PriMoThemes — now s2Member® (official notice)

This is now a very OLD forum system. It's in READ-ONLY mode.
All community interaction now occurs at WP Sharks™. See: new forums @ WP Sharks™

Possible BuddyPress conflict

s2Member Plugin. A Membership plugin for WordPress®.

Possible BuddyPress conflict

Unread postby jmdodd » December 17th, 2011, 5:28 pm

Using a regular browser, the site is protected and behaves as it should. (The general public and anyone whose membership has not been moved to s2member_level1 can only see a limited set of pages.) However, when someone who is not logged in tries to go to http://site.com/foobar, and there is a WP post called foobar-esque, I see the browser location briefly flicker with a http://site.com/foobar-esque, then it forwards to the membership page.

The site is running up-to-date versions of WordPress, BuddyPress, BBPress, and s2Member. When I disabled all other plugins and returned to the default BP theme, the problem persisted. There is no inline content protection, only that provided by Restriction Options. Page and post ids are at Member Level 1, with the suggested BuddyPress URI restrictions also at Member Level 1.

When I am not logged in, there is still a way to view the entire site as if I were a logged-in user. Is this a normal behavior, and do I need to add inline content protection to all of the site templates?
User avatar
jmdodd
Registered User
Registered User
 
Posts: 5
Joined: December 4, 2011
Location: Virginia

Re: Possible BuddyPress conflict

Unread postby Cristián Lávaque » December 19th, 2011, 5:06 am

I'm not sure I understand. You mean the URI restriction is not preventing a non-logged in visitor to view a page that is restricted at Level 1?

And regarding the URL flickr, that may be WordPress finding a post that may match the URL you entered. But then the user doesn't get the page and is instead sent to the Membership Options page, right?
Cristián Lávaque http://s2member.netIs s2Member working for you? Please . Thanks! :)
User avatar
Cristián Lávaque
Developer
Developer
 
Posts: 6836
Joined: December 22, 2010

Re: Possible BuddyPress conflict

Unread postby jmdodd » December 19th, 2011, 9:34 am

Testing on the same server with Telnet or lynx does not produce a 301 response, but the protected page content. On all other servers I've tried from, I get a 301. When I tested the site briefly this weekend for usability, I did it from the same server's command line.

I just want to make sure that this is a localhost/Apache configuration issue, not one in which a spider will be able to read the site. I'm also checking this behavior with server support.

(And yes, the URL flicker does send the user through to the Membership Options page.)
User avatar
jmdodd
Registered User
Registered User
 
Posts: 5
Joined: December 4, 2011
Location: Virginia

Re: Possible BuddyPress conflict

Unread postby Cristián Lávaque » December 19th, 2011, 11:09 pm

OK.

Let me see if I understand: if you load the protected page with Firefox or Internet Explorer, you get the 301, but if you load the same pages with Telnet or Lynx you get the content you shouldn't get. Is that correct?

Regarding the localhost, is that your local machine? If so, make sure you check out this setting WP Admin -> s2Member -> General Options -> Localhost

Got it on the URL flickr going to the Membership Options, that's good.
Cristián Lávaque http://s2member.netIs s2Member working for you? Please . Thanks! :)
User avatar
Cristián Lávaque
Developer
Developer
 
Posts: 6836
Joined: December 22, 2010

Re: Possible BuddyPress conflict

Unread postby jmdodd » December 19th, 2011, 11:51 pm

That is correct. Using Chrome/Safari/Firefox, the site behaves as it should -- protected content is protected. We've set up the site using mainly URI (for BuddyPress) and Page/Post restrictions by ID.

When I am logged into the server itself and I use Lynx or telnet or wget to the complete URL on the command line, I get the protected content delivered and can browse the entire site using Lynx. I verified this with our server admin, but we were unable to replicate the results from an external box.
User avatar
jmdodd
Registered User
Registered User
 
Posts: 5
Joined: December 4, 2011
Location: Virginia

Re: Possible BuddyPress conflict

Unread postby Cristián Lávaque » December 20th, 2011, 5:15 am

Ah ok, I think I understand now. I'll email Jason about it.

Tell me, do you see this happen with the URI restricted content or also with the Page restrictions?

And were you logged out of your account when you browsed them? Just making sure.

Would this be a restriction problem if you could only do it while logged in to the server? Can others do that?
Cristián Lávaque http://s2member.netIs s2Member working for you? Please . Thanks! :)
User avatar
Cristián Lávaque
Developer
Developer
 
Posts: 6836
Joined: December 22, 2010

Re: Possible BuddyPress conflict

Unread postby jmdodd » December 20th, 2011, 7:45 am

Last edited by jmdodd on December 20th, 2011, 5:15 pm, edited 1 time in total.
User avatar
jmdodd
Registered User
Registered User
 
Posts: 5
Joined: December 4, 2011
Location: Virginia

Re: Possible BuddyPress conflict

Unread postby Jason Caldwell » December 20th, 2011, 9:12 am

Thanks for the heads up on this thread.

This sounds like an issue related to s2Member's localhost detection. I'm investigating this now, to see if we can tighten security in this regard. The server itself triggers s2Member's Systematics routine, because the server is accessing itself from the same IP address via lynx ( to be expected ). However, security should be tightened in this regard, because IP addresses can be spoofed by an attacker.
~ Jason Caldwell / Lead Developer
& Zeitgeist Movie Advocate: http://www.zeitgeistmovie.com/
Is the s2Member plugin working for you? Please rate s2Member at WordPress.org.
You'll need a ( comes in handy ). Then Image
.
User avatar
Jason Caldwell
Lead Developer
Lead Developer
 
Posts: 4045
Joined: May 3, 2010
Location: Georgia / USA

Re: Possible BuddyPress conflict

Unread postby Jason Caldwell » December 20th, 2011, 9:23 am

Investigation completed. This will be corrected in the release of s2Member v111220 later today.
~ Jason Caldwell / Lead Developer
& Zeitgeist Movie Advocate: http://www.zeitgeistmovie.com/
Is the s2Member plugin working for you? Please rate s2Member at WordPress.org.
You'll need a ( comes in handy ). Then Image
.
User avatar
Jason Caldwell
Lead Developer
Lead Developer
 
Posts: 4045
Joined: May 3, 2010
Location: Georgia / USA

Re: Possible BuddyPress conflict

Unread postby jmdodd » December 20th, 2011, 10:32 am

Thank you.
User avatar
jmdodd
Registered User
Registered User
 
Posts: 5
Joined: December 4, 2011
Location: Virginia

Re: Possible BuddyPress conflict

Unread postby Cristián Lávaque » December 20th, 2011, 2:29 pm

Thank you for finding it and helping us improve s2Member. :)
Cristián Lávaque http://s2member.netIs s2Member working for you? Please . Thanks! :)
User avatar
Cristián Lávaque
Developer
Developer
 
Posts: 6836
Joined: December 22, 2010

Re: Possible BuddyPress conflict

Unread postby kamalski » December 30th, 2011, 4:24 am

Am having a similar issue, where certain buddypress pages are accessible even if the user isn't logged on.
The activity, groups and forum pages are all accessible.

I have setup Level #1 page restrictions to all buddypress pages and URI restrictions to all buddypress URI's, however they are still accessible.

The activity, groups and forum pages are all accessible, except the members page which is protected by the URI restriction

Thanks,
Kamal
User avatar
kamalski
Registered User
Registered User
 
Posts: 3
Joined: December 28, 2011

Re: Possible BuddyPress conflict

Unread postby Cristián Lávaque » December 30th, 2011, 4:53 am

Could you post a screenshot of your URI restriction? WP Admin -> s2Member -> Restriction Options -> URI

And also a link to the URLs you're trying to restrict but are not being restricted?

Thanks!
Cristián Lávaque http://s2member.netIs s2Member working for you? Please . Thanks! :)
User avatar
Cristián Lávaque
Developer
Developer
 
Posts: 6836
Joined: December 22, 2010

Re: Possible BuddyPress conflict

Unread postby kamalski » December 30th, 2011, 5:05 am

User avatar
kamalski
Registered User
Registered User
 
Posts: 3
Joined: December 28, 2011

Re: Possible BuddyPress conflict

Unread postby Jason Caldwell » December 30th, 2011, 9:36 pm

~ Jason Caldwell / Lead Developer
& Zeitgeist Movie Advocate: http://www.zeitgeistmovie.com/
Is the s2Member plugin working for you? Please rate s2Member at WordPress.org.
You'll need a ( comes in handy ). Then Image
.
User avatar
Jason Caldwell
Lead Developer
Lead Developer
 
Posts: 4045
Joined: May 3, 2010
Location: Georgia / USA

Re: Possible BuddyPress conflict

Unread postby kamalski » December 30th, 2011, 10:00 pm

Jason that did it! You rock! Thank you soo much.
User avatar
kamalski
Registered User
Registered User
 
Posts: 3
Joined: December 28, 2011


Return to s2Member Plugin

Who is online

Users browsing this forum: Google [Bot] and 3 guests

cron