WordPress 2.7 and Angsuman’s Authenticated WordPress Plugin
December 16, 2008 8:10 PM   Subscribe

On one of my WordPress hosted blogs, I previously used Angsuman’s Authenticated WordPress Plugin to restrict access to registered users. After upgrading to WordPress 2.7, the plugin doesn't work anymore. It won't let anybody log in, trapping people in a constant loop of entering (correct) passwords and being returned to the login screen.

Does anybody know:

(a) how to alter the plugin so it works with 2.7. I don't want to shell out US$30 for 'Authenticator Plugin Pro' when only about ten people access the site in question.

(b) of another plugin that does the same thing - blocks off a WordPress site to everyone other than registered users with passwords.

Many thanks.
posted by sindark to Computers & Internet (12 answers total) 2 users marked this as a favorite
Not sure about a WP solution, but you could just use a .htpassword file to password protect the directory above and outside Wordpress. That's probably more secure anyway. You'd have to recreate the logins, but as you said, it's under 10 anyway.
posted by drjimmy11 at 8:24 PM on December 16, 2008

Response by poster: I used that before, but it was too much of a pain.

People forget their passwords all the time. WP can send a reset password to the email address associated with a username. With .htaccess, I need to go it manually.

Upgrading to 2.6 also broke this plugin, but someone came up with a few lines of code that fixed it.
posted by sindark at 8:30 PM on December 16, 2008

Response by poster: I am also looking for an answer on the WordPress forums:

posted by sindark at 8:30 PM on December 16, 2008

Response by poster: The plugin can be downloaded here:

posted by sindark at 8:38 PM on December 16, 2008

This plug in might be useful. It does say that it's only compatible to 2.6.2, but it's worth a shot. I'm not sure what all changed to make 2.7.
posted by theichibun at 8:48 PM on December 16, 2008

Good lord; it's 6 lines of code. He wants $30 for a "pro" version of that?

Give me 15 minutes to set up a WP2.7 installation and fix it for you.
posted by hades at 8:55 PM on December 16, 2008

Response by poster: hades,

Many thanks.
posted by sindark at 9:01 PM on December 16, 2008

Best answer: Edit the file ac_authenticator.php (in wp-content/plugins) and change these lines:

if ( (!empty($_COOKIE[USER_COOKIE]) &&
    !wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) ||
        (empty($_COOKIE[USER_COOKIE])) ) {
to this:

    if (!is_user_logged_in()) {
posted by hades at 9:20 PM on December 16, 2008 [1 favorite]

I use this plugin with 2.7:


Same as above, just the official repository link.
posted by saxmatt at 9:46 PM on December 16, 2008

Members Only is a better solution than patching Angsuman's Authenticated, since it allows you to have RSS feeds and such. I'd use that, if I had that kind of site. On the other hand, Angusman's has nothing to configure, so if you don't care about any new functionality, there's not much reason to switch.
posted by hades at 9:59 PM on December 16, 2008

Oh, and I see that a commenter on the plugin's site has already provided the same fix as me: link, followup.
posted by hades at 10:04 PM on December 16, 2008

Response by poster: Hades,

That seems to work perfectly. Thanks a lot.

As for Members Only, I actually explicitly do not want RSS feeds, so I think I will stick with the patched version of Angsuman's plugin for now.

I appreciate all the help!
posted by sindark at 6:02 AM on December 17, 2008

« Older Xmas spirit all though the year   |   Help with a french translation Newer »
This thread is closed to new comments.