function dropdown_pages($object_id = '', $stored_parent_id = '')
{
require_once SCOPER_ABSPATH . '/hardway/hardway-parent-legacy_rs.php';
return ScoperHardwayParentLegacy::dropdown_pages($object_id, $stored_parent_id);
}
function walk_parent_dropdown(&$output, &$args, $use_parent_clause = true, $default = 0, $parent = 0, $level = 0)
{
static $use_class;
static $page_ids;
if (!isset($use_class)) {
$use_class = true;
}
if (!isset($page_ids)) {
$page_ids = array();
}
// todo: defaults, merge
//extract($args);
// args keys: pages, object_id
$page_ids[$parent] = true;
if (!is_array($args['pages'])) {
$args['pages'] = array();
}
if (empty($args['descendants']) || !is_array($args['descendants'])) {
$args['descendants'] = array();
}
foreach (array_keys($args['pages']) as $key) {
// we call this without parent criteria to include pages whose parent is unassociable
if ($use_parent_clause && $args['pages'][$key]->post_parent != $parent) {
continue;
}
$id = $args['pages'][$key]->ID;
if (in_array($id, array_keys($args['descendants']))) {
continue;
}
if (isset($page_ids[$id])) {
continue;
}
$page_ids[$id] = true;
// A page cannot be its own parent.
if ($args['object_id'] && $id == $args['object_id']) {
continue;
}
$class = $use_class ? 'class="level-' . $level . '" ' : '';
$current = $id == $default ? ' selected="selected"' : '';
$pad = str_repeat(' ', $level * 3);
$output .= "\n\t<option " . $class . 'value="' . $id . '"' . $current . '>' . $pad . esc_html($args['pages'][$key]->post_title) . '</option>';
ScoperHardwayParentLegacy::walk_parent_dropdown($output, $args, true, $default, $id, $level + 1);
}
if (!$level && empty($args['retain_page_ids'])) {
$page_ids = array();
}
}
function _flt_last_resort_query($query)
{
// no recursion
if (scoper_querying_db() || $GLOBALS['cap_interceptor']->in_process) {
return $query;
}
global $wpdb, $pagenow, $scoper;
$posts = $wpdb->posts;
// Search on query portions to make this as forward-compatible as possible.
// Important to include " FROM table WHERE " as a strpos requirement because scoped queries (which should not be further altered here) will insert a JOIN clause
// strpos search for "ELECT " rather than "SELECT" so we don't have to distinguish 0 from false
// wp_count_posts() :
// SELECT post_status, COUNT( * ) AS num_posts FROM {$wpdb->posts} WHERE post_type = %s
$matches = array();
if (strpos($query, "ELECT post_status, COUNT( * ) AS num_posts ") && preg_match("/FROM\\s*{$posts}\\s*WHERE post_type\\s*=\\s*'([^ ]+)'/", $query, $matches)) {
$_post_type = !empty($matches[1]) ? $matches[1] : cr_find_post_type();
if ($_post_type) {
global $current_user;
foreach (get_post_stati(array('private' => true)) as $_status) {
$query = str_replace("AND (post_status != '{$_status}' OR ( post_author = '{$current_user->ID}' AND post_status = '{$_status}' ))", '', $query);
}
$query = str_replace("post_status", "{$posts}.post_status", $query);
$query = apply_filters('objects_request_rs', $query, 'post', $_post_type, array('objrole_revisions_clause' => true));
// as of WP 3.0.1, additional queries triggered by objects_request filter breaks all subsequent filters which would have operated on this query
if (defined('RVY_VERSION')) {
if (class_exists('RevisionaryAdminHardway_Ltd')) {
$query = RevisionaryAdminHardway_Ltd::flt_last_resort_query($query);
}
$query = RevisionaryAdminHardway::flt_include_pending_revisions($query);
}
}
return $query;
}
// parent_dropdown() :
// SELECT ID, post_parent, post_title FROM $wpdb->posts WHERE post_parent = %d AND post_type = 'page' ORDER BY menu_order
if ('admin.php' == $pagenow) {
if (strpos($query, "ELECT ID, post_parent, post_title") && strpos($query, "FROM {$posts} WHERE post_parent =") && function_exists('parent_dropdown')) {
$page_temp = '';
$object_id = $scoper->data_sources->detect('id', 'post');
if ($object_id) {
$page_temp = get_post($object_id);
}
if (empty($page_temp) || !isset($page_temp->post_parent) || $page_temp->post_parent) {
require_once SCOPER_ABSPATH . '/hardway/hardway-parent-legacy_rs.php';
$output = ScoperHardwayParentLegacy::dropdown_pages();
echo $output;
}
$query = "SELECT ID, post_parent FROM {$posts} WHERE 1=2";
return $query;
}
}
// Media Library - unattached
//
// WP_MediaListTable::get_views() :
// SELECT COUNT( * ) FROM $wpdb->posts WHERE post_type = 'attachment' AND post_status != 'trash' AND post_parent < 1
if (strpos($query, "post_type = 'attachment'") && strpos($query, "post_parent < 1") && strpos($query, '* FROM')) {
if ($where_pos = strpos($query, 'WHERE ')) {
// optionally hide other users' unattached uploads, but not from blog-wide Editors
if (!scoper_get_option('admin_others_unattached_files') && !$scoper->user_can_edit_blogwide('post', '', array('require_others_cap' => true, 'status' => 'publish'))) {
global $current_user;
$author_clause = "AND {$wpdb->posts}.post_author = '{$current_user->ID}'";
$query = str_replace("post_type = 'attachment'", "post_type = 'attachment' {$author_clause}", $query);
return $query;
}
}
}
// wp_count_attachments() :
//SELECT post_mime_type, COUNT( * ) AS num_posts FROM wp_trunk_posts WHERE post_type = 'attachment' GROUP BY post_mime_type
if (strpos($query, "post_type = 'attachment'") && 0 === strpos($query, "SELECT ")) {
if ($where_pos = strpos($query, 'WHERE ')) {
if (!defined('SCOPER_ALL_UPLOADS_EDITABLE')) {
// note: this constant actually just prevents Media Library filtering, falling back to WP Roles for attachment editability and leaving uneditable uploads viewable in Library
static $att_sanity_count = 0;
if ($att_sanity_count > 5) {
// TODO: why does this apply filtering to 300+ queries on at least one MS installation?
return $query;
}
$att_sanity_count++;
$admin_others_attached = scoper_get_option('admin_others_attached_files');
$admin_others_unattached = scoper_get_option('admin_others_unattached_files');
if (!$admin_others_attached || !$admin_others_unattached) {
$can_edit_others_blogwide = $scoper->user_can_edit_blogwide('post', '', array('require_others_cap' => true, 'status' => 'publish'));
}
global $wpdb, $current_user;
// optionally hide other users' unattached uploads, but not from blog-wide Editors
if ($admin_others_unattached || $can_edit_others_blogwide) {
$author_clause = '';
} else {
$author_clause = "AND {$wpdb->posts}.post_author = '{$current_user->ID}'";
}
if (!defined('SCOPER_BLOCK_UNATTACHED_UPLOADS') || !SCOPER_BLOCK_UNATTACHED_UPLOADS) {
$unattached_clause = "( {$wpdb->posts}.post_parent = 0 {$author_clause} ) OR";
} else {
$unattached_clause = '';
}
$attached_clause = $admin_others_attached || $can_edit_others_blogwide ? '' : "AND {$wpdb->posts}.post_author = '{$current_user->ID}'";
$parent_query = "SELECT {$wpdb->posts}.ID FROM {$wpdb->posts} WHERE 1=1";
$parent_query = apply_filters('objects_request_rs', $parent_query, 'post');
$where_insert = "( {$unattached_clause} ( {$wpdb->posts}.post_parent IN ({$parent_query}) {$attached_clause} ) ) AND ";
$query = substr($query, 0, $where_pos + strlen('WHERE ')) . $where_insert . substr($query, $where_pos + strlen('WHERE '));
}
return $query;
}
}
// admin-ajax.php 'find_posts' :
// SELECT ID, post_title, post_status, post_date FROM $wpdb->posts WHERE post_type = '$what' AND post_status IN ('draft', 'publish') AND ($search) ORDER BY post_date_gmt DESC LIMIT 50
if (strpos($query, "ELECT ID, post_title, post_status, post_date FROM")) {
if (!empty($_POST['post_type'])) {
$query = apply_filters('objects_request_rs', $query, 'post', $_POST['post_type']);
}
}
return $query;
}
