Gatekeeper functions allow you to manage how code gets executed by applying access control rules.

`gatekeeper()`

This function will forward a user to the front page if the current viewing user is not logged in.

This can be used in your plugin's pages to protect them from being viewed by non-logged in users.

`admin_gatekeeper()`

As `gatekeeper()`, but ensures that only admin users can view the page.

`action_gatekeeper()`

This function should be used in Actions in companion with the Forms system, and helps protect the action from certain forms of attack.

`call_gatekeeper()`

This function tests to see whether it has the given method/function (optionally also test that it is defined in a specified file) exists on the call stack. The function will return true if the called by the named function (or its parent was called by the named function).

Here is an example of its usage:

function my_secure_function()
    {
        if (!call_gatekeeper("my_call_function"))
            return false;
            ... do secure stuff ...
    }
 
    function my_call_function()
    {
        // will work
        my_secure_function();
    }
 
    function bad_function()
    {
        // Will not work
        my_secure_function();
    }

To specify a method instead of a function, pass an array to `$function` containing the classname and method name.

`callpath_gatekeeper()`

This function is similar to `call_gatekeeper()` but returns true if it is being called by a method or function which has been defined on a given path or by a specified file.

The function accepts two parameters:

• `$path`, which is either the full path of the desired file or a partial path.
• If a partial path is given and `$include_subdirs` is true, then the function will return true if called by any function in or below the specified path.

gatekeeper, gatekeeper functions, gatekeeping

Last updated 529 days ago by Dave