I'm trying to understand how to write PHP code to only allow logged-in visitors to access a directory/folder. I already have the .htaccess
rule to load a PHP doc when visiting the url, and it redirects to the login page like I want. But I'm trying to understand the PHP to load the url content when the user is logged in.
Here is what I have so far:
<?php
/* Protect directory files with login. */
/* Load WordPress heading */
require_once('wp-load.php');
require_once ABSPATH . WPINC . '/formatting.php';
require_once ABSPATH . WPINC . '/capabilities.php';
require_once ABSPATH . WPINC . '/user.php';
require_once ABSPATH . WPINC . '/meta.php';
require_once ABSPATH . WPINC . '/post.php';
require_once ABSPATH . WPINC . '/pluggable.php';
wp_cookie_constants();
/* If user is logged-in else redirect to login */
is_user_logged_in() || auth_redirect();
I found this answer to get the current page url using this code:
function curPageURL() {
$pageURL = 'http';
if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";}
$pageURL .= "://";
if ($_SERVER["SERVER_PORT"] != "80") {
$pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
} else {
$pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
}
return $pageURL;
}
But how do I write an expression to load the page if the user is logged in?
And for those who want to know the .htaccess
rule I'm using to load the login-check.php file is this:
RewriteCond %{REQUEST_URI} ^.*protected/.*
RewriteRule ^protected/(.*)$ login-check.php?file=$1 [QSA,L]