Tips and Tricks HQ Support

Support site for Tips and Tricks HQ premium products

  • Home
  • Contact Us
  • Documentation
  • Forum Home
    • Forum
    • Forum Search
    • Forum Login
    • Forum Registration

bbPress Forums Lockdown

by

Tips and Tricks HQ Support Portal › Forums › WP eMember › WP eMember Troubleshooting › bbPress Forums Lockdown

Tagged: bbpress, cascading security, custom content, custom variables, forum, protect custom content, security, sitewide lockdown, user account

  • This topic has 22 replies, 7 voices, and was last updated 9 years, 10 months ago by admin.
Viewing 15 posts - 1 through 15 (of 23 total)
1 2 →
  • Author
    Posts
  • March 9, 2012 at 1:18 pm #5789
    atanasster
    Member

    Hi,

    I need to create members-only forums :

    1. I created a page called Forums and aded the following code [bbp-forum-index]

    2. I locked down this page using eMember (not available to general public, but available to subscription levels)

    However the forums page is visible.

    I also tested adding [bbp-forum-index] to an already protected page and just adding the shortcut makes the page visible to everyone.

    Thanks

    March 10, 2012 at 6:37 am #42864
    admin
    Keymaster

    Can you please go to the “Manage Content” protection menu of eMember and check under the “General Protection” to make sure that the “Forums” page is protected?

    March 12, 2012 at 5:22 am #42865
    atanasster
    Member

    Hi,

    Yes, in the General Protection, the page is marked as protected. Actually, if the shortcode [bbp-forum-index] is not on the page, then the page works as expected (protected).

    Also, if I add the shortcode to a different and already protected page, then it becomes unprotected as well.

    Thanks,

    March 13, 2012 at 1:20 am #42866
    admin
    Keymaster

    Okay, we have made some changes to handle this BBPress shortcode (this shortcode doesn’t seem to work the same way normal WordPress shortcodes work). Please load the new build of the eMember plugin from here then protect the forum page as usual and let me know how it goes:

    https://support.tipsandtricks-hq.com/update-request

    March 13, 2012 at 3:52 pm #42867
    atanasster
    Member

    Thanks a lot, it works now.

    Just one drawback, the default /forums url can not be protected, so I had to change it in bbPress to a random url, otherwise bbpress was stepping in and still redirecting the page to an unprotected list of forums. Not sure if you can do something about this, since the random url will still be left unprotected and can be a breach of security.

    Thanks

    Atanas

    March 14, 2012 at 5:15 am #42868
    admin
    Keymaster

    BBPress has an option where you can tell it to only show the forum posts to logged in users. Given this is a members only forum, you should enable that and it will automatically take care of that issue for you. I am guessing you are using the option explained here:

    Using eMember with Another Plugin That Uses the WordPress User Roles

    This way eMember will act as a gate keeper so visitors can only become a user when they make a payment. BBPress will only show content based on the user role.

    September 25, 2012 at 7:16 pm #42869
    advexp
    Member

    I reviewed the notes above, and everything tracks with my experience. The forum index page is still showing unprotected (I also changed the index to something other than /forums -> [http://www.iRecite.org/talk]). Upon testing and re-testing, I noticed that the forum posts themselves ARE protected from non-members, but the index page where I have the [bbp-forum-index] short code is still unprotected.

    Thanks much!

    WP – v3.4.2

    eMember – v8.2.1

    September 26, 2012 at 2:11 am #42870
    admin
    Keymaster

    That is how the default BBPress forum protection works. Most users like to show the existence of the forum but protect the content of the posts. So the way it works is that an anonymous visitor can go to your forum page and see that there are posts and stuff but they can’t see the actual post content.

    If you want to make it to where you want to totally hide everything then use eMember’s sitewide lockdown feature. You can fully lockdown a specific page (example, your forum area) using this feature. See the 3rd option from the following BBPress integration documentation:

    http://www.tipsandtricks-hq.com/wordpress-membership/wp-emember-and-bbpress-forum-plugin-integration-644

    December 19, 2012 at 5:23 pm #42871
    K
    Spectator

    Great tips so far in here. However, lets say we have three different membership levels (Gold, Silver, Bronze for this example) with three forums (one for each level). Gold can see all three, Silver sees Silver and Bronze forums. Bronze only sees Bronze. Is there a way to hide the forums not accessible for the membership level of member, and redirect them to either a login page, or some other page, if they try to access a forum, topic, or reply they don’t have rights to…not just protect the content?

    Do you have to hook into bbPress’s rendering model and check the forum’s eMember protection (I know how to get a user’s membership level, but not a protected object’s allowed membership levels), and custom code that for the “forums” page, along with putting in checks whenever a forum, topic, or reply URL is direct loaded, to peg up to the forum level, get that protection level, and then decide whether or not to redirect based on logged in user’s membership level?

    While the example I posted has only 3 levels, the client I am working for has 52 different levels, so having to hardcode those views would be time-consuming, never mind, inflexible.

    December 20, 2012 at 4:04 am #42872
    admin
    Keymaster

    You should take a look at the following feature of eMember.

    http://www.tipsandtricks-hq.com/wordpress-membership/wp-emember-protection-how-to-enable-site-wide-protection-342

    This feature can be used lock down content of a particular section of your site. For example your forum area. You can enter a URL pattern (example: /forum/) and then all the forums posts or page that have “/forum/” in the URL will be totally locked down (only logged in member can see/access it.

    The following will require some in-depth hooking into BBPress type code tweak.

    "Totally hide a forum category from particular membership"

    eMember has functions that you can use to determine the user permission when a page is rendering but at the same time you will need to alter the BBPress rendering to hide whatever you ant to hide (this won’t be trivial).

    December 20, 2012 at 6:01 am #42873
    K
    Spectator

    I know you can find the membership level(s) of a member, via PHP function, but is there a way to determine what member types are allowed with a page (return the ticked “Select the membership level that can access this content:” membership types associated with eMember Protection Options for the page/post/object/etc)? I couldn’t find that in documentation.

    Unfortunately, sitewide protection, while it will be useful to lock down the forums from anonymous visitors, like you said, isn’t going to completely hide the forums in the forum view, and disable access to forums/topics/replies directly via URL. If there is a eMember function to return the allowed membership levels of a page/post/forum/etc, I can then compare that collection to the membership levels of the logged-in user and render/not render redirect/allow accordingly.

    Thanks.

    December 21, 2012 at 10:06 pm #42874
    admin
    Keymaster

    I see what you mean. We don’t have any option to do the kind of customization you are after. However, I am giving you an example code which shows you how to find out if a post or page is protected which might help:

    $emember_auth = Emember_Auth::getInstance();
    global $post;
    $is_protected = false;
    if($post->post_type == 'post'){
    $is_protected = $emember_auth->is_protected_post($post->ID);
    }
    else if ($post->post_type == 'page'){
    $is_protected = $emember_auth->is_protected_page($post->ID);
    }
    if($is_protected){
    //This post or page is protected for this member. Do stuff accordingly
    }

    December 27, 2012 at 6:30 am #42875
    K
    Spectator

    Thanks! Ended up modifying the code somewhat…

    function eMember_redirect_instead_of_hide() {
    $emember_auth = Emember_Auth::getInstance();
    $is_protected = false;
    //goes through pages and posts, but can be expanded for pages, posts, categories, comments, etc via the functions in eMember
    if(is_bbpress()){
    $is_protected = $emember_auth->is_protected_post(bbp_get_forum_id()) && !$emember_auth->is_permitted_post(bbp_get_forum_id());
    }
    if($is_protected){
    header("Location: /member-login");
    exit();
    }
    }

    Since we are using Thesis as our site theme, just threw this into the custom function file and hooked in at…

    add_action('thesis_hook_before_html', 'eMember_redirect_instead_of_hide');

    Still need to hide forums in forum listing, but that will be another snippet of code.

    December 28, 2012 at 11:32 pm #42876
    JuryDuty
    Member

    I’m trying to do a similar thing. I want to check and see if a user is the appropriate level for a post and if not, instead of prompting them to login, I want to redirect them to a sign-up page immediately.

    I think I can modify your code above to do this, but it’s not working quite right. Here’s what I put at the top of my single.php file, above everything:

    <?php

    function eMember_redirect_instead_of_hide() {

    $emember_auth = Emember_Auth::getInstance();

    $is_protected = false;

    if($is_protected){

    header(‘Location: http://www.google.com&#8217;);

    // Obviously I’ll change google to be a meaningful page later–this is just for testing.

    exit();

    }

    } ?>

    Then in my functions.php file, I put this at the top:

    add_action(‘eMember_redirect_instead_of_hide’);

    I’m sure this isn’t right as it’s not working, but I think I’m close…can you (or anyone) help?

    December 29, 2012 at 11:37 pm #42877
    admin
    Keymaster

    @JuryDuty, That won’t work for your situation. I am guessing your theme doesn’t have a hook for when a post or page is being rendered. So the hook concept wont work exactly as shown in the post replied by user “K”. In your case, you will need to add the code in your single.php file to do the check and then redirect accordingly.

    We are currently working on adding a feature so you can redirect user to a specific page when the user is accessing a single post or page that is protected for that user. I think it will be better if you wait for us to finish this feature.

  • Author
    Posts
Viewing 15 posts - 1 through 15 (of 23 total)
1 2 →
  • You must be logged in to reply to this topic.
Log In

Forum Related

  • Forum Home
  • Forum Search
  • Forum Login

Support Related Forms

  • Contact Us
  • Customer Support
  • Request a Plugin Update
  • Request Fresh Download Links

Useful Links

  • Plugin Upgrade Instructions
  • WP eStore Documentation
  • WP eMember Documentation
  • WP Affiliate Platform Documentation
  • WP PDF Stamper Documentation
  • WP Photo Seller Documentation
  • Tips and Tricks HQ Home Page
  • Our Projects

Quick Setup Video Tutorials

  • WP eStore Video Tutorial
  • WP eMember Video Tutorial
  • WP Affiliate Platform Video Tutorial
  • Lightbox Ultimate Video Tutorial
  • WP Photo Seller Video Tutorial

Our Other Plugins

  • WP Express Checkout
  • Stripe Payments Plugin
  • Simple Shopping Cart Plugin
  • Simple Download Monitor

Copyright © 2023 | Tips and Tricks HQ