Temporary Login Without Password - Version 1.5.15

Version Description

Download this release

Release Info

Developer storeapps
Plugin Icon 128x128 Temporary Login Without Password
Version 1.5.15
Comparing to
See all releases

Code changes from version 1.5.14 to 1.5.15

Files changed (4) hide show
  1. includes/class-wp-temporary-login-without-password-common.php +5 -0
  2. public/class-wp-temporary-login-without-password-public.php +11 -11
  3. readme.txt +6 -2
  4. temporary-login-without-password.php +2 -2
includes/class-wp-temporary-login-without-password-common.php CHANGED
@@ -878,6 +878,11 @@ class Wp_Temporary_Login_Without_Password_Common {
878
  */
879
  public static function can_ask_for_review( $current_user_id ) {
880
 
 
 
 
 
 
881
  $tlwp_nobug = get_user_meta( $current_user_id, 'tlwp_no_bug', true );
882
  $no_bug_days_before = 1;
883
  $tlwp_nobug_no_time = get_user_meta( $current_user_id, 'tlwp_no_bug_time', true );
878
  */
879
  public static function can_ask_for_review( $current_user_id ) {
880
 
881
+ // Don't show 5 star review notice to temporary user
882
+ if(!empty($current_user_id) && self::is_valid_temporary_login( $current_user_id )) {
883
+ return false;
884
+ }
885
+
886
  $tlwp_nobug = get_user_meta( $current_user_id, 'tlwp_no_bug', true );
887
  $no_bug_days_before = 1;
888
  $tlwp_nobug_no_time = get_user_meta( $current_user_id, 'tlwp_no_bug_time', true );
public/class-wp-temporary-login-without-password-public.php CHANGED
@@ -69,30 +69,30 @@ class Wp_Temporary_Login_Without_Password_Public {
69
  */
70
  public function init_wtlwp() {
71
 
72
- if(! empty($_GET['wtlwp_token'] )) {
73
 
74
  $wtlwp_token = sanitize_key( $_GET['wtlwp_token'] ); // Input var okay.
75
  $users = Wp_Temporary_Login_Without_Password_Common::get_valid_user_based_on_wtlwp_token( $wtlwp_token );
76
 
77
  $temporary_user = '';
78
- if( !empty($users)) {
79
  $temporary_user = $users[0];
80
  }
81
 
82
- if(!empty($temporary_user)) {
83
 
84
  $temporary_user_id = $temporary_user->ID;
85
- $do_login = true;
86
- if(is_user_logged_in()) {
87
  $current_user_id = get_current_user_id();
88
- if($temporary_user_id !== $current_user_id) {
89
  wp_logout();
90
  } else {
91
  $do_login = false;
92
  }
93
  }
94
 
95
- if($do_login) {
96
  $temporary_user_login = $temporary_user->login;
97
  update_user_meta( $temporary_user_id, '_wtlwp_last_login', Wp_Temporary_Login_Without_Password_Common::get_current_gmt_timestamp() ); // phpcs:ignore
98
  wp_set_current_user( $temporary_user_id, $temporary_user_login );
@@ -101,7 +101,7 @@ class Wp_Temporary_Login_Without_Password_Public {
101
  do_action( 'wp_login', $temporary_user_login, $temporary_user );
102
  }
103
 
104
- $redirect_to_url = (isset( $_REQUEST['redirect_to'])) ? $_REQUEST['redirect_to'] : apply_filters( 'login_redirect', site_url(remove_query_arg('wtlwp_token')), false, $temporary_user ); // phpcs:ignore
105
 
106
  // If empty redirect user to admin page.
107
  if ( ! empty( $redirect_to_url ) ) {
@@ -133,7 +133,7 @@ class Wp_Temporary_Login_Without_Password_Public {
133
  $bloked_pages = Wp_Temporary_Login_Without_Password_Common::get_blocked_pages();
134
  $page = ! empty( $_GET['page'] ) ? $_GET['page'] : ''; //phpcs:ignore
135
 
136
- if ( ! empty( $page ) && in_array( $page, $bloked_pages) || ( ! empty( $pagenow ) && ( in_array( $pagenow, $bloked_pages ) ) ) || ( ! empty( $pagenow ) && ( 'users.php' === $pagenow && isset( $_GET['action'] ) && ( 'deleteuser' === $_GET['action'] || 'delete' === $_GET['action'] ) ) ) ) { //phpcs:ignore
137
  wp_die( esc_attr__( "You don't have permission to access this page", 'temporary-login-without-password' ) );
138
  }
139
 
@@ -147,7 +147,7 @@ class Wp_Temporary_Login_Without_Password_Public {
147
  * Hooked to wp_authenticate_user filter to disable login for temporary user using username/email and password
148
  *
149
  * @param WP_User $user WP_User object.
150
- * @param string $password password of a user.
151
  *
152
  * @return \WP_Error
153
  */
@@ -170,7 +170,7 @@ class Wp_Temporary_Login_Without_Password_Public {
170
  * Hooked to allow_password_reset filter to disable reset password for temporary user
171
  *
172
  * @param boolean $allow allow to reset password.
173
- * @param int $user_id user_id of a user.
174
  *
175
  * @return boolean
176
  */
69
  */
70
  public function init_wtlwp() {
71
 
72
+ if ( ! empty( $_GET['wtlwp_token'] ) ) {
73
 
74
  $wtlwp_token = sanitize_key( $_GET['wtlwp_token'] ); // Input var okay.
75
  $users = Wp_Temporary_Login_Without_Password_Common::get_valid_user_based_on_wtlwp_token( $wtlwp_token );
76
 
77
  $temporary_user = '';
78
+ if ( ! empty( $users ) ) {
79
  $temporary_user = $users[0];
80
  }
81
 
82
+ if ( ! empty( $temporary_user ) ) {
83
 
84
  $temporary_user_id = $temporary_user->ID;
85
+ $do_login = true;
86
+ if ( is_user_logged_in() ) {
87
  $current_user_id = get_current_user_id();
88
+ if ( $temporary_user_id !== $current_user_id ) {
89
  wp_logout();
90
  } else {
91
  $do_login = false;
92
  }
93
  }
94
 
95
+ if ( $do_login ) {
96
  $temporary_user_login = $temporary_user->login;
97
  update_user_meta( $temporary_user_id, '_wtlwp_last_login', Wp_Temporary_Login_Without_Password_Common::get_current_gmt_timestamp() ); // phpcs:ignore
98
  wp_set_current_user( $temporary_user_id, $temporary_user_login );
101
  do_action( 'wp_login', $temporary_user_login, $temporary_user );
102
  }
103
 
104
+ $redirect_to_url = ( isset( $_REQUEST['redirect_to'] ) ) ? $_REQUEST['redirect_to'] : apply_filters( 'login_redirect', network_site_url( remove_query_arg( 'wtlwp_token' ) ), false, $temporary_user ); // phpcs:ignore
105
 
106
  // If empty redirect user to admin page.
107
  if ( ! empty( $redirect_to_url ) ) {
133
  $bloked_pages = Wp_Temporary_Login_Without_Password_Common::get_blocked_pages();
134
  $page = ! empty( $_GET['page'] ) ? $_GET['page'] : ''; //phpcs:ignore
135
 
136
+ if ( ! empty( $page ) && in_array( $page, $bloked_pages ) || ( ! empty( $pagenow ) && ( in_array( $pagenow, $bloked_pages ) ) ) || ( ! empty( $pagenow ) && ( 'users.php' === $pagenow && isset( $_GET['action'] ) && ( 'deleteuser' === $_GET['action'] || 'delete' === $_GET['action'] ) ) ) ) { //phpcs:ignore
137
  wp_die( esc_attr__( "You don't have permission to access this page", 'temporary-login-without-password' ) );
138
  }
139
 
147
  * Hooked to wp_authenticate_user filter to disable login for temporary user using username/email and password
148
  *
149
  * @param WP_User $user WP_User object.
150
+ * @param string $password password of a user.
151
  *
152
  * @return \WP_Error
153
  */
170
  * Hooked to allow_password_reset filter to disable reset password for temporary user
171
  *
172
  * @param boolean $allow allow to reset password.
173
+ * @param int $user_id user_id of a user.
174
  *
175
  * @return boolean
176
  */
readme.txt CHANGED
@@ -3,8 +3,8 @@ Contributors: storeapps, niravmehta, malayladu
3
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=CPTHCDC382KVA
4
  Tags: temporary access, developer access, admin login, temporary login, passwordless login, customer login, secure login, access, admin, log in, login, login security, protection, user login, user login, wordpress admin login, wordpress login, wp-admin, wp-login, expiration, login, Login Without Password, user, WordPress Admin, wp-admin, developer login
5
  Requires at least: 3.0.1
6
- Tested up to: 5.0.3
7
- Stable tag: 1.5.14
8
  License: GPLv3
9
  License URI: http://www.gnu.org/licenses/gpl-3.0.html
10
 
@@ -67,6 +67,10 @@ No. at this moment it's not possible to do this.
67
 
68
  == Changelog ==
69
 
 
 
 
 
70
  **1.5.14 [2019-01-14]**
71
 
72
  * Update: Added System info page and allow temporary user to access system info page
3
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=CPTHCDC382KVA
4
  Tags: temporary access, developer access, admin login, temporary login, passwordless login, customer login, secure login, access, admin, log in, login, login security, protection, user login, user login, wordpress admin login, wordpress login, wp-admin, wp-login, expiration, login, Login Without Password, user, WordPress Admin, wp-admin, developer login
5
  Requires at least: 3.0.1
6
+ Tested up to: 5.1
7
+ Stable tag: 1.5.15
8
  License: GPLv3
9
  License URI: http://www.gnu.org/licenses/gpl-3.0.html
10
 
67
 
68
  == Changelog ==
69
 
70
+ **1.5.15 [2019-03-08]**
71
+
72
+ * Fix: Redirection after login gives "404 error" error on sub-site of WordPress multisite installation. (Thanks [@csigncsign](https://wordpress.org/support/users/csigncsign/) for reporting this.)
73
+
74
  **1.5.14 [2019-01-14]**
75
 
76
  * Update: Added System info page and allow temporary user to access system info page
temporary-login-without-password.php CHANGED
@@ -3,7 +3,7 @@
3
  * Plugin Name: Temporary Login Without Password
4
  * Plugin URI: http://www.storeapps.org/create-secure-login-without-password-for-wordpress/
5
  * Description: Create a temporary login link with any role using which one can access to your sytem without username and password for limited period of time.
6
- * Version: 1.5.14
7
  * Author: StoreApps
8
  * Author URI: https://storeapps.org
9
  * Requires at least: 3.0.1
@@ -26,7 +26,7 @@ if ( ! defined( 'WPINC' ) ) {
26
  * Define constants
27
  */
28
  define( 'WTLWP_PLUGIN_DIR', dirname( __FILE__ ) );
29
- define( 'WTLWP_PLUGIN_VERSION', '1.5.14' );
30
  define( 'WTLWP_PLUGIN_BASE_NAME', plugin_basename( __FILE__ ) );
31
 
32
  /**
3
  * Plugin Name: Temporary Login Without Password
4
  * Plugin URI: http://www.storeapps.org/create-secure-login-without-password-for-wordpress/
5
  * Description: Create a temporary login link with any role using which one can access to your sytem without username and password for limited period of time.
6
+ * Version: 1.5.15
7
  * Author: StoreApps
8
  * Author URI: https://storeapps.org
9
  * Requires at least: 3.0.1
26
  * Define constants
27
  */
28
  define( 'WTLWP_PLUGIN_DIR', dirname( __FILE__ ) );
29
+ define( 'WTLWP_PLUGIN_VERSION', '1.5.15' );
30
  define( 'WTLWP_PLUGIN_BASE_NAME', plugin_basename( __FILE__ ) );
31
 
32
  /**