Gravity Wiz

Magically enhanced tutorials, snippets and plugins for Gravity Forms!

Submit a Gravity Form to Access Content

This plugin provides a simple way to protect your content, requiring the visitor to submit a form in order to gain access.

Last updated | Written by 250 Comments

  • June 21, 2017: Improved support for automatically showing required form if no required message is specified.

  • March 2, 2017: Updated submitted forms cookie to be persistent by default. Added new "is_persistent" option to disable this.

  • March 1, 2017: Added support for "gwsa_requires_submission_redirect" option to allow automatically redirecting to a specific page if the user requires access.

  • March 23, 2016: Added support for requiring a form to be submitted before any page can be accessed. Added support for storing submitted forms in user meta.

  • March 3, 2015: Added support for shortcodes in "gwsa_requires_submission_message" custom field. Fixed issue where json_decode() did not return an array.

Show All Updates
View DemoShow CodeDownload Plugin
<?php
/**
* Gravity Wiz // Gravity Forms // Submit to Access
*
* Require that a form be submitted before a post or page can be accessed.
*
* @version 1.7
* @author David Smith <david@gravitywiz.com>
* @license GPL-2.0+
* @link https://gravitywiz.com/submit-gravity-form-access-content/
*
* ### WordPress Plugin Headers ###
*
* Plugin Name: Gravity Forms Submit to Access
* Plugin URI: https://gravitywiz.com/submit-gravity-form-access-content/
* Description: Require that a form be submitted before a post or page can be accessed.
* Author: Gravity Wiz
* Version: 1.7
* Author URI: http://gravitywiz.com
*/
class GW_Submit_Access {
public function __construct( $args = array() ) {
// set our default arguments, parse against the provided arguments, and store for use throughout the class
$this->_args = wp_parse_args( $args, array(
'requires_submission_message' => __( 'Oops! You do not have access to this page.' ),
'bypass_cache' => false,
'loading_message' => '', // set later so we can use GFCommon to get URL to GF spinner,
'enable_user_meta' => false,
'is_persistent' => true,
) );
// do version check in the init to make sure if GF is going to be loaded, it is already loaded
add_action( 'init', array( $this, 'init' ) );
}
public function init() {
// make sure we're running the required minimum version of Gravity Forms
if( ! property_exists( 'GFCommon', 'version' ) || ! version_compare( GFCommon::$version, '1.8', '>=' ) ) {
return;
}
// setting later so we can use GFCommon::get_base_url() to get GF's spinner URL
if( empty( $this->_args['loading_message'] ) ) {
$this->_args['loading_message'] = '<span class="gwsa-loading">Loading content... <img src="' . GFCommon::get_base_url() . '/images/spinner.gif" /></span>';
}
add_action( 'wp', array( $this, 'check_global_requirements' ), 5 );
add_action( 'admin_init', array( $this, 'check_global_requirements' ), 5 );
add_action( 'wp', array( $this, 'check_for_access_redirect' ) );
add_action( 'gform_pre_submission', array( $this, 'add_submitted_form' ) );
add_filter( 'the_content', array( $this, 'maybe_hide_the_content' ) );
add_action( 'wp_ajax_gwas_get_content', array( $this, 'ajax_get_content' ) );
add_action( 'wp_ajax_nopriv_gwas_get_content', array( $this, 'ajax_get_content' ) );
add_shortcode( 'gwsa', array( $this, 'do_gwsa_shortcoee' ) );
}
public function check_global_requirements() {
if( current_user_can( 'administrator' ) && is_admin() ) {
return;
}
$global_posts = $this->get_global_posts();
if( empty( $global_posts ) ) {
return;
}
// if we're already on a global post, don't do anything
$object = get_queried_object();
if( is_a( $object, 'WP_Post' ) && in_array( $object->ID, wp_list_pluck( $global_posts, 'ID' ) ) ) {
return;
}
foreach( $global_posts as $global_post ) {
if( ! $this->has_access( $global_post->ID ) ) {
wp_redirect( get_permalink( $global_post ) );
exit;
}
}
}
public function get_global_posts() {
$query = array(
'post_type' => 'any',
'meta_query' => array(
'relation' => 'or',
array(
'key' => 'gwsa_require_submission',
'value' => 'global'
),
),
);
if( is_user_logged_in() ) {
$query['meta_query'][] = array(
'key' => 'gwsa_require_submission',
'value' => 'global_logged_in'
);
}
$query = apply_filters( 'gfsa_get_global_posts_query', $query );
$global_posts = get_posts( $query );
return $global_posts;
}
public function check_for_access_redirect() {
global $post;
if( is_admin() ) {
return;
}
if( ! $post || ! $this->requires_access( $post->ID ) || $this->has_access( $post->ID ) ) {
return;
}
$url = $this->get_requires_submission_redirect( $post->ID );
if( $url ) {
wp_redirect( $url );
exit;
}
}
public function maybe_hide_the_content( $content ) {
global $post;
if( ! $this->requires_access( $post->ID ) ) {
return $content;
}
if( $this->_args['bypass_cache'] ) {
$content = $this->cache_bypass_content( $content );
} else if( ! $this->has_access( $post->ID ) ) {
$content = $this->get_requires_submission_message( $post->ID );
}
return $content;
}
function cache_bypass_content( $content ) {
global $post;
ob_start();
?>
<div id="gwsa-content">
<?php echo $this->_args['loading_message']; ?>
</div>
<script type="text/javascript">
var ajaxUrl = '<?php echo admin_url( 'admin-ajax.php' ); ?>';
( function( $ ) {
$.post( ajaxUrl, {
action: 'gwas_get_content',
post: <?php echo $post->ID; ?>,
}, function( response ) {
$( '#gwsa-content' ).html( response );
} );
} )( jQuery );
</script>
<?php
return ob_get_clean();
}
function ajax_get_content() {
$post_id = rgpost( 'post' );
if( $this->has_access( $post_id ) ) {
$post = get_post( $post_id );
$GLOBALS['post'] = get_post( $post_id );
setup_postdata( $post );
remove_filter( 'the_content', array( $this, 'maybe_hide_the_content' ) );
// use the_content() so we get the content exactly as WP would have originally displayed it
ob_start();
the_content();
$content = ob_get_clean();
} else {
$content = $this->get_requires_submission_message( $post_id );
}
die( $content );
}
function get_requires_submission_message( $post_id ) {
$requires_submission_message = get_post_meta( $post_id, 'gwsa_requires_submission_message', true );
$contains_form_merge_tag = strpos( $requires_submission_message, '{form}' ) !== false;
if( ! $requires_submission_message || $contains_form_merge_tag ) {
$form_ids = $this->get_form_ids( $post_id );
if( ! empty( $form_ids ) ) {
ob_start();
$form = GFAPI::get_form( $form_ids[0] );
require_once( GFCommon::get_base_path() . '/form_display.php' );
GFFormDisplay::print_form_scripts( $form, true );
gravity_form( $form_ids[0], false, false, false, array(), $this->_args['bypass_cache'] );
$form_markup = ob_get_clean();
$requires_submission_message = $contains_form_merge_tag ? str_replace( '{form}', $form_markup, $requires_submission_message ) : $form_markup;
// Replace form's action URL.
if( defined( 'DOING_AJAX' ) && DOING_AJAX ) {
$search = remove_query_arg( 'gf_token' );
$replace = get_permalink( rgpost( 'post' ) );
// get_permalink() defaults to whatever protocol the site url is configured for; we need to be sure
// if the form is being loaded on an https page, that our action url is also https.
if( is_ssl() ) {
$replace = str_replace( 'http://', 'https://', $replace );
}
$requires_submission_message = str_replace( $search, $replace, $requires_submission_message );
}
}
}
if( ! $requires_submission_message ) {
$requires_submission_message = $this->_args['requires_submission_message'];
}
return do_shortcode( $requires_submission_message );
}
function get_requires_submission_redirect( $post_id ) {
return get_post_meta( $post_id, 'gwsa_requires_submission_redirect', true );
}
function has_access( $post_id ) {
if( ! $this->requires_access( $post_id ) ) {
return true;
}
$form_ids = $this->get_form_ids( $post_id );
$submitted_forms = $this->get_submitted_forms();
// if not form-specific and at least one form is submitted, user has access
if( empty( $form_ids ) && ! empty( $submitted_forms ) ) {
return true;
}
// has specifically required form been submitted?
$matching_form_ids = array_intersect( $form_ids, $submitted_forms );
if( ! empty( $matching_form_ids ) ) {
return true;
}
return false;
}
function requires_access( $post_id ) {
return get_post_meta( $post_id, 'gwsa_require_submission', true ) == true;
}
function get_submitted_forms() {
// always check the cookie first; will allow user meta vs cookie to be set per page in the future
$submitted_forms = (array) json_decode( stripslashes( rgar( $_COOKIE, 'gwsa_submitted_forms' ) ) );
// if user meta is enabled, merge forms stored there as well
if( $this->_args['enable_user_meta'] ) {
$user_meta_forms = (array) wp_get_current_user()->get( 'gwsa_submitted_forms' );
$submitted_forms = array_merge( $submitted_forms, $user_meta_forms );
}
return array_filter( $submitted_forms );
}
function add_submitted_form( $form ) {
$submitted_forms = $this->get_submitted_forms();
$form_id = $form['id'];
if( ! in_array( $form_id, $submitted_forms ) && ! headers_sent() ) {
$submitted_forms[] = $form_id;
if( $this->_args['enable_user_meta'] && is_user_logged_in() ) {
update_user_meta( get_current_user_id(), 'gwsa_submitted_forms', $submitted_forms );
} else {
$expiration = $this->_args['is_persistent'] ? strtotime( '+1 year' ) : null;
setcookie( 'gwsa_submitted_forms', json_encode( $submitted_forms ), $expiration, '/' );
}
}
}
function get_form_ids( $post_id ) {
return array_filter( array_map( 'trim', explode( ',', get_post_meta( $post_id, 'gwsa_form_ids', true ) ) ) );
}
}
# Configuration
new GW_Submit_Access();
view raw gw-gravity-forms-submit-to-access.php hosted with ❤ by GitHub

You have a post or page you’d like to protect but you don’t want to require the user to sign up for a user account and you just don’t need a full-blown membership system. All you want to do is collect a few details about the user for your mailing list or CRM.

This plugin provides an easy way to accomplish this. Any post-based content (that includes pages and custom post types) that support custom fields can be locked down. You set a few special custom fields and the Gravity Forms Submit to Access plugin takes care of the rest.

Getting Started

  1. Check requirements

  2. Install the plugin

    • Click the “Download Code” button above and save the file to your Desktop.
    • Drop the file into your WordPress plugins folder via FTP – or – zip the file up and upload it via WordPress plugin uploader.

  3. Configure the plugin

    • Read on for step-by-step instructions

Locking Down a Page

  1. Navigate to the Edit screen for any post, page, or any custom post type.

  2. Enable “Custom Fields” via the “Screen Options” at the top of the page. There is a good chance they are already enabled.

    gw-submit-to-access-enable-custom-fields
  3. Add a custom field named gwsa_require_submission with a value of 1.

    gw-submit-to-access-gwsa-require-submission
  4. Add a custom field named gwsa_form_ids and set the value to the ID of whichever form the user should submit to gain access to this page.

    gw-submit-to-access-gwsa-form-ids

That’s it! For a complete list of the available options, read on.

Custom Field Options

gw-submit-to-access-custom-field-options

  • gwsa_require_submission (int) (required)

    Add this custom field with a value of 1 to require a Gravity Form to be submitted to gain access.

  • gwsa_form_ids (bool) (optional)

    Add this custom field and set the value to the ID of the form which must be submitted to gain access to this page. If there are multiple forms that can be submitted to gain access, you may include them as a comma-delimited list (i.e. 1,2,3). If any form can be submitted to gain access to this page, do not add this custom field option.

  • gwsa_requires_submission_message (string) (optional)

    Override the default message that is displayed when the user does not have access to view the content of this page.

  • gwsa_requires_submission_redirect (string) (optional)

    Provide a URL to which the user will be redirected if they do not have access to view the content of this page.

Global Parameters

  • requires_submission_message (string) (optional)

    Define the default message that is displayed if the user does not have access to the content. This value will be overridden if a post-specific message is set via the gwsa_requires_submission_message custom field option. Defaults to 'Oops! You do not have access to this page.'.

  • bypass_cache (bool) (optional)

    Enabling this option will allow the script to bypass any page/cookie caching by fetching the post content via AJAX. Defaults to false.

  • loading_message (array) (optional)

    If bypass_cache is enabled, this option allows you to control the loading message which is visible while the post content is being fetched via AJAX.

  • is_persistent (bool) (optional)

    The cookie that stores which forms have been submitted for the visitor is persistent by default. Set this to false to make the cookie session-based.

  • enable_user_meta (bool) (optional)

    Set this to true to save submitted forms in the user meta rather than a cookie. Only works for logged-in users.

Any questions?

This is a bare bones plugin. It uses WordPress’ custom fields UI to handle setting the options and advanced configuration should happen in the plugin.

If this proves to be a popular resource, I’ll be happy to enhance it to be even easier to use.

Did this resource help you do something awesome with Gravity Forms? Then you'll absolutely love Gravity Perks; a suite of 31+ essential add-ons for Gravity Forms with support you can count on.

Comments

  1. Ryan Donovan says

    Hello Andy,

    The “is_persistent” is a global parameter and needs to be set in the plugin file.

    new GW_Submit_Access( array( ‘is_persistent’ => false ) )

    Let us know if you have any other questions. :)

    Reply

  2. Dragan says

    Hello David,

    Nice tutorial, I want to ask if there is a way to set these values globally for specific Custom Post Type so there is no need to manually add all these fields on every new post.

    Thanks, Dragan

    Reply

  3. Andy Christian says

    Hi again, sorry for the spamming!

    Quick update on my previous question.

    On closer inspection of the cookie via Chrome inspect, the cookie remains set to persistent, even when I try to over-ride it via the custom fields.

    The only way i was able to make it session-based was to edit the plugin php file directly, by setting the default of “is_persistent” to false. This is fine, however I’m assuming this will just be overwritten again if I ever update the plugin.

    Would there be any reason why the custom fields wouldn’t be overwriting the default option?

    Reply

  4. Andy Christian says

    Hi there,

    For my set up I am looking for the user to enter their details every-time they access a page (once per session)

    I have set “is_persistent” to “true”, however when I close browser, and open page back up again, the form doesn’t show.

    It only resets when I manually clear my cookies.

    Any ideas?

    Reply

  5. Kemberle Griffin says

    I’d like to be able to put the form on one page and once it’s filled out take you to the page but still keep access limited to only users who fill out the form?

    Reply

  7. Jo says

    Hi,

    Thank you so much for this useful article ! I was able to integrate it on my wesbite without any issue ;-).

    I noticed that after a first completion of the form, if the user clear his browser’s cache, he has to complete the form again to obtain the access to the protected page. Is it possible to make it permanent so that even if the user clear his browser’s cache, he still keep his access ?

    Thanks !

    Reply

    • David Smith says

      Hi Joe, if the user is logged-in this would be possible by enabling the “enable_user_meta” option.

    • Joe says

      Hello David,

      Thank you for your answer ;-) ! Yes, I already tried that but when the logged user clears his cache/cookies and then refresh the page (or login again), he still has to fill the form again… The custom fields I used are : gwsa_form_ids | gwsa_require_submission | gwsa_requires_submission_message| enable_user_meta. What did I miss, please ? Thanks for your help !

    • David Smith says

      Hi Joe, the “enable_user_meta” is a global parameter and needs to be set in the plugin file.

      new GW_Submit_Access( array( 'enable_user_meta' => true ) );

    • Joe says

      Thank you David (^_~) ! I didn’t know the global parameters need to be in the plugin file. However as i’m not a developer, I’m already lost. In which PHP file and where exactly I have to copy/paste your code, please ? Thanks again David !

    • David Smith says

      We don’t have a great recommendation for editing plugin files other than via FTP. You can use the Plugin Editor in WordPress but you run the risk of making a typo and breaking your site. It’s much easier to undo mistakes like that when working via FTP.

    • Joe says

      I understand. I’m so sorry for my bad english David, because I misformulated my question… Actually, please allow me to rephrase : Which *.php file from gravityforms plugin’s folder do I have to edit ? And in this php file, where do I have to insert your code, please ? Thank you ;-)

    • David Smith says

      Hi Joe, it would be the plugin file you downloaded from our site here (not Gravity Forms itself). Look for gw-gravity-forms-submit-to-access in your /wp-content/plugins/ folder. Hope that helps. 🙂

    • Joe says

      Hi David, it’s done and working like a charm 🙂! I wanted to deeply thank you for your incredible help which allow me to make it work ! That was so important for my website and I’m really happy that your plugin could achieve exactly what I needed for my community. Big thank you David 🙂 !

  8. Domenico Cannetti says

    Hi, i have 2 form in 2 page:

    the first page “pay” with a credit card payment and the second page “mod” (hidden from the cookie) with another form

    if the user pay can access to second page

    now, after the second submission (page mod) how i can remove the cookie for return to lock the page and redirect to pay?

    tnx and sorry for my english

    Reply

    • David Smith says

      Hi Domenico, you would need to modify the value stored in the gwsa_submitted_forms cookie to remove the form ID that you would like to require to be resubmitted.

  9. Keenan Flogerzi says

    Hi… I love how this is supposed to work and it seems half-way there.

    But as soon as I set the custom field “gwsa_require_submission” on a post, it breaks all jQuery on the page with a handful of console errors: Uncaught ReferenceError: jQuery is not defined

    I see a comment before where Sam said: “was also somehow dequeuing jquery.js and jquery-migrate.min.js from WordPress /wp-includes, so I had to re-queue those both in to the plugin code.”

    But I can’t seem to get those scripts queued again despite trying to add them in a few places on the init() function.

    Any ideas?

    Reply

    • David Smith says

      Hi Keenan, I’m not able to recreate any issues with jQuery or jQuery migrate. If you check out the demo you can see that this working as expected on a basic WordPress installation. There isn’t much more we can offer pro bono; however, if you’re an Advanced or Pro Gravity Perks user, we’d be happy to dig into your specific configuration via support.

    • Keenan Flogerzi says

      Hey David, no worries! I was able to get a version of it working after playing with it. Not as full featured as the demo, but working for what I needed. Thanks for getting back!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.