Dutch van Andel

Funny thing, we talked about adding this kind of functionality internally at great length just last week… although our primary concern was office documents.

So here’s my thoughts on this functionality, in raw brain-dump form:

Technically speaking, this is definitely doable and certainly would require some htaccess magic. WordPress stores all uploaded files in /wp-content/uploads/ so you would add/modify the htaccess file there to serve up a page that can check permissions any time one of a certain type of file is requested (pdf, doc, docx, etc). Assuming the permissions check passes, you would then serve up the originally requested file. The permissions themselves would need to be set from WordPress’s media management screen, the same way permissions are set for posts right now.

Difficulty wise, this kind of feature is 5/10… but it’s not on the release roadmap yet for one reason: ultimately, we decided to use Google Apps and integrate with the Google Docs API instead – as this allows us to use all those awesome collaboration features too.

Now the API stuff won’t be in PSC as it’s WAY WAY out of scope, but we may pluginize it in the future as the existing Google Docs WP plugins are old, abandoned, pieces of broken junk.

That said, the ultimate goal of PSC is to offer intuitive, functional, reliable protection options for EVERYTHING. This includes taxonomies, media, commenting, and everything in between. But it’s still just a free-time project – albeit one we add to every time we need a new feature ourselves… so there’s no telling when we’ll actually get around to it.

There is no way a plugin can continue to function once deactivated or deleted. I’m also not seeing any AD messages at the link you gave, so I can’t do much to troubleshoot.

You can manually delete plugin files to disable them, however. Just follow these directions:
1) Use FTP to access your sites files
2) Go to /wp-content/plugins/ and delete the folder contexture-page-security/

Out of curiosity, what were the problems you were having with PSC? I’m always working to make the plugin better, so every bit of feedback helps.

We use them together on our sites, but PSC doesn’t hook into the XML Sitemaps plugin to remove restricted links… yet.

When Google crawls the pages, protected pages are reported with status code 401 (Unauthorized), so Google shouldn’t index them either way.

I was curious about a Google warning on login and did some extra digging around Google’s oAuth documentation. It turns out that 'xoauth_displayname' is specifically only required for applications, and should be left out completely for websites. When I commented the line out, Google’s “scary” warning disappeared and everything works perfectly.

I also changed the scope from Google Contacts to Gmail, which makes more sense IMO.

Gmail Scope: https://mail.google.com/mail/feed/atom/’,

Finally got a chance to poke around and the white screen fix is VERY easy.

In bc-oauth-loader.php (btw, proper naming convention for this file should be bc-oauth.php), you simply need to add the following hook:

add_action('init', 'bc_oauth_init');

The problem is that the login action is trying to use wp-load.php, but there is no hooked function there to catch the login request. The init function, bc_oauth_init(), is hooked to wp_ajax, which only used by requests sent to /wp-admin/wp-ajax.php – since I don’t know if that’s actually used or not, I simply added an extra hook that allows bc_oauth_init() to catch requests from wp-load.php.

Everything works great, now.

??

To finish off this thread, several points:

Page Security requires PHP 5.2.3 to work. There’s a version check that should notify you if you current version is too low. But let me give you some technical details (other plugin developers might find this handy):

Because I need to hook directly to static methods in custom classes, my callbacks look like this:
add_action('admin_menu', 'CTXPS_App::admin_screens_init');

This style of callback requires PHP 5.2.3 or higher. To support earlier versions of PHP, this callback would technically be written this way:
add_action('admin_menu', array('CTXPS_App','admin_screens_init'));

HOWEVER – WordPress contains a very unfortunate bug that somehow makes this style of callback invalid. In my own probing, it seems that when an array-formatted callback finally gets to call_user_func_array() in the WordPress core, an additional item has been added to the array. So instead of being given the valid array-formatted callback that I’ve defined, the array now look like this:

array('CTXPS_App','admin_screens_init',1)

This is now an invalid callback. Somehow, WordPress has appended a value to the array. This means that there is only one way to use WordPress hooks with methods… using string-formatted callbacks (which, as stated earlier, requires PHP 5.2.3 or higher).

This is very unfortunate, but it’s a bug in the WordPress core that isn’t easily fixed. I have some workaround ideas that can be included in plugins that need this, and I’ll post them to the codex if one of them works.

Churrimurris:
At the moment, it seems the only solution is to see if your hosting service can update PHP. I’ll look into those workarounds and let you know if I come up with a solution.

Hey Geoff,

We nailed the CTXPS_Tables::prepare() bug today. Updating to 1.4.2 should finally get everything working the way it’s supposed to.

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Churrimurris,

Can you tell me what version of PHP your server is running, and which hosting service?

Technically, PSC should throw an error and refuse to activate if you’re running a version of PHP prior to 5.2.x, but from the looks of it, your server is choking on the ‘class::method’ callback (and you don’t seem to have gotten the PHP version warning).

Also, if you shoot me an email ([email protected]), I’d like to send you a modified version of PSC to try out on your production server.

It sounds like a bad upload. Here’s what you do:

1. Deactivate PSC in your admin (do NOT delete via WordPress admin if need to preserve your security settings)
2. Via FTP or SSH, manually delete the /wp-content/plugins/contexture-page-security/ directory
3. Re-download 1.4.1 via WordPress’s Plugins > Add Plugin page.
4. Re-activate Page Security

This should set everything right.

Batch add is now available in 1.4.1. ??

I just committed 1.4.1 so it should be available any minute now.

Please let me know if this fixes both of your issues.

I just committed 1.4.1 to www.remarpro.com, so it should appear in the next 15 minutes or so.

Please update and let me know if that fixes everything for you.

Hey Smoman,

I located the issue and I’m working on a fix. Actually, it seems that most of the reported problems with 1.4 are from the same thing. It seems that the option is being saved, but I was requiring in a WordPress file that was preventing WordPress from getting that option back OUT of the database.

I should have a fix in the next hour or so, but there’s client work that HAS to be done today so worst case scenario, I’ll knock out the update tonight on my own time.

Thank you, 1manfactory. I required in ms-functions to get access to some additional WordPress functions, but it seems to have broken a few things for many users.

I’m working on a fix right now and should have it up in an hour or two.

Again, thank you for the help!!!

Hey Steve,

I’m sorry you’re having trouble. Can you provide me with the exact error message that pops up? It might tell me exactly what’s wrong.

Also, by “allow membership”? Do you mean the “Anyone can register” option on WordPress’ Settings > General screen?

Also – can you try this… go to the Settings > Page Security screen and, without changing anything, click the “Save Changes” (there are some new options that should have been updated automatically when the upgrade was activated, but you never know).

Which version of Page Security are you using?

Can you provide any other details? When did the problems start? With a WordPress or PSC upgrade? Is this a fresh install of PSC on an existing blog? Anything you can provide should help.

Have you tried updating the plugin options in Settings > Page Security (simply clicking “save” without changing anything should be enough)?

If you can give me any other details I should be able to help you troubleshoot.