- creates redirect-home function

- restrict prof form to profs
- restrict paypal page for prof only

plugins/cipf_plugin/php/paypal/payment_page.php

@@ -22,9 +22,7 @@ function payment_page_checks_CIPF() {
 	$slug_paypal_page = PLGNTLS_class::SLUG_PAYPAL_PAGE;
 
 	// check the slug
-	global $wp;
-	$current_slug = $wp->request;
-	if ($current_slug !== $slug_paypal_page) {
+	if (!is_page($slug_paypal_page)) {
 		return;
 	}
 
@@ -39,24 +37,28 @@ add_action('wp', 'payment_page_checks_CIPF');
 
 
 /*
-* if profil needs redirection, it happens here
+* only profs can access this page
 *
 */
 function payment_page_redirects_CIPF() {
 	PLGNTLS_class::debug_infos();
 	$slug_paypal_page = PLGNTLS_class::SLUG_PAYPAL_PAGE;
+	$role_prof = PLGNTLS_class::ROLE_PROF;
 
 	// check the slug
-	global $wp;
-	$current_slug = $wp->request;
-	if ($current_slug !== $slug_paypal_page) {
+	if (!is_page($slug_paypal_page)) {
 		return;
 	}
 
-	// get the user id
-	$user_id = get_current_user_id();
-
-	// do redirections here
+	/*
+	* if prof, don't redirect
+	* for everyone else, redirect
+	*
+	*/
+	if (current_user_can($role_prof)) {
+		return;
+	}
+	redirect_home_CIPF();
 
 }
 add_action('template_redirect', 'payment_page_redirects_CIPF');
@@ -73,9 +75,7 @@ function payment_page_scripts_CIPF() {
 	$slug_paypal_page = PLGNTLS_class::SLUG_PAYPAL_PAGE;
 
 	// check the slug
-	global $wp;
-	$current_slug = $wp->request;
-	if ($current_slug !== $slug_paypal_page) {
+	if (!is_page($slug_paypal_page)) {
 		return;
 	}
 

plugins/cipf_plugin/php/profs_form.php

@@ -61,20 +61,27 @@ add_action('df_after_process', 'prof_after_form_CIPF', 10, 3);
 
 
 /*
-* redirections
+* only profs can access this form
 *
 */
 function prof_form_restrictions_CIPF(){
 	PLGNTLS_class::debug_infos();
 	$slug_renew_card = PLGNTLS_class::SLUG_RENEW_CARD;
+	$role_prof = PLGNTLS_class::ROLE_PROF;
 
-	if (!is_page($slug_renew_card))
+	if (!is_page($slug_renew_card)) {
 		return;
+	}
 
-	$user_id = get_current_user_id();
-
-	// redirections here
-
+	/*
+	* if prof, don't redirect
+	* for everyone else, redirect
+	*
+	*/
+	if (current_user_can($role_prof)) {
+		return;
+	}
+	redirect_home_CIPF();
 }
 add_action('template_redirect', 'prof_form_restrictions_CIPF');
 

plugins/cipf_plugin/php/profs_profil.php

@@ -54,15 +54,13 @@ function prof_profil_redirects_CIPF() {
 	PLGNTLS_class::debug_infos();
 	$role_fipf = PLGNTLS_class::ROLE_FIPF;
 	$role_admin = PLGNTLS_class::ROLE_ADMIN;
+	$role_partner = PLGNTLS_class::ROLE_PARTNER;
 
 	// is an author page
 	if (!is_author())
 		return;
 
-	// the way to find the id of the author of an author_page
-	$author_id = get_queried_object_id();
 
-	$current_user = wp_get_current_user();
 
 	/*
 	* check multiple user roles
@@ -70,26 +68,30 @@ function prof_profil_redirects_CIPF() {
 	* if user->role is found in array of allowed role, no redirection needed
 	*
 	*/
+	$current_user = wp_get_current_user();
 	$allowed_roles = array($role_admin, $role_fipf);
 	if (array_intersect($allowed_roles, $current_user->roles))
 		return;
 
-	/*
-	* both 'get_queried_object_id' and 'get_the_author_meta' works here,
-	* i don't knwo why it's not alwasy the case :
-	*
-	$author_id = get_the_author_meta( 'ID' ); 
-	*/
-	$author_id = get_queried_object_id();
 
-	$current_user_id = get_current_user_id();
+	/*
+	* if partner, redirect
+	*
+	*/
+	if (current_user_can($role_partner)) {
+		redirect_home_CIPF();
+	}
+
 
 	/*
 	* if connected user is not author, get out
 	*
 	*/
+	// the way to find the id of the author of an author_page
+	$author_id = get_queried_object_id();
+	$current_user_id = get_current_user_id();
 	if ($current_user_id != $author_id) {
-		redirection_profil_CIPF();
+		redirect_home_CIPF();
 	}
 
 }

plugins/cipf_plugin/php/redirections.php

@@ -9,6 +9,24 @@ if (!defined('ABSPATH')) {
 
 
 
+
+/*
+* redirects direct to home
+*
+*/
+function redirect_home_CIPF(){
+	PLGNTLS_class::debug_infos();
+
+	// Set up nocache headers before redirecting : https://developer.wordpress.org/reference/functions/wp_safe_redirect/#user-contributed-notes
+	nocache_headers();
+
+	wp_redirect(home_url(), 301);
+	exit;
+}
+
+
+
+
 /*
 * redirect users to profil
 * if prof -> author page
@@ -21,7 +39,6 @@ function redirection_profil_CIPF(){
 	$role_partner = PLGNTLS_class::ROLE_PARTNER;
 	$slug_partner_create_page = PLGNTLS_class::SLUG_PARTNER_CREATE_PAGE;
 
-	$base_url = home_url();
 	$partner_page_creation = home_url($slug_partner_create_page);
 	$current_user_id = get_current_user_id();
 
@@ -29,8 +46,7 @@ function redirection_profil_CIPF(){
 	nocache_headers();
 
 	if (!is_user_logged_in()) {
-		wp_redirect($base_url, 301);
-		exit;
+		redirect_home_CIPF();
 	}
 
 	/*
@@ -72,8 +88,7 @@ function redirection_profil_CIPF(){
 		exit;
 	}
 	else {
-		wp_redirect($base_url, 301);
-		exit;
+		redirect_home_CIPF();
 	}
 }
 
@@ -89,6 +104,15 @@ function redirection_page_CIPF(){
 	PLGNTLS_class::debug_infos();
 	$slug_page_redirection = PLGNTLS_class::SLUG_PAGE_REDIRECTION;
 
+	
+	/*
+	* why is_page($slug_page_redirection); didn't work ?
+	* or maybe it did ? it seemed to fail,
+	* maybe because the page does not actually exist
+	* anyway $wp->request works
+	*
+	*/
+
 	global $wp;
 	$current_slug = $wp->request;
 	if ($current_slug !== $slug_page_redirection) {