/** * Saves our custom meta data for the post being saved * * @since WordPress Access Control 2.0 * @author Brandon Wamboldt <*****@*****.**> */ public static function save_postdata($post_id) { // Security check if (!isset($_POST['members_only_nonce'])) { return $post_id; } if (!wp_verify_nonce($_POST['members_only_nonce'], 'members_only')) { return $post_id; } // Meta data isn't transmitted during autosaves so don't do anything if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) { return $post_id; } if (isset($_POST['members_only']) && $_POST['members_only'] == 'true') { update_post_meta($post_id, '_wpac_is_members_only', 'true'); if (isset($_POST['wpac_restricted_to']) && !empty($_POST['wpac_restricted_to'])) { update_post_meta($post_id, '_wpac_restricted_to', serialize($_POST['wpac_restricted_to'])); } else { delete_post_meta($post_id, '_wpac_restricted_to'); } } else { delete_post_meta($post_id, '_wpac_is_members_only'); } if (isset($_POST['nonmembers_only']) && $_POST['nonmembers_only'] == 'true') { update_post_meta($post_id, '_wpac_is_nonmembers_only', 'true'); } else { delete_post_meta($post_id, '_wpac_is_nonmembers_only'); } if (isset($_POST['wpac_members_redirect_to'])) { update_post_meta($post_id, '_wpac_members_redirect_to', $_POST['wpac_members_redirect_to']); } if (isset($_POST['wpac_show_in_search'])) { update_post_meta($post_id, '_wpac_show_in_search', 1); } else { update_post_meta($post_id, '_wpac_show_in_search', 0); } if (isset($_POST['wpac_show_excerpt_in_search'])) { update_post_meta($post_id, '_wpac_show_excerpt_in_search', 1); } else { update_post_meta($post_id, '_wpac_show_excerpt_in_search', 0); } if (isset($_POST['wpac_nonmembers_redirect_to'])) { update_post_meta($post_id, '_wpac_nonmembers_redirect_to', $_POST['wpac_nonmembers_redirect_to']); } if (isset($_POST['pass_to_children']) && $_POST['pass_to_children'] == 'true') { update_post_meta($post_id, '_wpac_pass_to_children', 'true'); $original_id = $post_id; $is_revision = wp_is_post_revision($original_id); if ($is_revision) { $original_id = $is_revision; } $children = get_pages(array('child_of' => $original_id)); foreach ($children as $child) { WordPressAccessControl::save_postdata($child->ID); } } else { delete_post_meta($post_id, '_wpac_pass_to_children'); } return $post_id; }
/** * Recursively removes any child nav menu item that the user doesn't have the * correct permission to view. * * @param integer $id * @param array $children */ protected function filter_children($id, &$children_elements) { if (isset($children_elements[$id])) { foreach ($children_elements[$id] as $index => $element) { // If it's a nav menu item, check permissions against the post/page that the // nav menu item points to, otherwise check the element itself. if (isset($element->post_type) && $element->post_type == 'nav_menu_item') { $object_id = $element->object_id; } else { $object_id = $element->{$this->db_fields['id']}; } // Make sure the page isn't an orphan (e.g. this is a page walker and the // element was a child of a members only page that got removed, so we // shouldn't show it) if (WordPressAccessControl::check_conditions($object_id) || get_option('wpac_show_in_menus', 'with_access') == 'always') { if (in_array($element->{$this->db_fields['parent']}, $this->track_ids) || $element->{$this->db_fields['parent']} == 0) { $this->track_ids[] = $element->{$this->db_fields['id']}; $this->filter_children($element->{$this->db_fields['id']}, $children_elements); } else { $this->truncate_children($element->{$this->db_fields['id']}, $children_elements); unset($children_elements[$id][$index]); } } else { $this->truncate_children($element->{$this->db_fields['id']}, $children_elements); unset($children_elements[$id][$index]); } } } }