From: Chuck Scott Date: Tue, 1 Dec 2015 20:21:03 +0000 (-0500) Subject: Installed better user access controls including checking active flag. X-Git-Tag: v1.0.4^2~1 X-Git-Url: http://cvs2.gaslightmedia.com/gitweb/?a=commitdiff_plain;h=b84be8a68124b2e9a4230b7e8a046264f41baf44;p=WP-Plugins%2Fglm-member-db-contacts.git Installed better user access controls including checking active flag. --- diff --git a/classes/data/dataContacts.php b/classes/data/dataContacts.php index 72849a1..b46800d 100644 --- a/classes/data/dataContacts.php +++ b/classes/data/dataContacts.php @@ -508,7 +508,8 @@ class GlmDataContacts extends GlmDataAbstract 'wordpressLogin' => false, 'wpUser' => false, 'contactsEmail' => false, - 'contactsUsername' => false + 'contactsUsername' => false, + 'active' => false ); // If E-mail address is not supplied @@ -530,10 +531,12 @@ class GlmDataContacts extends GlmDataAbstract $contact = $this->wpdb->get_row("SELECT * FROM ".GLM_MEMBERS_PLUGIN_DB_PREFIX . "contacts WHERE email = '$email';", ARRAY_A); if ($contact !== null) { $r['contactsEmail'] = true; + $r['active'] = ($r['active'] > 0); } $contact = $this->wpdb->get_row("SELECT * FROM ".GLM_MEMBERS_PLUGIN_DB_PREFIX . "contacts WHERE username = '$username';", ARRAY_A); if ($contact !== null) { $r['contactsUsername'] = true; + $r['active'] = ($r['active'] > 0); } return $r; diff --git a/glm-member-db-contacts.php b/glm-member-db-contacts.php index 404bbb3..b5108d8 100644 --- a/glm-member-db-contacts.php +++ b/glm-member-db-contacts.php @@ -34,6 +34,7 @@ * version nunmber of that release for the DB version. */ define('GLM_MEMBERS_CONTACTS_PLUGIN_VERSION', '1.0.3'); +define('GLM_MEMBERS_CONTACTS_PLUGIN_MIN_MEMBERS_REQUIRED_VERSION', '1.0.44'); define('REQUIRED_GLM_MEMBERS_PLUGIN_MIN_DB_VERSION', '1.0.41'); /* @@ -99,11 +100,12 @@ if ($is_active != '1') { } // Function to generate message regarding main GLM Member DB plugin version is not receint enought to run this add-on -function glmMembersBlankPluginMinVerRequired() { +function glmMembersContactsMembersMinVerRequired() { + $curVer = get_option('glmMembersDatabasePluginVersion'); echo '

The '.GLM_MEMBERS_CONTACTS_PLUGIN_NAME.' requires that the main GLM Member DB plugin version be no older than ' - .GLM_MEMBERS_CONTACTS_PLUGIN_MIN_MEMBERS_REQUIRED_VERSION.'!

+ .GLM_MEMBERS_CONTACTS_PLUGIN_MIN_MEMBERS_REQUIRED_VERSION.' but the current verssion is '.$curVer.'!

The '.GLM_MEMBERS_CONTACTS_PLUGIN_NAME.' plugin has been de-activated.

'; @@ -114,7 +116,7 @@ function glmMembersBlankPluginMinVerRequired() { */ $glmMembersDatabasePluginVersion = get_option('glmMembersDatabasePluginVersion'); if (version_compare($glmMembersDatabasePluginVersion, GLM_MEMBERS_CONTACTS_PLUGIN_MIN_MEMBERS_REQUIRED_VERSION) < 0) { - add_action( 'admin_notices', 'glmMembersPluginMinVerRequired'); + add_action( 'admin_notices', 'glmMembersContactsMembersMinVerRequired'); deactivate_plugins('/'.GLM_MEMBERS_CONTACTS_PLUGIN_SLUG.'/'.GLM_MEMBERS_CONTACTS_PLUGIN_SLUG.'.php'); } @@ -168,12 +170,42 @@ add_filter('glm-member-db-register-addon','glmMembersRegisterContacts', 10, 1); */ require_once(GLM_MEMBERS_CONTACTS_PLUGIN_SETUP_PATH.'/permissions.php'); - -// If they are a restricted user, kick them back out +/* + * Notification to user if logging in with restricted contact + */ +function glmMembersContactsNoLoginMessage( $message ) { + $message .= " +
+ NOTE: You are trying to log into a contact account that is for informational purposes only + or has been temporarily dissabled. You are not permitted to log in with that contact account at this time. +
+ "; + return $message; +} +$restrictedLoginAttempt = get_option('glmMembersDatabaseContactsRestrictedLogin'); +if ($restrictedLoginAttempt) { + add_filter('login_message', 'glmMembersContactsNoLoginMessage'); + delete_option('glmMembersDatabaseContactsRestrictedLogin'); +} if (current_user_can('glm_members_restricted_contact')) { + update_option('glmMembersDatabaseContactsRestrictedLogin', true); wp_logout(); } +/* + * Check for a contact user that's inactive and send them back to login also + */ +$wpUserID = get_current_user_id(); +$contactUser = get_user_meta($wpUserID, 'glmMembersContactID', true); +$contactActive = get_user_meta($wpUserID, 'glmMembersContactActive', true); +if ($contactUser && !$contactActive) { + update_option('glmMembersDatabaseContactsRestrictedLogin', true); + wp_logout(); +} + + + + /* * Add filter to redirect user to a particular destination on * login based on their roles. @@ -190,7 +222,7 @@ function my_login_redirect( $redirect_to, $request, $user ) { foreach ($user->roles as $r) { if (substr($r,0,12) != 'glm_members_') { // Go to normal destination for this user - return $redirect_to(); + return $redirect_to; } } diff --git a/models/admin/member/contacts.php b/models/admin/member/contacts.php index f13085f..467effd 100644 --- a/models/admin/member/contacts.php +++ b/models/admin/member/contacts.php @@ -247,8 +247,9 @@ class GlmMembersAdmin_member_contacts extends GlmDataContacts $newContactCreated = true; - // Store the contact ID, user entityType, and entityID into user meta data + // Store the contact ID and active status into user meta data update_user_meta($userID, 'glmMembersContactID', $this->contactInfo['fieldData']['id']); + update_user_meta($userID, 'glmMembersContactActive', $this->contactInfo['fieldData']['active']['value']); break; } @@ -295,12 +296,12 @@ class GlmMembersAdmin_member_contacts extends GlmDataContacts $this->contactInfo = $this->editEntry(($_REQUEST['id']-0)); $contactUpdated = true; + // Get the wordpress user ID + $wpUser = get_user_by('email', $this->contactInfo['fieldData']['email']); + // Check for password changes and update Wordpress user if (trim($_REQUEST['password']) != '') { - // Get the wordpress user ID - $wpUser = get_user_by('email', $this->contactInfo['fieldData']['email']); - // If we got a good user, set the new password if ($wpUser) { wp_set_password($_REQUEST['password'], $wpUser->ID); @@ -320,6 +321,9 @@ class GlmMembersAdmin_member_contacts extends GlmDataContacts $wpUser->add_role($wpRole); } + // Update contact active status in user meta data + update_user_meta($wpUser->ID, 'glmMembersContactActive', $this->contactInfo['fieldData']['active']['value']); + } $option = 'edit'; @@ -363,6 +367,10 @@ class GlmMembersAdmin_member_contacts extends GlmDataContacts wp_delete_user($wpUser->ID); $wpUserDeleted = true; + // Otherwise we need to drop the user meta data we added to the WP user. + } else { + delete_user_meta($userID->ID, 'glmMembersContactID'); + delete_user_meta($userID->ID, 'glmMembersContactActive'); } // Return to list by falling through here.