bp_stop_live_spammer()
Stop a logged-in user who is marked as a spammer.
Description Description
When an admin marks a live user as a spammer, that user can still surf around and cause havoc on the site until that person is logged out.
This code checks to see if a logged-in user is marked as a spammer. If so, we redirect the user back to wp-login.php with the ‘reauth’ parameter.
This clears the logged-in spammer’s cookies and will ask the spammer to reauthenticate.
Note: A spammer cannot log back in – bp_core_boot_spammer().
Runs on ‘bp_init’ at priority 5 so the members component globals are setup before we do our spammer checks.
This is important as the $bp->loggedin_user object is setup at priority 4.
Source Source
File: bp-members/bp-members-functions.php
function bp_stop_live_spammer() {
// If we're on the login page, stop now to prevent redirect loop.
$is_login = false;
if ( isset( $GLOBALS['pagenow'] ) && ( false !== strpos( $GLOBALS['pagenow'], 'wp-login.php' ) ) ) {
$is_login = true;
} elseif ( isset( $_SERVER['SCRIPT_NAME'] ) && false !== strpos( $_SERVER['SCRIPT_NAME'], 'wp-login.php' ) ) {
$is_login = true;
}
if ( $is_login ) {
return;
}
// User isn't logged in, so stop!
if ( ! is_user_logged_in() ) {
return;
}
// If spammer, redirect to wp-login.php and reauthorize.
if ( bp_is_user_spammer( bp_loggedin_user_id() ) ) {
// Setup login args.
$args = array(
// Custom action used to throw an error message.
'action' => 'bp-spam',
// Reauthorize user to login.
'reauth' => 1
);
/**
* Filters the url used for redirection for a logged in user marked as spam.
*
* @since 1.8.0
*
* @param string $value URL to redirect user to.
*/
$login_url = apply_filters( 'bp_live_spammer_redirect', add_query_arg( $args, wp_login_url() ) );
// Redirect user to login page.
wp_redirect( $login_url );
die();
}
}
Changelog Changelog
| Version | Description |
|---|---|
| 1.8.0 | Introduced. |