Home › Forums › Community Forum › URI Restrictions not working
This topic contains 28 replies, has 5 voices. Last updated by Cristián Lávaque 4 years, 5 months ago.
Topic Author | Topic |
---|---|
Posted: Saturday Jul 14th, 2012 at 10:40 pm #19278 | |
|
|
I am trying to protect some areas of my site using s2Members Restriction Options > URI Restrictions. The areas which I want to protect has URIs like /members/?pid=13&pagetitle=trending. It is not working. I know RegEx characters are not supported. Edit: I want to allow URI /members/ to level 0 membership, but restrict a few others, e.g. restrict following URI to level 0 What would be best way to include these kind of URI in various s2Membership levels. BTW: I have s2Members Pro. If I add /members/ to level 0
|
List Of Topic Replies
Author | Replies |
---|---|
Author | Replies |
Posted: Monday Jul 16th, 2012 at 7:04 am #19340 | |
|
|
Hi Suhaib. So you want all URLs that have [hilite mono]/members/[/hilite] in the URL to be protected at Level 0, so that only logged in users can see them? Could you post here what you entered in the box for each level in your URI restriction panel, or take a screenshot? [hilite path]Dashboard -› s2Member® -› Restriction Options -› URI Access Restrictions[/hilite] Thanks. :) |
|
Posted: Monday Jul 16th, 2012 at 8:02 am #19350 | |
|
|
Hi Cristian, Thanks for reply. Yes, I know it is under Dashboard -› s2Member® -› Restriction Options -› URI Access Restrictions. That is I want level 0 to have access to but level 0 cannot have access to /members/?pid=13&pagetitle=trending This is what I entered for level 0 /member/ and for level 1 I entered
|
|
Posted: Monday Jul 16th, 2012 at 3:50 pm #19403 | |
|
|
Okay. Did you try [hilite mono]/members/?[/hilite] at Level 1? |
|
Posted: Monday Jul 16th, 2012 at 4:12 pm #19409 | |
|
|
/member/? did not work. Is ? not a RegEx which is not allowed in URI Access Restriction? If /member/? can be used then I would have used /members/?pid=14 and /members/?pid=13 etc for level 1, which would make life much easier. |
|
Posted: Tuesday Jul 17th, 2012 at 6:23 am #19473 | |
![]() |
|
Hi Suhaib, Yes, you can restrict /members/?pid=13; so I suggest restricting Level 0 to /members/ and Level 1 to /members/?pid=. |
|
Posted: Tuesday Jul 17th, 2012 at 6:45 am #19477 | |
|
|
Raam, Thanks for your help. I tried restricting level 0 to /members/ A level 0 user can access some of the features which are allowed to level 1 only. Can I use full URI at level 1 e.g. /members/?pid=14&pagetitle=my_email&message_template=compose? I have not tried it yet. |
|
Posted: Tuesday Jul 17th, 2012 at 11:19 am #19524 | |
![]() |
|
@Suhaib, Hi, yes, you can use full URIs, although just remember that it must have all parts of it like you restricted it, or it won’t work. Hope this helps. :) |
|
Posted: Tuesday Jul 17th, 2012 at 4:59 pm #19560 | |
|
|
Thanks Eduan. Let me try it. |
|
Posted: Tuesday Jul 17th, 2012 at 5:16 pm #19561 | |
|
|
Thanks a lot for the help. Complete URI did the trick. The level 0 now gets redirected to s2Member’s upgrade page. |
|
Posted: Wednesday Jul 18th, 2012 at 9:06 am #19632 | |
![]() |
|
You’re welcome Suhaib. :) Glad I was able to help. |
|
Posted: Monday Jul 30th, 2012 at 2:27 am #20648 | |
|
|
I am not sure what is going on. The URI restriction worked for a couple of days, then stopped. Now level 0 members can access URI defined for level 1. Here are my URI for level 0 /members/ And for level 1, I have /members/?pid=14&pagetitle=my_email&message_template=inbox Level 0 members can access all the URI which supposed to restricted for level 1. The only thing works is /cometchat/cometchatjs.php, which is not available to level 0 members. level 0 can access the remaining which are restricted to level 1. Please help.
|
|
Posted: Monday Jul 30th, 2012 at 7:44 pm #20723 | |
|
|
Any suggestions? |
|
Posted: Tuesday Jul 31st, 2012 at 3:33 am #20744 | |
![]() |
|
Suhaib, I suggest removing all URI restrictions and starting with just restricting one URI. Add one URI restriction for Level 0 and one URI restriction for Level 1, then test to see if it works as expected. |
|
Posted: Tuesday Jul 31st, 2012 at 3:55 am #20747 | |
|
|
Hi Raam I tried your suggestion already. It did not work. I also tried adding following code to the functions.php of the template, but it throw the user level 0 to s2Members options page immediately upon login. level 0 user cannot do anything with this code in functions.php. Any link he clicks, he get thrown to the options page.
|
|
Posted: Tuesday Jul 31st, 2012 at 7:31 am #20773 | |
|
|
I see, so you’re trying to protect the URI based on a ccap instead of a level. Your condition has a slash at the end of the ccap, is it part of the ccap’s name? [hilite pre_code]!current_user_can ("access_s2member_ccap_members/") [/hilite] If you remove the slash, does the hack then work properly? |
|
Posted: Tuesday Jul 31st, 2012 at 9:15 am #20795 | |
|
|
Cristian, Yes I tried it with and without slash. No success yet, with hack or using Dashboard -› s2Member® -› Restriction Options -› URI Access Restrictions |
|
Posted: Tuesday Jul 31st, 2012 at 1:45 pm #20823 | |
|
|
I tried several thing. I am unable to restrict URI generated by the wp plugin, which in the format of Once level 0 login, he could access any URI starting with /members/ I tried hack to as I mentioned above. |
|
Posted: Tuesday Jul 31st, 2012 at 9:39 pm #20846 | |
|
|
URI Restrictions from Dashboard -› s2Member® -› Restriction Options -› URI Access Restrictions are not working. However, if I edit the code of plugin in question and do following
It does work. But, it messes up CSS layout. This is not a good a solution because it will require editing a lot of php files. I do not understand why Dashboard -› s2Member® -› Restriction Options -› URI Access Restrictions does not restrict URI.
|
|
Posted: Wednesday Aug 1st, 2012 at 9:15 pm #20950 | |
|
|
I believe, I have same problem as discussed in this thread http://www.s2member.com/forums/topic/buddypress-url-restriction-trouble/. URI protection is not working due to conflicts because /members/ is present in all the URI. Can lead developer Jason look into it. Or, should I hopelessly give up on s2Members? |
|
Posted: Thursday Aug 2nd, 2012 at 7:27 am #20993 | |
|
|
I can’t confirm that theory, because I haven’t tested it myself, since I don’t have BuddyPress. Have you tried protecting just /members/ with the URI restriction and seeing if it works? Also try another less sensitive URI string, to confirm that the restriction is working at all in your installation, please. About the hack, I tested a few things and found that the fnmatch function was returning “false” although I had /members/ in the URI, so I changed it to a strpos and that worked. [hilite pre_code][/hilite] Could you try that and see if now works? Make sure to test with a non-admin account. About the regular URI restriction and why it’s not working for you, I’m not sure. I emailed Jason and I’ll let you know when I hear back from him. I hope that helps. :) |
|
Posted: Thursday Aug 2nd, 2012 at 9:10 am #21008 | |
|
|
Hi Cristian Thanks for your help. If I put /members/ in the level1 and nothing for level0 for URI Protection, level0 can still access /members/. But if I put a URI which does not has /members/ in the URI then that URI protection works. For example I put /cometchat/chometchatjs.php for level1. level0 cannot access it. It means URI protection does work, but not for members. I used your code with a little modification to protect different URI for different levels. I put in mu-plugins/s2-hack.php. It worked. It allowed /members/ to level0 and level1, but redirected level0 to Members Option page for ‘/members/?pid=14&pagetitle=my_email&message_template=inbox’. Maybe I should use the hack to protect various URI which have /members/ in it?
|
|
Posted: Thursday Aug 2nd, 2012 at 4:21 pm #21048 | |
![]() |
|
Thanks for the heads up on this thread.@Suhaib SiddiqiYou mentioned this URI is being protected properly: But these are not:
Depending on your permalink settings in WordPress®, these URI Restrictions may or may not work with the trailing /? on the end. If your permalink options in WordPress® do NOT include a trailing slash, then all URIs on your site will NOT have a trailing slash at the end (this is how WordPress® works internally). If your permalink settings do NOT include a trailing slash, your URI Restrictions need to look like this:
I saw it mentioned somewhere that there was special handling of the word “members”. That is NOT the case. There is nothing special about the keyword “members”. All that matters is that the URI matches one of your URI Restrictions. If your URIs do not include a trailing slash, then your URI Restrictions need to reflect this also.
Reference article: http://codex.wordpress.org/Using_Permalinks |
|
Posted: Thursday Aug 2nd, 2012 at 5:31 pm #21052 | |
|
|
Hi Jason My WP Permalinks do include trailing slash, and my URI Restrictions look like this:
It does not work. I am using Month and Name option from WP Permalink, which looks like http://www.mydomain.com/2012/08/sample-post/ However, the hack protects URI
I do not understand why URI Restriction from Dashboard will not protect /members/?pid=14&pagetitle=my_email&message_template=inbox, but hack will do it.
|
|
Posted: Friday Aug 3rd, 2012 at 6:44 am #21076 | |
|
|
I’m glad the hack worked with the code I gave you. You can edit it all you like to accommodate your needs. About the strings you have in your URI restriction, did you try without the [hilite mono]/members/?[/hilite] part? I.e.:
|
|
Posted: Friday Aug 3rd, 2012 at 9:38 am #21104 | |
|
|
Hi Cristian, Yes, I tried URI restrictions without the /members/? part. It did not work. Anyway, the hack is working perfect. I edited it to accomodate my URIs. |
This topic is closed to new replies. Topics with no replies for 2 weeks are closed automatically.