diff --git a/wp-content/plugins/matthew-lms-mvp/matthew-lms-mvp.php b/wp-content/plugins/matthew-lms-mvp/matthew-lms-mvp.php index b80e0ce..896d1e2 100644 --- a/wp-content/plugins/matthew-lms-mvp/matthew-lms-mvp.php +++ b/wp-content/plugins/matthew-lms-mvp/matthew-lms-mvp.php @@ -61,6 +61,7 @@ add_action('wp_head', function () { add_action('template_redirect', 'matthew_lms_mvp_maybe_handle_login_submission'); add_action('template_redirect', 'matthew_lms_mvp_maybe_handle_google_oauth_callback'); add_action('template_redirect', 'matthew_lms_mvp_maybe_handle_profile_source_submission'); +add_action('template_redirect', 'matthew_lms_mvp_require_auth_for_member_routes', 4); add_action('template_redirect', 'matthew_lms_mvp_maybe_render_course_route', 5); add_action('wp_ajax_mlms_ai_tutor', 'matthew_lms_mvp_handle_ai_tutor_ajax'); add_action('wp_ajax_nopriv_mlms_ai_tutor', 'matthew_lms_mvp_handle_ai_tutor_ajax'); @@ -96,12 +97,48 @@ function matthew_lms_mvp_public_url(string $path = ''): string { return home_url('/' . ltrim($path, '/')); } +function matthew_lms_mvp_member_access_url(string $path = 'platform/', string $auth_path = 'sign-up/'): string { + $destination = matthew_lms_mvp_public_url($path); + if (is_user_logged_in()) { + return $destination; + } + return add_query_arg('redirect_to', rawurlencode($destination), matthew_lms_mvp_public_url($auth_path)); +} + +function matthew_lms_mvp_current_public_url(): string { + $request_uri = (string) wp_unslash($_SERVER['REQUEST_URI'] ?? '/'); + $request_uri = '/' . ltrim($request_uri, '/'); + return rtrim(matthew_lms_mvp_public_url(), '/') . $request_uri; +} + +function matthew_lms_mvp_is_member_route_path(string $path): bool { + $path = trim($path, '/'); + return in_array($path, ['platform', 'platform/course', 'platform/lesson', 'platform/quiz'], true); +} + +function matthew_lms_mvp_require_auth_for_member_routes(): void { + if (is_user_logged_in()) { + return; + } + $path = trim((string) wp_parse_url(wp_unslash($_SERVER['REQUEST_URI'] ?? ''), PHP_URL_PATH), '/'); + if (!matthew_lms_mvp_is_member_route_path($path)) { + return; + } + $redirect_to = matthew_lms_mvp_current_public_url(); + $auth_url = add_query_arg([ + 'redirect_to' => rawurlencode($redirect_to), + 'mlms_gate' => 'member', + ], matthew_lms_mvp_public_url('sign-up/')); + wp_redirect($auth_url . '#mlms-signup-flow'); + exit; +} + function matthew_lms_mvp_render_header(): string { $links = [ 'Home' => matthew_lms_mvp_public_url(), 'WAX Coach' => matthew_lms_mvp_public_url('career-coach/'), - 'Profile' => matthew_lms_mvp_public_url('platform/'), - 'Course' => matthew_lms_mvp_course_url('course'), + 'Profile' => matthew_lms_mvp_member_access_url('platform/'), + 'Course' => matthew_lms_mvp_member_access_url('platform/course/'), ]; $login_url = add_query_arg('redirect_to', rawurlencode(matthew_lms_mvp_public_url('platform/')), matthew_lms_mvp_public_url('log-in/')); ob_start(); @@ -312,9 +349,7 @@ function matthew_lms_mvp_google_oauth_url(string $flow = 'signup', string $redir $config = matthew_lms_mvp_google_oauth_config(); if (!$config) { $notice_url = add_query_arg('mlms_google_notice', '1', matthew_lms_mvp_public_url($fallback_path)); - if ($flow === 'login') { - $notice_url = add_query_arg('redirect_to', rawurlencode($redirect), $notice_url); - } + $notice_url = add_query_arg('redirect_to', rawurlencode($redirect), $notice_url); return $notice_url . $anchor; } $state = wp_generate_password(32, false, false); @@ -492,7 +527,11 @@ function matthew_lms_mvp_maybe_handle_google_oauth_callback(): void { wp_redirect($result['redirect'] ?? matthew_lms_mvp_public_url('platform/')); exit; } - wp_redirect(add_query_arg('mlms_google_connected', '1', matthew_lms_mvp_public_url('sign-up/')) . '#mlms-signup-flow'); + $signup_target = add_query_arg([ + 'mlms_google_connected' => '1', + 'redirect_to' => rawurlencode((string) ($result['redirect'] ?? matthew_lms_mvp_public_url('platform/'))), + ], matthew_lms_mvp_public_url('sign-up/')); + wp_redirect($signup_target . '#mlms-signup-flow'); exit; } @@ -667,7 +706,8 @@ function matthew_lms_mvp_handle_signup_onboarding_submission(): array { update_post_meta($post_id, '_mlms_' . $key, $value); } } - return ['success' => true, 'email' => $email, 'role' => $role, 'goal' => $goal, 'link' => $link, 'profile' => $profile, 'post_id' => is_wp_error($post_id) ? 0 : (int) $post_id]; + $redirect = matthew_lms_mvp_redirect_url('platform/'); + return ['success' => true, 'email' => $email, 'role' => $role, 'goal' => $goal, 'link' => $link, 'profile' => $profile, 'post_id' => is_wp_error($post_id) ? 0 : (int) $post_id, 'redirect' => $redirect]; } function matthew_lms_mvp_generate_profile_bootstrap(string $email, string $role, string $goal, string $link): string { @@ -704,7 +744,7 @@ function matthew_lms_mvp_render_signup_success(array $result): string { Email Role -
View WAX profile →Try Free Career Coach
+
Continue to WAX →Try Free Career Coach

AI-generated starter profile

@@ -1370,6 +1410,9 @@ function matthew_lms_mvp_handle_course_progress_ajax(): void { if (!check_ajax_referer('mlms_course_progress', 'nonce', false)) { wp_send_json_error(['message' => 'Your course session expired. Refresh the page and continue again.'], 403); } + if (!is_user_logged_in()) { + wp_send_json_error(['message' => 'Create an account or log in to save course progress.'], 401); + } $raw = []; foreach (array_keys(matthew_lms_mvp_course_progress_defaults()) as $key) { if (isset($_POST[$key])) { @@ -1927,6 +1970,9 @@ function matthew_lms_mvp_handle_ai_tutor_ajax(): void { if (!check_ajax_referer('mlms_ai_tutor', 'nonce', false)) { wp_send_json_error(['message' => 'Tutor session expired. Refresh the lesson and try again.'], 403); } + if (!is_user_logged_in()) { + wp_send_json_error(['message' => 'Create an account or log in to use the course tutor.'], 401); + } $mode = sanitize_key(wp_unslash($_POST['mode'] ?? 'tutor')); if (!in_array($mode, ['tutor', 'glossary', 'roadblock', 'build_validation'], true)) { $mode = 'tutor'; @@ -2375,7 +2421,7 @@ add_shortcode('matthew_login', function () { -

Need a WAX account? Start onboarding.

+

Need a WAX account? Start onboarding.

@@ -2386,6 +2432,7 @@ add_shortcode('matthew_login', function () { add_shortcode('matthew_signup_onboarding', function () { $result = null; + $redirect_url = matthew_lms_mvp_redirect_url('platform/'); $google_message = matthew_lms_mvp_take_google_oauth_message(); if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['mlms_signup_nonce']) && wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['mlms_signup_nonce'])), 'mlms_signup_submit')) { $result = matthew_lms_mvp_handle_signup_onboarding_submission(); @@ -2397,7 +2444,7 @@ add_shortcode('matthew_signup_onboarding', function () { $is_logged_in = is_user_logged_in(); $prefill_email = $is_logged_in ? $current_user->user_email : sanitize_email(wp_unslash($_POST['mlms_signup_email'] ?? '')); $start_step = $is_logged_in ? 2 : 1; - $google_url = matthew_lms_mvp_google_oauth_url('signup'); + $google_url = matthew_lms_mvp_google_oauth_url('signup', $redirect_url); $role_options = matthew_lms_mvp_role_options(); ob_start(); ?> @@ -2414,6 +2461,9 @@ add_shortcode('matthew_signup_onboarding', function () {
+ +
Create an account or log in to continue. Your WAX profile and course are available after registration.
+
Google sign-in is ready to connect. Add Google OAuth client credentials to enable real Gmail authentication. You can still sign up with email now.
@@ -2428,6 +2478,7 @@ add_shortcode('matthew_signup_onboarding', function () {
+

Step 1 of 3