/** * When a WP3 custom menu is being used, this checks restrictions for each page * in the menu and removes it if it's restricted to the current user. * * @global object $current_user * @param array $content * @return The array of wordpress posts used to build the custom menu. */ public static function filter_custom_menus($content, $menu = null) { global $current_user; //wp_die(sprintf('<pre>%s</pre>',print_r($content,true))); $dbOpts = get_option('contexture_ps_options'); //ad_msg_usefilter_menus //Do this filtering only if user isn't an admin, in admin section... and provided the user hasn't explicitly set menu filtering to false if (!current_user_can('edit_others_posts') && !is_admin() && $dbOpts['ad_msg_usefilter_menus'] != 'false') { //NO MENU!!! If site protect is on, menu filtering is on, and user is anon, remove EVERYTHING if ($dbOpts['ad_opt_protect_site'] === 'true' && (!is_user_logged_in() || $current_user->ID == 0)) { return array(); } //Redundant: Get options (in case we need to strip access denied pages) //$dbOpts = get_option('contexture_ps_options'); if (!empty($content)) { foreach ($content as $postKey => $postValue) { //Get groups that this user is a member of $useraccess = CTXPS_Queries::get_user_groups($current_user->ID); //Determine menu item type to be filtered (post or term) if ('taxonomy' === $postValue->type) { //Get groups required to access this term archive $pagereqs = self::get_term_protection($postValue->object_id, $postValue->object); } else { //Get groups required to access this page (assume post) $pagereqs = self::get_post_protection($postValue->object_id); } //So long as $pagereqs is anything but false if (!!$pagereqs) { //Determine user access $secureallowed = self::check_access($useraccess, $pagereqs); if ($secureallowed) { //If we're allowed to access this page } else { //If we're NOT allowed to access this page unset($content[$postKey]); } } //If this is an AD page, strip it too if ($dbOpts['ad_msg_usepages'] === 'true') { if ($postValue->object_id == $dbOpts['ad_page_auth_id'] || $postValue->object_id == $dbOpts['ad_page_anon_id']) { unset($content[$postKey]); } } } } } return $content; }