2

Fist of all, my PHP skills are almost zero, I used to have a friend to make this kind of things and I'm more into css and html and making the content of the web but since He disappeared I have to be in charge of this web of mine that works in Wordpress. He made an awesome app to download files that is not a WP Plugin but works fine, the only thing I wanna do is to make that tool into a "just if logged into the main web" tool. When click on the link that is manually generated it loads in a new page like:

"myweb[dot]com/folder1/Down.php?id=..."

I found that file ' Down.php ' that is something like this:

<?php
.
.
.
?>
<!DOCTYPE html>
<html lang="es-ES">
.
.
.
</html>

but I don't know how to add the wordpress user authentication, I found a code that could work... maybe, but I don't know how to use it, If you know how to do this or know another way I would very thankful if you could help me.

<?php 
if ( is_user_logged_in() ) :

    // Contenido solo para usuarios registrados    

else :

    // Mensaje para los que no pueden ver el contenido anterior
    echo 'Lo sentimos, este contenido sólo está disponible para usuarios registrados :-(';

endif;
?>

I already found a way to restrict the link's visiblity on the web(with a WP Plugin), but I also found that It's pretty easy to avoid it by guessing the direct link and that's pretty easy. Please, help me with this.

Improve this question
3
  • To use the is_user_logged_in() function, you'd need to load the WordPress code, which "Down.php" doesn't seem to be. See this question; it's talking about $wpdb, but the principle's the same. As per the comment in the accepted answer, you only need to include wp-load.php. In terms of where exactly to put the if-else block, that's hard to say without seeing the code of "Down.php". Commented Jun 27, 2016 at 3:57
  • Well forgot abot the 'else' statement, I just need the HTML to don't appear when Is not logged in on the main page, could you please give me some test code, especulation or something, I have more than a wordpress installation by the way, and my folders on the server are like: home/random_name/public_html(here is a WP Installation)/wp_main_ web_installation/download_folder(here are the app'Down.php' and the files to download) Commented Jun 27, 2016 at 5:13
  • The else statement isn't the tricky bit; it's understanding exactly the structure of "Down.php". But give me a few minutes and I'll post something that may help. Commented Jun 27, 2016 at 5:20

1 Answer 1

Reset to default
2

Based on my comment and your feedback, something like this might work. Put the code I've added right at the top, under <?php. It should (I haven't tested it) send a 403 (forbidden) response if the user isn't logged in.

<?php
$path = $_SERVER['DOCUMENT_ROOT'];
require_once $path . '/wp-load.php';

if ( ! is_user_logged_in() ) {
    header("HTTP/1.1 403 Forbidden" );
    die();
}

.
.
.
?>
<!DOCTYPE html>
<html lang="es-ES">
.
.
.
</html>

If WordPress isn't in public_html, it might fail (I'm not sure without testing) - it could need the directory name before wp-load.php. But if I've understood your question, that shouldn't be the case.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

OMG! It worked perfectly. For now, that would be all that I need. If you want I can send you that "Down.php" file now by email or something, and the files tree on my hostserver. Very very thank you.
Happy to help. No need to send me anything if it's working. Thanks for accepting my answer
Just to add one little thing, the web is not right there on the public_html, yes there is a wordpress installation there and works like a cover sheet only, the admin have access there, but the main web is a subdomain, that is on: public_html/subdomain/.
Oh, forget about that, I just learn a little of how the 'Document_Root' works, and ther's nothing to worry about.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.