bp_stop_live_spammer()

Stop a logged-in user who is marked as a spammer.

Description

When an admin marks a live user as a spammer, that user can still surf around and cause havoc on the site until that person is logged out.

This code checks to see if a logged-in user is marked as a spammer. If so, we redirect the user back to wp-login.php with the ‘reauth’ parameter.

This clears the logged-in spammer’s cookies and will ask the spammer to reauthenticate.

Note: A spammer cannot log back in – bp_core_boot_spammer().

Runs on ‘bp_init’ at priority 5 so the members component globals are setup before we do our spammer checks.

This is important as the $bp->loggedin_user object is setup at priority 4.

Source

File: bp-members/bp-members-functions.php

function bp_stop_live_spammer() {
	// If we're on the login page, stop now to prevent redirect loop.
	$is_login = false;
	if ( isset( $GLOBALS['pagenow'] ) && ( false !== strpos( $GLOBALS['pagenow'], 'wp-login.php' ) ) ) {
		$is_login = true;
	} elseif ( isset( $_SERVER['SCRIPT_NAME'] ) && false !== strpos( $_SERVER['SCRIPT_NAME'], 'wp-login.php' ) ) {
		$is_login = true;
	}

	if ( $is_login ) {
		return;
	}

	// User isn't logged in, so stop!
	if ( ! is_user_logged_in() ) {
		return;
	}

	// If spammer, redirect to wp-login.php and reauthorize.
	if ( bp_is_user_spammer( bp_loggedin_user_id() ) ) {
		// Setup login args.
		$args = array(
			// Custom action used to throw an error message.
			'action' => 'bp-spam',

			// Reauthorize user to login.
			'reauth' => 1
		);

		/**
		 * Filters the url used for redirection for a logged in user marked as spam.
		 *
		 * @since BuddyPress 1.8.0
		 *
		 * @param string $value URL to redirect user to.
		 */
		$login_url = apply_filters( 'bp_live_spammer_redirect', add_query_arg( $args, wp_login_url() ) );

		// Redirect user to login page.
		wp_redirect( $login_url );
		die();
	}
}

Changelog

Changelog
Version Description
BuddyPress 1.8.0 Introduced.

Questions?

We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.