1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
/**
   * Restricts access of logged out users
   */ 
  public static function restrict_access() {
    global $bp;
    global $wp;

    /**
     * For any logged in user, if the URL contains this String as a get variable,
     * then they will be redirected to URI that is passsed to it.
     */
    $REDIRECT_QUERY_NAME = MM_BUDDYPRESS_PRIVATE_COMMUNITY::$REDIRECT_HOOK;

    //If logged in then check to see if a redirect is possible - then redirect.
    if (is_user_logged_in()) {
      if (isset($_GET[$REDIRECT_QUERY_NAME])) {
        // This always redirects logged in users when the $REDIRECT_QUERY_NAME is valid!
        $REDIRECT_TO = $bp->root_domain . '/' . urldecode($_GET[$REDIRECT_QUERY_NAME]);
        bp_core_redirect($REDIRECT_TO);
        exit();
      }
      // User is logged in - so everything else is OK - normal WP/BP permission take control.
    }else {
      //Logged out! Handle redirect to accessible page, if needed.
      $REDIRECT_TO = MM_BUDDYPRESS_PRIVATE_COMMUNITY::$REDIRECT_TO_URL;
      $allowed_uris = MM_BUDDYPRESS_PRIVATE_COMMUNITY::$ALLOWED_URIS;

      $current_page = $wp->query_vars['pagename'];

      //Check to see if logged out user is allowed access to this page  
      if (in_array($current_page,$allowed_uris)) {
        return;
      }

      // If this part is reached, then the user is logged out and doesn't have access to this page.
      // So, handle the redirect to the default accessible page.

      // This assumes the $REDIRECT_TO doesn't already have a ? in the URL.
      $REDIRECT_TO .= '?' . $REDIRECT_QUERY_NAME . '=' . urlencode($current_page);

      bp_core_redirect($REDIRECT_TO);
      exit();
    }
  }