/** * Returns the HTML code. * * @since 1.0.0 * @return string */ public function to_html() { $res_html = ''; $res_form = ''; $html = ''; $valid_forms = array('login', 'logout', 'reset', 'lost'); extract($this->data); if (!isset($form) || !in_array($form, $valid_forms)) { if (MS_Model_Member::is_logged_in()) { $form = 'logout'; } elseif (isset($action) && 'resetpass' === $action) { $form = 'reset'; } elseif ('lostpass' == $_GET['show']) { $form = 'lost'; } else { $form = 'login'; } $this->data['form'] = $form; } /** * Provide a customized login form. * * Possible filters to provide a customized login form: * - 'ms_shortcode_custom_form-login' * - 'ms_shortcode_custom_form-logout' * - 'ms_shortcode_custom_form-reset' * - 'ms_shortcode_custom_form-lost' * * @since 1.0.0 */ $html = apply_filters('ms_shortcode_custom_form-' . $form, '', $this->data); if (!empty($html)) { return $html; } else { $html = ''; } if ('logout' === $form) { return $this->logout_form(); } elseif ('reset' === $form) { return $this->reset_form(); } else { if (empty($redirect_login)) { $redirect_login = MS_Helper_Utility::get_current_url(); } // Build the Login Form. $res_form .= $prefix; $res_form .= $this->login_form($redirect_login); $res_form .= $this->lostpass_form(); // Wrap form in optional wrappers. if (!empty($wrapwith)) { $res_form .= sprintf('<%s class="%s">', esc_attr($wrapwith), esc_attr($wrapwithclass)); $res_form = sprintf('<%1$s class="%2$s">%3$s</%1$s>', esc_attr($wrapwith), esc_attr($wrapwithclass), $res_form); } if (!empty($item)) { $res_form = sprintf('<%1$s class="%2$s">%3$s</%1$s>', esc_attr($item), esc_attr($itemclass), $res_form); } if (!empty($holder)) { $res_form = sprintf('<%1$s class="%2$s">%3$s</%1$s>', esc_attr($holder), esc_attr($holderclass), $res_form); } // Complete the HTML output. if ($header) { $html .= $this->login_header_html(); } $html .= $res_form; if ($register && !MS_Model_Member::is_logged_in()) { if (MS_Model_Member::can_register()) { $link = sprintf('<div class="registerhere">Don't have an account?' . ' ' . '<a href="%1$s" class="register">%2$s</a></div>', MS_Controller_Frontend::get_registration_url('register'), __('Sign up here.', 'membership2')); /** * Filter documented in wp-includes/general-template.php */ $html .= apply_filters('register', $link); } } // Load the ajax script that handles the Ajax login functions. wp_enqueue_script('ms-ajax-login'); lib3()->ui->data('ms_ajax_login', array('ajaxurl' => admin_url('admin-ajax.php'), 'loadingmessage' => __('Please wait...', 'membership2'), 'errormessage' => __('Request failed, please try again.', 'membership2'))); } // Remove linebreaks to bypass the "wpautop" filter. $html = str_replace(array("\r\n", "\r", "\n"), '', $html); $html = '<div class="ms-membership-form-wrapper">' . $html . '</div>'; $html = apply_filters('ms_compact_code', $html); /* * Possible filters to provide a customized login form: * - 'ms_shortcode_form-login' * - 'ms_shortcode_form-logout' * - 'ms_shortcode_form-reset' * - 'ms_shortcode_form-lost' */ return apply_filters('ms_shortcode_form-' . $form, $html, $this->data); }
/** * Checks member permissions and protects current page. * * Related Action Hooks: * - template_redirect * * @since 1.0.0 */ public function protect_current_page() { do_action('ms_model_plugin_protect_current_page_before', $this); // Admin user has access to everything if ($this->member->is_normal_admin()) { return; } $access = $this->get_access_info(); if (!$access['has_access']) { MS_Model_Pages::create_missing_pages(); $no_access_page_url = MS_Model_Pages::get_page_url(MS_Model_Pages::MS_PAGE_PROTECTED_CONTENT, false); $current_page_url = MS_Helper_Utility::get_current_url(); // Don't (re-)redirect the protection page. if (!MS_Model_Pages::is_membership_page(null, MS_Model_Pages::MS_PAGE_PROTECTED_CONTENT)) { $no_access_page_url = esc_url_raw(add_query_arg(array('redirect_to' => urlencode($current_page_url)), $no_access_page_url)); $no_access_page_url = apply_filters('ms_model_plugin_protected_content_page', $no_access_page_url); wp_safe_redirect($no_access_page_url); exit; } } do_action('ms_model_plugin_protect_current_page_after', $this); }
/** * Verify if current url has protection rules. * * @since 1.0.0 * * @return boolean True if has access, false otherwise. */ protected function has_rule_for_current_url() { $has_rules = false; if (MS_Model_Addon::is_enabled(MS_Model_Addon::ADDON_URL_GROUPS)) { $url = MS_Helper_Utility::get_current_url(); if ($this->check_url_expression_match($url, $this->get_protected_urls())) { $has_rules = true; } } return apply_filters('ms_rule_url_model_has_access', $has_rules, $this); }
/** * Handle protected media access. * * Search for masked file and show the proper content, or no access image if don't have access. * * Realted Action Hooks: * - parse_request * * @since 1.0.0 * * @param WP_Query $query The WP_Query object to filter. */ public function handle_download_protection($query) { do_action('ms_rule_media_model_handle_download_protection_before', $query, $this); $the_file = false; $requested_item = false; $download_settings = MS_Plugin::instance()->settings->downloads; $protection_type = $download_settings['protection_type']; if (!MS_Model_Addon::is_enabled(MS_Model_Addon::ADDON_MEDIA)) { return; } if (!empty($query->query_vars['protectedfile']) && self::PROTECTION_TYPE_COMPLETE == $protection_type) { $requested_item = explode('/', $query->query_vars['protectedfile']); $requested_item = array_pop($requested_item); } elseif (!empty($_GET['ms_file']) && self::PROTECTION_TYPE_HYBRID == $protection_type) { $requested_item = $_GET['ms_file']; } else { $requested_item = MS_Helper_Utility::get_current_url(); } if (!empty($requested_item)) { // At this point we know that the requested post is an attachment. $f_info = $this->extract_file_info($requested_item); switch ($protection_type) { case self::PROTECTION_TYPE_COMPLETE: case self::PROTECTION_TYPE_HYBRID: // Work out the post_id again $attachment_id = preg_replace('/^' . self::FILE_PROTECTION_PREFIX . '/', '', $f_info->filename); $attachment_id -= (int) self::FILE_PROTECTION_INCREMENT; $the_file = $this->restore_filename($attachment_id, $f_info->size_extension); break; default: case self::PROTECTION_TYPE_BASIC: $upload_dir = wp_upload_dir(); $original_url = $upload_dir['baseurl']; $home = get_option('home'); $original_url = explode($home, $original_url); $furl = untrailingslashit(str_replace('/' . $download_settings['masked_url'], $original_url[1], $requested_item)); $home = untrailingslashit(get_option('home')); $attachment_id = $this->get_attachment_id($furl); $the_file = $this->restore_filename($attachment_id, $f_info->size_extension); break; } if (!empty($the_file) && !empty($attachment_id) && is_numeric($attachment_id)) { if ($this->can_access_file($attachment_id)) { $upload_dir = wp_upload_dir(); $file = trailingslashit($upload_dir['basedir']) . $the_file; $this->output_file($file); } else { $this->show_no_access_image(); } } } do_action('ms_rule_media_model_handle_download_protection_after', $query, $this); }