/**
* Create needed capabilities on plugin activation.
* Must be called explicitly or hooked into activation.
*/
public static function activate()
{
if (!Groups_Capability::read_by_capability(self::READ_POST_CAPABILITY)) {
Groups_Capability::create(array("capability" => self::READ_POST_CAPABILITY));
// default read caps
Groups_Options::update_option(Groups_Post_Access::READ_POST_CAPABILITIES, array(Groups_Post_Access::READ_POST_CAPABILITY));
// for translation
// @see self::READ_POST_CAPABILITY_NAME
__("Read Post", GROUPS_PLUGIN_DOMAIN);
}
}
function groups_network_admin_options()
{
if (!current_user_can(GROUPS_ADMINISTER_OPTIONS)) {
wp_die(__('Access denied.', GROUPS_PLUGIN_DOMAIN));
}
echo '<div>' . '<h2>' . __('Groups network options', GROUPS_PLUGIN_DOMAIN) . '</h2>' . '</div>';
// handle options form submission
if (isset($_POST['submit'])) {
if (wp_verify_nonce($_POST[GROUPS_ADMIN_OPTIONS_NONCE], 'admin')) {
// delete data
if (!empty($_POST['delete-data'])) {
Groups_Options::update_option('groups_network_delete_data', true);
} else {
Groups_Options::update_option('groups_network_delete_data', false);
}
}
}
$delete_data = Groups_Options::get_option('groups_network_delete_data', false);
// options form
echo '<form action="" name="options" method="post">' . '<div>' . '<h3>' . __('Network deactivation and data persistence', GROUPS_PLUGIN_DOMAIN) . '</h3>' . '<p>' . '<input name="delete-data" type="checkbox" ' . ($delete_data ? 'checked="checked"' : '') . '/>' . '<label for="delete-data">' . __('Delete all Groups plugin data for ALL sites on network deactivation', GROUPS_PLUGIN_DOMAIN) . '</label>' . '</p>' . '<p class="description warning">' . __('CAUTION: If this option is active while the plugin is deactivated, ALL plugin settings and data will be DELETED for <strong>all sites</strong>. If you are going to use this option, now would be a good time to make a backup. By enabling this option you agree to be solely responsible for any loss of data or any other consequences thereof.', GROUPS_PLUGIN_DOMAIN) . '</p>' . '<p>' . wp_nonce_field('admin', GROUPS_ADMIN_OPTIONS_NONCE, true, false) . '<input type="submit" name="submit" value="' . __('Save', GROUPS_PLUGIN_DOMAIN) . '"/>' . '</p>' . '</div>' . '</form>';
Groups_Help::footer();
}
/**
* Admin settings.
*/
public static function settings()
{
if (!current_user_can('manage_options')) {
wp_die(__('Access denied.', GROUPS_404_REDIRECT_PLUGIN_DOMAIN));
}
if (!self::groups_is_active()) {
echo '<p>';
echo __('Please install and activate <a href="http://wordpress.org/extend/plugins/groups/">Groups</a> to use this plugin.', GROUPS_404_REDIRECT_PLUGIN_DOMAIN);
echo '</p>';
return;
}
$http_status_codes = array('301' => __('Moved Permanently', GROUPS_404_REDIRECT_PLUGIN_DOMAIN), '302' => __('Found', GROUPS_404_REDIRECT_PLUGIN_DOMAIN), '303' => __('See Other', GROUPS_404_REDIRECT_PLUGIN_DOMAIN), '307' => __('Temporary Redirect', GROUPS_404_REDIRECT_PLUGIN_DOMAIN));
if (isset($_POST['action']) && $_POST['action'] == 'save' && wp_verify_nonce($_POST['groups-404-redirect'], 'admin')) {
$redirect_to = 'post';
if (!empty($_POST['redirect_to'])) {
switch ($_POST['redirect_to']) {
case 'post':
case 'login':
Groups_Options::update_option('groups-404-redirect-to', $_POST['redirect_to']);
break;
}
}
if (!empty($_POST['post_id'])) {
Groups_Options::update_option('groups-404-redirect-post-id', intval($_POST['post_id']));
} else {
Groups_Options::delete_option('groups-404-redirect-post-id');
}
Groups_Options::update_option('groups-404-redirect-restricted-terms', !empty($_POST['redirect_restricted_terms']));
if (key_exists($_POST['status'], $http_status_codes)) {
Groups_Options::update_option('groups-404-redirect-status', $_POST['status']);
}
echo '<p class="info">' . __('The settings have been saved.', GROUPS_404_REDIRECT_PLUGIN_DOMAIN) . '</p>';
}
$redirect_to = Groups_Options::get_option('groups-404-redirect-to', 'post');
$post_id = Groups_Options::get_option('groups-404-redirect-post-id', '');
$redirect_status = Groups_Options::get_option('groups-404-redirect-status', '301');
$redirect_restricted_terms = Groups_Options::get_option('groups-404-redirect-restricted-terms', false);
echo '<h1>';
echo __('Groups 404 Redirect', GROUPS_404_REDIRECT_PLUGIN_DOMAIN);
echo '</h1>';
echo '<p>';
echo __('Redirect settings when a visitor tries to access a page protected by Groups.', GROUPS_404_REDIRECT_PLUGIN_DOMAIN);
echo '</p>';
echo '<div class="settings">';
echo '<form name="settings" method="post" action="">';
echo '<div>';
echo '<label>';
echo sprintf('<input type="radio" name="redirect_to" value="post" %s />', $redirect_to == 'post' ? ' checked="checked" ' : '');
echo ' ';
echo __('Redirect to a page or post', GROUPS_404_REDIRECT_PLUGIN_DOMAIN);
echo '</label>';
echo '<div style="margin: 1em 0 0 2em">';
echo '<label>';
echo __('Page or Post ID', GROUPS_404_REDIRECT_PLUGIN_DOMAIN);
echo ' ';
echo sprintf('<input type="text" name="post_id" value="%s" />', $post_id);
echo '</label>';
if (!empty($post_id)) {
$post_title = get_the_title($post_id);
echo '<p>';
echo sprintf(__('Title: <em>%s</em>', GROUPS_404_REDIRECT_PLUGIN_DOMAIN), $post_title);
echo '</p>';
}
echo '<p class="description">';
echo __('Indicate the ID of a page or a post to redirect to, leave it empty to redirect to the home page.', GROUPS_404_REDIRECT_PLUGIN_DOMAIN);
echo '<br/>';
echo __('The title of the page will be shown if a valid ID has been given.', GROUPS_404_REDIRECT_PLUGIN_DOMAIN);
echo '</p>';
echo '<p class="description">';
echo __('If the <strong>Redirect to the WordPress login</strong> option is chosen instead, visitors who are logged in but may not access a requested page, can be redirected to a specific page by setting the Page or Post ID here.', GROUPS_404_REDIRECT_PLUGIN_DOMAIN);
echo '</p>';
echo '</div>';
echo '<br/>';
echo '<label>';
echo sprintf('<input type="radio" name="redirect_to" value="login" %s />', $redirect_to == 'login' ? ' checked="checked" ' : '');
echo ' ';
echo __('Redirect to the WordPress login', GROUPS_404_REDIRECT_PLUGIN_DOMAIN);
echo '</label>';
echo '<div style="margin: 1em 0 0 2em">';
echo '<p class="description">';
echo __('If the visitor is logged in but is not allowed to access the requested page, the visitor will be taken to the home page, or, if a Page or Post ID is set, to the page indicated above.', GROUPS_404_REDIRECT_PLUGIN_DOMAIN);
echo '</p>';
echo '</div>';
echo '<br/>';
echo '<label>';
echo sprintf('<input type="checkbox" name="redirect_restricted_terms" %s />', $redirect_restricted_terms ? ' checked="checked" ' : '');
echo ' ';
echo __('Redirect restricted categories, tags and taxonomy terms …', GROUPS_404_REDIRECT_PLUGIN_DOMAIN);
echo '</label>';
echo '<div style="margin: 1em 0 0 2em">';
echo '<p class="description">';
echo __('If the visitor is not allowed to access the requested taxonomy term, including restricted categories and tags, the visitor will be redirected as indicated above.', GROUPS_404_REDIRECT_PLUGIN_DOMAIN);
echo '</p>';
echo '<p class="description">';
echo __('This option will only take effect if <a href="http://www.itthinx.com/shop/groups-restrict-categories/">Groups Restrict Categories</a> is used.', GROUPS_404_REDIRECT_PLUGIN_DOMAIN);
echo '</p>';
echo '</div>';
echo '<br/>';
echo '<p style="border-top:1px solid #eee; margin-top:1em; padding-top: 1em;">' . '<label>' . __('Redirect Status Code', GROUPS_404_REDIRECT_PLUGIN_DOMAIN) . ' ' . '<select name="status">';
foreach ($http_status_codes as $code => $name) {
echo '<option value="' . esc_attr($code) . '" ' . ($redirect_status == $code ? ' selected="selected" ' : '') . '>' . $name . ' (' . $code . ')' . '</option>';
}
echo '</select>' . '</label>' . '</p>';
echo '<p class="description">';
echo __('<a href="http://www.w3.org/Protocols/rfc2616/rfc2616.html">RFC 2616</a> provides details on <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html">Status Code Definitions</a>.', GROUPS_404_REDIRECT_PLUGIN_DOMAIN);
echo '</p>';
wp_nonce_field('admin', 'groups-404-redirect', true, true);
echo '<br/>';
echo '<div class="buttons">';
echo sprintf('<input class="create button" type="submit" name="submit" value="%s" />', __('Save', GROUPS_404_REDIRECT_PLUGIN_DOMAIN));
echo '<input type="hidden" name="action" value="save" />';
echo '</div>';
echo '</div>';
echo '</form>';
echo '</div>';
}
/**
* Update maintenance.
*/
public static function update($previous_version)
{
global $wpdb, $groups_admin_messages;
$result = true;
$queries = array();
switch ($previous_version) {
case '1.0.0':
$capability_table = _groups_get_tablename('capability');
if ($wpdb->get_var("SHOW TABLES LIKE '{$capability_table}'") == $capability_table) {
// increase column sizes
$queries[] = "ALTER TABLE {$capability_table} MODIFY capability VARCHAR(255) UNIQUE NOT NULL;";
$queries[] = "ALTER TABLE {$capability_table} MODIFY class VARCHAR(255) DEFAULT NULL;";
$queries[] = "ALTER TABLE {$capability_table} MODIFY object VARCHAR(255) DEFAULT NULL;";
// correct capabilities
$queries[] = "UPDATE {$capability_table} SET capability='delete_published_pages' WHERE capability='delete_published_pag';";
$queries[] = "UPDATE {$capability_table} SET capability='delete_published_posts' WHERE capability='delete_published_pos';";
// fix hideously big index
$queries[] = "ALTER TABLE {$capability_table} DROP INDEX capability_kco;";
$queries[] = "ALTER TABLE {$capability_table} ADD INDEX capability_kco (capability(20),class(20),object(20));";
}
break;
case '1.0.0-beta-3d':
$capability_table = _groups_get_tablename('capability');
if ($wpdb->get_var("SHOW TABLES LIKE '{$capability_table}'") == $capability_table) {
// increase column sizes
$queries[] = "ALTER TABLE {$capability_table} MODIFY capability VARCHAR(255) UNIQUE NOT NULL;";
$queries[] = "ALTER TABLE {$capability_table} MODIFY class VARCHAR(255) DEFAULT NULL;";
$queries[] = "ALTER TABLE {$capability_table} MODIFY object VARCHAR(255) DEFAULT NULL;";
// correct capabilities
$queries[] = "UPDATE {$capability_table} SET capability='delete_published_pages' WHERE capability='delete_published_pag';";
$queries[] = "UPDATE {$capability_table} SET capability='delete_published_posts' WHERE capability='delete_published_pos';";
}
break;
default:
if (!empty($previous_version)) {
if (strcmp($previous_version, '1.1.6') < 0) {
Groups_Options::update_option(Groups_Post_Access::READ_POST_CAPABILITIES, array(Groups_Post_Access::READ_POST_CAPABILITY));
$wpdb->query($wpdb->prepare("UPDATE {$wpdb->postmeta} SET meta_value = %s WHERE meta_key = %s", Groups_Post_Access::READ_POST_CAPABILITY, Groups_Post_Access::POSTMETA_PREFIX . Groups_Post_Access::READ_POST_CAPABILITY));
}
if (strcmp($previous_version, '1.5.1') < 0) {
$capability_table = _groups_get_tablename('capability');
$queries[] = "ALTER TABLE {$capability_table} DROP INDEX capability, ADD UNIQUE INDEX capability(capability(100));";
}
}
}
// switch
foreach ($queries as $query) {
if ($wpdb->query($query) === false) {
$result = false;
}
}
return $result;
}
/**
* Save capability options.
*
* @param int $post_id
* @param mixed $post post data (not used here)
*/
public static function save_post($post_id = null, $post = null)
{
if (defined("DOING_AUTOSAVE") && DOING_AUTOSAVE) {
} else {
$post_type = get_post_type($post_id);
$post_type_object = get_post_type_object($post_type);
if ($post_type_object && $post_type != 'attachment') {
$post_types_option = Groups_Options::get_option(Groups_Post_Access::POST_TYPES, array());
if (!isset($post_types_option[$post_type]['add_meta_box']) || $post_types_option[$post_type]['add_meta_box']) {
if (isset($_POST[self::NONCE]) && wp_verify_nonce($_POST[self::NONCE], self::SET_CAPABILITY)) {
$post_type = isset($_POST["post_type"]) ? $_POST["post_type"] : null;
if ($post_type !== null) {
// See http://codex.wordpress.org/Function_Reference/current_user_can 20130119 WP 3.5
// "... Some capability checks (like 'edit_post' or 'delete_page') require this [the post ID] be provided."
// If the post ID is not provided, it will throw:
// PHP Notice: Undefined offset: 0 in /var/www/groups-forums/wp-includes/capabilities.php on line 1067
$edit_post_type = 'edit_' . $post_type;
if ($post_type_object = get_post_type_object($post_type)) {
if (!isset($post_type_object->capabilities)) {
// get_post_type_capabilities() (WP 3.8) will throw a warning
// when trying to merge the missing property otherwise. It's either a
// bug or the function's documentation should make it clear that you
// have to provide that.
$post_type_object->capabilities = array();
}
$caps_object = get_post_type_capabilities($post_type_object);
if (isset($caps_object->edit_post)) {
$edit_post_type = $caps_object->edit_post;
}
}
if (current_user_can($edit_post_type, $post_id)) {
// quick-create ?
if (current_user_can(GROUPS_ADMINISTER_GROUPS)) {
if (!empty($_POST['quick-group-capability'])) {
$creator_id = get_current_user_id();
$datetime = date('Y-m-d H:i:s', time());
$name = ucfirst(strtolower(trim($_POST['quick-group-capability'])));
if (strlen($name) > 0) {
// create or obtain the group
if ($group = Groups_Group::read_by_name($name)) {
} else {
if ($group_id = Groups_Group::create(compact('creator_id', 'datetime', 'name'))) {
$group = Groups_Group::read($group_id);
}
}
// create or obtain the capability
$name = strtolower($name);
if ($capability = Groups_Capability::read_by_capability($name)) {
} else {
if ($capability_id = Groups_Capability::create(array('capability' => $name))) {
$capability = Groups_Capability::read($capability_id);
}
}
if ($group && $capability) {
// add the capability to the group
if (!Groups_Group_Capability::read($group->group_id, $capability->capability_id)) {
Groups_Group_Capability::create(array('group_id' => $group->group_id, 'capability_id' => $capability->capability_id));
}
// enable the capability for access restriction
$valid_read_caps = Groups_Options::get_option(Groups_Post_Access::READ_POST_CAPABILITIES, array(Groups_Post_Access::READ_POST_CAPABILITY));
if (!in_array($capability->capability, $valid_read_caps)) {
$valid_read_caps[] = $capability->capability;
}
Groups_Options::update_option(Groups_Post_Access::READ_POST_CAPABILITIES, $valid_read_caps);
// add the current user to the group
Groups_User_Group::create(array('user_id' => get_current_user_id(), 'group_id' => $group->group_id));
// put the capability ID in $_POST[self::CAPABILITY] so it is treated below
if (empty($_POST[self::CAPABILITY])) {
$_POST[self::CAPABILITY] = array();
}
if (!in_array($capability->capability_id, $_POST[self::CAPABILITY])) {
$_POST[self::CAPABILITY][] = $capability->capability_id;
}
}
}
}
}
// set
if (self::user_can_restrict()) {
$valid_read_caps = self::get_valid_read_caps_for_user();
foreach ($valid_read_caps as $valid_read_cap) {
if ($capability = Groups_Capability::read_by_capability($valid_read_cap)) {
if (!empty($_POST[self::CAPABILITY]) && is_array($_POST[self::CAPABILITY]) && in_array($capability->capability_id, $_POST[self::CAPABILITY])) {
Groups_Post_Access::create(array('post_id' => $post_id, 'capability' => $capability->capability));
} else {
Groups_Post_Access::delete($post_id, $capability->capability);
}
}
}
}
// show groups
Groups_Options::update_user_option(self::SHOW_GROUPS, !empty($_POST[self::SHOW_GROUPS]));
}
}
}
}
}
}
}
