123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298 |
- <?php
- class SwpmAccessControl {
-
- private $lastError;
- private $moretags;
- private static $_this;
-
- private function __construct(){
- $this->lastError = '';
- $this->moretags = array();
- }
-
- public static function get_instance(){
- self::$_this = empty(self::$_this)? new SwpmAccessControl():self::$_this;
- return self::$_this;
- }
- public function can_i_read_post($post){
- if (!is_a($post, 'WP_Post')) {
- //This is not a WP_Post object. So we don't want to handle it in our plugin.
- return true;
- }
-
- $id = $post->ID;
- $this->lastError = '';
- $auth = SwpmAuth::get_instance();
-
- //$protect_everything = SwpmSettings::get_instance()->get_value('protect-everything');
- //if(!empty($protect_everything)){
- //Protect everything is enabled.
- //TODO - This feature is not implemented yet.
- //}
-
- //Check if this is a protected post.
- $protected = SwpmProtection::get_instance();
- if (!$protected->is_protected($id)){
- //This is a totally unprotected post. So everyone has access to it.
- return true;
- }
-
- /*** At this point, we have a protected post. So we need to check if this user can view this post. ***/
-
- //Check if the user is logged in.
- if(!$auth->is_logged_in()){
- //This user is not logged into the site. No access to this protected post.
- $text = SwpmUtils::_('You need to login to view this content. ') . SwpmMiscUtils::get_login_link();
- $error_msg = '<div class="swpm-post-not-logged-in-msg">'.$text.'</div>';
- $this->lastError = apply_filters('swpm_not_logged_in_post_msg', $error_msg);
- return false;
- }
- //Check if the account is expired
- if ($auth->is_expired_account()){
- //This user's account is expired. No access to this post. Show account expiry message.
- $text = SwpmUtils::_('Your account has expired. ') . SwpmMiscUtils::get_renewal_link();
- $error_msg = '<div class="swpm-post-account-expired-msg swpm-yellow-box">'.$text.'</div>';
- $this->lastError = apply_filters('swpm_account_expired_msg', $error_msg);
- return false;
- }
-
- //Check older post protection addon settings (if being used on this site).
- $protect_older_posts = apply_filters('swpm_should_protect_older_post', false, $id);
- if ($protect_older_posts){
- //This post falls under the older post protection condition. No access to it.
- $text = SwpmUtils::_('This content can only be viewed by members who joined on or before ') . SwpmUtils::get_formatted_and_translated_date_according_to_wp_settings($post->post_date);
- $error_msg = '<div class="swpm-post-older-post-msg">'.$text.'</div>';
- $this->lastError = apply_filters ('swpm_restricted_post_msg_older_post', $error_msg);
- return false;
- }
-
- //Check if this user's membership level has access to this post
- $permission = SwpmPermission::get_instance($auth->get('membership_level'));
- if($permission->is_permitted($id)) {
- //This user's membership level has access to it. Show this post to this user.
- return true;
- } else {
- //User's level DOES NOT have access to this post.
- $text = SwpmUtils::_('This content is not permitted for your membership level.');
- $error_msg = '<div class="swpm-post-no-access-msg">'.$text.'</div>';
- $this->lastError = apply_filters ('swpm_restricted_post_msg', $error_msg);
- return false;
- }
-
- //All checks have passed. Show this post to the user.
- return true;
- }
-
- public function can_i_read_comment($comment){
- if (!is_a($comment, 'WP_Comment')) {
- //This is not a valid WP_Comment object. So we don't want to handle it in our plugin.
- return true;
- }
- $id = $comment->comment_ID;
- $post_id = $comment->comment_post_ID;
- $post = get_post($post_id);
- $this->lastError = '';
- $auth = SwpmAuth::get_instance();
-
- //Check if everything protected settings is on.
- //$protect_everything = SwpmSettings::get_instance()->get_value('protect-everything');
- //if(!empty($protect_everything)){
- //Everything is protected by default.
- //TODO - This feature is currently not implemented.
- //}
-
- //Check if the post (that this comment belongs to) is protected.
- $protected = SwpmProtection::get_instance();
- if (!$protected->is_protected($post_id)){
- //The post of this comment is not protected. So this is an unprotected comment. Show it to everyone.
- return true;
- }
-
- /*** At this point, we have a protected comment. So we need to check if this user can view this comment. ***/
-
- //Check if the user is logged-in as a member.
- if(!$auth->is_logged_in()){
- //User is not logged-in. Not allowed to see this protected comment.
- $error_msg = '<div class="swpm-comment-not-logged-in">' . SwpmUtils::_("You need to login to view this content. ") . '</div>';
- $this->lastError = apply_filters('swpm_not_logged_in_comment_msg', $error_msg);
- return false;
- }
- //Check if member account is expired.
- if ($auth->is_expired_account()){
- //This user's account is expired. Not allowed to see this comment. Show account expiry notice also.
- $text = SwpmUtils::_('Your account has expired. ') . SwpmMiscUtils::get_renewal_link();
- $error_msg = '<div class="swpm-comment-account-expired-msg swpm-yellow-box">'.$text.'</div>';
- $this->lastError = apply_filters('swpm_account_expired_msg', $error_msg);
- return false;
- }
-
- //Check if older post protection addon is active and protection according to it's settings.
- $protect_older_posts = apply_filters('swpm_should_protect_older_post', false, $post_id);
- if ($protect_older_posts){
- //This comment is protected due to the older post protection addon settings configuration.
- $text = SwpmUtils::_('This content can only be viewed by members who joined on or before ') . SwpmUtils::get_formatted_and_translated_date_according_to_wp_settings($post->post_date);
- $error_msg = '<div class="swpm-comment-older-post-msg">'.$text.'</div>';
- $this->lastError = apply_filters ('swpm_restricted_comment_older_post', $error_msg);
- return false;
- }
-
- //Check if this member can view this comment based on his membership level
- $permission = SwpmPermission::get_instance($auth->get('membership_level'));
- if(!$permission->is_permitted($post_id)) {
- //This member's membership level doesn't have access to this comment's post. Not allowed to see this comment.
- $error_msg = '<div class="swpm-comment-no-access-msg">' . SwpmUtils::_('This content is not permitted for your membership level.').'</div>';
- $this->lastError = apply_filters ('swpm_restricted_comment_msg', $error_msg);
- return false;
- }
-
- //All checks have passed at this stage. Show this comment to this user.
- return true;
- }
- public function filter_post($post,$content){
- if (!is_a($post, 'WP_Post')) {
- //This is not a WP_Post object. So we don't want to handle it in our plugin.
- return $content;
- //return SwpmUtils::_('Error! $post is not a valid WP_Post object.');
- }
-
- if(self::expired_user_has_access_to_this_page()) {
- return $content;//An expired user is viewing this page and it is a system page, so allow access.
- }
-
- if(SwpmUtils::is_first_click_free($content)) {
- return $content;//First click free is true, so allow access.
- }
- if($this->can_i_read_post($post)) {
- return $content;//This member has access to this post, so allow access.
- }
- //Check and apply more tag protection.
- $more_tag_protection_value = $this->check_and_apply_more_tag_protection($post, $content);
- if(!empty($more_tag_protection_value)){
- //More tag protection was found in the post. Return the modified $content.
- return $more_tag_protection_value;
- }
-
- //Return whatever the result is from calling the earlier protection check functions.
- return $this->lastError;
- }
-
- public function check_and_apply_more_tag_protection($post, $content){
- //More tag protection is checked after all the OTHER protections have alrady been checked.
- //So if a valid logged-in member is accessing a post he has access to then this code won't execute.
-
- //Check if more tag protection is enabled.
- $moretag = SwpmSettings::get_instance()->get_value('enable-moretag');
- if (empty($moretag)){
- //More tag protection is disabled in this site. So return empty string.
- return '';
- } else {
- //More tag protection is enabled in this site. Need to check the post segments to see if there is content after more tag.
- $post_segments = explode( '<!--more-->', $post->post_content);
- if (count($post_segments) >= 2){
- //There is content after the more tag.
- $auth = SwpmAuth::get_instance();
- if(!$auth->is_logged_in()){
- //User is not logged-in. Need to show the login message after the more tag.
- $text = SwpmUtils::_("You need to login to view the rest of the content. ") . SwpmMiscUtils::get_login_link();
- $error_msg = '<div class="swpm-more-tag-not-logged-in swpm-margin-top-10">' . $text . '</div>';
- $more_tag_check_msg = apply_filters('swpm_not_logged_in_more_tag_msg', $error_msg);
- } else {
- //The user is logged in.
- //Lets check if the user's account is expired.
- if ($auth->is_expired_account()){
- //This user's account is expired. Not allowed to see this post. Show account expiry notice also.
- $text = SwpmUtils::_('Your account has expired. ') . SwpmMiscUtils::get_renewal_link();
- $error_msg = '<div class="swpm-more-tag-account-expired-msg swpm-yellow-box">'.$text.'</div>';
- $more_tag_check_msg = apply_filters('swpm_account_expired_more_tag_msg', $error_msg);
- } else {
- //At this stage, the user does not have permission to view the content after the more tag.
- $text = SwpmUtils::_(" The rest of the content is not permitted for your membership level.");
- $error_msg = '<div class="swpm-more-tag-restricted-msg swpm-margin-top-10">' . $text . '</div>';
- $more_tag_check_msg = apply_filters ('swpm_restricted_more_tag_msg', $error_msg);
- }
- }
- $filtered_before_more_content = SwpmMiscUtils::format_raw_content_for_front_end_display($post_segments[0]);
- $new_post_content = $filtered_before_more_content . $more_tag_check_msg;
- return $new_post_content;
-
- }//End of segment count condition check.
- }//End of more tag enabled condition check.
-
- //More tag protection not applicable for this post. Return empty string.
- return '';
- }
-
- public function filter_comment($comment, $content){
- if($this->can_i_read_comment($comment)) {
- //This user has access to this comment.
- return $content;
- }
- return $this->lastError;
- }
-
- public function why(){
- return $this->lastError;
- }
-
- /*
- * This function checks if the current user is an expired user and has access to the system page content (if the current URL is a system page).
- */
- public static function expired_user_has_access_to_this_page(){
- $auth = SwpmAuth::get_instance();
-
- //Check if the user is logged-into the site.
- if(!$auth->is_logged_in()){
- //Anonymous user. No access. No need to check anything else.
- return false;
- }
-
- //Check if account is expired.
- if (!$auth->is_expired_account()){
- //This users account is not expired. No need to check anything else.
- return false;
- }
-
- /*** We have a expired member. Lets check if he is viewing a page that is a core system used URL. ***/
- if (self::is_current_url_a_system_page()){
- //Allow this expired user to view this post/page content since this is a core system page.
- return true;
- }
-
- //Not a system used page. So the expired user has no access to this page.
- return false;
- }
-
- /*
- * This function checks if the current page being viewed is one of the system used URLs
- */
- public static function is_current_url_a_system_page(){
- $current_page_url = SwpmMiscUtils::get_current_page_url();
-
- //Check if the current page is the membership renewal page.
- $renewal_url = SwpmSettings::get_instance()->get_value('renewal-page-url');
- if (empty($renewal_url)) {return false;}
- if (SwpmMiscUtils::compare_url($renewal_url, $current_page_url)) {return true;}
- //Check if the current page is the membership logn page.
- $login_page_url = SwpmSettings::get_instance()->get_value('login-page-url');
- if (empty($login_page_url)) {return false;}
- if (SwpmMiscUtils::compare_url($login_page_url, $current_page_url)) {return true;}
- //Check if the current page is the membership join page.
- $registration_page_url = SwpmSettings::get_instance()->get_value('registration-page-url');
- if (empty($registration_page_url)) {return false;}
- if (SwpmMiscUtils::compare_url($registration_page_url, $current_page_url)) {return true;}
-
- return false;
- }
-
- }
|