function handle_submission($action, $sitewide = false, $customize_defaults = false)
{
if ($sitewide || $customize_defaults) {
if (function_exists('is_super_admin') && !is_super_admin()) {
wp_die(__awp('Cheatin’ uh?'));
}
}
if ($customize_defaults) {
$sitewide = true;
}
// default customization is only for per-blog options, but is sitewide in terms of DB storage in sitemeta table
if ('flush' == $action) {
wpp_cache_flush_all_sites();
return;
}
if (!in_array($_GET["page"], array('rs-options', 'rs-site_options', 'rs-default_options'))) {
return;
}
if (empty($_POST['rs_submission_topic'])) {
return;
}
if ('options' == $_POST['rs_submission_topic']) {
if (!is_option_administrator_rs()) {
wp_die(__awp('Cheatin’ uh?'));
}
scoper_refresh_default_options();
scoper_refresh_default_otype_options();
$method = "{$action}_options";
if (method_exists($this, $method)) {
call_user_func(array($this, $method), $sitewide, $customize_defaults);
}
$method = "{$action}_realm";
if (method_exists($this, $method)) {
call_user_func(array($this, $method), $sitewide, $customize_defaults);
}
if ($sitewide && !$customize_defaults) {
$method = "{$action}_sitewide";
if (method_exists($this, $method)) {
call_user_func(array($this, $method));
}
}
if (isset($_POST['rs_role_defs']) && empty($_POST['rs_defaults'])) {
if ($customize_defaults) {
$function = 'update_rs_role_defs_customize_defaults';
} elseif ($sitewide) {
$function = 'update_rs_role_defs_sitewide';
} else {
$function = 'update_rs_role_defs';
}
add_action('init', array(&$this, $function), 20);
// this must execute after other plugins have added rs config filters
}
}
scoper_refresh_options();
// force DB schema update if sitewide_groups option was changed
require SCOPER_ABSPATH . '/db-config_rs.php';
}
function _scoper_deactivate()
{
if (function_exists('wpp_cache_flush')) {
wpp_cache_flush_all_sites();
}
delete_option('scoper_page_ancestors');
global $wp_taxonomies;
if (!empty($wp_taxonomies)) {
foreach (array_keys($wp_taxonomies) as $taxonomy) {
delete_option("{$taxonomy}_children");
delete_option("{$taxonomy}_children_rs");
delete_option("{$taxonomy}_ancestors_rs");
}
}
require_once dirname(__FILE__) . '/role-scoper_init.php';
scoper_clear_site_rules();
scoper_clear_all_file_rules();
}
function init()
{
scoper_version_check();
if (!isset($this->data_sources)) {
$this->load_config();
}
$is_administrator = is_content_administrator_rs();
if ($doing_cron = defined('DOING_CRON')) {
if (!defined('DISABLE_QUERYFILTERS_RS')) {
define('DISABLE_QUERYFILTERS_RS', true);
}
}
if (!($this->direct_file_access = strpos($_SERVER['QUERY_STRING'], 'rs_rewrite'))) {
$this->add_main_filters();
}
// ===== Special early exit if this is a plugin install script
if (is_admin()) {
if (in_array($GLOBALS['pagenow'], array('plugin-install.php', 'plugin-editor.php'))) {
// flush RS cache on activation of any plugin, in case we cached results based on its presence / absence
if (!empty($_POST) || !empty($_REQUEST['action'])) {
if (!empty($_POST['networkwide']) || 'plugin-editor.php' == $GLOBALS['pagenow']) {
wpp_cache_flush_all_sites();
} else {
wpp_cache_flush();
}
}
do_action('scoper_init');
return;
// no further filtering on WP plugin maintenance scripts
}
}
// =====
require_once dirname(__FILE__) . '/attachment-interceptor_rs.php';
$GLOBALS['attachment_interceptor'] = new AttachmentInterceptor_RS();
// .htaccess file is always there, so we always need to handle its rewrites
// ===== Content Filters to limit/enable the current user
$disable_queryfilters = defined('DISABLE_QUERYFILTERS_RS');
if ($disable_queryfilters) {
// Some wp-admin pages need to list pages or categories based on front-end access. Classic example is Subscribe2 categories checklist, included in Subscriber profile
// In that case, filtering will be applied even if wp-admin filtering is disabled. API hook enables other plugins to defined their own "always filter" URIs.
$always_filter_uris = apply_filters('scoper_always_filter_uris', array('p-admin/profile.php'));
if (in_array($GLOBALS['pagenow'], $always_filter_uris) || in_array($GLOBALS['plugin_page_cr'], $always_filter_uris)) {
$disable_queryfilters = false;
break;
}
}
// register a map_meta_cap filter to handle the type-specific meta caps we are forcing
require_once dirname(__FILE__) . '/meta_caps_rs.php';
if (!$disable_queryfilters) {
if (!$is_administrator) {
if ($this->direct_file_access) {
require_once dirname(__FILE__) . '/cap-interceptor-basic_rs.php';
// only need to support basic read_post / read_page check for direct file access
$GLOBALS['cap_interceptor_basic'] = new CapInterceptorBasic_RS();
} else {
require_once dirname(__FILE__) . '/cap-interceptor_rs.php';
$GLOBALS['cap_interceptor'] = new CapInterceptor_RS();
}
}
// (also use content filters on front end to FILTER IN private content which WP inappropriately hides from administrators)
if (!$is_administrator || $this->is_front()) {
require_once dirname(__FILE__) . '/query-interceptor_rs.php';
$GLOBALS['query_interceptor'] = new QueryInterceptor_RS();
}
if (!$this->direct_file_access && (!$is_administrator || !defined('XMLRPC_REQUEST'))) {
// don't tempt trouble by adding hardway filters on XMLRPC for logged administrator
$this->add_hardway_filters();
if ($this->is_front() || !$is_administrator) {
require_once dirname(__FILE__) . '/terms-query-lib_rs.php';
if (awp_ver('3.1') && !defined('SCOPER_LEGACY_TERMS_FILTER')) {
require_once dirname(__FILE__) . '/terms-interceptor_rs.php';
$GLOBALS['terms_interceptor'] = new TermsInterceptor_RS();
} else {
require_once dirname(__FILE__) . '/hardway/hardway-taxonomy-legacy_rs.php';
}
}
}
}
// endif query filtering not disabled for this access type
if ($is_administrator) {
if ($this->is_front()) {
require_once 'comments-int-administrator_rs.php';
}
} else {
require_once 'comments-interceptor_rs.php';
}
if (is_admin()) {
$this->add_admin_ui_filters($is_administrator);
}
do_action('scoper_init');
// ===== end Content Filters
}
function scoper_version_updated($prev_version)
{
if (function_exists('wpp_cache_flush')) {
wpp_cache_flush_all_sites();
}
// single-pass do loop to easily skip unnecessary version checks
do {
// roles were stored with invalid assign_for value under some conditions
if (version_compare($prev_version, '1.3.45-beta', '<')) {
global $wpdb;
scoper_query("UPDATE {$wpdb->user2role2object_rs} SET assign_for = 'entity' WHERE assign_for = ''");
}
// file filtering rules were not written for new attachments if restriction was based solely on category restrictions
if (version_compare($prev_version, '1.3.29-beta', '<')) {
scoper_flush_site_rules();
scoper_expire_file_rules();
}
// Delete any roles or restrictions inappropriately stored for attachments, revisions or auto-drafts
if (version_compare($prev_version, '1.3', '<')) {
global $wpdb;
scoper_query("DELETE FROM {$wpdb->user2role2object_rs} WHERE role_type = 'wp' AND scope='blog' AND obj_or_term_id = '0'");
scoper_sync_wproles();
scoper_query("DELETE FROM {$wpdb->role_scope_rs} WHERE src_or_tx_name = 'post' AND obj_or_term_id IN ( SELECT ID FROM {$wpdb->posts} WHERE post_type IN ('attachment', 'revision') OR post_status = 'auto-draft' )");
scoper_query("DELETE FROM {$wpdb->user2role2object_rs} WHERE src_or_tx_name = 'post' AND obj_or_term_id IN ( SELECT ID FROM {$wpdb->posts} WHERE post_type IN ('attachment', 'revision') OR post_status = 'auto-draft' )");
}
// 1.3.RC4 changed RS cache path to subfolder, so flush the root-stored cache one last time (only for MU / Multisite due to potentially large # of folders, files)
if (IS_MU_RS && version_compare($prev_version, '1.3.RC4', '<') && !defined('SKIP_CACHE_MAINT_RS')) {
global $wpp_object_cache;
$wpp_object_cache = new WP_Persistent_Object_Cache(false);
$wpp_object_cache->global_groups = array('');
// forces use of cache root for this maint operation
$wpp_object_cache->rm_cache_dir('');
// will delete any files and folders in cache root except .htaccess
$wpp_object_cache->cache_enabled = false;
// avoid further updating cache in this http session
}
// 1.2.8 Beta disabled caps for custom post type roles under some circumstances
if (version_compare($prev_version, '1.2.7', '>') && version_compare($prev_version, '1.2.8', '<')) {
if ($disabled_role_caps = get_option('scoper_disabled_role_caps')) {
$okay_role_prefix = array('rs_post', 'rs_page', 'rs_category', 'rs_link', 'rs_ngg');
foreach (array_keys($disabled_role_caps) as $role_handle) {
$role_okay = false;
foreach ($okay_role_prefix as $pfx) {
if (0 === strpos($role_handle, $pfx)) {
$role_okay = true;
break;
}
}
if (!$role_okay) {
unset($disabled_role_caps[$role_handle]);
$_modified = true;
}
}
if (!empty($_modified)) {
update_option('scoper_disabled_role_caps', $disabled_role_caps);
}
}
}
// changes to taxonomy options storage in 1.1.8
if (version_compare($prev_version, '1.1.8', '<')) {
global $wp_taxonomies;
$enable_tx = get_option('scoper_enable_wp_taxonomies');
$old_use_term_roles = get_option('scoper_use_term_roles');
$use_term_roles = array();
if (is_array($old_use_term_roles)) {
// convert existing use_term_roles entries to new array key structure
foreach ($old_use_term_roles as $src_otype => $val) {
if (is_array($val)) {
// don't do this twice!
break 2;
}
if (strpos($src_otype, ':')) {
$arr_src_otype = explode(':', $src_otype);
$src_name = $arr_src_otype[0];
if ('post' == $src_name) {
$use_term_roles[$src_otype]['category'] = intval($val);
} elseif ('link' == $src_name) {
$use_term_roles[$src_otype]['link_category'] = intval($val);
} elseif ('ngg_gallery' == $src_name) {
$use_term_roles[$src_otype]['ngg_album'] = intval($val);
}
// compat workaround for old versions of Role Scoping for NGG which use old otype option key structure
}
}
}
if (is_array($enable_tx)) {
// Post_tag and custom taxonomies were activated for scoping via enable_wp_taxonomies storage. Move those entries to use_term_roles instead.
foreach ($enable_tx as $taxonomy => $val) {
if ('post_tag' == $taxonomy) {
$use_term_roles['post:post'][$taxonomy] = intval($val);
} elseif ($taxonomy && !in_array($taxonomy, array('category', 'link_category'))) {
if ($wp_tx = get_taxonomy($taxonomy)) {
$object_types = (array) $wp_tx->object_type;
foreach ($object_types as $object_type) {
$use_term_roles["post:{$object_type}"][$taxonomy] = intval($val);
}
}
}
}
}
if ($use_term_roles) {
update_option('scoper_use_term_roles', $use_term_roles);
}
//delete_option( 'scoper_enable_wp_taxonomies' );
} else {
break;
}
if (version_compare($prev_version, '1.1', '<')) {
// htaccess rules modified in v1.1
scoper_flush_site_rules();
scoper_expire_file_rules();
// Option update did not set autoload to no prior to 1.1
global $wpdb;
$wpdb->query("UPDATE {$wpdb->options} SET autoload = 'no' WHERE option_name LIKE 'scoper_%' AND option_name != 'scoper_version'");
// stopped storing needless postmeta data for parent=0 in 1.1
global $wpdb;
$wpdb->query("DELETE FROM {$wpdb->postmeta} WHERE meta_value = '0' AND meta_key = '_scoper_last_parent'");
} else {
break;
}
// stopped using rs_get_page_children() in 1.0.8
if (version_compare($prev_version, '1.0.8', '<')) {
delete_option('scoper_page_children');
} else {
break;
}
if (version_compare($prev_version, '1.0.0', '<')) {
include dirname(__FILE__) . '/update-legacy_rs.php';
scoper_version_updated_from_legacy($prev_version);
}
} while (0);
// end single-pass version check loop
}
