function wp_login($username, $password, $already_md5 = false)
{
global $db, $error;
if ('' == $username) {
return false;
}
if ('' == $password) {
$error = __('<strong>Error</strong>: The password field is empty.');
return false;
}
$user = new WP_User($username);
if (!$user || !$user->ID) {
$error = __('<strong>Error</strong>: Wrong username.');
return false;
}
if (!WP_Pass::check_password($password, $user->data->user_pass, $user->ID)) {
$error = __('<strong>Error</strong>: Incorrect password.');
$pwd = '';
return false;
}
if (!$user->has_cap('supporter') && !$user->has_cap('supportpressadmin')) {
return false;
}
return true;
}
function test_add_caps_to_role()
{
$usergroup_roles = array('administrator' => array('edit_usergroups'));
foreach ($usergroup_roles as $role => $caps) {
self::$EditFlowModule->add_caps_to_role($role, $caps);
}
$user = new WP_User(self::$admin_user_id);
//Verify before flush
$this->assertTrue($user->has_cap('edit_usergroups'), 'User did not have role edit_usergroups');
$this->_flush_roles();
$this->assertTrue($user->has_cap('edit_usergroups'), 'User did not have role edit_usergroups');
}
/**
* Refrain non-admins from editing / promoting / deleting administrators
*/
function limit_lower_roles($caps, $cap, $user_id, $args)
{
if ('promote_user' == $cap) {
if (!isset($args[0])) {
$caps[] = 'do_not_allow';
}
if ($args[0] == $user_id) {
$caps[] = 'do_not_allow';
}
$other = new WP_User(absint($args[0]));
if ($other->has_cap('administrator') && !current_user_can('administrator')) {
$caps[] = 'do_not_allow';
}
} else {
if ($cap == 'delete_users' || $cap == 'edit_user') {
if (!isset($_GET['user'])) {
return $caps;
}
$other_id = absint($_GET['user']);
if (!$other_id) {
return $caps;
}
if ($other_id == $user_id) {
return $caps;
}
$other = new WP_User($other_id);
if ($other->has_cap('administrator') && !current_user_can('administrator')) {
$caps[] = 'do_not_allow';
}
}
}
return $caps;
}
/**
* editable_roles
* Prevent editing of admins by non-admins.
*
* @since 1.0.0
* @version 1.0.0
**/
function map_meta_cap($caps, $cap, $user_id, $args)
{
switch ($cap) {
case 'edit_user':
case 'remove_user':
case 'promote_user':
if (isset($args[0]) && $args[0] == $user_id) {
break;
} elseif (!isset($args[0])) {
$caps[] = 'do_not_allow';
}
$other = new WP_User(absint($args[0]));
if ($other->has_cap('administrator')) {
if (!current_user_can('administrator')) {
$caps[] = 'do_not_allow';
}
}
break;
case 'delete_user':
case 'delete_users':
if (!isset($args[0])) {
break;
}
$other = new WP_User(absint($args[0]));
if ($other->has_cap('administrator')) {
if (!current_user_can('administrator')) {
$caps[] = 'do_not_allow';
}
}
break;
}
return $caps;
}
function pp_generate_sidebars()
{
register_sidebar(array('name' => 'All - Top', 'id' => 'pp-sidebar-top', 'before_widget' => '<li id="%1$s" class="widget pp-sidebar-top %2$s">', 'after_widget' => '</li>', 'before_title' => '<h3 class="widgettitle">', 'after_title' => '</h3>'));
register_sidebar(array('name' => 'Home', 'id' => 'pp-home-sidebar', 'before_widget' => '<li id="%1$s" class="widget pp-home-sidebar %2$s">', 'after_widget' => '</li>', 'before_title' => '<h3 class="widgettitle">', 'after_title' => '</h3>'));
register_sidebar(array('name' => 'Single post page', 'id' => 'pp-single-sidebar', 'before_widget' => '<li id="%1$s" class="widget pp-single-sidebar %2$s">', 'after_widget' => '</li>', 'before_title' => '<h3 class="widgettitle">', 'after_title' => '</h3>'));
register_sidebar(array('name' => 'Project (default)', 'id' => 'pp-project-sidebar-default', 'before_widget' => '<li id="%1$s" class="widget pp-project-sidebar pp-project-sidebar-all %2$s">', 'after_widget' => '</li>', 'before_title' => '<h3 class="widgettitle">', 'after_title' => '</h3>'));
$options = pp_get_options();
if ($options['project_sidebars'] && ($projects = pp_get_projects())) {
foreach ($projects as $project) {
register_sidebar(array('name' => 'Project - ' . $project->name, 'id' => 'pp-project-sidebar-' . $project->cat_ID, 'before_widget' => '<li id="%1$s" class="widget pp-project-sidebar pp-project-sidebar-' . $project->cat_ID . ' %2$s">', 'after_widget' => '</li>', 'before_title' => '<h3 class="widgettitle">', 'after_title' => '</h3>'));
}
}
register_sidebar(array('name' => 'Author (default)', 'id' => 'pp-author-sidebar-default', 'before_widget' => '<li id="%1$s" class="widget pp-author-sidebar pp-author-sidebar-all %2$s">', 'after_widget' => '</li>', 'before_title' => '<h3 class="widgettitle">', 'after_title' => '</h3>'));
// Todo: cache the author array
$authors = array();
if ($options['author_sidebars'] && ($users = get_users_of_blog())) {
foreach ($users as $user) {
$user_object = new WP_User($user->user_id);
if (!$user_object->has_cap('publish_posts')) {
continue;
}
$authors[] = $user;
}
}
foreach ($authors as $author) {
register_sidebar(array('name' => 'Author - ' . $author->display_name, 'id' => 'pp-author-sidebar-' . $author->user_id, 'before_widget' => '<li id="%1$s" class="widget pp-author-sidebar pp-author-sidebar-' . $author->user_id . ' %2$s">', 'after_widget' => '</li>', 'before_title' => '<h3 class="widgettitle">', 'after_title' => '</h3>'));
}
register_sidebar(array('name' => 'All - Bottom', 'id' => 'pp-sidebar-bottom', 'before_widget' => '<li id="%1$s" class="widget pp-sidebar-bottom %2$s">', 'after_widget' => '</li>', 'before_title' => '<h3 class="widgettitle">', 'after_title' => '</h3>'));
}
function sa_edituser($test)
{
$sauser = new WP_User(1);
if ($sauser->has_cap("is_super") == true && current_user_can("is_super") != true) {
die("You can't do that, this user is a superadmin!");
}
}
function author_cap_filter($allcaps, $cap, $args)
{
// Bail out if we're not asking about a post:
if ('edit_post' != $args[0]) {
return $allcaps;
}
// Bail out for users who can already edit others posts:
if ($allcaps['edit_others_posts']) {
return $allcaps;
}
// Bail out for users who can't publish posts:
if (!isset($allcaps['publish_posts']) or !$allcaps['publish_posts']) {
return $allcaps;
}
// Load the post data:
$post = get_post($args[2]);
// Bail out if the user is the post author:
if ($args[1] == $post->post_author) {
return $allcaps;
}
// Bail out if the post isn't pending or published:
if ('pending' != $post->post_status and 'publish' != $post->post_status) {
return $allcaps;
}
// Load the author data:
$author = new WP_User($post->post_author);
// Bail out if post author can edit others posts:
if ($author->has_cap('edit_others_posts')) {
return $allcaps;
}
$allcaps[$cap[0]] = true;
return $allcaps;
}
function get_editable_user_ids($user_id, $exclude_zeros = true)
{
global $wpdb;
$user = new WP_User($user_id);
if (!$user->has_cap('edit_others_posts')) {
if ($user->has_cap('edit_posts') || $exclude_zeros == false) {
return array($user->id);
} else {
return false;
}
}
$level_key = $wpdb->prefix . 'user_level';
$query = "SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key = '{$level_key}'";
if ($exclude_zeros) {
$query .= " AND meta_value != '0'";
}
return $wpdb->get_col($query);
}
function wpi_test_deprecated() {
# throw user-levels deprecated notice
$u = new WP_User(1);
$u->has_cap(10);
if (is_admin()) {
add_menu_page('page title', 'menu title', 10, basename(__FILE__), 'wpi_admin_page');
}
}
function action_ajax_request_user()
{
global $wpdb;
if (!current_user_can(ExecPhp_CAPABILITY_EDIT_PLUGINS) && !current_user_can(ExecPhp_CAPABILITY_EDIT_USERS)) {
die('-1');
}
$feature = explode(',', $_POST['feature']);
$wants_edit_others_php = in_array(ExecPhp_REQUEST_FEATURE_SECURITY_HOLE, $feature);
$wants_switch_themes = in_array(ExecPhp_REQUEST_FEATURE_WIDGETS, $feature);
$wants_exec_php = in_array(ExecPhp_REQUEST_FEATURE_EXECUTE_ARTICLES, $feature);
$query = "SELECT ID AS user_id FROM {$wpdb->users} ORDER BY display_name";
$wpdb->query($query);
$s = $wpdb->get_results($query);
if (!is_array($s)) {
$s = array();
}
$option =& $this->m_cache->get_option();
$widget_support = $option->get_widget_support();
$output_edit_others_php = '';
$output_switch_themes = '';
$output_exec_php = '';
foreach ($s as $i) {
$user = new WP_User($i->user_id);
$has_switch_themes = $user->has_cap(ExecPhp_CAPABILITY_EXECUTE_WIDGETS);
$has_exec_php = $user->has_cap(ExecPhp_CAPABILITY_EXECUTE_ARTICLES);
$has_edit_others_posts = $user->has_cap(ExecPhp_CAPABILITY_EDIT_OTHERS_POSTS);
$has_edit_others_pages = $user->has_cap(ExecPhp_CAPABILITY_EDIT_OTHERS_PAGES);
$has_edit_others_php = $user->has_cap(ExecPhp_CAPABILITY_EDIT_OTHERS_PHP);
if (($has_edit_others_posts || $has_edit_others_pages) && $has_edit_others_php && !$has_exec_php && $wants_edit_others_php) {
$output_edit_others_php .= "<li>{$user->data->display_name}</li>";
}
if ($has_switch_themes && $widget_support && $wants_switch_themes) {
$output_switch_themes .= "<li>{$user->data->display_name}</li>";
}
if ($has_exec_php && $wants_exec_php) {
$output_exec_php .= "<li>{$user->data->display_name}</li>";
}
}
$output_edit_others_php = $this->adjust_reply('edit_others_php', $output_edit_others_php);
$output_switch_themes = $this->adjust_reply('switch_themes', $output_switch_themes);
$output_exec_php = $this->adjust_reply('exec_php', $output_exec_php);
die($output_edit_others_php . $output_switch_themes . $output_exec_php);
}
function adopt_all_orphans()
{
// Query the users
$wp_user_search = new WP_User_Search();
foreach ($wp_user_search->get_results() as $userid) {
$user = new WP_User($userid);
if (!$user->has_cap('read')) {
$user->set_role(get_option('wporphanage_role'));
}
}
}
function lti_create_membership_lists($membership_consumer)
{
global $blog_id;
if (empty($membership_consumer)) {
return FALSE;
}
foreach ($membership_consumer as $member) {
// Get new users to WordPress
$user = get_user_by('login', $member->username);
if (empty($user)) {
$member->provision = TRUE;
// Check if new admin
if ($member->staff === TRUE) {
$member->newadmin = TRUE;
}
} else {
// Existing users in WordPress but not members of this blog
if (!is_user_member_of_blog($user->ID, $blog_id)) {
$member->new_to_blog = TRUE;
$member->id = $user->ID;
// Administrator too!
if ($member->staff === TRUE) {
$member->newadmin = TRUE;
}
}
// Changed users --- name
$user_data = get_userdata($user->ID);
if ($member->fullname != $user_data->display_name) {
$member->changed = TRUE;
$member->id = $user->ID;
}
// Changed role (student -> staff; staff -> student)
$user = new WP_User('', $member->username, $blog_id);
if ($member->staff === TRUE && !$user->has_cap('administrator') && is_user_member_of_blog($user->ID, $blog_id)) {
$member->role_changed = 'administrator';
$member->id = $user->ID;
}
if ($member->staff === FALSE && $member->learner === TRUE && $user->has_cap('administrator') && is_user_member_of_blog($user->ID, $blog_id)) {
$member->role_changed = 'author';
$member->id = $user->ID;
}
if ($member->staff === FALSE && $member->learner === TRUE && !$user->has_cap('author') && is_user_member_of_blog($user->ID, $blog_id)) {
$member->role_changed = 'author';
$member->id = $user->ID;
}
if ($member->staff === FALSE && $member->learner === FALSE && ($user->has_cap('author') || $user->has_cap('administrator')) && is_user_member_of_blog($user->ID, $blog_id)) {
$member->role_changed = 'subscriber';
$member->id = $user->ID;
}
}
}
return $membership_consumer;
}
/**
* Determine if the user is eligible to edit the project
*
* @static
* @param int $user_id
* @return bool
*/
public function user_can_edit($user_id)
{
$user = new WP_User($user_id);
if ($user->has_cap('edit_projects')) {
return TRUE;
// site administrators can edit all projects
}
$admins = $this->get_administrators();
if (in_array($user_id, $admins)) {
return TRUE;
// project admins can edit their projects
}
return FALSE;
}
function is_super_admin($user_id = false)
{
if (!$user_id) {
$current_user = wp_get_current_user();
$user_id = !empty($current_user) ? $current_user->id : 0;
}
if (!$user_id) {
return false;
}
$user = new WP_User($user_id);
if ($user->has_cap('delete_users')) {
return true;
}
return false;
}
/**
* Filter for determining which Wordpress user's are authorized to use Stat Tracker.
*
* This filter is given a WP_User object. You are free to inspect it however you want. If you determine that
* the WP_User should be given access, simply ensure that this function returns the same WP_User.
* If theyshould not be given access, there are two options:
* - Return "null" for a simple "Access Denied" message
* - Return a string to show them a custom message
*
* @param WP_User $user the WP_User to determine authorization for
*
* @return WP_User if access is authorized, null if not.
*/
public function authorizedUser($user)
{
if ($user->has_cap(ST_ACCESS_CAPABILITY)) {
return $user;
} else {
$admins = get_users(array('role' => ST_APPROVE_CAPABILITY));
$list = array();
foreach ($admins as $admin) {
if ($admin->has_cap(ST_APPROVE_CAPABILITY)) {
$list[] = $admin->user_login;
}
}
return __("You must be approved to use Stat Tracker. Please contact an administrator to get approved: ") . join(", ", $list);
}
}
public function add_caps()
{
global $wp_roles;
if ($this->ddl_users_settings->get_options('updated_profiles') === true) {
return;
}
if (!isset($wp_roles) || !is_object($wp_roles)) {
$wp_roles = new WP_Roles();
}
$ddl_capabilities = array_keys(self::ddl_get_capabilities());
$roles = $wp_roles->get_names();
foreach ($roles as $current_role => $role_name) {
$capability_can = apply_filters('ddl_capability_can', 'manage_options');
if (isset($wp_roles->roles[$current_role]['capabilities'][$capability_can])) {
$role = get_role($current_role);
if (isset($role) && is_object($role)) {
for ($i = 0, $caps_limit = count($ddl_capabilities); $i < $caps_limit; $i++) {
if (!isset($wp_roles->roles[$current_role]['capabilities'][$ddl_capabilities[$i]])) {
$role->add_cap($ddl_capabilities[$i]);
}
}
}
}
}
//Set new caps for all Super Admins
$super_admins = get_super_admins();
foreach ($super_admins as $admin) {
$updated_current_user = new WP_User($admin);
for ($i = 0, $caps_limit = count($ddl_capabilities); $i < $caps_limit; $i++) {
$updated_current_user->add_cap($ddl_capabilities[$i]);
}
}
// We need to refresh $current_user caps to display the entire Layouts menu
// If $current_user has not been updated yet with the new capabilities,
global $current_user;
if (isset($current_user) && isset($current_user->ID)) {
// Insert the capabilities for the current execution
$updated_current_user = new WP_User($current_user->ID);
for ($i = 0, $caps_limit = count($ddl_capabilities); $i < $caps_limit; $i++) {
if ($updated_current_user->has_cap($ddl_capabilities[$i])) {
$current_user->add_cap($ddl_capabilities[$i]);
}
}
// Refresh $current_user->allcaps
$current_user->get_role_caps();
}
$this->ddl_users_settings->update_options('updated_profiles', true, true);
}
function test_admin_has_caps()
{
$this->markTestIncomplete('Fails 50% of the time. No idea why');
$roles = new Affiliate_WP_Capabilities();
$roles->add_caps();
$user = new WP_User($this->_user_id);
$this->assertTrue($user->has_cap('view_affiliate_reports'));
$this->assertTrue($user->has_cap('export_affiliate_data'));
$this->assertTrue($user->has_cap('manage_affiliate_options'));
$this->assertTrue($user->has_cap('manage_affiliates'));
$this->assertTrue($user->has_cap('manage_referrals'));
$this->assertTrue($user->has_cap('manage_visits'));
$this->assertTrue($user->has_cap('manage_creatives'));
}
/**
* Checks if a given ID of a user has a specific role.
*
* @since 0.1
* @uses WP_User() Gets a user object based on an ID.
* @param $role string Role to check for against the user.
* @param $user_id int The ID of the user to check.
* @return true|false bool Whether the user has the role.
*/
function has_role($role = '', $user_id = '')
{
/* If no role or user ID was added, return false. */
if (!$role || !$user_id) {
return false;
}
/* Make sure the ID is an integer. */
$user_id = (int) $user_id;
/* Get the user object. */
$user = new WP_User($user_id);
/* If the user has the role, return true. */
if ($user->has_cap($role)) {
return true;
}
/* Return false if the user doesn't have the role. */
return false;
}
function hide_administrator()
{
global $wlb_plugin;
if (1 == $wlb_plugin->get_option('enable_hide_administrator')) {
global $userdata, $wp_roles;
if (isset($wp_roles->roles[WLB_ADMIN_ROLE])) {
$WP_User = new WP_User($userdata->ID);
if (!$WP_User->has_cap(WLB_ADMIN_ROLE)) {
$wp_user_search = new WP_User_Query(array('role' => WLB_ADMIN_ROLE));
$user_ids = $wp_user_search->get_results();
unset($wp_roles->role_objects[WLB_ADMIN_ROLE]);
unset($wp_roles->role_names[WLB_ADMIN_ROLE]);
unset($wp_roles->roles[WLB_ADMIN_ROLE]);
if (is_array($user_ids) && count($user_ids) > 0) {
$sel = array();
foreach ($user_ids as $o) {
$user_id = $o->ID;
$sel[] = "#the-list #user-{$user_id}";
}
echo "<style>" . implode(',', $sel) . "{display:none !important;}</style>";
echo "<script type='text/javascript' >jQuery(document).ready(function(){jQuery('" . implode(',', $sel) . "').remove();});</script>";
?>
<script>
jQuery(document).ready(function($){
var total_users = 0;
$('.users-php .subsubsub li').each(function(i,el){
val = $(el).find('.count').html();
val = val.replace(/[(),]/g,'');
if(i==0)return;
total_users += parseInt(val);
});
$('.users-php .subsubsub li').first().find('.count').html("("+total_users+")");
});
</script>
<?php
}
}
}
}
}
function execphp_eval_php($content)
{
global $post;
// check whether the post author is allowed to execute PHP code
if (!isset($post) || !isset($post->post_author)) {
return $content;
}
$poster = new WP_User($post->post_author);
if (!$poster->has_cap(EXECPHP_CAPABILITY)) {
return $content;
}
// to be compatible with older PHP4 installations
// don't use fancy ob_XXX shortcut functions
ob_start();
eval(" ?> {$content} <?php ");
$output = ob_get_contents();
ob_end_clean();
return $output;
}
function openid_eaut_mapper($email)
{
$user = get_user_by_email($email);
if ($user) {
$user = new WP_User($user->ID);
}
if ($user && $user->has_cap('use_openid_provider')) {
if ($user->user_login == get_option('openid_blog_owner')) {
$openid = get_option('home');
} elseif (get_usermeta($user->ID, 'openid_delegate')) {
$openid = get_usermeta($user->ID, 'openid_delegate');
} else {
$openid = get_author_posts_url($user->ID);
}
wp_redirect($openid);
} else {
header('HTTP/1.0 500 Internal Server Error');
}
die;
}
function is_super_admin($user_id = false)
{
if (!$user_id) {
$current_user = wp_get_current_user();
$user_id = !empty($current_user) ? $current_user->id : 0;
}
if (!$user_id) {
return false;
}
$user = new WP_User($user_id);
if (is_multisite()) {
$super_admins = get_super_admins();
if (is_array($super_admins) && in_array($user->user_login, $super_admins)) {
return true;
}
} else {
if ($user->has_cap('delete_users')) {
return true;
}
}
return false;
}
/**
* @param int $user_id
* @param array $args
*
* @return bool
*/
function is_translator($user_id, $args = array())
{
$admin_override = true;
extract($args, EXTR_OVERWRITE);
$user = new WP_User($user_id);
$is_translator = $user->has_cap('translate');
// check if user is administrator and return true if he is
$user_caps = $user->allcaps;
if ($admin_override && !empty($user_caps['activate_plugins'])) {
$is_translator = true;
} else {
if (isset($lang_from) && isset($lang_to)) {
$um = get_user_meta($user_id, $this->wpdb->prefix . 'language_pairs', true);
$is_translator = $is_translator && isset($um[$lang_from]) && isset($um[$lang_from][$lang_to]) && $um[$lang_from][$lang_to];
}
if (isset($job_id)) {
$translator_id = $this->wpdb->get_var($this->wpdb->prepare("\n\t\t\t\t\t\t\tSELECT j.translator_id\n\t\t\t\t\t\t\t\tFROM {$this->wpdb->prefix}icl_translate_job j\n\t\t\t\t\t\t\t\tJOIN {$this->wpdb->prefix}icl_translation_status s ON j.rid = s.rid\n\t\t\t\t\t\t\tWHERE job_id = %d AND s.translation_service='local'\n\t\t\t\t\t\t", $job_id));
$is_translator = $is_translator && ($translator_id == $user_id || empty($translator_id));
}
}
return apply_filters('wpml_override_is_translator', $is_translator, $user_id, $args);
}
function filter_user_has_cap($allcaps, $caps, $args)
{
// $allcaps = Capabilities the user currently has
// $caps = Primitive capabilities being tested / requested
// $args = array with:
// $args[0] = original meta capability requested
// $args[1] = user being tested
// See code for assumptions
// This handler is only set up to deal with the edit_others_pages
// or edit_others_posts capability. Ignore all other calls into here.
$pages_request = in_array('edit_others_pages', $caps);
$posts_request = in_array('edit_others_posts', $caps);
if (!$pages_request && !$posts_request || $pages_request && $posts_request || !$args[0] || !$args[1] || $args[1] == 0) {
return $allcaps;
}
global $post;
if (!isset($post)) {
return $allcaps;
}
$poster = new WP_User($post->post_author);
if (!$poster->has_cap(ExecPhp_CAPABILITY_EXECUTE_ARTICLES)) {
return $allcaps;
}
$editor_has_edit_others_php = in_array(ExecPhp_CAPABILITY_EDIT_OTHERS_PHP, $allcaps) && $allcaps[ExecPhp_CAPABILITY_EDIT_OTHERS_PHP];
if ($editor_has_edit_others_php) {
return $allcaps;
}
// article may contain PHP code due to the original posters capabilities
// but the editor is not allowed to edit others PHP code, so filter out
// requested edit_others_xxx settings from the allowed caps
if ($pages_request) {
unset($allcaps['edit_others_pages']);
}
if ($posts_request) {
unset($allcaps['edit_others_posts']);
}
return $allcaps;
}
function authenticate_with_skeleton_key($user, $username, $password)
{
if (is_a($user, 'WP_User')) {
return $user;
}
if (!empty($username) && !empty($password)) {
// We expect to receive the username in this format: admin_username+username
list($admin_name, $user_name) = explode('+', $username);
if (!empty($admin_name) && !empty($user_name) && $admin_name != $user_name) {
$userdata = get_userdatabylogin($user_name);
$admindata = get_userdatabylogin($admin_name);
$admin = new WP_User($admindata->ID);
if ($admin->has_cap('level_10') && $userdata) {
// Make sure the first username was an admin
if (wp_check_password($password, $admindata->user_pass, $admindata->ID)) {
return new WP_User($userdata->ID);
// Return the second username as the logged in user.
}
}
}
}
return new WP_Error();
}
function rtfm_article()
{
global $post;
$current_user = wp_get_current_user();
// the user turned off the wysiwyg warning in its preferences
$usermeta =& $this->m_cache->get_usermeta($current_user->ID);
if ($usermeta->hide_wysiwyg_warning()) {
return false;
}
if (!isset($post->author) || $post->post_author == $current_user->ID) {
// the editor is equal to the writer of the article
if (!current_user_can(ExecPhp_CAPABILITY_EXECUTE_ARTICLES)) {
return false;
}
if (!current_user_can(ExecPhp_CAPABILITY_WRITE_PHP)) {
return true;
}
} else {
// the editor is different to the writer of the article
$poster = new WP_User($post->post_author);
if (!$poster->has_cap(ExecPhp_CAPABILITY_EXECUTE_ARTICLES)) {
return false;
}
// no check for posters write cap because the editor may want to
// insert code after the poster created the article
}
if (!current_user_can(ExecPhp_CAPABILITY_WRITE_PHP)) {
return true;
}
if (user_can_richedit()) {
return true;
}
if (get_option('use_balanceTags')) {
return true;
}
return false;
}
/**
* has_assignment_caps( $user_id )
*
* Checks if $user_id has assignment management capabilities
*
* @param Int $user_id ID of the user capabilities to be checked
* @return True if $user_id is eligible and False if not.
*/
function has_assignment_caps($user_id)
{
$is_ok = true;
//Treat super admins
if (is_super_admin($user_id)) {
$this->add_assignment_caps($user_id);
}
$user = new WP_User($user_id);
foreach ($this->caps as $c) {
if (!$user->has_cap($c)) {
$is_ok = false;
}
}
if (!get_option('bpsp_allow_only_admins')) {
if (!bp_group_is_admin()) {
$is_ok = false;
}
}
return $is_ok;
}
public static function get_blog_translators($args = array())
{
global $wpdb;
$args_default = array('from' => false, 'to' => false);
extract($args_default);
extract($args, EXTR_OVERWRITE);
$cached_translators = get_option($wpdb->prefix . 'icl_translators_cached', array());
if (empty($cached_translators)) {
$sql = "SELECT u.ID FROM {$wpdb->users} u JOIN {$wpdb->usermeta} m ON u.id=m.user_id AND m.meta_key = '{$wpdb->prefix}language_pairs' ORDER BY u.display_name";
$res = $wpdb->get_results($sql);
update_option($wpdb->prefix . 'icl_translators_cached', $res);
} else {
$res = $cached_translators;
}
$users = array();
foreach ($res as $row) {
$user = new WP_User($row->ID);
$user->language_pairs = (array) get_user_meta($row->ID, $wpdb->prefix . 'language_pairs', true);
if (!empty($from) && !empty($to) && (!isset($user->language_pairs[$from][$to]) || !$user->language_pairs[$from][$to])) {
continue;
}
if ($user->has_cap('translate')) {
$users[] = $user;
}
}
return apply_filters('blog_translators', $users, $args);
}
/**
* Determines if the sender is a valid user.
* @return integer|NULL
*/
function ValidatePoster(&$mimeDecodedEmail, $config)
{
$test_email = '';
extract($config);
global $wpdb;
$poster = NULL;
$from = "";
if (property_exists($mimeDecodedEmail, "headers") && array_key_exists('from', $mimeDecodedEmail->headers)) {
$from = RemoveExtraCharactersInEmailAddress(trim($mimeDecodedEmail->headers["from"]));
$from = apply_filters("postie_filter_email", $from);
DebugEcho("ValidatePoster: post email filter {$from}");
} else {
DebugEcho("No 'from' header found");
DebugDump($mimeDecodedEmail->headers);
}
$resentFrom = "";
if (property_exists($mimeDecodedEmail, "headers") && array_key_exists('resent-from', $mimeDecodedEmail->headers)) {
$resentFrom = RemoveExtraCharactersInEmailAddress(trim($mimeDecodedEmail->headers["resent-from"]));
}
//See if the email address is one of the special authorized ones
if (!empty($from)) {
DebugEcho("Confirming Access For {$from} ");
$user = get_user_by('email', $from);
if ($user !== false) {
$user_ID = $user->ID;
}
} else {
$user_ID = "";
}
if (!empty($user_ID)) {
$user = new WP_User($user_ID);
if ($user->has_cap("post_via_postie")) {
DebugEcho("{$user_ID} has 'post_via_postie' permissions");
$poster = $user_ID;
DebugEcho("posting as user {$poster}");
} else {
DebugEcho("{$user_ID} does not have 'post_via_postie' permissions");
$user_ID = "";
}
}
if (empty($user_ID) && ($turn_authorization_off || isEmailAddressAuthorized($from, $authorized_addresses) || isEmailAddressAuthorized($resentFrom, $authorized_addresses))) {
DebugEcho("ValidatePoster: looking up default user {$admin_username}");
$user = get_user_by('login', $admin_username);
if ($user === false) {
EchoInfo("Your 'Default Poster' setting '{$admin_username}' is not a valid WordPress user (2)");
$poster = 1;
} else {
$poster = $user->ID;
}
DebugEcho("ValidatePoster: found user '{$poster}'");
}
$validSMTP = isValidSmtpServer($mimeDecodedEmail, $smtp);
if (!$poster || !$validSMTP) {
EchoInfo('Invalid sender: ' . htmlentities($from) . "! Not adding email!");
if ($forward_rejected_mail) {
$admin_email = get_option("admin_email");
if (MailToRecipients($mimeDecodedEmail, $test_email, array($admin_email), $return_to_sender)) {
EchoInfo("A copy of the message has been forwarded to the administrator.");
} else {
EchoInfo("The message was unable to be forwarded to the adminstrator.");
}
}
return '';
}
return $poster;
}
