Multisite issue

Hi,

I am also running Autologin Links on a multisite installation, but the problem I am having is that logged in users are automatically redirected to /shop url, instead of the url that they are trying to access…

Are you having the same issue?

Dear @tobsen11

I understand that this might be unwanted and I tested the multi-site behavior yesterday myself and saw the same behavior. However, this seems is part of WordPress rather than my plugin:

If you go to the login page of any subpage of a multisite setup, you can login to a that subpage with any username/password combination that has an account on some other subpage. You cannot do anything then, but you are logged in. I therefore, conclude that this is not an actual bug in my plugin but rather the way wordpress mutlisite setups work. (Tested with wordpress 5.4.0).

The correct fix here would likely be to install another type of plugin that prevents access to other pages that a user is not the owner of.

Hope that helps, regards,
Paul K.

Thanks a lot for the hint, Paul.

I’ve added a small function to my plugin that redirects the user in case he is not member of the blog:

function validate_user() {
global $current_user;
    get_currentuserinfo();
    if (!is_user_member_of_blog($current_user->ID)) {
	   $site = get_active_blog_for_user($current_user->ID);
	   wp_redirect(get_site_url($site->blog_id, '', 'https'));
    }
}
add_action('template_redirect', 'validate_user');