WordPress.org

Ready to get started?Download WordPress

Forums

User Access Manager
fix for 404 error accessing hidden pages (1 post)

  1. campg2003
    Member
    Posted 1 year ago #

    Hi,

    Here is a patch to make UAM show a log in form for locked pages when hide_pages is on.

    What was happening was that in UserAccessManager->_getPost, called from the the_posts filter, if hide_xxx was off but the post was restricted, a login form was served, but if hide_xxx was on, the post was just removed from the list, so a 404 error occurred. I copied the code that generates the login form into the section that handles hidden posts.

    Question: should this behavior be controlled with an option, or is this acceptable behavior all the time for hidden pages?

    I am quite new to PHP, and very new to WordPress coding, so if anyone with more experience sees a problem with this, please speak up.

    Here is the modified function _getPost from file class/UserAccessManager.class.php from the v1.2.2 distribution. I tried to make a pastbin entry for this, but I am blind, and can't enter the captcha. I could also supply a patch (unified diff format) if anyone is interested-- and I can get it to you! :-)

    Hope this helps someone.

    private function _getPost($post)
        {
            $uamOptions = $this->getAdminOptions();
            $uamAccessHandler = &$this->getAccessHandler();
    
            $postType = $post->post_type;
    
            $postableTypes = $uamAccessHandler->getPostableTypes();
    
            if (in_array($postType, $postableTypes)
            	&& $postType != 'post'
            	&& $postType != 'page'
            ) {
                $postType = 'post';
            } elseif ($postType != 'post' && $postType != 'page') {
                // not in postable types and not post or page.
                return $post;
            }
    
            if ($uamOptions['hide_'.$postType] == 'true'
                || $this->atAdminPanel()
            ) {
                if ($uamAccessHandler->checkObjectAccess($post->post_type, $post->ID)) {
                    // We are hiding this post type or are at admin panel, but we have access to this object.
                    $post->post_title .= $this->adminOutput($post->post_type, $post->ID);
    
                    return $post;
                } else {
                    // checkObjectAccess returned false, and hide is true or at admin panel.
                    $post->isLocked = true;
    
                    $uamPostContent = $uamOptions[$postType.'_content'];
                    $uamPostContent = str_replace(
                    	"[LOGIN_FORM]",
                        $this->getLoginBarHtml(),
                        $uamPostContent
                    );
                    $post->post_content = $uamPostContent;
    
                    return $post;
                } // else checkAccess returned false.
            } else {
                // not hide option and not at admin panel.
                if (!$uamAccessHandler->checkObjectAccess($post->post_type, $post->ID)) {
                    // We are not hiding this post and we don't have access.
                    $post->isLocked = true;
    
                    $uamPostContent = $uamOptions[$postType.'_content'];
                    $uamPostContent = str_replace(
                    	"[LOGIN_FORM]",
                        $this->getLoginBarHtml(),
                        $uamPostContent
                    );
    
                    if ($uamOptions['hide_'.$postType.'_title'] == 'true') {
                        $post->post_title = $uamOptions[$postType.'_title'];
                    }
    
                    if ($uamOptions[$postType.'_comments_locked'] == 'false') {
                        $post->comment_status = 'close';
                    }
    
                    if ($uamOptions['show_post_content_before_more'] == 'true'
                    	&& $postType == "post"
                        && preg_match('/<!--more(.*?)?-->/', $post->post_content, $matches)
                    ) {
                        $post->post_content = explode(
                            $matches[0],
                            $post->post_content,
                            2
                        );
                        $uamPostContent
                            = $post->post_content[0] . " " . $uamPostContent;
                    }
    
                    $post->post_content = $uamPostContent;
                } // if don't have access
    
                $post->post_title .= $this->adminOutput($post->post_type, $post->ID);
    
                return $post;
            } // else not hiding
    // should no longer ever get here.
            return null;
        }

    http://wordpress.org/extend/plugins/user-access-manager/

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic