- fixed error partner page draft redirection with post id

- fixed error all logged in user could see partner post in draft

plugins/cipf_plugin/php/_utils_checks_roles.php

@@ -76,7 +76,7 @@ function current_user_can_CIPF($capability) {
 
 
 /*
-* checks if current user is partner
+* checks if current user is role
 * works as soon as 'init' hook
 *
 * first hook to use is...() is parse_query
@@ -85,43 +85,37 @@ function current_user_can_CIPF($capability) {
 * but 'init' already has set user, so we can recreate the functions
 *
 */
-function is_partner() {
+function is_role_CIPF($role) {
 	Plgntls::debug_infos();
-	$role_partner = Cipf::ROLE_PARTNER;
 
 	if (!is_user_logged_in_CIPF()) {
 		return false;
 	}
-	if (!current_user_can_CIPF($role_partner)) {
+	if (!current_user_can_CIPF($role)) {
 		return false;
 	}
 	return true;
 }
 
-
-
-
-/*
-* checks if current user is prof
-* works as soon as 'init' hook
-*
-* first hook to use is...() is parse_query
-* -> https://developer.wordpress.org/apis/hooks/action-reference/
-* - after 'init', before 'wp'
-* but 'init' already has set user, so we can recreate the functions
-*
-*/
-function is_prof() {
+function is_admin_CIPF() {
+	Plgntls::debug_infos();
+	$role_admin = Cipf::ROLE_ADMIN;
+	return is_role_CIPF($role_admin);
+}
+function is_fipf_CIPF() {
+	Plgntls::debug_infos();
+	$role_fipf = Cipf::ROLE_FIPF;
+	return is_role_CIPF($role_fipf);
+}
+function is_partner_CIPF() {
+	Plgntls::debug_infos();
+	$role_partner = Cipf::ROLE_PARTNER;
+	return is_role_CIPF($role_partner);
+}
+function is_prof_CIPF() {
 	Plgntls::debug_infos();
 	$role_prof = Cipf::ROLE_PROF;
-
-	if (!is_user_logged_in_CIPF()) {
-		return false;
-	}
-	if (!current_user_can_CIPF($role_prof)) {
-		return false;
-	}
-	return true;
+	return is_role_CIPF($role_prof);
 }
 
 

plugins/cipf_plugin/php/_utils_redirections.php

@@ -85,7 +85,7 @@ function redirection_profil_CIPF(){
 			$redirect_url = $partner_page_creation;
 		}
 		else {
-			$redirect_url = get_permalink($partner_post->ID);
+			$redirect_url = get_post_url_CIPF($partner_post->ID);
 		}
 		// Set up nocache headers before redirecting : https://developer.wordpress.org/reference/functions/wp_safe_redirect/#user-contributed-notes
 		nocache_headers();
@@ -99,6 +99,28 @@ function redirection_profil_CIPF(){
 
 
 
+/*
+* get the url from a post_id
+* dont use permalink since it returns an url with post_id in case post is draft :
+* ex: https://site.com/?p=40772
+*
+*/
+function get_post_url_CIPF($post_id = null) {
+	Plgntls::debug_infos(2);
+	if (empty($post_id)) {
+		return;
+	}
+	$post = get_post($post_id);
+	if (empty($post)) {
+		return;
+	}
+	$post_url = home_url($post->post_name);
+	return $post_url;
+}
+
+
+
+
 
 /*
 * redirects when trying to access the page with SLUG_PAGE_REDIRECTION

plugins/cipf_plugin/php/partners_form.php

@@ -42,7 +42,7 @@ function is_partner_form_creation_page_CIPF() {
 function partner_form_creation_page_init_CIPF() {
 	Plgntls::debug_infos(2);
 
-	if (!is_partner()) {
+	if (!is_partner_CIPF()) {
 		return;
 	}
 	Plgntls::debug_infos();
@@ -63,7 +63,7 @@ add_action('init','partner_form_creation_page_init_CIPF');
 function partner_form_creation_page_CIPF() {
 	Plgntls::debug_infos(2);
 
-	if (!is_partner()) {
+	if (!is_partner_CIPF()) {
 		return;
 	}
 	if (!is_partner_form_creation_page_CIPF()) {

plugins/cipf_plugin/php/partners_page.php

@@ -19,7 +19,7 @@ function is_own_partner_CIPF() {
 	Plgntls::debug_infos(2);
 	$role_partner = Cipf::ROLE_PARTNER;
 
-	if (!is_partner()) {
+	if (!is_partner_CIPF()) {
 		return false;
 	}
 	if (!is_single()) {
@@ -51,7 +51,7 @@ function is_own_partner_CIPF() {
 function partner_page_init_CIPF() {
 	Plgntls::debug_infos(2);
 
-	if (!is_partner()) {
+	if (!is_partner_CIPF()) {
 		return;
 	}
 	Plgntls::debug_infos();
@@ -105,6 +105,63 @@ add_action('wp_enqueue_scripts', 'partner_page_scripts_CIPF', 11);
 
 
 
+/*
+* prevent access to the post if in draft
+*
+*/
+function restrict_partner_page_draft_CIPF() {
+	Plgntls::debug_infos(2);
+
+	/*
+	* the restrictions only concerns logged in users
+	* and on post (partner pages)
+	* -> own partners are not restricted
+	* -> also not admin and fipf
+	*
+	*/
+	if (!is_single()) {
+		return;
+	}
+	if (!is_user_logged_in()) {
+		return;
+	}
+	if (is_fipf_CIPF()) {
+		return;
+	}
+	if (is_admin_CIPF()) {
+		return;
+	}
+	if (is_own_partner_CIPF()) {
+		return;
+	}
+	Plgntls::debug_infos();
+
+	/*
+	* get the post id and object
+	*
+	*/
+	$post_id = get_the_ID();
+	$current_post = get_post($post_id);
+	if (is_null($current_post)) {
+		return;
+	}
+
+	/*
+	* if post is draft, nobody should see it,
+	* except own partner (but they are already out this function)
+	*
+	*/
+	if ($current_post->post_status === 'draft') {
+		redirect_home_CIPF();
+	}
+}
+add_action('template_redirect', 'restrict_partner_page_draft_CIPF');
+
+
+
+
+
+
 /*
 * listen to the front button to toggle page publish/draft
 *
@@ -174,56 +231,81 @@ add_action('template_redirect', 'toggle_partner_page_CIPF');
 
 
 /*
-* if url uses post id : /?p=40772
-* make redirects to its post_name version : /la-fipf
+* if url uses post id, ex: /?p=40772
+* make redirects to its post_name version, ex: /la-fipf
 *
 */
-//function partner_page_check_url_CIPF() {
-//	Plgntls::debug_infos(2);
-//	if (!is_own_partner_CIPF()) {
-//		return;
-//	}
-//	Plgntls::debug_infos();
-//
-//	/*
-//	* get the post name
-//	*
-//	*/
-//	$post_id = get_the_ID();
-//	$current_post = get_post($post_id);
-//	if (is_null($current_post)) {
-//		return;
-//	}
-//
-//	/*
-//	*
-//	*
-//	$is_query_id = get_query_var('p', false);
-//	if (false === $is_query_id) {
-//		return;
-//	}
-//	else {
-//		wp_safe_redirect(home_url($current_post->post_name));
-//	}
-//	*/
-//	$current_url = untrailingslashit(get_permalink());
-//	if (false === $current_url) {
-//		return;
-//	}
-//	$url = untrailingslashit(home_url($current_post->post_name));
-//global $wp;
-//error_log("wp: " . json_encode($wp));
-//error_log("wp->request: " . json_encode($wp->request));
-//error_log("url: " . json_encode($url));
-//error_log("current_url: " . json_encode($current_url));
-//error_log("current_post->post_name: " . json_encode($current_post->post_name));
-//	if ($url !== $current_url) {
-//		wp_safe_redirect(home_url($current_post->post_name));
-//		exit;
-//	}
-//}
-//add_action('template_redirect', 'partner_page_check_url_CIPF');
+function partner_page_check_url_CIPF() {
+	Plgntls::debug_infos(2);
+	if (!is_own_partner_CIPF()) {
+		return;
+	}
+	Plgntls::debug_infos();
 
+	/*
+	* get the post name
+	*
+	*/
+	$post_id = get_the_ID();
+	$current_post = get_post($post_id);
+	if (is_null($current_post)) {
+		return;
+	}
+
+	/*
+	* 
+	*
+	*/
+	$current_slug = trim($_SERVER['REQUEST_URI'], '/');
+	$slug = trim($current_post->post_name, '/');
+
+	if ($slug !== $current_slug) {
+		wp_safe_redirect(home_url($slug));
+		exit;
+	}
+}
+add_action('template_redirect', 'partner_page_check_url_CIPF', 9);
+
+/*
+
+global $wp;
+error_log("wp: " . json_encode($wp));
+error_log("wp->request: " . json_encode($wp->request));
+error_log("url: " . json_encode($url));
+error_log("current_url: " . json_encode($current_url));
+error_log("current_post->post_name: " . json_encode($current_post->post_name));
+error_log("get_page_uri: " . json_encode(get_page_uri()));
+error_log("_SERVER: " . json_encode($_SERVER));
+error_log("_SERVER[REQUEST_URI]: " . json_encode(trim($_SERVER['REQUEST_URI'], '/')));
+error_log("_REQUEST: " . json_encode($_REQUEST));
+error_log("_GET: " . json_encode($_GET));
+error_log("_POST: " . json_encode($_POST));
+
+wp: {"public_query_vars":{"0":"m","1":"p","2":"posts","3":"w","4":"cat","5":"withcomments","6":"withoutcomments","7":"s","8":"search","9":"exact","10":"sentence","11":"calendar","12":"page","13":"paged","14":"more","15":"tb","16":"pb","17":"author","18":"order","19":"orderby","20":"year","21":"monthnum","22":"day","23":"hour","24":"minute","25":"second","26":"name","27":"category_name","28":"tag","29":"feed","30":"author_name","31":"pagename","32":"page_id","33":"error","34":"attachment","35":"attachment_id","36":"subpost","37":"subpost_id","38":"preview","39":"robots","40":"favicon","41":"taxonomy","42":"term","43":"cpage","44":"post_type","45":"embed","46":"post_format","50":"test","51":"rest_route","52":"sitemap","53":"sitemap-subtype","54":"sitemap-stylesheet","55":"action","56":"pid","57":"et_code_snippet_type","58":"et_pb_preview"},"private_query_vars":["offset","posts_per_page","posts_per_archive_page","showposts","nopaging","post_type","post_status","category__in","category__not_in","category__and","tag__in","tag__not_in","tag__and","tag_slug__in","tag_slug__and","tag_id","post_mime_type","perm","comments_per_page","post__in","post__not_in","post_parent","post_parent__in","post_parent__not_in","title","fields"],"extra_query_vars":[],"query_vars":{"page":"","name":"la-fipf"},"query_string":"name=la-fipf","request":"la-fipf","matched_rule":"([^\/]+)(?:\/([0-9]+))?\/?$","matched_query":"name=la-fipf&page=","did_permalink":true}
+wp->request: "la-fipf"
+url: "https:\/\/local-cipf-plugin.com\/la-fipf"
+current_url: "https:\/\/local-cipf-plugin.com\/?p=40772"
+current_post->post_name: "la-fipf"
+get_page_uri: "la-fipf"
+_SERVER: {"SERVER_SOFTWARE":"nginx\/1.20.2","REQUEST_URI":"\/la-fipf","USER":"www-data","HOME":"\/home\/www-data","HTTP_SEC_FETCH_SITE":"cross-site","HTTP_SEC_FETCH_MODE":"navigate","HTTP_SEC_FETCH_DEST":"document","HTTP_UPGRADE_INSECURE_REQUESTS":"1","HTTP_COOKIE":"wordpress_test_cookie=WP%20Cookie%20check; wordpress_logged_in_351da2be51e3820c1ef099eec9d2e669=La%20FIPF%7C1712428136%7CJuUiFWt1MLm3wKin6FPTbhpC3ivFGEEYerG8UHAQHeR%7Cf4901ba90d872ab24ae82115df09f1a978fc56fc647d40a6422a369eacd3a571; mjx.menu=renderer%3ANativeMML%26%3Bsemantics%3Atrue%26%3Bcontext%3ABrowser%26%3Bzoom%3ANone","HTTP_CONNECTION":"keep-alive","HTTP_SEC_GPC":"1","HTTP_DNT":"1","HTTP_ACCEPT_ENCODING":"gzip, deflate, br","HTTP_ACCEPT_LANGUAGE":"en-US,en;q=0.5","HTTP_ACCEPT":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/avif,image\/webp,*\/*;q=0.8","HTTP_USER_AGENT":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:124.0) Gecko\/20100101 Firefox\/124.0","HTTP_HOST":"local-cipf-plugin.com","REDIRECT_STATUS":"200","SERVER_NAME":"local-cipf-plugin.com","SERVER_PORT":"443","SERVER_ADDR":"172.20.0.4","REMOTE_PORT":"51368","REMOTE_ADDR":"172.20.0.1","GATEWAY_INTERFACE":"CGI\/1.1","HTTPS":"on","REQUEST_SCHEME":"https","SERVER_PROTOCOL":"HTTP\/1.1","DOCUMENT_ROOT":"\/var\/www\/html","DOCUMENT_URI":"\/index.php","SCRIPT_NAME":"\/index.php","CONTENT_LENGTH":"","CONTENT_TYPE":"","REQUEST_METHOD":"GET","QUERY_STRING":"q=\/la-fipf","SCRIPT_FILENAME":"\/var\/www\/html\/index.php","FCGI_ROLE":"RESPONDER","PHP_SELF":"\/index.php","REQUEST_TIME_FLOAT":1712259286.018937,"REQUEST_TIME":1712259286}
+_SERVER[REQUEST_URI]: "la-fipf"
+_REQUEST: {"q":"\/la-fipf"}
+_GET: {"q":"\/la-fipf"}
+_POST: []
+
+wp: {"public_query_vars":{"0":"m","1":"p","2":"posts","3":"w","4":"cat","5":"withcomments","6":"withoutcomments","7":"s","8":"search","9":"exact","10":"sentence","11":"calendar","12":"page","13":"paged","14":"more","15":"tb","16":"pb","17":"author","18":"order","19":"orderby","20":"year","21":"monthnum","22":"day","23":"hour","24":"minute","25":"second","26":"name","27":"category_name","28":"tag","29":"feed","30":"author_name","31":"pagename","32":"page_id","33":"error","34":"attachment","35":"attachment_id","36":"subpost","37":"subpost_id","38":"preview","39":"robots","40":"favicon","41":"taxonomy","42":"term","43":"cpage","44":"post_type","45":"embed","46":"post_format","50":"test","51":"rest_route","52":"sitemap","53":"sitemap-subtype","54":"sitemap-stylesheet","55":"action","56":"pid","57":"et_code_snippet_type","58":"et_pb_preview"},"private_query_vars":["offset","posts_per_page","posts_per_archive_page","showposts","nopaging","post_type","post_status","category__in","category__not_in","category__and","tag__in","tag__not_in","tag__and","tag_slug__in","tag_slug__and","tag_id","post_mime_type","perm","comments_per_page","post__in","post__not_in","post_parent","post_parent__in","post_parent__not_in","title","fields"],"extra_query_vars":[],"query_vars":{"p":"40772"},"query_string":"p=40772","request":"","matched_rule":"","matched_query":"","did_permalink":false}
+wp->request: ""
+url: "https:\/\/local-cipf-plugin.com\/la-fipf"
+current_url: "https:\/\/local-cipf-plugin.com\/?p=40772"
+current_post->post_name: "la-fipf"
+get_page_uri: "la-fipf"
+_SERVER: {"SERVER_SOFTWARE":"nginx\/1.20.2","REQUEST_URI":"\/?p=40772","USER":"www-data","HOME":"\/home\/www-data","HTTP_SEC_FETCH_USER":"?1","HTTP_SEC_FETCH_SITE":"same-origin","HTTP_SEC_FETCH_MODE":"navigate","HTTP_SEC_FETCH_DEST":"document","HTTP_UPGRADE_INSECURE_REQUESTS":"1","HTTP_COOKIE":"wordpress_test_cookie=WP%20Cookie%20check; wordpress_logged_in_351da2be51e3820c1ef099eec9d2e669=La%20FIPF%7C1712428136%7CJuUiFWt1MLm3wKin6FPTbhpC3ivFGEEYerG8UHAQHeR%7Cf4901ba90d872ab24ae82115df09f1a978fc56fc647d40a6422a369eacd3a571; mjx.menu=renderer%3ANativeMML%26%3Bsemantics%3Atrue%26%3Bcontext%3ABrowser%26%3Bzoom%3ANone","HTTP_CONNECTION":"keep-alive","HTTP_SEC_GPC":"1","HTTP_DNT":"1","HTTP_REFERER":"https:\/\/local-cipf-plugin.com\/la-fipf","HTTP_ACCEPT_ENCODING":"gzip, deflate, br","HTTP_ACCEPT_LANGUAGE":"en-US,en;q=0.5","HTTP_ACCEPT":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/avif,image\/webp,*\/*;q=0.8","HTTP_USER_AGENT":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:124.0) Gecko\/20100101 Firefox\/124.0","HTTP_HOST":"local-cipf-plugin.com","REDIRECT_STATUS":"200","SERVER_NAME":"local-cipf-plugin.com","SERVER_PORT":"443","SERVER_ADDR":"172.20.0.4","REMOTE_PORT":"51368","REMOTE_ADDR":"172.20.0.1","GATEWAY_INTERFACE":"CGI\/1.1","HTTPS":"on","REQUEST_SCHEME":"https","SERVER_PROTOCOL":"HTTP\/1.1","DOCUMENT_ROOT":"\/var\/www\/html","DOCUMENT_URI":"\/index.php","SCRIPT_NAME":"\/index.php","CONTENT_LENGTH":"","CONTENT_TYPE":"","REQUEST_METHOD":"GET","QUERY_STRING":"p=40772","SCRIPT_FILENAME":"\/var\/www\/html\/index.php","FCGI_ROLE":"RESPONDER","PHP_SELF":"\/index.php","REQUEST_TIME_FLOAT":1712259296.724377,"REQUEST_TIME":1712259296}
+_SERVER[REQUEST_URI]: "?p=40772"
+_REQUEST: {"p":"40772"}
+_GET: {"p":"40772"}
+_POST: []
+
+*/