Context Navigation

← Previous Changeset
Next Changeset →

Changeset 355695

Timestamp:

03/05/2011 01:02:36 PM (15 years ago)

Author:

NipponMonkey

Message:

0.6 Release

Location:

buddypress-private-community

Files:

: 4 added
: 3 edited

tags/0.6 (added)
tags/0.6/mm-buddypress-private-community-config-EXAMPLE.php (added)
tags/0.6/mm-buddypress-private-community.php (added)
tags/0.6/readme.txt (added)
trunk/mm-buddypress-private-community-config-EXAMPLE.php (modified) (5 diffs)
trunk/mm-buddypress-private-community.php (modified) (7 diffs)
trunk/readme.txt (modified) (13 diffs)

Legend:

: Unmodified
: Added
: Removed

buddypress-private-community/trunk/mm-buddypress-private-community-config-EXAMPLE.php

-                      r290666
+                      r355695
  * This must be saved here:
  *  - /wp-content/plugins/buddypress-private-community-config/mm-buddypress-private-community-config.php
+ * to stop this file from being overwritten when the plugin is updated. And so no database calls are needed.
+ * IMPORTANT NOTE: The config file SHOULD NOT be contained in this plugins folder, it should have its own folder in the plugins directory as shown above.
+ * This is to stop the file from being overwritten when the plugin is updated, and so no database calls are needed.
+ *
+ * See FAQs and forum for more examples of config file setups. You'll need a config file if you're not running your BP community from the root of your domain or sub-domain.
+ * http://buddypress.org/community/groups/buddypress-private-community/home/
+ *
  * You can change the below settings:
  */
+/**
+ * There are 2 modes:
+ *
+ * 1, ::$MODE = ::MODE_BLOCK_ALL_AND_ALLOW_SOME_URIS (DEFAULT MODE)
+ *      - Blocks all pages/URIs apart from them listed in the ::$ALLOWED_URIS array from logged out users.
+ *      - Widgets can be unblocked by adding their ids to the ::$ALLOWED_WIDGET_IDS (when ::$BLOCK_WIDGETS=TRUE)
+ *
+ * 2, ::$MODE = ::MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS (opposite to the above mode)
+ *      - Doesn't block any pages from logged out users apart from the URIs listed in the ::$NOT_ALLOWED_URIS
+ *      - Widgets can be blocked by adding them to the ::$NOT_ALLOWED_WIDGET_IDS
+ *
+ */
+MM_BUDDYPRESS_PRIVATE_COMMUNITY::$MODE = MM_BUDDYPRESS_PRIVATE_COMMUNITY::MODE_BLOCK_ALL_AND_ALLOW_SOME_URIS;
+//MM_BUDDYPRESS_PRIVATE_COMMUNITY::$MODE = MM_BUDDYPRESS_PRIVATE_COMMUNITY::MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS;
+/*
+ * If your community isn't on the root of your domain or sub-domain then you should set the ::$WP_SUB_FOLDER to the directory of your community.
+ * e.g. http://my-domain.com/{my-wp-installation}, then ::$SUB_FOLDER=''
+ * e.g. http://my-domain.com/sub-folder-name/{my-wp-installation}, then ::$SUB_FOLDER='sub-folder-name'
+ * e.g. http://my-domain.com/sub/folder/name/{my-wp-installation}, then ::$SUB_FOLDER='sub/folder/name'
+ * Note, don't use a start or trailing '/' otherwise the plugin won't work.
+ */
+//MM_BUDDYPRESS_PRIVATE_COMMUNITY::$WP_SUB_FOLDER                   = 'my/private/community';
 /**
  * $ALLOWED_URIS is an array of URIs that are accessible to everyone.
 …
  *  - '/about' is OK, but '/about/' isn't valid!
  *  - '/about?page=info' is OK too
+ *  - '' is the homepage, '/' is invalid!
+ *  - '' is the HOMEPAGE,
+ *  - '/' is INVALID!
+ *
  * You can now also use the special character '*' at the end of your uris to allow access to greater areas of your site.
 …
 MM_BUDDYPRESS_PRIVATE_COMMUNITY::$ALLOWED_URIS          = Array('/contacts', '/about', '/welcome');
 /**
+ * Used in the ::MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS mode only. List of URIs that should be blocked.
+ * Note, you should use the special char * to stop access to all sub folders and query strings.
+ * array('/private', '/private/*', '/private?*') or array('/private*')
+ */
+MM_BUDDYPRESS_PRIVATE_COMMUNITY::$NOT_ALLOWED_URIS      = Array('/private*');
+/**
  * Currently the REDIRECT_TO_URL cannot include a '?' in the URL!
  * This would result in an infinite redirect loop!
 …
  *  - "site_url() . '/info'" is OK, but "site_url() . '/info?page=landing_page'" would result in an infinite redirect loop!
+ *
  * Obviously, this URL should exist on your site!
+ * Obviously, this URL should exist on your site or on another site, if required.
+ *
  * Default = site_url() (Your homepage)
 …
 /**
  * If true, this blocks all BuddyPress and WordPress sidebar widgets from displaying when the user is logged out.
+ * Selected widgets can be displayed by adding their ids to the ::$ALLOWED_WIDGET_IDS.
  * Default = TRUE
  */
 //MM_BUDDYPRESS_PRIVATE_COMMUNITY::$BLOCK_WIDGETS           = FALSE;
+/**
+ * A list of widget ids that are allowed to be displayed. All other widgets are hidden when ::$BLOCK_WIDGETS=TRUE.
+ * Used in MODE_BLOCK_ALL_AND_ALLOW_SOME_URIS only.
+ * E.g. Array('calendar-2'); where calendar-2 is a widget id.
+ * Widget ids can be found be inspecting their html, e.g <div id="calendar-2">{WIDGET}</div>
+ * @var Array
+ */
+MM_BUDDYPRESS_PRIVATE_COMMUNITY::$ALLOWED_WIDGET_IDS        = Array('calendar-2');
+/**
+ * A list of widget ids that are not allowed to be displayed. All other widgets are displayed.
+ * Used in MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS only.
+ * E.g. Array('calendar-2'); where calendar-2 is a widget id.
+ * Widget ids can be found be inspecting their html, e.g <div id="calendar-2">{WIDGET}</div>
+ * @var Array
+ */
+//MM_BUDDYPRESS_PRIVATE_COMMUNITY::$NOT_ALLOWED_WIDGET_IDS  = Array('private-widget-2');
 /**
  * This blocks all BuddyPress and WordPress RSS feeds if TRUE.

buddypress-private-community/trunk/mm-buddypress-private-community.php

-                      r290666
+                      r355695
 Plugin Name: BuddyPress Private Community
 Plugin URI: http://wordpress.org/extend/plugins/buddypress-private-community/
 Description: This plugin makes your BuddyPress community private. Only logged in members can view the social areas in full. You can set URLs that are available to everyone.
 Version: 0.5
+Description: This plugin makes your BuddyPress community private. In the default mode, only logged in members can view the social areas in full, logged out users have restricted access. You can restrict the access of logged out users by listing the pages/areas of your site that you'd like to make public to the world in the config file (See FAQs or the example config file for more information.) Alternatively, you can make your site accessible to logged out users, but restrict access to some private pages/areas of your site. This plugin also blocks widgets and RSS feeds by default, you can config which widgets you'd like to be blocked or not blocked and you can allow RSS feeds by changing the config file. This plugin is very flexible and can be set-up to work how you'd like it to work. See the FAQs or the example config file for more information about the two modes and configurable settings. If you're running BP not on the root of your domain or sub-domain, then you'll need to make a config file before this plugin will work - again see FAQs. Also, you can see this plugin in action here: <a href="http://www.englishpubpool.co.uk/bppc_test/about/">http://www.englishpubpool.co.uk/bppc_test/about/</a>
+Version: 0.6
 Author: NipponMonkey
 Author URI: http://www.englishpubpool.co.uk
+Author URI: http://www.englishpubpool.co.uk/bppc_test/about/
 License: GPL2
 */
 …
     require( dirname(dirname( __FILE__ )) . '/buddypress-private-community-config/mm-buddypress-private-community-config.php' );
 // Initiate the static plugin class on init
+// Initiate the static plugin class on init
 add_action('init', array('MM_BUDDYPRESS_PRIVATE_COMMUNITY', 'initiate'), 1);
 class MM_BUDDYPRESS_PRIVATE_COMMUNITY {
+    /**
+     * Default mode. Blocks all pages apart from the ones listed in the ::$ALLOWED_URIS array.
+     * @var int
+     */
+    const MODE_BLOCK_ALL_AND_ALLOW_SOME_URIS        = 1;
+    /**
+     * Blocks no pages apart from the ones listed in the ::$NOT_ALLOWED_URIS array.
+     * @var int
+     */
+    const MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS   = 2;
+    /**
+     * The mode, can be changed in the config file.
+     * @var int
+     */
+    public static $MODE                             = MM_BUDDYPRESS_PRIVATE_COMMUNITY::MODE_BLOCK_ALL_AND_ALLOW_SOME_URIS;
+    /**
+     * '' will redirect to the WP home page, otherwise provide an full URL. E.g. "http://my-domain.com/landing-page" or site_url('redirect-landing-page').
+     * @var string
+     */
     public static $REDIRECT_TO_URL                  = '';
     public static $BLOCK_RSS_FEEDS                  = TRUE;
     public static $BLOCK_RSS_FEEDS_WHEN_LOGGED_IN   = TRUE;
+    /**
+     * This will be displayed in the query part of the URL after a logged out user tries to access a private page.
+     * @var string
+     */
+    public static $REDIRECT_HOOK                    = 'bp_pc_redir_to';
+    /**
+     * This will block widgets from being displayed when the user is loggeed out. This will help to hide private content.
+     * When set to true, you can still allow some widgets by adding the widget's id to the ::$ALLOWED_WIDGET_IDS.
+     * @var Boolean
+     */
     public static $BLOCK_WIDGETS                    = TRUE;
+    public static $REDIRECT_HOOK                    = 'bp_pc_redir_to';
+    /*
+     * Used in MODE_BLOCK_ALL_AND_ALLOW_SOME_URIS only. Array of allowed urls that non-logged in users have access to.
+     * E.g. array('/redirect-landing-page','/contacts','/about')
+     * This array can be set in the config file - See example config file for more info.
+     * @var Array
+     */
     public static $ALLOWED_URIS                     = Array('');
+    /*
+     * Used in MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS only.
+     * E.g. Array('/private-page-1*', '/private-info*')
+     * This array can be set in the config file - See example config file for more info.
+     * @var Array
+     */
+    public static $NOT_ALLOWED_URIS                 = Array('');
+    /**
+     * A list of widget ids that are allowed to be displayed. All other widgets are hidden.
+     * Used in MODE_BLOCK_ALL_AND_ALLOW_SOME_URIS only.
+     * E.g. Array('calendar-2'); where calendar-2 is a widget id.
+     * Widget ids can be found be inspecting their html, e.g <div id="calendar-2">{WIDGET}</div>
+     * @var Array
+     */
+    public static $ALLOWED_WIDGET_IDS               = Array();
+    /**
+     * A list of widget ids that are not allowed to be displayed. All other widgets are displayed.
+     * Used in MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS only.
+     * E.g. Array('calendar-2'); where calendar-2 is a widget id.
+     * Widget ids can be found be inspecting their html, e.g <div id="calendar-2">{WIDGET}</div>
+     * @var Array
+     */
+    public static $NOT_ALLOWED_WIDGET_IDS           = Array();
+    /*
+     * e.g. http://my-domain.com/my-wp-installation, then ::$SUB_FOLDER=''
+     * e.g. http://my-domain.com/sub-folder-name/my-wp-installation, then ::$SUB_FOLDER='sub-folder-name'
+     * e.g. http://my-domain.com/sub/folder/name/my-wp-installation, then ::$SUB_FOLDER='sub/folder/name'
+     * Note, don't use a start or trailing '/'.
+     */
+    public static $WP_SUB_FOLDER                    = '';
     /**
 …
      */
     protected static function handle_block_widgets() {
+        if (MM_BUDDYPRESS_PRIVATE_COMMUNITY::$BLOCK_WIDGETS === TRUE) {
+            add_action('bp_after_sidebar_login_form', array('MM_BUDDYPRESS_PRIVATE_COMMUNITY', 'hide_wp_widgets_from_logged_out'), 1);
+        if (is_user_logged_in() === FALSE) {
+            if (MM_BUDDYPRESS_PRIVATE_COMMUNITY::$BLOCK_WIDGETS === TRUE) {
+                add_action('wp_head', array('MM_BUDDYPRESS_PRIVATE_COMMUNITY', 'hide_wp_widgets_where_needed'), 1);
+            }
+        }
+    }
 …
     /**
+     * An easy way to block all widgets from being displayed to logged out users.
+     *
+     * This assumes the login form is available on the accessible page, and that the login form comes before the
+     * sidebar widget area - like in the standard theme.
+     *
+     * It removes the registered widgets when the BuddyPress login form is shown, and adds them again
+     * after the sidebar template has been processed.
+     *
+     * This means the widgets will be available in other widgeted areas.
+     * Takes out all unwanted widgets running checks against allowed/not allowed widget ids set by the user in the config file - depending on the mode too.
+     *
      */
+    public static function hide_wp_widgets_from_logged_out() {
+        // WordPress global
+    public static function hide_wp_widgets_where_needed() {
         global $wp_registered_widgets;
+        // removes all widgets so they can't be displayed!
+        $wp_registered_widgets = array('all_widgets' => $wp_registered_widgets);
+        add_action('bp_inside_after_sidebar', array('MM_BUDDYPRESS_PRIVATE_COMMUNITY', 'hide_wp_widgets_from_logged_out_restore_widgets_global'), 1);
+    }
+    public static function hide_wp_widgets_from_logged_out_restore_widgets_global() {
+        // WordPress global
+        global $wp_registered_widgets;
+        // Adds the widgets again! They could now be used in other widgets areas.
+        $wp_registered_widgets = $wp_registered_widgets['all_widgets'];
+        if (MM_BUDDYPRESS_PRIVATE_COMMUNITY::$MODE===MM_BUDDYPRESS_PRIVATE_COMMUNITY::MODE_BLOCK_ALL_AND_ALLOW_SOME_URIS) {
+            // Mainly not allowing access, so block widgets.
+            $is_blocking = true;
+            $widget_ids = MM_BUDDYPRESS_PRIVATE_COMMUNITY::$ALLOWED_WIDGET_IDS;
+        }else if (MM_BUDDYPRESS_PRIVATE_COMMUNITY::$MODE===MM_BUDDYPRESS_PRIVATE_COMMUNITY::MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS) {
+            // Mainly allowing access, so don't block widgets.
+            $is_blocking = false;
+            $widget_ids = MM_BUDDYPRESS_PRIVATE_COMMUNITY::$NOT_ALLOWED_WIDGET_IDS;
+        }
+        if (count($widget_ids)==0) {
+            if ($is_blocking) $wp_registered_widgets = array();// block all. Otherwise allow all (hence no else!)
+        }else {
+            $allowed_widgets = array();
+            foreach ($wp_registered_widgets as $widget_id=>$widget) {
+                $was_found = false;
+                foreach ($widget_ids as $allowed_id)  {
+                    if ($allowed_id==$widget_id) {
+                        $was_found = true;;
+                        if ($is_blocking) {
+                            // Widget found in allowed list - so keep it!
+                            $allowed_widgets[$widget_id] = $widget;
+                        }
+                        continue; // go to next widget
+                    }
+                }
+                if (!$is_blocking && !$was_found) {
+                    // Widget not found in not allowed list - so keep it!
+                    $allowed_widgets[$widget_id] = $widget;
+                }
+            }
+            $wp_registered_widgets = $allowed_widgets;
+        }
+    }
 …
             if (isset($_GET[$REDIRECT_QUERY_NAME]) && preg_match('/^\//', $_GET[$REDIRECT_QUERY_NAME])!=0) {
                 // This always redirects logged in users when the $REDIRECT_QUERY_NAME is valid!
                 $REDIRECT_TO = $bp->root_domain . urldecode($_GET[$REDIRECT_QUERY_NAME]);
+                $REDIRECT_TO = site_url(urldecode($_GET[$REDIRECT_QUERY_NAME]));
                 bp_core_redirect($REDIRECT_TO);
                 exit();
+            }
             // User is logged in - so everything else is OK - normal WP/BP permission take control.
+            return;
         }else {
             /**
 …
              */
             $REDIRECT_TO = MM_BUDDYPRESS_PRIVATE_COMMUNITY::$REDIRECT_TO_URL;
-            $allowed_uris = MM_BUDDYPRESS_PRIVATE_COMMUNITY::$ALLOWED_URIS;
             // Current page URI.
 …
             /**
              * Prepare the URI for checking against the allowed URIs
+             *  - Remove the sub folder from the URI.
              *  - Remove the the $REDIRECT_QUERY_NAME part if it has one
              *  - Remove the ? if the URI now ends with ?
              *  - Remove the final / if the URI now ends in /
+             *
              * E.g. "/about/?bella-redir=/members" will be converted to "/about"
+             * E.g. "/to-my-bp-folder/events/?event_id=4&bella-redir=/members" will be converted to "/events/?event_id=4"
              */
+            $uri_trimmed = preg_replace("/" . $REDIRECT_QUERY_NAME . "=[^&?]*/", '', $uri);
+            $uri_trimmed = preg_replace("/\?$/", '', $uri_trimmed);
+            $uri_trimmed = preg_replace("/\/$/", '', $uri_trimmed);
+            //$uri_trimmed = preg_replace("/\/?\??" . $REDIRECT_QUERY_NAME . "=[^&?]*/", '', $uri);
+            if (MM_BUDDYPRESS_PRIVATE_COMMUNITY::$WP_SUB_FOLDER==''){
+                // Don't have to trim the $WP_SUB_FOLDER folder.
+                $uri_trimmed = $uri;
+            }else {
+                $uri_trimmed = substr($uri, strlen(MM_BUDDYPRESS_PRIVATE_COMMUNITY::$WP_SUB_FOLDER) + 1);
+            }
+            $uri_trimmed = preg_replace(
+                array("/" . $REDIRECT_QUERY_NAME . "=[^&?]*/",  "/\?$/",    "/\/$/"),
+                array('',                                       '',         ''),
+                $uri_trimmed
+            );
             $uri_trimmed = strtolower($uri_trimmed);
+            /**
+             * Check to see if logged out user is allowed access to this page
+             */
+            for ($i=0; $i < count($allowed_uris); $i++) {
+                $cur_allowed_uri = strtolower($allowed_uris[$i]);
+                if (
+                    (
+                        $cur_allowed_uri === $uri_trimmed
+                    ) || (
+                        strpos($cur_allowed_uri, '*') === strlen($cur_allowed_uri) - 1
+                        && strpos($uri_trimmed, substr($cur_allowed_uri, 0, strlen($cur_allowed_uri) - 1)) === 0
+                    )
+                ) {
+                    // Is allowed access, so return.
+                    return;
+            if (MM_BUDDYPRESS_PRIVATE_COMMUNITY::$MODE===MM_BUDDYPRESS_PRIVATE_COMMUNITY::MODE_BLOCK_ALL_AND_ALLOW_SOME_URIS) {
+                /**
+                 * Check to see if logged out user is allowed access to this page
+                 */
+                $allowed_uris = MM_BUDDYPRESS_PRIVATE_COMMUNITY::$ALLOWED_URIS;
+                for ($i=0; $i < count($allowed_uris); $i++) {
+                    $cur_allowed_uri = strtolower($allowed_uris[$i]);
+                    if (
+                        (
+                            $cur_allowed_uri === $uri_trimmed
+                        ) || (
+                            strpos($cur_allowed_uri, '*') === strlen($cur_allowed_uri) - 1
+                            && strpos($uri_trimmed, substr($cur_allowed_uri, 0, strlen($cur_allowed_uri) - 1)) === 0
+                        )
+                    ) {
+                        // Is allowed access, so return.
+                        return;
+                    }
+                }
+            }
+            // If this part is reached, then the user is logged out and doesn't have access to this page.
+            // So, handle the redirect to the default accessible page.
+                // If this part is reached, then the user is logged out and doesn't have access to this page
+                // because it's not in the allowed list.
+                // So, handle the redirect to the default accessible page.
+                // Add redirect URL, if needed
+                if (preg_match('/^\//', $uri_trimmed)===0) {
+                    $uri_trimmed = '/' . $uri_trimmed;
+                }
+                // This assumes the $REDIRECT_TO doesn't already have a ? in the URL.
+                // '/' added at the start to stop an extra redirect that BP seems to do to add it to the URL.
+                $REDIRECT_TO .= '/?' . $REDIRECT_QUERY_NAME . '=' . urlencode($uri_trimmed);
+                bp_core_redirect($REDIRECT_TO);
+                exit();
+            }else if (MM_BUDDYPRESS_PRIVATE_COMMUNITY::$MODE===MM_BUDDYPRESS_PRIVATE_COMMUNITY::MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS) {
+                /**
+                 * Check to see if logged out user is allowed access to this page
+                 */
+                $not_allowed_uris = MM_BUDDYPRESS_PRIVATE_COMMUNITY::$NOT_ALLOWED_URIS;
+                for ($i=0; $i < count($not_allowed_uris); $i++) {
+                    $cur_not_allowed_uri = strtolower($not_allowed_uris[$i]);
+                    if (
+                        (
+                            $cur_not_allowed_uri === $uri_trimmed
+                        ) || (
+                            strpos($cur_not_allowed_uri, '*') === strlen($cur_not_allowed_uri) - 1
+                            && strpos($uri_trimmed, substr($cur_not_allowed_uri, 0, strlen($cur_not_allowed_uri) - 1)) === 0
+                        )
+                    ) {
+                        // If this part is reached, then the user is logged out and doesn't have access to this page
+                        // because it's in the allowed list.
+                        // So, handle the redirect to the default accessible page.
+                        // Add redirect URL, if needed
+                        if (preg_match('/^\//', $uri_trimmed)===0) {
+                            $uri_trimmed = '/' . $uri_trimmed;
+                        }
+                        // This assumes the $REDIRECT_TO doesn't already have a ? in the URL.
+                        // '/' added at the start to stop an extra redirect that BP seems to do to add it to the URL.
+                        $REDIRECT_TO .= '/?' . $REDIRECT_QUERY_NAME . '=' . urlencode($uri_trimmed);
+                        bp_core_redirect($REDIRECT_TO);
+                        exit();
+                    }
+                }
+                // The page didn't match a not allowed URI, so the page can be loaded.
+                return;
+            }else {
+                die('Unknown BuddyPress Private Community Mode: mode=' . MM_BUDDYPRESS_PRIVATE_COMMUNITY::$MODE . '. Please check your config file.');
+            }
-            // Add redirect URL, if needed
-            if (preg_match('/^\//', $uri_trimmed)===0) {
-                $uri_trimmed = '/' . $uri_trimmed;
+            }
-            // This assumes the $REDIRECT_TO doesn't already have a ? in the URL.
-            $REDIRECT_TO .= '?' . $REDIRECT_QUERY_NAME . '=' . urlencode($uri_trimmed);
-            bp_core_redirect($REDIRECT_TO);
-            exit();
+        }
+    }

buddypress-private-community/trunk/readme.txt

-                      r290666
+                      r355695
 Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=RWX65UE2TBFH2
 Tags: private, community, privacy, secret, secure, buddypress, buddy, press, BP, admin, page, security, plugin
 Requires at least: Only tested on 2.9+
 Tested up to: 3.0.1 & 1.2.5.2
 Stable tag: 0.5
+Requires at least: Only tested on 2.9+ (Requires PHP5)
+Tested up to: 3.1 & 1.2.8
+Stable tag: 0.6
 This plugin makes your BuddyPress community private. Only logged in members can view the social areas in full. You can configure the default settings.
 …
 == Description ==
+This plugin makes your BuddyPress community private. So, only logged in members can view all areas of your community.
+If you visit the community when you're logged out and your visiting a private page, then you're redirected to a landing page of your choice. It defaults to the homepage.
+You can set urls that are accessibly to non-logged in users using a special config php file - no database calls are needed.
+By default the plugin blocks all of your widgets from being visible to logged out users. This stops possible private information from being seen when non-logged in users visit your site.
+Also, all RSS feeds are blocked by default too. These default settings can be changed in a special config file - see FAQs for more information.
+This plugin makes your BuddyPress community private. You can control which areas of your site are accessible to logged out users in two ways, "restrict site access, but allow some public pages" or "allow site access, but restrict some private pages". This plugin also can block widgets from logged out users and block all RSS feeds.
+In the default mode (restrict access, but allow some public pages), logged out users only have access to your homepage, or access to a list of pages/areas that you'd like to make public. Logged in members have full site access.
+If you visit the community when you're logged out and you're visiting a private page, then you're redirected to a landing page of your choice (defaults to the homepage).
+You can set uris that are accessibly to non-logged in users using a special config php file - no database calls are needed.
+In the alternative mode (allow site access, but restrict some private pages), logged out members have full site access, but you are able to make some pages/areas of your site private - so only logged in members are able to view them. This is the opposite to the default mode.
+In the default mode, the plugin blocks all of your widgets from being visible to logged out users. This stops possible private information from being seen when non-logged in users visit your site.
+You can change the config file so that some of your widgets are still displayed. In the alternative mode, all widgets are shown but you're able to block widgets that should only be displayed to members.
+Also, all RSS feeds are blocked by default too.
 You might also like to change these setting in your WordPress and BuddyPress settings.
 …
 * WP Privacy Settings: Site Visibility = I would like to block search engines, but allow normal visitors
+See the FAQs or the example config file in the download for more information on configuring this plugin.
+You can see an example of this plugin working in the default mode here: http://www.englishpubpool.co.uk/bppc_test/about/
+* Please note, this plugin requires PHP 5.
 If you'd like to ensure that users don't stay logged into your site after a set period of inactivity (for security reasons), then you could use this plugin:
 …
 . Upload the plugin's folder to the `/wp-content/plugins/` directory
 . Activate the plugin through the 'Plugins' menu in WordPress
+. That's it!
+. If your community is not in the root of your domain or subdomain, then you must make a config file. You must set the ::$WP_SUB_FOLDER variable to the directory of your community. E.g. for www.my-domain.com/bp/(BP SITE), ::$WP_SUB_FOLDER='bp'. For www.my-domain.com/charity/community/(BP SITE), ::$WP_SUB_FOLDER='charity/community'. WARNING, please make sure you save the config file in the correct place - See FAQs for information about creating a config file. All it requires is making a new folder (in the correct place) and adding a PHP config with your settings. These settings will override the default settings.
+. That's it!
 You can change the default setting by creating a special config file. See FAQs for more information.
 You can change:
+* The ALLOWED_URIS, these are the pages that are accessible to non-members. (Default = Array(''))
+* The MODE, two modes: block all pages from logged out users apart from a few public pages OR allow access to all pages apart from a few private (members only) ones.
+* The WP_SUB_FOLDER, the directory where your BP site is, this must be changed if your BP site isn't at the root of your domain or sub-domain.
+* The ALLOWED_URIS, these are the pages that are accessible to non-members. (Default = Array('')) (Used in default mode only)
+* The NOT_ALLOWED_URIS, these are the pages that are not accessible to non-members. (Default = Array('')) (Used in alternative mode only)
 * The REDIRECT_TO_URL, this is where you'll be redirected too if you try to access a private page when you're logged out. (Default = site_url())
 * The REDIRECT_HOOK, this is a string that will appear in the URL that stores the private page that you were redirected from. This is used to redirect the user again after logging into your site.
 * The BLOCK_RSS_FEEDS, if true then all of the WordPress and BuddyPress feeds will be blocked. (Default = TRUE)
 * The BLOCK_WIDGETS, if true then the sidebar widgets won't be displayed to logged out users. This is useful as often private information is contained in the sidebar widgets. (Default = TRUE)
+* The ALLOWED_WIDGET_IDS, an array of widget ids that are OK to display to logged out users (Used in default mode only).
+* The NOT_ALLOWED_WIDGET_IDS, an array of widget ids that are not OK to be display to logged out users (Used in alternative mode only).
 * You can also set custom messages that will appear in the RSS/ATOM feeds instead of your private content.
 == Frequently Asked Questions ==
+= Why isn't my config file working? =
+% of the time is because you didn't save the config file in the correct place.
+You MUST save the file in a new directory, not in this plugin's folder structure, but in the main plugins folder.
+`
+// You MUST save the file here:
+/wp-content/plugins/buddypress-private-community-config/mm-buddypress-private-community-config.php
+// NOT HERE:
+/wp-content/plugins/buddypress-private-community/mm-buddypress-private-community-config.php
+// NOR HERE:
+/wp-content/plugins/buddypress-private-community/buddypress-private-community-config/mm-buddypress-private-community-config.php
+`
+This is to ensure that your config setting are not deleted when you update the plugin in the future.
+See "How can I override the default settings?" for information about the setting that you can change.
 = How can I override the default settings? =
 You can create your own config file (that won't be overwritten when you update this plugin) that stores your preferred settings.
 To stop this file from being overwritten when you update the plugin, you have to create a new folder, called "buddypress-private-community-config", in the plugin directory and create a file called "mm-buddypress-private-community-config.php" in the new folder.
 Because the file is in a seperate folder to the plugin, the config file won't be overwritten whe you update the plugin later - and this means no database calls are needed to run this plugin. So, it should be a fast plugin.
 Here is an example config file, that should be saved in the new config directory.
+To stop this file from being overwritten when you update the plugin, you have to create a new folder, called "buddypress-private-community-config", in the WP wp-content/plugins/ directory (NOTE: this is not in the wp-content/plugins/buddypress-private-community folder to avoid overriding the file on update) and create a file called "mm-buddypress-private-community-config.php" in the new folder.
+Because the file is in a seperate folder to the plugin, the config file won't be overwritten when you update the plugin later. Also, this method means no database calls are needed to run this plugin. So, it should be a fast plugin.
+Here is an example config file, that should be saved in the new config directory. It might look confusing at first, but in most cases you only need to use some of these settings as required. See FAQs "How can I allow members to automatically register to my private community?" for a simple config file that allows user to register to your site.
+`
 …
  * This must be saved here:
  *  - /wp-content/plugins/buddypress-private-community-config/mm-buddypress-private-community-config.php
+ * to stop this file from being overwritten when the plugin is updated. And so no database calls are needed.
+ * IMPORTANT NOTE: The config file SHOULD NOT be contained in this plugins folder, it should have its own folder in the plugins directory as shown above.
+ * This is to stop the file from being overwritten when the plugin is updated, and so no database calls are needed.
+ *
+ * See FAQs and forum for more examples of config file setups. You'll need a config file if you're not running your BP community from the root of your domain or sub-domain.
+ * http://buddypress.org/community/groups/buddypress-private-community/home/
+ *
  * You can change the below settings:
  */
+/**
+ * There are 2 modes:
+ *
+ * 1, ::$MODE = ::MODE_BLOCK_ALL_AND_ALLOW_SOME_URIS (DEFAULT MODE)
+ *      - Blocks all pages/URIs apart from them listed in the ::$ALLOWED_URIS array from logged out users.
+ *      - Widgets can be unblocked by adding their ids to the ::$ALLOWED_WIDGET_IDS (when ::$BLOCK_WIDGETS=TRUE)
+ *
+ * 2, ::$MODE = ::MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS (opposite to the above mode)
+ *      - Doesn't block any pages from logged out users apart from the URIs listed in the ::$NOT_ALLOWED_URIS
+ *      - Widgets can be blocked by adding them to the ::$NOT_ALLOWED_WIDGET_IDS
+ *
+ */
+MM_BUDDYPRESS_PRIVATE_COMMUNITY::$MODE = MM_BUDDYPRESS_PRIVATE_COMMUNITY::MODE_BLOCK_ALL_AND_ALLOW_SOME_URIS;
+//MM_BUDDYPRESS_PRIVATE_COMMUNITY::$MODE = MM_BUDDYPRESS_PRIVATE_COMMUNITY::MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS;
+/*
+ * If your community isn't on the root of your domain or sub-domain then you should set the ::$WP_SUB_FOLDER to the directory of your community.
+ * e.g. http://my-domain.com/{my-wp-installation}, then ::$SUB_FOLDER=''
+ * e.g. http://my-domain.com/sub-folder-name/{my-wp-installation}, then ::$SUB_FOLDER='sub-folder-name'
+ * e.g. http://my-domain.com/sub/folder/name/{my-wp-installation}, then ::$SUB_FOLDER='sub/folder/name'
+ * Note, don't use a start or trailing '/' otherwise the plugin won't work.
+ */
+//MM_BUDDYPRESS_PRIVATE_COMMUNITY::$WP_SUB_FOLDER                   = 'my/private/community';
 /**
  * $ALLOWED_URIS is an array of URIs that are accessible to everyone.
 …
  *  - '/about' is OK, but '/about/' isn't valid!
  *  - '/about?page=info' is OK too
+ *  - '' is the homepage, '/' is invalid!
+ *  - '' is the HOMEPAGE,
+ *  - '/' is INVALID!
+ *
  * You can now also use the special character '*' at the end of your uris to allow access to greater areas of your site.
 …
 MM_BUDDYPRESS_PRIVATE_COMMUNITY::$ALLOWED_URIS          = Array('/contacts', '/about', '/welcome');
 /**
+ * Used in the ::MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS mode only. List of URIs that should be blocked.
+ * Note, you should use the special char * to stop access to all sub folders and query strings.
+ * array('/private', '/private/*', '/private?*') or array('/private*')
+ */
+MM_BUDDYPRESS_PRIVATE_COMMUNITY::$NOT_ALLOWED_URIS      = Array('/private*');
+/**
  * Currently the REDIRECT_TO_URL cannot include a '?' in the URL!
  * This would result in an infinite redirect loop!
 …
  *  - "site_url() . '/info'" is OK, but "site_url() . '/info?page=landing_page'" would result in an infinite redirect loop!
+ *
  * Obviously, this URL should exist on your site!
+ * Obviously, this URL should exist on your site or on another site, if required.
+ *
  * Default = site_url() (Your homepage)
 …
 /**
  * If true, this blocks all BuddyPress and WordPress sidebar widgets from displaying when the user is logged out.
+ * Selected widgets can be displayed by adding their ids to the ::$ALLOWED_WIDGET_IDS.
  * Default = TRUE
  */
 //MM_BUDDYPRESS_PRIVATE_COMMUNITY::$BLOCK_WIDGETS           = FALSE;
+/**
+ * A list of widget ids that are allowed to be displayed. All other widgets are hidden when ::$BLOCK_WIDGETS=TRUE.
+ * Used in MODE_BLOCK_ALL_AND_ALLOW_SOME_URIS only.
+ * E.g. Array('calendar-2'); where calendar-2 is a widget id.
+ * Widget ids can be found be inspecting their html, e.g <div id="calendar-2">{WIDGET}</div>
+ * @var Array
+ */
+MM_BUDDYPRESS_PRIVATE_COMMUNITY::$ALLOWED_WIDGET_IDS        = Array('calendar-2');
+/**
+ * A list of widget ids that are not allowed to be displayed. All other widgets are displayed.
+ * Used in MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS only.
+ * E.g. Array('calendar-2'); where calendar-2 is a widget id.
+ * Widget ids can be found be inspecting their html, e.g <div id="calendar-2">{WIDGET}</div>
+ * @var Array
+ */
+//MM_BUDDYPRESS_PRIVATE_COMMUNITY::$NOT_ALLOWED_WIDGET_IDS  = Array('private-widget-2');
 /**
  * This blocks all BuddyPress and WordPress RSS feeds if TRUE.
 …
+`
+// If you're running WP/BP from a sub folder, set this value to direct the plugin to the correct place.
+// Don't set this or set it to '' if your WP/BP site is at the root of your domain or subdomain.
+//MM_BUDDYPRESS_PRIVATE_COMMUNITY::$WP_SUB_FOLDER                   = 'my/private/community'; // for www.my-domain.com/my/private/community/(BP SITE)
 MM_BUDDYPRESS_PRIVATE_COMMUNITY::$ALLOWED_URIS  = Array(
 '/my-landing-page', // your choice of landing page
 '/another-allowed-uri', // any other page(s) you'd to make public to non-members
 '/register', // Allow access to the registration form
 '/activate?key=*' // Allow access to the account activation URIs. The wildcard character * allows all activation codes to be accepted as valid URIs.
+'/my-landing-page',         // Where "/my-landing-page" is your default landing page of choice - this must match your your choice of ::$REDIRECT_TO_URL.
+'/another-allowed-uri',     // (Optional extra uri(s)) any other page(s) you'd to make public to non-members
+'/register',                // Allow access to the registration form
+'/activate?key=*'           // Allow access to the account activation URIs. The wildcard character * allows all activation codes to be accepted as valid URIs.
 );
 MM_BUDDYPRESS_PRIVATE_COMMUNITY::$REDIRECT_TO_URL       = site_url() . '/my-landing-page';
 …
+= How can I allow a widget to be displayed to logged out users? =
+This can be done by adding the widget's id string to the ::$ALLOWED_WIDGET_IDS array. E.g.
+`
+// This line will let the widget with id=calendar-2 to be displayed when logged out users visit your site.
+MM_BUDDYPRESS_PRIVATE_COMMUNITY::$ALLOWED_WIDGET_IDS        = Array('calendar-2');
+`
+You can find the widget's id by looking at your site's source HTML. The widget id should be shown in the widget's main div. E.g.
+`
+<div id="calendar-2">
+    // calendar widget!
+</div>
+`
+You can add more widget ids easily:
+`
+MM_BUDDYPRESS_PRIVATE_COMMUNITY::$ALLOWED_WIDGET_IDS        = Array('calendar-2', 'calendar-3', 'hallooo-widget-2');
+`
+Similarly, you can hide widget in the alternative mode in a similar way - e.g.
+`
+// Used in alternative mode only. (::MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS)
+MM_BUDDYPRESS_PRIVATE_COMMUNITY::$NOT_ALLOWED_WIDGET_IDS    = Array('private-widget-2', 'top-secret-widget-1');
+`
+= What is the redirect hook for? =
+The redirect hook is used to redirect a logged out member to a private page they tried to access when logged out. The redirect happens after they login.
+This is important for when a member gets an email with a link to somewhere on the community that is private. If the member clicks on this link and isn't yet logged in, then they will be redirect to the default landing page.
+When this happens, you notice that the redirect hook can be seen in the url, and it points the page that the member tried to access. Now, when the user successfully logs in, the plugin automatically handles a redirect to the page that the user originally tried to access.
+This means the user doesn't have to go back to their emails and find the link again as the redirect is handled for them.
+You can change the key word/string used as the hook in the config file.
 = How private will my BuddyPress community really be? =
 Well, access to your community through PHP pages will be blocked to logged out users, but your images and uploaded files will still be accessible via their URLs as no PHP code is blocking access to jpgs, xls. etc...
 …
+= Can I use this plugin with PHP 4? =
+Sorry, this plugin only works with PHP 5. WP and BP and moving to PHP 5 only, so we currently have no plans to make this plugin available for PHP 4.
+= I'm getting a parse error! =
+If you can a parse error like below:
+`
+Parse error: syntax error, unexpected T_STRING, expecting T_OLD_FUNCTION or T_FUNCTION or T_VAR or '}' in mm-buddypress-private-community.php on line 39
+`
+This normally means you're not running PHP 5. This plugin requires PHP 5.
+If this wasn't the problem, then you should try installing the plugin again. I've had one report where re-installing the plugin after getting this error fixed the bug - maybe from a bad download or something.
+= I'm getting an infinite redirect loop error! =
+This normally means your config file isn't set up correctly.
+You must make sure that your redirect url is a public page. E.g. here is a simple config file:
+`
+// Here we make a BP page called 'welcome' th default redirect page, and make this a public page to avoid an infinite redirect loop.
+MM_BUDDYPRESS_PRIVATE_COMMUNITY::$WP_SUB_FOLDER         = 'my-community';
+MM_BUDDYPRESS_PRIVATE_COMMUNITY::$ALLOWED_URIS          = Array('/contacts', '/about', '/welcome');
+MM_BUDDYPRESS_PRIVATE_COMMUNITY::$REDIRECT_TO_URL       = site_url('welcome');
+`
+Note that the redirect URL is set to the 'welcome' page. This page must be in the ::$ALLOWED_URIS, as can be seen above.
+If the '/welcome' URI is removed from the ::$ALLOWED_URIS array, then an infinite redirect will occur.
 == Changelog ==
+= 0.6 =
+* IMPORTANT! BREAKABLE UPDATE: Changed how sub-directory installations are handled. Now you must set the ::$WP_SUB_FOLDER variable to the folder where your community is. (my-domain.com/community/{BP_SITE}, then ::$WP_SUB_FOLDER='community'. ALLOWED_URIS would now look like this array('/about') instead of array('/community/about') in this example - meaning that the ALLOWES_URIS are always written in the same way relative to your BP site_url.) See FAQs or the example config file.
+* Added another mode allowing you to give access to logged out users but block a few private pages/URIs (MODE_BLOCK_NONE_AND_NOT_ALLOW_SOME_URIS).
+* Added the ability to display/block widgets (depending on the mode) by their id (ALLOWED_WIDGET_IDS & NOT_$ALLOWED_WIDGET_IDS).
+* Changed how widgets are block, so they should be block on all themes (including two widget column themes).
 = 0.5 =
 …
 == Upgrade Notice ==
+* Version 0.6: IMPORTANT! If you're running BP not from the root of your domain or subdomain, then you'll have to update your config file after making this update (Other users don't have to make any changes). You'll have to set the new WP_SUB_FOLDER variable to match wher your BP community is located and change your ALLOWED_URIS to so there are relative to BP rather then to the root of your domain. (e.g. if my-domain.com/bp-community/{BP_SITE}, then WP_SUB_FOLDER = 'bp-community', and say, array('/bp-community/landing-page')becomes array('/landing-page')). All future updates won't require you to make any changes.
 * Version 0.1: This plugin should upgrade with no changes needed by the user.

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory

Context Navigation

Changeset 355695

Legend:

buddypress-private-community/trunk/mm-buddypress-private-community-config-EXAMPLE.php

buddypress-private-community/trunk/mm-buddypress-private-community.php

buddypress-private-community/trunk/readme.txt

Download in other formats: