/**
* Filters exceptions check.
*
* @param type $args
* @return type
*/
function wpcf_access_exceptions_upload_files($args)
{
global $wpcf_access;
$capability_requested = $args[0];
$parse_args = $args[1];
$found = $args[3];
$args = $args[2];
// This is case when user uploads file from post edit screen
// or on Media Library screen
if (!empty($found) && is_admin() && (strpos($_SERVER['SCRIPT_NAME'], '/wp-admin/media-upload.php') !== false || strpos($_SERVER['SCRIPT_NAME'], '/wp-admin/upload.php') !== false || strpos($_SERVER['SCRIPT_NAME'], '/wp-admin/async-upload.php') !== false || strpos($_SERVER['SCRIPT_NAME'], '/wp-admin/media-new.php') !== false)) {
$temp = array();
$post_id = wpcf_access_determine_post_id();
// If attachment_id is present
if (isset($_POST['attachment_id'])) {
$post_id = intval($_POST['attachment_id']);
}
// Get post
$post = get_post($post_id);
// If post exists and is attachment - process it
if (!empty($post) && $post->post_type == 'attachment') {
$temp['capability_requested'] = $capability_requested;
//
//
//
// This is Media Library screen
//
//
//
if (strpos($_SERVER['SCRIPT_NAME'], '/wp-admin/upload.php') !== false || strpos($_SERVER['SCRIPT_NAME'], '/wp-admin/media-new.php') !== false) {
// If Media post_type exists use built-in WP check
if (wpcf_access_is_media_registered()) {
if (isset($post->post_parent)) {
$temp['is_attachment'] = 1;
}
$capability_requested = wpcf_access_map_cap($capability_requested, $post_id);
$temp['capability_converted'] = $capability_requested;
} else {
// If version 3.4 check if user can edit parent post type
// TODO check if post is attached to multiple posts
// (looks like only first parent is saved)
// Attachment follows parent post type
if (isset($post->post_parent)) {
$temp['is_attachment'] = 1;
$capability_requested = wpcf_access_map_cap($capability_requested, $post->post_parent);
$temp['capability_converted'] = $capability_requested;
} else {
// This happens in case item is newly added to media library
$temp['parent'] = 'no_parent';
$capability_requested = wpcf_access_map_cap($capability_requested, $post_id);
$temp['capability_converted'] = $capability_requested;
}
}
} else {
//
//
//
//
//
// This is upload screen
//
//
//
// No matter if Media post_type is registered,
// on upload screens we always convert capability to match
// parent post type
// TODO check if post is attached to multiple posts
// (looks like only first parent is saved)
// Attachment follows parent post type
if (isset($post->post_parent)) {
$temp['is_attachment'] = 1;
$capability_requested = wpcf_access_map_cap($capability_requested, $post->post_parent);
$temp['capability_converted'] = $capability_requested;
} else {
$temp['parent'] = 'no_parent';
$capability_requested = wpcf_access_map_cap($capability_requested, $post_id);
$temp['capability_converted'] = $capability_requested;
}
}
$wpcf_access->upload_files['exceptions.php']['media_screen'][] = $temp;
}
} else {
// Simply check if post is attachment and map it to parent cap
$temp = array();
$temp['capability_requested'] = $capability_requested;
$post_id = wpcf_access_determine_post_id();
$post = get_post($post_id);
if (!empty($post) && $post->post_type == 'attachment') {
if (isset($post->post_parent)) {
$temp['is_attachment'] = 1;
$capability_requested = wpcf_access_map_cap($capability_requested, $post->post_parent);
$temp['capability_converted'] = $capability_requested;
} else {
$temp['parent'] = 'no_parent';
$capability_requested = wpcf_access_map_cap($capability_requested, $post_id);
$temp['capability_converted'] = $capability_requested;
}
$wpcf_access->upload_files['exceptions.php']['attachments'][] = $temp;
}
}
return array($capability_requested, $parse_args, $args);
}
/**
* Determines post type.
*
* @global type $post
* @global type $pagenow
* @return string
*/
function wpcf_access_determine_post_type()
{
global $post;
$post_type = false;
$post_id = wpcf_access_determine_post_id();
if (!empty($post) || !empty($post_id)) {
if (get_post($post_id)) {
return get_post_type($post_id);
}
$post_type = get_post_type($post);
} else {
if (isset($_GET['post_type'])) {
$post_type = $_GET['post_type'];
} else {
if (isset($_POST['post_type'])) {
$post_type = $_POST['post_type'];
} else {
if (isset($_GET['post'])) {
$post_type = get_post_type($_GET['post']);
} else {
if (isset($_GET['post_id'])) {
$post_type = get_post_type($_GET['post_id']);
} else {
if (isset($_POST['post_id'])) {
$post_type = get_post_type($_POST['post_id']);
} else {
if (isset($_POST['post'])) {
$post_type = get_post_type($_POST['post']);
} else {
if (isset($_SERVER['HTTP_REFERER'])) {
$split = explode('?', $_SERVER['HTTP_REFERER']);
if (isset($split[1])) {
parse_str($split[1], $vars);
if (isset($vars['post_type'])) {
$post_type = $vars['post_type'];
} else {
if (isset($vars['post'])) {
$post_type = get_post_type($vars['post']);
} else {
if (strpos($split[1], 'post-new.php') !== false) {
$post_type = 'post';
}
}
}
} else {
if (strpos($_SERVER['HTTP_REFERER'], 'post-new.php') !== false || strpos($_SERVER['HTTP_REFERER'], 'edit-tags.php') !== false || strpos($_SERVER['HTTP_REFERER'], 'edit.php') !== false) {
$post_type = 'post';
}
}
}
}
}
}
}
}
}
}
return $post_type;
}
