function scoper_requested_file_rule_expire() { if (scoper_get_option('file_filtering')) { if ($key = scoper_get_option('file_filtering_regen_key')) { if (!empty($_GET['key']) && $key == $_GET['key']) { // user must store their own non-null key before this will work global $wpdb; if (IS_MU_RS) { $blog_ids = scoper_get_col("SELECT blog_id FROM {$wpdb->blogs} ORDER BY blog_id"); $orig_blog_id = $GLOBALS['blog_id']; foreach ($blog_ids as $id) { switch_to_blog($id); scoper_query("DELETE FROM {$wpdb->postmeta} WHERE meta_key = '_rs_file_key'"); } } else { scoper_query("DELETE FROM {$wpdb->postmeta} WHERE meta_key = '_rs_file_key'"); } scoper_expire_file_rules(); if (IS_MU_RS) { _e("File attachment access keys and rewrite rules will be regenerated for each site at next access.", 'scoper'); } else { _e("File attachment access keys and rewrite rules were regenerated.", 'scoper'); } } else { _e('Invalid argument.', 'scoper'); } } else { _e('Please configure File Filtering options!', 'scoper'); } } else { _e('The function is disabled.', 'scoper'); } exit(0); }
function scoper_fix_page_parent_recursion() { global $wpdb; $arr_parent = array(); $arr_children = array(); if ($results = scoper_get_results("SELECT ID, post_parent FROM {$wpdb->posts} WHERE post_type = 'page'")) { foreach ($results as $row) { $arr_parent[$row->ID] = $row->post_parent; if (!isset($arr_children[$row->post_parent])) { $arr_children[$row->post_parent] = array(); } $arr_children[$row->post_parent][] = $row->ID; } // if a page's parent is also one of its children, set parent to Main foreach ($arr_parent as $page_id => $parent_id) { if (isset($arr_children[$page_id]) && in_array($parent_id, $arr_children[$page_id])) { scoper_query($wpdb->prepare("UPDATE {$wpdb->posts} SET post_parent = '0' WHERE ID = %d", $page_id)); } } } }
function insert_role_restrictions($topic, $max_scope, $role_handle, $src_or_tx_name, $obj_or_term_id, $insert_restriction, $propagate_from_req_id, $args = array()) { $defaults = array('inherited_from' => 0, 'is_auto_insertion' => false); // auto_insertion arg set for restriction propagation from parent objects $args = array_merge($defaults, (array) $args); extract($args); global $current_user, $wpdb; if (!($role_spec = scoper_explode_role_handle($role_handle))) { return; } // keep track of which objects from non-post data sources have ever had their roles/restrictions custom-edited if (!$is_auto_insertion && (TERM_SCOPE_RS == $max_scope || OBJECT_SCOPE_RS == $max_scope && 'post' != $src_or_tx_name)) { $custom_role_items = get_option("scoper_custom_{$src_or_tx_name}"); if (!is_array($custom_role_items)) { $custom_role_items = array(); } } // need object_type for permission check when modifying propagated object roles if (OBJECT_SCOPE_RS == $topic) { if ($role_attrib = $this->scoper->role_defs->get_role_attributes($role_handle)) { $object_type = $role_attrib->object_type; } else { $object_type = ''; } // probably won't be able to propagate roles if this error occurs } // prepare hierarchy and object type data for subsequent propagation if ($propagate_from_req_id) { if (TERM_SCOPE_RS == $topic) { if (!($tx = $this->scoper->taxonomies->get($src_or_tx_name))) { return; } if (!($src = $this->scoper->data_sources->get($tx->source))) { return; } } elseif (!($src = $this->scoper->data_sources->get($src_or_tx_name))) { return; } if (empty($src->cols->parent)) { return; } $descendant_ids = awp_query_descendant_ids($src->table, $src->cols->id, $src->cols->parent, $obj_or_term_id); $remove_ids = array(); foreach ($descendant_ids as $id) { if (TERM_SCOPE_RS == $topic) { if (!$this->scoper_admin->user_can_admin_terms($src_or_tx_name, $id)) { $remove_ids[] = $id; } } else { if (!$this->scoper_admin->user_can_admin_object($src_or_tx_name, $object_type, $id)) { $remove_ids[] = $id; } } } if ($remove_ids) { $descendant_ids = array_diff($descendant_ids, $remove_ids); } } // Before inserting a restriction, delete any overlooked old restriction. $qry_delete_base = "DELETE FROM {$wpdb->role_scope_rs}" . " WHERE topic = '{$topic}' AND max_scope = '{$max_scope}' AND src_or_tx_name = '{$src_or_tx_name}'" . " AND role_type = '{$role_spec->role_type}' AND role_name = '{$role_spec->role_name}'"; $qry_select_base = "SELECT requirement_id AS assignment_id FROM {$wpdb->role_scope_rs}" . " WHERE topic = '{$topic}' AND max_scope = '{$max_scope}' AND src_or_tx_name = '{$src_or_tx_name}'" . " AND role_type = '{$role_spec->role_type}' AND role_name = '{$role_spec->role_name}'"; $qry_insert_base = "INSERT INTO {$wpdb->role_scope_rs}" . " (src_or_tx_name, role_type, role_name, topic, max_scope, obj_or_term_id, require_for, inherited_from)" . " VALUES ('{$src_or_tx_name}', '{$role_spec->role_type}', '{$role_spec->role_name}', '{$topic}', '{$max_scope}',"; // obj_or_term_id, propagate, inherited_from values must be appended if ($insert_restriction) { // before inserting the role, delete any other matching or conflicting assignments this user/group has for the same object scoper_query($qry_delete_base . " AND obj_or_term_id = '{$obj_or_term_id}';"); // insert role for specified object and group(s) scoper_query($qry_insert_base . "'{$obj_or_term_id}', '{$insert_restriction}', '{$inherited_from}')"); $inserted_req_id = (int) $wpdb->insert_id; // keep track of which objects have ever had their roles/restrictions custom-edited if (!$is_auto_insertion) { if (OBJECT_SCOPE_RS == $max_scope && 'post' == $src_or_tx_name) { update_post_meta($obj_or_term_id, '_scoper_custom', true); } else { $custom_role_items[$obj_or_term_id] = true; } } } // insert role for all descendant items if ($propagate_from_req_id) { if ($insert_restriction) { $propagate_from_req_id = $inserted_req_id; } // note: Propagated roles will be converted to direct-assigned roles if the parent object/term is deleted. // But if the parent setting is changed without deleting old object/term, inherited roles from the old parent remain. // TODO: 're-inherit parent roles' checkbox for object and term role edit UI foreach ($descendant_ids as $id) { // Don't overwrite an explicitly assigned object role with a propagated assignment if ($direct_assignment = scoper_get_var("{$qry_select_base} AND inherited_from = '0' AND obj_or_term_id = '{$id}' LIMIT 1")) { continue; } // before inserting the role, delete any other propagated assignments this user/group has for the same object type scoper_query($qry_delete_base . " AND obj_or_term_id = '{$id}'"); scoper_query($qry_insert_base . "'{$id}', 'both', '{$propagate_from_req_id}')"); } } // keep track of which objects from non-post data sources have ever had their roles/restrictions custom-edited if (!empty($custom_role_items)) { update_option("scoper_custom_{$src_or_tx_name}", $custom_role_items); } }
/** * Updates an existing Group * * @param int $groupID - Group identifier * @param string $name - Name of the group * @param string $description - Group description (optional) * @return boolean True on successful update **/ function updateGroup($group_id, $name, $description = '') { global $wpdb; $description = strip_tags($description); if ($prev = scoper_get_row("SELECT * FROM {$wpdb->groups_rs} WHERE {$wpdb->groups_id_col}='{$group_id}';")) { if ($prev->{$wpdb->groups_name_col} != $name && !UserGroups_tp::isValidName($name)) { return false; } // don't allow updating of metagroup name / descript if (!empty($prev->meta_id)) { return false; } } do_action('update_group_rs', $group_id); $query = "UPDATE {$wpdb->groups_rs} SET {$wpdb->groups_name_col} = '{$name}', {$wpdb->groups_descript_col}='{$description}' WHERE {$wpdb->groups_id_col}='{$group_id}';"; scoper_query($query); wpp_cache_flush_group('all_usergroups'); wpp_cache_flush_group('group_members'); wpp_cache_flush_group('usergroups_for_user'); wpp_cache_flush_group('usergroups_for_groups'); wpp_cache_flush_group('usergroups_for_ug'); return true; }
function scoper_delete_option($option_basename, $sitewide = -1) { // allow explicit selection of sitewide / non-sitewide scope for better performance and update security if (-1 === $sitewide) { global $scoper_options_sitewide; $sitewide = isset($scoper_options_sitewide) && !empty($scoper_options_sitewide[$option_basename]); } if ($sitewide) { global $wpdb; scoper_query("DELETE FROM {$wpdb->sitemeta} WHERE site_id = '{$wpdb->siteid}' AND meta_key = 'scoper_{$option_basename}'"); } else { delete_option("scoper_{$option_basename}"); } }
function item_deletion_aftermath($scope, $src_or_tx_name, $obj_or_term_id) { global $wpdb; // delete role assignments for deleted term if ($ass_ids = scoper_get_col("SELECT assignment_id FROM {$wpdb->user2role2object_rs} WHERE src_or_tx_name = '{$src_or_tx_name}' AND scope = '{$scope}' AND obj_or_term_id = '{$obj_or_term_id}'")) { $id_in = "'" . implode("', '", $ass_ids) . "'"; scoper_query("DELETE FROM {$wpdb->user2role2object_rs} WHERE assignment_id IN ({$id_in})"); // Propagated roles will be converted to direct-assigned roles if the original progenetor goes away. Removal of a "link" in the parent/child propagation chain has no effect. scoper_query("UPDATE {$wpdb->user2role2object_rs} SET inherited_from = '0' WHERE inherited_from IN ({$id_in})"); } if ($req_ids = scoper_get_col("SELECT requirement_id FROM {$wpdb->role_scope_rs} WHERE topic = '{$scope}' AND src_or_tx_name = '{$src_or_tx_name}' AND obj_or_term_id = '{$obj_or_term_id}'")) { $id_in = "'" . implode("', '", $req_ids) . "'"; scoper_query("DELETE FROM {$wpdb->role_scope_rs} WHERE requirement_id IN ({$id_in})"); // Propagated requirements will be converted to direct-assigned roles if the original progenetor goes away. Removal of a "link" in the parent/child propagation chain has no effect. scoper_query("UPDATE {$wpdb->role_scope_rs} SET inherited_from = '0' WHERE inherited_from IN ({$id_in})"); } }
function rename_role($role_name_old, $role_type = 'rs') { $role_name_new = $_POST['role-name']; if (!$role_name_old) { return; } global $wpdb; scoper_query("UPDATE {$wpdb->user2role2object_rs} SET role_name = '{$role_name_new}' WHERE role_type = '{$role_type}' AND role_name = '{$role_name_old}'"); ScoperAdminLib::schedule_role_sync(); // sync_wp_roles() will also flush cache on role rename }
function delete_roles_orphaned_from_item($scope, $src_or_tx_name) { global $scoper, $wpdb; if ('term' == $scope) { if ('category' == $src_or_tx_name) { // this is called early by sync_roles $item_table = $wpdb->term_taxonomy; $col_item_id = 'term_id'; } elseif (!empty($scoper)) { $qv = $scoper->taxonomies->get_terms_query_vars($src_or_tx_name, true); // arg: terms only $item_table = $qv->term->table; $col_item_id = $qv->term->col_id; } } else { if ('post' == $src_or_tx_name) { // this is called early by sync_roles $col_item_id = 'ID'; $item_table = $wpdb->posts; } elseif (!empty($scoper)) { $col_item_id = $scoper->data_sources->member_property($src_or_tx_name, 'cols', 'id'); $item_table = $scoper->data_sources->member_property($src_or_tx_name, 'table'); } } if ($is_valid_items = scoper_get_var("SELECT {$col_item_id} FROM {$item_table} LIMIT 1")) { $where = "AND scope = '{$scope}' AND src_or_tx_name = '{$src_or_tx_name}' AND obj_or_term_id NOT IN ( SELECT {$col_item_id} FROM {$item_table} ) AND obj_or_term_id >= 1 "; if ($items_to_delete = scoper_get_var("SELECT assignment_id FROM {$wpdb->user2role2object_rs} WHERE 1=1 {$where} LIMIT 1")) { $qry = "DELETE FROM {$wpdb->user2role2object_rs} WHERE 1=1 {$where}"; scoper_query($qry); wpp_cache_flush(); } } }