Password Protected Blog Showing Blank Page

Hello!
I'm using the Multisite Privacy plugin on my network, but this one site is showing users a blank page after they log in with the correct password: https://edspace.american.edu/cwp (changed to "hello" for testing). However, if you then re-try to go to the blog, it loads correctly. Perhaps there is a refresh error?

On another (testing) site, this problem doesn't seem to be happening: https://edspace.american.edu/secondsite/ (password: hello)

Would you be able to help me with this? Thanks!
-Laura

  • Laura
    • Flash Drive

    I found the Plugin culprit! Looks like CoursePress Pro is incompatible with Multisite Privacy... After turning CoursePress Pro off, the "Anyone that visits must first provide this password" option of Site Visibility works again.

    Any ideas if an update to either (or both) of these plugins that will address this issue will happen in the near future?

    Thanks!

  • Panos
    • SLS

    Hi Laura ,

    It seems that during authentication the redirect url becomes blank when CoursePress is active.

    You can try adding the following snippet at your child theme's functions.php :

    if( isset( $_GET['privacy'] ) && '4' == $_GET['privacy'] ){
    
        remove_filter('authenticate', 'wp_authenticate_privacy', 800);
    
        add_filter('authenticate', 'wpmudev_wp_authenticate_privacy', 900, 3);
    
        function wpmudev_wp_authenticate_privacy($user, $username, $password) {
    
            global $dm_map, $current_blog;
    
            $username = sanitize_user($username);
            $password = trim($password);
    
            if ( isset( $_REQUEST['redirect_to'] ) )
                $redirect_to = $_REQUEST['redirect_to'];
            else
                $redirect_to = home_url();
    
            if ( isset( $_POST['pwd'] ) ) {
                $spo_settings = get_option( 'spo_settings' );
                if ( trim($_POST['pwd']) == trim($spo_settings['blog_pass']) ) {
                    $value = wp_hash( get_current_blog_id() . $spo_settings['blog_pass'] . 'blogaccess yes' );
                    setcookie( 'spo_blog_access', $value, time() + 1800, $current_blog->path );
    
                    if ( isset($dm_map) && is_object($dm_map) && preg_match("/{$current_blog->domain}\\{$current_blog->path}/", $redirect_to) == 0 ) {
                        $redirect_old = $redirect_to;
                        $redirect_new = add_query_arg("redirect_to", $redirect_old, $redirect_old);
                        $redirect_to = add_query_arg("spo_blog_access", $value, $redirect_new);
                    }
    
                    if( $redirect_to == '' ) $redirect_to = $_GET['redirect_to'];
    
                    wp_safe_redirect( $redirect_to );
                    exit();
                } else {
                    $errors = new WP_Error();
                    $errors->add('incorrect_password', __('<strong>ERROR</strong>: Incorrect Password', 'sitewide-privacy-options'), 'error');
                    return $errors;
                }
            }
            $user = null;
            if ( $user == null ) {
                // TODO what should the error message be? (Or would these even happen?)
                // Only needed if all authentication handlers fail to return anything.
                $user = new WP_Error('authorization_required', __('<strong>Authorization Required</strong>: This blog requires a password to view it.', 'sitewide-privacy-options'), 'message');
            }
            $ignore_codes = array('empty_username', 'empty_password');
            if (is_wp_error($user) && !in_array($user->get_error_code(), $ignore_codes) ) {
                do_action('wp_login_failed', $username);
            }
            return $user;
        }
    
    }

    which should be fixing this issue. Please let us know how this works for you :slight_smile:

    Thanks!
    Panos

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.