/** * SIDEBAR. Handles ajax requests to add a group to a page. When successful, generates HTML to be used in the "Allowed Groups" * section of the "Restrict Page" sidebar. Spits out XML response for AJAX use. * * @global wpdb $wpdb * @global CTXPSC_Tables $ctxpsdb */ public static function add_group_to_post() { global $wpdb, $ctxpsdb; //Added in 1.1 - ensures current user is an admin before processing, else returns an error (probably not necessary - but just in case...) if (!current_user_can('edit_others_posts')) { //ERROR! If user isn't authorized, stop and return error $response = new WP_Ajax_Response(array('what' => 'add_group', 'action' => 'add_group_to_post', 'id' => new WP_Error('error', __('User is not authorized.', 'contexture-page-security')))); $response->send(); } //If the protected flag isnt explicitly set already, set it (prevent problems when parent permissions are removed) if (!get_post_meta($_REQUEST['post_id'], 'ctx_ps_security')) { add_post_meta($_REQUEST['post_id'], 'ctx_ps_security', '1', true); } //Run the query $result = CTXPS_Queries::add_security($_REQUEST['post_id'], $_REQUEST['group_id']); if ($result !== false) { //Get security info for the specified page and it's parents $security = CTXPS_Security::get_post_protection($_REQUEST['post_id']); //SUCCESS! $response = new WP_Ajax_Response(array('what' => 'add_group', 'action' => 'add_group_to_post', 'id' => 1, 'data' => __('Group added to content', 'contexture-page-security'), 'supplemental' => array('html' => CTXPS_Components::render_sidebar_attached_groups($security, $_REQUEST['post_id'])))); $response->send(); } }