s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members) - Version 3.2.3

Version Description

  • New Feature - "Alternative View Protection". Check your Dashboard: s2Member -> General Options -> Alternative View Protection. This new feature deals with some long awaited (protection) for things like: search results, RSS/XML feeds, and custom queries; where excerpts of protected content may slip through, depending on your theme. This feature is NEW, and still in an experimental state. It is disabled by default, but we encourage you to try it with different settings, and report back to us through the support forums for s2Member.
  • New Feature - "Query Conditionals" for developers. Check your Dashboard: s2Member -> API Scripting -> Query Conditionals. s2Member now provides several built-in API Functions that are tailored to meet the needs of developers integrating s2Member into their themes. Such as: is_category_protected_by_s2member($cat_id), is_category_permitted_by_s2member($cat_id), is_tag_protected_by_s2member($tag_id [slug or tag name]), is_tag_permitted_by_s2member($tag_id [slug or tag name]), is_post_protected_by_s2member($post_id), is_post_permitted_by_s2member($post_id), is_page_protected_by_s2member($page_id), is_page_permitted_by_s2member($page_id), is_uri_protected_by_s2member($uri [or full url]), is_uri_permitted_by_s2member($uri [ or full url]). In addition, there are two special functions that can be applied by theme authors before making custom queries: attach_s2member_query_filters(), detach_s2member_query_filters(). These can be used before and after a call to query_posts() for example. s2Member will automatically filter all protected content ( not available to the current User/Member ). Further details on these functions is available under the API Scripting section in your Dashboard. You can also have a look at this file: /s2member/includes/functions/api-functions.inc.php.
  • Compatiblity. s2Member is now compatible with the Page Tagger plugin for WordPress. Installing this plugin will allow you to protect Pages with Tags ( optional ). s2Member is also compatible with HeadSpace2 SEO, which can also enable Tags for Pages.
  • Bug fix. A bug was found in s2Member's handling of PayPal EOT responses. This bug was affecting site owners with newer PayPal accounts ( i.e. their Subscription IDs start with I- ). These newer PayPal accounts trigger subscr_eot events upon last payment, instead of when time has actually expired. s2Member v3.2.3 has been updated to correct its handling of subscr_eot events in this scenario. An obvious symptom of this bug, was to sell a non-recurring Subscription, and have that Subscription EOT on the very same day as the first payment ( which was also the last payment ), because it was non-recurring. This has been resolved in s2Member v3.2.3+.
  • New API Notification. s2Member v3.2.3 includes a new API Notification that can provide details about Refund/Reversal events, which are related to transactions for "Specific Post/Page Access". s2Member has always provided Refund/Reversal Notifications, but NOT for Specific Post/Page Access. There are now two API Notifications for Specific Post/Page Access. One for initial Sales, and another for Refunds/Reversals ( i.e. chargebacks ).
  • Replacement Codes. s2Member v3.2.3 adds two additional Replacement Codes to the API Notification for cancellations. These two additional Replacement Codes are: %%item_number%%, and %%item_name%%. See: s2Member -> API Notifications -> Cancellations for further details.
  • Optimization. Some of s2Member's larger routines have been moved into the /functions/separates/ directory, and they're now loaded "as needed", as opposed to being loaded by default. This will further optimize sites powered by s2Member. In addition, ( FYI for developers ) there are plans to implement SPL Autoload into a future release of s2Member, through classes assigned to various parts of the s2Member software package.
  • Improvement. s2Member's Meta Box panels in the Post/Page editing stations are now designed to disable themselves automatically on special Pages that are handled automatically by s2Member; ( i.e. the Membership Options Page, Login Welcome Page, Download Limit Exceeded Page ). s2Member also provides site owners with a clearer picture of how it handles these special Pages through the Meta Box panel.
  • General Maintenance. These two files paypal-notify.inc.php, and paypal-return.inc.php have BOTH been through another round of testing. Log file analysis ( with the help of other site owners ) indicated there were a few tweaks needed here and there. Minor changes were performed to improve compatibility for both PayPal Standard and PayPal Pro IPN handling ( across both old and new PayPal accounts ). Things like product_name vs. item_name vs. item_name1; and item_number vs. item_number1, vs. rp_invoice_id parsing.
  • New Shortcode Attribute. s2Member now accepts another PayPal Button Shortcode attribute ( ns="1" ) is s2Member's default setting. This controls the no_shipping variable in your PayPal Button. 0 to prompt for a shipping address, but NOT require one ( enables shipping details via IPN ). 1 to NEVER prompt for a shipping address. 2 to prompt for a shipping address, AND require one ( enables shipping details via IPN ).
  • Coming soon. Improvements to s2Member's support for Custom Fields did NOT make it into the official release of s2Member v3.2.3. Further beta testing is required. Support for selects, radios, checkboxes, and other improvements will come in s2Member v3.2.5.
  • Additional changes in "s2Member Pro" have been recorded here.
Download this release

Release Info

Developer PriMoThemes
Plugin Icon 128x128 s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members)
Version 3.2.3
Comparing to
See all releases

Code changes from version 3.2.2 to 3.2.3

Files changed (52) hide show
  1. images/lock-icon.png +0 -0
  2. includes/codes.inc.php +0 -17
  3. includes/functions/api-functions.inc.php +304 -24
  4. includes/functions/catg-level-access.inc.php +119 -92
  5. includes/functions/constants.inc.php +4 -4
  6. includes/functions/file-download-access.inc.php +15 -31
  7. includes/functions/force-ssl.inc.php +65 -63
  8. includes/functions/hide-some-systematics.inc.php +0 -42
  9. includes/functions/is-systematic.inc.php +51 -4
  10. includes/functions/list-servers.inc.php +5 -6
  11. includes/functions/login-redirection.inc.php +59 -25
  12. includes/functions/membership-options.inc.php +6 -2
  13. includes/functions/meta-boxes.inc.php +61 -47
  14. includes/functions/ms-meta-caps.inc.php +2 -0
  15. includes/functions/nocache.inc.php +12 -4
  16. includes/functions/page-level-access.inc.php +169 -48
  17. includes/functions/paypal-button.inc.php +5 -3
  18. includes/functions/paypal-notify.inc.php +4 -1272
  19. includes/functions/paypal-return.inc.php +3 -416
  20. includes/functions/paypal-utilities.inc.php +113 -22
  21. includes/functions/post-level-access.inc.php +178 -40
  22. includes/functions/ptag-level-access.inc.php +130 -69
  23. includes/functions/query-level-access.inc.php +233 -0
  24. includes/functions/ruri-level-access.inc.php +95 -36
  25. includes/functions/sc-get-details.inc.php +5 -1
  26. includes/functions/sc-old-conditionals.inc.php +0 -173
  27. includes/functions/security-gate.inc.php +83 -0
  28. includes/functions/separates/index.php +0 -0
  29. includes/functions/separates/paypal-notify.inc.php +1488 -0
  30. includes/functions/separates/paypal-return.inc.php +445 -0
  31. includes/functions/sp-access.inc.php +21 -21
  32. includes/functions/translations.inc.php +5 -5
  33. includes/functions/utilities.inc.php +151 -3
  34. includes/hooks.inc.php +5 -8
  35. includes/menu-pages/api-ops.inc.php +106 -14
  36. includes/menu-pages/code-samples/custom-queries-loop.php +17 -0
  37. includes/menu-pages/code-samples/custom-queries.php +17 -0
  38. includes/menu-pages/code-samples/query-conditional-examples.php +33 -0
  39. includes/menu-pages/code-samples/specific-category-restrictions.php +12 -0
  40. includes/menu-pages/code-samples/specific-page-restrictions.php +12 -0
  41. includes/menu-pages/code-samples/specific-post-restrictions.php +18 -0
  42. includes/menu-pages/code-samples/specific-tag-restrictions.php +13 -0
  43. includes/menu-pages/menu-pages-s-min.js +1 -1
  44. includes/menu-pages/menu-pages-s.js +4 -4
  45. includes/menu-pages/options.inc.php +110 -61
  46. includes/menu-pages/scripting.inc.php +53 -0
  47. includes/syscon.inc.php +27 -11
  48. includes/templates/shortcodes/paypal-checkout-button-shortcode.html +1 -1
  49. includes/templates/shortcodes/paypal-sp-checkout-button-shortcode.html +1 -1
  50. ms.txt +1 -1
  51. readme.txt +18 -4
  52. s2member.php +4 -4
images/lock-icon.png ADDED
Binary file
includes/codes.inc.php CHANGED
@@ -25,21 +25,4 @@ add_shortcode ("__s2If", "ws_plugin__s2member_sc_if_conditionals");
25
add_shortcode ("___s2If", "ws_plugin__s2member_sc_if_conditionals");
26
/**/
27
add_shortcode ("s2Member-PayPal-Button", "ws_plugin__s2member_sc_paypal_button");
28
- /*
29
- ----------------------------------------------------------------------------------------
30
- The following Shortcodes were deprecated in v3.2.2.
31
- Going forward, use [s2If] instead ( it's more powerful ).
32
- @NOTE: These Shortcodes were ONLY available in v3.2.1.
33
- ~ These WILL all be removed in a future release.
34
- ----------------------------------------------------------------------------------------
35
- */
36
- add_shortcode ("s2All", "ws_plugin__s2member_sc_old_conditionals");
37
- add_shortcode ("_s2All", "ws_plugin__s2member_sc_old_conditionals");
38
- add_shortcode ("__s2All", "ws_plugin__s2member_sc_old_conditionals");
39
- add_shortcode ("___s2All", "ws_plugin__s2member_sc_old_conditionals");
40
- /**/
41
- add_shortcode ("s2Any", "ws_plugin__s2member_sc_old_conditionals");
42
- add_shortcode ("_s2Any", "ws_plugin__s2member_sc_old_conditionals");
43
- add_shortcode ("__s2Any", "ws_plugin__s2member_sc_old_conditionals");
44
- add_shortcode ("___s2Any", "ws_plugin__s2member_sc_old_conditionals");
45
?>
25
add_shortcode ("___s2If", "ws_plugin__s2member_sc_if_conditionals");
26
/**/
27
add_shortcode ("s2Member-PayPal-Button", "ws_plugin__s2member_sc_paypal_button");
28
?>
includes/functions/api-functions.inc.php CHANGED
@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit("Do not access this file directly.");
16
/*
17
API function for Conditionals.
18
This matches up with a Simple Conditional made available through a Shortcode.
@@ -29,6 +29,8 @@ if (!function_exists ("is_user_not_logged_in"))
29
API function for Conditionals.
30
This matches up with a Simple Conditional made available through a Shortcode.
31
Function `current_user_can()` already exists in WordPress® core.
32
*/
33
if (!function_exists ("current_user_is"))
34
{
@@ -42,6 +44,8 @@ if (!function_exists ("current_user_is"))
42
API function for Conditionals.
43
This matches up with a Simple Conditional made available through a Shortcode.
44
Function `current_user_can()` already exists in WordPress® core.
45
*/
46
if (!function_exists ("current_user_is_not"))
47
{
@@ -55,6 +59,9 @@ if (!function_exists ("current_user_is_not"))
55
API function for Conditionals.
56
This matches up with a Simple Conditional made available through a Shortcode.
57
Function `current_user_can_for_blog()` already exists in WordPress® core.
58
*/
59
if (!function_exists ("current_user_is_for_blog"))
60
{
@@ -68,6 +75,9 @@ if (!function_exists ("current_user_is_for_blog"))
68
API function for Conditionals.
69
This matches up with a Simple Conditional made available through a Shortcode.
70
Function `current_user_can_for_blog()` already exists in WordPress® core.
71
*/
72
if (!function_exists ("current_user_is_not_for_blog"))
73
{
@@ -81,6 +91,8 @@ if (!function_exists ("current_user_is_not_for_blog"))
81
API function for Conditionals.
82
This matches up with a Simple Conditional made available through a Shortcode.
83
Function `current_user_can()` already exists in WordPress® core.
84
*/
85
if (!function_exists ("current_user_cannot"))
86
{
@@ -93,6 +105,9 @@ if (!function_exists ("current_user_cannot"))
93
API function for Conditionals.
94
This matches up with a Simple Conditional made available through a Shortcode.
95
Function `current_user_can_for_blog()` already exists in WordPress® core.
96
*/
97
if (!function_exists ("current_user_cannot_for_blog"))
98
{
@@ -102,51 +117,316 @@ if (!function_exists ("current_user_cannot_for_blog"))
102
}
103
}
104
/*
105
- Alias function for API Scripting usage.
106
- Deprecated in v3.0.5. This will be removed in a future release.
107
- Alias to: `ws_plugin__s2member_encrypt()`.
108
*/
109
- if (!function_exists ("s2member_encrypt"))
110
{
111
- function s2member_encrypt ($string = FALSE, $key = FALSE)
112
{
113
- return ws_plugin__s2member_encrypt ($string, $key);
114
}
115
}
116
/*
117
- Alias function for API Scripting usage.
118
- Deprecated in v3.0.5. This will be removed in a future release.
119
- Alias to: `ws_plugin__s2member_decrypt()`.
120
*/
121
- if (!function_exists ("s2member_decrypt"))
122
{
123
- function s2member_decrypt ($base64 = FALSE, $key = FALSE)
124
{
125
- return ws_plugin__s2member_decrypt ($base64, $key);
126
}
127
}
128
/*
129
- Alias function for API Scripting usage.
130
- Deprecated in v3.0.5. This will be removed in a future release.
131
- Alias to: `ws_plugin__s2member_xencrypt()`.
132
*/
133
- if (!function_exists ("s2member_xencrypt"))
134
{
135
- function s2member_xencrypt ($string = FALSE, $key = FALSE)
136
{
137
- return ws_plugin__s2member_xencrypt ($string, $key);
138
}
139
}
140
/*
141
Alias function for API Scripting usage.
142
- Deprecated in v3.0.5. This will be removed in a future release.
143
- Alias to: `ws_plugin__s2member_xdecrypt()`.
144
*/
145
- if (!function_exists ("s2member_xdecrypt"))
146
{
147
- function s2member_xdecrypt ($base64 = FALSE, $key = FALSE)
148
{
149
- return ws_plugin__s2member_xdecrypt ($base64, $key);
150
}
151
}
152
?>
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
+ exit ("Do not access this file directly.");
16
/*
17
API function for Conditionals.
18
This matches up with a Simple Conditional made available through a Shortcode.
29
API function for Conditionals.
30
This matches up with a Simple Conditional made available through a Shortcode.
31
Function `current_user_can()` already exists in WordPress® core.
32
+
33
+ $role - required argument.
34
*/
35
if (!function_exists ("current_user_is"))
36
{
44
API function for Conditionals.
45
This matches up with a Simple Conditional made available through a Shortcode.
46
Function `current_user_can()` already exists in WordPress® core.
47
+
48
+ $role - required argument.
49
*/
50
if (!function_exists ("current_user_is_not"))
51
{
59
API function for Conditionals.
60
This matches up with a Simple Conditional made available through a Shortcode.
61
Function `current_user_can_for_blog()` already exists in WordPress® core.
62
+
63
+ $blog_id - required argument.
64
+ $role - required argument.
65
*/
66
if (!function_exists ("current_user_is_for_blog"))
67
{
75
API function for Conditionals.
76
This matches up with a Simple Conditional made available through a Shortcode.
77
Function `current_user_can_for_blog()` already exists in WordPress® core.
78
+
79
+ $blog_id - required argument.
80
+ $role - required argument.
81
*/
82
if (!function_exists ("current_user_is_not_for_blog"))
83
{
91
API function for Conditionals.
92
This matches up with a Simple Conditional made available through a Shortcode.
93
Function `current_user_can()` already exists in WordPress® core.
94
+
95
+ $capability - required argument.
96
*/
97
if (!function_exists ("current_user_cannot"))
98
{
105
API function for Conditionals.
106
This matches up with a Simple Conditional made available through a Shortcode.
107
Function `current_user_can_for_blog()` already exists in WordPress® core.
108
+
109
+ $blog_id - required argument.
110
+ $capability - required argument.
111
*/
112
if (!function_exists ("current_user_cannot_for_blog"))
113
{
117
}
118
}
119
/*
120
+ API function for Conditionals.
121
+ Allows developers to integrate s2Member ( via Themes ).
122
+ Is a specific [Category, Tag, Post, Page, or URI] protected by s2Member?
123
+
124
+ $__id - optional argument. Defaults to current $post->ID in The Loop.
125
+ $__type - optional argument. One of: `category`, `tag`, `post`, `page`, `singular`, `uri`. Defaults to: `singular`.
126
+ $check_user - optional ( consider the current User? ) defaults to: false.
127
*/
128
+ if (!function_exists ("is_protected_by_s2member"))
129
{
130
+ function is_protected_by_s2member ($__id = FALSE, $__type = FALSE, $check_user = FALSE)
131
{
132
+ global $post; /* Global reference to $post in The Loop. */
133
+ /**/
134
+ $__id = ($__id) ? $__id : ( (is_object ($post)) ? $post->ID : false);
135
+ $__type = ($__type) ? strtolower ($__type) : "singular";
136
+ /**/
137
+ if ($__type === "category" && ($array = ws_plugin__s2member_check_specific_catg_level_access ($__id, $check_user)))
138
+ return $array; /* A non-empty array with ["s2member_level_req"]. */
139
+ /**/
140
+ else if ($__type === "tag" && ($array = ws_plugin__s2member_check_specific_ptag_level_access ($__id, $check_user)))
141
+ return $array; /* A non-empty array with ["s2member_level_req"]. */
142
+ /**/
143
+ else if (($__type === "post" || $__type === "singular") && ($array = ws_plugin__s2member_check_specific_post_level_access ($__id, $check_user)))
144
+ return $array; /* A non-empty array with ["s2member_(level|sp|ccap)_req"]. */
145
+ /**/
146
+ else if (($__type === "page" || $__type === "singular") && ($array = ws_plugin__s2member_check_specific_page_level_access ($__id, $check_user)))
147
+ return $array; /* A non-empty array with ["s2member_(level|sp|ccap)_req"]. */
148
+ /**/
149
+ else if ($__type === "uri" && ($array = ws_plugin__s2member_check_specific_ruri_level_access ($__id, $check_user)))
150
+ return $array; /* A non-empty array with ["s2member_level_req"]. */
151
+ /**/
152
+ return false;
153
}
154
}
155
/*
156
+ API function for Conditionals.
157
+ Allows developers to integrate s2Member ( via Themes ).
158
+ Is the current User permitted to access this [Category, Tag, Post, Page, or URI]?
159
+
160
+ $__id - optional argument. Defaults to current $post->ID in The Loop.
161
+ $__type - optional argument. One of: `category`, `tag`, `post`, `page`, `singular`, `uri`. Defaults to: `singular`.
162
*/
163
+ if (!function_exists ("is_permitted_by_s2member"))
164
{
165
+ function is_permitted_by_s2member ($__id = FALSE, $__type = FALSE)
166
{
167
+ global $post; /* Global reference to $post in The Loop. */
168
+ /**/
169
+ $__id = ($__id) ? $__id : ( (is_object ($post)) ? $post->ID : false);
170
+ $__type = ($__type) ? strtolower ($__type) : "singular";
171
+ /**/
172
+ if ($__type === "category" && ws_plugin__s2member_check_specific_catg_level_access ($__id, true))
173
+ return false;
174
+ /**/
175
+ else if ($__type === "tag" && ws_plugin__s2member_check_specific_ptag_level_access ($__id, true))
176
+ return false;
177
+ /**/
178
+ else if (($__type === "post" || $__type === "singular") && ws_plugin__s2member_check_specific_post_level_access ($__id, true))
179
+ return false;
180
+ /**/
181
+ else if (($__type === "page" || $__type === "singular") && ws_plugin__s2member_check_specific_page_level_access ($__id, true))
182
+ return false;
183
+ /**/
184
+ else if ($__type === "uri" && ws_plugin__s2member_check_specific_ruri_level_access ($__id, true))
185
+ return false;
186
+ /**/
187
+ return true;
188
}
189
}
190
/*
191
+ API function for Conditionals.
192
+ Allows developers to integrate s2Member ( via Themes ).
193
+ Is a specific Category protected by s2Member?
194
+
195
+ $cat_id - required argument.
196
+ $check_user - optional ( consider the current User? ) defaults to: false.
197
*/
198
+ if (!function_exists ("is_category_protected_by_s2member"))
199
{
200
+ function is_category_protected_by_s2member ($cat_id = FALSE, $check_user = FALSE)
201
{
202
+ if ($cat_id && ($array = ws_plugin__s2member_check_specific_catg_level_access ($cat_id, $check_user)))
203
+ return $array; /* A non-empty array with ["s2member_level_req"]. */
204
+ /**/
205
+ return false;
206
+ }
207
+ }
208
+ /*
209
+ API function for Conditionals.
210
+ Allows developers to integrate s2Member ( via Themes ).
211
+ Is the current User permitted to access this Category?
212
+
213
+ $cat_id - required argument.
214
+ */
215
+ if (!function_exists ("is_category_permitted_by_s2member"))
216
+ {
217
+ function is_category_permitted_by_s2member ($cat_id = FALSE)
218
+ {
219
+ if ($cat_id && ws_plugin__s2member_check_specific_catg_level_access ($cat_id, true))
220
+ return false;
221
+ /**/
222
+ return true;
223
+ }
224
+ }
225
+ /*
226
+ API function for Conditionals.
227
+ Allows developers to integrate s2Member ( via Themes ).
228
+ Is a specific Tag protected by s2Member?
229
+
230
+ $tag_id_slug_or_name - required argument.
231
+ $check_user - optional ( consider the current User? ) defaults to: false.
232
+ */
233
+ if (!function_exists ("is_tag_protected_by_s2member"))
234
+ {
235
+ function is_tag_protected_by_s2member ($tag_id_slug_or_name = FALSE, $check_user = FALSE)
236
+ {
237
+ if ($tag_id_slug_or_name && ($array = ws_plugin__s2member_check_specific_ptag_level_access ($tag_id_slug_or_name, $check_user)))
238
+ return $array; /* A non-empty array with ["s2member_level_req"]. */
239
+ /**/
240
+ return false;
241
+ }
242
+ }
243
+ /*
244
+ API function for Conditionals.
245
+ Allows developers to integrate s2Member ( via Themes ).
246
+ Is the current User permitted to access this Tag?
247
+
248
+ $tag_id_slug_or_name - required argument.
249
+ */
250
+ if (!function_exists ("is_tag_permitted_by_s2member"))
251
+ {
252
+ function is_tag_permitted_by_s2member ($tag_id_slug_or_name = FALSE)
253
+ {
254
+ if ($tag_id_slug_or_name && ws_plugin__s2member_check_specific_ptag_level_access ($tag_id_slug_or_name, true))
255
+ return false;
256
+ /**/
257
+ return true;
258
+ }
259
+ }
260
+ /*
261
+ API function for Conditionals.
262
+ Allows developers to integrate s2Member ( via Themes ).
263
+ Is a specific Post protected by s2Member?
264
+
265
+ $post_id - required argument.
266
+ $check_user - optional ( consider the current User? ) defaults to: false.
267
+ */
268
+ if (!function_exists ("is_post_protected_by_s2member"))
269
+ {
270
+ function is_post_protected_by_s2member ($post_id = FALSE, $check_user = FALSE)
271
+ {
272
+ if ($post_id && ($array = ws_plugin__s2member_check_specific_post_level_access ($post_id, $check_user)))
273
+ return $array; /* A non-empty array with ["s2member_(level|sp|ccap)_req"]. */
274
+ /**/
275
+ return false;
276
+ }
277
+ }
278
+ /*
279
+ API function for Conditionals.
280
+ Allows developers to integrate s2Member ( via Themes ).
281
+ Is the current User permitted to access this Post?
282
+
283
+ $post_id - required argument.
284
+ */
285
+ if (!function_exists ("is_post_permitted_by_s2member"))
286
+ {
287
+ function is_post_permitted_by_s2member ($post_id = FALSE)
288
+ {
289
+ if ($post_id && ws_plugin__s2member_check_specific_post_level_access ($post_id, true))
290
+ return false;
291
+ /**/
292
+ return true;
293
+ }
294
+ }
295
+ /*
296
+ API function for Conditionals.
297
+ Allows developers to integrate s2Member ( via Themes ).
298
+ Is a specific Page protected by s2Member?
299
+
300
+ $page_id - required argument.
301
+ $check_user - optional ( consider the current User? ) defaults to: false.
302
+ */
303
+ if (!function_exists ("is_page_protected_by_s2member"))
304
+ {
305
+ function is_page_protected_by_s2member ($page_id = FALSE, $check_user = FALSE)
306
+ {
307
+ if ($page_id && ($array = ws_plugin__s2member_check_specific_page_level_access ($page_id, $check_user)))
308
+ return $array; /* A non-empty array with ["s2member_(level|sp|ccap)_req"]. */
309
+ /**/
310
+ return false;
311
+ }
312
+ }
313
+ /*
314
+ API function for Conditionals.
315
+ Allows developers to integrate s2Member ( via Themes ).
316
+ Is the current User permitted to access this Page?
317
+
318
+ $page_id - required argument.
319
+ */
320
+ if (!function_exists ("is_page_permitted_by_s2member"))
321
+ {
322
+ function is_page_permitted_by_s2member ($page_id = FALSE)
323
+ {
324
+ if ($page_id && ws_plugin__s2member_check_specific_page_level_access ($page_id, true))
325
+ return false;
326
+ /**/
327
+ return true;
328
+ }
329
+ }
330
+ /*
331
+ API function for Conditionals.
332
+ Allows developers to integrate s2Member ( via Themes ).
333
+ Is a specific URI/URL protected by s2Member?
334
+
335
+ NOTE: This will ONLY check s2Member's URI Level Access restrictions.
336
+ - So unlike s2Member's other Query Conditionals,
337
+ this will NOT check everything.
338
+
339
+ Use of this function is usually NOT required, because all of these
340
+ other Conditionals already check URI restrictions inclusively:
341
+ - is_category_protected_by_s2member($cat_id);
342
+ - is_tag_protected_by_s2member($tag_id [ or slug ]);
343
+ - is_post_protected_by_s2member($post_id);
344
+ - is_page_protected_by_s2member($page_id);
345
+
346
+ $uri_or_full_url - required argument.
347
+ $check_user - optional ( consider the current User? ) defaults to: false.
348
+ */
349
+ if (!function_exists ("is_uri_protected_by_s2member"))
350
+ {
351
+ function is_uri_protected_by_s2member ($uri_or_full_url = FALSE, $check_user = FALSE)
352
+ {
353
+ if ($uri_or_full_url && ($array = ws_plugin__s2member_check_specific_ruri_level_access ($uri_or_full_url, $check_user)))
354
+ return $array; /* A non-empty array with ["s2member_level_req"]. */
355
+ /**/
356
+ return false;
357
+ }
358
+ }
359
+ /*
360
+ API function for Conditionals.
361
+ Allows developers to integrate s2Member ( via Themes ).
362
+ Is the current URI/URL permitted to access this Page?
363
+
364
+ NOTE: This will ONLY check s2Member's URI Level Access restrictions.
365
+ - So unlike s2Member's other Query Conditionals,
366
+ this will NOT check everything.
367
+
368
+ Use of this function is usually NOT required, because all of these
369
+ other Conditionals already check URI restrictions inclusively:
370
+ - is_category_permitted_by_s2member($cat_id);
371
+ - is_tag_permitted_by_s2member($tag_id [ or slug ]);
372
+ - is_post_permitted_by_s2member($post_id);
373
+ - is_page_permitted_by_s2member($page_id);
374
+
375
+ $uri_or_full_url - required argument.
376
+ */
377
+ if (!function_exists ("is_uri_permitted_by_s2member"))
378
+ {
379
+ function is_uri_permitted_by_s2member ($uri_or_full_url = FALSE)
380
+ {
381
+ if ($uri_or_full_url && ws_plugin__s2member_check_specific_ruri_level_access ($uri_or_full_url, true))
382
+ return false;
383
+ /**/
384
+ return true;
385
+ }
386
+ }
387
+ /*
388
+ API function for custom queries.
389
+ Allows developers to integrate s2Member ( via Themes ).
390
+ Attaches s2Member's query filters; hiding protected content.
391
+ Don't forget to call: `detach_s2member_query_filters()`.
392
+ */
393
+ if (!function_exists ("attach_s2member_query_filters"))
394
+ {
395
+ function attach_s2member_query_filters ()
396
+ {
397
+ remove_action ("pre_get_posts", "ws_plugin__s2member_security_gate_query", 20);
398
+ add_action ("pre_get_posts", "ws_plugin__s2member_force_query_level_access", 20);
399
+ }
400
+ }
401
+ /*
402
+ API function for custom queries.
403
+ Allows developers to integrate s2Member ( via Themes ).
404
+ Detaches filters applied by: `attach_s2member_query_filters()`.
405
+ */
406
+ if (!function_exists ("detach_s2member_query_filters"))
407
+ {
408
+ function detach_s2member_query_filters ()
409
+ {
410
+ remove_action ("pre_get_posts", "ws_plugin__s2member_force_query_level_access", 20);
411
+ add_action ("pre_get_posts", "ws_plugin__s2member_security_gate_query", 20);
412
}
413
}
414
/*
415
Alias function for API Scripting usage.
416
+ Function creates a special File Download Key.
417
+ Uses: date("Y-m-d") . $_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"] . $file.
418
+
419
+ The optional second argument can be passed in for compatiblity with Quick Cache / WP Super Cache.
420
+ When $cache_compatible is passed in, the salt is reduced to only the $file value.
421
+ - which is NOT as secure. So use that with caution.
422
+
423
+ $file - required argument.
424
*/
425
+ if (!function_exists ("s2member_file_download_key"))
426
{
427
+ function s2member_file_download_key ($file = FALSE, $cache_compatible = FALSE)
428
{
429
+ return ws_plugin__s2member_file_download_key ($file, $cache_compatible);
430
}
431
}
432
?>
includes/functions/catg-level-access.inc.php CHANGED
@@ -14,122 +14,149 @@ Direct access denial.
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
exit ("Do not access this file directly.");
16
/*
17
- Function for handling category level access permissions.
18
Attach to: add_action("template_redirect");
19
*/
20
if (!function_exists ("ws_plugin__s2member_check_catg_level_access"))
21
{
22
function ws_plugin__s2member_check_catg_level_access ()
23
{
24
- global $post; /* get_the_ID() not yet available here. */
25
/**/
26
do_action ("ws_plugin__s2member_before_check_catg_level_access", get_defined_vars ());
27
/**/
28
$excluded = apply_filters ("ws_plugin__s2member_check_catg_level_access_excluded", false, get_defined_vars ());
29
/**/
30
- if (!$excluded && ((is_category () && ($cat_ID = get_query_var ("cat"))) || (is_single () && !is_page () && is_object ($post) && ($post_ID = $post->ID))))
31
{
32
- if (!ws_plugin__s2member_is_systematic_use_page () && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
33
{
34
- $current_user = (is_user_logged_in ()) ? wp_get_current_user () : false; /* Get the current User's object. */
35
/**/
36
- if (is_category () && $cat_ID) /* We also check if this is a child category of a restricted category. */
37
{
38
- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && wp_redirect (add_query_arg ("s2member_level_req", "0", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
39
- exit ();
40
- /**/
41
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_catgs"] && in_array ($cat_ID, ($level0_catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_catgs"]))) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && wp_redirect (add_query_arg ("s2member_level_req", "0", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
42
- exit ();
43
- /**/
44
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level1")) && wp_redirect (add_query_arg ("s2member_level_req", "1", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
45
- exit ();
46
- /**/
47
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_catgs"] && in_array ($cat_ID, ($level1_catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_catgs"]))) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level1")) && wp_redirect (add_query_arg ("s2member_level_req", "1", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
48
- exit ();
49
- /**/
50
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level2")) && wp_redirect (add_query_arg ("s2member_level_req", "2", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
51
- exit ();
52
- /**/
53
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_catgs"] && in_array ($cat_ID, ($level2_catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_catgs"]))) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level2")) && wp_redirect (add_query_arg ("s2member_level_req", "2", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
54
- exit ();
55
- /**/
56
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level3")) && wp_redirect (add_query_arg ("s2member_level_req", "3", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
57
- exit ();
58
- /**/
59
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_catgs"] && in_array ($cat_ID, ($level3_catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_catgs"]))) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level3")) && wp_redirect (add_query_arg ("s2member_level_req", "3", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
60
- exit ();
61
- /**/
62
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level4")) && wp_redirect (add_query_arg ("s2member_level_req", "4", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
63
- exit ();
64
- /**/
65
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_catgs"] && in_array ($cat_ID, ($level4_catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_catgs"]))) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level4")) && wp_redirect (add_query_arg ("s2member_level_req", "4", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
66
- exit ();
67
- /**/
68
- if ($level0_catgs)
69
- foreach ($level0_catgs as $catg)
70
- if ($catg && cat_is_ancestor_of ($catg, $cat_ID) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && wp_redirect (add_query_arg ("s2member_level_req", "0", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
71
- exit ();
72
- /**/
73
- if ($level1_catgs)
74
- foreach ($level1_catgs as $catg)
75
- if ($catg && cat_is_ancestor_of ($catg, $cat_ID) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level1")) && wp_redirect (add_query_arg ("s2member_level_req", "1", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
76
- exit ();
77
- /**/
78
- if ($level2_catgs)
79
- foreach ($level2_catgs as $catg)
80
- if ($catg && cat_is_ancestor_of ($catg, $cat_ID) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level2")) && wp_redirect (add_query_arg ("s2member_level_req", "2", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
81
- exit ();
82
- /**/
83
- if ($level3_catgs)
84
- foreach ($level3_catgs as $catg)
85
- if ($catg && cat_is_ancestor_of ($catg, $cat_ID) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level3")) && wp_redirect (add_query_arg ("s2member_level_req", "3", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
86
- exit ();
87
- /**/
88
- if ($level4_catgs)
89
- foreach ($level4_catgs as $catg)
90
- if ($catg && cat_is_ancestor_of ($catg, $cat_ID) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level4")) && wp_redirect (add_query_arg ("s2member_level_req", "4", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
91
- exit ();
92
}
93
- else if (is_single () && !is_page () && $post_ID)
94
{
95
- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && wp_redirect (add_query_arg ("s2member_level_req", "0", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
96
- exit ();
97
- /**/
98
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_catgs"] && (in_category (($level0_catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_catgs"])), $post_ID) || ws_plugin__s2member_in_descendant_category ($level0_catgs, $post_ID)) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && wp_redirect (add_query_arg ("s2member_level_req", "0", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
99
- exit ();
100
- /**/
101
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level1")) && wp_redirect (add_query_arg ("s2member_level_req", "1", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
102
- exit ();
103
- /**/
104
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_catgs"] && (in_category (($level1_catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_catgs"])), $post_ID) || ws_plugin__s2member_in_descendant_category ($level1_catgs, $post_ID)) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level1")) && wp_redirect (add_query_arg ("s2member_level_req", "1", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
105
- exit ();
106
- /**/
107
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level2")) && wp_redirect (add_query_arg ("s2member_level_req", "2", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
108
- exit ();
109
- /**/
110
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_catgs"] && (in_category (($level2_catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_catgs"])), $post_ID) || ws_plugin__s2member_in_descendant_category ($level2_catgs, $post_ID)) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level2")) && wp_redirect (add_query_arg ("s2member_level_req", "2", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
111
- exit ();
112
/**/
113
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level3")) && wp_redirect (add_query_arg ("s2member_level_req", "3", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
114
- exit ();
115
/**/
116
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_catgs"] && (in_category (($level3_catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_catgs"])), $post_ID) || ws_plugin__s2member_in_descendant_category ($level3_catgs, $post_ID)) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level3")) && wp_redirect (add_query_arg ("s2member_level_req", "3", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
117
- exit ();
118
- /**/
119
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level4")) && wp_redirect (add_query_arg ("s2member_level_req", "4", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
120
- exit ();
121
- /**/
122
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_catgs"] && (in_category (($level4_catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_catgs"])), $post_ID) || ws_plugin__s2member_in_descendant_category ($level4_catgs, $post_ID)) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level4")) && wp_redirect (add_query_arg ("s2member_level_req", "4", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
123
- exit ();
124
}
125
/**/
126
- do_action ("ws_plugin__s2member_during_check_catg_level_access", get_defined_vars ());
127
}
128
}
129
/**/
130
- do_action ("ws_plugin__s2member_after_check_catg_level_access", get_defined_vars ());
131
- /**/
132
- return;
133
}
134
}
135
?>
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
exit ("Do not access this file directly.");
16
/*
17
+ Function for handling Category Level Access permissions.
18
Attach to: add_action("template_redirect");
19
+
20
+ Don't call this function directly, use one of these API functions:
21
+
22
+ Is it protected by s2Member at all?
23
+ - is_category_protected_by_s2member($cat_id);
24
+ - is_protected_by_s2member($cat_id, "category");
25
+
26
+ Is the current User permitted/authorized?
27
+ - is_category_permitted_by_s2member($cat_id);
28
+ - is_permitted_by_s2member($cat_id, "category");
29
+
30
+ see: `/s2member/includes/functions/api-functions.inc.php`.
31
*/
32
if (!function_exists ("ws_plugin__s2member_check_catg_level_access"))
33
{
34
function ws_plugin__s2member_check_catg_level_access ()
35
{
36
+ global $post; /* get_the_ID() is NOT available outside The Loop. */
37
/**/
38
do_action ("ws_plugin__s2member_before_check_catg_level_access", get_defined_vars ());
39
/**/
40
$excluded = apply_filters ("ws_plugin__s2member_check_catg_level_access_excluded", false, get_defined_vars ());
41
/**/
42
+ if (!$excluded && is_category () && ($cat_id = get_query_var ("cat")) && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
43
{
44
+ $current_user = (is_user_logged_in ()) ? wp_get_current_user () : false; /* Get the current User's object. */
45
+ /**/
46
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_uri = ws_plugin__s2member_login_redirection_uri ($current_user)) && preg_match ("/^" . preg_quote ($login_redirection_uri, "/") . "#x2F;", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")))
47
+ {
48
+ wp_redirect (add_query_arg ("s2member_level_req", 0, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
49
+ exit ();
50
+ }
51
+ else if (!ws_plugin__s2member_is_systematic_use_page ()) /* Do NOT protect Systematics. However, there is 1 exception above ^. */
52
{
53
+ for ($i = 0; $i <= 4; $i++) /* Category Level restrictions. Go through each Membership Level. We also check nested Categories, using `cat_is_ancestor_of()`. */
54
+ {
55
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
56
+ {
57
+ wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
58
+ exit ();
59
+ }
60
+ /**/
61
+ else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"] && in_array ($cat_id, ($catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"]))) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
62
+ {
63
+ wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
64
+ exit ();
65
+ }
66
+ /**/
67
+ else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"]) /* Check Category ancestry. */
68
+ foreach (preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"]) as $catg)
69
+ if ($catg && cat_is_ancestor_of ($catg, $cat_id) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
70
+ {
71
+ wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
72
+ exit ();
73
+ }
74
+ }
75
/**/
76
+ for ($i = 0; $i <= 4; $i++) /* URIs. Go through each Membership Level. */
77
{
78
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ruris"])
79
+ foreach (preg_split ("/[\r\n\t]+/", ws_plugin__s2member_fill_ruri_level_access_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ruris"], $current_user)) as $str)
80
+ if ($str && preg_match ("/" . preg_quote ($str, "/") . "/", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
81
+ {
82
+ wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
83
+ exit ();
84
+ }
85
}
86
+ }
87
+ /**/
88
+ do_action ("ws_plugin__s2member_during_check_catg_level_access", get_defined_vars ());
89
+ }
90
+ /**/
91
+ do_action ("ws_plugin__s2member_after_check_catg_level_access", get_defined_vars ());
92
+ /**/
93
+ return; /* For uniformity. */
94
+ }
95
+ }
96
+ /*
97
+ Function checks Category Level Access permissions- for a specific Category.
98
+
99
+ Don't call this function directly, use one of these API functions:
100
+
101
+ Is it protected by s2Member at all?
102
+ - is_category_protected_by_s2member($cat_id);
103
+ - is_protected_by_s2member($cat_id, "category");
104
+
105
+ Is the current User permitted/authorized?
106
+ - is_category_permitted_by_s2member($cat_id);
107
+ - is_permitted_by_s2member($cat_id, "category");
108
+
109
+ see: `/s2member/includes/functions/api-functions.inc.php`.
110
+ */
111
+ if (!function_exists ("ws_plugin__s2member_check_specific_catg_level_access"))
112
+ {
113
+ function ws_plugin__s2member_check_specific_catg_level_access ($cat_id = FALSE, $check_user = TRUE)
114
+ {
115
+ do_action ("ws_plugin__s2member_before_check_specific_catg_level_access", get_defined_vars ());
116
+ /**/
117
+ $excluded = apply_filters ("ws_plugin__s2member_check_specific_catg_level_access_excluded", false, get_defined_vars ());
118
+ /**/
119
+ if (!$excluded && $cat_id && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]) /* Check? */
120
+ {
121
+ $cat_link = get_category_link ($cat_id); /* Determine link to this Category. */
122
+ $cat_path = parse_url ($cat_link, PHP_URL_PATH); /* Parse req path. */
123
+ $cat_query = parse_url ($cat_link, PHP_URL_QUERY); /* Parse query. */
124
+ $cat_uri = ($cat_query) ? $cat_path . "?" . $cat_query : $cat_path;
125
+ /**/
126
+ $current_user = (is_user_logged_in ()) ? wp_get_current_user () : false; /* Get the current User's object. */
127
+ /**/
128
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_uri = ws_plugin__s2member_login_redirection_uri ($current_user)) && preg_match ("/^" . preg_quote ($login_redirection_uri, "/") . "#x2F;", $cat_uri) && (!$check_user || !$current_user || !current_user_can ("access_s2member_level0")))
129
+ return apply_filters ("ws_plugin__s2member_check_specific_catg_level_access", array ("s2member_level_req" => 0), get_defined_vars ());
130
+ /**/
131
+ else if (!ws_plugin__s2member_is_systematic_use_specific_page (null, $cat_uri)) /* Never restrict Systematic Use Pages. However, there is 1 exception above ^. */
132
+ {
133
+ for ($i = 0; $i <= 4; $i++) /* Category Level restrictions. Go through each Membership Level. We also check nested Categories, using `cat_is_ancestor_of()`. */
134
{
135
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"] === "all" && (!$check_user || !$current_user || !current_user_can ("access_s2member_level" . $i)))
136
+ return apply_filters ("ws_plugin__s2member_check_specific_catg_level_access", array ("s2member_level_req" => $i), get_defined_vars ());
137
/**/
138
+ else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"] && in_array ($cat_id, ($catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"]))) && (!$check_user || !$current_user || !current_user_can ("access_s2member_level" . $i)))
139
+ return apply_filters ("ws_plugin__s2member_check_specific_catg_level_access", array ("s2member_level_req" => $i), get_defined_vars ());
140
/**/
141
+ else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"]) /* Check Category ancestry. */
142
+ foreach (preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"]) as $catg)
143
+ if ($catg && cat_is_ancestor_of ($catg, $cat_id) && (!$check_user || !$current_user || !current_user_can ("access_s2member_level" . $i)))
144
+ return apply_filters ("ws_plugin__s2member_check_specific_catg_level_access", array ("s2member_level_req" => $i), get_defined_vars ());
145
}
146
/**/
147
+ for ($i = 0; $i <= 4; $i++) /* URIs. Go through each Membership Level. */
148
+ {
149
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ruris"])
150
+ foreach (preg_split ("/[\r\n\t]+/", ws_plugin__s2member_fill_ruri_level_access_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ruris"], $current_user)) as $str)
151
+ if ($str && preg_match ("/" . preg_quote ($str, "/") . "/", $cat_uri) && (!$check_user || !$current_user || !current_user_can ("access_s2member_level" . $i)))
152
+ return apply_filters ("ws_plugin__s2member_check_specific_catg_level_access", array ("s2member_level_req" => $i), get_defined_vars ());
153
+ }
154
}
155
+ /**/
156
+ do_action ("ws_plugin__s2member_during_check_specific_catg_level_access", get_defined_vars ());
157
}
158
/**/
159
+ return apply_filters ("ws_plugin__s2member_check_specific_catg_level_access", null, get_defined_vars ());
160
}
161
}
162
?>
includes/functions/constants.inc.php CHANGED
@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit ("Do not access this file directly.");
16
/*
17
Define several API Constants for s2Member.
18
Note that these are duplicated into the JavaScript API as well.
@@ -34,9 +34,9 @@ if (!function_exists ("ws_plugin__s2member_constants"))
34
$custom = ($current_user) ? get_user_option ("s2member_custom", $current_user->ID) : "";
35
$custom_fields = ($current_user) ? get_user_option ("s2member_custom_fields", $current_user->ID) : array ();
36
/**/
37
- $login_redirection_override = ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"]) ? ws_plugin__s2member_fill_login_redirect_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"], $current_user) : "";
38
/**/
39
- eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
40
do_action ("ws_plugin__s2member_during_constants", get_defined_vars ());
41
unset ($__refs, $__v); /* Unset defined __refs, __v. */
42
/**/
@@ -71,7 +71,7 @@ if (!function_exists ("ws_plugin__s2member_constants"))
71
define ("S2MEMBER_CURRENT_USER_PROFILE_MODIFICATION_PAGE_URL", ($c[] = get_bloginfo ("wpurl") . "/?s2member_profile=1"));
72
define ("S2MEMBER_FILE_DOWNLOAD_LIMIT_EXCEEDED_PAGE_URL", ($c[] = (string)$links["file_download_limit_exceeded_page"]));
73
define ("S2MEMBER_MEMBERSHIP_OPTIONS_PAGE_URL", ($c[] = (string)$links["membership_options_page"]));
74
- define ("S2MEMBER_LOGIN_WELCOME_PAGE_URL", ($c[] = (($login_redirection_override) ? (string)$login_redirection_override : (string)$links["login_welcome_page"])));
75
define ("S2MEMBER_LOGOUT_PAGE_URL", ($c[] = (string)wp_logout_url ()));
76
define ("S2MEMBER_LOGIN_PAGE_URL", ($c[] = (string)wp_login_url ()));
77
/**/
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
+ exit("Do not access this file directly.");
16
/*
17
Define several API Constants for s2Member.
18
Note that these are duplicated into the JavaScript API as well.
34
$custom = ($current_user) ? get_user_option ("s2member_custom", $current_user->ID) : "";
35
$custom_fields = ($current_user) ? get_user_option ("s2member_custom_fields", $current_user->ID) : array ();
36
/**/
37
+ $login_redirection_url = ws_plugin__s2member_login_redirection_url ($current_user);
38
/**/
39
+ eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
40
do_action ("ws_plugin__s2member_during_constants", get_defined_vars ());
41
unset ($__refs, $__v); /* Unset defined __refs, __v. */
42
/**/
71
define ("S2MEMBER_CURRENT_USER_PROFILE_MODIFICATION_PAGE_URL", ($c[] = get_bloginfo ("wpurl") . "/?s2member_profile=1"));
72
define ("S2MEMBER_FILE_DOWNLOAD_LIMIT_EXCEEDED_PAGE_URL", ($c[] = (string)$links["file_download_limit_exceeded_page"]));
73
define ("S2MEMBER_MEMBERSHIP_OPTIONS_PAGE_URL", ($c[] = (string)$links["membership_options_page"]));
74
+ define ("S2MEMBER_LOGIN_WELCOME_PAGE_URL", ($c[] = (($login_redirection_url) ? (string)$login_redirection_url : (string)$links["login_welcome_page"])));
75
define ("S2MEMBER_LOGOUT_PAGE_URL", ($c[] = (string)wp_logout_url ()));
76
define ("S2MEMBER_LOGIN_PAGE_URL", ($c[] = (string)wp_login_url ()));
77
/**/
includes/functions/file-download-access.inc.php CHANGED
@@ -24,24 +24,16 @@ if (!function_exists ("ws_plugin__s2member_max_download_period"))
24
do_action ("ws_plugin__s2member_before_max_download_period", get_defined_vars ());
25
/**/
26
if ($days = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_file_downloads_allowed_days"])
27
- {
28
- $max = ($max < $days) ? $days : $max;
29
- }
30
/**/
31
if ($days = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_file_downloads_allowed_days"])
32
- {
33
- $max = ($max < $days) ? $days : $max;
34
- }
35
/**/
36
if ($days = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_file_downloads_allowed_days"])
37
- {
38
- $max = ($max < $days) ? $days : $max;
39
- }
40
/**/
41
if ($days = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_file_downloads_allowed_days"])
42
- {
43
- $max = ($max < $days) ? $days : $max;
44
- }
45
/**/
46
return apply_filters ("ws_plugin__s2member_max_download_period", (($max > 365) ? 365 : (int)$max), get_defined_vars ());
47
}
@@ -115,25 +107,19 @@ if (!function_exists ("ws_plugin__s2member_min_level_4_downloads"))
115
$file_download_access_is_allowed = $min_level_4_downloads = false; /* Test with === false, which means no access is allowed at all. */
116
/**/
117
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_file_downloads_allowed"] && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_file_downloads_allowed_days"])
118
- {
119
- $file_download_access_is_allowed = $min_level_4_downloads = 0;
120
- }
121
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_file_downloads_allowed"] && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_file_downloads_allowed_days"])
122
- {
123
- $file_download_access_is_allowed = $min_level_4_downloads = 1;
124
- }
125
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_file_downloads_allowed"] && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_file_downloads_allowed_days"])
126
- {
127
- $file_download_access_is_allowed = $min_level_4_downloads = 2;
128
- }
129
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_file_downloads_allowed"] && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_file_downloads_allowed_days"])
130
- {
131
- $file_download_access_is_allowed = $min_level_4_downloads = 3;
132
- }
133
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_file_downloads_allowed"] && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_file_downloads_allowed_days"])
134
- {
135
- $file_download_access_is_allowed = $min_level_4_downloads = 4;
136
- }
137
/**/
138
return apply_filters ("ws_plugin__s2member_min_level_4_downloads", ($file_download_access_is_allowed = $min_level_4_downloads), get_defined_vars ());
139
}
@@ -288,8 +274,10 @@ if (!function_exists ("ws_plugin__s2member_check_file_download_access"))
288
/*
289
Function creates a special File Download Key.
290
Uses: date("Y-m-d") . $_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"] . $file.
291
The optional second argument can be passed in for compatiblity with Quick Cache / WP Super Cache.
292
When $cache_compatible is passed in, the salt is reduced to only the $file value.
293
*/
294
if (!function_exists ("ws_plugin__s2member_file_download_key"))
295
{
@@ -307,9 +295,5 @@ if (!function_exists ("ws_plugin__s2member_file_download_key"))
307
/**/
308
return apply_filters ("ws_plugin__s2member_file_download_key", $key, get_defined_vars ());
309
}
310
- function s2member_file_download_key ($file = FALSE, $cache_compatible = FALSE)
311
- {
312
- return ws_plugin__s2member_file_download_key ($file, $cache_compatible);
313
- }
314
}
315
?>
24
do_action ("ws_plugin__s2member_before_max_download_period", get_defined_vars ());
25
/**/
26
if ($days = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_file_downloads_allowed_days"])
27
+ $max = ($max < $days) ? $days : $max;
28
/**/
29
if ($days = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_file_downloads_allowed_days"])
30
+ $max = ($max < $days) ? $days : $max;
31
/**/
32
if ($days = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_file_downloads_allowed_days"])
33
+ $max = ($max < $days) ? $days : $max;
34
/**/
35
if ($days = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_file_downloads_allowed_days"])
36
+ $max = ($max < $days) ? $days : $max;
37
/**/
38
return apply_filters ("ws_plugin__s2member_max_download_period", (($max > 365) ? 365 : (int)$max), get_defined_vars ());
39
}
107
$file_download_access_is_allowed = $min_level_4_downloads = false; /* Test with === false, which means no access is allowed at all. */
108
/**/
109
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_file_downloads_allowed"] && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_file_downloads_allowed_days"])
110
+ $file_download_access_is_allowed = $min_level_4_downloads = 0;
111
+ /**/
112
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_file_downloads_allowed"] && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_file_downloads_allowed_days"])
113
+ $file_download_access_is_allowed = $min_level_4_downloads = 1;
114
+ /**/
115
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_file_downloads_allowed"] && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_file_downloads_allowed_days"])
116
+ $file_download_access_is_allowed = $min_level_4_downloads = 2;
117
+ /**/
118
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_file_downloads_allowed"] && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_file_downloads_allowed_days"])
119
+ $file_download_access_is_allowed = $min_level_4_downloads = 3;
120
+ /**/
121
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_file_downloads_allowed"] && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_file_downloads_allowed_days"])
122
+ $file_download_access_is_allowed = $min_level_4_downloads = 4;
123
/**/
124
return apply_filters ("ws_plugin__s2member_min_level_4_downloads", ($file_download_access_is_allowed = $min_level_4_downloads), get_defined_vars ());
125
}
274
/*
275
Function creates a special File Download Key.
276
Uses: date("Y-m-d") . $_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"] . $file.
277
+
278
The optional second argument can be passed in for compatiblity with Quick Cache / WP Super Cache.
279
When $cache_compatible is passed in, the salt is reduced to only the $file value.
280
+ - which is NOT as secure. So use that with caution.
281
*/
282
if (!function_exists ("ws_plugin__s2member_file_download_key"))
283
{
295
/**/
296
return apply_filters ("ws_plugin__s2member_file_download_key", $key, get_defined_vars ());
297
}
298
}
299
?>
includes/functions/force-ssl.inc.php CHANGED
@@ -33,69 +33,71 @@ if (!function_exists ("ws_plugin__s2member_check_force_ssl"))
33
/**/
34
do_action ("ws_plugin__s2member_before_check_force_ssl", get_defined_vars ());
35
/**/
36
- if (is_singular () && ($force_ssl = get_post_meta ($post->ID, "s2member_force_ssl", true)))
37
- {
38
- if (!is_ssl ()) /* SSL must be enabled here. Redirect to https:// scheme. */
39
- {
40
- $ssl_host = preg_replace ("/\:[0-9]+#x2F;", "", $_SERVER["HTTP_HOST"]);
41
- $ssl_port = (is_numeric ($force_ssl) && $force_ssl > 1) ? $force_ssl : 0;
42
- $ssl_host_port = $ssl_host . (($ssl_port) ? ":" . $ssl_port : "");
43
- /**/
44
- wp_redirect ("https://" . $ssl_host_port . $_SERVER["REQUEST_URI"]);
45
- exit (); /* ^ So let's redirect to the SSL enabled version. */
46
- }
47
- else /* Otherwise, we buffer all output, and switch all content over to https. */
48
- {
49
- $ssl_host = preg_replace ("/\:[0-9]+#x2F;", "", $_SERVER["HTTP_HOST"]);
50
- $ssl_port = (is_numeric ($force_ssl) && $force_ssl > 1) ? $force_ssl : 0;
51
- $ssl_host_port = $ssl_host . (($ssl_port) ? ":" . $ssl_port : "");
52
- /**/
53
- define ("_ws_plugin__s2member_force_ssl_host", $ssl_host);
54
- define ("_ws_plugin__s2member_force_ssl_port", $ssl_port);
55
- define ("_ws_plugin__s2member_force_ssl_host_port", $ssl_host_port);
56
- /**/
57
- /* Except these. We do NOT want to create a sitewide https conversion! */
58
- add_filter ("home_url", "_ws_plugin__s2member_force_non_ssl_scheme", 10, 3);
59
- add_filter ("network_home_url", "_ws_plugin__s2member_force_non_ssl_scheme", 10, 3);
60
- add_filter ("site_url", "_ws_plugin__s2member_force_non_ssl_scheme", 10, 3);
61
- add_filter ("network_site_url", "_ws_plugin__s2member_force_non_ssl_scheme", 10, 3);
62
- /**/
63
- function _ws_plugin__s2member_force_non_ssl_scheme ($url = FALSE, $path = FALSE, $scheme = FALSE)
64
- {
65
- return ($scheme) ? $url : preg_replace ("/^https\:\/\//i", "http://", $url);
66
- }
67
- /**/
68
- function _ws_plugin__s2member_force_ssl_buffer ($buffer = FALSE)
69
- {
70
- $o_pcre = ini_get ("pcre.backtrack_limit");
71
- /**/
72
- ini_set ("pcre.backtrack_limit", 10000000);
73
- /**/
74
- $tags = "script|style|link|img|input|iframe|object|embed"; /* Specific tags. */
75
- /**/
76
- $tags = apply_filters ("_ws_plugin__s2member_force_ssl_buffer_tags", $tags, get_defined_vars ());
77
- /**/
78
- $buffer = preg_replace_callback ("/\<(" . $tags . ")[^\>]+\>/i", "_ws_plugin__s2member_force_ssl_buffer_callback", $buffer);
79
- $buffer = preg_replace_callback ("/\<style[^\>]*\>(.+?)\<\/style\>/is", "_ws_plugin__s2member_force_ssl_buffer_callback", $buffer);
80
- /**/
81
- ini_set ("pcre.backtrack_limit", $o_pcre);
82
- /**/
83
- return apply_filters ("_ws_plugin__s2member_force_ssl_buffer", $buffer, get_defined_vars ());
84
- }
85
- /**/
86
- function _ws_plugin__s2member_force_ssl_buffer_callback ($m = FALSE)
87
- {
88
- $c = preg_replace ("/http\:\/\//i", "https://", $m[0]);
89
- /**/
90
- if (_ws_plugin__s2member_force_ssl_port && _ws_plugin__s2member_force_ssl_host && _ws_plugin__s2member_force_ssl_host_port) /* Do we ALSO need port conversions? */
91
- $c = preg_replace ("/\/" . preg_quote (_ws_plugin__s2member_force_ssl_host, "/") . "(\:[0-9]+)?\//i", "/" . _ws_plugin__s2member_force_ssl_host_port . "/", $c);
92
- /**/
93
- return $c; /* Return string with conversions. */
94
- }
95
- /**/
96
- ob_start ("_ws_plugin__s2member_force_ssl_buffer"); /* Buffer. */
97
- }
98
- }
99
/**/
100
do_action ("ws_plugin__s2member_after_check_force_ssl", get_defined_vars ());
101
/**/
33
/**/
34
do_action ("ws_plugin__s2member_before_check_force_ssl", get_defined_vars ());
35
/**/
36
+ if (is_singular () && is_object ($post) && ($__id = $post->ID)) /* Singular? */
37
+ /**/
38
+ if (($force_ssl = get_post_meta ($__id, "s2member_force_ssl", true))) /* Forcing? */
39
+ {
40
+ if (!is_ssl ()) /* SSL must be enabled here. Redirect to https:// scheme. */
41
+ {
42
+ $ssl_host = preg_replace ("/\:[0-9]+#x2F;", "", $_SERVER["HTTP_HOST"]);
43
+ $ssl_port = (is_numeric ($force_ssl) && $force_ssl > 1) ? $force_ssl : 0;
44
+ $ssl_host_port = $ssl_host . (($ssl_port) ? ":" . $ssl_port : "");
45
+ /**/
46
+ wp_redirect ("https://" . $ssl_host_port . $_SERVER["REQUEST_URI"]);
47
+ exit (); /* ^ So let's redirect to the SSL enabled version. */
48
+ }
49
+ else /* Otherwise, we buffer all output, and switch all content over to https. */
50
+ {
51
+ $ssl_host = preg_replace ("/\:[0-9]+#x2F;", "", $_SERVER["HTTP_HOST"]);
52
+ $ssl_port = (is_numeric ($force_ssl) && $force_ssl > 1) ? $force_ssl : 0;
53
+ $ssl_host_port = $ssl_host . (($ssl_port) ? ":" . $ssl_port : "");
54
+ /**/
55
+ define ("_ws_plugin__s2member_force_ssl_host", $ssl_host);
56
+ define ("_ws_plugin__s2member_force_ssl_port", $ssl_port);
57
+ define ("_ws_plugin__s2member_force_ssl_host_port", $ssl_host_port);
58
+ /**/
59
+ /* Except these. We do NOT want to create a sitewide https conversion! */
60
+ add_filter ("home_url", "_ws_plugin__s2member_force_non_ssl_scheme", 10, 3);
61
+ add_filter ("network_home_url", "_ws_plugin__s2member_force_non_ssl_scheme", 10, 3);
62
+ add_filter ("site_url", "_ws_plugin__s2member_force_non_ssl_scheme", 10, 3);
63
+ add_filter ("network_site_url", "_ws_plugin__s2member_force_non_ssl_scheme", 10, 3);
64
+ /**/
65
+ function _ws_plugin__s2member_force_non_ssl_scheme ($url = FALSE, $path = FALSE, $scheme = FALSE)
66
+ {
67
+ return ($scheme) ? $url : preg_replace ("/^https\:\/\//i", "http://", $url);
68
+ }
69
+ /**/
70
+ function _ws_plugin__s2member_force_ssl_buffer ($buffer = FALSE)
71
+ {
72
+ $o_pcre = ini_get ("pcre.backtrack_limit");
73
+ /**/
74
+ ini_set ("pcre.backtrack_limit", 10000000);
75
+ /**/
76
+ $tags = "script|style|link|img|input|iframe|object|embed"; /* Specific tags. */
77
+ /**/
78
+ $tags = apply_filters ("_ws_plugin__s2member_force_ssl_buffer_tags", $tags, get_defined_vars ());
79
+ /**/
80
+ $buffer = preg_replace_callback ("/\<(" . $tags . ")[^\>]+\>/i", "_ws_plugin__s2member_force_ssl_buffer_callback", $buffer);
81
+ $buffer = preg_replace_callback ("/\<style[^\>]*\>(.+?)\<\/style\>/is", "_ws_plugin__s2member_force_ssl_buffer_callback", $buffer);
82
+ /**/
83
+ ini_set ("pcre.backtrack_limit", $o_pcre);
84
+ /**/
85
+ return apply_filters ("_ws_plugin__s2member_force_ssl_buffer", $buffer, get_defined_vars ());
86
+ }
87
+ /**/
88
+ function _ws_plugin__s2member_force_ssl_buffer_callback ($m = FALSE)
89
+ {
90
+ $c = preg_replace ("/http\:\/\//i", "https://", $m[0]);
91
+ /**/
92
+ if (_ws_plugin__s2member_force_ssl_port && _ws_plugin__s2member_force_ssl_host && _ws_plugin__s2member_force_ssl_host_port) /* Do we ALSO need port conversions? */
93
+ $c = preg_replace ("/\/" . preg_quote (_ws_plugin__s2member_force_ssl_host, "/") . "(\:[0-9]+)?\//i", "/" . _ws_plugin__s2member_force_ssl_host_port . "/", $c);
94
+ /**/
95
+ return $c; /* Return string with conversions. */
96
+ }
97
+ /**/
98
+ ob_start ("_ws_plugin__s2member_force_ssl_buffer"); /* Buffer. */
99
+ }
100
+ }
101
/**/
102
do_action ("ws_plugin__s2member_after_check_force_ssl", get_defined_vars ());
103
/**/
includes/functions/hide-some-systematics.inc.php DELETED
@@ -1,42 +0,0 @@
1
- <?php
2
- /*
3
- Copyright: © 2009 WebSharks, Inc. ( coded in the USA )
4
- <mailto:support@websharks-inc.com> <http://www.websharks-inc.com/>
5
-
6
- Released under the terms of the GNU General Public License.
7
- You should have received a copy of the GNU General Public License,
8
- along with this software. In the main directory, see: /licensing/
9
- If not, see: <http://www.gnu.org/licenses/>.
10
- */
11
- /*
12
- Direct access denial.
13
- */
14
- if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit("Do not access this file directly.");
16
- /*
17
- Function that hides some of the systematic use pages.
18
- Attach to: add_filter("posts_where");
19
- */
20
- if (!function_exists ("ws_plugin__s2member_hide_some_systematics"))
21
- {
22
- function ws_plugin__s2member_hide_some_systematics ($where = FALSE)
23
- {
24
- global $wpdb; /* Need this to get the table name. */
25
- /**/
26
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
27
- do_action ("ws_plugin__s2member_before_hide_some_systematics", get_defined_vars ());
28
- unset ($__refs, $__v); /* Unset defined __refs, __v. */
29
- /**/
30
- if (is_search ()) /* Here we exclude a few systematic use pages from the search query. */
31
- {
32
- $where .= " AND " . $wpdb->posts . ".ID NOT IN ('" . $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"] . "', '" . $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] . "', '" . $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] . "')";
33
- /**/
34
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
35
- do_action ("ws_plugin__s2member_during_hide_some_systematics", get_defined_vars ());
36
- unset ($__refs, $__v); /* Unset defined __refs, __v. */
37
- }
38
- /**/
39
- return apply_filters ("ws_plugin__s2member_hide_some_systematics", $where, get_defined_vars ());
40
- }
41
- }
42
- ?>
includes/functions/is-systematic.inc.php CHANGED
@@ -12,9 +12,9 @@ If not, see: <http://www.gnu.org/licenses/>.
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit ("Do not access this file directly.");
16
/*
17
- Function that determines whether we are on a systematic use page.
18
*/
19
if (!function_exists ("ws_plugin__s2member_is_systematic_use_page"))
20
{
@@ -26,7 +26,7 @@ if (!function_exists ("ws_plugin__s2member_is_systematic_use_page"))
26
{
27
return $is_systematic; /* Filters will have already been applied. */
28
}
29
- else if (is_admin ()) /* In the admin area? - All administrational pages are considered systematic. */
30
{
31
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
32
}
@@ -50,7 +50,7 @@ if (!function_exists ("ws_plugin__s2member_is_systematic_use_page"))
50
{
51
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
52
}
53
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_override = ws_plugin__s2member_fill_login_redirect_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"])) && ($login_redirect_path = parse_url ($login_redirection_override, PHP_URL_PATH)) !== "nill" && ($login_redirect_query = parse_url ($login_redirection_override, PHP_URL_QUERY)) !== "nill" && ($login_redirect_uri = (($login_redirect_query) ? $login_redirect_path . "?" . $login_redirect_query : $login_redirect_path)) && preg_match ("/^" . preg_quote ($login_redirect_uri, "/") . "#x2F;", $_SERVER["REQUEST_URI"]))
54
{
55
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
56
}
@@ -68,4 +68,51 @@ if (!function_exists ("ws_plugin__s2member_is_systematic_use_page"))
68
}
69
}
70
}
71
?>
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
+ exit("Do not access this file directly.");
16
/*
17
+ Function that determines whether we are on a Systematic Use Page.
18
*/
19
if (!function_exists ("ws_plugin__s2member_is_systematic_use_page"))
20
{
26
{
27
return $is_systematic; /* Filters will have already been applied. */
28
}
29
+ else if (is_admin ()) /* In the admin area? - All administrational pages are considered Systematic. */
30
{
31
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
32
}
50
{
51
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
52
}
53
+ else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_uri = ws_plugin__s2member_login_redirection_uri ()) && preg_match ("/^" . preg_quote ($login_redirection_uri, "/") . "#x2F;", $_SERVER["REQUEST_URI"]))
54
{
55
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
56
}
68
}
69
}
70
}
71
+ /*
72
+ Function that determines whether a specific Page, is a Systematic Use Page.
73
+ */
74
+ if (!function_exists ("ws_plugin__s2member_is_systematic_use_specific_page"))
75
+ {
76
+ function ws_plugin__s2member_is_systematic_use_specific_page ($page_id = FALSE, $uri = FALSE)
77
+ {
78
+ static $is_systematic; /* For optimization. */
79
+ /**/
80
+ if (isset ($is_systematic)) /* Already cached? This saves time. */
81
+ {
82
+ return $is_systematic; /* Filters will have already been applied. */
83
+ }
84
+ else if ($uri && preg_match ("/\/wp-admin\//", $uri)) /* In the admin area? - All admin pages are considered Systematic. */
85
+ {
86
+ return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
87
+ }
88
+ else if ($uri && preg_match ("/\/wp-(signup|register|activate|login)\.php/", $uri))
89
+ {
90
+ return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
91
+ }
92
+ else if ($page_id && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
93
+ {
94
+ return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
95
+ }
96
+ else if ($page_id && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"])
97
+ {
98
+ return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
99
+ }
100
+ else if ($uri && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_uri = ws_plugin__s2member_login_redirection_uri ()) && preg_match ("/^" . preg_quote ($login_redirection_uri, "/") . "#x2F;", $uri))
101
+ {
102
+ return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
103
+ }
104
+ else if ($page_id && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"])
105
+ {
106
+ return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
107
+ }
108
+ else if ($uri && preg_match ("/^s2member/", parse_url ($uri, PHP_URL_QUERY)) && (parse_url ($uri, PHP_URL_PATH) === "/" || parse_url (rtrim ($uri, "/"), PHP_URL_PATH) === parse_url (rtrim (get_bloginfo ("wpurl"), "/"), PHP_URL_PATH)))
109
+ {
110
+ return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
111
+ }
112
+ else /* Otherwise, we return false. */
113
+ {
114
+ return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", false, get_defined_vars ()));
115
+ }
116
+ }
117
+ }
118
?>
includes/functions/list-servers.inc.php CHANGED
@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit ("Do not access this file directly.");
16
/*
17
Function that process list server integrations for s2Member.
18
*/
@@ -20,7 +20,7 @@ if (!function_exists ("ws_plugin__s2member_process_list_servers"))
20
{
21
function ws_plugin__s2member_process_list_servers ($level = FALSE, $email = FALSE, $fname = FALSE, $lname = FALSE, $ip = FALSE, $opt_in = FALSE)
22
{
23
- eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
24
do_action ("ws_plugin__s2member_before_process_list_servers", get_defined_vars ());
25
unset ($__refs, $__v); /* Unset defined __refs, __v. */
26
/**/
@@ -46,12 +46,12 @@ if (!function_exists ("ws_plugin__s2member_process_list_servers"))
46
"From: \"" . preg_replace ("/\"/", "", $fname . " " . $lname) . "\" <" . $email . ">\r\nContent-Type: text/plain; charset=utf-8");
47
}
48
/**/
49
- eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
50
do_action ("ws_plugin__s2member_during_process_list_servers", get_defined_vars ());
51
unset ($__refs, $__v); /* Unset defined __refs, __v. */
52
}
53
/**/
54
- eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
55
do_action ("ws_plugin__s2member_after_process_list_servers", get_defined_vars ());
56
unset ($__refs, $__v); /* Unset defined __refs, __v. */
57
/**/
@@ -69,8 +69,7 @@ if (!function_exists ("ws_plugin__s2member_list_servers_integrated"))
69
do_action ("ws_plugin__s2member_before_list_servers_integrated", get_defined_vars ());
70
/**/
71
for ($i = 0; $i <= 4; $i++)
72
- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_mailchimp_list_ids"]/**/
73
- || $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_aweber_list_ids"])
74
return apply_filters ("ws_plugin__s2member_list_servers_integrated", true, get_defined_vars ());
75
/**/
76
return apply_filters ("ws_plugin__s2member_list_servers_integrated", false, get_defined_vars ());
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
+ exit("Do not access this file directly.");
16
/*
17
Function that process list server integrations for s2Member.
18
*/
20
{
21
function ws_plugin__s2member_process_list_servers ($level = FALSE, $email = FALSE, $fname = FALSE, $lname = FALSE, $ip = FALSE, $opt_in = FALSE)
22
{
23
+ eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
24
do_action ("ws_plugin__s2member_before_process_list_servers", get_defined_vars ());
25
unset ($__refs, $__v); /* Unset defined __refs, __v. */
26
/**/
46
"From: \"" . preg_replace ("/\"/", "", $fname . " " . $lname) . "\" <" . $email . ">\r\nContent-Type: text/plain; charset=utf-8");
47
}
48
/**/
49
+ eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
50
do_action ("ws_plugin__s2member_during_process_list_servers", get_defined_vars ());
51
unset ($__refs, $__v); /* Unset defined __refs, __v. */
52
}
53
/**/
54
+ eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
55
do_action ("ws_plugin__s2member_after_process_list_servers", get_defined_vars ());
56
unset ($__refs, $__v); /* Unset defined __refs, __v. */
57
/**/
69
do_action ("ws_plugin__s2member_before_list_servers_integrated", get_defined_vars ());
70
/**/
71
for ($i = 0; $i <= 4; $i++)
72
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_mailchimp_list_ids"] || $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_aweber_list_ids"])
73
return apply_filters ("ws_plugin__s2member_list_servers_integrated", true, get_defined_vars ());
74
/**/
75
return apply_filters ("ws_plugin__s2member_list_servers_integrated", false, get_defined_vars ());
includes/functions/login-redirection.inc.php CHANGED
@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit ("Do not access this file directly.");
16
/*
17
Function for handling login redirections.
18
Attach to: add_action("wp_login");
@@ -21,7 +21,7 @@ if (!function_exists ("ws_plugin__s2member_login_redirect"))
21
{
22
function ws_plugin__s2member_login_redirect ($username = FALSE)
23
{
24
- eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
25
do_action ("ws_plugin__s2member_before_login_redirect", get_defined_vars ());
26
unset ($__refs, $__v); /* Unset defined __refs, __v. */
27
/**/
@@ -31,31 +31,28 @@ if (!function_exists ("ws_plugin__s2member_login_redirect"))
31
/**/
32
if (!is_object ($user = new WP_User ($username)) || !($user_id = $user->ID) || !$user->has_cap ("edit_posts"))
33
{
34
- eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
35
do_action ("ws_plugin__s2member_during_login_redirect", get_defined_vars ());
36
unset ($__refs, $__v); /* Unset defined __refs, __v. */
37
/**/
38
- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["custom_reg_password"])
39
- if (function_exists ("ws_plugin__s2member_generate_password"))
40
- {
41
- delete_user_setting ("default_password_nag"); /* setcookie() */
42
- update_user_option ($user_id, "default_password_nag", false, true);
43
- }
44
/**/
45
- if (ws_plugin__s2member_ip_restrictions_ok ($_SERVER["REMOTE_ADDR"], strtolower ($username)))
46
{
47
- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"])
48
- wp_redirect (ws_plugin__s2member_fill_login_redirect_rc_vars /* Special. */
49
- ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"], $user));
50
/**/
51
- else /* Otherwise, use the Login Welcome Page for s2Member. */
52
- wp_redirect (get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"]));
53
}
54
/**/
55
exit ();
56
}
57
/**/
58
- eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
59
do_action ("ws_plugin__s2member_after_login_redirect", get_defined_vars ());
60
unset ($__refs, $__v); /* Unset defined __refs, __v. */
61
/**/
@@ -63,26 +60,63 @@ if (!function_exists ("ws_plugin__s2member_login_redirect"))
63
}
64
}
65
/*
66
Function that fills replacement code variables in special redirection URLs.
67
*/
68
if (!function_exists ("ws_plugin__s2member_fill_login_redirect_rc_vars"))
69
{
70
- function ws_plugin__s2member_fill_login_redirect_rc_vars ($url = FALSE, $current_user = FALSE)
71
{
72
- eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
73
do_action ("ws_plugin__s2member_before_fill_login_redirect_rc_vars", get_defined_vars ());
74
unset ($__refs, $__v); /* Unset defined __refs, __v. */
75
/**/
76
- $current_user = (is_object ($current_user)) ? $current_user : wp_get_current_user ();
77
- $current_user_login = (is_object ($current_user)) ? strtolower ($current_user->user_login) : "";
78
- $current_user_ID = (is_object ($current_user)) ? (string)$current_user->ID : "";
79
- $current_user_level = (string)ws_plugin__s2member_user_access_level ($current_user);
80
/**/
81
- $url = preg_replace ("/%%current_user_login%%/i", ws_plugin__s2member_esc_ds ($current_user_login), $url);
82
- $url = preg_replace ("/%%current_user_ID%%/i", ws_plugin__s2member_esc_ds ($current_user_ID), $url);
83
- $url = preg_replace ("/%%current_user_level%%/i", ws_plugin__s2member_esc_ds ($current_user_level), $url);
84
/**/
85
return apply_filters ("ws_plugin__s2member_fill_login_redirect_rc_vars", $url, get_defined_vars ());
86
}
87
}
88
?>
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
+ exit("Do not access this file directly.");
16
/*
17
Function for handling login redirections.
18
Attach to: add_action("wp_login");
21
{
22
function ws_plugin__s2member_login_redirect ($username = FALSE)
23
{
24
+ eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
25
do_action ("ws_plugin__s2member_before_login_redirect", get_defined_vars ());
26
unset ($__refs, $__v); /* Unset defined __refs, __v. */
27
/**/
31
/**/
32
if (!is_object ($user = new WP_User ($username)) || !($user_id = $user->ID) || !$user->has_cap ("edit_posts"))
33
{
34
+ eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
35
do_action ("ws_plugin__s2member_during_login_redirect", get_defined_vars ());
36
unset ($__refs, $__v); /* Unset defined __refs, __v. */
37
/**/
38
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["custom_reg_password"] && function_exists ("ws_plugin__s2member_generate_password"))
39
+ {
40
+ delete_user_setting("default_password_nag"); /* setcookie() */
41
+ update_user_option ($user_id, "default_password_nag", false, true);
42
+ }
43
/**/
44
+ if (strtolower ($username) === "demo" || ws_plugin__s2member_ip_restrictions_ok ($_SERVER["REMOTE_ADDR"], strtolower ($username)))
45
{
46
+ if ($special_redirection_url = ws_plugin__s2member_login_redirection_url ($user))
47
+ wp_redirect($special_redirection_url);
48
/**/
49
+ else wp_redirect(get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"]));
50
}
51
/**/
52
exit ();
53
}
54
/**/
55
+ eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
56
do_action ("ws_plugin__s2member_after_login_redirect", get_defined_vars ());
57
unset ($__refs, $__v); /* Unset defined __refs, __v. */
58
/**/
60
}
61
}
62
/*
63
+ This function formulates a possible ( Special ) Login Redirection URL.
64
+ */
65
+ if (!function_exists ("ws_plugin__s2member_login_redirection_url"))
66
+ {
67
+ function ws_plugin__s2member_login_redirection_url ($user = FALSE)
68
+ {
69
+ eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
70
+ do_action ("ws_plugin__s2member_before_login_redirection_url", get_defined_vars ());
71
+ unset ($__refs, $__v); /* Unset defined __refs, __v. */
72
+ /**/
73
+ $url = ws_plugin__s2member_fill_login_redirect_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"], $user);
74
+ /**/
75
+ return apply_filters ("ws_plugin__s2member_login_redirection_url", $url, get_defined_vars ());
76
+ }
77
+ }
78
+ /*
79
Function that fills replacement code variables in special redirection URLs.
80
*/
81
if (!function_exists ("ws_plugin__s2member_fill_login_redirect_rc_vars"))
82
{
83
+ function ws_plugin__s2member_fill_login_redirect_rc_vars ($url = FALSE, $user = FALSE)
84
{
85
+ eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
86
do_action ("ws_plugin__s2member_before_fill_login_redirect_rc_vars", get_defined_vars ());
87
unset ($__refs, $__v); /* Unset defined __refs, __v. */
88
/**/
89
+ $user = (is_object ($user)) ? $user : wp_get_current_user ();
90
+ $user_login = (is_object ($user)) ? strtolower ($user->user_login) : "";
91
+ $user_id = (is_object ($user)) ? (string)$user->ID : "";
92
+ $user_level = (string)ws_plugin__s2member_user_access_level ($user);
93
/**/
94
+ $url = preg_replace ("/%%current_user_login%%/i", ws_plugin__s2member_esc_ds ($user_login), $url);
95
+ $url = preg_replace ("/%%current_user_id%%/i", ws_plugin__s2member_esc_ds ($user_id), $url);
96
+ $url = preg_replace ("/%%current_user_level%%/i", ws_plugin__s2member_esc_ds ($user_level), $url);
97
/**/
98
return apply_filters ("ws_plugin__s2member_fill_login_redirect_rc_vars", $url, get_defined_vars ());
99
}
100
}
101
+ /*
102
+ Parses the URI out of a possible ( Special ) Login Redirection URL.
103
+ */
104
+ if (!function_exists ("ws_plugin__s2member_login_redirection_uri"))
105
+ {
106
+ function ws_plugin__s2member_login_redirection_uri ($user = FALSE)
107
+ {
108
+ eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
109
+ do_action ("ws_plugin__s2member_before_login_redirection_uri", get_defined_vars ());
110
+ unset ($__refs, $__v); /* Unset defined __refs, __v. */
111
+ /**/
112
+ if ($url = ws_plugin__s2member_login_redirection_url ($user))
113
+ {
114
+ $path = parse_url ($url, PHP_URL_PATH);
115
+ $query = parse_url ($url, PHP_URL_QUERY);
116
+ $uri = ($query) ? $path . "?" . $query : $path;
117
+ }
118
+ /**/
119
+ return apply_filters ("ws_plugin__s2member_login_redirection_uri", $uri, get_defined_vars ());
120
+ }
121
+ }
122
?>
includes/functions/membership-options.inc.php CHANGED
@@ -12,12 +12,16 @@ If not, see: <http://www.gnu.org/licenses/>.
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit ("Do not access this file directly.");
16
/*
17
This forces a redirection to the Membership Options Page for s2Member.
18
This can be used by 3rd party applications that are not aware of which
19
Page is currently set as the Membership Options Page.
20
Attach to: add_action("template_redirect");
21
*/
22
if (!function_exists ("ws_plugin__s2member_membership_options_page"))
23
{
@@ -28,7 +32,7 @@ if (!function_exists ("ws_plugin__s2member_membership_options_page"))
28
if ($_GET["s2member_membership_options_page"] && !is_page ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))
29
{
30
$_GET["s2member_level_req"] = (strlen ($_GET["s2member_level_req"])) ? $_GET["s2member_level_req"] : "0";
31
- wp_redirect (add_query_arg ("s2member_level_req", $_GET["s2member_level_req"], get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
32
exit ();
33
}
34
/**/
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
+ exit("Do not access this file directly.");
16
/*
17
This forces a redirection to the Membership Options Page for s2Member.
18
This can be used by 3rd party applications that are not aware of which
19
Page is currently set as the Membership Options Page.
20
+
21
+ This is used by s2Member's bbPress Bridge integration.
22
+
23
Attach to: add_action("template_redirect");
24
+ Example usage: http://example.com/?s2member_membership_options_page=1
25
*/
26
if (!function_exists ("ws_plugin__s2member_membership_options_page"))
27
{
32
if ($_GET["s2member_membership_options_page"] && !is_page ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))
33
{
34
$_GET["s2member_level_req"] = (strlen ($_GET["s2member_level_req"])) ? $_GET["s2member_level_req"] : "0";
35
+ wp_redirect(add_query_arg ("s2member_level_req", $_GET["s2member_level_req"], get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
36
exit ();
37
}
38
/**/
includes/functions/meta-boxes.inc.php CHANGED
@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit("Do not access this file directly.");
16
/*
17
Function adds meta boxes to Post/Page editing stations.
18
Attach to: add_action("admin_menu");
@@ -40,45 +40,59 @@ if (!function_exists ("ws_plugin__s2member_security_meta_box"))
40
{
41
function ws_plugin__s2member_security_meta_box ($post = FALSE)
42
{
43
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
44
do_action ("ws_plugin__s2member_before_security_meta_box", get_defined_vars ());
45
unset ($__refs, $__v); /* Unset defined __refs, __v. */
46
/**/
47
- if (is_object ($post) && ($post_id = $post->ID) && (($post->post_type === "page" && current_user_can ("edit_page", $post_id)) || current_user_can ("edit_post", $post_id)))
48
{
49
- echo '<input type="hidden" name="ws_plugin__s2member_security_meta_box_save" id="ws-plugin--s2member-security-meta-box-save" value="' . esc_attr (wp_create_nonce ("ws-plugin--s2member-security-meta-box-save")) . '" />' . "\n";
50
- echo '<input type="hidden" name="ws_plugin__s2member_security_meta_box_save_id" id="ws-plugin--s2member-security-meta-box-save-id" value="' . esc_attr ($post_id) . '" />' . "\n";
51
- /**/
52
if ($post->post_type === "page" && ($page_id = $post_id)) /* OK. So we're dealing with a Page classification. */
53
{
54
- $pages["0"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_pages"]);
55
- $pages["1"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_pages"]);
56
- $pages["2"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_pages"]);
57
- $pages["3"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_pages"]);
58
- $pages["4"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_pages"]);
59
- /**/
60
- echo '<p style="margin-left:2px;"><strong>Page Level Restriction?</strong></p>' . "\n";
61
- echo '<label class="screen-reader-text" for="ws-plugin--s2member-security-meta-box-level">Add Level Restriction?</label>' . "\n";
62
- echo '<select name="ws_plugin__s2member_security_meta_box_level" id="ws-plugin--s2member-security-meta-box-level" style="width:99%;">' . "\n";
63
- echo '<option value=""></option>' . "\n"; /* By default, we allow public access to any Post/Page. */
64
- echo ($pages["0"] !== array ("all")) ? '<option value="0"' . ((in_array ($page_id, $pages["0"])) ? ' selected="selected"' : '') . '>Require Level# 0 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #0 ( already protects "all" Pages )</option>';
65
- echo ($pages["1"] !== array ("all")) ? '<option value="1"' . ((in_array ($page_id, $pages["1"])) ? ' selected="selected"' : '') . '>Require Level# 1 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #1 ( already protects "all" Pages )</option>';
66
- echo ($pages["2"] !== array ("all")) ? '<option value="2"' . ((in_array ($page_id, $pages["2"])) ? ' selected="selected"' : '') . '>Require Level# 2 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #2 ( already protects "all" Pages )</option>';
67
- echo ($pages["3"] !== array ("all")) ? '<option value="3"' . ((in_array ($page_id, $pages["3"])) ? ' selected="selected"' : '') . '>Require Level# 3 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #3 ( already protects "all" Pages )</option>';
68
- echo ($pages["4"] !== array ("all")) ? '<option value="4"' . ((in_array ($page_id, $pages["4"])) ? ' selected="selected"' : '') . '>Require Level# 4 ( highest level )</option>' . "\n" : '<option value="" disabled="disabled">Level #4 ( already protects "all" Pages )</option>';
69
- echo '</select><br /><small>* see: <code>General Options -> Page Level Access</code></small>' . "\n";
70
- /**/
71
- if (!is_multisite () || !ws_plugin__s2member_is_multisite_farm () || is_main_site ())
72
- /* ^ Will change once Custom Capabilities are compatible with a Blog Farm. */
73
{
74
- echo '<p style="margin-top:15px; margin-left:2px;"><strong>Require Custom Capabilities?</strong></p>' . "\n";
75
- echo '<label class="screen-reader-text" for="ws-plugin--s2member-security-meta-box-ccaps">Custom Capabilities?</label>' . "\n";
76
- echo '<input type="text" name="ws_plugin__s2member_security_meta_box_ccaps" id="ws-plugin--s2member-security-meta-box-ccaps" value="' . format_to_edit (implode (",", (array)get_post_meta ($page_id, "s2member_ccaps_req", true))) . '" onkeyup="if(this.value.match(/[^a-z_0-9,]/)) this.value = jQuery.trim (jQuery.trim (this.value).replace (/[ \-]/g, \'_\').replace (/[^A-Z_0-9,]/gi, \'\').toLowerCase ());" style="width:99%;" />' . "\n";
77
- echo '<br /><small>* see: <code>API Scripting -> Custom Capabilities</code></small>' . "\n";
78
}
79
}
80
else /* Otherwise, we assume this is a Post, or possibly a Custom Post Type. It's NOT a Page. */
81
{
82
$posts["0"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_posts"]);
83
$posts["1"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_posts"]);
84
$posts["2"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_posts"]);
@@ -89,11 +103,11 @@ if (!function_exists ("ws_plugin__s2member_security_meta_box"))
89
echo '<label class="screen-reader-text" for="ws-plugin--s2member-security-meta-box-level">Add Level Restriction?</label>' . "\n";
90
echo '<select name="ws_plugin__s2member_security_meta_box_level" id="ws-plugin--s2member-security-meta-box-level" style="width:99%;">' . "\n";
91
echo '<option value=""></option>' . "\n"; /* By default, we allow public access to any Post/Page. */
92
- echo ($posts["0"] !== array ("all")) ? '<option value="0"' . ((in_array ($post_id, $posts["0"])) ? ' selected="selected"' : '') . '>Require Level# 0 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #0 ( already protects "all" Posts )</option>';
93
- echo ($posts["1"] !== array ("all")) ? '<option value="1"' . ((in_array ($post_id, $posts["1"])) ? ' selected="selected"' : '') . '>Require Level# 1 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #1 ( already protects "all" Posts )</option>';
94
- echo ($posts["2"] !== array ("all")) ? '<option value="2"' . ((in_array ($post_id, $posts["2"])) ? ' selected="selected"' : '') . '>Require Level# 2 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #2 ( already protects "all" Posts )</option>';
95
- echo ($posts["3"] !== array ("all")) ? '<option value="3"' . ((in_array ($post_id, $posts["3"])) ? ' selected="selected"' : '') . '>Require Level# 3 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #3 ( already protects "all" Posts )</option>';
96
- echo ($posts["4"] !== array ("all")) ? '<option value="4"' . ((in_array ($post_id, $posts["4"])) ? ' selected="selected"' : '') . '>Require Level# 4 ( highest level )</option>' . "\n" : '<option value="" disabled="disabled">Level #4 ( already protects "all" Posts )</option>';
97
echo '</select><br /><small>* see: <code>General Options -> Post Level Access</code></small>' . "\n";
98
/**/
99
if (!is_multisite () || !ws_plugin__s2member_is_multisite_farm () || is_main_site ())
@@ -121,7 +135,7 @@ if (!function_exists ("ws_plugin__s2member_save_meta_boxes"))
121
{
122
function ws_plugin__s2member_save_meta_boxes ($post_id = FALSE)
123
{
124
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
125
do_action ("ws_plugin__s2member_before_save_meta_boxes", get_defined_vars ());
126
unset ($__refs, $__v); /* Unset defined __refs, __v. */
127
/**/
@@ -144,15 +158,15 @@ if (!function_exists ("ws_plugin__s2member_save_meta_boxes"))
144
$pages["4"] = array_unique (preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_pages"]));
145
/**/
146
if (($i = array_search ($page_id, $pages["0"])) !== false) /* Remove $page_id from existing options. */
147
- unset($pages["0"][$i]);
148
else if (($i = array_search ($page_id, $pages["1"])) !== false)
149
- unset($pages["1"][$i]);
150
else if (($i = array_search ($page_id, $pages["2"])) !== false)
151
- unset($pages["2"][$i]);
152
else if (($i = array_search ($page_id, $pages["3"])) !== false)
153
- unset($pages["3"][$i]);
154
else if (($i = array_search ($page_id, $pages["4"])) !== false)
155
- unset($pages["4"][$i]);
156
/**/
157
if (strlen ($_p["ws_plugin__s2member_security_meta_box_level"]) && is_array ($pages[$_p["ws_plugin__s2member_security_meta_box_level"]]))
158
if (!$pages[$_p["ws_plugin__s2member_security_meta_box_level"]] !== array ("all"))
@@ -160,7 +174,7 @@ if (!function_exists ("ws_plugin__s2member_save_meta_boxes"))
160
/**/
161
$new_options = array_merge ((array)$new_options, array ("ws_plugin__s2member_level0_pages" => implode (",", $pages[0]), "ws_plugin__s2member_level1_pages" => implode (",", $pages[1]), "ws_plugin__s2member_level2_pages" => implode (",", $pages[2]), "ws_plugin__s2member_level3_pages" => implode (",", $pages[3]), "ws_plugin__s2member_level4_pages" => implode (",", $pages[4])));
162
/**/
163
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
164
do_action ("ws_plugin__s2member_during_save_meta_boxes", get_defined_vars ());
165
unset ($__refs, $__v); /* Unset defined __refs, __v. */
166
/**/
@@ -179,15 +193,15 @@ if (!function_exists ("ws_plugin__s2member_save_meta_boxes"))
179
$posts["4"] = array_unique (preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_posts"]));
180
/**/
181
if (($i = array_search ($post_id, $posts["0"])) !== false) /* Remove $post_id from existing options. */
182
- unset($posts["0"][$i]);
183
else if (($i = array_search ($post_id, $posts["1"])) !== false)
184
- unset($posts["1"][$i]);
185
else if (($i = array_search ($post_id, $posts["2"])) !== false)
186
- unset($posts["2"][$i]);
187
else if (($i = array_search ($post_id, $posts["3"])) !== false)
188
- unset($posts["3"][$i]);
189
else if (($i = array_search ($post_id, $posts["4"])) !== false)
190
- unset($posts["4"][$i]);
191
/**/
192
if (strlen ($_p["ws_plugin__s2member_security_meta_box_level"]) && is_array ($posts[$_p["ws_plugin__s2member_security_meta_box_level"]]))
193
if (!$posts[$_p["ws_plugin__s2member_security_meta_box_level"]] !== array ("all"))
@@ -195,7 +209,7 @@ if (!function_exists ("ws_plugin__s2member_save_meta_boxes"))
195
/**/
196
$new_options = array_merge ((array)$new_options, array ("ws_plugin__s2member_level0_posts" => implode (",", $posts[0]), "ws_plugin__s2member_level1_posts" => implode (",", $posts[1]), "ws_plugin__s2member_level2_posts" => implode (",", $posts[2]), "ws_plugin__s2member_level3_posts" => implode (",", $posts[3]), "ws_plugin__s2member_level4_posts" => implode (",", $posts[4])));
197
/**/
198
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
199
do_action ("ws_plugin__s2member_during_save_meta_boxes", get_defined_vars ());
200
unset ($__refs, $__v); /* Unset defined __refs, __v. */
201
/**/
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
+ exit ("Do not access this file directly.");
16
/*
17
Function adds meta boxes to Post/Page editing stations.
18
Attach to: add_action("admin_menu");
40
{
41
function ws_plugin__s2member_security_meta_box ($post = FALSE)
42
{
43
+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
44
do_action ("ws_plugin__s2member_before_security_meta_box", get_defined_vars ());
45
unset ($__refs, $__v); /* Unset defined __refs, __v. */
46
/**/
47
+ if (is_object ($post) && ($post_id = $post->ID) && ( ($post->post_type === "page" && current_user_can ("edit_page", $post_id)) || current_user_can ("edit_post", $post_id)))
48
{
49
if ($post->post_type === "page" && ($page_id = $post_id)) /* OK. So we're dealing with a Page classification. */
50
{
51
+ if (!in_array ($page_id, array ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"], $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"], $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"])))
52
{
53
+ echo '<input type="hidden" name="ws_plugin__s2member_security_meta_box_save" id="ws-plugin--s2member-security-meta-box-save" value="' . esc_attr (wp_create_nonce ("ws-plugin--s2member-security-meta-box-save")) . '" />' . "\n";
54
+ echo '<input type="hidden" name="ws_plugin__s2member_security_meta_box_save_id" id="ws-plugin--s2member-security-meta-box-save-id" value="' . esc_attr ($page_id) . '" />' . "\n";
55
+ /**/
56
+ $pages["0"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_pages"]);
57
+ $pages["1"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_pages"]);
58
+ $pages["2"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_pages"]);
59
+ $pages["3"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_pages"]);
60
+ $pages["4"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_pages"]);
61
+ /**/
62
+ echo '<p style="margin-left:2px;"><strong>Page Level Restriction?</strong></p>' . "\n";
63
+ echo '<label class="screen-reader-text" for="ws-plugin--s2member-security-meta-box-level">Add Level Restriction?</label>' . "\n";
64
+ echo '<select name="ws_plugin__s2member_security_meta_box_level" id="ws-plugin--s2member-security-meta-box-level" style="width:99%;">' . "\n";
65
+ echo '<option value=""></option>' . "\n"; /* By default, we allow public access to any Post/Page. */
66
+ echo ($pages["0"] !== array ("all")) ? '<option value="0"' . ( (in_array ($page_id, $pages["0"])) ? ' selected="selected"' : '') . '>Require Level# 0 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #0 ( already protects "all" Pages )</option>';
67
+ echo ($pages["1"] !== array ("all")) ? '<option value="1"' . ( (in_array ($page_id, $pages["1"])) ? ' selected="selected"' : '') . '>Require Level# 1 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #1 ( already protects "all" Pages )</option>';
68
+ echo ($pages["2"] !== array ("all")) ? '<option value="2"' . ( (in_array ($page_id, $pages["2"])) ? ' selected="selected"' : '') . '>Require Level# 2 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #2 ( already protects "all" Pages )</option>';
69
+ echo ($pages["3"] !== array ("all")) ? '<option value="3"' . ( (in_array ($page_id, $pages["3"])) ? ' selected="selected"' : '') . '>Require Level# 3 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #3 ( already protects "all" Pages )</option>';
70
+ echo ($pages["4"] !== array ("all")) ? '<option value="4"' . ( (in_array ($page_id, $pages["4"])) ? ' selected="selected"' : '') . '>Require Level# 4 ( highest level )</option>' . "\n" : '<option value="" disabled="disabled">Level #4 ( already protects "all" Pages )</option>';
71
+ echo '</select><br /><small>* see: <code>General Options -> Page Level Access</code></small>' . "\n";
72
+ /**/
73
+ if (!is_multisite () || !ws_plugin__s2member_is_multisite_farm () || is_main_site ())
74
+ /* ^ Will change once Custom Capabilities are compatible with a Blog Farm. */
75
+ {
76
+ echo '<p style="margin-top:15px; margin-left:2px;"><strong>Require Custom Capabilities?</strong></p>' . "\n";
77
+ echo '<label class="screen-reader-text" for="ws-plugin--s2member-security-meta-box-ccaps">Custom Capabilities?</label>' . "\n";
78
+ echo '<input type="text" name="ws_plugin__s2member_security_meta_box_ccaps" id="ws-plugin--s2member-security-meta-box-ccaps" value="' . format_to_edit (implode (",", (array)get_post_meta ($page_id, "s2member_ccaps_req", true))) . '" onkeyup="if(this.value.match(/[^a-z_0-9,]/)) this.value = jQuery.trim (jQuery.trim (this.value).replace (/[ \-]/g, \'_\').replace (/[^A-Z_0-9,]/gi, \'\').toLowerCase ());" style="width:99%;" />' . "\n";
79
+ echo '<br /><small>* see: <code>API Scripting -> Custom Capabilities</code></small>' . "\n";
80
+ }
81
}
82
+ else if ($page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
83
+ echo 'This Page is your:<br /><strong>Membership Options Page</strong><br />( always publicly available )';
84
+ /**/
85
+ else if ($page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"])
86
+ echo 'This Page is your:<br /><strong>Login Welcome Page</strong><br />( automatically guarded by s2Member )';
87
+ /**/
88
+ else if ($page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"])
89
+ echo 'This Page is your:<br /><strong>Download Limit Exceeded Page</strong><br />( automatically guarded by s2Member )';
90
}
91
else /* Otherwise, we assume this is a Post, or possibly a Custom Post Type. It's NOT a Page. */
92
{
93
+ echo '<input type="hidden" name="ws_plugin__s2member_security_meta_box_save" id="ws-plugin--s2member-security-meta-box-save" value="' . esc_attr (wp_create_nonce ("ws-plugin--s2member-security-meta-box-save")) . '" />' . "\n";
94
+ echo '<input type="hidden" name="ws_plugin__s2member_security_meta_box_save_id" id="ws-plugin--s2member-security-meta-box-save-id" value="' . esc_attr ($post_id) . '" />' . "\n";
95
+ /**/
96
$posts["0"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_posts"]);
97
$posts["1"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_posts"]);
98
$posts["2"] = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_posts"]);
103
echo '<label class="screen-reader-text" for="ws-plugin--s2member-security-meta-box-level">Add Level Restriction?</label>' . "\n";
104
echo '<select name="ws_plugin__s2member_security_meta_box_level" id="ws-plugin--s2member-security-meta-box-level" style="width:99%;">' . "\n";
105
echo '<option value=""></option>' . "\n"; /* By default, we allow public access to any Post/Page. */
106
+ echo ($posts["0"] !== array ("all")) ? '<option value="0"' . ( (in_array ($post_id, $posts["0"])) ? ' selected="selected"' : '') . '>Require Level# 0 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #0 ( already protects "all" Posts )</option>';
107
+ echo ($posts["1"] !== array ("all")) ? '<option value="1"' . ( (in_array ($post_id, $posts["1"])) ? ' selected="selected"' : '') . '>Require Level# 1 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #1 ( already protects "all" Posts )</option>';
108
+ echo ($posts["2"] !== array ("all")) ? '<option value="2"' . ( (in_array ($post_id, $posts["2"])) ? ' selected="selected"' : '') . '>Require Level# 2 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #2 ( already protects "all" Posts )</option>';
109
+ echo ($posts["3"] !== array ("all")) ? '<option value="3"' . ( (in_array ($post_id, $posts["3"])) ? ' selected="selected"' : '') . '>Require Level# 3 ( or higher )</option>' . "\n" : '<option value="" disabled="disabled">Level #3 ( already protects "all" Posts )</option>';
110
+ echo ($posts["4"] !== array ("all")) ? '<option value="4"' . ( (in_array ($post_id, $posts["4"])) ? ' selected="selected"' : '') . '>Require Level# 4 ( highest level )</option>' . "\n" : '<option value="" disabled="disabled">Level #4 ( already protects "all" Posts )</option>';
111
echo '</select><br /><small>* see: <code>General Options -> Post Level Access</code></small>' . "\n";
112
/**/
113
if (!is_multisite () || !ws_plugin__s2member_is_multisite_farm () || is_main_site ())
135
{
136
function ws_plugin__s2member_save_meta_boxes ($post_id = FALSE)
137
{
138
+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
139
do_action ("ws_plugin__s2member_before_save_meta_boxes", get_defined_vars ());
140
unset ($__refs, $__v); /* Unset defined __refs, __v. */
141
/**/
158
$pages["4"] = array_unique (preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_pages"]));
159
/**/
160
if (($i = array_search ($page_id, $pages["0"])) !== false) /* Remove $page_id from existing options. */
161
+ unset ($pages["0"][$i]);
162
else if (($i = array_search ($page_id, $pages["1"])) !== false)
163
+ unset ($pages["1"][$i]);
164
else if (($i = array_search ($page_id, $pages["2"])) !== false)
165
+ unset ($pages["2"][$i]);
166
else if (($i = array_search ($page_id, $pages["3"])) !== false)
167
+ unset ($pages["3"][$i]);
168
else if (($i = array_search ($page_id, $pages["4"])) !== false)
169
+ unset ($pages["4"][$i]);
170
/**/
171
if (strlen ($_p["ws_plugin__s2member_security_meta_box_level"]) && is_array ($pages[$_p["ws_plugin__s2member_security_meta_box_level"]]))
172
if (!$pages[$_p["ws_plugin__s2member_security_meta_box_level"]] !== array ("all"))
174
/**/
175
$new_options = array_merge ((array)$new_options, array ("ws_plugin__s2member_level0_pages" => implode (",", $pages[0]), "ws_plugin__s2member_level1_pages" => implode (",", $pages[1]), "ws_plugin__s2member_level2_pages" => implode (",", $pages[2]), "ws_plugin__s2member_level3_pages" => implode (",", $pages[3]), "ws_plugin__s2member_level4_pages" => implode (",", $pages[4])));
176
/**/
177
+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
178
do_action ("ws_plugin__s2member_during_save_meta_boxes", get_defined_vars ());
179
unset ($__refs, $__v); /* Unset defined __refs, __v. */
180
/**/
193
$posts["4"] = array_unique (preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_posts"]));
194
/**/
195
if (($i = array_search ($post_id, $posts["0"])) !== false) /* Remove $post_id from existing options. */
196
+ unset ($posts["0"][$i]);
197
else if (($i = array_search ($post_id, $posts["1"])) !== false)
198
+ unset ($posts["1"][$i]);
199
else if (($i = array_search ($post_id, $posts["2"])) !== false)
200
+ unset ($posts["2"][$i]);
201
else if (($i = array_search ($post_id, $posts["3"])) !== false)
202
+ unset ($posts["3"][$i]);
203
else if (($i = array_search ($post_id, $posts["4"])) !== false)
204
+ unset ($posts["4"][$i]);
205
/**/
206
if (strlen ($_p["ws_plugin__s2member_security_meta_box_level"]) && is_array ($posts[$_p["ws_plugin__s2member_security_meta_box_level"]]))
207
if (!$posts[$_p["ws_plugin__s2member_security_meta_box_level"]] !== array ("all"))
209
/**/
210
$new_options = array_merge ((array)$new_options, array ("ws_plugin__s2member_level0_posts" => implode (",", $posts[0]), "ws_plugin__s2member_level1_posts" => implode (",", $posts[1]), "ws_plugin__s2member_level2_posts" => implode (",", $posts[2]), "ws_plugin__s2member_level3_posts" => implode (",", $posts[3]), "ws_plugin__s2member_level4_posts" => implode (",", $posts[4])));
211
/**/
212
+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
213
do_action ("ws_plugin__s2member_during_save_meta_boxes", get_defined_vars ());
214
unset ($__refs, $__v); /* Unset defined __refs, __v. */
215
/**/
includes/functions/ms-meta-caps.inc.php CHANGED
@@ -33,6 +33,7 @@ if (!function_exists ("ws_plugin__s2member_ms_map_meta_cap"))
33
$caps = array ($map[$cap]);
34
}
35
}
36
return apply_filters ("ws_plugin__s2member_ms_map_meta_cap", $caps, get_defined_vars ());
37
}
38
}
@@ -54,6 +55,7 @@ if (!function_exists ("ws_plugin__s2member_ms_allow_edits"))
54
{
55
$allow = true; /* Yes, allow editing. */
56
}
57
return apply_filters ("ws_plugin__s2member_ms_allow_edits", $allow, get_defined_vars ());
58
}
59
}
33
$caps = array ($map[$cap]);
34
}
35
}
36
+ /**/
37
return apply_filters ("ws_plugin__s2member_ms_map_meta_cap", $caps, get_defined_vars ());
38
}
39
}
55
{
56
$allow = true; /* Yes, allow editing. */
57
}
58
+ /**/
59
return apply_filters ("ws_plugin__s2member_ms_allow_edits", $allow, get_defined_vars ());
60
}
61
}
includes/functions/nocache.inc.php CHANGED
@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit("Do not access this file directly.");
16
/*
17
Handles no-cache headers and compatible constants for s2Member.
18
This is compatible with Quick Cache and also with WP Super Cache.
@@ -60,14 +60,18 @@ if (!function_exists ("ws_plugin__s2member_nocache_constants"))
60
{
61
function ws_plugin__s2member_nocache_constants ($nocache = FALSE)
62
{
63
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
64
do_action ("ws_plugin__s2member_before_nocache_constants", get_defined_vars ());
65
unset ($__refs, $__v); /* Unset defined __refs, __v. */
66
/**/
67
- if (!$_GET["qcAC"] && ($nocache || is_user_logged_in () || (preg_match ("/^s2member/", $_SERVER["QUERY_STRING"]) && (parse_url ($_SERVER["REQUEST_URI"], PHP_URL_PATH) === "/" || parse_url (rtrim ($_SERVER["REQUEST_URI"], "/"), PHP_URL_PATH) === parse_url (rtrim (get_bloginfo ("wpurl"), "/"), PHP_URL_PATH)))))
68
{
69
define ("QUICK_CACHE_ALLOWED", false) . define ("DONOTCACHEPAGE", true);
70
/**/
71
do_action ("ws_plugin__s2member_during_nocache_constants", get_defined_vars ());
72
}
73
/**/
@@ -86,9 +90,11 @@ if (!function_exists ("ws_plugin__s2member_nocache_headers"))
86
{
87
function ws_plugin__s2member_nocache_headers () /* Cache-Control header. */
88
{
89
do_action ("ws_plugin__s2member_before_nocache_headers", get_defined_vars ());
90
/**/
91
- if (!$_GET["qcABC"]) /* Always obey the Quick Cache plugin. */
92
{
93
if (is_array ($headers = headers_list ()))
94
foreach ($headers as $k => $header)
@@ -98,6 +104,8 @@ if (!function_exists ("ws_plugin__s2member_nocache_headers"))
98
if (!$no_cache_already_sent)
99
nocache_headers ();
100
/**/
101
do_action ("ws_plugin__s2member_during_nocache_headers", get_defined_vars ());
102
}
103
/**/
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
+ exit ("Do not access this file directly.");
16
/*
17
Handles no-cache headers and compatible constants for s2Member.
18
This is compatible with Quick Cache and also with WP Super Cache.
60
{
61
function ws_plugin__s2member_nocache_constants ($nocache = FALSE)
62
{
63
+ static $once; /* We only need to set these Constants once. */
64
+ /**/
65
+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
66
do_action ("ws_plugin__s2member_before_nocache_constants", get_defined_vars ());
67
unset ($__refs, $__v); /* Unset defined __refs, __v. */
68
/**/
69
+ if (!$once && !$_GET["qcAC"] && ($nocache || is_user_logged_in () || (preg_match ("/^s2member/", $_SERVER["QUERY_STRING"]) && (parse_url ($_SERVER["REQUEST_URI"], PHP_URL_PATH) === "/" || parse_url (rtrim ($_SERVER["REQUEST_URI"], "/"), PHP_URL_PATH) === parse_url (rtrim (get_bloginfo ("wpurl"), "/"), PHP_URL_PATH)))))
70
{
71
define ("QUICK_CACHE_ALLOWED", false) . define ("DONOTCACHEPAGE", true);
72
/**/
73
+ $once = true; /* Only need to set these Constants one time. */
74
+ /**/
75
do_action ("ws_plugin__s2member_during_nocache_constants", get_defined_vars ());
76
}
77
/**/
90
{
91
function ws_plugin__s2member_nocache_headers () /* Cache-Control header. */
92
{
93
+ static $once; /* We only need to set these headers one time. */
94
+ /**/
95
do_action ("ws_plugin__s2member_before_nocache_headers", get_defined_vars ());
96
/**/
97
+ if (!$once && !$_GET["qcABC"]) /* Obey Quick Cache. */
98
{
99
if (is_array ($headers = headers_list ()))
100
foreach ($headers as $k => $header)
104
if (!$no_cache_already_sent)
105
nocache_headers ();
106
/**/
107
+ $once = true; /* Only need to set these headers once. */
108
+ /**/
109
do_action ("ws_plugin__s2member_during_nocache_headers", get_defined_vars ());
110
}
111
/**/
includes/functions/page-level-access.inc.php CHANGED
@@ -12,76 +12,110 @@ If not, see: <http://www.gnu.org/licenses/>.
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit("Do not access this file directly.");
16
/*
17
Function for handling Page Level Access permissions.
18
- Attach to: add_action("template_redirect");
19
*/
20
if (!function_exists ("ws_plugin__s2member_check_page_level_access"))
21
{
22
function ws_plugin__s2member_check_page_level_access ()
23
{
24
- global $post; /* get_the_ID() not yet available here. */
25
/**/
26
do_action ("ws_plugin__s2member_before_check_page_level_access", get_defined_vars ());
27
/**/
28
$excluded = apply_filters ("ws_plugin__s2member_check_page_level_access_excluded", false, get_defined_vars ());
29
/**/
30
- if (!$excluded && is_page () && is_object ($post) && ($page_ID = $post->ID) && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
31
{
32
$current_user = (is_user_logged_in ()) ? wp_get_current_user () : false; /* Get the current User's object. */
33
/**/
34
- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && $page_ID == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && $page_ID != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"] && wp_redirect (add_query_arg ("s2member_level_req", "0", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
35
- exit ();
36
- /**/
37
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_override = ws_plugin__s2member_fill_login_redirect_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"])) && ($login_redirect_path = parse_url ($login_redirection_override, PHP_URL_PATH)) !== "nill" && ($login_redirect_query = parse_url ($login_redirection_override, PHP_URL_QUERY)) !== "nill" && ($login_redirect_uri = (($login_redirect_query) ? $login_redirect_path . "?" . $login_redirect_query : $login_redirect_path)) && preg_match ("/^" . preg_quote ($login_redirect_uri, "/") . "#x2F;", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && $page_ID != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"] && wp_redirect (add_query_arg ("s2member_level_req", "0", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
38
- exit ();
39
- /**/
40
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && $page_ID == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && $page_ID != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"] && wp_redirect (add_query_arg ("s2member_level_req", "0", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
41
- exit ();
42
- /**/
43
- else if (!ws_plugin__s2member_is_systematic_use_page ()) /* Never restrict systematic use pages. Except for the two pages above ^. They MUST be protected at all times. */
44
{
45
- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_pages"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && wp_redirect (add_query_arg ("s2member_level_req", "0", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
46
- exit ();
47
- /**/
48
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_pages"] && in_array ($page_ID, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level0_pages"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && wp_redirect (add_query_arg ("s2member_level_req", "0", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
49
- exit ();
50
- /**/
51
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_pages"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level1")) && wp_redirect (add_query_arg ("s2member_level_req", "1", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
52
- exit ();
53
- /**/
54
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_pages"] && in_array ($page_ID, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level1_pages"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level1")) && wp_redirect (add_query_arg ("s2member_level_req", "1", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
55
- exit ();
56
- /**/
57
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_pages"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level2")) && wp_redirect (add_query_arg ("s2member_level_req", "2", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
58
- exit ();
59
- /**/
60
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_pages"] && in_array ($page_ID, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level2_pages"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level2")) && wp_redirect (add_query_arg ("s2member_level_req", "2", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
61
- exit ();
62
- /**/
63
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_pages"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level3")) && wp_redirect (add_query_arg ("s2member_level_req", "3", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
64
- exit ();
65
- /**/
66
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_pages"] && in_array ($page_ID, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level3_pages"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level3")) && wp_redirect (add_query_arg ("s2member_level_req", "3", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
67
- exit ();
68
- /**/
69
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_pages"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level4")) && wp_redirect (add_query_arg ("s2member_level_req", "4", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
70
- exit ();
71
/**/
72
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_pages"] && in_array ($page_ID, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_pages"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level4")) && wp_redirect (add_query_arg ("s2member_level_req", "4", get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
73
- exit ();
74
/**/
75
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["specific_ids"] && in_array ($page_ID, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["specific_ids"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && !ws_plugin__s2member_sp_access ($page_ID) && wp_redirect (add_query_arg ("s2member_sp_req", $page_ID, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
76
- exit ();
77
/**/
78
- else if (is_array ($ccaps_req = get_post_meta ($page_ID, "s2member_ccaps_req", true))) /* Check for per Post Custom Capability requirements. */
79
- foreach ($ccaps_req as $ccap) /* The $current_user MUST satisfy ALL Custom Capability requirements. These are all stored as a serialized array. */
80
if (strlen ($ccap) && (!$current_user || !$current_user->has_cap ("access_s2member_ccap_" . $ccap)))
81
{
82
- wp_redirect(add_query_arg ("s2member_ccap_req", $ccap, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
83
exit ();
84
}
85
}
86
/**/
87
do_action ("ws_plugin__s2member_during_check_page_level_access", get_defined_vars ());
@@ -89,7 +123,94 @@ if (!function_exists ("ws_plugin__s2member_check_page_level_access"))
89
/**/
90
do_action ("ws_plugin__s2member_after_check_page_level_access", get_defined_vars ());
91
/**/
92
- return;
93
}
94
}
95
?>
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
+ exit ("Do not access this file directly.");
16
/*
17
Function for handling Page Level Access permissions.
18
+
19
+ Don't call this function directly, use one of these API functions:
20
+
21
+ Is it protected by s2Member at all?
22
+ - is_page_protected_by_s2member($page_id);
23
+ - is_protected_by_s2member($page_id, "page");
24
+
25
+ Is the current User permitted/authorized?
26
+ - is_page_permitted_by_s2member($page_id);
27
+ - is_permitted_by_s2member($page_id, "page");
28
+
29
+ see: `/s2member/includes/functions/api-functions.inc.php`.
30
*/
31
if (!function_exists ("ws_plugin__s2member_check_page_level_access"))
32
{
33
function ws_plugin__s2member_check_page_level_access ()
34
{
35
+ global $post; /* get_the_ID() unavailable outside The Loop. */
36
/**/
37
do_action ("ws_plugin__s2member_before_check_page_level_access", get_defined_vars ());
38
/**/
39
$excluded = apply_filters ("ws_plugin__s2member_check_page_level_access_excluded", false, get_defined_vars ());
40
/**/
41
+ if (!$excluded && is_page () && is_object ($post) && ($page_id = $post->ID) && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
42
{
43
$current_user = (is_user_logged_in ()) ? wp_get_current_user () : false; /* Get the current User's object. */
44
/**/
45
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
46
{
47
+ wp_redirect (add_query_arg ("s2member_level_req", 0, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
48
+ exit ();
49
+ }
50
+ else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_uri = ws_plugin__s2member_login_redirection_uri ($current_user)) && preg_match ("/^" . preg_quote ($login_redirection_uri, "/") . "#x2F;", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
51
+ {
52
+ wp_redirect (add_query_arg ("s2member_level_req", 0, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
53
+ exit ();
54
+ }
55
+ else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
56
+ {
57
+ wp_redirect (add_query_arg ("s2member_level_req", 0, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
58
+ exit ();
59
+ }
60
+ else if (!ws_plugin__s2member_is_systematic_use_page ()) /* Never restrict Systematic Use Pages. However, there are 3 exceptions above ^. */
61
+ {
62
+ for ($i = 0; $i <= 4; $i++) /* Page Level restrictions. Go through each Membership Level. */
63
+ {
64
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
65
+ {
66
+ wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
67
+ exit ();
68
+ }
69
+ /**/
70
+ else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"] && in_array ($page_id, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
71
+ {
72
+ wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
73
+ exit ();
74
+ }
75
+ }
76
/**/
77
+ if (has_tag ()) /* Here we take a look to see if this Page has any Tags. If so, we need to run the full set of routines against Tags also. */
78
+ {
79
+ for ($i = 0; $i <= 4; $i++) /* Tag Level restrictions ( possibly through Page Tagger ). Go through each Membership Level. */
80
+ {
81
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
82
+ {
83
+ wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
84
+ exit ();
85
+ }
86
+ /**/
87
+ else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"] && has_tag (preg_split ("/[\r\n\t;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
88
+ {
89
+ wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
90
+ exit ();
91
+ }
92
+ }
93
+ }
94
/**/
95
+ for ($i = 0; $i <= 4; $i++) /* URIs. Go through each Membership Level. */
96
+ {
97
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ruris"])
98
+ foreach (preg_split ("/[\r\n\t]+/", ws_plugin__s2member_fill_ruri_level_access_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ruris"], $current_user)) as $str)
99
+ if ($str && preg_match ("/" . preg_quote ($str, "/") . "/", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
100
+ {
101
+ wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
102
+ exit ();
103
+ }
104
+ }
105
/**/
106
+ if (is_array ($ccaps_req = get_post_meta ($page_id, "s2member_ccaps_req", true)) && ws_plugin__s2member_nocache_constants (true) !== "nill")
107
+ foreach ($ccaps_req as $ccap) /* The $current_user MUST satisfy ALL Custom Capability requirements. Stored as a serialized array. */
108
if (strlen ($ccap) && (!$current_user || !$current_user->has_cap ("access_s2member_ccap_" . $ccap)))
109
{
110
+ wp_redirect (add_query_arg ("s2member_ccap_req", $ccap, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
111
exit ();
112
}
113
+ /**/
114
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["specific_ids"] && in_array ($page_id, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["specific_ids"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && !ws_plugin__s2member_sp_access ($page_id))
115
+ {
116
+ wp_redirect (add_query_arg ("s2member_sp_req", $page_id, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
117
+ exit ();
118
+ }
119
}
120
/**/
121
do_action ("ws_plugin__s2member_during_check_page_level_access", get_defined_vars ());
123
/**/
124
do_action ("ws_plugin__s2member_after_check_page_level_access", get_defined_vars ());
125
/**/
126
+ return; /* For uniformity. */
127
+ }
128
+ }
129
+ /*
130
+ Function checks Page Level Access permissions - for a specific Page.
131
+
132
+ Don't call this function directly, use one of these API functions:
133
+
134
+ Is it protected by s2Member at all?
135
+ - is_page_protected_by_s2member($page_id);
136
+ - is_protected_by_s2member($page_id, "page");
137
+
138
+ Is the current User permitted/authorized?
139
+ - is_page_permitted_by_s2member($page_id);
140
+ - is_permitted_by_s2member($page_id, "page");
141
+
142
+ see: `/s2member/includes/functions/api-functions.inc.php`.
143
+ */
144
+ if (!function_exists ("ws_plugin__s2member_check_specific_page_level_access"))
145
+ {
146
+ function ws_plugin__s2member_check_specific_page_level_access ($page_id = FALSE, $check_user = TRUE)
147
+ {
148
+ do_action ("ws_plugin__s2member_before_check_specific_page_level_access", get_defined_vars ());
149
+ /**/
150
+ $excluded = apply_filters ("ws_plugin__s2member_check_specific_page_level_access_excluded", false, get_defined_vars ());
151
+ /**/
152
+ if (!$excluded && $page_id && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]) /* Check? */
153
+ {
154
+ $page_link = get_page_link ($page_id); /* Determine link to this Page. */
155
+ $page_path = parse_url ($page_link, PHP_URL_PATH); /* Parse req path. */
156
+ $page_query = parse_url ($page_link, PHP_URL_QUERY); /* Parse query. */
157
+ $page_uri = ($page_query) ? $page_path . "?" . $page_query : $page_path;
158
+ /**/
159
+ $current_user = (is_user_logged_in ()) ? wp_get_current_user () : false; /* Get the current User's object. */
160
+ /**/
161
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && (!$check_user || !$current_user || !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
162
+ return apply_filters ("ws_plugin__s2member_check_specific_page_level_access", array ("s2member_level_req" => 0), get_defined_vars ());
163
+ /**/
164
+ else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_uri = ws_plugin__s2member_login_redirection_uri ($current_user)) && preg_match ("/^" . preg_quote ($login_redirection_uri, "/") . "#x2F;", $page_uri) && (!$check_user || !$current_user || !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
165
+ return apply_filters ("ws_plugin__s2member_check_specific_page_level_access", array ("s2member_level_req" => 0), get_defined_vars ());
166
+ /**/
167
+ else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && (!$check_user || !$current_user || !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
168
+ return apply_filters ("ws_plugin__s2member_check_specific_page_level_access", array ("s2member_level_req" => 0), get_defined_vars ());
169
+