Ejemplo n.º 1
0
 /**
  * This tag will output a list of groups required to access the current page
  *
  * @global wpdb $wpdb
  * @global array $post
  * @attr public
  * @attr label
  */
 public static function groups_required($atts)
 {
     global $wpdb, $post;
     //Attribute defaults
     $output = shortcode_atts(array('public' => 'false', 'label' => __('Groups Required:', 'contexture-page-security'), 'description' => __('To access this page, users must be a member of at least one group from each set of groups.', 'contexture-page-security'), 'showempty' => 'true'), $atts);
     $requiredGroups = CTXPS_Security::get_post_protection($post->ID);
     //Set this var to count groups for current page
     $groupcount = 0;
     $return = "<div class=\"ctx-ps-groupvis\"><h3>{$output['label']}</h3><p>{$output['description']}</p><ul>";
     foreach ($requiredGroups as $pageGroupID => $pageGroupsArray) {
         //List the page title
         $return .= "<li><strong>" . get_the_title($pageGroupID) . " (id:{$pageGroupID})</strong><ul>";
         foreach ($pageGroupsArray as $curGrpID => $curGrpTitle) {
             ++$groupcount;
             $return .= "<li>" . $curGrpTitle . " (id:{$curGrpID})</li>";
         }
         //If there were no groups attached, show that there's no access at that level
         if (empty($groupcount) && $output['showempty'] === 'true') {
             $return .= "<li><em>" . __('No groups attached', 'contexture-page-security') . "</em></li>";
         }
         //Reset groupcount
         $groupcount = 0;
         $return .= '</ul></li>';
     }
     $return .= '</ul></div>';
     if ($output['public'] === 'true') {
         return $return;
     } else {
         return current_user_can('edit_others_posts') ? $return : '';
     }
 }
Ejemplo n.º 2
0
 /**
  * SIDEBAR. Handles ajax requests to add a group to a page. When successful, generates HTML to be used in the "Allowed Groups"
  * section of the "Restrict Page" sidebar. Spits out XML response for AJAX use.
  *
  * @global wpdb $wpdb
  * @global CTXPSC_Tables $ctxpsdb
  */
 public static function add_group_to_post()
 {
     global $wpdb, $ctxpsdb;
     //Added in 1.1 - ensures current user is an admin before processing, else returns an error (probably not necessary - but just in case...)
     if (!current_user_can('edit_others_posts')) {
         //ERROR! If user isn't authorized, stop and return error
         $response = new WP_Ajax_Response(array('what' => 'add_group', 'action' => 'add_group_to_post', 'id' => new WP_Error('error', __('User is not authorized.', 'contexture-page-security'))));
         $response->send();
     }
     //If the protected flag isnt explicitly set already, set it (prevent problems when parent permissions are removed)
     if (!get_post_meta($_REQUEST['post_id'], 'ctx_ps_security')) {
         add_post_meta($_REQUEST['post_id'], 'ctx_ps_security', '1', true);
     }
     //Run the query
     $result = CTXPS_Queries::add_security($_REQUEST['post_id'], $_REQUEST['group_id']);
     if ($result !== false) {
         //Get security info for the specified page and it's parents
         $security = CTXPS_Security::get_post_protection($_REQUEST['post_id']);
         //SUCCESS!
         $response = new WP_Ajax_Response(array('what' => 'add_group', 'action' => 'add_group_to_post', 'id' => 1, 'data' => __('Group added to content', 'contexture-page-security'), 'supplemental' => array('html' => CTXPS_Components::render_sidebar_attached_groups($security, $_REQUEST['post_id']))));
         $response->send();
     }
 }
Ejemplo n.º 3
0
 /**
  *
  * @param mixed $security Takes a security array, by default - but can provide an int or string (post_id) if security array isnt already available.
  * @param int $cur_page_id Optional. The current page id. If null, tries to get current page id from $_REQUEST['post'] or $_REQUEST['postid'].
  * @return string
  */
 public static function render_sidebar_attached_groups($security = null, $cur_page_id = null)
 {
     if (is_numeric($security) || is_string($security)) {
         //Get array with security requirements for this page
         $security = CTXPS_Security::get_post_protection($security, false);
     }
     //Default vars
     $return = '';
     $termGroups = array();
     //If $cur_page_id isn't set, try to get the value from the querystring
     if (empty($cur_page_id)) {
         if (!empty($_REQUEST['post_id'])) {
             $cur_page_id = $_REQUEST['post_id'];
         } else {
             if (!empty($_REQUEST['post'])) {
                 $cur_page_id = $_REQUEST['post'];
             } else {
                 if (!empty($_REQUEST['postid'])) {
                     $cur_page_id = $_REQUEST['postid'];
                 }
             }
         }
     }
     //Fetch term groups, if we have a page id
     if (!empty($cur_page_id)) {
         $termGroups = CTXPS_Queries::get_groups_by_post_terms($cur_page_id, true);
     }
     //Count the number of term groups
     $groupcount = count($termGroups);
     //Count the number of groups directly attached to this page (including inherited groups)
     if (!empty($security)) {
         foreach ($security as $securityGroups) {
             $groupcount += count($securityGroups);
         }
     }
     //Show groups that are already added to this page
     if ($groupcount === 0) {
         //Display this if we have no groups (inherited or otherwise)
         $return .= '<div><em>' . __('No groups have been added yet.', 'contexture-page-security') . '</em></div>';
     } else {
         if (!empty($security)) {
             foreach ($security as $sec_array_id => $sec_array) {
                 //If this is the current page (and not an ancestor)
                 if ($sec_array_id == $cur_page_id) {
                     foreach ($sec_array as $currentGroupId => $currentGroup) {
                         $return .= '<div class="ctx-ps-sidebar-group">&bull; <span class="ctx-ps-sidebar-group-title">' . $currentGroup . '</span> <a style="text-decoration:none;" href="' . admin_url('/users.php?page=ps_groups_edit&groupid=' . $currentGroupId) . '">&raquo;</a><span class="removegrp" onclick="CTXPS_Ajax.removeGroupFromPage(' . $currentGroupId . ',jQuery(this))" title="' . __('Click to remove group access.', 'contexture-page-security') . '" >' . __('remove', 'contexture-page-security') . '</span></div>';
                     }
                 } else {
                     foreach ($sec_array as $currentGroupId => $currentGroup) {
                         $return .= '<div class="ctx-ps-sidebar-group inherited">&bull; <span class="ctx-ps-sidebar-group-title">' . $currentGroup . '</span> <a style="text-decoration:none;" href="' . admin_url('/users.php?page=ps_groups_edit&groupid=' . $currentGroupId) . '">&raquo;</a><a class="viewgrp" target="_blank" href="' . admin_url('post.php?post=' . $sec_array_id . '&action=edit') . '" title="' . __('Protection has been inherited from an ancestor. Click to view ancestor.', 'contexture-page-security') . '">' . __('ancestor', 'contexture-page-security') . '</a></div>';
                     }
                     //foreach
                 }
                 //else
             }
             //foreach
         }
         //if
         //Show terms that are already added to this list
         foreach ($termGroups as $tgroup) {
             //Get the term archive URL. If one doesnt exist, dont link
             $term_archive_link = admin_url(sprintf('/edit-tags.php?action=edit&taxonomy=%s&tag_ID=%s', $tgroup['taxonomy'], $tgroup['term_id']));
             //Build the link HTML for terms
             $return .= '<div class="ctx-ps-sidebar-group inherited">&bull; <span class="ctx-ps-sidebar-group-title">' . $tgroup['group_title'] . '</span> <a style="text-decoration:none;" href="' . $term_archive_link . '">&raquo;</a><a class="viewgrp" target="_blank" href="' . $term_archive_link . '" title="' . __('Protection has been inherited from a term. Click to view term.', 'contexture-page-security') . '">' . __('term', 'contexture-page-security') . '</a></div>';
         }
     }
     return $return;
 }