WordPress.org

Ready to get started?Download WordPress

Forums

Login/Redirect issues (33 posts)

  1. bbcurtis
    Member
    Posted 2 years ago #

    Greetings! After days and nights of digging into WP, code, plugins, etc..and a beginner at that, i'm almost there.
    I'm using Multisite. I have 4 sites and users to match. Here's the issue.

    I will be sending clients the same login link to their page each time
    they have new files available for download.
    url/page/wp-login.php? which takes them to url/page

    Once user1 has logged into their site, (url/page) IF they click on that same link OR a link to any other page i've created, it takes them to the wp-admin/profile.php of the original user (user1). While logged in, if they click on the link to would like to take them to the url/page OR to log them out if they click on the link.

    Follow?
    Please help.
    Thank you!

  2. Why not just send them to the page, and on that page have a 'if not logged in' check that shows a login form that keeps them on that page?

  3. bbcurtis
    Member
    Posted 2 years ago #

    I'm not sure I follow, bare with me.

    1.If they log into their site and stay logged in.(basic stripped page, no toolbar, customized, etc)
    2.If they go back to the link we sent them in the email, for whatever reason, and click on that link, while still logged into their site, they
    will be taken to their profile page.

    I may be doing this whole thing wrong to begin with. I just want to create multiple users (one for each client) to login and retrieve their files.

    I'm using Multi Site with WP-Filebase, Add Login to Admin, Login Configurator, Take Control of the WordPress Bar, WP Hide Dashbar and have edited many files on the backend.

    Thanks for help and patience.

  4. Yes, I got that :)

    Think of it this way.

    You send me a link to domain.com/ipstenu/my-cool-page

    That page is coded, using a Members plugin, to say 'Aha, Ipstenu isn't logged in. Show a login form!'

    I log in and, because the forum is written to do this, I get sent back to domain.com/ipstenu/my-cool-page

    Now that I'm logged in, I can go to domain.com/ipstenu/my-cool-page all I want and it'll work until I log back out :)

  5. bbcurtis
    Member
    Posted 2 years ago #

    Ok i'm with you. Hope on the horizon :)

    Now how do I go about coding the individual pages?

  6. I whipped up shortcodes: http://pastebin.com/fMwHKQ8Z

    Put that in a file in your mu-plugins folder, I called it 'loggedin-shortcodes.php'

    Then the content of a post is this:

    This page contains information.
    
    [loggedin_message]This content is only shown to logged-in users.
    
    Here's your cool thing!
    [/loggedin_message]
    
    [loggedout_message]This content is only shown to logged-OUT users.
    
    [loginform]
    
    [/loggedout_message]
  7. bbcurtis
    Member
    Posted 2 years ago #

    WOW, thank you so much for the in depth help! Here's what i'm not getting.

    log in at link below with user: test3 pw: c1234

    http://spotsonline.com/test3/wp-login.php?

    then while still logged in, paste the same link in another window and
    see what you get. Should get "Invalid user ID.".

    which is great! Except the user has to log out before they can log back in. So if they close the browser without logging out, they are stuck. I've thought about a "timeout" on the page...Any other thoughts? Thanks again, this is getting me much closer.

  8. Well ... Yes and no.

    If I don't log out and go right to http://spotsonline.com/test3 everything works. The wp-login.php page is annoying in that it will always ask you to log back in (which is why I said you shouldn't try sending people there).

    However yours is sending you to http://spotsonline.com/test3/wp-admin/profile.php which is locked, and makes me think one of the plugins your using is stripmining the profile page. The Hide Dashboard plugin is sending you there, as it should, which will keep people out of too much trouble.

  9. bbcurtis
    Member
    Posted 2 years ago #

    Maybe I missed something in your original thoughts. Should I be sending them another link?

    I re-read your 2nd response but still not sure I know how to proceed from this point.

  10. Right now, if I go to http://spotsonline.com/test3/ and I'm logged out, I get sent to http://spotsonline.com/test3/wp-login.php?redirect_to=%2Ftest3%2F

    If I log in, I go back to http://spotsonline.com/test3/

    So ... Just send 'em to http://spotsonline.com/test3/

    They'll log in and go to the right page :)

  11. bbcurtis
    Member
    Posted 2 years ago #

    Super! (many smiles from North Carolina!)

    Here's one last one on this topic. Not that this should happen in while the site is live as client1 shouldn't know client2, however.

    If you log into
    http://spotsonline.com/test3/
    then go to
    http://spotsonline.com/test4/
    I can get in without creds.. Potential security issue?

  12. bbcurtis
    Member
    Posted 2 years ago #

    Good Morning!

    Did some more testing and sure enough, if I go to
    spotsonline.com/test3 and login
    then, while logged in, I go to
    spotsonline.com/test4
    it takes me straight to the test4 page without having to login.
    I would need to logout of test3 first--I assume this is because with MU.
    Seems this is the last piece to this login puzzle.

    Thank you so very much for your help on this issue.

  13. Multisite users are logged in for the whole network. Not a security issue, it's by design. If you wanted to lock it down more, you'd want to check for is_blog_user()

    http://codex.wordpress.org/Function_Reference/is_blog_user

    So where it has this:

    if ( is_feed() || !is_user_logged_in() || is_null( $content ) )

    You'd double check

    if ( is_feed() || !is_user_logged_in() || !is_blog_user() || is_null( $content ) )

    And then

    if ( is_user_logged_in() || is_null( $content ) )

    Would become

    if ( is_user_logged_in() || !is_blog_user() || is_null( $content ) )
  14. bbcurtis
    Member
    Posted 2 years ago #

    I hate to be such a Needy little newbee, lol, however...

    I've looked at the page and looked in the wp-includes/user.php
    to find any of the lines you referred to, and I can't find where to
    make these changes. I did try a couple of things, with no success.

  15. S'okay :) This is the code you'd change: http://pastebin.com/fMwHKQ8Z

  16. bbcurtis
    Member
    Posted 2 years ago #

    I made the change to the loggedin-shortcodes.php
    file you made for me and ended up with this, according to
    the other instructions: Bold is what I changed, and still
    experiencing the same issues. While logged in to one "account" and
    click on another, can get it without logging in :(

    // [loggedin_message]This content is only shown to logged-in users.[/is_user_logged_in]
    // Shows content to logged in users

    add_shortcode( 'loggedin_message', 'ippy_loggedin_message_shortcode' );
    function ippy_loggedin_message_shortcode( $attr, $content = null ) {

    /* If it is a feed or the user is not logged in, return nothing. */
    if ( is_feed() || !is_user_logged_in() || !is_blog_user() || is_null( $content ) )
    return '';

    /* Return the content. */
    return do_shortcode( $content );
    }

    // [loggedout_message]This content is only shown to logged-in users.[/is_user_logged_in]
    // Shows content to logged out users :)

    add_shortcode( 'loggedout_message', 'ippy_loggedout_message_shortcode' );
    function ippy_loggedout_message_shortcode( $attr, $content = null ) {

    /* If it is a feed or the user is not logged in, return nothing. */
    if ( is_user_logged_in() || !is_blog_user() || is_null( $content ) )
    return '';

    /* Return the content. */
    return do_shortcode( $content );
    `

  17. Oh. I think I see why.

    The second one should be:

    if ( ( is_user_logged_in() && is_blog_user() ) || is_null( $content ) )

    I updated it and put it on GitHub, since I cant seem to get to pastebin now o.O

    https://github.com/Ipstenu/HalfElf/blob/master/plugins/tidbits/members-shortcodes.php

  18. bbcurtis
    Member
    Posted 2 years ago #

    No Go, still acting same. I coped the code direct from your post, pasted in the loggedin-shortcodes.php file that is in wp-content/plugins
    ..acts same on mobile browser, Chrome, Firefox, IE7

  19. Is that user a member of the other site?

    Generally users are 'psudeo subscribers' so they can read, but they don't have 'logged in' access to do more than read and comment.

  20. bbcurtis
    Member
    Posted 2 years ago #

    Not that I can tell. I even deleted users that I had created for test purposes. In Network Admin, I see all users, there are two
    independent users and who has super admin.

    Maybe another plugin causing an issue?.

    HMM, this is interesting. If i'm logged into one account,
    and type in the url of another page, I can get in w/out logging in. OK, we know that, but when logged into one account and I try to log into the admin account with http://spotsonline.com/wp-login.php I get redirected to
    the profile page of the original account i'm logged into, BUT doesn't let me in, I get an "invalid user ID" ...

  21. I think that one of your plugins is doing the invalid ID thing, personally. I can't reproduce that on a clean build.

    But I'm not talking about network admin users :)

    Go to the site (test4) and the users lists on that site. Who's there?

    Also do you have any plugins that add users with default access to new sites?

  22. bbcurtis
    Member
    Posted 2 years ago #

    Gotcha.

    I have 5 sites. On 3 of the the sites I only have 1 user as "Administrator" 1 other site has 2 users, 1 "Subscriber" and 1 Administrator, and one more site with 2 users, "Subscriber" and 1 Administrator.

    Network Activated Plugins:
    Add Logo to Login / Login Configurator Take Control of the WordPress Toolbar / WP-Filebase / WP Hide Dashboard

    Only 1 of the sites (the original site I created before I sent to Multisite) has 2 plugins activated on the site itsel: Admin Trim Interface and Jetpack by WordPress.com---the other do not have any activated on the individual site.

  23. Okay so we have

    Site1 - Admin
    Site2 - Admin
    Site3 - Admin
    Site4 - User1, User2, Admin
    Site5 - User3, User3, Subscriber(?), Admin

    Is that right? (And yes, this kinda matters)

  24. bbcurtis
    Member
    Posted 2 years ago #

    I'm not totally sure of creation date, but this is the order
    they appear in "My Sites" Menu:
    Site1 - User1 (Role=Admin)
    Site2 - User1 (Role=Admin)
    Site3 - User1 (Role=Admin)
    Site4 - User2 (Role=Subscriber), User1 (Role=Admin)
    Site5 - User3 (Role=Subscriber), User1 (Role=Admin)

  25. Creation date isn't the issue.

    Okay. User1 is going to be able to see the files on all sites, because User1 is a user on all sites (also, hi, the admin).

    User2 should only see Site4's files.

    User3 should only see Site5's.

    So the question is, which user is seeing which site?

  26. bbcurtis
    Member
    Posted 2 years ago #

    Okie, let's see if I can do this :)

    If I place (page names are not accurate, only for discussion)
    spotsonline.com/site4 (which has a login)
    in the browser (do not log in)
    and place
    spotsonline.com/site5 (which has a login)
    in the browser and log in with user 3--i'm now IN.

    Now with spotsonline.com/site4 in the browser (DO NOT LOGIN, just hit enter), I can get into site4 without having to login.

    As soon as I log out of of either site, then try to access the site that is still open, the site that is still open, logs out.
    Switch the scenario with sites and the same thin happens.
    (and of course I can log into each site with user1)
    Now the exception in this scenario is:

    spotsonline.com/site4 (which has a login)
    in the browser (do not log in)
    and place
    spotsonline.com/wp-login.php (which has a login)
    in the browser and hit enter, it thinks i'm trying to login
    to site4 BUT won't let me.

    yikes, hope I did ok.

  27. You will always be considered to be logged in for all sites on a network if you are logged in to one.

  28. bbcurtis
    Member
    Posted 2 years ago #

    Guess I need to rethink how I can accomplish what I want to do.
    Thanks so much for the time in working with me to try and get
    that issue figured out.

    Take Care!

  29. I'd probably grab Justin Tadlock's Member's plugin and make a special role for the actual site user. Problem is you have to make that role for each site separately.

  30. bbcurtis
    Member
    Posted 2 years ago #

    hi, sorry didn't want to keep asking as you've been so kind already:)

    Hmmm, seems like I might have tried that plugin, for something. Honestly I don't remember. I just started using WordPress and messing with code, end of June and have tried so many things, one after other just to get something to work, so i've lost some knowledge of what i've done.

    With my current setup, can you explain a little further on how I might tweak, or implement to get the results I need?

Topic Closed

This topic has been closed to new replies.

About this Topic