Ask your WordPress questions! Pay money and get answers fast! (more info)

Whitelist URLs containing dynamic queries WordPress

  • SOLVED

Hello.

I have some code I'm using to block any non-logged in users from my site. If any nonlogged in users try and access any page not in the whitelist, they are redirected to the login page.



add_action('template_redirect', 'redirect_to_specific_page');

function redirect_to_specific_page()
{

// redirect NON LOGGED-IN users to the login page
// except if they are on certain pages

if (!is_user_logged_in()) {

if (!is_page(array(
'916', // Login page
'940', // Bronze signup
'1015', // Silver signup
'1017', // Gold signup
'1044', // 1 Bronze signup
'1046', // 1 Silver signup
'1048', // 1Gold signup
'1051', // Logging-out page (because users are logged out before hitting this page)
'1334', // Welcome page (may be needed for something)
'1388', // Change Password/Profile page (needed for invited Group Users)
'1431', // Invited Page (ref. in Group Accounts invite link)
'1289', // Silver 50% discount signup
'1291', // Gold 50% discount signup
'1322', // Expired page
'1217', // Group expired page
'851', // Dashboard
'1192', // Group dashboard
))) {

wp_redirect('https://www.example.com/login/', 302);
exit;
}

}
}


Now, I also want to whitelist some dynamically gererated URLs. They are:

https://www.example.com/?crfw_cart_hash=op&[email protected]&crfw_action=checkout

and

https://www.example.com/?rcpga-invite-key=%24P%24BYO7dSbb544rPI%2FgNKxWseQZLRr8Lz%2F&rcpga-user=jimbob%2B1234%40gmail.com

These URLs are different for every user, because they're generated dynamically.

So any URL starting with https://www.example.com/?crfw_cart_hash or https://www.example.com/?rcpga-invite-key should be allowed to go through, and not blocked. How do I do this?

Answers (2)

2017-01-21

Rempty answers:

if((isset($_GET['crfw_cart_hash']) && $_GET['crfw_cart_hash']!='') OR (isset($_GET['rcpga-invite-key']) && $_GET['rcpga-invite-key']!='') ){
//Do whatever i need to do here
}


jimbob comments:

@rempty

Please can you add that to the plugin code above, and also briefly explain how it works?

Thank you.


Rempty comments:

Please check if this works

add_action('template_redirect', 'redirect_to_specific_page');

function redirect_to_specific_page()
{
// redirect NON LOGGED-IN users to the login page
// except if they are on certain pages

if (!is_user_logged_in()) {
if (!is_page(array(
'916', // Login page
'940', // Bronze signup
'1015', // Silver signup
'1017', // Gold signup
'1044', // 1 Bronze signup
'1046', // 1 Silver signup
'1048', // 1Gold signup
'1051', // Logging-out page (because users are logged out before hitting this page)
'1334', // Welcome page (may be needed for something)
'1388', // Change Password/Profile page (needed for invited Group Users)
'1431', // Invited Page (ref. in Group Accounts invite link)
'1289', // Silver 50% discount signup
'1291', // Gold 50% discount signup
'1322', // Expired page
'1217', // Group expired page
'851', // Dashboard
'1192', // Group dashboard
))
&&
!((isset($_GET['crfw_cart_hash'])) OR (isset($_GET['rcpga-invite-key'])))
)
{

wp_redirect('https://www.example.com/login/', 302);
exit;
}

}
}


jimbob comments:

Seems to work. Thanks.

2017-01-22

jimbob answers:

.