/**
* Saves our custom meta data for the post being saved
*
* @since WordPress Access Control 2.0
* @author Brandon Wamboldt <*****@*****.**>
*/
public static function save_postdata($post_id)
{
// Security check
if (!isset($_POST['members_only_nonce'])) {
return $post_id;
}
if (!wp_verify_nonce($_POST['members_only_nonce'], 'members_only')) {
return $post_id;
}
// Meta data isn't transmitted during autosaves so don't do anything
if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) {
return $post_id;
}
if (isset($_POST['members_only']) && $_POST['members_only'] == 'true') {
update_post_meta($post_id, '_wpac_is_members_only', 'true');
if (isset($_POST['wpac_restricted_to']) && !empty($_POST['wpac_restricted_to'])) {
update_post_meta($post_id, '_wpac_restricted_to', serialize($_POST['wpac_restricted_to']));
} else {
delete_post_meta($post_id, '_wpac_restricted_to');
}
} else {
delete_post_meta($post_id, '_wpac_is_members_only');
}
if (isset($_POST['nonmembers_only']) && $_POST['nonmembers_only'] == 'true') {
update_post_meta($post_id, '_wpac_is_nonmembers_only', 'true');
} else {
delete_post_meta($post_id, '_wpac_is_nonmembers_only');
}
if (isset($_POST['wpac_members_redirect_to'])) {
update_post_meta($post_id, '_wpac_members_redirect_to', $_POST['wpac_members_redirect_to']);
}
if (isset($_POST['wpac_show_in_search'])) {
update_post_meta($post_id, '_wpac_show_in_search', 1);
} else {
update_post_meta($post_id, '_wpac_show_in_search', 0);
}
if (isset($_POST['wpac_show_excerpt_in_search'])) {
update_post_meta($post_id, '_wpac_show_excerpt_in_search', 1);
} else {
update_post_meta($post_id, '_wpac_show_excerpt_in_search', 0);
}
if (isset($_POST['wpac_nonmembers_redirect_to'])) {
update_post_meta($post_id, '_wpac_nonmembers_redirect_to', $_POST['wpac_nonmembers_redirect_to']);
}
if (isset($_POST['pass_to_children']) && $_POST['pass_to_children'] == 'true') {
update_post_meta($post_id, '_wpac_pass_to_children', 'true');
$original_id = $post_id;
$is_revision = wp_is_post_revision($original_id);
if ($is_revision) {
$original_id = $is_revision;
}
$children = get_pages(array('child_of' => $original_id));
foreach ($children as $child) {
WordPressAccessControl::save_postdata($child->ID);
}
} else {
delete_post_meta($post_id, '_wpac_pass_to_children');
}
return $post_id;
}
/**
* Recursively removes any child nav menu item that the user doesn't have the
* correct permission to view.
*
* @param integer $id
* @param array $children
*/
protected function filter_children($id, &$children_elements)
{
if (isset($children_elements[$id])) {
foreach ($children_elements[$id] as $index => $element) {
// If it's a nav menu item, check permissions against the post/page that the
// nav menu item points to, otherwise check the element itself.
if (isset($element->post_type) && $element->post_type == 'nav_menu_item') {
$object_id = $element->object_id;
} else {
$object_id = $element->{$this->db_fields['id']};
}
// Make sure the page isn't an orphan (e.g. this is a page walker and the
// element was a child of a members only page that got removed, so we
// shouldn't show it)
if (WordPressAccessControl::check_conditions($object_id) || get_option('wpac_show_in_menus', 'with_access') == 'always') {
if (in_array($element->{$this->db_fields['parent']}, $this->track_ids) || $element->{$this->db_fields['parent']} == 0) {
$this->track_ids[] = $element->{$this->db_fields['id']};
$this->filter_children($element->{$this->db_fields['id']}, $children_elements);
} else {
$this->truncate_children($element->{$this->db_fields['id']}, $children_elements);
unset($children_elements[$id][$index]);
}
} else {
$this->truncate_children($element->{$this->db_fields['id']}, $children_elements);
unset($children_elements[$id][$index]);
}
}
}
}
