Skip to content

Commit

Permalink
Merge pull request #368 from WPUserManager/#357-Prevent-login-to-site…
Browse files Browse the repository at this point in the history 
…-when-site-is-installed-in-a-sub-directory-should-not-cause-redirect-loop

#357 - Prevent login to site when site is installed in a sub directory should not cause redirect loop
  • Loading branch information
@wp-user-manager
wp-user-manager authored Nov 18, 2023
2 parents daee2e1 + 406f328 commit 7ccee63
Showing 1 changed file with 5 additions and 11 deletions.
16 changes: 5 additions & 11 deletions includes/actions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -430,15 +430,9 @@ function wpum_prevent_entire_site() {
$wp_login_locked = wpum_get_option( 'lock_wplogin' );
$is_wp_login = $pagenow && 'wp-login.php' === $pagenow;

$url_part = filter_input( INPUT_SERVER, 'REQUEST_URI' );
$requested_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; // phpcs:ignore

if ( empty( $url_part ) ) {
$url_part = '';
}

$url = home_url( $url_part );

if ( isset( $_SERVER['REQUEST_URI'] ) && $url === $login_page || ( $is_wp_login && ( ! empty( $_GET['wpum_override'] ) || ! $wp_login_locked ) ) ) { // phpcs:ignore
if ( $requested_url === $login_page || ( $is_wp_login && ( ! empty( $_GET['wpum_override'] ) || ! $wp_login_locked ) ) ) { // phpcs:ignore
return;
}

Expand All @@ -449,7 +443,7 @@ function wpum_prevent_entire_site() {
$password_reset_page_id = wpum_get_core_page_id( 'password' );
if ( ! empty( $password_reset_page_id ) ) {
$password_reset_page = get_permalink( $password_reset_page_id );
if ( 0 === strpos( $url, $password_reset_page ) ) {
if ( 0 === strpos( $requested_url, $password_reset_page ) ) {
return;
}
}
Expand All @@ -459,14 +453,14 @@ function wpum_prevent_entire_site() {
$registration_pages[] = get_permalink( wpum_get_core_page_id( 'register' ) );

foreach ( apply_filters( 'wpum_registration_pages', $registration_pages ) as $registration_page ) {
if ( $url === $registration_page ) {
if ( $requested_url === $registration_page ) {
return;
}
}
}

foreach ( apply_filters( 'wpum_prevent_entire_site_access_allowed_urls', array() ) as $allowed_url ) {
if ( $url === $allowed_url ) {
if ( $requested_url === $allowed_url ) {
return;
}
}
Expand Down

0 comments on commit 7ccee63

Please sign in to comment.