Contents

Code Reference Functions bp_stop_live_spammer()

bp_stop_live_spammer()

Stop a logged-in user who is marked as a spammer.

Description

When an admin marks a live user as a spammer, that user can still surf around and cause havoc on the site until that person is logged out.

This code checks to see if a logged-in user is marked as a spammer. If so, we redirect the user back to wp-login.php with the ‘reauth’ parameter.

This clears the logged-in spammer’s cookies and will ask the spammer to reauthenticate.

Note: A spammer cannot log back in – bp_core_boot_spammer().

Runs on ‘bp_init’ at priority 5 so the members component globals are setup before we do our spammer checks.

This is important as the $bp->loggedin_user object is setup at priority 4.

Source

File: bp-members/bp-members-functions.php

2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
function bp_stop_live_spammer() {
    // If we're on the login page, stop now to prevent redirect loop.
    $is_login = false;
    if ( isset( $GLOBALS['pagenow'] ) && ( false !== strpos( $GLOBALS['pagenow'], 'wp-login.php' ) ) ) {
        $is_login = true;
    } elseif ( isset( $_SERVER['SCRIPT_NAME'] ) && false !== strpos( $_SERVER['SCRIPT_NAME'], 'wp-login.php' ) ) {
        $is_login = true;
    }
 
    if ( $is_login ) {
        return;
    }
 
    // User isn't logged in, so stop!
    if ( ! is_user_logged_in() ) {
        return;
    }
 
    // If spammer, redirect to wp-login.php and reauthorize.
    if ( bp_is_user_spammer( bp_loggedin_user_id() ) ) {
        // Setup login args.
        $args = array(
            // Custom action used to throw an error message.
            'action' => 'bp-spam',
 
            // Reauthorize user to login.
            'reauth' => 1
        );
 
        /**
         * Filters the url used for redirection for a logged in user marked as spam.
         *
         * @since BuddyPress 1.8.0
         *
         * @param string $value URL to redirect user to.
         */
        $login_url = apply_filters( 'bp_live_spammer_redirect', add_query_arg( $args, wp_login_url() ) );
 
        // Redirect user to login page.
        wp_redirect( $login_url );
        die();
    }
}

Expand full source code Collapse full source code

Changelog

Changelog
Version Description
BuddyPress 1.8.0 Introduced.

Uses

Uses
Uses Description
bp-members/bp-members-functions.php: bp_live_spammer_redirect

Filters the url used for redirection for a logged in user marked as spam.
bp-members/bp-members-functions.php: bp_is_user_spammer()

Check whether a user has been marked as a spammer.
bp-core/bp-core-template.php: bp_loggedin_user_id()

Get the ID of the currently logged-in user.

Questions?

We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.