Example #1
0
 private function __construct()
 {
     $this->isLoggedIn = false;
     $this->isFeed = false;
     $this->userInfo = null;
     $this->credentials = array();
     $this->inactivity = 0;
     //inactivity duration
     $this->protected = Emember_Protection::get_instance();
 }
Example #2
0
function eMember_save_postdata($post_id)
{
    $post_type = filter_input(INPUT_POST, 'post_type');
    $eMember_protect_post = filter_input(INPUT_POST, 'eMember_protect_post');
    $eMember_noncename = filter_input(INPUT_POST, 'eMember_noncename');
    if (wp_is_post_revision($post_id)) {
        return;
    }
    // verify this came from the our screen and with proper authorization,
    // because save_post can be triggered at other times
    if (!wp_verify_nonce($eMember_noncename, plugin_basename(__FILE__))) {
        return $post_id;
    }
    // verify if this is an auto save routine. If it is our form has not been submitted, so we dont want
    // to do anything
    if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) {
        return $post_id;
    }
    // Check permissions
    if ('page' == $post_type) {
        if (!current_user_can('edit_page', $post_id)) {
            return $post_id;
        }
    } else {
        if (!current_user_can('edit_post', $post_id)) {
            return $post_id;
        }
    }
    if (empty($eMember_protect_post)) {
        return;
    }
    // OK, we're authenticated: we need to find and save the data
    $args = array('eMember_protection_level' => array('filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_REQUIRE_ARRAY));
    $eMember_protection_level = filter_input_array(INPUT_POST, $args);
    $eMember_protection_level = $eMember_protection_level['eMember_protection_level'];
    $enable_protection = array();
    $emember_auth = Emember_Auth::getInstance();
    $emember_config = Emember_Config::getInstance();
    $enable_protection['protect'] = $eMember_protect_post;
    $enable_protection['level'] = $eMember_protection_level;
    $protection = Emember_Protection::get_instance();
    $membership_levels = Emember_Level_Collection::get_instance();
    $isprotected = $eMember_protect_post == 2;
    $post_types = get_post_types(array('public' => true, '_builtin' => false));
    if ($isprotected) {
        $protection->apply(array($post_id), $post_type);
    } else {
        $protection->remove(array($post_id), $post_type);
    }
    $protection->save();
    $all_levels = $membership_levels->get_levels();
    foreach ($all_levels as $level) {
        $ispermitted = isset($eMember_protection_level[$level->get('id')]);
        if ($ispermitted) {
            $level->apply(array($post_id), $post_type);
        } else {
            $level->remove(array($post_id), $post_type);
        }
        $level->save();
    }
    return $enable_protection;
}
Example #3
0
function item_list_ajax()
{
    if (!current_user_can('manage_options')) {
        die("Access Forbidden");
    }
    global $wpdb;
    $levelId = $_REQUEST['level'];
    $tab = $_REQUEST['tab'];
    if (emember_is_ajax()) {
        $level = $levelId == 1 ? Emember_Protection::get_instance() : Emember_Permission::get_instance($levelId);
        switch ($tab) {
            case 'pages':
                $args = array('child_of' => 0, 'sort_order' => 'ASC', 'sort_column' => 'post_title', 'hierarchical' => 0, 'parent' => -1, 'number' => $_GET['limit'], 'offset' => $_GET['start']);
                $all_pages = get_pages($args);
                $filtered_pages = array();
                foreach ($all_pages as $page) {
                    $page_summary = array();
                    $user_info = get_userdata($page->post_author);
                    $page_summary['protected'] = $level->in_pages($page->ID) ? "checked='checked'" : "";
                    $page_summary['bookmark'] = $level->is_bookmark_disabled($page->ID) ? "checked='checked'" : "";
                    $page_summary['ID'] = $page->ID;
                    $page_summary['date'] = $page->post_date;
                    $page_summary['title'] = $page->post_title;
                    $page_summary['author'] = isset($user_info->user_nicename) ? $user_info->user_nicename : "";
                    $page_summary['status'] = $page->post_status;
                    $filtered_pages[] = $page_summary;
                }
                ob_start();
                include 'views/emember_page_protection_view.php';
                $output = ob_get_contents();
                ob_end_clean();
                echo $output;
                break;
            case 'posts':
                $sql = "SELECT ID,post_date,post_title,post_author, post_type, post_status FROM {$wpdb->posts} ";
                $sql .= " WHERE post_type = 'post' AND post_status = 'publish' LIMIT " . $_REQUEST['start'] . " , " . $_REQUEST['limit'];
                $all_posts = $wpdb->get_results($sql);
                $filtered_posts = array();
                foreach ($all_posts as $post) {
                    //if($post->post_type=='page')continue;
                    $post_summary = array();
                    $user_info = get_userdata($post->post_author);
                    $categories = get_the_category($post->ID);
                    $cat = array();
                    foreach ($categories as $category) {
                        $cat[] = $category->category_nicename;
                    }
                    $post_summary['protected'] = $level->in_posts($post->ID) ? "checked='checked'" : "";
                    $post_summary['bookmark'] = $level->is_bookmark_disabled($post->ID) ? "checked='checked'" : "";
                    $post_summary['ID'] = $post->ID;
                    $post_summary['date'] = $post->post_date;
                    $post_summary['title'] = isset($post->post_title) ? $post->post_title : "";
                    $post_summary['author'] = isset($user_info->user_nicename) ? $user_info->user_nicename : "";
                    $post_summary['categories'] = rawurldecode(implode(' ', $cat));
                    $post_summary['type'] = $post->post_type;
                    $post_summary['status'] = $post->post_status;
                    $filtered_posts[] = $post_summary;
                }
                ob_start();
                include 'views/emember_post_protection_view.php';
                $output = ob_get_contents();
                ob_end_clean();
                echo $output;
                break;
            case 'comments':
                $all_comments = get_comments(array('number' => $_GET['limit'], 'offset' => $_GET['start'], 'status' => 'approve'));
                $filtered_comments = array();
                foreach ($all_comments as $comment) {
                    $comment_summary = array();
                    $comment_summary['protected'] = $level->in_comments($comment->comment_ID) ? "checked='checked'" : "";
                    $comment_summary['ID'] = $comment->comment_ID;
                    $comment_summary['date'] = $comment->comment_date;
                    $comment_summary['author'] = $comment->comment_author;
                    $comment_summary['content'] = $comment->comment_content;
                    $filtered_comments[] = $comment_summary;
                }
                ob_start();
                include 'views/emember_comment_protection_view.php';
                $output = ob_get_contents();
                ob_end_clean();
                echo $output;
                break;
            case 'categories':
                $all_categories = array();
                $all_cat_ids = get_all_category_ids();
                for ($i = $_GET['start']; $i < $_GET['start'] + $_GET['limit'] && !empty($all_cat_ids[$i]); $i++) {
                    $all_categories[] = get_category($all_cat_ids[$i]);
                }
                foreach ($all_categories as $category) {
                    $category_summary = array();
                    $category_summary['protected'] = $level->in_categories($category->term_id) ? "checked='checked'" : "";
                    $category_summary['ID'] = $category->term_id;
                    $category_summary['name'] = $category->name;
                    $category_summary['description'] = $category->description;
                    $category_summary['count'] = $category->count;
                    $filtered_categories[] = $category_summary;
                }
                ob_start();
                include 'views/emember_category_protection_view.php';
                $output = ob_get_contents();
                ob_end_clean();
                echo $output;
                break;
            case 'attachments':
                $sql = "SELECT ID,post_date,post_title,post_author, post_type, post_status FROM {$wpdb->posts} ";
                $sql .= " WHERE post_type = 'attachment' AND post_status = 'inherit' LIMIT " . $_REQUEST['start'] . " , " . $_REQUEST['limit'];
                $all_posts = $wpdb->get_results($sql);
                $filtered_posts = array();
                foreach ($all_posts as $post) {
                    $post_summary = array();
                    $user_info = get_userdata($post->post_author);
                    $post_summary['protected'] = $level->in_attachments($post->ID) ? "checked='checked'" : "";
                    $post_summary['ID'] = $post->ID;
                    $post_summary['date'] = $post->post_date;
                    $post_summary['title'] = isset($post->post_title) ? $post->post_title : "";
                    $post_summary['author'] = isset($user_info->user_nicename) ? $user_info->user_nicename : "";
                    $post_summary['type'] = $post->post_type;
                    $post_summary['status'] = $post->post_status;
                    $filtered_posts[] = $post_summary;
                }
                ob_start();
                include 'views/emember_attachment_protection_view.php';
                $output = ob_get_contents();
                ob_end_clean();
                echo $output;
                break;
            case 'custom-posts':
                $filtered_posts = array();
                $args = array('public' => true, '_builtin' => false);
                $post_types = get_post_types($args);
                $arg = "'" . implode('\',\'', $post_types) . "'";
                if (!empty($arg)) {
                    $sql = "SELECT ID,post_date,post_title,post_author, post_type, post_status FROM {$wpdb->posts} ";
                    $sql .= " WHERE post_type IN (" . $arg . ") AND (post_status='inherit' OR post_status='publish') LIMIT " . $_REQUEST['start'] . " , " . $_REQUEST['limit'];
                    $all_posts = $wpdb->get_results($sql);
                    $filtered_posts = array();
                    foreach ($all_posts as $post) {
                        $post_summary = array();
                        $user_info = get_userdata($post->post_author);
                        $post_summary['protected'] = $level->in_custom_posts($post->ID) ? "checked='checked'" : "";
                        $post_summary['ID'] = $post->ID;
                        $post_summary['date'] = $post->post_date;
                        $post_summary['title'] = isset($post->post_title) ? $post->post_title : "";
                        $post_summary['author'] = isset($user_info->user_nicename) ? $user_info->user_nicename : "";
                        $post_summary['type'] = $post->post_type;
                        $post_summary['status'] = $post->post_status;
                        $filtered_posts[] = $post_summary;
                    }
                }
                ob_start();
                include 'views/emember_custom_protection_view.php';
                $output = ob_get_contents();
                ob_end_clean();
                echo $output;
                break;
        }
    }
    exit(0);
}
Example #4
0
 public static function get_instance()
 {
     self::$_this = empty(self::$_this) ? new Emember_Protection() : self::$_this;
     return self::$_this;
 }