PHP CTXPS_Queries::check_ad_status Examples

Example #1

File: CTXPS_Security.php Project: slee124565/flh-pvstation

 /**
  * Top-level method for running security check on content, then displaying
  * Access Denied message when appropriate. Overall, this is the core
  * validation method for PSC.
  *
  * @global object $post Gets db information about this post (used to determind post_type)
  * @global object $current_user Info for the currently logged in user
  * @param string $content
  * @return string
  */
 public static function protect_content()
 {
     global $post, $page, $id, $current_user, $is_IIS;
     $secureallowed = true;
     $plugin_opts = get_option('contexture_ps_options');
     //SET 401 CODE IF ON AD PAGE (AND NEVER BLOCK)
     if (!is_admin() && CTXPS_Queries::check_ad_status()) {
         if (!$is_IIS && php_sapi_name() != 'cgi-fcgi') {
             status_header(401);
             // This causes problems on IIS and some FastCGI setups
         }
         return;
         //Exit the function, no further checks are needed
     }
     //CONDITIONS WHERE USER SHOULD BE LET THROUGH
     if (current_user_can('edit_others_posts')) {
         return;
         //Exit the function, no further checks are needed
     }
     //ALLOW HOOK TO EXEMPT PAGES FROM PROTECTION - IF CURRENT PAGE IS IN ARRAY, END CHECK
     $force_public_pages = array();
     if (isset($plugin_opts['force-public-pages']) && !empty($plugin_opts['force-public-pages'])) {
         $force_public_pages = str_getcsv(str_replace(' ', '', $plugin_opts['force-public-pages']));
     }
     $force_public_pages = apply_filters('force_public_pages', $force_public_pages);
     if (in_array($post->ID, $force_public_pages)) {
         return;
     }
     //SITE-WIDE PROTECTION
     if ($plugin_opts['ad_opt_protect_site'] === 'true') {
         /**Groups that this user is a member of*/
         $siteaccess = CTXPS_Queries::get_user_groups($current_user->ID, true);
         //User isnt in any groups, no more checking necessary
         if (empty($siteaccess)) {
             self::deny_access($plugin_opts);
         }
         //If $siteaccess returned anything, we can safely assume user has "Limited"
         //Since "Full" isn't implemented yet, we don't have to make that check or change the way get_user_groups works
     }
     //POST/PAGE-SPECIFIC PROTECTION
     if (!is_home() && !is_category() && !is_tag() && !is_feed() && !is_tax() && !is_admin() && !is_404() && !is_archive() && !is_search()) {
         //We may want to use a global override, so check first...
         if (!isset($useraccess)) {
             /**Groups that this user is a member of*/
             $useraccess = CTXPS_Queries::get_user_groups($current_user->ID);
         }
         /**MERGE PAGE/TERM ARRAYS******************************************/
         //Get any page requirements
         $pagereqs = self::get_post_protection($post->ID);
         //wp_die(sprintf('<pre>%s</pre>',print_r($pagereqs,true)));
         /**PAGE/SECTION CHECK**********************************************/
         if ($pagereqs !== false && is_array($pagereqs)) {
             //Determine if user can access this content
             $pageallowed = self::check_access($useraccess, $pagereqs);
             //NOT ALLOWED TO ACCESS!
             if (!$pageallowed) {
                 self::deny_access($plugin_opts);
             }
         }
         //If we reach this point, there's no reason to deny access
     }
 }