Ask your WordPress questions! Pay money and get answers fast! (more info)

Best Way to Put Protection Shortcodes around content WordPress

  • SOLVED

Hey all!

I have a bunch of template files that need to get wrapped with protection shortcodes from Magic Member.

The codes are: [private]content here[/private]

I know wordpress says to do something like this:

echo do_shortcode('[iscorrect]'.$text_to_be_wrapped_in_shortcode.'[/iscorrect]');

Yeah, that's great, I've used it before. BUT I have a lot of HTML/PHP that needs to go between these shortcodes and a lot of templates to add these [private] shortcodes to.

I need ideas on a quicker way to do this, THAT DOES NOT involve me having to re-format all my code to work inside those brackets. Knowing me I'd have a ton of syntax errors with this much code.

UPDATE: I have attached a sample of one of the templates I need wrapped.

I was thinking I could write a custom function somehow and insert the function between the shortcodes? Would that work? And could I keep the function in each template file rather than cluttering up my functions.php?

If so, please give me tips on how to write that function cause I have no clue. :|

Otherwise, suggestions are welcome :)

<strong>--------------UPDATE 9:08 PM-------------

Is it a horrible idea to simply surround the opening <article> tag with my shortcodes? It works as intended and makes the page redirect to the Protected Content page if a non-user. Just wondering if it's super bad form :S</strong>

Answers (4)

2014-09-02

John Cotton answers:

Although they can readily be used in code, shortcodes are really designed to be used in post content.

If your intention is just to hide HTML from users it seems a long-winded way to achieve it. Why not just test for whatever exclusion reasons you have before including the template files or HTML?

But perhaps you have reasons, so why not try:


function add_my_shortcode( $html ) {
echo do_shortcode( "[iscorrect]$html[/iscorrect]");
}


If I've missed the point, please expand.


streetfire comments:

Hello again John :)

You are correct, normally shortcodes are used in the post, but alas I fear that if I don't do it this way some of the plug in's other features (pay per view to access custom fields) will not work. Long story!

Anyhow, I DO need to protect PHP and HTML.

In your code sample, how does that work exactly? Where should my code be placed?

Thank you for your help.


John Cotton comments:

Your attachment doesn't really make sense.

It's a whole HTML page, including header and footer. Presumably only parts of it should be hidden.

Are you able to indicate in that file (as an example) which parts you want hidden?

If it is, in fact, the whole page, then I think you're wandering down the wrong path with shortcodes; you need to do it differently.


John Cotton comments:

Your attachment doesn't really make sense.

It's a whole HTML page, including header and footer. Presumably only parts of it should be hidden.

Are you able to indicate in that file (as an example) which parts you want hidden?

If it is, in fact, the whole page, then I think you're wandering down the wrong path with shortcodes; you need to do it differently.


streetfire comments:

John, perhaps I've had my head in this so long today I'm not seeing clearly. Yes my original thought was that I needed to wrap the entire template with those tags. As I told IAN, the presence of the [private] tags will make the page re-direct to a protected content page.

This happens even is the following code is placed right below the header with dummy text in it, like so,

echo do_shortcode('[iscorrect]'. hello .'[/iscorrect]');

Perhaps I can simply wrap the code around the content it is necessary to protect and the redirect will work as needed.

*feeling silly*

I'm going to see how that works... if I don't have to wrap it around the entire page that will lighten the work load.


2014-09-02

Dbranes answers:

I wonder if you're looking for <em>output buffering</em>, for example:

ob_start();

// ... Lots of template code that is outputting HTML ...

$html = ob_get_clean();

echo do_shortcode('[private]'.$html.'[/private]' );


Notice that you can also call directly the shortcode callback function with your <em>$html</em>:

echo some_private_callback_function( $atts = array(), $html );


<strong>Update:</strong>

Here's a simple example for output buffering:

<?php ob_start(); ?>

<p>Hello World!</p>

<?php
$output = ob_get_clean();

// Let's do something to the output:
echo strtolower( $output );
?>


Now this will output as:

<p>hello world!</p>


streetfire comments:

Unfortunately, I'm a little too much of a newb to understand what you are trying to do here. :| Thank you for your answer.


Dbranes comments:

@streetfire I updated the answer with a simple example.


Dbranes comments:

hmm, now it looks like you only want to privatize the post content and not parts of your template ?

Well in that case you can always apply it automatically to the post content with:

add_filter( 'the_content', function( $content ) {
return do_shortcode( '[private}' . $content . '[/private]' );
});


You mentioned a <em>redirect</em>, unless it's some clever <em>look ahead</em> PHP code in the plugin, it must be based on javascript.

In general it's too late to use <em>wp_redirect()</em> in the template.


streetfire comments:

Well, honestly I don't care about protecting the get_content call. My template has a custom write up displaying a list of terms basically and that's what I need to protect. However, it appears that I could simply protect the_content to have the page re-direct to a Content Protected page as intended. Going to try your last idea there... will keep you posted.


Dbranes comments:

In general I would use the <em>template_redirect</em> or the template_include hooks for this kind of non-member auto redirections.

If you must use the shortcode then you could test this:

Place this line:

<?php ob_start();?>

just after the opening <em><article></em> tag and this line:

<?php echo do_shortcode('[private]'.ob_get_clean().'[/private]' ); ?>

right before the closing <em></article></em> tag.


streetfire comments:

Hi, that does seem to work. I appreciate it. :)

I am curious about now about the template_redirect as well. How would it check for a users access?

My plug in allows me to select what members have access via checkboxes on the edit post / page screen. The [private] tags in the template then somehow determine that this is an A Plan user and has access or this is a B Plan user and does not have access.


Dbranes comments:

The HTTP headers have not been when the <em>template_redirect</em> hook is activated, so if you need to redirect, you could do it from there via PHP.

But to use that hook in your case, you would need some knowledge about the inner workings of the shortcode to determine the access rules.


streetfire comments:

Yes, that is what I had thought. I'm afraid I don't have time to dive into that. Thank you for your help.

2014-09-03

Ian Lincicome answers:

Streetfire,
Your question is a little vague. Perhaps if you provided some code examples with explanations of what you wish to achieve, one of us could provide a working solution. I understand that shortcodes are used by the Membership plugin to protect content for various user levels, but I am not sure exactly how you wish to incorporate this into your template files. Please explain a little more and I will attempt a solution.


streetfire comments:

Hi Ian, Sorry about that. I did add a sample of my code as an attachment. The other templates are similar in nature.


Ian Lincicome comments:

Thanks Streetfire, that helps, but I'm still having a bit of a time figuring out what you want. If you could explain what it is in the template that you want hidden from certain users, perhaps that would help. You also said above that you wanted both HTML and PHP hidden, but I think that may be slightly beyond a shortcode's ability as they are mostly for hiding HTML in the plugin you have I believe. Again, if I know more about the content you need to conceal, I may have an alternate solution for you if shortcodes are not the answer.


streetfire comments:

Ian,

Honestly, I'm looking to protect the whole template file. When the private tags are used under my current settings, the user gets re-directed to a Protected Content page.

Oddly, if I simply insert the tags below, directly under the "get_header" in my template, the protection works

echo do_shortcode('[iscorrect]'. hello .'[/iscorrect]');

However, since it is not actually surrounded my content and only using dummy text, I feel like this may be a poor method. Not sure. It looks like it works, but I worry that someone knowledgeable could hack in.

I have used shortcode with PHP before... though they were nothing more than custom field calls from Advanced Custom Fields. Perhaps my idea of what is accomplish-able is inaccurate under these terms.


Ian Lincicome comments:

Streetfire,
I'd say give it a try with something other than dummy text and see how it works. If it turns out that the solution is not secure enough for your needs, then you'll probably have to hire someone to write a more complex solution as it is not really that simple to do if you are not a PHP expert. I'd be glad to help if that turns out to be the case;-)

2014-09-02

timDesain Nanang answers:

<blockquote>I was thinking I could write a custom function somehow and insert the function between the shortcodes? Would that work?
And could I keep the function in each template file rather than cluttering up my functions.php?</blockquote>

How about this:

put this code in the theme's function:
If you put the function in each template, you need to create several functions and will not work in the another template.

function wpq_repeat_sc($case=''){
switch($case){
case 'one' :
$output = do_shortcode('[private]The Fisrt COntent is Here[/private]');
break;
default :
$output = do_shortcode('[private]Default COntent is Here[/private]');
break;
}

return $output;
}


put this code in the template file
<?php echo wpq_repeat_sc('case'); ?>


streetfire comments:

This sounds interesting, but it doesn't quite make sense to me. Do I have to write one of those functions for every template?

Also, what are you suggesting get's put between the shortcodes up there? If that is supposed to be my template code... that doesn't really solve the issue I'm trying to get away from... and that's reformatting all the code.

Please clarify, thank you!!! :)