Password Protected Blog Showing Blank Page

Hello!
I'm using the Multisite Privacy plugin on my network, but this one site is showing users a blank page after they log in with the correct password: https://edspace.american.edu/cwp (changed to "hello" for testing). However, if you then re-try to go to the blog, it loads correctly. Perhaps there is a refresh error?

On another (testing) site, this problem doesn't seem to be happening: https://edspace.american.edu/secondsite/ (password: hello)

Would you be able to help me with this? Thanks!
-Laura

  • Panos

    Hi Laura ,

    It seems that during authentication the redirect url becomes blank when CoursePress is active.

    You can try adding the following snippet at your child theme's functions.php :

    if( isset( $_GET['privacy'] ) && '4' == $_GET['privacy'] ){
    
        remove_filter('authenticate', 'wp_authenticate_privacy', 800);
    
        add_filter('authenticate', 'wpmudev_wp_authenticate_privacy', 900, 3);
    
        function wpmudev_wp_authenticate_privacy($user, $username, $password) {
    
            global $dm_map, $current_blog;
    
            $username = sanitize_user($username);
            $password = trim($password);
    
            if ( isset( $_REQUEST['redirect_to'] ) )
                $redirect_to = $_REQUEST['redirect_to'];
            else
                $redirect_to = home_url();
    
            if ( isset( $_POST['pwd'] ) ) {
                $spo_settings = get_option( 'spo_settings' );
                if ( trim($_POST['pwd']) == trim($spo_settings['blog_pass']) ) {
                    $value = wp_hash( get_current_blog_id() . $spo_settings['blog_pass'] . 'blogaccess yes' );
                    setcookie( 'spo_blog_access', $value, time() + 1800, $current_blog->path );
    
                    if ( isset($dm_map) && is_object($dm_map) && preg_match("/{$current_blog->domain}\\{$current_blog->path}/", $redirect_to) == 0 ) {
                        $redirect_old = $redirect_to;
                        $redirect_new = add_query_arg("redirect_to", $redirect_old, $redirect_old);
                        $redirect_to = add_query_arg("spo_blog_access", $value, $redirect_new);
                    }
    
                    if( $redirect_to == '' ) $redirect_to = $_GET['redirect_to'];
    
                    wp_safe_redirect( $redirect_to );
                    exit();
                } else {
                    $errors = new WP_Error();
                    $errors->add('incorrect_password', __('<strong>ERROR</strong>: Incorrect Password', 'sitewide-privacy-options'), 'error');
                    return $errors;
                }
            }
            $user = null;
            if ( $user == null ) {
                // TODO what should the error message be? (Or would these even happen?)
                // Only needed if all authentication handlers fail to return anything.
                $user = new WP_Error('authorization_required', __('<strong>Authorization Required</strong>: This blog requires a password to view it.', 'sitewide-privacy-options'), 'message');
            }
            $ignore_codes = array('empty_username', 'empty_password');
            if (is_wp_error($user) && !in_array($user->get_error_code(), $ignore_codes) ) {
                do_action('wp_login_failed', $username);
            }
            return $user;
        }
    
    }

    which should be fixing this issue. Please let us know how this works for you :slight_smile:

    Thanks!
    Panos

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.