351
352	- if ( $rsa_restrict_approach ~~== 2~~ )
353	{
354	- if ~~( !$rsa_redirect_url = $rsa_options['redirect_url'] ) return false; // base url~~
355	- if( $rsa_options['~~redirect_path~~'] ) $~~rsa_redirect_url~~ .= $~~_SERVER~~["~~REQUEST_URI~~"]; ~~// path~~
356	- ~~$rsa_redirect_head =~~ ( !$rsa_options['~~head_code~~'] ) ~~? 302 : intval($rsa_options['head_code'])~~; ~~// code~~
357	-
358	- ~~wp_redirect~~( $rsa_redirect_url, $~~rsa_redirect_head~~ );
359	- ~~exit;~~







360	}
361	- ~~elseif ( $rsa_restrict_approach == 3 )~~





















362	{
363	- ~~$message = ( isset($rsa_options['message']) && $rsa_options['message'] ) ? $rsa_options['message'] : "Access to this site is restricted.";~~
364	- ~~wp_die~~($~~message)~~;























365	}
366
367	- $~~new_url~~ ~~= is_front_page(~~) ? ~~get_bloginfo("url")~~ ~~: get_permalink();~~
368	- wp_redirect( wp_login_url($new_url) );
369	- exit;
370	}
371
372	/**


3	Plugin Name: Restricted Site Access
4	Plugin URI: http://www.cmurrayconsulting.com/software/wordpress-restricted-site-access/
5	Description: <strong>Limit access your site</strong> to visitors who are logged in or accessing the site from a set of specific IP addresses. Send restricted visitors to the log in page, redirect them, or display a message. <strong>Powerful control over redirection</strong>, with option to send to same path and send <strong>SEO friendly redirect headers</strong>. Great solution for Extranets, publicly hosted Intranets, or parallel development sites.
6	+ Version: 3.1
7	Author: Jacob M Goldman (C. Murray Consulting)
8	Author URI: http://www.cmurrayconsulting.com
9

25	*/
26
27	/**
28	+ * adds inet_pton support for ranges for servers that don't support (PHP pre 5.1, Windows PHP)
29	*/
30
31	+ if ( !function_exists('inet_pton') ) :
32	+
33	+ function inet_pton($ip)
34	{
35	+ # ipv4
36	+ if (strpos($ip, '.') !== FALSE) {
37	+ $ip = pack('N',ip2long($ip));
38	+ }
39	+ # ipv6
40	+ elseif (strpos($ip, ':') !== FALSE) {
41	+ $ip = explode(':', $ip);
42	+ $res = str_pad('', (4*(8-count($ip))), '0000', STR_PAD_LEFT);
43	+ foreach ($ip as $seg) {
44	+ $res .= str_pad($seg, 4, '0', STR_PAD_LEFT);
45	+ }
46	+ $ip = pack('H'.strlen($res), $res);
47	+ }
48	+ return $ip;
49	+ }
50	+
51	+ endif;






















52
53	/**
54	* Supercede search engines blocked info (WP3.0)

77	register_setting( 'privacy', 'rsa_options', 'rsa_validate' ); //array of fundamental options including ID and caching info
78	add_settings_section( 'rsa-settings-section', __('Restricted Site Access'), 'rsa_options', 'privacy' );
79
80	+ add_settings_field( 'approach', __('Handling'), 'rsa_handling_field', 'privacy', 'rsa-settings-section' );
81	+ add_settings_field( 'allowed', __('Allowed IPs'), 'rsa_allowed_field', 'privacy', 'rsa-settings-section' );
82	+ add_settings_field( 'message', __('Message'), 'rsa_message_field', 'privacy', 'rsa-settings-section' );
83	+ add_settings_field( 'redirect', __('Redirect visitor to'), 'rsa_redirect_field', 'privacy', 'rsa-settings-section' );
84	+ add_settings_field( 'redirect_path', __('Redirect to same path'), 'rsa_redirect_path_field', 'privacy', 'rsa-settings-section' );
85	+ add_settings_field( 'redirect_code', __('Redirection type'), 'rsa_redirect_code_field', 'privacy', 'rsa-settings-section' );

86
87	+ add_action( 'blog_privacy_selector', 'rsa_blog_privacy_selector' );

88	}
89
90	add_action( 'admin_init', 'rsa_admin_init' );

143	<div id="ip_list">
144	<?php
145	$ips = $rsa_options['allowed'];
146	+ if ( !empty($ips) ) {
147	foreach ($ips as $key => $ip) {
148	if (empty($ip)) continue;
149	echo '<span><input type="text" name="rsa_options[allowed][]" value="'.$ip.'" readonly="true" /><input type="button" class="button" onclick="remove_ip(this);" value="remove" /><br /></span>';

152	?>
153	</div>
154	<input type="text" name="newip" id="newip" value="" /><input class="button" type="button" onclick="add_ip(jQuery('#newip').val());" value="add" />
155	+ <span class="description"><?php _e('Enter a single IP or a range using a subnet prefix. (<a href="#" onclick="jQuery(\'#contextual-help-link\').click(); return false;">more help</a>)'); ?></span>
156	<br />
157	<input class="button" type="button" onclick="add_ip('<?php echo $_SERVER['REMOTE_ADDR']; ?>');" value="add my current IP" style="margin: 5px 0;" /><br />
158	<?php

161	function rsa_message_field($value) {
162	$rsa_options = get_option('rsa_options');
163	?>
164	+ <input type="text" name="rsa_options[message]" id="rsa_message" value="<?php echo esc_attr( $rsa_options['message'] ); ?>" class="regular-text" />
165	<span class="description"><?php _e('Default (blank): "Access to this site is restricted."'); ?></span>
166	<?php
167	}

177	$rsa_options = get_option('rsa_options');
178	?>
179	<input type="checkbox" name="rsa_options[redirect_path]" value="1" id="redirect_path" <?php checked( $rsa_options['redirect_path'] ); ?> />
180	+ <?php _e('Send visitor to same relative URL at redirection site (<a href="#" onclick="jQuery(\'#contextual-help-link\').click(); return false;">more help</a>)'); ?>
181	<?php
182	}
183

189	<option value="302" <?php selected( $rsa_options['head_code'], '302' ); ?>><?php _e('302 Undefined'); ?></option>
190	<option value="307" <?php selected( $rsa_options['head_code'], '307' ); ?>><?php _e('307 Temporary'); ?></option>
191	</select>
192	+ <span class="description"><?php _e('Redirect HTTP status code (<a href="#" onclick="jQuery(\'#contextual-help-link\').click(); return false;">more help</a>)'); ?></span>
193	<?php
194	}
195

197	* settings section
198	*/
199
200	+ function rsa_options() {





201	?>
202	<script type="text/javascript" language="javascript">
203	function add_ip(ip) {

208	var ip_used = false;
209	jQuery('#ip_list input').each(function(){
210	if (jQuery(this).val() == ip) {
211	+ jQuery(this).animate( { marginLeft: '-45px' }, 250, 'swing', function(){ jQuery(this).animate( { marginLeft: '0px' }, 250, 'swing' ); } );

212	ip_used = true;
213	return false;
214	}
215	});
216	if (ip_used) return false;
217
218	+ jQuery('<span style="display: none;"><input type="text" name="rsa_options[allowed][]" value="'+ip+'" readonly="true" /><input type="button" class="button" onclick="remove_ip(this);" value="remove" /> <span class="description">Click "Save Changes" to save this IP.</span><br /></span>').appendTo('#ip_list').slideDown();
219	}
220
221	function remove_ip(btnObj) {

239	{
240	return $text . '
241	<h5>Restricted Site Access</h5>
242	+ <p><a href="http://www.cmurrayconsulting.com/software/wordpress-restricted-site-access/" target="_blank">Restricted Site Access</a> is a plug-in by <a href="http://www.jakegoldman.net" target="_blank">Jake Goldman</a> (<a href="http://www.cmurrayconsulting.com/software/wordpress-restricted-site-access/" target="_blank">C. Murray Consulting</a>) that allows you to restrict access to logged in users and a set of IP addresses.</p>
243
244	+ <p><strong>Handling</strong> - send the visitor the WordPress login screen, redirect the visitor, or display a message indicating that the site is restricted.</p>
245	+ <p><strong>Allowed IPs</strong> - enter a single IP address (i.e. 192.168.1.105) or an IP range using a network prefix (i.e. 10.0.0.1/24). In the current version, validation is not performed on the IP addresses or IP ranges, so enter your addresses carefully! Here\'s a <a href="http://www.csgnetwork.com/ipinfocalc.html" target="_blank">handy calculator</a> to check your prefix.</p>


246
247	<h5>Redirection Options</h5>
248	+ <p>The redirection fields are only used when "Handling" is set to "Redirect visitor".</p>
249	+ <p><strong>Redirect visitor to</strong> - the web address of the site you want the visitor redirected to.</p>
250	+ <p><strong>Redirect to same path</strong> - redirect the visitor to the same path (URI) entered at this site. Typically used when there are two, very similar sites at different public web addresses; for instance, a parallel development server accessible on the Internet but not intended for the public.</p>
251	+ <p><strong>Redirection type</strong> - redirect status codes can provide certain visitors, particularly search engines, more information about the nature of the redirect. A 301 redirect tells search engines that a page has moved permanently to the new location. 307 indicates a temporary redirect. 302 is an undefined redirect.</p>
252
253	<h5><a href="http://www.cmurrayconsulting.com/software/wordpress-restricted-site-access/" target="_blank">Restricted Site Access support</a></h5>
254	';

271	* THE CORE FUNCTION FOR BLOCKING ACCESSS
272	*/
273
274	+ if( !is_admin() ) add_action( 'wp', 'restricted_site_access', 1 );
275
276	function restricted_site_access()
277	{

281	$rsa_options = get_option('rsa_options');
282
283	// check for the allow list, if its empty block everything
284	+ if( $list = $rsa_options['allowed'] )
285	{
286	$remote_ip = $_SERVER['REMOTE_ADDR']; //save the remote ip
287	+ if( strpos($remote_ip, '.') ) $remote_ip = str_replace('::ffff:', '', $remote_ip); //handle dual-stack addresses
288	$remote_ip = inet_pton($remote_ip); //parse the remote ip
289
290	// iterate through the allow list

313	}
314	}
315
316	+ $rsa_restrict_approach = $rsa_options['approach'];
317
318	do_action( 'restrict_site_access_handling', $rsa_restrict_approach ); // allow users to hook handling
319
320	+ switch($rsa_restrict_approach)
321	{
322	+ case 3:
323	+ if ( !isset($rsa_options['message']) \|\| empty($rsa_options['message']) ) $rsa_options['message'] = "Access to this site is restricted.";
324	+ wp_die( $rsa_options['message'] );
325	+ case 2:
326	+ if ( $rsa_redirect_url = $rsa_options['redirect_url'] )
327	+ {
328	+ if( $rsa_options['redirect_path'] ) $rsa_redirect_url .= $_SERVER["REQUEST_URI"]; // path
329	+ $rsa_redirect_head = ( !$rsa_options['head_code'] ) ? 302 : intval($rsa_options['head_code']); // code
330	+ }
331	+ break;
332	+ default:
333	+ $rsa_redirect_head = 302;
334	+ $rsa_redirect_url = wp_login_url( empty($_SERVER["REQUEST_URI"]) ? get_bloginfo('url') : $_SERVER["REQUEST_URI"] );
335	}
336	+
337	+ wp_redirect( $rsa_redirect_url, $rsa_redirect_head );
338	+ exit;
339	+ }
340	+
341	+ /**
342	+ * rsa_activation() handles plugin activation and conversion of pre 1.1 config options
343	+ */
344	+
345	+ register_activation_hook( __FILE__, 'rsa_activation' );
346	+
347	+ function rsa_activation()
348	+ {
349	+ $blog_public = 2; //default new blog public option
350	+
351	+ // if upgrading from previous version, update the blog_public option
352	+ if ( get_option('rsa_options') ) {
353	+ if ( isset($rsa_options['active']) && !$rsa_options['active'] ) $blog_public = 1;
354	+ }
355	+
356	+ // upgrading pre 1.1
357	+ if (get_option('rsa_restrict_approach'))
358	{
359	+ //visibility
360	+ if ( !get_option('rsa_is_active') ) $blog_public = 1;
361	+
362	+ //convert textarea ips to array
363	+ $allowed = get_option('rsa_allowed_ips');
364	+ if ($allowed) {
365	+ $arrAllowed = preg_split('/\s+/', $allowed);
366	+ if (empty($arrAllowed)) $arrAllowed = array($allowed);
367	+ }
368	+
369	+ $rsa_options = array(
370	+ 'allowed' => $arrAllowed,
371	+ 'approach' => (get_option('rsa_restrict_approach')),
372	+ 'redirect_path' => (get_option('rsa_redirect_path')),
373	+ 'redirect_url' => (get_option('rsa_redirect_url')),
374	+ 'head_code' => (get_option('rsa_redirect_head'))
375	+ );
376	+ update_option('rsa_options',$rsa_options);
377	+
378	+ delete_option('rsa_is_active');
379	+ delete_option('rsa_allowed_ips');
380	+ delete_option('rsa_restrict_approach');
381	+ delete_option('rsa_redirect_path');
382	+ delete_option('rsa_redirect_url');
383	+ delete_option('rsa_redirect_head');
384	}
385
386	+ update_option( 'blog_public', $blog_public ); // set blog visibility


387	}
388
389	/**

Restricted Site Access - Version 3.1

Version Description

Release Info

Code changes from version 3.0 to 3.1