=== Locker Content === Contributors: appglut Tags: content locker, password protection, user engagement, content gates, post lock Requires at least: 4.7 Tested up to: 6.8 Stable tag: 1.0.1 Requires PHP: 7.0 License: GPLv2 or later License URI: https://www.gnu.org/licenses/gpl-2.0.html Lock your content behind various engagement gates including password protection, agreement forms, and user-generated content. == Description == **Locker Content** is a powerful WordPress plugin that allows you to lock your valuable content behind various engagement gates. Increase user interaction, gather user-generated content, and protect premium content with multiple locking mechanisms. **Key Features:** ✅ **Password Protection** - Secure your content with password locks ✅ **Agreement Lock** - Require users to accept terms and conditions ✅ **Post Creation Lock** - Users must create content to unlock yours ✅ **GDPR Compliant** - Built with privacy and data protection in mind ✅ **Rate Limiting** - Prevent abuse with built-in rate limiting ✅ **Spam Protection** - Advanced spam detection for user submissions ✅ **Responsive Design** - Works perfectly on all devices ✅ **Admin Dashboard** - Manage all submissions from one place **Perfect For:** * **Content Creators** - Protect premium content and courses * **Marketers** - Generate leads through content gates * **Community Sites** - Encourage user participation and content creation * **Educational Sites** - Require agreement to terms before accessing materials * **Membership Sites** - Control access to exclusive content **Available Lock Types:** 1. **Password Lock** - Traditional password protection with enhanced security features 2. **Agreement Lock** - Require users to read and agree to terms, privacy policies, or disclaimers 3. **Post Creation Lock** - Users must submit original content to unlock your premium material **Security Features:** * Password hashing for secure storage * Rate limiting to prevent brute force attacks * CSRF protection with WordPress nonces * Input sanitization and validation * IP anonymization for GDPR compliance * Spam detection and filtering **Admin Features:** * Easy-to-use meta boxes for each post/page * Bulk approval/rejection of user submissions * Detailed submission tracking * Customizable messages and interface text * Template override support for developers == Installation == 1. Upload the plugin files to `/wp-content/plugins/lockerco/` directory, or install through the WordPress plugins screen 2. Activate the plugin through the 'Plugins' screen in WordPress 3. Edit any post or page to see the Locker Content meta box 4. Configure your desired lock type and settings 5. Save your post and view it on the frontend to see the lock in action == Frequently Asked Questions == = How do I set up a password lock? = 1. Edit your post or page 2. Find the "Locker Content" meta box 3. Check "Enable Password Protection" 4. Set your password and customize the message 5. Save your post = Can I use multiple lock types on the same post? = The plugin prioritizes lock types in this order: Password (priority 10), Agreement (priority 15), Post Creation (priority 40). Only the highest priority enabled lock will be active. = Are passwords stored securely? = Yes! The plugin uses WordPress's built-in password hashing functions to securely store passwords. Plain text passwords are never stored in the database. = How does the spam protection work? = The plugin includes multiple spam detection methods: * Pattern matching for common spam phrases * Link count limits * Excessive repetition detection * Capitalization analysis * Rate limiting per IP and user = Is the plugin GDPR compliant? = Yes! The plugin includes GDPR compliance features: * IP address anonymization * Minimal data collection * User consent tracking * Data retention controls = Can I customize the appearance? = Yes! The plugin includes CSS classes for styling and supports template overrides. You can create custom templates in your theme's directory. = How do I view user submissions? = Go to Posts > User Submissions in your WordPress admin to view, approve, or reject user-generated content. = What happens to user submissions? = User submissions are created as draft posts by default and require manual approval. You can bulk approve, reject, or mark them as pending from the admin interface. == Screenshots == 1. Password lock interface on the frontend 2. Agreement lock with terms and conditions 3. Post creation lock with submission form 4. Admin meta box configuration 5. User submissions management page 6. Lock settings and customization options == Changelog == = 1.0.1 = * SECURITY: Fixed critical information exposure vulnerability (CVE-2025-12525) in post creation locker * Prevents unauthenticated attackers from accessing protected content without admin approval * Added admin unlock functionality for content management * Enhanced security checks and validation * Fixed Plugin Check warnings and coding standards issues * Removed debug code and improved variable naming conventions = 1.0.0 = * Initial release * Password protection with secure hashing * Agreement lock with customizable terms * Post creation lock with spam protection * Rate limiting and security features * GDPR compliance features * Admin submissions management * Responsive design and mobile support == Upgrade Notice == = 1.0.1 = SECURITY UPDATE: Urgent security fix for CVE-2025-12525. Update immediately to prevent unauthorized content access. = 1.0.0 = Initial release of Locker Content plugin with password protection, agreement locks, and post creation gates. == Developer Information == **Template Override Support** You can override plugin templates by creating files in your theme: ``` your-theme/ ├── lockerco/ │ ├── frontend/ │ │ ├── password-lock.php │ │ ├── agreement-lock.php │ │ └── postlock-lock.php │ └── admin/ │ ├── password-fields.php │ ├── agreement-fields.php │ └── postlock-fields.php ``` **Action Hooks** * `lockerco_post_submitted` - Fires when a user submits a post through the post lock **Filter Hooks** * `lockerco_password_strength` - Modify password strength requirements * `lockerco_spam_patterns` - Add custom spam detection patterns **CSS Classes** * `.lockerco-container` - Main container for all lock types * `.password-locker` - Password lock specific styling * `.agreement-locker` - Agreement lock specific styling * `.postlock-locker` - Post creation lock specific styling **Security Features** * CSRF protection with WordPress nonces * Input sanitization using WordPress functions * Rate limiting to prevent abuse * Password hashing for secure storage * IP anonymization for privacy compliance == Support == For support, feature requests, or bug reports, please visit our support forum or contact us through the plugin's official page. **Minimum Requirements:** * WordPress 4.7 or higher * PHP 7.0 or higher * MySQL 5.6 or higher **Recommended:** * WordPress 6.0 or higher * PHP 8.0 or higher * MySQL 8.0 or higher