I’m not sure what URLs you would need to whitelist to allow the uploads to work, but you could try whitelisting any URL visited by localhost.
/**
* Filter Force Login to allow exceptions for specific URLs.
*
* @return array An array of URLs. Must be absolute.
**/
function my_forcelogin_whitelist($whitelist) {
// list of single page URLs
$whitelist[] = site_url( '/reg-form/' );
// allow any page URL if localhost
if($_SERVER['REMOTE_ADDR'] == 127.0.0.1) {
$whitelist[] = site_url($_SERVER['REQUEST_URI']);
}
return $whitelist;
}
add_filter('v_forcelogin_whitelist', 'my_forcelogin_whitelist', 10, 1);
Or, you could just set user profile pictures/avatars using Gravatars instead; which is builtin to WordPress.
https://codex.wordpress.org/Using_Gravatars
I solved it by whitelisting the wp-admin:
if( in_array(‘wp-admin’, explode(‘/’, $_SERVER[‘REQUEST_URI’])) ) {
$whitelist[] = site_url($_SERVER[‘REQUEST_URI’]);
}
Is it safe?
Great, I’m glad you were able to get it working!
That should be safe; by “whitelisting” the wp-admin folder, you’re only stopping my plugin from blocking access to it – default WordPress functionality doesn’t allow non-logged in visitors to view the admin directory anyway. 🙂
Note the above code will not work as expected, as this will never evaluate to true, in fact it should throw an error:
if($_SERVER['REMOTE_ADDR'] == 127.0.0.1)
That IP address needs quotes.
