Version Description
- Feature - Added nocache_headers() to prevent caching for the different browsers - props Chris Harmoney.
- Tweak - Removed $url parameter from whitelist filter.
Download this release
Release Info
| Developer | kevinvess |
| Plugin |  Force Login |
| Version | 5.3 |
| Comparing to | |
| See all releases | |
Code changes from version 5.2 to 5.3
- readme.txt +6 -2
- wp-force-login.php +44 -41
readme.txt
CHANGED
|
@@ -3,8 +3,8 @@ Contributors: kevinvess
|
|
| 3 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=forcelogin%40vess%2eme&lc=US&item_name=Force%20Login%20for%20WordPress¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted
|
| 4 |
Tags: privacy, private, protected, registered only, restricted, access, closed, force user login, hidden, login, password
|
| 5 |
Requires at least: 2.7
|
| 6 |
-
Tested up to:
|
| 7 |
-
Stable tag: 5.
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
|
@@ -144,6 +144,10 @@ add_action( 'login_enqueue_scripts', 'my_forcelogin_hide_backtoblog' );
|
|
| 144 |
|
| 145 |
== Changelog ==
|
| 146 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 147 |
= 5.2 =
|
| 148 |
* Feature - Added $url parameter to bypass and whitelist filters.
|
| 149 |
* Tweak - Updated Multisite conditionals which determine user access to sites.
|
| 3 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=forcelogin%40vess%2eme&lc=US&item_name=Force%20Login%20for%20WordPress¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted
|
| 4 |
Tags: privacy, private, protected, registered only, restricted, access, closed, force user login, hidden, login, password
|
| 5 |
Requires at least: 2.7
|
| 6 |
+
Tested up to: 5.0
|
| 7 |
+
Stable tag: 5.3
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 144 |
|
| 145 |
== Changelog ==
|
| 146 |
|
| 147 |
+
= 5.3 =
|
| 148 |
+
* Feature - Added nocache_headers() to prevent caching for the different browsers - props [Chris Harmoney](https://github.com/charmoney).
|
| 149 |
+
* Tweak - Removed $url parameter from whitelist filter.
|
| 150 |
+
|
| 151 |
= 5.2 =
|
| 152 |
* Feature - Added $url parameter to bypass and whitelist filters.
|
| 153 |
* Tweak - Updated Multisite conditionals which determine user access to sites.
|
wp-force-login.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
Plugin Name: Force Login
|
| 4 |
Plugin URI: https://wordpress.org/plugins/wp-force-login/
|
| 5 |
Description: Easily hide your WordPress site from public viewing by requiring visitors to log in first. Activate to turn on.
|
| 6 |
-
Version: 5.
|
| 7 |
Author: Kevin Vess
|
| 8 |
Author URI: http://vess.me/
|
| 9 |
|
|
@@ -16,44 +16,47 @@ License URI: https://www.gnu.org/licenses/gpl-2.0.html
|
|
| 16 |
|
| 17 |
function v_forcelogin() {
|
| 18 |
|
| 19 |
-
|
| 20 |
-
|
| 21 |
-
|
| 22 |
-
|
| 23 |
|
| 24 |
-
|
| 25 |
-
|
| 26 |
-
|
| 27 |
-
|
| 28 |
-
|
| 29 |
-
|
| 30 |
-
|
| 31 |
-
|
| 32 |
-
|
| 33 |
-
|
| 34 |
|
| 35 |
-
|
| 36 |
-
|
| 37 |
-
|
| 38 |
-
|
| 39 |
-
|
| 40 |
-
|
| 41 |
-
|
| 42 |
-
|
| 43 |
-
|
| 44 |
|
| 45 |
-
|
| 46 |
-
|
| 47 |
-
|
| 48 |
-
|
| 49 |
-
|
| 50 |
-
|
| 51 |
-
|
| 52 |
-
|
| 53 |
-
|
| 54 |
-
|
| 55 |
-
|
| 56 |
-
|
|
|
|
|
|
|
|
|
|
| 57 |
}
|
| 58 |
add_action( 'template_redirect', 'v_forcelogin' );
|
| 59 |
|
|
@@ -65,10 +68,10 @@ add_action( 'template_redirect', 'v_forcelogin' );
|
|
| 65 |
* method wasn't used, true if authentication succeeded.
|
| 66 |
*/
|
| 67 |
function v_forcelogin_rest_access( $result ) {
|
| 68 |
-
|
| 69 |
-
|
| 70 |
-
|
| 71 |
-
|
| 72 |
}
|
| 73 |
add_filter( 'rest_authentication_errors', 'v_forcelogin_rest_access', 99 );
|
| 74 |
|
|
@@ -76,6 +79,6 @@ add_filter( 'rest_authentication_errors', 'v_forcelogin_rest_access', 99 );
|
|
| 76 |
* Localization
|
| 77 |
*/
|
| 78 |
function v_forcelogin_load_textdomain() {
|
| 79 |
-
|
| 80 |
}
|
| 81 |
add_action( 'plugins_loaded', 'v_forcelogin_load_textdomain' );
|
| 3 |
Plugin Name: Force Login
|
| 4 |
Plugin URI: https://wordpress.org/plugins/wp-force-login/
|
| 5 |
Description: Easily hide your WordPress site from public viewing by requiring visitors to log in first. Activate to turn on.
|
| 6 |
+
Version: 5.3
|
| 7 |
Author: Kevin Vess
|
| 8 |
Author URI: http://vess.me/
|
| 9 |
|
| 16 |
|
| 17 |
function v_forcelogin() {
|
| 18 |
|
| 19 |
+
// Exceptions for AJAX, Cron, or WP-CLI requests
|
| 20 |
+
if ( ( defined( 'DOING_AJAX' ) && DOING_AJAX ) || ( defined( 'DOING_CRON' ) && DOING_CRON ) || ( defined( 'WP_CLI' ) && WP_CLI ) ) {
|
| 21 |
+
return;
|
| 22 |
+
}
|
| 23 |
|
| 24 |
+
// Redirect unauthorized visitors
|
| 25 |
+
if ( ! is_user_logged_in() ) {
|
| 26 |
+
// Get visited URL
|
| 27 |
+
$url = isset( $_SERVER['HTTPS'] ) && 'on' === $_SERVER['HTTPS'] ? 'https' : 'http';
|
| 28 |
+
$url .= '://' . $_SERVER['HTTP_HOST'];
|
| 29 |
+
// port is prepopulated here sometimes
|
| 30 |
+
if ( strpos( $_SERVER['HTTP_HOST'], ':' ) === FALSE ) {
|
| 31 |
+
$url .= in_array( $_SERVER['SERVER_PORT'], array('80', '443') ) ? '' : ':' . $_SERVER['SERVER_PORT'];
|
| 32 |
+
}
|
| 33 |
+
$url .= $_SERVER['REQUEST_URI'];
|
| 34 |
|
| 35 |
+
/**
|
| 36 |
+
* Bypass filters.
|
| 37 |
+
*
|
| 38 |
+
* @since 3.0.0 The `$whitelist` filter was added.
|
| 39 |
+
* @since 4.0.0 The `$bypass` filter was added.
|
| 40 |
+
* @since 5.2.0 The `$url` parameter was added.
|
| 41 |
+
*/
|
| 42 |
+
$bypass = apply_filters( 'v_forcelogin_bypass', false, $url );
|
| 43 |
+
$whitelist = apply_filters( 'v_forcelogin_whitelist', array() );
|
| 44 |
|
| 45 |
+
if ( preg_replace( '/\?.*/', '', $url ) !== preg_replace( '/\?.*/', '', wp_login_url() ) && ! $bypass && ! in_array( $url, $whitelist ) ) {
|
| 46 |
+
// Determine redirect URL
|
| 47 |
+
$redirect_url = apply_filters( 'v_forcelogin_redirect', $url );
|
| 48 |
+
// Set the headers to prevent caching
|
| 49 |
+
nocache_headers();
|
| 50 |
+
// Redirect
|
| 51 |
+
wp_safe_redirect( wp_login_url( $redirect_url ), 302 ); exit;
|
| 52 |
+
}
|
| 53 |
+
}
|
| 54 |
+
elseif ( function_exists('is_multisite') && is_multisite() ) {
|
| 55 |
+
// Only allow Multisite users access to their assigned sites
|
| 56 |
+
if ( ! is_user_member_of_blog() && ! current_user_can('setup_network') ) {
|
| 57 |
+
wp_die( __( "You're not authorized to access this site.", 'wp-force-login' ), get_option('blogname') . ' › ' . __( "Error", 'wp-force-login' ) );
|
| 58 |
+
}
|
| 59 |
+
}
|
| 60 |
}
|
| 61 |
add_action( 'template_redirect', 'v_forcelogin' );
|
| 62 |
|
| 68 |
* method wasn't used, true if authentication succeeded.
|
| 69 |
*/
|
| 70 |
function v_forcelogin_rest_access( $result ) {
|
| 71 |
+
if ( null === $result && ! is_user_logged_in() ) {
|
| 72 |
+
return new WP_Error( 'rest_unauthorized', __( "Only authenticated users can access the REST API.", 'wp-force-login' ), array( 'status' => rest_authorization_required_code() ) );
|
| 73 |
+
}
|
| 74 |
+
return $result;
|
| 75 |
}
|
| 76 |
add_filter( 'rest_authentication_errors', 'v_forcelogin_rest_access', 99 );
|
| 77 |
|
| 79 |
* Localization
|
| 80 |
*/
|
| 81 |
function v_forcelogin_load_textdomain() {
|
| 82 |
+
load_plugin_textdomain( 'wp-force-login', false, dirname( plugin_basename( __FILE__ ) ) . '/languages/' );
|
| 83 |
}
|
| 84 |
add_action( 'plugins_loaded', 'v_forcelogin_load_textdomain' );
|
