Community Support Forums

Re: Doesn't secure page like in introduction tutorial

2011-04-19T00:54:08-05:00

Yeah, I thought of mentioning that, but wasn't sure how it'd answer his questions.

Statistics: Posted by Cristián Lávaque — April 19th, 2011, 12:54 am

Re: Doesn't secure page like in introduction tutorial

2011-04-18T13:51:31-05:00

Have you guys seen this post?
viewtopic.php?f=4&t=644&p=8255#p8255

Please add this to your /wp-config.php file:
define("LOCALHOST", true);

Statistics: Posted by Jason Caldwell — April 18th, 2011, 1:51 pm

Re: Doesn't secure page like in introduction tutorial

2011-04-18T01:57:07-05:00

Very cool! Thanks for the great feedback, Johannes!

I'll be letting Jason know what you said.

Statistics: Posted by Cristián Lávaque — April 18th, 2011, 1:57 am

No security on localhost by design

2011-04-18T01:28:00-05:00

Hi Cristián -

Found out: I'm usually developing with XAMPP (A WAMP-installation package) on my local computer before uploading pages to the customers servers.

Your static method c_ws_plugin__s2member_systematics::is_systematic_use_page () has a rule (line 40) wich returns true on local hosted pages requested by the local browser. That intentionally prevents the execution of the security code from line 63 in pages.inc.php.

Is there a reason you unlock every page on a local dev-system? Could that be moved into an configurable option?

Btw. What stands against a deeper integration into the wp-pages/post/category interface to secure these instead of manually entering IDs into the s2member general options page?

There are easy ways to insert functionality into the wp quickedit pane and the normal edit/create post page (i've done that for several plugins). That way the users would not have to hazzle with IDs (and remembering them I could send you some code samples if you're interested: I do have made a little plugin with postpage quickedit integration some days ago.

just my 5 cents,
greets from Salzburg!

- Johannes

Statistics: Posted by jjarolim — April 18th, 2011, 1:28 am

Re: Doesn't secure page like in introduction tutorial

2011-04-17T14:33:36-05:00

Hi Johannes.

Check if this is what's causing you the problem viewtopic.php?f=36&t=1066

This video may also help you with your problem http://www.s2member.com/content-restric ... ble-video/

Also, in case you edited user roles with another plugin, if you give edit capabilities then WordPress considers that account at Admin level, and so will s2Member behave.

Let me know if that helps.

Statistics: Posted by Cristián Lávaque — April 17th, 2011, 2:33 pm

Re: Doesn't secure page like in introduction tutorial

2011-04-17T11:02:39-05:00

Hi cassel -

Sorry: forgot to mention that i logged into wp-admin with chrome and viewed the page via firefox - so no session sharing issues here - the plugin just doesn't secure the page as in the quickstart video ...

I somehow run out of ideas,

- johannes

Statistics: Posted by jjarolim — April 17th, 2011, 11:02 am

Re: Doesn't secure page like in introduction tutorial

2011-04-17T10:49:22-05:00

I am far from an expert in here, but i had a similar situation when i installed my own s2Member plugin. If you are logged in to your WP, you are an admin, so you see everything, no matter what. If you have access to another computer, you can test from there WITHOUT logging in, so you will be just like a new visitor. Otherwise, you can log out of WP completely, and then try. I prefer the method of another computer so i dont have to log out and back in all the time (saves time). Hope it helps, otherwise, someone smarter than me (ok, more knowledgeable) will surely be in soon.

Statistics: Posted by cassel — April 17th, 2011, 10:49 am

Doesn't secure page like in introduction tutorial

2011-04-17T09:53:11-05:00

Hi -

I'm trying to set up s2member as described in the introduction video but i can still reach the "secured" page.

- Installed and activated plugin
- Created "membership options" and "login welcome page" and configured them in general options
- Created "members only page" and entered it's ID in the "post access restrictions"

i can still reach the "secured page".

Tried that on two wordpress installations (XAMPP, windows), the second with the default twentyten theme. Disabled all additional plugins - still no effect.

Any idea where i could look at to get the security mechanism to work?

greets from Salzburg,

- Johannes

Statistics: Posted by jjarolim — April 17th, 2011, 9:53 am