function capa_global_page()
{
// Check if POST isnt empty
$_POST ? capa_handle_action() : NULL;
$private_message = capa_protect::get_private_message();
echo '<div class="wrap">';
// For WP < 27
echo function_exists('screen_icon') ? screen_icon('options-general') : NULL;
echo '<h2 style="margin-bottom:15px;">' . __('CaPa » General settings', 'capa') . '<br><span class="description">' . __('These settings define the display of the CaPa protected content on your blog.', 'capa') . '</span></h2>';
echo '<form name="capa_protect" method="post">';
wp_nonce_field('update-options');
// --------------------------------------------------------------
echo '
<table class="form-table capa-form-table">
<tr>
<th scope="row">' . __('Page display', 'capa') . '</th>
<td>
<label>
<input name="capa_protect_show_private_pages" type="checkbox" onClick="capa_enable_disable_form_elements()"' . (get_option('capa_protect_show_private_pages') ? " checked" : "") . '> ' . __('Show protected pages', 'capa') . '
</label>
<br>
<span class="description" style="margin-left:10px;">' . __('Checking this option will show links to all the pages.', 'capa') . '</span>
<br>
<div style="margin-left:10px;">
</div>
</td>
</tr>
<tr>
<th scope="row">' . __('The Category List', 'capa') . '</th>
<td>
<label>
<input name="capa_protect_show_private_categories" type="checkbox" onClick="capa_enable_disable_form_elements()"' . (get_option('capa_protect_show_private_categories') ? " checked" : "") . '> ' . __('Show private categories', 'capa') . '
</label>
<br>
<span class="description" style="margin-left:10px;">' . __('Checking this option will show links to all the Categories.', 'capa') . '</span>
<br>
<label id="capa_protect_show_padlock_on_private_categories">
<input name="capa_protect_show_padlock_on_private_categories" type="checkbox" ' . (get_option('capa_protect_show_padlock_on_private_categories') ? " checked" : "") . '> ' . __('Show a padlock icon next to private categories', 'capa') . '
</label>
</td>
</tr>
<tr valign="top">
<th scope="row">' . __('Posts and pages display.', 'capa') . '
<br>
<span class="description">' . __('How do you want to display a protected post or page?', 'capa') . '</span>
</th>
<td>
<label>
<input type="radio" name="capa_protect_post_policy" onClick="capa_enable_disable_form_elements()" value="hide" ' . (get_option('capa_protect_post_policy') == 'hide' || get_option('capa_protect_post_policy') == false && get_option('capa_protect_show_private_message') == false ? ' checked' : '') . '> ' . __('Hide everything', 'capa') . '
</label>
<br>
<label>
<input type="radio" name="capa_protect_post_policy" onClick="capa_enable_disable_form_elements()" value="show message"' . (get_option('capa_protect_post_policy') == 'show message' || get_option('capa_protect_show_private_message') == true ? ' checked' : '') . '> ' . __('Show everything', 'capa') . '
</label>
<br>
<label>
<input type="radio" name="capa_protect_post_policy" onClick="capa_enable_disable_form_elements()" value="show title"' . (get_option('capa_protect_post_policy') == 'show title' ? ' checked' : '') . '> ' . __('Show title and the private message as content', 'capa') . '
</label>
</td>
</tr>
<tr>
<th scope="row">' . __('The private message', 'capa') . '</th>
<td>
<label for="capa_protect_private_message" id="capa_protect_private_message">
<input name="capa_protect_private_message" type="text" size="70"' . ' value="' . $private_message . '" />
</label>
</td>
</tr>
<tr>
<th scope="row">' . __('The Comments', 'capa') . '</th>
<td style="padding-left:20px;">
<h4 style="margin: 5px 0px 10px -10px;">' . __('Public & Allowed Comments', 'capa') . ':</h4>
<label>
<input type="radio" name="capa_protect_comment_policy" onClick="capa_enable_disable_form_elements()" value="hide"' . (get_option('capa_protect_comment_policy') == 'hide' || get_option('capa_protect_comment_policy') == false ? ' checked' : '') . '> ' . __('Hide all comments.', 'capa') . '
</label>
<br>
<label>
<input type="radio" name="capa_protect_comment_policy" onClick="capa_enable_disable_form_elements()" value="show name"' . (get_option('capa_protect_comment_policy') == 'show name' ? ' checked' : '') . '> ' . __('Show Author, but the private message for the content.', 'capa') . '
</label>
<br>
<label>
<input type="radio" name="capa_protect_comment_policy" onClick="capa_enable_disable_form_elements()" value="show message"' . (get_option('capa_protect_comment_policy') == 'show message' ? ' checked' : '') . '> ' . __('Show content, but no author.', 'capa') . '
</label>
<br>
<label>
<input type="radio" name="capa_protect_comment_policy" onClick="capa_enable_disable_form_elements()" value="all"' . (get_option('capa_protect_comment_policy') == 'all' ? ' checked' : '') . '> ' . __('Show everything.', 'capa') . '
</label>
<h4 style="margin: 15px 0px 10px -10px;">' . __('Private Comments', 'capa') . ':</h4>
<label>
<input name="capa_protect_show_comment_on_private_posts" type="checkbox" value="1" ' . (get_option('capa_protect_show_comment_on_private_posts') ? " checked" : "") . '> ' . __('Use the Settings for comments from protected Posts.', 'capa') . '
</label>
</td>
</tr>
<tr>
<th scope="row">' . __('The Media Library', 'capa') . '</th>
<td>
<label>
<input name="capa_protect_show_only_allowed_attachments" type="checkbox" onClick="capa_enable_disable_form_elements()" ' . (get_option('capa_protect_show_only_allowed_attachments') ? " checked" : "") . '> ' . __('Show only allowed Attachments', 'capa') . '
</label>
<br>
<span class="description" style="margin-left:10px;">' . __('Checking this option shows only attachments which were uploaded (not inserted) in posts from allowed categories', 'capa') . '</span>
<br>
<label id="capa_protect_show_unattached_files">
<input name="capa_protect_show_unattached_files" type="checkbox" ' . (get_option('capa_protect_show_unattached_files') ? " checked" : "") . '> ' . __('Show unattached files', 'capa') . '
</label>
</td>
</tr>
<tr>
<th scope="row">' . __('Miscellaneous', 'capa') . '</th>
<td>
<label>
<input type="checkbox" name="capa_protect_keep_options" value="on"' . (get_option('capa_protect_keep_options') == '1' ? ' checked' : '') . '> ' . __('Keep CaPa Settings', 'capa') . '
</label><br>
<span class="description" style="margin-left:10px;">' . __('In Case CaPa is disabled but you wanna keep the Settings.', 'capa') . '</span>
</td>
</tr>
</table>
';
echo '
<p class="submit" style="float:left; margin-right:10px;">
<button type="submit" name="submit" class="button-primary" value="Update general settings" >' . __('Update general settings', 'capa') . '</button>
</p>
<p class="submit">
<button type="submit" name="submit" class="button-secondary" value="reset defaults" >' . __('Reset defaults', 'capa') . '</button>
</p>
';
echo '<script type="text/javascript">capa_enable_disable_form_elements();</script>';
echo '</form>';
echo '</div>';
}
/**
* Alternate diverse SQL Queries
*
* @uses $current_user
* @uses $capa_protect_comment_policy
* @uses $wpdb
*
* @uses capa_protect::filter_posts()
* @uses capa_protect::get_valid_categories()
* @uses capa_protect::get_valid_tags()
*
* @return string
*/
function filter_wpdb_query($param)
{
global $current_user;
if ($current_user && isset($current_user->allcaps['manage_categories']) && !isset($current_user->caps['editor'])) {
return $param;
}
global $wpdb, $capa_protect_comment_policy;
// Code fuer WP < 3
if ((int) $GLOBALS['wp_version'] != '3') {
// SQLFILTER::function _wp_get_comment_list
# FROM $wpdb->comments USE INDEX (comment_date_gmt) WHERE
if (strpos($param, "FROM {$wpdb->comments} USE INDEX (comment_date_gmt) WHERE") !== FALSE) {
if (strpos($param, 'WHERE') !== FALSE && strpos(substr($param, strpos($param, 'WHERE')), 'comment_post_ID') === FALSE) {
// In Case Public/Allowed Comments are hidden
if ($capa_protect_comment_policy == 'hide') {
$allow_posts = ' comment_post_ID IN (0) AND';
} else {
$allow_posts = capa_protect::filter_posts();
$allow_posts = str_replace('AND ID', ' comment_post_ID', $allow_posts) . " AND";
}
$param = str_replace('WHERE', 'WHERE' . $allow_posts, $param);
return $param;
}
}
// SQLFILTER::function wp_count_terms
# SELECT COUNT(*)
# FROM $wpdb->term_taxonomy WHERE taxonomy = %s
if (strpos($param, "SELECT COUNT(*) FROM {$wpdb->term_taxonomy} WHERE taxonomy") !== FALSE) {
$taxo = substr($param, strpos($param, 'taxonomy =') + 12, -2);
switch ($taxo) {
case 'category':
if (strpos($param, 'term_taxonomy_id') === FALSE) {
$disallow_cat = capa_protect::get_value_categories(FALSE);
$param .= ' AND term_taxonomy_id NOT IN (' . implode(',', $disallow_cat) . ')';
}
break;
case 'post_tag':
if (strpos($param, 'term_taxonomy_id') === FALSE) {
$allow_tags = capa_protect::get_value_tags();
$param .= ' AND term_taxonomy_id IN (' . implode(',', $allow_tags) . ') ';
}
break;
}
return $param;
}
// SQLFILTER::function wp_dashboard_recent_comments
// Code von WP < 3
# SELECT *
# FROM $wpdb->comments
# ORDER BY comment_date_gmt DESC LIMIT $start, 50
if (strpos($param, "SELECT * FROM {$wpdb->comments} ORDER BY comment_date_gmt DESC LIMIT") !== FALSE) {
if (strpos($param, 'ORDER') !== FALSE && strpos(substr($param, strpos($param, 'WHERE')), 'comment_post_ID') === FALSE) {
// In Case Public/Allowed Comments are hidden
if ($capa_protect_comment_policy == 'hide') {
$allow_posts = ' comment_post_ID IN (0)';
} else {
$allow_posts = capa_protect::filter_posts();
$allow_posts = str_replace('AND ID', ' comment_post_ID', $allow_posts);
}
$param = str_replace('ORDER', 'WHERE ' . $allow_posts . ' ORDER', $param);
}
return $param;
}
}
// SQLFILTER::function _wp_get_comment_list
# SELECT *
# FROM $wpdb->comments c
# LEFT JOIN $wpdb->posts p ON c.comment_post_ID = p.ID
# WHERE p.post_status != 'trash'
if (strpos($param, " FROM {$wpdb->comments} c LEFT JOIN {$wpdb->posts} p ON c.comment_post_ID = p.ID") !== FALSE) {
if (strpos($param, 'WHERE') !== FALSE && strpos(substr($param, strpos($param, 'WHERE')), 'comment_post_ID') === FALSE) {
// In Case Public/Allowed Comments are hidden
if ($capa_protect_comment_policy == 'hide') {
$allow_posts = ' comment_post_ID IN (0) AND';
} else {
$allow_posts = capa_protect::filter_posts();
$allow_posts = str_replace('AND ID', ' comment_post_ID', $allow_posts) . " AND";
}
$param = str_replace('WHERE', 'WHERE' . $allow_posts, $param);
}
}
// SQLFILTER::function wp_count_comments
# SELECT comment_approved, COUNT( * ) AS num_comments
# FROM sm_blog_comments
# GROUP BY comment_approved
if (strpos($param, 'SELECT comment_approved, COUNT') !== FALSE && strpos($param, 'WHERE') === FALSE) {
if ($capa_protect_comment_policy == 'hide') {
$allow_posts = ' WHERE comment_post_ID IN (0) ';
} else {
$allow_posts = capa_protect::filter_posts();
$allow_posts = str_replace('AND ID', ' WHERE comment_post_ID', $allow_posts) . " ";
}
$param = str_replace('FROM ' . $wpdb->comments, 'FROM ' . $wpdb->comments . ' ' . $allow_posts, $param);
}
// SQLFILTER::function wp_get_recent_posts
# SELECT *
# FROM $wpdb->posts
# WHERE post_type = 'post' AND post_status IN ( 'draft', 'publish', 'future', 'pending', 'private' ) ORDER BY post_date DESC $limit
if (strpos($param, "SELECT * FROM {$wpdb->posts} WHERE post_type = 'post' AND post_status IN ( 'draft', 'publish', 'future', 'pending', 'private' ) ORDER BY post_date DESC") !== FALSE) {
$recent_posts = substr($param, strpos($param, 'LIMIT ') + 6);
$allow_posts = capa_protect::filter_posts();
$param = str_replace('AND post_status', $allow_posts . ' AND post_status', $param);
return $param;
}
// SQLFILTER::function wp_count_attachments
if (strpos($param, 'SELECT post_mime_type, COUNT( * ) AS num_posts') !== FALSE) {
global $capa_protect_show_only_allowed_attachments;
if (!$capa_protect_show_only_allowed_attachments) {
return $param;
}
$allow_posts = capa_protect::filter_posts();
$allow_posts = str_replace('AND ID', ' AND post_parent', $allow_posts);
$param = str_replace('AND post_status', $allow_posts . ' AND post_status', $param);
return $param;
}
// SQLFILTER::function get_available_post_mime_types
if (strpos($param, "SELECT DISTINCT post_mime_type FROM {$wpdb->posts} WHERE post_type = 'attachment'") !== FALSE) {
global $capa_protect_show_only_allowed_attachments;
if (!$capa_protect_show_only_allowed_attachments) {
return $param;
}
$allow_posts = capa_protect::filter_posts();
$allow_posts = str_replace(' AND ID', ' AND post_parent', $allow_posts);
$param = $param . $allow_posts;
return $param;
}
// SQLFILTER::function wp_count_posts
if (strpos($param, 'SELECT post_status, COUNT(') !== FALSE) {
$allow_posts = capa_protect::filter_posts();
$allow_posts = str_replace('AND ID', ' ID', $allow_posts);
$allow_posts != '' ? $allow_posts = $allow_posts . ' AND ' : NULL;
if (strpos($param, 'WHERE') !== FALSE && strpos($param, 'ID') === FALSE) {
$param = str_replace('WHERE', 'WHERE' . $allow_posts, $param);
}
return $param;
}
// SQLFILTER::function &get_terms ( case of count )
# SELECT COUNT(*) FROM $wpdb->terms AS t
# INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id
# WHERE tt.taxonomy IN (string) AND tt.term_taxonomy_id IN (int)
// DEV
if (!isset($GLOBALS['wp_filter']['list_terms_exclusions']) && strpos($param, "SELECT COUNT(*) FROM {$wpdb->terms} AS t INNER JOIN {$wpdb->term_taxonomy} AS tt ON t.term_id = tt.term_id WHERE") !== FALSE) {
switch ($param) {
case strpos($param, 'category') !== FALSE:
if (strpos($param, 'term_taxonomy_id') === FALSE) {
$disallow_cat = capa_protect::get_value_categories(FALSE);
$param .= ' AND term_taxonomy_id NOT IN (' . implode(',', $disallow_cat) . ')';
} else {
$disallow_cat = capa_protect::get_value_categories(TRUE);
$param = str_replace('WHERE', 'WHERE tt.term_taxonomy_id IN (' . implode(',', $disallow_cat) . ') AND', $param);
}
break;
case strpos($param, 'post_tag') !== FALSE:
if (strpos($param, 'term_taxonomy_id') === FALSE) {
$allow_tags = capa_protect::get_value_tags();
$param .= ' AND term_taxonomy_id IN (' . implode(',', $allow_tags) . ') ';
} else {
$allow_tags = capa_protect::get_value_tags();
$param = str_replace('WHERE', 'WHERE t.term_id IN (' . implode(',', $allow_tags) . ') AND', $param);
}
break;
}
return $param;
}
// SQLFILTER::function get_var ( case of unattached file count )
# SELECT COUNT( * ) FROM $wpdb->posts
# WHERE post_type = 'attachment' AND post_status != 'trash' AND post_parent < 1
// DEV
if (strpos($param, "SELECT COUNT( * ) FROM {$wpdb->posts} WHERE post_type = 'attachment' AND post_status != 'trash' AND post_parent < 1") !== FALSE) {
global $capa_protect_show_unattached_files;
if (!$capa_protect_show_unattached_files) {
$param .= ' AND post_parent NOT IN (0)';
}
}
return $param;
}
