login widget shows logedin on other subdomain

Hello, (45 characters too short :( ) for title

Is there a hack I can use that the login widget can check if the current logged in user’s
originating_blog_id == current_blog_id ?

here is the problem I have, I have a multisite wordpress install with the main site is mysite.com and there are the blogs bellow it as such

blog1.mysite.com
blog2.mysite.com

both blogs have the pro login widget installed on the sidebar of the all pages.

now

I have user1 registered for blog1 as s2member_level1 for blog1 with originator blog id indicating the number for site1

when user1 goes to site1.mysite.com and loges in with the widget, it works all fine, s2member grants access to page content and user1 navigates as he should on site1.

but if user1 decides to get mischievousness , and manually types site2.mysite.com in the url after he logged in on site1,

s2member detects that user1 does not have access to content on site2 so it does not provide the content (good, just like I want), but the login widget is still visible and it shows user1 logged in, when it should show username and password dialog box because user1 is not loged-in to site2.

I am thinking if I can make the widget compare originating_blog_id with current_blog_id then I can make the widget either show as logged-in, or the login dialog box.

Am I on the right track? where in the code can I change, better yet is there a switch I am missing in the plugin?? because it looks like the regular s2member checks detects and compensates for the type of “mischievousness”
thx in advance
Roland

Hi Roland.

The file you’re looking for is: s2member-pro\includes\classes\login-widget.inc.php

Login sessions are handled by WordPress. The widget uses [hilite mono]is_user_logged_in[/hilite] to check that. http://codex.wordpress.org/Function_Reference/is_user_logged_in

Here’s a thread related to the widget and multisite, that you may find interesting too: http://www.s2member.com/forums/topic/login-widget-on-multisite/

I hope that helps. :)

I can’t replicate this on MS installs with unique domain names for sub directory/domains.

Perhaps its a cookie issue?

Will you be using the same top level domain for all sites?

here is what I learned and how I fixed.
the pro login widget checks only if a user is a member of the wordpress network. It does not check if a user is a member of the current blog. So here is how I came up with a solution without changing any of the code of the s2member.

I placed the bellow in the sidebar.php for my theme

<?php 
    if(is_user_logged_in()) {   										// check if the user is logged in because he is a member of the network
		global $current_user;
		get_currentuserinfo();
		if ( is_user_member_of_blog( $current_user->ID ) ) { 			// check if this user is a member of this blog
			echo s2member_pro_login_widget();							// if he is, show the login box which will show the profile links and gavatar since user is logged in.
		} else {
			echo 'You are NOT a member of this blog go to your blog.';	// if he is not, let him know to go back to the blog where he is a member of
			$dc_blogs = get_blogs_of_user( $current_user->id );			// get all the blogs he is a member of
			if($dc_blogs) {
				foreach ( $dc_blogs as $dc_blog ) {						// list a nice link for the blogs he is a member of
					echo '<li><a href="http://' . $dc_blog->domain . $dc_blog->path .'">' .  $dc_blog->blogname . '</a></li>';
				}
			}
		}
	}
    else if(is_user_not_logged_in()) 									// if user not logged in, show the login box
		echo s2member_pro_login_widget();
?>		
		

let me know if you guys have a more elegant solution.
Always looking for more efficient code.

Hi Roland,

Thank you very much for sharing your solution! :)

~Awarded Roland Kedikian the Helpful badge.