/**
* Handles Specific Post/Page Access authentication.
*
* @package s2Member\SP_Access
* @since 3.5
*
* @param int|string $sp_id Numeric Post/Page ID in WordPress.
* @param bool $read_only Optional. Defaults to false. If ``$read_only = true``,
* no session cookies are set, no IP Restrictions are checked, and script execution is not exited on Link failure.
* In other words, with ``$read_only = true``, this function will simply return true or false.
* @return null|bool Always returns `true` if access is indeed allowed in one way or another.
* If access is denied with ``$read_only = true`` simply return false. If access is denied with ``$read_only = false``, return false; but if a Specific Post/Page Access Link is currently being used, we exit with a warning about Access Link expiration here.
*/
public static function sp_access($sp_id = FALSE, $read_only = FALSE)
{
do_action("ws_plugin__s2member_before_sp_access", get_defined_vars());
$excluded = apply_filters("ws_plugin__s2member_sp_access_excluded", false, get_defined_vars());
if ($excluded || current_user_can(apply_filters("ws_plugin__s2member_sp_access_excluded_cap", "edit_posts", get_defined_vars()))) {
return apply_filters("ws_plugin__s2member_sp_access", true, get_defined_vars(), "auth-via-exclusion");
} else {
if ($sp_id && is_numeric($sp_id) && (!empty($_GET["s2member_sp_access"]) && ($_g["s2member_sp_access"] = trim(stripslashes((string) $_GET["s2member_sp_access"]))) && is_array($sp_access_values = array($_g["s2member_sp_access"])) || is_array($sp_access_values = c_ws_plugin__s2member_sp_access::sp_access_session())) && !empty($sp_access_values)) {
foreach ($sp_access_values as $sp_access_value) {
if (is_array($sp_access = preg_split("/\\:\\.\\:\\|\\:\\.\\:/", c_ws_plugin__s2member_utils_encryption::decrypt($sp_access_value)))) {
if (count($sp_access) === 4 && $sp_access[0] === "sp_time_hours" && in_array($sp_id, preg_split("/[\r\n\t\\s;,]+/", $sp_access[1]))) {
if (is_numeric($sp_access[2]) && is_numeric($sp_access[3]) && $sp_access[2] <= strtotime("now") && $sp_access[2] + $sp_access[3] * 3600 >= strtotime("now")) {
if (!$read_only && !empty($_g["s2member_sp_access"])) {
// Add to session?
c_ws_plugin__s2member_sp_access::sp_access_session($_g["s2member_sp_access"]);
}
if ($read_only || c_ws_plugin__s2member_ip_restrictions::ip_restrictions_ok($_SERVER["REMOTE_ADDR"], $sp_access_value)) {
return apply_filters("ws_plugin__s2member_sp_access", true, get_defined_vars(), "auth-via-link-session");
}
}
}
}
}
// Otherwise, authentication was NOT possible via link or session.
if (!$read_only && !empty($_g["s2member_sp_access"])) {
status_header(503);
header("Content-Type: text/html; charset=UTF-8");
while (@ob_end_clean()) {
}
// Clean any existing output buffers.
exit(_x('<strong>Your Link Expired:</strong><br />Please contact Support if you need assistance.', "s2member-front", "s2member"));
} else {
// Else return false here.
return apply_filters("ws_plugin__s2member_sp_access", false, get_defined_vars(), "no-auth-via-link-session");
}
} else {
// Else return false here.
return apply_filters("ws_plugin__s2member_sp_access", false, get_defined_vars(), "no-auth-no-link-session");
}
}
}
