/** * Resets roles to WordPress defaults. * * @return void */ function backupToolReset() { check_admin_referer('capsman-reset-defaults'); require_once ABSPATH . 'wp-admin/includes/schema.php'; if (!function_exists('populate_roles')) { ak_admin_error(__('Needed function to create default roles not found!', 'capsman-enhanced')); return; } $roles = array_keys(ak_get_roles(true)); foreach ($roles as $role) { remove_role($role); } populate_roles(); $this->cm->setAdminCapability(); $msg = __('Roles and Capabilities reset to WordPress defaults', 'capsman-enhanced'); if (function_exists('pp_populate_roles')) { pp_populate_roles(); } else { // force PP to repopulate roles $pp_ver = get_option('pp_c_version', true); if ($pp_ver && is_array($pp_ver)) { $pp_ver['version'] = preg_match("/dev|alpha|beta|rc/i", $pp_ver['version']) ? '0.1-beta' : 0.1; } else { $pp_ver = array('version' => '0.1', 'db_version' => '1.0'); } update_option('pp_c_version', $pp_ver); delete_option('ppperm_added_role_caps_10beta'); } ak_admin_notify($msg); }
/** * Processes and saves the changes in the general capabilities form. * * @return void */ private function processAdminGeneral() { if (!isset($_POST['action']) || 'update' != $_POST['action']) { // TODO: Implement exceptions. This must be a fatal error. ak_admin_error(__('Bad form Received', 'capsman-enhanced')); return; } $post = stripslashes_deep($_POST); if (empty($post['caps'])) { $post['caps'] = array(); } $this->current = $post['current']; // Select a new role. if (!empty($post['LoadRole'])) { $this->current = $post['role']; } else { require_once dirname(__FILE__) . '/handler.php'; $capsman_modify = new CapsmanHandler($this); $capsman_modify->processAdminGeneral($post); } }
/** * Deletes a role. * The role comes from the $_GET['role'] var and the nonce has already been checked. * Default WordPress role cannot be deleted and if trying to do it, throws an error. * Users with the deleted role, are moved to the WordPress default role. * * @return void */ function adminDeleteRole() { global $wpdb, $wp_roles; check_admin_referer('delete-role_' . $_GET['role']); $this->cm->current = $_GET['role']; $default = get_option('default_role'); if ($default == $this->cm->current) { ak_admin_error(sprintf(__('Cannot delete default role. You <a href="%s">have to change it first</a>.', $this->cm->ID), 'options-general.php')); return; } $query = "SELECT ID FROM {$wpdb->usermeta} INNER JOIN {$wpdb->users} " . "ON {$wpdb->usermeta}.user_id = {$wpdb->users}.ID " . "WHERE meta_key='{$wpdb->prefix}capabilities' AND meta_value LIKE '%{$this->cm->current}%';"; $users = $wpdb->get_results($query); // Array of all roles except the one being deleted, for use below $role_names = array_diff_key(array_keys($wp_roles->role_names), array($this->cm->current => true)); $count = 0; foreach ($users as $u) { $skip_role_set = false; $user = new WP_User($u->ID); if ($user->has_cap($this->cm->current)) { // Check again the user has the deleting role // Role may have been assigned supplementally. Don't move a user to default role if they still have one or more roles following the deletion. foreach ($role_names as $_role_name) { if ($user->has_cap($_role_name)) { $skip_role_set = true; break; } } if (!$skip_role_set) { $user->set_role($default); $count++; } } } remove_role($this->cm->current); unset($this->cm->roles[$this->cm->current]); if ($customized_roles = get_option('pp_customized_roles')) { if (isset($customized_roles[$this->cm->current])) { unset($customized_roles[$this->cm->current]); update_option('pp_customized_roles', $customized_roles); } } ak_admin_notify(sprintf(__('Role has been deleted. %1$d users moved to default role %2$s.', $this->cm->ID), $count, $this->cm->roles[$default])); $this->cm->current = $default; }
/** * Saves settings from admin form. * TODO: Check settings with intval. * * @return void */ private function saveAdminSettings() { check_admin_referer('alkivia-profile-settings'); if (isset($_POST['action']) && 'update' == $_POST['action']) { $options = stripslashes_deep($_POST['profiles']); $this->setNewOptions($options); ak_admin_notify(); } else { // Missing action ak_admin_error(__('Bad form received.', $this->PID)); } }
/** * Deletes a role. * The role comes from the $_GET['role'] var and the nonce has already been checked. * Default WordPress role cannot be deleted and if trying to do it, throws an error. * Users with the deleted role, are moved to the WordPress default role. * * @return void */ function adminDeleteRole() { global $wpdb; check_admin_referer('delete-role_' . $_GET['role']); $this->cm->current = $_GET['role']; $default = get_option('default_role'); if ($default == $this->cm->current) { ak_admin_error(sprintf(__('Cannot delete default role. You <a href="%s">have to change it first</a>.', $this->cm->ID), 'options-general.php')); return; } $query = "SELECT ID FROM {$wpdb->usermeta} INNER JOIN {$wpdb->users} " . "ON {$wpdb->usermeta}.user_id = {$wpdb->users}.ID " . "WHERE meta_key='{$wpdb->prefix}capabilities' AND meta_value LIKE '%{$this->cm->current}%';"; $users = $wpdb->get_results($query); $count = count($users); foreach ($users as $u) { $user = new WP_User($u->ID); if ($user->has_cap($this->cm->current)) { // Check again the user has the deleting role $user->set_role($default); } } remove_role($this->cm->current); unset($this->cm->roles[$this->cm->current]); if ($customized_roles = get_option('pp_customized_roles')) { if (isset($customized_roles[$this->cm->current])) { unset($customized_roles[$this->cm->current]); update_option('pp_customized_roles', $customized_roles); } } ak_admin_notify(sprintf(__('Role has been deleted. %1$d users moved to default role %2$s.', $this->cm->ID), $count, $this->cm->roles[$default])); $this->cm->current = $default; }
/** * Process the uploaded image in the settings form. * @return void */ private function uploadLogo() { check_admin_referer('upload-login-image'); if (isset($_POST['action']) && 'upload' == $_POST['action']) { // Process uploaded file require_once AK_VENDOR . '/upload/class.upload.php'; $handle = new akUpload($_FILES['login_image'], $this->PID); if ($handle->uploaded) { $handle->image_resize = true; $handle->image_ratio_y = true; $handle->image_x = 326; $handle->file_overwrite = true; $handle->file_auto_rename = false; $handle->file_new_name_body = 'login'; $handle->image_convert = 'png'; $uploads = wp_upload_dir(); $folder = trailingslashit($uploads['basedir']) . 'alkivia'; $handle->Process($folder); if ($handle->processed) { ak_admin_notify(__('File uploaded.', $this->PID)); } else { ak_admin_error(__('Error', $this->PID) . ': ' . $handle->error); } } else { ak_admin_error(__('No file received.', $this->PID)); } } else { // Missing action ak_admin_error(__('Bad form received.', $this->PID)); } }
/** * Uploads a user image to gallery. * * @uses do_action() Calls 'aoc_gallery_first_upload' action hook on user ID. * @param object $user User Object to manage. * @return void */ private function uploadUserImage($user) { check_admin_referer('photo-gallery-upload'); $gallery = $this->getUserGallery($user->ID); $notices = ''; $errors = ''; $cur_num = 0; foreach ($_FILES as $user_picture) { $up_name = trim($user->user_nicename) . ($gallery['lastID'] + 1); $handle = new aocGalleryUpload($user_picture, $this->PID); ++$cur_num; if ($handle->uploaded) { // Upload big size. if ($handle->uploadImage($up_name)) { // Success upload. if (!empty($notices)) { $notices .= '<br />'; } if (!empty($errors)) { $errors .= '<br />'; } $notices .= sprintf(__('File %d uploaded.', $this->PID), $cur_num) . ' '; $generated_name = $handle->file_dst_name_body; // Create Thumbnail. if ($handle->createThumb()) { $notices .= sprintf(__('Thumbnail %d created.', $this->PID), $cur_num) . ' '; } else { $errors .= sprintf(__('Thumbnail %d error', $this->PID), $cur_num) . ': ' . $handle->error . ' '; } // Create AVATAR if ($handle->createAvatar()) { $notices .= sprintf(__('Avatar %d created.', $this->PID), $cur_num) . ' '; } else { $errors .= sprintf(__('Avatar %d error', $this->PID), $cur_num) . ': ' . $handle->error . ' '; } // Save the image name to user meta. ++$gallery['lastID']; if (0 == count($gallery['images'])) { // Loading first file $gallery['main'] = $gallery['lastID']; $gallery['avatar'] = $gallery['lastID']; } $approved = current_user_can('aoc_unmoderated') || current_user_can('aoc_manage_galleries') ? 1 : 0; $gallery['images'][$gallery['lastID']] = array('approved' => $approved, 'caption' => '', 'name' => $generated_name); update_usermeta($user->ID, $this->ID, $gallery); if ($approved) { // Set the last update time. Since 0.5.3 if (1 == $this->countApprovedImages($gallery)) { // Just uploaded first picture do_action('aoc_gallery_first_upload', $user->ID); } update_usermeta($user->ID, $this->ID . '_update', gmdate('Y-m-d H:i:s')); // Record activity log $activity = array('owner_id' => $user->ID, 'object_type' => 'gallery', 'object_action' => 'upload', 'object_id' => $user->ID, 'event_hook' => 'aoc_wall_gallery'); do_action('aoc_generic_event', $activity); } else { $hostname = preg_replace('#^www\\.#', '', strtolower($_SERVER['SERVER_NAME'])); $mail_headers = 'From: ' . get_bloginfo('name') . ' <' . 'wordpress@' . $hostname . ">\n"; $mail_subject = get_bloginfo('name') . ' ' . __('Please moderate user gallery', $this->PID); $mail_body = sprintf(__('A new image has been uploaded to the gallery for %s', $this->PID), $user->user_login) . "\n\n"; $mail_body .= __('Please, moderate it at', $this->PID) . ' ' . get_bloginfo('wpurl') . "/wp-admin/users.php?user_id={$user->ID}&page={$this->slug}-my-gallery"; wp_mail(get_bloginfo('admin_email'), $mail_subject, $mail_body, $mail_headers); } } else { $errors .= sprintf(__('Image %d error', $this->PID), $cur_num) . ': ' . $handle->error . ' '; } } } if (!empty($notices)) { ak_admin_notify($notices); } if (!empty($errors)) { ak_admin_error($errors); } }
/** * Saves capability changes to roles. * * @param string $role_name Role name to change its capabilities * @param array $caps New capabilities for the role. * @return void */ private function saveRoleCapabilities($role_name, $caps, $level) { $this->generateNames(); $role = get_role($role_name); $old_caps = array_intersect_key($role->capabilities, $this->capabilities); $new_caps = is_array($caps) ? array_map('intval', $caps) : array(); $new_caps = array_merge($new_caps, ak_level2caps($level)); // Find caps to add and remove $add_caps = array_diff_key($new_caps, $old_caps); $del_caps = array_diff_key($old_caps, $new_caps); if (!current_user_can('administrator')) { unset($add_caps['manage_capabilities']); unset($del_caps['manage_capabilities']); } if ('administrator' == $role_name && isset($del_caps['manage_capabilities'])) { unset($del_caps['manage_capabilities']); ak_admin_error(__('You cannot remove Manage Capabilities from Administrators', $this->ID)); } // Add new capabilities to role foreach ($add_caps as $cap => $grant) { $role->add_cap($cap); } // Remove capabilities from role foreach ($del_caps as $cap => $grant) { $role->remove_cap($cap); } }