campiaperti/bottega
2
0
Fork 0
Code Issues 2 Pull requests Releases Wiki Activity
bottega/simple-membership/classes/class.swpm-access-control.php

298 lines
14 KiB
PHP
Raw Permalink Blame History

<?php
class SwpmAccessControl {
private $lastError;
private $moretags;
private static $_this;
private function __construct(){
$this->lastError = '';
$this->moretags = array();
}
public static function get_instance(){
self::$_this = empty(self::$_this)? new SwpmAccessControl():self::$_this;
return self::$_this;
}
public function can_i_read_post($post){
if (!is_a($post, 'WP_Post')) {
//This is not a WP_Post object. So we don't want to handle it in our plugin.
return true;
}
$id = $post->ID;
$this->lastError = '';
$auth = SwpmAuth::get_instance();
//$protect_everything = SwpmSettings::get_instance()->get_value('protect-everything');
//if(!empty($protect_everything)){
//Protect everything is enabled.
//TODO - This feature is not implemented yet.
//}
//Check if this is a protected post.
$protected = SwpmProtection::get_instance();
if (!$protected->is_protected($id)){
//This is a totally unprotected post. So everyone has access to it.
return true;
}
/*** At this point, we have a protected post. So we need to check if this user can view this post. ***/
//Check if the user is logged in.
if(!$auth->is_logged_in()){
//This user is not logged into the site. No access to this protected post.
$text = SwpmUtils::_('You need to login to view this content. ') . SwpmMiscUtils::get_login_link();
$error_msg = '<div class="swpm-post-not-logged-in-msg">'.$text.'</div>';
$this->lastError = apply_filters('swpm_not_logged_in_post_msg', $error_msg);
return false;
}
//Check if the account is expired
if ($auth->is_expired_account()){
//This user's account is expired. No access to this post. Show account expiry message.
$text = SwpmUtils::_('Your account has expired. ') . SwpmMiscUtils::get_renewal_link();
$error_msg = '<div class="swpm-post-account-expired-msg swpm-yellow-box">'.$text.'</div>';
$this->lastError = apply_filters('swpm_account_expired_msg', $error_msg);
return false;
}
//Check older post protection addon settings (if being used on this site).
$protect_older_posts = apply_filters('swpm_should_protect_older_post', false, $id);
if ($protect_older_posts){
//This post falls under the older post protection condition. No access to it.
$text = SwpmUtils::_('This content can only be viewed by members who joined on or before ') . SwpmUtils::get_formatted_and_translated_date_according_to_wp_settings($post->post_date);
$error_msg = '<div class="swpm-post-older-post-msg">'.$text.'</div>';
$this->lastError = apply_filters ('swpm_restricted_post_msg_older_post', $error_msg);
return false;
}
//Check if this user's membership level has access to this post
$permission = SwpmPermission::get_instance($auth->get('membership_level'));
if($permission->is_permitted($id)) {
//This user's membership level has access to it. Show this post to this user.
return true;
} else {
//User's level DOES NOT have access to this post.
$text = SwpmUtils::_('This content is not permitted for your membership level.');
$error_msg = '<div class="swpm-post-no-access-msg">'.$text.'</div>';
$this->lastError = apply_filters ('swpm_restricted_post_msg', $error_msg);
return false;
}
//All checks have passed. Show this post to the user.
return true;
}
public function can_i_read_comment($comment){
if (!is_a($comment, 'WP_Comment')) {
//This is not a valid WP_Comment object. So we don't want to handle it in our plugin.
return true;
}
$id = $comment->comment_ID;
$post_id = $comment->comment_post_ID;
$post = get_post($post_id);
$this->lastError = '';
$auth = SwpmAuth::get_instance();
//Check if everything protected settings is on.
//$protect_everything = SwpmSettings::get_instance()->get_value('protect-everything');
//if(!empty($protect_everything)){
//Everything is protected by default.
//TODO - This feature is currently not implemented.
//}
//Check if the post (that this comment belongs to) is protected.
$protected = SwpmProtection::get_instance();
if (!$protected->is_protected($post_id)){
//The post of this comment is not protected. So this is an unprotected comment. Show it to everyone.
return true;
}
/*** At this point, we have a protected comment. So we need to check if this user can view this comment. ***/
//Check if the user is logged-in as a member.
if(!$auth->is_logged_in()){
//User is not logged-in. Not allowed to see this protected comment.
$error_msg = '<div class="swpm-comment-not-logged-in">' . SwpmUtils::_("You need to login to view this content. ") . '</div>';
$this->lastError = apply_filters('swpm_not_logged_in_comment_msg', $error_msg);
return false;
}
//Check if member account is expired.
if ($auth->is_expired_account()){
//This user's account is expired. Not allowed to see this comment. Show account expiry notice also.
$text = SwpmUtils::_('Your account has expired. ') . SwpmMiscUtils::get_renewal_link();
$error_msg = '<div class="swpm-comment-account-expired-msg swpm-yellow-box">'.$text.'</div>';
$this->lastError = apply_filters('swpm_account_expired_msg', $error_msg);
return false;
}
//Check if older post protection addon is active and protection according to it's settings.
$protect_older_posts = apply_filters('swpm_should_protect_older_post', false, $post_id);
if ($protect_older_posts){
//This comment is protected due to the older post protection addon settings configuration.
$text = SwpmUtils::_('This content can only be viewed by members who joined on or before ') . SwpmUtils::get_formatted_and_translated_date_according_to_wp_settings($post->post_date);
$error_msg = '<div class="swpm-comment-older-post-msg">'.$text.'</div>';
$this->lastError = apply_filters ('swpm_restricted_comment_older_post', $error_msg);
return false;
}
//Check if this member can view this comment based on his membership level
$permission = SwpmPermission::get_instance($auth->get('membership_level'));
if(!$permission->is_permitted($post_id)) {
//This member's membership level doesn't have access to this comment's post. Not allowed to see this comment.
$error_msg = '<div class="swpm-comment-no-access-msg">' . SwpmUtils::_('This content is not permitted for your membership level.').'</div>';
$this->lastError = apply_filters ('swpm_restricted_comment_msg', $error_msg);
return false;
}
//All checks have passed at this stage. Show this comment to this user.
return true;
}
public function filter_post($post,$content){
if (!is_a($post, 'WP_Post')) {
//This is not a WP_Post object. So we don't want to handle it in our plugin.
return $content;
//return SwpmUtils::_('Error! $post is not a valid WP_Post object.');
}
if(self::expired_user_has_access_to_this_page()) {
return $content;//An expired user is viewing this page and it is a system page, so allow access.
}
if(SwpmUtils::is_first_click_free($content)) {
return $content;//First click free is true, so allow access.
}
if($this->can_i_read_post($post)) {
return $content;//This member has access to this post, so allow access.
}
//Check and apply more tag protection.
$more_tag_protection_value = $this->check_and_apply_more_tag_protection($post, $content);
if(!empty($more_tag_protection_value)){
//More tag protection was found in the post. Return the modified $content.
return $more_tag_protection_value;
}
//Return whatever the result is from calling the earlier protection check functions.
return $this->lastError;
}
public function check_and_apply_more_tag_protection($post, $content){
//More tag protection is checked after all the OTHER protections have alrady been checked.
//So if a valid logged-in member is accessing a post he has access to then this code won't execute.
//Check if more tag protection is enabled.
$moretag = SwpmSettings::get_instance()->get_value('enable-moretag');
if (empty($moretag)){
//More tag protection is disabled in this site. So return empty string.
return '';
} else {
//More tag protection is enabled in this site. Need to check the post segments to see if there is content after more tag.
$post_segments = explode( '<!--more-->', $post->post_content);
if (count($post_segments) >= 2){
//There is content after the more tag.
$auth = SwpmAuth::get_instance();
if(!$auth->is_logged_in()){
//User is not logged-in. Need to show the login message after the more tag.
$text = SwpmUtils::_("You need to login to view the rest of the content. ") . SwpmMiscUtils::get_login_link();
$error_msg = '<div class="swpm-more-tag-not-logged-in swpm-margin-top-10">' . $text . '</div>';
$more_tag_check_msg = apply_filters('swpm_not_logged_in_more_tag_msg', $error_msg);
} else {
//The user is logged in.
//Lets check if the user's account is expired.
if ($auth->is_expired_account()){
//This user's account is expired. Not allowed to see this post. Show account expiry notice also.
$text = SwpmUtils::_('Your account has expired. ') . SwpmMiscUtils::get_renewal_link();
$error_msg = '<div class="swpm-more-tag-account-expired-msg swpm-yellow-box">'.$text.'</div>';
$more_tag_check_msg = apply_filters('swpm_account_expired_more_tag_msg', $error_msg);
} else {
//At this stage, the user does not have permission to view the content after the more tag.
$text = SwpmUtils::_(" The rest of the content is not permitted for your membership level.");
$error_msg = '<div class="swpm-more-tag-restricted-msg swpm-margin-top-10">' . $text . '</div>';
$more_tag_check_msg = apply_filters ('swpm_restricted_more_tag_msg', $error_msg);
}
}
$filtered_before_more_content = SwpmMiscUtils::format_raw_content_for_front_end_display($post_segments[0]);
$new_post_content = $filtered_before_more_content . $more_tag_check_msg;
return $new_post_content;
}//End of segment count condition check.
}//End of more tag enabled condition check.
//More tag protection not applicable for this post. Return empty string.
return '';
}
public function filter_comment($comment, $content){
if($this->can_i_read_comment($comment)) {
//This user has access to this comment.
return $content;
}
return $this->lastError;
}
public function why(){
return $this->lastError;
}
/*
* This function checks if the current user is an expired user and has access to the system page content (if the current URL is a system page).
*/
public static function expired_user_has_access_to_this_page(){
$auth = SwpmAuth::get_instance();
//Check if the user is logged-into the site.
if(!$auth->is_logged_in()){
//Anonymous user. No access. No need to check anything else.
return false;
}
//Check if account is expired.
if (!$auth->is_expired_account()){
//This users account is not expired. No need to check anything else.
return false;
}
/*** We have a expired member. Lets check if he is viewing a page that is a core system used URL. ***/
if (self::is_current_url_a_system_page()){
//Allow this expired user to view this post/page content since this is a core system page.
return true;
}
//Not a system used page. So the expired user has no access to this page.
return false;
}
/*
* This function checks if the current page being viewed is one of the system used URLs
*/
public static function is_current_url_a_system_page(){
$current_page_url = SwpmMiscUtils::get_current_page_url();
//Check if the current page is the membership renewal page.
$renewal_url = SwpmSettings::get_instance()->get_value('renewal-page-url');
if (empty($renewal_url)) {return false;}
if (SwpmMiscUtils::compare_url($renewal_url, $current_page_url)) {return true;}
//Check if the current page is the membership logn page.
$login_page_url = SwpmSettings::get_instance()->get_value('login-page-url');
if (empty($login_page_url)) {return false;}
if (SwpmMiscUtils::compare_url($login_page_url, $current_page_url)) {return true;}
//Check if the current page is the membership join page.
$registration_page_url = SwpmSettings::get_instance()->get_value('registration-page-url');
if (empty($registration_page_url)) {return false;}
if (SwpmMiscUtils::compare_url($registration_page_url, $current_page_url)) {return true;}
return false;
}
}
Reference in a new issue View git blame Copy permalink