Force Login - Version 5.0

Version Description

  • Feature - Added filter to bypass Force Login redirect for whitelisting pages without specifying a URL.
  • Tweak - Changed the hook for Force Login to run at a later stage in the WordPress tree.
  • Fix - Replaced deprecated function - props Just-Johnny.
Download this release

Release Info

Developer kevinvess
Plugin Icon 128x128 Force Login
Version 5.0
Comparing to
See all releases

Code changes from version 4.2 to 5.0

Files changed (2) hide show
  1. readme.txt +40 -10
  2. wp-force-login.php +5 -4
readme.txt CHANGED
@@ -1,10 +1,10 @@
1
  === Force Login ===
2
  Contributors: kevinvess
3
- Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=kevin%40vess%2eme&lc=US&item_name=Kevin%20Vess%20-%20WordPress&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted
4
- Tags: access, closed, force user login, hidden, login, password, privacy, private, protected, registered only, restricted
5
  Requires at least: 2.7
6
- Tested up to: 4.6
7
- Stable tag: 4.2
8
  License: GPLv2 or later
9
 
10
  Force Login is a simple lightweight plugin that requires visitors to log in to interact with the website.
@@ -21,8 +21,9 @@ Make your website private until it's ready to share publicly, or keep it private
21
  - WordPress Multisite compatible.
22
  - Login redirects visitors back to the url they tried to visit.
23
  - Extensive Developer API (hooks & filters).
24
- - Customizable. Set a specific URL to always redirect to on login
25
  - Filter exceptions for certain pages or posts.
 
26
 
27
  **Bug Reports**
28
 
@@ -49,7 +50,7 @@ The URL must be absolute (as in, <http://example.com/mypage/>). Recommended: [si
49
  * Set the URL to redirect to on login.
50
  *
51
  * @return string URL to redirect to on login. Must be absolute.
52
- **/
53
  function my_forcelogin_redirect() {
54
  return site_url( '/mypage/' );
55
  }
@@ -58,14 +59,35 @@ add_filter('v_forcelogin_redirect', 'my_forcelogin_redirect', 10, 1);
58
 
59
  = 2. How can I add exceptions for certain pages or posts? =
60
 
61
- You can specify an array of URLs to whitelist by adding the following filter to your functions.php file. Each URL must be absolute (as in, <http://example.com/mypage/>). Recommended: [site_url( '/mypage/' )](https://codex.wordpress.org/Function_Reference/site_url).
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
62
 
63
  `
64
  /**
65
  * Filter Force Login to allow exceptions for specific URLs.
66
  *
67
  * @return array An array of URLs. Must be absolute.
68
- **/
69
  function my_forcelogin_whitelist( $whitelist ) {
70
  $whitelist[] = site_url( '/mypage/' );
71
  $whitelist[] = site_url( '/2015/03/post-title/' );
@@ -85,14 +107,14 @@ Checkout the [Force Login Wiki on GitHub](https://github.com/kevinvess/wp-force-
85
 
86
  = 4. How do I get the WordPress mobile app to work? =
87
 
88
- By default, the plugin blocks access to all page URLs; you will need to whitelist the XML-RPC page to allow the WordPress app to access your site for remote publishing.
89
 
90
  `
91
  /**
92
  * Filter Force Login to allow exceptions for specific URLs.
93
  *
94
  * @return array An array of URLs. Must be absolute.
95
- **/
96
  function my_forcelogin_whitelist( $whitelist ) {
97
  $whitelist[] = site_url( '/xmlrpc.php' );
98
  return $whitelist;
@@ -117,6 +139,11 @@ add_action('login_enqueue_scripts', 'my_forcelogin_hide_backtoblog');
117
 
118
  == Changelog ==
119
 
 
 
 
 
 
120
  = 4.2 =
121
  * Tweak - Made plugin translation ready.
122
 
@@ -158,6 +185,9 @@ add_action('login_enqueue_scripts', 'my_forcelogin_hide_backtoblog');
158
 
159
  == Upgrade Notice ==
160
 
 
 
 
161
  = 4.1 =
162
  Multisite users can only access their assigned sites, except 'Super Admin' users.
163
 
1
  === Force Login ===
2
  Contributors: kevinvess
3
+ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=forcelogin%40vess%2eme&lc=US&item_name=Force%20Login%20for%20WordPress&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted
4
+ Tags: privacy, private, protected, registered only, restricted, access, closed, force user login, hidden, login, password
5
  Requires at least: 2.7
6
+ Tested up to: 4.7
7
+ Stable tag: 5.0
8
  License: GPLv2 or later
9
 
10
  Force Login is a simple lightweight plugin that requires visitors to log in to interact with the website.
21
  - WordPress Multisite compatible.
22
  - Login redirects visitors back to the url they tried to visit.
23
  - Extensive Developer API (hooks & filters).
24
+ - Customizable. Set a specific URL to always redirect to on login.
25
  - Filter exceptions for certain pages or posts.
26
+ - Translation Ready & WPML certified.
27
 
28
  **Bug Reports**
29
 
50
  * Set the URL to redirect to on login.
51
  *
52
  * @return string URL to redirect to on login. Must be absolute.
53
+ */
54
  function my_forcelogin_redirect() {
55
  return site_url( '/mypage/' );
56
  }
59
 
60
  = 2. How can I add exceptions for certain pages or posts? =
61
 
62
+ You can bypass Force Login based on any condition or specify an array of URLs to whitelist by adding either of the following filters to your functions.php file. You may also use the WordPress [Conditional Tags](http://codex.wordpress.org/Conditional_Tags).
63
+
64
+ **Bypass Force Login**
65
+
66
+ `
67
+ /**
68
+ * Bypass Force Login to allow for exceptions.
69
+ *
70
+ * @return bool Whether to disable Force Login. Default false.
71
+ */
72
+ function my_forcelogin_bypass( $bypass ) {
73
+ if ( is_single() ) {
74
+ $bypass = true;
75
+ }
76
+ return $bypass;
77
+ }
78
+ add_filter('v_forcelogin_bypass', 'my_forcelogin_bypass', 10, 1);
79
+ `
80
+
81
+ **Whitelist URLs**
82
+
83
+ Each URL must be absolute (as in, <http://example.com/mypage/>). Recommended: [site_url( '/mypage/' )](https://codex.wordpress.org/Function_Reference/site_url).
84
 
85
  `
86
  /**
87
  * Filter Force Login to allow exceptions for specific URLs.
88
  *
89
  * @return array An array of URLs. Must be absolute.
90
+ */
91
  function my_forcelogin_whitelist( $whitelist ) {
92
  $whitelist[] = site_url( '/mypage/' );
93
  $whitelist[] = site_url( '/2015/03/post-title/' );
107
 
108
  = 4. How do I get the WordPress mobile app to work? =
109
 
110
+ By default, the plugin blocks access to all page URLs; you may need to whitelist the XML-RPC page to allow the WordPress app to access your site for remote publishing.
111
 
112
  `
113
  /**
114
  * Filter Force Login to allow exceptions for specific URLs.
115
  *
116
  * @return array An array of URLs. Must be absolute.
117
+ */
118
  function my_forcelogin_whitelist( $whitelist ) {
119
  $whitelist[] = site_url( '/xmlrpc.php' );
120
  return $whitelist;
139
 
140
  == Changelog ==
141
 
142
+ = 5.0 =
143
+ * Feature - Added filter to bypass Force Login redirect for whitelisting pages without specifying a URL.
144
+ * Tweak - Changed the hook for Force Login to run at a later stage in the WordPress tree.
145
+ * Fix - Replaced deprecated function - props [Just-Johnny](https://github.com/Just-Johnny).
146
+
147
  = 4.2 =
148
  * Tweak - Made plugin translation ready.
149
 
185
 
186
  == Upgrade Notice ==
187
 
188
+ = 5.0 =
189
+ New feature: added bypass filter. Tweak: changed hook for Force Login to run later.
190
+
191
  = 4.1 =
192
  Multisite users can only access their assigned sites, except 'Super Admin' users.
193
 
wp-force-login.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: Force Login
4
  Plugin URI: http://vess.me/
5
  Description: Easily hide your WordPress site from public viewing by requiring visitors to log in first. Activate to turn on.
6
- Version: 4.2
7
  Author: Kevin Vess
8
  Author URI: http://vess.me/
9
 
@@ -48,21 +48,22 @@ function v_forcelogin() {
48
  $url .= $_SERVER['REQUEST_URI'];
49
 
50
  // Apply filters
 
51
  $whitelist = apply_filters( 'v_forcelogin_whitelist', array() );
52
  $redirect_url = apply_filters( 'v_forcelogin_redirect', $url );
53
 
54
  // Redirect visitors
55
- if ( preg_replace('/\?.*/', '', $url) != preg_replace('/\?.*/', '', wp_login_url()) && !in_array($url, $whitelist) ) {
56
  wp_safe_redirect( wp_login_url( $redirect_url ), 302 ); exit();
57
  }
58
  }
59
  else {
60
  // Only allow Multisite users access to their assigned sites
61
  if ( function_exists('is_multisite') && is_multisite() ) {
62
- global $current_user; get_currentuserinfo();
63
  if ( !is_user_member_of_blog( $current_user->ID ) && !is_super_admin() )
64
  wp_die( __( "You're not authorized to access this site.", 'wp-force-login' ), get_option('blogname') . ' &rsaquo; ' . __( "Error", 'wp-force-login' ) );
65
  }
66
  }
67
  }
68
- add_action('init', 'v_forcelogin');
3
  Plugin Name: Force Login
4
  Plugin URI: http://vess.me/
5
  Description: Easily hide your WordPress site from public viewing by requiring visitors to log in first. Activate to turn on.
6
+ Version: 5.0
7
  Author: Kevin Vess
8
  Author URI: http://vess.me/
9
 
48
  $url .= $_SERVER['REQUEST_URI'];
49
 
50
  // Apply filters
51
+ $bypass = apply_filters ( 'v_forcelogin_bypass', false );
52
  $whitelist = apply_filters( 'v_forcelogin_whitelist', array() );
53
  $redirect_url = apply_filters( 'v_forcelogin_redirect', $url );
54
 
55
  // Redirect visitors
56
+ if ( preg_replace('/\?.*/', '', $url) != preg_replace('/\?.*/', '', wp_login_url()) && !in_array($url, $whitelist) && !$bypass ) {
57
  wp_safe_redirect( wp_login_url( $redirect_url ), 302 ); exit();
58
  }
59
  }
60
  else {
61
  // Only allow Multisite users access to their assigned sites
62
  if ( function_exists('is_multisite') && is_multisite() ) {
63
+ $current_user = wp_get_current_user();
64
  if ( !is_user_member_of_blog( $current_user->ID ) && !is_super_admin() )
65
  wp_die( __( "You're not authorized to access this site.", 'wp-force-login' ), get_option('blogname') . ' &rsaquo; ' . __( "Error", 'wp-force-login' ) );
66
  }
67
  }
68
  }
69
+ add_action('template_redirect', 'v_forcelogin');