=== EffortLess Login Protected Content ===
Contributors: domclic
Tags: login, protection, private, content, members
Requires at least: 5.8
Tested up to: 7.0
Requires PHP: 7.4
Stable tag: 2.0.10
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html
Donate link: https://id7.dev/donate/

Restrict selected pages and categories to logged-in users only. Automatically hides menu items and redirects unauthenticated users.

== Description ==

EffortLess Login Protected Content is a simple yet powerful WordPress plugin that allows you to restrict access to specific pages and categories for logged-in users only.

= Features =

* **Selective Protection**: Choose which pages and categories to protect
* **Automatic Menu Hiding**: Protected content is automatically hidden from menus for non-logged-in users
* **Smart Redirects**: Unauthenticated users are redirected to the login page with return URL
* **Login/Logout Menu Item**: Automatically adds login/logout link to your primary menu
* **Category Protection**: Protect entire categories and all posts within them
* **Easy Configuration**: Simple checkbox interface in WordPress admin
* **Lightweight**: No bloat, minimal performance impact
* **Translation Ready**: Fully internationalized and ready for translation

= How It Works =

1. Install and activate the plugin
2. Go to Settings > Login Protected Content
3. Select the pages and/or categories you want to protect
4. Save your settings
5. Non-logged-in users will be redirected to the login page when trying to access protected content

= Use Cases =

* Member-only content areas
* Private documentation
* Exclusive resources for registered users
* Protected blog categories
* Client portals
* Course materials

== Installation ==

= Automatic Installation =

1. Log in to your WordPress admin panel
2. Navigate to Plugins > Add New
3. Search for "EffortLess Login Protected Content"
4. Click "Install Now" and then "Activate"

= Manual Installation =

1. Download the plugin zip file
2. Log in to your WordPress admin panel
3. Navigate to Plugins > Add New > Upload Plugin
4. Choose the downloaded zip file and click "Install Now"
5. Activate the plugin

= Configuration =

1. Navigate to Settings > Login Protected Content
2. Select the pages you want to protect
3. Select the categories you want to protect
4. Click "Save Settings"

== Frequently Asked Questions ==

= Who can access protected content? =

Only logged-in users can access pages and categories you've marked as protected. All other visitors will be redirected to the login page.

= What happens when someone tries to access protected content? =

They are automatically redirected to the WordPress login page. After logging in, they'll be redirected back to the content they were trying to access.

= Does this hide protected pages from menus? =

Yes! Protected pages and categories are automatically hidden from navigation menus for non-logged-in users.

= Can I protect individual posts? =

Currently, you can protect posts by protecting their category. All posts in a protected category are automatically protected.

= Does this work with custom post types? =

The current version supports standard WordPress pages and posts/categories. Support for custom post types may be added in future versions.

= Will this affect my site's SEO? =

Protected content will not be accessible to search engines unless they're logged in (which they typically aren't), so protected pages won't be indexed.

= Is this plugin compatible with caching plugins? =

The plugin should work with most caching plugins, but you may need to exclude the login page from caching for best results.

= Can I customize the redirect URL? =

Currently, the plugin redirects to the WordPress login page. Custom redirect URLs may be added in a future version.

== Screenshots ==

1. Admin settings page showing page protection options
2. Admin settings page showing category protection options
3. Protected content automatically hidden from menu
4. Login/logout link automatically added to menu

== Changelog ==

= 2.0.10 =
* Fixed: the plugin name shown in the admin Settings menu/page title was translatable and could be localized away from the brand name (e.g. French "Contenu protégé par connexion facile") — it is now a hardcoded literal that never translates

= 2.0.9 =
* Fixed: protected pages and posts were fully readable by logged-out users via the REST API (e.g. /wp-json/wp/v2/pages/{id}), bypassing the login redirect entirely
* Fixed: a protected page assigned as the site's "Posts page" (Settings > Reading) was never actually protected, since is_page() is false in that context
* Fixed: protected pages could still appear in search results with title/excerpt visible to logged-out users

= 2.0.8 =
* Added: donate notice on the settings screen

= 2.0.7 =
* Renamed all prefixes from effolopr_/EFFOLOPR_ to ellpc_/ELLPC_ to follow the EffortLess naming convention (el + lpc for Login Protected Content)

= 2.0.6 =
* Renamed all prefixes to effolopr_/EFFOLOPR_ to comply with WordPress.org unique prefix requirement (was lpc_/ELLPC_)
* Updated admin page slug, settings group, section, and field IDs to use effolopr_ prefix

= 2.0.5 =
* Added translations for Chinese (Taiwan), French, Spanish, German, and Italian

= 2.0.4 =
* Fixed: init() was called outside class_exists guard, risking fatal or double hook registration on class name collision
* Fixed: get_pages()/get_categories() returning false (via filter) caused fatal in PHP 8+ — now guarded with is_array()
* Fixed: main RSS feed leaked posts from protected categories to unauthenticated users
* Fixed: is_admin() returned true during front-end AJAX searches, bypassing category exclusion — replaced with is_admin() && !wp_doing_ajax()

= 2.0.3 =
* Fixed: posts in protected categories were visible in home, search, tag, and archive pages (added pre_get_posts exclusion)
* Fixed: potential fatal when get_queried_object() returns non-WP_Term on category archives (added instanceof guard)
* Fixed: post-type menu items in protected categories were not hidden from unauthenticated users
* Fixed: $args->theme_location accessed without isset() guard in add_login_logout_link()
* Fixed: missing class_exists() guard to prevent fatal on class name collision
* Refactored: merged duplicate render_pages_field/render_categories_field into shared render_checkbox_field() helper

= 2.0.2 =
* Added phpcs.xml to declare ELLPC_ prefix and fix PrefixAllGlobals PHPCS warning

= 2.0.1 =
* Fixed PHPCS warning: renamed main class to ELPC_Login_Protected_Content to comply with WordPress prefix naming convention

= 2.0.0 =
* Complete code refactoring for WordPress Coding Standards compliance
* Improved security with better escaping and sanitization
* Added translation support with text domain
* Better object-oriented structure with static class
* Enhanced admin interface with fieldsets
* Added success messages on settings save
* Improved code documentation
* Changed from wp_redirect to wp_safe_redirect for better security
* Added strict type comparisons
* Better default values handling

= 1.0 =
* Initial release
* Basic page and category protection
* Menu item hiding
* Login/logout menu link

== Upgrade Notice ==

= 2.0.0 =
Major update with improved code quality, security enhancements, and WordPress Coding Standards compliance. Recommended for all users.

== Support ==

For support, feature requests, or bug reports, please visit the [plugin support forum](https://wordpress.org/support/plugin/effortless-login-protected-content/).

== Privacy Policy ==

This plugin does not collect, store, or transmit any user data. It only uses WordPress core functionality to check user login status and restrict content access.

== Credits ==

Developed by domclic