WordPress/wordpress.org
0
0
Fork 0
mirror of https://gh.wpcy.net/https://github.com/WordPress/wordpress.org.git synced 2026-05-04 11:21:32 +08:00
Code Issues Packages Activity Actions
wordpress.org/common/includes/wporg-sso/bb-plugin.php
dd32 446ed6c6c7 Login: Add an interstitial to record ToS/CoC/Privacy policy acceptance upon login, blocking login if not accepted. 
This is currently only enabled for super admins while the feature is debugged/finalised.

See #5618.


git-svn-id: https://meta.svn.wordpress.org/sites/trunk@10889 74240141-8908-4e6f-9713-ba540dce6ec7
2021-04-13 07:23:31 +00:00

65 lines
2.2 KiB
PHP
Raw Permalink Blame History

<?php
/**
* bbPress-specific WPORG SSO: redirects all BB login and registration screens to our SSO ones.
*
* @uses WPOrg_SSO (class-wporg-sso.php)
* @author stephdau
*/
if ( ! class_exists( 'WPOrg_SSO' ) ) {
require_once __DIR__ . '/class-wporg-sso.php';
}
if ( class_exists( 'WPOrg_SSO' ) && ! class_exists( 'BB_WPOrg_SSO' ) ) {
class BB_WPOrg_SSO extends WPOrg_SSO {
/**
* Constructor: add our action(s)/filter(s)
*/
public function __construct() {
parent::__construct();
if ( $this->has_host() ) {
add_action( 'bb_init', array( &$this, 'redirect_all_login_or_signup_to_sso' ) );
}
}
/**
* Redirect all attempts to get to a BB login or signup to the SSO ones, or to a safe redirect location.
*
* @example add_action( 'bb_init', array( &$wporg_sso, 'redirect_all_bb_login_or_signup_to_sso' ) );
*/
function redirect_all_login_or_signup_to_sso() {
if ( ! $this->_is_valid_targeted_domain( $this->host ) ) {
// Not in list of targeted domains, not interested, bail out.
return;
} else if ( preg_match( '/\/register\.php$/', $this->script ) ) {
// Redirect registration request to the one we want to standardize on.
if ( "https://{$this->host}{$this->script}" !== $this->sso_signup_url ) {
$this->_safe_redirect( $this->sso_signup_url, 301 );
}
} else if ( preg_match( '/\/bb-login\.php$/', $this->script ) ) {
if ( ! empty( $_POST ) ) {
// Let users log in from the header's form, for now.
return;
} else if ( isset( $_GET['action'] ) && 'logout' == $_GET['action'] ) {
// Let users log out without a trip to the SSO host.
return;
}
$redirect_to_sso_login = $this->sso_login_url;
// Pass thru the requested action, logged out, if any
if ( ! empty( $_GET ) ) {
$redirect_to_sso_login = add_query_arg( $_GET, $redirect_to_sso_login );
}
// Pay extra attention to the post-process redirect_to
$redirect_to_sso_login = add_query_arg( 'redirect_to', urlencode( $this->_get_safer_redirect_to() ), $redirect_to_sso_login );
// Redirect to SSO login, trying to pass on a decent redirect_to request.
$this->_safe_redirect( $redirect_to_sso_login, 301 );
}
}
}
BB_WPOrg_SSO::get_instance();
}
Reference in a new issue View git blame Copy permalink