Skip to:
Content
Pages
Categories
Search
Top
Bottom

How can I restrict all forum content to members only?


  • bobdobbs
    Participant

    @bobdobbs

    How can I restrict all forum content to members only?
    I know that this is an oft-discussed topic, but I have yet to find a satisfactory solution.

    I want to have a website that has public content and a private forum.
    All posts and pages will be private – except for all forum content.

    ‘bbPress Members Only’is a great and mature solution, but it bars access to all posts and pages except for a few defaults.

    Many membership plugins exist, including free ones. I could use one of those, but they not designed for this specific purpose. As such they require configuration for this specific case. This could work, but there are risks to privacy when configuring and updating a general-purpose plugin.

    I found a plugin (sorry, can’t remember the name) that does most of what I want, but it leaves topic archives exposed. I think the point of that was that it allows a forum to advertise its content. This is the opposite of what I want.

    The approach that I’m about to experiment with will be a programmatic one:
    In PHP I will parse the URL. If the URL contains the string ‘forums’, then I’ll redirect the request to a gatekeeping page.

    In the meantime, if anyone can tell me about an approach or a plugin that I’ve missed, then please let me know.

Viewing 6 replies - 1 through 6 (of 6 total)

  • bobdobbs
    Participant

    @bobdobbs

    I have a solution.

    It relies on a couple of assumptions: one being that the structure of URL’s is like this:
    http://mysite.com/forums/…’

    Assumption 2: all users with an account on the website are allowed to access the forum.

    This function does the following:
    If the user requests a resource under ‘/forums/’ then we test to see if the user has a wordpress account and is logged in. If the user isn’t logged into the wordpress account, then they get denied.

    In production I’ve replaced ‘wp_die’ with a wp_redirect to another page.

    /**
    * If a user is not a forum member, and requests the forum index page then redirect them
    */

    add_action('init', 'as_protect_forums');
    
    function  as_protect_forums() {
    
        // get the path of the requested URI
        $current_url = home_url($_SERVER['REQUEST_URI']);
    
        $path = parse_url($current_url, PHP_URL_PATH) ;
    
        $parts = explode('/', $path) ;
    
        $first_part = $parts[1] ;
    
        if (  $first_part === 'forums' ) {
            if ( 0 === get_current_user_id() ) {
                wp_die('nope');
            }
        }
    
    }
    
    

    Robin W
    Moderator

    @robin-w


    bobdobbs
    Participant

    @bobdobbs

    Hi Robin. I looked at this a while ago and did some experimentation with it.
    I’m sure it does what I need, but it requires too much configuration and mental overhead for my simple requirements.

    That’s not a criticism of the plugin itself! It looks great!

    But its flexibility requires me to learn its complex model.
    And my needs are dead simple: simply make all forum content inaccessible to everyone who isn’t signed in as a forum member.

    Afaict, the function I’ve created above does a good enough job toward that end.
    The main issue is that it allows access to anyone who isn’t a member, as long as they have a login to the website.

    For me this isn’t a problem yet: the only members of the site will be forum members.
    At this point I’m not sure how to test for that. I’ll get around to figuring that out at some point.


    Robin W
    Moderator

    @robin-w

    ok, but there are lots of ways non members can see content beyond a prefix of /forums/ so it depends if you are after a deterrent or a lock !!


    bobdobbs
    Participant

    @bobdobbs

    Yes, I’m definitely after a lock rather than a deterrent.

    I’m going on the assumption that http requests for bbpress content returns a url with a path that has ‘forums’ in that position.

    What are the ways that non-members can access content outside of that condition?

    ie, what are the other conditions that I have to protect against?


    Robin W
    Moderator

    @robin-w

    yes, you’ll need to look at the urls for topics replies and profiles, and search results, as well as other stuff that I can’t remember offhand – I spent many many hours writing the private groups plugin to catch issues and don’t have a list of them.

Viewing 6 replies - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.
Skip to toolbar