Community Support Forums

Hi -

I'm trying to set up s2member as described in the introduction video but i can still reach the "secured" page.

- Installed and activated plugin
- Created "membership options" and "login welcome page" and configured them in general options
- Created "members only page" and entered it's ID in the "post access restrictions"

i can still reach the "secured page".

Tried that on two wordpress installations (XAMPP, windows), the second with the default twentyten theme. Disabled all additional plugins - still no effect.

Any idea where i could look at to get the security mechanism to work?

greets from Salzburg,

- Johannes

I am far from an expert in here, but i had a similar situation when i installed my own s2Member plugin. If you are logged in to your WP, you are an admin, so you see everything, no matter what. If you have access to another computer, you can test from there WITHOUT logging in, so you will be just like a new visitor. Otherwise, you can log out of WP completely, and then try. I prefer the method of another computer so i dont have to log out and back in all the time (saves time). Hope it helps, otherwise, someone smarter than me (ok, more knowledgeable) will surely be in soon.

Hi cassel -

Sorry: forgot to mention that i logged into wp-admin with chrome and viewed the page via firefox - so no session sharing issues here - the plugin just doesn't secure the page as in the quickstart video ...

I somehow run out of ideas,

- johannes

Hi Johannes.

Check if this is what's causing you the problem viewtopic.php?f=36&t=1066

This video may also help you with your problem http://www.s2member.com/content-restric ... ble-video/

Also, in case you edited user roles with another plugin, if you give edit capabilities then WordPress considers that account at Admin level, and so will s2Member behave.

Let me know if that helps.

Hi Cristián -

Found out: I'm usually developing with XAMPP (A WAMP-installation package) on my local computer before uploading pages to the customers servers.

Your static method c_ws_plugin__s2member_systematics::is_systematic_use_page () has a rule (line 40) wich returns true on local hosted pages requested by the local browser. That intentionally prevents the execution of the security code from line 63 in pages.inc.php.

Is there a reason you unlock every page on a local dev-system? Could that be moved into an configurable option?

Btw. What stands against a deeper integration into the wp-pages/post/category interface to secure these instead of manually entering IDs into the s2member general options page?

There are easy ways to insert functionality into the wp quickedit pane and the normal edit/create post page (i've done that for several plugins). That way the users would not have to hazzle with IDs (and remembering them I could send you some code samples if you're interested: I do have made a little plugin with postpage quickedit integration some days ago.

just my 5 cents,
greets from Salzburg!

- Johannes

Very cool! Thanks for the great feedback, Johannes!

I'll be letting Jason know what you said.

Have you guys seen this post?
viewtopic.php?f=4&t=644&p=8255#p8255

Please add this to your /wp-config.php file:
define("LOCALHOST", true);

Yeah, I thought of mentioning that, but wasn't sure how it'd answer his questions.